cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Rapport de ZHPFix 2015.3.18.4 par Nicolas Coolman, Update du 18/03/2015
Fichier d'export Registre :
Run by ahmed at 07-Apr-15 1:11:39 AM
High Elevated Privileges : OK
Windows 8 Business Edition, 64-bit Service Pack 1 (9600)

Recycle Bin emptied (22mn AMs)

========== Process memory ==========
REMOVES: Memory Process: C:\Users\ahmed\Desktop\VidPlayaSetup_v2.exe
REMOVES: Memory Process: C:\Users\ahmed\Downloads\Compressed\AV Voice Changer Software Diamond 6.0.34\ViRiLiTY\Keygen.exe
REMOVES: Memory Process: C:\Users\ahmed\Downloads\Compressed\PdfGrabber.Pro.v7.0.0.8\Cracked\PdfGrabber.exe

========== Registry keys ==========
REMOVES: HKCU\Software\Linkey
REMOVES: HKLM\Software\Wow6432Node\EnigmaSoftwareGroup
REMOVES: CLSID BHO: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
REMOVES: [HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
REMOVES:� Service: BAVSvc
REMOVES:� Service: BHipsSvc
REMOVES: Service: EvtEng
REMOVES: Service: RegSrvc
REMOVES: Service: ZeroConfigService
REMOVES:� HKCU\Software\Baidu Security
REMOVES:* HKLM\Software\ESET
REMOVES: HKLM\Software\Wow6432Node\Baidu Security
ERROR O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (...) -- C:\Windows\System32\Drivers\rdpencdd.sys (.not file.)
REMOVES CLSID MPSK: {88d1f17b-5c0e-11e4-8250-806e6f6e6963}
REMOVES:� Service: BdSandboxSrv

========== Registry values ==========
REMOVES: URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497}
REMOVES RunValue: IDMan
REMOVES RunValue: Messenger (Yahoo!)
REMOVES RunValue: SplitCam
REMOVES RunValue: Google Update
REMOVES RunValue: Clownfish
REMOVES RunValue: Raptr
REMOVES RunValue: PWRISOVM.EXE
REMOVES RunValue: EaseUS EPM Tray Agent
ERROR RunValue: Baidu Antivirus
REMOVES RunValue: Adguard
ABSENT value Standard Profile: FirewallRaz :
ABSENT value Domain Profile: FirewallRaz :
REMOVES: FirewallRaz (Domain) : {9E3D57FC-7C37-4424-9352-4831E97D029D}
REMOVES: FirewallRaz (Domain) : {548DCF8C-BFF2-4BA4-AA88-FBAF9AC8BCC6}
REMOVES: FirewallRaz (Domain) : NetPres-In-TCP-NoScope
REMOVES: FirewallRaz (Domain) : NetPres-Out-TCP-NoScope
REMOVES: FirewallRaz (None) : NetPres-WSD-In-UDP
REMOVES: FirewallRaz (None) : NetPres-WSD-Out-UDP
REMOVES: FirewallRaz (Public) : NetPres-In-TCP
REMOVES: FirewallRaz (Public) : NetPres-Out-TCP
REMOVES: FirewallRaz (None) : MCX-Prov-Out-TCP
REMOVES: FirewallRaz (None) : MCX-McrMgr-Out-TCP
REMOVES: FirewallRaz (None) : {C331916C-15A4-484C-B922-B2CDD3992968}
REMOVES: FirewallRaz (Public) : {6DA67870-06B6-4225-AAC5-1227E1DED3B4}
REMOVES: FirewallRaz (Public) : {26C26630-4E3B-4C03-9E9E-91C726E4C0B0}
REMOVES: FirewallRaz (Public) : {7CEECC13-5FC6-4A38-A1AA-713EE9BC766C}
REMOVES: FirewallRaz (Public) : {B83D2530-4CD8-43A5-802E-D3D3131010AC}
REMOVES: FirewallRaz (Public) : {AD6AB26E-65CA-4B86-BB16-E5A945C8BB4D}
REMOVES: FirewallRaz (Public) : {2F0C13AE-5755-440A-9C2C-57D941828ED1}
REMOVES: FirewallRaz (Public) : {B3EDC66A-A76F-4A1B-96C1-73F2651565BF}
REMOVES: FirewallRaz (Public) : {6EC87879-A1B1-4667-9C41-978EA5DCCEEE}
REMOVES: FirewallRaz (Private) : {3BC1CF8B-CA46-4304-ABA3-0CDFFF5359A7}
REMOVES: FirewallRaz (Private) : {B3AC2029-53CC-4FEC-90E5-6F7C9CC52716}
REMOVES: FirewallRaz (Private) : {F4A4B3FE-D3AF-48C4-99E5-F14B71B50AFA}
REMOVES: FirewallRaz (Private) : {D7AD0937-2B9D-4B70-AAA4-30E1C1AFA2DF}
REMOVES: FirewallRaz (Private) : {00E4AD4C-2450-4DB1-A1C4-2B75194BD809}
REMOVES: FirewallRaz (Private) : {5C566CC6-3081-4B81-9E05-61C7D1ECCA87}
REMOVES: FirewallRaz (Private) : {26820759-13E2-43D2-A6E4-B35A0EB614B8}
REMOVES: FirewallRaz (Private) : {732559B7-07DA-49AA-9832-6D19080E5F71}
REMOVES: FirewallRaz (Private) : {3A93729A-37BF-4EA9-A2A4-130574437746}
REMOVES: FirewallRaz (Private) : {E40F5596-DB54-42BB-933F-39375E66947D}
ProxyFix : Proxy configuration successfully removed
REMOVES ProxyServer Value
REMOVES ProxyEnable Value
REMOVES EnableHttp1_1 Value
REMOVES ProxyHttp1.1 Value
REMOVES ProxyOverride Value

