~ ZHPFix v2021.9.16.328 by Nicolas Coolman (2021/09/16)
~ Run by dsupp (Administrator)  (18/09/2021 17:50:27)
~ Web: https://www.nicolascoolman.com
~ Blog: https://nicolascoolman.eu/
~ Report : C:\Users\dsupp\Desktop\ZHPFix.txt
~ Quarantine : HKCU\SOFTWARE\ZHP\ZHPFix\Quarantine\
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
Windows 10 Home, 64-bit  (Build 19042)



---\\  SCRIPT DE L'UTILISATEUR.  (37)
Script Zhpfix
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:Web Companion =>PUP.Optional.LavasoftWebCompanion
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run] :GoogleChromeAutoLaunch_FEB344FB743DA2DEC14B8871F40F6A04 =>PUP.Optional.MyBrowser
[HKEY_USERS\S-1-5-21-1418974773-3887554327-3308135052-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:Web Companion =>PUP.Optional.LavasoftWebCompanion
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\WinRAR32 =>.SUP.Orphan
HKLM\Software\Classes\CLSID\{B41DB860-8EE4-11D2-9906-E49FADC173CA} =>.SUP.Orphelin
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\WinRAR32 =>.SUP.Orphan
C:\Users\dsupp\AppData\Local\Google\Chrome\User Data\Default\File System\000 =>.SUP.Temporary.Chrome
C:\Users\dsupp\AppData\Local\Google\Chrome\User Data\Default\File System\001 =>.SUP.Temporary.Chrome
[454A6CD2E1E63CA9D542DFDAB518FED9] [13/08/2021] (.IObit Information Technology.) - C:\Program Files (x86)\IObit\Protected Folder\unins000.exe =>SUP.Optional.Auslogics
G2 - GCE : Préférence [dsupp][User Data\Default\Extensions] [kmhkepipobnjllejbafajoemahjejdcm] iGraal =>Toolbar.Graal
G2 - GCE : Préférence [dsupp][User Data\Default\Local Extension Settings] [kmhkepipobnjllejbafajoemahjejdcm] =>Toolbar.Graal
C:\Users\dsupp\AppData\Local\Google\Chrome\User Data\Default\Extensions\kmhkepipobnjllejbafajoemahjejdcm =>Toolbar.Graal
C:\Users\dsupp\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\kmhkepipobnjllejbafajoemahjejdcm =>Toolbar.Graal
[HKU\S-1-5-21-1418974773-3887554327-3308135052-1001\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings]:kmhkepipobnjllejbafajoemahjejdcm =>Toolbar.Graal
~ µTorrent v3.5.5.46038 (P2P)
O4 - HKCU\..\Run : [uTorrent] . (.BitTorrent Inc. - µTorrent.) -- C:\Users\dsupp\AppData\Roaming\uTorrent\uTorrent.exe =>BitTorrent (P2P)
O4 - HKCU\..\Exécuter : [ut] . (.BitTorrent Inc. - µTorrent.) -- C:\Users\dsupp\AppData\Roaming\uTorrent\uTorrent.exe =>BitTorrent (P2P)
O4 - HKUS\S-1-5-21-1418974773-3887554327-3308135052-1001\..\Run : [uTorrent] . (.BitTorrent Inc. - µTorrent.) -- C:\Users\dsupp\AppData\Roaming\uTorrent\uTorrent.exe =>BitTorrent (P2P)
O4 - HKUS\S-1-5-21-1418974773-3887554327-3308135052-1001\..\Run : [ut] . (.BitTorrent Inc. - µTorrent.) -- C:\Users\dsupp\AppData\Roaming\uTorrent\uTorrent.exe =>BitTorrent (P2P)
O4 - GS\Quicklaunch [dsupp] : µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) C:\Users\dsupp\AppData\Roaming\uTorrent\uTorrent.exe =>BitTorrent (P2P)
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:uTorrent
[HKEY_USERS\S-1-5-21-1418974773-3887554327-3308135052-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:uTorrent
O42 - Logiciel : µTorrent - (.BitTorrent Inc..) [HKCU][64Bits] -- uTorrent =>BitTorrent (P2P)
HKCU\SOFTWARE\BitTorrent =>.BitTorrent (P2P)
HKCU\SOFTWARE\BitTorrentPersist
HKU\S-1-5-21-1418974773-3887554327-3308135052-1001\SOFTWARE\BitTorrent =>.BitTorrent (P2P)
HKU\S-1-5-21-1418974773-3887554327-3308135052-1001\SOFTWARE\BitTorrentPersist
O43 - CFD : 06/08/2021 - [] D -- C:\Users\dsupp\AppData\Roaming\uTorrent
O43 - CFD : 08/02/2021 - [] D -- C:\Users\dsupp\AppData\Local\BitTorrentHelper
O43 - CFD : 08/02/2021 - [] D -- C:\Users\dsupp\AppData\LocalLow\uTorrent
O87 - FAEL : "{540C1F8D-D51F-4FFF-9903-99ED618C30B7}" [In-None-P6-TRUE] .(.BitTorrent Inc. - µTorrent.) -- C:\Users\dsupp\AppData\Roaming\uTorrent \uTorrent.exe =>BitTorrent (P2P)
O87 - FAEL : "{5DB8BB17-3285-497D-8B4C-2D5D781E396D}" [In-None-P17-TRUE] .(.BitTorrent Inc. - µTorrent.) -- C:\Users\dsupp\AppData\Roaming\uTorrent \uTorrent.exe =>BitTorrent (P2P)
C:\Users\dsupp\AppData\Roaming\uTorrent\uTorrent.exe =>BitTorrent (P2P)
[6F13BCD50963D2F309439E37FD459C7C] [29/07/2021] (.BitTorrent Inc.) - C:\Users\dsupp\AppData\Roaming\uTorrent\uTorrent.exe =>BitTorrent
EmptyPrefetch
EmptyClsid


