Publicité
Publicité
Format du document : text/plain
Prévisualisation
~ ZHPCleaner v2016.1.12.7 by Nicolas Coolman (2016/01/12)
~ Run by slessner (Administrator) (14/01/2016 22:17:58)
~ Site : http://www.nicolascoolman.fr
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Version OK
~ Type : Repair
~ Report : C:\Users\slessner\Desktop\ZHPCleaner.txt
~ Quarantine : C:\Users\slessner\AppData\Roaming\ZHP\ZHPCleaner_Quarantine.txt
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
Windows 10 Pro, 64-bit (Build 10586)
---\\ Services (0)
~ No malicious or unnecessary items found.
---\\ Browser internet (1)
REPLACED Chrome Preferences: "http://apiuseclearthink-a.akamaihd.net/" =>PUP.Optional.Browser
---\\ Hosts file (1)
~ The hosts file is legitimate (21)
---\\ Scheduled automatic tasks. (0)
~ No malicious or unnecessary items found.
---\\ Explorer ( File, Folder) (53)
MOVED file: C:\Windows\System32\drivers\{bcd08fc8-cb56-41a3-8b19-3c556687a504}Gw64.sys [StdLib - StdLib] =>PUP.Optional.LinkiDoo
MOVED file: C:\Windows\Prefetch\CACAOWEB (8).EXE-BC0A6CCE.pf =>.Superfluous.CacaoWeb
MOVED file: C:\Users\slessner\Desktop\rcpsetup_softonic_sd_new.exe [Systweak Inc - RegClean Pro] =>.Superfluous.Systweak
MOVED file: C:\Users\slessner\AppData\Local\Google\Chrome\User Data\default\Local Storage\https_apiuseclearthink-a.akamaihd.net_0.localstorage =>PUP.Optional.AkamaiHD
MOVED file: C:\Users\slessner\AppData\Local\Google\Chrome\User Data\default\Local Storage\https_apiuseclearthink-a.akamaihd.net_0.localstorage-journal =>PUP.Optional.AkamaiHD
MOVED file: C:\Users\slessner\AppData\Local\Google\Chrome\User Data\default\Local Storage\https_hdapp1008-a.akamaihd.net_0.localstorage =>PUP.Optional.AkamaiHD
MOVED file: C:\Users\slessner\AppData\Local\Google\Chrome\User Data\default\Local Storage\https_hdapp1008-a.akamaihd.net_0.localstorage-journal =>PUP.Optional.AkamaiHD
MOVED file: C:\Users\slessner\AppData\Local\Google\Chrome\User Data\default\Local Storage\https_static.boostsaves.com_0.localstorage =>PUP.Optional.BoostSaves
MOVED file: C:\Users\slessner\AppData\Local\Google\Chrome\User Data\default\Local Storage\https_static.boostsaves.com_0.localstorage-journal =>PUP.Optional.BoostSaves
MOVED file: C:\Users\slessner\AppData\Local\Google\Chrome\User Data\default\Local Storage\https_static.pricepeep00.pricepeep.net_0.localstorage =>PUP.Optional.PricePeep
MOVED file: C:\Users\slessner\AppData\Local\Google\Chrome\User Data\default\Local Storage\https_static.pricepeep00.pricepeep.net_0.localstorage-journal =>PUP.Optional.PricePeep
MOVED file: C:\Users\slessner\AppData\Local\Google\Chrome\User Data\default\Local Storage\http_pstatic.kingtopdeals.com_0.localstorage =>PUP.Optional.Multiplug
MOVED file: C:\Users\slessner\AppData\Local\Google\Chrome\User Data\default\Local Storage\http_pstatic.kingtopdeals.com_0.localstorage-journal =>PUP.Optional.Multiplug
MOVED file: \Documents and Settings\Bilal\Downloads\cacaoweb (1).exe =>.Superfluous.CacaoWeb
MOVED file: \Documents and Settings\Bilal\Downloads\cacaoweb (2).exe =>.Superfluous.CacaoWeb
MOVED file: \Documents and Settings\Bilal\Downloads\cacaoweb (3).exe =>.Superfluous.CacaoWeb
MOVED file: \Documents and Settings\Bilal\Downloads\cacaoweb (4).exe =>.Superfluous.CacaoWeb
MOVED file: \Documents and Settings\Bilal\Downloads\cacaoweb (5).exe =>.Superfluous.CacaoWeb
MOVED file: \Documents and Settings\Bilal\Downloads\cacaoweb (6).exe =>.Superfluous.CacaoWeb
MOVED file: \Documents and Settings\Bilal\Downloads\cacaoweb (7).exe =>.Superfluous.CacaoWeb
MOVED file: \Documents and Settings\Bilal\Downloads\cacaoweb (8).exe =>.Superfluous.CacaoWeb
MOVED file: \Documents and Settings\Bilal\Downloads\cacaoweb.exe =>.Superfluous.CacaoWeb
