Des voix dans mon ordi

[00yaa]

Bonjour j'ai exactement le même problème que suit.

 

"Depuis peu des sons bizarres sortent parfois de mes enceintes.

Ça commence par une espèce de clochette, puis une voix de petite fille qui dit je ne sais pas quoi (ça finit par "merci"), puis une voix d'homme qui fait chut et à nouveau la cloche/machin chose.

Ni Antivir ni A² ne trouvent de virus, pas plus que le scan en ligne de Panda. Mais bon, à moins que je sois sujet à des hallucinations auditives, il y a de fortes chances pour qu'une cochonnerie squatte mon ordi. "

 

 

this is le rapport combboooo!

 

 

ComboFix 12-03-22.01 - Charly 24/03/2012  21:36:39.1.4 - x64
Microsoft Windows 7 Édition Familiale Premium   6.1.7601.1.1252.33.1036.18.3957.2448 [GMT 1:00]
Lancé depuis: c:\users\Charly\Downloads\ComboFix.exe
AV: AntiVir Desktop *Disabled/Outdated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
SP: AntiVir Desktop *Disabled/Outdated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Un nouveau point de restauration a été créé
.
.
((((((((((((((((((((((((((((((((((((   Autres suppressions   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\install.exe
c:\users\Charly\AppData\Local\c30c9fb5\U
c:\users\Charly\AppData\Local\c30c9fb5\U\80000000.@
c:\users\Charly\AppData\Local\c30c9fb5\U\800000cb.@
c:\users\Charly\AppData\Roaming\IDM\idmmzcc3
c:\users\Charly\AppData\Roaming\IDM\idmmzcc3\chrome.manifest
c:\users\Charly\AppData\Roaming\IDM\idmmzcc3\chrome\idmmzcc.jar
c:\users\Charly\AppData\Roaming\IDM\idmmzcc3\components\idmmzcc.dll
c:\users\Charly\AppData\Roaming\IDM\idmmzcc3\components\iIDMMzCC.xpt
c:\users\Charly\AppData\Roaming\IDM\idmmzcc3\install.js
c:\users\Charly\AppData\Roaming\IDM\idmmzcc3\install.rdf
c:\users\Charly\AppData\Roaming\IDM\idmmzcc3\META-INF\manifest.mf
c:\users\Charly\AppData\Roaming\IDM\idmmzcc3\META-INF\zigbert.rsa
c:\users\Charly\AppData\Roaming\IDM\idmmzcc3\META-INF\zigbert.sf
c:\windows\assembly\tmp\U
c:\windows\system32\consrv.dll
c:\windows\System64
c:\windows\SysWow64\tmpDB54.tmp
c:\windows\SysWow64\tmpDB55.tmp
c:\windows\SysWow64\tmpEAA0.tmp
c:\windows\SysWow64\tmpEAE0.tmp
.
.
(((((((((((((((((((((((((((((   Fichiers créés du 2012-02-24 au 2012-03-24  ))))))))))))))))))))))))))))))))))))
.
.
2012-03-24 20:46 . 2012-03-24 20:46	--------	d-----w-	c:\windows\system32\config\systemprofile\AppData\Local\temp
2012-03-24 20:46 . 2012-03-24 20:46	--------	d-----w-	c:\users\TEMP\AppData\Local\temp
2012-03-24 20:46 . 2012-03-24 20:46	--------	d-----w-	c:\users\Default\AppData\Local\temp
2012-03-24 20:46 . 2012-03-24 20:46	--------	d-----w-	c:\users\Administrateur\AppData\Local\temp
2012-03-24 18:43 . 2012-03-24 20:48	--------	d-----w-	c:\users\Charly\AppData\Local\PMB Files
2012-03-24 18:43 . 2012-03-24 18:45	--------	d-----w-	c:\programdata\PMB Files
2012-03-24 18:42 . 2012-03-24 18:42	--------	d-----w-	c:\program files (x86)\Pando Networks
2012-03-21 21:47 . 2012-03-21 21:47	--------	d-----w-	C:\Download
2012-03-21 21:45 . 2012-03-21 21:45	--------	d-----w-	C:\Nexon
2012-03-20 22:53 . 2012-03-20 22:53	--------	d-----w-	c:\users\Charly\AppData\Local\UnShade
