Forum-seven : Communauté francaise de Windows 7

Bonjour,

Voilà ce que j'obtiens quand j'enregistre les processus en cours quand le sablier tourne :

Process PID CPU Private Bytes Working Set Description Company Name
System Idle Process 0 41.88 0 K 24 K
System 4 2.71 180 K 928 K
Interrupts n/a 2.39 0 K 0 K Hardware Interrupts and DPCs
smss.exe 396 460 K 1.156 K Gestionnaire de sessions Windows Microsoft Corporation
csrss.exe 520 0.10 2.416 K 5.048 K Processus d’exécution client-serveur Microsoft Corporation
conhost.exe 1536 1.380 K 3.456 K Hôte de la fenêtre de la console Microsoft Corporation
wininit.exe 604 2.088 K 5.444 K Application de démarrage de Windows Microsoft Corporation
services.exe 660 8.072 K 12.216 K Applications Services et Contrôleur Microsoft Corporation
svchost.exe 784 0.26 5.036 K 10.704 K Processus hôte pour les services Windows Microsoft Corporation
rundll32.exe 3224 2.592 K 7.616 K Processus hôte Windows (Rundll32) Microsoft Corporation
APSDaemon.exe 3516 4.580 K 12.940 K Apple Push Apple Inc.
WmiPrvSE.exe 4304 3.912 K 8.628 K WMI Provider Host Microsoft Corporation
svchost.exe 860 0.01 5.420 K 10.060 K Processus hôte pour les services Windows Microsoft Corporation
atiesrxx.exe 948 2.020 K 5.032 K AMD External Events Service Module AMD
atieclxx.exe 1456 2.804 K 7.308 K AMD External Events Client Module AMD
svchost.exe 1016 0.05 25.500 K 22.824 K Processus hôte pour les services Windows Microsoft Corporation
audiodg.exe 1140 16.764 K 17.564 K Isolation graphique de périphérique audio Windows Microsoft Corporation
svchost.exe 440 0.63 127.936 K 136.144 K Processus hôte pour les services Windows Microsoft Corporation
wlanext.exe 1528 2.412 K 6.084 K Infrastructure d’extensibilité pour les services réseau Windows sans fil 802.11 Microsoft Corporation
dwm.exe 1340 11.16 38.656 K 41.200 K Gestionnaire de fenêtres du Bureau Microsoft Corporation
svchost.exe 572 0.03 38.588 K 52.036 K Processus hôte pour les services Windows Microsoft Corporation
taskeng.exe 4256 2.428 K 6.640 K Moteur du Planificateur de tâches Microsoft Corporation
TVAgent.exe 4392 < 0.01 16.116 K 1.532 K HP MediaSmart TV Resident Program CyberLink Corp.
stacsv64.exe 732 0.17 7.884 K 8.908 K IDT PC Audio IDT, Inc.
svchost.exe 1212 0.09 9.840 K 17.432 K Processus hôte pour les services Windows Microsoft Corporation
hpservice.exe 1264 < 0.01 2.156 K 5.480 K HpService Hewlett-Packard Company
svchost.exe 1384 0.01 14.844 K 17.248 K Processus hôte pour les services Windows Microsoft Corporation
AvastSvc.exe 1520 0.04 54.552 K 15.284 K avast! Service AVAST Software
afwServ.exe 1644 0.02 4.644 K 5.452 K avast! firewall service AVAST Software
spoolsv.exe 1840 0.64 10.028 K 17.728 K Application sous-système spouleur Microsoft Corporation
svchost.exe 1868 0.21 28.204 K 32.388 K Processus hôte pour les services Windows Microsoft Corporation
taskhost.exe 432 0.03 8.844 K 10.760 K Processus hôte pour Tâches Windows Microsoft Corporation
armsvc.exe 1888 1.488 K 4.368 K Adobe Acrobat Update Service Adobe Systems Incorporated
AESTSr64.exe 2136 1.528 K 3.340 K Andrea filters APO access service (64-bit) Andrea Electronics Corporation
AppleMobileDeviceService.exe 2212 0.02 3.368 K 9.748 K MobileDeviceService Apple Inc.
mDNSResponder.exe 2240 2.736 K 6.504 K Bonjour Service Apple Inc.
Crypserv.exe 2272 0.01 2.988 K 5.004 K CrypKey License Service CrypKey (Canada) Ltd.
mounter.exe 2324 1.172 K 3.416 K
svchost.exe 2364 1.620 K 5.356 K Processus hôte pour les services Windows Microsoft Corporation
LSSrvc.exe 2412 1.516 K 4.672 K LightScribe Service Hewlett-Packard Company
lxbkcoms.exe 2452 < 0.01 2.348 K 5.900 K Printer Communication System
PMBDeviceInfoProvider.exe 2500 1.656 K 5.024 K Device Information Provider Sony Corporation
PnkBstrA.exe 2576 0.03 1.500 K 4.704 K
svchost.exe 2600 5.884 K 10.872 K Processus hôte pour les services Windows Microsoft Corporation
WLIDSVC.EXE 2648 < 0.01 7.364 K 16.868 K Microsoft® Windows Live ID Service Microsoft Corp.
WLIDSVCM.EXE 2824 < 0.01 1.868 K 4.064 K Microsoft® Windows Live ID Service Monitor Microsoft Corp.
svchost.exe 1732 2.980 K 6.800 K Processus hôte pour les services Windows Microsoft Corporation
svchost.exe 3620 3.904 K 9.140 K Processus hôte pour les services Windows Microsoft Corporation
SearchIndexer.exe 3876 0.20 55.180 K 51.992 K Indexeur Microsoft Windows Search Microsoft Corporation
