~ ZHPCleaner v2017.6.26.105 by Nicolas Coolman (2017/06/26) ~ Run by Flavio (Administrator) (15/07/2017 19:25:48) ~ Web: https://www.nicolascoolman.com ~ Blog: https://nicolascoolman.eu/ ~ Facebook : https://www.facebook.com/nicolascoolman1 ~ State version : Version OK ~ Certificate ZHPCleaner: Illegal ~ Type : Nettoyer ~ Report : C:\Users\Flavio\Desktop\ZHPCleaner.txt ~ Quarantine : C:\Users\Flavio\AppData\Roaming\ZHP\ZHPCleaner_Reg.txt ~ UAC : Activate ~ Boot Mode : Normal (Normal boot) Windows VISTA, 32-bit Service Pack 1 (Build 6001) ---\\ Service. (0) ~ Aucun élément malicieux ou superflu trouvé. ---\\ Navigateur internet. (2) SUPPRIMÉ donnée: HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings [Bad : Port=50347 <-Loopback>] =>Hijacker.Proxy SUPPRIMÉ donnée: HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings [Bad : Port=50347 <-Loopback>] =>Hijacker.Proxy ---\\ Fichier hôte. (1) ~ Le fichier hôte est légitime. (22) ---\\ Tâche planifiée. (2) SUPPRIMÉ tâche: [globalUpdateUpdateTaskMachineCore] [C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job (Not File) ] =>PUP.Optional.GlobalUpdate SUPPRIMÉ tâche: [globalUpdateUpdateTaskMachineUA] [C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job (Not File) ] =>PUP.Optional.GlobalUpdate ---\\ Explorateur ( Dossiers, Fichiers ). (35) DEPLACÉ fichier: C:\Users\Flavio\AppData\Local\amqck_nav.dat =>Heuristic.MagicControl DEPLACÉ fichier: C:\Users\Flavio\AppData\Local\amqck.dat =>Heuristic.MagicControl DEPLACÉ fichier: C:\Users\Flavio\AppData\Local\amqck_navps.dat =>Heuristic.MagicControl DEPLACÉ fichier: C:\Users\Flavio\AppData\Local\aqkyimm_nav.dat =>Heuristic.MagicControl DEPLACÉ fichier: C:\Users\Flavio\AppData\Local\aqkyimm.dat =>Heuristic.MagicControl DEPLACÉ fichier: C:\Users\Flavio\AppData\Local\aqkyimm_navps.dat =>Heuristic.MagicControl DEPLACÉ fichier: C:\Users\Flavio\AppData\Local\gmqqyqw_nav.dat =>Heuristic.MagicControl DEPLACÉ fichier: C:\Users\Flavio\AppData\Local\gmqqyqw.dat =>Heuristic.MagicControl DEPLACÉ fichier: C:\Users\Flavio\AppData\Local\gmqqyqw_navps.dat =>Heuristic.MagicControl DEPLACÉ fichier: C:\Users\Flavio\AppData\Local\thlxd_nav.dat =>Heuristic.MagicControl DEPLACÉ fichier: C:\Users\Flavio\AppData\Local\thlxd.dat =>Heuristic.MagicControl DEPLACÉ fichier: C:\Users\Flavio\AppData\Local\thlxd_navps.dat =>Heuristic.MagicControl DEPLACÉ fichier: C:\Program Files\Common Files\FDEUnInstaller.exe [ - FDEUninstaller] =>Adware.Suspect DEPLACÉ fichier: C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job =>PUP.Optional.GlobalUpdate DEPLACÉ fichier: C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job =>PUP.Optional.GlobalUpdate DEPLACÉ fichier: C:\Windows\Prefetch\WINDAPP UPDATE.EXE-567E8924.pf =>.Superfluous.Nosibay DEPLACÉ fichier: C:\Users\Flavio\AppData\Roaming\Bubble Dock.boostrap.log =>PUP.Optional.BubbleDock DEPLACÉ fichier: C:\Users\Flavio\AppData\Roaming\Bubble Dock.installation.log =>PUP.Optional.BubbleDock DEPLACÉ fichier: C:\Users\Flavio\AppData\Roaming\WindApp.boostrap.log =>.Superfluous.Nosibay DEPLACÉ fichier: C:\Users\Flavio\AppData\Roaming\WindApp.installation.log =>.Superfluous.Nosibay DEPLACÉ dossier*: C:\Program Files\BitComet =>.Superfluous.Empty DEPLACÉ dossier*: C:\Program Files\globalUpdate =>PUP.Optional.GlobalUpdate DEPLACÉ dossier*: C:\Program Files\Inventel =>.Superfluous.Empty DEPLACÉ dossier*: C:\Program Files\SmartSaver+ 15 =>Adware.CrossRider DEPLACÉ dossier*: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FlvPlayer =>PUP.Optional.FLVPlayer DEPLACÉ dossier*: C:\Windows\System32\config\systemprofile\AppData\Local\supt4pc_fr_51 =>PUP.Optional.Softomate DEPLACÉ dossier*: C:\Users\Flavio\AppData\Roaming\Nosibay =>PUP.Optional.SPointer DEPLACÉ dossier*: C:\Users\Flavio\AppData\Roaming\Store =>.Superfluous.Nosibay DEPLACÉ dossier*: C:\Users\Flavio\AppData\Local\globalUpdate =>PUP.Optional.GlobalUpdate DEPLACÉ dossier*: C:\Users\Default\AppData\Local\Duuqu =>PUP.Optional.Duuqu DEPLACÉ dossier: C:\Users\Default User\AppData\Local\Duuqu =>PUP.Optional.Duuqu DEPLACÉ dossier*: C:\Program Files\QuickTime =>Riskware.QuickTime DEPLACÉ dossier*: C:\ProgramData\Software =>PUP.Optional.Boxore DEPLACÉ dossier*: C:\Users\Flavio\AppData\Local\Software =>PUP.Optional.Boxore DEPLACÉ dossier*: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime =>Riskware.QuickTime ---\\ Base de Registres ( Clés, Valeurs, Données ). (68) SUPPRIMÉ clé*: HKLM\Software\Google\Chrome\Extensions\enmejlcdlcdnbkhaadpkgmkepllhkgjm [C:\Program Files\MediaWatchV1\MediaWatchV1home805\ch\MediaWatchV1home805.crx (Not File)] =>PUP.Optional.MediaWatch SUPPRIMÉ clé*: HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\637162CC59A3A1E25956FA5FA8F60D2E1C52EAC6 [Avast Software] =>Trojan.CertLock SUPPRIMÉ clé*: HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\7D7F4414CCEF168ADF6BF40753B5BECD78375931 [Avast Software] =>Trojan.CertLock SUPPRIMÉ clé*: HKEY_USERS\S-1-5-21-3630543836-1406161070-2605694944-1000\SOFTWARE\fcn [] =>Adware.Navipromo SUPPRIMÉ clé*: HKEY_USERS\S-1-5-21-3630543836-1406161070-2605694944-1000\SOFTWARE\globalUpdate [] =>PUP.Optional.GlobalUpdate SUPPRIMÉ clé*: HKEY_USERS\S-1-5-21-3630543836-1406161070-2605694944-1000\SOFTWARE\Nosibay [] =>PUP.Optional.SPointer SUPPRIMÉ clé*: HKEY_USERS\S-1-5-21-3630543836-1406161070-2605694944-1000\SOFTWARE\WebMediaPlayer [C:\Program Files\WebMediaPlayer (Not File)] =>PUP.Optional.EGDAccess SUPPRIMÉ clé: HKCU\Software\fcn [] =>Adware.Navipromo SUPPRIMÉ clé: HKCU\Software\globalUpdate [] =>PUP.Optional.GlobalUpdate SUPPRIMÉ clé: HKCU\Software\Nosibay [] =>PUP.Optional.SPointer SUPPRIMÉ clé: HKCU\Software\WebMediaPlayer [C:\Program Files\WebMediaPlayer (Not File)] =>PUP.Optional.EGDAccess SUPPRIMÉ clé*: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\WindApp [Store] =>.Superfluous.Nosibay SUPPRIMÉ clé*: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\SmartSaver+ 15 [] =>Adware.CrossRider SUPPRIMÉ clé*: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Wajam [] =>PUP.Optional.Wajam SUPPRIMÉ clé*: HKCU\Software\TeleCharger [] =>.Superfluous.Downloader SUPPRIMÉ clé*: HKCU\Software\Store [] =>PUP.Optional.Generic SUPPRIMÉ clé*: HKCU\Software\Mozilla\Extends [] =>PUP.Optional.FastStart SUPPRIMÉ clé*: HKLM\SOFTWARE\Classes\Interface\{237FDFDB-3722-470E-8BA8-90196DABE967} [ISetup] =>PUP.Optional.GetNow SUPPRIMÉ clé*: HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass [Google Update Core Class] =>PUP.Optional.GlobalUpdate SUPPRIMÉ clé*: HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1 [Google Update Core Class] =>PUP.Optional.GlobalUpdate SUPPRIMÉ clé*: HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc [Google Update Legacy On Demand] =>PUP.Optional.GlobalUpdate SUPPRIMÉ clé*: HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0 [Google Update Legacy On Demand] =>PUP.Optional.GlobalUpdate SUPPRIMÉ clé*: HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc [GoogleUpdate Update3Web] =>PUP.Optional.GlobalUpdate SUPPRIMÉ clé*: HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0 [GoogleUpdate Update3Web] =>PUP.Optional.GlobalUpdate SUPPRIMÉ clé*: HKLM\SOFTWARE\Classes\WinZipper.001 [WinZipper] =>.Superfluous.TaiwanShuiMu SUPPRIMÉ clé*: HKLM\SOFTWARE\Classes\WinZipper.7z [WinZipper] =>.Superfluous.TaiwanShuiMu SUPPRIMÉ clé*: HKLM\SOFTWARE\Classes\WinZipper.arj [WinZipper] =>.Superfluous.TaiwanShuiMu SUPPRIMÉ clé*: HKLM\SOFTWARE\Classes\WinZipper.bz2 [WinZipper] =>.Superfluous.TaiwanShuiMu SUPPRIMÉ clé*: HKLM\SOFTWARE\Classes\WinZipper.bzip2 [WinZipper] =>.Superfluous.TaiwanShuiMu SUPPRIMÉ clé*: HKLM\SOFTWARE\Classes\WinZipper.cab [WinZipper] =>.Superfluous.TaiwanShuiMu SUPPRIMÉ clé*: HKLM\SOFTWARE\Classes\WinZipper.cpio [WinZipper] =>.Superfluous.TaiwanShuiMu SUPPRIMÉ clé*: HKLM\SOFTWARE\Classes\WinZipper.deb [WinZipper] =>.Superfluous.TaiwanShuiMu SUPPRIMÉ clé*: HKLM\SOFTWARE\Classes\WinZipper.dmg [WinZipper] =>.Superfluous.TaiwanShuiMu SUPPRIMÉ clé*: HKLM\SOFTWARE\Classes\WinZipper.fat [WinZipper] =>.Superfluous.TaiwanShuiMu SUPPRIMÉ clé*: HKLM\SOFTWARE\Classes\WinZipper.gz [WinZipper] =>.Superfluous.TaiwanShuiMu SUPPRIMÉ clé*: HKLM\SOFTWARE\Classes\WinZipper.gzip [WinZipper] =>.Superfluous.TaiwanShuiMu SUPPRIMÉ clé*: HKLM\SOFTWARE\Classes\WinZipper.hfs [WinZipper] =>.Superfluous.TaiwanShuiMu