Publicité
Publicité
Format du document : text/plain
Prévisualisation
~ ZHPFix v2021.3.5.284 by Nicolas Coolman (2021/03/05)
~ Run by cami4 (Administrator) (08/01/2023 18:51:16)
~ Web: https://www.nicolascoolman.com
~ Blog: https://nicolascoolman.eu/
~ Certificate ZHPFix: Illegal
~ State version : Version OK
~ Report : C:\Users\cami4\OneDrive\Bureau\ZHPFix.txt
~ Quarantine : HKCU\SOFTWARE\ZHP\ZHPFix\Quarantine\
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
Windows 10 Home, 64-bit (Build 22621)
---\\ SCRIPT DE L'UTILISATEUR. (25)
start::
CloseProcesses:
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\bd_js_config.js [2021-12-10] <==== ATTENTION (Pointe vers un fichier *.cfg)
FF ExtraCheck: C:\Program Files\mozilla firefox\bd_config.cfg [2021-12-10] <==== ATTENTION
Task: {DEC35F17-4D2C-4A21-924B-0338581A2561} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery => C:\WINDOWS\system32\MusNotification.exe /RunOnBattery RebootDialog (Pas de fichier)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => C:\WINDOWS\system32\MusNotification.exe (Pas de fichier)
Task: {E5068A90-EF52-4966-B271-4ADC3DC8E0DE} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => C:\WINDOWS\system32\MusNotification.exe /RunOnAC RebootDialog (Pas de fichier)
S1 WinSetupMon; system32\DRIVERS\WinSetupMon.sys [X]
CustomCLSID: HKU\S-1-5-21-3432772670-649158547-2544002816-1001_Classes\CLSID\{4B599490-B253-4667-868A-6D2EE7E75B27}\localserver32 -> "C:\Users\cami4\AppData\Local\Vivaldi\Application\5.5.2805.35\notification_helper.exe" => Pas de fichier
CustomCLSID: HKU\S-1-5-21-3432772670-649158547-2544002816-1001_Classes\CLSID\{642ccb6b-4be1-471e-bc61-606dd9dc7c79}\localserver32 -> "C:\Program Files\InPixio\Photo Studio 11\PhotoStudioIPS11.exe" -ToastActivated => Pas de fichier
ContextMenuHandlers1: [PDFCreator.ShellContextMenu] -> {d9cea52e-100d-4159-89ea-76e845bc13e1} => -> Pas de fichier
AlternateDataStreams: C:\ProgramData\TEMP:CB0AACC9 [218]
BHO: Pas de nom -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> Pas de fichier
BHO-x32: Pas de nom -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> Pas de fichier
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3785D0AD-BFFF-47F6-BF5B-A587C162FED9}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3785D0AD-BFFF-47F6-BF5B-A587C162FED9}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3785D0AD-BFFF-47F6-BF5B-A587C162FED9}
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\PDFCreator.ShellContextMenu
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\cami4\OneDrive\Bureau\FRST-OlderVersion\FRST64-2.1.exe.FriendlyAppName
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\cami4\OneDrive\Bureau\FRST-OlderVersion\FRST64-2.1.exe.ApplicationCompany
[HKU\S-1-5-21-3432772670-649158547-2544002816-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\cami4\OneDrive\Bureau\FRST-OlderVersion\FRST64-2.1.exe.FriendlyAppName
[HKU\S-1-5-21-3432772670-649158547-2544002816-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\cami4\OneDrive\Bureau\FRST-OlderVersion\FRST64-2.1.exe.ApplicationCompany
End:
---\\ LOGICIEL. (0)
---\\ SERVICE. (0)
---\\ TÂCHE PLANIFIÉE. (0)
---\\ NAVIGATEUR INTERNET. (0)
---\\ EXPLORATEUR ( Dossiers, Fichiers ). (0)
---\\ REGISTRE ( Clés, Valeurs, Données ). (10)
ABSENT Clé: HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
ABSENT Clé: HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
SUPPRIMÉ Clé: HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3785D0AD-BFFF-47F6-BF5B-A587C162FED9} [{3785D0AD-BFFF-47F6-BF5B-A587C162FED9}]
SUPPRIMÉ Clé: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3785D0AD-BFFF-47F6-BF5B-A587C162FED9} [{3785D0AD-BFFF-47F6-BF5B-A587C162FED9}]
SUPPRIMÉ Clé: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3785D0AD-BFFF-47F6-BF5B-A587C162FED9} [{3785D0AD-BFFF-47F6-BF5B-A587C162FED9}]
