~ ZHPCleaner v2016.10.31.183 by Nicolas Coolman (2016/10/31) ~ Run by Ewoud (Administrator) (01/11/2016 18:28:07) ~ Web: https://www.nicolascoolman.com ~ Blog: https://www.anti-malware.top ~ Facebook : https://www.facebook.com/nicolascoolman1 ~ State version : Versie OK ~ Type : Scan ~ Report : C:\Users\Ewoud\Desktop\ZHPCleaner.txt ~ Quarantine : C:\Users\Ewoud\AppData\Roaming\ZHP\ZHPCleaner_Quarantine.txt ~ UAC : Activate ~ Boot Mode : Normal (Normal boot) Windows 10 Home, 64-bit (Build 14393) ---\\ Services (0) ~ Geen schadelijk of onnodig element gevonden. ---\\ Browser internet (0) ~ Geen schadelijk of onnodig element gevonden. ---\\ Hosts file (1) ~ The hosts file is rechtmatig (21) ---\\ Scheduled automatic tasks. (0) ~ Geen schadelijk of onnodig element gevonden. ---\\ Explorer ( Bestand, Map) (115) GEVONDEN bestand: C:\Windows\Installer\wix{8CC8333A-AC85-4E68-88BB-4E3452CE4981}.SchedServiceConfig.rmi =>.Superfluous.Empty GEVONDEN bestand: C:\Windows\Installer\wix{B53443D3-4744-4C9C-95A9-7B3DF727DAE6}.SchedServiceConfig.rmi =>.Superfluous.Empty GEVONDEN bestand: C:\Windows\Installer\wix{B5E06417-A4AC-4225-B36E-7E34C91616E7}.SchedServiceConfig.rmi =>.Superfluous.Empty GEVONDEN bestand: C:\Windows\SECOH-QAD.exe =>HackTool.KMSpico GEVONDEN bestand: C:\Program Files (x86)\Popcorn Time\init.txt =>.Superfluous.PopcornTime GEVONDEN bestand: C:\Program Files (x86)\Popcorn Time\Updater.exe [Popcorn Time - Updater] =>.Superfluous.PopcornTime GEVONDEN map: C:\Program Files (x86)\Popcorn Time =>.Superfluous.PopcornTime GEVONDEN bestand: C:\Program Files\KMSpico\DevComponents.DotNetBar2.dll [DevComponents.com - DevComponents.DotNetBar] =>HackTool.KMSpico GEVONDEN bestand: C:\Program Files\KMSpico\unins000.dat =>HackTool.KMSpico GEVONDEN bestand: C:\Program Files\KMSpico\unins000.exe [ - Setup/Uninstall] =>HackTool.KMSpico GEVONDEN bestand: C:\Program Files\KMSpico\UninsHs.exe [Han-soft - Uninstall for InnoSetup by Han-soft] =>HackTool.KMSpico GEVONDEN bestand: C:\Program Files\KMSpico\Vestris.ResourceLib.dll [Vestris Inc. - ResourceLib] =>HackTool.KMSpico GEVONDEN bestand: C:\Program Files\KMSpico\WinDivert.dll =>HackTool.KMSpico GEVONDEN bestand: C:\Program Files\KMSpico\WinDivert.sys [Basil Projects - WinDivert network packet capture and (re)in] =>HackTool.KMSpico GEVONDEN map: C:\Program Files\KMSpico\cert =>HackTool.KMSpico GEVONDEN map: C:\Program Files\KMSpico\driver =>HackTool.KMSpico GEVONDEN map: C:\Program Files\KMSpico\icons =>HackTool.KMSpico GEVONDEN map: C:\Program Files\KMSpico\logs =>HackTool.KMSpico GEVONDEN map: C:\Program Files\KMSpico\scripts =>HackTool.KMSpico GEVONDEN map: C:\Program Files\KMSpico\sounds =>HackTool.KMSpico GEVONDEN map: C:\Program Files\KMSpico\TokensBackup =>HackTool.KMSpico