~ ZHPCleaner v2017.8.1.132 by Nicolas Coolman (2017/08/01)
~ Run by Bureau (Administrator)  (02/08/2017 20:41:05)
~ Web: https://www.nicolascoolman.com
~ Blog: https://nicolascoolman.eu/
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Version OK
~ Certificate ZHPCleaner: Legal
~ Type : Scanner
~ Report : C:\Users\Bureau\Desktop\ZHPCleaner.txt
~ Quarantine : C:\Users\Bureau\AppData\Roaming\ZHP\ZHPCleaner_Reg.txt
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
Windows 10 Home, 64-bit  (Build 15063)


---\\  Service. (0)
~ Aucun élément malicieux ou superflu trouvé.


---\\  Navigateur internet. (54)
TROUVÉ: [n30ikmkg.default] - user_pref("extensions.toolbar.mindspark._65Members_.BUTTON_STRUCTURE", "[{\"b\":232130312,\"c\":\"mi[...]  =>Adware.Bandoo
TROUVÉ: [n30ikmkg.default] - user_pref("extensions.toolbar.mindspark._65Members_.browser.startup.homepage.prev", "https://fr.sear[...]  =>Adware.Bandoo
TROUVÉ: [n30ikmkg.default] - user_pref("extensions.toolbar.mindspark._65Members_.browser.startup.homepage.savedPrev", "true");  =>Adware.Bandoo
TROUVÉ: [n30ikmkg.default] - user_pref("extensions.toolbar.mindspark._65Members_.browser.startup.homepage.tb", "http://hp.myway.c[...]  =>Adware.Bandoo
TROUVÉ: [n30ikmkg.default] - user_pref("extensions.toolbar.mindspark._65Members_.browser.startup.page.savedPrev", 1);  =>Adware.Bandoo
TROUVÉ: [n30ikmkg.default] - user_pref("extensions.toolbar.mindspark._65Members_.browser.startup.page.tb", 1);  =>Adware.Bandoo
TROUVÉ: [n30ikmkg.default] - user_pref("extensions.toolbar.mindspark._65Members_.browser.version.last", "53.0");  =>Adware.Bandoo
TROUVÉ: [n30ikmkg.default] - user_pref("extensions.toolbar.mindspark._65Members_.coId", "1c6c5d1dd68b41a68af0bd3e904d95dc");  =>Adware.Bandoo
TROUVÉ: [n30ikmkg.default] - user_pref("extensions.toolbar.mindspark._65Members_.firefoxSearchExtensionEnabled", "true");  =>Adware.Bandoo
TROUVÉ: [n30ikmkg.default] - user_pref("extensions.toolbar.mindspark._65Members_.firstKnownVersion", "7.800.11.26973");  =>Adware.Bandoo
TROUVÉ: [n30ikmkg.default] - user_pref("extensions.toolbar.mindspark._65Members_.homepage", "http://hp.myway.com/fromdoctopdf/LMF[...]  =>Adware.Bandoo
TROUVÉ: [n30ikmkg.default] - user_pref("extensions.toolbar.mindspark._65Members_.hp.enabled", false);  =>Adware.Bandoo
TROUVÉ: [n30ikmkg.default] - user_pref("extensions.toolbar.mindspark._65Members_.hp.guardType", "HPR");  =>Adware.Bandoo
TROUVÉ: [n30ikmkg.default] - user_pref("extensions.toolbar.mindspark._65Members_.initialized", true);  =>Adware.Bandoo
TROUVÉ: [n30ikmkg.default] - user_pref("extensions.toolbar.mindspark._65Members_.installType", "XPI");  =>Adware.Bandoo
TROUVÉ: [n30ikmkg.default] - user_pref("extensions.toolbar.mindspark._65Members_.installation.dlpCountryCode", "FR");  =>Adware.Bandoo
TROUVÉ: [n30ikmkg.default] - user_pref("extensions.toolbar.mindspark._65Members_.installation.installDate", "2017050110");  =>Adware.Bandoo
