~ ZHPCleaner v2017.7.6.115 by Nicolas Coolman (2017/07/06) ~ Run by Marianne (Administrator) (07/07/2017 08:57:44) ~ Web: https://www.nicolascoolman.com ~ Blog: https://nicolascoolman.eu/ ~ Facebook : https://www.facebook.com/nicolascoolman1 ~ State version : Version OK ~ Certificate ZHPCleaner: Illegal ~ Type : Scanner ~ Report : C:\Users\Marianne\Desktop\ZHPCleaner.txt ~ Quarantine : C:\Users\Marianne\AppData\Roaming\ZHP\ZHPCleaner_Reg.txt ~ UAC : Activate ~ Boot Mode : Normal (Normal boot) Windows 8.1, 64-bit (Build 9600) ---\\ Service. (1) [R] TROUVÉ : Service KMSELDI =>HackTool.KMSpico ---\\ Navigateur internet. (0) ~ Aucun élément malicieux ou superflu trouvé. ---\\ Fichier hôte. (1) ~ Le fichier hôte est légitime. (21) ---\\ Tâche planifiée. (1) TROUVÉ tâche: [AutoPico Daily Restart] [C:\Program Files\KMSpico\AutoPico.exe] =>HackTool.KMSpico ---\\ Explorateur ( Dossiers, Fichiers ). (59) TROUVÉ fichier: C:\Users\Public\Desktop\YTD Video Downloader.lnk [Bad : C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\ytd.exe](.GreenTree Applications SRL.) =>.Superfluous.GreenTreeApp TROUVÉ fichier: C:\Program Files\KMSpico\Service_KMS.exe [@ByELDI - Service_KMS] =>HackTool.KMSpico TROUVÉ fichier: C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\ytd.exe [GreenTree Applications SRL - YTD Video Downloader] =>.Superfluous.GreenTreeApp TROUVÉ fichier: C:\Users\Public\Desktop\YTD Video Downloader.lnk =>.Superfluous.GreenTreeApp TROUVÉ fichier: C:\Program Files\KMSpico\AutoPico.exe [@ByELDI - AutoPico] =>HackTool.KMSpico TROUVÉ fichier: C:\Users\Marianne\Downloads\YTDSetup.exe [Copyright © 2007-2015 GreenTree Applications SRL - YTD Video Downloader] =>.Superfluous.GreenTreeApp TROUVÉ fichier: C:\Users\Marianne\Downloads\[nextorrent.net] KMSAuto Net 2016 v1.4.8 Portable\KMSAuto Net.exe [MSFree Inc. - KMSAuto Net] =>HackTool.WinActivator TROUVÉ fichier: C:\Users\Marianne\Downloads\MICROSOFT Office PRO Plus 2016 v16.0.4266.1003 RTM\KMSAuto Net 2015 v1.3.8 Portable\KMSAuto Net.exe [MSFree Inc. - KMSAuto Net] =>HackTool.WinActivator TROUVÉ fichier: C:\Users\Marianne\Downloads\Microsoft Office 2016 ProPlus VL x86x64 Multi Feb 2017\Extras\KMSpico 10.2.0 Final Portable\AutoPico.exe [@ByELDI - AutoPico] =>HackTool.KMSpico TROUVÉ fichier: C:\Users\Marianne\Downloads\Microsoft Office 2016 ProPlus VL x86x64 Multi Feb 2017\Extras\KMSpico 10.2.0 Final Portable\KMSELDI.exe [@ByELDI - KMS GUI ELDI] =>HackTool.KMSpico TROUVÉ fichier: C:\Users\Marianne\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_ol.at.atwola.com_0.localstorage =>.Superfluous.Atwola TROUVÉ fichier: C:\Users\Marianne\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_ol.at.atwola.com_0.localstorage-journal =>.Superfluous.Atwola TROUVÉ dossier: C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader =>.Superfluous.GreenTreeApp TROUVÉ dossier: C:\Program Files (x86)\GreenTree Applications =>.Superfluous.GreenTreeApp TROUVÉ fichier: C:\Program Files\KMSpico\DevComponents.DotNetBar2.dll [DevComponents.com - DevComponents.DotNetBar] =>HackTool.KMSpico TROUVÉ fichier: C:\Program Files\KMSpico\KMSELDI.exe [@ByELDI - KMS GUI ELDI] =>HackTool.KMSpico TROUVÉ fichier: C:\Program Files\KMSpico\unins000.dat =>HackTool.KMSpico TROUVÉ fichier: C:\Program Files\KMSpico\unins000.exe [ - Setup/Uninstall] =>HackTool.KMSpico TROUVÉ fichier: C:\Program Files\KMSpico\UninsHs.exe [Han-soft - Uninstall for InnoSetup by Han-soft] =>HackTool.KMSpico TROUVÉ fichier: C:\Program Files\KMSpico\Vestris.ResourceLib.dll [Vestris Inc. - ResourceLib] =>HackTool.KMSpico TROUVÉ dossier: C:\Program Files\KMSpico\cert =>HackTool.KMSpico TROUVÉ dossier: C:\Program Files\KMSpico\driver =>HackTool.KMSpico TROUVÉ dossier: C:\Program Files\KMSpico\icons =>HackTool.KMSpico TROUVÉ dossier: C:\Program Files\KMSpico\logs =>HackTool.KMSpico TROUVÉ dossier: C:\Program Files\KMSpico\scripts =>HackTool.KMSpico TROUVÉ dossier: C:\Program Files\KMSpico\sounds =>HackTool.KMSpico TROUVÉ dossier: C:\Program Files\KMSpico\TokensBackup =>HackTool.KMSpico TROUVÉ dossier: C:\Program Files\KMSpico =>HackTool.KMSpico TROUVÉ fichier: C:\ProgramData\Microsoft Toolkit\Settings.xml =>HackTool.AutoKMS TROUVÉ dossier: C:\ProgramData\Microsoft Toolkit =>HackTool.AutoKMS TROUVÉ fichier: C:\ProgramData\YTD Video Downloader\savedItems.ysi =>.Superfluous.GreenTreeApp TROUVÉ fichier: C:\ProgramData\YTD Video Downloader\scripts0.yds =>.Superfluous.GreenTreeApp TROUVÉ dossier: C:\ProgramData\YTD Video Downloader =>.Superfluous.GreenTreeApp TROUVÉ fichier: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YTD Video Downloader\Uninstall.lnk =>.Superfluous.GreenTreeApp TROUVÉ fichier: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YTD Video Downloader\Web site.url =>.Superfluous.GreenTreeApp TROUVÉ fichier: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YTD Video Downloader\YTD Video Downloader.lnk =>.Superfluous.GreenTreeApp TROUVÉ dossier: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YTD Video Downloader =>.Superfluous.GreenTreeApp TROUVÉ fichier: C:\Users\Marianne\Desktop\Windows 10 Permanant Activator 10.1.9[KMSpico] FIN@L\KM.nfo =>HackTool.KMSpico TROUVÉ fichier: C:\Users\Marianne\Desktop\Windows 10 Permanant Activator 10.1.9[KMSpico] FIN@L\Setup KMSpico.exe [KMSpico - KMSpico 10.0.4 Installation] =>HackTool.KMSpico TROUVÉ fichier: C:\Users\Marianne\Desktop\Windows 10 Permanant Activator 10.1.9[KMSpico] FIN@L\UnInstall_Service.cmd =>HackTool.KMSpico TROUVÉ fichier: C:\Users\Marianne\Desktop\Windows 10 Permanant Activator 10.1.9[KMSpico] FIN@L\www.fullstuff.net.txt =>HackTool.KMSpico TROUVÉ dossier: C:\Users\Marianne\Desktop\KMSpico 10.2.0 - Windows (7, 8, 10) & Office KMS Activator\KMSpico 10.2.0 - Windows (7, 8, 10) & Office KMS Activator =>Hacktool.Office TROUVÉ dossier: C:\Users\Marianne\Desktop\KMSpico 10.2.0 - Windows (7, 8, 10) & Office KMS Activator =>Hacktool.Office TROUVÉ dossier: C:\Users\Marianne\Desktop\Windows 10 Permanant Activator 10.1.9[KMSpico] FIN@L =>HackTool.KMSpico TROUVÉ fichier: C:\Users\Marianne\AppData\Roaming\Microsoft\Windows\Start Menu\ByteFence\ByteFence Anti-Malware.lnk =>.Superfluous.ByteFence TROUVÉ dossier: C:\Users\Marianne\AppData\Roaming\Microsoft\Windows\Start Menu\ByteFence =>.Superfluous.ByteFence TROUVÉ fichier: C:\Users\Marianne\Downloads\KMSpico 10.2.0 - Windows (7, 8, 10) & Office KMS Activator\KMSpico_setup.exe [ - KMSpico Setup] =>Hacktool.Office TROUVÉ fichier: C:\Users\Marianne\Downloads\KMSpico 10.2.0 - Windows (7, 8, 10) & Office KMS Activator\ReadMe KMSpico Install.txt =>Hacktool.Office TROUVÉ fichier: C:\Users\Marianne\Downloads\KMSpico 10.2.0 Final Activator\Check_Activation.cmd =>HackTool.KMSpico