~ ZHPCleaner v2017.3.17.47 by Nicolas Coolman (2017/03/17) ~ Run by Sippo (Administrator) (17/03/2017 15:48:52) ~ Web: https://www.nicolascoolman.com ~ Blog: https://nicolascoolman.eu/ ~ Facebook : https://www.facebook.com/nicolascoolman1 ~ State version : Versie OK ~ Type : Scan ~ Report : C:\Users\Sippo\Desktop\ZHPCleaner.txt ~ Quarantine : C:\Users\Sippo\AppData\Roaming\ZHP\ZHPCleaner_Quarantine.txt ~ UAC : Activate ~ Boot Mode : Normal (Normal boot) Windows 10 Home, 64-bit (Build 14393) ---\\ Services (1) [S] GEVONDEN : Kyubey =>PUP.Optional.CrossRider ---\\ Browser internet (1) GEVONDEN data: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyOverride [Bad : local] =>Hijacker.Proxy ---\\ Hosts file (1) ~ The hosts file is rechtmatig (1) ---\\ Scheduled automatic tasks. (0) ~ Geen schadelijk of onnodig element gevonden. ---\\ Explorer ( Bestand, Map) (17) GEVONDEN bestand: C:\Windows\Prefetch\AMULE.EXE-612E622E.pf =>Adware.aMULEcustom GEVONDEN bestand: C:\Windows\Prefetch\BROWSERPROTECT.EXE-7D5E6FD4.pf =>PUP.Optional.Eazel GEVONDEN bestand: C:\Windows\Prefetch\KYUBEY.EXE-4DE73556.pf =>PUP.Optional.CrossRider GEVONDEN bestand: C:\Windows\Prefetch\KYUBEY.EXE-915181A3.pf =>PUP.Optional.CrossRider GEVONDEN bestand: C:\Windows\Prefetch\KYUBEY.EXE-FC7ADC21.pf =>PUP.Optional.CrossRider GEVONDEN bestand: C:\Windows\Prefetch\REIMAGE PC REPAIR SERIAL KEY -96713FDD.pf =>.Superfluous.ReimageRepair GEVONDEN bestand: C:\Windows\Prefetch\REIMAGE.EXE-02B30964.pf =>.Superfluous.ReimageRepair GEVONDEN bestand: C:\Windows\Prefetch\REIMAGEPACKAGE.EXE-C1EE407B.pf =>.Superfluous.ReimageRepair GEVONDEN bestand: C:\Windows\Prefetch\REIMAGEREPAIR.EXE-AC53EE59.pf =>.Superfluous.ReimageRepair GEVONDEN bestand: C:\Windows\Installer\wix{C4123106-B685-48E6-B9BD-E4F911841EB4}.SchedServiceConfig.rmi =>.Superfluous.Empty GEVONDEN bestand: C:\Windows\Installer\wix{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}.SchedServiceConfig.rmi =>.Superfluous.Empty GEVONDEN bestand: C:\Users\Sippo\AppData\Local\Temp\wct6757.tmp =>.Superfluous.Temporary.Various GEVONDEN bestand: C:\Users\Sippo\AppData\Local\Temp\wctB764.tmp =>.Superfluous.Temporary.Various GEVONDEN bestand: C:\ProgramData\Microsoft Toolkit\Settings.xml =>HackTool.AutoKMS GEVONDEN map: C:\ProgramData\Microsoft Toolkit =>HackTool.AutoKMS GEVONDEN map: C:\Users\Sippo\AppData\Roaming\PCCloneEx_Lite+ =>.Superfluous.PCMechanic GEVONDEN map: C:\Users\Sippo\AppData\Local\Software =>PUP.Optional.Boxore ---\\ Register ( Sleutel, Waarde, Data) (15) GEVONDEN data: HKLM\...\SafeZoneStable\Shell\open\Command\\"C:\Program Files\AVAST Software\SZBrowser\Launcher.exe" http://www.startpageing123.com/?type=sc&ts=1489664067&z=de3e0df172e08e7feee1077gbzdb2tcq1q0z8e3qdm&from=che0812&uid=HitachiXHTS547550A9E384_J2160051H6AZPDH6AZPDX =>Hijacker.StartpageIng123 GEVONDEN sleutel: HKLM\SYSTEM\CurrentControlSet\Services\Kyubey [C:\Users\Sippo\AppData\Roaming\Kyubey\Kyubey.exe (Not File)](..) =>PUP.Optional.CrossRider GEVONDEN sleutel: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{735CBB11-3E26-4197-9B1D-8E26F2AE9E66} [C:\Program Files (x86)\Youtube AdBlockIE (Not File)] =>PUP.Optional.YouTubeAdBlock GEVONDEN sleutel: HKLM\SOFTWARE\Wow6432Node\Firefox [] =>Adware.GhokswaBrowser GEVONDEN sleutel: HKLM\SOFTWARE\Firefox [] =>Adware.GhokswaBrowser GEVONDEN sleutel: HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WinSnare [] =>.Superfluous.WinSnare GEVONDEN sleutel: [X64] HKLM\SOFTWARE\InterSect Alliance [] =>.Superfluous.InterSect GEVONDEN sleutel: [X64] HKLM\SOFTWARE\Wow6432Node\amule-custom [246] =>Adware.aMULEcustom GEVONDEN sleutel: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{6B8D6199-EE44-4FD7-813A-6D8C62C9B384} [SlimWare Utilities, Inc.] =>.Superfluous.SlimWareUtilities GEVONDEN sleutel: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} [Google Inc.] =>Heuristic.Suspect GEVONDEN sleutel: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\BikaQ_RASAPI32 [] =>.Superfluous.BikaQ GEVONDEN sleutel: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\BikaQ_RASMANCS [] =>.Superfluous.BikaQ GEVONDEN sleutel: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{735CBB11-3E26-4197-9B1D-8E26F2AE9E66} [C:\Program Files (x86)\Youtube AdBlockIE (Not File)] =>PUP.Optional.YouTubeAdBlock GEVONDEN sleutel: HKCU\SOFTWARE\177DA36DFDE2AFFFB642FA9F4E5F0B09 [] =>Hijacker.Browser GEVONDEN sleutel: [X64] HKLM\SOFTWARE\177DA36DFDE2AFFFB642FA9F4E5F0B09 [] =>Hijacker.Browser ---\\ Samenvatting van elementen gevonden op uw werkstation (19) https://nicolascoolman.eu/2017/03/11/pup-optional-crossrider/ =>PUP.Optional.CrossRider https://www.anti-malware.top/2016/06/09/pirate-de-serveur-proxy-hijacker-proxy/ =>Hijacker.Proxy https://nicolascoolman.eu/2017/03/10/adware-amulecustom/ =>Adware.aMULEcustom https://www.nicolascoolman.com/fr/hijacker-eazel/ =>PUP.Optional.Eazel https://nicolascoolman.eu/2017/01/27/superfluous-reimagerepair/ =>.Superfluous.ReimageRepair https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.Superfluous.Empty https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.Superfluous.Temporary.Various https://nicolascoolman.eu/2017/02/02/hacktool-autokms/ =>HackTool.AutoKMS https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.Superfluous.PCMechanic https://nicolascoolman.eu/2017/03/14/pup-optional-boxore/ =>PUP.Optional.Boxore https://nicolascoolman.eu/2017/03/06/hijacker-startpageing123/ =>Hijacker.StartpageIng123 https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>PUP.Optional.YouTubeAdBlock https://nicolascoolman.eu/2017/02/19/adware-ghokswabrowser/ =>Adware.GhokswaBrowser https://nicolascoolman.eu/2017/01/12/superfluous-winsnare/ =>.Superfluous.WinSnare https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.Superfluous.InterSect https://nicolascoolman.eu/2017/03/03/superfluous-slimwareutilities/ =>.Superfluous.SlimWareUtilities https://nicolascoolman.eu/2017/01/28/heuristic-suspect/ =>Heuristic.Suspect https://nicolascoolman.eu/2017/02/17/superfluous-bikaq/ =>.Superfluous.BikaQ https://nicolascoolman.eu/2017/02/02/hijacker-browser-2/ =>Hijacker.Browser ---\\Resultaat van reparaties ~ Gerepareerd ~ Browser niet gevonden (Google Chrome) ---\\Statistics ~ Items gescand : 100480 ~ Items gevonden : 38 ~ Items gecancelled : 0 ~ Items gerepareerd : 0 ~ End of search in 00h20mn44s ~==================== ZHPCleaner-[S]-17032017-16_09_36.txt