Publicité
Publicité
Format du document : text/plain
Prévisualisation
~ ZHPCleaner v2017.12.24.220 by Nicolas Coolman (2017/12/24)
~ Run by BOB (Administrator) (29/12/2017 10:47:28)
~ Web: https://www.nicolascoolman.com
~ Blog: https://nicolascoolman.eu/
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Version OK
~ Certificate ZHPCleaner: Legal
~ Type : Nettoyer
~ Report : C:\Users\BOB\Desktop\ZHPCleaner.txt
~ Quarantine : C:\Users\BOB\AppData\Roaming\ZHP\ZHPCleaner_Reg.txt
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
Windows 7 Professional, 64-bit Service Pack 1 (Build 7601)
---\\ Service. (1)
ARRETÉ : iSafeService =>.SUP.Elex
---\\ Navigateur internet. (12)
REMPLACÉ IE Params: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Search_URL [http://www.ourluckysites.com/search/?type=ds&ts=1492430446&z=e34f2e6c1e62c467184[...]] =>Hijacker.OurLuckySites
REMPLACÉ IE Params: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Page [http://www.ourluckysites.com/search/?type=ds&ts=1492430446&z=e34f2e6c1e62c467184[...]] =>Hijacker.OurLuckySites
REMPLACÉ IE Params: HKLM64\SOFTWARE\Microsoft\Internet Explorer\MAIN\\Default_Search_URL [http://www.ourluckysites.com/search/?type=ds&ts=1491066169&z=99ca5e12382cfc7c62e[...]] =>Hijacker.OurLuckySites
REMPLACÉ IE Params: HKLM64\SOFTWARE\Microsoft\Internet Explorer\MAIN\\Search Page [http://www.ourluckysites.com/search/?type=ds&ts=1491066169&z=99ca5e12382cfc7c62e[...]] =>Hijacker.OurLuckySites
REMPLACÉ IE Params: HKLM64\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\\Default_Search_URL [http://www.ourluckysites.com/search/?type=ds&ts=1491066169&z=99ca5e12382cfc7c62e[...]] =>Hijacker.OurLuckySites
REMPLACÉ IE Params: HKLM64\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\\Search Page [http://www.ourluckysites.com/search/?type=ds&ts=1491066169&z=99ca5e12382cfc7c62e[...]] =>Hijacker.OurLuckySites
SUPPRIMÉ donnée: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyOverride [Bad : <-loopback>] =>Hijacker.Proxy
SUPPRIMÉ donnée: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\\AutoConfigUrl [Bad : http://unstopaccess.com/wpad.dat?4c98e128a83ec8cb9460a3312aacce5730043026] =>Hijacker.Proxy
SUPPRIMÉ donnée: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer [Bad : http=127.0.0.1:8808;https=127.0.0.1:8808] =>Hijacker.Proxy
SUPPRIMÉ donnée: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable [Bad : 1] =>Hijacker.Proxy
SUPPRIMÉ donnée: HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings [Bad : Port=8808 <-Loopback>] =>Hijacker.Proxy
SUPPRIMÉ donnée: HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings [Bad : Port=8808 <-Loopback>] =>Hijacker.Proxy
---\\ Fichier hôte. (1)
~ Le fichier hôte est légitime. (1)
---\\ Tâche planifiée. (1)
SUPPRIMÉ tâche: [Yahoo! Powered fitof] [C:\ProgramData\{8AFE4F9D-00BC-C55B-867A-5B191C38D0D7}\mide.txt (Not File) ] =>Adware.YahooPowered
---\\ Explorateur ( Dossiers, Fichiers ). (53)
DEPLACÉ fichier*: C:\Users\BOB\AppData\Roaming\Mozilla\Firefox\Profiles\yJ3k3GIn.default\Extensions\cacaoweb@cacaoweb.org\chrome =>.SUP.CacaoWeb
DEPLACÉ fichier: C:\Users\BOB\AppData\Roaming\Mozilla\Firefox\Profiles\yJ3k3GIn.default\Extensions\cacaoweb@cacaoweb.org\chrome.manifest =>.SUP.CacaoWeb
DEPLACÉ fichier*: C:\Users\BOB\AppData\Roaming\Mozilla\Firefox\Profiles\yJ3k3GIn.default\Extensions\cacaoweb@cacaoweb.org\defaults =>.SUP.CacaoWeb
DEPLACÉ fichier: C:\Users\BOB\AppData\Roaming\Mozilla\Firefox\Profiles\yJ3k3GIn.default\Extensions\cacaoweb@cacaoweb.org\install.rdf =>.SUP.CacaoWeb
DEPLACÉ fichier: C:\Users\BOB\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_elmkjjfkkchohaaoljobaffjeedcoocj_0.localstorage =>.SUP.BrowserExtension
DEPLACÉ fichier: C:\Users\BOB\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_pilplloabdedfmialnfchjomjmpjcoej_0.localstorage =>.SUP.SearchManager
DEPLACÉ fichier: C:\Users\BOB\AppData\Roaming\Besefe.exe =>Adware.Pirrit
DEPLACÉ fichier: C:\Users\BOB\AppData\Roaming\Girofu.exe =>Adware.Pirrit
DEPLACÉ fichier: C:\Users\BOB\AppData\Roaming\Google Chrome Updater.exe [Ijhdh sdfsdfg dfsgsdf sdfg asdfasdf sdfgasd8fyha dfg - ] =>Adware.Pirrit
DEPLACÉ fichier: C:\Users\BOB\AppData\Roaming\K-dox.exe =>Adware.Pirrit
DEPLACÉ fichier: C:\Users\BOB\AppData\Roaming\Roranal.exe =>Adware.Pirrit
DEPLACÉ fichier^: C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc.exe [Elex do Brasil Participações Ltda - iSafeSvc] =>.SUP.Elex
DEPLACÉ fichier^: C:\Windows\System32\DRIVERS\iSafeKrnlBoot.sys =>.SUP.Elex
DEPLACÉ fichier^: C:\Windows\System32\DRIVERS\iSafeNetFilter.sys =>.SUP.Elex
DEPLACÉ fichier: C:\ProgramData\{8AFE4F9D-00BC-C55B-867A-5B191C38D0D7}\mide.txt =>Adware.YahooPowered
DEPLACÉ fichier: C:\Windows\Tasks\Yahoo! Powered fitof.job =>Adware.YahooPowered
DEPLACÉ fichier: C:\Program Files (x86)\Wufospromigh Core\local64spl.dll =>.SUP.Elex
DEPLACÉ fichier: C:\Windows\Temp\gB78B.tmp.exe =>Heuristic.Suspect
DEPLACÉ fichier: C:\Windows\Temp\gC8EA.tmp.exe =>Heuristic.Suspect
DEPLACÉ fichier: C:\Windows\Temp\GUR27DA.exe =>Heuristic.Suspect
DEPLACÉ fichier: C:\Windows\Temp\ICReinstall_NotEnoughItems_0338616437.exe [Dinu - Kola Setup] =>Heuristic.Suspect
