Publicité
Publicité
Format du document : text/plain
Prévisualisation
~ ZHPFix v2018.10.24.186 by Nicolas Coolman (2018/10/24)
~ Run by Robert (Administrator) (10/11/2018 23:28:54)
~ Web: https://www.nicolascoolman.com
~ Blog: https://nicolascoolman.eu/
~ Certificate ZHPFix: Legal
~ State version : Version KO
~ Report : C:\Users\Robert\Desktop\ZHPFix.txt
~ Quarantine : HKCU\SOFTWARE\ZHP\ZHPFix\Quarantine\
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
Windows 7 Home Premium, 64-bit Service Pack 1 (Build 7601)
---\\ SCRIPT DE L'UTILISATEUR. (67)
Script ZHPFix
EmptyCLSID
EmptyFlash
EmptyTemp
EmptyTracing
EmptyPrefetch
EmptyProxy
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION]:BackgroundHost.exe
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_MOVESIZECHILD]:BackgroundHost.exe
HKLM\SOFTWARE\ParetoLogic
HKLM\SOFTWARE\WOW6432Node\ParetoLogic
HKCU\SOFTWARE\ParetoLogic
HKU\S-1-5-21-2394481133-3388255614-3702019550-1001\SOFTWARE\ParetoLogic
O43 - CFD: 15/05/2018 - [0] D -- C:\Users\Robert\AppData\Roaming\ParetoLogic
O108 - CMH1: 7-Zip [64Bits] - {23170F69-40C1-278A-1000-000100020000} . (.Orphan.)
O108 - CMH4: 7-Zip [64Bits] - {23170F69-40C1-278A-1000-000100020000} . (.Orphan.)
O108 - CMH6: 7-Zip [64Bits] - {23170F69-40C1-278A-1000-000100020000} . (.Orphan.)
O87 - FAEL: "TCP Query User{6C1C4F04-5C53-432A-9661-EBCCB0EACB1B}C:\program files (x86)\skype\phone\skype.exe" [In-None-P6-TRUE] .(...) -- C:\program files (x86)\skype\phone\skype.exe (.not file.)
O87 - FAEL: "UDP Query User{F7A9D433-BCEA-4D48-9EB5-900726F67CB0}C:\program files (x86)\skype\phone\skype.exe" [In-None-P17-TRUE] .(...) -- C:\program files (x86)\skype\phone\skype.exe (.not file.)
O87 - FAEL: "{22A5F8FB-3716-465B-9171-C43E0858C5D2}" [In-None-P17-TRUE] .(...) -- C:\program files (x86)\skype\phone\skype.exe (.not file.)
O87 - FAEL: "{D6EEA6BE-17FA-455D-A6E8-80E3CE4AB10F}" [In-None-P6-TRUE] .(...) -- C:\program files (x86)\skype\phone\skype.exe (.not file.)
O87 - FAEL: "{B37D8458-FEE6-4ED2-AE2D-E4041791310D}" [In-None-P6-TRUE] .(...) -- C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (.not file.)
O87 - FAEL: "{77077CFE-22C0-4E06-A93F-22F8FFB26EB9}" [In-None-P17-TRUE] .(...) -- C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (.not file.)
C:\Users\Robert\AppData\Roaming\ParetoLogic
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\7-Zip
HKLM\Software\Classes\CLSID\{23170F69-40C1-278A-1000-000100020000}
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\WinZip
HKLM\Software\Classes\CLSID\{E0D79304-84BE-11CE-9641-444553540000}
HKLM\Software\Wow6432Node\Classes\CLSID\{E0D79304-84BE-11CE-9641-444553540000}
HKLM\Software\Classes\lnkfile\shellex\ContextMenuHandlers\WinZip
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\7-Zip
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\WinZip
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\7-Zip
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\WinZip
O108 - CMH1: WinZip [64Bits] - {E0D79304-84BE-11CE-9641-444553540000} . (...) -- C:\Program Files (x86)\WinZip\wzshls64.dll (.not file.)
O108 - CMH2: WinZip [64Bits] - {E0D79304-84BE-11CE-9641-444553540000} . (...) -- C:\Program Files (x86)\WinZip\wzshls64.dll (.not file.)
