~ ZHPCleaner v2017.8.4.133 by Nicolas Coolman (2017/08/04) ~ Run by Nabs (Administrator) (08/08/2017 18:37:31) ~ Web: https://www.nicolascoolman.com ~ Blog: https://nicolascoolman.eu/ ~ Facebook : https://www.facebook.com/nicolascoolman1 ~ State version : Version OK ~ Certificate ZHPCleaner: Legal ~ Type : Nettoyer ~ Report : C:\Users\Nabs\Desktop\ZHPCleaner.txt ~ Quarantine : C:\Users\Nabs\AppData\Roaming\ZHP\ZHPCleaner_Reg.txt ~ UAC : Activate ~ Boot Mode : Sans échec avec prise en charge du réseau (Fail-safe with network boot) Windows 7 Professional, 64-bit Service Pack 1 (Build 7601) ---\\ Service. (0) ~ Aucun élément malicieux ou superflu trouvé. ---\\ Navigateur internet. (0) ~ Aucun élément malicieux ou superflu trouvé. ---\\ Fichier hôte. (1) ~ Le fichier hôte est légitime. (1) ---\\ Tâche planifiée. (0) ~ Aucun élément malicieux ou superflu trouvé. ---\\ Explorateur ( Dossiers, Fichiers ). (6) DEPLACÉ fichier: C:\Documents and Settings\Fatima\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\http_st.chatango.com_0.localstorage =>PUP.Optional.Chatango DEPLACÉ fichier: C:\Documents and Settings\Fatima\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\http_st.chatango.com_0.localstorage-journal =>PUP.Optional.Chatango DEPLACÉ fichier: C:\Windows\AutoKMS\AutoKMS.log =>HackTool.AutoKMS DEPLACÉ dossier*: C:\ProgramData\Microsoft Toolkit =>HackTool.AutoKMS DEPLACÉ dossier*: C:\Windows\AutoKMS =>HackTool.AutoKMS DEPLACÉ dossier*: C:\Users\Nabs\AppData\Roaming\HMYGSetting =>Adware.Suspect ---\\ Base de Registres ( Clés, Valeurs, Données ). (50) SUPPRIMÉ clé*: HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\1916A2AF346D399F50313C393200F14140456616 [Avast Software] =>PUM.Misplaced.Certificate SUPPRIMÉ clé*: HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\2A83E9020591A55FC6DDAD3FB102794C52B24E70 [Avast Software] =>PUM.Misplaced.Certificate SUPPRIMÉ clé*: HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\2B84BFBB34EE2EF949FE1CBE30AA026416EB2216 [Avast Software] =>PUM.Misplaced.Certificate SUPPRIMÉ clé*: HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\305F8BD17AA2CBC483A4C41B19A39A0C75DA39D6 [Avast Software] =>PUM.Misplaced.Certificate SUPPRIMÉ clé*: HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\367D4B3B4FCBBC0B767B2EC0CDB2A36EAB71A4EB [Avast Software] =>PUM.Misplaced.Certificate SUPPRIMÉ clé*: HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\3A850044D8A195CD401A680C012CB0A3B5F8DC08 [Avast Software] =>PUM.Misplaced.Certificate SUPPRIMÉ clé*: HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\40AA38731BD189F9CDB5B9DC35E2136F38777AF4 [Avast Software] =>PUM.Misplaced.Certificate SUPPRIMÉ clé*: HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\43D9BCB568E039D073A74A71D8511F7476089CC3 [Avast Software] =>PUM.Misplaced.Certificate SUPPRIMÉ clé*: HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\471C949A8143DB5AD5CDF1C972864A2504FA23C9 [Avast Software] =>PUM.Misplaced.Certificate SUPPRIMÉ clé*: HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\51C3247D60F356C7CA3BAF4C3F429DAC93EE7B74 [Avast Software] =>PUM.Misplaced.Certificate SUPPRIMÉ clé*: HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\5DE83EE82AC5090AEA9D6AC4E7A6E213F946E179 [Avast Software] =>PUM.Misplaced.Certificate SUPPRIMÉ clé*: HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\61793FCBFA4F9008309BBA5FF12D2CB29CD4151A [Avast Software] =>PUM.Misplaced.Certificate SUPPRIMÉ clé*: HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\637162CC59A3A1E25956FA5FA8F60D2E1C52EAC6 [Avast Software] =>PUM.Misplaced.Certificate SUPPRIMÉ clé*: HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\63FEAE960BAA91E343CE2BD8B71798C76BDB77D0 [Avast Software] =>PUM.Misplaced.Certificate SUPPRIMÉ clé*: HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\6431723036FD26DEA502792FA595922493030F97 [Avast Software] =>PUM.Misplaced.Certificate SUPPRIMÉ clé*: HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\7D7F4414CCEF168ADF6BF40753B5BECD78375931 [Avast Software] =>PUM.Misplaced.Certificate SUPPRIMÉ clé*: HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\80962AE4D6C5B442894E95A13E4A699E07D694CF [Avast Software] =>PUM.Misplaced.Certificate SUPPRIMÉ clé*: HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\86E817C81A5CA672FE000F36F878C19518D6F844 [Avast Software] =>PUM.Misplaced.Certificate SUPPRIMÉ clé*: HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\8E5BD50D6AE686D65252F843A9D4B96D197730AB [Avast Software] =>PUM.Misplaced.Certificate SUPPRIMÉ clé*: HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\9845A431D51959CAF225322B4A4FE9F223CE6D15 [Avast Software] =>PUM.Misplaced.Certificate SUPPRIMÉ clé*: HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\B533345D06F64516403C00DA03187D3BFEF59156 [Avast Software] =>PUM.Misplaced.Certificate SUPPRIMÉ clé*: HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\B86E791620F759F17B8D25E38CA8BE32E7D5EAC2 [Avast Software] =>PUM.Misplaced.Certificate SUPPRIMÉ clé*: HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\C060ED44CBD881BD0EF86C0BA287DDCF8167478C [Avast Software] =>PUM.Misplaced.Certificate SUPPRIMÉ clé*: HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\CEA586B2CE593EC7D939898337C57814708AB2BE [Avast Software] =>PUM.Misplaced.Certificate SUPPRIMÉ clé*: HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\D018B62DC518907247DF50925BB09ACF4A5CB3AD [Avast Software] =>PUM.Misplaced.Certificate SUPPRIMÉ clé*: HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\F8A54E03AADC5692B850496A4C4630FFEAA29D83 [Avast Software] =>PUM.Misplaced.Certificate SUPPRIMÉ clé*: HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\FA6660A94AB45F6A88C0D7874D89A863D74DEE97 [Avast Software] =>PUM.Misplaced.Certificate SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\InstallCore\Speedial [] =>Heuristic.InstallCore SUPPRIMÉ clé*: HKEY_USERS\S-1-5-21-359583552-3153100880-1950203234-1000\SOFTWARE\cacaoweb [C:\Users\Nabs\AppData\Roaming\cacaoweb\cacaoweb.exe (Not File)] =>.Superfluous.CacaoWeb SUPPRIMÉ clé*: HKEY_USERS\S-1-5-21-359583552-3153100880-1950203234-1000\SOFTWARE\Conduit [] =>.Superfluous.Conduit SUPPRIMÉ clé*: HKEY_USERS\S-1-5-21-359583552-3153100880-1950203234-1000\SOFTWARE\Softonic [] =>.Superfluous.Softonic SUPPRIMÉ clé*: HKEY_USERS\S-1-5-21-359583552-3153100880-1950203234-1000\SOFTWARE\speedial [] =>PUP.Optional.SearchYa SUPPRIMÉ clé: HKCU\Software\cacaoweb [C:\Users\Nabs\AppData\Roaming\cacaoweb\cacaoweb.exe (Not File)] =>.Superfluous.CacaoWeb SUPPRIMÉ clé: HKCU\Software\Conduit [] =>.Superfluous.Conduit SUPPRIMÉ clé: HKCU\Software\Softonic [] =>.Superfluous.Softonic SUPPRIMÉ clé: HKCU\Software\speedial [] =>PUP.Optional.SearchYa SUPPRIMÉ clé*: HKLM\SOFTWARE\DT soft\Daemon Tools toolbar [] =>PUP.Optional.DaemonToolsToolbar SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\mamverifier [] =>Toolbar.Mamverifier SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\InstallCore [] =>Adware.InstallCore SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Uniblue [] =>.Superfluous.Uniblue SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Speedial [Speedial] =>PUP.Optional.SearchYa SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{9aea10e8-c641-4bb5-b5f2-41d321e5216a} [Re-markit Software] =>PUP.Optional.ReMarkIt SUPPRIMÉ valeur: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\TCP Query