nikovitch
-
Compteur de contenus
5 -
Inscription
-
Dernière visite
nikovitch's Achievements
Junior Member (3/12)
0
Réputation sur la communauté
-
Merci beaucoup pour ton aide, mon probleme est enfin resolu Je te remerci donc toi et ce forum, longue vie a vous
-
dsl double post :$
-
1) la recherche du fichier WinFixer (ou autre fichier portant un nom bizarre) n'a rien donné 2) Voila le rapport de VundoFix : VundoFix V6.2.13 Checking Java version... Java version is 1.4.2.4 Java version is 1.5.0.9 Scan started at 22:40:35 08/01/2007 Listing files found while scanning.... D:\WINDOWS\system32\winwea32.dll D:\WINDOWS\System32\pmnli.dll D:\WINDOWS\System32\ilnmp.ini D:\WINDOWS\System32\ilnmp.bak1 D:\WINDOWS\System32\ilnmp.bak2 D:\WINDOWS\System32\ilnmp.ini2 D:\WINDOWS\System32\ilnmp.tmp Beginning removal... Attempting to delete D:\WINDOWS\system32\winwea32.dll D:\WINDOWS\system32\winwea32.dll Has been deleted! Attempting to delete D:\WINDOWS\System32\pmnli.dll D:\WINDOWS\System32\pmnli.dll Has been deleted! Attempting to delete D:\WINDOWS\System32\ilnmp.ini D:\WINDOWS\System32\ilnmp.ini Has been deleted! Attempting to delete D:\WINDOWS\System32\ilnmp.bak1 D:\WINDOWS\System32\ilnmp.bak1 Has been deleted! Attempting to delete D:\WINDOWS\System32\ilnmp.bak2 D:\WINDOWS\System32\ilnmp.bak2 Has been deleted! Attempting to delete D:\WINDOWS\System32\ilnmp.ini2 D:\WINDOWS\System32\ilnmp.ini2 Has been deleted! Attempting to delete D:\WINDOWS\System32\ilnmp.tmp D:\WINDOWS\System32\ilnmp.tmp Has been deleted! Performing Repairs to the registry. Done! (désolé si j'ai mal édité le rapport je connais pas du tout ce programme) 3) un petit scan de hijackthis une fois les objet fixés (et apres le passage de l'outil de F-secure) : D:\WINDOWS\System32\smss.exe D:\WINDOWS\system32\csrss.exe D:\WINDOWS\SYSTEM32\winlogon.exe D:\WINDOWS\system32\services.exe D:\WINDOWS\system32\lsass.exe D:\WINDOWS\system32\svchost.exe D:\WINDOWS\System32\svchost.exe D:\WINDOWS\System32\svchost.exe D:\WINDOWS\system32\spoolsv.exe D:\WINDOWS\Explorer.EXE D:\Program Files\EPSON\ESM2\eEBSVC.exe D:\WINDOWS\System32\alg.exe D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe D:\Program Files\Alwil Software\Avast4\ashServ.exe D:\Program Files\Java\jre1.5.0_10\bin\jusched.exe D:\Program Files\ewido anti-spyware 4.0\guard.exe D:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe D:\Program Files\Microsoft IntelliPoint\point32.exe D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe D:\WINDOWS\System32\LVCOMSX.EXE D:\WINDOWS\System32\nvsvc32.exe D:\Program Files\Logitech\Video\LogiTray.exe D:\Program Files\ATI Technologies\ATI.ACE\cli.exe D:\WINDOWS\SOUNDMAN.EXE D:\PROGRA~1\Wanadoo\TaskBarIcon.exe D:\WINDOWS\System32\svchost.exe D:\WINDOWS\System32\wdfmgr.exe D:\WINDOWS\System32\ctfmon.exe D:\Program Files\Logitech\Video\FxSvr2.exe D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe D:\Program Files\Alwil Software\Avast4\ashWebSv.exe D:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe D:\WINDOWS\SYSTEM32\taskmgr.exe D:\Program Files\ATI Technologies\ATI.ACE\cli.exe D:\Program Files\ATI Technologies\ATI.ACE\cli.exe D:\Program Files\Mozilla Firefox\firefox.exe D:\Program Files\Winamp\winamp.exe D:\Program Files\Last.fm\LastFM.exe D:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://www.wanadoo.fr/ R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = N3 - Netscape 7: user_pref("browser.startup.homepage", "http://www.the-ryoweb.com/"); (D:\Documents and Settings\nikovic\Application Data\Mozilla\Profiles\default\y7haxx3e.slt\prefs.js) N3 - Netscape 7: user_pref("browser.search.defaultengine", "engine://D%3A%5CProgram%20Files%5CNetscape%5CNetscape%5Csearchplugins%5CNetscape_France.src"); (D:\Documents and Settings\nikovic\Application Data\Mozilla\Profiles\default\y7haxx3e.slt\prefs.js) O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - D:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: (no name) - {10694825-7142-48E2-B40B-152AD52EB9AD} - D:\WINDOWS\System32\jkhhg.