Internet lent
Isendil
Messages postés
821
Statut
Membre
-
Isendil Messages postés 821 Statut Membre -
Isendil Messages postés 821 Statut Membre -
Bonjour,
ma connexion internet est devenue super lente depuis quelques jours; je peux tranquillement jouer en ligne ou télécharger n'importe quoi, mais les pages internet mettent 1/2 min à s'ouvrir...
Merrci de m'aider
ma connexion internet est devenue super lente depuis quelques jours; je peux tranquillement jouer en ligne ou télécharger n'importe quoi, mais les pages internet mettent 1/2 min à s'ouvrir...
Merrci de m'aider
A voir également:
- Internet lent
- Pc lent - Guide
- Mon mac est lent comment le nettoyer - Guide
- Gps sans internet - Guide
- Internet explorer - Guide
- Complete internet repair - Télécharger - Web & Internet
18 réponses
C'est bien ce que je me disais, aussi... Ni la réinstallation de Firefox ni IE ne marchent mieux; surement un virus...
C'est fait pour les DNS. Ca améliore pas vraiment les choses...
Rien de suspect sur un scan Hijackthis...
Rien de suspect sur un scan Hijackthis...
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
Désinstalle et réinstalle Firefox pour voir.
Ensuite, fait un teste de ta connexion sur ce lien: http://www.speedtest.fr/
Ensuite, fait un teste de ta connexion sur ce lien: http://www.speedtest.fr/
Normalement, tu doit pas avoir de problème.
Essaye avec un autre naviguateur (Internet Explorer, Chrome, Opéra etc...)
Si le problème persiste, ça vient pas de Firefox
Essaye avec un autre naviguateur (Internet Explorer, Chrome, Opéra etc...)
Si le problème persiste, ça vient pas de Firefox
Scans : Spybots, AVG, Antimalware; avec des CCleaner régulièrement.
DNS, DNS, c'est vite dit :D Ca correspond à quoi?
DNS, DNS, c'est vite dit :D Ca correspond à quoi?
Va dans les connexiosn reseau. clic droit proprietes sur ta connection internet puis selectionne ip v4 et fait proprietes. Ensutie en bas rentre les dns primaires et secondaires en fonction de ton fai.
http://www.commentcamarche.net/faq/sujet 1496 serveurs dns des principaux fai
http://www.commentcamarche.net/faq/sujet 1496 serveurs dns des principaux fai
Ok ;) C'est juste que j'ai vu que des trucs que je connaissais dedans (enfin je crois) :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:41:11, on 12/10/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Unable to get Internet Explorer version!
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\CPUCooL\CooLSrv.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe
C:\PROGRA~1\AVG\AVG8\avgam.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFCl.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\program files\steam\steam.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
C:\Program Files\BitTorrent\bittorrent.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Mozilla Thunderbird\thunderbird.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://ww25.b.bestmanage.org/?pid=2000&dt=2007-06-09&subid1=20201204-2342-2814-805e-9412ef12d4bb
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [ClockGen] C:\Documents and Settings\Guigui\Bureau\ClockGen.exe -i p=0
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [Steam] "c:\program files\steam\steam.exe" -silent
O4 - HKCU\..\Run: [RocketDock] "C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [UberIcon] "C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe"
O4 - HKCU\..\Run: [BitTorrent] "C:\Program Files\BitTorrent\bittorrent.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'Default user')
O4 - .DEFAULT User Startup: CamTrack.lnk = C:\Program Files\DigitalPeers\CamTrack\camtrack.exe (User 'Default user')
O4 - .DEFAULT User Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user')
O4 - .DEFAULT User Startup: PinMcLnk.lnk = C:\hp\bin\cloaker.exe (User 'Default user')
O4 - Startup: Mozilla Thunderbird.lnk = C:\Program Files\Mozilla Thunderbird\thunderbird.exe
O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
O4 - Startup: TransBar.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe
O4 - Startup: UberIcon.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
O8 - Extra context menu item: &Traduire à partir de l'anglais - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Pages liées - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Pages similaires - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Recherche &Google - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Tout télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: Télécharger la sélection avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Télécharger la vidéo avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm
O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Upload - {FD4E2FF8-973C-4A19-89BD-8E86B3CFCFE1} - C:\Program Files\Free Download Manager\FUM\fumiebtn.dll
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{C1CC5855-2C73-4379-9BAE-001BE7400194}: NameServer = 212.27.53.252,212.27.54.252
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: CPUCooLServer Service (CPUCooLServer) - Unknown owner - C:\Program Files\CPUCooL\CooLSrv.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Sunbelt Personal Firewall 4 (SPF4) - Sunbelt Software, Inc. - C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe
O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:41:11, on 12/10/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Unable to get Internet Explorer version!
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\CPUCooL\CooLSrv.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe
C:\PROGRA~1\AVG\AVG8\avgam.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFCl.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\program files\steam\steam.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
C:\Program Files\BitTorrent\bittorrent.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Mozilla Thunderbird\thunderbird.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://ww25.b.bestmanage.org/?pid=2000&dt=2007-06-09&subid1=20201204-2342-2814-805e-9412ef12d4bb
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [ClockGen] C:\Documents and Settings\Guigui\Bureau\ClockGen.exe -i p=0
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [Steam] "c:\program files\steam\steam.exe" -silent
O4 - HKCU\..\Run: [RocketDock] "C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [UberIcon] "C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe"
O4 - HKCU\..\Run: [BitTorrent] "C:\Program Files\BitTorrent\bittorrent.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'Default user')
O4 - .DEFAULT User Startup: CamTrack.lnk = C:\Program Files\DigitalPeers\CamTrack\camtrack.exe (User 'Default user')
O4 - .DEFAULT User Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user')
O4 - .DEFAULT User Startup: PinMcLnk.lnk = C:\hp\bin\cloaker.exe (User 'Default user')
O4 - Startup: Mozilla Thunderbird.lnk = C:\Program Files\Mozilla Thunderbird\thunderbird.exe
O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
O4 - Startup: TransBar.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe
O4 - Startup: UberIcon.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
O8 - Extra context menu item: &Traduire à partir de l'anglais - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Pages liées - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Pages similaires - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Recherche &Google - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Tout télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: Télécharger la sélection avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Télécharger la vidéo avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm
O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Upload - {FD4E2FF8-973C-4A19-89BD-8E86B3CFCFE1} - C:\Program Files\Free Download Manager\FUM\fumiebtn.dll
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{C1CC5855-2C73-4379-9BAE-001BE7400194}: NameServer = 212.27.53.252,212.27.54.252
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: CPUCooLServer Service (CPUCooLServer) - Unknown owner - C:\Program Files\CPUCooL\CooLSrv.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Sunbelt Personal Firewall 4 (SPF4) - Sunbelt Software, Inc. - C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe
O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe
Bonsoir
Comment es-tu protégé ?
C - Ccleaner :
(nettoyeur de registre, cookies+temps+tempos+prefetch+historique+etc.)
* Télécharge CCleaner.
(attention à l'installation penser à DECOCHER l'installation de Yahoo toolbar discrètement proposé en plus de CCleaner).
https://www.pcastuces.com/logitheque/ccleaner.htm
http://www.commentcamarche.net/telecharger/telecharger 168 ccleaner
Installe le dans un répertoire dédié.
Décoche pendant l'installation
--- les deux cases "Ajouter l'option ... "
--- Contrôler les mises à jour
* Lance Ccleaner pour un nettoyage complet.
Tutorial ici:
https://kerio.probb.fr/t242-tuto-ccleaner-v-2
https://www.malekal.com/tutoriel-ccleaner/
ET
http://perso.orange.fr/jesses/Docs/Logiciels/CCleaner.htm
D – Ewido – AVG
AVG Anti-Spyware :
http://www.commentcamarche.net/telecharger/telecharger 218 avg anti spyware
Tu l'installes.
Lance AVG Anti-Spyware et clique sur le bouton Mise à jour.
Patiente!
Lance AVG Anti-Spyware
Clique sur le bouton Analyse (de la barre d'outils)
Puis sur l'onglets Comment réagir, clique sur Actions recommandées.
Reviens à l'onglet Analyse. Clique sur Analyse complète du système.
/!\ Si un fichier est infecté en fin d'analyse /!\
choisis l'option " Appliquer toutes les actions " en bas.
Clique sur "Enregistrer le rapport" puis sur "Enregistrer le rapport sous"
Enregistre ce fichier texte sur ton bureau.
Copie/colle le rapport
Comment es-tu protégé ?
C - Ccleaner :
(nettoyeur de registre, cookies+temps+tempos+prefetch+historique+etc.)
* Télécharge CCleaner.
(attention à l'installation penser à DECOCHER l'installation de Yahoo toolbar discrètement proposé en plus de CCleaner).
https://www.pcastuces.com/logitheque/ccleaner.htm
http://www.commentcamarche.net/telecharger/telecharger 168 ccleaner
Installe le dans un répertoire dédié.
Décoche pendant l'installation
--- les deux cases "Ajouter l'option ... "
--- Contrôler les mises à jour
* Lance Ccleaner pour un nettoyage complet.
Tutorial ici:
https://kerio.probb.fr/t242-tuto-ccleaner-v-2
https://www.malekal.com/tutoriel-ccleaner/
ET
http://perso.orange.fr/jesses/Docs/Logiciels/CCleaner.htm
D – Ewido – AVG
AVG Anti-Spyware :
http://www.commentcamarche.net/telecharger/telecharger 218 avg anti spyware
Tu l'installes.
Lance AVG Anti-Spyware et clique sur le bouton Mise à jour.
Patiente!
Lance AVG Anti-Spyware
Clique sur le bouton Analyse (de la barre d'outils)
Puis sur l'onglets Comment réagir, clique sur Actions recommandées.
Reviens à l'onglet Analyse. Clique sur Analyse complète du système.
/!\ Si un fichier est infecté en fin d'analyse /!\
choisis l'option " Appliquer toutes les actions " en bas.
Clique sur "Enregistrer le rapport" puis sur "Enregistrer le rapport sous"
Enregistre ce fichier texte sur ton bureau.
Copie/colle le rapport
J'ai AVG Antivirus... Et il y a un module antispyware dedans, je pense que c'est inclu dans le scan ;) (Scan complet réalisé ce weekend en démarrage normal (pas en sans échec), avec un Spybot, un Malwarebyte's Antimalware et un CCleaner (que je fais régulièrement). Côté Firewall, j'ai Sunbelt (ancien Kerio).
Mais si il y a besoin d'un rapport, je poste Avg spy.
Mais si il y a besoin d'un rapport, je poste Avg spy.
---------------------------------------------------------
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------
+ Créé à: 07:57:24 14/10/2008
+ Résultat de l'analyse:
C:\Documents and Settings\Guigui\Mes documents\LimeWire\Saved\The Red Hot Chili Peppers - Throw away your Television.mp3 -> Downloader.Wimad.n : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP65\A0020174.exe -> Not-A-Virus.Adware.EShoper : Ignoré.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP65\A0020175.exe -> Not-A-Virus.PSWTool.Win32.MSNPassword.e : Ignoré.
C:\Documents and Settings\Aggagate\Cookies\aggagate@snapfish.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\Aggagate\Cookies\aggagate@www.casinotropez[1].txt -> TrackingCookie.Casinotropez : Nettoyé.
C:\Documents and Settings\Aggagate\Cookies\aggagate@h.starware[2].txt -> TrackingCookie.Starware : Nettoyé.
C:\Documents and Settings\Aggagate\Cookies\aggagate@try.starware[1].txt -> TrackingCookie.Starware : Nettoyé.
C:\Documents and Settings\HP_Administrateur\Cookies\hp_administrateur@www.vegasred[1].txt -> TrackingCookie.Vegasred : Nettoyé.
C:\Documents and Settings\Aggagate\Cookies\aggagate@aimfar.solution.weborama[2].txt -> TrackingCookie.Weborama : Nettoyé.
C:\Documents and Settings\HP_Administrateur\Cookies\hp_administrateur@boursoramabanque.solution.weborama[2].txt -> TrackingCookie.Weborama : Nettoyé.
C:\Documents and Settings\Mathilde\Cookies\mathilde@cetelem.solution.weborama[2].txt -> TrackingCookie.Weborama : Nettoyé.
C:\Documents and Settings\Mathilde\Cookies\mathilde@laredoute.solution.weborama[2].txt -> TrackingCookie.Weborama : Nettoyé.
C:\Documents and Settings\Guigui\Local Settings\temp\33C781C0.dll -> Trojan.Agent : Erreur lors du nettoyage.
C:\Documents and Settings\Guigui\Local Settings\temp\8E0173E3.dll -> Trojan.Agent : Erreur lors du nettoyage.
