~ ZHPCleaner v2017.3.25.52 by Nicolas Coolman (2017/03/25)
~ Run by Valentin (Administrator)  (25/03/2017 19:47:53)
~ Web: https://www.nicolascoolman.com
~ Blog: https://nicolascoolman.eu/
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Version OK
~ Type : Nettoyer
~ Report : C:\Users\Valentin\Desktop\ZHPCleaner.txt
~ Quarantine : C:\Users\Valentin\AppData\Roaming\ZHP\ZHPCleaner_Reg.txt
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
Windows 10 Home, 64-bit  (Build 14393)


---\\  Service. (0)
~ Aucun élément malicieux ou superflu trouvé.


---\\  Navigateur internet. (1)
REMPLACÉ Edge Params: HomeButtonPage [http://www.startpageing123.com/?type=hp&ts=1489045078&z=9e215e4d732e298b7d7bf70g2zcb6t0e9zbw9eam3b&from=che0812&uid=HGSTXHTS721010A9E630_JR10006PHAULKEHAULKEX]  =>Hijacker.StartpageIng123


---\\  Fichier hôte. (1)
~ Le fichier hôte est légitime. (19)


---\\  Tâche planifiée. (0)
~ Aucun élément malicieux ou superflu trouvé.


---\\  Explorateur  ( Dossiers, Fichiers ). (30)
DEPLACÉ fichier: C:\Windows\Installer\wix{2E4AF2A6-50EA-4260-9BA4-5E582D11879A}.SchedServiceConfig.rmi    =>.Superfluous.Empty
DEPLACÉ fichier: C:\Windows\Installer\wix{55BB2110-FB43-49B3-93F4-945A0CFB0A6C}.SchedServiceConfig.rmi    =>.Superfluous.Empty
DEPLACÉ fichier: C:\Windows\Installer\wix{89AFB053-A343-46EF-97E4-D593AD7184E6}.SchedServiceConfig.rmi    =>.Superfluous.Empty
DEPLACÉ fichier: C:\Windows\Installer\wix{D4D86CB2-2370-4691-8272-3869EDED6C64}.SchedServiceConfig.rmi    =>.Superfluous.Empty
DEPLACÉ fichier: C:\Users\Valentin\AppData\Local\Temp\wct1E1A.tmp    =>.Superfluous.Temporary.Various
DEPLACÉ fichier: C:\Users\Valentin\AppData\Local\Temp\wct297A.tmp    =>.Superfluous.Temporary.Various
DEPLACÉ fichier: C:\Users\Valentin\AppData\Local\Temp\wct32E9.tmp    =>.Superfluous.Temporary.Various
DEPLACÉ fichier: C:\Users\Valentin\AppData\Local\Temp\wct48C5.tmp    =>.Superfluous.Temporary.Various
DEPLACÉ fichier: C:\Users\Valentin\AppData\Local\Temp\wct525B.tmp    =>.Superfluous.Temporary.Various
DEPLACÉ fichier: C:\Users\Valentin\AppData\Local\Temp\wct6785.tmp    =>.Superfluous.Temporary.Various
DEPLACÉ fichier: C:\Users\Valentin\AppData\Local\Temp\wct6D2A.tmp    =>.Superfluous.Temporary.Various
DEPLACÉ fichier: C:\Users\Valentin\AppData\Local\Temp\wct9A5.tmp    =>.Superfluous.Temporary.Various
DEPLACÉ fichier: C:\Users\Valentin\AppData\Local\Temp\wctA597.tmp    =>.Superfluous.Temporary.Various
DEPLACÉ fichier: C:\Users\Valentin\AppData\Local\Temp\wctA5BD.tmp    =>.Superfluous.Temporary.Various
DEPLACÉ fichier: C:\Users\Valentin\AppData\Local\Temp\wctA6B5.tmp    =>.Superfluous.Temporary.Various
DEPLACÉ fichier: C:\Users\Valentin\AppData\Local\Temp\wctAE7D.tmp    =>.Superfluous.Temporary.Various
DEPLACÉ fichier: C:\Users\Valentin\AppData\Local\Temp\wctD059.tmp    =>.Superfluous.Temporary.Various
DEPLACÉ fichier: C:\Users\Valentin\AppData\Local\Temp\wctE272.tmp    =>.Superfluous.Temporary.Various
DEPLACÉ fichier: C:\Users\Valentin\AppData\Local\Temp\wctE6CA.tmp    =>.Superfluous.Temporary.Various
DEPLACÉ fichier: C:\Users\Valentin\AppData\Local\Temp\videobox.exe [VideoBox - Video Box 1.7.0.9]  =>Adware.Amonetize
DEPLACÉ fichier: C:\Windows\SECOH-QAD.exe    =>HackTool.KMSpico
DEPLACÉ fichier: C:\Windows\Installer\{7AC6FFC5-B011-4452-A0B7-58065AAD2932}\_853F67D554F05449430E7E.exe    =>.Superfluous.WinSnare
DEPLACÉ dossier: C:\Program Files\KMSpico  =>HackTool.KMSpico
DEPLACÉ dossier: C:\Users\Valentin\AppData\Local\Akamai  =>.Superfluous.AkamaiHD
DEPLACÉ dossier: C:\Users\Valentin\AppData\Local\Tempzxpsign2cfb7f918fe1aaa5  =>.Superfluous.Temporary
DEPLACÉ dossier: C:\Users\Valentin\AppData\Local\Tempzxpsign870c0fc4577fe0f7  =>.Superfluous.Temporary
DEPLACÉ dossier: C:\WINDOWS\Installer\MSI211.tmp-  =>.Superfluous.Empty
DEPLACÉ dossier: C:\WINDOWS\Installer\MSI56D.tmp-  =>.Superfluous.Empty
DEPLACÉ dossier: C:\WINDOWS\Installer\MSI893C.tmp-  =>.Superfluous.Empty
DEPLACÉ dossier: C:\WINDOWS\Installer\MSI8B5F.tmp-  =>.Superfluous.Empty


