Publicité
Publicité
Format du document : text/plain
Prévisualisation
~ ZHPCleaner v2017.9.30.171 by Nicolas Coolman (2017/09/30)
~ Run by Admin (Administrator) (01/10/2017 19:22:00)
~ Web: https://www.nicolascoolman.com
~ Blog: https://nicolascoolman.eu/
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Version KO
~ Certificate ZHPCleaner: Legal
~ Type : Nettoyer
~ Report : C:\Users\Admin\Desktop\ZHPCleaner.txt
~ Quarantine : C:\Users\Admin\AppData\Roaming\ZHP\ZHPCleaner_Reg.txt
~ UAC : Deactivate
~ Boot Mode : Normal (Normal boot)
Windows 7 Professional, 32-bit Service Pack 1 (Build 7601)
---\\ Service. (1)
ARRETÉ : KingoSoftService =>PUP.Optional.Youndoo
---\\ Navigateur internet. (7)
SUPPRIMÉ donnée: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\\AutoConfigUrl [Bad : http://accesswebunlimited.com/wpad.dat?5179d7b6877695c8a7bbfd1afbcc570235930826] =>Hijacker.Proxy
REMPLACÉ Quicklaunch: C:\Users\Admin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Internet Explorer.LNK [Bad : http://qtipr.com/](.Microsoft Corporation.) =>Hijacker.Browser
REMPLACÉ Quicklaunch: C:\Users\Admin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk [Bad : http://qtipr.com/](.Microsoft Corporation.) =>Hijacker.Browser
REMPLACÉ Quicklaunch: C:\Users\Admin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.LNK [Bad : http://qtipr.com/](.Mozilla Corporation.) =>Hijacker.Browser
REMPLACÉ TaskBar: C:\Users\Admin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\ff42i15r14e33f26o83x.lnk [Bad : http://qtipr.com/](.Mozilla Corporation.) =>Hijacker.Browser
REMPLACÉ TaskBar: C:\Users\Admin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk [Bad : http://qtipr.com/](.Microsoft Corporation.) =>Hijacker.Browser
REMPLACÉ Startup\Programs: C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk [Bad : http://qtipr.com/](.Microsoft Corporation.) =>Hijacker.Browser
---\\ Fichier hôte. (1)
~ Le fichier hôte est légitime. (1)
---\\ Tâche planifiée. (1)
SUPPRIMÉ tâche: [{6F8D9A46-F6BD-4C0D-B87E-D86A922458E2}] [C:\Program Files\SupTab\uninstall.exe (Not File) ] =>PUP.Optional.SupTab
---\\ Explorateur ( Dossiers, Fichiers ). (5)
DEPLACÉ fichier: C:\Users\Admin\AppData\Local\Kingosoft\Kingo Root\update_54326\bin\KingoSoftService.exe =>PUP.Optional.Youndoo
DEPLACÉ dossier: C:\Users\Admin\AppData\Local\UmmyVideoDownloader =>Adware¨Pirrit
DEPLACÉ dossier: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UmmyVideoDownloader =>Adware¨Pirrit
DEPLACÉ dossier: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverToolkit =>.SUP.DriverToolkit
DEPLACÉ dossier: C:\Users\Admin\AppData\Local\Google\Update =>Heuristic.Suspect
---\\ Base de Registres ( Clés, Valeurs, Données ). (9)
SUPPRIMÉ donnée: HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{56040EFA-2BB7-4A47-87A3-5EF383572D3D}\\NameServer [Bad : 81.192.21.81 81.192.21.80] =>Hijacker.Browser
SUPPRIMÉ donnée: HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{C870624F-7FE4-4046-9D17-BAD8AB986E44}\\NameServer [Bad : 81.192.21.80 81.192.21.81] =>Hijacker.Browser
SUPPRIMÉ clé*: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{E028DBDA-EEE7-48A0-ADF7-D250589A02C5}_is1 [UmmyVideoDownloader] =>Adware¨Pirrit
SUPPRIMÉ clé*: HKLM\SYSTEM\CurrentControlSet\Services\KingoSoftService [C:\Users\Admin\AppData\Local\Kingosoft\Kingo Root\update_54326\bin\KingoSoftService.exe (Not File)] =>PUP.Optional.Youndoo
