Publicité
Publicité
Format du document : text/plain
Prévisualisation
Rapport de ZHPFix 2013.12.14.5 par Nicolas Coolman, Update du 06/12/2013
Fichier d'export Registre :
Run by NADAUD at 11/01/2014 13:56:33
High Elevated Privileges : OK
Windows 7 Home Premium Edition, 64-bit Service Pack 1 (Build 7601)
Corbeille vid�e (00mn 08s)
R�paration des raccourcis navigateur
========== Logiciels ==========
SUPPRIM�: eBay
========== Processus m�moire ==========
SUPPRIM�: Memory Process: C:\ProgramData\BoxUpdChk\updchk.exe
========== Cl�s du Registre ==========
SUPPRIM�: [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A8B88634-7F90-402F-B66A-86429755F6A5}]
SUPPRIM�: Service: Software_update
SUPPRIM�: HKCU\Software\AppDataLow\Software\Crossrider
SUPPRIM�: HKCU\Software\DSiteProducts
SUPPRIM�: HKCU\Software\ParetoLogic
SUPPRIM�: HKCU\Software\Smartbar
SUPPRIM�: HKCU\Software\iLivid
SUPPRIM�:* HKLM\Software\Tarma Installer
SUPPRIM�: HKLM\Software\Wow6432Node\ParetoLogic
SUPPRIM�: SearchScopes :{006ee092-9658-4fd6-bd8e-a21a348e59f5}
SUPPRIM�: Service: Software_update_m
SUPPRIM�:* HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311201102}
SUPPRIM�: HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
SUPPRIM�:* HKLM\Software\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
SUPPRIM�: HKLM\Software\Wow6432Node\Microsoft\Tracing\SnapDo_RASAPI32
SUPPRIM�:* HKLM\Software\Classes\Interface\{8216BD4A-4DC2-4DCE-9AFF-C86C5ACC6757}
SUPPRIM�: HKLM\Software\Wow6432Node\Microsoft\Tracing\SnapDo_RASMANCS
SUPPRIM�:* HKLM\Software\Classes\CLSID\{ae07101b-46d4-4a98-af68-0333ea26e113}
SUPPRIM�:* HKLM\Software\Classes\Interface\{D4D390BE-98E6-4633-AD1B-B18B54BE5E76}
SUPPRIM�:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\1C875DDE39636004CA8CDAEC335B4160
SUPPRIM�: HKLM\Software\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
SUPPRIM�: HKLM\Software\Classes\AppID\secman.DLL
SUPPRIM�: HKLM\Software\Wow6432Node\Microsoft\Tracing\WebCakeDesktop_RASAPI32
SUPPRIM�: HKLM\Software\Wow6432Node\Microsoft\Tracing\WebCakeDesktop_RASMANCS
SUPPRIM�:* HKLM\Software\Classes\CLSID\{11111111-1111-1111-1111-110311201102}
SUPPRIM�:* HKLM\Software\Classes\CLSID\{22222222-2222-2222-2222-220322202202}
SUPPRIM�: HKCU\Software\Softonic
SUPPRIM�: HKLM\Software\Wow6432Node\InstallIQ
SUPPRIM�: [HKLM\Software\Classes\Installer\Products\\43688B8A09F7F2046BA6682479556F5A]
SUPPRIM�: [HKLM\Software\Classes\Installer\Features\43688B8A09F7F2046BA6682479556F5A]
SUPPRIM�: HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{0EE02110-967B-4256-ACA6-BC8AC7CB7E61}
SUPPRIM�: HKLM\Software\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
SUPPRIM�: HKLM\Software\Classes\TypeLib\{8ABB9FA2-0740-4AD9-8F54-1192254B3CF4}
SUPPRIM�: HKLM\Software\Wow6432Node\Microsoft\Tracing\BingBar_RASMANCS
SUPPRIM�:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\43688B8A09F7F2046BA6682479556F5A
SUPPRIM�: HKLM\Software\Wow6432Node\Microsoft\Tracing\BingBar_RASAPI32
SUPPRIM�:* HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{612AD33D-9824-4E87-8396-92374E91C4BB}
