~ ZHPCleaner v2015.11.13.378 by Nicolas Coolman (2015/11/13) ~ Run by KrapulJack (Administrator) (14/11/2015 06:54:31) ~ Site : http://www.nicolascoolman.fr ~ Facebook : https://www.facebook.com/nicolascoolman1 ~ State version : Version OK ~ Type : Repair ~ Report : C:\Users\KrapulJack\Desktop\ZHPCleaner.txt ~ Quarantine : C:\Users\KrapulJack\AppData\Roaming\ZHP\ZHPCleaner_Quarantine.txt ~ UAC : Deactivate ~ Boot Mode : Normal (Normal boot) Windows 7 Ultimate, 64-bit Service Pack 1 (Build 7601) ---\\ Services (0) ~ No malicious or unnecessary items found. ---\\ Browser internet (1) DELETED data: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyOverride [Bad : ] =>Hijacker.Proxy ---\\ Hosts file (1) ~ The hosts file is legitimate (2) ---\\ Scheduled automatic tasks. (0) ~ No malicious or unnecessary items found. ---\\ Explorer ( File, Folder) (167) MOVED file: C:\Users\KrapulJack\AppData\Roaming\inst.exe =>PUP.Optional.Pirrit MOVED file: C:\Users\KrapulJack\Downloads\a-aq38yx2n9bdug1tazrm3axaqwpmuw.torrent =>PUP.Optional.WpManager MOVED file: C:\Users\KrapulJack\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.olark.com_0.localstorage =>PUP.Optional.Generic MOVED file: C:\Users\KrapulJack\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.olark.com_0.localstorage-journal =>PUP.Optional.Generic MOVED file: C:\Users\KrapulJack\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_webfg-a.akamaihd.net_0.localstorage =>PUP.Optional.AkamaiHD MOVED file: C:\Users\KrapulJack\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_webfg-a.akamaihd.net_0.localstorage-journal =>PUP.Optional.AkamaiHD MOVED file: C:\Users\KrapulJack\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_gameofbombs.com_0.localstorage =>PUP.Optional.Gameo MOVED file: C:\Users\KrapulJack\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_gameofbombs.com_0.localstorage-journal =>PUP.Optional.Gameo MOVED folder: C:\Users\KrapulJack\AppData\LocalLow\WhiteSmoke_New =>PUP.Optional.WhiteSmoke MOVED folder: C:\Users\KrapulJack\AppData\Local\{05528321-92F2-47FD-AAEE-BDED2F6F3FB3} =>Empty MOVED folder: C:\Users\KrapulJack\AppData\Local\{0A8BFF4A-40B8-464C-972C-3EFC300B3BE0} =>Empty MOVED folder: C:\Users\KrapulJack\AppData\Local\{114790A4-DE3A-4549-94F3-F70976097BC8} =>Empty MOVED folder: C:\Users\KrapulJack\AppData\Local\{123ADD80-C53A-474A-887C-4D9C625E491A} =>Empty MOVED folder: C:\Users\KrapulJack\AppData\Local\{1A3E9D4E-05F4-4CED-A49D-77D6E540EAB9} =>Empty MOVED folder: C:\Users\KrapulJack\AppData\Local\{223DA47D-87BE-4EF7-A0DB-8060FB1D1D36} =>Empty MOVED folder: C:\Users\KrapulJack\AppData\Local\{259FA683-A579-4CFD-A57E-CFEFA68F2505} =>Empty MOVED folder: C:\Users\KrapulJack\AppData\Local\{2C63D78E-01E2-4814-87CB-281B6B646509} =>Empty MOVED folder: C:\Users\KrapulJack\AppData\Local\{30084325-3724-41E3-9F3D-C00C3DE8469A} =>Empty MOVED folder: C:\Users\KrapulJack\AppData\Local\{334EA37C-FAAC-4DB9-BF11-6450B5CDC74A} =>Empty