Format du document : text/plain
Prévisualisation
~ ZHPCleaner v2016.7.30.92 by Nicolas Coolman (2016/07/30)
~ Run by nonox88 (Administrator) (31/07/2016 12:57:38)
~ Site : https://www.nicolascoolman.com
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Version OK
~ Type : Nettoyer
~ Report : C:\Users\nonox88\Desktop\ZHPCleaner.txt
~ Quarantine : C:\Users\nonox88\AppData\Roaming\ZHP\ZHPCleaner_Quarantine.txt
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
Windows 10 Pro, 64-bit (Build 10586)
---\\ Service. (0)
~ Aucun élément malicieux ou superflu trouvé.
---\\ Navigateur internet. (2)
SUPPRIMÉ: [3voffvtc.default] - user_pref("extensions.MiddleRush.cg", "34519d77-2115-4256-b42c-a2cf3bf59128"); =>Adware.BrowseFox
SUPPRIMÉ: [3voffvtc.default] - user_pref("lightweightThemes.usedThemes", "[{\"id\":\"283616\",\"name\":\"Nidalee\",\"headerURL\":\"[...] =>.Superfluous.IronSourceLtd
---\\ Fichier hôte. (1)
~ Le fichier hôte est légitime. (29)
---\\ Tâche planifiée. (7)
SUPPRIMÉ tâche: [AutoPico Daily Restart] [C:\Program Files\KMSpico\AutoPico.exe (Not File) ] =>HackTool.KMSpico
SUPPRIMÉ tâche: [Dregol tone] [C:\ProgramData\{4A74A2B7-1AF6-7331-AB70-03B37BF2D03D}\1.17.0.1\fiber.js 433a2f50726f6772616d446174612f7b34413734413242372d314146362d373333312d414237302d3033423337424632443033447d2f312e31372e302e312f746f6e652e646c6c 687474703a2f2f73616f2e72657164726 (Not File) ] =>PUP.Optional.Browser
SUPPRIMÉ tâche: [ParetoLogic Registration3] [C:\Program Files (x86)\Common Files\ParetoLogic\UUS3\UUS3.dll RunUns (Not File) ] =>.Superfluous.Paretologic
SUPPRIMÉ tâche: [ParetoLogic Update Version3] [C:\Program Files (x86)\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe (Not File) ] =>.Superfluous.Paretologic
SUPPRIMÉ tâche: [ParetoLogic Update Version3 Startup Task] [C:\Program Files (x86)\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe (Not File) ] =>.Superfluous.Paretologic
SUPPRIMÉ tâche: [Run_dregol] [C:\Users\nonox88\AppData\Roaming\RUN_DR~1\UPDATE~1\UPDATE~1.EXE (Not File) ] =>PUP.Optional.RunDregol
SUPPRIMÉ tâche: [Selection Tools Update] [C:\Users\nonox88\AppData\Roaming\WTools\Selection Tools\Selection Tools Update.exe (Not File) ] =>.Superfluous.Nosibay
---\\ Explorateur ( Dossiers, Fichiers ). (31)
DEPLACÉ fichier: C:\Program Files\KMSpico\AutoPico.exe [ - AutoPico] =>HackTool.KMSpico
DEPLACÉ fichier: C:\Program Files (x86)\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe [Copyright (C) 2013 - Application de mise à jour] =>.Superfluous.Paretologic
DEPLACÉ fichier: C:\Windows\Tasks\ParetoLogic Registration3.job =>.Superfluous.Paretologic
DEPLACÉ fichier: C:\Windows\Tasks\ParetoLogic Update Version3 Startup Task.job =>.Superfluous.Paretologic
DEPLACÉ fichier: C:\Windows\Tasks\ParetoLogic Update Version3.job =>.Superfluous.Paretologic
DEPLACÉ fichier: C:\END =>.Superfluous.Conduit
DEPLACÉ fichier: C:\Windows\Prefetch\PARETOLOGIC PC HEALTH ADVISOR-C1DD0BEB.pf =>.Superfluous.Paretologic
DEPLACÉ fichier: C:\Users\nonox88\Downloads\ParetoLogic PC Health Advisor_fr.exe [ParetoLogic Inc. - PC Health Advisor Installer] =>.Superfluous.Paretologic
DEPLACÉ fichier: C:\Windows\SECOH-QAD.exe =>HackTool.KMSpico
DEPLACÉ fichier: C:\Windows\AutoKMS\AutoKMS.exe [CODYQX4 - AutoKMS] =>HackTool.AutoKMS
DEPLACÉ fichier: C:\Windows\AutoKMS\AutoKMS.log =>HackTool.AutoKMS
DEPLACÉ fichier^: C:\Users\nonox88\AppData\Local\app =>PUP.Optional.CrossRider