SUPPRIMÉ clé*: HKLM\SOFTWARE\Classes\WinZipper.iso [WinZipper] =>.Superfluous.TaiwanShuiMu SUPPRIMÉ clé*: HKLM\SOFTWARE\Classes\WinZipper.lha [WinZipper] =>.Superfluous.TaiwanShuiMu SUPPRIMÉ clé*: HKLM\SOFTWARE\Classes\WinZipper.lzh [WinZipper] =>.Superfluous.TaiwanShuiMu SUPPRIMÉ clé*: HKLM\SOFTWARE\Classes\WinZipper.lzma [WinZipper] =>.Superfluous.TaiwanShuiMu SUPPRIMÉ clé*: HKLM\SOFTWARE\Classes\WinZipper.ntfs [WinZipper] =>.Superfluous.TaiwanShuiMu SUPPRIMÉ clé*: HKLM\SOFTWARE\Classes\WinZipper.rar [WinZipper] =>.Superfluous.TaiwanShuiMu SUPPRIMÉ clé*: HKLM\SOFTWARE\Classes\WinZipper.rpm [WinZipper] =>.Superfluous.TaiwanShuiMu SUPPRIMÉ clé*: HKLM\SOFTWARE\Classes\WinZipper.squashfs [WinZipper] =>.Superfluous.TaiwanShuiMu SUPPRIMÉ clé*: HKLM\SOFTWARE\Classes\WinZipper.swm [WinZipper] =>.Superfluous.TaiwanShuiMu SUPPRIMÉ clé*: HKLM\SOFTWARE\Classes\WinZipper.tar [WinZipper] =>.Superfluous.TaiwanShuiMu SUPPRIMÉ clé*: HKLM\SOFTWARE\Classes\WinZipper.taz [WinZipper] =>.Superfluous.TaiwanShuiMu SUPPRIMÉ clé*: HKLM\SOFTWARE\Classes\WinZipper.tbz [WinZipper] =>.Superfluous.TaiwanShuiMu SUPPRIMÉ clé*: HKLM\SOFTWARE\Classes\WinZipper.tbz2 [WinZipper] =>.Superfluous.TaiwanShuiMu SUPPRIMÉ clé*: HKLM\SOFTWARE\Classes\WinZipper.tgz [WinZipper] =>.Superfluous.TaiwanShuiMu SUPPRIMÉ clé*: HKLM\SOFTWARE\Classes\WinZipper.tpz [WinZipper] =>.Superfluous.TaiwanShuiMu SUPPRIMÉ clé*: HKLM\SOFTWARE\Classes\WinZipper.txz [WinZipper] =>.Superfluous.TaiwanShuiMu SUPPRIMÉ clé*: HKLM\SOFTWARE\Classes\WinZipper.vhd [WinZipper] =>.Superfluous.TaiwanShuiMu SUPPRIMÉ clé*: HKLM\SOFTWARE\Classes\WinZipper.wim [WinZipper] =>.Superfluous.TaiwanShuiMu SUPPRIMÉ clé*: HKLM\SOFTWARE\Classes\WinZipper.xar [WinZipper] =>.Superfluous.TaiwanShuiMu SUPPRIMÉ clé*: HKLM\SOFTWARE\Classes\WinZipper.xz [WinZipper] =>.Superfluous.TaiwanShuiMu SUPPRIMÉ clé*: HKLM\SOFTWARE\Classes\WinZipper.z [WinZipper] =>.Superfluous.TaiwanShuiMu SUPPRIMÉ clé*: HKLM\SOFTWARE\Classes\WinZipper.zip [WinZipper] =>.Superfluous.TaiwanShuiMu SUPPRIMÉ clé*: HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\winzipersvc [] =>.Superfluous.TaiwanShuiMu SUPPRIMÉ clé*: HKLM\SOFTWARE\awesomehpSoftware [] =>PUP.Optional.AwesomeHP SUPPRIMÉ clé*: HKLM\SOFTWARE\FlvPlayer [] =>PUP.Optional.FLVPlayer SUPPRIMÉ clé*: HKLM\SOFTWARE\GlobalUpdate [] =>PUP.Optional.GlobalUpdate SUPPRIMÉ clé*: HKLM\SOFTWARE\SmartSaver+ 15 [] =>Adware.CrossRider SUPPRIMÉ clé*: HKLM\SOFTWARE\WebMediaPlayer [C:\Program Files\WebMediaPlayer (Not File)] =>PUP.Optional.EGDAccess SUPPRIMÉ clé*: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SmartSaver+ 15 [smart-saverplus] =>Adware.CrossRider SUPPRIMÉ clé*: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\DuuquUpdate.exe [] =>PUP.Optional.FrameFox