Publicité
Publicité
Format du document : text/plain
Prévisualisation
~ ZHPCleaner v2017.8.31.148 by Nicolas Coolman (2017/08/31)
~ Run by Adrian (Administrator) (08/09/2017 09:40:12)
~ Web: https://www.nicolascoolman.com
~ Blog: https://nicolascoolman.eu/
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Version KO
~ Certificate ZHPCleaner: Legal
~ Type : Scan
~ Report : C:\Users\Adrian\Desktop\ZHPCleaner.txt
~ Quarantine : C:\Users\Adrian\AppData\Roaming\ZHP\ZHPCleaner_Reg.txt
~ UAC : Deactivate
~ Boot Mode : Normal (Normal boot)
Windows 7 Professional, 64-bit Service Pack 1 (Build 7601)
---\\ Services (0)
~ No malicious or unnecessary items found.
---\\ Browser internet (6)
FOUND folder: C:\Program Files (x86)\Mozilla Firefox\browser\extensions\afproxy@anchorfree.com =>Adware.Wizzcaster
FOUND Google Chrome Preferences: "http://www.yeadesktop.com/" =>PUP.Optional.Zusy
FOUND Desktop: C:\Users\Public\Desktop\Google Chrome.lnk [Bad : http://www.yeadesktop.com/](.Google Inc..) =>PUP.Optional.Zusy
FOUND Desktop: C:\Users\Public\Desktop\Mozilla Firefox.lnk [Bad : http://www.yeadesktop.com/](.Mozilla Corporation.) =>PUP.Optional.Zusy
FOUND folder: C:\Users\Adrian\AppData\Roaming\UCChannel =>.SUP.UCBrowser
FOUND folder: C:\Users\Adrian\AppData\Roaming\vnlgp =>PUP.Optional.BitCoinMiner
---\\ Hosts file (1)
~ The hosts file is legitimate (36)
---\\ Scheduled automatic tasks. (0)
~ No malicious or unnecessary items found.
---\\ Explorer ( File, Folder) (21)
FOUND file: C:\Windows\System32\Tasks\Online Application V2G1 =>.SUP.Microleaves
FOUND file: C:\Windows\System32\Tasks\Online Application V2G3 =>.SUP.Microleaves
FOUND file: C:\Windows\System32\Tasks\Online Application V2G2 =>.SUP.Microleaves
FOUND file: C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.yeadesktop.com_0.localstorage =>PUP.Optional.Zusy
FOUND file: C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.yeadesktop.com_0.localstorage-journal =>PUP.Optional.Zusy
FOUND file: C:\Windows\System32\LanmaMasterHelp.dll =>PUP.Optional.ChinAd
FOUND file: C:\Windows\System32\Drivers\lanmamaster.sys =>PUP.Optional.ChinAd
FOUND file: C:\Program Files (x86)\YeaDesktop\Setup.exe [TODO: <公司名> - TODO: <文件说明>] =>PUP.Optional.Zusy
FOUND folder: C:\Program Files (x86)\Disc Soft\DAEMON Tools Lite =>.SUP.Empty
FOUND folder: C:\Program Files (x86)\Microleaves\Online Application =>.SUP.Microleaves
FOUND folder: C:\Program Files (x86)\Disc Soft =>.SUP.Empty
FOUND folder: C:\Program Files (x86)\Microleaves =>.SUP.Microleaves
FOUND folder: C:\Program Files (x86)\Passcape =>.SUP.Empty
FOUND folder: C:\Program Files (x86)\YeaDesktop =>PUP.Optional.Zusy
FOUND folder: C:\ProgramData\Microleaves\Online Application =>.SUP.Microleaves
FOUND folder: C:\ProgramData\Microleaves =>.SUP.Microleaves
FOUND folder: C:\Users\Adrian\AppData\Roaming\Microleaves\Online Application 2.6.0 =>.SUP.Microleaves
FOUND folder: C:\Users\Adrian\AppData\Roaming\Microleaves =>.SUP.Microleaves
FOUND folder: C:\Users\Adrian\AppData\Local\AdvinstAnalytics =>.SUP.Various
FOUND folder: C:\Users\Adrian\AppData\Roaming\vnlgp =>PUP.Optional.BitCoinMiner
FOUND folder: C:\Users\Adrian\AppData\Roaming\UCChannel =>.SUP.UCBrowser
---\\ Registry ( Key, Value, Data) (37)
FOUND key: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\SystemCertificates\Disallowed\Certificates\1916A2AF346D399F50313C393200F14140456616 [Avast Software] =>PUM.Misplaced.Certificate
FOUND key: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\SystemCertificates\Disallowed\Certificates\2A83E9020591A55FC6DDAD3FB102794C52B24E70 [Avast Software] =>PUM.Misplaced.Certificate
FOUND key: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\SystemCertificates\Disallowed\Certificates\2B84BFBB34EE2EF949FE1CBE30AA026416EB2216 [Avast Software] =>PUM.Misplaced.Certificate