DEPLACÉ fichier: C:\program files (x86)\common files\Tencent\qqdownload\130\bugreport_xf.exe =>.Superfluous.Tencent
DEPLACÉ fichier: C:\program files (x86)\common files\Tencent\qqdownload\130\tencentdl.exe [Tencent - 腾讯高速下载引擎] =>.Superfluous.Tencent
DEPLACÉ fichier: C:\Program Files\KMSpico\KMSELDI.exe [ - KMS GUI ELDI] =>HackTool.KMSpico
DEPLACÉ dossier: C:\Program Files (x86)\Hostify =>.Superfluous.CSDI
DEPLACÉ dossier: C:\Program Files\KMSpico =>HackTool.KMSpico
DEPLACÉ dossier: C:\Program Files (x86)\Common Files\ParetoLogic =>.Superfluous.Paretologic
DEPLACÉ dossier: C:\Program Files (x86)\Common Files\Tencent =>.Superfluous.Tencent
DEPLACÉ dossier: C:\ProgramData\ParetoLogic =>.Superfluous.Paretologic
DEPLACÉ dossier: C:\ProgramData\Tencent =>.Superfluous.Tencent
DEPLACÉ dossier: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico =>HackTool.KMSpico
DEPLACÉ dossier: C:\WINDOWS\AutoKMS =>HackTool.AutoKMS
DEPLACÉ dossier: C:\Users\nonox88\AppData\Roaming\DriverCure =>.Superfluous.Paretologic
DEPLACÉ dossier: C:\Users\nonox88\AppData\Roaming\ParetoLogic =>.Superfluous.Paretologic
DEPLACÉ dossier: C:\Users\nonox88\AppData\Roaming\Store =>.Superfluous.Nosibay
DEPLACÉ dossier: C:\Users\nonox88\AppData\Roaming\Tencent =>.Superfluous.Tencent
DEPLACÉ dossier: C:\Users\nonox88\AppData\Local\CrashRpt =>.Superfluous.CrashReports
DEPLACÉ dossier: C:\Program Files (x86)\QuickSearch =>PUP.Optional.FastSearch
DEPLACÉ dossier: C:\ProgramData\TXQMPC =>.Superfluous.TXQMPC
DEPLACÉ dossier: C:\Users\nonox88\AppData\Local\Microsoft Toolkit =>HackTool.AutoKMS
---\\ Base de Registres ( Clés, Valeurs, Données ). (46)
SUPPRIMÉ clé: [X64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} [http://www.dregol.com/results.php?f=4&q={searchTerms}&a=drg_ir_15_20&cd=2XzuyEtN2Y1L1Qzu0F0C0A0AtCyE[...]] [Dregol] =>PUP.Optional.Browser
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\MozillaPlugins\@qq.com/npAndroidAssistant [Tencent, Inc.] =>.Superfluous.Tencent
SUPPRIMÉ clé: [X64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} [http://www.dregol.com/results.php?f=4&q={searchTerms}&a=drg_ir_15_20&cd=2XzuyEtN2Y1L1Qzu0F0C0A0AtCyEtB0ByBtDyDtD0A0FtByCtN0D0Tzu0StCtBtAtBtN1L2XzutAtFtCtDtFtBtFtDtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2SyC0AyEyE0AtCtA0FtGtDzytDtDtGyE0C0BzztGyEyCzz0FtGyBzz0CtD0CtB0CyDtCyE0C0C2QtN1M1F1B2Z1V1N2Y1L1Qzu2StDtC0CyDzyyEzytCtGyByD0E0CtGyE0Fzy0DtG0AyB0FzztGzytDtD0C0B0FtD0Dzz0DyD0A2QtN0A0LzuyE&cr=1489563797&ir=] =>PUP.Optional.Browser
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\PCSpeedUp [C:\Program Files (x86)\Accelerer PC\PCSUNotifier.exe (Not File)] =>.Superfluous.PCSpeedUp
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Prt [C:\Users\nonox88\AppData\Local\TECHP-Browser\prtsvc.exe startup=1 (Not File)] =>PUP.Optional.BrowserAir
SUPPRIMÉ clé*: HKEY_USERS\S-1-5-21-3479429645-407056864-3191445915-1000\SOFTWARE\ImInstaller [] =>Toolbar.IncrediMail
SUPPRIMÉ clé*: HKEY_USERS\S-1-5-21-3479429645-407056864-3191445915-1000\SOFTWARE\ParetoLogic [] =>.Superfluous.Paretologic
SUPPRIMÉ clé*: HKEY_USERS\S-1-5-21-3479429645-407056864-3191445915-1000\SOFTWARE\Tencent [] =>.Superfluous.Tencent
SUPPRIMÉ clé*: HKEY_USERS\.DEFAULT\Software\Tencent [] =>.Superfluous.Tencent
SUPPRIMÉ clé: HKCU\Software\ImInstaller [] =>Toolbar.IncrediMail
SUPPRIMÉ clé: HKCU\Software\ParetoLogic [] =>.Superfluous.Paretologic
