cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

~ ZHPFix v2018.10.24.186 by Nicolas Coolman (2018/10/24)
~ Run by liobon (Administrator) (07/11/2018 20:32:34)
~ Web: https://www.nicolascoolman.com
~ Blog: https://nicolascoolman.eu/
~ Certificate ZHPFix: Legal
~ State version : Version OK
~ Report : C:\Users\liobon\Desktop\ZHPFix.txt
~ Quarantine : HKCU\SOFTWARE\ZHP\ZHPFix\Quarantine\
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
Windows 10 Home, 64-bit (Build 15063)



---\\ SCRIPT DE L'UTILISATEUR. (58)
Script ZHPFix
EmptyCLSID
Emptytemp
EmptyFlash
O45 - LFCP:[MD5.46D861807B1FBF68FA279F3720C05F65] 05/11/2018 A -- C:\WINDOWS\Prefetch\ALERTMANAGERREG.EXE-A7BE6478.pf
O61 - LFC: 2018/11/02 21:44:32 A . (.WebDiscover Media.) -- C:\Users\liobon\AppData\Local\Temp\in71125248\6AFCBC90_stp\WebDiscover-4.28.2.exe [48903224]
C:\WINDOWS\Prefetch\ALERTMANAGERREG.EXE-A7BE6478.pf
HKLM\SOFTWARE\ByteFence
HKLM\SOFTWARE\WOW6432Node\ByteFence
HKCU\SOFTWARE\App Host Service
HKCU\SOFTWARE\ByteFence
HKU\S-1-5-21-2508081316-3936405191-57413995-1001\SOFTWARE\App Host Service
HKU\S-1-5-21-2508081316-3936405191-57413995-1001\SOFTWARE\ByteFence
O43 - CFD: 02/11/2018 - [] D -- C:\ProgramData\ByteFence
O87 - FAEL: '{F9156459-261E-402C-8699-F0D917E62D67}' [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\Common Files\Mcafee\MMSSHost\MMSSHost.exe (.not file.)
O87 - FAEL: '{1BF16DC1-2C4A-41B0-8513-2CD74AC75B9F}' [In-None-P17-TRUE] .(...) -- C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHost.exe (.not file.)
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION]:ByteFence.exe
C:\ProgramData\ByteFence
C:\Users\liobon\AppData\Local\Google\Chrome\User Data\Default\File System\000
C:\Users\liobon\AppData\Local\Google\Chrome\User Data\Default\File System\001
C:\Users\liobon\AppData\Local\Google\Chrome\User Data\Default\File System\002
C:\Users\liobon\AppData\Local\Google\Chrome\User Data\Default\File System\003
C:\Users\liobon\AppData\Local\Google\Chrome\User Data\Default\File System\004
C:\Users\liobon\AppData\Local\Google\Chrome\User Data\Default\File System\005
C:\Users\liobon\AppData\Local\Google\Chrome\User Data\Default\File System\006
C:\Users\liobon\AppData\Local\Google\Chrome\User Data\Default\File System\007
C:\Users\liobon\AppData\Local\Google\Chrome\User Data\Default\File System\008
C:\Users\liobon\AppData\Local\Google\Chrome\User Data\Default\File System\009
