~ ZHPCleaner v2017.6.26.105 by Nicolas Coolman (2017/06/26) ~ Run by isabo (Administrator) (04/07/2017 18:13:15) ~ Web: https://www.nicolascoolman.com ~ Blog: https://nicolascoolman.eu/ ~ Facebook : https://www.facebook.com/nicolascoolman1 ~ State version : Version OK ~ Certificate ZHPCleaner: Illegal ~ Type : Nettoyer ~ Report : C:\Users\isabo\Desktop\ZHPCleaner.txt ~ Quarantine : C:\Users\isabo\AppData\Roaming\ZHP\ZHPCleaner_Reg.txt ~ UAC : Activate ~ Boot Mode : Sans échec (Fail-safe boot) Windows 10 Home, 64-bit (Build 10586) ---\\ Service. (0) ---\\ Navigateur internet. (13) REMPLACÉ Google Chrome Preferences: "http://www-searching.com/" =>PUP.Optional.SearchingCom REMPLACÉ Google Chrome Preferences: "https://fast-searcher-ww-v3.com/" =>Adware.FastSearch REMPLACÉ Edge Params: HomeButtonPage [http://www.mylucky123.com/?type=hp&ts=1476374858&z=702fdd5e9f57cd7fc6cd091gez0mdqec5mfzeb2w1z&from=che0812&uid=TOSHIBAXMQ01ABD100_56N4PYQUTXX56N4PYQUT] =>Hijacker.MyLucky123 REMPLACÉ Quicklaunch: C:\Users\isabo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Chromium.lnk [Bad : http://www%2dsearching.com/?prd=set_epf&s=h74zamobl20544au,808a529c-7e2d-4f81-924f-27759f6a34c8,](.The Chromium Authors.) =>PUP.Optional.SearchingCom REMPLACÉ Quicklaunch: C:\Users\isabo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk [Bad : http://www%2dsearching.com/?prd=set_epf&s=h74zamobl20544au,808a529c-7e2d-4f81-924f-27759f6a34c8,](.Google Inc..) =>PUP.Optional.SearchingCom REMPLACÉ TaskBar: C:\Users\isabo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk [Bad : http://www%2dsearching.com/?prd=set_epf&s=h74zamobl20544au,808a529c-7e2d-4f81-924f-27759f6a34c8,](.Google Inc..) =>PUP.Optional.SearchingCom REMPLACÉ TaskBar: C:\Users\isabo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft Edge.lnk [Bad : "microsoft-edge:http://www%2dsearching.com/?prd=set_epe&s=H74zamobl20544AU,808a529c-7e2d-4f81-924f-27759f6a34c8,"](.Microsoft Corporation.) =>PUP.Optional.SearchingCom REMPLACÉ TaskBar: C:\Users\isabo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk [Bad : http://www-searching.com/?prd=set_epf&s=h74zamobl20544au,808a529c-7e2d-4f81-924f-27759f6a34c8,](.Mozilla Corporation.) =>PUP.Optional.SearchingCom REMPLACÉ TaskBar: C:\Users\isabo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Search.lnk [Bad : http://www%2dsearching.com/?prd=set_epf&s=h74zamobl20544au,808a529c-7e2d-4f81-924f-27759f6a34c8,](.Microsoft Corporation.) =>PUP.Optional.SearchingCom REMPLACÉ Desktop: C:\Users\Public\Desktop\Google Chrome.lnk [Bad : http://www%2dsearching.com/?prd=set_epf&s=h74zamobl20544au,808a529c-7e2d-4f81-924f-27759f6a34c8,](.Google Inc..) =>PUP.Optional.SearchingCom REMPLACÉ Desktop: C:\Users\Public\Desktop\Mozilla Firefox.lnk [Bad : http://www-searching.com/?prd=set_epf&s=h74zamobl20544au,808a529c-7e2d-4f81-924f-27759f6a34c8,](.Mozilla Corporation.) =>PUP.Optional.SearchingCom REMPLACÉ Accessories: C:\Users\isabo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Internet Explorer.lnk [Bad : http://www%2dsearching.com/?prd=set_epf&s=h74zamobl20544au,808a529c-7e2d-4f81-924f-27759f6a34c8,](.Microsoft Corporation.) =>PUP.Optional.Salus REMPLACÉ Accessories: C:\Users\isabo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Internet Explorer.lnk [Bad : http://www%2dsearching.com/?prd=set_epf&s=h74zamobl20544au,808a529c-7e2d-4f81-924f-27759f6a34c8,](.Microsoft Corporation.) =>PUP.Optional.SearchingCom ---\\ Fichier hôte. (19) REMPLACÉ: 127.0.0.1 v1.ff.avast.com REMPLACÉ: 127.0.0.1 vlcproxy.ff.avast.com REMPLACÉ: 127.0.0.1 gf.tools.avast.com REMPLACÉ: 127.0.0.1 pair.ff.avast.com REMPLACÉ: 127.0.0.1 ipm-provider.ff.avast.com REMPLACÉ: 127.0.0.1 id.avast.com REMPLACÉ: 127.0.0.1 v4618535.iavs9x.u.avast.com REMPLACÉ: 127.0.0.1 v4618535.ivps9x.u.avast.com REMPLACÉ: 127.0.0.1 v4618535.ivps9tiny.u.avast.com REMPLACÉ: 127.0.0.1 v4618535.vpsnitro.u.avast.com REMPLACÉ: 127.0.0.1 v4618535.vpsnitrotiny.u.avast.com REMPLACÉ: 127.0.0.1 v4618535.iavs5x.u.avast.com REMPLACÉ: 127.0.0.1 v7.stats.avast.com REMPLACÉ: 127.0.0.1 v7event.stats.avast.com REMPLACÉ: 127.0.0.1 sm00.avast.com REMPLACÉ: 127.0.0.1 submit5.avast.com REMPLACÉ: 127.0.0.1 geoip.avast.com REMPLACÉ: 127.0.0.1 w9448963.iavs9x.u.avast.com ~ Nombre de redirections trouvées 363/582 ---\\ Tâche planifiée. (5) SUPPRIMÉ tâche: [Bing Search Engine rocod] [C:\Windows\Tasks\Bing Search Engine rocod.job (Not File) ] =>Heuristic.Suspect SUPPRIMÉ tâche: [Start Registry Reviver for DESKTOP-TNH7GAJ@isabo(logon)] [C:\Windows\Tasks\Start Registry Reviver for DESKTOP-TNH7GAJ@isabo(logon).job (Not File) ] =>PUP.Optional.RegistryReviver SUPPRIMÉ tâche: [UCBrowserUpdater] [C:\Windows\Tasks\UCBrowserUpdater.job (Not File) ] =>PUP.Optional.CertifiedToolbar SUPPRIMÉ tâche: [UCBrowserUpdaterCore] [C:\Windows\Tasks\UCBrowserUpdaterCore.job (Not File) ] =>PUP.Optional.CertifiedToolbar SUPPRIMÉ tâche: [Yahoo! Powered rocod] [C:\Windows\Tasks\Yahoo! Powered rocod.job (Not File) ] =>Adware.YahooPowered ---\\ Explorateur ( Dossiers, Fichiers ). (88) DEPLACÉ fichier: C:\Users\isabo\Desktop\UC浏览器.lnk [Bad : C:\Program Files (x86)\UCBrowser\Application\UCBrowser.exe](.UCWeb Inc..) =>.Superfluous.UCBrowser DEPLACÉ fichier: C:\Users\isabo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\UC浏览器.lnk [Bad : C:\Program Files (x86)\UCBrowser\Application\UCBrowser.exe](.UCWeb Inc..) =>.Superfluous.UCBrowser DEPLACÉ fichier: C:\Users\isabo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\UC浏览器.lnk [Bad : C:\Program Files (x86)\UCBrowser\Application\UCBrowser.exe](.UCWeb Inc..) =>.Superfluous.UCBrowser DEPLACÉ fichier: C:\Users\isabo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\UC浏览器.lnk [Bad : C:\Program Files (x86)\UCBrowser\Application\UCBrowser.exe](.UCWeb Inc..) =>.Superfluous.UCBrowser DEPLACÉ fichier: C:\Users\isabo\AppData\Roaming\Mozilla\Firefox\Profiles\anhcfyij.default\searchplugins\smod.xml =>PUP.Optional.SearchModule DEPLACÉ fichier: C:\Users\isabo\AppData\Roaming\Mozilla\Firefox\Profiles\anhcfyij.default\Extensions\{dbac9680-d559-4cd4-9765-059879e8c467}.xpi =>Toolbar.Graal DEPLACÉ fichier: C:\Users\isabo\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ohgphcdjbnlbnkdooieahfmbmaaipogf_0.localstorage-journal =>Hijacker.Browser ["update_url" : "https://clients2.google.com/servic] DEPLACÉ fichier: C:\Users\isabo\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ohgphcdjbnlbnkdooieahfmbmaaipogf_0.localstorage =>Hijacker.Browser DEPLACÉ fichier: C:\Users\isabo\AppData\Roaming\Setup45573.exe =>Adware.Pirrit DEPLACÉ fichier: C:\Program Files (x86)\AdBlocker\AdBlockerService.exe [Star Line - AdBlockerService] =>PUP.Optional.Adblocker DEPLACÉ fichier: C:\Program Files\Common Files\Noobzo\GNUpdate\smu.exe [Search Module Ltd. - Search Module Update Service] =>.Superfluous.Noobzo DEPLACÉ fichier: C:\Program Files\Common Files\Noobzo\GNUpdate\smw.sys =>.Superfluous.Noobzo DEPLACÉ fichier: C:\Program Files (x86)\ProxyGate\MainService.exe [Gold Click Ltd - PG Control Center] =>.Superfluous.GoldClick DEPLACÉ fichier^: C:\Program Files (x86)\UCBrowser\Security:ucdrv-x64.sys [UC Web Inc. - UCBrowser Security Driver] =>.Superfluous.UCBrowser DEPLACÉ fichier: C:\Windows\Tasks\Bing Search Engine rocod.job =>Heuristic.Suspect DEPLACÉ fichier: C:\Windows\Tasks\Start Registry Reviver for DESKTOP-TNH7GAJ@isabo(logon).job =>PUP.Optional.RegistryReviver DEPLACÉ fichier: C:\Windows\Tasks\UCBrowserUpdater.job =>PUP.Optional.CertifiedToolbar DEPLACÉ fichier: C:\Windows\Tasks\UCBrowserUpdaterCore.job =>PUP.Optional.CertifiedToolbar DEPLACÉ fichier: C:\Windows\Tasks\Yahoo! Powered rocod.job =>Adware.YahooPowered DEPLACÉ fichier: C:\Windows\Tasks\B3A986DC-C2DD-40A0-8C0C-FEF66B783511.job =>Adware.CrossRider DEPLACÉ fichier: C:\END =>.Superfluous.Conduit DEPLACÉ fichier: C:\Windows\Temp\761e7078e1c6ca5ab54ec524077f9179.exe [jetstrmedia - This installer database contains the logic] =>Heuristic.Suspect DEPLACÉ fichier: C:\Windows\Temp\g321B.tmp.exe =>Heuristic.Suspect DEPLACÉ fichier: C:\Windows\Temp\g9A08.tmp.exe =>Heuristic.Suspect DEPLACÉ fichier: C:\Windows\Temp\g9A09.tmp.exe =>Heuristic.Suspect DEPLACÉ fichier: C:\Windows\Temp\GUR1EF.exe =>Heuristic.Suspect DEPLACÉ fichier: C:\Windows\Temp\GUR919C.exe =>Heuristic.Suspect DEPLACÉ fichier: C:\Windows\Temp\GUR9F38.exe =>Heuristic.Suspect DEPLACÉ fichier: C:\Windows\Temp\GURD6F7.exe =>Heuristic.Suspect DEPLACÉ fichier: C:\Windows\Temp\GURE11A.exe =>Heuristic.Suspect DEPLACÉ fichier: C:\Windows\Temp\GURE526.exe =>Heuristic.Suspect DEPLACÉ fichier: C:\Windows\Prefetch\APPTRAILERS.EXE-75D824B6.pf =>Adware.AppTrailers DEPLACÉ fichier: C:\Windows\Prefetch\REGISTRYREVIVER.EXE-361FEE62.pf =>PUP.Optional.RegistryReviver DEPLACÉ fichier: C:\Windows\Prefetch\SYSTEMHEALER.EXE-1942CE3A.pf =>PUP.Optional.SystemHealer DEPLACÉ fichier: C:\Windows\Prefetch\TUBETIME.13.1.5L2A.EXE-E193A432.pf =>Adware.TubeTime DEPLACÉ fichier: C:\Windows\Prefetch\TUBETIME.EXE-83A135EE.pf =>Adware.TubeTime DEPLACÉ fichier: C:\Windows\Prefetch\YEADESKTOP.EXE-E9D37F50.pf =>PUP.Optional.Zusy DEPLACÉ fichier: C:\ProgramData\service.exe [Copyright (C) 2015 - ] =>PUP.Optional.Zusy DEPLACÉ fichier: C:\ProgramData\smp2.exe [Copyright (C) 2016 - ] =>Trojan.Agent DEPLACÉ fichier: C:\ProgramData\Tencent\QQ\report\report.dll [Tencent - QQ电脑管家dll] =>.Superfluous.Tencent DEPLACÉ fichier: C:\ProgramData\devnull\NetAdapterUpdate\updates\NetAdapterUpdate\NetAdapterUpdate_setup_2.7.1.exe [devnull - This installer database contains the logic] =>Adware.iBryte DEPLACÉ fichier: C:\Users\isabo\AppData\Local\Temp\AdBlocker.exe [Star Line - AdBlocker Setup] =>.Superfluous.StarLineLLC DEPLACÉ fichier: C:\Users\isabo\AppData\Local\Temp\b5a2edf4.dll =>.Superfluous.Tencent DEPLACÉ fichier: C:\Users\isabo\AppData\Local\Temp\BandwidthStatBU.exe =>.Superfluous.InterStat DEPLACÉ fichier: C:\Users\isabo\AppData\Local\Temp\RegistryReviverFreeSetup_Dec2.exe [ReviverSoft LLC - Registry Reviver] =>.Superfluous.ReviverSoft DEPLACÉ fichier: C:\Users\isabo\AppData\Local\Temp\swytshop.exe [SwytShop - SwytShop Setup] =>PUP.Optional.SwytShop DEPLACÉ fichier: C:\Users\isabo\AppData\Local\Temp\TSGBB2T.exe [WeMonetize - DiskWMpower Setup] =>.Superfluous.Tuto4PC DEPLACÉ fichier: C:\Users\isabo\AppData\Local\Temp\ud8RXvcJ-upd.exe =>.Superfluous.Elex DEPLACÉ fichier: C:\Users\isabo\AppData\Local\Temp\ww-Online.IO-installer.exe [Microleaves - This installer database contains the logic] =>.Superfluous.Microleaves DEPLACÉ fichier: C:\Users\isabo\AppData\Local\Temp\Yeadesktop.exe [ - setup Setup] =>PUP.Optional.Zusy DEPLACÉ fichier: C:\Users\isabo\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_cdncache-a.akamaihd.net_0.localstorage =>.Superfluous.AkamaiHD DEPLACÉ fichier: C:\Users\isabo\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_cdncache-a.akamaihd.net_0.localstorage-journal =>.Superfluous.AkamaiHD DEPLACÉ fichier: C:\Windows\AutoKMS\AutoKMS.log =>HackTool.AutoKMS DEPLACÉ dossier*: C:\Users\isabo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohgphcdjbnlbnkdooieahfmbmaaipogf =>Hijacker.Browser ["update_url" : "https://clients2.google.com/servic] DEPLACÉ dossier*: C:\Program Files (x86)\AdBlocker =>PUP.Optional.Adblocker DEPLACÉ dossier*: C:\Program Files (x86)\bwLtWrwpMO =>PUP.Optional.WpManager DEPLACÉ dossier*: C:\Program Files (x86)\pchandller =>Adware.Wizzcaster DEPLACÉ dossier*: C:\Program Files (x86)\SoftUpgrade =>.Superfluous.Elex DEPLACÉ dossier*: C:\Program Files (x86)\SystemHealer =>PUP.Optional.SystemHealer DEPLACÉ dossier*: C:\Program Files (x86)\Tencent =>.Superfluous.Tencent DEPLACÉ dossier*: C:\Program Files (x86)\YeaDesktop =>PUP.Optional.Zusy DEPLACÉ dossier*: C:\ProgramData\0a5eb94848ff4c27bedae79afe35a15f =>Adware.CrossRider DEPLACÉ dossier*: C:\ProgramData\14893086b65d49cfa1915a47ea7580e1 =>Adware.CrossRider DEPLACÉ dossier*: C:\ProgramData\3453c9ef884c48c2b66ee7b68a42f909 =>Adware.CrossRider DEPLACÉ dossier*: C:\ProgramData\58d865e5-5295-1 =>.Superfluous.Polluteware