cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

~ ZHPFix v2019.9.23.141 by Nicolas Coolman (2019/09/23)
~ Run by Ghislaine (Administrator) (24/09/2019 21:24:46)
~ Web: https://www.nicolascoolman.com
~ Blog: https://nicolascoolman.eu/
~ Certificate ZHPFix: Legal
~ State version : Version OK
~ Report : C:\Users\Ghislaine\Desktop\ZHPFix.txt
~ Quarantine : HKCU\SOFTWARE\ZHP\ZHPFix\Quarantine\
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
Windows 10 Home, 64-bit (Build 18362)



---\\ SCRIPT DE L'UTILISATEUR. (63)
Script ZHPFix
CreateRestorePoint
UnMaskSoftware: O42 - Logiciel: Google Update Helper - (.Google LLC.) [HKLM][64Bits] -- {60EC980A-BDA2-4CB6-A427-B07A5498B4CA} =>.Google LLC (Hidden)
HKLM\SOFTWARE\WOW6432Node\ShieldApps
HKCU\SOFTWARE\ShieldApps
HKU\S-1-5-21-53389744-136711876-1384555470-1001\SOFTWARE\ShieldApps
[MD5.76CC8615A6089E6D97FA81981BB59C3C] [WIS][2018/12/14 12:33:37] (.ShieldApps - PC Privacy Shield 2019.) -- C:\WINDOWS\Installer\322b636c.msi [1600000]
C:\WINDOWS\Installer\322b636c.msi
O42 - Logiciel: PC Privacy Shield 2019 - (.ShieldApps.) [HKLM][64Bits] -- {C8BD6DF0-91C1-4804-8FBD-24F0D68DD926}
O43 - CFD: 29/08/2019 - [] D -- C:\Users\Ghislaine\AppData\Roaming\PC Privacy Shield 2019
O87 - FAEL: "UDP Query User{DEC50BFC-D2C4-4FFE-A341-306C62845466}C:\users\ghislaine\appdata\local\packages\microsoft.microsoftedge_8wekyb3d8bbwe\tempstate\downloads\anydesk (1).exe" [In-None-P17-TRUE] .(...) -- C:\users\ghislaine\appdata\local\packages\microsoft.microsoftedge_8wekyb3d8bbwe\tempstate\downloads\anydesk (1).exe (.not file.)
O87 - FAEL: "TCP Query User{93CACC7F-C98A-4836-93F1-9A11B87E3E26}C:\users\ghislaine\appdata\local\packages\microsoft.microsoftedge_8wekyb3d8bbwe\tempstate\downloads\anydesk (1).exe" [In-None-P6-TRUE] .(...) -- C:\users\ghislaine\appdata\local\packages\microsoft.microsoftedge_8wekyb3d8bbwe\tempstate\downloads\anydesk (1).exe (.not file.)
O87 - FAEL: "{6761EAC5-3F1C-4824-9F9F-B636B0BF9515}" [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Common Files\Mcafee\MMSSHost\MMSSHost.exe (.not file.)
O87 - FAEL: "{25F32973-1057-4BCC-94FD-370CF69080FC}" [In-None-P6-TRUE] .(...) -- C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHost.exe (.not file.)
O87 - FAEL: "{97E3CAD7-6FEF-4D44-ABAB-2C6EB0602774}" [In-None-P6-TRUE] .(...) -- C:\Program Files\Mozilla Firefox\firefox.exe (.not file.)
O87 - FAEL: "{4FFABD6E-C95D-46E3-A7FE-8F50C6914896}" [In-None-P17-TRUE] .(...) -- C:\Program Files\Mozilla Firefox\firefox.exe (.not file.)
O90 - PUC: "0FD6DB8C1C194084F8DB420F6DD89D62" [HKLM] . (.PC Privacy Shield 2019.) -- C:\WINDOWS\Installer\{C8BD6DF0-91C1-4804-8FBD-24F0D68DD926}\icon.exe
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C8BD6DF0-91C1-4804-8FBD-24F0D68DD926}
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{C8BD6DF0-91C1-4804-8FBD-24F0D68DD926}
C:\Users\Ghislaine\AppData\Roaming\PC Privacy Shield 2019
C:\WINDOWS\Installer\{C8BD6DF0-91C1-4804-8FBD-24F0D68DD926}\icon.exe
