cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

~ ZHPFix v2021.3.5.284 by Nicolas Coolman (2021/03/05)
~ Run by Admin (Administrator) (29/03/2021 20:36:36)
~ Web: https://www.nicolascoolman.com
~ Blog: https://nicolascoolman.eu/
~ Certificate ZHPFix: Legal
~ State version : Version OK
~ Report : C:\Users\Admin\Desktop\ZHPFix.txt
~ Quarantine : HKCU\SOFTWARE\ZHP\ZHPFix\Quarantine\
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
Windows 10 Home, 64-bit (Build 19041)



---\\ SCRIPT DE L'UTILISATEUR. (84)
Script ZHPFix
ShortcutFix
IFEOFix
SysRestore
[HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\explorer\StartupApproved\Run]:OneDriveSetup
[HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\explorer\StartupApproved\Run]:OneDriveSetup
[HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules]:{D93A9284-2178-4DE3-A4D3-A8452EA95522}"
[HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules]:{9B78E46D-C8ED-460B-8B2B-B541778EE3BC}"
[HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules]:{CEFB6B30-70FF-4C15-B6DC-B87BCF8843EE}"
[HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules]:{C832CE7C-94B2-41CB-B60C-7633FF5EDDC3}"
[HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules]:{DD33B90D-54B7-42C2-B4CC-2734706B1F73}"
[HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules]:{F054BCB8-5353-4CC8-86F6-EC0EAAB648B9}"
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\MWLIVShellExt
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\ShredderContextMenu
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\Gadgets
HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{0B78ECB0-1A6B-4E6D-89D7-0E7CE77F0427}
HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{39F15B50-A977-4CA6-B1C3-6A8724CDA025}
HKLM\SOFTWARE\WOW6432Node\EgisTec MyWinLocker
HKLM\SOFTWARE\WOW6432Node\EgisTec MyWinLockerSuite
C:\Program Files (x86)\EgisTec MyWinLocker
HKLM\SOFTWARE\Classes\lnkfile\shellex\ContextMenuHandlers\EgisShellExt
HKLM\Software\Classes\CLSID\{B1B294FE-EC1E-4fef-AF68-D34CE3E38157}
HKLM\Software\WOW6432Node\Classes\CLSID\{B1B294FE-EC1E-4fef-AF68-D34CE3E38157}
C:\Program Files (x86)\EgisTec MyWinLocker\x64\MWLIVShellExt.dll
HKLM\SOFTWARE\WOW6432Node\Microsoft\Shared Tools\MSConfig\startupreg\\SuiteTray
C:\WINDOWS\System32\drivers\mwlPSDNserv.sys
C:\WINDOWS\System32\drivers\mwlPSDVDisk.sys
HKLM\Software\Classes\Installer\Products\05B51F93779A6AC41B3CA67842DC0A52
HKLM\Software\Classes\Installer\Features\05B51F93779A6AC41B3CA67842DC0A52
HKCU\Software\Microsoft\Installer\Products\05B51F93779A6AC41B3CA67842DC0A52
HKCU\Software\Microsoft\Installer\Features\05B51F93779A6AC41B3CA67842DC0A52
HKLM\Software\Wow6432Node\Classes\Installer\Products\05B51F93779A6AC41B3CA67842DC0A52
HKLM\Software\Wow6432Node\Classes\Installer\Features\05B51F93779A6AC41B3CA67842DC0A52
C:\Windows\Installer\{39F15B50-A977-4CA6-B1C3-6A8724CDA025}\ARPPRODUCTICON.exe
HKLM\Software\Classes\Installer\Products\0BCE87B0B6A1D6E4987DE0C77EF74072
HKLM\Software\Classes\Installer\Features\0BCE87B0B6A1D6E4987DE0C77EF74072
HKCU\Software\Microsoft\Installer\Products\0BCE87B0B6A1D6E4987DE0C77EF74072
HKCU\Software\Microsoft\Installer\Features\0BCE87B0B6A1D6E4987DE0C77EF74072
HKLM\Software\Wow6432Node\Classes\Installer\Products\0BCE87B0B6A1D6E4987DE0C77EF74072
HKLM\Software\Wow6432Node\Classes\Installer\Features\0BCE87B0B6A1D6E4987DE0C77EF74072
C:\Windows\Installer\{0B78ECB0-1A6B-4E6D-89D7-0E7CE77F0427}\ARPPRODUCTICON.exe
C:\WINDOWS\Installer\264b8.msi [
C:\WINDOWS\Installer\264bd.msi [
[41D2B340D783D773ED498A6D83C68A50] [21/06/2011] (.EGIS TECHNOLOGY INC..) - C:\Program Files (x86)\EgisTec MyWinLocker\x64\MWLIVShellExt.dll
HKLM64\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5368E5BA-D89B-4477-824C-7ED85A7909EF[
C:\Windows\System32\Tasks\Avast Software\Overseer]
C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [
C:\WINDOWS\System32\Tasks\Avast Software\Overseer
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck
C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:AvastUI.exe
HKLM\SOFTWARE\AVAST Software
HKLM\SOFTWARE\WOW6432Node\Avast Software
HKCU\SOFTWARE\AVAST Software
HKCU\SOFTWARE\Browser Cleanup
HKU\.DEFAULT\SOFTWARE\Avast Software
C:\Program Files (x86)\AVAST Software
HKLM\SOFTWARE\WOW6432Node\Clients\StartMenuInternet\Avast Secure Browser>
C:\WINDOWS\Installer\2c7a1ac6.msi [
C:\WINDOWS\Installer\2ca12.msi [
[025A1BF3E389238382537190D349E56A] [26/10/2020] (.Avast Software s.r.o..) - C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\AvastBrowserCrashHandler.exe
HKLM\SOFTWARE\McAfee.com
HKLM\SOFTWARE\WOW6432Node\McAfee
HKU\.DEFAULT\SOFTWARE\McAfee
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Family Protection
C:\ProgramData\McAfee
C:\Program Files (x86)\Common Files\mcafee
HKLM\SOFTWARE\WOW6432Node\WildTangent
C:\ProgramData\WildTangent
HKLM\SOFTWARE\WOW6432Node\Malwarebytes' Anti-Malware
HKCU\SOFTWARE\Malwarebytes' Anti-Malware
C:\Program Files\Malwarebytes
C:\ProgramData\Malwarebytes
C:\Users\Admin\AppData\Local\mbam
C:\WINDOWS\System32\drivers\480048C5.sys
C:\WINDOWS\System32\drivers\51AA0ABD.sys
C:\WINDOWS\System32\drivers\597A07E3.sys
EmptyCLSID
FirewallRaz
EmptyPrefetch
EmptyTemp
EmptyFlash
ProxyFix
fin


