Rapport de ZHPFix 2013.9.19.8 par Nicolas Coolman, Update du 19/09/2013 Fichier d'export Registre : Run by Gille at 20/09/2013 18:04:59 High Elevated Privileges : OK Windows XP Professional Service Pack 3 (Build 2600) Corbeille vidée ========== Logiciels ========== ABSENT Uninstall Process: c:\docume~1\alluse~1\applic~1\tarmai~1\{889df~1\setup.exe ========== Processus mémoire ========== SUPPRIMÉ Redémarrage: Memory Process: C:\WINDOWS\system32\igfxupdate.exe ========== Clés du Registre ========== SUPPRIMÉ: HKCU\Software\5b288d8b568bd40 SUPPRIMÉ:* HKCU\Software\DataMngr SUPPRIMÉ:* HKCU\Software\DataMngr_Toolbar SUPPRIMÉ: HKCU\Software\SweetIM SUPPRIMÉ: HKLM\Software\5b288d8b568bd40 SUPPRIMÉ: HKLM\Software\Babylon SUPPRIMÉ:* HKLM\Software\DataMngr SUPPRIMÉ: HKLM\Software\SweetIM SUPPRIMÉ: HKLM\Software\babylontoolbar SUPPRIMÉ: HKLM\Software\Classes\CLSID\{35b8892d-c3fb-4d88-990d-31db2ebd72bd} SUPPRIMÉ: HKLM\Software\Classes\Interface\{3f607e46-0d3c-4442-b1de-de7fa4768f5c} SUPPRIMÉ: HKLM\Software\Classes\TypeLib\{93e3d79c-0786-48ff-9329-93bc9f6dc2b3} SUPPRIMÉ: HKLM\Software\Classes\Interface\{fe0273d1-99df-4ac0-87d5-1371c6271785} SUPPRIMÉ: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ecdf796-c2dc-4d79-a620-cce0c0a66cc9} SUPPRIMÉ: HKLM\Software\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065} SUPPRIMÉ: HKLM\Software\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759} SUPPRIMÉ: HKLM\Software\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA} SUPPRIMÉ: HKLM\Software\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000} SUPPRIMÉ: HKLM\Software\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4} SUPPRIMÉ: HKLM\Software\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D} SUPPRIMÉ: HKLM\Software\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0} SUPPRIMÉ: HKLM\Software\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C} SUPPRIMÉ: HKLM\Software\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9} SUPPRIMÉ: HKLM\Software\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08} SUPPRIMÉ: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199} SUPPRIMÉ: HKLM\Software\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4} SUPPRIMÉ: HKLM\Software\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C} SUPPRIMÉ: HKLM\Software\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37} SUPPRIMÉ: HKLM\Software\Classes\CLSID\{80922ee0-8a76-46ae-95d5-bd3c3fe0708d} SUPPRIMÉ: HKLM\Software\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0} SUPPRIMÉ: HKLM\Software\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003} SUPPRIMÉ: HKLM\Software\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4} SUPPRIMÉ: HKLM\Software\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D} SUPPRIMÉ: HKLM\Software\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5} SUPPRIMÉ: HKLM\Software\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC} SUPPRIMÉ: HKLM\Software\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A} SUPPRIMÉ: HKLM\Software\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D} SUPPRIMÉ: HKLM\Software\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA} SUPPRIMÉ: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{ae07101b-46d4-4a98-af68-0333ea26e113} SUPPRIMÉ: HKLM\Software\Classes\CLSID\{ae07101b-46d4-4a98-af68-0333ea26e113} SUPPRIMÉ: HKLM\Software\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75} SUPPRIMÉ: HKLM\Software\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB} SUPPRIMÉ: HKLM\Software\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556} SUPPRIMÉ: HKLM\Software\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C} SUPPRIMÉ: HKLM\Software\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500} SUPPRIMÉ: HKLM\Software\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205} SUPPRIMÉ: HKLM\Software\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED} SUPPRIMÉ: HKLM\Software\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25} SUPPRIMÉ: HKLM\Software\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D} SUPPRIMÉ: HKLM\Software\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3} SUPPRIMÉ: HKLM\Software\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF} SUPPRIMÉ: HKLM\Software\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7} SUPPRIMÉ: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE} SUPPRIMÉ: HKLM\Software\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01} SUPPRIMÉ: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48d2-9061-8BBD4899EB08} SUPPRIMÉ: HKLM\Software\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2} SUPPRIMÉ: HKLM\Software\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587} SUPPRIMÉ: HKLM\Software\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4} SUPPRIMÉ: HKLM\Software\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B} SUPPRIMÉ: HKLM\Software\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7} SUPPRIMÉ: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8} SUPPRIMÉ: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8} SUPPRIMÉ: HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Iminent SUPPRIMÉ: HKLM\Software\Classes\Prod.cap SUPPRIMÉ: HKCU\Software\APN PIP SUPPRIMÉ: HKCU\Software\Conduit SUPPRIMÉ: HKCU\Software\PIP SUPPRIMÉ: HKCU\Software\Softonic SUPPRIMÉ: HKCU\Software\delta LTD SUPPRIMÉ: HKLM\Software\PIP SUPPRIMÉ: HKLM\Software\Tarma Installer SUPPRIMÉ: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{31AD400D-1B06-4E33-A59A-90C2C140CBA0} SUPPRIMÉ: HKLM\Software\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8} SUPPRIMÉ: HKLM\Software\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17} SUPPRIMÉ: HKLM\Software\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} SUPPRIMÉ: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375 SUPPRIMÉ: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5 SUPPRIMÉ: HKLM\Software\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3} ========== Valeurs du Registre ========== SUPPRIMÉ AAKE KeyValue: C:\Documents and Settings\Gille\Mes documents\Téléchargements\sweetimsetup.exe SUPPRIMÉ AAKE KeyValue: C:\Documents and Settings\Gille\Local Settings\Application Data\DirectDownloader\directdownloader.exe SUPPRIMÉ RunValue: ROC_roc_ssl_v12 ========== Préférences navigateur ========== SUPPRIMÉ Mozilla Pref: user_pref("extensions.BabylonToolbar_i.newTab", true); SUPPRIMÉ Mozilla Pref: user_pref("extensions.BabylonToolbar_i.newTabUrl", "http://www.delta-search.com/?affID=119649&babsrc=NT_ss&mntrId=04f11da100000000[...] SUPPRIMÉ Mozilla Pref: user_pref("extensions.helperbar.DockingPositionDown", false); SUPPRIMÉ Mozilla Pref: user_pref("extensions.helperbar.SmartbarDisabled", false); SUPPRIMÉ Mozilla Pref: user_pref("extensions.helperbar.SmartbarStateMinimaized", false); SUPPRIMÉ Mozilla Pref: user_pref("avg.install.userHPSettings", "http://www.delta-search.com/?affID=119649&babsrc=HP_ss&mntrId=04f11da1000000000000001617e[...] SUPPRIMÉ Mozilla Pref: user_pref("avg.install.userSPSettings", "Delta Search"); SUPPRIMÉ Mozilla Pref: user_pref("extensions.delta.admin", false); SUPPRIMÉ Mozilla Pref: user_pref("extensions.delta.aflt", "babsst"); SUPPRIMÉ Mozilla Pref: user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}"); SUPPRIMÉ Mozilla Pref: user_pref("extensions.delta.autoRvrt", "false"); SUPPRIMÉ Mozilla Pref: user_pref("extensions.delta.bbDpng", "22"); SUPPRIMÉ Mozilla Pref: user_pref("extensions.delta.cntry", "FR"); SUPPRIMÉ Mozilla Pref: user_pref("extensions.delta.dfltLng", "en"); SUPPRIMÉ Mozilla Pref: user_pref("extensions.delta.excTlbr", false); SUPPRIMÉ Mozilla Pref: user_pref("extensions.delta.hdrMd5", "EF6A49C8C793B75FA91A70B381BB2FE4"); SUPPRIMÉ Mozilla Pref: user_pref("extensions.delta.id", "04f11da1000000000000001617e538da"); SUPPRIMÉ Mozilla Pref: user_pref("extensions.delta.instlDay", "15758"); SUPPRIMÉ Mozilla Pref: user_pref("extensions.delta.instlRef", "sst"); SUPPRIMÉ Mozilla Pref: user_pref("extensions.delta.lastVrsnTs", "1.8.10.010:06:46"); SUPPRIMÉ Mozilla Pref: user_pref("extensions.delta.newTab", false); SUPPRIMÉ Mozilla Pref: user_pref("extensions.delta.prdct", "delta"); SUPPRIMÉ Mozilla Pref: user_pref("extensions.delta.prtnrId", "delta"); SUPPRIMÉ Mozilla Pref: user_pref("extensions.delta.rvrt", "false"); SUPPRIMÉ Mozilla Pref: user_pref("extensions.delta.sg", "czb"); SUPPRIMÉ Mozilla Pref: user_pref("extensions.delta.smplGrp", "none"); SUPPRIMÉ Mozilla Pref: user_pref("extensions.delta.tlbrId", "base"); SUPPRIMÉ Mozilla Pref: user_pref("extensions.delta.tlbrSrchUrl", ""); SUPPRIMÉ Mozilla Pref: user_pref("extensions.delta.vrsn", "1.8.10.0"); SUPPRIMÉ Mozilla Pref: user_pref("extensions.delta.vrsnTs", "1.8.10.010:06:46"); SUPPRIMÉ Mozilla Pref: user_pref("extensions.delta.vrsni", "1.8.10.0"); ========== Dossiers ========== SUPPRIMÉ: C:\Program Files\Red Sky SUPPRIMÉ: C:\Documents and Settings\All Users\Application Data\Babylon SUPPRIMÉ: C:\Documents and Settings\Gille\Application Data\Babylon SUPPRIMÉ: c:\documents and settings\gille\local settings\application data\directdownloader SUPPRIMÉ: C:\Documents and Settings\All Users\Application Data\Tarma Installer ========== Fichiers ========== SUPPRIMÉ: c:\program files\mozilla firefox\searchplugins\babylon.xml SUPPRIMÉ: C:\Windows\Installer\2d9d65.msi SUPPRIMÉ:* c:\windows\installer\2d9d65.msi SUPPRIMÉ: c:\documents and settings\gille\application data\mozilla\firefox\profiles\8jlu8mky.default\searchplugins\delta.xml ========== Autre ========== NON TRAITÉ Malware (126) NON TRAITÉ Superflu (54) ========== Récapitulatif ========== 1 : Processus mémoire 78 : Clés du Registre 3 : Valeurs du Registre 5 : Dossiers 4 : Fichiers 1 : Logiciels 31 : Préférences navigateur 2 : Autre End of clean in 01mn 08s ========== Chemin de fichier rapport ========== C:\ZHP\ZHPFix[R1].txt - 20/09/2013 18:05:10 [10397]