MOVED file: \Documents and Settings\Bilal\Downloads\iLividSetup (1).exe [Bandoo Media Inc - iLivid Install] =>PUP.Optional.Bandoo
MOVED file: \Documents and Settings\Bilal\Downloads\iLividSetup (2).exe [Bandoo Media Inc - iLivid Install] =>PUP.Optional.Bandoo
MOVED file: \Documents and Settings\Bilal\Downloads\iLividSetup.exe [Bandoo Media Inc - iLivid Install] =>PUP.Optional.Bandoo
MOVED file: \Documents and Settings\Bilal\Downloads\SoftonicDownloader_pour_vlc-media-player-portable (1).exe [Softonic - Softonic Downloader] =>.Superfluous.Softonic
MOVED file: \Documents and Settings\Bilal\Downloads\SoftonicDownloader_pour_vlc-media-player-portable.exe [Softonic - Softonic Downloader] =>.Superfluous.Softonic
MOVED file^: \Documents and Settings\Bilal\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\https_apiuseclearthink-a.akamaihd.net_0.localstorage =>PUP.Optional.AkamaiHD
MOVED file^: \Documents and Settings\Bilal\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\https_apiuseclearthink-a.akamaihd.net_0.localstorage-journal =>PUP.Optional.AkamaiHD
MOVED file^: \Documents and Settings\Bilal\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\https_hdapp1008-a.akamaihd.net_0.localstorage =>PUP.Optional.AkamaiHD
MOVED file^: \Documents and Settings\Bilal\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\https_hdapp1008-a.akamaihd.net_0.localstorage-journal =>PUP.Optional.AkamaiHD
MOVED file: \Documents and Settings\Bilal\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\https_static.audienceinsights.net_0.localstorage =>PUP.Optional.Generic
MOVED file: \Documents and Settings\Bilal\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\https_static.audienceinsights.net_0.localstorage-journal =>PUP.Optional.Generic
MOVED file: \Documents and Settings\Bilal\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\https_static.boostsaves.com_0.localstorage =>PUP.Optional.BoostSaves
MOVED file: \Documents and Settings\Bilal\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\https_static.boostsaves.com_0.localstorage-journal =>PUP.Optional.BoostSaves
MOVED file^: \Documents and Settings\Bilal\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\https_static.pricepeep00.pricepeep.net_0.localstorage =>PUP.Optional.PricePeep
MOVED file: \Documents and Settings\Bilal\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\https_static.pricepeep00.pricepeep.net_0.localstorage-journal =>PUP.Optional.PricePeep
MOVED file: \Documents and Settings\Bilal\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\http_pstatic.kingtopdeals.com_0.localstorage =>PUP.Optional.Multiplug
MOVED file: \Documents and Settings\Bilal\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\http_pstatic.kingtopdeals.com_0.localstorage-journal =>PUP.Optional.Multiplug
MOVED file: \Documents and Settings\Bilal\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\http_putlocker.is_0.localstorage =>PUP.Optional.PutLocker
MOVED file: \Documents and Settings\Bilal\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\http_putlocker.is_0.localstorage-journal =>PUP.Optional.PutLocker
MOVED file: \Documents and Settings\Bilal\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\http_st.chatango.com_0.localstorage =>PUP.Optional.Chatango
MOVED file: \Documents and Settings\Bilal\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\http_st.chatango.com_0.localstorage-journal =>PUP.Optional.Chatango
MOVED file: \Documents and Settings\Bilal\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\http_static.audienceinsights.net_0.localstorage =>PUP.Optional.Generic
MOVED file: \Documents and Settings\Bilal\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\http_static.audienceinsights.net_0.localstorage-journal =>PUP.Optional.Generic
