Publicité
Publicité
Format du document : text/plain
Prévisualisation
~ ZHPCleaner v2016.12.21.221 by Nicolas Coolman (2016/12/21)
~ Run by Fabrice (Administrator) (24/12/2016 09:35:14)
~ Web: https://www.nicolascoolman.com
~ Blog: https://www.anti-malware.top
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version :
~ Type : Repair
~ Report : C:\Users\Fabrice\Desktop\ZHPCleaner.txt
~ Quarantine : C:\Users\Fabrice\AppData\Roaming\ZHP\ZHPCleaner_Quarantine.txt
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
Windows 7 Home Premium, 64-bit Service Pack 1 (Build 7601)
---\\ Services (1)
CLOSED : ExpressVpnService =>PUP.Optional.ServiceManager
---\\ Browser internet (1)
REPLACED IE Params: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page [http://www.search.ask.com/?tpid=ORJ-V7-SAT&o=APN11461&pf=V7&trgb=IE&p2=%5EBE7%5E[...]] =>Toolbar.Ask
---\\ Hosts file (1)
~ The hosts file is legitimate (21)
---\\ Scheduled automatic tasks. (0)
~ No malicious or unnecessary items found.
---\\ Explorer ( File, Folder) (25)
MOVED file: C:\Program Files (x86)\ExpressVPN\bootstrap\AMD64\nssm.exe [Public Domain; Author Iain Patterson 2003-2014 - The non-sucking service manager] =>
MOVED file: C:\Windows\Prefetch\AMZNSEARCHPROTECT.EXE-69CB8B09.pf =>
MOVED file: C:\Windows\Installer\wix{2E4AF2A6-50EA-4260-9BA4-5E582D11879A}.SchedServiceConfig.rmi =>
MOVED file: C:\Windows\Installer\wix{6AF2AC2A-3532-43FD-9F4D-BDC9C0D724C7}.SchedServiceConfig.rmi =>
MOVED file: C:\Windows\Installer\wix{AA11FD16-297F-452D-9015-F9014303CDD3}.SchedServiceConfig.rmi =>
MOVED file: C:\Windows\Installer\wix{B6DCCCD3-520D-4485-B642-FCC136CE12C3}.SchedServiceConfig.rmi =>
MOVED file: C:\Windows\Installer\wix{FA378CD1-F32D-4610-9884-3902DF8AF826}.SchedServiceConfig.rmi =>
MOVED file: C:\Windows\Installer\wix{FE86CB0C-FCB3-4358-B4B0-B0A41E33B3DD}.SchedServiceConfig.rmi =>
MOVED file: C:\Users\Fabrice\AppData\Local\Google\Chrome\User Data\Default\bProtector Web Data =>
MOVED file: C:\Users\Fabrice\AppData\Local\Google\Chrome\User Data\Default\bprotectorpreferences =>
MOVED file: C:\Windows\Installer\{4F524A2D-5637-2D53-4154-A758B70C2D01}\ToolbarIcon.exe =>
MOVED file*: C:\Windows\Installer\{4F524A2D-5637-006A-76A7-A758B70C2E00}\ToolbarIcon.exe =>
MOVED folder: C:\Users\Fabrice\AppData\Roaming\Delta =>.Superfluous.DeltaSearch
MOVED folder: C:\Users\Fabrice\Music\iMesh =>.Superfluous.iMesh
MOVED folder: C:\Windows\Installer\MSI30E1.tmp- =>.Superfluous.Empty
MOVED folder: C:\Windows\Installer\MSI3A0B.tmp- =>.Superfluous.Empty
MOVED folder: C:\Windows\Installer\MSI3BCA.tmp- =>.Superfluous.Empty
MOVED folder: C:\Windows\Installer\MSI3BF.tmp- =>.Superfluous.Empty
MOVED folder: C:\Windows\Installer\MSI3CA6.tmp- =>.Superfluous.Empty
MOVED folder: C:\Windows\Installer\MSI3D91.tmp- =>.Superfluous.Empty
MOVED folder: C:\Windows\Installer\MSI3EBA.tmp- =>.Superfluous.Empty
MOVED folder: C:\Windows\Installer\MSI68A8.tmp- =>.Superfluous.Empty
MOVED folder: C:\Windows\Installer\MSIA4D0.tmp- =>.Superfluous.Empty
MOVED folder: C:\Windows\Installer\MSICF3B.tmp- =>.Superfluous.Empty
MOVED folder: C:\Windows\Installer\MSIF69.tmp- =>.Superfluous.Empty
---\\ Registry ( Key, Value, Data) (33)
DELETED value: [X64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{4F524A2D-5637-2D53-4154-7A786E7484D7} [Ask Shopping Toolbar] =>PUP.Optional.APNToolBar
DELETED value: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{4F524A2D-5637-2D53-4154-7A786E7484D7} [Ask Shopping Toolbar] =>PUP.Optional.APNToolBar