SUPPRIMÉ Clé: HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\PDFCreator.ShellContextMenu [PDFCreator.ShellContextMenu]
SUPPRIMÉ Valeur: C:\Users\cami4\OneDrive\Bureau\FRST-OlderVersion\FRST64-2.1.exe.FriendlyAppName [HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
SUPPRIMÉ Valeur: C:\Users\cami4\OneDrive\Bureau\FRST-OlderVersion\FRST64-2.1.exe.ApplicationCompany [HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
SUPPRIMÉ Valeur: C:\Users\cami4\OneDrive\Bureau\FRST-OlderVersion\FRST64-2.1.exe.FriendlyAppName [HKU\S-1-5-21-3432772670-649158547-2544002816-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
SUPPRIMÉ Valeur: C:\Users\cami4\OneDrive\Bureau\FRST-OlderVersion\FRST64-2.1.exe.ApplicationCompany [HKU\S-1-5-21-3432772670-649158547-2544002816-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
---\\ COMMANDE. (0)
---\\ NON TRAITÉ. (11)
CloseProcesses:
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\bd_js_config.js [2021-12-10] <==== ATTENTION (Pointe vers un fichier *.cfg)
FF ExtraCheck: C:\Program Files\mozilla firefox\bd_config.cfg [2021-12-10] <==== ATTENTION
S1 WinSetupMon; system32\DRIVERS\WinSetupMon.sys
CustomCLSID: HKU\S-1-5-21-3432772670-649158547-2544002816-1001_Classes\CLSID\{4B599490-B253-4667-868A-6D2EE7E75B27}\localserver32 -> "C:\Users\cami4\AppData\Local\Vivaldi\Application\5.5.2805.35\notification_helper.exe"
CustomCLSID: HKU\S-1-5-21-3432772670-649158547-2544002816-1001_Classes\CLSID\{642ccb6b-4be1-471e-bc61-606dd9dc7c79}\localserver32 -> "C:\Program Files\InPixio\Photo Studio 11\PhotoStudioIPS11.exe" -ToastActivated
ContextMenuHandlers1: [PDFCreator.ShellContextMenu] -> {d9cea52e-100d-4159-89ea-76e845bc13e1}
AlternateDataStreams: C:\ProgramData\TEMP:CB0AACC9
BHO: Pas de nom -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> Pas de fichier
BHO-x32: Pas de nom -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> Pas de fichier
End:
***** ~ Fin de rapport terminé en 00h00mn09s
~ Run by cami4 (Administrator) (08/01/2023 18:51:16)
~ Web: https://www.nicolascoolman.com
~ Blog: https://nicolascoolman.eu/
~ Certificate ZHPFix: Illegal
~ State version : Version OK
~ Report : C:\Users\cami4\OneDrive\Bureau\ZHPFix.txt
~ Quarantine : HKCU\SOFTWARE\ZHP\ZHPFix\Quarantine\
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
Windows 10 Home, 64-bit (Build 22621)
---\\ SCRIPT DE L'UTILISATEUR. (25)
start::
CloseProcesses:
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\bd_js_config.js [2021-12-10] <==== ATTENTION (Pointe vers un fichier *.cfg)
FF ExtraCheck: C:\Program Files\mozilla firefox\bd_config.cfg [2021-12-10] <==== ATTENTION
Task: {DEC35F17-4D2C-4A21-924B-0338581A2561} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery => C:\WINDOWS\system32\MusNotification.exe /RunOnBattery RebootDialog (Pas de fichier)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => C:\WINDOWS\system32\MusNotification.exe (Pas de fichier)
Task: {E5068A90-EF52-4966-B271-4ADC3DC8E0DE} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => C:\WINDOWS\system32\MusNotification.exe /RunOnAC RebootDialog (Pas de fichier)
S1 WinSetupMon; system32\DRIVERS\WinSetupMon.sys [X]
CustomCLSID: HKU\S-1-5-21-3432772670-649158547-2544002816-1001_Classes\CLSID\{4B599490-B253-4667-868A-6D2EE7E75B27}\localserver32 -> "C:\Users\cami4\AppData\Local\Vivaldi\Application\5.5.2805.35\notification_helper.exe" => Pas de fichier
CustomCLSID: HKU\S-1-5-21-3432772670-649158547-2544002816-1001_Classes\CLSID\{642ccb6b-4be1-471e-bc61-606dd9dc7c79}\localserver32 -> "C:\Program Files\InPixio\Photo Studio 11\PhotoStudioIPS11.exe" -ToastActivated => Pas de fichier
ContextMenuHandlers1: [PDFCreator.ShellContextMenu] -> {d9cea52e-100d-4159-89ea-76e845bc13e1} => -> Pas de fichier
AlternateDataStreams: C:\ProgramData\TEMP:CB0AACC9 [218]
