Publicité
Publicité
Format du document : text/plain
Prévisualisation
Rapport de ZHPFix 2015.10.19.9 par Nicolas Coolman, Update du 19/10/2015
Fichier d'export Registre :
Run by MOH at 28-12-2015 0:47:18
High Elevated Privileges : OK
Windows 7 Ultimate Edition, 64-bit Service Pack 1 (Build 7601)
Recycle Bin emptied (00mn 06s)
Prefetcher emptied
========== Process memory ==========
REMOVES: Memory Process: C:\Program Files (x86)\Blazers\wac.exe
========== Registry keys ==========
REMOVES: Service: MoboroboDeviceService
REMOVES: Service: SpyHunter 4 Service
REMOVES: Service: Watsvc
REMOVES: CLSID BHO: {0055C089-8582-441B-A0BF-17B458C2A3A8}
REMOVES: [HKLM\SOFTWARE\Classes\CLSID\{0055C089-8582-441B-A0BF-17B458C2A3A8}]
REMOVES: CLSID BHO: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA}
REMOVES: [HKLM\SOFTWARE\Classes\CLSID\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
REMOVES: HKCU\SOFTWARE\Yahoo
REMOVES:* StartupReg: Messenger (Yahoo!)
REMOVES: [HKLM\Software\Classes\Installer\Products\\4C7D129C7D420124EA9EFD5CDD7C4882]
REMOVES: [HKLM\Software\Classes\Installer\Features\4C7D129C7D420124EA9EFD5CDD7C4882]
========== Registry values ==========
ABSENT value Standard Profile: FirewallRaz :
ABSENT value Domain Profile: FirewallRaz :
REMOVES: FirewallRaz (Public) : {BEFC6F5D-3E71-4F9C-9A29-244461DA5C97}
REMOVES: FirewallRaz (Public) : {5B1BF494-26D0-49B8-A892-F4E9764A6422}
REMOVES: FirewallRaz (None) : {AF747CC0-E37C-4342-90B8-91CC94FAAFAE}
REMOVES: FirewallRaz (Public) : {584B5171-3071-4B2D-9432-4F85538E293F}
REMOVES: FirewallRaz (Public) : {D81D487C-ECE0-4CD7-9DF0-5F229272C043}
REMOVES: FirewallRaz (Private) : {16E7945A-1E1A-46F1-A646-0785E397B4A5}
REMOVES: FirewallRaz (Private) : {65793D67-99DC-4EF7-9702-421ACE0860A4}
REMOVES: URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497}
REMOVES RunValue: RTHDVCPL
REMOVES RunValue: AdobeBridge
REMOVES RunValue: IDMan
REMOVES RunValue: ShuameDaemon
REMOVES RunValue: GenieFloater
REMOVES RunValue: Google Update
REMOVES RunValue: uTorrent
REMOVES RunValue: msnmsgr
REMOVES RunValue: StartCCC
REMOVES RunValue: SwitchBoard
REMOVES RunValue: JMB36X IDE Setup
REMOVES RunValue: BrMfcWnd
REMOVES RunValue: Sidebar
REMOVES RunValue: SPReview
REMOVES RunValue: mctadmin
========== Elements of the registry data ==========
REMOVES: R1 Search Page = http://search.msn.com/spbasic.htm
REMOVES: R5 AutoConfigProxy = wininet.dll
========== Preferences browser ==========
REMOVES Folder Chrome: C:\Users\MOH\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek
REMOVES Folder Chrome: C:\Users\MOH\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
REMOVES Folder Chrome: C:\Users\MOH\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
REMOVES Folder Chrome: C:\Users\MOH\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
REMOVES Folder Chrome: C:\Users\MOH\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
REMOVES Folder Chrome: C:\Users\MOH\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj
REMOVES Folder Chrome: C:\Users\MOH\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap
REMOVES Folder Chrome: C:\Users\MOH\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi
REMOVES Folder Chrome: C:\Users\MOH\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeaohhlajejodfjadcponpnjgkiikocn
REMOVES Folder Chrome: C:\Users\MOH\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpoimibckejjdjcfbdnajaicnklhfplh
REMOVES Folder Chrome: C:\Users\MOH\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
REMOVES Folder Chrome: C:\Users\MOH\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
REMOVES Folder Chrome: C:\Users\MOH\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman
REMOVES Mozilla Pref: https://www.facebook.com/
========== Folders ==========
Deletes temporary Windows (755)
REMOVES Flash Cookies (0)
