~ ZHPCleaner v2018.7.21.152 by Nicolas Coolman (2018/07/21)
~ Run by Magdeleine (Administrator)  (23/07/2018 00:29:09)
~ Web: https://www.nicolascoolman.com
~ Blog: https://nicolascoolman.eu/
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Version OK
~ Certificate ZHPCleaner: Legal
~ Type : Nettoyer
~ Report : C:\Users\Magdeleine\Desktop\ZHPCleaner.txt
~ Quarantine : C:\Users\Magdeleine\AppData\Roaming\ZHP\ZHPCleaner_Reg.txt
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
Windows 8.1, 64-bit  (Build 9600)


---\\  ALTERNATE DATA STREAM (ADS). (0)
~ Aucun élément malicieux ou superflu trouvé.


---\\  SERVICE. (1)
ARRETÉ : SecurityService  =>.SUP.TotalAV


---\\  NAVIGATEUR INTERNET. (0)
~ Aucun élément malicieux ou superflu trouvé.


---\\  FICHIER HÔTE. (13)
REMPLACÉ: 162.222.193.86       aoaomo.tremorhub.com
REMPLACÉ: 188.95.50.62       bobomo.tremorhub.com
REMPLACÉ: 162.222.193.86       www.howcast.com
REMPLACÉ: 162.222.193.86       howcast.com
REMPLACÉ: 162.222.193.86       www.ustream.tv
REMPLACÉ: 162.222.193.86       ustream.tv
REMPLACÉ: 162.222.193.86       www.livestream.com
REMPLACÉ: 162.222.193.86       livestream.com
REMPLACÉ: 162.222.193.86       www.dailymotion.com
REMPLACÉ: 162.222.193.86       dailymotion.com
REMPLACÉ: 192.192.3.8       www.virustotal.com
REMPLACÉ: 192.192.3.8       virustotal.com
~ Nombre de redirections trouvées 12/35


---\\  TÂCHE PLANIFIÉE. (1)
SUPPRIMÉ tâche: [Online Application V2G1] [C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe (Not File) ]  =>.SUP.Microleaves


