~ ZHPCleaner v2018.10.19.185 by Nicolas Coolman (2018/10/19)
~ Run by bilbao (Administrator)  (24/10/2018 15:39:05)
~ Web: https://www.nicolascoolman.com
~ Blog: https://nicolascoolman.eu/
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Version OK
~ Certificate ZHPCleaner: Legal
~ Type : Reparar
~ Report : C:\Users\bilbao\Desktop\ZHPCleaner.txt
~ Quarantine : C:\Users\bilbao\AppData\Roaming\ZHP\ZHPCleaner_Reg.txt
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
Windows 10 Home, 64-bit  (Build 17134)

---\  Alternate Data Stream (ADS). (0)
~ No malintencionados o innecesarios artículos encontrados. (ADS)

---\  Servicios (0)
~ No malintencionados o innecesarios artículos encontrados. (Servicio)

---\  Navegadores de Internet (1)
BORRADOS dados: HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\webcompanion.com\\http [Bad : Sensitive Websites]  =>PUP.Optional.LavasoftWebCompanion

---\  Hosts carpeta (1)
~ El archivo hosts es legítimo (22)

---\  Tareas automáticas programadas. (0)
~ No malintencionados o innecesarios artículos encontrados. (Tarea)

---\  Explorador ( Archivos, Carpetas ) (52)
MOVIDO carpeta: C:\Users\bilbao\Desktop\µTorrent.lnk  [Bad : C:\Users\bilbao\AppData\Roaming\uTorrent\uTorrent.exe](.BitTorrent Inc..)  =>BitTorrent (P2P)
MOVIDO carpeta: C:\Users\bilbao\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk  [Bad : C:\Users\bilbao\AppData\Roaming\uTorrent\uTorrent.exe](.BitTorrent Inc..)  =>BitTorrent (P2P)
MOVIDO carpeta: C:\Users\bilbao\AppData\Roaming\Mozilla\Firefox\Profiles\ku44u1wq.default\storage\temporary\http+++campusvirtual.salusplay.com\.metadata    =>PUP.Optional.Salus
MOVIDO carpeta: C:\Users\bilbao\AppData\Roaming\Mozilla\Firefox\Profiles\ku44u1wq.default\storage\temporary\http+++campusvirtual.salusplay.com\.metadata-v2    =>PUP.Optional.Salus
MOVIDO carpeta: C:\Users\bilbao\AppData\Roaming\Mozilla\Firefox\Profiles\ku44u1wq.default\storage\temporary\http+++campusvirtual.salusplay.com\asmjs\metadata    =>PUP.Optional.Salus
MOVIDO carpeta: C:\Users\bilbao\AppData\Roaming\Mozilla\Firefox\Profiles\ku44u1wq.default\storage\temporary\http+++campusvirtual.salusplay.com\asmjs\module15    =>PUP.Optional.Salus
MOVIDO carpeta: C:\Users\bilbao\AppData\Roaming\Mozilla\Firefox\Profiles\ku44u1wq.default\storage\default\http+++campusvirtual.salusplay.com\.metadata    =>PUP.Optional.Salus
MOVIDO carpeta: C:\Users\bilbao\AppData\Roaming\Mozilla\Firefox\Profiles\ku44u1wq.default\storage\default\http+++campusvirtual.salusplay.com\.metadata-v2    =>PUP.Optional.Salus
MOVIDO carpeta: C:\Users\bilbao\AppData\Roaming\Mozilla\Firefox\Profiles\ku44u1wq.default\storage\default\http+++campusvirtual.salusplay.com\idb\1403633498UenhictayC.sqlite    =>PUP.Optional.Salus
MOVIDO carpeta: C:\Users\bilbao\AppData\Roaming\Mozilla\Firefox\Profiles\ku44u1wq.default\storage\default\http+++campusvirtual.salusplay.com\idb\2083995541%s2fFbid.sqlite    =>PUP.Optional.Salus
MOVIDO carpeta: C:\Users\bilbao\AppData\Roaming\Mozilla\Firefox\Profiles\ku44u1wq.default\storage\default\http+++campusvirtual.salusplay.com\idb\471098692%t2sFeitd-bsf.sqlite    =>PUP.Optional.Salus
MOVIDO carpeta: C:\Users\bilbao\AppData\Roaming\Mozilla\Firefox\Profiles\ku44u1wq.default\storage\default\http+++campusvirtual.salusplay.com\idb\1403633498UenhictayC.files\1    =>PUP.Optional.Salus
MOVIDO carpeta: C:\Users\bilbao\AppData\Roaming\Mozilla\Firefox\Profiles\ku44u1wq.default\storage\default\http+++campusvirtual.salusplay.com\idb\1403633498UenhictayC.files\2    =>PUP.Optional.Salus
MOVIDO carpeta: C:\Users\bilbao\AppData\Roaming\Mozilla\Firefox\Profiles\9spndzgm.default\storage\temporary\http+++campusvirtual.salusplay.com\.metadata-v2    =>PUP.Optional.Salus
MOVIDO carpeta: C:\Users\bilbao\AppData\Roaming\Mozilla\Firefox\Profiles\9spndzgm.default\storage\temporary\http+++campusvirtual.salusplay.com\.metadata-v2.pzdud    =>PUP.Optional.Salus
MOVIDO carpeta: C:\Users\bilbao\AppData\Roaming\Mozilla\Firefox\Profiles\9spndzgm.default\storage\temporary\http+++campusvirtual.salusplay.com\.metadata.pzdud    =>PUP.Optional.Salus
MOVIDO carpeta: C:\Users\bilbao\AppData\Roaming\Mozilla\Firefox\Profiles\9spndzgm.default\storage\temporary\http+++campusvirtual.salusplay.com\PZDUD-DECRYPT.txt    =>PUP.Optional.Salus
MOVIDO carpeta: C:\Users\bilbao\AppData\Roaming\Mozilla\Firefox\Profiles\9spndzgm.default\storage\temporary\http+++campusvirtual.salusplay.com\asmjs\metadata.pzdud    =>PUP.Optional.Salus
MOVIDO carpeta: C:\Users\bilbao\AppData\Roaming\Mozilla\Firefox\Profiles\9spndzgm.default\storage\temporary\http+++campusvirtual.salusplay.com\asmjs\module15.pzdud    =>PUP.Optional.Salus
MOVIDO carpeta: C:\Users\bilbao\AppData\Roaming\Mozilla\Firefox\Profiles\9spndzgm.default\storage\temporary\http+++campusvirtual.salusplay.com\asmjs\PZDUD-DECRYPT.txt    =>PUP.Optional.Salus
MOVIDO carpeta: C:\Users\bilbao\AppData\Roaming\Mozilla\Firefox\Profiles\9spndzgm.default\storage\default\https+++www.softonic.com\.metadata-v2.pzdud    =>.SUP.Softonic
