~ ZHPCleaner v2021.3.10.285 by Nicolas Coolman (2021/03/10)
~ Run by Liquori - Sapore (Administrator)  (15/03/2021 02:04:47)
~ Web: https://www.nicolascoolman.com
~ Blog: https://nicolascoolman.eu/
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : 
~ Type : Repair
~ Report : C:\Users\Liquori - Sapore\Desktop\ZHPCleaner (R).txt
~ Quarantine : C:\Users\Liquori - Sapore\AppData\Roaming\ZHP\ZHPCleaner_Reg.txt
~ System Restore Point : 
~ UAC : Deactivate
~ Boot Mode : Normal (Normal boot)
Windows 7 Professional, 64-bit Service Pack 1 (Build 7601)


---\\  Alternate Data Stream (ADS). (0)
~ No malicious or unnecessary items found.


---\\  Services (0)
~ No malicious or unnecessary items found.


---\\  Browser internet (0)
~ No malicious or unnecessary items found.


---\\  Hosts file (1)
~ The hosts file is legitimate (1)


---\\  Scheduled automatic tasks. (1)
DELETED task: [Adobe Flash Player Updater] [C:\Windows\Tasks\Adobe Flash Player Updater.job (Not File) ]  =>Riskware.FlashPlayer


---\\  Explorer ( File, Folder) (12)
MOVED file: C:\Users\Liquori - Sapore\AppData\Roaming\Mozilla\Firefox\Profiles\vkpebkdk.default-release\invalidprefs.js    =>PUP.Optional.Legacy
MOVED file: C:\Users\Liquori - Sapore\AppData\Local\Google\Chrome\User Data\Default\Preferences    =>Préférences Chromium
MOVED file: C:\Users\Liquori - Sapore\AppData\Local\Microsoft\Edge\User Data\Default\Preferences    =>Préférences Chromium
MOVED file: C:\Windows\Tasks\Adobe Flash Player Updater.job    =>Riskware.FlashPlayer
MOVED folder: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare  =>SUP.Optional.AdvancedSystemCare
MOVED folder: C:\Users\Liquori - Sapore\AppData\LocalLow\IObit\Advanced SystemCare  =>SUP.Optional.AdvancedSystemCare
MOVED folder: C:\Users\Liquori - Sapore\AppData\Roaming\IObit\Advanced SystemCare  =>SUP.Optional.AdvancedSystemCare
MOVED folder: C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\IObit\Advanced SystemCare  =>SUP.Optional.AdvancedSystemCare
MOVED folder: C:\Program Files (x86)\Common Files\IObit\Advanced SystemCare  =>SUP.Optional.AdvancedSystemCare
MOVED folder^: C:\ProgramData\IObit\Advanced SystemCare  =>SUP.Optional.AdvancedSystemCare
MOVED folder: C:\ProgramData\Application Data\IObit\ASCDownloader  =>SUP.Optional.AdvancedSystemCare
MOVED folder: C:\ProgramData\IObit\ASCDownloader  =>SUP.Optional.AdvancedSystemCare


