cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

~ ZHPFix v2019.6.20.87 by Nicolas Coolman (2019/06/20)
~ Run by user (Administrator) (01/07/2019 15:52:40)
~ Web: https://www.nicolascoolman.com
~ Blog: https://nicolascoolman.eu/
~ Certificate ZHPFix: Legal
~ State version : Version OK
~ Report : C:\Users\user\Desktop\ZHPFix.txt
~ Quarantine : HKCU\SOFTWARE\ZHP\ZHPFix\Quarantine\
~ UAC : Activate
~ Boot Mode : Sans échec avec prise en charge du réseau (Fail-safe with network boot)
Windows 7 Professional, 64-bit Service Pack 1 (Build 7601)



---\\ SCRIPT DE L'UTILISATEUR. (74)
Script ZHPFix
EmptyCLSID
Emptytemp
EmptyFlash
HKCU\Software\undefined
HKU\S-1-5-21-662239843-2046822715-4022125876-1000\SOFTWARE\undefined
O108 - CMH1: MEGA (Context menu) [64Bits] - {0229E5E7-09E9-45CF-9228-0228EC7D5F17} . (.Orphan.)
O108 - CMH1: Quick Par [64Bits] - {D120D80B-BD26-4A74-8E43-2C2AF0966139} . (.Orphan.)
O108 - CMH1: WinRAR32 [64Bits] - {B41DB860-8EE4-11D2-9906-E49FADC173CA} . (.Orphan.)
O108 - CMH3: MEGA (Context menu) [64Bits] - {0229E5E7-09E9-45CF-9228-0228EC7D5F17} . (.Orphan.)
O108 - CMH4: MEGA (Context menu) [64Bits] - {0229E5E7-09E9-45CF-9228-0228EC7D5F17} . (.Orphan.)
O108 - CMH6: WinRAR32 [64Bits] - {B41DB860-8EE4-11D2-9906-E49FADC173CA} . (.Orphan.)
O108 - CMH7: MEGA (Context menu) [64Bits] - {0229E5E7-09E9-45CF-9228-0228EC7D5F17} . (.Orphan.)
O87 - FAEL: "TCP Query User{70504103-BC4E-4762-AE26-93F79A665A4C}J:\gang.beasts.v1.0.4\gang beasts.exe" [In-None-P6-TRUE] .(...) -- J:\gang.beasts.v1.0.4\gang beasts.exe (.not file.)
O87 - FAEL: "UDP Query User{3D233A59-4294-4C67-BC8F-EB2882F9A0C8}J:\gang.beasts.v1.0.4\gang beasts.exe" [In-None-P17-TRUE] .(...) -- J:\gang.beasts.v1.0.4\gang beasts.exe (.not file.)
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\MEGA (Context menu)
HKLM\Software\Classes\CLSID\{0229E5E7-09E9-45CF-9228-0228EC7D5F17}
HKLM\Software\Wow6432Node\Classes\CLSID\{0229E5E7-09E9-45CF-9228-0228EC7D5F17}
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\Quick Par
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\WinRAR32
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\MEGA (Context menu)
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\MEGA (Context menu)
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\WinRAR32
HKLM\Software\Classes\Drive\shellex\ContextMenuHandlers\MEGA (Context menu)
HKCU\Software\undefined
O23 - Service: ESET Service (ekrn) . (...) - C:\Program Files\ESET\ESET Security\ekrn.exe (.not file.)
SR - Demand [00/00/0000] [ 0] BEDaisy (BEDaisy) . (...) - C:\Program Files (x86)\Common Files\BattlEye\BEDaisy.sys (.not file.)
SR - Auto [00/00/0000] [ 0] ESET Service (ekrn) . (...) - C:\Program Files\ESET\ESET Security\ekrn.exe (.not file.)
SR - Disabl [00/00/0000] [ 0] NVIDIA Virtual Audio Device (Wave Extensible) (WDM) (nvvad_WaveExtensible) . (...) - C:\Windows\System32\drivers\nvvad64v.sys (.not file.)
SR - Demand [00/00/0000] [ 0] (TrueSight) . (...) - C:\Windows\System32\drivers\truesight.sys (.not file.)
