A voir également:
- Pc trés lent
- Pc tres lent - Guide
- Test performance pc - Guide
- Reinitialiser pc - Guide
- Whatsapp pc - Télécharger - Messagerie
- Double ecran pc - Guide
17 réponses
^Abel^
Messages postés
15399
Date d'inscription
jeudi 14 juillet 2011
Statut
Contributeur
Dernière intervention
14 février 2023
6 858
11 juil. 2012 à 20:14
11 juil. 2012 à 20:14
Bonsoir,
Quelques pistes...
Quelques pistes...
Utilisateur anonyme
11 juil. 2012 à 20:14
11 juil. 2012 à 20:14
Bonjour
On va faire une analyse de ton systéme.
* Télécharge ZHPDiag ( de Nicolas coolman ).
ou
ZHPDiag
ou
https://www.zebulon.fr/telechargements/securite/systeme/zhpdiag.html
Ou le lien FTP en secours :
ftp://zebulon.fr/ZHPDiag2.exe
***********************
/!\Utilisateurs de Vista et Windows 7 : Clique droit sur le logo de ZHPDiag.exe, (icône en forme de parchemin) exécuter en tant qu'Administrateur /!\
* Laisse toi guider lors de l'installation
* Il se lancera automatiquement à la fin de l'installation
* Clique sur l'icône représentant une loupe (« Lancer le diagnostic »)
* Enregistre le rapport sur ton Bureau à l'aide de l'icône représentant une disquette
* Héberge le rapport ZHPDiag.txt sur le site pjjoint.malekal.com ou cijoint.fr ou toofiles puis copie/colle le lien fournit dans ta prochaine réponse sur le forum
On va faire une analyse de ton systéme.
* Télécharge ZHPDiag ( de Nicolas coolman ).
ou
ZHPDiag
ou
https://www.zebulon.fr/telechargements/securite/systeme/zhpdiag.html
Ou le lien FTP en secours :
ftp://zebulon.fr/ZHPDiag2.exe
***********************
/!\Utilisateurs de Vista et Windows 7 : Clique droit sur le logo de ZHPDiag.exe, (icône en forme de parchemin) exécuter en tant qu'Administrateur /!\
* Laisse toi guider lors de l'installation
* Il se lancera automatiquement à la fin de l'installation
* Clique sur l'icône représentant une loupe (« Lancer le diagnostic »)
* Enregistre le rapport sur ton Bureau à l'aide de l'icône représentant une disquette
* Héberge le rapport ZHPDiag.txt sur le site pjjoint.malekal.com ou cijoint.fr ou toofiles puis copie/colle le lien fournit dans ta prochaine réponse sur le forum
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
Rapport de ZHPDiag v1.31.105 par Nicolas Coolman, Update du 25/06/2012
Run by maryline at 11/07/2012 20:31:22
Web site : http://www.premiumorange.com/zeb-help-process/zhpdiag.html
Web site : http://nicolascoolman.skyrock.com/
State : Version à jour.
---\\ Web Browser
MSIE: Internet Explorer v
---\\ Windows Product Information
~ Langage: Français
Windows Vista Home Premium Edition, 32-bit Service Pack 1 (Build 6001)
Windows Server License Manager Script : OK
~ Vista, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Windows ID Activation : OK
~ Windows Partial Key : WQD8Q
Windows License : OK
Windows Automatic Updates : OK
---\\ System Information
~ Processor: x86 Family 15 Model 107 Stepping 1, AuthenticAMD
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 1917 MB (46% free)
System Restore: Inconnu (Unknown)
System drive C: has 227 GB (69%) free of 328 GB
---\\ Logged in mode
~ Computer Name: PC-DE-MARYLINE
~ User Name: maryline
~ All Users Names: maryline, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
Logged in as Administrator
---\\ Environnement Variables
~ System Unit : C:\
~ %AppData% : C:\Users\maryline\AppData\Roaming\
~ %Desktop% : C:\Users\maryline\Desktop\
~ %Favorites% : C:\Users\maryline\Favorites\
~ %LocalAppData% : C:\Users\maryline\AppData\Local\
~ %StartMenu% : C:\Users\maryline\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\
---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 227 Go of 328 Go)
D:\ Hard drive, Flash drive, Thumb drive (Free 1 Go of 7 Go)
E:\ CD-ROM drive (Not Inserted)
F:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
G:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
H:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
I:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
---\\ Security Center & Tools Informations
[HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] Load: OK
~ Scan Security Center in 00mn 00s
---\\ Recherche particulière de fichiers génériques
[MD5.4F554999D7D5F05DAAEBBA7B5BA1089D] - (.Microsoft Corporation - Explorateur Windows.) (.29/10/2008 - 07:29:41.) -- C:\Windows\Explorer.exe [2927104]
[MD5.101BA3EA053480BB5D957EF37C06B5ED] - (.Microsoft Corporation - Application de démarrage de Windows.) (.19/01/2008 - 08:33:37.) -- C:\Windows\System32\Wininit.exe [96768]
[MD5.DA5A72211661C7F162B332FEA4F09A69] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.21/04/2011 - 16:00:34.) -- C:\Windows\System32\wininet.dll [833024]
[MD5.C2610B6BDBEFC053BBDAB4F1B965CB24] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.19/01/2008 - 08:33:37.) -- C:\Windows\System32\Winlogon.exe [314880]
[MD5.48EB99503533C27AC6135648E5474457] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.21/04/2011 - 14:16:42.) -- C:\Windows\system32\Drivers\AFD.sys [273408]
[MD5.2D9C903DC76A66813D350A562DE40ED9] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.19/01/2008 - 08:41:30.) -- C:\Windows\system32\Drivers\atapi.sys [21560]
[MD5.7ADD03E75BEB9E6DD102C3081D29840A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.19/01/2008 - 06:28:02.) -- C:\Windows\system32\Drivers\Cdfs.sys [70144]
[MD5.1EC25CEA0DE6AC4718BF89F9E1778B57] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.19/01/2008 - 06:49:51.) -- C:\Windows\system32\Drivers\Cdrom.sys [67072]
[MD5.A3E9FA213F443AC77C7746119D13FEEC] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.14/04/2011 - 15:24:14.) -- C:\Windows\system32\Drivers\DfsC.sys [75264]
[MD5.C87B1EE051C0464491C1A7B03FA0BC99] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.19/01/2008 - 05:30:49.) -- C:\Windows\system32\Drivers\HDAudBus.sys [53760]
[MD5.22D56C8184586B7A1F6FA60BE5F5A2BD] - (.Microsoft Corporation - Pilote de port i8042.) (.19/01/2008 - 06:49:18.) -- C:\Windows\system32\Drivers\i8042prt.sys [54784]
[MD5.8793643A67B42CEC66490B2A0CF92D68] - (.Microsoft Corporation - IP Network Address Translator.) (.19/01/2008 - 06:56:28.) -- C:\Windows\system32\Drivers\IpNat.sys [100864]
[MD5.5734A0F2BE7E495F7D3ED6EFD4B9F5A1] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.29/04/2011 - 13:49:35.) -- C:\Windows\system32\Drivers\MRxSmb.sys [105984]
[MD5.7C5FEE5B1C5728507CD96FB4A13E7A02] - (.Microsoft Corporation - MBT Transport driver.) (.19/01/2008 - 06:55:35.) -- C:\Windows\system32\Drivers\netBT.sys [184320]
[MD5.B4EFFE29EB4F15538FD8A9681108492D] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.19/01/2008 - 08:43:40.) -- C:\Windows\system32\Drivers\ntfs.sys [1081912]
[MD5.0FA9B5055484649D63C303FE404E5F4D] - (.Microsoft Corporation - Pilote de port parallèle.) (.02/11/2006 - 09:51:30.) -- C:\Windows\system32\Drivers\Parport.sys [79360]
[MD5.A214ADBAF4CB47DD2728859EF31F26B0] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.19/01/2008 - 06:56:34.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [76288]
[MD5.E8BD98D46F2ED77132BA927FCCB47D8B] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.02/11/2006 - 10:03:00.) -- C:\Windows\system32\Drivers\rdpdr.sys [242688]
[MD5.031E6BCD53C9B2B9ACE111EAFEC347B6] - (.Microsoft Corporation - SMB Transport driver.) (.19/01/2008 - 06:55:27.) -- C:\Windows\system32\Drivers\smb.sys [66560]
[MD5.D09276B1FAB033CE1D40DCBDF303D10F] - (.Microsoft Corporation - TDI Translation Driver.) (.19/01/2008 - 06:55:58.) -- C:\Windows\system32\Drivers\tdx.sys [71680]
[MD5.D8B4A53DD2769F226B3EB374374987C9] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.19/01/2008 - 08:42:48.) -- C:\Windows\system32\Drivers\volsnap.sys [227896]
~ Scan Generic Processes in 00mn 00s
---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 1/706
~ Mes musiques (My Musics) : 1/2
~ Mes Videos (My Videos) : 1/2
~ Mes Favoris (My Favorites) : 1/42
~ Mes Documents (My Documents) : 1/962
~ Mon Bureau (My Desktop) : 1/44
~ Menu demarrer (Programs) : 0/31
~ Scan Hidden Files in 00mn 01s
---\\ Processus lancés
[MD5.0D392EDE3B97E0B3131B2F63EF1DB94E] - (.Microsoft Corporation - Windows Defender User Interface.) -- C:\Program Files\Windows Defender\MSASCui.exe [1008184] [PID.3068]
[MD5.9A4322EE420D6FACD4D4B1FF6CB856B1] - (.Hewlett-Packard Company - hpsysdrv.) -- C:\hp\support\hpsysdrv.exe [65536] [PID.3076]
[MD5.B1361669BDC6ED612C35B7C67ADA2240] - (.OsdMaestro - OsdMaestro main program.) -- C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe [118784] [PID.3108]
[MD5.361CD47DC5BD83EE24407903233B0D9A] - (.Realtek Semiconductor - HD Audio Control Panel.) -- C:\Windows\RtHDVCpl.exe [4874240] [PID.3240]
[MD5.7AF5A466CF4AECA28E3DCBCF5B6FD220] - (.Hewlett-Packard Co. - Hewlett-Packard Product Assistant.) -- C:\Program Files\HP\HP Software Update\hpwuSchd2.exe [49152] [PID.3268]
[MD5.9D5E8B45BD348DF0882C69EED0E83111] - (.Avira GmbH - Antivirus System Tray Tool.) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [281768] [PID.3284]
[MD5.4B555106290BD117334E9A08761C035A] - (...) -- ystem32\rundll32.exe [0] [PID.]
