Bonjour à tous... Un petit tour ce matin, car je crois bien que je suis infecté....pour info, j'ai essayé de mettre à jour et installer des drivers pour connecter des téléphones portables (cela dit, cela ne m'a pas permis de mettre à jour les android ;-) ), et je pense que c'est en téléchargeant les drivers que j'ai dû m'infecter car depuis j'ai des fenêtres qui s'ouvrent...bien qu'ayant installé un anti fenêtre!! Donc si quelqu'un me peut faire un diag, cela pourrait m'aider Merci d'avance A+

Multifenêtres et mots surlignés

Réponse 21 / 124

Marcopolo41 Messages postés 290 Date d'inscription Statut Membre Dernière intervention 1

je n'y comprends plus rien, j'ai fait combofix
il a redémarré le PC..mais là en allant chercher le TXT, je ne le trouve pas..mais plusieurs combofix sous c...un peu comme les poupées russes..j'essaie de trouver le fichier...help help!!!

Réponse 22 / 124

Marcopolo41 Messages postés 290 Date d'inscription Statut Membre Dernière intervention 1

a priori pas de txt...je relance combo....

Réponse 23 / 124

Utilisateur anonyme

non, fais moi passer un nouveau rapport de Zhpdiag pour voir !

je trouverai l'emplacement du rapport :D

Réponse 24 / 124

Marcopolo41 Messages postés 290 Date d'inscription Statut Membre Dernière intervention 1