SR - Auto [00/00/0000] [ 0] windrvNT (windrvNT) . (...) - C:\Windows\System32\windrvNT.sys (.not file.)
O53 - SMSR:HKLM\...\startupreg\Adobe Reader Speed Launcher [Key] [64Bits] . (...) -- C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\egui [Key] [64Bits] . (...) -- C:\Program Files\ESET\ESET Security\ecmdS.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\jv16pt_reg_access_test_entry_3842 [Key] [64Bits] . (...) -- testvalue (.not file.)
O23 - Service: ESET Service (ekrn) . (...) - C:\Program Files\ESET\ESET Security\ekrn.exe (.not file.)
SR - Auto [00/00/0000] [ 0] ESET Service (ekrn) . (...) - C:\Program Files\ESET\ESET Security\ekrn.exe (.not file.)
HKLM\SOFTWARE\ESET
HKLM\SOFTWARE\WOW6432Node\ESET
HKCU\SOFTWARE\ESET
HKU\.DEFAULT\SOFTWARE\ESET
HKU\S-1-5-21-662239843-2046822715-4022125876-1000\SOFTWARE\ESET
O43 - CFD: 11/10/2018 - [] D -- C:\Program Files\ESET
O43 - CFD: 11/10/2018 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
O43 - CFD: 18/06/2019 - [] D -- C:\ProgramData\ESET
O43 - CFD: 30/03/2014 - [] D -- C:\Users\user\AppData\Roaming\ESET
O43 - CFD: 11/10/2018 - [] D -- C:\Users\user\AppData\Local\ESET
O43 - CFD: 13/06/2016 - [] D -- C:\Windows\System32\Config\systemprofile\AppData\Local\ESET
O53 - SMSR:HKLM\...\startupreg\egui [Key] [64Bits] . (...) -- C:\Program Files\ESET\ESET Security\ecmdS.exe (.not file.)
O58 - SDL:2019/03/19 00:14:52 A . (.ESET - Epfw NDIS LightWeight Filter.) -- C:\Windows\System32\drivers\EpfwLWF.sys [61152]
HKLM\SOFTWARE\MozillaPlugins
HKLM\SOFTWARE\WOW6432Node\Mozilla
HKLM\SOFTWARE\WOW6432Node\MozillaPlugins
O43 - CFD: 14/02/2017 - [0] D -- C:\Users\user\AppData\Roaming\Mozilla
G2 - GCE: Preference [user][User Data\Default\Extensions] [aapocclcgogkmnckokdopfmhonfmgoek]
G2 - GCE: Preference [user][User Data\Default\Extensions] [aohghmighlieiainnegkcijnfilokake]
G2 - GCE: Preference [user][User Data\Default\Extensions] [apdfllckaahabafndbhieahigkjlhalf] http://drive.google.com/
G2 - GCE: Preference [user][User Data\Default\Extensions] [felcaaldnbdncclmgdcncolpebgiejap]
G2 - GCE: Preference [user][User Data\Default\Extensions] [ghbmnnjooekpmoecnnnilnnbdlolhkhi]
G2 - GCE: Preference [user][User Data\Default\Extensions] [nmmhkkegccagdldgiimedpiccmgmieda]
G2 - GCE: Preference [user][User Data\Default\Extensions] [pjkljhegncpnkpknbcohdijeoejaedia] http://mail.google.com/
G2 - GCE: Preference [user][User Data\Default\Local Extension Settings] [ghbmnnjooekpmoecnnnilnnbdlolhkhi]
HKLM\SOFTWARE\WOW6432Node\Google
HKCU\SOFTWARE\Google
HKU\.DEFAULT\SOFTWARE\Google
HKU\S-1-5-21-662239843-2046822715-4022125876-1000\SOFTWARE\Google
O43 - CFD: 03/06/2016 - [0] D -- C:\Program Files\Google
O43 - CFD: 03/06/2016 - [] D -- C:\Program Files (x86)\Google
O43 - CFD: 03/06/2016 - [] D -- C:\Users\user\AppData\Local\Google
HKCU\SOFTWARE\ZebHelpProcess Helper
HKU\S-1-5-21-662239843-2046822715-4022125876-1000\SOFTWARE\ZebHelpProcess Helper
cmd: ipconfig /flushdns
cmd: netsh winsock reset
cmd: netsh advfirewall reset
cmd: Netsh advfirewall set allprofiles state on


