Rapport de ZHPFix 2015.4.9.5 par Nicolas Coolman, Update du 18/03/2015 Fichier d'export Registre : Run by USER at 6/28/2015 3:06:42 PM High Elevated Privileges : OK Windows 8 Home Premium Edition, 64-bit (Build 9200) Recycle Bin emptied (03mn AMs) ========== Registry keys ========== REMOVES: [HKLM\SOFTWARE\Classes\CLSID\{759D9886-0C6F-4498-BAB6-4A5F47C6C72F}] REMOVES: HKLM\Software\Wow6432Node\ProtectExtension REMOVES: HKLM\Software\Classes\AppID\secman.DLL ========== Registry values ========== REMOVES: Toolbar: {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} ABSENT value Standard Profile: FirewallRaz : ABSENT value Domain Profile: FirewallRaz : REMOVES: FirewallRaz (Domain) : {808F1451-4108-46FD-ADBB-F17324B5F0BD} REMOVES: FirewallRaz (Domain) : {E7985E1D-C36F-4787-80A8-6350D07E9266} ProxyFix : Proxy configuration successfully removed REMOVES ProxyServer Value REMOVES ProxyEnable Value REMOVES EnableHttp1_1 Value REMOVES ProxyHttp1.1 Value REMOVES ProxyOverride Value ========== Elements of the registry data ========== REMOVES Explorer Association Data Application: http://www.fileextensionpro.com/redir.aspx?s=adkc0_0_0_0_0,8ad219d5-5cca-44b8-9c01-06f5c88709b3,&LangID=%04x&Ext=%s REMOVES TCPIP: DhcpNameServer = 40.54.1.16 REMOVES TCPIP: DhcpNameServer = 172.20.10.1 REMOVES TCPIP: DhcpDomain = wds-16.com REMOVES Explorer Association Data Application: http://shell.windows.com/fileassoc/%04x/xml/redir.asp?Ext=%s ========== Folders ========== Deletes temporary Windows (0) REMOVES Flash Cookies (0) ========== Files ========== REMOVES: c:\windows\prefetch\signup wizard.exe-9554bd21.pf REMOVES: c:\windows\prefetch\softonicdownloader_for_malwar-a90c2d2c.pf REMOVES: c:\windows\prefetch\wiseenhance.purbrowse64.exe-939e86a5.pf REMOVES: c:\users\user\appdata\local\temp\quarantine.exe REMOVES: c:\users\user\appdata\local\temp\jrt\firefox.bat REMOVES: c:\users\user\appdata\local\temp\jrt\iexplore.bat REMOVES: c:\users\user\appdata\local\temp\jrt\runvalues.bat REMOVES: c:\users\user\appdata\local\temp\jrt\ask.bat REMOVES: c:\users\user\appdata\local\temp\jrt\get.bat REMOVES: c:\users\user\appdata\local\temp\jrt\misc.bat REMOVES: c:\users\user\appdata\local\temp\jrt\mws.bat REMOVES: c:\users\user\appdata\local\temp\{5111d459-d8bd-4c26-be8b-a15ed1acbf69}\bexception.dll REMOVES: c:\users\user\appdata\local\temp\{5111d459-d8bd-4c26-be8b-a15ed1acbf69}\babyservices.dll Deletes temporary Windows (0) (0 octets) REMOVES Flash Cookies (0) (0 octets) ========== Scheduled task ========== REMOVES: ASUS InstantOn Config ========== System restore ========== The system successfully created restore point ========== Other ========== NON-TREATY name) [64Bits] - {41564952-412D-5637-4300-7A786E7484D7} Orphan key O3 - Toolbar\WebBrowser: (no name) - [HKCU]{A13C2648-91D4-4BF3-BC6D-0079707C4389} Orphan key NON-TREATY Read more at http://www.cjoint.com/c/EFCc42QCcVx#g38PPMU5gd7x9Ida.99 ========== Summary ========== 3 : Registry keys 11 : Registry values 5 : Elements of the registry data 2 : Folders 15 : Files 1 : Scheduled task 1 : System restore 2 : Other End of clean in 19mn AMs ========== Path to file report ========== C:\Users\USER\AppData\Roaming\ZHP\ZHPFix[R1].txt - 6/28/2015 3:06:45 PM [3227]