Publicité
Publicité
Format du document : text/plain
Prévisualisation
~ ZHPFix v2018.12.26.211 by Nicolas Coolman (2018/12/26)
~ Run by TCHAKMANDOO (Administrator) (30/12/2018 19:09:29)
~ Web: https://www.nicolascoolman.com
~ Blog: https://nicolascoolman.eu/
~ Certificate ZHPFix: Legal
~ State version : Version OK
~ Report : C:\Users\TCHAKMANDOO\Desktop\ZHPFix.txt
~ Quarantine : HKCU\SOFTWARE\ZHP\ZHPFix\Quarantine\
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
Windows 7 Professional, 64-bit Service Pack 1 (Build 7601)
---\\ SCRIPT DE L'UTILISATEUR. (115)
Script ZHPFix
EmptyCLSID
Emptytemp
EmptyFlash
UnMaskSoftware: O42 - Logiciel: Java Auto Updater - (.Oracle Corporation.) [HKLM][64Bits] -- {4A03706F-666A-4037-7777-5F2748764D10} =>.Oracle Corporation (Hidden)
O38 - TASK: {56E1215E-8F69-4D6E-97C6-3926CB7C0332} [64Bits][\update-sys] - (. - TODO:.) -- C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [414872]
C:\Windows\System32\Tasks\update-sys - (..) -- C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [-runmode=checkupdate]
O4 - HKUS\.DEFAULT\..\Run: [SpybotPostWindows10UpgradeReInstall] . (. - .) -- C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe (.Not File.)
O4 - HKUS\S-1-5-18\..\Run: [SpybotPostWindows10UpgradeReInstall] . (. - .) -- C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe (.Not File.)
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://%66%65%65%64.%68%65%6c%70%65%72%62%61%72.%63%6f%6d/?p=mko_awfzxipyrahdgkbrgnclvs1ac6snoh2tlpbfgrogfok1es1cwhsa5acg05oxphisvjsi9krd_z96wbjwmfxundrrzpql9_ox-oii80c7mvuv1igiazzplvx34hbmbia0xc0djwzqv4b10avsytqiqrzlwamjaud9b28ublnzqd114snqgmz_uu2rhxryhddprmgl&q={searchterms}
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://%66%65%65%64.%68%65%6c%70%65%72%62%61%72.%63%6f%6d/?p=mko_awfzxipyrahdgkbrgnclvs1ac6snoh2tlpbfgrogfok1es1cwhsa5acg05oxphisvjsi9krd_z96wbjwmfxundrrzpql9_ox-oii80c7mvuv1igiazzplvx34hbmbia0xc0djwzqv4b10avsytqiqrzlwamjaud9b28ublnzqd114snqgmz_uu2rhxryhddprmgl&q={searchterms}
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchUrl,Default = http://%66%65%65%64.%68%65%6c%70%65%72%62%61%72.%63%6f%6d/?p=mko_awfzxipyrahdgkbrgnclvs1ac6snoh2tlpbfgrogfok1es1cwhsa5acg05oxphisvjsi9krd_z96wbjwmfxundrrzpql9_ox-oii80c7mvuv1igiazzplvx34hbmbia0xc0djwzqv4b10avsytqiqrzlwamjaud9b28ublnzqd114snqgmz_uu2rhxryhddprmgl&q={searchterms}
R1 - HKEY_USERS\S-1-5-21-203652306-1941884050-1855596019-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://%66%65%65%64.%68%65%6c%70%65%72%62%61%72.%63%6f%6d/?p=mko_awfzxipyrahdgkbrgnclvs1ac6snoh2tlpbfgrogfok1es1cwhsa5acg05oxphisvjsi9krd_z96wbjwmfxundrrzpql9_ox-oii80c7mvuv1igiazzplvx34hbmbia0xc0djwzqv4b10avsytqiqrzlwamjaud9b28ublnzqd114snqgmz_uu2rhxryhddprmgl&q={searchterms}
O4 - GS\Desktop [Administrateur]: Tencent Gaming Buddy.lnk . (.Tencent - Tencent Gaming Buddy.) C:\Program Files\TxGameAssistant\AppMarket\AppMarket.exe -from AppMarketDesktopLink {7C443D7DBB054E459C513D665DFA8DB7}
O4 - GS\Quicklaunch [Administrateur]: Tencent Gaming Buddy.lnk . (.Tencent - Tencent Gaming Buddy.) C:\Program Files\TxGameAssistant\AppMarket\AppMarket.exe -from AppMarketDesktopLink {7C443D7DBB054E459C513D665DFA8DB7}
O4 - GS\Desktop [ASPNET]: Tencent Gaming Buddy.lnk . (.Tencent - Tencent Gaming Buddy.) C:\Program Files\TxGameAssistant\AppMarket\AppMarket.exe -from AppMarketDesktopLink {7C443D7DBB054E459C513D665DFA8DB7}
O4 - GS\Quicklaunch [ASPNET]: Tencent Gaming Buddy.lnk . (.Tencent - Tencent Gaming Buddy.) C:\Program Files\TxGameAssistant\AppMarket\AppMarket.exe -from AppMarketDesktopLink {7C443D7DBB054E459C513D665DFA8DB7}
O4 - GS\Desktop [TCHAKMANDOO]: Tencent Gaming Buddy.lnk . (.Tencent - Tencent Gaming Buddy.) C:\Program Files\TxGameAssistant\AppMarket\AppMarket.exe -from AppMarketDesktopLink {7C443D7DBB054E459C513D665DFA8DB7}
O4 - GS\Quicklaunch [TCHAKMANDOO]: Tencent Gaming Buddy.lnk . (.Tencent - Tencent Gaming Buddy.) C:\Program Files\TxGameAssistant\AppMarket\AppMarket.exe -from AppMarketDesktopLink {7C443D7DBB054E459C513D665DFA8DB7}
O42 - Logiciel: Lightshot-5.4.0.1 - (.Skillbrains.) [HKLM][64Bits] -- {30A5B3C9-2084-4063-A32A-628A98DE512B}_is1
O42 - Logiciel: Tencent Gaming Buddy - (.Tencent Technology Company.) [HKLM][64Bits] -- MobileGamePC {7C443D7DBB054E459C513D665DFA8DB7}
HKCU\Software\UCBrowserPID
HKLM\SOFTWARE\Wow6432Node\UCBrowserPID
HKLM\SOFTWARE\UCBrowserPID
HKLM\SOFTWARE\WOW6432Node\Skillbrains
HKLM\SOFTWARE\WOW6432Node\Tencent
HKCU\SOFTWARE\SkillBrains
HKCU\SOFTWARE\Tencent
HKU\S-1-5-21-203652306-1941884050-1855596019-1000\SOFTWARE\SkillBrains
HKU\S-1-5-21-203652306-1941884050-1855596019-1000\SOFTWARE\Tencent
O43 - CFD: 04/08/2016 - [] D -- C:\Program Files (x86)\Skillbrains
O43 - CFD: 24/12/2018 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LenovoSHAREit
O43 - CFD: 27/11/2018 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tencent Software
O108 - CMH1: KuaiZip2ShlExt [64Bits] - {6ADF19E3-77A3-4395-ADB4-9FD7D351EB3F} . (.Orphan.)
O108 - CMH1: IObit Malware Fighter [64Bits] - . (.Orphan.)
O108 - CMH1: WinRAR32 [64Bits] - {B41DB860-8EE4-11D2-9906-E49FADC173CA} . (.Orphan.)
O108 - CMH2: IObit Malware Fighter [64Bits] - . (.Orphan.)
O108 - CMH4: IObit Malware Fighter [64Bits] - . (.Orphan.)
O108 - CMH6: IObit Malware Fighter [64Bits] - . (.Orphan.)
O108 - CMH6: WinRAR32 [64Bits] - {B41DB860-8EE4-11D2-9906-E49FADC173CA} . (.Orphan.)