User{0A3E67AE-B7DE-4871-BF0D-3768A900EE75}C:\users\nabs\appdata\roaming\cacaoweb\cacaoweb.exe [C:\users\nabs\appdata\roaming\cacaoweb\cacaoweb.exe] =>.Superfluous.CacaoWeb SUPPRIMÉ valeur: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\UDP Query User{25AEB241-1763-490C-BDD7-B411951A2915}C:\users\nabs\appdata\roaming\cacaoweb\cacaoweb.exe [C:\users\nabs\appdata\roaming\cacaoweb\cacaoweb.exe] =>.Superfluous.CacaoWeb SUPPRIMÉ valeur: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\TCP Query User{247B7D13-E1D5-4A3E-B715-520496E2509E}C:\users\nabs\appdata\roaming\cacaoweb\cacaoweb.exe [C:\users\nabs\appdata\roaming\cacaoweb\cacaoweb.exe] =>.Superfluous.CacaoWeb SUPPRIMÉ valeur: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\UDP Query User{A9ACD6FA-27B2-4BB8-9D6A-0A5BF1533C22}C:\users\nabs\appdata\roaming\cacaoweb\cacaoweb.exe [C:\users\nabs\appdata\roaming\cacaoweb\cacaoweb.exe] =>.Superfluous.CacaoWeb SUPPRIMÉ valeur: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\TCP Query User{0702B947-F9FE-460C-9587-D776C6B86CC7}C:\program files (x86)\popcorn time\popcorn-time.exe [C:\program files (x86)\popcorn time\popcorn-time.exe] =>.Superfluous.PopcornTime SUPPRIMÉ valeur: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\UDP Query User{1778C325-F3C3-4B43-A367-9AB4811C0506}C:\program files (x86)\popcorn time\popcorn-time.exe [C:\program files (x86)\popcorn time\popcorn-time.exe] =>.Superfluous.PopcornTime SUPPRIMÉ valeur: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\TCP Query User{5199A81C-0987-4D28-8253-4AE422B86AED}C:\users\nabs\appdata\local\popcorn time\node-webkit\popcorn time.exe [C:\users\nabs\appdata\local\popcorn time\node-webkit\popcorn time.exe] =>.Superfluous.PopcornTime SUPPRIMÉ valeur: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\UDP Query User{361D7E23-7139-4966-B13A-61E81910838C}C:\users\nabs\appdata\local\popcorn time\node-webkit\popcorn time.exe [C:\users\nabs\appdata\local\popcorn time\node-webkit\popcorn time.exe] =>.Superfluous.PopcornTime ---\\ Récapitulatif des éléments trouvés sur votre station. (15) https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>PUP.Optional.Chatango https://nicolascoolman.eu/2017/02/02/hacktool-autokms/ =>HackTool.AutoKMS https://nicolascoolman.eu/2017/03/02/adware-suspect/ =>Adware.Suspect https://nicolascoolman.eu/2017/06/26/trojan-certlock/ =>PUM.Misplaced.Certificate https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>Heuristic.InstallCore https://nicolascoolman.eu/2017/01/15/superfluous-cacaoweb/ =>.Superfluous.CacaoWeb https://nicolascoolman.eu/2017/02/06/superfluous-conduit/ =>.Superfluous.Conduit https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.Superfluous.Softonic https://www.nicolascoolman.com/fr/adware-searchya/ =>PUP.Optional.SearchYa https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>PUP.Optional.DaemonToolsToolbar https://www.nicolascoolman.com/fr/?p=5143 =>Toolbar.Mamverifier https://nicolascoolman.eu/2017/03/12/adware-installcore-2/ =>Adware.InstallCore https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.Superfluous.Uniblue https://www.nicolascoolman.com/fr/pup-remarkit/ =>PUP.Optional.ReMarkIt https://nicolascoolman.eu/2017/02/26/superfluous-popcorntime/ =>.Superfluous.PopcornTime ---\\ Nettoyage Additionnel. (36) ~ Suppression des Clés de registre Tracing. (36) ~ Suppression des anciens rapports ZHPCleaner. (0) ---\\ Bilan de la réparation ~ Réparation réalisée avec succès. ~ Ce navigateur est absent (Google Chrome) ---\\ Statistiques ~ Items scannés : 1058 ~ Items trouvés : 0 ~ Items annulés : 0 ~ Items réparés : 56 ~ End of clean in 00h00mn57s ~==================== ZHPCleaner-[R]-08082017-18_38_28.txt ZHPCleaner-[S]-08082017-18_36_21.txt