MOVED file: \Documents and Settings\Bilal\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\http_www.azlyrics.com_0.localstorage =>PUP.Optional.AddLyrics
MOVED file: \Documents and Settings\Bilal\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\http_www.azlyrics.com_0.localstorage-journal =>PUP.Optional.AddLyrics
MOVED file: \Documents and Settings\Bilal\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\http_www.topictorch.com_0.localstorage =>.Superfluous.Torch
MOVED file: \Documents and Settings\Bilal\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\http_www.topictorch.com_0.localstorage-journal =>.Superfluous.Torch
MOVED folder^: C:\Program Files (x86)\ClearThink =>PUP.Optional.ClearThink
MOVED folder: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Optimizer Pro v3.2 =>PUP.Optional.OptimizerPro
MOVED folder: \Users\Bilal\AppData\Roaming\cacaoweb =>.Superfluous.CacaoWeb
MOVED folder: \Users\Bilal\AppData\Local\Pay-By-Ads =>PUP.Optional.PaybyAds
---\\ Registry ( Key, Value, Data) (27)
DELETED key*: HKLM\SYSTEM\CurrentControlSet\Services\{bcd08fc8-cb56-41a3-8b19-3c556687a504}Gw64 [C:\Windows\System32\drivers\{bcd08fc8-cb56-41a3-8b19-3c556687a504}Gw64.sys (Not File)] =>PUP.Optional.LinkiDoo
DELETED key*: [X64] HKLM\SOFTWARE\Microsoft\Windows\Currentversion\Uninstall\ClearThink [] =>PUP.Optional.ClearThink
DELETED key*: [X64] HKLM\SOFTWARE\Wow6432Node\ClearThink [] =>PUP.Optional.ClearThink
DELETED key: HKLM\SYSTEM\CurrentControlSet\Services\{bcd08fc8-cb56-41a3-8b19-3c556687a504}Gw64 [C:\WINDOWS\System32\drivers\{bcd08fc8-cb56-41a3-8b19-3c556687a504}Gw64.sys (Not File)] =>PUP.Optional.LinkiDoo
DELETED key*: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A} [C:\Program Files (x86)\Ask.com\ (Not File)] =>Toolbar.Ask
DELETED key*: [X64] HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5} [ITool] =>Toolbar.Ask
DELETED key*: [X64] HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Update ClearThink [] =>PUP.Optional.ClearThink
DELETED key*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\updateClearThink_RASAPI32 [] =>Adware.Sambreel
DELETED key*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\updateClearThink_RASMANCS [] =>Adware.Sambreel
DELETED key*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utilClearThink_RASAPI32 [] =>Adware.Sambreel
DELETED key*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utilClearThink_RASMANCS [] =>Adware.Sambreel
DELETED key*: [X64] HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52} [Manager Class] =>Adware.Sambreel
DELETED key: [X64] HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}\InprocServer32 [C:\Program Files (x86)\ClearThink\bin\bcd064.dll] =>Adware.Sambreel
DELETED value: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\UDP Query User{7A345E05-610C-4467-A39B-72953134A89C}C:\users\bilal\downloads\cacaoweb (8).exe [C:\users\bilal\downloads\cacaoweb (8).exe] =>.Superfluous.CacaoWeb
DELETED value: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\TCP Query User{5ED01914-BA93-4720-9853-1D3D67FEF3F6}C:\users\bilal\downloads\cacaoweb (8).exe [C:\users\bilal\downloads\cacaoweb (8).exe] =>.Superfluous.CacaoWeb
DELETED value: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\UDP Query User{15671F86-E97D-4071-B679-8367D3BE9B14}C:\users\bilal\downloads\cacaoweb (7).exe [C:\users\bilal\downloads\cacaoweb (7).exe] =>.Superfluous.CacaoWeb
DELETED value: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\TCP Query User{93879C83-B1B4-4389-A945-864B2A0FC3F7}C:\users\bilal\downloads\cacaoweb (7).exe [C:\users\bilal\downloads\cacaoweb (7).exe] =>.Superfluous.CacaoWeb
DELETED value: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\UDP Query User{531B0390-AC3B-4A6D-9687-187A13242847}C:\users\bilal\downloads\cacaoweb (6).exe [C:\users\bilal\downloads\cacaoweb (6).exe] =>.Superfluous.CacaoWeb