DEPLACÉ fichier: C:\Users\BOB\AppData\Local\Temp\4VUMV5W.exe [WeMonetize - SpeeDownloader Setup] =>.SUP.Tuto4PC
DEPLACÉ fichier: C:\Users\BOB\AppData\Local\Temp\AppTrailers.9.1.10amt.exe [AppTrailers - ] =>Adware.AppTrailers
DEPLACÉ fichier: C:\Users\BOB\AppData\Local\Temp\singleProxy.exe =>PUP.Optional.Y2Go
DEPLACÉ fichier: C:\Users\BOB\AppData\Local\Temp\singleProxyUpdater.exe =>PUP.Optional.Y2Go
DEPLACÉ fichier: C:\Users\BOB\AppData\Local\Temp\speedownloader.exe [ - wemglobalinstall Setup] =>Adware.SpeeDownloader
DEPLACÉ fichier: C:\Users\BOB\AppData\Local\Temp\videobox.exe [VideoBox - Video Box 1.7.0.9] =>Adware.Amonetize
DEPLACÉ fichier: C:\Program Files (x86)\MIO\MIO.exe =>.SUP.Elex
DEPLACÉ fichier^: C:\Windows\System32\Drivers\lanmamaster.sys =>Adware.ChinAd
DEPLACÉ fichier: C:\Users\BOB\AppData\Local\AMD\amd.exe =>.SUP.Elex
DEPLACÉ fichier: C:\Users\BOB\AppData\Local\Temp\1740067F-056A-49CC-B6AA-26AA5C773128\swytshop.exe [SwytShop - SwytShop Setup] =>PUP.Optional.SwytShop
DEPLACÉ dossier: C:\Users\BOB\AppData\Roaming\Mozilla\Firefox\Profiles\yJ3k3GIn.default\Extensions\cacaoweb@cacaoweb.org =>.SUP.CacaoWeb
DEPLACÉ dossier: C:\Users\BOB\AppData\Local\Google\Chrome\User Data\Default\Extensions\elmkjjfkkchohaaoljobaffjeedcoocj =>.SUP.BrowserExtension
DEPLACÉ dossier: C:\Users\BOB\AppData\Local\Google\Chrome\User Data\Default\Extensions\fngmhnnpilhplaeedifhccceomclgfbg =>Adware.CloudAtlas
DEPLACÉ dossier: C:\Users\BOB\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej =>.SUP.SearchManager
DEPLACÉ dossier: C:\Users\BOB\AppData\Roaming\Firefox =>Hijacker.Browser
DEPLACÉ dossier^: C:\Program Files (x86)\Elex-tech =>.SUP.Elex
DEPLACÉ dossier: C:\Program Files (x86)\Microleaves =>.SUP.Microleaves
DEPLACÉ dossier: C:\Program Files\1UUV4EKLEF =>Heuristic.Wizzcaster
DEPLACÉ dossier: C:\Program Files\7WIXTUELM7 =>Heuristic.Wizzcaster
DEPLACÉ dossier: C:\Program Files\9APROW87HP =>Heuristic.Wizzcaster
DEPLACÉ dossier: C:\Program Files\B7YVZYTBNH =>Heuristic.Wizzcaster
DEPLACÉ dossier: C:\Program Files\K1H7PYV80L =>Heuristic.Wizzcaster
DEPLACÉ dossier: C:\Program Files\VBDK1ACTFB =>Heuristic.Wizzcaster
DEPLACÉ dossier^: C:\Users\BOB\AppData\Roaming\Elex-tech =>.SUP.Elex
DEPLACÉ dossier: C:\Users\BOB\AppData\Local\Temp\1740067F-056A-49CC-B6AA-26AA5C773128 =>PUP.Optional.SwytShop
DEPLACÉ dossier: C:\Program Files (x86)\Firefox =>Hijacker.Browser
DEPLACÉ dossier^: C:\Program Files (x86)\Elex-tech\YAC =>.SUP.YetAnotherCleaner
DEPLACÉ dossier: C:\ProgramData\BIT =>.SUP.Elex
DEPLACÉ dossier: C:\ProgramData\Software =>PUP.Optional.Boxore
DEPLACÉ dossier: C:\Users\BOB\AppData\Local\Google\Update =>Heuristic.Suspect
DEPLACÉ dossier: C:\Users\BOB\AppData\Local\Firefox =>Hijacker.Browser
DEPLACÉ dossier: C:\Users\BOB\AppData\Local\kitty =>.SUP.Elex
---\\ Base de Registres ( Clés, Valeurs, Données ). (57)
SUPPRIMÉ clé: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2211d4a5-48d0-47f5-a7cd-81e861470f7f} [http://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-60b342da&q={searchTerms}] [Bing Powered Search] =>.SUP.BingPoweredSearch
SUPPRIMÉ clé: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{d4fee3d1-1014-4db8-a824-573bf9ab51c7} [] [Yahoo! Powered] =>Adware.YahooPowered
SUPPRIMÉ clé: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EBB339DC-1EBA-4780-86FD-E7F0777E7421} [http://www.ourluckysites.com/search/?type=ds&ts=1492430446&z=e34f2e6c1e62c4671846348g6zft1o6zccbeczd[...]] [ourluckysites] =>Hijacker.OurLuckySites
SUPPRIMÉ clé: [X64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2211d4a5-48d0-47f5-a7cd-81e861470f7f} [http://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-60b342da&q={searchTerms}] [Bing Powered Search] =>.SUP.BingPoweredSearch
SUPPRIMÉ clé: [X64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{d4fee3d1-1014-4db8-a824-573bf9ab51c7} [http://www.bing.com/search?q={searchTerms}&form=PRDLC1&src=IE11TR&pc=DCTE] [Yahoo! Powered] =>Adware.YahooPowered
SUPPRIMÉ clé: [X64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EBB339DC-1EBA-4780-86FD-E7F0777E7421} [https://fr.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_dmontlsfs_17_16[...]] [Yahoo! Powered] =>Adware.YahooPowered
SUPPRIMÉ clé: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{2211d4a5-48d0-47f5-a7cd-81e861470f7f} [http://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-60b342da&q={searchTerms}] [Bing Powered Search] =>.SUP.BingPoweredSearch
SUPPRIMÉ clé: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{d4fee3d1-1014-4db8-a824-573bf9ab51c7} [http://www.bing.com/search?q={searchTerms}&form=PRDLC1&src=IE11TR&pc=DCTE] [Yahoo! Powered] =>Adware.YahooPowered
SUPPRIMÉ clé: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{EBB339DC-1EBA-4780-86FD-E7F0777E7421} [https://fr.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_dmontlsfs_17_16[...]] [Yahoo! Powered] =>Adware.YahooPowered
SUPPRIMÉ donnée: HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{0A3C9A52-E512-458C-9E8C-E4EBDCD6D9AE}\\NameServer [Bad : 82.163.143.176 82.163.142.178] =>Adware.DNSUnlocker