O53 - SMSR:HKLM\...\startupreg\Lightshot [Key] [64Bits] . (.Copyright 2009 - Starter Module.) -- C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe
O68 - StartMenuInternet: [64Bits][HKLM\..\Shell\open\Command] (...) -- C:\Program Files (x86)\UCBrowser\Application\UCBrowser.exe (.not file.)
O87 - FAEL: "{D847A914-F7A9-4574-9D26-C1A0797DA96B}" [In-None-P17-TRUE] .(.Tencent - Tencent Gaming Buddy.) -- C:\Program Files\TxGameAssistant\AppMarket\AppMarket.exe {7C443D7DBB054E459C513D665DFA8DB7}
O87 - FAEL: "{F8C8E65B-349E-421B-A350-04D025EBEAB0}" [In-None-P17-TRUE] .(...) -- C:\Program Files\TxGameAssistant\AppMarket\QQExternal.exe
O87 - FAEL: "{D61F5089-DF8C-4DA6-BFDF-458241578A05}" [In-None-P17-TRUE] .(.Tencent - Tencent Gaming Buddy - Install.) -- C:\Program Files\TxGameAssistant\AppMarket\GameDownload.exe {7C443D7DBB054E459C513D665DFA8DB7}
O87 - FAEL: "{553228D6-5404-488C-B76C-42A643A2BF5E}" [In-None-P17-TRUE] .(.Tencent - Tencent Gaming Buddy - Update.) -- C:\Program Files\TxGameAssistant\AppMarket\GF186\TUpdate.exe {7C443D7DBB054E459C513D665DFA8DB7}
O87 - FAEL: "{9E8A4281-BF83-421F-B72C-5771CE4DAD9C}" [In-None-P17-TRUE] .(.Tencent - Tencent Gaming Buddy.) -- C:\Program Files\TxGameAssistant\UI\AndroidEmulator.exe {7C443D7DBB054E459C513D665DFA8DB7}
O87 - FAEL: "{9924616F-75C8-49CC-A9F8-33D5F870F41C}" [In-None-P17-TRUE] .(.Tencent - Tencent Gaming Buddy - Crash Report.) -- C:\Program Files\TxGameAssistant\UI\bugreport.exe {7C443D7DBB054E459C513D665DFA8DB7}
O87 - FAEL: "{654D0E0E-C0EE-40B1-BE0A-68F51C56650E}" [In-None-P17-TRUE] .(.Tencent - 腾讯手游助手辅助程序.) -- C:\Program Files\TxGameAssistant\UI\TxGaDcc.exe {7C443D7DBB054E459C513D665DFA8DB7} =>.SUP.Tencent
O87 - FAEL: "{D4D87DC3-A0B9-483D-9608-90910257BBC4}" [In-None-P17-TRUE] .(.Tencent - Tencent Gaming Buddy.) -- C:\Program Files\TxGameAssistant\UI\AndroidEmulator.exe {7C443D7DBB054E459C513D665DFA8DB7}
O87 - FAEL: "{57CA42BE-AF41-4825-8ADD-78DD9B6D4CF2}" [In-None-P17-TRUE] .(.Tencent - Tencent Gaming Buddy - Crash Report.) -- C:\Program Files\TxGameAssistant\UI\bugreport.exe {7C443D7DBB054E459C513D665DFA8DB7}
O87 - FAEL: "{7667831C-E072-46DD-8532-9A73174156FA}" [In-None-P17-TRUE] .(.Tencent - 腾讯手游助手辅助程序.) -- C:\Program Files\TxGameAssistant\UI\TxGaDcc.exe {7C443D7DBB054E459C513D665DFA8DB7} =>.SUP.Tencent
O87 - FAEL: "{881A3F4A-4E70-4A59-9B9D-74DB0EFA87EC}" [In-None-P17-TRUE] .(.Tencent - Tencent Gaming Buddy.) -- C:\Program Files\TxGameAssistant\AppMarket\AppMarket.exe {7C443D7DBB054E459C513D665DFA8DB7}
O87 - FAEL: "{B9B4AA3B-C28C-4131-B800-890A723AD972}" [In-None-P17-TRUE] .(...) -- C:\Program Files\TxGameAssistant\AppMarket\QQExternal.exe
O87 - FAEL: "{4482A3DB-7BF0-4727-A1F8-4BE6C4AD8330}" [In-None-P17-TRUE] .(.Tencent - Tencent Gaming Buddy - Install.) -- C:\Program Files\TxGameAssistant\AppMarket\GameDownload.exe {7C443D7DBB054E459C513D665DFA8DB7}
O87 - FAEL: "{3FD08949-62E6-4865-8BBF-1C3B996DB3EE}" [In-None-P17-TRUE] .(.Tencent - Tencent Gaming Buddy - Update.) -- C:\Program Files\TxGameAssistant\AppMarket\GF186\TUpdate.exe {7C443D7DBB054E459C513D665DFA8DB7}
O87 - FAEL: "{E20DFCF2-34A7-4C90-AF3E-ABEAC232A633}" [In-None-P17-TRUE] .(.腾讯公司 - 腾讯手游助手-crash上报.) -- C:\Program Files\TxGameAssistant\AppMarket\bugreport.exe {7C443D7DBB054E459C513D665DFA8DB7}
O87 - FAEL: "{5704A7E6-5747-49FA-BAC5-801CEA81FDD4}" [In-None-P17-TRUE] .(.腾讯公司 - 腾讯手游助手-crash上报.) -- C:\Program Files\TxGameAssistant\AppMarket\bugreport.exe {7C443D7DBB054E459C513D665DFA8DB7}
C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
C:\Windows\System32\Tasks\update-sys
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MobileGamePC
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\MobileGamePC
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LenovoSHAREit
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tencent Software
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\IObit Malware Fighter
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\WinRAR32
HKLM\Software\Classes\CLSID\{B41DB860-8EE4-11D2-9906-E49FADC173CA}
HKLM\Software\Classes\lnkfile\shellex\ContextMenuHandlers\IObit Malware Fighter
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\IObit Malware Fighter
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\IObit Malware Fighter
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\WinRAR32
C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe
HKLM\SOFTWARE\Wow6432Node\Microsoft\Shared Tools\MSConfig\startupreg\Lightshot
C:\Program Files\TxGameAssistant\AppMarket\AppMarket.exe
[HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules]:{D847A914-F7A9-4574-9D26-C1A0797DA96B}
C:\Program Files\TxGameAssistant\AppMarket\GameDownload.exe
[HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules]:{D61F5089-DF8C-4DA6-BFDF-458241578A05}
C:\Program Files\TxGameAssistant\AppMarket\GF186\TUpdate.exe
[HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules]:{553228D6-5404-488C-B76C-42A643A2BF5E}
C:\Program Files\TxGameAssistant\UI\AndroidEmulator.exe
[HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules]:{9E8A4281-BF83-421F-B72C-5771CE4DAD9C}
C:\Program Files\TxGameAssistant\UI\bugreport.exe
[HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules]:{9924616F-75C8-49CC-A9F8-33D5F870F41C}
C:\Program Files\TxGameAssistant\UI\TxGaDcc.exe
[HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules]:{654D0E0E-C0EE-40B1-BE0A-68F51C56650E}
[HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules]:{D4D87DC3-A0B9-483D-9608-90910257BBC4}
[HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules]:{57CA42BE-AF41-4825-8ADD-78DD9B6D4CF2}
[HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules]:{7667831C-E072-46DD-8532-9A73174156FA}
[HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules]:{881A3F4A-4E70-4A59-9B9D-74DB0EFA87EC}
[HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules]:{4482A3DB-7BF0-4727-A1F8-4BE6C4AD8330}
[HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules]:{3FD08949-62E6-4865-8BBF-1C3B996DB3EE}
C:\Users\TCHAKMANDOO\AppData\Local\Google\Chrome\User Data\Default\File System\002
C:\Users\TCHAKMANDOO\AppData\Local\Google\Chrome\User Data\Default\File System\003
C:\Users\TCHAKMANDOO\AppData\Local\Google\Chrome\User Data\Default\File System\004
C:\Users\TCHAKMANDOO\AppData\Local\Google\Chrome\User Data\Default\File System\005
HKCU\Software\UCBrowserPID
HKLM\SOFTWARE\Wow6432Node\UCBrowserPID
HKLM\SOFTWARE\UCBrowserPID
HKCU\SOFTWARE\BitTorrent
HKU\S-1-5-21-203652306-1941884050-1855596019-1000\SOFTWARE\BitTorrent
O43 - CFD: 25/11/2017 - [] D -- C:\Users\TCHAKMANDOO\AppData\LocalLow\BitTorrent
HKLM\SOFTWARE\adaware
HKLM\SOFTWARE\WOW6432Node\adaware
HKLM\SOFTWARE\AVC3
HKLM\SOFTWARE\Bitdefender
HKU\.DEFAULT\SOFTWARE\SetID
HKLM\SOFTWARE\WOW6432Node\Symantec
HKLM\SOFTWARE\WOW6432Node\Safer Networking Limited
HKCU\SOFTWARE\Safer Networking Limited
HKU\.DEFAULT\SOFTWARE\Safer Networking Limited
HKU\S-1-5-21-203652306-1941884050-1855596019-1000\SOFTWARE\Safer Networking Limited
cmd: ipconfig /flushdns
cmd: netsh winsock reset
cmd: netsh advfirewall reset
cmd: Netsh advfirewall set allprofiles state on
---\\ LOGICIEL. (2)
DESINSTALLER : {30A5B3C9-2084-4063-A32A-628A98DE512B}_is1
DESINSTALLER : MobileGamePC {7C443D7DBB054E459C513D665DFA8DB7}
---\\ SERVICE. (0)
---\\ TÂCHE PLANIFIÉE. (2)
SUPPRIMÉ Redémarrage Clé Tasks^: HKLM64\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{56E1215E-8F69-4D6E-97C6-3926CB7C0332}
SUPPRIMÉ Redémarrage Clé Tasks^: HKLM64\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{56E1215E-8F69-4D6E-97C6-3926CB7C0332}
---\\ NAVIGATEUR INTERNET. (5)
REMPLACÉ Donnée Internet Explorer: http://%66%65%65%64.%68%65%6c%70%65%72%62%61%72.%63%6f%6d/?p=mko_awfzxipyrahdgkbrgnclvs1ac6snoh2tlpbfgrogfok1es1cwhsa5acg05oxphisvjsi9krd_z96wbjwmfxundrrzpql9_ox-oii80c7mvuv1igiazzplvx34hbmbia0xc0djwzqv4b10avsytqiqrzlwamjaud9b28ublnzqd114snqgmz_uu2rhxryhddprmgl&q={searchterms} [HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Bar]
REMPLACÉ Donnée Internet Explorer: http://%66%65%65%64.%68%65%6c%70%65%72%62%61%72.%63%6f%6d/?p=mko_awfzxipyrahdgkbrgnclvs1ac6snoh2tlpbfgrogfok1es1cwhsa5acg05oxphisvjsi9krd_z96wbjwmfxundrrzpql9_ox-oii80c7mvuv1igiazzplvx34hbmbia0xc0djwzqv4b10avsytqiqrzlwamjaud9b28ublnzqd114snqgmz_uu2rhxryhddprmgl&q={searchterms} [HKCU\SOFTWARE\Microsoft\Internet Explorer\Search\\Default_Search_URL]
ABSENT Donnée Internet Explorer: http://%66%65%65%64.%68%65%6c%70%65%72%62%61%72.%63%6f%6d/?p=mko_awfzxipyrahdgkbrgnclvs1ac6snoh2tlpbfgrogfok1es1cwhsa5acg05oxphisvjsi9krd_z96wbjwmfxundrrzpql9_ox-oii80c7mvuv1igiazzplvx34hbmbia0xc0djwzqv4b10avsytqiqrzlwamjaud9b28ublnzqd114snqgmz_uu2rhxryhddprmgl&q={searchterms} [HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchUrl,\\]
REMPLACÉ Donnée Internet Explorer: http://%66%65%65%64.%68%65%6c%70%65%72%62%61%72.%63%6f%6d/?p=mko_awfzxipyrahdgkbrgnclvs1ac6snoh2tlpbfgrogfok1es1cwhsa5acg05oxphisvjsi9krd_z96wbjwmfxundrrzpql9_ox-oii80c7mvuv1igiazzplvx34hbmbia0xc0djwzqv4b10avsytqiqrzlwamjaud9b28ublnzqd114snqgmz_uu2rhxryhddprmgl&q={searchterms} [HKEY_USERS\S-1-5-21-203652306-1941884050-1855596019-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Bar]
SUPPRIMÉ Clé StartMenuInternet: HKLM64\SOFTWARE\Clients\StartMenuInternet\UCBrowser [UCBrowser.exe (.not file.)]
---\\ EXPLORATEUR ( Dossiers, Fichiers ). (22)
SUPPRIMÉ Dossier EmptyCLSID: C:\Users\TCHAKM~1\AppData\Local\Temp\{3facae0c-e52a-4170-b7d6-4f49b28013fd}
SUPPRIMÉ Dossier EmptyCLSID: C:\Users\TCHAKM~1\AppData\Local\Temp\{4e5f3c18-b1db-4245-a82d-60bc15c10efa}
DEPLACÉ Fichier Temp: C:\Users\TCHAKM~1\AppData\Local\Temp\ECA9.tmp.exe
DEPLACÉ Fichier Temp: C:\Users\TCHAKM~1\AppData\Local\Temp\MSI251b2.LOG
DEPLACÉ Fichier Temp: C:\Users\TCHAKM~1\AppData\Local\Temp\BCC5C7.tmp
DEPLACÉ Fichier Temp: C:\Users\TCHAKM~1\AppData\Local\Temp\BCC693.tmp
DEPLACÉ Fichier Temp: C:\Users\TCHAKM~1\AppData\Local\Temp\BCD274.tmp
DEPLACÉ Fichier Temp: C:\Users\TCHAKM~1\AppData\Local\Temp\BCD35F.tmp
DEPLACÉ Fichier Temp: C:\Users\TCHAKM~1\AppData\Local\Temp\ECA9.tmp
DEPLACÉ Fichier Temp: C:\Users\TCHAKM~1\AppData\Local\Temp\EE00.tmp
DEPLACÉ Fichier Temp: C:\Users\TCHAKM~1\AppData\Local\Temp\_iu14D2N.tmp
SUPPRIMÉ Redémarrage Fichier Temp^: C:\Users\TCHAKM~1\AppData\Local\Temp\~DF436DF097CE0869FA.TMP
SUPPRIMÉ Redémarrage Fichier Temp^: C:\Users\TCHAKM~1\AppData\Local\Temp\FXSAPIDebugLogFile.txt
DEPLACÉ Fichier Tasks: C:\Windows\System32\Tasks\update-sys
SUPPRIMÉ Dossier : C:\Program Files (x86)\Skillbrains
SUPPRIMÉ Dossier : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LenovoSHAREit
SUPPRIMÉ Dossier : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tencent Software
SUPPRIMÉ Dossier : C:\Users\TCHAKMANDOO\AppData\Local\Google\Chrome\User Data\Default\File System\002
SUPPRIMÉ Dossier : C:\Users\TCHAKMANDOO\AppData\Local\Google\Chrome\User Data\Default\File System\003
SUPPRIMÉ Dossier : C:\Users\TCHAKMANDOO\AppData\Local\Google\Chrome\User Data\Default\File System\004
SUPPRIMÉ Dossier : C:\Users\TCHAKMANDOO\AppData\Local\Google\Chrome\User Data\Default\File System\005
SUPPRIMÉ Dossier : C:\Users\TCHAKMANDOO\AppData\LocalLow\BitTorrent
---\\ REGISTRE ( Clés, Valeurs, Données ). (53)
REMPLACÉ Donnée Software: 1 [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{4A03706F-666A-4037-7777-5F2748764D10}\\SystemComponent]
SUPPRIMÉ Valeur Run: SpybotPostWindows10UpgradeReInstall [HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\]
ABSENT Valeur Run: HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ [C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe (.Not File.)]
