Publicité
Publicité
Format du document : text/plain
Prévisualisation
~ ZHPCleaner v2017.7.17.123 by Nicolas Coolman (2017/07/17)
~ Run by asus (Administrator) (10/08/2017 21:14:57)
~ Web: https://www.nicolascoolman.com
~ Blog: https://nicolascoolman.eu/
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Version OK
~ Certificate ZHPCleaner: Illegal
~ Type : Repair
~ Report : C:\Users\asus\Desktop\ZHPCleaner.txt
~ Quarantine : C:\Users\asus\AppData\Roaming\ZHP\ZHPCleaner_Reg.txt
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
Windows 10 Pro, 64-bit (Build 14393)
---\\ Services (1)
CLOSED : KMSEmulator =>HackTool.AutoKMS
---\\ Browser internet (4)
REPLACED Quicklaunch: C:\Users\asus\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk [Bad : https://launchpage.org/?uid=oTlKBKjdhx0cXu%2FWPIQ3ejrqxdqdUE1pR8xkuJd%2Fb0XpWbd%2FokHw3ceQWPlm4HlNB964](.Google Inc..) =>Hijacker.Browser
REPLACED TaskBar: C:\Users\asus\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk [Bad : https://launchpage.org/?uid=oTlKBKjdhx0cXu%2FWPIQ3ejrqxdqdUE1pR8xkuJd%2Fb0XpWbd%2FokHw3ceQWPlm4HlNB964](.Mozilla Corporation.) =>Hijacker.Browser
REPLACED Accessories: C:\Users\asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Internet Explorer.lnk [Bad : https://launchpage.org/?uid=oTlKBKjdhx0cXu%2FWPIQ3ejrqxdqdUE1pR8xkuJd%2Fb0XpWbd%2FokHw3ceQWPlm4HlNB964](.Microsoft Corporation.) =>PUP.Optional.Salus
REPLACED Accessories: C:\Users\asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Internet Explorer.lnk [Bad : https://launchpage.org/?uid=oTlKBKjdhx0cXu%2FWPIQ3ejrqxdqdUE1pR8xkuJd%2Fb0XpWbd%2FokHw3ceQWPlm4HlNB964](.Microsoft Corporation.) =>Hijacker.Browser
---\\ Hosts file (1)
~ The hosts file is legitimate (23)
---\\ Scheduled automatic tasks. (1)
DELETED task: [KMSAutoNet] [C:\ProgramData\KMSAutoS\KMSAuto Net.exe (Not File) ] =>HackTool.AutoKMS
---\\ Explorer ( File, Folder) (7)
MOVED file: C:\ProgramData\KMSAutoS\bin\KMSSS.exe [MDL Forum, mod by Ratiborus - KMS Server Emulator Service (XP)] =>HackTool.AutoKMS
MOVED file**: C:\ProgramData\KMSAutoS\KMSAuto Net.exe [MSFree Inc. - KMSAuto Net] =>HackTool.AutoKMS
MOVED file**: C:\Windows\SECOH-QAD.exe =>HackTool.KMSpico
MOVED file^: C:\Users\asus\AppData\Local\Akamai\netsession_win.exe [Akamai Technologies, Inc. - Akamai NetSession Client] =>.Superfluous.AkamaiHD
MOVED folder*: C:\ProgramData\KMSAutoS =>HackTool.WinActivator
MOVED folder^: C:\Users\asus\AppData\Local\Akamai =>.Superfluous.AkamaiHD
MOVED folder*: C:\Users\asus\AppData\Local\MSfree Inc =>HackTool.WinActivator
---\\ Registry ( Key, Value, Data) (8)
DELETED key*: HKLM\SYSTEM\CurrentControlSet\Services\KMSEmulator [C:\ProgramData\KMSAutoS\bin\KMSSS.exe (Not File)] =>HackTool.AutoKMS
DELETED key*: HKEY_USERS\S-1-5-21-3077491925-2672696224-801911577-1001\SOFTWARE\Akamai [] =>.Superfluous.AkamaiHD
DELETED key: HKCU\Software\Akamai [] =>.Superfluous.AkamaiHD
DELETED key*: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Akamai [Akamai Technologies, Inc] =>.Superfluous.AkamaiHD
DELETED key*: [X64] HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5} [ITool] =>Toolbar.Ask
