Infecté par Trojan.Stwoyle
Gégé
-
Kristopher Messages postés 3752 Statut Contributeur -
Kristopher Messages postés 3752 Statut Contributeur -
Bonjour
SVP je suis infecté par Trojan.Stwoyle détecté par Norton 2005
qui ne se lasse pas de me le rappeler,j'ai passé : Spybot, ad-aware SE ,ewido ,Trojan Remover ,a-squared ,cwshredder,et bien sûr Norton avec toutes les mises à jour que j'ai pu trouver et j'en suis toujours au même point ils ne m'ont rien trouvé bien sûr a part
Norton
(C:\windows\system32\st3d.dll infectée par Trojan.Swoyle)
j'ai passé tous les antiTrojan citer plus haut aprés avoir
enlevé la regéneration de win. XP
je vous remercie par avance si vous pouvez me dépanner ou me sortir de là.
merci bien
Je joint le fichier hijackthis :
Logfile of HijackThis v1.99.1
Scan saved at 23:23:20, on 14/01/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\Program Files\Ahead\InCD\InCD.exe
C:\Program Files\Logitech\iTouch\iTouch.exe
C:\Program Files\Daily Weather Forecast\weather.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9EE.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Systran\Classic3.0\Systrnet.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\ntvdm.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\ewido anti-malware\ewidoguard.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Documents and Settings\gege\Mes documents\Mes fichiers reçus\Hijackthis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.neuf.fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://votreportail.neuf.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - Default URLSearchHook is missing
O1 - Hosts: 205.238.40.2 www.winmx.com
O1 - Hosts: 205.238.40.2 err.winmx.com
O1 - Hosts: 209.67.209.50 test3201.winmx.com test3203.winmx.com test3205.winmx.com test3207.winmx.com
O1 - Hosts: 82.43.224.20 test3202.winmx.com test3204.winmx.com test3206.winmx.com test3208.winmx.com
O1 - Hosts: 209.67.209.50 c3310.z1301.winmx.com c3310.z1302.winmx.com c3310.z1303.winmx.com c3310.z1304.winmx.com c3310.z1305.winmx.com c3310.z1306.winmx.com c3312.z1301.winmx.com c3312.z1302.winmx.com c3312.z1303.winmx.com c3312.z1304.winmx.com c3312.z1305.winmx.com c3312.z1306.winmx.com c3314.z1301.winmx.com c3314.z1302.winmx.com c3314.z1303.winmx.com c3314.z1304.winmx.com c3314.z1305.winmx.com c3314.z1306.winmx.com c3316.z1301.winmx.com c3316.z1302.winmx.com c3316.z1303.winmx.com c3316.z1304.winmx.com c3316.z1305.winmx.com c3316.z1306.winmx.com c3318.z1301.winmx.com c3318.z1302.winmx.com c3318.z1303.winmx.com c3318.z1304.winmx.com c3318.z1305.winmx.com c3318.z1306.winmx.com
O1 - Hosts: 212.227.64.159 c3313.z1301.winmx.com c3313.z1302.winmx.com c3313.z1303.winmx.com c3313.z1304.winmx.com c3313.z1305.winmx.com c3313.z1306.winmx.com c3317.z1301.winmx.com c3317.z1302.winmx.com c3317.z1303.winmx.com c3317.z1304.winmx.com c3317.z1305.winmx.com c3317.z1306.winmx.com
O1 - Hosts: 82.195.155.5 c3311.z1301.winmx.com c3311.z1302.winmx.com c3311.z1303.winmx.com c3311.z1304.winmx.com c3311.z1305.winmx.com c3311.z1306.winmx.com c3315.z1301.winmx.com c3315.z1302.winmx.com c3315.z1303.winmx.com c3315.z1304.winmx.com c3315.z1305.winmx.com c3315.z1306.winmx.com
O1 - Hosts: 82.43.224.20 c3319.z1301.winmx.com c3319.z1302.winmx.com c3319.z1303.winmx.com c3319.z1304.winmx.com c3319.z1305.winmx.com c3319.z1306.winmx.com
O1 - Hosts: 209.67.209.50 c3520.z1301.winmx.com c3520.z1302.winmx.com c3520.z1303.winmx.com c3520.z1304.winmx.com c3520.z1305.winmx.com c3520.z1306.winmx.com c3522.z1301.winmx.com c3522.z1302.winmx.com c3522.z1303.winmx.com c3522.z1304.winmx.com c3522.z1305.winmx.com c3522.z1306.winmx.com c3524.z1301.winmx.com c3524.z1302.winmx.com c3524.z1303.winmx.com c3524.z1304.winmx.com c3524.z1305.winmx.com c3524.z1306.winmx.com c3526.z1301.winmx.com c3526.z1302.winmx.com c3526.z1303.winmx.com c3526.z1304.winmx.com c3526.z1305.winmx.com c3526.z1306.winmx.com c3528.z1301.winmx.com c3528.z1302.winmx.com c3528.z1303.winmx.com c3528.z1304.winmx.com c3528.z1305.winmx.com c3528.z1306.winmx.com
O1 - Hosts: 212.227.64.159 c3523.z1301.winmx.com c3523.z1302.winmx.com c3523.z1303.winmx.com c3523.z1304.winmx.com c3523.z1305.winmx.com c3523.z1306.winmx.com c3527.z1301.winmx.com c3527.z1302.winmx.com c3527.z1303.winmx.com c3527.z1304.winmx.com c3527.z1305.winmx.com c3527.z1306.winmx.com
O1 - Hosts: 82.195.155.5 c3521.z1301.winmx.com c3521.z1302.winmx.com c3521.z1303.winmx.com c3521.z1304.winmx.com c3521.z1305.winmx.com c3521.z1306.winmx.com c3525.z1301.winmx.com c3525.z1302.winmx.com c3525.z1303.winmx.com c3525.z1304.winmx.com c3525.z1305.winmx.com c3525.z1306.winmx.com
O1 - Hosts: 82.43.224.20 c3529.z1301.winmx.com c3529.z1302.winmx.com c3529.z1303.winmx.com c3529.z1304.winmx.com c3529.z1305.winmx.com c3529.z1306.winmx.com
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: AltaVista Toolbar - {4E7BD74F-2B8D-469E-92EA-EC65A294AE31} - C:\WINDOWS\DOWNLO~1\CONFLICT.1\ALTAVI~1.DLL
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: C:\WINDOWS\system32\st3d.dll - {86AA461F-2A5B-4889-B543-E1BBA6746D61} - C:\WINDOWS\system32\st3d.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - :C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (file missing)
O3 - Toolbar: AltaVista Toolbar - {4E7BD74F-2B8D-469E-92EA-EC65A294AE31} - C:\WINDOWS\DOWNLO~1\CONFLICT.1\ALTAVI~1.DLL
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn4\yt.dll
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [Daily Weather Forecast] C:\Program Files\Daily Weather Forecast\weather.exe
O4 - HKLM\..\Run: [EPSON Stylus CX6600 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9EE.EXE /P26 "EPSON Stylus CX6600 Series" /O6 "USB001" /M "Stylus CX6600"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [TrojanScanner] C:\Program Files\Trojan Remover\Trjscan.exe
O4 - HKCU\..\Run: [MSMSGS] :"C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [LDM] \Program\
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: SYSTRANET.lnk = C:\Program Files\Systran\Classic3.0\Systrnet.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Recherche AltaVista - file://C:\Program Files\ALTAVISTA Toolbar\Cache\SelectedContextSearch.htm
O8 - Extra context menu item: SYSTRAN: &Effacer le cache de traduction - C:\Program Files\Systran\Classic3.0\menuClearCache.html
O8 - Extra context menu item: SYSTRAN: &Options - C:\Program Files\Systran\Classic3.0\menuConfigure.html
O8 - Extra context menu item: SYSTRAN: &Traduire - C:\Program Files\Systran\Classic3.0\menuTranslate.html
O8 - Extra context menu item: SYSTRAN: En®istrement - C:\Program Files\Systran\Classic3.0\menuRegister.html
O8 - Extra context menu item: SYSTRAN: Rechercher les &mises à jour - C:\Program Files\Systran\Classic3.0\menuUpdate.html
O8 - Extra context menu item: SYSTRAN: Traduire les &cadres - C:\Program Files\Systran\Classic3.0\menuTranslateAll.html
O8 - Extra context menu item: Traduction - file://C:\Program Files\ALTAVISTA Toolbar\Cache\SelectedContextTranslation.htm
O8 - Extra context menu item: Télécharger en utilisant Download &Express - C:\Program Files\Download Express\Add_Url.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: @sysiecom.dll,-2100 - {703436F1-3E1F-11d3-8F6B-00105A2A1D59} - C:\Program Files\Systran\Classic3.0\MenuTranslate.html
O9 - Extra 'Tools' menuitem: @sysiecom.dll,-2102 - {703436F1-3E1F-11d3-8F6B-00105A2A1D59} - C:\Program Files\Systran\Classic3.0\MenuTranslate.html
O9 - Extra button: @sysiecom.dll,-2103 - {703436F2-3E1F-11d3-8F6B-00105A2A1D59} - C:\Program Files\Systran\Classic3.0\MenuTranslateAll.html
O9 - Extra 'Tools' menuitem: @sysiecom.dll,-2105 - {703436F2-3E1F-11d3-8F6B-00105A2A1D59} - C:\Program Files\Systran\Classic3.0\MenuTranslateAll.html
O9 - Extra button: @sysiecom.dll,-2115 - {703436F3-3E1F-11d3-8F6B-00105A2A1D59} - C:\Program Files\Systran\Classic3.0\MenuConfigure.html
O9 - Extra 'Tools' menuitem: @sysiecom.dll,-2117 - {703436F3-3E1F-11d3-8F6B-00105A2A1D59} - C:\Program Files\Systran\Classic3.0\MenuConfigure.html
O9 - Extra button: (no name) - {703436F4-3E1F-11d3-8F6B-00105A2A1D59} - C:\Program Files\Systran\Classic3.0\MenuClearCache.html
O9 - Extra 'Tools' menuitem: @sysiecom.dll,-2108 - {703436F4-3E1F-11d3-8F6B-00105A2A1D59} - C:\Program Files\Systran\Classic3.0\MenuClearCache.html
O9 - Extra button: (no name) - {703436F5-3E1F-11d3-8F6B-00105A2A1D59} - C:\Program Files\Systran\Classic3.0\MenuRegister.html
O9 - Extra 'Tools' menuitem: @sysiecom.dll,-2111 - {703436F5-3E1F-11d3-8F6B-00105A2A1D59} - C:\Program Files\Systran\Classic3.0\MenuRegister.html
O9 - Extra button: (no name) - {703436F6-3E1F-11d3-8F6B-00105A2A1D59} - C:\Program Files\Systran\Classic3.0\MenuUpdates.html (file missing)
SVP je suis infecté par Trojan.Stwoyle détecté par Norton 2005
qui ne se lasse pas de me le rappeler,j'ai passé : Spybot, ad-aware SE ,ewido ,Trojan Remover ,a-squared ,cwshredder,et bien sûr Norton avec toutes les mises à jour que j'ai pu trouver et j'en suis toujours au même point ils ne m'ont rien trouvé bien sûr a part
Norton
(C:\windows\system32\st3d.dll infectée par Trojan.Swoyle)
j'ai passé tous les antiTrojan citer plus haut aprés avoir
enlevé la regéneration de win. XP
je vous remercie par avance si vous pouvez me dépanner ou me sortir de là.
