Publicité
Publicité
Format du document : text/plain
Prévisualisation
~ ZHPCleaner v2017.2.12.26 by Nicolas Coolman (2017/02/12)
~ Run by Admin (Administrator) (13/02/2017 18:51:22)
~ Web: https://www.nicolascoolman.com
~ Blog: https://nicolascoolman.eu/
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Version OK
~ Type : Nettoyer
~ Report : C:\Users\Admin\Desktop\ZHPCleaner.txt
~ Quarantine : C:\Users\Admin\AppData\Roaming\ZHP\ZHPCleaner_Quarantine.txt
~ UAC : Deactivate
~ Boot Mode : Normal (Normal boot)
Windows 7 Professional, 32-bit Service Pack 1 (Build 7601)
---\\ Service. (1)
ARRETÉ : KingoSoftService =>PUP.Optional.Youndoo
---\\ Navigateur internet. (10)
SUPPRIMÉ: [bdcsbn63.default] - user_pref("browser.search.selectedEngine", "webssearches"); =>PUP.Optional.WebsSearches
REMPLACÉ Quicklaunch: C:\Users\Admin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\chrome.LNK [Bad : --load-extension="C:\Users\Admin\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk" http://qtipr.com/](.Google Inc..) =>Hijacker.Browser
REMPLACÉ Quicklaunch: C:\Users\Admin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk [Bad : --load-extension="C:\Users\Admin\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk" http://qtipr.com/](.Google Inc..) =>Hijacker.Browser
REMPLACÉ Quicklaunch: C:\Users\Admin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Internet Explorer.LNK [Bad : http://qtipr.com/](.Microsoft Corporation.) =>Hijacker.Browser
REMPLACÉ Quicklaunch: C:\Users\Admin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk [Bad : http://qtipr.com/](.Microsoft Corporation.) =>Hijacker.Browser
REMPLACÉ Quicklaunch: C:\Users\Admin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.LNK [Bad : http://qtipr.com/](.Mozilla Corporation.) =>Hijacker.Browser
REMPLACÉ TaskBar: C:\Users\Admin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\ff42i15r14e33f26o83x.lnk [Bad : http://qtipr.com/](.Mozilla Corporation.) =>Hijacker.Browser
REMPLACÉ TaskBar: C:\Users\Admin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk [Bad : --load-extension="C:\Users\Admin\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk" http://qtipr.com/](.Google Inc..) =>Hijacker.Browser
REMPLACÉ TaskBar: C:\Users\Admin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk [Bad : http://qtipr.com/](.Microsoft Corporation.) =>Hijacker.Browser
REMPLACÉ Startup\Programs: C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk [Bad : http://qtipr.com/](.Microsoft Corporation.) =>Hijacker.Browser
---\\ Fichier hôte. (1)
~ Le fichier hôte est légitime. (32)
---\\ Tâche planifiée. (1)
SUPPRIMÉ tâche: [Traffic Exchange v2 - 1] [C:\Program Files\Microleaves\Traffic Exchange\OnlineGuardian-v2.exe (Not File) ] =>.Superfluous.Microleaves
---\\ Explorateur ( Dossiers, Fichiers ). (20)
DEPLACÉ fichier: C:\Users\Admin\AppData\Roaming\inst.exe =>PUP.Optional.Pirrit
DEPLACÉ fichier: C:\Users\Admin\AppData\Local\Kingosoft\Kingo Root\update_54326\bin\KingoSoftService.exe =>PUP.Optional.Youndoo
DEPLACÉ fichier: C:\Program Files\Ralink\Common\RaMediaServer.exe =>PUP.Optional.Youndoo
DEPLACÉ fichier: C:\Windows\Installer\wix{15A0A9A6-6CF0-4EEE-8E12-096B33F92CA7}.SchedServiceConfig.rmi =>.Superfluous.Empty
DEPLACÉ fichier: C:\Windows\Installer\wix{9A629DCB-415D-4A50-85B9-5C2E4F8F74A8}.SchedServiceConfig.rmi =>.Superfluous.Empty
