Publicité
Publicité
Format du document : text/plain
Prévisualisation
~ ZHPCleaner v2018.3.27.55 by Nicolas Coolman (2018/03/27)
~ Run by latou_000 (Administrator) (27/03/2018 15:53:22)
~ Web: https://www.nicolascoolman.com
~ Blog: https://nicolascoolman.eu/
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Version OK
~ Certificate ZHPCleaner: Legal
~ Type : Repair
~ Report : C:\Users\latou_000\Desktop\ZHPCleaner.txt
~ Quarantine : C:\Users\latou_000\AppData\Roaming\ZHP\ZHPCleaner_Reg.txt
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
Windows 8.1 Pro, 64-bit (Build 9600)
---\\ Alternate Data Stream (ADS). (0)
~ No malicious or unnecessary items found.
---\\ Services (1)
CLOSED : Update service =>.SUP.PopcornTime
---\\ Browser internet (0)
~ No malicious or unnecessary items found.
---\\ Hosts file (1)
~ The hosts file is legitimate (21)
---\\ Scheduled automatic tasks. (1)
DELETED task: [AutoPico Daily Restart] [C:\Program Files\KMSpico\AutoPico.exe (Not File) ] =>HackTool.KMSpico
---\\ Explorer ( File, Folder) (8)
MOVED file: C:\Program Files\KMSpico\Service_KMS.exe [ - Service_KMS] =>HackTool.KMSpico
MOVED file: C:\Program Files (x86)\Popcorn Time\Updater.exe [Popcorn Time - Updater] =>.SUP.PopcornTime
MOVED file: C:\Program Files\KMSpico\AutoPico.exe [ - AutoPico] =>HackTool.KMSpico
MOVED file: C:\Windows\Prefetch\KMSPICO_SETUP.TMP-D4C68D7D.pf =>HackTool.KMSpico
MOVED file: C:\Windows\Prefetch\POPCORNTIMEDESKTOP.EXE-2038099B.pf =>.SUP.PopcornTime
MOVED file: C:\Program Files\KMSpico\KMSELDI.exe [ - KMS GUI ELDI] =>HackTool.KMSpico
MOVED folder^: C:\Program Files (x86)\Popcorn Time =>.SUP.PopcornTime
MOVED folder: C:\Program Files\KMSpico =>HackTool.KMSpico
---\\ Registry ( Key, Value, Data) (21)
DELETED key*: HKLM\SYSTEM\CurrentControlSet\Services\Service KMSELDI [C:\Program Files\KMSpico\Service_KMS.exe (Not File)] =>HackTool.KMSpico
DELETED key*: HKLM\SYSTEM\CurrentControlSet\Services\Update service [C:\Program Files (x86)\Popcorn Time\Updater.exe (Not File)] =>.SUP.PopcornTime
DELETED key*: HKLM\SYSTEM\CurrentControlSet\Services\WinDivert1.1 [\C:\Program Files\KMSpico\WinDivert.sys (Not File)] =>HackTool.KMSpico
DELETED key*: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KMSpico_is1 [KMSpico v9.1.3] =>HackTool.KMSpico
DELETED value: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\GoogleChromeAutoLaunch_EFF57A9158E69541DFE8625F24F977C2 ["C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5] =>PUP.Optional.MyBrowser
DELETED value: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\{448FEC01-AA7C-4644-A0D7-BD545FC05074} [C:\Program Files\KMSpico\KMSELDI.exe] =>HackTool.KMSpico
DELETED value: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\{7BE0DADB-C343-4562-BD20-573604567521} [C:\Program Files\KMSpico\KMSELDI.exe] =>HackTool.KMSpico
DELETED value: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\{33968E54-2249-4A40-9BDC-572A5F87F4E1} [C:\Program Files\KMSpico\AutoPico.exe] =>HackTool.KMSpico
DELETED value: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\{CDCDF3A1-175C-448F-9F9E-7BDC88B4B3EE} [C:\Program Files\KMSpico\AutoPico.exe] =>HackTool.KMSpico
DELETED value: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\{A5124A6F-F2B7-432F-BE01-F938CCDE7BF4} [C:\Program Files\KMSpico\Service_KMS.exe] =>HackTool.KMSpico
DELETED value: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\{94A1916F-7E75-4E2A-81F3-AAEEC6593BFF} [C:\Program Files\KMSpico\Service_KMS.exe] =>HackTool.KMSpico
DELETED value: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\{8A25FB16-E89E-48BF-9617-B066A6DE2893} [C:\Program Files\KMSpico\Service_KMS.exe] =>HackTool.KMSpico
DELETED value: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\{2941D9E5-7B3A-4B9A-B5D0-9C54F12A6788} [C:\Program Files\KMSpico\Service_KMS.exe] =>HackTool.KMSpico
DELETED value: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\{7CF50362-F2CF-4B00-AFF0-0AEAF487C765} [C:\Program Files\KMSpico\AutoPico.exe] =>HackTool.KMSpico
