Publicité
Publicité
Format du document : text/plain
Prévisualisation
~ ZHPCleaner v2017.8.1.132 by Nicolas Coolman (2017/08/01)
~ Run by Bureau (Administrator) (02/08/2017 20:41:05)
~ Web: https://www.nicolascoolman.com
~ Blog: https://nicolascoolman.eu/
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Version OK
~ Certificate ZHPCleaner: Legal
~ Type : Scanner
~ Report : C:\Users\Bureau\Desktop\ZHPCleaner.txt
~ Quarantine : C:\Users\Bureau\AppData\Roaming\ZHP\ZHPCleaner_Reg.txt
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
Windows 10 Home, 64-bit (Build 15063)
---\\ Service. (0)
~ Aucun élément malicieux ou superflu trouvé.
---\\ Navigateur internet. (54)
TROUVÉ: [n30ikmkg.default] - user_pref("extensions.toolbar.mindspark._65Members_.BUTTON_STRUCTURE", "[{\"b\":232130312,\"c\":\"mi[...] =>Adware.Bandoo
TROUVÉ: [n30ikmkg.default] - user_pref("extensions.toolbar.mindspark._65Members_.browser.startup.homepage.prev", "https://fr.sear[...] =>Adware.Bandoo
TROUVÉ: [n30ikmkg.default] - user_pref("extensions.toolbar.mindspark._65Members_.browser.startup.homepage.savedPrev", "true"); =>Adware.Bandoo
TROUVÉ: [n30ikmkg.default] - user_pref("extensions.toolbar.mindspark._65Members_.browser.startup.homepage.tb", "http://hp.myway.c[...] =>Adware.Bandoo
TROUVÉ: [n30ikmkg.default] - user_pref("extensions.toolbar.mindspark._65Members_.browser.startup.page.savedPrev", 1); =>Adware.Bandoo
TROUVÉ: [n30ikmkg.default] - user_pref("extensions.toolbar.mindspark._65Members_.browser.startup.page.tb", 1); =>Adware.Bandoo
TROUVÉ: [n30ikmkg.default] - user_pref("extensions.toolbar.mindspark._65Members_.browser.version.last", "53.0"); =>Adware.Bandoo
TROUVÉ: [n30ikmkg.default] - user_pref("extensions.toolbar.mindspark._65Members_.coId", "1c6c5d1dd68b41a68af0bd3e904d95dc"); =>Adware.Bandoo
TROUVÉ: [n30ikmkg.default] - user_pref("extensions.toolbar.mindspark._65Members_.firefoxSearchExtensionEnabled", "true"); =>Adware.Bandoo
TROUVÉ: [n30ikmkg.default] - user_pref("extensions.toolbar.mindspark._65Members_.firstKnownVersion", "7.800.11.26973"); =>Adware.Bandoo
TROUVÉ: [n30ikmkg.default] - user_pref("extensions.toolbar.mindspark._65Members_.homepage", "http://hp.myway.com/fromdoctopdf/LMF[...] =>Adware.Bandoo
TROUVÉ: [n30ikmkg.default] - user_pref("extensions.toolbar.mindspark._65Members_.hp.enabled", false); =>Adware.Bandoo
TROUVÉ: [n30ikmkg.default] - user_pref("extensions.toolbar.mindspark._65Members_.hp.guardType", "HPR"); =>Adware.Bandoo
TROUVÉ: [n30ikmkg.default] - user_pref("extensions.toolbar.mindspark._65Members_.initialized", true); =>Adware.Bandoo
TROUVÉ: [n30ikmkg.default] - user_pref("extensions.toolbar.mindspark._65Members_.installType", "XPI"); =>Adware.Bandoo
TROUVÉ: [n30ikmkg.default] - user_pref("extensions.toolbar.mindspark._65Members_.installation.dlpCountryCode", "FR"); =>Adware.Bandoo
TROUVÉ: [n30ikmkg.default] - user_pref("extensions.toolbar.mindspark._65Members_.installation.installDate", "2017050110"); =>Adware.Bandoo
TROUVÉ: [n30ikmkg.default] - user_pref("extensions.toolbar.mindspark._65Members_.installation.partnerId", "^Y6^xdm197^LMFRFR^fr")[...] =>Adware.Bandoo
TROUVÉ: [n30ikmkg.default] - user_pref("extensions.toolbar.mindspark._65Members_.installation.partnerSubId", "CIzAvZagztMCFcm6Gwo[...] =>Adware.Bandoo
TROUVÉ: [n30ikmkg.default] - user_pref("extensions.toolbar.mindspark._65Members_.installation.pixelUrl", "http://download.fromdoc[...] =>Adware.Bandoo
TROUVÉ: [n30ikmkg.default] - user_pref("extensions.toolbar.mindspark._65Members_.installation.success", true); =>Adware.Bandoo
TROUVÉ: [n30ikmkg.default] - user_pref("extensions.toolbar.mindspark._65Members_.installation.toolbarDataSource", "[\"COOKIE\",\"[...] =>Adware.Bandoo
TROUVÉ: [n30ikmkg.default] - user_pref("extensions.toolbar.mindspark._65Members_.installation.toolbarId", "7AFF7637-74F7-4E61-9CC[...] =>Adware.Bandoo
TROUVÉ: [n30ikmkg.default] - user_pref("extensions.toolbar.mindspark._65Members_.lastActivePing", "1493920574634"); =>Adware.Bandoo
TROUVÉ: [n30ikmkg.default] - user_pref("extensions.toolbar.mindspark._65Members_.lastKnownVersion", "7.800.11.26973"); =>Adware.Bandoo
