~ ZHPCleaner v2017.6.15.99 by Nicolas Coolman (2017/06/15) ~ Run by thibault (Administrator) (16/06/2017 19:15:53) ~ Web: https://www.nicolascoolman.com ~ Blog: https://nicolascoolman.eu/ ~ Facebook : https://www.facebook.com/nicolascoolman1 ~ State version : Version KO ~ Certificate: Legal ~ Type : Nettoyer ~ Report : C:\Users\thibault\Desktop\ZHPCleaner.txt ~ Quarantine : C:\Users\thibault\AppData\Roaming\ZHP\ZHPCleaner_Reg.txt ~ UAC : Activate ~ Boot Mode : Normal (Normal boot) Windows 10 Home, 64-bit (Build 15063) ---\\ Service. (1) ARRETÉ : MustangService_2015_10_10 =>.Superfluous.MustangBrowser ---\\ Navigateur internet. (5) REMPLACÉ IE Params: HKLM64\SOFTWARE\Microsoft\Internet Explorer\MAIN\\Default_Page_URL [http://www.istartsurf.com/?type=hp&ts=1442474568&z=c41fd8028e9c4f43236f171e2964f[...]] =>PUP.Optional.IsStart REMPLACÉ IE Params: HKLM64\SOFTWARE\Microsoft\Internet Explorer\MAIN\\Default_Search_URL [http://www.istartsurf.com/web/?type=ds&ts=1442474568&z=c41fd8028e9c4f43236f171e2[...]] =>PUP.Optional.IsStart REMPLACÉ IE Params: HKLM64\SOFTWARE\Microsoft\Internet Explorer\MAIN\\Search Page [http://www.istartsurf.com/web/?type=ds&ts=1442474568&z=c41fd8028e9c4f43236f171e2[...]] =>PUP.Optional.IsStart SUPPRIMÉ donnée: HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings [Bad : Port=50073 <-Loopback>] =>Hijacker.Proxy SUPPRIMÉ donnée: HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings [Bad : Port=50073 <-Loopback>] =>Hijacker.Proxy ---\\ Fichier hôte. (1) ~ Le fichier hôte est légitime. (60) ---\\ Tâche planifiée. (0) ~ Aucun élément malicieux ou superflu trouvé. ---\\ Explorateur ( Dossiers, Fichiers ). (82) DEPLACÉ fichier: C:\ProgramData\TempMoudleSet\MustangSer1042.exe [MustangService - ] =>.Superfluous.MustangBrowser DEPLACÉ fichier: C:\ProgramData\JAUpWW\puleVI.exe [Irrational Number Applications - WebShield Service] =>PUP.Optional.WebShield DEPLACÉ fichier: C:\END =>.Superfluous.Conduit DEPLACÉ fichier: C:\Windows\Prefetch\PERFORMANCEOPTIMIZER.EXE-0D5E8F18.pf =>Adware.BProtector DEPLACÉ fichier: C:\Windows\Installer\wix{3DE97849-544D-4D68-9255-11DF6F9F10D8}.SchedServiceConfig.rmi =>.Superfluous.Empty DEPLACÉ fichier: C:\Windows\Installer\MSI19AB.tmp =>.Superfluous.MSIInstaller DEPLACÉ fichier: C:\Windows\Installer\MSI96AE.tmp =>.Superfluous.MSIInstaller DEPLACÉ fichier: C:\Windows\Installer\MSIFFB7.tmp [TODO: <公司名> - IFilter] =>.Superfluous.MSIInstaller DEPLACÉ fichier: C:\ProgramData\JAUpWW\dat\HFgbknFsZ.exe [Irrational Number Applications - WebShield] =>PUP.Optional.WebShield DEPLACÉ fichier: C:\ProgramData\JAUpWW\dat\otEflgPkUb.exe [Irrational Number Applications - WebShield] =>PUP.Optional.WebShield DEPLACÉ fichier: C:\Users\thibault\AppData\Local\Temp\CFG8F39.tmp =>.Superfluous.Temporary.Empty DEPLACÉ fichier^: C:\Users\thibault\AppData\Local\Temp\ClamWin1.log =>.Superfluous.Temporary.Empty DEPLACÉ fichier: C:\Users\thibault\AppData\Local\Temp\ClamWin2.log =>.Superfluous.Temporary.Empty DEPLACÉ fichier: C:\Users\thibault\AppData\Local\Temp\ClamWin3.log =>.Superfluous.Temporary.Empty DEPLACÉ fichier: C:\Users\thibault\AppData\Local\Temp\ClamWin4.log =>.Superfluous.Temporary.Empty DEPLACÉ fichier: C:\Users\thibault\AppData\Local\Temp\ClamWin_CheckVer_Info =>.Superfluous.Temporary.Empty DEPLACÉ fichier: C:\Users\thibault\AppData\Local\Temp\ClamWin_CheckVer_Time =>.Superfluous.Temporary.Empty DEPLACÉ fichier: C:\Users\thibault\AppData\Local\Temp\foxD716.tmp =>.Superfluous.Temporary.Empty DEPLACÉ fichier: C:\Users\thibault\AppData\Local\Temp\Linda P.bmp =>.Superfluous.Temporary.Empty DEPLACÉ fichier: C:\Users\thibault\AppData\Local\Temp\Pokki-2017-06-16.log =>.Superfluous.Temporary.Empty DEPLACÉ fichier: C:\Users\thibault\AppData\Local\Temp\sa.9NBLGGH1ZRPV_0_0010_.Public.InstallAgent.dat =>.Superfluous.Temporary.Empty DEPLACÉ fichier: C:\Users\thibault\AppData\Local\Temp\sa.9NBLGGH33ZDV_0_0010_.Public.InstallAgent.dat =>.Superfluous.Temporary.Empty DEPLACÉ fichier: C:\Users\thibault\AppData\Local\Temp\sa.9WZDNCRCWFTB_0_0010_.Public.InstallAgent.dat =>.Superfluous.Temporary.Empty DEPLACÉ fichier: C:\Users\thibault\AppData\Local\Temp\sa.9WZDNCRCWFTB_0__.Public.InstallAgent.dat =>.Superfluous.Temporary.Empty DEPLACÉ fichier: C:\Users\thibault\AppData\Local\Temp\sa.9WZDNCRDMPT6_0_0010_.Public.InstallAgent.dat =>.Superfluous.Temporary.Empty DEPLACÉ fichier: C:\Users\thibault\AppData\Local\Temp\sa.9WZDNCRDMPT6_0__.Public.InstallAgent.dat =>.Superfluous.Temporary.Empty DEPLACÉ fichier: C:\Users\thibault\AppData\Local\Temp\sa.9WZDNCRFJ140_0_0010_.Public.InstallAgent.dat =>.Superfluous.Temporary.Empty DEPLACÉ fichier: C:\Users\thibault\AppData\Local\Temp\sa.9WZDNCRFJ140_0__.Public.InstallAgent.dat =>.Superfluous.Temporary.Empty DEPLACÉ fichier: C:\Users\thibault\AppData\Local\Temp\thibault.bmp =>.Superfluous.Temporary.Empty DEPLACÉ fichier: C:\Users\thibault\AppData\Local\Temp\wmsetup.log =>.Superfluous.Temporary.Empty DEPLACÉ fichier: C:\Users\thibault\AppData\Local\Temp\you794E.tmp =>.Superfluous.Temporary.Empty DEPLACÉ fichier: C:\Users\thibault\AppData\Local\Temp\_iu14D2N.tmp [ - Setup/Uninstall] =>.Superfluous.Temporary.Empty DEPLACÉ dossier: C:\Program Files (x86)\CinemaPlus-4.2vV25.08 =>Adware.CrossRider DEPLACÉ dossier: C:\Program Files (x86)\MaxDrivrUpdater =>.Superfluous.MaxDriverUpdater DEPLACÉ dossier: C:\Program Files (x86)\MaxDrivrUpdater_v62.2282 =>.Superfluous.MaxDriverUpdater DEPLACÉ dossier: C:\Program Files (x86)\ODBCMAES =>.Superfluous.Empty DEPLACÉ dossier: C:\WebShield =>PUP.Optional.WebShield DEPLACÉ dossier: C:\Program Files (x86)\Common Files\Uninstall Files =>PUP.Optional.UniSales DEPLACÉ dossier: C:\ProgramData\Browser =>.Superfluous.SpeedBrowser DEPLACÉ dossier: C:\ProgramData\Pokki =>.Superfluous.SweetLabs DEPLACÉ dossier: C:\ProgramData\WebShield =>PUP.Optional.WebShield DEPLACÉ dossier: C:\ProgramData\TempMoudleSet =>.Superfluous.MustangBrowser DEPLACÉ dossier: C:\Users\thibault\AppData\Roaming\csdimedia =>.Superfluous.CSDI DEPLACÉ dossier: C:\Users\thibault\AppData\Local\Pokki =>.Superfluous.SweetLabs DEPLACÉ dossier: C:\Users\thibault\AppData\Local\Temp\MAXDriverUpdater =>.Superfluous.MaxDriverUpdater DEPLACÉ dossier: C:\Users\Default\AppData\Local\Pokki =>.Superfluous.SweetLabs DEPLACÉ dossier: C:\Users\Default User\AppData\Local\Pokki =>.Superfluous.SweetLabs DEPLACÉ dossier: C:\WINDOWS\Installer\MSI2287.tmp- =>.Superfluous.Empty DEPLACÉ dossier: C:\WINDOWS\Installer\MSI23B6.tmp- =>.Superfluous.Empty DEPLACÉ dossier: C:\WINDOWS\Installer\MSI245D.tmp- =>.Superfluous.Empty DEPLACÉ dossier: C:\WINDOWS\Installer\MSI265B.tmp- =>.Superfluous.Empty DEPLACÉ dossier: C:\WINDOWS\Installer\MSI26FF.tmp- =>.Superfluous.Empty DEPLACÉ dossier: C:\WINDOWS\Installer\MSI39B4.tmp- =>.Superfluous.Empty DEPLACÉ dossier: C:\WINDOWS\Installer\MSI3E95.tmp- =>.Superfluous.Empty DEPLACÉ dossier: C:\WINDOWS\Installer\MSI4262.tmp- =>.Superfluous.Empty DEPLACÉ dossier: C:\WINDOWS\Installer\MSI47D6.tmp- =>.Superfluous.Empty DEPLACÉ dossier: C:\WINDOWS\Installer\MSI56E1.tmp- =>.Superfluous.Empty DEPLACÉ dossier: C:\WINDOWS\Installer\MSI5EF4.tmp- =>.Superfluous.Empty DEPLACÉ dossier: C:\WINDOWS\Installer\MSI6C5C.tmp- =>.Superfluous.Empty DEPLACÉ dossier: C:\WINDOWS\Installer\MSI79DD.tmp- =>.Superfluous.Empty DEPLACÉ dossier: C:\WINDOWS\Installer\MSI7C18.tmp- =>.Superfluous.Empty DEPLACÉ dossier: C:\WINDOWS\Installer\MSI8959.tmp- =>.Superfluous.Empty DEPLACÉ dossier: C:\WINDOWS\Installer\MSI8988.tmp- =>.Superfluous.Empty DEPLACÉ dossier: C:\WINDOWS\Installer\MSI8F0A.tmp- =>.Superfluous.Empty DEPLACÉ dossier: C:\WINDOWS\Installer\MSIA20.tmp- =>.Superfluous.Empty DEPLACÉ dossier: C:\WINDOWS\Installer\MSIA254.tmp- =>.Superfluous.Empty DEPLACÉ dossier: C:\WINDOWS\Installer\MSIAAB.tmp- =>.Superfluous.Empty DEPLACÉ dossier: C:\WINDOWS\Installer\MSIAF34.tmp- =>.Superfluous.Empty DEPLACÉ dossier: C:\WINDOWS\Installer\MSIB0DE.tmp- =>.Superfluous.Empty DEPLACÉ dossier: C:\WINDOWS\Installer\MSIBE98.tmp- =>.Superfluous.Empty DEPLACÉ dossier: C:\WINDOWS\Installer\MSIC254.tmp- =>.Superfluous.Empty DEPLACÉ dossier: C:\WINDOWS\Installer\MSIC47.tmp- =>.Superfluous.Empty DEPLACÉ dossier: C:\WINDOWS\Installer\MSICADD.tmp- =>.Superfluous.Empty DEPLACÉ dossier: C:\WINDOWS\Installer\MSID0A9.tmp- =>.Superfluous.Empty DEPLACÉ dossier: C:\WINDOWS\Installer\MSIDFE4.tmp- =>.Superfluous.Empty DEPLACÉ dossier: C:\WINDOWS\Installer\MSIE4F4.tmp- =>.Superfluous.Empty DEPLACÉ dossier: C:\WINDOWS\Installer\MSIEF49.tmp- =>.Superfluous.Empty DEPLACÉ dossier: C:\WINDOWS\Installer\MSIF227.tmp- =>.Superfluous.Empty DEPLACÉ dossier: C:\WINDOWS\Installer\MSIF402.tmp- =>.Superfluous.Empty DEPLACÉ dossier: C:\WINDOWS\Installer\MSIFA88.tmp- =>.Superfluous.Empty DEPLACÉ dossier: C:\WINDOWS\Installer\MSIFD9.tmp- =>.Superfluous.Empty DEPLACÉ dossier: C:\WINDOWS\Installer\MSIFFB6.tmp- =>.Superfluous.Empty ---\\ Base de Registres ( Clés, Valeurs, Données ). (33) SUPPRIMÉ clé: [X64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} [http://www.istartsurf.com/web/?type=ds&ts=1442474568&z=c41fd8028e9c4f43236f171e2964f5c1gzzozmzwqb&fr[...]] [istartsurf] =>PUP.Optional.IsStart SUPPRIMÉ clé: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} [http://www.istartsurf.com/web/?type=ds&ts=1442474568&z=c41fd8028e9c4f43236f171e2964f5c1gzzozmzwqb&fr[...]] [istartsurf] =>PUP.Optional.IsStart SUPPRIMÉ clé: [X64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} [http://www.istartsurf.com/web/?type=ds&ts=1442474568&z=c41fd8028e9c4f43236f171e2964f5c1gzzozmzwqb&from=tugs&uid=wdcxwd10jpvx-22jc3t0_wd-wx81ab4f17a2f17a2&q={searchTerms}] =>PUP.Optional.IsStart SUPPRIMÉ clé: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} [http://www.istartsurf.com/web/?type=ds&ts=1442474568&z=c41fd8028e9c4f43236f171e2964f5c1gzzozmzwqb&from=tugs&uid=wdcxwd10jpvx-22jc3t0_wd-wx81ab4f17a2f17a2&q={searchTerms}] =>PUP.Optional.IsStart SUPPRIMÉ clé*: HKLM\SYSTEM\CurrentControlSet\Services\MustangService_2015_10_10 [C:\ProgramData\TempMoudleSet\MustangSer1042.exe (Not File)] =>.Superfluous.MustangBrowser SUPPRIMÉ clé*: HKLM\SYSTEM\CurrentControlSet\Services\puleVI [C:\ProgramData\JAUpWW\puleVI.exe (Not File)] =>PUP.Optional.WebShield SUPPRIMÉ clé*: HKEY_USERS\S-1-5-21-1520791508-2612296529-3449326455-1005\SOFTWARE\Pokki [] =>.Superfluous.SweetLabs SUPPRIMÉ clé: HKCU\Software\Pokki [] =>.Superfluous.SweetLabs SUPPRIMÉ clé*: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Pokki [Pokki] =>.Superfluous.SweetLabs SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\protector_dll.Protector [Protector Class] =>Adware.BProtector SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\protector_dll.Protector.1 [Protector Class] =>Adware.BProtector SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\protector_dll.ProtectorLib [ProtectorLib Class] =>Adware.BProtector SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\protector_dll.ProtectorLib.1 [ProtectorLib Class] =>Adware.BProtector SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\ArenaHD [] =>Adware.CrossRider SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\HighDefAction [] =>Adware.CrossRider SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\InstalledBrowserExtensions [] =>PUP.Optional.BrowserExtensions SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\YorkNewCin [] =>Adware.CrossRider SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\ArenaHD [] =>Adware.CrossRider SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\CinemaPlus-4.2vV25.08 [] =>Adware.CrossRider SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\GlobalUpdate [] =>PUP.Optional.GlobalUpdate SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\HighDefAction [] =>Adware.CrossRider SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\ihpmserver [] =>Adware.CrossRider SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\InstalledBrowserExtensions [] =>PUP.Optional.BrowserExtensions SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\istartsurfSoftware [] =>PUP.Optional.IsStart SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\MaxDrivrUpdater [] =>.Superfluous.MaxDriverUpdater SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\RayDld [] =>Adware.CrossRider SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\SpeedBrowser [] =>.Superfluous.SpeedBrowser SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\YorkNewCin [] =>Adware.CrossRider SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\WebShield [Irrational Number Applications] =>PUP.Optional.WebShield SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\zz.2282.mdu [CSDI] =>.Superfluous.CSDI SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\PerformanceOptimizer_RASAPI32 [] =>Adware.BProtector SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\PerformanceOptimizer_RASMANCS [] =>Adware.BProtector SUPPRIMÉ valeur: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\{44A46850-E603-49CC-9DD9-2AD79E96A5C5} [C:\Program Files (x86)\Max Driver Updater\maxdu.exe] =>.Superfluous.MaxDriverUpdater ---\\ Récapitulatif des éléments trouvés sur votre station. (17) https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.Superfluous.MustangBrowser https://www.nicolascoolman.com/fr/pup-isstart/ =>PUP.Optional.IsStart https://nicolascoolman.eu/2017/04/03/hijacker-proxy/ =>Hijacker.Proxy https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>PUP.Optional.WebShield https://nicolascoolman.eu/2017/02/06/superfluous-conduit/ =>.Superfluous.Conduit https://nicolascoolman.eu/2017/04/12/adware-bprotector/ =>Adware.BProtector https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.Superfluous.Empty https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.Superfluous.MSIInstaller https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.Superfluous.Temporary.Empty https://nicolascoolman.eu/2017/03/11/pup-optional-crossrider/ =>Adware.CrossRider https://www.anti-malware.top/2016/05/07/superfluous-maxdriverupdater/ =>.Superfluous.MaxDriverUpdater https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>PUP.Optional.UniSales https://www.anti-malware.top/2016/07/28/superfluousspeedbrowser/ =>.Superfluous.SpeedBrowser https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.Superfluous.SweetLabs https://www.anti-malware.top/2016/05/03/superfluous-csdi/ =>.Superfluous.CSDI https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>PUP.Optional.BrowserExtensions https://www.nicolascoolman.com/fr/pup-globalupdate/ =>PUP.Optional.GlobalUpdate ---\\ Nettoyage Additionnel. (16) ~ Suppression des Clés de registre Tracing. (16) ~ Suppression des anciens rapports ZHPCleaner. (0) ---\\ Bilan de la réparation ~ Réparation réalisée avec succès. ~ Ce navigateur est absent (Google Chrome) ~ Ce navigateur est absent (Opera Software) ~ Le système a été redémarré. ---\\ Statistiques ~ Items scannés : 754 ~ Items trouvés : 0 ~ Items annulés : 0 ~ Items réparés : 122 ~ End of clean in 00h01mn17s ~==================== ZHPCleaner-[R]-16062017-19_17_10.txt ZHPCleaner-[S]-16062017-19_13_28.txt