Publicité
Publicité
Format du document : text/plain
Prévisualisation
~ ZHPCleaner v2018.7.25.153 by Nicolas Coolman (2018/07/25)
~ Run by Maple Bear (Administrator) (27/07/2018 06:47:09)
~ Web: https://www.nicolascoolman.com
~ Blog: https://nicolascoolman.eu/
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Version KO
~ Certificate ZHPCleaner: Legal
~ Type : Repair
~ Report : C:\Users\Maple Bear\Desktop\ZHPCleaner.txt
~ Quarantine : C:\Users\Maple Bear\AppData\Roaming\ZHP\ZHPCleaner_Reg.txt
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
Windows 10 Home Single Language, 64-bit (Build 17134)
---\\ Alternate Data Stream (ADS). (0)
~ No malicious or unnecessary items found.
---\\ Services (1)
CLOSED : KMSEmulator =>HackTool.WinActivator
---\\ Browser internet (0)
~ No malicious or unnecessary items found.
---\\ Hosts file (1)
~ The hosts file is legitimate (1)
---\\ Scheduled automatic tasks. (0)
~ No malicious or unnecessary items found.
---\\ Explorer ( File, Folder) (37)
MOVED file: C:\Users\Maple Bear\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\µTorrent.lnk [Bad : C:\Users\Maple Bear\AppData\Roaming\uTorrent\uTorrent.exe](.BitTorrent Inc..) =>BitTorrent (P2P)
MOVED file: C:\Users\Maple Bear\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\uTorrent.lnk [Bad : C:\Users\Maple Bear\AppData\Roaming\uTorrent\uTorrent.exe](.BitTorrent Inc..) =>BitTorrent (P2P)
MOVED file: C:\ProgramData\KMSAutoS\bin\KMSSS.exe [MDL Forum, mod by Ratiborus - KMS Server Emulator Service (XP)] =>HackTool.WinActivator
MOVED file: C:\WINDOWS\System32\drivers\powzip.sys =>PUP.Optional.Powzip
MOVED file: C:\Program Files\ZTUzZWM3NDExNGQ0ZWU\YjZjZWFiYjljMDE3.exe =>PUP.Optional.Wajam
MOVED file: C:\ProgramData\KMSAutoS\KMSAuto Net.exe [MSFree Inc. - KMSAuto Net] =>HackTool.WinActivator
MOVED file: C:\Windows\SECOH-QAD.exe =>HackTool.KMSpico
MOVED file^: C:\Windows\SysWOW64\SSL =>Trojan.Agent
MOVED folder: C:\Program Files (x86)\Powzip =>PUP.Optional.Powzip
MOVED folder: C:\Program Files (x86)\publicHotsp =>.SUP.Tuto4PC
MOVED folder: C:\Program Files\0OHMFYB6MA =>Heuristic.Wizzcaster
MOVED folder: C:\Program Files\0R2FMMGO2K =>Heuristic.Wizzcaster
MOVED folder: C:\Program Files\5S6YIMOOLV =>Heuristic.Wizzcaster
MOVED folder: C:\Program Files\A949NS6C3O =>Heuristic.Wizzcaster
MOVED folder: C:\Program Files\D3YPSE3AM8 =>Heuristic.Wizzcaster
MOVED folder: C:\Program Files\FXGNA9PN30 =>Heuristic.Wizzcaster
MOVED folder: C:\Program Files\K1YIWLVSU3 =>Heuristic.Wizzcaster
MOVED folder: C:\Program Files\K7BMDM64GL =>Heuristic.Wizzcaster
MOVED folder: C:\Program Files\KMSpico =>HackTool.KMSpico
MOVED folder: C:\Program Files\NNPQZSCWCG =>Heuristic.Wizzcaster
MOVED folder: C:\Program Files\THZ1V89HI1 =>Heuristic.Wizzcaster
MOVED folder: C:\Program Files\U7QH33N86O =>Heuristic.Wizzcaster
MOVED folder: C:\Program Files\V1OBNIOUTS =>Heuristic.Wizzcaster
