cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Rapport de ZHPFix 2015.4.9.5 par Nicolas Coolman, Update du 18/03/2015
Fichier d'export Registre :
Run by sci usto at 05/06/2015 16:59:26
High Elevated Privileges : OK
Windows 7 Business Edition, 32-bit Service Pack 1 (Build 7601)

Corbeille vid�e (00mn 27s)
Dossier Prefetcher vid�

========== Cl�s du Registre ==========
ERREUR (AvastSvc.exe) [HKLM\SOFTWARE\Microsoft\...\Image File Execution Options\AvastSvc.exe]
ERREUR (AvastUI.exe) [HKLM\SOFTWARE\Microsoft\...\Image File Execution Options\AvastUI.exe]
ERREUR (avgidsagent.exe) [HKLM\SOFTWARE\Microsoft\...\Image File Execution Options\avgidsagent.exe]
ERREUR (Avira.ServiceHost.exe) [HKLM\SOFTWARE\Microsoft\...\Image File Execution Options\Avira.ServiceHost.exe]
ERREUR (Avira.Systray.exe) [HKLM\SOFTWARE\Microsoft\...\Image File Execution Options\Avira.Systray.exe]
ERREUR (avp.exe) [HKLM\SOFTWARE\Microsoft\...\Image File Execution Options\avp.exe]
ERREUR (avshadow.exe) [HKLM\SOFTWARE\Microsoft\...\Image File Execution Options\avshadow.exe]
ERREUR (bdagent.exe) [HKLM\SOFTWARE\Microsoft\...\Image File Execution Options\bdagent.exe]
ERREUR (blindman.exe) [HKLM\SOFTWARE\Microsoft\...\Image File Execution Options\blindman.exe]
ERREUR (ccuac.exe) [HKLM\SOFTWARE\Microsoft\...\Image File Execution Options\ccuac.exe]
ERREUR (ComboFix.exe) [HKLM\SOFTWARE\Microsoft\...\Image File Execution Options\ComboFix.exe]
ERREUR (egui.exe) [HKLM\SOFTWARE\Microsoft\...\Image File Execution Options\egui.exe]
ERREUR (hijackthis.exe) [HKLM\SOFTWARE\Microsoft\...\Image File Execution Options\hijackthis.exe]
ERREUR (instup.exe) [HKLM\SOFTWARE\Microsoft\...\Image File Execution Options\instup.exe]
ERREUR (keyscrambler.exe) [HKLM\SOFTWARE\Microsoft\...\Image File Execution Options\keyscrambler.exe]
ERREUR (mbampt.exe) [HKLM\SOFTWARE\Microsoft\...\Image File Execution Options\mbampt.exe]
ERREUR (mbamscheduler.exe) [HKLM\SOFTWARE\Microsoft\...\Image File Execution Options\mbamscheduler.exe]
ERREUR (rstrui.exe) [HKLM\SOFTWARE\Microsoft\...\Image File Execution Options\rstrui.exe]
ERREUR (SDFiles.exe) [HKLM\SOFTWARE\Microsoft\...\Image File Execution Options\SDFiles.exe]
ERREUR (SDMain.exe) [HKLM\SOFTWARE\Microsoft\...\Image File Execution Options\SDMain.exe]
ERREUR (SDWinSec.exe) [HKLM\SOFTWARE\Microsoft\...\Image File Execution Options\SDWinSec.exe]
ERREUR (setup.exe) [HKLM\SOFTWARE\Microsoft\...\Image File Execution Options\setup.exe]
ERREUR (spybotsd.exe) [HKLM\SOFTWARE\Microsoft\...\Image File Execution Options\spybotsd.exe]
ERREUR (SUPERAntiSpyware.exe) [HKLM\SOFTWARE\Microsoft\...\Image File Execution Options\SUPERAntiSpyware.exe]
ERREUR (update.exe) [HKLM\SOFTWARE\Microsoft\...\Image File Execution Options\update.exe]
ERREUR (wireshark.exe) [HKLM\SOFTWARE\Microsoft\...\Image File Execution Options\wireshark.exe]
ERREUR (zlclient.exe) [HKLM\SOFTWARE\Microsoft\...\Image File Execution Options\zlclient.exe]
SUPPRIM�: Mozilla Plugin: @pandonetworks.com/PandoWebPlugin
SUPPRIM� Driver Key: bqjbkwsw
SUPPRIM� Driver Key: dtsoftbus01