merci bien
Je joint le fichier hijackthis :
Logfile of HijackThis v1.99.1
Scan saved at 23:23:20, on 14/01/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\Program Files\Ahead\InCD\InCD.exe
C:\Program Files\Logitech\iTouch\iTouch.exe
C:\Program Files\Daily Weather Forecast\weather.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9EE.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Systran\Classic3.0\Systrnet.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\ntvdm.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\ewido anti-malware\ewidoguard.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Documents and Settings\gege\Mes documents\Mes fichiers reçus\Hijackthis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.neuf.fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://votreportail.neuf.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - Default URLSearchHook is missing
O1 - Hosts: 205.238.40.2 www.winmx.com
O1 - Hosts: 205.238.40.2 err.winmx.com
O1 - Hosts: 209.67.209.50 test3201.winmx.com test3203.winmx.com test3205.winmx.com test3207.winmx.com
O1 - Hosts: 82.43.224.20 test3202.winmx.com test3204.winmx.com test3206.winmx.com test3208.winmx.com
O1 - Hosts: 209.67.209.50 c3310.z1301.winmx.com c3310.z1302.winmx.com c3310.z1303.winmx.com c3310.z1304.winmx.com c3310.z1305.winmx.com c3310.z1306.winmx.com c3312.z1301.winmx.com c3312.z1302.winmx.com c3312.z1303.winmx.com c3312.z1304.winmx.com c3312.z1305.winmx.com c3312.z1306.winmx.com c3314.z1301.winmx.com c3314.z1302.winmx.com c3314.z1303.winmx.com c3314.z1304.winmx.com c3314.z1305.winmx.com c3314.z1306.winmx.com c3316.z1301.winmx.com c3316.z1302.winmx.com c3316.z1303.winmx.com c3316.z1304.winmx.com c3316.z1305.winmx.com c3316.z1306.winmx.com c3318.z1301.winmx.com c3318.z1302.winmx.com c3318.z1303.winmx.com c3318.z1304.winmx.com c3318.z1305.winmx.com c3318.z1306.winmx.com
O1 - Hosts: 212.227.64.159 c3313.z1301.winmx.com c3313.z1302.winmx.com c3313.z1303.winmx.com c3313.z1304.winmx.com c3313.z1305.winmx.com c3313.z1306.winmx.com c3317.z1301.winmx.com c3317.z1302.winmx.com c3317.z1303.winmx.com c3317.z1304.winmx.com c3317.z1305.winmx.com c3317.z1306.winmx.com
O1 - Hosts: 82.195.155.5 c3311.z1301.winmx.com c3311.z1302.winmx.com c3311.z1303.winmx.com c3311.z1304.winmx.com c3311.z1305.winmx.com c3311.z1306.winmx.com c3315.z1301.winmx.com c3315.z1302.winmx.com c3315.z1303.winmx.com c3315.z1304.winmx.com c3315.z1305.winmx.com c3315.z1306.winmx.com
O1 - Hosts: 82.43.224.20 c3319.z1301.winmx.com c3319.z1302.winmx.com c3319.z1303.winmx.com c3319.z1304.winmx.com c3319.z1305.winmx.com c3319.z1306.winmx.com
O1 - Hosts: 209.67.209.50 c3520.z1301.winmx.com c3520.z1302.winmx.com c3520.z1303.winmx.com c3520.z1304.winmx.com c3520.z1305.winmx.com c3520.z1306.winmx.com c3522.z1301.winmx.com c3522.z1302.winmx.com c3522.z1303.winmx.com c3522.z1304.winmx.com c3522.z1305.winmx.com c3522.z1306.winmx.com c3524.z1301.winmx.com c3524.z1302.winmx.com c3524.z1303.winmx.com c3524.z1304.winmx.com c3524.z1305.winmx.com c3524.z1306.winmx.com c3526.z1301.winmx.com c3526.z1302.winmx.com c3526.z1303.winmx.com c3526.z1304.winmx.com c3526.z1305.winmx.com c3526.z1306.winmx.com c3528.z1301.winmx.com c3528.z1302.winmx.com c3528.z1303.winmx.com c3528.z1304.winmx.com c3528.z1305.winmx.com c3528.z1306.winmx.com
O1 - Hosts: 212.227.64.159 c3523.z1301.winmx.com c3523.z1302.winmx.com c3523.z1303.winmx.com c3523.z1304.winmx.com c3523.z1305.winmx.com c3523.z1306.winmx.com c3527.z1301.winmx.com c3527.z1302.winmx.com c3527.z1303.winmx.com c3527.z1304.winmx.com c3527.z1305.winmx.com c3527.z1306.winmx.com
O1 - Hosts: 82.195.155.5 c3521.z1301.winmx.com c3521.z1302.winmx.com c3521.z1303.winmx.com c3521.z1304.winmx.com c3521.z1305.winmx.com c3521.z1306.winmx.com c3525.z1301.winmx.com c3525.z1302.winmx.com c3525.z1303.winmx.com c3525.z1304.winmx.com c3525.z1305.winmx.com c3525.z1306.winmx.com
O1 - Hosts: 82.43.224.20 c3529.z1301.winmx.com c3529.z1302.winmx.com c3529.z1303.winmx.com c3529.z1304.winmx.com c3529.z1305.winmx.com c3529.z1306.winmx.com
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: AltaVista Toolbar - {4E7BD74F-2B8D-469E-92EA-EC65A294AE31} - C:\WINDOWS\DOWNLO~1\CONFLICT.1\ALTAVI~1.DLL
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: C:\WINDOWS\system32\st3d.dll - {86AA461F-2A5B-4889-B543-E1BBA6746D61} - C:\WINDOWS\system32\st3d.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - :C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (file missing)
O3 - Toolbar: AltaVista Toolbar - {4E7BD74F-2B8D-469E-92EA-EC65A294AE31} - C:\WINDOWS\DOWNLO~1\CONFLICT.1\ALTAVI~1.DLL
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn4\yt.dll
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [Daily Weather Forecast] C:\Program Files\Daily Weather Forecast\weather.exe
O4 - HKLM\..\Run: [EPSON Stylus CX6600 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9EE.EXE /P26 "EPSON Stylus CX6600 Series" /O6 "USB001" /M "Stylus CX6600"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [TrojanScanner] C:\Program Files\Trojan Remover\Trjscan.exe
O4 - HKCU\..\Run: [MSMSGS] :"C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [LDM] \Program\
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: SYSTRANET.lnk = C:\Program Files\Systran\Classic3.0\Systrnet.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Recherche AltaVista - file://C:\Program Files\ALTAVISTA Toolbar\Cache\SelectedContextSearch.htm
O8 - Extra context menu item: SYSTRAN: &Effacer le cache de traduction - C:\Program Files\Systran\Classic3.0\menuClearCache.html
O8 - Extra context menu item: SYSTRAN: &Options - C:\Program Files\Systran\Classic3.0\menuConfigure.html
O8 - Extra context menu item: SYSTRAN: &Traduire - C:\Program Files\Systran\Classic3.0\menuTranslate.html
O8 - Extra context menu item: SYSTRAN: En®istrement - C:\Program Files\Systran\Classic3.0\menuRegister.html
O8 - Extra context menu item: SYSTRAN: Rechercher les &mises à jour - C:\Program Files\Systran\Classic3.0\menuUpdate.html
O8 - Extra context menu item: SYSTRAN: Traduire les &cadres - C:\Program Files\Systran\Classic3.0\menuTranslateAll.html
O8 - Extra context menu item: Traduction - file://C:\Program Files\ALTAVISTA Toolbar\Cache\SelectedContextTranslation.htm
O8 - Extra context menu item: Télécharger en utilisant Download &Express - C:\Program Files\Download Express\Add_Url.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: @sysiecom.dll,-2100 - {703436F1-3E1F-11d3-8F6B-00105A2A1D59} - C:\Program Files\Systran\Classic3.0\MenuTranslate.html
O9 - Extra 'Tools' menuitem: @sysiecom.dll,-2102 - {703436F1-3E1F-11d3-8F6B-00105A2A1D59} - C:\Program Files\Systran\Classic3.0\MenuTranslate.html
O9 - Extra button: @sysiecom.dll,-2103 - {703436F2-3E1F-11d3-8F6B-00105A2A1D59} - C:\Program Files\Systran\Classic3.0\MenuTranslateAll.html
O9 - Extra 'Tools' menuitem: @sysiecom.dll,-2105 - {703436F2-3E1F-11d3-8F6B-00105A2A1D59} - C:\Program Files\Systran\Classic3.0\MenuTranslateAll.html
O9 - Extra button: @sysiecom.dll,-2115 - {703436F3-3E1F-11d3-8F6B-00105A2A1D59} - C:\Program Files\Systran\Classic3.0\MenuConfigure.html
O9 - Extra 'Tools' menuitem: @sysiecom.dll,-2117 - {703436F3-3E1F-11d3-8F6B-00105A2A1D59} - C:\Program Files\Systran\Classic3.0\MenuConfigure.html
O9 - Extra button: (no name) - {703436F4-3E1F-11d3-8F6B-00105A2A1D59} - C:\Program Files\Systran\Classic3.0\MenuClearCache.html
O9 - Extra 'Tools' menuitem: @sysiecom.dll,-2108 - {703436F4-3E1F-11d3-8F6B-00105A2A1D59} - C:\Program Files\Systran\Classic3.0\MenuClearCache.html
O9 - Extra button: (no name) - {703436F5-3E1F-11d3-8F6B-00105A2A1D59} - C:\Program Files\Systran\Classic3.0\MenuRegister.html
O9 - Extra 'Tools' menuitem: @sysiecom.dll,-2111 - {703436F5-3E1F-11d3-8F6B-00105A2A1D59} - C:\Program Files\Systran\Classic3.0\MenuRegister.html
O9 - Extra button: (no name) - {703436F6-3E1F-11d3-8F6B-00105A2A1D59} - C:\Program Files\Systran\Classic3.0\MenuUpdates.html (file missing)
A voir également:
- Infecté par Trojan.Stwoyle
- Alerte windows ordinateur infecté - Accueil - Arnaque
- L'ordinateur de simon a été infecté par un virus répertorié récemment ✓ - Forum Virus
- L'ordinateur de mustapha a été infecté par un virus répertorié récemment - Forum Virus
- Infection par : ONLYPC Flow.co.in ✓ - Forum Virus
- Mustapha - Forum Windows
11 réponses
salut
wahou impreszionant !