TROUVÉ: [n30ikmkg.default] - user_pref("extensions.toolbar.mindspark._65Members_.installation.partnerId", "^Y6^xdm197^LMFRFR^fr")[...]  =>Adware.Bandoo
TROUVÉ: [n30ikmkg.default] - user_pref("extensions.toolbar.mindspark._65Members_.installation.partnerSubId", "CIzAvZagztMCFcm6Gwo[...]  =>Adware.Bandoo
TROUVÉ: [n30ikmkg.default] - user_pref("extensions.toolbar.mindspark._65Members_.installation.pixelUrl", "http://download.fromdoc[...]  =>Adware.Bandoo
TROUVÉ: [n30ikmkg.default] - user_pref("extensions.toolbar.mindspark._65Members_.installation.success", true);  =>Adware.Bandoo
TROUVÉ: [n30ikmkg.default] - user_pref("extensions.toolbar.mindspark._65Members_.installation.toolbarDataSource", "[\"COOKIE\",\"[...]  =>Adware.Bandoo
TROUVÉ: [n30ikmkg.default] - user_pref("extensions.toolbar.mindspark._65Members_.installation.toolbarId", "7AFF7637-74F7-4E61-9CC[...]  =>Adware.Bandoo
TROUVÉ: [n30ikmkg.default] - user_pref("extensions.toolbar.mindspark._65Members_.lastActivePing", "1493920574634");  =>Adware.Bandoo
TROUVÉ: [n30ikmkg.default] - user_pref("extensions.toolbar.mindspark._65Members_.lastKnownVersion", "7.800.11.26973");  =>Adware.Bandoo
TROUVÉ: [n30ikmkg.default] - user_pref("extensions.toolbar.mindspark._65Members_.lssState", "{\"previousLocales\":[\"fr\",\"fr-FR[...]  =>Adware.Bandoo
TROUVÉ: [n30ikmkg.default] - user_pref("extensions.toolbar.mindspark._65Members_.options.defaultSearch", false);  =>Adware.Bandoo
TROUVÉ: [n30ikmkg.default] - user_pref("extensions.toolbar.mindspark._65Members_.options.homePageEnabled", true);  =>Adware.Bandoo
TROUVÉ: [n30ikmkg.default] - user_pref("extensions.toolbar.mindspark._65Members_.options.keywordEnabled", false);  =>Adware.Bandoo
TROUVÉ: [n30ikmkg.default] - user_pref("extensions.toolbar.mindspark._65Members_.options.tabEnabled", true);  =>Adware.Bandoo
TROUVÉ: [n30ikmkg.default] - user_pref("extensions.toolbar.mindspark._65Members_.partnerPixelFired", true);  =>Adware.Bandoo
TROUVÉ: [n30ikmkg.default] - user_pref("extensions.toolbar.mindspark._65Members_.productDeliveryOption.language", "fr");  =>Adware.Bandoo
TROUVÉ: [n30ikmkg.default] - user_pref("extensions.toolbar.mindspark._65Members_.productDeliveryOption.newTabURL", "http://hp.myw[...]  =>Adware.Bandoo
TROUVÉ: [n30ikmkg.default] - user_pref("extensions.toolbar.mindspark._65Members_.productDeliveryOption.type", "ToolTab");  =>Adware.Bandoo
TROUVÉ: [n30ikmkg.default] - user_pref("extensions.toolbar.mindspark._65Members_.successUrl", "http://fromdoctopdf.dl.tb.ask.com/[...]  =>Adware.Bandoo
TROUVÉ: [n30ikmkg.default] - user_pref("extensions.toolbar.mindspark._65Members_.toolbarCollapsed", false);  =>Adware.Bandoo
TROUVÉ: [n30ikmkg.default] - user_pref("extensions.toolbar.mindspark._65Members_.uninstallSurveyUrl", "http://www.research.net/r/[...]  =>Adware.Bandoo
