~ ZHPCleaner v2024.1.26.4 by Nicolas Coolman (2024/01/26)
~ Run by rafae (Administrator)  (04/02/2024 12:39:26)
~ Web: https://www.nicolascoolman.com
~ Blog: https://nicolascoolman.eu/
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Version OK
~ Type : Scan
~ Report : C:\Users\rafae\OneDrive\Desktop\ZHPCleaner (S).txt
~ Quarantine : C:\Users\rafae\AppData\Roaming\ZHP\ZHPCleaner_Reg.txt
~ System Restore Point : 
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
Windows 11, 64-bit  (Build 23620)


---\\  Alternate Data Stream (ADS). (0)
~ No malicious or unnecessary items found.


---\\  Services (0)
~ No malicious or unnecessary items found.


---\\  Browser internet (5)
FOUND file: C:\Users\rafae\AppData\Local\Google\Chrome\User Data\Default\History    =>.SUP.BrowserHistoric
FOUND file: C:\Users\rafae\AppData\Local\Microsoft\Edge\User Data\Default\History    =>.SUP.BrowserHistoric
FOUND folder: C:\Users\rafae\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data  =>.SUP.BrowserCache
FOUND folder: C:\Users\rafae\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data  =>.SUP.BrowserCache
FOUND folder: C:\Users\rafae\AppData\Local\Opera Software\Opera GX Stable\User Data\Default\Cache\Cache_Data  =>.SUP.BrowserCache


---\\  Hosts file (1)
~ The hosts file is legitimate (21)


---\\  Scheduled automatic tasks. (0)
~ No malicious or unnecessary items found.


---\\  Explorer ( File, Folder) (5)
FOUND file: C:\Users\rafae\AppData\Local\Google\Chrome\User Data\Default\Preferences    =>ChromiumPreference
FOUND file: C:\Users\rafae\AppData\Local\Microsoft\Edge\User Data\Default\Preferences    =>ChromiumPreference
FOUND file: C:\Windows\Prefetch\KERNEL_PNP-OUTBYTE-PC-REPAIR.-A116C10B.pf    =>SUP.Optional.Outbyte
FOUND file: C:\ProgramData\SquirrelMachineInstalls\Discord.exe [Discord Inc. - Discord - https://discord.com/]  =>.SUP.Discord
FOUND folder: C:\Users\rafae\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc  =>.SUP.Discord


---\\  Registry ( Key, Value, Data) (10)
FOUND key: [X64] HKLM\SOFTWARE\1D0EC6DE-4A80-4CC3-A335-E6E41C951198 []  =>Adware.CrossRider
FOUND key: [X64] HKLM\SOFTWARE\81bfc699-f883-50c7-b674-2483b6baae23 []  =>Adware.CrossRider
FOUND key: [X64] HKLM\SOFTWARE\Wow6432Node\1D0EC6DE-4A80-4CC3-A335-E6E41C951198 []  =>Adware.CrossRider
FOUND key: HKEY_USERS\S-1-5-21-366692056-171916002-775530353-1001\SOFTWARE\Discord []  =>.SUP.Discord
FOUND key: HKEY_USERS\S-1-5-21-366692056-171916002-775530353-1001\SOFTWARE\Classes\AppXq0pwa73vfcn2qdexp8cexcc6qk87xh1r []  =>Adware.Navipromo
FOUND key: HKEY_USERS\S-1-5-21-366692056-171916002-775530353-1001\SOFTWARE\Classes\Discord [URL:Discord Protocol]  =>.SUP.Discord
FOUND key: HKCU\Software\Discord []  =>.SUP.Discord
FOUND key: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Discord [Discord Inc.]  =>.SUP.Discord
FOUND data: HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{86db7be1-8317-4cc0-b32b-904a8e99ba7e}\\DhcpNameServer [Bad : 181.213.132.4 181.213.132.5]  =>Hijacker.Browser
FOUND key: [X64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Outbyte []  =>SUP.Optional.Outbyte


---\\  Summary of the elements found (8)
https://nicolascoolman.eu/2023/07/18/les-caches-et-historiques-de-navigateurs/  =>.SUP.BrowserHistoric
https://nicolascoolman.eu/2023/07/18/les-caches-et-historiques-de-navigateurs/  =>.SUP.BrowserCache
https://nicolascoolman.eu/2020/10/01/preferences-navigateurs-chromium/  =>ChromiumPreference
https://nicolascoolman.eu/forum/Topic/-logiciel-potentiellement-superflu-lps/  =>SUP.Optional.Outbyte
https://nicolascoolman.eu/forum/Topic/Discord-logiciel-potentiellement-superflu-lps/  =>.SUP.Discord
https://nicolascoolman.eu/2017/03/11/pup-optional-crossrider/  =>Adware.CrossRider
https://nicolascoolman.eu/forum/Topic/repaquetage-et-infection/  =>Adware.Navipromo
https://nicolascoolman.eu/2017/11/10/hijacker-browser-3/  =>Hijacker.Browser


---\\ Result of repair
~ Any repair made
~ Google Chrome OK
~ Microsoft Edge OK
~ Microsoft Internet Explorer OK
~ Opera GX Stable OK


---\\ Statistics
~ Items scanned : 93895
~ Items found : 21
~ Items cancelled : 0
~ Space saving (bytes) : 0
~ Items options : 10/18


---\\ OPTIONS NOT ACTIVES
~ Temporary file analysis
~ Temporary folder analysis
~ Empty Folder CLSID Analysis
~ Empty Other Folder Analysis
~ Empty LocalLow Folder Analysis
~ Empty Local Folder Analysis
~ Obsolete Installer File Analysis
~ Start browsers with extensions removed





~ End of search in 00h05mn10s

---\\  Reports (0)
ZHPCleaner-[S]-04022024-12_44_36.txt