[MD5.689C6EA7A17B3AE0F2A0151465EF311E] - (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Windows\system32\jusched.exe [132760] [PID.3460]
[MD5.78F42F52A03838E1AAE214AB93500F77] - (.Portrait Displays, Inc - HP My Display.) -- C:\Program Files\Portrait Displays\HP My Display\dthtml.exe [278528] [PID.3476]
[MD5.98A078F838A70F84E1BD490D7C7675F4] - (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe [254696] [PID.3460]
[MD5.BF08674925F151BD4537B89A493E3E0C] - (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehtray.exe [125952] [PID.3644]
[MD5.390679F7A217A5E73D756276C40AE887] - (.Safer-Networking Ltd. - System settings protector.) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2260480] [PID.3656]
[MD5.F14219FC767F1383526AB423F278A8E3] - (.Hewlett-Packard Co. - HP Digital Imaging Monitor.) -- C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [210520] [PID.3684]
[MD5.C847E654B56B3EDFC6283FDD37FF1DE6] - (.Portrait Displays Inc. - Context Menu Utility.) -- C:\Program Files\Common Files\Portrait Displays\Shared\HookManager.exe [110592] [PID.3736]
[MD5.0F4195B9B348DE5CF9B822F81704B20E] - (.Microsoft Corporation - Media Center Media Status Aggregator Servic.) -- C:\Windows\ehome\ehmsas.exe [37376] [PID.3804]
[MD5.FEDDD3579FEE51A9873D856DF3933C68] - (.Hewlett-Packard Co. - HP CUE Status Root.) -- C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe [151552] [PID.4076]
[MD5.7CAC10A1C258DFCB5ADE563BAE6D2F15] - (.Hewlett-Packard Company - KBD EXE.) -- C:\hp\kbd\kbd.exe [67128] [PID.1656]
[MD5.77B9A891222FB46B13E414B99E1AF842] - (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe [634648] [PID.1292]
[MD5.B850459C3CB463CF45D727D25202FB2C] - (.Hewlett-Packard Co. - Leo (ClipBookDB) - add-on for Internet Expl.) -- C:\Program Files\HP\Smart Web Printing\hpswp_clipbook.exe [173672] [PID.1192]
[MD5.BE955BAB4EFC2A28BE2692D102FFC85A] - (...) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [3838464] [PID.3396]
[MD5.F96EBC5A624349D81DCC7600A3C5DC43] - (.Microsoft Corporation - Console IME.) -- C:\Windows\system32\conime.exe [69120] [PID.1956]
~ Scan Processes Running in 00mn 00s
---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\maryline\AppData\Local\Google\Chrome\User Data\Default\Preferences
G1 - GCS: Preference [User Data\Default] None
~ Scan Google Browser in 00mn 00s
---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fr.yahoo.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com
R3 - URLSearchHook: (no name) - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Interpréteur de commandes Windows.) (No version) -- (.not file.)
R4 - HKCU\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,Enabled = 1
~ Scan IE Browser in 00mn 00s
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Scan Proxy management in 00mn 00s
---\\ Redirection du fichier Hosts (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Scan Hosts File in 00mn 00s
~ Nombre de lignes (Lines number): 20
---\\ Applications démarrées par registre & par dossier (O4)
O4 - HKCU\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKCU\..\Run: [HPAdvisor] C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe (.not file.)
O4 - HKCU\..\Run: [ehTray.exe] . (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] . (.Safer-Networking Ltd. - System settings protector.) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-21-2670066843-1292083002-720125370-1000\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKUS\S-1-5-21-2670066843-1292083002-720125370-1000\..\Run: [HPAdvisor] C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe (.not file.)
O4 - HKUS\S-1-5-21-2670066843-1292083002-720125370-1000\..\Run: [ehTray.exe] . (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehTray.exe
O4 - HKUS\S-1-5-21-2670066843-1292083002-720125370-1000\..\Run: [SpybotSD TeaTimer] . (.Safer-Networking Ltd. - System settings protector.) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
~ Scan Application in 00mn 00s
---\\ Autres liens utilisateurs (O4)
O4 - Global Startup: C:\Users\maryline\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\maryline\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Mail\WinMail.exe
O4 - Global Startup: C:\Users\maryline\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Media Player\wmplayer.exe
O4 - Global Startup: C:\Users\maryline\Desktop\INFORAD MANAGER.lnk . (.INFORAD Ltd.) -- C:\Program Files\INFORAD\IFDMAN.exe
O4 - Global Startup: C:\Users\maryline\Desktop\photos.lnk . (...) -- C:\Users\maryline\Documents\101MSDCF
O4 - Global Startup: C:\Users\maryline\Desktop\yahoo.lnk - Clé orpheline
O4 - Global Startup: C:\Users\maryline\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\maryline\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Solitaire.lnk . (.Microsoft Corporation.) -- C:\Program Files\Microsoft Games\Solitaire\Solitaire.exe
O4 - Global Startup: C:\Users\maryline\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Media Player\wmplayer.exe
~ Scan Global Startup in 00mn 00s
---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) - (.not file.)
~ Scan Desktop Component in 00mn 00s
---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\User_Feed_Synchronization-{FC1BD785-9F4A-4271-B1E0-AB58D97732A2}.job
[MD5.2D141D455A3F1BDAC97A08006ACD7B4B] [APT] [HP Health Check] (.Hewlett-Packard.) -- c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
[MD5.7F96DA57AA3F5BCE706580C859402B6B] [APT] [IntenetServiceOffers] (...) -- C:\Program Files\Hewlett-Packard\SDP\RemEngine.exe
[MD5.689C6EA7A17B3AE0F2A0151465EF311E] [APT] [JavaUpdatemaryline] (.Sun Microsystems, Inc..) -- C:\Windows\system32\jusched.exe
[MD5.7F96DA57AA3F5BCE706580C859402B6B] [APT] [RecoveryCD] (...) -- C:\Program Files\Hewlett-Packard\SDP\RemEngine.exe
[MD5.00000000000000000000000000000000] [APT] [{C70EF461-C258-45F5-9EC4-CA1153281CF4}] (...) -- C:\Users\maryline\Documents\programmes\LimeWireWin.exe (.not file.)
~ Scan Scheduled Task in 00mn 02s
---\\ Composants installés (ActiveSetup Installed Components) (O40) (None)
---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 07/09/2009 - 18:46:47 - [122,354] ----D C:\Program Files\Adobe
O43 - CFD: 29/12/2007 - 14:00:10 - [0] ----D C:\Program Files\Alwil Software
O43 - CFD: 27/05/2009 - 20:08:50 - [222,986] ----D C:\Program Files\Avira
O43 - CFD: 29/12/2007 - 14:10:22 - [29,772] ----D C:\Program Files\AxBx
O43 - CFD: 09/03/2008 - 14:00:05 - [0] ----D C:\Program Files\BoontyGames
O43 - CFD: 02/01/2012 - 16:53:42 - [476,960] ----D C:\Program Files\Common Files
O43 - CFD: 27/02/2012 - 14:16:46 - [0,263] ----D C:\Program Files\DealPly
O43 - CFD: 01/01/2007 - 13:29:36 - [49,120] ----D C:\Program Files\EasyBits
O43 - CFD: 29/12/2007 - 14:01:19 - [12,648] ----D C:\Program Files\eChanblard
O43 - CFD: 14/12/2008 - 12:15:25 - [0] ----D C:\Program Files\EleFun Desktops
O43 - CFD: 27/12/2007 - 16:59:50 - [0] R---D C:\Program Files\Fichiers communs
O43 - CFD: 01/01/2007 - 05:51:09 - [19,416] ----D C:\Program Files\Hewlett-Packard
O43 - CFD: 27/12/2007 - 19:53:54 - [116,570] ----D C:\Program Files\HP
O43 - CFD: 26/12/2009 - 16:48:37 - [9,918] ----D C:\Program Files\INFORAD
O43 - CFD: 26/12/2009 - 16:48:37 - [0,520] ----D C:\Program Files\INFORAD_DRIVERS
O43 - CFD: 10/07/2012 - 19:30:11 - [19,195] --H-D C:\Program Files\InstallShield Installation Information
O43 - CFD: 18/06/2011 - 08:51:20 - [1,486] ----D C:\Program Files\Internet Explorer
O43 - CFD: 05/05/2012 - 15:24:45 - [249,733] ----D C:\Program Files\Java
O43 - CFD: 02/01/2012 - 17:37:28 - [1,211] ----D C:\Program Files\LimeWire
O43 - CFD: 02/11/2006 - 14:37:34 - [88,508] ----D C:\Program Files\Microsoft Games
O43 - CFD: 27/02/2012 - 20:08:09 - [4,022] ----D C:\Program Files\Microsoft Office
O43 - CFD: 01/01/2007 - 05:46:54 - [143,337] ----D C:\Program Files\Microsoft Works
O43 - CFD: 27/06/2010 - 09:20:56 - [0,015] ----D C:\Program Files\Microsoft.NET
O43 - CFD: 23/08/2010 - 11:45:13 - [94,574] ----D C:\Program Files\Movie Maker
O43 - CFD: 02/11/2006 - 14:37:34 - [0,025] ----D C:\Program Files\MSBuild
O43 - CFD: 09/12/2011 - 10:52:37 - [64,741] ----D C:\Program Files\MSECache
O43 - CFD: 29/12/2007 - 14:23:50 - [0] ----D C:\Program Files\MSXML 4.0
O43 - CFD: 01/01/2007 - 05:43:54 - [4,398] ----D C:\Program Files\muvee Technologies
O43 - CFD: 27/02/2012 - 20:14:40 - [351,650] ----D C:\Program Files\OpenOffice.org 3
O43 - CFD: 01/01/2007 - 06:07:12 - [122,147] ----D C:\Program Files\PC-Doctor 5 for Windows
O43 - CFD: 02/01/2012 - 16:53:42 - [9,964] ----D C:\Program Files\Portrait Displays
O43 - CFD: 27/02/2012 - 13:55:55 - [2,704] ----D C:\Program Files\PriceGong
O43 - CFD: 26/12/2009 - 16:49:16 - [0,318] ----D C:\Program Files\Prolific Technology INC
O43 - CFD: 21/10/2008 - 16:25:50 - [29,723] ----D C:\Program Files\Realtek
O43 - CFD: 02/11/2006 - 14:37:34 - [36,894] ----D C:\Program Files\Reference Assemblies
O43 - CFD: 01/01/2007 - 05:42:36 - [220,188] ----D C:\Program Files\Roxio
O43 - CFD: 10/07/2012 - 17:48:07 - [3,368] ----D C:\Program Files\Savings Sidekick
O43 - CFD: 01/01/2007 - 05:53:17 - [35,272] ----D C:\Program Files\Services en ligne
O43 - CFD: 10/07/2012 - 18:15:01 - [0,266] ----D C:\Program Files\SpecialSavings
O43 - CFD: 11/07/2012 - 19:46:44 - [63,883] ----D C:\Program Files\Spybot - Search & Destroy
O43 - CFD: 10/07/2012 - 18:15:07 - [6,369] --H-D C:\Program Files\Uninstall Information
O43 - CFD: 29/12/2007 - 14:50:56 - [0,001] ----D C:\Program Files\vso
O43 - CFD: 02/09/2008 - 16:11:59 - [0,970] ----D C:\Program Files\Windows Calendar
O43 - CFD: 02/09/2008 - 16:11:56 - [2,633] ----D C:\Program Files\Windows Collaboration
O43 - CFD: 02/09/2008 - 16:11:55 - [4,284] ----D C:\Program Files\Windows Defender
O43 - CFD: 02/09/2008 - 16:11:56 - [6,756] ----D C:\Program Files\Windows Journal
O43 - CFD: 18/06/2011 - 08:46:21 - [8,694] ----D C:\Program Files\Windows Mail
O43 - CFD: 14/10/2010 - 09:50:16 - [4,291] ----D C:\Program Files\Windows Media Player
O43 - CFD: 27/12/2007 - 16:59:50 - [7,577] ----D C:\Program Files\Windows NT
O43 - CFD: 02/09/2008 - 16:11:56 - [12,841] ----D C:\Program Files\Windows Photo Gallery
O43 - CFD: 02/09/2008 - 16:11:56 - [6,210] ----D C:\Program Files\Windows Sidebar
O43 - CFD: 28/02/2012 - 09:34:23 - [0,000] ----D C:\Program Files\WinRAR
O43 - CFD: 03/01/2012 - 10:13:59 - [3,845] ----D C:\Program Files\Yahoo!
