Publicité
Publicité
Format du document : text/plain
Prévisualisation
~ ZHPCleaner v2017.6.26.105 by Nicolas Coolman (2017/06/26)
~ Run by benja_000 (Administrator) (02/07/2017 15:36:49)
~ Web: https://www.nicolascoolman.com
~ Blog: https://nicolascoolman.eu/
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Version OK
~ Certificate ZHPCleaner: Illegal
~ Type : Nettoyer
~ Report : C:\Users\benja_000\Desktop\ZHPCleaner.txt
~ Quarantine : C:\Users\benja_000\AppData\Roaming\ZHP\ZHPCleaner_Reg.txt
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
Windows 10 Home, 64-bit (Build 14393)
---\\ Service. (0)
---\\ Navigateur internet. (1)
SUPPRIMÉ donnée: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyOverride [Bad : <-loopback>;] =>Hijacker.Proxy
---\\ Fichier hôte. (3)
REMPLACÉ: 35.156.90.191 authserver.mojang.com
REMPLACÉ: 35.156.90.191 sessionserver.mojang.com
~ Nombre de redirections trouvées 2/3
---\\ Tâche planifiée. (1)
SUPPRIMÉ tâche: [AutoPico Daily Restart] [C:\Program Files\KMSpico\AutoPico.exe (Not File) ] =>HackTool.KMSpico
---\\ Explorateur ( Dossiers, Fichiers ). (23)
DEPLACÉ fichier: C:\Program Files\KMSpico\Service_KMS.exe [@ByELDI - Service_KMS] =>HackTool.KMSpico
DEPLACÉ fichier: C:\WINDOWS\System32\drivers\{36ed28a4-ac0a-4653-91ff-10beb4246550}Gw64.sys [StdLib - StdLib] =>PUP.Optional.LinkiDoo
DEPLACÉ fichier^: C:\WINDOWS\System32\drivers\{6dd55e9a-3d06-4d70-b5e7-05fc3e0a3d66}Gw64.sys [StdLib - StdLib] =>PUP.Optional.LinkiDoo
DEPLACÉ fichier^: C:\WINDOWS\System32\drivers\{848705a5-8a27-403e-9b59-732d0608bcbc}Gw64.sys [StdLib - StdLib] =>PUP.Optional.LinkiDoo
DEPLACÉ fichier^: C:\WINDOWS\System32\drivers\{eb01aed1-bba3-4e72-8323-a77bb027b1d4}Gw64.sys [StdLib - StdLib] =>PUP.Optional.LinkiDoo
DEPLACÉ fichier**: C:\Program Files\KMSpico\AutoPico.exe [@ByELDI - AutoPico] =>HackTool.KMSpico
DEPLACÉ fichier**: C:\Windows\Prefetch\MEDIAGET.EXE-2AFE4C32.pf =>.Superfluous.MediaGet
DEPLACÉ fichier**: C:\Users\benja_000\Desktop\KMSpico - MrPlutani0m.exe [ - KMSpico Setup] =>HackTool.KMSpico
DEPLACÉ fichier**: C:\Users\benja_000\Downloads\Download_Right_Click_To_Necromance_downloader.exe [electoPod incorp. - ] =>.Superfluous.WebitarProduction
DEPLACÉ fichier**: C:\Users\benja_000\Downloads\KMSpico - MrPlutani0m.exe [ - KMSpico Setup] =>HackTool.KMSpico
DEPLACÉ fichier**: C:\Users\benja_000\AppData\Local\nsaF419.tmp [CMI Limited - Setup] =>.Superfluous.CMILimited
DEPLACÉ fichier**: C:\Users\benja_000\AppData\Local\nsdF531.tmp [CMI Limited - Setup] =>.Superfluous.CMILimited
DEPLACÉ fichier**: C:\Users\benja_000\AppData\Local\nspD2B8.tmp [CMI Limited - Setup] =>.Superfluous.CMILimited
DEPLACÉ fichier**: C:\Windows\SECOH-QAD.exe =>HackTool.KMSpico
DEPLACÉ dossier*: C:\Program Files (x86)\dollarkeeepper =>PUP.Optional.DollarKeeper
DEPLACÉ dossier*: C:\Program Files (x86)\Mirillis =>.Superfluous.Empty
DEPLACÉ dossier*: C:\Program Files (x86)\Software =>.Superfluous.Empty
DEPLACÉ dossier*: C:\Program Files\KMSpico =>HackTool.KMSpico
DEPLACÉ dossier*: C:\Program Files\shopperz =>PUP.Optional.Shopperz
DEPLACÉ dossier*: C:\ProgramData\41c80e239b441d2 =>Adware.CrossRider
DEPLACÉ dossier*: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico =>HackTool.KMSpico
DEPLACÉ dossier*: C:\Users\benja_000\AppData\Roaming\Store =>.Superfluous.Nosibay
DEPLACÉ dossier*: C:\Users\benja_000\Documents\Optimizer Pro =>PUP.Optional.OptimizerPro
---\\ Base de Registres ( Clés, Valeurs, Données ). (57)
