Publicité
Publicité
Format du document : text/plain
Prévisualisation
~ ZHPCleaner v2017.6.17.100 by Nicolas Coolman (2017/06/17)
~ Run by CHIHEB (Administrator) (21/06/2017 03:17:02)
~ Web: https://www.nicolascoolman.com
~ Blog: https://nicolascoolman.eu/
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Version OK
~ Certificate ZHPCleaner: Legal
~ Type : Nettoyer
~ Report : C:\Users\CHIHEB\Desktop\ZHPCleaner.txt
~ Quarantine : C:\Users\CHIHEB\AppData\Roaming\ZHP\ZHPCleaner_Reg.txt
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
Windows 7 Ultimate, 64-bit Service Pack 1 (Build 7601)
---\\ Service. (0)
---\\ Navigateur internet. (13)
REMPLACÉ Google Chrome Preferences: "https://feed.helperbar.com/" =>PUP.Optional.HelperBar
SUPPRIMÉ donnée: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\\AutoConfigUrl [Bad : http://webunstop.org/wpad.dat?625c81e14455a3b90eb599b59cf4525333055214] =>Hijacker.Proxy
REMPLACÉ Quicklaunch: C:\Users\CHIHEB\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Avast SafeZone Browser.lnk [Bad : https://launchpage.org/?uid=oTlCBGjcgx0cXuv%2BKehtq3%2BBGtHnDk0Jbf7SydBPa3phiz%2B9fLLALBof0ih%2FBicrG5A%3D](.Avast Software.) =>Hijacker.Browser
REMPLACÉ Quicklaunch: C:\Users\CHIHEB\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk [Bad : https://launchpage.org/?uid=oTlCBGjcgx0cXuv%2BKehtq3%2BBGtHnDk0Jbf7SydBPa3phiz%2B9fLLALBof0ih%2FBicrG5A%3D](.Microsoft Corporation.) =>PUP.Optional.Salus
REMPLACÉ Quicklaunch: C:\Users\CHIHEB\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk [Bad : https://launchpage.org/?uid=oTlCBGjcgx0cXuv%2BKehtq3%2BBGtHnDk0Jbf7SydBPa3phiz%2B9fLLALBof0ih%2FBicrG5A%3D](.Microsoft Corporation.) =>Hijacker.Browser
REMPLACÉ TaskBar: C:\Users\CHIHEB\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk [Bad : https://launchpage.org/?uid=oTlCBGjcgx0cXuv%2BKehtq3%2BBGtHnDk0Jbf7SydBPa3phiz%2B9fLLALBof0ih%2FBicrG5A%3D](.Mozilla Corporation.) =>Hijacker.Browser
REMPLACÉ Startup\Programs: C:\Users\CHIHEB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk [Bad : https://launchpage.org/?uid=oTlCBGjcgx0cXuv%2BKehtq3%2BBGtHnDk0Jbf7SydBPa3phiz%2B9fLLALBof0ih%2FBicrG5A%3D](.Microsoft Corporation.) =>PUP.Optional.Salus
REMPLACÉ Startup\Programs: C:\Users\CHIHEB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk [Bad : https://launchpage.org/?uid=oTlCBGjcgx0cXuv%2BKehtq3%2BBGtHnDk0Jbf7SydBPa3phiz%2B9fLLALBof0ih%2FBicrG5A%3D](.Microsoft Corporation.) =>Hijacker.Browser
REMPLACÉ Desktop: C:\Users\Public\Desktop\Avast SafeZone Browser.lnk [Bad : https://launchpage.org/?uid=oTlCBGjcgx0cXuv%2BKehtq3%2BBGtHnDk0Jbf7SydBPa3phiz%2B9fLLALBof0ih%2FBicrG5A%3D](.Avast Software.) =>Hijacker.Browser
REMPLACÉ Desktop: C:\Users\Public\Desktop\Google Chrome.lnk [Bad : https://launchpage.org/?uid=oTlCBGjcgx0cXuv%2BKehtq3%2BBGtHnDk0Jbf7SydBPa3phiz%2B9fLLALBof0ih%2FBicrG5A%3D](.Google Inc..) =>Hijacker.Browser