DEPLACÉ dossier*: C:\ProgramData\58d865e5-5ea5-0 =>.Superfluous.Polluteware DEPLACÉ dossier*: C:\ProgramData\9eb76c3b2aee4aa9823f1305580beb71 =>Adware.CrossRider DEPLACÉ dossier*: C:\ProgramData\Microsoft Toolkit =>HackTool.AutoKMS DEPLACÉ dossier*: C:\ProgramData\Tencent =>.Superfluous.Tencent DEPLACÉ dossier*: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YeaDesktop =>PUP.Optional.Zusy DEPLACÉ dossier*: C:\Windows\AutoKMS =>HackTool.AutoKMS DEPLACÉ dossier*: C:\Windows\System32\config\systemprofile\AppData\Roaming\Tencent =>.Superfluous.Tencent DEPLACÉ dossier*: C:\Users\isabo\AppData\Roaming\Microleaves =>.Superfluous.Microleaves DEPLACÉ dossier*: C:\Users\isabo\AppData\Roaming\Tencent =>.Superfluous.Tencent DEPLACÉ dossier*: C:\Users\isabo\AppData\Local\AppTrailers =>Adware.AppTrailers DEPLACÉ dossier*: C:\Users\isabo\AppData\Local\CrashRpt =>.Superfluous.CrashReports DEPLACÉ dossier*: C:\Users\isabo\AppData\Local\TubeTime =>Adware.TubeTime DEPLACÉ dossier: C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Tencent =>.Superfluous.Tencent DEPLACÉ dossier^: C:\Windows\System32\Tasks\SMW_P =>Adware.Suspect DEPLACÉ dossier*: C:\Program Files (x86)\devnull =>Adware.iBryte DEPLACÉ dossier*: C:\ProgramData\PrefsSecure =>PUP.Optional.LogicHandler DEPLACÉ dossier*: C:\ProgramData\Logic Cramble =>PUP.Optional.LogicHandler DEPLACÉ dossier: C:\ProgramData\smp2.exe =>Adware.Suspect DEPLACÉ dossier*: C:\ProgramData\SearchModule =>Adware.InstallCore DEPLACÉ dossier*: C:\Users\isabo\AppData\Local\UCBrowser =>.Superfluous.UCBrowser DEPLACÉ dossier*: C:\Users\isabo\AppData\Roaming\Gplyra =>.Superfluous.Gplyra DEPLACÉ dossier*: C:\Users\isabo\AppData\Roaming\UCChannel =>.Superfluous.UCBrowser DEPLACÉ dossier*: C:\Users\isabo\AppData\Roaming\Interstat =>.Superfluous.WeatherChannel ---\\ Base de Registres ( Clés, Valeurs, Données ). (96) SUPPRIMÉ clé: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{A5297E8B-03BA-4C1A-BB22-D5CE5DFFBB4D} [http://www-searching.com/s.ashx?prd=opensearch&q={searchTerms}&s=H74zamobl20544AU,808a529c-7e2d-4f81[...]] [Searching] =>PUP.Optional.SearchingCom SUPPRIMÉ clé: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{ielnksrch} [https://%66%65%65%64.%68%65%6C%70%65%72%62%61%72.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBKhl918K0qpwZ-pACviw[...]] [Search the web] =>PUP.Optional.IMBooster SUPPRIMÉ clé: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\ielnksrch [https://%66%65%65%64.%68%65%6C%70%65%72%62%61%72.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBKhl918K0qpwZ-pACviw[...]] [Search the web] =>PUP.Optional.IMBooster SUPPRIMÉ clé: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{A5297E8B-03BA-4C1A-BB22-D5CE5DFFBB4D} [http://www-searching.com/s.ashx?prd=opensearch&q={searchTerms}&s=H74zamobl20544AU,808a529c-7e2d-4f81-924f-27759f6a34c8,] =>PUP.Optional.SearchingCom SUPPRIMÉ clé: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{ielnksrch} [https://%66%65%65%64.%68%65%6C%70%65%72%62%61%72.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBKhl918K0qpwZ-pACviwqMUiUClzkBbBAgRjWhM_a_K-dni44A79w12iefRyQpxrDbwU5SC3B8lhI2EGNDm14fWEsoO8HWvBRHrTMvrSwQxEuxPjZ6Rx5RBGO4X0Y1Lbeb76hl7ipL3jiZjE3093ew74QkQqSrEhoDC7fUo8MZ5z2n3TTDVhkJqWM,&q={searchTerms}] =>PUP.Optional.IMBooster SUPPRIMÉ clé: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\ielnksrch [https://%66%65%65%64.%68%65%6C%70%65%72%62%61%72.