O43 - CFD: 11/07/2012 - 20:31:47 - [12,845] ----D C:\Program Files\ZHPDiag
O43 - CFD: 07/09/2009 - 18:46:21 - [10,384] ----D C:\Program Files\Common Files\Adobe
O43 - CFD: 27/12/2007 - 19:51:58 - [0,436] ----D C:\Program Files\Common Files\Hewlett-Packard
O43 - CFD: 01/01/2007 - 05:34:58 - [4,768] ----D C:\Program Files\Common Files\HP
O43 - CFD: 25/12/2010 - 14:50:16 - [11,446] ----D C:\Program Files\Common Files\InstallShield
O43 - CFD: 05/05/2012 - 15:26:40 - [33,535] ----D C:\Program Files\Common Files\Java
O43 - CFD: 01/01/2007 - 05:43:30 - [19,489] ---AD C:\Program Files\Common Files\LightScribe
O43 - CFD: 01/01/2007 - 05:43:16 - [0,066] ---AD C:\Program Files\Common Files\LS Getting Started
O43 - CFD: 25/03/2008 - 18:08:45 - [0,314] ----D C:\Program Files\Common Files\Micro Application Shared
O43 - CFD: 27/02/2012 - 20:08:09 - [223,196] ----D C:\Program Files\Common Files\microsoft shared
O43 - CFD: 10/07/2012 - 19:30:11 - [4,398] ----D C:\Program Files\Common Files\muvee Technologies
O43 - CFD: 02/01/2012 - 16:53:50 - [5,023] ----D C:\Program Files\Common Files\Portrait Displays
O43 - CFD: 01/01/2007 - 05:42:37 - [0,924] ----D C:\Program Files\Common Files\PX Storage Engine
O43 - CFD: 01/01/2007 - 05:42:13 - [109,792] ----D C:\Program Files\Common Files\Roxio Shared
O43 - CFD: 02/11/2006 - 13:18:33 - [0,003] ----D C:\Program Files\Common Files\Services
O43 - CFD: 01/01/2007 - 05:42:14 - [4,573] ----D C:\Program Files\Common Files\Sonic Shared
O43 - CFD: 02/11/2006 - 13:18:33 - [39,198] ----D C:\Program Files\Common Files\SpeechEngines
O43 - CFD: 01/01/2007 - 05:35:59 - [0,697] ----D C:\Program Files\Common Files\SureThing Shared
O43 - CFD: 27/12/2007 - 17:28:44 - [0,433] ----D C:\Program Files\Common Files\Symantec Shared
O43 - CFD: 02/09/2008 - 16:11:55 - [8,286] ----D C:\Program Files\Common Files\System
O43 - CFD: 07/09/2009 - 18:46:16 - [0,001] ----D C:\ProgramData\Adobe
O43 - CFD: 02/11/2006 - 15:02:03 - [0] --H-D C:\ProgramData\Application Data
O43 - CFD: 04/08/2011 - 09:29:17 - [0] ----D C:\ProgramData\Ask
O43 - CFD: 27/05/2009 - 20:08:50 - [23,165] ----D C:\ProgramData\Avira
O43 - CFD: 27/02/2012 - 14:14:58 - [0] ----D C:\ProgramData\Babylon
O43 - CFD: 27/12/2007 - 16:59:50 - [0] --H-D C:\ProgramData\Bureau
O43 - CFD: 02/11/2006 - 15:02:03 - [0] --H-D C:\ProgramData\Desktop
O43 - CFD: 02/11/2006 - 15:02:03 - [0] --H-D C:\ProgramData\Documents
O43 - CFD: 27/12/2007 - 16:59:50 - [0] --H-D C:\ProgramData\Favoris
O43 - CFD: 02/11/2006 - 15:02:03 - [0] --H-D C:\ProgramData\Favorites
O43 - CFD: 10/07/2012 - 19:27:13 - [0,036] ----D C:\ProgramData\Google
O43 - CFD: 30/12/2007 - 19:26:25 - [0,512] ----D C:\ProgramData\Hewlett-Packard
O43 - CFD: 27/03/2010 - 18:15:10 - [7,307] ----D C:\ProgramData\HP
O43 - CFD: 30/01/2010 - 21:04:52 - [0,001] ----D C:\ProgramData\HP Product Assistant
O43 - CFD: 27/12/2007 - 19:53:54 - [0] ----D C:\ProgramData\HPSSUPPLY
O43 - CFD: 30/12/2007 - 19:20:01 - [0,000] ----D C:\ProgramData\IM
O43 - CFD: 30/12/2007 - 19:19:02 - [4,618] ----D C:\ProgramData\IncrediMail
O43 - CFD: 27/12/2007 - 16:59:50 - [0] --H-D C:\ProgramData\Menu Démarrer
O43 - CFD: 29/12/2007 - 14:04:48 - [8,546] -S--D C:\ProgramData\Microsoft
O43 - CFD: 27/12/2007 - 16:59:50 - [0] --H-D C:\ProgramData\Modèles
O43 - CFD: 01/01/2007 - 05:43:49 - [0] ----D C:\ProgramData\muvee Technologies
O43 - CFD: 06/09/2010 - 18:04:25 - [0,177] ----D C:\ProgramData\NVIDIA
O43 - CFD: 01/01/2007 - 05:49:43 - [0,001] ----D C:\ProgramData\PC-Doctor
O43 - CFD: 09/02/2008 - 22:36:26 - [16,318] ----D C:\ProgramData\Roxio
O43 - CFD: 01/01/2007 - 05:35:46 - [0,001] ----D C:\ProgramData\Sonic
O43 - CFD: 11/07/2012 - 20:22:08 - [8,508] ----D C:\ProgramData\Spybot - Search & Destroy
O43 - CFD: 02/11/2006 - 15:02:03 - [0] --H-D C:\ProgramData\Start Menu
O43 - CFD: 14/05/2010 - 17:22:57 - [0,000] ----D C:\ProgramData\Sun
O43 - CFD: 27/12/2007 - 17:41:58 - [4,817] ----D C:\ProgramData\Symantec
O43 - CFD: 02/11/2006 - 15:02:04 - [0] --H-D C:\ProgramData\Templates
O43 - CFD: 30/01/2010 - 21:08:02 - [0,000] ----D C:\ProgramData\WEBREG
O43 - CFD: 02/01/2012 - 18:12:06 - [0] ----D C:\ProgramData\Yahoo!
O43 - CFD: 02/09/2008 - 16:23:18 - [1,122] ----D C:\Users\maryline\AppData\Roaming\Adobe
O43 - CFD: 01/01/2011 - 21:01:14 - [0] ----D C:\Users\maryline\AppData\Roaming\Avira
O43 - CFD: 11/07/2012 - 20:04:44 - [0,133] ----D C:\Users\maryline\AppData\Roaming\Complitly
O43 - CFD: 02/01/2012 - 17:20:02 - [0,038] ----D C:\Users\maryline\AppData\Roaming\DisplayTune
O43 - CFD: 14/12/2008 - 12:13:58 - [3,693] ----D C:\Users\maryline\AppData\Roaming\EleFun Desktops
O43 - CFD: 27/02/2012 - 18:27:17 - [0] ----D C:\Users\maryline\AppData\Roaming\GetRightToGo
O43 - CFD: 28/12/2007 - 19:37:43 - [0] ----D C:\Users\maryline\AppData\Roaming\Google
O43 - CFD: 27/12/2007 - 17:08:30 - [0,289] ----D C:\Users\maryline\AppData\Roaming\Hewlett-Packard
O43 - CFD: 09/07/2008 - 11:35:34 - [0,213] ----D C:\Users\maryline\AppData\Roaming\HP
O43 - CFD: 27/12/2007 - 19:53:46 - [0,063] ----D C:\Users\maryline\AppData\Roaming\HPAppData
O43 - CFD: 06/07/2012 - 21:37:31 - [0,003] ----D C:\Users\maryline\AppData\Roaming\HpUpdate
O43 - CFD: 27/12/2007 - 17:07:43 - [0] ----D C:\Users\maryline\AppData\Roaming\Identities
O43 - CFD: 28/12/2007 - 18:40:24 - [0] ----D C:\Users\maryline\AppData\Roaming\InstallShield
O43 - CFD: 27/12/2007 - 17:05:43 - [4,029] ----D C:\Users\maryline\AppData\Roaming\Macromedia
O43 - CFD: 02/11/2006 - 14:37:34 - [0] ----D C:\Users\maryline\AppData\Roaming\Media Center Programs
O43 - CFD: 27/02/2012 - 19:05:56 - [2,498] -S--D C:\Users\maryline\AppData\Roaming\Microsoft
O43 - CFD: 27/02/2012 - 19:08:09 - [45,070] ----D C:\Users\maryline\AppData\Roaming\OpenOffice.org
O43 - CFD: 10/07/2012 - 19:28:20 - [0] ----D C:\Users\maryline\AppData\Roaming\PerformerSoft
O43 - CFD: 09/02/2008 - 22:36:02 - [0,013] ----D C:\Users\maryline\AppData\Roaming\Roxio
O43 - CFD: 27/12/2007 - 17:32:48 - [0,008] ----D C:\Users\maryline\AppData\Roaming\Template
O43 - CFD: 21/10/2008 - 16:25:42 - [0] ----D C:\Users\maryline\AppData\Roaming\WinBatch
O43 - CFD: 27/02/2012 - 18:27:11 - [0] ----D C:\Users\maryline\AppData\Roaming\WinRAR
O43 - CFD: 09/03/2008 - 15:22:02 - [51,820] ----D C:\Users\maryline\AppData\Local\Adobe
O43 - CFD: 27/12/2007 - 17:03:08 - [0] ----D C:\Users\maryline\AppData\Local\Application Data
O43 - CFD: 27/02/2012 - 20:23:54 - [1,487] ----D C:\Users\maryline\AppData\Local\Apps
O43 - CFD: 02/01/2012 - 16:53:43 - [0] ----D C:\Users\maryline\AppData\Local\Conduit
O43 - CFD: 10/07/2012 - 17:50:25 - [0] ----D C:\Users\maryline\AppData\Local\Deployment
O43 - CFD: 10/07/2012 - 19:27:38 - [26,049] ----D C:\Users\maryline\AppData\Local\Google
O43 - CFD: 27/12/2007 - 17:08:23 - [0,002] ----D C:\Users\maryline\AppData\Local\Hewlett-Packard
O43 - CFD: 27/12/2007 - 17:03:08 - [0] ----D C:\Users\maryline\AppData\Local\Historique
O43 - CFD: 12/10/2008 - 17:18:14 - [0,106] ----D C:\Users\maryline\AppData\Local\HP Guide
O43 - CFD: 30/12/2007 - 19:21:23 - [10,882] ----D C:\Users\maryline\AppData\Local\IM
O43 - CFD: 09/12/2011 - 10:58:11 - [349,621] ----D C:\Users\maryline\AppData\Local\Microsoft
O43 - CFD: 09/02/2008 - 14:59:04 - [2,090] ----D C:\Users\maryline\AppData\Local\Microsoft Games
O43 - CFD: 10/07/2012 - 17:47:40 - [0,054] ----D C:\Users\maryline\AppData\Local\Savings Sidekick