SUPPRIMÉ Clé: HKCU\Software\UCBrowserPID [UCBrowserPID]
SUPPRIMÉ Clé: HKLM\SOFTWARE\Wow6432Node\UCBrowserPID [UCBrowserPID]
SUPPRIMÉ Clé: HKLM\SOFTWARE\WOW6432Node\Skillbrains [Skillbrains]
SUPPRIMÉ Clé: HKLM\SOFTWARE\WOW6432Node\Tencent [Tencent]
SUPPRIMÉ Clé: HKCU\SOFTWARE\SkillBrains [SkillBrains]
SUPPRIMÉ Clé: HKCU\SOFTWARE\Tencent [Tencent]
SUPPRIMÉ Clé CMH: HKLM64\Software\Classes\*\ShellEx\ContextMenuHandlers\IObit Malware Fighter [IObit Malware Fighter1]
SUPPRIMÉ Clé CMH: HKLM64\Software\Classes\*\ShellEx\ContextMenuHandlers\WinRAR32 [WinRAR321]
SUPPRIMÉ Clé CMH: HKLM64\SOFTWARE\Classes\lnkfile\shellex\ContextMenuHandlers\IObit Malware Fighter [IObit Malware Fighter2]
SUPPRIMÉ Clé CMH: HKLM64\Software\Classes\Directory\ShellEx\ContextMenuHandlers\IObit Malware Fighter [IObit Malware Fighter4]
SUPPRIMÉ Clé CMH: HKLM64\Software\Classes\Folder\ShellEx\ContextMenuHandlers\IObit Malware Fighter [IObit Malware Fighter6]
SUPPRIMÉ Clé CMH: HKLM64\Software\Classes\Folder\ShellEx\ContextMenuHandlers\WinRAR32 [WinRAR326]
SUPPRIMÉ Clé ShareTools: HKLM64\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Lightshot [Lightshot.exe]
ABSENT Valeur FirewallRules: HKLM\SYSTEM\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules [{D847A914-F7A9-4574-9D26-C1A0797DA96B}]
ABSENT Valeur FirewallRules: HKLM\SYSTEM\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules [{F8C8E65B-349E-421B-A350-04D025EBEAB0}]
ABSENT Valeur FirewallRules: HKLM\SYSTEM\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules [{D61F5089-DF8C-4DA6-BFDF-458241578A05}]
ABSENT Valeur FirewallRules: HKLM\SYSTEM\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules [{553228D6-5404-488C-B76C-42A643A2BF5E}]
ABSENT Valeur FirewallRules: HKLM\SYSTEM\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules [{9E8A4281-BF83-421F-B72C-5771CE4DAD9C}]
ABSENT Valeur FirewallRules: HKLM\SYSTEM\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules [{9924616F-75C8-49CC-A9F8-33D5F870F41C}]
ABSENT Valeur FirewallRules: HKLM\SYSTEM\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules [{654D0E0E-C0EE-40B1-BE0A-68F51C56650E}]
ABSENT Valeur FirewallRules: HKLM\SYSTEM\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules [{D4D87DC3-A0B9-483D-9608-90910257BBC4}]
ABSENT Valeur FirewallRules: HKLM\SYSTEM\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules [{57CA42BE-AF41-4825-8ADD-78DD9B6D4CF2}]
ABSENT Valeur FirewallRules: HKLM\SYSTEM\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules [{7667831C-E072-46DD-8532-9A73174156FA}]
ABSENT Valeur FirewallRules: HKLM\SYSTEM\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules [{881A3F4A-4E70-4A59-9B9D-74DB0EFA87EC}]
ABSENT Valeur FirewallRules: HKLM\SYSTEM\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules [{B9B4AA3B-C28C-4131-B800-890A723AD972}]
ABSENT Valeur FirewallRules: HKLM\SYSTEM\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules [{4482A3DB-7BF0-4727-A1F8-4BE6C4AD8330}]
ABSENT Valeur FirewallRules: HKLM\SYSTEM\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules [{3FD08949-62E6-4865-8BBF-1C3B996DB3EE}]
ABSENT Valeur FirewallRules: HKLM\SYSTEM\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules [{E20DFCF2-34A7-4C90-AF3E-ABEAC232A633}]
ABSENT Valeur FirewallRules: HKLM\SYSTEM\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules [{5704A7E6-5747-49FA-BAC5-801CEA81FDD4}]
SUPPRIMÉ Clé: HKLM\Software\Classes\CLSID\{B41DB860-8EE4-11D2-9906-E49FADC173CA} [{B41DB860-8EE4-11D2-9906-E49FADC173CA}]
ABSENT Valeur: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules []
SUPPRIMÉ Clé: HKCU\SOFTWARE\BitTorrent [BitTorrent]
SUPPRIMÉ Clé: HKLM\SOFTWARE\adaware [adaware]
SUPPRIMÉ Clé: HKU\.DEFAULT\SOFTWARE\SetID [SetID]
SUPPRIMÉ Clé: HKLM\SOFTWARE\WOW6432Node\Symantec [Symantec]
SUPPRIMÉ Clé: HKLM\SOFTWARE\WOW6432Node\Safer Networking Limited [Safer Networking Limited]
SUPPRIMÉ Clé: HKCU\SOFTWARE\Safer Networking Limited [Safer Networking Limited]
SUPPRIMÉ Clé: HKU\.DEFAULT\SOFTWARE\Safer Networking Limited [Safer Networking Limited]
SUPPRIMÉ Valeur: {D847A914-F7A9-4574-9D26-C1A0797DA96B} [HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules]
SUPPRIMÉ Valeur: {D61F5089-DF8C-4DA6-BFDF-458241578A05} [HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules]
SUPPRIMÉ Valeur: {553228D6-5404-488C-B76C-42A643A2BF5E} [HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules]
SUPPRIMÉ Valeur: {9E8A4281-BF83-421F-B72C-5771CE4DAD9C} [HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules]
SUPPRIMÉ Valeur: {9924616F-75C8-49CC-A9F8-33D5F870F41C} [HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules]
SUPPRIMÉ Valeur: {654D0E0E-C0EE-40B1-BE0A-68F51C56650E} [HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules]
SUPPRIMÉ Valeur: {D4D87DC3-A0B9-483D-9608-90910257BBC4} [HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules]
SUPPRIMÉ Valeur: {57CA42BE-AF41-4825-8ADD-78DD9B6D4CF2} [HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules]
SUPPRIMÉ Valeur: {7667831C-E072-46DD-8532-9A73174156FA} [HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules]
SUPPRIMÉ Valeur: {881A3F4A-4E70-4A59-9B9D-74DB0EFA87EC} [HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules]
SUPPRIMÉ Valeur: {4482A3DB-7BF0-4727-A1F8-4BE6C4AD8330} [HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules]
SUPPRIMÉ Valeur: {3FD08949-62E6-4865-8BBF-1C3B996DB3EE} [HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules]
---\\ COMMANDE. (7)
~ EmptyCSID: Dossiers CLSID vides supprimés (2)
~ EmptyTemp: Dossier Local temp partiellement vidé (11)
~ EmptyFlash: Fichiers Temporaires supprimés. (2)
~ Command spéciale exécutée avec succès: ipconfig /flushdns
~ Command spéciale exécutée avec succès: netsh winsock reset
~ Command spéciale exécutée avec succès: netsh advfirewall reset
~ Command spéciale exécutée avec succès: Netsh advfirewall set allprofiles state on
---\\ NON TRAITÉ. (0)
~ Le système a été redémarré.
