Publicité
Publicité
Format du document : text/plain
Prévisualisation
~ ZHPCleaner v2017.8.15.140 by Nicolas Coolman (2017/08/15)
~ Run by annette (Administrator) (25/08/2017 13:35:24)
~ Web: https://www.nicolascoolman.com
~ Blog: https://nicolascoolman.eu/
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Version OK
~ Certificate ZHPCleaner: Illegal
~ Type : Nettoyer
~ Report : C:\Users\annette\Desktop\ZHPCleaner.txt
~ Quarantine : C:\Users\annette\AppData\Roaming\ZHP\ZHPCleaner_Reg.txt
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
Windows 7 Home Premium, 64-bit Service Pack 1 (Build 7601)
---\\ Service. (1)
ARRETÉ : ProductivityBoss_e5Service =>.SUP.MindSpark
---\\ Navigateur internet. (2)
REMPLACÉ Google Chrome Preferences: "http://d36s9hlc2vimc.cloudfront.net/" =>.SUP.CloudfrontNet
REMPLACÉ IE Params: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page [http://home.tb.ask.com/index.jhtml?n=781C4E0E&p2=^BYM^xdm009^YYA^fr&ptb=A0F17B51[...]] =>Toolbar.Ask
---\\ Fichier hôte. (1)
~ Le fichier hôte est légitime. (21)
---\\ Tâche planifiée. (0)
~ Aucun élément malicieux ou superflu trouvé.
---\\ Explorateur ( Dossiers, Fichiers ). (13)
DEPLACÉ fichier: C:\Program Files (x86)\ProductivityBoss_e5\bar\1.bin\e5SrcAs.dll [Mindspark - Mindspark Toolbar Platform] =>.SUP.MindSpark
DEPLACÉ fichier: C:\Program Files (x86)\ProductivityBoss_e5\bar\1.bin\e5barsvc.exe [Mindspark - Mindspark Toolbar Platform] =>.SUP.MindSpark
DEPLACÉ fichier**: C:\Users\annette\Downloads\cacaoweb (1).exe =>.SUP.CacaoWeb
DEPLACÉ fichier**: C:\Users\annette\Downloads\cacaoweb.exe =>.SUP.CacaoWeb
DEPLACÉ fichier**: C:\Users\annette\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_embedftv-a.akamaihd.net_0.localstorage =>.SUP.AkamaiHD
DEPLACÉ fichier**: C:\Users\annette\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_embedftv-a.akamaihd.net_0.localstorage-journal =>.SUP.AkamaiHD
DEPLACÉ fichier**: C:\Users\annette\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_st.chatango.com_0.localstorage =>PUP.Optional.Chatango
DEPLACÉ fichier**: C:\Users\annette\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_st.chatango.com_0.localstorage-journal =>PUP.Optional.Chatango
DEPLACÉ fichier^: C:\Users\annette\AppData\Roaming\cacaoweb\cacaoweb.exe =>.SUP.CacaoWeb
DEPLACÉ dossier^: C:\Program Files (x86)\ProductivityBoss_e5 =>.SUP.MindSpark
DEPLACÉ dossier*: C:\ProgramData\Partner =>Toolbar.YahooPartner
DEPLACÉ dossier^: C:\Users\annette\AppData\Roaming\cacaoweb =>.SUP.CacaoWeb
DEPLACÉ dossier*: C:\Users\annette\AppData\LocalLow\ProductivityBoss_e5 =>.SUP.MindSpark
---\\ Base de Registres ( Clés, Valeurs, Données ). (71)
SUPPRIMÉ valeur: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{ea729df7-fea8-443c-8781-327fa3ab7529} [ProductivityBoss] =>.SUP.MindSpark
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5754a7f4-5cb7-4287-8354-170a8c185349} [] =>.SUP.MindSpark
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{5754a7f4-5cb7-4287-8354-170a8c185349} [] =>.SUP.MindSpark
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5754a7f4-5cb7-4287-8354-170a8c185349} [] =>.SUP.MindSpark
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{5754a7f4-5cb7-4287-8354-170a8c185349} [Search Assistant BHO] =>.SUP.MindSpark
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\SystemCertificates\Disallowed\Certificates\1916A2AF346D399F50313C393200F14140456616 [Avast Software] =>PUM.Misplaced.Certificate
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\SystemCertificates\Disallowed\Certificates\2A83E9020591A55FC6DDAD3FB102794C52B24E70 [Avast Software] =>PUM.Misplaced.Certificate
