Publicité
Publicité
Format du document : text/plain
Prévisualisation
~ ZHPCleaner v2018.11.19.196 by Nicolas Coolman (2018/11/19)
~ Run by KARAM (Administrator) (21/11/2018 05:09:10)
~ Web: https://www.nicolascoolman.com
~ Blog: https://nicolascoolman.eu/
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Version OK
~ Certificate ZHPCleaner: Legal
~ Type : Repair
~ Report : C:\Users\KARAM\Desktop\ZHPCleaner.txt
~ Quarantine : C:\Users\KARAM\AppData\Roaming\ZHP\ZHPCleaner_Reg.txt
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
Windows 10 Pro, 64-bit (Build 10240)
---\\ Alternate Data Stream (ADS). (0)
~ No malicious or unnecessary items found.
---\\ Services (0)
~ No malicious or unnecessary items found.
---\\ Browser internet (5)
DELETED: [sql9mk8y.default] - user_pref("browser.search.defaultenginename", "Palikan"); =>PUP.Optional.GoPalikan
DELETED: [sql9mk8y.default] - user_pref("browser.search.selectedEngine", "Palikan"); =>PUP.Optional.GoPalikan
REPLACED IE Params: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page [http://www.palikan.com/?f=1&a=plk_coinisreb_18_02&cd=2XzuyEtN2Y1L1Qzu0A0AyC0B0A0[...]] =>PUP.Optional.GoPalikan
REPLACED IE Params: HKLM64\SOFTWARE\Microsoft\Internet Explorer\MAIN\\Start Page [http://www.palikan.com/?f=1&a=plk_coinisreb_18_02&cd=2XzuyEtN2Y1L1Qzu0A0AyC0B0A0[...]] =>PUP.Optional.GoPalikan
REPLACED IE Params: HKLM64\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\\Start Page [http://www.palikan.com/?f=1&a=plk_coinisreb_18_02&cd=2XzuyEtN2Y1L1Qzu0A0AyC0B0A0[...]] =>PUP.Optional.GoPalikan
---\\ Hosts file (1)
~ The hosts file is legitimate (24)
---\\ Scheduled automatic tasks. (0)
~ No malicious or unnecessary items found.
---\\ Explorer ( File, Folder) (24)
MOVED file: C:\Users\KARAM\Desktop\QQPlayer.lnk [Bad : C:\Program Files (x86)\Tencent\QQPlayer\QQPlayer.exe](.Tencent technology (Shenzhen) limited.) =>.SUP.Tencent
MOVED file: C:\Users\KARAM\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\QQPlayer.lnk [Bad : C:\Program Files (x86)\Tencent\QQPlayer\QQPlayer.exe](.Tencent technology (Shenzhen) limited.) =>.SUP.Tencent
MOVED file: C:\Users\KARAM\AppData\Roaming\Mozilla\Firefox\Profiles\sql9mk8y.default\searchplugins\palikan.xml =>PUP.Optional.GoPalikan
MOVED file: C:\Users\KARAM\AppData\Roaming\Mozilla\Firefox\Profiles\sql9mk8y.default\storage\default\https+++en.softonic.com\.metadata =>.SUP.Softonic
MOVED file: C:\Users\KARAM\AppData\Roaming\Mozilla\Firefox\Profiles\sql9mk8y.default\storage\default\https+++en.softonic.com\.metadata-v2 =>.SUP.Softonic
MOVED file: C:\Users\KARAM\AppData\Roaming\Mozilla\Firefox\Profiles\sql9mk8y.default\storage\default\https+++en.softonic.com\idb\993782502OBNDE__KSDISG_NLA.sqlite =>.SUP.Softonic
MOVED file: C:\Users\KARAM\AppData\Roaming\Mozilla\Firefox\Profiles\sql9mk8y.default\storage\default\https+++ar.softonic.com\.metadata =>.SUP.Softonic
MOVED file: C:\Users\KARAM\AppData\Roaming\Mozilla\Firefox\Profiles\sql9mk8y.default\storage\default\https+++ar.softonic.com\.metadata-v2 =>.SUP.Softonic
