Publicité
Publicité
Format du document : text/plain
Prévisualisation
~ ZHPCleaner v2015.3.12.117 by Nicolas Coolman (12/03/2015)
~ Run by dimthehot (Administrator) (13/03/2015 18:56:44)
~ Forum : http://forum.nicolascoolman.fr
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Version OK
~ Type : Repair
~ Report : C:\Users\dimthehot\Desktop\ZHPCleaner.txt
~ Quarantine : C:\Users\dimthehot\AppData\Roaming\ZHP\ZHPCleaner_Quarantine.txt
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
~ Windows 7, 64-bit Service Pack 1 (Build 7601)
---\\ Services (0)
~ No malicious items found.
---\\ Browser internet (18)
MOVED file: C:\Users\dimthehot\Desktop\Torntv Downloader.lnk [Bad : C:\Users\dimthehot\AppData\Roaming\TornTV.com\Torntv Downloader.exe] (Hijacker.TornTV)
REPLACED Quicklaunch: C:\Users\dimthehot\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk [Bad : http://www.omniboxes.com/?type=sc&ts=1425995460&from=obw&uid=WDCXWD10EZEX-08M2NA0_WD-WCC3F1LY1783Y1783] (Hijacker.Browser)
REPLACED Quicklaunch: C:\Users\dimthehot\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk [Bad : http://www.omniboxes.com/?type=sc&ts=1425995460&from=obw&uid=WDCXWD10EZEX-08M2NA0_WD-WCC3F1LY1783Y1783] (Hijacker.Browser)
REPLACED TaskBar: C:\Users\dimthehot\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk [Bad : http://www.omniboxes.com/?type=sc&ts=1425995460&from=obw&uid=WDCXWD10EZEX-08M2NA0_WD-WCC3F1LY1783Y1783] (Hijacker.Browser)
REPLACED TaskBar: C:\Users\dimthehot\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk [Bad : http://www.omniboxes.com/?type=sc&ts=1425995460&from=obw&uid=WDCXWD10EZEX-08M2NA0_WD-WCC3F1LY1783Y1783] (Hijacker.Browser)
REPLACED Desktop: C:\Users\Public\Desktop\Google Chrome.lnk [Bad : http://www.omniboxes.com/?type=sc&ts=1425995460&from=obw&uid=WDCXWD10EZEX-08M2NA0_WD-WCC3F1LY1783Y1783] (Hijacker.Browser)
REPLACED SystemTools: C:\Users\dimthehot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk [Bad : http://www.omniboxes.com/?type=sc&ts=1425995460&from=obw&uid=WDCXWD10EZEX-08M2NA0_WD-WCC3F1LY1783Y1783] (Hijacker.Browser)
REPLACED Programs: C:\Users\dimthehot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk [Bad : http://www.omniboxes.com/?type=sc&ts=1425995460&from=obw&uid=WDCXWD10EZEX-08M2NA0_WD-WCC3F1LY1783Y1783] (Hijacker.Browser)
REPLACED IE Params: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL [hxxp://www.omniboxes.com/?type=hp&ts=1425995460&from=obw&uid=WDCXWD10EZEX-08M2NA[...]] (PUP.Omniboxes)
REPLACED IE Params: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page [hxxp://www.omniboxes.com/?type=hp&ts=1425995460&from=obw&uid=WDCXWD10EZEX-08M2NA[...]] (PUP.Omniboxes)
REPLACED IE Params: HKLM64\SOFTWARE\Microsoft\Internet Explorer\MAIN\\Default_Page_URL [hxxp://www.omniboxes.com/?type=hp&ts=1425995460&from=obw&uid=WDCXWD10EZEX-08M2NA[...]] (PUP.Omniboxes)
REPLACED IE Params: HKLM64\SOFTWARE\Microsoft\Internet Explorer\MAIN\\Default_Search_URL [hxxp://www.omniboxes.com/web/?type=ds&ts=1425995460&from=obw&uid=WDCXWD10EZEX-08[...]] (PUP.Omniboxes)
