~ ZHPFix v2019.1.11.7 by Nicolas Coolman (2019/01/11)
~ Run by zeger (Administrator)  (12/01/2019 13:22:40)
~ Web: https://www.nicolascoolman.com
~ Blog: https://nicolascoolman.eu/
~ Certificate ZHPFix: Legal
~ State version : Version OK
~ Report : C:\Users\zeger\Desktop\ZHPFix.txt
~ Quarantine : HKCU\SOFTWARE\ZHP\ZHPFix\Quarantine\
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
Windows 10 Home, 64-bit  (Build 17134)



---\\  SCRIPT DE L'UTILISATEUR.  (71)
Script ZHPFix
EmptyCLSID
EmptyFlash
EmptyTemp
EmptyTracing
EmptyPrefetch
EmptyProxy
P2 - EXT FILE: (.Bing Search Engine - Bing. Search by Microsoft..) -- C:\Users\zeger\AppData\Roaming\Mozilla\Firefox\Profiles\h1yfsbip.default-1529087012842\searchplugins\bing-lavasoft-ff59.xml =>PUP.Optional.LavasoftWebCompanion
IE Restricted Site Good: webcompanion.com =>PUP.Optional.LavasoftWebCompanion
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:Web Companion =>PUP.Optional.LavasoftWebCompanion
[HKEY_USERS\S-1-5-21-863852282-3779898568-481534487-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:Web Companion =>PUP.Optional.LavasoftWebCompanion
HKU\S-1-5-21-863852282-3779898568-481534487-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com =>PUP.Optional.LavasoftWebCompanion
HKCU\Software\Lavasoft\Web Companion =>PUP.Optional.LavasoftWebCompanion
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com =>PUP.Optional.LavasoftWebCompanion
HKLM\SOFTWARE\Wow6432Node\Lavasoft\Web Companion =>PUP.Optional.LavasoftWebCompanion
HKLM\SOFTWARE\Lavasoft\Web Companion =>PUP.Optional.LavasoftWebCompanion
O43 - CFD: 17/09/2018 - [] DC -- C:\Users\zeger\AppData\Local\OneDrive =>PUP.Optional.Y2Go
C:\Program Files (x86)\mumble-g15-helper.exe =>Heuristic.Suspect
C:\Program Files (x86)\mumble.exe =>Heuristic.Suspect
C:\Users\zeger\AppData\Roaming\Mozilla\Firefox\Profiles\h1yfsbip.default-1529087012842\searchplugins\bing-lavasoft-ff59.xml =>PUP.Optional.LavasoftWebCompanion
C:\Users\zeger\AppData\Local\OneDrive =>PUP.Optional.Y2Go
HKU\S-1-5-21-863852282-3779898568-481534487-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com =>PUP.Optional.LavasoftWebCompanion
HKCU\Software\Lavasoft\Web Companion =>PUP.Optional.LavasoftWebCompanion
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com =>PUP.Optional.LavasoftWebCompanion
HKLM\SOFTWARE\Wow6432Node\Lavasoft\Web Companion =>PUP.Optional.LavasoftWebCompanion
HKLM\SOFTWARE\Lavasoft\Web Companion =>PUP.Optional.LavasoftWebCompanion
O4 - HKLM\..\Run: [SynTPEnh] . (. - .) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (.Not File.) =>.SUP.Orphan
