cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

~ ZHPCleaner v2017.8.15.140 by Nicolas Coolman (2017/08/15)
~ Run by FredSteph (Administrator) (21/08/2017 21:51:12)
~ Web: https://www.nicolascoolman.com
~ Blog: https://nicolascoolman.eu/
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Version OK
~ Certificate ZHPCleaner: Illegal
~ Type : Nettoyer
~ Report : C:\Users\FredSteph\Desktop\ZHPCleaner.txt
~ Quarantine : C:\Users\FredSteph\AppData\Roaming\ZHP\ZHPCleaner_Reg.txt
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
Windows VISTA, 64-bit Service Pack 2 (Build 6002)


---\\ Service. (0)
~ Aucun élément malicieux ou superflu trouvé.


---\\ Navigateur internet. (0)
~ Aucun élément malicieux ou superflu trouvé.


---\\ Fichier hôte. (1)
~ Le fichier hôte est légitime. (20)


---\\ Tâche planifiée. (0)
~ Aucun élément malicieux ou superflu trouvé.


---\\ Explorateur ( Dossiers, Fichiers ). (8)
DEPLACÉ fichier: C:\end =>.SUP.Conduit
DEPLACÉ fichier: C:\ProgramData\KMSAutoS\KMSAuto Net.exe [MSFree Inc. - KMSAuto Net] =>HackTool.WinActivator
DEPLACÉ fichier: C:\ProgramData\KMSAutoS\bin\KMSSS.exe [MDL Forum, mod by Ratiborus - KMS Server Emulator Service (XP)] =>HackTool.AutoKMS
DEPLACÉ dossier*: C:\ProgramData\Babylon =>Adware.Babylon
DEPLACÉ dossier*: C:\ProgramData\KMSAutoS =>HackTool.WinActivator
DEPLACÉ dossier*: C:\Users\FredSteph\AppData\Roaming\Babylon =>Adware.Babylon
DEPLACÉ dossier*: C:\Users\FredSteph\AppData\Local\Babylon =>Adware.Babylon
DEPLACÉ dossier*: C:\Users\FredSteph\AppData\Local\MSfree Inc =>HackTool.WinActivator


