~ ZHPCleaner v2017.5.21.84 by Nicolas Coolman (2017/05/21) ~ Run by Gene (Administrator) (23/05/2017 12:05:26) ~ Web: https://www.nicolascoolman.com ~ Blog: https://nicolascoolman.eu/ ~ Facebook : https://www.facebook.com/nicolascoolman1 ~ State version : Version OK ~ Type : Scanner ~ Report : C:\Users\Gene\Desktop\ZHPCleaner.txt ~ Quarantine : C:\Users\Gene\AppData\Roaming\ZHP\ZHPCleaner_Reg.txt ~ UAC : Activate ~ Boot Mode : Normal (Normal boot) Windows 10 Pro, 64-bit (Build 14393) ---\\ Service. (3) [R] TROUVÉ : panda_url_filtering =>PUP.Optional.StartSearch [R] TROUVÉ : TheScreenSnapshotService =>PUP.Optional.ScreenSnapshot [R] TROUVÉ : panda_url_filtering =>.Superfluous.VisicomMedia ---\\ Navigateur internet. (3) TROUVÉ Google Chrome Preferences: "http://en.hao123.com/" =>PUP.Optional.Browser TROUVÉ Google Chrome Preferences: "http://fr.hao123.com/" =>PUP.Optional.Browser TROUVÉ Google Chrome Preferences: "http://uk.hao123.com/" =>PUP.Optional.Browser ---\\ Fichier hôte. (1) ~ Le fichier hôte est légitime. (92) ---\\ Tâche planifiée. (0) ~ Aucun élément malicieux ou superflu trouvé. ---\\ Explorateur ( Dossiers, Fichiers ). (34) TROUVÉ fichier: C:\Program Files\Panda Security URL Filtering\Panda_URL_Filteringb.exe [Visicom Media Inc. - Anti-phishing Domain Advisor (Powered by Pa] =>PUP.Optional.StartSearch TROUVÉ fichier: C:\Program Files\Panda Security URL Filtering\panda_url_filteringd.sys [Visicom Media Inc. - Visicom Media Anti-phishing Domain Advisor] =>PUP.Optional.StartSearch TROUVÉ fichier: C:\Program Files (x86)\ScreenSnapshotTool\1.1.0.11079\ScreenShotServ.exe [Copyright (C) 2015 - The Screen Snapshot Service] =>PUP.Optional.ScreenSnapshot TROUVÉ fichier: C:\Program Files\Panda Security URL Filtering\Panda_URL_Filteringb.exe [Visicom Media Inc. - Anti-phishing Domain Advisor (Powered by Pa] =>.Superfluous.VisicomMedia TROUVÉ fichier: C:\Program Files\Panda Security URL Filtering\panda_url_filteringd.sys [Visicom Media Inc. - Visicom Media Anti-phishing Domain Advisor] =>.Superfluous.VisicomMedia TROUVÉ fichier: C:\Windows\Installer\wix{6FE8A1DA-8CA6-4801-BF0F-0F2FED143FF4}.SchedServiceConfig.rmi =>.Superfluous.Empty TROUVÉ fichier: C:\Users\Gene\Downloads\ReimageRepair.exe [Reimage - Reimage Downloader] =>.Superfluous.ReimageRepair TROUVÉ fichier: C:\Users\Gene\AppData\Local\Temp\9E9C.tmp =>.Superfluous.Temporary.Empty TROUVÉ fichier: C:\Users\Gene\AppData\Local\Temp\A880.tmp =>.Superfluous.Temporary.Empty TROUVÉ fichier: C:\Users\Gene\AppData\Local\Temp\AA75.tmp =>.Superfluous.Temporary.Empty TROUVÉ fichier: C:\Users\Gene\AppData\Local\Temp\AD45.tmp =>.Superfluous.Temporary.Empty TROUVÉ fichier: C:\Users\Gene\AppData\Local\Temp\FXSTIFFDebugLogFile.txt =>.Superfluous.Temporary.Empty TROUVÉ fichier: C:\Users\Gene\AppData\Local\Temp\HCLauncher.log =>.Superfluous.Temporary.Empty TROUVÉ fichier: C:\Users\Gene\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_fr.hao123.com_0.localstorage =>PUP.Optional.Browser TROUVÉ fichier: C:\Users\Gene\AppData\Roaming\PDAppFlex =>.Superfluous.EmailFanatic TROUVÉ dossier: C:\Program Files (x86)\ScreenSnapshotTool\1.1.0.11079 =>PUP.Optional.ScreenSnapshot TROUVÉ dossier: C:\Program Files (x86)\ScreenSnapshotTool =>PUP.Optional.ScreenSnapshot TROUVÉ fichier: C:\ProgramData\panda_url_filtering\c.l =>PUP.Optional.StartSearch TROUVÉ fichier: C:\ProgramData\panda_url_filtering\catalog.list =>PUP.Optional.StartSearch TROUVÉ fichier: C:\ProgramData\panda_url_filtering\white.list =>PUP.Optional.StartSearch TROUVÉ fichier: C:\ProgramData\panda_url_filtering\white.list.old =>PUP.Optional.StartSearch TROUVÉ fichier: C:\ProgramData\panda_url_filtering\white.zip =>PUP.Optional.StartSearch TROUVÉ dossier: C:\ProgramData\panda_url_filtering\data =>PUP.Optional.StartSearch TROUVÉ dossier: C:\ProgramData\panda_url_filtering =>PUP.Optional.StartSearch TROUVÉ dossier: C:\WINDOWS\System32\config\systemprofile\AppData\Roaming\ScreenSnapshotTool\dump =>PUP.Optional.ScreenSnapshot TROUVÉ dossier: C:\WINDOWS\System32\config\systemprofile\AppData\Roaming\ScreenSnapshotTool =>PUP.Optional.ScreenSnapshot TROUVÉ dossier: C:\Users\Gene\AppData\Roaming\RHEng\6379E204FCB54D6DB44E577D57ADA361 =>.Superfluous.Conduit TROUVÉ dossier: C:\Users\Gene\AppData\Roaming\ScreenSnapshotTool\dump =>PUP.Optional.ScreenSnapshot TROUVÉ dossier: C:\Users\Gene\AppData\Roaming\RHEng =>.Superfluous.Conduit TROUVÉ dossier: C:\Users\Gene\AppData\Roaming\ScreenSnapshotTool =>PUP.Optional.ScreenSnapshot TROUVÉ dossier: C:\WINDOWS\SysWOW64\config\systemprofile\AppData\Roaming\ScreenSnapshotTool\dump =>PUP.Optional.ScreenSnapshot TROUVÉ dossier: C:\WINDOWS\SysWOW64\config\systemprofile\AppData\Roaming\ScreenSnapshotTool =>PUP.Optional.ScreenSnapshot TROUVÉ dossier: C:\Users\Gene\AppData\Local\Software =>PUP.Optional.Boxore TROUVÉ dossier: C:\Users\Gene\AppData\Roaming\RPEng =>PUP.Optional.Generic ---\\ Base de Registres ( Clés, Valeurs, Données ). (44) TROUVÉ clé: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} [http://www.delta-search.com/?q={searchTerms}&affID=119295&tt=300513_new&babsrc=SP_ss&mntrId=B8DB0026[...]] [Delta Search] =>.Superfluous.DeltaSearch TROUVÉ clé: HKLM\SYSTEM\CurrentControlSet\Services\panda_url_filtering [C:\Program Files\Panda Security URL Filtering\Panda_URL_Filteringb.exe](.Visicom Media Inc..) =>PUP.Optional.StartSearch TROUVÉ clé: HKLM\SYSTEM\CurrentControlSet\Services\panda_url_filteringd [C:\Program Files\Panda Security URL Filtering\panda_url_filteringd.sys](.Visicom Media Inc..) =>PUP.Optional.StartSearch TROUVÉ clé: HKLM\SYSTEM\CurrentControlSet\Services\TheScreenSnapshotService [C:\Program Files (x86)\ScreenSnapshotTool\1.1.0.11079\ScreenShotServ.exe](.Copyright (C) 2015.) =>PUP.Optional.ScreenSnapshot TROUVÉ clé: HKLM\SYSTEM\CurrentControlSet\Services\panda_url_filtering [C:\Program Files\Panda Security URL Filtering\Panda_URL_Filteringb.exe] =>.Superfluous.VisicomMedia TROUVÉ clé: HKLM\SYSTEM\CurrentControlSet\Services\panda_url_filteringd [C:\Program Files\Panda Security URL Filtering\panda_url_filteringd.sys] =>.Superfluous.VisicomMedia TROUVÉ clé: HKEY_USERS\S-1-5-21-171007930-3942400011-1246483341-1001\SOFTWARE\BabSolution [] =>PUP.Optional.BabSolution TROUVÉ clé: HKEY_USERS\S-1-5-21-171007930-3942400011-1246483341-1001\SOFTWARE\DataMngr [] =>PUP.Optional.Datamngr TROUVÉ clé: HKEY_USERS\S-1-5-21-171007930-3942400011-1246483341-1001\SOFTWARE\DataMngr_Toolbar [] =>Adware.Bandoo TROUVÉ clé: HKCU\Software\BabSolution [] =>PUP.Optional.BabSolution TROUVÉ clé: HKCU\Software\DataMngr [] =>PUP.Optional.Datamngr TROUVÉ clé: HKCU\Software\DataMngr_Toolbar [] =>Adware.Bandoo TROUVÉ clé: HKCU\Software\TeleCharger [] =>.Superfluous.Downloader TROUVÉ clé: HKLM\SOFTWARE\pandasecuritytb [] =>.Superfluous.VisicomMedia TROUVÉ clé: [X64] HKLM\SOFTWARE\Classes\Prod.cap [] =>PUP.Optional.ClaroSearch TROUVÉ clé: [X64] HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3} [] =>.Superfluous.DeltaSearch TROUVÉ clé: [X64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataContainer [DataContainer Class] =>PUP.Optional.LavasoftWebCompanion TROUVÉ clé: [X64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataContainer.1 [DataContainer Class] =>PUP.Optional.LavasoftWebCompanion TROUVÉ clé: [X64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataController [DataController Class] =>PUP.Optional.LavasoftWebCompanion TROUVÉ clé: [X64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataController.1 [DataController Class] =>PUP.Optional.LavasoftWebCompanion TROUVÉ clé: [X64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTable [DataTable Class] =>PUP.Optional.LavasoftWebCompanion TROUVÉ clé: [X64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTable.1 [DataTable Class] =>PUP.Optional.LavasoftWebCompanion TROUVÉ clé: [X64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableFields [DataTableFields Class] =>PUP.Optional.LavasoftWebCompanion TROUVÉ clé: [X64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableFields.1 [DataTableFields Class] =>PUP.Optional.LavasoftWebCompanion TROUVÉ clé: [X64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableHolder [DataTableHolder Class] =>PUP.Optional.LavasoftWebCompanion TROUVÉ clé: [X64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableHolder.1 [DataTableHolder Class] =>PUP.Optional.LavasoftWebCompanion TROUVÉ clé: [X64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.LSPLogic [LSPLogic Class] =>PUP.Optional.LavasoftWebCompanion TROUVÉ clé: [X64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.LSPLogic.1 [LSPLogic Class] =>PUP.Optional.LavasoftWebCompanion TROUVÉ clé: [X64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.ReadOnlyManager [ReadOnlyManager Class] =>PUP.Optional.LavasoftWebCompanion TROUVÉ clé: [X64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.ReadOnlyManager.1 [ReadOnlyManager Class] =>PUP.Optional.LavasoftWebCompanion TROUVÉ clé: [X64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.WFPController [WFPController Class] =>PUP.Optional.LavasoftWebCompanion TROUVÉ clé: [X64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.WFPController.1 [WFPController Class] =>PUP.Optional.LavasoftWebCompanion TROUVÉ clé: HKLM\SYSTEM\CurrentControlSet\Services\panda_url_filtering [] =>PUP.Optional.StartSearch TROUVÉ clé: HKLM\SYSTEM\CurrentControlSet\Services\panda_url_filteringd [] =>PUP.Optional.StartSearch TROUVÉ clé: HKLM\SYSTEM\CurrentControlSet\Services\TheScreenSnapshotService [] =>PUP.Optional.ScreenSnapshot TROUVÉ clé: [X64] HKLM\SOFTWARE\DtsEncodeTools [] =>PUP.Optional.WeatherTool TROUVÉ clé: [X64] HKLM\SOFTWARE\panda_url_filtering [] =>PUP.Optional.StartSearch TROUVÉ clé: [X64] HKLM\SOFTWARE\ScreenSnapshotTool [] =>PUP.Optional.ScreenSnapshot TROUVÉ clé: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{61FFE1F9-137D-4c31-A181-3415FCAA5946} [qiusheng xie] =>PUP.Optional.ScreenSnapshot TROUVÉ clé: [X64] HKLM\SOFTWARE\Wow6432Node\Babylon [] =>Adware.Babylon TROUVÉ clé: [X64] HKLM\SOFTWARE\Wow6432Node\DataMngr [] =>PUP.Optional.Datamngr TROUVÉ clé: [X64] HKLM\SOFTWARE\Wow6432Node\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3} [] =>.Superfluous.DeltaSearch TROUVÉ clé: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\pandasecuritytb [Panda Security and Visicom Media Inc.] =>.Superfluous.VisicomMedia TROUVÉ clé: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} [Google Inc.] =>Heuristic.Suspect ---\\ Récapitulatif des éléments trouvés sur votre station. (21) https://www.nicolascoolman.com/fr/pup-optional-startsearch/ =>PUP.Optional.StartSearch https://www.anti-malware.top/2016/06/21/conseils-logiciel-publicitaire-screensnapshot/ =>PUP.Optional.ScreenSnapshot https://nicolascoolman.eu/2017/03/18/superfluous-visicommedia/ =>.Superfluous.VisicomMedia https://nicolascoolman.eu/2017/01/26/hijacker-browser/ =>PUP.Optional.Browser https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.Superfluous.Empty https://nicolascoolman.eu/2017/01/27/superfluous-reimagerepair/ =>.Superfluous.ReimageRepair https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.Superfluous.Temporary.Empty https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.Superfluous.EmailFanatic https://nicolascoolman.eu/2017/02/06/superfluous-conduit/ =>.Superfluous.Conduit https://nicolascoolman.eu/2017/03/14/pup-optional-boxore/ =>PUP.Optional.Boxore https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>PUP.Optional.Generic https://www.nicolascoolman.com/fr/toolbar-deltasearch/ =>.Superfluous.DeltaSearch https://www.nicolascoolman.com/fr/hijacker-babsolution/ =>PUP.Optional.BabSolution https://www.nicolascoolman.com/fr/pup-datamngr/ =>PUP.Optional.Datamngr https://nicolascoolman.eu/2017/02/23/adware-bandoo/ =>Adware.Bandoo https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.Superfluous.Downloader https://www.nicolascoolman.com/fr/pup-clarosearch/ =>PUP.Optional.ClaroSearch https://nicolascoolman.eu/2017/03/12/superfluous-lavasoftwebcompanion/ =>PUP.Optional.LavasoftWebCompanion https://www.nicolascoolman.com/fr/pup-optional-weathertool =>PUP.Optional.WeatherTool https://nicolascoolman.eu/2017/03/03/adware-babylon/ =>Adware.Babylon https://nicolascoolman.eu/2017/01/28/heuristic-suspect/ =>Heuristic.Suspect ---\\ Bilan de la réparation ~ Aucune réparation effectuée. ---\\ Statistiques ~ Items scannés : 97017 ~ Items trouvés : 98 ~ Items annulés : 0 ~ Items réparés : 0 ~ End of search in 00h07mn22s ~==================== ZHPCleaner-[S]-23052017-12_12_48.txt