~ ZHPCleaner v2018.11.4.190 by Nicolas Coolman (2018/11/04)
~ Run by User (Administrator)  (05/11/2018 09:31:23)
~ Web: https://www.nicolascoolman.com
~ Blog: https://nicolascoolman.eu/
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Version OK
~ Certificate ZHPCleaner: Legal
~ Type : Scanner
~ Report : C:\Users\User\Desktop\ZHPCleaner.txt
~ Quarantine : C:\Users\User\AppData\Roaming\ZHP\ZHPCleaner_Reg.txt
~ UAC : Deactivate
~ Boot Mode : Normal (Normal boot)
Windows 7 Home Premium, 64-bit Service Pack 1 (Build 7601)


---\\  ALTERNATE DATA STREAM (ADS). (0)
~ Aucun élément malicieux ou superflu trouvé.


---\\  SERVICE. (0)
~ Aucun élément malicieux ou superflu trouvé.


---\\  NAVIGATEUR INTERNET. (1)
TROUVÉ: [jb6gstog.default-1488445546333] - user_pref("extensions.webextensions.uuids", "{\"screenshots@mozilla.org\":\"1ba29e65-d62c-4fa5-b946-[...]  =>Adware.MapsGalaxy


---\\  FICHIER HÔTE. (1)
~ Le fichier hôte est légitime. (21)


---\\  TÂCHE PLANIFIÉE. (1)
TROUVÉ tâche: [Yahoo! Powered mosif] [wscript.exe (Not File) ]  =>Adware.YahooPowered


---\\  EXPLORATEUR  ( Dossiers, Fichiers ). (8)
TROUVÉ fichier: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\jb6gstog.default-1488445546333\searchplugins\yahoo! powered.xml    =>Adware.YahooPowered
TROUVÉ fichier: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\jb6gstog.default-1488445546333\extensions\_39Members_@www.mapsgalaxy.com.xpi    =>Adware.MapsGalaxy
TROUVÉ fichier: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\jb6gstog.default-1488445546333\browser-extension-data\_39Members_@www.mapsgalaxy.com\storage.js    =>Adware.MapsGalaxy
TROUVÉ fichier: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\jb6gstog.default-1488445546333\bookmarkbackups\bookmarks-2018-08-10_29_ToTDTennWEmVbmZGrEFqGw==.jsonlz4    =>PUP.Optional.Duuqu
TROUVÉ fichier: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\c2w7ezqf.default-1538635442859\bookmarkbackups\bookmarks-2018-08-10_29_ToTDTennWEmVbmZGrEFqGw==.jsonlz4    =>PUP.Optional.Duuqu
TROUVÉ fichier: C:\Users\User\AppData\Local\Temp\bytefenceupdater-csb.exe [ - PsuedoUpdater]  =>.SUP.ByteFence
TROUVÉ dossier: C:\ProgramData\ByteFence\RTOP  =>.SUP.ByteFence
TROUVÉ dossier: C:\ProgramData\ByteFence  =>.SUP.ByteFence


---\\  BASE DE REGISTRES ( Clés, Valeurs, Données ). (8)
TROUVÉ clé: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} [https://fr.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_softjug_18_25_s[...]] [Yahoo! Powered]  =>Adware.YahooPowered
TROUVÉ clé: [X64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} [https://fr.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_softjug_18_25_s[...]] [Yahoo! Powered]  =>Adware.YahooPowered
TROUVÉ clé: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} [https://fr.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_softjug_18_25_s[...]] [Yahoo! Powered]  =>Adware.YahooPowered
TROUVÉ clé: HKU\.DEFAULT\Software\ByteFence []  =>.SUP.ByteFence
TROUVÉ clé: HKU\S-1-5-18\Software\ByteFence []  =>.SUP.ByteFence
TROUVÉ clé: HKCU\Software\csastats []  =>Adware.InstallCore
TROUVÉ clé: HKCU\Software\undefined []  =>.SUP.Downloader
TROUVÉ clé: HKCU\Software\ProductSetup []  =>Adware.InstallCore


---\\  RÉCAPITULATIF DES ÉLÉMENTS TROUVÉS SUR VOTRE STATION. (6)
https://nicolascoolman.eu/2017/11/27/adware-mapsgalaxy/  =>Adware.MapsGalaxy
https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/  =>Adware.YahooPowered
https://www.nicolascoolman.com/fr/pup-duuqu/  =>PUP.Optional.Duuqu
https://nicolascoolman.eu/2017/03/13/superfluous-bytefence/  =>.SUP.ByteFence
https://nicolascoolman.eu/2017/09/19/adware-installcore-3/  =>Adware.InstallCore
https://nicolascoolman.eu/2017/12/22/sup-downloader/  =>.SUP.Downloader


---\\ BILAN DE LA REPARATION
~ Aucune réparation effectuée.
~ Ce navigateur est absent  (Google Chrome)
~ Ce navigateur est absent  (Opera Software)


---\\ STATISTIQUES
~ Items scannés : 66335
~ Items trouvés : 25
~ Items annulés : 0
~ Items options : 0/7
~ Gain de place (Octets) : 0


~ End of search in 00h08mn49s

---\\  LISTE DES RAPPORTS (4)
ZHPCleaner-[R]-03072017-12_21_07.txt
ZHPCleaner-[S]-03072017-12_14_47.txt
ZHPCleaner-[S]-17092017-09_41_35.txt
ZHPCleaner-[S]-05112018-09_40_12.txt