TROUVÉ: [n30ikmkg.default] - user_pref("extensions.toolbar.mindspark._65Members_.lssState", "{\"previousLocales\":[\"fr\",\"fr-FR[...] =>Adware.Bandoo
TROUVÉ: [n30ikmkg.default] - user_pref("extensions.toolbar.mindspark._65Members_.options.defaultSearch", false); =>Adware.Bandoo
TROUVÉ: [n30ikmkg.default] - user_pref("extensions.toolbar.mindspark._65Members_.options.homePageEnabled", true); =>Adware.Bandoo
TROUVÉ: [n30ikmkg.default] - user_pref("extensions.toolbar.mindspark._65Members_.options.keywordEnabled", false); =>Adware.Bandoo
TROUVÉ: [n30ikmkg.default] - user_pref("extensions.toolbar.mindspark._65Members_.options.tabEnabled", true); =>Adware.Bandoo
TROUVÉ: [n30ikmkg.default] - user_pref("extensions.toolbar.mindspark._65Members_.partnerPixelFired", true); =>Adware.Bandoo
TROUVÉ: [n30ikmkg.default] - user_pref("extensions.toolbar.mindspark._65Members_.productDeliveryOption.language", "fr"); =>Adware.Bandoo
TROUVÉ: [n30ikmkg.default] - user_pref("extensions.toolbar.mindspark._65Members_.productDeliveryOption.newTabURL", "http://hp.myw[...] =>Adware.Bandoo
TROUVÉ: [n30ikmkg.default] - user_pref("extensions.toolbar.mindspark._65Members_.productDeliveryOption.type", "ToolTab"); =>Adware.Bandoo
TROUVÉ: [n30ikmkg.default] - user_pref("extensions.toolbar.mindspark._65Members_.successUrl", "http://fromdoctopdf.dl.tb.ask.com/[...] =>Adware.Bandoo
TROUVÉ: [n30ikmkg.default] - user_pref("extensions.toolbar.mindspark._65Members_.toolbarCollapsed", false); =>Adware.Bandoo
TROUVÉ: [n30ikmkg.default] - user_pref("extensions.toolbar.mindspark._65Members_.uninstallSurveyUrl", "http://www.research.net/r/[...] =>Adware.Bandoo
TROUVÉ: [n30ikmkg.default] - user_pref("extensions.toolbar.mindspark._65Members_.uninstallTasks", "{\"prefBranchesToDelete\":[\"e[...] =>Adware.Bandoo
TROUVÉ: [n30ikmkg.default] - user_pref("extensions.toolbar.mindspark.hp.enabled", true); =>Adware.Bandoo
TROUVÉ: [n30ikmkg.default] - user_pref("extensions.toolbar.mindspark.hp.enabled.guid", "fromdoctopdf@mindspark.com"); =>Adware.Bandoo
TROUVÉ: [n30ikmkg.default] - user_pref("extensions.toolbar.mindspark.lastInstalled", "fromdoctopdf@mindspark.com"); =>Adware.Bandoo
TROUVÉ: [n30ikmkg.default] - user_pref("extensions.xpiState", "{\"app-profile\":{\"_65Members_@download.fromdoctopdf.com\":{\"d\"[...] =>.Superfluous.MindSpark
TROUVÉ fichier: C:\Users\Bureau\AppData\Roaming\Mozilla\Firefox\Profiles\n30ikmkg.default\Extensions\_65Members_@download.fromdoctopdf.com\bootstrap.js =>.Superfluous.MindSpark
TROUVÉ fichier: C:\Users\Bureau\AppData\Roaming\Mozilla\Firefox\Profiles\n30ikmkg.default\Extensions\_65Members_@download.fromdoctopdf.com\chrome =>.Superfluous.MindSpark
TROUVÉ fichier: C:\Users\Bureau\AppData\Roaming\Mozilla\Firefox\Profiles\n30ikmkg.default\Extensions\_65Members_@download.fromdoctopdf.com\chrome.manifest =>.Superfluous.MindSpark
TROUVÉ fichier: C:\Users\Bureau\AppData\Roaming\Mozilla\Firefox\Profiles\n30ikmkg.default\Extensions\_65Members_@download.fromdoctopdf.com\chrome.manifest.restartless =>.Superfluous.MindSpark
TROUVÉ fichier: C:\Users\Bureau\AppData\Roaming\Mozilla\Firefox\Profiles\n30ikmkg.default\Extensions\_65Members_@download.fromdoctopdf.com\install.rdf =>.Superfluous.MindSpark
TROUVÉ fichier: C:\Users\Bureau\AppData\Roaming\Mozilla\Firefox\Profiles\n30ikmkg.default\Extensions\_65Members_@download.fromdoctopdf.com\META-INF =>.Superfluous.MindSpark
TROUVÉ dossier: C:\Users\Bureau\AppData\Roaming\Mozilla\Firefox\Profiles\n30ikmkg.default\Extensions\_65Members_@download.fromdoctopdf.com =>.Superfluous.MindSpark
TROUVÉ fichier: C:\Users\Bureau\AppData\Roaming\Mozilla\Firefox\Profiles\n30ikmkg.default\FromDocToPDF_65\7AFF7637-74F7-4E61-9CC9-7D72DDE205A4.sqlite =>.Superfluous.MindSpark
TROUVÉ fichier: C:\Users\Bureau\AppData\Roaming\Mozilla\Firefox\Profiles\n30ikmkg.default\extensions\_65Members_@download.fromdoctopdf.com\META-INF\manifest.mf =>.Superfluous.MindSpark
TROUVÉ fichier: C:\Users\Bureau\AppData\Roaming\Mozilla\Firefox\Profiles\n30ikmkg.default\extensions\_65Members_@download.fromdoctopdf.com\META-INF\mozilla.rsa =>.Superfluous.MindSpark