MOVED folder: C:\ProgramData\a1e1d860-3303-0 =>.SUP.Polluteware
MOVED folder: C:\ProgramData\a1e1d860-46b7-1 =>.SUP.Polluteware
MOVED folder: C:\ProgramData\KMSAutoS =>HackTool.WinActivator
MOVED folder: C:\Users\Maple Bear\AppData\Roaming\5ytpwjxdug4 =>Heuristic.Wizzcaster
MOVED folder: C:\Users\Maple Bear\AppData\Roaming\gzz1uzfnff0 =>Heuristic.Wizzcaster
MOVED folder: C:\Users\Maple Bear\AppData\Roaming\hjjtnhr3eko =>Heuristic.Wizzcaster
MOVED folder: C:\Users\Maple Bear\AppData\Roaming\ifhcspx2ikc =>Heuristic.Wizzcaster
MOVED folder: C:\Users\Maple Bear\AppData\Roaming\mplwzptjvre =>Heuristic.Wizzcaster
MOVED folder: C:\Users\Maple Bear\AppData\Roaming\pttczbotijo =>Heuristic.Wizzcaster
MOVED folder: C:\Users\Maple Bear\AppData\Roaming\t2rvsfmayfl =>Heuristic.Wizzcaster
MOVED folder: C:\Users\Maple Bear\AppData\Roaming\zlolaxqabgi =>Heuristic.Wizzcaster
MOVED folder: C:\Users\Maple Bear\AppData\Local\MSfree Inc =>HackTool.WinActivator
MOVED folder: C:\ProgramData\PrefsSecure =>PUP.Optional.LogicHandler
MOVED folder: C:\ProgramData\Logic Cramble =>PUP.Optional.LogicHandler
---\\ Registry ( Key, Value, Data) (34)
DELETED key: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{ielnksrch} [https://%66%65%65%64.%68%65%6C%70%65%72%62%61%72.%63%6F%6D/?p=mKO_AwFzXIpYRYSttY34mamef947lyuLH2byhe[...]] [Search the web] =>PUP.Optional.IMBooster
DELETED key: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\ielnksrch [https://%66%65%65%64.%68%65%6C%70%65%72%62%61%72.%63%6F%6D/?p=mKO_AwFzXIpYRYSttY34mamef947lyuLH2byhe[...]] [Search the web] =>PUP.Optional.IMBooster
DELETED key: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{ielnksrch} [https://%66%65%65%64.%68%65%6C%70%65%72%62%61%72.%63%6F%6D/?p=mKO_AwFzXIpYRYSttY34mamef947lyuLH2byhed3g02SoNi4QVwBEebRpqZKmL_uily4GbZLL5c-S2_83jfzjLCAmslX9v8De2p5UnTR7OZrqAUl5oA_ue9MzCBuSLwL1DlNXSVcG90YL-2yIJZX4Sswdk_vLMu9IVABAQ0j4HcDatBJ1d2V25xmG_Gr&q={searchTerms}] =>PUP.Optional.IMBooster
DELETED key: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\ielnksrch [https://%66%65%65%64.%68%65%6C%70%65%72%62%61%72.%63%6F%6D/?p=mKO_AwFzXIpYRYSttY34mamef947lyuLH2byhed3g02SoNi4QVwBEebRpqZKmL_uily4GbZLL5c-S2_83jfzjLCAmslX9v8De2p5UnTR7OZrqAUl5oA_ue9MzCBuSLwL1DlNXSVcG90YL-2yIJZX4Sswdk_vLMu9IVABAQ0j4HcDatBJ1d2V25xmG_Gr&q={searchTerms}] =>PUP.Optional.IMBooster
DELETED key*: HKCU\Software\WajIEnhance [] =>PUP.Optional.Wajam
DELETED key*: HKLM\SYSTEM\CurrentControlSet\Services\KMSEmulator [C:\ProgramData\KMSAutoS\bin\KMSSS.exe (Not File)] =>HackTool.WinActivator
DELETED key*: HKLM\SYSTEM\CurrentControlSet\Services\powzip [C:\WINDOWS\System32\drivers\powzip.sys (Not File)] =>PUP.Optional.Powzip
DELETED key*: HKLM\SYSTEM\CurrentControlSet\Services\ZTUzZWM3NDExNGQ0ZWU [C:\Program Files\ZTUzZWM3NDExNGQ0ZWU\YjZjZWFiYjljMDE3.exe (Not File)] =>PUP.Optional.Wajam