2012-03-20 22:53 . 2012-03-20 22:53	31232	----a-w-	c:\windows\system32\drivers\tap0901.sys
2012-03-18 11:15 . 2008-04-28 11:03	47160	----a-w-	c:\windows\system32\drivers\AmdTools64.sys
2012-03-18 11:15 . 2012-03-18 11:16	--------	d-----w-	c:\program files (x86)\AMD GPU Clock Tool
2012-03-17 19:44 . 2012-03-23 23:54	--------	d-----w-	c:\program files (x86)\Monte Cristo
2012-03-17 02:18 . 2012-03-17 02:18	--------	d-----w-	c:\program files\Proxy Labs
2012-03-16 19:44 . 2012-03-16 19:53	--------	d-----w-	c:\users\Charly\AppData\Local\Your Freedom
2012-03-16 19:44 . 2012-03-16 19:44	--------	d-----w-	c:\program files (x86)\Your Freedom
2012-03-15 03:17 . 2011-11-19 15:20	5559152	----a-w-	c:\windows\system32\ntoskrnl.exe
2012-03-15 03:17 . 2011-11-19 14:50	3968368	----a-w-	c:\windows\SysWow64\ntkrnlpa.exe
2012-03-15 03:17 . 2011-11-19 14:50	3913584	----a-w-	c:\windows\SysWow64\ntoskrnl.exe
2012-03-14 17:36 . 2012-02-03 04:34	3145728	----a-w-	c:\windows\system32\win32k.sys
2012-03-14 17:35 . 2012-02-10 06:36	1544192	----a-w-	c:\windows\system32\DWrite.dll
2012-03-14 17:35 . 2012-02-10 05:38	1077248	----a-w-	c:\windows\SysWow64\DWrite.dll
2012-03-14 17:33 . 2012-02-17 06:38	1031680	----a-w-	c:\windows\system32\rdpcore.dll
2012-03-14 17:33 . 2012-02-17 05:34	826880	----a-w-	c:\windows\SysWow64\rdpcore.dll
2012-03-14 17:33 . 2012-02-17 04:58	210944	----a-w-	c:\windows\system32\drivers\rdpwd.sys
2012-03-14 17:33 . 2012-02-17 04:57	23552	----a-w-	c:\windows\system32\drivers\tdtcp.sys
2012-03-14 17:33 . 2012-01-25 06:38	77312	----a-w-	c:\windows\system32\rdpwsx.dll
2012-03-14 17:33 . 2012-01-25 06:38	149504	----a-w-	c:\windows\system32\rdpcorekmts.dll
2012-03-14 17:33 . 2012-01-25 06:33	9216	----a-w-	c:\windows\system32\rdrmemptylst.exe
2012-03-13 21:33 . 2012-03-13 21:33	--------	d-----w-	c:\users\Charly\AppData\Roaming\Unity
2012-03-10 23:11 . 2012-03-10 23:12	--------	d-----w-	c:\program files (x86)\Quake HD
2012-03-06 17:20 . 2012-03-13 21:12	--------	d-----w-	c:\users\Charly\AppData\Local\Unity
2012-03-04 17:02 . 2012-03-04 17:12	--------	d-----w-	c:\users\Charly\AppData\Roaming\Red Alert 3
2012-03-04 13:58 . 2012-03-04 13:58	--------	d-----w-	c:\program files\CCleaner
2012-03-04 01:01 . 2012-03-04 01:01	--------	d-----w-	c:\windows\system32\SPReview
2012-03-04 01:01 . 2012-03-04 01:01	--------	d-----w-	c:\windows\system32\EventProviders
2012-03-04 00:53 . 2010-11-05 01:57	48976	----a-w-	c:\windows\system32\netfxperf.dll
2012-03-04 00:53 . 2010-11-05 01:57	1942856	----a-w-	c:\windows\system32\dfshim.dll
2012-03-04 00:53 . 2010-11-05 01:58	1130824	----a-w-	c:\windows\SysWow64\dfshim.dll
2012-03-04 00:53 . 2010-11-20 13:27	12288	----a-w-	c:\windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2012-03-04 00:53 . 2010-11-20 13:27	3715584	----a-w-	c:\windows\system32\mstscax.dll
2012-03-04 00:53 . 2010-11-20 13:26	1838080	----a-w-	c:\windows\system32\d3d10warp.dll
2012-03-04 00:53 . 2010-11-20 11:07	59392	----a-w-	c:\windows\system32\drivers\TsUsbFlt.sys
2012-03-04 00:53 . 2010-11-20 12:19	3215872	----a-w-	c:\windows\SysWow64\mstscax.dll
2012-03-04 00:51 . 2010-11-20 12:17	4247040	----a-w-	c:\program files (x86)\Windows NT\Accessories\wordpad.exe
