Se connecter / S'enregistrer
Votre question

résultat combofix sur un ordi d'occase

Tags :
  • Windows
  • X86
  • Sécurité
Dernière réponse : dans Sécurité et virus
21 Décembre 2012 02:10:32


Bonjours à tous
j'ai acheter un ordi d'occase mais il rame etc...
on ma dit d'utiliser combofix. donc voici le résultat si quelqu'un peu me dire ce serait sympa

Merci de votre aide.


ComboFix 12-12-20.02 - didier1 20-12-12 16:17:29.1.2 - x64
Microsoft Windows 7 Édition Intégrale 6.1.7601.1.1252.2.1036.18.6143.4169 [GMT -5:00]
Lancé depuis: c:\users\didier1\Downloads\ComboFix.exe
AV: G Data TotalProtection 2013 *Disabled/Updated* {39B780B4-63C2-05B0-3B40-8F7A21E4F496}
FW: Pare-feu personnel G Data *Disabled* {018C0191-29AD-04E8-101F-264FDF37B3ED}
SP: G Data TotalProtection 2013 *Disabled/Updated* {82D66150-45F8-0A3E-01F0-B4085A63BE2B}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
ADS - Windows: deleted 24 bytes in 1 streams.
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\dir
c:\program files (x86)\IMinent Toolbar\tbHElper.dll
c:\program files (x86)\SpeedBit Video Downloader\Toolbar\tbhelper.dll
c:\programdata\1351447658.bdinstall.bin
c:\programdata\1351785764.bdinstall.bin
c:\programdata\dsgsdgdsgdsgw.pad
c:\programdata\QuestScan
c:\users\didier1\AppData\Local\MétéoMédia\WeatherEye.exe
c:\users\didier1\AppData\Roaming\HBLite
c:\users\didier1\AppData\Roaming\vso_ts_preview.xml
c:\windows\SysWow64\AdbWinApi.dll
c:\windows\wininit.ini
.
.
((((((((((((((((((((((((((((( Fichiers créés du 2012-11-20 au 2012-12-20 ))))))))))))))))))))))))))))))))))))
.
.
2012-12-20 22:25 . 2012-12-20 22:25 -------- dc----w- c:\users\UpdatusUser\AppData\Local\temp
2012-12-20 22:25 . 2012-12-20 22:25 -------- dc----w- c:\users\Invité\AppData\Local\temp
2012-12-20 22:25 . 2012-12-20 22:25 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-12-20 18:18 . 2012-11-19 06:01 9125352 -c--a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{61123158-A609-4417-AD90-5951A8107530}\mpengine.dll
2012-12-20 18:18 . 2012-05-31 16:25 279656 ------w- c:\windows\system32\MpSigStub.exe
2012-12-20 16:55 . 2012-12-20 17:48 -------- d-----w- C:\sh4ldr
2012-12-20 16:55 . 2012-12-20 16:55 -------- d-----w- c:\program files\Enigma Software Group
2012-12-20 08:06 . 2012-12-20 08:06 -------- dc----w- c:\users\Invité\AppData\Roaming\Iminent
2012-12-16 15:57 . 2012-12-16 15:57 -------- d-----w- c:\users\didier1\AppData\Roaming\WebPlayerBdd
2012-12-16 04:25 . 2012-12-16 04:25 -------- d-----w- C:\Kreapixel
2012-12-16 04:01 . 2012-12-16 04:01 -------- d-----w- c:\users\didier1\AppData\Roaming\Iminent
2012-12-16 04:01 . 2012-12-16 04:01 -------- d-----w- c:\programdata\Iminent
2012-12-16 04:01 . 2012-12-20 22:24 -------- d-----w- c:\program files (x86)\IMinent Toolbar
2012-12-16 04:01 . 2012-12-20 18:01 -------- d-----w- c:\program files (x86)\Common Files\Umbrella
2012-12-16 04:01 . 2012-12-16 04:01 -------- d-----w- c:\program files (x86)\Iminent
2012-12-16 03:59 . 2012-12-16 03:59 -------- d-----w- c:\program files (x86)\Webplayer setup
2012-12-16 03:59 . 2012-12-16 03:59 -------- d-----w- c:\users\didier1\AppData\Local\Programs
2012-12-15 16:37 . 2012-12-20 20:03 922065 ----a-w- c:\windows\SysWow64\sig.bin
2012-12-15 14:59 . 2012-12-15 14:59 -------- d-----w- c:\users\didier1\AppData\Roaming\G Data
2012-12-15 14:51 . 2012-12-15 14:51 16504 ----a-w- c:\windows\system32\drivers\GdPhyMem.sys
2012-12-15 14:51 . 2012-12-15 14:51 106648 ----a-w- c:\windows\system32\drivers\GRD.sys
2012-12-15 14:45 . 2012-10-16 09:48 10792 ----a-w- c:\windows\SysWow64\GdScrSv.fr.dll
2012-12-15 14:37 . 2012-12-15 14:37 -------- d-----w- c:\users\didier1\AppData\Local\G DATA