DEPLACÉ fichier: C:\Windows\Installer\wix{C74DCAC0-DDB3-4135-A70C-0553BF9490BC}.SchedServiceConfig.rmi =>.Superfluous.Empty
DEPLACÉ fichier: C:\ProgramData\InstallMate\{8F968BA1-1122-4D38-AFD3-59005475A957}\Setup.exe [Tarma Software Research Pty Ltd - InstallMate® Setup] =>.Superfluous.Tarma
DEPLACÉ fichier: C:\ProgramData\InstallMate\{8F968BA1-1122-4D38-AFD3-59005475A957}\TsuDll.dll [Tarma Software Research Pty Ltd - InstallMate® Setup Library] =>.Superfluous.Tarma
DEPLACÉ fichier: C:\ProgramData\InstallMate\{78F742A0-40F3-434D-A1A6-08D1A3146056}\Setup.exe [Tarma Software Research Pty Ltd - InstallMate® Setup] =>.Superfluous.Tarma
DEPLACÉ fichier^: C:\ProgramData\InstallMate\{78F742A0-40F3-434D-A1A6-08D1A3146056}\TsuDll.dll [Tarma Software Research Pty Ltd - InstallMate® Setup Library] =>.Superfluous.Tarma
DEPLACÉ fichier: C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_qtipr.com_0.localstorage =>Hijacker.Browser
DEPLACÉ fichier: C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_qtipr.com_0.localstorage-journal =>Hijacker.Browser
DEPLACÉ fichier: C:\Users\Admin\AppData\Local\Temp\mininewsrepair.exe [ - mininewsrepair] =>.Superfluous.Tencent
DEPLACÉ dossier: C:\Users\Admin\AppData\Local\UmmyVideoDownloader =>Adware¨Pirrit
DEPLACÉ dossier: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UmmyVideoDownloader =>Adware¨Pirrit
DEPLACÉ dossier: C:\ProgramData\InstallMate =>.Superfluous.Tarma
DEPLACÉ dossier: C:\Users\Admin\AppData\Local\CrashRpt =>.Superfluous.CrashReports
DEPLACÉ dossier: C:\Users\Invité\AppData\Local\Torch =>.Superfluous.Torch
DEPLACÉ dossier: C:\Program Files\QuickTime =>Riskware.QuickTime
DEPLACÉ dossier: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime =>Riskware.QuickTime
---\\ Base de Registres ( Clés, Valeurs, Données ). (32)
SUPPRIMÉ donnée: HKLM\SOFTWARE\Classes\IE.HTTP\Shell\Open\Command\\Default [Bad : [html] "C:\Program Files\Internet Explorer\iexplore.exe" %1] =>Broken.OpenCommand
SUPPRIMÉ clé*: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{E028DBDA-EEE7-48A0-ADF7-D250589A02C5}_is1 [UmmyVideoDownloader] =>Adware¨Pirrit
SUPPRIMÉ clé*: HKLM\SYSTEM\CurrentControlSet\Services\KingoSoftService [C:\Users\Admin\AppData\Local\Kingosoft\Kingo Root\update_54326\bin\KingoSoftService.exe (Not File)] =>PUP.Optional.Youndoo
SUPPRIMÉ clé*: HKLM\SYSTEM\CurrentControlSet\Services\RaMediaServer [C:\Program Files\Ralink\Common\RaMediaServer.exe (Not File)] =>PUP.Optional.Youndoo
SUPPRIMÉ clé*: HKEY_USERS\S-1-5-21-1076428414-641238508-383798790-1000\SOFTWARE\InstallMonster [] =>Adware.InstallMonster
SUPPRIMÉ clé*: HKEY_USERS\S-1-5-21-1076428414-641238508-383798790-1000\SOFTWARE\Magicbit [] =>.Superfluous.Magicbit
SUPPRIMÉ clé*: HKEY_USERS\S-1-5-21-1076428414-641238508-383798790-1000\SOFTWARE\Tencent [] =>.Superfluous.Tencent
SUPPRIMÉ clé*: HKEY_USERS\S-1-5-21-1076428414-641238508-383798790-1000\SOFTWARE\Classes\.APE [KuaiZipMount.ape] =>.Superfluous.ShanghaiGuangle
SUPPRIMÉ clé*: HKEY_USERS\S-1-5-21-1076428414-641238508-383798790-1000\SOFTWARE\Classes\.CUE [KuaiZipMount.cue] =>.Superfluous.ShanghaiGuangle
SUPPRIMÉ clé*: HKEY_USERS\S-1-5-21-1076428414-641238508-383798790-1000\SOFTWARE\Classes\.FLAC [KuaiZipMount.flac] =>.Superfluous.ShanghaiGuangle
SUPPRIMÉ clé*: HKEY_USERS\S-1-5-21-1076428414-641238508-383798790-1000\SOFTWARE\Classes\.JAR [KuaiZip.jar] =>.Superfluous.ShanghaiGuangle
SUPPRIMÉ clé*: HKEY_USERS\S-1-5-21-1076428414-641238508-383798790-1000\SOFTWARE\Classes\.WV [KuaiZipMount.wv] =>.Superfluous.ShanghaiGuangle