SUPPRIM�: HKLM\Software\Classes\ScriptHost.Tool.1
SUPPRIM�: HKLM\Software\Classes\ScriptHost.Tool
SUPPRIM�: HKLM\Software\Wow6432Node\Microsoft\Tracing\ConduitInstaller_RASAPI32
SUPPRIM�: HKLM\Software\Wow6432Node\Microsoft\Tracing\ConduitInstaller_RASMANCS
========== Valeurs du Registre ==========
SUPPRIM�: Toolbar: {ae07101b-46d4-4a98-af68-0333ea26e113}
========== El�ments de donn�e du Registre ==========
SUPPRIM�: R0 - Main,Start Page = KCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page
SUPPRIM�: R1 Search Page =
========== Pr�f�rences navigateur ==========
SUPPRIM� Folder Chrome: C:\Users\NADAUD\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl
SUPPRIM� Folder Chrome: C:\Users\NADAUD\AppData\Local\Google\Chrome\User Data\Default\Extensions\jidjhchcblhlapbcpheibgdjkajekhbh
========== Dossiers ==========
SUPPRIM�: C:\Users\NADAUD\AppData\Local\{03BA532C-4A3E-4AB5-B371-5ACFBE2D37B5}
SUPPRIM�: C:\Users\NADAUD\AppData\Local\{0DD78B80-BC20-4B00-9511-75AC72FEE34B}
SUPPRIM�: C:\Users\NADAUD\AppData\Local\{104E74F4-BF59-4FF6-B126-763B1083526C}
SUPPRIM�: C:\Users\NADAUD\AppData\Local\{2DC73254-5890-4427-8541-674949B6DDF3}
SUPPRIM�: C:\Users\NADAUD\AppData\Local\{3197EA13-E213-4189-B559-3090D94DA0CB}
SUPPRIM�: C:\Users\NADAUD\AppData\Local\{58E6EF8B-58E9-4B14-AB8C-ED7AE83BA3B5}
SUPPRIM�: C:\Users\NADAUD\AppData\Local\{5C61E898-4B34-4385-98EE-DCC15BF40BCE}
SUPPRIM�: C:\Users\NADAUD\AppData\Local\{77DEA2CB-0E34-4A11-884E-79324678D3F4}
SUPPRIM�: C:\Users\NADAUD\AppData\Local\{7BAB0ECD-D77B-4231-A800-BD63DD46567F}
SUPPRIM�: C:\Users\NADAUD\AppData\Local\{7C8B91C6-23C0-489D-9B38-25942DA5452B}
SUPPRIM�: C:\Users\NADAUD\AppData\Local\{7D02CB46-1157-4098-AE85-62A1BDA0EB42}
SUPPRIM�: C:\Users\NADAUD\AppData\Local\{87DAB5B4-E090-4905-8F93-CE21239A0260}
SUPPRIM�: C:\Users\NADAUD\AppData\Local\{9BD7D39B-4DE8-4BD0-B170-EA5F8B1170C7}
SUPPRIM�: C:\Users\NADAUD\AppData\Local\{F6B216F4-CCA1-4F41-9271-8BF310325816}
SUPPRIM�: C:\Users\NADAUD\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl
SUPPRIM�: C:\Users\NADAUD\AppData\Local\Google\Chrome\User Data\Default\Extensions\jidjhchcblhlapbcpheibgdjkajekhbh
SUPPRIM�: C:\Program Files (x86)\Boxore
SUPPRIM�: C:\Program Files (x86)\iMesh Applications
SUPPRIM�: C:\Program Files (x86)\OfferBox
SUPPRIM�: C:\Program Files (x86)\PC Performer
SUPPRIM�: C:\Program Files (x86)\Software
SUPPRIM�: C:\ProgramData\BoxUpdChk
SUPPRIM�: C:\ProgramData\SpeedMaxPc
SUPPRIM�: C:\Users\NADAUD\AppData\Roaming\DigitalSite
SUPPRIM�: C:\Users\NADAUD\AppData\Roaming\DriverCure
SUPPRIM�: C:\Users\NADAUD\AppData\Roaming\Nosibay
SUPPRIM�: C:\Users\NADAUD\AppData\Roaming\OfferBox
SUPPRIM�: C:\Users\NADAUD\AppData\Roaming\OpenCandy
SUPPRIM�: C:\Users\NADAUD\AppData\Roaming\ParetoLogic
SUPPRIM�: C:\Users\NADAUD\AppData\Roaming\SpeedMaxPc
SUPPRIM�: C:\Users\NADAUD\AppData\Local\DealPlyLive
SUPPRIM�: C:\Users\NADAUD\AppData\Local\Software
SUPPRIM�: C:\Program Files (x86)\eBay
SUPPRIM�: C:\ProgramData\APN
SUPPRIM�: c:\users\nadaud\appdata\locallow\conduit
========== Fichiers ==========
SUPPRIM�S Flash Cookies (0) (0 octets)
