redirection intempestives

airone33 · le 17 mai 2011

Bonjour,

Depuis peu, à partir d'une recherche Google, en cliquant sur le lien d'un site, une ou plusieurs pages de publicité s'ouvrent à la place de ce site avec une récurrence pour "goingonearth"

J'ai vu beaucoup de post à ce sujet, sans réponse claire pour moi.

Voici le compte rendu de combofix

ComboFix 11-05-16.03 - Dominique Depons 17/05/2011 15:10:01.1.8 - x64

Microsoft Windows 7 Édition Familiale Premium 6.1.7600.0.1252.33.1036.18.4031.2399 [GMT 2:00]

Lancé depuis: c:\users\Dominique Depons\Downloads\ComboFix.exe

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

* Un nouveau point de restauration a été créé

.

((((((((((((((((((((((((((((( Fichiers créés du 2011-04-17 au 2011-05-17 ))))))))))))))))))))))))))))))))))))

.

2011-05-17 13:13 . 2011-05-17 13:13 -------- d-----w- c:\users\Default\AppData\Local\temp

2011-05-16 17:11 . 2011-04-09 06:58 142336 ----a-w- c:\windows\system32\poqexec.exe

2011-05-16 17:11 . 2011-04-09 05:56 123904 ----a-w- c:\windows\SysWow64\poqexec.exe

2011-05-10 20:55 . 2011-04-09 06:54 5475712 ----a-w- c:\windows\system32\ntoskrnl.exe

2011-05-10 20:55 . 2011-04-09 06:21 3967360 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe

2011-05-10 20:55 . 2011-04-09 06:21 3911552 ----a-w- c:\windows\SysWow64\ntoskrnl.exe

2011-05-10 20:55 . 2011-03-29 03:32 343040 ----a-w- c:\windows\system32\drivers\usbhub.sys

2011-05-10 20:55 . 2011-03-29 03:32 99328 ----a-w- c:\windows\system32\drivers\usbccgp.sys

2011-05-10 20:55 . 2011-03-29 03:32 324608 ----a-w- c:\windows\system32\drivers\usbport.sys

2011-05-10 20:55 . 2011-03-29 03:32 52224 ----a-w- c:\windows\system32\drivers\usbehci.sys

2011-05-10 20:55 . 2011-03-29 03:32 25600 ----a-w- c:\windows\system32\drivers\usbohci.sys

2011-05-10 20:55 . 2011-03-29 03:32 30720 ----a-w- c:\windows\system32\drivers\usbuhci.sys

2011-05-10 20:55 . 2011-03-29 03:32 7936 ----a-w- c:\windows\system32\drivers\usbd.sys

2011-05-07 12:18 . 2011-05-17 10:08 -------- d-----r- c:\users\Dominique Depons\Dropbox

2011-05-07 12:13 . 2011-05-07 12:13 -------- d-----w- c:\users\Dominique Depons\drop

2011-05-07 12:07 . 2011-05-17 10:08 -------- d-----w- c:\users\Dominique Depons\AppData\Roaming\Dropbox

2011-05-05 15:35 . 2010-04-14 12:28 11776 ----a-w- c:\windows\system32\drivers\massfilter.sys

2011-05-05 15:35 . 2009-07-21 12:05 119680 ----a-w- c:\windows\system32\drivers\ZTEusbvoice.sys

2011-05-05 15:35 . 2009-07-21 12:05 119680 ----a-w- c:\windows\system32\drivers\ZTEusbser6k.sys

2011-05-05 15:35 . 2009-07-21 12:05 119680 ----a-w- c:\windows\system32\drivers\ZTEusbnmeaext.sys

2011-05-05 15:35 . 2009-07-21 12:05 119680 ----a-w- c:\windows\system32\drivers\ZTEusbnmea.sys

2011-05-05 15:35 . 2009-07-21 12:05 119680 ----a-w- c:\windows\system32\drivers\ZTEusbmdm6k.sys

2011-05-05 15:35 . 2009-07-21 07:17 135168 ----a-w- c:\windows\system32\drivers\ZTEusbnet.sys

2011-05-05 15:34 . 2011-05-05 15:34 -------- d-----w- c:\users\Dominique Depons\AppData\Local\SFR

2011-05-05 15:34 . 2011-05-05 15:34 -------- d-----w- c:\program files (x86)\SFR

2011-05-02 09:37 . 2011-05-02 09:37 -------- d-----w- c:\users\Dominique Depons\AppData\Roaming\Avira

2011-05-02 09:01 . 2011-05-17 09:34 -------- d-----w- c:\programdata\Spybot - Search & Destroy

2011-05-02 09:01 . 2011-05-17 09:04 -------- d-----w- c:\program files (x86)\Spybot - Search & Destroy