FOUND key: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\SystemCertificates\Disallowed\Certificates\305F8BD17AA2CBC483A4C41B19A39A0C75DA39D6 [Avast Software] =>PUM.Misplaced.Certificate
FOUND key: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\SystemCertificates\Disallowed\Certificates\367D4B3B4FCBBC0B767B2EC0CDB2A36EAB71A4EB [Avast Software] =>PUM.Misplaced.Certificate
FOUND key: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\SystemCertificates\Disallowed\Certificates\3A850044D8A195CD401A680C012CB0A3B5F8DC08 [Avast Software] =>PUM.Misplaced.Certificate
FOUND key: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\SystemCertificates\Disallowed\Certificates\40AA38731BD189F9CDB5B9DC35E2136F38777AF4 [Avast Software] =>PUM.Misplaced.Certificate
FOUND key: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\SystemCertificates\Disallowed\Certificates\43D9BCB568E039D073A74A71D8511F7476089CC3 [Avast Software] =>PUM.Misplaced.Certificate
FOUND key: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\SystemCertificates\Disallowed\Certificates\471C949A8143DB5AD5CDF1C972864A2504FA23C9 [Avast Software] =>PUM.Misplaced.Certificate
FOUND key: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\SystemCertificates\Disallowed\Certificates\51C3247D60F356C7CA3BAF4C3F429DAC93EE7B74 [Avast Software] =>PUM.Misplaced.Certificate
FOUND key: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\SystemCertificates\Disallowed\Certificates\5DE83EE82AC5090AEA9D6AC4E7A6E213F946E179 [Avast Software] =>PUM.Misplaced.Certificate
FOUND key: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\SystemCertificates\Disallowed\Certificates\61793FCBFA4F9008309BBA5FF12D2CB29CD4151A [Avast Software] =>PUM.Misplaced.Certificate
FOUND key: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\SystemCertificates\Disallowed\Certificates\637162CC59A3A1E25956FA5FA8F60D2E1C52EAC6 [Avast Software] =>PUM.Misplaced.Certificate
FOUND key: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\SystemCertificates\Disallowed\Certificates\63FEAE960BAA91E343CE2BD8B71798C76BDB77D0 [Avast Software] =>PUM.Misplaced.Certificate
FOUND key: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\SystemCertificates\Disallowed\Certificates\6431723036FD26DEA502792FA595922493030F97 [Avast Software] =>PUM.Misplaced.Certificate
FOUND key: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\SystemCertificates\Disallowed\Certificates\7D7F4414CCEF168ADF6BF40753B5BECD78375931 [Avast Software] =>PUM.Misplaced.Certificate
FOUND key: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\SystemCertificates\Disallowed\Certificates\80962AE4D6C5B442894E95A13E4A699E07D694CF [Avast Software] =>PUM.Misplaced.Certificate
FOUND key: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\SystemCertificates\Disallowed\Certificates\86E817C81A5CA672FE000F36F878C19518D6F844 [Avast Software] =>PUM.Misplaced.Certificate
FOUND key: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\SystemCertificates\Disallowed\Certificates\8E5BD50D6AE686D65252F843A9D4B96D197730AB [Avast Software] =>PUM.Misplaced.Certificate
FOUND key: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\SystemCertificates\Disallowed\Certificates\9845A431D51959CAF225322B4A4FE9F223CE6D15 [Avast Software] =>PUM.Misplaced.Certificate
FOUND key: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\SystemCertificates\Disallowed\Certificates\B533345D06F64516403C00DA03187D3BFEF59156 [Avast Software] =>PUM.Misplaced.Certificate
FOUND key: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\SystemCertificates\Disallowed\Certificates\B86E791620F759F17B8D25E38CA8BE32E7D5EAC2 [Avast Software] =>PUM.Misplaced.Certificate
FOUND key: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\SystemCertificates\Disallowed\Certificates\C060ED44CBD881BD0EF86C0BA287DDCF8167478C [Avast Software] =>PUM.Misplaced.Certificate