SUPPRIM�S Temporaires Windows (722) (247�074�442 octets)
SUPPRIM�: c:\users\nadaud\appdata\local\google\chrome\user data\default\preferences
SUPPRIM�: c:\programdata\microsoft\windows\start menu\programs\offerbox.lnk
SUPPRIM�: c:\program files (x86)\offerbox\offerbox.exe
SUPPRIM�: c:\windows\tasks\dealply.job
SUPPRIM�: c:\windows\tasks\digitalsite.job
SUPPRIM�: c:\windows\tasks\mysearchdial.job
SUPPRIM�: c:\windows\tasks\softwareupdatetaskmachinecore.job
SUPPRIM�: c:\windows\tasks\softwareupdatetaskmachineua.job
SUPPRIM�: c:\users\nadaud\appdata\local\google\chrome\user data\default\local storage\chrome-extension_amfclgbdpgndipgoegfpkkgobahigbcl_0.localstorage
SUPPRIM�: c:\users\nadaud\appdata\local\google\chrome\user data\default\local storage\chrome-extension_amfclgbdpgndipgoegfpkkgobahigbcl_0.localstorage-journal
SUPPRIM�: C:\Windows\Installer\1c25afe.msi
SUPPRIM�: c:\users\public\desktop\ebay.lnk (http://rover.ebay.com)
========== Tache planifi�e ==========
SUPPRIM�: BoxSoftwareUpdate
SUPPRIM�: DigitalSite
SUPPRIM�: MySearchDial
SUPPRIM�: SoftwareUpdateTaskMachineCore
SUPPRIM�: SoftwareUpdateTaskMachineCore
SUPPRIM�: SoftwareUpdateTaskMachineUA
========== Autre ==========
NON TRAIT� Malware (114)
========== R�capitulatif ==========
1 : Processus m�moire
41 : Cl�s du Registre
1 : Valeurs du Registre
2 : El�ments de donn�e du Registre
35 : Dossiers
14 : Fichiers
1 : Logiciels
2 : Pr�f�rences navigateur
6 : Tache planifi�e
1 : Autre
End of clean in 01mn 37s
========== Chemin de fichier rapport ==========
C:\Users\NADAUD\AppData\Roaming\ZHP\ZHPFix[R1].txt - 11/01/2014 13:56:41 [8058]
Fichier d'export Registre :
Run by NADAUD at 11/01/2014 13:56:33
High Elevated Privileges : OK
Windows 7 Home Premium Edition, 64-bit Service Pack 1 (Build 7601)
Corbeille vid�e (00mn 08s)
R�paration des raccourcis navigateur
========== Logiciels ==========
SUPPRIM�: eBay
========== Processus m�moire ==========
SUPPRIM�: Memory Process: C:\ProgramData\BoxUpdChk\updchk.exe
========== Cl�s du Registre ==========
SUPPRIM�: [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A8B88634-7F90-402F-B66A-86429755F6A5}]
SUPPRIM�: Service: Software_update
SUPPRIM�: HKCU\Software\AppDataLow\Software\Crossrider
SUPPRIM�: HKCU\Software\DSiteProducts
SUPPRIM�: HKCU\Software\ParetoLogic
SUPPRIM�: HKCU\Software\Smartbar
SUPPRIM�: HKCU\Software\iLivid
SUPPRIM�:* HKLM\Software\Tarma Installer
SUPPRIM�: HKLM\Software\Wow6432Node\ParetoLogic
SUPPRIM�: SearchScopes :{006ee092-9658-4fd6-bd8e-a21a348e59f5}
SUPPRIM�: Service: Software_update_m
SUPPRIM�:* HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311201102}
SUPPRIM�: HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
SUPPRIM�:* HKLM\Software\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
SUPPRIM�: HKLM\Software\Wow6432Node\Microsoft\Tracing\SnapDo_RASAPI32
SUPPRIM�:* HKLM\Software\Classes\Interface\{8216BD4A-4DC2-4DCE-9AFF-C86C5ACC6757}
SUPPRIM�: HKLM\Software\Wow6432Node\Microsoft\Tracing\SnapDo_RASMANCS
SUPPRIM�:* HKLM\Software\Classes\CLSID\{ae07101b-46d4-4a98-af68-0333ea26e113}