TROUVÉ: [n30ikmkg.default] - user_pref("extensions.toolbar.mindspark._65Members_.uninstallTasks", "{\"prefBranchesToDelete\":[\"e[...]  =>Adware.Bandoo
TROUVÉ: [n30ikmkg.default] - user_pref("extensions.toolbar.mindspark.hp.enabled", true);  =>Adware.Bandoo
TROUVÉ: [n30ikmkg.default] - user_pref("extensions.toolbar.mindspark.hp.enabled.guid", "fromdoctopdf@mindspark.com");  =>Adware.Bandoo
TROUVÉ: [n30ikmkg.default] - user_pref("extensions.toolbar.mindspark.lastInstalled", "fromdoctopdf@mindspark.com");  =>Adware.Bandoo
TROUVÉ: [n30ikmkg.default] - user_pref("extensions.xpiState", "{\"app-profile\":{\"_65Members_@download.fromdoctopdf.com\":{\"d\"[...]  =>.Superfluous.MindSpark
TROUVÉ fichier: C:\Users\Bureau\AppData\Roaming\Mozilla\Firefox\Profiles\n30ikmkg.default\Extensions\_65Members_@download.fromdoctopdf.com\bootstrap.js    =>.Superfluous.MindSpark
TROUVÉ fichier: C:\Users\Bureau\AppData\Roaming\Mozilla\Firefox\Profiles\n30ikmkg.default\Extensions\_65Members_@download.fromdoctopdf.com\chrome    =>.Superfluous.MindSpark
TROUVÉ fichier: C:\Users\Bureau\AppData\Roaming\Mozilla\Firefox\Profiles\n30ikmkg.default\Extensions\_65Members_@download.fromdoctopdf.com\chrome.manifest    =>.Superfluous.MindSpark
TROUVÉ fichier: C:\Users\Bureau\AppData\Roaming\Mozilla\Firefox\Profiles\n30ikmkg.default\Extensions\_65Members_@download.fromdoctopdf.com\chrome.manifest.restartless    =>.Superfluous.MindSpark
TROUVÉ fichier: C:\Users\Bureau\AppData\Roaming\Mozilla\Firefox\Profiles\n30ikmkg.default\Extensions\_65Members_@download.fromdoctopdf.com\install.rdf    =>.Superfluous.MindSpark
TROUVÉ fichier: C:\Users\Bureau\AppData\Roaming\Mozilla\Firefox\Profiles\n30ikmkg.default\Extensions\_65Members_@download.fromdoctopdf.com\META-INF    =>.Superfluous.MindSpark
TROUVÉ dossier: C:\Users\Bureau\AppData\Roaming\Mozilla\Firefox\Profiles\n30ikmkg.default\Extensions\_65Members_@download.fromdoctopdf.com  =>.Superfluous.MindSpark
TROUVÉ fichier: C:\Users\Bureau\AppData\Roaming\Mozilla\Firefox\Profiles\n30ikmkg.default\FromDocToPDF_65\7AFF7637-74F7-4E61-9CC9-7D72DDE205A4.sqlite    =>.Superfluous.MindSpark
TROUVÉ fichier: C:\Users\Bureau\AppData\Roaming\Mozilla\Firefox\Profiles\n30ikmkg.default\extensions\_65Members_@download.fromdoctopdf.com\META-INF\manifest.mf    =>.Superfluous.MindSpark
TROUVÉ fichier: C:\Users\Bureau\AppData\Roaming\Mozilla\Firefox\Profiles\n30ikmkg.default\extensions\_65Members_@download.fromdoctopdf.com\META-INF\mozilla.rsa    =>.Superfluous.MindSpark
TROUVÉ fichier: C:\Users\Bureau\AppData\Roaming\Mozilla\Firefox\Profiles\n30ikmkg.default\extensions\_65Members_@download.fromdoctopdf.com\META-INF\mozilla.sf    =>.Superfluous.MindSpark
TROUVÉ fichier: C:\Users\Bureau\AppData\Roaming\Mozilla\Firefox\Profiles\n30ikmkg.default\extensions\_65Members_@download.fromdoctopdf.com\chrome\ffxtbr.jar    =>.Superfluous.MindSpark