ton rapport est imcomplet ; fais "selectionner tou " pusi copier et tu colle ici
fixe ca et supprime les fichiers en gras
R3 - Default URLSearchHook is missing
O1 - Hosts: 205.238.40.2 www.winmx.com
O1 - Hosts: 205.238.40.2 err.winmx.com
O1 - Hosts: 209.67.209.50 test3201.winmx.com test3203.winmx.com test3205.winmx.com test3207.winmx.com
O1 - Hosts: 82.43.224.20 test3202.winmx.com test3204.winmx.com test3206.winmx.com test3208.winmx.com
O1 - Hosts: 209.67.209.50 c3310.z1301.winmx.com c3310.z1302.winmx.com c3310.z1303.winmx.com c3310.z1304.winmx.com c3310.z1305.winmx.com c3310.z1306.winmx.com c3312.z1301.winmx.com c3312.z1302.winmx.com c3312.z1303.winmx.com c3312.z1304.winmx.com c3312.z1305.winmx.com c3312.z1306.winmx.com c3314.z1301.winmx.com c3314.z1302.winmx.com c3314.z1303.winmx.com c3314.z1304.winmx.com c3314.z1305.winmx.com c3314.z1306.winmx.com c3316.z1301.winmx.com c3316.z1302.winmx.com c3316.z1303.winmx.com c3316.z1304.winmx.com c3316.z1305.winmx.com c3316.z1306.winmx.com c3318.z1301.winmx.com c3318.z1302.winmx.com c3318.z1303.winmx.com c3318.z1304.winmx.com c3318.z1305.winmx.com c3318.z1306.winmx.com
O1 - Hosts: 212.227.64.159 c3313.z1301.winmx.com c3313.z1302.winmx.com c3313.z1303.winmx.com c3313.z1304.winmx.com c3313.z1305.winmx.com c3313.z1306.winmx.com c3317.z1301.winmx.com c3317.z1302.winmx.com c3317.z1303.winmx.com c3317.z1304.winmx.com c3317.z1305.winmx.com c3317.z1306.winmx.com
O1 - Hosts: 82.195.155.5 c3311.z1301.winmx.com c3311.z1302.winmx.com c3311.z1303.winmx.com c3311.z1304.winmx.com c3311.z1305.winmx.com c3311.z1306.winmx.com c3315.z1301.winmx.com c3315.z1302.winmx.com c3315.z1303.winmx.com c3315.z1304.winmx.com c3315.z1305.winmx.com c3315.z1306.winmx.com
O1 - Hosts: 82.43.224.20 c3319.z1301.winmx.com c3319.z1302.winmx.com c3319.z1303.winmx.com c3319.z1304.winmx.com c3319.z1305.winmx.com c3319.z1306.winmx.com
O1 - Hosts: 209.67.209.50 c3520.z1301.winmx.com c3520.z1302.winmx.com c3520.z1303.winmx.com c3520.z1304.winmx.com c3520.z1305.winmx.com c3520.z1306.winmx.com c3522.z1301.winmx.com c3522.z1302.winmx.com c3522.z1303.winmx.com c3522.z1304.winmx.com c3522.z1305.winmx.com c3522.z1306.winmx.com c3524.z1301.winmx.com c3524.z1302.winmx.com c3524.z1303.winmx.com c3524.z1304.winmx.com c3524.z1305.winmx.com c3524.z1306.winmx.com c3526.z1301.winmx.com c3526.z1302.winmx.com c3526.z1303.winmx.com c3526.z1304.winmx.com c3526.z1305.winmx.com c3526.z1306.winmx.com c3528.z1301.winmx.com c3528.z1302.winmx.com c3528.z1303.winmx.com c3528.z1304.winmx.com c3528.z1305.winmx.com c3528.z1306.winmx.com
O1 - Hosts: 212.227.64.159 c3523.z1301.winmx.com c3523.z1302.winmx.com c3523.z1303.winmx.com c3523.z1304.winmx.com c3523.z1305.winmx.com c3523.z1306.winmx.com c3527.z1301.winmx.com c3527.z1302.winmx.com c3527.z1303.winmx.com c3527.z1304.winmx.com c3527.z1305.winmx.com c3527.z1306.winmx.com
O1 - Hosts: 82.195.155.5 c3521.z1301.winmx.com c3521.z1302.winmx.com c3521.z1303.winmx.com c3521.z1304.winmx.com c3521.z1305.winmx.com c3521.z1306.winmx.com c3525.z1301.winmx.com c3525.z1302.winmx.com c3525.z1303.winmx.com c3525.z1304.winmx.com c3525.z1305.winmx.com c3525.z1306.winmx.com
O1 - Hosts: 82.43.224.20 c3529.z1301.winmx.com c3529.z1302.winmx.com c3529.z1303.winmx.com c3529.z1304.winmx.com c3529.z1305.winmx.com c3529.z1306.winmx.com
tu remarque que tu as 2 lignes avec la meme dll ( enfin tu le remarquerai si t'avais mis ton rapport complet !!!! ) mais tu as cet exe en 02
O2 - BHO: C:\WINDOWS\system32\st3d.dll - {86AA461F-2A5B-4889-B543-E1BBA6746D61} - C:\WINDOWS\system32\st3d.dll
tu dois avoir le meme exe en 020 , quelque chose comme ca
O20 - Winlogon Notify: st3d - C:\WINDOWS\system32\st3d.dll
télécharge : process xp ici:
http://www.sysinternals.com/files/procexpnt.zip
decompresse le
Déconnecte toi
Ferme tous les programmes
double clic sur processxp.exe
* Dans la fenêtre principale de processxp double clic sur winlogon.exe
Dans la nouvelle fenêtre qui s'ouvre clique sur threads
sélectionne seulement les lignes qui contiennent la dll st3d.dll puis clique sur kill pour chacune des lignes trouvées.
une fois fait, valide avec ok
* Dans la fenêtre principale de processxp double clic sur explorer.exe
Dans la nouvelle fenêtre qui s'ouvre clique sur threads
sélectionner seulement les lignes qui contiennent la dll st3d.dll puis clique sur kill pour chacune des lignes trouvées.
une fois fait, valide avec ok
ensuite tu ouvre la kill box
Télécharge: Pocket Killbox ici
http://www.downloads.subratam.org/KillBox.exe
Démo d utilisation (merci a Balltrap34 pour cette réalisation) :
http://pageperso.aol.fr/balltrap34/killbox.htm
tu colle les dll suspectes et tu les effaces
Comme ceci:
Double clic sur killbox.exe (Pocket Killbox)
- coche: delete on reboot
- Dans "Full Path of File to Delete"
copie et colle: C:\WINDOWS\system32\st3d.dll
- clique sur la croix rouge
- une fenêtre va apparaître pour confirmation clique sur YES
- une seconde fenêtre te demande si tu veux redémarrer clique sur YES
Laisse le pc redémarrer.
Et après reposte un log HijackThis.
wahou impreszionant !
ton rapport est imcomplet ; fais "selectionner tou " pusi copier et tu colle ici
fixe ca et supprime les fichiers en gras
R3 - Default URLSearchHook is missing
O1 - Hosts: 205.238.40.2 www.winmx.com
O1 - Hosts: 205.238.40.2 err.winmx.com
O1 - Hosts: 209.67.209.50 test3201.winmx.com test3203.winmx.com test3205.winmx.com test3207.winmx.com
O1 - Hosts: 82.43.224.20 test3202.winmx.com test3204.winmx.com test3206.winmx.com test3208.winmx.com
O1 - Hosts: 209.67.209.50 c3310.z1301.winmx.com c3310.z1302.winmx.com c3310.z1303.winmx.com c3310.z1304.winmx.com c3310.z1305.winmx.com c3310.z1306.winmx.com c3312.z1301.winmx.com c3312.z1302.winmx.com c3312.z1303.winmx.com c3312.z1304.winmx.com c3312.z1305.winmx.com c3312.z1306.winmx.com c3314.z1301.winmx.com c3314.z1302.winmx.com c3314.z1303.winmx.com c3314.z1304.winmx.com c3314.z1305.winmx.com c3314.z1306.winmx.com c3316.z1301.winmx.com c3316.z1302.winmx.com c3316.z1303.winmx.com c3316.z1304.winmx.com c3316.z1305.winmx.com c3316.z1306.winmx.com c3318.z1301.winmx.com c3318.z1302.winmx.com c3318.z1303.winmx.com c3318.z1304.winmx.com c3318.z1305.winmx.com c3318.z1306.winmx.com
O1 - Hosts: 212.227.64.159 c3313.z1301.winmx.com c3313.z1302.winmx.com c3313.z1303.winmx.com c3313.z1304.winmx.com c3313.z1305.winmx.com c3313.z1306.winmx.com c3317.z1301.winmx.com c3317.z1302.winmx.com c3317.z1303.winmx.com c3317.z1304.winmx.com c3317.z1305.winmx.com c3317.z1306.winmx.com
O1 - Hosts: 82.195.155.5 c3311.z1301.winmx.com c3311.z1302.winmx.com c3311.z1303.winmx.com c3311.z1304.winmx.com c3311.z1305.winmx.com c3311.z1306.winmx.com c3315.z1301.winmx.com c3315.z1302.winmx.com c3315.z1303.winmx.com c3315.z1304.winmx.com c3315.z1305.winmx.com c3315.z1306.winmx.com
O1 - Hosts: 82.43.224.20 c3319.z1301.winmx.com c3319.z1302.winmx.com c3319.z1303.winmx.com c3319.z1304.winmx.com c3319.z1305.winmx.com c3319.z1306.winmx.com
O1 - Hosts: 209.67.209.50 c3520.z1301.winmx.com c3520.z1302.winmx.com c3520.z1303.winmx.com c3520.z1304.winmx.com c3520.z1305.winmx.com c3520.z1306.winmx.com c3522.z1301.winmx.com c3522.z1302.winmx.com c3522.z1303.winmx.com c3522.z1304.winmx.com c3522.z1305.winmx.com c3522.z1306.winmx.com c3524.z1301.winmx.com c3524.z1302.winmx.com c3524.z1303.winmx.com c3524.z1304.winmx.com c3524.z1305.winmx.com c3524.z1306.winmx.com c3526.z1301.winmx.com c3526.z1302.winmx.com c3526.z1303.winmx.com c3526.z1304.winmx.com c3526.z1305.winmx.com c3526.z1306.winmx.com c3528.z1301.winmx.com c3528.z1302.winmx.com c3528.z1303.winmx.com c3528.z1304.winmx.com c3528.z1305.winmx.com c3528.z1306.winmx.com
O1 - Hosts: 212.227.64.159 c3523.z1301.winmx.com c3523.z1302.winmx.com c3523.z1303.winmx.com c3523.z1304.winmx.com c3523.z1305.winmx.com c3523.z1306.winmx.com c3527.z1301.winmx.com c3527.z1302.winmx.com c3527.z1303.winmx.com c3527.z1304.winmx.com c3527.z1305.winmx.com c3527.z1306.winmx.com
O1 - Hosts: 82.195.155.5 c3521.z1301.winmx.com c3521.z1302.winmx.com c3521.z1303.winmx.com c3521.z1304.winmx.com c3521.z1305.winmx.com c3521.z1306.winmx.com c3525.z1301.winmx.com c3525.z1302.winmx.com c3525.z1303.winmx.com c3525.z1304.winmx.com c3525.z1305.winmx.com c3525.z1306.winmx.com
O1 - Hosts: 82.43.224.20 c3529.z1301.winmx.com c3529.z1302.winmx.com c3529.z1303.winmx.com c3529.z1304.winmx.com c3529.z1305.winmx.com c3529.z1306.winmx.com
tu remarque que tu as 2 lignes avec la meme dll ( enfin tu le remarquerai si t'avais mis ton rapport complet !!!! ) mais tu as cet exe en 02
O2 - BHO: C:\WINDOWS\system32\st3d.dll - {86AA461F-2A5B-4889-B543-E1BBA6746D61} - C:\WINDOWS\system32\st3d.dll
tu dois avoir le meme exe en 020 , quelque chose comme ca
O20 - Winlogon Notify: st3d - C:\WINDOWS\system32\st3d.dll
télécharge : process xp ici:
http://www.sysinternals.com/files/procexpnt.zip
decompresse le
Déconnecte toi
Ferme tous les programmes
double clic sur processxp.exe
* Dans la fenêtre principale de processxp double clic sur winlogon.exe
Dans la nouvelle fenêtre qui s'ouvre clique sur threads
sélectionne seulement les lignes qui contiennent la dll st3d.dll puis clique sur kill pour chacune des lignes trouvées.
une fois fait, valide avec ok
* Dans la fenêtre principale de processxp double clic sur explorer.exe
Dans la nouvelle fenêtre qui s'ouvre clique sur threads
sélectionner seulement les lignes qui contiennent la dll st3d.dll puis clique sur kill pour chacune des lignes trouvées.
une fois fait, valide avec ok
ensuite tu ouvre la kill box
Télécharge: Pocket Killbox ici
http://www.downloads.subratam.org/KillBox.exe
Démo d utilisation (merci a Balltrap34 pour cette réalisation) :
http://pageperso.aol.fr/balltrap34/killbox.htm
tu colle les dll suspectes et tu les effaces
Comme ceci:
Double clic sur killbox.exe (Pocket Killbox)
- coche: delete on reboot
- Dans "Full Path of File to Delete"
copie et colle: C:\WINDOWS\system32\st3d.dll
- clique sur la croix rouge
- une fenêtre va apparaître pour confirmation clique sur YES
- une seconde fenêtre te demande si tu veux redémarrer clique sur YES
Laisse le pc redémarrer.