---\\ LOGICIEL. (0)


---\\ SERVICE. (2)
ABSENT Service: ekrn [No File found]
ABSENT Service: Wave Extensible) (WDM) (nvvad_WaveExtensible [No File found]


---\\ TÂCHE PLANIFIÉE. (0)


---\\ NAVIGATEUR INTERNET. (2)
SUPPRIMÉ Dossier Chrome: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\
SUPPRIMÉ Dossier Chrome: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\


---\\ EXPLORATEUR ( Dossiers, Fichiers ). (25)
DEPLACÉ Fichier Temp: C:\Users\user\AppData\Local\Temp\proxy_vole5218743872211911100.dll
DEPLACÉ Fichier Temp: C:\Users\user\AppData\Local\Temp\aria-debug-3168.log
DEPLACÉ Fichier Temp: C:\Users\user\AppData\Local\Temp\jusched.log
DEPLACÉ Fichier Temp: C:\Users\user\AppData\Local\Temp\LuUpdater.log
DEPLACÉ Fichier Temp: C:\Users\user\AppData\Local\Temp\USER-PC-20190625-0109.log
DEPLACÉ Fichier Temp: C:\Users\user\AppData\Local\Temp\51a742a2-3dd2-4120-b5b5-2367844875c6.tmp
DEPLACÉ Fichier Temp: C:\Users\user\AppData\Local\Temp\8493d804-6268-43c8-8d62-90acc021940e.tmp
DEPLACÉ Fichier Temp: C:\Users\user\AppData\Local\Temp\c63cc6c4-9aaa-4904-b22a-bf8235d71fbf.tmp
DEPLACÉ Fichier Temp: C:\Users\user\AppData\Local\Temp\d9b6189a-c0e4-460f-8da1-00cd9536cc77.tmp
DEPLACÉ Fichier Temp: C:\Users\user\AppData\Local\Temp\f2e572b4-e4b1-4259-b86f-b62dfdaf4e4e.tmp
DEPLACÉ Fichier Temp: C:\Users\user\AppData\Local\Temp\_iu14D2N.tmp
SUPPRIMÉ Redémarrage Fichier Temp^: C:\Users\user\AppData\Local\Temp\~DF45D751362E1C451B.TMP
SUPPRIMÉ Redémarrage Fichier Temp^: C:\Users\user\AppData\Local\Temp\FXSAPIDebugLogFile.txt
DEPLACÉ Fichier Temp: C:\Users\user\AppData\Local\Temp\Setup Log 2019-07-01 #001.txt
DEPLACÉ Fichier Temp: C:\Users\user\AppData\Local\Temp\Setup Log 2019-07-01 #002.txt
SUPPRIMÉ Dossier : C:\Program Files\ESET
SUPPRIMÉ Dossier : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
SUPPRIMÉ Dossier : C:\ProgramData\ESET
SUPPRIMÉ Dossier : C:\Users\user\AppData\Roaming\ESET
SUPPRIMÉ Dossier : C:\Users\user\AppData\Local\ESET
SUPPRIMÉ Redémarrage Dossier ^: C:\Windows\System32\Config\systemprofile\AppData\Local\ESET
SUPPRIMÉ Dossier : C:\Users\user\AppData\Roaming\Mozilla
SUPPRIMÉ Dossier : C:\Program Files\Google
SUPPRIMÉ Dossier : C:\Program Files (x86)\Google
SUPPRIMÉ Dossier : C:\Users\user\AppData\Local\Google


