Format du document : text/plain
Prévisualisation
~ ZHPCleaner v2017.6.15.99 by Nicolas Coolman (2017/06/15)
~ Run by thibault (Administrator) (16/06/2017 19:15:53)
~ Web: https://www.nicolascoolman.com
~ Blog: https://nicolascoolman.eu/
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Version KO
~ Certificate: Legal
~ Type : Nettoyer
~ Report : C:\Users\thibault\Desktop\ZHPCleaner.txt
~ Quarantine : C:\Users\thibault\AppData\Roaming\ZHP\ZHPCleaner_Reg.txt
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
Windows 10 Home, 64-bit (Build 15063)
---\\ Service. (1)
ARRETÉ : MustangService_2015_10_10 =>.Superfluous.MustangBrowser
---\\ Navigateur internet. (5)
REMPLACÉ IE Params: HKLM64\SOFTWARE\Microsoft\Internet Explorer\MAIN\\Default_Page_URL [http://www.istartsurf.com/?type=hp&ts=1442474568&z=c41fd8028e9c4f43236f171e2964f[...]] =>PUP.Optional.IsStart
REMPLACÉ IE Params: HKLM64\SOFTWARE\Microsoft\Internet Explorer\MAIN\\Default_Search_URL [http://www.istartsurf.com/web/?type=ds&ts=1442474568&z=c41fd8028e9c4f43236f171e2[...]] =>PUP.Optional.IsStart
REMPLACÉ IE Params: HKLM64\SOFTWARE\Microsoft\Internet Explorer\MAIN\\Search Page [http://www.istartsurf.com/web/?type=ds&ts=1442474568&z=c41fd8028e9c4f43236f171e2[...]] =>PUP.Optional.IsStart
SUPPRIMÉ donnée: HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings [Bad : Port=50073 <-Loopback>] =>Hijacker.Proxy
SUPPRIMÉ donnée: HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings [Bad : Port=50073 <-Loopback>] =>Hijacker.Proxy
---\\ Fichier hôte. (1)
~ Le fichier hôte est légitime. (60)
---\\ Tâche planifiée. (0)
~ Aucun élément malicieux ou superflu trouvé.
---\\ Explorateur ( Dossiers, Fichiers ). (82)
DEPLACÉ fichier: C:\ProgramData\TempMoudleSet\MustangSer1042.exe [MustangService - ] =>.Superfluous.MustangBrowser
DEPLACÉ fichier: C:\ProgramData\JAUpWW\puleVI.exe [Irrational Number Applications - WebShield Service] =>PUP.Optional.WebShield
DEPLACÉ fichier: C:\END =>.Superfluous.Conduit
DEPLACÉ fichier: C:\Windows\Prefetch\PERFORMANCEOPTIMIZER.EXE-0D5E8F18.pf =>Adware.BProtector
DEPLACÉ fichier: C:\Windows\Installer\wix{3DE97849-544D-4D68-9255-11DF6F9F10D8}.SchedServiceConfig.rmi =>.Superfluous.Empty
DEPLACÉ fichier: C:\Windows\Installer\MSI19AB.tmp =>.Superfluous.MSIInstaller
DEPLACÉ fichier: C:\Windows\Installer\MSI96AE.tmp =>.Superfluous.MSIInstaller
DEPLACÉ fichier: C:\Windows\Installer\MSIFFB7.tmp [TODO: <公司名> - IFilter] =>.Superfluous.MSIInstaller
DEPLACÉ fichier: C:\ProgramData\JAUpWW\dat\HFgbknFsZ.exe [Irrational Number Applications - WebShield] =>PUP.Optional.WebShield
DEPLACÉ fichier: C:\ProgramData\JAUpWW\dat\otEflgPkUb.exe [Irrational Number Applications - WebShield] =>PUP.Optional.WebShield
DEPLACÉ fichier: C:\Users\thibault\AppData\Local\Temp\CFG8F39.tmp =>.Superfluous.Temporary.Empty
DEPLACÉ fichier^: C:\Users\thibault\AppData\Local\Temp\ClamWin1.log =>.Superfluous.Temporary.Empty
DEPLACÉ fichier: C:\Users\thibault\AppData\Local\Temp\ClamWin2.log =>.Superfluous.Temporary.Empty
