Publicité
Publicité
Format du document : text/plain
Prévisualisation
~ ZHPCleaner v2018.7.30.155 by Nicolas Coolman (2018/07/30)
~ Run by Albert (Administrator) (03/08/2018 20:35:55)
~ Web: https://www.nicolascoolman.com
~ Blog: https://nicolascoolman.eu/
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Version OK
~ Certificate ZHPCleaner: Legal
~ Type : Nettoyer
~ Report : C:\Users\Albert\Desktop\ZHPCleaner.txt
~ Quarantine : C:\Users\Albert\AppData\Roaming\ZHP\ZHPCleaner_Reg.txt
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
Windows 8.1, 64-bit (Build 9600)
---\\ ALTERNATE DATA STREAM (ADS). (0)
~ Aucun élément malicieux ou superflu trouvé.
---\\ SERVICE. (1)
WINSOCK [Protocol_Catalog9\NameSpace_Catalog5\Catalog_Entries]: Remise à zéro du socket qui gère la couche TCP/IP =>Hijacker.Winsock
---\\ NAVIGATEUR INTERNET. (3)
REMPLACÉ Google Chrome Preferences: "https://d36s9hlc2vimc.cloudfront.net/" =>.SUP.CloudfrontNet
SUPPRIMÉ donnée: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer [Bad : 127.0.0.1:5000] =>Hijacker.Proxy
SUPPRIMÉ donnée: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable [Bad : 0] =>Hijacker.Proxy
---\\ FICHIER HÔTE. (1)
~ Le fichier hôte est légitime. (21)
---\\ TÂCHE PLANIFIÉE. (1)
SUPPRIMÉ tâche: [Yahoo! Powered ditid] [C:\Windows\Tasks\Yahoo! Powered ditid.job (Not File) ] =>Adware.YahooPowered
---\\ EXPLORATEUR ( Dossiers, Fichiers ). (12)
DEPLACÉ fichier: C:\Users\Albert\Desktop\µTorrent.lnk [Bad : C:\Users\Albert\AppData\Roaming\uTorrent\uTorrent.exe](.BitTorrent Inc..) =>BitTorrent (P2P)
DEPLACÉ fichier: C:\Users\Albert\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk [Bad : C:\Users\Albert\AppData\Roaming\uTorrent\uTorrent.exe](.BitTorrent Inc..) =>BitTorrent (P2P)
DEPLACÉ fichier: C:\Windows\Tasks\Yahoo! Powered ditid.job =>Adware.YahooPowered
DEPLACÉ fichier: C:\Users\Albert\Downloads\installer.exe [Akamai Technologies, Inc. - Akamai NetSession Client Installer] =>.SUP.AkamaiHD
DEPLACÉ fichier: C:\Users\Albert\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_d22j4fzzszoii2.cloudfront.net_0.localstorage =>.SUP.CloudfrontNet
DEPLACÉ fichier: C:\Users\Albert\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_d22j4fzzszoii2.cloudfront.net_0.localstorage-journal =>.SUP.CloudfrontNet
DEPLACÉ fichier*: C:\Program Files (x86)\Lavasoft\web companion =>PUP.Optional.LavasoftWebCompanion
DEPLACÉ fichier*: C:\ProgramData\Lavasoft\web companion =>PUP.Optional.LavasoftWebCompanion
DEPLACÉ fichier: C:\Users\Albert\AppData\Local\Akamai\netsession_win.exe [Akamai Technologies, Inc. - Akamai NetSession Client] =>.SUP.AkamaiHD
DEPLACÉ dossier: C:\Users\Albert\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce =>.SUP.SearchManager
DEPLACÉ dossier: C:\Users\Albert\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej =>.SUP.SearchManager
DEPLACÉ dossier: C:\Users\Albert\AppData\Local\Akamai =>.SUP.AkamaiHD
---\\ BASE DE REGISTRES ( Clés, Valeurs, Données ). (29)
SUPPRIMÉ clé: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2211d4a5-48d0-47f5-a7cd-81e861470f7f} [https://fr.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_secureddownloa[...]] [Yahoo! Powered] =>Adware.YahooPowered
