~ ZHPFix v2023.3.14.13 by Nicolas Coolman (2023/03/14) ~ Run by UEFM LFS Hyper UEFM (Administrator) (22/03/2023 12:25:46) ~ Web: https://www.nicolascoolman.com ~ Blog: https://nicolascoolman.eu/ ~ Report : C:\Users\UEFM LFS Hyper UEFM\Desktop\ZHPFix.txt ~ Quarantine : HKCU\SOFTWARE\ZHP\ZHPFix\Quarantine\ ~ UAC : Activate ~ Boot Mode : Normal (Normal boot) Windows 10 Home, 64-bit (Build 19045) ---\\ SCRIPT DE L'UTILISATEUR. (40) Start:: O4 - HKLM\..\Run: [Ashampoo Backup] . (. - .) -- C:\Program Files\Ashampoo\Ashampoo Backup 2023\bin\backupClient-ab.exe (.Not File.) O4 - GS\CommonDesktop [Public]: TotalAV.lnk . (.TotalAV - TotalAV Ultimate Antivirus User Interface.) C:\Program Files (x86)\TotalAV\TotalAV.exe {09577EC4355FDBD6DB33CCE677C17CA8}. HKCU\Software\SSProtect HKCU\Software\drpsu HKLM\SOFTWARE\Wow6432Node\drpsu HKLM\SOFTWARE\Wow6432Node\UCBrowserPID HKLM\SOFTWARE\drpsu HKLM\SOFTWARE\UCBrowserPID HKLM\System\CurrentControlSet\Services\EventLog\Application\SecurityService HKLM\SOFTWARE\WOW6432Node\DriverDoc HKCU\SOFTWARE\173a9bac-6f0d-50c4-8202-4744c69d091a HKCU\SOFTWARE\DriverDoc HKU\S-1-5-21-158993690-1269080673-3091534466-1000\SOFTWARE\173a9bac-6f0d-50c4-8202-4744c69d091a HKU\S-1-5-21-158993690-1269080673-3091534466-1000\SOFTWARE\DriverDoc HKU\S-1-5-21-158993690-1269080673-3091534466-1000\SOFTWARE\drpsu HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DriverDoc_is1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\TotalAV HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\DriverDoc_is1 HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\TotalAV C:\Program Files (x86)\TotalAV C:\ProgramData\SecuritySuite C:\ProgramData\TotalAV C:\Users\UEFM LFS Hyper UEFM\AppData\Roaming\DriverDoc C:\Users\UEFM LFS Hyper UEFM\AppData\Local\UCBrowser C:\WINDOWS\Prefetch\TOTALAV.EXE-1A4EEC9C.pf HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\WinRAR32 HKLM\Software\Classes\CLSID\{B41DB860-8EE4-11D2-9906-E49FADC173CA} HKLM\Software\Classes\lnkfile\shellex\ContextMenuHandlers\WinRAR32 HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\WinRAR32 HKCU\Software\SSProtect HKCU\Software\drpsu HKLM\SOFTWARE\Wow6432Node\drpsu HKLM\SOFTWARE\Wow6432Node\UCBrowserPID HKLM\SOFTWARE\drpsu HKLM\SOFTWARE\UCBrowserPID HKLM\System\CurrentControlSet\Services\EventLog\Application\SecurityService EmptyPrefetch EmptyClsid ---\\ LOGICIEL. (0) ---\\ SERVICE. (0) ---\\ TÂCHE PLANIFIÉE. (0) ---\\ NAVIGATEUR INTERNET. (0) ---\\ EXPLORATEUR ( Dossiers, Fichiers ). (7) DEPLACÉ Fichier Shortcut: C:\Users\Public\Desktop\TotalAV.lnk SUPPRIMÉ Dossier : C:\Program Files (x86)\TotalAV SUPPRIMÉ Dossier : C:\ProgramData\SecuritySuite SUPPRIMÉ Dossier : C:\ProgramData\TotalAV SUPPRIMÉ Dossier : C:\Users\UEFM LFS Hyper UEFM\AppData\Roaming\DriverDoc SUPPRIMÉ Dossier : C:\Users\UEFM LFS Hyper UEFM\AppData\Local\UCBrowser DEPLACÉ Fichier : C:\WINDOWS\Prefetch\TOTALAV.EXE-1A4EEC9C.pf ---\\ REGISTRE ( Clés, Valeurs, Données ). (27) ABSENT Valeur Run: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ [C:\Program Files\Ashampoo\Ashampoo Backup 2023\bin\backupClient-ab.exe (.Not File.)] SUPPRIMÉ Clé: HKCU\Software\SSProtect [SSProtect] SUPPRIMÉ Clé: HKCU\Software\drpsu [drpsu] SUPPRIMÉ Clé: HKLM\SOFTWARE\Wow6432Node\drpsu [drpsu] SUPPRIMÉ Clé: HKLM\SOFTWARE\Wow6432Node\UCBrowserPID [UCBrowserPID] ABSENT Clé: HKLM\SOFTWARE\drpsu ABSENT Clé: HKLM\SOFTWARE\UCBrowserPID SUPPRIMÉ Clé: HKLM\System\CurrentControlSet\Services\EventLog\Application\SecurityService [SecurityService] SUPPRIMÉ Clé: HKLM\SOFTWARE\WOW6432Node\DriverDoc [DriverDoc] SUPPRIMÉ Clé: HKCU\SOFTWARE\173a9bac-6f0d-50c4-8202-4744c69d091a [173a9bac-6f0d-50c4-8202-4744c69d091a] SUPPRIMÉ Clé: HKCU\SOFTWARE\DriverDoc [DriverDoc] ABSENT Clé: HKU\S-1-5-21-158993690-1269080673-3091534466-1000\SOFTWARE\173a9bac-6f0d-50c4-8202-4744c69d091a ABSENT Clé: HKU\S-1-5-21-158993690-1269080673-3091534466-1000\SOFTWARE\DriverDoc ABSENT Clé: HKU\S-1-5-21-158993690-1269080673-3091534466-1000\SOFTWARE\drpsu VERROUILLÉ Clé *: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DriverDoc_is1 VERROUILLÉ Clé *: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\TotalAV SUPPRIMÉ Clé: HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\DriverDoc_is1 [DriverDoc_is1] SUPPRIMÉ Clé: HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\TotalAV [TotalAV] SUPPRIMÉ Clé: HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\WinRAR32 [WinRAR32] VERROUILLÉ Clé *: HKLM\Software\Classes\CLSID\{B41DB860-8EE4-11D2-9906-E49FADC173CA} SUPPRIMÉ Clé: HKLM\Software\Classes\lnkfile\shellex\ContextMenuHandlers\WinRAR32 [WinRAR32] SUPPRIMÉ Clé: HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\WinRAR32 [WinRAR32] ABSENT Clé: HKCU\Software\SSProtect ABSENT Clé: HKCU\Software\drpsu ABSENT Clé: HKLM\SOFTWARE\Wow6432Node\drpsu ABSENT Clé: HKLM\SOFTWARE\Wow6432Node\UCBrowserPID ABSENT Clé: HKLM\System\CurrentControlSet\Services\EventLog\Application\SecurityService ---\\ COMMANDE. (2) ~ EmptyPrefetch: Fichiers Prefetcher supprimés (345) ~ EmptyCSID: Dossiers CLSID vides supprimés (0) ---\\ NON TRAITÉ. (0) ***** ~ Fin de rapport terminé en 08mn10s