DELETED value: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\TCP Query User{FEFF8565-0C88-47B8-9998-653E9D209BA0}C:\users\bilal\downloads\cacaoweb (6).exe [C:\users\bilal\downloads\cacaoweb (6).exe] =>.Superfluous.CacaoWeb
DELETED value: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\UDP Query User{F7449F28-197E-456B-8295-110DD9153AFB}C:\users\bilal\downloads\cacaoweb (5).exe [C:\users\bilal\downloads\cacaoweb (5).exe] =>.Superfluous.CacaoWeb
DELETED value: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\TCP Query User{81707675-E259-49D7-9F3B-A0E68B3D1AB9}C:\users\bilal\downloads\cacaoweb (5).exe [C:\users\bilal\downloads\cacaoweb (5).exe] =>.Superfluous.CacaoWeb
DELETED value: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\UDP Query User{19466CC4-F6D6-4F8A-99C5-E8564D5FBF34}C:\users\bilal\appdata\roaming\cacaoweb\cacaoweb.exe [C:\users\bilal\appdata\roaming\cacaoweb\cacaoweb.exe] =>.Superfluous.CacaoWeb
DELETED value: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\TCP Query User{45371F24-A052-446D-8CB3-A3EA5C7E094E}C:\users\bilal\appdata\roaming\cacaoweb\cacaoweb.exe [C:\users\bilal\appdata\roaming\cacaoweb\cacaoweb.exe] =>.Superfluous.CacaoWeb
DELETED value: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\UDP Query User{FEBA7FD7-0E52-415F-8D1A-C56CD1B99EDB}C:\users\bilal\appdata\roaming\cacaoweb\cacaoweb.exe [C:\users\bilal\appdata\roaming\cacaoweb\cacaoweb.exe] =>.Superfluous.CacaoWeb
DELETED value: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\TCP Query User{E6C8A129-CFCF-40A9-AC7F-17F4E269B8B7}C:\users\bilal\appdata\roaming\cacaoweb\cacaoweb.exe [C:\users\bilal\appdata\roaming\cacaoweb\cacaoweb.exe] =>.Superfluous.CacaoWeb
DELETED value: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\TCP Query User{FF774741-23BF-4428-B583-EF4FB6139B51}C:\users\bilal\downloads\cacaoweb (8).exe [C:\users\bilal\downloads\cacaoweb (8).exe] =>.Superfluous.CacaoWeb
DELETED value: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\UDP Query User{7BBA987B-9F8D-433D-BBA2-DC760C2CB5FD}C:\users\bilal\downloads\cacaoweb (8).exe [C:\users\bilal\downloads\cacaoweb (8).exe] =>.Superfluous.CacaoWeb
---\\ Summary of the elements found (20)
http://www.nicolascoolman.fr/?p=546 =>PUP.Optional.Browser
http://www.nicolascoolman.fr/?p=62 =>PUP.Optional.LinkiDoo
http://www.nicolascoolman.fr/?p=338 =>.Superfluous.CacaoWeb
http://www.nicolascoolman.fr/pup-systweak/ =>.Superfluous.Systweak
http://www.nicolascoolman.fr/?p=4664 =>PUP.Optional.AkamaiHD
http://www.nicolascoolman.fr/?p=4664 =>PUP.Optional.BoostSaves
http://www.nicolascoolman.fr/?p=4664 =>PUP.Optional.PricePeep
http://www.nicolascoolman.fr/?p=1402 =>PUP.Optional.Multiplug
http://www.nicolascoolman.fr/?p=237 =>PUP.Optional.Bandoo
http://www.nicolascoolman.fr/?p=4664 =>.Superfluous.Softonic
http://www.nicolascoolman.fr/?p=4664 =>PUP.Optional.Generic
http://www.nicolascoolman.fr/?p=134 =>PUP.Optional.PutLocker
http://www.nicolascoolman.fr/?p=4664 =>PUP.Optional.Chatango
http://www.nicolascoolman.fr/?p=905 =>PUP.Optional.AddLyrics
http://www.nicolascoolman.fr/?p=4664 =>.Superfluous.Torch
http://www.nicolascoolman.fr/pup-clearthink/ =>PUP.Optional.ClearThink
http://www.nicolascoolman.fr/?p=324 =>PUP.Optional.OptimizerPro
http://www.nicolascoolman.fr/?p=1754 =>PUP.Optional.PaybyAds
http://www.nicolascoolman.fr/?p=235 =>Toolbar.Ask
http://www.nicolascoolman.fr/pup-optional-sambreel/ =>Adware.Sambreel
---\\ Other deletions. (17)
~ Registry Keys Tracing deleted (17)
~ Remove the old reports ZHPCleaner. (0)
---\\ Result of repair
~ Repair carried out successfully
~ Browser not found (Mozilla Firefox)
~ Browser not found (Opera Software)
~ The system has been restarted.