SUPPRIMÉ clé: HKCU\Software\Tencent [] =>.Superfluous.Tencent
SUPPRIMÉ clé*: HKCU\Software\AppDataLow\Software\adawarebp [] =>PUP.Optional.ToolbarCleaner
SUPPRIMÉ clé*: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\buy.paretologic.com [] =>.Superfluous.Paretologic
SUPPRIMÉ clé*: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\paretologic.com [] =>.Superfluous.Paretologic
SUPPRIMÉ clé*: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\buy.paretologic.com [] =>.Superfluous.Paretologic
SUPPRIMÉ clé*: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\paretologic.com [] =>.Superfluous.Paretologic
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1B5D5DBD-C857-4377-A755-06E50B4AC2B0} [C:\Program Files (x86)\Common Files\Tencent\QQPhoneManager\2.0.201.3192 (Not File)] =>.Superfluous.Tencent
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{639B74F1-0594-432C-97C8-68C8C17A1E1D} [C:\Program Files (x86)\Tencent\QQPCMgr\11.3.17201.218\Plugins\QQPCB1AndroidJmp (Not File)] =>.Superfluous.Tencent
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Tinstalls [] =>PUP.Optional.DesktopPlay
SUPPRIMÉ clé*: HKCU\Software\TeleCharger [] =>.Superfluous.Downloader
SUPPRIMÉ clé*: HKCU\Software\undefined [] =>.Superfluous.Downloader
SUPPRIMÉ clé*: HKCU\Software\ProductSetup [] =>Adware.InstallCore
SUPPRIMÉ clé*: HKLM\SOFTWARE\Wow6432Node\QuickSearch [] =>PUP.Optional.FastSearch
SUPPRIMÉ clé: HKLM\SOFTWARE\QuickSearch [] =>PUP.Optional.FastSearch
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\f [f] =>PUP.Optional.Funmoods
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Selection Tools ["C:\Users\nonox88\AppData\Roaming\WTools\Selection Tools\Selection Tools.exe" /winstartup (Not File)] =>.Superfluous.Nosibay
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\TheBrowser [] =>PUP.Optional.TheBrowser
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KMSpico_is1 [KMSpico v9.2.3] =>HackTool.KMSpico
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\ImInstaller [] =>Toolbar.IncrediMail
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\ParetoLogic [] =>.Superfluous.Paretologic
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Tencent [] =>.Superfluous.Tencent
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Tutorials [] =>PUP.Optional.AgenceExclusive
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\zdengine [] =>PUP.Optional.FastSearch
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} [Google Inc.] =>Heuristic.Suspect
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\5da059a482fd494db3f252126fbc3d5b [] =>Hijacker.Browser
SUPPRIMÉ valeur: HKLM64\SOFTWARE\Wow6432Node\Mozilla\Firefox\Extensions\\{9746ad1f-7f2a-4bc8-a61c-2f73d969472d} [C:\Program Files (x86)\Mozilla Firefox\distribution\bundles\{9746ad1f-7f2a-4bc8-a61c-2f73d969472d}] =>Hijacker.Browser
SUPPRIMÉ valeur: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\mbot_fr_014010259 [] =>PUP.Optional.CrossRider
SUPPRIMÉ valeur: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\{8244FC8D-5217-4DC1-8732-F83FDD726DC2} [C:\program files (x86)\common files\tencent\qqdownload\130\bugreport_xf.exe] =>.Superfluous.Tencent
SUPPRIMÉ valeur: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\{B226CE7F-D0FF-4555-90AA-3B9DFBF3B6CE} [C:\program files (x86)\common files\tencent\qqdownload\130\tencentdl.exe] =>.Superfluous.Tencent
