~ ZHPCleaner v2016.7.30.92 by Nicolas Coolman (2016/07/30)
~ Run by nonox88 (Administrator)  (31/07/2016 12:57:38)
~ Site : https://www.nicolascoolman.com
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Version OK
~ Type : Nettoyer
~ Report : C:\Users\nonox88\Desktop\ZHPCleaner.txt
~ Quarantine : C:\Users\nonox88\AppData\Roaming\ZHP\ZHPCleaner_Quarantine.txt
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
Windows 10 Pro, 64-bit  (Build 10586)


---\\  Service. (0)
~ Aucun élément malicieux ou superflu trouvé.


---\\  Navigateur internet. (2)
SUPPRIMÉ: [3voffvtc.default] - user_pref("extensions.MiddleRush.cg", "34519d77-2115-4256-b42c-a2cf3bf59128");  =>Adware.BrowseFox
SUPPRIMÉ: [3voffvtc.default] - user_pref("lightweightThemes.usedThemes", "[{\"id\":\"283616\",\"name\":\"Nidalee\",\"headerURL\":\"[...]  =>.Superfluous.IronSourceLtd


---\\  Fichier hôte. (1)
~ Le fichier hôte est légitime. (29)


---\\  Tâche planifiée. (7)
SUPPRIMÉ tâche: [AutoPico Daily Restart] [C:\Program Files\KMSpico\AutoPico.exe (Not File) ]  =>HackTool.KMSpico
SUPPRIMÉ tâche: [Dregol tone] [C:\ProgramData\{4A74A2B7-1AF6-7331-AB70-03B37BF2D03D}\1.17.0.1\fiber.js 433a2f50726f6772616d446174612f7b34413734413242372d314146362d373333312d414237302d3033423337424632443033447d2f312e31372e302e312f746f6e652e646c6c 687474703a2f2f73616f2e72657164726 (Not File) ]  =>PUP.Optional.Browser
SUPPRIMÉ tâche: [ParetoLogic Registration3] [C:\Program Files (x86)\Common Files\ParetoLogic\UUS3\UUS3.dll RunUns (Not File) ]  =>.Superfluous.Paretologic
SUPPRIMÉ tâche: [ParetoLogic Update Version3] [C:\Program Files (x86)\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe (Not File) ]  =>.Superfluous.Paretologic
SUPPRIMÉ tâche: [ParetoLogic Update Version3 Startup Task] [C:\Program Files (x86)\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe (Not File) ]  =>.Superfluous.Paretologic
SUPPRIMÉ tâche: [Run_dregol] [C:\Users\nonox88\AppData\Roaming\RUN_DR~1\UPDATE~1\UPDATE~1.EXE (Not File) ]  =>PUP.Optional.RunDregol
SUPPRIMÉ tâche: [Selection Tools Update] [C:\Users\nonox88\AppData\Roaming\WTools\Selection Tools\Selection Tools Update.exe (Not File) ]  =>.Superfluous.Nosibay


