Rapport de ZHPFix 2017.06.13.1 par Nicolas Coolman, Update du 13/06/2017
Fichier d'export Registre : 
Run by olivier at 02/01/2018 13:50:41
High Elevated Privileges : OK
Windows 8 Home Premium Edition, 64-bit Service Pack 1 (15063)

Corbeille vidée (00mn 06s)
Dossier Prefetcher vidé

========== Processus mémoire ==========
SUPPRIMÉ: Memory Process: C:\Users\olivier\AppData\Local\pastor.exe
SUPPRIMÉ Redémarrage: Memory Process: C:\Program Files (x86)\Difficult\pastor.exe
SUPPRIMÉ: Memory Process: C:\Program Files (x86)\Mondial\pastor.exe
SUPPRIMÉ Redémarrage: Memory Process: C:\Program Files (x86)\ishibashi\byrne.exe
SUPPRIMÉ Redémarrage: Memory Process: C:\Program Files (x86)\epigenetic\americium.exe
SUPPRIMÉ: Memory Process: C:\Users\olivier\AppData\Local\byrne.exe
SUPPRIMÉ: Memory Process: C:\Program Files (x86)\Mondial\byrne.exe

========== Clés du Registre ==========
SUPPRIMÉ:* HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{910A2CA9-B0D7-4E2A-9583-0A1F85000F5B}
SUPPRIMÉ:* HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9C89BDE0-F96F-4EA0-ADBA-495431911364}
SUPPRIMÉ:* HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AEA3E99C-E3D3-4DC3-B48C-6159415FE247}
SUPPRIMÉ:* HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{43C6D902-A1C5-45c9-91F6-FD9E90337E18}
SUPPRIMÉ: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{43C6D902-A1C5-45c9-91F6-FD9E90337E18}
SUPPRIMÉ:* HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{959A5673-7971-48e6-AF54-58F745AC4ABC}
SUPPRIMÉ: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{959A5673-7971-48e6-AF54-58F745AC4ABC}
SUPPRIMÉ:* HKLM\Software\Classes\CLSID\{959A5673-7971-48e6-AF54-58F745AC4ABC}
SUPPRIMÉ:* HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC}
SUPPRIMÉ: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC}
SUPPRIMÉ:* HKLM\Software\Classes\CLSID\{BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC}
SUPPRIMÉ: HKCU\SOFTWARE\573339af-d9e1-5dd3-804c-e0162fac1f41
SUPPRIMÉ: HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\


KuaiZipShlExt
SUPPRIMÉ: HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\ FileSyncEx
SUPPRIMÉ: HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\ContextMenuExt
SUPPRIMÉ: HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\WinRAR32
SUPPRIMÉ: HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\00avast
SUPPRIMÉ: HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\ FileSyncEx
SUPPRIMÉ: HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\Offline Files
SUPPRIMÉ: HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\WinRAR32
SUPPRIMÉ: HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui
SUPPRIMÉ: HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\Offline Files
SUPPRIMÉ: HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\WinRAR32
SUPPRIMÉ: HKLM\SOFTWARE\WOW6432Node\Clients\StartMenuInternet\FIREFOX.EXE
SUPPRIMÉ: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{43C6D902-A1C5-45c9-91F6-FD9E90337E18}

