Publicité
Publicité
Format du document : text/plain
Prévisualisation
Rapport de ZHPFix 1.3.16 par Nicolas Coolman, Update du 15/02/2013
Fichier d'export Registre :
Run by Heraktone at 19/02/2013 20:56:15
High Elevated Privileges : OK
Windows 7 Home Premium Edition, 64-bit Service Pack 1 (Build 7601)
Corbeille vid�e
========== Processus m�moire ==========
SUPPRIME Memory Process: C:\Users\Heraktone\AppData\Local\Temp\IminentSetup{2.kKzKJAbP.1}.exe
SUPPRIME Memory Process: C:\Users\Heraktone\AppData\Local\Temp\MyBabylonTB.exe
SUPPRIME Memory Process: C:\Users\Heraktone\AppData\Local\Temp\UpdateCheckerSetup.exe
========== Cl�(s) du Registre ==========
SUPPRIME Key: HKLM\Software\Wow6432Node\Babylon
SUPPRIME Key: SearchScopes :{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
ABSENT Key: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ecdf796-c2dc-4d79-a620-cce0c0a66cc9}
SUPPRIME Key*: HKLM\Software\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}
SUPPRIME Key*: HKLM\Software\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}
SUPPRIME Key*: HKLM\Software\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}
SUPPRIME Key*: HKLM\Software\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
SUPPRIME Key*: HKLM\Software\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}
SUPPRIME Key*: HKLM\Software\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}
SUPPRIME Key*: HKLM\Software\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}
SUPPRIME Key*: HKLM\Software\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}
SUPPRIME Key*: HKLM\Software\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}
SUPPRIME Key: HKLM\Software\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
ABSENT Key: HKLM\Software\Wow6432Node\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
ABSENT Key: HKLM\Software\Classes\AppID\{BDB69379-802F-4eaf-B541-F8DE92DD98DB}
SUPPRIME Key*: HKLM\Software\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
SUPPRIME Key*: HKLM\Software\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}
SUPPRIME Key*: HKLM\Software\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}
SUPPRIME Key*: HKLM\Software\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}
SUPPRIME Key*: HKLM\Software\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}
SUPPRIME Key: HKLM\Software\Wow6432Node\Microsoft\Tracing\MyBabylontb_RASAPI32
SUPPRIME Key: HKLM\Software\Wow6432Node\Microsoft\Tracing\MyBabylontb_RASMANCS
SUPPRIME Key: HKLM\Software\Classes\Prod.cap
========== El�ment(s) de donn�e du Registre ==========
SUPPRIME R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page
========== Pr�f�rences navigateur ==========
PRESENT Chrome File: C:\Users\Heraktone\AppData\Local\Google\Chrome\User Data\Default\Preferences
SUPPRIME Chrome Site: http://start.facemoods.com
SUPPRIME Chrome Site: http://start.facemoods.com
SUPPRIME Mozilla Pref: http://search.babylon.com
SUPPRIME Mozilla Pref: http://search.babylon.com
SUPPRIME Mozilla Pref: http://search.babylon.com
SUPPRIME Mozilla Pref: http://search.babylon.com
SUPPRIME Mozilla Pref: user_pref("browser.newtab.url", "http://search.babylon.com/?affID=112542&tt=010812_906_cln_3112_4&babsrc=NT_ss&mntrId=f6c36e410000[...]
SUPPRIME Mozilla Pref: user_pref("browser.search.defaultenginename", "Search the web (Babylon)");
SUPPRIME Mozilla Pref: user_pref("browser.search.order.1", "Search the web (Babylon)");
SUPPRIME Mozilla Pref: user_pref("browser.startup.homepage", "http://search.babylon.com/?affID=112542&tt=010812_906_cln_3112_4&babsrc=HP_ss&mntrId=f6c36e[...]