O108 - CMH4: WinZip [64Bits] - {E0D79304-84BE-11CE-9641-444553540000} . (...) -- C:\Program Files (x86)\WinZip\wzshls64.dll (.not file.)
O108 - CMH6: WinZip [64Bits] - {E0D79304-84BE-11CE-9641-444553540000} . (...) -- C:\Program Files (x86)\WinZip\wzshls64.dll (.not file.)
O53 - SMSR:HKLM\...\startupreg\Skype [Key] [64Bits] . (...) -- C:\Program Files (x86)\Skype\Phone\Skype.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\Skype for Desktop [Key] [64Bits] . (...) -- C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (.not file.)
O23 - Service: Skype Updater (SkypeUpdate) . (...) - C:\Program Files (x86)\Skype\Updater\Updater.exe (.not file.)
O17 - HKLM\System\CCS\Services\Tcpip\..\{D667C836-3AC5-484A-B0F1-5EC8E68B121C}: DhcpNameServer = 192.168.42.129 =>.Local IP Adress
O38 - TASK: {F25672E2-9252-4BE9-A977-54A7F81FAA33} [64Bits][\Avast Software\Overseer] - (.AVAST Software - Avast Overseer.) -- C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2038320]
C:\Windows\System32\Tasks\Avast Software\Overseer - (.AVAST Software.) -- C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [/from_scheduler:1]
O4 - GS\Quicklaunch [Administrateur]: Avast Secure Browser.lnk . (...) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe --check-run=src=quicklaunch
O4 - GS\Quicklaunch [Robert]: Avast Secure Browser.lnk . (...) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe --check-run=src=quicklaunch
HKLM\SOFTWARE\AVAST Software
HKLM\SOFTWARE\WOW6432Node\AVAST Software
HKCU\SOFTWARE\Avast Software
HKCU\SOFTWARE\Browser Cleanup
HKU\.DEFAULT\SOFTWARE\AVAST Software
HKU\.DEFAULT\SOFTWARE\Browser Cleanup
HKU\S-1-5-21-2394481133-3388255614-3702019550-1001\SOFTWARE\Avast Software
HKU\S-1-5-21-2394481133-3388255614-3702019550-1001\SOFTWARE\Browser Cleanup
O43 - CFD: 10/11/2018 - [] D -- C:\ProgramData\AVAST Software
O43 - CFD: 10/11/2018 - [] D -- C:\Users\Robert\AppData\Local\AVAST Software
O43 - CFD: 16/04/2018 - [] -- C:\Windows\System32\Config\systemprofile\AppData\Local\AVAST Software
O87 - FAEL: "{B37D8458-FEE6-4ED2-AE2D-E4041791310D}" [In-None-P6-TRUE] .(...) -- C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (.not file.)
O87 - FAEL: "{77077CFE-22C0-4E06-A93F-22F8FFB26EB9}" [In-None-P17-TRUE] .(...) -- C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (.not file.)
HKLM\SOFTWARE\Eset
HKLM\SOFTWARE\WOW6432Node\Eset
HKLM\SOFTWARE\WildTangent
HKLM\SOFTWARE\WOW6432Node\WildTangent
O43 - CFD: 07/08/2013 - [] D -- C:\ProgramData\WildTangent
O43 - CFD: 07/08/2013 - [] D -- C:\Users\Robert\AppData\Roaming\WildTangent
O43 - CFD: 01/08/2013 - [] -- C:\Windows\System32\Config\systemprofile\AppData\Roaming\WildTangent
O43 - CFD: 05/08/2013 - [] -- C:\Windows\System32\Config\systemprofile\AppData\Roaming\McAfee
---\\ LOGICIEL. (0)
---\\ SERVICE. (0)
---\\ TÂCHE PLANIFIÉE. (2)
SUPPRIMÉ Redémarrage Clé Tasks^: HKLM64\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F25672E2-9252-4BE9-A977-54A7F81FAA33}
SUPPRIMÉ Redémarrage Clé Tasks^: HKLM64\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{F25672E2-9252-4BE9-A977-54A7F81FAA33}
