~ ZHPCleaner v2017.1.21.18 by Nicolas Coolman (2017/01/21)
~ Run by bertrant (Administrator)  (22/01/2017 11:39:43)
~ Web: https://www.nicolascoolman.com
~ Blog: https://www.anti-malware.top
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Version OK
~ Type : Nettoyer
~ Report : C:\Users\bertrant\Desktop\ZHPCleaner.txt
~ Quarantine : C:\Users\bertrant\AppData\Roaming\ZHP\ZHPCleaner_Quarantine.txt
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
Windows 7 Professional, 64-bit Service Pack 1 (Build 7601)


---\\  Service. (0)
~ Aucun élément malicieux ou superflu trouvé.


---\\  Navigateur internet. (4)
SUPPRIMÉ: [deu2kryq.default] - user_pref("browser.newtab.url", "http://www.trovi.com/?gd=&ctid=CT3333673&octid=EB_ORIGINAL_CTID&ISI[...]  =>PUP.Optional.TroviCom
SUPPRIMÉ: [deu2kryq.default] - user_pref("browser.search.hiddenOneOffs", "Trovi");  =>PUP.Optional.TroviCom
SUPPRIMÉ: [deu2kryq.default] - user_pref("browser.search.selectedEngine", "Trovi");  =>PUP.Optional.TroviCom
SUPPRIMÉ: [deu2kryq.default] - user_pref("extensions.xpiState", "{\"app-profile\":{\"cacaoweb@cacaoweb.org\":{\"d\":\"C:\\\\Users\\[...]  =>.Superfluous.CacaoWeb


---\\  Fichier hôte. (1)
~ Le fichier hôte est légitime. (21)


---\\  Tâche planifiée. (0)
~ Aucun élément malicieux ou superflu trouvé.