REPLACED IE Params: HKLM64\SOFTWARE\Microsoft\Internet Explorer\MAIN\\Start Page [hxxp://www.omniboxes.com/?type=hp&ts=1425995460&from=obw&uid=WDCXWD10EZEX-08M2NA[...]] (PUP.Omniboxes)
REPLACED IE Params: HKLM64\SOFTWARE\Microsoft\Internet Explorer\MAIN\\Search Page [hxxp://www.omniboxes.com/web/?type=ds&ts=1425995460&from=obw&uid=WDCXWD10EZEX-08[...]] (PUP.Omniboxes)
REPLACED IE Params: HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\\Default_Page_URL [hxxp://www.omniboxes.com/?type=hp&ts=1425995460&from=obw&uid=WDCXWD10EZEX-08M2NA[...]] (PUP.Omniboxes)
REPLACED IE Params: HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\\Default_Search_URL [hxxp://www.omniboxes.com/web/?type=ds&ts=1425995460&from=obw&uid=WDCXWD10EZEX-08[...]] (PUP.Omniboxes)
REPLACED IE Params: HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\\Start Page [hxxp://www.omniboxes.com/?type=hp&ts=1425995460&from=obw&uid=WDCXWD10EZEX-08M2NA[...]] (PUP.Omniboxes)
REPLACED IE Params: HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\\Search Page [hxxp://www.omniboxes.com/web/?type=ds&ts=1425995460&from=obw&uid=WDCXWD10EZEX-08[...]] (PUP.Omniboxes)
---\\ Hosts file (1)
~ The hosts file is legitimate (21)
---\\ Scheduled automatic tasks. (0)
~ No malicious items found.
---\\ Explorer ( File, Folder) (21)
MOVED file: C:\Program Files (x86)\CinemaP-1.8cV10.03\bc9992e7-8e91-4f7d-bd38-aacbd2a96583-1-7.exe [Cinema PlusV10.03 - CinemaP-1.8cV10.03 exe] (PUP.CrossRider)
MOVED file: C:\Program Files (x86)\CinemaP-1.8cV10.03\bc9992e7-8e91-4f7d-bd38-aacbd2a96583-10.exe [Cinema PlusV10.03 - CinemaP-1.8cV10.03 exe] (PUP.CrossRider)
MOVED file: C:\Program Files (x86)\CinemaP-1.8cV10.03\bc9992e7-8e91-4f7d-bd38-aacbd2a96583-5.exe [Cinema PlusV10.03 - CinemaP-1.8cV10.03 exe] (PUP.CrossRider)
MOVED file: C:\Program Files (x86)\CinemaP-1.8cV10.03\bc9992e7-8e91-4f7d-bd38-aacbd2a96583-6.exe [Cinema PlusV10.03 - CinemaP-1.8cV10.03 exe] (PUP.CrossRider)
MOVED file: C:\Program Files (x86)\CinemaP-1.8cV10.03\bc9992e7-8e91-4f7d-bd38-aacbd2a96583-64.exe [Cinema PlusV10.03 - CinemaP-1.8cV10.03 exe] (PUP.CrossRider)
MOVED file: C:\Program Files (x86)\CinemaP-1.8cV10.03\bc9992e7-8e91-4f7d-bd38-aacbd2a96583-7.exe [Cinema PlusV10.03 - CinemaP-1.8cV10.03 exe] (PUP.CrossRider)
MOVED file: C:\Program Files (x86)\77950a88-4e7f-46ab-b1a0-9e27ef3d1d53\1158c947-44bd-4161-8ff2-188caa37e973.dll [ - ] (PUP.CrossRider)
MOVED file: C:\Program Files (x86)\77950a88-4e7f-46ab-b1a0-9e27ef3d1d53\1c656b52-6b5c-4315-8b49-07b739e41393.dll [ - ] (PUP.CrossRider)
MOVED folder: C:\Program Files (x86)\77950a88-4e7f-46ab-b1a0-9e27ef3d1d53 (PUP.CrossRider)
MOVED file: C:\ProgramData\15651002628008033613\cd5b15e575e1c3d05a7a6c0969dbf9f5.ini [ - ] (PUP.CrossRider)
MOVED folder: C:\ProgramData\15651002628008033613 (PUP.CrossRider)
MOVED file: C:\Users\DIMTHE~1\AppData\Local\Temp\comh.463393\goopdate.dll [globalUpdate - globalUpdate Update] (PUP.GlobalUpdate)
MOVED file: C:\Users\DIMTHE~1\AppData\Local\Temp\comh.463393\goopdateres_en.dll [globalUpdate - globalUpdate Update Resource DLL] (PUP.GlobalUpdate)
