cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

~ ZHPCleaner v2017.7.17.123 by Nicolas Coolman (2017/07/17)
~ Run by louro (Administrator) (01/08/2017 13:49:07)
~ Web: https://www.nicolascoolman.com
~ Blog: https://nicolascoolman.eu/
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Version OK
~ Certificate ZHPCleaner: Illegal
~ Type : Nettoyer
~ Report : C:\Users\louro\Desktop\ZHPCleaner.txt
~ Quarantine : C:\Users\louro\AppData\Roaming\ZHP\ZHPCleaner_Reg.txt
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
Windows 10 Home, 64-bit (Build 15063)


---\\ Service. (0)
~ Aucun élément malicieux ou superflu trouvé.


---\\ Navigateur internet. (5)
SUPPRIMÉ: [oshxyrbv.default] - user_pref("extensions.firefox@browser-security.de.sdk.baseURI", "resource://firefox-at-browser-secur[...] =>.Superfluous.VondosMedia
SUPPRIMÉ: [oshxyrbv.default] - user_pref("extensions.firefox@browser-security.de.sdk.domain", "firefox-at-browser-security-dot-de")[...] =>.Superfluous.VondosMedia
SUPPRIMÉ: [oshxyrbv.default] - user_pref("extensions.firefox@browser-security.de.sdk.load.reason", "startup"); =>.Superfluous.VondosMedia
SUPPRIMÉ: [oshxyrbv.default] - user_pref("extensions.firefox@browser-security.de.sdk.rootURI", "jar:file:///C:/Users/louro/AppData/[...] =>.Superfluous.VondosMedia
SUPPRIMÉ: [oshxyrbv.default] - user_pref("extensions.firefox@browser-security.de.sdk.version", "1.2.0"); =>.Superfluous.VondosMedia


---\\ Fichier hôte. (1)
~ Le fichier hôte est légitime. (21)


---\\ Tâche planifiée. (1)
SUPPRIMÉ tâche: [Yahoo! Powered tatan] [C:\Windows\System32\wscript.exe] =>Adware.YahooPowered