O43 - CFD: 11/07/2012 - 20:27:01 - [36,362] ----D C:\Users\maryline\AppData\Local\Temp
O43 - CFD: 27/12/2007 - 17:03:08 - [0] ----D C:\Users\maryline\AppData\Local\Temporary Internet Files
O43 - CFD: 25/03/2008 - 18:05:39 - [1,018] ----D C:\Users\maryline\AppData\Local\VirtualStore
O43 - CFD: 05/11/2010 - 19:11:16 - [0] ----D C:\Users\maryline\AppData\Local\Yahoo
O43 - CFD: 02/11/2006 - 14:54:36 - [0,015] R---D C:\Users\maryline\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 27/12/2007 - 17:07:50 - [0,000] R---D C:\Users\maryline\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 02/11/2006 - 14:50:41 - [0,001] R---D C:\Users\maryline\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 16/02/2008 - 15:29:12 - [0,003] ----D C:\Users\maryline\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PrintPaks
O43 - CFD: 16/02/2008 - 15:29:21 - [0,003] ----D C:\Users\maryline\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\QuickTime for Windows
O43 - CFD: 10/07/2012 - 18:15:01 - [0,001] ----D C:\Users\maryline\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpecialSavings
O43 - CFD: 11/07/2012 - 20:31:15 - [0] R---D C:\Users\maryline\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
~ Scan Program Folder in 00mn 14s
---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.FBF6C962082BCA9A6FF8EF7F02F7AFB4] - 11/07/2012 - 19:24:51 ---A- . (...) -- C:\Windows\WindowsUpdate.log [1818989]
O44 - LFC:[MD5.56FC4ED29EEE34BDF83D01B9B43C37A4] - 11/07/2012 - 19:21:06 -S-A- . (...) -- C:\Windows\bootstat.dat [67584]
O44 - LFC:[MD5.9F552C3B95A6A2CD7A5A58D4E7DCCA8E] - 11/07/2012 - 07:12:16 ---A- . (...) -- C:\Windows\System32\FNTCACHE.DAT [414208]
O44 - LFC:[MD5.90984CCD2D0576F27B796412BEF3BADC] - 11/07/2012 - 07:11:53 ---A- . (...) -- C:\Windows\PFRO.log [88396]
O44 - LFC:[MD5.7E1ED3D1F2BB45390EB56174BB865BFC] - 10/07/2012 - 16:47:33 ---A- . (.PerformerSoft LLC - PC Performer.) -- C:\Windows\System32\roboot.exe [17464]
~ Scan Files in 00mn 54s
---\\ Contrôle du Safe Boot (CSB) (O49) (None)
---\\ MountPoints2 Shell Key (O51)
O51 - MPSK:{60b961a7-b5f3-11dc-8bbd-001bb9f20e2b}\AutoRun\command. (...) -- K:\LaunchU3.exe (.not file.)
~ Scan Keys in 00mn 00s
---\\ ShareTools MSconfig StartupReg (O53) (None)
---\\ Liste des Drivers Système (O58)
O58 - SDL:[MD5.2EDC5BBAC6C651ECE337BDE8ED97C9FB] - 02/11/2006 - 10:51:38 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\Drivers\adp94xx.sys [420968]
O58 - SDL:[MD5.8AAD333C876590293F72B315E162BCC7] - 02/11/2006 - 08:09:42 ---A- . (...) -- C:\Windows\System32\ANSI.SYS [9029]
~ Scan Drivers in 00mn 00s
---\\ File Associations Shell Spawning (O67)
O67 - Shell Spawning: <.html> <ChromeHTML>[HKCU\..\open\Command] (.Not Key.)
O67 - Shell Spawning: <.com> <>[HKU\..\open\Command] (.Not Key.)
O67 - Shell Spawning: <.exe> <>[HKU\..\open\Command] (.Not Key.)
O67 - Shell Spawning: <.html> <ChromeHTML>[HKCR\..\open\Command] (.Not Key.)
~ Scan Keys in 00mn 00s
---\\ Start Menu Internet (O68) (None)
---\\ Search Browser Infection (O69)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (@ieframe.dll,-12512) - http://search.live.com
O69 - SBI: SearchScopes [HKCU] {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} [DefaultScope] - (Search the web (Babylon)) - http://search.babylon.com
O69 - SBI: SearchScopes [HKCU] {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} - (Ask Search) - http://websearch.ask.com
O69 - SBI: SearchScopes [HKCU] {8B4AD9E9-78AC-447E-8CC4-4810D08A492B} - (Yahoo! France) - http://fr.search.yahoo.com
O69 - SBI: SearchScopes [HKCU] {afdbddaa-5d3f-42ee-b79c-185a7020515b} - (Promotions-discount.com Customized Web Search) - http://search.conduit.com
O69 - SBI: SearchScopes [HKCU] {D09D7B73-4744-4F46-BE34-41B841126ABD} - (Kelkoo) - http://fr.kelkoopartners.net
~ Scan Keys in 00mn 00s
---\\ Recherche des services démarrés par Svchost (O83) (None)
---\\ Recherche particuliere à la racine de certains dossiers (O84)
[MD5.0CAD51230F47A79E07FB74181559D5BE] [SPRF][29/02/2008] (.Grand Soft Inc. - Grand Installer.) -- C:\Users\maryline\AppData\Roaming\setup_fr[1].exe [260632]
[MD5.1DD79C4B09D75C7F337E30D59B9C3734] [SPRF][07/05/2012] (...) -- C:\Users\maryline\AppData\Roaming\wklnhst.dat [1732]
[MD5.1027DF7F909776789D9D1C2C30410166] [SPRF][27/02/2012] (...) -- C:\Users\maryline\Desktop\openoffice-org_openoffice.org_3.3.0_final_francais_10677.exe [152474936]
[MD5.54ACBA9CFD7154C02CEACF6310CF3CFA] [SPRF][10/07/2012] (.Safer Networking Limited - Spybot - Search & Destroy.) -- C:\Users\maryline\Desktop\spybot-search-and-destroy_spybot_-_search_destroy_1.6.2_francais_10965.exe [16409960]
[MD5.4A2EE51A9B91C7AD090B008597C26502] [SPRF][11/07/2012] (.Nicolas Coolman - ZHPDiag.) -- C:\Users\maryline\Desktop\ZHPDiag2.exe [4656699]
~ Scan Files in 00mn 03s
---\\ Scan Additionnel (O88)
Database Version : 9170 - (25/06/2012)
Clés trouvées (Keys found) : 15
Valeurs trouvées (Values found) : 1
Dossiers trouvés (Folders found) : 12
Fichiers trouvés (Files found) : 0
[HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\pricegong] =>Adware.PriceGong
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ecdf796-c2dc-4d79-a620-cce0c0a66cc9}] =>Adware.MyWebSearch
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0FB6A909-6086-458F-BD92-1F8EE10042A0}] =>Adware.PredictAd
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1185823F-F22F-4027-80E5-4F68ACD5DE5E}] =>Adware.Agent
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1185823F-F22F-4027-80E5-4F68ACD5DE5E}] =>Adware.Agent
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1631550F-191D-4826-B069-D9439253D926}] =>Adware.PriceGong
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}] =>Toolbar.Agent
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}] =>Toolbar.Agent
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4a99-B4B6-146BF802613B}] =>Toolbar.Babylon
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49dd-99D7-DC866BE87DBC}] =>Toolbar.Babylon
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448}] =>PUP.DealPly
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}] =>Toolbar.Conduit
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}] =>Toolbar.AskSBar
[HKCU\Software\AppDataLow\Software\PriceGong] =>Adware.PriceGong
[HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]:{D4027C7F-154A-4066-A1AD-4243D8127440} =>Toolbar.AskSBar
C:\Program Files\DealPly =>PUP.DealPly
C:\Program Files\PriceGong =>Adware.PriceGong
C:\ProgramData\Babylon =>Toolbar.Babylon
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PriceGong =>Adware.PriceGong
C:\Users\maryline\AppData\Local\Conduit =>Toolbar.Conduit
C:\Users\maryline\AppData\LocalLow\BabylonToolbar =>Toolbar.Babylon
C:\Users\maryline\AppData\LocalLow\Conduit =>Toolbar.Conduit
C:\Users\maryline\AppData\LocalLow\PriceGong =>Adware.PriceGong
C:\Users\maryline\AppData\Local\Temp\BabylonToolbar =>Toolbar.Babylon
C:\Users\maryline\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlfienamagdnkekbbbocojppncdambda =>Adware.PredictAd
~ Scan Additionnel in 00mn 08s
End of the scan (459 lines in 01mn 54s)(0)
Run by maryline at 11/07/2012 20:31:22
Web site : http://www.premiumorange.com/zeb-help-process/zhpdiag.html
Web site : http://nicolascoolman.skyrock.com/
State : Version à jour.