SUPPRIMÉ clé*: HKCU\Software\HQ-Video-Pro-2.1cV14.01-nv [] =>Adware.CrossRider
SUPPRIMÉ clé*: HKCU\Software\Sense-nv [] =>Adware.CrossRider
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\HQ-Video-Pro-2.1cV14.01-nv [] =>Adware.CrossRider
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Sense-nv [] =>Adware.CrossRider
SUPPRIMÉ clé*: HKLM\SYSTEM\CurrentControlSet\Services\Service KMSELDI [C:\Program Files\KMSpico\Service_KMS.exe (Not File)] =>HackTool.KMSpico
SUPPRIMÉ clé*: HKLM\SYSTEM\CurrentControlSet\Services\{36ed28a4-ac0a-4653-91ff-10beb4246550}Gw64 [C:\WINDOWS\System32\drivers\{36ed28a4-ac0a-4653-91ff-10beb4246550}Gw64.sys (Not File)] =>PUP.Optional.LinkiDoo
SUPPRIMÉ clé*: HKLM\SYSTEM\CurrentControlSet\Services\{6dd55e9a-3d06-4d70-b5e7-05fc3e0a3d66}Gw64 [C:\WINDOWS\System32\drivers\{6dd55e9a-3d06-4d70-b5e7-05fc3e0a3d66}Gw64.sys] =>PUP.Optional.LinkiDoo
SUPPRIMÉ clé*: HKLM\SYSTEM\CurrentControlSet\Services\{848705a5-8a27-403e-9b59-732d0608bcbc}Gw64 [C:\WINDOWS\System32\drivers\{848705a5-8a27-403e-9b59-732d0608bcbc}Gw64.sys] =>PUP.Optional.LinkiDoo
SUPPRIMÉ clé*: HKLM\SYSTEM\CurrentControlSet\Services\{eb01aed1-bba3-4e72-8323-a77bb027b1d4}Gw64 [C:\WINDOWS\System32\drivers\{eb01aed1-bba3-4e72-8323-a77bb027b1d4}Gw64.sys] =>PUP.Optional.LinkiDoo
SUPPRIMÉ clé: HKEY_USERS\S-1-5-21-947915296-3583002873-1704246444-1001\SOFTWARE\HQ-Video-Pro-2.1cV14.01-nv [] =>Adware.CrossRider
SUPPRIMÉ clé*: HKEY_USERS\S-1-5-21-947915296-3583002873-1704246444-1001\SOFTWARE\PluginAddon [] =>PUP.Optional.Vonteera
SUPPRIMÉ clé*: HKEY_USERS\S-1-5-21-947915296-3583002873-1704246444-1001\SOFTWARE\Classes\.torrent [mediagettorrentfile] =>.Superfluous.MediaGet
SUPPRIMÉ clé*: HKEY_USERS\S-1-5-21-947915296-3583002873-1704246444-1001\SOFTWARE\Classes\mediagettorrentfile [MediaGet2 torrent] =>.Superfluous.MediaGet
SUPPRIMÉ clé*: HKEY_USERS\S-1-5-21-947915296-3583002873-1704246444-1001\SOFTWARE\Classes\mediagetvideofile [MediaGet2 video file] =>.Superfluous.MediaGet
SUPPRIMÉ clé*: HKEY_USERS\.DEFAULT\Software\HQ-Video-Pro-2.1cV14.01-nv [] =>Adware.CrossRider
SUPPRIMÉ clé*: HKEY_USERS\.DEFAULT\Software\AppDataLow\Software\HQ-Video-Pro-2.1cV14.01 [] =>Adware.CrossRider
SUPPRIMÉ clé: HKCU\Software\PluginAddon [] =>PUP.Optional.Vonteera
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1331551-D034-4771-9F94-9854325C18C} [C:\Program Files (x86)\Ge-Force (Not File)] =>Adware.CrossRider
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1CDF8C60-BD8E-4AD2-9FE2-5D5B4C665262} [C:\Program Files (x86)\HQ-Video-Pro-2.1cV14.01 (Not File)] =>Adware.CrossRider
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1F943EA7-7F8F-4E28-8724-E84A8A5C67E2} [C:\Program Files (x86)\HQ-Video-Pro-2.1cV14.01 (Not File)] =>Adware.CrossRider
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2BFB1FB6-3D68-44C2-B754-AC7271E9D57B} [C:\Program Files (x86)\HQ-Video-Pro-2.1cV14.01 (Not File)] =>Adware.CrossRider
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{35EBCEC4-23CE-41D6-A42F-931FCBFF01F} [C:\Program Files (x86)\HQ-Video-Pro-2.1cV14.01 (Not File)] =>Adware.CrossRider
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3685C856-7574-4191-AC6-EEF502B2D25} [C:\Program Files (x86)\Ge-Force (Not File)] =>Adware.CrossRider
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{38A77D01-E02D-49F2-8DAF-E6A0EB169E41} [C:\Program Files (x86)\Ge-Force (Not File)] =>Adware.CrossRider
