~ ZHPCleaner v2024.1.19.3 by Nicolas Coolman (2024/01/19)
~ Run by Felipe (Administrator)  (26/01/2024 09:53:34)
~ Web: https://www.nicolascoolman.com
~ Blog: https://nicolascoolman.eu/
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Version OK
~ Certificate ZHPCleaner: Illegal
~ Type : Scan
~ Report : C:\Users\Felipe\Desktop\ZHPCleaner (S).txt
~ Quarantine : C:\Users\Felipe\AppData\Roaming\ZHP\ZHPCleaner_Reg.txt
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
Windows 11, 64-bit  (Build 22631)

---\  Alternate Data Stream (ADS). (0)
~ No malicious or unnecessary items found. (ADS)

---\  Services (0)
~ No malicious or unnecessary items found. (Service)

---\  Browser internet (7)
FOUND file: C:\Users\Felipe\AppData\Local\Google\Chrome\User Data\Default\History    =>.SUP.BrowserHistoric
FOUND file: C:\Users\Felipe\AppData\Local\Microsoft\Edge\User Data\Default\History    =>.SUP.BrowserHistoric
FOUND folder: C:\Users\Felipe\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data  =>.SUP.BrowserCache
FOUND folder: C:\Users\Felipe\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data  =>.SUP.BrowserCache
FOUND folder: C:\Users\Felipe\AppData\Local\Mozilla\Firefox\Profiles\yzj9uwkq.default\Cache2  =>.SUP.BrowserCache
FOUND folder: C:\Users\Felipe\AppData\Local\Mozilla\Firefox\Profiles\fsspuirn.default-release-1648239112721\Cache2  =>.SUP.BrowserCache
FOUND: [fsspuirn.default-release-1648239112721] - user_pref('browser.topsites.contile.cachedTiles', '[{\'id\':74357,\'name\':\'Amazon\',\'url\':\'http[...]  =>PUP.Optional.Booking

---\  Hosts file (1)
~ The hosts file is legitimate (1)

---\  Scheduled automatic tasks. (1)
FOUND task: [FreeDownloadManagerHelperService] [C:\Program Files\Softdeluxe\Free Download Manager\helperservice.exe]  =>PUP.Optional.SearchDonkey

---\  Explorer ( File, Folder) (20)
FOUND file: C:\Users\Felipe\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\BS.Player FREE.lnk  [Bad : C:\Program Files (x86)\Webteh\BSPlayer\bsplayer.exe](.AB Team.)  =>.SUP.ABTeam
FOUND file: C:\Users\Felipe\AppData\Local\Google\Chrome\User Data\Default\Preferences    =>ChromiumPreference
FOUND file: C:\Users\Felipe\AppData\Local\Vivaldi\User Data\Default\Preferences    =>ChromiumPreference
FOUND file: C:\Users\Felipe\AppData\Local\Microsoft\Edge\User Data\Default\Preferences    =>ChromiumPreference
FOUND file: C:\Users\Felipe\AppData\Local\Microsoft\Edge\User Data\Profile 1\Preferences    =>ChromiumPreference
FOUND file: C:\Users\k_mar\AppData\Local\Microsoft\Edge\User Data\Default\Preferences    =>ChromiumPreference
FOUND file: C:\END    =>SUP.Optional.Conduit
FOUND file: C:\Users\Felipe\Downloads\magnific-Zmz3k4oR9q364F1XE1kC-#larrybanequarry #GameofThrones #northernireland #unitedkingdom #series #uk March 28, 2016 at 0731PM_Original.jpeg    =>.SUP.IronSourceLtd
FOUND file: C:\Documents and Settings\Felipe\Downloads\magnific-Zmz3k4oR9q364F1XE1kC-#larrybanequarry #GameofThrones #northernireland #unitedkingdom #series #uk March 28, 2016 at 0731PM_Original.jpeg    =>.SUP.IronSourceLtd
FOUND file: C:\Documents and Settings\k_mar\Downloads\DiscordSetup.exe [Discord Inc. - Discord - https://discord.com/]  =>.SUP.Discord
FOUND folder: C:\Program Files (x86)\Skillbrains\lightshot  =>SUP.Optional.Skillbrains
FOUND folder: C:\Program Files (x86)\Skillbrains\Updater  =>SUP.Optional.Skillbrains
FOUND folder: C:\Program Files (x86)\Webteh\BSPlayer  =>.SUP.ABTeam
FOUND folder: C:\Program Files (x86)\Skillbrains  =>SUP.Optional.Skillbrains
FOUND folder: C:\Program Files (x86)\SSDFresh  =>.SUP.Empty
FOUND folder: C:\Program Files (x86)\Webteh  =>.SUP.ABTeam
FOUND folder: C:\Users\Felipe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc  =>.SUP.Discord
FOUND folder: C:\Users\Felipe\Downloads\PopcornTime  =>.SUP.PopcornTime
FOUND folder: C:\Users\k_mar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc  =>.SUP.Discord
FOUND folder: C:\Documents and Settings\Felipe\Downloads\PopcornTime  =>.SUP.PopcornTime

