cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

~ ZHPFix v2020.3.9.19 by Nicolas Coolman (2020/03/09)
~ Run by Oscar (Administrator) (12/03/2020 17:54:40)
~ Web: https://www.nicolascoolman.com
~ Blog: https://nicolascoolman.eu/
~ Report : C:\Users\Oscar\Desktop\ZHPFix.txt
~ Quarantine : HKCU\SOFTWARE\ZHP\ZHPFix\Quarantine\
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
Windows 10 Home, 64-bit (Build 17134)



---\\ SCRIPT DE L'UTILISATEUR. (51)
Script ZHPFix
CreateRestorePoint
EmptyProxy
EmptyPrefetch
EmptyCLSID
EmptyFlash
EmptyTemp
EmptyTracing
SR - Demand [11/09/2018] [ 25608] SWDUMon (SWDUMon) . (.SlimWare Utilities, Inc..) - C:\WINDOWS\System32\DRIVERS\SWDUMon.sys =>.AVG Technologies CZ, s.r.o.®
O58 - SDL:2018/09/11 18:14:33 A . (.SlimWare Utilities, Inc. - Driver Update Installer Monitor.) -- C:\WINDOWS\System32\drivers\SWDUMon.sys [25608] =>.AVG Technologies CZ, s.r.o.®
O58 - SDL:2018/04/08 19:17:47 A . (...) -- C:\WINDOWS\System32\drivers\lpsport.sys [61304] =>.AVG Technologies CZ, s.r.o.®
C:\WINDOWS\System32\DRIVERS\SWDUMon.sy
C:\WINDOWS\System32\drivers\lpsport.sys
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:AvastUI.exe =>.Avast Software s.r.o
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32]:AvastUI.exe =>.Avast Software s.r.o
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:AvastBrowserAutoLaunch_8407D2C6F2129BE678135C97BE2B86BA =>PUP.Optional.MyBrowser
[HKEY_USERS\S-1-5-21-2939993395-1601202196-1339199659-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:AvastBrowserAutoLaunch_8407D2C6F2129BE678135C97BE2B86BA =>PUP.Optional.MyBrowser
HKLM\SOFTWARE\AVAST Software =>.AVAST Software
HKLM\SOFTWARE\WOW6432Node\AVAST Software =>.AVAST Software
HKCU\SOFTWARE\AVAST Software =>.AVAST Software
HKCU\SOFTWARE\Browser Cleanup =>.Avast Software s.r.o
HKU\.DEFAULT\SOFTWARE\Avast Software =>.AVAST Software
HKU\.DEFAULT\SOFTWARE\Browser Cleanup =>.Avast Software s.r.o
HKU\S-1-5-21-2939993395-1601202196-1339199659-1000\SOFTWARE\AVAST Software =>.AVAST Software
HKU\S-1-5-21-2939993395-1601202196-1339199659-1000\SOFTWARE\Browser Cleanup =>.Avast Software s.r.o
O43 - CFD: 28/02/2020 - [] D -- C:\ProgramData\AVAST Software =>.AVAST Software
O43 - CFD: 18/04/2017 - [] D -- C:\Program Files (x86)\Common Files\AV =>.Avast
O43 - CFD: 26/04/2019 - [] D -- C:\Users\Oscar\AppData\Local\AVAST Software =>.AVAST Software
HKLM\SOFTWARE\WOW6432Node\SlimWare Utilities Inc =>.SUP.SlimWareUtilities
O43 - CFD: 11/09/2018 - [] D -- C:\Users\Oscar\AppData\Local\SlimWare Utilities Inc =>.SUP.SlimWareUtilities
C:\ProgramData\QuickTime =>Riskware.QuickTime
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\IObitUnstaler =>.SUP.Orphan
HKLM\Software\Wow6432Node\Classes\CLSID\{836AB26C-2DE4-41D3-AC24-4C6C2699B960} =>.SUP.Orphan
HKLM\Software\Classes\lnkfile\shellex\ContextMenuHandlers\IObitUnstaler =>.SUP.Orphan
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\IObitUnstaler =>.SUP.Orphan
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\IObitUnstaler =>.SUP.Orphan
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\ProgramData\PictureMover\Bin\Proxy4WLPG.exe.FriendlyAppName =>.Unsigned
[HKU\S-1-5-21-2939993395-1601202196-1339199659-1000\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\ProgramData\PictureMover\Bin\Proxy4WLPG.exe.FriendlyAppName =>.Unsigned
C:\Users\Oscar\AppData\Roaming\IObit\Advanced SystemCare =>SUP.Optional.AdvancedSystemCare
C:\ProgramData\IObit\Advanced SystemCare =>SUP.Optional.AdvancedSystemCare
O43 - CFD: 07/10/2016 - [] D -- C:\ProgramData\QuickTime =>Riskware.QuickTime
SR - Demand [13/06/2018] [ 44896] TAP-NordVPN Windows Adapter (tapnordvpn) . (.The OpenVPN Project.) - C:\WINDOWS\System32\drivers\tapnordvpn.sys =>.TEFINCOM S.A.®
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:NordVPN =>.NordVPN
[HKEY_USERS\S-1-5-21-2939993395-1601202196-1339199659-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:NordVPN =>.NordVPN
O43 - CFD: 23/10/2019 - [] D -- C:\Program Files (x86)\NordVPN =>.NordVPN
O43 - CFD: 14/10/2019 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NordVPN =>.NordVPN
O43 - CFD: 07/10/2019 - [] D -- C:\Users\Oscar\AppData\Roaming\NordVPN =>.NordVPN
O43 - CFD: 07/10/2019 - [] D -- C:\Users\Oscar\AppData\Local\NordVPN =>.NordVPN
O58 - SDL:2018/06/13 15:55:40 A . (.The OpenVPN Project - TAP-Windows Virtual Network Driver (NDIS 6..) -- C:\WINDOWS\System32\drivers\tapnordvpn.sys [44896] =>.TEFINCOM S.A.®
C:\WINDOWS\System32\drivers\tapnordvpn.sys
C:\WINDOWS\Installer\884af.msi