FOUND key: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\SystemCertificates\Disallowed\Certificates\CEA586B2CE593EC7D939898337C57814708AB2BE [Avast Software] =>PUM.Misplaced.Certificate
FOUND key: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\SystemCertificates\Disallowed\Certificates\D018B62DC518907247DF50925BB09ACF4A5CB3AD [Avast Software] =>PUM.Misplaced.Certificate
FOUND key: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\SystemCertificates\Disallowed\Certificates\F8A54E03AADC5692B850496A4C4630FFEAA29D83 [Avast Software] =>PUM.Misplaced.Certificate
FOUND key: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\SystemCertificates\Disallowed\Certificates\FA6660A94AB45F6A88C0D7874D89A863D74DEE97 [Avast Software] =>PUM.Misplaced.Certificate
FOUND key: [X64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{214639EF-E8FC-440D-A8AA-047497B1C43F} [C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe] =>.SUP.Microleaves
FOUND key: [X64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8E6C524A-9FAA-4BB2-B3E4-7055C74EAACA} [C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe] =>.SUP.Microleaves
FOUND key: [X64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DD2AFA88-CD03-4481-A0AA-30DBC598780F} [C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe] =>.SUP.Microleaves
FOUND key: HKEY_USERS\S-1-5-21-4055709356-1465872850-4113285666-1000\SOFTWARE\Vkontakte.dj [] =>.SUP.VkontakteDJ
FOUND key: HKEY_USERS\S-1-5-21-4055709356-1465872850-4113285666-1000\SOFTWARE\YeaDesktop [] =>PUP.Optional.Zusy
FOUND key: HKCU\Software\Vkontakte.dj [] =>.SUP.VkontakteDJ
FOUND key: HKCU\Software\YeaDesktop [] =>PUP.Optional.Zusy
FOUND key: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\23E4C6D00564386418B357E6097ECF3E [02:\Software\Microleaves\ (Not File)] =>.SUP.Microleaves
FOUND key: [X64] HKLM\SOFTWARE\Wow6432Node\Microleaves [] =>.SUP.Microleaves
FOUND key: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{5266F634-7B7D-4537-BDDC-98DD6CFCBAA1} [Microleaves] =>.SUP.Microleaves
---\\ Summary of the elements found (10)
https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>Adware.Wizzcaster
https://www.anti-malware.top/2016/05/17/adware-zusy/ =>PUP.Optional.Zusy
https://nicolascoolman.eu/2017/03/04/superfluous-ucbrowser/ =>.SUP.UCBrowser
https://www.nicolascoolman.com/fr/trojan-bitcoinminer/ =>PUP.Optional.BitCoinMiner
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.SUP.Microleaves
https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>PUP.Optional.ChinAd
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.SUP.Empty
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.SUP.Various
https://nicolascoolman.eu/2017/06/26/trojan-certlock/ =>PUM.Misplaced.Certificate
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.SUP.VkontakteDJ
---\\ Result of repair
~ Any repair made
---\\ Statistics
~ Items scanned : 61306
~ Items found : 66
~ Items cancelled : 0
~ Items repaired : 0
~ End of search in 23h53mn51s
~====================
ZHPCleaner-[R]-05062016-17_23_01.txt
ZHPCleaner-[R]-07092017-17_37_32.txt
ZHPCleaner-[S]-07092017-17_31_50.txt
ZHPCleaner-[S]-09092017-09_34_03.txt
~ Run by Adrian (Administrator) (08/09/2017 09:40:12)
~ Web: https://www.nicolascoolman.com
~ Blog: https://nicolascoolman.eu/
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Version KO
~ Certificate ZHPCleaner: Legal
~ Type : Scan
~ Report : C:\Users\Adrian\Desktop\ZHPCleaner.txt
~ Quarantine : C:\Users\Adrian\AppData\Roaming\ZHP\ZHPCleaner_Reg.txt
~ UAC : Deactivate
~ Boot Mode : Normal (Normal boot)
Windows 7 Professional, 64-bit Service Pack 1 (Build 7601)
---\\ Services (0)
~ No malicious or unnecessary items found.