Et après reposte un log HijackThis.
Salut ben13010 et Gégé,
ben à quoi correspondent ces infections de type ".winmx.com" ?
Gégé :
Télécharge CounterSpy sur :
http://www.01net.com/telecharger/windows/Utilitaire/antivirus/fiches/31393.html
Mets le programme à jour, scannes en mode Full System (par défaut) et supprime ce qu'il trouve.
Ensuite, tu vas dans System Tools -> My PC Checkup -> Start -> Tu sélectionnes tout -> Continue (ça équivaut à la vaccination de Spybot mais en + balaise).
Bonne chance.
++
ben à quoi correspondent ces infections de type ".winmx.com" ?
Gégé :
Télécharge CounterSpy sur :
http://www.01net.com/telecharger/windows/Utilitaire/antivirus/fiches/31393.html
Mets le programme à jour, scannes en mode Full System (par défaut) et supprime ce qu'il trouve.
Ensuite, tu vas dans System Tools -> My PC Checkup -> Start -> Tu sélectionnes tout -> Continue (ça équivaut à la vaccination de Spybot mais en + balaise).
Bonne chance.
++
Bonjour Krisptopher
merci pour tes renseignements, et CounterSpy qui m'a l'air pas mal
car c'est le seul qui détecte 1 problème je pense que c'est le même que Norton (je ne connais pas l'Anglais)mais il ne le solutionne pas non plus !.
depuis j'ai repassé tout ce que j'avais donné hier + CounterSpy et
tmas-web-scan, en mode sans échec et mode normal mais rien de mieux Trojan est toujours là.
je ne suis pas très doué mais ce que je comprends sur le site Norton
il semblerait possible d’effacer dans le registre ? mais faut-il effacer la fameuse dll : st3d.dll ? peux tu me dire si cette dll est crée par Trojan ou si c'est une DLL de Win. XP .
Encore merci d'avance
gege
merci pour tes renseignements, et CounterSpy qui m'a l'air pas mal
car c'est le seul qui détecte 1 problème je pense que c'est le même que Norton (je ne connais pas l'Anglais)mais il ne le solutionne pas non plus !.
depuis j'ai repassé tout ce que j'avais donné hier + CounterSpy et
tmas-web-scan, en mode sans échec et mode normal mais rien de mieux Trojan est toujours là.
je ne suis pas très doué mais ce que je comprends sur le site Norton
il semblerait possible d’effacer dans le registre ? mais faut-il effacer la fameuse dll : st3d.dll ? peux tu me dire si cette dll est crée par Trojan ou si c'est une DLL de Win. XP .
Encore merci d'avance
gege
mais faut-il effacer la fameuse dll : st3d.dll ? peux tu me dire si cette dll est crée par Trojan ou si c'est une DLL de Win. XP .
tu crois que je te ferai supprimer une dll de windows ? si tu as pas confiance en nous , c'est pas la peine de venir sur ce forum
c infecté c'est tout !
deja envois nous un rapport hijack complet et fais ce que je ta'i indiqué
si cette dll est en ligne 02 et 020 (ce que je ne peut que deviner vu ton rapport incomplet ) il faut la virer
fixe les lignes indiqué et utilise process xp
tu crois que je te ferai supprimer une dll de windows ? si tu as pas confiance en nous , c'est pas la peine de venir sur ce forum
c infecté c'est tout !
deja envois nous un rapport hijack complet et fais ce que je ta'i indiqué
si cette dll est en ligne 02 et 020 (ce que je ne peut que deviner vu ton rapport incomplet ) il faut la virer
fixe les lignes indiqué et utilise process xp
rebonjour
je suis perdu sur le forum, je croyais que Ben était dans la même situation que moi, c'est pourquoi j'ai répondu à Kristopher. Je m'en excuse et je ne pensais pas que la réponse sur le rapport incomplet me concernait et que la suppression de la dll était pour moi. J'essaie de vous renvoyer un rapport plus complet (je ne maitrise pas hijack ) j'espère y arriver. En vous remerciant. Gégé
Logfile of HijackThis v1.99.1
Scan saved at 14:53:05, on 15/01/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Sunbelt Software\CounterSpy\Consumer\sunThreatEngine.exe
C:\Program Files\Sunbelt Software\CounterSpy\Consumer\SunProtectionServer.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\Program Files\Ahead\InCD\InCD.exe
C:\Program Files\Daily Weather Forecast\weather.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\Sunbelt Software\CounterSpy\Consumer\sunserver.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\ewido anti-malware\ewidoguard.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Documents and Settings\gege\Mes documents\Mes fichiers reçus\Hijackthis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.neuf.fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://votreportail.neuf.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - Default URLSearchHook is missing
O1 - Hosts: 205.238.40.2 www.winmx.com
O1 - Hosts: 205.238.40.2 err.winmx.com
O1 - Hosts: 209.67.209.50 test3201.winmx.com test3203.winmx.com test3205.winmx.com test3207.winmx.com
O1 - Hosts: 82.43.224.20 test3202.winmx.com test3204.winmx.com test3206.winmx.com test3208.winmx.com
O1 - Hosts: 209.67.209.50 c3310.z1301.winmx.com c3310.z1302.winmx.com c3310.z1303.winmx.com c3310.z1304.winmx.com c3310.z1305.winmx.com c3310.z1306.winmx.com c3312.z1301.winmx.com c3312.z1302.winmx.com c3312.z1303.winmx.com c3312.z1304.winmx.com c3312.z1305.winmx.com c3312.z1306.winmx.com c3314.z1301.winmx.com c3314.z1302.winmx.com c3314.z1303.winmx.com c3314.z1304.winmx.com c3314.z1305.winmx.com c3314.z1306.winmx.com c3316.z1301.winmx.com c3316.z1302.winmx.com c3316.z1303.winmx.com c3316.z1304.winmx.com c3316.z1305.winmx.com c3316.z1306.winmx.com c3318.z1301.winmx.com c3318.z1302.winmx.com c3318.z1303.winmx.com c3318.z1304.winmx.com c3318.z1305.winmx.com c3318.z1306.winmx.com
O1 - Hosts: 212.227.64.159 c3313.z1301.winmx.com c3313.z1302.winmx.com c3313.z1303.winmx.com c3313.z1304.winmx.com c3313.z1305.winmx.com c3313.z1306.winmx.com c3317.z1301.winmx.com c3317.z1302.winmx.com c3317.z1303.winmx.com c3317.z1304.winmx.com c3317.z1305.winmx.com c3317.z1306.winmx.com
O1 - Hosts: 82.195.155.5 c3311.z1301.winmx.com c3311.z1302.winmx.com c3311.z1303.winmx.com c3311.z1304.winmx.com c3311.z1305.winmx.com c3311.z1306.winmx.com c3315.z1301.winmx.com c3315.z1302.winmx.com c3315.z1303.winmx.com c3315.z1304.winmx.com c3315.z1305.winmx.com c3315.z1306.winmx.com
O1 - Hosts: 82.43.224.20 c3319.z1301.winmx.com c3319.z1302.winmx.com c3319.z1303.winmx.com c3319.z1304.winmx.com c3319.z1305.winmx.com c3319.z1306.winmx.com
O1 - Hosts: 209.67.209.50 c3520.z1301.winmx.com c3520.z1302.winmx.com c3520.z1303.winmx.com c3520.z1304.winmx.com c3520.z1305.winmx.com c3520.z1306.winmx.com c3522.z1301.winmx.com c3522.z1302.winmx.com c3522.z1303.winmx.com c3522.z1304.winmx.com c3522.z1305.winmx.com c3522.z1306.winmx.com c3524.z1301.winmx.com c3524.z1302.winmx.com c3524.z1303.winmx.com c3524.z1304.winmx.com c3524.z1305.winmx.com c3524.z1306.winmx.com c3526.z1301.winmx.com c3526.z1302.winmx.com c3526.z1303.winmx.com c3526.z1304.winmx.com c3526.z1305.winmx.com c3526.z1306.winmx.com c3528.z1301.winmx.com c3528.z1302.winmx.com c3528.z1303.winmx.com c3528.z1304.winmx.com c3528.z1305.winmx.com c3528.z1306.winmx.com
O1 - Hosts: 212.227.64.159 c3523.z1301.winmx.com c3523.z1302.winmx.com c3523.z1303.winmx.com c3523.z1304.winmx.com c3523.z1305.winmx.com c3523.z1306.winmx.com c3527.z1301.winmx.com c3527.z1302.winmx.com c3527.z1303.winmx.com c3527.z1304.winmx.com c3527.z1305.winmx.com c3527.z1306.winmx.com
O1 - Hosts: 82.195.155.5 c3521.z1301.winmx.com c3521.z1302.winmx.com c3521.z1303.winmx.com c3521.z1304.winmx.com c3521.z1305.winmx.com c3521.z1306.winmx.com c3525.z1301.winmx.com c3525.z1302.winmx.com c3525.z1303.winmx.com c3525.z1304.winmx.com c3525.z1305.winmx.com c3525.z1306.winmx.com
O1 - Hosts: 82.43.224.20 c3529.z1301.winmx.com c3529.z1302.winmx.com c3529.z1303.winmx.com c3529.z1304.winmx.com c3529.z1305.winmx.com c3529.z1306.winmx.com
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: AltaVista Toolbar - {4E7BD74F-2B8D-469E-92EA-EC65A294AE31} - C:\WINDOWS\DOWNLO~1\CONFLICT.1\ALTAVI~1.DLL
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: C:\WINDOWS\system32\st3d.dll - {86AA461F-2A5B-4889-B543-E1BBA6746D61} - C:\WINDOWS\system32\st3d.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - :C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (file missing)
O3 - Toolbar: AltaVista Toolbar - {4E7BD74F-2B8D-469E-92EA-EC65A294AE31} - C:\WINDOWS\DOWNLO~1\CONFLICT.1\ALTAVI~1.DLL
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn4\yt.dll
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [Daily Weather Forecast] C:\Program Files\Daily Weather Forecast\weather.exe
O4 - HKLM\..\Run: [EPSON Stylus CX6600 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9EE.EXE /P26 "EPSON Stylus CX6600 Series" /O6 "USB001" /M "Stylus CX6600"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [TrojanScanner] C:\Program Files\Trojan Remover\Trjscan.exe
O4 - HKLM\..\Run: [SunServer] C:\Program Files\Sunbelt Software\CounterSpy\Consumer\sunserver.exe
O4 - HKCU\..\Run: [MSMSGS] :"C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [LDM] \Program\
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: SYSTRANET.lnk = C:\Program Files\Systran\Classic3.0\Systrnet.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Recherche AltaVista - file://C:\Program Files\ALTAVISTA Toolbar\Cache\SelectedContextSearch.htm