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\SystemCertificates\Disallowed\Certificates\2B84BFBB34EE2EF949FE1CBE30AA026416EB2216 [Avast Software] =>PUM.Misplaced.Certificate
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\SystemCertificates\Disallowed\Certificates\305F8BD17AA2CBC483A4C41B19A39A0C75DA39D6 [Avast Software] =>PUM.Misplaced.Certificate
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\SystemCertificates\Disallowed\Certificates\367D4B3B4FCBBC0B767B2EC0CDB2A36EAB71A4EB [Avast Software] =>PUM.Misplaced.Certificate
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\SystemCertificates\Disallowed\Certificates\3A850044D8A195CD401A680C012CB0A3B5F8DC08 [Avast Software] =>PUM.Misplaced.Certificate
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\SystemCertificates\Disallowed\Certificates\40AA38731BD189F9CDB5B9DC35E2136F38777AF4 [Avast Software] =>PUM.Misplaced.Certificate
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\SystemCertificates\Disallowed\Certificates\43D9BCB568E039D073A74A71D8511F7476089CC3 [Avast Software] =>PUM.Misplaced.Certificate
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\SystemCertificates\Disallowed\Certificates\471C949A8143DB5AD5CDF1C972864A2504FA23C9 [Avast Software] =>PUM.Misplaced.Certificate
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\SystemCertificates\Disallowed\Certificates\51C3247D60F356C7CA3BAF4C3F429DAC93EE7B74 [Avast Software] =>PUM.Misplaced.Certificate
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\SystemCertificates\Disallowed\Certificates\5DE83EE82AC5090AEA9D6AC4E7A6E213F946E179 [Avast Software] =>PUM.Misplaced.Certificate
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\SystemCertificates\Disallowed\Certificates\61793FCBFA4F9008309BBA5FF12D2CB29CD4151A [Avast Software] =>PUM.Misplaced.Certificate
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\SystemCertificates\Disallowed\Certificates\637162CC59A3A1E25956FA5FA8F60D2E1C52EAC6 [Avast Software] =>PUM.Misplaced.Certificate
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\SystemCertificates\Disallowed\Certificates\63FEAE960BAA91E343CE2BD8B71798C76BDB77D0 [Avast Software] =>PUM.Misplaced.Certificate
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\SystemCertificates\Disallowed\Certificates\6431723036FD26DEA502792FA595922493030F97 [Avast Software] =>PUM.Misplaced.Certificate
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\SystemCertificates\Disallowed\Certificates\7D7F4414CCEF168ADF6BF40753B5BECD78375931 [Avast Software] =>PUM.Misplaced.Certificate
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\SystemCertificates\Disallowed\Certificates\80962AE4D6C5B442894E95A13E4A699E07D694CF [Avast Software] =>PUM.Misplaced.Certificate
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\SystemCertificates\Disallowed\Certificates\86E817C81A5CA672FE000F36F878C19518D6F844 [Avast Software] =>PUM.Misplaced.Certificate
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\SystemCertificates\Disallowed\Certificates\8E5BD50D6AE686D65252F843A9D4B96D197730AB [Avast Software] =>PUM.Misplaced.Certificate
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\SystemCertificates\Disallowed\Certificates\9845A431D51959CAF225322B4A4FE9F223CE6D15 [Avast Software] =>PUM.Misplaced.Certificate
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\SystemCertificates\Disallowed\Certificates\B533345D06F64516403C00DA03187D3BFEF59156 [Avast Software] =>PUM.Misplaced.Certificate
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\SystemCertificates\Disallowed\Certificates\B86E791620F759F17B8D25E38CA8BE32E7D5EAC2 [Avast Software] =>PUM.Misplaced.Certificate