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{47F11AD1-9C15-4909-BA4F-49DDCA172126} [C:\Program Files (x86)\HQ-Video-Pro-2.1cV14.01 (Not File)] =>Adware.CrossRider
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{583A2444-F2E5-4B86-BABD-BF5D437EB7E} [C:\Program Files (x86)\Ge-Force (Not File)] =>Adware.CrossRider
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5F5A088F-69AC-4811-9FD8-1D4F6D55398} [C:\Program Files (x86)\HQ-Video-Pro-2.1cV14.01 (Not File)] =>Adware.CrossRider
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6DAEDA42-C093-4744-A4D2-584FF184F4D0} [C:\Program Files (x86)\HQ-Video-Pro-2.1cV14.01 (Not File)] =>Adware.CrossRider
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{755D5C-459C-4FE5-9F30-C22D885F80E2} [C:\Program Files (x86)\Ge-Force (Not File)] =>Adware.CrossRider
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{78B00525-1713-49E4-BCA1-4A03DD9967D} [C:\Program Files (x86)\HQ-Video-Pro-2.1cV14.01 (Not File)] =>Adware.CrossRider
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{800A4779-2AA4-4DE7-A14B-7DB075CDF1F} [C:\Program Files (x86)\HQ-Video-Pro-2.1cV14.01 (Not File)] =>Adware.CrossRider
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B28806A8-C89-46D5-8538-CB999D4B349} [C:\Program Files (x86)\HQ-Video-Pro-2.1cV14.01 (Not File)] =>Adware.CrossRider
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B620C5C8-7D57-42AB-8D65-5737D1608C} [C:\Program Files (x86)\HQ-Video-Pro-2.1cV14.01 (Not File)] =>Adware.CrossRider
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B657AEFF-E3D5-4FB6-A33-6CE8995C4AE} [C:\Program Files (x86)\Ge-Force (Not File)] =>Adware.CrossRider
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BAD4A3F8-D45F-4B66-A99A-61428D72437A} [C:\Program Files (x86)\HQ-Video-Pro-2.1cV14.01 (Not File)] =>Adware.CrossRider
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7E6E0CF-E5A7-46D0-963E-B4E3E7812C46} [C:\Program Files (x86)\HQ-Video-Pro-2.1cV14.01 (Not File)] =>Adware.CrossRider
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C9CC1EFD-8DFC-4ED4-A943-A9EDFB87E51D} [C:\Program Files (x86)\HQ-Video-Pro-2.1cV14.01 (Not File)] =>Adware.CrossRider
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CAC7C1F1-29F8-44D3-B9D9-EECD407021F5} [C:\Program Files (x86)\Ge-Force (Not File)] =>Adware.CrossRider
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F0D629D2-A4B7-4166-AADF-3D592A9C32D} [C:\Program Files (x86)\HQ-Video-Pro-2.1cV14.01 (Not File)] =>Adware.CrossRider
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F3FCA3F4-4222-45C4-BD82-57297F5F7A9} [C:\Program Files (x86)\Ge-Force (Not File)] =>Adware.CrossRider
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F71EC432-427E-4479-A0B5-53B27DD0E68} [C:\Program Files (x86)\HQ-Video-Pro-2.1cV14.01 (Not File)] =>Adware.CrossRider
SUPPRIMÉ clé*: HKCU\Software\WEBAPP [] =>.Superfluous.Downloader
SUPPRIMÉ clé*: HKLM\SOFTWARE\Wow6432Node\Policies\Google\Update [] =>PUM.Security.Hijack
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Microsoft\Tracing\ByteFence_RASAPI32 [] =>.Superfluous.ByteFence
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Microsoft\Tracing\ByteFence_RASMANCS [] =>.Superfluous.ByteFence
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KMSpico_is1 [KMSpico v9.3] =>HackTool.KMSpico
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SoftwareUpdate.exe [] =>PUP.Optional.Boxore
