~ ZHPCleaner v2017.2.27.37 by Nicolas Coolman (2017/02/27)
~ Run by Lisa (Administrator)  (02/03/2017 00:09:43)
~ Web: https://www.nicolascoolman.com
~ Blog: https://nicolascoolman.eu/
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Version OK
~ Type : Nettoyer
~ Report : C:\Users\Lisa\Desktop\ZHPCleaner.txt
~ Quarantine : C:\Users\Lisa\AppData\Roaming\ZHP\ZHPCleaner_Quarantine.txt
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
Windows 8.1, 64-bit  (Build 9600)


---\\  Service. (1)
ARRETÉ : GingerUpdateService  =>Heuristic.Pirrit


---\\  Navigateur internet. (0)
~ Aucun élément malicieux ou superflu trouvé.


---\\  Fichier hôte. (1)
~ Le fichier hôte est légitime. (34)


---\\  Tâche planifiée. (0)
~ Aucun élément malicieux ou superflu trouvé.


---\\  Explorateur  ( Dossiers, Fichiers ). (38)
DEPLACÉ fichier: C:\WINDOWS\System32\drivers\{f40cc14b-0f67-44b4-a17e-03e43df8e712}Gw64.sys [StdLib - StdLib]  =>PUP.Optional.LinkiDoo
DEPLACÉ fichier: C:\Windows\Prefetch\GINGERUPDATESERVICE.EXE-954DAD73.pf    =>Heuristic.Pirrit
DEPLACÉ fichier: C:\Windows\Prefetch\POPCORN TIME.EXE-E56EE7DB.pf    =>.Superfluous.PopcornTime
DEPLACÉ fichier: C:\Windows\Prefetch\POPCORNTIMEDESKTOP.EXE-B2712465.pf    =>.Superfluous.PopcornTime
DEPLACÉ fichier: C:\Windows\Installer\wix{6F085FCD-4B6A-4F63-AF23-B74629C40797}.SchedServiceConfig.rmi    =>.Superfluous.Empty
DEPLACÉ fichier: C:\Windows\Installer\wix{F4404AFD-2EF3-40C1-8C09-29E5F3B6972B}.SchedServiceConfig.rmi    =>.Superfluous.Empty
DEPLACÉ fichier: C:\Users\Lisa\Downloads\Popcorn-Time-0.3.7.2-Setup.exe [Popcorn Official - Popcorn Time v0.3.7-2 Installer]  =>.Superfluous.PopcornTime
DEPLACÉ fichier: C:\Users\Lisa\Downloads\PopcornTime-latest.exe [Popcorn Time - Popcorn Time Setup]  =>.Superfluous.PopcornTime
DEPLACÉ fichier: C:\Users\Lisa\Downloads\PropositionStage_M2_MasterBioSante_BREFEL.doc    =>PUP.Optional.OnStage
DEPLACÉ fichier: C:\Users\Lisa\Downloads\SoftonicDownloader_pour_avira-free-antivirus-2013.exe [Softonic - Softonic Downloader]  =>.Superfluous.Softonic
DEPLACÉ fichier: C:\Users\Lisa\Downloads\SoftonicDownloader_pour_bluetooth-driver-installer.exe [Copyright (C) 2014 - Application Installer]  =>.Superfluous.Softonic
DEPLACÉ fichier: C:\Users\Lisa\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_popcorn-time.to_0.localstorage    =>.Superfluous.PopcornTime
DEPLACÉ fichier: C:\Users\Lisa\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_popcorn-time.to_0.localstorage-journal    =>.Superfluous.PopcornTime