SUPPRIMÉ clé: [X64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} [https://fr.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_secureddownloa[...]] [Yahoo! Powered] =>Adware.YahooPowered
SUPPRIMÉ clé: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} [https://fr.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_secureddownloa[...]] [Yahoo! Powered] =>Adware.YahooPowered
REMPLACÉ : HKLM64\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000008 [C:\Windows\System32\escortdrv.dll (Not File)] =>Hijacker.Winsock
SUPPRIMÉ clé*: HKCU\SOFTWARE\Google\Chrome\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce [] =>.SUP.SearchManager
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Google\Chrome\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce [] =>.SUP.SearchManager
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce [] =>.SUP.SearchManager
SUPPRIMÉ clé*: HKCU\SOFTWARE\Google\Chrome\Extensions\pilplloabdedfmialnfchjomjmpjcoej [] =>.SUP.SearchManager
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Google\Chrome\Extensions\pilplloabdedfmialnfchjomjmpjcoej [] =>.SUP.SearchManager
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\pilplloabdedfmialnfchjomjmpjcoej [] =>.SUP.SearchManager
SUPPRIMÉ clé: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2211d4a5-48d0-47f5-a7cd-81e861470f7f} [https://fr.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_secureddownload_17_39¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dfr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1Qzu0DtDyDtAyEzytCtAzytAzy0A0EzyyB0BtN0D0Tzu0StBtDzyzztN1L2XzutAtFtBzytFyCtFyDtAtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2SyBtCyDtB0A0D0BzztGtCyBtCtCtGyB0FtDzytGyB0DyCtDtGyCtDtD0EtBtD0EyD0D0EyE0D2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0Ezz0F0AtDtByD0AtGtCyDyCtBtGyE0CyDtCtG0A0DyC0AtGtCzy0FyCyDzz0CyEtAzzyC0F2QtN0A0LzuyEtN1B2Z1V1T1S1NzutCyEtAzzzy%26cr%3D226217563%26a%3Dwncy_secureddownload_17_39%26os_ver%3D6.3%26os%3DWindows%2B8.1&p={searchTerms}] =>Adware.YahooPowered
SUPPRIMÉ clé: [X64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} [https://fr.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_secureddownload_17_39¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dfr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1Qzu0DtDyDtAyEzytCtAzytAzy0A0EzyyB0BtN0D0Tzu0StBtDzyzztN1L2XzutAtFtBzytFyCtFyDtAtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2SyBtCyDtB0A0D0BzztGtCyBtCtCtGyB0FtDzytGyB0DyCtDtGyCtDtD0EtBtD0EyD0D0EyE0D2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0Ezz0F0AtDtByD0AtGtCyDyCtBtGyE0CyDtCtG0A0DyC0AtGtCzy0FyCyDzz0CyEtAzzyC0F2QtN0A0LzuyEtN1B2Z1V1T1S1NzutCyEtAzzzy%26cr%3D226217563%26a%3Dwncy_secureddownload_17_39%26os_ver%3D6.3%26os%3DWindows%2B8.1&p={searchTerms}] =>Adware.YahooPowered
SUPPRIMÉ clé: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} [https://fr.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_secureddownload_17_39¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dfr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1Qzu0DtDyDtAyEzytCtAzytAzy0A0EzyyB0BtN0D0Tzu0StBtDzyzztN1L2XzutAtFtBzytFyCtFyDtAtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2SyBtCyDtB0A0D0BzztGtCyBtCtCtGyB0FtDzytGyB0DyCtDtGyCtDtD0EtBtD0EyD0D0EyE0D2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0Ezz0F0AtDtByD0AtGtCyDyCtBtGyE0CyDtCtG0A0DyC0AtGtCzy0FyCyDzz0CyEtAzzyC0F2QtN0A0LzuyEtN1B2Z1V1T1S1NzutCyEtAzzzy%26cr%3D226217563%26a%3Dwncy_secureddownload_17_39%26os_ver%3D6.3%26os%3DWindows%2B8.1&p={searchTerms}] =>Adware.YahooPowered