---\\ Statistics
~ Items scanned : 259
~ Items found : 0
~ Items cancelled : 0
~ Items repaired : 81
~ End of clean in 00h01mn35s
===================
ZHPCleaner-[R]-14012016-22_19_33.txt
ZHPCleaner-[S]-14012016-21_26_37.txt
ZHPCleaner-[S]-14012016-22_16_58.txt
~ Run by slessner (Administrator) (14/01/2016 22:17:58)
~ Site : http://www.nicolascoolman.fr
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Version OK
~ Type : Repair
~ Report : C:\Users\slessner\Desktop\ZHPCleaner.txt
~ Quarantine : C:\Users\slessner\AppData\Roaming\ZHP\ZHPCleaner_Quarantine.txt
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
Windows 10 Pro, 64-bit (Build 10586)
---\\ Services (0)
~ No malicious or unnecessary items found.
---\\ Browser internet (1)
REPLACED Chrome Preferences: "http://apiuseclearthink-a.akamaihd.net/" =>PUP.Optional.Browser
---\\ Hosts file (1)
~ The hosts file is legitimate (21)
---\\ Scheduled automatic tasks. (0)
~ No malicious or unnecessary items found.
---\\ Explorer ( File, Folder) (53)
MOVED file: C:\Windows\System32\drivers\{bcd08fc8-cb56-41a3-8b19-3c556687a504}Gw64.sys [StdLib - StdLib] =>PUP.Optional.LinkiDoo
MOVED file: C:\Windows\Prefetch\CACAOWEB (8).EXE-BC0A6CCE.pf =>.Superfluous.CacaoWeb
MOVED file: C:\Users\slessner\Desktop\rcpsetup_softonic_sd_new.exe [Systweak Inc - RegClean Pro] =>.Superfluous.Systweak
MOVED file: C:\Users\slessner\AppData\Local\Google\Chrome\User Data\default\Local Storage\https_apiuseclearthink-a.akamaihd.net_0.localstorage =>PUP.Optional.AkamaiHD
MOVED file: C:\Users\slessner\AppData\Local\Google\Chrome\User Data\default\Local Storage\https_apiuseclearthink-a.akamaihd.net_0.localstorage-journal =>PUP.Optional.AkamaiHD
MOVED file: C:\Users\slessner\AppData\Local\Google\Chrome\User Data\default\Local Storage\https_hdapp1008-a.akamaihd.net_0.localstorage =>PUP.Optional.AkamaiHD
MOVED file: C:\Users\slessner\AppData\Local\Google\Chrome\User Data\default\Local Storage\https_hdapp1008-a.akamaihd.net_0.localstorage-journal =>PUP.Optional.AkamaiHD
MOVED file: C:\Users\slessner\AppData\Local\Google\Chrome\User Data\default\Local Storage\https_static.boostsaves.com_0.localstorage =>PUP.Optional.BoostSaves
MOVED file: C:\Users\slessner\AppData\Local\Google\Chrome\User Data\default\Local Storage\https_static.boostsaves.com_0.localstorage-journal =>PUP.Optional.BoostSaves
MOVED file: C:\Users\slessner\AppData\Local\Google\Chrome\User Data\default\Local Storage\https_static.pricepeep00.pricepeep.net_0.localstorage =>PUP.Optional.PricePeep
MOVED file: C:\Users\slessner\AppData\Local\Google\Chrome\User Data\default\Local Storage\https_static.pricepeep00.pricepeep.net_0.localstorage-journal =>PUP.Optional.PricePeep
MOVED file: C:\Users\slessner\AppData\Local\Google\Chrome\User Data\default\Local Storage\http_pstatic.kingtopdeals.com_0.localstorage =>PUP.Optional.Multiplug
MOVED file: C:\Users\slessner\AppData\Local\Google\Chrome\User Data\default\Local Storage\http_pstatic.kingtopdeals.com_0.localstorage-journal =>PUP.Optional.Multiplug
MOVED file: \Documents and Settings\Bilal\Downloads\cacaoweb (1).exe =>.Superfluous.CacaoWeb
MOVED file: \Documents and Settings\Bilal\Downloads\cacaoweb (2).exe =>.Superfluous.CacaoWeb
MOVED file: \Documents and Settings\Bilal\Downloads\cacaoweb (3).exe =>.Superfluous.CacaoWeb
MOVED file: \Documents and Settings\Bilal\Downloads\cacaoweb (4).exe =>.Superfluous.CacaoWeb
MOVED file: \Documents and Settings\Bilal\Downloads\cacaoweb (5).exe =>.Superfluous.CacaoWeb
MOVED file: \Documents and Settings\Bilal\Downloads\cacaoweb (6).exe =>.Superfluous.CacaoWeb
MOVED file: \Documents and Settings\Bilal\Downloads\cacaoweb (7).exe =>.Superfluous.CacaoWeb
MOVED file: \Documents and Settings\Bilal\Downloads\cacaoweb (8).exe =>.Superfluous.CacaoWeb
MOVED file: \Documents and Settings\Bilal\Downloads\cacaoweb.exe =>.Superfluous.CacaoWeb