DELETED key*: HKEY_USERS\S-1-5-21-4216877997-3920459586-2356809368-1001\SOFTWARE\mtApService [] =>PUP.Optional.Salus
DELETED key: HKEY_USERS\S-1-5-21-4216877997-3920459586-2356809368-1001\SOFTWARE\WajIEnhance [] =>PUP.Optional.WaEnhance
DELETED key: HKCU\Software\mtApService [] =>PUP.Optional.Salus
DELETED key*: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\uTorrent [BitTorrent Inc.] =>BitTorrent (P2P)
DELETED key*: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\akamaihd.net [] =>.SUP.AkamaiHD
DELETED key*: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\convert2mp3.net [] =>PUP.Optional.ConvertMe
DELETED key*: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\onesystemcare.com [] =>PUP.Optional.OneSystemCare
DELETED key*: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\savefrom.net [] =>PUP.Optional.SaverOn
DELETED key*: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\studiosolsolr-a.akamaihd.net [] =>.SUP.AkamaiHD
DELETED key*: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\www.onesystemcare.com [] =>PUP.Optional.OneSystemCare
DELETED key*: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\www.yt-adblocker.com [] =>PUP.Optional.Adblocker
DELETED key*: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\yt-adblocker.com [] =>PUP.Optional.Adblocker
DELETED key*: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\akamaihd.net [] =>.SUP.AkamaiHD
DELETED key*: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\convert2mp3.net [109] =>PUP.Optional.ConvertMe
DELETED key*: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\onesystemcare.com [] =>PUP.Optional.OneSystemCare
DELETED key*: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\savefrom.net [] =>PUP.Optional.SaverOn
DELETED key*: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\studiosolsolr-a.akamaihd.net [] =>.SUP.AkamaiHD
DELETED key*: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\www.onesystemcare.com [545] =>PUP.Optional.OneSystemCare
DELETED key*: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\www.yt-adblocker.com [94] =>PUP.Optional.Adblocker
DELETED key*: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\yt-adblocker.com [] =>PUP.Optional.Adblocker
DELETED key*: [X64] HKLM\SOFTWARE\Classes\AppID\56BF5154-0B48-4ADB-902A-6C8B12E270D9 [] =>PUP.Optional.Wajam
DELETED key*: [X64] HKLM\SOFTWARE\SrcAAAesom Browser Enhancer [] =>PUP.Optional.Wajam
DELETED key*: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\09E7DB5DFD393BFC24F638CD98CC350E [C:\Program Files (x86)\Samsung\Settings\CmdServer\CommandSystemPowerEvent.dll] =>PUP.Optional.Multiplug
DELETED key*: [X64] HKLM\SOFTWARE\Wow6432Node\mtApService [] =>PUP.Optional.Salus
DELETED key*: [X64] HKLM\SOFTWARE\Wow6432Node\SrcAAAesom Browser Enhancer [] =>PUP.Optional.Wajam
DELETED key: [X64] HKLM\SOFTWARE\Wow6432Node\Classes\AppID\56BF5154-0B48-4ADB-902A-6C8B12E270D9 [] =>PUP.Optional.Wajam
