Nueseacrh impossible éliminer

Fermé
ledégoutdechaquejourgrandit - Modifié par kaneagle le 7/06/2016 à 13:29
Destrio5 Messages postés 85985 Date d'inscription dimanche 11 juillet 2010 Statut Modérateur Dernière intervention 17 février 2023 - 7 juin 2016 à 14:59
Bonjour,

nuesearch s'est imposé dans mes deux navigateurs: TOR et Firefox

Impossible de s"en débarasser - J'y ai passé plus de trois heures

Il altère toute recherche

Il les oriente sur des sites sales pornos puants

Voici ce que donne ZPH Cleaner comme résultat - Si vous aviez une solution vous m'enlèveriez la haine profonde que j'ai envers ces pratiques

En vous remerciant

~ ZHPCleaner v2016.6.6.72 by Nicolas Coolman (2016/06/06)
~ Run by adin (Administrator) (07/06/2016 10:42:18)
~ Site : https://nicolascoolman.eu
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Version OK
~ Type : Repair
~ Report : C:\Users\adin\Desktop\ZHPCleaner.txt
~ Quarantine : C:\Users\adin\AppData\Roaming\ZHP\ZHPCleaner_Quarantine.txt
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
Windows 10 Home, 32-bit (Build 10240)


---\\ Services (0)
~ No malicious or unnecessary items found.


---\\ Browser internet (0)
~ No malicious or unnecessary items found.


---\\ Hosts file (1)
~ The hosts file is legitimate (21)


---\\ Scheduled automatic tasks. (0)
~ No malicious or unnecessary items found.


---\\ Explorer ( File, Folder) (19)
MOVED file: C:\Windows\Prefetch\QKSEESVC.EXE-58B921B3.pf =>.Superfluous.TaiwanShuiMu
MOVED file: C:\Windows\Prefetch\WINZIPER.EXE-6A810EE5.pf =>.Superfluous.WinZipper
MOVED file: C:\Windows\Prefetch\WINZIPERSVC.EXE-D89209C9.pf =>.Superfluous.WinZipper
MOVED file: C:\Windows\Prefetch\WINZIPPER.EXE-818623AE.pf =>.Superfluous.WinZipper
MOVED file: C:\Windows\Prefetch\WPM.EXE-90F0FE6A.pf =>PUP.Optional.WpManager
MOVED folder: C:\Users\adin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek =>Hijacker.Browser https://epicunitscan.info/00service/update2/crx
MOVED folder: C:\Users\adin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmngpagflejjoblmmamaonmnkghjmebh =>Hijacker.Browser ["update_url":"https://clients2.google.com/service/]
MOVED folder: C:\Users\adin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki =>Hijacker.Browser https://epicunitscan.info/00service/update2/crx
MOVED folder: C:\Users\adin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda =>Hijacker.Browser https://epicunitscan.info/00service/update2/crx
MOVED folder^: C:\Program Files\QuickTime =>Riskware.QuickTime
MOVED folder: C:\Program Files\Software =>PUP.Optional.Boxore
MOVED folder: C:\Users\adin\AppData\Local\Software =>PUP.Optional.Boxore
MOVED folder: C:\WINDOWS\Installer\MSI7F29.tmp- =>Empty
MOVED folder: C:\WINDOWS\Installer\MSI8D05.tmp- =>Empty
MOVED folder: C:\WINDOWS\Installer\MSI8F96.tmp- =>Empty
MOVED folder: C:\WINDOWS\Installer\MSI917C.tmp- =>Empty
MOVED folder: C:\WINDOWS\Installer\MSI9322.tmp- =>Empty
MOVED folder: C:\WINDOWS\Installer\MSI94F8.tmp- =>Empty
MOVED folder: C:\WINDOWS\Installer\MSI96CE.tmp- =>Empty