SearchProtocolHost.exe 1248 < 0.01 5.112 K 11.316 K Microsoft Windows Search Protocol Host Microsoft Corporation
SearchFilterHost.exe 6892 3.104 K 7.220 K Microsoft Windows Search Filter Host Microsoft Corporation
svchost.exe 4052 0.05 6.156 K 21.376 K Processus hôte pour les services Windows Microsoft Corporation
wmpnetwk.exe 3744 < 0.01 4.488 K 4.316 K Service Partage réseau du Lecteur Windows Media Microsoft Corporation
hpqWmiEx.exe 720 2.144 K 6.740 K hpqwmiex Module Hewlett-Packard Company
iPodService.exe 5140 0.02 3.824 K 8.464 K iPodService Module (64-bit) Apple Inc.
Com4QLBEx.exe 5376 1.588 K 5.300 K Com for QLB application Hewlett-Packard Development Company, L.P.
IAStorDataMgrSvc.exe 4328 0.05 20.652 K 19.476 K IAStorDataSvc Intel Corporation
mbamservice.exe 5548 2.67 123.068 K 51.404 K Malwarebytes Anti-Malware Malwarebytes Corporation
NASvc.exe 4440 2.560 K 6.760 K NeroUpdate Nero AG
svchost.exe 5100 14.65 37.036 K 31.888 K Processus hôte pour les services Windows Microsoft Corporation
OSPPSVC.EXE 4388 3.524 K 11.496 K Microsoft Office Software Protection Platform Service Microsoft Corporation
lsass.exe 676 0.10 6.028 K 13.928 K Local Security Authority Process Microsoft Corporation
lsm.exe 684 3.396 K 5.444 K Service du gestionnaire de session locale Microsoft Corporation
csrss.exe 616 1.07 3.052 K 11.960 K Processus d’exécution client-serveur Microsoft Corporation
conhost.exe 1800 1.660 K 4.112 K Hôte de la fenêtre de la console Microsoft Corporation
conhost.exe 4892 1.660 K 4.136 K Hôte de la fenêtre de la console Microsoft Corporation
winlogon.exe 924 3.176 K 7.796 K Application d’ouverture de session Windows Microsoft Corporation
explorer.exe 2064 5.47 46.456 K 77.520 K Explorateur Windows Microsoft Corporation
xDaemon.exe 3496 6.828 K 11.308 K xDaemon
SynTPEnh.exe 3508 1.35 10.248 K 15.100 K Synaptics TouchPad Enhancements Synaptics Incorporated
sttray64.exe 3520 7.608 K 17.360 K IDT PC Audio IDT, Inc.
wmdcBase.exe 3536 2.856 K 7.264 K Gestionnaire pour appareils Windows Mobile Microsoft Corporation
sidebar.exe 3552 1.42 35.076 K 64.056 K Gadgets du Bureau Windows Microsoft Corporation
UpdateChecker.exe 3836 36.408 K 37.104 K FileHippo.com Update Checker FileHippo.com
ApplePhotoStreams.exe 3896 3.672 K 11.324 K ApplePhotoStreams.exe Apple Inc.
ubd.exe 3932 < 0.01 4.992 K 13.200 K ubd.exe Apple Inc.
distnoted.exe 3104 1.896 K 5.992 K distnoted Apple Inc.
AnyDVDtray.exe 4380 0.04 20.980 K 30.100 K AnyDVD Application SlySoft, Inc.
ADvdDiscHlp64.exe 4760 2.776 K 5.596 K AnyDVD 64bit helper
ScanToPCActivationApp.exe 4500 4.488 K 12.100 K ScanToPCActivationApp Hewlett-Packard Co.
HPNetworkCommunicator.exe 7908 0.20 3.568 K 9.112 K HPNetworkCommunicator Hewlett-Packard Co.
SpotifyWebHelper.exe 4540 < 0.01 2.020 K 5.772 K
rundll32.exe 4572 1.80 4.492 K 11.992 K Processus hôte Windows (Rundll32) Microsoft Corporation
HPNetworkCommunicator.exe 7264 6.02 3.568 K 9.128 K HPNetworkCommunicator Hewlett-Packard Co.
Dropbox.exe 4696 0.01 53.692 K 57.712 K Dropbox Dropbox, Inc.
procexp.exe 4680 2.428 K 7.284 K Sysinternals Process Explorer Sysinternals - www.sysinternals.com
procexp64.exe 6280 3.88 25.420 K 45.616 K Sysinternals Process Explorer Sysinternals - www.sysinternals.com
SynTPHelper.exe 4312 1.816 K 4.128 K Synaptics Pointing Device Helper Synaptics Incorporated
HPWAMain.exe 4000 33.032 K 32.876 K HP Wireless Assistant Main Program Hewlett-Packard
QLBCtrl.exe 3064 3.256 K 10.300 K Quick Launch Buttons Hewlett-Packard Development Company, L.P.
IAStorIcon.exe 4496 < 0.01 23.820 K 21.804 K IAStorIcon Intel Corporation
PMBVolumeWatcher.exe 1580 5.336 K 11.072 K Media Check Tool Sony Corporation
RIMBBLaunchAgent.exe 2568 2.224 K 6.800 K Launch Agent Service Research In Motion Limited
AvastUI.exe 4804 0.20 12.888 K 16.432 K avast! Antivirus AVAST Software
iTunesHelper.exe 4800 < 0.01 4.244 K 12.116 K iTunesHelper Apple Inc.
hpwuschd2.exe 2816 1.296 K 4.356 K hpwuSchd Application Hewlett-Packard
MOM.exe 3440 0.04 39.616 K 4.820 K Catalyst Control Center: Monitoring program Advanced Micro Devices Inc.
CCC.exe 5624 0.06 112.412 K 4.488 K Catalyst Control Center: Host application ATI Technologies Inc.
mbamgui.exe 5244 3.256 K 8.208 K Malwarebytes Anti-Malware Malwarebytes Corporation
firefox.exe 6976 0.17 92.520 K 113.996 K Firefox Mozilla Corporation

