Rapport de ZHPFix 2015.10.19.9 par Nicolas Coolman, Update du 19/10/2015
Fichier d'export Registre :
Run by Tristen at 7/28/2017 11:58:45 PM
High Elevated Privileges : OK
Windows 8 Home Premium Edition, 64-bit Service Pack 1 (15063)
Recycle Bin emptied (49mn PMs)
========== Software ==========
REMOVES: Google Toolbar for Internet Explorer
REMOVES: Samsung Kies
ABSENT Uninstall Process: c:\program files (x86)\installshield installation information\{758c8301-2696-4855-af45-534b1200980a}\setup.exe
========== Process memory ==========
REMOVES: Memory Process: C:\Users\Tristen\Downloads\dllinjector.exe
========== Registry keys ==========
REMOVES: [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{18455581-E099-4BA8-BC6B-F34B2F06600C}]
REMOVES: [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{758C8301-2696-4855-AF45-534B1200980A}]
REMOVES Logiciel Key: [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}]
REMOVES: Service: AdobeARMservice
REMOVES: Service: SkypeUpdate
REMOVES: HKLM\SOFTWARE\Wow6432Node\Intel Security
REMOVES: HKLM\SOFTWARE\Wow6432Node\Norton
REMOVES: HKLM\SOFTWARE\Wow6432Node\Symantec
REMOVES: HKCU\SOFTWARE\Chromium
REMOVES: HKCU\SOFTWARE\Intel Security
REMOVES: HKCU\SOFTWARE\Xpom
REMOVES: Services Svchost: dmwappushservice
REMOVES: SearchScopes :{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
========== Registry values ==========
ProxyFix : Proxy configuration successfully removed
REMOVES ProxyServer Value
REMOVES ProxyEnable Value
REMOVES EnableHttp1_1 Value
REMOVES ProxyHttp1.1 Value
REMOVES ProxyOverride Value
REMOVES: {C7BEF760-8754-4D3B-A56F-93803997FAD9}
REMOVES: {87A0EE7C-AA2A-4CFA-BE1C-BF3DF5B510A2}
REMOVES: {35280115-76CD-415B-925A-14613B3B3809}
REMOVES: {FCE1EADC-F2B5-44B3-AD03-E7147D0ECFA1}
REMOVES: UDP Query User{C905872A-FD03-4331-872A-6533625C88B9}C:\program files (x86)\heroes of the storm\versions\base52986\heroesofthestorm_x64.exe
REMOVES: TCP Query User{E3387E82-24F0-4DA2-B9DF-974D765AA78E}C:\program files (x86)\heroes of the storm\versions\base52986\heroesofthestorm_x64.exe
REMOVES: UDP Query User{B3C7FAE9-6CAB-459C-9171-AC1153BCBE95}C:\program files (x86)\heroes of the storm\versions\base52860\heroesofthestorm_x64.exe
REMOVES: TCP Query User{CD698A57-8BE0-4379-9BC3-A01E4CF75EE4}C:\program files (x86)\heroes of the storm\versions\base52860\heroesofthestorm_x64.exe
REMOVES: {757BC6A1-E250-4F8F-91D6-C38BC862F9F7}
REMOVES: {3B6E9615-501E-4872-8A09-8A16FB16F708}
REMOVES: {1A7C5251-80C3-48CE-966F-8F20444680E8}
REMOVES: {220EBA0D-AAA3-4707-AAD1-BF435407F599}
REMOVES: {2DAA19BF-E9AD-4008-BAE9-272752D99715}
REMOVES: UDP Query User{7240BB92-47E1-4F89-A7FB-6427E008F037}G:\halo3\eldorado.exe
REMOVES: TCP Query User{563C60EB-2CAB-4D6F-980A-7A61B727E417}G:\halo3\eldorado.exe
REMOVES: UDP Query User{17801320-B0B3-44F2-94A0-655F54B90437}H:\halo3\eldorado.exe
REMOVES: TCP Query User{D0E0A434-E12A-4E42-B4F6-A5ECC5B0A7CD}H:\halo3\eldorado.exe
REMOVES: {C827E508-DE89-49F2-A1CD-9B82CA0F132F}
REMOVES: {0BCC5A17-B964-4659-B81C-52D91FDAB653}
REMOVES: {3BFD3923-3543-473B-8AFD-58B2F22DE898}
REMOVES: {E1643624-28F4-4612-AF86-4BA1BF62996E}
REMOVES: {44065AA0-C961-4510-941E-47AE0A8FD1D0}
REMOVES: {18E70E5E-96DF-466D-BA38-D8A018C6101A}
REMOVES: TCP Query User{DC727713-E043-4005-9145-193907744B80}C:\program files\java\jre1.8.0_71\bin\javaw.exe
REMOVES: UDP Query User{D7051177-077A-46E5-896F-C46DC0EF146E}C:\program files\java\jre1.8.0_71\bin\javaw.exe
REMOVES: TCP Query User{01605B16-6148-4C1C-BE58-FF1CCDBE378C}C:\program files\tixati\tixati.exe
REMOVES: UDP Query User{D9076553-BA7E-4FEF-B18B-F2F5D1094968}C:\program files\tixati\tixati.exe
========== Preferences browser ==========
NOW Chrome File: C:\Users\Tristen\AppData\Local\Google\Chrome\User Data\Default\Preferences
ABSENT Chrome Site: http://ping.getadblock.com
NOW Chrome File: C:\Users\Tristen\AppData\Local\Google\Chrome\User Data\Default\Preferences
ABSENT Chrome Site: http://ssl.gstatic.com
