Publicité
Publicité
Format du document : text/plain
Prévisualisation
Rapport de ZHPFix 2013.3.9.1 par Nicolas Coolman, Update du 9/03/2013
Fichier d'export Registre :
Run by Jean at 16/04/2013 18:35:40
High Elevated Privileges : OK
Windows 8 Home Premium Edition, 64-bit (Build 9200)
Corbeille vid�e
========== Logiciel(s) ==========
SUPPRIME Updater Service
ABSENT Software Key: {889DF117-14D1-44EE-9F31-C5FB5D47F68B}
========== Processus m�moire ==========
SUPPRIME Reboot Memory Process: C:\Users\Jean\AppData\Roaming\Yontoo\YontooDesktop.exe
SUPPRIME Memory Process: C:\Users\Jean\AppData\Local\Temp\uninst1.exe
========== Cl�(s) du Registre ==========
SUPPRIME Key: CLSID BHO: {FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
ABSENT Key: Service: IBUpdaterService
SUPPRIME Key: HKCU\Software\BabylonToolbar
SUPPRIME Key: HKLM\Software\Wow6432Node\Babylon
SUPPRIME Key: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ecdf796-c2dc-4d79-a620-cce0c0a66cc9}
SUPPRIME Key*: HKLM\Software\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
ABSENT Key: HKLM\Software\Wow6432Node\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
SUPPRIME Key*: HKLM\Software\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
ABSENT Key: HKLM\Software\Wow6432Node\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
SUPPRIME Key*: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
SUPPRIME Key: HKLM\Software\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}
ABSENT Key: HKLM\Software\Wow6432Node\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}
SUPPRIME Key: HKLM\Software\Classes\TypeLib\{D372567D-67C1-4B29-B3F0-159B52B3E967}
SUPPRIME Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
SUPPRIME Key: HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
SUPPRIME Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
SUPPRIME Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
ABSENT Key: HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
ABSENT Key: HKLM\SYSTEM\CurrentControlSet\Services\IBUpdaterService
SUPPRIME Key: HKLM\Software\Wow6432Node\Microsoft\Tracing\MyBabylontb_RASAPI32
SUPPRIME Key: HKLM\Software\Wow6432Node\Microsoft\Tracing\MyBabylontb_RASMANCS
ABSENT Key: HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Updater Service
SUPPRIME Key: HKLM\Software\Classes\Prod.cap
SUPPRIME Key: HKLM\SYSTEM\CurrentControlSet\Services\Yontoo Desktop Updater
SUPPRIME Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{45564571-A21B-48ED-B584-69752EEE9C3D}
SUPPRIME Key: HKLM\Software\Classes\YontooIEClient.Api
SUPPRIME Key: HKLM\Software\Classes\YontooIEClient.Api.1
SUPPRIME Key: HKLM\Software\Classes\YontooIEClient.Layers
SUPPRIME Key: HKLM\Software\Classes\YontooIEClient.Layers.1
SUPPRIME Key: HKLM\Software\Classes\AppID\YontooIEClient.DLL
ABSENT Key: HKLM\Software\Wow6432Node\Classes\YontooIEClient.Api
ABSENT Key: HKLM\Software\Wow6432Node\Classes\YontooIEClient.Api.1
ABSENT Key: HKLM\Software\Wow6432Node\Classes\YontooIEClient.Layers
ABSENT Key: HKLM\Software\Wow6432Node\Classes\YontooIEClient.Layers.1
ABSENT Key: HKLM\Software\Wow6432Node\Classes\AppID\YontooIEClient.DLL
ABSENT Key: Service: Yontoo Desktop Updater
========== Valeur(s) du Registre ==========
SUPPRIME RunValue: Yontoo Desktop
ABSENT RunValue: Yontoo Desktop
ABSENT [HKCU\Software\Microsoft\Windows\CurrentVersion\Run]:Yontoo Desktop
