~ ZHPFix v2019.5.27.75 by Nicolas Coolman (2019/05/27) ~ Run by Muriel (Administrator) (28/05/2019 23:32:27) ~ Web: https://www.nicolascoolman.com ~ Blog: https://nicolascoolman.eu/ ~ Certificate ZHPFix: Legal ~ State version : Version OK ~ Report : C:\Users\Muriel\Desktop\ZHPFix.txt ~ Quarantine : HKCU\SOFTWARE\ZHP\ZHPFix\Quarantine\ ~ UAC : Activate ~ Boot Mode : Normal (Normal boot) Windows 8.1, 64-bit (Build 9600) ---\\ SCRIPT DE L'UTILISATEUR. (46) Script ZHPFix EmptyCLSID Emptytemp EmptyFlash HKLM\SOFTWARE\Microsoft\Tracing\winwb_RASAPI32 HKLM\SOFTWARE\Microsoft\Tracing\winwb_RASMANCS HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\winwb_RASAPI32 HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\winwb_RASMANCS O4 - HKLM\..\Run: [WindowsDefender] . (. - .) -- C:\Program Files\Windows Defender\MSASCuiL.exe (.Not File.) HKCU\Software\undefined HKLM\SOFTWARE\Microsoft\RADAR\HeapLeakDetection\DiagnosedApplications\ByteFence.exe O43 - CFD: 16/05/2019 - [] D -- C:\ProgramData\ByteFence HKLM\SOFTWARE\Microsoft\Tracing\ByteFenceService_RASAPI32 HKLM\SOFTWARE\Microsoft\Tracing\ByteFenceService_RASMANCS HKLM\SOFTWARE\Microsoft\Tracing\ByteFence_RASAPI32 HKLM\SOFTWARE\Microsoft\Tracing\ByteFence_RASMANCS C:\ProgramData\ByteFence HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\ByteFenceService_RASAPI32 HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\ByteFenceService_RASMANCS HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\ByteFence_RASAPI32 HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\ByteFence_RASMANCS HKCU\Software\undefined HKLM\SOFTWARE\Microsoft\RADAR\HeapLeakDetection\DiagnosedApplications\ByteFence.exe O38 - TASK: {FFC2BE63-96B5-4FD6-B213-09A0B0BAAD82} [64Bits][\Avast Software\Overseer] - (.AVAST Software - Avast Overseer.) -- C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2380088] C:\WINDOWS\System32\Tasks\Avast Software\Overseer - (.AVAST Software.) -- C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [/from_scheduler:1] P2 - EXT FILE: (.Avast Online Security - Avast Browser Security and Web Reputat.) -- C:\Users\Muriel\AppData\Roaming\Mozilla\Firefox\Profiles\n900rrqj.default-1487627897734-1548839344270\extensions\wrc@avast.com.xpi P2 - EXT FILE: (.Avast Online Security - Avast Browser Security and Web Reputat.) -- C:\Users\Muriel\AppData\Roaming\Mozilla\Firefox\Profiles\t8gqz5ow.default-1487627897734-1500732197959-1500732503515\extensions\wrc@avast.com.xpi P2 - EXT FILE: (.Avast Online Security - Avast Browser Security and Web Reputat.) -- C:\Users\Muriel\AppData\Roaming\Mozilla\Firefox\Profiles\4zaqny0h.default-1487627897734-1498146508251\extensions\wrc@avast.com.xpi HKLM\SOFTWARE\AVAST Software HKLM\SOFTWARE\WOW6432Node\AVAST Software HKCU\SOFTWARE\Browser Cleanup O43 - CFD: 16/05/2019 - [] D -- C:\ProgramData\AVAST Software HKLM\SOFTWARE\ESET HKLM\SOFTWARE\WOW6432Node\Eset HKCU\SOFTWARE\ESET O43 - CFD: 07/01/2019 - [] D -- C:\Users\Muriel\AppData\Local\ESET HKLM\SOFTWARE\HitmanPro O43 - CFD: 21/02/2017 - [] D -- C:\ProgramData\HitmanPro HKLM\SOFTWARE\Google HKLM\SOFTWARE\WOW6432Node\Google HKLM\SOFTWARE\Chromium HKCU\SOFTWARE\Chromium cmd: ipconfig /flushdns cmd: netsh winsock reset cmd: netsh advfirewall reset cmd: Netsh advfirewall set allprofiles state on ---\\ LOGICIEL. (0) ---\\ SERVICE. (0) ---\\ TÂCHE PLANIFIÉE. (2) SUPPRIMÉ Redémarrage Clé Tasks^: HKLM64\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FFC2BE63-96B5-4FD6-B213-09A0B0BAAD82} SUPPRIMÉ Redémarrage Clé Tasks^: HKLM64\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{FFC2BE63-96B5-4FD6-B213-09A0B0BAAD82} ---\\ NAVIGATEUR INTERNET. (3) DEPLACÉ Fichier Firefox: C:\Users\Muriel\AppData\Roaming\Mozilla\Firefox\Profiles\n900rrqj.default-1487627897734-1548839344270\extensions\wrc@avast.com.xpi DEPLACÉ Fichier Firefox: C:\Users\Muriel\AppData\Roaming\Mozilla\Firefox\Profiles\t8gqz5ow.default-1487627897734-1500732197959-1500732503515\extensions\wrc@avast.com.xpi DEPLACÉ Fichier Firefox: C:\Users\Muriel\AppData\Roaming\Mozilla\Firefox\Profiles\4zaqny0h.default-1487627897734-1498146508251\extensions\wrc@avast.com.xpi ---\\ EXPLORATEUR ( Dossiers, Fichiers ). (12) DEPLACÉ Fichier Temp: C:\Users\Muriel\AppData\Local\Temp\AdobeARM.log DEPLACÉ Fichier Temp: C:\Users\Muriel\AppData\Local\Temp\MSIa1498.LOG DEPLACÉ Fichier Temp: C:\Users\Muriel\AppData\Local\Temp\MSIa149b.LOG DEPLACÉ Fichier Temp: C:\Users\Muriel\AppData\Local\Temp\MSIec72b.LOG DEPLACÉ Fichier Temp: C:\Users\Muriel\AppData\Local\Temp\MSIec72e.LOG DEPLACÉ Fichier Temp: C:\Users\Muriel\AppData\Local\Temp\TWAIN.LOG SUPPRIMÉ Redémarrage Fichier Temp^: C:\Users\Muriel\AppData\Local\Temp\~DFC0A8A2931FCE2EC2.TMP SUPPRIMÉ Dossier : C:\ProgramData\ByteFence DEPLACÉ Fichier Tasks: C:\WINDOWS\System32\Tasks\Avast Software\Overseer SUPPRIMÉ Dossier : C:\ProgramData\AVAST Software SUPPRIMÉ Dossier : C:\Users\Muriel\AppData\Local\ESET SUPPRIMÉ Dossier : C:\ProgramData\HitmanPro ---\\ REGISTRE ( Clés, Valeurs, Données ). (28) SUPPRIMÉ Clé Tracing: HKLM\SOFTWARE\Microsoft\Tracing\winwb_RASAPI32 [winwb_RASAPI32] SUPPRIMÉ Clé Tracing: HKLM\SOFTWARE\Microsoft\Tracing\winwb_RASMANCS [winwb_RASMANCS] ABSENT Clé Tracing: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\winwb_RASAPI32 ABSENT Clé Tracing: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\winwb_RASMANCS ABSENT Valeur Run: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ [C:\Program Files\Windows Defender\MSASCuiL.exe (.Not File.)] SUPPRIMÉ Clé: HKCU\Software\undefined [undefined] SUPPRIMÉ Clé: HKLM\SOFTWARE\Microsoft\RADAR\HeapLeakDetection\DiagnosedApplications\ByteFence.exe [ByteFence.exe] SUPPRIMÉ Clé Tracing: HKLM\SOFTWARE\Microsoft\Tracing\ByteFenceService_RASAPI32 [ByteFenceService_RASAPI32] SUPPRIMÉ Clé Tracing: HKLM\SOFTWARE\Microsoft\Tracing\ByteFenceService_RASMANCS [ByteFenceService_RASMANCS] SUPPRIMÉ Clé Tracing: HKLM\SOFTWARE\Microsoft\Tracing\ByteFence_RASAPI32 [ByteFence_RASAPI32] SUPPRIMÉ Clé Tracing: HKLM\SOFTWARE\Microsoft\Tracing\ByteFence_RASMANCS [ByteFence_RASMANCS] ABSENT Clé Tracing: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\ByteFenceService_RASAPI32 ABSENT Clé Tracing: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\ByteFenceService_RASMANCS ABSENT Clé Tracing: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\ByteFence_RASAPI32 ABSENT Clé Tracing: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\ByteFence_RASMANCS ABSENT Clé: HKCU\Software\undefined ABSENT Clé: HKLM\SOFTWARE\Microsoft\RADAR\HeapLeakDetection\DiagnosedApplications\ByteFence.exe SUPPRIMÉ Clé: HKLM\SOFTWARE\AVAST Software [AVAST Software] ABSENT Clé: HKLM\SOFTWARE\WOW6432Node\AVAST Software SUPPRIMÉ Clé: HKCU\SOFTWARE\Browser Cleanup [Browser Cleanup] SUPPRIMÉ Clé: HKLM\SOFTWARE\ESET [ESET] SUPPRIMÉ Clé: HKLM\SOFTWARE\WOW6432Node\Eset [Eset] SUPPRIMÉ Clé: HKCU\SOFTWARE\ESET [ESET] SUPPRIMÉ Clé: HKLM\SOFTWARE\HitmanPro [HitmanPro] SUPPRIMÉ Clé: HKLM\SOFTWARE\Google [Google] SUPPRIMÉ Clé: HKLM\SOFTWARE\WOW6432Node\Google [Google] SUPPRIMÉ Clé: HKLM\SOFTWARE\Chromium [Chromium] SUPPRIMÉ Clé: HKCU\SOFTWARE\Chromium [Chromium] ---\\ COMMANDE. (7) ~ EmptyCSID: Dossiers CLSID vides supprimés (0) ~ EmptyTemp: Dossier Local temp partiellement vidé (7) ~ EmptyFlash: Dossier FlashPlayer vide. ~ Command spéciale exécutée avec succès: ipconfig /flushdns ~ Command spéciale exécutée avec succès: netsh winsock reset ~ Command spéciale exécutée avec succès: netsh advfirewall reset ~ Command spéciale exécutée avec succès: Netsh advfirewall set allprofiles state on ---\\ NON TRAITÉ. (0) ~ Le système a été redémarré. ***** ~ Fin de rapport terminé en 00h00mn49s