~ ZHPCleaner v2017.3.11.43 by Nicolas Coolman (2017/03/11) ~ Run by H3DMi (Administrator) (13/03/2017 09:36:10) ~ Web: https://www.nicolascoolman.com ~ Blog: https://nicolascoolman.eu/ ~ Facebook : https://www.facebook.com/nicolascoolman1 ~ State version : Version OK ~ Type : Repair ~ Report : C:\Users\H3DMi\Desktop\ZHPCleaner.txt ~ Quarantine : C:\Users\H3DMi\AppData\Roaming\ZHP\ZHPCleaner_Quarantine.txt ~ UAC : Deactivate ~ Boot Mode : Normal (Normal boot) Windows Se7en Titan, 32-bit (Build 7600) ---\\ Services (0) ~ No malicious or unnecessary items found. ---\\ Browser internet (0) ~ No malicious or unnecessary items found. ---\\ Hosts file (1) ~ The hosts file is legitimate (30) ---\\ Scheduled automatic tasks. (0) ~ No malicious or unnecessary items found. ---\\ Explorer ( File, Folder) (18) MOVED file: C:\Windows\Installer\wix{62F029AB-85F2-0000-866A-9FC0DD99DDBC}.SchedServiceConfig.rmi =>.Superfluous.Empty MOVED file: C:\Windows\Installer\wix{A37CDB58-AAE8-0000-8C13-E0F7BACB0D5F}.SchedServiceConfig.rmi =>.Superfluous.Empty MOVED file: C:\Users\H3DMi\Downloads\office\KMSAuto Net.exe [MSFree Inc. - KMSAuto Net] =>HackTool.WinActivator MOVED file: C:\Users\H3DMi\Downloads\office\Microsoft Toolkit.exe [CODYQX4 - Microsoft Toolkit] =>HackTool.WinActivator MOVED file: C:\Users\H3DMi\Downloads\office\KMSpico Portable\AutoPico.exe [@ByELDI - AutoPico] =>HackTool.KMSpico MOVED file: C:\Users\H3DMi\Downloads\office\KMSpico Portable\KMSELDI.exe [@ByELDI - KMS GUI ELDI] =>HackTool.KMSpico MOVED file: C:\Users\H3DMi\Downloads\office\KMSAuto Net 2016 v1.4.8 Portable\KMSAuto Net.exe [MSFree Inc. - KMSAuto Net] =>HackTool.WinActivator MOVED file: C:\Users\H3DMi\Downloads\office\CRACK-OFFICE-2013\Microsoft Toolkit.exe [CODYQX4 - Microsoft Toolkit] =>HackTool.WinActivator MOVED folder: C:\Program Files\Lavasoft =>.Superfluous.Empty MOVED folder: C:\Program Files\Xenocode =>.Superfluous.Empty MOVED folder: C:\ProgramData\Microsoft Toolkit =>HackTool.AutoKMS MOVED folder: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Titan-Se7en™ =>HackTool.WinActivator MOVED folder: C:\Windows\System32\config\systemprofile\AppData\Local\LavasoftTcpService =>PUP.Optional.LavasoftWebCompanion MOVED folder: C:\Users\H3DMi\AppData\Local\Akamai =>.Superfluous.AkamaiHD MOVED folder: C:\Users\H3DMi\AppData\Local\CrashRpt =>.Superfluous.CrashReports MOVED folder: C:\Users\H3DMi\AppData\Local\MSfree Inc =>HackTool.WinActivator MOVED folder: C:\Program Files\QuickTime =>Riskware.QuickTime MOVED folder: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime =>Riskware.QuickTime ---\\ Registry ( Key, Value, Data) (15) DELETED key*: HKEY_USERS\S-1-5-21-1480127630-421335790-3021902173-1000\SOFTWARE\Akamai [] =>.Superfluous.AkamaiHD DELETED key*: HKEY_USERS\S-1-5-21-1480127630-421335790-3021902173-1000\SOFTWARE\Magicbit [] =>.Superfluous.Magicbit DELETED key*: HKEY_USERS\S-1-5-21-1480127630-421335790-3021902173-1000\SOFTWARE\Tencent [] =>.Superfluous.Tencent DELETED key: HKCU\Software\Akamai [] =>.Superfluous.AkamaiHD DELETED key: HKCU\Software\Magicbit [] =>.Superfluous.Magicbit DELETED key: HKCU\Software\Tencent [] =>.Superfluous.Tencent DELETED key*: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Akamai [Akamai Technologies, Inc] =>.Superfluous.AkamaiHD DELETED key*: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{0FA51C4F-E6AB-4497-A17C-A6BC905E7596} [eShield] =>.Superfluous.eShield DELETED key*: HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5} [ITool] =>Toolbar.Ask DELETED key*: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\00A9FAB8F5139F8469B54FE451FEEFB9 [C:\metasploit-framework\embedded\lib\perl5\5.8\ExtUtils\Installed.pm (Not File)] =>PUP.Optional.Manager DELETED key*: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0131AE940024EE2428847238DBA1DC02 [C:\metasploit-framework\embedded\lib\perl5\5.8\ExtUtils\Mksymlists.pm (Not File)] =>PUP.Optional.Manager DELETED value: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\{DB2995E1-57CF-44E6-8AF1-9A624823A55C} [C:\program files\common files\tencent\qqdownload\132\bugreport_xf.exe] =>.Superfluous.Tencent DELETED value: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\{B00E0D4B-C773-4348-A92B-2865B7EBFCD4} [C:\program files\common files\tencent\qqdownload\132\tencentdl.exe] =>.Superfluous.Tencent DELETED value: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\{CDE4A695-340A-44AA-B281-E6B48C63CB37} [C:\program files\common files\tencent\qqdownload\132\bugreport_xf.exe] =>.Superfluous.Tencent DELETED value: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\{3AE6BCD5-E5D1-42BA-8917-55B028C9FC8B} [C:\program files\common files\tencent\qqdownload\132\tencentdl.exe] =>.Superfluous.Tencent ---\\ Summary of the elements found (13) https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.Superfluous.Empty https://nicolascoolman.eu/2017/01/13/hacktool-winactivator/ =>HackTool.WinActivator https://nicolascoolman.eu/2017/02/16/hacktool-kmspico/ =>HackTool.KMSpico https://nicolascoolman.eu/2017/02/02/hacktool-autokms/ =>HackTool.AutoKMS https://www.anti-malware.top/2016/04/26/superfluous-lavasoftwebcompanion/ =>PUP.Optional.LavasoftWebCompanion https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.Superfluous.AkamaiHD https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.Superfluous.CrashReports https://nicolascoolman.eu/2017/01/15/riskware-quicktime/ =>Riskware.QuickTime https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.Superfluous.Magicbit https://nicolascoolman.eu/2017/02/23/tencentadressbar/ =>.Superfluous.Tencent https://www.anti-malware.top/2016/04/25/superfluous-eshield/ =>.Superfluous.eShield https://nicolascoolman.eu/2017/02/28/toolbar-ask/ =>Toolbar.Ask https://www.nicolascoolman.com/fr/pup-manager/ =>PUP.Optional.Manager ---\\ Other deletions. (19) ~ Registry Keys Tracing deleted (19) ~ Remove the old reports ZHPCleaner. (0) ---\\ Result of repair ~ Repair carried out successfully ---\\ Statistics ~ Items scanned : 2738 ~ Items found : 0 ~ Items cancelled : 0 ~ Items repaired : 33 ~ End of clean in 00h01mn27s ~==================== ZHPCleaner-[R]-13032017-09_37_37.txt ZHPCleaner-[S]-13032017-02_12_01.txt