@+

Bonjour,

Comment veux-tu que sur une simple liste, je te dise si un ou des processus sont en cause ?
C'est toi qui est devant le PC.

Tu dois arrêter au fur et à mesure des processus, non-Microsoft bien sûr, et voir si le sablier s'arrête.

Déjà, je peux te dire que tu as trop de processus en cours, ferme les applications dont tu ne te sers pas à ce moment-là et notamment tout ce qui tourne en fond comme les téléchargements et le cloud.

Tiens-moi au courant,

@+

J'ai déjà essayé de faire ça, mais ça ne marche pas ...

Re,

Qu'est-ce qui ne marche pas ?

Tu as testé en stoppant tous les processus non-Microsoft et le sablier tourne toujours ?
Tu as coupé ta connexion internet aussi ?
Aucune tâche de fond qui tourne en téléchargement ?

@+

Tous les processus non windows ont été coupés, j'ai également éteind la connexion internet, je suis resté dans cette situation 10 minutes, mais toujours rien ...

Re,

ComboFix :

/!\ComboFix est un outil puissant qui ne doit pas être employé à la légère. Cette procédure a été créée spécifiquement pour cet utilisateur. Si vous n'êtes pas cet utilisateur, ne la lancez pas au risque d'endommager sérieusement votre installation de Windows /!\

• Télécharge ComboFix de sUBs et enregistre-le sur ton Bureau (et nulle part ailleurs, impérativement sur le Bureau)
• /!\ Ferme toutes les applications en cours et désactive toute protection résidente
• Prends connaissance de ce tutoriel et imprime-le au besoin
• Sauvegarde tes données importantes
• Clique sur ComboFix.exe pour lancer l'application
  /!\ Sous Vista et Windows 7, il faut lancer le fichier par clic-droit -> Exécuter en tant qu'administrateur
• Accepte la licence d'utilisation et laisse toi guider par le programme
• Autorise ComboFix à se connecter à internet pour les mises à jour si le programme le demande
• /!\ Sous XP, ComboFix va vérifier si la Console de récupération est installée. Si cette Console n'est pas installée, accepte par Oui afin de permettre à ComboFix de l'installer
• Surtout, laisse l'outil travailler sans rien toucher
• Le système va redémarrer, puis le rapport Combofix.txt va s'afficher. Poste le contenu de ce rapport dans ta prochaine réponse
  Le rapport est sauvegardé sous :C:\Combofix.txt

@+

Bonjour, voilà le rapport de ComboFix :