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\ClickCaption_1.10.0.6 [] =>PUP.Optional.ClickCaption
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\SuperClick_1.10.0.16 [] =>PUP.Optional.SuperClick
SUPPRIMÉ valeur: HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions\\{DACC7D21-88D3-8701-79DB-50B30225DE6E} [C:\Program Files (x86)\ver4BlockAndSurf\186.xpi] =>PUP.Optional.BlockAndSurf
SUPPRIMÉ valeur: HKLM64\SOFTWARE\Mozilla\Firefox\Extensions\\{2395B860-45E4-42fd-96E6-50BA597C1C42} [C:\Program Files\shopperz\Firefox] =>PUP.Optional.Shopperz
SUPPRIMÉ valeur: HKLM64\SOFTWARE\Wow6432Node\Mozilla\Firefox\Extensions\\{2395B860-45E4-42fd-96E6-50BA597C1C42} [C:\Program Files\shopperz\Firefox] =>PUP.Optional.Shopperz
SUPPRIMÉ valeur: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\mbot_fr_627 [] =>Adware.CrossRider
SUPPRIMÉ valeur: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\gmsd_fr_571 [] =>Adware.CrossRider
SUPPRIMÉ valeur: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\StartupFolder\\SmartWeb.lnk [0x03000000C2DE06F5E59AD001] =>PUP.Optional.SmartWebSearch
SUPPRIMÉ valeur: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\{3EAFA32C-7F35-4D70-B04E-30FA9C6B3DF6} [C:\Users\benja_000\AppData\Local\MediaGet2\mediaget.exe] =>.Superfluous.MediaGet
SUPPRIMÉ valeur: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\{C00CA5C8-18AA-4F3C-B6DD-73A7903FA668} [C:\Users\benja_000\AppData\Local\MediaGet2\mediaget.exe] =>.Superfluous.MediaGet
---\\ Récapitulatif des éléments trouvés sur votre station. (21)
https://nicolascoolman.eu/2017/04/03/hijacker-proxy/ =>Hijacker.Proxy
https://nicolascoolman.eu/2017/02/16/hacktool-kmspico/ =>HackTool.KMSpico
https://www.nicolascoolman.com/fr/pup-linkidoo/ =>PUP.Optional.LinkiDoo
https://www.nicolascoolman.com/fr/pup-mediaget/ =>.Superfluous.MediaGet
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.Superfluous.WebitarProduction
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.Superfluous.CMILimited
https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>PUP.Optional.DollarKeeper
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.Superfluous.Empty
https://www.anti-malware.top/2016/04/21/pup-optional-shopperz/ =>PUP.Optional.Shopperz
https://nicolascoolman.eu/2017/03/11/pup-optional-crossrider/ =>Adware.CrossRider
https://www.anti-malware.top/2016/05/03/superfluous-nosibay/ =>.Superfluous.Nosibay
https://www.nicolascoolman.com/fr/pup-optimizerpro/ =>PUP.Optional.OptimizerPro
https://www.nicolascoolman.com/fr/trojan-vonteera/ =>PUP.Optional.Vonteera
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.Superfluous.Downloader
https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>PUM.Security.Hijack
https://nicolascoolman.eu/2017/03/13/superfluous-bytefence/ =>.Superfluous.ByteFence
https://nicolascoolman.eu/2017/03/14/pup-optional-boxore/ =>PUP.Optional.Boxore
https://www.nicolascoolman.com/fr/pup-optional-clickcaption/ =>PUP.Optional.ClickCaption
https://www.nicolascoolman.com/fr/pup-superclick/ =>PUP.Optional.SuperClick
https://www.nicolascoolman.com/fr/pup-blockandsurf/ =>PUP.Optional.BlockAndSurf
https://www.nicolascoolman.com/fr/pup-smartwebsearch/ =>PUP.Optional.SmartWebSearch
---\\ Nettoyage Additionnel. (26)
~ Suppression des Clés de registre Tracing. (26)
~ Suppression des anciens rapports ZHPCleaner. (0)
---\\ Bilan de la réparation
~ Réparation réalisée avec succès.
~ Ce navigateur est absent (Opera Software)
~ Le système a été redémarré.