2012-03-04 00:50 . 2010-11-20 13:27	303616	----a-w-	c:\windows\system32\scansetting.dll
2012-03-04 00:49 . 2010-11-20 13:27	624128	----a-w-	c:\windows\system32\qedit.dll
2012-03-04 00:48 . 2010-11-20 13:27	215040	----a-w-	c:\windows\system32\wpdwcn.dll
2012-03-04 00:47 . 2010-11-20 12:59	3072	----a-w-	c:\windows\system32\drivers\fr-FR\serscan.sys.mui
2012-03-04 00:47 . 2010-11-20 13:26	399872	----a-w-	c:\windows\system32\dpx.dll
2012-03-04 00:47 . 2010-11-20 12:21	189952	----a-w-	c:\windows\SysWow64\wdscore.dll
2012-03-04 00:47 . 2010-11-20 12:21	189952	----a-w-	c:\windows\SysWow64\sqmapi.dll
2012-03-04 00:47 . 2010-11-20 12:21	363008	----a-w-	c:\windows\SysWow64\wbemcomn.dll
2012-03-04 00:47 . 2010-11-20 12:21	189952	----a-w-	c:\program files (x86)\Windows Portable Devices\sqmapi.dll
2012-03-04 00:47 . 2010-11-20 12:19	606208	----a-w-	c:\windows\SysWow64\wbem\fastprox.dll
2012-03-04 00:44 . 2010-11-20 13:27	529408	----a-w-	c:\windows\system32\wbemcomn.dll
2012-03-04 00:44 . 2010-11-20 13:27	244736	----a-w-	c:\program files\Windows Portable Devices\sqmapi.dll
2012-03-04 00:44 . 2010-11-20 13:27	244736	----a-w-	c:\windows\system32\sqmapi.dll
2012-03-03 09:21 . 2012-03-03 09:21	--------	d-----w-	c:\program files (x86)\ma-config.com
2012-03-03 09:21 . 2012-03-03 09:21	--------	d-----w-	c:\programdata\ma-config.com
2012-03-02 22:39 . 2012-01-04 10:44	509952	----a-w-	c:\windows\system32\ntshrui.dll
2012-03-02 19:41 . 2012-03-02 19:41	--------	d-----w-	c:\windows\SysWow64\wbem\en-US
2012-03-02 19:41 . 2012-03-02 19:41	--------	d-----w-	c:\windows\system32\wbem\en-US
2012-03-02 17:09 . 2012-03-02 17:09	--------	d-----w-	c:\users\Charly\AppData\Local\Microsoft Help
2012-03-02 15:46 . 2011-03-11 06:34	1359872	----a-w-	c:\windows\system32\mfc42u.dll
2012-03-02 15:45 . 2011-09-29 16:29	1923952	----a-w-	c:\windows\system32\drivers\tcpip.sys
2012-03-02 15:44 . 2011-10-26 05:25	1572864	----a-w-	c:\windows\system32\quartz.dll
2012-03-02 15:44 . 2011-10-26 04:32	1328128	----a-w-	c:\windows\SysWow64\quartz.dll
2012-03-02 15:44 . 2011-10-26 05:25	366592	----a-w-	c:\windows\system32\qdvd.dll
2012-03-02 15:44 . 2011-10-26 04:32	514560	----a-w-	c:\windows\SysWow64\qdvd.dll
2012-03-02 15:44 . 2011-11-17 06:41	1731920	----a-w-	c:\windows\system32\ntdll.dll
2012-03-02 15:44 . 2011-11-17 05:38	1292080	----a-w-	c:\windows\SysWow64\ntdll.dll
2012-03-02 15:44 . 2011-05-03 05:29	976896	----a-w-	c:\windows\system32\inetcomm.dll
2012-03-02 15:44 . 2011-05-03 04:30	741376	----a-w-	c:\windows\SysWow64\inetcomm.dll
2012-03-02 15:44 . 2011-04-29 03:06	467456	----a-w-	c:\windows\system32\drivers\srv.sys
2012-03-02 15:44 . 2011-04-29 03:05	410112	----a-w-	c:\windows\system32\drivers\srv2.sys
2012-03-02 15:44 . 2011-04-29 03:05	168448	----a-w-	c:\windows\system32\drivers\srvnet.sys
2012-03-02 15:41 . 2011-02-12 11:34	267776	----a-w-	c:\windows\system32\FXSCOVER.exe
2012-03-02 15:41 . 2010-11-20 13:25	974336	----a-w-	c:\windows\system32\WFS.exe
2012-03-02 15:41 . 2011-11-19 14:58	77312	----a-w-	c:\windows\system32\packager.dll
2012-03-02 15:41 . 2011-11-19 14:01	67072	----a-w-	c:\windows\SysWow64\packager.dll
2012-03-02 15:32 . 2012-03-02 15:39	--------	d-----w-	c:\users\Charly\AppData\Roaming\Systweak
