Publicité
Publicité
Format du document : text/plain
Prévisualisation
~ ZHPCleaner v2019.4.18.50 by Nicolas Coolman (2019/04/18)
~ Run by Louis (Administrator) (19/04/2019 12:14:50)
~ Web: https://www.nicolascoolman.com
~ Blog: https://nicolascoolman.eu/
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Version OK
~ Certificate ZHPCleaner: Legal
~ Type : Scan
~ Report : C:\Users\Louis\Desktop\ZHPCleaner (S).txt
~ Quarantine : C:\Users\Louis\AppData\Roaming\ZHP\ZHPCleaner_Reg.txt
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
Windows 10 Pro, 64-bit (Build 17763)
---\ Alternate Data Stream (ADS). (0)
~ No malicious or unnecessary items found. (ADS)
---\ Services (0)
~ No malicious or unnecessary items found. (Service)
---\ Browser internet (0)
~ No malicious or unnecessary items found. (Browser)
---\ Hosts file (1)
~ The hosts file is legitimate (21)
---\ Scheduled automatic tasks. (0)
~ No malicious or unnecessary items found. (Task)
---\ Explorer ( File, Folder) (39)
FOUND folder: C:\Users\Louis\AppData\Roaming\PDAppFlex =>Trojan.Elpman
FOUND file: C:\Windows\Prefetch\TOTALAV.EXE-6037D4D2.pf =>.SUP.TotalAV
FOUND file: C:\Windows\Prefetch\TOTALAV_SETUP.EXE-803EE1E2.pf =>.SUP.TotalAV
FOUND file: C:\Windows\Installer\wix{1FD817A6-63E1-4519-BFD4-228DABB7AB6B}.SchedServiceConfig.rmi =>.SUP.Empty
FOUND file: C:\Windows\Installer\wix{3DDA8C8B-7623-42DE-81C3-9E41CAD4F14A}.SchedServiceConfig.rmi =>.SUP.Empty
FOUND file: C:\Windows\Installer\wix{9CBA860F-7437-4A75-941C-8EF559F2D145}.SchedServiceConfig.rmi =>.SUP.Empty
FOUND file: C:\Windows\Installer\wix{B2E25355-C24E-4E7D-8AD3-455D59810838}.SchedServiceConfig.rmi =>.SUP.Empty
FOUND file: C:\Windows\Installer\wix{C5FDDED7-DEC7-48B4-AFD8-DFB8A0FD199A}.SchedServiceConfig.rmi =>.SUP.Empty
FOUND file: C:\Windows\Installer\wix{C99F4AFA-B32C-4063-865C-D7B5CC0A78FB}.SchedServiceConfig.rmi =>.SUP.Empty
FOUND file: C:\Windows\Installer\wix{F814D094-197F-43C8-87FA-3210BB780486}.SchedServiceConfig.rmi =>.SUP.Empty
FOUND file: C:\Windows\Installer\wix{FBA3961B-D1DF-493C-BC1F-E67D3B832895}.SchedServiceConfig.rmi =>.SUP.Empty
FOUND file: C:\Users\Louis\Downloads\TotalAV_Setup.exe [(C) SS Protect Ltd - TotalAV Ultimate Antivirus Installer] =>.SUP.TotalAV
FOUND file: C:\Users\Louis\AppData\Local\Temp\aria-debug-1844.log =>.SUP.Temporary.OneDrive
FOUND file: C:\Users\Louis\AppData\Local\Temp\wct322.tmp =>.SUP.Temporary.Office
FOUND file: C:\Users\Louis\AppData\Local\Temp\wctDB04.tmp =>.SUP.Temporary.Office
FOUND file: C:\Users\Louis\AppData\Local\Temp\~DF2B99D9C9260551D3.TMP =>.SUP.Temporary.Other
FOUND file: C:\Users\Louis\AppData\Local\Temp\~DF3070F81E0F15D8D8.TMP =>.SUP.Temporary.Other
FOUND file: C:\Users\Louis\AppData\Local\Temp\~DFA930EF336B4DD9A7.TMP =>.SUP.Temporary.Other
FOUND file: C:\Users\Louis\AppData\Local\Temp\~DFABDB7FA06B320F41.TMP =>.SUP.Temporary.Other
FOUND file: C:\Users\Louis\AppData\Local\Temp\~DFAEF64A98C4301760.TMP =>.SUP.Temporary.Other
FOUND file: C:\Users\Louis\AppData\Local\Temp\~DFBA25AC7FFA555A5A.TMP =>.SUP.Temporary.Other