TROUVÉ fichier: C:\Users\Marianne\Downloads\KMSpico 10.2.0 Final Activator\Check_Logfile.cmd =>HackTool.KMSpico TROUVÉ fichier: C:\Users\Marianne\Downloads\Windows 10 Permanant Activator 10.1.9[KMSpico] FIN@L\KM.nfo =>HackTool.KMSpico TROUVÉ fichier: C:\Users\Marianne\Downloads\Windows 10 Permanant Activator 10.1.9[KMSpico] FIN@L\Setup KMSpico.exe [KMSpico - KMSpico 10.0.4 Installation] =>HackTool.KMSpico TROUVÉ fichier: C:\Users\Marianne\Downloads\Windows 10 Permanant Activator 10.1.9[KMSpico] FIN@L\UnInstall_Service.cmd =>HackTool.KMSpico TROUVÉ fichier: C:\Users\Marianne\Downloads\Windows 10 Permanant Activator 10.1.9[KMSpico] FIN@L\www.fullstuff.net.txt =>HackTool.KMSpico TROUVÉ dossier: C:\Users\Marianne\Downloads\KMSpico 10.2.0 - Windows (7, 8, 10) & Office KMS Activator =>Hacktool.Office TROUVÉ dossier: C:\Users\Marianne\Downloads\KMSpico 10.2.0 Final Activator =>HackTool.KMSpico TROUVÉ dossier: C:\Users\Marianne\Downloads\Windows 10 Permanant Activator 10.1.9[KMSpico] FIN@L =>HackTool.KMSpico TROUVÉ dossier: C:\Users\Marianne\AppData\Local\CrashRpt\UnsentCrashReports =>.Superfluous.CrashReports TROUVÉ dossier: C:\Users\Marianne\AppData\Local\CrashRpt =>.Superfluous.CrashReports ---\\ Base de Registres ( Clés, Valeurs, Données ). (8) TROUVÉ clé: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} [https://ca.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_fs_16_33¶m1[...]] [Yahoo! Powered] =>Adware.YahooPowered TROUVÉ clé: HKLM\SYSTEM\CurrentControlSet\Services\Service KMSELDI [C:\Program Files\KMSpico\Service_KMS.exe](.@ByELDI.) =>HackTool.KMSpico TROUVÉ clé: HKLM\SYSTEM\CurrentControlSet\Services\Service KMSELDI [C:\Program Files\KMSpico\Service_KMS.exe] =>HackTool.KMSpico TROUVÉ clé: HKEY_USERS\S-1-5-21-3271657330-2195301567-1523921289-1001\SOFTWARE\GreenTree Applications [] =>.Superfluous.GreenTreeApp TROUVÉ clé: HKCU\Software\GreenTree Applications [] =>.Superfluous.GreenTreeApp TROUVÉ clé: HKLM\SYSTEM\CurrentControlSet\Services\Service KMSELDI [] =>HackTool.KMSpico TROUVÉ clé: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1 [KMSpico] =>HackTool.KMSpico TROUVÉ clé: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7} [GreenTree Applications SRL] =>.Superfluous.GreenTreeApp ---\\ Récapitulatif des éléments trouvés sur votre station. (9) https://nicolascoolman.eu/2017/02/16/hacktool-kmspico/ =>HackTool.KMSpico https://www.anti-malware.top/2016/09/10/superfluous-greentreeapp/ =>.Superfluous.GreenTreeApp https://nicolascoolman.eu/2017/01/13/hacktool-winactivator/ =>HackTool.WinActivator https://nicolascoolman.eu/2017/02/04/superfluous-atwola/ =>.Superfluous.Atwola https://nicolascoolman.eu/2017/02/02/hacktool-autokms/ =>HackTool.AutoKMS https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>Hacktool.Office https://nicolascoolman.eu/2017/03/13/superfluous-bytefence/ =>.Superfluous.ByteFence https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.Superfluous.CrashReports https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>Adware.YahooPowered ---\\ Bilan de la réparation ~ Aucune réparation effectuée. ~ Ce navigateur est absent (Opera Software) ---\\ Statistiques ~ Items scannés : 79226 ~ Items trouvés : 75 ~ Items annulés : 0 ~ Items réparés : 0 ~ End of search in 00h07mn09s ~==================== ZHPCleaner-[S]-07072017-09_04_53.txt