~ ZHPCleaner v2016.7.8.83 by Nicolas Coolman (2016/08/08) ~ Run by Bill (Administrator) (10/07/2016 13:11:27) ~ Site : http://www.nicolascoolman.com ~ Facebook : https://www.facebook.com/nicolascoolman1 ~ State version : Version OK ~ Type : Scan ~ Report : C:\Users\Bill\Desktop\ZHPCleaner.txt ~ Quarantine : C:\Users\Bill\AppData\Roaming\ZHP\ZHPCleaner_Quarantine.txt ~ UAC : Activate ~ Boot Mode : Normal (Normal boot) Windows 10 Home, 64-bit (Build 10586) ---\\ Services (2) [S] FOUND : BugFixxer =>PUP.Optional.SysSecure [S] FOUND : SysSecure =>PUP.Optional.SysSecure ---\\ Browser internet (0) ~ No malicious or unnecessary items found. ---\\ Hosts file (1) ~ The hosts file is legitimate (31) ---\\ Scheduled automatic tasks. (2) FOUND task: [ProPCCleaner_Popup] [C:\Program Files (x86)\Pro PC Cleaner\Splash.exe (Not File) ] =>.Superfluous.DoctorPC FOUND task: [ProPCCleaner_Start] [C:\Program Files (x86)\Pro PC Cleaner\ProPCCleaner.exe (Not File) ] =>.Superfluous.DoctorPC ---\\ Explorer ( File, Folder) (35) FOUND file: C:\Windows\BugFixxer\1004\BugFixxer.exe [Copyright © 2016 - BugFixxer] =>PUP.Optional.SysSecure FOUND file: C:\Windows\SysSecure\16.7.2.1\SysSecure.exe [Copyright © 2016 - WinShellService] =>PUP.Optional.SysSecure FOUND file: C:\Windows\Prefetch\BUGFIXXERSETUP.EXE-9B96A885.pf =>PUP.Optional.SysSecure FOUND file: C:\Windows\Prefetch\BUGFIXXERSETUP.TMP-D4E46738.pf =>PUP.Optional.SysSecure FOUND file: C:\Windows\Prefetch\SYSSECURESETUP.EXE-51C10C67.pf =>PUP.Optional.SysSecure FOUND file: C:\Windows\Prefetch\SYSSECURESETUP.TMP-DD3FED9C.pf =>PUP.Optional.SysSecure FOUND file: C:\Program Files (x86)\Decal Master\debug.txt =>PUP.Optional.DealSter FOUND file: C:\Program Files (x86)\Decal Master\DecalMaster.config =>PUP.Optional.DealSter FOUND file: C:\Program Files (x86)\Decal Master\DecalMaster.exe [ - DecalMaster] =>PUP.Optional.DealSter FOUND file: C:\Program Files (x86)\Decal Master\DecalMasterA.jpg =>PUP.Optional.DealSter FOUND file: C:\Program Files (x86)\Decal Master\DecalMasterT.jpg =>PUP.Optional.DealSter FOUND file: C:\Program Files (x86)\Decal Master\license.txt =>PUP.Optional.DealSter FOUND file: C:\Program Files (x86)\Decal Master\QuickGuide.html =>PUP.Optional.DealSter FOUND file: C:\Program Files (x86)\Decal Master\Readme.txt =>PUP.Optional.DealSter FOUND folder: C:\Program Files (x86)\Decal Master\Library =>PUP.Optional.DealSter FOUND folder: C:\Program Files (x86)\Decal Master =>PUP.Optional.DealSter FOUND folder: C:\WINDOWS\BugFixxer\1004 =>PUP.Optional.SysSecure FOUND folder: C:\WINDOWS\SysSecure\16.7.2.1 =>PUP.Optional.SysSecure FOUND folder: C:\WINDOWS\BugFixxer =>PUP.Optional.SysSecure FOUND folder: C:\WINDOWS\SysSecure =>PUP.Optional.SysSecure FOUND folder: C:\WINDOWS\System32\config\systemprofile\AppData\Local\BugFixxer\BinEssentials.exe_Url_mo2fldk1xrb1geltcvzki4zbw3auidlr =>PUP.Optional.SysSecure FOUND folder: C:\WINDOWS\System32\config\systemprofile\AppData\Local\BugFixxer\BugFixxer.exe_Url_w3us4urioyg4ico55lkegsseajnxdjr1 =>PUP.Optional.SysSecure FOUND folder: C:\WINDOWS\System32\config\systemprofile\AppData\Local\SysSecureService\SysSecure.exe_Url_3iqmuljp4nvckclk42xavhvwochnhhe2 =>PUP.Optional.SysSecure FOUND folder: C:\WINDOWS\System32\config\systemprofile\AppData\Local\SysSecureService\SysSecure.exe_Url_e3qs3nabgp1i3evytdxemp0axf0bgq3m =>PUP.Optional.SysSecure FOUND folder: C:\WINDOWS\System32\config\systemprofile\AppData\Local\BugFixxer =>PUP.Optional.SysSecure FOUND folder: C:\WINDOWS\System32\config\systemprofile\AppData\Local\SysSecureService =>PUP.Optional.SysSecure FOUND file: C:\Users\Bill\Documents\ProPCCleaner\log.txt =>.Superfluous.DoctorPC FOUND file: C:\Users\Bill\Documents\ProPCCleaner\logerror.txt =>.Superfluous.DoctorPC FOUND folder: C:\Users\Bill\Documents\ProPCCleaner =>.Superfluous.DoctorPC FOUND file: C:\Users\Bill\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DecalMaster\DecalMaster.lnk =>PUP.Optional.DealSter FOUND folder: C:\Users\Bill\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DecalMaster =>PUP.Optional.DealSter FOUND folder: C:\Users\Bill\AppData\Local\CrashRpt\UnsentCrashReports =>.Superfluous.CrashReports FOUND folder: C:\Users\Bill\AppData\Local\Rainmaker_Software_Group_\ProPCCleaner.exe_Url_twd2ze3eaqaiwzlxig5riiby3fd4fyue =>.Superfluous.DoctorPC FOUND folder: C:\Users\Bill\AppData\Local\CrashRpt =>.Superfluous.CrashReports FOUND folder: C:\Users\Bill\AppData\Local\Rainmaker_Software_Group_ =>.Superfluous.DoctorPC ---\\ Registry ( Key, Value, Data) (20) FOUND key: HKCU\Software\SmithMicroDLM [] =>Heuristic.InstallCore FOUND key: HKLM\SYSTEM\CurrentControlSet\Services\BugFixxer [C:\Windows\BugFixxer\1004\BugFixxer.exe] =>PUP.Optional.SysSecure FOUND key: HKLM\SYSTEM\CurrentControlSet\Services\SysSecure [C:\Windows\SysSecure\16.7.2.1\SysSecure.exe] =>PUP.Optional.SysSecure FOUND key: HKEY_USERS\S-1-5-21-3275827610-2315067803-2198367447-1007\SOFTWARE\GreenTree Applications [] =>.Superfluous.GreenTreeApp FOUND key: HKEY_USERS\S-1-5-21-3275827610-2315067803-2198367447-1007\SOFTWARE\ProPCCleanerConfig [] =>.Superfluous.DoctorPC FOUND key: HKEY_USERS\S-1-5-21-3275827610-2315067803-2198367447-1007\SOFTWARE\ProPCCleanerLanguage [] =>.Superfluous.DoctorPC FOUND key: HKCU\Software\GreenTree Applications [] =>.Superfluous.GreenTreeApp FOUND key: HKCU\Software\ProPCCleanerConfig [] =>.Superfluous.DoctorPC FOUND key: HKCU\Software\ProPCCleanerLanguage [] =>.Superfluous.DoctorPC FOUND data: HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{86d10e82-c1c6-4c06-9332-a0e79a9c4ea4}\\DhcpNameServer [Bad : 61.9.194.49 61.9.195.193] =>Hijacker.Browser FOUND data: HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{9a989058-e3bd-4257-886b-337548dc1daf}\\DhcpNameServer [Bad : 61.9.194.49 61.9.195.193] =>Hijacker.Browser FOUND data: HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{a8d88ea3-ee60-4135-881b-4ba02d03ae88}\\DhcpNameServer [Bad : 61.9.194.49 61.9.195.193] =>Hijacker.Browser FOUND data: HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\\DhcpNameServer [Bad : 61.9.194.49 61.9.195.193] =>Hijacker.Browser FOUND key: [X64] HKLM\SOFTWARE\Microsoft\Tracing\SysSecure_RASAPI32 [] =>PUP.Optional.SysSecure FOUND key: [X64] HKLM\SOFTWARE\Microsoft\Tracing\SysSecure_RASMANCS [] =>PUP.Optional.SysSecure FOUND key: [X64] HKLM\SOFTWARE\Wow6432Node\GreenTree Applications [] =>.Superfluous.GreenTreeApp FOUND key: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Jammin' JeanZ for Genesis JeanZ 1.0 [DAZ 3D] =>PUP.Optional.Genesis FOUND key: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Just Real JeanZ for Genesis JeanZ 1.0 [DAZ 3D] =>PUP.Optional.Genesis FOUND key: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{746390A3-6C32-4253-ADDF-8F235AE19E7A}_is1 [SysSecure] =>PUP.Optional.SysSecure FOUND key: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} [Google Inc.] =>Heuristic.Suspect ---\\ Summary of the elements found (9) https://www.nicolascoolman.info/2016/05/13/pup-optional-syssecure/ =>PUP.Optional.SysSecure http://www.nicolascoolman.fr/?p=5145 =>.Superfluous.DoctorPC http://www.nicolascoolman.fr/?p=4664 =>PUP.Optional.DealSter http://www.nicolascoolman.fr/?p=5145 =>.Superfluous.CrashReports http://www.nicolascoolman.fr/?p=4664 =>Heuristic.InstallCore http://www.nicolascoolman.fr/?p=5145 =>.Superfluous.GreenTreeApp http://www.nicolascoolman.fr/hijacker-browser/ =>Hijacker.Browser http://www.nicolascoolman.fr/?p=974 =>PUP.Optional.Genesis https://www.nicolascoolman.info/2016/04/22/heuristic-suspect/ =>Heuristic.Suspect