Publicité
Publicité
Format du document : text/plain
Prévisualisation
~ ZHPFix v2023.3.14.13 by Nicolas Coolman (2023/03/14)
~ Run by UEFM LFS Hyper UEFM (Administrator) (22/03/2023 12:25:46)
~ Web: https://www.nicolascoolman.com
~ Blog: https://nicolascoolman.eu/
~ Report : C:\Users\UEFM LFS Hyper UEFM\Desktop\ZHPFix.txt
~ Quarantine : HKCU\SOFTWARE\ZHP\ZHPFix\Quarantine\
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
Windows 10 Home, 64-bit (Build 19045)
---\\ SCRIPT DE L'UTILISATEUR. (40)
Start::
O4 - HKLM\..\Run: [Ashampoo Backup] . (. - .) -- C:\Program Files\Ashampoo\Ashampoo Backup 2023\bin\backupClient-ab.exe (.Not File.)
O4 - GS\CommonDesktop [Public]: TotalAV.lnk . (.TotalAV - TotalAV Ultimate Antivirus User Interface.) C:\Program Files (x86)\TotalAV\TotalAV.exe {09577EC4355FDBD6DB33CCE677C17CA8}.
HKCU\Software\SSProtect
HKCU\Software\drpsu
HKLM\SOFTWARE\Wow6432Node\drpsu
HKLM\SOFTWARE\Wow6432Node\UCBrowserPID
HKLM\SOFTWARE\drpsu
HKLM\SOFTWARE\UCBrowserPID
HKLM\System\CurrentControlSet\Services\EventLog\Application\SecurityService
HKLM\SOFTWARE\WOW6432Node\DriverDoc
HKCU\SOFTWARE\173a9bac-6f0d-50c4-8202-4744c69d091a
HKCU\SOFTWARE\DriverDoc
HKU\S-1-5-21-158993690-1269080673-3091534466-1000\SOFTWARE\173a9bac-6f0d-50c4-8202-4744c69d091a
HKU\S-1-5-21-158993690-1269080673-3091534466-1000\SOFTWARE\DriverDoc
HKU\S-1-5-21-158993690-1269080673-3091534466-1000\SOFTWARE\drpsu
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DriverDoc_is1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\TotalAV
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\DriverDoc_is1
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\TotalAV
C:\Program Files (x86)\TotalAV
C:\ProgramData\SecuritySuite
C:\ProgramData\TotalAV
C:\Users\UEFM LFS Hyper UEFM\AppData\Roaming\DriverDoc
C:\Users\UEFM LFS Hyper UEFM\AppData\Local\UCBrowser
C:\WINDOWS\Prefetch\TOTALAV.EXE-1A4EEC9C.pf
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\WinRAR32
HKLM\Software\Classes\CLSID\{B41DB860-8EE4-11D2-9906-E49FADC173CA}
HKLM\Software\Classes\lnkfile\shellex\ContextMenuHandlers\WinRAR32
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\WinRAR32
HKCU\Software\SSProtect
HKCU\Software\drpsu
HKLM\SOFTWARE\Wow6432Node\drpsu
HKLM\SOFTWARE\Wow6432Node\UCBrowserPID
HKLM\SOFTWARE\drpsu
HKLM\SOFTWARE\UCBrowserPID
HKLM\System\CurrentControlSet\Services\EventLog\Application\SecurityService
EmptyPrefetch
EmptyClsid
---\\ LOGICIEL. (0)
---\\ SERVICE. (0)
---\\ TÂCHE PLANIFIÉE. (0)
---\\ NAVIGATEUR INTERNET. (0)
---\\ EXPLORATEUR ( Dossiers, Fichiers ). (7)
DEPLACÉ Fichier Shortcut: C:\Users\Public\Desktop\TotalAV.lnk
SUPPRIMÉ Dossier : C:\Program Files (x86)\TotalAV
SUPPRIMÉ Dossier : C:\ProgramData\SecuritySuite
SUPPRIMÉ Dossier : C:\ProgramData\TotalAV
SUPPRIMÉ Dossier : C:\Users\UEFM LFS Hyper UEFM\AppData\Roaming\DriverDoc
SUPPRIMÉ Dossier : C:\Users\UEFM LFS Hyper UEFM\AppData\Local\UCBrowser
DEPLACÉ Fichier : C:\WINDOWS\Prefetch\TOTALAV.EXE-1A4EEC9C.pf
---\\ REGISTRE ( Clés, Valeurs, Données ). (27)
ABSENT Valeur Run: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ [C:\Program Files\Ashampoo\Ashampoo Backup 2023\bin\backupClient-ab.exe (.Not File.)]
