Rapport de ZHPFix 2015.10.19.9 par Nicolas Coolman, Update du 19/10/2015 Fichier d'export Registre : Run by priver at 17/04/2016 02:06:16 High Elevated Privileges : OK Windows XP Professional Service Pack 3 (Build 2600) Recycle Bin emptied (00mn 14s) Prefetcher emptied ========== Registry keys ========== REMOVES: Service: gupdate REMOVES: Service: LiveUpdateSvc REMOVES: Service: syshost32 REMOVES: [HKLM\SOFTWARE\Classes\CLSID\{CFBFAE00-17A6-11D0-99CB-00C04FD64497}] REMOVES: HKLM\SOFTWARE\AIM Toolbar REMOVES: HKLM\SOFTWARE\Conduit REMOVES: HKLM\SOFTWARE\d2299ce1-3d93-0060-635a-09bf1573fba6 REMOVES: HKLM\SOFTWARE\SearchProtect REMOVES: HKLM\SOFTWARE\Uniblue REMOVES: HKCU\SOFTWARE\APN PIP REMOVES: HKCU\SOFTWARE\ICSW1.11 REMOVES: HKCU\SOFTWARE\Kromtech REMOVES: HKCU\SOFTWARE\Linkey REMOVES: HKCU\SOFTWARE\ProductSetup REMOVES: HKCU\SOFTWARE\SimplyTech REMOVES: HKCU\SOFTWARE\TeleCharger REMOVES: HKCU\SOFTWARE\VB and VBA Program Settings REMOVES: HKCU\SOFTWARE\WebApp REMOVES: SearchScopes :{AFE04A46-D2CD-4B86-B8CC-132F96EA2FC9} REMOVES: SearchScopes :{cf6e4b1c-dbde-457e-9cef-ab8ecac8a5e8} REMOVES:* SearchScopes :{05CE69CA-A467-40B4-A6D0-D63850F144CC} REMOVES:* SearchScopes :{0CACCF86-4D37-4DBE-9AAF-51C817A8A58C} REMOVES:* SearchScopes :{129F152A-0117-474E-80ED-DA48936E3976} REMOVES:* SearchScopes :{48682094-7DFB-4581-9A68-A8414F1C4327} REMOVES:* SearchScopes :{4FC1B895-E129-4345-B101-CF4EF5EF80C8} REMOVES:* SearchScopes :{5A171114-24D8-435B-8A2C-D28AC20D125C} REMOVES:* SearchScopes :{770A317A-D33D-41E4-8BFD-22CCD72426A0} REMOVES:* SearchScopes :{7780F183-7385-4512-8AC8-F4E401767900} REMOVES:* SearchScopes :{79096E8E-F8B5-4F97-9EE8-7E59B5566BFF} REMOVES:* SearchScopes :{91821537-42FB-4108-AF1C-851E2C002716} REMOVES:* SearchScopes :{99155D35-BF19-45A0-A055-B51491CF7947} REMOVES:* SearchScopes :{B7059C95-CACB-4228-AC0E-64094F26A974} REMOVES:* SearchScopes :{C275CF6F-22D6-4939-B6B4-91293CA904F9} REMOVES:* SearchScopes :{FA570E6D-BDB5-46EA-9425-63B9B469D4B2} ========== Registry values ========== REMOVES: FirewallRaz (SP) : C:\Program Files\PANDORA.TV\PanService\KMPProcess.exe REMOVES: FirewallRaz (SP) : C:\Documents and Settings\priver\Local Settings\Application Data\TNT2\2.0.0.1928\TNT2User.exe REMOVES: FirewallRaz (SP) : C:\Program Files\FreeTime\FormatFactory\FormatFactory.exe REMOVES: FirewallRaz (DP) : C:\Documents and Settings\priver\Local Settings\Application Data\TNT2\2.0.0.1928\TNT2User.exe No value present in the exception of registry key (FirewallRaz) REMOVES: URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} REMOVES RunValue: UberIcon ========== Elements of the registry data ========== REMOVES: R1 Search Page = http://www.mystartsearch.com/web/?type=ds&ts=1423896726&from=wpc&uid=WDCXWD800BB-00JHC0_WD-WMAM9K00817608176&q={searchTerms} REMOVES: R1 Search Page = http://services.freshy.com/general/newhometab.php?hometab=home&partner=11343&guid={D3587F80-BE63-4837-9F7B-BF97406B5700}&i= REMOVES: R1 Search Page = http://www.mystartsearch.com/web/?type=ds&ts=1423896739&from=wpc&uid=WDCXWD800BB-00JHC0_WD-WMAM9K00817608176&q={searchTerms} REMOVES: R1 Search Page = http://www.mystartsearch.com/?type=hp&ts=1423896726&from=wpc&uid=WDCXWD800BB-00JHC0_WD-WMAM9K00817608176 REMOVES: R1 Search Page = about:NoAdd-ons REMOVES: R1 Search Page = about:SecurityRisk ========== Preferences browser ========== NOW Chrome File: C:\Documents and Settings\priver\Local Settings\Application Data\Google\Chrome\User Data\Default\Secure Preferences REMOVES Chrome Site: http://www.mystartsearch.com/ REMOVES Chrome Site: http://www.mystartsearch.com/ REMOVES Chrome Site: http://www.mystartsearch.com/ ========== Folders ========== Deletes temporary Windows (69) REMOVES Flash Cookies (1) REMOVES: C:\Documents and Settings\All Users\Application Data\Baidu REMOVES: C:\Documents and Settings\All Users\Application Data\BlockIt Ad remover REMOVES: C:\Documents and Settings\priver\Local Settings\Application Data\IAC REMOVES: C:\Documents and Settings\priver\Local Settings\Application Data\Linkey ========== Files ========== Deletes temporary Windows (47) (2 946 515 octets) REMOVES Flash Cookies (0) (0 octets) REMOVES: c:\program files\google\update\googleupdate.exe REMOVES Reboot: c:\windows\installer\{8b024184-d494-2563-425b-6d1e21ebf3dc}\syshost.exe ========== Scheduled task ========== REMOVES: Adobe Flash Player Updater REMOVES: BitcoinProtect REMOVES: GoogleUpdateTaskMachineCore REMOVES: GoogleUpdateTaskMachineCore REMOVES: GoogleUpdateTaskMachineCore REMOVES: GoogleUpdateTaskMachineCore REMOVES: GoogleUpdateTaskMachineUA ========== Summary ========== 34 : Registry keys 7 : Registry values 6 : Elements of the registry data 6 : Folders 4 : Files 4 : Preferences browser 7 : Scheduled task End of clean in 00mn 43s ========== Path to file report ========== C:\Documents and Settings\priver\Application Data\ZHP\ZHPFix[R1].txt - 17/04/2016 02:06:32 [4924]