~ ZHPFix v2018.9.7.170 by Nicolas Coolman (2018/09/07)
~ Run by olivier (Administrator)  (22/09/2018 12:39:59)
~ Web: https://www.nicolascoolman.com
~ Blog: https://nicolascoolman.eu/
~ Certificate ZHPFix: Legal
~ State version : Version OK
~ Report : C:\Users\olivier\Desktop\ZHPFix.txt
~ Quarantine : HKCU\SOFTWARE\ZHP\ZHPFix\Quarantine\
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
Windows 10 Pro, 64-bit  (Build 17134)



---\\  SCRIPT DE L'UTILISATEUR.  (54)
Script ZHPFix
EmptyCLSID
EmptyFlash
EmptyTemp
EmptyPrefetch
C:\Program Files\JLAUQJ8YK3
C:\Program Files\LC3Z5QEZCT
C:\ProgramData\Logic Cramble
C:\Users\olivier\AppData\Local\XService
C:\WINDOWS\Prefetch\BROWSERPROTECT.EXE-33864BB1.pf
C:\WINDOWS\System32\drivers\powzip.sys
C:\ProgramData\16b8f0c6-7767-4dd2-894e-81510040f88d
C:\ProgramData\55e0cb0e-c21b-4f2d-ac71-2f3455b1b89f
C:\ProgramData\dec5f87f-7c1a-45d2-bbb0-52d9d01ae1ab
C:\Program Files\JLAUQJ8YK3\uninstaller.exe
C:\Program Files\LC3Z5QEZCT\uninstaller.exe
[HKCU\SOFTWARE\Microsoft\Internet Explorer\Main]:Search Page="http://%66%65%65%64.%73%6f%6e%69%63-%73%65%61%72%63%68.%63%6f%6d/?p=mko_awfzxipyrahdgkbrhojyn9_5edl7qppmxkv50zotoqomkeoe6zrbeaw3szrpdklly0sbgq_zweoaurhkpyqxej-l4gc2jfjalfnhl30s1zbbgplr465qyb_uirpii_lqt5n2op-hjh4dqcxsbxtbhl46rge-uj7vk4y0qve5lzt_fqjvxtryenmhyrfvpywyszghiojsda,,&q={searchterms}"
[HKCU\SOFTWARE\Microsoft\Internet Explorer\Main]:Search Bar="http://%66%65%65%64.%73%6f%6e%69%63-%73%65%61%72%63%68.%63%6f%6d/?p=mko_awfzxipyrahdgkbrhojyn9_5edl7qppmxkv50zotoqomkeoe6zrbeaw3szrpdklly0sbgq_zweoaurhkpyqxej-l4gc2jfjalfnhl30s1zbbgplr465qyb_uirpii_lqt5n2op-hjh4dqcxsbxtbhl46rge-uj7vk4y0qve5lzt_fqjvxtryenmhyrfvpywyszghiojsda,,&q={searchterms}"
[HKCU\SOFTWARE\Microsoft\Internet Explorer\Search]:Default_Search_URL="http://%66%65%65%64.%73%6f%6e%69%63-%73%65%61%72%63%68.%63%6f%6d/?p=mko_awfzxipyrahdgkbrhojyn9_5edl7qppmxkv50zotoqomkeoe6zrbeaw3szrpdklly0sbgq_zweoaurhkpyqxej-l4gc2jfjalfnhl30s1zbbgplr465qyb_uirpii_lqt5n2op-hjh4dqcxsbxtbhl46rge-uj7vk4y0qve5lzt_fqjvxtryenmhyrfvpywyszghiojsda,,&q={searchterms}"
[HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchUrl]:Default="http://%66%65%65%64.%73%6f%6e%69%63-%73%65%61%72%63%68.%63%6f%6d/?p=mko_awfzxipyrahdgkbrhojyn9_5edl7qppmxkv50zotoqomkeoe6zrbeaw3szrpdklly0sbgq_zweoaurhkpyqxej-l4gc2jfjalfnhl30s1zbbgplr465qyb_uirpii_lqt5n2op-hjh4dqcxsbxtbhl46rge-uj7vk4y0qve5lzt_fqjvxtryenmhyrfvpywyszghiojsda,,&q={searchterms}"
[HKEY_USERS\S-1-5-21-1032664968-3198774162-419895097-1001\SOFTWARE\Microsoft\Internet Explorer\Main]:Search Bar="http://%66%65%65%64.%73%6f%6e%69%63-%73%65%61%72%63%68.%63%6f%6d/?p=mko_awfzxipyrahdgkbrhojyn9_5edl7qppmxkv50zotoqomkeoe6zrbeaw3szrpdklly0sbgq_zweoaurhkpyqxej-l4gc2jfjalfnhl30s1zbbgplr465qyb_uirpii_lqt5n2op-hjh4dqcxsbxtbhl46rge-uj7vk4y0qve5lzt_fqjvxtryenmhyrfvpywyszghiojsda,,&q={searchterms}"
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:Advanced SystemCare 11
[HKEY_USERS\S-1-5-21-1032664968-3198774162-419895097-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:Advanced SystemCare 11
HKLM\SOFTWARE\Wow6432Node\Classes\TypeLib\{60AD0991-ECD4-49DC-B170-8B7E7C60F51B}
HKLM\SOFTWARE\IObit\RealTimeProtector
HKLM\SOFTWARE\Iobit\ASC
HKLM\SOFTWARE\Classes\TypeLib\{60AD0991-ECD4-49DC-B170-8B7E7C60F51B}
HKCU\SOFTWARE\System Healer
HKU\S-1-5-21-1032664968-3198774162-419895097-1001\SOFTWARE\System Healer
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Healer
C:\ProgramData\PrefsSecure
C:\ProgramData\TSRProSettings
C:\Users\olivier\AppData\Roaming\SystemHealer
C:\WINDOWS\Prefetch\ADVANCEDSYSTEMREPAIRPRO.EXE-44ACFA98.pf
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\SmartMountShlExt
HKLM\Software\Classes\CLSID\{3871F95B-BF7A-4C17-950B-3ECBCA765A45}
HKLM\Software\WOW6432Node\Classes\CLSID\{3871F95B-BF7A-4C17-950B-3ECBCA765A45}
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\SMShellExts
HKLM\Software\Classes\CLSID\{3871F95B-BF7A-4c17-950B-3ECBCA765A45}
HKLM\Software\WOW6432Node\Classes\CLSID\{3871F95B-BF7A-4c17-950B-3ECBCA765A45}
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\WinRAR32
HKLM\Software\Classes\CLSID\{B41DB860-8EE4-11D2-9906-E49FADC173CA}
HKLM\Software\WOW6432Node\Classes\CLSID\{B41DB860-8EE4-11D2-9906-E49FADC173CA}
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\WinRAR32
HKLM\Software\Classes\CLSID\{B41DB860-8EE4-11D2-9906-E49FADC173CA}
HKLM\Software\WOW6432Node\Classes\CLSID\{B41DB860-8EE4-11D2-9906-E49FADC173CA}
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{ielnksrch}]:URL=""
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\SmartMountShlExt
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\SMShellExts
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\WinRAR32
HKLM\Software\Classes\CLSID\{B41DB860-8EE4-11D2-9906-E49FADC173CA}
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\WinRAR32
HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{ielnksrch}
C:\Users\olivier\AppData\Local\Google\Chrome\User Data\Default\File System\000


