~ ZHPCleaner v2016.4.5.50 by Nicolas Coolman (2016/04/05) ~ Run by Alban (Administrator) (07/04/2016 18:30:06) ~ Site : http://www.nicolascoolman.com ~ Facebook : https://www.facebook.com/nicolascoolman1 ~ State version : Version OK ~ Type : Nettoyer ~ Report : C:\Users\Alban.Attilio-ATAVO.001\Desktop\ZHPCleaner.txt ~ Quarantine : C:\Users\Alban.Attilio-ATAVO.001\AppData\Roaming\ZHP\ZHPCleaner_Quarantine.txt ~ UAC : Activate ~ Boot Mode : Normal (Normal boot) Windows 7 Home Premium, 64-bit Service Pack 1 (Build 7601) ---\\ Service. (0) ~ Aucun élément malicieux ou superflu trouvé. ---\\ Navigateur internet. (0) ~ Aucun élément malicieux ou superflu trouvé. ---\\ Fichier hôte. (1) ~ Le fichier hôte est légitime. (18) ---\\ Tâche planifiée. (0) ~ Aucun élément malicieux ou superflu trouvé. ---\\ Explorateur ( Dossiers, Fichiers ). (58) DEPLACÉ fichier: C:\ProgramData\InstallMate\{D354F340-2B1C-4124-A3CF-633E08B7D1B6}\Setup.exe [Tarma Software Research Pty Ltd - InstallMate® Setup] =>.Superfluous.Tarma DEPLACÉ fichier: C:\ProgramData\InstallMate\{D354F340-2B1C-4124-A3CF-633E08B7D1B6}\TsuDll.dll [Tarma Software Research Pty Ltd - InstallMate® Setup Library] =>.Superfluous.Tarma DEPLACÉ fichier^: C:\ProgramData\InstallMate\{ADCF6D06-CB5F-46B9-9B58-40E1EBA1809B}\Setup.exe [Tarma Software Research Pty Ltd - InstallMate® Setup] =>.Superfluous.Tarma DEPLACÉ fichier^: C:\ProgramData\InstallMate\{ADCF6D06-CB5F-46B9-9B58-40E1EBA1809B}\TsuDll.dll [Tarma Software Research Pty Ltd - InstallMate® Setup Library] =>.Superfluous.Tarma DEPLACÉ fichier: C:\Users\Alban.Attilio-ATAVO.001\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_d16fk4ms6rqz1v.cloudfront.net_0.localstorage =>.Superfluous.CloudfrontNet DEPLACÉ fichier: C:\Users\Alban.Attilio-ATAVO.001\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_d16fk4ms6rqz1v.cloudfront.net_0.localstorage-journal =>.Superfluous.CloudfrontNet DEPLACÉ fichier: C:\Users\Alban.Attilio-ATAVO.001\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_d22j4fzzszoii2.cloudfront.net_0.localstorage =>.Superfluous.CloudfrontNet DEPLACÉ fichier: C:\Users\Alban.Attilio-ATAVO.001\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_d22j4fzzszoii2.cloudfront.net_0.localstorage-journal =>.Superfluous.CloudfrontNet DEPLACÉ fichier: C:\Users\Alban.Attilio-ATAVO.001\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_dsms0mj1bbhn4.cloudfront.net_0.localstorage =>.Superfluous.CloudfrontNet DEPLACÉ fichier: C:\Users\Alban.Attilio-ATAVO.001\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_dsms0mj1bbhn4.cloudfront.net_0.localstorage-journal =>.Superfluous.CloudfrontNet DEPLACÉ fichier: C:\Users\Alban.Attilio-ATAVO.001\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.audienceinsights.net_0.localstorage =>.Superfluous.AudienceInsights DEPLACÉ fichier: C:\Users\Alban.Attilio-ATAVO.001\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.audienceinsights.net_0.localstorage-journal =>.Superfluous.AudienceInsights DEPLACÉ fichier: C:\Documents and Settings\Attilio\Downloads\cacaoweb (1).exe =>.Superfluous.CacaoWeb DEPLACÉ fichier: C:\Documents and Settings\Attilio\Downloads\cacaoweb (2).exe =>.Superfluous.CacaoWeb DEPLACÉ fichier: C:\Documents and Settings\Attilio\Downloads\cacaoweb (3).exe =>.Superfluous.CacaoWeb DEPLACÉ fichier: C:\Documents and Settings\Attilio\Downloads\cacaoweb.exe =>.Superfluous.CacaoWeb DEPLACÉ fichier: C:\Documents and Settings\Attilio\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\https_d22j4fzzszoii2.cloudfront.net_0.localstorage =>.Superfluous.CloudfrontNet DEPLACÉ fichier: C:\Documents and Settings\Attilio\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\https_d22j4fzzszoii2.cloudfront.net_0.localstorage-journal =>.Superfluous.CloudfrontNet DEPLACÉ fichier: C:\Documents and Settings\MP\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\https_www.superfish.com_0.localstorage =>.Superfluous.Superfish DEPLACÉ fichier: C:\Documents and Settings\MP\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\https_www.superfish.com_0.localstorage-journal =>.Superfluous.Superfish DEPLACÉ fichier: C:\Documents and Settings\MP\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage =>.Superfluous.Superfish DEPLACÉ fichier: C:\Documents and Settings\MP\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage-journal =>.Superfluous.Superfish DEPLACÉ fichier: C:\Documents and Settings\Solène\Downloads\cacaoweb.exe =>.Superfluous.CacaoWeb DEPLACÉ fichier: C:\Documents and Settings\Solène\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\http_static.audienceinsights.net_0.localstorage =>.Superfluous.AudienceInsights DEPLACÉ fichier: C:\Documents and Settings\Solène\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\http_static.audienceinsights.net_0.localstorage-journal =>.Superfluous.AudienceInsights DEPLACÉ fichier: C:\Documents and Settings\Solène\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage =>.Superfluous.Superfish DEPLACÉ fichier: C:\Documents and Settings\Solène\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage-journal =>.Superfluous.Superfish DEPLACÉ dossier: C:\Users\Alban.Attilio-ATAVO.001\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake =>Hijacker.Browser [https://epicunitscan.info/00service/update2/crx] DEPLACÉ dossier: C:\Users\Alban.Attilio-ATAVO.001\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf =>Hijacker.Browser [https://epicunitscan.info/00service/update2/crx] DEPLACÉ dossier: C:\Users\Alban.Attilio-ATAVO.001\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg =>Hijacker.Browser [https://epicunitscan.info/00service/update2/crx] DEPLACÉ dossier: C:\Users\Alban.Attilio-ATAVO.001\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda =>Hijacker.Browser [https://epicunitscan.info/00service/update2/crx] DEPLACÉ dossier: C:\ProgramData\2427F9FE9F0D3ABA00002427D5DC4031 =>Adware.Suspect DEPLACÉ dossier: C:\ProgramData\465D6120D4503ABA0024465D3CFE7574 =>Adware.Suspect DEPLACÉ dossier: C:\ProgramData\InstallMate =>.Superfluous.Tarma DEPLACÉ dossier: C:\Users\Alban\AppData\Roaming\WhiteSmokeTranslator =>PUP.Optional.WhiteSmoke DEPLACÉ dossier: C:\Users\Alban\AppData\LocalLow\Softonic_France_FF =>.Superfluous.Softonic DEPLACÉ dossier: C:\Users\Attilio\AppData\Roaming\WhiteSmokeTranslator =>PUP.Optional.WhiteSmoke DEPLACÉ dossier: C:\Users\MP\AppData\Roaming\WhiteSmokeTranslator =>PUP.Optional.WhiteSmoke DEPLACÉ dossier: C:\Users\MP\AppData\LocalLow\Softonic_France_FF =>.Superfluous.Softonic DEPLACÉ dossier: C:\Users\Solène\AppData\Roaming\WhiteSmokeTranslator =>PUP.Optional.WhiteSmoke DEPLACÉ dossier: C:\Users\Solène\AppData\LocalLow\Softonic_France_FF =>.Superfluous.Softonic DEPLACÉ dossier: C:\Users\Alban.Attilio-ATAVO.001\AppData\Local\{073FBA09-A458-4752-B980-143050B6762F} =>Empty DEPLACÉ dossier: C:\Users\Alban.Attilio-ATAVO.001\AppData\Local\{32F19BA4-DDF3-45A4-BBAB-FE38DDF01527} =>Empty DEPLACÉ dossier: C:\Users\Alban.Attilio-ATAVO.001\AppData\Local\{3342E6D3-E5C5-461C-99B9-7DF7E14D4570} =>Empty DEPLACÉ dossier: C:\Users\Alban.Attilio-ATAVO.001\AppData\Local\{495D3ED9-5D72-423F-9922-7A8B0C310871} =>Empty DEPLACÉ dossier: C:\Users\Alban.Attilio-ATAVO.001\AppData\Local\{6197EF06-1006-4421-805C-97CBBCFC3EB1} =>Empty DEPLACÉ dossier: C:\Users\Alban.Attilio-ATAVO.001\AppData\Local\{6D902E55-FA43-469B-A1FD-4AF6EED41557} =>Empty DEPLACÉ dossier: C:\Users\Alban.Attilio-ATAVO.001\AppData\Local\{7BE2009E-0876-4526-93CA-30C6845B8A7E} =>Empty DEPLACÉ dossier: C:\Users\Alban.Attilio-ATAVO.001\AppData\Local\{993600E3-4DDF-43C8-9F29-3F7842B8A55B} =>Empty DEPLACÉ dossier: C:\Users\Alban.Attilio-ATAVO.001\AppData\Local\{A4253F1D-90C2-4D89-9A03-E4FFE0AEC5D3} =>Empty DEPLACÉ dossier: C:\Users\Alban.Attilio-ATAVO.001\AppData\Local\{BC9729C8-9DE3-405F-8B79-524E72DC89C0} =>Empty DEPLACÉ dossier: C:\Users\Alban.Attilio-ATAVO.001\AppData\Local\{C63B5029-9C42-4A08-8F32-40113545211F} =>Empty DEPLACÉ dossier: C:\Users\Alban.Attilio-ATAVO.001\AppData\Local\{E729E48F-C410-4A97-A094-EF3ECBC60144} =>Empty DEPLACÉ dossier: C:\Windows\Installer\MSI3632.tmp- =>Empty DEPLACÉ dossier: C:\Windows\Installer\MSI36C8.tmp- =>Empty DEPLACÉ dossier: C:\Windows\Installer\MSI38D9.tmp- =>Empty DEPLACÉ dossier: C:\Windows\Installer\MSI535A.tmp- =>Empty DEPLACÉ dossier: C:\Windows\Installer\MSI6B18.tmp- =>Empty ---\\ Base de Registres ( Clés, Valeurs, Données ). (21) SUPPRIMÉ clé*: HKEY_USERS\.DEFAULT\Software\AppDataLow\Software\Plus-HD-1.7 [] =>PUP.Optional.CrossRider SUPPRIMÉ clé*: HKLM\SOFTWARE\Wow6432Node\Policies\Google\Update [] =>PUM.Security.Hijack SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\P7e7581a3_8321_4e0d_ac37_91f59fd20fa1_.P7e7581a3_8321_4e0d_ac37_91f59fd20fa1_ [SalePlus] =>PUP.Optional.Multiplug SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\P7e7581a3_8321_4e0d_ac37_91f59fd20fa1_.P7e7581a3_8321_4e0d_ac37_91f59fd20fa1_.9 [SalePlus] =>PUP.Optional.Multiplug SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\Pba753bde_0f50_42a8_ac5c_d2303f8638d3_.Pba753bde_0f50_42a8_ac5c_d2303f8638d3_ [bestadblocker] =>PUP.Optional.BestADBlocker SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\Pba753bde_0f50_42a8_ac5c_d2303f8638d3_.Pba753bde_0f50_42a8_ac5c_d2303f8638d3_.9 [bestadblocker] =>PUP.Optional.BestADBlocker SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\SoftwareUpdate.OnDemandCOMClassSvc [Google Update Legacy On Demand] =>PUP.Optional.Boxore SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\SoftwareUpdate.OnDemandCOMClassSvc.1.0 [Google Update Legacy On Demand] =>PUP.Optional.Boxore SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\SoftwareUpdate.Update3WebSvc [SoftwareUpdate Update3Web] =>PUP.Optional.Boxore SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\SoftwareUpdate.Update3WebSvc.1.0 [SoftwareUpdate Update3Web] =>PUP.Optional.Boxore SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\TorntvDownloader [] =>PUP.Optional.TornTV SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\CLSID\{7e7581a3-8321-4e0d-ac37-91f59fd20fa1} [SalePlus] =>PUP.Optional.SalePlus SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\CLSID\{ba753bde-0f50-42a8-ac5c-d2303f8638d3} [bestadblocker] =>PUP.Optional.BestADBlocker SUPPRIMÉ clé*: [X64] HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\sysTPLService [] =>.Superfluous.sysTPL SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\KeyFinder_is1 [Magical Jelly Bean] =>.Superfluous.KeyFinder SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{18BEEA50-526B-486A-A66A-BF0AB729E4CD} [Secure Digital Services] =>PUP.Optional.SPointer SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\de1afdda-1cae-4ff9-adeb-6343983eacfb [C:\Program Files (x86)\Softonic_France_FF (Not File)] =>.Superfluous.Softonic SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A1D64419-47BA-4706-AB32-87054C353029} [C:\PROGRA~2\SEARCH~1\Datamngr\ToolBar (Not File)] =>PUP.Optional.Datamngr SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B0E4285B-82A6-48C6-B667-A0077143EE45} [C:\PROGRA~2\SEARCH~1\Datamngr\ToolBar (Not File)] =>PUP.Optional.Datamngr SUPPRIMÉ clé: [X64] HKLM\SOFTWARE\Classes\CLSID\{7e7581a3-8321-4e0d-ac37-91f59fd20fa1}\InprocServer32 [] =>PUP.Optional.Multiplug SUPPRIMÉ clé: [X64] HKLM\SOFTWARE\Classes\CLSID\{ba753bde-0f50-42a8-ac5c-d2303f8638d3}\InprocServer32 [] =>PUP.Optional.BestADBlocker ---\\ Récapitulatif des éléments trouvés sur votre station. (20) http://www.nicolascoolman.fr/?p=259 =>.Superfluous.Tarma http://www.nicolascoolman.fr/?p=5145 =>.Superfluous.CloudfrontNet http://www.nicolascoolman.fr/?p=5145 =>.Superfluous.AudienceInsights http://www.nicolascoolman.fr/?p=338 =>.Superfluous.CacaoWeb http://www.nicolascoolman.fr/?p=5145 =>.Superfluous.Superfish http://www.nicolascoolman.fr/?p=4664 =>Hijacker.Browser [https://epicunitscan.info/00service/update2/crx] http://www.nicolascoolman.fr/?p=4664 =>Adware.Suspect http://www.nicolascoolman.fr/?p=318 =>PUP.Optional.WhiteSmoke http://www.nicolascoolman.fr/?p=5145 =>.Superfluous.Softonic http://www.nicolascoolman.fr/?p=180 =>PUP.Optional.CrossRider http://www.nicolascoolman.fr/?p=4664 =>PUM.Security.Hijack http://www.nicolascoolman.fr/?p=1402 =>PUP.Optional.Multiplug http://www.nicolascoolman.fr/?p=4664 =>PUP.Optional.BestADBlocker http://www.nicolascoolman.fr/?p=90 =>PUP.Optional.Boxore http://www.nicolascoolman.fr/?p=290 =>PUP.Optional.TornTV http://www.nicolascoolman.fr/?p=4664 =>PUP.Optional.SalePlus http://www.nicolascoolman.fr/?p=5145 =>.Superfluous.sysTPL http://www.nicolascoolman.fr/?p=5145 =>.Superfluous.KeyFinder http://www.nicolascoolman.fr/?p=205 =>PUP.Optional.SPointer http://www.nicolascoolman.fr/?p=270 =>PUP.Optional.Datamngr ---\\ Nettoyage Additionnel. (3) ~ Suppression des Clés de registre Tracing. (3) ~ Suppression des anciens rapports ZHPCleaner. (0) ---\\ Bilan de la réparation ~ Réparation réalisée avec succès. ~ Ce navigateur est absent (Mozilla Firefox) ~ Ce navigateur est absent (Opera Software) ~ Le système a été redémarré. ---\\ Statistiques ~ Items scannés : 265 ~ Items trouvés : 0 ~ Items annulés : 0 ~ Items réparés : 79 ~ End of clean in 00h00mn57s =================== ZHPCleaner-[R]-07042016-18_31_03.txt ZHPCleaner-[S]-07042016-18_29_27.txt