~ ZHPCleaner v2021.6.24.304 by Nicolas Coolman (2021/06/24) ~ Run by azarete (Administrator) (24/06/2021 15:19:24) ~ Web: https://www.nicolascoolman.com ~ Blog: https://nicolascoolman.eu/ ~ Facebook : https://www.facebook.com/nicolascoolman1 ~ State version : ~ Type : Nettoyer ~ Report : C:\Users\azarete\Desktop\ZHPCleaner (R).txt ~ Quarantine : C:\Users\azarete\AppData\Roaming\ZHP\ZHPCleaner_Reg.txt ~ System Restore Point : ~ UAC : Activate ~ Boot Mode : Normal (Normal boot) Windows 7 Home Premium, 64-bit Service Pack 1 (Build 7601) ---\\ ALTERNATE DATA STREAM (ADS). (0) ~ Aucun élément malicieux ou superflu trouvé. ---\\ SERVICE. (0) ~ Aucun élément malicieux ou superflu trouvé. ---\\ NAVIGATEUR INTERNET. (0) ~ Aucun élément malicieux ou superflu trouvé. ---\\ FICHIER HÔTE. (1) ~ Le fichier hôte est légitime. (21) ---\\ TÂCHE PLANIFIÉE. (0) ~ Aucun élément malicieux ou superflu trouvé. ---\\ EXPLORATEUR ( Dossiers, Fichiers ). (20) DEPLACÉ fichier: C:\Users\azarete\AppData\Local\Microsoft\Edge\User Data\Default\Preferences =>Préférences Chromium DEPLACÉ fichier: C:\Windows\Installer\wix{B5E06417-A4AC-4225-B36E-7E34C91616E7}.SchedServiceConfig.rmi =>.SUP.Empty DEPLACÉ fichier: C:\Windows\Installer\311457f.msp =>.SUP.Obsolete.Adobe DEPLACÉ fichier: C:\Windows\Installer\59b4fd.msp =>.SUP.Obsolete.Adobe DEPLACÉ fichier: C:\Users\azarete\AppData\Local\Temp\CUsersazareteAppDataLocalProgramsOpera76.0.4017.154opera_autoupdate.download.lock =>.SUP.Temporary.Opera DEPLACÉ fichier: C:\Users\azarete\AppData\Local\Temp\CUsersazareteAppDataLocalProgramsOpera76.0.4017.154opera_autoupdate.metrics.lock =>.SUP.Temporary.Opera DEPLACÉ fichier: C:\Users\azarete\AppData\Local\Temp\CUsersazareteAppDataLocalProgramsOpera76.0.4017.177opera_autoupdate.download.lock =>.SUP.Temporary.Opera DEPLACÉ fichier: C:\Users\azarete\AppData\Local\Temp\CUsersazareteAppDataLocalProgramsOpera76.0.4017.177opera_autoupdate.metrics.lock =>.SUP.Temporary.Opera DEPLACÉ fichier: C:\Users\azarete\AppData\Local\Temp\CUsersazareteAppDataLocalProgramsOpera77.0.4054.90opera_autoupdate.download.lock =>.SUP.Temporary.Opera DEPLACÉ fichier: C:\Users\azarete\AppData\Local\Temp\CUsersazareteAppDataLocalProgramsOpera77.0.4054.90opera_autoupdate.metrics.lock =>.SUP.Temporary.Opera DEPLACÉ fichier: C:\Users\azarete\AppData\Local\Temp\NewImage.jpg =>.SUP.Temporary.Picture DEPLACÉ dossier: C:\Users\azarete\AppData\Local\{0F376500-DFBE-47DE-A1F0-B86761A82BF2} =>.SUP.Empty DEPLACÉ dossier: C:\Windows\Installer\MSI2F11.tmp- =>.SUP.Empty DEPLACÉ dossier: C:\Windows\Installer\MSI2FBD.tmp- =>.SUP.Empty DEPLACÉ dossier: C:\Windows\Installer\MSIE8C3.tmp- =>.SUP.Empty DEPLACÉ dossier: C:\Windows\Installer\MSIF9E.tmp- =>.SUP.Empty DEPLACÉ dossier: C:\Windows\Installer\MSIFE56.tmp- =>.SUP.Empty DEPLACÉ dossier: C:\Windows\Installer\MSIFF03.tmp- =>.SUP.Empty DEPLACÉ dossier: C:\Users\azarete\AppData\LocalLow\Intel =>.SUP.Empty DEPLACÉ dossier: C:\Users\azarete\AppData\LocalLow\VDownloader =>.SUP.Empty ---\\ BASE DE REGISTRES ( Clés, Valeurs, Données ). (60) SUPPRIMÉ donnée: HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{756FF146-E13F-4876-A726-64D9B3448924}\\NameServer [Bad : 1.1.1.1,1.0.0.1] =>Hijacker.Browser SUPPRIMÉ clé*: HKCU\Software\undefined [AdditionalScan 149] =>.SUP.Downloader SUPPRIMÉ clé*: HKEY_USERS\S-1-5-21-3441243421-3598524406-3558366238-1000\SOFTWARE\Magicbit [] =>.SUP.Magicbit SUPPRIMÉ clé**: HKCU\Software\Magicbit [] =>.SUP.Magicbit SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A7E19604-93AF-4611-8C9F-CE509C2B286E}_is1 [Vitzo Limited] =>Adware.OpenCandy SUPPRIMÉ valeur: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Program Files\VideoLAN\VLC\vlc.exe [VLC media player] =>.SUP.Orphan.MUICache SUPPRIMÉ valeur: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Program Files (x86)\Windows Media Player\wmplayer.exe [Lecteur Windows Media] =>.SUP.Orphan.MUICache SUPPRIMÉ valeur: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Program Files\Windows Mail\wab.exe [Contacts Windows] =>.SUP.Orphan.MUICache SUPPRIMÉ valeur: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Program Files\Windows Photo Viewer\PhotoViewer.dll [Visionneuse de photos Windows] =>.SUP.Orphan.MUICache SUPPRIMÉ valeur: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Program Files\Windows NT\Accessories\WORDPAD.EXE [WordPad] =>.SUP.Orphan.MUICache SUPPRIMÉ valeur: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Program Files\Internet Explorer\iexplore.exe [Internet Explorer] =>.SUP.Orphan.MUICache SUPPRIMÉ valeur: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Program Files\Mozilla Firefox\firefox.exe [Firefox] =>.SUP.Orphan.MUICache SUPPRIMÉ valeur: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe [Adobe Acrobat Reader DC ] =>.SUP.Orphan.MUICache SUPPRIMÉ valeur: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Program Files (x86)\WinRAR\WinRAR.exe [WinRAR archiver] =>.SUP.Orphan.MUICache SUPPRIMÉ valeur: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Users\azarete\AppData\Local\Programs\Opera\Launcher.exe [Opera Internet Browser] =>.SUP.Orphan.MUICache SUPPRIMÉ valeur: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Program Files (x86)\Windows Photo Viewer\PhotoViewer.dll [Visionneuse de photos Windows] =>.SUP.Orphan.MUICache SUPPRIMÉ valeur: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Program Files (x86)\HP\HP ENVY 5000 series\bin\HPScan.exe [HPScan] =>.SUP.Orphan.MUICache SUPPRIMÉ valeur: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\Uplay.exe [Uplay launcher] =>.SUP.Orphan.MUICache SUPPRIMÉ valeur: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe [Malwarebytes] =>.SUP.Orphan.MUICache SUPPRIMÉ valeur: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Program Files (x86)\GSM SIM Utility 5.15\SIMScanner.exe [SIMScanner] =>.SUP.Orphan.MUICache SUPPRIMÉ valeur: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Program Files\CCleaner\CCleaner64.exe [CCleaner] =>.SUP.Orphan.MUICache SUPPRIMÉ valeur: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Program Files (x86)\HP Photo Creations\PhotoProduct.exe [PhotoProduct.exe] =>.SUP.Orphan.MUICache SUPPRIMÉ valeur: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Program Files\HP\HP ENVY 5000 series\Bin\hpqDTSS.exe [DesktopSureSupply] =>.SUP.Orphan.MUICache SUPPRIMÉ valeur: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\E:\steamlibrary\steamapps\common\hatred\hatred\binaries\win64\hatred-win64-shipping.exe [Hatred] =>.SUP.Orphan.MUICache SUPPRIMÉ valeur: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\E:\steamlibrary\steamapps\common\call of duty world at war\codwaw.exe [Call of Duty(R): World at War Campaign/Coop] =>.SUP.Orphan.MUICache SUPPRIMÉ valeur: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Program Files\HP\HP ENVY 5000 series\Bin\HP ENVY 5000 series.exe [HP Printer Assistant] =>.SUP.Orphan.MUICache SUPPRIMÉ valeur: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [NVIDIA GeForce Experience] =>.SUP.Orphan.MUICache SUPPRIMÉ valeur: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Program