REMOVES: C:\Users\MOH\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek
REMOVES: C:\Users\MOH\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
REMOVES: C:\Users\MOH\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
REMOVES: C:\Users\MOH\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
REMOVES: C:\Users\MOH\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
REMOVES: C:\Users\MOH\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj
REMOVES: C:\Users\MOH\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap
REMOVES: C:\Users\MOH\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi
REMOVES: C:\Users\MOH\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeaohhlajejodfjadcponpnjgkiikocn
REMOVES: C:\Users\MOH\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpoimibckejjdjcfbdnajaicnklhfplh
REMOVES: C:\Users\MOH\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
REMOVES: C:\Users\MOH\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
REMOVES: C:\Users\MOH\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman
REMOVES: C:\Program Files (x86)\%BelArabi_BetaV_1.0%
REMOVES: C:\Program Files (x86)\Temp
REMOVES: C:\ProgramData\Microsoft Toolkit
========== Files ==========
Deletes temporary Windows (3650) (75,316,659,054 octets)
REMOVES Flash Cookies (0) (0 octets)
REMOVES: c:\program files (x86)\blazers\watsvc.exe
REMOVES:* c:\program files (x86)\blazers\wac.exe
REMOVES: c:\program files\realtek\audio\hda\ravcpl64.exe
REMOVES: c:\users\moh\appdata\local\google\update\googleupdate.exe
REMOVES: c:\users\moh\appdata\roaming\utorrent\utorrent.exe
REMOVES: c:\windows\raidtool\xinside.exe
REMOVES Reboot: c:\program files (x86)\windows sidebar\sidebar.exe
REMOVES Reboot: c:\windows\system32\spreview\spreview.exe
REMOVES Reboot: c:\windows\system32\mctadmin.exe
REMOVES Reboot: c:\users\moh\appdata\roaming\utorrent\utorrent.exe
REMOVES: c:\windows\prefetch\mobogenie.exe-dc0315da.pf
REMOVES: c:\windows\prefetch\mobogeniehelper.exe-e33388d2.pf
REMOVES: c:\windows\prefetch\mobogeniep2sp.exe-502e695b.pf
========== Scheduled task ==========
REMOVES: Uninstaller_SkipUac_MOH
REMOVES: {A8BE776F-A550-4913-B57D-176928B22FFB}
========== Other ==========
NON-TREATY R1 - HKUS\S-1-5-21-2407286666-4007534521-3740528287-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar
NON-TREATY O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E1B1E486-F778-4FCE-B018-56161797B485}: DhcpNameServer
NON-TREATY http://www.nicolascoolman.fr/?p=4664
NON-TREATY http://www.nicolascoolman.fr/?p=1804
NON-TREATY http://www.nicolascoolman.fr/?p=215
NON-TREATY http://www.nicolascoolman.fr/?p=368
NON-TREATY http://www.nicolascoolman.fr/?p=1402
========== Summary ==========
1 : Process memory
11 : Registry keys
25 : Registry values
2 : Elements of the registry data
18 : Folders
15 : Files
14 : Preferences browser
2 : Scheduled task
7 : Other
End of clean in 01mn 15s
========== Path to file report ==========
C:\Users\MOH\AppData\Roaming\ZHP\ZHPFix[R1].txt - 28-12-2015 0:47:25 [7621]
Fichier d'export Registre :
Run by MOH at 28-12-2015 0:47:18
High Elevated Privileges : OK
Windows 7 Ultimate Edition, 64-bit Service Pack 1 (Build 7601)
Recycle Bin emptied (00mn 06s)
Prefetcher emptied
========== Process memory ==========
REMOVES: Memory Process: C:\Program Files (x86)\Blazers\wac.exe
========== Registry keys ==========
REMOVES: Service: MoboroboDeviceService
REMOVES: Service: SpyHunter 4 Service
REMOVES: Service: Watsvc
REMOVES: CLSID BHO: {0055C089-8582-441B-A0BF-17B458C2A3A8}
REMOVES: [HKLM\SOFTWARE\Classes\CLSID\{0055C089-8582-441B-A0BF-17B458C2A3A8}]
REMOVES: CLSID BHO: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA}
REMOVES: [HKLM\SOFTWARE\Classes\CLSID\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
REMOVES: HKCU\SOFTWARE\Yahoo
REMOVES:* StartupReg: Messenger (Yahoo!)