---\\  Base de Registres ( Clés, Valeurs, Données ). (22)
SUPPRIMÉ clé*: HKLM\SYSTEM\CurrentControlSet\Services\WinSnare []  =>.Superfluous.WinSnare
SUPPRIMÉ clé*: HKEY_USERS\S-1-5-21-3706191623-1434985902-2863650259-1002\SOFTWARE\Akamai []  =>.Superfluous.AkamaiHD
SUPPRIMÉ clé: HKCU\Software\Akamai []  =>.Superfluous.AkamaiHD
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Akamai [Akamai Technologies, Inc]  =>.Superfluous.AkamaiHD
SUPPRIMÉ clé*: HKCU\Software\undefined []  =>.Superfluous.Downloader
SUPPRIMÉ clé*: HKLM\SOFTWARE\Wow6432Node\Firefox []  =>Adware.GhokswaBrowser
SUPPRIMÉ clé: HKLM\SOFTWARE\Firefox []  =>Adware.GhokswaBrowser
SUPPRIMÉ clé*: [X64] HKLM\Software\Classes\Installer\Products\461D8763BD4837F4FA6D1936241E7046 [BikaQ Rss]  =>.Superfluous.BikaQ
SUPPRIMÉ clé*: [X64] HKLM\Software\Classes\Installer\Products\5CFF6CA7110B25440A7B8560A5DA9223 [WinSnare]  =>.Superfluous.WinSnare
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\00553E8561CD9CD55890156E8D8C983C [C:\Program Files (x86)\WinSnare(4.3.7)\WinSnare.dll (Not File)]  =>.Superfluous.WinSnare
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\008BD2BCCA00F067348956C3D33008B6 [C:\Program Files (x86)\WinSnare(4.3.7)\openweb.bat (Not File)]  =>.Superfluous.WinSnare
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\02AD9B5E37C0B86444CA8C3CA8C70E57 [C:\Program Files (x86)\WinSnare(4.3.7)\SnareWindowsInstallSupport.dll (Not File)]  =>.Superfluous.WinSnare
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29A5955FBF8FC3C4E9E147B74668DCD5 [C:\Program Files (x86)\WinSnare(4.3.7)\LICENSE.txt (Not File)]  =>.Superfluous.WinSnare
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{3678D164-84DB-4F73-AFD6-916342E10764} [BikaQ]  =>.Superfluous.BikaQ
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{7AC6FFC5-B011-4452-A0B7-58065AAD2932} [WinSnare]  =>.Superfluous.WinSnare
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{73F208F0-628E-4E2C-A8E5-E7A06B71AB01} [C:\Program Files (x86)\VK OK AdBlock\IEEF (Not File)]  =>.Superfluous.TorrentSearch
SUPPRIMÉ clé*: [X64] HKLM\Software\Classes\Installer\Features\5CFF6CA7110B25440A7B8560A5DA9223 []  =>.Superfluous.WinSnare
SUPPRIMÉ clé*: HKCU\SOFTWARE\9D713DBAE6410C0F2221B42D34BEF094 []  =>Hijacker.Browser
SUPPRIMÉ clé*: HKCU\SOFTWARE\B14D27B6C41438C63126E543B8CCFFB0 []  =>Hijacker.Browser
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\B14D27B6C41438C63126E543B8CCFFB0 []  =>Hijacker.Browser
SUPPRIMÉ valeur: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\Akamai NetSession Interface ["C:\Users\Valentin\AppData\Local\Akamai\netsession_win.exe"]  =>.Superfluous.AkamaiHD
SUPPRIMÉ valeur: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run\\Akamai NetSession Interface [0x03000000409083E6BE58D201]  =>.Superfluous.AkamaiHD


