Publicité
Publicité
Format du document : text/plain
Prévisualisation
~ ZHPCleaner v2018.3.31.56 by Nicolas Coolman (2018/03/31)
~ Run by Myriam (Administrator) (31/03/2018 11:54:29)
~ Web: https://www.nicolascoolman.com
~ Blog: https://nicolascoolman.eu/
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Version OK
~ Certificate ZHPCleaner: Legal
~ Type : Scan
~ Report : C:\Users\Myriam\Desktop\ZHPCleaner.txt
~ Quarantine : C:\Users\Myriam\AppData\Roaming\ZHP\ZHPCleaner_Reg.txt
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
Windows 8, 64-bit (Build 9200)
---\\ Alternate Data Stream (ADS). (0)
~ No malicious or unnecessary items found.
---\\ Services (0)
~ No malicious or unnecessary items found.
---\\ Browser internet (29)
FOUND: [auux7g6s.default-1378140617709] - user_pref("extensions.irmysearch.aflt", "dnld2msd"); =>PUP.Optional.MyWebSearch
FOUND: [auux7g6s.default-1378140617709] - user_pref("extensions.irmysearch.cd", "2XzuyEtN2Y1L1Qzu0CtD0DzyyCtByCyC0B0D0FtA0D0F0AyEtN0D0Tzu0CyCt[...] =>PUP.Optional.MyWebSearch
FOUND: [auux7g6s.default-1378140617709] - user_pref("extensions.irmysearch.cr", "298223812"); =>PUP.Optional.MyWebSearch
FOUND: [auux7g6s.default-1378140617709] - user_pref("extensions.irmysearch.instlRef", ""); =>PUP.Optional.MyWebSearch
FOUND: [auux7g6s.default-1378140617709] - user_pref("extensions.mysearchdial.aflt", "dnld2msd"); =>Adware.MySearchDial
FOUND: [auux7g6s.default-1378140617709] - user_pref("extensions.mysearchdial.appId", "{CA5CAA63-B27C-4963-9BEC-CB16A36D56F8}"); =>Adware.MySearchDial
FOUND: [auux7g6s.default-1378140617709] - user_pref("extensions.mysearchdial.cd", "2XzuyEtN2Y1L1Qzu0CtD0DzyyCtByCyC0B0D0FtA0D0F0AyEtN0D0Tzu0Cy[...] =>Adware.MySearchDial
FOUND: [auux7g6s.default-1378140617709] - user_pref("extensions.mysearchdial.cr", "298223812"); =>Adware.MySearchDial
FOUND: [auux7g6s.default-1378140617709] - user_pref("extensions.mysearchdial.dfltLng", ""); =>Adware.MySearchDial
FOUND: [auux7g6s.default-1378140617709] - user_pref("extensions.mysearchdial.dfltSrch", true); =>Adware.MySearchDial
FOUND: [auux7g6s.default-1378140617709] - user_pref("extensions.mysearchdial.dnsErr", true); =>Adware.MySearchDial
FOUND: [auux7g6s.default-1378140617709] - user_pref("extensions.mysearchdial.excTlbr", false); =>Adware.MySearchDial
FOUND: [auux7g6s.default-1378140617709] - user_pref("extensions.mysearchdial.hmpg", true); =>Adware.MySearchDial
FOUND: [auux7g6s.default-1378140617709] - user_pref("extensions.mysearchdial.hmpgUrl", "http://start.mysearchdial.com/?f=1&a=dnld2msd&cd=2Xzuy[...] =>Adware.MySearchDial
FOUND: [auux7g6s.default-1378140617709] - user_pref("extensions.mysearchdial.id", "C0D96266BDF3DFA4"); =>Adware.MySearchDial
FOUND: [auux7g6s.default-1378140617709] - user_pref("extensions.mysearchdial.instlDay", "15955"); =>Adware.MySearchDial
FOUND: [auux7g6s.default-1378140617709] - user_pref("extensions.mysearchdial.instlRef", ""); =>Adware.MySearchDial
FOUND: [auux7g6s.default-1378140617709] - user_pref("extensions.mysearchdial.newTabUrl", "http://start.mysearchdial.com/?f=2&a=dnld2msd&cd=2Xz[...] =>Adware.MySearchDial