MOVED file: C:\Users\DIMTHE~1\AppData\Local\Temp\comh.463393\npGoogleUpdate4.dll [globalUpdate - globalUpdate Update] (PUP.GlobalUpdate)
MOVED file: C:\Users\DIMTHE~1\AppData\Local\Temp\comh.463393\psmachine.dll [globalUpdate - globalUpdate Update] (PUP.GlobalUpdate)
MOVED file: C:\Users\DIMTHE~1\AppData\Local\Temp\comh.463393\psuser.dll [globalUpdate - globalUpdate Update] (PUP.GlobalUpdate)
MOVED file: C:\Users\DIMTHE~1\AppData\Local\Temp\~dlE1F5\lxwsh\tmp\wpm_v20.0.0.1953_0302.exe [SysTool PasSame LIMITED - Windows SysTool Service] (PUP.Fuyu)
MOVED file: C:\Users\DIMTHE~1\AppData\Local\Temp\comh.463393\GoogleCrashHandler.exe [globalUpdate - globalUpdate Update] (PUP.GlobalUpdate)
MOVED file: C:\Users\DIMTHE~1\AppData\Local\Temp\comh.463393\GoogleUpdate.exe [globalUpdate - globalUpdate Update] (PUP.GlobalUpdate)
MOVED file: C:\Users\DIMTHE~1\AppData\Local\Temp\comh.463393\GoogleUpdateBroker.exe [globalUpdate - globalUpdate Update] (PUP.GlobalUpdate)
MOVED file: C:\Users\DIMTHE~1\AppData\Local\Temp\comh.463393\GoogleUpdateOnDemand.exe [globalUpdate - globalUpdate Update] (PUP.GlobalUpdate)
---\\ Registry ( Key, Value, Data) (10)
DELETED key: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} [http://www.omniboxes.com/web/?type=ds&ts=1425995460&from=obw&uid=WDCXWD10EZEX-08M2NA0_WD-WCC3F1LY178[...]] [omniboxes] (PUP.Omniboxes)
DELETED key*: HKCU\Software\CinemaP-1.8cV10.03-nv [] (Heuristic.CrossRider)
DELETED key*: HKCU\Software\CinemaP-1.8cV10.03-nv-ie [] (Heuristic.CrossRider)
DELETED key*: HKLM\SOFTWARE\Wow6432Node\5dc62bb6-71d8-4cc6-b109-b59215c62029 [] (PUP.CrossRider)
DELETED key*: HKLM\SOFTWARE\Wow6432Node\ef85dc9f-866e-801d-1db2-20d96886e8b3 [] (PUP.CrossRider)
DELETED key*: HKLM\SOFTWARE\Wow6432Node\CinemaP-1.8cV10.03-nv [] (Heuristic.CrossRider)
DELETED key*: HKLM\SOFTWARE\Wow6432Node\CinemaP-1.8cV10.03-nv-ie [] (Heuristic.CrossRider)
DELETED key*: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\inst.shoppingate.info [1278341] (PUP.ShoppinGate)
DELETED key*: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\shoppingate.info [] (PUP.ShoppinGate)
DELETED key*: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\static.boostsaves.com [678] (PUP.BoostSaves)
---\\ Result of repair
~ Repair carried out successfully
~ Browser not found (Mozilla Firefox)
~ Browser not found (Opera Software)
---\\ Statistics
~ Items scanned : 65038
~ Items found : 0
~ Items repaired : 46
End of clean at 19:00:03
===================
ZHPCleaner-[R]-12022015-12_04_13.txt
ZHPCleaner-[R]-13032015-19_00_03.txt
ZHPCleaner-[S]-10032015-14_57_36.txt
ZHPCleaner-[S]-12022015-12_01_32.txt
ZHPCleaner-[S]-13032015-18_55_28.txt
ZHPCleaner-[S]-19022015-17_44_50.txt
~ Run by dimthehot (Administrator) (13/03/2015 18:56:44)
~ Forum : http://forum.nicolascoolman.fr
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Version OK
~ Type : Repair
~ Report : C:\Users\dimthehot\Desktop\ZHPCleaner.txt
~ Quarantine : C:\Users\dimthehot\AppData\Roaming\ZHP\ZHPCleaner_Quarantine.txt
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
~ Windows 7, 64-bit Service Pack 1 (Build 7601)
---\\ Services (0)
~ No malicious items found.