DEPLACÉ fichier: C:\Users\thibault\AppData\Local\Temp\ClamWin3.log =>.Superfluous.Temporary.Empty
DEPLACÉ fichier: C:\Users\thibault\AppData\Local\Temp\ClamWin4.log =>.Superfluous.Temporary.Empty
DEPLACÉ fichier: C:\Users\thibault\AppData\Local\Temp\ClamWin_CheckVer_Info =>.Superfluous.Temporary.Empty
DEPLACÉ fichier: C:\Users\thibault\AppData\Local\Temp\ClamWin_CheckVer_Time =>.Superfluous.Temporary.Empty
DEPLACÉ fichier: C:\Users\thibault\AppData\Local\Temp\foxD716.tmp =>.Superfluous.Temporary.Empty
DEPLACÉ fichier: C:\Users\thibault\AppData\Local\Temp\Linda P.bmp =>.Superfluous.Temporary.Empty
DEPLACÉ fichier: C:\Users\thibault\AppData\Local\Temp\Pokki-2017-06-16.log =>.Superfluous.Temporary.Empty
DEPLACÉ fichier: C:\Users\thibault\AppData\Local\Temp\sa.9NBLGGH1ZRPV_0_0010_.Public.InstallAgent.dat =>.Superfluous.Temporary.Empty
DEPLACÉ fichier: C:\Users\thibault\AppData\Local\Temp\sa.9NBLGGH33ZDV_0_0010_.Public.InstallAgent.dat =>.Superfluous.Temporary.Empty
DEPLACÉ fichier: C:\Users\thibault\AppData\Local\Temp\sa.9WZDNCRCWFTB_0_0010_.Public.InstallAgent.dat =>.Superfluous.Temporary.Empty
DEPLACÉ fichier: C:\Users\thibault\AppData\Local\Temp\sa.9WZDNCRCWFTB_0__.Public.InstallAgent.dat =>.Superfluous.Temporary.Empty
DEPLACÉ fichier: C:\Users\thibault\AppData\Local\Temp\sa.9WZDNCRDMPT6_0_0010_.Public.InstallAgent.dat =>.Superfluous.Temporary.Empty
DEPLACÉ fichier: C:\Users\thibault\AppData\Local\Temp\sa.9WZDNCRDMPT6_0__.Public.InstallAgent.dat =>.Superfluous.Temporary.Empty
DEPLACÉ fichier: C:\Users\thibault\AppData\Local\Temp\sa.9WZDNCRFJ140_0_0010_.Public.InstallAgent.dat =>.Superfluous.Temporary.Empty
DEPLACÉ fichier: C:\Users\thibault\AppData\Local\Temp\sa.9WZDNCRFJ140_0__.Public.InstallAgent.dat =>.Superfluous.Temporary.Empty
DEPLACÉ fichier: C:\Users\thibault\AppData\Local\Temp\thibault.bmp =>.Superfluous.Temporary.Empty
DEPLACÉ fichier: C:\Users\thibault\AppData\Local\Temp\wmsetup.log =>.Superfluous.Temporary.Empty
DEPLACÉ fichier: C:\Users\thibault\AppData\Local\Temp\you794E.tmp =>.Superfluous.Temporary.Empty
DEPLACÉ fichier: C:\Users\thibault\AppData\Local\Temp\_iu14D2N.tmp [ - Setup/Uninstall] =>.Superfluous.Temporary.Empty
DEPLACÉ dossier: C:\Program Files (x86)\CinemaPlus-4.2vV25.08 =>Adware.CrossRider
DEPLACÉ dossier: C:\Program Files (x86)\MaxDrivrUpdater =>.Superfluous.MaxDriverUpdater
DEPLACÉ dossier: C:\Program Files (x86)\MaxDrivrUpdater_v62.2282 =>.Superfluous.MaxDriverUpdater
DEPLACÉ dossier: C:\Program Files (x86)\ODBCMAES =>.Superfluous.Empty
DEPLACÉ dossier: C:\WebShield =>PUP.Optional.WebShield
DEPLACÉ dossier: C:\Program Files (x86)\Common Files\Uninstall Files =>PUP.Optional.UniSales
DEPLACÉ dossier: C:\ProgramData\Browser =>.Superfluous.SpeedBrowser
DEPLACÉ dossier: C:\ProgramData\Pokki =>.Superfluous.SweetLabs
DEPLACÉ dossier: C:\ProgramData\WebShield =>PUP.Optional.WebShield
DEPLACÉ dossier: C:\ProgramData\TempMoudleSet =>.Superfluous.MustangBrowser
DEPLACÉ dossier: C:\Users\thibault\AppData\Roaming\csdimedia =>.Superfluous.CSDI