FOUND: [auux7g6s.default-1378140617709] - user_pref("extensions.mysearchdial.prdct", "mysearchdial"); =>Adware.MySearchDial
FOUND: [auux7g6s.default-1378140617709] - user_pref("extensions.mysearchdial.prtnrId", "mysearchdial"); =>Adware.MySearchDial
FOUND: [auux7g6s.default-1378140617709] - user_pref("extensions.mysearchdial.srchPrvdr", "Mysearchdial"); =>Adware.MySearchDial
FOUND: [auux7g6s.default-1378140617709] - user_pref("extensions.mysearchdial.tlbrId", "base"); =>Adware.MySearchDial
FOUND: [auux7g6s.default-1378140617709] - user_pref("extensions.mysearchdial.tlbrSrchUrl", "http://start.mysearchdial.com/?f=3&a=dnld2msd&cd=2[...] =>Adware.MySearchDial
FOUND: [auux7g6s.default-1378140617709] - user_pref("extensions.mysearchdial.vrsn", ""); =>Adware.MySearchDial
FOUND: [auux7g6s.default-1378140617709] - user_pref("extensions.mysearchdial.vrsni", ""); =>Adware.MySearchDial
FOUND: [auux7g6s.default-1378140617709] - user_pref("extensions.mysearchdial_i.hmpg", true); =>Adware.MySearchDial
FOUND: [auux7g6s.default-1378140617709] - user_pref("extensions.mysearchdial_i.newTab", false); =>Adware.MySearchDial
FOUND: [auux7g6s.default-1378140617709] - user_pref("extensions.mysearchdial_i.smplGrp", "none"); =>Adware.MySearchDial
FOUND: [auux7g6s.default-1378140617709] - user_pref("extensions.mysearchdial_i.vrsnTs", "19:42:11"); =>Adware.MySearchDial
---\\ Hosts file (1)
~ The hosts file is legitimate (1)
---\\ Scheduled automatic tasks. (0)
~ No malicious or unnecessary items found.
---\\ Explorer ( File, Folder) (29)
FOUND file: C:\Users\Myriam\AppData\Roaming\Mozilla\Firefox\Profiles\auux7g6s.default-1378140617709\storage\default\https+++www.trainingmask.com\.metadata =>Toolbar.Ask
FOUND file: C:\Users\Myriam\AppData\Roaming\Mozilla\Firefox\Profiles\auux7g6s.default-1378140617709\storage\default\https+++www.trainingmask.com\.metadata-v2 =>Toolbar.Ask
FOUND file: C:\Users\Myriam\AppData\Roaming\Mozilla\Firefox\Profiles\auux7g6s.default-1378140617709\storage\default\https+++www.trainingmask.com\idb\3166459941jsu.sqlite =>Toolbar.Ask
FOUND file: C:\Users\Myriam\AppData\Roaming\Mozilla\Firefox\Profiles\auux7g6s.default-1378140617709\storage\default\http+++gameofthrones.wikia.com\.metadata =>.SUP.IronSourceLtd
FOUND file: C:\Users\Myriam\AppData\Roaming\Mozilla\Firefox\Profiles\auux7g6s.default-1378140617709\storage\default\http+++gameofthrones.wikia.com\.metadata-v2 =>.SUP.IronSourceLtd
FOUND file: C:\Users\Myriam\AppData\Roaming\Mozilla\Firefox\Profiles\auux7g6s.default-1378140617709\storage\default\http+++gameofthrones.wikia.com\idb\301792106ttes.sqlite =>.SUP.IronSourceLtd
FOUND folder: C:\Users\Myriam\AppData\Roaming\PDAppFlex =>Trojan.Elpman
FOUND file: C:\Windows\Prefetch\ADVANCED SYSTEMCARE.TMP-C97357D3.pf =>.SUP.AdvancedSystemCare
FOUND file: C:\Windows\Prefetch\SEARCHSETTINGS64.EXE-E621C75D.pf =>PUP.Optional.SearchSettings
FOUND file: C:\Program Files (x86)\Application Updater\config.ini =>PUP.Optional.Dealio
FOUND folder: C:\Program Files (x86)\IObit Apps Toolbar\FF =>PUP.Optional.Dealio