Fin du rapport
Et un coup de Spyware Terminator :
Logfile of Spyware Terminator v2.3.0.494 (db:1.000.000.000)
Scan Time: 13/10/2008 21:55:46 length: 8291 s
Platform: WXP (5.1.0.2600)
User: Admin
Boot Mode: Normal
Scan type: Full_Spyware_Scan
Scanned Objects: 338056 (Critical:6)
Filter: No System items, No Safe items, No Invalid items
Running Processes
StyleXPService.exe : C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
avgwdsvc.exe [AVG Technologies CZ, s.r.o.] : C:\Program Files\AVG\AVG8\avgwdsvc.exe
CooLSrv.exe : C:\Program Files\CPUCooL\CooLSrv.exe
Iaantmon.exe [Intel Corporation] : C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
nvsvc32.exe [NVIDIA Corporation] : C:\WINDOWS\system32\nvsvc32.exe
PnkBstrA.exe : C:\WINDOWS\system32\PnkBstrA.exe
SbPFSvc.exe [Sunbelt Software, Inc.] : C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe
avgam.exe [AVG Technologies CZ, s.r.o.] : C:\Program Files\AVG\AVG8\avgam.exe
avgrsx.exe [AVG Technologies CZ, s.r.o.] : C:\Program Files\AVG\AVG8\avgrsx.exe
avgnsx.exe [AVG Technologies CZ, s.r.o.] : C:\Program Files\AVG\AVG8\avgnsx.exe
SbPFCl.exe [Sunbelt Software, Inc.] : C:\Program Files\Sunbelt Software\Personal Firewall\SbPFCl.exe
avgtray.exe [AVG Technologies CZ, s.r.o.] : C:\Program Files\AVG\AVG8\avgtray.exe
steam.exe [Valve Corporation] : C:\Program Files\steam\steam.exe
RocketDock.exe : C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
UberIcon Manager.exe : C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
avgas.exe [GRISOFT s.r.o.] : C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
Internet Settings
R - HKLM\Software\Microsoft\Internet Explorer\Main, Start Page = http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
R - HKLM\Software\Microsoft\Internet Explorer\Search, SearchAssistant = https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchasst.htm
R - HKLM\Software\Microsoft\Internet Explorer\Search, CustomizeSearch = https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchcust.htm
R - HKLM\System\CurrentControlSet\Services\Tcpip\Parameters, Domain =
R - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Telephony, DomainName =
BHO
02 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - [Yahoo! Inc.] : C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
02 - BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - [Adobe Systems Incorporated] : C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
02 - BHO: AVG Safe Search - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - [AVG Technologies CZ, s.r.o.] : C:\Program Files\AVG\AVG8\avgssie.dll
02 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - [Safer Networking Limited] : C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
02 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - [Sun Microsystems, Inc.] : C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
02 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - [AVG, Technologies CZ, s.r.o] : C:\Program Files\AVG\AVG8\avgtoolbar.dll
02 - BHO: FDMUploadBtnForIe Class - {FD4E2FF8-973C-4A19-89BD-8E86B3CFCFE1} - : C:\Program Files\Free Download Manager\FUM\fumiebtn.dll
Toolbars
03 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - [Yahoo! Inc.] : C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
03 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - [AVG, Technologies CZ, s.r.o] : C:\Program Files\AVG\AVG8\avgtoolbar.dll
StartUps
04 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Steam : [Valve Corporation] : C:\Program Files\steam\steam.exe
04 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, RocketDock : : C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
04 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, UberIcon : : C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, AVG8_TRAY : [AVG Technologies CZ, s.r.o.] : C:\Program Files\AVG\AVG8\avgtray.exe
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, ClockGen : [CPUID.com] : C:\Documents and Settings\Guigui\Bureau\CLOCKGEN.EXE
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, !AVG Anti-Spyware : [GRISOFT s.r.o.] : C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
04 - Startup: %STARTUP%\Mozilla Thunderbird.lnk [Mozilla Corporation] : C:\Program Files\Mozilla Thunderbird\thunderbird.exe
04 - Startup: %STARTUP%\RocketDock.lnk : C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
04 - Startup: %STARTUP%\TransBar.lnk [AKSoftware] : C:\WINDOWS\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe
04 - Startup: %STARTUP%\UberIcon.lnk : C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
Shell Extensions
Desktop Explorer - {1CDB2949-8F65-4355-8456-263E7C208A5D} - [NVIDIA Corporation] : C:\WINDOWS\system32\nvshell.dll
- {1E9B04FB-F9E5-4718-997B-B8DA88302A47} - [NVIDIA Corporation] : C:\WINDOWS\system32\nvshell.dll
nView Desktop Context Menu - {1E9B04FB-F9E5-4718-997B-B8DA88302A48} - [NVIDIA Corporation] : C:\WINDOWS\system32\nvshell.dll
ShellViewRTF - {7F67036B-66F1-411A-AD85-759FB9C5B0DB} - [XSS] : C:\WINDOWS\system32\ShellvRTF.dll
WinRAR - {B41DB860-8EE4-11D2-9906-E49FADC173CA} - : C:\Program Files\WinRAR\rarext.dll
EzCddax Class - {46E22146-59C0-4136-9233-FB7720E777B2} - : C:\Program Files\Easy CD-DA Extractor 10\ezcddax10.dll
WinZip - {E0D79304-84BE-11CE-9641-444553540000} - [WinZip Computing, S.L.] : C:\Program Files\WinZip\WZSHLSTB.DLL
WinZip - {E0D79305-84BE-11CE-9641-444553540000} - [WinZip Computing, S.L.] : C:\Program Files\WinZip\WZSHLSTB.DLL
WinZip - {E0D79306-84BE-11CE-9641-444553540000} - [WinZip Computing, S.L.] : C:\Program Files\WinZip\WZSHLSTB.DLL
WinZip - {E0D79307-84BE-11CE-9641-444553540000} - [WinZip Computing, S.L.] : C:\Program Files\WinZip\WZSHLSTB.DLL
Microsoft Office Metadata Handler - {993BE281-6695-4BA5-8A2A-7AACBFAAB69E} - [Microsoft Corporation] : C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\msoshext.dll
Microsoft Office Thumbnail Handler - {C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97} - [Microsoft Corporation] : C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\msoshext.dll
ShellExt Class - {B95713CD-06FF-4D35-A9DA-4DBDFE5FD7F4} - [HHD Software] : C:\Program Files\Hex Editor 3.x\heshell.dll
- {1EBC3533-B289-409F-9924-B84B3F0717D2} - [Visicom Media Inc.] : C:\Program Files\FTP Expert 3\ftpcntxt.dll
7-Zip Shell Extension - {23170F69-40C1-278A-1000-000100020000} - [Igor Pavlov] : C:\Program Files\7-Zip\7-zip.dll
NeroCoverEdLiveIcons Class - {97F68CE3-7146-45FF-BE24-D9A7DD7CB8A2} - [Nero AG] : C:\Program Files\Nero\Nero 7\Nero CoverDesigner\CoverEdExtension.dll
NeroDigitalIconHandler Class - {B327765E-D724-4347-8B16-78AE18552FC3} - [Nero AG] : C:\Program Files\Fichiers communs\Ahead\Lib\NeroDigitalExt.dll
NeroDigitalPropSheetHandler Class - {7F1CF152-04F8-453A-B34C-E609530A9DC8} - [Nero AG] : C:\Program Files\Fichiers communs\Ahead\Lib\NeroDigitalExt.dll
FdmUplShlExt Class - {F49C55B9-D417-45A1-A6E7-D6E057946280} - : C:\Program Files\Free Download Manager\FUM\fumshext.dll
MuVo V200 Media Explorer - {0E40CBF0-0263-4AD4-A71B-11316667CBB7} - [Creative Technology Ltd] : C:\Program Files\Creative\Creative MuVo V200\CTMvns.dll
Mes dossiers de partage - {FC9FB64A-1EB2-4CCF-AF5E-1A497A9B5C2D} - [Microsoft Corporation] : C:\Program Files\Windows Live\Messenger\fsshext.8.5.1302.1018.dll
Nokia Phone Browser - {416651E4-9C3C-11D9-8BDE-F66BAD1E3F3A} - [Nokia] : C:\Program Files\Nokia\Nokia PC Suite 6\phonebrowser.dll
CLSID_WLMCMimeFilter - {0563DB41-F538-4B37-A92D-4659049B7766} - [Microsoft Corporation] : C:\Program Files\Windows Live\Mail\mailcomm.dll
The Matroska Shell Extension, Prop Page CLSID - {780BCB64-0CAF-473c-A9FC-E08C03D75515} - : C:\Program Files\StarV9\MatroskaProp\MatroskaProp.dll
The Matroska Shell Extension, Thumbnail Handler CLSID - {78DC191E-EFC1-4532-9A71-224577A86A7D} - : C:\Program Files\StarV9\MatroskaProp\MatroskaProp.dll
The Matroska Shell Extension, Tooltip Provider CLSID - {794D04CA-70AC-4020-80EB-FFD59DEF8027} - : C:\Program Files\StarV9\MatroskaProp\MatroskaProp.dll
The Matroska Shell Extension, Context Menu CLSID - {789111D8-68A3-46a3-9663-145A3FF4C9C9} - : C:\Program Files\StarV9\MatroskaProp\MatroskaProp.dll
The Matroska Shell Extension, Column Provider CLSID - {781395AF-A127-469f-A06F-59B482AF4F3F} - : C:\Program Files\StarV9\MatroskaProp\MatroskaProp.dll
a-squared Free Shell Extension - {A155339D-CCCD-4714-85EB-3754B804C9DF} - [Emsi Software GmbH] : C:\Program Files\a-squared Free\a2freecontmenu.dll
TuneUp Theme Extension - {44440D00-FF19-4AFC-B765-9A0970567D97} - [TuneUp Software GmbH] : C:\WINDOWS\system32\uxtuneup.dll
CMenuExtender - {ABC70703-32AF-11d4-90C4-D483A70F4825} - [Revenger inc.] : C:\WINDOWS\BricoPacks\Vista Inspirat 2\iColorFolder\CMExt.dll
iTunes - {B9E1D2CB-CCFF-4AA6-9579-D7A4754030EF} - [Apple Inc.] : C:\Program Files\iTunes\iTunesMiniPlayer.dll
AVG8 Shell Extension Class - {9F97547E-4609-42C5-AE0C-81C61FFAEBC3} - [AVG Technologies CZ, s.r.o.] : C:\Program Files\AVG\AVG8\avgse.dll
- {06A2568A-CED6-4187-BB20-400B8C02BE5A} - [Microsoft Corporation] : C:\Program Files\Windows Live\Photo Gallery\WLXPhotoAcquireWizard.exe
Shell Extecute Hooks
ShellHook Class - {{88485281-8b4b-4f8d-9ede-82e29a064277}} - [MarkAny Cooperation.] : C:\Program Files\MarkAny\ContentSafer\MACSMANAGER.dll
CShellExecuteHookImpl Object - {{57B86673-276A-48B2-BAE7-C6DBB3020EB8}} - [GRISOFT s.r.o.] : C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\shellexecutehook.dll
Protocol Handler
XPLPPFilter Class - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - [AVG Technologies CZ, s.r.o.] : C:\Program Files\AVG\AVG8\avgpp.dll
- {828030A1-22C1-4009-854F-8E305202313F} - [Microsoft Corporation] : C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll
- {828030A1-22C1-4009-854F-8E305202313F} - [Microsoft Corporation] : C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll
Windows Live Mail HTML Asynchronous Pluggable Protocol Handler - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - [Microsoft Corporation] : C:\Program Files\Windows Live\Mail\mailcomm.dll
Services
23 - [SlySoft, Inc.] : C:\WINDOWS\system32\Drivers\AnyDVD.sys
23 - [AVG Technologies CZ, s.r.o.] : C:\Program Files\AVG\AVG8\avgwdsvc.exe
23 - [AVG Technologies CZ, s.r.o.] : C:\WINDOWS\system32\DRIVERS\avgfwdx.sys
23 - [AVG Technologies CZ, s.r.o.] : C:\WINDOWS\system32\Drivers\avgldx86.sys
23 - [AVG Technologies CZ, s.r.o.] : C:\WINDOWS\system32\Drivers\avgmfx86.sys
23 - [AVG Technologies CZ, s.r.o.] : C:\WINDOWS\system32\Drivers\avgrkx86.sys
23 - [AVG Technologies CZ, s.r.o.] : C:\WINDOWS\system32\Drivers\avgtdix.sys
23 - [Promise Technology, Inc.] : C:\WINDOWS\system32\DRIVERS\bb-run.sys