BHO: Pas de nom -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> Pas de fichier
BHO-x32: Pas de nom -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> Pas de fichier
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3785D0AD-BFFF-47F6-BF5B-A587C162FED9}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3785D0AD-BFFF-47F6-BF5B-A587C162FED9}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3785D0AD-BFFF-47F6-BF5B-A587C162FED9}
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\PDFCreator.ShellContextMenu
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\cami4\OneDrive\Bureau\FRST-OlderVersion\FRST64-2.1.exe.FriendlyAppName
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\cami4\OneDrive\Bureau\FRST-OlderVersion\FRST64-2.1.exe.ApplicationCompany
[HKU\S-1-5-21-3432772670-649158547-2544002816-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\cami4\OneDrive\Bureau\FRST-OlderVersion\FRST64-2.1.exe.FriendlyAppName
[HKU\S-1-5-21-3432772670-649158547-2544002816-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\cami4\OneDrive\Bureau\FRST-OlderVersion\FRST64-2.1.exe.ApplicationCompany
End:
---\\ LOGICIEL. (0)
---\\ SERVICE. (0)
---\\ TÂCHE PLANIFIÉE. (0)
---\\ NAVIGATEUR INTERNET. (0)
---\\ EXPLORATEUR ( Dossiers, Fichiers ). (0)
---\\ REGISTRE ( Clés, Valeurs, Données ). (10)
ABSENT Clé: HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
ABSENT Clé: HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
SUPPRIMÉ Clé: HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3785D0AD-BFFF-47F6-BF5B-A587C162FED9} [{3785D0AD-BFFF-47F6-BF5B-A587C162FED9}]
SUPPRIMÉ Clé: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3785D0AD-BFFF-47F6-BF5B-A587C162FED9} [{3785D0AD-BFFF-47F6-BF5B-A587C162FED9}]
SUPPRIMÉ Clé: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3785D0AD-BFFF-47F6-BF5B-A587C162FED9} [{3785D0AD-BFFF-47F6-BF5B-A587C162FED9}]
SUPPRIMÉ Clé: HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\PDFCreator.ShellContextMenu [PDFCreator.ShellContextMenu]
SUPPRIMÉ Valeur: C:\Users\cami4\OneDrive\Bureau\FRST-OlderVersion\FRST64-2.1.exe.FriendlyAppName [HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
SUPPRIMÉ Valeur: C:\Users\cami4\OneDrive\Bureau\FRST-OlderVersion\FRST64-2.1.exe.ApplicationCompany [HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
SUPPRIMÉ Valeur: C:\Users\cami4\OneDrive\Bureau\FRST-OlderVersion\FRST64-2.1.exe.FriendlyAppName [HKU\S-1-5-21-3432772670-649158547-2544002816-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
SUPPRIMÉ Valeur: C:\Users\cami4\OneDrive\Bureau\FRST-OlderVersion\FRST64-2.1.exe.ApplicationCompany [HKU\S-1-5-21-3432772670-649158547-2544002816-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
---\\ COMMANDE. (0)
---\\ NON TRAITÉ. (11)
CloseProcesses:
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\bd_js_config.js [2021-12-10] <==== ATTENTION (Pointe vers un fichier *.cfg)
FF ExtraCheck: C:\Program Files\mozilla firefox\bd_config.cfg [2021-12-10] <==== ATTENTION
S1 WinSetupMon; system32\DRIVERS\WinSetupMon.sys
CustomCLSID: HKU\S-1-5-21-3432772670-649158547-2544002816-1001_Classes\CLSID\{4B599490-B253-4667-868A-6D2EE7E75B27}\localserver32 -> "C:\Users\cami4\AppData\Local\Vivaldi\Application\5.5.2805.35\notification_helper.exe"
CustomCLSID: HKU\S-1-5-21-3432772670-649158547-2544002816-1001_Classes\CLSID\{642ccb6b-4be1-471e-bc61-606dd9dc7c79}\localserver32 -> "C:\Program Files\InPixio\Photo Studio 11\PhotoStudioIPS11.exe" -ToastActivated
ContextMenuHandlers1: [PDFCreator.ShellContextMenu] -> {d9cea52e-100d-4159-89ea-76e845bc13e1}
AlternateDataStreams: C:\ProgramData\TEMP:CB0AACC9
BHO: Pas de nom -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> Pas de fichier
BHO-x32: Pas de nom -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> Pas de fichier
End:
***** ~ Fin de rapport terminé en 00h00mn09s