---\\  Explorateur  ( Dossiers, Fichiers ). (31)
DEPLACÉ fichier: C:\Program Files\KMSpico\AutoPico.exe [ - AutoPico]  =>HackTool.KMSpico
DEPLACÉ fichier: C:\Program Files (x86)\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe [Copyright (C) 2013 - Application de mise à jour]  =>.Superfluous.Paretologic
DEPLACÉ fichier: C:\Windows\Tasks\ParetoLogic Registration3.job    =>.Superfluous.Paretologic
DEPLACÉ fichier: C:\Windows\Tasks\ParetoLogic Update Version3 Startup Task.job    =>.Superfluous.Paretologic
DEPLACÉ fichier: C:\Windows\Tasks\ParetoLogic Update Version3.job    =>.Superfluous.Paretologic
DEPLACÉ fichier: C:\END    =>.Superfluous.Conduit
DEPLACÉ fichier: C:\Windows\Prefetch\PARETOLOGIC PC HEALTH ADVISOR-C1DD0BEB.pf    =>.Superfluous.Paretologic
DEPLACÉ fichier: C:\Users\nonox88\Downloads\ParetoLogic PC Health Advisor_fr.exe [ParetoLogic Inc. - PC Health Advisor Installer]  =>.Superfluous.Paretologic
DEPLACÉ fichier: C:\Windows\SECOH-QAD.exe    =>HackTool.KMSpico
DEPLACÉ fichier: C:\Windows\AutoKMS\AutoKMS.exe [CODYQX4 - AutoKMS]  =>HackTool.AutoKMS
DEPLACÉ fichier: C:\Windows\AutoKMS\AutoKMS.log    =>HackTool.AutoKMS
DEPLACÉ fichier^: C:\Users\nonox88\AppData\Local\app    =>PUP.Optional.CrossRider
DEPLACÉ fichier: C:\program files (x86)\common files\Tencent\qqdownload\130\bugreport_xf.exe    =>.Superfluous.Tencent
DEPLACÉ fichier: C:\program files (x86)\common files\Tencent\qqdownload\130\tencentdl.exe [Tencent - 腾讯高速下载引擎]  =>.Superfluous.Tencent
DEPLACÉ fichier: C:\Program Files\KMSpico\KMSELDI.exe [ - KMS GUI ELDI]  =>HackTool.KMSpico
DEPLACÉ dossier: C:\Program Files (x86)\Hostify  =>.Superfluous.CSDI
DEPLACÉ dossier: C:\Program Files\KMSpico  =>HackTool.KMSpico
DEPLACÉ dossier: C:\Program Files (x86)\Common Files\ParetoLogic  =>.Superfluous.Paretologic
DEPLACÉ dossier: C:\Program Files (x86)\Common Files\Tencent  =>.Superfluous.Tencent
DEPLACÉ dossier: C:\ProgramData\ParetoLogic  =>.Superfluous.Paretologic
DEPLACÉ dossier: C:\ProgramData\Tencent  =>.Superfluous.Tencent
DEPLACÉ dossier: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico  =>HackTool.KMSpico
DEPLACÉ dossier: C:\WINDOWS\AutoKMS  =>HackTool.AutoKMS
DEPLACÉ dossier: C:\Users\nonox88\AppData\Roaming\DriverCure  =>.Superfluous.Paretologic
DEPLACÉ dossier: C:\Users\nonox88\AppData\Roaming\ParetoLogic  =>.Superfluous.Paretologic
DEPLACÉ dossier: C:\Users\nonox88\AppData\Roaming\Store  =>.Superfluous.Nosibay
DEPLACÉ dossier: C:\Users\nonox88\AppData\Roaming\Tencent  =>.Superfluous.Tencent
DEPLACÉ dossier: C:\Users\nonox88\AppData\Local\CrashRpt  =>.Superfluous.CrashReports
DEPLACÉ dossier: C:\Program Files (x86)\QuickSearch  =>PUP.Optional.FastSearch
DEPLACÉ dossier: C:\ProgramData\TXQMPC  =>.Superfluous.TXQMPC
DEPLACÉ dossier: C:\Users\nonox88\AppData\Local\Microsoft Toolkit  =>HackTool.AutoKMS


---\\  Base de Registres ( Clés, Valeurs, Données ). (46)
SUPPRIMÉ clé: [X64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} [http://www.dregol.com/results.php?f=4&q={searchTerms}&a=drg_ir_15_20&cd=2XzuyEtN2Y1L1Qzu0F0C0A0AtCyE[...]] [Dregol]  =>PUP.Optional.Browser
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\MozillaPlugins\@qq.com/npAndroidAssistant [Tencent, Inc.]  =>.Superfluous.Tencent
SUPPRIMÉ clé: [X64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} [http://www.dregol.com/results.php?f=4&q={searchTerms}&a=drg_ir_15_20&cd=2XzuyEtN2Y1L1Qzu0F0C0A0AtCyEtB0ByBtDyDtD0A0FtByCtN0D0Tzu0StCtBtAtBtN1L2XzutAtFtCtDtFtBtFtDtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2SyC0AyEyE0AtCtA0FtGtDzytDtDtGyE0C0BzztGyEyCzz0FtGyBzz0CtD0CtB0CyDtCyE0C0C2QtN1M1F1B2Z1V1N2Y1L1Qzu2StDtC0CyDzyyEzytCtGyByD0E0CtGyE0Fzy0DtG0AyB0FzztGzytDtD0C0B0FtD0Dzz0DyD0A2QtN0A0LzuyE&cr=1489563797&ir=]  =>PUP.Optional.Browser
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\PCSpeedUp [C:\Program Files (x86)\Accelerer PC\PCSUNotifier.exe (Not File)]  =>.Superfluous.PCSpeedUp
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Prt [C:\Users\nonox88\AppData\Local\TECHP-Browser\prtsvc.exe startup=1 (Not File)]  =>PUP.Optional.BrowserAir
SUPPRIMÉ clé*: HKEY_USERS\S-1-5-21-3479429645-407056864-3191445915-1000\SOFTWARE\ImInstaller []  =>Toolbar.IncrediMail
SUPPRIMÉ clé*: HKEY_USERS\S-1-5-21-3479429645-407056864-3191445915-1000\SOFTWARE\ParetoLogic []  =>.Superfluous.Paretologic
SUPPRIMÉ clé*: HKEY_USERS\S-1-5-21-3479429645-407056864-3191445915-1000\SOFTWARE\Tencent []  =>.Superfluous.Tencent
SUPPRIMÉ clé*: HKEY_USERS\.DEFAULT\Software\Tencent []  =>.Superfluous.Tencent
SUPPRIMÉ clé: HKCU\Software\ImInstaller []  =>Toolbar.IncrediMail
SUPPRIMÉ clé: HKCU\Software\ParetoLogic []  =>.Superfluous.Paretologic
SUPPRIMÉ clé: HKCU\Software\Tencent []  =>.Superfluous.Tencent
SUPPRIMÉ clé*: HKCU\Software\AppDataLow\Software\adawarebp []  =>PUP.Optional.ToolbarCleaner
SUPPRIMÉ clé*: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\buy.paretologic.com []  =>.Superfluous.Paretologic
SUPPRIMÉ clé*: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\paretologic.com []  =>.Superfluous.Paretologic
SUPPRIMÉ clé*: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\buy.paretologic.com []  =>.Superfluous.Paretologic
SUPPRIMÉ clé*: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\paretologic.com []  =>.Superfluous.Paretologic
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1B5D5DBD-C857-4377-A755-06E50B4AC2B0} [C:\Program Files (x86)\Common Files\Tencent\QQPhoneManager\2.0.201.3192 (Not File)]  =>.Superfluous.Tencent
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{639B74F1-0594-432C-97C8-68C8C17A1E1D} [C:\Program Files (x86)\Tencent\QQPCMgr\11.3.17201.218\Plugins\QQPCB1AndroidJmp (Not File)]  =>.Superfluous.Tencent
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Tinstalls []  =>PUP.Optional.DesktopPlay
SUPPRIMÉ clé*: HKCU\Software\TeleCharger []  =>.Superfluous.Downloader
SUPPRIMÉ clé*: HKCU\Software\undefined []  =>.Superfluous.Downloader
SUPPRIMÉ clé*: HKCU\Software\ProductSetup []  =>Adware.InstallCore
SUPPRIMÉ clé*: HKLM\SOFTWARE\Wow6432Node\QuickSearch []  =>PUP.Optional.FastSearch
SUPPRIMÉ clé: HKLM\SOFTWARE\QuickSearch []  =>PUP.Optional.FastSearch
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\f [f]  =>PUP.Optional.Funmoods
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Selection Tools ["C:\Users\nonox88\AppData\Roaming\WTools\Selection Tools\Selection Tools.exe" /winstartup (Not File)]  =>.Superfluous.Nosibay
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\TheBrowser []  =>PUP.Optional.TheBrowser
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KMSpico_is1 [KMSpico v9.2.3]  =>HackTool.KMSpico
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\ImInstaller []  =>Toolbar.IncrediMail
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\ParetoLogic []  =>.Superfluous.Paretologic
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Tencent []  =>.Superfluous.Tencent
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Tutorials []  =>PUP.Optional.AgenceExclusive
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\zdengine []  =>PUP.Optional.FastSearch
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} [Google Inc.]  =>Heuristic.Suspect
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\5da059a482fd494db3f252126fbc3d5b []  =>Hijacker.Browser
SUPPRIMÉ valeur: HKLM64\SOFTWARE\Wow6432Node\Mozilla\Firefox\Extensions\\{9746ad1f-7f2a-4bc8-a61c-2f73d969472d} [C:\Program Files (x86)\Mozilla Firefox\distribution\bundles\{9746ad1f-7f2a-4bc8-a61c-2f73d969472d}]  =>Hijacker.Browser
SUPPRIMÉ valeur: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\mbot_fr_014010259 []  =>PUP.Optional.CrossRider
SUPPRIMÉ valeur: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\{8244FC8D-5217-4DC1-8732-F83FDD726DC2} [C:\program files (x86)\common files\tencent\qqdownload\130\bugreport_xf.exe]  =>.Superfluous.Tencent
SUPPRIMÉ valeur: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\{B226CE7F-D0FF-4555-90AA-3B9DFBF3B6CE} [C:\program files (x86)\common files\tencent\qqdownload\130\tencentdl.exe]  =>.Superfluous.Tencent
SUPPRIMÉ valeur: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\{DF4F600C-8231-4AC8-BFB7-C633B45A1CDA} [C:\Program Files\KMSpico\AutoPico.exe]  =>HackTool.KMSpico
SUPPRIMÉ valeur: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\{7AEF6092-A842-4FA5-B05C-7CC364229138} [C:\Program Files\KMSpico\AutoPico.exe]  =>HackTool.KMSpico
SUPPRIMÉ valeur: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\{ECD15934-E67B-4EA0-AF67-19E6038B3E99} [C:\Program Files\KMSpico\AutoPico.exe]  =>HackTool.KMSpico
SUPPRIMÉ valeur: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\{ED947B52-81DD-40BC-85FA-885C9B71D4A3} [C:\Program Files\KMSpico\AutoPico.exe]  =>HackTool.KMSpico
SUPPRIMÉ valeur: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\{6F0CE4B4-E5A1-4B06-B781-B627B5C93A3F} [C:\Program Files\KMSpico\KMSELDI.exe]  =>HackTool.KMSpico
SUPPRIMÉ valeur: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\{6BE4073E-EF2A-48ED-A4AB-3802BACAF062} [C:\Program Files\KMSpico\KMSELDI.exe]  =>HackTool.KMSpico


