cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Rapport de ZHPFix 2015.3.18.4 par Nicolas Coolman, Update du 18/03/2015
Fichier d'export Registre :
Run by cha at 06/04/2015 21:36:35
High Elevated Privileges : OK
Windows 7 Business Edition, 64-bit Service Pack 1 (Build 7601)

Corbeille vid�e (00mn 07s)
Dossier Prefetcher vid�
R�paration des raccourcis navigateur

========== Logiciels ==========
ABSENT Uninstall Process: c:\program files (x86)\facemoods.com\facemoods\1.4.17.11\uninstall.exe
ABSENT Uninstall Process: c:\users\cha\appdata\roaming\sweet-page\uninstallmanager.exe

========== Processus m�moire ==========
SUPPRIM� Red�marrage: Memory Process: C:\Users\cha\AppData\Roaming\cacaoweb\cacaoweb.exe
SUPPRIM� Red�marrage: Memory Process: C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.11\facemoodssrv.exe
SUPPRIM� Red�marrage: Memory Process: C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe

========== Cl�s du Registre ==========
SUPPRIM� Logiciel Key: [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\facemoods]
SUPPRIM�: Service: WindowsMangerProtect
SUPPRIM�: HKCU\Software\DC3_FEXEC
SUPPRIM�: HKCU\Software\ProductSetup
SUPPRIM�: HKCU\Software\cacaoweb
SUPPRIM�: HKLM\Software\Wow6432Node\Babylon
SUPPRIM�: HKLM\Software\Wow6432Node\sweet-pageSoftware
SUPPRIM�: SearchScopes :{0D7562AE-8EF6-416d-A838-AB665251703A}
SUPPRIM�: SearchScopes :{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
SUPPRIM�: SearchScopes :{2fa28606-de77-4029-af96-b231e3b8f827}
SUPPRIM�: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\MyBabylonTB_RASAPI32
SUPPRIM�: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\MyBabylonTB_RASMANCS
SUPPRIM�: HKLM\Software\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
SUPPRIM�:* HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
SUPPRIM�: HKLM\Software\Classes\AppID\{5B1881D1-D9C7-46df-B041-1E593282C7D0}
SUPPRIM�:* HKLM\Software\Classes\Interface\{A9379648-F6EB-4F65-A624-1C10411A15D0}
SUPPRIM�: HKLM\Software\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
SUPPRIM�:* HKLM\Software\Classes\Interface\{F16AB1DB-15C0-4456-A29E-4DF24FB9E3D2}
SUPPRIM�: HKLM\Software\Classes\Prod.cap
SUPPRIM�: HKCU\Software\Softonic
SUPPRIM�: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_pour_produkey_RASAPI32
SUPPRIM�: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_pour_produkey_RASMANCS
SUPPRIM�: HKLM\Software\Wow6432Node\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
SUPPRIM�: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
SUPPRIM�:* HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}

========== Valeurs du Registre ==========
SUPPRIM� RunValue: cacaoweb
SUPPRIM� RunValue: winupdater
SUPPRIM�: Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}
Aucune Valeur Standard Profile: FirewallRaz :
Aucune Valeur Domain Profile: FirewallRaz :
SUPPRIM�: FirewallRaz (Public) : TCP Query User{3FD641CD-29DE-4AAB-BEEF-22A9BC42FB68}C:\users\cha\appdata\roaming\cacaoweb\cacaoweb.exe
SUPPRIM�: FirewallRaz (Public) : UDP Query User{C650FF07-4DA4-4017-926E-A564F0C81479}C:\users\cha\appdata\roaming\cacaoweb\cacaoweb.exe
SUPPRIM�: FirewallRaz (Private) : TCP Query User{1AF82783-79A7-4BAD-8E6F-AC49827496B2}C:\users\cha\appdata\roaming\cacaoweb\cacaoweb.exe
SUPPRIM�: FirewallRaz (Private) : UDP Query User{74444A58-16E9-4B6E-ADDF-01EA1DDFD49D}C:\users\cha\appdata\roaming\cacaoweb\cacaoweb.exe

========== El�ments de donn�e du Registre ==========
SUPPRIM�: R0 - Main,Start Page = KCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page
SUPPRIM�: R0 - Main,Start Page = KLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page
SUPPRIM�: R0 - Main,Start Page = KLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page
SUPPRIM�: R1 Search Page = http://www.sweet-page.com/web/?type=ds&ts=1427744401&from=corfr&uid=HitachiXHTS723232A7A364_E3834563H074ZNH074ZNX&q={searchTerms}
SUPPRIM�: R1 Search Page = about:blank
SUPPRIM�: R1 Search Page = res://ieframe.dll/tabswelcome.htm
SUPPRIM�: R1 Search Page = http://www.bing.com/search?q={searchTerms}
SUPPRIM�: StartMenuInternet: C:\Program Files (x86)\Mozilla Firefox\firefox.exe" http://www.sweet-page.com
SUPPRIM�: StartMenuInternet: C:\Program Files\Internet Explorer\iexplore.exe http://www.sweet-page.com