O23 - Service: ByteFence Anti-Malware Service (ByteFenceService) . (...) - c:\program files\bytefence\ByteFenceService.exe (.not file.)
O23 - Service: rtop (rtop) . (...) - c:\program files\bytefence\rtop\bin\rtop_svc.exe (.not file.)
O87 - FAEL: '{2060C606-75AA-4C40-9483-8C131317BF18}' [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD14Agent.exe (.not file.)
O87 - FAEL: '{244D9715-1B99-4118-8A8B-DAC42FAE95A7}' [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\CyberLink\PowerDVD14\Kernel\DMS\CLMSServerPDVD14.exe (.not file.)
O23 - Service: McAfee WebAdvisor (McAfee WebAdvisor) . (.McAfee, Inc. - McAfee WebAdvisor.) - C:\Program Files\mcafee\WebAdvisor\ServiceHost.exe
SR - Auto [30/10/2018] [ 675736] McAfee WebAdvisor (McAfee WebAdvisor) . (.McAfee, Inc..) - C:\Program Files\mcafee\WebAdvisor\ServiceHost.exe
[MD5.93F1AFC7B589BF2411D2333DE8018AEF] - (.McAfee, Inc. - McAfee WebAdvisor.) -- C:\Program Files\mcafee\WebAdvisor\ServiceHost.exe [675736] [PID.4616]
[MD5.862FD3938C27F7C8DC9E9F26340F9179] - (.McAfee, Inc. - McAfee WebAdvisor.) -- C:\Program Files\mcafee\WebAdvisor\uihost.exe [674136] [PID.5300]
O2 - BHO: McAfee WebAdvisor [64Bits] - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} . (.McAfee, Inc. - McAfee WebAdvisor.) -- C:\Program Files\mcafee\WebAdvisor\x64\ieplugin.dll
O42 - Logiciel: McAfee WebAdvisor - (.McAfee, Inc..) [HKLM][64Bits] -- {35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}
HKLM\SOFTWARE\McAfee
HKLM\SOFTWARE\McAfee NGI
HKLM\SOFTWARE\WOW6432Node\McAfee
HKLM\SOFTWARE\WOW6432Node\McAfee NGI
HKCU\SOFTWARE\McAfee
HKU\.DEFAULT\SOFTWARE\McAfee
HKU\S-1-5-21-2508081316-3936405191-57413995-1001\SOFTWARE\McAfee
O43 - CFD: 05/11/2018 - [] AD -- C:\Program Files\mcafee
O43 - CFD: 05/11/2018 - [] D -- C:\ProgramData\McAfee
O87 - FAEL: '{F9156459-261E-402C-8699-F0D917E62D67}' [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\Common Files\Mcafee\MMSSHost\MMSSHost.exe (.not file.)
O87 - FAEL: '{1BF16DC1-2C4A-41B0-8513-2CD74AC75B9F}' [In-None-P17-TRUE] .(...) -- C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHost.exe (.not file.)
HKLM\SOFTWARE\Mozilla
HKLM\SOFTWARE\MozillaPlugins
HKLM\SOFTWARE\WOW6432Node\Mozilla
HKLM\SOFTWARE\WOW6432Node\MozillaPlugins
HKU\.DEFAULT\SOFTWARE\Mozilla
cmd: ipconfig /flushdns
cmd: netsh winsock reset
cmd: netsh advfirewall reset
cmd: Netsh advfirewall set allprofiles state on


