Rapport de ZHPFix 2013.5.24.2 par Nicolas Coolman, Update du 24/05/2013 Fichier d'export Registre : Run by rachel at 04/06/2013 14:14:22 High Elevated Privileges : OK Windows 7 Home Premium Edition, 64-bit Service Pack 1 (Build 7601) Corbeille vidée ========== Processus mémoire ========== SUPPRIME Memory Process: C:\Users\rachel\AppData\Local\Temp\uninst1.exe ========== Clé(s) du Registre ========== SUPPRIME Key: HKCU\Software\5248f8cb76dbe13 SUPPRIME Key: HKCU\Software\AppDataLow\Software\mediabarbs SUPPRIME Key: HKCU\Software\BabylonToolbar SUPPRIME Key: HKCU\Software\BearShare SUPPRIME Key*: HKCU\Software\DataMngr_Toolbar SUPPRIME Key*: HKCU\Software\Datamngr SUPPRIME Key: HKLM\Software\Wow6432Node\5248f8cb76dbe13 SUPPRIME Key: HKLM\Software\Wow6432Node\Babylon SUPPRIME Key: HKLM\Software\Wow6432Node\ClickPotatoLite SUPPRIME Key*: HKLM\Software\Wow6432Node\DataMngr SUPPRIME Key: SearchScopes :{9BB47C17-9C68-4BB3-B188-DD9AF0FD22} SUPPRIME Key: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ecdf796-c2dc-4d79-a620-cce0c0a66cc9} SUPPRIME Key: HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1602F07D-8BF3-4c08-BDD6-DDDB1C48AEDC} SUPPRIME Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{258c9770-1713-4021-8d7e-1f184a2bd754} SUPPRIME Key: HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{AC6D819E-AA8F-4418-A3BB-D165C1B18BB5} SUPPRIME Key: HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B58926D6-CFB0-45D2-9C28-4B5A0F0368AE} SUPPRIME Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BDEA95CF-F0E6-41E0-BD3D-B00F39A4E939} SUPPRIME Key: HKLM\Software\Classes\TypeLib\{C55CA95C-324B-451C-B2D2-6E895AA75FEC} ABSENT Key: HKCU\Software\DataMngr ABSENT Key: HKLM\Software\Wow6432Node\DataMngr SUPPRIME Key: HKLM\Software\Wow6432Node\Microsoft\Tracing\MyBabylontb_RASAPI32 SUPPRIME Key: HKLM\Software\Wow6432Node\Microsoft\Tracing\MyBabylontb_RASMANCS SUPPRIME Key: HKLM\Software\Classes\Prod.cap SUPPRIME Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C2D64FF7-0AB8-4263-89C9-EA3B0F8F050C} SUPPRIME Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C2D64FF7-0AB8-4263-89C9-EA3B0F8F050C} SUPPRIME Key: HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C2D64FF7-0AB8-4263-89C9-EA3B0F8F050C} SUPPRIME Key: HKLM\Software\Classes\ClickPotatoLiteAX.info SUPPRIME Key: HKLM\Software\Classes\ClickPotatoLiteAX.info.1 SUPPRIME Key: HKLM\Software\Classes\ClickPotatoLiteAX.UserProfiles SUPPRIME Key: HKLM\Software\Classes\ClickPotatoLiteAX.UserProfiles.1 ABSENT Key: HKLM\Software\Wow6432Node\Classes\ClickPotatoLiteAX.info ABSENT Key: HKLM\Software\Wow6432Node\Classes\ClickPotatoLiteAX.info.1 ABSENT Key: HKLM\Software\Wow6432Node\Classes\ClickPotatoLiteAX.UserProfiles ABSENT Key: HKLM\Software\Wow6432Node\Classes\ClickPotatoLiteAX.UserProfiles.1 SUPPRIME Key*: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD22} ABSENT Key: HKCU\Software\5248f8cb76dbe13 ========== Valeur(s) du Registre ========== ABSENT [HKCU\Software\5248f8cb76dbe13\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1125.80]:guid="{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}" ABSENT [HKCU\Software\5248f8cb76dbe13\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1125.80]:version="2.6.1125.80" ========== Dossier(s) ========== SUPPRIME Folder: C:\Program Files (x86)\BearShare Applications SUPPRIME Folder: C:\Program Files (x86)\ClickPotatoLite SUPPRIME Folder: C:\ProgramData\Babylon SUPPRIME Folder: C:\ProgramData\ClickPotatoLiteSA SUPPRIME Folder: C:\Users\rachel\AppData\Roaming\Babylon SUPPRIME Folder: C:\Users\rachel\AppData\Local\Ilivid Player SUPPRIME Folder: c:\programdata\microsoft\windows\start menu\programs\clickpotato SUPPRIME Folder: c:\users\rachel\appdata\locallow\babylontoolbar SUPPRIME Folder: c:\users\rachel\appdata\locallow\searchquband ========== Fichier(s) ========== SUPPRIME File: c:\users\rachel\appdata\local\temp\uninst1.exe ABSENT Folder/File: c:\program files (x86)\bearshare applications ABSENT Folder/File: c:\programdata\babylon ABSENT Folder/File: c:\programdata\clickpotatolitesa ABSENT Folder/File: c:\users\rachel\appdata\roaming\babylon ABSENT Folder/File: c:\users\rachel\appdata\local\temp\uninst1.exe SUPPRIME File: C:\Users\rachel\AppData\Local\Temp\GoogleToolbarInstaller1.log ========== Tache planifiée ========== SUPPRIME Task: {B28BBECD-E690-40BC-A459-409055DD1A42} ========== Autre ========== NON TRAITE Malware (59) ========== Récapitulatif ========== 1 : Processus mémoire 36 : Clé(s) du Registre 2 : Valeur(s) du Registre 9 : Dossier(s) 7 : Fichier(s) 1 : Tache planifiée 1 : Autre End of clean in 00mn 21s ========== Chemin de fichier rapport ========== C:\ZHP\ZHPFix[R1].txt - 04/06/2013 14:14:22 [4927]