SUPPRIMÉ clé*: HKEY_USERS\S-1-5-21-1076428414-641238508-383798790-1000\SOFTWARE\DriverToolkit [] =>.SUP.DriverToolkit
SUPPRIMÉ clé*: HKEY_USERS\S-1-5-21-1076428414-641238508-383798790-1000\SOFTWARE\Magicbit [] =>.SUP.Magicbit
SUPPRIMÉ clé: HKCU\Software\DriverToolkit [] =>.SUP.DriverToolkit
SUPPRIMÉ clé: HKCU\Software\Magicbit [] =>.SUP.Magicbit
SUPPRIMÉ clé*: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{D66BF89F-B0A2-48F5-A2E4-242EB645AB76}_is1 [Megaify Software] =>.SUP.Megaify
---\\ Récapitulatif des éléments trouvés sur votre station. (9)
https://nicolascoolman.eu/2017/03/11/superfluous-youndoo/ =>PUP.Optional.Youndoo
https://nicolascoolman.eu/2017/04/03/hijacker-proxy/ =>Hijacker.Proxy
https://nicolascoolman.eu/2017/02/02/hijacker-browser-2/ =>Hijacker.Browser
https://www.nicolascoolman.com/fr/pup-suptab/ =>PUP.Optional.SupTab
https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>Adware¨Pirrit
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.SUP.DriverToolkit
https://nicolascoolman.eu/2017/01/28/heuristic-suspect/ =>Heuristic.Suspect
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.SUP.Magicbit
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.SUP.Megaify
---\\ Nettoyage Additionnel. (27)
~ Suppression des Clés de registre Tracing. (27)
~ Suppression des anciens rapports ZHPCleaner. (0)
---\\ Bilan de la réparation
~ Réparation réalisée avec succès.
---\\ Statistiques
~ Items scannés : 2702
~ Items trouvés : 0
~ Items annulés : 0
~ Items réparés : 23
~ End of clean in 00h00mn39s
~====================
ZHPCleaner-[R]-01102017-19_22_39.txt
ZHPCleaner-[R]-13022017-18_52_17.txt
ZHPCleaner-[S]-01102017-19_19_15.txt
ZHPCleaner-[S]-13022017-18_48_08.txt
~ Run by Admin (Administrator) (01/10/2017 19:22:00)
~ Web: https://www.nicolascoolman.com
~ Blog: https://nicolascoolman.eu/
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Version KO
~ Certificate ZHPCleaner: Legal
~ Type : Nettoyer
~ Report : C:\Users\Admin\Desktop\ZHPCleaner.txt
~ Quarantine : C:\Users\Admin\AppData\Roaming\ZHP\ZHPCleaner_Reg.txt
~ UAC : Deactivate
~ Boot Mode : Normal (Normal boot)
Windows 7 Professional, 32-bit Service Pack 1 (Build 7601)
---\\ Service. (1)
ARRETÉ : KingoSoftService =>PUP.Optional.Youndoo
---\\ Navigateur internet. (7)
SUPPRIMÉ donnée: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\\AutoConfigUrl [Bad : http://accesswebunlimited.com/wpad.dat?5179d7b6877695c8a7bbfd1afbcc570235930826] =>Hijacker.Proxy
REMPLACÉ Quicklaunch: C:\Users\Admin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Internet Explorer.LNK [Bad : http://qtipr.com/](.Microsoft Corporation.) =>Hijacker.Browser
REMPLACÉ Quicklaunch: C:\Users\Admin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk [Bad : http://qtipr.com/](.Microsoft Corporation.) =>Hijacker.Browser
REMPLACÉ Quicklaunch: C:\Users\Admin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.LNK [Bad : http://qtipr.com/](.Mozilla Corporation.) =>Hijacker.Browser
REMPLACÉ TaskBar: C:\Users\Admin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\ff42i15r14e33f26o83x.lnk [Bad : http://qtipr.com/](.Mozilla Corporation.) =>Hijacker.Browser
REMPLACÉ TaskBar: C:\Users\Admin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk [Bad : http://qtipr.com/](.Microsoft Corporation.) =>Hijacker.Browser