---\\ NAVIGATEUR INTERNET. (0)
---\\ EXPLORATEUR ( Dossiers, Fichiers ). (19)
SUPPRIMÉ Dossier EmptyCLSID: C:\Users\Robert\AppData\Local\{63C5EFA4-B9C5-42F2-97A3-D8245B2FB3D7}
SUPPRIMÉ Dossier EmptyCLSID: C:\Users\Robert\AppData\Local\{7F9B4F3B-642E-45F6-BBB5-AAA0E73FA0AD}
DEPLACÉ Fichier Temp: C:\Users\Robert\AppData\Local\Temp\AdobeARM.log
DEPLACÉ Fichier Temp: C:\Users\Robert\AppData\Local\Temp\AvastBrowser_installer.log
DEPLACÉ Fichier Temp: C:\Users\Robert\AppData\Local\Temp\MSI534e5.LOG
DEPLACÉ Fichier Temp: C:\Users\Robert\AppData\Local\Temp\TWAIN.LOG
DEPLACÉ Fichier Temp: C:\Users\Robert\AppData\Local\Temp\fzupdate_e2a0bcf9a1a7def8.tmp
SUPPRIMÉ Redémarrage Fichier Temp^: C:\Users\Robert\AppData\Local\Temp\~DFD5919F54EB451668.TMP
SUPPRIMÉ Redémarrage Fichier Temp^: C:\Users\Robert\AppData\Local\Temp\~nsu.tmp
SUPPRIMÉ Redémarrage Fichier Temp^: C:\Users\Robert\AppData\Local\Temp\FXSAPIDebugLogFile.txt
DEPLACÉ Fichier Temp: C:\Users\Robert\AppData\Local\Temp\FXSTIFFDebugLogFile.txt
DEPLACÉ Fichier Temp: C:\Users\Robert\AppData\Local\Temp\WER28E3.tmp.appcompat.txt
SUPPRIMÉ Dossier : C:\Users\Robert\AppData\Roaming\ParetoLogic
DEPLACÉ Fichier Tasks: C:\Windows\System32\Tasks\Avast Software\Overseer
DEPLACÉ Fichier Shortcut: C:\Users\Robert\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Avast Secure Browser.lnk
SUPPRIMÉ Dossier : C:\ProgramData\AVAST Software
SUPPRIMÉ Dossier : C:\Users\Robert\AppData\Local\AVAST Software
SUPPRIMÉ Dossier : C:\ProgramData\WildTangent
SUPPRIMÉ Dossier : C:\Users\Robert\AppData\Roaming\WildTangent
---\\ REGISTRE ( Clés, Valeurs, Données ). (28)
SUPPRIMÉ Clé: HKLM\SOFTWARE\ParetoLogic [ParetoLogic]
SUPPRIMÉ Clé: HKCU\SOFTWARE\ParetoLogic [ParetoLogic]
SUPPRIMÉ Valeur FirewallRules: TCP Query User{6C1C4F04-5C53-432A-9661-EBCCB0EACB1B}C:\program files (x86)\skype\phone\skype.exe [HKLM\SYSTEM\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules]
SUPPRIMÉ Valeur FirewallRules: UDP Query User{F7A9D433-BCEA-4D48-9EB5-900726F67CB0}C:\program files (x86)\skype\phone\skype.exe [HKLM\SYSTEM\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules]
SUPPRIMÉ Valeur FirewallRules: {22A5F8FB-3716-465B-9171-C43E0858C5D2} [HKLM\SYSTEM\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules]
SUPPRIMÉ Valeur FirewallRules: {D6EEA6BE-17FA-455D-A6E8-80E3CE4AB10F} [HKLM\SYSTEM\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules]
SUPPRIMÉ Valeur FirewallRules: {B37D8458-FEE6-4ED2-AE2D-E4041791310D} [HKLM\SYSTEM\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules]
SUPPRIMÉ Valeur FirewallRules: {77077CFE-22C0-4E06-A93F-22F8FFB26EB9} [HKLM\SYSTEM\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules]
SUPPRIMÉ Clé: HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\WinZip [WinZip]
SUPPRIMÉ Clé: HKLM\Software\Classes\CLSID\{E0D79304-84BE-11CE-9641-444553540000} [{E0D79304-84BE-11CE-9641-444553540000}]
SUPPRIMÉ Clé: HKLM\Software\Classes\lnkfile\shellex\ContextMenuHandlers\WinZip [WinZip]
SUPPRIMÉ Clé: HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\WinZip [WinZip]
