~ ZHPCleaner v2017.6.26.105 by Nicolas Coolman (2017/06/26)
~ Run by benja_000 (Administrator)  (02/07/2017 15:36:49)
~ Web: https://www.nicolascoolman.com
~ Blog: https://nicolascoolman.eu/
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Version OK
~ Certificate ZHPCleaner: Illegal
~ Type : Nettoyer
~ Report : C:\Users\benja_000\Desktop\ZHPCleaner.txt
~ Quarantine : C:\Users\benja_000\AppData\Roaming\ZHP\ZHPCleaner_Reg.txt
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
Windows 10 Home, 64-bit  (Build 14393)


---\\  Service. (0)


---\\  Navigateur internet. (1)
SUPPRIMÃ donnÃ©e: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyOverride [Bad : <-loopback>;<local>]  =>Hijacker.Proxy


---\\  Fichier hÃ´te. (3)
REMPLACÃ: 35.156.90.191 authserver.mojang.com
REMPLACÃ: 35.156.90.191 sessionserver.mojang.com
~ Nombre de redirections trouvÃ©es 2/3


---\\  TÃ¢che planifiÃ©e. (1)
SUPPRIMÃ tÃ¢che: [AutoPico Daily Restart] [C:\Program Files\KMSpico\AutoPico.exe (Not File) ]  =>HackTool.KMSpico


---\\  Explorateur  ( Dossiers, Fichiers ). (23)
DEPLACÃ fichier: C:\Program Files\KMSpico\Service_KMS.exe [@ByELDI - Service_KMS]  =>HackTool.KMSpico
DEPLACÃ fichier: C:\WINDOWS\System32\drivers\{36ed28a4-ac0a-4653-91ff-10beb4246550}Gw64.sys [StdLib - StdLib]  =>PUP.Optional.LinkiDoo
DEPLACÃ fichier^: C:\WINDOWS\System32\drivers\{6dd55e9a-3d06-4d70-b5e7-05fc3e0a3d66}Gw64.sys [StdLib - StdLib]  =>PUP.Optional.LinkiDoo
DEPLACÃ fichier^: C:\WINDOWS\System32\drivers\{848705a5-8a27-403e-9b59-732d0608bcbc}Gw64.sys [StdLib - StdLib]  =>PUP.Optional.LinkiDoo
DEPLACÃ fichier^: C:\WINDOWS\System32\drivers\{eb01aed1-bba3-4e72-8323-a77bb027b1d4}Gw64.sys [StdLib - StdLib]  =>PUP.Optional.LinkiDoo
DEPLACÃ fichier**: C:\Program Files\KMSpico\AutoPico.exe [@ByELDI - AutoPico]  =>HackTool.KMSpico
DEPLACÃ fichier**: C:\Windows\Prefetch\MEDIAGET.EXE-2AFE4C32.pf    =>.Superfluous.MediaGet
DEPLACÃ fichier**: C:\Users\benja_000\Desktop\KMSpico - MrPlutani0m.exe [ - KMSpico Setup]  =>HackTool.KMSpico
DEPLACÃ fichier**: C:\Users\benja_000\Downloads\Download_Right_Click_To_Necromance_downloader.exe [electoPod incorp. - ]  =>.Superfluous.WebitarProduction
DEPLACÃ fichier**: C:\Users\benja_000\Downloads\KMSpico - MrPlutani0m.exe [ - KMSpico Setup]  =>HackTool.KMSpico
DEPLACÃ fichier**: C:\Users\benja_000\AppData\Local\nsaF419.tmp [CMI Limited - Setup]  =>.Superfluous.CMILimited
DEPLACÃ fichier**: C:\Users\benja_000\AppData\Local\nsdF531.tmp [CMI Limited - Setup]  =>.Superfluous.CMILimited
DEPLACÃ fichier**: C:\Users\benja_000\AppData\Local\nspD2B8.tmp [CMI Limited - Setup]  =>.Superfluous.CMILimited
DEPLACÃ fichier**: C:\Windows\SECOH-QAD.exe    =>HackTool.KMSpico
DEPLACÃ dossier*: C:\Program Files (x86)\dollarkeeepper  =>PUP.Optional.DollarKeeper
DEPLACÃ dossier*: C:\Program Files (x86)\Mirillis  =>.Superfluous.Empty
DEPLACÃ dossier*: C:\Program Files (x86)\Software  =>.Superfluous.Empty
DEPLACÃ dossier*: C:\Program Files\KMSpico  =>HackTool.KMSpico
DEPLACÃ dossier*: C:\Program Files\shopperz  =>PUP.Optional.Shopperz
DEPLACÃ dossier*: C:\ProgramData\41c80e239b441d2  =>Adware.CrossRider
DEPLACÃ dossier*: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico  =>HackTool.KMSpico
DEPLACÃ dossier*: C:\Users\benja_000\AppData\Roaming\Store  =>.Superfluous.Nosibay
DEPLACÃ dossier*: C:\Users\benja_000\Documents\Optimizer Pro  =>PUP.Optional.OptimizerPro