dsl trop tard ci joint le rapport après relance

ComboFix 14-03-13.01 - Marc 16/03/2014 11:50:47.2.3 - x86
Microsoft® Windows Vista(TM) Édition Familiale Premium 6.0.6002.2.1252.33.1036.18.2814.1696 [GMT 1:00]
Lancé depuis: c:\users\Marc\Downloads\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Microsoft Security Essentials *Disabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\hdtotal1.2\hdTOtal1.2-bho.dll
c:\users\Marc\AppData\Local\lollipop
c:\users\Marc\AppData\Local\lollipop\logo.ico
c:\users\Marc\AppData\Local\lollipop\lollipop.bat
c:\users\Marc\AppData\Local\lollipop\lollipop.dat
c:\users\Marc\AppData\Local\lollipop\Lollipop.exe
c:\users\Marc\AppData\Local\lollipop\lollipop.lpd
c:\users\Marc\AppData\Local\lollipop\lollipop_cfg.lpd
c:\users\Marc\AppData\Local\lollipop\lollipop_ps.lpd
c:\users\Marc\AppData\Local\Microsoft\Windows\Temporary Internet Files\454df04b-0515-4c1b-8a58-12ca64a88960.jpg
c:\users\Marc\AppData\Roaming\.#
c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\3ft93ug0.default\extensions\a841c8b5-4960-4555-87bf-dbd75965c3f5@aec11bbe-81d6-43aa-873c-a071b69ed8a5.com
c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\3ft93ug0.default\extensions\a841c8b5-4960-4555-87bf-dbd75965c3f5@aec11bbe-81d6-43aa-873c-a071b69ed8a5.com\chrome.manifest
c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\3ft93ug0.default\extensions\a841c8b5-4960-4555-87bf-dbd75965c3f5@aec11bbe-81d6-43aa-873c-a071b69ed8a5.com\chrome\content\api.js
c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\3ft93ug0.default\extensions\a841c8b5-4960-4555-87bf-dbd75965c3f5@aec11bbe-81d6-43aa-873c-a071b69ed8a5.com\chrome\content\api\asyncDB.js
c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\3ft93ug0.default\extensions\a841c8b5-4960-4555-87bf-dbd75965c3f5@aec11bbe-81d6-43aa-873c-a071b69ed8a5.com\chrome\content\api\background.js
c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\3ft93ug0.default\extensions\a841c8b5-4960-4555-87bf-dbd75965c3f5@aec11bbe-81d6-43aa-873c-a071b69ed8a5.com\chrome\content\api\browserAction.js
c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\3ft93ug0.default\extensions\a841c8b5-4960-4555-87bf-dbd75965c3f5@aec11bbe-81d6-43aa-873c-a071b69ed8a5.com\chrome\content\api\contextMenu.js
c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\3ft93ug0.default\extensions\a841c8b5-4960-4555-87bf-dbd75965c3f5@aec11bbe-81d6-43aa-873c-a071b69ed8a5.com\chrome\content\api\dbManager.js
c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\3ft93ug0.default\extensions\a841c8b5-4960-4555-87bf-dbd75965c3f5@aec11bbe-81d6-43aa-873c-a071b69ed8a5.com\chrome\content\api\dom_bg.js
c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\3ft93ug0.default\extensions\a841c8b5-4960-4555-87bf-dbd75965c3f5@aec11bbe-81d6-43aa-873c-a071b69ed8a5.com\chrome\content\api\fileManager.js
c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\3ft93ug0.default\extensions\a841c8b5-4960-4555-87bf-dbd75965c3f5@aec11bbe-81d6-43aa-873c-a071b69ed8a5.com\chrome\content\api\firefox.js
c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\3ft93ug0.default\extensions\a841c8b5-4960-4555-87bf-dbd75965c3f5@aec11bbe-81d6-43aa-873c-a071b69ed8a5.com\chrome\content\api\firefoxNotifications.js
c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\3ft93ug0.default\extensions\a841c8b5-4960-4555-87bf-dbd75965c3f5@aec11bbe-81d6-43aa-873c-a071b69ed8a5.com\chrome\content\api\firefoxOmnibox.js
c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\3ft93ug0.default\extensions\a841c8b5-4960-4555-87bf-dbd75965c3f5@aec11bbe-81d6-43aa-873c-a071b69ed8a5.com\chrome\content\api\message.js
c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\3ft93ug0.default\extensions\a841c8b5-4960-4555-87bf-dbd75965c3f5@aec11bbe-81d6-43aa-873c-a071b69ed8a5.com\chrome\content\api\pageAction.js
c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\3ft93ug0.default\extensions\a841c8b5-4960-4555-87bf-dbd75965c3f5@aec11bbe-81d6-43aa-873c-a071b69ed8a5.com\chrome\content\api\request.js
c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\3ft93ug0.default\extensions\a841c8b5-4960-4555-87bf-dbd75965c3f5@aec11bbe-81d6-43aa-873c-a071b69ed8a5.com\chrome\content\api\tabs.js
c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\3ft93ug0.default\extensions\a841c8b5-4960-4555-87bf-dbd75965c3f5@aec11bbe-81d6-43aa-873c-a071b69ed8a5.com\chrome\content\api\webRequest.js
c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\3ft93ug0.default\extensions\a841c8b5-4960-4555-87bf-dbd75965c3f5@aec11bbe-81d6-43aa-873c-a071b69ed8a5.com\chrome\content\api\windowsMessagingHandler.js
c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\3ft93ug0.default\extensions\a841c8b5-4960-4555-87bf-dbd75965c3f5@aec11bbe-81d6-43aa-873c-a071b69ed8a5.com\chrome\content\background.html
c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\3ft93ug0.default\extensions\a841c8b5-4960-4555-87bf-dbd75965c3f5@aec11bbe-81d6-43aa-873c-a071b69ed8a5.com\chrome\content\baseObject.js
c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\3ft93ug0.default\extensions\a841c8b5-4960-4555-87bf-dbd75965c3f5@aec11bbe-81d6-43aa-873c-a071b69ed8a5.com\chrome\content\browser.xul
c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\3ft93ug0.default\extensions\a841c8b5-4960-4555-87bf-dbd75965c3f5@aec11bbe-81d6-43aa-873c-a071b69ed8a5.com\chrome\content\core\addressBarChangeObserver.js
c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\3ft93ug0.default\extensions\a841c8b5-4960-4555-87bf-dbd75965c3f5@aec11bbe-81d6-43aa-873c-a071b69ed8a5.com\chrome\content\core\console.js
c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\3ft93ug0.default\extensions\a841c8b5-4960-4555-87bf-dbd75965c3f5@aec11bbe-81d6-43aa-873c-a071b69ed8a5.com\chrome\content\core\consts.js
c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\3ft93ug0.default\extensions\a841c8b5-4960-4555-87bf-dbd75965c3f5@aec11bbe-81d6-43aa-873c-a071b69ed8a5.com\chrome\content\core\delegate.js
c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\3ft93ug0.default\extensions\a841c8b5-4960-4555-87bf-dbd75965c3f5@aec11bbe-81d6-43aa-873c-a071b69ed8a5.com\chrome\content\core\extensionDataStore.js
c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\3ft93ug0.default\extensions\a841c8b5-4960-4555-87bf-dbd75965c3f5@aec11bbe-81d6-43aa-873c-a071b69ed8a5.com\chrome\content\core\folderIOWrapper.js
c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\3ft93ug0.default\extensions\a841c8b5-4960-4555-87bf-dbd75965c3f5@aec11bbe-81d6-43aa-873c-a071b69ed8a5.com\chrome\content\core\httpObserver.js
c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\3ft93ug0.default\extensions\a841c8b5-4960-4555-87bf-dbd75965c3f5@aec11bbe-81d6-43aa-873c-a071b69ed8a5.com\chrome\content\core\IDBWrapper.js
