Jump to content
CCleaner Community Forums
eL_PuSHeR

ZHPCleaner - Adware/pups/malware removal tool

Recommended Posts

Hello.

 

http://www.nicolascoolman.fr/

 

Direct download link: http://www.nicolascoolman.fr/download/zhpcleaner-2/

 

This is a malware/pups/adware removal tool similar to Xplode's AdwCleaner.

 

This one does a more thorough cleaning so, check the logs (and untick these items you don't want cleaned) before proceeding.

 

It's gets updated A LOT. That means twice a day or so.

 

When first run, it will install itself under the %APPDATA%\ZHP folder and it will create two shortcuts on desktop.

 

To fully remove it,just delete those two shorcuts and the ZHP folder.

Share this post


Link to post
Share on other sites

Damn it. I am not sure if posting these kind of threads is allowed here. If not, my apologies. And feel free to move this topic to the security section if applicable.

Share this post


Link to post
Share on other sites

Just tried it here on xp.

Found some PUPS. 

Has the option to check each entry before quarantining. 

Nice one, eL_P.  :)

Share this post


Link to post
Share on other sites

Hello eL_PuSHeR - Thank you for providing us with his little gem. For months now I've been having problems with I.E. 11 randomly freezing and/or crashing, and the usual fixes haven't solved anything. During that time, I was running regular scans with Avast, Malwarebytes, and Trend Micro Housecall. Each of them reported no problems with regard to viruses or malware being present on the system. The first time I ran ZHP Cleaner, it reported a browser hijacker had been installed to the Windows registry and quarantined it. Since then, no more problems with I.E. 11. Thanks again. - Derek

Share this post


Link to post
Share on other sites

The first time I ran ZHP Cleaner, it reported a browser hijacker had been installed to the Windows registry and quarantined it.

 

IE can seem delicate/touchy to things being added into it. For instance some legit and clean download managers can add their context menu to IE causing problems with the browser, i.e.; crashing, freezing, etc.

Share this post


Link to post
Share on other sites

@derek,

Any chance in your course of running those scans to try to fix IE that you ran ADWCleaner?

That and ZHP seem very similar.

Share this post


Link to post
Share on other sites

A word of caution for everyone using this software. Check carefully what you are about to remove. This software has got its share of false positives too.

Share this post


Link to post
Share on other sites

How often is it updated eL_PuSHeR ?

 

Adwcleaner is updated every couple of weeks or so.

Share this post


Link to post
Share on other sites

A word of caution for everyone using this software. Check carefully what you are about to remove. This software has got its share of false positives too.

 

Noticed that, it offered to remove a few things which are not malicious:

 

 

FOUND file: C:\Users\Rob\Downloads\Lollipop Sounds.zip  (Adware.Lollipop) [D008263BFE514B4419C2ABE61FC8EC96] - zip file of system sounds from Android Lollipop

FOUND key: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Steam App 283000 [Wastelands Interactive] (Adware.AdRoar) - Strategic War in Europe (steam game)

FOUND key: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Steam App 283020 [Wastelands Interactive] (Adware.AdRoar) - The Campaign Series: Fall Weiss (steam game)

FOUND key: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Steam App 302320 [Wastelands Interactive] (Adware.AdRoar) - Storm over the Pacific (steam game)

FOUND key: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Steam App 305390 [Wastelands Interactive] (Adware.AdRoar) - World War 2: Time of Wrath (steam game)

FOUND key: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Steam App 218680 [scribblenauts Unlimited] (PUP.DoRibble) - Scribblenauts Unlimited (steam game)

 

 

 

to name a few. Not sure what their problem with Wastelands Interactive (a game publisher/developer) is.

Share this post


Link to post
Share on other sites

How often is it updated eL_PuSHeR ?

 

Adwcleaner is updated every couple of weeks or so.

I'd say once a day. Sometimes twice a day. Today the website seems to be down though.

Share this post


Link to post
Share on other sites

Noticed that, it offered to remove a few things which are not malicious:

 

 

 

to name a few. Not sure what their problem with Wastelands Interactive (a game publisher/developer) is.