TROUVÉ fichier: C:\Users\Bureau\AppData\Roaming\Mozilla\Firefox\Profiles\n30ikmkg.default\extensions\_65Members_@download.fromdoctopdf.com\META-INF\mozilla.sf =>.Superfluous.MindSpark
TROUVÉ fichier: C:\Users\Bureau\AppData\Roaming\Mozilla\Firefox\Profiles\n30ikmkg.default\extensions\_65Members_@download.fromdoctopdf.com\chrome\ffxtbr.jar =>.Superfluous.MindSpark
---\\ Fichier hôte. (1)
~ Le fichier hôte est légitime. (21)
---\\ Tâche planifiée. (3)
TROUVÉ tâche: [Yahoo! Powered forad] [C:\Windows\System32\wscript.exe] =>Adware.YahooPowered
TROUVÉ tâche: [Bing Search Engine forad] [C:\WINDOWS\Tasks\Bing Search Engine forad.job] =>Heuristic.Suspect
TROUVÉ tâche: [Yahoo! Powered forad] [C:\WINDOWS\Tasks\Yahoo! Powered forad.job] =>Adware.YahooPowered
---\\ Explorateur ( Dossiers, Fichiers ). (25)
TROUVÉ fichier: C:\Users\Bureau\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_nahhmpbckpgdidfnmfkfgiflpjijilce_0.localstorage =>.Superfluous.SearchManager
TROUVÉ dossier: C:\Users\Bureau\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce =>.Superfluous.SearchManager
TROUVÉ fichier: C:\Users\Bureau\AppData\Roaming\Colanid.exe =>Adware.Pirrit
TROUVÉ fichier: C:\Users\Bureau\AppData\Roaming\Colanid.exe =>Adware.Suspect
TROUVÉ fichier: C:\Windows\Tasks\Bing Search Engine forad.job =>Heuristic.Suspect
TROUVÉ fichier: C:\Windows\Tasks\Yahoo! Powered forad.job =>Adware.YahooPowered
TROUVÉ fichier: C:\Users\Bureau\AppData\Roaming\Colanid.exe =>Adware.GenericTask
TROUVÉ fichier: C:\Users\Bureau\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_d16fk4ms6rqz1v.cloudfront.net_0.localstorage =>.Superfluous.CloudfrontNet
TROUVÉ fichier: C:\Users\Bureau\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_d16fk4ms6rqz1v.cloudfront.net_0.localstorage-journal =>.Superfluous.CloudfrontNet
TROUVÉ fichier: C:\Users\Bureau\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_d22j4fzzszoii2.cloudfront.net_0.localstorage =>.Superfluous.CloudfrontNet
TROUVÉ fichier: C:\Users\Bureau\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_d22j4fzzszoii2.cloudfront.net_0.localstorage-journal =>.Superfluous.CloudfrontNet
TROUVÉ fichier: C:\Users\Bureau\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_fromdoctopdf.dl.myway.com_0.localstorage =>.Superfluous.MindSpark
TROUVÉ fichier: C:\Users\Bureau\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_fromdoctopdf.dl.myway.com_0.localstorage-journal =>.Superfluous.MindSpark
TROUVÉ fichier: C:\Users\Bureau\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_fromdoctopdf.dl.tb.ask.com_0.localstorage =>.Superfluous.MindSpark
TROUVÉ fichier: C:\Users\Bureau\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_fromdoctopdf.dl.tb.ask.com_0.localstorage-journal =>.Superfluous.MindSpark
TROUVÉ fichier: C:\Users\Bureau\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.audienceinsights.net_0.localstorage =>.Superfluous.AudienceInsights
TROUVÉ fichier: C:\Users\Bureau\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.audienceinsights.net_0.localstorage-journal =>.Superfluous.AudienceInsights
TROUVÉ fichier: C:\Users\Bureau\AppData\Local\EasyDocMergeTooltab\TooltabExtension.dll [Mindspark - Mindspark Tooltab Platform] =>PUP.Optional.MyWebSearch
TROUVÉ fichier: C:\Users\Bureau\AppData\Local\FromDocToPDFTooltab\TooltabExtension.dll [Mindspark - Mindspark Tooltab Platform] =>.Superfluous.MindSpark
TROUVÉ dossier: C:\Users\Bureau\AppData\Local\SlimWare Utilities Inc\DriverUpdate =>.Superfluous.SlimWareUtilities
TROUVÉ dossier: C:\Users\Bureau\AppData\Local\SlimWare Utilities Inc\Installers =>.Superfluous.SlimWareUtilities
TROUVÉ dossier: C:\Users\Bureau\AppData\Local\EasyDocMergeTooltab =>PUP.Optional.MyWebSearch
TROUVÉ dossier: C:\Users\Bureau\AppData\Local\FromDocToPDFTooltab =>.Superfluous.MindSpark
TROUVÉ dossier: C:\Users\Bureau\AppData\Local\SlimWare Utilities Inc =>.Superfluous.SlimWareUtilities
TROUVÉ dossier: C:\Users\Bureau\AppData\Local\EasyDocMergeTooltab =>.Superfluous.MindSpark
---\\ Base de Registres ( Clés, Valeurs, Données ). (26)
TROUVÉ clé: HKCU\SOFTWARE\Google\Chrome\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce [] =>.Superfluous.SearchManager