---\\ LOGICIEL. (0)


---\\ SERVICE. (0)


---\\ TÂCHE PLANIFIÉE. (0)


---\\ NAVIGATEUR INTERNET. (0)


---\\ EXPLORATEUR ( Dossiers, Fichiers ). (29)
SUPPRIMÉ Dossier : C:\Program Files (x86)\EgisTec MyWinLocker
DEPLACÉ Fichier : C:\Windows\Installer\{39F15B50-A977-4CA6-B1C3-6A8724CDA025}\ARPPRODUCTICON.exe
DEPLACÉ Fichier : C:\Windows\Installer\{0B78ECB0-1A6B-4E6D-89D7-0E7CE77F0427}\ARPPRODUCTICON.exe
SUPPRIMÉ Dossier : C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck
SUPPRIMÉ Dossier : C:\Program Files (x86)\AVAST Software
SUPPRIMÉ Dossier : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Family Protection
SUPPRIMÉ Dossier : C:\ProgramData\McAfee
SUPPRIMÉ Dossier : C:\Program Files (x86)\Common Files\mcafee
SUPPRIMÉ Dossier : C:\ProgramData\WildTangent
SUPPRIMÉ Dossier : C:\Program Files\Malwarebytes
SUPPRIMÉ Dossier : C:\ProgramData\Malwarebytes
SUPPRIMÉ Dossier : C:\Users\Admin\AppData\Local\mbam
DEPLACÉ Fichier Temp: C:\Users\Admin\AppData\Local\Temp\MBAMInstallerService.exe
DEPLACÉ Fichier Temp: C:\Users\Admin\AppData\Local\Temp\mbsetup.log
DEPLACÉ Fichier Temp: C:\Users\Admin\AppData\Local\Temp\StructuredQuery.log
DEPLACÉ Fichier Temp: C:\Users\Admin\AppData\Local\Temp\TWAIN.LOG
SUPPRIMÉ Redémarrage Fichier Temp^: C:\Users\Admin\AppData\Local\Temp\48be739a-5c8b-4f8e-9068-ee9e8dfd1028.tmp
SUPPRIMÉ Redémarrage Fichier Temp^: C:\Users\Admin\AppData\Local\Temp\4e0733c2-85de-4e0f-90e1-f9de4d85d462.tmp
SUPPRIMÉ Redémarrage Fichier Temp^: C:\Users\Admin\AppData\Local\Temp\5a89f7c5-b9b4-44d9-83e2-6d602e034bb3.tmp
SUPPRIMÉ Redémarrage Fichier Temp^: C:\Users\Admin\AppData\Local\Temp\66880858-1c30-445c-a3ed-d6fc60ff50ab.tmp
SUPPRIMÉ Redémarrage Fichier Temp^: C:\Users\Admin\AppData\Local\Temp\69628aa4-06a2-4ce1-8b11-11b7e0ac9474.tmp
DEPLACÉ Fichier Temp: C:\Users\Admin\AppData\Local\Temp\815926a3-6c64-4dea-bf3c-4b1a384ef971.tmp
SUPPRIMÉ Redémarrage Fichier Temp^: C:\Users\Admin\AppData\Local\Temp\9b37c7e8-7ddc-4180-b677-d37b108cf5c9.tmp
SUPPRIMÉ Redémarrage Fichier Temp^: C:\Users\Admin\AppData\Local\Temp\9d02de81-ddf2-47bf-93d3-375d41ea8281.tmp
DEPLACÉ Fichier Temp: C:\Users\Admin\AppData\Local\Temp\9ec87231-b426-4892-bcfd-157f458628ad.tmp
SUPPRIMÉ Redémarrage Fichier Temp^: C:\Users\Admin\AppData\Local\Temp\ab7b8223-cfc5-4035-ac4c-229fda0e5bb3.tmp
DEPLACÉ Fichier Temp*: C:\Users\Admin\AppData\Local\Temp\Temp1_Wub (1).zip
SUPPRIMÉ Redémarrage Fichier Temp^: C:\Users\Admin\AppData\Local\Temp\FXSAPIDebugLogFile.txt
SUPPRIMÉ Redémarrage Fichier Temp^: C:\Users\Admin\AppData\Local\Temp\FXSTIFFDebugLogFile.txt