SUPPRIM�:* HKLM\Software\Classes\Interface\{D4D390BE-98E6-4633-AD1B-B18B54BE5E76}
SUPPRIM�:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\1C875DDE39636004CA8CDAEC335B4160
SUPPRIM�: HKLM\Software\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
SUPPRIM�: HKLM\Software\Classes\AppID\secman.DLL
SUPPRIM�: HKLM\Software\Wow6432Node\Microsoft\Tracing\WebCakeDesktop_RASAPI32
SUPPRIM�: HKLM\Software\Wow6432Node\Microsoft\Tracing\WebCakeDesktop_RASMANCS
SUPPRIM�:* HKLM\Software\Classes\CLSID\{11111111-1111-1111-1111-110311201102}
SUPPRIM�:* HKLM\Software\Classes\CLSID\{22222222-2222-2222-2222-220322202202}
SUPPRIM�: HKCU\Software\Softonic
SUPPRIM�: HKLM\Software\Wow6432Node\InstallIQ
SUPPRIM�: [HKLM\Software\Classes\Installer\Products\\43688B8A09F7F2046BA6682479556F5A]
SUPPRIM�: [HKLM\Software\Classes\Installer\Features\43688B8A09F7F2046BA6682479556F5A]
SUPPRIM�: HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{0EE02110-967B-4256-ACA6-BC8AC7CB7E61}
SUPPRIM�: HKLM\Software\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
SUPPRIM�: HKLM\Software\Classes\TypeLib\{8ABB9FA2-0740-4AD9-8F54-1192254B3CF4}
SUPPRIM�: HKLM\Software\Wow6432Node\Microsoft\Tracing\BingBar_RASMANCS
SUPPRIM�:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\43688B8A09F7F2046BA6682479556F5A
SUPPRIM�: HKLM\Software\Wow6432Node\Microsoft\Tracing\BingBar_RASAPI32
SUPPRIM�:* HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{612AD33D-9824-4E87-8396-92374E91C4BB}
SUPPRIM�: HKLM\Software\Classes\ScriptHost.Tool.1
SUPPRIM�: HKLM\Software\Classes\ScriptHost.Tool
SUPPRIM�: HKLM\Software\Wow6432Node\Microsoft\Tracing\ConduitInstaller_RASAPI32
SUPPRIM�: HKLM\Software\Wow6432Node\Microsoft\Tracing\ConduitInstaller_RASMANCS
========== Valeurs du Registre ==========
SUPPRIM�: Toolbar: {ae07101b-46d4-4a98-af68-0333ea26e113}
========== El�ments de donn�e du Registre ==========
SUPPRIM�: R0 - Main,Start Page = KCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page
SUPPRIM�: R1 Search Page =
========== Pr�f�rences navigateur ==========
SUPPRIM� Folder Chrome: C:\Users\NADAUD\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl
SUPPRIM� Folder Chrome: C:\Users\NADAUD\AppData\Local\Google\Chrome\User Data\Default\Extensions\jidjhchcblhlapbcpheibgdjkajekhbh
========== Dossiers ==========
SUPPRIM�: C:\Users\NADAUD\AppData\Local\{03BA532C-4A3E-4AB5-B371-5ACFBE2D37B5}
SUPPRIM�: C:\Users\NADAUD\AppData\Local\{0DD78B80-BC20-4B00-9511-75AC72FEE34B}
SUPPRIM�: C:\Users\NADAUD\AppData\Local\{104E74F4-BF59-4FF6-B126-763B1083526C}
SUPPRIM�: C:\Users\NADAUD\AppData\Local\{2DC73254-5890-4427-8541-674949B6DDF3}
SUPPRIM�: C:\Users\NADAUD\AppData\Local\{3197EA13-E213-4189-B559-3090D94DA0CB}
SUPPRIM�: C:\Users\NADAUD\AppData\Local\{58E6EF8B-58E9-4B14-AB8C-ED7AE83BA3B5}
SUPPRIM�: C:\Users\NADAUD\AppData\Local\{5C61E898-4B34-4385-98EE-DCC15BF40BCE}
SUPPRIM�: C:\Users\NADAUD\AppData\Local\{77DEA2CB-0E34-4A11-884E-79324678D3F4}
SUPPRIM�: C:\Users\NADAUD\AppData\Local\{7BAB0ECD-D77B-4231-A800-BD63DD46567F}
SUPPRIM�: C:\Users\NADAUD\AppData\Local\{7C8B91C6-23C0-489D-9B38-25942DA5452B}