---\\ Web Browser
MSIE: Internet Explorer v
---\\ Windows Product Information
~ Langage: Français
Windows Vista Home Premium Edition, 32-bit Service Pack 1 (Build 6001)
Windows Server License Manager Script : OK
~ Vista, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Windows ID Activation : OK
~ Windows Partial Key : WQD8Q
Windows License : OK
Windows Automatic Updates : OK
---\\ System Information
~ Processor: x86 Family 15 Model 107 Stepping 1, AuthenticAMD
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 1917 MB (46% free)
System Restore: Inconnu (Unknown)
System drive C: has 227 GB (69%) free of 328 GB
---\\ Logged in mode
~ Computer Name: PC-DE-MARYLINE
~ User Name: maryline
~ All Users Names: maryline, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
Logged in as Administrator
---\\ Environnement Variables
~ System Unit : C:\
~ %AppData% : C:\Users\maryline\AppData\Roaming\
~ %Desktop% : C:\Users\maryline\Desktop\
~ %Favorites% : C:\Users\maryline\Favorites\
~ %LocalAppData% : C:\Users\maryline\AppData\Local\
~ %StartMenu% : C:\Users\maryline\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\
---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 227 Go of 328 Go)
D:\ Hard drive, Flash drive, Thumb drive (Free 1 Go of 7 Go)
E:\ CD-ROM drive (Not Inserted)
F:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
G:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
H:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
I:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
---\\ Security Center & Tools Informations
[HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] Load: OK
~ Scan Security Center in 00mn 00s
---\\ Recherche particulière de fichiers génériques
[MD5.4F554999D7D5F05DAAEBBA7B5BA1089D] - (.Microsoft Corporation - Explorateur Windows.) (.29/10/2008 - 07:29:41.) -- C:\Windows\Explorer.exe [2927104]
[MD5.101BA3EA053480BB5D957EF37C06B5ED] - (.Microsoft Corporation - Application de démarrage de Windows.) (.19/01/2008 - 08:33:37.) -- C:\Windows\System32\Wininit.exe [96768]
[MD5.DA5A72211661C7F162B332FEA4F09A69] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.21/04/2011 - 16:00:34.) -- C:\Windows\System32\wininet.dll [833024]
[MD5.C2610B6BDBEFC053BBDAB4F1B965CB24] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.19/01/2008 - 08:33:37.) -- C:\Windows\System32\Winlogon.exe [314880]
[MD5.48EB99503533C27AC6135648E5474457] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.21/04/2011 - 14:16:42.) -- C:\Windows\system32\Drivers\AFD.sys [273408]
[MD5.2D9C903DC76A66813D350A562DE40ED9] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.19/01/2008 - 08:41:30.) -- C:\Windows\system32\Drivers\atapi.sys [21560]
[MD5.7ADD03E75BEB9E6DD102C3081D29840A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.19/01/2008 - 06:28:02.) -- C:\Windows\system32\Drivers\Cdfs.sys [70144]
[MD5.1EC25CEA0DE6AC4718BF89F9E1778B57] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.19/01/2008 - 06:49:51.) -- C:\Windows\system32\Drivers\Cdrom.sys [67072]
[MD5.A3E9FA213F443AC77C7746119D13FEEC] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.14/04/2011 - 15:24:14.) -- C:\Windows\system32\Drivers\DfsC.sys [75264]
[MD5.C87B1EE051C0464491C1A7B03FA0BC99] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.19/01/2008 - 05:30:49.) -- C:\Windows\system32\Drivers\HDAudBus.sys [53760]
[MD5.22D56C8184586B7A1F6FA60BE5F5A2BD] - (.Microsoft Corporation - Pilote de port i8042.) (.19/01/2008 - 06:49:18.) -- C:\Windows\system32\Drivers\i8042prt.sys [54784]
[MD5.8793643A67B42CEC66490B2A0CF92D68] - (.Microsoft Corporation - IP Network Address Translator.) (.19/01/2008 - 06:56:28.) -- C:\Windows\system32\Drivers\IpNat.sys [100864]
[MD5.5734A0F2BE7E495F7D3ED6EFD4B9F5A1] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.29/04/2011 - 13:49:35.) -- C:\Windows\system32\Drivers\MRxSmb.sys [105984]
[MD5.7C5FEE5B1C5728507CD96FB4A13E7A02] - (.Microsoft Corporation - MBT Transport driver.) (.19/01/2008 - 06:55:35.) -- C:\Windows\system32\Drivers\netBT.sys [184320]
[MD5.B4EFFE29EB4F15538FD8A9681108492D] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.19/01/2008 - 08:43:40.) -- C:\Windows\system32\Drivers\ntfs.sys [1081912]
[MD5.0FA9B5055484649D63C303FE404E5F4D] - (.Microsoft Corporation - Pilote de port parallèle.) (.02/11/2006 - 09:51:30.) -- C:\Windows\system32\Drivers\Parport.sys [79360]
[MD5.A214ADBAF4CB47DD2728859EF31F26B0] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.19/01/2008 - 06:56:34.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [76288]
[MD5.E8BD98D46F2ED77132BA927FCCB47D8B] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.02/11/2006 - 10:03:00.) -- C:\Windows\system32\Drivers\rdpdr.sys [242688]
[MD5.031E6BCD53C9B2B9ACE111EAFEC347B6] - (.Microsoft Corporation - SMB Transport driver.) (.19/01/2008 - 06:55:27.) -- C:\Windows\system32\Drivers\smb.sys [66560]
[MD5.D09276B1FAB033CE1D40DCBDF303D10F] - (.Microsoft Corporation - TDI Translation Driver.) (.19/01/2008 - 06:55:58.) -- C:\Windows\system32\Drivers\tdx.sys [71680]
[MD5.D8B4A53DD2769F226B3EB374374987C9] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.19/01/2008 - 08:42:48.) -- C:\Windows\system32\Drivers\volsnap.sys [227896]
~ Scan Generic Processes in 00mn 00s
---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 1/706
~ Mes musiques (My Musics) : 1/2
~ Mes Videos (My Videos) : 1/2
~ Mes Favoris (My Favorites) : 1/42
~ Mes Documents (My Documents) : 1/962
~ Mon Bureau (My Desktop) : 1/44
~ Menu demarrer (Programs) : 0/31
~ Scan Hidden Files in 00mn 01s
---\\ Processus lancés
[MD5.0D392EDE3B97E0B3131B2F63EF1DB94E] - (.Microsoft Corporation - Windows Defender User Interface.) -- C:\Program Files\Windows Defender\MSASCui.exe [1008184] [PID.3068]
[MD5.9A4322EE420D6FACD4D4B1FF6CB856B1] - (.Hewlett-Packard Company - hpsysdrv.) -- C:\hp\support\hpsysdrv.exe [65536] [PID.3076]
[MD5.B1361669BDC6ED612C35B7C67ADA2240] - (.OsdMaestro - OsdMaestro main program.) -- C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe [118784] [PID.3108]
[MD5.361CD47DC5BD83EE24407903233B0D9A] - (.Realtek Semiconductor - HD Audio Control Panel.) -- C:\Windows\RtHDVCpl.exe [4874240] [PID.3240]
[MD5.7AF5A466CF4AECA28E3DCBCF5B6FD220] - (.Hewlett-Packard Co. - Hewlett-Packard Product Assistant.) -- C:\Program Files\HP\HP Software Update\hpwuSchd2.exe [49152] [PID.3268]
[MD5.9D5E8B45BD348DF0882C69EED0E83111] - (.Avira GmbH - Antivirus System Tray Tool.) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [281768] [PID.3284]
[MD5.4B555106290BD117334E9A08761C035A] - (...) -- ystem32\rundll32.exe [0] [PID.]
[MD5.689C6EA7A17B3AE0F2A0151465EF311E] - (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Windows\system32\jusched.exe [132760] [PID.3460]
[MD5.78F42F52A03838E1AAE214AB93500F77] - (.Portrait Displays, Inc - HP My Display.) -- C:\Program Files\Portrait Displays\HP My Display\dthtml.exe [278528] [PID.3476]
[MD5.98A078F838A70F84E1BD490D7C7675F4] - (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe [254696] [PID.3460]
[MD5.BF08674925F151BD4537B89A493E3E0C] - (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehtray.exe [125952] [PID.3644]
[MD5.390679F7A217A5E73D756276C40AE887] - (.Safer-Networking Ltd. - System settings protector.) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2260480] [PID.3656]
[MD5.F14219FC767F1383526AB423F278A8E3] - (.Hewlett-Packard Co. - HP Digital Imaging Monitor.) -- C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [210520] [PID.3684]
[MD5.C847E654B56B3EDFC6283FDD37FF1DE6] - (.Portrait Displays Inc. - Context Menu Utility.) -- C:\Program Files\Common Files\Portrait Displays\Shared\HookManager.exe [110592] [PID.3736]
[MD5.0F4195B9B348DE5CF9B822F81704B20E] - (.Microsoft Corporation - Media Center Media Status Aggregator Servic.) -- C:\Windows\ehome\ehmsas.exe [37376] [PID.3804]
[MD5.FEDDD3579FEE51A9873D856DF3933C68] - (.Hewlett-Packard Co. - HP CUE Status Root.) -- C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe [151552] [PID.4076]
[MD5.7CAC10A1C258DFCB5ADE563BAE6D2F15] - (.Hewlett-Packard Company - KBD EXE.) -- C:\hp\kbd\kbd.exe [67128] [PID.1656]
[MD5.77B9A891222FB46B13E414B99E1AF842] - (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe [634648] [PID.1292]
[MD5.B850459C3CB463CF45D727D25202FB2C] - (.Hewlett-Packard Co. - Leo (ClipBookDB) - add-on for Internet Expl.) -- C:\Program Files\HP\Smart Web Printing\hpswp_clipbook.exe [173672] [PID.1192]
[MD5.BE955BAB4EFC2A28BE2692D102FFC85A] - (...) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [3838464] [PID.3396]
[MD5.F96EBC5A624349D81DCC7600A3C5DC43] - (.Microsoft Corporation - Console IME.) -- C:\Windows\system32\conime.exe [69120] [PID.1956]
~ Scan Processes Running in 00mn 00s
---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\maryline\AppData\Local\Google\Chrome\User Data\Default\Preferences
G1 - GCS: Preference [User Data\Default] None
~ Scan Google Browser in 00mn 00s
---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fr.yahoo.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com
R3 - URLSearchHook: (no name) - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Interpréteur de commandes Windows.) (No version) -- (.not file.)
R4 - HKCU\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,Enabled = 1
~ Scan IE Browser in 00mn 00s
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Scan Proxy management in 00mn 00s
---\\ Redirection du fichier Hosts (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Scan Hosts File in 00mn 00s
~ Nombre de lignes (Lines number): 20
---\\ Applications démarrées par registre & par dossier (O4)
O4 - HKCU\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKCU\..\Run: [HPAdvisor] C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe (.not file.)
O4 - HKCU\..\Run: [ehTray.exe] . (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] . (.Safer-Networking Ltd. - System settings protector.) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-21-2670066843-1292083002-720125370-1000\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKUS\S-1-5-21-2670066843-1292083002-720125370-1000\..\Run: [HPAdvisor] C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe (.not file.)
O4 - HKUS\S-1-5-21-2670066843-1292083002-720125370-1000\..\Run: [ehTray.exe] . (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehTray.exe
O4 - HKUS\S-1-5-21-2670066843-1292083002-720125370-1000\..\Run: [SpybotSD TeaTimer] . (.Safer-Networking Ltd. - System settings protector.) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
~ Scan Application in 00mn 00s
---\\ Autres liens utilisateurs (O4)
O4 - Global Startup: C:\Users\maryline\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\maryline\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Mail\WinMail.exe
O4 - Global Startup: C:\Users\maryline\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Media Player\wmplayer.exe
O4 - Global Startup: C:\Users\maryline\Desktop\INFORAD MANAGER.lnk . (.INFORAD Ltd.) -- C:\Program Files\INFORAD\IFDMAN.exe
O4 - Global Startup: C:\Users\maryline\Desktop\photos.lnk . (...) -- C:\Users\maryline\Documents\101MSDCF
O4 - Global Startup: C:\Users\maryline\Desktop\yahoo.lnk - Clé orpheline
O4 - Global Startup: C:\Users\maryline\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\maryline\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Solitaire.lnk . (.Microsoft Corporation.) -- C:\Program Files\Microsoft Games\Solitaire\Solitaire.exe
O4 - Global Startup: C:\Users\maryline\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Media Player\wmplayer.exe
~ Scan Global Startup in 00mn 00s
---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) - (.not file.)