O8 - Extra context menu item: SYSTRAN: &Effacer le cache de traduction - C:\Program Files\Systran\Classic3.0\menuClearCache.html
O8 - Extra context menu item: SYSTRAN: &Options - C:\Program Files\Systran\Classic3.0\menuConfigure.html
O8 - Extra context menu item: SYSTRAN: &Traduire - C:\Program Files\Systran\Classic3.0\menuTranslate.html
O8 - Extra context menu item: SYSTRAN: En®istrement - C:\Program Files\Systran\Classic3.0\menuRegister.html
O8 - Extra context menu item: SYSTRAN: Rechercher les &mises à jour - C:\Program Files\Systran\Classic3.0\menuUpdate.html
O8 - Extra context menu item: SYSTRAN: Traduire les &cadres - C:\Program Files\Systran\Classic3.0\menuTranslateAll.html
O8 - Extra context menu item: Traduction - file://C:\Program Files\ALTAVISTA Toolbar\Cache\SelectedContextTranslation.htm
O8 - Extra context menu item: Télécharger en utilisant Download &Express - C:\Program Files\Download Express\Add_Url.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: @sysiecom.dll,-2100 - {703436F1-3E1F-11d3-8F6B-00105A2A1D59} - C:\Program Files\Systran\Classic3.0\MenuTranslate.html
O9 - Extra 'Tools' menuitem: @sysiecom.dll,-2102 - {703436F1-3E1F-11d3-8F6B-00105A2A1D59} - C:\Program Files\Systran\Classic3.0\MenuTranslate.html
O9 - Extra button: @sysiecom.dll,-2103 - {703436F2-3E1F-11d3-8F6B-00105A2A1D59} - C:\Program Files\Systran\Classic3.0\MenuTranslateAll.html
O9 - Extra 'Tools' menuitem: @sysiecom.dll,-2105 - {703436F2-3E1F-11d3-8F6B-00105A2A1D59} - C:\Program Files\Systran\Classic3.0\MenuTranslateAll.html
O9 - Extra button: @sysiecom.dll,-2115 - {703436F3-3E1F-11d3-8F6B-00105A2A1D59} - C:\Program Files\Systran\Classic3.0\MenuConfigure.html
O9 - Extra 'Tools' menuitem: @sysiecom.dll,-2117 - {703436F3-3E1F-11d3-8F6B-00105A2A1D59} - C:\Program Files\Systran\Classic3.0\MenuConfigure.html
O9 - Extra button: (no name) - {703436F4-3E1F-11d3-8F6B-00105A2A1D59} - C:\Program Files\Systran\Classic3.0\MenuClearCache.html
O9 - Extra 'Tools' menuitem: @sysiecom.dll,-2108 - {703436F4-3E1F-11d3-8F6B-00105A2A1D59} - C:\Program Files\Systran\Classic3.0\MenuClearCache.html
O9 - Extra button: (no name) - {703436F5-3E1F-11d3-8F6B-00105A2A1D59} - C:\Program Files\Systran\Classic3.0\MenuRegister.html
O9 - Extra 'Tools' menuitem: @sysiecom.dll,-2111 - {703436F5-3E1F-11d3-8F6B-00105A2A1D59} - C:\Program Files\Systran\Classic3.0\MenuRegister.html
O9 - Extra button: (no name) - {703436F6-3E1F-11d3-8F6B-00105A2A1D59} - C:\Program Files\Systran\Classic3.0\MenuUpdates.html (file missing)
O9 - Extra 'Tools' menuitem: @sysiecom.dll,-2114 - {703436F6-3E1F-11d3-8F6B-00105A2A1D59} - C:\Program Files\Systran\Classic3.0\MenuUpdates.html (file missing)
O9 - Extra button: MP3Chansons - {76DD9E77-F06C-4471-AB6C-CF03C5C6B5B0} - C:\WINDOWS\system32\MP3Chansons (file missing)
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: www.archiviosex.net
O15 - Trusted Zone: *.boxsearch.net
O15 - Trusted Zone: www.redfunny.com
O15 - Trusted Zone: www.skymasters.biz
O15 - Trusted Zone: *.webseeking.com
O16 - DPF: teleir_cert - https://static.ir.dgi.minefi.gouv.fr/secure/connexion/archives/ie4n4/teleir_cert.cab
O16 - DPF: Yahoo! Chess - http://download.games.yahoo.com/games/clients/y/ct2_x.cab
O16 - DPF: Yahoo! Dominoes - http://download.games.yahoo.com/games/clients/y/dot8_x.cab
O16 - DPF: Yahoo! Fleet - http://download.games.yahoo.com/games/clients/y/fltt3_x.cab
O16 - DPF: Yahoo! Freecell Solitaire - http://presence.games.yahoo.com/yog/y/fs10_x.cab
O16 - DPF: Yahoo! Go - http://download.games.yahoo.com/games/clients/y/gt2_x.cab
O16 - DPF: Yahoo! MahJong Solitaire - http://download.games.yahoo.com/games/clients/y/mjst4_x.cab
O16 - DPF: {00000000-0000-0000-0000-000020030000} - http://www.advnt01.com/dialer/france_pep.exe
O16 - DPF: {084DAC27-6FA3-4F55-9005-033F2F102F5C} (ITPPDiagIE Class) - http://data.jeuxclassiques.com/npwwg.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/yinst/yinst_current.cab
O16 - DPF: {4E7BD74F-2B8D-469E-92EA-EC65A294AE31} (AltaVista Toolbar) - http://toolbar.altavista.com/static/toolbar/altavista.cab?r=1110389595
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1109927122234
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/housecall/xscan53.cab
O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} (AvxScanOnline Control) - http://www.bitdefender.com/scan/Msie/bitdefender.cab
O16 - DPF: {88C51E90-8E9C-4C96-8A45-574D88B63FAF} - http://acceso.masminutos.com/laaplicacion.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5/asinst.cab
O16 - DPF: {D19781C5-2051-44F8-8445-DDC82933C191} - http://advnt01.com/dialer/internazionale_ver11.CAB
O17 - HKLM\System\CCS\Services\Tcpip\..\{795317C0-9A69-42CD-8488-D9CF87A7B05A}: NameServer = 80.118.192.110 80.118.196.40
O17 - HKLM\System\CS1\Services\Tcpip\..\{795317C0-9A69-42CD-8488-D9CF87A7B05A}: NameServer = 80.118.192.110 80.118.196.40
O18 - Protocol: bw+0 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: st3d - C:\WINDOWS\system32\st3d.dll
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Ahead Software AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
je suis perdu sur le forum, je croyais que Ben était dans la même situation que moi, c'est pourquoi j'ai répondu à Kristopher. Je m'en excuse et je ne pensais pas que la réponse sur le rapport incomplet me concernait et que la suppression de la dll était pour moi. J'essaie de vous renvoyer un rapport plus complet (je ne maitrise pas hijack ) j'espère y arriver. En vous remerciant. Gégé
Logfile of HijackThis v1.99.1
Scan saved at 14:53:05, on 15/01/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Sunbelt Software\CounterSpy\Consumer\sunThreatEngine.exe
C:\Program Files\Sunbelt Software\CounterSpy\Consumer\SunProtectionServer.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\Program Files\Ahead\InCD\InCD.exe
C:\Program Files\Daily Weather Forecast\weather.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\Sunbelt Software\CounterSpy\Consumer\sunserver.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\ewido anti-malware\ewidoguard.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Documents and Settings\gege\Mes documents\Mes fichiers reçus\Hijackthis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.neuf.fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://votreportail.neuf.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - Default URLSearchHook is missing
O1 - Hosts: 205.238.40.2 www.winmx.com
O1 - Hosts: 205.238.40.2 err.winmx.com
O1 - Hosts: 209.67.209.50 test3201.winmx.com test3203.winmx.com test3205.winmx.com test3207.winmx.com
O1 - Hosts: 82.43.224.20 test3202.winmx.com test3204.winmx.com test3206.winmx.com test3208.winmx.com
O1 - Hosts: 209.67.209.50 c3310.z1301.winmx.com c3310.z1302.winmx.com c3310.z1303.winmx.com c3310.z1304.winmx.com c3310.z1305.winmx.com c3310.z1306.winmx.com c3312.z1301.winmx.com c3312.z1302.winmx.com c3312.z1303.winmx.com c3312.z1304.winmx.com c3312.z1305.winmx.com c3312.z1306.winmx.com c3314.z1301.winmx.com c3314.z1302.winmx.com c3314.z1303.winmx.com c3314.z1304.winmx.com c3314.z1305.winmx.com c3314.z1306.winmx.com c3316.z1301.winmx.com c3316.z1302.winmx.com c3316.z1303.winmx.com c3316.z1304.winmx.com c3316.z1305.winmx.com c3316.z1306.winmx.com c3318.z1301.winmx.com c3318.z1302.winmx.com c3318.z1303.winmx.com c3318.z1304.winmx.com c3318.z1305.winmx.com c3318.z1306.winmx.com
O1 - Hosts: 212.227.64.159 c3313.z1301.winmx.com c3313.z1302.winmx.com c3313.z1303.winmx.com c3313.z1304.winmx.com c3313.z1305.winmx.com c3313.z1306.winmx.com c3317.z1301.winmx.com c3317.z1302.winmx.com c3317.z1303.winmx.com c3317.z1304.winmx.com c3317.z1305.winmx.com c3317.z1306.winmx.com
O1 - Hosts: 82.195.155.5 c3311.z1301.winmx.com c3311.z1302.winmx.com c3311.z1303.winmx.com c3311.z1304.winmx.com c3311.z1305.winmx.com c3311.z1306.winmx.com c3315.z1301.winmx.com c3315.z1302.winmx.com c3315.z1303.winmx.com c3315.z1304.winmx.com c3315.z1305.winmx.com c3315.z1306.winmx.com
O1 - Hosts: 82.43.224.20 c3319.z1301.winmx.com c3319.z1302.winmx.com c3319.z1303.winmx.com c3319.z1304.winmx.com c3319.z1305.winmx.com c3319.z1306.winmx.com
O1 - Hosts: 209.67.209.50 c3520.z1301.winmx.com c3520.z1302.winmx.com c3520.z1303.winmx.com c3520.z1304.winmx.com c3520.z1305.winmx.com c3520.z1306.winmx.com c3522.z1301.winmx.com c3522.z1302.winmx.com c3522.z1303.winmx.com c3522.z1304.winmx.com c3522.z1305.winmx.com c3522.z1306.winmx.com c3524.z1301.winmx.com c3524.z1302.winmx.com c3524.z1303.winmx.com c3524.z1304.winmx.com c3524.z1305.winmx.com c3524.z1306.winmx.com c3526.z1301.winmx.com c3526.z1302.winmx.com c3526.z1303.winmx.com c3526.z1304.winmx.com c3526.z1305.winmx.com c3526.z1306.winmx.com c3528.z1301.winmx.com c3528.z1302.winmx.com c3528.z1303.winmx.com c3528.z1304.winmx.com c3528.z1305.winmx.com c3528.z1306.winmx.com
O1 - Hosts: 212.227.64.159 c3523.z1301.winmx.com c3523.z1302.winmx.com c3523.z1303.winmx.com c3523.z1304.winmx.com c3523.z1305.winmx.com c3523.z1306.winmx.com c3527.z1301.winmx.com c3527.z1302.winmx.com c3527.z1303.winmx.com c3527.z1304.winmx.com c3527.z1305.winmx.com c3527.z1306.winmx.com