HKLM\SOFTWARE\Wow6432Node\Classes\Installer\Products\0FD6DB8C1C194084F8DB420F6DD89D62
HKLM\SOFTWARE\Wow6432Node\Classes\Installer\Features\0FD6DB8C1C194084F8DB420F6DD89D62
C:\Users\Ghislaine\AppData\Local\Google\Chrome\User Data\Default\File System\000
C:\Users\Ghislaine\AppData\Local\Google\Chrome\User Data\Default\File System\001
C:\Users\Ghislaine\AppData\Local\Google\Chrome\User Data\Default\File System\002
C:\Users\Ghislaine\AppData\Local\Google\Chrome\User Data\Default\File System\003
C:\Users\Ghislaine\AppData\Local\Google\Chrome\User Data\Default\File System\004
C:\Users\Ghislaine\AppData\Local\Google\Chrome\User Data\Default\File System\005
C:\Users\Ghislaine\AppData\Local\Google\Chrome\User Data\Default\File System\006
C:\Users\Ghislaine\AppData\Local\Google\Chrome\User Data\Default\File System\007
C:\Users\Ghislaine\AppData\Local\Google\Chrome\User Data\Default\File System\008
C:\Users\Ghislaine\AppData\Local\Google\Chrome\User Data\Default\File System\009
C:\Users\Ghislaine\AppData\Local\Google\Chrome\User Data\Default\File System\010
C:\Users\Ghislaine\AppData\Local\Google\Chrome\User Data\Default\File System\011
C:\Users\Ghislaine\AppData\Local\Google\Chrome\User Data\Default\File System\012
C:\Users\Ghislaine\AppData\Local\Google\Chrome\User Data\Default\File System\013
C:\Users\Ghislaine\AppData\Local\Google\Chrome\User Data\Default\File System\014
C:\Users\Ghislaine\AppData\Local\Google\Chrome\User Data\Default\File System\015
C:\Users\Ghislaine\AppData\Local\Google\Chrome\User Data\Default\File System\016
C:\Users\Ghislaine\AppData\Local\Google\Chrome\User Data\Default\File System\017
C:\Users\Ghislaine\AppData\Local\Google\Chrome\User Data\Default\File System\018
O68 - StartMenuInternet: [64Bits][HKLM\..\Shell\open\Command] (...) -- C:\Program Files\Mozilla Firefox\firefox.exe (.not file.)
O68 - StartMenuInternet: [64Bits][HKLM\..\InstallInfo\ShowIconsCommand] (...) -- C:\Program Files\Mozilla Firefox\uninstall\helper.exe (.not file.)
O68 - StartMenuInternet: [64Bits][HKLM\..\InstallInfo\ReinstallCommand] (...) -- C:\Program Files\Mozilla Firefox\uninstall\helper.exe (.not file.)
O68 - StartMenuInternet: [64Bits][HKLM\..\InstallInfo\HideIconsCommand] (...) -- C:\Program Files\Mozilla Firefox\uninstall\helper.exe (.not file.)
O17 - HKLM\System\CCS\Services\Tcpip\..\{dc51bb7f-e600-4249-91f8-206ce41f54d6}: DhcpNameServer = 10.66.8.1 =>.Private IP (10.0.0.0 - 10.255.255.255) =>.Private IP
HKLM\SOFTWARE\WOW6432Node\McAfee
HKU\.DEFAULT\SOFTWARE\McAfee
O43 - CFD: 04/01/2019 - [] D -- C:\Program Files\mcafee
O43 - CFD: 04/01/2019 - [] D -- C:\Program Files\mcafee.com
O43 - CFD: 04/01/2019 - [] D -- C:\Program Files (x86)\McAfee
O43 - CFD: 16/05/2019 - [] D -- C:\ProgramData\McAfee
O43 - CFD: 16/05/2019 - [] D -- C:\Program Files (x86)\Common Files\McAfee
EmptyCLSID
EmptyFlash
EmptyTemp
EmptyTracing
EmptyPrefetch
EmptyProxy
EmptyRecycle
WinsockFix
Fin