---\\  Fichier hôte. (1)
~ Le fichier hôte est légitime. (21)


---\\  Tâche planifiée. (3)
TROUVÉ tâche: [Yahoo! Powered forad] [C:\Windows\System32\wscript.exe]  =>Adware.YahooPowered
TROUVÉ tâche: [Bing Search Engine forad] [C:\WINDOWS\Tasks\Bing Search Engine forad.job]  =>Heuristic.Suspect
TROUVÉ tâche: [Yahoo! Powered forad] [C:\WINDOWS\Tasks\Yahoo! Powered forad.job]  =>Adware.YahooPowered


---\\  Explorateur  ( Dossiers, Fichiers ). (25)
TROUVÉ fichier: C:\Users\Bureau\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_nahhmpbckpgdidfnmfkfgiflpjijilce_0.localstorage    =>.Superfluous.SearchManager
TROUVÉ dossier: C:\Users\Bureau\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce  =>.Superfluous.SearchManager
TROUVÉ fichier: C:\Users\Bureau\AppData\Roaming\Colanid.exe    =>Adware.Pirrit
TROUVÉ fichier: C:\Users\Bureau\AppData\Roaming\Colanid.exe    =>Adware.Suspect
TROUVÉ fichier: C:\Windows\Tasks\Bing Search Engine forad.job    =>Heuristic.Suspect
TROUVÉ fichier: C:\Windows\Tasks\Yahoo! Powered forad.job    =>Adware.YahooPowered
TROUVÉ fichier: C:\Users\Bureau\AppData\Roaming\Colanid.exe    =>Adware.GenericTask
TROUVÉ fichier: C:\Users\Bureau\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_d16fk4ms6rqz1v.cloudfront.net_0.localstorage    =>.Superfluous.CloudfrontNet
TROUVÉ fichier: C:\Users\Bureau\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_d16fk4ms6rqz1v.cloudfront.net_0.localstorage-journal    =>.Superfluous.CloudfrontNet
TROUVÉ fichier: C:\Users\Bureau\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_d22j4fzzszoii2.cloudfront.net_0.localstorage    =>.Superfluous.CloudfrontNet
TROUVÉ fichier: C:\Users\Bureau\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_d22j4fzzszoii2.cloudfront.net_0.localstorage-journal    =>.Superfluous.CloudfrontNet
TROUVÉ fichier: C:\Users\Bureau\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_fromdoctopdf.dl.myway.com_0.localstorage    =>.Superfluous.MindSpark
TROUVÉ fichier: C:\Users\Bureau\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_fromdoctopdf.dl.myway.com_0.localstorage-journal    =>.Superfluous.MindSpark
TROUVÉ fichier: C:\Users\Bureau\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_fromdoctopdf.dl.tb.ask.com_0.localstorage    =>.Superfluous.MindSpark
TROUVÉ fichier: C:\Users\Bureau\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_fromdoctopdf.dl.tb.ask.com_0.localstorage-journal    =>.Superfluous.MindSpark
TROUVÉ fichier: C:\Users\Bureau\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.audienceinsights.net_0.localstorage    =>.Superfluous.AudienceInsights
TROUVÉ fichier: C:\Users\Bureau\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.audienceinsights.net_0.localstorage-journal    =>.Superfluous.AudienceInsights
TROUVÉ fichier: C:\Users\Bureau\AppData\Local\EasyDocMergeTooltab\TooltabExtension.dll [Mindspark - Mindspark Tooltab Platform]  =>PUP.Optional.MyWebSearch
TROUVÉ fichier: C:\Users\Bureau\AppData\Local\FromDocToPDFTooltab\TooltabExtension.dll [Mindspark - Mindspark Tooltab Platform]  =>.Superfluous.MindSpark
TROUVÉ dossier: C:\Users\Bureau\AppData\Local\SlimWare Utilities Inc\DriverUpdate  =>.Superfluous.SlimWareUtilities
TROUVÉ dossier: C:\Users\Bureau\AppData\Local\SlimWare Utilities Inc\Installers  =>.Superfluous.SlimWareUtilities
TROUVÉ dossier: C:\Users\Bureau\AppData\Local\EasyDocMergeTooltab  =>PUP.Optional.MyWebSearch
TROUVÉ dossier: C:\Users\Bureau\AppData\Local\FromDocToPDFTooltab  =>.Superfluous.MindSpark
TROUVÉ dossier: C:\Users\Bureau\AppData\Local\SlimWare Utilities Inc  =>.Superfluous.SlimWareUtilities
TROUVÉ dossier: C:\Users\Bureau\AppData\Local\EasyDocMergeTooltab  =>.Superfluous.MindSpark