========== Pr�f�rences navigateur ==========
SUPPRIM� Mozilla Pref: user_pref("browser.babylon.HPOnNewTab", "search.babylon.com");
SUPPRIM� Mozilla Pref: user_pref("browser.search.order.1", "Search the web (Babylon)");
SUPPRIM� Mozilla Pref: user_pref("extensions.BabylonToolbar_i.aflt", "babsst");
SUPPRIM� Mozilla Pref: user_pref("extensions.BabylonToolbar_i.babExt", "");
SUPPRIM� Mozilla Pref: user_pref("extensions.BabylonToolbar_i.babTrack", "affID=108298");
SUPPRIM� Mozilla Pref: user_pref("extensions.BabylonToolbar_i.hardId", "7e60bc990000000000006431509287b4");
SUPPRIM� Mozilla Pref: user_pref("extensions.BabylonToolbar_i.id", "7e60bc990000000000006431509287b4");
SUPPRIM� Mozilla Pref: user_pref("extensions.BabylonToolbar_i.instlDay", "15389");
SUPPRIM� Mozilla Pref: user_pref("extensions.BabylonToolbar_i.instlRef", "sst");
SUPPRIM� Mozilla Pref: user_pref("extensions.BabylonToolbar_i.newTab", true);
SUPPRIM� Mozilla Pref: user_pref("extensions.BabylonToolbar_i.newTabUrl", "http://search.babylon.com/?AF=108298&babsrc=NT_ss&mntrId=7e60bc990000000000006[...]
SUPPRIM� Mozilla Pref: user_pref("extensions.BabylonToolbar_i.prdct", "BabylonToolbar");
SUPPRIM� Mozilla Pref: user_pref("extensions.BabylonToolbar_i.prtnrId", "babylon");
SUPPRIM� Mozilla Pref: user_pref("extensions.BabylonToolbar_i.smplGrp", "none");
SUPPRIM� Mozilla Pref: user_pref("extensions.BabylonToolbar_i.srcExt", "ss");
SUPPRIM� Mozilla Pref: user_pref("extensions.BabylonToolbar_i.tlbrId", "base");
SUPPRIM� Mozilla Pref: user_pref("extensions.BabylonToolbar_i.vrsn", "1.5.3.17");
SUPPRIM� Mozilla Pref: user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.5.3.1723:31:34");
SUPPRIM� Mozilla Pref: user_pref("extensions.BabylonToolbar_i.vrsni", "1.5.3.17");
SUPPRIM� Mozilla Pref: user_pref("keyword.URL", "http://search.babylon.com/?AF=108298&babsrc=adbartrp&mntrId=7e60bc990000000000006431509287b4&q=");

========== Dossiers ==========
Aucun dossiers CLSID Local utilisateur vide
SUPPRIM�S Temporaires Windows (33)

========== Fichiers ==========
SUPPRIM�: c:\users\public\desktop\mozilla firefox.lnk (http://www.sweet-page.com)
CR��: C:\Users\Public\Desktop\Mozilla Firefox.lnk
SUPPRIM�: c:\programdata\microsoft\windows\start menu\programs\mozilla firefox.lnk (http://www.sweet-page.com)
CR��: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
SUPPRIM�: c:\users\cha\appdata\roaming\microsoft\internet explorer\quick launch\launch internet explorer browser.lnk (http://www.sweet-page.com)
CR��: C:\Users\cha\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
SUPPRIM�: c:\users\cha\appdata\roaming\microsoft\internet explorer\quick launch\user pinned\taskbar\mozilla firefox.lnk (http://www.sweet-page.com)
CR��: C:\Users\cha\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk
SUPPRIM�: c:\users\cha\appdata\roaming\microsoft\windows\start menu\programs\internet explorer.lnk (http://www.sweet-page.com)
CR��: C:\Users\cha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
SUPPRIM�: c:\users\cha\appdata\roaming\microsoft\windows\start menu\programs\accessories\system tools\internet explorer (no add-ons).lnk (http://www.sweet-page.com)
CR��: C:\Users\cha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
SUPPRIM�: c:\users\cha\appdata\roaming\cacaoweb\cacaoweb.exe
SUPPRIM�: c:\windupdt\winupdate.exe
SUPPRIM� Red�marrage: c:\program files (x86)\facemoods.com
SUPPRIM�: c:\programdata\windowsmangerprotect\protectwindowsmanager.exe
SUPPRIM�S Flash Cookies (0) (0 octets)
SUPPRIM�S Temporaires Windows (35) (3�096�930 octets)

========== Restauration Syst�me ==========
Point de restauration du syst�me cr�� avec succ�s


========== R�capitulatif ==========
3 : Processus m�moire
25 : Cl�s du Registre
9 : Valeurs du Registre
9 : El�ments de donn�e du Registre
2 : Dossiers
18 : Fichiers
2 : Logiciels
20 : Pr�f�rences navigateur
1 : Restauration Syst�me


End of clean in 09mn 28s

========== Chemin de fichier rapport ==========
C:\Users\cha\AppData\Roaming\ZHP\ZHPFix[R1].txt - 06/04/2015 21:36:43 [8602]

Publicité


Signaler le contenu de ce document

Publicité