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\SystemCertificates\Disallowed\Certificates\C060ED44CBD881BD0EF86C0BA287DDCF8167478C [Avast Software] =>PUM.Misplaced.Certificate
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\SystemCertificates\Disallowed\Certificates\CEA586B2CE593EC7D939898337C57814708AB2BE [Avast Software] =>PUM.Misplaced.Certificate
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\SystemCertificates\Disallowed\Certificates\D018B62DC518907247DF50925BB09ACF4A5CB3AD [Avast Software] =>PUM.Misplaced.Certificate
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\SystemCertificates\Disallowed\Certificates\F8A54E03AADC5692B850496A4C4630FFEAA29D83 [Avast Software] =>PUM.Misplaced.Certificate
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\SystemCertificates\Disallowed\Certificates\FA6660A94AB45F6A88C0D7874D89A863D74DEE97 [Avast Software] =>PUM.Misplaced.Certificate
SUPPRIMÉ clé*: HKLM\SYSTEM\CurrentControlSet\Services\ProductivityBoss_e5Service [C:\Program Files (x86)\ProductivityBoss_e5\bar\1.bin\e5barsvc.exe (Not File)] =>.SUP.MindSpark
SUPPRIMÉ clé*: HKEY_USERS\S-1-5-21-1261310312-2217980482-3019925994-1000\SOFTWARE\cacaoweb [C:\Users\annette\AppData\Roaming\cacaoweb\cacaoweb.exe] =>.SUP.CacaoWeb
SUPPRIMÉ clé: HKCU\Software\cacaoweb [C:\Users\annette\AppData\Roaming\cacaoweb\cacaoweb.exe] =>.SUP.CacaoWeb
SUPPRIMÉ clé*: HKCU\Software\AppDataLow\Software\ProductivityBoss_e5 [] =>.SUP.MindSpark
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\ask.com [] =>Toolbar.Ask
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\atwola.com [] =>.SUP.Atwola
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\d16fk4ms6rqz1v.cloudfront.net [] =>.SUP.CloudfrontNet
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\d22j4fzzszoii2.cloudfront.net [] =>.SUP.CloudfrontNet
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\downspeedtest.dl.myway.com [12] =>.SUP.MindSpark
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\downspeedtest.dl.tb.ask.com [12] =>.SUP.MindSpark
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\fromdoctopdf.dl.myway.com [12] =>.SUP.MindSpark
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\ol.uk.at.atwola.com [1041] =>.SUP.Atwola
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\productivityboss.dl.tb.ask.com [929] =>.SUP.MindSpark
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\static.audienceinsights.net [43] =>.SUP.AudienceInsights
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\static.olark.com [3856] =>PUP.Optional.Generic
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\totalrecipesearch.dl.tb.ask.com [990] =>Toolbar.Ask
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\uk.at.atwola.com [] =>.SUP.Atwola
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\ProductivityBoss_e5.HTMLMenu [ProductivityBoss_e5 HTML Menu] =>.SUP.MindSpark
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\ProductivityBoss_e5.HTMLMenu.1 [ProductivityBoss_e5 HTML Menu] =>.SUP.MindSpark
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\ProductivityBoss_e5.HTMLPanel [ProductivityBoss_e5 HTML Panel] =>.SUP.MindSpark
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\ProductivityBoss_e5.HTMLPanel.1 [ProductivityBoss_e5 HTML Panel] =>.SUP.MindSpark
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\ProductivityBoss_e5.PseudoTransparentPlugin [Pseudo Transparent Plugin] =>.SUP.MindSpark
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\ProductivityBoss_e5.PseudoTransparentPlugin.1 [Pseudo Transparent Plugin] =>.SUP.MindSpark
