cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

~ ZHPCleaner v2018.11.1.189 by Nicolas Coolman (2018/11/01)
~ Run by Muller (Administrator) (02/11/2018 14:48:34)
~ Web: https://www.nicolascoolman.com
~ Blog: https://nicolascoolman.eu/
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Version OK
~ Certificate ZHPCleaner: Legal
~ Type : Nettoyer
~ Report : C:\Users\Muller\Desktop\ZHPCleaner.txt
~ Quarantine : C:\Users\Muller\AppData\Roaming\ZHP\ZHPCleaner_Reg.txt
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
Windows 10 Pro, 64-bit (Build 17134)


---\\ ALTERNATE DATA STREAM (ADS). (0)
~ Aucun élément malicieux ou superflu trouvé.


---\\ SERVICE. (0)
~ Aucun élément malicieux ou superflu trouvé.


---\\ NAVIGATEUR INTERNET. (1)
SUPPRIMÉ donnée: HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\webcompanion.com\\http [Bad : Sensitive Websites] =>PUP.Optional.LavasoftWebCompanion


---\\ FICHIER HÔTE. (1)
~ Le fichier hôte est légitime. (1)


---\\ TÂCHE PLANIFIÉE. (0)
~ Aucun élément malicieux ou superflu trouvé.


---\\ EXPLORATEUR ( Dossiers, Fichiers ). (12)
DEPLACÉ fichier: C:\Users\Muller\AppData\Roaming\Mozilla\Firefox\Profiles\frJDfj6B.default\searchplugins\bing-lavasoft.xml =>PUP.Optional.LavasoftWebCompanion
DEPLACÉ fichier: C:\Users\Muller\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_spartybooking.com_0.localstorage =>PUP.Optional.Booking
DEPLACÉ fichier: C:\Users\Muller\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_spartybooking.com_0.localstorage-journal =>PUP.Optional.Booking
DEPLACÉ fichier*: C:\Program Files (x86)\Lavasoft\web companion =>PUP.Optional.LavasoftWebCompanion
DEPLACÉ fichier: C:\Windows\SysWOW64\LavasoftTcpServiceOff.ini =>PUP.Optional.LavasoftWebCompanion
DEPLACÉ fichier: C:\WINDOWS\System32\LavasoftTcpServiceOff.ini =>PUP.Optional.LavasoftWebCompanion
DEPLACÉ fichier*: C:\Users\Muller\AppData\Roaming\Lavasoft\web companion =>PUP.Optional.LavasoftWebCompanion
DEPLACÉ fichier^: C:\ProgramData\Lavasoft\web companion =>PUP.Optional.LavasoftWebCompanion
DEPLACÉ dossier: C:\Users\Muller\AppData\Local\Google\Chrome\User Data\Default\Extensions\mplamgaojjgfaelahmmmbmhnlfhcfamb =>Hijacker.Browser
DEPLACÉ dossier: C:\WINDOWS\System32\config\systemprofile\AppData\Local\LavasoftTcpService =>PUP.Optional.LavasoftWebCompanion
DEPLACÉ dossier: C:\WINDOWS\SysWOW64\config\systemprofile\AppData\Local\LavasoftTcpService =>PUP.Optional.LavasoftWebCompanion
DEPLACÉ dossier: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft\WebCompanion =>PUP.Optional.LavasoftWebCompanion