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files\Java\jre1.5.0_10\bin\ssv.dll O2 - BHO: (no name) - {7DA39570-5FD2-4f18-94B4-20730CB3F727} - D:\WINDOWS\System32\sxjapuqy.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - d:\program files\google\googletoolbar2.dll O2 - BHO: NTIECatcher Class - {C56CB6B0-0D96-11D6-8C65-B2868B609932} - D:\Program Files\Xi\NetTransport 2\NTIEHelper.dll O4 - HKLM\..\Run: [WOOWATCH] D:\PROGRA~1\Wanadoo\Watch.exe O4 - HKLM\..\Run: [nForce Tray Options] sstray.exe /r O4 - HKLM\..\Run: [sunJavaUpdateSched] "D:\Program Files\Java\jre1.5.0_10\bin\jusched.exe" O4 - HKLM\..\Run: [CloneCDTray] "D:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s O4 - HKLM\..\Run: [VirtualCloneDrive] "D:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s O4 - HKLM\..\Run: [intelliPoint] "D:\Program Files\Microsoft IntelliPoint\point32.exe" O4 - HKLM\..\Run: [NeroFilterCheck] D:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [avast!] D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [LVCOMSX] D:\WINDOWS\System32\LVCOMSX.EXE O4 - HKLM\..\Run: [LogitechVideoRepair] D:\Program Files\Logitech\Video\ISStart.exe O4 - HKLM\..\Run: [LogitechVideoTray] D:\Program Files\Logitech\Video\LogiTray.exe O4 - HKLM\..\Run: [ATICCC] "D:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay O4 - HKLM\..\Run: [WOOTASKBARICON] D:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE D:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE D:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [DiskeeperSystray] "D:\Program Files\Diskeeper Corporation\Diskeeper\DkIcon.exe" O4 - HKCU\..\Run: [ctfmon.exe] D:\WINDOWS\System32\ctfmon.exe O4 - HKCU\..\Run: [WOOKIT] D:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|DEFAULT=cnx|PARAM= O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "D:\Program Files\Logitech\Video\ManifestEngine.exe" boot O4 - HKCU\..\Run: [steam] "k:\program files\steam\steam.exe" -silent O4 - Startup: MagicDisc.lnk = D:\Program Files\MagicDisc\MagicDisc.exe O4 - Global Startup: DSLMON.lnk = D:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe O8 - Extra context menu item: &Download with &DAP - D:\PROGRA~1\DAP\dapextie.htm O8 - Extra context menu item: &Google Search - res://d:\program files\google\GoogleToolbar2.dll/cmsearch.html O8 - Extra context menu item: &Translate English Word - res://d:\program files\google\GoogleToolbar2.dll/cmwordtrans.html O8 - Extra context menu item: &Télécharger avec NetTransport - D:\Program Files\Xi\NetTransport 2\NTAddLink.html O8 - Extra context menu item: Backward Links - res://d:\program files\google\GoogleToolbar2.dll/cmbacklinks.html O8 - Extra context menu item: Cached Snapshot of Page - res://d:\program files\google\GoogleToolbar2.dll/cmcache.html O8 - Extra context menu item: Download &all with DAP - D:\PROGRA~1\DAP\dapextie2.htm O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://D:\PROGRA~1\MI1933~1\Office10\EXCEL.EXE/3000 O8 - Extra context menu item: Similar Pages - res://d:\program files\google\GoogleToolbar2.dll/cmsimilar.html O8 - Extra context menu item: Tout t&élécharger avec NetTransport - D:\Program Files\Xi\NetTransport 2\NTAddList.html O8 - Extra context menu item: Translate Page into English - res://d:\program files\google\GoogleToolbar2.dll/cmtrans.