SUPPRIMÉ donnée: HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\\NameServer [Bad : 82.163.143.176 82.163.142.178] =>Adware.DNSUnlocker
SUPPRIMÉ clé*: HKCU\SOFTWARE\Google\Chrome\Extensions\elmkjjfkkchohaaoljobaffjeedcoocj [] =>.SUP.BrowserExtension
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Google\Chrome\Extensions\elmkjjfkkchohaaoljobaffjeedcoocj [] =>.SUP.BrowserExtension
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\elmkjjfkkchohaaoljobaffjeedcoocj [] =>.SUP.BrowserExtension
SUPPRIMÉ clé*: HKCU\SOFTWARE\Google\Chrome\Extensions\pilplloabdedfmialnfchjomjmpjcoej [] =>.SUP.SearchManager
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Google\Chrome\Extensions\pilplloabdedfmialnfchjomjmpjcoej [] =>.SUP.SearchManager
SUPPRIMÉ clé^: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2211d4a5-48d0-47f5-a7cd-81e861470f7f} [http://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-60b342da&q={searchTerms}] =>.SUP.BingPoweredSearch
SUPPRIMÉ clé^: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{d4fee3d1-1014-4db8-a824-573bf9ab51c7} [] =>Adware.YahooPowered
SUPPRIMÉ clé^: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EBB339DC-1EBA-4780-86FD-E7F0777E7421} [http://www.ourluckysites.com/search/?type=ds&ts=1492430446&z=e34f2e6c1e62c4671846348g6zft1o6zccbeczdzfq&from=che0812&uid=ST500DM002-1BD142_Z6EN4PT2XXXXZ6EN4PT2&q={searchTerms}] =>Hijacker.OurLuckySites
SUPPRIMÉ clé^: [X64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2211d4a5-48d0-47f5-a7cd-81e861470f7f} [http://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-60b342da&q={searchTerms}] =>.SUP.BingPoweredSearch
SUPPRIMÉ clé^: [X64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{d4fee3d1-1014-4db8-a824-573bf9ab51c7} [http://www.bing.com/search?q={searchTerms}&form=PRDLC1&src=IE11TR&pc=DCTE] =>Adware.YahooPowered
SUPPRIMÉ clé^: [X64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EBB339DC-1EBA-4780-86FD-E7F0777E7421} [https://fr.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_dmontlsfs_17_16¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dfr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzuyCyEtDtDyC0AtBtB0B0FyCyB0B0DtCyCtN0D0Tzu0StCzytAyEtN1L2XzutAtFtBzytFtAtFyDtBtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2SyDtDyEyE0AtB0F0AtGtBzz0A0AtGyCyEyDtAtGyEyCzy0CtGtByCyCtCtByB0EyByEyB0E0A2QtN1M1F1B2Z1V1N2Y1L1Qzu2StCzztAyDyCtBtA0FtGtDtC0FtCtGyEyCyBtDtGzzyBtAtDtG0AyE0DtC0D0AtCtB0F0CyEtB2QtN0A0LzuyEtN1B2Z1V1T1S1NzutCtByCzztA%26cr%3D1483230843%26a%3Dwbf_dmontlsfs_17_16%26os_ver%3D6.1%26os%3DWindows%2B7%2BProfessional&p={searchTerms}] =>Adware.YahooPowered
SUPPRIMÉ clé^: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{2211d4a5-48d0-47f5-a7cd-81e861470f7f} [http://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-60b342da&q={searchTerms}] =>.SUP.BingPoweredSearch
SUPPRIMÉ clé^: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{d4fee3d1-1014-4db8-a824-573bf9ab51c7} [http://www.bing.com/search?q={searchTerms}&form=PRDLC1&src=IE11TR&pc=DCTE] =>Adware.YahooPowered
SUPPRIMÉ clé^: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{EBB339DC-1EBA-4780-86FD-E7F0777E7421} [https://fr.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_dmontlsfs_17_16¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dfr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzuyCyEtDtDyC0AtBtB0B0FyCyB0B0DtCyCtN0D0Tzu0StCzytAyEtN1L2XzutAtFtBzytFtAtFyDtBtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2SyDtDyEyE0AtB0F0AtGtBzz0A0AtGyCyEyDtAtGyEyCzy0CtGtByCyCtCtByB0EyByEyB0E0A2QtN1M1F1B2Z1V1N2Y1L1Qzu2StCzztAyDyCtBtA0FtGtDtC0FtCtGyEyCyBtDtGzzyBtAtDtG0AyE0DtC0D0AtCtB0F0CyEtB2QtN0A0LzuyEtN1B2Z1V1T1S1NzutCtByCzztA%26cr%3D1483230843%26a%3Dwbf_dmontlsfs_17_16%26os_ver%3D6.1%26os%3DWindows%2B7%2BProfessional&p={searchTerms}] =>Adware.YahooPowered
SUPPRIMÉ clé^: HKLM\SYSTEM\CurrentControlSet\Services\iSafeKrnl [\C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnl.sys (Not File)] =>.SUP.Elex
SUPPRIMÉ clé^: HKLM\SYSTEM\CurrentControlSet\Services\iSafeKrnlKit [\C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlKit.sys (Not File)] =>.SUP.Elex
SUPPRIMÉ clé*: HKLM\SYSTEM\CurrentControlSet\Services\iSafeKrnlMon [\C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlMon.sys (Not File)] =>.SUP.Elex
SUPPRIMÉ clé^: HKLM\SYSTEM\CurrentControlSet\Services\iSafeKrnlR3 [\C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlR3.sys (Not File)] =>.SUP.Elex
SUPPRIMÉ clé^: HKLM\SYSTEM\CurrentControlSet\Services\iSafeService [C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc.exe] =>.SUP.Elex
SUPPRIMÉ clé*: HKLM\SYSTEM\CurrentControlSet\Services\NetUtils2016 [\C:\Windows\system32\drivers\NetUtils2016.sys (Not File)] =>.SUP.Netutils
SUPPRIMÉ clé^: HKLM\SYSTEM\CurrentControlSet\Services\iSafeKrnlBoot [C:\Windows\System32\DRIVERS\iSafeKrnlBoot.sys] =>.SUP.Elex
SUPPRIMÉ clé^: HKLM\SYSTEM\CurrentControlSet\Services\iSafeNetFilter [C:\Windows\System32\DRIVERS\iSafeNetFilter.sys] =>.SUP.Elex
SUPPRIMÉ clé*: HKLM\SYSTEM\CurrentControlSet\Control\Print\Providers\ayj9qk09 [farwia] =>.SUP.Elex
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\cacaoweb ["C:\Users\BOB\AppData\Roaming\cacaoweb\cacaoweb.exe" -noplayer (Not File)] =>.SUP.CacaoWeb
