Rapport de ZHPFix 2013.12.14.5 par Nicolas Coolman, Update du 06/12/2013 Fichier d'export Registre : Run by V at 06/01/2014 23:18:23 High Elevated Privileges : OK Windows 8 Home Premium Edition, 64-bit (Build 9200) Corbeille vidée (00mn 26s) Réparation des raccourcis navigateur ========== Logiciels ========== ABSENT Uninstall Process: c:\program files (x86)\services x86\uninstall.exe ========== Processus mémoire ========== SUPPRIMÉ Redémarrage: Memory Process: C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.1.3\ToolbarUpdater.exe SUPPRIMÉ Redémarrage: Memory Process: C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.1.3\loggingserver.exe SUPPRIMÉ: Memory Process: C:\Users\V\Desktop\KeyGen Microsoft Office Professionnel 2007.exe ========== Clés du Registre ========== SUPPRIMÉ Logiciel Key: [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Services x86] SUPPRIMÉ: HKCU\Software\Cr_Installer SUPPRIMÉ: HKCU\Software\InstallCore SUPPRIMÉ: HKCU\Software\mysearchdial.com SUPPRIMÉ: HKLM\Software\Wow6432Node\Babylon SUPPRIMÉ: HKLM\Software\Wow6432Node\Vittalia SUPPRIMÉ: SearchScopes :{77AA745B-F4F8-45DA-9B14-61D2D95054C8} SUPPRIMÉ: SearchScopes :{95B7759C-8C7F-4BF1-B163-73684A933233} SUPPRIMÉ:* HKLM\Software\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC} SUPPRIMÉ: HKLM\Software\Wow6432Node\Services x86 SUPPRIMÉ: HKLM\Software\Classes\Prod.cap SUPPRIMÉ: HKCU\Software\AppDataLow\Software\Crossrider SUPPRIMÉ:* HKLM\Software\Google\Chrome\Extensions\pflphaooapbgpeakohlggbpidpppgdff SUPPRIMÉ: CLSID BHO: {95B7759C-8C7F-4BF1-B163-73684A933233} SUPPRIMÉ: Service: vToolbarUpdater17.1.3 SUPPRIMÉ:* HKLM\Software\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217} SUPPRIMÉ: HKLM\Software\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2} SUPPRIMÉ:* HKLM\Software\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7} SUPPRIMÉ: HKLM\Software\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93} SUPPRIMÉ: HKLM\Software\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8} SUPPRIMÉ: HKLM\Software\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB} SUPPRIMÉ: HKLM\Software\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94} SUPPRIMÉ:* HKLM\Software\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6} SUPPRIMÉ: HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC} SUPPRIMÉ: HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} SUPPRIMÉ:* HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706} SUPPRIMÉ: HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706} SUPPRIMÉ: HKLM\Software\Classes\AppID\ScriptHelper.EXE SUPPRIMÉ: HKLM\Software\Classes\S SUPPRIMÉ: HKLM\Software\Classes\ScriptHelper.ScriptHelperApi SUPPRIMÉ: HKLM\Software\Classes\ScriptHelper.ScriptHelperApi.1 SUPPRIMÉ: HKLM\Software\Classes\ViProtocol.ViProtocolOLE SUPPRIMÉ: HKLM\Software\Classes\ViProtocol.ViProtocolOLE.1 