~ ZHPCleaner v2016.7.14.85 by Nicolas Coolman (2016/08/14)
~ Run by manolito (Administrator)  (16/07/2016 12:11:37)
~ Site : http://www.nicolascoolman.com
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Version OK
~ Type : Nettoyer
~ Report : C:\Users\manolito\Desktop\ZHPCleaner.txt
~ Quarantine : C:\Users\manolito\AppData\Roaming\ZHP\ZHPCleaner_Quarantine.txt
~ UAC : Deactivate
~ Boot Mode : Normal (Normal boot)
Windows VISTA, 32-bit Service Pack 2 (Build 6002)


---\\  Service. (0)
~ Aucun élément malicieux ou superflu trouvé.


---\\  Navigateur internet. (2)
SUPPRIMÉ donnée: HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings [Bad : Port=138280000000000000000040000000000000060E1CFEBDBC9C901000000000000000000000000040000001700000000000000FE8000000000000004471D03F57FEF40D00000000000000170000000000000020010000D5C7A2D604471D03F57FEF400000000000000001C000000000000000000000000000000000000000000000000000000000000001700000000000000FE80000000000000C5E88BD12A1605EF0B000000000000001700000000000000FE80000000000000C5E88BD12A1605EF0B000000000000001700000000000000FE8000000000000004471D03F57FEF40D000000000000001C00000000000000000000000000000000000000000000000000000000000000170000000000000000000000000000000000FFFFC0A8010B000000000000000002000000C0A8010B000000000000000000000000000000000000000000000000420000422E5C0000D89D26007876260000000000040000000000000001000000000000000000000000000009C9A2600FEFFFFFF0C0000000200000001007000000000008000000000000000000000000000000000000000000000006F006C00170000000000000020010000D5C7A2D604471D03F57FEF400000000E49A2600E49A26000000000000000000200]  =>Hijacker.Proxy
SUPPRIMÉ donnée: HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings [Bad : Port=138280000000000000000040000000000000060E1CFEBDBC9C901000000000000000000000000040000001700000000000000FE8000000000000004471D03F57FEF40D00000000000000170000000000000020010000D5C7A2D604471D03F57FEF400000000000000001C000000000000000000000000000000000000000000000000000000000000001700000000000000FE80000000000000C5E88BD12A1605EF0B000000000000001700000000000000FE80000000000000C5E88BD12A1605EF0B000000000000001700000000000000FE8000000000000004471D03F57FEF40D000000000000001C00000000000000000000000000000000000000000000000000000000000000170000000000000000000000000000000000FFFFC0A8010B000000000000000002000000C0A8010B000000000000000000000000000000000000000000000000420000422E5C0000D89D26007876260000000000040000000000000001000000000000000000000000000009C9A2600FEFFFFFF0C0000000200000001007000000000008000000000000000000000000000000000000000000000006F006C00170000000000000020010000D5C7A2D604471D03F57FEF400000000E49A2600E49A26000000000000000000200]  =>Hijacker.Proxy


---\\  Fichier hôte. (0)
~ Aucun élément malicieux ou superflu trouvé.


---\\  Tâche planifiée. (2)
SUPPRIMÉ tâche: [Buzz-it Update] [C:\Windows\Tasks\Buzz-it Update.job (Not File) ]  =>PUP.Optional.BuzzItCorp
SUPPRIMÉ tâche: [Buzz-it_wd] [C:\Windows\Tasks\Buzz-it_wd.job (Not File) ]  =>PUP.Optional.BuzzItCorp


---\\  Explorateur  ( Dossiers, Fichiers ). (15)
DEPLACÉ fichier: C:\Windows\Tasks\Buzz-it Update.job    =>PUP.Optional.BuzzItCorp
DEPLACÉ fichier: C:\Windows\Tasks\Buzz-it_wd.job    =>PUP.Optional.BuzzItCorp
DEPLACÉ fichier: C:\Windows\Temp\i4jdel0.exe    =>Heuristic.Suspect
DEPLACÉ dossier: C:\Program Files\QuickTime  =>Riskware.QuickTime
DEPLACÉ dossier: C:\Windows\Installer\MSI13AA.tmp-  =>Empty
DEPLACÉ dossier: C:\Windows\Installer\MSI2227.tmp-  =>Empty
DEPLACÉ dossier: C:\Windows\Installer\MSI44C5.tmp-  =>Empty
DEPLACÉ dossier: C:\Windows\Installer\MSI5B07.tmp-  =>Empty
DEPLACÉ dossier: C:\Windows\Installer\MSI5FED.tmp-  =>Empty
DEPLACÉ dossier: C:\Windows\Installer\MSI684D.tmp-  =>Empty
DEPLACÉ dossier: C:\Windows\Installer\MSIB055.tmp-  =>Empty
DEPLACÉ dossier: C:\Windows\Installer\MSIB188.tmp-  =>Empty
DEPLACÉ dossier: C:\Windows\Installer\MSIB6D6.tmp-  =>Empty
DEPLACÉ dossier: C:\Windows\Installer\MSIF506.tmp-  =>Empty
DEPLACÉ dossier: C:\Windows\Installer\MSIFED8.tmp-  =>Empty


