Publicité
Publicité
Format du document : text/plain
Prévisualisation
~ ZHPCleaner v2017.7.27.128 by Nicolas Coolman (2017/07/27)
~ Run by PC-ABDERRAHMEN (Administrator) (27/07/2017 22:31:21)
~ Web: https://www.nicolascoolman.com
~ Blog: https://nicolascoolman.eu/
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Version OK
~ Certificate ZHPCleaner: Legal
~ Type : Repair
~ Report : C:\Users\PC-ABDERRAHMEN\Desktop\ZHPCleaner.txt
~ Quarantine : C:\Users\PC-ABDERRAHMEN\AppData\Roaming\ZHP\ZHPCleaner_Reg.txt
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
Windows 10 Pro, 64-bit (Build 14393)
---\\ Services (0)
~ No malicious or unnecessary items found.
---\\ Browser internet (1)
FOUND PARAMS: ProxyServer [163.172.86.64:3128] (User.Validation)
---\\ Hosts file (1)
~ The hosts file is legitimate (26)
---\\ Scheduled automatic tasks. (1)
DELETED task: [AutoKMS] [C:\Windows\AutoKMS\AutoKMS.exe (Not File) ] =>HackTool.AutoKMS
---\\ Explorer ( File, Folder) (18)
MOVED file: C:\Users\PC-ABDERRAHMEN\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_gihcngphjjankfngmgdkihhngndcdflc_0.localstorage-journal =>PUP.Optional.Adblocker
MOVED file: C:\Users\PC-ABDERRAHMEN\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_gihcngphjjankfngmgdkihhngndcdflc_0.localstorage =>PUP.Optional.Adblocker
MOVED file: C:\Windows\AutoKMS\AutoKMS.exe [CODYQX4 - AutoKMS] =>HackTool.AutoKMS
MOVED file: C:\Users\PC-ABDERRAHMEN\Downloads\popcorn-time-2-8-0.apk =>.Superfluous.PopcornTime
MOVED file: C:\Users\PC-ABDERRAHMEN\Downloads\uptodown-android-3-21.apk =>PUP.Optional.UpToDown
MOVED file: C:\Users\PC-ABDERRAHMEN\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.olark.com_0.localstorage =>PUP.Optional.Generic
MOVED file: C:\Users\PC-ABDERRAHMEN\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.olark.com_0.localstorage-journal =>PUP.Optional.Generic
MOVED file: C:\Users\PC-ABDERRAHMEN\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_en.uptodown.com_0.localstorage =>PUP.Optional.UpToDown
MOVED file: C:\Users\PC-ABDERRAHMEN\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_en.uptodown.com_0.localstorage-journal =>PUP.Optional.UpToDown
MOVED file: C:\Users\PC-ABDERRAHMEN\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_st.chatango.com_0.localstorage =>PUP.Optional.Chatango
MOVED file: C:\Users\PC-ABDERRAHMEN\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_st.chatango.com_0.localstorage-journal =>PUP.Optional.Chatango
MOVED file: C:\Windows\AutoKMS\AutoKMS.log =>HackTool.AutoKMS
MOVED folder: C:\Users\PC-ABDERRAHMEN\AppData\Local\Google\Chrome\User Data\Default\Extensions\gihcngphjjankfngmgdkihhngndcdflc =>PUP.Optional.Adblocker
MOVED folder: C:\Users\PC-ABDERRAHMEN\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\gihcngphjjankfngmgdkihhngndcdflc =>PUP.Optional.Adblocker
MOVED folder: C:\ProgramData\Microsoft Toolkit =>HackTool.AutoKMS
MOVED folder: C:\WINDOWS\AutoKMS =>HackTool.AutoKMS
MOVED folder: C:\Users\PC-ABDERRAHMEN\AppData\Local\PackageAware =>PUP.Optional.BearShare
MOVED folder: C:\Users\PC-ABDERRAHMEN\AppData\Local\Google\Chrome\User Data\Default\File System\008 =>PUP.Optional.DomaIQ
---\\ Registry ( Key, Value, Data) (3)