MOVIDO carpeta: C:\Users\bilbao\AppData\Roaming\Mozilla\Firefox\Profiles\9spndzgm.default\storage\default\https+++www.softonic.com\.metadata.pzdud    =>.SUP.Softonic
MOVIDO carpeta: C:\Users\bilbao\AppData\Roaming\Mozilla\Firefox\Profiles\9spndzgm.default\storage\default\https+++www.softonic.com\PZDUD-DECRYPT.txt    =>.SUP.Softonic
MOVIDO carpeta: C:\Users\bilbao\AppData\Roaming\Mozilla\Firefox\Profiles\9spndzgm.default\storage\default\https+++www.softonic.com\idb\993782502OBNDE__KSDISG_NLA.sqlite.pzdud    =>.SUP.Softonic
MOVIDO carpeta: C:\Users\bilbao\AppData\Roaming\Mozilla\Firefox\Profiles\9spndzgm.default\storage\default\https+++www.softonic.com\idb\PZDUD-DECRYPT.txt    =>.SUP.Softonic
MOVIDO carpeta: C:\Users\bilbao\AppData\Roaming\Mozilla\Firefox\Profiles\9spndzgm.default\storage\default\https+++www.softonic.com\idb\993782502OBNDE__KSDISG_NLA.files\PZDUD-DECRYPT.txt    =>.SUP.Softonic
MOVIDO carpeta: C:\Users\bilbao\AppData\Roaming\Mozilla\Firefox\Profiles\9spndzgm.default\storage\default\http+++campusvirtual.salusplay.com\.metadata-v2.pzdud    =>PUP.Optional.Salus
MOVIDO carpeta: C:\Users\bilbao\AppData\Roaming\Mozilla\Firefox\Profiles\9spndzgm.default\storage\default\http+++campusvirtual.salusplay.com\.metadata.pzdud    =>PUP.Optional.Salus
MOVIDO carpeta: C:\Users\bilbao\AppData\Roaming\Mozilla\Firefox\Profiles\9spndzgm.default\storage\default\http+++campusvirtual.salusplay.com\PZDUD-DECRYPT.txt    =>PUP.Optional.Salus
MOVIDO carpeta: C:\Users\bilbao\AppData\Roaming\Mozilla\Firefox\Profiles\9spndzgm.default\storage\default\http+++campusvirtual.salusplay.com\idb\1403633498UenhictayC.sqlite.pzdud    =>PUP.Optional.Salus
MOVIDO carpeta: C:\Users\bilbao\AppData\Roaming\Mozilla\Firefox\Profiles\9spndzgm.default\storage\default\http+++campusvirtual.salusplay.com\idb\2083995541%s2fFbid.sqlite.pzdud    =>PUP.Optional.Salus
MOVIDO carpeta: C:\Users\bilbao\AppData\Roaming\Mozilla\Firefox\Profiles\9spndzgm.default\storage\default\http+++campusvirtual.salusplay.com\idb\471098692%t2sFeitd-bsf.sqlite.pzdud    =>PUP.Optional.Salus
MOVIDO carpeta: C:\Users\bilbao\AppData\Roaming\Mozilla\Firefox\Profiles\9spndzgm.default\storage\default\http+++campusvirtual.salusplay.com\idb\PZDUD-DECRYPT.txt    =>PUP.Optional.Salus
MOVIDO carpeta: C:\Users\bilbao\AppData\Roaming\Mozilla\Firefox\Profiles\9spndzgm.default\storage\default\http+++campusvirtual.salusplay.com\idb\471098692%t2sFeitd-bsf.files\PZDUD-DECRYPT.txt    =>PUP.Optional.Salus
MOVIDO carpeta: C:\Users\bilbao\AppData\Roaming\Mozilla\Firefox\Profiles\9spndzgm.default\storage\default\http+++campusvirtual.salusplay.com\idb\2083995541%s2fFbid.files\PZDUD-DECRYPT.txt    =>PUP.Optional.Salus
MOVIDO carpeta: C:\Users\bilbao\AppData\Roaming\Mozilla\Firefox\Profiles\9spndzgm.default\storage\default\http+++campusvirtual.salusplay.com\idb\1403633498UenhictayC.files\1.pzdud    =>PUP.Optional.Salus
MOVIDO carpeta: C:\Users\bilbao\AppData\Roaming\Mozilla\Firefox\Profiles\9spndzgm.default\storage\default\http+++campusvirtual.salusplay.com\idb\1403633498UenhictayC.files\2.pzdud    =>PUP.Optional.Salus
MOVIDO carpeta: C:\Users\bilbao\AppData\Roaming\Mozilla\Firefox\Profiles\9spndzgm.default\storage\default\http+++campusvirtual.salusplay.com\idb\1403633498UenhictayC.files\PZDUD-DECRYPT.txt    =>PUP.Optional.Salus
MOVIDO carpeta: C:\Users\bilbao\AppData\Roaming\Mozilla\Firefox\Profiles\9spndzgm.default\storage\default\http+++campusvirtual.salusplay.com\idb\1403633498UenhictayC.files\journals\PZDUD-DECRYPT.txt    =>PUP.Optional.Salus
MOVIDO carpeta: C:\Windows\Prefetch\KMSAUTO NET.EXE-9984586F.pf    =>HackTool.WinActivator
MOVIDO carpeta: C:\Windows\Prefetch\KMSAUTO NET.EXE-BA94CC1D.pf    =>HackTool.WinActivator
MOVIDO carpeta: C:\Users\bilbao\Downloads\KMSPico 10.2.1 [TeamDaz.TW].zip.pzdud    =>HackTool.KMSpico
MOVIDO carpeta: C:\Users\bilbao\Downloads\ReimageRepair.exe [Reimage - Reimage Downloader]  =>.SUP.ReimageRepair
MOVIDO carpeta: C:\Users\bilbao\Downloads\uTorrent.exe [BitTorrent Inc. - µTorrent]  =>BitTorrent (P2P)
MOVIDO carpeta^: C:\Program Files (x86)\Lavasoft\web companion    =>PUP.Optional.LavasoftWebCompanion
MOVIDO carpeta^: C:\Users\bilbao\AppData\Roaming\Lavasoft\web companion    =>PUP.Optional.LavasoftWebCompanion
MOVIDO carpeta^: C:\ProgramData\Lavasoft\web companion    =>PUP.Optional.LavasoftWebCompanion
MOVIDO archivo: C:\Users\bilbao\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj  =>PUP.Optional.DefaultSearch
MOVIDO archivo: C:\Users\bilbao\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\nladljmabboanhihfkjacnnkgjhnokhj  =>PUP.Optional.DefaultSearch
MOVIDO archivo: C:\Users\bilbao\AppData\Local\MSfree Inc  =>HackTool.WinActivator
MOVIDO archivo: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft\WebCompanion  =>PUP.Optional.LavasoftWebCompanion
MOVIDO archivo: C:\Users\bilbao\AppData\Local\OneDrive  =>PUP.Optional.Y2Go