---\\  EXPLORATEUR  ( Dossiers, Fichiers ). (28)
DEPLACÉ fichier: C:\Users\Magdeleine\Desktop\TotalAV.lnk  [Bad : C:\Program Files (x86)\TotalAV\TotalAV.exe](.TotalAV.)  =>.SUP.TotalAV
DEPLACÉ fichier: C:\Users\Magdeleine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TotalAV.lnk  [Bad : C:\Program Files (x86)\TotalAV\TotalAV.exe](.TotalAV.)  =>.SUP.TotalAV
DEPLACÉ fichier: c:\Users\magdeleine\AppData\Roaming\interstatnogui\interstatnogui.exe [IOT Mega - TOI Devel]  =>Adware.UserMon
DEPLACÉ fichier: C:\WINDOWS\System32\drivers\PowZip.sys [Nice Pulle Science and Technology Ltd. - SmartMount FileSystem Kernel]  =>PUP.Optional.Powzip
DEPLACÉ fichier: C:\Program Files (x86)\TotalAV\SecurityService.exe [TotalAV - TotalAV Ultimate Antivirus Service]  =>.SUP.TotalAV
DEPLACÉ fichier: C:\Windows\Prefetch\TOTALAV.EXE-775A7881.pf    =>.SUP.TotalAV
DEPLACÉ fichier: C:\Windows\Prefetch\TOTALAV_SETUP.EXE-FBDD7EB2.pf    =>.SUP.TotalAV
DEPLACÉ fichier: C:\Users\Magdeleine\AppData\Local\Temp\uDmpZEnd-prog.exe [IOT Mega - TOI Devel]  =>Adware.UserMon
DEPLACÉ fichier: C:\Users\Magdeleine\AppData\Local\Temp\uDmpZEnd-upd.exe    =>.SUP.Elex
DEPLACÉ fichier: C:\Users\Magdeleine\AppData\Local\Armes.exe [ - Armes]  =>Adware.Dotdo
DEPLACÉ fichier: C:\Users\Magdeleine\AppData\Local\Bailly.exe [ - Bailly]  =>Adware.Dotdo
DEPLACÉ fichier: C:\Users\Magdeleine\AppData\Local\Temp\Uninstall.exe    =>PUP.Optional.Generic
DEPLACÉ fichier*: C:\Program Files (x86)\Amari\Armes.exe [ - Armes]  =>Adware.Dotdo
DEPLACÉ fichier*: C:\Program Files (x86)\Amari\Bailly.exe [ - Bailly]  =>Adware.Dotdo
DEPLACÉ fichier^: C:\Program Files (x86)\Laurence\Armes.exe [ - Armes]  =>Adware.Dotdo
DEPLACÉ fichier^: C:\Program Files (x86)\nuncio\Bailly.exe [ - Bailly]  =>Adware.Dotdo
DEPLACÉ dossier: C:\Program Files (x86)\Microleaves  =>.SUP.Microleaves
DEPLACÉ dossier: C:\Program Files (x86)\SoftUpgrade  =>PUP.Optional.SoftUpgrade
DEPLACÉ dossier^: C:\Program Files (x86)\TotalAV  =>.SUP.TotalAV
DEPLACÉ dossier: C:\Users\Magdeleine\AppData\Roaming\Interstatnogui  =>Adware.UserMon
DEPLACÉ dossier: C:\Users\Magdeleine\AppData\Roaming\Microleaves  =>.SUP.Microleaves
DEPLACÉ dossier: C:\Users\Magdeleine\AppData\Roaming\TotalAV  =>.SUP.TotalAV
DEPLACÉ dossier: C:\Users\Magdeleine\Documents\TotalAV  =>.SUP.TotalAV
DEPLACÉ dossier: C:\ProgramData\SecuritySuite  =>.SUP.ScanGuard
DEPLACÉ dossier: C:\Users\Magdeleine\AppData\Local\AdvinstAnalytics  =>.SUP.Various
DEPLACÉ dossier: C:\Program Files (x86)\Amari  =>Adware.Dotdo
DEPLACÉ dossier: C:\Program Files (x86)\Laurence  =>Adware.Dotdo
DEPLACÉ dossier: C:\Program Files (x86)\nuncio  =>Adware.Dotdo