FOUND file: C:\Users\Louis\AppData\Local\Temp\~DFC4E60E4BA217A38D.TMP =>.SUP.Temporary.Other
FOUND file: C:\Users\Louis\AppData\Local\Temp\~DFCA6C3D20A7A8F723.TMP =>.SUP.Temporary.Other
FOUND folder: C:\Users\Louis\Documents\TotalAV\PasswordVault =>.SUP.TotalAV
FOUND folder: C:\Users\Louis\Documents\TotalAV =>.SUP.TotalAV
FOUND folder: C:\Program Files (x86)\IOBIT\Driver Booster =>.SUP.Energize
FOUND folder: C:\Program Files (x86)\Common Files\IObit\Advanced SystemCare =>.SUP.AdvancedSystemCare
FOUND folder: C:\ProgramData\IOBIT\Driver Booster =>.SUP.Energize
FOUND folder: C:\ProgramData\IObit\Advanced SystemCare =>.SUP.AdvancedSystemCare
FOUND folder: C:\ProgramData\SecuritySuite =>.SUP.ScanGuard
FOUND folder: C:\ProgramData\Application Data\IObit\ASCDownloader =>.SUP.AdvancedSystemCare
FOUND folder: C:\ProgramData\IObit\ASCDownloader =>.SUP.AdvancedSystemCare
FOUND folder: C:\Users\Louis\AppData\LocalLow\IObit\Advanced SystemCare =>.SUP.AdvancedSystemCare
FOUND folder: C:\Users\Louis\AppData\Roaming\IOBIT\Driver Booster =>.SUP.Energize
FOUND folder: C:\Users\Louis\AppData\Roaming\IObit\Advanced SystemCare =>.SUP.AdvancedSystemCare
FOUND folder: C:\WINDOWS\Installer\MSI6E1F.tmp- =>.SUP.Empty
FOUND folder: C:\WINDOWS\Installer\MSI7A93.tmp- =>.SUP.Empty
FOUND folder: C:\WINDOWS\Installer\MSI7C5A.tmp- =>.SUP.Empty
FOUND folder: C:\WINDOWS\Installer\MSI9852.tmp- =>.SUP.Empty
---\ Registry ( Key, Value, Data) (17)
FOUND key: [X64] HKLM\SOFTWARE\81bfc699-f883-50c7-b674-2483b6baae23 [] =>Adware.CrossRider
FOUND key: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\TotalAV_RASAPI32 [] =>.SUP.TotalAV
FOUND key: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\TotalAV_RASMANCS [] =>.SUP.TotalAV
FOUND value: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run\\Advanced SystemCare Ultimate [0x03000000E0770F10EC98D401] =>.SUP.AdvancedSystemCare
FOUND value: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run\\EpicGamesLauncher [0x03000000806C4013EC98D401] =>Heuristic.Suspect
FOUND value: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run\\Application Restart #3 [0x03000000C0E0188D7FC2D401] =>.SUP.HideBaid
FOUND key: HKCU\Software\undefined [] =>.SUP.Downloader
FOUND key: HKLM\SOFTWARE\Wow6432Node\IObit\Advanced SystemCare [] =>.SUP.AdvancedSystemCare
FOUND key: HKLM\SOFTWARE\Wow6432Node\IObit\ASC [] =>.SUP.AdvancedSystemCare
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files (x86)\NZXT\CAM\ChipsetDriver\Legacy Driver\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files (x86)\NZXT\CAM\ChipsetDriver\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files (x86)\NZXT\CAM\ChipsetDriver\Driver Installation Tool\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files (x86)\NZXT\CAM\ChipsetDriver\Driver Installation Tool\x64\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files (x86)\NZXT\CAM\ChipsetDriver\Driver Installation Tool\x86\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files (x86)\NZXT\CAM\KrakenDriver\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files (x86)\NZXT\CAM\KrakenDriver\x64\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files (x86)\NZXT\CAM\KrakenDriver\x86\ [No Folder] =>.SUP.Obsolete.NoFolder