---\\ LOGICIEL. (0)


---\\ SERVICE. (2)
REFUSÉ Service: HKLM\SYSTEM\CurrentControlSet\Services\SWDUMon [SWDUMon.sys]
REFUSÉ Service: HKLM\SYSTEM\CurrentControlSet\Services\tapnordvpn [tapnordvpn.sys]


---\\ TÂCHE PLANIFIÉE. (0)


---\\ NAVIGATEUR INTERNET. (0)


---\\ EXPLORATEUR ( Dossiers, Fichiers ). (28)
DEPLACÉ Fichier Temp: C:\Users\Oscar\AppData\Local\Temp\AdobeARM.log
DEPLACÉ Fichier Temp: C:\Users\Oscar\AppData\Local\Temp\StructuredQuery.log
DEPLACÉ Fichier Temp*: C:\Users\Oscar\AppData\Local\Temp\is-0MMUT.tmp
DEPLACÉ Fichier Temp: C:\Users\Oscar\AppData\Local\Temp\URL1A10.tmp
DEPLACÉ Fichier Temp: C:\Users\Oscar\AppData\Local\Temp\URL1F79.tmp
DEPLACÉ Fichier Temp: C:\Users\Oscar\AppData\Local\Temp\URL2773.tmp
DEPLACÉ Fichier Temp: C:\Users\Oscar\AppData\Local\Temp\URL43CF.tmp
DEPLACÉ Fichier Temp: C:\Users\Oscar\AppData\Local\Temp\URL929A.tmp
DEPLACÉ Fichier Temp: C:\Users\Oscar\AppData\Local\Temp\URLA01E.tmp
DEPLACÉ Fichier Temp: C:\Users\Oscar\AppData\Local\Temp\URLBDC7.tmp
DEPLACÉ Fichier Temp: C:\Users\Oscar\AppData\Local\Temp\URLBEAA.tmp
REFUSÉ Fichier Service: C:\WINDOWS\System32\DRIVERS\SWDUMon.sys
DEPLACÉ Fichier Drivers: C:\WINDOWS\System32\drivers\SWDUMon.sys
DEPLACÉ Fichier Drivers: C:\WINDOWS\System32\drivers\lpsport.sys
SUPPRIMÉ Dossier : C:\ProgramData\AVAST Software
SUPPRIMÉ Dossier : C:\Program Files (x86)\Common Files\AV
SUPPRIMÉ Dossier : C:\Users\Oscar\AppData\Local\AVAST Software
SUPPRIMÉ Dossier : C:\Users\Oscar\AppData\Local\SlimWare Utilities Inc
SUPPRIMÉ Dossier : C:\ProgramData\QuickTime
SUPPRIMÉ Dossier : C:\Users\Oscar\AppData\Roaming\IObit\Advanced SystemCare
SUPPRIMÉ Dossier : C:\ProgramData\IObit\Advanced SystemCare
REFUSÉ Fichier Service: C:\WINDOWS\System32\drivers\tapnordvpn.sys
SUPPRIMÉ Dossier : C:\Program Files (x86)\NordVPN
SUPPRIMÉ Dossier : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NordVPN
SUPPRIMÉ Dossier : C:\Users\Oscar\AppData\Roaming\NordVPN
SUPPRIMÉ Dossier : C:\Users\Oscar\AppData\Local\NordVPN
DEPLACÉ Fichier Drivers: C:\WINDOWS\System32\drivers\tapnordvpn.sys
DEPLACÉ Fichier : C:\WINDOWS\Installer\884af.msi


---\\ REGISTRE ( Clés, Valeurs, Données ). (23)
SUPPRIMÉ Clé: HKLM\SOFTWARE\AVAST Software [AVAST Software ]
ABSENT Clé: HKLM\SOFTWARE\WOW6432Node\AVAST Software
SUPPRIMÉ Clé: HKCU\SOFTWARE\AVAST Software [AVAST Software ]
SUPPRIMÉ Clé: HKCU\SOFTWARE\Browser Cleanup [Browser Cleanup ]
SUPPRIMÉ Clé: HKU\.DEFAULT\SOFTWARE\Avast Software [Avast Software ]
SUPPRIMÉ Clé: HKU\.DEFAULT\SOFTWARE\Browser Cleanup [Browser Cleanup ]
ABSENT Clé: HKU\S-1-5-21-2939993395-1601202196-1339199659-1000\SOFTWARE\AVAST Software
ABSENT Clé: HKU\S-1-5-21-2939993395-1601202196-1339199659-1000\SOFTWARE\Browser Cleanup
SUPPRIMÉ Clé: HKLM\SOFTWARE\WOW6432Node\SlimWare Utilities Inc [SlimWare Utilities Inc ]
SUPPRIMÉ Clé: HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\IObitUnstaler [IObitUnstaler ]
ABSENT Clé: HKLM\Software\Wow6432Node\Classes\CLSID\{836AB26C-2DE4-41D3-AC24-4C6C2699B960}
SUPPRIMÉ Clé: HKLM\Software\Classes\lnkfile\shellex\ContextMenuHandlers\IObitUnstaler [IObitUnstaler ]
SUPPRIMÉ Clé: HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\IObitUnstaler [IObitUnstaler ]
SUPPRIMÉ Clé: HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\IObitUnstaler [IObitUnstaler ]
~ EmptyProxy: Aucune modification.
SUPPRIMÉ Valeur: AvastUI.exe [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]
SUPPRIMÉ Valeur: AvastUI.exe [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32]
SUPPRIMÉ Valeur: AvastBrowserAutoLaunch_8407D2C6F2129BE678135C97BE2B86BA [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]
SUPPRIMÉ Valeur: AvastBrowserAutoLaunch_8407D2C6F2129BE678135C97BE2B86BA [HKEY_USERS\S-1-5-21-2939993395-1601202196-1339199659-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]
SUPPRIMÉ Valeur: C:\ProgramData\PictureMover\Bin\Proxy4WLPG.exe.FriendlyAppName [HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
SUPPRIMÉ Valeur: C:\ProgramData\PictureMover\Bin\Proxy4WLPG.exe.FriendlyAppName [HKU\S-1-5-21-2939993395-1601202196-1339199659-1000\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
SUPPRIMÉ Valeur: NordVPN [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]
SUPPRIMÉ Valeur: NordVPN [HKEY_USERS\S-1-5-21-2939993395-1601202196-1339199659-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]


---\\ COMMANDE. (6)
CreateRestorePoint: OK
~ EmptyPrefetch: Fichiers Prefetcher supprimés (540)
~ EmptyCSID: Dossiers CLSID vides supprimés (0)
~ EmptyFlash: Dossier FlashPlayer vide.
~ EmptyTemp: Dossier Local temp partiellement vidé (11)
~ EmptyTracing: Clés tracing supprimées (18)


---\\ NON TRAITÉ. (0)

***** ~ Fin de rapport terminé en 00mn00s

Publicité


Signaler le contenu de ce document

Publicité