---\\  Récapitulatif des éléments trouvés sur votre station. (13)
https://nicolascoolman.eu/2017/03/06/hijacker-startpageing123/  =>Hijacker.StartpageIng123
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/  =>.Superfluous.Empty
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/  =>.Superfluous.Temporary.Various
https://www.anti-malware.top/2016/05/24/adware-amonetize/  =>Adware.Amonetize
https://nicolascoolman.eu/2017/02/16/hacktool-kmspico/  =>HackTool.KMSpico
https://nicolascoolman.eu/2017/01/12/superfluous-winsnare/  =>.Superfluous.WinSnare
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/  =>.Superfluous.AkamaiHD
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/  =>.Superfluous.Temporary
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/  =>.Superfluous.Downloader
https://nicolascoolman.eu/2017/02/19/adware-ghokswabrowser/  =>Adware.GhokswaBrowser
https://nicolascoolman.eu/2017/02/17/superfluous-bikaq/  =>.Superfluous.BikaQ
https://nicolascoolman.eu/2017/01/03/superfluous-torrentsearch/  =>.Superfluous.TorrentSearch
https://nicolascoolman.eu/2017/02/02/hijacker-browser-2/  =>Hijacker.Browser


---\\  Nettoyage Additionnel. (27)
~ Suppression des Clés de registre Tracing. (27)
~ Suppression des anciens rapports ZHPCleaner. (0)


---\\ Bilan de la réparation
~ Réparation réalisée avec succès.
~ Ce navigateur est absent  (Google Chrome)
~ Ce navigateur est absent  (Opera Software)


---\\ Statistiques
~ Items scannés : 722
~ Items trouvés : 0
~ Items annulés : 0
~ Items réparés : 53


~ End of clean in 00h00mn31s
~====================
ZHPCleaner-[R]-25032017-19_48_24.txt
ZHPCleaner-[S]-25032017-19_42_07.txt
ZHPCleaner-[S]-25032017-19_46_56.txt