MOVED file: C:\Users\KARAM\AppData\Roaming\Mozilla\Firefox\Profiles\sql9mk8y.default\storage\default\https+++ar.softonic.com\idb\993782502OBNDE__KSDISG_NLA.sqlite =>.SUP.Softonic
MOVED file: C:\Users\KARAM\AppData\Roaming\Mozilla\Firefox\Profiles\sql9mk8y.default\storage\default\http+++pxlgnpgecom-a.akamaihd.net\.metadata =>.SUP.AkamaiHD
MOVED file: C:\Users\KARAM\AppData\Roaming\Mozilla\Firefox\Profiles\sql9mk8y.default\storage\default\http+++pxlgnpgecom-a.akamaihd.net\.metadata-v2 =>.SUP.AkamaiHD
MOVED file: C:\Users\KARAM\AppData\Roaming\Mozilla\Firefox\Profiles\sql9mk8y.default\storage\default\http+++pxlgnpgecom-a.akamaihd.net\idb\2532886276bta_fcpe_.sqlite =>.SUP.AkamaiHD
MOVED file: C:\ProgramData\KMSAutoS\KMSAuto Net.exe [MSFree Inc. - KMSAuto Net] =>HackTool.WinActivator
MOVED file: C:\ProgramData\KMSAutoS\bin\KMSSS.exe [MDL Forum, mod by Ratiborus - KMS Server Emulator Service (XP)] =>HackTool.AutoKMS
MOVED file: C:\Windows\Reimage.ini =>.SUP.ReimageRepair
MOVED folder: C:\Users\KARAM\AppData\Roaming\DriverPack Notifier =>.SUP.DriverPack
MOVED folder: C:\Users\KARAM\AppData\Roaming\DRPSu =>.SUP.DriverPack
MOVED folder^: C:\Program Files (x86)\DriverPack Notifier =>.SUP.DriverPack
MOVED folder: C:\Program Files (x86)\Tencent =>.SUP.Tencent
MOVED folder: C:\ProgramData\APN =>Toolbar.Ask
MOVED folder: C:\ProgramData\KMSAutoS =>HackTool.WinActivator
MOVED folder: C:\ProgramData\Microsoft Toolkit =>HackTool.AutoKMS
MOVED folder: C:\Users\KARAM\AppData\Roaming\Tencent =>.SUP.Tencent
MOVED folder: C:\Users\KARAM\AppData\Local\MSfree Inc =>HackTool.WinActivator
---\\ Registry ( Key, Value, Data) (13)
DELETED key: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{5e7797ae-5ca1-4b50-95d8-97e746340487} [http://www.palikan.com/results.php?f=4&a=plk_coinisreb_18_02&cd=2XzuyEtN2Y1L1Qzu0A0AyC0B0A0DtB0C0DyE[...]] [Palikan] =>PUP.Optional.GoPalikan
DELETED key: [X64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} [http://www.palikan.com/results.php?f=4&a=plk_coinisreb_18_02&cd=2XzuyEtN2Y1L1Qzu0A0AyC0B0A0DtB0C0DyE[...]] [Palikan] =>PUP.Optional.GoPalikan
DELETED key: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} [http://www.palikan.com/results.php?f=4&a=plk_coinisreb_18_02&cd=2XzuyEtN2Y1L1Qzu0A0AyC0B0A0DtB0C0DyE[...]] [Palikan] =>PUP.Optional.GoPalikan
DELETED key: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{5e7797ae-5ca1-4b50-95d8-97e746340487} [http://www.palikan.com/results.php?f=4&a=plk_coinisreb_18_02&cd=2XzuyEtN2Y1L1Qzu0A0AyC0B0A0DtB0C0DyEyDyDtBtDtAtDtN0D0Tzu0StBtBtDtCtN1L2XzutAtFtByBtFyEtFyDyEtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2StA0BtDyEtD0EtD0EtGtB0B0FtBtGtC0F0DyCtGtA0ByCtAtG0F0DzyyCyD0CyC0D0C0F0FtB2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0FtB0A0FyDyBtA0AtGtA0A0EzztGyE0C0EyCtGzztByBzztGzzyCtCyEzz0C0E0DzzyCyB0C2QtN0A0LzutB&cr=1415319352&ir=&q={searchTerms}] =>PUP.Optional.GoPalikan
