Publicité
Publicité
Format du document : text/plain
Prévisualisation
~ ZHPFix v2018.10.24.186 by Nicolas Coolman (2018/10/24)
~ Run by Weloss (Administrator) (04/12/2018 16:55:16)
~ Web: https://www.nicolascoolman.com
~ Blog: https://nicolascoolman.eu/
~ Certificate ZHPFix: Legal
~ State version : Version OK
~ Report : C:\Users\Weloss\Desktop\ZHPFix.txt
~ Quarantine : HKCU\SOFTWARE\ZHP\ZHPFix\Quarantine\
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
Windows 10 Home, 64-bit (Build 17134)
---\\ SCRIPT DE L'UTILISATEUR. (33)
Script ZHPFix
O87 - FAEL: "TCP Query User{B8DB1DEC-CC8F-4AE0-896B-F928694F0331}E:\games\super mega baseball 2 red rock park\supermegabaseball.exe" [In-None-P6-TRUE] .(...) -- E:\games\super mega baseball 2 red rock park\supermegabaseball.exe (.not file.)
O87 - FAEL: "UDP Query User{035075B1-E2B3-4F55-9828-ED3E11BCFE32}E:\games\super mega baseball 2 red rock park\supermegabaseball.exe" [In-None-P17-TRUE] .(...) -- E:\games\super mega baseball 2 red rock park\supermegabaseball.exe (.not file.)
O87 - FAEL: "TCP Query User{1E56E9BE-AACA-44FD-B692-F505D400467F}E:\games\helldivers a new hell edition\binaries\x64\helldivers.exe" [In-None-P6-TRUE] .(...) -- E:\games\helldivers a new hell edition\binaries\x64\helldivers.exe (.not file.)
O87 - FAEL: "UDP Query User{C4D8F066-BE63-4A2D-9409-D8BA75AD8577}E:\games\helldivers a new hell edition\binaries\x64\helldivers.exe" [In-None-P17-TRUE] .(...) -- E:\games\helldivers a new hell edition\binaries\x64\helldivers.exe (.not file.)
O87 - FAEL: "TCP Query User{55247F63-7BE4-4B4F-BCBF-CB6F5AB14BA0}D:\games\life is strange before the storm farewell\life is strange - before the storm.exe" [In-None-P6-TRUE] .(...) -- D:\games\life is strange before the storm farewell\life is strange - before the storm.exe (.not file.)
O87 - FAEL: "UDP Query User{6547E959-C52A-4FD9-8FCB-E471B8A283F1}D:\games\life is strange before the storm farewell\life is strange - before the storm.exe" [In-None-P17-TRUE] .(...) -- D:\games\life is strange before the storm farewell\life is strange - before the storm.exe (.not file.)
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\WinRAR32
HKLM\Software\Classes\CLSID\{B41DB860-8EE4-11D2-9906-E49FADC173CA}
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\WinRAR32
O42 - Logiciel: qBittorrent 4.1.3 - (.The qBittorrent project.) [HKLM][64Bits] -- qBittorrent
O42 - Logiciel: SoulSeekkor's TQ Defiler - (.DemorTex Services.) [HKLM][64Bits] -- {A111D34B-7021-44CE-BEFB-3C17688F463B}
HKLM\SOFTWARE\qBittorrent
HKLM\SOFTWARE\WOW6432Node\qBittorrent
O43 - CFD: 28/09/2018 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\qBittorrent
O43 - CFD: 04/10/2018 - [] D -- C:\Users\Weloss\AppData\Roaming\qBittorrent
O43 - CFD: 06/04/2018 - [] D -- C:\Users\Weloss\AppData\Local\qBittorrent
O87 - FAEL: "{4A5AAA25-4A4C-400E-88BD-3D0F1D692ED4}" [In-None-P6-TRUE] .(...) -- D:\qBittorrent\qbittorrent.exe
O87 - FAEL: "{EA0FBC98-DB67-43AB-8E00-1980191F7C72}" [In-None-P17-TRUE] .(...) -- D:\qBittorrent\qbittorrent.exe
O87 - FAEL: "{CB407F7D-41D8-465C-AF0A-DE47EBD2DF3B}" [In-None-P6-TRUE] .(...) -- D:\qBittorrent\qbittorrent.exe
O87 - FAEL: "{350C8CCD-6380-4FAF-8520-ECFAA3903B9F}" [In-None-P17-TRUE] .(...) -- D:\qBittorrent\qbittorrent.exe
O90 - PUC: "B43D111A1207EC44EBBFC37186F864B3" [HKCU] . (.SoulSeekkor's TQ Defiler.)
