cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Rapport de ZHPFix 2015.10.19.9 par Nicolas Coolman, Update du 19/10/2015
Fichier d'export Registre :
Run by Marc at 02/04/2016 18:04:43
High Elevated Privileges : OK
Windows 7 Home Premium Edition, 64-bit Service Pack 1 (Build 7601)

Corbeille vidée (00mn 02s)

========== Clés du Registre ==========
SUPPRIMÉ: HKCU\SOFTWARE\5228a88
SUPPRIMÉ: HKLM\SOFTWARE\Wow6432Node\InstallMonetizer
SUPPRIMÉ: HKLM\SOFTWARE\Wow6432Node\PCTools
Branche de Base de Registres IFEO non infectée !

========== Valeurs du Registre ==========
SUPPRIMÉ RunValue: InstallerLauncher
SUPPRIMÉ: TCP Query User{38F0EC70-C85E-410B-930A-12D9179C9769}C:\users\marc\appdata\local\temp\rar$ex74.720\dcc.exe
SUPPRIMÉ: UDP Query User{6F74D745-9457-42EF-879C-5E65FB9BB59A}C:\users\marc\appdata\local\temp\rar$ex74.720\dcc.exe
SUPPRIMÉ: TCP Query User{08221164-F811-40A9-9AE6-4A9A92B07006}C:\users\marc\appdata\local\temp\rar$ex00.016\dcc.exe
SUPPRIMÉ: UDP Query User{14B1A0C7-2439-4DB0-B1A6-5F35BC90003C}C:\users\marc\appdata\local\temp\rar$ex00.016\dcc.exe
SUPPRIMÉ: {12C5FED1-D7D9-4ABD-AFE0-49D5D65D18DB}
SUPPRIMÉ: {4B78A80F-9CA9-417F-8D11-64543552E8CC}
SUPPRIMÉ: TCP Query User{15C87334-CD9F-48DC-B28C-E5D59396ECE1}C:\users\marc\appdata\local\temp\rar$ex87.144\dcc.exe
SUPPRIMÉ: UDP Query User{379965A6-4023-4337-8162-556854583495}C:\users\marc\appdata\local\temp\rar$ex87.144\dcc.exe
SUPPRIMÉ: TCP Query User{8BCA4B80-6AF7-4160-9C79-9A333DABF661}C:\users\marc\appdata\local\temp\rar$ex24.120\dcc.exe
SUPPRIMÉ: UDP Query User{8DCDFBC3-CD5B-43C8-BB14-BED2A2E975B0}C:\users\marc\appdata\local\temp\rar$ex24.120\dcc.exe
SUPPRIMÉ: TCP Query User{D017CB0B-A485-48DE-8B1D-F0F556A85474}C:\users\marc\appdata\local\temp\rar$ex57.040\dcc.exe
SUPPRIMÉ: UDP Query User{658A0BC0-54DF-45FB-A889-BCC73C5D0D8B}C:\users\marc\appdata\local\temp\rar$ex57.040\dcc.exe
SUPPRIMÉ: TCP Query User{DC25CB7E-31AE-4F3A-82CA-FB4186C1A48C}C:\users\marc\appdata\local\temp\rar$ex36.312\dcc.exe
SUPPRIMÉ: UDP Query User{96D0965B-E5BF-44EE-BB02-E8AA4A25B6D4}C:\users\marc\appdata\local\temp\rar$ex36.312\dcc.exe
SUPPRIMÉ: TCP Query User{137C1F8C-B7AB-405D-AD39-6B72B4A4745F}C:\users\marc\appdata\local\temp\rar$ex89.856\dcc.exe
SUPPRIMÉ: UDP Query User{4585493D-08B5-4E76-88B9-C9FA24081338}C:\users\marc\appdata\local\temp\rar$ex89.856\dcc.exe
SUPPRIMÉ: TCP Query User{892214F2-9616-4C14-8486-ED5F85D2D36E}C:\users\marc\appdata\local\temp\rar$ex94.560\dcc.exe
SUPPRIMÉ: UDP Query User{3FF2F283-CA2E-452A-8095-D93555757BF0}C:\users\marc\appdata\local\temp\rar$ex94.560\dcc.exe
SUPPRIMÉ: TCP Query User{EDDE3A2D-852F-4797-A2A6-6C3A953E1AB4}C:\users\marc\appdata\local\temp\rar$ex30.952\dcc.exe
SUPPRIMÉ: UDP Query User{2DB063EA-0DFF-429F-9D4C-ABDA2B14EEA2}C:\users\marc\appdata\local\temp\rar$ex30.952\dcc.exe