REMPLACÉ Desktop: C:\Users\Public\Desktop\Mozilla Firefox.lnk [Bad : https://launchpage.org/?uid=oTlCBGjcgx0cXuv%2BKehtq3%2BBGtHnDk0Jbf7SydBPa3phiz%2B9fLLALBof0ih%2FBicrG5A%3D](.Mozilla Corporation.) =>Hijacker.Browser
REMPLACÉ SystemTools: C:\Users\CHIHEB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk [Bad : https://launchpage.org/?uid=oTlCBGjcgx0cXuv%2BKehtq3%2BBGtHnDk0Jbf7SydBPa3phiz%2B9fLLALBof0ih%2FBicrG5A%3D](.Microsoft Corporation.) =>PUP.Optional.Salus
REMPLACÉ SystemTools: C:\Users\CHIHEB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk [Bad : https://launchpage.org/?uid=oTlCBGjcgx0cXuv%2BKehtq3%2BBGtHnDk0Jbf7SydBPa3phiz%2B9fLLALBof0ih%2FBicrG5A%3D](.Microsoft Corporation.) =>Hijacker.Browser
---\\ Fichier hôte. (0)
~ Aucun élément malicieux ou superflu trouvé.
---\\ Tâche planifiée. (1)
SUPPRIMÉ tâche: [AutoPico Daily Restart] [C:\Program Files\KMSpico\AutoPico.exe (Not File) ] =>HackTool.KMSpico
---\\ Explorateur ( Dossiers, Fichiers ). (23)
DEPLACÉ fichier: C:\Program Files\KMSpico\Service_KMS.exe [@ByELDI - Service_KMS] =>HackTool.KMSpico
DEPLACÉ fichier: C:\Program Files\KMSpico\AutoPico.exe [@ByELDI - AutoPico] =>HackTool.KMSpico
DEPLACÉ fichier: C:\Windows\Prefetch\AUTOPICO.EXE-18EAEA5B.pf =>HackTool.KMSpico
DEPLACÉ fichier: C:\Windows\Installer\wix{6199B534-A1B6-46ED-873B-97B0ECF8F81E}.SchedServiceConfig.rmi =>.Superfluous.Empty
DEPLACÉ fichier: C:\Users\CHIHEB\AppData\Local\Temp\com.ashampoo.bacon_09656FA2.log =>.Superfluous.Temporary.Empty
DEPLACÉ fichier: C:\Users\CHIHEB\AppData\Local\Temp\CProgram FilesAVAST SoftwareSZBrowser3.55.2393.607SZBrowser_autoupdate.download.lock =>.Superfluous.Temporary.Empty
DEPLACÉ fichier: C:\Users\CHIHEB\AppData\Local\Temp\CProgram FilesAVAST SoftwareSZBrowser3.55.2393.607SZBrowser_autoupdate.metrics.lock =>.Superfluous.Temporary.Empty
DEPLACÉ fichier^: C:\Users\CHIHEB\AppData\Local\Temp\etilqs_2owNmuCYrAxPqSB =>.Superfluous.Temporary.Empty
DEPLACÉ fichier^: C:\Users\CHIHEB\AppData\Local\Temp\etilqs_chpiKd3VXtkJfKr =>.Superfluous.Temporary.Empty
DEPLACÉ fichier^: C:\Users\CHIHEB\AppData\Local\Temp\etilqs_DqfeF8Q5LBZhbSM =>.Superfluous.Temporary.Empty
DEPLACÉ fichier: C:\Users\CHIHEB\AppData\Local\Temp\FXSTIFFDebugLogFile.txt =>.Superfluous.Temporary.Empty
DEPLACÉ fichier^: C:\Users\CHIHEB\AppData\Local\Temp\safezone_crashreporter.log =>.Superfluous.Temporary.Empty
DEPLACÉ fichier: C:\Users\CHIHEB\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_search.safefinder.com_0.localstorage =>PUP.Optional.SmartBar
DEPLACÉ fichier: C:\Users\CHIHEB\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_search.safefinder.com_0.localstorage-journal =>PUP.Optional.SmartBar
DEPLACÉ dossier*: C:\Program Files (x86)\VideoLAN =>.Superfluous.Empty
