Rapport de ZHPFix 2015.10.19.9 par Nicolas Coolman, Update du 19/10/2015 Fichier d'export Registre : Run by MouiMou_2 at 19-12-2015 14:26:41 High Elevated Privileges : OK Windows 8 Business Edition, 64-bit Service Pack 1 (9600) Recycle Bin emptied (00mn 03s) Prefetcher emptied ========== Process memory ========== REMOVES: Memory Process: C:\Windows\Prey\wpxsvc.exe REMOVES: Memory Process: C:\Windows\Prey\versions\1.4.2\node_modules\triggers\bin\lightevt.exe ========== Registry keys ========== REMOVES: CLSID BHO: {0055C089-8582-441B-A0BF-17B458C2A3A8} REMOVES: [HKLM\SOFTWARE\Classes\CLSID\{0055C089-8582-441B-A0BF-17B458C2A3A8}] REMOVES: HKLM\SOFTWARE\Wow6432Node\AdwCleaner REMOVES: HKLM\SOFTWARE\Wow6432Node\AVAST Software REMOVES: HKLM\SOFTWARE\Wow6432Node\IObit REMOVES: HKCU\SOFTWARE\4shared REMOVES: HKCU\SOFTWARE\4shared Desktop REMOVES: HKCU\SOFTWARE\MCAFEE ========== Registry values ========== ABSENT value Standard Profile: FirewallRaz : ABSENT value Domain Profile: FirewallRaz : REMOVES: FirewallRaz (Domain) : {9E3D57FC-7C37-4424-9352-4831E97D029D} REMOVES: FirewallRaz (Domain) : {548DCF8C-BFF2-4BA4-AA88-FBAF9AC8BCC6} REMOVES: FirewallRaz (Public) : TCP Query User{BCC4E3B3-446E-43B2-A090-41858631FDCC}C:\users\mouimou_2\appdata\roaming\utorrent\updates\3.4.5_41202.exe REMOVES: FirewallRaz (Public) : UDP Query User{A5620231-482E-42D3-ADBD-FEC101704133}C:\users\mouimou_2\appdata\roaming\utorrent\updates\3.4.5_41202.exe REMOVES: FirewallRaz (Private) : {CB7539E5-DEA9-43D1-98EB-AE1C6A2739EF} REMOVES: FirewallRaz (Private) : {3A2C736D-1DE5-4057-AAE3-FBD709FA92A9} REMOVES: FirewallRaz (Private) : {8C6CA7DC-30FC-4644-9ADF-3A88A3EC2E3E} REMOVES: FirewallRaz (Private) : {0E947312-4712-4BAA-9053-945A9502867E} REMOVES: FirewallRaz (Public) : TCP Query User{BEEA30B8-6049-4453-94C9-388F51F70C34}C:\users\mouimou_2\appdata\roaming\utorrent\updates\3.4.5_41372.exe REMOVES: FirewallRaz (Public) : UDP Query User{E1A4EAC7-284D-4FF0-9A4E-DD064C018D71}C:\users\mouimou_2\appdata\roaming\utorrent\updates\3.4.5_41372.exe REMOVES: URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} REMOVES RunValue: AdobeAAMUpdater-1.0 REMOVES RunValue: Speech Recognition REMOVES RunValue: Skype REMOVES RunValue: CCleaner Monitoring REMOVES RunValue: IDMan REMOVES RunValue: ControlCenter4 REMOVES RunValue: BrStsMon00 REMOVES RunValue: BrHelp REMOVES RunValue: AdobeCEPServiceManager REMOVES RunValue: OKAYFREEDOM_Agent REMOVES RunValue: Steganos VPN Proxy Handler REMOVES: {A77FC3F1-4B52-4110-B87C-1C603EECC29E} REMOVES: {5D3523F2-6A5A-4818-9E87-D316EC5E7334} REMOVES: {32B9D961-F640-4601-BB9B-4677F6EDE4F8} ========== Preferences browser ========== REMOVES Mozilla Pref: user_pref("browser.search.searchengine.desc", "this is my first firefox searchEngine"); REMOVES Mozilla Pref: user_pref("browser.search.searchengine.ptid", "wpc"); REMOVES Mozilla Pref: user_pref("browser.search.searchengine.uid", "ST500LM012XHN-M500MBB_S2X1J90CC64492C64492"); ========== Folders ========== Deletes temporary Windows (66) REMOVES Flash Cookies (0) REMOVES: C:\ProgramData\AVAST Software REMOVES: C:\ProgramData\Baidu REMOVES: C:\ProgramData\IObit REMOVES: C:\ProgramData\KMSAutoS REMOVES: C:\ProgramData\McAfee REMOVES: C:\Users\MouiMou_2\AppData\Roaming\IObit REMOVES Reboot:** C:\Users\MouiMou_2\AppData\Local\Temp ========== Files ========== Deletes temporary Windows (478) (94,810,469 octets) REMOVES Flash Cookies (0) (0 octets) REMOVES:* c:\windows\prey\versions\1.4.2\node_modules\triggers\bin\lightevt.exe REMOVES: c:\program files (x86)\internet download manager\idmiecc.dll REMOVES: c:\windows\speech\common\sapisvr.exe REMOVES: c:\program files\ccleaner\ccleaner64.exe REMOVES Reboot: c:\windows\speech\common\sapisvr.exe REMOVES Reboot: c:\program files\ccleaner\ccleaner64.exe REMOVES Reboot: c:\program files (x86)\internet download manager\idman.exe ========== Scheduled task ========== REMOVES: Driver Booster SkipUAC (MouiMou) REMOVES: Driver Booster SkipUAC (MouiMou0) REMOVES: Driver Booster SkipUAC (MouiMou_2) ========== Other ========== NON-TREATY O82 - LFC: 2015/03/11 14:50:37 A . (...) -- C:\Users\MouiMou_2\Downloads\Havij-v1.16-Pro-Portable-Cracked-by-Service-Manual-AoRE-Team-.7z [10299241] NON-TREATY O82 - LFC: 2015/02/22 22:56:45 A . (...) -- C:\Users\MouiMou_2\Downloads\Compressed\Havij 1.17 Pro Cracked by ?r.?a?a?.rar [10299241] ========== Summary ========== 2 : Process memory 8 : Registry keys 27 : Registry values 9 : Folders 9 : Files 3 : Preferences browser 3 : Scheduled task 2 : Other End of clean in 02mn 15s ========== Path to file report ========== C:\Users\MouiMou_2\AppData\Roaming\ZHP\ZHPFix[R1].txt - 19-12-2015 14:26:45 [4708]