SUPPRIMÉ clé*: HKEY_USERS\.DEFAULT\Software\AppDataLow\Software\Apps Hat [] =>PUP.Optional.CrossRider
SUPPRIMÉ clé: HKCU\Software\InstallMonster [] =>Adware.InstallMonster
SUPPRIMÉ clé: HKCU\Software\Magicbit [] =>.Superfluous.Magicbit
SUPPRIMÉ clé: HKCU\Software\Tencent [] =>.Superfluous.Tencent
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{835D0908-6353-4D8E-894B-5F98C7A7D62} [C:\Program Files\Apps Hat (Not File)] =>PUP.Optional.CrossRider
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E640F1EB-CD7E-4640-BF89-21DBABC84653} [C:\Program Files\Apps Hat (Not File)] =>PUP.Optional.CrossRider
SUPPRIMÉ clé*: HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56} [secman] =>PUP.Optional.Camec
SUPPRIMÉ clé*: HKLM\SOFTWARE\Classes\TorntvDownloader [] =>PUP.Optional.TornTV
SUPPRIMÉ clé*: HKLM\SOFTWARE\Classes\CLSID\{903C0EDF-980B-D416-CEE3-573E640C7447} [NExxtCoup] =>PUP.Optional.NextCoup
SUPPRIMÉ clé*: HKLM\SOFTWARE\Classes\CLSID\{F69538B2-C4FC-24DA-F115-F9533C637E86} [pRicechop] =>PUP.Optional.PriceChop
SUPPRIMÉ clé*: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{92C1F287-B8A1-415C-B872-4000F57C055A} [Microleaves] =>.Superfluous.Microleaves
SUPPRIMÉ clé*: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} [Google Inc.] =>Heuristic.Suspect
SUPPRIMÉ clé*: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\029AB1D033707234FAD100A0EAB4A227 [C:\Program Files\Microleaves\Traffic Exchange\Traffic Exchange Updater.exe (Not File)] =>.Superfluous.Microleaves
SUPPRIMÉ valeur: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\QuickTime Task ["C:\Program Files\QuickTime\QTTask.exe" -atboottime] =>Riskware.QuickTime
SUPPRIMÉ valeur: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\{3D694A94-63BD-4771-AAEC-D7165CD9935A} [C:\program files\common files\tencent\qqdownload\132\bugreport_xf.exe] =>.Superfluous.Tencent
SUPPRIMÉ valeur: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\{50A7E6B5-DED0-487D-AC64-1AF01973F3D6} [C:\program files\common files\tencent\qqdownload\132\tencentdl.exe] =>.Superfluous.Tencent
SUPPRIMÉ valeur: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\{7F1A1BEB-901D-4200-91EE-4900AE3D02E1} [C:\program files\common files\tencent\qqdownload\132\tencentdl.exe] =>.Superfluous.Tencent
SUPPRIMÉ valeur: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\{DB2740DE-F85A-489B-A250-AE55EEED1FD6} [C:\program files\common files\tencent\qqdownload\132\bugreport_xf.exe] =>.Superfluous.Tencent
SUPPRIMÉ valeur: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\{4999AE02-CC42-4B55-B655-EC19A6D7B3A7} [C:\program files\common files\tencent\qqdownload\132\bugreport_xf.exe] =>.Superfluous.Tencent
SUPPRIMÉ valeur: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\{3AC27D6E-2AEF-4496-B235-C036DBC4BF4C} [C:\program files\common files\tencent\qqdownload\132\tencentdl.exe] =>.Superfluous.Tencent
---\\ Récapitulatif des éléments trouvés sur votre station. (22)
https://www.anti-malware.top/2016/06/18/superfluous-youndoo/ =>PUP.Optional.Youndoo
https://www.nicolascoolman.com/fr/hijacker-webssearches/ =>PUP.Optional.WebsSearches
https://nicolascoolman.eu/2017/02/02/hijacker-browser-2/ =>Hijacker.Browser
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.Superfluous.Microleaves
https://www.nicolascoolman.com/fr/pup-pirritsuggestor/ =>PUP.Optional.Pirrit