---\\ Statistiques
~ Items scannés : 825
~ Items trouvés : 0
~ Items annulés : 0
~ Items réparés : 85
~ End of clean in 00h01mn26s
~====================
ZHPCleaner-[R]-02072017-15_38_15.txt
ZHPCleaner-[S]-02072017-15_36_33.txt
~ Run by benja_000 (Administrator) (02/07/2017 15:36:49)
~ Web: https://www.nicolascoolman.com
~ Blog: https://nicolascoolman.eu/
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Version OK
~ Certificate ZHPCleaner: Illegal
~ Type : Nettoyer
~ Report : C:\Users\benja_000\Desktop\ZHPCleaner.txt
~ Quarantine : C:\Users\benja_000\AppData\Roaming\ZHP\ZHPCleaner_Reg.txt
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
Windows 10 Home, 64-bit (Build 14393)
---\\ Service. (0)
---\\ Navigateur internet. (1)
SUPPRIMÉ donnée: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyOverride [Bad : <-loopback>;
---\\ Fichier hôte. (3)
REMPLACÉ: 35.156.90.191 authserver.mojang.com
REMPLACÉ: 35.156.90.191 sessionserver.mojang.com
~ Nombre de redirections trouvées 2/3
---\\ Tâche planifiée. (1)
SUPPRIMÉ tâche: [AutoPico Daily Restart] [C:\Program Files\KMSpico\AutoPico.exe (Not File) ] =>HackTool.KMSpico
---\\ Explorateur ( Dossiers, Fichiers ). (23)
DEPLACÉ fichier: C:\Program Files\KMSpico\Service_KMS.exe [@ByELDI - Service_KMS] =>HackTool.KMSpico
DEPLACÉ fichier: C:\WINDOWS\System32\drivers\{36ed28a4-ac0a-4653-91ff-10beb4246550}Gw64.sys [StdLib - StdLib] =>PUP.Optional.LinkiDoo
DEPLACÉ fichier^: C:\WINDOWS\System32\drivers\{6dd55e9a-3d06-4d70-b5e7-05fc3e0a3d66}Gw64.sys [StdLib - StdLib] =>PUP.Optional.LinkiDoo
DEPLACÉ fichier^: C:\WINDOWS\System32\drivers\{848705a5-8a27-403e-9b59-732d0608bcbc}Gw64.sys [StdLib - StdLib] =>PUP.Optional.LinkiDoo
DEPLACÉ fichier^: C:\WINDOWS\System32\drivers\{eb01aed1-bba3-4e72-8323-a77bb027b1d4}Gw64.sys [StdLib - StdLib] =>PUP.Optional.LinkiDoo
DEPLACÉ fichier**: C:\Program Files\KMSpico\AutoPico.exe [@ByELDI - AutoPico] =>HackTool.KMSpico
DEPLACÉ fichier**: C:\Windows\Prefetch\MEDIAGET.EXE-2AFE4C32.pf =>.Superfluous.MediaGet
DEPLACÉ fichier**: C:\Users\benja_000\Desktop\KMSpico - MrPlutani0m.exe [ - KMSpico Setup] =>HackTool.KMSpico
DEPLACÉ fichier**: C:\Users\benja_000\Downloads\Download_Right_Click_To_Necromance_downloader.exe [electoPod incorp. - ] =>.Superfluous.WebitarProduction
DEPLACÉ fichier**: C:\Users\benja_000\Downloads\KMSpico - MrPlutani0m.exe [ - KMSpico Setup] =>HackTool.KMSpico
DEPLACÉ fichier**: C:\Users\benja_000\AppData\Local\nsaF419.tmp [CMI Limited - Setup] =>.Superfluous.CMILimited
DEPLACÉ fichier**: C:\Users\benja_000\AppData\Local\nsdF531.tmp [CMI Limited - Setup] =>.Superfluous.CMILimited
DEPLACÉ fichier**: C:\Users\benja_000\AppData\Local\nspD2B8.tmp [CMI Limited - Setup] =>.Superfluous.CMILimited
DEPLACÉ fichier**: C:\Windows\SECOH-QAD.exe =>HackTool.KMSpico
DEPLACÉ dossier*: C:\Program Files (x86)\dollarkeeepper =>PUP.Optional.DollarKeeper
DEPLACÉ dossier*: C:\Program Files (x86)\Mirillis =>.Superfluous.Empty
DEPLACÉ dossier*: C:\Program Files (x86)\Software =>.Superfluous.Empty
DEPLACÉ dossier*: C:\Program Files\KMSpico =>HackTool.KMSpico
DEPLACÉ dossier*: C:\Program Files\shopperz =>PUP.Optional.Shopperz
DEPLACÉ dossier*: C:\ProgramData\41c80e239b441d2 =>Adware.CrossRider
DEPLACÉ dossier*: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico =>HackTool.KMSpico
DEPLACÉ dossier*: C:\Users\benja_000\AppData\Roaming\Store =>.Superfluous.Nosibay
DEPLACÉ dossier*: C:\Users\benja_000\Documents\Optimizer Pro =>PUP.Optional.OptimizerPro
---\\ Base de Registres ( Clés, Valeurs, Données ). (57)