DEPLACÉ dossier*: C:\Program Files\ByteFence =>.Superfluous.ByteFence
DEPLACÉ dossier*: C:\Program Files\KMSpico =>HackTool.KMSpico
DEPLACÉ dossier*: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico =>HackTool.KMSpico
DEPLACÉ dossier*: C:\Users\CHIHEB\AppData\Roaming\ParetoLogic =>.Superfluous.Paretologic
DEPLACÉ dossier*: C:\Users\CHIHEB\AppData\Local\CrashRpt =>.Superfluous.CrashReports
DEPLACÉ dossier^: C:\Users\CHIHEB\AppData\Local\Temp\scoped_dir3828_27377 =>.Superfluous.Temporary.Steam
DEPLACÉ dossier*: C:\ProgramData\Logic Cramble =>PUP.Optional.LogicHandler
DEPLACÉ dossier*: C:\Users\CHIHEB\AppData\Roaming\vnlgp =>Trojan.BitCoinMiner
---\\ Base de Registres ( Clés, Valeurs, Données ). (23)
SUPPRIMÉ clé: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{ielnksrch} [https://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRGNclVS1AC6s[...]] [Search the web] =>PUP.Optional.IMBooster
SUPPRIMÉ clé: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\ielnksrch [https://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRGNclVS1AC6s[...]] [Search the web] =>PUP.Optional.IMBooster
SUPPRIMÉ clé: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{ielnksrch} [https://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRGNclVS1AC6sNoH2TlPbfGRogFolkkaCaflBAMwv4kK569qXNuWct4aayvF156hOqMNZFQN3-vsKMVMooejSSAvD4DTd65OHNp7ChQ3BIeDMu2FKiJBl5fRXlsXx8nqC-YyC4tg4gIfnYQIUl_cXA0Ta6mVtgLUIViSx2d1fxvLEi_oc2gGE,&q={searchTerms}] =>PUP.Optional.IMBooster
SUPPRIMÉ clé: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\ielnksrch [https://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRGNclVS1AC6sNoH2TlPbfGRogFolkkaCaflBAMwv4kK569qXNuWct4aayvF156hOqMNZFQN3-vsKMVMooejSSAvD4DTd65OHNp7ChQ3BIeDMu2FKiJBl5fRXlsXx8nqC-YyC4tg4gIfnYQIUl_cXA0Ta6mVtgLUIViSx2d1fxvLEi_oc2gGE,&q={searchTerms}] =>PUP.Optional.IMBooster
SUPPRIMÉ clé*: HKLM\SYSTEM\CurrentControlSet\Services\ByteFenceService [C:\Program Files\ByteFence\ByteFenceService.exe (Not File)] =>.Superfluous.ByteFence
SUPPRIMÉ clé*: HKLM\SYSTEM\CurrentControlSet\Services\Service KMSELDI [C:\Program Files\KMSpico\Service_KMS.exe (Not File)] =>HackTool.KMSpico
SUPPRIMÉ clé^: HKEY_USERS\S-1-5-21-1776833870-1233344491-4197509481-1000\SOFTWARE\ParetoLogic [] =>.Superfluous.Paretologic
SUPPRIMÉ clé*: HKEY_USERS\S-1-5-21-1776833870-1233344491-4197509481-1000\SOFTWARE\Classes\.snapdoc [SNAP.DOC] =>PUP.Optional.SmartBar
SUPPRIMÉ clé*: HKEY_USERS\S-1-5-21-1776833870-1233344491-4197509481-1000\SOFTWARE\Classes\SNAP.DOC [SNAP.DOC] =>PUP.Optional.SmartBar
SUPPRIMÉ clé^: HKCU\Software\ParetoLogic [] =>.Superfluous.Paretologic
SUPPRIMÉ clé*: HKCU\Software\csastats [] =>Adware.InstallCore
SUPPRIMÉ clé*: HKCU\Software\ProductSetup [] =>Adware.InstallCore