---\\  LOGICIEL.  (0)


---\\  SERVICE.  (0)


---\\  TÂCHE PLANIFIÉE.  (0)


---\\  NAVIGATEUR INTERNET.  (0)


---\\  EXPLORATEUR ( Dossiers, Fichiers ).  (17)
SUPPRIMÉ Dossier EmptyCLSID: C:\ProgramData\{13CFD044-61E4-4EAC-AD61-02536D961216}
DEPLACÉ Fichier Temp: C:\Users\olivier\AppData\Local\Temp\JavaDeployReg.log
DEPLACÉ Fichier Temp: C:\Users\olivier\AppData\Local\Temp\jusched.log
DEPLACÉ Fichier Temp: C:\Users\olivier\AppData\Local\Temp\StructuredQuery.log
SUPPRIMÉ Redémarrage  Fichier Temp^: C:\Users\olivier\AppData\Local\Temp\is-FLL41.tmp
SUPPRIMÉ Dossier : C:\Program Files\JLAUQJ8YK3
SUPPRIMÉ Dossier : C:\Program Files\LC3Z5QEZCT
SUPPRIMÉ Dossier : C:\ProgramData\Logic Cramble
SUPPRIMÉ Dossier : C:\Users\olivier\AppData\Local\XService
SUPPRIMÉ Dossier : C:\ProgramData\16b8f0c6-7767-4dd2-894e-81510040f88d
SUPPRIMÉ Dossier : C:\ProgramData\55e0cb0e-c21b-4f2d-ac71-2f3455b1b89f
SUPPRIMÉ Dossier : C:\ProgramData\dec5f87f-7c1a-45d2-bbb0-52d9d01ae1ab
SUPPRIMÉ Dossier : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Healer
SUPPRIMÉ Dossier : C:\ProgramData\PrefsSecure
SUPPRIMÉ Dossier : C:\ProgramData\TSRProSettings
SUPPRIMÉ Dossier : C:\Users\olivier\AppData\Roaming\SystemHealer
SUPPRIMÉ Dossier : C:\Users\olivier\AppData\Local\Google\Chrome\User Data\Default\File System\000