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBKhl918K0qpwZ-pACviwqMUiUClzkBbBAgRjWhM_a_K-dni44A79w12iefRyQpxrDbwU5SC3B8lhI2EGNDm14fWEsoO8HWvBRHrTMvrSwQxEuxPjZ6Rx5RBGO4X0Y1Lbeb76hl7ipL3jiZjE3093ew74QkQqSrEhoDC7fUo8MZ5z2n3TTDVhkJqWM,&q={searchTerms}] =>PUP.Optional.IMBooster SUPPRIMÉ clé*: HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\03D22C9C66915D58C88912B64C1F984B8344EF09 [Comodo Security] =>Trojan.CertLock SUPPRIMÉ clé*: HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\0F684EC1163281085C6AF20528878103ACEFCAAB [F-Secure] =>Trojan.CertLock SUPPRIMÉ clé*: HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\1667908C9E22EFBD0590E088715CC74BE4C60884 [FRISK] =>Trojan.CertLock SUPPRIMÉ clé*: HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\18DEA4EFA93B06AE997D234411F3FD72A677EECE [Bitdefender] =>Trojan.CertLock SUPPRIMÉ clé*: HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\2026D13756EB0DB753DF26CB3B7EEBE3E70BB2CF [G-Data] =>Trojan.CertLock SUPPRIMÉ clé*: HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\249BDA38A611CD746A132FA2AF995A2D3C941264 [Malwarebytes] =>Trojan.CertLock SUPPRIMÉ clé*: HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\31AC96A6C17C425222C46D55C3CCA6BA12E54DAF [Symantec] =>Trojan.CertLock SUPPRIMÉ clé*: HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\331E2046A1CCA7BFEF766724394BE6112B4CA3F7 [Trend Micro] =>Trojan.CertLock SUPPRIMÉ clé*: HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\3353EA609334A9F23A701B9159E30CB6C22D4C59 [Webroot] =>Trojan.CertLock SUPPRIMÉ clé*: HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\373C33726722D3A5D1EDD1F1585D5D25B39BEA1A [SUPERAntiSpyware] =>Trojan.CertLock SUPPRIMÉ clé*: HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\3850EDD77CC74EC9F4829AE406BBF9C21E0DA87F [Kaspersky] =>Trojan.CertLock SUPPRIMÉ clé*: HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\3D496FA682E65FC122351EC29B55AB94F3BB03FC [AVG Technologies] =>Trojan.CertLock SUPPRIMÉ clé*: HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\4243A03DB4C3C15149CEA8B38EEA1DA4F26BD159 [PC Tools] =>Trojan.CertLock SUPPRIMÉ clé*: HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\42727E052C0C2E1B35AB53E1005FD9EDC9DE8F01 [K7 Computing] =>Trojan.CertLock SUPPRIMÉ clé*: HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\4420C99742DF11DD0795BC15B7B0ABF090DC84DF [Doctor Web] =>Trojan.CertLock SUPPRIMÉ clé*: HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\4C0AF5719009B7C9D85C5EAEDFA3B7F090FE5FFF [Emsisoft] =>Trojan.CertLock SUPPRIMÉ clé*: HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\5240AB5B05D11B37900AC7712A3C6AE42F377C8C [CheckPoint] =>Trojan.CertLock SUPPRIMÉ clé*: HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\5DD3D41810F28B2A13E9A004E6412061E28FA48D [Emsisoft] =>Trojan.CertLock SUPPRIMÉ clé*: HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\7457A3793086DBB58B3858D6476889E3311E550E [K7 Computing] =>Trojan.CertLock SUPPRIMÉ clé*: HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\76A9295EF4343E12DFC5FE05DC57227C1AB00D29 [BullGuard] =>Trojan.CertLock SUPPRIMÉ clé*: HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\775B373B33B9D15B58BC02B184704332B97C3CAF [McAfee] =>Trojan.CertLock SUPPRIMÉ clé*: HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\872CD334B7E7B3C3D1C6114CD6B221026D505EAB [Comodo Security] =>Trojan.CertLock SUPPRIMÉ clé*: HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\88AD5DFE24126872B33175D1778687B642323ACF [McAfee] =>Trojan.CertLock SUPPRIMÉ clé*: HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\9132E8B079D080E01D52631690BE18EBC2347C1E [Adaware Software] =>Trojan.CertLock SUPPRIMÉ clé*: HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\982D98951CF3C0CA2A02814D474A976CBFF6BDB1 [Safer Networking] =>Trojan.CertLock SUPPRIMÉ clé*: HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\9A08641F7C5F2CCA0888388BE3E5DBDDAAA3B361 [Webroot] =>Trojan.CertLock SUPPRIMÉ clé*: HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\9C43F665E690AB4D486D4717B456C5554D4BCEB5 [ThreatTrack] =>Trojan.CertLock SUPPRIMÉ clé*: HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\9E3F95577B37C74CA2F70C1E1859E798B7FC6B13 [CurioLab] =>Trojan.CertLock SUPPRIMÉ clé*: HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\A1F8DCB086E461E2ABB4B46ADCFA0B48C58B6E99 [Avira Operations] =>Trojan.CertLock SUPPRIMÉ clé*: HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\A5341949ABE1407DD7BF7DFE75460D9608FBC309 [BullGuard] =>Trojan.CertLock SUPPRIMÉ clé*: HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\A59CC32724DD07A6FC33F7806945481A2D13CA2F [ESET] =>Trojan.CertLock SUPPRIMÉ clé*: HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\AB7E760DA2485EA9EF5A6EEE7647748D4BA6B947 [AVG Technologies] =>Trojan.CertLock SUPPRIMÉ clé*: HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\AD4C5429E10F4FF6C01840C20ABA344D7401209F [Avast Software] =>Trojan.CertLock SUPPRIMÉ clé*: HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\AD96BB64BA36379D2E354660780C2067B81DA2E0 [Symantec] =>Trojan.CertLock SUPPRIMÉ clé*: HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\B8EBF0E696AF77F51C96DB4D044586E2F4F8FD84 [Malwarebytes] =>Trojan.CertLock SUPPRIMÉ clé*: HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\CDC37C22FE9272D8F2610206AD397A45040326B8 [Trend Micro] =>Trojan.CertLock SUPPRIMÉ clé*: HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\D3F78D747E7C5D6D3AE8ABFDDA7522BFB4CBD598 [Kaspersky] =>Trojan.CertLock SUPPRIMÉ clé*: HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\DB303C9B61282DE525DC754A535CA2D6A9BD3D87 [ThreatTrack] =>Trojan.CertLock SUPPRIMÉ clé*: HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\DB77E5CFEC34459146748B667C97B185619251BA [Avast Software] =>Trojan.CertLock SUPPRIMÉ clé*: HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\E22240E837B52E691C71DF248F12D27F96441C00 [Total Defense] =>Trojan.CertLock SUPPRIMÉ clé*: HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\E513EAB8610CFFD7C87E00BCA15C23AAB407FCEF [AVG Technologies] =>Trojan.CertLock SUPPRIMÉ clé*: HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\ED841A61C0F76025598421BC1B00E24189E68D54 [Bitdefender] =>Trojan.CertLock SUPPRIMÉ clé*: HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\F83099622B4A9F72CB5081F742164AD1B8D048C9 [ESET] =>Trojan.CertLock SUPPRIMÉ clé*: HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\FBB42F089AF2D570F2BF6F493D107A3255A9BB1A [Panda Security] =>Trojan.CertLock SUPPRIMÉ clé*: HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\FFFA650F2CB2ABC0D80527B524DD3F9FC172C138 [Doctor Web] =>Trojan.CertLock SUPPRIMÉ clé*: HKLM\SYSTEM\CurrentControlSet\Services\AdBlockerService [C:\Program Files (x86)\AdBlocker\AdBlockerService.exe (Not File)] =>PUP.Optional.Adblocker SUPPRIMÉ clé*: HKLM\SYSTEM\CurrentControlSet\Services\SMUpd [C:\Program Files\Common Files\Noobzo\GNUpdate\smu.exe (Not File)] =>.Superfluous.Noobzo SUPPRIMÉ clé*: HKLM\SYSTEM\CurrentControlSet\Services\SMUpdd [C:\Program Files\Common Files\Noobzo\GNUpdate\smw.sys (Not File)] =>.Superfluous.Noobzo SUPPRIMÉ clé*: HKLM\SYSTEM\CurrentControlSet\Services\pgt_svc [C:\Program Files (x86)\ProxyGate\MainService.exe (Not File)] =>.Superfluous.GoldClick SUPPRIMÉ clé*: HKLM\SYSTEM\CurrentControlSet\Services\ucdrv [C:\Program Files (x86)\UCBrowser\Security:ucdrv-x64.sys] =>.Superfluous.UCBrowser SUPPRIMÉ clé*: HKEY_USERS\S-1-5-21-918675911-1358115037-135084436-1001\SOFTWARE\Speedownloader0099 [] =>PUP.Optional.SoftwareEngine SUPPRIMÉ clé*: HKEY_USERS\S-1-5-21-918675911-1358115037-135084436-1001\SOFTWARE\SwytShop [] =>PUP.Optional.SwytShop SUPPRIMÉ clé*: HKEY_USERS\S-1-5-21-918675911-1358115037-135084436-1001\SOFTWARE\System Healer [] =>PUP.Optional.SystemHealer SUPPRIMÉ clé*: HKEY_USERS\S-1-5-21-918675911-1358115037-135084436-1001\SOFTWARE\Tencent [] =>.Superfluous.Tencent SUPPRIMÉ clé*: HKEY_USERS\S-1-5-21-918675911-1358115037-135084436-1001\SOFTWARE\YeaDesktop [] =>PUP.Optional.Zusy SUPPRIMÉ clé: HKCU\Software\Speedownloader0099 [] =>PUP.Optional.SoftwareEngine SUPPRIMÉ clé: HKCU\Software\SwytShop [] =>PUP.Optional.SwytShop SUPPRIMÉ clé: HKCU\Software\System Healer [] =>PUP.Optional.SystemHealer SUPPRIMÉ clé: HKCU\Software\Tencent [] =>.Superfluous.Tencent SUPPRIMÉ clé: HKCU\Software\YeaDesktop [] =>PUP.Optional.Zusy SUPPRIMÉ clé*: HKCU\Software\AppDataLow\Software\AppTrailers [] =>Adware.AppTrailers SUPPRIMÉ clé*: HKCU\Software\AppDataLow\Software\TubeTime [] =>Adware.TubeTime