DEPLACÉ fichier: C:\Users\Lisa\AppData\Local\Temp\InstallHelper.exe    =>PUP.Optional.ScreenSnapshot
DEPLACÉ fichier: C:\Users\Lisa\AppData\Local\Temp\setup_61EC.exe [Popcorn Time - Popcorn Time Setup]  =>.Superfluous.PopcornTime
DEPLACÉ fichier: C:\Users\Lisa\AppData\Local\Temp\update.exe [Popcorn Official - Popcorn Time 0.3.8-0 Updater]  =>.Superfluous.PopcornTime
DEPLACÉ fichier: C:\Users\Lisa\AppData\Local\popcorn time\nw.exe    =>.Superfluous.PopcornTime
DEPLACÉ dossier^: C:\Program Files (x86)\Ginger\GingerUpdateService  =>Heuristic.Pirrit
DEPLACÉ dossier: C:\Users\Lisa\Downloads\PopcornTime  =>.Superfluous.PopcornTime
DEPLACÉ dossier: C:\Users\Lisa\AppData\Local\Popcorn Time  =>.Superfluous.PopcornTime
DEPLACÉ dossier: C:\Users\Lisa\AppData\Local\Popcorn-Time  =>.Superfluous.PopcornTime
DEPLACÉ dossier: C:\Users\Lisa\AppData\Local\PopcornTimeDesktop  =>.Superfluous.PopcornTime
DEPLACÉ dossier: C:\Users\Lisa\AppData\Local\Temp\Popcorn-Time  =>.Superfluous.PopcornTime
DEPLACÉ dossier: C:\Users\Lisa\AppData\Local\Temp\RtmpCkZGsD  =>.Superfluous.Tuto4PC
DEPLACÉ dossier: C:\Users\Lisa\AppData\Local\Google\Chrome\User Data\Default\File System\008  =>PUP.Optional.DomaIQ
DEPLACÉ dossier: C:\Users\Lisa\AppData\Local\{1CC56FA9-2C80-4996-8EB7-A2F445E95474}  =>.Superfluous.Empty
DEPLACÉ dossier: C:\Users\Lisa\AppData\Local\{2333E795-4FAE-440C-8A1A-5BAE43D4148A}  =>.Superfluous.Empty
DEPLACÉ dossier: C:\Users\Lisa\AppData\Local\{27916D84-2C71-4A29-8C38-B8FC7C0E19FC}  =>.Superfluous.Empty
DEPLACÉ dossier: C:\Users\Lisa\AppData\Local\{2ABB4EF6-4EE5-4D62-8157-9F84D44B606A}  =>.Superfluous.Empty
DEPLACÉ dossier: C:\Users\Lisa\AppData\Local\{6846EBBC-7334-4357-A257-9B5DBBCDBC44}  =>.Superfluous.Empty
DEPLACÉ dossier: C:\Users\Lisa\AppData\Local\{6A91DEFD-59D7-40CF-8CC5-0985CB2E36D8}  =>.Superfluous.Empty
DEPLACÉ dossier: C:\Users\Lisa\AppData\Local\{81279374-BBF1-4252-8826-CC55370729EB}  =>.Superfluous.Empty
DEPLACÉ dossier: C:\Users\Lisa\AppData\Local\{B9C07269-9907-4E69-9A35-A37C70C67377}  =>.Superfluous.Empty
DEPLACÉ dossier: C:\Users\Lisa\AppData\Local\{E94AABFB-1726-4493-9F5A-0D41D92652B4}  =>.Superfluous.Empty
DEPLACÉ dossier: C:\Users\Lisa\AppData\Local\{EA5D76A3-DAC3-4E99-9FBB-9BF6B75652C2}  =>.Superfluous.Empty
DEPLACÉ dossier: C:\Users\Lisa\AppData\Local\Temp\chrome_BITS_1088_31537  =>.Superfluous.Empty
DEPLACÉ dossier: C:\Users\Lisa\AppData\Local\Temp\chrome_BITS_320_28672  =>.Superfluous.Empty
DEPLACÉ dossier: C:\Users\Lisa\AppData\Local\Temp\chrome_BITS_588_26844  =>.Superfluous.Empty