2011-05-02 08:59 . 2011-05-02 08:59 -------- d-----w- c:\programdata\Avira

2011-05-02 08:59 . 2011-05-02 08:59 -------- d-----w- c:\program files (x86)\Avira

2011-05-02 08:59 . 2011-02-04 10:09 83120 ----a-w- c:\windows\system32\drivers\avgntflt.sys

2011-05-02 08:59 . 2011-02-04 10:09 116568 ----a-w- c:\windows\system32\drivers\avipbb.sys

2011-05-02 08:53 . 2011-05-02 08:53 2306328 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\markup.dll

2011-05-02 08:52 . 2011-05-02 08:52 42776 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM\StartResources.dll

2011-05-02 08:52 . 2011-05-02 08:52 639296 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll

2011-05-02 07:59 . 2011-05-02 07:59 126976 --sha-r- c:\windows\SysWow64\boot7.dll

2011-05-02 07:58 . 2011-05-02 07:58 -------- d-----w- c:\windows\Sun

2011-05-01 18:04 . 2011-04-11 08:21 8802128 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{5E11A2FD-5BB9-4681-9B98-E22DDA184AEC}\mpengine.dll

2011-04-28 06:02 . 2011-02-26 06:23 2870272 ----a-w- c:\windows\explorer.exe

2011-04-28 06:02 . 2011-02-26 05:33 2614784 ----a-w- c:\windows\SysWow64\explorer.exe

2011-04-28 06:02 . 2011-03-12 12:03 662528 ----a-w- c:\windows\system32\XpsPrint.dll

2011-04-28 06:02 . 2011-03-12 11:31 442880 ----a-w- c:\windows\SysWow64\XpsPrint.dll

2011-04-22 18:00 . 2011-04-22 18:00 -------- d-----w- c:\users\Dominique Depons\AppData\Roaming\Creative

2011-04-22 14:37 . 2011-05-17 12:36 -------- d-----w- c:\users\Dominique Depons\CV ET LM

2011-04-21 09:12 . 2011-04-21 09:43 -------- d-----w- c:\users\Dominique Depons\movies

2011-04-19 09:43 . 2011-04-19 09:43 -------- d-----w- c:\users\Dominique Depons\AppData\Local\Mozilla

.

(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))

.

2011-04-14 13:53 . 2011-04-14 13:53 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll

2011-03-14 18:14 . 2011-03-14 18:14 254528 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys

2011-03-11 06:19 . 2011-04-15 20:55 1395712 ----a-w- c:\windows\system32\mfc42.dll

2011-03-11 06:19 . 2011-04-15 20:55 1359872 ----a-w- c:\windows\system32\mfc42u.dll

2011-03-11 05:40 . 2011-04-15 20:55 1164288 ----a-w- c:\windows\SysWow64\mfc42u.dll

2011-03-11 05:40 . 2011-04-15 20:55 1137664 ----a-w- c:\windows\SysWow64\mfc42.dll

2011-03-08 06:14 . 2011-04-15 20:54 976896 ----a-w- c:\windows\system32\inetcomm.dll

2011-03-08 05:38 . 2011-04-15 20:54 740864 ----a-w- c:\windows\SysWow64\inetcomm.dll

2011-03-04 06:17 . 2011-04-28 06:02 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll

2011-03-04 06:17 . 2011-04-28 06:02 347648 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll

2011-03-03 06:17 . 2011-04-15 20:55 182272 ----a-w- c:\windows\system32\dnsrslvr.dll

2011-03-03 06:14 . 2011-04-15 20:55 30208 ----a-w- c:\windows\system32\dnscacheugc.exe

2011-03-03 05:27 . 2011-04-15 20:55 28672 ----a-w- c:\windows\SysWow64\dnscacheugc.exe

2011-03-03 03:58 . 2011-04-15 20:55 3133440 ----a-w- c:\windows\system32\win32k.sys

2011-02-24 06:30 . 2011-04-15 20:55 476160 ----a-w- c:\windows\system32\XpsGdiConverter.dll

2011-02-24 06:29 . 2011-04-15 20:55 1197056 ----a-w- c:\windows\system32\wininet.dll

2011-02-24 06:24 . 2011-04-15 20:55 57856 ----a-w- c:\windows\system32\licmgr10.dll

2011-02-24 05:32 . 2011-04-15 20:55 288256 ----a-w- c:\windows\SysWow64\XpsGdiConverter.dll

2011-02-24 05:32 . 2011-04-15 20:55 981504 ----a-w- c:\windows\SysWow64\wininet.dll

2011-02-24 05:30 . 2011-04-15 20:55 44544 ----a-w- c:\windows\SysWow64\licmgr10.dll

