Rapport de ZHPFix 2013.3.9.1 par Nicolas Coolman, Update du 9/03/2013 Fichier d'export Registre : Run by Danoulh at 11/04/2013 13:31:06 High Elevated Privileges : OK Windows 7 Ultimate Edition, 32-bit Service Pack 1 (Build 7601) Corbeille vidée ========== Processus mémoire ========== SUPPRIME Reboot Memory Process: C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe SUPPRIME Memory Process: C:\Users\Danoulh\AppData\Local\Temp\BI_RunOnce.exe SUPPRIME Memory Process: C:\Users\Danoulh\AppData\Local\Temp\dp.exe SUPPRIME Memory Process: C:\Users\Danoulh\AppData\Local\Temp\uninst1.exe SUPPRIME Memory Process: C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.0.0\ToolbarUpdater.exe SUPPRIME Memory Process: C:\Program Files\AD-AWA~1\AdAwareLauncher.exe SUPPRIME Reboot Memory Process: C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe SUPPRIME Memory Process: C:\Program Files\Spybot - Search & Destroy 2\SDImmunize.exe SUPPRIME Memory Process: C:\Program Files\Spybot - Search & Destroy 2\SDScan.exe ========== Clé(s) du Registre ========== SUPPRIME Key: Service: BrowserProtect SUPPRIME Key: HKLM\Software\AntimalwareSolution SUPPRIME CLSID MPSK: {e62235c1-8b37-11e2-a808-806e6f6e6963} ERREUR Key****: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ecdf796-c2dc-4d79-a620-cce0c0a66cc9} SUPPRIME Key: HKCU\Software\1ClickDownload SUPPRIME Key: HKLM\Software\Classes\Prod.cap ERREUR Key****: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings ABSENT Key: Service: BrowserProtect SUPPRIME Key: Service: vToolbarUpdater15.0.0 SUPPRIME Key: HKCU\Software\Softonic ERREUR Key****: SearchScopes :{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} SUPPRIME Key: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375 SUPPRIME Key: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5 SUPPRIME Key: HKLM\Software\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3} SUPPRIME Key: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\AVG SafeGuard toolbar SUPPRIME Key: HKCU\Software\AVG SafeGuard toolbar SUPPRIME Key: HKLM\Software\AVG SafeGuard toolbar SUPPRIME Key: HKLM\Software\Microsoft\Tracing\Setup_RASAPI32 SUPPRIME Key: HKLM\Software\Microsoft\Tracing\Setup_RASMANCS ABSENT Key: Service: vToolbarUpdater15.0.0 ========== Valeur(s) du Registre ========== ABSENT IFC: [FEATURE_BROWSER_EMULATION] svchost.exe SUPPRIME [HKCU\Software\Mozilla\Firefox\Extensions]:{0F827075-B026-42F3-885D-98981EE7B1AE} ABSENT [HKCU\Software\92dfd9e23cec48]:GUID="{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}" ABSENT [HKLM\Software\92dfd9e23cec48]:GUID="{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}" ABSENT Valeur Domain Profile: FirewallRaz : Aucune valeur présente dans la clé d'exception du registre (FirewallRaz) ========== Elément(s) de donnée du Registre ========== SUPPRIME AppInit: \ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.dll ========== Dossier(s) ========== SUPPRIME Reboot Folder**: C:\ProgramData\BrowserProtect SUPPRIME Folder: C:\Users\Danoulh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BrowserProtect SUPPRIME Folder: c:\program files\common files\avg secure search SUPPRIME Flash Cookies SUPPRIME Temporaires Windows ========== Fichier(s) ========== SUPPRIME Reboot c:\program files\mozilla firefox\searchplugins\babylon.xml SUPPRIME Reboot \programdata\browserprotect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\browserprotect.dll SUPPRIME Reboot c:\programdata\browserprotect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\browserprotect.exe SUPPRIME File: c:\windows\prefetch\browserprotect.exe-eaf067f3.pf SUPPRIME Reboot h:\autoplay.exe SUPPRIME File: c:\users\danoulh\appdata\local\temp\bi_runonce.exe SUPPRIME File: c:\users\danoulh\appdata\local\temp\dp.exe SUPPRIME File*: c:\users\danoulh\appdata\local\temp\uninst1.exe SUPPRIME File: C:\Users\Danoulh\AppData\Roaming\Mozilla\Firefox\Profiles\rwxl6z38.default\bprotector_prefs.js SUPPRIME File*: c:\users\danoulh\appdata\roaming\mozilla\firefox\profiles\rwxl6z38.default\bprotector_prefs.js ABSENT Folder/File: c:\users\danoulh\appdata\local\temp\uninst1.exe ABSENT Folder/File: c:\users\danoulh\appdata\local\temp\bi_runonce.exe ABSENT Folder/File: c:\users\danoulh\appdata\local\temp\dp.exe SUPPRIME File***: c:\program files\common files\avg secure search\vtoolbarupdater\15.0.0\toolbarupdater.exe ABSENT File: c:\program files\common files\avg secure search\vtoolbarupdater\15.0.0\toolbarupdater.exe SUPPRIME File: c:\users\danoulh\appdata\local\avg safeguard toolbar\sitesafety\l_2013_04_08_11_11_01.db SUPPRIME File: c:\users\danoulh\appdata\local\avg safeguard toolbar\sitesafety\l_2013_04_09_11_30_41.db SUPPRIME File: c:\users\danoulh\downloads\softonicdownloader_pour_trojan-killer.exe SUPPRIME File: c:\program files\mozilla firefox\searchplugins\safeguard-secure-search.xml SUPPRIME File: c:\program files\mozilla firefox\searchplugins\yahootc.xml SUPPRIME File***: c:\program files\ad-awa~1\adawarelauncher.exe SUPPRIME File***: c:\program files\spybot - search & destroy 2\sdimmunize.exe SUPPRIME File***: c:\program files\spybot - search & destroy 2\sdscan.exe SUPPRIME Flash Cookies SUPPRIME Temporaires Windows ========== Tache planifiée ========== SUPPRIME Task: Ad-Aware Antivirus Scheduled Scan SUPPRIME Task: Express FilesUpdate SUPPRIME Task: Check for updates SUPPRIME Task: Refresh immunization SUPPRIME Task: Scan the system ========== Restauration Système ========== Point de restauration du système créé avec succès ========== Récapitulatif ========== 9 : Processus mémoire 20 : Clé(s) du Registre 6 : Valeur(s) du Registre 1 : Elément(s) de donnée du Registre 5 : Dossier(s) 25 : Fichier(s) 5 : Tache planifiée 1 : Restauration Système End of clean in 01mn 41s ========== Chemin de fichier rapport ========== C:\ZHP\ZHPFix[R1].txt - 11/04/2013 13:31:07 [6113]