c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\3ft93ug0.default\extensions\a841c8b5-4960-4555-87bf-dbd75965c3f5@aec11bbe-81d6-43aa-873c-a071b69ed8a5.com\chrome\content\core\installer.js
c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\3ft93ug0.default\extensions\a841c8b5-4960-4555-87bf-dbd75965c3f5@aec11bbe-81d6-43aa-873c-a071b69ed8a5.com\chrome\content\core\logFile.js
c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\3ft93ug0.default\extensions\a841c8b5-4960-4555-87bf-dbd75965c3f5@aec11bbe-81d6-43aa-873c-a071b69ed8a5.com\chrome\content\core\prefs.js
c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\3ft93ug0.default\extensions\a841c8b5-4960-4555-87bf-dbd75965c3f5@aec11bbe-81d6-43aa-873c-a071b69ed8a5.com\chrome\content\core\progressListenerObserver.js
c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\3ft93ug0.default\extensions\a841c8b5-4960-4555-87bf-dbd75965c3f5@aec11bbe-81d6-43aa-873c-a071b69ed8a5.com\chrome\content\core\registry.js
c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\3ft93ug0.default\extensions\a841c8b5-4960-4555-87bf-dbd75965c3f5@aec11bbe-81d6-43aa-873c-a071b69ed8a5.com\chrome\content\core\reloadObserver.js
c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\3ft93ug0.default\extensions\a841c8b5-4960-4555-87bf-dbd75965c3f5@aec11bbe-81d6-43aa-873c-a071b69ed8a5.com\chrome\content\core\reports.js
c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\3ft93ug0.default\extensions\a841c8b5-4960-4555-87bf-dbd75965c3f5@aec11bbe-81d6-43aa-873c-a071b69ed8a5.com\chrome\content\core\requestObject.js
c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\3ft93ug0.default\extensions\a841c8b5-4960-4555-87bf-dbd75965c3f5@aec11bbe-81d6-43aa-873c-a071b69ed8a5.com\chrome\content\core\searchSettings.js
c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\3ft93ug0.default\extensions\a841c8b5-4960-4555-87bf-dbd75965c3f5@aec11bbe-81d6-43aa-873c-a071b69ed8a5.com\chrome\content\core\uninstallObserver.js
c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\3ft93ug0.default\extensions\a841c8b5-4960-4555-87bf-dbd75965c3f5@aec11bbe-81d6-43aa-873c-a071b69ed8a5.com\chrome\content\core\updateManager.js
c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\3ft93ug0.default\extensions\a841c8b5-4960-4555-87bf-dbd75965c3f5@aec11bbe-81d6-43aa-873c-a071b69ed8a5.com\chrome\content\core\utils.js
c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\3ft93ug0.default\extensions\a841c8b5-4960-4555-87bf-dbd75965c3f5@aec11bbe-81d6-43aa-873c-a071b69ed8a5.com\chrome\content\core\xhr.js
c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\3ft93ug0.default\extensions\a841c8b5-4960-4555-87bf-dbd75965c3f5@aec11bbe-81d6-43aa-873c-a071b69ed8a5.com\chrome\content\dialog.js
c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\3ft93ug0.default\extensions\a841c8b5-4960-4555-87bf-dbd75965c3f5@aec11bbe-81d6-43aa-873c-a071b69ed8a5.com\chrome\content\ffCoreFilesIndex.txt
c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\3ft93ug0.default\extensions\a841c8b5-4960-4555-87bf-dbd75965c3f5@aec11bbe-81d6-43aa-873c-a071b69ed8a5.com\chrome\content\main.js
c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\3ft93ug0.default\extensions\a841c8b5-4960-4555-87bf-dbd75965c3f5@aec11bbe-81d6-43aa-873c-a071b69ed8a5.com\chrome\content\options.js
c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\3ft93ug0.default\extensions\a841c8b5-4960-4555-87bf-dbd75965c3f5@aec11bbe-81d6-43aa-873c-a071b69ed8a5.com\chrome\content\options.xul
c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\3ft93ug0.default\extensions\a841c8b5-4960-4555-87bf-dbd75965c3f5@aec11bbe-81d6-43aa-873c-a071b69ed8a5.com\chrome\content\platformVersion.js
c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\3ft93ug0.default\extensions\a841c8b5-4960-4555-87bf-dbd75965c3f5@aec11bbe-81d6-43aa-873c-a071b69ed8a5.com\chrome\content\search_dialog.xul
c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\3ft93ug0.default\extensions\a841c8b5-4960-4555-87bf-dbd75965c3f5@aec11bbe-81d6-43aa-873c-a071b69ed8a5.com\defaults\preferences\prefs.js
c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\3ft93ug0.default\extensions\a841c8b5-4960-4555-87bf-dbd75965c3f5@aec11bbe-81d6-43aa-873c-a071b69ed8a5.com\extensionData\manifest.xml
c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\3ft93ug0.default\extensions\a841c8b5-4960-4555-87bf-dbd75965c3f5@aec11bbe-81d6-43aa-873c-a071b69ed8a5.com\extensionData\plugins.json
c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\3ft93ug0.default\extensions\a841c8b5-4960-4555-87bf-dbd75965c3f5@aec11bbe-81d6-43aa-873c-a071b69ed8a5.com\extensionData\plugins\1_base.js
c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\3ft93ug0.default\extensions\a841c8b5-4960-4555-87bf-dbd75965c3f5@aec11bbe-81d6-43aa-873c-a071b69ed8a5.com\extensionData\plugins\102_dealply_m.js
c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\3ft93ug0.default\extensions\a841c8b5-4960-4555-87bf-dbd75965c3f5@aec11bbe-81d6-43aa-873c-a071b69ed8a5.com\extensionData\plugins\103_intext_5_m.js
c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\3ft93ug0.default\extensions\a841c8b5-4960-4555-87bf-dbd75965c3f5@aec11bbe-81d6-43aa-873c-a071b69ed8a5.com\extensionData\plugins\104_jollywallet_m.js
c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\3ft93ug0.default\extensions\a841c8b5-4960-4555-87bf-dbd75965c3f5@aec11bbe-81d6-43aa-873c-a071b69ed8a5.com\extensionData\plugins\123_intext_adv_m.js
c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\3ft93ug0.default\extensions\a841c8b5-4960-4555-87bf-dbd75965c3f5@aec11bbe-81d6-43aa-873c-a071b69ed8a5.com\extensionData\plugins\13_CrossriderAppUtils.js
c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\3ft93ug0.default\extensions\a841c8b5-4960-4555-87bf-dbd75965c3f5@aec11bbe-81d6-43aa-873c-a071b69ed8a5.com\extensionData\plugins\14_CrossriderUtils.js
c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\3ft93ug0.default\extensions\a841c8b5-4960-4555-87bf-dbd75965c3f5@aec11bbe-81d6-43aa-873c-a071b69ed8a5.com\extensionData\plugins\155_ibario_pops_m.js
c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\3ft93ug0.default\extensions\a841c8b5-4960-4555-87bf-dbd75965c3f5@aec11bbe-81d6-43aa-873c-a071b69ed8a5.com\extensionData\plugins\16_FFAppAPIWrapper.js
c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\3ft93ug0.default\extensions\a841c8b5-4960-4555-87bf-dbd75965c3f5@aec11bbe-81d6-43aa-873c-a071b69ed8a5.com\extensionData\plugins\17_jQuery.js
c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\3ft93ug0.default\extensions\a841c8b5-4960-4555-87bf-dbd75965c3f5@aec11bbe-81d6-43aa-873c-a071b69ed8a5.com\extensionData\plugins\177_crossriderDashboard.js
