cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

~ ZHPCleaner v2017.7.17.123 by Nicolas Coolman (2017/07/17)
~ Run by Japs (Administrator) (28/07/2017 11:44:42)
~ Web: https://www.nicolascoolman.com
~ Blog: https://nicolascoolman.eu/
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Version OK
~ Certificate ZHPCleaner: Illegal
~ Type : Nettoyer
~ Report : C:\Users\Japs\Desktop\ZHPCleaner.txt
~ Quarantine : C:\Users\Japs\AppData\Roaming\ZHP\ZHPCleaner_Reg.txt
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
Windows 7 Professional, 64-bit Service Pack 1 (Build 7601)


---\\ Service. (0)
~ Aucun élément malicieux ou superflu trouvé.


---\\ Navigateur internet. (10)
REMPLACÉ Google Chrome Preferences: "https://launchpage.org/" =>Hijacker.Browser
SUPPRIMÉ donnée: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\\AutoConfigUrl [Bad : http://web-access.biz/wpad.dat?cb5e98ef5ae9154eb3d8008e38eb2f9f29752353] =>Hijacker.Proxy
REMPLACÉ Quicklaunch: C:\Users\Japs\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk [Bad : https://launchpage.org/?uid=oTlKBGjchx1sXu%2BaqUofYY1MVNvzxHEBVCL15P1gVuFU%2FCkBy%2BdBjvPWsBLjaU%2BNXdm4](.Google Inc..) =>Hijacker.Browser
REMPLACÉ Quicklaunch: C:\Users\Japs\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk [Bad : https://launchpage.org/?uid=oTlKBGjchx1sXu%2BaqUofYY1MVNvzxHEBVCL15P1gVuFU%2FCkBy%2BdBjvPWsBLjaU%2BNXdm4](.Microsoft Corporation.) =>PUP.Optional.Salus
REMPLACÉ Quicklaunch: C:\Users\Japs\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk [Bad : https://launchpage.org/?uid=oTlKBGjchx1sXu%2BaqUofYY1MVNvzxHEBVCL15P1gVuFU%2FCkBy%2BdBjvPWsBLjaU%2BNXdm4](.Microsoft Corporation.) =>Hijacker.Browser
REMPLACÉ TaskBar: C:\Users\Japs\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk [Bad : https://launchpage.org/?uid=oTlKBGjchx1sXu%2BaqUofYY1MVNvzxHEBVCL15P1gVuFU%2FCkBy%2BdBjvPWsBLjaU%2BNXdm4](.Google Inc..) =>Hijacker.Browser
REMPLACÉ Startup\Programs: C:\Users\Japs\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk [Bad : https://launchpage.org/?uid=oTlKBGjchx1sXu%2BaqUofYY1MVNvzxHEBVCL15P1gVuFU%2FCkBy%2BdBjvPWsBLjaU%2BNXdm4](.Microsoft Corporation.) =>PUP.Optional.Salus
REMPLACÉ Startup\Programs: C:\Users\Japs\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk [Bad : https://launchpage.org/?uid=oTlKBGjchx1sXu%2BaqUofYY1MVNvzxHEBVCL15P1gVuFU%2FCkBy%2BdBjvPWsBLjaU%2BNXdm4](.Microsoft Corporation.) =>Hijacker.Browser
REMPLACÉ SystemTools: C:\Users\Japs\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk [Bad : https://launchpage.org/?uid=oTlKBGjchx1sXu%2BaqUofYY1MVNvzxHEBVCL15P1gVuFU%2FCkBy%2BdBjvPWsBLjaU%2BNXdm4](.Microsoft Corporation.) =>PUP.Optional.Salus
REMPLACÉ SystemTools: C:\Users\Japs\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk [Bad : https://launchpage.org/?uid=oTlKBGjchx1sXu%2BaqUofYY1MVNvzxHEBVCL15P1gVuFU%2FCkBy%2BdBjvPWsBLjaU%2BNXdm4](.Microsoft Corporation.) =>Hijacker.Browser


---\\ Fichier hôte. (1)
~ Le fichier hôte est légitime. (122)


---\\ Tâche planifiée. (0)
~ Aucun élément malicieux ou superflu trouvé.


---\\ Explorateur ( Dossiers, Fichiers ). (3)
DEPLACÉ fichier: C:\Users\Japs\AppData\Local\Akamai\netsession_win.exe [Akamai Technologies, Inc. - Akamai NetSession Client] =>.Superfluous.AkamaiHD
DEPLACÉ dossier^: C:\Users\Japs\AppData\Local\Akamai =>.Superfluous.AkamaiHD
DEPLACÉ dossier*: C:\Users\Japs\AppData\Local\Google\Chrome\User Data\Default\File System\008 =>PUP.Optional.DomaIQ