2011-02-24 05:05 . 2011-04-15 20:55 482816 ----a-w- c:\windows\system32\html.iec

2011-02-24 04:24 . 2011-04-15 20:55 1638912 ----a-w- c:\windows\system32\mshtml.tlb

2011-02-24 04:23 . 2011-04-15 20:55 386048 ----a-w- c:\windows\SysWow64\html.iec

2011-02-24 03:50 . 2011-04-15 20:55 1638912 ----a-w- c:\windows\SysWow64\mshtml.tlb

2011-02-23 05:16 . 2011-04-15 20:55 461312 ----a-w- c:\windows\system32\drivers\srv.sys

2011-02-23 05:16 . 2011-04-15 20:55 401920 ----a-w- c:\windows\system32\drivers\srv2.sys

2011-02-23 05:15 . 2011-04-15 20:55 161792 ----a-w- c:\windows\system32\drivers\srvnet.sys

2011-02-23 05:15 . 2011-04-15 20:51 157696 ----a-w- c:\windows\system32\drivers\mrxsmb.sys

2011-02-23 05:15 . 2011-04-15 20:51 286720 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys

2011-02-23 05:15 . 2011-04-15 20:51 126464 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys

2011-02-23 05:15 . 2011-04-15 20:51 90624 ----a-w- c:\windows\system32\drivers\bowser.sys

2011-02-19 06:37 . 2011-03-14 10:55 1135104 ----a-w- c:\windows\system32\FntCache.dll

2011-02-19 06:37 . 2011-03-14 10:55 1540608 ----a-w- c:\windows\system32\DWrite.dll

2011-02-19 06:36 . 2011-03-14 10:55 902656 ----a-w- c:\windows\system32\d2d1.dll

2011-02-19 06:36 . 2011-04-15 20:55 46080 ----a-w- c:\windows\system32\atmlib.dll

2011-02-19 05:32 . 2011-03-14 10:55 1074176 ----a-w- c:\windows\SysWow64\DWrite.dll

2011-02-19 05:32 . 2011-03-14 10:55 739840 ----a-w- c:\windows\SysWow64\d2d1.dll

2011-02-19 05:32 . 2011-04-15 20:55 34304 ----a-w- c:\windows\SysWow64\atmlib.dll

2011-02-19 04:13 . 2011-04-15 20:55 367104 ----a-w- c:\windows\system32\atmfd.dll

2011-02-19 03:37 . 2011-04-15 20:55 294912 ----a-w- c:\windows\SysWow64\atmfd.dll

2011-02-18 06:37 . 2011-04-15 20:55 612352 ----a-w- c:\windows\system32\vbscript.dll

2011-02-18 05:36 . 2011-04-15 20:55 428032 ----a-w- c:\windows\SysWow64\vbscript.dll

.

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))

.

*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

REGEDIT4

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]

@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]

2011-02-18 05:12 94208 ----a-w- c:\users\Dominique Depons\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]

@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]

2011-02-18 05:12 94208 ----a-w- c:\users\Dominique Depons\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]

@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]

2011-02-18 05:12 94208 ----a-w- c:\users\Dominique Depons\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"SpybotSD TeaTimer"="c:\program files (x86)\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"IAStorIcon"="c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" [2010-06-08 284696]

"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]

"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-06-02 98304]

"DellSupportCenter"="c:\program files (x86)\Dell Support Center\bin\sprtcmd.exe" [2009-05-21 206064]

"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2010-10-29 249064]

"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2011-02-04 281768]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce]

"Launcher"="c:\program files (x86)\Dell DataSafe Local Backup\Components\Scheduler\Launcher.exe" [2010-05-21 165184]

"DSUpdateLauncher"="c:\program files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\hstart.exe" [2010-05-21 18240]

.

c:\users\Dominique Depons\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

Dell Dock.lnk - c:\program files\Dell\DellDock\DellDock.exe [2009-12-16 1324384]

Dropbox.lnk - c:\users\Dominique Depons\AppData\Roaming\Dropbox\bin\Dropbox.exe [2011-5-4 24172208]

.

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\

Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-12-29 1082656]

.

c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

Dell Dock First Run.lnk - c:\program files\Dell\DellDock\DellDock.exe [2009-12-16 1324384]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

@=""

.