c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\3ft93ug0.default\extensions\a841c8b5-4960-4555-87bf-dbd75965c3f5@aec11bbe-81d6-43aa-873c-a071b69ed8a5.com\extensionData\plugins\179_revizer_p_dynamic_m.js
c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\3ft93ug0.default\extensions\a841c8b5-4960-4555-87bf-dbd75965c3f5@aec11bbe-81d6-43aa-873c-a071b69ed8a5.com\extensionData\plugins\180_bpo_serp_m.js
c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\3ft93ug0.default\extensions\a841c8b5-4960-4555-87bf-dbd75965c3f5@aec11bbe-81d6-43aa-873c-a071b69ed8a5.com\extensionData\plugins\182_openUrl.js
c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\3ft93ug0.default\extensions\a841c8b5-4960-4555-87bf-dbd75965c3f5@aec11bbe-81d6-43aa-873c-a071b69ed8a5.com\extensionData\plugins\183_tabsWrapper.js
c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\3ft93ug0.default\extensions\a841c8b5-4960-4555-87bf-dbd75965c3f5@aec11bbe-81d6-43aa-873c-a071b69ed8a5.com\extensionData\plugins\184_noproblemppc_m.js
c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\3ft93ug0.default\extensions\a841c8b5-4960-4555-87bf-dbd75965c3f5@aec11bbe-81d6-43aa-873c-a071b69ed8a5.com\extensionData\plugins\190_pops_5_m.js
c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\3ft93ug0.default\extensions\a841c8b5-4960-4555-87bf-dbd75965c3f5@aec11bbe-81d6-43aa-873c-a071b69ed8a5.com\extensionData\plugins\191_ciuvo_m.js
c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\3ft93ug0.default\extensions\a841c8b5-4960-4555-87bf-dbd75965c3f5@aec11bbe-81d6-43aa-873c-a071b69ed8a5.com\extensionData\plugins\195_icm_convertmedia_m.js
c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\3ft93ug0.default\extensions\a841c8b5-4960-4555-87bf-dbd75965c3f5@aec11bbe-81d6-43aa-873c-a071b69ed8a5.com\extensionData\plugins\207_dbWrapper.js
c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\3ft93ug0.default\extensions\a841c8b5-4960-4555-87bf-dbd75965c3f5@aec11bbe-81d6-43aa-873c-a071b69ed8a5.com\extensionData\plugins\21_debug.js
c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\3ft93ug0.default\extensions\a841c8b5-4960-4555-87bf-dbd75965c3f5@aec11bbe-81d6-43aa-873c-a071b69ed8a5.com\extensionData\plugins\22_resources.js
c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\3ft93ug0.default\extensions\a841c8b5-4960-4555-87bf-dbd75965c3f5@aec11bbe-81d6-43aa-873c-a071b69ed8a5.com\extensionData\plugins\220_icm_base_m.js
c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\3ft93ug0.default\extensions\a841c8b5-4960-4555-87bf-dbd75965c3f5@aec11bbe-81d6-43aa-873c-a071b69ed8a5.com\extensionData\plugins\221_icm_downloads_m.js
c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\3ft93ug0.default\extensions\a841c8b5-4960-4555-87bf-dbd75965c3f5@aec11bbe-81d6-43aa-873c-a071b69ed8a5.com\extensionData\plugins\223_imonomy_m.js
c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\3ft93ug0.default\extensions\a841c8b5-4960-4555-87bf-dbd75965c3f5@aec11bbe-81d6-43aa-873c-a071b69ed8a5.com\extensionData\plugins\231_revizer_ws_dynamic_2_m.js
c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\3ft93ug0.default\extensions\a841c8b5-4960-4555-87bf-dbd75965c3f5@aec11bbe-81d6-43aa-873c-a071b69ed8a5.com\extensionData\plugins\246_setup.js
c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\3ft93ug0.default\extensions\a841c8b5-4960-4555-87bf-dbd75965c3f5@aec11bbe-81d6-43aa-873c-a071b69ed8a5.com\extensionData\plugins\28_initializer.js
c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\3ft93ug0.default\extensions\a841c8b5-4960-4555-87bf-dbd75965c3f5@aec11bbe-81d6-43aa-873c-a071b69ed8a5.com\extensionData\plugins\4_jquery_1_7_1.js
c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\3ft93ug0.default\extensions\a841c8b5-4960-4555-87bf-dbd75965c3f5@aec11bbe-81d6-43aa-873c-a071b69ed8a5.com\extensionData\plugins\47_resources_background.js
c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\3ft93ug0.default\extensions\a841c8b5-4960-4555-87bf-dbd75965c3f5@aec11bbe-81d6-43aa-873c-a071b69ed8a5.com\extensionData\plugins\64_appApiMessage.js
c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\3ft93ug0.default\extensions\a841c8b5-4960-4555-87bf-dbd75965c3f5@aec11bbe-81d6-43aa-873c-a071b69ed8a5.com\extensionData\plugins\7_hooks.js
c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\3ft93ug0.default\extensions\a841c8b5-4960-4555-87bf-dbd75965c3f5@aec11bbe-81d6-43aa-873c-a071b69ed8a5.com\extensionData\plugins\72_appApiValidation.js
c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\3ft93ug0.default\extensions\a841c8b5-4960-4555-87bf-dbd75965c3f5@aec11bbe-81d6-43aa-873c-a071b69ed8a5.com\extensionData\plugins\78_CrossriderInfo.js
c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\3ft93ug0.default\extensions\a841c8b5-4960-4555-87bf-dbd75965c3f5@aec11bbe-81d6-43aa-873c-a071b69ed8a5.com\extensionData\plugins\9_search_engine_hook.js
c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\3ft93ug0.default\extensions\a841c8b5-4960-4555-87bf-dbd75965c3f5@aec11bbe-81d6-43aa-873c-a071b69ed8a5.com\extensionData\plugins\91_monetizationLoader.js.js
c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\3ft93ug0.default\extensions\a841c8b5-4960-4555-87bf-dbd75965c3f5@aec11bbe-81d6-43aa-873c-a071b69ed8a5.com\extensionData\plugins\93_superfish_no_coupons_m.js
c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\3ft93ug0.default\extensions\a841c8b5-4960-4555-87bf-dbd75965c3f5@aec11bbe-81d6-43aa-873c-a071b69ed8a5.com\extensionData\plugins\98_omniCommands.js
c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\3ft93ug0.default\extensions\a841c8b5-4960-4555-87bf-dbd75965c3f5@aec11bbe-81d6-43aa-873c-a071b69ed8a5.com\extensionData\userCode\background.js
c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\3ft93ug0.default\extensions\a841c8b5-4960-4555-87bf-dbd75965c3f5@aec11bbe-81d6-43aa-873c-a071b69ed8a5.com\extensionData\userCode\extension.js
c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\3ft93ug0.default\extensions\a841c8b5-4960-4555-87bf-dbd75965c3f5@aec11bbe-81d6-43aa-873c-a071b69ed8a5.com\install.rdf
c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\3ft93ug0.default\extensions\a841c8b5-4960-4555-87bf-dbd75965c3f5@aec11bbe-81d6-43aa-873c-a071b69ed8a5.com\locale\en-US\translations.dtd
c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\3ft93ug0.default\extensions\a841c8b5-4960-4555-87bf-dbd75965c3f5@aec11bbe-81d6-43aa-873c-a071b69ed8a5.com\skin\button1.png
c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\3ft93ug0.default\extensions\a841c8b5-4960-4555-87bf-dbd75965c3f5@aec11bbe-81d6-43aa-873c-a071b69ed8a5.com\skin\button2.png