---\\ Base de Registres ( Clés, Valeurs, Données ). (47)
SUPPRIMÉ clé*: HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\1916A2AF346D399F50313C393200F14140456616 [Avast Software] =>PUM.Misplaced.Certificate
SUPPRIMÉ clé*: HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\2A83E9020591A55FC6DDAD3FB102794C52B24E70 [Avast Software] =>PUM.Misplaced.Certificate
SUPPRIMÉ clé*: HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\2B84BFBB34EE2EF949FE1CBE30AA026416EB2216 [Avast Software] =>PUM.Misplaced.Certificate
SUPPRIMÉ clé*: HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\305F8BD17AA2CBC483A4C41B19A39A0C75DA39D6 [Avast Software] =>PUM.Misplaced.Certificate
SUPPRIMÉ clé*: HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\367D4B3B4FCBBC0B767B2EC0CDB2A36EAB71A4EB [Avast Software] =>PUM.Misplaced.Certificate
SUPPRIMÉ clé*: HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\3A850044D8A195CD401A680C012CB0A3B5F8DC08 [Avast Software] =>PUM.Misplaced.Certificate
SUPPRIMÉ clé*: HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\40AA38731BD189F9CDB5B9DC35E2136F38777AF4 [Avast Software] =>PUM.Misplaced.Certificate
SUPPRIMÉ clé*: HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\43D9BCB568E039D073A74A71D8511F7476089CC3 [Avast Software] =>PUM.Misplaced.Certificate
SUPPRIMÉ clé*: HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\471C949A8143DB5AD5CDF1C972864A2504FA23C9 [Avast Software] =>PUM.Misplaced.Certificate
SUPPRIMÉ clé*: HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\51C3247D60F356C7CA3BAF4C3F429DAC93EE7B74 [Avast Software] =>PUM.Misplaced.Certificate
SUPPRIMÉ clé*: HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\5DE83EE82AC5090AEA9D6AC4E7A6E213F946E179 [Avast Software] =>PUM.Misplaced.Certificate
SUPPRIMÉ clé*: HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\61793FCBFA4F9008309BBA5FF12D2CB29CD4151A [Avast Software] =>PUM.Misplaced.Certificate
SUPPRIMÉ clé*: HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\637162CC59A3A1E25956FA5FA8F60D2E1C52EAC6 [Avast Software] =>PUM.Misplaced.Certificate
SUPPRIMÉ clé*: HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\63FEAE960BAA91E343CE2BD8B71798C76BDB77D0 [Avast Software] =>PUM.Misplaced.Certificate
SUPPRIMÉ clé*: HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\6431723036FD26DEA502792FA595922493030F97 [Avast Software] =>PUM.Misplaced.Certificate
SUPPRIMÉ clé*: HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\7D7F4414CCEF168ADF6BF40753B5BECD78375931 [Avast Software] =>PUM.Misplaced.Certificate
SUPPRIMÉ clé*: HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\80962AE4D6C5B442894E95A13E4A699E07D694CF [Avast Software] =>PUM.Misplaced.Certificate
SUPPRIMÉ clé*: HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\86E817C81A5CA672FE000F36F878C19518D6F844 [Avast Software] =>PUM.Misplaced.Certificate
SUPPRIMÉ clé*: HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\8E5BD50D6AE686D65252F843A9D4B96D197730AB [Avast Software] =>PUM.Misplaced.Certificate
SUPPRIMÉ clé*: HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\9845A431D51959CAF225322B4A4FE9F223CE6D15 [Avast Software] =>PUM.Misplaced.Certificate
SUPPRIMÉ clé*: HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\B533345D06F64516403C00DA03187D3BFEF59156 [Avast Software] =>PUM.Misplaced.Certificate
SUPPRIMÉ clé*: HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\B86E791620F759F17B8D25E38CA8BE32E7D5EAC2 [Avast Software] =>PUM.Misplaced.Certificate
SUPPRIMÉ clé*: HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\C060ED44CBD881BD0EF86C0BA287DDCF8167478C [Avast Software] =>PUM.Misplaced.Certificate
SUPPRIMÉ clé*: HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\CEA586B2CE593EC7D939898337C57814708AB2BE [Avast Software] =>PUM.Misplaced.Certificate
SUPPRIMÉ clé*: HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\D018B62DC518907247DF50925BB09ACF4A5CB3AD [Avast Software] =>PUM.Misplaced.Certificate
SUPPRIMÉ clé*: HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\F8A54E03AADC5692B850496A4C4630FFEAA29D83 [Avast Software] =>PUM.Misplaced.Certificate
SUPPRIMÉ clé*: HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\FA6660A94AB45F6A88C0D7874D89A863D74DEE97 [Avast Software] =>PUM.Misplaced.Certificate
SUPPRIMÉ clé*: HKEY_USERS\S-1-5-21-1451948697-2739782875-774728536-1000\SOFTWARE\Akamai [] =>.Superfluous.AkamaiHD
SUPPRIMÉ clé: HKCU\Software\Akamai [] =>.Superfluous.AkamaiHD
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Akamai [Akamai Technologies, Inc] =>.Superfluous.AkamaiHD
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\protector_dll.Protector [Protector Class] =>Adware.BProtector
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\protector_dll.Protector.1 [Protector Class] =>Adware.BProtector
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\protector_dll.ProtectorLib [ProtectorLib Class] =>Adware.BProtector
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\protector_dll.ProtectorLib.1 [ProtectorLib Class] =>Adware.BProtector
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0019665FE6C7C184189F4FF328B55333 [C:\ProgramData\Ableton\Live 9 Suite\Resources\Extensions\WebConnector\third_party\site-packages\nose-1.1.2-py2.5.egg\nose\plugins\doctests.pyc] =>Adware.Sambreel
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\003600429BC703E49BB2532021328E1B [C:\ProgramData\Ableton\Live 9 Suite\Resources\Extensions\WebConnector\third_party\lib\distutils\tests\test_versionpredicate.pyc] =>Adware.Sambreel
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\003E72085BC70935DAE076E79F8C879C [C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\ProjectTemplates\VisualBasic\Windows Root\Windows\1036\WPFBrowserApplication\assemblyinfo.vb] =>Adware.CrossRider
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0044FDB0A4330C347B8AAF3666350B4C [C:\ProgramData\Ableton\Live 9 Suite\Resources\Extensions\WebConnector\third_party\lib\difflib.pyc] =>Adware.Sambreel
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\007EA9358ECF4954183AFA74835D0D6B [C:\ProgramData\Ableton\Live 9 Suite\Resources\Extensions\WebConnector\third_party\site-packages\abl.util-0.1.10-py2.5.egg\abl\util\stream.pyc] =>Adware.Sambreel
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\01AC25267EF32CF4D92B5ECFB31B55E8 [C:\ProgramData\Ableton\Live 9 Suite\Resources\Extensions\WebConnector\third_party\lib\encodings\cp950.pyc] =>Adware.Sambreel
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\01B1C2BFF8B238E49BBC2048DDA7E923 [C:\ProgramData\Ableton\Live 9 Suite\Resources\Extensions\WebConnector\third_party\site-packages\abl.webconnector\abl\installer\__init__.pyc] =>Adware.Sambreel
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\033AFDA393AC77944B62D76067C0B64D [C:\ProgramData\Ableton\Live 9 Suite\Resources\Extensions\WebConnector\third_party\site-packages\abl.util-0.1.10-py2.5.egg\abl\util\memoization.pyc] =>Adware.Sambreel
SUPPRIMÉ valeur: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\Akamai NetSession Interface ["C:\Users\Japs\AppData\Local\Akamai\netsession_win.exe"] =>.Superfluous.AkamaiHD
SUPPRIMÉ valeur: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\TCP Query User{9CD115C2-6DE9-4610-837F-8489EB84A8A9}C:\users\japs\appdata\local\akamai\netsession_win.exe [C:\users\japs\appdata\local\akamai\netsession_win.exe] =>.Superfluous.AkamaiHD
SUPPRIMÉ valeur: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\UDP Query User{7C4B4BAA-18BF-4388-BF85-E2929E066709}C:\users\japs\appdata\local\akamai\netsession_win.exe [C:\users\japs\appdata\local\akamai\netsession_win.exe] =>.Superfluous.AkamaiHD
SUPPRIMÉ valeur: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\{90A20E32-2FCE-433C-AA86-21E3F6DC6031} [C:\users\japs\appdata\local\akamai\netsession_win.exe] =>.Superfluous.AkamaiHD
SUPPRIMÉ valeur: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\{FFAA5533-C610-47E0-8E2C-979FF3A17BD0} [C:\users\japs\appdata\local\akamai\netsession_win.exe] =>.Superfluous.AkamaiHD