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\ProductivityBoss_e5.SettingsPlugin [] =>.SUP.MindSpark
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\ProductivityBoss_e5.SettingsPlugin.1 [] =>.SUP.MindSpark
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\ProductivityBoss_e5.ToolbarProtector [ProtectorControl Class] =>.SUP.MindSpark
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\ProductivityBoss_e5.ToolbarProtector.1 [ProtectorControl Class] =>.SUP.MindSpark
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\ProductivityBoss_e5 [] =>.SUP.MindSpark
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\ProductivityBoss_e5bar Uninstall Internet Explorer [Mindspark Interactive Network] =>.SUP.MindSpark
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\conduitinstaller_RASAPI32 [] =>.SUP.Conduit
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\conduitinstaller_RASMANCS [] =>.SUP.Conduit
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{190f204e-0647-415a-8d7d-3e8b8b296bcb} [C:\Program Files (x86)\ProductivityBoss_e5\bar\1.bin] =>.SUP.MindSpark
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{21f21da6-1b78-4981-9eef-f03d20ac7c42} [C:\Program Files (x86)\ProductivityBoss_e5\bar\1.bin] =>.SUP.MindSpark
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6a113a86-fde2-4c7b-8767-f1621865ebf5} [C:\Program Files (x86)\ProductivityBoss_e5\bar\1.bin] =>.SUP.MindSpark
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9b667db4-ae4b-4d59-a2a3-d12a41a2f2cf} [C:\Program Files (x86)\ProductivityBoss_e5\bar\1.bin] =>.SUP.MindSpark
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c37884b1-d4f6-4fc9-b12e-68df687499a5} [C:\Program Files (x86)\ProductivityBoss_e5\bar\1.bin] =>.SUP.MindSpark
SUPPRIMÉ valeur: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\cacaoweb ["C:\Users\annette\AppData\Roaming\cacaoweb\cacaoweb.exe" -noplayer] =>.SUP.CacaoWeb
SUPPRIMÉ valeur: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\TCP Query User{4EE30A52-E849-4617-9B76-04425A22B5B9}C:\users\annette\appdata\roaming\cacaoweb\cacaoweb.exe [C:\users\annette\appdata\roaming\cacaoweb\cacaoweb.exe] =>.SUP.CacaoWeb
SUPPRIMÉ valeur: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\UDP Query User{3E2BF94D-56D7-4BA8-83E0-8068BCBB1006}C:\users\annette\appdata\roaming\cacaoweb\cacaoweb.exe [C:\users\annette\appdata\roaming\cacaoweb\cacaoweb.exe] =>.SUP.CacaoWeb
---\\ Récapitulatif des éléments trouvés sur votre station. (12)
https://nicolascoolman.eu/2017/01/15/superfluous-mindspark/ =>.SUP.MindSpark
https://nicolascoolman.eu/2017/02/02/superfluous-cloudfrontnet/ =>.SUP.CloudfrontNet
https://nicolascoolman.eu/2017/02/28/toolbar-ask/ =>Toolbar.Ask
https://nicolascoolman.eu/2017/01/15/superfluous-cacaoweb/ =>.SUP.CacaoWeb
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.SUP.AkamaiHD
https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>PUP.Optional.Chatango
https://www.nicolascoolman.com/fr/?p=5143 =>Toolbar.YahooPartner
https://nicolascoolman.eu/2017/06/26/trojan-certlock/ =>PUM.Misplaced.Certificate
https://nicolascoolman.eu/2017/02/04/superfluous-atwola/ =>.SUP.Atwola
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.SUP.AudienceInsights
https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>PUP.Optional.Generic
https://nicolascoolman.eu/2017/02/06/superfluous-conduit/ =>.SUP.Conduit
---\\ Nettoyage Additionnel. (96)
~ Suppression des Clés de registre Tracing. (96)
~ Suppression des anciens rapports ZHPCleaner. (0)
---\\ Bilan de la réparation
~ Réparation réalisée avec succès.
~ Ce navigateur est absent (Mozilla Firefox)
~ Ce navigateur est absent (Opera Software)
~ Le système a été redémarré.
