KpRm is a tool to use to finalize a disinfection, it removes the following software:
The search for executables downloaded by the user is only performed in the Desktop and the download folder. To respect Nicolas Coolman's choice, the quarantine of ZHP tools located under AppData\ZHP is no longer deleted, however a line in the report indicates its presence.
- Save the registry
To restore hives easily, it is possible to use KPLive.
- Delete recovery points
- Create a restore point
During this phase, KpRm first activates system recovery and then deletes recovery points that were created less than 24 hours ago. After creating a restore point, this tool will list all the points on the machine. It is important to always check in this list if the restore point has been created, especially if the machine is running on Windows 10.
- Restore system settings
Reset DNS cache
Reset the WinSock catalog
Hide hidden files
Hide protected files
Show known file extensions
- Restore the UAC
Project website: https://kernel-panik.me/tool/kprm/
Source code: https://github.com/KernelPan1k/KpRm