DELETED key*: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4F524A2D-5637-006A-76A7-7A786E7484D7} [Ask Toolbar BHO] =>Toolbar.AskTBar
DELETED key*: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4F524A2D-5637-2D53-4154-7A786E7484D7} [Ask Shopping Toolbar BHO] =>PUP.Optional.Bandoo
DELETED key*: [X64] HKLM\Software\Classes\CLSID\{4F524A2D-5637-006A-76A7-7A786E7484D7} [Ask Toolbar] =>Toolbar.AskTBar
DELETED key*: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{4F524A2D-5637-2D53-4154-7A786E7484D7} [] =>PUP.Optional.Bandoo
DELETED key*: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4F524A2D-5637-2D53-4154-7A786E7484D7} [] =>PUP.Optional.Bandoo
DELETED key*: [X64] HKLM\Software\Classes\CLSID\{4F524A2D-5637-2D53-4154-7A786E7484D7} [Ask Shopping Toolbar] =>PUP.Optional.Bandoo
DELETED key*: [X64] HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{4F524A2D-5637-2D53-4154-7A786E7484D7} [Ask Shopping Toolbar] =>PUP.Optional.Bandoo
DELETED key*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4F524A2D-5637-2D53-4154-7A786E7484D7} [Ask Shopping Toolbar BHO] =>PUP.Optional.Bandoo
DELETED key*: HKLM\SYSTEM\CurrentControlSet\Services\ExpressVpnService [C:\Program Files (x86)\ExpressVPN\bootstrap\AMD64\nssm.exe (Not File)] =>PUP.Optional.ServiceManager
DELETED key*: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\calendarspark.dl.myway.com [12] =>.Superfluous.MindSpark
DELETED key*: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\filmfanatic2.dl.myway.com [12] =>.Superfluous.MindSpark
DELETED key*: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\putlocker.com [] =>PUP.Optional.PutLocker
DELETED key*: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\safepcrepair.dl.myway.com [12] =>.Superfluous.SafePCRepair
DELETED key*: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\static.audienceinsights.net [43] =>.Superfluous.AudienceInsights
DELETED key*: [X64] HKLM\SOFTWARE\Classes\d [escrtAx Object] =>PUP.Optional.Generic
DELETED key*: [X64] HKLM\Software\Classes\Installer\Products\D2A425F47365A600677A7A857BC0E200 [Ask Toolbar] =>Toolbar.AskTBar
DELETED key*: [X64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6978F29A-3493-40B2-8CDC-9C13A02F85A4} [C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ (Not File)] =>PUP.Optional.APNToolBar
DELETED key*: [X64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D7949A66-D936-4028-9552-14F7DC50F38D} [C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ (Not File)] =>PUP.Optional.APNToolBar
DELETED key*: [X64] HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5} [ITool] =>Toolbar.Ask
DELETED key*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{4F524A2D-5637-006A-76A7-A758B70C2E00} [APN, LLC] =>PUP.Optional.Bandoo
DELETED key*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{4F524A2D-5637-2D53-4154-A758B70C2D01} [APN, LLC] =>PUP.Optional.Bandoo
DELETED key*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} [Google Inc.] =>Heuristic.Suspect
DELETED key*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0ABE0FED-50E7-4e42-A125-57C0A11DBCDE} [C:\Program Files (x86)\iMesh Applications\iMesh (Not File)] =>.Superfluous.iMesh
DELETED key*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6978F29A-3493-40B2-8CDC-9C13A02F85A4} [C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ (Not File)] =>PUP.Optional.APNToolBar
DELETED key*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D7949A66-D936-4028-9552-14F7DC50F38D} [C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ (Not File)] =>PUP.Optional.APNToolBar