FOUND folder: C:\Program Files (x86)\IObit Apps Toolbar\IE =>PUP.Optional.Dealio
FOUND folder: C:\Program Files (x86)\IObit Apps Toolbar\Res =>PUP.Optional.Dealio
FOUND folder: C:\Program Files (x86)\Application Updater =>PUP.Optional.Dealio
FOUND folder: C:\Program Files (x86)\IObit Apps Toolbar =>PUP.Optional.Dealio
FOUND folder: C:\windows\System32\config\systemprofile\AppData\LocalLow\Application Updater\res =>PUP.Optional.Dealio
FOUND folder: C:\windows\System32\config\systemprofile\AppData\LocalLow\Application Updater\temp =>PUP.Optional.Dealio
FOUND folder: C:\windows\System32\config\systemprofile\AppData\LocalLow\Application Updater =>PUP.Optional.Dealio
FOUND folder: C:\windows\SysWOW64\config\systemprofile\AppData\LocalLow\Application Updater\res =>PUP.Optional.Dealio
FOUND folder: C:\windows\SysWOW64\config\systemprofile\AppData\LocalLow\Application Updater\temp =>PUP.Optional.Dealio
FOUND folder: C:\windows\SysWOW64\config\systemprofile\AppData\LocalLow\Application Updater =>PUP.Optional.Dealio
FOUND folder: C:\Program Files (x86)\Common Files\IObit\Advanced SystemCare =>.SUP.AdvancedSystemCare
FOUND folder: C:\ProgramData\IObit\Advanced SystemCare =>.SUP.AdvancedSystemCare
FOUND folder: C:\ProgramData\Application Data\IObit\ASCDownloader =>.SUP.AdvancedSystemCare
FOUND folder: C:\ProgramData\IObit\ASCDownloader =>.SUP.AdvancedSystemCare
FOUND folder: C:\ProgramData\Application Data\IObit\Advanced SystemCare =>.SUP.AdvancedSystemCare
FOUND folder: C:\Users\Myriam\AppData\LocalLow\IObit\Advanced SystemCare =>.SUP.AdvancedSystemCare
FOUND folder: C:\Users\Myriam\AppData\Roaming\IObit\Advanced SystemCare =>.SUP.AdvancedSystemCare
FOUND folder: C:\windows\SysWOW64\config\systemprofile\AppData\Roaming\IObit\Advanced SystemCare =>.SUP.AdvancedSystemCare
---\\ Registry ( Key, Value, Data) (23)
FOUND key: HKEY_USERS\S-1-5-21-2870124582-2670056687-1688047813-1001\SOFTWARE\IObit Apps [] =>PUP.Optional.Dealio
FOUND key: HKCU\Software\IObit Apps [] =>PUP.Optional.Dealio
FOUND key: HKCU\Software\AppDataLow\Software\IObit Apps [] =>PUP.Optional.Dealio
FOUND key: HKLM\SOFTWARE\IObit\RealTimeProtector [] =>.SUP.AdvancedSystemCare
FOUND key: HKLM\SOFTWARE\IObit\Advanced SystemCare [] =>.SUP.AdvancedSystemCare
FOUND key: HKLM\SOFTWARE\Iobit\ASC [] =>.SUP.AdvancedSystemCare
FOUND key: [X64] HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE [] =>PUP.Optional.VShareRedir
FOUND key: [X64] HKLM\SOFTWARE\Classes\AppID\esrv.EXE [] =>PUP.Optional.Funmoods
FOUND key: [X64] HKLM\SOFTWARE\Classes\AppID\{C292AD0A-C11F-479B-B8DB-743E72D283B0} [esrv] =>Adware.MySearchDial
FOUND key: [X64] HKLM\Software\Classes\Installer\Products\191089AC088C2B64788B2A7C6165DAF3 [IObit Apps Toolbar v7.6] =>PUP.Optional.Dealio
FOUND key: HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WebCakeUpdaterService [] =>PUP.Optional.WebCake
FOUND key: [X64] HKLM\SOFTWARE\Microsoft\Tracing\updateluckyleap_RASAPI32 [] =>PUP.Optional.LuckyLeap
FOUND key: [X64] HKLM\SOFTWARE\Microsoft\Tracing\updateluckyleap_RASMANCS [] =>PUP.Optional.LuckyLeap