---\\ LOGICIEL. (1)
DESINSTALLER : {C8BD6DF0-91C1-4804-8FBD-24F0D68DD926}


---\\ SERVICE. (0)


---\\ TÂCHE PLANIFIÉE. (0)


---\\ NAVIGATEUR INTERNET. (4)
ABSENT Clé StartMenuInternet: HKLM\SOFTWARE\Clients\StartMenuInternet\64Bits][HKLM\..\InstallInfo\ShowIconsCommand] (...) -- C:\Program Files\Mozilla Firefox\uninstall\helper.exe (.not file.)
ABSENT Clé StartMenuInternet: HKLM\SOFTWARE\Clients\StartMenuInternet\64Bits][HKLM\..\InstallInfo\ReinstallCommand] (...) -- C:\Program Files\Mozilla Firefox\uninstall\helper.exe (.not file.)
ABSENT Clé StartMenuInternet: HKLM\SOFTWARE\Clients\StartMenuInternet\64Bits][HKLM\..\InstallInfo\HideIconsCommand] (...) -- C:\Program Files\Mozilla Firefox\uninstall\helper.exe (.not file.)
REFUSÉ Clé StartMenuInternet: 64Bits][HKLM\..\Shell\open\Command] (...) -- C:\Program Files\Mozilla Firefox\firefox.exe (.not file.) [C:\Program Files\Mozilla Firefox\firefox.exe (.not file.)]