2012-12-15 14:00 . 2012-12-15 14:00 -------- d-----w- c:\windows\SysWow64\BioAPIFFDB
2012-12-15 14:00 . 2012-12-15 14:00 98760 ----a-w- c:\windows\system32\drivers\TS4nt.sys
2012-12-15 13:59 . 2012-12-15 14:49 60320 ----a-w- c:\windows\system32\drivers\PktIcpt.sys
2012-12-15 13:59 . 2012-12-15 13:59 64376 ----a-w- c:\windows\system32\drivers\HookCentre.sys
2012-12-15 13:59 . 2012-12-15 14:45 126880 ----a-w- c:\windows\system32\drivers\MiniIcpt.sys
2012-12-15 13:58 . 2012-12-15 14:45 54176 ----a-w- c:\windows\system32\drivers\GDBehave.sys
2012-12-15 13:58 . 2012-12-15 14:45 64416 ----a-w- c:\windows\system32\drivers\gdwfpcd64.sys
2012-12-15 13:57 . 2012-12-15 13:57 -------- d-----w- c:\programdata\G DATA Software
2012-12-15 13:57 . 2012-12-15 14:48 -------- d-----w- c:\program files (x86)\Common Files\G Data
2012-12-15 13:57 . 2012-12-15 14:33 -------- d-----w- c:\programdata\G DATA
2012-12-15 13:57 . 2012-12-15 13:57 -------- d-----w- c:\program files (x86)\G Data
2012-12-14 18:44 . 2012-12-14 18:44 -------- d-----w- c:\users\didier1\dsc
2012-12-14 18:30 . 2012-12-14 18:44 -------- d-----w- c:\users\didier1\vw
2012-12-14 18:30 . 2012-12-14 18:30 -------- d-----w- c:\users\didier1\eMailTrackerPro
2012-12-14 18:30 . 2012-12-14 18:47 -------- d-----w- c:\program files (x86)\eMailTrackerPro 2009
2012-12-12 21:21 . 2012-11-12 12:28 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2012-12-12 21:19 . 2012-10-04 17:41 424960 ----a-w- c:\windows\system32\KernelBase.dll
2012-12-04 00:08 . 2012-12-04 00:08 -------- d-----w- c:\programdata\Ask
2012-12-04 00:07 . 2012-12-04 00:07 -------- d-----w- c:\program files (x86)\FreeTime
2012-12-03 23:59 . 2012-12-03 23:59 -------- d-----w- c:\programdata\Canneverbe Limited
2012-12-03 23:59 . 2012-12-03 23:59 -------- d-----w- c:\users\didier1\AppData\Roaming\Canneverbe Limited
2012-12-03 23:59 . 2012-12-03 23:59 -------- d-----w- c:\program files (x86)\CDBurnerXP
2012-11-29 20:15 . 2012-12-20 17:56 -------- d-----w- c:\program files (x86)\EasyCapture
.
.
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-12-15 05:45 . 2011-02-07 21:18 67413224 ----a-w- c:\windows\system32\MRT.exe
2012-12-11 18:29 . 2012-03-31 13:55 697272 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-12-11 18:29 . 2011-05-17 16:42 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-10-25 04:37 . 2012-10-25 04:37 27136 ----a-w- c:\windows\system32\bddel.exe
2012-10-21 19:29 . 2011-02-07 22:47 18960 ----a-w- c:\windows\system32\drivers\LNonPnP.sys
2012-10-11 02:23 . 2012-10-11 02:23 1867112 ----a-w- c:\windows\SysWow64\nvcuvenc.dll
2012-10-11 02:23 . 2012-10-11 02:23 18252136 ----a-w- c:\windows\system32\nvd3dumx.dll
2012-10-11 02:23 . 2012-09-15 02:11 1482600 ----a-w- c:\windows\system32\nvdispgenco64.dll
2012-10-11 02:23 . 2012-10-11 02:23 6127464 ----a-w- c:\windows\SysWow64\nvopencl.dll
2012-10-11 02:23 . 2012-10-11 02:23 2574696 ----a-w- c:\windows\SysWow64\nvcuvid.dll
2012-10-11 02:23 . 2012-10-11 02:23 25256296 ----a-w- c:\windows\system32\nvcompiler.dll
2012-10-11 02:23 . 2012-10-11 02:23 7414632 ----a-w- c:\windows\system32\nvopencl.dll
2012-10-11 02:23 . 2012-10-11 02:23 2731880 ----a-w- c:\windows\system32\nvapi64.dll
2012-10-11 02:23 . 2012-10-11 02:23 14922600 ----a-w- c:\windows\system32\nvwgf2umx.dll
2012-10-11 02:23 . 2012-10-11 02:23 9146728 ----a-w- c:\windows\system32\nvcuda.dll
2012-10-11 02:23 . 2012-10-11 02:23 7697768 ----a-w- c:\windows\SysWow64\nvcuda.dll
2012-10-11 02:23 . 2012-10-11 02:23 2218344 ----a-w- c:\windows\system32\nvcuvenc.dll
2012-10-11 02:23 . 2012-10-11 02:23 12501352 ----a-w- c:\windows\SysWow64\nvwgf2um.dll