========== Elements of the registry data ==========
REMOVES Explorer Association Data Application: http://www.fileextensionpro.com/redir.aspx?s=obrdc1_0_0_0_0,f3a4a563-0d64-4fd2-a163-fe370bb80cb8,&LangID=%04x&Ext=%s
REMOVES Explorer Association Data Application: http://shell.windows.com/fileassoc/%04x/xml/redir.asp?Ext=%s
REMOVES TCPIP: DhcpNameServer = 192.168.1.1

========== Folders ==========
REMOVES: c:\program files (x86)\enigma software group
REMOVES: c:\programdata\microsoft toolkit
REMOVES: c:\users\ahmed\appdata\local\installer
REMOVES: c:\users\ahmed\appdata\local\google\chrome\user data\default\extensions\aapocclcgogkmnckokdopfmhonfmgoek
REMOVES: c:\users\ahmed\appdata\local\google\chrome\user data\default\extensions\aohghmighlieiainnegkcijnfilokake
REMOVES: c:\users\ahmed\appdata\local\google\chrome\user data\default\extensions\apdfllckaahabafndbhieahigkjlhalf
REMOVES: c:\users\ahmed\appdata\local\google\chrome\user data\default\extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
REMOVES: c:\users\ahmed\appdata\local\google\chrome\user data\default\extensions\coobgpohoikkiipiblmjeljniedjpjpf
REMOVES: c:\users\ahmed\appdata\local\google\chrome\user data\default\extensions\felcaaldnbdncclmgdcncolpebgiejap
REMOVES: c:\users\ahmed\appdata\local\google\chrome\user data\default\extensions\jmolcgpienlcieaajfkkdamlngancncm
REMOVES: c:\users\ahmed\appdata\local\google\chrome\user data\default\extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl
REMOVES: c:\users\ahmed\appdata\local\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda
REMOVES: c:\users\ahmed\appdata\local\google\chrome\user data\default\extensions\pjkljhegncpnkpknbcohdijeoejaedia
REMOVES Reboot:** C:\Program Files (x86)\Baidu-Security-2014-4.4.4.82804
REMOVES: C:\ProgramData\Baidu
REMOVES: C:\ProgramData\Baidu Security
REMOVES: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Baidu Antivirus
REMOVES: C:\Users\ahmed\AppData\Local\ESET
Deletes temporary Windows (0)
REMOVES Flash Cookies (0)

========== Files ==========
REMOVES: c:\program files (x86)\skype\toolbars\internet explorer\skypeieplugin.dll
REMOVES Reboot: c:\program files (x86)\internet download manager\idman.exe
REMOVES Reboot: c:\users\ahmed\appdata\local\google\update\googleupdate.exe
REMOVES: c:\windows\prefetch\snipsmart.boas.exe-04fde64b.pf
REMOVES: c:\windows\prefetch\snipsmart.boasprt.exe-8a675921.pf
REMOVES: c:\windows\prefetch\snipsmart.purbrowse64.exe-fe40b4d1.pf
REMOVES: c:\windows\prefetch\wpc_mystartsearch.exe-43ce90a0.pf
REMOVES: c:\users\ahmed\appdata\local\temp\fhb3f1.tmp.exe
REMOVES: c:\users\ahmed\appdata\local\temp\fhe4a9.tmp.exe
REMOVES: c:\users\ahmed\appdata\local\temp\is-2otgk.tmp\_isetup\_shfoldr.dll
REMOVES: c:\users\ahmed\appdata\local\temp\is-tmue9.tmp\_isetup\_shfoldr.dll
REMOVES: c:\users\ahmed\appdata\local\temp\81428112019\suxatvnq10700.exe
REMOVES: c:\users\ahmed\appdata\local\temp\81428112031\suxatvnq10700.exe
REMOVES: c:\users\ahmed\appdata\local\temp\81428112050\suxatvnq10700.exe
REMOVES: c:\users\ahmed\appdata\local\temp\814281120190\setup_product_12726.exe
REMOVES: c:\users\ahmed\appdata\local\temp\814281120500\setup_product_12726.exe
REMOVES: c:\users\ahmed\appdata\local\temp\adguard\setup.exe
REMOVES: C:\Users\ahmed\Downloads\Compressed\Win 8 active\Keygen_v22.rar
Deletes temporary Windows (0) (0 octets)
REMOVES Flash Cookies (0) (0 octets)

========== Scheduled task ==========
REMOVES: GoogleUpdateTaskUserS-1-5-21-144458510-1271467923-3913286148-1001UA1d03fff664d5b9
REMOVES: Installer_shopperproDA
REMOVES: Installer_shopperproDA
REMOVES: UNELEVATE_198
REMOVES: {8ED79A4D-CA2B-442C-8C5D-78E454AA018D}
REMOVES: {F3612F18-8154-438E-904B-6D5141CAB276}

========== System restore ==========
The system successfully created restore point


========== Summary ==========
3 : Process memory
15 : Registry keys
48 : Registry values
3 : Elements of the registry data
20 : Folders
20 : Files
6 : Scheduled task
1 : System restore


End of clean in 26mn AMs

========== Path to file report ==========
C:\Users\ahmed\AppData\Roaming\ZHP\ZHPFix[R1].txt - 06-Apr-15 5:38:53 PM [543]
C:\Users\ahmed\AppData\Roaming\ZHP\ZHPFix[R2].txt - 06-Apr-15 5:39:01 PM [718]
C:\Users\ahmed\AppData\Roaming\ZHP\ZHPFix[R3].txt - 07-Apr-15 1:13:02 AM [8264]

Publicité


Signaler le contenu de ce document

Publicité