2012-03-02 15:32 . 2012-02-24 15:43	18816	----a-w-	c:\windows\system32\roboot64.exe
2012-02-27 00:18 . 2012-03-24 00:44	--------	d-----w-	c:\programdata\FreeWifiManager
2012-02-27 00:18 . 2012-02-27 00:18	--------	d-----w-	c:\program files (x86)\FreeWifi Manager
.
.
.
((((((((((((((((((((((((((((((((((   Compte-rendu de Find3M   ))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-03-21 21:45 . 2011-10-25 21:00	235	----a-w-	c:\windows\SysWow64\nxEuUninstall.bat
2012-03-21 21:45 . 2011-10-25 21:00	446464	----a-w-	c:\windows\NEXON_EU_DownloaderUpdater.exe
2012-03-04 01:25 . 2009-07-14 02:36	152576	----a-w-	c:\windows\SysWow64\msclmd.dll
2012-03-04 01:25 . 2009-07-14 02:36	175616	----a-w-	c:\windows\system32\msclmd.dll
2012-03-03 16:26 . 2011-06-30 14:55	414368	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-02-17 12:16 . 2012-02-17 12:16	356352	----a-w-	c:\windows\system32\sbcrreag.dll
2012-02-17 12:15 . 2012-02-17 12:15	315392	----a-w-	c:\windows\SysWow64\sbcrreag.dll
2012-01-25 12:11 . 2012-01-19 22:17	282880	----a-w-	c:\windows\SysWow64\PnkBstrB.exe
2012-01-25 12:11 . 2010-06-13 12:19	282880	----a-w-	c:\windows\SysWow64\PnkBstrB.xtr
2012-01-25 12:11 . 2012-01-19 22:17	281880	----a-w-	c:\windows\SysWow64\PnkBstrB.ex0
2012-01-19 22:16 . 2012-01-19 22:16	76888	----a-w-	c:\windows\SysWow64\PnkBstrA.exe
2011-12-27 23:56 . 2011-12-27 22:04	4142	----a-w-	c:\windows\SysWow64\ealregsnapshot1.reg
.
.
(((((((((((((((((((((((((((((((((   Points de chargement Reg   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:\program files (x86)\ConduitEngine\ConduitEngin0.dll" [2010-11-29 3908192]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files (x86)\Ask.com\GenericAskToolbar.dll" [2011-04-15 1487240]
.
[HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IDMan"="c:\program files (x86)\Internet Download Manager\IDMan.exe" [2010-01-29 3179952]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2011-11-10 3514176]
"Rainlendar2"="c:\program files (x86)\Rainlendar2\Rainlendar2.exe" [2011-08-12 2433024]
"KPeerNexonEU"="c:\nexon\NEXON_EU_Downloader\nxEULauncher.exe" [2012-03-21 438272]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-09-08 343168]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-03-03 284696]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2011-04-21 281768]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
FreeWifi Manager.lnk - c:\program files (x86)\FreeWifi Manager\FWM_Start.exe [2011-1-31 302171]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"HideSCAHealth"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute	REG_MULTI_SZ   	autocheck autochk /p \??\F:\0autocheck autochk *
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages	REG_MULTI_SZ   	kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-disabled]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"DellSupportCenter"="c:\program files (x86)\Dell Support Center\bin\sprtcmd.exe" /P dellsupportcenter
"Desktop Disc Tool"="c:\program files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe"
"Dell Webcam Central"="c:\program files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"ControlCenter3"=c:\program files (x86)\Brother\ControlCenter3\brctrcen.exe /autorun
