~ ZHPCleaner v2017.9.20.164 by Nicolas Coolman (2017/09/20)
~ Run by antoi_000 (Administrator)  (21/09/2017 11:44:23)
~ Web: https://www.nicolascoolman.com
~ Blog: https://nicolascoolman.eu/
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Version OK
~ Certificate ZHPCleaner: Legal
~ Type : Nettoyer
~ Report : C:\Users\antoi_000\Desktop\ZHPCleaner.txt
~ Quarantine : C:\Users\antoi_000\AppData\Roaming\ZHP\ZHPCleaner_Reg.txt
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
Windows 8.1, 64-bit  (Build 9600)


---\\  Service. (0)
~ Aucun élément malicieux ou superflu trouvé.


---\\  Navigateur internet. (0)
~ Aucun élément malicieux ou superflu trouvé.


---\\  Fichier hôte. (2)
REMPLACÉ: Adobe Blocker
~ Nombre de redirections trouvées 1/30


---\\  Tâche planifiée. (1)
SUPPRIMÉ tâche: [Yahoo! Powered disel] [C:\ProgramData\{8E0B4B68-0449-C1AE-828F-5FEC18CDD422}\rimo.txt (Not File) ]  =>Adware.YahooPowered


---\\  Explorateur  ( Dossiers, Fichiers ). (23)
DEPLACÉ fichier: C:\Users\antoi_000\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_nahhmpbckpgdidfnmfkfgiflpjijilce_0.localstorage    =>.SUP.SearchManager
DEPLACÉ fichier: C:\ProgramData\{8E0B4B68-0449-C1AE-828F-5FEC18CDD422}\rimo.txt    =>Adware.YahooPowered
DEPLACÉ fichier: C:\Windows\Tasks\Yahoo! Powered disel.job    =>Adware.YahooPowered
DEPLACÉ fichier: C:\Windows\Prefetch\BYTEFENCE.EXE-945F23E2.pf    =>.SUP.ByteFence
DEPLACÉ fichier: C:\Users\antoi_000\Downloads\ReimageRepair.exe [Reimage - Reimage Downloader]  =>.SUP.ReimageRepair
DEPLACÉ fichier: C:\Users\antoi_000\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_d16fk4ms6rqz1v.cloudfront.net_0.localstorage    =>.SUP.CloudfrontNet
DEPLACÉ fichier: C:\Users\antoi_000\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_d16fk4ms6rqz1v.cloudfront.net_0.localstorage-journal    =>.SUP.CloudfrontNet
DEPLACÉ fichier: C:\Users\antoi_000\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.audienceinsights.net_0.localstorage    =>.SUP.AudienceInsights
DEPLACÉ fichier: C:\Users\antoi_000\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.audienceinsights.net_0.localstorage-journal    =>.SUP.AudienceInsights
DEPLACÉ dossier*: C:\Users\antoi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce  =>.SUP.SearchManager
DEPLACÉ dossier*: C:\ProgramData\Microsoft Toolkit  =>HackTool.AutoKMS
DEPLACÉ dossier*: C:\Users\antoi_000\AppData\Local\Tempzxpsign337ebabeb260eb7c  =>.SUP.Temporary
DEPLACÉ dossier*: C:\Users\antoi_000\AppData\Local\Tempzxpsign538bd90fee27174f  =>.SUP.Temporary
DEPLACÉ dossier*: C:\Users\antoi_000\AppData\Local\Tempzxpsign563689dfc0b52666  =>.SUP.Temporary
DEPLACÉ dossier*: C:\Users\antoi_000\AppData\Local\Tempzxpsign7c97ac4756dedb84  =>.SUP.Temporary
DEPLACÉ dossier*: C:\Users\antoi_000\AppData\Local\Tempzxpsign8b4c943acc616014  =>.SUP.Temporary
DEPLACÉ dossier*: C:\Users\antoi_000\AppData\Local\Tempzxpsignaf3d3809554a4f85  =>.SUP.Temporary
DEPLACÉ dossier*: C:\Users\antoi_000\AppData\Local\Tempzxpsigncfb470141bb175da  =>.SUP.Temporary
DEPLACÉ dossier*: C:\Users\antoi_000\AppData\Local\Tempzxpsignea3b5ae834de6fc7  =>.SUP.Temporary
DEPLACÉ dossier*: C:\Users\antoi_000\AppData\Local\Tempzxpsignf8c11e4e1ae68b33  =>.SUP.Temporary
DEPLACÉ dossier*: C:\Program Files (x86)\QuickTime  =>Riskware.QuickTime
DEPLACÉ dossier*: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime  =>Riskware.QuickTime
DEPLACÉ dossier*: C:\Users\antoi_000\AppData\Local\Google\Chrome\User Data\Default\File System\008  =>PUP.Optional.DomaIQ