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.5.0_10\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.5.0_10\bin\ssv.dll O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\PROGRA~1\WANADO~2\Wanadoo Messager.exe O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\PROGRA~1\WANADO~2\Wanadoo Messager.exe O12 - Plugin for .spop: D:\Program Files\Internet Explorer\Plugins\NPDocBox.dll O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - D:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - D:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - D:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL O20 - Winlogon Notify: jkhhg - D:\WINDOWS\System32\jkhhg.dll O23 - Service: Adobe LM Service - Adobe Systems - D:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - D:\WINDOWS\System32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - D:\WINDOWS\system32\ati2sgag.exe O23 - Service: avast! Antivirus - Unknown owner - D:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - D:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: EpsonBidirectionalService - Unknown owner - D:\Program Files\EPSON\ESM2\eEBSVC.exe O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - D:\Program Files\ewido anti-spyware 4.0\guard.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - D:\WINDOWS\System32\nvsvc32.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing) peut etre que je me trompe mais "jkhhg.dll" a pas l'air gentil 4) voici enfin le log de F secure 01/08/07 23:03:29 [info]: BlackLight Engine 1.0.55 initialized 01/08/07 23:03:29 [info]: OS: 5.1 build 2600 (Service Pack 1) 01/08/07 23:03:30 [Note]: 7019 4 01/08/07 23:03:30 [Note]: 7005 0 01/08/07 23:03:32 [Note]: 7006 0 01/08/07 23:03:32 [Note]: 7011 664 01/08/07 23:03:32 [Note]: 7026 0 01/08/07 23:03:33 [Note]: 7026 0 01/08/07 23:03:47 [Note]: FSRAW library version 1.7.1021 01/08/07 23:18:45 [Note]: 2000 1012 01/08/07 23:18:45 [Note]: 2000 1012 01/08/07 23:18:45 [Note]: 2000 1012 01/08/07 23:20:39 [Note]: 7007 0 je vous remercie de votre aide et de votre patience
-
Je vous remercie pour une reponse si rapide
-
Bonjour a tous, je me tourne vers votre forum car je ne sais plus quoi faire. En effet j'ai ce fichu dialer italien qui est apparu ainsi que quelques malwares ( ca m'etonne que firefox prenne 60Mo de mémoire juste avec 3 onglets ). J'ai lu certains topics et voici jusqu'a maintenant ce que j'ai fait : - hijackthis : les clés que je supprime reviennent au reboot - ewid (ou un prog du genre) : il ne m'enleve que certains cookies - host : j'ai ajouter certaines ip pour empecher l'affichage de pop up - ad aware : rien - spybot : au reboot ce qu'il a enlever revient Je remercie d'avance ceux qui prendront tu temps a m'eclairer (ps : les manipulations que j'ai effectués etait en mode sans echec avec prise en charge reseaux) edit : je prend l'initiative de vous montrer mon rapport hijackthis Logfile of HijackThis v1.99.1 Scan saved at 22:12:07, on 08/01/2007 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: D:\WINDOWS\System32\smss.exe D:\WINDOWS\SYSTEM32\winlogon.exe D:\WINDOWS\system32\services.exe D:\WINDOWS\system32\lsass.exe D:\WINDOWS\system32\svchost.exe D:\WINDOWS\System32\svchost.exe D:\WINDOWS\system32\spoolsv.exe D:\Program Files\EPSON\ESM2\eEBSVC.exe D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe D:\Program Files\Alwil Software\Avast4\ashServ.exe D:\Program Files\ewido anti-spyware 