~ ZHPFix v2021.3.5.284 by Nicolas Coolman (2021/03/05)
~ Run by Elie (Administrator)  (11/04/2021 14:07:47)
~ Web: https://www.nicolascoolman.com
~ Blog: https://nicolascoolman.eu/
~ Certificate ZHPFix: Legal
~ State version : Version OK
~ Report : C:\Users\elied\Desktop\ZHPFix.txt
~ Quarantine : HKCU\SOFTWARE\ZHP\ZHPFix\Quarantine\
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
Windows 10 Home, 64-bit  (Build 19041)



---\\  SCRIPT DE L'UTILISATEUR.  (29)
Script ZHPFix
SYSRESTORE
ShortcutFix
MD5.1F878435582B580117A0513E1084AA43] - (.Ariolic Software, Ltd. (www.ariolic.com) - Hard drive sector scanner.) -- C:\Users\rems\Desktop\diskscanner16.exe [1026592] [PID.16348] {14B723390CE3C5D41A7F66C33FEEB0DD}
G0 - GCSP: Preferences [User Data\Default][HomePage] http://client.hola.org
G0 - GCSP: Preferences [User Data\Default][HomePage] http://cmp-cdn.ghostery.com
G0 - GCSP: Preferences [User Data\Default][HomePage] http://perr.hola.org
G2 - GCE: Preference [User Data\Default] [hmggjocpafbpjdhoknaneokaklekakeh] __MSG_extensionName__
O61 - LFC: 2016/09/25 12:20:31 A . (.Ariolic Software, Ltd. (www.ariolic.com).) -- C:\Users\rems\Desktop\diskscanner16.exe [1026592] {14B723390CE3C5D41A7F66C33FEEB0DD}
[MD5.00000000000000000000000000000000] [APT] [{D1866B5F-1612-4A18-BF8A-54E5D1BDBADA}] (...) -- C:\Users\rems\AppData\Roaming\Nox\bin\Nox_unload.exe (.not file.) [0] (.Activate.) =>.Superfluous.Empty
G0 - GCSP: Secure Preferences [User Data\Default][HomePage] http://search.conduit.com/ =>.Superfluous.Conduit
O43 - CFD: 19/08/2016 - [0] D -- C:\ProgramData\avastSWCUTemp => Empty Folder not necessary
O43 - CFD: 02/08/2016 - [] D -- C:\Users\rems\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\undefined => Superfluous.Downloader
G0 - GCSP: Secure Preferences [User Data\Default][HomePage] http://start.qone8.com/ =>PUP.Optional.Qone8
G0 - GCSP: Secure Preferences [User Data\Default][HomePage] http://www.sweet-page.com/ =>PUP.Optional.SweetPage
G2 - GCE: Preference [User Data\Default] [afjaicccalbbickikgdegaihmajaidpd] I'm a Gentleman =>PUP.Optional.CrossRider
O43 - CFD: 14/07/2016 - [] D -- C:\Program Files\KMSpico =>HackTool.KMSpico
O87 - FAEL: "{EEEB8439-C554-4912-BA69-FEC9F31C6D15}" [In-None-P17-TRUE] .(.@ByELDI - Service_KMS.) -- C:\Program Files\KMSpico\Service_KMS.exe =>HackTool.KMSpico
O87 - FAEL: "{38EA306E-1AAB-46C6-93FE-ADDA8145766A}" [In-None-P6-TRUE] .(.@ByELDI - Service_KMS.) -- C:\Program Files\KMSpico\Service_KMS.exe =>HackTool.KMSpico
C:\Users\rems\AppData\Local\Google\Chrome\User Data\Default\Extensions\afjaicccalbbickikgdegaihmajaidpd =>PUP.Optional.CrossRider
C:\Program Files\KMSpico =>HackTool.KMSpico
C:\Program Files\KMSpico\Service_KMS.exe =>HackTool.KMSpico
ÂµTorrent v3.4.8.42576 => P2P.Torrent*
O43 - CFD: 26/09/2016 - [] D -- C:\Users\rems\AppData\Roaming\uTorrent => P2P.ÂµTorrent*
O3 - Toolbar: 0xB1C218236549D4119B18009027A5CD4F - [HKCU]{2318C2B1-4965-11D4-9B18-009027A5CD4F} . (...) -- (.not file.)
EMPTYCLSID
FirewallRAZ
HostFix
IFEOFix 


---\\  LOGICIEL.  (0)


---\\  SERVICE.  (0)


---\\  TÃCHE PLANIFIÃE.  (0)


---\\  NAVIGATEUR INTERNET.  (2)
DEPLACÃ Fichier Chrome: C:\Users\elied\AppData\Local\Google\Chrome\User Data\Default\Preferences
DEPLACÃ Fichier Chrome: C:\Users\elied\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences


---\\  EXPLORATEUR ( Dossiers, Fichiers ).  (0)


---\\  REGISTRE ( ClÃ©s, Valeurs, DonnÃ©es ).  (2)
ABSENT Valeur FirewallRules: HKLM\SYSTEM\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules [{EEEB8439-C554-4912-BA69-FEC9F31C6D15}]
ABSENT Valeur FirewallRules: HKLM\SYSTEM\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules [{38EA306E-1AAB-46C6-93FE-ADDA8145766A}]


---\\  COMMANDE.  (1)
~ EmptyCSID: Dossiers CLSID vides supprimÃ©s  (0)


---\\  NON TRAITÃ.  (7)
SYSRESTORE
ShortcutFix
MD5.1F878435582B580117A0513E1084AA43] - (.Ariolic Software, Ltd. (www.ariolic.com) - Hard drive sector scanner.) -- C:\Users\rems\Desktop\diskscanner16.exe [1026592] [PID.16348] {14B723390CE3C5D41A7F66C33FEEB0DD}
[MD5.00000000000000000000000000000000] [APT] [{D1866B5F-1612-4A18-BF8A-54E5D1BDBADA}] (...) -- C:\Users\rems\AppData\Roaming\Nox\bin\Nox_unload.exe (.not file.) [0] (.Activate.) 
ÂµTorrent v3.4.8.42576 
FirewallRAZ
HostFix

***** ~ Fin de rapport terminÃ© en 00h00mn00s