MOVED file: \Documents and Settings\Bilal\Downloads\iLividSetup (1).exe [Bandoo Media Inc - iLivid Install] =>PUP.Optional.Bandoo
MOVED file: \Documents and Settings\Bilal\Downloads\iLividSetup (2).exe [Bandoo Media Inc - iLivid Install] =>PUP.Optional.Bandoo
MOVED file: \Documents and Settings\Bilal\Downloads\iLividSetup.exe [Bandoo Media Inc - iLivid Install] =>PUP.Optional.Bandoo
MOVED file: \Documents and Settings\Bilal\Downloads\SoftonicDownloader_pour_vlc-media-player-portable (1).exe [Softonic - Softonic Downloader] =>.Superfluous.Softonic
MOVED file: \Documents and Settings\Bilal\Downloads\SoftonicDownloader_pour_vlc-media-player-portable.exe [Softonic - Softonic Downloader] =>.Superfluous.Softonic
MOVED file^: \Documents and Settings\Bilal\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\https_apiuseclearthink-a.akamaihd.net_0.localstorage =>PUP.Optional.AkamaiHD
MOVED file^: \Documents and Settings\Bilal\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\https_apiuseclearthink-a.akamaihd.net_0.localstorage-journal =>PUP.Optional.AkamaiHD
MOVED file^: \Documents and Settings\Bilal\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\https_hdapp1008-a.akamaihd.net_0.localstorage =>PUP.Optional.AkamaiHD
MOVED file^: \Documents and Settings\Bilal\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\https_hdapp1008-a.akamaihd.net_0.localstorage-journal =>PUP.Optional.AkamaiHD
MOVED file: \Documents and Settings\Bilal\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\https_static.audienceinsights.net_0.localstorage =>PUP.Optional.Generic
MOVED file: \Documents and Settings\Bilal\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\https_static.audienceinsights.net_0.localstorage-journal =>PUP.Optional.Generic
MOVED file: \Documents and Settings\Bilal\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\https_static.boostsaves.com_0.localstorage =>PUP.Optional.BoostSaves
MOVED file: \Documents and Settings\Bilal\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\https_static.boostsaves.com_0.localstorage-journal =>PUP.Optional.BoostSaves
MOVED file^: \Documents and Settings\Bilal\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\https_static.pricepeep00.pricepeep.net_0.localstorage =>PUP.Optional.PricePeep
MOVED file: \Documents and Settings\Bilal\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\https_static.pricepeep00.pricepeep.net_0.localstorage-journal =>PUP.Optional.PricePeep
MOVED file: \Documents and Settings\Bilal\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\http_pstatic.kingtopdeals.com_0.localstorage =>PUP.Optional.Multiplug
MOVED file: \Documents and Settings\Bilal\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\http_pstatic.kingtopdeals.com_0.localstorage-journal =>PUP.Optional.Multiplug
MOVED file: \Documents and Settings\Bilal\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\http_putlocker.is_0.localstorage =>PUP.Optional.PutLocker
MOVED file: \Documents and Settings\Bilal\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\http_putlocker.is_0.localstorage-journal =>PUP.Optional.PutLocker
MOVED file: \Documents and Settings\Bilal\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\http_st.chatango.com_0.localstorage =>PUP.Optional.Chatango
MOVED file: \Documents and Settings\Bilal\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\http_st.chatango.com_0.localstorage-journal =>PUP.Optional.Chatango
MOVED file: \Documents and Settings\Bilal\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\http_static.audienceinsights.net_0.localstorage =>PUP.Optional.Generic
MOVED file: \Documents and Settings\Bilal\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\http_static.audienceinsights.net_0.localstorage-journal =>PUP.Optional.Generic
MOVED file: \Documents and Settings\Bilal\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\http_www.azlyrics.com_0.localstorage =>PUP.Optional.AddLyrics