SUPPRIMÉ clé*: HKCU\Software\HQ-Video-Pro-2.1cV14.01-nv [] =>Adware.CrossRider
SUPPRIMÉ clé*: HKCU\Software\Sense-nv [] =>Adware.CrossRider
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\HQ-Video-Pro-2.1cV14.01-nv [] =>Adware.CrossRider
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Sense-nv [] =>Adware.CrossRider
SUPPRIMÉ clé*: HKLM\SYSTEM\CurrentControlSet\Services\Service KMSELDI [C:\Program Files\KMSpico\Service_KMS.exe (Not File)] =>HackTool.KMSpico
SUPPRIMÉ clé*: HKLM\SYSTEM\CurrentControlSet\Services\{36ed28a4-ac0a-4653-91ff-10beb4246550}Gw64 [C:\WINDOWS\System32\drivers\{36ed28a4-ac0a-4653-91ff-10beb4246550}Gw64.sys (Not File)] =>PUP.Optional.LinkiDoo
SUPPRIMÉ clé*: HKLM\SYSTEM\CurrentControlSet\Services\{6dd55e9a-3d06-4d70-b5e7-05fc3e0a3d66}Gw64 [C:\WINDOWS\System32\drivers\{6dd55e9a-3d06-4d70-b5e7-05fc3e0a3d66}Gw64.sys] =>PUP.Optional.LinkiDoo
SUPPRIMÉ clé*: HKLM\SYSTEM\CurrentControlSet\Services\{848705a5-8a27-403e-9b59-732d0608bcbc}Gw64 [C:\WINDOWS\System32\drivers\{848705a5-8a27-403e-9b59-732d0608bcbc}Gw64.sys] =>PUP.Optional.LinkiDoo
SUPPRIMÉ clé*: HKLM\SYSTEM\CurrentControlSet\Services\{eb01aed1-bba3-4e72-8323-a77bb027b1d4}Gw64 [C:\WINDOWS\System32\drivers\{eb01aed1-bba3-4e72-8323-a77bb027b1d4}Gw64.sys] =>PUP.Optional.LinkiDoo
SUPPRIMÉ clé: HKEY_USERS\S-1-5-21-947915296-3583002873-1704246444-1001\SOFTWARE\HQ-Video-Pro-2.1cV14.01-nv [] =>Adware.CrossRider
SUPPRIMÉ clé*: HKEY_USERS\S-1-5-21-947915296-3583002873-1704246444-1001\SOFTWARE\PluginAddon [] =>PUP.Optional.Vonteera
SUPPRIMÉ clé*: HKEY_USERS\S-1-5-21-947915296-3583002873-1704246444-1001\SOFTWARE\Classes\.torrent [mediagettorrentfile] =>.Superfluous.MediaGet
SUPPRIMÉ clé*: HKEY_USERS\S-1-5-21-947915296-3583002873-1704246444-1001\SOFTWARE\Classes\mediagettorrentfile [MediaGet2 torrent] =>.Superfluous.MediaGet
SUPPRIMÉ clé*: HKEY_USERS\S-1-5-21-947915296-3583002873-1704246444-1001\SOFTWARE\Classes\mediagetvideofile [MediaGet2 video file] =>.Superfluous.MediaGet
SUPPRIMÉ clé*: HKEY_USERS\.DEFAULT\Software\HQ-Video-Pro-2.1cV14.01-nv [] =>Adware.CrossRider
SUPPRIMÉ clé*: HKEY_USERS\.DEFAULT\Software\AppDataLow\Software\HQ-Video-Pro-2.1cV14.01 [] =>Adware.CrossRider
SUPPRIMÉ clé: HKCU\Software\PluginAddon [] =>PUP.Optional.Vonteera
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1331551-D034-4771-9F94-9854325C18C} [C:\Program Files (x86)\Ge-Force (Not File)] =>Adware.CrossRider
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1CDF8C60-BD8E-4AD2-9FE2-5D5B4C665262} [C:\Program Files (x86)\HQ-Video-Pro-2.1cV14.01 (Not File)] =>Adware.CrossRider
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1F943EA7-7F8F-4E28-8724-E84A8A5C67E2} [C:\Program Files (x86)\HQ-Video-Pro-2.1cV14.01 (Not File)] =>Adware.CrossRider
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2BFB1FB6-3D68-44C2-B754-AC7271E9D57B} [C:\Program Files (x86)\HQ-Video-Pro-2.1cV14.01 (Not File)] =>Adware.CrossRider
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{35EBCEC4-23CE-41D6-A42F-931FCBFF01F} [C:\Program Files (x86)\HQ-Video-Pro-2.1cV14.01 (Not File)] =>Adware.CrossRider
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3685C856-7574-4191-AC6-EEF502B2D25} [C:\Program Files (x86)\Ge-Force (Not File)] =>Adware.CrossRider
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{38A77D01-E02D-49F2-8DAF-E6A0EB169E41} [C:\Program Files (x86)\Ge-Force (Not File)] =>Adware.CrossRider
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{47F11AD1-9C15-4909-BA4F-49DDCA172126} [C:\Program Files (x86)\HQ-Video-Pro-2.1cV14.01 (Not File)] =>Adware.CrossRider