~ Scan Desktop Component in 00mn 00s
---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\User_Feed_Synchronization-{FC1BD785-9F4A-4271-B1E0-AB58D97732A2}.job
[MD5.2D141D455A3F1BDAC97A08006ACD7B4B] [APT] [HP Health Check] (.Hewlett-Packard.) -- c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
[MD5.7F96DA57AA3F5BCE706580C859402B6B] [APT] [IntenetServiceOffers] (...) -- C:\Program Files\Hewlett-Packard\SDP\RemEngine.exe
[MD5.689C6EA7A17B3AE0F2A0151465EF311E] [APT] [JavaUpdatemaryline] (.Sun Microsystems, Inc..) -- C:\Windows\system32\jusched.exe
[MD5.7F96DA57AA3F5BCE706580C859402B6B] [APT] [RecoveryCD] (...) -- C:\Program Files\Hewlett-Packard\SDP\RemEngine.exe
[MD5.00000000000000000000000000000000] [APT] [{C70EF461-C258-45F5-9EC4-CA1153281CF4}] (...) -- C:\Users\maryline\Documents\programmes\LimeWireWin.exe (.not file.)
~ Scan Scheduled Task in 00mn 02s
---\\ Composants installés (ActiveSetup Installed Components) (O40) (None)
---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 07/09/2009 - 18:46:47 - [122,354] ----D C:\Program Files\Adobe
O43 - CFD: 29/12/2007 - 14:00:10 - [0] ----D C:\Program Files\Alwil Software
O43 - CFD: 27/05/2009 - 20:08:50 - [222,986] ----D C:\Program Files\Avira
O43 - CFD: 29/12/2007 - 14:10:22 - [29,772] ----D C:\Program Files\AxBx
O43 - CFD: 09/03/2008 - 14:00:05 - [0] ----D C:\Program Files\BoontyGames
O43 - CFD: 02/01/2012 - 16:53:42 - [476,960] ----D C:\Program Files\Common Files
O43 - CFD: 27/02/2012 - 14:16:46 - [0,263] ----D C:\Program Files\DealPly
O43 - CFD: 01/01/2007 - 13:29:36 - [49,120] ----D C:\Program Files\EasyBits
O43 - CFD: 29/12/2007 - 14:01:19 - [12,648] ----D C:\Program Files\eChanblard
O43 - CFD: 14/12/2008 - 12:15:25 - [0] ----D C:\Program Files\EleFun Desktops
O43 - CFD: 27/12/2007 - 16:59:50 - [0] R---D C:\Program Files\Fichiers communs
O43 - CFD: 01/01/2007 - 05:51:09 - [19,416] ----D C:\Program Files\Hewlett-Packard
O43 - CFD: 27/12/2007 - 19:53:54 - [116,570] ----D C:\Program Files\HP
O43 - CFD: 26/12/2009 - 16:48:37 - [9,918] ----D C:\Program Files\INFORAD
O43 - CFD: 26/12/2009 - 16:48:37 - [0,520] ----D C:\Program Files\INFORAD_DRIVERS
O43 - CFD: 10/07/2012 - 19:30:11 - [19,195] --H-D C:\Program Files\InstallShield Installation Information
O43 - CFD: 18/06/2011 - 08:51:20 - [1,486] ----D C:\Program Files\Internet Explorer
O43 - CFD: 05/05/2012 - 15:24:45 - [249,733] ----D C:\Program Files\Java
O43 - CFD: 02/01/2012 - 17:37:28 - [1,211] ----D C:\Program Files\LimeWire
O43 - CFD: 02/11/2006 - 14:37:34 - [88,508] ----D C:\Program Files\Microsoft Games
O43 - CFD: 27/02/2012 - 20:08:09 - [4,022] ----D C:\Program Files\Microsoft Office
O43 - CFD: 01/01/2007 - 05:46:54 - [143,337] ----D C:\Program Files\Microsoft Works
O43 - CFD: 27/06/2010 - 09:20:56 - [0,015] ----D C:\Program Files\Microsoft.NET
O43 - CFD: 23/08/2010 - 11:45:13 - [94,574] ----D C:\Program Files\Movie Maker
O43 - CFD: 02/11/2006 - 14:37:34 - [0,025] ----D C:\Program Files\MSBuild
O43 - CFD: 09/12/2011 - 10:52:37 - [64,741] ----D C:\Program Files\MSECache
O43 - CFD: 29/12/2007 - 14:23:50 - [0] ----D C:\Program Files\MSXML 4.0
O43 - CFD: 01/01/2007 - 05:43:54 - [4,398] ----D C:\Program Files\muvee Technologies
O43 - CFD: 27/02/2012 - 20:14:40 - [351,650] ----D C:\Program Files\OpenOffice.org 3
O43 - CFD: 01/01/2007 - 06:07:12 - [122,147] ----D C:\Program Files\PC-Doctor 5 for Windows
O43 - CFD: 02/01/2012 - 16:53:42 - [9,964] ----D C:\Program Files\Portrait Displays
O43 - CFD: 27/02/2012 - 13:55:55 - [2,704] ----D C:\Program Files\PriceGong
O43 - CFD: 26/12/2009 - 16:49:16 - [0,318] ----D C:\Program Files\Prolific Technology INC
O43 - CFD: 21/10/2008 - 16:25:50 - [29,723] ----D C:\Program Files\Realtek
O43 - CFD: 02/11/2006 - 14:37:34 - [36,894] ----D C:\Program Files\Reference Assemblies
O43 - CFD: 01/01/2007 - 05:42:36 - [220,188] ----D C:\Program Files\Roxio
O43 - CFD: 10/07/2012 - 17:48:07 - [3,368] ----D C:\Program Files\Savings Sidekick
O43 - CFD: 01/01/2007 - 05:53:17 - [35,272] ----D C:\Program Files\Services en ligne
O43 - CFD: 10/07/2012 - 18:15:01 - [0,266] ----D C:\Program Files\SpecialSavings
O43 - CFD: 11/07/2012 - 19:46:44 - [63,883] ----D C:\Program Files\Spybot - Search & Destroy
O43 - CFD: 10/07/2012 - 18:15:07 - [6,369] --H-D C:\Program Files\Uninstall Information
O43 - CFD: 29/12/2007 - 14:50:56 - [0,001] ----D C:\Program Files\vso
O43 - CFD: 02/09/2008 - 16:11:59 - [0,970] ----D C:\Program Files\Windows Calendar
O43 - CFD: 02/09/2008 - 16:11:56 - [2,633] ----D C:\Program Files\Windows Collaboration
O43 - CFD: 02/09/2008 - 16:11:55 - [4,284] ----D C:\Program Files\Windows Defender
O43 - CFD: 02/09/2008 - 16:11:56 - [6,756] ----D C:\Program Files\Windows Journal
O43 - CFD: 18/06/2011 - 08:46:21 - [8,694] ----D C:\Program Files\Windows Mail
O43 - CFD: 14/10/2010 - 09:50:16 - [4,291] ----D C:\Program Files\Windows Media Player
O43 - CFD: 27/12/2007 - 16:59:50 - [7,577] ----D C:\Program Files\Windows NT
O43 - CFD: 02/09/2008 - 16:11:56 - [12,841] ----D C:\Program Files\Windows Photo Gallery
O43 - CFD: 02/09/2008 - 16:11:56 - [6,210] ----D C:\Program Files\Windows Sidebar
O43 - CFD: 28/02/2012 - 09:34:23 - [0,000] ----D C:\Program Files\WinRAR
O43 - CFD: 03/01/2012 - 10:13:59 - [3,845] ----D C:\Program Files\Yahoo!
O43 - CFD: 11/07/2012 - 20:31:47 - [12,845] ----D C:\Program Files\ZHPDiag
O43 - CFD: 07/09/2009 - 18:46:21 - [10,384] ----D C:\Program Files\Common Files\Adobe
O43 - CFD: 27/12/2007 - 19:51:58 - [0,436] ----D C:\Program Files\Common Files\Hewlett-Packard
O43 - CFD: 01/01/2007 - 05:34:58 - [4,768] ----D C:\Program Files\Common Files\HP
O43 - CFD: 25/12/2010 - 14:50:16 - [11,446] ----D C:\Program Files\Common Files\InstallShield
O43 - CFD: 05/05/2012 - 15:26:40 - [33,535] ----D C:\Program Files\Common Files\Java
O43 - CFD: 01/01/2007 - 05:43:30 - [19,489] ---AD C:\Program Files\Common Files\LightScribe
O43 - CFD: 01/01/2007 - 05:43:16 - [0,066] ---AD C:\Program Files\Common Files\LS Getting Started
O43 - CFD: 25/03/2008 - 18:08:45 - [0,314] ----D C:\Program Files\Common Files\Micro Application Shared
O43 - CFD: 27/02/2012 - 20:08:09 - [223,196] ----D C:\Program Files\Common Files\microsoft shared
O43 - CFD: 10/07/2012 - 19:30:11 - [4,398] ----D C:\Program Files\Common Files\muvee Technologies
O43 - CFD: 02/01/2012 - 16:53:50 - [5,023] ----D C:\Program Files\Common Files\Portrait Displays
O43 - CFD: 01/01/2007 - 05:42:37 - [0,924] ----D C:\Program Files\Common Files\PX Storage Engine
O43 - CFD: 01/01/2007 - 05:42:13 - [109,792] ----D C:\Program Files\Common Files\Roxio Shared
O43 - CFD: 02/11/2006 - 13:18:33 - [0,003] ----D C:\Program Files\Common Files\Services
O43 - CFD: 01/01/2007 - 05:42:14 - [4,573] ----D C:\Program Files\Common Files\Sonic Shared
O43 - CFD: 02/11/2006 - 13:18:33 - [39,198] ----D C:\Program Files\Common Files\SpeechEngines
O43 - CFD: 01/01/2007 - 05:35:59 - [0,697] ----D C:\Program Files\Common Files\SureThing Shared
O43 - CFD: 27/12/2007 - 17:28:44 - [0,433] ----D C:\Program Files\Common Files\Symantec Shared
O43 - CFD: 02/09/2008 - 16:11:55 - [8,286] ----D C:\Program Files\Common Files\System
O43 - CFD: 07/09/2009 - 18:46:16 - [0,001] ----D C:\ProgramData\Adobe
O43 - CFD: 02/11/2006 - 15:02:03 - [0] --H-D C:\ProgramData\Application Data
O43 - CFD: 04/08/2011 - 09:29:17 - [0] ----D C:\ProgramData\Ask
O43 - CFD: 27/05/2009 - 20:08:50 - [23,165] ----D C:\ProgramData\Avira
O43 - CFD: 27/02/2012 - 14:14:58 - [0] ----D C:\ProgramData\Babylon
O43 - CFD: 27/12/2007 - 16:59:50 - [0] --H-D C:\ProgramData\Bureau
O43 - CFD: 02/11/2006 - 15:02:03 - [0] --H-D C:\ProgramData\Desktop
O43 - CFD: 02/11/2006 - 15:02:03 - [0] --H-D C:\ProgramData\Documents
O43 - CFD: 27/12/2007 - 16:59:50 - [0] --H-D C:\ProgramData\Favoris
O43 - CFD: 02/11/2006 - 15:02:03 - [0] --H-D C:\ProgramData\Favorites
O43 - CFD: 10/07/2012 - 19:27:13 - [0,036] ----D C:\ProgramData\Google
O43 - CFD: 30/12/2007 - 19:26:25 - [0,512] ----D C:\ProgramData\Hewlett-Packard
O43 - CFD: 27/03/2010 - 18:15:10 - [7,307] ----D C:\ProgramData\HP
O43 - CFD: 30/01/2010 - 21:04:52 - [0,001] ----D C:\ProgramData\HP Product Assistant
O43 - CFD: 27/12/2007 - 19:53:54 - [0] ----D C:\ProgramData\HPSSUPPLY
O43 - CFD: 30/12/2007 - 19:20:01 - [0,000] ----D C:\ProgramData\IM
O43 - CFD: 30/12/2007 - 19:19:02 - [4,618] ----D C:\ProgramData\IncrediMail
O43 - CFD: 27/12/2007 - 16:59:50 - [0] --H-D C:\ProgramData\Menu Démarrer
O43 - CFD: 29/12/2007 - 14:04:48 - [8,546] -S--D C:\ProgramData\Microsoft
O43 - CFD: 27/12/2007 - 16:59:50 - [0] --H-D C:\ProgramData\Modèles
O43 - CFD: 01/01/2007 - 05:43:49 - [0] ----D C:\ProgramData\muvee Technologies
O43 - CFD: 06/09/2010 - 18:04:25 - [0,177] ----D C:\ProgramData\NVIDIA
O43 - CFD: 01/01/2007 - 05:49:43 - [0,001] ----D C:\ProgramData\PC-Doctor
O43 - CFD: 09/02/2008 - 22:36:26 - [16,318] ----D C:\ProgramData\Roxio
O43 - CFD: 01/01/2007 - 05:35:46 - [0,001] ----D C:\ProgramData\Sonic
O43 - CFD: 11/07/2012 - 20:22:08 - [8,508] ----D C:\ProgramData\Spybot - Search & Destroy
O43 - CFD: 02/11/2006 - 15:02:03 - [0] --H-D C:\ProgramData\Start Menu
O43 - CFD: 14/05/2010 - 17:22:57 - [0,000] ----D C:\ProgramData\Sun
O43 - CFD: 27/12/2007 - 17:41:58 - [4,817] ----D C:\ProgramData\Symantec
O43 - CFD: 02/11/2006 - 15:02:04 - [0] --H-D C:\ProgramData\Templates
O43 - CFD: 30/01/2010 - 21:08:02 - [0,000] ----D C:\ProgramData\WEBREG
O43 - CFD: 02/01/2012 - 18:12:06 - [0] ----D C:\ProgramData\Yahoo!
