LONG Rapport de HijackThis

Bonjour,

Toujours concernant mon problème de lenteur passagère de mon PC lors
des fermetures des programmes qui touchent à internet, et suite à la
suggestion de certains d'entre vous ici, voici le rapport de
HijackThis, au cas où j'aurais encore des spys malgré SpyBot 1.3

Si une bonne âme supercompétente pouvait m'aider à ne pas virer ce qui
est utile, ça serait sympa !

Attention, c'est long ... ;-)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Creative\ShareDLL\CtNotify.exe
C:\Program Files\Creative\SBLive\Program\CTAvTray.EXE
C:\Program Files\Winamp\winampa.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Securitoo\av_fw\Common\FSM32.EXE
C:\Program Files\Creative\SBLive\AudioHQ\AHQTB.EXE
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\PROGRA~1\MOZILLA.ORG\MOZILLA\MOZILLA.EXE
C:\WINDOWS\System32\rundll32.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_SICN03.EXE
C:\Program Files\Creative\ShareDLL\MediaDet.Exe
C:\Program Files\Nikon\NkView5\NkvMon.exe
D:\Program Files\Printkey\Printkey.exe
C:\PROGRA~1\SECURI~1\av_fw\backweb\1044199\Program\SERVIC~1.EXE
C:\WINDOWS\System32\CTsvcCDA.EXE
C:\Program Files\Securitoo\av_fw\Anti-Virus\fsgk32st.exe
C:\Program Files\Securitoo\av_fw\Anti-Virus\FSGK32.EXE
C:\Program
Files\Securitoo\av_fw\backweb\1044199\Program\BackWeb-1044199.exe
C:\Program Files\Securitoo\av_fw\backweb\1044199\program\fsbwsys.exe
C:\Program Files\Securitoo\av_fw\Anti-Virus\fssm32.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\Program Files\Securitoo\av_fw\Common\FSMA32.EXE
C:\Program Files\Securitoo\av_fw\Common\FSMB32.EXE
C:\Program Files\Securitoo\av_fw\Common\FCH32.EXE
C:\Program Files\Securitoo\av_fw\Anti-Virus\fsav32.exe
C:\Program Files\Securitoo\av_fw\Common\FAMEH32.EXE
C:\Program Files\Securitoo\av_fw\DFW\Program\fsdfwd.exe
C:\Program Files\MailWasher Pro\MailWasher.exe
C:\Program Files\Outlook Express\Msimn.exe
C:\Program Files\OE-QuoteFix\oequotefix.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\MesNews\mesnews2.exe
C:\DOCUME~1\BENLAD~1\LOCALS~1\Temp\Rar$EX00.365\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL =
http://www.google.fr/keyword/%s
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
http://www.google.fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.google.fr/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title =
L'explorer de JEFFBIE
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName
= Liens
N3 - Netscape 7: user_pref("browser.startup.homepage",
"http://google.fr"); (C:\Documents and Settings\ben laden\Application
Data\Mozilla\Profiles\default\jse11kon.slt\prefs.js)
N3 - Netscape 7: user_pref("browser.search.defaultengine",
"engine://C%3A%5CPROGRA%7E1%5CMOZILLA.ORG%5CMOZILLA%5Csearchplugins%5Cgooglefr.src");
(C:\Documents and Settings\ben laden\Application
Data\Mozilla\Profiles\default\jse11kon.slt\prefs.js)
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -
C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} -
C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {6947cf88-fec1-41b9-b1ab-6fcac02b5efb} -
C:\DOCUME~1\BENLAD~1\APPLIC~1\oagnsscrfl.dll (file missing)
O2 - BHO: (no name) - {78142569-21ea-4781-96b7-7de1bf44046c} - (no
file)
O2 - BHO: (no name) - {83DE62E0-5805-11D8-9B25-00E04C60FAF2} -
C:\WINDOWS\2_0_1browserhelper2.dll (file missing)
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - (no
file)
O2 - BHO: (no name) - {EBCDDA60-2A68-11D3-8A43-0060083CFB9C} -
C:\WINDOWS\System32\nzdd.dll
O4 - HKLM\..\Run: [Disc Detector] C:\Program
Files\Creative\ShareDLL\CtNotify.exe
O4 - HKLM\..\Run: [CTAvTray] C:\Program
Files\Creative\SBLive\Program\CTAvTray.EXE
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\Updreg.exe
O4 - HKLM\..\Run: [SysUpd] C:\WINDOWS\sysupd.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program
Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE
C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program
Files\Securitoo\av_fw\TNB\TNBUtil.exe" /CHECKALL
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program
Files\Securitoo\av_fw\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [AudioHQ] C:\Program
Files\Creative\SBLive\AudioHQ\AHQTB.EXE
O4 - HKLM\..\Run: [AHQInit] C:\Program
Files\Creative\SBLive\Program\AHQInit.exe
O4 - HKLM\..\Run: [pdfw] C:\Program Files\Amic Utilities\PDF Writer
Pro\pdfwload.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN
Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Mozilla Quick Launch]
"C:\PROGRA~1\MOZILLA.ORG\MOZILLA\MOZILLA.EXE" -turbo
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search
& Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [EPSON Stylus COLOR 760]
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_SICN03.EXE /A
"C:\WINDOWS\System32\E_S1CB.tmp"
O4 - HKLM\..\RunOnce: [CTAVTray] C:\Program
Files\Creative\SBLive\Program\CTAvStub.EXE EAX.AVI
O4 - Global Startup: EPSON Status Monitor 3 Environment Check.lnk =
C:\WINDOWS\system32\spool\drivers\w32x86\3\E_SRCV03.EXE
O4 - Global Startup: NkvMon.exe.lnk = C:\Program
Files\Nikon\NkView5\NkvMon.exe
O4 - Global Startup: PowerReg Scheduler.exe
O4 - Global Startup: Printkey.lnk = D:\Program
Files\Printkey\Printkey.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions
present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel
present
O8 - Extra context menu item: &NeoTrace It! -
C:\PROGRA~1\NEOTRA~1\NTXcontext.htm
O8 - Extra context menu item: Chercher avec Copernic - C:\Program
Files\Copernic 2001 Pro\Search Extension.htm
O8 - Extra context menu item: Chercher avec Copernic 2001 - C:\Program
Files\Copernic 2001 Pro\Search Extension.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel -
res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Ouvrir le cadre dans une nouvelle fenêtre
- file://C:\WINDOWS\web\nvcadre.html
O8 - Extra context menu item: Voir les cookies -
C:\WINDOWS\web\cookies.html
O9 - Extra 'Tools' menuitem: Lancer Copernic 2001 (HKLM)
O9 - Extra button: Copernic (HKLM)
O9 - Extra button: Related (HKLM)
O9 - Extra 'Tools' menuitem: Show &Related Links (HKLM)
O9 - Extra button: Real.com (HKLM)
O9 - Extra button: Messenger (HKLM)
O9 - Extra 'Tools' menuitem: Messenger (HKLM)
O9 - Extra button: NeoTrace It! (HKCU)
O15 - Trusted Zone: http://faq.outlook.free.fr
O16 - DPF: {12398DD6-40AA-4C40-A4EC-A42CFC0DE797} -
http://www.xxxtoolbar.com/ist/softwares/v4.0/0006_cracks.cab
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX
Control) -
http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
O16 - DPF: {27527D31-447B-11D5-A46E-0001023B4289} (CoGSManager Class) -
http://gamingzone.ubisoft.com/packages/GSManager.cab
O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} -
http://a1540.g.akamai.net/7/1540/52/20020124/qtinstall.info.apple.com/qt505/fr/win/QuickTimeInstaller.exe
O16 - DPF: {70BA88C8-DAE8-4CE9-92BB-979C4A75F53B} (GSDACtl Class) -
http://launch.gamespyarcade.com/software/launch/alaunch.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) -
http://a840.g.akamai.net/7/840/537/2004033001/housecall.antivirus.com/housecall/xscan53.cab
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) -
http://217.167.21.186/activex/AxisCamControl.ocx
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) -
http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?38076.5630787037
O16 - DPF: {C2FCEF52-ACE9-11D3-BEBD-00105AA9B6AE} -
O16 - DPF: {C3DFA998-A486-11D4-AA25-00C04F72DAEB} (MSN Photo Upload
Tool) - http://sc.communities.msn.com/controls/PhotoUC/MsnPUpld.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash
Object) -
http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O17 -
HKLM\System\CCS\Services\Tcpip\..\{BEE8F19E-5899-4AAE-9012-6F52BFA25074}:
NameServer = 80.10.246.1 80.10.246.132

--
Non au SPAM !!!
Collectif Anti-SPAM :
http://caspam.org/