4.0\guard.exe D:\WINDOWS\System32\nvsvc32.exe D:\WINDOWS\System32\svchost.exe D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe D:\Program Files\Alwil Software\Avast4\ashWebSv.exe D:\Program Files\Java\jre1.5.0_10\bin\jusched.exe D:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe D:\Program Files\Microsoft IntelliPoint\point32.exe D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe D:\WINDOWS\System32\LVCOMSX.EXE D:\Program Files\Logitech\Video\LogiTray.exe D:\WINDOWS\SOUNDMAN.EXE D:\PROGRA~1\Wanadoo\TaskBarIcon.exe D:\WINDOWS\System32\RUNDLL32.EXE D:\WINDOWS\System32\ctfmon.exe D:\Program Files\Logitech\Video\FxSvr2.exe D:\PROGRA~1\Wanadoo\ComComp.exe D:\WINDOWS\SYSTEM32\taskmgr.exe D:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe D:\Program Files\Last.fm\LastFM.exe D:\Program Files\Mozilla Firefox\firefox.exe D:\WINDOWS\System32\svchost.exe D:\WINDOWS\explorer.exe D:\WINDOWS\TEMP\win62B.tmp.exe D:\WINDOWS\System32\cleanmgr.exe D:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://www.wanadoo.fr/ R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = N3 - Netscape 7: user_pref("browser.startup.homepage", "http://www.the-ryoweb.com/"); (D:\Documents and Settings\nikovic\Application Data\Mozilla\Profiles\default\y7haxx3e.slt\prefs.js) N3 - Netscape 7: user_pref("browser.search.defaultengine", "engine://D%3A%5CProgram%20Files%5CNetscape%5CNetscape%5Csearchplugins%5CNetscape_France.src"); (D:\Documents and Settings\nikovic\Application Data\Mozilla\Profiles\default\y7haxx3e.slt\prefs.js) O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - D:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: (no name) - {63D91457-F1E0-8963-C75A-8CCD541AD4C0} - D:\WINDOWS\System32\fmy.dll (file missing) O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files\Java\jre1.5.0_10\bin\ssv.dll O2 - BHO: (no name) - {7DA39570-5FD2-4f18-94B4-20730CB3F727} - D:\WINDOWS\System32\kgghxjap.dll O2 - BHO: (no name) - {9360995F-D952-40BA-94B4-CBBCDAD53FFC} - D:\WINDOWS\System32\pmnli.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - d:\program files\google\googletoolbar2.dll O2 - BHO: (no name) - {B810FAA9-AA2C-4332-8486-FF7D81DD842B} - D:\WINDOWS\System32\nnnkkji.dll O2 - BHO: NTIECatcher Class - {C56CB6B0-0D96-11D6-8C65-B2868B609932} - D:\Program Files\Xi\NetTransport 2\NTIEHelper.dll O4 - HKLM\..\Run: [WOOWATCH] D:\PROGRA~1\Wanadoo\Watch.exe O4 - HKLM\..\Run: [nForce Tray Options] sstray.exe /r O4 - HKLM\..\Run: [sunJavaUpdateSched] "D:\Program Files\Java\jre1.5.0_10\bin\jusched.exe" O4 - HKLM\..\Run: [CloneCDTray] "D:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s O4 - HKLM\..\Run: [VirtualCloneDrive] "D:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s O4 - HKLM\..\Run: [intelliPoint] "D:\Program Files\Microsoft IntelliPoint\point32.exe" O4 - HKLM\..\Run: [NeroFilterCheck] D:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [DownloadAccelerator] D:\PROGRA~1\DAP\DAP.EXE /STARTUP O4 - HKLM\..\Run: [avast!] D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [LVCOMSX] D:\WINDOWS\System32\LVCOMSX.EXE O4 - HKLM\..\Run: [LogitechVideoRepair] D:\Program Files\Logitech\Video\ISStart.exe O4 - HKLM\..\Run: [LogitechVideoTray] D:\Program Files\Logitech\Video\LogiTray.exe O4 - HKLM\..\Run: [ATICCC] "D:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay O4 - HKLM\..\Run: [WOOTASKBARICON] D:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE D:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE D:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [DiskeeperSystray] "D:\Program Files\Diskeeper Corporation\Diskeeper\DkIcon.exe" O4 - HKLM\..