~ ZHPCleaner v2017.12.11.214 by Nicolas Coolman (2017/12/11) ~ Run by fadi (Administrator) (11/12/2017 16:43:50) ~ Web: https://www.nicolascoolman.com ~ Blog: https://nicolascoolman.eu/ ~ Facebook : https://www.facebook.com/nicolascoolman1 ~ State version : Version OK ~ Certificate ZHPCleaner: Legal ~ Type : Repair ~ Report : C:\Users\fadi\Desktop\ZHPCleaner.txt ~ Quarantine : C:\Users\fadi\AppData\Roaming\ZHP\ZHPCleaner_Reg.txt ~ UAC : Activate ~ Boot Mode : Normal (Normal boot) Windows 7 Ultimate, 32-bit Service Pack 1 (Build 7601) ---\\ Services (1) CLOSED : KingoSoftService =>PUP.Optional.Youndoo ---\\ Browser internet (0) ~ No malicious or unnecessary items found. ---\\ Hosts file (1) ~ The hosts file is legitimate (21) ---\\ Scheduled automatic tasks. (0) ~ No malicious or unnecessary items found. ---\\ Explorer ( File, Folder) (12) MOVED file: C:\Users\fadi\Desktop\QQ影音.lnk [Bad : C:\Program Files\Tencent\QQPlayer\QQPlayer.exe](..) =>.SUP.Tencent MOVED file: C:\Users\fadi\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\QQ影音.lnk [Bad : C:\Program Files\Tencent\QQPlayer\QQPlayer.exe](..) =>.SUP.Tencent MOVED file: C:\Users\fadi\AppData\Roaming\Mozilla\Firefox\Profiles\hrjczfpd.default\storage\default\https+++en.softonic.com\.metadata =>.SUP.Softonic MOVED file: C:\Users\fadi\AppData\Roaming\Mozilla\Firefox\Profiles\hrjczfpd.default\storage\default\https+++en.softonic.com\.metadata-v2 =>.SUP.Softonic MOVED file: C:\Users\fadi\AppData\Roaming\Mozilla\Firefox\Profiles\hrjczfpd.default\storage\default\https+++en.softonic.com\idb\993782502OBNDE__KSDISG_NLA.sqlite =>.SUP.Softonic MOVED file: C:\Users\fadi\AppData\Local\Kingosoft\Kingo Root\update_54326\bin\KingoSoftService.exe =>PUP.Optional.Youndoo MOVED file**: C:\Windows\Prefetch\TENCENTDL.EXE-1CF0713F.pf =>.SUP.Tencent MOVED file**: C:\program files\common files\Tencent\qqdownload\118\tencentdl.exe [Tencent - 腾讯高速下载引擎] =>.SUP.Tencent MOVED folder*: C:\Program Files\Common Files\Tencent =>.SUP.Tencent MOVED folder*: C:\ProgramData\Tencent =>.SUP.Tencent MOVED folder*: C:\Users\fadi\AppData\Roaming\Tencent =>.SUP.Tencent MOVED folder*: C:\Users\fadi\AppData\Roaming\IObit\Advanced SystemCare =>.SUP.AdvancedSystemCare ---\\ Registry ( Key, Value, Data) (11) DELETED key*: HKLM\SYSTEM\CurrentControlSet\Services\KingoSoftService [C:\Users\fadi\AppData\Local\Kingosoft\Kingo Root\update_54326\bin\KingoSoftService.exe (Not File)] =>PUP.Optional.Youndoo DELETED key*: HKEY_USERS\S-1-5-21-3402908396-3170721023-3399320330-1000\SOFTWARE\Tencent [] =>.SUP.Tencent DELETED key: HKCU\Software\Tencent [] =>.SUP.Tencent DELETED key*: HKLM\SOFTWARE\Tencent [] =>.SUP.Tencent DELETED key*: HKLM\SOFTWARE\Microsoft\Tracing\tencentdl_RASAPI32 [] =>.SUP.Tencent DELETED key*: HKLM\SOFTWARE\Microsoft\Tracing\tencentdl_RASMANCS [] =>.SUP.Tencent DELETED key*: HKLM\SOFTWARE\Classes\CLSID\{DB43B405-43AA-4f01-82D8-D84D47E6019C} [Haali OGM Parser] =>.SUP.Tencent DELETED key: HKLM\SOFTWARE\Classes\CLSID\{DB43B405-43AA-4f01-82D8-D84D47E6019C}\InprocServer32 [C:\Program Files\Tencent\QQPlayer\ogm.dll (Not File)] =>.SUP.Tencent DELETED value: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\Web Companion [C:\Program Files\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize ] =>PUP.Optional.LavasoftWebCompanion DELETED value: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\TCP Query User{93DD03AC-5755-451D-A6EF-C8FA2853E79D}C:\program files\common files\tencent\qqdownload\118\tencentdl.exe [C:\program files\common files\tencent\qqdownload\118\tencentdl.exe] =>.SUP.Tencent DELETED value: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\UDP Query User{101B08F7-6BEF-4D3C-B352-389EBA897556}C:\program files\common files\tencent\qqdownload\118\tencentdl.exe [C:\program files\common files\tencent\qqdownload\118\tencentdl.exe] =>.SUP.Tencent ---\\ Summary of the elements found (5) https://nicolascoolman.eu/2017/03/11/superfluous-youndoo/ =>PUP.Optional.Youndoo https://nicolascoolman.eu/2017/02/23/tencentadressbar/ =>.SUP.Tencent https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.SUP.Softonic https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.SUP.AdvancedSystemCare https://nicolascoolman.eu/2017/03/12/superfluous-lavasoftwebcompanion/ =>PUP.Optional.LavasoftWebCompanion ---\\ Other deletions. (53) ~ Registry Keys Tracing deleted (53) ~ Remove the old reports ZHPCleaner. (0) ---\\ Result of repair ~ Repair carried out successfully ---\\ Statistics ~ Items scanned : 671 ~ Items found : 0 ~ Items cancelled : 0 ~ Items repaired : 24 ~ End of clean in 00h00mn37s ~==================== ZHPCleaner-[R]-11122017-16_44_27.txt ZHPCleaner-[S]-11122017-16_43_05.txt