---\\ REGISTRE ( Clés, Valeurs, Données ). (45)
SUPPRIMÉ Clé: HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\MWLIVShellExt [MWLIVShellExt]
SUPPRIMÉ Clé: HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\ShredderContextMenu [ShredderContextMenu]
SUPPRIMÉ Clé: HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\Gadgets [Gadgets]
SUPPRIMÉ Clé: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{0B78ECB0-1A6B-4E6D-89D7-0E7CE77F0427} [{0B78ECB0-1A6B-4E6D-89D7-0E7CE77F0427}]
ABSENT Clé: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{39F15B50-A977-4CA6-B1C3-6A8724CDA025}
SUPPRIMÉ Clé: HKLM\SOFTWARE\WOW6432Node\EgisTec MyWinLocker [EgisTec MyWinLocker]
SUPPRIMÉ Clé: HKLM\SOFTWARE\WOW6432Node\EgisTec MyWinLockerSuite [EgisTec MyWinLockerSuite]
SUPPRIMÉ Clé: HKLM\SOFTWARE\Classes\lnkfile\shellex\ContextMenuHandlers\EgisShellExt [EgisShellExt ]
SUPPRIMÉ Clé: HKLM\Software\Classes\CLSID\{B1B294FE-EC1E-4fef-AF68-D34CE3E38157} [{B1B294FE-EC1E-4fef-AF68-D34CE3E38157}]
SUPPRIMÉ Clé: HKLM\Software\WOW6432Node\Classes\CLSID\{B1B294FE-EC1E-4fef-AF68-D34CE3E38157} [{B1B294FE-EC1E-4fef-AF68-D34CE3E38157}]
ABSENT Clé: HKLM\SOFTWARE\WOW6432Node\Microsoft\Shared Tools\MSConfig\startupreg\\SuiteTray
SUPPRIMÉ Clé: HKLM\Software\Classes\Installer\Products\05B51F93779A6AC41B3CA67842DC0A52 [05B51F93779A6AC41B3CA67842DC0A52]
SUPPRIMÉ Clé: HKLM\Software\Classes\Installer\Features\05B51F93779A6AC41B3CA67842DC0A52 [05B51F93779A6AC41B3CA67842DC0A52]
ABSENT Clé: HKCU\Software\Microsoft\Installer\Products\05B51F93779A6AC41B3CA67842DC0A52
ABSENT Clé: HKCU\Software\Microsoft\Installer\Features\05B51F93779A6AC41B3CA67842DC0A52
ABSENT Clé: HKLM\Software\Wow6432Node\Classes\Installer\Products\05B51F93779A6AC41B3CA67842DC0A52
ABSENT Clé: HKLM\Software\Wow6432Node\Classes\Installer\Features\05B51F93779A6AC41B3CA67842DC0A52
SUPPRIMÉ Clé: HKLM\Software\Classes\Installer\Products\0BCE87B0B6A1D6E4987DE0C77EF74072 [0BCE87B0B6A1D6E4987DE0C77EF74072]
SUPPRIMÉ Clé: HKLM\Software\Classes\Installer\Features\0BCE87B0B6A1D6E4987DE0C77EF74072 [0BCE87B0B6A1D6E4987DE0C77EF74072]
ABSENT Clé: HKCU\Software\Microsoft\Installer\Products\0BCE87B0B6A1D6E4987DE0C77EF74072
ABSENT Clé: HKCU\Software\Microsoft\Installer\Features\0BCE87B0B6A1D6E4987DE0C77EF74072
ABSENT Clé: HKLM\Software\Wow6432Node\Classes\Installer\Products\0BCE87B0B6A1D6E4987DE0C77EF74072
ABSENT Clé: HKLM\Software\Wow6432Node\Classes\Installer\Features\0BCE87B0B6A1D6E4987DE0C77EF74072
ABSENT Clé: HKLM64\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5368E5BA-D89B-4477-824C-7ED85A7909EF[