---\\ EXPLORATEUR ( Dossiers, Fichiers ). (44)
DEPLACÉ Fichier Windows Installer: C:\WINDOWS\Installer\322b636c.msi
SUPPRIMÉ Dossier : C:\Users\Ghislaine\AppData\Roaming\PC Privacy Shield 2019
DEPLACÉ Fichier : C:\WINDOWS\Installer\{C8BD6DF0-91C1-4804-8FBD-24F0D68DD926}\icon.exe
SUPPRIMÉ Dossier : C:\Users\Ghislaine\AppData\Local\Google\Chrome\User Data\Default\File System\000
SUPPRIMÉ Dossier : C:\Users\Ghislaine\AppData\Local\Google\Chrome\User Data\Default\File System\001
SUPPRIMÉ Dossier : C:\Users\Ghislaine\AppData\Local\Google\Chrome\User Data\Default\File System\002
SUPPRIMÉ Dossier : C:\Users\Ghislaine\AppData\Local\Google\Chrome\User Data\Default\File System\003
SUPPRIMÉ Dossier : C:\Users\Ghislaine\AppData\Local\Google\Chrome\User Data\Default\File System\004
SUPPRIMÉ Dossier : C:\Users\Ghislaine\AppData\Local\Google\Chrome\User Data\Default\File System\005
SUPPRIMÉ Dossier : C:\Users\Ghislaine\AppData\Local\Google\Chrome\User Data\Default\File System\006
SUPPRIMÉ Dossier : C:\Users\Ghislaine\AppData\Local\Google\Chrome\User Data\Default\File System\007
SUPPRIMÉ Dossier : C:\Users\Ghislaine\AppData\Local\Google\Chrome\User Data\Default\File System\008
SUPPRIMÉ Dossier : C:\Users\Ghislaine\AppData\Local\Google\Chrome\User Data\Default\File System\009
SUPPRIMÉ Dossier : C:\Users\Ghislaine\AppData\Local\Google\Chrome\User Data\Default\File System\010
SUPPRIMÉ Dossier : C:\Users\Ghislaine\AppData\Local\Google\Chrome\User Data\Default\File System\011
SUPPRIMÉ Dossier : C:\Users\Ghislaine\AppData\Local\Google\Chrome\User Data\Default\File System\012
SUPPRIMÉ Dossier : C:\Users\Ghislaine\AppData\Local\Google\Chrome\User Data\Default\File System\013
SUPPRIMÉ Dossier : C:\Users\Ghislaine\AppData\Local\Google\Chrome\User Data\Default\File System\014
SUPPRIMÉ Dossier : C:\Users\Ghislaine\AppData\Local\Google\Chrome\User Data\Default\File System\015
SUPPRIMÉ Dossier : C:\Users\Ghislaine\AppData\Local\Google\Chrome\User Data\Default\File System\016
SUPPRIMÉ Dossier : C:\Users\Ghislaine\AppData\Local\Google\Chrome\User Data\Default\File System\017
SUPPRIMÉ Dossier : C:\Users\Ghislaine\AppData\Local\Google\Chrome\User Data\Default\File System\018
SUPPRIMÉ Dossier : C:\Program Files\mcafee
SUPPRIMÉ Dossier : C:\Program Files\mcafee.com
SUPPRIMÉ Dossier : C:\Program Files (x86)\McAfee
SUPPRIMÉ Dossier : C:\ProgramData\McAfee
SUPPRIMÉ Dossier : C:\Program Files (x86)\Common Files\McAfee
DEPLACÉ Fichier Temp: C:\Users\GHISLA~1\AppData\Local\Temp\AdobeARM.log
SUPPRIMÉ Redémarrage Fichier Temp^: C:\Users\GHISLA~1\AppData\Local\Temp\aria-debug-8388.log
DEPLACÉ Fichier Temp: C:\Users\GHISLA~1\AppData\Local\Temp\StructuredQuery.log
DEPLACÉ Fichier Temp: C:\Users\GHISLA~1\AppData\Local\Temp\adrsj3.tmp
DEPLACÉ Fichier Temp: C:\Users\GHISLA~1\AppData\Local\Temp\adrsjr3.tmp
DEPLACÉ Fichier Temp: C:\Users\GHISLA~1\AppData\Local\Temp\mb_F405.tmp
DEPLACÉ Fichier Temp: C:\Users\GHISLA~1\AppData\Local\Temp\wct130E.tmp
DEPLACÉ Fichier Temp: C:\Users\GHISLA~1\AppData\Local\Temp\wct19B2.tmp
DEPLACÉ Fichier Temp: C:\Users\GHISLA~1\AppData\Local\Temp\wct2731.tmp
DEPLACÉ Fichier Temp: C:\Users\GHISLA~1\AppData\Local\Temp\wct4412.tmp
DEPLACÉ Fichier Temp: C:\Users\GHISLA~1\AppData\Local\Temp\wct4839.tmp
DEPLACÉ Fichier Temp: C:\Users\GHISLA~1\AppData\Local\Temp\wct6EAD.tmp
DEPLACÉ Fichier Temp: C:\Users\GHISLA~1\AppData\Local\Temp\wct9023.tmp
DEPLACÉ Fichier Temp: C:\Users\GHISLA~1\AppData\Local\Temp\wctA48.tmp
DEPLACÉ Fichier Temp: C:\Users\GHISLA~1\AppData\Local\Temp\wctCDB7.tmp
DEPLACÉ Fichier Temp: C:\Users\GHISLA~1\AppData\Local\Temp\wctE960.tmp
DEPLACÉ Fichier Temp: C:\Users\GHISLA~1\AppData\Local\Temp\wctF171.tmp