DELETED key: [X64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} [http://www.palikan.com/results.php?f=4&a=plk_coinisreb_18_02&cd=2XzuyEtN2Y1L1Qzu0A0AyC0B0A0DtB0C0DyEyDyDtBtDtAtDtN0D0Tzu0StBtBtDtCtN1L2XzutAtFtByBtFyEtFyDyEtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2StA0BtDyEtD0EtD0EtGtB0B0FtBtGtC0F0DyCtGtA0ByCtAtG0F0DzyyCyD0CyC0D0C0F0FtB2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0FtB0A0FyDyBtA0AtGtA0A0EzztGyE0C0EyCtGzztByBzztGzzyCtCyEzz0C0E0DzzyCyB0C2QtN0A0LzutB&cr=1415319352&ir=&q={searchTerms}] =>PUP.Optional.GoPalikan
DELETED key: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} [http://www.palikan.com/results.php?f=4&a=plk_coinisreb_18_02&cd=2XzuyEtN2Y1L1Qzu0A0AyC0B0A0DtB0C0DyEyDyDtBtDtAtDtN0D0Tzu0StBtBtDtCtN1L2XzutAtFtByBtFyEtFyDyEtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2StA0BtDyEtD0EtD0EtGtB0B0FtBtGtC0F0DyCtGtA0ByCtAtG0F0DzyyCyD0CyC0D0C0F0FtB2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0FtB0A0FyDyBtA0AtGtA0A0EzztGyE0C0EyCtGzztByBzztGzzyCtCyEzz0C0E0DzzyCyB0C2QtN0A0LzutB&cr=1415319352&ir=&q={searchTerms}] =>PUP.Optional.GoPalikan
DELETED key*: HKU\.DEFAULT\Software\ByteFence [] =>.SUP.ByteFence
DELETED key: HKU\S-1-5-18\Software\ByteFence [] =>.SUP.ByteFence
DELETED key*: HKCU\Software\csastats [] =>Adware.InstallCore
DELETED key*: HKCU\Software\ProductSetup [] =>Adware.InstallCore
DELETED key*: HKLM\System\CurrentControlSet\Services\EventLog\Reason\ReasonByteFence [] =>.SUP.ByteFence
DELETED key*: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0220D03E4356C0654A37F1553557CDEE [C:\Program Files (x86)\Microsoft Visual Studio 11.0\Common7\IDE\ProjectTemplates\VisualBasic\Windows\1033\WPFBrowserApplication\Settings.settings] =>Adware.CrossRider
DELETED key*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\DriverPack Notifier [DriverPack Solution] =>.SUP.DriverPack
---\\ Summary of the elements found (12)
https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>PUP.Optional.GoPalikan
https://nicolascoolman.eu/2017/02/23/tencentadressbar/ =>.SUP.Tencent
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.SUP.Softonic
https://nicolascoolman.eu/2017/12/26/sup-akamaihd/ =>.SUP.AkamaiHD
https://nicolascoolman.eu/2017/01/13/hacktool-winactivator/ =>HackTool.WinActivator
https://nicolascoolman.eu/2017/02/02/hacktool-autokms/ =>HackTool.AutoKMS
https://nicolascoolman.eu/2017/01/27/superfluous-reimagerepair/ =>.SUP.ReimageRepair
https://nicolascoolman.eu/2018/07/04/sup-driverpack/ =>.SUP.DriverPack
https://nicolascoolman.eu/2017/02/28/toolbar-ask/ =>Toolbar.Ask
https://nicolascoolman.eu/2017/03/13/superfluous-bytefence/ =>.SUP.ByteFence
https://nicolascoolman.eu/2017/09/19/adware-installcore-3/ =>Adware.InstallCore
https://nicolascoolman.eu/2017/03/11/pup-optional-crossrider/ =>Adware.CrossRider
---\\ Other deletions. (59)
~ Registry Keys Tracing deleted (59)
~ Remove the old reports ZHPCleaner. (0)
---\\ Result of repair
~ Repair carried out successfully
~ Browser not found (Google Chrome)
~ The system has been restarted.
