~ ZHPFix v2021.3.23.287 by Nicolas Coolman (2021/03/23) ~ Run by martine_bo (Administrator) (25/03/2021 18:41:42) ~ Web: https://www.nicolascoolman.com ~ Blog: https://nicolascoolman.eu/ ~ Report : C:\Users\martine_bo\Desktop\ZHPFix.txt ~ Quarantine : HKCU\SOFTWARE\ZHP\ZHPFix\Quarantine\ ~ UAC : Activate ~ Boot Mode : Normal (Normal boot) Windows 10 Home, 64-bit (Build 19042) ---\\ SCRIPT DE L'UTILISATEUR. (42) Start:: CreateRestorePoint EmptyTemp EmptyCLSID EmptyPrefetch EmptyTracing ShortcutFix O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Inc. - Adobe Acrobat Update Service.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe =>.Adobe Inc.® O23 - Service: HP Comm Recovery (HP Comm Recover) . (.HP Inc. - CommRecovery.) - C:\Program Files\HPCommRecovery\HPCommRecovery.exe =>.HP Inc.® ServiceStop:AdobeARMservice ServiceDemand:AdobeARMservice ServiceStop:HP Comm Recover ServiceDemand:HP Comm Recover ServiceStop:.Malwarebytes. ServiceDemand:.Malwarebytes. ServiceStop:MBAMService ServiceDemand:MBAMService ServiceStop:MBAMSwissArmy ServiceDemand:MBAMSwissArmy O38 - TASK: {016A2BEE-A102-4D08-8B06-EEDF382E9DBD} [64Bits][\Mozilla\Firefox Default Browser Agent E7CF176E110C211B] - (.Mozilla Foundation - Firefox Default Browser Agent.) -- C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe [633840] =>.Mozilla Foundation O38 - TASK: {186F6464-1BAF-4FC4-A9AC-F768F128F623} [64Bits][\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}] - (.NVIDIA Corporation - NVIDIA GeForce Experience.) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [1930312] =>.NVIDIA Corporation O38 - TASK: {3A4B105F-E063-44C8-8D31-78412702476F} [64Bits][\CCleaner Update] - (.Piriform - Piriform CCleaner emergency updater.) -- C:\Program Files\CCleaner\CCUpdate.exe [684976] =>.Piriform O38 - TASK: {48DCBEFC-0C71-4F7A-8C41-2AC8E479DC41} [64Bits][\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}] - (.NVIDIA Corporation - NVIDIA Container.) -- C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [519240] =>.NVIDIA Corporation O38 - TASK: {E69FE493-6343-4FF2-8BD3-ECAFC4E93E9E} [64Bits][\Adobe Acrobat Update Task] - (.Adobe Inc. - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200] =>.Adobe Inc. C:\WINDOWS\System32\Tasks\CCleaner Update - (.Piriform.) -- C:\Program Files\CCleaner\CCUpdate.exe [] =>.Piriform C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task - (.Adobe Inc..) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [] =>.Adobe Inc. O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] . (.Microsoft Corporation - Microsoft OneDrive (32 bit) Setup.) -- C:\Windows\SysWOW64\OneDriveSetup.exe =>.Microsoft Corporation® O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] . (.Microsoft Corporation - Microsoft OneDrive (32 bit) Setup.) -- C:\Windows\SysWOW64\OneDriveSetup.exe =>.Microsoft Corporation® [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:FlashPlayerUpdate [HKEY_USERS\S-1-5-21-109256042-3385447148-866637187-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:CCleaner Smart Cleaning =>.Piriform Ltd [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:CCleaner Smart Cleaning =>.Piriform Ltd [HKEY_USERS\S-1-5-21-109256042-3385447148-866637187-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:FlashPlayerUpdate C:\WINDOWS\Installer\2d78ffa.msp =>.SUP.Obsolete.Adobe C:\WINDOWS\Installer\90846.msp =>.SUP.Obsolete.Adobe C:\WINDOWS\Installer\91f1623.msp =>.SUP.Obsolete.Adobe C:\WINDOWS\Installer\bd5abe.msp =>.SUP.Obsolete.Adobe C:\WINDOWS\Installer\eadbd.msp =>.SUP.Obsolete.Adobe [HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPDeviceCheck.exe.FriendlyAppName =>.Unsigned [HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\martine_bo\Desktop\bitdefender_homescanner.exe.FriendlyAppName =>.Unsigned [HKU\S-1-5-21-109256042-3385447148-866637187-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPDeviceCheck.exe.FriendlyAppName =>.Unsigned [HKU\S-1-5-21-109256042-3385447148-866637187-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\martine_bo\Desktop\bitdefender_homescanner.exe.FriendlyAppName =>.Unsigned End:: ---\\ LOGICIEL. (0) ---\\ SERVICE. (2) REFUSÉ Service: HKLM\SYSTEM\CurrentControlSet\Services\AdobeARMservice [armsvc.exe] REFUSÉ Service: HKLM\SYSTEM\CurrentControlSet\Services\HP Comm Recover [HPCommRecovery.exe] ---\\ TÂCHE PLANIFIÉE. (0) ---\\ NAVIGATEUR INTERNET. (0) ---\\ EXPLORATEUR ( Dossiers, Fichiers ). (2) REFUSÉ Fichier Service: C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe REFUSÉ Fichier Service: C:\Program Files\HPCommRecovery\HPCommRecovery.exe ---\\ REGISTRE ( Clés, Valeurs, Données ). (18) ABSENT Valeur Run: HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ [C:\Windows\SysWOW64\OneDriveSetup.exe ] ABSENT Valeur Run: HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ [C:\Windows\SysWOW64\OneDriveSetup.exe ] ABSENT Valeur: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run [] VERROUILLÉ Valeur : CCleaner Smart Cleaning [HKEY_USERS\S-1-5-21-109256042-3385447148-866637187-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run] VERROUILLÉ Valeur : CCleaner Smart Cleaning [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run] ABSENT Valeur: HKEY_USERS\S-1-5-21-109256042-3385447148-866637187-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run [] ABSENT Valeur: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache [] ABSENT Valeur: HKU\S-1-5-21-109256042-3385447148-866637187-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache [] SUPPRIMÉ Valeur: FlashPlayerUpdate [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run] SUPPRIMÉ Valeur: CCleaner Smart Cleaning [HKEY_USERS\S-1-5-21-109256042-3385447148-866637187-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run] SUPPRIMÉ Valeur: CCleaner Smart Cleaning [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run] SUPPRIMÉ Valeur: FlashPlayerUpdate [HKEY_USERS\S-1-5-21-109256042-3385447148-866637187-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run] SUPPRIMÉ Valeur: C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPDeviceCheck.exe.FriendlyAppName [HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache] SUPPRIMÉ Valeur: C:\Users\martine_bo\Desktop\bitdefender_homescanner.exe.FriendlyAppName [HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache] SUPPRIMÉ Valeur: C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPDeviceCheck.exe.FriendlyAppName [HKU\S-1-5-21-109256042-3385447148-866637187-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache] SUPPRIMÉ Valeur: C:\Users\martine_bo\Desktop\bitdefender_homescanner.exe.FriendlyAppName [HKU\S-1-5-21-109256042-3385447148-866637187-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache] SUPPRIMÉ Valeur Run: OneDriveSetup [HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\] SUPPRIMÉ Valeur Run: OneDriveSetup [HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\] ---\\ COMMANDE. (5) CreateRestorePoint: OK ~ EmptyTemp: Fichiers Temporaires supprimés.(0) ~ EmptyCSID: Dossiers CLSID vides supprimés (0) ~ EmptyPrefetch: Fichiers Prefetcher supprimés (15) ~ EmptyTracing: Clés tracing supprimées (9) ---\\ NON TRAITÉ. (11) ShortcutFix ServiceStop:AdobeARMservice ServiceDemand:AdobeARMservice ServiceStop:HP Comm Recover ServiceDemand:HP Comm Recover ServiceStop:.Malwarebytes. ServiceDemand:.Malwarebytes. ServiceStop:MBAMService ServiceDemand:MBAMService ServiceStop:MBAMSwissArmy ServiceDemand:MBAMSwissArmy ***** ~ Fin de rapport terminé en 00mn00s