SUPPRIMÉ Clé: HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\WinZip [WinZip]
SUPPRIMÉ Clé ShareTools: HKLM64\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Skype [No File found]
SUPPRIMÉ Clé ShareTools: HKLM64\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Skype for Desktop [No File found]
REMPLACÉ Donnée TCPIP: 192.168.42.129 [HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{D667C836-3AC5-484A-B0F1-5EC8E68B121C}\\DhcpNameServer]
SUPPRIMÉ Clé: HKLM\SOFTWARE\AVAST Software [AVAST Software]
SUPPRIMÉ Clé: HKCU\SOFTWARE\Avast Software [Avast Software]
SUPPRIMÉ Clé: HKCU\SOFTWARE\Browser Cleanup [Browser Cleanup]
SUPPRIMÉ Clé: HKU\.DEFAULT\SOFTWARE\AVAST Software [AVAST Software]
SUPPRIMÉ Clé: HKU\.DEFAULT\SOFTWARE\Browser Cleanup [Browser Cleanup]
ABSENT Valeur FirewallRules: HKLM\SYSTEM\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules [{B37D8458-FEE6-4ED2-AE2D-E4041791310D}]
ABSENT Valeur FirewallRules: HKLM\SYSTEM\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules [{77077CFE-22C0-4E06-A93F-22F8FFB26EB9}]
SUPPRIMÉ Clé: HKLM\SOFTWARE\Eset [Eset]
SUPPRIMÉ Clé: HKLM\SOFTWARE\WildTangent [WildTangent]
~ EmptyProxy: Aucune modification.
SUPPRIMÉ Valeur: BackgroundHost.exe [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION]
SUPPRIMÉ Valeur: BackgroundHost.exe [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_MOVESIZECHILD]
---\\ COMMANDE. (5)
~ EmptyCSID: Dossiers CLSID vides supprimés (2)
~ EmptyFlash: Dossier FlashPlayer vide.
~ EmptyTemp: Dossier Local temp partiellement vidé (10)
~ EmptyTracing: Clés tracing supprimées (9)
~ EmptyPrefetch: Fichiers Prefetcher supprimés (128)
---\\ NON TRAITÉ. (0)
~ Le système a été redémarré.
***** ~ Fin de rapport terminé en 00h01mn11s
~ Run by Robert (Administrator) (10/11/2018 23:28:54)
~ Web: https://www.nicolascoolman.com
~ Blog: https://nicolascoolman.eu/
~ Certificate ZHPFix: Legal
~ State version : Version KO
~ Report : C:\Users\Robert\Desktop\ZHPFix.txt
~ Quarantine : HKCU\SOFTWARE\ZHP\ZHPFix\Quarantine\
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
Windows 7 Home Premium, 64-bit Service Pack 1 (Build 7601)
---\\ SCRIPT DE L'UTILISATEUR. (67)
Script ZHPFix
EmptyCLSID
EmptyFlash
EmptyTemp
EmptyTracing
EmptyPrefetch
EmptyProxy
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION]:BackgroundHost.exe
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_MOVESIZECHILD]:BackgroundHost.exe
HKLM\SOFTWARE\ParetoLogic
HKLM\SOFTWARE\WOW6432Node\ParetoLogic
HKCU\SOFTWARE\ParetoLogic
HKU\S-1-5-21-2394481133-3388255614-3702019550-1001\SOFTWARE\ParetoLogic
O43 - CFD: 15/05/2018 - [0] D -- C:\Users\Robert\AppData\Roaming\ParetoLogic
O108 - CMH1: 7-Zip [64Bits] - {23170F69-40C1-278A-1000-000100020000} . (.Orphan.)
O108 - CMH4: 7-Zip [64Bits] - {23170F69-40C1-278A-1000-000100020000} . (.Orphan.)
O108 - CMH6: 7-Zip [64Bits] - {23170F69-40C1-278A-1000-000100020000} . (.Orphan.)
O87 - FAEL: "TCP Query User{6C1C4F04-5C53-432A-9661-EBCCB0EACB1B}C:\program files (x86)\skype\phone\skype.exe" [In-None-P6-TRUE] .(...) -- C:\program files (x86)\skype\phone\skype.exe (.not file.)