---\\  Base de Registres ( ClÃ©s, Valeurs, DonnÃ©es ). (57)
SUPPRIMÃ clÃ©*: HKCU\Software\HQ-Video-Pro-2.1cV14.01-nv []  =>Adware.CrossRider
SUPPRIMÃ clÃ©*: HKCU\Software\Sense-nv []  =>Adware.CrossRider
SUPPRIMÃ clÃ©*: [X64] HKLM\SOFTWARE\Wow6432Node\HQ-Video-Pro-2.1cV14.01-nv []  =>Adware.CrossRider
SUPPRIMÃ clÃ©*: [X64] HKLM\SOFTWARE\Wow6432Node\Sense-nv []  =>Adware.CrossRider
SUPPRIMÃ clÃ©*: HKLM\SYSTEM\CurrentControlSet\Services\Service KMSELDI [C:\Program Files\KMSpico\Service_KMS.exe (Not File)]  =>HackTool.KMSpico
SUPPRIMÃ clÃ©*: HKLM\SYSTEM\CurrentControlSet\Services\{36ed28a4-ac0a-4653-91ff-10beb4246550}Gw64 [C:\WINDOWS\System32\drivers\{36ed28a4-ac0a-4653-91ff-10beb4246550}Gw64.sys (Not File)]  =>PUP.Optional.LinkiDoo
SUPPRIMÃ clÃ©*: HKLM\SYSTEM\CurrentControlSet\Services\{6dd55e9a-3d06-4d70-b5e7-05fc3e0a3d66}Gw64 [C:\WINDOWS\System32\drivers\{6dd55e9a-3d06-4d70-b5e7-05fc3e0a3d66}Gw64.sys]  =>PUP.Optional.LinkiDoo
SUPPRIMÃ clÃ©*: HKLM\SYSTEM\CurrentControlSet\Services\{848705a5-8a27-403e-9b59-732d0608bcbc}Gw64 [C:\WINDOWS\System32\drivers\{848705a5-8a27-403e-9b59-732d0608bcbc}Gw64.sys]  =>PUP.Optional.LinkiDoo
SUPPRIMÃ clÃ©*: HKLM\SYSTEM\CurrentControlSet\Services\{eb01aed1-bba3-4e72-8323-a77bb027b1d4}Gw64 [C:\WINDOWS\System32\drivers\{eb01aed1-bba3-4e72-8323-a77bb027b1d4}Gw64.sys]  =>PUP.Optional.LinkiDoo
SUPPRIMÃ clÃ©: HKEY_USERS\S-1-5-21-947915296-3583002873-1704246444-1001\SOFTWARE\HQ-Video-Pro-2.1cV14.01-nv []  =>Adware.CrossRider
SUPPRIMÃ clÃ©*: HKEY_USERS\S-1-5-21-947915296-3583002873-1704246444-1001\SOFTWARE\PluginAddon []  =>PUP.Optional.Vonteera
SUPPRIMÃ clÃ©*: HKEY_USERS\S-1-5-21-947915296-3583002873-1704246444-1001\SOFTWARE\Classes\.torrent [mediagettorrentfile]  =>.Superfluous.MediaGet
SUPPRIMÃ clÃ©*: HKEY_USERS\S-1-5-21-947915296-3583002873-1704246444-1001\SOFTWARE\Classes\mediagettorrentfile [MediaGet2 torrent]  =>.Superfluous.MediaGet
SUPPRIMÃ clÃ©*: HKEY_USERS\S-1-5-21-947915296-3583002873-1704246444-1001\SOFTWARE\Classes\mediagetvideofile [MediaGet2 video file]  =>.Superfluous.MediaGet
SUPPRIMÃ clÃ©*: HKEY_USERS\.DEFAULT\Software\HQ-Video-Pro-2.1cV14.01-nv []  =>Adware.CrossRider
SUPPRIMÃ clÃ©*: HKEY_USERS\.DEFAULT\Software\AppDataLow\Software\HQ-Video-Pro-2.1cV14.01 []  =>Adware.CrossRider
SUPPRIMÃ clÃ©: HKCU\Software\PluginAddon []  =>PUP.Optional.Vonteera
SUPPRIMÃ clÃ©*: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1331551-D034-4771-9F94-9854325C18C} [C:\Program Files (x86)\Ge-Force (Not File)]  =>Adware.CrossRider
SUPPRIMÃ clÃ©*: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1CDF8C60-BD8E-4AD2-9FE2-5D5B4C665262} [C:\Program Files (x86)\HQ-Video-Pro-2.1cV14.01 (Not File)]  =>Adware.CrossRider
SUPPRIMÃ clÃ©*: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1F943EA7-7F8F-4E28-8724-E84A8A5C67E2} [C:\Program Files (x86)\HQ-Video-Pro-2.1cV14.01 (Not File)]  =>Adware.CrossRider
