~ ZHPCleaner v2017.6.15.99 by Nicolas Coolman (2017/06/15)
~ Run by jerem (Administrator)  (16/06/2017 22:54:34)
~ Web: https://www.nicolascoolman.com
~ Blog: https://nicolascoolman.eu/
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Version OK
~ Certificate: Legal
~ Type : Scanner
~ Report : C:\Users\jerem\Desktop\ZHPCleaner.txt
~ Quarantine : C:\Users\jerem\AppData\Roaming\ZHP\ZHPCleaner_Reg.txt
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
Windows 10 Home, 64-bit  (Build 14393)


---\\  Service. (2)
[S] TROUVÉ : AdBlockerService  =>PUP.Optional.Adblocker
[S] TROUVÉ : JszipService  =>.Superfluous.Elex


---\\  Navigateur internet. (1)
TROUVÉ donnée: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\\AutoConfigUrl [Bad : http://accessunstop.com/wpad.dat?ff049a8143edfb227626eee9f23f029c33427853]  =>Hijacker.Proxy


---\\  Fichier hôte. (1)
~ Le fichier hôte est légitime. (383)


---\\  Tâche planifiée. (1)
TROUVÉ tâche: [UCBrowserUpdater] [C:\Program Files (x86)\UCBrowser\Application\update_task.exe (Not File) ]  =>PUP.Optional.CertifiedToolbar


---\\  Explorateur  ( Dossiers, Fichiers ). (7)
TROUVÉ fichier: C:\Program Files (x86)\UCBrowser\Security:ucdrv-x64.sys [UC Web Inc. - UCBrowser Security Driver]  =>.Superfluous.UCBrowser
TROUVÉ fichier: C:\Windows\Temp\g7C04.tmp.exe    =>Heuristic.Suspect
TROUVÉ fichier: C:\Windows\Temp\g7C05.tmp.exe    =>Heuristic.Suspect
TROUVÉ fichier: C:\Windows\Temp\g8F3F.tmp.exe    =>Heuristic.Suspect
TROUVÉ fichier: C:\Users\jerem\AppData\Local\Temp\7639D252-39CC-49F9-8686-B1226B0D6991.Diagnose.0.etl    =>.Superfluous.Temporary.Empty
TROUVÉ fichier: C:\Users\jerem\AppData\Local\Temp\chrome_installer.log    =>.Superfluous.Temporary.Empty
TROUVÉ fichier: C:\Users\jerem\AppData\Local\Temp\MIM446E.tmp    =>.Superfluous.Temporary.Empty