SUPPRIMÉ Clé: HKCU\Software\SSProtect [SSProtect]
SUPPRIMÉ Clé: HKCU\Software\drpsu [drpsu]
SUPPRIMÉ Clé: HKLM\SOFTWARE\Wow6432Node\drpsu [drpsu]
SUPPRIMÉ Clé: HKLM\SOFTWARE\Wow6432Node\UCBrowserPID [UCBrowserPID]
ABSENT Clé: HKLM\SOFTWARE\drpsu
ABSENT Clé: HKLM\SOFTWARE\UCBrowserPID
SUPPRIMÉ Clé: HKLM\System\CurrentControlSet\Services\EventLog\Application\SecurityService [SecurityService]
SUPPRIMÉ Clé: HKLM\SOFTWARE\WOW6432Node\DriverDoc [DriverDoc]
SUPPRIMÉ Clé: HKCU\SOFTWARE\173a9bac-6f0d-50c4-8202-4744c69d091a [173a9bac-6f0d-50c4-8202-4744c69d091a]
SUPPRIMÉ Clé: HKCU\SOFTWARE\DriverDoc [DriverDoc]
ABSENT Clé: HKU\S-1-5-21-158993690-1269080673-3091534466-1000\SOFTWARE\173a9bac-6f0d-50c4-8202-4744c69d091a
ABSENT Clé: HKU\S-1-5-21-158993690-1269080673-3091534466-1000\SOFTWARE\DriverDoc
ABSENT Clé: HKU\S-1-5-21-158993690-1269080673-3091534466-1000\SOFTWARE\drpsu
VERROUILLÉ Clé *: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DriverDoc_is1
VERROUILLÉ Clé *: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\TotalAV
SUPPRIMÉ Clé: HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\DriverDoc_is1 [DriverDoc_is1]
SUPPRIMÉ Clé: HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\TotalAV [TotalAV]
SUPPRIMÉ Clé: HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\WinRAR32 [WinRAR32]
VERROUILLÉ Clé *: HKLM\Software\Classes\CLSID\{B41DB860-8EE4-11D2-9906-E49FADC173CA}
SUPPRIMÉ Clé: HKLM\Software\Classes\lnkfile\shellex\ContextMenuHandlers\WinRAR32 [WinRAR32]
SUPPRIMÉ Clé: HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\WinRAR32 [WinRAR32]
ABSENT Clé: HKCU\Software\SSProtect
ABSENT Clé: HKCU\Software\drpsu
ABSENT Clé: HKLM\SOFTWARE\Wow6432Node\drpsu
ABSENT Clé: HKLM\SOFTWARE\Wow6432Node\UCBrowserPID
ABSENT Clé: HKLM\System\CurrentControlSet\Services\EventLog\Application\SecurityService
---\\ COMMANDE. (2)
~ EmptyPrefetch: Fichiers Prefetcher supprimés (345)
~ EmptyCSID: Dossiers CLSID vides supprimés (0)
---\\ NON TRAITÉ. (0)
***** ~ Fin de rapport terminé en 08mn10s
~ Run by UEFM LFS Hyper UEFM (Administrator) (22/03/2023 12:25:46)
~ Web: https://www.nicolascoolman.com
~ Blog: https://nicolascoolman.eu/
~ Report : C:\Users\UEFM LFS Hyper UEFM\Desktop\ZHPFix.txt
~ Quarantine : HKCU\SOFTWARE\ZHP\ZHPFix\Quarantine\
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
Windows 10 Home, 64-bit (Build 19045)
---\\ SCRIPT DE L'UTILISATEUR. (40)
Start::
O4 - HKLM\..\Run: [Ashampoo Backup] . (. - .) -- C:\Program Files\Ashampoo\Ashampoo Backup 2023\bin\backupClient-ab.exe (.Not File.)
O4 - GS\CommonDesktop [Public]: TotalAV.lnk . (.TotalAV - TotalAV Ultimate Antivirus User Interface.) C:\Program Files (x86)\TotalAV\TotalAV.exe {09577EC4355FDBD6DB33CCE677C17CA8}.
