Format du document : text/plain
Prévisualisation
~ ZHPCleaner v2015.6.13.275 by Nicolas Coolman (2015\06\13)
~ Run by Ali (Administrator) (13/06/2015 14:44:22)
~ Site : http://nicolascoolman.com/fr
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Version OK
~ Type : Netttoyer
~ Report : C:\Users\Ali\Desktop\ZHPCleaner.txt
~ Quarantine : C:\Users\Ali\AppData\Roaming\ZHP\ZHPCleaner_Quarantine.txt
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
~ Windows 8.1, 64-bit (Build 9600)
---\\ Service. (0)
~ Aucun �l�ment malicieux trouv�.
---\\ Navigateur internet. (2)
SUPPRIM� donn�e: HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings [Bad : Port=58283 <-Loopback>] (Hijacker.Proxy)
SUPPRIM� donn�e: HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings [Bad : Port=58283 <-Loopback>] (Hijacker.Proxy)
---\\ Fichier h�te. (1)
~ Le fichier h�te est l�gitime. (22)
---\\ T�che planifi�e. (1)
SUPPRIM� t�che: [AutoKMS] [C:\WINDOWS\AutoKMS\AutoKMS.exe (Not File) ] (HackTool.AutoKMS)
---\\ Explorateur ( Dossiers, Fichiers ). (37)
DEPLAC� fichier: C:\Users\Ali\AppData\Roaming\sAsIbAj\LibDownloadManagement.dll [Copyright � 2014 - downloadManagement] (Adware.Pirrit)
DEPLAC� fichier: C:\Users\Ali\AppData\Roaming\JP4HnIi\LibDownloadManagement.dll [Copyright � 2014 - downloadManagement] (Adware.Pirrit)
DEPLAC� fichier: C:\Users\Ali\AppData\Roaming\5pAABNa\LibDownloadManagement.dll [Copyright � 2014 - downloadManagement] (Adware.Pirrit)
DEPLAC� fichier: C:\Windows\AutoKMS\AutoKMS.exe [CODYQX4 - AutoKMS] (HackTool.AutoKMS)
DEPLAC� fichier: C:\Windows\Prefetch\BOBROWSER.EXE-E3DB20BD.pf (PUP.BoBrowser)
DEPLAC� fichier: C:\Windows\Prefetch\R0BLOCKANDSURFQ33.EXE-45D7F80A.pf (PUP.BlockAndSurf)
DEPLAC� fichier: C:\Windows\Prefetch\SIGNUP WIZARD.EXE-9554BD21.pf (PUP.MyPCBackup)
DEPLAC� fichier: C:\Windows\Installer\103c4b0.msi [Ask.com - InstallShield� 2010 - Professional Edition] (Toolbar.Ask)
DEPLAC� fichier: C:\Windows\Installer\baead8.msi [Kreapixel - Windows Installer] (Adware.SocialSkinz)
DEPLAC� fichier: C:\ProgramData\SetStretch.exe (Suspect.Optional)
DEPLAC� fichier: C:\ProgramData\InstallMate\{692E3C40-7290-4269-A082-3AB2B2CD1EB6}\Setup.exe [Tarma Software Research Pty Ltd - InstallMate� Setup] (PUP.Tarma)
DEPLAC� fichier: C:\ProgramData\InstallMate\{692E3C40-7290-4269-A082-3AB2B2CD1EB6}\TsuDll.dll [Tarma Software Research Pty Ltd - InstallMate� Setup Library] (PUP.Tarma)
DEPLAC� fichier: C:\Users\Ali\Downloads\Babylone Zina.mp3 (PUP.Babylon)
DEPLAC� fichier: C:\Users\Ali\Downloads\FLVPlayer-Chrome (1).exe (PUP.FLVPlayer)
DEPLAC� fichier: C:\Users\Ali\Downloads\FLVPlayer-Chrome (2).exe (PUP.FLVPlayer)
DEPLAC� fichier: C:\Users\Ali\Downloads\FLVPlayer-Chrome (3).exe (PUP.FLVPlayer)
DEPLAC� fichier: C:\Users\Ali\Downloads\FLVPlayer-Chrome.exe (PUP.FLVPlayer)
DEPLAC� fichier: C:\Users\Ali\Downloads\GI54+L3+GEII+SA+NOTATION+2013+2014-1.pdf (Hijacker.Proxy)
DEPLAC� fichier: C:\Users\Ali\Downloads\GUIDE REUSSIR SON STAGE.doc [Violaine Blanc - ] (PUP.OnStage)
DEPLAC� fichier: C:\Users\Ali\Downloads\L3+GEII+NOTATION+2013+2014+-+PPP.pdf (Hijacker.Proxy)
DEPLAC� fichier: C:\Users\Ali\Downloads\L3+GSI+NOTATION+2013-2014+-+PPP.pdf (Hijacker.Proxy)
DEPLAC� fichier: C:\Users\Ali\Downloads\umbrella.log (Adware.IMBooster)
DEPLAC� fichier: C:\Windows\AutoKMS\AutoKMS.log (HackTool.AutoKMS)
DEPLAC� fichier: C:\Users\Ali\AppData\Roaming\appdataFr3.bin (PUP.Optional)
DEPLAC� dossier: C:\Users\Ali\AppData\Roaming\sAsIbAj (Adware.Pirrit)
DEPLAC� dossier: C:\Users\Ali\AppData\Roaming\JP4HnIi (Adware.Pirrit)
DEPLAC� dossier: C:\Users\Ali\AppData\Roaming\5pAABNa (Adware.Pirrit)
DEPLAC� dossier: C:\Program Files (x86)\c2a69466-1b6a-479d-a186-8814fde96b52 (Adware.CrossRider)
DEPLAC� dossier: C:\Program Files (x86)\tuto4pc_fr_36 (PUP.AgenceExclusive)
DEPLAC� dossier: C:\ProgramData\InstallMate (PUP.Tarma)
DEPLAC� dossier: C:\WINDOWS\AutoKMS (HackTool.AutoKMS)
DEPLAC� dossier: C:\Users\Ali\AppData\Local\com (PUP.Optional)
DEPLAC� dossier: C:\WINDOWS\Installer\MSI3DA4.tmp- (Empty)
DEPLAC� dossier: C:\WINDOWS\Installer\MSI85C8.tmp- (Empty)
DEPLAC� dossier: C:\WINDOWS\Installer\MSIA677.tmp- (Empty)