SUPPRIMÉ valeur: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\WindApp ["C:\Users\Flavio\AppData\Roaming\Store\WindApp\WindApp Update.exe" /winstartup] =>.Superfluous.Nosibay ---\\ Récapitulatif des éléments trouvés sur votre station. (26) https://nicolascoolman.eu/2017/04/03/hijacker-proxy/ =>Hijacker.Proxy https://www.nicolascoolman.com/fr/pup-globalupdate/ =>PUP.Optional.GlobalUpdate https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>Heuristic.MagicControl https://nicolascoolman.eu/2017/03/02/adware-suspect/ =>Adware.Suspect https://www.anti-malware.top/2016/05/03/superfluous-nosibay/ =>.Superfluous.Nosibay https://www.nicolascoolman.com/fr/pup-bubbledock/ =>PUP.Optional.BubbleDock https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.Superfluous.Empty https://nicolascoolman.eu/2017/03/11/pup-optional-crossrider/ =>Adware.CrossRider https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>PUP.Optional.FLVPlayer https://www.nicolascoolman.com/fr/pup-softomate/ =>PUP.Optional.Softomate https://www.nicolascoolman.com/fr/adware-spointer/ =>PUP.Optional.SPointer https://www.nicolascoolman.com/fr/pup-duuqu/ =>PUP.Optional.Duuqu https://nicolascoolman.eu/2017/01/15/riskware-quicktime/ =>Riskware.QuickTime https://nicolascoolman.eu/2017/03/14/pup-optional-boxore/ =>PUP.Optional.Boxore https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>PUP.Optional.MediaWatch https://nicolascoolman.eu/2017/06/26/trojan-certlock/ =>Trojan.CertLock https://www.nicolascoolman.com/fr/adware-navipromo/ =>Adware.Navipromo https://www.nicolascoolman.com/fr/adware-egdaccess/ =>PUP.Optional.EGDAccess https://nicolascoolman.eu/2017/02/24/pup-optional-wajam/ =>PUP.Optional.Wajam https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.Superfluous.Downloader https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>PUP.Optional.Generic https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>PUP.Optional.FastStart https://www.nicolascoolman.com/fr/pup-getnow/ =>PUP.Optional.GetNow https://www.anti-malware.top/2016/05/05/superfluous-taiwanshuimu/ =>.Superfluous.TaiwanShuiMu https://www.nicolascoolman.com/fr/pup-awesomehp/ =>PUP.Optional.AwesomeHP https://www.nicolascoolman.com/fr/pup-framefox/ =>PUP.Optional.FrameFox ---\\ Nettoyage Additionnel. (13) ~ Suppression des Clés de registre Tracing. (13) ~ Suppression des anciens rapports ZHPCleaner. (0) ---\\ Bilan de la réparation ~ Réparation réalisée avec succès. ~ Ce navigateur est absent (Google Chrome) ~ Ce navigateur est absent (Opera Software) ---\\ Statistiques ~ Items scannés : 826 ~ Items trouvés : 0 ~ Items annulés : 0 ~ Items réparés : 107 ~ End of clean in 00h06mn48s ~==================== ZHPCleaner-[R]-15072017-19_32_36.txt ZHPCleaner-[S]-15072017-19_23_00.txt