ComboFix 12-05-09.01 - Maël 09/05/2012 20:14:05.1.2 - x64
Microsoft Windows 7 Édition Familiale Premium 6.1.7601.1.1252.33.1036.18.4063.2001 [GMT 2:00]
Lancé depuis: c:\users\MaÙl\Desktop\ComboFix.exe
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\anoirsoft\Key Downloads
C:\dir
c:\windows\assembly\tmp\U
c:\windows\assembly\tmp\U\000000c0.@
c:\windows\assembly\tmp\U\000000cb.@
c:\windows\assembly\tmp\U\80000000.@
c:\windows\assembly\tmp\U\800000cb.@
c:\windows\msk.exe
c:\windows\XSxS
.
.
((((((((((((((((((((((((((((( Fichiers créés du 2012-04-09 au 2012-05-09 ))))))))))))))))))))))))))))))))))))
.
.
2012-05-09 18:25 . 2012-05-09 18:25 -------- d-----w- c:\users\Invité\AppData\Local\temp
2012-05-09 18:25 . 2012-05-09 18:25 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-05-09 18:25 . 2012-05-09 18:25 -------- d-----w- c:\users\Administrateur\AppData\Local\temp
2012-05-09 16:40 . 2012-05-09 16:40 -------- d-----w- c:\users\Maël\AppData\Local\{C993C53C-B1D7-4088-B574-1DB0CCE3C5CF}
2012-05-09 16:39 . 2012-05-09 16:40 -------- d-----w- c:\users\Maël\AppData\Local\{6E22FA4A-3A87-472B-B0E6-F2D6EC3773E2}
2012-05-09 16:36 . 2012-05-09 16:36 -------- d-----w- c:\users\Maël\AppData\Local\{4EFB713F-80CC-4828-B93C-77ECD6054F4C}
2012-05-09 15:21 . 2012-05-09 15:21 -------- d-----w- c:\users\Maël\AppData\Local\{610BB59D-3ADE-4084-8D80-6D3ADC5BEB5E}
2012-05-09 15:21 . 2012-05-09 15:21 -------- d-----w- c:\users\Maël\AppData\Local\{884CAACC-F638-48C6-953B-508BA097CCDC}
2012-05-09 11:43 . 2012-05-09 11:43 -------- d-----w- c:\users\Maël\AppData\Local\{B2C86FC9-B86B-489E-B8E4-E1FE6A43CCFB}
2012-05-07 15:52 . 2012-05-07 15:52 -------- d-----w- c:\users\Maël\AppData\Local\{BB220F82-E244-4AFE-A0DD-7ECCAAE509E0}
2012-05-06 14:41 . 2012-05-06 14:41 -------- d-----w- c:\users\Maël\AppData\Local\{E1BD17A3-DEE5-4A5B-9F1B-08F39762A4B0}
2012-05-06 14:40 . 2012-05-06 14:41 -------- d-----w- c:\users\Maël\AppData\Local\{E620AE47-FE43-4098-ABB2-19E4198D7794}
2012-05-06 10:23 . 2012-05-06 10:23 -------- d-----w- C:\_OTL
2012-05-06 10:22 . 2012-05-06 10:22 -------- d-----w- c:\users\Maël\AppData\Local\{3A249404-E43D-4147-BDAF-97B1152684A9}
2012-05-05 16:59 . 2012-05-05 16:59 -------- d-----w- c:\users\Maël\AppData\Local\{9539C7BB-FFA4-4072-BFD2-BD24BE9BE318}
2012-05-05 16:58 . 2012-05-05 16:59 -------- d-----w- c:\users\Maël\AppData\Local\{0320D0F6-B442-45AB-8700-6E3B5FCF0FB1}
2012-05-05 10:58 . 2012-05-05 10:58 -------- d-----w- c:\users\Maël\AppData\Local\{C855B580-7A70-42EC-A045-DDFA024985BE}
2012-05-05 10:57 . 2012-05-05 10:58 -------- d-----w- c:\users\Maël\AppData\Local\{5DE8D1E5-EF10-4637-9289-F538C927B2A8}
2012-05-04 16:58 . 2012-04-13 08:46 8917360 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{75FF6AF3-6AD9-42D3-87A8-E291FF7612D4}\mpengine.dll
2012-05-01 18:29 . 2012-05-01 18:29 -------- d-----w- c:\users\Maël\AppData\Local\{93A3F001-EE20-4C29-9A81-B5537E7BD984}
2012-05-01 18:28 . 2012-05-01 18:29 -------- d-----w- c:\users\Maël\AppData\Local\{6D78C31B-5D8A-48DF-828B-B0928DAC1F98}
2012-04-29 10:53 . 2012-04-29 10:53 -------- d-----w- c:\users\Maël\AppData\Local\{5DC660B0-4CF8-4C75-861A-FA82CFC27232}
2012-04-27 11:24 . 2012-04-27 11:24 -------- d-----w- c:\users\Maël\AppData\Local\{ED588962-A891-4ABB-BF1F-9376BC238D3F}
2012-04-27 11:23 . 2012-04-27 11:24 -------- d-----w- c:\users\Maël\AppData\Local\{A27DE56F-2A3F-4AD5-A1EC-10459E7F7453}
2012-04-27 09:43 . 2012-04-27 09:43 -------- d-----w- c:\users\Maël\AppData\Roaming\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
2012-04-27 09:42 . 2012-04-27 09:42 -------- d-----w- c:\users\Maël\AppData\Local\{A319C58B-A07D-4A51-BD92-1DA2809CF72F}
2012-04-27 08:48 . 2008-02-15 14:38 116224 ----a-w- c:\windows\system32\Spool\prtprocs\x64\lxbkpp6c.dll
2012-04-26 10:29 . 2012-04-26 10:29 -------- d-----w- c:\programdata\Visan
2012-04-26 10:27 . 2012-04-26 10:27 -------- d-----w- c:\users\Maël\AppData\Local\{7B6D088D-D5D0-4658-B818-FA17E43F5EDC}
2012-04-26 10:26 . 2012-04-26 10:27 -------- d-----w- c:\users\Maël\AppData\Local\{8A384366-6FEE-45DA-8603-04B2D8ACB531}
2012-04-26 09:52 . 2012-04-26 09:52 -------- d-----w- c:\users\Maël\AppData\Local\{4EE9F38A-EA91-4E98-B9A5-0981E5F66EC1}
2012-04-26 09:52 . 2012-04-26 09:52 -------- d-----w- c:\users\Maël\AppData\Local\{EDE007D2-E544-4609-909A-0C780052BD77}
2012-04-26 09:52 . 2012-04-26 09:52 -------- d-----w- c:\users\Maël\AppData\Local\{281C768E-78FC-435A-9F86-DD334E66E3C9}
2012-04-26 09:34 . 2012-04-26 09:34 -------- d-----w- c:\users\Maël\AppData\Local\{42F75A7E-ECF1-41C7-AB29-07992F75B718}
2012-04-26 09:24 . 2011-09-16 09:24 778088 ------w- c:\windows\system32\HPDiscoPMa111.dll
2012-04-26 09:24 . 2012-04-26 09:24 -------- d-----w- c:\programdata\HP
2012-04-26 09:21 . 2012-04-26 09:27 -------- d-----w- c:\users\Maël\AppData\Local\HP
2012-04-25 15:11 . 2012-04-25 15:11 -------- d-----r- c:\users\Maël\Contacts
2012-04-25 12:04 . 2012-04-25 12:04 -------- d-----w- c:\program files (x86)\Notepad++
2012-04-24 22:39 . 2008-05-07 23:29 122880 ----a-w- c:\windows\system32\Crypserv.exe
2012-04-24 22:39 . 2008-03-17 17:12 28664 ----a-w- c:\windows\system32\Ckldrv.sys
2012-04-24 22:39 . 1999-06-18 20:49 165888 ----a-w- c:\windows\Ckconfig.exe
2012-04-24 22:39 . 1996-05-03 16:21 27648 ----a-r- c:\windows\Setup_ck.exe
2012-04-24 22:39 . 1996-05-03 14:36 18432 ----a-w- c:\windows\Setup_ck.dll
2012-04-24 22:39 . 1995-07-04 17:33 11776 ----a-w- c:\windows\Ckrfresh.exe
2012-04-24 18:07 . 2012-04-24 18:07 -------- d-----w- c:\users\Maël\AppData\Roaming\ResourceCentral.E6E1B28A311BC518DB6C6883EA3757FDE0E90ADC.1