"BrMfcWnd"=c:\program files (x86)\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" -atboottime
"PWRISOVM.EXE"=c:\program files (x86)\PowerISO\PWRISOVM.EXE
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
"LogMeIn Hamachi Ui"="c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
"PDVDDXSrv"="c:\program files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe"
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe"
"5D8.exe"=c:\program files (x86)\LP\838C\5D8.exe
"6B0.exe"=c:\program files (x86)\LP\A3DC\6B0.exe
"262.exe"=c:\program files (x86)\LP\F38C\262.exe
"5DD.exe"=c:\program files (x86)\LP\63AC\5DD.exe
"894.exe"=c:\program files (x86)\LP\33FC\894.exe
"8AA.exe"=c:\program files (x86)\LP\03BC\8AA.exe
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-03-03 13336]
R3 atillk64;atillk64;c:\program files (x86)\AMD GPU Clock Tool\atillk64.sys [x]
R3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\DRIVERS\CtClsFlt.sys [x]
R3 driverhardwarev2x64;driverhardwarev2x64;c:\program files (x86)\ma-config.com\Drivers\driverhardwarev2x64.sys [2011-07-21 16640]
R3 dump_wmimmc;dump_wmimmc;c:\program files (x86)\eFusion\BlackShot\system\GameGuard\dump_wmimmc.sys [x]
R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys [x]
R3 ENTECH64;ENTECH64;c:\windows\system32\DRIVERS\ENTECH64.sys [x]
R3 GGSAFERDriver;GGSAFER Driver;c:\program files (x86)\Garena Messenger\Room\safedrv.sys [x]
R3 maconfservice;Ma-Config Service;c:\program files (x86)\ma-config.com\maconfservice.exe [2011-11-25 311928]
R3 NLNdisPT;NetLimiter Ndis Protocol Service;c:\windows\system32\DRIVERS\nlndis.sys [x]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
R4 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_d29e7c5b1ea33de7\AESTSr64.exe [2009-03-02 89600]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 AntiVirSchedulerService;Avira AntiVir Planificateur;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2011-04-21 136360]
S2 AntiVirWebService;Avira AntiVir WebGuard;c:\program files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [2011-05-09 428200]
S2 DockLoginService;Dock Login Service;c:\program files\Dell\DellDock\DockLogin.exe [2009-06-09 155648]
S2 SBSDWSCService;SBSD Security Center Service;c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
S3 Acceler;Accelerometer Service;c:\windows\system32\DRIVERS\Acceler.sys [x]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
S3 AmdTools64;AMD Special Tools Driver;c:\windows\system32\DRIVERS\AmdTools64.sys [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]
S3 NLNdisMP;NLNdisMP;c:\windows\system32\DRIVERS\nlndis.sys [x]
S3 O2MDGRDR;O2MDGRDR;c:\windows\system32\DRIVERS\o2mdgx64.sys [x]
S3 WatAdminSvc;Service Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [x]
.
.
Contenu du dossier 'Tâches planifiées'
.
2012-03-24 c:\windows\Tasks\GlaryInitialize.job
- c:\program files (x86)\Glary Utilities\initialize.exe [2012-02-12 18:33]
.
2012-03-20 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2972693053-1124965474-2753540043-1000Core1cd06e433bc1f33.job