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.Superfluous.Empty
https://www.nicolascoolman.com/fr/pup-tarma/ =>.Superfluous.Tarma
https://www.nicolascoolman.com/fr/adware-tencentaddressbar/ =>.Superfluous.Tencent
https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>Adware¨Pirrit
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.Superfluous.CrashReports
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.Superfluous.Torch
https://nicolascoolman.eu/2017/01/15/riskware-quicktime/ =>Riskware.QuickTime
https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>Broken.OpenCommand
https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>Adware.InstallMonster
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.Superfluous.Magicbit
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.Superfluous.ShanghaiGuangle
https://www.anti-malware.top/2016/04/30/pup-optional-crossrider/ =>PUP.Optional.CrossRider
https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>PUP.Optional.Camec
https://www.nicolascoolman.com/fr/hijacker-torntv/ =>PUP.Optional.TornTV
https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>PUP.Optional.NextCoup
https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>PUP.Optional.PriceChop
https://nicolascoolman.eu/2017/01/28/heuristic-suspect/ =>Heuristic.Suspect
---\\ Nettoyage Additionnel. (10)
~ Suppression des Clés de registre Tracing. (10)
~ Suppression des anciens rapports ZHPCleaner. (0)
---\\ Bilan de la réparation
~ Réparation réalisée avec succès.
~ Le système a été redémarré.
---\\ Statistiques
~ Items scannés : 1970
~ Items trouvés : 0
~ Items annulés : 0
~ Items réparés : 65
~ End of clean in 00h00mn55s
~====================
ZHPCleaner-[R]-13022017-18_52_17.txt
ZHPCleaner-[S]-13022017-18_48_08.txt
~ Run by Admin (Administrator) (13/02/2017 18:51:22)
~ Web: https://www.nicolascoolman.com
~ Blog: https://nicolascoolman.eu/
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Version OK
~ Type : Nettoyer
~ Report : C:\Users\Admin\Desktop\ZHPCleaner.txt
~ Quarantine : C:\Users\Admin\AppData\Roaming\ZHP\ZHPCleaner_Quarantine.txt
~ UAC : Deactivate
~ Boot Mode : Normal (Normal boot)
Windows 7 Professional, 32-bit Service Pack 1 (Build 7601)
---\\ Service. (1)
ARRETÉ : KingoSoftService =>PUP.Optional.Youndoo
---\\ Navigateur internet. (10)
SUPPRIMÉ: [bdcsbn63.default] - user_pref("browser.search.selectedEngine", "webssearches"); =>PUP.Optional.WebsSearches
REMPLACÉ Quicklaunch: C:\Users\Admin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\chrome.LNK [Bad : --load-extension="C:\Users\Admin\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk" http://qtipr.com/](.Google Inc..) =>Hijacker.Browser
REMPLACÉ Quicklaunch: C:\Users\Admin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk [Bad : --load-extension="C:\Users\Admin\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk" http://qtipr.com/](.Google Inc..) =>Hijacker.Browser
REMPLACÉ Quicklaunch: C:\Users\Admin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Internet Explorer.LNK [Bad : http://qtipr.com/](.Microsoft Corporation.) =>Hijacker.Browser
REMPLACÉ Quicklaunch: C:\Users\Admin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk [Bad : http://qtipr.com/](.Microsoft Corporation.) =>Hijacker.Browser
REMPLACÉ Quicklaunch: C:\Users\Admin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.LNK [Bad : http://qtipr.com/](.Mozilla Corporation.) =>Hijacker.Browser