---\\ Base de Registres ( Clés, Valeurs, Données ). (40)
SUPPRIMÉ clé: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EE650CD7-04CB-4EA6-BE23-ED97383A8AC9} [https://fr.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_fs_16_30¶m1[...]] [Yahoo! Powered] =>Adware.YahooPowered
SUPPRIMÉ clé: [X64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EE650CD7-04CB-4EA6-BE23-ED97383A8AC9} [https://fr.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_fs_16_30¶m1[...]] [Yahoo! Powered] =>Adware.YahooPowered
SUPPRIMÉ clé: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EE650CD7-04CB-4EA6-BE23-ED97383A8AC9} [https://fr.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_fs_16_30¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dfr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzutDtDtBtBtCyDzy0C0DtByE0CtDtA0B0EtN0D0Tzu0StCyCyCzztN1L2XzutAtFtByEtFyCtFtDtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2SyEtA0DtA0F0F0CzytGtByC0ByDtGyE0A0AtDtGyE0C0B0AtGyC0DzytDtCzz0A0FtBzy0DyB2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0E0AtAyCzy0E0FtAtG0DtB0C0FtGyEzztBtBtG0B0FzyzytG0E0BzytD0DyB0DzyyBzy0FtA2QtN0A0LzuyEtN1B2Z1V1T1S1NzutBtBzzzz%26cr%3D1761363095%26a%3Dwbf_fs_16_30%26os_ver%3D6%26os%3DWindows%2B(TM)%2BVista%2BHome%2BPremium&p={searchTerms}] =>Adware.YahooPowered
SUPPRIMÉ clé: [X64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EE650CD7-04CB-4EA6-BE23-ED97383A8AC9} [https://fr.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_fs_16_30¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dfr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzutDtDtBtBtCyDzy0C0DtByE0CtDtA0B0EtN0D0Tzu0StCyCyCzztN1L2XzutAtFtByEtFyCtFtDtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2SyEtA0DtA0F0F0CzytGtByC0ByDtGyE0A0AtDtGyE0C0B0AtGyC0DzytDtCzz0A0FtBzy0DyB2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0E0AtAyCzy0E0FtAtG0DtB0C0FtGyEzztBtBtG0B0FzyzytG0E0BzytD0DyB0DzyyBzy0FtA2QtN0A0LzuyEtN1B2Z1V1T1S1NzutBtBzzzz%26cr%3D1761363095%26a%3Dwbf_fs_16_30%26os_ver%3D6%26os%3DWindows%2B(TM)%2BVista%2BHome%2BPremium&p={searchTerms}] =>Adware.YahooPowered
SUPPRIMÉ clé: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{EE650CD7-04CB-4EA6-BE23-ED97383A8AC9} [https://fr.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_fs_16_30¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dfr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzutDtDtBtBtCyDzy0C0DtByE0CtDtA0B0EtN0D0Tzu0StCyCyCzztN1L2XzutAtFtByEtFyCtFtDtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2SyEtA0DtA0F0F0CzytGtByC0ByDtGyE0A0AtDtGyE0C0B0AtGyC0DzytDtCzz0A0FtBzy0DyB2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0E0AtAyCzy0E0FtAtG0DtB0C0FtGyEzztBtBtG0B0FzyzytG0E0BzytD0DyB0DzyyBzy0FtA2QtN0A0LzuyEtN1B2Z1V1T1S1NzutBtBzzzz%26cr%3D1761363095%26a%3Dwbf_fs_16_30%26os_ver%3D6%26os%3DWindows%2B(TM)%2BVista%2BHome%2BPremium&p={searchTerms}] =>Adware.YahooPowered
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\SystemCertificates\Disallowed\Certificates\1916A2AF346D399F50313C393200F14140456616 [Avast Software] =>PUM.Misplaced.Certificate
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\SystemCertificates\Disallowed\Certificates\2A83E9020591A55FC6DDAD3FB102794C52B24E70 [Avast Software] =>PUM.Misplaced.Certificate
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\SystemCertificates\Disallowed\Certificates\2B84BFBB34EE2EF949FE1CBE30AA026416EB2216 [Avast Software] =>PUM.Misplaced.Certificate
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\SystemCertificates\Disallowed\Certificates\305F8BD17AA2CBC483A4C41B19A39A0C75DA39D6 [Avast Software] =>PUM.Misplaced.Certificate
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\SystemCertificates\Disallowed\Certificates\367D4B3B4FCBBC0B767B2EC0CDB2A36EAB71A4EB [Avast Software] =>PUM.Misplaced.Certificate
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\SystemCertificates\Disallowed\Certificates\3A850044D8A195CD401A680C012CB0A3B5F8DC08 [Avast Software] =>PUM.Misplaced.Certificate
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\SystemCertificates\Disallowed\Certificates\40AA38731BD189F9CDB5B9DC35E2136F38777AF4 [Avast Software] =>PUM.Misplaced.Certificate
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\SystemCertificates\Disallowed\Certificates\43D9BCB568E039D073A74A71D8511F7476089CC3 [Avast Software] =>PUM.Misplaced.Certificate
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\SystemCertificates\Disallowed\Certificates\471C949A8143DB5AD5CDF1C972864A2504FA23C9 [Avast Software] =>PUM.Misplaced.Certificate
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\SystemCertificates\Disallowed\Certificates\51C3247D60F356C7CA3BAF4C3F429DAC93EE7B74 [Avast Software] =>PUM.Misplaced.Certificate
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\SystemCertificates\Disallowed\Certificates\5DE83EE82AC5090AEA9D6AC4E7A6E213F946E179 [Avast Software] =>PUM.Misplaced.Certificate
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\SystemCertificates\Disallowed\Certificates\61793FCBFA4F9008309BBA5FF12D2CB29CD4151A [Avast Software] =>PUM.Misplaced.Certificate
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\SystemCertificates\Disallowed\Certificates\637162CC59A3A1E25956FA5FA8F60D2E1C52EAC6 [Avast Software] =>PUM.Misplaced.Certificate
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\SystemCertificates\Disallowed\Certificates\63FEAE960BAA91E343CE2BD8B71798C76BDB77D0 [Avast Software] =>PUM.Misplaced.Certificate
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\SystemCertificates\Disallowed\Certificates\6431723036FD26DEA502792FA595922493030F97 [Avast Software] =>PUM.Misplaced.Certificate
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\SystemCertificates\Disallowed\Certificates\7D7F4414CCEF168ADF6BF40753B5BECD78375931 [Avast Software] =>PUM.Misplaced.Certificate
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\SystemCertificates\Disallowed\Certificates\80962AE4D6C5B442894E95A13E4A699E07D694CF [Avast Software] =>PUM.Misplaced.Certificate
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\SystemCertificates\Disallowed\Certificates\86E817C81A5CA672FE000F36F878C19518D6F844 [Avast Software] =>PUM.Misplaced.Certificate
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\SystemCertificates\Disallowed\Certificates\8E5BD50D6AE686D65252F843A9D4B96D197730AB [Avast Software] =>PUM.Misplaced.Certificate
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\SystemCertificates\Disallowed\Certificates\9845A431D51959CAF225322B4A4FE9F223CE6D15 [Avast Software] =>PUM.Misplaced.Certificate
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\SystemCertificates\Disallowed\Certificates\B533345D06F64516403C00DA03187D3BFEF59156 [Avast Software] =>PUM.Misplaced.Certificate
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\SystemCertificates\Disallowed\Certificates\B86E791620F759F17B8D25E38CA8BE32E7D5EAC2 [Avast Software] =>PUM.Misplaced.Certificate
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\SystemCertificates\Disallowed\Certificates\C060ED44CBD881BD0EF86C0BA287DDCF8167478C [Avast Software] =>PUM.Misplaced.Certificate
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\SystemCertificates\Disallowed\Certificates\CEA586B2CE593EC7D939898337C57814708AB2BE [Avast Software] =>PUM.Misplaced.Certificate
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\SystemCertificates\Disallowed\Certificates\D018B62DC518907247DF50925BB09ACF4A5CB3AD [Avast Software] =>PUM.Misplaced.Certificate
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\SystemCertificates\Disallowed\Certificates\F8A54E03AADC5692B850496A4C4630FFEAA29D83 [Avast Software] =>PUM.Misplaced.Certificate
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\SystemCertificates\Disallowed\Certificates\FA6660A94AB45F6A88C0D7874D89A863D74DEE97 [Avast Software] =>PUM.Misplaced.Certificate
SUPPRIMÉ clé*: HKEY_USERS\S-1-5-21-1274196163-758811161-2793526061-1000\SOFTWARE\DC3_FEXEC [] =>Trojan.Fynloski
SUPPRIMÉ clé: HKCU\Software\DC3_FEXEC [] =>Trojan.Fynloski
SUPPRIMÉ clé*: HKCU\Software\csastats [] =>Adware.InstallCore
SUPPRIMÉ clé*: HKCU\Software\ProductSetup [] =>Adware.InstallCore
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\Prod.cap [] =>PUP.Optional.ClaroSearch
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\S [] =>Toolbar.Agent
SUPPRIMÉ clé: [X64] HKLM\SOFTWARE\Wow6432Node\Classes\Prod.cap [] =>PUP.Optional.ClaroSearch
SUPPRIMÉ clé: [X64] HKLM\SOFTWARE\Wow6432Node\Classes\S [] =>Toolbar.Agent