---\\ Statistiques
~ Items scannés : 621
~ Items trouvés : 0
~ Items annulés : 0
~ Items réparés : 87
~ End of clean in 00h01mn26s
~====================
ZHPCleaner-[R]-25082017-13_36_50.txt
ZHPCleaner-[S]-25082017-13_25_05.txt
~ Run by annette (Administrator) (25/08/2017 13:35:24)
~ Web: https://www.nicolascoolman.com
~ Blog: https://nicolascoolman.eu/
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Version OK
~ Certificate ZHPCleaner: Illegal
~ Type : Nettoyer
~ Report : C:\Users\annette\Desktop\ZHPCleaner.txt
~ Quarantine : C:\Users\annette\AppData\Roaming\ZHP\ZHPCleaner_Reg.txt
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
Windows 7 Home Premium, 64-bit Service Pack 1 (Build 7601)
---\\ Service. (1)
ARRETÉ : ProductivityBoss_e5Service =>.SUP.MindSpark
---\\ Navigateur internet. (2)
REMPLACÉ Google Chrome Preferences: "http://d36s9hlc2vimc.cloudfront.net/" =>.SUP.CloudfrontNet
REMPLACÉ IE Params: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page [http://home.tb.ask.com/index.jhtml?n=781C4E0E&p2=^BYM^xdm009^YYA^fr&ptb=A0F17B51[...]] =>Toolbar.Ask
---\\ Fichier hôte. (1)
~ Le fichier hôte est légitime. (21)
---\\ Tâche planifiée. (0)
~ Aucun élément malicieux ou superflu trouvé.
---\\ Explorateur ( Dossiers, Fichiers ). (13)
DEPLACÉ fichier: C:\Program Files (x86)\ProductivityBoss_e5\bar\1.bin\e5SrcAs.dll [Mindspark - Mindspark Toolbar Platform] =>.SUP.MindSpark
DEPLACÉ fichier: C:\Program Files (x86)\ProductivityBoss_e5\bar\1.bin\e5barsvc.exe [Mindspark - Mindspark Toolbar Platform] =>.SUP.MindSpark
DEPLACÉ fichier**: C:\Users\annette\Downloads\cacaoweb (1).exe =>.SUP.CacaoWeb
DEPLACÉ fichier**: C:\Users\annette\Downloads\cacaoweb.exe =>.SUP.CacaoWeb
DEPLACÉ fichier**: C:\Users\annette\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_embedftv-a.akamaihd.net_0.localstorage =>.SUP.AkamaiHD
DEPLACÉ fichier**: C:\Users\annette\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_embedftv-a.akamaihd.net_0.localstorage-journal =>.SUP.AkamaiHD
DEPLACÉ fichier**: C:\Users\annette\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_st.chatango.com_0.localstorage =>PUP.Optional.Chatango
DEPLACÉ fichier**: C:\Users\annette\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_st.chatango.com_0.localstorage-journal =>PUP.Optional.Chatango
DEPLACÉ fichier^: C:\Users\annette\AppData\Roaming\cacaoweb\cacaoweb.exe =>.SUP.CacaoWeb
DEPLACÉ dossier^: C:\Program Files (x86)\ProductivityBoss_e5 =>.SUP.MindSpark
DEPLACÉ dossier*: C:\ProgramData\Partner =>Toolbar.YahooPartner
DEPLACÉ dossier^: C:\Users\annette\AppData\Roaming\cacaoweb =>.SUP.CacaoWeb
DEPLACÉ dossier*: C:\Users\annette\AppData\LocalLow\ProductivityBoss_e5 =>.SUP.MindSpark
---\\ Base de Registres ( Clés, Valeurs, Données ). (71)
SUPPRIMÉ valeur: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{ea729df7-fea8-443c-8781-327fa3ab7529} [ProductivityBoss] =>.SUP.MindSpark
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5754a7f4-5cb7-4287-8354-170a8c185349} [] =>.SUP.MindSpark
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{5754a7f4-5cb7-4287-8354-170a8c185349} [] =>.SUP.MindSpark
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5754a7f4-5cb7-4287-8354-170a8c185349} [] =>.SUP.MindSpark
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{5754a7f4-5cb7-4287-8354-170a8c185349} [Search Assistant BHO] =>.SUP.MindSpark
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\SystemCertificates\Disallowed\Certificates\1916A2AF346D399F50313C393200F14140456616 [Avast Software] =>PUM.Misplaced.Certificate
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\SystemCertificates\Disallowed\Certificates\2A83E9020591A55FC6DDAD3FB102794C52B24E70 [Avast Software] =>PUM.Misplaced.Certificate