DELETED key*: [X64] HKLM\Software\Classes\Installer\Products\D2A425F4736535D214457A857BC0D210 [Ask Shopping Toolbar] =>PUP.Optional.Bandoo
DELETED key*: [X64] HKLM\Software\Classes\Installer\Features\D2A425F4736535D214457A857BC0D210 [] =>PUP.Optional.Bandoo
DELETED key*: [X64] HKLM\Software\Classes\Installer\Features\D2A425F47365A600677A7A857BC0E200 [] =>Toolbar.AskTBar
DELETED key: [X64] HKLM\SOFTWARE\Classes\CLSID\{4F524A2D-5637-006A-76A7-7A786E7484D7}\InprocServer32 ["C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-V7\Passport_x64.dll" (Not File)] =>Toolbar.AskTBar
DELETED key: [X64] HKLM\SOFTWARE\Classes\CLSID\{4F524A2D-5637-2D53-4154-7A786E7484D7}\InprocServer32 ["C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-V7-SAT\Passport_x64.dll" (Not File)] =>PUP.Optional.APNToolBar
DELETED value: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\{7ECBC3BB-D3E6-4495-9733-051320F809B4} [C:\Program Files (x86)\iMesh Applications\iMesh\iMesh.exe] =>.Superfluous.iMesh
---\\ Summary of the elements found (14)
https://www.nicolascoolman.com/fr/repaquetage-et_infections/ =>PUP.Optional.ServiceManager
https://www.anti-malware.top/2016/09/22/toolbar-ask/ =>Toolbar.Ask
https://www.nicolascoolman.com/fr/toolbar-deltasearch/ =>.Superfluous.DeltaSearch
https://www.nicolascoolman.com/fr/pup-imesh/ =>.Superfluous.iMesh
https://www.nicolascoolman.com/fr/logiciels-superflus =>.Superfluous.Empty
https://www.nicolascoolman.com/fr/repaquetage-et_infections/ =>PUP.Optional.APNToolBar
https://www.nicolascoolman.com/fr/?p=5143 =>Toolbar.AskTBar
https://www.nicolascoolman.com/fr/adware-bandoo/ =>PUP.Optional.Bandoo
https://www.anti-malware.top/2016/05/29/superfluous-mindspark/ =>.Superfluous.MindSpark
https://www.nicolascoolman.com/fr/spyware-putlocker/ =>PUP.Optional.PutLocker
https://www.nicolascoolman.com/fr/logiciels-superflus =>.Superfluous.SafePCRepair
https://www.nicolascoolman.com/fr/logiciels-superflus =>.Superfluous.AudienceInsights
https://www.anti-malware.top/2016/05/01/definition-dun-logiciel-pup-lpi/ =>PUP.Optional.Generic
https://www.anti-malware.top/2016/04/22/heuristic-suspect/ =>Heuristic.Suspect
---\\ Other deletions. (39)
~ Registry Keys Tracing deleted (39)
~ Remove the old reports ZHPCleaner. (0)
---\\ Result of repair
~ Repair carried out successfully
~ Browser not found (Mozilla Firefox)
~ Browser not found (Opera Software)
---\\ Statistics
~ Items scanned : 392
~ Items found : 0
~ Items cancelled : 1
~ Items repaired : 60
~ End of clean in 00h00mn58s
~====================
ZHPCleaner-[R]-24122016-09_36_12.txt
ZHPCleaner-[S]-24122016-09_32_23.txt
~ Run by Fabrice (Administrator) (24/12/2016 09:35:14)
~ Web: https://www.nicolascoolman.com
~ Blog: https://www.anti-malware.top
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version :
~ Type : Repair
~ Report : C:\Users\Fabrice\Desktop\ZHPCleaner.txt
~ Quarantine : C:\Users\Fabrice\AppData\Roaming\ZHP\ZHPCleaner_Quarantine.txt
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
Windows 7 Home Premium, 64-bit Service Pack 1 (Build 7601)
---\\ Services (1)
CLOSED : ExpressVpnService =>PUP.Optional.ServiceManager
---\\ Browser internet (1)
REPLACED IE Params: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page [http://www.search.ask.com/?tpid=ORJ-V7-SAT&o=APN11461&pf=V7&trgb=IE&p2=%5EBE7%5E[...]] =>Toolbar.Ask
---\\ Hosts file (1)
~ The hosts file is legitimate (21)
---\\ Scheduled automatic tasks. (0)
~ No malicious or unnecessary items found.