- c:\users\Charly\AppData\Local\Google\Update\GoogleUpdate.exe [2012-03-13 21:13]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2009-12-14 487424]
"Broadcom Wireless Manager UI"="c:\program files\Dell\Dell Wireless WLAN Card\WLTRAY.exe" [2009-07-17 4968960]
"QuickSet"="c:\program files\Dell\QuickSet\QuickSet.exe" [2009-11-03 3168336]
"cFosSpeed"="c:\program files\Topos\cFosSpeed\cFosSpeed.exe" [2009-10-30 1343704]
"combofix"="c:\combofix\CF25716.3XE" [2010-11-20 345088]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Examen supplémentaire -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.fr/
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyServer = http=127.0.0.1:53778
IE: E&xporter vers Microsoft Excel - c:\progra~2\MICROS~2\Office12\EXCEL.EXE/3000
IE: Télécharger avec IDM - c:\program files (x86)\Internet Download Manager\IEExt.htm
IE: Télécharger le contenu de video FLV avec IDM - c:\program files (x86)\Internet Download Manager\IEGetVL.htm
IE: Télécharger tous les liens avec IDM - c:\program files (x86)\Internet Download Manager\IEGetAll.htm
IE: {{725EC34E-943C-4df6-B0B2-FBDE7F242276} - c:\users\Charly\Desktop\PartyPoker.fr.lnk
LSP: c:\program files (x86)\Avira\AntiVir Desktop\avsda.dll
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
TCP: DhcpNameServer = 109.0.66.10 109.0.66.20
FF - ProfilePath - c:\users\Charly\AppData\Roaming\Mozilla\Firefox\Profiles\j4k7dg3g.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2851639&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.startup.homepage - hxxp://www.google.fr/
FF - prefs.js: keyword.URL - hxxp://search.babylon.com/?babsrc=SP_ss&q={searchTerms}&mntrId=caa82a940000000000000026b9b5de39&tlver=1.4.35.10&affID=100842
FF - prefs.js: network.proxy.type - 0
FF - Ext: Skype Click to Call: {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} - c:\program files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}
FF - Ext: British English Dictionary: [email protected] - %profile%\extensions\[email protected]
FF - Ext: Ghostery: [email protected] - %profile%\extensions\[email protected]
FF - Ext: uTorrentBar_FR Community Toolbar: {05eeb91a-aef7-4f8a-978f-fb83e7b03f8e} - %profile%\extensions\{05eeb91a-aef7-4f8a-978f-fb83e7b03f8e}
FF - Ext: Image Zoom: {1A2D0EC4-75F5-4c91-89C4-3656F6E44B68} - %profile%\extensions\{1A2D0EC4-75F5-4c91-89C4-3656F6E44B68}
FF - Ext: Pearl Crescent Page Saver Basic: {c151d79e-e61b-4a90-a887-5a46d38fba99} - %profile%\extensions\{c151d79e-e61b-4a90-a887-5a46d38fba99}
FF - Ext: Adblock Plus: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - %profile%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
FF - Ext: cacaoweb: [email protected] - %profile%\extensions\[email protected]
FF - Ext: IDM CC: [email protected] - c:\users\Charly\AppData\Roaming\IDM\idmmzcc3
.
- - - - ORPHELINS SUPPRIMES - - - -
.
URLSearchHooks-{05eeb91a-aef7-4f8a-978f-fb83e7b03f8e} - (no file)
Toolbar-Locked - (no file)
SafeBoot-mcmscsvc
SafeBoot-MCODS
BHO-{F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - (no file)
Toolbar-Locked - (no file)
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
AddRemove-Battlelog Web Plugins - c:\program files (x86)\Battlelog Web Plugins\uninstall.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
