~ ZHPCleaner v2018.4.27.87 by Nicolas Coolman (2018/04/87) ~ Run by Gebruiker (Administrator) (28/04/2018 13:50:45) ~ Web: https://www.nicolascoolman.com ~ Blog: https://nicolascoolman.eu/ ~ Facebook : https://www.facebook.com/nicolascoolman1 ~ State version : Versie OK ~ Certificate ZHPCleaner: Legal ~ Type : Scan ~ Report : C:\Users\Gebruiker\Desktop\ZHPCleaner.txt ~ Quarantine : C:\Users\Gebruiker\AppData\Roaming\ZHP\ZHPCleaner_Reg.txt ~ UAC : Activate ~ Boot Mode : Normal (Normal boot) Windows 10 Pro, 64-bit (Build 16299) ---\\ Alternate Data Stream (ADS). (0) ~ Geen schadelijk of onnodig element gevonden. ---\\ Services (0) ~ Geen schadelijk of onnodig element gevonden. ---\\ Browser internet (1) GEVONDEN: [dd2zqyg9.default] - user_pref("extensions.toolbar.mindspark._8iMembers_.partnerPixelFired", true); =>Adware.Bandoo ---\\ Hosts bestand (2) GEVONDEN: ਍ਣ⁵湣桥捫祟扥杩渍ਣ⁔桥獥⁲畬敳⁷敲攠慤摥搠批⁴桥⁕湣桥捫礠灲潧牡洠楮牤敲⁴漠扬潣欠慤癥牴楳楮朠獯晴睡牥潤畬敳ഊ〮〮〮〠〮〮〮〠⌠晩砠景爠瑲慣敲潵瑥⁡湤整獴慴⁤楳灬慹⁡湯浡汹ഊ〮〮〮〠瑲慣歩湧⹯灥湣慮摹⹣潭⹳㌮慭慺潮慷献捯洍ਰ⸰⸰⸰敤楡⹯灥湣慮摹⹣潭ഊ〮〮〮〠捤渮潰敮捡湤礮捯洍ਰ⸰⸰⸰⁴牡捫楮朮潰敮捡湤礮捯洍ਰ⸰⸰⸰⁡灩⹯灥湣慮摹⹣潭ഊ〮〮〮〠慰椮牥捯浭敮摥摳眮捯洍ਰ⸰⸰⸰⁲瀮祥晥湥物㈮捯洍ਰ⸰⸰⸰献祥晥湥物㈮捯洍ਰ⸰⸰⸰猲⹹敦敮敲椲⹣潭ഊ〮〮〮〠楮獴慬汥爮扥瑴敲楮獴慬汥爮捯洍ਰ⸰⸰⸰⁩湳瑡汬敲⹦楬敢畬汤潧⹣潭ഊ〮〮〮〠搳潸瑮ㅸ㍢㡤㝩⹣汯畤晲潮琮湥琍ਰ⸰⸰⸰⁩湮漮扩獲瘮捯洍ਰ⸰⸰⸰獩献扩獲瘮捯洍ਰ⸰⸰⸰⁣摮⹦楬攲摥獫瑯瀮捯洍ਰ⸰⸰⸰⁣摮⹧潡瑥慳瑣慣栮畳ഊ〮〮〮〠捤渮杵瑴慳瑡瑤欮畳ഊ〮〮〮〠捤渮楮獫楮浥摩愮捯洍ਰ⸰⸰⸰⁣摮⹩湳瑡⹯楢畮摬敳㈮捯洍ਰ⸰⸰⸰⁣摮⹩湳瑡⹰污祢特瑥⹣潭ഊ〮〮〮〠捤渮汬潧整晡獴捡捨⹵猍ਰ⸰⸰⸰⁣摮⹭潮瑩敲愮捯洍ਰ⸰⸰⸰⁣摮⹭獤睮汤⹣潭ഊ〮〮〮〠捤渮浹灣扡捫異⹣潭ഊ〮〮〮〠捤渮灰摯睮汯慤⹣潭ഊ〮〮〮〠捤渮物捥慴敡獴捡捨⹵猍ਰ⸰⸰⸰⁣摮⹳桹慰潴慴漮畳ഊ〮〮〮〠捤渮獯汩浢愮捯洍ਰ⸰⸰⸰⁣摮⹴畴漴灣⹣潭ഊ〮〮〮〠捤渮慰灲潵湤⹢楺ഊ〮〮〮〠捤渮扩杳灥敤灲漮捯洍ਰ⸰⸰⸰⁣摮⹢楳灤⹣潭ഊ〮〮〮〠捤渮扩獲瘮捯洍ਰ⸰⸰⸰⁣摮⹣摮摰⹣潭ഊ〮〮〮〠捤渮摯睮汯慤⹳睥整灡捫献捯洍ਰ⸰⸰⸰⁣摮⹤灤潷湬潡搮捯洍ਰ⸰⸰⸰⁣摮⹶楳畡汢敥⹮整ഊ⌠畮捨散歹彥湤ഊ =>Hijacker.Hosts Aantal gevonden redirections 1/3 ---\\ Scheduled automatic tasks. (0) ~ Geen schadelijk of onnodig element gevonden. ---\\ Explorer ( Bestand, Map) (23) GEVONDEN bestand: C:\Users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\dd2zqyg9.default\storage\default\https+++en.softonic.com\.metadata =>.SUP.Softonic GEVONDEN bestand: C:\Users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\dd2zqyg9.default\storage\default\https+++en.softonic.com\.metadata-v2 =>.SUP.Softonic GEVONDEN bestand: C:\Users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\dd2zqyg9.default\storage\default\https+++en.softonic.com\idb\12183338011.sqlite =>.SUP.Softonic GEVONDEN bestand: C:\Users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\dd2zqyg9.default\storage\default\https+++en.softonic.com\idb\993782502OBNDE__KSDISG_NLA.sqlite =>.SUP.Softonic GEVONDEN map: C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\afmkbjoakcacgljcdccofbffloabfbni =>Heuristic.Suspect GEVONDEN bestand: C:\Program Files\KMSpico\AutoPico.exe [@ByELDI - AutoPico] =>HackTool.KMSpico GEVONDEN bestand: C:\Program Files\KMSpico\DevComponents.DotNetBar2.dll [DevComponents.com - DevComponents.DotNetBar] =>HackTool.KMSpico GEVONDEN bestand: C:\Program Files\KMSpico\DM.bin =>HackTool.KMSpico GEVONDEN bestand: C:\Program Files\KMSpico\KMSELDI.exe [@ByELDI - KMS GUI ELDI] =>HackTool.KMSpico GEVONDEN bestand: C:\Program Files\KMSpico\unins000.dat =>HackTool.KMSpico GEVONDEN bestand: C:\Program Files\KMSpico\unins000.exe [ - Setup/Uninstall] =>HackTool.KMSpico GEVONDEN bestand: C:\Program Files\KMSpico\UninsHs.exe [Han-soft - Uninstall for InnoSetup by Han-soft] =>HackTool.KMSpico GEVONDEN bestand: C:\Program Files\KMSpico\Vestris.ResourceLib.dll [Vestris Inc. - ResourceLib] =>HackTool.KMSpico GEVONDEN map: C:\Program Files\KMSpico\cert =>HackTool.KMSpico GEVONDEN map: C:\Program Files\KMSpico\driver =>HackTool.KMSpico GEVONDEN map: C:\Program Files\KMSpico\icons =>HackTool.KMSpico GEVONDEN map: C:\Program Files\KMSpico\logs =>HackTool.KMSpico GEVONDEN map: C:\Program Files\KMSpico\scripts =>HackTool.KMSpico GEVONDEN map: C:\Program Files\KMSpico\sounds =>HackTool.KMSpico GEVONDEN map: C:\Program Files\KMSpico\TokensBackup =>HackTool.KMSpico GEVONDEN map: C:\Program Files\KMSpico =>HackTool.KMSpico GEVONDEN map: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico =>HackTool.KMSpico GEVONDEN map: C:\Users\Gebruiker\AppData\LocalLow\IObit\Advanced SystemCare =>.SUP.AdvancedSystemCare ---\\ Register ( Sleutel, Waarde, Data) (7) GEVONDEN sleutel: [X64] HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\afmkbjoakcacgljcdccofbffloabfbni [] =>Heuristic.Suspect GEVONDEN sleutel: HKEY_USERS\S-1-5-21-1954472655-1168246238-1069675423-1001\SOFTWARE\GreenTree Applications [] =>.SUP.GreenTreeApp GEVONDEN sleutel: HKCU\Software\GreenTree Applications [] =>.SUP.GreenTreeApp GEVONDEN sleutel: HKLM\SOFTWARE\IObit\RealTimeProtector [] =>.SUP.AdvancedSystemCare GEVONDEN sleutel: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1 [KMSpico] =>HackTool.KMSpico GEVONDEN waarde: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run\\Advanced SystemCare 9 [0x020000000000000000000000] =>.SUP.AdvancedSystemCare GEVONDEN waarde: HKEY_USERS\S-1-5-21-1954472655-1168246238-1069675423-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run\\Advanced SystemCare 9 [0x020000000000000000000000] =>.SUP.AdvancedSystemCare ---\\ Samenvatting van elementen gevonden op uw werkstation (7) https://nicolascoolman.eu/2017/02/23/adware-bandoo/ =>Adware.Bandoo https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>Hijacker.Hosts https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.SUP.Softonic https://nicolascoolman.eu/2017/01/28/heuristic-suspect/ =>Heuristic.Suspect https://nicolascoolman.eu/2017/02/16/hacktool-kmspico/ =>HackTool.KMSpico https://nicolascoolman.eu/2017/12/26/sup-advancedsystemcare/ =>.SUP.AdvancedSystemCare https://www.anti-malware.top/2016/09/10/superfluous-greentreeapp/ =>.SUP.GreenTreeApp ---\\Resultaat van reparaties ~ Gerepareerd ~ Browser niet gevonden (Opera Software) ---\\Statistics ~ Items gescand : 106063 ~ Items gevonden : 35 ~ Items gecancelled : 0 ~ Items opties : 0/7 ~ Ruimtebesparend (bytes) : 0 ~ End of search in 00h07mn21s ZHPCleaner-[S]-28042018-13_58_06.txt