---\\ Statistics
~ Items scanned : 1348
~ Items found : 0
~ Items cancelled : 0
~ Items options : 0/7
~ Space saving (bytes) : 0
~ End of clean in 00h00mn37s
---\\ Reports (2)
ZHPCleaner-[S]-21112018-05_05_53.txt
ZHPCleaner-[R]-21112018-05_09_47.txt
~ Run by KARAM (Administrator) (21/11/2018 05:09:10)
~ Web: https://www.nicolascoolman.com
~ Blog: https://nicolascoolman.eu/
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Version OK
~ Certificate ZHPCleaner: Legal
~ Type : Repair
~ Report : C:\Users\KARAM\Desktop\ZHPCleaner.txt
~ Quarantine : C:\Users\KARAM\AppData\Roaming\ZHP\ZHPCleaner_Reg.txt
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
Windows 10 Pro, 64-bit (Build 10240)
---\\ Alternate Data Stream (ADS). (0)
~ No malicious or unnecessary items found.
---\\ Services (0)
~ No malicious or unnecessary items found.
---\\ Browser internet (5)
DELETED: [sql9mk8y.default] - user_pref("browser.search.defaultenginename", "Palikan"); =>PUP.Optional.GoPalikan
DELETED: [sql9mk8y.default] - user_pref("browser.search.selectedEngine", "Palikan"); =>PUP.Optional.GoPalikan
REPLACED IE Params: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page [http://www.palikan.com/?f=1&a=plk_coinisreb_18_02&cd=2XzuyEtN2Y1L1Qzu0A0AyC0B0A0[...]] =>PUP.Optional.GoPalikan
REPLACED IE Params: HKLM64\SOFTWARE\Microsoft\Internet Explorer\MAIN\\Start Page [http://www.palikan.com/?f=1&a=plk_coinisreb_18_02&cd=2XzuyEtN2Y1L1Qzu0A0AyC0B0A0[...]] =>PUP.Optional.GoPalikan
REPLACED IE Params: HKLM64\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\\Start Page [http://www.palikan.com/?f=1&a=plk_coinisreb_18_02&cd=2XzuyEtN2Y1L1Qzu0A0AyC0B0A0[...]] =>PUP.Optional.GoPalikan
---\\ Hosts file (1)
~ The hosts file is legitimate (24)
---\\ Scheduled automatic tasks. (0)
~ No malicious or unnecessary items found.
---\\ Explorer ( File, Folder) (24)
MOVED file: C:\Users\KARAM\Desktop\QQPlayer.lnk [Bad : C:\Program Files (x86)\Tencent\QQPlayer\QQPlayer.exe](.Tencent technology (Shenzhen) limited.) =>.SUP.Tencent
MOVED file: C:\Users\KARAM\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\QQPlayer.lnk [Bad : C:\Program Files (x86)\Tencent\QQPlayer\QQPlayer.exe](.Tencent technology (Shenzhen) limited.) =>.SUP.Tencent
MOVED file: C:\Users\KARAM\AppData\Roaming\Mozilla\Firefox\Profiles\sql9mk8y.default\searchplugins\palikan.xml =>PUP.Optional.GoPalikan
MOVED file: C:\Users\KARAM\AppData\Roaming\Mozilla\Firefox\Profiles\sql9mk8y.default\storage\default\https+++en.softonic.com\.metadata =>.SUP.Softonic
MOVED file: C:\Users\KARAM\AppData\Roaming\Mozilla\Firefox\Profiles\sql9mk8y.default\storage\default\https+++en.softonic.com\.metadata-v2 =>.SUP.Softonic
MOVED file: C:\Users\KARAM\AppData\Roaming\Mozilla\Firefox\Profiles\sql9mk8y.default\storage\default\https+++en.softonic.com\idb\993782502OBNDE__KSDISG_NLA.sqlite =>.SUP.Softonic
MOVED file: C:\Users\KARAM\AppData\Roaming\Mozilla\Firefox\Profiles\sql9mk8y.default\storage\default\https+++ar.softonic.com\.metadata =>.SUP.Softonic
MOVED file: C:\Users\KARAM\AppData\Roaming\Mozilla\Firefox\Profiles\sql9mk8y.default\storage\default\https+++ar.softonic.com\.metadata-v2 =>.SUP.Softonic