FOUND key: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0338237183FFAC54ABE91AFF69A1ED42 [C:\?Program Files (x86)\IObit Apps Toolbar\FF\chrome\chrome.jar (Not File)] =>PUP.Optional.Dealio
FOUND key: [X64] HKLM\SOFTWARE\Wow6432Node\IObit Apps [] =>PUP.Optional.Dealio
FOUND key: [X64] HKLM\SOFTWARE\Wow6432Node\Classes\AppID\ScriptHelper.EXE [] =>PUP.Optional.VShareRedir
FOUND key: [X64] HKLM\SOFTWARE\Wow6432Node\Classes\AppID\esrv.EXE [] =>PUP.Optional.Funmoods
FOUND key: [X64] HKLM\SOFTWARE\Wow6432Node\Classes\AppID\{C292AD0A-C11F-479B-B8DB-743E72D283B0} [esrv] =>Adware.MySearchDial
FOUND key: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{CA980191-C880-46B2-87B8-A2C71656AD3F} [Spigot, Inc.] =>PUP.Optional.Dealio
FOUND key: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\WebCakeDesktop_RASAPI32 [] =>PUP.Optional.WebCake
FOUND key: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\WebCakeDesktop_RASMANCS [] =>PUP.Optional.WebCake
FOUND value: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run\\Advanced SystemCare 6 [0x020000000000000000000000] =>.SUP.AdvancedSystemCare
FOUND value: HKEY_USERS\S-1-5-21-2870124582-2670056687-1688047813-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run\\Advanced SystemCare 6 [0x020000000000000000000000] =>.SUP.AdvancedSystemCare
---\\ Summary of the elements found (12)
https://nicolascoolman.eu/2017/12/17/adware-mywebsearch/ =>PUP.Optional.MyWebSearch
https://nicolascoolman.eu/2017/12/23/adware-mysearchdial/ =>Adware.MySearchDial
https://nicolascoolman.eu/2017/02/28/toolbar-ask/ =>Toolbar.Ask
https://www.anti-malware.top/2016/05/02/superfluous-ironsourceltd/ =>.SUP.IronSourceLtd
https://nicolascoolman.eu/2017/09/23/trojan-elpman/ =>Trojan.Elpman
https://nicolascoolman.eu/2017/12/26/sup-advancedsystemcare/ =>.SUP.AdvancedSystemCare
https://www.nicolascoolman.com/fr/adware-searchsettings/ =>PUP.Optional.SearchSettings
https://www.nicolascoolman.com/fr/pup-dealio/ =>PUP.Optional.Dealio
https://www.nicolascoolman.com/fr/pup-vshareredir/ =>PUP.Optional.VShareRedir
https://www.nicolascoolman.com/fr/pup-funmoods/ =>PUP.Optional.Funmoods
https://www.nicolascoolman.com/fr/adware-webcake/ =>PUP.Optional.WebCake
https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>PUP.Optional.LuckyLeap
---\\ Result of repair
~ Any repair made
~ Browser not found (Google Chrome)
~ Browser not found (Opera Software)
---\\ Statistics
~ Items scanned : 79962
~ Items found : 88
~ Items cancelled : 0
~ Items options : 0/7
~ Space saving (bytes) : 0
~ End of search in 00h09mn39s
ZHPCleaner-[S]-31032018-12_04_08.txt
~ Run by Myriam (Administrator) (31/03/2018 11:54:29)
~ Web: https://www.nicolascoolman.com
~ Blog: https://nicolascoolman.eu/
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Version OK
~ Certificate ZHPCleaner: Legal
~ Type : Scan
~ Report : C:\Users\Myriam\Desktop\ZHPCleaner.txt
~ Quarantine : C:\Users\Myriam\AppData\Roaming\ZHP\ZHPCleaner_Reg.txt
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
Windows 8, 64-bit (Build 9200)
---\\ Alternate Data Stream (ADS). (0)
~ No malicious or unnecessary items found.