SUPPRIMÉ clé*: HKCU\Software\Hotspot [] =>Adware.Eszjuxuan SUPPRIMÉ clé*: HKCU\Software\UCBrowserPID [] =>.Superfluous.UCBrowser SUPPRIMÉ clé*: HKCU\Software\undefined [] =>.Superfluous.Downloader SUPPRIMÉ clé*: HKCU\Software\Interstat [] =>.Superfluous.WeatherChannel SUPPRIMÉ clé*: HKLM\SOFTWARE\Wow6432Node\UCBrowserPID [] =>.Superfluous.UCBrowser SUPPRIMÉ clé: HKLM\SOFTWARE\UCBrowserPID [] =>.Superfluous.UCBrowser SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\CLSID\{2C6A44CB-AD42-4731-A544-3FBD3D83AB5B} [YoutubeAdBlock] =>PUP.Optional.YouTubeAdBlock SUPPRIMÉ clé*: HKLM\SYSTEM\CurrentControlSet\Services\backlh [] =>PUP.Optional.LogicHandler SUPPRIMÉ clé*: HKLM\SYSTEM\CurrentControlSet\Services\Nettrans [] =>PUP.Optional.LogicHandler SUPPRIMÉ clé*: HKLM\SYSTEM\CurrentControlSet\Services\UCBrowserSvc [] =>.Superfluous.UCBrowser SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\SearchModule [] =>PUP.Optional.SearchModule SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Speedownloader0099 [] =>PUP.Optional.SoftwareEngine SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Microsoft\Tracing\ByteFence_RASAPI32 [] =>.Superfluous.ByteFence SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Microsoft\Tracing\ByteFence_RASMANCS [] =>.Superfluous.ByteFence SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\smu.exe [C:\Program Files\Common Files\Noobzo\GNUpdate\smu.exe (Not File)] =>.Superfluous.Noobzo SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\OtherSearch [] =>Adware.FastSearch SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\SearchModule [] =>PUP.Optional.SearchModule SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Speedownloader0099 [] =>PUP.Optional.SoftwareEngine SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\tencent [] =>.Superfluous.Tencent SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\6E727987-C8EA-44DA-8749-310C0FBE3C3E [Company Inc.] =>.Superfluous.SystemaLimited SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Search module [Goobzo] =>.Superfluous.Goobzo SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\YeaDesktop [1.0.0.1] =>PUP.Optional.Zusy SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{05C61A04-0BDA-4BAC-B4E3-3809FB768EFA} [devnull] =>Adware.iBryte SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{1EC095EE-8CA3-43D6-B9F5-0C55B82ED3D7}}_is1 [Gold Click Ltd] =>.Superfluous.GoldClick SUPPRIMÉ clé: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\App Paths\smu.exe [C:\Program Files\Common Files\Noobzo\GNUpdate\smu.exe (Not File)] =>.Superfluous.Noobzo SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Yeadesktop_RASAPI32 [] =>PUP.Optional.Zusy SUPPRIMÉ clé: [X64] HKLM\SOFTWARE\Classes\CLSID\{2C6A44CB-AD42-4731-A544-3FBD3D83AB5B}\InprocServer32 [C:\Program Files (x86)\YubeAlckIE\tf7q3im.dll (Not File)] =>Adware.Sambreel SUPPRIMÉ valeur: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\YeaDesktop [C:\Program Files (x86)\YeaDesktop\YeaDesktop.exe /autostart] =>PUP.Optional.Zusy ---\\ Récapitulatif des éléments trouvés sur votre station. (54) https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>PUP.Optional.SearchingCom https://nicolascoolman.eu/22017/04/04/adware-fastsearch/ =>Adware.FastSearch https://www.anti-malware.top/2016/10/18/hijacker-mylucky123/ =>Hijacker.MyLucky123 https://www.nicolascoolman.com/fr/pup-salus/ =>PUP.Optional.Salus https://nicolascoolman.eu/2017/01/28/heuristic-suspect/ =>Heuristic.Suspect https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>PUP.Optional.RegistryReviver https://www.nicolascoolman.com/fr/pup-certifiedtoolbar/ =>PUP.Optional.CertifiedToolbar https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>Adware.YahooPowered https://nicolascoolman.eu/2017/03/04/superfluous-ucbrowser/ =>.Superfluous.UCBrowser https://www.nicolascoolman.com/fr/link-660/ =>PUP.Optional.SearchModule https://www.nicolascoolman.com/fr/toolbar-igraal/ =>Toolbar.Graal