REMPLACÉ TaskBar: C:\Users\Admin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\ff42i15r14e33f26o83x.lnk [Bad : http://qtipr.com/](.Mozilla Corporation.) =>Hijacker.Browser
REMPLACÉ TaskBar: C:\Users\Admin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk [Bad : --load-extension="C:\Users\Admin\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk" http://qtipr.com/](.Google Inc..) =>Hijacker.Browser
REMPLACÉ TaskBar: C:\Users\Admin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk [Bad : http://qtipr.com/](.Microsoft Corporation.) =>Hijacker.Browser
REMPLACÉ Startup\Programs: C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk [Bad : http://qtipr.com/](.Microsoft Corporation.) =>Hijacker.Browser
---\\ Fichier hôte. (1)
~ Le fichier hôte est légitime. (32)
---\\ Tâche planifiée. (1)
SUPPRIMÉ tâche: [Traffic Exchange v2 - 1] [C:\Program Files\Microleaves\Traffic Exchange\OnlineGuardian-v2.exe (Not File) ] =>.Superfluous.Microleaves
---\\ Explorateur ( Dossiers, Fichiers ). (20)
DEPLACÉ fichier: C:\Users\Admin\AppData\Roaming\inst.exe =>PUP.Optional.Pirrit
DEPLACÉ fichier: C:\Users\Admin\AppData\Local\Kingosoft\Kingo Root\update_54326\bin\KingoSoftService.exe =>PUP.Optional.Youndoo
DEPLACÉ fichier: C:\Program Files\Ralink\Common\RaMediaServer.exe =>PUP.Optional.Youndoo
DEPLACÉ fichier: C:\Windows\Installer\wix{15A0A9A6-6CF0-4EEE-8E12-096B33F92CA7}.SchedServiceConfig.rmi =>.Superfluous.Empty
DEPLACÉ fichier: C:\Windows\Installer\wix{9A629DCB-415D-4A50-85B9-5C2E4F8F74A8}.SchedServiceConfig.rmi =>.Superfluous.Empty
DEPLACÉ fichier: C:\Windows\Installer\wix{C74DCAC0-DDB3-4135-A70C-0553BF9490BC}.SchedServiceConfig.rmi =>.Superfluous.Empty
DEPLACÉ fichier: C:\ProgramData\InstallMate\{8F968BA1-1122-4D38-AFD3-59005475A957}\Setup.exe [Tarma Software Research Pty Ltd - InstallMate® Setup] =>.Superfluous.Tarma
DEPLACÉ fichier: C:\ProgramData\InstallMate\{8F968BA1-1122-4D38-AFD3-59005475A957}\TsuDll.dll [Tarma Software Research Pty Ltd - InstallMate® Setup Library] =>.Superfluous.Tarma
DEPLACÉ fichier: C:\ProgramData\InstallMate\{78F742A0-40F3-434D-A1A6-08D1A3146056}\Setup.exe [Tarma Software Research Pty Ltd - InstallMate® Setup] =>.Superfluous.Tarma
DEPLACÉ fichier^: C:\ProgramData\InstallMate\{78F742A0-40F3-434D-A1A6-08D1A3146056}\TsuDll.dll [Tarma Software Research Pty Ltd - InstallMate® Setup Library] =>.Superfluous.Tarma
DEPLACÉ fichier: C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_qtipr.com_0.localstorage =>Hijacker.Browser
DEPLACÉ fichier: C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_qtipr.com_0.localstorage-journal =>Hijacker.Browser
DEPLACÉ fichier: C:\Users\Admin\AppData\Local\Temp\mininewsrepair.exe [ - mininewsrepair] =>.Superfluous.Tencent
DEPLACÉ dossier: C:\Users\Admin\AppData\Local\UmmyVideoDownloader =>Adware¨Pirrit
DEPLACÉ dossier: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UmmyVideoDownloader =>Adware¨Pirrit
DEPLACÉ dossier: C:\ProgramData\InstallMate =>.Superfluous.Tarma
DEPLACÉ dossier: C:\Users\Admin\AppData\Local\CrashRpt =>.Superfluous.CrashReports
DEPLACÉ dossier: C:\Users\Invité\AppData\Local\Torch =>.Superfluous.Torch
DEPLACÉ dossier: C:\Program Files\QuickTime =>Riskware.QuickTime
DEPLACÉ dossier: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime =>Riskware.QuickTime
---\\ Base de Registres ( Clés, Valeurs, Données ). (32)