2012-10-11 02:22 . 2012-10-11 02:22 2428776 ----a-w- c:\windows\SysWow64\nvapi.dll
2012-10-11 02:22 . 2012-10-11 02:22 26331496 ----a-w- c:\windows\system32\nvoglv64.dll
2012-10-11 02:22 . 2011-08-12 23:50 1760104 ----a-w- c:\windows\system32\nvdispco64.dll
2012-10-11 02:22 . 2012-10-11 02:22 15309160 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2012-10-11 02:22 . 2012-10-11 02:22 2747240 ----a-w- c:\windows\system32\nvcuvid.dll
2012-10-11 02:22 . 2012-10-11 02:22 19906920 ----a-w- c:\windows\SysWow64\nvoglv32.dll
2012-10-11 02:22 . 2012-10-11 02:22 13443944 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2012-10-11 02:22 . 2012-10-11 02:22 17559912 ----a-w- c:\windows\SysWow64\nvcompiler.dll
2012-10-06 21:32 . 2012-10-06 21:32 98304 ----a-w- c:\windows\SysWow64\CmdLineExt.dll
2012-10-04 16:40 . 2012-12-12 21:19 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2012-10-02 19:51 . 2011-01-08 01:49 3293544 ----a-w- c:\windows\system32\nvsvc64.dll
2012-10-02 19:51 . 2011-01-08 01:50 6200680 ----a-w- c:\windows\system32\nvcpl.dll
2012-10-02 19:50 . 2011-01-08 01:49 118120 ----a-w- c:\windows\system32\nvmctray.dll
2012-10-02 19:50 . 2011-01-08 01:49 891240 ----a-w- c:\windows\system32\nvvsvc.exe
2012-10-02 19:50 . 2011-01-08 01:49 2557800 ----a-w- c:\windows\system32\nvsvcr.dll
2012-10-02 19:50 . 2010-07-09 21:27 63336 ----a-w- c:\windows\system32\nvshext.dll
2012-10-02 18:15 . 2012-10-02 18:15 430952 ----a-w- c:\windows\SysWow64\nvStreaming.exe
2012-09-25 22:47 . 2012-11-16 12:00 78336 ----a-w- c:\windows\SysWow64\synceng.dll
2012-09-25 22:46 . 2012-11-16 12:00 95744 ----a-w- c:\windows\system32\synceng.dll
2012-09-25 03:16 . 2012-10-21 19:37 95208 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
.
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{389943B0-C3A2-4E69-82CB-8596A84CB3DC}]
2012-05-28 18:19 510144 ----a-w- c:\program files (x86)\SearchPredict\SearchPredict.dll
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{58124A0B-DC32-4180-9BFF-E0E21AE34026}]
2010-07-02 14:54 2607872 ----a-w- c:\program files (x86)\IMinent Toolbar\tbcore3.dll
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{92A9ACF4-9333-43AE-9698-DB283326F87F}]
2012-09-16 13:49 2660016 ----a-w- c:\program files (x86)\SPEEDbit Video Downloader\Toolbar\tbcore3.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{977AE9CC-AF83-45E8-9E03-E2798216E2D5}"= "c:\program files (x86)\IMinent Toolbar\tbcore3.dll" [2010-07-02 2607872]
.
[HKEY_CLASSES_ROOT\clsid\{977ae9cc-af83-45e8-9e03-e2798216e2d5}]
[HKEY_CLASSES_ROOT\TBSB01620.TBSB01620.3]
[HKEY_CLASSES_ROOT\TypeLib\{EC4085F2-8DB3-45a6-AD0B-CA289F3C5D7E}]
[HKEY_CLASSES_ROOT\TBSB01620.TBSB01620]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
"G Data AntiVirus Tray Application"="c:\program files (x86)\G Data\TotalProtection\AVKTray\AVKTray.exe" [2012-09-17 995352]
"GDFirewallTray"="c:\program files (x86)\G Data\TotalProtection\Firewall\GDFirewallTray.exe" [2012-01-27 1470968]
"Iminent"="c:\program files (x86)\Iminent\Iminent.exe" [2012-12-12 1074376]
"IminentMessenger"="c:\program files (x86)\Iminent\Iminent.Messengers.exe" [2012-12-12 884936]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce]
"SPUpdSentinel"="c:\program files (x86)\Common Files\Umbrella\Umbrella_bkp.exe" [2012-12-10 2620016]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer3"=wdmaud.drv
.
R0 AvanquestFltr;AvanquestFltr;c:\windows\system32\DRIVERS\mxRCycle.sys [x]
R1 GLogin;GLogin; [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 Andbus;LGE Android Platform Composite USB Device;c:\windows\system32\DRIVERS\lgandbus64.sys [x]