---\\ Services (0)
~ No malicious or unnecessary items found.
---\\ Browser internet (29)
FOUND: [auux7g6s.default-1378140617709] - user_pref("extensions.irmysearch.aflt", "dnld2msd"); =>PUP.Optional.MyWebSearch
FOUND: [auux7g6s.default-1378140617709] - user_pref("extensions.irmysearch.cd", "2XzuyEtN2Y1L1Qzu0CtD0DzyyCtByCyC0B0D0FtA0D0F0AyEtN0D0Tzu0CyCt[...] =>PUP.Optional.MyWebSearch
FOUND: [auux7g6s.default-1378140617709] - user_pref("extensions.irmysearch.cr", "298223812"); =>PUP.Optional.MyWebSearch
FOUND: [auux7g6s.default-1378140617709] - user_pref("extensions.irmysearch.instlRef", ""); =>PUP.Optional.MyWebSearch
FOUND: [auux7g6s.default-1378140617709] - user_pref("extensions.mysearchdial.aflt", "dnld2msd"); =>Adware.MySearchDial
FOUND: [auux7g6s.default-1378140617709] - user_pref("extensions.mysearchdial.appId", "{CA5CAA63-B27C-4963-9BEC-CB16A36D56F8}"); =>Adware.MySearchDial
FOUND: [auux7g6s.default-1378140617709] - user_pref("extensions.mysearchdial.cd", "2XzuyEtN2Y1L1Qzu0CtD0DzyyCtByCyC0B0D0FtA0D0F0AyEtN0D0Tzu0Cy[...] =>Adware.MySearchDial
FOUND: [auux7g6s.default-1378140617709] - user_pref("extensions.mysearchdial.cr", "298223812"); =>Adware.MySearchDial
FOUND: [auux7g6s.default-1378140617709] - user_pref("extensions.mysearchdial.dfltLng", ""); =>Adware.MySearchDial
FOUND: [auux7g6s.default-1378140617709] - user_pref("extensions.mysearchdial.dfltSrch", true); =>Adware.MySearchDial
FOUND: [auux7g6s.default-1378140617709] - user_pref("extensions.mysearchdial.dnsErr", true); =>Adware.MySearchDial
FOUND: [auux7g6s.default-1378140617709] - user_pref("extensions.mysearchdial.excTlbr", false); =>Adware.MySearchDial
FOUND: [auux7g6s.default-1378140617709] - user_pref("extensions.mysearchdial.hmpg", true); =>Adware.MySearchDial
FOUND: [auux7g6s.default-1378140617709] - user_pref("extensions.mysearchdial.hmpgUrl", "http://start.mysearchdial.com/?f=1&a=dnld2msd&cd=2Xzuy[...] =>Adware.MySearchDial
FOUND: [auux7g6s.default-1378140617709] - user_pref("extensions.mysearchdial.id", "C0D96266BDF3DFA4"); =>Adware.MySearchDial
FOUND: [auux7g6s.default-1378140617709] - user_pref("extensions.mysearchdial.instlDay", "15955"); =>Adware.MySearchDial
FOUND: [auux7g6s.default-1378140617709] - user_pref("extensions.mysearchdial.instlRef", ""); =>Adware.MySearchDial
FOUND: [auux7g6s.default-1378140617709] - user_pref("extensions.mysearchdial.newTabUrl", "http://start.mysearchdial.com/?f=2&a=dnld2msd&cd=2Xz[...] =>Adware.MySearchDial
FOUND: [auux7g6s.default-1378140617709] - user_pref("extensions.mysearchdial.prdct", "mysearchdial"); =>Adware.MySearchDial
FOUND: [auux7g6s.default-1378140617709] - user_pref("extensions.mysearchdial.prtnrId", "mysearchdial"); =>Adware.MySearchDial
FOUND: [auux7g6s.default-1378140617709] - user_pref("extensions.mysearchdial.srchPrvdr", "Mysearchdial"); =>Adware.MySearchDial