---\\ Browser internet (6)
FOUND folder: C:\Program Files (x86)\Mozilla Firefox\browser\extensions\afproxy@anchorfree.com =>Adware.Wizzcaster
FOUND Google Chrome Preferences: "http://www.yeadesktop.com/" =>PUP.Optional.Zusy
FOUND Desktop: C:\Users\Public\Desktop\Google Chrome.lnk [Bad : http://www.yeadesktop.com/](.Google Inc..) =>PUP.Optional.Zusy
FOUND Desktop: C:\Users\Public\Desktop\Mozilla Firefox.lnk [Bad : http://www.yeadesktop.com/](.Mozilla Corporation.) =>PUP.Optional.Zusy
FOUND folder: C:\Users\Adrian\AppData\Roaming\UCChannel =>.SUP.UCBrowser
FOUND folder: C:\Users\Adrian\AppData\Roaming\vnlgp =>PUP.Optional.BitCoinMiner
---\\ Hosts file (1)
~ The hosts file is legitimate (36)
---\\ Scheduled automatic tasks. (0)
~ No malicious or unnecessary items found.
---\\ Explorer ( File, Folder) (21)
FOUND file: C:\Windows\System32\Tasks\Online Application V2G1 =>.SUP.Microleaves
FOUND file: C:\Windows\System32\Tasks\Online Application V2G3 =>.SUP.Microleaves
FOUND file: C:\Windows\System32\Tasks\Online Application V2G2 =>.SUP.Microleaves
FOUND file: C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.yeadesktop.com_0.localstorage =>PUP.Optional.Zusy
FOUND file: C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.yeadesktop.com_0.localstorage-journal =>PUP.Optional.Zusy
FOUND file: C:\Windows\System32\LanmaMasterHelp.dll =>PUP.Optional.ChinAd
FOUND file: C:\Windows\System32\Drivers\lanmamaster.sys =>PUP.Optional.ChinAd
FOUND file: C:\Program Files (x86)\YeaDesktop\Setup.exe [TODO: <公司名> - TODO: <文件说明>] =>PUP.Optional.Zusy
FOUND folder: C:\Program Files (x86)\Disc Soft\DAEMON Tools Lite =>.SUP.Empty
FOUND folder: C:\Program Files (x86)\Microleaves\Online Application =>.SUP.Microleaves
FOUND folder: C:\Program Files (x86)\Disc Soft =>.SUP.Empty
FOUND folder: C:\Program Files (x86)\Microleaves =>.SUP.Microleaves
FOUND folder: C:\Program Files (x86)\Passcape =>.SUP.Empty
FOUND folder: C:\Program Files (x86)\YeaDesktop =>PUP.Optional.Zusy
FOUND folder: C:\ProgramData\Microleaves\Online Application =>.SUP.Microleaves
FOUND folder: C:\ProgramData\Microleaves =>.SUP.Microleaves
FOUND folder: C:\Users\Adrian\AppData\Roaming\Microleaves\Online Application 2.6.0 =>.SUP.Microleaves
FOUND folder: C:\Users\Adrian\AppData\Roaming\Microleaves =>.SUP.Microleaves
FOUND folder: C:\Users\Adrian\AppData\Local\AdvinstAnalytics =>.SUP.Various
FOUND folder: C:\Users\Adrian\AppData\Roaming\vnlgp =>PUP.Optional.BitCoinMiner
FOUND folder: C:\Users\Adrian\AppData\Roaming\UCChannel =>.SUP.UCBrowser
---\\ Registry ( Key, Value, Data) (37)
FOUND key: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\SystemCertificates\Disallowed\Certificates\1916A2AF346D399F50313C393200F14140456616 [Avast Software] =>PUM.Misplaced.Certificate
FOUND key: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\SystemCertificates\Disallowed\Certificates\2A83E9020591A55FC6DDAD3FB102794C52B24E70 [Avast Software] =>PUM.Misplaced.Certificate
FOUND key: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\SystemCertificates\Disallowed\Certificates\2B84BFBB34EE2EF949FE1CBE30AA026416EB2216 [Avast Software] =>PUM.Misplaced.Certificate
FOUND key: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\SystemCertificates\Disallowed\Certificates\305F8BD17AA2CBC483A4C41B19A39A0C75DA39D6 [Avast Software] =>PUM.Misplaced.Certificate