O87 - FAEL: "UDP Query User{F7A9D433-BCEA-4D48-9EB5-900726F67CB0}C:\program files (x86)\skype\phone\skype.exe" [In-None-P17-TRUE] .(...) -- C:\program files (x86)\skype\phone\skype.exe (.not file.)
O87 - FAEL: "{22A5F8FB-3716-465B-9171-C43E0858C5D2}" [In-None-P17-TRUE] .(...) -- C:\program files (x86)\skype\phone\skype.exe (.not file.)
O87 - FAEL: "{D6EEA6BE-17FA-455D-A6E8-80E3CE4AB10F}" [In-None-P6-TRUE] .(...) -- C:\program files (x86)\skype\phone\skype.exe (.not file.)
O87 - FAEL: "{B37D8458-FEE6-4ED2-AE2D-E4041791310D}" [In-None-P6-TRUE] .(...) -- C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (.not file.)
O87 - FAEL: "{77077CFE-22C0-4E06-A93F-22F8FFB26EB9}" [In-None-P17-TRUE] .(...) -- C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (.not file.)
C:\Users\Robert\AppData\Roaming\ParetoLogic
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\7-Zip
HKLM\Software\Classes\CLSID\{23170F69-40C1-278A-1000-000100020000}
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\WinZip
HKLM\Software\Classes\CLSID\{E0D79304-84BE-11CE-9641-444553540000}
HKLM\Software\Wow6432Node\Classes\CLSID\{E0D79304-84BE-11CE-9641-444553540000}
HKLM\Software\Classes\lnkfile\shellex\ContextMenuHandlers\WinZip
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\7-Zip
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\WinZip
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\7-Zip
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\WinZip
O108 - CMH1: WinZip [64Bits] - {E0D79304-84BE-11CE-9641-444553540000} . (...) -- C:\Program Files (x86)\WinZip\wzshls64.dll (.not file.)
O108 - CMH2: WinZip [64Bits] - {E0D79304-84BE-11CE-9641-444553540000} . (...) -- C:\Program Files (x86)\WinZip\wzshls64.dll (.not file.)
O108 - CMH4: WinZip [64Bits] - {E0D79304-84BE-11CE-9641-444553540000} . (...) -- C:\Program Files (x86)\WinZip\wzshls64.dll (.not file.)
O108 - CMH6: WinZip [64Bits] - {E0D79304-84BE-11CE-9641-444553540000} . (...) -- C:\Program Files (x86)\WinZip\wzshls64.dll (.not file.)
O53 - SMSR:HKLM\...\startupreg\Skype [Key] [64Bits] . (...) -- C:\Program Files (x86)\Skype\Phone\Skype.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\Skype for Desktop [Key] [64Bits] . (...) -- C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (.not file.)
O23 - Service: Skype Updater (SkypeUpdate) . (...) - C:\Program Files (x86)\Skype\Updater\Updater.exe (.not file.)
O17 - HKLM\System\CCS\Services\Tcpip\..\{D667C836-3AC5-484A-B0F1-5EC8E68B121C}: DhcpNameServer = 192.168.42.129 =>.Local IP Adress
O38 - TASK: {F25672E2-9252-4BE9-A977-54A7F81FAA33} [64Bits][\Avast Software\Overseer] - (.AVAST Software - Avast Overseer.) -- C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2038320]
C:\Windows\System32\Tasks\Avast Software\Overseer - (.AVAST Software.) -- C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [/from_scheduler:1]
O4 - GS\Quicklaunch [Administrateur]: Avast Secure Browser.lnk . (...) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe --check-run=src=quicklaunch
O4 - GS\Quicklaunch [Robert]: Avast Secure Browser.lnk . (...) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe --check-run=src=quicklaunch
HKLM\SOFTWARE\AVAST Software
HKLM\SOFTWARE\WOW6432Node\AVAST Software
HKCU\SOFTWARE\Avast Software
HKCU\SOFTWARE\Browser Cleanup
HKU\.DEFAULT\SOFTWARE\AVAST Software
HKU\.DEFAULT\SOFTWARE\Browser Cleanup
HKU\S-1-5-21-2394481133-3388255614-3702019550-1001\SOFTWARE\Avast Software
HKU\S-1-5-21-2394481133-3388255614-3702019550-1001\SOFTWARE\Browser Cleanup
O43 - CFD: 10/11/2018 - [] D -- C:\ProgramData\AVAST Software
O43 - CFD: 10/11/2018 - [] D -- C:\Users\Robert\AppData\Local\AVAST Software
O43 - CFD: 16/04/2018 - [] -- C:\Windows\System32\Config\systemprofile\AppData\Local\AVAST Software
O87 - FAEL: "{B37D8458-FEE6-4ED2-AE2D-E4041791310D}" [In-None-P6-TRUE] .(...) -- C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (.not file.)
