~ ZHPCleaner v2023.11.21.53 by Nicolas Coolman (2023/11/21) ~ Run by Gabriel (Administrator) (23/11/2023 20:04:39) ~ Web: https://www.nicolascoolman.com ~ Blog: https://nicolascoolman.eu/ ~ Facebook : https://www.facebook.com/nicolascoolman1 ~ State version : Version OK ~ Type : Repair ~ Report : C:\Users\Gabriel\Desktop\ZHPCleaner (R).txt ~ Quarantine : C:\Users\Gabriel\AppData\Roaming\ZHP\ZHPCleaner_Reg.txt ~ System Restore Point : OK ~ UAC : Activate ~ Boot Mode : Normal (Normal boot) Windows 10 Pro, 64-bit (Build 19045) ---\\ Alternate Data Stream (ADS). (0) ~ No malicious or unnecessary items found. ---\\ Services (0) ~ No malicious or unnecessary items found. ---\\ Browser internet (0) ---\\ Hosts file (1) ~ The hosts file is legitimate (6) ---\\ Scheduled automatic tasks. (0) ~ No malicious or unnecessary items found. ---\\ Explorer ( File, Folder) (7) MOVED file: C:\Users\Gabriel\AppData\Local\Google\Chrome\User Data\Default\History =>.SUP.BrowserHistoric MOVED file: C:\Users\Gabriel\AppData\Local\Microsoft\Edge\User Data\Default\History =>.SUP.BrowserHistoric MOVED file: C:\Users\Gabriel\AppData\Local\Google\Chrome\User Data\Default\Preferences =>Préférences Chromium MOVED file: C:\Users\Gabriel\AppData\Local\Microsoft\Edge\User Data\Default\Preferences =>Préférences Chromium MOVED folder: C:\Users\Gabriel\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data =>.SUP.BrowserCache MOVED folder: C:\Users\Gabriel\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data =>.SUP.BrowserCache MOVED folder: C:\Users\Gabriel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc =>.SUP.Discord ---\\ Registry ( Key, Value, Data) (23) DELETED data: HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{a4163c9a-75ff-46e0-839e-b069a9358645}\\DhcpNameServer [Bad : 181.213.132.2 181.213.132.3] =>Hijacker.Browser DELETED data: HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\\DhcpNameServer [Bad : 181.213.132.2 181.213.132.3] =>Hijacker.Browser DELETED key*: [X64] HKLM\SOFTWARE\029c4619-0385-5543-9426-46f9987161d9 [] =>Adware.CrossRider DELETED key*: HKEY_USERS\S-1-5-21-1762068715-3034274098-3074391222-1001\SOFTWARE\Discord [] =>.SUP.Discord DELETED key*: HKEY_USERS\S-1-5-21-1762068715-3034274098-3074391222-1001\SOFTWARE\Classes\AppXn734efzc8q34nwgq33gv1wmnfcnt5sp8 [MCEDITORADDON] =>Adware.Navipromo DELETED key*: HKEY_USERS\S-1-5-21-1762068715-3034274098-3074391222-1001\SOFTWARE\Classes\Discord [URL:Discord Protocol] =>.SUP.Discord DELETED key*: HKEY_USERS\S-1-5-21-1762068715-3034274098-3074391222-1001\SOFTWARE\Classes\discord-1149118246826561609 [URL:Run game 1149118246826561609 protocol] =>.SUP.Discord DELETED key*: HKEY_USERS\S-1-5-21-1762068715-3034274098-3074391222-1001\SOFTWARE\Classes\discord-1152709425686126653 [URL:Run game 1152709425686126653 protocol] =>.SUP.Discord DELETED key*: HKEY_USERS\S-1-5-21-1762068715-3034274098-3074391222-1001\SOFTWARE\Classes\discord-364785249202208768 [URL:Run game 364785249202208768 protocol] =>.SUP.Discord DELETED key*: HKEY_USERS\S-1-5-21-1762068715-3034274098-3074391222-1001\SOFTWARE\Classes\discord-382624125287399424 [URL:Run game 382624125287399424 protocol] =>.SUP.Discord DELETED key*: HKEY_USERS\S-1-5-21-1762068715-3034274098-3074391222-1001\SOFTWARE\Classes\discord-432980957394370572 [URL:Run game 432980957394370572 