---\\  Base de Registres ( Clés, Valeurs, Données ). (27)
SUPPRIMÉ clé*: HKLM\SYSTEM\CurrentControlSet\Services\GingerUpdateService [C:\Program Files (x86)\Ginger\GingerUpdateService\GingerUpdateService.exe]  =>Heuristic.Pirrit
SUPPRIMÉ clé*: HKLM\SYSTEM\CurrentControlSet\Services\{f40cc14b-0f67-44b4-a17e-03e43df8e712}Gw64 [C:\WINDOWS\System32\drivers\{f40cc14b-0f67-44b4-a17e-03e43df8e712}Gw64.sys (Not File)]  =>PUP.Optional.LinkiDoo
SUPPRIMÉ clé*: HKEY_USERS\S-1-5-21-2751028067-3957659525-2020027720-1001\SOFTWARE\Popcorn Time []  =>.Superfluous.PopcornTime
SUPPRIMÉ clé*: HKEY_USERS\S-1-5-21-2751028067-3957659525-2020027720-1001\SOFTWARE\PopcornTime []  =>.Superfluous.PopcornTime
SUPPRIMÉ clé: HKCU\Software\Popcorn Time []  =>.Superfluous.PopcornTime
SUPPRIMÉ clé: HKCU\Software\PopcornTime []  =>.Superfluous.PopcornTime
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\TypeLib\{0E3E58F0-D250-4B5C-9E1D-DD5CEFCD60A8} [GingerUpdateService 1.0 Type Library]  =>Heuristic.Pirrit
SUPPRIMÉ clé: [X64] HKLM\SOFTWARE\Wow6432Node\Classes\TypeLib\{0E3E58F0-D250-4B5C-9E1D-DD5CEFCD60A8} [GingerUpdateService 1.0 Type Library]  =>Heuristic.Pirrit
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} [Google Inc.]  =>Heuristic.Suspect
SUPPRIMÉ valeur: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\UDP Query User{FCBC7D78-2872-4C47-B416-C6A617F29496}C:\users\lisa\appdata\roaming\cacaoweb\cacaoweb.exe [C:\users\lisa\appdata\roaming\cacaoweb\cacaoweb.exe]  =>.Superfluous.CacaoWeb
SUPPRIMÉ valeur: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\TCP Query User{BEB77A46-3A34-41A5-BA3E-E228EFE0D2FF}C:\users\lisa\appdata\roaming\cacaoweb\cacaoweb.exe [C:\users\lisa\appdata\roaming\cacaoweb\cacaoweb.exe]  =>.Superfluous.CacaoWeb
SUPPRIMÉ valeur: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\UDP Query User{7AB0C9AC-FD47-4B50-8598-331930387BFC}C:\users\lisa\appdata\roaming\cacaoweb\cacaoweb.exe [C:\users\lisa\appdata\roaming\cacaoweb\cacaoweb.exe]  =>.Superfluous.CacaoWeb
SUPPRIMÉ valeur: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\TCP Query User{86E512BE-0BB7-4064-A54C-C6C6B11A32AE}C:\users\lisa\appdata\roaming\cacaoweb\cacaoweb.exe [C:\users\lisa\appdata\roaming\cacaoweb\cacaoweb.exe]  =>.Superfluous.CacaoWeb
SUPPRIMÉ valeur: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\TCP Query User{612B9679-0DED-418C-AF02-1C3D1AF1E18D}C:\users\lisa\appdata\local\popcorn time\node-webkit\popcorn time.exe [C:\users\lisa\appdata\local\popcorn time\node-webkit\popcorn time.exe]  =>.Superfluous.PopcornTime
SUPPRIMÉ valeur: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\UDP Query User{2340159B-B309-4C2D-9745-32E79BD57680}C:\users\lisa\appdata\local\popcorn time\node-webkit\popcorn time.exe [C:\users\lisa\appdata\local\popcorn time\node-webkit\popcorn time.exe]  =>.Superfluous.PopcornTime
SUPPRIMÉ valeur: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\TCP Query User{12C1373B-38D8-4B71-8DD5-7092860F3C41}C:\users\lisa\appdata\local\popcorn time\node-webkit\popcorn time.exe [C:\users\lisa\appdata\local\popcorn time\node-webkit\popcorn time.exe]  =>.Superfluous.PopcornTime
SUPPRIMÉ valeur: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\UDP Query User{26EFDE0C-28EA-4461-B2A8-C3EBE34A259C}C:\users\lisa\appdata\local\popcorn time\node-webkit\popcorn time.exe [C:\users\lisa\appdata\local\popcorn time\node-webkit\popcorn time.exe]  =>.Superfluous.PopcornTime
SUPPRIMÉ valeur: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\TCP Query User{E4465C03-E7A3-47BC-A386-9B33A611E1C8}C:\users\lisa\appdata\local\popcorn time\nw.exe [C:\users\lisa\appdata\local\popcorn time\nw.exe]  =>.Superfluous.PopcornTime
SUPPRIMÉ valeur: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\UDP Query User{C5E8ACF8-B79D-4C19-A4B9-B62C4D0E59B7}C:\users\lisa\appdata\local\popcorn time\nw.exe [C:\users\lisa\appdata\local\popcorn time\nw.exe]  =>.Superfluous.PopcornTime
SUPPRIMÉ valeur: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\{21B2A675-0D0B-42AD-914B-38F9BD9A1BA6} [C:\Program Files (x86)\PremierOpinion\pmropn.exe]  =>Adware.PremierOpinion
SUPPRIMÉ valeur: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\{EE281271-1F17-44B1-A5A4-BFE83838E795} [C:\Program Files (x86)\PremierOpinion\pmropn.exe]  =>Adware.PremierOpinion
SUPPRIMÉ valeur: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\{3B2DF330-30CF-4A91-9322-D66087BB22BC} [C:\Program Files (x86)\Popcorn Time\Updater.exe]  =>.Superfluous.PopcornTime
SUPPRIMÉ valeur: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\{B392597A-AF7A-4759-A6E9-F86B14652539} [C:\Program Files (x86)\Popcorn Time\Updater.exe]  =>.Superfluous.PopcornTime
SUPPRIMÉ valeur: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\{99372CDF-C711-43D5-973F-B382F7BEFF5B} [C:\Program Files (x86)\Popcorn Time\PopcornTimeDesktop.exe]  =>.Superfluous.PopcornTime
SUPPRIMÉ valeur: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\{AEBA93CB-C5EB-411D-B785-6113B5B0B4CF} [C:\Program Files (x86)\Popcorn Time\PopcornTimeDesktop.exe]  =>.Superfluous.PopcornTime
SUPPRIMÉ valeur: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\{02367F50-0A0C-4DEC-86C8-83BC565B224D} [C:\Program Files (x86)\Popcorn Time\chromecast\node.exe]  =>.Superfluous.PopcornTime
SUPPRIMÉ valeur: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\{76B02A7C-A1CA-4C13-9784-27435028CFF4} [C:\Program Files (x86)\Popcorn Time\chromecast\node.exe]  =>.Superfluous.PopcornTime