---\\  Explorateur  ( Dossiers, Fichiers ). (31)
DEPLACÉ fichier: C:\Users\bertrant\AppData\Roaming\Mozilla\Firefox\Profiles\deu2kryq.default\searchplugins\trovi.xml    =>PUP.Optional.TroviCom
DEPLACÉ fichier*: C:\Users\bertrant\AppData\Roaming\Mozilla\Firefox\Profiles\deu2kryq.default\Extensions\cacaoweb@cacaoweb.org\chrome    =>.Superfluous.CacaoWeb
DEPLACÉ fichier: C:\Users\bertrant\AppData\Roaming\Mozilla\Firefox\Profiles\deu2kryq.default\Extensions\cacaoweb@cacaoweb.org\chrome.manifest    =>.Superfluous.CacaoWeb
DEPLACÉ fichier*: C:\Users\bertrant\AppData\Roaming\Mozilla\Firefox\Profiles\deu2kryq.default\Extensions\cacaoweb@cacaoweb.org\defaults    =>.Superfluous.CacaoWeb
DEPLACÉ fichier: C:\Users\bertrant\AppData\Roaming\Mozilla\Firefox\Profiles\deu2kryq.default\Extensions\cacaoweb@cacaoweb.org\install.rdf    =>.Superfluous.CacaoWeb
DEPLACÉ fichier: C:\Users\bertrant\AppData\Roaming\cacaoweb\cacaoweb.exe    =>.Superfluous.CacaoWeb
DEPLACÉ dossier: C:\Users\bertrant\AppData\Roaming\Mozilla\Firefox\Profiles\deu2kryq.default\Extensions\cacaoweb@cacaoweb.org  =>.Superfluous.CacaoWeb
DEPLACÉ dossier: C:\Windows\System32\config\systemprofile\AppData\Local\CrashRpt  =>.Superfluous.CrashReports
DEPLACÉ dossier: C:\Windows\System32\config\systemprofile\AppData\Local\SearchProtect  =>PUP.Optional.SearchProtect
DEPLACÉ dossier: C:\Users\bertrant\AppData\Roaming\cacaoweb  =>.Superfluous.CacaoWeb
DEPLACÉ dossier: C:\Users\bertrant\AppData\Local\CrashRpt  =>.Superfluous.CrashReports
DEPLACÉ dossier: C:\Windows\SysWOW64\config\systemprofile\AppData\Local\CrashRpt  =>.Superfluous.CrashReports
DEPLACÉ dossier: C:\Windows\SysWOW64\config\systemprofile\AppData\Local\SearchProtect  =>PUP.Optional.SearchProtect
DEPLACÉ dossier: C:\Users\bertrant\AppData\Roaming\RPEng  =>PUP.Optional.Generic
DEPLACÉ dossier: C:\Windows\Installer\MSI1E3.tmp-  =>.Superfluous.Empty
DEPLACÉ dossier: C:\Windows\Installer\MSI1EAA.tmp-  =>.Superfluous.Empty
DEPLACÉ dossier: C:\Windows\Installer\MSI1F69.tmp-  =>.Superfluous.Empty
DEPLACÉ dossier: C:\Windows\Installer\MSI1F75.tmp-  =>.Superfluous.Empty
DEPLACÉ dossier: C:\Windows\Installer\MSI328D.tmp-  =>.Superfluous.Empty
DEPLACÉ dossier: C:\Windows\Installer\MSI55B5.tmp-  =>.Superfluous.Empty
DEPLACÉ dossier: C:\Windows\Installer\MSI5662.tmp-  =>.Superfluous.Empty
DEPLACÉ dossier: C:\Windows\Installer\MSI571E.tmp-  =>.Superfluous.Empty
DEPLACÉ dossier: C:\Windows\Installer\MSI6A6D.tmp-  =>.Superfluous.Empty
DEPLACÉ dossier: C:\Windows\Installer\MSI77A8.tmp-  =>.Superfluous.Empty
DEPLACÉ dossier: C:\Windows\Installer\MSI7D74.tmp-  =>.Superfluous.Empty
DEPLACÉ dossier: C:\Windows\Installer\MSI96C1.tmp-  =>.Superfluous.Empty
DEPLACÉ dossier: C:\Windows\Installer\MSIA014.tmp-  =>.Superfluous.Empty
DEPLACÉ dossier: C:\Windows\Installer\MSIDC41.tmp-  =>.Superfluous.Empty
DEPLACÉ dossier: C:\Windows\Installer\MSIF33F.tmp-  =>.Superfluous.Empty
DEPLACÉ dossier: C:\Windows\Installer\MSIF5DF.tmp-  =>.Superfluous.Empty
DEPLACÉ dossier: C:\Windows\Installer\MSIF9A7.tmp-  =>.Superfluous.Empty