O43 - CFD: 02/09/2008 - 16:23:18 - [1,122] ----D C:\Users\maryline\AppData\Roaming\Adobe
O43 - CFD: 01/01/2011 - 21:01:14 - [0] ----D C:\Users\maryline\AppData\Roaming\Avira
O43 - CFD: 11/07/2012 - 20:04:44 - [0,133] ----D C:\Users\maryline\AppData\Roaming\Complitly
O43 - CFD: 02/01/2012 - 17:20:02 - [0,038] ----D C:\Users\maryline\AppData\Roaming\DisplayTune
O43 - CFD: 14/12/2008 - 12:13:58 - [3,693] ----D C:\Users\maryline\AppData\Roaming\EleFun Desktops
O43 - CFD: 27/02/2012 - 18:27:17 - [0] ----D C:\Users\maryline\AppData\Roaming\GetRightToGo
O43 - CFD: 28/12/2007 - 19:37:43 - [0] ----D C:\Users\maryline\AppData\Roaming\Google
O43 - CFD: 27/12/2007 - 17:08:30 - [0,289] ----D C:\Users\maryline\AppData\Roaming\Hewlett-Packard
O43 - CFD: 09/07/2008 - 11:35:34 - [0,213] ----D C:\Users\maryline\AppData\Roaming\HP
O43 - CFD: 27/12/2007 - 19:53:46 - [0,063] ----D C:\Users\maryline\AppData\Roaming\HPAppData
O43 - CFD: 06/07/2012 - 21:37:31 - [0,003] ----D C:\Users\maryline\AppData\Roaming\HpUpdate
O43 - CFD: 27/12/2007 - 17:07:43 - [0] ----D C:\Users\maryline\AppData\Roaming\Identities
O43 - CFD: 28/12/2007 - 18:40:24 - [0] ----D C:\Users\maryline\AppData\Roaming\InstallShield
O43 - CFD: 27/12/2007 - 17:05:43 - [4,029] ----D C:\Users\maryline\AppData\Roaming\Macromedia
O43 - CFD: 02/11/2006 - 14:37:34 - [0] ----D C:\Users\maryline\AppData\Roaming\Media Center Programs
O43 - CFD: 27/02/2012 - 19:05:56 - [2,498] -S--D C:\Users\maryline\AppData\Roaming\Microsoft
O43 - CFD: 27/02/2012 - 19:08:09 - [45,070] ----D C:\Users\maryline\AppData\Roaming\OpenOffice.org
O43 - CFD: 10/07/2012 - 19:28:20 - [0] ----D C:\Users\maryline\AppData\Roaming\PerformerSoft
O43 - CFD: 09/02/2008 - 22:36:02 - [0,013] ----D C:\Users\maryline\AppData\Roaming\Roxio
O43 - CFD: 27/12/2007 - 17:32:48 - [0,008] ----D C:\Users\maryline\AppData\Roaming\Template
O43 - CFD: 21/10/2008 - 16:25:42 - [0] ----D C:\Users\maryline\AppData\Roaming\WinBatch
O43 - CFD: 27/02/2012 - 18:27:11 - [0] ----D C:\Users\maryline\AppData\Roaming\WinRAR
O43 - CFD: 09/03/2008 - 15:22:02 - [51,820] ----D C:\Users\maryline\AppData\Local\Adobe
O43 - CFD: 27/12/2007 - 17:03:08 - [0] ----D C:\Users\maryline\AppData\Local\Application Data
O43 - CFD: 27/02/2012 - 20:23:54 - [1,487] ----D C:\Users\maryline\AppData\Local\Apps
O43 - CFD: 02/01/2012 - 16:53:43 - [0] ----D C:\Users\maryline\AppData\Local\Conduit
O43 - CFD: 10/07/2012 - 17:50:25 - [0] ----D C:\Users\maryline\AppData\Local\Deployment
O43 - CFD: 10/07/2012 - 19:27:38 - [26,049] ----D C:\Users\maryline\AppData\Local\Google
O43 - CFD: 27/12/2007 - 17:08:23 - [0,002] ----D C:\Users\maryline\AppData\Local\Hewlett-Packard
O43 - CFD: 27/12/2007 - 17:03:08 - [0] ----D C:\Users\maryline\AppData\Local\Historique
O43 - CFD: 12/10/2008 - 17:18:14 - [0,106] ----D C:\Users\maryline\AppData\Local\HP Guide
O43 - CFD: 30/12/2007 - 19:21:23 - [10,882] ----D C:\Users\maryline\AppData\Local\IM
O43 - CFD: 09/12/2011 - 10:58:11 - [349,621] ----D C:\Users\maryline\AppData\Local\Microsoft
O43 - CFD: 09/02/2008 - 14:59:04 - [2,090] ----D C:\Users\maryline\AppData\Local\Microsoft Games
O43 - CFD: 10/07/2012 - 17:47:40 - [0,054] ----D C:\Users\maryline\AppData\Local\Savings Sidekick
O43 - CFD: 11/07/2012 - 20:27:01 - [36,362] ----D C:\Users\maryline\AppData\Local\Temp
O43 - CFD: 27/12/2007 - 17:03:08 - [0] ----D C:\Users\maryline\AppData\Local\Temporary Internet Files
O43 - CFD: 25/03/2008 - 18:05:39 - [1,018] ----D C:\Users\maryline\AppData\Local\VirtualStore
O43 - CFD: 05/11/2010 - 19:11:16 - [0] ----D C:\Users\maryline\AppData\Local\Yahoo
O43 - CFD: 02/11/2006 - 14:54:36 - [0,015] R---D C:\Users\maryline\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 27/12/2007 - 17:07:50 - [0,000] R---D C:\Users\maryline\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 02/11/2006 - 14:50:41 - [0,001] R---D C:\Users\maryline\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 16/02/2008 - 15:29:12 - [0,003] ----D C:\Users\maryline\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PrintPaks
O43 - CFD: 16/02/2008 - 15:29:21 - [0,003] ----D C:\Users\maryline\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\QuickTime for Windows
O43 - CFD: 10/07/2012 - 18:15:01 - [0,001] ----D C:\Users\maryline\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpecialSavings
O43 - CFD: 11/07/2012 - 20:31:15 - [0] R---D C:\Users\maryline\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
~ Scan Program Folder in 00mn 14s
---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.FBF6C962082BCA9A6FF8EF7F02F7AFB4] - 11/07/2012 - 19:24:51 ---A- . (...) -- C:\Windows\WindowsUpdate.log [1818989]
O44 - LFC:[MD5.56FC4ED29EEE34BDF83D01B9B43C37A4] - 11/07/2012 - 19:21:06 -S-A- . (...) -- C:\Windows\bootstat.dat [67584]
O44 - LFC:[MD5.9F552C3B95A6A2CD7A5A58D4E7DCCA8E] - 11/07/2012 - 07:12:16 ---A- . (...) -- C:\Windows\System32\FNTCACHE.DAT [414208]
O44 - LFC:[MD5.90984CCD2D0576F27B796412BEF3BADC] - 11/07/2012 - 07:11:53 ---A- . (...) -- C:\Windows\PFRO.log [88396]
O44 - LFC:[MD5.7E1ED3D1F2BB45390EB56174BB865BFC] - 10/07/2012 - 16:47:33 ---A- . (.PerformerSoft LLC - PC Performer.) -- C:\Windows\System32\roboot.exe [17464]
~ Scan Files in 00mn 54s
---\\ Contrôle du Safe Boot (CSB) (O49) (None)
---\\ MountPoints2 Shell Key (O51)
O51 - MPSK:{60b961a7-b5f3-11dc-8bbd-001bb9f20e2b}\AutoRun\command. (...) -- K:\LaunchU3.exe (.not file.)
~ Scan Keys in 00mn 00s
---\\ ShareTools MSconfig StartupReg (O53) (None)
---\\ Liste des Drivers Système (O58)
O58 - SDL:[MD5.2EDC5BBAC6C651ECE337BDE8ED97C9FB] - 02/11/2006 - 10:51:38 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\Drivers\adp94xx.sys [420968]
O58 - SDL:[MD5.8AAD333C876590293F72B315E162BCC7] - 02/11/2006 - 08:09:42 ---A- . (...) -- C:\Windows\System32\ANSI.SYS [9029]
~ Scan Drivers in 00mn 00s
---\\ File Associations Shell Spawning (O67)
O67 - Shell Spawning: <.html> <ChromeHTML>[HKCU\..\open\Command] (.Not Key.)
O67 - Shell Spawning: <.com> <>[HKU\..\open\Command] (.Not Key.)
O67 - Shell Spawning: <.exe> <>[HKU\..\open\Command] (.Not Key.)
O67 - Shell Spawning: <.html> <ChromeHTML>[HKCR\..\open\Command] (.Not Key.)