DELETED value: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\Akamai NetSession Interface ["C:\Users\asus\AppData\Local\Akamai\netsession_win.exe"] =>.Superfluous.AkamaiHD
DELETED value: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\UDP Query User{A3D9FBF3-53DC-43FE-9C81-B6D7D78DD46A}C:\users\asus\appdata\local\akamai\netsession_win.exe [C:\users\asus\appdata\local\akamai\netsession_win.exe] =>.Superfluous.AkamaiHD
DELETED value: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\TCP Query User{B41E0935-FB95-4D56-AE94-7F96055D3E30}C:\users\asus\appdata\local\akamai\netsession_win.exe [C:\users\asus\appdata\local\akamai\netsession_win.exe] =>.Superfluous.AkamaiHD
---\\ Summary of the elements found (7)
https://nicolascoolman.eu/2017/02/02/hacktool-autokms/ =>HackTool.AutoKMS
https://nicolascoolman.eu/2017/02/02/hijacker-browser-2/ =>Hijacker.Browser
https://www.nicolascoolman.com/fr/pup-salus/ =>PUP.Optional.Salus
https://nicolascoolman.eu/2017/02/16/hacktool-kmspico/ =>HackTool.KMSpico
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.Superfluous.AkamaiHD
https://nicolascoolman.eu/2017/01/13/hacktool-winactivator/ =>HackTool.WinActivator
https://nicolascoolman.eu/2017/02/28/toolbar-ask/ =>Toolbar.Ask
---\\ Other deletions. (17)
~ Registry Keys Tracing deleted (17)
~ Remove the old reports ZHPCleaner. (0)
---\\ Result of repair
~ Repair carried out successfully
~ Browser not found (Opera Software)
~ The system has been restarted.
---\\ Statistics
~ Items scanned : 3197
~ Items found : 0
~ Items cancelled : 0
~ Items repaired : 21
~ End of clean in 00h01mn10s
~====================
ZHPCleaner-[R]-10082017-21_16_07.txt
ZHPCleaner-[S]-10082017-21_12_16.txt
~ Run by asus (Administrator) (10/08/2017 21:14:57)
~ Web: https://www.nicolascoolman.com
~ Blog: https://nicolascoolman.eu/
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Version OK
~ Certificate ZHPCleaner: Illegal
~ Type : Repair
~ Report : C:\Users\asus\Desktop\ZHPCleaner.txt
~ Quarantine : C:\Users\asus\AppData\Roaming\ZHP\ZHPCleaner_Reg.txt
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
Windows 10 Pro, 64-bit (Build 14393)
---\\ Services (1)
CLOSED : KMSEmulator =>HackTool.AutoKMS
---\\ Browser internet (4)
REPLACED Quicklaunch: C:\Users\asus\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk [Bad : https://launchpage.org/?uid=oTlKBKjdhx0cXu%2FWPIQ3ejrqxdqdUE1pR8xkuJd%2Fb0XpWbd%2FokHw3ceQWPlm4HlNB964](.Google Inc..) =>Hijacker.Browser
REPLACED TaskBar: C:\Users\asus\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk [Bad : https://launchpage.org/?uid=oTlKBKjdhx0cXu%2FWPIQ3ejrqxdqdUE1pR8xkuJd%2Fb0XpWbd%2FokHw3ceQWPlm4HlNB964](.Mozilla Corporation.) =>Hijacker.Browser
REPLACED Accessories: C:\Users\asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Internet Explorer.lnk [Bad : https://launchpage.org/?uid=oTlKBKjdhx0cXu%2FWPIQ3ejrqxdqdUE1pR8xkuJd%2Fb0XpWbd%2FokHw3ceQWPlm4HlNB964](.Microsoft Corporation.) =>PUP.Optional.Salus
REPLACED Accessories: C:\Users\asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Internet Explorer.lnk [Bad : https://launchpage.org/?uid=oTlKBKjdhx0cXu%2FWPIQ3ejrqxdqdUE1pR8xkuJd%2Fb0XpWbd%2FokHw3ceQWPlm4HlNB964](.Microsoft Corporation.) =>Hijacker.Browser
