Publicité
Publicité
Format du document : text/plain
Prévisualisation
~ ZHPCleaner v2018.10.4.180 by Nicolas Coolman (2018/10/04)
~ Run by DiDaN (Administrator) (05/10/2018 00:01:29)
~ Web: https://www.nicolascoolman.com
~ Blog: https://nicolascoolman.eu/
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Version OK
~ Certificate ZHPCleaner: Legal
~ Type : Repair
~ Report : C:\Users\DiDaN\Desktop\ZHPCleaner.txt
~ Quarantine : C:\Users\DiDaN\AppData\Roaming\ZHP\ZHPCleaner_Reg.txt
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
Windows 10 Pro, 64-bit (Build 17134)
---\\ Alternate Data Stream (ADS). (0)
~ No malicious or unnecessary items found.
---\\ Services (0)
~ No malicious or unnecessary items found.
---\\ Browser internet (0)
~ No malicious or unnecessary items found.
---\\ Hosts file (3)
FOUND: 149.202.196.40 dow0.drivereasy.com =>Hijacker.Hosts
FOUND: 149.202.196.40 dow1.drivereasy.com =>Hijacker.Hosts
Number of found redirections 2/4
---\\ Scheduled automatic tasks. (1)
DELETED task: [update-S-1-5-21-3555456109-1735637794-955960373-1002] [C:\Program Files (x86)\Skillbrains\Updater\Updater.exe (Not File) ] =>.SUP.Skillbrains
---\\ Explorer ( File, Folder) (22)
MOVED file: C:\Users\DiDaN\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Systweak CacheBoost.lnk [Bad : C:\Program Files (x86)\Systweak\Systweak CacheBoost\CB.exe](.Systweak Inc..) =>.SUP.Systweak
MOVED file: C:\Users\Public\Desktop\Systweak CacheBoost.lnk [Bad : C:\Program Files (x86)\Systweak\Systweak CacheBoost\CB.exe](.Systweak Inc..) =>.SUP.Systweak
MOVED file: C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [ - TODO:] =>.SUP.Skillbrains
MOVED file: C:\Users\DiDaN\Downloads\Programs\cb-setup.exe [Systweak Inc - Systweak CacheBoost] =>.SUP.Systweak
MOVED file: C:\Users\DiDaN\Downloads\Programs\setup-lightshot.exe [Skillbrains - lightshot Setup] =>.SUP.Skillbrains
MOVED file: C:\Users\DiDaN\Downloads\Compressed\gta iv\new mod\KMSpico\KMSpico 10.2.0 Final + Portable\KMSpico Portable\AutoPico.exe [@ByELDI - AutoPico] =>HackTool.KMSpico
MOVED file: C:\Users\DiDaN\Downloads\Compressed\gta iv\new mod\KMSpico\KMSpico 10.2.0 Final + Portable\KMSpico Portable\KMSELDI.exe [@ByELDI - KMS GUI ELDI] =>HackTool.KMSpico
MOVED file: C:\Program Files (x86)\Popcorn Time\Updater.exe [Popcorn Time - Updater] =>.SUP.PopcornTime
MOVED folder: C:\Users\DiDaN\AppData\Local\Google\Chrome\User Data\Default\Extensions\homnophpjlhlpaglnfpomcambjmgceem =>Hijacker.Browser ["update_url" : "https://clients88.google.com/servi]
MOVED folder: C:\Users\DiDaN\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\homnophpjlhlpaglnfpomcambjmgceem =>Hijacker.Browser
MOVED folder: C:\Users\DiDaN\AppData\Roaming\DRPNPS =>.SUP.DriverPack
MOVED folder^: C:\Program Files (x86)\Popcorn Time =>.SUP.PopcornTime
MOVED folder^: C:\Program Files (x86)\Skillbrains =>.SUP.Skillbrains
MOVED folder: C:\Program Files (x86)\Systweak =>.SUP.Systweak
MOVED folder: C:\Program Files\KMSpico =>HackTool.KMSpico
MOVED folder: C:\ProgramData\PrefsSecure =>.SUP.Linkury
MOVED folder: C:\ProgramData\Uniblue =>.SUP.Uniblue
MOVED folder: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Systweak CacheBoost =>.SUP.Systweak
MOVED folder: C:\Users\DiDaN\AppData\Roaming\Tencent =>.SUP.Tencent
MOVED folder: C:\Users\DiDaN\Downloads\PopcornTime =>.SUP.PopcornTime
MOVED folder: C:\Users\DiDaN\AppData\Local\PopcornTime =>.SUP.PopcornTime
MOVED folder: C:\Users\DiDaN\AppData\Roaming\IObit\Advanced SystemCare =>.SUP.AdvancedSystemCare
---\\ Registry ( Key, Value, Data) (14)