\Run: [DllRunning] rundll32.exe "D:\WINDOWS\System32\asjrpusw.dll",setvm O4 - HKCU\..\Run: [ctfmon.exe] D:\WINDOWS\System32\ctfmon.exe O4 - HKCU\..\Run: [WOOKIT] D:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|DEFAULT=cnx|PARAM= O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "D:\Program Files\Logitech\Video\ManifestEngine.exe" boot O4 - HKCU\..\Run: [steam] "k:\program files\steam\steam.exe" -silent O4 - HKCU\..\Run: [Hetp] "D:\PROGRA~1\RACLE~1\msiexec.exe" -vt yazb O4 - HKCU\..\Run: [Nqhr] D:\Documents and Settings\nikovic\Application Data\??pPatch\t?skmgr.exe O4 - Startup: MagicDisc.lnk = D:\Program Files\MagicDisc\MagicDisc.exe O4 - Global Startup: DSLMON.lnk = D:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe O8 - Extra context menu item: &Download with &DAP - D:\PROGRA~1\DAP\dapextie.htm O8 - Extra context menu item: &Google Search - res://d:\program files\google\GoogleToolbar2.dll/cmsearch.html O8 - Extra context menu item: &Translate English Word - res://d:\program files\google\GoogleToolbar2.dll/cmwordtrans.html O8 - Extra context menu item: &Télécharger avec NetTransport - D:\Program Files\Xi\NetTransport 2\NTAddLink.html O8 - Extra context menu item: Backward Links - res://d:\program files\google\GoogleToolbar2.dll/cmbacklinks.html O8 - Extra context menu item: Cached Snapshot of Page - res://d:\program files\google\GoogleToolbar2.dll/cmcache.html O8 - Extra context menu item: Download &all with DAP - D:\PROGRA~1\DAP\dapextie2.htm O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://D:\PROGRA~1\MI1933~1\Office10\EXCEL.EXE/3000 O8 - Extra context menu item: Similar Pages - res://d:\program files\google\GoogleToolbar2.dll/cmsimilar.html O8 - Extra context menu item: Tout t&élécharger avec NetTransport - D:\Program Files\Xi\NetTransport 2\NTAddList.html O8 - Extra context menu item: Translate Page into English - res://d:\program files\google\GoogleToolbar2.dll/cmtrans.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.5.0_10\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.5.0_10\bin\ssv.dll O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\PROGRA~1\WANADO~2\Wanadoo Messager.exe O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\PROGRA~1\WANADO~2\Wanadoo Messager.exe O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.orange.fr (file missing) (HKCU) O12 - Plugin for .spop: D:\Program Files\Internet Explorer\Plugins\NPDocBox.dll O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - D:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - D:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - D:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL O20 - Winlogon Notify: nnnkkji - D:\WINDOWS\SYSTEM32\nnnkkji.dll O20 - Winlogon Notify: pmnli - D:\WINDOWS\System32\pmnli.dll O20 - Winlogon Notify: winwea32 - D:\WINDOWS\SYSTEM32\winwea32.dll O23 - Service: Adobe LM Service - Adobe Systems - D:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - D:\WINDOWS\System32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - D:\WINDOWS\system32\ati2sgag.exe O23 - Service: avast! Antivirus - Unknown owner - D:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - D:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: EpsonBidirectionalService - Unknown owner - D:\Program Files\EPSON\ESM2\eEBSVC.exe O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - D:\Program Files\ewido anti-spyware 4.0\guard.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - D:\WINDOWS\System32\nvsvc32.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)