~ ZHPCleaner v2019.4.18.50 by Nicolas Coolman (2019/04/18)
~ Run by Louis (Administrator)  (19/04/2019 12:14:50)
~ Web: https://www.nicolascoolman.com
~ Blog: https://nicolascoolman.eu/
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Version OK
~ Certificate ZHPCleaner: Legal
~ Type : Scan
~ Report : C:\Users\Louis\Desktop\ZHPCleaner (S).txt
~ Quarantine : C:\Users\Louis\AppData\Roaming\ZHP\ZHPCleaner_Reg.txt
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
Windows 10 Pro, 64-bit  (Build 17763)

---\  Alternate Data Stream (ADS). (0)
~ No malicious or unnecessary items found. (ADS)

---\  Services (0)
~ No malicious or unnecessary items found. (Service)

---\  Browser internet (0)
~ No malicious or unnecessary items found. (Browser)

---\  Hosts file (1)
~ The hosts file is legitimate (21)

---\  Scheduled automatic tasks. (0)
~ No malicious or unnecessary items found. (Task)

---\  Explorer ( File, Folder) (39)
FOUND folder: C:\Users\Louis\AppData\Roaming\PDAppFlex  =>Trojan.Elpman
FOUND file: C:\Windows\Prefetch\TOTALAV.EXE-6037D4D2.pf    =>.SUP.TotalAV
FOUND file: C:\Windows\Prefetch\TOTALAV_SETUP.EXE-803EE1E2.pf    =>.SUP.TotalAV
FOUND file: C:\Windows\Installer\wix{1FD817A6-63E1-4519-BFD4-228DABB7AB6B}.SchedServiceConfig.rmi    =>.SUP.Empty
FOUND file: C:\Windows\Installer\wix{3DDA8C8B-7623-42DE-81C3-9E41CAD4F14A}.SchedServiceConfig.rmi    =>.SUP.Empty
FOUND file: C:\Windows\Installer\wix{9CBA860F-7437-4A75-941C-8EF559F2D145}.SchedServiceConfig.rmi    =>.SUP.Empty
FOUND file: C:\Windows\Installer\wix{B2E25355-C24E-4E7D-8AD3-455D59810838}.SchedServiceConfig.rmi    =>.SUP.Empty
FOUND file: C:\Windows\Installer\wix{C5FDDED7-DEC7-48B4-AFD8-DFB8A0FD199A}.SchedServiceConfig.rmi    =>.SUP.Empty
FOUND file: C:\Windows\Installer\wix{C99F4AFA-B32C-4063-865C-D7B5CC0A78FB}.SchedServiceConfig.rmi    =>.SUP.Empty
FOUND file: C:\Windows\Installer\wix{F814D094-197F-43C8-87FA-3210BB780486}.SchedServiceConfig.rmi    =>.SUP.Empty
FOUND file: C:\Windows\Installer\wix{FBA3961B-D1DF-493C-BC1F-E67D3B832895}.SchedServiceConfig.rmi    =>.SUP.Empty
FOUND file: C:\Users\Louis\Downloads\TotalAV_Setup.exe [(C) SS Protect Ltd - TotalAV Ultimate Antivirus Installer]  =>.SUP.TotalAV
FOUND file: C:\Users\Louis\AppData\Local\Temp\aria-debug-1844.log    =>.SUP.Temporary.OneDrive
FOUND file: C:\Users\Louis\AppData\Local\Temp\wct322.tmp    =>.SUP.Temporary.Office
FOUND file: C:\Users\Louis\AppData\Local\Temp\wctDB04.tmp    =>.SUP.Temporary.Office
FOUND file: C:\Users\Louis\AppData\Local\Temp\~DF2B99D9C9260551D3.TMP    =>.SUP.Temporary.Other
FOUND file: C:\Users\Louis\AppData\Local\Temp\~DF3070F81E0F15D8D8.TMP    =>.SUP.Temporary.Other
FOUND file: C:\Users\Louis\AppData\Local\Temp\~DFA930EF336B4DD9A7.TMP    =>.SUP.Temporary.Other
FOUND file: C:\Users\Louis\AppData\Local\Temp\~DFABDB7FA06B320F41.TMP    =>.SUP.Temporary.Other
FOUND file: C:\Users\Louis\AppData\Local\Temp\~DFAEF64A98C4301760.TMP    =>.SUP.Temporary.Other
FOUND file: C:\Users\Louis\AppData\Local\Temp\~DFBA25AC7FFA555A5A.TMP    =>.SUP.Temporary.Other
FOUND file: C:\Users\Louis\AppData\Local\Temp\~DFC4E60E4BA217A38D.TMP    =>.SUP.Temporary.Other
FOUND file: C:\Users\Louis\AppData\Local\Temp\~DFCA6C3D20A7A8F723.TMP    =>.SUP.Temporary.Other
FOUND folder: C:\Users\Louis\Documents\TotalAV\PasswordVault  =>.SUP.TotalAV
FOUND folder: C:\Users\Louis\Documents\TotalAV  =>.SUP.TotalAV
FOUND folder: C:\Program Files (x86)\IOBIT\Driver Booster  =>.SUP.Energize
FOUND folder: C:\Program Files (x86)\Common Files\IObit\Advanced SystemCare  =>.SUP.AdvancedSystemCare
FOUND folder: C:\ProgramData\IOBIT\Driver Booster  =>.SUP.Energize
FOUND folder: C:\ProgramData\IObit\Advanced SystemCare  =>.SUP.AdvancedSystemCare
FOUND folder: C:\ProgramData\SecuritySuite  =>.SUP.ScanGuard
FOUND folder: C:\ProgramData\Application Data\IObit\ASCDownloader  =>.SUP.AdvancedSystemCare
FOUND folder: C:\ProgramData\IObit\ASCDownloader  =>.SUP.AdvancedSystemCare
FOUND folder: C:\Users\Louis\AppData\LocalLow\IObit\Advanced SystemCare  =>.SUP.AdvancedSystemCare
FOUND folder: C:\Users\Louis\AppData\Roaming\IOBIT\Driver Booster  =>.SUP.Energize
FOUND folder: C:\Users\Louis\AppData\Roaming\IObit\Advanced SystemCare  =>.SUP.AdvancedSystemCare
FOUND folder: C:\WINDOWS\Installer\MSI6E1F.tmp-  =>.SUP.Empty
FOUND folder: C:\WINDOWS\Installer\MSI7A93.tmp-  =>.SUP.Empty
FOUND folder: C:\WINDOWS\Installer\MSI7C5A.tmp-  =>.SUP.Empty
FOUND folder: C:\WINDOWS\Installer\MSI9852.tmp-  =>.SUP.Empty