2012-04-24 17:38 . 2012-04-24 17:38 -------- d-----w- c:\program files (x86)\Adobe Story
2012-04-24 14:18 . 2012-04-24 14:18 -------- d-----w- c:\programdata\Premium
2012-04-24 14:17 . 2012-04-24 14:18 -------- d-----w- c:\programdata\InstallMate
2012-04-24 09:17 . 2012-04-24 09:24 -------- d-----r- c:\users\Maël\Liens
2012-04-24 08:31 . 2012-04-24 08:32 456192 ----a-w- c:\windows\SetACL.exe
2012-04-23 20:28 . 2012-04-23 20:28 -------- d-----r- c:\users\Maël\Searches
2012-04-23 12:41 . 2012-04-23 13:54 -------- d-----w- c:\users\Maël\AppData\Local\VMware
2012-04-23 12:38 . 2012-04-23 14:10 -------- d-----w- c:\program files (x86)\VMware
2012-04-23 08:00 . 2012-04-23 08:00 -------- d-----w- c:\users\Maël\AppData\Local\{B593DF1D-FBC7-40F4-A51C-4859B2F342B2}
2012-04-23 06:57 . 2012-04-23 06:57 -------- d-----w- c:\users\Maël\AppData\Local\{A9F615CB-C029-4260-A55D-90B3ED52AA48}
2012-04-22 20:34 . 2012-04-21 01:16 157352 ----a-w- c:\program files (x86)\Mozilla Firefox\maintenanceservice_installer.exe
2012-04-22 20:34 . 2012-04-21 01:16 129976 ----a-w- c:\program files (x86)\Mozilla Firefox\maintenanceservice.exe
2012-04-22 19:59 . 2012-05-09 18:26 -------- d-----w- c:\windows\system32\wbem\repository
2012-04-22 18:48 . 2012-04-22 18:48 -------- d-----w- c:\users\Maël\AppData\Local\{831083AD-B5F9-4B6B-80C1-FB4A2E8D4577}
2012-04-22 18:48 . 2012-04-22 18:48 -------- d-----w- c:\users\Maël\AppData\Local\{C347ACCA-0469-47ED-83E5-4F53BB71C484}
2012-04-21 21:57 . 2012-04-21 21:57 -------- d-----w- c:\program files (x86)\EASEUS
2012-04-21 21:25 . 2012-04-21 21:25 -------- d-----w- c:\users\Maël\AppData\Local\{4ADDE784-EC85-4207-8A8E-BAF9E81FED6C}
2012-04-17 19:08 . 2012-04-21 21:37 -------- d-----w- c:\programdata\SlySoft
2012-04-17 19:06 . 2012-04-21 21:34 -------- d-----w- c:\program files (x86)\SlySoft
2012-04-16 17:24 . 2012-04-16 17:24 -------- d-----w- c:\users\Maël\AppData\Local\{8BB1F2A2-72F2-4177-A800-6420AE831843}
2012-04-16 17:19 . 2012-04-16 17:19 -------- d-----w- c:\users\Maël\AppData\Local\{0D98E067-FC66-4F43-9BF8-6102A9B33E63}
2012-04-15 18:00 . 2012-04-15 18:00 -------- d-----w- c:\users\Maël\AppData\Local\{A4EDA374-2B42-410F-A4FA-047E083EB563}
2012-04-15 17:59 . 2012-04-15 18:00 -------- d-----w- c:\users\Maël\AppData\Local\{BBABFADE-BA3D-4376-95FE-3AE4274E76E5}
2012-04-13 16:30 . 2012-04-13 16:31 -------- d-----w- c:\users\Maël\AppData\Local\{3897B8B1-E623-4E77-BB52-06318F29F732}
2012-04-13 16:30 . 2012-04-13 16:30 -------- d-----w- c:\users\Maël\AppData\Local\{349DD666-D164-4276-87FC-6598E1663243}
2012-04-12 16:47 . 2012-04-12 16:47 -------- d-----w- c:\users\Maël\AppData\Local\{A8F0F6C8-2EE3-4530-ADE8-02FC30DF655F}
2012-04-11 21:24 . 2012-04-26 09:24 -------- d-----w- c:\program files (x86)\Hp
2012-04-11 21:24 . 2012-04-11 21:24 -------- d-----w- c:\windows\Hewlett-Packard
2012-04-11 21:12 . 2012-04-11 21:12 -------- d-----w- c:\users\Maël\AppData\Roaming\No Company Name
2012-04-11 21:01 . 2012-04-11 21:01 -------- d-----w- c:\program files\Microsoft Games
2012-04-11 17:07 . 2012-04-11 17:07 -------- d-----w- c:\users\Maël\AppData\Roaming\PACE Anti-Piracy
2012-04-11 17:07 . 2012-04-11 17:07 -------- d-----w- c:\users\Maël\AppData\Local\PACE Anti-Piracy
2012-04-11 17:07 . 2012-04-11 17:07 -------- d-----w- c:\programdata\PACE Anti-Piracy
2012-04-11 17:07 . 2012-04-11 17:07 -------- d-----w- c:\program files\Common Files\PACE Anti-Piracy
2012-04-11 16:50 . 2012-04-11 21:09 -------- d-----w- c:\program files (x86)\Common Files\PX Storage Engine
2012-04-11 16:50 . 2012-04-11 16:50 -------- d-----w- c:\program files (x86)\My Company Name
2012-04-11 16:50 . 2012-04-11 16:50 -------- d-----w- c:\program files (x86)\Common Files\Sonic Shared
2012-04-11 16:28 . 2012-04-11 16:28 -------- d-----w- c:\users\Maël\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
2012-04-11 13:31 . 2012-04-11 13:31 -------- d-----w- c:\program files (x86)\Hobbyist Software
2012-04-11 13:30 . 2012-04-11 13:31 -------- d-----w- c:\users\Maël\AppData\Local\{7128B8FB-20C0-4173-B5C3-9D7AB21F1119}
2012-04-11 13:30 . 2012-04-11 13:30 -------- d-----w- c:\users\Maël\AppData\Local\{128A2BFE-746C-446B-AE1F-098F70782C83}
2012-04-11 10:32 . 2012-03-06 06:53 5559152 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-04-11 10:32 . 2012-03-06 05:59 3968368 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2012-04-11 10:32 . 2012-03-06 05:59 3913072 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2012-04-11 10:28 . 2012-03-01 06:46 23408 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2012-04-11 10:28 . 2012-03-01 06:33 81408 ----a-w- c:\windows\system32\imagehlp.dll
2012-04-11 10:28 . 2012-03-01 05:33 159232 ----a-w- c:\windows\SysWow64\imagehlp.dll
2012-04-11 10:28 . 2012-03-01 06:38 220672 ----a-w- c:\windows\system32\wintrust.dll
2012-04-11 10:28 . 2012-03-01 05:37 172544 ----a-w- c:\windows\SysWow64\wintrust.dll
2012-04-11 10:28 . 2012-03-01 06:28 5120 ----a-w- c:\windows\system32\wmi.dll
2012-04-11 10:28 . 2012-03-01 05:29 5120 ----a-w- c:\windows\SysWow64\wmi.dll
2012-04-10 19:44 . 2012-04-10 19:44 -------- d-----w- c:\users\Maël\AppData\Local\{4A09779B-BBBC-4C47-8023-0862D7132C7F}
2012-04-10 19:43 . 2012-04-10 19:44 -------- d-----w- c:\users\Maël\AppData\Local\{767BD715-653B-4BD6-A6F6-2A60823C51FA}
2012-04-10 16:03 . 2012-04-10 16:03 -------- d-----w- c:\users\Maël\AppData\Local\{EA13E0F7-C32F-4692-80DE-3BD0DDE4377E}