---\\ Browser internet (18)
MOVED file: C:\Users\dimthehot\Desktop\Torntv Downloader.lnk [Bad : C:\Users\dimthehot\AppData\Roaming\TornTV.com\Torntv Downloader.exe] (Hijacker.TornTV)
REPLACED Quicklaunch: C:\Users\dimthehot\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk [Bad : http://www.omniboxes.com/?type=sc&ts=1425995460&from=obw&uid=WDCXWD10EZEX-08M2NA0_WD-WCC3F1LY1783Y1783] (Hijacker.Browser)
REPLACED Quicklaunch: C:\Users\dimthehot\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk [Bad : http://www.omniboxes.com/?type=sc&ts=1425995460&from=obw&uid=WDCXWD10EZEX-08M2NA0_WD-WCC3F1LY1783Y1783] (Hijacker.Browser)
REPLACED TaskBar: C:\Users\dimthehot\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk [Bad : http://www.omniboxes.com/?type=sc&ts=1425995460&from=obw&uid=WDCXWD10EZEX-08M2NA0_WD-WCC3F1LY1783Y1783] (Hijacker.Browser)
REPLACED TaskBar: C:\Users\dimthehot\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk [Bad : http://www.omniboxes.com/?type=sc&ts=1425995460&from=obw&uid=WDCXWD10EZEX-08M2NA0_WD-WCC3F1LY1783Y1783] (Hijacker.Browser)
REPLACED Desktop: C:\Users\Public\Desktop\Google Chrome.lnk [Bad : http://www.omniboxes.com/?type=sc&ts=1425995460&from=obw&uid=WDCXWD10EZEX-08M2NA0_WD-WCC3F1LY1783Y1783] (Hijacker.Browser)
REPLACED SystemTools: C:\Users\dimthehot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk [Bad : http://www.omniboxes.com/?type=sc&ts=1425995460&from=obw&uid=WDCXWD10EZEX-08M2NA0_WD-WCC3F1LY1783Y1783] (Hijacker.Browser)
REPLACED Programs: C:\Users\dimthehot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk [Bad : http://www.omniboxes.com/?type=sc&ts=1425995460&from=obw&uid=WDCXWD10EZEX-08M2NA0_WD-WCC3F1LY1783Y1783] (Hijacker.Browser)
REPLACED IE Params: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL [hxxp://www.omniboxes.com/?type=hp&ts=1425995460&from=obw&uid=WDCXWD10EZEX-08M2NA[...]] (PUP.Omniboxes)
REPLACED IE Params: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page [hxxp://www.omniboxes.com/?type=hp&ts=1425995460&from=obw&uid=WDCXWD10EZEX-08M2NA[...]] (PUP.Omniboxes)
REPLACED IE Params: HKLM64\SOFTWARE\Microsoft\Internet Explorer\MAIN\\Default_Page_URL [hxxp://www.omniboxes.com/?type=hp&ts=1425995460&from=obw&uid=WDCXWD10EZEX-08M2NA[...]] (PUP.Omniboxes)
REPLACED IE Params: HKLM64\SOFTWARE\Microsoft\Internet Explorer\MAIN\\Default_Search_URL [hxxp://www.omniboxes.com/web/?type=ds&ts=1425995460&from=obw&uid=WDCXWD10EZEX-08[...]] (PUP.Omniboxes)
REPLACED IE Params: HKLM64\SOFTWARE\Microsoft\Internet Explorer\MAIN\\Start Page [hxxp://www.omniboxes.com/?type=hp&ts=1425995460&from=obw&uid=WDCXWD10EZEX-08M2NA[...]] (PUP.Omniboxes)
REPLACED IE Params: HKLM64\SOFTWARE\Microsoft\Internet Explorer\MAIN\\Search Page [hxxp://www.omniboxes.com/web/?type=ds&ts=1425995460&from=obw&uid=WDCXWD10EZEX-08[...]] (PUP.Omniboxes)
