Publicité
Publicité
Format du document : text/plain
Prévisualisation
~ ZHPFix v2019.1.22.11 by Nicolas Coolman (2019/01/22)
~ Run by kelia (Administrator) (24/01/2019 14:56:11)
~ Web: https://www.nicolascoolman.com
~ Blog: https://nicolascoolman.eu/
~ Certificate ZHPFix: Legal
~ State version : Version OK
~ Report : C:\Users\kelia\Desktop\ZHPFix.txt
~ Quarantine : HKCU\SOFTWARE\ZHP\ZHPFix\Quarantine\
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
Windows 7 Home Premium, 64-bit Service Pack 1 (Build 7601)
---\\ SCRIPT DE L'UTILISATEUR. (49)
Script Zhpfix
O4 - HKCU\..\Run: [Spotify] . (. - .) -- --minimized.
O4 - HKUS\S-1-5-21-2779949866-2437069981-3901367814-1000\..\Run: [Spotify] . (. - .) -- --minimized.
G2 - GCE: Preference [kelia][User Data\Default] [mplamgaojjgfaelahmmmbmhnlfhcfamb]
G2 - GCE: Preference [kelia][User Data\Default] [idhkmcfanijhphphomamdkaejjadkhgn] Headie
G2 - GCE: Preference [kelia][User Data\Default] [nahhmpbckpgdidfnmfkfgiflpjijilce] Search Manager
G2 - GCE: Preference [kelia][User Data\Default] [pilplloabdedfmialnfchjomjmpjcoej] Search Manager
O4 - GS\Desktop [Administrateur]: ByteFence Anti-Malware.lnk . (...) C:\Program Files (x86)\ByteFence\ByteFence.exe
O4 - GS\Desktop [kelia]: ByteFence Anti-Malware.lnk . (...) C:\Program Files (x86)\ByteFence\ByteFence.exe
O4 - GS\CommonDesktop [Public]: Win Tonic.lnk . (.pctonics.com - .) C:\Program Files (x86)\Win Tonic\wtc.exe
HKEY_USERS\S-1-5-21-2779949866-2437069981-3901367814-1000\Software\csastats
HKCU\Software\pctonics.com
HKCU\Software\csastats
HKCU\Software\undefined
HKLM\System\CurrentControlSet\Services\EventLog\Reason\ReasonByteFence
HKLM\SOFTWARE\pctonics.com
HKLM\SOFTWARE\WebBar
HKLM\SOFTWARE\wtc-pr
HKCU\SOFTWARE\ByteFence
HKU\S-1-5-21-2779949866-2437069981-3901367814-1000\SOFTWARE\ByteFence
HKU\S-1-5-21-2779949866-2437069981-3901367814-1000\SOFTWARE\pctonics.com
HKLM\SOFTWARE\Microsoft\Tracing\ByteFenceService_RASAPI32
HKLM\SOFTWARE\Microsoft\Tracing\ByteFenceService_RASMANCS
HKLM\SOFTWARE\Microsoft\Tracing\ByteFence_RASAPI32
HKLM\SOFTWARE\Microsoft\Tracing\ByteFence_RASMANCS
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION]:ByteFence.exe
C:\Users\kelia\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\mplamgaojjgfaelahmmmbmhnlfhcfamb
C:\Users\kelia\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\idhkmcfanijhphphomamdkaejjadkhgn
C:\Users\kelia\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\nahhmpbckpgdidfnmfkfgiflpjijilce
C:\Users\kelia\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\pilplloabdedfmialnfchjomjmpjcoej
C:\Program Files\Win Tonic
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Win Tonic
C:\ProgramData\pctonics.com
C:\Users\kelia\AppData\Roaming\pctonics.com
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\ByteFenceService_RASAPI32
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\ByteFenceService_RASMANCS
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\ByteFence_RASAPI32
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\ByteFence_RASMANCS
C:\Users\kelia\AppData\Local\Google\Chrome\User Data\Default\File System\000
C:\Users\kelia\AppData\Local\Google\Chrome\User Data\Default\File System\001
C:\Users\kelia\AppData\Local\Google\Chrome\User Data\Default\File System\002
HKEY_USERS\S-1-5-21-2779949866-2437069981-3901367814-1000\Software\csastats