SUPPRIMÉ clé*: HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\ByteFenceService [] =>.Superfluous.ByteFence
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Microsoft\Tracing\ByteFence_RASAPI32 [] =>.Superfluous.ByteFence
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Microsoft\Tracing\ByteFence_RASMANCS [] =>.Superfluous.ByteFence
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1 [KMSpico] =>HackTool.KMSpico
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\ParetoLogic [] =>.Superfluous.Paretologic
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\ParetoLogic PC Health Advisor_RASAPI32 [] =>.Superfluous.Paretologic
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\ParetoLogic PC Health Advisor_RASMANCS [] =>.Superfluous.Paretologic
SUPPRIMÉ clé*: HKCU\SOFTWARE\80c72162ad6e70a355cf0a60aff1b7bc [] =>Hijacker.Browser
SUPPRIMÉ clé*: HKCU\SOFTWARE\c085ee5f3329d8767aef30d4dae5b55a [] =>Hijacker.Browser
SUPPRIMÉ valeur: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\{F3971843-A561-45B7-9F74-4AA8FFFB52CB} [C:\Program Files\KMSpico\Service_KMS.exe] =>HackTool.KMSpico
SUPPRIMÉ valeur: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\{CE321636-6867-42BD-944D-206D6D4D7D83} [C:\Program Files\KMSpico\Service_KMS.exe] =>HackTool.KMSpico
---\\ Récapitulatif des éléments trouvés sur votre station. (16)
https://www.nicolascoolman.com/fr/pup-helperbar/ =>PUP.Optional.HelperBar
https://nicolascoolman.eu/2017/04/03/hijacker-proxy/ =>Hijacker.Proxy
https://nicolascoolman.eu/2017/02/02/hijacker-browser-2/ =>Hijacker.Browser
https://www.nicolascoolman.com/fr/pup-salus/ =>PUP.Optional.Salus
https://nicolascoolman.eu/2017/02/16/hacktool-kmspico/ =>HackTool.KMSpico
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.Superfluous.Empty
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.Superfluous.Temporary.Empty
https://www.nicolascoolman.com/fr/hijacker-smartbar/ =>PUP.Optional.SmartBar
https://nicolascoolman.eu/2017/03/13/superfluous-bytefence/ =>.Superfluous.ByteFence
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.Superfluous.Paretologic
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.Superfluous.CrashReports
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.Superfluous.Temporary.Steam
https://nicolascoolman.eu/2017/01/04/pup-optional-logichandler/ =>PUP.Optional.LogicHandler
https://www.nicolascoolman.com/fr/trojan-bitcoinminer/ =>Trojan.BitCoinMiner
https://www.nicolascoolman.com/fr/adware-imbooster/ =>PUP.Optional.IMBooster
https://nicolascoolman.eu/2017/03/12/adware-installcore-2/ =>Adware.InstallCore
---\\ Nettoyage Additionnel. (57)
~ Suppression des Clés de registre Tracing. (57)
~ Suppression des anciens rapports ZHPCleaner. (0)
---\\ Bilan de la réparation
~ Réparation réalisée avec succès.
~ Ce navigateur est absent (Opera Software)
~ Le système a été redémarré.
