Virus de redirection google

[ollie06]

Bonjour à tous,

 

Je sollicite votre aide pour un petit problème qui me bouffe la vie sur mon moteur de recherche google !

Voilà, à chaque fois que je fais une recherche google et que je clique sur un lien, je suis redirigée vers des sites bidons qui n'ont rien à voir avec le lien.

Pour ce faire, j'ai téléchargé Combofix, et voici le rapport de celui-ci, si vous pouviez m'aider à trouver les fichiers suspects, ce serait avec grand plaisir... :

 

"* Un nouveau point de restauration a ÈtÈ crÈÈ

.

.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))

.

.

C:\install.exe

c:\program files (x86)\Windows Searchqu Toolbar

c:\users\Morgan\AppData\Local\Microsoft\Windows\Temporary Internet Files\cookies.sqlite

c:\users\Morgan\AppData\Roaming\Mozilla\Firefox\Profiles\3f9k5cmx.default\searchqutb

c:\users\Morgan\AppData\Roaming\Mozilla\Firefox\Profiles\3f9k5cmx.default\searchqutb\preferences.dat

.

.

((((((((((((((((((((((((((((( Fichiers crÈÈs du 2011-05-21 au 2011-06-21 ))))))))))))))))))))))))))))))))))))

.

.

2011-06-21 06:50 . 2011-06-21 06:50 -------- d-----w- c:\users\Default\AppData\Local\temp

2011-06-21 06:50 . 2011-06-21 06:50 -------- d-----w- c:\users\Administrateur\AppData\Local\temp

2011-06-16 18:42 . 2011-04-27 02:57 102400 ----a-w- c:\windows\system32\drivers\dfsc.sys

2011-06-16 18:42 . 2011-04-25 05:32 1896832 ----a-w- c:\windows\system32\drivers\tcpip.sys

2011-06-16 18:42 . 2011-04-25 02:44 499712 ----a-w- c:\windows\system32\drivers\afd.sys

2011-06-16 18:42 . 2011-05-04 02:51 287744 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys

2011-06-16 18:41 . 2011-05-04 02:51 157696 ----a-w- c:\windows\system32\drivers\mrxsmb.sys

2011-06-16 18:41 . 2011-05-04 02:51 126464 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys

2011-06-16 18:41 . 2011-05-28 03:07 3133952 ----a-w- c:\windows\system32\win32k.sys

2011-06-16 18:41 . 2011-01-17 06:17 197120 ----a-w- c:\windows\system32\d3d10_1.dll

2011-06-16 18:41 . 2011-01-17 05:38 161792 ----a-w- c:\windows\SysWow64\d3d10_1.dll

2011-06-16 18:41 . 2011-04-29 03:13 461312 ----a-w- c:\windows\system32\drivers\srv.sys

2011-06-16 18:41 . 2011-04-29 03:12 399872 ----a-w- c:\windows\system32\drivers\srv2.sys

2011-06-16 18:41 . 2011-04-29 03:12 161792 ----a-w- c:\windows\system32\drivers\srvnet.sys

2011-06-16 18:41 . 2010-12-18 06:13 861184 ----a-w- c:\windows\system32\oleaut32.dll

2011-06-16 18:41 . 2010-12-18 05:31 571904 ----a-w- c:\windows\SysWow64\oleaut32.dll

2011-06-16 18:41 . 2011-05-03 05:21 976896 ----a-w- c:\windows\system32\inetcomm.dll

2011-06-16 18:41 . 2011-05-03 04:50 740864 ----a-w- c:\windows\SysWow64\inetcomm.dll

2011-06-13 16:56 . 2011-04-14 16:47 924632 ----a-w- c:\program files (x86)\Mozilla Firefox\firefox.exe

2011-06-06 15:48 . 2011-06-06 15:48 -------- d-----w- c:\users\Administrateur\AppData\Roaming\TuneUp Software

2011-06-06 11:12 . 2011-06-06 12:50 -------- d-----w- c:\programdata\Spybot - Search & Destroy

2011-06-06 11:12 . 2011-06-06 11:12 -------- d-----w- c:\program files (x86)\Spybot - Search & Destroy

2011-06-06 09:34 . 2011-06-06 09:35 -------- d-----w- c:\users\Morgan\AppData\Local\{FA126565-910C-4947-BF00-2B40F43BE1EE}

2011-06-05 13:54 . 2011-06-05 13:54 -------- d-----w- c:\users\Morgan\AppData\Local\{DBBBD0FB-A807-4126-A97C-E1D1A6479F37}

2011-06-04 20:31 . 2011-05-29 07:11 39984 ----a-w- c:\windows\SysWow64\drivers\mbamswissarmy.sys

2011-06-04 20:30 . 2011-05-29 07:11 25912 ----a-w- c:\windows\system32\drivers\mbam.sys

2011-05-31 15:06 . 2011-05-31 15:06 -------- d-----w- c:\users\Morgan\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant

2011-05-31 15:03 . 2011-05-31 15:03 -------- d-----w- c:\windows\Sun

2011-05-31 14:58 . 2011-05-31 14:58 120832 --sha-r- c:\windows\SysWow64\RacRulest.dll

2011-05-28 18:44 . 2011-05-28 18:45 -------- d-----w- c:\users\Morgan\AppData\Local\{3F5CB134-A9E0-4B47-9BC6-2ED7F206D266}

2011-05-27 09:17 . 2011-05-27 09:17 -------- d-----w- c:\users\Morgan\AppData\Local\{860600C8-6BFB-4586-A880-0F63315C10E0}

2011-05-25 06:28 . 2011-04-22 20:18 27008 ----a-w- c:\windows\system32\drivers\Diskdump.sys

2011-05-24 14:58 . 2011-05-24 14:58 -------- d-----w- c:\users\Morgan\AppData\Local\{7DB181A2-7A6A-4310-8F85-B1B0D180C56D}

2011-05-23 19:29 . 2011-05-23 19:29 -------- d-----w- c:\users\Morgan\AppData\Local\{72D5CE2A-8CB4-4DA4-920A-BAA608B594F4}

2011-05-23 19:23 . 2011-04-09 06:58 142336 ----a-w- c:\windows\system32\poqexec.exe

2011-05-23 19:23 . 2011-04-09 05:56 123904 ----a-w- c:\windows\SysWow64\poqexec.exe

.

.

.

(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))

.

2011-04-09 06:45 . 2011-05-11 09:59 5509504 ----a-w- c:\windows\system32\ntoskrnl.exe

2011-04-09 06:13 . 2011-05-11 09:59 3957632 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe

2011-04-09 06:13 . 2011-05-11 09:59 3901824 ----a-w- c:\windows\SysWow64\ntoskrnl.exe

2011-03-25 03:23 . 2011-05-11 09:59 343040 ----a-w- c:\windows\system32\drivers\usbhub.sys

2011-03-25 03:23 . 2011-05-11 09:59 98816 ----a-w- c:\windows\system32\drivers\usbccgp.sys

2011-03-25 03:23 . 2011-05-11 09:59 324608 ----a-w- c:\windows\system32\drivers\usbport.sys

2011-03-25 03:22 . 2011-05-11 09:59 52224 ----a-w- c:\windows\system32\drivers\usbehci.sys

2011-03-25 03:22 . 2011-05-11 09:59 25600 ----a-w- c:\windows\system32\drivers\usbohci.sys

2011-03-25 03:22 . 2011-05-11 09:59 30720 ----a-w- c:\windows\system32\drivers\usbuhci.sys

2011-03-25 03:22 . 2011-05-11 09:59 7936 ----a-w- c:\windows\system32\drivers\usbd.sys

.

.

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* les ÈlÈments vides & les ÈlÈments initiaux lÈgitimes ne sont pas listÈs

REGEDIT4

.

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]

"{d0b1518e-3e45-4d16-a23b-4d90ef938e44}"= "c:\program files (x86)\Audacity-tools\tbAuda.dll" [2010-05-20 2675296]

.

[HKEY_CLASSES_ROOT\clsid\{d0b1518e-3e45-4d16-a23b-4d90ef938e44}]

.

[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]

2010-10-18 11:26 3908192 ----a-w- c:\program files (x86)\ConduitEngine\ConduitEngine.dll

.

[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{d0b1518e-3e45-4d16-a23b-4d90ef938e44}]

2010-05-20 13:35 2675296 ----a-w- c:\program files (x86)\Audacity-tools\tbAuda.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]

"{d0b1518e-3e45-4d16-a23b-4d90ef938e44}"= "c:\program files (x86)\Audacity-tools\tbAuda.dll" [2010-05-20 2675296]

"{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:\program files (x86)\ConduitEngine\ConduitEngine.dll" [2010-10-18 3908192]

.

[HKEY_CLASSES_ROOT\clsid\{d0b1518e-3e45-4d16-a23b-4d90ef938e44}]

.

[HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"HPADVISOR"="c:\program files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe" [2009-07-15 1668664]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-07-02 98304]

"HPCam_Menu"="c:\program files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe" [2009-02-25 218408]

"QlbCtrl.exe"="c:\program files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2009-06-24 320056]

"UpdatePRCShortCut"="c:\program files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe" [2009-05-19 222504]

"WirelessAssistant"="c:\program files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2009-07-23 498744]

"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]

"AdobeCS5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-02-22 406992]

"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce]

"AvgUninstallURL"="start http:" [X]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

"HideFastUserSwitching"= 0 (0x0)

.

[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\system]

"WallpaperStyle"= 2

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]

"mixer"=wdmaud.drv

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]

Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

@="Driver"

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]

"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"

"HP Software Update"=c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe

"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"

.