HKCU\Software\pctonics.com
HKCU\Software\csastats
HKCU\Software\undefined
HKLM\System\CurrentControlSet\Services\EventLog\Reason\ReasonByteFence
EmptyPrefetch
Emptytemp
EmptyClsid
---\\ LOGICIEL. (0)
---\\ SERVICE. (0)
---\\ TÂCHE PLANIFIÉE. (0)
---\\ NAVIGATEUR INTERNET. (1)
SUPPRIMÉ Dossier Chrome: C:\Users\kelia\AppData\Local\Google\Chrome\User Data\Default\Extensions\
---\\ EXPLORATEUR ( Dossiers, Fichiers ). (24)
DEPLACÉ Fichier Shortcut: C:\Users\kelia\Desktop\ByteFence Anti-Malware.lnk
DEPLACÉ Fichier Shortcut: C:\Users\Public\Desktop\Win Tonic.lnk
SUPPRIMÉ Dossier : C:\Program Files\Win Tonic
SUPPRIMÉ Dossier : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Win Tonic
SUPPRIMÉ Dossier : C:\ProgramData\pctonics.com
SUPPRIMÉ Dossier : C:\Users\kelia\AppData\Roaming\pctonics.com
SUPPRIMÉ Dossier : C:\Users\kelia\AppData\Local\Google\Chrome\User Data\Default\File System\000
SUPPRIMÉ Dossier : C:\Users\kelia\AppData\Local\Google\Chrome\User Data\Default\File System\001
SUPPRIMÉ Dossier : C:\Users\kelia\AppData\Local\Google\Chrome\User Data\Default\File System\002
DEPLACÉ Fichier Temp: C:\Users\kelia\AppData\Local\Temp\adobegc.log
SUPPRIMÉ Redémarrage Fichier Temp^: C:\Users\kelia\AppData\Local\Temp\AdobeIPCBroker.log
DEPLACÉ Fichier Temp: C:\Users\kelia\AppData\Local\Temp\assistant_installer_20190124071835.log
SUPPRIMÉ Redémarrage Fichier Temp^: C:\Users\kelia\AppData\Local\Temp\oobelib.log
SUPPRIMÉ Redémarrage Fichier Temp^: C:\Users\kelia\AppData\Local\Temp\PDApp.log
DEPLACÉ Fichier Temp: C:\Users\kelia\AppData\Local\Temp\dat5B1A.tmp
DEPLACÉ Fichier Temp: C:\Users\kelia\AppData\Local\Temp\dat7530.tmp
DEPLACÉ Fichier Temp: C:\Users\kelia\AppData\Local\Temp\dat7550.tmp
DEPLACÉ Fichier Temp: C:\Users\kelia\AppData\Local\Temp\dat7570.tmp
DEPLACÉ Fichier Temp: C:\Users\kelia\AppData\Local\Temp\dat7590.tmp
DEPLACÉ Fichier Temp: C:\Users\kelia\AppData\Local\Temp\dat75A1.tmp
DEPLACÉ Fichier Temp: C:\Users\kelia\AppData\Local\Temp\_iu14D2N.tmp
SUPPRIMÉ Redémarrage Fichier Temp^: C:\Users\kelia\AppData\Local\Temp\~DF1BABD5041EB8C0B6.TMP
SUPPRIMÉ Redémarrage Fichier Temp^: C:\Users\kelia\AppData\Local\Temp\FXSAPIDebugLogFile.txt
SUPPRIMÉ Dossier EmptyCLSID: C:\Users\kelia\AppData\Local\{F821CE7D-DC89-A2C5-B111-872D95797BB5}
---\\ REGISTRE ( Clés, Valeurs, Données ). (9)
SUPPRIMÉ Valeur Run: Spotify [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\]
ABSENT Valeur Run: HKU\S-1-5-21-2779949866-2437069981-3901367814-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ [--minimized.]
SUPPRIMÉ Clé: HKEY_USERS\S-1-5-21-2779949866-2437069981-3901367814-1000\Software\csastats [csastats]
SUPPRIMÉ Clé: HKCU\Software\pctonics.com [pctonics.com]
SUPPRIMÉ Clé: HKCU\Software\undefined [undefined]
SUPPRIMÉ Clé: HKLM\System\CurrentControlSet\Services\EventLog\Reason\ReasonByteFence [ReasonByteFence]
SUPPRIMÉ Clé: HKCU\SOFTWARE\ByteFence [ByteFence]
SUPPRIMÉ Valeur : ByteFence.exe [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION]
SUPPRIMÉ Valeur: ByteFence.exe [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION]
---\\ COMMANDE. (3)
~ EmptyPrefetch: Fichiers Prefetcher supprimés (130)
~ EmptyTemp: Dossier Local temp partiellement vidé (14)
~ EmptyCSID: Dossiers CLSID vides supprimés (1)
---\\ NON TRAITÉ. (0)
~ Le système a été redémarré.