23 - : C:\Program Files\CPUCooL\CooLSrv.exe
23 - [Intel Corporation] : C:\WINDOWS\system32\DRIVERS\e100b325.sys
23 - [Intel Corporation] : C:\WINDOWS\system32\DRIVERS\ELacpi.sys
23 - [Elaborate Bytes AG] : C:\WINDOWS\system32\Drivers\ElbyCDIO.sys
23 - [Intel Corporation] : C:\WINDOWS\system32\Drivers\Elhid.sys
23 - [Intel Corporation] : C:\WINDOWS\system32\Drivers\Elkbd.sys
23 - [Intel Corporation] : C:\WINDOWS\system32\Drivers\Elmon.sys
23 - [Intel Corporation] : C:\WINDOWS\system32\Drivers\Elmou.sys
23 - : C:\WINDOWS\system32\drivers\enodpl.sys
23 - [FreeBox SA] : C:\WINDOWS\system32\DRIVERS\fbxusb32.sys
23 - [Promise Technology, Inc.] : C:\WINDOWS\system32\DRIVERS\ftsata2.sys
23 - [GEAR Software Inc.] : C:\WINDOWS\system32\Drivers\GEARAspiWDM.sys
23 - [Intel Corporation] : C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
23 - [Intel Corporation] : C:\WINDOWS\system32\DRIVERS\iastor.sys
23 - [Ahead Software AG] : C:\WINDOWS\system32\Drivers\imagedrv.sys
23 - [Ahead Software AG] : C:\WINDOWS\system32\DRIVERS\imagesrv.sys
23 - [Realtek Semiconductor Corp.] : C:\WINDOWS\system32\drivers\RtkHDAud.sys
23 - [NVIDIA Corporation] : C:\WINDOWS\system32\nvsvc32.exe
23 - [Creative Technology Ltd.] : C:\WINDOWS\system32\drivers\PfModNT.sys
23 - : C:\WINDOWS\system32\PnkBstrA.exe
23 - [Protection Technology] : C:\WINDOWS\system32\drivers\prodrv06.sys
23 - [Protection Technology] : C:\WINDOWS\system32\drivers\prohlp02.sys
23 - [Protection Technology] : C:\WINDOWS\system32\drivers\prosync1.sys
23 - [Hewlett-Packard Company] : C:\WINDOWS\system32\DRIVERS\PS2.sys
23 - [Sunbelt Software, Inc.] : C:\WINDOWS\system32\drivers\SbFw.sys
23 - [Sunbelt Software, Inc.] : C:\WINDOWS\system32\DRIVERS\sbfwim.sys
23 - [Sunbelt Software, Inc.] : C:\WINDOWS\system32\drivers\sbhips.sys
23 - [Protection Technology (StarForce)] : C:\WINDOWS\system32\drivers\sfdrv01.sys
23 - [Protection Technology] : C:\WINDOWS\system32\drivers\sfhlp01.sys
23 - [Protection Technology (StarForce)] : C:\WINDOWS\system32\drivers\sfhlp02.sys
23 - [Protection Technology (StarForce)] : C:\WINDOWS\system32\drivers\sfsync04.sys
23 - [Protection Technology] : C:\WINDOWS\system32\drivers\sfvfs02.sys
23 - [Sunbelt Software, Inc.] : C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe
23 - : C:\WINDOWS\system32\Drivers\sptd.sys
23 - [Avira GmbH] : C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
23 - [Windows (R) 2000 DDK provider] : C:\Program Files\TGTSoft\StyleXP\StyleXPHelper.exe
23 - : C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
23 - : C:\WINDOWS\system32\drivers\tandpl.sys
23 - [Logitech Inc.] : C:\WINDOWS\system32\drivers\WmBEnum.sys
23 - [Logitech Inc.] : C:\WINDOWS\system32\drivers\WmXlCore.sys
23 - : C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.sys
IE URL Search Hooks
Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {{EF99BD32-C1FB-11D2-892F-0090271D4F88}} - [Yahoo! Inc.] : C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
Threat Files
<Advanced Access Password Recovery> : C:\WINDOWS\system32\Acpr.ini
<Advanced Access Password Recovery> : C:\WINDOWS\acpr.INI
<RiskTool.Reboot.f> : C:\Program Files\Mozilla Firefox\SmitfraudFix\Reboot.exe
<SPR.Tool.Hardoff.A> : C:\Program Files\Mozilla Firefox\SmitfraudFix\restart.exe
Advanced Files Report
%PROGRAMFILES%\Bonjour\mdnsNSP.dll [Apple Inc.] [Bonjour] MD5=EDDEC321B128328BC370A5447F7F8D69 SIZE=147456
%SYSDIR%\uxtuneup.dll [TuneUp Software GmbH] [TuneUp Utilities] MD5=838C97B3D28BFEBDD11D12ADFE957004 SIZE=28416
%PROGRAMFILES%\TGTSoft\StyleXP\StyleXPService.exe [StyleXPService Module] MD5=564286A42AF81FB2B61EED32FCDE020C SIZE=372736
%SYSDIR%\hpzlnt04.dll [HP] [HP DeskJet] MD5=6B94178802A0F6AB5418DF08C7554020 SIZE=114744
%PROGRAMFILES%\AVG\AVG8\avgwdsvc.exe [AVG Technologies CZ, s.r.o.] [AVG Internet Security] MD5=9B40D378D4E521464212E878BE8216A4 SIZE=231704
%PROGRAMFILES%\AVG\AVG8\avglogx.dll [AVG Technologies CZ, s.r.o.] [AVG Internet Security] MD5=B1B76B1EB05C900E7BF3F9C9537A1AA2 SIZE=161048
%PROGRAMFILES%\AVG\AVG8\avgwd.dll [AVG Technologies CZ, s.r.o.] [AVG Internet Security] MD5=DA705898F1AE91C40BC86820CF818D6B SIZE=840984
%PROGRAMFILES%\AVG\AVG8\avgcfgx.dll [AVG Technologies CZ, s.r.o.] [AVG Internet Security] MD5=A62BF0EB428EE1357A150183892884A4 SIZE=558872
%PROGRAMFILES%\AVG\AVG8\avgsched.dll [AVG Technologies CZ, s.r.o.] [AVG Internet Security] MD5=1C0555F8791D939049D592B1665570AB SIZE=330520
%PROGRAMFILES%\AVG\AVG8\avgwdwsc.dll [AVG Technologies CZ, s.r.o.] [AVG Internet Security] MD5=9B41D18E917A2ACC0A0F9602E4FB9D18 SIZE=223512
%PROGRAMFILES%\AVG\AVG8\avglngx.dll [AVG Technologies CZ, s.r.o.] [AVG Internet Security] MD5=2CA014E470602E772B2AEC9DF0D5D49C SIZE=153344
%PROGRAMFILES%\CPUCooL\CooLSrv.exe MD5=799D1C3474DD49EE02DDCE7E4960154A SIZE=118784
%PROGRAMFILES%\Intel\Intel Matrix Storage Manager\Iaantmon.exe [Intel Corporation] [RAID Monitor] MD5=BA523965D72D750FAD439EA51D633BAE SIZE=81920
%SYSDIR%\nvsvc32.exe [NVIDIA Corporation] [NVIDIA Driver Helper Service, Version 175.19] MD5=0C41C4ACFE00D826DB479C40C1D9EDC8 SIZE=159812
%SYSDIR%\nvapi.dll [NVIDIA Corporation] [NVIDIA Windows drivers] MD5=E639279A5EF179BA87EC70B5BCC315D1 SIZE=425984
%SYSDIR%\PnkBstrA.exe MD5=19E83B09AB8EE1D837665DA941E2AC44 SIZE=66872
%PROGRAMFILES%\Sunbelt Software\Personal Firewall\SbPFSvc.exe [Sunbelt Software, Inc.] [Sunbelt Personal Firewall] MD5=7450901C2EBD4014B28F32A008B9880C SIZE=1361192
%PROGRAMFILES%\Sunbelt Software\Personal Firewall\kticonv.dll [Free Software Foundation] [libiconv: character set conversion library] MD5=EADF6E67D2F2B445E07B55073264B4FF SIZE=888832
%PROGRAMFILES%\Sunbelt Software\Personal Firewall\PocoFoundation.dll MD5=8342EA2FB9B9DED9634D5E684A81AF0A SIZE=859648
%PROGRAMFILES%\Sunbelt Software\Personal Firewall\PocoXml.dll MD5=668AAB2221F2C588A2200543CCF14FEA SIZE=470016
%PROGRAMFILES%\Sunbelt Software\Personal Firewall\PocoExt.dll MD5=50764019F146982007AC5DEF44971708 SIZE=18432
%PROGRAMFILES%\Sunbelt Software\Personal Firewall\LibEay32.dll MD5=96373C802D27D4F942B3D8E24F1CBDCE SIZE=827392
%PROGRAMFILES%\Sunbelt Software\Personal Firewall\SSLeay32.dll MD5=E4DF774312A6C2215D36F42E2CE8D4D8 SIZE=155648
%PROGRAMFILES%\Sunbelt Software\Personal Firewall\CurlLib.dll [The cURL library, https://curl.se/] [The cURL library] MD5=8156230FCFFADDB2A6B4623D64CE8282 SIZE=290816
%PROGRAMFILES%\Sunbelt Software\Personal Firewall\SbPFWsc.dll [Sunbelt Software, Inc.] [Sunbelt Personal Firewall] MD5=112BD57F9068EC13D37C28F960CAE27B SIZE=79144
%PROGRAMFILES%\Sunbelt Software\Personal Firewall\SbFwe.dll [Sunbelt Software, Inc.] [Sunbelt Personal Firewall] MD5=2C91326C1105279F6CF56DD2D7513B32 SIZE=275752
%PROGRAMFILES%\Sunbelt Software\Personal Firewall\SbFw.dll [Sunbelt Software, Inc.] [Sunbelt Personal Firewall] MD5=66E2015747C36436758EF253323AF9A2 SIZE=95528
%PROGRAMFILES%\Sunbelt Software\Personal Firewall\SbFwIm.dll [Sunbelt Software, Inc.] [Sunbelt Personal Firewall] MD5=341043CF39FD05540D35544FCCD6965C SIZE=91432
%PROGRAMFILES%\AVG\AVG8\avgam.exe [AVG Technologies CZ, s.r.o.] [AVG Internet Security] MD5=AC67ECB5AD03CE4A3FB971221F574E6B SIZE=638744
%PROGRAMFILES%\AVG\AVG8\avgameh.dll [AVG Technologies CZ, s.r.o.] [AVG Internet Security] MD5=63C69301D0D9DAAC0A57B7582DA2FCB4 SIZE=312600
%PROGRAMFILES%\AVG\AVG8\avgrsx.exe [AVG Technologies CZ, s.r.o.] [AVG Internet Security] MD5=BA1CE056CE1466CA28CE118585EA86C4 SIZE=287000
%PROGRAMFILES%\AVG\AVG8\avgcorex.dll [AVG Technologies CZ, s.r.o.] [AVG Internet Security] MD5=2B92EE81D2566A27D9F4237744378FE9 SIZE=1352984
%PROGRAMFILES%\AVG\AVG8\avgcrlpx.dll [AVG Technologies CZ, s.r.o.] [AVG Internet Security] MD5=97A5373C9534FDA276986EA9FF027BE2 SIZE=67352
%PROGRAMFILES%\AVG\AVG8\avgnsx.exe [AVG Technologies CZ, s.r.o.] [AVG Internet Security] MD5=C9BEA16C638562EB677746D07C673F07 SIZE=424216
%PROGRAMFILES%\AVG\AVG8\avgxpl.dll [AVG Technologies CZ, s.r.o.] [AVG Internet Security] MD5=46E496E55B46296A2424711FB866BD13 SIZE=308504
%PROGRAMFILES%\AVG\AVG8\imsdk32.dll [Winco Sistemas] [IMFilter SDK] MD5=F758AE597908DD3292B0DCC9D9038AFC SIZE=349464
%PROGRAMFILES%\Nokia\Nokia PC Suite 6\phonebrowser.dll [Nokia] [Phone Browser] MD5=015055BE9CD9058778CB74D8739718F2 SIZE=619520
%PROGRAMFILES%\Nokia\Nokia PC Suite 6\PCSCM.dll [Nokia] [PC Suite Common Modules] MD5=4F0C300F9B76A055E45290770C6CFA27 SIZE=716800
%PROGRAMFILES%\Nokia\Nokia PC Suite 6\Lang\PhoneBrowser_fre.nlr [Nokia] [Nokia Phone Browser] MD5=DCCB1A0C80E5FFE36D7F55D0BCA923A9 SIZE=31744
%PROGRAMFILES%\Nokia\Nokia PC Suite 6\Resource\PhoneBrowser_Nokia.ngr [Nokia] [Nokia Phone Browser] MD5=5467EF5A65CC71E4FF5B6D0BDAC3CB08 SIZE=543744
%WINDIR%\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon.dll MD5=08E088D05B15A7C6121B8CE91D779808 SIZE=65536
%WINDIR%\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.dll MD5=B84E20C5487E3F6FD5F9E8943AC4674A SIZE=69632
%COMMONFILES%\Adobe\Acrobat\ActiveX\PDFShell.FRA [Adobe Systems, Inc.] [Adobe PDF Shell Extension] MD5=0A732A8A66E2657B194AC5F967658A23 SIZE=311296
%PROGRAMFILES%\Sunbelt Software\Personal Firewall\SbPFCl.exe [Sunbelt Software, Inc.] [Sunbelt Personal Firewall] MD5=089645D2961F6B58D6CDA09F36025EA3 SIZE=1705256
%PROGRAMFILES%\AVG\AVG8\avguires.dll [AVG Technologies CZ, s.r.o.] [AVG Internet Security] MD5=A03ADC38419D2AF1DD21C0E97045D276 SIZE=1948440
%PROGRAMFILES%\AVG\AVG8\avgsrmx.dll [AVG Technologies CZ, s.r.o.] [AVG Internet Security] MD5=69C4C000181FB2DDADA78D19CC8582FB SIZE=358168
%PROGRAMFILES%\AVG\AVG8\avgvvx.dll [AVG Technologies CZ, s.r.o.] [AVG Internet Security] MD5=A9EF8813AE4B65AB6A2DA628388D702D SIZE=309016
%PROGRAMFILES%\AVG\AVG8\avgscanx.dll [AVG Technologies CZ, s.r.o.] [AVG Internet Security] MD5=BCF1CEDC91F5D694F8274782C26FC62C SIZE=294168
%PROGRAMFILES%\AVG\AVG8\avgmvflx.dll [AVG Technologies CZ, s.r.o.] [AVG Internet Security] MD5=D7DC98FF8B0C3F777F83603C538E6295 SIZE=281880
%PROGRAMFILES%\steam\Steam.dll [Valve Corporation] [Steam] MD5=09DD88EB74AF0A2B65963A2B3222A38E SIZE=3073272
%PROGRAMFILES%\steam\SteamUI.dll [Valve Corporation] [SteamUI Dynamic Link Library] MD5=447799E858BE2D3A975E6F80CFDCDAD3 SIZE=2938104
%PROGRAMFILES%\steam\vstdlib_s.dll [Valve Corporation] [Steam] MD5=66F50E4B646104AA83388710335112A5 SIZE=365816
%PROGRAMFILES%\steam\tier0_s.dll [Valve Corporation] [tier0_s Dynamic Link Library] MD5=4C73A09769D793CB5E69F56E00E651D8 SIZE=238840
%PROGRAMFILES%\Steam\bin\FileSystem_Steam.dll [Valve Corporation] [Steam] MD5=4184562F62BE8319141D94F45E94B972 SIZE=193272
%PROGRAMFILES%\Steam\bin\vgui2.dll [Valve Corporation] [Steam] MD5=B3B8FF71BB0BA510715245BA9764B5DE SIZE=465392
%PROGRAMFILES%\steam\steamclient.dll [Valve Corporation] [Steam] MD5=27D66EEF1FC371AC7E24E4BCC625EBA8 SIZE=2640368