O87 - FAEL: "{77077CFE-22C0-4E06-A93F-22F8FFB26EB9}" [In-None-P17-TRUE] .(...) -- C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (.not file.)
HKLM\SOFTWARE\Eset
HKLM\SOFTWARE\WOW6432Node\Eset
HKLM\SOFTWARE\WildTangent
HKLM\SOFTWARE\WOW6432Node\WildTangent
O43 - CFD: 07/08/2013 - [] D -- C:\ProgramData\WildTangent
O43 - CFD: 07/08/2013 - [] D -- C:\Users\Robert\AppData\Roaming\WildTangent
O43 - CFD: 01/08/2013 - [] -- C:\Windows\System32\Config\systemprofile\AppData\Roaming\WildTangent
O43 - CFD: 05/08/2013 - [] -- C:\Windows\System32\Config\systemprofile\AppData\Roaming\McAfee
---\\ LOGICIEL. (0)
---\\ SERVICE. (0)
---\\ TÂCHE PLANIFIÉE. (2)
SUPPRIMÉ Redémarrage Clé Tasks^: HKLM64\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F25672E2-9252-4BE9-A977-54A7F81FAA33}
SUPPRIMÉ Redémarrage Clé Tasks^: HKLM64\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{F25672E2-9252-4BE9-A977-54A7F81FAA33}
---\\ NAVIGATEUR INTERNET. (0)
---\\ EXPLORATEUR ( Dossiers, Fichiers ). (19)
SUPPRIMÉ Dossier EmptyCLSID: C:\Users\Robert\AppData\Local\{63C5EFA4-B9C5-42F2-97A3-D8245B2FB3D7}
SUPPRIMÉ Dossier EmptyCLSID: C:\Users\Robert\AppData\Local\{7F9B4F3B-642E-45F6-BBB5-AAA0E73FA0AD}
DEPLACÉ Fichier Temp: C:\Users\Robert\AppData\Local\Temp\AdobeARM.log
DEPLACÉ Fichier Temp: C:\Users\Robert\AppData\Local\Temp\AvastBrowser_installer.log
DEPLACÉ Fichier Temp: C:\Users\Robert\AppData\Local\Temp\MSI534e5.LOG
DEPLACÉ Fichier Temp: C:\Users\Robert\AppData\Local\Temp\TWAIN.LOG
DEPLACÉ Fichier Temp: C:\Users\Robert\AppData\Local\Temp\fzupdate_e2a0bcf9a1a7def8.tmp
SUPPRIMÉ Redémarrage Fichier Temp^: C:\Users\Robert\AppData\Local\Temp\~DFD5919F54EB451668.TMP
SUPPRIMÉ Redémarrage Fichier Temp^: C:\Users\Robert\AppData\Local\Temp\~nsu.tmp
SUPPRIMÉ Redémarrage Fichier Temp^: C:\Users\Robert\AppData\Local\Temp\FXSAPIDebugLogFile.txt
DEPLACÉ Fichier Temp: C:\Users\Robert\AppData\Local\Temp\FXSTIFFDebugLogFile.txt
DEPLACÉ Fichier Temp: C:\Users\Robert\AppData\Local\Temp\WER28E3.tmp.appcompat.txt
SUPPRIMÉ Dossier : C:\Users\Robert\AppData\Roaming\ParetoLogic
DEPLACÉ Fichier Tasks: C:\Windows\System32\Tasks\Avast Software\Overseer
DEPLACÉ Fichier Shortcut: C:\Users\Robert\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Avast Secure Browser.lnk
SUPPRIMÉ Dossier : C:\ProgramData\AVAST Software
SUPPRIMÉ Dossier : C:\Users\Robert\AppData\Local\AVAST Software
SUPPRIMÉ Dossier : C:\ProgramData\WildTangent
SUPPRIMÉ Dossier : C:\Users\Robert\AppData\Roaming\WildTangent
---\\ REGISTRE ( Clés, Valeurs, Données ). (28)
SUPPRIMÉ Clé: HKLM\SOFTWARE\ParetoLogic [ParetoLogic]
SUPPRIMÉ Clé: HKCU\SOFTWARE\ParetoLogic [ParetoLogic]
SUPPRIMÉ Valeur FirewallRules: TCP Query User{6C1C4F04-5C53-432A-9661-EBCCB0EACB1B}C:\program files (x86)\skype\phone\skype.exe [HKLM\SYSTEM\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules]