***** ~ Fin de rapport terminé en 00h00mn23s
~ Run by kelia (Administrator) (24/01/2019 14:56:11)
~ Web: https://www.nicolascoolman.com
~ Blog: https://nicolascoolman.eu/
~ Certificate ZHPFix: Legal
~ State version : Version OK
~ Report : C:\Users\kelia\Desktop\ZHPFix.txt
~ Quarantine : HKCU\SOFTWARE\ZHP\ZHPFix\Quarantine\
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
Windows 7 Home Premium, 64-bit Service Pack 1 (Build 7601)
---\\ SCRIPT DE L'UTILISATEUR. (49)
Script Zhpfix
O4 - HKCU\..\Run: [Spotify] . (. - .) -- --minimized.
O4 - HKUS\S-1-5-21-2779949866-2437069981-3901367814-1000\..\Run: [Spotify] . (. - .) -- --minimized.
G2 - GCE: Preference [kelia][User Data\Default] [mplamgaojjgfaelahmmmbmhnlfhcfamb]
G2 - GCE: Preference [kelia][User Data\Default] [idhkmcfanijhphphomamdkaejjadkhgn] Headie
G2 - GCE: Preference [kelia][User Data\Default] [nahhmpbckpgdidfnmfkfgiflpjijilce] Search Manager
G2 - GCE: Preference [kelia][User Data\Default] [pilplloabdedfmialnfchjomjmpjcoej] Search Manager
O4 - GS\Desktop [Administrateur]: ByteFence Anti-Malware.lnk . (...) C:\Program Files (x86)\ByteFence\ByteFence.exe
O4 - GS\Desktop [kelia]: ByteFence Anti-Malware.lnk . (...) C:\Program Files (x86)\ByteFence\ByteFence.exe
O4 - GS\CommonDesktop [Public]: Win Tonic.lnk . (.pctonics.com - .) C:\Program Files (x86)\Win Tonic\wtc.exe
HKEY_USERS\S-1-5-21-2779949866-2437069981-3901367814-1000\Software\csastats
HKCU\Software\pctonics.com
HKCU\Software\csastats
HKCU\Software\undefined
HKLM\System\CurrentControlSet\Services\EventLog\Reason\ReasonByteFence
HKLM\SOFTWARE\pctonics.com
HKLM\SOFTWARE\WebBar
HKLM\SOFTWARE\wtc-pr
HKCU\SOFTWARE\ByteFence
HKU\S-1-5-21-2779949866-2437069981-3901367814-1000\SOFTWARE\ByteFence
HKU\S-1-5-21-2779949866-2437069981-3901367814-1000\SOFTWARE\pctonics.com
HKLM\SOFTWARE\Microsoft\Tracing\ByteFenceService_RASAPI32
HKLM\SOFTWARE\Microsoft\Tracing\ByteFenceService_RASMANCS
HKLM\SOFTWARE\Microsoft\Tracing\ByteFence_RASAPI32
HKLM\SOFTWARE\Microsoft\Tracing\ByteFence_RASMANCS
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION]:ByteFence.exe
C:\Users\kelia\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\mplamgaojjgfaelahmmmbmhnlfhcfamb
C:\Users\kelia\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\idhkmcfanijhphphomamdkaejjadkhgn
C:\Users\kelia\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\nahhmpbckpgdidfnmfkfgiflpjijilce
C:\Users\kelia\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\pilplloabdedfmialnfchjomjmpjcoej
C:\Program Files\Win Tonic
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Win Tonic
C:\ProgramData\pctonics.com
C:\Users\kelia\AppData\Roaming\pctonics.com
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\ByteFenceService_RASAPI32
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\ByteFenceService_RASMANCS
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\ByteFence_RASAPI32
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\ByteFence_RASMANCS
C:\Users\kelia\AppData\Local\Google\Chrome\User Data\Default\File System\000
C:\Users\kelia\AppData\Local\Google\Chrome\User Data\Default\File System\001
C:\Users\kelia\AppData\Local\Google\Chrome\User Data\Default\File System\002
HKEY_USERS\S-1-5-21-2779949866-2437069981-3901367814-1000\Software\csastats
HKCU\Software\pctonics.com