HKCU\Software\SSProtect
HKCU\Software\drpsu
HKLM\SOFTWARE\Wow6432Node\drpsu
HKLM\SOFTWARE\Wow6432Node\UCBrowserPID
HKLM\SOFTWARE\drpsu
HKLM\SOFTWARE\UCBrowserPID
HKLM\System\CurrentControlSet\Services\EventLog\Application\SecurityService
HKLM\SOFTWARE\WOW6432Node\DriverDoc
HKCU\SOFTWARE\173a9bac-6f0d-50c4-8202-4744c69d091a
HKCU\SOFTWARE\DriverDoc
HKU\S-1-5-21-158993690-1269080673-3091534466-1000\SOFTWARE\173a9bac-6f0d-50c4-8202-4744c69d091a
HKU\S-1-5-21-158993690-1269080673-3091534466-1000\SOFTWARE\DriverDoc
HKU\S-1-5-21-158993690-1269080673-3091534466-1000\SOFTWARE\drpsu
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DriverDoc_is1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\TotalAV
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\DriverDoc_is1
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\TotalAV
C:\Program Files (x86)\TotalAV
C:\ProgramData\SecuritySuite
C:\ProgramData\TotalAV
C:\Users\UEFM LFS Hyper UEFM\AppData\Roaming\DriverDoc
C:\Users\UEFM LFS Hyper UEFM\AppData\Local\UCBrowser
C:\WINDOWS\Prefetch\TOTALAV.EXE-1A4EEC9C.pf
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\WinRAR32
HKLM\Software\Classes\CLSID\{B41DB860-8EE4-11D2-9906-E49FADC173CA}
HKLM\Software\Classes\lnkfile\shellex\ContextMenuHandlers\WinRAR32
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\WinRAR32
HKCU\Software\SSProtect
HKCU\Software\drpsu
HKLM\SOFTWARE\Wow6432Node\drpsu
HKLM\SOFTWARE\Wow6432Node\UCBrowserPID
HKLM\SOFTWARE\drpsu
HKLM\SOFTWARE\UCBrowserPID
HKLM\System\CurrentControlSet\Services\EventLog\Application\SecurityService
EmptyPrefetch
EmptyClsid
---\\ LOGICIEL. (0)
---\\ SERVICE. (0)
---\\ TÂCHE PLANIFIÉE. (0)
---\\ NAVIGATEUR INTERNET. (0)
---\\ EXPLORATEUR ( Dossiers, Fichiers ). (7)
DEPLACÉ Fichier Shortcut: C:\Users\Public\Desktop\TotalAV.lnk
SUPPRIMÉ Dossier : C:\Program Files (x86)\TotalAV
SUPPRIMÉ Dossier : C:\ProgramData\SecuritySuite
SUPPRIMÉ Dossier : C:\ProgramData\TotalAV
SUPPRIMÉ Dossier : C:\Users\UEFM LFS Hyper UEFM\AppData\Roaming\DriverDoc
SUPPRIMÉ Dossier : C:\Users\UEFM LFS Hyper UEFM\AppData\Local\UCBrowser
DEPLACÉ Fichier : C:\WINDOWS\Prefetch\TOTALAV.EXE-1A4EEC9C.pf
---\\ REGISTRE ( Clés, Valeurs, Données ). (27)
ABSENT Valeur Run: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ [C:\Program Files\Ashampoo\Ashampoo Backup 2023\bin\backupClient-ab.exe (.Not File.)]
SUPPRIMÉ Clé: HKCU\Software\SSProtect [SSProtect]
SUPPRIMÉ Clé: HKCU\Software\drpsu [drpsu]
SUPPRIMÉ Clé: HKLM\SOFTWARE\Wow6432Node\drpsu [drpsu]
SUPPRIMÉ Clé: HKLM\SOFTWARE\Wow6432Node\UCBrowserPID [UCBrowserPID]
ABSENT Clé: HKLM\SOFTWARE\drpsu
ABSENT Clé: HKLM\SOFTWARE\UCBrowserPID
SUPPRIMÉ Clé: HKLM\System\CurrentControlSet\Services\EventLog\Application\SecurityService [SecurityService]
SUPPRIMÉ Clé: HKLM\SOFTWARE\WOW6432Node\DriverDoc [DriverDoc]
SUPPRIMÉ Clé: HKCU\SOFTWARE\173a9bac-6f0d-50c4-8202-4744c69d091a [173a9bac-6f0d-50c4-8202-4744c69d091a]
SUPPRIMÉ Clé: HKCU\SOFTWARE\DriverDoc [DriverDoc]
ABSENT Clé: HKU\S-1-5-21-158993690-1269080673-3091534466-1000\SOFTWARE\173a9bac-6f0d-50c4-8202-4744c69d091a
ABSENT Clé: HKU\S-1-5-21-158993690-1269080673-3091534466-1000\SOFTWARE\DriverDoc
ABSENT Clé: HKU\S-1-5-21-158993690-1269080673-3091534466-1000\SOFTWARE\drpsu
VERROUILLÉ Clé *: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DriverDoc_is1
VERROUILLÉ Clé *: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\TotalAV
SUPPRIMÉ Clé: HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\DriverDoc_is1 [DriverDoc_is1]
SUPPRIMÉ Clé: HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\TotalAV [TotalAV]
SUPPRIMÉ Clé: HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\WinRAR32 [WinRAR32]
VERROUILLÉ Clé *: HKLM\Software\Classes\CLSID\{B41DB860-8EE4-11D2-9906-E49FADC173CA}
SUPPRIMÉ Clé: HKLM\Software\Classes\lnkfile\shellex\ContextMenuHandlers\WinRAR32 [WinRAR32]
SUPPRIMÉ Clé: HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\WinRAR32 [WinRAR32]
ABSENT Clé: HKCU\Software\SSProtect
ABSENT Clé: HKCU\Software\drpsu
ABSENT Clé: HKLM\SOFTWARE\Wow6432Node\drpsu
ABSENT Clé: HKLM\SOFTWARE\Wow6432Node\UCBrowserPID
ABSENT Clé: HKLM\System\CurrentControlSet\Services\EventLog\Application\SecurityService
---\\ COMMANDE. (2)
~ EmptyPrefetch: Fichiers Prefetcher supprimés (345)
~ EmptyCSID: Dossiers CLSID vides supprimés (0)
---\\ NON TRAITÉ. (0)
***** ~ Fin de rapport terminé en 08mn10s