REMOVES Folder Chrome: C:\Users\Tristen\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
REMOVES Folder Chrome: C:\Users\Tristen\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
REMOVES Folder Chrome: C:\Users\Tristen\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm
========== Folders ==========
No folders empty CLSID Local user
REMOVES: C:\Users\Tristen\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
REMOVES: C:\Users\Tristen\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
REMOVES: C:\Users\Tristen\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm
REMOVES: C:\Program Files\Intel Security
REMOVES: c:\programdata\facelift
REMOVES: C:\ProgramData\Norton
REMOVES: C:\Users\Tristen\AppData\Local\Chromium
Deletes temporary Windows (134)
========== Files ==========
REMOVES Flash Cookies (0) (0 octets)
REMOVES: c:\program files (x86)\common files\adobe\arm\1.0\armsvc.exe
REMOVES Reboot: c:\windows\system32\tasks\asrsp.exe
REMOVES Reboot: c:\windows\system32\tasks\fupdate
REMOVES: C:\WINDOWS\System32\drivers\SYMEVENT64x86.SYS
Deletes temporary Windows (11593) (1,893,612,821 octets)
========== Scheduled task ==========
REMOVES: Adobe Flash Player PPAPI Notifier
REMOVES: Adobe Flash Player Updater
REMOVES: AdobeAAMUpdater-1.0-MicrosoftAccount-tristen.clark628@gmail.com
REMOVES: DropboxUpdateTaskMachineCore
REMOVES: DropboxUpdateTaskMachineCore
REMOVES: IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473
REMOVES: IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473
REMOVES: IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon
========== System restore ==========
The system successfully created restore point
========== Summary ==========
1 : Process memory
13 : Registry keys
33 : Registry values
9 : Folders
6 : Files
3 : Software
7 : Preferences browser
8 : Scheduled task
1 : System restore
End of clean in 32mn PMs
========== Path to file report ==========
C:\Users\Tristen\AppData\Roaming\ZHP\ZHPFix[R1].txt - 7/29/2017 2:32:55 AM [6257]
Fichier d'export Registre :
Run by Tristen at 7/28/2017 11:58:45 PM
High Elevated Privileges : OK
Windows 8 Home Premium Edition, 64-bit Service Pack 1 (15063)
Recycle Bin emptied (49mn PMs)
========== Software ==========
REMOVES: Google Toolbar for Internet Explorer
REMOVES: Samsung Kies
ABSENT Uninstall Process: c:\program files (x86)\installshield installation information\{758c8301-2696-4855-af45-534b1200980a}\setup.exe
========== Process memory ==========
REMOVES: Memory Process: C:\Users\Tristen\Downloads\dllinjector.exe
========== Registry keys ==========
REMOVES: [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{18455581-E099-4BA8-BC6B-F34B2F06600C}]
REMOVES: [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{758C8301-2696-4855-AF45-534B1200980A}]
REMOVES Logiciel Key: [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}]
REMOVES: Service: AdobeARMservice
REMOVES: Service: SkypeUpdate
REMOVES: HKLM\SOFTWARE\Wow6432Node\Intel Security
REMOVES: HKLM\SOFTWARE\Wow6432Node\Norton
REMOVES: HKLM\SOFTWARE\Wow6432Node\Symantec
REMOVES: HKCU\SOFTWARE\Chromium
REMOVES: HKCU\SOFTWARE\Intel Security
REMOVES: HKCU\SOFTWARE\Xpom
REMOVES: Services Svchost: dmwappushservice
REMOVES: SearchScopes :{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
========== Registry values ==========
ProxyFix : Proxy configuration successfully removed
REMOVES ProxyServer Value
REMOVES ProxyEnable Value
REMOVES EnableHttp1_1 Value
REMOVES ProxyHttp1.1 Value
REMOVES ProxyOverride Value
REMOVES: {C7BEF760-8754-4D3B-A56F-93803997FAD9}
REMOVES: {87A0EE7C-AA2A-4CFA-BE1C-BF3DF5B510A2}
REMOVES: {35280115-76CD-415B-925A-14613B3B3809}
REMOVES: {FCE1EADC-F2B5-44B3-AD03-E7147D0ECFA1}
REMOVES: UDP Query User{C905872A-FD03-4331-872A-6533625C88B9}C:\program files (x86)\heroes of the storm\versions\base52986\heroesofthestorm_x64.exe
REMOVES: TCP Query User{E3387E82-24F0-4DA2-B9DF-974D765AA78E}C:\program files (x86)\heroes of the storm\versions\base52986\heroesofthestorm_x64.exe
