~ ZHPCleaner v2016.7.21.87 by Nicolas Coolman (2016/07/21) ~ Run by Zao (Administrator) (22/07/2016 18:57:18) ~ Site : http://www.nicolascoolman.com ~ Facebook : https://www.facebook.com/nicolascoolman1 ~ State version : ~ Type : Nettoyer ~ Report : C:\Users\Zao\Desktop\ZHPCleaner.txt ~ Quarantine : C:\Users\Zao\AppData\Roaming\ZHP\ZHPCleaner_Quarantine.txt ~ UAC : Activate ~ Boot Mode : Normal (Normal boot) Windows 8.1, 64-bit (Build 9600) ---\\ Service. (0) ---\\ Navigateur internet. (4) REMPLACÉ IE Params: HKLM64\SOFTWARE\Microsoft\Internet Explorer\MAIN\\Default_Search_URL [http://www.sweet-page.com/web/?type=ds&ts=1409835397&from=cor&uid=ST1000LM024XHN[...]] =>PUP.Optional.SweetPage REMPLACÉ IE Params: HKLM64\SOFTWARE\Microsoft\Internet Explorer\MAIN\\Search Page [http://www.sweet-page.com/web/?type=ds&ts=1409835397&from=cor&uid=ST1000LM024XHN[...]] =>PUP.Optional.SweetPage REMPLACÉ IE Params: HKLM64\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\\Default_Search_URL [http://www.sweet-page.com/web/?type=ds&ts=1409835397&from=cor&uid=ST1000LM024XHN[...]] =>PUP.Optional.SweetPage REMPLACÉ IE Params: HKLM64\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\\Search Page [http://www.sweet-page.com/web/?type=ds&ts=1409835397&from=cor&uid=ST1000LM024XHN[...]] =>PUP.Optional.SweetPage ---\\ Fichier hôte. (1) ~ Le fichier hôte est légitime. (21) ---\\ Tâche planifiée. (2) SUPPRIMÉ tâche: [Digital Sites] [C:\Users\Zao\AppData\Roaming\DIGITA~1\UPDATE~1\UPDATE~1.EXE (Not File) ] =>PUP.Optional.DSite SUPPRIMÉ tâche: [LaunchSignup] [C:\Program Files (x86)\MyPC Backup\Signup Wizard.exe (Not File) ] =>PUP.Optional.MyPCBackup ---\\ Explorateur ( Dossiers, Fichiers ). (13) DEPLACÉ fichier: C:\Windows\System32\drivers\{5eeb83d0-96ea-4249-942c-beead6847053}Gw64.sys [StdLib - StdLib] =>PUP.Optional.LinkiDoo DEPLACÉ fichier: C:\Windows\System32\drivers\{c5e48979-bd7f-4cf7-9b73-2482a67a4f37}Gw64.sys [StdLib - StdLib] =>PUP.Optional.LinkiDoo DEPLACÉ fichier: C:\Windows\Tasks\Digital Sites.job =>PUP.Optional.DSite DEPLACÉ fichier: C:\Windows\Prefetch\CLEARTHINKUNTEMP.EXE-2CD2D733.pf =>PUP.Optional.ClearThink DEPLACÉ fichier: C:\Windows\Prefetch\SIGNUP WIZARD.EXE-9554BD21.pf =>PUP.Optional.MyPCBackup DEPLACÉ fichier: C:\Windows\Prefetch\SMARTERPOWER.PURBROWSE64.EXE-FA8B2C5F.pf =>PUP.Optional.SmarterPower DEPLACÉ fichier: C:\Windows\Prefetch\SMARTERPOWERSETUP318.EXE-57CD2181.pf =>PUP.Optional.SmarterPower DEPLACÉ dossier: C:\Program Files (x86)\SmarterPower =>PUP.Optional.SmarterPower DEPLACÉ dossier: C:\Program Files (x86)\ClearThink =>PUP.Optional.ClearThink DEPLACÉ dossier: C:\Program Files (x86)\MyPC Backup =>PUP.Optional.MyPCBackup DEPLACÉ dossier: C:\ProgramData\IePluginServices =>Trojan.SProtector DEPLACÉ dossier: C:\Users\Zao\AppData\Roaming\DigitalSites =>PUP.Optional.DSite DEPLACÉ dossier: C:\Users\Zao\Documents\PC Speed Maximizer =>.Superfluous.PCSpeedMaximizer ---\\ Base de Registres ( Clés, Valeurs, Données ). (58) SUPPRIMÉ clé: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{A25AC313-DD19-4238-ACA2-401D6BEE4321} [http://astromenda.com/results.php?f=4&q={searchTerms}&a=ast_tele_14_37_ie&cd=2XzuyEtN2Y1L1Qzu0Bzz0E0[...]] [Astromenda] =>PUP.Optional.Astromenda SUPPRIMÉ clé: [X64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} [http://Lasaoren.com/results.php?f=4&q={searchTerms}&a=lrn_ggfc_14_45_ie&cd=2XzuyEtN2Y1L1Qzu0Bzz0E0Ey[...]] [Lasaoren] =>.Superfluous.Lasaoren SUPPRIMÉ clé: [X64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{A25AC313-DD19-4238-ACA2-401D6BEE4321} [http://astromenda.com/results.php?f=4&q={searchTerms}&a=ast_tele_14_37_ie&cd=2XzuyEtN2Y1L1Qzu0Bzz0E0[...]] [Astromenda] =>PUP.Optional.Astromenda SUPPRIMÉ clé: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{A25AC313-DD19-4238-ACA2-401D6BEE4321} [http://astromenda.com/results.php?f=4&q={searchTerms}&a=ast_tele_14_37_ie&cd=2XzuyEtN2Y1L1Qzu0Bzz0E0EyCyD0E0DyE0AyB0FtDyC0F0EtN0D0Tzu0SzyzzzztN1L2XzutAtFtBtFyCtFtCtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StCyB0Ezz0CyC0FzytGtDtA0EtCtG0A0Ezz0BtGzyyEzzzztGyC0C0EtDtB0ByC0EtC0CzzyE2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0DtAtC0DyDtB0F0BtGtCyBzztBtGyEtBzyzztGzz0A0F0EtG0EyDzy0D0CtD0Dzzzz0AyC0F2Q&cr=1891743141&ir=] =>PUP.Optional.Astromenda SUPPRIMÉ clé: [X64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} [http://Lasaoren.com/results.php?f=4&q={searchTerms}&a=lrn_ggfc_14_45_ie&cd=2XzuyEtN2Y1L1Qzu0Bzz0E0EyCyD0E0DyE0AyB0FtDyC0F0EtN0D0Tzu0StCtDtAzztN1L2XzutAtFyCtFtDtFyEtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StCyEyEyC0FyD0BzytG0FtA0C0CtGtC0FyBtBtGzy0B0CtBtGyE0Czz0DtAyByCyBzyyDtByC2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyCyE0BtAtCyEyE0AtGtDyDyC0FtGyE0AtD0DtGzz0CtDzytGyB0B0EzyyD0AyB0AyDyE0CyC2Q&cr=757462174&ir=] =>.Superfluous.Lasaoren SUPPRIMÉ clé: [X64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{A25AC313-DD19-4238-ACA2-401D6BEE4321} [http://astromenda.com/results.php?f=4&q={searchTerms}&a=ast_tele_14_37_ie&cd=2XzuyEtN2Y1L1Qzu0Bzz0E0EyCyD0E0DyE0AyB0FtDyC0F0EtN0D0Tzu0SzyzzzztN1L2XzutAtFtBtFyCtFtCtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StCyB0Ezz0CyC0FzytGtDtA0EtCtG0A0Ezz0BtGzyyEzzzztGyC0C0EtDtB0ByC0EtC0CzzyE2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0DtAtC0DyDtB0F0BtGtCyBzztBtGyEtBzyzztGzz0A0F0EtG0EyDzy0D0CtD0Dzzzz0AyC0F2Q&cr=1891743141&ir=] =>PUP.Optional.Astromenda SUPPRIMÉ clé*: HKCU\SOFTWARE\AppDataLow\ClearThink [] =>PUP.Optional.ClearThink SUPPRIMÉ clé*: HKCU\Software\InstallCore\1I1T1Q1S [] =>Heuristic.InstallCore SUPPRIMÉ clé*: HKCU\Software\InstallCore\Uninstall [] =>Heuristic.InstallCore SUPPRIMÉ clé*: HKLM\SYSTEM\CurrentControlSet\Services\Update EnterDigital [C:\Program Files (x86)\EnterDigital\updateEnterDigital.exe (Not File)] =>PUP.Optional.EnterDigital SUPPRIMÉ clé*: HKLM\SYSTEM\CurrentControlSet\Services\Update SmarterPower [C:\Program Files (x86)\SmarterPower\updateSmarterPower.exe (Not File)] =>PUP.Optional.SmarterPower SUPPRIMÉ clé*: HKLM\SYSTEM\CurrentControlSet\Services\{5eeb83d0-96ea-4249-942c-beead6847053}Gw64 [C:\Windows\System32\drivers\{5eeb83d0-96ea-4249-942c-beead6847053}Gw64.sys (Not File)] =>PUP.Optional.LinkiDoo SUPPRIMÉ clé*: HKLM\SYSTEM\CurrentControlSet\Services\{c5e48979-bd7f-4cf7-9b73-2482a67a4f37}Gw64 [C:\Windows\System32\drivers\{c5e48979-bd7f-4cf7-9b73-2482a67a4f37}Gw64.sys (Not File)] =>PUP.Optional.LinkiDoo SUPPRIMÉ clé*: HKEY_USERS\S-1-5-21-3687233788-4204192951-983665255-1001\SOFTWARE\DSiteproducts [] =>PUP.Optional.DSite SUPPRIMÉ clé*: HKEY_USERS\S-1-5-21-3687233788-4204192951-983665255-1001\SOFTWARE\InstallCore [] =>Adware.InstallCore SUPPRIMÉ clé*: HKEY_USERS\S-1-5-21-3687233788-4204192951-983665255-1001\SOFTWARE\SupHpUISoft [] =>PUP.Optional.CrossRider SUPPRIMÉ clé*: HKEY_USERS\S-1-5-21-3687233788-4204192951-983665255-1001\SOFTWARE\Vittalia [] =>PUP.Optional.Vittalia SUPPRIMÉ clé: HKCU\Software\DSiteproducts [] =>PUP.Optional.DSite SUPPRIMÉ clé: HKCU\Software\InstallCore [] =>Adware.InstallCore SUPPRIMÉ clé: HKCU\Software\SupHpUISoft [] =>PUP.Optional.CrossRider SUPPRIMÉ clé: HKCU\Software\Vittalia [] =>PUP.Optional.Vittalia SUPPRIMÉ clé*: HKCU\Software\TeleCharger [] =>.Superfluous.Downloader SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\protector_dll.protectorbho [Google Toolbar Notifier BHO] =>PUP.Optional.BProtector SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1 [Google Toolbar Notifier BHO] =>PUP.Optional.BProtector SUPPRIMÉ clé*: HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\IePluginServices [] =>PUP.Optional.IePluginService SUPPRIMÉ clé*: HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Update EnterDigital [] =>PUP.Optional.EnterDigital SUPPRIMÉ clé*: HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Update SmarterPower [] =>PUP.Optional.SmarterPower SUPPRIMÉ clé*: HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect [] =>PUP.Optional.WpManager SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Microsoft\Tracing\BackupStack_RASAPI32 [] =>PUP.Optional.MyPCBackup SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Microsoft\Tracing\BackupStack_RASMANCS [] =>PUP.Optional.MyPCBackup SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\supTab [] =>PUP.Optional.SupTab SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\supWindowsMangerProtect [] =>PUP.Optional.WpManager SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\supWPM [] =>PUP.Optional.WpManager SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\sweet-pageSoftware [] =>PUP.Optional.SweetPage SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} [Google Inc.] =>Heuristic.Suspect SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\ClearThinkUntemp_RASAPI32 [] =>PUP.Optional.ClearThink SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\ClearThinkUntemp_RASMANCS [] =>PUP.Optional.ClearThink SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\ClearThink_RASAPI32 [] =>PUP.Optional.ClearThink SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\ClearThink_RASMANCS [] =>PUP.Optional.ClearThink SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\EnterDigital_RASAPI32 [] =>PUP.Optional.EnterDigital SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\EnterDigital_RASMANCS [] =>PUP.Optional.EnterDigital SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SmarterPower_RASAPI32 [] =>PUP.Optional.SmarterPower SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SmarterPower_RASMANCS [] =>PUP.Optional.SmarterPower SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\updateClearThink_RASAPI32 [] =>PUP.Optional.ClearThink SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\updateClearThink_RASMANCS [] =>PUP.Optional.ClearThink SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\updateEnterDigital_RASAPI32 [] =>PUP.Optional.EnterDigital SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\updateEnterDigital_RASMANCS [] =>PUP.Optional.EnterDigital SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\updateSmarterPower_RASAPI32 [] =>PUP.Optional.SmarterPower SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\updateSmarterPower_RASMANCS [] =>PUP.Optional.SmarterPower SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utilClearThink_RASAPI32 [] =>PUP.Optional.ClearThink SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utilClearThink_RASMANCS [] =>PUP.Optional.ClearThink SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utilSmarterPower_RASAPI32 [] =>PUP.Optional.SmarterPower SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utilSmarterPower_RASMANCS [] =>PUP.Optional.SmarterPower SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52} [Manager Class] =>Adware.Sambreel SUPPRIMÉ clé: [X64] HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}\InprocServer32 [C:\Program Files (x86)\ClearThink\bin\{c5e48979-bd7f-4cf7-9b73-2482a67a4f37}64.dll (Not File)] =>Adware.Sambreel SUPPRIMÉ valeur: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\StartupFolder\\MyPC Backup.lnk [0x020000000000000000000000] =>PUP.Optional.MyPCBackup SUPPRIMÉ valeur: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\TCP Query User{215ADEBE-B29D-4160-A05C-70EB806D7282}C:\users\michel\appdata\roaming\cacaoweb\cacaoweb.exe [C:\users\michel\appdata\roaming\cacaoweb\cacaoweb.exe] =>.Superfluous.CacaoWeb SUPPRIMÉ valeur: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\UDP Query User{3C5C847B-304C-44AA-BA1C-26C6263D5E62}C:\users\michel\appdata\roaming\cacaoweb\cacaoweb.exe [C:\users\michel\appdata\roaming\cacaoweb\cacaoweb.exe] =>.Superfluous.CacaoWeb ---\\ Récapitulatif des éléments trouvés sur votre station. (23) http://www.nicolascoolman.fr/?p=596 =>PUP.Optional.SweetPage http://www.nicolascoolman.fr/?p=245 =>PUP.Optional.DSite http://www.nicolascoolman.fr/?p=316 =>PUP.Optional.MyPCBackup http://www.nicolascoolman.fr/?p=62 =>PUP.Optional.LinkiDoo http://www.nicolascoolman.fr/pup-clearthink/ =>PUP.Optional.ClearThink http://www.nicolascoolman.fr/pup-smarterpower/ =>PUP.Optional.SmarterPower http://www.nicolascoolman.fr/?p=187 =>Trojan.SProtector http://www.nicolascoolman.fr/?p=378 =>.Superfluous.PCSpeedMaximizer http://www.nicolascoolman.fr/pup-astromenda/ =>PUP.Optional.Astromenda https://www.nicolascoolman.info/2016/06/17/superfluous-lasaoren/ =>.Superfluous.Lasaoren http://www.nicolascoolman.fr/?p=4664 =>Heuristic.InstallCore http://www.nicolascoolman.fr/pup-enterdigital/ =>PUP.Optional.EnterDigital https://www.nicolascoolman.info/2016/04/22/adware-installcore/ =>Adware.InstallCore https://www.nicolascoolman.info/2016/04/30/pup-optional-crossrider/ =>PUP.Optional.CrossRider http://www.nicolascoolman.fr/?p=1308 =>PUP.Optional.Vittalia http://www.nicolascoolman.fr/?p=5145 =>.Superfluous.Downloader https://www.nicolascoolman.info/2016/04/30/pup-optional-bprotector/ =>PUP.Optional.BProtector http://www.nicolascoolman.fr/?p=4664 =>PUP.Optional.IePluginService https://www.nicolascoolman.info/2016/06/18/superfluous-wpmanager/ =>PUP.Optional.WpManager http://www.nicolascoolman.fr/?p=297 =>PUP.Optional.SupTab https://www.nicolascoolman.info/2016/04/22/heuristic-suspect/ =>Heuristic.Suspect http://www.nicolascoolman.fr/pup-optional-sambreel/ =>Adware.Sambreel https://www.nicolascoolman.info/2016/04/30/superfluous-cacaoweb/ =>.Superfluous.CacaoWeb ---\\ Nettoyage Additionnel. (15) ~ Suppression des Clés de registre Tracing. (15) ~ Suppression des anciens rapports ZHPCleaner. (0) ---\\ Bilan de la réparation ~ Réparation réalisée avec succès. ~ Ce navigateur est absent (Mozilla Firefox) ~ Ce navigateur est absent (Opera Software) ---\\ Statistiques ~ Items scannés : 252 ~ Items trouvés : 0 ~ Items annulés : 0 ~ Items réparés : 79 ~ End of clean in 00h01mn19s ~==================== ZHPCleaner-[R]-22072016-18_58_37.txt ZHPCleaner-[S]-22072016-18_50_00.txt