***** ~ Fin de rapport terminé en 00h00mn53s
~ Run by TCHAKMANDOO (Administrator) (30/12/2018 19:09:29)
~ Web: https://www.nicolascoolman.com
~ Blog: https://nicolascoolman.eu/
~ Certificate ZHPFix: Legal
~ State version : Version OK
~ Report : C:\Users\TCHAKMANDOO\Desktop\ZHPFix.txt
~ Quarantine : HKCU\SOFTWARE\ZHP\ZHPFix\Quarantine\
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
Windows 7 Professional, 64-bit Service Pack 1 (Build 7601)
---\\ SCRIPT DE L'UTILISATEUR. (115)
Script ZHPFix
EmptyCLSID
Emptytemp
EmptyFlash
UnMaskSoftware: O42 - Logiciel: Java Auto Updater - (.Oracle Corporation.) [HKLM][64Bits] -- {4A03706F-666A-4037-7777-5F2748764D10} =>.Oracle Corporation (Hidden)
O38 - TASK: {56E1215E-8F69-4D6E-97C6-3926CB7C0332} [64Bits][\update-sys] - (. - TODO:
C:\Windows\System32\Tasks\update-sys - (..) -- C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [-runmode=checkupdate]
O4 - HKUS\.DEFAULT\..\Run: [SpybotPostWindows10UpgradeReInstall] . (. - .) -- C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe (.Not File.)
O4 - HKUS\S-1-5-18\..\Run: [SpybotPostWindows10UpgradeReInstall] . (. - .) -- C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe (.Not File.)
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://%66%65%65%64.%68%65%6c%70%65%72%62%61%72.%63%6f%6d/?p=mko_awfzxipyrahdgkbrgnclvs1ac6snoh2tlpbfgrogfok1es1cwhsa5acg05oxphisvjsi9krd_z96wbjwmfxundrrzpql9_ox-oii80c7mvuv1igiazzplvx34hbmbia0xc0djwzqv4b10avsytqiqrzlwamjaud9b28ublnzqd114snqgmz_uu2rhxryhddprmgl&q={searchterms}
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://%66%65%65%64.%68%65%6c%70%65%72%62%61%72.%63%6f%6d/?p=mko_awfzxipyrahdgkbrgnclvs1ac6snoh2tlpbfgrogfok1es1cwhsa5acg05oxphisvjsi9krd_z96wbjwmfxundrrzpql9_ox-oii80c7mvuv1igiazzplvx34hbmbia0xc0djwzqv4b10avsytqiqrzlwamjaud9b28ublnzqd114snqgmz_uu2rhxryhddprmgl&q={searchterms}
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchUrl,Default = http://%66%65%65%64.%68%65%6c%70%65%72%62%61%72.%63%6f%6d/?p=mko_awfzxipyrahdgkbrgnclvs1ac6snoh2tlpbfgrogfok1es1cwhsa5acg05oxphisvjsi9krd_z96wbjwmfxundrrzpql9_ox-oii80c7mvuv1igiazzplvx34hbmbia0xc0djwzqv4b10avsytqiqrzlwamjaud9b28ublnzqd114snqgmz_uu2rhxryhddprmgl&q={searchterms}
R1 - HKEY_USERS\S-1-5-21-203652306-1941884050-1855596019-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://%66%65%65%64.%68%65%6c%70%65%72%62%61%72.%63%6f%6d/?p=mko_awfzxipyrahdgkbrgnclvs1ac6snoh2tlpbfgrogfok1es1cwhsa5acg05oxphisvjsi9krd_z96wbjwmfxundrrzpql9_ox-oii80c7mvuv1igiazzplvx34hbmbia0xc0djwzqv4b10avsytqiqrzlwamjaud9b28ublnzqd114snqgmz_uu2rhxryhddprmgl&q={searchterms}
O4 - GS\Desktop [Administrateur]: Tencent Gaming Buddy.lnk . (.Tencent - Tencent Gaming Buddy.) C:\Program Files\TxGameAssistant\AppMarket\AppMarket.exe -from AppMarketDesktopLink {7C443D7DBB054E459C513D665DFA8DB7}
O4 - GS\Quicklaunch [Administrateur]: Tencent Gaming Buddy.lnk . (.Tencent - Tencent Gaming Buddy.) C:\Program Files\TxGameAssistant\AppMarket\AppMarket.exe -from AppMarketDesktopLink {7C443D7DBB054E459C513D665DFA8DB7}
O4 - GS\Desktop [ASPNET]: Tencent Gaming Buddy.lnk . (.Tencent - Tencent Gaming Buddy.) C:\Program Files\TxGameAssistant\AppMarket\AppMarket.exe -from AppMarketDesktopLink {7C443D7DBB054E459C513D665DFA8DB7}
O4 - GS\Quicklaunch [ASPNET]: Tencent Gaming Buddy.lnk . (.Tencent - Tencent Gaming Buddy.) C:\Program Files\TxGameAssistant\AppMarket\AppMarket.exe -from AppMarketDesktopLink {7C443D7DBB054E459C513D665DFA8DB7}
O4 - GS\Desktop [TCHAKMANDOO]: Tencent Gaming Buddy.lnk . (.Tencent - Tencent Gaming Buddy.) C:\Program Files\TxGameAssistant\AppMarket\AppMarket.exe -from AppMarketDesktopLink {7C443D7DBB054E459C513D665DFA8DB7}
O4 - GS\Quicklaunch [TCHAKMANDOO]: Tencent Gaming Buddy.lnk . (.Tencent - Tencent Gaming Buddy.) C:\Program Files\TxGameAssistant\AppMarket\AppMarket.exe -from AppMarketDesktopLink {7C443D7DBB054E459C513D665DFA8DB7}
O42 - Logiciel: Lightshot-5.4.0.1 - (.Skillbrains.) [HKLM][64Bits] -- {30A5B3C9-2084-4063-A32A-628A98DE512B}_is1
O42 - Logiciel: Tencent Gaming Buddy - (.Tencent Technology Company.) [HKLM][64Bits] -- MobileGamePC {7C443D7DBB054E459C513D665DFA8DB7}
HKCU\Software\UCBrowserPID
HKLM\SOFTWARE\Wow6432Node\UCBrowserPID
HKLM\SOFTWARE\UCBrowserPID
HKLM\SOFTWARE\WOW6432Node\Skillbrains
HKLM\SOFTWARE\WOW6432Node\Tencent
HKCU\SOFTWARE\SkillBrains
HKCU\SOFTWARE\Tencent
HKU\S-1-5-21-203652306-1941884050-1855596019-1000\SOFTWARE\SkillBrains
HKU\S-1-5-21-203652306-1941884050-1855596019-1000\SOFTWARE\Tencent
O43 - CFD: 04/08/2016 - [] D -- C:\Program Files (x86)\Skillbrains
O43 - CFD: 24/12/2018 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LenovoSHAREit
O43 - CFD: 27/11/2018 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tencent Software
O108 - CMH1: KuaiZip2ShlExt [64Bits] - {6ADF19E3-77A3-4395-ADB4-9FD7D351EB3F} . (.Orphan.)
O108 - CMH1: IObit Malware Fighter [64Bits] - . (.Orphan.)
O108 - CMH1: WinRAR32 [64Bits] - {B41DB860-8EE4-11D2-9906-E49FADC173CA} . (.Orphan.)
O108 - CMH2: IObit Malware Fighter [64Bits] - . (.Orphan.)
O108 - CMH4: IObit Malware Fighter [64Bits] - . (.Orphan.)
O108 - CMH6: IObit Malware Fighter [64Bits] - . (.Orphan.)
O108 - CMH6: WinRAR32 [64Bits] - {B41DB860-8EE4-11D2-9906-E49FADC173CA} . (.Orphan.)
