Script ZHPFix
SysRestore
M2 - MFEP: prefs.js [Damien - xkjbcdf5.default\blck0rw@iu-bmo.com] [] BetterPriCeChec v2.3 (..)
M2 - MFEP: prefs.js [Damien - xkjbcdf5.default\eojdjmphp@oajolrt.net] [] soaveer Box v5.1 (..)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.trovigo.com
O2 - BHO: BetteeriPricaeChhec [64Bits] - {A7F3D3C2-FC6C-BAC0-CF4F-6D18574C9B26} Clé orpheline
O2 - BHO: gReaetsaving [64Bits] - {BFAED4D3-80E1-8C88-D72C-1104063AE7F8} Clé orpheline
O4 - HKCU\..\Run: [Optimizer Pro] . (.PC Utilities Software Limited - Optimizer Pro Launcher.) -- C:\Program Files (x86)\Optimizer Pro\OptProLauncher.exe O4 - HKUS\S-1-5-21-1461077657-1960772363-821423338-1001\..\Run: [Optimizer Pro] . (.PC Utilities Software Limited - Optimizer Pro Launcher.) -- C:\Program Files (x86)\Optimizer Pro\OptProLauncher.exe
O20 - AppInit_DLLs: . (...) - C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC64Loader.dll (.not file.) O23 - Service: Optimizer Pro Crash Monitor (70e6ca8c) . (...) - C:\Program Files (x86)\optimi~1\OptProCrashSvc.dll
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\MySearchDial.job [316] [MD5.00000000000000000000000000000000] [APT] [MySearchDial] (...) -- C:\Users\Damien\AppData\Roaming\MYSEAR~1\UPDATE~1\UPDATE~1.exe (.not file.) [0] O42 - Logiciel: Jump Flip - (.Jump Flip.) [HKLM][64Bits] -- Jump Flip
O42 - Logiciel: Optimizer Pro v3.2 - (...) [HKLM][64Bits] -- Optimizer Pro_is1
[HKCU\Software\APN PIP]
[HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}] [HKCU\Software\Optimizer Pro]
[HKLM\Software\Wow6432Node\InstallCore]
[HKLM\Software\Wow6432Node\SearchProtect]
[HKLM\Software\Wow6432Node\mysearchdial]
O43 - CFD: 09/11/2012 - 02:19:51 - [0,993] ----D C:\Program Files (x86)\eBay O43 - CFD: 07/03/2014 - 17:23:28 - [33,624] ----D C:\Program Files (x86)\Optimizer Pro O43 - CFD: 03/04/2014 - 19:35:13 - [0,007] ----D C:\ProgramData\BetteeriPricaeChhec
O43 - CFD: 02/04/2014 - 19:11:02 - [0,002] ----D C:\ProgramData\edb0db3b424a6bcd
O43 - CFD: 03/04/2014 - 19:35:13 - [0,007] ----D C:\ProgramData\gReaetsaving
O43 - CFD: 07/03/2014 - 14:46:11 - [0] ----D C:\Users\Damien\AppData\Roaming\Optimizer Pro O43 - CFD: 07/03/2014 - 14:46:04 - [0,098] ----D C:\Users\Damien\AppData\Local\SearchProtect O69 - SBI: prefs.js [Damien - xkjbcdf5.default] user_pref("extensions.mysearchdial.aflt", "tele0101" ); =>Adware.MyWebSearch O69 - SBI: prefs.js [Damien - xkjbcdf5.default] user_pref("extensions.mysearchdial.appId", "{CA5CAA63-B27C-4963-9BEC-CB16A36D56F8}" ); =>Adware.MyWebSearch O69 - SBI: prefs.js [Damien - xkjbcdf5.default] user_pref("extensions.mysearchdial.cd", "2XzuyEtN2Y1L1Qzu0CtD0DzyyCtByE0Fzzzzzy0EyD0CzztCtN0D0Tzu0SyBtAtAtN1L2XzutBtFtBtFtCyEtFtCt[...] =>Adware.MyWebSearch O69 - SBI: prefs.js [Damien - xkjbcdf5.default] user_pref("extensions.mysearchdial.cr", "1119851330" ); =>Adware.MyWebSearch O69 - SBI: prefs.js [Damien - xkjbcdf5.default] user_pref("extensions.mysearchdial.dfltLng", "" ); =>Adware.MyWebSearch O69 - SBI: prefs.js [Damien - xkjbcdf5.default] user_pref("extensions.mysearchdial.dfltSrch", true); =>Adware.MyWebSearch O69 - SBI: prefs.js [Damien - xkjbcdf5.default] user_pref("extensions.mysearchdial.dnsErr", true); =>Adware.MyWebSearch O69 - SBI: prefs.js [Damien - xkjbcdf5.default] user_pref("extensions.mysearchdial.excTlbr", false); =>Adware.MyWebSearch O69 - SBI: prefs.js [Damien - xkjbcdf5.default] user_pref("extensions.mysearchdial.hmpg", true); =>Adware.MyWebSearch O69 - SBI: prefs.js [Damien - xkjbcdf5.default] user_pref("extensions.mysearchdial.hmpgUrl", "http://start.mysearchdial.com/?f=1&a=tele0101&cd=2XzuyEtN2Y1L1Qzu0CtD0DzyyCtByE0Fzzz[...] =>Adware.MyWebSearch O69 - SBI: prefs.js [Damien - xkjbcdf5.default] user_pref("extensions.mysearchdial.id", "C0D9624F889E5C81" ); =>Adware.MyWebSearch O69 - SBI: prefs.js [Damien - xkjbcdf5.default] user_pref("extensions.mysearchdial.instlDay", "16072" ); =>Adware.MyWebSearch O69 - SBI: prefs.js [Damien - xkjbcdf5.default] user_pref("extensions.mysearchdial.instlRef", "" ); =>Adware.MyWebSearch O69 - SBI: prefs.js [Damien - xkjbcdf5.default] user_pref("extensions.mysearchdial.newTabUrl", "http://start.mysearchdial.com/?f=2&a=tele0101&cd=2XzuyEtN2Y1L1Qzu0CtD0DzyyCtByE0Fz[...] =>Adware.MyWebSearch