SUPPRIM�: C:\Users\NADAUD\AppData\Local\{7D02CB46-1157-4098-AE85-62A1BDA0EB42}
SUPPRIM�: C:\Users\NADAUD\AppData\Local\{87DAB5B4-E090-4905-8F93-CE21239A0260}
SUPPRIM�: C:\Users\NADAUD\AppData\Local\{9BD7D39B-4DE8-4BD0-B170-EA5F8B1170C7}
SUPPRIM�: C:\Users\NADAUD\AppData\Local\{F6B216F4-CCA1-4F41-9271-8BF310325816}
SUPPRIM�: C:\Users\NADAUD\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl
SUPPRIM�: C:\Users\NADAUD\AppData\Local\Google\Chrome\User Data\Default\Extensions\jidjhchcblhlapbcpheibgdjkajekhbh
SUPPRIM�: C:\Program Files (x86)\Boxore
SUPPRIM�: C:\Program Files (x86)\iMesh Applications
SUPPRIM�: C:\Program Files (x86)\OfferBox
SUPPRIM�: C:\Program Files (x86)\PC Performer
SUPPRIM�: C:\Program Files (x86)\Software
SUPPRIM�: C:\ProgramData\BoxUpdChk
SUPPRIM�: C:\ProgramData\SpeedMaxPc
SUPPRIM�: C:\Users\NADAUD\AppData\Roaming\DigitalSite
SUPPRIM�: C:\Users\NADAUD\AppData\Roaming\DriverCure
SUPPRIM�: C:\Users\NADAUD\AppData\Roaming\Nosibay
SUPPRIM�: C:\Users\NADAUD\AppData\Roaming\OfferBox
SUPPRIM�: C:\Users\NADAUD\AppData\Roaming\OpenCandy
SUPPRIM�: C:\Users\NADAUD\AppData\Roaming\ParetoLogic
SUPPRIM�: C:\Users\NADAUD\AppData\Roaming\SpeedMaxPc
SUPPRIM�: C:\Users\NADAUD\AppData\Local\DealPlyLive
SUPPRIM�: C:\Users\NADAUD\AppData\Local\Software
SUPPRIM�: C:\Program Files (x86)\eBay
SUPPRIM�: C:\ProgramData\APN
SUPPRIM�: c:\users\nadaud\appdata\locallow\conduit
========== Fichiers ==========
SUPPRIM�S Flash Cookies (0) (0 octets)
SUPPRIM�S Temporaires Windows (722) (247�074�442 octets)
SUPPRIM�: c:\users\nadaud\appdata\local\google\chrome\user data\default\preferences
SUPPRIM�: c:\programdata\microsoft\windows\start menu\programs\offerbox.lnk
SUPPRIM�: c:\program files (x86)\offerbox\offerbox.exe
SUPPRIM�: c:\windows\tasks\dealply.job
SUPPRIM�: c:\windows\tasks\digitalsite.job
SUPPRIM�: c:\windows\tasks\mysearchdial.job
SUPPRIM�: c:\windows\tasks\softwareupdatetaskmachinecore.job
SUPPRIM�: c:\windows\tasks\softwareupdatetaskmachineua.job
SUPPRIM�: c:\users\nadaud\appdata\local\google\chrome\user data\default\local storage\chrome-extension_amfclgbdpgndipgoegfpkkgobahigbcl_0.localstorage
SUPPRIM�: c:\users\nadaud\appdata\local\google\chrome\user data\default\local storage\chrome-extension_amfclgbdpgndipgoegfpkkgobahigbcl_0.localstorage-journal
SUPPRIM�: C:\Windows\Installer\1c25afe.msi
SUPPRIM�: c:\users\public\desktop\ebay.lnk (http://rover.ebay.com)
========== Tache planifi�e ==========
SUPPRIM�: BoxSoftwareUpdate
SUPPRIM�: DigitalSite
SUPPRIM�: MySearchDial
SUPPRIM�: SoftwareUpdateTaskMachineCore
SUPPRIM�: SoftwareUpdateTaskMachineCore
SUPPRIM�: SoftwareUpdateTaskMachineUA
========== Autre ==========
NON TRAIT� Malware (114)
========== R�capitulatif ==========
1 : Processus m�moire
41 : Cl�s du Registre
1 : Valeurs du Registre
2 : El�ments de donn�e du Registre
35 : Dossiers
14 : Fichiers
1 : Logiciels
2 : Pr�f�rences navigateur
6 : Tache planifi�e
1 : Autre
End of clean in 01mn 37s
========== Chemin de fichier rapport ==========
C:\Users\NADAUD\AppData\Roaming\ZHP\ZHPFix[R1].txt - 11/01/2014 13:56:41 [8058]