---\\  BASE DE REGISTRES ( Clés, Valeurs, Données ). (29)
SUPPRIMÉ clé: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} [http://www.globasearch.com/?serie=225&installkey=5bWvFSwg7hUzZZcANF8q&b=3&q={searchTerms}] [Bing]  =>PUP.Optional.IMBooster
SUPPRIMÉ clé: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} [http://www.globasearch.com/?serie=225&installkey=5bWvFSwg7hUzZZcANF8q&b=3&q={searchTerms}] [Bing]  =>PUP.Optional.IMBooster
SUPPRIMÉ clé: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} [http://www.globasearch.com/?serie=225&installkey=5bWvFSwg7hUzZZcANF8q&b=3&q={searchTerms}]  =>PUP.Optional.IMBooster
SUPPRIMÉ clé: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} [http://www.globasearch.com/?serie=225&installkey=5bWvFSwg7hUzZZcANF8q&b=3&q={searchTerms}]  =>PUP.Optional.IMBooster
SUPPRIMÉ clé*: HKLM\SYSTEM\CurrentControlSet\Services\PowZip [C:\WINDOWS\System32\drivers\PowZip.sys (Not File)]  =>PUP.Optional.Powzip
SUPPRIMÉ clé*: HKLM\SYSTEM\CurrentControlSet\Services\SecurityService [C:\Program Files (x86)\TotalAV\SecurityService.exe (Not File)]  =>.SUP.TotalAV
SUPPRIMÉ clé*: HKEY_USERS\S-1-5-21-792675821-2040888521-3431913534-1001\SOFTWARE\Interstatnogui []  =>Adware.UserMon
SUPPRIMÉ clé: HKCU\Software\Interstatnogui []  =>Adware.UserMon
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\my.totalav.com []  =>.SUP.TotalAV
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\secure.totalav.com []  =>.SUP.TotalAV
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\support.totalav.com [7865]  =>.SUP.TotalAV
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\totalav.com []  =>.SUP.TotalAV
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\www.totalav.com [41]  =>.SUP.TotalAV
SUPPRIMÉ clé*: HKCU\Software\undefined []  =>.SUP.Downloader
SUPPRIMÉ clé*: [X64] HKLM\Software\Classes\Installer\Products\436F6625D7B77354DBCD89DDC6CFAB1A [Online Application]  =>.SUP.Microleaves
SUPPRIMÉ clé*: HKLM\SYSTEM\CurrentControlSet\Services\IObitUnSvr []  =>.SUP.Elex
SUPPRIMÉ clé^: [X64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Online Application V2G1 []  =>.SUP.Microleaves
SUPPRIMÉ clé^: [X64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Online Application V2G2 []  =>.SUP.Microleaves
SUPPRIMÉ clé^: [X64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Online Application V2G3 []  =>.SUP.Microleaves
SUPPRIMÉ clé^: [X64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Online Application V2G4 []  =>.SUP.Microleaves
SUPPRIMÉ clé^: [X64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Online Application V2G5 []  =>.SUP.Microleaves
SUPPRIMÉ clé^: [X64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Online Application V2G6 []  =>.SUP.Microleaves
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microleaves []  =>.SUP.Microleaves
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\TotalAV [TotalAV]  =>.SUP.TotalAV
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{5266F634-7B7D-4537-BDDC-98DD6CFCBAA1} [Microleaves]  =>.SUP.Microleaves
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\TotalAV_RASAPI32 []  =>.SUP.TotalAV
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\TotalAV_RASMANCS []  =>.SUP.TotalAV
SUPPRIMÉ valeur: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\Interstatnogui [c:\users\magdeleine\appdata\roaming\interstatnogui\interstatnogui.exe]  =>Adware.UserMon
SUPPRIMÉ valeur: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run\\Interstatnogui [0x020000000000000000000000]  =>Adware.UserMon


---\\  RÉCAPITULATIF DES ÉLÉMENTS TROUVÉS SUR VOTRE STATION. (12)
https://nicolascoolman.eu/2017/10/30/sup-totalav/  =>.SUP.TotalAV
https://nicolascoolman.eu/2017/12/24/sup-microleaves/  =>.SUP.Microleaves
https://nicolascoolman.eu/2017/04/07/adware-usermon/  =>Adware.UserMon
https://nicolascoolman.eu/2018/07/07/pup-optional-powzip/  =>PUP.Optional.Powzip
https://nicolascoolman.eu/2017/03/28/superfluous-elex/  =>.SUP.Elex
https://nicolascoolman.eu/2018/06/01/adware-dotdo/  =>Adware.Dotdo
https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/  =>PUP.Optional.Generic
https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/  =>PUP.Optional.SoftUpgrade
https://nicolascoolman.eu/2017/12/21/sup-scanguard/  =>.SUP.ScanGuard
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/  =>.SUP.Various
https://nicolascoolman.eu/2017/09/08/adware-imbooster/  =>PUP.Optional.IMBooster
https://nicolascoolman.eu/2017/12/22/sup-downloader/  =>.SUP.Downloader


---\\  NETTOYAGE ADDITIONNEL. (27)
~ Suppression des Clés de registre Tracing. (24)
~ Suppression des anciens rapports ZHPCleaner. (3)


---\\ BILAN DE LA REPARATION
~ Réparation réalisée avec succès.
~ Ce navigateur est absent  (Mozilla Firefox)
~ Ce navigateur est absent  (Opera Software)
~ Le système a été redémarré.


---\\ STATISTIQUES
~ Items scannés : 595
~ Items trouvés : 0
~ Items annulés : 0
~ Items options : 0/7
~ Gain de place (Octets) : 0


~ End of clean in 00h02mn14s

---\\  LISTE DES RAPPORTS (2)
ZHPCleaner-[S]-23072018-00_24_26.txt
ZHPCleaner-[R]-23072018-00_31_23.txt