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]

R2 SBSDWSCService;SBSD Security Center Service;c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]

R3 dc3d;MS Hardware Device Detection Driver (USB);c:\windows\system32\DRIVERS\dc3d.sys [x]

R3 GT72NDISIPXP;GT 72 IP NDIS;c:\windows\system32\DRIVERS\Gt51Ip.sys [x]

R3 GT72UBUS;GT 72 U BUS;c:\windows\system32\DRIVERS\gt72ubus.sys [x]

R3 massfilter;Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter.sys [x]

R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [x]

R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]

R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]

R3 TurboBoost;TurboBoost;c:\program files\Intel\TurboBoost\TurboBoost.exe [2009-11-02 126352]

R3 WatAdminSvc;Service Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [x]

R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [x]

R3 ZTEusbnet;ZTE USB-NDIS miniport;c:\windows\system32\DRIVERS\ZTEusbnet.sys [x]

R3 ZTEusbvoice;ZTE VoUSB Port;c:\windows\system32\DRIVERS\ZTEusbvoice.sys [x]

S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x]

S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [x]

S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]

S2 AESTFilters;Andrea ST Filters Service;c:\program files\IDT\WDM\AESTSr64.exe [2009-03-03 89600]

S2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe [2009-07-14 27136]

S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]

S2 AntiVirSchedulerService;Avira AntiVir Planificateur;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2011-05-05 136360]

S2 DockLoginService;Dock Login Service;c:\program files\Dell\DellDock\DockLogin.exe [2009-06-09 155648]

S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-06-08 13336]

S2 lxdi_device;lxdi_device;c:\windows\system32\lxdicoms.exe [2007-06-11 876976]

S2 SFR.DashBoard.Service;SFR.DashBoard.Service;c:\program files (x86)\SFR\Gestionnaire de Connexion\SFR.DashBoard.Service.exe [2010-05-31 18272]

S2 SftService;SoftThinks Agent Service;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.EXE [2010-05-21 673088]

S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys [x]

S2 UNS;Intel® Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-03-17 2320920]

S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x]

S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]

S3 BcmVWL;Broadcom Virtual Wireless;c:\windows\system32\DRIVERS\bcmvwl64.sys [x]

S3 btusbflt;Bluetooth USB Filter;c:\windows\system32\drivers\btusbflt.sys [x]

S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x]

S3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\DRIVERS\CtClsFlt.sys [x]

S3 HECIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]

S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]

Akamai REG_MULTI_SZ Akamai

.

Contenu du dossier 'Tâches planifiées'

.

--------- x86-64 -----------

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]

@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]

2011-02-18 05:12 97792 ----a-w- c:\users\Dominique Depons\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]

@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]

2011-02-18 05:12 97792 ----a-w- c:\users\Dominique Depons\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]

@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]

2011-02-18 05:12 97792 ----a-w- c:\users\Dominique Depons\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]

@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]

2011-02-18 05:12 97792 ----a-w- c:\users\Dominique Depons\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"QuickSet"="c:\program files\Dell\QuickSet\QuickSet.exe" [2010-01-06 3179288]

"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2010-06-18 487424]

"Broadcom Wireless Manager UI"="c:\program files\Dell\DW WLAN Card\WLTRAY.exe" [2010-02-03 5712896]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"LoadAppInit_DLLs"=0x0

.

------- Examen supplémentaire -------

.

uLocal Page = c:\windows\system32\blank.htm

uStart Page = hxxp://www.google.fr/

mLocal Page = c:\windows\SysWOW64\blank.htm

IE: Envoyer au périphérique &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

IE: Envoyer l'&image au périphérique Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm

DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}

DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}

FF - ProfilePath - c:\users\Dominique Depons\AppData\Roaming\Mozilla\Firefox\Profiles\rgxhha03.default\

FF - prefs.js: browser.startup.homepage - chrome://foxtab/content/homepage.html

.

- - - - ORPHELINS SUPPRIMES - - - -

.

Wow6432Node-HKCU-Run-AdobeBridge - (no file)

HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe

.

--------------------- CLES DE REGISTRE BLOQUEES ---------------------

.

[HKEY_USERS\S-1-5-21-1473537704-3296504622-2345521045-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]

@Denied: (2) (S-1-5-21-1473537704-3296504622-2345521045-1000)

@Denied: (2) (LocalSystem)

"Progid"="ThunderbirdEML"

.

[HKEY_USERS\S-1-5-21-1473537704-3296504622-2345521045-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="WindowsLiveMail.VCard.1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10o_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10o_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10o.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@="ShockwaveFlash.ShockwaveFlash.10"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10o.ocx, 1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10o.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10o.ocx, 1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]

@Denied: (A 2) (Everyone)

@="IFlashBroker4"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

Heure de fin: 2011-05-17 15:14:48

ComboFix-quarantined-files.txt 2011-05-17 13:14

.

Avant-CF: 230 765 211 648 octets libres

Après-CF: 230 623 232 000 octets libres

.

- - End Of File - - 32DD3CE0010D699EF5670B7CE642F80C

Connexion

Pas encore inscrit ?

redirection intempestives

Messages recommandés

airone33

Rejoindre la conversation

En ligne récemment 0 membre est en ligne

Zebulon

Outils en ligne

Naviguer