GEVONDEN map: C:\Program Files\KMSpico\x64 =>HackTool.KMSpico GEVONDEN map: C:\Program Files\KMSpico\x86 =>HackTool.KMSpico GEVONDEN map: C:\Program Files\KMSpico =>HackTool.KMSpico GEVONDEN bestand: C:\ProgramData\Microsoft Toolkit\Settings.xml =>HackTool.AutoKMS GEVONDEN map: C:\ProgramData\Microsoft Toolkit =>HackTool.AutoKMS GEVONDEN bestand: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico\AutoPico.lnk =>HackTool.KMSpico GEVONDEN bestand: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico\KMSpico.lnk =>HackTool.KMSpico GEVONDEN bestand: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico\Log KMSpico.lnk =>HackTool.KMSpico GEVONDEN bestand: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico\Uninstall KMSpico.lnk =>HackTool.KMSpico GEVONDEN map: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico =>HackTool.KMSpico GEVONDEN map: C:\WINDOWS\System32\config\systemprofile\AppData\Local\LavasoftTcpService =>PUP.Optional.LavasoftWebCompanion GEVONDEN map: C:\Users\Ewoud\AppData\Local\CrashRpt\UnsentCrashReports =>.Superfluous.CrashReports GEVONDEN map: C:\Users\Ewoud\AppData\Local\PopcornTimeDesktop\.cache =>.Superfluous.PopcornTime GEVONDEN map: C:\Users\Ewoud\AppData\Local\CrashRpt =>.Superfluous.CrashReports GEVONDEN map: C:\Users\Ewoud\AppData\Local\PopcornTimeDesktop =>.Superfluous.PopcornTime GEVONDEN bestand: C:\Windows\SysWOW64\config\systemprofile\AppData\Local\LavasoftTcpService\LavasoftTcpService.ini =>PUP.Optional.LavasoftWebCompanion GEVONDEN map: C:\WINDOWS\SysWOW64\config\systemprofile\AppData\Local\LavasoftTcpService =>PUP.Optional.LavasoftWebCompanion GEVONDEN map: C:\WINDOWS\Installer\MSI13F7.tmp- =>.Superfluous.Empty GEVONDEN map: C:\WINDOWS\Installer\MSI1906.tmp- =>.Superfluous.Empty GEVONDEN map: C:\WINDOWS\Installer\MSI1C7.tmp- =>.Superfluous.Empty GEVONDEN map: C:\WINDOWS\Installer\MSI1EF5.tmp- =>.Superfluous.Empty GEVONDEN map: C:\WINDOWS\Installer\MSI2268.tmp- =>.Superfluous.Empty GEVONDEN map: C:\WINDOWS\Installer\MSI2413.tmp- =>.Superfluous.Empty GEVONDEN map: C:\WINDOWS\Installer\MSI254D.tmp- =>.Superfluous.Empty GEVONDEN map: C:\WINDOWS\Installer\MSI2780.tmp- =>.Superfluous.Empty GEVONDEN map: C:\WINDOWS\Installer\MSI27BF.tmp- =>.Superfluous.Empty GEVONDEN map: C:\WINDOWS\Installer\MSI2995.tmp- =>.Superfluous.Empty GEVONDEN map: C:\WINDOWS\Installer\MSI2D3.tmp- =>.Superfluous.Empty GEVONDEN map: C:\WINDOWS\Installer\MSI3088.tmp- =>.Superfluous.Empty GEVONDEN map: C:\WINDOWS\Installer\MSI30F3.tmp- =>.Superfluous.Empty GEVONDEN map: C:\WINDOWS\Installer\MSI33D7.tmp- =>.Superfluous.Empty GEVONDEN map: C:\WINDOWS\Installer\MSI3472.tmp- =>.Superfluous.Empty GEVONDEN map: C:\WINDOWS\Installer\MSI3D79.tmp- =>.Superfluous.Empty GEVONDEN map: C:\WINDOWS\Installer\MSI3DB.tmp- =>.Superfluous.Empty GEVONDEN map: C:\WINDOWS\Installer\MSI3F7E.tmp- =>.Superfluous.Empty GEVONDEN map: C:\WINDOWS\Installer\MSI4302.tmp- =>.Superfluous.Empty GEVONDEN map: C:\WINDOWS\Installer\MSI44D2.tmp- =>.Superfluous.Empty GEVONDEN map: C:\WINDOWS\Installer\MSI479D.tmp- =>.Superfluous.Empty GEVONDEN map: C:\WINDOWS\Installer\MSI488.tmp- =>.Superfluous.Empty GEVONDEN map: C:\WINDOWS\Installer\MSI4C99.tmp- =>.Superfluous.Empty GEVONDEN map: C:\WINDOWS\Installer\MSI4E67.tmp- =>.Superfluous.Empty GEVONDEN map: C:\WINDOWS\Installer\MSI4F2C.tmp- =>.Superfluous.Empty GEVONDEN map: C:\WINDOWS\Installer\MSI5282.tmp- =>.Superfluous.Empty GEVONDEN map: C:\WINDOWS\Installer\MSI564.tmp- =>.Superfluous.Empty GEVONDEN map: C:\WINDOWS\Installer\MSI5905.tmp- =>.Superfluous.Empty GEVONDEN map: C:\WINDOWS\Installer\MSI59E0.tmp- =>.Superfluous.Empty GEVONDEN map: C:\WINDOWS\Installer\MSI5AF0.tmp- =>.Superfluous.Empty GEVONDEN map: C:\WINDOWS\Installer\MSI5B29.tmp- =>.Superfluous.Empty GEVONDEN map: C:\WINDOWS\Installer\MSI5B4E.tmp- =>.Superfluous.Empty GEVONDEN map: C:\WINDOWS\Installer\MSI5CE2.tmp- =>.Superfluous.Empty GEVONDEN map: C:\WINDOWS\Installer\MSI5D52.tmp- =>.Superfluous.Empty GEVONDEN map: C:\WINDOWS\Installer\MSI5DF0.tmp- =>.Superfluous.Empty GEVONDEN map: C:\WINDOWS\Installer\MSI5DF0.tmp-0 =>.Superfluous.Empty GEVONDEN map: C:\WINDOWS\Installer\MSI5E6C.tmp- =>.Superfluous.Empty GEVONDEN map: C:\WINDOWS\Installer\MSI62CA.tmp- =>.Superfluous.Empty GEVONDEN map: C:\WINDOWS\Installer\MSI62D2.tmp- =>.Superfluous.Empty GEVONDEN map: C:\WINDOWS\Installer\MSI6413.tmp- =>.Superfluous.Empty GEVONDEN map: C:\WINDOWS\Installer\MSI64F.tmp- =>.Superfluous.Empty GEVONDEN map: C:\WINDOWS\Installer\MSI66C8.tmp- =>.Superfluous.Empty GEVONDEN map: C:\WINDOWS\Installer\MSI69A9.tmp- =>.Superfluous.Empty GEVONDEN map: C:\WINDOWS\Installer\MSI6F.tmp- =>.Superfluous.Empty GEVONDEN map: C:\WINDOWS\Installer\MSI7006.tmp- =>.Superfluous.Empty GEVONDEN map: C:\WINDOWS\Installer\MSI7084.tmp- =>.Superfluous.Empty GEVONDEN map: C:\WINDOWS\Installer\MSI70E7.tmp- =>.Superfluous.Empty GEVONDEN map: C:\WINDOWS\Installer\MSI72B.tmp- =>.Superfluous.Empty GEVONDEN map: C:\WINDOWS\Installer\MSI742D.tmp- =>.Superfluous.Empty GEVONDEN map: C:\WINDOWS\Installer\MSI7566.tmp- =>.Superfluous.Empty GEVONDEN map: C:\WINDOWS\Installer\MSI778A.tmp- =>.Superfluous.Empty GEVONDEN map: C:\WINDOWS\Installer\MSI780.tmp- =>.Superfluous.Empty GEVONDEN map: C:\WINDOWS\Installer\MSI7DA6.tmp- =>.Superfluous.Empty GEVONDEN map: C:\WINDOWS\Installer\MSI7ECF.tmp- =>.Superfluous.Empty GEVONDEN map: C:\WINDOWS\Installer\MSI7F12.tmp- =>.Superfluous.Empty GEVONDEN map: C:\WINDOWS\Installer\MSI914.tmp- =>.Superfluous.Empty GEVONDEN map: C:\WINDOWS\Installer\MSI94BA.tmp- =>.Superfluous.Empty GEVONDEN map: C:\WINDOWS\Installer\MSI9C1.tmp- =>.Superfluous.Empty GEVONDEN map: C:\WINDOWS\Installer\MSIABC.tmp- =>.Superfluous.Empty GEVONDEN map: C:\WINDOWS\Installer\MSIBD6.tmp- =>.Superfluous.Empty GEVONDEN map: C:\WINDOWS\Installer\MSIC487.tmp- =>.Superfluous.Empty GEVONDEN map: C:\WINDOWS\Installer\MSICE5B.tmp- =>.Superfluous.Empty GEVONDEN map: C:\WINDOWS\Installer\MSID6A2.tmp- =>.Superfluous.Empty GEVONDEN map: C:\WINDOWS\Installer\MSIDC4.tmp- =>.Superfluous.Empty GEVONDEN map: C:\WINDOWS\Installer\MSIE277.tmp- =>.Superfluous.Empty GEVONDEN map: C:\WINDOWS\Installer\MSIE715.tmp- =>.Superfluous.Empty GEVONDEN map: C:\WINDOWS\Installer\MSIE7A8.tmp- =>.Superfluous.Empty GEVONDEN map: C:\WINDOWS\Installer\MSIEB8B.tmp- =>.Superfluous.Empty GEVONDEN map: C:\WINDOWS\Installer\MSIED5.tmp- =>.Superfluous.Empty GEVONDEN map: C:\WINDOWS\Installer\MSIED.tmp- =>.Superfluous.Empty GEVONDEN map: C:\WINDOWS\Installer\MSIEE48.tmp- =>.Superfluous.Empty GEVONDEN map: C:\WINDOWS\Installer\MSIEE8A.tmp- =>.Superfluous.Empty GEVONDEN map: C:\WINDOWS\Installer\MSIEFE6.tmp- =>.Superfluous.Empty GEVONDEN map: C:\WINDOWS\Installer\MSIEFFF.tmp- =>.Superfluous.Empty GEVONDEN map: C:\WINDOWS\Installer\MSIFBB9.tmp- =>.Superfluous.Empty GEVONDEN map: C:\WINDOWS\Installer\MSIFC8B.tmp- =>.Superfluous.Empty GEVONDEN map: C:\WINDOWS\Installer\MSIFDF.tmp- =>.Superfluous.Empty ---\\ Register ( Sleutel, Waarde, Data) (23) GEVONDEN sleutel: HKEY_USERS\S-1-5-21-1854223093-3483252176-3228169965-1001\SOFTWARE\Popcorn Time [] =>.Superfluous.PopcornTime GEVONDEN sleutel: HKEY_USERS\S-1-5-21-1854223093-3483252176-3228169965-1001\SOFTWARE\PopcornTime [] =>.Superfluous.PopcornTime GEVONDEN sleutel: HKCU\Software\Popcorn Time [] =>.Superfluous.PopcornTime GEVONDEN sleutel: HKCU\Software\PopcornTime [] =>.Superfluous.PopcornTime GEVONDEN sleutel: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\akamaihd.net [] =>.Superfluous.AkamaiHD GEVONDEN sleutel: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\api.oasisspace.net [] =>PUP.Optional.OasisSpace GEVONDEN sleutel: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\apioasisspacenet-a.akamaihd.net [] =>PUP.Optional.OasisSpace GEVONDEN sleutel: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\hdapp1008-a.akamaihd.net [] =>.Superfluous.AkamaiHD GEVONDEN sleutel: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\oasisspace.net [] =>PUP.Optional.OasisSpace GEVONDEN sleutel: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\systweak.com [] =>.Superfluous.Systweak GEVONDEN sleutel: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\www.systweak.com [] =>.Superfluous.Systweak GEVONDEN sleutel: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\akamaihd.net [] =>.Superfluous.AkamaiHD GEVONDEN sleutel: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\api.oasisspace.net [92766] =>PUP.Optional.OasisSpace GEVONDEN sleutel: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\apioasisspacenet-a.akamaihd.net [] =>PUP.Optional.OasisSpace GEVONDEN sleutel: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\hdapp1008-a.akamaihd.net [335] =>.Superfluous.AkamaiHD GEVONDEN sleutel: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\oasisspace.net [] =>PUP.Optional.OasisSpace GEVONDEN sleutel: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\systweak.com [] =>.Superfluous.Systweak GEVONDEN sleutel: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\www.systweak.com [291] =>.Superfluous.Systweak GEVONDEN sleutel: [X64] HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56} [secman] =>PUP.Optional.Camec GEVONDEN sleutel: [X64] HKLM\SOFTWARE\Wow6432Node\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56} [secman] =>PUP.Optional.Camec GEVONDEN sleutel: HKCU\SOFTWARE\E2BB5E854E276EFD5C57614D2EC73DDB [] =>Hijacker.Browser GEVONDEN waarde: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\{7883B2A2-230D-48DA-95A7-B60610E0FDD6} [C:\Program Files (x86)\Popcorn Time\Updater.exe] =>.Superfluous.PopcornTime GEVONDEN waarde: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\{F2A71232-55CD-476F-918F-E57147498C2A} [C:\Program Files (x86)\Popcorn Time\Updater.exe] =>.Superfluous.PopcornTime ---\\ Samenvatting van elementen gevonden op uw werkstation (11) https://www.nicolascoolman.com/fr/logiciels-superflus =>.Superfluous.Empty https://www.anti-malware.top/2016/09/08/hacktool-kmspico/ =>HackTool.KMSpico https://www.anti-malware.top/2016/09/28/superfluous-popcorntime/ =>.Superfluous.PopcornTime https://www.anti-malware.top/2016/05/04/hacktool-autokms/ =>HackTool.AutoKMS https://www.anti-malware.top/2016/04/26/superfluous-lavasoftwebcompanion/ =>PUP.Optional.LavasoftWebCompanion https://www.nicolascoolman.com/fr/logiciels-superflus =>.Superfluous.CrashReports https://www.nicolascoolman.com/fr/logiciels-superflus =>.Superfluous.AkamaiHD https://www.anti-malware.top/2016/07/02/adware-oasisspace/ =>PUP.Optional.OasisSpace https://www.nicolascoolman.com/fr/pup-systweak/ =>.Superfluous.Systweak https://www.nicolascoolman.com/fr/repaquetage-et_infections/ =>PUP.Optional.Camec https://www.nicolascoolman.com/fr/hijacker-browser/ =>Hijacker.Browser ---\\Resultaat van reparaties ~ Gerepareerd ~ Browser niet gevonden (Mozilla Firefox) ~ Browser niet gevonden (Opera Software) ---\\Statistics ~ Items gescand : 88943 ~ Items gevonden : 144 ~ Items gecancelled : 0 ~ Items gerepareerd : 0 ~ End of search in 00h04mn26s ~==================== ZHPCleaner-[S]-01112016-18_32_33.txt