---\\ Statistiques
~ Items scannés : 822
~ Items trouvés : 0
~ Items annulés : 0
~ Items réparés : 62
~ End of clean in 00h00mn49s
~====================
ZHPCleaner-[R]-21062017-03_17_51.txt
ZHPCleaner-[S]-21062017-03_16_06.txt
~ Run by CHIHEB (Administrator) (21/06/2017 03:17:02)
~ Web: https://www.nicolascoolman.com
~ Blog: https://nicolascoolman.eu/
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Version OK
~ Certificate ZHPCleaner: Legal
~ Type : Nettoyer
~ Report : C:\Users\CHIHEB\Desktop\ZHPCleaner.txt
~ Quarantine : C:\Users\CHIHEB\AppData\Roaming\ZHP\ZHPCleaner_Reg.txt
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
Windows 7 Ultimate, 64-bit Service Pack 1 (Build 7601)
---\\ Service. (0)
---\\ Navigateur internet. (13)
REMPLACÉ Google Chrome Preferences: "https://feed.helperbar.com/" =>PUP.Optional.HelperBar
SUPPRIMÉ donnée: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\\AutoConfigUrl [Bad : http://webunstop.org/wpad.dat?625c81e14455a3b90eb599b59cf4525333055214] =>Hijacker.Proxy
REMPLACÉ Quicklaunch: C:\Users\CHIHEB\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Avast SafeZone Browser.lnk [Bad : https://launchpage.org/?uid=oTlCBGjcgx0cXuv%2BKehtq3%2BBGtHnDk0Jbf7SydBPa3phiz%2B9fLLALBof0ih%2FBicrG5A%3D](.Avast Software.) =>Hijacker.Browser
REMPLACÉ Quicklaunch: C:\Users\CHIHEB\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk [Bad : https://launchpage.org/?uid=oTlCBGjcgx0cXuv%2BKehtq3%2BBGtHnDk0Jbf7SydBPa3phiz%2B9fLLALBof0ih%2FBicrG5A%3D](.Microsoft Corporation.) =>PUP.Optional.Salus
REMPLACÉ Quicklaunch: C:\Users\CHIHEB\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk [Bad : https://launchpage.org/?uid=oTlCBGjcgx0cXuv%2BKehtq3%2BBGtHnDk0Jbf7SydBPa3phiz%2B9fLLALBof0ih%2FBicrG5A%3D](.Microsoft Corporation.) =>Hijacker.Browser
REMPLACÉ TaskBar: C:\Users\CHIHEB\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk [Bad : https://launchpage.org/?uid=oTlCBGjcgx0cXuv%2BKehtq3%2BBGtHnDk0Jbf7SydBPa3phiz%2B9fLLALBof0ih%2FBicrG5A%3D](.Mozilla Corporation.) =>Hijacker.Browser
REMPLACÉ Startup\Programs: C:\Users\CHIHEB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk [Bad : https://launchpage.org/?uid=oTlCBGjcgx0cXuv%2BKehtq3%2BBGtHnDk0Jbf7SydBPa3phiz%2B9fLLALBof0ih%2FBicrG5A%3D](.Microsoft Corporation.) =>PUP.Optional.Salus
REMPLACÉ Startup\Programs: C:\Users\CHIHEB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk [Bad : https://launchpage.org/?uid=oTlCBGjcgx0cXuv%2BKehtq3%2BBGtHnDk0Jbf7SydBPa3phiz%2B9fLLALBof0ih%2FBicrG5A%3D](.Microsoft Corporation.) =>Hijacker.Browser
REMPLACÉ Desktop: C:\Users\Public\Desktop\Avast SafeZone Browser.lnk [Bad : https://launchpage.org/?uid=oTlCBGjcgx0cXuv%2BKehtq3%2BBGtHnDk0Jbf7SydBPa3phiz%2B9fLLALBof0ih%2FBicrG5A%3D](.Avast Software.) =>Hijacker.Browser
REMPLACÉ Desktop: C:\Users\Public\Desktop\Google Chrome.lnk [Bad : https://launchpage.org/?uid=oTlCBGjcgx0cXuv%2BKehtq3%2BBGtHnDk0Jbf7SydBPa3phiz%2B9fLLALBof0ih%2FBicrG5A%3D](.Google Inc..) =>Hijacker.Browser