---\ Summary of the elements found (14)
https://nicolascoolman.eu/2017/09/23/trojan-elpman/ =>Trojan.Elpman
https://nicolascoolman.eu/2017/10/30/sup-totalav/ =>.SUP.TotalAV
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.SUP.Empty
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.SUP.Temporary.OneDrive
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.SUP.Temporary.Office
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.SUP.Temporary.Other
https://www.anti-malware.top/2016/11/06/superfluous-energize/ =>.SUP.Energize
https://nicolascoolman.eu/2017/12/26/sup-advancedsystemcare/ =>.SUP.AdvancedSystemCare
https://nicolascoolman.eu/2017/12/21/sup-scanguard/ =>.SUP.ScanGuard
https://nicolascoolman.eu/2017/03/11/pup-optional-crossrider/ =>Adware.CrossRider
https://nicolascoolman.eu/2017/01/28/heuristic-suspect/ =>Heuristic.Suspect
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.SUP.HideBaid
https://nicolascoolman.eu/2017/12/22/sup-downloader/ =>.SUP.Downloader
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.SUP.Obsolete.NoFolder
---\ Result of repair
~ Any repair made
~ Browser not found (Mozilla Firefox)
~ Browser not found (Opera Software)
---\ Statistics
~ Items scanned : 96945
~ Items found : 58
~ Items cancelled : 0
~ Items options : 12/12
~ Space saving (bytes) : 167536
~ End of search in 00h03mn59s
---\ Reports (3)
ZHPCleaner-[S]-19042019-00_06_16.txt
ZHPCleaner-[S]-19042019-11_39_51.txt
ZHPCleaner-[S]-19042019-12_18_49.txt
~ Run by Louis (Administrator) (19/04/2019 12:14:50)
~ Web: https://www.nicolascoolman.com
~ Blog: https://nicolascoolman.eu/
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Version OK
~ Certificate ZHPCleaner: Legal
~ Type : Scan
~ Report : C:\Users\Louis\Desktop\ZHPCleaner (S).txt
~ Quarantine : C:\Users\Louis\AppData\Roaming\ZHP\ZHPCleaner_Reg.txt
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
Windows 10 Pro, 64-bit (Build 17763)
---\ Alternate Data Stream (ADS). (0)
~ No malicious or unnecessary items found. (ADS)
---\ Services (0)
~ No malicious or unnecessary items found. (Service)
---\ Browser internet (0)
~ No malicious or unnecessary items found. (Browser)
---\ Hosts file (1)
~ The hosts file is legitimate (21)
---\ Scheduled automatic tasks. (0)
~ No malicious or unnecessary items found. (Task)
---\ Explorer ( File, Folder) (39)
FOUND folder: C:\Users\Louis\AppData\Roaming\PDAppFlex =>Trojan.Elpman
FOUND file: C:\Windows\Prefetch\TOTALAV.EXE-6037D4D2.pf =>.SUP.TotalAV
FOUND file: C:\Windows\Prefetch\TOTALAV_SETUP.EXE-803EE1E2.pf =>.SUP.TotalAV
FOUND file: C:\Windows\Installer\wix{1FD817A6-63E1-4519-BFD4-228DABB7AB6B}.SchedServiceConfig.rmi =>.SUP.Empty
FOUND file: C:\Windows\Installer\wix{3DDA8C8B-7623-42DE-81C3-9E41CAD4F14A}.SchedServiceConfig.rmi =>.SUP.Empty
FOUND file: C:\Windows\Installer\wix{9CBA860F-7437-4A75-941C-8EF559F2D145}.SchedServiceConfig.rmi =>.SUP.Empty
FOUND file: C:\Windows\Installer\wix{B2E25355-C24E-4E7D-8AD3-455D59810838}.SchedServiceConfig.rmi =>.SUP.Empty