SUPPRIMÉ clé*: HKEY_USERS\S-1-5-21-4197031219-1917498957-2016370213-1000\SOFTWARE\PROPCCleanerConfig [] =>.SUP.DoctorPC
SUPPRIMÉ clé: HKCU\Software\PROPCCleanerConfig [] =>.SUP.DoctorPC
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\akamaihd.net [] =>.SUP.AkamaiHD
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdncache-a.akamaihd.net [895] =>.SUP.AkamaiHD
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\static.audienceinsights.net [43] =>.SUP.AudienceInsights
SUPPRIMÉ clé*: HKCU\Software\undefined [] =>.SUP.Downloader
SUPPRIMÉ clé*: HKLM\SOFTWARE\Wow6432Node\Firefox [] =>Adware.GhokswaBrowser
SUPPRIMÉ clé: HKLM\SOFTWARE\Firefox [] =>Adware.GhokswaBrowser
SUPPRIMÉ clé*: HKLM\SYSTEM\CurrentControlSet\Services\CSHMDR [] =>.SUP.Elex
SUPPRIMÉ clé*: HKLM\SYSTEM\CurrentControlSet\Services\glory [] =>.SUP.Elex
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Microsoft\Tracing\ByteFence_RASAPI32 [] =>.SUP.ByteFence
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Microsoft\Tracing\ByteFence_RASMANCS [] =>.SUP.ByteFence
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Microsoft\Tracing\PROPCCleaner_RASAPI32 [] =>.SUP.DoctorPC
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Microsoft\Tracing\PROPCCleaner_RASMANCS [] =>.SUP.DoctorPC
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\acbfa4650af99dfd75de9e6b9233a85d [Social2Search] =>PUP.Optional.Social2Search
SUPPRIMÉ clé^: [X64] HKLM\SOFTWARE\Wow6432Node\Elex-tech [] =>.SUP.Elex
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Soci2Sear Browser Enhancer [] =>PUP.Optional.Wajam
SUPPRIMÉ clé^: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\iSafe [ELEX DO BRASIL PARTICIPAÇÕES LTDA] =>.SUP.Elex
SUPPRIMÉ clé*: HKCU\SOFTWARE\1de9fca4b5fc067e [] =>Hijacker.Browser
SUPPRIMÉ clé*: HKCU\SOFTWARE\5BF532F5FA7101FC088D0A0745D3A926 [] =>Hijacker.Browser
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\5BF532F5FA7101FC088D0A0745D3A926 [] =>Hijacker.Browser
SUPPRIMÉ valeur: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\Chrome Updater [C:\Users\BOB\AppData\Roaming\Google Chrome Updater.exe] =>Heuristic.KeyRun
---\\ Récapitulatif des éléments trouvés sur votre station. (34)
https://nicolascoolman.eu/2017/03/28/superfluous-elex/ =>.SUP.Elex
https://nicolascoolman.eu/2017/05/16/hijacker-ourluckysites/ =>Hijacker.OurLuckySites
https://nicolascoolman.eu/2017/04/03/hijacker-proxy/ =>Hijacker.Proxy
https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>Adware.YahooPowered
https://nicolascoolman.eu/2017/01/15/superfluous-cacaoweb/ =>.SUP.CacaoWeb
https://nicolascoolman.eu/2017/10/05/sup-browserextension/ =>.SUP.BrowserExtension
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.SUP.SearchManager
https://nicolascoolman.eu/2017/02/25/adware-pirrit/ =>Adware.Pirrit
https://nicolascoolman.eu/2017/01/28/heuristic-suspect/ =>Heuristic.Suspect
https://nicolascoolman.eu/2017/01/01/adware-tuto4pc-publichotspot/ =>.SUP.Tuto4PC
https://nicolascoolman.eu/2017/01/18/adware-apptrailers/ =>Adware.AppTrailers
https://nicolascoolman.eu/2017/04/08/pup-optional-y2go/ =>PUP.Optional.Y2Go
https://nicolascoolman.eu/2017/04/11/adware-speedownloader/ =>Adware.SpeeDownloader
https://www.anti-malware.top/2016/05/24/adware-amonetize/ =>Adware.Amonetize
https://nicolascoolman.eu/2017/09/18/adware-chinad/ =>Adware.ChinAd
https://nicolascoolman.eu/2017/04/08/pup-optional-swytshop/ =>PUP.Optional.SwytShop
https://nicolascoolman.eu/2017/08/10/adware-cloudatlas/ =>Adware.CloudAtlas
https://nicolascoolman.eu/2017/11/10/hijacker-browser-3/ =>Hijacker.Browser
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.SUP.Microleaves
https://nicolascoolman.eu/2017/09/15/adware-wizzcaster/ =>Heuristic.Wizzcaster
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.SUP.YetAnotherCleaner
https://nicolascoolman.eu/2017/03/14/pup-optional-boxore/ =>PUP.Optional.Boxore
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.SUP.BingPoweredSearch
https://nicolascoolman.eu/2017/09/27/adware-dnsunlocker/ =>Adware.DNSUnlocker
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.SUP.Netutils
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.SUP.DoctorPC
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.SUP.AkamaiHD
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.SUP.AudienceInsights
https://nicolascoolman.eu/2017/12/22/sup-downloader/ =>.SUP.Downloader
https://nicolascoolman.eu/2017/02/19/adware-ghokswabrowser/ =>Adware.GhokswaBrowser
https://nicolascoolman.eu/2017/03/13/superfluous-bytefence/ =>.SUP.ByteFence
https://nicolascoolman.eu/2017/01/17/wajam-social2search/ =>PUP.Optional.Social2Search
https://nicolascoolman.eu/2017/02/24/pup-optional-wajam/ =>PUP.Optional.Wajam
https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>Heuristic.KeyRun
---\\ Nettoyage Additionnel. (68)
~ Suppression des Clés de registre Tracing. (68)
~ Suppression des anciens rapports ZHPCleaner. (0)
---\\ Bilan de la réparation
~ Réparation réalisée avec succès.
~ Ce navigateur est absent (Mozilla Firefox)
~ Le système a été redémarré.