---\\ Explorer ( File, Folder) (25)
MOVED file: C:\Program Files (x86)\ExpressVPN\bootstrap\AMD64\nssm.exe [Public Domain; Author Iain Patterson 2003-2014 - The non-sucking service manager] =>
MOVED file: C:\Windows\Prefetch\AMZNSEARCHPROTECT.EXE-69CB8B09.pf =>
MOVED file: C:\Windows\Installer\wix{2E4AF2A6-50EA-4260-9BA4-5E582D11879A}.SchedServiceConfig.rmi =>
MOVED file: C:\Windows\Installer\wix{6AF2AC2A-3532-43FD-9F4D-BDC9C0D724C7}.SchedServiceConfig.rmi =>
MOVED file: C:\Windows\Installer\wix{AA11FD16-297F-452D-9015-F9014303CDD3}.SchedServiceConfig.rmi =>
MOVED file: C:\Windows\Installer\wix{B6DCCCD3-520D-4485-B642-FCC136CE12C3}.SchedServiceConfig.rmi =>
MOVED file: C:\Windows\Installer\wix{FA378CD1-F32D-4610-9884-3902DF8AF826}.SchedServiceConfig.rmi =>
MOVED file: C:\Windows\Installer\wix{FE86CB0C-FCB3-4358-B4B0-B0A41E33B3DD}.SchedServiceConfig.rmi =>
MOVED file: C:\Users\Fabrice\AppData\Local\Google\Chrome\User Data\Default\bProtector Web Data =>
MOVED file: C:\Users\Fabrice\AppData\Local\Google\Chrome\User Data\Default\bprotectorpreferences =>
MOVED file: C:\Windows\Installer\{4F524A2D-5637-2D53-4154-A758B70C2D01}\ToolbarIcon.exe =>
MOVED file*: C:\Windows\Installer\{4F524A2D-5637-006A-76A7-A758B70C2E00}\ToolbarIcon.exe =>
MOVED folder: C:\Users\Fabrice\AppData\Roaming\Delta =>.Superfluous.DeltaSearch
MOVED folder: C:\Users\Fabrice\Music\iMesh =>.Superfluous.iMesh
MOVED folder: C:\Windows\Installer\MSI30E1.tmp- =>.Superfluous.Empty
MOVED folder: C:\Windows\Installer\MSI3A0B.tmp- =>.Superfluous.Empty
MOVED folder: C:\Windows\Installer\MSI3BCA.tmp- =>.Superfluous.Empty
MOVED folder: C:\Windows\Installer\MSI3BF.tmp- =>.Superfluous.Empty
MOVED folder: C:\Windows\Installer\MSI3CA6.tmp- =>.Superfluous.Empty
MOVED folder: C:\Windows\Installer\MSI3D91.tmp- =>.Superfluous.Empty
MOVED folder: C:\Windows\Installer\MSI3EBA.tmp- =>.Superfluous.Empty
MOVED folder: C:\Windows\Installer\MSI68A8.tmp- =>.Superfluous.Empty
MOVED folder: C:\Windows\Installer\MSIA4D0.tmp- =>.Superfluous.Empty
MOVED folder: C:\Windows\Installer\MSICF3B.tmp- =>.Superfluous.Empty
MOVED folder: C:\Windows\Installer\MSIF69.tmp- =>.Superfluous.Empty
---\\ Registry ( Key, Value, Data) (33)
DELETED value: [X64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{4F524A2D-5637-2D53-4154-7A786E7484D7} [Ask Shopping Toolbar] =>PUP.Optional.APNToolBar
DELETED value: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{4F524A2D-5637-2D53-4154-7A786E7484D7} [Ask Shopping Toolbar] =>PUP.Optional.APNToolBar
DELETED key*: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4F524A2D-5637-006A-76A7-7A786E7484D7} [Ask Toolbar BHO] =>Toolbar.AskTBar
DELETED key*: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4F524A2D-5637-2D53-4154-7A786E7484D7} [Ask Shopping Toolbar BHO] =>PUP.Optional.Bandoo
DELETED key*: [X64] HKLM\Software\Classes\CLSID\{4F524A2D-5637-006A-76A7-7A786E7484D7} [Ask Toolbar] =>Toolbar.AskTBar
