cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

~ ZHPCleaner v2017.7.17.123 by Nicolas Coolman (2017/07/17)
~ Run by utilisateur (Administrator) (10/08/2017 18:03:10)
~ Web: https://www.nicolascoolman.com
~ Blog: https://nicolascoolman.eu/
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Version OK
~ Certificate ZHPCleaner: Illegal
~ Type : Nettoyer
~ Report : C:\Users\utilisateur\Desktop\ZHPCleaner.txt
~ Quarantine : C:\Users\utilisateur\AppData\Roaming\ZHP\ZHPCleaner_Reg.txt
~ UAC : Deactivate
~ Boot Mode : Normal (Normal boot)
Windows 7 Home Premium, 32-bit Service Pack 1 (Build 7601)


---\\ Service. (0)
~ Aucun élément malicieux ou superflu trouvé.


---\\ Navigateur internet. (0)
~ Aucun élément malicieux ou superflu trouvé.


---\\ Fichier hôte. (2)
TROUVÉ: 127.0.0.1 www.nouveau-avast.com # hosts anti-adware / pups =>PUM.Misplaced.Certificate
~ Nombre de redirections trouvées 2/1354


---\\ Tâche planifiée. (0)
~ Aucun élément malicieux ou superflu trouvé.


---\\ Explorateur ( Dossiers, Fichiers ). (10)
DEPLACÉ fichier: C:\Windows\Temp\{06E63667-4E8A-465D-A665-3319EFE49945}-GoogleUpdateSetup.exe =>Heuristic.Suspect
DEPLACÉ fichier: C:\Windows\Temp\{5DF4969E-EED7-4A8B-9B5A-CB03071E39C5}-GoogleUpdateSetup.exe =>Heuristic.Suspect
DEPLACÉ fichier: C:\Windows\Prefetch\BROWSERDEFENDER.EXE-8ABFE585.pf =>PUP.Optional.BrowserDefendert
DEPLACÉ fichier: C:\Windows\Prefetch\PRICORA-CHROMEINSTALLER.EXE-77D893E8.pf =>.Superfluous.Pricora
DEPLACÉ fichier: C:\Windows\Prefetch\PRICORA-CODEDOWNLOADER.EXE-CEF9B3A6.pf =>.Superfluous.Pricora
DEPLACÉ fichier: C:\Windows\Prefetch\PRICORA-FIREFOXINSTALLER.EXE-30255DB1.pf =>.Superfluous.Pricora
DEPLACÉ fichier: C:\Windows\Prefetch\SUPREME SAVINGS-BG.EXE-6596E2B9.pf =>PUP.Optional.RewardsArcade
DEPLACÉ fichier: C:\Windows\Prefetch\SUPREME SAVINGS.EXE-00F89973.pf =>PUP.Optional.RewardsArcade
DEPLACÉ fichier: C:\Users\utilisateur\AppData\Roaming\Bubble Dock.installation.log =>PUP.Optional.BubbleDock
DEPLACÉ dossier*: C:\Users\utilisateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\imonhoeiopfgoncjdldhhfjgocghkbbl =>Hijacker.Browser ["update_url":"https://clients2.google.com/service/]


