~ ZHPCleaner v2017.6.1.87 by Nicolas Coolman (2017/06/01) ~ Run by isabelle (Administrator) (02/06/2017 21:02:13) ~ Web: https://www.nicolascoolman.com ~ Blog: https://nicolascoolman.eu/ ~ Facebook : https://www.facebook.com/nicolascoolman1 ~ State version : Version OK ~ Type : Scanner ~ Report : C:\Users\isabelle\Desktop\ZHPCleaner.txt ~ Quarantine : C:\Users\isabelle\AppData\Roaming\ZHP\ZHPCleaner_Reg.txt ~ UAC : Activate ~ Boot Mode : Normal (Normal boot) Windows 7 Home Premium, 64-bit Service Pack 1 (Build 7601) ---\\ Service. (0) ~ Aucun élément malicieux ou superflu trouvé. ---\\ Navigateur internet. (18) TROUVÉ IE Params: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL [http://www.ourluckysites.com/?type=hp&ts=1496246504&z=5c49c72413f8aa414a89d6ag3z[...]] =>Hijacker.OurLuckySites TROUVÉ IE Params: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Search_URL [http://www.ourluckysites.com/search/?type=ds&ts=1495460019&z=a6179fe07cdc0169520[...]] =>Hijacker.OurLuckySites TROUVÉ IE Params: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page [http://www.ourluckysites.com/?type=hp&ts=1496246504&z=5c49c72413f8aa414a89d6ag3z[...]] =>Hijacker.OurLuckySites TROUVÉ IE Params: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Page [http://www.ourluckysites.com/search/?type=ds&ts=1495460019&z=a6179fe07cdc0169520[...]] =>Hijacker.OurLuckySites TROUVÉ IE Params: HKEY_USERS\S-1-5-21-764424784-358547344-2640183369-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL [http://www.ourluckysites.com/?type=hp&ts=1496246504&z=5c49c72413f8aa414a89d6ag3z[...]] =>Hijacker.OurLuckySites TROUVÉ IE Params: HKEY_USERS\S-1-5-21-764424784-358547344-2640183369-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Search_URL [http://www.ourluckysites.com/search/?type=ds&ts=1495460019&z=a6179fe07cdc0169520[...]] =>Hijacker.OurLuckySites TROUVÉ IE Params: HKEY_USERS\S-1-5-21-764424784-358547344-2640183369-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page [http://www.ourluckysites.com/?type=hp&ts=1496246504&z=5c49c72413f8aa414a89d6ag3z[...]] =>Hijacker.OurLuckySites TROUVÉ IE Params: HKEY_USERS\S-1-5-21-764424784-358547344-2640183369-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Page [http://www.ourluckysites.com/search/?type=ds&ts=1495460019&z=a6179fe07cdc0169520[...]] =>Hijacker.OurLuckySites TROUVÉ IE Params: HKLM64\SOFTWARE\Microsoft\Internet Explorer\MAIN\\Default_Page_URL [http://www.ourluckysites.com/?type=hp&ts=1496246504&z=5c49c72413f8aa414a89d6ag3z[...]] =>Hijacker.OurLuckySites TROUVÉ IE Params: HKLM64\SOFTWARE\Microsoft\Internet Explorer\MAIN\\Start Page [http://www.ourluckysites.com/?type=hp&ts=1496246504&z=5c49c72413f8aa414a89d6ag3z[...]] =>Hijacker.OurLuckySites TROUVÉ IE Params: HKLM64\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\\Default_Page_URL [http://www.ourluckysites.com/?type=hp&ts=1496246504&z=5c49c72413f8aa414a89d6ag3z[...]] =>Hijacker.OurLuckySites TROUVÉ IE Params: HKLM64\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\\Start Page [http://www.ourluckysites.com/?type=hp&ts=1496246504&z=5c49c72413f8aa414a89d6ag3z[...]] =>Hijacker.OurLuckySites TROUVÉ Desktop: C:\Users\isabelle\Desktop\Internet Explorer.lnk [Bad : http://www.ourluckysites.com/?type=sc&ts=1493992202&z=b1805586a6f2e13f306dbffgfzat9c7t2tboaoageg&from=che0812&uid=WDCXWD3200BPVT-55JJ5T0_WD-WX21EB1L7656L7656](.Microsoft Corporation.) =>Hijacker.OurLuckySites TROUVÉ Quicklaunch: C:\Users\isabelle\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk [Bad : http://www.ourluckysites.com/?type=sc&ts=1493992202&z=b1805586a6f2e13f306dbffgfzat9c7t2tboaoageg&from=che0812&uid=WDCXWD3200BPVT-55JJ5T0_WD-WX21EB1L7656L7656](.Microsoft Corporation.) =>Hijacker.OurLuckySites TROUVÉ TaskBar: C:\Users\isabelle\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk [Bad : http://www.ourluckysites.com/?type=sc&ts=1493992202&z=b1805586a6f2e13f306dbffgfzat9c7t2tboaoageg&from=che0812&uid=WDCXWD3200BPVT-55JJ5T0_WD-WX21EB1L7656L7656](.Microsoft Corporation.) =>Hijacker.OurLuckySites TROUVÉ Startup\Programs: C:\Users\isabelle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk [Bad : http://www.ourluckysites.com/?type=sc&ts=1495460019&z=a6179fe07cdc016952039cbg9z3taw6zaq1efe1oco&from=che0812&uid=WDCXWD3200BPVT-55JJ5T0_WD-WX21EB1L7656L7656](.Microsoft Corporation.) =>Hijacker.OurLuckySites TROUVÉ SystemTools: C:\Users\isabelle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk [Bad : http://www.ourluckysites.com/?type=sc&ts=1493992202&z=b1805586a6f2e13f306dbffgfzat9c7t2tboaoageg&from=che0812&uid=WDCXWD3200BPVT-55JJ5T0_WD-WX21EB1L7656L7656](.Microsoft Corporation.) =>Hijacker.OurLuckySites TROUVÉ Programs: C:\Users\isabelle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk [Bad : http://www.ourluckysites.com/?type=sc&ts=1495460019&z=a6179fe07cdc016952039cbg9z3taw6zaq1efe1oco&from=che0812&uid=WDCXWD3200BPVT-55JJ5T0_WD-WX21EB1L7656L7656](.Microsoft Corporation.) =>Hijacker.OurLuckySites ---\\ Fichier hôte. (1) ~ Le fichier hôte est légitime. (21) ---\\ Tâche planifiée. (0) ~ Aucun élément malicieux ou superflu trouvé. ---\\ Explorateur ( Dossiers, Fichiers ). (29) TROUVÉ fichier: C:\Windows\Installer\MSI429.tmp =>.Superfluous.Elex TROUVÉ fichier: C:\Users\isabelle\AppData\Local\Temp\c5439.tmp =>.Superfluous.Temporary.Empty TROUVÉ fichier: C:\Users\isabelle\AppData\Local\Temp\c68C3.tmp =>.Superfluous.Temporary.Empty TROUVÉ fichier: C:\Users\isabelle\AppData\Local\Temp\csp483A.tmp =>.Superfluous.Temporary.Empty TROUVÉ fichier: C:\Users\isabelle\AppData\Local\Temp\csp484B.tmp =>.Superfluous.Temporary.Empty TROUVÉ fichier: C:\Users\isabelle\AppData\Local\Temp\csp526A.tmp =>.Superfluous.Temporary.Empty TROUVÉ fichier: C:\Users\isabelle\AppData\Local\Temp\csp527A.tmp =>.Superfluous.Temporary.Empty TROUVÉ fichier: C:\Users\isabelle\AppData\Local\Temp\csp528B.tmp =>.Superfluous.Temporary.Empty TROUVÉ fichier: C:\Users\isabelle\AppData\Local\Temp\csp52AB.tmp =>.Superfluous.Temporary.Empty TROUVÉ fichier: C:\Users\isabelle\AppData\Local\Temp\csp52CB.tmp =>.Superfluous.Temporary.Empty TROUVÉ fichier: C:\Users\isabelle\AppData\Local\Temp\cspC83F.tmp =>.Superfluous.Temporary.Empty TROUVÉ fichier: C:\Users\isabelle\AppData\Local\Temp\cspD606.tmp =>.Superfluous.Temporary.Empty TROUVÉ fichier: C:\Users\isabelle\AppData\Local\Temp\cspD73F.tmp =>.Superfluous.Temporary.Empty TROUVÉ fichier: C:\Users\isabelle\AppData\Local\Temp\csw540A.tmp =>.Superfluous.Temporary.Empty TROUVÉ fichier: C:\Users\isabelle\AppData\Local\Temp\csw74C4.tmp =>.Superfluous.Temporary.Empty TROUVÉ fichier: C:\Users\isabelle\AppData\Local\Temp\csw74E4.tmp =>.Superfluous.Temporary.Empty TROUVÉ fichier: C:\Users\isabelle\AppData\Local\Temp\dv2ED3D.tmp =>.Superfluous.Temporary.Empty TROUVÉ fichier: C:\Users\isabelle\AppData\Local\Temp\_&q6394.tmp =>.Superfluous.Temporary.Empty TROUVÉ fichier: C:\Users\isabelle\AppData\Local\Temp\~se4480.tmp =>.Superfluous.Temporary.Empty TROUVÉ fichier: C:\Windows\System32\log\iSafeKrnlCall.log =>.Superfluous.YetAnotherCleaner TROUVÉ fichier: C:\Windows\System32\Drivers\iSafeKrnlBoot.sys [Elex do Brasil Participações Ltda - iSafe Kernel Boot Driver] =>.Superfluous.YetAnotherCleaner TROUVÉ dossier: C:\Program Files (x86)\Elex-tech\YAC =>.Superfluous.Elex TROUVÉ dossier: C:\Program Files (x86)\Elex-tech =>.Superfluous.Elex TROUVÉ fichier: C:\Users\isabelle\AppData\Roaming\WinSAPSvc\WinSAP.dll =>PUP.Optional.Youndoo TROUVÉ dossier: C:\Users\isabelle\AppData\Roaming\WinSAPSvc =>PUP.Optional.Youndoo TROUVÉ dossier: C:\Program Files (x86)\Firefox =>Hijacker.Browser TROUVÉ dossier: C:\Program Files (x86)\Elex-tech\YAC =>.Superfluous.YetAnotherCleaner TROUVÉ dossier: C:\ProgramData\BIT =>.Superfluous.Elex TROUVÉ dossier: C:\Users\isabelle\AppData\Local\kitty =>.Superfluous.Elex ---\\ Base de Registres ( Clés, Valeurs, Données ). (13) TROUVÉ clé: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} [http://www.ourluckysites.com/search/?type=ds&ts=1496246504&z=5c49c72413f8aa414a89d6ag3zat7qeobz9q1w1[...]] [ourluckysites] =>Hijacker.OurLuckySites TROUVÉ clé: [X64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} [http://www.ourluckysites.com/search/?type=ds&ts=1496246504&z=5c49c72413f8aa414a89d6ag3zat7qeobz9q1w1[...]] [ourluckysites] =>Hijacker.OurLuckySites TROUVÉ clé: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} [http://www.ourluckysites.com/search/?type=ds&ts=1496246504&z=5c49c72413f8aa414a89d6ag3zat7qeobz9q1w1[...]] [ourluckysites] =>Hijacker.OurLuckySites TROUVÉ donnée: HKLM\...\IEXPLORE.EXE\Shell\open\Command\\"c:\program files (x86)\internet explorer\iexplore.exe" http://www.ourluckysites.com/?type=sc&ts=1496246504&z=5c49c72413f8aa414a89d6ag3zat7qeobz9q1w1geo&from=che0812&uid=WDCXWD3200BPVT-55JJ5T0_WD-WX21EB1L7656L7656 =>Hijacker.OurLuckySites TROUVÉ clé: HKLM\SOFTWARE\Wow6432Node\Firefox [] =>Adware.GhokswaBrowser TROUVÉ clé: HKLM\SOFTWARE\Firefox [] =>Adware.GhokswaBrowser TROUVÉ clé: HKLM\SYSTEM\CurrentControlSet\Services\BIT [] =>.Superfluous.Elex TROUVÉ clé: HKLM\SYSTEM\CurrentControlSet\Services\FirefoxU [] =>Adware.Mutabaha TROUVÉ clé: HKLM\SYSTEM\CurrentControlSet\Services\WinSAPSvc [] =>PUP.Optional.Youndoo TROUVÉ clé: [X64] HKLM\SOFTWARE\InterSect Alliance [] =>.Superfluous.InterSect TROUVÉ clé: [X64] HKLM\SOFTWARE\Wow6432Node\Elex-tech [] =>.Superfluous.Elex TROUVÉ clé: [X64] HKLM\SOFTWARE\Wow6432Node\ourluckysitesSoftware [] =>Hijacker.OurLuckySites TROUVÉ clé: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\iSafe [ELEX DO BRASIL PARTICIPAÇÕES LTDA] =>.Superfluous.Elex ---\\ Récapitulatif des éléments trouvés sur votre station. (9) https://nicolascoolman.eu/2017/05/16/hijacker-ourluckysites/ =>Hijacker.OurLuckySites https://nicolascoolman.eu/2017/03/28/superfluous-elex/ =>.Superfluous.Elex https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.Superfluous.Temporary.Empty https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.Superfluous.YetAnotherCleaner https://nicolascoolman.eu/2017/03/11/superfluous-youndoo/ =>PUP.Optional.Youndoo https://nicolascoolman.eu/2017/02/02/hijacker-browser-2/ =>Hijacker.Browser https://nicolascoolman.eu/2017/02/19/adware-ghokswabrowser/ =>Adware.GhokswaBrowser https://www.anti-malware.top/2016/06/24/conseils-logiciel-publicitaire-mutabaha/ =>Adware.Mutabaha https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.Superfluous.InterSect ---\\ Bilan de la réparation ~ Aucune réparation effectuée. ~ Ce navigateur est absent (Mozilla Firefox) ~ Ce navigateur est absent (Opera Software) ---\\ Statistiques ~ Items scannés : 64824 ~ Items trouvés : 62 ~ Items annulés : 0 ~ Items réparés : 0 ~ End of search in 00h06mn21s ~==================== ZHPCleaner-[R]-08052017-19_56_38.txt ZHPCleaner-[S]-02062017-21_08_34.txt ZHPCleaner-[S]-08052017-19_49_07.txt