O53 - SMSR:HKLM\...\startupreg\Lightshot [Key] [64Bits] . (.Copyright 2009 - Starter Module.) -- C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe
O68 - StartMenuInternet:
O87 - FAEL: "{D847A914-F7A9-4574-9D26-C1A0797DA96B}" [In-None-P17-TRUE] .(.Tencent - Tencent Gaming Buddy.) -- C:\Program Files\TxGameAssistant\AppMarket\AppMarket.exe {7C443D7DBB054E459C513D665DFA8DB7}
O87 - FAEL: "{F8C8E65B-349E-421B-A350-04D025EBEAB0}" [In-None-P17-TRUE] .(...) -- C:\Program Files\TxGameAssistant\AppMarket\QQExternal.exe
O87 - FAEL: "{D61F5089-DF8C-4DA6-BFDF-458241578A05}" [In-None-P17-TRUE] .(.Tencent - Tencent Gaming Buddy - Install.) -- C:\Program Files\TxGameAssistant\AppMarket\GameDownload.exe {7C443D7DBB054E459C513D665DFA8DB7}
O87 - FAEL: "{553228D6-5404-488C-B76C-42A643A2BF5E}" [In-None-P17-TRUE] .(.Tencent - Tencent Gaming Buddy - Update.) -- C:\Program Files\TxGameAssistant\AppMarket\GF186\TUpdate.exe {7C443D7DBB054E459C513D665DFA8DB7}
O87 - FAEL: "{9E8A4281-BF83-421F-B72C-5771CE4DAD9C}" [In-None-P17-TRUE] .(.Tencent - Tencent Gaming Buddy.) -- C:\Program Files\TxGameAssistant\UI\AndroidEmulator.exe {7C443D7DBB054E459C513D665DFA8DB7}
O87 - FAEL: "{9924616F-75C8-49CC-A9F8-33D5F870F41C}" [In-None-P17-TRUE] .(.Tencent - Tencent Gaming Buddy - Crash Report.) -- C:\Program Files\TxGameAssistant\UI\bugreport.exe {7C443D7DBB054E459C513D665DFA8DB7}
O87 - FAEL: "{654D0E0E-C0EE-40B1-BE0A-68F51C56650E}" [In-None-P17-TRUE] .(.Tencent - 腾讯手游助手辅助程序.) -- C:\Program Files\TxGameAssistant\UI\TxGaDcc.exe {7C443D7DBB054E459C513D665DFA8DB7} =>.SUP.Tencent
O87 - FAEL: "{D4D87DC3-A0B9-483D-9608-90910257BBC4}" [In-None-P17-TRUE] .(.Tencent - Tencent Gaming Buddy.) -- C:\Program Files\TxGameAssistant\UI\AndroidEmulator.exe {7C443D7DBB054E459C513D665DFA8DB7}
O87 - FAEL: "{57CA42BE-AF41-4825-8ADD-78DD9B6D4CF2}" [In-None-P17-TRUE] .(.Tencent - Tencent Gaming Buddy - Crash Report.) -- C:\Program Files\TxGameAssistant\UI\bugreport.exe {7C443D7DBB054E459C513D665DFA8DB7}
O87 - FAEL: "{7667831C-E072-46DD-8532-9A73174156FA}" [In-None-P17-TRUE] .(.Tencent - 腾讯手游助手辅助程序.) -- C:\Program Files\TxGameAssistant\UI\TxGaDcc.exe {7C443D7DBB054E459C513D665DFA8DB7} =>.SUP.Tencent
O87 - FAEL: "{881A3F4A-4E70-4A59-9B9D-74DB0EFA87EC}" [In-None-P17-TRUE] .(.Tencent - Tencent Gaming Buddy.) -- C:\Program Files\TxGameAssistant\AppMarket\AppMarket.exe {7C443D7DBB054E459C513D665DFA8DB7}
O87 - FAEL: "{B9B4AA3B-C28C-4131-B800-890A723AD972}" [In-None-P17-TRUE] .(...) -- C:\Program Files\TxGameAssistant\AppMarket\QQExternal.exe
O87 - FAEL: "{4482A3DB-7BF0-4727-A1F8-4BE6C4AD8330}" [In-None-P17-TRUE] .(.Tencent - Tencent Gaming Buddy - Install.) -- C:\Program Files\TxGameAssistant\AppMarket\GameDownload.exe {7C443D7DBB054E459C513D665DFA8DB7}
O87 - FAEL: "{3FD08949-62E6-4865-8BBF-1C3B996DB3EE}" [In-None-P17-TRUE] .(.Tencent - Tencent Gaming Buddy - Update.) -- C:\Program Files\TxGameAssistant\AppMarket\GF186\TUpdate.exe {7C443D7DBB054E459C513D665DFA8DB7}
O87 - FAEL: "{E20DFCF2-34A7-4C90-AF3E-ABEAC232A633}" [In-None-P17-TRUE] .(.腾讯公司 - 腾讯手游助手-crash上报.) -- C:\Program Files\TxGameAssistant\AppMarket\bugreport.exe {7C443D7DBB054E459C513D665DFA8DB7}
O87 - FAEL: "{5704A7E6-5747-49FA-BAC5-801CEA81FDD4}" [In-None-P17-TRUE] .(.腾讯公司 - 腾讯手游助手-crash上报.) -- C:\Program Files\TxGameAssistant\AppMarket\bugreport.exe {7C443D7DBB054E459C513D665DFA8DB7}
C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
C:\Windows\System32\Tasks\update-sys
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MobileGamePC
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\MobileGamePC
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LenovoSHAREit
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tencent Software
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\IObit Malware Fighter
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\WinRAR32
HKLM\Software\Classes\CLSID\{B41DB860-8EE4-11D2-9906-E49FADC173CA}
HKLM\Software\Classes\lnkfile\shellex\ContextMenuHandlers\IObit Malware Fighter
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\IObit Malware Fighter
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\IObit Malware Fighter
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\WinRAR32
C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe
HKLM\SOFTWARE\Wow6432Node\Microsoft\Shared Tools\MSConfig\startupreg\Lightshot
C:\Program Files\TxGameAssistant\AppMarket\AppMarket.exe
[HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules]:{D847A914-F7A9-4574-9D26-C1A0797DA96B}
C:\Program Files\TxGameAssistant\AppMarket\GameDownload.exe
[HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules]:{D61F5089-DF8C-4DA6-BFDF-458241578A05}
C:\Program Files\TxGameAssistant\AppMarket\GF186\TUpdate.exe
[HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules]:{553228D6-5404-488C-B76C-42A643A2BF5E}
C:\Program Files\TxGameAssistant\UI\AndroidEmulator.exe
[HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules]:{9E8A4281-BF83-421F-B72C-5771CE4DAD9C}
C:\Program Files\TxGameAssistant\UI\bugreport.exe
[HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules]:{9924616F-75C8-49CC-A9F8-33D5F870F41C}
C:\Program Files\TxGameAssistant\UI\TxGaDcc.exe
[HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules]:{654D0E0E-C0EE-40B1-BE0A-68F51C56650E}
[HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules]:{D4D87DC3-A0B9-483D-9608-90910257BBC4}
[HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules]:{57CA42BE-AF41-4825-8ADD-78DD9B6D4CF2}
[HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules]:{7667831C-E072-46DD-8532-9A73174156FA}
[HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules]:{881A3F4A-4E70-4A59-9B9D-74DB0EFA87EC}
[HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules]:{4482A3DB-7BF0-4727-A1F8-4BE6C4AD8330}
[HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules]:{3FD08949-62E6-4865-8BBF-1C3B996DB3EE}
C:\Users\TCHAKMANDOO\AppData\Local\Google\Chrome\User Data\Default\File System\002
C:\Users\TCHAKMANDOO\AppData\Local\Google\Chrome\User Data\Default\File System\003
C:\Users\TCHAKMANDOO\AppData\Local\Google\Chrome\User Data\Default\File System\004
C:\Users\TCHAKMANDOO\AppData\Local\Google\Chrome\User Data\Default\File System\005
HKCU\Software\UCBrowserPID
HKLM\SOFTWARE\Wow6432Node\UCBrowserPID
HKLM\SOFTWARE\UCBrowserPID
HKCU\SOFTWARE\BitTorrent
HKU\S-1-5-21-203652306-1941884050-1855596019-1000\SOFTWARE\BitTorrent
O43 - CFD: 25/11/2017 - [] D -- C:\Users\TCHAKMANDOO\AppData\LocalLow\BitTorrent
HKLM\SOFTWARE\adaware
HKLM\SOFTWARE\WOW6432Node\adaware
HKLM\SOFTWARE\AVC3
HKLM\SOFTWARE\Bitdefender
HKU\.DEFAULT\SOFTWARE\SetID
HKLM\SOFTWARE\WOW6432Node\Symantec
HKLM\SOFTWARE\WOW6432Node\Safer Networking Limited
HKCU\SOFTWARE\Safer Networking Limited
HKU\.DEFAULT\SOFTWARE\Safer Networking Limited
HKU\S-1-5-21-203652306-1941884050-1855596019-1000\SOFTWARE\Safer Networking Limited
cmd: ipconfig /flushdns
cmd: netsh winsock reset
cmd: netsh advfirewall reset
cmd: Netsh advfirewall set allprofiles state on
---\\ LOGICIEL. (2)
DESINSTALLER : {30A5B3C9-2084-4063-A32A-628A98DE512B}_is1
DESINSTALLER : MobileGamePC {7C443D7DBB054E459C513D665DFA8DB7}
---\\ SERVICE. (0)
---\\ TÂCHE PLANIFIÉE. (2)
SUPPRIMÉ Redémarrage Clé Tasks^: HKLM64\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{56E1215E-8F69-4D6E-97C6-3926CB7C0332}
SUPPRIMÉ Redémarrage Clé Tasks^: HKLM64\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{56E1215E-8F69-4D6E-97C6-3926CB7C0332}
---\\ NAVIGATEUR INTERNET. (5)
REMPLACÉ Donnée Internet Explorer: http://%66%65%65%64.%68%65%6c%70%65%72%62%61%72.%63%6f%6d/?p=mko_awfzxipyrahdgkbrgnclvs1ac6snoh2tlpbfgrogfok1es1cwhsa5acg05oxphisvjsi9krd_z96wbjwmfxundrrzpql9_ox-oii80c7mvuv1igiazzplvx34hbmbia0xc0djwzqv4b10avsytqiqrzlwamjaud9b28ublnzqd114snqgmz_uu2rhxryhddprmgl&q={searchterms} [HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Bar]
REMPLACÉ Donnée Internet Explorer: http://%66%65%65%64.%68%65%6c%70%65%72%62%61%72.%63%6f%6d/?p=mko_awfzxipyrahdgkbrgnclvs1ac6snoh2tlpbfgrogfok1es1cwhsa5acg05oxphisvjsi9krd_z96wbjwmfxundrrzpql9_ox-oii80c7mvuv1igiazzplvx34hbmbia0xc0djwzqv4b10avsytqiqrzlwamjaud9b28ublnzqd114snqgmz_uu2rhxryhddprmgl&q={searchterms} [HKCU\SOFTWARE\Microsoft\Internet Explorer\Search\\Default_Search_URL]
ABSENT Donnée Internet Explorer: http://%66%65%65%64.%68%65%6c%70%65%72%62%61%72.%63%6f%6d/?p=mko_awfzxipyrahdgkbrgnclvs1ac6snoh2tlpbfgrogfok1es1cwhsa5acg05oxphisvjsi9krd_z96wbjwmfxundrrzpql9_ox-oii80c7mvuv1igiazzplvx34hbmbia0xc0djwzqv4b10avsytqiqrzlwamjaud9b28ublnzqd114snqgmz_uu2rhxryhddprmgl&q={searchterms} [HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchUrl,\\]
REMPLACÉ Donnée Internet Explorer: http://%66%65%65%64.%68%65%6c%70%65%72%62%61%72.%63%6f%6d/?p=mko_awfzxipyrahdgkbrgnclvs1ac6snoh2tlpbfgrogfok1es1cwhsa5acg05oxphisvjsi9krd_z96wbjwmfxundrrzpql9_ox-oii80c7mvuv1igiazzplvx34hbmbia0xc0djwzqv4b10avsytqiqrzlwamjaud9b28ublnzqd114snqgmz_uu2rhxryhddprmgl&q={searchterms} [HKEY_USERS\S-1-5-21-203652306-1941884050-1855596019-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Bar]
SUPPRIMÉ Clé StartMenuInternet: HKLM64\SOFTWARE\Clients\StartMenuInternet\UCBrowser [UCBrowser.exe (.not file.)]
---\\ EXPLORATEUR ( Dossiers, Fichiers ). (22)
SUPPRIMÉ Dossier EmptyCLSID: C:\Users\TCHAKM~1\AppData\Local\Temp\{3facae0c-e52a-4170-b7d6-4f49b28013fd}
SUPPRIMÉ Dossier EmptyCLSID: C:\Users\TCHAKM~1\AppData\Local\Temp\{4e5f3c18-b1db-4245-a82d-60bc15c10efa}
DEPLACÉ Fichier Temp: C:\Users\TCHAKM~1\AppData\Local\Temp\ECA9.tmp.exe
DEPLACÉ Fichier Temp: C:\Users\TCHAKM~1\AppData\Local\Temp\MSI251b2.LOG
DEPLACÉ Fichier Temp: C:\Users\TCHAKM~1\AppData\Local\Temp\BCC5C7.tmp
DEPLACÉ Fichier Temp: C:\Users\TCHAKM~1\AppData\Local\Temp\BCC693.tmp
DEPLACÉ Fichier Temp: C:\Users\TCHAKM~1\AppData\Local\Temp\BCD274.tmp
DEPLACÉ Fichier Temp: C:\Users\TCHAKM~1\AppData\Local\Temp\BCD35F.tmp
DEPLACÉ Fichier Temp: C:\Users\TCHAKM~1\AppData\Local\Temp\ECA9.tmp
DEPLACÉ Fichier Temp: C:\Users\TCHAKM~1\AppData\Local\Temp\EE00.tmp
DEPLACÉ Fichier Temp: C:\Users\TCHAKM~1\AppData\Local\Temp\_iu14D2N.tmp
SUPPRIMÉ Redémarrage Fichier Temp^: C:\Users\TCHAKM~1\AppData\Local\Temp\~DF436DF097CE0869FA.TMP
SUPPRIMÉ Redémarrage Fichier Temp^: C:\Users\TCHAKM~1\AppData\Local\Temp\FXSAPIDebugLogFile.txt
DEPLACÉ Fichier Tasks: C:\Windows\System32\Tasks\update-sys
SUPPRIMÉ Dossier : C:\Program Files (x86)\Skillbrains
SUPPRIMÉ Dossier : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LenovoSHAREit
SUPPRIMÉ Dossier : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tencent Software
SUPPRIMÉ Dossier : C:\Users\TCHAKMANDOO\AppData\Local\Google\Chrome\User Data\Default\File System\002
SUPPRIMÉ Dossier : C:\Users\TCHAKMANDOO\AppData\Local\Google\Chrome\User Data\Default\File System\003
SUPPRIMÉ Dossier : C:\Users\TCHAKMANDOO\AppData\Local\Google\Chrome\User Data\Default\File System\004
SUPPRIMÉ Dossier : C:\Users\TCHAKMANDOO\AppData\Local\Google\Chrome\User Data\Default\File System\005
SUPPRIMÉ Dossier : C:\Users\TCHAKMANDOO\AppData\LocalLow\BitTorrent
---\\ REGISTRE ( Clés, Valeurs, Données ). (53)
REMPLACÉ Donnée Software: 1 [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{4A03706F-666A-4037-7777-5F2748764D10}\\SystemComponent]
SUPPRIMÉ Valeur Run: SpybotPostWindows10UpgradeReInstall [HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\]
ABSENT Valeur Run: HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ [C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe (.Not File.)]