DELETED key*: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DF1F1901-098E-4B7E-BDAB-BBAD7AEC2086} [YoutubeAdBlock] =>PUP.Optional.YouTubeAdBlock
DELETED key*: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{DF1F1901-098E-4B7E-BDAB-BBAD7AEC2086} [] =>PUP.Optional.YouTubeAdBlock
DELETED key*: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF1F1901-098E-4B7E-BDAB-BBAD7AEC2086} [] =>PUP.Optional.YouTubeAdBlock
DELETED key*: [X64] HKLM\Software\Classes\CLSID\{DF1F1901-098E-4B7E-BDAB-BBAD7AEC2086} [YoutubeAdBlock] =>PUP.Optional.YouTubeAdBlock
DELETED key*: [X64] HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{DF1F1901-098E-4B7E-BDAB-BBAD7AEC2086} [YoutubeAdBlock] =>PUP.Optional.YouTubeAdBlock
DELETED key*: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\uTorrent [BitTorrent Inc.] =>BitTorrent (P2P)
DELETED key*: HKU\S-1-5-21-3555456109-1735637794-955960373-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\drp.su [] =>.SUP.DriverPack
DELETED key: HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\drp.su [] =>.SUP.DriverPack
DELETED key*: [X64] HKLM\SOFTWARE\Classes\driverscanner [] =>PUP.Optional.DriverScanner
DELETED key*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\1655C0CA-7AE7-4012-8502-970C8675E5F8 [Company Inc.] =>Adware.CloudAtlas
DELETED key*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1 [Skillbrains] =>.SUP.Skillbrains
DELETED key: [X64] HKLM\SOFTWARE\Classes\CLSID\{DF1F1901-098E-4B7E-BDAB-BBAD7AEC2086}\InprocServer32 [] =>Adware.Sambreel
DELETED value: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\{5E0F3FD3-D9E3-4F16-B315-A665FCA77D3A} [C:\Program Files (x86)\Popcorn Time\Updater.exe] =>.SUP.PopcornTime
DELETED value: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\{12E32896-49E3-4D05-9179-1F94A78E2D77} [C:\Program Files (x86)\Popcorn Time\Updater.exe] =>.SUP.PopcornTime
---\\ Summary of the elements found (17)
https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>Hijacker.Hosts
https://www.anti-malware.top/2016/04/30/superfluous-skillbrains/ =>.SUP.Skillbrains
https://nicolascoolman.eu/2017/09/14/sup-systweak/ =>.SUP.Systweak
https://nicolascoolman.eu/2017/02/16/hacktool-kmspico/ =>HackTool.KMSpico
https://nicolascoolman.eu/2017/02/26/superfluous-popcorntime/ =>.SUP.PopcornTime
https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>Hijacker.Browser ["update_url" : "https://clients88.google.com/servi]
https://nicolascoolman.eu/2017/11/10/hijacker-browser-3/ =>Hijacker.Browser
https://nicolascoolman.eu/2018/07/04/sup-driverpack/ =>.SUP.DriverPack
https://nicolascoolman.eu/2017/09/07/pup-optional-salus/ =>.SUP.Linkury
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.SUP.Uniblue
https://nicolascoolman.eu/2017/02/23/tencentadressbar/ =>.SUP.Tencent
https://nicolascoolman.eu/2017/12/26/sup-advancedsystemcare/ =>.SUP.AdvancedSystemCare
https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>PUP.Optional.YouTubeAdBlock
https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>BitTorrent (P2P)
https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>PUP.Optional.DriverScanner
https://nicolascoolman.eu/2017/08/10/adware-cloudatlas/ =>Adware.CloudAtlas
https://nicolascoolman.eu/2017/09/24/adware-sambreel/ =>Adware.Sambreel
---\\ Other deletions. (36)
~ Registry Keys Tracing deleted (34)
~ Remove the old reports ZHPCleaner. (2)
---\\ Result of repair
~ Repair carried out successfully
~ Browser not found (Mozilla Firefox)
~ Browser not found (Opera Software)
~ The system has been restarted.