SUPPRIMÉ clé*: HKEY_USERS\S-1-5-21-1109731196-1225286264-3777312828-1001\SOFTWARE\Akamai [] =>.SUP.AkamaiHD
SUPPRIMÉ clé: HKCU\Software\Akamai [] =>.SUP.AkamaiHD
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Akamai [Akamai Technologies, Inc] =>.SUP.AkamaiHD
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\uTorrent [BitTorrent Inc.] =>BitTorrent (P2P)
SUPPRIMÉ clé*: HKCU\Software\csastats [] =>Adware.InstallCore
SUPPRIMÉ clé*: HKCU\Software\undefined [] =>.SUP.Downloader
SUPPRIMÉ clé*: HKCU\Software\ProductSetup [] =>Adware.InstallCore
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com [] =>PUP.Optional.LavasoftWebCompanion
SUPPRIMÉ clé*: HKLM\SOFTWARE\Wow6432Node\Lavasoft\Web Companion [] =>PUP.Optional.LavasoftWebCompanion
SUPPRIMÉ clé: HKLM\SOFTWARE\Lavasoft\Web Companion [] =>PUP.Optional.LavasoftWebCompanion
SUPPRIMÉ clé*: HKLM\SYSTEM\CurrentControlSet\Services\WCAssistantService [] =>PUP.Optional.LavasoftWebCompanion
SUPPRIMÉ clé^: [X64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Yahoo! Powered ditid [] =>Adware.YahooPowered
SUPPRIMÉ valeur: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\Akamai NetSession Interface ["C:\Users\Albert\AppData\Local\Akamai\netsession_win.exe"] =>.SUP.AkamaiHD
SUPPRIMÉ valeur: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run\\Akamai NetSession Interface [0x03000000ADCD8AEC7738D301] =>.SUP.AkamaiHD
SUPPRIMÉ valeur: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\TCP Query User{5E9A2B8D-559F-4361-8E1B-4032F4AC9FD0}C:\users\albert\appdata\local\akamai\netsession_win.exe [C:\users\albert\appdata\local\akamai\netsession_win.exe] =>.SUP.AkamaiHD
SUPPRIMÉ valeur: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\UDP Query User{9D568F2D-EF71-43BE-920B-86D1F80ABFE2}C:\users\albert\appdata\local\akamai\netsession_win.exe [C:\users\albert\appdata\local\akamai\netsession_win.exe] =>.SUP.AkamaiHD
---\\ RÉCAPITULATIF DES ÉLÉMENTS TROUVÉS SUR VOTRE STATION. (10)
https://www.anti-malware.top/2016/09/25/hijacker-winsock/ =>Hijacker.Winsock
https://nicolascoolman.eu/2017/02/02/superfluous-cloudfrontnet/ =>.SUP.CloudfrontNet
https://nicolascoolman.eu/2017/04/03/hijacker-proxy/ =>Hijacker.Proxy
https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>Adware.YahooPowered
https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>BitTorrent (P2P)
https://nicolascoolman.eu/2017/12/26/sup-akamaihd/ =>.SUP.AkamaiHD
https://nicolascoolman.eu/2017/03/12/superfluous-lavasoftwebcompanion/ =>PUP.Optional.LavasoftWebCompanion
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.SUP.SearchManager
https://nicolascoolman.eu/2017/09/19/adware-installcore-3/ =>Adware.InstallCore
https://nicolascoolman.eu/2017/12/22/sup-downloader/ =>.SUP.Downloader
---\\ NETTOYAGE ADDITIONNEL. (37)
~ Suppression des Clés de registre Tracing. (37)
~ Suppression des anciens rapports ZHPCleaner. (0)
---\\ BILAN DE LA REPARATION
~ Réparation réalisée avec succès.
~ Le système a été redémarré.