MOVED folder: C:\Users\KrapulJack\AppData\Local\{4B1CA20D-B582-4EE8-AAE7-BBD2EACE2880} =>Empty MOVED folder: C:\Users\KrapulJack\AppData\Local\{512E7A37-FCBF-42E2-9BEC-7DC6512C2EDE} =>Empty MOVED folder: C:\Users\KrapulJack\AppData\Local\{53448302-E726-49BA-9791-C025CB39CBCE} =>Empty MOVED folder: C:\Users\KrapulJack\AppData\Local\{571BA43E-46DB-4657-9D7B-9CDE536C0A3E} =>Empty MOVED folder: C:\Users\KrapulJack\AppData\Local\{5F092F37-DBDB-4C62-866A-BC5CE4E8064D} =>Empty MOVED folder: C:\Users\KrapulJack\AppData\Local\{61F4539A-C727-4E50-A399-07E84F964967} =>Empty MOVED folder: C:\Users\KrapulJack\AppData\Local\{69E3FE26-5C82-4EA5-8F29-20552182AF26} =>Empty MOVED folder: C:\Users\KrapulJack\AppData\Local\{69F28090-82AF-4DA0-B574-CCE7DC091FD2} =>Empty MOVED folder: C:\Users\KrapulJack\AppData\Local\{6EA021ED-0129-416C-A227-0C7C55D35079} =>Empty MOVED folder: C:\Users\KrapulJack\AppData\Local\{76F910B2-7808-4761-83AB-C9EDE017E205} =>Empty MOVED folder: C:\Users\KrapulJack\AppData\Local\{8C2F2A52-8FAC-44F3-B555-3237A7A8ED12} =>Empty MOVED folder: C:\Users\KrapulJack\AppData\Local\{96B3E258-630A-4668-B06D-6784573417BE} =>Empty MOVED folder: C:\Users\KrapulJack\AppData\Local\{9785C3DE-241A-4C9D-9971-9B3753AD990C} =>Empty MOVED folder: C:\Users\KrapulJack\AppData\Local\{97A68453-FEA2-44F3-B7FC-4E656B5779A9} =>Empty MOVED folder: C:\Users\KrapulJack\AppData\Local\{9A9FFE6F-9FAF-4927-A30E-4CD008E40272} =>Empty MOVED folder: C:\Users\KrapulJack\AppData\Local\{B9CC7D21-6C70-41AF-B105-91D916B1C49D} =>Empty MOVED folder: C:\Users\KrapulJack\AppData\Local\{CEC3F663-C450-45B2-A76F-4B459CDD04FE} =>Empty MOVED folder: C:\Users\KrapulJack\AppData\Local\{D03CE127-8A58-40FB-8EF9-70C92FF08C30} =>Empty MOVED folder: C:\Users\KrapulJack\AppData\Local\{D15CAC34-26B7-4A18-AE9A-70E83E325A44} =>Empty MOVED folder: C:\Users\KrapulJack\AppData\Local\{E12BB009-54ED-403C-BDCA-234D5CFBF137} =>Empty MOVED folder: C:\Users\KrapulJack\AppData\Local\{E69BA70C-302B-4B69-816F-A64E63871093} =>Empty MOVED folder: C:\Users\KrapulJack\AppData\Local\{EE8CA484-9FBF-483C-9FFA-6040844FBAE8} =>Empty MOVED folder: C:\Windows\Installer\MSI193A.tmp- =>Empty MOVED folder: C:\Windows\Installer\MSI1B2E.tmp- =>Empty MOVED folder: C:\Windows\Installer\MSI2763.tmp- =>Empty MOVED folder: C:\Windows\Installer\MSI2AAC.tmp- =>Empty MOVED folder: C:\Windows\Installer\MSI2BD6.tmp- =>Empty MOVED folder: C:\Windows\Installer\MSI2D55.tmp- =>Empty MOVED folder: C:\Windows\Installer\MSI2E21.tmp- =>Empty MOVED folder: C:\Windows\Installer\MSI2E6C.tmp- =>Empty MOVED folder: C:\Windows\Installer\MSI2ECC.tmp- =>Empty MOVED folder: C:\Windows\Installer\MSI2F09.tmp- =>Empty MOVED folder: C:\Windows\Installer\MSI2F0D.tmp- =>Empty MOVED folder: C:\Windows\Installer\MSI2F69.tmp- =>Empty MOVED folder: C:\Windows\Installer\MSI2FA7.tmp- =>Empty MOVED folder: C:\Windows\Installer\MSI2FBA.tmp- =>Empty MOVED folder: C:\Windows\Installer\MSI3017.tmp- =>Empty MOVED folder: C:\Windows\Installer\MSI3035.tmp- =>Empty MOVED folder: C:\Windows\Installer\MSI30A4.tmp- =>Empty MOVED folder: C:\Windows\Installer\MSI30C2.tmp- =>Empty MOVED folder: C:\Windows\Installer\MSI315F.tmp- =>Empty MOVED folder: C:\Windows\Installer\MSI318F.tmp- =>Empty MOVED folder: C:\Windows\Installer\MSI324A.tmp- =>Empty MOVED folder: C:\Windows\Installer\MSI3324.tmp- =>Empty MOVED folder: C:\Windows\Installer\MSI3374.tmp- =>Empty MOVED folder: C:\Windows\Installer\MSI33A2.tmp- =>Empty MOVED folder: C:\Windows\Installer\MSI33B2.tmp- =>Empty MOVED folder: C:\Windows\Installer\MSI3401.tmp- =>Empty MOVED folder: C:\Windows\Installer\MSI345E.tmp- =>Empty MOVED folder: C:\Windows\Installer\MSI34AE.tmp- =>Empty MOVED folder: C:\Windows\Installer\MSI352A.tmp- =>Empty MOVED folder: C:\Windows\Installer\MSI355A.tmp- =>Empty MOVED folder: C:\Windows\Installer\MSI35E8.tmp- =>Empty MOVED folder: C:\Windows\Installer\MSI3606.tmp- =>Empty MOVED folder: C:\Windows\Installer\MSI3685.tmp- =>Empty MOVED folder: C:\Windows\Installer\MSI371F.tmp- =>Empty MOVED folder: C:\Windows\Installer\MSI37FB.tmp- =>Empty MOVED folder: C:\Windows\Installer\MSI3AF6.tmp- =>Empty MOVED folder: C:\Windows\Installer\MSI3D1D.tmp- =>Empty MOVED folder: C:\Windows\Installer\MSI3FDB.tmp- =>Empty MOVED folder: C:\Windows\Installer\MSI40C6.tmp- =>Empty MOVED folder: C:\Windows\Installer\MSI4D1.tmp- =>Empty MOVED folder: C:\Windows\Installer\MSI5630.tmp- =>Empty MOVED folder: C:\Windows\Installer\MSI595C.tmp- =>Empty MOVED folder: C:\Windows\Installer\MSI6A23.tmp- =>Empty MOVED folder: C:\Windows\Installer\MSI6DF4.tmp- =>Empty MOVED folder: C:\Windows\Installer\MSI6EA0.tmp- =>Empty MOVED folder: C:\Windows\Installer\MSI6F4E.tmp- =>Empty MOVED folder: C:\Windows\Installer\MSI6FEB.tmp- =>Empty MOVED folder: C:\Windows\Installer\MSI70B7.tmp- =>Empty MOVED folder: C:\Windows\Installer\MSI728C.tmp- =>Empty MOVED folder: C:\Windows\Installer\MSI7329.tmp- =>Empty MOVED folder: C:\Windows\Installer\MSI73D5.tmp- =>Empty MOVED folder: C:\Windows\Installer\MSI7472.tmp- =>Empty MOVED folder: C:\Windows\Installer\MSI751F.tmp- =>Empty MOVED folder: C:\Windows\Installer\MSI75BC.tmp- =>Empty MOVED folder: C:\Windows\Installer\MSI7C93.tmp- =>Empty MOVED folder: C:\Windows\Installer\MSI9024.tmp- =>Empty MOVED folder: C:\Windows\Installer\MSI92B4.tmp- =>Empty MOVED folder: C:\Windows\Installer\MSIA1D6.tmp- =>Empty MOVED folder: C:\Windows\Installer\MSIA2DF.tmp- =>Empty MOVED folder: C:\Windows\Installer\MSIA49D.tmp- =>Empty MOVED folder: C:\Windows\Installer\MSIA52A.tmp- =>Empty MOVED folder: C:\Windows\Installer\MSIA652.tmp- =>Empty MOVED folder: C:\Windows\Installer\MSIA6EF.tmp- =>Empty MOVED folder: C:\Windows\Installer\MSIA79C.tmp- =>Empty MOVED folder: C:\Windows\Installer\MSIA839.tmp- =>Empty MOVED folder: C:\Windows\Installer\MSIA9FF.tmp- =>Empty MOVED folder: C:\Windows\Installer\MSIAADA.tmp- =>Empty