Publicité
Publicité
Format du document : text/plain
Prévisualisation
~ ZHPCleaner v2017.9.13.156 by Nicolas Coolman (2017/09/13)
~ Run by Tompouille (Administrator) (14/09/2017 00:40:56)
~ Web: https://www.nicolascoolman.com
~ Blog: https://nicolascoolman.eu/
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Version OK
~ Certificate ZHPCleaner: Legal
~ Type : Scanner
~ Report : C:\Users\Tompouille\Desktop\ZHPCleaner.txt
~ Quarantine : C:\Users\Tompouille\AppData\Roaming\ZHP\ZHPCleaner_Reg.txt
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
Windows 10 Home, 64-bit (Build 15063)
---\\ Service. (0)
~ Aucun élément malicieux ou superflu trouvé.
---\\ Navigateur internet. (1)
TROUVÉ: [ke1w8vby.default] - user_pref("browser.search.hiddenOneOffs", "Yahoo,Bing,Amazon.fr,DuckDuckGo,Portail Lexical - CNRTL,T[...] =>PUP.Optional.TroviCom
---\\ Fichier hôte. (1)
~ Le fichier hôte est légitime. (21)
---\\ Tâche planifiée. (4)
TROUVÉ tâche: [DropboxUpdateTaskMachineCore] [C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job] =>PUP.Optional.MySearch
TROUVÉ tâche: [DropboxUpdateTaskMachineUA] [C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job] =>PUP.Optional.MySearch
TROUVÉ tâche: [WpsNotifyTask_Administrator] [C:\WINDOWS\Tasks\WpsNotifyTask_Administrator.job] =>PUP.Optional.MySearch
TROUVÉ tâche: [WpsUpdateTask_Administrator] [C:\WINDOWS\Tasks\WpsUpdateTask_Administrator.job] =>PUP.Optional.MySearch
---\\ Explorateur ( Dossiers, Fichiers ). (4)
TROUVÉ fichier: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job =>PUP.Optional.MySearch
TROUVÉ fichier: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job =>PUP.Optional.MySearch
TROUVÉ fichier: C:\Windows\Tasks\WpsNotifyTask_Administrator.job =>PUP.Optional.MySearch
TROUVÉ fichier: C:\Windows\Tasks\WpsUpdateTask_Administrator.job =>PUP.Optional.MySearch
---\\ Base de Registres ( Clés, Valeurs, Données ). (11)
TROUVÉ clé: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\atwola.com [] =>.SUP.Atwola
TROUVÉ clé: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\ol.uk.at.atwola.com [] =>.SUP.Atwola
TROUVÉ clé: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\atwola.com [] =>.SUP.Atwola
TROUVÉ clé: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\ol.uk.at.atwola.com [] =>.SUP.Atwola
TROUVÉ clé: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0164084BFF71AD04DBF5C1B160E7E8B0 [C:\ProgramData\Ableton\Live 9 Lite\Resources\Python\abl.webconnector\abl\installer\delta.pyc] =>Adware.Sambreel
TROUVÉ clé: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\01B40E544513ECD4680F26221331A8A3 [C:\ProgramData\Ableton\Live 9 Lite\Resources\Python\abl.webconnector\tests\common.pyc] =>Adware.Sambreel
TROUVÉ clé: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\02740E33CB27C354C9A731DA34712C5F [C:\ProgramData\Ableton\Live 9 Lite\Resources\Python\abl.webconnector\tests\test_delta_creation.pyc] =>Adware.Sambreel
TROUVÉ clé: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0953F0C87B6EBC64581DAC131601283E [C:\ProgramData\Ableton\Live 9 Lite\Resources\Python\abl.webconnector\tests\__init__.pyc] =>Adware.Sambreel
TROUVÉ clé: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0B324B612E29B9349A34232E2C989F75 [C:\ProgramData\Ableton\Live 9 Lite\Resources\Python\abl.webconnector\abl\installer\delta_creator.py] =>Adware.Sambreel
TROUVÉ clé: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0B3EAB042095B204BA6A916C4E2848E7 [C:\ProgramData\Ableton\Live 9 Lite\Resources\Python\abl.webconnector\tests\test_diffing.pyc] =>Adware.Sambreel
TROUVÉ clé: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0BEEF62AC114A41438FDAEF47DCAC3F8 [C:\ProgramData\Ableton\Live 9 Lite\Resources\Extensions\WebConnector\Ableton Web Connector.exe] =>Adware.Sambreel
---\\ Récapitulatif des éléments trouvés sur votre station. (4)
https://www.nicolascoolman.com/fr/hijacker-trovicom/ =>PUP.Optional.TroviCom
https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>PUP.Optional.MySearch
https://nicolascoolman.eu/2017/02/04/superfluous-atwola/ =>.SUP.Atwola
https://www.nicolascoolman.com/fr/pup-optional-sambreel/ =>Adware.Sambreel
---\\ Bilan de la réparation
~ Aucune réparation effectuée.