---\\  LOGICIEL.  (1)
DESINSTALLER : uTorrent


---\\  SERVICE.  (0)


---\\  TÂCHE PLANIFIÉE.  (0)


---\\  NAVIGATEUR INTERNET.  (2)
SUPPRIMÉ Dossier Chrome: C:\Users\dsupp\AppData\Local\Google\Chrome\User Data\Default\Extensions\kmhkepipobnjllejbafajoemahjejdcm
SUPPRIMÉ Redémarrage  Dossier Chrome^: C:\Users\dsupp\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\kmhkepipobnjllejbafajoemahjejdcm


---\\  EXPLORATEUR ( Dossiers, Fichiers ).  (8)
SUPPRIMÉ Dossier : C:\Users\dsupp\AppData\Local\Google\Chrome\User Data\Default\File System\000 
SUPPRIMÉ Redémarrage  Dossier ^: C:\Users\dsupp\AppData\Local\Google\Chrome\User Data\Default\File System\001 
SUPPRIMÉ Redémarrage  Dossier ^: C:\Users\dsupp\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\kmhkepipobnjllejbafajoemahjejdcm 
DEPLACÉ Fichier  Run: C:\Users\dsupp\AppData\Roaming\uTorrent\uTorrent.exe
SUPPRIMÉ Redémarrage  Fichier  Shortcut^: C:\Users\dsupp\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\
SUPPRIMÉ Dossier : C:\Users\dsupp\AppData\Roaming\uTorrent
SUPPRIMÉ Dossier : C:\Users\dsupp\AppData\Local\BitTorrentHelper
SUPPRIMÉ Dossier : C:\Users\dsupp\AppData\LocalLow\uTorrent


---\\  REGISTRE ( Clés, Valeurs, Données ).  (19)
SUPPRIMÉ Valeur : Web Companion [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]
ABSENT Valeur: HKEY_USERS\S-1-5-21-1418974773-3887554327-3308135052-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run []
SUPPRIMÉ Clé: HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\WinRAR32 [WinRAR32 ]
SUPPRIMÉ Redémarrage  Clé ^: HKLM\Software\Classes\CLSID\{B41DB860-8EE4-11D2-9906-E49FADC173CA}
SUPPRIMÉ Clé: HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\WinRAR32 [WinRAR32 ]
SUPPRIMÉ Valeur : kmhkepipobnjllejbafajoemahjejdcm [HKU\S-1-5-21-1418974773-3887554327-3308135052-1001\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings]
ABSENT Valeur Run:  [C:\Users\dsupp\AppData\Roaming\uTorrent\uTorrent.exe]
SUPPRIMÉ Valeur : uTorrent [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]
SUPPRIMÉ Clé: HKCU\SOFTWARE\BitTorrent [BitTorrent ]
SUPPRIMÉ Clé: HKCU\SOFTWARE\BitTorrentPersist [BitTorrentPersist]
ABSENT Clé: HKU\S-1-5-21-1418974773-3887554327-3308135052-1001\SOFTWARE\BitTorrent
ABSENT Clé: HKU\S-1-5-21-1418974773-3887554327-3308135052-1001\SOFTWARE\BitTorrentPersist
ABSENT Valeur FirewallRules: HKLM\SYSTEM\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules [{540C1F8D-D51F-4FFF-9903-99ED618C30B7}]
ABSENT Valeur FirewallRules: HKLM\SYSTEM\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules [{5DB8BB17-3285-497D-8B4C-2D5D781E396D}]
SUPPRIMÉ Valeur: Web Companion  [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]
SUPPRIMÉ Valeur: Web Companion  [HKEY_USERS\S-1-5-21-1418974773-3887554327-3308135052-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]
SUPPRIMÉ Valeur: kmhkepipobnjllejbafajoemahjejdcm  [HKU\S-1-5-21-1418974773-3887554327-3308135052-1001\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings]
SUPPRIMÉ Valeur: uTorrent [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]
SUPPRIMÉ Valeur: uTorrent [HKEY_USERS\S-1-5-21-1418974773-3887554327-3308135052-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]


---\\  COMMANDE.  (2)
~ EmptyPrefetch: Fichiers Prefetcher supprimés (173)
~ EmptyCSID: Dossiers CLSID vides supprimés  (0)


---\\  NON TRAITÉ.  (2)
[454A6CD2E1E63CA9D542DFDAB518FED9] [13/08/2021] (.IObit Information Technology.) - C:\Program Files (x86)\IObit\Protected Folder\unins000.exe 
[6F13BCD50963D2F309439E37FD459C7C] [29/07/2021] (.BitTorrent Inc.) - C:\Users\dsupp\AppData\Roaming\uTorrent\uTorrent.exe 

~ Le système a été redémarré.

***** ~ Fin de rapport terminé en 00mn00s