DELETED key*: HKEY_USERS\S-1-5-21-256474428-2574812502-1661256676-1001\SOFTWARE\Classes\.snapdoc [SNAP.DOC] =>PUP.Optional.SmartBar
DELETED key*: HKEY_USERS\S-1-5-21-256474428-2574812502-1661256676-1001\SOFTWARE\Classes\SNAP.DOC [SNAP.DOC] =>PUP.Optional.SmartBar
DELETED value: HKLM64\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\\SMΔRT-Protection [C:\Program Files (x86)\SMADAV\SMΔRTP.exe] =>Heuristic.Salus
---\\ Summary of the elements found (10)
https://nicolascoolman.eu/2017/02/02/hacktool-autokms/ =>HackTool.AutoKMS
https://nicolascoolman.eu/2017/01/28/adware-adblocker/ =>PUP.Optional.Adblocker
https://nicolascoolman.eu/2017/02/26/superfluous-popcorntime/ =>.Superfluous.PopcornTime
https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>PUP.Optional.UpToDown
https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>PUP.Optional.Generic
https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>PUP.Optional.Chatango
https://www.nicolascoolman.com/fr/pup-bearshare/ =>PUP.Optional.BearShare
https://www.nicolascoolman.com/fr/adware-domaiq/ =>PUP.Optional.DomaIQ
https://www.nicolascoolman.com/fr/hijacker-smartbar/ =>PUP.Optional.SmartBar
https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>Heuristic.Salus
---\\ Other deletions. (25)
~ Registry Keys Tracing deleted (23)
~ Remove the old reports ZHPCleaner. (2)
---\\ Result of repair
~ Repair carried out successfully
~ Browser not found (Opera Software)
---\\ Statistics
~ Items scanned : 1117
~ Items found : 1
~ Items cancelled : 0
~ Items repaired : 22
~ End of clean in 00h00mn21s
~====================
ZHPCleaner-[R]-27072017-22_31_42.txt
ZHPCleaner-[S]-27072017-22_26_57.txt
~ Run by PC-ABDERRAHMEN (Administrator) (27/07/2017 22:31:21)
~ Web: https://www.nicolascoolman.com
~ Blog: https://nicolascoolman.eu/
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Version OK
~ Certificate ZHPCleaner: Legal
~ Type : Repair
~ Report : C:\Users\PC-ABDERRAHMEN\Desktop\ZHPCleaner.txt
~ Quarantine : C:\Users\PC-ABDERRAHMEN\AppData\Roaming\ZHP\ZHPCleaner_Reg.txt
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
Windows 10 Pro, 64-bit (Build 14393)
---\\ Services (0)
~ No malicious or unnecessary items found.
---\\ Browser internet (1)
FOUND PARAMS: ProxyServer [163.172.86.64:3128] (User.Validation)
---\\ Hosts file (1)
~ The hosts file is legitimate (26)
---\\ Scheduled automatic tasks. (1)
DELETED task: [AutoKMS] [C:\Windows\AutoKMS\AutoKMS.exe (Not File) ] =>HackTool.AutoKMS
---\\ Explorer ( File, Folder) (18)
MOVED file: C:\Users\PC-ABDERRAHMEN\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_gihcngphjjankfngmgdkihhngndcdflc_0.localstorage-journal =>PUP.Optional.Adblocker
MOVED file: C:\Users\PC-ABDERRAHMEN\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_gihcngphjjankfngmgdkihhngndcdflc_0.localstorage =>PUP.Optional.Adblocker
MOVED file: C:\Windows\AutoKMS\AutoKMS.exe [CODYQX4 - AutoKMS] =>HackTool.AutoKMS
MOVED file: C:\Users\PC-ABDERRAHMEN\Downloads\popcorn-time-2-8-0.apk =>.Superfluous.PopcornTime
MOVED file: C:\Users\PC-ABDERRAHMEN\Downloads\uptodown-android-3-21.apk =>PUP.Optional.UpToDown
MOVED file: C:\Users\PC-ABDERRAHMEN\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.olark.com_0.localstorage =>PUP.Optional.Generic