---\  Registry ( Key, Value, Data) (23)
FOUND value: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\Discord ['C:\Users\Felipe\AppData\Local\Discord\Update.exe']  =>.SUP.Discord
FOUND key: HKEY_USERS\S-1-5-21-3633606873-1387218457-3474124247-1001\SOFTWARE\Conduit []  =>SUP.Optional.Conduit
FOUND key: HKEY_USERS\S-1-5-21-3633606873-1387218457-3474124247-1001\SOFTWARE\Discord []  =>.SUP.Discord
FOUND key: HKEY_USERS\S-1-5-21-3633606873-1387218457-3474124247-1001\SOFTWARE\Popcorn Time []  =>.SUP.PopcornTime
FOUND key: HKEY_USERS\S-1-5-21-3633606873-1387218457-3474124247-1001\SOFTWARE\PopcornTime []  =>.SUP.PopcornTime
FOUND key: HKEY_USERS\S-1-5-21-3633606873-1387218457-3474124247-1001\SOFTWARE\SkillBrains []  =>SUP.Optional.Skillbrains
FOUND key: HKEY_USERS\S-1-5-21-3633606873-1387218457-3474124247-1001\SOFTWARE\Classes\AppXq0pwa73vfcn2qdexp8cexcc6qk87xh1r []  =>Adware.Navipromo
FOUND key: HKEY_USERS\S-1-5-21-3633606873-1387218457-3474124247-1001\SOFTWARE\Classes\Discord [URL:Discord Protocol]  =>.SUP.Discord
FOUND key: HKEY_USERS\S-1-5-21-3633606873-1387218457-3474124247-1001\SOFTWARE\Classes\discord-378435294170447882 [URL:Run game 378435294170447882 protocol]  =>.SUP.Discord
FOUND key: HKEY_USERS\S-1-5-21-3633606873-1387218457-3474124247-1001\SOFTWARE\Classes\discord-477175586805252107 [URL:Run game 477175586805252107 protocol]  =>.SUP.Discord
FOUND key: HKCU\Software\Conduit []  =>SUP.Optional.Conduit
FOUND key: HKCU\Software\Discord []  =>.SUP.Discord
FOUND key: HKCU\Software\Popcorn Time []  =>.SUP.PopcornTime
FOUND key: HKCU\Software\PopcornTime []  =>.SUP.PopcornTime
FOUND key: HKCU\Software\SkillBrains []  =>SUP.Optional.Skillbrains
FOUND key: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Discord [Discord Inc.]  =>.SUP.Discord
FOUND key: [X64] HKLM\SOFTWARE\Classes\.bk3 [TeraCopy.ChecksumFile]  =>.SUP.VirtualGirl
FOUND key: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0123F70F2E9783C4EA7F8DBE0E661261 [22:\Software\Classes\powertoys\components\Launcher_WebSearch_zh_TW_Component (Not File)]  =>PUP.Optional.SimpleSearches
FOUND key: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\04A919A9754E5F74798C8E680FD6ED61 [22:\Software\Classes\powertoys\components\Launcher_WebSearch_hu_HU_Component (Not File)]  =>PUP.Optional.SimpleSearches
FOUND key: [X64] HKLM\SOFTWARE\Wow6432Node\Conduit []  =>SUP.Optional.Conduit
FOUND key: [X64] HKLM\SOFTWARE\Wow6432Node\Skillbrains []  =>SUP.Optional.Skillbrains
FOUND key: [X64] HKLM\SOFTWARE\Wow6432Node\Webteh []  =>.SUP.ABTeam
FOUND key: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1 [Skillbrains]  =>SUP.Optional.Skillbrains

---\  Summary of the elements found (15)
https://nicolascoolman.eu/2023/07/18/les-caches-et-historiques-de-navigateurs/  =>.SUP.BrowserHistoric
https://nicolascoolman.eu/2023/07/18/les-caches-et-historiques-de-navigateurs/  =>.SUP.BrowserCache
https://nicolascoolman.eu/forum/Topic/booking-logiciel-potentiellement-indesirable-pup-lpi/  =>PUP.Optional.Booking
https://nicolascoolman.eu/forum/Topic/searchdonkey-logiciel-potentiellement-indesirable-pup-lpi/  =>PUP.Optional.SearchDonkey
https://nicolascoolman.eu/forum/Topic/logiciels-potentiellement-superflus-lps/  =>.SUP.ABTeam
https://nicolascoolman.eu/2020/10/01/preferences-navigateurs-chromium/  =>ChromiumPreference
https://nicolascoolman.eu/2017/02/06/superfluous-conduit/  =>SUP.Optional.Conduit
https://nicolascoolman.eu/forum/Topic/logiciels-potentiellement-superflus-lps/  =>.SUP.IronSourceLtd
https://nicolascoolman.eu/forum/Topic/Discord-logiciel-potentiellement-superflu-lps/  =>.SUP.Discord
https://nicolascoolman.eu/2019/01/sup-skillbrains  =>SUP.Optional.Skillbrains
https://nicolascoolman.eu/forum/Topic/logiciels-potentiellement-superflus-lps/  =>.SUP.Empty
https://nicolascoolman.eu/2017/02/26/superfluous-popcorntime/  =>.SUP.PopcornTime
https://nicolascoolman.eu/forum/Topic/repaquetage-et-infection/  =>Adware.Navipromo
superfluous-virtualgirl  =>.SUP.VirtualGirl
https://nicolascoolman.eu/forum/Topic/repaquetage-et-infection/  =>PUP.Optional.SimpleSearches

---\ Result of repair
~ Any repair made
~ Google Chrome OK
~ Microsoft Edge OK
~ Mozilla Firefox OK
~ Microsoft Internet Explorer OK

---\ Statistics
~ Items scanned : 119200
~ Items found : 63
~ Items cancelled : 0
~ Space saving (bytes) : 0
~ Items options : 10/18

---\ OPTIONS NOT ACTIVES
~ Temporary file analysis
~ Temporary folder analysis
~ Empty Folder CLSID Analysis
~ Empty Other Folder Analysis
~ Empty LocalLow Folder Analysis
~ Empty Local Folder Analysis
~ Obsolete Installer File Analysis
~ Start browsers with extensions removed

~ End of search in 00h08mn26s

---\  Reports (0)
ZHPCleaner-[S]-26012024-10_02_00.txt