~ ZHPCleaner v2018.6.8.132 by Nicolas Coolman (2018/06/08) ~ Run by lydia (Administrator) (09/06/2018 07:41:32) ~ Web: https://www.nicolascoolman.com ~ Blog: https://nicolascoolman.eu/ ~ Facebook : https://www.facebook.com/nicolascoolman1 ~ State version : Version OK ~ Certificate ZHPCleaner: Legal ~ Type : Nettoyer ~ Report : C:\Users\lydia\Desktop\ZHPCleaner.txt ~ Quarantine : C:\Users\lydia\AppData\Roaming\ZHP\ZHPCleaner_Reg.txt ~ UAC : Activate ~ Boot Mode : Normal (Normal boot) Windows 7 Home Premium, 64-bit Service Pack 1 (Build 7601) ---\\ ALTERNATE DATA STREAM (ADS). (0) ~ Aucun élément malicieux ou superflu trouvé. ---\\ SERVICE. (0) ~ Aucun élément malicieux ou superflu trouvé. ---\\ NAVIGATEUR INTERNET. (2) SUPPRIMÉ donnée: HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings [Bad : Port=51865 <-Loopback>] =>Hijacker.Proxy SUPPRIMÉ donnée: HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings [Bad : Port=51865 <-Loopback>] =>Hijacker.Proxy ---\\ FICHIER HÔTE. (1) ~ Le fichier hôte est légitime. (29314) ---\\ TÂCHE PLANIFIÉE. (1) SUPPRIMÉ tâche: [avabvbavad] [C:\Users\lydia\AppData\Local\avabvbavad\avabvbavad.exe (Not File) ] =>Heuristic.SearchProtect ---\\ EXPLORATEUR ( Dossiers, Fichiers ). (14) DEPLACÉ fichier: C:\Windows\System32\Tasks\avabvbavad =>Heuristic.SearchProtect DEPLACÉ fichier: C:\Users\lydia\Downloads\iLividSetup-r0-n-bf.exe =>Adware.Bandoo DEPLACÉ fichier: C:\Users\lydia\Downloads\[techincongo.net]kmspico.10.2.0.torrent =>HackTool.KMSpico DEPLACÉ fichier: C:\Users\lydia\Downloads\uTorrent.exe [BitTorrent Inc. - µTorrent] =>BitTorrent (P2P) DEPLACÉ fichier: C:\Users\lydia\Downloads\KMSpico 10.2.0 FINAL + Portable (Office and Windows 10 Activator) [TechTools]\KMSpico 10.2.0 FINAL + Portable (Office and Windows 10 Activator) [TechTools.NET]\KMSpico Portable\AutoPico.exe [@ByELDI - AutoPico] =>HackTool.KMSpico DEPLACÉ fichier: C:\Users\lydia\Downloads\KMSpico 10.2.0 FINAL + Portable (Office and Windows 10 Activator) [TechTools]\KMSpico 10.2.0 FINAL + Portable (Office and Windows 10 Activator) [TechTools.NET]\KMSpico Portable\KMSELDI.exe [@ByELDI - KMS GUI ELDI] =>HackTool.KMSpico DEPLACÉ fichier: C:\ProgramData\ntuser.pol =>PUP.Optional.Multiplug DEPLACÉ dossier: C:\Program Files (x86)\DriverToolkit =>.SUP.DriverToolkit DEPLACÉ dossier: C:\Program Files\KMSpico =>HackTool.KMSpico DEPLACÉ dossier: C:\Users\lydia\Downloads\KMSpico 10.2.0 FINAL + Portable (Office and Windows 10 Activator) [TechTools] =>HackTool.KMSpico DEPLACÉ dossier: C:\Users\lydia\AppData\Local\DriverToolkit =>.SUP.DriverToolkit DEPLACÉ dossier: C:\Users\lydia\AppData\Local\SlimWare Utilities Inc =>.SUP.SlimWareUtilities DEPLACÉ dossier: C:\Users\lydia\AppData\Local\com =>PUP.Optional.Generic DEPLACÉ dossier: C:\Users\lydia\AppData\LocalLow\IObit\Advanced SystemCare =>.SUP.AdvancedSystemCare ---\\ BASE DE REGISTRES ( Clés, Valeurs, Données ). (47) SUPPRIMÉ clé: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233} [https://mysearch.avg.com/search?cid={4AE78E12-FF7D-451C-AC2B-F654C96BA92E}&mid=19798da4f88f47cd88f7d[...]] [AVG Secure Search] =>PUP.Optional.MySearch SUPPRIMÉ clé: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233} [https://mysearch.avg.com/search?cid={4AE78E12-FF7D-451C-AC2B-F654C96BA92E}&mid=19798da4f88f47cd88f7d967196dcb3c-83efd21f590fc87e4f77e33bb01bb5ff85216038&lang=fr&ds=AVG&coid=avgtbavg&cmpid=0316avz&pr=fr&d=2016-03-14 17:47:28&v=4.2.8.608&pid=wtu&sg=&sap=dsp&q={searchTerms}] =>PUP.Optional.MySearch SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Clients\StartMenuInternet\Torch [] =>.SUP.Torch SUPPRIMÉ clé*: HKCU\SOFTWARE\Clock Hand [] =>PUP.Optional.ClockHand SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Clock Hand [] =>PUP.Optional.ClockHand SUPPRIMÉ clé: HKEY_USERS\S-1-5-21-1387321943-1682693052-2877103125-1001\SOFTWARE\Clock Hand [] =>PUP.Optional.ClockHand SUPPRIMÉ clé*: HKEY_USERS\S-1-5-21-1387321943-1682693052-2877103125-1001\SOFTWARE\DriverToolkit [] =>.SUP.DriverToolkit SUPPRIMÉ clé*: HKEY_USERS\S-1-5-21-1387321943-1682693052-2877103125-1001\SOFTWARE\ICSW1.14 [] =>Adware.InstallCore SUPPRIMÉ clé*: HKEY_USERS\S-1-5-21-1387321943-1682693052-2877103125-1001\SOFTWARE\SlimWare Utilities Inc [] =>.SUP.SlimWareUtilities SUPPRIMÉ clé*: HKEY_USERS\S-1-5-21-1387321943-1682693052-2877103125-1001\SOFTWARE\Vittalia [] =>Adware.Vittalia SUPPRIMÉ clé*: HKEY_USERS\S-1-5-21-1387321943-1682693052-2877103125-1001\SOFTWARE\Classes\.zip [PepperZip] =>PUP.Optional.PepperZip SUPPRIMÉ clé*: HKEY_USERS\.DEFAULT\Software\AppDataLow\Software\_CrossriderRegNamePlaceHolder_ [] =>Adware.CrossRider SUPPRIMÉ clé: HKCU\Software\DriverToolkit [] =>.SUP.DriverToolkit SUPPRIMÉ clé: HKCU\Software\ICSW1.14 [] =>Adware.InstallCore SUPPRIMÉ clé: HKCU\Software\SlimWare Utilities Inc [] =>.SUP.SlimWareUtilities SUPPRIMÉ clé: HKCU\Software\Vittalia [] =>Adware.Vittalia SUPPRIMÉ clé*: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{75794B5A-9D20-42B9-93E1-E69E6EBFE155} [C:\Program Files (x86)\Browser+ Apps+ (Not File)] =>Adware.CrossRider SUPPRIMÉ clé*: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{98A5AB2D-A639-47E3-BC81-D09F8F25A3C0} [C:\Program Files (x86)\Browser+ Apps+ (Not File)] =>Adware.CrossRider SUPPRIMÉ clé*: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A33E7CF-FE64-4C9C-A03E-9838ACD8B1} [C:\Program Files (x86)\Browser+ Apps+ (Not File)] =>Adware.CrossRider SUPPRIMÉ clé*: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A3D7BD11-A208-4AD7-9045-1393B16DD978} [C:\Program Files (x86)\Browser+ Apps+ (Not File)] =>Adware.CrossRider SUPPRIMÉ clé*: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ABAD848F-E884-4799-8112-BAB3F43C1437} [C:\Program Files (x86)\Browser+ Apps+ (Not File)] =>Adware.CrossRider SUPPRIMÉ clé*: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DAD70627-C3A8-44D5-9629-480EF7B23A0} [C:\Program Files (x86)\Browser+ Apps+ (Not File)] =>Adware.CrossRider SUPPRIMÉ clé*: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E8C6FE6-1FB2-4735-83F8-409C877E3EC} [C:\Program Files (x86)\Browser+ Apps+ (Not File)] =>Adware.CrossRider SUPPRIMÉ clé*: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F96699B2-5541-4B29-B2A6-3116C7C8B2CC} [C:\Program Files (x86)\Browser+ Apps+ (Not File)] =>Adware.CrossRider SUPPRIMÉ clé*: HKCU\Software\TeleCharger [] =>.SUP.Downloader SUPPRIMÉ clé*: HKCU\Software\ProductSetup [] =>Adware.InstallCore SUPPRIMÉ clé*: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyFreeCodec [] =>PUP.Optional.Legacy SUPPRIMÉ clé*: HKLM\SOFTWARE\Wow6432Node\Policies\Google\Update [] =>PUM.Security.Hijack SUPPRIMÉ clé*: HKLM\SOFTWARE\Google\Chrome\NativeMessagingHosts\com.ascplugin.protect [C:\Program Files (x86)\IObit\IObit Malware Fighter\Surfing Protection\\NativeMsg.json (Not File)] =>.SUP.AdvancedSystemCare SUPPRIMÉ clé*: HKLM\SOFTWARE\Iobit\ASC [] =>.SUP.AdvancedSystemCare SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\..9 [YouotubeAdBlOcke] =>PUP.Optional.Generic SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56} [secman] =>PUP.Optional.Camec SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\TypeLib\{02CB8B90-CAB8-40B1-917E-CD8C650ADE84} [ClockHandIEClientLib] =>Adware.Sambreel SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\Magnet [iLivid.torrent] =>Adware.Bandoo SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\Torch.torrent [] =>.SUP.Torch SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\CLSID\{0b8fed8b-b396-4840-8fe0-54a7b6fb2315} [YouotubeAdBlOcke] =>PUP.Optional.YouTubeAdBlock SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\CLSID\{6bdce6e8-250d-4372-a4a0-833fb1747d81} [prIceicHoup] =>PUP.Optional.PriceChop SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\Applications\DriverUpdaterPro.exe [] =>.SUP.DriverUpdaterPro SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\Applications\iLividSetup-r706-n-bf.exe [] =>Adware.Bandoo SUPPRIMÉ clé*: HKLM\SYSTEM\CurrentControlSet\Services\KMService [] =>Hacktool.Office SUPPRIMÉ clé*: HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Update sizlsearch [] =>PUP.Optional.SizlSearch SUPPRIMÉ clé*: HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Util Clock Hand [] =>PUP.Optional.ClockHand SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\SlimWare Utilities Inc [] =>.SUP.SlimWareUtilities SUPPRIMÉ clé: [X64] HKLM\SOFTWARE\Wow6432Node\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56} [secman] =>PUP.Optional.Camec SUPPRIMÉ clé: [X64] HKLM\SOFTWARE\Wow6432Node\Classes\TypeLib\{02CB8B90-CAB8-40B1-917E-CD8C650ADE84} [ClockHandIEClientLib] =>Adware.Sambreel SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{5F189DF5-2D05-472B-9091-84D9848AE48B}{d0e87c27} [Certified Publisher] =>PUP.Optional.SafeWeb SUPPRIMÉ clé**: [X64] HKLM\SOFTWARE\Classes\CLSID\{0b8fed8b-b396-4840-8fe0-54a7b6fb2315}\InprocServer32 [] =>Adware.Sambreel ---\\ RÉCAPITULATIF DES ÉLÉMENTS TROUVÉS SUR VOTRE STATION. (28) https://nicolascoolman.eu/2017/04/03/hijacker-proxy/ =>Hijacker.Proxy https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>Heuristic.SearchProtect https://nicolascoolman.eu/2017/02/23/adware-bandoo/ =>Adware.Bandoo https://nicolascoolman.eu/2017/02/16/hacktool-kmspico/ =>HackTool.KMSpico https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>BitTorrent (P2P) https://www.anti-malware.top/2016/04/28/pup-optional-multiplug/ =>PUP.Optional.Multiplug https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.SUP.DriverToolkit https://nicolascoolman.eu/2017/03/03/superfluous-slimwareutilities/ =>.SUP.SlimWareUtilities https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>PUP.Optional.Generic https://nicolascoolman.eu/2017/12/26/sup-advancedsystemcare/ =>.SUP.AdvancedSystemCare https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>PUP.Optional.MySearch https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.SUP.Torch https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>PUP.Optional.ClockHand https://nicolascoolman.eu/2017/09/19/adware-installcore-3/ =>Adware.InstallCore https://nicolascoolman.eu/2017/09/20/adware-vittalia/ =>Adware.Vittalia https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>PUP.Optional.PepperZip https://nicolascoolman.eu/2017/03/11/pup-optional-crossrider/ =>Adware.CrossRider https://nicolascoolman.eu/2017/12/22/sup-downloader/ =>.SUP.Downloader https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>PUP.Optional.Legacy https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>PUM.Security.Hijack https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>PUP.Optional.Camec https://nicolascoolman.eu/2017/09/24/adware-sambreel/ =>Adware.Sambreel https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>PUP.Optional.YouTubeAdBlock https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>PUP.Optional.PriceChop https://www.anti-malware.top/2016/05/07/superfluous-driverupdaterpro/ =>.SUP.DriverUpdaterPro https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>Hacktool.Office https://www.nicolascoolman.com/fr/pup-sizlsearch/ =>PUP.Optional.SizlSearch https://www.nicolascoolman.com/fr/pup-safeweb/ =>PUP.Optional.SafeWeb ---\\ NETTOYAGE ADDITIONNEL. (34) ~ Suppression des Clés de registre Tracing. (34) ~ Suppression des anciens rapports ZHPCleaner. (0) ---\\ BILAN DE LA REPARATION ~ Réparation réalisée avec succès. ~ Ce navigateur est absent (Google Chrome) ~ Ce navigateur est absent (Opera Software) ---\\ STATISTIQUES ~ Items scannés : 59589 ~ Items trouvés : 0 ~ Items annulés : 0 ~ Items options : 0/7 ~ Gain de place (Octets) : 0 ~ End of clean in 00h04mn25s ---\\ LISTE DES RAPPORTS (2) ZHPCleaner-[S]-09062018-00_40_21.txt ZHPCleaner-[R]-09062018-07_45_57.txt