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\SystemCertificates\Disallowed\Certificates\2B84BFBB34EE2EF949FE1CBE30AA026416EB2216 [Avast Software] =>PUM.Misplaced.Certificate
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\SystemCertificates\Disallowed\Certificates\305F8BD17AA2CBC483A4C41B19A39A0C75DA39D6 [Avast Software] =>PUM.Misplaced.Certificate
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\SystemCertificates\Disallowed\Certificates\367D4B3B4FCBBC0B767B2EC0CDB2A36EAB71A4EB [Avast Software] =>PUM.Misplaced.Certificate
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\SystemCertificates\Disallowed\Certificates\3A850044D8A195CD401A680C012CB0A3B5F8DC08 [Avast Software] =>PUM.Misplaced.Certificate
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\SystemCertificates\Disallowed\Certificates\40AA38731BD189F9CDB5B9DC35E2136F38777AF4 [Avast Software] =>PUM.Misplaced.Certificate
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\SystemCertificates\Disallowed\Certificates\43D9BCB568E039D073A74A71D8511F7476089CC3 [Avast Software] =>PUM.Misplaced.Certificate
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\SystemCertificates\Disallowed\Certificates\471C949A8143DB5AD5CDF1C972864A2504FA23C9 [Avast Software] =>PUM.Misplaced.Certificate
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\SystemCertificates\Disallowed\Certificates\51C3247D60F356C7CA3BAF4C3F429DAC93EE7B74 [Avast Software] =>PUM.Misplaced.Certificate
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\SystemCertificates\Disallowed\Certificates\5DE83EE82AC5090AEA9D6AC4E7A6E213F946E179 [Avast Software] =>PUM.Misplaced.Certificate
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\SystemCertificates\Disallowed\Certificates\61793FCBFA4F9008309BBA5FF12D2CB29CD4151A [Avast Software] =>PUM.Misplaced.Certificate
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\SystemCertificates\Disallowed\Certificates\637162CC59A3A1E25956FA5FA8F60D2E1C52EAC6 [Avast Software] =>PUM.Misplaced.Certificate
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\SystemCertificates\Disallowed\Certificates\63FEAE960BAA91E343CE2BD8B71798C76BDB77D0 [Avast Software] =>PUM.Misplaced.Certificate
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\SystemCertificates\Disallowed\Certificates\6431723036FD26DEA502792FA595922493030F97 [Avast Software] =>PUM.Misplaced.Certificate
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\SystemCertificates\Disallowed\Certificates\7D7F4414CCEF168ADF6BF40753B5BECD78375931 [Avast Software] =>PUM.Misplaced.Certificate
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\SystemCertificates\Disallowed\Certificates\80962AE4D6C5B442894E95A13E4A699E07D694CF [Avast Software] =>PUM.Misplaced.Certificate
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\SystemCertificates\Disallowed\Certificates\86E817C81A5CA672FE000F36F878C19518D6F844 [Avast Software] =>PUM.Misplaced.Certificate
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\SystemCertificates\Disallowed\Certificates\8E5BD50D6AE686D65252F843A9D4B96D197730AB [Avast Software] =>PUM.Misplaced.Certificate
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\SystemCertificates\Disallowed\Certificates\9845A431D51959CAF225322B4A4FE9F223CE6D15 [Avast Software] =>PUM.Misplaced.Certificate
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\SystemCertificates\Disallowed\Certificates\B533345D06F64516403C00DA03187D3BFEF59156 [Avast Software] =>PUM.Misplaced.Certificate
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\SystemCertificates\Disallowed\Certificates\B86E791620F759F17B8D25E38CA8BE32E7D5EAC2 [Avast Software] =>PUM.Misplaced.Certificate