https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>Hijacker.Browser ["update_url" : "https://clients2.google.com/servic] https://nicolascoolman.eu/2017/02/02/hijacker-browser-2/ =>Hijacker.Browser https://nicolascoolman.eu/2017/02/25/adware-pirrit/ =>Adware.Pirrit https://nicolascoolman.eu/2017/01/28/adware-adblocker/ =>PUP.Optional.Adblocker https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.Superfluous.Noobzo https://www.anti-malware.top/2016/07/31/superfluous-goldclick/ =>.Superfluous.GoldClick https://nicolascoolman.eu/2017/03/11/pup-optional-crossrider/ =>Adware.CrossRider https://nicolascoolman.eu/2017/02/06/superfluous-conduit/ =>.Superfluous.Conduit https://nicolascoolman.eu/2017/01/18/adware-apptrailers/ =>Adware.AppTrailers https://www.nicolascoolman.com/fr/pup-optional-systemhealer/ =>PUP.Optional.SystemHealer https://nicolascoolman.eu/2017/05/16/adware-tubetime/ =>Adware.TubeTime https://www.anti-malware.top/2016/05/17/adware-zusy/ =>PUP.Optional.Zusy https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>Trojan.Agent https://nicolascoolman.eu/2017/02/23/tencentadressbar/ =>.Superfluous.Tencent https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>Adware.iBryte https://nicolascoolman.eu/2016/12/29/superfluous-starlinellc/ =>.Superfluous.StarLineLLC https://www.anti-malware.top/2016/06/25/conseils-logiciel-publicitaire-interstat/ =>.Superfluous.InterStat https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.Superfluous.ReviverSoft https://nicolascoolman.eu/2017/04/08/pup-optional-swytshop/ =>PUP.Optional.SwytShop https://www.nicolascoolman.com/fr/pup-optional-tuto4pc/ =>.Superfluous.Tuto4PC https://nicolascoolman.eu/2017/03/28/superfluous-elex/ =>.Superfluous.Elex https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.Superfluous.Microleaves https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.Superfluous.AkamaiHD https://nicolascoolman.eu/2017/02/02/hacktool-autokms/ =>HackTool.AutoKMS https://www.anti-malware.top/2016/06/18/superfluous-wpmanager/ =>PUP.Optional.WpManager https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>Adware.Wizzcaster https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.Superfluous.Polluteware https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.Superfluous.CrashReports https://nicolascoolman.eu/2017/03/02/adware-suspect/ =>Adware.Suspect https://nicolascoolman.eu/2017/01/04/pup-optional-logichandler/ =>PUP.Optional.LogicHandler https://nicolascoolman.eu/2017/03/12/adware-installcore-2/ =>Adware.InstallCore https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.Superfluous.Gplyra https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.Superfluous.WeatherChannel https://www.nicolascoolman.com/fr/adware-imbooster/ =>PUP.Optional.IMBooster https://nicolascoolman.eu/2017/06/26/trojan-certlock/ =>Trojan.CertLock https://www.nicolascoolman.com/fr/hijacker-trovigo/ =>PUP.Optional.SoftwareEngine https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>Adware.Eszjuxuan https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.Superfluous.Downloader https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>PUP.Optional.YouTubeAdBlock https://nicolascoolman.eu/2017/03/13/superfluous-bytefence/ =>.Superfluous.ByteFence https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.Superfluous.SystemaLimited https://www.anti-malware.top/2016/07/20/superfluous-goobzo/ =>.Superfluous.Goobzo https://www.nicolascoolman.com/fr/pup-optional-sambreel/ =>Adware.Sambreel ---\\ Nettoyage Additionnel. (55) ~ Suppression des Clés de registre Tracing. (55) ~ Suppression des anciens rapports ZHPCleaner. (0) ---\\ Bilan de la réparation ~ Réparation réalisée avec succès. ~ Ce navigateur est absent (Opera Software) ~ Le système a été redémarré. ---\\ Statistiques ~ Items scannés : 2078 ~ Items trouvés : 0 ~ Items annulés : 0 ~ Items réparés : 568 ~ End of clean in 00h03mn22s ~==================== ZHPCleaner-[R]-04072017-18_16_37.txt ZHPCleaner-[S]-04072017-17_04_01.txt