SUPPRIMÉ: HKCU\Software\AVG SafeGuard toolbar SUPPRIMÉ: HKLM\Software\Wow6432Node\AVG SafeGuard toolbar SUPPRIMÉ: HKLM\Software\Wow6432Node\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof ========== Valeurs du Registre ========== SUPPRIMÉ RunValue: vProt SUPPRIMÉ: {99544D9D-C952-4CF8-8A49-29D9EFDC0181} ========== Eléments de donnée du Registre ========== SUPPRIMÉ: R0 - Main,Start Page = KCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page SUPPRIMÉ: R0 - Main,Start Page = KLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page SUPPRIMÉ: R0 - Main,Start Page = KLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page SUPPRIMÉ: R1 Search Page = ERREUR CLSID PAPP: {B658800C-F66E-4EF3-AB85-6C0C227862A9} ========== Préférences navigateur ========== SUPPRIMÉ Mozilla Pref: user_pref("browser.search.order.1", "Mysearchdial"); SUPPRIMÉ Mozilla Pref: user_pref("extensions.crossrider.bic", "13f0c98e7cc5b07af0e747cf7e707547"); SUPPRIMÉ Mozilla Pref: user_pref("extensions.mysearchdial.aflt", "telemsd1103"); SUPPRIMÉ Mozilla Pref: user_pref("extensions.mysearchdial.appId", "{CA5CAA63-B27C-4963-9BEC-CB16A36D56F8}"); SUPPRIMÉ Mozilla Pref: user_pref("extensions.mysearchdial.cd", "2XzuyEtN2Y1L1QzuzzyEyE0B0FyDyByD0Czz0F0FtC0AzyyDtN0D0Tzu0SyCzytCtN1L2XzutBtFtBtFtCyEtFtCt[...] SUPPRIMÉ Mozilla Pref: user_pref("extensions.mysearchdial.cntry", "FR"); SUPPRIMÉ Mozilla Pref: user_pref("extensions.mysearchdial.cr", "1494522495"); SUPPRIMÉ Mozilla Pref: user_pref("extensions.mysearchdial.dfltLng", ""); SUPPRIMÉ Mozilla Pref: user_pref("extensions.mysearchdial.dfltSrch", true); SUPPRIMÉ Mozilla Pref: user_pref("extensions.mysearchdial.dnsErr", true); ABSENT Mozilla Pref: user_pref("extensions.mysearchdial.dpkLst", "3654782829,1334533236,1121012847,231756876,1895130307,603719297,4288797614,3754950497[...] SUPPRIMÉ Mozilla Pref: user_pref("extensions.mysearchdial.excTlbr", false); SUPPRIMÉ Mozilla Pref: user_pref("extensions.mysearchdial.hdrMd5", "A63292B5F5822CB72E83ED67DD415205"); SUPPRIMÉ Mozilla Pref: user_pref("extensions.mysearchdial.hmpg", true); ABSENT Mozilla Pref: user_pref("extensions.mysearchdial.hmpgUrl", "http://start.mysearchdial.com/?f=1&a=telemsd1103&cd=2XzuyEtN2Y1L1QzuzzyEyE0B0FyDyByD[...] SUPPRIMÉ Mozilla Pref: user_pref("extensions.mysearchdial.hpFFXOld", "http://mysearch.avg.com?cid={07AA5B5C-EBA7-4797-A88E-66BB48B84962}&mid=d58e7b2071a1[...] SUPPRIMÉ Mozilla Pref: user_pref("extensions.mysearchdial.id", "844BF575C8FF1A95"); SUPPRIMÉ Mozilla Pref: user_pref("extensions.mysearchdial.instlDay", "16030"); SUPPRIMÉ Mozilla Pref: user_pref("extensions.mysearchdial.instlRef", ""); SUPPRIMÉ Mozilla Pref: user_pref("extensions.mysearchdial.lastB", "http://mysearch.avg.com?cid={07AA5B5C-EBA7-4797-A88E-66BB48B84962}&mid=d58e7b2071a147d[...] SUPPRIMÉ Mozilla Pref: user_pref("extensions.mysearchdial.lastVrsnTs", "1.8.21.021:4:5"); ABSENT Mozilla Pref: user_pref("extensions.mysearchdial.newTabUrl", "http://start.mysearchdial.com/?f=2&a=telemsd1103&cd=2XzuyEtN2Y1L1QzuzzyEyE0B0FyDyB[...] SUPPRIMÉ Mozilla Pref: user_pref("extensions.mysearchdial.pnu_base", "{\"newVrsn\":\"85\",\"lastVrsn\":\"85\",\"vrsnLoad\":\"\",\"showMsg\":\"false\",\"s[...] SUPPRIMÉ Mozilla Pref: user_pref("extensions.mysearchdial.prdct", "mysearchdial"); SUPPRIMÉ Mozilla Pref: user_pref("extensions.mysearchdial.prtnrId", "mysearchdial"); SUPPRIMÉ Mozilla Pref: user_pref("extensions.mysearchdial.sg", "none"); SUPPRIMÉ Mozilla Pref: user_pref("extensions.mysearchdial.srchPrvdr", "Mysearchdial"); SUPPRIMÉ Mozilla Pref: user_pref("extensions.mysearchdial.tlbrId", "base"); ABSENT Mozilla Pref: user_pref("extensions.mysearchdial.tlbrSrchUrl", "http://start.mysearchdial.com/?f=3&a=telemsd1103&cd=2XzuyEtN2Y1L1QzuzzyEyE0B0FyD[...] SUPPRIMÉ Mozilla Pref: user_pref("extensions.mysearchdial.vrsn", "1.8.21.0"); SUPPRIMÉ Mozilla Pref: user_pref("extensions.mysearchdial.vrsni", "1.8.21.0"); SUPPRIMÉ Mozilla Pref: user_pref("extensions.mysearchdial_i.hmpg", true); SUPPRIMÉ Mozilla Pref: user_pref("extensions.mysearchdial_i.newTab", false); SUPPRIMÉ Mozilla Pref: user_pref("extensions.mysearchdial_i.smplGrp", "none"); SUPPRIMÉ Mozilla Pref: user_pref("extensions.mysearchdial_i.vrsnTs", "1.8.21.021:4:5"); SUPPRIMÉ Mozilla Pref: user_pref("avg.install.newtab", true); ========== Dossiers ========== Aucun dossiers CLSID Local utilisateur vide SUPPRIMÉ: C:\ProgramData\Babylon SUPPRIMÉ: C:\Users\V\AppData\Roaming\Babylon SUPPRIMÉ: c:\program files (x86)\common files\avg secure search ========== Fichiers ========== SUPPRIMÉS Flash Cookies (0) (0 octets) SUPPRIMÉS Temporaires Windows (2234) (2 395 112 932 octets) SUPPRIMÉ: c:\users\v\appdata\roaming\mozilla\firefox\profiles\9zgdq5uv.default\searchplugins\mysearchdial.xml SUPPRIMÉ: c:\users\v\appdata\roaming\mozilla\firefox\profiles\9zgdq5uv.default\searchplugins\safeguard-secure-search.xml SUPPRIMÉ: c:\program files (x86)\avg safeguard toolbar\17.1.3.2\avg safeguard toolbar_toolbar.dll SUPPRIMÉ: c:\users\public\desktop\infestation survivor stories.lnk SUPPRIMÉ: c:\windows\prefetch\dynreservedpri.db SUPPRIMÉ: c:\windows\prefetch\left4dead2.exe-a66a2fda.pf SUPPRIMÉ: c:\windows\prefetch\systempropertiesremote.exe-a8b3ef40.pf SUPPRIMÉ: c:\windows\prefetch\hycam2.exe-d7f7de4e.pf SUPPRIMÉ: c:\windows\prefetch\asustploader.exe-b7ff0997.pf ========== Récapitulatif ========== 3 : Processus mémoire 36 : Clés du Registre 2 : Valeurs du Registre 5 : Eléments de donnée du Registre 4 : Dossiers 11 : Fichiers 1 : Logiciels 36 : Préférences navigateur End of clean in 01mn 10s ========== Chemin de fichier rapport ========== C:\Users\V\AppData\Roaming\ZHP\ZHPFix[R1].txt - 06/01/2014 23:18:49 [8901]