---\  Registro ( Claves, Valores, Datos) (9)
BORRADOS clave*: [X64] HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\nladljmabboanhihfkjacnnkgjhnokhj []  =>PUP.Optional.DefaultSearch
BORRADOS clave*: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\uTorrent [BitTorrent Inc.]  =>BitTorrent (P2P)
BORRADOS clave*: HKU\S-1-5-21-3663803378-3742629537-2154932750-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com []  =>PUP.Optional.LavasoftWebCompanion
BORRADOS clave*: HKCU\Software\Lavasoft\Web Companion []  =>PUP.Optional.LavasoftWebCompanion
BORRADOS clave: HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com []  =>PUP.Optional.LavasoftWebCompanion
BORRADOS clave*: HKLM\SOFTWARE\Wow6432Node\Lavasoft\Web Companion []  =>PUP.Optional.LavasoftWebCompanion
BORRADOS clave: HKLM\SOFTWARE\Lavasoft\Web Companion []  =>PUP.Optional.LavasoftWebCompanion
BORRADOS valor: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\Web Companion [C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize ]  =>PUP.Optional.LavasoftWebCompanion
BORRADOS valor: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\GoogleChromeAutoLaunch_73088244E344CD395D42B19A7D8E0A00 ['C:\Program Files (x86)\Google\Chrome\Application\chrome.exe' --no-startup-window /prefetch:5]  =>PUP.Optional.MyBrowser