---\\  REGISTRE ( Clés, Valeurs, Données ).  (18)
REMPLACÉ Donnée : http://%66%65%65%64.%73%6f%6e%69%63-%73%65%61%72%63%68.%63%6f%6d/?p=mko_awfzxipyrahdgkbrhojyn9_5edl7qppmxkv50zotoqomkeoe6zrbeaw3szrpdklly0sbgq_zweoaurhkpyqxej-l4gc2jfjalfnhl30s1zbbgplr465qyb_uirpii_lqt5n2op-hjh4dqcxsbxtbhl46rge-uj7vk4y0qve5lzt_fqjvxtryenmhyrfvpywyszghiojsda,,&q={searchterms} [HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Page]
REMPLACÉ Donnée : http://%66%65%65%64.%73%6f%6e%69%63-%73%65%61%72%63%68.%63%6f%6d/?p=mko_awfzxipyrahdgkbrhojyn9_5edl7qppmxkv50zotoqomkeoe6zrbeaw3szrpdklly0sbgq_zweoaurhkpyqxej-l4gc2jfjalfnhl30s1zbbgplr465qyb_uirpii_lqt5n2op-hjh4dqcxsbxtbhl46rge-uj7vk4y0qve5lzt_fqjvxtryenmhyrfvpywyszghiojsda,,&q={searchterms} [HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Bar]
REMPLACÉ Donnée : http://%66%65%65%64.%73%6f%6e%69%63-%73%65%61%72%63%68.%63%6f%6d/?p=mko_awfzxipyrahdgkbrhojyn9_5edl7qppmxkv50zotoqomkeoe6zrbeaw3szrpdklly0sbgq_zweoaurhkpyqxej-l4gc2jfjalfnhl30s1zbbgplr465qyb_uirpii_lqt5n2op-hjh4dqcxsbxtbhl46rge-uj7vk4y0qve5lzt_fqjvxtryenmhyrfvpywyszghiojsda,,&q={searchterms} [HKCU\SOFTWARE\Microsoft\Internet Explorer\Search\\Default_Search_URL]
REMPLACÉ Donnée : http://%66%65%65%64.%73%6f%6e%69%63-%73%65%61%72%63%68.%63%6f%6d/?p=mko_awfzxipyrahdgkbrhojyn9_5edl7qppmxkv50zotoqomkeoe6zrbeaw3szrpdklly0sbgq_zweoaurhkpyqxej-l4gc2jfjalfnhl30s1zbbgplr465qyb_uirpii_lqt5n2op-hjh4dqcxsbxtbhl46rge-uj7vk4y0qve5lzt_fqjvxtryenmhyrfvpywyszghiojsda,,&q={searchterms} [HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchUrl\\Default]
REMPLACÉ Donnée : http://%66%65%65%64.%73%6f%6e%69%63-%73%65%61%72%63%68.%63%6f%6d/?p=mko_awfzxipyrahdgkbrhojyn9_5edl7qppmxkv50zotoqomkeoe6zrbeaw3szrpdklly0sbgq_zweoaurhkpyqxej-l4gc2jfjalfnhl30s1zbbgplr465qyb_uirpii_lqt5n2op-hjh4dqcxsbxtbhl46rge-uj7vk4y0qve5lzt_fqjvxtryenmhyrfvpywyszghiojsda,,&q={searchterms} [HKEY_USERS\S-1-5-21-1032664968-3198774162-419895097-1001\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Bar]
SUPPRIMÉ Clé: HKLM\SOFTWARE\Wow6432Node\Classes\TypeLib\{60AD0991-ECD4-49DC-B170-8B7E7C60F51B} [{60AD0991-ECD4-49DC-B170-8B7E7C60F51B}]
SUPPRIMÉ Clé: HKLM\SOFTWARE\IObit\RealTimeProtector [RealTimeProtector]
SUPPRIMÉ Clé: HKLM\SOFTWARE\Iobit\ASC [ASC]
SUPPRIMÉ Clé: HKCU\SOFTWARE\System Healer [System Healer]
SUPPRIMÉ Clé: HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\SmartMountShlExt [SmartMountShlExt]
SUPPRIMÉ Clé: HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\SMShellExts [SMShellExts]
SUPPRIMÉ Clé: HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\WinRAR32 [WinRAR32]
SUPPRIMÉ Clé: HKLM\Software\Classes\CLSID\{B41DB860-8EE4-11D2-9906-E49FADC173CA} [{B41DB860-8EE4-11D2-9906-E49FADC173CA}]
SUPPRIMÉ Clé: HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\WinRAR32 [WinRAR32]
REMPLACÉ Donnée :  [HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{ielnksrch}\\URL]
SUPPRIMÉ Clé: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{ielnksrch} [{ielnksrch}]
SUPPRIMÉ Valeur: Advanced SystemCare 11 [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]
SUPPRIMÉ Valeur: Advanced SystemCare 11 [HKEY_USERS\S-1-5-21-1032664968-3198774162-419895097-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]


---\\  COMMANDE.  (4)
~ EmptyCSID: Dossiers CLSID vides supprimés  (1)
~ EmptyFlash: Dossier FlashPlayer vide.
~ EmptyTemp: Dossier Local temp partiellement vidé  (4)
~ EmptyPrefetch: Fichiers Prefetcher supprimés (393)


---\\  NON TRAITÉ.  (0)

~ Le système a été redémarré.

***** ~ Fin de rapport terminé en 00h00mn46s