R3 AndDiag;LGE Android Platform USB Serial Port;c:\windows\system32\DRIVERS\lganddiag64.sys [x]
R3 AndGps;LGE Android Platform USB GPS NMEA Port;c:\windows\system32\DRIVERS\lgandgps64.sys [x]
R3 ANDModem;LGE Android Platform USB Modem;c:\windows\system32\DRIVERS\lgandmodem64.sys [x]
R3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\DRIVERS\ew_hwusbdev.sys [x]
R3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\DRIVERS\ewusbnet.sys [x]
R3 HTCAND64;HTC Device Driver;c:\windows\system32\Drivers\ANDROIDUSB.sys [2009-11-01 33736]
R3 htcnprot;HTC NDIS Protocol Driver;c:\windows\system32\DRIVERS\htcnprot.sys [2010-06-25 36928]
R3 huawei_enumerator;huawei_enumerator;c:\windows\system32\DRIVERS\ew_jubusenum.sys [x]
R3 LgBttPort;LGE Bluetooth TransPort;c:\windows\system32\DRIVERS\lgbtpt64.sys [x]
R3 lgbusenum;LG Bluetooth Bus Enumerator;c:\windows\system32\DRIVERS\lgbtbs64.sys [x]
R3 LGVMODEM;LGE Virtual Modem;c:\windows\system32\DRIVERS\lgvmdm64.sys [x]
R3 MSHUSBVideo;NX6000/NX3000/VX2000/VX5000/VX5500/VX7000/Cinema Filter Driver;c:\windows\system32\Drivers\nx6000.sys [2010-01-29 36720]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-20 20992]
R3 silabenm;Silicon Labs CP210x USB to UART Bridge Serial Port Enumerator Driver;c:\windows\system32\DRIVERS\silabenm.sys [2011-01-28 27336]
R3 silabser;Silicon Labs CP210x USB to UART Bridge Driver;c:\windows\system32\DRIVERS\silabser.sys [2011-01-28 69120]
R3 swg3kser00;Sierra Wireless QMI USB Device for Legacy Serial Communication;c:\windows\system32\DRIVERS\swg3kser00.sys [2011-05-13 258432]
R3 swiwdmbx;Sierra Wireless USB Bus Service;c:\windows\system32\DRIVERS\swiwdmbx64.sys [2011-05-16 109312]
R3 SWNC8UA3;Sierra Wireless MUX NDIS Driver (UMTSA3);c:\windows\system32\DRIVERS\swnc8ua3.sys [2011-03-03 249344]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Service Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [2011-02-07 1255736]
R4 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe [2011-09-23 641832]
R4 PassThru Service;Internet Pass-Through Service;c:\program files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [2011-09-15 88576]
R4 TeamViewer7;TeamViewer 7;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-03-19 2666880]
S0 GDBehave;GDBehave;c:\windows\system32\drivers\GDBehave.sys [2012-12-15 54176]
S0 NBVol;Nero Backup Volume Filter Driver;c:\windows\system32\DRIVERS\NBVol.sys [2011-07-13 72240]
S0 NBVolUp;Nero Backup Volume Upper Filter Driver;c:\windows\system32\DRIVERS\NBVolUp.sys [2011-07-13 15920]
S0 TS4NT;TS4nt driver;c:\windows\System32\Drivers\TS4nt.sys [2012-12-15 98760]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-03-28 283200]
S1 GDMnIcpt;GDMnIcpt;c:\windows\system32\drivers\MiniIcpt.sys [2012-12-15 126880]
S1 gdwfpcd;G Data WFP CD;c:\windows\system32\drivers\gdwfpcd64.sys [2012-12-15 64416]
S1 GRD;G Data Rootkit Detector Driver;c:\windows\system32\drivers\GRD.sys [2012-12-15 106648]
S1 HookCentre;HookCentre;c:\windows\system32\drivers\HookCentre.sys [2012-12-15 64376]
S1 Uim_VIM;UIM Virtual Image Plugin;c:\windows\system32\Drivers\uim_vimx64.sys [2011-10-13 352816]
S2 AVKProxy;G Data AntiVirus Proxy;c:\program files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe [2012-08-23 1542680]
S2 AVKService;Planificateur G Data;c:\program files (x86)\G Data\TotalProtection\AVK\AVKService.exe [2012-01-27 468472]
S2 AVKWCtl;Gardien du système de fichiers G Data;c:\program files (x86)\G Data\TotalProtection\AVK\AVKWCtlX64.exe [2012-08-30 2011568]
S2 GDBackupSvc;Service G Data Backup;c:\program files (x86)\G Data\TotalProtection\AVKBackup\AVKBackupService.exe [2012-09-11 1617432]