protocol] =>.SUP.Discord DELETED key*: HKEY_USERS\S-1-5-21-1762068715-3034274098-3074391222-1001\SOFTWARE\Classes\discord-445956193924546560 [URL:Run game 445956193924546560 protocol] =>.SUP.Discord DELETED key*: HKEY_USERS\S-1-5-21-1762068715-3034274098-3074391222-1001\SOFTWARE\Classes\discord-475006012840083466 [URL:Run game 475006012840083466 protocol] =>.SUP.Discord DELETED key*: HKEY_USERS\S-1-5-21-1762068715-3034274098-3074391222-1001\SOFTWARE\Classes\discord-481331590383796224 [URL:Run game 481331590383796224 protocol] =>.SUP.Discord DELETED key*: HKEY_USERS\S-1-5-21-1762068715-3034274098-3074391222-1001\SOFTWARE\Classes\discord-744060914864750682 [URL:Run game 744060914864750682 protocol] =>.SUP.Discord DELETED key*: HKEY_USERS\S-1-5-21-1762068715-3034274098-3074391222-1001\SOFTWARE\Classes\discord-793878460157788220 [URL:discord-793878460157788220] =>.SUP.Discord DELETED key*: HKEY_USERS\S-1-5-21-1762068715-3034274098-3074391222-1001\SOFTWARE\Classes\discord-836178926341980170 [URL:Run game 836178926341980170 protocol] =>.SUP.Discord DELETED key*: HKEY_USERS\S-1-5-21-1762068715-3034274098-3074391222-1001\SOFTWARE\Classes\discord-844954458240581665 [URL:Run game 844954458240581665 protocol] =>.SUP.Discord DELETED key*: HKEY_USERS\S-1-5-21-1762068715-3034274098-3074391222-1001\SOFTWARE\Classes\discord-897348306194276402 [URL:Run game 897348306194276402 protocol] =>.SUP.Discord DELETED key*: HKEY_USERS\S-1-5-21-1762068715-3034274098-3074391222-1001\SOFTWARE\Classes\discord-982316905262120990 [URL:Run game 982316905262120990 protocol] =>.SUP.Discord DELETED key**: HKCU\Software\Discord [] =>.SUP.Discord DELETED key*: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Discord [Discord Inc.] =>.SUP.Discord DELETED value: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\Discord ["C:\Users\Gabriel\AppData\Local\Discord\Update.exe] =>.SUP.Discord ---\\ Summary of the elements found (7) https://nicolascoolman.eu/2023/07/18/les-caches-et-historiques-de-navigateurs/ =>.SUP.BrowserHistoric https://nicolascoolman.eu/forum/Topic/repaquetage-et-infection/ =>Préférences Chromium https://nicolascoolman.eu/2023/07/18/les-caches-et-historiques-de-navigateurs/ =>.SUP.BrowserCache https://nicolascoolman.eu/forum/Topic/Discord-logiciel-potentiellement-superflu-lps/ =>.SUP.Discord https://nicolascoolman.eu/2017/11/10/hijacker-browser-3/ =>Hijacker.Browser https://nicolascoolman.eu/2017/03/11/pup-optional-crossrider/ =>Adware.CrossRider https://nicolascoolman.eu/forum/Topic/repaquetage-et-infection/ =>Adware.Navipromo ---\\ Other deletions. (0) ~ Registry Keys Tracing deleted (0) ~ Remove the old reports ZHPCleaner. (0) ---\\ Result of repair ~ Repair carried out successfully ~ Google Chrome OK ~ Microsoft Edge OK ~ Microsoft Internet Explorer OK ---\\ Statistics ~ Items scanned : 1077 ~ Items found : 0 ~ Items cancelled : 0 ~ Space saving (bytes) : 0 ~ Items options : 10/18 ---\\ OPTIONS NOT ACTIVES ~ Temporary file analysis ~ Temporary folder analysis ~ Empty Folder CLSID Analysis ~ Empty Other Folder Analysis ~ Empty LocalLow Folder Analysis ~ Empty Local Folder Analysis ~ Obsolete Installer File Analysis ~ Start browsers with extensions removed ~ End of clean in 00h00mn37s ---\\ Reports (2) ZHPCleaner-[S]-23112023-20_01_16.txt ZHPCleaner-[R]-23112023-20_05_16.txt