SUPPRIMÃ clÃ©*: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2BFB1FB6-3D68-44C2-B754-AC7271E9D57B} [C:\Program Files (x86)\HQ-Video-Pro-2.1cV14.01 (Not File)]  =>Adware.CrossRider
SUPPRIMÃ clÃ©*: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{35EBCEC4-23CE-41D6-A42F-931FCBFF01F} [C:\Program Files (x86)\HQ-Video-Pro-2.1cV14.01 (Not File)]  =>Adware.CrossRider
SUPPRIMÃ clÃ©*: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3685C856-7574-4191-AC6-EEF502B2D25} [C:\Program Files (x86)\Ge-Force (Not File)]  =>Adware.CrossRider
SUPPRIMÃ clÃ©*: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{38A77D01-E02D-49F2-8DAF-E6A0EB169E41} [C:\Program Files (x86)\Ge-Force (Not File)]  =>Adware.CrossRider
SUPPRIMÃ clÃ©*: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{47F11AD1-9C15-4909-BA4F-49DDCA172126} [C:\Program Files (x86)\HQ-Video-Pro-2.1cV14.01 (Not File)]  =>Adware.CrossRider
SUPPRIMÃ clÃ©*: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{583A2444-F2E5-4B86-BABD-BF5D437EB7E} [C:\Program Files (x86)\Ge-Force (Not File)]  =>Adware.CrossRider
SUPPRIMÃ clÃ©*: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5F5A088F-69AC-4811-9FD8-1D4F6D55398} [C:\Program Files (x86)\HQ-Video-Pro-2.1cV14.01 (Not File)]  =>Adware.CrossRider
SUPPRIMÃ clÃ©*: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6DAEDA42-C093-4744-A4D2-584FF184F4D0} [C:\Program Files (x86)\HQ-Video-Pro-2.1cV14.01 (Not File)]  =>Adware.CrossRider
SUPPRIMÃ clÃ©*: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{755D5C-459C-4FE5-9F30-C22D885F80E2} [C:\Program Files (x86)\Ge-Force (Not File)]  =>Adware.CrossRider
SUPPRIMÃ clÃ©*: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{78B00525-1713-49E4-BCA1-4A03DD9967D} [C:\Program Files (x86)\HQ-Video-Pro-2.1cV14.01 (Not File)]  =>Adware.CrossRider
SUPPRIMÃ clÃ©*: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{800A4779-2AA4-4DE7-A14B-7DB075CDF1F} [C:\Program Files (x86)\HQ-Video-Pro-2.1cV14.01 (Not File)]  =>Adware.CrossRider
SUPPRIMÃ clÃ©*: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B28806A8-C89-46D5-8538-CB999D4B349} [C:\Program Files (x86)\HQ-Video-Pro-2.1cV14.01 (Not File)]  =>Adware.CrossRider
SUPPRIMÃ clÃ©*: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B620C5C8-7D57-42AB-8D65-5737D1608C} [C:\Program Files (x86)\HQ-Video-Pro-2.1cV14.01 (Not File)]  =>Adware.CrossRider
SUPPRIMÃ clÃ©*: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B657AEFF-E3D5-4FB6-A33-6CE8995C4AE} [C:\Program Files (x86)\Ge-Force (Not File)]  =>Adware.CrossRider
SUPPRIMÃ clÃ©*: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BAD4A3F8-D45F-4B66-A99A-61428D72437A} [C:\Program Files (x86)\HQ-Video-Pro-2.1cV14.01 (Not File)]  =>Adware.CrossRider
SUPPRIMÃ clÃ©*: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7E6E0CF-E5A7-46D0-963E-B4E3E7812C46} [C:\Program Files (x86)\HQ-Video-Pro-2.1cV14.01 (Not File)]  =>Adware.CrossRider