%PROGRAMFILES%\steam\bin\p2pvoice.dll [Valve Corporation] [Steam P2P Voice Library] MD5=C09A8C09DF41F7D39CD14CFE4D0FF9E4 SIZE=1193208
%PROGRAMFILES%\steam\bin\mss32_s.dll [RAD Game Tools, Inc.] [Miles Sound System] MD5=0B87140484E4E240ADABBD3B957A2BB6 SIZE=540672
%PROGRAMFILES%\steam\bin\SteamService.dll [Valve Corporation] [Steam Client Service Library] MD5=D049E7236C6B6EE02D0530881AA4A8FC SIZE=657904
%WINDIR%\BricoPacks\Vista Inspirat 2\UberIcon\Plugins\iZoom\fx.dll MD5=BA8F81ADB16685571CFDCBC73A4D8621 SIZE=57344
%COMMONFILES%\Ahead\Lib\MediaLibraryNSE.dll [Nero AG] [Nero File Dialog] MD5=236773C874BEC375F3040D8E17E58A9C SIZE=1291560
%PROGRAMFILES%\Mozilla Thunderbird\thunderbird.exe [Mozilla Corporation] [Thunderbird] MD5=76ADB8C3BF66C8859F08F34E8D230EDC SIZE=8501360
%WINDIR%\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe [AKSoftware] [TransBar] MD5=67102D07691C835B4AE03CE18D6FACE5 SIZE=65536
%PROGRAMFILES%\Yahoo!\Companion\Installs\cpn\yt.dll [Yahoo! Inc.] [Yahoo! Toolbar] MD5=2785037CE05B63D5607C9D5DFB2FEEE4 SIZE=440384
%PROGRAMFILES%\Free Download Manager\FUM\fumiebtn.dll MD5=DC2FDEB06240E4DB9FB2BDD0A25DC299 SIZE=77824
%SYSDIR%\nvshell.dll [NVIDIA Corporation] [NVIDIA Desktop Explorer, Version 111.75] MD5=70BDDEE1D46FC4E98AD76A4B4EBE63FF SIZE=466944
%SYSDIR%\ShellvRTF.dll [XSS] [XSS ShellvRTF] MD5=B309190CEDF4A4E60865787DDE826901 SIZE=237568
%PROGRAMFILES%\WinRAR\rarext.dll MD5=8A22F6B4976053924FE93DEA8218D68A SIZE=128512
%PROGRAMFILES%\Easy CD-DA Extractor 10\ezcddax10.dll MD5=E2626002ED22287F22677F0DCC397BA5 SIZE=48128
%PROGRAMFILES%\WinZip\WZSHLSTB.DLL [WinZip Computing, S.L.] [WinZip] MD5=E8F88FF26E971473592A9129C443935D SIZE=10856
%COMMONFILES%\Microsoft Shared\OFFICE12\msoshext.dll [Microsoft Corporation] [Microsoft Office] MD5=0079E7EE294AC629D57FB8259F5A803E SIZE=935832
%PROGRAMFILES%\Hex Editor 3.x\heshell.dll [HHD Software] [Hex Editor 3] MD5=09813F4907ED8D4295F3A961937F8291 SIZE=49152
%PROGRAMFILES%\FTP Expert 3\ftpcntxt.dll [Visicom Media Inc.] [AceFTP v3] MD5=A0BF386666E350F1500D8AE9F536873C SIZE=117248
%PROGRAMFILES%\7-Zip\7-zip.dll [Igor Pavlov] [7-Zip] MD5=D59C279D12811A2F015C0616F9F91FD2 SIZE=69632
%PROGRAMFILES%\Nero\Nero 7\Nero CoverDesigner\CoverEdExtension.dll [Nero AG] [Cover Designer] MD5=B08BE238F67339373207C29E12EDDF4C SIZE=1967400
%COMMONFILES%\Ahead\Lib\NeroDigitalExt.dll [Nero AG] [Nero Digital Tools] MD5=BB4D75F836F2BEBC229E609257B8494F SIZE=1807656
%PROGRAMFILES%\Free Download Manager\FUM\fumshext.dll MD5=9A1FA2881372B0B2C09AF7E128C43FEE SIZE=86016
%PROGRAMFILES%\Creative\Creative MuVo V200\CTMvns.dll [Creative Technology Ltd] [CTMVNS Dynamic Link Library] MD5=86D1ADCEE6EF8C360377DDE679C8F790 SIZE=462848
%PROGRAMFILES%\Windows Live\Messenger\fsshext.8.5.1302.1018.dll [Microsoft Corporation] [Messenger] MD5=8BDE1F61DFBAAE7A2916170E8B75FE0F SIZE=329240
%PROGRAMFILES%\Windows Live\Mail\mailcomm.dll [Microsoft Corporation] [Messenger] MD5=6A69BEDDD514F21B8A216B85EAF330B5 SIZE=858136
%PROGRAMFILES%\StarV9\MatroskaProp\MatroskaProp.dll [Matroska Shell Ext] MD5=41166B70652C733F483BCEB9B96F1536 SIZE=1880064
%PROGRAMFILES%\a-squared Free\a2freecontmenu.dll [Emsi Software GmbH] [a-squared Free] MD5=FD8ED176A58621F1AABBDD7FE42174C5 SIZE=216208
%WINDIR%\BricoPacks\Vista Inspirat 2\iColorFolder\CMExt.dll [Revenger inc.] MD5=66CD17BEC14AD29C957FC77B797723E8 SIZE=46592
%PROGRAMFILES%\iTunes\iTunesMiniPlayer.dll [Apple Inc.] [iTunes] MD5=0B8FFF8B48A8FAEFA85F82B6B4D9DD4B SIZE=132392
%PROGRAMFILES%\AVG\AVG8\avgse.dll [AVG Technologies CZ, s.r.o.] [AVG Internet Security] MD5=EF2572FAD2583532FCC7FAC703B5601C SIZE=99608
%PROGRAMFILES%\Windows Live\Photo Gallery\WLXPhotoAcquireWizard.exe [Microsoft Corporation] [Windows Live Photo Gallery] MD5=47851C6AFE59E6B850D14E347A2FA4FC SIZE=229920
%SYSDIR%\rundll32.exe "C:\Program Files\Windows Live\Photo Gallery\WLXPhotoViewer.dll",PhotoViewerComServer {2BE99FD4-A181-4996-BFA9-58C5FFD11F6C}
%SYSDIR%\rundll32.exe "C:\Program Files\Windows Live\Photo Gallery\WLXPhotoViewer.dll",PhotoViewerComServer {00F30F64-AC33-42F5-8FD1-5DC2D3FDE06C}
%SYSDIR%\rundll32.exe "C:\Program Files\Windows Live\Photo Gallery\WLXPhotoViewer.dll",PhotoViewerComServer {00F374B7-B390-4884-B372-2FC349F2172B}
%PROGRAMFILES%\MarkAny\ContentSafer\MACSMANAGER.dll [MarkAny Cooperation.] [MACSMGR Module] MD5=4B6708F7D8152508A6DD870CB2896483 SIZE=192512
%PROGRAMFILES%\Grisoft\AVG Anti-Spyware 7.5\shellexecutehook.dll [GRISOFT s.r.o.] [AVG Anti-Spyware] MD5=3FD0B984601D65C6DA8E891A0D5905D1 SIZE=79408
%SYSDIR%\Drivers\AnyDVD.sys [SlySoft, Inc.] [AnyDVD] MD5=75AD133B0AF9FE096C3177385A56A4A8 SIZE=97600
%SYSDIR%\svchost.exe -k netsvcs
%SYSDIR%\DRIVERS\avgfwdx.sys [AVG Technologies CZ, s.r.o.] [AVG Internet Security] MD5=7F75D9CF0E7E4F76E11630532AA4AE9D SIZE=23296
%SYSDIR%\Drivers\avgldx86.sys [AVG Technologies CZ, s.r.o.] [AVG Internet Security] MD5=B02FBFA2FF91E8778A08F9A6053CCBE3 SIZE=97928
%SYSDIR%\Drivers\avgmfx86.sys [AVG Technologies CZ, s.r.o.] [AVG Internet Security] MD5=37A7618A843BB15B5430103C9945DC4C SIZE=26824
%SYSDIR%\Drivers\avgrkx86.sys [AVG Technologies CZ, s.r.o.] [AVG Internet Security] MD5=219DFC4CA7A1E930B3B7D1C55FBA0698 SIZE=12936
%SYSDIR%\Drivers\avgtdix.sys [AVG Technologies CZ, s.r.o.] [AVG Internet Security] MD5=C81DB4DD6E6E650BF90BDA09A00ACC94 SIZE=76040
%SYSDIR%\DRIVERS\bb-run.sys [Promise Technology, Inc.] [Promise® Disk Accelerator] MD5=7270D070173B20AC9487EA16BB08B45F SIZE=17408
%SYSDIR%\dllhost.exe \Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}
%SYSDIR%\svchost -k DcomLaunch
%SYSDIR%\svchost.exe -k NetworkService
%SYSDIR%\DRIVERS\e100b325.sys [Intel Corporation] [Intel(R) PRO/100 Adapter] MD5=83403675CAB29E7A4B885B11E7C855D8 SIZE=163328
%SYSDIR%\DRIVERS\ELacpi.sys [Intel Corporation] [Intel(R) Quick Resume Technology] MD5=0923AEC043F5D355B4EF0C2B29A362DE SIZE=9728
%SYSDIR%\Drivers\ElbyCDIO.sys [Elaborate Bytes AG] [CDRTools] MD5=AAA8999A169E39FB8B48AE49CD6AC30A SIZE=25160
%SYSDIR%\Drivers\Elhid.sys [Intel Corporation] [Intel(R) Quick Resume Technology] MD5=CBD71E7772F92BFB85CCC302B2DEEFBA SIZE=10112
%SYSDIR%\Drivers\Elkbd.sys [Intel Corporation] [Intel(R) Quick Resume Technology] MD5=AC75B576C45D144E146FD1F0576A1F53 SIZE=6912
%SYSDIR%\Drivers\Elmon.sys [Intel Corporation] [Intel(R) Quick Resume Technology] MD5=483CCE5E40137D4E437F4DEF55C80007 SIZE=7040
%SYSDIR%\Drivers\Elmou.sys [Intel Corporation] [Intel(R) Quick Resume Technology] MD5=8E88CAFEAC0812BF2D15BEEEDFCCE8BD SIZE=6400
%SYSDIR%\drivers\enodpl.sys MD5=B4556F3D468C8DCB0B259D9D866CD4C4 SIZE=7552
%SYSDIR%\DRIVERS\fbxusb32.sys [FreeBox SA] [Carte réseau virtuelle FreeBox USB pour Windows 2000/XP] MD5=504E93682655A7B3AF1FB5BFF3F44322 SIZE=21344
%SYSDIR%\DRIVERS\ftsata2.sys [Promise Technology, Inc.] [Promise FastTrak Series Driver] MD5=22399D3CE5840C6082844679CCA5D2FC SIZE=175104
%SYSDIR%\Drivers\GEARAspiWDM.sys [GEAR Software Inc.] [CD DVD Filter] MD5=5DC17164F66380CBFEFD895C18467773 SIZE=16168
%SYSDIR%\DRIVERS\iastor.sys [Intel Corporation] [Intel Matrix Storage Manager driver] MD5=88B1943ECFF661F765228099138CF6AB SIZE=250368
%SYSDIR%\Drivers\imagedrv.sys [Ahead Software AG] [Nero ImageDrive] MD5=552B6B3B889020B8A2D5525068A494B4 SIZE=11304
%SYSDIR%\DRIVERS\imagesrv.sys [Ahead Software AG] [Nero ImageDrive] MD5=1BE72919F1B489FB8C06AE7CEF45C659 SIZE=132904
%SYSDIR%\drivers\RtkHDAud.sys [Realtek Semiconductor Corp.] [Realtek(r) High Definition Audio Function Driver (HRTF data Copyright 1994 by MIT Media Lab)] MD5=12F4D2AA29745DC2A403FF42E75CF7FA SIZE=4353024
%SYSDIR%\drivers\PfModNT.sys [Creative Technology Ltd.] [PfModNT] MD5=0ABC514F6606324CE15484D079027798 SIZE=71596
%SYSDIR%\drivers\prodrv06.sys [Protection Technology] [StarForce Protection System] MD5=09921A58B4278BC16EFA91A8FE480C50 SIZE=54368
%SYSDIR%\drivers\prohlp02.sys [Protection Technology] [StarForce Protection System] MD5=97184F49AA0733F6EEA28ADA265BA8DA SIZE=115680
%SYSDIR%\drivers\prosync1.sys [Protection Technology] [StarForce Protection System] MD5=F3471E7971EE62420451D958DA635064 SIZE=6944
%SYSDIR%\DRIVERS\PS2.sys [Hewlett-Packard Company] [Hewlett-Packard Company PS2 SYS] MD5=390C204CED3785609AB24E9C52054A84 SIZE=19072
%SYSDIR%\svchost -k rpcss
%SYSDIR%\drivers\SbFw.sys [Sunbelt Software, Inc.] [Sunbelt Personal Firewall] MD5=B9C52B09EDE3A4A78A9F3D66E7B7268E SIZE=269736
%SYSDIR%\DRIVERS\sbfwim.sys [Sunbelt Software, Inc.] [Sunbelt Personal Firewall] MD5=F01B8409A11C319E3C5B9DD418676D2C SIZE=65576
%SYSDIR%\drivers\sbhips.sys [Sunbelt Software, Inc.] [Sunbelt Personal Firewall] MD5=31CA701F26EA66468AD3C3C6498755CE SIZE=66600
%SYSDIR%\drivers\sfdrv01.sys [Protection Technology (StarForce)] [SF FrontLine] MD5=9E7DEE11FD5A4355941A45F13C0ED59A SIZE=51200
%SYSDIR%\drivers\sfhlp01.sys [Protection Technology] [StarForce Protection System] MD5=462AEE0EA0481EA8BD45CAC876A4CCC4 SIZE=4832
%SYSDIR%\drivers\sfhlp02.sys [Protection Technology (StarForce)] [SF FrontLine] MD5=ECEFB59D2206D281E6D317AF0EA0D8BD SIZE=6656
%SYSDIR%\drivers\sfsync04.sys [Protection Technology (StarForce)] [SF FrontLine] MD5=05E3038180CD846B0BCA0E915163606A SIZE=50176
%SYSDIR%\drivers\sfvfs02.sys [Protection Technology] [StarForce Protection System] MD5=D5A7E09D2C6A702809E49190D52ADC9F SIZE=63488
%SYSDIR%\Drivers\sptd.sys SIZE=717296
%SYSDIR%\DRIVERS\ssmdrv.sys [Avira GmbH] MD5=3D2829FDE1C52FC64DA5413889CE4DEE SIZE=28352
%SYSDIR%\svchost.exe -k imgsvc
%PROGRAMFILES%\TGTSoft\StyleXP\StyleXPHelper.exe [Windows (R) 2000 DDK provider] [Windows (R) 2000 DDK driver] MD5=7E40B43922B2896F40A5930AF7489C60 SIZE=10880
%SYSDIR%\drivers\tandpl.sys MD5=126D7B3B4C7B724491C604060E1F4E14 SIZE=4736
%SYSDIR%\drivers\WmBEnum.sys [Logitech Inc.] [Logitech WingMan Software] MD5=1ABFD1399436E81C9D857F5FC76EAF98 SIZE=10144
%SYSDIR%\drivers\WmXlCore.sys [Logitech Inc.] [Logitech WingMan Software] MD5=2BF505424F469155CD90D7B3301D7ADC SIZE=45504
%SYSDIR%\svchost.exe -k WudfServiceGroup
%PROGRAMFILES%\Grisoft\AVG Anti-Spyware 7.5\guard.sys MD5=D6F4C1450699901048818B0C3AAF7A17 SIZE=11000
%PROGRAMFILES%\AVG\AVG8\avgpp.dll [AVG Technologies CZ, s.r.o.] [AVG Internet Security] MD5=5E0B47F3AE5D516F3A185ED62FF437D9 SIZE=79128
%PROGRAMFILES%\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll [Microsoft Corporation] [Messenger] MD5=56319E6B4D190A2DEB4463A9CE4D4F74 SIZE=66072
%WINDIR%\ALCMTR.EXE [Realtek Semiconductor Corp.] [Realtek AC97 Audio - Event Monitor] MD5=8B4CBBA1EA526830C7F97E7822E2493A SIZE=69632
%SYSDIR%\MACROMED\SHOCKWAVE 10\GTAPI.DLL MD5=B19256632FD0BA5BED01E80E29402384 SIZE=45056
End of Report
Je sais pas si il y a quelque chose de suspect la dedans, mais ma connexion internet s'est déjà bien améliorée...