---\\ Statistiques
~ Items scannés : 654
~ Items trouvés : 0
~ Items annulés : 0
~ Items réparés : 124
~ End of clean in 00h02mn46s
~====================
ZHPCleaner-[R]-29122017-10_50_14.txt
ZHPCleaner-[S]-29122017-10_46_46.txt
~ Run by BOB (Administrator) (29/12/2017 10:47:28)
~ Web: https://www.nicolascoolman.com
~ Blog: https://nicolascoolman.eu/
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Version OK
~ Certificate ZHPCleaner: Legal
~ Type : Nettoyer
~ Report : C:\Users\BOB\Desktop\ZHPCleaner.txt
~ Quarantine : C:\Users\BOB\AppData\Roaming\ZHP\ZHPCleaner_Reg.txt
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
Windows 7 Professional, 64-bit Service Pack 1 (Build 7601)
---\\ Service. (1)
ARRETÉ : iSafeService =>.SUP.Elex
---\\ Navigateur internet. (12)
REMPLACÉ IE Params: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Search_URL [http://www.ourluckysites.com/search/?type=ds&ts=1492430446&z=e34f2e6c1e62c467184[...]] =>Hijacker.OurLuckySites
REMPLACÉ IE Params: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Page [http://www.ourluckysites.com/search/?type=ds&ts=1492430446&z=e34f2e6c1e62c467184[...]] =>Hijacker.OurLuckySites
REMPLACÉ IE Params: HKLM64\SOFTWARE\Microsoft\Internet Explorer\MAIN\\Default_Search_URL [http://www.ourluckysites.com/search/?type=ds&ts=1491066169&z=99ca5e12382cfc7c62e[...]] =>Hijacker.OurLuckySites
REMPLACÉ IE Params: HKLM64\SOFTWARE\Microsoft\Internet Explorer\MAIN\\Search Page [http://www.ourluckysites.com/search/?type=ds&ts=1491066169&z=99ca5e12382cfc7c62e[...]] =>Hijacker.OurLuckySites
REMPLACÉ IE Params: HKLM64\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\\Default_Search_URL [http://www.ourluckysites.com/search/?type=ds&ts=1491066169&z=99ca5e12382cfc7c62e[...]] =>Hijacker.OurLuckySites
REMPLACÉ IE Params: HKLM64\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\\Search Page [http://www.ourluckysites.com/search/?type=ds&ts=1491066169&z=99ca5e12382cfc7c62e[...]] =>Hijacker.OurLuckySites
SUPPRIMÉ donnée: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyOverride [Bad : <-loopback>] =>Hijacker.Proxy
SUPPRIMÉ donnée: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\\AutoConfigUrl [Bad : http://unstopaccess.com/wpad.dat?4c98e128a83ec8cb9460a3312aacce5730043026] =>Hijacker.Proxy
SUPPRIMÉ donnée: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer [Bad : http=127.0.0.1:8808;https=127.0.0.1:8808] =>Hijacker.Proxy
SUPPRIMÉ donnée: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable [Bad : 1] =>Hijacker.Proxy
SUPPRIMÉ donnée: HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings [Bad : Port=8808 <-Loopback>] =>Hijacker.Proxy
SUPPRIMÉ donnée: HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings [Bad : Port=8808 <-Loopback>] =>Hijacker.Proxy
---\\ Fichier hôte. (1)
~ Le fichier hôte est légitime. (1)
---\\ Tâche planifiée. (1)
SUPPRIMÉ tâche: [Yahoo! Powered fitof] [C:\ProgramData\{8AFE4F9D-00BC-C55B-867A-5B191C38D0D7}\mide.txt (Not File) ] =>Adware.YahooPowered
---\\ Explorateur ( Dossiers, Fichiers ). (53)
DEPLACÉ fichier*: C:\Users\BOB\AppData\Roaming\Mozilla\Firefox\Profiles\yJ3k3GIn.default\Extensions\cacaoweb@cacaoweb.org\chrome =>.SUP.CacaoWeb
DEPLACÉ fichier: C:\Users\BOB\AppData\Roaming\Mozilla\Firefox\Profiles\yJ3k3GIn.default\Extensions\cacaoweb@cacaoweb.org\chrome.manifest =>.SUP.CacaoWeb
DEPLACÉ fichier*: C:\Users\BOB\AppData\Roaming\Mozilla\Firefox\Profiles\yJ3k3GIn.default\Extensions\cacaoweb@cacaoweb.org\defaults =>.SUP.CacaoWeb
DEPLACÉ fichier: C:\Users\BOB\AppData\Roaming\Mozilla\Firefox\Profiles\yJ3k3GIn.default\Extensions\cacaoweb@cacaoweb.org\install.rdf =>.SUP.CacaoWeb
DEPLACÉ fichier: C:\Users\BOB\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_elmkjjfkkchohaaoljobaffjeedcoocj_0.localstorage =>.SUP.BrowserExtension
DEPLACÉ fichier: C:\Users\BOB\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_pilplloabdedfmialnfchjomjmpjcoej_0.localstorage =>.SUP.SearchManager
DEPLACÉ fichier: C:\Users\BOB\AppData\Roaming\Besefe.exe =>Adware.Pirrit
DEPLACÉ fichier: C:\Users\BOB\AppData\Roaming\Girofu.exe =>Adware.Pirrit
DEPLACÉ fichier: C:\Users\BOB\AppData\Roaming\Google Chrome Updater.exe [Ijhdh sdfsdfg dfsgsdf sdfg asdfasdf sdfgasd8fyha dfg - ] =>Adware.Pirrit
DEPLACÉ fichier: C:\Users\BOB\AppData\Roaming\K-dox.exe =>Adware.Pirrit
DEPLACÉ fichier: C:\Users\BOB\AppData\Roaming\Roranal.exe =>Adware.Pirrit
DEPLACÉ fichier^: C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc.exe [Elex do Brasil Participações Ltda - iSafeSvc] =>.SUP.Elex
DEPLACÉ fichier^: C:\Windows\System32\DRIVERS\iSafeKrnlBoot.sys =>.SUP.Elex
DEPLACÉ fichier^: C:\Windows\System32\DRIVERS\iSafeNetFilter.sys =>.SUP.Elex
DEPLACÉ fichier: C:\ProgramData\{8AFE4F9D-00BC-C55B-867A-5B191C38D0D7}\mide.txt =>Adware.YahooPowered
DEPLACÉ fichier: C:\Windows\Tasks\Yahoo! Powered fitof.job =>Adware.YahooPowered
DEPLACÉ fichier: C:\Program Files (x86)\Wufospromigh Core\local64spl.dll =>.SUP.Elex
DEPLACÉ fichier: C:\Windows\Temp\gB78B.tmp.exe =>Heuristic.Suspect
DEPLACÉ fichier: C:\Windows\Temp\gC8EA.tmp.exe =>Heuristic.Suspect
DEPLACÉ fichier: C:\Windows\Temp\GUR27DA.exe =>Heuristic.Suspect
DEPLACÉ fichier: C:\Windows\Temp\ICReinstall_NotEnoughItems_0338616437.exe [Dinu - Kola Setup] =>Heuristic.Suspect