ABSENT [HKCU\Software\e0d6dbbd3de917\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1125.80]:guid="{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}"
ABSENT [HKCU\Software\e0d6dbbd3de917\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1125.80]:version="2.6.1125.80"
========== Dossier(s) ==========
SUPPRIME Reboot Folder**: C:\Program Files (x86)\Yontoo
SUPPRIME Folder: C:\ProgramData\Babylon
SUPPRIME Folder: C:\ProgramData\BrowserProtect
ABSENT C:\ProgramData\IBUpdaterService
SUPPRIME Folder: C:\Users\Jean\AppData\Roaming\Babylon
SUPPRIME Reboot Folder**: C:\Users\Jean\AppData\Roaming\Yontoo
SUPPRIME Reboot Folder**: c:\program files (x86)\viewpoint
SUPPRIME Folder: c:\programdata\viewpoint
========== Fichier(s) ==========
SUPPRIME File: c:\program files (x86)\yontoo\yontooieclient.dll
SUPPRIME Reboot c:\users\jean\appdata\roaming\yontoo\yontoodesktop.exe
ABSENT File: c:\programdata\ibupdaterservice\ibsvc.exe
SUPPRIME File: c:\users\jean\appdata\local\temp\uninst1.exe
ABSENT Folder/File: c:\programdata\babylon
ABSENT Folder/File: c:\programdata\ibupdaterservice
ABSENT Folder/File: c:\users\jean\appdata\roaming\babylon
ABSENT Folder/File: c:\users\jean\appdata\local\temp\uninst1.exe
SUPPRIME Reboot c:\program files (x86)\yontoo\y2desktop.updater.exe
========== Autre ==========
NON TRAITE Malware (61)
========== R�capitulatif ==========
2 : Processus m�moire
36 : Cl�(s) du Registre
5 : Valeur(s) du Registre
8 : Dossier(s)
9 : Fichier(s)
2 : Logiciel(s)
1 : Autre
End of clean in 00mn 17s
========== Chemin de fichier rapport ==========
C:\ZHP\ZHPFix[R1].txt - 15/04/2013 16:39:03 [5405]
C:\ZHP\ZHPFix[R2].txt - 16/04/2013 17:01:00 [555]
C:\ZHP\ZHPFix[R3].txt - 16/04/2013 18:35:40 [5405]
Fichier d'export Registre :
Run by Jean at 16/04/2013 18:35:40
High Elevated Privileges : OK
Windows 8 Home Premium Edition, 64-bit (Build 9200)
Corbeille vid�e
========== Logiciel(s) ==========
SUPPRIME Updater Service
ABSENT Software Key: {889DF117-14D1-44EE-9F31-C5FB5D47F68B}
========== Processus m�moire ==========
SUPPRIME Reboot Memory Process: C:\Users\Jean\AppData\Roaming\Yontoo\YontooDesktop.exe
SUPPRIME Memory Process: C:\Users\Jean\AppData\Local\Temp\uninst1.exe
========== Cl�(s) du Registre ==========
SUPPRIME Key: CLSID BHO: {FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
ABSENT Key: Service: IBUpdaterService
SUPPRIME Key: HKCU\Software\BabylonToolbar
SUPPRIME Key: HKLM\Software\Wow6432Node\Babylon
SUPPRIME Key: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ecdf796-c2dc-4d79-a620-cce0c0a66cc9}
SUPPRIME Key*: HKLM\Software\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
ABSENT Key: HKLM\Software\Wow6432Node\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
SUPPRIME Key*: HKLM\Software\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
ABSENT Key: HKLM\Software\Wow6432Node\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
SUPPRIME Key*: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
SUPPRIME Key: HKLM\Software\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}
ABSENT Key: HKLM\Software\Wow6432Node\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}
SUPPRIME Key: HKLM\Software\Classes\TypeLib\{D372567D-67C1-4B29-B3F0-159B52B3E967}
SUPPRIME Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