---\\  Registry ( Key, Value, Data) (27)
DELETED key: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827} [http://eu.ask.com/web?q={searchterms}&l=dis&o=CMDTDF] [Ask.com]  =>Toolbar.Ask
DELETED key: [X64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827} [http://eu.ask.com/web?q={searchterms}&l=dis&o=CMDTDF] [Ask.com]  =>Toolbar.Ask
DELETED key: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827} [http://eu.ask.com/web?q={searchterms}&l=dis&o=CMDTDF] [Ask.com]  =>Toolbar.Ask
DELETED key**: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827} [http://eu.ask.com/web?q={searchterms}&l=dis&o=CMDTDF]  =>Toolbar.Ask
DELETED key**: [X64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827} [http://eu.ask.com/web?q={searchterms}&l=dis&o=CMDTDF]  =>Toolbar.Ask
DELETED key**: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827} [http://eu.ask.com/web?q={searchterms}&l=dis&o=CMDTDF]  =>Toolbar.Ask
DELETED key*: HKLM\SOFTWARE\Wow6432Node\IObit\RealTimeProtector [AdditionalScan 286]  =>SUP.Optional.AdvancedSystemCare
DELETED key*: HKLM\SOFTWARE\Wow6432Node\IObit\Advanced SystemCare [AdditionalScan 287]  =>SUP.Optional.AdvancedSystemCare
DELETED key*: HKLM\SOFTWARE\Wow6432Node\IObit\ASC [AdditionalScan 288]  =>SUP.Optional.AdvancedSystemCare
DELETED key*: HKLM\SOFTWARE\Wow6432Node\Classes\TypeLib\{60AD0991-ECD4-49DC-B170-8B7E7C60F51B} [AdditionalScan 362]  =>SUP.Optional.AdvancedSystemCare
DELETED key**: HKLM\SOFTWARE\IObit\RealTimeProtector [AdditionalScan 423]  =>SUP.Optional.AdvancedSystemCare
DELETED key**: HKLM\SOFTWARE\IObit\Advanced SystemCare [AdditionalScan 424]  =>SUP.Optional.AdvancedSystemCare
DELETED key**: HKLM\SOFTWARE\Iobit\ASC [AdditionalScan 450]  =>SUP.Optional.AdvancedSystemCare
DELETED key**: HKLM\SOFTWARE\Classes\TypeLib\{60AD0991-ECD4-49DC-B170-8B7E7C60F51B} [AdditionalScan 512]  =>SUP.Optional.AdvancedSystemCare
DELETED key*: [X64] HKLM\SOFTWARE\Classes\Interface\{BA935377-E17C-4475-B1BF-DE3110613A99} [ICExtMenu]  =>SUP.Optional.AdvancedSystemCare
DELETED key*: [X64] HKLM\SOFTWARE\Classes\Installer\Products\BBE408C5F57455542A52D156371F85DB [Adobe Flash Player 11 ActiveX (x64)]  =>Riskware.FlashPlayer
DELETED key^: [X64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Adobe Flash Player Updater []  =>Riskware.FlashPlayer
DELETED key*: [X64] HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{BA935377-E17C-4475-B1BF-DE3110613A99} [ICExtMenu]  =>SUP.Optional.AdvancedSystemCare
DELETED key*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Adobe Flash Player ActiveX []  =>Riskware.FlashPlayer
DELETED key*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Advanced SystemCare_is1 [IObit]  =>SUP.Optional.AdvancedSystemCare
DELETED key*: [X64] HKLM\SOFTWARE\Classes\CLSID\{2803063F-4B8D-4dc6-8874-D1802487FE2D} [CExtMenu Class]  =>SUP.Optional.AdvancedSystemCare
DELETED key**: [X64] HKLM\SOFTWARE\Classes\CLSID\{2803063F-4B8D-4dc6-8874-D1802487FE2D}\InprocServer32 [C:\Program Files (x86)\IObit\Advanced SystemCare\ASCExtMenu_64.dll]  =>SUP.Optional.AdvancedSystemCare
DELETED key*: HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\Advanced SystemCare [{2803063F-4B8D-4dc6-8874-D1802487FE2D}]  =>SUP.Optional.AdvancedSystemCare
DELETED key*: HKLM\Software\Classes\lnkfile\shellex\ContextMenuHandlers\Advanced SystemCare [{2803063F-4B8D-4dc6-8874-D1802487FE2D}]  =>SUP.Optional.AdvancedSystemCare
DELETED key*: HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\Advanced SystemCare [{2803063F-4B8D-4dc6-8874-D1802487FE2D}]  =>SUP.Optional.AdvancedSystemCare
DELETED key*: HKLM\SOFTWARE\Classes\Drive\shellex\ContextMenuHandlers\Advanced SystemCare [{2803063F-4B8D-4dc6-8874-D1802487FE2D}]  =>SUP.Optional.AdvancedSystemCare
DELETED value: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\Advanced SystemCare ["C:\Program Files (x86)\IObit\Advanced SystemCare\]  =>SUP.Optional.AdvancedSystemCare


---\\  Summary of the elements found (5)
https://nicolascoolman.eu/forum/Topic/flashplayer-logiciel-a-risque-riskware/  =>Riskware.FlashPlayer
https://nicolascoolman.eu/forum/Topic/legacy-logiciel-potentiellement-indesirable-pup-lpi/  =>PUP.Optional.Legacy
https://nicolascoolman.eu/forum/Topic/repaquetage-et-infection/  =>Préférences Chromium
https://nicolascoolman.eu/wp-content/uploads/2017/12/26/sup-advancedsystemcare/  =>SUP.Optional.AdvancedSystemCare
https://nicolascoolman.eu/2017/02/28/toolbar-ask/  =>Toolbar.Ask


---\\  Other deletions. (36)
~ Registry Keys Tracing deleted (36)
~ Remove the old reports ZHPCleaner. (0)


---\\ Result of repair
~ Repair carried out successfully
~ Google Chrome OK
~ Mozilla Firefox OK
~ Internet Explorer OK
~ The system has been restarted.


---\\ Statistics
~ Items scanned : 1415
~ Items found : 0
~ Items cancelled : 0
~ Space saving (bytes) : 0
~ Items options : 9/17


---\\ OPTIONS NOT ACTIVES
~ Temporary file analysis
~ Temporary folder analysis
~ Empty Folder CLSID Analysis
~ Empty Other Folder Analysis
~ Empty LocalLow Folder Analysis
~ Empty Local Folder Analysis
~ Obsolete Installer File Analysis
~ Start browsers with extensions removed





~ End of clean in 00h01mn47s

---\\  Reports (2)
ZHPCleaner-[S]-15032021-02_02_06.txt
ZHPCleaner-[R]-15032021-02_06_34.txt