---\\  Base de Registres ( Clés, Valeurs, Données ). (14)
SUPPRIMÉ clé: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2211d4a5-48d0-47f5-a7cd-81e861470f7f} [https://fr.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_dmontlsfs_17_38[...]] [Yahoo! Powered]  =>Adware.YahooPowered
SUPPRIMÉ clé: [X64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} [https://fr.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_dmontlsfs_17_38[...]] [Yahoo! Powered]  =>Adware.YahooPowered
SUPPRIMÉ clé: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} [https://fr.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_dmontlsfs_17_38[...]] [Yahoo! Powered]  =>Adware.YahooPowered
SUPPRIMÉ clé*: HKCU\SOFTWARE\Google\Chrome\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce []  =>.SUP.SearchManager
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Google\Chrome\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce []  =>.SUP.SearchManager
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce []  =>.SUP.SearchManager
SUPPRIMÉ clé: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2211d4a5-48d0-47f5-a7cd-81e861470f7f} [https://fr.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_dmontlsfs_17_38&param1=1&param2=f%3D4%26b%3DIE%26cc%3Dfr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1Qzu0BtBtCtDyEtCyDtByEzz0EtC0Bzy0EtAtN0D0Tzu0StBtDzzzytN1L2XzutAtFtBzytFtCtDyEtFzytAtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2SyE0BtDzz0F0AyB0DtGyDyDtBzztGyB0CyCzytGyD0DyEyDtGtBtD0CyDtAtCyBtA0F0D0EtD2QtN1M1F1B2Z1V1N2Y1L1Qzu2StBzytAtC0F0D0BzytG0FtA0A0CtGyEzz0DtAtG0ByD0DtAtG0B0E0BtByEyB0DyCtCyCyDyB2QtN0A0LzuyEtN1B2Z1V1T1S1NzutCyEtAtAzz%26cr%3D125363017%26a%3Dwbf_dmontlsfs_17_38%26os_ver%3D6.3%26os%3DWindows%2B8.1&p={searchTerms}]  =>Adware.YahooPowered
SUPPRIMÉ clé: [X64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} [https://fr.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_dmontlsfs_17_38&param1=1&param2=f%3D4%26b%3DIE%26cc%3Dfr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1Qzu0BtBtCtDyEtCyDtByEzz0EtC0Bzy0EtAtN0D0Tzu0StBtDzzzytN1L2XzutAtFtBzytFtCtDyEtFzytAtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2SyE0BtDzz0F0AyB0DtGyDyDtBzztGyB0CyCzytGyD0DyEyDtGtBtD0CyDtAtCyBtA0F0D0EtD2QtN1M1F1B2Z1V1N2Y1L1Qzu2StBzytAtC0F0D0BzytG0FtA0A0CtGyEzz0DtAtG0ByD0DtAtG0B0E0BtByEyB0DyCtCyCyDyB2QtN0A0LzuyEtN1B2Z1V1T1S1NzutCyEtAtAzz%26cr%3D125363017%26a%3Dwbf_dmontlsfs_17_38%26os_ver%3D6.3%26os%3DWindows%2B8.1&p={searchTerms}]  =>Adware.YahooPowered
SUPPRIMÉ clé: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} [https://fr.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_dmontlsfs_17_38&param1=1&param2=f%3D4%26b%3DIE%26cc%3Dfr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1Qzu0BtBtCtDyEtCyDtByEzz0EtC0Bzy0EtAtN0D0Tzu0StBtDzzzytN1L2XzutAtFtBzytFtCtDyEtFzytAtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2SyE0BtDzz0F0AyB0DtGyDyDtBzztGyB0CyCzytGyD0DyEyDtGtBtD0CyDtAtCyBtA0F0D0EtD2QtN1M1F1B2Z1V1N2Y1L1Qzu2StBzytAtC0F0D0BzytG0FtA0A0CtGyEzz0DtAtG0ByD0DtAtG0B0E0BtByEyB0DyCtCyCyDyB2QtN0A0LzuyEtN1B2Z1V1T1S1NzutCyEtAtAzz%26cr%3D125363017%26a%3Dwbf_dmontlsfs_17_38%26os_ver%3D6.3%26os%3DWindows%2B8.1&p={searchTerms}]  =>Adware.YahooPowered
SUPPRIMÉ clé*: [X64] HKLM\Software\Classes\Installer\Products\0C0B9F88303FDA54F88C8473B34497DB [Bifrost for Maya 2018]  =>Trojan.Bifrose
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Microsoft\Tracing\ByteFence_RASAPI32 []  =>.SUP.ByteFence
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Microsoft\Tracing\ByteFence_RASMANCS []  =>.SUP.ByteFence
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Bifrost for Maya 2018 [Bifrost for Maya 2018 1.5.0.0]  =>Trojan.Bifrose
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\WebDiscoverBrowser []  =>PUP.Optional.WebDisco


---\\  Récapitulatif des éléments trouvés sur votre station. (12)
https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/  =>Adware.YahooPowered
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/  =>.SUP.SearchManager
https://nicolascoolman.eu/2017/03/13/superfluous-bytefence/  =>.SUP.ByteFence
https://nicolascoolman.eu/2017/01/27/superfluous-reimagerepair/  =>.SUP.ReimageRepair
https://nicolascoolman.eu/2017/02/02/superfluous-cloudfrontnet/  =>.SUP.CloudfrontNet
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/  =>.SUP.AudienceInsights
https://nicolascoolman.eu/2017/02/02/hacktool-autokms/  =>HackTool.AutoKMS
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/  =>.SUP.Temporary
https://nicolascoolman.eu/2017/01/15/riskware-quicktime/  =>Riskware.QuickTime
https://www.nicolascoolman.com/fr/adware-domaiq/  =>PUP.Optional.DomaIQ
https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/  =>Trojan.Bifrose
https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/  =>PUP.Optional.WebDisco


---\\  Nettoyage Additionnel. (11)
~ Suppression des Clés de registre Tracing. (11)
~ Suppression des anciens rapports ZHPCleaner. (0)


---\\ Bilan de la réparation
~ Réparation réalisée avec succès.
~ Ce navigateur est absent  (Mozilla Firefox)
~ Ce navigateur est absent  (Opera Software)


---\\ Statistiques
~ Items scannés : 818
~ Items trouvés : 0
~ Items annulés : 0
~ Items réparés : 39


~ End of clean in 00h00mn27s
~====================
ZHPCleaner-[R]-21092017-11_44_50.txt
ZHPCleaner-[S]-21092017-11_42_56.txt