Donc merci beaucoup, je reste à votre disposition si il faut faire d'autres scan ou autre...
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------
+ Créé à: 07:57:24 14/10/2008
+ Résultat de l'analyse:
C:\Documents and Settings\Guigui\Mes documents\LimeWire\Saved\The Red Hot Chili Peppers - Throw away your Television.mp3 -> Downloader.Wimad.n : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP65\A0020174.exe -> Not-A-Virus.Adware.EShoper : Ignoré.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP65\A0020175.exe -> Not-A-Virus.PSWTool.Win32.MSNPassword.e : Ignoré.
C:\Documents and Settings\Aggagate\Cookies\aggagate@snapfish.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\Aggagate\Cookies\aggagate@www.casinotropez[1].txt -> TrackingCookie.Casinotropez : Nettoyé.
C:\Documents and Settings\Aggagate\Cookies\aggagate@h.starware[2].txt -> TrackingCookie.Starware : Nettoyé.
C:\Documents and Settings\Aggagate\Cookies\aggagate@try.starware[1].txt -> TrackingCookie.Starware : Nettoyé.
C:\Documents and Settings\HP_Administrateur\Cookies\hp_administrateur@www.vegasred[1].txt -> TrackingCookie.Vegasred : Nettoyé.
C:\Documents and Settings\Aggagate\Cookies\aggagate@aimfar.solution.weborama[2].txt -> TrackingCookie.Weborama : Nettoyé.
C:\Documents and Settings\HP_Administrateur\Cookies\hp_administrateur@boursoramabanque.solution.weborama[2].txt -> TrackingCookie.Weborama : Nettoyé.
C:\Documents and Settings\Mathilde\Cookies\mathilde@cetelem.solution.weborama[2].txt -> TrackingCookie.Weborama : Nettoyé.
C:\Documents and Settings\Mathilde\Cookies\mathilde@laredoute.solution.weborama[2].txt -> TrackingCookie.Weborama : Nettoyé.
C:\Documents and Settings\Guigui\Local Settings\temp\33C781C0.dll -> Trojan.Agent : Erreur lors du nettoyage.
C:\Documents and Settings\Guigui\Local Settings\temp\8E0173E3.dll -> Trojan.Agent : Erreur lors du nettoyage.
Fin du rapport
Et un coup de Spyware Terminator :
Logfile of Spyware Terminator v2.3.0.494 (db:1.000.000.000)
Scan Time: 13/10/2008 21:55:46 length: 8291 s
Platform: WXP (5.1.0.2600)
User: Admin
Boot Mode: Normal
Scan type: Full_Spyware_Scan
Scanned Objects: 338056 (Critical:6)
Filter: No System items, No Safe items, No Invalid items
Running Processes
StyleXPService.exe : C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
avgwdsvc.exe [AVG Technologies CZ, s.r.o.] : C:\Program Files\AVG\AVG8\avgwdsvc.exe
CooLSrv.exe : C:\Program Files\CPUCooL\CooLSrv.exe
Iaantmon.exe [Intel Corporation] : C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
nvsvc32.exe [NVIDIA Corporation] : C:\WINDOWS\system32\nvsvc32.exe
PnkBstrA.exe : C:\WINDOWS\system32\PnkBstrA.exe
SbPFSvc.exe [Sunbelt Software, Inc.] : C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe
avgam.exe [AVG Technologies CZ, s.r.o.] : C:\Program Files\AVG\AVG8\avgam.exe
avgrsx.exe [AVG Technologies CZ, s.r.o.] : C:\Program Files\AVG\AVG8\avgrsx.exe
avgnsx.exe [AVG Technologies CZ, s.r.o.] : C:\Program Files\AVG\AVG8\avgnsx.exe
SbPFCl.exe [Sunbelt Software, Inc.] : C:\Program Files\Sunbelt Software\Personal Firewall\SbPFCl.exe
avgtray.exe [AVG Technologies CZ, s.r.o.] : C:\Program Files\AVG\AVG8\avgtray.exe
steam.exe [Valve Corporation] : C:\Program Files\steam\steam.exe
RocketDock.exe : C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
UberIcon Manager.exe : C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
avgas.exe [GRISOFT s.r.o.] : C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
Internet Settings
R - HKLM\Software\Microsoft\Internet Explorer\Main, Start Page = http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
R - HKLM\Software\Microsoft\Internet Explorer\Search, SearchAssistant = https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchasst.htm
R - HKLM\Software\Microsoft\Internet Explorer\Search, CustomizeSearch = https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchcust.htm
R - HKLM\System\CurrentControlSet\Services\Tcpip\Parameters, Domain =
R - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Telephony, DomainName =
BHO
02 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - [Yahoo! Inc.] : C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
02 - BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - [Adobe Systems Incorporated] : C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
02 - BHO: AVG Safe Search - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - [AVG Technologies CZ, s.r.o.] : C:\Program Files\AVG\AVG8\avgssie.dll
02 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - [Safer Networking Limited] : C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
02 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - [Sun Microsystems, Inc.] : C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
02 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - [AVG, Technologies CZ, s.r.o] : C:\Program Files\AVG\AVG8\avgtoolbar.dll
02 - BHO: FDMUploadBtnForIe Class - {FD4E2FF8-973C-4A19-89BD-8E86B3CFCFE1} - : C:\Program Files\Free Download Manager\FUM\fumiebtn.dll
Toolbars
03 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - [Yahoo! Inc.] : C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
03 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - [AVG, Technologies CZ, s.r.o] : C:\Program Files\AVG\AVG8\avgtoolbar.dll
StartUps
04 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Steam : [Valve Corporation] : C:\Program Files\steam\steam.exe
04 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, RocketDock : : C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
04 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, UberIcon : : C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, AVG8_TRAY : [AVG Technologies CZ, s.r.o.] : C:\Program Files\AVG\AVG8\avgtray.exe
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, ClockGen : [CPUID.com] : C:\Documents and Settings\Guigui\Bureau\CLOCKGEN.EXE
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, !AVG Anti-Spyware : [GRISOFT s.r.o.] : C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
04 - Startup: %STARTUP%\Mozilla Thunderbird.lnk [Mozilla Corporation] : C:\Program Files\Mozilla Thunderbird\thunderbird.exe
04 - Startup: %STARTUP%\RocketDock.lnk : C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
04 - Startup: %STARTUP%\TransBar.lnk [AKSoftware] : C:\WINDOWS\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe
04 - Startup: %STARTUP%\UberIcon.lnk : C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
Shell Extensions
Desktop Explorer - {1CDB2949-8F65-4355-8456-263E7C208A5D} - [NVIDIA Corporation] : C:\WINDOWS\system32\nvshell.dll
- {1E9B04FB-F9E5-4718-997B-B8DA88302A47} - [NVIDIA Corporation] : C:\WINDOWS\system32\nvshell.dll
nView Desktop Context Menu - {1E9B04FB-F9E5-4718-997B-B8DA88302A48} - [NVIDIA Corporation] : C:\WINDOWS\system32\nvshell.dll
ShellViewRTF - {7F67036B-66F1-411A-AD85-759FB9C5B0DB} - [XSS] : C:\WINDOWS\system32\ShellvRTF.dll
WinRAR - {B41DB860-8EE4-11D2-9906-E49FADC173CA} - : C:\Program Files\WinRAR\rarext.dll
EzCddax Class - {46E22146-59C0-4136-9233-FB7720E777B2} - : C:\Program Files\Easy CD-DA Extractor 10\ezcddax10.dll
WinZip - {E0D79304-84BE-11CE-9641-444553540000} - [WinZip Computing, S.L.] : C:\Program Files\WinZip\WZSHLSTB.DLL
WinZip - {E0D79305-84BE-11CE-9641-444553540000} - [WinZip Computing, S.L.] : C:\Program Files\WinZip\WZSHLSTB.DLL
WinZip - {E0D79306-84BE-11CE-9641-444553540000} - [WinZip Computing, S.L.] : C:\Program Files\WinZip\WZSHLSTB.DLL
WinZip - {E0D79307-84BE-11CE-9641-444553540000} - [WinZip Computing, S.L.] : C:\Program Files\WinZip\WZSHLSTB.DLL
Microsoft Office Metadata Handler - {993BE281-6695-4BA5-8A2A-7AACBFAAB69E} - [Microsoft Corporation] : C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\msoshext.dll
Microsoft Office Thumbnail Handler - {C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97} - [Microsoft Corporation] : C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\msoshext.dll
ShellExt Class - {B95713CD-06FF-4D35-A9DA-4DBDFE5FD7F4} - [HHD Software] : C:\Program Files\Hex Editor 3.x\heshell.dll
- {1EBC3533-B289-409F-9924-B84B3F0717D2} - [Visicom Media Inc.] : C:\Program Files\FTP Expert 3\ftpcntxt.dll
7-Zip Shell Extension - {23170F69-40C1-278A-1000-000100020000} - [Igor Pavlov] : C:\Program Files\7-Zip\7-zip.dll
NeroCoverEdLiveIcons Class - {97F68CE3-7146-45FF-BE24-D9A7DD7CB8A2} - [Nero AG] : C:\Program Files\Nero\Nero 7\Nero CoverDesigner\CoverEdExtension.dll
NeroDigitalIconHandler Class - {B327765E-D724-4347-8B16-78AE18552FC3} - [Nero AG] : C:\Program Files\Fichiers communs\Ahead\Lib\NeroDigitalExt.dll
NeroDigitalPropSheetHandler Class - {7F1CF152-04F8-453A-B34C-E609530A9DC8} - [Nero AG] : C:\Program Files\Fichiers communs\Ahead\Lib\NeroDigitalExt.dll
FdmUplShlExt Class - {F49C55B9-D417-45A1-A6E7-D6E057946280} - : C:\Program Files\Free Download Manager\FUM\fumshext.dll
MuVo V200 Media Explorer - {0E40CBF0-0263-4AD4-A71B-11316667CBB7} - [Creative Technology Ltd] : C:\Program Files\Creative\Creative MuVo V200\CTMvns.dll
Mes dossiers de partage - {FC9FB64A-1EB2-4CCF-AF5E-1A497A9B5C2D} - [Microsoft Corporation] : C:\Program Files\Windows Live\Messenger\fsshext.8.5.1302.1018.dll
Nokia Phone Browser - {416651E4-9C3C-11D9-8BDE-F66BAD1E3F3A} - [Nokia] : C:\Program Files\Nokia\Nokia PC Suite 6\phonebrowser.dll
CLSID_WLMCMimeFilter - {0563DB41-F538-4B37-A92D-4659049B7766} - [Microsoft Corporation] : C:\Program Files\Windows Live\Mail\mailcomm.dll
The Matroska Shell Extension, Prop Page CLSID - {780BCB64-0CAF-473c-A9FC-E08C03D75515} - : C:\Program Files\StarV9\MatroskaProp\MatroskaProp.dll
The Matroska Shell Extension, Thumbnail Handler CLSID - {78DC191E-EFC1-4532-9A71-224577A86A7D} - : C:\Program Files\StarV9\MatroskaProp\MatroskaProp.dll
The Matroska Shell Extension, Tooltip Provider CLSID - {794D04CA-70AC-4020-80EB-FFD59DEF8027} - : C:\Program Files\StarV9\MatroskaProp\MatroskaProp.dll
The Matroska Shell Extension, Context Menu CLSID - {789111D8-68A3-46a3-9663-145A3FF4C9C9} - : C:\Program Files\StarV9\MatroskaProp\MatroskaProp.dll