TROUVÉ clé: HKEY_USERS\S-1-5-21-1205918481-316555937-3933596391-1001\SOFTWARE\EasyDocMerge [] =>PUP.Optional.MyWebSearch
TROUVÉ clé: HKEY_USERS\S-1-5-21-1205918481-316555937-3933596391-1001\SOFTWARE\FromDocToPDF [] =>.Superfluous.MindSpark
TROUVÉ clé: HKEY_USERS\S-1-5-21-1205918481-316555937-3933596391-1001\SOFTWARE\nuevos-programas.com [] =>PUP.Optional.Generic
TROUVÉ clé: HKCU\Software\EasyDocMerge [] =>PUP.Optional.MyWebSearch
TROUVÉ clé: HKCU\Software\FromDocToPDF [] =>.Superfluous.MindSpark
TROUVÉ clé: HKCU\Software\nuevos-programas.com [] =>PUP.Optional.Generic
TROUVÉ clé: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\EasyDocMergeTooltab Uninstall Internet Explorer [Mindspark Interactive Network, Inc.] =>.Superfluous.MindSpark
TROUVÉ clé: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\FromDocToPDFTooltab Uninstall Internet Explorer [Mindspark Interactive Network, Inc.] =>.Superfluous.MindSpark
TROUVÉ clé: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\atwola.com [] =>.Superfluous.Atwola
TROUVÉ clé: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\ol.uk.at.atwola.com [] =>.Superfluous.Atwola
TROUVÉ clé: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\atwola.com [] =>.Superfluous.Atwola
TROUVÉ clé: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\ol.uk.at.atwola.com [123] =>.Superfluous.Atwola
TROUVÉ clé: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\atwola.com [] =>.Superfluous.Atwola
TROUVÉ clé: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\d16fk4ms6rqz1v.cloudfront.net [1208] =>.Superfluous.CloudfrontNet
TROUVÉ clé: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\downspeedtest.dl.myway.com [12] =>.Superfluous.MindSpark
TROUVÉ clé: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\easydocmerge.dl.myway.com [1983] =>PUP.Optional.MyWebSearch
TROUVÉ clé: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\fromdoctopdf.dl.myway.com [1472] =>.Superfluous.MindSpark
TROUVÉ clé: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\ol.uk.at.atwola.com [794] =>.Superfluous.Atwola
TROUVÉ clé: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\productivityboss.dl.myway.com [12] =>.Superfluous.MindSpark
TROUVÉ clé: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\softonic.com [] =>.Superfluous.Softonic
TROUVÉ clé: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\static.audienceinsights.net [43] =>.Superfluous.AudienceInsights
TROUVÉ clé: HKCU\Software\csastats [] =>Adware.InstallCore
TROUVÉ clé: HKCU\Software\ProductSetup [] =>Adware.InstallCore
TROUVÉ clé: [X64] HKLM\SOFTWARE\Wow6432Node\SlimWare Utilities Inc [] =>.Superfluous.SlimWareUtilities
TROUVÉ clé: [X64] HKLM\SOFTWARE\Wow6432Node\SlimWare Utilities, Inc. [] =>.Superfluous.SlimWareUtilities
---\\ Récapitulatif des éléments trouvés sur votre station. (16)
https://nicolascoolman.eu/2017/02/23/adware-bandoo/ =>Adware.Bandoo
https://nicolascoolman.eu/2017/01/15/superfluous-mindspark/ =>.Superfluous.MindSpark
https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>Adware.YahooPowered
https://nicolascoolman.eu/2017/01/28/heuristic-suspect/ =>Heuristic.Suspect
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.Superfluous.SearchManager
https://nicolascoolman.eu/2017/02/25/adware-pirrit/ =>Adware.Pirrit
https://nicolascoolman.eu/2017/03/02/adware-suspect/ =>Adware.Suspect
https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>Adware.GenericTask
https://nicolascoolman.eu/2017/02/02/superfluous-cloudfrontnet/ =>.Superfluous.CloudfrontNet
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.Superfluous.AudienceInsights
https://www.nicolascoolman.com/fr/adware-mywebsearch/ =>PUP.Optional.MyWebSearch
https://nicolascoolman.eu/2017/03/03/superfluous-slimwareutilities/ =>.Superfluous.SlimWareUtilities
https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>PUP.Optional.Generic
https://nicolascoolman.eu/2017/02/04/superfluous-atwola/ =>.Superfluous.Atwola
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.Superfluous.Softonic
https://nicolascoolman.eu/2017/03/12/adware-installcore-2/ =>Adware.InstallCore
---\\ Bilan de la réparation
~ Aucune réparation effectuée.