SUPPRIME Mozilla Pref: user_pref("extensions.BabylonToolbar.admin", false);
SUPPRIME Mozilla Pref: user_pref("extensions.BabylonToolbar.aflt", "babsst");
SUPPRIME Mozilla Pref: user_pref("extensions.BabylonToolbar.dfltLng", "en");
SUPPRIME Mozilla Pref: user_pref("extensions.BabylonToolbar.excTlbr", false);
SUPPRIME Mozilla Pref: user_pref("extensions.BabylonToolbar.id", "f6c36e4100000000000002004c4f4f50");
SUPPRIME Mozilla Pref: user_pref("extensions.BabylonToolbar.instlDay", "15555");
SUPPRIME Mozilla Pref: user_pref("extensions.BabylonToolbar.instlRef", "sst");
SUPPRIME Mozilla Pref: user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar");
SUPPRIME Mozilla Pref: user_pref("extensions.BabylonToolbar.prtnrId", "babylon");
SUPPRIME Mozilla Pref: user_pref("extensions.BabylonToolbar.tlbrId", "base");
SUPPRIME Mozilla Pref: user_pref("extensions.BabylonToolbar.tlbrSrchUrl", "http://www.google.com/search?babsrc=TB_ggl&q=");
SUPPRIME Mozilla Pref: user_pref("extensions.BabylonToolbar.vrsn", "1.5.29.1");
SUPPRIME Mozilla Pref: user_pref("extensions.BabylonToolbar.vrsni", "1.5.29.1");
SUPPRIME Mozilla Pref: user_pref("extensions.BabylonToolbar_i.babExt", "");
SUPPRIME Mozilla Pref: user_pref("extensions.BabylonToolbar_i.babTrack", "affID=112542&tt=010812_906_cln_3112_4");
SUPPRIME Mozilla Pref: user_pref("extensions.BabylonToolbar_i.newTab", true);
ABSENT Mozilla Pref: user_pref("extensions.BabylonToolbar_i.newTabUrl", "http://search.babylon.com/?affID=112542&tt=010812_906_cln_3112_4&babsrc=NT_ss&[...]
SUPPRIME Mozilla Pref: user_pref("extensions.BabylonToolbar_i.smplGrp", "none");
SUPPRIME Mozilla Pref: user_pref("extensions.BabylonToolbar_i.srcExt", "ss");
SUPPRIME Mozilla Pref: user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.5.29.10:57:47");
SUPPRIME Mozilla Pref: user_pref("keyword.URL", "http://search.babylon.com/?affID=112542&tt=010812_906_cln_3112_4&babsrc=KW_ss&mntrId=f6c36e4100000000000[...]
========== Dossier(s) ==========
SUPPRIME Folder: C:\ProgramData\Babylon
SUPPRIME Folder: C:\Users\Heraktone\AppData\Roaming\Babylon
========== Fichier(s) ==========
SUPPRIME File: c:\program files (x86)\mozilla firefox\searchplugins\babylon.xml
SUPPRIME File: c:\windows\tasks\autokms.job
SUPPRIME File*: c:\users\heraktone\appdata\local\temp\iminentsetup{2.kkzkjabp.1}.exe
SUPPRIME File: c:\users\heraktone\appdata\local\temp\mybabylontb.exe
SUPPRIME File*: c:\users\heraktone\appdata\local\temp\updatecheckersetup.exe
ABSENT Folder/File: c:\programdata\babylon
ABSENT Folder/File: c:\users\heraktone\appdata\roaming\babylon
ABSENT Folder/File: c:\users\heraktone\appdata\local\temp\mybabylontb.exe
ABSENT Folder/File: c:\users\heraktone\appdata\local\temp\iminentsetup{2.kkzkjabp.1}.exe
ABSENT Folder/File: c:\users\heraktone\appdata\local\temp\updatecheckersetup.exe
========== Tache planifi�e ==========
ABSENT Task: AutoKMS
========== Autre ==========
NON TRAITE Malware (65)
========== R�capitulatif ==========
3 : Processus m�moire
23 : Cl�(s) du Registre
1 : El�ment(s) de donn�e du Registre
2 : Dossier(s)
10 : Fichier(s)
32 : Pr�f�rences navigateur
1 : Tache planifi�e
1 : Autre
End of clean in 00mn 02s
========== Chemin de fichier rapport ==========
C:\ZHP\ZHPFix[R1].txt - 19/02/2013 20:56:16 [6863]
Fichier d'export Registre :
Run by Heraktone at 19/02/2013 20:56:15
High Elevated Privileges : OK