O1 - Hosts: 82.195.155.5 c3521.z1301.winmx.com c3521.z1302.winmx.com c3521.z1303.winmx.com c3521.z1304.winmx.com c3521.z1305.winmx.com c3521.z1306.winmx.com c3525.z1301.winmx.com c3525.z1302.winmx.com c3525.z1303.winmx.com c3525.z1304.winmx.com c3525.z1305.winmx.com c3525.z1306.winmx.com
O1 - Hosts: 82.43.224.20 c3529.z1301.winmx.com c3529.z1302.winmx.com c3529.z1303.winmx.com c3529.z1304.winmx.com c3529.z1305.winmx.com c3529.z1306.winmx.com
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: AltaVista Toolbar - {4E7BD74F-2B8D-469E-92EA-EC65A294AE31} - C:\WINDOWS\DOWNLO~1\CONFLICT.1\ALTAVI~1.DLL
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: C:\WINDOWS\system32\st3d.dll - {86AA461F-2A5B-4889-B543-E1BBA6746D61} - C:\WINDOWS\system32\st3d.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - :C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (file missing)
O3 - Toolbar: AltaVista Toolbar - {4E7BD74F-2B8D-469E-92EA-EC65A294AE31} - C:\WINDOWS\DOWNLO~1\CONFLICT.1\ALTAVI~1.DLL
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn4\yt.dll
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [Daily Weather Forecast] C:\Program Files\Daily Weather Forecast\weather.exe
O4 - HKLM\..\Run: [EPSON Stylus CX6600 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9EE.EXE /P26 "EPSON Stylus CX6600 Series" /O6 "USB001" /M "Stylus CX6600"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [TrojanScanner] C:\Program Files\Trojan Remover\Trjscan.exe
O4 - HKLM\..\Run: [SunServer] C:\Program Files\Sunbelt Software\CounterSpy\Consumer\sunserver.exe
O4 - HKCU\..\Run: [MSMSGS] :"C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [LDM] \Program\
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: SYSTRANET.lnk = C:\Program Files\Systran\Classic3.0\Systrnet.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Recherche AltaVista - file://C:\Program Files\ALTAVISTA Toolbar\Cache\SelectedContextSearch.htm
O8 - Extra context menu item: SYSTRAN: &Effacer le cache de traduction - C:\Program Files\Systran\Classic3.0\menuClearCache.html
O8 - Extra context menu item: SYSTRAN: &Options - C:\Program Files\Systran\Classic3.0\menuConfigure.html
O8 - Extra context menu item: SYSTRAN: &Traduire - C:\Program Files\Systran\Classic3.0\menuTranslate.html
O8 - Extra context menu item: SYSTRAN: En®istrement - C:\Program Files\Systran\Classic3.0\menuRegister.html
O8 - Extra context menu item: SYSTRAN: Rechercher les &mises à jour - C:\Program Files\Systran\Classic3.0\menuUpdate.html
O8 - Extra context menu item: SYSTRAN: Traduire les &cadres - C:\Program Files\Systran\Classic3.0\menuTranslateAll.html
O8 - Extra context menu item: Traduction - file://C:\Program Files\ALTAVISTA Toolbar\Cache\SelectedContextTranslation.htm
O8 - Extra context menu item: Télécharger en utilisant Download &Express - C:\Program Files\Download Express\Add_Url.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: @sysiecom.dll,-2100 - {703436F1-3E1F-11d3-8F6B-00105A2A1D59} - C:\Program Files\Systran\Classic3.0\MenuTranslate.html
O9 - Extra 'Tools' menuitem: @sysiecom.dll,-2102 - {703436F1-3E1F-11d3-8F6B-00105A2A1D59} - C:\Program Files\Systran\Classic3.0\MenuTranslate.html
O9 - Extra button: @sysiecom.dll,-2103 - {703436F2-3E1F-11d3-8F6B-00105A2A1D59} - C:\Program Files\Systran\Classic3.0\MenuTranslateAll.html
O9 - Extra 'Tools' menuitem: @sysiecom.dll,-2105 - {703436F2-3E1F-11d3-8F6B-00105A2A1D59} - C:\Program Files\Systran\Classic3.0\MenuTranslateAll.html
O9 - Extra button: @sysiecom.dll,-2115 - {703436F3-3E1F-11d3-8F6B-00105A2A1D59} - C:\Program Files\Systran\Classic3.0\MenuConfigure.html
O9 - Extra 'Tools' menuitem: @sysiecom.dll,-2117 - {703436F3-3E1F-11d3-8F6B-00105A2A1D59} - C:\Program Files\Systran\Classic3.0\MenuConfigure.html
O9 - Extra button: (no name) - {703436F4-3E1F-11d3-8F6B-00105A2A1D59} - C:\Program Files\Systran\Classic3.0\MenuClearCache.html
O9 - Extra 'Tools' menuitem: @sysiecom.dll,-2108 - {703436F4-3E1F-11d3-8F6B-00105A2A1D59} - C:\Program Files\Systran\Classic3.0\MenuClearCache.html
O9 - Extra button: (no name) - {703436F5-3E1F-11d3-8F6B-00105A2A1D59} - C:\Program Files\Systran\Classic3.0\MenuRegister.html
O9 - Extra 'Tools' menuitem: @sysiecom.dll,-2111 - {703436F5-3E1F-11d3-8F6B-00105A2A1D59} - C:\Program Files\Systran\Classic3.0\MenuRegister.html
O9 - Extra button: (no name) - {703436F6-3E1F-11d3-8F6B-00105A2A1D59} - C:\Program Files\Systran\Classic3.0\MenuUpdates.html (file missing)
O9 - Extra 'Tools' menuitem: @sysiecom.dll,-2114 - {703436F6-3E1F-11d3-8F6B-00105A2A1D59} - C:\Program Files\Systran\Classic3.0\MenuUpdates.html (file missing)
O9 - Extra button: MP3Chansons - {76DD9E77-F06C-4471-AB6C-CF03C5C6B5B0} - C:\WINDOWS\system32\MP3Chansons (file missing)
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: www.archiviosex.net
O15 - Trusted Zone: *.boxsearch.net
O15 - Trusted Zone: www.redfunny.com
O15 - Trusted Zone: www.skymasters.biz
O15 - Trusted Zone: *.webseeking.com
O16 - DPF: teleir_cert - https://static.ir.dgi.minefi.gouv.fr/secure/connexion/archives/ie4n4/teleir_cert.cab
O16 - DPF: Yahoo! Chess - http://download.games.yahoo.com/games/clients/y/ct2_x.cab
O16 - DPF: Yahoo! Dominoes - http://download.games.yahoo.com/games/clients/y/dot8_x.cab
O16 - DPF: Yahoo! Fleet - http://download.games.yahoo.com/games/clients/y/fltt3_x.cab
O16 - DPF: Yahoo! Freecell Solitaire - http://presence.games.yahoo.com/yog/y/fs10_x.cab
O16 - DPF: Yahoo! Go - http://download.games.yahoo.com/games/clients/y/gt2_x.cab
O16 - DPF: Yahoo! MahJong Solitaire - http://download.games.yahoo.com/games/clients/y/mjst4_x.cab
O16 - DPF: {00000000-0000-0000-0000-000020030000} - http://www.advnt01.com/dialer/france_pep.exe
O16 - DPF: {084DAC27-6FA3-4F55-9005-033F2F102F5C} (ITPPDiagIE Class) - http://data.jeuxclassiques.com/npwwg.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/yinst/yinst_current.cab
O16 - DPF: {4E7BD74F-2B8D-469E-92EA-EC65A294AE31} (AltaVista Toolbar) - http://toolbar.altavista.com/static/toolbar/altavista.cab?r=1110389595
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1109927122234
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/housecall/xscan53.cab
O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} (AvxScanOnline Control) - http://www.bitdefender.com/scan/Msie/bitdefender.cab
O16 - DPF: {88C51E90-8E9C-4C96-8A45-574D88B63FAF} - http://acceso.masminutos.com/laaplicacion.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5/asinst.cab
O16 - DPF: {D19781C5-2051-44F8-8445-DDC82933C191} - http://advnt01.com/dialer/internazionale_ver11.CAB
O17 - HKLM\System\CCS\Services\Tcpip\..\{795317C0-9A69-42CD-8488-D9CF87A7B05A}: NameServer = 80.118.192.110 80.118.196.40
O17 - HKLM\System\CS1\Services\Tcpip\..\{795317C0-9A69-42CD-8488-D9CF87A7B05A}: NameServer = 80.118.192.110 80.118.196.40
O18 - Protocol: bw+0 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: st3d - C:\WINDOWS\system32\st3d.dll
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Ahead Software AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
alors tu vas fixer ca encore (plus tous ce que je ta'i deja indiqué au post no 1 )
(pour fixer tu ouvre hijack tu clik sur le 2eme bouton , tu met une croix en face des lignes que je t'indique et quand tu les as toutes cochées , tu clik sur fix checked )
O15 - Trusted Zone: www.archiviosex.net
O15 - Trusted Zone: *.boxsearch.net
O15 - Trusted Zone: www.redfunny.com
O15 - Trusted Zone: www.skymasters.biz
O15 - Trusted Zone: *.webseeking.com
O16 - DPF: teleir_cert - https://static.ir.dgi.minefi.gouv.fr/secure/connexion/archives/ie4n4/teleir_cert.cab
O16 - DPF: Yahoo! Chess - http://download.games.yahoo.com/games/clients/y/ct2_x.cab
O16 - DPF: Yahoo! Dominoes - http://download.games.yahoo.com/games/clients/y/dot8_x.cab
O16 - DPF: Yahoo! Fleet - http://download.games.yahoo.com/games/clients/y/fltt3_x.cab
O16 - DPF: Yahoo! Freecell Solitaire - http://presence.games.yahoo.com/yog/y/fs10_x.cab
O16 - DPF: Yahoo! Go - http://download.games.yahoo.com/games/clients/y/gt2_x.cab
O16 - DPF: Yahoo! MahJong Solitaire - http://download.games.yahoo.com/games/clients/y/mjst4_x.cab
O16 - DPF: {00000000-0000-0000-0000-000020030000} - http://www.advnt01.com/dialer/france_pep.exe
O16 - DPF: {084DAC27-6FA3-4F55-9005-033F2F102F5C} (ITPPDiagIE Class) - http://data.jeuxclassiques.com/npwwg.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/yinst/yinst_current.cab
O16 - DPF: {4E7BD74F-2B8D-469E-92EA-EC65A294AE31} (AltaVista Toolbar) - http://toolbar.altavista.com/static/toolbar/altavista.cab?r=1110389595
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1109927122234
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/housecall/xscan53.cab
O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} (AvxScanOnline Control) - http://www.bitdefender.com/scan/Msie/bitdefender.cab
O16 - DPF: {88C51E90-8E9C-4C96-8A45-574D88B63FAF} - http://acceso.masminutos.com/laaplicacion.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5/asinst.cab
O16 - DPF: {D19781C5-2051-44F8-8445-DDC82933C191} - http://advnt01.com/dialer/internazionale_ver11.CAB
comme tu le vois la fameuse dll etait presente en ligne 020 comme je te le disais
O20 - Winlogon Notify: st3d - C:\WINDOWS\system32\st3d.dll