---\\  Base de Registres ( Clés, Valeurs, Données ). (12)
SUPPRIMÉ clé: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{015DB5FA-EAFB-4592-A95B-F44D3EE87FA9} [http://www.trovi.com/Results.aspx?gd=&ctid=CT3333673&octid=EB_ORIGINAL_CTID&ISID=2CA295FD-E92F-48B8-[...]] [Trovi]  =>PUP.Optional.Trovigo
SUPPRIMÉ clé: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{015DB5FA-EAFB-4592-A95B-F44D3EE87FA9} [http://www.trovi.com/Results.aspx?gd=&ctid=CT3333673&octid=EB_ORIGINAL_CTID&ISID=2CA295FD-E92F-48B8-8606-F76DD4F5D522&SearchSource=58&CUI=&UM=8&UP=SP56A1C4A2-64CE-4579-B4EE-00051D6F1CB6&D=010816&q={searchTerms}&SSPV=&SSPV=&SSPV=&SSPV=&SSPV=&SSPV=&SSPV=&SSPV=&SSPV=&SSPV=&SSPV=&SSPV=&SSPV=&SSPV=&SSPV=&SSPV=&SSPV=&SSPV=&SSPV=&SSPV=&SSPV=&SSPV=&SSPV=&SSPV=&SSPV=&SSPV=&SSPV=&SSPV=&SSPV=&SSPV=&SSPV=&SSPV=&SSPV=&SSPV=&SSPV=&SSPV=&SSPV=&SSPV=&SSPV=&SSPV=&SSPV=&SSPV=&SSPV=]  =>PUP.Optional.Trovigo
SUPPRIMÉ clé*: HKEY_USERS\S-1-5-21-1393033347-2863898210-4096787214-1000\SOFTWARE\cacaoweb [C:\Users\bertrant\AppData\Roaming\cacaoweb\cacaoweb.exe (Not File)]  =>.Superfluous.CacaoWeb
SUPPRIMÉ clé: HKCU\Software\cacaoweb [C:\Users\bertrant\AppData\Roaming\cacaoweb\cacaoweb.exe (Not File)]  =>.Superfluous.CacaoWeb
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\TypeLib\{1112F282-7099-4624-A439-DB29D6551552} [OCComSDK 1.0 Type Library]  =>PUP.Optional.OpenCandy
SUPPRIMÉ clé: [X64] HKLM\SOFTWARE\Wow6432Node\Classes\TypeLib\{1112F282-7099-4624-A439-DB29D6551552} [OCComSDK 1.0 Type Library]  =>PUP.Optional.OpenCandy
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\dlLogic_RASAPI32 []  =>.Superfluous.Conduit
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\dlLogic_RASMANCS []  =>.Superfluous.Conduit
SUPPRIMÉ valeur: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\TCP Query User{B1F86A59-C9EB-4B85-8D9B-61F0E0C98EB0}C:\users\bertrant\appdata\roaming\cacaoweb\cacaoweb.exe [C:\users\bertrant\appdata\roaming\cacaoweb\cacaoweb.exe]  =>.Superfluous.CacaoWeb
SUPPRIMÉ valeur: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\UDP Query User{9B1799F7-B7EF-4985-AB02-FB5E194F7001}C:\users\bertrant\appdata\roaming\cacaoweb\cacaoweb.exe [C:\users\bertrant\appdata\roaming\cacaoweb\cacaoweb.exe]  =>.Superfluous.CacaoWeb
SUPPRIMÉ valeur: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\TCP Query User{20EAC0D8-245E-47D6-893C-B5ED607CFF1A}C:\users\bertrant\appdata\roaming\cacaoweb\cacaoweb.exe [C:\users\bertrant\appdata\roaming\cacaoweb\cacaoweb.exe]  =>.Superfluous.CacaoWeb
SUPPRIMÉ valeur: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\UDP Query User{4A13EEF1-284B-40AE-9A0B-23A783CFFCA7}C:\users\bertrant\appdata\roaming\cacaoweb\cacaoweb.exe [C:\users\bertrant\appdata\roaming\cacaoweb\cacaoweb.exe]  =>.Superfluous.CacaoWeb


---\\  Récapitulatif des éléments trouvés sur votre station. (9)
https://www.nicolascoolman.com/fr/hijacker-trovicom/  =>PUP.Optional.TroviCom
https://nicolascoolman.eu/2017/01/15/superfluous-cacaoweb/  =>.Superfluous.CacaoWeb
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/logiciels-superflus  =>.Superfluous.CrashReports
https://www.nicolascoolman.com/fr/pup-searchprotect/  =>PUP.Optional.SearchProtect
https://www.anti-malware.top/2016/05/01/definition-dun-logiciel-pup-lpi/  =>PUP.Optional.Generic
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/logiciels-superflus  =>.Superfluous.Empty
https://www.nicolascoolman.com/fr/hijacker-trovigo/  =>PUP.Optional.Trovigo
https://www.nicolascoolman.com/fr/adware-opencandy/  =>PUP.Optional.OpenCandy
https://www.nicolascoolman.com/fr/toolbar-conduit/  =>.Superfluous.Conduit


---\\  Nettoyage Additionnel. (43)
~ Suppression des Clés de registre Tracing. (43)
~ Suppression des anciens rapports ZHPCleaner. (0)


---\\ Bilan de la réparation
~ Réparation réalisée avec succès.
~ Ce navigateur est absent  (Google Chrome)
~ Ce navigateur est absent  (Opera Software)


---\\ Statistiques
~ Items scannés : 659
~ Items trouvés : 0
~ Items annulés : 0
~ Items réparés : 47


~ End of clean in 00h00mn26s
~====================
ZHPCleaner-[R]-22012017-11_40_09.txt
ZHPCleaner-[S]-22012017-11_38_55.txt