~ ZHPCleaner v2017.7.27.128 by Nicolas Coolman (2017/07/27) ~ Run by francois (Administrator) (27/07/2017 12:58:05) ~ Web: https://www.nicolascoolman.com ~ Blog: https://nicolascoolman.eu/ ~ Facebook : https://www.facebook.com/nicolascoolman1 ~ State version : Version OK ~ Certificate ZHPCleaner: Legal ~ Type : Nettoyer ~ Report : C:\Users\francois\Desktop\ZHPCleaner.txt ~ Quarantine : C:\Users\francois\AppData\Roaming\ZHP\ZHPCleaner_Reg.txt ~ UAC : Activate ~ Boot Mode : Normal (Normal boot) Windows 10 Pro, 64-bit (Build 15063) ---\\ Service. (0) ---\\ Navigateur internet. (3) REMPLACÉ Quicklaunch: C:\Users\francois\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk [Bad : http://www.yeadesktop.com/ --disable-quic](.Google Inc..) =>PUP.Optional.Zusy REMPLACÉ TaskBar: C:\Users\francois\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk [Bad : http://www.yeadesktop.com/](.Mozilla Corporation.) =>PUP.Optional.Zusy REMPLACÉ Desktop: C:\Users\Public\Desktop\Mozilla Firefox.lnk [Bad : http://www.yeadesktop.com/](.Mozilla Corporation.) =>PUP.Optional.Zusy ---\\ Fichier hôte. (0) ~ Aucun élément malicieux ou superflu trouvé. ---\\ Tâche planifiée. (1) SUPPRIMÉ tâche: [Online Application V2G1] [C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe (Not File) ] =>.Superfluous.Microleaves ---\\ Explorateur ( Dossiers, Fichiers ). (59) DEPLACÉ fichier: C:\Program Files (x86)\YeuAskIE\kiEDMfZ68.dll =>PUP.Optional.YouTubeAdBlock DEPLACÉ fichier: C:\Program Files (x86)\AdBlocker\AdBlockerService.exe [Star Line - AdBlockerService] =>PUP.Optional.Adblocker DEPLACÉ fichier: C:\Program Files (x86)\AE5G0xeimD\kl.dll =>Adware.FastSearch DEPLACÉ fichier: C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe =>.Superfluous.Microleaves DEPLACÉ fichier: C:\Windows\Tasks\A0EECDFC-B485-47CA-8AE4-6DB2B0B2691F.job =>Adware.CrossRider DEPLACÉ fichier: C:\Windows\Tasks\D84922A6-7A75-473C-A9D4-0CD037E9508B.job =>Adware.CrossRider DEPLACÉ fichier: C:\END =>.Superfluous.Conduit DEPLACÉ fichier: C:\Windows\Prefetch\ADBLOCKER.TMP-0BB49075.pf =>PUP.Optional.Adblocker DEPLACÉ fichier: C:\Windows\Prefetch\YEADESKTOP.EXE-A884E645.pf =>PUP.Optional.Zusy DEPLACÉ fichier: C:\Windows\Prefetch\YEADESKTOP.TMP-F3D37390.pf =>PUP.Optional.Zusy DEPLACÉ fichier: C:\Windows\Prefetch\YEADESKTOP2.TMP-3F781D26.pf =>PUP.Optional.Zusy DEPLACÉ fichier: C:\Windows\Prefetch\YEADESKTOP2.TMP-4267A39D.pf =>PUP.Optional.Zusy DEPLACÉ fichier: C:\Users\francois\Downloads\cacaoweb.exe =>.Superfluous.CacaoWeb DEPLACÉ fichier: C:\Users\francois\AppData\Local\Temp\AdBlocker.exe =>PUP.Optional.Adblocker DEPLACÉ fichier: C:\Users\francois\AppData\Local\Temp\BandwidthStatBU.exe =>.Superfluous.InterStat DEPLACÉ fichier: C:\Users\francois\AppData\Local\Temp\gTfGksbT-upd.exe =>.Superfluous.Elex DEPLACÉ fichier: C:\Users\francois\AppData\Local\Temp\Yeadesktop.exe =>PUP.Optional.Zusy DEPLACÉ fichier: C:\Users\francois\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.audienceinsights.net_0.localstorage =>.Superfluous.AudienceInsights DEPLACÉ fichier: C:\Windows\AutoKMS\AutoKMS.log =>HackTool.AutoKMS DEPLACÉ dossier: C:\Users\francois\AppData\Local\Google\Chrome\User Data\Default\Extensions\agalokjhnhheienloigiaoohgmjdpned =>Hijacker.Browser ["update_url" : "https://clients2.google.com/servic] DEPLACÉ dossier: C:\Program Files (x86)\AdBlocker =>PUP.Optional.Adblocker DEPLACÉ dossier: C:\Program Files (x86)\Microleaves =>.Superfluous.Microleaves DEPLACÉ dossier: C:\Program Files (x86)\SoftUpgrade =>.Superfluous.Elex DEPLACÉ dossier: C:\Program Files\3T2K83WW47 =>Heuristic.Wizzcaster DEPLACÉ dossier: C:\Program Files\64WLNDPX28 =>Heuristic.Wizzcaster DEPLACÉ dossier: C:\Program Files\6XHNKA8054 =>Heuristic.Wizzcaster DEPLACÉ dossier: C:\Program Files\76KL0OB70Z =>Heuristic.Wizzcaster DEPLACÉ dossier: C:\Program Files\7T82WG6COJ =>Heuristic.Wizzcaster DEPLACÉ dossier: C:\Program Files\8QKEQWX2XT =>Heuristic.Wizzcaster DEPLACÉ dossier: C:\Program Files\I856EAO8GI =>Heuristic.Wizzcaster DEPLACÉ dossier: C:\Program Files\JVW5NZTF5U =>Heuristic.Wizzcaster DEPLACÉ dossier: C:\Program Files\M1CFJ456YE =>Heuristic.Wizzcaster DEPLACÉ dossier: C:\Program Files\OUNZM6YPMZ =>Heuristic.Wizzcaster DEPLACÉ dossier: C:\Program Files\QEQ01P91YM =>Heuristic.Wizzcaster DEPLACÉ dossier: C:\Program Files\QFP2F3IV53 =>Heuristic.Wizzcaster DEPLACÉ dossier: C:\Program Files\VVLGJ0OPDE =>Heuristic.Wizzcaster DEPLACÉ dossier: C:\WINDOWS\AutoKMS =>HackTool.AutoKMS DEPLACÉ dossier: C:\Users\francois\AppData\Roaming\0gxbu02ff3q =>Heuristic.Wizzcaster DEPLACÉ dossier: C:\Users\francois\AppData\Roaming\0qpxv3zv5xe =>Heuristic.Wizzcaster DEPLACÉ dossier: C:\Users\francois\AppData\Roaming\2gqimv0pxt0 =>Heuristic.Wizzcaster DEPLACÉ dossier: C:\Users\francois\AppData\Roaming\3calulzfzcl =>Heuristic.Wizzcaster DEPLACÉ dossier: C:\Users\francois\AppData\Roaming\3r435gb5gus =>Heuristic.Wizzcaster DEPLACÉ dossier: C:\Users\francois\AppData\Roaming\3sqtvqact53 =>Heuristic.Wizzcaster DEPLACÉ dossier: C:\Users\francois\AppData\Roaming\5lhoih03s1d =>Heuristic.Wizzcaster DEPLACÉ dossier: C:\Users\francois\AppData\Roaming\bl232qax5bf =>Heuristic.Wizzcaster DEPLACÉ dossier: C:\Users\francois\AppData\Roaming\h3hyk105a0i =>Heuristic.Wizzcaster DEPLACÉ dossier: C:\Users\francois\AppData\Roaming\l4rseewjb2n =>Heuristic.Wizzcaster DEPLACÉ dossier: C:\Users\francois\AppData\Roaming\Microleaves =>.Superfluous.Microleaves DEPLACÉ dossier: C:\Users\francois\AppData\Roaming\n3pj4bat5yx =>Heuristic.Wizzcaster DEPLACÉ dossier: C:\Users\francois\AppData\Roaming\ov0tolcujka =>Heuristic.Wizzcaster DEPLACÉ dossier: C:\Users\francois\AppData\Roaming\te0w3ntoa1d =>Heuristic.Wizzcaster DEPLACÉ dossier: C:\Users\francois\AppData\Roaming\v1rmzbnkzvg =>Heuristic.Wizzcaster DEPLACÉ dossier: C:\Users\francois\AppData\Local\AppTrailers =>Adware.AppTrailers DEPLACÉ dossier: C:\Program Files (x86)\AVBoost =>Adware.Wizzcaster DEPLACÉ dossier: C:\Users\francois\AppData\Local\UCBrowser =>.Superfluous.UCBrowser DEPLACÉ dossier: C:\Users\francois\AppData\Local\AdvinstAnalytics =>.Superfluous.Various DEPLACÉ dossier: C:\Users\francois\AppData\Roaming\UCChannel =>.Superfluous.UCBrowser DEPLACÉ dossier: C:\Users\francois\AppData\Roaming\Interstat =>.Superfluous.WeatherChannel DEPLACÉ dossier: C:\WINDOWS\SysWOW64\config\systemprofile\AppData\Local\UCBrowser =>.Superfluous.UCBrowser ---\\ Base de Registres ( Clés, Valeurs, Données ). (47) SUPPRIMÉ donnée: [X64] HKLM\SOFTWARE\Classes\IE.HTTP\Shell\Open\Command\\Default [Bad : [html] "C:\Program Files\Internet Explorer\iexplore.exe" %1] =>Broken.OpenCommand SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C0D38E5A-7CF8-4105-8FE8-31B81443A114} [YoutubeAdBlock] =>PUP.Optional.YouTubeAdBlock SUPPRIMÉ clé*: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C0D38E5A-7CF8-4105-8FE8-31B81443A114} [] =>PUP.Optional.YouTubeAdBlock SUPPRIMÉ clé*: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C0D38E5A-7CF8-4105-8FE8-31B81443A114} [] =>PUP.Optional.YouTubeAdBlock SUPPRIMÉ clé*: [X64] HKLM\Software\Classes\CLSID\{C0D38E5A-7CF8-4105-8FE8-31B81443A114} [YoutubeAdBlock] =>PUP.Optional.YouTubeAdBlock SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{C0D38E5A-7CF8-4105-8FE8-31B81443A114} [YoutubeAdBlock] =>PUP.Optional.YouTubeAdBlock SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C0D38E5A-7CF8-4105-8FE8-31B81443A114} [YoutubeAdBlock] =>PUP.Optional.YouTubeAdBlock SUPPRIMÉ clé*: HKCU\Software\WajIEnhance [] =>PUP.Optional.Wajam SUPPRIMÉ clé*: HKLM\SYSTEM\CurrentControlSet\Services\AdBlockerService [C:\Program Files (x86)\AdBlocker\AdBlockerService.exe (Not File)] =>PUP.Optional.Adblocker SUPPRIMÉ clé*: HKLM\SYSTEM\CurrentControlSet\Services\OtherSearch [C:\Program Files (x86)\AE5G0xeimD\kl.dll (Not File)] =>Adware.FastSearch SUPPRIMÉ clé*: HKEY_USERS\S-1-5-21-2721768177-3965386517-1639301863-1000\SOFTWARE\cacaoweb [C:\Users\francois\AppData\Roaming\cacaoweb\cacaoweb.exe (Not File)] =>.Superfluous.CacaoWeb SUPPRIMÉ clé*: HKEY_USERS\S-1-5-21-2721768177-3965386517-1639301863-1000\SOFTWARE\One System Care [] =>PUP.Optional.OneSystemCare SUPPRIMÉ clé*: HKEY_USERS\S-1-5-21-2721768177-3965386517-1639301863-1000\SOFTWARE\System Healer [] =>PUP.Optional.SystemHealer SUPPRIMÉ clé: HKEY_USERS\S-1-5-21-2721768177-3965386517-1639301863-1000\SOFTWARE\WajIEnhance [] =>PUP.Optional.WaEnhance SUPPRIMÉ clé*: HKEY_USERS\S-1-5-21-2721768177-3965386517-1639301863-1000\SOFTWARE\YeaDesktop [] =>PUP.Optional.Zusy SUPPRIMÉ clé: HKCU\Software\cacaoweb [C:\Users\francois\AppData\Roaming\cacaoweb\cacaoweb.exe (Not File)] =>.Superfluous.CacaoWeb SUPPRIMÉ clé: HKCU\Software\One System Care [] =>PUP.Optional.OneSystemCare SUPPRIMÉ clé: HKCU\Software\System Healer [] =>PUP.Optional.SystemHealer SUPPRIMÉ clé: HKCU\Software\YeaDesktop [] =>PUP.Optional.Zusy SUPPRIMÉ clé*: HKCU\Software\AppDataLow\Software\AppTrailers [] =>Adware.AppTrailers SUPPRIMÉ clé*: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\qtipr.com [107] =>Hijacker.Browser SUPPRIMÉ clé*: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\www.yeadesktop.com [181] =>PUP.Optional.Zusy SUPPRIMÉ clé*: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\yeadesktop.com [] =>PUP.Optional.Zusy SUPPRIMÉ clé*: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\atwola.com [] =>.Superfluous.Atwola SUPPRIMÉ clé*: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\ma-config.fr.softonic.com [] =>.Superfluous.Softonic SUPPRIMÉ clé*: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\myscrapnook.dl.myway.com [12] =>.Superfluous.MindSpark SUPPRIMÉ clé*: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\ol.uk.at.atwola.com [1342] =>.Superfluous.Atwola SUPPRIMÉ clé*: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\softonic.com [] =>.Superfluous.Softonic SUPPRIMÉ clé*: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\static.audienceinsights.net [43] =>.Superfluous.AudienceInsights SUPPRIMÉ clé*: HKCU\Software\ELLS LLC [] =>.Superfluous.ELLSLLC SUPPRIMÉ clé*: HKCU\Software\UCBrowserPID [] =>.Superfluous.UCBrowser SUPPRIMÉ clé*: HKLM\SOFTWARE\Wow6432Node\UCBrowserPID [] =>.Superfluous.UCBrowser SUPPRIMÉ clé: HKLM\SOFTWARE\UCBrowserPID [] =>.Superfluous.UCBrowser SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Soci2Sear Browser Enhancer [] =>PUP.Optional.Wajam SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\dddfeff3e225fa45aa5bfd961ec1191d [Social2Search] =>PUP.Optional.Social2Search SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\12F20F87AC0DA7BB9949FB50234F78C3 [C:\Program Files (x86)\SoftMedia\Windows Session Console Weather\wdscw.exe (Not File)] =>PUP.Optional.SoftMedia SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\23E4C6D00564386418B357E6097ECF3E [02:\Software\Microleaves\ (Not File)] =>.Superfluous.Microleaves SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2AE9B3C0743B7184F8583F011120670B [02:\Software\Microleaves\Online.io Application\Version (Not File)] =>.Superfluous.Microleaves SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3220CB795611361F3F24CE25882B85AB [C:\Program Files (x86)\SoftMedia\Windows Session Console Weather\wEye.bat (Not File)] =>PUP.Optional.SoftMedia SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3D41CBCF6FD0C5FFCF7C9E2EEB1FD8FC [C:\Program Files (x86)\SoftMedia\Windows Session Console Weather\wEye End User License Agreement.rtf (Not File)] =>PUP.Optional.SoftMedia SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4ABB6FD4D1C2F4F1D95E88CFBBC4F8A2 [C:\Program Files (x86)\SoftMedia\Windows Session Console Weather\Interop.SHDocVw.dll (Not File)] =>PUP.Optional.SoftMedia SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microleaves [] =>.Superfluous.Microleaves SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\OtherSearch [] =>Adware.FastSearch SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Soci2Sear Browser Enhancer [] =>PUP.Optional.Wajam SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\YeaDesktop_RASAPI32 [] =>PUP.Optional.Zusy SUPPRIMÉ clé: [X64] HKLM\SOFTWARE\Classes\CLSID\{C0D38E5A-7CF8-4105-8FE8-31B81443A114}\InprocServer32 [C:\Program Files (x86)\YeuAskIE\tc0Zynw63.dll] =>Adware.Sambreel SUPPRIMÉ valeur: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\YeaDesktop [C:\Program Files (x86)\YeaDesktop\YeaDesktop.exe /autostart] =>PUP.Optional.Zusy ---\\ Récapitulatif des éléments trouvés sur votre station. (32) https://www.anti-malware.top/2016/05/17/adware-zusy/ =>PUP.Optional.Zusy https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.Superfluous.Microleaves https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>PUP.Optional.YouTubeAdBlock https://nicolascoolman.eu/2017/01/28/adware-adblocker/ =>PUP.Optional.Adblocker https://nicolascoolman.eu/22017/04/04/adware-fastsearch/ =>Adware.FastSearch https://nicolascoolman.eu/2017/03/11/pup-optional-crossrider/ =>Adware.CrossRider https://nicolascoolman.eu/2017/02/06/superfluous-conduit/ =>.Superfluous.Conduit https://nicolascoolman.eu/2017/01/15/superfluous-cacaoweb/ =>.Superfluous.CacaoWeb https://www.anti-malware.top/2016/06/25/conseils-logiciel-publicitaire-interstat/ =>.Superfluous.InterStat https://nicolascoolman.eu/2017/03/28/superfluous-elex/ =>.Superfluous.Elex https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.Superfluous.AudienceInsights https://nicolascoolman.eu/2017/02/02/hacktool-autokms/ =>HackTool.AutoKMS https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>Hijacker.Browser ["update_url" : "https://clients2.google.com/servic] https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>Heuristic.Wizzcaster https://nicolascoolman.eu/2017/01/18/adware-apptrailers/ =>Adware.AppTrailers https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>Adware.Wizzcaster https://nicolascoolman.eu/2017/03/04/superfluous-ucbrowser/ =>.Superfluous.UCBrowser https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.Superfluous.Various https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.Superfluous.WeatherChannel https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>Broken.OpenCommand https://nicolascoolman.eu/2017/02/24/pup-optional-wajam/ =>PUP.Optional.Wajam https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>PUP.Optional.OneSystemCare https://www.nicolascoolman.com/fr/pup-optional-systemhealer/ =>PUP.Optional.SystemHealer https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>PUP.Optional.WaEnhance https://nicolascoolman.eu/2017/02/02/hijacker-browser-2/ =>Hijacker.Browser https://nicolascoolman.eu/2017/02/04/superfluous-atwola/ =>.Superfluous.Atwola https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.Superfluous.Softonic https://nicolascoolman.eu/2017/01/15/superfluous-mindspark/ =>.Superfluous.MindSpark https://nicolascoolman.eu/2017/05/15/superflous-weatherbuddy/ =>.Superfluous.ELLSLLC https://nicolascoolman.eu/2017/01/17/wajam-social2search/ =>PUP.Optional.Social2Search https://www.anti-malware.top/2016/04/24/pup-optional-softmedia/ =>PUP.Optional.SoftMedia https://www.nicolascoolman.com/fr/pup-optional-sambreel/ =>Adware.Sambreel ---\\ Nettoyage Additionnel. (46) ~ Suppression des Clés de registre Tracing. (39) ~ Suppression des anciens rapports ZHPCleaner. (7) ---\\ Bilan de la réparation ~ Réparation réalisée avec succès. ~ Ce navigateur est absent (Opera Software) ---\\ Statistiques ~ Items scannés : 7700 ~ Items trouvés : 0 ~ Items annulés : 0 ~ Items réparés : 112 ~ End of clean in 00h01mn17s ~==================== ZHPCleaner-[R]-27072017-12_59_22.txt ZHPCleaner-[S]-27072017-12_57_19.txt