O90 - PUC: "B43D111A1207EC44EBBFC37186F864B3" [HKU] . (.SoulSeekkor's TQ Defiler.)
O82 - LFC: 2016/01/27 21:37:10 A . (...) -- C:\Users\Weloss\Downloads\Minecraft 1.7.9 cracked.rar [155568610] =>.Crack,Keygen
HKLM\SOFTWARE\Yahoo
HKLM\SOFTWARE\WOW6432Node\Yahoo
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_UNICODE_HANDLE_CLOSING_CALLBACK]:YahooMusicEngine.exe
HKCU\SOFTWARE\AvastAdSDK
HKU\S-1-5-21-2701314721-994308290-3501443965-1000\SOFTWARE\AvastAdSDK
O43 - CFD: 07/02/2017 - [] D -- C:\ProgramData\AVAST Software
O43 - CFD: 07/02/2017 - [] D -- C:\ProgramData\Avg
O43 - CFD: 07/02/2017 - [] D -- C:\ProgramData\Avira
Fin
---\\ LOGICIEL. (2)
DESINSTALLER : qBittorrent
DESINSTALLER : {A111D34B-7021-44CE-BEFB-3C17688F463B}
---\\ SERVICE. (0)
---\\ TÂCHE PLANIFIÉE. (0)
---\\ NAVIGATEUR INTERNET. (0)
---\\ EXPLORATEUR ( Dossiers, Fichiers ). (0)
---\\ REGISTRE ( Clés, Valeurs, Données ). (11)
ABSENT Valeur FirewallRules: HKLM\SYSTEM\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules [{B8DB1DEC-CC8F-4AE0-896B-F928694F0331}]
ABSENT Valeur FirewallRules: HKLM\SYSTEM\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules [{035075B1-E2B3-4F55-9828-ED3E11BCFE32}]
ABSENT Valeur FirewallRules: HKLM\SYSTEM\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules [{1E56E9BE-AACA-44FD-B692-F505D400467F}]
ABSENT Valeur FirewallRules: HKLM\SYSTEM\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules [{C4D8F066-BE63-4A2D-9409-D8BA75AD8577}]
ABSENT Valeur FirewallRules: HKLM\SYSTEM\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules [{55247F63-7BE4-4B4F-BCBF-CB6F5AB14BA0}]
ABSENT Valeur FirewallRules: HKLM\SYSTEM\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules [{6547E959-C52A-4FD9-8FCB-E471B8A283F1}]
ABSENT Valeur FirewallRules: HKLM\SYSTEM\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules [{4A5AAA25-4A4C-400E-88BD-3D0F1D692ED4}]
ABSENT Valeur FirewallRules: HKLM\SYSTEM\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules [{EA0FBC98-DB67-43AB-8E00-1980191F7C72}]
ABSENT Valeur FirewallRules: HKLM\SYSTEM\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules [{CB407F7D-41D8-465C-AF0A-DE47EBD2DF3B}]
ABSENT Valeur FirewallRules: HKLM\SYSTEM\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules [{350C8CCD-6380-4FAF-8520-ECFAA3903B9F}]
SUPPRIMÉ Valeur: YahooMusicEngine.exe [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_UNICODE_HANDLE_CLOSING_CALLBACK]
---\\ COMMANDE. (0)
---\\ NON TRAITÉ. (0)
***** ~ Fin de rapport terminé en 00h00mn01s
~ Run by Weloss (Administrator) (04/12/2018 16:55:16)
~ Web: https://www.nicolascoolman.com
~ Blog: https://nicolascoolman.eu/
~ Certificate ZHPFix: Legal
~ State version : Version OK
~ Report : C:\Users\Weloss\Desktop\ZHPFix.txt
~ Quarantine : HKCU\SOFTWARE\ZHP\ZHPFix\Quarantine\
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
Windows 10 Home, 64-bit (Build 17134)
---\\ SCRIPT DE L'UTILISATEUR. (33)
Script ZHPFix
O87 - FAEL: "TCP Query User{B8DB1DEC-CC8F-4AE0-896B-F928694F0331}E:\games\super mega baseball 2 red rock park\supermegabaseball.exe" [In-None-P6-TRUE] .(...) -- E:\games\super mega baseball 2 red rock park\supermegabaseball.exe (.not file.)