REMOVES: UDP Query User{B3C7FAE9-6CAB-459C-9171-AC1153BCBE95}C:\program files (x86)\heroes of the storm\versions\base52860\heroesofthestorm_x64.exe
REMOVES: TCP Query User{CD698A57-8BE0-4379-9BC3-A01E4CF75EE4}C:\program files (x86)\heroes of the storm\versions\base52860\heroesofthestorm_x64.exe
REMOVES: {757BC6A1-E250-4F8F-91D6-C38BC862F9F7}
REMOVES: {3B6E9615-501E-4872-8A09-8A16FB16F708}
REMOVES: {1A7C5251-80C3-48CE-966F-8F20444680E8}
REMOVES: {220EBA0D-AAA3-4707-AAD1-BF435407F599}
REMOVES: {2DAA19BF-E9AD-4008-BAE9-272752D99715}
REMOVES: UDP Query User{7240BB92-47E1-4F89-A7FB-6427E008F037}G:\halo3\eldorado.exe
REMOVES: TCP Query User{563C60EB-2CAB-4D6F-980A-7A61B727E417}G:\halo3\eldorado.exe
REMOVES: UDP Query User{17801320-B0B3-44F2-94A0-655F54B90437}H:\halo3\eldorado.exe
REMOVES: TCP Query User{D0E0A434-E12A-4E42-B4F6-A5ECC5B0A7CD}H:\halo3\eldorado.exe
REMOVES: {C827E508-DE89-49F2-A1CD-9B82CA0F132F}
REMOVES: {0BCC5A17-B964-4659-B81C-52D91FDAB653}
REMOVES: {3BFD3923-3543-473B-8AFD-58B2F22DE898}
REMOVES: {E1643624-28F4-4612-AF86-4BA1BF62996E}
REMOVES: {44065AA0-C961-4510-941E-47AE0A8FD1D0}
REMOVES: {18E70E5E-96DF-466D-BA38-D8A018C6101A}
REMOVES: TCP Query User{DC727713-E043-4005-9145-193907744B80}C:\program files\java\jre1.8.0_71\bin\javaw.exe
REMOVES: UDP Query User{D7051177-077A-46E5-896F-C46DC0EF146E}C:\program files\java\jre1.8.0_71\bin\javaw.exe
REMOVES: TCP Query User{01605B16-6148-4C1C-BE58-FF1CCDBE378C}C:\program files\tixati\tixati.exe
REMOVES: UDP Query User{D9076553-BA7E-4FEF-B18B-F2F5D1094968}C:\program files\tixati\tixati.exe
========== Preferences browser ==========
NOW Chrome File: C:\Users\Tristen\AppData\Local\Google\Chrome\User Data\Default\Preferences
ABSENT Chrome Site: http://ping.getadblock.com
NOW Chrome File: C:\Users\Tristen\AppData\Local\Google\Chrome\User Data\Default\Preferences
ABSENT Chrome Site: http://ssl.gstatic.com
REMOVES Folder Chrome: C:\Users\Tristen\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
REMOVES Folder Chrome: C:\Users\Tristen\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
REMOVES Folder Chrome: C:\Users\Tristen\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm
========== Folders ==========
No folders empty CLSID Local user
REMOVES: C:\Users\Tristen\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
REMOVES: C:\Users\Tristen\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
REMOVES: C:\Users\Tristen\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm
REMOVES: C:\Program Files\Intel Security
REMOVES: c:\programdata\facelift
REMOVES: C:\ProgramData\Norton
REMOVES: C:\Users\Tristen\AppData\Local\Chromium
Deletes temporary Windows (134)
========== Files ==========
REMOVES Flash Cookies (0) (0 octets)
REMOVES: c:\program files (x86)\common files\adobe\arm\1.0\armsvc.exe
REMOVES Reboot: c:\windows\system32\tasks\asrsp.exe
REMOVES Reboot: c:\windows\system32\tasks\fupdate
REMOVES: C:\WINDOWS\System32\drivers\SYMEVENT64x86.SYS
Deletes temporary Windows (11593) (1,893,612,821 octets)
========== Scheduled task ==========
REMOVES: Adobe Flash Player PPAPI Notifier
REMOVES: Adobe Flash Player Updater
REMOVES: AdobeAAMUpdater-1.0-MicrosoftAccount-tristen.clark628@gmail.com
REMOVES: DropboxUpdateTaskMachineCore
REMOVES: DropboxUpdateTaskMachineCore
REMOVES: IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473
REMOVES: IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473
REMOVES: IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon
========== System restore ==========
The system successfully created restore point
========== Summary ==========
1 : Process memory
13 : Registry keys
33 : Registry values
9 : Folders
6 : Files
3 : Software
7 : Preferences browser
8 : Scheduled task
1 : System restore
End of clean in 32mn PMs
========== Path to file report ==========
C:\Users\Tristen\AppData\Roaming\ZHP\ZHPFix[R1].txt - 7/29/2017 2:32:55 AM [6257]