---\  Resumen de elementos en su estación de trabajo (10)
https://nicolascoolman.eu/2017/03/12/superfluous-lavasoftwebcompanion/  =>PUP.Optional.LavasoftWebCompanion
https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/  =>BitTorrent (P2P)
https://nicolascoolman.eu/2017/09/07/pup-optional-salus/  =>PUP.Optional.Salus
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/  =>.SUP.Softonic
https://nicolascoolman.eu/2017/01/13/hacktool-winactivator/  =>HackTool.WinActivator
https://nicolascoolman.eu/2017/02/16/hacktool-kmspico/  =>HackTool.KMSpico
https://nicolascoolman.eu/2017/01/27/superfluous-reimagerepair/  =>.SUP.ReimageRepair
https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/  =>PUP.Optional.DefaultSearch
https://nicolascoolman.eu/2017/04/08/pup-optional-y2go/  =>PUP.Optional.Y2Go
https://nicolascoolman.eu/2017/11/01/adware-mybrowser/  =>PUP.Optional.MyBrowser

---\ Limpieza adicional. (15)
~ Clave de registro Tracing borrados (15)
~ Quitar los antiguos informes de ZHPCleaner. (0)

---\ Resultado de la reparación.
~ Reparación llevada a cabo con éxito
~ falta este navegador! (Opera Software)
~ El sistema ha sido reiniciado.

---\ STATISTIQUES
~ Items escaneado : 644
~ Items encontrado : 0
~ artículos cancelados : 0
~ Items opciones : 0/7
~ Ahorro de espacio (bytes) : 0
~ End of clean in 00h00mn34s

---\  Reporte (2)
ZHPCleaner-[S]-24102018-15_36_37.txt
ZHPCleaner-[R]-24102018-15_39_39.txt