SUPPRIM�: HKCU\Software\48555InstEnd
SUPPRIM�: HKCU\Software\Safer Networking Limited
SUPPRIM�: HKLM\Software\Safer Networking Limited
SUPPRIM�:� O50 - IFEO:Image File Execution Options - AvastSvc.exe - C:\ProgramData\403349\AdobeARM.exe
SUPPRIM�:� O50 - IFEO:Image File Execution Options - AvastUI.exe - C:\ProgramData\403349\AdobeARM.exe
SUPPRIM�:� O50 - IFEO:Image File Execution Options - avgidsagent.exe - C:\ProgramData\403349\AdobeARM.exe
SUPPRIM�:� O50 - IFEO:Image File Execution Options - Avira.ServiceHost.exe - C:\ProgramData\403349\AdobeARM.exe
SUPPRIM�:� O50 - IFEO:Image File Execution Options - Avira.Systray.exe - C:\ProgramData\403349\AdobeARM.exe
SUPPRIM�:� O50 - IFEO:Image File Execution Options - avp.exe - C:\ProgramData\403349\AdobeARM.exe
SUPPRIM�:� O50 - IFEO:Image File Execution Options - avshadow.exe - C:\ProgramData\403349\AdobeARM.exe
SUPPRIM�:� O50 - IFEO:Image File Execution Options - bdagent.exe - C:\ProgramData\403349\AdobeARM.exe
SUPPRIM�:� O50 - IFEO:Image File Execution Options - blindman.exe - C:\ProgramData\403349\AdobeARM.exe
SUPPRIM�:� O50 - IFEO:Image File Execution Options - ccuac.exe - C:\ProgramData\403349\AdobeARM.exe
SUPPRIM�:� O50 - IFEO:Image File Execution Options - ComboFix.exe - C:\ProgramData\403349\AdobeARM.exe
SUPPRIM�:� O50 - IFEO:Image File Execution Options - egui.exe - C:\ProgramData\403349\AdobeARM.exe
SUPPRIM�:� O50 - IFEO:Image File Execution Options - hijackthis.exe - C:\ProgramData\403349\AdobeARM.exe
SUPPRIM�:� O50 - IFEO:Image File Execution Options - instup.exe - C:\ProgramData\403349\AdobeARM.exe
SUPPRIM�:� O50 - IFEO:Image File Execution Options - keyscrambler.exe - C:\ProgramData\403349\AdobeARM.exe
SUPPRIM�:� O50 - IFEO:Image File Execution Options - mbampt.exe - C:\ProgramData\403349\AdobeARM.exe
SUPPRIM�:� O50 - IFEO:Image File Execution Options - mbamscheduler.exe - C:\ProgramData\403349\AdobeARM.exe
SUPPRIM�:� O50 - IFEO:Image File Execution Options - rstrui.exe - C:\ProgramData\403349\AdobeARM.exe
SUPPRIM�:� O50 - IFEO:Image File Execution Options - SDFiles.exe - C:\ProgramData\403349\AdobeARM.exe
SUPPRIM�:� O50 - IFEO:Image File Execution Options - SDMain.exe - C:\ProgramData\403349\AdobeARM.exe
SUPPRIM�:� O50 - IFEO:Image File Execution Options - SDWinSec.exe - C:\ProgramData\403349\AdobeARM.exe
SUPPRIM�:� O50 - IFEO:Image File Execution Options - setup.exe - C:\ProgramData\403349\AdobeARM.exe
SUPPRIM�:� O50 - IFEO:Image File Execution Options - spybotsd.exe - C:\ProgramData\403349\AdobeARM.exe
SUPPRIM�:� O50 - IFEO:Image File Execution Options - SUPERAntiSpyware.exe - C:\ProgramData\403349\AdobeARM.exe
SUPPRIM�:� O50 - IFEO:Image File Execution Options - update.exe - C:\ProgramData\403349\AdobeARM.exe
SUPPRIM�:� O50 - IFEO:Image File Execution Options - wireshark.exe - C:\ProgramData\403349\AdobeARM.exe
SUPPRIM�:� O50 - IFEO:Image File Execution Options - zlclient.exe - C:\ProgramData\403349\AdobeARM.exe
SUPPRIM� CLSID MPSK: {33f63e43-e4b5-11e3-9a4b-d43d7ef98512}
SUPPRIM� CLSID MPSK: {3653f537-29e9-11e4-b697-d43d7ef98512}