FOUND: [auux7g6s.default-1378140617709] - user_pref("extensions.mysearchdial.tlbrId", "base"); =>Adware.MySearchDial
FOUND: [auux7g6s.default-1378140617709] - user_pref("extensions.mysearchdial.tlbrSrchUrl", "http://start.mysearchdial.com/?f=3&a=dnld2msd&cd=2[...] =>Adware.MySearchDial
FOUND: [auux7g6s.default-1378140617709] - user_pref("extensions.mysearchdial.vrsn", ""); =>Adware.MySearchDial
FOUND: [auux7g6s.default-1378140617709] - user_pref("extensions.mysearchdial.vrsni", ""); =>Adware.MySearchDial
FOUND: [auux7g6s.default-1378140617709] - user_pref("extensions.mysearchdial_i.hmpg", true); =>Adware.MySearchDial
FOUND: [auux7g6s.default-1378140617709] - user_pref("extensions.mysearchdial_i.newTab", false); =>Adware.MySearchDial
FOUND: [auux7g6s.default-1378140617709] - user_pref("extensions.mysearchdial_i.smplGrp", "none"); =>Adware.MySearchDial
FOUND: [auux7g6s.default-1378140617709] - user_pref("extensions.mysearchdial_i.vrsnTs", "19:42:11"); =>Adware.MySearchDial
---\\ Hosts file (1)
~ The hosts file is legitimate (1)
---\\ Scheduled automatic tasks. (0)
~ No malicious or unnecessary items found.
---\\ Explorer ( File, Folder) (29)
FOUND file: C:\Users\Myriam\AppData\Roaming\Mozilla\Firefox\Profiles\auux7g6s.default-1378140617709\storage\default\https+++www.trainingmask.com\.metadata =>Toolbar.Ask
FOUND file: C:\Users\Myriam\AppData\Roaming\Mozilla\Firefox\Profiles\auux7g6s.default-1378140617709\storage\default\https+++www.trainingmask.com\.metadata-v2 =>Toolbar.Ask
FOUND file: C:\Users\Myriam\AppData\Roaming\Mozilla\Firefox\Profiles\auux7g6s.default-1378140617709\storage\default\https+++www.trainingmask.com\idb\3166459941jsu.sqlite =>Toolbar.Ask
FOUND file: C:\Users\Myriam\AppData\Roaming\Mozilla\Firefox\Profiles\auux7g6s.default-1378140617709\storage\default\http+++gameofthrones.wikia.com\.metadata =>.SUP.IronSourceLtd
FOUND file: C:\Users\Myriam\AppData\Roaming\Mozilla\Firefox\Profiles\auux7g6s.default-1378140617709\storage\default\http+++gameofthrones.wikia.com\.metadata-v2 =>.SUP.IronSourceLtd
FOUND file: C:\Users\Myriam\AppData\Roaming\Mozilla\Firefox\Profiles\auux7g6s.default-1378140617709\storage\default\http+++gameofthrones.wikia.com\idb\301792106ttes.sqlite =>.SUP.IronSourceLtd
FOUND folder: C:\Users\Myriam\AppData\Roaming\PDAppFlex =>Trojan.Elpman
FOUND file: C:\Windows\Prefetch\ADVANCED SYSTEMCARE.TMP-C97357D3.pf =>.SUP.AdvancedSystemCare
FOUND file: C:\Windows\Prefetch\SEARCHSETTINGS64.EXE-E621C75D.pf =>PUP.Optional.SearchSettings
FOUND file: C:\Program Files (x86)\Application Updater\config.ini =>PUP.Optional.Dealio
FOUND folder: C:\Program Files (x86)\IObit Apps Toolbar\FF =>PUP.Optional.Dealio
FOUND folder: C:\Program Files (x86)\IObit Apps Toolbar\IE =>PUP.Optional.Dealio