---\\ LOGICIEL. (1)
DESINSTALLER : {35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}


---\\ SERVICE. (2)
ARRETÉ : HKLM\SYSTEM\CurrentControlSet\Services\McAfee WebAdvisor [ServiceHost.exe]
ABSENT Service: McAfee WebAdvisor [ServiceHost.exe]


---\\ TÂCHE PLANIFIÉE. (0)


---\\ NAVIGATEUR INTERNET. (0)


---\\ EXPLORATEUR ( Dossiers, Fichiers ). (41)
SUPPRIMÉ Dossier EmptyCLSID: C:\Users\liobon\AppData\Local\Temp\{6B6B5757-4343-2F2F-1B1B-0707F3F3DFDF}
SUPPRIMÉ Dossier EmptyCLSID: C:\Users\liobon\AppData\Local\{8FEC5DC7-783A-4BB1-B405-759A2EF1F388}
SUPPRIMÉ Dossier EmptyCLSID: C:\Users\liobon\AppData\Local\{AFE865C1-9327-4E36-B728-CF04862B9986}
SUPPRIMÉ Dossier EmptyCLSID: C:\Users\liobon\AppData\Local\{FD2A539E-B4AC-4805-933C-4E904D8076C1}
DEPLACÉ Fichier Temp: C:\Users\liobon\AppData\Local\Temp\0138791541442600mcinst.exe
SUPPRIMÉ Redémarrage Fichier Temp^: C:\Users\liobon\AppData\Local\Temp\aria-debug-9992.log
DEPLACÉ Fichier Temp: C:\Users\liobon\AppData\Local\Temp\CSPUninstall.log
DEPLACÉ Fichier Temp: C:\Users\liobon\AppData\Local\Temp\DESKTOP-PLU6TCF-20181106-1046.log
DEPLACÉ Fichier Temp: C:\Users\liobon\AppData\Local\Temp\DESKTOP-PLU6TCF-20181107-1208.log
DEPLACÉ Fichier Temp: C:\Users\liobon\AppData\Local\Temp\sa.E97CB0A1.LogitechCameraController_wd885nsp30hay_1__.Public.InstallAgent.dat
DEPLACÉ Fichier Temp*: C:\Users\liobon\AppData\Local\Temp\nsjDDCC.tmp
SUPPRIMÉ Redémarrage Fichier Temp^: C:\Users\liobon\AppData\Local\Temp\nssDBE6.tmp
DEPLACÉ Fichier Temp: C:\Users\liobon\AppData\Local\Temp\tmpAD0E.tmp
DEPLACÉ Fichier Temp: C:\Users\liobon\AppData\Local\Temp\tmpC1CB.tmp
DEPLACÉ Fichier Temp: C:\Users\liobon\AppData\Local\Temp\wct11F3.tmp
DEPLACÉ Fichier Temp: C:\Users\liobon\AppData\Local\Temp\wct13F7.tmp
DEPLACÉ Fichier Temp: C:\Users\liobon\AppData\Local\Temp\wct3254.tmp
DEPLACÉ Fichier Temp: C:\Users\liobon\AppData\Local\Temp\wctDE24.tmp
DEPLACÉ Fichier Temp*: C:\Users\liobon\AppData\Local\Temp\Temp1_Backup files 113.zip
DEPLACÉ Fichier Temp*: C:\Users\liobon\AppData\Local\Temp\Temp1_Backup files 20.zip
DEPLACÉ Fichier Temp*: C:\Users\liobon\AppData\Local\Temp\Temp1_Backup files 22.zip
DEPLACÉ Fichier Temp*: C:\Users\liobon\AppData\Local\Temp\Temp1_Backup files 478.zip
DEPLACÉ Fichier Temp*: C:\Users\liobon\AppData\Local\Temp\Temp1_Backup files 60.zip
DEPLACÉ Fichier Temp*: C:\Users\liobon\AppData\Local\Temp\Temp1_WindowsFacile-JeuxXP_W10.zip
DEPLACÉ Fichier Temp*: C:\Users\liobon\AppData\Local\Temp\Temp2_WindowsFacile-JeuxXP_W10.zip
DEPLACÉ Fichier LastFile: C:\Users\liobon\AppData\Local\Temp\in71125248\6AFCBC90_stp\WebDiscover-4.28.2.exe
SUPPRIMÉ Dossier : C:\ProgramData\ByteFence
SUPPRIMÉ Dossier : C:\Users\liobon\AppData\Local\Google\Chrome\User Data\Default\File System\000
SUPPRIMÉ Dossier : C:\Users\liobon\AppData\Local\Google\Chrome\User Data\Default\File System\001
SUPPRIMÉ Dossier : C:\Users\liobon\AppData\Local\Google\Chrome\User Data\Default\File System\002
SUPPRIMÉ Dossier : C:\Users\liobon\AppData\Local\Google\Chrome\User Data\Default\File System\003
SUPPRIMÉ Dossier : C:\Users\liobon\AppData\Local\Google\Chrome\User Data\Default\File System\004
SUPPRIMÉ Dossier : C:\Users\liobon\AppData\Local\Google\Chrome\User Data\Default\File System\005
SUPPRIMÉ Dossier : C:\Users\liobon\AppData\Local\Google\Chrome\User Data\Default\File System\006
SUPPRIMÉ Dossier : C:\Users\liobon\AppData\Local\Google\Chrome\User Data\Default\File System\007
SUPPRIMÉ Dossier : C:\Users\liobon\AppData\Local\Google\Chrome\User Data\Default\File System\008
SUPPRIMÉ Dossier : C:\Users\liobon\AppData\Local\Google\Chrome\User Data\Default\File System\009
DEPLACÉ Fichier Service: C:\Program Files\mcafee\WebAdvisor\ServiceHost.exe
DEPLACÉ Fichier BHO: C:\Program Files\mcafee\WebAdvisor\x64\ieplugin.dll
SUPPRIMÉ Dossier : C:\Program Files\mcafee
SUPPRIMÉ Dossier : C:\ProgramData\McAfee