S2 SProtection;SProtection;c:\program files (x86)\Common Files\Umbrella\Umbrella.exe [2012-12-10 2620016]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-10-02 382824]
S2 SwiCardDetectSvc;Sierra Wireless Card Detection Service;c:\program files (x86)\Sierra Wireless Inc\Common\SwiCardDetect64.exe [2011-04-08 315760]
S2 TSNxGService;G Data Coffre-fort Service;c:\program files (x86)\G Data\TotalProtection\TSNxG\TSNxGService.exe [2012-05-24 306216]
S3 GDFwSvc;Pare-feu personnel G Data;c:\program files (x86)\G Data\TotalProtection\Firewall\GDFwSvcx64.exe [2012-06-04 1766464]
S3 GDPkIcpt;GDPkIcpt;c:\windows\system32\drivers\PktIcpt.sys [2012-12-15 60320]
S3 GDScan;G Data Scanner;c:\program files (x86)\Common Files\G Data\GDScan\GDScan.exe [2012-03-29 470008]
S3 GDTunerSvc;G Data Tuner Service;c:\program files (x86)\G Data\TotalProtection\AVKTuner\AVKTunerService.exe [2012-05-14 1218552]
.
.
Contenu du dossier 'Tâches planifiées'
.
2012-12-20 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-31 18:29]
.
2012-12-20 c:\windows\Tasks\Google Software Updater.job
- c:\program files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-11-17 21:27]
.
2012-12-20 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-03-03 06:54]
.
2012-12-20 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-03-03 06:54]
.
2012-12-15 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1171018853-3814722064-2655295113-1001Core.job
- c:\users\didier1\AppData\Local\Google\Update\GoogleUpdate.exe [2011-03-11 06:54]
.
2012-12-20 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1171018853-3814722064-2655295113-1001UA.job
- c:\users\didier1\AppData\Local\Google\Update\GoogleUpdate.exe [2011-03-11 06:54]
.
2012-12-20 c:\windows\Tasks\HP Photo Creations Messager.job
- c:\programdata\HP Photo Creations\MessageCheck.exe [2011-02-15 10:11]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NVRaidService"="c:\program files\NVIDIA Corporation\Raid\nvraidservice.exe" [2010-04-09 291944]
"EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2011-10-07 1744152]
.
------- Examen supplémentaire -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.tf1.fr/
mStart Page = about:blank
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyServer = 87.98.217.114:80
LSP: c:\program files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll
TCP: DhcpNameServer = 192.168.1.254
.
- - - - ORPHELINS SUPPRIMES - - - -
.
Toolbar-{ba14329e-9550-4989-b3f2-9732e92d17cc} - (no file)
Toolbar-{30F9B915-B755-4826-820B-08FBA6BD249D} - (no file)
Toolbar-10 - (no file)
Toolbar-Locked - (no file)
Wow6432Node-HKCU-Run-WeatherEye - c:\users\didier1\AppData\Local\MétéoMédia\WeatherEye.exe
Wow6432Node-HKLM-Run-TaskTray - (no file)
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
Wow6432Node-HKLM-Run-TSNxG4Tray - c:\program files (x86)\G Data\TotalProtection\TSNxG\TSNxGTray.exe
Toolbar-10 - (no file)
Toolbar-Locked - (no file)
WebBrowser-{BA14329E-9550-4989-B3F2-9732E92D17CC} - (no file)
WebBrowser-{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - (no file)
WebBrowser-{977AE9CC-AF83-45E8-9E03-E2798216E2D5} - (no file)
AddRemove-MétéoÉclair - c:\users\didier1\AppData\Local\MétéoMédia\WeatherEye.exe
.
.
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_135_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_135_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_135_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_135_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Heure de fin: 2012-12-20 17:31:27
ComboFix-quarantined-files.txt 2012-12-20 22:31
.
Avant-CF: 191 461 814 272 octets libres
Après-CF: 191 328 849 920 octets libres
.
- - End Of File - - 7000B20BCE153F95C8B75B4DD1DD7E11