---\\  Récapitulatif des éléments trouvés sur votre station. (12)
https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/  =>Heuristic.Pirrit
https://www.nicolascoolman.com/fr/pup-linkidoo/  =>PUP.Optional.LinkiDoo
https://nicolascoolman.eu/017/02/26/superfluous-popcorntime/  =>.Superfluous.PopcornTime
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/  =>.Superfluous.Empty
https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/  =>PUP.Optional.OnStage
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/  =>.Superfluous.Softonic
https://www.anti-malware.top/2016/06/21/conseils-logiciel-publicitaire-screensnapshot/  =>PUP.Optional.ScreenSnapshot
https://www.nicolascoolman.com/fr/pup-optional-tuto4pc/  =>.Superfluous.Tuto4PC
https://www.nicolascoolman.com/fr/adware-domaiq/  =>PUP.Optional.DomaIQ
https://nicolascoolman.eu/2017/01/28/heuristic-suspect/  =>Heuristic.Suspect
https://nicolascoolman.eu/2017/01/15/superfluous-cacaoweb/  =>.Superfluous.CacaoWeb
https://www.anti-malware.top/2016/06/13/adware-premieropinion/  =>Adware.PremierOpinion


---\\  Nettoyage Additionnel. (2)
~ Suppression des Clés de registre Tracing. (2)
~ Suppression des anciens rapports ZHPCleaner. (0)


---\\ Bilan de la réparation
~ Réparation réalisée avec succès.
~ Ce navigateur est absent  (Mozilla Firefox)
~ Ce navigateur est absent  (Opera Software)
~ Le système a été redémarré.


---\\ Statistiques
~ Items scannés : 329
~ Items trouvés : 0
~ Items annulés : 0
~ Items réparés : 66


~ End of clean in 00h00mn42s
~====================
ZHPCleaner-[R]-01032017-23_51_39.txt
ZHPCleaner-[R]-02032017-00_10_25.txt
ZHPCleaner-[S]-01032017-23_44_04.txt
ZHPCleaner-[S]-01032017-23_50_20.txt
ZHPCleaner-[S]-01032017-23_51_00.txt
ZHPCleaner-[S]-02032017-00_01_06.txt