The Matroska Shell Extension, Column Provider CLSID - {781395AF-A127-469f-A06F-59B482AF4F3F} - : C:\Program Files\StarV9\MatroskaProp\MatroskaProp.dll
a-squared Free Shell Extension - {A155339D-CCCD-4714-85EB-3754B804C9DF} - [Emsi Software GmbH] : C:\Program Files\a-squared Free\a2freecontmenu.dll
TuneUp Theme Extension - {44440D00-FF19-4AFC-B765-9A0970567D97} - [TuneUp Software GmbH] : C:\WINDOWS\system32\uxtuneup.dll
CMenuExtender - {ABC70703-32AF-11d4-90C4-D483A70F4825} - [Revenger inc.] : C:\WINDOWS\BricoPacks\Vista Inspirat 2\iColorFolder\CMExt.dll
iTunes - {B9E1D2CB-CCFF-4AA6-9579-D7A4754030EF} - [Apple Inc.] : C:\Program Files\iTunes\iTunesMiniPlayer.dll
AVG8 Shell Extension Class - {9F97547E-4609-42C5-AE0C-81C61FFAEBC3} - [AVG Technologies CZ, s.r.o.] : C:\Program Files\AVG\AVG8\avgse.dll
- {06A2568A-CED6-4187-BB20-400B8C02BE5A} - [Microsoft Corporation] : C:\Program Files\Windows Live\Photo Gallery\WLXPhotoAcquireWizard.exe
Shell Extecute Hooks
ShellHook Class - {{88485281-8b4b-4f8d-9ede-82e29a064277}} - [MarkAny Cooperation.] : C:\Program Files\MarkAny\ContentSafer\MACSMANAGER.dll
CShellExecuteHookImpl Object - {{57B86673-276A-48B2-BAE7-C6DBB3020EB8}} - [GRISOFT s.r.o.] : C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\shellexecutehook.dll
Protocol Handler
XPLPPFilter Class - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - [AVG Technologies CZ, s.r.o.] : C:\Program Files\AVG\AVG8\avgpp.dll
- {828030A1-22C1-4009-854F-8E305202313F} - [Microsoft Corporation] : C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll
- {828030A1-22C1-4009-854F-8E305202313F} - [Microsoft Corporation] : C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll
Windows Live Mail HTML Asynchronous Pluggable Protocol Handler - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - [Microsoft Corporation] : C:\Program Files\Windows Live\Mail\mailcomm.dll
Services
23 - [SlySoft, Inc.] : C:\WINDOWS\system32\Drivers\AnyDVD.sys
23 - [AVG Technologies CZ, s.r.o.] : C:\Program Files\AVG\AVG8\avgwdsvc.exe
23 - [AVG Technologies CZ, s.r.o.] : C:\WINDOWS\system32\DRIVERS\avgfwdx.sys
23 - [AVG Technologies CZ, s.r.o.] : C:\WINDOWS\system32\Drivers\avgldx86.sys
23 - [AVG Technologies CZ, s.r.o.] : C:\WINDOWS\system32\Drivers\avgmfx86.sys
23 - [AVG Technologies CZ, s.r.o.] : C:\WINDOWS\system32\Drivers\avgrkx86.sys
23 - [AVG Technologies CZ, s.r.o.] : C:\WINDOWS\system32\Drivers\avgtdix.sys
23 - [Promise Technology, Inc.] : C:\WINDOWS\system32\DRIVERS\bb-run.sys
23 - : C:\Program Files\CPUCooL\CooLSrv.exe
23 - [Intel Corporation] : C:\WINDOWS\system32\DRIVERS\e100b325.sys
23 - [Intel Corporation] : C:\WINDOWS\system32\DRIVERS\ELacpi.sys
23 - [Elaborate Bytes AG] : C:\WINDOWS\system32\Drivers\ElbyCDIO.sys
23 - [Intel Corporation] : C:\WINDOWS\system32\Drivers\Elhid.sys
23 - [Intel Corporation] : C:\WINDOWS\system32\Drivers\Elkbd.sys
23 - [Intel Corporation] : C:\WINDOWS\system32\Drivers\Elmon.sys
23 - [Intel Corporation] : C:\WINDOWS\system32\Drivers\Elmou.sys
23 - : C:\WINDOWS\system32\drivers\enodpl.sys
23 - [FreeBox SA] : C:\WINDOWS\system32\DRIVERS\fbxusb32.sys
23 - [Promise Technology, Inc.] : C:\WINDOWS\system32\DRIVERS\ftsata2.sys
23 - [GEAR Software Inc.] : C:\WINDOWS\system32\Drivers\GEARAspiWDM.sys
23 - [Intel Corporation] : C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
23 - [Intel Corporation] : C:\WINDOWS\system32\DRIVERS\iastor.sys
23 - [Ahead Software AG] : C:\WINDOWS\system32\Drivers\imagedrv.sys
23 - [Ahead Software AG] : C:\WINDOWS\system32\DRIVERS\imagesrv.sys
23 - [Realtek Semiconductor Corp.] : C:\WINDOWS\system32\drivers\RtkHDAud.sys
23 - [NVIDIA Corporation] : C:\WINDOWS\system32\nvsvc32.exe
23 - [Creative Technology Ltd.] : C:\WINDOWS\system32\drivers\PfModNT.sys
23 - : C:\WINDOWS\system32\PnkBstrA.exe
23 - [Protection Technology] : C:\WINDOWS\system32\drivers\prodrv06.sys
23 - [Protection Technology] : C:\WINDOWS\system32\drivers\prohlp02.sys
23 - [Protection Technology] : C:\WINDOWS\system32\drivers\prosync1.sys
23 - [Hewlett-Packard Company] : C:\WINDOWS\system32\DRIVERS\PS2.sys
23 - [Sunbelt Software, Inc.] : C:\WINDOWS\system32\drivers\SbFw.sys
23 - [Sunbelt Software, Inc.] : C:\WINDOWS\system32\DRIVERS\sbfwim.sys
23 - [Sunbelt Software, Inc.] : C:\WINDOWS\system32\drivers\sbhips.sys
23 - [Protection Technology (StarForce)] : C:\WINDOWS\system32\drivers\sfdrv01.sys
23 - [Protection Technology] : C:\WINDOWS\system32\drivers\sfhlp01.sys
23 - [Protection Technology (StarForce)] : C:\WINDOWS\system32\drivers\sfhlp02.sys
23 - [Protection Technology (StarForce)] : C:\WINDOWS\system32\drivers\sfsync04.sys
23 - [Protection Technology] : C:\WINDOWS\system32\drivers\sfvfs02.sys
23 - [Sunbelt Software, Inc.] : C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe
23 - : C:\WINDOWS\system32\Drivers\sptd.sys
23 - [Avira GmbH] : C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
23 - [Windows (R) 2000 DDK provider] : C:\Program Files\TGTSoft\StyleXP\StyleXPHelper.exe
23 - : C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
23 - : C:\WINDOWS\system32\drivers\tandpl.sys
23 - [Logitech Inc.] : C:\WINDOWS\system32\drivers\WmBEnum.sys
23 - [Logitech Inc.] : C:\WINDOWS\system32\drivers\WmXlCore.sys
23 - : C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.sys
IE URL Search Hooks
Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {{EF99BD32-C1FB-11D2-892F-0090271D4F88}} - [Yahoo! Inc.] : C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
Threat Files
<Advanced Access Password Recovery> : C:\WINDOWS\system32\Acpr.ini
<Advanced Access Password Recovery> : C:\WINDOWS\acpr.INI
<RiskTool.Reboot.f> : C:\Program Files\Mozilla Firefox\SmitfraudFix\Reboot.exe
<SPR.Tool.Hardoff.A> : C:\Program Files\Mozilla Firefox\SmitfraudFix\restart.exe
Advanced Files Report
%PROGRAMFILES%\Bonjour\mdnsNSP.dll [Apple Inc.] [Bonjour] MD5=EDDEC321B128328BC370A5447F7F8D69 SIZE=147456
%SYSDIR%\uxtuneup.dll [TuneUp Software GmbH] [TuneUp Utilities] MD5=838C97B3D28BFEBDD11D12ADFE957004 SIZE=28416
%PROGRAMFILES%\TGTSoft\StyleXP\StyleXPService.exe [StyleXPService Module] MD5=564286A42AF81FB2B61EED32FCDE020C SIZE=372736
%SYSDIR%\hpzlnt04.dll [HP] [HP DeskJet] MD5=6B94178802A0F6AB5418DF08C7554020 SIZE=114744
%PROGRAMFILES%\AVG\AVG8\avgwdsvc.exe [AVG Technologies CZ, s.r.o.] [AVG Internet Security] MD5=9B40D378D4E521464212E878BE8216A4 SIZE=231704
%PROGRAMFILES%\AVG\AVG8\avglogx.dll [AVG Technologies CZ, s.r.o.] [AVG Internet Security] MD5=B1B76B1EB05C900E7BF3F9C9537A1AA2 SIZE=161048
%PROGRAMFILES%\AVG\AVG8\avgwd.dll [AVG Technologies CZ, s.r.o.] [AVG Internet Security] MD5=DA705898F1AE91C40BC86820CF818D6B SIZE=840984
%PROGRAMFILES%\AVG\AVG8\avgcfgx.dll [AVG Technologies CZ, s.r.o.] [AVG Internet Security] MD5=A62BF0EB428EE1357A150183892884A4 SIZE=558872
%PROGRAMFILES%\AVG\AVG8\avgsched.dll [AVG Technologies CZ, s.r.o.] [AVG Internet Security] MD5=1C0555F8791D939049D592B1665570AB SIZE=330520
%PROGRAMFILES%\AVG\AVG8\avgwdwsc.dll [AVG Technologies CZ, s.r.o.] [AVG Internet Security] MD5=9B41D18E917A2ACC0A0F9602E4FB9D18 SIZE=223512
%PROGRAMFILES%\AVG\AVG8\avglngx.dll [AVG Technologies CZ, s.r.o.] [AVG Internet Security] MD5=2CA014E470602E772B2AEC9DF0D5D49C SIZE=153344
%PROGRAMFILES%\CPUCooL\CooLSrv.exe MD5=799D1C3474DD49EE02DDCE7E4960154A SIZE=118784
%PROGRAMFILES%\Intel\Intel Matrix Storage Manager\Iaantmon.exe [Intel Corporation] [RAID Monitor] MD5=BA523965D72D750FAD439EA51D633BAE SIZE=81920
%SYSDIR%\nvsvc32.exe [NVIDIA Corporation] [NVIDIA Driver Helper Service, Version 175.19] MD5=0C41C4ACFE00D826DB479C40C1D9EDC8 SIZE=159812
%SYSDIR%\nvapi.dll [NVIDIA Corporation] [NVIDIA Windows drivers] MD5=E639279A5EF179BA87EC70B5BCC315D1 SIZE=425984
%SYSDIR%\PnkBstrA.exe MD5=19E83B09AB8EE1D837665DA941E2AC44 SIZE=66872
%PROGRAMFILES%\Sunbelt Software\Personal Firewall\SbPFSvc.exe [Sunbelt Software, Inc.] [Sunbelt Personal Firewall] MD5=7450901C2EBD4014B28F32A008B9880C SIZE=1361192
%PROGRAMFILES%\Sunbelt Software\Personal Firewall\kticonv.dll [Free Software Foundation] [libiconv: character set conversion library] MD5=EADF6E67D2F2B445E07B55073264B4FF SIZE=888832
%PROGRAMFILES%\Sunbelt Software\Personal Firewall\PocoFoundation.dll MD5=8342EA2FB9B9DED9634D5E684A81AF0A SIZE=859648
%PROGRAMFILES%\Sunbelt Software\Personal Firewall\PocoXml.dll MD5=668AAB2221F2C588A2200543CCF14FEA SIZE=470016
%PROGRAMFILES%\Sunbelt Software\Personal Firewall\PocoExt.dll MD5=50764019F146982007AC5DEF44971708 SIZE=18432
%PROGRAMFILES%\Sunbelt Software\Personal Firewall\LibEay32.dll MD5=96373C802D27D4F942B3D8E24F1CBDCE SIZE=827392
%PROGRAMFILES%\Sunbelt Software\Personal Firewall\SSLeay32.dll MD5=E4DF774312A6C2215D36F42E2CE8D4D8 SIZE=155648
%PROGRAMFILES%\Sunbelt Software\Personal Firewall\CurlLib.dll [The cURL library, https://curl.se/] [The cURL library] MD5=8156230FCFFADDB2A6B4623D64CE8282 SIZE=290816
%PROGRAMFILES%\Sunbelt Software\Personal Firewall\SbPFWsc.dll [Sunbelt Software, Inc.] [Sunbelt Personal Firewall] MD5=112BD57F9068EC13D37C28F960CAE27B SIZE=79144
%PROGRAMFILES%\Sunbelt Software\Personal Firewall\SbFwe.dll [Sunbelt Software, Inc.] [Sunbelt Personal Firewall] MD5=2C91326C1105279F6CF56DD2D7513B32 SIZE=275752
%PROGRAMFILES%\Sunbelt Software\Personal Firewall\SbFw.dll [Sunbelt Software, Inc.] [Sunbelt Personal Firewall] MD5=66E2015747C36436758EF253323AF9A2 SIZE=95528
%PROGRAMFILES%\Sunbelt Software\Personal Firewall\SbFwIm.dll [Sunbelt Software, Inc.] [Sunbelt Personal Firewall] MD5=341043CF39FD05540D35544FCCD6965C SIZE=91432
%PROGRAMFILES%\AVG\AVG8\avgam.exe [AVG Technologies CZ, s.r.o.] [AVG Internet Security] MD5=AC67ECB5AD03CE4A3FB971221F574E6B SIZE=638744
%PROGRAMFILES%\AVG\AVG8\avgameh.dll [AVG Technologies CZ, s.r.o.] [AVG Internet Security] MD5=63C69301D0D9DAAC0A57B7582DA2FCB4 SIZE=312600
%PROGRAMFILES%\AVG\AVG8\avgrsx.exe [AVG Technologies CZ, s.r.o.] [AVG Internet Security] MD5=BA1CE056CE1466CA28CE118585EA86C4 SIZE=287000
%PROGRAMFILES%\AVG\AVG8\avgcorex.dll [AVG Technologies CZ, s.r.o.] [AVG Internet Security] MD5=2B92EE81D2566A27D9F4237744378FE9 SIZE=1352984