DEPLACÉ dossier: C:\Users\thibault\AppData\Local\Pokki =>.Superfluous.SweetLabs
DEPLACÉ dossier: C:\Users\thibault\AppData\Local\Temp\MAXDriverUpdater =>.Superfluous.MaxDriverUpdater
DEPLACÉ dossier: C:\Users\Default\AppData\Local\Pokki =>.Superfluous.SweetLabs
DEPLACÉ dossier: C:\Users\Default User\AppData\Local\Pokki =>.Superfluous.SweetLabs
DEPLACÉ dossier: C:\WINDOWS\Installer\MSI2287.tmp- =>.Superfluous.Empty
DEPLACÉ dossier: C:\WINDOWS\Installer\MSI23B6.tmp- =>.Superfluous.Empty
DEPLACÉ dossier: C:\WINDOWS\Installer\MSI245D.tmp- =>.Superfluous.Empty
DEPLACÉ dossier: C:\WINDOWS\Installer\MSI265B.tmp- =>.Superfluous.Empty
DEPLACÉ dossier: C:\WINDOWS\Installer\MSI26FF.tmp- =>.Superfluous.Empty
DEPLACÉ dossier: C:\WINDOWS\Installer\MSI39B4.tmp- =>.Superfluous.Empty
DEPLACÉ dossier: C:\WINDOWS\Installer\MSI3E95.tmp- =>.Superfluous.Empty
DEPLACÉ dossier: C:\WINDOWS\Installer\MSI4262.tmp- =>.Superfluous.Empty
DEPLACÉ dossier: C:\WINDOWS\Installer\MSI47D6.tmp- =>.Superfluous.Empty
DEPLACÉ dossier: C:\WINDOWS\Installer\MSI56E1.tmp- =>.Superfluous.Empty
DEPLACÉ dossier: C:\WINDOWS\Installer\MSI5EF4.tmp- =>.Superfluous.Empty
DEPLACÉ dossier: C:\WINDOWS\Installer\MSI6C5C.tmp- =>.Superfluous.Empty
DEPLACÉ dossier: C:\WINDOWS\Installer\MSI79DD.tmp- =>.Superfluous.Empty
DEPLACÉ dossier: C:\WINDOWS\Installer\MSI7C18.tmp- =>.Superfluous.Empty
DEPLACÉ dossier: C:\WINDOWS\Installer\MSI8959.tmp- =>.Superfluous.Empty
DEPLACÉ dossier: C:\WINDOWS\Installer\MSI8988.tmp- =>.Superfluous.Empty
DEPLACÉ dossier: C:\WINDOWS\Installer\MSI8F0A.tmp- =>.Superfluous.Empty
DEPLACÉ dossier: C:\WINDOWS\Installer\MSIA20.tmp- =>.Superfluous.Empty
DEPLACÉ dossier: C:\WINDOWS\Installer\MSIA254.tmp- =>.Superfluous.Empty
DEPLACÉ dossier: C:\WINDOWS\Installer\MSIAAB.tmp- =>.Superfluous.Empty
DEPLACÉ dossier: C:\WINDOWS\Installer\MSIAF34.tmp- =>.Superfluous.Empty
DEPLACÉ dossier: C:\WINDOWS\Installer\MSIB0DE.tmp- =>.Superfluous.Empty
DEPLACÉ dossier: C:\WINDOWS\Installer\MSIBE98.tmp- =>.Superfluous.Empty
DEPLACÉ dossier: C:\WINDOWS\Installer\MSIC254.tmp- =>.Superfluous.Empty
DEPLACÉ dossier: C:\WINDOWS\Installer\MSIC47.tmp- =>.Superfluous.Empty
DEPLACÉ dossier: C:\WINDOWS\Installer\MSICADD.tmp- =>.Superfluous.Empty
DEPLACÉ dossier: C:\WINDOWS\Installer\MSID0A9.tmp- =>.Superfluous.Empty
DEPLACÉ dossier: C:\WINDOWS\Installer\MSIDFE4.tmp- =>.Superfluous.Empty
DEPLACÉ dossier: C:\WINDOWS\Installer\MSIE4F4.tmp- =>.Superfluous.Empty
DEPLACÉ dossier: C:\WINDOWS\Installer\MSIEF49.tmp- =>.Superfluous.Empty
DEPLACÉ dossier: C:\WINDOWS\Installer\MSIF227.tmp- =>.Superfluous.Empty
DEPLACÉ dossier: C:\WINDOWS\Installer\MSIF402.tmp- =>.Superfluous.Empty
DEPLACÉ dossier: C:\WINDOWS\Installer\MSIFA88.tmp- =>.Superfluous.Empty
DEPLACÉ dossier: C:\WINDOWS\Installer\MSIFD9.tmp- =>.Superfluous.Empty
DEPLACÉ dossier: C:\WINDOWS\Installer\MSIFFB6.tmp- =>.Superfluous.Empty
---\\ Base de Registres ( Clés, Valeurs, Données ). (33)