---\\ Statistics
~ Items scanned : 506
~ Items found : 0
~ Items cancelled : 0
~ Items options : 0/7
~ Space saving (bytes) : 0
~ End of clean in 00h00mn35s
---\\ Reports (2)
ZHPCleaner-[S]-05102018-00_00_44.txt
ZHPCleaner-[R]-05102018-00_02_04.txt
~ Run by DiDaN (Administrator) (05/10/2018 00:01:29)
~ Web: https://www.nicolascoolman.com
~ Blog: https://nicolascoolman.eu/
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Version OK
~ Certificate ZHPCleaner: Legal
~ Type : Repair
~ Report : C:\Users\DiDaN\Desktop\ZHPCleaner.txt
~ Quarantine : C:\Users\DiDaN\AppData\Roaming\ZHP\ZHPCleaner_Reg.txt
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
Windows 10 Pro, 64-bit (Build 17134)
---\\ Alternate Data Stream (ADS). (0)
~ No malicious or unnecessary items found.
---\\ Services (0)
~ No malicious or unnecessary items found.
---\\ Browser internet (0)
~ No malicious or unnecessary items found.
---\\ Hosts file (3)
FOUND: 149.202.196.40 dow0.drivereasy.com =>Hijacker.Hosts
FOUND: 149.202.196.40 dow1.drivereasy.com =>Hijacker.Hosts
Number of found redirections 2/4
---\\ Scheduled automatic tasks. (1)
DELETED task: [update-S-1-5-21-3555456109-1735637794-955960373-1002] [C:\Program Files (x86)\Skillbrains\Updater\Updater.exe (Not File) ] =>.SUP.Skillbrains
---\\ Explorer ( File, Folder) (22)
MOVED file: C:\Users\DiDaN\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Systweak CacheBoost.lnk [Bad : C:\Program Files (x86)\Systweak\Systweak CacheBoost\CB.exe](.Systweak Inc..) =>.SUP.Systweak
MOVED file: C:\Users\Public\Desktop\Systweak CacheBoost.lnk [Bad : C:\Program Files (x86)\Systweak\Systweak CacheBoost\CB.exe](.Systweak Inc..) =>.SUP.Systweak
MOVED file: C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [ - TODO:
MOVED file: C:\Users\DiDaN\Downloads\Programs\cb-setup.exe [Systweak Inc - Systweak CacheBoost] =>.SUP.Systweak
MOVED file: C:\Users\DiDaN\Downloads\Programs\setup-lightshot.exe [Skillbrains - lightshot Setup] =>.SUP.Skillbrains
MOVED file: C:\Users\DiDaN\Downloads\Compressed\gta iv\new mod\KMSpico\KMSpico 10.2.0 Final + Portable\KMSpico Portable\AutoPico.exe [@ByELDI - AutoPico] =>HackTool.KMSpico
MOVED file: C:\Users\DiDaN\Downloads\Compressed\gta iv\new mod\KMSpico\KMSpico 10.2.0 Final + Portable\KMSpico Portable\KMSELDI.exe [@ByELDI - KMS GUI ELDI] =>HackTool.KMSpico
MOVED file: C:\Program Files (x86)\Popcorn Time\Updater.exe [Popcorn Time - Updater] =>.SUP.PopcornTime
MOVED folder: C:\Users\DiDaN\AppData\Local\Google\Chrome\User Data\Default\Extensions\homnophpjlhlpaglnfpomcambjmgceem =>Hijacker.Browser ["update_url" : "https://clients88.google.com/servi]
MOVED folder: C:\Users\DiDaN\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\homnophpjlhlpaglnfpomcambjmgceem =>Hijacker.Browser
MOVED folder: C:\Users\DiDaN\AppData\Roaming\DRPNPS =>.SUP.DriverPack
MOVED folder^: C:\Program Files (x86)\Popcorn Time =>.SUP.PopcornTime
MOVED folder^: C:\Program Files (x86)\Skillbrains =>.SUP.Skillbrains
MOVED folder: C:\Program Files (x86)\Systweak =>.SUP.Systweak
MOVED folder: C:\Program Files\KMSpico =>HackTool.KMSpico
MOVED folder: C:\ProgramData\PrefsSecure =>.SUP.Linkury
MOVED folder: C:\ProgramData\Uniblue =>.SUP.Uniblue
MOVED folder: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Systweak CacheBoost =>.SUP.Systweak
MOVED folder: C:\Users\DiDaN\AppData\Roaming\Tencent =>.SUP.Tencent
MOVED folder: C:\Users\DiDaN\Downloads\PopcornTime =>.SUP.PopcornTime
MOVED folder: C:\Users\DiDaN\AppData\Local\PopcornTime =>.SUP.PopcornTime
MOVED folder: C:\Users\DiDaN\AppData\Roaming\IObit\Advanced SystemCare =>.SUP.AdvancedSystemCare
---\\ Registry ( Key, Value, Data) (14)