SUPPRIMÉ Valeur FirewallRules: UDP Query User{F7A9D433-BCEA-4D48-9EB5-900726F67CB0}C:\program files (x86)\skype\phone\skype.exe [HKLM\SYSTEM\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules]
SUPPRIMÉ Valeur FirewallRules: {22A5F8FB-3716-465B-9171-C43E0858C5D2} [HKLM\SYSTEM\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules]
SUPPRIMÉ Valeur FirewallRules: {D6EEA6BE-17FA-455D-A6E8-80E3CE4AB10F} [HKLM\SYSTEM\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules]
SUPPRIMÉ Valeur FirewallRules: {B37D8458-FEE6-4ED2-AE2D-E4041791310D} [HKLM\SYSTEM\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules]
SUPPRIMÉ Valeur FirewallRules: {77077CFE-22C0-4E06-A93F-22F8FFB26EB9} [HKLM\SYSTEM\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules]
SUPPRIMÉ Clé: HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\WinZip [WinZip]
SUPPRIMÉ Clé: HKLM\Software\Classes\CLSID\{E0D79304-84BE-11CE-9641-444553540000} [{E0D79304-84BE-11CE-9641-444553540000}]
SUPPRIMÉ Clé: HKLM\Software\Classes\lnkfile\shellex\ContextMenuHandlers\WinZip [WinZip]
SUPPRIMÉ Clé: HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\WinZip [WinZip]
SUPPRIMÉ Clé: HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\WinZip [WinZip]
SUPPRIMÉ Clé ShareTools: HKLM64\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Skype [No File found]
SUPPRIMÉ Clé ShareTools: HKLM64\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Skype for Desktop [No File found]
REMPLACÉ Donnée TCPIP: 192.168.42.129 [HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{D667C836-3AC5-484A-B0F1-5EC8E68B121C}\\DhcpNameServer]
SUPPRIMÉ Clé: HKLM\SOFTWARE\AVAST Software [AVAST Software]
SUPPRIMÉ Clé: HKCU\SOFTWARE\Avast Software [Avast Software]
SUPPRIMÉ Clé: HKCU\SOFTWARE\Browser Cleanup [Browser Cleanup]
SUPPRIMÉ Clé: HKU\.DEFAULT\SOFTWARE\AVAST Software [AVAST Software]
SUPPRIMÉ Clé: HKU\.DEFAULT\SOFTWARE\Browser Cleanup [Browser Cleanup]
ABSENT Valeur FirewallRules: HKLM\SYSTEM\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules [{B37D8458-FEE6-4ED2-AE2D-E4041791310D}]
ABSENT Valeur FirewallRules: HKLM\SYSTEM\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules [{77077CFE-22C0-4E06-A93F-22F8FFB26EB9}]
SUPPRIMÉ Clé: HKLM\SOFTWARE\Eset [Eset]
SUPPRIMÉ Clé: HKLM\SOFTWARE\WildTangent [WildTangent]
~ EmptyProxy: Aucune modification.
SUPPRIMÉ Valeur: BackgroundHost.exe [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION]
SUPPRIMÉ Valeur: BackgroundHost.exe [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_MOVESIZECHILD]
---\\ COMMANDE. (5)
~ EmptyCSID: Dossiers CLSID vides supprimés (2)
~ EmptyFlash: Dossier FlashPlayer vide.
~ EmptyTemp: Dossier Local temp partiellement vidé (10)
~ EmptyTracing: Clés tracing supprimées (9)
~ EmptyPrefetch: Fichiers Prefetcher supprimés (128)
---\\ NON TRAITÉ. (0)
~ Le système a été redémarré.
***** ~ Fin de rapport terminé en 00h01mn11s