SUPPRIMÃ clÃ©*: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C9CC1EFD-8DFC-4ED4-A943-A9EDFB87E51D} [C:\Program Files (x86)\HQ-Video-Pro-2.1cV14.01 (Not File)]  =>Adware.CrossRider
SUPPRIMÃ clÃ©*: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CAC7C1F1-29F8-44D3-B9D9-EECD407021F5} [C:\Program Files (x86)\Ge-Force (Not File)]  =>Adware.CrossRider
SUPPRIMÃ clÃ©*: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F0D629D2-A4B7-4166-AADF-3D592A9C32D} [C:\Program Files (x86)\HQ-Video-Pro-2.1cV14.01 (Not File)]  =>Adware.CrossRider
SUPPRIMÃ clÃ©*: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F3FCA3F4-4222-45C4-BD82-57297F5F7A9} [C:\Program Files (x86)\Ge-Force (Not File)]  =>Adware.CrossRider
SUPPRIMÃ clÃ©*: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F71EC432-427E-4479-A0B5-53B27DD0E68} [C:\Program Files (x86)\HQ-Video-Pro-2.1cV14.01 (Not File)]  =>Adware.CrossRider
SUPPRIMÃ clÃ©*: HKCU\Software\WEBAPP []  =>.Superfluous.Downloader
SUPPRIMÃ clÃ©*: HKLM\SOFTWARE\Wow6432Node\Policies\Google\Update []  =>PUM.Security.Hijack
SUPPRIMÃ clÃ©*: [X64] HKLM\SOFTWARE\Microsoft\Tracing\ByteFence_RASAPI32 []  =>.Superfluous.ByteFence
SUPPRIMÃ clÃ©*: [X64] HKLM\SOFTWARE\Microsoft\Tracing\ByteFence_RASMANCS []  =>.Superfluous.ByteFence
SUPPRIMÃ clÃ©*: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KMSpico_is1 [KMSpico v9.3]  =>HackTool.KMSpico
SUPPRIMÃ clÃ©*: [X64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SoftwareUpdate.exe []  =>PUP.Optional.Boxore
SUPPRIMÃ clÃ©*: [X64] HKLM\SOFTWARE\Wow6432Node\ClickCaption_1.10.0.6 []  =>PUP.Optional.ClickCaption
SUPPRIMÃ clÃ©*: [X64] HKLM\SOFTWARE\Wow6432Node\SuperClick_1.10.0.16 []  =>PUP.Optional.SuperClick
SUPPRIMÃ valeur: HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions\\{DACC7D21-88D3-8701-79DB-50B30225DE6E} [C:\Program Files (x86)\ver4BlockAndSurf\186.xpi]  =>PUP.Optional.BlockAndSurf
SUPPRIMÃ valeur: HKLM64\SOFTWARE\Mozilla\Firefox\Extensions\\{2395B860-45E4-42fd-96E6-50BA597C1C42} [C:\Program Files\shopperz\Firefox]  =>PUP.Optional.Shopperz
SUPPRIMÃ valeur: HKLM64\SOFTWARE\Wow6432Node\Mozilla\Firefox\Extensions\\{2395B860-45E4-42fd-96E6-50BA597C1C42} [C:\Program Files\shopperz\Firefox]  =>PUP.Optional.Shopperz
SUPPRIMÃ valeur: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\mbot_fr_627 []  =>Adware.CrossRider
SUPPRIMÃ valeur: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\gmsd_fr_571 []  =>Adware.CrossRider
SUPPRIMÃ valeur: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\StartupFolder\\SmartWeb.lnk [0x03000000C2DE06F5E59AD001]  =>PUP.Optional.SmartWebSearch
SUPPRIMÃ valeur: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\{3EAFA32C-7F35-4D70-B04E-30FA9C6B3DF6} [C:\Users\benja_000\AppData\Local\MediaGet2\mediaget.exe]  =>.Superfluous.MediaGet
SUPPRIMÃ valeur: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\{C00CA5C8-18AA-4F3C-B6DD-73A7903FA668} [C:\Users\benja_000\AppData\Local\MediaGet2\mediaget.exe]  =>.Superfluous.MediaGet