O87 - FAEL: "UDP Query User{035075B1-E2B3-4F55-9828-ED3E11BCFE32}E:\games\super mega baseball 2 red rock park\supermegabaseball.exe" [In-None-P17-TRUE] .(...) -- E:\games\super mega baseball 2 red rock park\supermegabaseball.exe (.not file.)
O87 - FAEL: "TCP Query User{1E56E9BE-AACA-44FD-B692-F505D400467F}E:\games\helldivers a new hell edition\binaries\x64\helldivers.exe" [In-None-P6-TRUE] .(...) -- E:\games\helldivers a new hell edition\binaries\x64\helldivers.exe (.not file.)
O87 - FAEL: "UDP Query User{C4D8F066-BE63-4A2D-9409-D8BA75AD8577}E:\games\helldivers a new hell edition\binaries\x64\helldivers.exe" [In-None-P17-TRUE] .(...) -- E:\games\helldivers a new hell edition\binaries\x64\helldivers.exe (.not file.)
O87 - FAEL: "TCP Query User{55247F63-7BE4-4B4F-BCBF-CB6F5AB14BA0}D:\games\life is strange before the storm farewell\life is strange - before the storm.exe" [In-None-P6-TRUE] .(...) -- D:\games\life is strange before the storm farewell\life is strange - before the storm.exe (.not file.)
O87 - FAEL: "UDP Query User{6547E959-C52A-4FD9-8FCB-E471B8A283F1}D:\games\life is strange before the storm farewell\life is strange - before the storm.exe" [In-None-P17-TRUE] .(...) -- D:\games\life is strange before the storm farewell\life is strange - before the storm.exe (.not file.)
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\WinRAR32
HKLM\Software\Classes\CLSID\{B41DB860-8EE4-11D2-9906-E49FADC173CA}
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\WinRAR32
O42 - Logiciel: qBittorrent 4.1.3 - (.The qBittorrent project.) [HKLM][64Bits] -- qBittorrent
O42 - Logiciel: SoulSeekkor's TQ Defiler - (.DemorTex Services.) [HKLM][64Bits] -- {A111D34B-7021-44CE-BEFB-3C17688F463B}
HKLM\SOFTWARE\qBittorrent
HKLM\SOFTWARE\WOW6432Node\qBittorrent
O43 - CFD: 28/09/2018 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\qBittorrent
O43 - CFD: 04/10/2018 - [] D -- C:\Users\Weloss\AppData\Roaming\qBittorrent
O43 - CFD: 06/04/2018 - [] D -- C:\Users\Weloss\AppData\Local\qBittorrent
O87 - FAEL: "{4A5AAA25-4A4C-400E-88BD-3D0F1D692ED4}" [In-None-P6-TRUE] .(...) -- D:\qBittorrent\qbittorrent.exe
O87 - FAEL: "{EA0FBC98-DB67-43AB-8E00-1980191F7C72}" [In-None-P17-TRUE] .(...) -- D:\qBittorrent\qbittorrent.exe
O87 - FAEL: "{CB407F7D-41D8-465C-AF0A-DE47EBD2DF3B}" [In-None-P6-TRUE] .(...) -- D:\qBittorrent\qbittorrent.exe
O87 - FAEL: "{350C8CCD-6380-4FAF-8520-ECFAA3903B9F}" [In-None-P17-TRUE] .(...) -- D:\qBittorrent\qbittorrent.exe
O90 - PUC: "B43D111A1207EC44EBBFC37186F864B3" [HKCU] . (.SoulSeekkor's TQ Defiler.)