MOVED file: C:\Users\PC-ABDERRAHMEN\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.olark.com_0.localstorage-journal =>PUP.Optional.Generic
MOVED file: C:\Users\PC-ABDERRAHMEN\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_en.uptodown.com_0.localstorage =>PUP.Optional.UpToDown
MOVED file: C:\Users\PC-ABDERRAHMEN\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_en.uptodown.com_0.localstorage-journal =>PUP.Optional.UpToDown
MOVED file: C:\Users\PC-ABDERRAHMEN\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_st.chatango.com_0.localstorage =>PUP.Optional.Chatango
MOVED file: C:\Users\PC-ABDERRAHMEN\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_st.chatango.com_0.localstorage-journal =>PUP.Optional.Chatango
MOVED file: C:\Windows\AutoKMS\AutoKMS.log =>HackTool.AutoKMS
MOVED folder: C:\Users\PC-ABDERRAHMEN\AppData\Local\Google\Chrome\User Data\Default\Extensions\gihcngphjjankfngmgdkihhngndcdflc =>PUP.Optional.Adblocker
MOVED folder: C:\Users\PC-ABDERRAHMEN\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\gihcngphjjankfngmgdkihhngndcdflc =>PUP.Optional.Adblocker
MOVED folder: C:\ProgramData\Microsoft Toolkit =>HackTool.AutoKMS
MOVED folder: C:\WINDOWS\AutoKMS =>HackTool.AutoKMS
MOVED folder: C:\Users\PC-ABDERRAHMEN\AppData\Local\PackageAware =>PUP.Optional.BearShare
MOVED folder: C:\Users\PC-ABDERRAHMEN\AppData\Local\Google\Chrome\User Data\Default\File System\008 =>PUP.Optional.DomaIQ
---\\ Registry ( Key, Value, Data) (3)
DELETED key*: HKEY_USERS\S-1-5-21-256474428-2574812502-1661256676-1001\SOFTWARE\Classes\.snapdoc [SNAP.DOC] =>PUP.Optional.SmartBar
DELETED key*: HKEY_USERS\S-1-5-21-256474428-2574812502-1661256676-1001\SOFTWARE\Classes\SNAP.DOC [SNAP.DOC] =>PUP.Optional.SmartBar
DELETED value: HKLM64\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\\SMΔRT-Protection [C:\Program Files (x86)\SMADAV\SMΔRTP.exe] =>Heuristic.Salus
---\\ Summary of the elements found (10)
https://nicolascoolman.eu/2017/02/02/hacktool-autokms/ =>HackTool.AutoKMS
https://nicolascoolman.eu/2017/01/28/adware-adblocker/ =>PUP.Optional.Adblocker
https://nicolascoolman.eu/2017/02/26/superfluous-popcorntime/ =>.Superfluous.PopcornTime
https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>PUP.Optional.UpToDown
https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>PUP.Optional.Generic
https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>PUP.Optional.Chatango
https://www.nicolascoolman.com/fr/pup-bearshare/ =>PUP.Optional.BearShare
https://www.nicolascoolman.com/fr/adware-domaiq/ =>PUP.Optional.DomaIQ
https://www.nicolascoolman.com/fr/hijacker-smartbar/ =>PUP.Optional.SmartBar
https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>Heuristic.Salus
---\\ Other deletions. (25)
~ Registry Keys Tracing deleted (23)
~ Remove the old reports ZHPCleaner. (2)
---\\ Result of repair
~ Repair carried out successfully
~ Browser not found (Opera Software)
---\\ Statistics
~ Items scanned : 1117
~ Items found : 1
~ Items cancelled : 0
~ Items repaired : 22
~ End of clean in 00h00mn21s
~====================
ZHPCleaner-[R]-27072017-22_31_42.txt
ZHPCleaner-[S]-27072017-22_26_57.txt