REMPLACÉ Desktop: C:\Users\Public\Desktop\Mozilla Firefox.lnk [Bad : https://launchpage.org/?uid=oTlCBGjcgx0cXuv%2BKehtq3%2BBGtHnDk0Jbf7SydBPa3phiz%2B9fLLALBof0ih%2FBicrG5A%3D](.Mozilla Corporation.) =>Hijacker.Browser
REMPLACÉ SystemTools: C:\Users\CHIHEB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk [Bad : https://launchpage.org/?uid=oTlCBGjcgx0cXuv%2BKehtq3%2BBGtHnDk0Jbf7SydBPa3phiz%2B9fLLALBof0ih%2FBicrG5A%3D](.Microsoft Corporation.) =>PUP.Optional.Salus
REMPLACÉ SystemTools: C:\Users\CHIHEB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk [Bad : https://launchpage.org/?uid=oTlCBGjcgx0cXuv%2BKehtq3%2BBGtHnDk0Jbf7SydBPa3phiz%2B9fLLALBof0ih%2FBicrG5A%3D](.Microsoft Corporation.) =>Hijacker.Browser
---\\ Fichier hôte. (0)
~ Aucun élément malicieux ou superflu trouvé.
---\\ Tâche planifiée. (1)
SUPPRIMÉ tâche: [AutoPico Daily Restart] [C:\Program Files\KMSpico\AutoPico.exe (Not File) ] =>HackTool.KMSpico
---\\ Explorateur ( Dossiers, Fichiers ). (23)
DEPLACÉ fichier: C:\Program Files\KMSpico\Service_KMS.exe [@ByELDI - Service_KMS] =>HackTool.KMSpico
DEPLACÉ fichier: C:\Program Files\KMSpico\AutoPico.exe [@ByELDI - AutoPico] =>HackTool.KMSpico
DEPLACÉ fichier: C:\Windows\Prefetch\AUTOPICO.EXE-18EAEA5B.pf =>HackTool.KMSpico
DEPLACÉ fichier: C:\Windows\Installer\wix{6199B534-A1B6-46ED-873B-97B0ECF8F81E}.SchedServiceConfig.rmi =>.Superfluous.Empty
DEPLACÉ fichier: C:\Users\CHIHEB\AppData\Local\Temp\com.ashampoo.bacon_09656FA2.log =>.Superfluous.Temporary.Empty
DEPLACÉ fichier: C:\Users\CHIHEB\AppData\Local\Temp\CProgram FilesAVAST SoftwareSZBrowser3.55.2393.607SZBrowser_autoupdate.download.lock =>.Superfluous.Temporary.Empty
DEPLACÉ fichier: C:\Users\CHIHEB\AppData\Local\Temp\CProgram FilesAVAST SoftwareSZBrowser3.55.2393.607SZBrowser_autoupdate.metrics.lock =>.Superfluous.Temporary.Empty
DEPLACÉ fichier^: C:\Users\CHIHEB\AppData\Local\Temp\etilqs_2owNmuCYrAxPqSB =>.Superfluous.Temporary.Empty
DEPLACÉ fichier^: C:\Users\CHIHEB\AppData\Local\Temp\etilqs_chpiKd3VXtkJfKr =>.Superfluous.Temporary.Empty
DEPLACÉ fichier^: C:\Users\CHIHEB\AppData\Local\Temp\etilqs_DqfeF8Q5LBZhbSM =>.Superfluous.Temporary.Empty
DEPLACÉ fichier: C:\Users\CHIHEB\AppData\Local\Temp\FXSTIFFDebugLogFile.txt =>.Superfluous.Temporary.Empty
DEPLACÉ fichier^: C:\Users\CHIHEB\AppData\Local\Temp\safezone_crashreporter.log =>.Superfluous.Temporary.Empty
DEPLACÉ fichier: C:\Users\CHIHEB\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_search.safefinder.com_0.localstorage =>PUP.Optional.SmartBar
DEPLACÉ fichier: C:\Users\CHIHEB\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_search.safefinder.com_0.localstorage-journal =>PUP.Optional.SmartBar
DEPLACÉ dossier*: C:\Program Files (x86)\VideoLAN =>.Superfluous.Empty
DEPLACÉ dossier*: C:\Program Files\ByteFence =>.Superfluous.ByteFence