DELETED key*: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DF1F1901-098E-4B7E-BDAB-BBAD7AEC2086} [YoutubeAdBlock] =>PUP.Optional.YouTubeAdBlock
DELETED key*: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{DF1F1901-098E-4B7E-BDAB-BBAD7AEC2086} [] =>PUP.Optional.YouTubeAdBlock
DELETED key*: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF1F1901-098E-4B7E-BDAB-BBAD7AEC2086} [] =>PUP.Optional.YouTubeAdBlock
DELETED key*: [X64] HKLM\Software\Classes\CLSID\{DF1F1901-098E-4B7E-BDAB-BBAD7AEC2086} [YoutubeAdBlock] =>PUP.Optional.YouTubeAdBlock
DELETED key*: [X64] HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{DF1F1901-098E-4B7E-BDAB-BBAD7AEC2086} [YoutubeAdBlock] =>PUP.Optional.YouTubeAdBlock
DELETED key*: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\uTorrent [BitTorrent Inc.] =>BitTorrent (P2P)
DELETED key*: HKU\S-1-5-21-3555456109-1735637794-955960373-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\drp.su [] =>.SUP.DriverPack
DELETED key: HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\drp.su [] =>.SUP.DriverPack
DELETED key*: [X64] HKLM\SOFTWARE\Classes\driverscanner [] =>PUP.Optional.DriverScanner
DELETED key*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\1655C0CA-7AE7-4012-8502-970C8675E5F8 [Company Inc.] =>Adware.CloudAtlas
DELETED key*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1 [Skillbrains] =>.SUP.Skillbrains
DELETED key: [X64] HKLM\SOFTWARE\Classes\CLSID\{DF1F1901-098E-4B7E-BDAB-BBAD7AEC2086}\InprocServer32 [] =>Adware.Sambreel
DELETED value: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\{5E0F3FD3-D9E3-4F16-B315-A665FCA77D3A} [C:\Program Files (x86)\Popcorn Time\Updater.exe] =>.SUP.PopcornTime
DELETED value: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\{12E32896-49E3-4D05-9179-1F94A78E2D77} [C:\Program Files (x86)\Popcorn Time\Updater.exe] =>.SUP.PopcornTime
---\\ Summary of the elements found (17)
https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>Hijacker.Hosts
https://www.anti-malware.top/2016/04/30/superfluous-skillbrains/ =>.SUP.Skillbrains
https://nicolascoolman.eu/2017/09/14/sup-systweak/ =>.SUP.Systweak
https://nicolascoolman.eu/2017/02/16/hacktool-kmspico/ =>HackTool.KMSpico
https://nicolascoolman.eu/2017/02/26/superfluous-popcorntime/ =>.SUP.PopcornTime
https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>Hijacker.Browser ["update_url" : "https://clients88.google.com/servi]
https://nicolascoolman.eu/2017/11/10/hijacker-browser-3/ =>Hijacker.Browser
https://nicolascoolman.eu/2018/07/04/sup-driverpack/ =>.SUP.DriverPack
https://nicolascoolman.eu/2017/09/07/pup-optional-salus/ =>.SUP.Linkury
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.SUP.Uniblue
https://nicolascoolman.eu/2017/02/23/tencentadressbar/ =>.SUP.Tencent
https://nicolascoolman.eu/2017/12/26/sup-advancedsystemcare/ =>.SUP.AdvancedSystemCare
https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>PUP.Optional.YouTubeAdBlock
https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>BitTorrent (P2P)
https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>PUP.Optional.DriverScanner
https://nicolascoolman.eu/2017/08/10/adware-cloudatlas/ =>Adware.CloudAtlas
https://nicolascoolman.eu/2017/09/24/adware-sambreel/ =>Adware.Sambreel
---\\ Other deletions. (36)
~ Registry Keys Tracing deleted (34)
~ Remove the old reports ZHPCleaner. (2)
---\\ Result of repair
~ Repair carried out successfully
~ Browser not found (Mozilla Firefox)
~ Browser not found (Opera Software)
~ The system has been restarted.
---\\ Statistics
~ Items scanned : 506
~ Items found : 0
~ Items cancelled : 0
~ Items options : 0/7
~ Space saving (bytes) : 0
~ End of clean in 00h00mn35s
---\\ Reports (2)
ZHPCleaner-[S]-05102018-00_00_44.txt
ZHPCleaner-[R]-05102018-00_02_04.txt