---\\ Summary of the elements found (19)
https://nicolascoolman.eu/2017/01/13/hacktool-winactivator/ =>HackTool.WinActivator
https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>BitTorrent (P2P)
https://nicolascoolman.eu/2018/07/07/pup-optional-powzip/ =>PUP.Optional.Powzip
https://nicolascoolman.eu/2017/02/24/pup-optional-wajam/ =>PUP.Optional.Wajam
https://nicolascoolman.eu/2017/02/16/hacktool-kmspico/ =>HackTool.KMSpico
https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>Trojan.Agent
https://nicolascoolman.eu/2017/01/01/adware-tuto4pc-publichotspot/ =>.SUP.Tuto4PC
https://nicolascoolman.eu/2017/09/15/adware-wizzcaster/ =>Heuristic.Wizzcaster
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.SUP.Polluteware
https://nicolascoolman.eu/2017/01/04/pup-optional-logichandler/ =>PUP.Optional.LogicHandler
https://nicolascoolman.eu/2017/09/08/adware-imbooster/ =>PUP.Optional.IMBooster
https://nicolascoolman.eu/2017/09/07/pup-optional-salus/ =>PUP.Optional.Salus
https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>PUP.Optional.WaEnhance
https://nicolascoolman.eu/2017/12/26/sup-akamaihd/ =>.SUP.AkamaiHD
https://www.nicolascoolman.com/fr/pup-convertme/ =>PUP.Optional.ConvertMe
https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>PUP.Optional.OneSystemCare
https://www.nicolascoolman.com/fr/pup-saveron/ =>PUP.Optional.SaverOn
https://nicolascoolman.eu/2017/01/28/adware-adblocker/ =>PUP.Optional.Adblocker
https://www.anti-malware.top/2016/04/28/pup-optional-multiplug/ =>PUP.Optional.Multiplug
---\\ Other deletions. (50)
~ Registry Keys Tracing deleted (50)
~ Remove the old reports ZHPCleaner. (0)
---\\ Result of repair
~ Repair carried out successfully
~ Browser not found (Mozilla Firefox)
~ Browser not found (Opera Software)
~ The system has been restarted.
---\\ Statistics
~ Items scanned : 505
~ Items found : 0
~ Items cancelled : 0
~ Items options : 0/7
~ Space saving (bytes) : 0
~ End of clean in 00h01mn00s
---\\ Reports (2)
ZHPCleaner-[S]-27072018-06_46_01.txt
ZHPCleaner-[R]-27072018-06_48_09.txt
~ Run by Maple Bear (Administrator) (27/07/2018 06:47:09)
~ Web: https://www.nicolascoolman.com
~ Blog: https://nicolascoolman.eu/
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Version KO
~ Certificate ZHPCleaner: Legal
~ Type : Repair
~ Report : C:\Users\Maple Bear\Desktop\ZHPCleaner.txt
~ Quarantine : C:\Users\Maple Bear\AppData\Roaming\ZHP\ZHPCleaner_Reg.txt
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
Windows 10 Home Single Language, 64-bit (Build 17134)
---\\ Alternate Data Stream (ADS). (0)
~ No malicious or unnecessary items found.
---\\ Services (1)
CLOSED : KMSEmulator =>HackTool.WinActivator
---\\ Browser internet (0)
~ No malicious or unnecessary items found.
---\\ Hosts file (1)
~ The hosts file is legitimate (1)
---\\ Scheduled automatic tasks. (0)
~ No malicious or unnecessary items found.