SUPPRIMÉ donnée: HKLM\SOFTWARE\Classes\IE.HTTP\Shell\Open\Command\\Default [Bad : [html] "C:\Program Files\Internet Explorer\iexplore.exe" %1] =>Broken.OpenCommand
SUPPRIMÉ clé*: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{E028DBDA-EEE7-48A0-ADF7-D250589A02C5}_is1 [UmmyVideoDownloader] =>Adware¨Pirrit
SUPPRIMÉ clé*: HKLM\SYSTEM\CurrentControlSet\Services\KingoSoftService [C:\Users\Admin\AppData\Local\Kingosoft\Kingo Root\update_54326\bin\KingoSoftService.exe (Not File)] =>PUP.Optional.Youndoo
SUPPRIMÉ clé*: HKLM\SYSTEM\CurrentControlSet\Services\RaMediaServer [C:\Program Files\Ralink\Common\RaMediaServer.exe (Not File)] =>PUP.Optional.Youndoo
SUPPRIMÉ clé*: HKEY_USERS\S-1-5-21-1076428414-641238508-383798790-1000\SOFTWARE\InstallMonster [] =>Adware.InstallMonster
SUPPRIMÉ clé*: HKEY_USERS\S-1-5-21-1076428414-641238508-383798790-1000\SOFTWARE\Magicbit [] =>.Superfluous.Magicbit
SUPPRIMÉ clé*: HKEY_USERS\S-1-5-21-1076428414-641238508-383798790-1000\SOFTWARE\Tencent [] =>.Superfluous.Tencent
SUPPRIMÉ clé*: HKEY_USERS\S-1-5-21-1076428414-641238508-383798790-1000\SOFTWARE\Classes\.APE [KuaiZipMount.ape] =>.Superfluous.ShanghaiGuangle
SUPPRIMÉ clé*: HKEY_USERS\S-1-5-21-1076428414-641238508-383798790-1000\SOFTWARE\Classes\.CUE [KuaiZipMount.cue] =>.Superfluous.ShanghaiGuangle
SUPPRIMÉ clé*: HKEY_USERS\S-1-5-21-1076428414-641238508-383798790-1000\SOFTWARE\Classes\.FLAC [KuaiZipMount.flac] =>.Superfluous.ShanghaiGuangle
SUPPRIMÉ clé*: HKEY_USERS\S-1-5-21-1076428414-641238508-383798790-1000\SOFTWARE\Classes\.JAR [KuaiZip.jar] =>.Superfluous.ShanghaiGuangle
SUPPRIMÉ clé*: HKEY_USERS\S-1-5-21-1076428414-641238508-383798790-1000\SOFTWARE\Classes\.WV [KuaiZipMount.wv] =>.Superfluous.ShanghaiGuangle
SUPPRIMÉ clé*: HKEY_USERS\.DEFAULT\Software\AppDataLow\Software\Apps Hat [] =>PUP.Optional.CrossRider
SUPPRIMÉ clé: HKCU\Software\InstallMonster [] =>Adware.InstallMonster
SUPPRIMÉ clé: HKCU\Software\Magicbit [] =>.Superfluous.Magicbit
SUPPRIMÉ clé: HKCU\Software\Tencent [] =>.Superfluous.Tencent
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{835D0908-6353-4D8E-894B-5F98C7A7D62} [C:\Program Files\Apps Hat (Not File)] =>PUP.Optional.CrossRider
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E640F1EB-CD7E-4640-BF89-21DBABC84653} [C:\Program Files\Apps Hat (Not File)] =>PUP.Optional.CrossRider
SUPPRIMÉ clé*: HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56} [secman] =>PUP.Optional.Camec
SUPPRIMÉ clé*: HKLM\SOFTWARE\Classes\TorntvDownloader [] =>PUP.Optional.TornTV
SUPPRIMÉ clé*: HKLM\SOFTWARE\Classes\CLSID\{903C0EDF-980B-D416-CEE3-573E640C7447} [NExxtCoup] =>PUP.Optional.NextCoup
SUPPRIMÉ clé*: HKLM\SOFTWARE\Classes\CLSID\{F69538B2-C4FC-24DA-F115-F9533C637E86} [pRicechop] =>PUP.Optional.PriceChop
SUPPRIMÉ clé*: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{92C1F287-B8A1-415C-B872-4000F57C055A} [Microleaves] =>.Superfluous.Microleaves
SUPPRIMÉ clé*: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} [Google Inc.] =>Heuristic.Suspect
SUPPRIMÉ clé*: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\029AB1D033707234FAD100A0EAB4A227 [C:\Program Files\Microleaves\Traffic Exchange\Traffic Exchange Updater.exe (Not File)] =>.Superfluous.Microleaves
SUPPRIMÉ valeur: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\QuickTime Task ["C:\Program Files\QuickTime\QTTask.exe" -atboottime] =>Riskware.QuickTime