---\\ Base de Registres ( Clés, Valeurs, Données ). (61)
SUPPRIMÉ clé*: HKLM\Software\Google\Chrome\Extensions\kbjlipmgfoamgjaogmbihaffnpkpjajp [C:\Program Files\Nosibay\Bubble Dock\extensions\GCSurfMatch.crx (Not File)] =>PUP.Optional.BubbleDock
SUPPRIMÉ clé*: HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\1916A2AF346D399F50313C393200F14140456616 [Avast Software] =>PUM.Misplaced.Certificate
SUPPRIMÉ clé*: HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\2A83E9020591A55FC6DDAD3FB102794C52B24E70 [Avast Software] =>PUM.Misplaced.Certificate
SUPPRIMÉ clé*: HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\2B84BFBB34EE2EF949FE1CBE30AA026416EB2216 [Avast Software] =>PUM.Misplaced.Certificate
SUPPRIMÉ clé*: HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\305F8BD17AA2CBC483A4C41B19A39A0C75DA39D6 [Avast Software] =>PUM.Misplaced.Certificate
SUPPRIMÉ clé*: HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\367D4B3B4FCBBC0B767B2EC0CDB2A36EAB71A4EB [Avast Software] =>PUM.Misplaced.Certificate
SUPPRIMÉ clé*: HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\3A850044D8A195CD401A680C012CB0A3B5F8DC08 [Avast Software] =>PUM.Misplaced.Certificate
SUPPRIMÉ clé*: HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\40AA38731BD189F9CDB5B9DC35E2136F38777AF4 [Avast Software] =>PUM.Misplaced.Certificate
SUPPRIMÉ clé*: HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\43D9BCB568E039D073A74A71D8511F7476089CC3 [Avast Software] =>PUM.Misplaced.Certificate
SUPPRIMÉ clé*: HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\471C949A8143DB5AD5CDF1C972864A2504FA23C9 [Avast Software] =>PUM.Misplaced.Certificate
SUPPRIMÉ clé*: HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\51C3247D60F356C7CA3BAF4C3F429DAC93EE7B74 [Avast Software] =>PUM.Misplaced.Certificate
SUPPRIMÉ clé*: HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\5DE83EE82AC5090AEA9D6AC4E7A6E213F946E179 [Avast Software] =>PUM.Misplaced.Certificate
SUPPRIMÉ clé*: HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\61793FCBFA4F9008309BBA5FF12D2CB29CD4151A [Avast Software] =>PUM.Misplaced.Certificate
SUPPRIMÉ clé*: HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\637162CC59A3A1E25956FA5FA8F60D2E1C52EAC6 [Avast Software] =>PUM.Misplaced.Certificate
SUPPRIMÉ clé*: HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\63FEAE960BAA91E343CE2BD8B71798C76BDB77D0 [Avast Software] =>PUM.Misplaced.Certificate
SUPPRIMÉ clé*: HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\6431723036FD26DEA502792FA595922493030F97 [Avast Software] =>PUM.Misplaced.Certificate
SUPPRIMÉ clé*: HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\7D7F4414CCEF168ADF6BF40753B5BECD78375931 [Avast Software] =>PUM.Misplaced.Certificate
SUPPRIMÉ clé*: HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\80962AE4D6C5B442894E95A13E4A699E07D694CF [Avast Software] =>PUM.Misplaced.Certificate
SUPPRIMÉ clé*: HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\86E817C81A5CA672FE000F36F878C19518D6F844 [Avast Software] =>PUM.Misplaced.Certificate
SUPPRIMÉ clé*: HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\8E5BD50D6AE686D65252F843A9D4B96D197730AB [Avast Software] =>PUM.Misplaced.Certificate
SUPPRIMÉ clé*: HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\9845A431D51959CAF225322B4A4FE9F223CE6D15 [Avast Software] =>PUM.Misplaced.Certificate
SUPPRIMÉ clé*: HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\B533345D06F64516403C00DA03187D3BFEF59156 [Avast Software] =>PUM.Misplaced.Certificate
SUPPRIMÉ clé*: HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\B86E791620F759F17B8D25E38CA8BE32E7D5EAC2 [Avast Software] =>PUM.Misplaced.Certificate
SUPPRIMÉ clé*: HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\C060ED44CBD881BD0EF86C0BA287DDCF8167478C [Avast Software] =>PUM.Misplaced.Certificate
SUPPRIMÉ clé*: HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\CEA586B2CE593EC7D939898337C57814708AB2BE [Avast Software] =>PUM.Misplaced.Certificate
SUPPRIMÉ clé*: HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\D018B62DC518907247DF50925BB09ACF4A5CB3AD [Avast Software] =>PUM.Misplaced.Certificate
SUPPRIMÉ clé*: HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\F8A54E03AADC5692B850496A4C4630FFEAA29D83 [Avast Software] =>PUM.Misplaced.Certificate
SUPPRIMÉ clé*: HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\FA6660A94AB45F6A88C0D7874D89A863D74DEE97 [Avast Software] =>PUM.Misplaced.Certificate
