~ ZHPCleaner v2015.12.30.409 by Nicolas Coolman (2015/12/30) ~ Run by Durrant (Administrator) (30/12/2015 18:23:10) ~ Site : http://www.nicolascoolman.fr ~ Facebook : https://www.facebook.com/nicolascoolman1 ~ State version : Version OK ~ Type : Nettoyer ~ Report : C:\Users\Durrant\Desktop\ZHPCleaner.txt ~ Quarantine : C:\Users\Durrant\AppData\Roaming\ZHP\ZHPCleaner_Quarantine.txt ~ UAC : Activate ~ Boot Mode : Normal (Normal boot) Windows 8.1, 64-bit (Build 9600) ---\\ Service. (0) ~ Aucun élément malicieux ou superflu trouvé. ---\\ Navigateur internet. (7) SUPPRIMÉ: [avwvk29x.default] - user_pref("browser.search.searchengine.alias", "mysites123"); =>PUP.Optional.SearchEngine SUPPRIMÉ: [avwvk29x.default] - user_pref("browser.search.searchengine.desc", "this is my first firefox searchEngine"); =>PUP.Optional.SearchEngine SUPPRIMÉ: [avwvk29x.default] - user_pref("browser.search.searchengine.iconURL", "http://www./favicon.ico"); =>PUP.Optional.SearchEngine SUPPRIMÉ: [avwvk29x.default] - user_pref("browser.search.searchengine.name", "mysites123"); =>PUP.Optional.SearchEngine SUPPRIMÉ: [avwvk29x.default] - user_pref("browser.search.searchengine.ptid", "amt"); =>PUP.Optional.SearchEngine SUPPRIMÉ: [avwvk29x.default] - user_pref("browser.search.searchengine.uid", "HGSTXHTS541075A9E680_JA120011GMN31PGMN31PX"); =>PUP.Optional.SearchEngine SUPPRIMÉ: [avwvk29x.default] - user_pref("browser.search.searchengine.url", "http://www./web/?type=ds&ts=1449414191&z=7c015f666a2c5[...] =>PUP.Optional.SearchEngine ---\\ Fichier hôte. (1) ~ Le fichier hôte est légitime. (21) ---\\ Tâche planifiée. (0) ~ Aucun élément malicieux ou superflu trouvé. ---\\ Explorateur ( Dossiers, Fichiers ). (29) DEPLACÉ fichier: C:\Users\Durrant\Desktop\cacaoweb.exe =>.Superfluous.CacaoWeb DEPLACÉ fichier: C:\Users\Durrant\Downloads\cacaoweb.exe =>.Superfluous.CacaoWeb DEPLACÉ fichier: C:\Users\Durrant\Downloads\ReimageRepair.exe [Reimage® - Reimage Downloader] =>PUP.Optional.ReImageRepair DEPLACÉ fichier: C:\Users\Durrant\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_fr.lyrics.wikia.com_0.localstorage =>PUP.Optional.AddLyrics DEPLACÉ fichier: C:\Users\Durrant\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_fr.lyrics.wikia.com_0.localstorage-journal =>PUP.Optional.AddLyrics DEPLACÉ fichier: C:\Users\Durrant\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.audienceinsights.net_0.localstorage =>PUP.Optional.Generic DEPLACÉ fichier: C:\Users\Durrant\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.audienceinsights.net_0.localstorage-journal =>PUP.Optional.Generic DEPLACÉ fichier: C:\Users\Durrant\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.azlyrics.com_0.localstorage =>PUP.Optional.AddLyrics DEPLACÉ fichier: C:\Users\Durrant\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.azlyrics.com_0.localstorage-journal =>PUP.Optional.AddLyrics DEPLACÉ fichier: C:\Windows\Reimage.ini =>PUP.Optional.ReImageRepair DEPLACÉ dossier: C:\Users\Durrant\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom =>Orphean DEPLACÉ dossier: C:\ProgramData\Microsoft Toolkit =>HackTool.AutoKMS DEPLACÉ dossier: C:\ProgramData\Tmp0x0x =>PUP.Optional.WpManager DEPLACÉ dossier: C:\Users\Durrant\AppData\Roaming\RHEng =>PUP.Optional.Conduit DEPLACÉ dossier: C:\Users\Durrant\AppData\Local\CrashRpt =>.Superfluous.CrashReports DEPLACÉ dossier: C:\Windows\Installer\MSI68D8.tmp- =>Empty DEPLACÉ dossier: C:\Windows\Installer\MSI759B.tmp- =>Empty DEPLACÉ dossier: C:\Windows\Installer\MSI781C.tmp- =>Empty DEPLACÉ dossier: C:\Windows\Installer\MSI7B3A.tmp- =>Empty DEPLACÉ dossier: C:\Windows\Installer\MSI7E97.tmp- =>Empty DEPLACÉ dossier: C:\Windows\Installer\MSI807B.tmp- =>Empty DEPLACÉ dossier: C:\Windows\Installer\MSIA3F1.tmp- =>Empty DEPLACÉ dossier: C:\Windows\Installer\MSIBB.tmp- =>Empty DEPLACÉ dossier: C:\Windows\Installer\MSID40A.tmp- =>Empty DEPLACÉ dossier: C:\Windows\Installer\MSIE050.tmp- =>Empty DEPLACÉ dossier: C:\Windows\Installer\MSIE497.tmp- =>Empty DEPLACÉ dossier: C:\Windows\Installer\MSIE61F.tmp- =>Empty DEPLACÉ dossier: C:\Windows\Installer\MSIE795.tmp- =>Empty DEPLACÉ dossier: C:\Windows\Installer\MSIEBAD.tmp- =>Empty ---\\ Base de Registres ( Clés, Valeurs, Données ). (34) SUPPRIMÉ clé*: HKEY_USERS\S-1-5-21-3284660313-2677544377-3334260805-1001\SOFTWARE\cacaoweb [C:\Users\Durrant\AppData\Roaming\cacaoweb\cacaoweb.exe (Not File)] =>.Superfluous.CacaoWeb SUPPRIMÉ clé*: HKEY_USERS\S-1-5-21-3284660313-2677544377-3334260805-1001\SOFTWARE\Tutorials [] =>PUP.Optional.AgenceExclusive SUPPRIMÉ clé: HKCU\Software\cacaoweb [C:\Users\Durrant\AppData\Roaming\cacaoweb\cacaoweb.exe (Not File)] =>.Superfluous.CacaoWeb SUPPRIMÉ clé: HKCU\Software\Tutorials [] =>PUP.Optional.AgenceExclusive SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\protector_dll.protectorbho [Google Toolbar Notifier BHO] =>PUP.Optional.BProtector SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1 [Google Toolbar Notifier BHO] =>PUP.Optional.BProtector SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\REI_AxControl.ReiEngine [ReiEngine Class] =>PUP.Optional.GetLiveSupport SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\REI_AxControl.ReiEngine.1 [ReiEngine Class] =>PUP.Optional.GetLiveSupport SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\009A66CECABFFD045ADED7ECA7CAC3A4 [C:\ProgramData\Ableton\Live 9 Suite\Resources\Extensions\WebConnector\third_party\site-packages\nose-1.1.2-py2.5.egg\nose\proxy.pyc] =>Adware.Sambreel SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\00AB9358B6378374BA21BC44F6A96977 [C:\ProgramData\Ableton\Live 9 Suite\Resources\Extensions\WebConnector\third_party\site-packages\abl.vpath-0.7-py2.5.egg\EGG-INFO\entry_points.txt] =>Adware.Sambreel SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\00C54783A38E2964B80ACB57EA0D33C9 [C:\ProgramData\Ableton\Live 9 Suite\Resources\Extensions\WebConnector\third_party\site-packages\nose-1.1.2-py2.5.egg\EGG-INFO\dependency_links.txt] =>Adware.Sambreel SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0184834DAC32E244093364EF04FC51EF [C:\ProgramData\Ableton\Live 9 Suite\Resources\Extensions\WebConnector\third_party\lib\xmllib.pyc] =>Adware.Sambreel SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\01EDBC8EE819BB747A132E47B04EFE3C [C:\ProgramData\Ableton\Live 9 Suite\Resources\Extensions\WebConnector\third_party\lib\token.pyc] =>Adware.Sambreel SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0245D030D5F40964599F63B3698DA739 [C:\ProgramData\Ableton\Live 9 Suite\Resources\Extensions\WebConnector\third_party\lib\distutils\tests\test_install_scripts.pyc] =>Adware.Sambreel SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\054AC300B8B9B9348AE87D5C2DD35A2E [C:\ProgramData\Ableton\Live 9 Suite\Resources\Extensions\WebConnector\third_party\lib\encodings\cp865.pyc] =>Adware.Sambreel SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\059434B2AB3D17B4B93CC5F05D9E209B [C:\ProgramData\Ableton\Live 9 Suite\Resources\Extensions\WebConnector\third_party\site-packages\abl.vpath-0.7-py2.5.egg\EGG-INFO\requires.txt] =>Adware.Sambreel SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\061B48D07D8A1AF47A6E3705DDF9E269 [C:\ProgramData\Ableton\Live 9 Suite\Resources\Extensions\WebConnector\third_party\site-packages\simplejson-1.7.1-py2.5.egg\EGG-INFO\entry_points.txt] =>Adware.Sambreel SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\068168F0773DC4C40957D4A439F28E9E [C:\ProgramData\Ableton\Live 9 Suite\Resources\Extensions\WebConnector\third_party\lib\encodings\cp950.pyc] =>Adware.Sambreel SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\07B7197F0CDD6574E9A9DD2FEB2AD3A7 [C:\ProgramData\Ableton\Live 9 Suite\Resources\Extensions\WebConnector\third_party\lib\encodings\cp869.pyc] =>Adware.Sambreel SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\07DC6083622AE05468573044D2687E41 [C:\ProgramData\Ableton\Live 9 Suite\Resources\Extensions\WebConnector\third_party\lib\xmlrpclib.pyc] =>Adware.Sambreel SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\07E406484B577E04B91904C690B42316 [C:\ProgramData\Ableton\Live 9 Suite\Resources\Extensions\WebConnector\third_party\lib\distutils\errors.pyc] =>Adware.Sambreel SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\091366148F7DCC244B34174F7DFBA458 [C:\ProgramData\Ableton\Live 9 Suite\Resources\Extensions\WebConnector\third_party\lib\encodings\mac_roman.pyc] =>Adware.Sambreel SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\09D4C7A9D1DB66447A0834FFEA6E5213 [C:\ProgramData\Ableton\Live 9 Suite\Resources\Extensions\WebConnector\third_party\lib\distutils\mwerkscompiler.pyc] =>Adware.Sambreel SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0B93F561216524744A1850705569FE07 [C:\ProgramData\Ableton\Live 9 Suite\Resources\Extensions\WebConnector\third_party\site-packages\abl.webconnector\abl\installer\delta_creator.pyc] =>Adware.Sambreel SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0C7DADFCE662CB9419C899CA1E501D11 [C:\ProgramData\Ableton\Live 9 Suite\Resources\Extensions\WebConnector\third_party\lib\encodings\zlib_codec.pyc] =>Adware.Sambreel SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Clara [] =>PUP.Optional.SupTab SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\CLSID\{10ECCE17-29B5-4880-A8F5-EAD298611484} [ReiEngine Class] =>PUP.Optional.ReImageRepair SUPPRIMÉ clé: [X64] HKLM\SOFTWARE\Classes\CLSID\{10ECCE17-29B5-4880-A8F5-EAD298611484}\InprocServer32 [C:\Program Files\Reimage\Reimage Repair\REI_Axcontrol.dll (Not File)] =>PUP.Optional.ReImageRepair SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\CLSID\{801B440B-1EE3-49B0-B05D-2AB076D4E8CB} [CompReg Class] =>PUP.Optional.ReImageRepair SUPPRIMÉ clé: [X64] HKLM\SOFTWARE\Classes\CLSID\{801B440B-1EE3-49B0-B05D-2AB076D4E8CB}\InprocServer32 [C:\Program Files\Reimage\Reimage Repair\REI_Axcontrol.dll (Not File)] =>PUP.Optional.ReImageRepair SUPPRIMÉ valeur: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\TCP Query User{95140ECA-611B-4677-AD67-890AFEDB05BB}C:\users\durrant\appdata\roaming\cacaoweb\cacaoweb.exe [C:\users\durrant\appdata\roaming\cacaoweb\cacaoweb.exe] =>.Superfluous.CacaoWeb SUPPRIMÉ valeur: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\UDP Query User{7040B9B7-0B05-4823-B635-102AF1A10C01}C:\users\durrant\appdata\roaming\cacaoweb\cacaoweb.exe [C:\users\durrant\appdata\roaming\cacaoweb\cacaoweb.exe] =>.Superfluous.CacaoWeb SUPPRIMÉ valeur: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\TCP Query User{9EFAF349-1FEF-41D8-8B2F-CEB9AF2F5A6A}C:\users\durrant\appdata\roaming\cacaoweb\cacaoweb.exe [C:\users\durrant\appdata\roaming\cacaoweb\cacaoweb.exe] =>.Superfluous.CacaoWeb SUPPRIMÉ valeur: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\UDP Query User{8CCF87F4-657E-4433-B473-E60E5C8B243C}C:\users\durrant\appdata\roaming\cacaoweb\cacaoweb.exe [C:\users\durrant\appdata\roaming\cacaoweb\cacaoweb.exe] =>.Superfluous.CacaoWeb ---\\ Récapitulatif des éléments trouvés sur votre station. (15) http://www.nicolascoolman.fr/?p=4664 =>PUP.Optional.SearchEngine http://www.nicolascoolman.fr/?p=338 =>.Superfluous.CacaoWeb http://www.nicolascoolman.fr/?p=1075 =>PUP.Optional.ReImageRepair http://www.nicolascoolman.fr/?p=905 =>PUP.Optional.AddLyrics http://www.nicolascoolman.fr/?p=4664 =>PUP.Optional.Generic http://www.nicolascoolman.fr/?p=4664 =>Orphean http://www.nicolascoolman.fr/?p=1804 =>HackTool.AutoKMS http://www.nicolascoolman.fr/?p=173 =>PUP.Optional.WpManager http://www.nicolascoolman.fr/?p=210 =>PUP.Optional.Conduit http://www.nicolascoolman.fr/?p=4664 =>.Superfluous.CrashReports http://www.nicolascoolman.fr/?p=122 =>PUP.Optional.AgenceExclusive http://www.nicolascoolman.fr/?p=533 =>PUP.Optional.BProtector http://www.nicolascoolman.fr/?p=4664 =>PUP.Optional.GetLiveSupport http://www.nicolascoolman.fr/pup-optional-sambreel/ =>Adware.Sambreel http://www.nicolascoolman.fr/?p=297 =>PUP.Optional.SupTab ---\\ Nettoyage Additionnel. (51) ~ Suppression des Clés de registre Tracing. (51) ~ Suppression des anciens rapports ZHPCleaner. (0) ---\\ Bilan de la réparation ~ Réparation réalisée avec succès. ~ Ce navigateur est absent (Opera Software) ---\\ Statistiques ~ Items scannés : 761 ~ Items trouvés : 0 ~ Items annulés : 0 ~ Items réparés : 70 ~ End of clean in 00h01mn05s =================== ZHPCleaner-[R]-30122015-18_24_15.txt ZHPCleaner-[S]-30122015-18_18_52.txt