---\\ Explorer ( File, Folder) (37)
MOVED file: C:\Users\Maple Bear\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\µTorrent.lnk [Bad : C:\Users\Maple Bear\AppData\Roaming\uTorrent\uTorrent.exe](.BitTorrent Inc..) =>BitTorrent (P2P)
MOVED file: C:\Users\Maple Bear\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\uTorrent.lnk [Bad : C:\Users\Maple Bear\AppData\Roaming\uTorrent\uTorrent.exe](.BitTorrent Inc..) =>BitTorrent (P2P)
MOVED file: C:\ProgramData\KMSAutoS\bin\KMSSS.exe [MDL Forum, mod by Ratiborus - KMS Server Emulator Service (XP)] =>HackTool.WinActivator
MOVED file: C:\WINDOWS\System32\drivers\powzip.sys =>PUP.Optional.Powzip
MOVED file: C:\Program Files\ZTUzZWM3NDExNGQ0ZWU\YjZjZWFiYjljMDE3.exe =>PUP.Optional.Wajam
MOVED file: C:\ProgramData\KMSAutoS\KMSAuto Net.exe [MSFree Inc. - KMSAuto Net] =>HackTool.WinActivator
MOVED file: C:\Windows\SECOH-QAD.exe =>HackTool.KMSpico
MOVED file^: C:\Windows\SysWOW64\SSL =>Trojan.Agent
MOVED folder: C:\Program Files (x86)\Powzip =>PUP.Optional.Powzip
MOVED folder: C:\Program Files (x86)\publicHotsp =>.SUP.Tuto4PC
MOVED folder: C:\Program Files\0OHMFYB6MA =>Heuristic.Wizzcaster
MOVED folder: C:\Program Files\0R2FMMGO2K =>Heuristic.Wizzcaster
MOVED folder: C:\Program Files\5S6YIMOOLV =>Heuristic.Wizzcaster
MOVED folder: C:\Program Files\A949NS6C3O =>Heuristic.Wizzcaster
MOVED folder: C:\Program Files\D3YPSE3AM8 =>Heuristic.Wizzcaster
MOVED folder: C:\Program Files\FXGNA9PN30 =>Heuristic.Wizzcaster
MOVED folder: C:\Program Files\K1YIWLVSU3 =>Heuristic.Wizzcaster
MOVED folder: C:\Program Files\K7BMDM64GL =>Heuristic.Wizzcaster
MOVED folder: C:\Program Files\KMSpico =>HackTool.KMSpico
MOVED folder: C:\Program Files\NNPQZSCWCG =>Heuristic.Wizzcaster
MOVED folder: C:\Program Files\THZ1V89HI1 =>Heuristic.Wizzcaster
MOVED folder: C:\Program Files\U7QH33N86O =>Heuristic.Wizzcaster
MOVED folder: C:\Program Files\V1OBNIOUTS =>Heuristic.Wizzcaster
MOVED folder: C:\ProgramData\a1e1d860-3303-0 =>.SUP.Polluteware
MOVED folder: C:\ProgramData\a1e1d860-46b7-1 =>.SUP.Polluteware
MOVED folder: C:\ProgramData\KMSAutoS =>HackTool.WinActivator
MOVED folder: C:\Users\Maple Bear\AppData\Roaming\5ytpwjxdug4 =>Heuristic.Wizzcaster
MOVED folder: C:\Users\Maple Bear\AppData\Roaming\gzz1uzfnff0 =>Heuristic.Wizzcaster
MOVED folder: C:\Users\Maple Bear\AppData\Roaming\hjjtnhr3eko =>Heuristic.Wizzcaster
MOVED folder: C:\Users\Maple Bear\AppData\Roaming\ifhcspx2ikc =>Heuristic.Wizzcaster
MOVED folder: C:\Users\Maple Bear\AppData\Roaming\mplwzptjvre =>Heuristic.Wizzcaster
MOVED folder: C:\Users\Maple Bear\AppData\Roaming\pttczbotijo =>Heuristic.Wizzcaster
MOVED folder: C:\Users\Maple Bear\AppData\Roaming\t2rvsfmayfl =>Heuristic.Wizzcaster
MOVED folder: C:\Users\Maple Bear\AppData\Roaming\zlolaxqabgi =>Heuristic.Wizzcaster
MOVED folder: C:\Users\Maple Bear\AppData\Local\MSfree Inc =>HackTool.WinActivator
MOVED folder: C:\ProgramData\PrefsSecure =>PUP.Optional.LogicHandler
MOVED folder: C:\ProgramData\Logic Cramble =>PUP.Optional.LogicHandler
---\\ Registry ( Key, Value, Data) (34)
DELETED key: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{ielnksrch} [https://%66%65%65%64.%68%65%6C%70%65%72%62%61%72.%63%6F%6D/?p=mKO_AwFzXIpYRYSttY34mamef947lyuLH2byhe[...]] [Search the web] =>PUP.Optional.IMBooster