%PROGRAMFILES%\AVG\AVG8\avgcrlpx.dll [AVG Technologies CZ, s.r.o.] [AVG Internet Security] MD5=97A5373C9534FDA276986EA9FF027BE2 SIZE=67352
%PROGRAMFILES%\AVG\AVG8\avgnsx.exe [AVG Technologies CZ, s.r.o.] [AVG Internet Security] MD5=C9BEA16C638562EB677746D07C673F07 SIZE=424216
%PROGRAMFILES%\AVG\AVG8\avgxpl.dll [AVG Technologies CZ, s.r.o.] [AVG Internet Security] MD5=46E496E55B46296A2424711FB866BD13 SIZE=308504
%PROGRAMFILES%\AVG\AVG8\imsdk32.dll [Winco Sistemas] [IMFilter SDK] MD5=F758AE597908DD3292B0DCC9D9038AFC SIZE=349464
%PROGRAMFILES%\Nokia\Nokia PC Suite 6\phonebrowser.dll [Nokia] [Phone Browser] MD5=015055BE9CD9058778CB74D8739718F2 SIZE=619520
%PROGRAMFILES%\Nokia\Nokia PC Suite 6\PCSCM.dll [Nokia] [PC Suite Common Modules] MD5=4F0C300F9B76A055E45290770C6CFA27 SIZE=716800
%PROGRAMFILES%\Nokia\Nokia PC Suite 6\Lang\PhoneBrowser_fre.nlr [Nokia] [Nokia Phone Browser] MD5=DCCB1A0C80E5FFE36D7F55D0BCA923A9 SIZE=31744
%PROGRAMFILES%\Nokia\Nokia PC Suite 6\Resource\PhoneBrowser_Nokia.ngr [Nokia] [Nokia Phone Browser] MD5=5467EF5A65CC71E4FF5B6D0BDAC3CB08 SIZE=543744
%WINDIR%\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon.dll MD5=08E088D05B15A7C6121B8CE91D779808 SIZE=65536
%WINDIR%\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.dll MD5=B84E20C5487E3F6FD5F9E8943AC4674A SIZE=69632
%COMMONFILES%\Adobe\Acrobat\ActiveX\PDFShell.FRA [Adobe Systems, Inc.] [Adobe PDF Shell Extension] MD5=0A732A8A66E2657B194AC5F967658A23 SIZE=311296
%PROGRAMFILES%\Sunbelt Software\Personal Firewall\SbPFCl.exe [Sunbelt Software, Inc.] [Sunbelt Personal Firewall] MD5=089645D2961F6B58D6CDA09F36025EA3 SIZE=1705256
%PROGRAMFILES%\AVG\AVG8\avguires.dll [AVG Technologies CZ, s.r.o.] [AVG Internet Security] MD5=A03ADC38419D2AF1DD21C0E97045D276 SIZE=1948440
%PROGRAMFILES%\AVG\AVG8\avgsrmx.dll [AVG Technologies CZ, s.r.o.] [AVG Internet Security] MD5=69C4C000181FB2DDADA78D19CC8582FB SIZE=358168
%PROGRAMFILES%\AVG\AVG8\avgvvx.dll [AVG Technologies CZ, s.r.o.] [AVG Internet Security] MD5=A9EF8813AE4B65AB6A2DA628388D702D SIZE=309016
%PROGRAMFILES%\AVG\AVG8\avgscanx.dll [AVG Technologies CZ, s.r.o.] [AVG Internet Security] MD5=BCF1CEDC91F5D694F8274782C26FC62C SIZE=294168
%PROGRAMFILES%\AVG\AVG8\avgmvflx.dll [AVG Technologies CZ, s.r.o.] [AVG Internet Security] MD5=D7DC98FF8B0C3F777F83603C538E6295 SIZE=281880
%PROGRAMFILES%\steam\Steam.dll [Valve Corporation] [Steam] MD5=09DD88EB74AF0A2B65963A2B3222A38E SIZE=3073272
%PROGRAMFILES%\steam\SteamUI.dll [Valve Corporation] [SteamUI Dynamic Link Library] MD5=447799E858BE2D3A975E6F80CFDCDAD3 SIZE=2938104
%PROGRAMFILES%\steam\vstdlib_s.dll [Valve Corporation] [Steam] MD5=66F50E4B646104AA83388710335112A5 SIZE=365816
%PROGRAMFILES%\steam\tier0_s.dll [Valve Corporation] [tier0_s Dynamic Link Library] MD5=4C73A09769D793CB5E69F56E00E651D8 SIZE=238840
%PROGRAMFILES%\Steam\bin\FileSystem_Steam.dll [Valve Corporation] [Steam] MD5=4184562F62BE8319141D94F45E94B972 SIZE=193272
%PROGRAMFILES%\Steam\bin\vgui2.dll [Valve Corporation] [Steam] MD5=B3B8FF71BB0BA510715245BA9764B5DE SIZE=465392
%PROGRAMFILES%\steam\steamclient.dll [Valve Corporation] [Steam] MD5=27D66EEF1FC371AC7E24E4BCC625EBA8 SIZE=2640368
%PROGRAMFILES%\steam\bin\p2pvoice.dll [Valve Corporation] [Steam P2P Voice Library] MD5=C09A8C09DF41F7D39CD14CFE4D0FF9E4 SIZE=1193208
%PROGRAMFILES%\steam\bin\mss32_s.dll [RAD Game Tools, Inc.] [Miles Sound System] MD5=0B87140484E4E240ADABBD3B957A2BB6 SIZE=540672
%PROGRAMFILES%\steam\bin\SteamService.dll [Valve Corporation] [Steam Client Service Library] MD5=D049E7236C6B6EE02D0530881AA4A8FC SIZE=657904
%WINDIR%\BricoPacks\Vista Inspirat 2\UberIcon\Plugins\iZoom\fx.dll MD5=BA8F81ADB16685571CFDCBC73A4D8621 SIZE=57344
%COMMONFILES%\Ahead\Lib\MediaLibraryNSE.dll [Nero AG] [Nero File Dialog] MD5=236773C874BEC375F3040D8E17E58A9C SIZE=1291560
%PROGRAMFILES%\Mozilla Thunderbird\thunderbird.exe [Mozilla Corporation] [Thunderbird] MD5=76ADB8C3BF66C8859F08F34E8D230EDC SIZE=8501360
%WINDIR%\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe [AKSoftware] [TransBar] MD5=67102D07691C835B4AE03CE18D6FACE5 SIZE=65536
%PROGRAMFILES%\Yahoo!\Companion\Installs\cpn\yt.dll [Yahoo! Inc.] [Yahoo! Toolbar] MD5=2785037CE05B63D5607C9D5DFB2FEEE4 SIZE=440384
%PROGRAMFILES%\Free Download Manager\FUM\fumiebtn.dll MD5=DC2FDEB06240E4DB9FB2BDD0A25DC299 SIZE=77824
%SYSDIR%\nvshell.dll [NVIDIA Corporation] [NVIDIA Desktop Explorer, Version 111.75] MD5=70BDDEE1D46FC4E98AD76A4B4EBE63FF SIZE=466944
%SYSDIR%\ShellvRTF.dll [XSS] [XSS ShellvRTF] MD5=B309190CEDF4A4E60865787DDE826901 SIZE=237568
%PROGRAMFILES%\WinRAR\rarext.dll MD5=8A22F6B4976053924FE93DEA8218D68A SIZE=128512
%PROGRAMFILES%\Easy CD-DA Extractor 10\ezcddax10.dll MD5=E2626002ED22287F22677F0DCC397BA5 SIZE=48128
%PROGRAMFILES%\WinZip\WZSHLSTB.DLL [WinZip Computing, S.L.] [WinZip] MD5=E8F88FF26E971473592A9129C443935D SIZE=10856
%COMMONFILES%\Microsoft Shared\OFFICE12\msoshext.dll [Microsoft Corporation] [Microsoft Office] MD5=0079E7EE294AC629D57FB8259F5A803E SIZE=935832
%PROGRAMFILES%\Hex Editor 3.x\heshell.dll [HHD Software] [Hex Editor 3] MD5=09813F4907ED8D4295F3A961937F8291 SIZE=49152
%PROGRAMFILES%\FTP Expert 3\ftpcntxt.dll [Visicom Media Inc.] [AceFTP v3] MD5=A0BF386666E350F1500D8AE9F536873C SIZE=117248
%PROGRAMFILES%\7-Zip\7-zip.dll [Igor Pavlov] [7-Zip] MD5=D59C279D12811A2F015C0616F9F91FD2 SIZE=69632
%PROGRAMFILES%\Nero\Nero 7\Nero CoverDesigner\CoverEdExtension.dll [Nero AG] [Cover Designer] MD5=B08BE238F67339373207C29E12EDDF4C SIZE=1967400
%COMMONFILES%\Ahead\Lib\NeroDigitalExt.dll [Nero AG] [Nero Digital Tools] MD5=BB4D75F836F2BEBC229E609257B8494F SIZE=1807656
%PROGRAMFILES%\Free Download Manager\FUM\fumshext.dll MD5=9A1FA2881372B0B2C09AF7E128C43FEE SIZE=86016
%PROGRAMFILES%\Creative\Creative MuVo V200\CTMvns.dll [Creative Technology Ltd] [CTMVNS Dynamic Link Library] MD5=86D1ADCEE6EF8C360377DDE679C8F790 SIZE=462848
%PROGRAMFILES%\Windows Live\Messenger\fsshext.8.5.1302.1018.dll [Microsoft Corporation] [Messenger] MD5=8BDE1F61DFBAAE7A2916170E8B75FE0F SIZE=329240
%PROGRAMFILES%\Windows Live\Mail\mailcomm.dll [Microsoft Corporation] [Messenger] MD5=6A69BEDDD514F21B8A216B85EAF330B5 SIZE=858136
%PROGRAMFILES%\StarV9\MatroskaProp\MatroskaProp.dll [Matroska Shell Ext] MD5=41166B70652C733F483BCEB9B96F1536 SIZE=1880064
%PROGRAMFILES%\a-squared Free\a2freecontmenu.dll [Emsi Software GmbH] [a-squared Free] MD5=FD8ED176A58621F1AABBDD7FE42174C5 SIZE=216208
%WINDIR%\BricoPacks\Vista Inspirat 2\iColorFolder\CMExt.dll [Revenger inc.] MD5=66CD17BEC14AD29C957FC77B797723E8 SIZE=46592
%PROGRAMFILES%\iTunes\iTunesMiniPlayer.dll [Apple Inc.] [iTunes] MD5=0B8FFF8B48A8FAEFA85F82B6B4D9DD4B SIZE=132392
%PROGRAMFILES%\AVG\AVG8\avgse.dll [AVG Technologies CZ, s.r.o.] [AVG Internet Security] MD5=EF2572FAD2583532FCC7FAC703B5601C SIZE=99608
%PROGRAMFILES%\Windows Live\Photo Gallery\WLXPhotoAcquireWizard.exe [Microsoft Corporation] [Windows Live Photo Gallery] MD5=47851C6AFE59E6B850D14E347A2FA4FC SIZE=229920
%SYSDIR%\rundll32.exe "C:\Program Files\Windows Live\Photo Gallery\WLXPhotoViewer.dll",PhotoViewerComServer {2BE99FD4-A181-4996-BFA9-58C5FFD11F6C}
%SYSDIR%\rundll32.exe "C:\Program Files\Windows Live\Photo Gallery\WLXPhotoViewer.dll",PhotoViewerComServer {00F30F64-AC33-42F5-8FD1-5DC2D3FDE06C}
%SYSDIR%\rundll32.exe "C:\Program Files\Windows Live\Photo Gallery\WLXPhotoViewer.dll",PhotoViewerComServer {00F374B7-B390-4884-B372-2FC349F2172B}
%PROGRAMFILES%\MarkAny\ContentSafer\MACSMANAGER.dll [MarkAny Cooperation.] [MACSMGR Module] MD5=4B6708F7D8152508A6DD870CB2896483 SIZE=192512
%PROGRAMFILES%\Grisoft\AVG Anti-Spyware 7.5\shellexecutehook.dll [GRISOFT s.r.o.] [AVG Anti-Spyware] MD5=3FD0B984601D65C6DA8E891A0D5905D1 SIZE=79408
%SYSDIR%\Drivers\AnyDVD.sys [SlySoft, Inc.] [AnyDVD] MD5=75AD133B0AF9FE096C3177385A56A4A8 SIZE=97600
%SYSDIR%\svchost.exe -k netsvcs
%SYSDIR%\DRIVERS\avgfwdx.sys [AVG Technologies CZ, s.r.o.] [AVG Internet Security] MD5=7F75D9CF0E7E4F76E11630532AA4AE9D SIZE=23296
%SYSDIR%\Drivers\avgldx86.sys [AVG Technologies CZ, s.r.o.] [AVG Internet Security] MD5=B02FBFA2FF91E8778A08F9A6053CCBE3 SIZE=97928
%SYSDIR%\Drivers\avgmfx86.sys [AVG Technologies CZ, s.r.o.] [AVG Internet Security] MD5=37A7618A843BB15B5430103C9945DC4C SIZE=26824
%SYSDIR%\Drivers\avgrkx86.sys [AVG Technologies CZ, s.r.o.] [AVG Internet Security] MD5=219DFC4CA7A1E930B3B7D1C55FBA0698 SIZE=12936
%SYSDIR%\Drivers\avgtdix.sys [AVG Technologies CZ, s.r.o.] [AVG Internet Security] MD5=C81DB4DD6E6E650BF90BDA09A00ACC94 SIZE=76040
%SYSDIR%\DRIVERS\bb-run.sys [Promise Technology, Inc.] [Promise® Disk Accelerator] MD5=7270D070173B20AC9487EA16BB08B45F SIZE=17408
%SYSDIR%\dllhost.exe \Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}
%SYSDIR%\svchost -k DcomLaunch
%SYSDIR%\svchost.exe -k NetworkService
%SYSDIR%\DRIVERS\e100b325.sys [Intel Corporation] [Intel(R) PRO/100 Adapter] MD5=83403675CAB29E7A4B885B11E7C855D8 SIZE=163328
%SYSDIR%\DRIVERS\ELacpi.sys [Intel Corporation] [Intel(R) Quick Resume Technology] MD5=0923AEC043F5D355B4EF0C2B29A362DE SIZE=9728
%SYSDIR%\Drivers\ElbyCDIO.sys [Elaborate Bytes AG] [CDRTools] MD5=AAA8999A169E39FB8B48AE49CD6AC30A SIZE=25160
%SYSDIR%\Drivers\Elhid.sys [Intel Corporation] [Intel(R) Quick Resume Technology] MD5=CBD71E7772F92BFB85CCC302B2DEEFBA SIZE=10112
%SYSDIR%\Drivers\Elkbd.sys [Intel Corporation] [Intel(R) Quick Resume Technology] MD5=AC75B576C45D144E146FD1F0576A1F53 SIZE=6912
%SYSDIR%\Drivers\Elmon.sys [Intel Corporation] [Intel(R) Quick Resume Technology] MD5=483CCE5E40137D4E437F4DEF55C80007 SIZE=7040
%SYSDIR%\Drivers\Elmou.sys [Intel Corporation] [Intel(R) Quick Resume Technology] MD5=8E88CAFEAC0812BF2D15BEEEDFCCE8BD SIZE=6400
%SYSDIR%\drivers\enodpl.sys MD5=B4556F3D468C8DCB0B259D9D866CD4C4 SIZE=7552
%SYSDIR%\DRIVERS\fbxusb32.sys [FreeBox SA] [Carte réseau virtuelle FreeBox USB pour Windows 2000/XP] MD5=504E93682655A7B3AF1FB5BFF3F44322 SIZE=21344
%SYSDIR%\DRIVERS\ftsata2.sys [Promise Technology, Inc.] [Promise FastTrak Series Driver] MD5=22399D3CE5840C6082844679CCA5D2FC SIZE=175104