SUPPRIMÉ Clé: HKCU\Software\UCBrowserPID [UCBrowserPID]
SUPPRIMÉ Clé: HKLM\SOFTWARE\Wow6432Node\UCBrowserPID [UCBrowserPID]
SUPPRIMÉ Clé: HKLM\SOFTWARE\WOW6432Node\Skillbrains [Skillbrains]
SUPPRIMÉ Clé: HKLM\SOFTWARE\WOW6432Node\Tencent [Tencent]
SUPPRIMÉ Clé: HKCU\SOFTWARE\SkillBrains [SkillBrains]
SUPPRIMÉ Clé: HKCU\SOFTWARE\Tencent [Tencent]
SUPPRIMÉ Clé CMH: HKLM64\Software\Classes\*\ShellEx\ContextMenuHandlers\IObit Malware Fighter [IObit Malware Fighter1]
SUPPRIMÉ Clé CMH: HKLM64\Software\Classes\*\ShellEx\ContextMenuHandlers\WinRAR32 [WinRAR321]
SUPPRIMÉ Clé CMH: HKLM64\SOFTWARE\Classes\lnkfile\shellex\ContextMenuHandlers\IObit Malware Fighter [IObit Malware Fighter2]
SUPPRIMÉ Clé CMH: HKLM64\Software\Classes\Directory\ShellEx\ContextMenuHandlers\IObit Malware Fighter [IObit Malware Fighter4]
SUPPRIMÉ Clé CMH: HKLM64\Software\Classes\Folder\ShellEx\ContextMenuHandlers\IObit Malware Fighter [IObit Malware Fighter6]
SUPPRIMÉ Clé CMH: HKLM64\Software\Classes\Folder\ShellEx\ContextMenuHandlers\WinRAR32 [WinRAR326]
SUPPRIMÉ Clé ShareTools: HKLM64\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Lightshot [Lightshot.exe]
ABSENT Valeur FirewallRules: HKLM\SYSTEM\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules [{D847A914-F7A9-4574-9D26-C1A0797DA96B}]
ABSENT Valeur FirewallRules: HKLM\SYSTEM\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules [{F8C8E65B-349E-421B-A350-04D025EBEAB0}]
ABSENT Valeur FirewallRules: HKLM\SYSTEM\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules [{D61F5089-DF8C-4DA6-BFDF-458241578A05}]
ABSENT Valeur FirewallRules: HKLM\SYSTEM\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules [{553228D6-5404-488C-B76C-42A643A2BF5E}]
ABSENT Valeur FirewallRules: HKLM\SYSTEM\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules [{9E8A4281-BF83-421F-B72C-5771CE4DAD9C}]
ABSENT Valeur FirewallRules: HKLM\SYSTEM\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules [{9924616F-75C8-49CC-A9F8-33D5F870F41C}]
ABSENT Valeur FirewallRules: HKLM\SYSTEM\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules [{654D0E0E-C0EE-40B1-BE0A-68F51C56650E}]
ABSENT Valeur FirewallRules: HKLM\SYSTEM\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules [{D4D87DC3-A0B9-483D-9608-90910257BBC4}]
ABSENT Valeur FirewallRules: HKLM\SYSTEM\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules [{57CA42BE-AF41-4825-8ADD-78DD9B6D4CF2}]
ABSENT Valeur FirewallRules: HKLM\SYSTEM\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules [{7667831C-E072-46DD-8532-9A73174156FA}]
ABSENT Valeur FirewallRules: HKLM\SYSTEM\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules [{881A3F4A-4E70-4A59-9B9D-74DB0EFA87EC}]
ABSENT Valeur FirewallRules: HKLM\SYSTEM\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules [{B9B4AA3B-C28C-4131-B800-890A723AD972}]
ABSENT Valeur FirewallRules: HKLM\SYSTEM\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules [{4482A3DB-7BF0-4727-A1F8-4BE6C4AD8330}]
ABSENT Valeur FirewallRules: HKLM\SYSTEM\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules [{3FD08949-62E6-4865-8BBF-1C3B996DB3EE}]
ABSENT Valeur FirewallRules: HKLM\SYSTEM\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules [{E20DFCF2-34A7-4C90-AF3E-ABEAC232A633}]
ABSENT Valeur FirewallRules: HKLM\SYSTEM\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules [{5704A7E6-5747-49FA-BAC5-801CEA81FDD4}]
SUPPRIMÉ Clé: HKLM\Software\Classes\CLSID\{B41DB860-8EE4-11D2-9906-E49FADC173CA} [{B41DB860-8EE4-11D2-9906-E49FADC173CA}]
ABSENT Valeur: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules []
SUPPRIMÉ Clé: HKCU\SOFTWARE\BitTorrent [BitTorrent]
SUPPRIMÉ Clé: HKLM\SOFTWARE\adaware [adaware]
SUPPRIMÉ Clé: HKU\.DEFAULT\SOFTWARE\SetID [SetID]
SUPPRIMÉ Clé: HKLM\SOFTWARE\WOW6432Node\Symantec [Symantec]
SUPPRIMÉ Clé: HKLM\SOFTWARE\WOW6432Node\Safer Networking Limited [Safer Networking Limited]
SUPPRIMÉ Clé: HKCU\SOFTWARE\Safer Networking Limited [Safer Networking Limited]
SUPPRIMÉ Clé: HKU\.DEFAULT\SOFTWARE\Safer Networking Limited [Safer Networking Limited]
SUPPRIMÉ Valeur: {D847A914-F7A9-4574-9D26-C1A0797DA96B} [HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules]
SUPPRIMÉ Valeur: {D61F5089-DF8C-4DA6-BFDF-458241578A05} [HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules]
SUPPRIMÉ Valeur: {553228D6-5404-488C-B76C-42A643A2BF5E} [HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules]
SUPPRIMÉ Valeur: {9E8A4281-BF83-421F-B72C-5771CE4DAD9C} [HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules]
SUPPRIMÉ Valeur: {9924616F-75C8-49CC-A9F8-33D5F870F41C} [HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules]
SUPPRIMÉ Valeur: {654D0E0E-C0EE-40B1-BE0A-68F51C56650E} [HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules]
SUPPRIMÉ Valeur: {D4D87DC3-A0B9-483D-9608-90910257BBC4} [HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules]
SUPPRIMÉ Valeur: {57CA42BE-AF41-4825-8ADD-78DD9B6D4CF2} [HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules]
SUPPRIMÉ Valeur: {7667831C-E072-46DD-8532-9A73174156FA} [HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules]
SUPPRIMÉ Valeur: {881A3F4A-4E70-4A59-9B9D-74DB0EFA87EC} [HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules]
SUPPRIMÉ Valeur: {4482A3DB-7BF0-4727-A1F8-4BE6C4AD8330} [HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules]
SUPPRIMÉ Valeur: {3FD08949-62E6-4865-8BBF-1C3B996DB3EE} [HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules]
---\\ COMMANDE. (7)
~ EmptyCSID: Dossiers CLSID vides supprimés (2)
~ EmptyTemp: Dossier Local temp partiellement vidé (11)
~ EmptyFlash: Fichiers Temporaires supprimés. (2)
~ Command spéciale exécutée avec succès: ipconfig /flushdns
~ Command spéciale exécutée avec succès: netsh winsock reset
~ Command spéciale exécutée avec succès: netsh advfirewall reset
~ Command spéciale exécutée avec succès: Netsh advfirewall set allprofiles state on
---\\ NON TRAITÉ. (0)
~ Le système a été redémarré.
***** ~ Fin de rapport terminé en 00h00mn53s