~ Ce navigateur est absent (Opera Software)
---\\ Statistiques
~ Items scannés : 92084
~ Items trouvés : 20
~ Items annulés : 0
~ Items réparés : 0
~ End of search in 00h03mn02s
~====================
ZHPCleaner-[S]-14092017-00_36_39.txt
ZHPCleaner-[S]-14092017-00_43_58.txt
~ Run by Tompouille (Administrator) (14/09/2017 00:40:56)
~ Web: https://www.nicolascoolman.com
~ Blog: https://nicolascoolman.eu/
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Version OK
~ Certificate ZHPCleaner: Legal
~ Type : Scanner
~ Report : C:\Users\Tompouille\Desktop\ZHPCleaner.txt
~ Quarantine : C:\Users\Tompouille\AppData\Roaming\ZHP\ZHPCleaner_Reg.txt
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
Windows 10 Home, 64-bit (Build 15063)
---\\ Service. (0)
~ Aucun élément malicieux ou superflu trouvé.
---\\ Navigateur internet. (1)
TROUVÉ: [ke1w8vby.default] - user_pref("browser.search.hiddenOneOffs", "Yahoo,Bing,Amazon.fr,DuckDuckGo,Portail Lexical - CNRTL,T[...] =>PUP.Optional.TroviCom
---\\ Fichier hôte. (1)
~ Le fichier hôte est légitime. (21)
---\\ Tâche planifiée. (4)
TROUVÉ tâche: [DropboxUpdateTaskMachineCore] [C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job] =>PUP.Optional.MySearch
TROUVÉ tâche: [DropboxUpdateTaskMachineUA] [C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job] =>PUP.Optional.MySearch
TROUVÉ tâche: [WpsNotifyTask_Administrator] [C:\WINDOWS\Tasks\WpsNotifyTask_Administrator.job] =>PUP.Optional.MySearch
TROUVÉ tâche: [WpsUpdateTask_Administrator] [C:\WINDOWS\Tasks\WpsUpdateTask_Administrator.job] =>PUP.Optional.MySearch
---\\ Explorateur ( Dossiers, Fichiers ). (4)
TROUVÉ fichier: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job =>PUP.Optional.MySearch
TROUVÉ fichier: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job =>PUP.Optional.MySearch
TROUVÉ fichier: C:\Windows\Tasks\WpsNotifyTask_Administrator.job =>PUP.Optional.MySearch
TROUVÉ fichier: C:\Windows\Tasks\WpsUpdateTask_Administrator.job =>PUP.Optional.MySearch
---\\ Base de Registres ( Clés, Valeurs, Données ). (11)
TROUVÉ clé: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\atwola.com [] =>.SUP.Atwola
TROUVÉ clé: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\ol.uk.at.atwola.com [] =>.SUP.Atwola
TROUVÉ clé: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\atwola.com [] =>.SUP.Atwola
TROUVÉ clé: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\ol.uk.at.atwola.com [] =>.SUP.Atwola
TROUVÉ clé: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0164084BFF71AD04DBF5C1B160E7E8B0 [C:\ProgramData\Ableton\Live 9 Lite\Resources\Python\abl.webconnector\abl\installer\delta.pyc] =>Adware.Sambreel
TROUVÉ clé: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\01B40E544513ECD4680F26221331A8A3 [C:\ProgramData\Ableton\Live 9 Lite\Resources\Python\abl.webconnector\tests\common.pyc] =>Adware.Sambreel
TROUVÉ clé: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\02740E33CB27C354C9A731DA34712C5F [C:\ProgramData\Ableton\Live 9 Lite\Resources\Python\abl.webconnector\tests\test_delta_creation.pyc] =>Adware.Sambreel
TROUVÉ clé: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0953F0C87B6EBC64581DAC131601283E [C:\ProgramData\Ableton\Live 9 Lite\Resources\Python\abl.webconnector\tests\__init__.pyc] =>Adware.Sambreel
TROUVÉ clé: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0B324B612E29B9349A34232E2C989F75 [C:\ProgramData\Ableton\Live 9 Lite\Resources\Python\abl.webconnector\abl\installer\delta_creator.py] =>Adware.Sambreel
TROUVÉ clé: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0B3EAB042095B204BA6A916C4E2848E7 [C:\ProgramData\Ableton\Live 9 Lite\Resources\Python\abl.webconnector\tests\test_diffing.pyc] =>Adware.Sambreel
TROUVÉ clé: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0BEEF62AC114A41438FDAEF47DCAC3F8 [C:\ProgramData\Ableton\Live 9 Lite\Resources\Extensions\WebConnector\Ableton Web Connector.exe] =>Adware.Sambreel
---\\ Récapitulatif des éléments trouvés sur votre station. (4)
https://www.nicolascoolman.com/fr/hijacker-trovicom/ =>PUP.Optional.TroviCom
https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>PUP.Optional.MySearch
https://nicolascoolman.eu/2017/02/04/superfluous-atwola/ =>.SUP.Atwola
https://www.nicolascoolman.com/fr/pup-optional-sambreel/ =>Adware.Sambreel
---\\ Bilan de la réparation
~ Aucune réparation effectuée.
~ Ce navigateur est absent (Opera Software)
---\\ Statistiques
~ Items scannés : 92084
~ Items trouvés : 20
~ Items annulés : 0
~ Items réparés : 0
~ End of search in 00h03mn02s
~====================
ZHPCleaner-[S]-14092017-00_36_39.txt
ZHPCleaner-[S]-14092017-00_43_58.txt