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\SystemCertificates\Disallowed\Certificates\C060ED44CBD881BD0EF86C0BA287DDCF8167478C [Avast Software] =>PUM.Misplaced.Certificate
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\SystemCertificates\Disallowed\Certificates\CEA586B2CE593EC7D939898337C57814708AB2BE [Avast Software] =>PUM.Misplaced.Certificate
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\SystemCertificates\Disallowed\Certificates\D018B62DC518907247DF50925BB09ACF4A5CB3AD [Avast Software] =>PUM.Misplaced.Certificate
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\SystemCertificates\Disallowed\Certificates\F8A54E03AADC5692B850496A4C4630FFEAA29D83 [Avast Software] =>PUM.Misplaced.Certificate
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\SystemCertificates\Disallowed\Certificates\FA6660A94AB45F6A88C0D7874D89A863D74DEE97 [Avast Software] =>PUM.Misplaced.Certificate
SUPPRIMÉ clé*: HKLM\SYSTEM\CurrentControlSet\Services\ProductivityBoss_e5Service [C:\Program Files (x86)\ProductivityBoss_e5\bar\1.bin\e5barsvc.exe (Not File)] =>.SUP.MindSpark
SUPPRIMÉ clé*: HKEY_USERS\S-1-5-21-1261310312-2217980482-3019925994-1000\SOFTWARE\cacaoweb [C:\Users\annette\AppData\Roaming\cacaoweb\cacaoweb.exe] =>.SUP.CacaoWeb
SUPPRIMÉ clé: HKCU\Software\cacaoweb [C:\Users\annette\AppData\Roaming\cacaoweb\cacaoweb.exe] =>.SUP.CacaoWeb
SUPPRIMÉ clé*: HKCU\Software\AppDataLow\Software\ProductivityBoss_e5 [] =>.SUP.MindSpark
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\ask.com [] =>Toolbar.Ask
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\atwola.com [] =>.SUP.Atwola
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\d16fk4ms6rqz1v.cloudfront.net [] =>.SUP.CloudfrontNet
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\d22j4fzzszoii2.cloudfront.net [] =>.SUP.CloudfrontNet
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\downspeedtest.dl.myway.com [12] =>.SUP.MindSpark
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\downspeedtest.dl.tb.ask.com [12] =>.SUP.MindSpark
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\fromdoctopdf.dl.myway.com [12] =>.SUP.MindSpark
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\ol.uk.at.atwola.com [1041] =>.SUP.Atwola
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\productivityboss.dl.tb.ask.com [929] =>.SUP.MindSpark
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\static.audienceinsights.net [43] =>.SUP.AudienceInsights
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\static.olark.com [3856] =>PUP.Optional.Generic
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\totalrecipesearch.dl.tb.ask.com [990] =>Toolbar.Ask
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\uk.at.atwola.com [] =>.SUP.Atwola
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\ProductivityBoss_e5.HTMLMenu [ProductivityBoss_e5 HTML Menu] =>.SUP.MindSpark
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\ProductivityBoss_e5.HTMLMenu.1 [ProductivityBoss_e5 HTML Menu] =>.SUP.MindSpark
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\ProductivityBoss_e5.HTMLPanel [ProductivityBoss_e5 HTML Panel] =>.SUP.MindSpark
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\ProductivityBoss_e5.HTMLPanel.1 [ProductivityBoss_e5 HTML Panel] =>.SUP.MindSpark
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\ProductivityBoss_e5.PseudoTransparentPlugin [Pseudo Transparent Plugin] =>.SUP.MindSpark
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\ProductivityBoss_e5.PseudoTransparentPlugin.1 [Pseudo Transparent Plugin] =>.SUP.MindSpark
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\ProductivityBoss_e5.SettingsPlugin [] =>.SUP.MindSpark
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\ProductivityBoss_e5.SettingsPlugin.1 [] =>.SUP.MindSpark