c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\3ft93ug0.default\extensions\a841c8b5-4960-4555-87bf-dbd75965c3f5@aec11bbe-81d6-43aa-873c-a071b69ed8a5.com\skin\button3.png
c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\3ft93ug0.default\extensions\a841c8b5-4960-4555-87bf-dbd75965c3f5@aec11bbe-81d6-43aa-873c-a071b69ed8a5.com\skin\button4.png
c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\3ft93ug0.default\extensions\a841c8b5-4960-4555-87bf-dbd75965c3f5@aec11bbe-81d6-43aa-873c-a071b69ed8a5.com\skin\button5.png
c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\3ft93ug0.default\extensions\a841c8b5-4960-4555-87bf-dbd75965c3f5@aec11bbe-81d6-43aa-873c-a071b69ed8a5.com\skin\crossrider_statusbar.png
c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\3ft93ug0.default\extensions\a841c8b5-4960-4555-87bf-dbd75965c3f5@aec11bbe-81d6-43aa-873c-a071b69ed8a5.com\skin\icon128.png
c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\3ft93ug0.default\extensions\a841c8b5-4960-4555-87bf-dbd75965c3f5@aec11bbe-81d6-43aa-873c-a071b69ed8a5.com\skin\icon16.png
c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\3ft93ug0.default\extensions\a841c8b5-4960-4555-87bf-dbd75965c3f5@aec11bbe-81d6-43aa-873c-a071b69ed8a5.com\skin\icon24.png
c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\3ft93ug0.default\extensions\a841c8b5-4960-4555-87bf-dbd75965c3f5@aec11bbe-81d6-43aa-873c-a071b69ed8a5.com\skin\icon48.png
c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\3ft93ug0.default\extensions\a841c8b5-4960-4555-87bf-dbd75965c3f5@aec11bbe-81d6-43aa-873c-a071b69ed8a5.com\skin\panelarrow-up.png
c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\3ft93ug0.default\extensions\a841c8b5-4960-4555-87bf-dbd75965c3f5@aec11bbe-81d6-43aa-873c-a071b69ed8a5.com\skin\popup.html
c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\3ft93ug0.default\extensions\a841c8b5-4960-4555-87bf-dbd75965c3f5@aec11bbe-81d6-43aa-873c-a071b69ed8a5.com\skin\skin.css
c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\3ft93ug0.default\extensions\a841c8b5-4960-4555-87bf-dbd75965c3f5@aec11bbe-81d6-43aa-873c-a071b69ed8a5.com\skin\update.css
c:\users\Marc\Documents\~WRL3616.tmp
.
.
((((((((((((((((((((((((((((( Fichiers créés du 2014-02-16 au 2014-03-16 ))))))))))))))))))))))))))))))))))))
.
.
2014-03-16 10:59 . 2014-03-16 10:59 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2014-03-16 10:59 . 2014-03-16 10:59 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-03-16 09:31 . 2014-03-16 09:31 39464 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{DCD72ACF-A08F-43B7-AE18-20E93E504C7D}\MpKsl9cfcefc2.sys
2014-03-16 08:56 . 2014-03-16 08:56 40776 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2014-03-16 08:49 . 2014-03-16 08:49 -------- d-----w- c:\program files\Mozilla Maintenance Service
2014-03-16 08:44 . 2014-03-16 08:44 -------- d-----w- c:\program files\HiDefMedia
2014-03-16 08:18 . 2014-03-16 10:58 -------- d-----w- c:\program files\hdtotal1.2
2014-03-16 08:17 . 2014-03-16 08:17 -------- d-----w- c:\program files\View-Password-soft
2014-03-16 01:11 . 2014-02-06 07:08 7947048 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{DCD72ACF-A08F-43B7-AE18-20E93E504C7D}\mpengine.dll
2014-03-15 22:36 . 2014-02-20 06:20 765968 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{4E52A41C-F96F-47FC-81AA-124C82E00A8D}\gapaengine.dll
2014-03-15 22:34 . 2014-02-06 07:08 7947048 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2014-03-15 22:33 . 2014-02-07 10:38 2050560 ----a-w- c:\windows\system32\win32k.sys
2014-03-15 22:33 . 2014-02-03 10:37 505344 ----a-w- c:\windows\system32\qedit.dll
2014-03-15 22:33 . 2014-01-30 07:46 876032 ----a-w- c:\windows\system32\wer.dll
2014-03-15 22:33 . 2013-11-13 00:30 2048 ----a-w- c:\windows\system32\tzres.dll
2014-03-15 21:30 . 2014-03-15 21:30 -------- d-----w- c:\programdata\IePluginService
2014-03-15 21:29 . 2014-03-15 21:30 -------- d-----w- c:\users\Marc\AppData\Roaming\awesomehp
2014-03-15 21:29 . 2014-03-15 21:30 -------- d-----w- c:\program files\Browsersafeguard
2014-03-15 21:29 . 2014-03-15 21:30 -------- d-----w- c:\program files\SupTab
2014-03-15 16:44 . 2014-03-15 16:45 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware(11)
2014-03-15 16:25 . 2014-03-15 21:29 -------- d-----w- c:\programdata\WPM
2014-03-15 14:35 . 2014-03-15 14:35 -------- d-----w- c:\programdata\Free Download Manager
2014-03-15 08:51 . 2014-03-16 09:13 512 ----a-w- C:\PhysicalDisk0_MBR.bin
2014-03-15 08:42 . 2014-03-16 09:13 -------- d-----w- c:\program files\ZHPDiag
2014-03-15 08:42 . 2014-03-16 09:07 -------- d-----w- c:\users\Marc\AppData\Roaming\ZHP
2014-03-15 07:50 . 2014-03-15 07:53 -------- d-----w- C:\AdwCleaner
2014-02-28 12:17 . 2014-02-28 12:17 -------- d-----w- c:\windows\Migration
2014-02-27 19:47 . 2014-02-27 19:48 -------- d-----w- c:\programdata\LGMOBILEAX
2014-02-27 19:20 . 2014-02-27 19:20 -------- d-----w- c:\program files\MarkAny
2014-02-27 08:41 . 2014-02-27 08:41 -------- d-----w- c:\users\Marc\AppData\Local\Samsung
2014-02-27 08:41 . 2014-02-27 08:41 -------- d-----w- c:\users\Marc\AppData\Roaming\Samsung
2014-02-27 07:06 . 2014-01-23 03:21 88576 ----a-w- c:\windows\system32\drivers\ssudbus.sys
2014-02-27 07:06 . 2014-01-23 03:21 184192 ----a-w- c:\windows\system32\drivers\ssudserd.sys
2014-02-27 07:06 . 2014-01-23 03:21 184192 ----a-w- c:\windows\system32\drivers\ssudmdm.sys
2014-02-27 06:44 . 2013-04-18 18:08 4659712 ----a-w- c:\windows\system32\Redemption.dll
2014-02-27 06:44 . 2013-04-18 18:06 821824 ----a-w- c:\windows\system32\dgderapi.dll
2014-02-27 06:44 . 2013-04-18 18:06 319456 ----a-w- c:\windows\system32\DIFxAPI.dll
2014-02-27 06:44 . 2013-04-18 18:06 20032 ----a-w- c:\windows\system32\drivers\dgderdrv.sys
2014-02-27 06:42 . 2014-02-27 06:49 -------- d-----w- c:\program files\Samsung
2014-02-27 06:42 . 2014-02-27 06:48 -------- d-----w- c:\programdata\Samsung
2014-02-26 21:01 . 2014-03-15 22:20 -------- d-----w- c:\users\Marc\AppData\Roaming\IminentToolbar
2014-02-26 21:00 . 2014-02-26 21:00 -------- d-----w- c:\users\Marc\AppData\Roaming\ driver
2014-02-25 21:22 . 2014-02-25 21:22 -------- d-----w- c:\users\Marc\.android
2014-02-25 21:22 . 2014-02-25 21:22 -------- d-----w- c:\users\Marc\AppData\Local\cache
2014-02-24 22:18 . 2013-12-13 16:53 17496 ----a-w- c:\windows\system32\roboot.exe
2014-02-24 22:18 . 2014-03-16 08:40 -------- d-----w- c:\users\Marc\AppData\Roaming\systweak
2014-02-24 19:15 . 2014-02-27 20:35 -------- d-----w- C:\GT540
2014-02-24 19:08 . 2014-02-24 19:08 -------- d-----w- c:\users\Marc\AppData\Local\PC_Drivers_Headquarters