DELETED key*: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{4F524A2D-5637-2D53-4154-7A786E7484D7} [] =>PUP.Optional.Bandoo
DELETED key*: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4F524A2D-5637-2D53-4154-7A786E7484D7} [] =>PUP.Optional.Bandoo
DELETED key*: [X64] HKLM\Software\Classes\CLSID\{4F524A2D-5637-2D53-4154-7A786E7484D7} [Ask Shopping Toolbar] =>PUP.Optional.Bandoo
DELETED key*: [X64] HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{4F524A2D-5637-2D53-4154-7A786E7484D7} [Ask Shopping Toolbar] =>PUP.Optional.Bandoo
DELETED key*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4F524A2D-5637-2D53-4154-7A786E7484D7} [Ask Shopping Toolbar BHO] =>PUP.Optional.Bandoo
DELETED key*: HKLM\SYSTEM\CurrentControlSet\Services\ExpressVpnService [C:\Program Files (x86)\ExpressVPN\bootstrap\AMD64\nssm.exe (Not File)] =>PUP.Optional.ServiceManager
DELETED key*: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\calendarspark.dl.myway.com [12] =>.Superfluous.MindSpark
DELETED key*: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\filmfanatic2.dl.myway.com [12] =>.Superfluous.MindSpark
DELETED key*: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\putlocker.com [] =>PUP.Optional.PutLocker
DELETED key*: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\safepcrepair.dl.myway.com [12] =>.Superfluous.SafePCRepair
DELETED key*: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\static.audienceinsights.net [43] =>.Superfluous.AudienceInsights
DELETED key*: [X64] HKLM\SOFTWARE\Classes\d [escrtAx Object] =>PUP.Optional.Generic
DELETED key*: [X64] HKLM\Software\Classes\Installer\Products\D2A425F47365A600677A7A857BC0E200 [Ask Toolbar] =>Toolbar.AskTBar
DELETED key*: [X64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6978F29A-3493-40B2-8CDC-9C13A02F85A4} [C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ (Not File)] =>PUP.Optional.APNToolBar
DELETED key*: [X64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D7949A66-D936-4028-9552-14F7DC50F38D} [C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ (Not File)] =>PUP.Optional.APNToolBar
DELETED key*: [X64] HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5} [ITool] =>Toolbar.Ask
DELETED key*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{4F524A2D-5637-006A-76A7-A758B70C2E00} [APN, LLC] =>PUP.Optional.Bandoo
DELETED key*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{4F524A2D-5637-2D53-4154-A758B70C2D01} [APN, LLC] =>PUP.Optional.Bandoo
DELETED key*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} [Google Inc.] =>Heuristic.Suspect
DELETED key*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0ABE0FED-50E7-4e42-A125-57C0A11DBCDE} [C:\Program Files (x86)\iMesh Applications\iMesh (Not File)] =>.Superfluous.iMesh
DELETED key*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6978F29A-3493-40B2-8CDC-9C13A02F85A4} [C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ (Not File)] =>PUP.Optional.APNToolBar