O90 - PUC: "B43D111A1207EC44EBBFC37186F864B3" [HKU] . (.SoulSeekkor's TQ Defiler.)
O82 - LFC: 2016/01/27 21:37:10 A . (...) -- C:\Users\Weloss\Downloads\Minecraft 1.7.9 cracked.rar [155568610] =>.Crack,Keygen
HKLM\SOFTWARE\Yahoo
HKLM\SOFTWARE\WOW6432Node\Yahoo
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_UNICODE_HANDLE_CLOSING_CALLBACK]:YahooMusicEngine.exe
HKCU\SOFTWARE\AvastAdSDK
HKU\S-1-5-21-2701314721-994308290-3501443965-1000\SOFTWARE\AvastAdSDK
O43 - CFD: 07/02/2017 - [] D -- C:\ProgramData\AVAST Software
O43 - CFD: 07/02/2017 - [] D -- C:\ProgramData\Avg
O43 - CFD: 07/02/2017 - [] D -- C:\ProgramData\Avira
Fin
---\\ LOGICIEL. (2)
DESINSTALLER : qBittorrent
DESINSTALLER : {A111D34B-7021-44CE-BEFB-3C17688F463B}
---\\ SERVICE. (0)
---\\ TÂCHE PLANIFIÉE. (0)
---\\ NAVIGATEUR INTERNET. (0)
---\\ EXPLORATEUR ( Dossiers, Fichiers ). (0)
---\\ REGISTRE ( Clés, Valeurs, Données ). (11)
ABSENT Valeur FirewallRules: HKLM\SYSTEM\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules [{B8DB1DEC-CC8F-4AE0-896B-F928694F0331}]
ABSENT Valeur FirewallRules: HKLM\SYSTEM\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules [{035075B1-E2B3-4F55-9828-ED3E11BCFE32}]
ABSENT Valeur FirewallRules: HKLM\SYSTEM\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules [{1E56E9BE-AACA-44FD-B692-F505D400467F}]
ABSENT Valeur FirewallRules: HKLM\SYSTEM\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules [{C4D8F066-BE63-4A2D-9409-D8BA75AD8577}]
ABSENT Valeur FirewallRules: HKLM\SYSTEM\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules [{55247F63-7BE4-4B4F-BCBF-CB6F5AB14BA0}]
ABSENT Valeur FirewallRules: HKLM\SYSTEM\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules [{6547E959-C52A-4FD9-8FCB-E471B8A283F1}]
ABSENT Valeur FirewallRules: HKLM\SYSTEM\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules [{4A5AAA25-4A4C-400E-88BD-3D0F1D692ED4}]
ABSENT Valeur FirewallRules: HKLM\SYSTEM\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules [{EA0FBC98-DB67-43AB-8E00-1980191F7C72}]
ABSENT Valeur FirewallRules: HKLM\SYSTEM\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules [{CB407F7D-41D8-465C-AF0A-DE47EBD2DF3B}]
ABSENT Valeur FirewallRules: HKLM\SYSTEM\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules [{350C8CCD-6380-4FAF-8520-ECFAA3903B9F}]
SUPPRIMÉ Valeur: YahooMusicEngine.exe [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_UNICODE_HANDLE_CLOSING_CALLBACK]
---\\ COMMANDE. (0)
---\\ NON TRAITÉ. (0)
***** ~ Fin de rapport terminé en 00h00mn01s