FOUND folder: C:\Program Files (x86)\IObit Apps Toolbar\Res =>PUP.Optional.Dealio
FOUND folder: C:\Program Files (x86)\Application Updater =>PUP.Optional.Dealio
FOUND folder: C:\Program Files (x86)\IObit Apps Toolbar =>PUP.Optional.Dealio
FOUND folder: C:\windows\System32\config\systemprofile\AppData\LocalLow\Application Updater\res =>PUP.Optional.Dealio
FOUND folder: C:\windows\System32\config\systemprofile\AppData\LocalLow\Application Updater\temp =>PUP.Optional.Dealio
FOUND folder: C:\windows\System32\config\systemprofile\AppData\LocalLow\Application Updater =>PUP.Optional.Dealio
FOUND folder: C:\windows\SysWOW64\config\systemprofile\AppData\LocalLow\Application Updater\res =>PUP.Optional.Dealio
FOUND folder: C:\windows\SysWOW64\config\systemprofile\AppData\LocalLow\Application Updater\temp =>PUP.Optional.Dealio
FOUND folder: C:\windows\SysWOW64\config\systemprofile\AppData\LocalLow\Application Updater =>PUP.Optional.Dealio
FOUND folder: C:\Program Files (x86)\Common Files\IObit\Advanced SystemCare =>.SUP.AdvancedSystemCare
FOUND folder: C:\ProgramData\IObit\Advanced SystemCare =>.SUP.AdvancedSystemCare
FOUND folder: C:\ProgramData\Application Data\IObit\ASCDownloader =>.SUP.AdvancedSystemCare
FOUND folder: C:\ProgramData\IObit\ASCDownloader =>.SUP.AdvancedSystemCare
FOUND folder: C:\ProgramData\Application Data\IObit\Advanced SystemCare =>.SUP.AdvancedSystemCare
FOUND folder: C:\Users\Myriam\AppData\LocalLow\IObit\Advanced SystemCare =>.SUP.AdvancedSystemCare
FOUND folder: C:\Users\Myriam\AppData\Roaming\IObit\Advanced SystemCare =>.SUP.AdvancedSystemCare
FOUND folder: C:\windows\SysWOW64\config\systemprofile\AppData\Roaming\IObit\Advanced SystemCare =>.SUP.AdvancedSystemCare
---\\ Registry ( Key, Value, Data) (23)
FOUND key: HKEY_USERS\S-1-5-21-2870124582-2670056687-1688047813-1001\SOFTWARE\IObit Apps [] =>PUP.Optional.Dealio
FOUND key: HKCU\Software\IObit Apps [] =>PUP.Optional.Dealio
FOUND key: HKCU\Software\AppDataLow\Software\IObit Apps [] =>PUP.Optional.Dealio
FOUND key: HKLM\SOFTWARE\IObit\RealTimeProtector [] =>.SUP.AdvancedSystemCare
FOUND key: HKLM\SOFTWARE\IObit\Advanced SystemCare [] =>.SUP.AdvancedSystemCare
FOUND key: HKLM\SOFTWARE\Iobit\ASC [] =>.SUP.AdvancedSystemCare
FOUND key: [X64] HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE [] =>PUP.Optional.VShareRedir
FOUND key: [X64] HKLM\SOFTWARE\Classes\AppID\esrv.EXE [] =>PUP.Optional.Funmoods
FOUND key: [X64] HKLM\SOFTWARE\Classes\AppID\{C292AD0A-C11F-479B-B8DB-743E72D283B0} [esrv] =>Adware.MySearchDial
FOUND key: [X64] HKLM\Software\Classes\Installer\Products\191089AC088C2B64788B2A7C6165DAF3 [IObit Apps Toolbar v7.6] =>PUP.Optional.Dealio
FOUND key: HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WebCakeUpdaterService [] =>PUP.Optional.WebCake