REMPLACÉ Startup\Programs: C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk [Bad : http://qtipr.com/](.Microsoft Corporation.) =>Hijacker.Browser
---\\ Fichier hôte. (1)
~ Le fichier hôte est légitime. (1)
---\\ Tâche planifiée. (1)
SUPPRIMÉ tâche: [{6F8D9A46-F6BD-4C0D-B87E-D86A922458E2}] [C:\Program Files\SupTab\uninstall.exe (Not File) ] =>PUP.Optional.SupTab
---\\ Explorateur ( Dossiers, Fichiers ). (5)
DEPLACÉ fichier: C:\Users\Admin\AppData\Local\Kingosoft\Kingo Root\update_54326\bin\KingoSoftService.exe =>PUP.Optional.Youndoo
DEPLACÉ dossier: C:\Users\Admin\AppData\Local\UmmyVideoDownloader =>Adware¨Pirrit
DEPLACÉ dossier: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UmmyVideoDownloader =>Adware¨Pirrit
DEPLACÉ dossier: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverToolkit =>.SUP.DriverToolkit
DEPLACÉ dossier: C:\Users\Admin\AppData\Local\Google\Update =>Heuristic.Suspect
---\\ Base de Registres ( Clés, Valeurs, Données ). (9)
SUPPRIMÉ donnée: HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{56040EFA-2BB7-4A47-87A3-5EF383572D3D}\\NameServer [Bad : 81.192.21.81 81.192.21.80] =>Hijacker.Browser
SUPPRIMÉ donnée: HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{C870624F-7FE4-4046-9D17-BAD8AB986E44}\\NameServer [Bad : 81.192.21.80 81.192.21.81] =>Hijacker.Browser
SUPPRIMÉ clé*: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{E028DBDA-EEE7-48A0-ADF7-D250589A02C5}_is1 [UmmyVideoDownloader] =>Adware¨Pirrit
SUPPRIMÉ clé*: HKLM\SYSTEM\CurrentControlSet\Services\KingoSoftService [C:\Users\Admin\AppData\Local\Kingosoft\Kingo Root\update_54326\bin\KingoSoftService.exe (Not File)] =>PUP.Optional.Youndoo
SUPPRIMÉ clé*: HKEY_USERS\S-1-5-21-1076428414-641238508-383798790-1000\SOFTWARE\DriverToolkit [] =>.SUP.DriverToolkit
SUPPRIMÉ clé*: HKEY_USERS\S-1-5-21-1076428414-641238508-383798790-1000\SOFTWARE\Magicbit [] =>.SUP.Magicbit
SUPPRIMÉ clé: HKCU\Software\DriverToolkit [] =>.SUP.DriverToolkit
SUPPRIMÉ clé: HKCU\Software\Magicbit [] =>.SUP.Magicbit
SUPPRIMÉ clé*: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{D66BF89F-B0A2-48F5-A2E4-242EB645AB76}_is1 [Megaify Software] =>.SUP.Megaify
---\\ Récapitulatif des éléments trouvés sur votre station. (9)
https://nicolascoolman.eu/2017/03/11/superfluous-youndoo/ =>PUP.Optional.Youndoo
https://nicolascoolman.eu/2017/04/03/hijacker-proxy/ =>Hijacker.Proxy
https://nicolascoolman.eu/2017/02/02/hijacker-browser-2/ =>Hijacker.Browser
https://www.nicolascoolman.com/fr/pup-suptab/ =>PUP.Optional.SupTab
https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>Adware¨Pirrit
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.SUP.DriverToolkit
https://nicolascoolman.eu/2017/01/28/heuristic-suspect/ =>Heuristic.Suspect
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.SUP.Magicbit
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.SUP.Megaify
---\\ Nettoyage Additionnel. (27)
~ Suppression des Clés de registre Tracing. (27)
~ Suppression des anciens rapports ZHPCleaner. (0)
---\\ Bilan de la réparation
~ Réparation réalisée avec succès.
---\\ Statistiques
~ Items scannés : 2702
~ Items trouvés : 0
~ Items annulés : 0
~ Items réparés : 23
~ End of clean in 00h00mn39s
~====================
ZHPCleaner-[R]-01102017-19_22_39.txt
ZHPCleaner-[R]-13022017-18_52_17.txt
ZHPCleaner-[S]-01102017-19_19_15.txt
ZHPCleaner-[S]-13022017-18_48_08.txt