2014-02-22 08:22 . 2014-02-22 08:30 -------- d-----w- c:\windows\system32\MRT
2014-02-22 08:20 . 2014-02-22 08:20 303236 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\00\Intel32\setup.dll
2014-02-22 08:20 . 2014-02-22 08:20 180356 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\00\Intel32\iGdi.dll
2014-02-22 08:20 . 2004-04-18 22:42 733184 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\00\Intel32\iKernel.dll
2014-02-22 08:20 . 2004-04-18 22:40 69715 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\00\Intel32\ctor.dll
2014-02-22 08:20 . 2004-04-18 22:39 266240 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\00\Intel32\iscript.dll
2014-02-22 08:20 . 2004-04-18 22:39 172032 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\00\Intel32\iuser.dll
2014-02-22 08:20 . 2004-04-18 22:39 5632 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\00\Intel32\DotNetInstaller.exe
2014-02-22 08:09 . 2014-03-15 22:21 -------- d-----w- c:\users\Marc\{d6e9405d-c237-4f1b-880c-6514f9d2873b}
2014-02-22 08:09 . 2014-03-15 22:21 -------- d-----w- c:\users\Marc\{c30b8d8a-bb7e-407b-8140-7e087625186b}
2014-02-22 07:49 . 2011-05-06 18:37 655872 ----a-w- c:\windows\system32\msvcr90.dll
2014-02-22 07:49 . 2011-05-06 18:37 568832 ----a-w- c:\windows\system32\msvcp90.dll
2014-02-22 07:49 . 2011-05-06 18:37 224768 ----a-w- c:\windows\system32\msvcm90.dll
2014-02-22 07:49 . 2006-04-30 13:33 53248 ----a-w- c:\windows\system32\CommonDL.dll
2014-02-22 07:42 . 2012-03-02 15:02 25728 ----a-w- c:\windows\system32\drivers\lgandadb.sys
2014-02-22 07:42 . 2012-03-02 15:02 25088 ----a-w- c:\windows\system32\drivers\lgandmodem.sys
2014-02-22 07:42 . 2012-03-02 15:02 20736 ----a-w- c:\windows\system32\drivers\lganddiag.sys
2014-02-22 07:42 . 2012-03-02 15:02 20096 ----a-w- c:\windows\system32\drivers\lgandgps.sys
2014-02-22 07:42 . 2012-03-02 15:02 14336 ----a-w- c:\windows\system32\drivers\lgandbus.sys
2014-02-22 07:42 . 2011-07-18 14:01 1419232 ----a-w- c:\windows\system32\wdfcoinstaller01005.dll
2014-02-22 07:42 . 2014-02-24 19:51 -------- d-----w- c:\program files\LG Electronics
.
.
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-03-13 20:13 . 2012-04-08 18:58 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2014-03-13 20:13 . 2011-05-14 05:23 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2014-02-20 06:20 . 2012-06-12 15:58 765968 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2014-01-19 07:32 . 2009-10-03 04:40 231584 ------w- c:\windows\system32\MpSigStub.exe
2013-12-18 20:10 . 2014-01-18 07:13 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
.
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2008-03-04 21:38 121392 ----a-w- c:\program files\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MyTomTomSA.exe"="c:\program files\MyTomTom 3\MyTomTomSA.exe" [2013-08-01 458680]
"TomTomHOME.exe"="c:\program files\TomTom HOME 2\TomTomHOMERunner.exe" [2013-03-22 248208]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2013-03-14 3672640]
"KiesPreload"="c:\program files\Samsung\Kies\Kies.exe" [2014-02-14 1564992]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-10-23 948440]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-04-21 59720]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2012-10-25 421888]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2013-05-15 152392]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
"ArcSoft Connection Service"="c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2010-10-27 207424]
"RtHDVCpl"="RtHDVCpl.exe" [2008-03-26 5369856]
"KiesTrayAgent"="c:\program files\Samsung\Kies\KiesTrayAgent.exe" [2014-02-14 311616]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\3.8.141\SSScheduler.exe [2014-1-16 277920]
Philips GoGear VIBE Device Manager.lnk - c:\philips\GoGear VIBE Device Manager\GoGear_Vibe_DeviceManager.exe -silent [2010-3-14 1701224]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableSecureUIAPath"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"HonorAutoRunSetting"= 0 (0x0)
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"HonorAutoRunSetting"= 1
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKLM\~\startupfolder\C:^Users^Marc^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^LimeWire On Startup.lnk]
path=c:\users\Marc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LimeWire On Startup.lnk
backup=c:\windows\pss\LimeWire On Startup.lnk.Startup
backupExtension=.Startup
.
[HKLM\~\startupfolder\C:^Users^Marc^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 - Capture d'écran et lancement.lnk]
path=c:\users\Marc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 - Capture d'écran et lancement.lnk
backup=c:\windows\pss\OneNote 2007 - Capture d'écran et lancement.lnk.Startup
backupExtension=.Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acer Empowering Technology Monitor]
2008-04-25 11:31 319488 ----a-w- c:\program files\Acer\Empowering Technology\SysMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2013-11-21 16:57 959904 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ArcSoft Connection Service]
2010-10-27 18:17 207424 ----a-w- c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BkupTray]
2008-04-06 20:42 34040 ----a-w- c:\program files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ccleaner]
2013-04-23 15:25 3545880 ----a-w- c:\program files\CCleaner\CCleaner.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2013-03-14 08:23 3672640 ----a-w- c:\program files\DAEMON Tools Lite\DTLite.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eDataSecurity Loader]
2008-03-04 21:38 526896 ----a-w- c:\program files\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray.exe]
2008-01-21 02:25 125952 ----a-w- c:\windows\ehome\ehtray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EmpoweringTechnology]
2008-04-25 11:31 319488 ----a-w- c:\program files\Acer\Empowering Technology\Framework.Launcher.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCMMediaSharing]
2008-01-25 16:49 204908 ----a-w- c:\program files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PhilipsSongbirdLauncher]
2010-07-29 18:03 346624 ----a-w- c:\program files\Philips\Philips Songbird\extensions\philips-autoplay@philips.com\application\PhilipsSongbirdLauncher.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
2008-03-26 05:21 5369856 ----a-w- c:\windows\RtHDVCpl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2013-07-02 07:16 254336 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WarReg_PopUp]
2008-01-29 07:03 303104 ----a-w- c:\program files\Acer\WR_PopUp\WarReg_PopUp.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