---\\ REGISTRE ( Clés, Valeurs, Données ). (19)
SUPPRIMÉ Clé: HKLM\SOFTWARE\ByteFence [ByteFence]
SUPPRIMÉ Clé: HKCU\SOFTWARE\App Host Service [App Host Service]
SUPPRIMÉ Clé: HKCU\SOFTWARE\ByteFence [ByteFence]
SUPPRIMÉ Valeur FirewallRules: {F9156459-261E-402C-8699-F0D917E62D67} [HKLM\SYSTEM\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules]
SUPPRIMÉ Valeur FirewallRules: {1BF16DC1-2C4A-41B0-8513-2CD74AC75B9F} [HKLM\SYSTEM\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules]
SUPPRIMÉ Valeur FirewallRules: {2060C606-75AA-4C40-9483-8C131317BF18} [HKLM\SYSTEM\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules]
SUPPRIMÉ Valeur FirewallRules: {244D9715-1B99-4118-8A8B-DAC42FAE95A7} [HKLM\SYSTEM\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules]
SUPPRIMÉ Clé BHO: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF} [{B164E929-A1B6-4A06-B104-2CD0E90A88FF}]
SUPPRIMÉ Clé BHO: HKLM64\SOFTWARE\Classes\CLSID\{B164E929-A1B6-4A06-B104-2CD0E90A88FF} [{B164E929-A1B6-4A06-B104-2CD0E90A88FF}Classes]
SUPPRIMÉ Clé: HKLM\SOFTWARE\McAfee [McAfee]
SUPPRIMÉ Clé: HKLM\SOFTWARE\McAfee NGI [McAfee NGI]
SUPPRIMÉ Clé: HKCU\SOFTWARE\McAfee [McAfee]
SUPPRIMÉ Clé: HKU\.DEFAULT\SOFTWARE\McAfee [McAfee]
ABSENT Valeur FirewallRules: HKLM\SYSTEM\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules [{F9156459-261E-402C-8699-F0D917E62D67}]
ABSENT Valeur FirewallRules: HKLM\SYSTEM\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules [{1BF16DC1-2C4A-41B0-8513-2CD74AC75B9F}]
SUPPRIMÉ Clé: HKLM\SOFTWARE\Mozilla [Mozilla]
SUPPRIMÉ Clé: HKLM\SOFTWARE\MozillaPlugins [MozillaPlugins]
SUPPRIMÉ Clé: HKU\.DEFAULT\SOFTWARE\Mozilla [Mozilla]
SUPPRIMÉ Valeur: ByteFence.exe [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION]


---\\ COMMANDE. (7)
~ EmptyCSID: Dossiers CLSID vides supprimés (4)
~ EmptyTemp: Dossier Local temp partiellement vidé (21)
~ EmptyFlash: Fichiers Temporaires supprimés. (2)
~ Command spéciale exécutée avec succès: ipconfig /flushdns
~ Command spéciale exécutée avec succès: netsh winsock reset
~ Command spéciale exécutée avec succès: netsh advfirewall reset
~ Command spéciale exécutée avec succès: Netsh advfirewall set allprofiles state on


---\\ NON TRAITÉ. (2)
[MD5.93F1AFC7B589BF2411D2333DE8018AEF] - (.McAfee, Inc. - McAfee WebAdvisor.) -- C:\Program Files\mcafee\WebAdvisor\ServiceHost.exe
[MD5.862FD3938C27F7C8DC9E9F26340F9179] - (.McAfee, Inc. - McAfee WebAdvisor.) -- C:\Program Files\mcafee\WebAdvisor\uihost.exe

~ Le système a été redémarré.

***** ~ Fin de rapport terminé en 00h00mn53s

Publicité


Signaler le contenu de ce document

Publicité