~ ZHPCleaner v2016.5.13.66 by Nicolas Coolman (2016/05/13) ~ Run by jmarie (Administrator) (14/05/2016 17:57:24) ~ Site : http://www.nicolascoolman.com ~ Facebook : https://www.facebook.com/nicolascoolman1 ~ State version : ~ Type : Nettoyer ~ Report : C:\Documents and Settings\jmarie\Bureau\ZHPCleaner.txt ~ Quarantine : C:\Documents and Settings\jmarie\Application Data\ZHP\ZHPCleaner_Quarantine.txt ~ UAC : Activate ~ Boot Mode : Normal (Normal boot) Windows XP, 32-bit Service Pack 3 (Build 2600) ---\\ Service. (2) ARRETÉ : sysTPLMonitor.exe =>.Superfluous.sysTPL ARRETÉ : sysTPLService.exe =>.Superfluous.sysTPL ---\\ Navigateur internet. (4) SUPPRIMÉ donnée: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer [Bad : http=127.0.0.1:8877] =>Hijacker.Proxy SUPPRIMÉ donnée: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable [Bad : 1] =>Hijacker.Proxy SUPPRIMÉ donnée: HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings [Bad : Port=8877070000002A2E6C6F6616C00000000000000000000000060814284C6CF010000000000000000000000000100000002000000C0A8010E000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000] =>Hijacker.Proxy SUPPRIMÉ donnée: HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings [Bad : Port=8877070000002A2E6C6F6616C00000000000000000000000060814284C6CF010000000000000000000000000100000002000000C0A8010E000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000] =>Hijacker.Proxy ---\\ Fichier hôte. (12) REMPLACÉ: 130.0.0.20 GAMX gamx # serveur GAMX Aubagne REMPLACÉ: 130.0.0.21 agax AGAX # serveur AGIR Aubagne REMPLACÉ: 130.0.0.22 magx MAGX # serveur MAG2 Aubagne REMPLACÉ: 130.0.1.22 mgef MGEF # serveur MGEF Aubagne REMPLACÉ: 172.16.2.41 PASTEL pastel # serveur PASTEL Unix La Ciotat REMPLACÉ: 172.16.2.42 CROSSWAy crossway # serveur CW Unix La Ciotat REMPLACÉ: 172.16.2.43 LABO labo # serveur INLOG Unix La Ciotat REMPLACÉ: 172.16.1.80 PHARMACIE5 pharmacie5 # serveur DISPORAO5 Linux La Ciotat REMPLACÉ: 172.16.1.10 LCS10 lcs10 # serveur TRACE LINE W2003Server La Ciotat REMPLACÉ: 130.1.0.2 LACIOTAT laciotat # serveur CATHILABO La Ciotat TROUVÉ: 172.16.1.22 SIMORBIS simorbis # serveur orbis pmsi ~ Nombre de redirections trouvées 11/15150 ---\\ Tâche planifiée. (0) ~ Aucun élément malicieux ou superflu trouvé. ---\\ Explorateur ( Dossiers, Fichiers ). (27) DEPLACÉ fichier: C:\Documents and Settings\jmarie\Application Data\Microsoft\Internet Explorer\Quick Launch\RegistryBooster.lnk [Bad : C:\Program Files\Uniblue\RegistryBooster\registrybooster.exe] =>.Superfluous.Uniblue DEPLACÉ fichier: C:\windows\Prefetch\SYSTPLSERVICE.EXE-211499AF.pf =>.Superfluous.sysTPL DEPLACÉ fichier: C:\windows\Installer\{4B74BC31-B353-4B8F-8CBE-DAB4FF326FF1}\default.exe =>.Superfluous.sysTPL DEPLACÉ dossier^: C:\Program Files\sysTPL =>.Superfluous.sysTPL DEPLACÉ dossier: C:\Program Files\Uniblue =>.Superfluous.Uniblue DEPLACÉ dossier: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Uniblue =>.Superfluous.Uniblue DEPLACÉ dossier: C:\Documents and Settings\jmarie\Application Data\systweak =>.Superfluous.Systweak DEPLACÉ dossier: C:\Documents and Settings\jmarie\Application Data\Uniblue =>.Superfluous.Uniblue DEPLACÉ dossier: C:\Program Files\QuickTime =>Riskware.QuickTime DEPLACÉ dossier: C:\Documents and Settings\jmarie\Local Settings\Application Data\IAC =>PUP.Optional.Generic DEPLACÉ dossier: C:\WINDOWS\Installer\MSI24.tmp- =>Empty DEPLACÉ dossier: C:\WINDOWS\Installer\MSI251.tmp- =>Empty DEPLACÉ dossier: C:\WINDOWS\Installer\MSI256.tmp- =>Empty DEPLACÉ dossier: C:\WINDOWS\Installer\MSI259.tmp- =>Empty DEPLACÉ dossier: C:\WINDOWS\Installer\MSI25.tmp- =>Empty DEPLACÉ dossier: C:\WINDOWS\Installer\MSI26.tmp- =>Empty DEPLACÉ dossier: C:\WINDOWS\Installer\MSI27F.tmp- =>Empty DEPLACÉ dossier: C:\WINDOWS\Installer\MSI27.tmp- =>Empty DEPLACÉ dossier: C:\WINDOWS\Installer\MSI28.tmp- =>Empty DEPLACÉ dossier: C:\WINDOWS\Installer\MSI292.tmp- =>Empty DEPLACÉ dossier: C:\WINDOWS\Installer\MSI296.tmp- =>Empty DEPLACÉ dossier: C:\WINDOWS\Installer\MSI299.tmp- =>Empty DEPLACÉ dossier: C:\WINDOWS\Installer\MSI29D.tmp- =>Empty DEPLACÉ dossier: C:\WINDOWS\Installer\MSI2A0.tmp- =>Empty DEPLACÉ dossier: C:\WINDOWS\Installer\MSI2A.tmp- =>Empty DEPLACÉ dossier: C:\WINDOWS\Installer\MSI2B.tmp- =>Empty DEPLACÉ dossier: C:\WINDOWS\Installer\MSI2E.tmp- =>Empty ---\\ Base de Registres ( Clés, Valeurs, Données ). (29) SUPPRIMÉ clé*: HKLM\SYSTEM\CurrentControlSet\Services\sysTPLMonitor.exe [C:\Program Files\sysTPL\sysTPLMonitor.exe (Not File)] =>.Superfluous.sysTPL SUPPRIMÉ clé*: HKLM\SYSTEM\CurrentControlSet\Services\sysTPLService.exe [C:\Program Files\sysTPL\sysTPLService.exe (Not File)] =>.Superfluous.sysTPL SUPPRIMÉ clé*: HKEY_USERS\S-1-5-21-3309714079-3231832298-1253283779-1008\SOFTWARE\sysTPL [] =>.Superfluous.sysTPL SUPPRIMÉ clé: HKCU\Software\sysTPL [] =>.Superfluous.sysTPL SUPPRIMÉ clé*: HKCU\Software\TeleCharger_v2 [] =>.Superfluous.Downloader SUPPRIMÉ clé*: HKLM\SOFTWARE\Classes\d [escrtAx Object] =>PUP.Optional.Generic SUPPRIMÉ clé*: HKLM\SOFTWARE\Classes\protector_dll.protectorbho [Google Toolbar Notifier BHO] =>PUP.Optional.BProtector SUPPRIMÉ clé*: HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1 [Google Toolbar Notifier BHO] =>PUP.Optional.BProtector SUPPRIMÉ clé*: HKLM\SOFTWARE\Classes\protector_dll.Protector [Protector Class] =>PUP.Optional.BProtector SUPPRIMÉ clé*: HKLM\SOFTWARE\Classes\protector_dll.Protector.1 [Protector Class] =>PUP.Optional.BProtector SUPPRIMÉ clé*: HKLM\SOFTWARE\Classes\protector_dll.ProtectorLib [ProtectorLib Class] =>PUP.Optional.BProtector SUPPRIMÉ clé*: HKLM\SOFTWARE\Classes\protector_dll.ProtectorLib.1 [ProtectorLib Class] =>PUP.Optional.BProtector SUPPRIMÉ clé*: HKLM\Software\Classes\Installer\Products\13CB47B4353BF8B4C8EBAD4BFF23F61F [sysTPL] =>.Superfluous.sysTPL SUPPRIMÉ clé*: HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\sysTPLMonitor [] =>.Superfluous.sysTPL SUPPRIMÉ clé*: HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\sysTPLService [] =>.Superfluous.sysTPL SUPPRIMÉ clé*: HKLM\SOFTWARE\Uniblue [] =>.Superfluous.Uniblue SUPPRIMÉ clé*: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\67971DB3-B830-7283-7507-EACC8EC0C23F [Safer-Surf-software] =>PUP.Optional.SaferSurf SUPPRIMÉ clé*: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{5B2C4D32-A7CD-44B0-8619-4ADBE301B2D3} [Spigot, Inc.] =>PUP.Optional.Dealio SUPPRIMÉ clé*: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} [Google Inc.] =>Heuristic.Suspect SUPPRIMÉ clé*: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{E55B3271-7CA8-4D0C-AE06-69A24856E997}_is1 [Uniblue Systems Limited] =>.Superfluous.Uniblue SUPPRIMÉ clé*: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\mbot_fr_52_is1 [] =>PUP.Optional.CrossRider SUPPRIMÉ clé*: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Plus-HD-2.3 [] =>PUP.Optional.CrossRider SUPPRIMÉ clé*: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\RegClean Pro_is1 [] =>PUP.Optional.RegistryPowerCleaner SUPPRIMÉ clé*: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\RightSurf [] =>PUP.Optional.RightSurf SUPPRIMÉ clé*: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0303E50697AD5DF44A3BAE09699E2830 [C:\Program Files\sysTPL\sysTPLMonitor.exe (Not File)] =>.Superfluous.sysTPL SUPPRIMÉ clé*: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0AA7673E656A29240AA109A66456771C [C:\Program Files\sysTPL\sysTPL.exe (Not File)] =>.Superfluous.sysTPL SUPPRIMÉ clé*: HKLM\Software\Classes\Installer\Features\13CB47B4353BF8B4C8EBAD4BFF23F61F [] =>.Superfluous.sysTPL SUPPRIMÉ valeur: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\sysTPL [C:\Program Files\sysTPL\sysTPL.exe] =>.Superfluous.sysTPL SUPPRIMÉ valeur: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\QuickTime Task ["C:\Program Files\QuickTime\qttask.exe" -atboottime] =>Riskware.QuickTime ---\\ Récapitulatif des éléments trouvés sur votre station. (14) http://www.nicolascoolman.fr/?p=5145 =>.Superfluous.sysTPL http://www.nicolascoolman.fr/?p=4664 =>Hijacker.Proxy http://www.nicolascoolman.fr/?p=5145 =>.Superfluous.Uniblue http://www.nicolascoolman.fr/pup-systweak/ =>.Superfluous.Systweak http://www.nicolascoolman.info/2016/04/21/riskware-quicktime/ =>Riskware.QuickTime http://www.nicolascoolman.info/2016/05/01/definition-dun-logiciel-pup-lpi/ =>PUP.Optional.Generic http://www.nicolascoolman.fr/?p=5145 =>.Superfluous.Downloader http://www.nicolascoolman.info/2016/04/30/pup-optional-bprotector/ =>PUP.Optional.BProtector http://www.nicolascoolman.fr/?p=4664 =>PUP.Optional.SaferSurf http://www.nicolascoolman.fr/?p=299 =>PUP.Optional.Dealio http://www.nicolascoolman.info/2016/04/22/heuristic-suspect/ =>Heuristic.Suspect http://www.nicolascoolman.info/2016/04/30/pup-optional-crossrider/ =>PUP.Optional.CrossRider http://www.nicolascoolman.fr/?p=558 =>PUP.Optional.RegistryPowerCleaner http://www.nicolascoolman.fr/?p=287 =>PUP.Optional.RightSurf ---\\ Nettoyage Additionnel. (21) ~ Suppression des Clés de registre Tracing. (21) ~ Suppression des anciens rapports ZHPCleaner. (0) ---\\ Bilan de la réparation ~ Réparation réalisée avec succès. ~ Ce navigateur est absent (Opera Software) ~ Le système a été redémarré. ---\\ Statistiques ~ Items scannés : 30965 ~ Items trouvés : 11 ~ Items annulés : 0 ~ Items réparés : 62 ~ End of clean in 00h01mn02s ~==================== ZHPCleaner-[R]-14052016-17_58_26.txt ZHPCleaner-[S]-14052016-17_56_26.txt