---\\ STATISTIQUES
~ Items scannés : 951
~ Items trouvés : 0
~ Items annulés : 0
~ Items options : 0/7
~ Gain de place (Octets) : 0
~ End of clean in 00h00mn53s
---\\ LISTE DES RAPPORTS (2)
ZHPCleaner-[S]-03082018-20_35_10.txt
ZHPCleaner-[R]-03082018-20_36_48.txt
~ Run by Albert (Administrator) (03/08/2018 20:35:55)
~ Web: https://www.nicolascoolman.com
~ Blog: https://nicolascoolman.eu/
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Version OK
~ Certificate ZHPCleaner: Legal
~ Type : Nettoyer
~ Report : C:\Users\Albert\Desktop\ZHPCleaner.txt
~ Quarantine : C:\Users\Albert\AppData\Roaming\ZHP\ZHPCleaner_Reg.txt
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
Windows 8.1, 64-bit (Build 9600)
---\\ ALTERNATE DATA STREAM (ADS). (0)
~ Aucun élément malicieux ou superflu trouvé.
---\\ SERVICE. (1)
WINSOCK [Protocol_Catalog9\NameSpace_Catalog5\Catalog_Entries]: Remise à zéro du socket qui gère la couche TCP/IP =>Hijacker.Winsock
---\\ NAVIGATEUR INTERNET. (3)
REMPLACÉ Google Chrome Preferences: "https://d36s9hlc2vimc.cloudfront.net/" =>.SUP.CloudfrontNet
SUPPRIMÉ donnée: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer [Bad : 127.0.0.1:5000] =>Hijacker.Proxy
SUPPRIMÉ donnée: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable [Bad : 0] =>Hijacker.Proxy
---\\ FICHIER HÔTE. (1)
~ Le fichier hôte est légitime. (21)
---\\ TÂCHE PLANIFIÉE. (1)
SUPPRIMÉ tâche: [Yahoo! Powered ditid] [C:\Windows\Tasks\Yahoo! Powered ditid.job (Not File) ] =>Adware.YahooPowered
---\\ EXPLORATEUR ( Dossiers, Fichiers ). (12)
DEPLACÉ fichier: C:\Users\Albert\Desktop\µTorrent.lnk [Bad : C:\Users\Albert\AppData\Roaming\uTorrent\uTorrent.exe](.BitTorrent Inc..) =>BitTorrent (P2P)
DEPLACÉ fichier: C:\Users\Albert\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk [Bad : C:\Users\Albert\AppData\Roaming\uTorrent\uTorrent.exe](.BitTorrent Inc..) =>BitTorrent (P2P)
DEPLACÉ fichier: C:\Windows\Tasks\Yahoo! Powered ditid.job =>Adware.YahooPowered
DEPLACÉ fichier: C:\Users\Albert\Downloads\installer.exe [Akamai Technologies, Inc. - Akamai NetSession Client Installer] =>.SUP.AkamaiHD
DEPLACÉ fichier: C:\Users\Albert\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_d22j4fzzszoii2.cloudfront.net_0.localstorage =>.SUP.CloudfrontNet
DEPLACÉ fichier: C:\Users\Albert\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_d22j4fzzszoii2.cloudfront.net_0.localstorage-journal =>.SUP.CloudfrontNet
DEPLACÉ fichier*: C:\Program Files (x86)\Lavasoft\web companion =>PUP.Optional.LavasoftWebCompanion
DEPLACÉ fichier*: C:\ProgramData\Lavasoft\web companion =>PUP.Optional.LavasoftWebCompanion
DEPLACÉ fichier: C:\Users\Albert\AppData\Local\Akamai\netsession_win.exe [Akamai Technologies, Inc. - Akamai NetSession Client] =>.SUP.AkamaiHD
DEPLACÉ dossier: C:\Users\Albert\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce =>.SUP.SearchManager
DEPLACÉ dossier: C:\Users\Albert\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej =>.SUP.SearchManager
DEPLACÉ dossier: C:\Users\Albert\AppData\Local\Akamai =>.SUP.AkamaiHD
---\\ BASE DE REGISTRES ( Clés, Valeurs, Données ). (29)
SUPPRIMÉ clé: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2211d4a5-48d0-47f5-a7cd-81e861470f7f} [https://fr.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_secureddownloa[...]] [Yahoo! Powered] =>Adware.YahooPowered