2008-01-21 02:23 1008184 ----a-w- c:\program files\Windows Defender\MSASCui.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Mobile Device Center]
2007-05-31 07:21 648072 ----a-w- c:\windows\WindowsMobile\wmdc.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
2008-01-21 02:25 202240 ----a-w- c:\program files\Windows Media Player\wmpnscfg.exe
.
S2 Acer HomeMedia Connect Service;Acer HomeMedia Connect Service;c:\program files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe [2008-01-25 269448]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
bthsvcs REG_MULTI_SZ BthServ
WindowsMobile REG_MULTI_SZ wcescomm rapimgr
LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr
.
Contenu du dossier 'Tâches planifiées'
.
2014-03-16 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-08 20:13]
.
2014-03-16 c:\windows\Tasks\GoogleUpdateTaskMachineCore1cce17e47832cb6.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-04-16 16:57]
.
2014-03-16 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-04-16 16:57]
.
2014-03-16 c:\windows\Tasks\hdtotal1.2-chromeinstaller.job
- c:\program files\hdtotal1.2\hdtotal1.2-chromeinstaller.exe [2014-03-16 08:18]
.
2014-03-16 c:\windows\Tasks\hdtotal1.2-codedownloader.job
- c:\program files\hdtotal1.2\hdtotal1.2-codedownloader.exe [2014-03-16 08:18]
.
2014-03-16 c:\windows\Tasks\hdtotal1.2-enabler.job
- c:\program files\hdtotal1.2\hdtotal1.2-enabler.exe [2014-03-16 08:19]
.
2014-03-16 c:\windows\Tasks\hdtotal1.2-firefoxinstaller.job
- c:\program files\hdtotal1.2\hdtotal1.2-firefoxinstaller.exe [2014-03-16 08:18]
.
2014-03-16 c:\windows\Tasks\hdtotal1.2-updater.job
- c:\program files\hdtotal1.2\hdtotal1.2-updater.exe [2014-03-16 08:19]
.
2014-03-16 c:\windows\Tasks\View Password Update.job
- c:\program files\View-Password-soft\View-.exe [2014-03-16 08:17]
.
2014-03-16 c:\windows\Tasks\View Password_wd.job
- c:\program files\View-Password-soft\ViewPassword_wd.exe [2014-03-16 08:17]
.
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://search.conduit.com/?ctid=CT3323828&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=4&UP=SPEA546F4A-C506-402D-AF27-BCA912398774&SSPV=
mStart Page = hxxp://www.google.com
uInternet Settings,ProxyServer = http=127.0.0.1:13828
IE: Add to AVI Video Converter... - c:\program files\MP3 Player Utilities 4.22\AMVConverter\grab.html
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.1 192.168.1.1
DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48}
DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8}
FF - ProfilePath - c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\3ft93ug0.default\
FF - prefs.js: browser.search.defaulturl -
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.orange.fr/portail
FF - user.js: extensions.iminent.tlbrSrchUrl - hxxp://start.iminent.com/?ref=toolbarm#q=
FF - user.js: extensions.iminent.id - ea09fbf1000000000000001d72a1d124
FF - user.js: extensions.iminent.appId - {0E4B2CAB-B859-4C57-B96E-63DDEC692BC4}
FF - user.js: extensions.iminent.instlDay - 16127
FF - user.js: extensions.iminent.vrsn - 1.8.28.3
FF - user.js: extensions.iminent.vrsni - 1.8.28.3
FF - user.js: extensions.iminent.vrsnTs - 1.8.28.322:02
FF - user.js: extensions.iminent.prtnrId - iminent
FF - user.js: extensions.iminent.prdct - iminent
FF - user.js: extensions.iminent.aflt - orgnl
FF - user.js: extensions.iminent.smplGrp - none
FF - user.js: extensions.iminent.tlbrId - YBCPCSTIPO
FF - user.js: extensions.iminent.instlRef -
FF - user.js: extensions.iminent.dfltLng -
FF - user.js: extensions.iminent.excTlbr - false
FF - user.js: extensions.iminent.ffxUnstlRst - false
FF - user.js: extensions.iminent.admin - false
FF - user.js: extensions.iminent.autoRvrt - false
FF - user.js: extensions.iminent.rvrt - false
FF - user.js: extensions.iminent.newTab - false
FF - user.js: extensions.autoDisableScopes - 0
FF - user.js: extensions.shownSelectionUI - true
.
- - - - ORPHELINS SUPPRIMES - - - -
.
URLSearchHooks-{84FF7BD6-B47F-46F8-9130-01B2696B36CB} - (no file)
BHO-{84FF7BD6-B47F-46F8-9130-01B2696B36CB} - (no file)
HKCU-Run-KiesAirMessage - c:\program files\Samsung\Kies\KiesAirMessage.exe
HKCU-Run-lollipop - c:\users\marc\appdata\local\lollipop\lollipop.exe
HKLM-Run-mobilegeni daemon - c:\program files\Mobogenie\DaemonProcess.exe
HKLM-Run-IminentMessenger - c:\program files\Iminent\Iminent.Messengers.exe
SafeBoot-WudfPf
SafeBoot-WudfRd
MSConfigStartUp-msnmsgr - c:\program files\Windows Live\Messenger\msnmsgr.exe
MSConfigStartUp-MSSE - c:\program files\Microsoft Security Essentials\msseces.exe
AddRemove-01_Simmental - c:\program files\Samsung\USB Drivers\01_Simmental\Uninstall.exe
AddRemove-02_Siberian - c:\program files\Samsung\USB Drivers\02_Siberian\Uninstall.exe
AddRemove-03_Swallowtail - c:\program files\Samsung\USB Drivers\03_Swallowtail\Uninstall.exe
AddRemove-04_semseyite - c:\program files\Samsung\USB Drivers\04_semseyite\Uninstall.exe
AddRemove-07_Schorl - c:\program files\Samsung\USB Drivers\07_Schorl\Uninstall.exe
AddRemove-09_Hsp - c:\program files\Samsung\USB Drivers\09_Hsp\Uninstall.exe
AddRemove-11_HSP_Plus_Default - c:\program files\Samsung\USB Drivers\11_HSP_Plus_Default\Uninstall.exe
AddRemove-16_Shrewsbury - c:\program files\Samsung\USB Drivers\16_Shrewsbury\Uninstall.exe
AddRemove-20_NXP_Driver - c:\program files\Samsung\USB Drivers\20_NXP_Driver\Uninstall.exe
AddRemove-25_escape - c:\program files\Samsung\USB Drivers\25_escape\Uninstall.exe
AddRemove-eType - c:\users\Marc\AppData\Roaming\eType\eTypeUninstall.exe
AddRemove-lollipop - c:\users\marc\appdata\local\lollipop\lollipop.bat
AddRemove-MyFreeCodec - c:\program files\MyFree Codec\1.0b beta\uninstall.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2014-03-16 11:59
Windows 6.0.6002 Service Pack 2 NTFS
.
Recherche de processus cachés ...
.
Recherche d'éléments en démarrage automatique cachés ...
.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
mobilegeni daemon = c:\program files\Mobogenie\DaemonProcess.exe?????????????????????????????????????????????????????????????????????????????????????
IminentMessenger = c:\program files\Iminent\Iminent.Messengers.exe????????????????????????????????????????????????
.
Recherche de fichiers cachés ...
.
Scan terminé avec succès
Fichiers cachés: 0
.
**************************************************************************
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Heure de fin: 2014-03-16 12:02:05
ComboFix-quarantined-files.txt 2014-03-16 11:02
.
Avant-CF: 40 512 094 208 octets libres
Après-CF: 40 430 088 192 octets libres
.
- - End Of File - - A26D0B09C0F81869AB8490F24EB60C89
EF932EAA6EF4C94E66A7F6CEEC7EB422