---\\  Base de Registres ( Clés, Valeurs, Données ). (26)
TROUVÉ clé: HKCU\SOFTWARE\Google\Chrome\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce []  =>.Superfluous.SearchManager
TROUVÉ clé: HKEY_USERS\S-1-5-21-1205918481-316555937-3933596391-1001\SOFTWARE\EasyDocMerge []  =>PUP.Optional.MyWebSearch
TROUVÉ clé: HKEY_USERS\S-1-5-21-1205918481-316555937-3933596391-1001\SOFTWARE\FromDocToPDF []  =>.Superfluous.MindSpark
TROUVÉ clé: HKEY_USERS\S-1-5-21-1205918481-316555937-3933596391-1001\SOFTWARE\nuevos-programas.com []  =>PUP.Optional.Generic
TROUVÉ clé: HKCU\Software\EasyDocMerge []  =>PUP.Optional.MyWebSearch
TROUVÉ clé: HKCU\Software\FromDocToPDF []  =>.Superfluous.MindSpark
TROUVÉ clé: HKCU\Software\nuevos-programas.com []  =>PUP.Optional.Generic
TROUVÉ clé: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\EasyDocMergeTooltab Uninstall Internet Explorer [Mindspark Interactive Network, Inc.]  =>.Superfluous.MindSpark
TROUVÉ clé: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\FromDocToPDFTooltab Uninstall Internet Explorer [Mindspark Interactive Network, Inc.]  =>.Superfluous.MindSpark
TROUVÉ clé: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\atwola.com []  =>.Superfluous.Atwola
TROUVÉ clé: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\ol.uk.at.atwola.com []  =>.Superfluous.Atwola
TROUVÉ clé: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\atwola.com []  =>.Superfluous.Atwola
TROUVÉ clé: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\ol.uk.at.atwola.com [123]  =>.Superfluous.Atwola
TROUVÉ clé: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\atwola.com []  =>.Superfluous.Atwola
TROUVÉ clé: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\d16fk4ms6rqz1v.cloudfront.net [1208]  =>.Superfluous.CloudfrontNet
TROUVÉ clé: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\downspeedtest.dl.myway.com [12]  =>.Superfluous.MindSpark
TROUVÉ clé: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\easydocmerge.dl.myway.com [1983]  =>PUP.Optional.MyWebSearch
TROUVÉ clé: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\fromdoctopdf.dl.myway.com [1472]  =>.Superfluous.MindSpark
TROUVÉ clé: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\ol.uk.at.atwola.com [794]  =>.Superfluous.Atwola
TROUVÉ clé: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\productivityboss.dl.myway.com [12]  =>.Superfluous.MindSpark
TROUVÉ clé: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\softonic.com []  =>.Superfluous.Softonic
TROUVÉ clé: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\static.audienceinsights.net [43]  =>.Superfluous.AudienceInsights
TROUVÉ clé: HKCU\Software\csastats []  =>Adware.InstallCore
TROUVÉ clé: HKCU\Software\ProductSetup []  =>Adware.InstallCore
TROUVÉ clé: [X64] HKLM\SOFTWARE\Wow6432Node\SlimWare Utilities Inc []  =>.Superfluous.SlimWareUtilities
TROUVÉ clé: [X64] HKLM\SOFTWARE\Wow6432Node\SlimWare Utilities, Inc. []  =>.Superfluous.SlimWareUtilities


---\\  Récapitulatif des éléments trouvés sur votre station. (16)
https://nicolascoolman.eu/2017/02/23/adware-bandoo/  =>Adware.Bandoo
https://nicolascoolman.eu/2017/01/15/superfluous-mindspark/  =>.Superfluous.MindSpark
https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/  =>Adware.YahooPowered
https://nicolascoolman.eu/2017/01/28/heuristic-suspect/  =>Heuristic.Suspect
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/  =>.Superfluous.SearchManager
https://nicolascoolman.eu/2017/02/25/adware-pirrit/  =>Adware.Pirrit
https://nicolascoolman.eu/2017/03/02/adware-suspect/  =>Adware.Suspect
https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/  =>Adware.GenericTask
https://nicolascoolman.eu/2017/02/02/superfluous-cloudfrontnet/  =>.Superfluous.CloudfrontNet
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/  =>.Superfluous.AudienceInsights
https://www.nicolascoolman.com/fr/adware-mywebsearch/  =>PUP.Optional.MyWebSearch
https://nicolascoolman.eu/2017/03/03/superfluous-slimwareutilities/  =>.Superfluous.SlimWareUtilities
https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/  =>PUP.Optional.Generic
https://nicolascoolman.eu/2017/02/04/superfluous-atwola/  =>.Superfluous.Atwola
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/  =>.Superfluous.Softonic
https://nicolascoolman.eu/2017/03/12/adware-installcore-2/  =>Adware.InstallCore


---\\ Bilan de la réparation
~ Aucune réparation effectuée.
~ Ce navigateur est absent  (Opera Software)


---\\ Statistiques
~ Items scannés : 90733
~ Items trouvés : 119
~ Items annulés : 0
~ Items réparés : 0


~ End of search in 00h06mn11s
~====================
ZHPCleaner-[S]-02082017-20_47_16.txt