MOVED folder: C:\Windows\Installer\MSIAB87.tmp- =>Empty MOVED folder: C:\Windows\Installer\MSIAC24.tmp- =>Empty MOVED folder: C:\Windows\Installer\MSIACC1.tmp- =>Empty MOVED folder: C:\Windows\Installer\MSIAD6D.tmp- =>Empty MOVED folder: C:\Windows\Installer\MSIADA4.tmp- =>Empty MOVED folder: C:\Windows\Installer\MSIADFB.tmp- =>Empty MOVED folder: C:\Windows\Installer\MSIAE41.tmp- =>Empty MOVED folder: C:\Windows\Installer\MSIAECF.tmp- =>Empty MOVED folder: C:\Windows\Installer\MSIAF6C.tmp- =>Empty MOVED folder: C:\Windows\Installer\MSIB0A3.tmp- =>Empty MOVED folder: C:\Windows\Installer\MSIB131.tmp- =>Empty MOVED folder: C:\Windows\Installer\MSIB1BF.tmp- =>Empty MOVED folder: C:\Windows\Installer\MSIB288.tmp- =>Empty MOVED folder: C:\Windows\Installer\MSIB484.tmp- =>Empty MOVED folder: C:\Windows\Installer\MSIB511.tmp- =>Empty MOVED folder: C:\Windows\Installer\MSIB8F3.tmp- =>Empty MOVED folder: C:\Windows\Installer\MSIBE86.tmp- =>Empty MOVED folder: C:\Windows\Installer\MSIC116.tmp- =>Empty MOVED folder: C:\Windows\Installer\MSIC202.tmp- =>Empty MOVED folder: C:\Windows\Installer\MSIC265.tmp- =>Empty MOVED folder: C:\Windows\Installer\MSIC29F.tmp- =>Empty MOVED folder: C:\Windows\Installer\MSIC33C.tmp- =>Empty MOVED folder: C:\Windows\Installer\MSIC34D.tmp- =>Empty MOVED folder: C:\Windows\Installer\MSIC475.tmp- =>Empty MOVED folder: C:\Windows\Installer\MSIC56A.tmp- =>Empty MOVED folder: C:\Windows\Installer\MSIC607.tmp- =>Empty MOVED folder: C:\Windows\Installer\MSIC679.tmp- =>Empty MOVED folder: C:\Windows\Installer\MSIC6C5.tmp- =>Empty MOVED folder: C:\Windows\Installer\MSIC706.tmp- =>Empty MOVED folder: C:\Windows\Installer\MSIC724.tmp- =>Empty MOVED folder: C:\Windows\Installer\MSIC762.tmp- =>Empty MOVED folder: C:\Windows\Installer\MSIC81F.tmp- =>Empty MOVED folder: C:\Windows\Installer\MSIC82D.tmp- =>Empty MOVED folder: C:\Windows\Installer\MSICA02.tmp- =>Empty MOVED folder: C:\Windows\Installer\MSICA9F.tmp- =>Empty MOVED folder: C:\Windows\Installer\MSICB4C.tmp- =>Empty MOVED folder: C:\Windows\Installer\MSICBF9.tmp- =>Empty MOVED folder: C:\Windows\Installer\MSICCA5.tmp- =>Empty MOVED folder: C:\Windows\Installer\MSICD42.tmp- =>Empty MOVED folder: C:\Windows\Installer\MSICE3B.tmp- =>Empty MOVED folder: C:\Windows\Installer\MSID3DB.tmp- =>Empty MOVED folder: C:\Windows\Installer\MSID84A.tmp- =>Empty MOVED folder: C:\Windows\Installer\MSIDB5F.tmp- =>Empty MOVED folder: C:\Windows\Installer\MSIDBFC.tmp- =>Empty MOVED folder: C:\Windows\Installer\MSIDCB9.tmp- =>Empty MOVED folder: C:\Windows\Installer\MSIDD47.tmp- =>Empty MOVED folder: C:\Windows\Installer\MSIDF4B.tmp- =>Empty MOVED folder: C:\Windows\Installer\MSIE036.tmp- =>Empty MOVED folder: C:\Windows\Installer\MSIE0D3.tmp- =>Empty MOVED folder: C:\Windows\Installer\MSIE170.tmp- =>Empty MOVED folder: C:\Windows\Installer\MSIE20D.tmp- =>Empty MOVED folder: C:\Windows\Installer\MSIE2AA.tmp- =>Empty MOVED