2012-04-10 16:03 . 2012-04-10 16:03 -------- d-----w- c:\users\Maël\AppData\Local\{325D066B-6C10-4B62-951E-EBD2A0123905}
2012-04-10 15:55 . 2012-04-11 20:59 -------- d-----w- c:\program files (x86)\URUSoft
2012-04-09 18:58 . 2012-04-09 18:58 -------- d-----w- c:\users\Maël\AppData\Local\{E232636B-DC39-4DB9-911A-9FA6B9A3FC01}
.
.
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-05-04 21:06 . 2012-03-29 19:04 419488 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-05-04 21:06 . 2011-05-15 19:05 70304 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-05-04 21:06 . 2012-03-29 19:06 8744608 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe
2012-04-27 21:14 . 2011-12-14 17:08 955848 ----a-w- c:\windows\system32\npdeployJava1.dll
2012-04-27 21:14 . 2011-04-21 10:00 839112 ----a-w- c:\windows\system32\deployJava1.dll
2012-04-22 20:09 . 2009-12-26 12:32 2306328 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\markup.dll
2012-04-22 19:59 . 2010-06-03 16:02 42776 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM-2\StartResources.dll
2012-04-22 19:58 . 2010-04-14 11:02 639312 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2012-03-26 23:42 . 2012-03-26 23:42 138360 ----a-w- c:\windows\SysWow64\drivers\AnyDVD.sys
2012-03-26 23:42 . 2012-03-26 23:42 138360 ----a-w- c:\windows\system32\drivers\AnyDVD.sys
2012-03-08 16:50 . 2012-03-08 16:50 49016 ----a-w- c:\windows\SysWow64\sirenacm.dll
2012-03-08 16:37 . 2012-03-08 16:37 302448 ----a-w- c:\windows\WLXPGSS.SCR
2012-03-06 23:15 . 2012-03-26 20:07 41184 ----a-w- c:\windows\avastSS.scr
2012-03-06 23:15 . 2012-03-26 20:07 201352 ----a-w- c:\windows\SysWow64\aswBoot.exe
2012-03-06 23:15 . 2012-03-26 19:50 258520 ----a-w- c:\windows\system32\aswBoot.exe
2012-03-06 23:04 . 2012-03-26 20:14 141144 ----a-w- c:\windows\system32\drivers\aswFW.sys
2012-03-06 23:04 . 2012-03-26 20:08 819032 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-03-06 23:04 . 2012-03-26 20:08 337240 ----a-w- c:\windows\system32\drivers\aswSP.sys
2012-03-06 23:03 . 2012-03-26 20:14 258904 ----a-w- c:\windows\system32\drivers\aswNdis2.sys
2012-03-06 23:02 . 2012-03-26 20:08 28504 ----a-w- c:\windows\system32\drivers\aswKbd.sys
2012-03-06 23:02 . 2012-03-26 20:08 53080 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2012-03-06 23:01 . 2012-03-26 20:08 59224 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2012-03-06 23:01 . 2012-03-26 20:08 69976 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2012-03-06 23:01 . 2012-03-26 20:08 24408 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2012-03-06 22:44 . 2012-03-26 20:14 12368 ----a-w- c:\windows\system32\drivers\aswNdis.sys
2012-02-23 08:18 . 2009-12-26 12:02 279656 ------w- c:\windows\system32\MpSigStub.exe
2012-02-19 09:30 . 2010-04-16 09:51 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-02-17 06:38 . 2012-03-13 19:41 1031680 ----a-w- c:\windows\system32\rdpcore.dll
2012-02-17 05:34 . 2012-03-13 19:41 826880 ----a-w- c:\windows\SysWow64\rdpcore.dll
2012-02-17 04:58 . 2012-03-13 19:41 210944 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-02-17 04:57 . 2012-03-13 19:41 23552 ----a-w- c:\windows\system32\drivers\tdtcp.sys
2012-02-15 10:01 . 2012-02-15 10:01 52736 ----a-w- c:\windows\system32\drivers\usbaapl64.sys
2012-02-15 10:01 . 2012-02-15 10:01 4547944 ----a-w- c:\windows\system32\usbaaplrc.dll
2012-02-10 06:36 . 2012-03-13 19:43 1544192 ----a-w- c:\windows\system32\DWrite.dll
2012-02-10 05:38 . 2012-03-13 19:43 1077248 ----a-w- c:\windows\SysWow64\DWrite.dll
.
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-14 22:58 94208 ----a-w- c:\users\Maël\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-14 22:58 94208 ----a-w- c:\users\Maël\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-14 22:58 94208 ----a-w- c:\users\Maël\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-14 22:58 94208 ----a-w- c:\users\Maël\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"FileHippo.com"="c:\program files (x86)\FileHippo.com\UpdateChecker.exe" [2012-03-26 306688]
"ApplePhotoStreams"="c:\program files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe" [2012-02-24 59240]
"MobileDocuments"="c:\program files (x86)\Common Files\Apple\Internet Services\ubd.exe" [2012-02-23 59240]
"AnyDVD"="c:\program files (x86)\SlySoft\AnyDVD\AnyDVDtray.exe" [2012-04-27 6065784]
"HP Photosmart 5510 series (NET)"="c:\program files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationApp.exe" [2011-09-16 2676584]
"Spotify Web Helper"="c:\users\Maël\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [2012-05-05 932528]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"HPCam_Menu"="c:\program files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe" [2009-02-25 218408]
"UpdatePRCShortCut"="c:\program files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe" [2009-05-19 222504]
"WirelessAssistant"="c:\program files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2009-07-23 498744]
"QlbCtrl.exe"="c:\program files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2009-11-24 323640]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2011-10-17 284440]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-07-22 402432]
"PMBVolumeWatcher"="c:\program files (x86)\Sony\PMB\PMBVolumeWatcher.exe" [2011-03-15 650080]