DEPLACÉ dossier*: C:\Program Files\KMSpico =>HackTool.KMSpico
DEPLACÉ dossier*: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico =>HackTool.KMSpico
DEPLACÉ dossier*: C:\Users\CHIHEB\AppData\Roaming\ParetoLogic =>.Superfluous.Paretologic
DEPLACÉ dossier*: C:\Users\CHIHEB\AppData\Local\CrashRpt =>.Superfluous.CrashReports
DEPLACÉ dossier^: C:\Users\CHIHEB\AppData\Local\Temp\scoped_dir3828_27377 =>.Superfluous.Temporary.Steam
DEPLACÉ dossier*: C:\ProgramData\Logic Cramble =>PUP.Optional.LogicHandler
DEPLACÉ dossier*: C:\Users\CHIHEB\AppData\Roaming\vnlgp =>Trojan.BitCoinMiner
---\\ Base de Registres ( Clés, Valeurs, Données ). (23)
SUPPRIMÉ clé: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{ielnksrch} [https://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRGNclVS1AC6s[...]] [Search the web] =>PUP.Optional.IMBooster
SUPPRIMÉ clé: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\ielnksrch [https://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRGNclVS1AC6s[...]] [Search the web] =>PUP.Optional.IMBooster
SUPPRIMÉ clé: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{ielnksrch} [https://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRGNclVS1AC6sNoH2TlPbfGRogFolkkaCaflBAMwv4kK569qXNuWct4aayvF156hOqMNZFQN3-vsKMVMooejSSAvD4DTd65OHNp7ChQ3BIeDMu2FKiJBl5fRXlsXx8nqC-YyC4tg4gIfnYQIUl_cXA0Ta6mVtgLUIViSx2d1fxvLEi_oc2gGE,&q={searchTerms}] =>PUP.Optional.IMBooster
SUPPRIMÉ clé: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\ielnksrch [https://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRGNclVS1AC6sNoH2TlPbfGRogFolkkaCaflBAMwv4kK569qXNuWct4aayvF156hOqMNZFQN3-vsKMVMooejSSAvD4DTd65OHNp7ChQ3BIeDMu2FKiJBl5fRXlsXx8nqC-YyC4tg4gIfnYQIUl_cXA0Ta6mVtgLUIViSx2d1fxvLEi_oc2gGE,&q={searchTerms}] =>PUP.Optional.IMBooster
SUPPRIMÉ clé*: HKLM\SYSTEM\CurrentControlSet\Services\ByteFenceService [C:\Program Files\ByteFence\ByteFenceService.exe (Not File)] =>.Superfluous.ByteFence
SUPPRIMÉ clé*: HKLM\SYSTEM\CurrentControlSet\Services\Service KMSELDI [C:\Program Files\KMSpico\Service_KMS.exe (Not File)] =>HackTool.KMSpico
SUPPRIMÉ clé^: HKEY_USERS\S-1-5-21-1776833870-1233344491-4197509481-1000\SOFTWARE\ParetoLogic [] =>.Superfluous.Paretologic
SUPPRIMÉ clé*: HKEY_USERS\S-1-5-21-1776833870-1233344491-4197509481-1000\SOFTWARE\Classes\.snapdoc [SNAP.DOC] =>PUP.Optional.SmartBar
SUPPRIMÉ clé*: HKEY_USERS\S-1-5-21-1776833870-1233344491-4197509481-1000\SOFTWARE\Classes\SNAP.DOC [SNAP.DOC] =>PUP.Optional.SmartBar
SUPPRIMÉ clé^: HKCU\Software\ParetoLogic [] =>.Superfluous.Paretologic
SUPPRIMÉ clé*: HKCU\Software\csastats [] =>Adware.InstallCore
SUPPRIMÉ clé*: HKCU\Software\ProductSetup [] =>Adware.InstallCore
SUPPRIMÉ clé*: HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\ByteFenceService [] =>.Superfluous.ByteFence
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Microsoft\Tracing\ByteFence_RASAPI32 [] =>.Superfluous.ByteFence