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{583A2444-F2E5-4B86-BABD-BF5D437EB7E} [C:\Program Files (x86)\Ge-Force (Not File)] =>Adware.CrossRider
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5F5A088F-69AC-4811-9FD8-1D4F6D55398} [C:\Program Files (x86)\HQ-Video-Pro-2.1cV14.01 (Not File)] =>Adware.CrossRider
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6DAEDA42-C093-4744-A4D2-584FF184F4D0} [C:\Program Files (x86)\HQ-Video-Pro-2.1cV14.01 (Not File)] =>Adware.CrossRider
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{755D5C-459C-4FE5-9F30-C22D885F80E2} [C:\Program Files (x86)\Ge-Force (Not File)] =>Adware.CrossRider
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{78B00525-1713-49E4-BCA1-4A03DD9967D} [C:\Program Files (x86)\HQ-Video-Pro-2.1cV14.01 (Not File)] =>Adware.CrossRider
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{800A4779-2AA4-4DE7-A14B-7DB075CDF1F} [C:\Program Files (x86)\HQ-Video-Pro-2.1cV14.01 (Not File)] =>Adware.CrossRider
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B28806A8-C89-46D5-8538-CB999D4B349} [C:\Program Files (x86)\HQ-Video-Pro-2.1cV14.01 (Not File)] =>Adware.CrossRider
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B620C5C8-7D57-42AB-8D65-5737D1608C} [C:\Program Files (x86)\HQ-Video-Pro-2.1cV14.01 (Not File)] =>Adware.CrossRider
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B657AEFF-E3D5-4FB6-A33-6CE8995C4AE} [C:\Program Files (x86)\Ge-Force (Not File)] =>Adware.CrossRider
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BAD4A3F8-D45F-4B66-A99A-61428D72437A} [C:\Program Files (x86)\HQ-Video-Pro-2.1cV14.01 (Not File)] =>Adware.CrossRider
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7E6E0CF-E5A7-46D0-963E-B4E3E7812C46} [C:\Program Files (x86)\HQ-Video-Pro-2.1cV14.01 (Not File)] =>Adware.CrossRider
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C9CC1EFD-8DFC-4ED4-A943-A9EDFB87E51D} [C:\Program Files (x86)\HQ-Video-Pro-2.1cV14.01 (Not File)] =>Adware.CrossRider
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CAC7C1F1-29F8-44D3-B9D9-EECD407021F5} [C:\Program Files (x86)\Ge-Force (Not File)] =>Adware.CrossRider
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F0D629D2-A4B7-4166-AADF-3D592A9C32D} [C:\Program Files (x86)\HQ-Video-Pro-2.1cV14.01 (Not File)] =>Adware.CrossRider
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F3FCA3F4-4222-45C4-BD82-57297F5F7A9} [C:\Program Files (x86)\Ge-Force (Not File)] =>Adware.CrossRider
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F71EC432-427E-4479-A0B5-53B27DD0E68} [C:\Program Files (x86)\HQ-Video-Pro-2.1cV14.01 (Not File)] =>Adware.CrossRider
SUPPRIMÉ clé*: HKCU\Software\WEBAPP [] =>.Superfluous.Downloader
SUPPRIMÉ clé*: HKLM\SOFTWARE\Wow6432Node\Policies\Google\Update [] =>PUM.Security.Hijack
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Microsoft\Tracing\ByteFence_RASAPI32 [] =>.Superfluous.ByteFence
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Microsoft\Tracing\ByteFence_RASMANCS [] =>.Superfluous.ByteFence
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KMSpico_is1 [KMSpico v9.3] =>HackTool.KMSpico
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SoftwareUpdate.exe [] =>PUP.Optional.Boxore
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\ClickCaption_1.10.0.6 [] =>PUP.Optional.ClickCaption
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\SuperClick_1.10.0.16 [] =>PUP.Optional.SuperClick