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\ProductivityBoss_e5.ToolbarProtector [ProtectorControl Class] =>.SUP.MindSpark
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\ProductivityBoss_e5.ToolbarProtector.1 [ProtectorControl Class] =>.SUP.MindSpark
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\ProductivityBoss_e5 [] =>.SUP.MindSpark
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\ProductivityBoss_e5bar Uninstall Internet Explorer [Mindspark Interactive Network] =>.SUP.MindSpark
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\conduitinstaller_RASAPI32 [] =>.SUP.Conduit
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\conduitinstaller_RASMANCS [] =>.SUP.Conduit
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{190f204e-0647-415a-8d7d-3e8b8b296bcb} [C:\Program Files (x86)\ProductivityBoss_e5\bar\1.bin] =>.SUP.MindSpark
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{21f21da6-1b78-4981-9eef-f03d20ac7c42} [C:\Program Files (x86)\ProductivityBoss_e5\bar\1.bin] =>.SUP.MindSpark
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6a113a86-fde2-4c7b-8767-f1621865ebf5} [C:\Program Files (x86)\ProductivityBoss_e5\bar\1.bin] =>.SUP.MindSpark
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9b667db4-ae4b-4d59-a2a3-d12a41a2f2cf} [C:\Program Files (x86)\ProductivityBoss_e5\bar\1.bin] =>.SUP.MindSpark
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c37884b1-d4f6-4fc9-b12e-68df687499a5} [C:\Program Files (x86)\ProductivityBoss_e5\bar\1.bin] =>.SUP.MindSpark
SUPPRIMÉ valeur: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\cacaoweb ["C:\Users\annette\AppData\Roaming\cacaoweb\cacaoweb.exe" -noplayer] =>.SUP.CacaoWeb
SUPPRIMÉ valeur: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\TCP Query User{4EE30A52-E849-4617-9B76-04425A22B5B9}C:\users\annette\appdata\roaming\cacaoweb\cacaoweb.exe [C:\users\annette\appdata\roaming\cacaoweb\cacaoweb.exe] =>.SUP.CacaoWeb
SUPPRIMÉ valeur: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\UDP Query User{3E2BF94D-56D7-4BA8-83E0-8068BCBB1006}C:\users\annette\appdata\roaming\cacaoweb\cacaoweb.exe [C:\users\annette\appdata\roaming\cacaoweb\cacaoweb.exe] =>.SUP.CacaoWeb
---\\ Récapitulatif des éléments trouvés sur votre station. (12)
https://nicolascoolman.eu/2017/01/15/superfluous-mindspark/ =>.SUP.MindSpark
https://nicolascoolman.eu/2017/02/02/superfluous-cloudfrontnet/ =>.SUP.CloudfrontNet
https://nicolascoolman.eu/2017/02/28/toolbar-ask/ =>Toolbar.Ask
https://nicolascoolman.eu/2017/01/15/superfluous-cacaoweb/ =>.SUP.CacaoWeb
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.SUP.AkamaiHD
https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>PUP.Optional.Chatango
https://www.nicolascoolman.com/fr/?p=5143 =>Toolbar.YahooPartner
https://nicolascoolman.eu/2017/06/26/trojan-certlock/ =>PUM.Misplaced.Certificate
https://nicolascoolman.eu/2017/02/04/superfluous-atwola/ =>.SUP.Atwola
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.SUP.AudienceInsights
https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>PUP.Optional.Generic
https://nicolascoolman.eu/2017/02/06/superfluous-conduit/ =>.SUP.Conduit
---\\ Nettoyage Additionnel. (96)
~ Suppression des Clés de registre Tracing. (96)
~ Suppression des anciens rapports ZHPCleaner. (0)
---\\ Bilan de la réparation
~ Réparation réalisée avec succès.
~ Ce navigateur est absent (Mozilla Firefox)
~ Ce navigateur est absent (Opera Software)
~ Le système a été redémarré.
---\\ Statistiques
~ Items scannés : 621
~ Items trouvés : 0
~ Items annulés : 0
~ Items réparés : 87
~ End of clean in 00h01mn26s
~====================
ZHPCleaner-[R]-25082017-13_36_50.txt
ZHPCleaner-[S]-25082017-13_25_05.txt