MOVED file: \Documents and Settings\Bilal\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\http_www.azlyrics.com_0.localstorage-journal =>PUP.Optional.AddLyrics
MOVED file: \Documents and Settings\Bilal\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\http_www.topictorch.com_0.localstorage =>.Superfluous.Torch
MOVED file: \Documents and Settings\Bilal\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\http_www.topictorch.com_0.localstorage-journal =>.Superfluous.Torch
MOVED folder^: C:\Program Files (x86)\ClearThink =>PUP.Optional.ClearThink
MOVED folder: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Optimizer Pro v3.2 =>PUP.Optional.OptimizerPro
MOVED folder: \Users\Bilal\AppData\Roaming\cacaoweb =>.Superfluous.CacaoWeb
MOVED folder: \Users\Bilal\AppData\Local\Pay-By-Ads =>PUP.Optional.PaybyAds
---\\ Registry ( Key, Value, Data) (27)
DELETED key*: HKLM\SYSTEM\CurrentControlSet\Services\{bcd08fc8-cb56-41a3-8b19-3c556687a504}Gw64 [C:\Windows\System32\drivers\{bcd08fc8-cb56-41a3-8b19-3c556687a504}Gw64.sys (Not File)] =>PUP.Optional.LinkiDoo
DELETED key*: [X64] HKLM\SOFTWARE\Microsoft\Windows\Currentversion\Uninstall\ClearThink [] =>PUP.Optional.ClearThink
DELETED key*: [X64] HKLM\SOFTWARE\Wow6432Node\ClearThink [] =>PUP.Optional.ClearThink
DELETED key: HKLM\SYSTEM\CurrentControlSet\Services\{bcd08fc8-cb56-41a3-8b19-3c556687a504}Gw64 [C:\WINDOWS\System32\drivers\{bcd08fc8-cb56-41a3-8b19-3c556687a504}Gw64.sys (Not File)] =>PUP.Optional.LinkiDoo
DELETED key*: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A} [C:\Program Files (x86)\Ask.com\ (Not File)] =>Toolbar.Ask
DELETED key*: [X64] HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5} [ITool] =>Toolbar.Ask
DELETED key*: [X64] HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Update ClearThink [] =>PUP.Optional.ClearThink
DELETED key*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\updateClearThink_RASAPI32 [] =>Adware.Sambreel
DELETED key*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\updateClearThink_RASMANCS [] =>Adware.Sambreel
DELETED key*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utilClearThink_RASAPI32 [] =>Adware.Sambreel
DELETED key*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utilClearThink_RASMANCS [] =>Adware.Sambreel
DELETED key*: [X64] HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52} [Manager Class] =>Adware.Sambreel
DELETED key: [X64] HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}\InprocServer32 [C:\Program Files (x86)\ClearThink\bin\bcd064.dll] =>Adware.Sambreel
DELETED value: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\UDP Query User{7A345E05-610C-4467-A39B-72953134A89C}C:\users\bilal\downloads\cacaoweb (8).exe [C:\users\bilal\downloads\cacaoweb (8).exe] =>.Superfluous.CacaoWeb
DELETED value: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\TCP Query User{5ED01914-BA93-4720-9853-1D3D67FEF3F6}C:\users\bilal\downloads\cacaoweb (8).exe [C:\users\bilal\downloads\cacaoweb (8).exe] =>.Superfluous.CacaoWeb
DELETED value: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\UDP Query User{15671F86-E97D-4071-B679-8367D3BE9B14}C:\users\bilal\downloads\cacaoweb (7).exe [C:\users\bilal\downloads\cacaoweb (7).exe] =>.Superfluous.CacaoWeb
DELETED value: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\TCP Query User{93879C83-B1B4-4389-A945-864B2A0FC3F7}C:\users\bilal\downloads\cacaoweb (7).exe [C:\users\bilal\downloads\cacaoweb (7).exe] =>.Superfluous.CacaoWeb
DELETED value: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\UDP Query User{531B0390-AC3B-4A6D-9687-187A13242847}C:\users\bilal\downloads\cacaoweb (6).exe [C:\users\bilal\downloads\cacaoweb (6).exe] =>.Superfluous.CacaoWeb