SUPPRIMÉ: TCP Query User{CA8B6BFC-BE2E-42C0-844F-7BBE61DCDE01}C:\users\marc\appdata\local\temp\rar$ex33.736\dcc.exe
SUPPRIMÉ: UDP Query User{D30F805B-89FF-415F-A12E-5E3868368003}C:\users\marc\appdata\local\temp\rar$ex33.736\dcc.exe
SUPPRIMÉ: TCP Query User{04F7F492-9325-403F-A876-2055579B951C}C:\users\marc\appdata\local\temp\rar$ex41.120\dcc.exe
SUPPRIMÉ: UDP Query User{B08B1E88-D195-4B1E-A9A1-B0F91961006C}C:\users\marc\appdata\local\temp\rar$ex41.120\dcc.exe
SUPPRIMÉ: TCP Query User{A9ABE21A-A05E-4A96-8A48-8C6D05462A5D}C:\users\marc\appdata\local\temp\rar$ex50.344\dcc.exe
SUPPRIMÉ: UDP Query User{24920E8C-D721-4557-9283-CDC6A4CABA35}C:\users\marc\appdata\local\temp\rar$ex50.344\dcc.exe
SUPPRIMÉ: TCP Query User{9497F2AD-F1A5-432C-9EBD-98B3DA5F0637}C:\users\marc\appdata\local\temp\rar$ex58.344\dcc.exe
SUPPRIMÉ: UDP Query User{DDF75646-2D59-49AD-B50C-F7FE5B2E8B85}C:\users\marc\appdata\local\temp\rar$ex58.344\dcc.exe
SUPPRIMÉ: TCP Query User{56945C97-A69C-4DE8-B8C5-CF44646EC38B}C:\users\marc\appdata\local\temp\rar$ex58.088\dcc.exe
SUPPRIMÉ: UDP Query User{D5BE881A-DA8A-4AA0-A093-2AF68E35AD7E}C:\users\marc\appdata\local\temp\rar$ex58.088\dcc.exe
Aucune Valeur Standard Profile: FirewallRaz :
Aucune Valeur Domain Profile: FirewallRaz :
SUPPRIMÉ: FirewallRaz (Domain) : NetPres-In-TCP-NoScope
SUPPRIMÉ: FirewallRaz (Domain) : NetPres-Out-TCP-NoScope
SUPPRIMÉ: FirewallRaz (None) : NetPres-WSD-In-UDP
SUPPRIMÉ: FirewallRaz (None) : NetPres-WSD-Out-UDP
SUPPRIMÉ: FirewallRaz (Public) : NetPres-In-TCP
SUPPRIMÉ: FirewallRaz (Public) : NetPres-Out-TCP
SUPPRIMÉ: FirewallRaz (None) : {231AACDF-8058-459D-80BD-35BE58FC4195}
SUPPRIMÉ: FirewallRaz (Private) : {579B8E10-5104-47BC-A877-3FB53004CB06}
SUPPRIMÉ: FirewallRaz (Private) : {71DDA5F8-AA07-428E-BE64-B9701AA359AE}
SUPPRIMÉ: FirewallRaz (Private) : {8640011A-9429-4FC8-9E63-5B8B3AD7C6E4}
SUPPRIMÉ: FirewallRaz (Private) : {A160C916-DFF8-42E8-ACC2-8D708EC168B8}
SUPPRIMÉ: FirewallRaz (Private) : TCP Query User{E55316DB-CC32-4D5F-8C70-88804B5D7ECC}C:\program files (x86)\java\jre6\bin\javaw.exe
SUPPRIMÉ: FirewallRaz (Private) : UDP Query User{70AA467E-39C2-4BC0-A7CA-12B6253BB5BE}C:\program files (x86)\java\jre6\bin\javaw.exe
SUPPRIMÉ: FirewallRaz (Private) : {71C4E98F-7CAC-4E67-B215-7ABDB212DB99}
SUPPRIMÉ: FirewallRaz (Private) : {867FF181-1449-4A99-AEDF-178E420C0150}
SUPPRIMÉ: FirewallRaz (Private) : {EF985F96-4EBE-459E-91E8-61C93E20A812}
SUPPRIMÉ: FirewallRaz (Private) : {36431806-4880-4B0F-8040-6CB208610CE6}
SUPPRIMÉ: FirewallRaz (Public) : {F4D21681-7B8A-43B9-92E9-9A45CFD65DEA}
SUPPRIMÉ: FirewallRaz (Public) : {1F30762F-C4E9-459B-A502-4D49786A515D}
SUPPRIMÉ: FirewallRaz (Private) : {A73D7428-4085-413E-9DD1-D4C24C12568B}
SUPPRIMÉ: FirewallRaz (Private) : {F4CAA9D0-D1CA-4D13-BE3E-B13B52182939}