DELETED value: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\{ED9DB6DD-FCD6-437E-89B3-F07889E3D9AB} [C:\Program Files\KMSpico\AutoPico.exe] =>HackTool.KMSpico
DELETED value: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\{399BEBE8-9F04-4C0B-8373-C8EF2B739AA8} [C:\Program Files (x86)\Popcorn Time\Updater.exe] =>.SUP.PopcornTime
DELETED value: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\{63A3EC25-614D-4092-9910-E80FED9B2608} [C:\Program Files (x86)\Popcorn Time\Updater.exe] =>.SUP.PopcornTime
DELETED value: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\{3EC545A5-88BE-4B54-B266-AC18A7FAD11C} [C:\Program Files (x86)\Popcorn Time\PopcornTimeDesktop.exe] =>.SUP.PopcornTime
DELETED value: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\{BC6CAD6A-93BA-464C-93F6-7948E31486EA} [C:\Program Files (x86)\Popcorn Time\PopcornTimeDesktop.exe] =>.SUP.PopcornTime
DELETED value: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\{C9A1C516-CD27-4A81-B924-C0E24EAE4984} [C:\Program Files (x86)\Popcorn Time\chromecast\node.exe] =>.SUP.PopcornTime
DELETED value: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\{2A0BCE9B-C68E-461B-AE7F-2FAF3CB1C5E7} [C:\Program Files (x86)\Popcorn Time\chromecast\node.exe] =>.SUP.PopcornTime
---\\ Summary of the elements found (3)
https://nicolascoolman.eu/2017/02/26/superfluous-popcorntime/ =>.SUP.PopcornTime
https://nicolascoolman.eu/2017/02/16/hacktool-kmspico/ =>HackTool.KMSpico
https://nicolascoolman.eu/2017/11/01/adware-mybrowser/ =>PUP.Optional.MyBrowser
---\\ Other deletions. (5)
~ Registry Keys Tracing deleted (5)
~ Remove the old reports ZHPCleaner. (0)
---\\ Result of repair
~ Repair carried out successfully
~ Browser not found (Mozilla Firefox)
~ Browser not found (Opera Software)
~ The system has been restarted.
---\\ Statistics
~ Items scanned : 378
~ Items found : 0
~ Items cancelled : 0
~ Items options : 0/7
~ Space saving (bytes) : 0
~ End of clean in 00h01mn01s
---\\ Reports (2)
ZHPCleaner-[S]-27032018-15_39_50.txt
ZHPCleaner-[R]-27032018-15_54_23.txt
~ Run by latou_000 (Administrator) (27/03/2018 15:53:22)
~ Web: https://www.nicolascoolman.com
~ Blog: https://nicolascoolman.eu/
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Version OK
~ Certificate ZHPCleaner: Legal
~ Type : Repair
~ Report : C:\Users\latou_000\Desktop\ZHPCleaner.txt
~ Quarantine : C:\Users\latou_000\AppData\Roaming\ZHP\ZHPCleaner_Reg.txt
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
Windows 8.1 Pro, 64-bit (Build 9600)
---\\ Alternate Data Stream (ADS). (0)
~ No malicious or unnecessary items found.
---\\ Services (1)
CLOSED : Update service =>.SUP.PopcornTime
---\\ Browser internet (0)
~ No malicious or unnecessary items found.
---\\ Hosts file (1)
~ The hosts file is legitimate (21)
---\\ Scheduled automatic tasks. (1)
DELETED task: [AutoPico Daily Restart] [C:\Program Files\KMSpico\AutoPico.exe (Not File) ] =>HackTool.KMSpico
---\\ Explorer ( File, Folder) (8)
MOVED file: C:\Program Files\KMSpico\Service_KMS.exe [ - Service_KMS] =>HackTool.KMSpico
MOVED file: C:\Program Files (x86)\Popcorn Time\Updater.exe [Popcorn Time - Updater] =>.SUP.PopcornTime
MOVED file: C:\Program Files\KMSpico\AutoPico.exe [ - AutoPico] =>HackTool.KMSpico
MOVED file: C:\Windows\Prefetch\KMSPICO_SETUP.TMP-D4C68D7D.pf =>HackTool.KMSpico
MOVED file: C:\Windows\Prefetch\POPCORNTIMEDESKTOP.EXE-2038099B.pf =>.SUP.PopcornTime
MOVED file: C:\Program Files\KMSpico\KMSELDI.exe [ - KMS GUI ELDI] =>HackTool.KMSpico
MOVED folder^: C:\Program Files (x86)\Popcorn Time =>.SUP.PopcornTime
MOVED folder: C:\Program Files\KMSpico =>HackTool.KMSpico
---\\ Registry ( Key, Value, Data) (21)
DELETED key*: HKLM\SYSTEM\CurrentControlSet\Services\Service KMSELDI [C:\Program Files\KMSpico\Service_KMS.exe (Not File)] =>HackTool.KMSpico
DELETED key*: HKLM\SYSTEM\CurrentControlSet\Services\Update service [C:\Program Files (x86)\Popcorn Time\Updater.exe (Not File)] =>.SUP.PopcornTime