---\\ Registry ( Key, Value, Data) (16)
DELETED key*: HKLM\SOFTWARE\Google\Chrome\Extensions\gomekmidlodglbbmalcneegieacbdmki [] =>Hijacker.Browser
DELETED key*: HKCU\Software\CinemaPlus-4.2vV14.07-nv-ie [] =>PUP.Optional.CrossRider
DELETED key*: HKCU\Software\Cinema_Plus_1.9V19.07-nv-ie [] =>PUP.Optional.CrossRider
DELETED key: HKEY_USERS\S-1-5-21-1554434806-3524493975-1915038968-1001\SOFTWARE\CinemaPlus-4.2vV14.07-nv-ie [] =>PUP.Optional.CrossRider
DELETED key: HKEY_USERS\S-1-5-21-1554434806-3524493975-1915038968-1001\SOFTWARE\Cinema_Plus_1.9V19.07-nv-ie [] =>PUP.Optional.CrossRider
DELETED key*: HKEY_USERS\S-1-5-21-1554434806-3524493975-1915038968-1001\SOFTWARE\ICSW1.14 [] =>Adware.InstallCore
DELETED key*: HKEY_USERS\.DEFAULT\Software\Cinema_Plus_1.9V19.07-nv-ie [] =>PUP.Optional.CrossRider
DELETED key: HKCU\Software\ICSW1.14 [] =>Adware.InstallCore
DELETED key*: HKLM\SOFTWARE\TermCoach_1.10.0.24 [] =>PUP.Optional.TermCoach
DELETED key*: HKLM\SOFTWARE\WinZiper [] =>.Superfluous.WinZipper
DELETED key*: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Free RAR Extract Frog [Philipp Winterberg] =>.Superfluous.PhilippBWinterberg
DELETED key*: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WinZip [Winzipper Pvt Ltd.] =>.Superfluous.TaiwanShuiMu
DELETED key*: HKLM\SOFTWARE\Classes\CLSID\{DC638EEA-2BA2-4459-9C46-85A2F0BE6040} [wzShellContextMenu Class] =>.Superfluous.WinZipper
DELETED key: HKLM\SOFTWARE\Classes\CLSID\{DC638EEA-2BA2-4459-9C46-85A2F0BE6040}\InprocServer32 [C:\Program Files\WinZipper\wzShellctx.dll (Not File)] =>.Superfluous.WinZipper
DELETED value: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\QuickTime Task ["C:\Program Files\QuickTime\QTTask.exe" -atboottime] =>Riskware.QuickTime
DELETED value: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\\C:\Program Files\Common Files\DVDVideoSoft\bin\BrowserHelpersInstaller.exe [4] =>PUP.Optional.SearchDonkey


---\\ Summary of the elements found (13)
https://www.nicolascoolman.info/2016/05/05/superfluous-taiwanshuimu/ =>.Superfluous.TaiwanShuiMu
https://nicolascoolman.eu =>.Superfluous.WinZipper
https://nicolascoolman.eu =>PUP.Optional.WpManager
https://www.sosvirus.net/telecharger/zhpcleaner/ =>Hijacker.Browser https://epicunitscan.info/00service/update2/crx
https://www.sosvirus.net/telecharger/zhpcleaner/ =>Hijacker.Browser ["update_url":"https://clients2.google.com/service/]
https://www.nicolascoolman.info/2016/04/21/riskware-quicktime/ =>Riskware.QuickTime
https://www.nicolascoolman.info/2016/05/02/pup-optional-boxore/ =>PUP.Optional.Boxore
https://nicolascoolman.eu =>Hijacker.Browser
https://www.nicolascoolman.info/2016/04/30/pup-optional-crossrider/ =>PUP.Optional.CrossRider
https://www.nicolascoolman.info/2016/04/22/adware-installcore/ =>Adware.InstallCore
https://nicolascoolman.eu =>PUP.Optional.TermCoach
https://nicolascoolman.eu =>.Superfluous.PhilippBWinterberg
https://nicolascoolman.eu =>PUP.Optional.SearchDonkey


---\\ Other deletions. (2)
~ Registry Keys Tracing deleted (2)
~ Remove the old reports ZHPCleaner. (0)


---\\ Result of repair
~ Repair carried out successfully
~ Browser not found (Opera Software)
~ The system has been restarted.


---\\ Statistics
~ Items scanned : 797
~ Items found : 0
~ Items cancelled : 0
~ Items repaired : 35


~ End of clean in 00h01mn50s
~====================
ZHPCleaner-[R]-07062016-10_44_08.txt
ZHPCleaner-[S]-07062016-10_39_22.txt

Merci.

A voir également:

1 réponse

Destrio5 Messages postés 85985 Date d'inscription dimanche 11 juillet 2010 Statut Modérateur Dernière intervention 17 février 2023 10 297
7 juin 2016 à 14:59
Bonjour,

1/

--> Télécharge et lance AdwCleaner (d'Xplode), choisis l'option "Scanner".

--> Une fois le scan terminé, choisis l'option Nettoyer.

--> Redémarre le PC comme demandé, héberge le rapport sur pjjoint.malekal.com puis copie-colle le lien donné par le site dans ta réponse. Le rapport est enregistré dans C:\AdwCleaner sous le nom d'AdwCleaner[C?].


2/

--> Télécharge Farbar Recovery Scan Tool (de Farbar) sur ton Bureau.

Attention : tu dois prendre la version compatible avec ton système : 32 ou 64 bits.

32 ou 64 bits - Comment savoir ?

--> Ferme toutes les applications en cours.
--> Lance FRST (Sous Windows Vista/7/8/10, clic droit sur FRST > Exécuter en tant qu'administrateur).
--> Coche la case Addition.txt.
--> Clique sur Analyser.
--> Une fois le scan terminé, deux rapports FRST.txt et Addition.txt seront présents sur le Bureau.
--> Héberge les deux rapports sur pjjoint.malekal.com et copie-colle les liens fournis dans ta prochaine réponse.
0