REPLACED IE Params: HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\\Default_Page_URL [hxxp://www.omniboxes.com/?type=hp&ts=1425995460&from=obw&uid=WDCXWD10EZEX-08M2NA[...]] (PUP.Omniboxes)
REPLACED IE Params: HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\\Default_Search_URL [hxxp://www.omniboxes.com/web/?type=ds&ts=1425995460&from=obw&uid=WDCXWD10EZEX-08[...]] (PUP.Omniboxes)
REPLACED IE Params: HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\\Start Page [hxxp://www.omniboxes.com/?type=hp&ts=1425995460&from=obw&uid=WDCXWD10EZEX-08M2NA[...]] (PUP.Omniboxes)
REPLACED IE Params: HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\\Search Page [hxxp://www.omniboxes.com/web/?type=ds&ts=1425995460&from=obw&uid=WDCXWD10EZEX-08[...]] (PUP.Omniboxes)
---\\ Hosts file (1)
~ The hosts file is legitimate (21)
---\\ Scheduled automatic tasks. (0)
~ No malicious items found.
---\\ Explorer ( File, Folder) (21)
MOVED file: C:\Program Files (x86)\CinemaP-1.8cV10.03\bc9992e7-8e91-4f7d-bd38-aacbd2a96583-1-7.exe [Cinema PlusV10.03 - CinemaP-1.8cV10.03 exe] (PUP.CrossRider)
MOVED file: C:\Program Files (x86)\CinemaP-1.8cV10.03\bc9992e7-8e91-4f7d-bd38-aacbd2a96583-10.exe [Cinema PlusV10.03 - CinemaP-1.8cV10.03 exe] (PUP.CrossRider)
MOVED file: C:\Program Files (x86)\CinemaP-1.8cV10.03\bc9992e7-8e91-4f7d-bd38-aacbd2a96583-5.exe [Cinema PlusV10.03 - CinemaP-1.8cV10.03 exe] (PUP.CrossRider)
MOVED file: C:\Program Files (x86)\CinemaP-1.8cV10.03\bc9992e7-8e91-4f7d-bd38-aacbd2a96583-6.exe [Cinema PlusV10.03 - CinemaP-1.8cV10.03 exe] (PUP.CrossRider)
MOVED file: C:\Program Files (x86)\CinemaP-1.8cV10.03\bc9992e7-8e91-4f7d-bd38-aacbd2a96583-64.exe [Cinema PlusV10.03 - CinemaP-1.8cV10.03 exe] (PUP.CrossRider)
MOVED file: C:\Program Files (x86)\CinemaP-1.8cV10.03\bc9992e7-8e91-4f7d-bd38-aacbd2a96583-7.exe [Cinema PlusV10.03 - CinemaP-1.8cV10.03 exe] (PUP.CrossRider)
MOVED file: C:\Program Files (x86)\77950a88-4e7f-46ab-b1a0-9e27ef3d1d53\1158c947-44bd-4161-8ff2-188caa37e973.dll [ - ] (PUP.CrossRider)
MOVED file: C:\Program Files (x86)\77950a88-4e7f-46ab-b1a0-9e27ef3d1d53\1c656b52-6b5c-4315-8b49-07b739e41393.dll [ - ] (PUP.CrossRider)
MOVED folder: C:\Program Files (x86)\77950a88-4e7f-46ab-b1a0-9e27ef3d1d53 (PUP.CrossRider)
MOVED file: C:\ProgramData\15651002628008033613\cd5b15e575e1c3d05a7a6c0969dbf9f5.ini [ - ] (PUP.CrossRider)
MOVED folder: C:\ProgramData\15651002628008033613 (PUP.CrossRider)
MOVED file: C:\Users\DIMTHE~1\AppData\Local\Temp\comh.463393\goopdate.dll [globalUpdate - globalUpdate Update] (PUP.GlobalUpdate)
MOVED file: C:\Users\DIMTHE~1\AppData\Local\Temp\comh.463393\goopdateres_en.dll [globalUpdate - globalUpdate Update Resource DLL] (PUP.GlobalUpdate)