REMOVES: [HKLM\Software\Classes\Installer\Products\\4C7D129C7D420124EA9EFD5CDD7C4882]
REMOVES: [HKLM\Software\Classes\Installer\Features\4C7D129C7D420124EA9EFD5CDD7C4882]
========== Registry values ==========
ABSENT value Standard Profile: FirewallRaz :
ABSENT value Domain Profile: FirewallRaz :
REMOVES: FirewallRaz (Public) : {BEFC6F5D-3E71-4F9C-9A29-244461DA5C97}
REMOVES: FirewallRaz (Public) : {5B1BF494-26D0-49B8-A892-F4E9764A6422}
REMOVES: FirewallRaz (None) : {AF747CC0-E37C-4342-90B8-91CC94FAAFAE}
REMOVES: FirewallRaz (Public) : {584B5171-3071-4B2D-9432-4F85538E293F}
REMOVES: FirewallRaz (Public) : {D81D487C-ECE0-4CD7-9DF0-5F229272C043}
REMOVES: FirewallRaz (Private) : {16E7945A-1E1A-46F1-A646-0785E397B4A5}
REMOVES: FirewallRaz (Private) : {65793D67-99DC-4EF7-9702-421ACE0860A4}
REMOVES: URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497}
REMOVES RunValue: RTHDVCPL
REMOVES RunValue: AdobeBridge
REMOVES RunValue: IDMan
REMOVES RunValue: ShuameDaemon
REMOVES RunValue: GenieFloater
REMOVES RunValue: Google Update
REMOVES RunValue: uTorrent
REMOVES RunValue: msnmsgr
REMOVES RunValue: StartCCC
REMOVES RunValue: SwitchBoard
REMOVES RunValue: JMB36X IDE Setup
REMOVES RunValue: BrMfcWnd
REMOVES RunValue: Sidebar
REMOVES RunValue: SPReview
REMOVES RunValue: mctadmin
========== Elements of the registry data ==========
REMOVES: R1 Search Page = http://search.msn.com/spbasic.htm
REMOVES: R5 AutoConfigProxy = wininet.dll
========== Preferences browser ==========
REMOVES Folder Chrome: C:\Users\MOH\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek
REMOVES Folder Chrome: C:\Users\MOH\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
REMOVES Folder Chrome: C:\Users\MOH\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
REMOVES Folder Chrome: C:\Users\MOH\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
REMOVES Folder Chrome: C:\Users\MOH\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
REMOVES Folder Chrome: C:\Users\MOH\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj
REMOVES Folder Chrome: C:\Users\MOH\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap
REMOVES Folder Chrome: C:\Users\MOH\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi
REMOVES Folder Chrome: C:\Users\MOH\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeaohhlajejodfjadcponpnjgkiikocn
REMOVES Folder Chrome: C:\Users\MOH\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpoimibckejjdjcfbdnajaicnklhfplh
REMOVES Folder Chrome: C:\Users\MOH\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
REMOVES Folder Chrome: C:\Users\MOH\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
REMOVES Folder Chrome: C:\Users\MOH\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman
REMOVES Mozilla Pref: https://www.facebook.com/
========== Folders ==========
Deletes temporary Windows (755)
REMOVES Flash Cookies (0)
REMOVES: C:\Users\MOH\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek
REMOVES: C:\Users\MOH\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
REMOVES: C:\Users\MOH\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
REMOVES: C:\Users\MOH\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
REMOVES: C:\Users\MOH\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
REMOVES: C:\Users\MOH\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj
REMOVES: C:\Users\MOH\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap
REMOVES: C:\Users\MOH\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi
REMOVES: C:\Users\MOH\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeaohhlajejodfjadcponpnjgkiikocn
REMOVES: C:\Users\MOH\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpoimibckejjdjcfbdnajaicnklhfplh
REMOVES: C:\Users\MOH\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
REMOVES: C:\Users\MOH\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
REMOVES: C:\Users\MOH\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman
REMOVES: C:\Program Files (x86)\%BelArabi_BetaV_1.0%
REMOVES: C:\Program Files (x86)\Temp
REMOVES: C:\ProgramData\Microsoft Toolkit
========== Files ==========
Deletes temporary Windows (3650) (75,316,659,054 octets)
REMOVES Flash Cookies (0) (0 octets)
REMOVES: c:\program files (x86)\blazers\watsvc.exe
REMOVES:* c:\program files (x86)\blazers\wac.exe
REMOVES: c:\program files\realtek\audio\hda\ravcpl64.exe
REMOVES: c:\users\moh\appdata\local\google\update\googleupdate.exe
REMOVES: c:\users\moh\appdata\roaming\utorrent\utorrent.exe
REMOVES: c:\windows\raidtool\xinside.exe
REMOVES Reboot: c:\program files (x86)\windows sidebar\sidebar.exe
REMOVES Reboot: c:\windows\system32\spreview\spreview.exe
REMOVES Reboot: c:\windows\system32\mctadmin.exe
REMOVES Reboot: c:\users\moh\appdata\roaming\utorrent\utorrent.exe
REMOVES: c:\windows\prefetch\mobogenie.exe-dc0315da.pf
REMOVES: c:\windows\prefetch\mobogeniehelper.exe-e33388d2.pf
REMOVES: c:\windows\prefetch\mobogeniep2sp.exe-502e695b.pf
========== Scheduled task ==========
REMOVES: Uninstaller_SkipUac_MOH
REMOVES: {A8BE776F-A550-4913-B57D-176928B22FFB}
========== Other ==========
NON-TREATY R1 - HKUS\S-1-5-21-2407286666-4007534521-3740528287-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar
NON-TREATY O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E1B1E486-F778-4FCE-B018-56161797B485}: DhcpNameServer
NON-TREATY http://www.nicolascoolman.fr/?p=4664
NON-TREATY http://www.nicolascoolman.fr/?p=1804
NON-TREATY http://www.nicolascoolman.fr/?p=215
NON-TREATY http://www.nicolascoolman.fr/?p=368
NON-TREATY http://www.nicolascoolman.fr/?p=1402
========== Summary ==========
1 : Process memory
11 : Registry keys
25 : Registry values
2 : Elements of the registry data
18 : Folders
15 : Files
14 : Preferences browser
2 : Scheduled task
7 : Other
End of clean in 01mn 15s
========== Path to file report ==========
C:\Users\MOH\AppData\Roaming\ZHP\ZHPFix[R1].txt - 28-12-2015 0:47:25 [7621]