.
[HKEY_USERS\S-1-5-21-2972693053-1124965474-2753540043-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
@Allowed: (Read) (RestrictedCode)
"??"=hex:7b,f3,a4,5b,09,5f,e7,ff,0f,f8,b5,bb,b9,7c,e7,85,46,91,0f,d3,25,5f,05,
  22,d6,b9,6f,8b,56,62,ab,b9,ad,0e,66,ca,19,82,b1,89,dd,e7,65,31,6d,ad,ac,24,\
"??"=hex:ef,c7,53,27,30,b3,bf,90,33,39,c9,e3,25,dd,af,f8
.
[HKEY_USERS\S-1-5-21-2972693053-1124965474-2753540043-1000\Software\SecuROM\License information*]
"datasecu"=hex:02,b3,28,d2,43,2d,f4,97,99,77,bf,64,e8,cc,e1,07,a0,b2,27,b2,b1,
  da,c5,c2,6a,be,d4,c5,6a,5a,cb,61,00,eb,be,ec,5b,2c,55,2d,8a,92,53,7a,ad,5b,\
"rkeysecu"=hex:ba,ae,f8,9b,59,9e,06,19,2e,73,c8,49,7a,3d,a3,4f
.
[HKEY_USERS\S-1-5-21-2972693053-1124965474-2753540043-1000_Classes\Wow6432Node\CLSID\{18396b2e-46da-4797-a061-03e3e998c1c4}]
@Denied: (Full) (Everyone)
@Allowed: (Read) (RestrictedCode)
"Model"=dword:00000111
"Therad"=dword:00000018
"MData"=hex(0):73,d5,cf,b8,a4,07,89,80,31,e4,35,6b,2a,ca,fe,43,b6,1f,81,1f,5a,
  1b,4d,36,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68,\
.
[HKEY_USERS\S-1-5-21-2972693053-1124965474-2753540043-1000_Classes\Wow6432Node\CLSID\{5ED60779-4DE2-4E07-B862-974CA4FF2E9C}]
@Denied: (Full) (Everyone)
@Allowed: (Read) (RestrictedCode)
"scansk"=hex(0):01,91,df,ba,10,49,ea,d9,cd,06,59,8f,a2,be,a1,2b,3f,c7,b0,a4,e7,
  92,dd,bf,2d,6a,9f,ad,3d,d5,e4,6d,6f,c0,70,fe,3b,d8,87,c1,00,00,00,00,00,00,\
.
[HKEY_USERS\S-1-5-21-2972693053-1124965474-2753540043-1000_Classes\Wow6432Node\CLSID\{7B8E9164-324D-4A2E-A46D-0165FB2000EC}]
@Denied: (Full) (Everyone)
"scansk"=hex(0):ba,33,aa,4a,35,15,b4,85,0c,2f,31,4c,c1,2c,21,de,40,e2,53,2b,e3,
  fd,6c,1b,7c,29,ba,46,4b,af,df,26,b8,f5,77,98,6d,be,85,29,00,00,00,00,00,00,\
.
[HKEY_USERS\S-1-5-21-2972693053-1124965474-2753540043-1000_Classes\Wow6432Node\CLSID\{9358a965-94bb-4ecd-901b-b090c9e9ce0f}]
@Denied: (Full) (Everyone)
@Allowed: (Read) (RestrictedCode)
"Model"=dword:000000a1
"Therad"=dword:0000001d
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11f_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11f_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11f.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11f.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11f.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11f.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Autres processus actifs ------------------------
.
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
c:\program files (x86)\IObit\Game Booster 3\gbtray.exe
c:\nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe
c:\program files (x86)\FreeWifi Manager\FreeWifi_Manager.exe
c:\windows\system32\DRIVERS\o2flash.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\Internet Download Manager\IEMonitor.exe
c:\program files (x86)\Dell Support Center\bin\sprtsvc.exe
.
**************************************************************************
.
Heure de fin: 2012-03-24  21:57:49 - La machine a redémarré
ComboFix-quarantined-files.txt  2012-03-24 20:57
.
Avant-CF: 139 044 847 616 octets libres
Après-CF: 138 240 208 896 octets libres
.
- - End Of File - - 165B70EAF312C7C72913192364340B10