MOVED file: C:\Users\DIMTHE~1\AppData\Local\Temp\comh.463393\npGoogleUpdate4.dll [globalUpdate - globalUpdate Update] (PUP.GlobalUpdate)
MOVED file: C:\Users\DIMTHE~1\AppData\Local\Temp\comh.463393\psmachine.dll [globalUpdate - globalUpdate Update] (PUP.GlobalUpdate)
MOVED file: C:\Users\DIMTHE~1\AppData\Local\Temp\comh.463393\psuser.dll [globalUpdate - globalUpdate Update] (PUP.GlobalUpdate)
MOVED file: C:\Users\DIMTHE~1\AppData\Local\Temp\~dlE1F5\lxwsh\tmp\wpm_v20.0.0.1953_0302.exe [SysTool PasSame LIMITED - Windows SysTool Service] (PUP.Fuyu)
MOVED file: C:\Users\DIMTHE~1\AppData\Local\Temp\comh.463393\GoogleCrashHandler.exe [globalUpdate - globalUpdate Update] (PUP.GlobalUpdate)
MOVED file: C:\Users\DIMTHE~1\AppData\Local\Temp\comh.463393\GoogleUpdate.exe [globalUpdate - globalUpdate Update] (PUP.GlobalUpdate)
MOVED file: C:\Users\DIMTHE~1\AppData\Local\Temp\comh.463393\GoogleUpdateBroker.exe [globalUpdate - globalUpdate Update] (PUP.GlobalUpdate)
MOVED file: C:\Users\DIMTHE~1\AppData\Local\Temp\comh.463393\GoogleUpdateOnDemand.exe [globalUpdate - globalUpdate Update] (PUP.GlobalUpdate)
---\\ Registry ( Key, Value, Data) (10)
DELETED key: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} [http://www.omniboxes.com/web/?type=ds&ts=1425995460&from=obw&uid=WDCXWD10EZEX-08M2NA0_WD-WCC3F1LY178[...]] [omniboxes] (PUP.Omniboxes)
DELETED key*: HKCU\Software\CinemaP-1.8cV10.03-nv [] (Heuristic.CrossRider)
DELETED key*: HKCU\Software\CinemaP-1.8cV10.03-nv-ie [] (Heuristic.CrossRider)
DELETED key*: HKLM\SOFTWARE\Wow6432Node\5dc62bb6-71d8-4cc6-b109-b59215c62029 [] (PUP.CrossRider)
DELETED key*: HKLM\SOFTWARE\Wow6432Node\ef85dc9f-866e-801d-1db2-20d96886e8b3 [] (PUP.CrossRider)
DELETED key*: HKLM\SOFTWARE\Wow6432Node\CinemaP-1.8cV10.03-nv [] (Heuristic.CrossRider)
DELETED key*: HKLM\SOFTWARE\Wow6432Node\CinemaP-1.8cV10.03-nv-ie [] (Heuristic.CrossRider)
DELETED key*: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\inst.shoppingate.info [1278341] (PUP.ShoppinGate)
DELETED key*: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\shoppingate.info [] (PUP.ShoppinGate)
DELETED key*: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\static.boostsaves.com [678] (PUP.BoostSaves)
---\\ Result of repair
~ Repair carried out successfully
~ Browser not found (Mozilla Firefox)
~ Browser not found (Opera Software)
---\\ Statistics
~ Items scanned : 65038
~ Items found : 0
~ Items repaired : 46
End of clean at 19:00:03
===================
ZHPCleaner-[R]-12022015-12_04_13.txt
ZHPCleaner-[R]-13032015-19_00_03.txt
ZHPCleaner-[S]-10032015-14_57_36.txt
ZHPCleaner-[S]-12022015-12_01_32.txt
ZHPCleaner-[S]-13032015-18_55_28.txt
ZHPCleaner-[S]-19022015-17_44_50.txt