pour coriiger cette dll , tu effectue la procedure que je t'ai decrite plus haut avec processxp
ce log va te corriger tous ca , pas la peine de touche a ta base de registre
(pour fixer tu ouvre hijack tu clik sur le 2eme bouton , tu met une croix en face des lignes que je t'indique et quand tu les as toutes cochées , tu clik sur fix checked )
O15 - Trusted Zone: www.archiviosex.net
O15 - Trusted Zone: *.boxsearch.net
O15 - Trusted Zone: www.redfunny.com
O15 - Trusted Zone: www.skymasters.biz
O15 - Trusted Zone: *.webseeking.com
O16 - DPF: teleir_cert - https://static.ir.dgi.minefi.gouv.fr/secure/connexion/archives/ie4n4/teleir_cert.cab
O16 - DPF: Yahoo! Chess - http://download.games.yahoo.com/games/clients/y/ct2_x.cab
O16 - DPF: Yahoo! Dominoes - http://download.games.yahoo.com/games/clients/y/dot8_x.cab
O16 - DPF: Yahoo! Fleet - http://download.games.yahoo.com/games/clients/y/fltt3_x.cab
O16 - DPF: Yahoo! Freecell Solitaire - http://presence.games.yahoo.com/yog/y/fs10_x.cab
O16 - DPF: Yahoo! Go - http://download.games.yahoo.com/games/clients/y/gt2_x.cab
O16 - DPF: Yahoo! MahJong Solitaire - http://download.games.yahoo.com/games/clients/y/mjst4_x.cab
O16 - DPF: {00000000-0000-0000-0000-000020030000} - http://www.advnt01.com/dialer/france_pep.exe
O16 - DPF: {084DAC27-6FA3-4F55-9005-033F2F102F5C} (ITPPDiagIE Class) - http://data.jeuxclassiques.com/npwwg.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/yinst/yinst_current.cab
O16 - DPF: {4E7BD74F-2B8D-469E-92EA-EC65A294AE31} (AltaVista Toolbar) - http://toolbar.altavista.com/static/toolbar/altavista.cab?r=1110389595
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1109927122234
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/housecall/xscan53.cab
O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} (AvxScanOnline Control) - http://www.bitdefender.com/scan/Msie/bitdefender.cab
O16 - DPF: {88C51E90-8E9C-4C96-8A45-574D88B63FAF} - http://acceso.masminutos.com/laaplicacion.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5/asinst.cab
O16 - DPF: {D19781C5-2051-44F8-8445-DDC82933C191} - http://advnt01.com/dialer/internazionale_ver11.CAB
comme tu le vois la fameuse dll etait presente en ligne 020 comme je te le disais
O20 - Winlogon Notify: st3d - C:\WINDOWS\system32\st3d.dll
pour coriiger cette dll , tu effectue la procedure que je t'ai decrite plus haut avec processxp
ce log va te corriger tous ca , pas la peine de touche a ta base de registre
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
Re bonjour
Re grand merci Ben !
je suis débarrassé de cette saloperie !
je t'ai donc écouté, mais je n'ai pas pu affiché dans threads la ligne
02 et 020 tout se déroulait comme tu me le disais mais pas d'affichage de ces 2 lignes ? je commençais à craquer, je me voyais
formater, ça m'embêtais de te casser les pieds avec mon probléme ! j'ai repris l'explication de Norton pour effacer dans le registre, mais les données de Norton ne correspondaient pas à ce qu' il y avait dans les lignes 02et 020 de hijack.
les lignes de Norton :
HKEY_CLASSES_ROOT\CLSID\{ 6AC380F-8B39-4746-9C38-6B01B7331FF}
HKEY_LOCAL_MACHINE\SOFWARE\Micorosoft\WindowsNT\Current Version\Winlogon\Notify\stye2.
j'ai repris les données des 2 lignes 02 & 020 de hijack et je les ai retrouvées dans HKEY_CLASSES etc etc.. et HKEY_LOCAL etc etc .. et là il y avait bien st3d.dll dans chacunes d'elles. Je les ai
supprimées et rebouté le pc , Norton retrouvait encore mon Trojan ?
j'ai eu l'idée de me servir de KillBox et du menu Stndard File Kill et ça ne marchait toujours pas et puis j'ai eu l'idée d'aller chercher st2d.dll dans son rép. avec Delete on Reboot et là ça a marché ! ! ! !
je suis super content et je te remercie encore .
PS je ne pense pas que mon intervention soit normale mais bon ça a marché !
je te remercis et aussi Krisptopher qui à essayé de m'aider.
Gege
Re grand merci Ben !
je suis débarrassé de cette saloperie !
je t'ai donc écouté, mais je n'ai pas pu affiché dans threads la ligne
02 et 020 tout se déroulait comme tu me le disais mais pas d'affichage de ces 2 lignes ? je commençais à craquer, je me voyais
formater, ça m'embêtais de te casser les pieds avec mon probléme ! j'ai repris l'explication de Norton pour effacer dans le registre, mais les données de Norton ne correspondaient pas à ce qu' il y avait dans les lignes 02et 020 de hijack.
les lignes de Norton :
HKEY_CLASSES_ROOT\CLSID\{ 6AC380F-8B39-4746-9C38-6B01B7331FF}
HKEY_LOCAL_MACHINE\SOFWARE\Micorosoft\WindowsNT\Current Version\Winlogon\Notify\stye2.
j'ai repris les données des 2 lignes 02 & 020 de hijack et je les ai retrouvées dans HKEY_CLASSES etc etc.. et HKEY_LOCAL etc etc .. et là il y avait bien st3d.dll dans chacunes d'elles. Je les ai
supprimées et rebouté le pc , Norton retrouvait encore mon Trojan ?
j'ai eu l'idée de me servir de KillBox et du menu Stndard File Kill et ça ne marchait toujours pas et puis j'ai eu l'idée d'aller chercher st2d.dll dans son rép. avec Delete on Reboot et là ça a marché ! ! ! !
je suis super content et je te remercie encore .
PS je ne pense pas que mon intervention soit normale mais bon ça a marché !
je te remercis et aussi Krisptopher qui à essayé de m'aider.
Gege
oui le principal , c'est que ca fonctionne
remet un rapport hijack kan meme histoire de voir si c'est bien effacé
remet un rapport hijack kan meme histoire de voir si c'est bien effacé
Bonjour
voila le rapport
je te remercis
Gege
Logfile of HijackThis v1.99.1
Scan saved at 22:45:40, on 15/01/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\ewido anti-malware\ewidoguard.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Sunbelt Software\CounterSpy\Consumer\sunThreatEngine.exe
C:\Program Files\Sunbelt Software\CounterSpy\Consumer\SunProtectionServer.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\Program Files\Ahead\InCD\InCD.exe
C:\Program Files\Logitech\iTouch\iTouch.exe
C:\Program Files\Daily Weather Forecast\weather.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9EE.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Sunbelt Software\CounterSpy\Consumer\sunserver.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32.exe
C:\Documents and Settings\gege\Mes documents\Mes fichiers reçus\Hijackthis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.neuf.fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://votreportail.neuf.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - Default URLSearchHook is missing
O1 - Hosts: 205.238.40.2 www.winmx.com
O1 - Hosts: 205.238.40.2 err.winmx.com
O1 - Hosts: 209.67.209.50 test3201.winmx.com test3203.winmx.com test3205.winmx.com test3207.winmx.com
O1 - Hosts: 82.43.224.20 test3202.winmx.com test3204.winmx.com test3206.winmx.com test3208.winmx.com
O1 - Hosts: 209.67.209.50 c3310.z1301.winmx.com c3310.z1302.winmx.com c3310.z1303.winmx.com c3310.z1304.winmx.com c3310.z1305.winmx.com c3310.z1306.winmx.com c3312.z1301.winmx.com c3312.z1302.winmx.com c3312.z1303.winmx.com c3312.z1304.winmx.com c3312.z1305.winmx.com c3312.z1306.winmx.com c3314.z1301.winmx.com c3314.z1302.winmx.com c3314.z1303.winmx.com c3314.z1304.winmx.com c3314.z1305.winmx.com c3314.z1306.winmx.com c3316.z1301.winmx.com c3316.z1302.winmx.com c3316.z1303.winmx.com c3316.z1304.winmx.com c3316.z1305.winmx.com c3316.z1306.winmx.com c3318.z1301.winmx.com c3318.z1302.winmx.com c3318.z1303.winmx.com c3318.z1304.winmx.com c3318.z1305.winmx.com c3318.z1306.winmx.com
O1 - Hosts: 212.227.64.159 c3313.z1301.winmx.com c3313.z1302.winmx.com c3313.z1303.winmx.com c3313.z1304.winmx.com c3313.z1305.winmx.com c3313.z1306.winmx.com c3317.z1301.winmx.com c3317.z1302.winmx.com c3317.z1303.winmx.com c3317.z1304.winmx.com c3317.z1305.winmx.com c3317.z1306.winmx.com
O1 - Hosts: 82.195.155.5 c3311.z1301.winmx.com c3311.z1302.winmx.com c3311.z1303.winmx.com c3311.z1304.winmx.com c3311.z1305.winmx.com c3311.z1306.winmx.com c3315.z1301.winmx.com c3315.z1302.winmx.com c3315.z1303.winmx.com c3315.z1304.winmx.com c3315.z1305.winmx.com c3315.z1306.winmx.com
O1 - Hosts: 82.43.224.20 c3319.z1301.winmx.com c3319.z1302.winmx.com c3319.z1303.winmx.com c3319.z1304.winmx.com c3319.z1305.winmx.com c3319.z1306.winmx.com
O1 - Hosts: 209.67.209.50 c3520.z1301.winmx.com c3520.z1302.winmx.com c3520.z1303.winmx.com c3520.z1304.winmx.com c3520.z1305.winmx.com c3520.z1306.winmx.com c3522.z1301.winmx.com c3522.z1302.winmx.com c3522.z1303.winmx.com c3522.z1304.winmx.com c3522.z1305.winmx.com c3522.z1306.winmx.com c3524.z1301.winmx.com c3524.z1302.winmx.com c3524.z1303.winmx.com c3524.z1304.winmx.com c3524.z1305.winmx.com c3524.z1306.winmx.com c3526.z1301.winmx.com c3526.z1302.winmx.com c3526.z1303.winmx.com c3526.z1304.winmx.com c3526.z1305.winmx.com c3526.z1306.winmx.com c3528.z1301.winmx.com c3528.z1302.winmx.com c3528.z1303.winmx.com c3528.z1304.winmx.com c3528.z1305.winmx.com c3528.z1306.winmx.com
O1 - Hosts: 212.227.64.159 c3523.z1301.winmx.com c3523.z1302.winmx.com c3523.z1303.winmx.com c3523.z1304.winmx.com c3523.z1305.winmx.com c3523.z1306.winmx.com c3527.z1301.winmx.com c3527.z1302.winmx.com c3527.z1303.winmx.com c3527.z1304.winmx.com c3527.z1305.winmx.com c3527.z1306.winmx.com