SUPPRIMÉ clé: [X64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} [https://fr.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_secureddownloa[...]] [Yahoo! Powered] =>Adware.YahooPowered
SUPPRIMÉ clé: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} [https://fr.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_secureddownloa[...]] [Yahoo! Powered] =>Adware.YahooPowered
REMPLACÉ : HKLM64\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000008 [C:\Windows\System32\escortdrv.dll (Not File)] =>Hijacker.Winsock
SUPPRIMÉ clé*: HKCU\SOFTWARE\Google\Chrome\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce [] =>.SUP.SearchManager
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Google\Chrome\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce [] =>.SUP.SearchManager
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce [] =>.SUP.SearchManager
SUPPRIMÉ clé*: HKCU\SOFTWARE\Google\Chrome\Extensions\pilplloabdedfmialnfchjomjmpjcoej [] =>.SUP.SearchManager
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Google\Chrome\Extensions\pilplloabdedfmialnfchjomjmpjcoej [] =>.SUP.SearchManager
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\pilplloabdedfmialnfchjomjmpjcoej [] =>.SUP.SearchManager
SUPPRIMÉ clé: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2211d4a5-48d0-47f5-a7cd-81e861470f7f} [https://fr.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_secureddownload_17_39¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dfr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1Qzu0DtDyDtAyEzytCtAzytAzy0A0EzyyB0BtN0D0Tzu0StBtDzyzztN1L2XzutAtFtBzytFyCtFyDtAtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2SyBtCyDtB0A0D0BzztGtCyBtCtCtGyB0FtDzytGyB0DyCtDtGyCtDtD0EtBtD0EyD0D0EyE0D2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0Ezz0F0AtDtByD0AtGtCyDyCtBtGyE0CyDtCtG0A0DyC0AtGtCzy0FyCyDzz0CyEtAzzyC0F2QtN0A0LzuyEtN1B2Z1V1T1S1NzutCyEtAzzzy%26cr%3D226217563%26a%3Dwncy_secureddownload_17_39%26os_ver%3D6.3%26os%3DWindows%2B8.1&p={searchTerms}] =>Adware.YahooPowered
SUPPRIMÉ clé: [X64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} [https://fr.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_secureddownload_17_39¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dfr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1Qzu0DtDyDtAyEzytCtAzytAzy0A0EzyyB0BtN0D0Tzu0StBtDzyzztN1L2XzutAtFtBzytFyCtFyDtAtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2SyBtCyDtB0A0D0BzztGtCyBtCtCtGyB0FtDzytGyB0DyCtDtGyCtDtD0EtBtD0EyD0D0EyE0D2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0Ezz0F0AtDtByD0AtGtCyDyCtBtGyE0CyDtCtG0A0DyC0AtGtCzy0FyCyDzz0CyEtAzzyC0F2QtN0A0LzuyEtN1B2Z1V1T1S1NzutCyEtAzzzy%26cr%3D226217563%26a%3Dwncy_secureddownload_17_39%26os_ver%3D6.3%26os%3DWindows%2B8.1&p={searchTerms}] =>Adware.YahooPowered
SUPPRIMÉ clé: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} [https://fr.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_secureddownload_17_39¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dfr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1Qzu0DtDyDtAyEzytCtAzytAzy0A0EzyyB0BtN0D0Tzu0StBtDzyzztN1L2XzutAtFtBzytFyCtFyDtAtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2SyBtCyDtB0A0D0BzztGtCyBtCtCtGyB0FtDzytGyB0DyCtDtGyCtDtD0EtBtD0EyD0D0EyE0D2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0Ezz0F0AtDtByD0AtGtCyDyCtBtGyE0CyDtCtG0A0DyC0AtGtCzy0FyCyDzz0CyEtAzzyC0F2QtN0A0LzuyEtN1B2Z1V1T1S1NzutCyEtAzzzy%26cr%3D226217563%26a%3Dwncy_secureddownload_17_39%26os_ver%3D6.3%26os%3DWindows%2B8.1&p={searchTerms}] =>Adware.YahooPowered