O69 - SBI: prefs.js [Damien - xkjbcdf5.default] user_pref("extensions.mysearchdial.prdct", "mysearchdial" ); =>Adware.MyWebSearch O69 - SBI: prefs.js [Damien - xkjbcdf5.default] user_pref("extensions.mysearchdial.prtnrId", "mysearchdial" ); =>Adware.MyWebSearch O69 - SBI: prefs.js [Damien - xkjbcdf5.default] user_pref("extensions.mysearchdial.srchPrvdr", "Mysearchdial" ); =>Adware.MyWebSearch O69 - SBI: prefs.js [Damien - xkjbcdf5.default] user_pref("extensions.mysearchdial.tlbrId", "base" ); =>Adware.MyWebSearch O69 - SBI: prefs.js [Damien - xkjbcdf5.default] user_pref("extensions.mysearchdial.tlbrSrchUrl", "http://start.mysearchdial.com/?f=3&a=tele0101&cd=2XzuyEtN2Y1L1Qzu0CtD0DzyyCtByE0[...] =>Adware.MyWebSearch O69 - SBI: prefs.js [Damien - xkjbcdf5.default] user_pref("extensions.mysearchdial.vrsn", "1.8.21.0" ); =>Adware.MyWebSearch O69 - SBI: prefs.js [Damien - xkjbcdf5.default] user_pref("extensions.mysearchdial.vrsni", "1.8.21.0" ); =>Adware.MyWebSearch O69 - SBI: prefs.js [Damien - xkjbcdf5.default] user_pref("extensions.mysearchdial_i.hmpg", true); =>Adware.MyWebSearch O69 - SBI: prefs.js [Damien - xkjbcdf5.default] user_pref("extensions.mysearchdial_i.newTab", false); =>Adware.MyWebSearch O69 - SBI: prefs.js [Damien - xkjbcdf5.default] user_pref("extensions.mysearchdial_i.smplGrp", "none" ); =>Adware.MyWebSearch O69 - SBI: prefs.js [Damien - xkjbcdf5.default] user_pref("extensions.mysearchdial_i.vrsnTs", "1.8.21.016:13:58" ); =>Adware.MyWebSearch O69 - SBI: SearchScopes [HKCU] {3DFCE36F-33FA-4C53-AE4E-7D0EA1F72BF5} - (Mysearchdial) - http://start.mysearchdial.com =>Adware.MyWebSearch HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\updateJumpFlip_RASAPI32 HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\updateJumpFlip_RASMANCS
SR - | Auto 07/03/2014 186496 | C:\Program Files (x86)\optimi~1\OptProCrashSvc.dll (70e6ca8c) . (...) - C:\Program Files (x86)\Optimizer Pro\OptProCrashSvc.dll [HKLM\Software\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}] [HKLM\Software\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}]
[HKLM\Software\Wow6432Node\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}] [HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}] [HKLM\Software\Wow6432Node\{1146AC44-2F03-4431-B4FD-889BC837521F}] [HKLM\Software\Classes\AppID\escorTlbr.DLL]
[HKLM\Software\Wow6432Node\Classes\AppID\escort.DLL] [HKLM\Software\Wow6432Node\Classes\AppID\escortApp.DLL] [HKLM\Software\Wow6432Node\Classes\AppID\escortEng.DLL] [HKLM\Software\Wow6432Node\Classes\AppID\escorTlbr.DLL]
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:Optimizer Pro
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BFAED4D3-80E1-8C88-D72C-1104063AE7F8}] =>PUP.GreatSaver^ [HKLM\SYSTEM\CurrentControlSet\Services\70e6ca8c] =>PUP.OptimizerPro^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Jump Flip] =>PUP.JumpFlip^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Optimizer Pro_is1] =>PUP.OptimizerPro^ [HKLM\Software\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}] =>PUP.Babylon [HKLM\Software\Wow6432Node\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}] =>PUP.Babylon [HKLM\Software\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}] =>PUP.Babylon [HKLM\Software\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}] =>PUP.Babylon [HKLM\Software\Wow6432Node\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}] =>PUP.Babylon [HKLM\Software\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}] =>PUP.Babylon [HKLM\Software\Wow6432Node\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}] =>PUP.Babylon [HKLM\Software\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}] =>PUP.Babylon [HKLM\Software\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}] =>PUP.Babylon [HKLM\Software\Wow6432Node\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}] =>PUP.Babylon [HKLM\Software\Classes\AppID\escort.dll] =>PUP.Babylon [HKLM\Software\Classes\AppID\escortapp.dll] =>PUP.Babylon [HKLM\Software\Classes\AppID\escorteng.dll] =>PUP.Babylon [HKLM\Software\Classes\AppID\esrv.EXE] =>PUP.Babylon EmptyFlash
EmptyTemp |