========== Valeurs du Registre ==========
Aucune Valeur Standard Profile: FirewallRaz :
Aucune Valeur Domain Profile: FirewallRaz :
SUPPRIM�: FirewallRaz (Public) : TCP Query User{CBBFEF9C-5B60-48C2-82C6-D54D08A156DB}C:\program files\java\jre6\bin\java.exe
SUPPRIM�: FirewallRaz (Public) : UDP Query User{95FFCB96-0E2B-49D8-AB32-AFC3CF2612CF}C:\program files\java\jre6\bin\java.exe
SUPPRIM�: FirewallRaz (Public) : TCP Query User{4749ACFB-FFF4-4806-8EAD-27BB63233509}C:\program files\setti\counter-strike source\hl2.exe
SUPPRIM�: FirewallRaz (Public) : UDP Query User{7B53CF4C-E031-4072-B1B8-01B30CA4E2C1}C:\program files\setti\counter-strike source\hl2.exe
SUPPRIM�: FirewallRaz (Public) : TCP Query User{89889DF0-724C-4EF0-B5E5-B9E98E2F02FF}C:\program files\xfire2\xfire.exe
SUPPRIM�: FirewallRaz (Public) : UDP Query User{91A2936F-F4FF-4A8D-87B1-8A4C2EE5A7DC}C:\program files\xfire2\xfire.exe
SUPPRIM�: FirewallRaz (Domain) : {747E100A-67D7-481E-A055-F5A04018A4C5}
SUPPRIM�: FirewallRaz (Domain) : {D6C5AF91-6F3F-4F0E-9155-923FF8697977}
SUPPRIM�: FirewallRaz (Domain) : {9BF86838-21B8-41F7-BB99-2D9217066E8D}
SUPPRIM�: FirewallRaz (Domain) : {884647EE-8B28-4C2F-88D9-E16B8023C6B2}
SUPPRIM�: FirewallRaz (Public) : TCP Query User{9FE0C53E-1BF4-487C-8AC7-B73CCE6BEA77}C:\users\sci usto\appdata\local\temp\rar$ex80.968\frozenway 1.6.5\frozenway.exe
SUPPRIM�: FirewallRaz (Public) : UDP Query User{44D78589-A982-4D16-88C8-2041624833FD}C:\users\sci usto\appdata\local\temp\rar$ex80.968\frozenway 1.6.5\frozenway.exe
SUPPRIM�: FirewallRaz (Public) : TCP Query User{C128AED4-4F53-4413-9832-41B13191B600}C:\users\sci usto\appdata\local\temp\rar$ex76.464\frozenway 1.6.5\frozenway.exe
SUPPRIM�: FirewallRaz (Public) : UDP Query User{0374FD5D-B423-4366-A516-804C2F827D5E}C:\users\sci usto\appdata\local\temp\rar$ex76.464\frozenway 1.6.5\frozenway.exe
SUPPRIM�: FirewallRaz (Public) : {63EB4962-D3F3-47AA-A49F-21B81348687B}
SUPPRIM�: FirewallRaz (Public) : {6F076F42-6B41-4106-88AC-D13C65D1F625}
SUPPRIM�: FirewallRaz (Public) : TCP Query User{D424FB8D-9B54-466D-9748-023BE5C6E7A7}C:\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcher.exe
SUPPRIM�: FirewallRaz (Public) : UDP Query User{EA11B744-187E-4B33-910D-CE21A548CBA5}C:\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcher.exe
SUPPRIM�: FirewallRaz (Public) : TCP Query User{2E3B71D5-32BF-446D-992E-7C483769AB25}C:\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcherux.exe
SUPPRIM�: FirewallRaz (Public) : UDP Query User{38D0121F-C99C-4743-8B2F-333D9DA6B7B7}C:\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcherux.exe
