~ ZHPFix v2019.1.22.11 by Nicolas Coolman (2019/01/22) ~ Run by kelia (Administrator) (24/01/2019 14:56:11) ~ Web: https://www.nicolascoolman.com ~ Blog: https://nicolascoolman.eu/ ~ Certificate ZHPFix: Legal ~ State version : Version OK ~ Report : C:\Users\kelia\Desktop\ZHPFix.txt ~ Quarantine : HKCU\SOFTWARE\ZHP\ZHPFix\Quarantine\ ~ UAC : Activate ~ Boot Mode : Normal (Normal boot) Windows 7 Home Premium, 64-bit Service Pack 1 (Build 7601) ---\\ SCRIPT DE L'UTILISATEUR. (49) Script Zhpfix O4 - HKCU\..\Run: [Spotify] . (. - .) -- --minimized. O4 - HKUS\S-1-5-21-2779949866-2437069981-3901367814-1000\..\Run: [Spotify] . (. - .) -- --minimized. G2 - GCE: Preference [kelia][User Data\Default] [mplamgaojjgfaelahmmmbmhnlfhcfamb] G2 - GCE: Preference [kelia][User Data\Default] [idhkmcfanijhphphomamdkaejjadkhgn] Headie G2 - GCE: Preference [kelia][User Data\Default] [nahhmpbckpgdidfnmfkfgiflpjijilce] Search Manager G2 - GCE: Preference [kelia][User Data\Default] [pilplloabdedfmialnfchjomjmpjcoej] Search Manager O4 - GS\Desktop [Administrateur]: ByteFence Anti-Malware.lnk . (...) C:\Program Files (x86)\ByteFence\ByteFence.exe O4 - GS\Desktop [kelia]: ByteFence Anti-Malware.lnk . (...) C:\Program Files (x86)\ByteFence\ByteFence.exe O4 - GS\CommonDesktop [Public]: Win Tonic.lnk . (.pctonics.com - .) C:\Program Files (x86)\Win Tonic\wtc.exe HKEY_USERS\S-1-5-21-2779949866-2437069981-3901367814-1000\Software\csastats HKCU\Software\pctonics.com HKCU\Software\csastats HKCU\Software\undefined HKLM\System\CurrentControlSet\Services\EventLog\Reason\ReasonByteFence HKLM\SOFTWARE\pctonics.com HKLM\SOFTWARE\WebBar HKLM\SOFTWARE\wtc-pr HKCU\SOFTWARE\ByteFence HKU\S-1-5-21-2779949866-2437069981-3901367814-1000\SOFTWARE\ByteFence HKU\S-1-5-21-2779949866-2437069981-3901367814-1000\SOFTWARE\pctonics.com HKLM\SOFTWARE\Microsoft\Tracing\ByteFenceService_RASAPI32 HKLM\SOFTWARE\Microsoft\Tracing\ByteFenceService_RASMANCS HKLM\SOFTWARE\Microsoft\Tracing\ByteFence_RASAPI32 HKLM\SOFTWARE\Microsoft\Tracing\ByteFence_RASMANCS [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION]:ByteFence.exe C:\Users\kelia\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\mplamgaojjgfaelahmmmbmhnlfhcfamb C:\Users\kelia\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\idhkmcfanijhphphomamdkaejjadkhgn C:\Users\kelia\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\nahhmpbckpgdidfnmfkfgiflpjijilce C:\Users\kelia\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\pilplloabdedfmialnfchjomjmpjcoej C:\Program Files\Win Tonic C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Win Tonic C:\ProgramData\pctonics.com C:\Users\kelia\AppData\Roaming\pctonics.com HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\ByteFenceService_RASAPI32 HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\ByteFenceService_RASMANCS HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\ByteFence_RASAPI32 HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\ByteFence_RASMANCS C:\Users\kelia\AppData\Local\Google\Chrome\User Data\Default\File System\000 C:\Users\kelia\AppData\Local\Google\Chrome\User Data\Default\File System\001 C:\Users\kelia\AppData\Local\Google\Chrome\User Data\Default\File System\002 HKEY_USERS\S-1-5-21-2779949866-2437069981-3901367814-1000\Software\csastats HKCU\Software\pctonics.com