Files (x86)\GSM SIM Utility 5.15\SIMEditor.exe [SIMEditor] =>.SUP.Orphan.MUICache SUPPRIMÉ valeur: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\E:\steamlibrary\steamapps\common\call of duty world at war\codwawmp.exe [Call of Duty(R): World at War Multiplayer] =>.SUP.Orphan.MUICache SUPPRIMÉ valeur: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\E:\steamlibrary\steamapps\common\smite\binaries\win64\smite.exe [Smite] =>.SUP.Orphan.MUICache SUPPRIMÉ valeur: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\E:\steamlibrary\steamapps\common\woolfetrhd\binaries\win64\woolfegame.exe [Woolfe - The Red Hood Diaries] =>.SUP.Orphan.MUICache SUPPRIMÉ valeur: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\E:\logiciels\audacity\Audacity\audacity.exe [Audacity® Cross-Platform Sound Editor] =>.SUP.Orphan.MUICache SUPPRIMÉ valeur: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Program Files (x86)\CrystalDiskInfo\DiskInfo32.exe [CrystalDiskInfo] =>.SUP.Orphan.MUICache SUPPRIMÉ valeur: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Program Files\VDownloader\VDownloader4.exe [VDownloader] =>.SUP.Orphan.MUICache SUPPRIMÉ valeur: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\E:\logiciels\Photoshop CC 2018\Adobe Photoshop CC 2018\Photoshop.exe [Adobe Photoshop CC 2018] =>.SUP.Orphan.MUICache SUPPRIMÉ valeur: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\E:\logiciels\CorelDRAW Graphics Suite X4\Programs\CorelDRW.exe [CorelDRAW(R)] =>.SUP.Orphan.MUICache SUPPRIMÉ valeur: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\E:\logiciels\CorelDRAW Graphics Suite X4\Setup\Setup.exe [Setup.exe] =>.SUP.Orphan.MUICache SUPPRIMÉ valeur: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Program Files\Avidemux 2.7 - 64 bits\avidemux.exe [Avidemux 2.7.3] =>.SUP.Orphan.MUICache SUPPRIMÉ valeur: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Program Files\obs-studio\bin\64bit\obs64.exe [OBS Studio] =>.SUP.Orphan.MUICache SUPPRIMÉ valeur: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\E:\Jeux\Uplay\Ubisoft Game Launcher\games\Tom Clancy's The Division 2\TheDivision2.exe [Tom Clancy's The Division 2] =>.SUP.Orphan.MUICache SUPPRIMÉ valeur: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\E:\logiciels\Inkscape\inkscape.com [inkscape] =>.SUP.Orphan.MUICache SUPPRIMÉ valeur: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\E:\logiciels\Inkscape\inkscape.exe [Inkscape vector graphics editor] =>.SUP.Orphan.MUICache SUPPRIMÉ valeur: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\program files (x86)\soulseekqt\soulseekqt.exe [SoulseekQt] =>.SUP.Orphan.MUICache SUPPRIMÉ valeur: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\E:\logiciels\SoulseekQt-2019-7-22-64bit.exe [SoulseekQt Setup ] =>.SUP.Orphan.MUICache SUPPRIMÉ valeur: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\E:\SteamLibrary\steamapps\common\DiRT 3 Complete Edition\dirt3_game.exe [DiRT 3 Executable] =>.SUP.Orphan.MUICache SUPPRIMÉ valeur: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\E:\jeux\epic games\gtav\gta5.exe [Grand Theft Auto V] =>.SUP.Orphan.MUICache SUPPRIMÉ valeur: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\E:\Jeux\The Dungeon Of Naheulbeuk\setup.exe [The Dungeon Of Naheulbeuk Setup ] =>.SUP.Orphan.MUICache SUPPRIMÉ valeur: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\E:\Jeux\The Dungeon Of Naheulbeuk\Verify BIN files before installation.bat [Verify BIN files before installation] =>.SUP.Orphan.MUICache SUPPRIMÉ valeur: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\E:\Jeux\Zombie Army Trilogy\bin\ZAT.exe [ZAT] =>.SUP.Orphan.MUICache SUPPRIMÉ valeur: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\E:\Jeux\GOG 2.0\GOG Galaxy\Games\The Witcher 2\Launcher.exe [The Witcher 2 Launcher Application] =>.SUP.Orphan.MUICache SUPPRIMÉ valeur: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\E:\Jeux\GOG 2.0\GOG Galaxy\Games\The Witcher 2\PerformanceTester.exe [PerformanceTester] =>.SUP.Orphan.MUICache SUPPRIMÉ valeur: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\E:\Jeux\GOG 2.0\GOG Galaxy\GalaxyClient Helper.exe [GalaxyClient Helper Application] =>.SUP.Orphan.MUICache SUPPRIMÉ valeur: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\E:\jeux\epic games\darkestdungeon\_windowsnosteam\darkest.exe [Darkest] =>.SUP.Orphan.MUICache SUPPRIMÉ valeur: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\E:\GOG Galaxy\GalaxyClient.exe [GOG Galaxy] =>.SUP.Orphan.MUICache SUPPRIMÉ valeur: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\E:\Origin\Origin.exe [Origin] =>.SUP.Orphan.MUICache SUPPRIMÉ valeur: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Program Files\Black Tree Gaming Ltd\Vortex\Vortex.exe [Vortex] =>.SUP.Orphan.MUICache SUPPRIMÉ valeur: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\E:\Jeux\Warfare\Battle.net\Battle.net Launcher.exe [Blizzard Battle.net App Launcher] =>.SUP.Orphan.MUICache SUPPRIMÉ valeur: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Users\azarete\Downloads\CrucialFRScan.exe [CrucialFRScan] =>.SUP.Orphan.MUICache SUPPRIMÉ valeur: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Program Files\HP\HP DeskJet 3630 series\Bin\hpqDTSS.exe [DesktopSureSupply] =>.SUP.Orphan.MUICache SUPPRIMÉ valeur: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\E:\Program Files (x86)\Origin Games\STAR WARS Battlefront II\starwarsbattlefrontii.exe [STAR WARS™ Battlefront™ II] =>.SUP.Orphan.MUICache ---\\ RÉCAPITULATIF DES ÉLÉMENTS TROUVÉS SUR VOTRE STATION. (10) https://nicolascoolman.eu/forum/Topic/repaquetage-et-infection/ =>Préférences Chromium https://nicolascoolman.eu/forum/Topic/logiciels-potentiellement-superflus-lps/ =>.SUP.Empty https://nicolascoolman.eu/forum/Topic/logiciels-potentiellement-superflus-lps/ =>.SUP.Obsolete.Adobe https://nicolascoolman.eu/forum/Topic/logiciels-potentiellement-superflus-lps/ =>.SUP.Temporary.Opera https://nicolascoolman.eu/forum/Topic/logiciels-potentiellement-superflus-lps/ =>.SUP.Temporary.Picture https://nicolascoolman.eu/2017/11/10/hijacker-browser-3/ =>Hijacker.Browser https://nicolascoolman.eu/2017/12/22/sup-downloader/ =>.SUP.Downloader https://nicolascoolman.eu/2017/12/23/sup-magicbit/ =>.SUP.Magicbit https://nicolascoolman.eu/2017/02/24/adware-opencandy/ =>Adware.OpenCandy https://nicolascoolman.eu/forum/Topic/orphan-muicache-logiciel-potentiellement-superflu-lps/ =>.SUP.Orphan.MUICache ---\\ NETTOYAGE ADDITIONNEL. (1) ~ Suppression des Clés de registre Tracing. (1) ~ Suppression des anciens rapports ZHPCleaner. (0) ---\\ BILAN DE LA REPARATION ~ Réparation réalisée avec succès. ~ Mozilla Firefox OK ~ Internet Explorer OK ~ Opera Stable OK ---\\ STATISTIQUES ~ Items scannés : 1350 ~ Items trouvés : 0 ~ Items annulés : 0 ~ Gain de place (Octets) : 17838 ~ Items options : 16/17 ---\\ OPTIONS DESACTIVÉES ~ Initialiser les navigateurs avec suppression des extensions ~ End of clean in 00h00mn16s ---\\ LISTE DES RAPPORTS (2) ZHPCleaner-[S]-24062021-15_15_58.txt ZHPCleaner-[R]-24062021-15_19_40.txt