SUPPRIMÉ valeur: HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions\\{DACC7D21-88D3-8701-79DB-50B30225DE6E} [C:\Program Files (x86)\ver4BlockAndSurf\186.xpi] =>PUP.Optional.BlockAndSurf
SUPPRIMÉ valeur: HKLM64\SOFTWARE\Mozilla\Firefox\Extensions\\{2395B860-45E4-42fd-96E6-50BA597C1C42} [C:\Program Files\shopperz\Firefox] =>PUP.Optional.Shopperz
SUPPRIMÉ valeur: HKLM64\SOFTWARE\Wow6432Node\Mozilla\Firefox\Extensions\\{2395B860-45E4-42fd-96E6-50BA597C1C42} [C:\Program Files\shopperz\Firefox] =>PUP.Optional.Shopperz
SUPPRIMÉ valeur: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\mbot_fr_627 [] =>Adware.CrossRider
SUPPRIMÉ valeur: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\gmsd_fr_571 [] =>Adware.CrossRider
SUPPRIMÉ valeur: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\StartupFolder\\SmartWeb.lnk [0x03000000C2DE06F5E59AD001] =>PUP.Optional.SmartWebSearch
SUPPRIMÉ valeur: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\{3EAFA32C-7F35-4D70-B04E-30FA9C6B3DF6} [C:\Users\benja_000\AppData\Local\MediaGet2\mediaget.exe] =>.Superfluous.MediaGet
SUPPRIMÉ valeur: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\{C00CA5C8-18AA-4F3C-B6DD-73A7903FA668} [C:\Users\benja_000\AppData\Local\MediaGet2\mediaget.exe] =>.Superfluous.MediaGet
---\\ Récapitulatif des éléments trouvés sur votre station. (21)
https://nicolascoolman.eu/2017/04/03/hijacker-proxy/ =>Hijacker.Proxy
https://nicolascoolman.eu/2017/02/16/hacktool-kmspico/ =>HackTool.KMSpico
https://www.nicolascoolman.com/fr/pup-linkidoo/ =>PUP.Optional.LinkiDoo
https://www.nicolascoolman.com/fr/pup-mediaget/ =>.Superfluous.MediaGet
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.Superfluous.WebitarProduction
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.Superfluous.CMILimited
https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>PUP.Optional.DollarKeeper
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.Superfluous.Empty
https://www.anti-malware.top/2016/04/21/pup-optional-shopperz/ =>PUP.Optional.Shopperz
https://nicolascoolman.eu/2017/03/11/pup-optional-crossrider/ =>Adware.CrossRider
https://www.anti-malware.top/2016/05/03/superfluous-nosibay/ =>.Superfluous.Nosibay
https://www.nicolascoolman.com/fr/pup-optimizerpro/ =>PUP.Optional.OptimizerPro
https://www.nicolascoolman.com/fr/trojan-vonteera/ =>PUP.Optional.Vonteera
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.Superfluous.Downloader
https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>PUM.Security.Hijack
https://nicolascoolman.eu/2017/03/13/superfluous-bytefence/ =>.Superfluous.ByteFence
https://nicolascoolman.eu/2017/03/14/pup-optional-boxore/ =>PUP.Optional.Boxore
https://www.nicolascoolman.com/fr/pup-optional-clickcaption/ =>PUP.Optional.ClickCaption
https://www.nicolascoolman.com/fr/pup-superclick/ =>PUP.Optional.SuperClick
https://www.nicolascoolman.com/fr/pup-blockandsurf/ =>PUP.Optional.BlockAndSurf
https://www.nicolascoolman.com/fr/pup-smartwebsearch/ =>PUP.Optional.SmartWebSearch
---\\ Nettoyage Additionnel. (26)
~ Suppression des Clés de registre Tracing. (26)
~ Suppression des anciens rapports ZHPCleaner. (0)
---\\ Bilan de la réparation
~ Réparation réalisée avec succès.
~ Ce navigateur est absent (Opera Software)
~ Le système a été redémarré.
---\\ Statistiques
~ Items scannés : 825
~ Items trouvés : 0
~ Items annulés : 0
~ Items réparés : 85
~ End of clean in 00h01mn26s
~====================
ZHPCleaner-[R]-02072017-15_38_15.txt
ZHPCleaner-[S]-02072017-15_36_33.txt