"RIMBBLaunchAgent.exe"="c:\program files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe" [2011-02-18 79192]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-20 59240]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2011-10-24 421888]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-10-25 343168]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-03-06 4241512]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-03-27 421736]
"HP Software Update"="c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe" [2011-05-10 49208]
"AdobeCS5.5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" [2011-01-12 1523360]
.
c:\users\Maël\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Alertes de surveillance de l'encre - HP Photosmart 5510 series (réseau).lnk - c:\windows\system32\RunDll32.exe [2009-7-14 45568]
Dropbox.lnk - c:\users\Maël\AppData\Roaming\Dropbox\bin\Dropbox.exe [2012-2-15 24246216]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"HideFastUserSwitching"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
.
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\system]
"WallpaperStyle"= 2
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
R0 vmci;VMware VMCI Bus Driver;c:\windows\system32\DRIVERS\vmci.sys [x]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-04 257696]
R3 AVerAF15DMBTH64;AVerMedia A850 USB;c:\windows\system32\Drivers\AVerAF15DMBTH64.sys [x]
R3 bbcap;bb_capture_driver;c:\windows\system32\DRIVERS\bbcap.sys [x]
R3 CV2K1;CommView Network Monitor;c:\windows\system32\DRIVERS\cv2k1.sys [x]
R3 driverhardwarev2x64;driverhardwarev2x64;c:\program files\ma-config.com\Drivers\driverhardwarev2x64.sys [2011-07-21 16640]
R3 Futuremark SystemInfo Service;Futuremark SystemInfo Service;c:\program files (x86)\Common Files\Futuremark Shared\Futuremark SystemInfo\FMSISvc.exe [2010-11-11 128928]
R3 jumi;%Jumi%;c:\windows\system32\DRIVERS\jumi.sys [x]
R3 libusb0;LibUsb-Win32 - Kernel Driver 08/27/2006, 0.1.12.0;c:\windows\system32\DRIVERS\libusb0.sys [x]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 51740536]
R3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 pcouffin;VSO Software pcouffin;c:\windows\system32\Drivers\pcouffin.sys [x]
R3 pnetmdm;PdaNet Modem;c:\windows\system32\DRIVERS\pnetmdm64.sys [x]
R3 PsSdk41;PsSdk41;c:\windows\system32\Drivers\pssdk41.sys [x]
R3 PVUSB;CESG502 64bit USB Driver;c:\windows\system32\DRIVERS\CESG64.sys [x]
R3 radpms;Driver for RADPMS Device;c:\windows\system32\DRIVERS\radpms.sys [x]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS [x]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS [x]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS [x]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys [x]
R3 VBoxNetFlt;VBoxNetFlt Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys [x]
R3 WatAdminSvc;Service Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [x]
R4 AVerRemote;AVerRemote;c:\program files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe [2008-10-21 352256]
R4 AVerScheduleService;AVerScheduleService;c:\program files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe [2008-12-09 405504]
R4 maconfservice;Ma-Config Service;c:\program files\ma-config.com\x64\maconfservice.exe [2011-11-14 427640]
S0 aswNdis;avast! Firewall NDIS Filter Service;c:\windows\system32\DRIVERS\aswNdis.sys [x]
S0 aswNdis2;avast! Firewall Core Firewall Service; [x]
S0 NBVol;Nero Backup Volume Filter Driver;c:\windows\system32\DRIVERS\NBVol.sys [x]
S0 NBVolUp;Nero Backup Volume Upper Filter Driver;c:\windows\system32\DRIVERS\NBVolUp.sys [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 aswFW;avast! TDI Firewall driver; [x]
S1 aswKbd;aswKbd; [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe [2009-03-02 89600]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]
S2 avast! Firewall;avast! Firewall;c:\program files\AVAST Software\Avast\afwServ.exe [2012-03-06 134920]
S2 Dokan;Dokan;c:\windows\system32\drivers\dokan.sys [x]
S2 DokanMounter;DokanMounter;c:\program files (x86)\Dokan\DokanLibrary\mounter.exe [2010-07-05 11776]
S2 ezSharedSvc;Easybits Shared Services for Windows;c:\windows\system32\svchost.exe [2009-07-14 27136]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-10-17 13592]
S2 lxbk_device;lxbk_device;c:\windows\system32\lxbkcoms.exe [x]
S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe [2011-09-23 641832]
S2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [x]
S2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe [2011-03-15 428384]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
S3 Com4QLBEx;Com4QLBEx;c:\program files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2009-05-05 228408]
S3 enecir;ENE CIR Receiver;c:\windows\system32\DRIVERS\enecir.sys [x]
S3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [x]
S3 johci;JMicron 1394 Filter Driver;c:\windows\system32\DRIVERS\johci.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
.
.
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
ezSharedSvc
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2011-03-04 11:29 451872 ----a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe
.
Contenu du dossier 'Tâches planifiées'
.
2012-05-09 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-29 21:06]
.
2012-04-11 c:\windows\Tasks\HPCeeScheduleForMaël.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2009-10-07 03:22]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-03-06 23:15 135408 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-14 22:58 97792 ----a-w- c:\users\Maël\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-14 22:58 97792 ----a-w- c:\users\Maël\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-14 22:58 97792 ----a-w- c:\users\Maël\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-14 22:58 97792 ----a-w- c:\users\Maël\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HP Input Device Main Program"="c:\program files\HP\HP Wireless Comfort Mobile Mouse\TSR\xDaemon.exe" [2008-09-19 530432]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2010-03-23 487424]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2011-06-16 499608]