SUPPRIMÉ clé*: HKCU\Software\AppDataLow\Software\Freeven pro [] =>PUP.Optional.Freeven
SUPPRIMÉ clé*: HKCU\Software\AppDataLow\Software\MediaPlayerplus [] =>Adware.CrossRider
SUPPRIMÉ clé*: HKCU\Software\AppDataLow\Software\Re_markit [] =>PUP.Optional.ReMarkIt
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2c624e36-7844-4766-b8c5-6e76483e2c0d} [C:\Program Files\Freeven pro (Not File)] =>PUP.Optional.Freeven
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{d88bca23-63d2-4451-9cce-8474dd218789} [C:\Program Files\MediaPlayerplus (Not File)] =>Adware.CrossRider
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{fa72fa68-e640-4e65-94fd-6e85b6aee50b} [C:\Program Files\MediaPlayerplus (Not File)] =>Adware.CrossRider
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\mysearchdial.com [] =>PUP.Optional.MySearchDial
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\portaldosites.com [] =>PUP.Optional.PortaldoSites
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\static.livelyrics00.live-lyrics.com [440785] =>PUP.Optional.AddLyrics
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\webssearches.com [] =>PUP.Optional.WebsSearches
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.portaldosites.com [6847] =>PUP.Optional.PortaldoSites
SUPPRIMÉ clé*: HKCU\Software\Mozilla\Extends [] =>PUP.Optional.FastStart
SUPPRIMÉ clé*: HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\winzipersvc [] =>.Superfluous.TaiwanShuiMu
SUPPRIMÉ clé*: HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Wpm [] =>PUP.Optional.WpManager
SUPPRIMÉ clé*: HKLM\SOFTWARE\MediaPlayerplus [] =>Adware.CrossRider
SUPPRIMÉ clé*: HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2c624e36-7844-4766-b8c5-6e76483e2c0d} [C:\Program Files\Freeven pro (Not File)] =>PUP.Optional.Freeven
SUPPRIMÉ clé*: HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ba12d84b-9e51-467d-84cc-eae9b32802af} [C:\Program Files\Pricora (Not File)] =>.Superfluous.Pricora
SUPPRIMÉ clé*: HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{d88bca23-63d2-4451-9cce-8474dd218789} [C:\Program Files\MediaPlayerplus (Not File)] =>Adware.CrossRider
SUPPRIMÉ clé*: HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{f97e84cc-d445-4bb1-864b-ba1e2fd4cedf} [C:\Program Files\Pricora (Not File)] =>.Superfluous.Pricora
SUPPRIMÉ clé*: HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{fa72fa68-e640-4e65-94fd-6e85b6aee50b} [C:\Program Files\MediaPlayerplus (Not File)] =>Adware.CrossRider
SUPPRIMÉ clé*: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-1871111397-3539990770-1974983793-1000\Products\B55E73991336408439FE779E292F40DB [Webplayer] =>PUP.Optional.WebPlayer
SUPPRIMÉ clé*: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0142BC88CB837DA468B81A0F1DD4A893 [C:\Users\utilisateur\AppData\Roaming\FissaSearch\ (Not File)] =>PUP.Optional.OfferBox
SUPPRIMÉ clé*: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5D8011310B2622942868A458964FFDC5 [] =>PUP.Optional.IMBooster
SUPPRIMÉ clé*: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6C63F7979DCC2154CB9591969A5CB89D [] =>PUP.Optional.IMBooster
SUPPRIMÉ clé*: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6DD31E6C1A73B334383DF186676F4D20 [] =>PUP.Optional.IMBooster
SUPPRIMÉ clé*: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AB3204F747B20694B8D49EF92D8DC94B [] =>PUP.Optional.IMBooster
SUPPRIMÉ clé*: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C81E33A400B6F814E90C7A3354E2A3A5 [] =>PUP.Optional.IMBooster
SUPPRIMÉ clé*: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EDBF68C5F16790341B7C6FD7C7F8E4FC [] =>PUP.Optional.IMBooster
SUPPRIMÉ clé*: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FFA531D0F3A71504DA7AC6A11CE33739 [] =>PUP.Optional.IMBooster
SUPPRIMÉ valeur: HKLM\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION\\Supreme Savings-bg.exe [8000] =>PUP.Optional.RewardsArcade
SUPPRIMÉ valeur: HKLM\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION\\MediaPlayerplus-bg.exe [8000] =>Adware.CrossRider
SUPPRIMÉ valeur: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\{97532042-35A1-4A6F-9395-E91E4A431D13} [C:\Users\utilisateur\AppData\Local\Akamai\netsession_win.exe] =>.Superfluous.AkamaiHD
SUPPRIMÉ valeur: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\{001A7317-49A3-49AE-A69D-CF23BAD7A32B} [C:\Users\utilisateur\AppData\Local\Akamai\netsession_win.exe] =>.Superfluous.AkamaiHD