---\\ Récapitulatif des éléments trouvés sur votre station. (10)
https://nicolascoolman.eu/2017/02/06/superfluous-conduit/ =>.SUP.Conduit
https://nicolascoolman.eu/2017/01/13/hacktool-winactivator/ =>HackTool.WinActivator
https://nicolascoolman.eu/2017/02/02/hacktool-autokms/ =>HackTool.AutoKMS
https://nicolascoolman.eu/2017/03/03/adware-babylon/ =>Adware.Babylon
https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>Adware.YahooPowered
https://nicolascoolman.eu/2017/06/26/trojan-certlock/ =>PUM.Misplaced.Certificate
https://www.nicolascoolman.com/fr/trojan-fynloski/ =>Trojan.Fynloski
https://nicolascoolman.eu/2017/03/12/adware-installcore-2/ =>Adware.InstallCore
https://www.nicolascoolman.com/fr/pup-clarosearch/ =>PUP.Optional.ClaroSearch
https://www.nicolascoolman.com/fr/?p=5143 =>Toolbar.Agent


---\\ Nettoyage Additionnel. (13)
~ Suppression des Clés de registre Tracing. (13)
~ Suppression des anciens rapports ZHPCleaner. (0)


---\\ Bilan de la réparation
~ Réparation réalisée avec succès.


---\\ Statistiques
~ Items scannés : 614
~ Items trouvés : 0
~ Items annulés : 0
~ Items réparés : 48


~ End of clean in 00h03mn49s
~====================
ZHPCleaner-[R]-21082017-21_55_01.txt
ZHPCleaner-[S]-21082017-21_48_29.txt

Publicité


Signaler le contenu de ce document

Publicité