DELETED key: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\ielnksrch [https://%66%65%65%64.%68%65%6C%70%65%72%62%61%72.%63%6F%6D/?p=mKO_AwFzXIpYRYSttY34mamef947lyuLH2byhe[...]] [Search the web] =>PUP.Optional.IMBooster
DELETED key: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{ielnksrch} [https://%66%65%65%64.%68%65%6C%70%65%72%62%61%72.%63%6F%6D/?p=mKO_AwFzXIpYRYSttY34mamef947lyuLH2byhed3g02SoNi4QVwBEebRpqZKmL_uily4GbZLL5c-S2_83jfzjLCAmslX9v8De2p5UnTR7OZrqAUl5oA_ue9MzCBuSLwL1DlNXSVcG90YL-2yIJZX4Sswdk_vLMu9IVABAQ0j4HcDatBJ1d2V25xmG_Gr&q={searchTerms}] =>PUP.Optional.IMBooster
DELETED key: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\ielnksrch [https://%66%65%65%64.%68%65%6C%70%65%72%62%61%72.%63%6F%6D/?p=mKO_AwFzXIpYRYSttY34mamef947lyuLH2byhed3g02SoNi4QVwBEebRpqZKmL_uily4GbZLL5c-S2_83jfzjLCAmslX9v8De2p5UnTR7OZrqAUl5oA_ue9MzCBuSLwL1DlNXSVcG90YL-2yIJZX4Sswdk_vLMu9IVABAQ0j4HcDatBJ1d2V25xmG_Gr&q={searchTerms}] =>PUP.Optional.IMBooster
DELETED key*: HKCU\Software\WajIEnhance [] =>PUP.Optional.Wajam
DELETED key*: HKLM\SYSTEM\CurrentControlSet\Services\KMSEmulator [C:\ProgramData\KMSAutoS\bin\KMSSS.exe (Not File)] =>HackTool.WinActivator
DELETED key*: HKLM\SYSTEM\CurrentControlSet\Services\powzip [C:\WINDOWS\System32\drivers\powzip.sys (Not File)] =>PUP.Optional.Powzip
DELETED key*: HKLM\SYSTEM\CurrentControlSet\Services\ZTUzZWM3NDExNGQ0ZWU [C:\Program Files\ZTUzZWM3NDExNGQ0ZWU\YjZjZWFiYjljMDE3.exe (Not File)] =>PUP.Optional.Wajam
DELETED key*: HKEY_USERS\S-1-5-21-4216877997-3920459586-2356809368-1001\SOFTWARE\mtApService [] =>PUP.Optional.Salus
DELETED key: HKEY_USERS\S-1-5-21-4216877997-3920459586-2356809368-1001\SOFTWARE\WajIEnhance [] =>PUP.Optional.WaEnhance
DELETED key: HKCU\Software\mtApService [] =>PUP.Optional.Salus
DELETED key*: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\uTorrent [BitTorrent Inc.] =>BitTorrent (P2P)
DELETED key*: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\akamaihd.net [] =>.SUP.AkamaiHD
DELETED key*: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\convert2mp3.net [] =>PUP.Optional.ConvertMe
DELETED key*: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\onesystemcare.com [] =>PUP.Optional.OneSystemCare
DELETED key*: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\savefrom.net [] =>PUP.Optional.SaverOn
DELETED key*: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\studiosolsolr-a.akamaihd.net [] =>.SUP.AkamaiHD
DELETED key*: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\www.onesystemcare.com [] =>PUP.Optional.OneSystemCare
DELETED key*: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\www.yt-adblocker.com [] =>PUP.Optional.Adblocker
DELETED key*: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\yt-adblocker.com [] =>PUP.Optional.Adblocker
DELETED key*: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\akamaihd.net [] =>.SUP.AkamaiHD
DELETED key*: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\convert2mp3.net [109] =>PUP.Optional.ConvertMe
DELETED key*: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\onesystemcare.com [] =>PUP.Optional.OneSystemCare
DELETED key*: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\savefrom.net [] =>PUP.Optional.SaverOn