SUPPRIM�: FirewallRaz (Private) : TCP Query User{DFC4D81F-56B0-410D-B957-36E576FF34E5}C:\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcher.exe
SUPPRIM�: FirewallRaz (Private) : UDP Query User{85ABC7C6-43FE-4B8E-80E8-512FB7F44EA5}C:\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcher.exe
SUPPRIM�: FirewallRaz (Private) : TCP Query User{8E3B117F-2DA1-49B7-9B2D-2F00BF50CF2C}C:\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcherux.exe
SUPPRIM�: FirewallRaz (Private) : UDP Query User{8D91A9FC-AD27-4492-BCE2-AA154C204981}C:\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcherux.exe
SUPPRIM�: FirewallRaz (Private) : TCP Query User{B353D8FD-EF2B-449D-AA9F-746F7B97D05B}C:\program files\java\jre6\bin\java.exe
SUPPRIM�: FirewallRaz (Private) : UDP Query User{A4A2DB07-9472-4992-B933-3C2A4A97768D}C:\program files\java\jre6\bin\java.exe
SUPPRIM�: FirewallRaz (Private) : {E05EC613-84B6-47A5-9993-42EB28F43579}
SUPPRIM�: FirewallRaz (Private) : {202FEDD0-5BDB-4966-9240-BB866D8159F3}
SUPPRIM�: FirewallRaz (Private) : {D7C2367E-DA01-4FB0-AD78-395EB652D2EB}
SUPPRIM�: FirewallRaz (Private) : {316C1423-42E7-444C-A423-F6D3C2735ABC}
SUPPRIM�: FirewallRaz (Private) : {5E38C1C9-2569-4C7D-A08D-AA0229C48374}
SUPPRIM�: FirewallRaz (Private) : {2EDF3F7C-C231-489F-8D6E-0B513D097ACF}
SUPPRIM�: FirewallRaz (Public) : {BB78BBA7-4301-4F20-AE40-E6431BD794A2}
SUPPRIM�: FirewallRaz (Public) : {23A94841-5631-4D0C-B36E-607E8C711071}
SUPPRIM�: FirewallRaz (Public) : TCP Query User{4F418A4F-0D1B-47A5-96C7-5AD696CF4820}C:\users\sci usto\appdata\local\temp\rar$ex05.056\ratiomaster.net.exe
SUPPRIM�: FirewallRaz (Public) : UDP Query User{AB4F74A5-C1EA-4CEB-9252-8591043C8014}C:\users\sci usto\appdata\local\temp\rar$ex05.056\ratiomaster.net.exe
SUPPRIM�: FirewallRaz (Public) : TCP Query User{2A68422A-91BF-43ED-918F-AC64F92DCD0F}C:\users\sci usto\appdata\local\temp\rar$ex29.464\ratiomaster.net.exe
SUPPRIM�: FirewallRaz (Public) : UDP Query User{3A6E350D-F01B-4892-8692-7F5F5A4C87E9}C:\users\sci usto\appdata\local\temp\rar$ex29.464\ratiomaster.net.exe
SUPPRIM�: FirewallRaz (Public) : TCP Query User{A94B2DB6-43BC-4BDB-9CEB-71ED0E893974}C:\users\sci usto\appdata\local\temp\rar$ex65.168\mratio4.5\mratio.exe
SUPPRIM�: FirewallRaz (Public) : UDP Query User{6928D3FE-F4D6-412A-927B-063336344683}C:\users\sci usto\appdata\local\temp\rar$ex65.168\mratio4.5\mratio.exe