j'attends ton message avant de faire quoi que ce soit

Réponse 25 / 124

Utilisateur anonyme

tu sais ce que c'est ce programme ?

c:\program files\Mobogenie

remets moi un nouveau rapport de Zhpdiag via Cjoint

Réponse 26 / 124

Marcopolo41 Messages postés 290 Date d'inscription Statut Membre Dernière intervention 1

je crois qu'il s'est télécharger quand je cherchais à installer les drivers pour téléphone portable et il me semblait l'avoir desinstallé...en ts les cas, toujours des fenêtres intempestives et mots surlignés...je refais un ZHPdiag

Réponse 27 / 124

Utilisateur anonyme

non, passe ADWCleaner en mode recherche, puis poste son rapport

Réponse 28 / 124

Marcopolo41 Messages postés 290 Date d'inscription Statut Membre Dernière intervention 1

ci-joint le rapport
https://www.cjoint.com/?DCqmwdWE2jz

difficile d'être plus rapide, car les fenetres que j'utilise disparaissent..comme cjoint au profit d'une fenêtre MAJ Java...la fièvre monte docteur?

Réponse 29 / 124

Marcopolo41 Messages postés 290 Date d'inscription Statut Membre Dernière intervention 1

difficle de suivre, j'ai toujours un metro de retard..je repasse donc adwcleaner

Réponse 30 / 124

Marcopolo41 Messages postés 290 Date d'inscription Statut Membre Dernière intervention 1

voici le rapport
https://www.cjoint.com/?DCqmNT8l3a7
je n'ai rien supprimé, j'attends tes instructions

Réponse 31 / 124

Utilisateur anonyme

ok,

on l'a fait un peu dans désordre, c'est entièrement de ma faute : je te réponds trop vite :P

relance ADWc, clique sur nettoyer

poste son rapport après le redémarrage du pc

Réponse 32 / 124

Marcopolo41 Messages postés 290 Date d'inscription Statut Membre Dernière intervention 1

Bon voici le rapport https://www.cjoint.com/?DCqnSH5MdxK
pour info, toujours autant de fenêtre, de petites fenetres qui apparaissent sur mots surlignés...
merci de ton support

Réponse 33 / 124

Marcopolo41 Messages postés 290 Date d'inscription Statut Membre Dernière intervention 1

je viens de désinstaller viewpassword...qui apparaissait ds toutes mes fenetres!

Réponse 34 / 124

Utilisateur anonyme

ok, ces fenêtres apparaissent sous quel navigateur ?

Réponse 35 / 124

Marcopolo41 Messages postés 290 Date d'inscription Statut Membre Dernière intervention 1

sur Firefox..mais depuis que j'ai désinstallé viewpassword, j'en ai plus...

Réponse 36 / 124

Utilisateur anonyme

sauvegarde tes marques pages,

désinstalle Firefox,

cherche et supprime son répertoire nommé Mozilla !

retélécharge et réinstalle le depuis son site dédié pour voir !

Réponse 37 / 124

Marcopolo41 Messages postés 290 Date d'inscription Statut Membre Dernière intervention 1

Ok c'est fait....bon là ça a l'air d'aller....mais c'est surtout depuis que j'ai viré viewpassword!

Réponse 38 / 124

Utilisateur anonyme

ok,

aide toi de ceci pour me faire passer un nouveau rapport de Zhpdiag :

https://forums.commentcamarche.net/forum/affich-29881742-multifenetres-et-mots-surlignes?full#1

Réponse 39 / 124

Marcopolo41 Messages postés 290 Date d'inscription Statut Membre Dernière intervention 1

voila comme demandé https://www.cjoint.com/?DCqsWI3Tg7F

Réponse 40 / 124

Utilisateur anonyme

tu n'as pas désinstallé McAfee Security Scan Plus !

* /!\ Avertissement /!\,
* ce script est seulement valable pour ce pc, en cours du nettoyage, à ne pas utiliser sur un autre pc, risque de plantage !

* Lance ZHPFix via le raccourci sur ton Bureau, l'icône est sous forme de seringue.

/!\Utilisateur de Vista, Seven et W8 :

* Clique droit sur le logo de ZHPfix, « exécuter en tant qu'Administrateur »

Clique sur « importer »

Tu vas voir apparaitre un message d'avertissement, clique sur Ok.

* * Copie ( Ctrl + C ) et colle ( Ctrl + V ) les lignes suivantes en gras dans la fenêtre de Zhpfix :
---------------------------------------------------------

Script Zhpfix
[MD5.587ED4471595300C7A154C2F64B15E7B] [WIS][02/09/2012] (.SweetIM Technologies Ltd. - SweetIM for Messenger 3.7.) -- C:\Windows\Installer\3b0fbf.msi [2046464]
[MD5.9E61B582BEC5A62573A1A200E7C6FF79] [WIS][02/09/2012] (.SweetIM Technologies Ltd. - SweetPacks Toolbar for Internet Explorer 4.0.) -- C:\Windows\Installer\3b0fc5.msi [1859072]
[MD5.0854F619B6236F41FE2D56C5E655E946] [WIS][02/09/2012] (.SweetIM Technologies Ltd. - Sweetpacks Communicator 1.0.) -- C:\Windows\Installer\3b0fcb.msi [1417728]
c:\programdata\IePluginService
c:\program files\Browsersafeguard
c:\program files\SupTab
c:\programdata\WPM
c:\users\Marc\AppData\Roaming\IminentToolbar
c:\windows\system32\roboot.exe
opt:O4 - GS\Desktop [Public]: Go for Files.lnk . (...) -- C:\Program Files\GoforFiles\GoforFiles.exe (.not file.)
O3 - Toolbar: Acer eDataSecurity Management - [HKLM]{5CBE3B7C-1E47-477e-A7DD-396DB0476E29} . (.Egis Incorporated. - Acer eDataSecurity Management Explorer Tool.) -- C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5CBE3B7C-1E47-477E-A7DD-396DB0476E29}] [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{5CBE3B7C-1E47-477E-A7DD-396DB0476E29}]
[HKLM\Software\Classes\CLSID\{5CBE3B7C-1E47-477E-A7DD-396DB0476E29}]
EmptyPrefetch
ShortcutFix
Emptytemp
EmptyClsid

----------------------------------------------------------
- Clique sur le bouton « GO » pour lancer le nettoyage,
- confirme le nettoyage
- Héberge le rapport ZHPFIX.txt sur
https://www.cjoint.com/
ou
https://up2sha.re/
puis copie/colle le lien fourni dans ta prochaine réponse sur le forum.

Tuto en bas de cette page :
http://nicolascoolman.webs.com/tutorials.htm

Multifenêtres et mots surlignés - Page 2

Discussions similaires

Newsletters