========== Eléments de donnée du Registre ==========
SUPPRIMÉ: R1 Search Page = http=localhost:61737
SUPPRIMÉ: R0 - Main,Start Page = KLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page

========== Préférences navigateur ==========
ABSENT Mozilla Pref: user_pref("browser.search.selectedEngine", "Vosteran");
ABSENT Mozilla Pref: user_pref("extensions.iminent.admin", false);
ABSENT Mozilla Pref: user_pref("extensions.iminent.aflt", "orgnl");
ABSENT Mozilla Pref: user_pref("extensions.iminent.appId", "{0E4B2CAB-B859-4C57-B96E-63DDEC692BC4}");
ABSENT Mozilla Pref: user_pref("extensions.iminent.autoRvrt", "false");
ABSENT Mozilla Pref: user_pref("extensions.iminent.dfltLng", "");
ABSENT Mozilla Pref: user_pref("extensions.iminent.excTlbr", false);
ABSENT Mozilla Pref: user_pref("extensions.iminent.ffxUnstlRst", false);
ABSENT Mozilla Pref: user_pref("extensions.iminent.id", "94daff8700000000000000262d42e376");
ABSENT Mozilla Pref: user_pref("extensions.iminent.instlDay", "16178");
ABSENT Mozilla Pref: user_pref("extensions.iminent.instlRef", "");
ABSENT Mozilla Pref: user_pref("extensions.iminent.newTab", false);
ABSENT Mozilla Pref: user_pref("extensions.iminent.prdct", "iminent");
ABSENT Mozilla Pref: user_pref("extensions.iminent.prtnrId", "iminent");
ABSENT Mozilla Pref: user_pref("extensions.iminent.rvrt", "false");
ABSENT Mozilla Pref: user_pref("extensions.iminent.smplGrp", "none");
ABSENT Mozilla Pref: user_pref("extensions.iminent.tlbrId", "base");
ABSENT Mozilla Pref: user_pref("extensions.iminent.tlbrSrchUrl", "http://start.iminent.com/?ref=toolbarm#q=");
ABSENT Mozilla Pref: user_pref("extensions.iminent.vrsn", "1.8.28.3");
ABSENT Mozilla Pref: user_pref("extensions.iminent.vrsnTs", "1.8.28.39:18:21");
ABSENT Mozilla Pref: user_pref("extensions.iminent.vrsni", "1.8.28.3");
ABSENT Mozilla Pref: user_pref("extensions.quick_start.enable_search1", false);
ABSENT Mozilla Pref: user_pref("extensions.quick_start.sd.closeWindowWithLastTab_prev_state", false);
ABSENT Mozilla Pref: user_pref("extensions.srchvstrn.AL", 4);
ABSENT Mozilla Pref: user_pref("extensions.srchvstrn.aflt", "vst_tele_15_06_ie");
ABSENT Mozilla Pref: user_pref("extensions.srchvstrn.appId", "{4CB3598A-82E8-4D1F-983F-061238AE696E}");
ABSENT Mozilla Pref: user_pref("extensions.srchvstrn.cd", "2XzuyEtN2Y1L1QzutDtDtByCtB0DyEtB0EtAyByC0F0FzzyBtN0D0Tzu0StCtCtBzztN1L2XzutAtFyBtFyBtFtBtN1L[...]
ABSENT Mozilla Pref: user_pref("extensions.srchvstrn.cr", "1941185993");