---\\  RÃ©capitulatif des Ã©lÃ©ments trouvÃ©s sur votre station. (21)
https://nicolascoolman.eu/2017/04/03/hijacker-proxy/  =>Hijacker.Proxy
https://nicolascoolman.eu/2017/02/16/hacktool-kmspico/  =>HackTool.KMSpico
https://www.nicolascoolman.com/fr/pup-linkidoo/  =>PUP.Optional.LinkiDoo
https://www.nicolascoolman.com/fr/pup-mediaget/  =>.Superfluous.MediaGet
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/  =>.Superfluous.WebitarProduction
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/  =>.Superfluous.CMILimited
https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/  =>PUP.Optional.DollarKeeper
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/  =>.Superfluous.Empty
https://www.anti-malware.top/2016/04/21/pup-optional-shopperz/  =>PUP.Optional.Shopperz
https://nicolascoolman.eu/2017/03/11/pup-optional-crossrider/  =>Adware.CrossRider
https://www.anti-malware.top/2016/05/03/superfluous-nosibay/  =>.Superfluous.Nosibay
https://www.nicolascoolman.com/fr/pup-optimizerpro/  =>PUP.Optional.OptimizerPro
https://www.nicolascoolman.com/fr/trojan-vonteera/  =>PUP.Optional.Vonteera
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/  =>.Superfluous.Downloader
https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/  =>PUM.Security.Hijack
https://nicolascoolman.eu/2017/03/13/superfluous-bytefence/  =>.Superfluous.ByteFence
https://nicolascoolman.eu/2017/03/14/pup-optional-boxore/  =>PUP.Optional.Boxore
https://www.nicolascoolman.com/fr/pup-optional-clickcaption/  =>PUP.Optional.ClickCaption
https://www.nicolascoolman.com/fr/pup-superclick/  =>PUP.Optional.SuperClick
https://www.nicolascoolman.com/fr/pup-blockandsurf/  =>PUP.Optional.BlockAndSurf
https://www.nicolascoolman.com/fr/pup-smartwebsearch/  =>PUP.Optional.SmartWebSearch


---\\  Nettoyage Additionnel. (26)
~ Suppression des ClÃ©s de registre Tracing. (26)
~ Suppression des anciens rapports ZHPCleaner. (0)


---\\ Bilan de la rÃ©paration
~ RÃ©paration rÃ©alisÃ©e avec succÃ¨s.
~ Ce navigateur est absent  (Opera Software)
~ Le systÃ¨me a Ã©tÃ© redÃ©marrÃ©.


---\\ Statistiques
~ Items scannÃ©s : 825
~ Items trouvÃ©s : 0
~ Items annulÃ©s : 0
~ Items rÃ©parÃ©s : 85


~ End of clean in 00h01mn26s
~====================
ZHPCleaner-[R]-02072017-15_38_15.txt
ZHPCleaner-[S]-02072017-15_36_33.txt