DEPLACÉ fichier: C:\Users\BOB\AppData\Local\Temp\4VUMV5W.exe [WeMonetize - SpeeDownloader Setup] =>.SUP.Tuto4PC
DEPLACÉ fichier: C:\Users\BOB\AppData\Local\Temp\AppTrailers.9.1.10amt.exe [AppTrailers - ] =>Adware.AppTrailers
DEPLACÉ fichier: C:\Users\BOB\AppData\Local\Temp\singleProxy.exe =>PUP.Optional.Y2Go
DEPLACÉ fichier: C:\Users\BOB\AppData\Local\Temp\singleProxyUpdater.exe =>PUP.Optional.Y2Go
DEPLACÉ fichier: C:\Users\BOB\AppData\Local\Temp\speedownloader.exe [ - wemglobalinstall Setup] =>Adware.SpeeDownloader
DEPLACÉ fichier: C:\Users\BOB\AppData\Local\Temp\videobox.exe [VideoBox - Video Box 1.7.0.9] =>Adware.Amonetize
DEPLACÉ fichier: C:\Program Files (x86)\MIO\MIO.exe =>.SUP.Elex
DEPLACÉ fichier^: C:\Windows\System32\Drivers\lanmamaster.sys =>Adware.ChinAd
DEPLACÉ fichier: C:\Users\BOB\AppData\Local\AMD\amd.exe =>.SUP.Elex
DEPLACÉ fichier: C:\Users\BOB\AppData\Local\Temp\1740067F-056A-49CC-B6AA-26AA5C773128\swytshop.exe [SwytShop - SwytShop Setup] =>PUP.Optional.SwytShop
DEPLACÉ dossier: C:\Users\BOB\AppData\Roaming\Mozilla\Firefox\Profiles\yJ3k3GIn.default\Extensions\cacaoweb@cacaoweb.org =>.SUP.CacaoWeb
DEPLACÉ dossier: C:\Users\BOB\AppData\Local\Google\Chrome\User Data\Default\Extensions\elmkjjfkkchohaaoljobaffjeedcoocj =>.SUP.BrowserExtension
DEPLACÉ dossier: C:\Users\BOB\AppData\Local\Google\Chrome\User Data\Default\Extensions\fngmhnnpilhplaeedifhccceomclgfbg =>Adware.CloudAtlas
DEPLACÉ dossier: C:\Users\BOB\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej =>.SUP.SearchManager
DEPLACÉ dossier: C:\Users\BOB\AppData\Roaming\Firefox =>Hijacker.Browser
DEPLACÉ dossier^: C:\Program Files (x86)\Elex-tech =>.SUP.Elex
DEPLACÉ dossier: C:\Program Files (x86)\Microleaves =>.SUP.Microleaves
DEPLACÉ dossier: C:\Program Files\1UUV4EKLEF =>Heuristic.Wizzcaster
DEPLACÉ dossier: C:\Program Files\7WIXTUELM7 =>Heuristic.Wizzcaster
DEPLACÉ dossier: C:\Program Files\9APROW87HP =>Heuristic.Wizzcaster
DEPLACÉ dossier: C:\Program Files\B7YVZYTBNH =>Heuristic.Wizzcaster
DEPLACÉ dossier: C:\Program Files\K1H7PYV80L =>Heuristic.Wizzcaster
DEPLACÉ dossier: C:\Program Files\VBDK1ACTFB =>Heuristic.Wizzcaster
DEPLACÉ dossier^: C:\Users\BOB\AppData\Roaming\Elex-tech =>.SUP.Elex
DEPLACÉ dossier: C:\Users\BOB\AppData\Local\Temp\1740067F-056A-49CC-B6AA-26AA5C773128 =>PUP.Optional.SwytShop
DEPLACÉ dossier: C:\Program Files (x86)\Firefox =>Hijacker.Browser
DEPLACÉ dossier^: C:\Program Files (x86)\Elex-tech\YAC =>.SUP.YetAnotherCleaner
DEPLACÉ dossier: C:\ProgramData\BIT =>.SUP.Elex
DEPLACÉ dossier: C:\ProgramData\Software =>PUP.Optional.Boxore
DEPLACÉ dossier: C:\Users\BOB\AppData\Local\Google\Update =>Heuristic.Suspect
DEPLACÉ dossier: C:\Users\BOB\AppData\Local\Firefox =>Hijacker.Browser
DEPLACÉ dossier: C:\Users\BOB\AppData\Local\kitty =>.SUP.Elex
---\\ Base de Registres ( Clés, Valeurs, Données ). (57)
SUPPRIMÉ clé: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2211d4a5-48d0-47f5-a7cd-81e861470f7f} [http://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-60b342da&q={searchTerms}] [Bing Powered Search] =>.SUP.BingPoweredSearch
SUPPRIMÉ clé: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{d4fee3d1-1014-4db8-a824-573bf9ab51c7} [] [Yahoo! Powered] =>Adware.YahooPowered
SUPPRIMÉ clé: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EBB339DC-1EBA-4780-86FD-E7F0777E7421} [http://www.ourluckysites.com/search/?type=ds&ts=1492430446&z=e34f2e6c1e62c4671846348g6zft1o6zccbeczd[...]] [ourluckysites] =>Hijacker.OurLuckySites
SUPPRIMÉ clé: [X64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2211d4a5-48d0-47f5-a7cd-81e861470f7f} [http://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-60b342da&q={searchTerms}] [Bing Powered Search] =>.SUP.BingPoweredSearch
SUPPRIMÉ clé: [X64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{d4fee3d1-1014-4db8-a824-573bf9ab51c7} [http://www.bing.com/search?q={searchTerms}&form=PRDLC1&src=IE11TR&pc=DCTE] [Yahoo! Powered] =>Adware.YahooPowered
SUPPRIMÉ clé: [X64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EBB339DC-1EBA-4780-86FD-E7F0777E7421} [https://fr.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_dmontlsfs_17_16[...]] [Yahoo! Powered] =>Adware.YahooPowered
SUPPRIMÉ clé: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{2211d4a5-48d0-47f5-a7cd-81e861470f7f} [http://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-60b342da&q={searchTerms}] [Bing Powered Search] =>.SUP.BingPoweredSearch
SUPPRIMÉ clé: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{d4fee3d1-1014-4db8-a824-573bf9ab51c7} [http://www.bing.com/search?q={searchTerms}&form=PRDLC1&src=IE11TR&pc=DCTE] [Yahoo! Powered] =>Adware.YahooPowered
SUPPRIMÉ clé: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{EBB339DC-1EBA-4780-86FD-E7F0777E7421} [https://fr.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_dmontlsfs_17_16[...]] [Yahoo! Powered] =>Adware.YahooPowered
SUPPRIMÉ donnée: HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{0A3C9A52-E512-458C-9E8C-E4EBDCD6D9AE}\\NameServer [Bad : 82.163.143.176 82.163.142.178] =>Adware.DNSUnlocker
SUPPRIMÉ donnée: HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\\NameServer [Bad : 82.163.143.176 82.163.142.178] =>Adware.DNSUnlocker