MOVED file: C:\Users\KARAM\AppData\Roaming\Mozilla\Firefox\Profiles\sql9mk8y.default\storage\default\https+++ar.softonic.com\idb\993782502OBNDE__KSDISG_NLA.sqlite =>.SUP.Softonic
MOVED file: C:\Users\KARAM\AppData\Roaming\Mozilla\Firefox\Profiles\sql9mk8y.default\storage\default\http+++pxlgnpgecom-a.akamaihd.net\.metadata =>.SUP.AkamaiHD
MOVED file: C:\Users\KARAM\AppData\Roaming\Mozilla\Firefox\Profiles\sql9mk8y.default\storage\default\http+++pxlgnpgecom-a.akamaihd.net\.metadata-v2 =>.SUP.AkamaiHD
MOVED file: C:\Users\KARAM\AppData\Roaming\Mozilla\Firefox\Profiles\sql9mk8y.default\storage\default\http+++pxlgnpgecom-a.akamaihd.net\idb\2532886276bta_fcpe_.sqlite =>.SUP.AkamaiHD
MOVED file: C:\ProgramData\KMSAutoS\KMSAuto Net.exe [MSFree Inc. - KMSAuto Net] =>HackTool.WinActivator
MOVED file: C:\ProgramData\KMSAutoS\bin\KMSSS.exe [MDL Forum, mod by Ratiborus - KMS Server Emulator Service (XP)] =>HackTool.AutoKMS
MOVED file: C:\Windows\Reimage.ini =>.SUP.ReimageRepair
MOVED folder: C:\Users\KARAM\AppData\Roaming\DriverPack Notifier =>.SUP.DriverPack
MOVED folder: C:\Users\KARAM\AppData\Roaming\DRPSu =>.SUP.DriverPack
MOVED folder^: C:\Program Files (x86)\DriverPack Notifier =>.SUP.DriverPack
MOVED folder: C:\Program Files (x86)\Tencent =>.SUP.Tencent
MOVED folder: C:\ProgramData\APN =>Toolbar.Ask
MOVED folder: C:\ProgramData\KMSAutoS =>HackTool.WinActivator
MOVED folder: C:\ProgramData\Microsoft Toolkit =>HackTool.AutoKMS
MOVED folder: C:\Users\KARAM\AppData\Roaming\Tencent =>.SUP.Tencent
MOVED folder: C:\Users\KARAM\AppData\Local\MSfree Inc =>HackTool.WinActivator
---\\ Registry ( Key, Value, Data) (13)
DELETED key: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{5e7797ae-5ca1-4b50-95d8-97e746340487} [http://www.palikan.com/results.php?f=4&a=plk_coinisreb_18_02&cd=2XzuyEtN2Y1L1Qzu0A0AyC0B0A0DtB0C0DyE[...]] [Palikan] =>PUP.Optional.GoPalikan
DELETED key: [X64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} [http://www.palikan.com/results.php?f=4&a=plk_coinisreb_18_02&cd=2XzuyEtN2Y1L1Qzu0A0AyC0B0A0DtB0C0DyE[...]] [Palikan] =>PUP.Optional.GoPalikan
DELETED key: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} [http://www.palikan.com/results.php?f=4&a=plk_coinisreb_18_02&cd=2XzuyEtN2Y1L1Qzu0A0AyC0B0A0DtB0C0DyE[...]] [Palikan] =>PUP.Optional.GoPalikan
DELETED key: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{5e7797ae-5ca1-4b50-95d8-97e746340487} [http://www.palikan.com/results.php?f=4&a=plk_coinisreb_18_02&cd=2XzuyEtN2Y1L1Qzu0A0AyC0B0A0DtB0C0DyEyDyDtBtDtAtDtN0D0Tzu0StBtBtDtCtN1L2XzutAtFtByBtFyEtFyDyEtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2StA0BtDyEtD0EtD0EtGtB0B0FtBtGtC0F0DyCtGtA0ByCtAtG0F0DzyyCyD0CyC0D0C0F0FtB2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0FtB0A0FyDyBtA0AtGtA0A0EzztGyE0C0EyCtGzztByBzztGzzyCtCyEzz0C0E0DzzyCyB0C2QtN0A0LzutB&cr=1415319352&ir=&q={searchTerms}] =>PUP.Optional.GoPalikan