---\\ Récapitulatif des éléments trouvés sur votre station. (21)
https://nicolascoolman.eu/2017/06/26/trojan-certlock/ =>PUM.Misplaced.Certificate
https://nicolascoolman.eu/2017/01/28/heuristic-suspect/ =>Heuristic.Suspect
https://www.nicolascoolman.com/fr/pua-browserdefendert/ =>PUP.Optional.BrowserDefendert
https://www.anti-malware.top/2016/07/18/superfluous-pricora/ =>.Superfluous.Pricora
https://www.nicolascoolman.com/fr/pup-rewardsarcade/ =>PUP.Optional.RewardsArcade
https://www.nicolascoolman.com/fr/pup-bubbledock/ =>PUP.Optional.BubbleDock
https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>Hijacker.Browser ["update_url":"https://clients2.google.com/service/]
https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>PUP.Optional.Freeven
https://nicolascoolman.eu/2017/03/11/pup-optional-crossrider/ =>Adware.CrossRider
https://www.nicolascoolman.com/fr/pup-remarkit/ =>PUP.Optional.ReMarkIt
https://www.anti-malware.top/2016/04/29/superfluous-montiera/ =>PUP.Optional.MySearchDial
https://www.nicolascoolman.com/fr/hijacker-portaldosites/ =>PUP.Optional.PortaldoSites
https://nicolascoolman.eu/2017/02/24/pup-optional-addlyrics/ =>PUP.Optional.AddLyrics
https://www.nicolascoolman.com/fr/hijacker-webssearches/ =>PUP.Optional.WebsSearches
https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>PUP.Optional.FastStart
https://www.anti-malware.top/2016/05/05/superfluous-taiwanshuimu/ =>.Superfluous.TaiwanShuiMu
https://www.anti-malware.top/2016/06/18/superfluous-wpmanager/ =>PUP.Optional.WpManager
https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>PUP.Optional.WebPlayer
https://www.nicolascoolman.com/fr/pup-offerbox/ =>PUP.Optional.OfferBox
https://www.nicolascoolman.com/fr/adware-imbooster/ =>PUP.Optional.IMBooster
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.Superfluous.AkamaiHD


---\\ Nettoyage Additionnel. (14)
~ Suppression des Clés de registre Tracing. (14)
~ Suppression des anciens rapports ZHPCleaner. (0)


---\\ Bilan de la réparation
~ Réparation réalisée avec succès.


---\\ Statistiques
~ Items scannés : 3714
~ Items trouvés : 0
~ Items annulés : 0
~ Items réparés : 73


~ End of clean in 00h05mn09s
~====================
ZHPCleaner-[R]-10082017-18_08_19.txt
ZHPCleaner-[S]-10082017-18_02_19.txt

Publicité


Signaler le contenu de ce document

Publicité