SUPPRIM�: FirewallRaz (Public) : TCP Query User{1DCCFBE4-9549-4F3B-BC50-8FBCC3D97134}C:\program files\microsoft games\dungeon siege\dungeonsiege.exe
SUPPRIM�: FirewallRaz (Public) : UDP Query User{E900519E-60B5-4CB9-B9C7-E6B5324DF45D}C:\program files\microsoft games\dungeon siege\dungeonsiege.exe
SUPPRIM�: FirewallRaz (None) : {58FDE3BC-B678-4AE0-8919-CD2FEFC6413E}
SUPPRIM�: FirewallRaz (None) : {9C07D855-1B09-4E22-98F4-5B5C69FAD980}
SUPPRIM�: FirewallRaz (None) : {F44CDF6C-228B-4DBB-84A6-9DF57132330C}
SUPPRIM�: FirewallRaz (None) : {879E3679-E92D-4E5A-97CB-720ECAB8AAF9}
SUPPRIM�: FirewallRaz (None) : {09468DCF-521D-4ACC-92E0-039D372C90EF}
SUPPRIM�: FirewallRaz (None) : {31855D43-6A9C-433F-B252-4BE2D5B63947}
SUPPRIM�: FirewallRaz (None) : {C81788E0-F8E7-43C4-ADC2-B808F4E083A0}
SUPPRIM�: FirewallRaz (None) : {E06C252E-B0E4-4A94-8D11-32FBF87FB74C}
SUPPRIM�: FirewallRaz (None) : {C615B670-867A-4186-A815-3056A2A5CC6A}
SUPPRIM�: FirewallRaz (None) : {1848CAF3-E0BC-45E0-879A-701BD320FAB9}
SUPPRIM�: FirewallRaz (None) : {776052EA-59F7-4B38-8E3C-DB3F84F44AB6}
SUPPRIM�: FirewallRaz (None) : {47A63F34-B646-4096-AF82-F38D363C2922}
SUPPRIM�: FirewallRaz (Public) : TCP Query User{7BD0120D-BD6E-4FD2-B49F-0ACB3F19E12A}C:\program files\activision\call of duty 4 - modern warfare\call_of_duty_4_modern_warfare_patch_v1.1_multi-langues_182170.exe
SUPPRIM�: FirewallRaz (Public) : UDP Query User{8B3D6CFD-F71F-431A-B91B-3EB76B935F75}C:\program files\activision\call of duty 4 - modern warfare\call_of_duty_4_modern_warfare_patch_v1.1_multi-langues_182170.exe
SUPPRIM�: FirewallRaz (Public) : TCP Query User{C9FA0E51-058B-4D94-A6E1-0C3D15C8A216}C:\program files\activision\call of duty modern warfare 3\iw5mp_server.exe
SUPPRIM�: FirewallRaz (Public) : UDP Query User{CD2864E4-63CF-439F-A476-4E49DED1915C}C:\program files\activision\call of duty modern warfare 3\iw5mp_server.exe
SUPPRIM�: FirewallRaz (Public) : TCP Query User{BA890877-84BB-45EA-90EF-50DC9A24FE5B}C:\program files\activision\call of duty modern warfare 3\teknomw3_dedicated.exe
SUPPRIM�: FirewallRaz (Public) : UDP Query User{508638A4-BC59-4F0E-97FE-0346AB956780}C:\program files\activision\call of duty modern warfare 3\teknomw3_dedicated.exe
SUPPRIM�: Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F}
SUPPRIM� RunValue: Adobe
SUPPRIM�: TCP Query User{3DA27433-EE10-412D-A711-3156115AA129}C:\program files\vuze\azureus.exe
SUPPRIM�: UDP Query User{C9AB50D1-6E3F-4418-8AC4-B9E949127170}C:\program files\vuze\azureus.exe
SUPPRIM�: {77A8695A-46A3-423B-9748-BDD141F6B6FA}
SUPPRIM�: {28146803-EB09-45AA-8EA4-273FB8A393C1}