---\\ Explorateur ( Dossiers, Fichiers ). (26)
DEPLACÉ fichier: C:\Users\louro\AppData\Roaming\Mozilla\Firefox\Profiles\oshxyrbv.default\searchplugins\trovi.xml =>PUP.Optional.TroviCom
DEPLACÉ fichier: C:\Users\louro\AppData\Roaming\Mozilla\Firefox\Profiles\oshxyrbv.default\searchplugins\yahoo! powered.xml =>Adware.YahooPowered
DEPLACÉ fichier^: C:\Users\louro\AppData\Roaming\Mozilla\Firefox\Profiles\oshxyrbv.default\Extensions\cacaoweb@cacaoweb.org\chrome =>.Superfluous.CacaoWeb
DEPLACÉ fichier: C:\Users\louro\AppData\Roaming\Mozilla\Firefox\Profiles\oshxyrbv.default\Extensions\cacaoweb@cacaoweb.org\chrome.manifest =>.Superfluous.CacaoWeb
DEPLACÉ fichier^: C:\Users\louro\AppData\Roaming\Mozilla\Firefox\Profiles\oshxyrbv.default\Extensions\cacaoweb@cacaoweb.org\defaults =>.Superfluous.CacaoWeb
DEPLACÉ fichier: C:\Users\louro\AppData\Roaming\Mozilla\Firefox\Profiles\oshxyrbv.default\Extensions\cacaoweb@cacaoweb.org\install.rdf =>.Superfluous.CacaoWeb
DEPLACÉ fichier: C:\Users\louro\AppData\Roaming\Mozilla\Firefox\Profiles\oshxyrbv.default\extensions\cacaoweb@cacaoweb.org\defaults\preferences\prefs.js =>.Superfluous.CacaoWeb
DEPLACÉ fichier: C:\Users\louro\AppData\Roaming\Mozilla\Firefox\Profiles\oshxyrbv.default\extensions\cacaoweb@cacaoweb.org\chrome\skin\cacaoweb-64.png =>.Superfluous.CacaoWeb
DEPLACÉ fichier: C:\Users\louro\AppData\Roaming\Mozilla\Firefox\Profiles\oshxyrbv.default\extensions\cacaoweb@cacaoweb.org\chrome\skin\cacaoweb.css =>.Superfluous.CacaoWeb
DEPLACÉ fichier: C:\Users\louro\AppData\Roaming\Mozilla\Firefox\Profiles\oshxyrbv.default\extensions\cacaoweb@cacaoweb.org\chrome\skin\cacaoweb.png =>.Superfluous.CacaoWeb
DEPLACÉ fichier: C:\Users\louro\AppData\Roaming\Mozilla\Firefox\Profiles\oshxyrbv.default\extensions\cacaoweb@cacaoweb.org\chrome\locale\fr-FR\cacaoweb.properties =>.Superfluous.CacaoWeb
DEPLACÉ fichier: C:\Users\louro\AppData\Roaming\Mozilla\Firefox\Profiles\oshxyrbv.default\extensions\cacaoweb@cacaoweb.org\chrome\locale\es-ES\cacaoweb.properties =>.Superfluous.CacaoWeb
DEPLACÉ fichier: C:\Users\louro\AppData\Roaming\Mozilla\Firefox\Profiles\oshxyrbv.default\extensions\cacaoweb@cacaoweb.org\chrome\locale\en-US\cacaoweb.properties =>.Superfluous.CacaoWeb
DEPLACÉ fichier: C:\Users\louro\AppData\Roaming\Mozilla\Firefox\Profiles\oshxyrbv.default\extensions\cacaoweb@cacaoweb.org\chrome\locale\de-DE\cacaoweb.properties =>.Superfluous.CacaoWeb
DEPLACÉ fichier: C:\Users\louro\AppData\Roaming\Mozilla\Firefox\Profiles\oshxyrbv.default\extensions\cacaoweb@cacaoweb.org\chrome\content\cacaoweb.js =>.Superfluous.CacaoWeb
DEPLACÉ fichier: C:\Users\louro\AppData\Roaming\Mozilla\Firefox\Profiles\oshxyrbv.default\extensions\cacaoweb@cacaoweb.org\chrome\content\cacaoweb.xul =>.Superfluous.CacaoWeb
DEPLACÉ fichier: C:\Windows\Tasks\Yahoo! Powered tatan.job =>Adware.YahooPowered
DEPLACÉ fichier: C:\Users\louro\Desktop\cacaoweb.exe =>.Superfluous.CacaoWeb
DEPLACÉ fichier: C:\Users\louro\Downloads\PopcornTime-latest.exe [Popcorn Time - Popcorn Time Setup] =>.Superfluous.PopcornTime
DEPLACÉ dossier*: C:\Users\louro\AppData\Roaming\Mozilla\Firefox\Profiles\oshxyrbv.default\Extensions\cacaoweb@cacaoweb.org =>.Superfluous.CacaoWeb
DEPLACÉ dossier*: C:\Program Files (x86)\SearchProtect =>PUP.Optional.SearchProtect
DEPLACÉ dossier*: C:\Program Files\ByteFence =>.Superfluous.ByteFence
DEPLACÉ dossier*: C:\ProgramData\cosun =>Adware.CornerSunshine
DEPLACÉ dossier*: C:\Users\louro\AppData\Roaming\Corner Sunshine =>Adware.CornerSunshine
DEPLACÉ dossier*: C:\Users\louro\AppData\Local\bvyvave =>PUP.Optional.SearchProtect
DEPLACÉ dossier*: C:\Users\louro\AppData\Local\SearchProtect =>PUP.Optional.SearchProtect