FOUND file: C:\Windows\Installer\wix{C5FDDED7-DEC7-48B4-AFD8-DFB8A0FD199A}.SchedServiceConfig.rmi =>.SUP.Empty
FOUND file: C:\Windows\Installer\wix{C99F4AFA-B32C-4063-865C-D7B5CC0A78FB}.SchedServiceConfig.rmi =>.SUP.Empty
FOUND file: C:\Windows\Installer\wix{F814D094-197F-43C8-87FA-3210BB780486}.SchedServiceConfig.rmi =>.SUP.Empty
FOUND file: C:\Windows\Installer\wix{FBA3961B-D1DF-493C-BC1F-E67D3B832895}.SchedServiceConfig.rmi =>.SUP.Empty
FOUND file: C:\Users\Louis\Downloads\TotalAV_Setup.exe [(C) SS Protect Ltd - TotalAV Ultimate Antivirus Installer] =>.SUP.TotalAV
FOUND file: C:\Users\Louis\AppData\Local\Temp\aria-debug-1844.log =>.SUP.Temporary.OneDrive
FOUND file: C:\Users\Louis\AppData\Local\Temp\wct322.tmp =>.SUP.Temporary.Office
FOUND file: C:\Users\Louis\AppData\Local\Temp\wctDB04.tmp =>.SUP.Temporary.Office
FOUND file: C:\Users\Louis\AppData\Local\Temp\~DF2B99D9C9260551D3.TMP =>.SUP.Temporary.Other
FOUND file: C:\Users\Louis\AppData\Local\Temp\~DF3070F81E0F15D8D8.TMP =>.SUP.Temporary.Other
FOUND file: C:\Users\Louis\AppData\Local\Temp\~DFA930EF336B4DD9A7.TMP =>.SUP.Temporary.Other
FOUND file: C:\Users\Louis\AppData\Local\Temp\~DFABDB7FA06B320F41.TMP =>.SUP.Temporary.Other
FOUND file: C:\Users\Louis\AppData\Local\Temp\~DFAEF64A98C4301760.TMP =>.SUP.Temporary.Other
FOUND file: C:\Users\Louis\AppData\Local\Temp\~DFBA25AC7FFA555A5A.TMP =>.SUP.Temporary.Other
FOUND file: C:\Users\Louis\AppData\Local\Temp\~DFC4E60E4BA217A38D.TMP =>.SUP.Temporary.Other
FOUND file: C:\Users\Louis\AppData\Local\Temp\~DFCA6C3D20A7A8F723.TMP =>.SUP.Temporary.Other
FOUND folder: C:\Users\Louis\Documents\TotalAV\PasswordVault =>.SUP.TotalAV
FOUND folder: C:\Users\Louis\Documents\TotalAV =>.SUP.TotalAV
FOUND folder: C:\Program Files (x86)\IOBIT\Driver Booster =>.SUP.Energize
FOUND folder: C:\Program Files (x86)\Common Files\IObit\Advanced SystemCare =>.SUP.AdvancedSystemCare
FOUND folder: C:\ProgramData\IOBIT\Driver Booster =>.SUP.Energize
FOUND folder: C:\ProgramData\IObit\Advanced SystemCare =>.SUP.AdvancedSystemCare
FOUND folder: C:\ProgramData\SecuritySuite =>.SUP.ScanGuard
FOUND folder: C:\ProgramData\Application Data\IObit\ASCDownloader =>.SUP.AdvancedSystemCare
FOUND folder: C:\ProgramData\IObit\ASCDownloader =>.SUP.AdvancedSystemCare
FOUND folder: C:\Users\Louis\AppData\LocalLow\IObit\Advanced SystemCare =>.SUP.AdvancedSystemCare
FOUND folder: C:\Users\Louis\AppData\Roaming\IOBIT\Driver Booster =>.SUP.Energize
FOUND folder: C:\Users\Louis\AppData\Roaming\IObit\Advanced SystemCare =>.SUP.AdvancedSystemCare
FOUND folder: C:\WINDOWS\Installer\MSI6E1F.tmp- =>.SUP.Empty
FOUND folder: C:\WINDOWS\Installer\MSI7A93.tmp- =>.SUP.Empty
FOUND folder: C:\WINDOWS\Installer\MSI7C5A.tmp- =>.SUP.Empty
FOUND folder: C:\WINDOWS\Installer\MSI9852.tmp- =>.SUP.Empty
---\ Registry ( Key, Value, Data) (17)
FOUND key: [X64] HKLM\SOFTWARE\81bfc699-f883-50c7-b674-2483b6baae23 [] =>Adware.CrossRider
FOUND key: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\TotalAV_RASAPI32 [] =>.SUP.TotalAV