Windows 7 Home Premium Edition, 64-bit Service Pack 1 (Build 7601)
Corbeille vid�e
========== Processus m�moire ==========
SUPPRIME Memory Process: C:\Users\Heraktone\AppData\Local\Temp\IminentSetup{2.kKzKJAbP.1}.exe
SUPPRIME Memory Process: C:\Users\Heraktone\AppData\Local\Temp\MyBabylonTB.exe
SUPPRIME Memory Process: C:\Users\Heraktone\AppData\Local\Temp\UpdateCheckerSetup.exe
========== Cl�(s) du Registre ==========
SUPPRIME Key: HKLM\Software\Wow6432Node\Babylon
SUPPRIME Key: SearchScopes :{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
ABSENT Key: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ecdf796-c2dc-4d79-a620-cce0c0a66cc9}
SUPPRIME Key*: HKLM\Software\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}
SUPPRIME Key*: HKLM\Software\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}
SUPPRIME Key*: HKLM\Software\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}
SUPPRIME Key*: HKLM\Software\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
SUPPRIME Key*: HKLM\Software\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}
SUPPRIME Key*: HKLM\Software\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}
SUPPRIME Key*: HKLM\Software\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}
SUPPRIME Key*: HKLM\Software\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}
SUPPRIME Key*: HKLM\Software\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}
SUPPRIME Key: HKLM\Software\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
ABSENT Key: HKLM\Software\Wow6432Node\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
ABSENT Key: HKLM\Software\Classes\AppID\{BDB69379-802F-4eaf-B541-F8DE92DD98DB}
SUPPRIME Key*: HKLM\Software\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
SUPPRIME Key*: HKLM\Software\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}
SUPPRIME Key*: HKLM\Software\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}
SUPPRIME Key*: HKLM\Software\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}
SUPPRIME Key*: HKLM\Software\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}
SUPPRIME Key: HKLM\Software\Wow6432Node\Microsoft\Tracing\MyBabylontb_RASAPI32
SUPPRIME Key: HKLM\Software\Wow6432Node\Microsoft\Tracing\MyBabylontb_RASMANCS
SUPPRIME Key: HKLM\Software\Classes\Prod.cap
========== El�ment(s) de donn�e du Registre ==========
SUPPRIME R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page
========== Pr�f�rences navigateur ==========
PRESENT Chrome File: C:\Users\Heraktone\AppData\Local\Google\Chrome\User Data\Default\Preferences
SUPPRIME Chrome Site: http://start.facemoods.com
SUPPRIME Chrome Site: http://start.facemoods.com
SUPPRIME Mozilla Pref: http://search.babylon.com
SUPPRIME Mozilla Pref: http://search.babylon.com
SUPPRIME Mozilla Pref: http://search.babylon.com
SUPPRIME Mozilla Pref: http://search.babylon.com
SUPPRIME Mozilla Pref: user_pref("browser.newtab.url", "http://search.babylon.com/?affID=112542&tt=010812_906_cln_3112_4&babsrc=NT_ss&mntrId=f6c36e410000[...]
SUPPRIME Mozilla Pref: user_pref("browser.search.defaultenginename", "Search the web (Babylon)");
SUPPRIME Mozilla Pref: user_pref("browser.search.order.1", "Search the web (Babylon)");
SUPPRIME Mozilla Pref: user_pref("browser.startup.homepage", "http://search.babylon.com/?affID=112542&tt=010812_906_cln_3112_4&babsrc=HP_ss&mntrId=f6c36e[...]