SUPPRIMÉ clé*: HKCU\SOFTWARE\Google\Chrome\Extensions\elmkjjfkkchohaaoljobaffjeedcoocj [] =>.SUP.BrowserExtension
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Google\Chrome\Extensions\elmkjjfkkchohaaoljobaffjeedcoocj [] =>.SUP.BrowserExtension
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\elmkjjfkkchohaaoljobaffjeedcoocj [] =>.SUP.BrowserExtension
SUPPRIMÉ clé*: HKCU\SOFTWARE\Google\Chrome\Extensions\pilplloabdedfmialnfchjomjmpjcoej [] =>.SUP.SearchManager
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Google\Chrome\Extensions\pilplloabdedfmialnfchjomjmpjcoej [] =>.SUP.SearchManager
SUPPRIMÉ clé^: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2211d4a5-48d0-47f5-a7cd-81e861470f7f} [http://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-60b342da&q={searchTerms}] =>.SUP.BingPoweredSearch
SUPPRIMÉ clé^: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{d4fee3d1-1014-4db8-a824-573bf9ab51c7} [] =>Adware.YahooPowered
SUPPRIMÉ clé^: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EBB339DC-1EBA-4780-86FD-E7F0777E7421} [http://www.ourluckysites.com/search/?type=ds&ts=1492430446&z=e34f2e6c1e62c4671846348g6zft1o6zccbeczdzfq&from=che0812&uid=ST500DM002-1BD142_Z6EN4PT2XXXXZ6EN4PT2&q={searchTerms}] =>Hijacker.OurLuckySites
SUPPRIMÉ clé^: [X64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2211d4a5-48d0-47f5-a7cd-81e861470f7f} [http://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-60b342da&q={searchTerms}] =>.SUP.BingPoweredSearch
SUPPRIMÉ clé^: [X64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{d4fee3d1-1014-4db8-a824-573bf9ab51c7} [http://www.bing.com/search?q={searchTerms}&form=PRDLC1&src=IE11TR&pc=DCTE] =>Adware.YahooPowered
SUPPRIMÉ clé^: [X64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EBB339DC-1EBA-4780-86FD-E7F0777E7421} [https://fr.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_dmontlsfs_17_16¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dfr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzuyCyEtDtDyC0AtBtB0B0FyCyB0B0DtCyCtN0D0Tzu0StCzytAyEtN1L2XzutAtFtBzytFtAtFyDtBtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2SyDtDyEyE0AtB0F0AtGtBzz0A0AtGyCyEyDtAtGyEyCzy0CtGtByCyCtCtByB0EyByEyB0E0A2QtN1M1F1B2Z1V1N2Y1L1Qzu2StCzztAyDyCtBtA0FtGtDtC0FtCtGyEyCyBtDtGzzyBtAtDtG0AyE0DtC0D0AtCtB0F0CyEtB2QtN0A0LzuyEtN1B2Z1V1T1S1NzutCtByCzztA%26cr%3D1483230843%26a%3Dwbf_dmontlsfs_17_16%26os_ver%3D6.1%26os%3DWindows%2B7%2BProfessional&p={searchTerms}] =>Adware.YahooPowered
SUPPRIMÉ clé^: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{2211d4a5-48d0-47f5-a7cd-81e861470f7f} [http://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-60b342da&q={searchTerms}] =>.SUP.BingPoweredSearch
SUPPRIMÉ clé^: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{d4fee3d1-1014-4db8-a824-573bf9ab51c7} [http://www.bing.com/search?q={searchTerms}&form=PRDLC1&src=IE11TR&pc=DCTE] =>Adware.YahooPowered
SUPPRIMÉ clé^: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{EBB339DC-1EBA-4780-86FD-E7F0777E7421} [https://fr.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_dmontlsfs_17_16¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dfr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzuyCyEtDtDyC0AtBtB0B0FyCyB0B0DtCyCtN0D0Tzu0StCzytAyEtN1L2XzutAtFtBzytFtAtFyDtBtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2SyDtDyEyE0AtB0F0AtGtBzz0A0AtGyCyEyDtAtGyEyCzy0CtGtByCyCtCtByB0EyByEyB0E0A2QtN1M1F1B2Z1V1N2Y1L1Qzu2StCzztAyDyCtBtA0FtGtDtC0FtCtGyEyCyBtDtGzzyBtAtDtG0AyE0DtC0D0AtCtB0F0CyEtB2QtN0A0LzuyEtN1B2Z1V1T1S1NzutCtByCzztA%26cr%3D1483230843%26a%3Dwbf_dmontlsfs_17_16%26os_ver%3D6.1%26os%3DWindows%2B7%2BProfessional&p={searchTerms}] =>Adware.YahooPowered
SUPPRIMÉ clé^: HKLM\SYSTEM\CurrentControlSet\Services\iSafeKrnl [\C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnl.sys (Not File)] =>.SUP.Elex
SUPPRIMÉ clé^: HKLM\SYSTEM\CurrentControlSet\Services\iSafeKrnlKit [\C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlKit.sys (Not File)] =>.SUP.Elex
SUPPRIMÉ clé*: HKLM\SYSTEM\CurrentControlSet\Services\iSafeKrnlMon [\C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlMon.sys (Not File)] =>.SUP.Elex
SUPPRIMÉ clé^: HKLM\SYSTEM\CurrentControlSet\Services\iSafeKrnlR3 [\C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlR3.sys (Not File)] =>.SUP.Elex
SUPPRIMÉ clé^: HKLM\SYSTEM\CurrentControlSet\Services\iSafeService [C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc.exe] =>.SUP.Elex
SUPPRIMÉ clé*: HKLM\SYSTEM\CurrentControlSet\Services\NetUtils2016 [\C:\Windows\system32\drivers\NetUtils2016.sys (Not File)] =>.SUP.Netutils
SUPPRIMÉ clé^: HKLM\SYSTEM\CurrentControlSet\Services\iSafeKrnlBoot [C:\Windows\System32\DRIVERS\iSafeKrnlBoot.sys] =>.SUP.Elex
SUPPRIMÉ clé^: HKLM\SYSTEM\CurrentControlSet\Services\iSafeNetFilter [C:\Windows\System32\DRIVERS\iSafeNetFilter.sys] =>.SUP.Elex
SUPPRIMÉ clé*: HKLM\SYSTEM\CurrentControlSet\Control\Print\Providers\ayj9qk09 [farwia] =>.SUP.Elex
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\cacaoweb ["C:\Users\BOB\AppData\Roaming\cacaoweb\cacaoweb.exe" -noplayer (Not File)] =>.SUP.CacaoWeb
SUPPRIMÉ clé*: HKEY_USERS\S-1-5-21-4197031219-1917498957-2016370213-1000\SOFTWARE\PROPCCleanerConfig [] =>.SUP.DoctorPC