Autres pages sur : resultat combofix ordi occase

a c 547 8 Sécurité
a b 9 Windows
21 Décembre 2012 11:04:00

Bonjour,

Si c’est un ordi récupéré et que tu souhaites repartir sur du "propre", pourquoi ne pas réinstaller complètement le système ?
Si c'est un pc de marque, tu peux utiliser la partition de récupération pour cela.

ça irait plus vite ...

On peut passer du temps à vérifier l'absence d'infection (pour le moment il y a surtout des adwares, logiciels publicitaires), mais cela ne résoudra pas les soucis d'un système mal entretenu ou bourré de programmes installé ou mal désinstallés ...

:jap: 
21 Décembre 2012 16:25:15

Bonjour


Je veux bien mais le problème est que je n'ai pas le cd de W7 intégral. la personne la vendu à quelqu'un bref.
Donc si je peux le néttoyer ce serais mieux.
je voulais le formater , mais pas le cd d'installation donc voila la situation.
merci de votre aide j'apprécie.
a c 547 8 Sécurité
a b 9 Windows
21 Décembre 2012 20:06:28

Re,

C’est un pc de marque ou un pc monté avec le système installé ensuite ?
Si marque, quelle marque/modèle ?
Tom's guide dans le monde
  • Allemagne
  • Italie
  • Irlande
  • Royaume Uni
  • Etats Unis
Suivre Tom's Guide
Inscrivez-vous à la Newsletter
  • ajouter à twitter
  • ajouter à facebook
  • ajouter un flux RSS