ABSENT Mozilla Pref: user_pref("extensions.srchvstrn.dfltLng", "");
ABSENT Mozilla Pref: user_pref("extensions.srchvstrn.dfltSrch", true);
ABSENT Mozilla Pref: user_pref("extensions.srchvstrn.dnsErr", true);
ABSENT Mozilla Pref: user_pref("extensions.srchvstrn.excTlbr", false);
ABSENT Mozilla Pref: user_pref("extensions.srchvstrn.hmpg", true);
ABSENT Mozilla Pref: user_pref("extensions.srchvstrn.hmpgUrl", "http://vosteran.com/?f=1&a=vst_tele_15_06_ie&cd=2XzuyEtN2Y1L1QzutDtDtByCtB0DyEtB0EtAyBy[...]
ABSENT Mozilla Pref: user_pref("extensions.srchvstrn.id", "00262D42E376FF87");
ABSENT Mozilla Pref: user_pref("extensions.srchvstrn.instlDay", "16468");
ABSENT Mozilla Pref: user_pref("extensions.srchvstrn.instlRef", "142905_s3");
ABSENT Mozilla Pref: user_pref("extensions.srchvstrn.newTabUrl", "http://vosteran.com/?f=2&a=vst_tele_15_06_ie&cd=2XzuyEtN2Y1L1QzutDtDtByCtB0DyEtB0EtAy[...]
ABSENT Mozilla Pref: user_pref("extensions.srchvstrn.prdct", "srchvstrn");
ABSENT Mozilla Pref: user_pref("extensions.srchvstrn.prtnrId", "WSE_Vosteran");
ABSENT Mozilla Pref: user_pref("extensions.srchvstrn.srchPrvdr", "Vosteran");
ABSENT Mozilla Pref: user_pref("extensions.srchvstrn.tlbrId", "");
ABSENT Mozilla Pref: user_pref("extensions.srchvstrn.tlbrSrchUrl", "http://vosteran.com/?f=3&a=vst_tele_15_06_ie&cd=2XzuyEtN2Y1L1QzutDtDtByCtB0DyEtB0Et[...]
ABSENT Mozilla Pref: user_pref("extensions.srchvstrn.vrsn", "");
ABSENT Mozilla Pref: user_pref("extensions.srchvstrn.vrsni", "");
ABSENT Mozilla Pref: user_pref("extensions.srchvstrn_i.newTab", true);
ABSENT Mozilla Pref: user_pref("extensions.srchvstrn_i.smplGrp", "none");
ABSENT Mozilla Pref: user_pref("extensions.srchvstrn_i.vrsnTs", "9:24:16");

========== Dossiers ==========
Aucun dossiers CLSID Local utilisateur vide

========== Fichiers ==========
SUPPRIMÉ Redémarrage: c:\program files (x86)\mozilla firefox\extensions\kavantibanner@kaspersky.ru_bak

========== Fichier HOSTS ==========
Le fichier Hosts est sain

========== Restauration Système ==========
Point de restauration du système créé avec succès


========== Récapitulatif ==========
4 : Clés du Registre
54 : Valeurs du Registre
2 : Eléments de donnée du Registre
1 : Dossiers
1 : Fichiers
48 : Préférences navigateur
1 : Fichier HOSTS
1 : Restauration Système


End of clean in 02mn 15s

========== Chemin de fichier rapport ==========
C:\Users\Marc\AppData\Roaming\ZHP\ZHPFix[R1].txt - 02/04/2016 18:04:46 [10507]

Publicité


Signaler le contenu de ce document

Publicité