---\\  Récapitulatif des éléments trouvés sur votre station. (27)
https://www.nicolascoolman.fr/?p=347  =>Adware.BrowseFox
https://www.anti-malware.top/2016/05/02/superfluous-ironsourceltd/  =>.Superfluous.IronSourceLtd
https://www.nicolascoolman.fr/?p=989  =>HackTool.KMSpico
https://www.nicolascoolman.fr/?p=546  =>PUP.Optional.Browser
https://www.nicolascoolman.fr/?p=5145  =>.Superfluous.Paretologic
https://www.nicolascoolman.fr/?p=4664  =>PUP.Optional.RunDregol
https://www.anti-malware.top/2016/05/03/superfluous-nosibay/  =>.Superfluous.Nosibay
https://www.nicolascoolman.fr/?p=210  =>.Superfluous.Conduit
https://www.anti-malware.top/2016/05/04/hacktool-autokms/  =>HackTool.AutoKMS
https://www.anti-malware.top/2016/04/30/pup-optional-crossrider/  =>PUP.Optional.CrossRider
https://www.nicolascoolman.fr/?p=368  =>.Superfluous.Tencent
https://www.anti-malware.top/2016/05/03/superfluous-csdi/  =>.Superfluous.CSDI
https://www.nicolascoolman.fr/?p=5145  =>.Superfluous.CrashReports
https://www.anti-malware.top/2016/07/05/pup-optional-fastsearch/  =>PUP.Optional.FastSearch
https://www.nicolascoolman.fr/?p=5145  =>.Superfluous.TXQMPC
https://www.nicolascoolman.fr/?p=1255  =>.Superfluous.PCSpeedUp
https://www.nicolascoolman.fr/pup-optional-browserair/  =>PUP.Optional.BrowserAir
https://www.nicolascoolman.fr/?p=5143  =>Toolbar.IncrediMail
https://www.nicolascoolman.fr/?p=712  =>PUP.Optional.ToolbarCleaner
https://www.nicolascoolman.fr/?p=4664  =>PUP.Optional.DesktopPlay
https://www.nicolascoolman.fr/?p=5145  =>.Superfluous.Downloader
https://www.anti-malware.top/2016/04/22/adware-installcore/  =>Adware.InstallCore
https://www.nicolascoolman.fr/?p=362  =>PUP.Optional.Funmoods
https://www.nicolascoolman.fr/?p=4664  =>PUP.Optional.TheBrowser
https://www.nicolascoolman.fr/?p=122  =>PUP.Optional.AgenceExclusive
https://www.anti-malware.top/2016/04/22/heuristic-suspect/  =>Heuristic.Suspect
https://www.nicolascoolman.fr/hijacker-browser/  =>Hijacker.Browser


---\\  Nettoyage Additionnel. (16)
~ Suppression des Clés de registre Tracing. (16)
~ Suppression des anciens rapports ZHPCleaner. (0)


---\\ Bilan de la réparation
~ Réparation réalisée avec succès.
~ Ce navigateur est absent  (Opera Software)
~ Le système a été redémarré.


---\\ Statistiques
~ Items scannés : 1327
~ Items trouvés : 0
~ Items annulés : 0
~ Items réparés : 86


~ End of clean in 00h01mn28s
~====================
ZHPCleaner-[R]-31072016-12_59_06.txt
ZHPCleaner-[S]-31072016-12_51_18.txt