%SYSDIR%\Drivers\GEARAspiWDM.sys [GEAR Software Inc.] [CD DVD Filter] MD5=5DC17164F66380CBFEFD895C18467773 SIZE=16168
%SYSDIR%\DRIVERS\iastor.sys [Intel Corporation] [Intel Matrix Storage Manager driver] MD5=88B1943ECFF661F765228099138CF6AB SIZE=250368
%SYSDIR%\Drivers\imagedrv.sys [Ahead Software AG] [Nero ImageDrive] MD5=552B6B3B889020B8A2D5525068A494B4 SIZE=11304
%SYSDIR%\DRIVERS\imagesrv.sys [Ahead Software AG] [Nero ImageDrive] MD5=1BE72919F1B489FB8C06AE7CEF45C659 SIZE=132904
%SYSDIR%\drivers\RtkHDAud.sys [Realtek Semiconductor Corp.] [Realtek(r) High Definition Audio Function Driver (HRTF data Copyright 1994 by MIT Media Lab)] MD5=12F4D2AA29745DC2A403FF42E75CF7FA SIZE=4353024
%SYSDIR%\drivers\PfModNT.sys [Creative Technology Ltd.] [PfModNT] MD5=0ABC514F6606324CE15484D079027798 SIZE=71596
%SYSDIR%\drivers\prodrv06.sys [Protection Technology] [StarForce Protection System] MD5=09921A58B4278BC16EFA91A8FE480C50 SIZE=54368
%SYSDIR%\drivers\prohlp02.sys [Protection Technology] [StarForce Protection System] MD5=97184F49AA0733F6EEA28ADA265BA8DA SIZE=115680
%SYSDIR%\drivers\prosync1.sys [Protection Technology] [StarForce Protection System] MD5=F3471E7971EE62420451D958DA635064 SIZE=6944
%SYSDIR%\DRIVERS\PS2.sys [Hewlett-Packard Company] [Hewlett-Packard Company PS2 SYS] MD5=390C204CED3785609AB24E9C52054A84 SIZE=19072
%SYSDIR%\svchost -k rpcss
%SYSDIR%\drivers\SbFw.sys [Sunbelt Software, Inc.] [Sunbelt Personal Firewall] MD5=B9C52B09EDE3A4A78A9F3D66E7B7268E SIZE=269736
%SYSDIR%\DRIVERS\sbfwim.sys [Sunbelt Software, Inc.] [Sunbelt Personal Firewall] MD5=F01B8409A11C319E3C5B9DD418676D2C SIZE=65576
%SYSDIR%\drivers\sbhips.sys [Sunbelt Software, Inc.] [Sunbelt Personal Firewall] MD5=31CA701F26EA66468AD3C3C6498755CE SIZE=66600
%SYSDIR%\drivers\sfdrv01.sys [Protection Technology (StarForce)] [SF FrontLine] MD5=9E7DEE11FD5A4355941A45F13C0ED59A SIZE=51200
%SYSDIR%\drivers\sfhlp01.sys [Protection Technology] [StarForce Protection System] MD5=462AEE0EA0481EA8BD45CAC876A4CCC4 SIZE=4832
%SYSDIR%\drivers\sfhlp02.sys [Protection Technology (StarForce)] [SF FrontLine] MD5=ECEFB59D2206D281E6D317AF0EA0D8BD SIZE=6656
%SYSDIR%\drivers\sfsync04.sys [Protection Technology (StarForce)] [SF FrontLine] MD5=05E3038180CD846B0BCA0E915163606A SIZE=50176
%SYSDIR%\drivers\sfvfs02.sys [Protection Technology] [StarForce Protection System] MD5=D5A7E09D2C6A702809E49190D52ADC9F SIZE=63488
%SYSDIR%\Drivers\sptd.sys SIZE=717296
%SYSDIR%\DRIVERS\ssmdrv.sys [Avira GmbH] MD5=3D2829FDE1C52FC64DA5413889CE4DEE SIZE=28352
%SYSDIR%\svchost.exe -k imgsvc
%PROGRAMFILES%\TGTSoft\StyleXP\StyleXPHelper.exe [Windows (R) 2000 DDK provider] [Windows (R) 2000 DDK driver] MD5=7E40B43922B2896F40A5930AF7489C60 SIZE=10880
%SYSDIR%\drivers\tandpl.sys MD5=126D7B3B4C7B724491C604060E1F4E14 SIZE=4736
%SYSDIR%\drivers\WmBEnum.sys [Logitech Inc.] [Logitech WingMan Software] MD5=1ABFD1399436E81C9D857F5FC76EAF98 SIZE=10144
%SYSDIR%\drivers\WmXlCore.sys [Logitech Inc.] [Logitech WingMan Software] MD5=2BF505424F469155CD90D7B3301D7ADC SIZE=45504
%SYSDIR%\svchost.exe -k WudfServiceGroup
%PROGRAMFILES%\Grisoft\AVG Anti-Spyware 7.5\guard.sys MD5=D6F4C1450699901048818B0C3AAF7A17 SIZE=11000
%PROGRAMFILES%\AVG\AVG8\avgpp.dll [AVG Technologies CZ, s.r.o.] [AVG Internet Security] MD5=5E0B47F3AE5D516F3A185ED62FF437D9 SIZE=79128
%PROGRAMFILES%\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll [Microsoft Corporation] [Messenger] MD5=56319E6B4D190A2DEB4463A9CE4D4F74 SIZE=66072
%WINDIR%\ALCMTR.EXE [Realtek Semiconductor Corp.] [Realtek AC97 Audio - Event Monitor] MD5=8B4CBBA1EA526830C7F97E7822E2493A SIZE=69632
%SYSDIR%\MACROMED\SHOCKWAVE 10\GTAPI.DLL MD5=B19256632FD0BA5BED01E80E29402384 SIZE=45056
End of Report
Je sais pas si il y a quelque chose de suspect la dedans, mais ma connexion internet s'est déjà bien améliorée...
Donc merci beaucoup, je reste à votre disposition si il faut faire d'autres scan ou autre...
Salut
Un log hijackthis
Pour AVG tu supprimes tout ce qu'il trouve, tu peux le repasser tant que tu le souhaites
Un log hijackthis
Pour AVG tu supprimes tout ce qu'il trouve, tu peux le repasser tant que tu le souhaites
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:58:00, on 14/10/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Unable to get Internet Explorer version!
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\CPUCooL\CooLSrv.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\PROGRA~1\AVG\AVG8\avgam.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\dllhost.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\program files\steam\steam.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Mozilla Thunderbird\thunderbird.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Program Files\Microsoft Office\Office12\WINWORD.EXE
C:\Program Files\AVG\AVG8\avgcmgr.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://ww25.b.bestmanage.org/?pid=2000&dt=2007-06-09&subid1=20201204-2342-2814-805e-9412ef12d4bb
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [ClockGen] C:\Documents and Settings\Guigui\Bureau\ClockGen.exe -i p=0
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [Steam] "c:\program files\steam\steam.exe" -silent
O4 - HKCU\..\Run: [RocketDock] "C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [UberIcon] "C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'Default user')
O4 - .DEFAULT User Startup: CamTrack.lnk = C:\Program Files\DigitalPeers\CamTrack\camtrack.exe (User 'Default user')
O4 - .DEFAULT User Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user')
O4 - .DEFAULT User Startup: PinMcLnk.lnk = C:\hp\bin\cloaker.exe (User 'Default user')
O4 - Startup: Mozilla Thunderbird.lnk = C:\Program Files\Mozilla Thunderbird\thunderbird.exe
O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
O4 - Startup: TransBar.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe
O4 - Startup: UberIcon.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
O8 - Extra context menu item: &Traduire à partir de l'anglais - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Pages liées - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Pages similaires - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Recherche &Google - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Tout télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: Télécharger la sélection avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Télécharger la vidéo avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm
O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Upload - {FD4E2FF8-973C-4A19-89BD-8E86B3CFCFE1} - C:\Program Files\Free Download Manager\FUM\fumiebtn.dll
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{C1CC5855-2C73-4379-9BAE-001BE7400194}: NameServer = 212.27.53.252,212.27.54.252
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: CPUCooLServer Service (CPUCooLServer) - Unknown owner - C:\Program Files\CPUCooL\CooLSrv.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Sunbelt Personal Firewall 4 (SPF4) - Sunbelt Software, Inc. - C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe
Scan saved at 19:58:00, on 14/10/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Unable to get Internet Explorer version!
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\CPUCooL\CooLSrv.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\PROGRA~1\AVG\AVG8\avgam.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\dllhost.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\program files\steam\steam.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Mozilla Thunderbird\thunderbird.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Program Files\Microsoft Office\Office12\WINWORD.EXE
C:\Program Files\AVG\AVG8\avgcmgr.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://ww25.b.bestmanage.org/?pid=2000&dt=2007-06-09&subid1=20201204-2342-2814-805e-9412ef12d4bb
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [ClockGen] C:\Documents and Settings\Guigui\Bureau\ClockGen.exe -i p=0
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [Steam] "c:\program files\steam\steam.exe" -silent
O4 - HKCU\..\Run: [RocketDock] "C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [UberIcon] "C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'Default user')
O4 - .DEFAULT User Startup: CamTrack.lnk = C:\Program Files\DigitalPeers\CamTrack\camtrack.exe (User 'Default user')
O4 - .DEFAULT User Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user')
O4 - .DEFAULT User Startup: PinMcLnk.lnk = C:\hp\bin\cloaker.exe (User 'Default user')
O4 - Startup: Mozilla Thunderbird.lnk = C:\Program Files\Mozilla Thunderbird\thunderbird.exe
O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
O4 - Startup: TransBar.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe
O4 - Startup: UberIcon.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
O8 - Extra context menu item: &Traduire à partir de l'anglais - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Pages liées - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Pages similaires - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Recherche &Google - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Tout télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: Télécharger la sélection avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Télécharger la vidéo avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm
O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Upload - {FD4E2FF8-973C-4A19-89BD-8E86B3CFCFE1} - C:\Program Files\Free Download Manager\FUM\fumiebtn.dll
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{C1CC5855-2C73-4379-9BAE-001BE7400194}: NameServer = 212.27.53.252,212.27.54.252
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: CPUCooLServer Service (CPUCooLServer) - Unknown owner - C:\Program Files\CPUCooL\CooLSrv.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Sunbelt Personal Firewall 4 (SPF4) - Sunbelt Software, Inc. - C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe
