~ ZHPCleaner v2020.1.12.169 by Nicolas Coolman (2020/01/12) ~ Run by luc de vreese (Administrator) (17/01/2020 17:11:31) ~ Web: https://www.nicolascoolman.com ~ Blog: https://nicolascoolman.eu/ ~ Facebook : https://www.facebook.com/nicolascoolman1 ~ State version : Versie OK ~ Type : Scan ~ Report : C:\Users\luc de vreese\Desktop\ZHPCleaner (S).txt ~ Quarantine : C:\Users\luc de vreese\AppData\Roaming\ZHP\ZHPCleaner_Reg.txt ~ System Restore Point : ~ UAC : Activate ~ Boot Mode : Normal (Normal boot) Windows 10 Home, 64-bit (Build 18363) ---\\ Alternate Data Stream (ADS). (0) ~ Geen schadelijk of onnodig element gevonden. ---\\ Services (0) ~ Geen schadelijk of onnodig element gevonden. ---\\ Browser internet (0) ~ Geen schadelijk of onnodig element gevonden. ---\\ Hosts bestand (9) GEVONDEN: 111.118.212.124 s7.addthis.com =>Hijacker.Hosts GEVONDEN: 111.118.212.124 contextual.media.net =>Hijacker.Hosts GEVONDEN: 111.118.212.124 connect.facebook.net =>Hijacker.Hosts GEVONDEN: 111.118.212.124 s3.buysellads.com =>Hijacker.Hosts GEVONDEN: 111.118.212.124 resources.infolinks.com =>Hijacker.Hosts GEVONDEN: 111.118.212.124 stats.g.doubleclick.net =>Hijacker.Hosts GEVONDEN: 111.118.212.124 www.googletagmanager.com =>Hijacker.Hosts GEVONDEN: 111.118.212.124 google-analytics.com =>Hijacker.Hosts Aantal gevonden redirections 8/51 ---\\ Scheduled automatic tasks. (0) ~ Geen schadelijk of onnodig element gevonden. ---\\ Explorer ( Bestand, Map) (67) GEVONDEN bestand: C:\Windows\Prefetch\TOTALAV.EXE-775A7881.pf =>SUP.Optional.TotalAV GEVONDEN bestand: C:\Windows\Prefetch\TOTALAV_SETUP.EXE-68C0BD18.pf =>SUP.Optional.TotalAV GEVONDEN bestand: C:\Users\luc de vreese\Downloads\TotalAV_Setup.exe [(C) SS Protect Ltd - TotalAV Ultimate Antivirus Installer] =>SUP.Optional.TotalAV GEVONDEN bestand: C:\Users\luc de vreese\AppData\Local\Temp\aria-debug-1248.log =>.SUP.Temporary.OneDrive GEVONDEN bestand: C:\Users\luc de vreese\AppData\Local\Temp\aria-debug-240.log =>.SUP.Temporary.OneDrive GEVONDEN bestand: C:\Users\luc de vreese\AppData\Local\Temp\dd_BackgroundDownload_20200117124358.log =>.SUP.Temporary.Empty GEVONDEN bestand: C:\Users\luc de vreese\AppData\Local\Temp\dd_BackgroundDownload_20200117143249_00_setup_errors.log =>.SUP.Temporary.Empty GEVONDEN bestand: C:\Users\luc de vreese\AppData\Local\Temp\dd_BackgroundDownload_20200117143249_result_Success.log =>.SUP.Temporary.Empty GEVONDEN bestand: C:\Users\luc de vreese\AppData\Local\Temp\dd_BackgroundDownload_20200117153823.log =>.SUP.Temporary.Empty GEVONDEN bestand: C:\Users\luc de vreese\AppData\Local\Temp\IMG-20200116-WA0000 (2).jpg =>.SUP.Temporary.Picture GEVONDEN bestand: C:\Users\luc de vreese\AppData\Local\Temp\IMG-20200116-WA0000.jpg =>.SUP.Temporary.Picture GEVONDEN bestand: C:\Users\luc de vreese\AppData\Local\Temp\mat-debug-10268.log =>.SUP.Temporary.Empty GEVONDEN bestand: C:\Users\luc de vreese\AppData\Local\Temp\mat-debug-10548.log =>.SUP.Temporary.Empty GEVONDEN bestand: C:\Users\luc de vreese\AppData\Local\Temp\mat-debug-10972.log =>.SUP.Temporary.Empty GEVONDEN bestand: C:\Users\luc de vreese\AppData\Local\Temp\mat-debug-12496.log =>.SUP.Temporary.Empty GEVONDEN bestand: C:\Users\luc de vreese\AppData\Local\Temp\mat-debug-12500.log =>.SUP.Temporary.Empty GEVONDEN bestand: C:\Users\luc de vreese\AppData\Local\Temp\mat-debug-13620.log =>.SUP.Temporary.Empty GEVONDEN bestand: C:\Users\luc de vreese\AppData\Local\Temp\mat-debug-14300.log =>.SUP.Temporary.Empty GEVONDEN bestand: C:\Users\luc de vreese\AppData\Local\Temp\mat-debug-14860.log =>.SUP.Temporary.Empty GEVONDEN bestand: C:\Users\luc de vreese\AppData\Local\Temp\mat-debug-15080.log =>.SUP.Temporary.Empty GEVONDEN bestand: C:\Users\luc de vreese\AppData\Local\Temp\mat-debug-2716.log =>.SUP.Temporary.Empty GEVONDEN bestand: C:\Users\luc de vreese\AppData\Local\Temp\mat-debug-2892.log =>.SUP.Temporary.Empty GEVONDEN bestand: C:\Users\luc de vreese\AppData\Local\Temp\mat-debug-3748.log =>.SUP.Temporary.Empty GEVONDEN bestand: C:\Users\luc de vreese\AppData\Local\Temp\mat-debug-3896.log =>.SUP.Temporary.Empty GEVONDEN bestand: C:\Users\luc de vreese\AppData\Local\Temp\mat-debug-4872.log =>.SUP.Temporary.Empty GEVONDEN bestand: C:\Users\luc de vreese\AppData\Local\Temp\mat-debug-5704.log =>.SUP.Temporary.Empty GEVONDEN bestand: C:\Users\luc de vreese\AppData\Local\Temp\mat-debug-6040.log =>.SUP.Temporary.Empty GEVONDEN bestand: C:\Users\luc de vreese\AppData\Local\Temp\mat-debug-6204.log =>.SUP.Temporary.Empty GEVONDEN bestand: C:\Users\luc de vreese\AppData\Local\Temp\mat-debug-6460.log =>.SUP.Temporary.Empty GEVONDEN bestand: C:\Users\luc de vreese\AppData\Local\Temp\mat-debug-6896.log =>.SUP.Temporary.Empty GEVONDEN bestand: C:\Users\luc de vreese\AppData\Local\Temp\mat-debug-6956.log =>.SUP.Temporary.Empty GEVONDEN bestand: C:\Users\luc de vreese\AppData\Local\Temp\mat-debug-7148.log =>.SUP.Temporary.Empty GEVONDEN bestand: C:\Users\luc de vreese\AppData\Local\Temp\mat-debug-7968.log =>.SUP.Temporary.Empty GEVONDEN bestand: C:\Users\luc de vreese\AppData\Local\Temp\mat-debug-7980.log =>.SUP.Temporary.Empty GEVONDEN bestand: C:\Users\luc de vreese\AppData\Local\Temp\mat-debug-8056.log =>.SUP.Temporary.Empty GEVONDEN bestand: C:\Users\luc de vreese\AppData\Local\Temp\mat-debug-8152.log =>.SUP.Temporary.Empty GEVONDEN bestand: C:\Users\luc de vreese\AppData\Local\Temp\mat-debug-8232.log =>.SUP.Temporary.Empty GEVONDEN bestand: C:\Users\luc de vreese\AppData\Local\Temp\mat-debug-8452.log =>.SUP.Temporary.Empty GEVONDEN bestand: C:\Users\luc de vreese\AppData\Local\Temp\mat-debug-9148.log =>.SUP.Temporary.Empty GEVONDEN bestand: C:\Users\luc de vreese\AppData\Local\Temp\mat-debug-9468.log =>.SUP.Temporary.Empty GEVONDEN bestand: C:\Users\luc de vreese\AppData\Local\Temp\mat-debug-9476.log =>.SUP.Temporary.Empty GEVONDEN bestand: C:\Users\luc de vreese\AppData\Local\Temp\mat-debug-9480.log =>.SUP.Temporary.Empty GEVONDEN bestand: C:\Users\luc de vreese\AppData\Local\Temp\mat-debug-9484.log =>.SUP.Temporary.Empty GEVONDEN bestand: C:\Users\luc de vreese\AppData\Local\Temp\mat-debug-9860.log =>.SUP.Temporary.Empty GEVONDEN bestand: C:\Users\luc de vreese\AppData\Local\Temp\mat-debug-9864.log =>.SUP.Temporary.Empty GEVONDEN bestand: C:\Users\luc de vreese\AppData\Local\Temp\mat-debug-9912.log =>.SUP.Temporary.Empty GEVONDEN bestand: C:\Users\luc de vreese\AppData\Local\Temp\tmpA2E0.tmp =>.SUP.Temporary.Other GEVONDEN bestand: C:\Users\luc de vreese\AppData\Local\Temp\wct40B5.tmp =>.SUP.Temporary.Office GEVONDEN bestand: C:\Users\luc de vreese\AppData\Local\Temp\wct6701.tmp =>.SUP.Temporary.Office GEVONDEN bestand: C:\Users\luc de vreese\AppData\Local\Temp\~cxd14836_7748_{D9553979-9B57-47A2-B0F5-362BF4416005}.tmp =>.SUP.Temporary.Empty GEVONDEN bestand: C:\Documents and Settings\luc de vreese\Downloads\TotalAV_Setup.exe [(C) SS Protect Ltd - TotalAV Ultimate Antivirus Installer] =>SUP.Optional.TotalAV GEVONDEN map: C:\ProgramData\TotalAV\cache =>SUP.Optional.TotalAV GEVONDEN map: C:\ProgramData\TotalAV\data =>SUP.Optional.TotalAV GEVONDEN map: C:\ProgramData\TotalAV\logs =>SUP.Optional.TotalAV GEVONDEN map: C:\ProgramData\TotalAV\queues =>SUP.Optional.TotalAV GEVONDEN map: C:\ProgramData\TotalAV\updates =>SUP.Optional.TotalAV GEVONDEN map: C:\ProgramData\TotalAV =>SUP.Optional.TotalAV GEVONDEN map: C:\WINDOWS\System32\config\systemprofile\AppData\Roaming\TotalAV\5.0.0 =>SUP.Optional.TotalAV GEVONDEN map: C:\WINDOWS\System32\config\systemprofile\AppData\Roaming\TotalAV =>SUP.Optional.TotalAV GEVONDEN map: C:\Users\luc de vreese\Documents\TotalAV\PasswordVault =>SUP.Optional.TotalAV GEVONDEN map: C:\Users\luc de vreese\Documents\TotalAV =>SUP.Optional.TotalAV GEVONDEN bestand: C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\TotalAV\vdf_1579264201.zip =>SUP.Optional.TotalAV GEVONDEN map: C:\WINDOWS\SysWOW64\config\systemprofile\AppData\Roaming\TotalAV\5.0.0 =>SUP.Optional.TotalAV GEVONDEN map: C:\WINDOWS\SysWOW64\config\systemprofile\AppData\Roaming\TotalAV =>SUP.Optional.TotalAV GEVONDEN map: C:\Documents and Settings\luc de vreese\Documents\TotalAV\PasswordVault =>SUP.Optional.TotalAV GEVONDEN map: C:\Documents and Settings\luc de vreese\Documents\TotalAV =>SUP.Optional.TotalAV GEVONDEN map: C:\ProgramData\SecuritySuite =>SUP.Optional.ScanGuard ---\\ Register ( Sleutel, Waarde, Data) (4) GEVONDEN sleutel: [X64] HKLM\SOFTWARE\Classes\totalav [URL:Total AV Protocol] =>SUP.Optional.TotalAV GEVONDEN sleutel: [X64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\KMSAutoNet [] =>HackTool.WinActivator GEVONDEN sleutel: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\TotalAV_RASAPI32 [] =>SUP.Optional.TotalAV GEVONDEN sleutel: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\TotalAV_RASMANCS [] =>SUP.Optional.TotalAV ---\\ Samenvatting van elementen gevonden op uw werkstation (9) https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>Hijacker.Hosts https://nicolascoolman.eu/2019/08/totalav-optimzer-zone-antimalware.jpg =>SUP.Optional.TotalAV https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.SUP.Temporary.OneDrive https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.SUP.Temporary.Empty https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.SUP.Temporary.Picture https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.SUP.Temporary.Other https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.SUP.Temporary.Office https://nicolascoolman.eu/2017/12/21/sup-scanguard/ =>SUP.Optional.ScanGuard https://nicolascoolman.eu/2017/01/13/hacktool-winactivator/ =>HackTool.WinActivator ---\\Resultaat van reparaties ~ Gerepareerd ~ Google Chrome OK ~ Mozilla Firefox OK ~ Internet Explorer OK ---\\Statistics ~ Items gescand : 119610 ~ Items gevonden : 95 ~ Items gecancelled : 0 ~ Items opties : 15/15 ~ Ruimtebesparend (bytes) : 8591126 ~ End of search in 00h14mn32s ---\\ Rapports (5) ZHPCleaner-[R]-10012020-16_40_28.txt ZHPCleaner-[R]-16012020-07_16_03.txt ZHPCleaner-[S]-10012020-16_39_38.txt ZHPCleaner-[S]-16012020-07_15_17.txt ZHPCleaner-[S]-17012020-17_26_03.txt