SUPPRIME Mozilla Pref: user_pref("extensions.BabylonToolbar.admin", false);
SUPPRIME Mozilla Pref: user_pref("extensions.BabylonToolbar.aflt", "babsst");
SUPPRIME Mozilla Pref: user_pref("extensions.BabylonToolbar.dfltLng", "en");
SUPPRIME Mozilla Pref: user_pref("extensions.BabylonToolbar.excTlbr", false);
SUPPRIME Mozilla Pref: user_pref("extensions.BabylonToolbar.id", "f6c36e4100000000000002004c4f4f50");
SUPPRIME Mozilla Pref: user_pref("extensions.BabylonToolbar.instlDay", "15555");
SUPPRIME Mozilla Pref: user_pref("extensions.BabylonToolbar.instlRef", "sst");
SUPPRIME Mozilla Pref: user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar");
SUPPRIME Mozilla Pref: user_pref("extensions.BabylonToolbar.prtnrId", "babylon");
SUPPRIME Mozilla Pref: user_pref("extensions.BabylonToolbar.tlbrId", "base");
SUPPRIME Mozilla Pref: user_pref("extensions.BabylonToolbar.tlbrSrchUrl", "http://www.google.com/search?babsrc=TB_ggl&q=");
SUPPRIME Mozilla Pref: user_pref("extensions.BabylonToolbar.vrsn", "1.5.29.1");
SUPPRIME Mozilla Pref: user_pref("extensions.BabylonToolbar.vrsni", "1.5.29.1");
SUPPRIME Mozilla Pref: user_pref("extensions.BabylonToolbar_i.babExt", "");
SUPPRIME Mozilla Pref: user_pref("extensions.BabylonToolbar_i.babTrack", "affID=112542&tt=010812_906_cln_3112_4");
SUPPRIME Mozilla Pref: user_pref("extensions.BabylonToolbar_i.newTab", true);
ABSENT Mozilla Pref: user_pref("extensions.BabylonToolbar_i.newTabUrl", "http://search.babylon.com/?affID=112542&tt=010812_906_cln_3112_4&babsrc=NT_ss&[...]
SUPPRIME Mozilla Pref: user_pref("extensions.BabylonToolbar_i.smplGrp", "none");
SUPPRIME Mozilla Pref: user_pref("extensions.BabylonToolbar_i.srcExt", "ss");
SUPPRIME Mozilla Pref: user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.5.29.10:57:47");
SUPPRIME Mozilla Pref: user_pref("keyword.URL", "http://search.babylon.com/?affID=112542&tt=010812_906_cln_3112_4&babsrc=KW_ss&mntrId=f6c36e4100000000000[...]
========== Dossier(s) ==========
SUPPRIME Folder: C:\ProgramData\Babylon
SUPPRIME Folder: C:\Users\Heraktone\AppData\Roaming\Babylon
========== Fichier(s) ==========
SUPPRIME File: c:\program files (x86)\mozilla firefox\searchplugins\babylon.xml
SUPPRIME File: c:\windows\tasks\autokms.job
SUPPRIME File*: c:\users\heraktone\appdata\local\temp\iminentsetup{2.kkzkjabp.1}.exe
SUPPRIME File: c:\users\heraktone\appdata\local\temp\mybabylontb.exe
SUPPRIME File*: c:\users\heraktone\appdata\local\temp\updatecheckersetup.exe
ABSENT Folder/File: c:\programdata\babylon
ABSENT Folder/File: c:\users\heraktone\appdata\roaming\babylon
ABSENT Folder/File: c:\users\heraktone\appdata\local\temp\mybabylontb.exe
ABSENT Folder/File: c:\users\heraktone\appdata\local\temp\iminentsetup{2.kkzkjabp.1}.exe
ABSENT Folder/File: c:\users\heraktone\appdata\local\temp\updatecheckersetup.exe
========== Tache planifi�e ==========
ABSENT Task: AutoKMS
========== Autre ==========
NON TRAITE Malware (65)
========== R�capitulatif ==========
3 : Processus m�moire
23 : Cl�(s) du Registre
1 : El�ment(s) de donn�e du Registre
2 : Dossier(s)
10 : Fichier(s)
32 : Pr�f�rences navigateur
1 : Tache planifi�e
1 : Autre
End of clean in 00mn 02s
========== Chemin de fichier rapport ==========
C:\ZHP\ZHPFix[R1].txt - 19/02/2013 20:56:16 [6863]