SUPPRIME Key: HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
SUPPRIME Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
SUPPRIME Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
ABSENT Key: HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
ABSENT Key: HKLM\SYSTEM\CurrentControlSet\Services\IBUpdaterService
SUPPRIME Key: HKLM\Software\Wow6432Node\Microsoft\Tracing\MyBabylontb_RASAPI32
SUPPRIME Key: HKLM\Software\Wow6432Node\Microsoft\Tracing\MyBabylontb_RASMANCS
ABSENT Key: HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Updater Service
SUPPRIME Key: HKLM\Software\Classes\Prod.cap
SUPPRIME Key: HKLM\SYSTEM\CurrentControlSet\Services\Yontoo Desktop Updater
SUPPRIME Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{45564571-A21B-48ED-B584-69752EEE9C3D}
SUPPRIME Key: HKLM\Software\Classes\YontooIEClient.Api
SUPPRIME Key: HKLM\Software\Classes\YontooIEClient.Api.1
SUPPRIME Key: HKLM\Software\Classes\YontooIEClient.Layers
SUPPRIME Key: HKLM\Software\Classes\YontooIEClient.Layers.1
SUPPRIME Key: HKLM\Software\Classes\AppID\YontooIEClient.DLL
ABSENT Key: HKLM\Software\Wow6432Node\Classes\YontooIEClient.Api
ABSENT Key: HKLM\Software\Wow6432Node\Classes\YontooIEClient.Api.1
ABSENT Key: HKLM\Software\Wow6432Node\Classes\YontooIEClient.Layers
ABSENT Key: HKLM\Software\Wow6432Node\Classes\YontooIEClient.Layers.1
ABSENT Key: HKLM\Software\Wow6432Node\Classes\AppID\YontooIEClient.DLL
ABSENT Key: Service: Yontoo Desktop Updater
========== Valeur(s) du Registre ==========
SUPPRIME RunValue: Yontoo Desktop
ABSENT RunValue: Yontoo Desktop
ABSENT [HKCU\Software\Microsoft\Windows\CurrentVersion\Run]:Yontoo Desktop
ABSENT [HKCU\Software\e0d6dbbd3de917\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1125.80]:guid="{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}"
ABSENT [HKCU\Software\e0d6dbbd3de917\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1125.80]:version="2.6.1125.80"
========== Dossier(s) ==========
SUPPRIME Reboot Folder**: C:\Program Files (x86)\Yontoo
SUPPRIME Folder: C:\ProgramData\Babylon
SUPPRIME Folder: C:\ProgramData\BrowserProtect
ABSENT C:\ProgramData\IBUpdaterService
SUPPRIME Folder: C:\Users\Jean\AppData\Roaming\Babylon
SUPPRIME Reboot Folder**: C:\Users\Jean\AppData\Roaming\Yontoo
SUPPRIME Reboot Folder**: c:\program files (x86)\viewpoint
SUPPRIME Folder: c:\programdata\viewpoint
========== Fichier(s) ==========
SUPPRIME File: c:\program files (x86)\yontoo\yontooieclient.dll
SUPPRIME Reboot c:\users\jean\appdata\roaming\yontoo\yontoodesktop.exe
ABSENT File: c:\programdata\ibupdaterservice\ibsvc.exe
SUPPRIME File: c:\users\jean\appdata\local\temp\uninst1.exe
ABSENT Folder/File: c:\programdata\babylon
ABSENT Folder/File: c:\programdata\ibupdaterservice
ABSENT Folder/File: c:\users\jean\appdata\roaming\babylon
ABSENT Folder/File: c:\users\jean\appdata\local\temp\uninst1.exe
SUPPRIME Reboot c:\program files (x86)\yontoo\y2desktop.updater.exe
========== Autre ==========
NON TRAITE Malware (61)
========== R�capitulatif ==========
2 : Processus m�moire
36 : Cl�(s) du Registre
5 : Valeur(s) du Registre
8 : Dossier(s)
9 : Fichier(s)
2 : Logiciel(s)
1 : Autre
End of clean in 00mn 17s
========== Chemin de fichier rapport ==========
C:\ZHP\ZHPFix[R1].txt - 15/04/2013 16:39:03 [5405]
C:\ZHP\ZHPFix[R2].txt - 16/04/2013 17:01:00 [555]
C:\ZHP\ZHPFix[R3].txt - 16/04/2013 18:35:40 [5405]