DELETED value: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\TCP Query User{FEFF8565-0C88-47B8-9998-653E9D209BA0}C:\users\bilal\downloads\cacaoweb (6).exe [C:\users\bilal\downloads\cacaoweb (6).exe] =>.Superfluous.CacaoWeb
DELETED value: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\UDP Query User{F7449F28-197E-456B-8295-110DD9153AFB}C:\users\bilal\downloads\cacaoweb (5).exe [C:\users\bilal\downloads\cacaoweb (5).exe] =>.Superfluous.CacaoWeb
DELETED value: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\TCP Query User{81707675-E259-49D7-9F3B-A0E68B3D1AB9}C:\users\bilal\downloads\cacaoweb (5).exe [C:\users\bilal\downloads\cacaoweb (5).exe] =>.Superfluous.CacaoWeb
DELETED value: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\UDP Query User{19466CC4-F6D6-4F8A-99C5-E8564D5FBF34}C:\users\bilal\appdata\roaming\cacaoweb\cacaoweb.exe [C:\users\bilal\appdata\roaming\cacaoweb\cacaoweb.exe] =>.Superfluous.CacaoWeb
DELETED value: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\TCP Query User{45371F24-A052-446D-8CB3-A3EA5C7E094E}C:\users\bilal\appdata\roaming\cacaoweb\cacaoweb.exe [C:\users\bilal\appdata\roaming\cacaoweb\cacaoweb.exe] =>.Superfluous.CacaoWeb
DELETED value: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\UDP Query User{FEBA7FD7-0E52-415F-8D1A-C56CD1B99EDB}C:\users\bilal\appdata\roaming\cacaoweb\cacaoweb.exe [C:\users\bilal\appdata\roaming\cacaoweb\cacaoweb.exe] =>.Superfluous.CacaoWeb
DELETED value: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\TCP Query User{E6C8A129-CFCF-40A9-AC7F-17F4E269B8B7}C:\users\bilal\appdata\roaming\cacaoweb\cacaoweb.exe [C:\users\bilal\appdata\roaming\cacaoweb\cacaoweb.exe] =>.Superfluous.CacaoWeb
DELETED value: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\TCP Query User{FF774741-23BF-4428-B583-EF4FB6139B51}C:\users\bilal\downloads\cacaoweb (8).exe [C:\users\bilal\downloads\cacaoweb (8).exe] =>.Superfluous.CacaoWeb
DELETED value: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\UDP Query User{7BBA987B-9F8D-433D-BBA2-DC760C2CB5FD}C:\users\bilal\downloads\cacaoweb (8).exe [C:\users\bilal\downloads\cacaoweb (8).exe] =>.Superfluous.CacaoWeb
---\\ Summary of the elements found (20)
http://www.nicolascoolman.fr/?p=546 =>PUP.Optional.Browser
http://www.nicolascoolman.fr/?p=62 =>PUP.Optional.LinkiDoo
http://www.nicolascoolman.fr/?p=338 =>.Superfluous.CacaoWeb
http://www.nicolascoolman.fr/pup-systweak/ =>.Superfluous.Systweak
http://www.nicolascoolman.fr/?p=4664 =>PUP.Optional.AkamaiHD
http://www.nicolascoolman.fr/?p=4664 =>PUP.Optional.BoostSaves
http://www.nicolascoolman.fr/?p=4664 =>PUP.Optional.PricePeep
http://www.nicolascoolman.fr/?p=1402 =>PUP.Optional.Multiplug
http://www.nicolascoolman.fr/?p=237 =>PUP.Optional.Bandoo
http://www.nicolascoolman.fr/?p=4664 =>.Superfluous.Softonic
http://www.nicolascoolman.fr/?p=4664 =>PUP.Optional.Generic
http://www.nicolascoolman.fr/?p=134 =>PUP.Optional.PutLocker
http://www.nicolascoolman.fr/?p=4664 =>PUP.Optional.Chatango
http://www.nicolascoolman.fr/?p=905 =>PUP.Optional.AddLyrics
http://www.nicolascoolman.fr/?p=4664 =>.Superfluous.Torch
http://www.nicolascoolman.fr/pup-clearthink/ =>PUP.Optional.ClearThink
http://www.nicolascoolman.fr/?p=324 =>PUP.Optional.OptimizerPro
http://www.nicolascoolman.fr/?p=1754 =>PUP.Optional.PaybyAds
http://www.nicolascoolman.fr/?p=235 =>Toolbar.Ask
http://www.nicolascoolman.fr/pup-optional-sambreel/ =>Adware.Sambreel
---\\ Other deletions. (17)
~ Registry Keys Tracing deleted (17)
~ Remove the old reports ZHPCleaner. (0)
---\\ Result of repair
~ Repair carried out successfully
~ Browser not found (Mozilla Firefox)
~ Browser not found (Opera Software)
~ The system has been restarted.
---\\ Statistics
~ Items scanned : 259
~ Items found : 0
~ Items cancelled : 0
~ Items repaired : 81
~ End of clean in 00h01mn35s
===================
ZHPCleaner-[R]-14012016-22_19_33.txt
ZHPCleaner-[S]-14012016-21_26_37.txt
ZHPCleaner-[S]-14012016-22_16_58.txt