~ ZHPCleaner v2022.7.25.50 by Nicolas Coolman (2022/07/25)
~ Run by Ramon Fiaux (Administrator) (27/07/2022 07:52:13)
~ Web: https://www.nicolascoolman.com
~ Blog: https://nicolascoolman.eu/
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Version OK
~ Certificate ZHPCleaner: Legal
~ Type : Scan
~ Report : C:\Users\Ramon Fiaux\OneDrive\Área de Trabalho\ZHPCleaner (S).txt
~ Quarantine : C:\Users\Ramon Fiaux\AppData\Roaming\ZHP\ZHPCleaner_Reg.txt
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
Windows 10 Home Single Language, 64-bit (Build 22000)

---\ Alternate Data Stream (ADS). (0)
~ No malicious or unnecessary items found. (ADS)

---\ Services (0)
~ No malicious or unnecessary items found. (Service)

---\ Browser internet (0)
~ No malicious or unnecessary items found. (Browser)

---\ Hosts file (3)
FOUND: 177.54.149.101 ip-177-54-149-101.lazerpenguin.com =>Hijacker.Hosts
FOUND: 177.54.149.118 ip-177-54-149-118.lazerpenguin.com =>Hijacker.Hosts
Number of found redirections 2/5

---\ Scheduled automatic tasks. (0)
~ No malicious or unnecessary items found. (Task)

---\ Explorer ( File, Folder) (5)
FOUND file: C:\Users\Ramon Fiaux\AppData\Local\Google\Chrome\User Data\Default\Preferences =>ChromiumPreference
FOUND file: C:\Users\Ramon Fiaux\AppData\Local\Microsoft\Edge\User Data\Default\Preferences =>ChromiumPreference
FOUND file: C:\Users\Ramon Fiaux\Downloads\0x80090010-outbyte-pc-repair.exe [Outbyte - Outbyte PC Repair Installation File] =>SUP.Optional.Outbyte
FOUND file: C:\Documents and Settings\Ramon Fiaux\Downloads\0x80090010-outbyte-pc-repair.exe [Outbyte - Outbyte PC Repair Installation File] =>SUP.Optional.Outbyte
FOUND folder: C:\Program Files (x86)\DummyDir =>.SUP.Empty

---\ Registry ( Key, Value, Data) (4)
FOUND value: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\GoogleChromeAutoLaunch_7ACC9AA893EE72F153EE68F147E9E20F ['C:\Program Files\Google\Chrome\Application\chrome] =>PUP.Optional.MyBrowser
FOUND key: HKEY_USERS\S-1-5-21-4192884717-58469100-4038748977-1001\SOFTWARE\Classes\AppXq0pwa73vfcn2qdexp8cexcc6qk87xh1r [] =>Adware.Navipromo
FOUND data: HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{41be297c-b4de-40e5-a3f5-50db9288b5ce}\\DhcpNameServer [Bad : 172.18.15.1] =>Hijacker.Browser
FOUND data: HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{75dfd2ad-e776-49d9-9a45-634cc02b0ffa}\\DhcpNameServer [Bad : 186.223.160.75 186.223.160.80] =>Hijacker.Browser

---\ Summary of the elements found (7)
https://nicolascoolman.eu/forum/Topic/repaquetage-et-infection/ =>Hijacker.Hosts
https://nicolascoolman.eu/2020/10/01/preferences-navigateurs-chromium/ =>ChromiumPreference
https://nicolascoolman.eu/forum/Topic/-logiciel-potentiellement-superflu-lps/ =>SUP.Optional.Outbyte
https://nicolascoolman.eu/forum/Topic/logiciels-potentiellement-superflus-lps/ =>.SUP.Empty
https://nicolascoolman.eu/2017/11/01/adware-mybrowser/ =>PUP.Optional.MyBrowser
https://nicolascoolman.eu/forum/Topic/repaquetage-et-infection/ =>Adware.Navipromo
https://nicolascoolman.eu/2017/11/10/hijacker-browser-3/ =>Hijacker.Browser

---\ Result of repair
~ Any repair made
~ Google Chrome OK
~ Internet Explorer OK

---\ Statistics
~ Items scanned : 100467
~ Items found : 14
~ Items cancelled : 0
~ Space saving (bytes) : 0
~ Items options : 9/17

---\ OPTIONS NOT ACTIVES
~ Temporary file analysis
~ Temporary folder analysis
~ Empty Folder CLSID Analysis
~ Empty Other Folder Analysis
~ Empty LocalLow Folder Analysis
~ Empty Local Folder Analysis
~ Obsolete Installer File Analysis
~ Start browsers with extensions removed

~ End of search in 00h05mn52s

---\ Reports (0)
ZHPCleaner-[S]-27072022-07_58_05.txt