HKCU\Software\csastats
HKCU\Software\undefined
HKLM\System\CurrentControlSet\Services\EventLog\Reason\ReasonByteFence
EmptyPrefetch
Emptytemp
EmptyClsid
---\\ LOGICIEL. (0)
---\\ SERVICE. (0)
---\\ TÂCHE PLANIFIÉE. (0)
---\\ NAVIGATEUR INTERNET. (1)
SUPPRIMÉ Dossier Chrome: C:\Users\kelia\AppData\Local\Google\Chrome\User Data\Default\Extensions\
---\\ EXPLORATEUR ( Dossiers, Fichiers ). (24)
DEPLACÉ Fichier Shortcut: C:\Users\kelia\Desktop\ByteFence Anti-Malware.lnk
DEPLACÉ Fichier Shortcut: C:\Users\Public\Desktop\Win Tonic.lnk
SUPPRIMÉ Dossier : C:\Program Files\Win Tonic
SUPPRIMÉ Dossier : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Win Tonic
SUPPRIMÉ Dossier : C:\ProgramData\pctonics.com
SUPPRIMÉ Dossier : C:\Users\kelia\AppData\Roaming\pctonics.com
SUPPRIMÉ Dossier : C:\Users\kelia\AppData\Local\Google\Chrome\User Data\Default\File System\000
SUPPRIMÉ Dossier : C:\Users\kelia\AppData\Local\Google\Chrome\User Data\Default\File System\001
SUPPRIMÉ Dossier : C:\Users\kelia\AppData\Local\Google\Chrome\User Data\Default\File System\002
DEPLACÉ Fichier Temp: C:\Users\kelia\AppData\Local\Temp\adobegc.log
SUPPRIMÉ Redémarrage Fichier Temp^: C:\Users\kelia\AppData\Local\Temp\AdobeIPCBroker.log
DEPLACÉ Fichier Temp: C:\Users\kelia\AppData\Local\Temp\assistant_installer_20190124071835.log
SUPPRIMÉ Redémarrage Fichier Temp^: C:\Users\kelia\AppData\Local\Temp\oobelib.log
SUPPRIMÉ Redémarrage Fichier Temp^: C:\Users\kelia\AppData\Local\Temp\PDApp.log
DEPLACÉ Fichier Temp: C:\Users\kelia\AppData\Local\Temp\dat5B1A.tmp
DEPLACÉ Fichier Temp: C:\Users\kelia\AppData\Local\Temp\dat7530.tmp
DEPLACÉ Fichier Temp: C:\Users\kelia\AppData\Local\Temp\dat7550.tmp
DEPLACÉ Fichier Temp: C:\Users\kelia\AppData\Local\Temp\dat7570.tmp
DEPLACÉ Fichier Temp: C:\Users\kelia\AppData\Local\Temp\dat7590.tmp
DEPLACÉ Fichier Temp: C:\Users\kelia\AppData\Local\Temp\dat75A1.tmp
DEPLACÉ Fichier Temp: C:\Users\kelia\AppData\Local\Temp\_iu14D2N.tmp
SUPPRIMÉ Redémarrage Fichier Temp^: C:\Users\kelia\AppData\Local\Temp\~DF1BABD5041EB8C0B6.TMP
SUPPRIMÉ Redémarrage Fichier Temp^: C:\Users\kelia\AppData\Local\Temp\FXSAPIDebugLogFile.txt
SUPPRIMÉ Dossier EmptyCLSID: C:\Users\kelia\AppData\Local\{F821CE7D-DC89-A2C5-B111-872D95797BB5}
---\\ REGISTRE ( Clés, Valeurs, Données ). (9)
SUPPRIMÉ Valeur Run: Spotify [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\]
ABSENT Valeur Run: HKU\S-1-5-21-2779949866-2437069981-3901367814-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ [--minimized.]
SUPPRIMÉ Clé: HKEY_USERS\S-1-5-21-2779949866-2437069981-3901367814-1000\Software\csastats [csastats]
SUPPRIMÉ Clé: HKCU\Software\pctonics.com [pctonics.com]
SUPPRIMÉ Clé: HKCU\Software\undefined [undefined]
SUPPRIMÉ Clé: HKLM\System\CurrentControlSet\Services\EventLog\Reason\ReasonByteFence [ReasonByteFence]
SUPPRIMÉ Clé: HKCU\SOFTWARE\ByteFence [ByteFence]
SUPPRIMÉ Valeur : ByteFence.exe [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION]
SUPPRIMÉ Valeur: ByteFence.exe [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION]
---\\ COMMANDE. (3)
~ EmptyPrefetch: Fichiers Prefetcher supprimés (130)
~ EmptyTemp: Dossier Local temp partiellement vidé (14)
~ EmptyCSID: Dossiers CLSID vides supprimés (1)
---\\ NON TRAITÉ. (0)
~ Le système a été redémarré.
***** ~ Fin de rapport terminé en 00h00mn23s