 

That's curious. I have several Steam games too but I don't get any registry values to clean here.

Share this post


Link to post
Share on other sites

That's curious. I have several Steam games too but I don't get any registry values to clean here.

Those are very few out of very many I have installed, and of those 5 games, 4 are published and developed by the same firm, so maybe it's just an issue with their installers or some such.

Share this post


Link to post
Share on other sites

Site is down, maybe?

Looks like it.  I've tried a couple of times over the past few days and get a page that says "Mode Maintenance."

Share this post


Link to post
Share on other sites

I am a student at geekstogo Malware school and none of my teachers have heard of this program. The exe is flaged as Malware when uploaded to virus total.  A flag does not always indicate a posative infection how ever if it's not disgust at geekstogo/bleepingcomputer then i think you would be silly to run the program.

 

Another point is it instals itself in a common malware location. APPData is where data lives. Not executables.

Share this post


Link to post
Share on other sites

Hello eL_PuSHeR - Thank you for providing us with his little gem. For months now I've been having problems with I.E. 11 randomly freezing and/or crashing, and the usual fixes haven't solved anything. During that time, I was running regular scans with Avast, Malwarebytes, and Trend Micro Housecall. Each of them reported no problems with regard to viruses or malware being present on the system. The first time I ran ZHP Cleaner, it reported a browser hijacker had been installed to the Windows registry and quarantined it. Since then, no more problems with I.E. 11. Thanks again. - Derek

 

Different infections require different tools. There is a reason we ask members to post a Farbar Recovery Scan Tool log before proceeding. The log reports these tools generate allow us to see whats really going on. These tools have non public scripting capabilitys that give us more control then standard users.

Share this post


Link to post
Share on other sites

I am a student at geekstogo Malware school and none of my teachers have heard of this program. The exe is flaged as Malware when uploaded to virus total.  A flag does not always indicate a posative infection how ever if it's not disgust at geekstogo/bleepingcomputer then i think you would be silly to run the program.

 

Another point is it instals itself in a common malware location. APPData is where data lives. Not executables.

No. This software is legit and it's not malware. I know a version from some days ago it even targeted itself as malware (LOL) but it has been corrected now. That's not saying this software not having any flaws.

Share this post


Link to post
Share on other sites

I just ran the latest ZHP Cleaner here on xp.  Ran OK, found the usual suspects, deleted them, all is well.  It's not malware, but like any cleanup software it has dangers.  You can cut yourself with a butter knife if you try hard enough.  <--- Joke, not sarcasm.  Joke. 

 

By the way, are you the original ident from a few years back?  Big clue:  Needs More Cowbell. 

If so, hi, long time no see.  :)

Share this post


Link to post
Share on other sites

No. This software is legit and it's not malware. I know a version from some days ago it even targeted itself as malware (LOL) but it has been corrected now. That's not saying this software not having any flaws.

 

How do you know unless you are apart of the team? I am not saying this program is good or bad i am saying my opinion that i am trained to do so. My teachers who are the best in the world have not heard of this application. That still does not say it is bad. I personally uploded the latest exe and it reported 52/3 infection ratio which is still not a flag it is bad.

 

I just ran this application on a fresh VM and it reported 99 infections. Here are some points i think should be made clear.

 

  • My teachers have not hard of this application.
  • The latest exe tested posative.
  • You are not a malware expert or in any training with any malware school. I do not think you should be offering malware advice.

     

The school i am in was by a previous admin here who ran the help section in the malware fourm.  I am not saying this application is bad. I am saying you do not have any experience in malware removal and are suggesting tools that go agasint other schools rules.

Share this post


Link to post
Share on other sites

and using the same logic (without any malice) the same can be said for your 'credentials'. :)

just saying.....

 

no one has ever heard of anything - until they hear of it, obviously.

ZHP was new to me as well until @eL_PuSHeR posted about it.

so I did as much research as I could, read forums and reviews, checked out their website, all the usual safe stuff when testing a new product, then used it, and as far as I can tell, it seems fine.

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...

×
×
  • Create New...