~ ZHPCleaner v2017.9.30.171 by Nicolas Coolman (2017/09/30) ~ Run by Admin (Administrator) (01/10/2017 19:22:00) ~ Web: https://www.nicolascoolman.com ~ Blog: https://nicolascoolman.eu/ ~ Facebook : https://www.facebook.com/nicolascoolman1 ~ State version : Version KO ~ Certificate ZHPCleaner: Legal ~ Type : Nettoyer ~ Report : C:\Users\Admin\Desktop\ZHPCleaner.txt ~ Quarantine : C:\Users\Admin\AppData\Roaming\ZHP\ZHPCleaner_Reg.txt ~ UAC : Deactivate ~ Boot Mode : Normal (Normal boot) Windows 7 Professional, 32-bit Service Pack 1 (Build 7601) ---\\ Service. (1) ARRETÉ : KingoSoftService =>PUP.Optional.Youndoo ---\\ Navigateur internet. (7) SUPPRIMÉ donnée: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\\AutoConfigUrl [Bad : http://accesswebunlimited.com/wpad.dat?5179d7b6877695c8a7bbfd1afbcc570235930826] =>Hijacker.Proxy REMPLACÉ Quicklaunch: C:\Users\Admin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Internet Explorer.LNK [Bad : http://qtipr.com/](.Microsoft Corporation.) =>Hijacker.Browser REMPLACÉ Quicklaunch: C:\Users\Admin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk [Bad : http://qtipr.com/](.Microsoft Corporation.) =>Hijacker.Browser REMPLACÉ Quicklaunch: C:\Users\Admin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.LNK [Bad : http://qtipr.com/](.Mozilla Corporation.) =>Hijacker.Browser REMPLACÉ TaskBar: C:\Users\Admin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\ff42i15r14e33f26o83x.lnk [Bad : http://qtipr.com/](.Mozilla Corporation.) =>Hijacker.Browser REMPLACÉ TaskBar: C:\Users\Admin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk [Bad : http://qtipr.com/](.Microsoft Corporation.) =>Hijacker.Browser REMPLACÉ Startup\Programs: C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk [Bad : http://qtipr.com/](.Microsoft Corporation.) =>Hijacker.Browser ---\\ Fichier hôte. (1) ~ Le fichier hôte est légitime. (1) ---\\ Tâche planifiée. (1) SUPPRIMÉ tâche: [{6F8D9A46-F6BD-4C0D-B87E-D86A922458E2}] [C:\Program Files\SupTab\uninstall.exe (Not File) ] =>PUP.Optional.SupTab ---\\ Explorateur ( Dossiers, Fichiers ). (5) DEPLACÉ fichier: C:\Users\Admin\AppData\Local\Kingosoft\Kingo Root\update_54326\bin\KingoSoftService.exe =>PUP.Optional.Youndoo DEPLACÉ dossier: C:\Users\Admin\AppData\Local\UmmyVideoDownloader =>Adware¨Pirrit DEPLACÉ dossier: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UmmyVideoDownloader =>Adware¨Pirrit DEPLACÉ dossier: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverToolkit =>.SUP.DriverToolkit DEPLACÉ dossier: C:\Users\Admin\AppData\Local\Google\Update =>Heuristic.Suspect ---\\ Base de Registres ( Clés, Valeurs, Données ). (9) SUPPRIMÉ donnée: HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{56040EFA-2BB7-4A47-87A3-5EF383572D3D}\\NameServer [Bad : 81.192.21.81 81.192.21.80] =>Hijacker.Browser SUPPRIMÉ donnée: HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{C870624F-7FE4-4046-9D17-BAD8AB986E44}\\NameServer [Bad : 81.192.21.80 81.192.21.81] =>Hijacker.Browser SUPPRIMÉ clé*: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{E028DBDA-EEE7-48A0-ADF7-D250589A02C5}_is1 [UmmyVideoDownloader] =>Adware¨Pirrit SUPPRIMÉ clé*: HKLM\SYSTEM\CurrentControlSet\Services\KingoSoftService [C:\Users\Admin\AppData\Local\Kingosoft\Kingo Root\update_54326\bin\KingoSoftService.exe (Not File)] =>PUP.Optional.Youndoo SUPPRIMÉ clé*: HKEY_USERS\S-1-5-21-1076428414-641238508-383798790-1000\SOFTWARE\DriverToolkit [] =>.SUP.DriverToolkit SUPPRIMÉ clé*: HKEY_USERS\S-1-5-21-1076428414-641238508-383798790-1000\SOFTWARE\Magicbit [] =>.SUP.Magicbit SUPPRIMÉ clé: HKCU\Software\DriverToolkit [] =>.SUP.DriverToolkit SUPPRIMÉ clé: HKCU\Software\Magicbit [] =>.SUP.Magicbit SUPPRIMÉ clé*: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{D66BF89F-B0A2-48F5-A2E4-242EB645AB76}_is1 [Megaify Software] =>.SUP.Megaify ---\\ Récapitulatif des éléments trouvés sur votre station. (9) https://nicolascoolman.eu/2017/03/11/superfluous-youndoo/ =>PUP.Optional.Youndoo https://nicolascoolman.eu/2017/04/03/hijacker-proxy/ =>Hijacker.Proxy https://nicolascoolman.eu/2017/02/02/hijacker-browser-2/ =>Hijacker.Browser https://www.nicolascoolman.com/fr/pup-suptab/ =>PUP.Optional.SupTab https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>Adware¨Pirrit https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.SUP.DriverToolkit https://nicolascoolman.eu/2017/01/28/heuristic-suspect/ =>Heuristic.Suspect https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.SUP.Magicbit https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.SUP.Megaify ---\\ Nettoyage Additionnel. (27) ~ Suppression des Clés de registre Tracing. (27) ~ Suppression des anciens rapports ZHPCleaner. (0) ---\\ Bilan de la réparation ~ Réparation réalisée avec succès. ---\\ Statistiques ~ Items scannés : 2702 ~ Items trouvés : 0 ~ Items annulés : 0 ~ Items réparés : 23 ~ End of clean in 00h00mn39s ~==================== ZHPCleaner-[R]-01102017-19_22_39.txt ZHPCleaner-[R]-13022017-18_52_17.txt ZHPCleaner-[S]-01102017-19_19_15.txt ZHPCleaner-[S]-13022017-18_48_08.txt