SUPPRIMÉ valeur: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\{DF4F600C-8231-4AC8-BFB7-C633B45A1CDA} [C:\Program Files\KMSpico\AutoPico.exe] =>HackTool.KMSpico
SUPPRIMÉ valeur: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\{7AEF6092-A842-4FA5-B05C-7CC364229138} [C:\Program Files\KMSpico\AutoPico.exe] =>HackTool.KMSpico
SUPPRIMÉ valeur: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\{ECD15934-E67B-4EA0-AF67-19E6038B3E99} [C:\Program Files\KMSpico\AutoPico.exe] =>HackTool.KMSpico
SUPPRIMÉ valeur: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\{ED947B52-81DD-40BC-85FA-885C9B71D4A3} [C:\Program Files\KMSpico\AutoPico.exe] =>HackTool.KMSpico
SUPPRIMÉ valeur: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\{6F0CE4B4-E5A1-4B06-B781-B627B5C93A3F} [C:\Program Files\KMSpico\KMSELDI.exe] =>HackTool.KMSpico
SUPPRIMÉ valeur: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\{6BE4073E-EF2A-48ED-A4AB-3802BACAF062} [C:\Program Files\KMSpico\KMSELDI.exe] =>HackTool.KMSpico
---\\ Récapitulatif des éléments trouvés sur votre station. (27)
https://www.nicolascoolman.fr/?p=347 =>Adware.BrowseFox
https://www.anti-malware.top/2016/05/02/superfluous-ironsourceltd/ =>.Superfluous.IronSourceLtd
https://www.nicolascoolman.fr/?p=989 =>HackTool.KMSpico
https://www.nicolascoolman.fr/?p=546 =>PUP.Optional.Browser
https://www.nicolascoolman.fr/?p=5145 =>.Superfluous.Paretologic
https://www.nicolascoolman.fr/?p=4664 =>PUP.Optional.RunDregol
https://www.anti-malware.top/2016/05/03/superfluous-nosibay/ =>.Superfluous.Nosibay
https://www.nicolascoolman.fr/?p=210 =>.Superfluous.Conduit
https://www.anti-malware.top/2016/05/04/hacktool-autokms/ =>HackTool.AutoKMS
https://www.anti-malware.top/2016/04/30/pup-optional-crossrider/ =>PUP.Optional.CrossRider
https://www.nicolascoolman.fr/?p=368 =>.Superfluous.Tencent
https://www.anti-malware.top/2016/05/03/superfluous-csdi/ =>.Superfluous.CSDI
https://www.nicolascoolman.fr/?p=5145 =>.Superfluous.CrashReports
https://www.anti-malware.top/2016/07/05/pup-optional-fastsearch/ =>PUP.Optional.FastSearch
https://www.nicolascoolman.fr/?p=5145 =>.Superfluous.TXQMPC
https://www.nicolascoolman.fr/?p=1255 =>.Superfluous.PCSpeedUp
https://www.nicolascoolman.fr/pup-optional-browserair/ =>PUP.Optional.BrowserAir
https://www.nicolascoolman.fr/?p=5143 =>Toolbar.IncrediMail
https://www.nicolascoolman.fr/?p=712 =>PUP.Optional.ToolbarCleaner
https://www.nicolascoolman.fr/?p=4664 =>PUP.Optional.DesktopPlay
https://www.nicolascoolman.fr/?p=5145 =>.Superfluous.Downloader
https://www.anti-malware.top/2016/04/22/adware-installcore/ =>Adware.InstallCore
https://www.nicolascoolman.fr/?p=362 =>PUP.Optional.Funmoods
https://www.nicolascoolman.fr/?p=4664 =>PUP.Optional.TheBrowser
https://www.nicolascoolman.fr/?p=122 =>PUP.Optional.AgenceExclusive
https://www.anti-malware.top/2016/04/22/heuristic-suspect/ =>Heuristic.Suspect
https://www.nicolascoolman.fr/hijacker-browser/ =>Hijacker.Browser
---\\ Nettoyage Additionnel. (16)
~ Suppression des Clés de registre Tracing. (16)
~ Suppression des anciens rapports ZHPCleaner. (0)
---\\ Bilan de la réparation
~ Réparation réalisée avec succès.
~ Ce navigateur est absent (Opera Software)
~ Le système a été redémarré.
---\\ Statistiques
~ Items scannés : 1327
~ Items trouvés : 0
~ Items annulés : 0
~ Items réparés : 86
~ End of clean in 00h01mn28s
~====================
ZHPCleaner-[R]-31072016-12_59_06.txt
ZHPCleaner-[S]-31072016-12_51_18.txt