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]

R3 AVG Security Toolbar Service;AVG Security Toolbar Service;c:\program files (x86)\AVG\AVG9\Toolbar\ToolbarBroker.exe [x]

R3 Com4QLBEx;Com4QLBEx;c:\program files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2009-05-05 228408]

R3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2008-08-07 3276800]

R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files (x86)\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 30969208]

R3 netw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys [x]

R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]

R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS [x]

R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS [x]

R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS [x]

R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]

R3 WatAdminSvc;Service Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [x]

R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [x]

R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]

S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [x]

S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]

S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\AESTSr64.exe [2009-03-02 89600]

S2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe [2009-07-14 27136]

S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]

S2 ezSharedSvc;Easybits Shared Services for Windows;c:\windows\system32\svchost.exe [2009-07-14 27136]

S2 Fabs;FABS - Helping agent for MAGIX media database;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [2009-08-27 1253376]

S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2010-10-14 92216]

S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [x]

S3 enecir;ENE CIR Receiver;c:\windows\system32\DRIVERS\enecir.sys [x]

S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]

S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys [x]

S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]

.

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]

Akamai REG_MULTI_SZ Akamai

.

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs

ezSharedSvc

.

Contenu du dossier 'T‚ches planifiÈes'

.

2011-05-28 c:\windows\Tasks\HPCeeScheduleForMorgan.job

- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2009-10-07 03:22]

.

.

--------- x86-64 -----------

.

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2009-07-22 450048]

"SmartMenu"="c:\program files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe" [2009-07-21 610872]

"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208]

"XboxStat"="c:\program files\Microsoft Xbox 360 Accessories\XboxStat.exe" [2009-10-01 825184]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"LoadAppInit_DLLs"=0x1

.

------- Examen supplÈmentaire -------

.

uStart Page = hxxp://www.searchqu.com/402

uLocal Page = c:\windows\system32\blank.htm

mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE= ... on&pf=cnnb

mLocal Page = c:\windows\SysWOW64\blank.htm

IE: &Envoyer ‡ OneNote - c:\progra~2\MICROS~4\Office14\ONBttnIE.dll/105

IE: &Recherche AOL Toolbar - c:\programdata\AOL\ieToolbar\resources\fr-FR\local\search.html

IE: E&xporter vers Microsoft Excel - c:\progra~2\MICROS~4\Office14\EXCEL.EXE/3000

TCP: DhcpNameServer = 212.27.40.240 212.27.40.241

Handler: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} -

FF - ProfilePath - c:\users\Morgan\AppData\Roaming\Mozilla\Firefox\Profiles\3f9k5cmx.default\

FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.as ... ource=3&q={searchTerms}

FF - prefs.js: browser.search.selectedEngine - Google

FF - prefs.js: browser.startup.homepage - hxxp://www.google.com

FF - prefs.js: keyword.URL - hxxp://search.avg.com/route/?d=4c74fa4d ... &lng=fr&q=

FF - user.js: network.http.max-persistent-connections-per-server - 4

FF - user.js: nglayout.initialpaint.delay - 600

FF - user.js: content.notify.interval - 600000

FF - user.js: content.max.tokenizing.time - 1800000

FF - user.js: content.switch.threshold - 600000

.

- - - - ORPHELINS SUPPRIMES - - - -

.

URLSearchHooks-{A3BC75A2-1F87-4686-AA43-5347D756017C} - c:\program files (x86)\AVG\AVG9\Toolbar\IEToolbar.dll

URLSearchHooks-{4daac69c-cba7-45e2-9bc8-1044483d3352} - (no file)

BHO-{A3BC75A2-1F87-4686-AA43-5347D756017C} - c:\program files (x86)\AVG\AVG9\Toolbar\IEToolbar.dll

Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - c:\program files (x86)\AVG\AVG9\Toolbar\IEToolbar.dll

WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)

WebBrowser-{D0B1518E-3E45-4D16-A23B-4D90EF938E44} - (no file)

ShellIconOverlayIdentifiers-{8AB81E72-CB2F-11D3-8D3B-AC2F34F1FA3C} - c:\program files\Alwil Software\Avast5\snxPlugins64.dll

HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe

.

.

.

--------------------- CLES DE REGISTRE BLOQUEES ---------------------

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10b.exe,-101"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}\LocalServer32]

@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10b.exe"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10b.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@="ShockwaveFlash.ShockwaveFlash.10"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10b.ocx, 1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10b.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10b.ocx, 1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}]

@Denied: (A 2) (Everyone)

@="IFlashBroker2"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]

@Denied: (A) (Everyone)

"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"

.

[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]

@Denied: (A) (Everyone)

.

[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]

"Key"="ActionsPane3"

"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

------------------------ Autres processus actifs ------------------------

.

c:\windows\SysWOW64\rundll32.exe

c:\program files (x86)\CyberLink\Shared files\RichVideo.exe

c:\program files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe

c:\program files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe

.

**************************************************************************

.

Heure de fin: 2011-06-21 09:27:35 - La machine a redÈmarrÈ

ComboFix-quarantined-files.txt 2011-06-21 07:27

.

Avant-CF: 152†107†950†080 octets libres

AprËs-CF: 152†302†731†264 octets libres

.

- - End Of File - - 7272FF260A6F485E7D575C079DD11AF6"

Je vous remercie infiniment !