DELETED key*: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\studiosolsolr-a.akamaihd.net [] =>.SUP.AkamaiHD
DELETED key*: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\www.onesystemcare.com [545] =>PUP.Optional.OneSystemCare
DELETED key*: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\www.yt-adblocker.com [94] =>PUP.Optional.Adblocker
DELETED key*: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\yt-adblocker.com [] =>PUP.Optional.Adblocker
DELETED key*: [X64] HKLM\SOFTWARE\Classes\AppID\56BF5154-0B48-4ADB-902A-6C8B12E270D9 [] =>PUP.Optional.Wajam
DELETED key*: [X64] HKLM\SOFTWARE\SrcAAAesom Browser Enhancer [] =>PUP.Optional.Wajam
DELETED key*: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\09E7DB5DFD393BFC24F638CD98CC350E [C:\Program Files (x86)\Samsung\Settings\CmdServer\CommandSystemPowerEvent.dll] =>PUP.Optional.Multiplug
DELETED key*: [X64] HKLM\SOFTWARE\Wow6432Node\mtApService [] =>PUP.Optional.Salus
DELETED key*: [X64] HKLM\SOFTWARE\Wow6432Node\SrcAAAesom Browser Enhancer [] =>PUP.Optional.Wajam
DELETED key: [X64] HKLM\SOFTWARE\Wow6432Node\Classes\AppID\56BF5154-0B48-4ADB-902A-6C8B12E270D9 [] =>PUP.Optional.Wajam
---\\ Summary of the elements found (19)
https://nicolascoolman.eu/2017/01/13/hacktool-winactivator/ =>HackTool.WinActivator
https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>BitTorrent (P2P)
https://nicolascoolman.eu/2018/07/07/pup-optional-powzip/ =>PUP.Optional.Powzip
https://nicolascoolman.eu/2017/02/24/pup-optional-wajam/ =>PUP.Optional.Wajam
https://nicolascoolman.eu/2017/02/16/hacktool-kmspico/ =>HackTool.KMSpico
https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>Trojan.Agent
https://nicolascoolman.eu/2017/01/01/adware-tuto4pc-publichotspot/ =>.SUP.Tuto4PC
https://nicolascoolman.eu/2017/09/15/adware-wizzcaster/ =>Heuristic.Wizzcaster
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.SUP.Polluteware
https://nicolascoolman.eu/2017/01/04/pup-optional-logichandler/ =>PUP.Optional.LogicHandler
https://nicolascoolman.eu/2017/09/08/adware-imbooster/ =>PUP.Optional.IMBooster
https://nicolascoolman.eu/2017/09/07/pup-optional-salus/ =>PUP.Optional.Salus
https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>PUP.Optional.WaEnhance
https://nicolascoolman.eu/2017/12/26/sup-akamaihd/ =>.SUP.AkamaiHD
https://www.nicolascoolman.com/fr/pup-convertme/ =>PUP.Optional.ConvertMe
https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>PUP.Optional.OneSystemCare
https://www.nicolascoolman.com/fr/pup-saveron/ =>PUP.Optional.SaverOn
https://nicolascoolman.eu/2017/01/28/adware-adblocker/ =>PUP.Optional.Adblocker
https://www.anti-malware.top/2016/04/28/pup-optional-multiplug/ =>PUP.Optional.Multiplug
---\\ Other deletions. (50)
~ Registry Keys Tracing deleted (50)
~ Remove the old reports ZHPCleaner. (0)
---\\ Result of repair
~ Repair carried out successfully
~ Browser not found (Mozilla Firefox)
~ Browser not found (Opera Software)
~ The system has been restarted.
---\\ Statistics
~ Items scanned : 505
~ Items found : 0
~ Items cancelled : 0
~ Items options : 0/7
~ Space saving (bytes) : 0
~ End of clean in 00h01mn00s
---\\ Reports (2)
ZHPCleaner-[S]-27072018-06_46_01.txt
ZHPCleaner-[R]-27072018-06_48_09.txt