O4 - HKLM\..\Run: [Wondershare Helper Compact.exe] . (. - .) -- D:\Programmes\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe (.Not File.) =>.SUP.Orphan
O4 - HKCU\..\Run: [Web Companion] . (. - .) -- D:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe (.Not File.) =>.SUP.Orphan
O4 - HKCU\..\Run: [FACEIT] . (. - .) -- FACEIT.exe =>.SUP.Orphan
O4 - HKUS\S-1-5-21-863852282-3779898568-481534487-1001\..\Run: [Web Companion] . (. - .) -- D:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe (.Not File.) =>.SUP.Orphan
O4 - HKUS\S-1-5-21-863852282-3779898568-481534487-1001\..\Run: [FACEIT] . (. - .) -- FACEIT.exe =>.SUP.Orphan
O4 - GS\CommonDesktop [Public]: Win PC Repair 2018.lnk . (...) D:\Programmes\Win PC Repair 2018 for ZEGERS-NISEN\mpr.exe =>.SUP.WinPCRepair
O42 - Logiciel: Win PC Repair 2018 - (..) [HKLM][64Bits] -- {EA00E6FD-FFBA-40AA-BE1D-F2BC6AF96781}_is1 =>.SUP.WinPCRepair
HKLM\SOFTWARE\Win PC Repair 2018 For ZEGERS-NISEN =>.SUP.WinPCRepair
HKLM\SOFTWARE\wtc-pr =>.SUP.WinTonic
HKCU\SOFTWARE\Win PC Repair 2018 for ZEGERS-NISEN =>.SUP.WinPCRepair
HKU\S-1-5-21-863852282-3779898568-481534487-1001\SOFTWARE\Win PC Repair 2018 for ZEGERS-NISEN =>.SUP.WinPCRepair
O43 - CFD: 12/07/2018 - [] DC -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Win PC Repair 2018 for ZEGERS-NISEN =>.SUP.WinPCRepair
O43 - CFD: 09/08/2018 - [] DC -- C:\ProgramData\pctonics.com =>.SUP.WinTonic
O43 - CFD: 12/07/2018 - [] DC -- C:\ProgramData\Win PC Repair 2018 for ZEGERS-NISEN =>.SUP.WinPCRepair
O43 - CFD: 09/08/2018 - [] DC -- C:\Users\zeger\AppData\Roaming\pctonics.com =>.SUP.WinTonic
O43 - CFD: 12/07/2018 - [] DC -- C:\Users\zeger\AppData\Roaming\Win PC Repair 2018 For ZEGERS-NISEN =>.SUP.WinPCRepair
O108 - CMH1: WinRAR32 [64Bits] - {B41DB860-8EE4-11D2-9906-E49FADC173CA} . (.Orphan.)
O108 - CMH6: WinRAR32 [64Bits] - {B41DB860-8EE4-11D2-9906-E49FADC173CA} . (.Orphan.)
O87 - FAEL: "{3AC669DE-2C3C-4D57-9E3D-F9220ECB3E3B}" [In-None-P6-TRUE] .(...) -- C:\Program Files\Mozilla Firefox\firefox.exe (.not file.) =>.SUP.Orphan
O87 - FAEL: "{3F879E22-3C8D-4450-B8EF-2E5043603BED}" [In-None-P6-TRUE] .(...) -- D:\program files(x86)\bin\cef\cef.win7\steamwebhelper.exe (.not file.) =>.SUP.Orphan
O87 - FAEL: "{14C5A76D-2A56-4A7E-A985-1B4E7D38D4FB}" [In-None-P17-TRUE] .(...) -- D:\program files(x86)\bin\cef\cef.win7\steamwebhelper.exe (.not file.) =>.SUP.Orphan
O87 - FAEL: "{286C0802-7473-4CBF-A628-E0E2DBB3198B}" [In-None-P17-TRUE] .(...) -- D:\Programmes\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe (.not file.) =>.SUP.Orphan