DELETED key*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D7949A66-D936-4028-9552-14F7DC50F38D} [C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ (Not File)] =>PUP.Optional.APNToolBar
DELETED key*: [X64] HKLM\Software\Classes\Installer\Products\D2A425F4736535D214457A857BC0D210 [Ask Shopping Toolbar] =>PUP.Optional.Bandoo
DELETED key*: [X64] HKLM\Software\Classes\Installer\Features\D2A425F4736535D214457A857BC0D210 [] =>PUP.Optional.Bandoo
DELETED key*: [X64] HKLM\Software\Classes\Installer\Features\D2A425F47365A600677A7A857BC0E200 [] =>Toolbar.AskTBar
DELETED key: [X64] HKLM\SOFTWARE\Classes\CLSID\{4F524A2D-5637-006A-76A7-7A786E7484D7}\InprocServer32 ["C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-V7\Passport_x64.dll" (Not File)] =>Toolbar.AskTBar
DELETED key: [X64] HKLM\SOFTWARE\Classes\CLSID\{4F524A2D-5637-2D53-4154-7A786E7484D7}\InprocServer32 ["C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-V7-SAT\Passport_x64.dll" (Not File)] =>PUP.Optional.APNToolBar
DELETED value: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\{7ECBC3BB-D3E6-4495-9733-051320F809B4} [C:\Program Files (x86)\iMesh Applications\iMesh\iMesh.exe] =>.Superfluous.iMesh
---\\ Summary of the elements found (14)
https://www.nicolascoolman.com/fr/repaquetage-et_infections/ =>PUP.Optional.ServiceManager
https://www.anti-malware.top/2016/09/22/toolbar-ask/ =>Toolbar.Ask
https://www.nicolascoolman.com/fr/toolbar-deltasearch/ =>.Superfluous.DeltaSearch
https://www.nicolascoolman.com/fr/pup-imesh/ =>.Superfluous.iMesh
https://www.nicolascoolman.com/fr/logiciels-superflus =>.Superfluous.Empty
https://www.nicolascoolman.com/fr/repaquetage-et_infections/ =>PUP.Optional.APNToolBar
https://www.nicolascoolman.com/fr/?p=5143 =>Toolbar.AskTBar
https://www.nicolascoolman.com/fr/adware-bandoo/ =>PUP.Optional.Bandoo
https://www.anti-malware.top/2016/05/29/superfluous-mindspark/ =>.Superfluous.MindSpark
https://www.nicolascoolman.com/fr/spyware-putlocker/ =>PUP.Optional.PutLocker
https://www.nicolascoolman.com/fr/logiciels-superflus =>.Superfluous.SafePCRepair
https://www.nicolascoolman.com/fr/logiciels-superflus =>.Superfluous.AudienceInsights
https://www.anti-malware.top/2016/05/01/definition-dun-logiciel-pup-lpi/ =>PUP.Optional.Generic
https://www.anti-malware.top/2016/04/22/heuristic-suspect/ =>Heuristic.Suspect
---\\ Other deletions. (39)
~ Registry Keys Tracing deleted (39)
~ Remove the old reports ZHPCleaner. (0)
---\\ Result of repair
~ Repair carried out successfully
~ Browser not found (Mozilla Firefox)
~ Browser not found (Opera Software)
---\\ Statistics
~ Items scanned : 392
~ Items found : 0
~ Items cancelled : 1
~ Items repaired : 60
~ End of clean in 00h00mn58s
~====================
ZHPCleaner-[R]-24122016-09_36_12.txt
ZHPCleaner-[S]-24122016-09_32_23.txt