---\\ REGISTRE ( Clés, Valeurs, Données ). (46)
SUPPRIMÉ Clé: HKCU\Software\undefined [undefined]
ABSENT Clé: HKU\S-1-5-21-662239843-2046822715-4022125876-1000\SOFTWARE\undefined
SUPPRIMÉ Clé CMH: HKLM64\Software\Classes\*\ShellEx\ContextMenuHandlers\MEGA (Context menu) [MEGA (Context menu)1]
ABSENT Clé CMH: HKLM64\SOFTWARE\Classes\CLSID\0229E5E7-09E9-45CF-9228-0228EC7D5F17}
SUPPRIMÉ Clé CMH: HKLM64\Software\Classes\*\ShellEx\ContextMenuHandlers\Quick Par [Quick Par1]
ABSENT Clé CMH: HKLM64\SOFTWARE\Classes\CLSID\D120D80B-BD26-4A74-8E43-2C2AF0966139}
SUPPRIMÉ Clé CMH: HKLM64\Software\Classes\*\ShellEx\ContextMenuHandlers\WinRAR32 [WinRAR321]
ABSENT Clé CMH: HKLM64\SOFTWARE\Classes\CLSID\B41DB860-8EE4-11D2-9906-E49FADC173CA}
SUPPRIMÉ Clé CMH: HKLM64\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\MEGA (Context menu) [MEGA (Context menu)3]
SUPPRIMÉ Clé CMH: HKLM64\Software\Classes\Directory\ShellEx\ContextMenuHandlers\MEGA (Context menu) [MEGA (Context menu)4]
SUPPRIMÉ Clé CMH: HKLM64\Software\Classes\Folder\ShellEx\ContextMenuHandlers\WinRAR32 [WinRAR326]
SUPPRIMÉ Clé CMH: HKLM64\SOFTWARE\Classes\Drive\shellex\ContextMenuHandlers\MEGA (Context menu) [MEGA (Context menu)7]
SUPPRIMÉ Valeur FirewallRules: TCP Query User{70504103-BC4E-4762-AE26-93F79A665A4C}J:\gang.beasts.v1.0.4\gang beasts.exe [HKLM\SYSTEM\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules]
SUPPRIMÉ Valeur FirewallRules: UDP Query User{3D233A59-4294-4C67-BC8F-EB2882F9A0C8}J:\gang.beasts.v1.0.4\gang beasts.exe [HKLM\SYSTEM\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules]
ABSENT Clé: HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\MEGA (Context menu)
SUPPRIMÉ Clé: HKLM\Software\Classes\CLSID\{0229E5E7-09E9-45CF-9228-0228EC7D5F17} [{0229E5E7-09E9-45CF-9228-0228EC7D5F17}]
SUPPRIMÉ Clé: HKLM\Software\Wow6432Node\Classes\CLSID\{0229E5E7-09E9-45CF-9228-0228EC7D5F17} [{0229E5E7-09E9-45CF-9228-0228EC7D5F17}]
ABSENT Clé: HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\Quick Par
ABSENT Clé: HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\WinRAR32
ABSENT Clé: HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\MEGA (Context menu)
ABSENT Clé: HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\MEGA (Context menu)
ABSENT Clé: HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\WinRAR32
ABSENT Clé: HKLM\Software\Classes\Drive\shellex\ContextMenuHandlers\MEGA (Context menu)
ABSENT Clé: HKCU\Software\undefined
ABSENT Clé Service: HKLM\SYSTEM\CurrentControlSet\Services\ekrn
SUPPRIMÉ Clé Service: HKLM\SYSTEM\CurrentControlSet\Services\BEDaisy [No File found]
SUPPRIMÉ Clé Service: HKLM\SYSTEM\CurrentControlSet\Services\TrueSight [No File found]
SUPPRIMÉ Clé Service: HKLM\SYSTEM\CurrentControlSet\Services\windrvNT [No File found]
SUPPRIMÉ Clé ShareTools: HKLM64\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe Reader Speed Launcher [No File found]
SUPPRIMÉ Clé ShareTools: HKLM64\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\egui [No File found]
SUPPRIMÉ Clé ShareTools: HKLM64\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\jv16pt_reg_access_test_entry_3842 [No File found]
SUPPRIMÉ Clé: HKLM\SOFTWARE\ESET [ESET]
SUPPRIMÉ Clé: HKLM\SOFTWARE\WOW6432Node\ESET [ESET]
SUPPRIMÉ Clé: HKCU\SOFTWARE\ESET [ESET]
SUPPRIMÉ Clé: HKU\.DEFAULT\SOFTWARE\ESET [ESET]
ABSENT Clé: HKU\S-1-5-21-662239843-2046822715-4022125876-1000\SOFTWARE\ESET
ABSENT Clé ShareTools: HKLM64\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\egui
SUPPRIMÉ Clé: HKLM\SOFTWARE\MozillaPlugins [MozillaPlugins]
SUPPRIMÉ Clé: HKLM\SOFTWARE\WOW6432Node\Mozilla [Mozilla]
SUPPRIMÉ Clé: HKLM\SOFTWARE\WOW6432Node\MozillaPlugins [MozillaPlugins]
SUPPRIMÉ Clé: HKLM\SOFTWARE\WOW6432Node\Google [Google]
SUPPRIMÉ Clé: HKCU\SOFTWARE\Google [Google]
SUPPRIMÉ Clé: HKU\.DEFAULT\SOFTWARE\Google [Google]
ABSENT Clé: HKU\S-1-5-21-662239843-2046822715-4022125876-1000\SOFTWARE\Google
SUPPRIMÉ Clé: HKCU\SOFTWARE\ZebHelpProcess Helper [ZebHelpProcess Helper]
ABSENT Clé: HKU\S-1-5-21-662239843-2046822715-4022125876-1000\SOFTWARE\ZebHelpProcess Helper


---\\ COMMANDE. (7)
~ EmptyCSID: Dossiers CLSID vides supprimés (0)
~ EmptyTemp: Dossier Local temp partiellement vidé (15)
~ EmptyFlash: Fichiers Temporaires supprimés. (2)
~ Command spéciale exécutée avec succès: ipconfig /flushdns
~ Command spéciale exécutée avec succès: netsh winsock reset
~ Command spéciale exécutée avec succès: netsh advfirewall reset
~ Command spéciale exécutée avec succès: Netsh advfirewall set allprofiles state on


---\\ NON TRAITÉ. (0)

~ Le système a été redémarré.

***** ~ Fin de rapport terminé en 00h03mn44s

Publicité


Signaler le contenu de ce document

Publicité