---\\ REGISTRE ( Clés, Valeurs, Données ). (19)
REMPLACÉ Donnée Software: 1 [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}\\SystemComponent]
SUPPRIMÉ Clé: HKLM\SOFTWARE\WOW6432Node\ShieldApps [ShieldApps]
SUPPRIMÉ Clé: HKCU\SOFTWARE\ShieldApps [ShieldApps]
ABSENT Clé: HKU\S-1-5-21-53389744-136711876-1384555470-1001\SOFTWARE\ShieldApps
SUPPRIMÉ Valeur FirewallRules: UDP Query User{DEC50BFC-D2C4-4FFE-A341-306C62845466}C:\users\ghislaine\appdata\local\packages\microsoft.microsoftedge_8wekyb3d8bbwe\tempstate\downloads\anydesk (1).exe [HKLM\SYSTEM\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules]
SUPPRIMÉ Valeur FirewallRules: TCP Query User{93CACC7F-C98A-4836-93F1-9A11B87E3E26}C:\users\ghislaine\appdata\local\packages\microsoft.microsoftedge_8wekyb3d8bbwe\tempstate\downloads\anydesk (1).exe [HKLM\SYSTEM\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules]
SUPPRIMÉ Valeur FirewallRules: {6761EAC5-3F1C-4824-9F9F-B636B0BF9515} [HKLM\SYSTEM\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules]
SUPPRIMÉ Valeur FirewallRules: {25F32973-1057-4BCC-94FD-370CF69080FC} [HKLM\SYSTEM\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules]
SUPPRIMÉ Valeur FirewallRules: {97E3CAD7-6FEF-4D44-ABAB-2C6EB0602774} [HKLM\SYSTEM\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules]
SUPPRIMÉ Valeur FirewallRules: {4FFABD6E-C95D-46E3-A7FE-8F50C6914896} [HKLM\SYSTEM\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules]
SUPPRIMÉ Clé Product: HKLM64\Software\Classes\Installer\Products\0FD6DB8C1C194084F8DB420F6DD89D62 [PC Privacy Shield 2019]
ABSENT Clé: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C8BD6DF0-91C1-4804-8FBD-24F0D68DD926}
SUPPRIMÉ Clé: HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{C8BD6DF0-91C1-4804-8FBD-24F0D68DD926} [{C8BD6DF0-91C1-4804-8FBD-24F0D68DD926}]
ABSENT Clé: HKLM\SOFTWARE\Wow6432Node\Classes\Installer\Products\0FD6DB8C1C194084F8DB420F6DD89D62
ABSENT Clé: HKLM\SOFTWARE\Wow6432Node\Classes\Installer\Features\0FD6DB8C1C194084F8DB420F6DD89D62
REMPLACÉ Donnée TCPIP: 10.66.8.1 [HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{dc51bb7f-e600-4249-91f8-206ce41f54d6}\\DhcpNameServer]
SUPPRIMÉ Clé: HKLM\SOFTWARE\WOW6432Node\McAfee [McAfee]
SUPPRIMÉ Clé: HKU\.DEFAULT\SOFTWARE\McAfee [McAfee]
~ EmptyProxy: Aucune modification.


---\\ COMMANDE. (8)
CreateRestorePoint: OK
~ EmptyCSID: Dossiers CLSID vides supprimés (0)
~ EmptyFlash: Fichiers Temporaires supprimés. (2)
~ EmptyTemp: Dossier Local temp partiellement vidé (17)
~ EmptyTracing: Clés tracing supprimées (13)
~ EmptyPrefetch: Fichiers Prefetcher supprimés (162)
~ EmptyRecycle: Corbeille vidée avec succès.
~ Command spéciale exécutée avec succès: Winsock


---\\ NON TRAITÉ. (0)

~ Le système a été redémarré.

***** ~ Fin de rapport terminé en 00h03mn55s

Publicité


Signaler le contenu de ce document

Publicité