ZHPSuite Official Tutorial

/ News, Tutorial / Through / 4 minutes of reading
16 724
4.7 / 5 - (15 votes)

OFFICIAL ZHPSuite TUTORIAL

ZHPSuite is a software that allows you to perform quick and complete search, diagnosis and cleaning of the operating system. 

ZHPSuite is based on the merger of three software programs, ZHP Diag, ZHPLite et ZHPFix.

In this tutorial three main points will be covered, analysis, diagnosis and cleaning of your computer.

 ZHPSuite Download

  • Download ZHP Suite by Nicolas Coolman on your Windows desktop.

Launch of ZHPSuite

  • Go to the icon of ZHP Suite and click right,
  • Select the “Run with administrator rights” option if it is present in the drop-down menu.

How to remove SmartScreen protection

  • Since the release of version 8, Microsoft has integrated a protection system against malicious sites called “SmartScreen“. But it turns out that this filter blocks the download of many legitimate software. A “Windows has protected your computer” window may appear.
  • Click on "Run anyway” and validate.
  • Accept the end user terms (EULA) of the software.

PHASE 1: Analysis

  • Configure your options by clicking on the button “Options“. These items will be saved for your future uses. You can consult the list of ZHPDiag modules.
  • Click on "ANALYSIS” to start the search and activate the ZHPDiag subroutine.
  • Let the progress bar reach the end.

 

The items found

  • At the end of the search, a window may be displayed indicating the presence of elements,
  • Right-clicking on a line provides access to the blog article which provides additional information.
  • Close this found items window.

 

The report

  • At the end of the processing, a research report is created, extracts of which are given below:

[spoiler title='View a report excerpt' style='default' collapse_link='true']
~ ZHPDiag v2016.5.25.99 By Nicolas Coolman (2016/05/25)

—\\ Windows Security Center Status (7) – 0s
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK

—\\ Special search for generic files (25) – 4s
[MD5.2617877C5761B8A696FD0368861EE6E4] – 23/04/2016 – (.Microsoft Corporation – Windows Explorer.) — C:\WINDOWS\Explorer.exe [4515256] =>.Microsoft Windows®
[MD5.0DCB89B1F3689BC6262FF30BBD603171] – 30/10/2015 – (.Microsoft Corporation – Windows Host Process (Rundll32).) — C:\WINDOWS\System32\rundll32.exe [59392] =>.Microsoft Corporation
[MD5.C1C81AAF533552B3C4D9F11A5FF97700] – 23/04/2016 – (.Microsoft Corporation – Windows startup application.) — C:\WINDOWS\System32\Wininit.exe [291360] =>.Microsoft Windows Publisher®
[MD5.AE6A68A065D4C26AF4BEFAA53623B266] – 29/03/2016 – (.Microsoft Corporation – Internet Extensions for Win32.) — C:\WINDOWS\System32\wininet.dll [2755584] =>.Microsoft Corporation
[MD5.5C156EC4E44E30331BCC865A3B61D839] – 23/04/2016 – (.Microsoft Corporation – Windows Logon Application.) — C:\WINDOWS\System32\Winlogon.exe [585728] =>.Microsoft Corporation

—\\ List of non-Microsoft and non-disabled NT services (24) – 4s
O23 – Service: Apple Mobile Device Service (Apple Mobile Device Service). (.Apple Inc. – MobileDeviceService.) – C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe =>.Apple Inc.®
O23 – Service: ASLDR Service (ASLDRService). (.ASUSTek Computer Inc. – ASLDR Service.) – C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe =>.ASUSTeK Computer Inc.®
O23 – Service: ASUS InstantOn Service (ASUS InstantOn). (.ASUS – ASUS InstantOn Program.) – C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe =>.ASUSTeK Computer Inc.®
O23 – Service: Asus WebStorage Windows Service (Asus WebStorage Windows Service). (.Copyright © 2012 – Asus WebStorage Windows Service.) – C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe
O23 – Service: ATKGFNEX Service (ATKGFNEXSrv). (.ASUS – GFNEXSrv.) – C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe =>.ASUSTeK Computer Inc.®
—\\ Automatically scheduled tasks (28) – 12s
[MD5.6A050671F2C76FB48131F12786802807] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) — C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [269504] (.Activate.) =>.Adobe Systems Incorporated ®
[MD5.C6D3BB61E24F66EB976C6CC55346B5F2] [APT] [ASUS InstantOn Config] (.ASUS.) — C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnCfg.exe [1196416] (.Activate.) =>.ASUSTeK Computer Inc .®
[MD5.DB0C938BC311B31CF90C13821AE682B3] [APT] [ASUS Live Update] (.ASUSTeK Computer Inc..) — C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [1559936] (.Activate.) => .ASUSTeK Computer Inc.®
[MD5.0BC5A4142F38A6BB35DECD01A2BC2ED7] [APT] [ASUS P4G] (.ASUS.) — C:\Program Files\ASUS\P4G\BatteryLife.exe [1018240] (.Activate.) =>.ASUSTeK Computer Inc.®

  • This report can also be found in your user folder “%AppData% /ZHP” and on your Desktop.
  •  Submit your report if asked in a disinfection forum.

PHASE 2: The Diagnosis

  • Click on "DIAGNOSIS” to access the ZHPLite diagnostic routine,
  • Click on "Paste the report"
  • Click on "Diagnose the report";
  • Click on "Generate the script” (orange color if present),
  • Close the report analysis program,

ZHPLite Tutorial

 

Phase 3: Cleaning

 

  • Click on "CLEANING” to access the ZHPFix script cleaning routine,
  • In the right area, click on the button “Paste the script"
  • In the left area, click on the button “Start the script"
  • Validate the cleaning confirmation,
  • A cleaning report is displayed in the edit area,
  • A cleaning report is placed on your Windows Desktop,
  • The processed elements are placed in a “Quarantine” that can be restored.

ZHPFix Tutorial

 

Case of an update of ZHPSuite

  • When you launch the software, a window indicates the presence of a new version. For better protection of your system, do not skip this update, it is very fast…
  • Click on "Update".
  • All open browsers are closed. A confirmation message allows you to make a possible backup of your navigation pages, otherwise click on 'OK'.
  • The download starts, then a download completion page is displayed on your browser.
  • Click the Desktop shortcut to start the updated software.
Share
Tweet
whatsapp
Share
Pin it

About the Author

Nicolas Coolman is a French IT and IT security expert with a degree in software engineering. It specializes in scanning and disinfecting malware, including adware, ransomware, Trojans and other types of unwanted software. Nicolas Coolman is also the creator of several computer security tools, such as "ZHPCleaner" and "ZHPDiag", which are widely used by users to scan and clean malware from their Windows operating systems. Nicolas Coolman is very active in the IT security community and regularly shares his knowledge and findings on his website and on security forums. His expertise is recognized by many users and IT professionals, and he is considered a reference in the field of combating malware.

Similar publications

Back to top