---\  Registry ( Key, Value, Data) (17)
FOUND key: [X64] HKLM\SOFTWARE\81bfc699-f883-50c7-b674-2483b6baae23 []  =>Adware.CrossRider
FOUND key: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\TotalAV_RASAPI32 []  =>.SUP.TotalAV
FOUND key: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\TotalAV_RASMANCS []  =>.SUP.TotalAV
FOUND value: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run\\Advanced SystemCare Ultimate [0x03000000E0770F10EC98D401]  =>.SUP.AdvancedSystemCare
FOUND value: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run\\EpicGamesLauncher [0x03000000806C4013EC98D401]  =>Heuristic.Suspect
FOUND value: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run\\Application Restart #3 [0x03000000C0E0188D7FC2D401]  =>.SUP.HideBaid
FOUND key: HKCU\Software\undefined []  =>.SUP.Downloader
FOUND key: HKLM\SOFTWARE\Wow6432Node\IObit\Advanced SystemCare []  =>.SUP.AdvancedSystemCare
FOUND key: HKLM\SOFTWARE\Wow6432Node\IObit\ASC []  =>.SUP.AdvancedSystemCare
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files (x86)\NZXT\CAM\ChipsetDriver\Legacy Driver\ [No Folder]  =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files (x86)\NZXT\CAM\ChipsetDriver\ [No Folder]  =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files (x86)\NZXT\CAM\ChipsetDriver\Driver Installation Tool\ [No Folder]  =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files (x86)\NZXT\CAM\ChipsetDriver\Driver Installation Tool\x64\ [No Folder]  =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files (x86)\NZXT\CAM\ChipsetDriver\Driver Installation Tool\x86\ [No Folder]  =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files (x86)\NZXT\CAM\KrakenDriver\ [No Folder]  =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files (x86)\NZXT\CAM\KrakenDriver\x64\ [No Folder]  =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files (x86)\NZXT\CAM\KrakenDriver\x86\ [No Folder]  =>.SUP.Obsolete.NoFolder

---\  Summary of the elements found (14)
https://nicolascoolman.eu/2017/09/23/trojan-elpman/  =>Trojan.Elpman
https://nicolascoolman.eu/2017/10/30/sup-totalav/  =>.SUP.TotalAV
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/  =>.SUP.Empty
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/  =>.SUP.Temporary.OneDrive
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/  =>.SUP.Temporary.Office
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/  =>.SUP.Temporary.Other
https://www.anti-malware.top/2016/11/06/superfluous-energize/  =>.SUP.Energize
https://nicolascoolman.eu/2017/12/26/sup-advancedsystemcare/  =>.SUP.AdvancedSystemCare
https://nicolascoolman.eu/2017/12/21/sup-scanguard/  =>.SUP.ScanGuard
https://nicolascoolman.eu/2017/03/11/pup-optional-crossrider/  =>Adware.CrossRider
https://nicolascoolman.eu/2017/01/28/heuristic-suspect/  =>Heuristic.Suspect
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/  =>.SUP.HideBaid
https://nicolascoolman.eu/2017/12/22/sup-downloader/  =>.SUP.Downloader
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/  =>.SUP.Obsolete.NoFolder

---\ Result of repair
~ Any repair made
~ Browser not found (Mozilla Firefox)
~ Browser not found (Opera Software)

---\ Statistics
~ Items scanned : 96945
~ Items found : 58
~ Items cancelled : 0
~ Items options : 12/12
~ Space saving (bytes) : 167536
~ End of search in 00h03mn59s

---\  Reports (3)
ZHPCleaner-[S]-19042019-00_06_16.txt
ZHPCleaner-[S]-19042019-11_39_51.txt
ZHPCleaner-[S]-19042019-12_18_49.txt