~ Ce navigateur est absent (Opera Software)
---\\ Statistiques
~ Items scannés : 90733
~ Items trouvés : 119
~ Items annulés : 0
~ Items réparés : 0
~ End of search in 00h06mn11s
~====================
ZHPCleaner-[S]-02082017-20_47_16.txt
~ Run by Bureau (Administrator) (02/08/2017 20:41:05)
~ Web: https://www.nicolascoolman.com
~ Blog: https://nicolascoolman.eu/
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Version OK
~ Certificate ZHPCleaner: Legal
~ Type : Scanner
~ Report : C:\Users\Bureau\Desktop\ZHPCleaner.txt
~ Quarantine : C:\Users\Bureau\AppData\Roaming\ZHP\ZHPCleaner_Reg.txt
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
Windows 10 Home, 64-bit (Build 15063)
---\\ Service. (0)
~ Aucun élément malicieux ou superflu trouvé.
---\\ Navigateur internet. (54)
TROUVÉ: [n30ikmkg.default] - user_pref("extensions.toolbar.mindspark._65Members_.BUTTON_STRUCTURE", "[{\"b\":232130312,\"c\":\"mi[...] =>Adware.Bandoo
TROUVÉ: [n30ikmkg.default] - user_pref("extensions.toolbar.mindspark._65Members_.browser.startup.homepage.prev", "https://fr.sear[...] =>Adware.Bandoo
TROUVÉ: [n30ikmkg.default] - user_pref("extensions.toolbar.mindspark._65Members_.browser.startup.homepage.savedPrev", "true"); =>Adware.Bandoo
TROUVÉ: [n30ikmkg.default] - user_pref("extensions.toolbar.mindspark._65Members_.browser.startup.homepage.tb", "http://hp.myway.c[...] =>Adware.Bandoo
TROUVÉ: [n30ikmkg.default] - user_pref("extensions.toolbar.mindspark._65Members_.browser.startup.page.savedPrev", 1); =>Adware.Bandoo
TROUVÉ: [n30ikmkg.default] - user_pref("extensions.toolbar.mindspark._65Members_.browser.startup.page.tb", 1); =>Adware.Bandoo
TROUVÉ: [n30ikmkg.default] - user_pref("extensions.toolbar.mindspark._65Members_.browser.version.last", "53.0"); =>Adware.Bandoo
TROUVÉ: [n30ikmkg.default] - user_pref("extensions.toolbar.mindspark._65Members_.coId", "1c6c5d1dd68b41a68af0bd3e904d95dc"); =>Adware.Bandoo
TROUVÉ: [n30ikmkg.default] - user_pref("extensions.toolbar.mindspark._65Members_.firefoxSearchExtensionEnabled", "true"); =>Adware.Bandoo
TROUVÉ: [n30ikmkg.default] - user_pref("extensions.toolbar.mindspark._65Members_.firstKnownVersion", "7.800.11.26973"); =>Adware.Bandoo
TROUVÉ: [n30ikmkg.default] - user_pref("extensions.toolbar.mindspark._65Members_.homepage", "http://hp.myway.com/fromdoctopdf/LMF[...] =>Adware.Bandoo
TROUVÉ: [n30ikmkg.default] - user_pref("extensions.toolbar.mindspark._65Members_.hp.enabled", false); =>Adware.Bandoo
TROUVÉ: [n30ikmkg.default] - user_pref("extensions.toolbar.mindspark._65Members_.hp.guardType", "HPR"); =>Adware.Bandoo
TROUVÉ: [n30ikmkg.default] - user_pref("extensions.toolbar.mindspark._65Members_.initialized", true); =>Adware.Bandoo
TROUVÉ: [n30ikmkg.default] - user_pref("extensions.toolbar.mindspark._65Members_.installType", "XPI"); =>Adware.Bandoo
TROUVÉ: [n30ikmkg.default] - user_pref("extensions.toolbar.mindspark._65Members_.installation.dlpCountryCode", "FR"); =>Adware.Bandoo
TROUVÉ: [n30ikmkg.default] - user_pref("extensions.toolbar.mindspark._65Members_.installation.installDate", "2017050110"); =>Adware.Bandoo
TROUVÉ: [n30ikmkg.default] - user_pref("extensions.toolbar.mindspark._65Members_.installation.partnerId", "^Y6^xdm197^LMFRFR^fr")[...] =>Adware.Bandoo
TROUVÉ: [n30ikmkg.default] - user_pref("extensions.toolbar.mindspark._65Members_.installation.partnerSubId", "CIzAvZagztMCFcm6Gwo[...] =>Adware.Bandoo
TROUVÉ: [n30ikmkg.default] - user_pref("extensions.toolbar.mindspark._65Members_.installation.pixelUrl", "http://download.fromdoc[...] =>Adware.Bandoo
TROUVÉ: [n30ikmkg.default] - user_pref("extensions.toolbar.mindspark._65Members_.installation.success", true); =>Adware.Bandoo
TROUVÉ: [n30ikmkg.default] - user_pref("extensions.toolbar.mindspark._65Members_.installation.toolbarDataSource", "[\"COOKIE\",\"[...] =>Adware.Bandoo
TROUVÉ: [n30ikmkg.default] - user_pref("extensions.toolbar.mindspark._65Members_.installation.toolbarId", "7AFF7637-74F7-4E61-9CC[...] =>Adware.Bandoo
TROUVÉ: [n30ikmkg.default] - user_pref("extensions.toolbar.mindspark._65Members_.lastActivePing", "1493920574634"); =>Adware.Bandoo
TROUVÉ: [n30ikmkg.default] - user_pref("extensions.toolbar.mindspark._65Members_.lastKnownVersion", "7.800.11.26973"); =>Adware.Bandoo