[Apollo]

Bonjour,

 

Qui t'a demandé de passer ComboFix? Ce n'est pas un joujou.

 

1) Télécharge AdwCleaner par Xplode: Téléchargements - Outils de Xplode - AdwCleaner

 

Enregistre-le sur le bureau (et pas ailleurs).

 

Si tu es sous XP double clique sur AdwCleaner pour lancer l'outil.

Si tu es sous Vista/Seven, clique droit sur AdwCleaner et choisis exécuter en temps qu'administrateur.

 

Clique sur Suppression et laisse travailler l'outil.

 

Le rapport va s'ouvrir en fichier texte; copie la totalité de son contenu et colle-le dans ta réponse.

 

Le rapport est en outre sauvegardé sous C:\AdwCleaner[s1]

 

-------------------------

 

2)Télécharge Ad-Remover de C-XX et Enregistre-le sur le bureau.

 

AD-Remover

 

Ferme toutes les applications ouvertes pour l'installer.

 

Sous XP: Double-clique, (Clic droit/exécuter comme administrateur pour Vista/7) sur l'icône placée sur le bureau.

 

Si le firewall se manifeste, accorde les autorisations à l'outil pour qu'il puisse travailler.

 

Clique sur Nettoyer

 

 

Le rapport se trouve aussi sous C:\Ad-Report Clean.

Copie/colle-le dans ta réponse stp.

 

 

+++

[00yaa]

Merci pour ta réponse ! Je n'étais pas passé depuis un moment. Comme un joujou t’exagères, je l'ai à peine utiliser à l'aveugle une ou deux fois... Je vais de ce pas (paf la queue du chat) tester tes solutions.

 

Heu vu qui faut fermer pleins de trucs (comme mon boulot) je posterais tout ça demain. Merci encore !.

Modifié le 2 avril 2012 par 00yaa

[Apollo]

Bonsoir,

 

Je n'exagère pas; tu fais ce que tu veux mais moi je sais quand l'outil dysfonctionne (comme mes collègues) mais toi, le sais-tu avant de l'utiliser?

 

Le jour où tu utilises une version de CF qui dysfonctionne (c'est rare mais ça arrive), tu peux formater, c'est aussi simple que ça.

 

@++

[00yaa]

j'étais dans le sous-entendu. C'est clair que j'ai jouer à l'apprenti sorcier

 

je vais même te dire, je l'ai réutiliser deux autres fois, un peu comme un ccleaner ^^

Modifié le 2 avril 2012 par 00yaa