O87 - FAEL: "{F9A000F0-FAE5-4ED7-8048-CB0F97534D76}" [In-None-P6-TRUE] .(...) -- C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (.not file.) =>.SUP.Orphan
O87 - FAEL: "{8844EDA7-8239-430F-BBEA-34CDFA651095}" [In-None-P17-TRUE] .(...) -- C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (.not file.) =>.SUP.Orphan
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Win PC Repair 2018 for ZEGERS-NISEN =>.SUP.WinPCRepair
C:\ProgramData\pctonics.com =>.SUP.WinTonic
C:\ProgramData\Win PC Repair 2018 for ZEGERS-NISEN =>.SUP.WinPCRepair
C:\Users\zeger\AppData\Roaming\pctonics.com =>.SUP.WinTonic
C:\Users\zeger\AppData\Roaming\Win PC Repair 2018 For ZEGERS-NISEN =>.SUP.WinPCRepair
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\WinRAR32 =>.SUP.Orphan
HKLM\Software\Classes\CLSID\{B41DB860-8EE4-11D2-9906-E49FADC173CA} =>.SUP.Orphan
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\WinRAR32 =>.SUP.Orphan
O87 - FAEL: "{7424B664-6A39-46D8-87C6-855F35B1ED8F}" [In-None-P6-TRUE] .(...) -- C:\Users\zeger\AppData\Local\Temp\EpInsNav\DL\3013\Network\EpsonNetSetup\Data\ENEasyApp.exe (.not file.) =>.Temporary file not necessary
O87 - FAEL: "{882936A2-6D12-44DC-BEA8-7B078D1C4AA0}" [In-None-P17-TRUE] .(...) -- C:\Users\zeger\AppData\Local\Temp\EpInsNav\DL\3013\Network\EpsonNetSetup\Data\ENEasyApp.exe (.not file.) =>.Temporary file not necessary
O38 - TASK: {9CD8C765-9B7F-42EF-AFFC-9A8DF883C64E} [64Bits][\Avast Software\Overseer] - (.AVAST Software - Avast Overseer.) -- C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2038320] =>.AVAST Software
C:\WINDOWS\System32\Tasks\Avast Software\Overseer - (.AVAST Software.) -- C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [/from_scheduler:1] =>.AVAST Software
HKLM\SOFTWARE\WOW6432Node\AVAST Software =>.AVAST Software
HKCU\SOFTWARE\Browser Cleanup =>.Avast Software s.r.o
HKU\S-1-5-21-863852282-3779898568-481534487-1001\SOFTWARE\Browser Cleanup =>.Avast Software s.r.o
O43 - CFD: 27/08/2018 - [] DC -- C:\ProgramData\AVAST Software =>.AVAST Software
O43 - CFD: 27/08/2018 - [] DC -- C:\Users\zeger\AppData\Local\AVAST Software =>.AVAST Software
O87 - FAEL: "{F9A000F0-FAE5-4ED7-8048-CB0F97534D76}" [In-None-P6-TRUE] .(...) -- C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (.not file.) =>.SUP.Orphan
O87 - FAEL: "{8844EDA7-8239-430F-BBEA-34CDFA651095}" [In-None-P17-TRUE] .(...) -- C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (.not file.) =>.SUP.Orphan
Fin