FOUND key: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\TotalAV_RASMANCS [] =>.SUP.TotalAV
FOUND value: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run\\Advanced SystemCare Ultimate [0x03000000E0770F10EC98D401] =>.SUP.AdvancedSystemCare
FOUND value: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run\\EpicGamesLauncher [0x03000000806C4013EC98D401] =>Heuristic.Suspect
FOUND value: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run\\Application Restart #3 [0x03000000C0E0188D7FC2D401] =>.SUP.HideBaid
FOUND key: HKCU\Software\undefined [] =>.SUP.Downloader
FOUND key: HKLM\SOFTWARE\Wow6432Node\IObit\Advanced SystemCare [] =>.SUP.AdvancedSystemCare
FOUND key: HKLM\SOFTWARE\Wow6432Node\IObit\ASC [] =>.SUP.AdvancedSystemCare
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files (x86)\NZXT\CAM\ChipsetDriver\Legacy Driver\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files (x86)\NZXT\CAM\ChipsetDriver\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files (x86)\NZXT\CAM\ChipsetDriver\Driver Installation Tool\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files (x86)\NZXT\CAM\ChipsetDriver\Driver Installation Tool\x64\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files (x86)\NZXT\CAM\ChipsetDriver\Driver Installation Tool\x86\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files (x86)\NZXT\CAM\KrakenDriver\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files (x86)\NZXT\CAM\KrakenDriver\x64\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files (x86)\NZXT\CAM\KrakenDriver\x86\ [No Folder] =>.SUP.Obsolete.NoFolder
---\ Summary of the elements found (14)
https://nicolascoolman.eu/2017/09/23/trojan-elpman/ =>Trojan.Elpman
https://nicolascoolman.eu/2017/10/30/sup-totalav/ =>.SUP.TotalAV
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.SUP.Empty
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.SUP.Temporary.OneDrive
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.SUP.Temporary.Office
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.SUP.Temporary.Other
https://www.anti-malware.top/2016/11/06/superfluous-energize/ =>.SUP.Energize
https://nicolascoolman.eu/2017/12/26/sup-advancedsystemcare/ =>.SUP.AdvancedSystemCare
https://nicolascoolman.eu/2017/12/21/sup-scanguard/ =>.SUP.ScanGuard
https://nicolascoolman.eu/2017/03/11/pup-optional-crossrider/ =>Adware.CrossRider
https://nicolascoolman.eu/2017/01/28/heuristic-suspect/ =>Heuristic.Suspect
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.SUP.HideBaid
https://nicolascoolman.eu/2017/12/22/sup-downloader/ =>.SUP.Downloader
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.SUP.Obsolete.NoFolder
---\ Result of repair
~ Any repair made
~ Browser not found (Mozilla Firefox)
~ Browser not found (Opera Software)
---\ Statistics
~ Items scanned : 96945
~ Items found : 58
~ Items cancelled : 0
~ Items options : 12/12
~ Space saving (bytes) : 167536
~ End of search in 00h03mn59s
---\ Reports (3)
ZHPCleaner-[S]-19042019-00_06_16.txt
ZHPCleaner-[S]-19042019-11_39_51.txt
ZHPCleaner-[S]-19042019-12_18_49.txt