FOUND key: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\SystemCertificates\Disallowed\Certificates\367D4B3B4FCBBC0B767B2EC0CDB2A36EAB71A4EB [Avast Software] =>PUM.Misplaced.Certificate
FOUND key: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\SystemCertificates\Disallowed\Certificates\3A850044D8A195CD401A680C012CB0A3B5F8DC08 [Avast Software] =>PUM.Misplaced.Certificate
FOUND key: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\SystemCertificates\Disallowed\Certificates\40AA38731BD189F9CDB5B9DC35E2136F38777AF4 [Avast Software] =>PUM.Misplaced.Certificate
FOUND key: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\SystemCertificates\Disallowed\Certificates\43D9BCB568E039D073A74A71D8511F7476089CC3 [Avast Software] =>PUM.Misplaced.Certificate
FOUND key: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\SystemCertificates\Disallowed\Certificates\471C949A8143DB5AD5CDF1C972864A2504FA23C9 [Avast Software] =>PUM.Misplaced.Certificate
FOUND key: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\SystemCertificates\Disallowed\Certificates\51C3247D60F356C7CA3BAF4C3F429DAC93EE7B74 [Avast Software] =>PUM.Misplaced.Certificate
FOUND key: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\SystemCertificates\Disallowed\Certificates\5DE83EE82AC5090AEA9D6AC4E7A6E213F946E179 [Avast Software] =>PUM.Misplaced.Certificate
FOUND key: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\SystemCertificates\Disallowed\Certificates\61793FCBFA4F9008309BBA5FF12D2CB29CD4151A [Avast Software] =>PUM.Misplaced.Certificate
FOUND key: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\SystemCertificates\Disallowed\Certificates\637162CC59A3A1E25956FA5FA8F60D2E1C52EAC6 [Avast Software] =>PUM.Misplaced.Certificate
FOUND key: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\SystemCertificates\Disallowed\Certificates\63FEAE960BAA91E343CE2BD8B71798C76BDB77D0 [Avast Software] =>PUM.Misplaced.Certificate
FOUND key: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\SystemCertificates\Disallowed\Certificates\6431723036FD26DEA502792FA595922493030F97 [Avast Software] =>PUM.Misplaced.Certificate
FOUND key: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\SystemCertificates\Disallowed\Certificates\7D7F4414CCEF168ADF6BF40753B5BECD78375931 [Avast Software] =>PUM.Misplaced.Certificate
FOUND key: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\SystemCertificates\Disallowed\Certificates\80962AE4D6C5B442894E95A13E4A699E07D694CF [Avast Software] =>PUM.Misplaced.Certificate
FOUND key: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\SystemCertificates\Disallowed\Certificates\86E817C81A5CA672FE000F36F878C19518D6F844 [Avast Software] =>PUM.Misplaced.Certificate
FOUND key: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\SystemCertificates\Disallowed\Certificates\8E5BD50D6AE686D65252F843A9D4B96D197730AB [Avast Software] =>PUM.Misplaced.Certificate
FOUND key: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\SystemCertificates\Disallowed\Certificates\9845A431D51959CAF225322B4A4FE9F223CE6D15 [Avast Software] =>PUM.Misplaced.Certificate
FOUND key: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\SystemCertificates\Disallowed\Certificates\B533345D06F64516403C00DA03187D3BFEF59156 [Avast Software] =>PUM.Misplaced.Certificate
FOUND key: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\SystemCertificates\Disallowed\Certificates\B86E791620F759F17B8D25E38CA8BE32E7D5EAC2 [Avast Software] =>PUM.Misplaced.Certificate
FOUND key: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\SystemCertificates\Disallowed\Certificates\C060ED44CBD881BD0EF86C0BA287DDCF8167478C [Avast Software] =>PUM.Misplaced.Certificate
FOUND key: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\SystemCertificates\Disallowed\Certificates\CEA586B2CE593EC7D939898337C57814708AB2BE [Avast Software] =>PUM.Misplaced.Certificate
FOUND key: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\SystemCertificates\Disallowed\Certificates\D018B62DC518907247DF50925BB09ACF4A5CB3AD [Avast Software] =>PUM.Misplaced.Certificate
FOUND key: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\SystemCertificates\Disallowed\Certificates\F8A54E03AADC5692B850496A4C4630FFEAA29D83 [Avast Software] =>PUM.Misplaced.Certificate
FOUND key: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\SystemCertificates\Disallowed\Certificates\FA6660A94AB45F6A88C0D7874D89A863D74DEE97 [Avast Software] =>PUM.Misplaced.Certificate
FOUND key: [X64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{214639EF-E8FC-440D-A8AA-047497B1C43F} [C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe] =>.SUP.Microleaves
FOUND key: [X64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8E6C524A-9FAA-4BB2-B3E4-7055C74EAACA} [C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe] =>.SUP.Microleaves
FOUND key: [X64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DD2AFA88-CD03-4481-A0AA-30DBC598780F} [C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe] =>.SUP.Microleaves
FOUND key: HKEY_USERS\S-1-5-21-4055709356-1465872850-4113285666-1000\SOFTWARE\Vkontakte.dj [] =>.SUP.VkontakteDJ
FOUND key: HKEY_USERS\S-1-5-21-4055709356-1465872850-4113285666-1000\SOFTWARE\YeaDesktop [] =>PUP.Optional.Zusy
FOUND key: HKCU\Software\Vkontakte.dj [] =>.SUP.VkontakteDJ
FOUND key: HKCU\Software\YeaDesktop [] =>PUP.Optional.Zusy
FOUND key: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\23E4C6D00564386418B357E6097ECF3E [02:\Software\Microleaves\ (Not File)] =>.SUP.Microleaves
FOUND key: [X64] HKLM\SOFTWARE\Wow6432Node\Microleaves [] =>.SUP.Microleaves
FOUND key: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{5266F634-7B7D-4537-BDDC-98DD6CFCBAA1} [Microleaves] =>.SUP.Microleaves
---\\ Summary of the elements found (10)
https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>Adware.Wizzcaster
https://www.anti-malware.top/2016/05/17/adware-zusy/ =>PUP.Optional.Zusy
https://nicolascoolman.eu/2017/03/04/superfluous-ucbrowser/ =>.SUP.UCBrowser
https://www.nicolascoolman.com/fr/trojan-bitcoinminer/ =>PUP.Optional.BitCoinMiner
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.SUP.Microleaves
https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>PUP.Optional.ChinAd
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.SUP.Empty
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.SUP.Various
https://nicolascoolman.eu/2017/06/26/trojan-certlock/ =>PUM.Misplaced.Certificate
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.SUP.VkontakteDJ
---\\ Result of repair
~ Any repair made
---\\ Statistics
~ Items scanned : 61306
~ Items found : 66
~ Items cancelled : 0
~ Items repaired : 0
~ End of search in 23h53mn51s
~====================
ZHPCleaner-[R]-05062016-17_23_01.txt
ZHPCleaner-[R]-07092017-17_37_32.txt
ZHPCleaner-[S]-07092017-17_31_50.txt
ZHPCleaner-[S]-09092017-09_34_03.txt