---\\  Base de Registres ( Clés, Valeurs, Données ). (15)
SUPPRIMÉ clé: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8CDE19E6-71C2-4B46-89B7-35F6A18C571A} [https://fr.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wny_tele_15_43&para[...]] [Search Provided by Yahoo]  =>.Superfluous.YahooSearchProvided
SUPPRIMÉ clé: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8CDE19E6-71C2-4B46-89B7-35F6A18C571A} [https://fr.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wny_tele_15_43&param1=1&param2=f%3D4%26b%3DIE%26cc%3Dfr%26pa%3DWinYahoo%26cd%3D2XzuyEtN2Y1L1QzutDtDtCyC0E0A0DtDzzyCyC0AtCyCzztCtN0D0Tzu0StCtAzytAtN1L2XzutAtFtCyEtFtDtFtDtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2SyB0AtC0EtA0F0A0EtGyBzztB0CtGtCzytC0CtGyDtA0B0FtGtBtC0E0BtBtAzy0Dzy0Bzy0E2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0F0CtBtDtCyBtAzztG0Ezy0FyEtGyEyB0FzytGzztC0FyCtG0ByCtAtD0FtByE0EtDzyyB0F2QtN0A0LzuyEtN1B2Z1V1T1S1NzutCtCyEtC%26cr%3D1595212407%26a%3Dwny_tele_15_43%26os%3DWindows%2BVista%2B(TM)%2BHome%2BPremium&p={searchTerms}]  =>.Superfluous.YahooSearchProvided
SUPPRIMÉ clé*: HKEY_USERS\.DEFAULT\Software\WNLT []  =>PUP.Optional.IncrediBar
SUPPRIMÉ clé*: HKEY_USERS\.DEFAULT\Software\AppDataLow\Software\Plus-HD-4.9 []  =>PUP.Optional.CrossRider
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\00212D92-C5D8-4ff4-AE50-B20F0F85C40A_Systweak_Ad~B9F029BF_is1 []  =>.Superfluous.Systweak
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Messenger_Plus_Live_France Toolbar []  =>.Superfluous.Conduit
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\System Speedup_is1 []  =>PUP.Optional.SystemSpeedup
SUPPRIMÉ clé*: HKLM\SOFTWARE\Classes\TypeLib\{3157E247-2784-4028-BF0F-52D6DDC70E1B} [PCSUHelperLib]  =>.Superfluous.PCSpeedUp
SUPPRIMÉ clé*: HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\aa69f80c-363c-4394-822f-2ccb44e39c41 [C:\Program Files\Messenger_Plus_Live_France (Not File)]  =>.Superfluous.Conduit
SUPPRIMÉ clé*: HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\e08c53da-62c7-4607-8f49-d54bbaf3f17a [C:\Program Files\Messenger_Plus_Live_France (Not File)]  =>.Superfluous.Conduit
SUPPRIMÉ clé*: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0292226F570267D459357AF78015E534 [C?\Program Files\Search Settings\kb128\SearchSettings.dll]  =>PUP.Optional.SearchSettings
SUPPRIMÉ clé*: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\03285961954D5824C85975D955031EE8 [C:\Program Files\Search Settings\ (Not File)]  =>PUP.Optional.SearchSettings
SUPPRIMÉ clé*: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467 []  =>PUP.Optional.QuickShare
SUPPRIMÉ valeur: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\QuickTime Task ["C:\Program Files\QuickTime\QTTask.exe" -atboottime]  =>Riskware.QuickTime
SUPPRIMÉ valeur: HKLM\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION\\Plus-HD-4.9-bg.exe [8000]  =>PUP.Optional.CrossRider


---\\  Récapitulatif des éléments trouvés sur votre station. (13)
https://www.nicolascoolman.info/2016/06/09/pirate-de-serveur-proxy-hijacker-proxy/  =>Hijacker.Proxy
http://www.nicolascoolman.fr/?p=677  =>PUP.Optional.BuzzItCorp
https://www.nicolascoolman.info/2016/04/22/heuristic-suspect/  =>Heuristic.Suspect
https://www.nicolascoolman.info/2016/04/21/riskware-quicktime/  =>Riskware.QuickTime
https://www.nicolascoolman.info/2016/06/01/pup-optional-yahoosearchprovided/  =>.Superfluous.YahooSearchProvided
http://www.nicolascoolman.fr/?p=175  =>PUP.Optional.IncrediBar
https://www.nicolascoolman.info/2016/04/30/pup-optional-crossrider/  =>PUP.Optional.CrossRider
http://www.nicolascoolman.fr/pup-systweak/  =>.Superfluous.Systweak
http://www.nicolascoolman.fr/?p=210  =>.Superfluous.Conduit
http://www.nicolascoolman.fr/?p=1688  =>PUP.Optional.SystemSpeedup
http://www.nicolascoolman.fr/?p=1255  =>.Superfluous.PCSpeedUp
http://www.nicolascoolman.fr/?p=305  =>PUP.Optional.SearchSettings
http://www.nicolascoolman.fr/?p=433  =>PUP.Optional.QuickShare


---\\  Nettoyage Additionnel. (13)
~ Suppression des Clés de registre Tracing. (13)
~ Suppression des anciens rapports ZHPCleaner. (0)


---\\ Bilan de la réparation
~ Réparation réalisée avec succès.
~ Ce navigateur est absent  (Google Chrome)


---\\ Statistiques
~ Items scannés : 500
~ Items trouvés : 0
~ Items annulés : 0
~ Items réparés : 34


~ End of clean in 00h01mn56s
~====================
ZHPCleaner-[R]-16072016-12_13_33.txt
ZHPCleaner-[S]-16072016-12_08_28.txt