SUPPRIMÉ clé: HKCU\Software\PROPCCleanerConfig [] =>.SUP.DoctorPC
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\akamaihd.net [] =>.SUP.AkamaiHD
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdncache-a.akamaihd.net [895] =>.SUP.AkamaiHD
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\static.audienceinsights.net [43] =>.SUP.AudienceInsights
SUPPRIMÉ clé*: HKCU\Software\undefined [] =>.SUP.Downloader
SUPPRIMÉ clé*: HKLM\SOFTWARE\Wow6432Node\Firefox [] =>Adware.GhokswaBrowser
SUPPRIMÉ clé: HKLM\SOFTWARE\Firefox [] =>Adware.GhokswaBrowser
SUPPRIMÉ clé*: HKLM\SYSTEM\CurrentControlSet\Services\CSHMDR [] =>.SUP.Elex
SUPPRIMÉ clé*: HKLM\SYSTEM\CurrentControlSet\Services\glory [] =>.SUP.Elex
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Microsoft\Tracing\ByteFence_RASAPI32 [] =>.SUP.ByteFence
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Microsoft\Tracing\ByteFence_RASMANCS [] =>.SUP.ByteFence
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Microsoft\Tracing\PROPCCleaner_RASAPI32 [] =>.SUP.DoctorPC
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Microsoft\Tracing\PROPCCleaner_RASMANCS [] =>.SUP.DoctorPC
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\acbfa4650af99dfd75de9e6b9233a85d [Social2Search] =>PUP.Optional.Social2Search
SUPPRIMÉ clé^: [X64] HKLM\SOFTWARE\Wow6432Node\Elex-tech [] =>.SUP.Elex
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Soci2Sear Browser Enhancer [] =>PUP.Optional.Wajam
SUPPRIMÉ clé^: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\iSafe [ELEX DO BRASIL PARTICIPAÇÕES LTDA] =>.SUP.Elex
SUPPRIMÉ clé*: HKCU\SOFTWARE\1de9fca4b5fc067e [] =>Hijacker.Browser
SUPPRIMÉ clé*: HKCU\SOFTWARE\5BF532F5FA7101FC088D0A0745D3A926 [] =>Hijacker.Browser
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\5BF532F5FA7101FC088D0A0745D3A926 [] =>Hijacker.Browser
SUPPRIMÉ valeur: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\Chrome Updater [C:\Users\BOB\AppData\Roaming\Google Chrome Updater.exe] =>Heuristic.KeyRun
---\\ Récapitulatif des éléments trouvés sur votre station. (34)
https://nicolascoolman.eu/2017/03/28/superfluous-elex/ =>.SUP.Elex
https://nicolascoolman.eu/2017/05/16/hijacker-ourluckysites/ =>Hijacker.OurLuckySites
https://nicolascoolman.eu/2017/04/03/hijacker-proxy/ =>Hijacker.Proxy
https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>Adware.YahooPowered
https://nicolascoolman.eu/2017/01/15/superfluous-cacaoweb/ =>.SUP.CacaoWeb
https://nicolascoolman.eu/2017/10/05/sup-browserextension/ =>.SUP.BrowserExtension
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.SUP.SearchManager
https://nicolascoolman.eu/2017/02/25/adware-pirrit/ =>Adware.Pirrit
https://nicolascoolman.eu/2017/01/28/heuristic-suspect/ =>Heuristic.Suspect
https://nicolascoolman.eu/2017/01/01/adware-tuto4pc-publichotspot/ =>.SUP.Tuto4PC
https://nicolascoolman.eu/2017/01/18/adware-apptrailers/ =>Adware.AppTrailers
https://nicolascoolman.eu/2017/04/08/pup-optional-y2go/ =>PUP.Optional.Y2Go
https://nicolascoolman.eu/2017/04/11/adware-speedownloader/ =>Adware.SpeeDownloader
https://www.anti-malware.top/2016/05/24/adware-amonetize/ =>Adware.Amonetize
https://nicolascoolman.eu/2017/09/18/adware-chinad/ =>Adware.ChinAd
https://nicolascoolman.eu/2017/04/08/pup-optional-swytshop/ =>PUP.Optional.SwytShop
https://nicolascoolman.eu/2017/08/10/adware-cloudatlas/ =>Adware.CloudAtlas
https://nicolascoolman.eu/2017/11/10/hijacker-browser-3/ =>Hijacker.Browser
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.SUP.Microleaves
https://nicolascoolman.eu/2017/09/15/adware-wizzcaster/ =>Heuristic.Wizzcaster
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.SUP.YetAnotherCleaner
https://nicolascoolman.eu/2017/03/14/pup-optional-boxore/ =>PUP.Optional.Boxore
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.SUP.BingPoweredSearch
https://nicolascoolman.eu/2017/09/27/adware-dnsunlocker/ =>Adware.DNSUnlocker
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.SUP.Netutils
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.SUP.DoctorPC
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.SUP.AkamaiHD
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.SUP.AudienceInsights
https://nicolascoolman.eu/2017/12/22/sup-downloader/ =>.SUP.Downloader
https://nicolascoolman.eu/2017/02/19/adware-ghokswabrowser/ =>Adware.GhokswaBrowser
https://nicolascoolman.eu/2017/03/13/superfluous-bytefence/ =>.SUP.ByteFence
https://nicolascoolman.eu/2017/01/17/wajam-social2search/ =>PUP.Optional.Social2Search
https://nicolascoolman.eu/2017/02/24/pup-optional-wajam/ =>PUP.Optional.Wajam
https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>Heuristic.KeyRun
---\\ Nettoyage Additionnel. (68)
~ Suppression des Clés de registre Tracing. (68)
~ Suppression des anciens rapports ZHPCleaner. (0)
---\\ Bilan de la réparation
~ Réparation réalisée avec succès.
~ Ce navigateur est absent (Mozilla Firefox)
~ Le système a été redémarré.
---\\ Statistiques
~ Items scannés : 654
~ Items trouvés : 0
~ Items annulés : 0
~ Items réparés : 124
~ End of clean in 00h02mn46s
~====================
ZHPCleaner-[R]-29122017-10_50_14.txt
ZHPCleaner-[S]-29122017-10_46_46.txt