TROUVÉ: [n30ikmkg.default] - user_pref("extensions.toolbar.mindspark._65Members_.lssState", "{\"previousLocales\":[\"fr\",\"fr-FR[...] =>Adware.Bandoo
TROUVÉ: [n30ikmkg.default] - user_pref("extensions.toolbar.mindspark._65Members_.options.defaultSearch", false); =>Adware.Bandoo
TROUVÉ: [n30ikmkg.default] - user_pref("extensions.toolbar.mindspark._65Members_.options.homePageEnabled", true); =>Adware.Bandoo
TROUVÉ: [n30ikmkg.default] - user_pref("extensions.toolbar.mindspark._65Members_.options.keywordEnabled", false); =>Adware.Bandoo
TROUVÉ: [n30ikmkg.default] - user_pref("extensions.toolbar.mindspark._65Members_.options.tabEnabled", true); =>Adware.Bandoo
TROUVÉ: [n30ikmkg.default] - user_pref("extensions.toolbar.mindspark._65Members_.partnerPixelFired", true); =>Adware.Bandoo
TROUVÉ: [n30ikmkg.default] - user_pref("extensions.toolbar.mindspark._65Members_.productDeliveryOption.language", "fr"); =>Adware.Bandoo
TROUVÉ: [n30ikmkg.default] - user_pref("extensions.toolbar.mindspark._65Members_.productDeliveryOption.newTabURL", "http://hp.myw[...] =>Adware.Bandoo
TROUVÉ: [n30ikmkg.default] - user_pref("extensions.toolbar.mindspark._65Members_.productDeliveryOption.type", "ToolTab"); =>Adware.Bandoo
TROUVÉ: [n30ikmkg.default] - user_pref("extensions.toolbar.mindspark._65Members_.successUrl", "http://fromdoctopdf.dl.tb.ask.com/[...] =>Adware.Bandoo
TROUVÉ: [n30ikmkg.default] - user_pref("extensions.toolbar.mindspark._65Members_.toolbarCollapsed", false); =>Adware.Bandoo
TROUVÉ: [n30ikmkg.default] - user_pref("extensions.toolbar.mindspark._65Members_.uninstallSurveyUrl", "http://www.research.net/r/[...] =>Adware.Bandoo
TROUVÉ: [n30ikmkg.default] - user_pref("extensions.toolbar.mindspark._65Members_.uninstallTasks", "{\"prefBranchesToDelete\":[\"e[...] =>Adware.Bandoo
TROUVÉ: [n30ikmkg.default] - user_pref("extensions.toolbar.mindspark.hp.enabled", true); =>Adware.Bandoo
TROUVÉ: [n30ikmkg.default] - user_pref("extensions.toolbar.mindspark.hp.enabled.guid", "fromdoctopdf@mindspark.com"); =>Adware.Bandoo
TROUVÉ: [n30ikmkg.default] - user_pref("extensions.toolbar.mindspark.lastInstalled", "fromdoctopdf@mindspark.com"); =>Adware.Bandoo
TROUVÉ: [n30ikmkg.default] - user_pref("extensions.xpiState", "{\"app-profile\":{\"_65Members_@download.fromdoctopdf.com\":{\"d\"[...] =>.Superfluous.MindSpark
TROUVÉ fichier: C:\Users\Bureau\AppData\Roaming\Mozilla\Firefox\Profiles\n30ikmkg.default\Extensions\_65Members_@download.fromdoctopdf.com\bootstrap.js =>.Superfluous.MindSpark
TROUVÉ fichier: C:\Users\Bureau\AppData\Roaming\Mozilla\Firefox\Profiles\n30ikmkg.default\Extensions\_65Members_@download.fromdoctopdf.com\chrome =>.Superfluous.MindSpark
TROUVÉ fichier: C:\Users\Bureau\AppData\Roaming\Mozilla\Firefox\Profiles\n30ikmkg.default\Extensions\_65Members_@download.fromdoctopdf.com\chrome.manifest =>.Superfluous.MindSpark
TROUVÉ fichier: C:\Users\Bureau\AppData\Roaming\Mozilla\Firefox\Profiles\n30ikmkg.default\Extensions\_65Members_@download.fromdoctopdf.com\chrome.manifest.restartless =>.Superfluous.MindSpark
TROUVÉ fichier: C:\Users\Bureau\AppData\Roaming\Mozilla\Firefox\Profiles\n30ikmkg.default\Extensions\_65Members_@download.fromdoctopdf.com\install.rdf =>.Superfluous.MindSpark
TROUVÉ fichier: C:\Users\Bureau\AppData\Roaming\Mozilla\Firefox\Profiles\n30ikmkg.default\Extensions\_65Members_@download.fromdoctopdf.com\META-INF =>.Superfluous.MindSpark
TROUVÉ dossier: C:\Users\Bureau\AppData\Roaming\Mozilla\Firefox\Profiles\n30ikmkg.default\Extensions\_65Members_@download.fromdoctopdf.com =>.Superfluous.MindSpark
TROUVÉ fichier: C:\Users\Bureau\AppData\Roaming\Mozilla\Firefox\Profiles\n30ikmkg.default\FromDocToPDF_65\7AFF7637-74F7-4E61-9CC9-7D72DDE205A4.sqlite =>.Superfluous.MindSpark
TROUVÉ fichier: C:\Users\Bureau\AppData\Roaming\Mozilla\Firefox\Profiles\n30ikmkg.default\extensions\_65Members_@download.fromdoctopdf.com\META-INF\manifest.mf =>.Superfluous.MindSpark
TROUVÉ fichier: C:\Users\Bureau\AppData\Roaming\Mozilla\Firefox\Profiles\n30ikmkg.default\extensions\_65Members_@download.fromdoctopdf.com\META-INF\mozilla.rsa =>.Superfluous.MindSpark
TROUVÉ fichier: C:\Users\Bureau\AppData\Roaming\Mozilla\Firefox\Profiles\n30ikmkg.default\extensions\_65Members_@download.fromdoctopdf.com\META-INF\mozilla.sf =>.Superfluous.MindSpark