---\\  LOGICIEL.  (1)
DESINSTALLER : {EA00E6FD-FFBA-40AA-BE1D-F2BC6AF96781}_is1


---\\  SERVICE.  (0)


---\\  TÂCHE PLANIFIÉE.  (2)
SUPPRIMÉ Redémarrage  Clé  Tasks^: HKLM64\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9CD8C765-9B7F-42EF-AFFC-9A8DF883C64E}
SUPPRIMÉ Redémarrage  Clé  Tasks^: HKLM64\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{9CD8C765-9B7F-42EF-AFFC-9A8DF883C64E}


---\\  NAVIGATEUR INTERNET.  (0)


---\\  EXPLORATEUR ( Dossiers, Fichiers ).  (3)
SUPPRIMÉ Redémarrage  Fichier Temp^: C:\Users\zeger\AppData\Local\Temp\aria-debug-7668.log
DEPLACÉ Fichier Temp*: C:\Users\zeger\AppData\Local\Temp\is-SL2LV.tmp-dbinst
SUPPRIMÉ Redémarrage  Fichier Temp^: C:\Users\zeger\AppData\Local\Temp\~DFE23372EBFB692D59.TMP


---\\  REGISTRE ( Clés, Valeurs, Données ).  (30)
ABSENT Valeur: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run []
ABSENT Valeur: HKEY_USERS\S-1-5-21-863852282-3779898568-481534487-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run []
ABSENT Valeur Run: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ [C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (.Not File.)]
ABSENT Valeur Run: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ [D:\Programmes\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe (.Not File.)]
ABSENT Valeur Run: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ [D:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe (.Not File.)]
ABSENT Valeur Run: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ [FACEIT.exe]
ABSENT Valeur Run: HKU\S-1-5-21-863852282-3779898568-481534487-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ [D:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe (.Not File.)]
ABSENT Valeur Run: HKU\S-1-5-21-863852282-3779898568-481534487-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ [FACEIT.exe]
ABSENT Valeur FirewallRules: HKLM\SYSTEM\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules [{3AC669DE-2C3C-4D57-9E3D-F9220ECB3E3B}]
ABSENT Valeur FirewallRules: HKLM\SYSTEM\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules [{3F879E22-3C8D-4450-B8EF-2E5043603BED}]
ABSENT Valeur FirewallRules: HKLM\SYSTEM\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules [{14C5A76D-2A56-4A7E-A985-1B4E7D38D4FB}]
ABSENT Valeur FirewallRules: HKLM\SYSTEM\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules [{286C0802-7473-4CBF-A628-E0E2DBB3198B}]
ABSENT Valeur FirewallRules: HKLM\SYSTEM\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules [{F9A000F0-FAE5-4ED7-8048-CB0F97534D76}]
ABSENT Valeur FirewallRules: HKLM\SYSTEM\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules [{8844EDA7-8239-430F-BBEA-34CDFA651095}]
ABSENT Valeur FirewallRules: HKLM\SYSTEM\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules [{7424B664-6A39-46D8-87C6-855F35B1ED8F}]
ABSENT Valeur FirewallRules: HKLM\SYSTEM\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules [{882936A2-6D12-44DC-BEA8-7B078D1C4AA0}]
~ EmptyProxy: Aucune modification.
SUPPRIMÉ Valeur: Web Companion [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]
SUPPRIMÉ Valeur: Web Companion [HKEY_USERS\S-1-5-21-863852282-3779898568-481534487-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]
SUPPRIMÉ Valeur  Run: Wondershare Helper Compact.exe [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\]
SUPPRIMÉ Valeur  Run: Web Companion [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\]
SUPPRIMÉ Valeur  Run: FACEIT [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\]
SUPPRIMÉ Valeur  FirewallRules: {3AC669DE-2C3C-4D57-9E3D-F9220ECB3E3B} [HKLM\SYSTEM\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules]
SUPPRIMÉ Valeur  FirewallRules: {3F879E22-3C8D-4450-B8EF-2E5043603BED} [HKLM\SYSTEM\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules]
SUPPRIMÉ Valeur  FirewallRules: {14C5A76D-2A56-4A7E-A985-1B4E7D38D4FB} [HKLM\SYSTEM\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules]
SUPPRIMÉ Valeur  FirewallRules: {286C0802-7473-4CBF-A628-E0E2DBB3198B} [HKLM\SYSTEM\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules]
SUPPRIMÉ Valeur  FirewallRules: {F9A000F0-FAE5-4ED7-8048-CB0F97534D76} [HKLM\SYSTEM\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules]
SUPPRIMÉ Valeur  FirewallRules: {8844EDA7-8239-430F-BBEA-34CDFA651095} [HKLM\SYSTEM\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules]
SUPPRIMÉ Valeur  FirewallRules: {7424B664-6A39-46D8-87C6-855F35B1ED8F} [HKLM\SYSTEM\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules]
SUPPRIMÉ Valeur  FirewallRules: {882936A2-6D12-44DC-BEA8-7B078D1C4AA0} [HKLM\SYSTEM\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules]


---\\  COMMANDE.  (5)
~ EmptyCSID: Dossiers CLSID vides supprimés  (0)
~ EmptyFlash: Fichiers Temporaires supprimés. (2)
~ EmptyTemp: Dossier Local temp partiellement vidé  (3)
~ EmptyTracing: Clés tracing supprimées (12)
~ EmptyPrefetch: Fichiers Prefetcher supprimés (10)


---\\  NON TRAITÉ.  (1)
IE Restricted Site Good: webcompanion.com 

~ Le système a été redémarré.

***** ~ Fin de rapport terminé en 00h00mn16s