SUPPRIMÉ valeur: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\{3D694A94-63BD-4771-AAEC-D7165CD9935A} [C:\program files\common files\tencent\qqdownload\132\bugreport_xf.exe] =>.Superfluous.Tencent
SUPPRIMÉ valeur: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\{50A7E6B5-DED0-487D-AC64-1AF01973F3D6} [C:\program files\common files\tencent\qqdownload\132\tencentdl.exe] =>.Superfluous.Tencent
SUPPRIMÉ valeur: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\{7F1A1BEB-901D-4200-91EE-4900AE3D02E1} [C:\program files\common files\tencent\qqdownload\132\tencentdl.exe] =>.Superfluous.Tencent
SUPPRIMÉ valeur: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\{DB2740DE-F85A-489B-A250-AE55EEED1FD6} [C:\program files\common files\tencent\qqdownload\132\bugreport_xf.exe] =>.Superfluous.Tencent
SUPPRIMÉ valeur: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\{4999AE02-CC42-4B55-B655-EC19A6D7B3A7} [C:\program files\common files\tencent\qqdownload\132\bugreport_xf.exe] =>.Superfluous.Tencent
SUPPRIMÉ valeur: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\{3AC27D6E-2AEF-4496-B235-C036DBC4BF4C} [C:\program files\common files\tencent\qqdownload\132\tencentdl.exe] =>.Superfluous.Tencent
---\\ Récapitulatif des éléments trouvés sur votre station. (22)
https://www.anti-malware.top/2016/06/18/superfluous-youndoo/ =>PUP.Optional.Youndoo
https://www.nicolascoolman.com/fr/hijacker-webssearches/ =>PUP.Optional.WebsSearches
https://nicolascoolman.eu/2017/02/02/hijacker-browser-2/ =>Hijacker.Browser
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.Superfluous.Microleaves
https://www.nicolascoolman.com/fr/pup-pirritsuggestor/ =>PUP.Optional.Pirrit
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.Superfluous.Empty
https://www.nicolascoolman.com/fr/pup-tarma/ =>.Superfluous.Tarma
https://www.nicolascoolman.com/fr/adware-tencentaddressbar/ =>.Superfluous.Tencent
https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>Adware¨Pirrit
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.Superfluous.CrashReports
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.Superfluous.Torch
https://nicolascoolman.eu/2017/01/15/riskware-quicktime/ =>Riskware.QuickTime
https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>Broken.OpenCommand
https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>Adware.InstallMonster
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.Superfluous.Magicbit
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.Superfluous.ShanghaiGuangle
https://www.anti-malware.top/2016/04/30/pup-optional-crossrider/ =>PUP.Optional.CrossRider
https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>PUP.Optional.Camec
https://www.nicolascoolman.com/fr/hijacker-torntv/ =>PUP.Optional.TornTV
https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>PUP.Optional.NextCoup
https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>PUP.Optional.PriceChop
https://nicolascoolman.eu/2017/01/28/heuristic-suspect/ =>Heuristic.Suspect
---\\ Nettoyage Additionnel. (10)
~ Suppression des Clés de registre Tracing. (10)
~ Suppression des anciens rapports ZHPCleaner. (0)
---\\ Bilan de la réparation
~ Réparation réalisée avec succès.
~ Le système a été redémarré.
---\\ Statistiques
~ Items scannés : 1970
~ Items trouvés : 0
~ Items annulés : 0
~ Items réparés : 65
~ End of clean in 00h00mn55s
~====================
ZHPCleaner-[R]-13022017-18_52_17.txt
ZHPCleaner-[S]-13022017-18_48_08.txt