"Windows Mobile-based device management"="c:\windows\WindowsMobile\wmdcBase.exe" [2007-05-31 660360]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 112512]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://www.google.fr/
uLocal Page = c:\windows\system32\blank.htm
mStart Page = hxxp://www.bigseekpro.com/splitcam/{9A9B9641-1 ... F4E00E01D0}
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: &Envoyer à OneNote - c:\progra~1\MICROS~1\Office14\ONBttnIE.dll/105
IE: &Télécharger avec NetTransport - c:\program files (x86)\Xi\NetTransport 2\NTAddLink.html
IE: Analyser avec LeechGet - file://c:\program files (x86)\LeechGet 2009\\Parser.html
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~1\Office14\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
IE: Tout t&élécharger avec NetTransport - c:\program files (x86)\Xi\NetTransport 2\NTAddList.html
IE: Télécharger en utilisant l'assistant LeechGet - file://c:\program files (x86)\LeechGet 2009\\Wizard.html
IE: Télécharger en utilisant LeechGet - file://c:\program files (x86)\LeechGet 2009\\AddUrl.html
TCP: DhcpNameServer = 89.2.0.1 89.2.0.2
DPF: CabBuilder - hxxp://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
FF - ProfilePath - c:\users\Maël\AppData\Roaming\Mozilla\Firefox\Profiles\1kd58llm.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxps://www.google.fr/
FF - prefs.js: keyword.URL - hxxp://search.babylon.com/?affID=112462&babsrc=KW_ss&mntrId=3e96c6100000000000000c6076076471&q=
FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=112462
FF - user.js: extensions.BabylonToolbar_i.babExt -
FF - user.js: extensions.BabylonToolbar_i.srcExt - ss
FF - user.js: extensions.BabylonToolbar_i.id - 3e96c6100000000000000c6076076471
FF - user.js: extensions.BabylonToolbar_i.hardId - 3e96c6100000000000000c6076076471
FF - user.js: extensions.BabylonToolbar_i.instlDay - 15454
FF - user.js: extensions.BabylonToolbar_i.vrsn - 1.5.3.17
FF - user.js: extensions.BabylonToolbar_i.vrsni - 1.5.3.17
FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.5.3.1716:18
FF - user.js: extensions.BabylonToolbar_i.prtnrId - babylon
FF - user.js: extensions.BabylonToolbar_i.prdct - BabylonToolbar
FF - user.js: extensions.BabylonToolbar_i.aflt - babsst
FF - user.js: extensions.BabylonToolbar_i.smplGrp - none
FF - user.js: extensions.BabylonToolbar_i.tlbrId - base
FF - user.js: extensions.BabylonToolbar_i.instlRef - sst
.
- - - - ORPHELINS SUPPRIMES - - - -
.
Wow6432Node-HKCU-Run-AdobeBridge - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc.exe
.
.
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{BEB3C0C7-B648-4257-96D9-B5D024816E27}\Version*Version]
"Version"=hex:e6,1e,34,d3,9f,f9,b0,09,e4,c0,80,f3,d4,cd,dd,e3,d8,81,9a,5d,a7,
ea,c4,92,03,51,a3,49,e1,3f,29,4c,3f,b2,37,3c,b6,b2,84,98,6d,d7,8c,5e,2f,a7,\
.
[HKEY_LOCAL_MACHINE\software\Classes\FaxCover.Document\shell]
@DACL=(02 0000)
@=""
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_235_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_235_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Minnetonka Audio Software\SurCode Dolby Digital Premiere\Version*Version]
"Version"=hex:e6,1e,34,d3,9f,f9,b0,09,e4,c0,80,f3,d4,cd,dd,e3,d8,81,9a,5d,a7,
ea,c4,92,03,51,a3,49,e1,3f,29,4c,3f,b2,37,3c,b6,b2,84,98,6d,d7,8c,5e,2f,a7,\
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Windows CE Services]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Autres processus actifs ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\windows\system32\crypserv.exe
c:\program files (x86)\Common Files\LightScribe\LSSrvc.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
c:\program files (x86)\Hewlett-Packard\Media\Live TV\TVAgent.exe
c:\program files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
.
**************************************************************************
.
Heure de fin: 2012-05-09 20:39:42 - La machine a redémarré
ComboFix-quarantined-files.txt 2012-05-09 18:39
.
Avant-CF: 119.283.335.168 octets libres
Après-CF: 118.917.414.912 octets libres
.
- - End Of File - - 8101F9498F31C0F69DBBB96EDB5F75D7

@+

Re,

Et maintenant, comment est le sablier ?

@+

Bonsoir,

Le sablier tourne encore, mais moins.
Mais il tourne encore, toutes les 2 minutes, il tourne environ pendant 10 secondes ...

@+

Re,

RogueKiller :

• Télécharge RogueKiller de Tigzy, en cliquant sur le lien de téléchargement et enregistre-le sur ton Bureau
• /!\ Important -> Quitte tous les programmes en cours
• Double-clique sur RogueKiller.exe sur ton Bureau
  /!\ Sous Vista et Windows 7, il faut lancer le fichier par clic-droit -> Exécuter en tant qu'administrateur
• Patiente le temps du Prescan, puis clique sur Scan
  
• Clique sur Suppression, puis sur Rapport et poste le rapport en pièce jointe dans ta prochaine réponse

Si le programme a été bloqué, ne pas hésiter à essayer plusieurs fois. Au besoin le renommer en Winlogon.exe

---------------------------------------------------------------------------------------------

Ensuite, relance Malwarebytes et TDSSKiller comme indiqué dans mon 1er message et poste les rapports.

@+