cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

~ ZHPCleaner v2018.4.11.62 by Nicolas Coolman (2018/04/11)
~ Run by User (Administrator) (18/04/2018 13:27:26)
~ Web: https://www.nicolascoolman.com
~ Blog: https://nicolascoolman.eu/
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Version KO
~ Certificate ZHPCleaner: Legal
~ Type : Repair
~ Report : C:\Users\User\Desktop\ZHPCleaner.txt
~ Quarantine : C:\Users\User\AppData\Roaming\ZHP\ZHPCleaner_Reg.txt
~ UAC : Deactivate
~ Boot Mode : Normal (Normal boot)
Windows 7 Home Premium, 32-bit Service Pack 1 (Build 7601)


---\\ Alternate Data Stream (ADS). (0)
~ No malicious or unnecessary items found.


---\\ Services (0)


---\\ Browser internet (0)
~ No malicious or unnecessary items found.


---\\ Hosts file (0)
~ No malicious or unnecessary items found.


---\\ Scheduled automatic tasks. (0)
~ No malicious or unnecessary items found.


---\\ Explorer ( File, Folder) (12)
MOVED file: C:\Program Files\appserver\php\nssm.exe [Iain Patterson - The non-sucking service manager] =>PUP.Optional.ServiceManager
MOVED file: C:\Windows\System32\Tasks\060184C3-9766-46a0-B258-F4518A0B2633 =>Adware.CrossRider
MOVED folder: C:\Users\User\AppData\Local\Tempzxpsign216349ce286ee2c0 =>.SUP.Temporary
MOVED folder: C:\Users\User\AppData\Local\Tempzxpsign4126036b2e785f83 =>.SUP.Temporary
MOVED folder: C:\Users\User\AppData\Local\Tempzxpsign4f7b6868cdddc111 =>.SUP.Temporary
MOVED folder: C:\Users\User\AppData\Local\Tempzxpsign95e77ef62cfcccb6 =>.SUP.Temporary
MOVED folder: C:\Users\User\AppData\Local\Tempzxpsignc2006c29b2528af9 =>.SUP.Temporary
MOVED folder: C:\Users\User\AppData\Local\Tempzxpsignc6348ee8bff89094 =>.SUP.Temporary
MOVED folder: C:\Users\User\AppData\Local\Tempzxpsignf97fa17d07b2d3fb =>.SUP.Temporary
MOVED folder: C:\Program Files\QuickTime =>Riskware.QuickTime
MOVED folder: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime =>Riskware.QuickTime
MOVED folder: C:\Users\User\AppData\Local\Google\Update =>Heuristic.Suspect


---\\ Registry ( Key, Value, Data) (15)
DELETED key*: HKLM\SYSTEM\CurrentControlSet\Services\iobit_monitor_server [\D:\Advanced SystemCare Ultimate\drivers\Monitor_x86.sys (Not File)] =>.SUP.AdvancedSystemCare
DELETED key*: HKLM\SYSTEM\CurrentControlSet\Services\appserver [C:\Program Files\appserver\php\nssm.exe (Not File)] =>PUP.Optional.ServiceManager
DELETED key*: HKLM\SYSTEM\CurrentControlSet\Services\appserver-php5-fpm [C:\Program Files\appserver\php\nssm.exe (Not File)] =>PUP.Optional.ServiceManager
DELETED key*: HKLM\SYSTEM\CurrentControlSet\Services\appserver-watcher [C:\Program Files\appserver\php\nssm.exe (Not File)] =>PUP.Optional.ServiceManager
DELETED key*: HKEY_USERS\S-1-5-21-1623517632-3426292095-284688614-1000\SOFTWARE\Magicbit [] =>.SUP.Magicbit
DELETED key: HKCU\Software\Magicbit [] =>.SUP.Magicbit
DELETED key*: HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5} [ITool] =>Toolbar.Ask
DELETED key*: HKLM\SOFTWARE\Classes\CLSID\{25C88C47-EB26-40D1-BDC7-BBB30E0F752B} [SlimWare Services Session Server] =>.SUP.SlimWareUtilities
DELETED key*: HKLM\SOFTWARE\Classes\CLSID\{36137FA3-91C0-48EF-B1A8-27C1974708B8} [SlimWare Services Session] =>.SUP.SlimWareUtilities
DELETED key*: HKLM\SYSTEM\CurrentControlSet\Services\KMService [] =>Hacktool.Office
DELETED key*: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{B0EB7DB5-3BC1-4D6E-9E46-C1277A655BFB} [Slimware Utilities Holdings, Inc.] =>.SUP.SlimWareUtilities
DELETED key*: HKLM\SOFTWARE\Classes\CLSID\{BDF76960-B341-4592-BDBA-DFC8C74165A9} [PSFactoryBuffer] =>.SUP.SlimWareUtilities
DELETED key: HKLM\SOFTWARE\Classes\CLSID\{BDF76960-B341-4592-BDBA-DFC8C74165A9}\InprocServer32 [C:\Program Files\SlimWare Utilities\Services\SlimWare.Session.ProxyStub.dll (Not File)] =>.SUP.SlimWareUtilities
DELETED key*: HKLM\SOFTWARE\Classes\CLSID\{E58DA376-0D39-45ED-A6EE-A7B6DD10BED2} [PSFactoryBuffer] =>.SUP.SlimWareUtilities
DELETED key: HKLM\SOFTWARE\Classes\CLSID\{E58DA376-0D39-45ED-A6EE-A7B6DD10BED2}\InprocServer32 [C:\Program Files\SlimWare Utilities\Services\SlimWare.Services.ProxyStub.dll (Not File)] =>.SUP.SlimWareUtilities


---\\ Summary of the elements found (10)
https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>PUP.Optional.ServiceManager
https://nicolascoolman.eu/2017/03/11/pup-optional-crossrider/ =>Adware.CrossRider
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.SUP.Temporary
https://nicolascoolman.eu/2017/01/15/riskware-quicktime/ =>Riskware.QuickTime
https://nicolascoolman.eu/2017/01/28/heuristic-suspect/ =>Heuristic.Suspect
https://nicolascoolman.eu/2017/12/26/sup-advancedsystemcare/ =>.SUP.AdvancedSystemCare
https://nicolascoolman.eu/2017/12/23/sup-magicbit/ =>.SUP.Magicbit
https://nicolascoolman.eu/2017/02/28/toolbar-ask/ =>Toolbar.Ask
https://nicolascoolman.eu/2017/03/03/superfluous-slimwareutilities/ =>.SUP.SlimWareUtilities
https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>Hacktool.Office


---\\ Other deletions. (3)
~ Registry Keys Tracing deleted (3)
~ Remove the old reports ZHPCleaner. (0)


---\\ Result of repair
~ Repair carried out successfully
~ Browser not found (Opera Software)


---\\ Statistics
~ Items scanned : 1220
~ Items found : 0
~ Items cancelled : 0
~ Items options : 0/7
~ Space saving (bytes) : 0


~ End of clean in 00h00mn31s

---\\ Reports (2)
ZHPCleaner-[S]-18042018-13_24_12.txt
ZHPCleaner-[R]-18042018-13_27_57.txt

Publicité


Signaler le contenu de ce document

Publicité