DEPLAC� dossier: C:\WINDOWS\Installer\MSIB2F.tmp- (Empty)
DEPLAC� dossier: C:\WINDOWS\Installer\MSID8DD.tmp- (Empty)
---\\ Base de Registres ( Cl�s, Valeurs, Donn�es ). (29)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Clients\StartMenuInternet\Torch [] (PUP.Torch)
SUPPRIM� cl�*: HKCU\Software\winservice86-nv-ie [] (Adware.CrossRider)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Wow6432Node\winservice86-nv-ie [] (Adware.CrossRider)
SUPPRIM� cl�*: HKEY_USERS\S-1-5-21-3195047193-392384213-1903880517-1001\Software\PepperZip [C:\Program Files (x86)\PepperZip\PepperZip.exe (Not File)] (PUP.PepperZip)
SUPPRIM� cl�*: HKCU\Software\webdisco [] (PUP.WebDisco)
SUPPRIM� cl�*: HKCU\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA} [] (Adware.Graftor)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Classes\SoftwareUpdate.OnDemandCOMClassSvc [Google Update Legacy On Demand] (Adware.Boxore)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Classes\SoftwareUpdate.OnDemandCOMClassSvc.1.0 [Google Update Legacy On Demand] (Adware.Boxore)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Classes\SoftwareUpdate.Update3WebSvc [SoftwareUpdate Update3Web] (Adware.Boxore)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Classes\SoftwareUpdate.Update3WebSvc.1.0 [SoftwareUpdate Update3Web] (Adware.Boxore)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Classes\Torch.torrent [] (PUP.Torch)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Classes\TornTvDownloader.File [] (Hijacker.TornTV)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Classes\CLSID\{589bbc6a-67e9-47ea-b159-f3cca1d98c6b} [dEail4reeaal] (Adware.Multiplug)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Classes\CLSID\{8f8109bb-d45f-42dd-ab1e-9833e617ad79} [SalleePlus] (Adware.Multiplug)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Classes\CLSID\{ead9e530-0777-4297-ae5d-20d47b5b48c1} [PProShoppeer] (Adware.Multiplug)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Classes\Record\{181480C8-90AC-3430-B39A-CD121E034A1A} [IESmartBar.MSG] (Hijacker.SmartBar)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Classes\Record\{2009AF2F-5786-3067-8799-B97F7832FDD6} [IESmartBar.BandObjectStyle] (Hijacker.SmartBar)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Classes\Record\{425E7597-03A2-338D-B72A-0E51FFE77A7E} [IESmartBar.POINT] (Hijacker.SmartBar)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Classes\Record\{8F54FA54-1DF8-3B20-890C-CDD95364BC95} [IESmartBar.DBIM] (Hijacker.SmartBar)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Classes\Record\{915BB7D5-082E-3B91-B1E0-45B5FDE01F24} [IESmartBar.DESKBANDINFO] (Hijacker.SmartBar)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Classes\Record\{FB2E65F4-5687-33EF-9BBF-4E3C9C98D3B9} [IESmartBar.DBIMF] (Hijacker.SmartBar)
SUPPRIM� cl�*: [X64] HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Torntv [] (Hijacker.TornTV)
SUPPRIM� cl�*: [X64] HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Update grassmow [] (Adware.Sambreel)
SUPPRIM� cl�*: [X64] HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Update SmarterPower [] (Adware.Sambreel)
SUPPRIM� cl�*: [X64] HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Update Techgile [] (PUP.Techgile)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Wow6432Node\DownloaderAssistant [1415308167] (PUP.Salus)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Wow6432Node\{12DA0E6F-5543-440C-BAA2-28BF01070AFA} [] (Adware.Graftor)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C6946248-0056-495A-B138-59CE83B83188} [C:\PROGRA~2\SEARCH~1\Datamngr\SRTOOL~2 (Not File)] (PUP.Datamngr)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DE7873E2-98E6-4E31-AE4A-296C16491D0F} [C:\PROGRA~2\SEARCH~1\Datamngr\SRTOOL~1 (Not File)] (PUP.Datamngr)
---\\ Bilan de la r�paration
~ R�paration r�alis�e avec succ�s.
~ Ce navigateur est absent (Mozilla Firefox)
~ Ce navigateur est absent (Opera Software)
---\\ Statistiques
~ Items scann�s : 710
~ Items trouv�s : 0
~ Items annul�s : 0
~ Items r�par�s : 69
End of clean at 14:45:15
===================
ZHPCleaner-[R]-13062015-14_45_15.txt
ZHPCleaner-[S]-13062015-14_34_54.txt