---\\ Récapitulatif des éléments trouvés sur votre station. (9)
https://nicolascoolman.eu/2017/02/02/hijacker-browser-2/ =>Hijacker.Browser
https://nicolascoolman.eu/2017/04/03/hijacker-proxy/ =>Hijacker.Proxy
https://www.nicolascoolman.com/fr/pup-salus/ =>PUP.Optional.Salus
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.Superfluous.AkamaiHD
https://www.nicolascoolman.com/fr/adware-domaiq/ =>PUP.Optional.DomaIQ
https://nicolascoolman.eu/2017/06/26/trojan-certlock/ =>PUM.Misplaced.Certificate
https://nicolascoolman.eu/2017/04/12/adware-bprotector/ =>Adware.BProtector
https://www.nicolascoolman.com/fr/pup-optional-sambreel/ =>Adware.Sambreel
https://nicolascoolman.eu/2017/03/11/pup-optional-crossrider/ =>Adware.CrossRider


---\\ Nettoyage Additionnel. (51)
~ Suppression des Clés de registre Tracing. (51)
~ Suppression des anciens rapports ZHPCleaner. (0)


---\\ Bilan de la réparation
~ Réparation réalisée avec succès.
~ Ce navigateur est absent (Mozilla Firefox)
~ Ce navigateur est absent (Opera Software)
~ Le système a été redémarré.


---\\ Statistiques
~ Items scannés : 931
~ Items trouvés : 0
~ Items annulés : 0
~ Items réparés : 60


~ End of clean in 00h00mn54s
~====================
ZHPCleaner-[R]-28072017-11_45_36.txt
ZHPCleaner-[S]-28072017-11_44_05.txt

Publicité


Signaler le contenu de ce document

Publicité