---\\ BASE DE REGISTRES ( Clés, Valeurs, Données ). (33)
SUPPRIMÉ clé*: HKU\S-1-5-21-34950723-3622257856-1134976912-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com [] =>PUP.Optional.LavasoftWebCompanion
SUPPRIMÉ clé*: HKCU\Software\Lavasoft\Web Companion [] =>PUP.Optional.LavasoftWebCompanion
SUPPRIMÉ clé*: HKCU\Software\undefined [] =>.SUP.Downloader
SUPPRIMÉ clé: HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com [] =>PUP.Optional.LavasoftWebCompanion
SUPPRIMÉ clé*: HKLM\SOFTWARE\Wow6432Node\Lavasoft\Web Companion [] =>PUP.Optional.LavasoftWebCompanion
SUPPRIMÉ clé: HKLM\SOFTWARE\Lavasoft\Web Companion [] =>PUP.Optional.LavasoftWebCompanion
SUPPRIMÉ clé*: HKLM\SOFTWARE\Classes\TypeLib\{ED62BC6E-64F1-46BE-866F-4C8DC0DF7057} [] =>PUP.Optional.Legacy
SUPPRIMÉ clé*: HKLM\System\CurrentControlSet\Services\EventLog\Reason\ReasonByteFence [] =>.SUP.ByteFence
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\AppID\{2CE0F1DC-C504-4B7B-A385-D94A2531DFFB} [LavasoftTcpService] =>PUP.Optional.LavasoftWebCompanion
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataContainer [DataContainer Class] =>PUP.Optional.LavasoftWebCompanion
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataContainer.1 [DataContainer Class] =>PUP.Optional.LavasoftWebCompanion
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataController [DataController Class] =>PUP.Optional.LavasoftWebCompanion
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataController.1 [DataController Class] =>PUP.Optional.LavasoftWebCompanion
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTable [DataTable Class] =>PUP.Optional.LavasoftWebCompanion
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTable.1 [DataTable Class] =>PUP.Optional.LavasoftWebCompanion
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableFields [DataTableFields Class] =>PUP.Optional.LavasoftWebCompanion
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableFields.1 [DataTableFields Class] =>PUP.Optional.LavasoftWebCompanion
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableHolder [DataTableHolder Class] =>PUP.Optional.LavasoftWebCompanion
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableHolder.1 [DataTableHolder Class] =>PUP.Optional.LavasoftWebCompanion
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.LSPLogic [LSPLogic Class] =>PUP.Optional.LavasoftWebCompanion
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.LSPLogic.1 [LSPLogic Class] =>PUP.Optional.LavasoftWebCompanion
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.ReadOnlyManager [ReadOnlyManager Class] =>PUP.Optional.LavasoftWebCompanion
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.ReadOnlyManager.1 [ReadOnlyManager Class] =>PUP.Optional.LavasoftWebCompanion
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.WFPController [WFPController Class] =>PUP.Optional.LavasoftWebCompanion
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.WFPController.1 [WFPController Class] =>PUP.Optional.LavasoftWebCompanion
SUPPRIMÉ clé: [X64] HKLM\SOFTWARE\Wow6432Node\Classes\AppID\{2CE0F1DC-C504-4B7B-A385-D94A2531DFFB} [LavasoftTcpService] =>PUP.Optional.LavasoftWebCompanion
SUPPRIMÉ valeur: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\Web Companion [C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize ] =>PUP.Optional.LavasoftWebCompanion
SUPPRIMÉ valeur: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\GoogleChromeAutoLaunch_02FAA10F24AF7AE795C34E39084E80E2 ["C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5] =>PUP.Optional.MyBrowser
SUPPRIMÉ valeur: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run\\AppleIEDAV [0x020000000000000000000000] =>.SUP.HideBaid
SUPPRIMÉ valeur: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run\\ApplePhotoStreams [0x020000000000000000000000] =>.SUP.HideBaid
SUPPRIMÉ valeur: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run\\Web Companion [0x020000000000000000000000] =>PUP.Optional.LavasoftWebCompanion
SUPPRIMÉ valeur: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run\\EpicGamesLauncher [0x020000000000000000000000] =>Heuristic.Suspect
SUPPRIMÉ valeur: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run\\GoogleChromeAutoLaunch_02FAA10F24AF7AE795C34E39084E80E2 [0x020000000000000000000000] =>Trojan.Dropper


---\\ RÉCAPITULATIF DES ÉLÉMENTS TROUVÉS SUR VOTRE STATION. (10)
https://nicolascoolman.eu/2017/03/12/superfluous-lavasoftwebcompanion/ =>PUP.Optional.LavasoftWebCompanion
https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>PUP.Optional.Booking
https://nicolascoolman.eu/2017/11/10/hijacker-browser-3/ =>Hijacker.Browser
https://nicolascoolman.eu/2017/12/22/sup-downloader/ =>.SUP.Downloader
https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>PUP.Optional.Legacy
https://nicolascoolman.eu/2017/03/13/superfluous-bytefence/ =>.SUP.ByteFence
https://nicolascoolman.eu/2017/11/01/adware-mybrowser/ =>PUP.Optional.MyBrowser
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.SUP.HideBaid
https://nicolascoolman.eu/2017/01/28/heuristic-suspect/ =>Heuristic.Suspect
https://www.anti-malware.top/2016/09/07/trojan-dropper/ =>Trojan.Dropper


---\\ NETTOYAGE ADDITIONNEL. (28)
~ Suppression des Clés de registre Tracing. (25)
~ Suppression des anciens rapports ZHPCleaner. (3)


---\\ BILAN DE LA REPARATION
~ Réparation réalisée avec succès.
~ Ce navigateur est absent (Opera Software)
~ Le système a été redémarré.


---\\ STATISTIQUES
~ Items scannés : 812
~ Items trouvés : 0
~ Items annulés : 0
~ Items options : 0/7
~ Gain de place (Octets) : 0


~ End of clean in 00h00mn58s

---\\ LISTE DES RAPPORTS (2)
ZHPCleaner-[S]-02112018-14_47_19.txt
ZHPCleaner-[R]-02112018-14_49_32.txt

Publicité


Signaler le contenu de ce document

Publicité