========== Valeurs du Registre ==========
SUPPRIMÉ [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:splain
SUPPRIMÉ [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:splainlistserv
SUPPRIMÉ [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:splainsplain
SUPPRIMÉ [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:Chromium
SUPPRIMÉ [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:decontaminatedpanamanian
SUPPRIMÉ [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:decontaminateddecontaminated
SUPPRIMÉ [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:listserv
SUPPRIMÉ [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:listservsplain
SUPPRIMÉ [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:listservlistserv
SUPPRIMÉ [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:americium
SUPPRIMÉ [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:kenilworth
SUPPRIMÉ [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]:panamanian
SUPPRIMÉ [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]:panamaniandecontaminated
SUPPRIMÉ [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]:panamanianpanamanian
SUPPRIMÉ [HKUS\S-1-5-21-401115250-1694573117-2655383603-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:decontaminated
SUPPRIMÉ [HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar]:{CCAC5586-44D7-4c43-B64A-F042461A97D2}
SUPPRIMÉ [HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules]:UDP Query User{7029D0E4-4CA3-4419-84EB-9F352D6068FD}B:\-- [ consoles ] --\-- [ wiiusb ] --\usb helper\wiiu_usb_helper.exe
SUPPRIMÉ [HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules]:TCP Query User{12C86044-482F-48A7-9C77-A30BFF18605D}B:\-- [ consoles ] --\-- [ wiiusb ] --\usb helper\wiiu_usb_helper.exe
SUPPRIMÉ [HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules]:{26FA339D-F963-404D-939E-EC44A1610253}
SUPPRIMÉ [HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules]:{5C1FAEBC-D298-496B-A450-977554A2656E}
SUPPRIMÉ [HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules]:UDP Query User{D14B28D7-B7DB-4292-8D51-80226A77B55A}C:\program files\comicrack\comicrack.exe
SUPPRIMÉ [HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules]:TCP Query User{E6D4A0B9-CAEA-4876-BF84-1768A4B35B95}C:\program files\comicrack\comicrack.exe
SUPPRIMÉ [HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules]:UDP Query User{2E4AD592-7888-4416-AEC5-2F80DBCEDC5A}A:\-- [ wiiusb ] --\saviine_server\saviine_server.exe
SUPPRIMÉ [HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules]:TCP Query User{44187880-5A72-497B-9ED5-C0F37760636C}A:\-- [ wiiusb ] --\saviine_server\saviine_server.exe
SUPPRIMÉ [HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules]:{E103F930-9DAD-4695-972D-4AD253FA1230}
SUPPRIMÉ [HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules]:TCP Query User{DA3864CD-343A-49B1-B488-6B49919A8600}A:\divinity - original sin 2\bin\eocapp.exe
SUPPRIMÉ [HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules]:UDP Query User{446E52DE-019D-4C5A-809C-B6B21648BCC1}A:\divinity - original sin 2\bin\eocapp.exe
SUPPRIMÉ [HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules]:{DB001470-442A-4135-B228-1EECFC0736D8}
SUPPRIMÉ [HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules]:{88F83B65-4ADF-49FE-96AB-BBAC4F312339}
SUPPRIMÉ [HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules]:{DAFABAF0-8ED2-41F2-AC0E-FFEC1392F585}
SUPPRIMÉ [HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules]:{B67966E2-182C-4754-8C7F-F27C001D4597}

========== Eléments de donnée du Registre ==========
SUPPRIMÉ: WebSite = 

========== Dossiers ==========
SUPPRIMÉ: C:\Users\olivier\AppData\Local\{472A7176-6382-1DCE-0E1A-38262A72C4BE}

========== Fichiers ==========
SUPPRIMÉ: C:\Windows\System32\Tasks\ba6585723165857231
SUPPRIMÉ: C:\Windows\System32\Tasks\ba1101924411019244
SUPPRIMÉ: C:\Windows\System32\Tasks\ba6011731960117319
SUPPRIMÉ: C:\Users\olivier\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\reportedly.lnk
SUPPRIMÉ: C:\Users\olivier\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\reportedlyreportedly.lnk
SUPPRIMÉS Temporaires Windows (1035) (131 045 284 octets)
SUPPRIMÉS Flash Cookies (0) (0 octets)


========== Récapitulatif ==========
7 : Processus mémoire
25 : Clés du Registre
31 : Valeurs du Registre
1 : Eléments de donnée du Registre
1 : Dossiers
7 : Fichiers


End of clean in 00mn 30s

========== Chemin de fichier rapport ==========
C:\Users\olivier\AppData\Roaming\ZHP\ZHPFix[R1].txt - 25/08/2016 15:12:06 [2746]
C:\Users\olivier\AppData\Roaming\ZHP\ZHPFix[R2].txt - 27/08/2016 08:15:51 [1374]
C:\Users\olivier\AppData\Roaming\ZHP\ZHPFix[R3].txt - 02/01/2018 13:50:50 [8497]