---\\ Hosts file (1)
~ The hosts file is legitimate (23)
---\\ Scheduled automatic tasks. (1)
DELETED task: [KMSAutoNet] [C:\ProgramData\KMSAutoS\KMSAuto Net.exe (Not File) ] =>HackTool.AutoKMS
---\\ Explorer ( File, Folder) (7)
MOVED file: C:\ProgramData\KMSAutoS\bin\KMSSS.exe [MDL Forum, mod by Ratiborus - KMS Server Emulator Service (XP)] =>HackTool.AutoKMS
MOVED file**: C:\ProgramData\KMSAutoS\KMSAuto Net.exe [MSFree Inc. - KMSAuto Net] =>HackTool.AutoKMS
MOVED file**: C:\Windows\SECOH-QAD.exe =>HackTool.KMSpico
MOVED file^: C:\Users\asus\AppData\Local\Akamai\netsession_win.exe [Akamai Technologies, Inc. - Akamai NetSession Client] =>.Superfluous.AkamaiHD
MOVED folder*: C:\ProgramData\KMSAutoS =>HackTool.WinActivator
MOVED folder^: C:\Users\asus\AppData\Local\Akamai =>.Superfluous.AkamaiHD
MOVED folder*: C:\Users\asus\AppData\Local\MSfree Inc =>HackTool.WinActivator
---\\ Registry ( Key, Value, Data) (8)
DELETED key*: HKLM\SYSTEM\CurrentControlSet\Services\KMSEmulator [C:\ProgramData\KMSAutoS\bin\KMSSS.exe (Not File)] =>HackTool.AutoKMS
DELETED key*: HKEY_USERS\S-1-5-21-3077491925-2672696224-801911577-1001\SOFTWARE\Akamai [] =>.Superfluous.AkamaiHD
DELETED key: HKCU\Software\Akamai [] =>.Superfluous.AkamaiHD
DELETED key*: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Akamai [Akamai Technologies, Inc] =>.Superfluous.AkamaiHD
DELETED key*: [X64] HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5} [ITool] =>Toolbar.Ask
DELETED value: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\Akamai NetSession Interface ["C:\Users\asus\AppData\Local\Akamai\netsession_win.exe"] =>.Superfluous.AkamaiHD
DELETED value: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\UDP Query User{A3D9FBF3-53DC-43FE-9C81-B6D7D78DD46A}C:\users\asus\appdata\local\akamai\netsession_win.exe [C:\users\asus\appdata\local\akamai\netsession_win.exe] =>.Superfluous.AkamaiHD
DELETED value: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\TCP Query User{B41E0935-FB95-4D56-AE94-7F96055D3E30}C:\users\asus\appdata\local\akamai\netsession_win.exe [C:\users\asus\appdata\local\akamai\netsession_win.exe] =>.Superfluous.AkamaiHD
---\\ Summary of the elements found (7)
https://nicolascoolman.eu/2017/02/02/hacktool-autokms/ =>HackTool.AutoKMS
https://nicolascoolman.eu/2017/02/02/hijacker-browser-2/ =>Hijacker.Browser
https://www.nicolascoolman.com/fr/pup-salus/ =>PUP.Optional.Salus
https://nicolascoolman.eu/2017/02/16/hacktool-kmspico/ =>HackTool.KMSpico
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.Superfluous.AkamaiHD
https://nicolascoolman.eu/2017/01/13/hacktool-winactivator/ =>HackTool.WinActivator
https://nicolascoolman.eu/2017/02/28/toolbar-ask/ =>Toolbar.Ask
---\\ Other deletions. (17)
~ Registry Keys Tracing deleted (17)
~ Remove the old reports ZHPCleaner. (0)
---\\ Result of repair
~ Repair carried out successfully
~ Browser not found (Opera Software)
~ The system has been restarted.
---\\ Statistics
~ Items scanned : 3197
~ Items found : 0
~ Items cancelled : 0
~ Items repaired : 21
~ End of clean in 00h01mn10s
~====================
ZHPCleaner-[R]-10082017-21_16_07.txt
ZHPCleaner-[S]-10082017-21_12_16.txt