---\\ Base de Registres ( Clés, Valeurs, Données ). (21)
SUPPRIMÉ clé: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{015DB5FA-EAFB-4592-A95B-F44D3EE87FA9} [http://www.trovi.com/Results.aspx?gd=&ctid=CT3333673&octid=EB_ORIGINAL_CTID&ISID=85C545FD-E196-4AFB-[...]] [Trovi] =>PUP.Optional.Trovigo
SUPPRIMÉ clé: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2f23ab71-4ac6-41f2-a955-ea576e553146} [https://fr.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_dnldastr_16_36&[...]] [Yahoo! Powered] =>Adware.YahooPowered
SUPPRIMÉ clé: [X64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{FCA7C020-E5F1-4427-A245-CBC9E5C3E64C} [https://fr.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_dnldastr_16_36&[...]] [Yahoo! Powered] =>Adware.YahooPowered
SUPPRIMÉ clé: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{FCA7C020-E5F1-4427-A245-CBC9E5C3E64C} [https://fr.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_dnldastr_16_36&[...]] [Yahoo! Powered] =>Adware.YahooPowered
SUPPRIMÉ clé: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{015DB5FA-EAFB-4592-A95B-F44D3EE87FA9} [http://www.trovi.com/Results.aspx?gd=&ctid=CT3333673&octid=EB_ORIGINAL_CTID&ISID=85C545FD-E196-4AFB-B92B-05E181C39138&SearchSource=58&CUI=&UM=8&UP=SPD5C3A58C-A33B-4520-80E3-18B20DB1E775&D=010216&q={searchTerms}&SSPV=] =>PUP.Optional.Trovigo
SUPPRIMÉ clé: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2f23ab71-4ac6-41f2-a955-ea576e553146} [https://fr.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_dnldastr_16_36¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dfr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0ByEyC0DzztAyC0DyD0BtAzz0C0A0EtAtN0D0Tzu0StCyBtCtAtN1L2XzutAtFtByEtFyCtFzytN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StD0DtCzyzyyByBtBtGyE0B0EtAtGyByB0EtCtGtByC0F0BtG0DtB0CyDyD0D0CyE0FtA0D0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2SzztAyC0DzyzzyDzztGtAyByDtCtGyE0F0B0BtGzy0E0CtCtGzyyB0CzzyB0BzzyByCtC0CyD2QtN0A0LzuyE%26cr%3D1303184946%26a%3Dwbf_dnldastr_16_36%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome&p={searchTerms}] =>Adware.YahooPowered
SUPPRIMÉ clé: [X64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{FCA7C020-E5F1-4427-A245-CBC9E5C3E64C} [https://fr.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_dnldastr_16_36¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dfr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0ByEyC0DzztAyC0DyD0BtAzz0C0A0EtAtN0D0Tzu0StCyBtCtAtN1L2XzutAtFtByEtFyCtFzytN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StD0DtCzyzyyByBtBtGyE0B0EtAtGyByB0EtCtGtByC0F0BtG0DtB0CyDyD0D0CyE0FtA0D0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2SzztAyC0DzyzzyDzztGtAyByDtCtGyE0F0B0BtGzy0E0CtCtGzyyB0CzzyB0BzzyByCtC0CyD2QtN0A0LzuyE%26cr%3D1303184946%26a%3Dwbf_dnldastr_16_36%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome&p={searchTerms}] =>Adware.YahooPowered
SUPPRIMÉ clé: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{FCA7C020-E5F1-4427-A245-CBC9E5C3E64C} [https://fr.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_dnldastr_16_36¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dfr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0ByEyC0DzztAyC0DyD0BtAzz0C0A0EtAtN0D0Tzu0StCyBtCtAtN1L2XzutAtFtByEtFyCtFzytN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StD0DtCzyzyyByBtBtGyE0B0EtAtGyByB0EtCtGtByC0F0BtG0DtB0CyDyD0D0CyE0FtA0D0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2SzztAyC0DzyzzyDzztGtAyByDtCtGyE0F0B0BtGzy0E0CtCtGzyyB0CzzyB0BzzyByCtC0CyD2QtN0A0LzuyE%26cr%3D1303184946%26a%3Dwbf_dnldastr_16_36%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome&p={searchTerms}] =>Adware.YahooPowered
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\SearchProtect [] =>PUP.Optional.SearchProtect
SUPPRIMÉ clé*: HKEY_USERS\S-1-5-21-2242623253-3678190702-3318410541-1001\SOFTWARE\cacaoweb [C:\Users\louro\AppData\Roaming\cacaoweb\cacaoweb.exe (Not File)] =>.Superfluous.CacaoWeb
SUPPRIMÉ clé*: HKEY_USERS\S-1-5-21-2242623253-3678190702-3318410541-1001\SOFTWARE\Corner Sunshine [] =>Adware.CornerSunshine
SUPPRIMÉ clé*: HKEY_USERS\S-1-5-21-2242623253-3678190702-3318410541-1001\SOFTWARE\ICSW1.22 [] =>Adware.InstallCore
SUPPRIMÉ clé: HKCU\Software\cacaoweb [C:\Users\louro\AppData\Roaming\cacaoweb\cacaoweb.exe (Not File)] =>.Superfluous.CacaoWeb
SUPPRIMÉ clé: HKCU\Software\Corner Sunshine [] =>Adware.CornerSunshine
SUPPRIMÉ clé: HKCU\Software\ICSW1.22 [] =>Adware.InstallCore
SUPPRIMÉ clé*: HKCU\Software\csastats [] =>Adware.InstallCore
SUPPRIMÉ clé*: HKCU\Software\ProductSetup [] =>Adware.InstallCore
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\TypeLib\{1112F282-7099-4624-A439-DB29D6551552} [OCComSDK 1.0 Type Library] =>Adware.OpenCandy
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Corner Sunshine [] =>Adware.CornerSunshine
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\SPPDCOM [] =>.Superfluous.PCSpeedUp
SUPPRIMÉ clé: [X64] HKLM\SOFTWARE\Wow6432Node\Classes\TypeLib\{1112F282-7099-4624-A439-DB29D6551552} [OCComSDK 1.0 Type Library] =>Adware.OpenCandy