---\\  Base de Registres ( Clés, Valeurs, Données ). (38)
TROUVÉ valeur: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\YeaDesktop [C:\Program Files (x86)\YeaDesktop\YeaDesktop.exe /autostart]  =>PUP.Optional.Zusy
TROUVÉ clé: HKLM\SYSTEM\CurrentControlSet\Services\AdBlockerService [C:\Program Files (x86)\AdBlocker\AdBlockerService.exe (Not File)](..)  =>PUP.Optional.Adblocker
TROUVÉ clé: HKLM\SYSTEM\CurrentControlSet\Services\JszipProtect [C:\Program Files (x86)\Maoha\JiSuZip\JsZipProtect64.sys (Not File)](..)  =>.Superfluous.Elex
TROUVÉ clé: HKLM\SYSTEM\CurrentControlSet\Services\JszipService [C:\Program Files (x86)\Maoha\JiSuZip\JszipSvc.exe (Not File)](..)  =>.Superfluous.Elex
TROUVÉ clé: HKLM\SYSTEM\CurrentControlSet\Services\ucdrv [C:\Program Files (x86)\UCBrowser\Security:ucdrv-x64.sys]  =>.Superfluous.UCBrowser
TROUVÉ clé: HKEY_USERS\S-1-5-21-4141958358-1162875587-695117042-1001\SOFTWARE\JiSuZip []  =>.Superfluous.Elex
TROUVÉ clé: HKEY_USERS\S-1-5-21-4141958358-1162875587-695117042-1001\SOFTWARE\YeaDesktop []  =>PUP.Optional.Zusy
TROUVÉ clé: HKCU\Software\JiSuZip []  =>.Superfluous.Elex
TROUVÉ clé: HKCU\Software\YeaDesktop []  =>PUP.Optional.Zusy
TROUVÉ clé: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\chatango.com []  =>PUP.Optional.Chatango
TROUVÉ clé: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\kmspico10.com []  =>HackTool.KMSpico
TROUVÉ clé: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\st.chatango.com []  =>PUP.Optional.Chatango
TROUVÉ clé: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\www.yeadesktop.com []  =>PUP.Optional.Zusy
TROUVÉ clé: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\yeadesktop.com []  =>PUP.Optional.Zusy
TROUVÉ clé: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\chatango.com []  =>PUP.Optional.Chatango
TROUVÉ clé: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\kmspico10.com [39]  =>HackTool.KMSpico
TROUVÉ clé: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\st.chatango.com [33]  =>PUP.Optional.Chatango
TROUVÉ clé: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\www.yeadesktop.com [107]  =>PUP.Optional.Zusy
TROUVÉ clé: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\yeadesktop.com []  =>PUP.Optional.Zusy
TROUVÉ clé: HKCU\Software\UCBrowserPID []  =>.Superfluous.UCBrowser
TROUVÉ clé: HKLM\SOFTWARE\Wow6432Node\UCBrowserPID []  =>.Superfluous.UCBrowser
TROUVÉ clé: HKLM\SOFTWARE\UCBrowserPID []  =>.Superfluous.UCBrowser
TROUVÉ clé: HKLM\SYSTEM\CurrentControlSet\Services\Auhardwaregl []  =>.Superfluous.SuspiciousCloud
TROUVÉ clé: HKLM\SYSTEM\CurrentControlSet\Services\JszipService []  =>.Superfluous.Elex
TROUVÉ clé: HKLM\SYSTEM\CurrentControlSet\Services\UCBrowserSvc []  =>.Superfluous.UCBrowser
TROUVÉ clé: [X64] HKLM\SOFTWARE\Wow6432Node\JiSuZip []  =>.Superfluous.Elex
TROUVÉ clé: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Yeadesktop_RASAPI32 []  =>PUP.Optional.Zusy
TROUVÉ clé: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Yeadesktop_RASMANCS []  =>PUP.Optional.Zusy
TROUVÉ clé: [X64] HKLM\SOFTWARE\Classes\CLSID\{0EC85481-BDF8-46F0-B3CD-242CEC5AECE9}\InprocServer32 [C:\Program Files (x86)\Maoha\JiSuZip\JZipExt.dll (Not File)]  =>.Superfluous.Elex
TROUVÉ clé: [X64] HKLM\SOFTWARE\Classes\CLSID\{5C551008-A347-4DB3-AF48-014076FD2B46}\InprocServer32 [C:\Program Files (x86)\Maoha\JiSuZip\JZipExt.dll (Not File)]  =>.Superfluous.Elex
TROUVÉ clé: [X64] HKLM\SOFTWARE\Classes\CLSID\{9A0700D2-920A-4E52-8697-9B5230C92612}\InprocServer32 [C:\Program Files (x86)\Maoha\JiSuZip\JZipExt.dll (Not File)]  =>.Superfluous.Elex
TROUVÉ clé: [X64] HKLM\SOFTWARE\Classes\CLSID\{B1A5B927-E0F9-47FC-ADD0-F012B8CEECCB}\InprocServer32 [C:\Program Files (x86)\Maoha\JiSuZip\JZipExt.dll (Not File)]  =>.Superfluous.Elex
TROUVÉ clé: [X64] HKLM\SOFTWARE\Classes\CLSID\{C83C8499-99FF-4276-8CFD-6467362F6A1E}\InprocServer32 [C:\Program Files (x86)\Maoha\JiSuZip\JZipExt.dll (Not File)]  =>.Superfluous.Elex
TROUVÉ clé: [X64] HKLM\SOFTWARE\Classes\CLSID\{0EC85481-BDF8-46F0-B3CD-242CEC5AECE9} [PropertyExt Class]  =>.Superfluous.Elex
TROUVÉ clé: [X64] HKLM\SOFTWARE\Classes\CLSID\{5C551008-A347-4DB3-AF48-014076FD2B46} [JZContextMenuExt Class]  =>.Superfluous.Elex
TROUVÉ clé: [X64] HKLM\SOFTWARE\Classes\CLSID\{9A0700D2-920A-4E52-8697-9B5230C92612} [JzShlobj Class]  =>.Superfluous.Elex
TROUVÉ clé: [X64] HKLM\SOFTWARE\Classes\CLSID\{B1A5B927-E0F9-47FC-ADD0-F012B8CEECCB} [JZDropHandler Class]  =>.Superfluous.Elex
TROUVÉ clé: [X64] HKLM\SOFTWARE\Classes\CLSID\{C83C8499-99FF-4276-8CFD-6467362F6A1E} [DragDropMenu Class]  =>.Superfluous.Elex


---\\  Récapitulatif des éléments trouvés sur votre station. (11)
https://nicolascoolman.eu/2017/01/28/adware-adblocker/  =>PUP.Optional.Adblocker
https://nicolascoolman.eu/2017/03/28/superfluous-elex/  =>.Superfluous.Elex
https://nicolascoolman.eu/2017/04/03/hijacker-proxy/  =>Hijacker.Proxy
https://www.nicolascoolman.com/fr/pup-certifiedtoolbar/  =>PUP.Optional.CertifiedToolbar
https://nicolascoolman.eu/2017/03/04/superfluous-ucbrowser/  =>.Superfluous.UCBrowser
https://nicolascoolman.eu/2017/01/28/heuristic-suspect/  =>Heuristic.Suspect
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/  =>.Superfluous.Temporary.Empty
https://www.anti-malware.top/2016/05/17/adware-zusy/  =>PUP.Optional.Zusy
https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/  =>PUP.Optional.Chatango
https://nicolascoolman.eu/2017/02/16/hacktool-kmspico/  =>HackTool.KMSpico
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/  =>.Superfluous.SuspiciousCloud


---\\ Bilan de la réparation
~ Aucune réparation effectuée.
~ Ce navigateur est absent  (Mozilla Firefox)
~ Ce navigateur est absent  (Opera Software)


---\\ Statistiques
~ Items scannés : 76709
~ Items trouvés : 52
~ Items annulés : 0
~ Items réparés : 0


~ End of search in 00h03mn53s
~====================
ZHPCleaner-[R]-16062017-21_27_32.txt
ZHPCleaner-[R]-16062017-21_39_08.txt
ZHPCleaner-[S]-16062017-21_24_18.txt
ZHPCleaner-[S]-16062017-21_37_45.txt
ZHPCleaner-[S]-16062017-22_58_27.txt