DELETED key: [X64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} [http://www.palikan.com/results.php?f=4&a=plk_coinisreb_18_02&cd=2XzuyEtN2Y1L1Qzu0A0AyC0B0A0DtB0C0DyEyDyDtBtDtAtDtN0D0Tzu0StBtBtDtCtN1L2XzutAtFtByBtFyEtFyDyEtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2StA0BtDyEtD0EtD0EtGtB0B0FtBtGtC0F0DyCtGtA0ByCtAtG0F0DzyyCyD0CyC0D0C0F0FtB2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0FtB0A0FyDyBtA0AtGtA0A0EzztGyE0C0EyCtGzztByBzztGzzyCtCyEzz0C0E0DzzyCyB0C2QtN0A0LzutB&cr=1415319352&ir=&q={searchTerms}] =>PUP.Optional.GoPalikan
DELETED key: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} [http://www.palikan.com/results.php?f=4&a=plk_coinisreb_18_02&cd=2XzuyEtN2Y1L1Qzu0A0AyC0B0A0DtB0C0DyEyDyDtBtDtAtDtN0D0Tzu0StBtBtDtCtN1L2XzutAtFtByBtFyEtFyDyEtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2StA0BtDyEtD0EtD0EtGtB0B0FtBtGtC0F0DyCtGtA0ByCtAtG0F0DzyyCyD0CyC0D0C0F0FtB2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0FtB0A0FyDyBtA0AtGtA0A0EzztGyE0C0EyCtGzztByBzztGzzyCtCyEzz0C0E0DzzyCyB0C2QtN0A0LzutB&cr=1415319352&ir=&q={searchTerms}] =>PUP.Optional.GoPalikan
DELETED key*: HKU\.DEFAULT\Software\ByteFence [] =>.SUP.ByteFence
DELETED key: HKU\S-1-5-18\Software\ByteFence [] =>.SUP.ByteFence
DELETED key*: HKCU\Software\csastats [] =>Adware.InstallCore
DELETED key*: HKCU\Software\ProductSetup [] =>Adware.InstallCore
DELETED key*: HKLM\System\CurrentControlSet\Services\EventLog\Reason\ReasonByteFence [] =>.SUP.ByteFence
DELETED key*: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0220D03E4356C0654A37F1553557CDEE [C:\Program Files (x86)\Microsoft Visual Studio 11.0\Common7\IDE\ProjectTemplates\VisualBasic\Windows\1033\WPFBrowserApplication\Settings.settings] =>Adware.CrossRider
DELETED key*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\DriverPack Notifier [DriverPack Solution] =>.SUP.DriverPack
---\\ Summary of the elements found (12)
https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>PUP.Optional.GoPalikan
https://nicolascoolman.eu/2017/02/23/tencentadressbar/ =>.SUP.Tencent
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.SUP.Softonic
https://nicolascoolman.eu/2017/12/26/sup-akamaihd/ =>.SUP.AkamaiHD
https://nicolascoolman.eu/2017/01/13/hacktool-winactivator/ =>HackTool.WinActivator
https://nicolascoolman.eu/2017/02/02/hacktool-autokms/ =>HackTool.AutoKMS
https://nicolascoolman.eu/2017/01/27/superfluous-reimagerepair/ =>.SUP.ReimageRepair
https://nicolascoolman.eu/2018/07/04/sup-driverpack/ =>.SUP.DriverPack
https://nicolascoolman.eu/2017/02/28/toolbar-ask/ =>Toolbar.Ask
https://nicolascoolman.eu/2017/03/13/superfluous-bytefence/ =>.SUP.ByteFence
https://nicolascoolman.eu/2017/09/19/adware-installcore-3/ =>Adware.InstallCore
https://nicolascoolman.eu/2017/03/11/pup-optional-crossrider/ =>Adware.CrossRider
---\\ Other deletions. (59)
~ Registry Keys Tracing deleted (59)
~ Remove the old reports ZHPCleaner. (0)
---\\ Result of repair
~ Repair carried out successfully
~ Browser not found (Google Chrome)
~ The system has been restarted.
---\\ Statistics
~ Items scanned : 1348
~ Items found : 0
~ Items cancelled : 0
~ Items options : 0/7
~ Space saving (bytes) : 0
~ End of clean in 00h00mn37s
---\\ Reports (2)
ZHPCleaner-[S]-21112018-05_05_53.txt
ZHPCleaner-[R]-21112018-05_09_47.txt