---\\ Récapitulatif des éléments trouvés sur votre station. (12)
https://www.anti-malware.top/2016/04/24/superfluous-vondosmedia/ =>.Superfluous.VondosMedia
https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>Adware.YahooPowered
https://www.nicolascoolman.com/fr/hijacker-trovicom/ =>PUP.Optional.TroviCom
https://nicolascoolman.eu/2017/01/15/superfluous-cacaoweb/ =>.Superfluous.CacaoWeb
https://nicolascoolman.eu/2017/02/26/superfluous-popcorntime/ =>.Superfluous.PopcornTime
https://nicolascoolman.eu/2017/02/07/pup-optional-searchprotect/ =>PUP.Optional.SearchProtect
https://nicolascoolman.eu/2017/03/13/superfluous-bytefence/ =>.Superfluous.ByteFence
https://www.anti-malware.top/2016/09/06/adware-cornersunshine/ =>Adware.CornerSunshine
https://www.nicolascoolman.com/fr/hijacker-trovigo/ =>PUP.Optional.Trovigo
https://nicolascoolman.eu/2017/03/12/adware-installcore-2/ =>Adware.InstallCore
https://nicolascoolman.eu/2017/02/24/adware-opencandy/ =>Adware.OpenCandy
https://nicolascoolman.eu/2017/03/05/superfluous-pcspeeduppro/ =>.Superfluous.PCSpeedUp


---\\ Nettoyage Additionnel. (17)
~ Suppression des Clés de registre Tracing. (17)
~ Suppression des anciens rapports ZHPCleaner. (0)


---\\ Bilan de la réparation
~ Réparation réalisée avec succès.
~ Ce navigateur est absent (Opera Software)
~ Le système a été redémarré.


---\\ Statistiques
~ Items scannés : 1588
~ Items trouvés : 0
~ Items annulés : 0
~ Items réparés : 53


~ End of clean in 00h01mn00s
~====================
ZHPCleaner-[R]-01082017-13_50_07.txt
ZHPCleaner-[S]-01082017-13_26_18.txt
ZHPCleaner-[S]-01082017-13_48_43.txt

Publicité


Signaler le contenu de ce document

Publicité