HKCU\Software\csastats HKCU\Software\undefined HKLM\System\CurrentControlSet\Services\EventLog\Reason\ReasonByteFence EmptyPrefetch Emptytemp EmptyClsid ---\\ LOGICIEL. (0) ---\\ SERVICE. (0) ---\\ TÂCHE PLANIFIÉE. (0) ---\\ NAVIGATEUR INTERNET. (1) SUPPRIMÉ Dossier Chrome: C:\Users\kelia\AppData\Local\Google\Chrome\User Data\Default\Extensions\ ---\\ EXPLORATEUR ( Dossiers, Fichiers ). (24) DEPLACÉ Fichier Shortcut: C:\Users\kelia\Desktop\ByteFence Anti-Malware.lnk DEPLACÉ Fichier Shortcut: C:\Users\Public\Desktop\Win Tonic.lnk SUPPRIMÉ Dossier : C:\Program Files\Win Tonic SUPPRIMÉ Dossier : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Win Tonic SUPPRIMÉ Dossier : C:\ProgramData\pctonics.com SUPPRIMÉ Dossier : C:\Users\kelia\AppData\Roaming\pctonics.com SUPPRIMÉ Dossier : C:\Users\kelia\AppData\Local\Google\Chrome\User Data\Default\File System\000 SUPPRIMÉ Dossier : C:\Users\kelia\AppData\Local\Google\Chrome\User Data\Default\File System\001 SUPPRIMÉ Dossier : C:\Users\kelia\AppData\Local\Google\Chrome\User Data\Default\File System\002 DEPLACÉ Fichier Temp: C:\Users\kelia\AppData\Local\Temp\adobegc.log SUPPRIMÉ Redémarrage Fichier Temp^: C:\Users\kelia\AppData\Local\Temp\AdobeIPCBroker.log DEPLACÉ Fichier Temp: C:\Users\kelia\AppData\Local\Temp\assistant_installer_20190124071835.log SUPPRIMÉ Redémarrage Fichier Temp^: C:\Users\kelia\AppData\Local\Temp\oobelib.log SUPPRIMÉ Redémarrage Fichier Temp^: C:\Users\kelia\AppData\Local\Temp\PDApp.log DEPLACÉ Fichier Temp: C:\Users\kelia\AppData\Local\Temp\dat5B1A.tmp DEPLACÉ Fichier Temp: C:\Users\kelia\AppData\Local\Temp\dat7530.tmp DEPLACÉ Fichier Temp: C:\Users\kelia\AppData\Local\Temp\dat7550.tmp DEPLACÉ Fichier Temp: C:\Users\kelia\AppData\Local\Temp\dat7570.tmp DEPLACÉ Fichier Temp: C:\Users\kelia\AppData\Local\Temp\dat7590.tmp DEPLACÉ Fichier Temp: C:\Users\kelia\AppData\Local\Temp\dat75A1.tmp DEPLACÉ Fichier Temp: C:\Users\kelia\AppData\Local\Temp\_iu14D2N.tmp SUPPRIMÉ Redémarrage Fichier Temp^: C:\Users\kelia\AppData\Local\Temp\~DF1BABD5041EB8C0B6.TMP SUPPRIMÉ Redémarrage Fichier Temp^: C:\Users\kelia\AppData\Local\Temp\FXSAPIDebugLogFile.txt SUPPRIMÉ Dossier EmptyCLSID: C:\Users\kelia\AppData\Local\{F821CE7D-DC89-A2C5-B111-872D95797BB5} ---\\ REGISTRE ( Clés, Valeurs, Données ). (9) SUPPRIMÉ Valeur Run: Spotify [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\] ABSENT Valeur Run: HKU\S-1-5-21-2779949866-2437069981-3901367814-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ [--minimized.] SUPPRIMÉ Clé: HKEY_USERS\S-1-5-21-2779949866-2437069981-3901367814-1000\Software\csastats [csastats] SUPPRIMÉ Clé: HKCU\Software\pctonics.com [pctonics.com] SUPPRIMÉ Clé: HKCU\Software\undefined [undefined] SUPPRIMÉ Clé: HKLM\System\CurrentControlSet\Services\EventLog\Reason\ReasonByteFence [ReasonByteFence] SUPPRIMÉ Clé: HKCU\SOFTWARE\ByteFence [ByteFence] SUPPRIMÉ Valeur : ByteFence.exe [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION] SUPPRIMÉ Valeur: ByteFence.exe [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION] ---\\ COMMANDE. (3) ~ EmptyPrefetch: Fichiers Prefetcher supprimés (130) ~ EmptyTemp: Dossier Local temp partiellement vidé (14) ~ EmptyCSID: Dossiers CLSID vides supprimés (1) ---\\ NON TRAITÉ. (0) ~ Le système a été redémarré. ***** ~ Fin de rapport terminé en 00h00mn23s