FOUND key: [X64] HKLM\SOFTWARE\Microsoft\Tracing\updateluckyleap_RASAPI32 [] =>PUP.Optional.LuckyLeap
FOUND key: [X64] HKLM\SOFTWARE\Microsoft\Tracing\updateluckyleap_RASMANCS [] =>PUP.Optional.LuckyLeap
FOUND key: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0338237183FFAC54ABE91AFF69A1ED42 [C:\?Program Files (x86)\IObit Apps Toolbar\FF\chrome\chrome.jar (Not File)] =>PUP.Optional.Dealio
FOUND key: [X64] HKLM\SOFTWARE\Wow6432Node\IObit Apps [] =>PUP.Optional.Dealio
FOUND key: [X64] HKLM\SOFTWARE\Wow6432Node\Classes\AppID\ScriptHelper.EXE [] =>PUP.Optional.VShareRedir
FOUND key: [X64] HKLM\SOFTWARE\Wow6432Node\Classes\AppID\esrv.EXE [] =>PUP.Optional.Funmoods
FOUND key: [X64] HKLM\SOFTWARE\Wow6432Node\Classes\AppID\{C292AD0A-C11F-479B-B8DB-743E72D283B0} [esrv] =>Adware.MySearchDial
FOUND key: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{CA980191-C880-46B2-87B8-A2C71656AD3F} [Spigot, Inc.] =>PUP.Optional.Dealio
FOUND key: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\WebCakeDesktop_RASAPI32 [] =>PUP.Optional.WebCake
FOUND key: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\WebCakeDesktop_RASMANCS [] =>PUP.Optional.WebCake
FOUND value: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run\\Advanced SystemCare 6 [0x020000000000000000000000] =>.SUP.AdvancedSystemCare
FOUND value: HKEY_USERS\S-1-5-21-2870124582-2670056687-1688047813-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run\\Advanced SystemCare 6 [0x020000000000000000000000] =>.SUP.AdvancedSystemCare
---\\ Summary of the elements found (12)
https://nicolascoolman.eu/2017/12/17/adware-mywebsearch/ =>PUP.Optional.MyWebSearch
https://nicolascoolman.eu/2017/12/23/adware-mysearchdial/ =>Adware.MySearchDial
https://nicolascoolman.eu/2017/02/28/toolbar-ask/ =>Toolbar.Ask
https://www.anti-malware.top/2016/05/02/superfluous-ironsourceltd/ =>.SUP.IronSourceLtd
https://nicolascoolman.eu/2017/09/23/trojan-elpman/ =>Trojan.Elpman
https://nicolascoolman.eu/2017/12/26/sup-advancedsystemcare/ =>.SUP.AdvancedSystemCare
https://www.nicolascoolman.com/fr/adware-searchsettings/ =>PUP.Optional.SearchSettings
https://www.nicolascoolman.com/fr/pup-dealio/ =>PUP.Optional.Dealio
https://www.nicolascoolman.com/fr/pup-vshareredir/ =>PUP.Optional.VShareRedir
https://www.nicolascoolman.com/fr/pup-funmoods/ =>PUP.Optional.Funmoods
https://www.nicolascoolman.com/fr/adware-webcake/ =>PUP.Optional.WebCake
https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>PUP.Optional.LuckyLeap
---\\ Result of repair
~ Any repair made
~ Browser not found (Google Chrome)
~ Browser not found (Opera Software)
---\\ Statistics
~ Items scanned : 79962
~ Items found : 88
~ Items cancelled : 0
~ Items options : 0/7
~ Space saving (bytes) : 0
~ End of search in 00h09mn39s
ZHPCleaner-[S]-31032018-12_04_08.txt