TROUVÉ fichier: C:\Users\Bureau\AppData\Roaming\Mozilla\Firefox\Profiles\n30ikmkg.default\extensions\_65Members_@download.fromdoctopdf.com\chrome\ffxtbr.jar =>.Superfluous.MindSpark
---\\ Fichier hôte. (1)
~ Le fichier hôte est légitime. (21)
---\\ Tâche planifiée. (3)
TROUVÉ tâche: [Yahoo! Powered forad] [C:\Windows\System32\wscript.exe] =>Adware.YahooPowered
TROUVÉ tâche: [Bing Search Engine forad] [C:\WINDOWS\Tasks\Bing Search Engine forad.job] =>Heuristic.Suspect
TROUVÉ tâche: [Yahoo! Powered forad] [C:\WINDOWS\Tasks\Yahoo! Powered forad.job] =>Adware.YahooPowered
---\\ Explorateur ( Dossiers, Fichiers ). (25)
TROUVÉ fichier: C:\Users\Bureau\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_nahhmpbckpgdidfnmfkfgiflpjijilce_0.localstorage =>.Superfluous.SearchManager
TROUVÉ dossier: C:\Users\Bureau\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce =>.Superfluous.SearchManager
TROUVÉ fichier: C:\Users\Bureau\AppData\Roaming\Colanid.exe =>Adware.Pirrit
TROUVÉ fichier: C:\Users\Bureau\AppData\Roaming\Colanid.exe =>Adware.Suspect
TROUVÉ fichier: C:\Windows\Tasks\Bing Search Engine forad.job =>Heuristic.Suspect
TROUVÉ fichier: C:\Windows\Tasks\Yahoo! Powered forad.job =>Adware.YahooPowered
TROUVÉ fichier: C:\Users\Bureau\AppData\Roaming\Colanid.exe =>Adware.GenericTask
TROUVÉ fichier: C:\Users\Bureau\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_d16fk4ms6rqz1v.cloudfront.net_0.localstorage =>.Superfluous.CloudfrontNet
TROUVÉ fichier: C:\Users\Bureau\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_d16fk4ms6rqz1v.cloudfront.net_0.localstorage-journal =>.Superfluous.CloudfrontNet
TROUVÉ fichier: C:\Users\Bureau\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_d22j4fzzszoii2.cloudfront.net_0.localstorage =>.Superfluous.CloudfrontNet
TROUVÉ fichier: C:\Users\Bureau\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_d22j4fzzszoii2.cloudfront.net_0.localstorage-journal =>.Superfluous.CloudfrontNet
TROUVÉ fichier: C:\Users\Bureau\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_fromdoctopdf.dl.myway.com_0.localstorage =>.Superfluous.MindSpark
TROUVÉ fichier: C:\Users\Bureau\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_fromdoctopdf.dl.myway.com_0.localstorage-journal =>.Superfluous.MindSpark
TROUVÉ fichier: C:\Users\Bureau\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_fromdoctopdf.dl.tb.ask.com_0.localstorage =>.Superfluous.MindSpark
TROUVÉ fichier: C:\Users\Bureau\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_fromdoctopdf.dl.tb.ask.com_0.localstorage-journal =>.Superfluous.MindSpark
TROUVÉ fichier: C:\Users\Bureau\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.audienceinsights.net_0.localstorage =>.Superfluous.AudienceInsights
TROUVÉ fichier: C:\Users\Bureau\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.audienceinsights.net_0.localstorage-journal =>.Superfluous.AudienceInsights
TROUVÉ fichier: C:\Users\Bureau\AppData\Local\EasyDocMergeTooltab\TooltabExtension.dll [Mindspark - Mindspark Tooltab Platform] =>PUP.Optional.MyWebSearch
TROUVÉ fichier: C:\Users\Bureau\AppData\Local\FromDocToPDFTooltab\TooltabExtension.dll [Mindspark - Mindspark Tooltab Platform] =>.Superfluous.MindSpark
TROUVÉ dossier: C:\Users\Bureau\AppData\Local\SlimWare Utilities Inc\DriverUpdate =>.Superfluous.SlimWareUtilities
TROUVÉ dossier: C:\Users\Bureau\AppData\Local\SlimWare Utilities Inc\Installers =>.Superfluous.SlimWareUtilities
TROUVÉ dossier: C:\Users\Bureau\AppData\Local\EasyDocMergeTooltab =>PUP.Optional.MyWebSearch
TROUVÉ dossier: C:\Users\Bureau\AppData\Local\FromDocToPDFTooltab =>.Superfluous.MindSpark
TROUVÉ dossier: C:\Users\Bureau\AppData\Local\SlimWare Utilities Inc =>.Superfluous.SlimWareUtilities
TROUVÉ dossier: C:\Users\Bureau\AppData\Local\EasyDocMergeTooltab =>.Superfluous.MindSpark
---\\ Base de Registres ( Clés, Valeurs, Données ). (26)
TROUVÉ clé: HKCU\SOFTWARE\Google\Chrome\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce [] =>.Superfluous.SearchManager
TROUVÉ clé: HKEY_USERS\S-1-5-21-1205918481-316555937-3933596391-1001\SOFTWARE\EasyDocMerge [] =>PUP.Optional.MyWebSearch