~ Scan Keys in 00mn 00s
---\\ Start Menu Internet (O68) (None)
---\\ Search Browser Infection (O69)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (@ieframe.dll,-12512) - http://search.live.com
O69 - SBI: SearchScopes [HKCU] {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} [DefaultScope] - (Search the web (Babylon)) - http://search.babylon.com
O69 - SBI: SearchScopes [HKCU] {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} - (Ask Search) - http://websearch.ask.com
O69 - SBI: SearchScopes [HKCU] {8B4AD9E9-78AC-447E-8CC4-4810D08A492B} - (Yahoo! France) - http://fr.search.yahoo.com
O69 - SBI: SearchScopes [HKCU] {afdbddaa-5d3f-42ee-b79c-185a7020515b} - (Promotions-discount.com Customized Web Search) - http://search.conduit.com
O69 - SBI: SearchScopes [HKCU] {D09D7B73-4744-4F46-BE34-41B841126ABD} - (Kelkoo) - http://fr.kelkoopartners.net
~ Scan Keys in 00mn 00s
---\\ Recherche des services démarrés par Svchost (O83) (None)
---\\ Recherche particuliere à la racine de certains dossiers (O84)
[MD5.0CAD51230F47A79E07FB74181559D5BE] [SPRF][29/02/2008] (.Grand Soft Inc. - Grand Installer.) -- C:\Users\maryline\AppData\Roaming\setup_fr[1].exe [260632]
[MD5.1DD79C4B09D75C7F337E30D59B9C3734] [SPRF][07/05/2012] (...) -- C:\Users\maryline\AppData\Roaming\wklnhst.dat [1732]
[MD5.1027DF7F909776789D9D1C2C30410166] [SPRF][27/02/2012] (...) -- C:\Users\maryline\Desktop\openoffice-org_openoffice.org_3.3.0_final_francais_10677.exe [152474936]
[MD5.54ACBA9CFD7154C02CEACF6310CF3CFA] [SPRF][10/07/2012] (.Safer Networking Limited - Spybot - Search & Destroy.) -- C:\Users\maryline\Desktop\spybot-search-and-destroy_spybot_-_search_destroy_1.6.2_francais_10965.exe [16409960]
[MD5.4A2EE51A9B91C7AD090B008597C26502] [SPRF][11/07/2012] (.Nicolas Coolman - ZHPDiag.) -- C:\Users\maryline\Desktop\ZHPDiag2.exe [4656699]
~ Scan Files in 00mn 03s
---\\ Scan Additionnel (O88)
Database Version : 9170 - (25/06/2012)
Clés trouvées (Keys found) : 15
Valeurs trouvées (Values found) : 1
Dossiers trouvés (Folders found) : 12
Fichiers trouvés (Files found) : 0
[HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\pricegong] =>Adware.PriceGong
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ecdf796-c2dc-4d79-a620-cce0c0a66cc9}] =>Adware.MyWebSearch
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0FB6A909-6086-458F-BD92-1F8EE10042A0}] =>Adware.PredictAd
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1185823F-F22F-4027-80E5-4F68ACD5DE5E}] =>Adware.Agent
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1185823F-F22F-4027-80E5-4F68ACD5DE5E}] =>Adware.Agent
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1631550F-191D-4826-B069-D9439253D926}] =>Adware.PriceGong
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}] =>Toolbar.Agent
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}] =>Toolbar.Agent
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4a99-B4B6-146BF802613B}] =>Toolbar.Babylon
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49dd-99D7-DC866BE87DBC}] =>Toolbar.Babylon
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448}] =>PUP.DealPly
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}] =>Toolbar.Conduit
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}] =>Toolbar.AskSBar
[HKCU\Software\AppDataLow\Software\PriceGong] =>Adware.PriceGong
[HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]:{D4027C7F-154A-4066-A1AD-4243D8127440} =>Toolbar.AskSBar
C:\Program Files\DealPly =>PUP.DealPly
C:\Program Files\PriceGong =>Adware.PriceGong
C:\ProgramData\Babylon =>Toolbar.Babylon
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PriceGong =>Adware.PriceGong
C:\Users\maryline\AppData\Local\Conduit =>Toolbar.Conduit
C:\Users\maryline\AppData\LocalLow\BabylonToolbar =>Toolbar.Babylon
C:\Users\maryline\AppData\LocalLow\Conduit =>Toolbar.Conduit
C:\Users\maryline\AppData\LocalLow\PriceGong =>Adware.PriceGong
C:\Users\maryline\AppData\Local\Temp\BabylonToolbar =>Toolbar.Babylon
C:\Users\maryline\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlfienamagdnkekbbbocojppncdambda =>Adware.PredictAd
~ Scan Additionnel in 00mn 08s
End of the scan (459 lines in 01mn 54s)(0)
Utilisateur anonyme
11 juil. 2012 à 20:43
11 juil. 2012 à 20:43
Ne postes plus les rapports zhpdiag directement sur le forum mais choisis un hébergeur comme cité dans mon explication.
https://forums.commentcamarche.net/forum/affich-25577385-pc-tres-lent#4
Vires ===> Spybot - Search & Destroy ===>obsoléte
* Télécharge AdwCleaner sur ton Bureau. (Merci à Xplode)
*Double-clique sur l'icône AdwCleaner située sur ton Bureau.
*Sur la page, clique sur le bouton «Suppression»
*Laisse travailler l'outil.
*Poste le rapport qui apparaît à la fin.
(Le rapport est sauvegardé aussi sous C:\ AdwCleaner[SX].Txt)
https://forums.commentcamarche.net/forum/affich-25577385-pc-tres-lent#4
Vires ===> Spybot - Search & Destroy ===>obsoléte
* Télécharge AdwCleaner sur ton Bureau. (Merci à Xplode)
*Double-clique sur l'icône AdwCleaner située sur ton Bureau.
*Sur la page, clique sur le bouton «Suppression»
*Laisse travailler l'outil.
*Poste le rapport qui apparaît à la fin.
(Le rapport est sauvegardé aussi sous C:\ AdwCleaner[SX].Txt)
Bonjour
Il ya quelques jours j'ai eu le même problème
tu as le Babylon (virus)
sur le forum on ma conseillé de installer maleware bit
https://www.commentcamarche.net/telecharger/securite/14361-malwarebytes-anti-malware/
pour moi ça fonctionné
Il ya quelques jours j'ai eu le même problème
tu as le Babylon (virus)
sur le forum on ma conseillé de installer maleware bit
https://www.commentcamarche.net/telecharger/securite/14361-malwarebytes-anti-malware/
pour moi ça fonctionné
^Abel^
Messages postés
15399
Date d'inscription
jeudi 14 juillet 2011
Statut
Contributeur
Dernière intervention
14 février 2023
6 858
12 juil. 2012 à 07:36
12 juil. 2012 à 07:36
Bonjour,
Oui bien sûr, ... mais laissez "nanard4700" terminer tranquillement ce qu'il a entrepris... ;-))
Oui bien sûr, ... mais laissez "nanard4700" terminer tranquillement ce qu'il a entrepris... ;-))
Utilisateur anonyme
11 juil. 2012 à 22:27
11 juil. 2012 à 22:27
* Télécharge et installe : Malwarebyte's Anti-Malware
* A la fin de l'installation, veille à ce que l'option « mettre a jour Malwarebyte's Anti-Malware » soit cochée
* Lance MBAM et laisse les Mises à jour se télécharger (sinon fais les manuellement au lancement du programme)
* Puis va dans l'onglet "Recherche", coche "Exécuter un examen complet" puis "Rechercher"
* Sélectionne tes disques durs" puis clique sur "Lancer l'examen"
* A la fin du scan, clique sur Afficher les résultats
* Coche tous les éléments détectés puis clique sur Supprimer la sélection
* Enregistre le rapport
* S'il t'est demandé de redémarrer, clique sur Yes
* Poste le rapport de scan après la suppression ici.(poste le rapport, même si rien n'est détecté.)
* Si tu as besoin d'aide regarde ce tutorial
https://www.malekal.com/tutoriel-malwarebyte-anti-malware/
* A la fin de l'installation, veille à ce que l'option « mettre a jour Malwarebyte's Anti-Malware » soit cochée
* Lance MBAM et laisse les Mises à jour se télécharger (sinon fais les manuellement au lancement du programme)
* Puis va dans l'onglet "Recherche", coche "Exécuter un examen complet" puis "Rechercher"
* Sélectionne tes disques durs" puis clique sur "Lancer l'examen"
* A la fin du scan, clique sur Afficher les résultats
* Coche tous les éléments détectés puis clique sur Supprimer la sélection
* Enregistre le rapport
* S'il t'est demandé de redémarrer, clique sur Yes
* Poste le rapport de scan après la suppression ici.(poste le rapport, même si rien n'est détecté.)
* Si tu as besoin d'aide regarde ce tutorial
https://www.malekal.com/tutoriel-malwarebyte-anti-malware/
Utilisateur anonyme
12 juil. 2012 à 18:10
12 juil. 2012 à 18:10
On va faire une vérification .
Post un nouveau rapport zhpdiag.
Ouvres zhpdiag et clic sur la flèche verte pour faire la mise a jour du programme.Si mise a jour installes la.
* Clique sur l'icône représentant une loupe (« Lancer le diagnostic »)
Héberge le rapport ZHPDiag.txt sur le site pjjoint.malekal.com ou cijoint.fr ou toofiles puis copie/colle le lien fournit dans ta prochaine réponse sur le forum
Post un nouveau rapport zhpdiag.
Ouvres zhpdiag et clic sur la flèche verte pour faire la mise a jour du programme.Si mise a jour installes la.
* Clique sur l'icône représentant une loupe (« Lancer le diagnostic »)
Héberge le rapport ZHPDiag.txt sur le site pjjoint.malekal.com ou cijoint.fr ou toofiles puis copie/colle le lien fournit dans ta prochaine réponse sur le forum
merci beaucoup pour votre aide ça ma beaucoup aidé l'ordi va plus vite merci je posterai le rapport plus tard car le souci n'ai pas ur mon pc mais sur celui d'un ami
nosmarties
Messages postés
1701
Date d'inscription
dimanche 29 juillet 2007
Statut
Membre
Dernière intervention
26 août 2012
207
11 juil. 2012 à 20:07
11 juil. 2012 à 20:07
Moi j'avais le même problème -- j'ai désactivé le processus defrag dans les services.msc ainsi que dans le planificateur de tâches... Cela a rendu mon PC plus disponible et plus responsive...
nosmarties
Messages postés
1701
Date d'inscription
dimanche 29 juillet 2007
Statut
Membre
Dernière intervention
26 août 2012
207
11 juil. 2012 à 20:15
11 juil. 2012 à 20:15
Il ne s'agit surtout pas de supprimer le processus defrag mais de le désactiver.
Fais WINDOWS + R et tape la commande :
services.msc
Fais défiler jusqu'au défragmenteur -- double clique et désactive.
Fais WINDOWS + R et tape la commande :
services.msc
Fais défiler jusqu'au défragmenteur -- double clique et désactive.
nosmarties
Messages postés
1701
Date d'inscription
dimanche 29 juillet 2007
Statut
Membre
Dernière intervention
26 août 2012
207
11 juil. 2012 à 20:16
11 juil. 2012 à 20:16
Il faudra redémarrer le PC pour que cela prenne-t-effet.
