~ ZHPCleaner v2018.9.3.169 by Nicolas Coolman (2018/09/03)
~ Run by wanted (Administrator) (12/09/2018 19:50:23)
~ Web: https://www.nicolascoolman.com
~ Blog: https://nicolascoolman.eu/
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Version OK
~ Certificate ZHPCleaner: Legal
~ Type : Nettoyer
~ Report : C:\Users\wanted\Desktop\ZHPCleaner.txt
~ Quarantine : C:\Users\wanted\AppData\Roaming\ZHP\ZHPCleaner_Reg.txt
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
Windows 10 Pro, 64-bit (Build 17134)


---\\ ALTERNATE DATA STREAM (ADS). (0)
~ Aucun élément malicieux ou superflu trouvé.


---\\ SERVICE. (0)
~ Aucun élément malicieux ou superflu trouvé.


---\\ NAVIGATEUR INTERNET. (0)
~ Aucun élément malicieux ou superflu trouvé.


---\\ FICHIER HÔTE. (1)
~ Le fichier hôte est légitime. (25)


---\\ TÂCHE PLANIFIÉE. (0)
~ Aucun élément malicieux ou superflu trouvé.


---\\ EXPLORATEUR ( Dossiers, Fichiers ). (7)
DEPLACÉ fichier: C:\Users\wanted\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk [Bad : C:\Users\wanted\AppData\Roaming\uTorrent\uTorrent.exe](.BitTorrent Inc..) =>BitTorrent (P2P)
DEPLACÉ fichier: C:\Users\wanted\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\putlockerdownloader2@putlockerdownloader.com.xpi =>PUP.Optional.PutLocker
DEPLACÉ fichier: C:\Windows\Temp\i4jdel0.exe =>Heuristic.Suspect
DEPLACÉ dossier: C:\Program Files (x86)\LeapFrog =>.SUP.Empty
DEPLACÉ dossier: C:\Users\wanted\AppData\LocalLow\IminentToolbar =>PUP.Optional.IMBooster
DEPLACÉ dossier: C:\Program Files (x86)\Remote Mouse =>Adware.Suspect
DEPLACÉ dossier: C:\Program Files (x86)\QuickTime =>Riskware.QuickTime


---\\ BASE DE REGISTRES ( Clés, Valeurs, Données ). (50)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110011391115} [] =>Adware.CrossRider
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{31111111-1111-1111-1111-110311021197} [] =>Adware.CrossRider
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011391115} [] =>Adware.CrossRider
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}\1.0 [escortApp 1.0 Type Library] =>Adware.MySearchDial
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800} [escortApp 1.0 Type Library] =>Adware.MySearchDial
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\AppID\escortApp.DLL\ [] =>Adware.MySearchDial
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800} [escortApp] =>Adware.MySearchDial
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\uTorrent [BitTorrent Inc.] =>BitTorrent (P2P)
SUPPRIMÉ clé*: HKCU\Software\TeleCharger [] =>.SUP.Downloader
SUPPRIMÉ clé*: HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921} [] =>PUP.Optional.Legacy
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947} [escort] =>PUP.Optional.Legacy
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921} [escorTlbr] =>PUP.Optional.Legacy
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL [] =>Adware.Babylon
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\AppID\esrv.EXE [] =>PUP.Optional.Funmoods
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\AppID\escort.dll [] =>Adware.Babylon
SUPPRIMÉ clé: [X64] HKLM\SOFTWARE\Classes\AppID\escortapp.dll [] =>Adware.Babylon
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\AppID\escorteng.dll [] =>Adware.Babylon
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\AppID\{C292AD0A-C11F-479B-B8DB-743E72D283B0} [esrv] =>Adware.MySearchDial
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D} [escortEng] =>PUP.Optional.Funmoods
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56} [secman] =>PUP.Optional.Camec
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\TypeLib\{1112F282-7099-4624-A439-DB29D6551552} [OCComSDK 1.0 Type Library] =>Adware.OpenCandy
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5 [C:\Program Files (x86)\Iminent\inst\Bootstrapper\Bootstrapper.exe (Not File)] =>PUP.Optional.IMBooster
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3152E1F19977892449DC968802CE8964 [] =>PUP.Optional.Legacy
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467 [] =>PUP.Optional.Legacy
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375 [] =>PUP.Optional.IMBooster
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\43C098337DB065A49B665D4EA7F16D1C [] =>PUP.Optional.Generic
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5D8011310B2622942868A458964FFDC5 [] =>PUP.Optional.IMBooster
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6C63F7979DCC2154CB9591969A5CB89D [] =>PUP.Optional.IMBooster
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6DD31E6C1A73B334383DF186676F4D20 [] =>PUP.Optional.IMBooster
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A71991503412AEB42838B02C5ED9F9CD [] =>PUP.Optional.Generic
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AB3204F747B20694B8D49EF92D8DC94B [] =>PUP.Optional.IMBooster
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C81E33A400B6F814E90C7A3354E2A3A5 [] =>PUP.Optional.IMBooster
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EDBF68C5F16790341B7C6FD7C7F8E4FC [] =>PUP.Optional.IMBooster
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F2E0D3DD9E5E4B74CA43BCE77815E287 [] =>PUP.Optional.Generic
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F7652513C62FF63448CFF05163719DB7 [] =>PUP.Optional.Generic
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FFA531D0F3A71504DA7AC6A11CE33739 [] =>PUP.Optional.IMBooster
SUPPRIMÉ clé: [X64] HKLM\SOFTWARE\Wow6432Node\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947} [escort] =>PUP.Optional.Legacy
SUPPRIMÉ clé: [X64] HKLM\SOFTWARE\Wow6432Node\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921} [escorTlbr] =>PUP.Optional.Legacy
SUPPRIMÉ clé: [X64] HKLM\SOFTWARE\Wow6432Node\Classes\AppID\escorTlbr.DLL [] =>Adware.Babylon
SUPPRIMÉ clé: [X64] HKLM\SOFTWARE\Wow6432Node\Classes\AppID\esrv.EXE [] =>PUP.Optional.Funmoods
SUPPRIMÉ clé: [X64] HKLM\SOFTWARE\Wow6432Node\Classes\AppID\escort.dll [] =>Adware.Babylon
SUPPRIMÉ clé: [X64] HKLM\SOFTWARE\Wow6432Node\Classes\AppID\escortapp.dll [] =>Adware.Babylon
SUPPRIMÉ clé: [X64] HKLM\SOFTWARE\Wow6432Node\Classes\AppID\escorteng.dll [] =>Adware.Babylon
SUPPRIMÉ clé: [X64] HKLM\SOFTWARE\Wow6432Node\Classes\AppID\{C292AD0A-C11F-479B-B8DB-743E72D283B0} [esrv] =>Adware.MySearchDial
SUPPRIMÉ clé: [X64] HKLM\SOFTWARE\Wow6432Node\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D} [escortEng] =>PUP.Optional.Funmoods
SUPPRIMÉ clé: [X64] HKLM\SOFTWARE\Wow6432Node\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56} [secman] =>PUP.Optional.Camec
SUPPRIMÉ clé: [X64] HKLM\SOFTWARE\Wow6432Node\Classes\TypeLib\{1112F282-7099-4624-A439-DB29D6551552} [OCComSDK 1.0 Type Library] =>Adware.OpenCandy
SUPPRIMÉ valeur: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\GoogleChromeAutoLaunch_1E2CA3255352BADFEFB29158DE1A7C2F ["C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window] =>PUP.Optional.MyBrowser
SUPPRIMÉ valeur: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run\\Media Finder [0x03000000C0F5532A8E4ACE01] =>PUP.Optional.MediaFinder
SUPPRIMÉ valeur: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run\\cacaoweb [0x030000007CB173A78BEBCF01] =>.SUP.CacaoWeb


---\\ RÉCAPITULATIF DES ÉLÉMENTS TROUVÉS SUR VOTRE STATION. (19)
https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>BitTorrent (P2P)
https://www.nicolascoolman.com/fr/spyware-putlocker/ =>PUP.Optional.PutLocker
https://nicolascoolman.eu/2017/01/28/heuristic-suspect/ =>Heuristic.Suspect
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.SUP.Empty
https://nicolascoolman.eu/2017/09/08/adware-imbooster/ =>PUP.Optional.IMBooster
https://nicolascoolman.eu/2017/03/02/adware-suspect/ =>Adware.Suspect
https://nicolascoolman.eu/2017/01/15/riskware-quicktime/ =>Riskware.QuickTime
https://nicolascoolman.eu/2017/03/11/pup-optional-crossrider/ =>Adware.CrossRider
https://nicolascoolman.eu/2017/12/23/adware-mysearchdial/ =>Adware.MySearchDial
https://nicolascoolman.eu/2017/12/22/sup-downloader/ =>.SUP.Downloader
https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>PUP.Optional.Legacy
https://nicolascoolman.eu/2017/03/03/adware-babylon/ =>Adware.Babylon
https://www.nicolascoolman.com/fr/pup-funmoods/ =>PUP.Optional.Funmoods
https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>PUP.Optional.Camec
https://nicolascoolman.eu/2017/02/24/adware-opencandy/ =>Adware.OpenCandy
https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>PUP.Optional.Generic
https://nicolascoolman.eu/2017/11/01/adware-mybrowser/ =>PUP.Optional.MyBrowser
https://www.nicolascoolman.com/fr/pup-mediafinder/ =>PUP.Optional.MediaFinder
https://nicolascoolman.eu/2017/01/15/superfluous-cacaoweb/ =>.SUP.CacaoWeb


---\\ NETTOYAGE ADDITIONNEL. (12)
~ Suppression des Clés de registre Tracing. (12)
~ Suppression des anciens rapports ZHPCleaner. (0)


---\\ BILAN DE LA REPARATION
~ Réparation réalisée avec succès.
~ Ce navigateur est absent (Mozilla Firefox)
~ Ce navigateur est absent (Opera Software)


---\\ STATISTIQUES
~ Items scannés : 643
~ Items trouvés : 0
~ Items annulés : 0
~ Items options : 0/7
~ Gain de place (Octets) : 0


~ End of clean in 00h01mn10s

---\\ LISTE DES RAPPORTS (2)
ZHPCleaner-[S]-12092018-19_48_41.txt
ZHPCleaner-[R]-12092018-19_51_33.txt