SUPPRIMÉ clé: [X64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} [http://www.istartsurf.com/web/?type=ds&ts=1442474568&z=c41fd8028e9c4f43236f171e2964f5c1gzzozmzwqb&fr[...]] [istartsurf] =>PUP.Optional.IsStart
SUPPRIMÉ clé: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} [http://www.istartsurf.com/web/?type=ds&ts=1442474568&z=c41fd8028e9c4f43236f171e2964f5c1gzzozmzwqb&fr[...]] [istartsurf] =>PUP.Optional.IsStart
SUPPRIMÉ clé: [X64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} [http://www.istartsurf.com/web/?type=ds&ts=1442474568&z=c41fd8028e9c4f43236f171e2964f5c1gzzozmzwqb&from=tugs&uid=wdcxwd10jpvx-22jc3t0_wd-wx81ab4f17a2f17a2&q={searchTerms}] =>PUP.Optional.IsStart
SUPPRIMÉ clé: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} [http://www.istartsurf.com/web/?type=ds&ts=1442474568&z=c41fd8028e9c4f43236f171e2964f5c1gzzozmzwqb&from=tugs&uid=wdcxwd10jpvx-22jc3t0_wd-wx81ab4f17a2f17a2&q={searchTerms}] =>PUP.Optional.IsStart
SUPPRIMÉ clé*: HKLM\SYSTEM\CurrentControlSet\Services\MustangService_2015_10_10 [C:\ProgramData\TempMoudleSet\MustangSer1042.exe (Not File)] =>.Superfluous.MustangBrowser
SUPPRIMÉ clé*: HKLM\SYSTEM\CurrentControlSet\Services\puleVI [C:\ProgramData\JAUpWW\puleVI.exe (Not File)] =>PUP.Optional.WebShield
SUPPRIMÉ clé*: HKEY_USERS\S-1-5-21-1520791508-2612296529-3449326455-1005\SOFTWARE\Pokki [] =>.Superfluous.SweetLabs
SUPPRIMÉ clé: HKCU\Software\Pokki [] =>.Superfluous.SweetLabs
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Pokki [Pokki] =>.Superfluous.SweetLabs
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\protector_dll.Protector [Protector Class] =>Adware.BProtector
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\protector_dll.Protector.1 [Protector Class] =>Adware.BProtector
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\protector_dll.ProtectorLib [ProtectorLib Class] =>Adware.BProtector
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\protector_dll.ProtectorLib.1 [ProtectorLib Class] =>Adware.BProtector
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\ArenaHD [] =>Adware.CrossRider
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\HighDefAction [] =>Adware.CrossRider
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\InstalledBrowserExtensions [] =>PUP.Optional.BrowserExtensions
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\YorkNewCin [] =>Adware.CrossRider
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\ArenaHD [] =>Adware.CrossRider
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\CinemaPlus-4.2vV25.08 [] =>Adware.CrossRider
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\GlobalUpdate [] =>PUP.Optional.GlobalUpdate
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\HighDefAction [] =>Adware.CrossRider
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\ihpmserver [] =>Adware.CrossRider
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\InstalledBrowserExtensions [] =>PUP.Optional.BrowserExtensions
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\istartsurfSoftware [] =>PUP.Optional.IsStart