SUPPRIMÉ clé*: HKEY_USERS\S-1-5-21-1109731196-1225286264-3777312828-1001\SOFTWARE\Akamai [] =>.SUP.AkamaiHD
SUPPRIMÉ clé: HKCU\Software\Akamai [] =>.SUP.AkamaiHD
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Akamai [Akamai Technologies, Inc] =>.SUP.AkamaiHD
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\uTorrent [BitTorrent Inc.] =>BitTorrent (P2P)
SUPPRIMÉ clé*: HKCU\Software\csastats [] =>Adware.InstallCore
SUPPRIMÉ clé*: HKCU\Software\undefined [] =>.SUP.Downloader
SUPPRIMÉ clé*: HKCU\Software\ProductSetup [] =>Adware.InstallCore
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com [] =>PUP.Optional.LavasoftWebCompanion
SUPPRIMÉ clé*: HKLM\SOFTWARE\Wow6432Node\Lavasoft\Web Companion [] =>PUP.Optional.LavasoftWebCompanion
SUPPRIMÉ clé: HKLM\SOFTWARE\Lavasoft\Web Companion [] =>PUP.Optional.LavasoftWebCompanion
SUPPRIMÉ clé*: HKLM\SYSTEM\CurrentControlSet\Services\WCAssistantService [] =>PUP.Optional.LavasoftWebCompanion
SUPPRIMÉ clé^: [X64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Yahoo! Powered ditid [] =>Adware.YahooPowered
SUPPRIMÉ valeur: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\Akamai NetSession Interface ["C:\Users\Albert\AppData\Local\Akamai\netsession_win.exe"] =>.SUP.AkamaiHD
SUPPRIMÉ valeur: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run\\Akamai NetSession Interface [0x03000000ADCD8AEC7738D301] =>.SUP.AkamaiHD
SUPPRIMÉ valeur: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\TCP Query User{5E9A2B8D-559F-4361-8E1B-4032F4AC9FD0}C:\users\albert\appdata\local\akamai\netsession_win.exe [C:\users\albert\appdata\local\akamai\netsession_win.exe] =>.SUP.AkamaiHD
SUPPRIMÉ valeur: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\UDP Query User{9D568F2D-EF71-43BE-920B-86D1F80ABFE2}C:\users\albert\appdata\local\akamai\netsession_win.exe [C:\users\albert\appdata\local\akamai\netsession_win.exe] =>.SUP.AkamaiHD
---\\ RÉCAPITULATIF DES ÉLÉMENTS TROUVÉS SUR VOTRE STATION. (10)
https://www.anti-malware.top/2016/09/25/hijacker-winsock/ =>Hijacker.Winsock
https://nicolascoolman.eu/2017/02/02/superfluous-cloudfrontnet/ =>.SUP.CloudfrontNet
https://nicolascoolman.eu/2017/04/03/hijacker-proxy/ =>Hijacker.Proxy
https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>Adware.YahooPowered
https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>BitTorrent (P2P)
https://nicolascoolman.eu/2017/12/26/sup-akamaihd/ =>.SUP.AkamaiHD
https://nicolascoolman.eu/2017/03/12/superfluous-lavasoftwebcompanion/ =>PUP.Optional.LavasoftWebCompanion
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.SUP.SearchManager
https://nicolascoolman.eu/2017/09/19/adware-installcore-3/ =>Adware.InstallCore
https://nicolascoolman.eu/2017/12/22/sup-downloader/ =>.SUP.Downloader
---\\ NETTOYAGE ADDITIONNEL. (37)
~ Suppression des Clés de registre Tracing. (37)
~ Suppression des anciens rapports ZHPCleaner. (0)
---\\ BILAN DE LA REPARATION
~ Réparation réalisée avec succès.
~ Le système a été redémarré.
---\\ STATISTIQUES
~ Items scannés : 951
~ Items trouvés : 0
~ Items annulés : 0
~ Items options : 0/7
~ Gain de place (Octets) : 0
~ End of clean in 00h00mn53s
---\\ LISTE DES RAPPORTS (2)
ZHPCleaner-[S]-03082018-20_35_10.txt
ZHPCleaner-[R]-03082018-20_36_48.txt