DELETED key*: HKLM\SYSTEM\CurrentControlSet\Services\WinDivert1.1 [\C:\Program Files\KMSpico\WinDivert.sys (Not File)] =>HackTool.KMSpico
DELETED key*: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KMSpico_is1 [KMSpico v9.1.3] =>HackTool.KMSpico
DELETED value: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\GoogleChromeAutoLaunch_EFF57A9158E69541DFE8625F24F977C2 ["C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5] =>PUP.Optional.MyBrowser
DELETED value: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\{448FEC01-AA7C-4644-A0D7-BD545FC05074} [C:\Program Files\KMSpico\KMSELDI.exe] =>HackTool.KMSpico
DELETED value: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\{7BE0DADB-C343-4562-BD20-573604567521} [C:\Program Files\KMSpico\KMSELDI.exe] =>HackTool.KMSpico
DELETED value: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\{33968E54-2249-4A40-9BDC-572A5F87F4E1} [C:\Program Files\KMSpico\AutoPico.exe] =>HackTool.KMSpico
DELETED value: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\{CDCDF3A1-175C-448F-9F9E-7BDC88B4B3EE} [C:\Program Files\KMSpico\AutoPico.exe] =>HackTool.KMSpico
DELETED value: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\{A5124A6F-F2B7-432F-BE01-F938CCDE7BF4} [C:\Program Files\KMSpico\Service_KMS.exe] =>HackTool.KMSpico
DELETED value: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\{94A1916F-7E75-4E2A-81F3-AAEEC6593BFF} [C:\Program Files\KMSpico\Service_KMS.exe] =>HackTool.KMSpico
DELETED value: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\{8A25FB16-E89E-48BF-9617-B066A6DE2893} [C:\Program Files\KMSpico\Service_KMS.exe] =>HackTool.KMSpico
DELETED value: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\{2941D9E5-7B3A-4B9A-B5D0-9C54F12A6788} [C:\Program Files\KMSpico\Service_KMS.exe] =>HackTool.KMSpico
DELETED value: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\{7CF50362-F2CF-4B00-AFF0-0AEAF487C765} [C:\Program Files\KMSpico\AutoPico.exe] =>HackTool.KMSpico
DELETED value: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\{ED9DB6DD-FCD6-437E-89B3-F07889E3D9AB} [C:\Program Files\KMSpico\AutoPico.exe] =>HackTool.KMSpico
DELETED value: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\{399BEBE8-9F04-4C0B-8373-C8EF2B739AA8} [C:\Program Files (x86)\Popcorn Time\Updater.exe] =>.SUP.PopcornTime
DELETED value: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\{63A3EC25-614D-4092-9910-E80FED9B2608} [C:\Program Files (x86)\Popcorn Time\Updater.exe] =>.SUP.PopcornTime
DELETED value: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\{3EC545A5-88BE-4B54-B266-AC18A7FAD11C} [C:\Program Files (x86)\Popcorn Time\PopcornTimeDesktop.exe] =>.SUP.PopcornTime
DELETED value: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\{BC6CAD6A-93BA-464C-93F6-7948E31486EA} [C:\Program Files (x86)\Popcorn Time\PopcornTimeDesktop.exe] =>.SUP.PopcornTime
DELETED value: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\{C9A1C516-CD27-4A81-B924-C0E24EAE4984} [C:\Program Files (x86)\Popcorn Time\chromecast\node.exe] =>.SUP.PopcornTime
DELETED value: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\{2A0BCE9B-C68E-461B-AE7F-2FAF3CB1C5E7} [C:\Program Files (x86)\Popcorn Time\chromecast\node.exe] =>.SUP.PopcornTime
---\\ Summary of the elements found (3)
https://nicolascoolman.eu/2017/02/26/superfluous-popcorntime/ =>.SUP.PopcornTime
https://nicolascoolman.eu/2017/02/16/hacktool-kmspico/ =>HackTool.KMSpico
https://nicolascoolman.eu/2017/11/01/adware-mybrowser/ =>PUP.Optional.MyBrowser
---\\ Other deletions. (5)
~ Registry Keys Tracing deleted (5)
~ Remove the old reports ZHPCleaner. (0)
---\\ Result of repair
~ Repair carried out successfully
~ Browser not found (Mozilla Firefox)
~ Browser not found (Opera Software)
~ The system has been restarted.
---\\ Statistics
~ Items scanned : 378
~ Items found : 0
~ Items cancelled : 0
~ Items options : 0/7
~ Space saving (bytes) : 0
~ End of clean in 00h01mn01s
---\\ Reports (2)
ZHPCleaner-[S]-27032018-15_39_50.txt
ZHPCleaner-[R]-27032018-15_54_23.txt