folder: C:\Windows\Installer\MSIE347.tmp- =>Empty MOVED folder: C:\Windows\Installer\MSIE3E4.tmp- =>Empty MOVED folder: C:\Windows\Installer\MSIEA5D.tmp- =>Empty MOVED folder: C:\Windows\Installer\MSIEB39.tmp- =>Empty MOVED folder: C:\Windows\Installer\MSIEC43.tmp- =>Empty MOVED folder: C:\Windows\Installer\MSIECFF.tmp- =>Empty MOVED folder: C:\Windows\Installer\MSIFEC8.tmp- =>Empty ---\\ Registry ( Key, Value, Data) (16) DELETED key*: [X64] HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SDP [C:\Program Files (x86)\FilesFrog Update Checker\update_checker.exe /auto (Not File)] =>PUP.Optional.MegaSearch DELETED key*: HKEY_USERS\S-1-5-21-2951774986-359698713-963401568-1001\Software\DataMngr_Toolbar [] =>PUP.Optional.Bandoo DELETED key: HKCU\Software\DataMngr_Toolbar [] =>PUP.Optional.Bandoo DELETED key*: HKCU\Software\AppDataLow\Software\adawarebp [] =>PUP.Optional.ToolbarCleaner DELETED key*: HKCU\Software\AppDataLow\Software\Smartbar [] =>PUP.Optional.QuickShare DELETED key*: HKCU\Software\AppDataLow\Software\WhiteSmoke_New [] =>PUP.Optional.WhiteSmoke DELETED key*: [X64] HKLM\SOFTWARE\Classes\Download.SwInstaller [SwInstaller Class] =>PUP.Optional.CrossRider DELETED key*: [X64] HKLM\SOFTWARE\Classes\Download.SwInstaller.1 [SwInstaller Class] =>PUP.Optional.CrossRider DELETED key*: [X64] HKLM\SOFTWARE\Classes\Download.SwInstallerAttributes [SwInstallerAttributes Class] =>PUP.Optional.CrossRider DELETED key*: [X64] HKLM\SOFTWARE\Classes\Download.SwInstallerAttributes.1 [SwInstallerAttributes Class] =>PUP.Optional.CrossRider DELETED key*: [X64] HKLM\SOFTWARE\Classes\Swdir.SwInstallerCtl [SwInstallerCtl Class] =>PUP.Optional.CrossRider DELETED key*: [X64] HKLM\SOFTWARE\Classes\Swdir.SwInstallerCtl.1 [SwInstallerCtl Class] =>PUP.Optional.CrossRider DELETED value: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\{6365548C-96A1-415A-A16E-6E5B7CD7EF49} [C:\Program Files (x86)\YourFileDownloader\Downloader.exe] =>PUP.Optional.YourFileDownloader DELETED value: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\{57F1A297-F180-49C3-8953-8A529AED16D6} [C:\Program Files (x86)\YourFileDownloader\Downloader.exe] =>PUP.Optional.YourFileDownloader DELETED value: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\{DE530809-1775-40D4-A14B-1DD5AF5E2408} [C:\Program Files (x86)\YourFileDownloader\YourFile.exe] =>PUP.Optional.YourFileDownloader DELETED value: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\{9722EF14-E04E-4E01-B176-DCFD395C1082} [C:\Program Files (x86)\YourFileDownloader\YourFile.exe] =>PUP.Optional.YourFileDownloader ---\\ Result of repair ~ Repair carried out successfully ~ Browser not found (Mozilla Firefox) ~ Browser not found (Opera Software) ---\\ Statistics ~ Items scanned : 218 ~ Items found : 0 ~ Items cancelled : 0 ~ Items repaired : 184 ~ End of clean in 0 minutes =================== ZHPCleaner-[R]-14112015-06_54_53.txt ZHPCleaner-[S]-14112015-06_53_32.txt