TROUVÉ clé: HKEY_USERS\S-1-5-21-1205918481-316555937-3933596391-1001\SOFTWARE\FromDocToPDF [] =>.Superfluous.MindSpark
TROUVÉ clé: HKEY_USERS\S-1-5-21-1205918481-316555937-3933596391-1001\SOFTWARE\nuevos-programas.com [] =>PUP.Optional.Generic
TROUVÉ clé: HKCU\Software\EasyDocMerge [] =>PUP.Optional.MyWebSearch
TROUVÉ clé: HKCU\Software\FromDocToPDF [] =>.Superfluous.MindSpark
TROUVÉ clé: HKCU\Software\nuevos-programas.com [] =>PUP.Optional.Generic
TROUVÉ clé: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\EasyDocMergeTooltab Uninstall Internet Explorer [Mindspark Interactive Network, Inc.] =>.Superfluous.MindSpark
TROUVÉ clé: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\FromDocToPDFTooltab Uninstall Internet Explorer [Mindspark Interactive Network, Inc.] =>.Superfluous.MindSpark
TROUVÉ clé: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\atwola.com [] =>.Superfluous.Atwola
TROUVÉ clé: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\ol.uk.at.atwola.com [] =>.Superfluous.Atwola
TROUVÉ clé: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\atwola.com [] =>.Superfluous.Atwola
TROUVÉ clé: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\ol.uk.at.atwola.com [123] =>.Superfluous.Atwola
TROUVÉ clé: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\atwola.com [] =>.Superfluous.Atwola
TROUVÉ clé: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\d16fk4ms6rqz1v.cloudfront.net [1208] =>.Superfluous.CloudfrontNet
TROUVÉ clé: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\downspeedtest.dl.myway.com [12] =>.Superfluous.MindSpark
TROUVÉ clé: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\easydocmerge.dl.myway.com [1983] =>PUP.Optional.MyWebSearch
TROUVÉ clé: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\fromdoctopdf.dl.myway.com [1472] =>.Superfluous.MindSpark
TROUVÉ clé: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\ol.uk.at.atwola.com [794] =>.Superfluous.Atwola
TROUVÉ clé: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\productivityboss.dl.myway.com [12] =>.Superfluous.MindSpark
TROUVÉ clé: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\softonic.com [] =>.Superfluous.Softonic
TROUVÉ clé: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\static.audienceinsights.net [43] =>.Superfluous.AudienceInsights
TROUVÉ clé: HKCU\Software\csastats [] =>Adware.InstallCore
TROUVÉ clé: HKCU\Software\ProductSetup [] =>Adware.InstallCore
TROUVÉ clé: [X64] HKLM\SOFTWARE\Wow6432Node\SlimWare Utilities Inc [] =>.Superfluous.SlimWareUtilities
TROUVÉ clé: [X64] HKLM\SOFTWARE\Wow6432Node\SlimWare Utilities, Inc. [] =>.Superfluous.SlimWareUtilities
---\\ Récapitulatif des éléments trouvés sur votre station. (16)
https://nicolascoolman.eu/2017/02/23/adware-bandoo/ =>Adware.Bandoo
https://nicolascoolman.eu/2017/01/15/superfluous-mindspark/ =>.Superfluous.MindSpark
https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>Adware.YahooPowered
https://nicolascoolman.eu/2017/01/28/heuristic-suspect/ =>Heuristic.Suspect
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.Superfluous.SearchManager
https://nicolascoolman.eu/2017/02/25/adware-pirrit/ =>Adware.Pirrit
https://nicolascoolman.eu/2017/03/02/adware-suspect/ =>Adware.Suspect
https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>Adware.GenericTask
https://nicolascoolman.eu/2017/02/02/superfluous-cloudfrontnet/ =>.Superfluous.CloudfrontNet
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.Superfluous.AudienceInsights
https://www.nicolascoolman.com/fr/adware-mywebsearch/ =>PUP.Optional.MyWebSearch
https://nicolascoolman.eu/2017/03/03/superfluous-slimwareutilities/ =>.Superfluous.SlimWareUtilities
https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>PUP.Optional.Generic
https://nicolascoolman.eu/2017/02/04/superfluous-atwola/ =>.Superfluous.Atwola
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.Superfluous.Softonic
https://nicolascoolman.eu/2017/03/12/adware-installcore-2/ =>Adware.InstallCore
---\\ Bilan de la réparation
~ Aucune réparation effectuée.
~ Ce navigateur est absent (Opera Software)
---\\ Statistiques
~ Items scannés : 90733
~ Items trouvés : 119
~ Items annulés : 0
~ Items réparés : 0
~ End of search in 00h06mn11s
~====================
ZHPCleaner-[S]-02082017-20_47_16.txt