========== El�ments de donn�e du Registre ==========
SUPPRIM� Explorer Association Data Application: http://www.fileextensionpro.com/redir.aspx?s=smtyc0_0_0_0_0,43560754-878b-4354-90d8-107a2275e849,&LangID=%04x&Ext=%s
SUPPRIM�: WebSite = 0

========== Dossiers ==========
SUPPRIM�S Temporaires Windows (114)
SUPPRIM�S Flash Cookies (0)
SUPPRIM�: C:\Program Files\Enigma Software Group
SUPPRIM�: C:\ProgramData\403349
SUPPRIM�: C:\ProgramData\403449
SUPPRIM�: C:\ProgramData\LumaEmu_SteamCloud
SUPPRIM�: C:\ProgramData\Spybot - Search & Destroy
SUPPRIM�: C:\ProgramData\{cbcf5e7c-f7c4-656d-cbcf-f5e7cf7c79f3}
SUPPRIM�: C:\Users\sci usto\AppData\Local\CRE
SUPPRIM�: C:\Users\sci usto\AppData\Local\LumaEmu
SUPPRIM�: C:\Users\sci usto\AppData\Local\TB

========== Fichiers ==========
SUPPRIM�S Temporaires Windows (397) (102�807�263 octets)
SUPPRIM�S Flash Cookies (0) (0 octets)
SUPPRIM�: c:\programdata\403349\adobearm.exe
SUPPRIM�: c:\windows\prefetch\azureus.exe-d24891ab.pf
SUPPRIM�: c:\windows\prefetch\wisecustomcalla.exe-3156b358.pf
SUPPRIM�: c:\windows\prefetch\wisecustomcalla11.exe-e4a560fa.pf
SUPPRIM�: c:\windows\prefetch\wisecustomcalla2.exe-78c07b12.pf
SUPPRIM�: c:\windows\prefetch\wisecustomcalla3.exe-8c163597.pf
SUPPRIM�: c:\windows\prefetch\wisecustomcalla4.exe-9f6bf01c.pf

========== Tache planifi�e ==========
SUPPRIM�: {1DA23719-DB7C-46A3-BF28-A9A29E6D7C84}
SUPPRIM�: {538713D2-8B0F-4543-B97B-6BEA174E275A}
SUPPRIM�: {74586C1F-28F8-426B-90E2-884B7D1DA230}
SUPPRIM�: {AB24A733-8FE1-45BA-BBE2-8CECC9B00007}
SUPPRIM�: {F8A15D4F-6496-4C19-80D8-12920CD4E46B}

========== Autre ==========



========== R�capitulatif ==========
62 : Cl�s du Registre
68 : Valeurs du Registre
2 : El�ments de donn�e du Registre
11 : Dossiers
9 : Fichiers
5 : Tache planifi�e
1 : Autre


End of clean in 00mn 45s

========== Chemin de fichier rapport ==========
C:\Users\sci usto\AppData\Roaming\ZHP\ZHPFix[R1].txt - 05/06/2015 16:59:54 [15920]

Publicité


Signaler le contenu de ce document

Publicité