SUPPRIMÉ Clé: HKLM\SOFTWARE\AVAST Software [AVAST Software]
ABSENT Clé: HKLM\SOFTWARE\WOW6432Node\Avast Software
SUPPRIMÉ Clé: HKCU\SOFTWARE\AVAST Software [AVAST Software]
SUPPRIMÉ Clé: HKCU\SOFTWARE\Browser Cleanup [Browser Cleanup]
SUPPRIMÉ Clé: HKU\.DEFAULT\SOFTWARE\Avast Software [Avast Software]
ABSENT Clé: HKLM\SOFTWARE\WOW6432Node\Clients\StartMenuInternet\Avast Secure Browser>
SUPPRIMÉ Clé: HKLM\SOFTWARE\McAfee.com [McAfee.com]
SUPPRIMÉ Clé: HKLM\SOFTWARE\WOW6432Node\McAfee [McAfee]
SUPPRIMÉ Clé: HKU\.DEFAULT\SOFTWARE\McAfee [McAfee]
SUPPRIMÉ Clé: HKLM\SOFTWARE\WOW6432Node\WildTangent [WildTangent]
SUPPRIMÉ Clé: HKLM\SOFTWARE\WOW6432Node\Malwarebytes' Anti-Malware [Malwarebytes' Anti-Malware]
SUPPRIMÉ Clé: HKCU\SOFTWARE\Malwarebytes' Anti-Malware [Malwarebytes' Anti-Malware]
SUPPRIMÉ Valeur: OneDriveSetup [HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\explorer\StartupApproved\Run]
SUPPRIMÉ Valeur: OneDriveSetup [HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\explorer\StartupApproved\Run]
SUPPRIMÉ Valeur: {D93A9284-2178-4DE3-A4D3-A8452EA95522}" [HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules]
SUPPRIMÉ Valeur: {9B78E46D-C8ED-460B-8B2B-B541778EE3BC}" [HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules]
SUPPRIMÉ Valeur: {CEFB6B30-70FF-4C15-B6DC-B87BCF8843EE}" [HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules]
SUPPRIMÉ Valeur: {C832CE7C-94B2-41CB-B60C-7633FF5EDDC3}" [HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules]
SUPPRIMÉ Valeur: {DD33B90D-54B7-42C2-B4CC-2734706B1F73}" [HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules]
SUPPRIMÉ Valeur: {F054BCB8-5353-4CC8-86F6-EC0EAAB648B9}" [HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules]
SUPPRIMÉ Valeur: AvastUI.exe [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]


---\\ COMMANDE. (4)
~ EmptyCSID: Dossiers CLSID vides supprimés (0)
~ EmptyPrefetch: Fichiers Prefetcher supprimés (166)
~ EmptyTemp: Dossier Local temp partiellement vidé (17)
~ EmptyFlash: Dossier FlashPlayer vide.


---\\ NON TRAITÉ. (6)
ShortcutFix
SysRestore
[41D2B340D783D773ED498A6D83C68A50] [21/06/2011] (.EGIS TECHNOLOGY INC..) - C:\Program Files (x86)\EgisTec MyWinLocker\x64\MWLIVShellExt.dll
[025A1BF3E389238382537190D349E56A] [26/10/2020] (.Avast Software s.r.o..) - C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\AvastBrowserCrashHandler.exe
FirewallRaz
ProxyFix

~ Le système a été redémarré.

***** ~ Fin de rapport terminé en 00h01mn00s

Publicité


Signaler le contenu de ce document

Publicité