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\MaxDrivrUpdater [] =>.Superfluous.MaxDriverUpdater
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\RayDld [] =>Adware.CrossRider
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\SpeedBrowser [] =>.Superfluous.SpeedBrowser
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\YorkNewCin [] =>Adware.CrossRider
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\WebShield [Irrational Number Applications] =>PUP.Optional.WebShield
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\zz.2282.mdu [CSDI] =>.Superfluous.CSDI
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\PerformanceOptimizer_RASAPI32 [] =>Adware.BProtector
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\PerformanceOptimizer_RASMANCS [] =>Adware.BProtector
SUPPRIMÉ valeur: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\{44A46850-E603-49CC-9DD9-2AD79E96A5C5} [C:\Program Files (x86)\Max Driver Updater\maxdu.exe] =>.Superfluous.MaxDriverUpdater
---\\ Récapitulatif des éléments trouvés sur votre station. (17)
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.Superfluous.MustangBrowser
https://www.nicolascoolman.com/fr/pup-isstart/ =>PUP.Optional.IsStart
https://nicolascoolman.eu/2017/04/03/hijacker-proxy/ =>Hijacker.Proxy
https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>PUP.Optional.WebShield
https://nicolascoolman.eu/2017/02/06/superfluous-conduit/ =>.Superfluous.Conduit
https://nicolascoolman.eu/2017/04/12/adware-bprotector/ =>Adware.BProtector
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.Superfluous.Empty
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.Superfluous.MSIInstaller
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.Superfluous.Temporary.Empty
https://nicolascoolman.eu/2017/03/11/pup-optional-crossrider/ =>Adware.CrossRider
https://www.anti-malware.top/2016/05/07/superfluous-maxdriverupdater/ =>.Superfluous.MaxDriverUpdater
https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>PUP.Optional.UniSales
https://www.anti-malware.top/2016/07/28/superfluousspeedbrowser/ =>.Superfluous.SpeedBrowser
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.Superfluous.SweetLabs
https://www.anti-malware.top/2016/05/03/superfluous-csdi/ =>.Superfluous.CSDI
https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>PUP.Optional.BrowserExtensions
https://www.nicolascoolman.com/fr/pup-globalupdate/ =>PUP.Optional.GlobalUpdate
---\\ Nettoyage Additionnel. (16)
~ Suppression des Clés de registre Tracing. (16)
~ Suppression des anciens rapports ZHPCleaner. (0)
---\\ Bilan de la réparation
~ Réparation réalisée avec succès.
~ Ce navigateur est absent (Google Chrome)
~ Ce navigateur est absent (Opera Software)
~ Le système a été redémarré.
---\\ Statistiques
~ Items scannés : 754
~ Items trouvés : 0
~ Items annulés : 0
~ Items réparés : 122
~ End of clean in 00h01mn17s
~====================
ZHPCleaner-[R]-16062017-19_17_10.txt
ZHPCleaner-[S]-16062017-19_13_28.txt