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Microsoft\Tracing\ByteFence_RASMANCS [] =>.Superfluous.ByteFence
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1 [KMSpico] =>HackTool.KMSpico
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\ParetoLogic [] =>.Superfluous.Paretologic
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\ParetoLogic PC Health Advisor_RASAPI32 [] =>.Superfluous.Paretologic
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\ParetoLogic PC Health Advisor_RASMANCS [] =>.Superfluous.Paretologic
SUPPRIMÉ clé*: HKCU\SOFTWARE\80c72162ad6e70a355cf0a60aff1b7bc [] =>Hijacker.Browser
SUPPRIMÉ clé*: HKCU\SOFTWARE\c085ee5f3329d8767aef30d4dae5b55a [] =>Hijacker.Browser
SUPPRIMÉ valeur: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\{F3971843-A561-45B7-9F74-4AA8FFFB52CB} [C:\Program Files\KMSpico\Service_KMS.exe] =>HackTool.KMSpico
SUPPRIMÉ valeur: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\{CE321636-6867-42BD-944D-206D6D4D7D83} [C:\Program Files\KMSpico\Service_KMS.exe] =>HackTool.KMSpico
---\\ Récapitulatif des éléments trouvés sur votre station. (16)
https://www.nicolascoolman.com/fr/pup-helperbar/ =>PUP.Optional.HelperBar
https://nicolascoolman.eu/2017/04/03/hijacker-proxy/ =>Hijacker.Proxy
https://nicolascoolman.eu/2017/02/02/hijacker-browser-2/ =>Hijacker.Browser
https://www.nicolascoolman.com/fr/pup-salus/ =>PUP.Optional.Salus
https://nicolascoolman.eu/2017/02/16/hacktool-kmspico/ =>HackTool.KMSpico
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.Superfluous.Empty
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.Superfluous.Temporary.Empty
https://www.nicolascoolman.com/fr/hijacker-smartbar/ =>PUP.Optional.SmartBar
https://nicolascoolman.eu/2017/03/13/superfluous-bytefence/ =>.Superfluous.ByteFence
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.Superfluous.Paretologic
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.Superfluous.CrashReports
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.Superfluous.Temporary.Steam
https://nicolascoolman.eu/2017/01/04/pup-optional-logichandler/ =>PUP.Optional.LogicHandler
https://www.nicolascoolman.com/fr/trojan-bitcoinminer/ =>Trojan.BitCoinMiner
https://www.nicolascoolman.com/fr/adware-imbooster/ =>PUP.Optional.IMBooster
https://nicolascoolman.eu/2017/03/12/adware-installcore-2/ =>Adware.InstallCore
---\\ Nettoyage Additionnel. (57)
~ Suppression des Clés de registre Tracing. (57)
~ Suppression des anciens rapports ZHPCleaner. (0)
---\\ Bilan de la réparation
~ Réparation réalisée avec succès.
~ Ce navigateur est absent (Opera Software)
~ Le système a été redémarré.
---\\ Statistiques
~ Items scannés : 822
~ Items trouvés : 0
~ Items annulés : 0
~ Items réparés : 62
~ End of clean in 00h00mn49s
~====================
ZHPCleaner-[R]-21062017-03_17_51.txt
ZHPCleaner-[S]-21062017-03_16_06.txt