O1 - Hosts: 82.195.155.5 c3521.z1301.winmx.com c3521.z1302.winmx.com c3521.z1303.winmx.com c3521.z1304.winmx.com c3521.z1305.winmx.com c3521.z1306.winmx.com c3525.z1301.winmx.com c3525.z1302.winmx.com c3525.z1303.winmx.com c3525.z1304.winmx.com c3525.z1305.winmx.com c3525.z1306.winmx.com
O1 - Hosts: 82.43.224.20 c3529.z1301.winmx.com c3529.z1302.winmx.com c3529.z1303.winmx.com c3529.z1304.winmx.com c3529.z1305.winmx.com c3529.z1306.winmx.com
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: AltaVista Toolbar - {4E7BD74F-2B8D-469E-92EA-EC65A294AE31} - C:\WINDOWS\DOWNLO~1\CONFLICT.1\ALTAVI~1.DLL
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - :C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (file missing)
O3 - Toolbar: AltaVista Toolbar - {4E7BD74F-2B8D-469E-92EA-EC65A294AE31} - C:\WINDOWS\DOWNLO~1\CONFLICT.1\ALTAVI~1.DLL
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn4\yt.dll
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [Daily Weather Forecast] C:\Program Files\Daily Weather Forecast\weather.exe
O4 - HKLM\..\Run: [EPSON Stylus CX6600 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9EE.EXE /P26 "EPSON Stylus CX6600 Series" /O6 "USB001" /M "Stylus CX6600"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [TrojanScanner] C:\Program Files\Trojan Remover\Trjscan.exe
O4 - HKLM\..\Run: [SunServer] C:\Program Files\Sunbelt Software\CounterSpy\Consumer\sunserver.exe
O4 - HKCU\..\Run: [MSMSGS] :"C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [LDM] \Program\
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: SYSTRANET.lnk = C:\Program Files\Systran\Classic3.0\Systrnet.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Recherche AltaVista - file://C:\Program Files\ALTAVISTA Toolbar\Cache\SelectedContextSearch.htm
O8 - Extra context menu item: SYSTRAN: &Effacer le cache de traduction - C:\Program Files\Systran\Classic3.0\menuClearCache.html
O8 - Extra context menu item: SYSTRAN: &Options - C:\Program Files\Systran\Classic3.0\menuConfigure.html
O8 - Extra context menu item: SYSTRAN: &Traduire - C:\Program Files\Systran\Classic3.0\menuTranslate.html
O8 - Extra context menu item: SYSTRAN: En®istrement - C:\Program Files\Systran\Classic3.0\menuRegister.html
O8 - Extra context menu item: SYSTRAN: Rechercher les &mises à jour - C:\Program Files\Systran\Classic3.0\menuUpdate.html
O8 - Extra context menu item: SYSTRAN: Traduire les &cadres - C:\Program Files\Systran\Classic3.0\menuTranslateAll.html
O8 - Extra context menu item: Traduction - file://C:\Program Files\ALTAVISTA Toolbar\Cache\SelectedContextTranslation.htm
O8 - Extra context menu item: Télécharger en utilisant Download &Express - C:\Program Files\Download Express\Add_Url.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: @sysiecom.dll,-2100 - {703436F1-3E1F-11d3-8F6B-00105A2A1D59} - C:\Program Files\Systran\Classic3.0\MenuTranslate.html
O9 - Extra 'Tools' menuitem: @sysiecom.dll,-2102 - {703436F1-3E1F-11d3-8F6B-00105A2A1D59} - C:\Program Files\Systran\Classic3.0\MenuTranslate.html
O9 - Extra button: @sysiecom.dll,-2103 - {703436F2-3E1F-11d3-8F6B-00105A2A1D59} - C:\Program Files\Systran\Classic3.0\MenuTranslateAll.html
O9 - Extra 'Tools' menuitem: @sysiecom.dll,-2105 - {703436F2-3E1F-11d3-8F6B-00105A2A1D59} - C:\Program Files\Systran\Classic3.0\MenuTranslateAll.html
O9 - Extra button: @sysiecom.dll,-2115 - {703436F3-3E1F-11d3-8F6B-00105A2A1D59} - C:\Program Files\Systran\Classic3.0\MenuConfigure.html
O9 - Extra 'Tools' menuitem: @sysiecom.dll,-2117 - {703436F3-3E1F-11d3-8F6B-00105A2A1D59} - C:\Program Files\Systran\Classic3.0\MenuConfigure.html
O9 - Extra button: (no name) - {703436F4-3E1F-11d3-8F6B-00105A2A1D59} - C:\Program Files\Systran\Classic3.0\MenuClearCache.html
O9 - Extra 'Tools' menuitem: @sysiecom.dll,-2108 - {703436F4-3E1F-11d3-8F6B-00105A2A1D59} - C:\Program Files\Systran\Classic3.0\MenuClearCache.html
O9 - Extra button: (no name) - {703436F5-3E1F-11d3-8F6B-00105A2A1D59} - C:\Program Files\Systran\Classic3.0\MenuRegister.html
O9 - Extra 'Tools' menuitem: @sysiecom.dll,-2111 - {703436F5-3E1F-11d3-8F6B-00105A2A1D59} - C:\Program Files\Systran\Classic3.0\MenuRegister.html
O9 - Extra button: (no name) - {703436F6-3E1F-11d3-8F6B-00105A2A1D59} - C:\Program Files\Systran\Classic3.0\MenuUpdates.html (file missing)
O9 - Extra 'Tools' menuitem: @sysiecom.dll,-2114 - {703436F6-3E1F-11d3-8F6B-00105A2A1D59} - C:\Program Files\Systran\Classic3.0\MenuUpdates.html (file missing)
O9 - Extra button: MP3Chansons - {76DD9E77-F06C-4471-AB6C-CF03C5C6B5B0} - C:\WINDOWS\system32\MP3Chansons (file missing)
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: www.archiviosex.net
O15 - Trusted Zone: *.boxsearch.net
O15 - Trusted Zone: www.redfunny.com
O15 - Trusted Zone: www.skymasters.biz
O15 - Trusted Zone: *.webseeking.com
O16 - DPF: teleir_cert - https://static.ir.dgi.minefi.gouv.fr/secure/connexion/archives/ie4n4/teleir_cert.cab
O16 - DPF: Yahoo! Chess - http://download.games.yahoo.com/games/clients/y/ct2_x.cab
O16 - DPF: Yahoo! Dominoes - http://download.games.yahoo.com/games/clients/y/dot8_x.cab
O16 - DPF: Yahoo! Fleet - http://download.games.yahoo.com/games/clients/y/fltt3_x.cab
O16 - DPF: Yahoo! Freecell Solitaire - http://presence.games.yahoo.com/yog/y/fs10_x.cab
O16 - DPF: Yahoo! Go - http://download.games.yahoo.com/games/clients/y/gt2_x.cab
O16 - DPF: Yahoo! MahJong Solitaire - http://download.games.yahoo.com/games/clients/y/mjst4_x.cab
O16 - DPF: {00000000-0000-0000-0000-000020030000} - http://www.advnt01.com/dialer/france_pep.exe
O16 - DPF: {084DAC27-6FA3-4F55-9005-033F2F102F5C} (ITPPDiagIE Class) - http://data.jeuxclassiques.com/npwwg.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/yinst/yinst_current.cab
O16 - DPF: {4E7BD74F-2B8D-469E-92EA-EC65A294AE31} (AltaVista Toolbar) - http://toolbar.altavista.com/static/toolbar/altavista.cab?r=1110389595
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1109927122234
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/housecall/xscan53.cab
O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} (AvxScanOnline Control) - http://www.bitdefender.com/scan/Msie/bitdefender.cab
O16 - DPF: {88C51E90-8E9C-4C96-8A45-574D88B63FAF} - http://acceso.masminutos.com/laaplicacion.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5/asinst.cab
O16 - DPF: {D19781C5-2051-44F8-8445-DDC82933C191} - http://advnt01.com/dialer/internazionale_ver11.CAB
O17 - HKLM\System\CCS\Services\Tcpip\..\{795317C0-9A69-42CD-8488-D9CF87A7B05A}: NameServer = 80.118.192.112 80.118.196.42
O17 - HKLM\System\CS1\Services\Tcpip\..\{795317C0-9A69-42CD-8488-D9CF87A7B05A}: NameServer = 80.118.192.112 80.118.196.42
O18 - Protocol: bw+0 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Ahead Software AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
voila le rapport
je te remercis
Gege
Logfile of HijackThis v1.99.1
Scan saved at 22:45:40, on 15/01/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\ewido anti-malware\ewidoguard.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Sunbelt Software\CounterSpy\Consumer\sunThreatEngine.exe
C:\Program Files\Sunbelt Software\CounterSpy\Consumer\SunProtectionServer.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\Program Files\Ahead\InCD\InCD.exe
C:\Program Files\Logitech\iTouch\iTouch.exe
C:\Program Files\Daily Weather Forecast\weather.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9EE.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Sunbelt Software\CounterSpy\Consumer\sunserver.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32.exe
C:\Documents and Settings\gege\Mes documents\Mes fichiers reçus\Hijackthis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.neuf.fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://votreportail.neuf.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - Default URLSearchHook is missing
O1 - Hosts: 205.238.40.2 www.winmx.com
O1 - Hosts: 205.238.40.2 err.winmx.com
O1 - Hosts: 209.67.209.50 test3201.winmx.com test3203.winmx.com test3205.winmx.com test3207.winmx.com
O1 - Hosts: 82.43.224.20 test3202.winmx.com test3204.winmx.com test3206.winmx.com test3208.winmx.com
O1 - Hosts: 209.67.209.50 c3310.z1301.winmx.com c3310.z1302.winmx.com c3310.z1303.winmx.com c3310.z1304.winmx.com c3310.z1305.winmx.com c3310.z1306.winmx.com c3312.z1301.winmx.com c3312.z1302.winmx.com c3312.z1303.winmx.com c3312.z1304.winmx.com c3312.z1305.winmx.com c3312.z1306.winmx.com c3314.z1301.winmx.com c3314.z1302.winmx.com c3314.z1303.winmx.com c3314.z1304.winmx.com c3314.z1305.winmx.com c3314.z1306.winmx.com c3316.z1301.winmx.com c3316.z1302.winmx.com c3316.z1303.winmx.com c3316.z1304.winmx.com c3316.z1305.winmx.com c3316.z1306.winmx.com c3318.z1301.winmx.com c3318.z1302.winmx.com c3318.z1303.winmx.com c3318.z1304.winmx.com c3318.z1305.winmx.com c3318.z1306.winmx.com
O1 - Hosts: 212.227.64.159 c3313.z1301.winmx.com c3313.z1302.winmx.com c3313.z1303.winmx.com c3313.z1304.winmx.com c3313.z1305.winmx.com c3313.z1306.winmx.com c3317.z1301.winmx.com c3317.z1302.winmx.com c3317.z1303.winmx.com c3317.z1304.winmx.com c3317.z1305.winmx.com c3317.z1306.winmx.com
O1 - Hosts: 82.195.155.5 c3311.z1301.winmx.com c3311.z1302.winmx.com c3311.z1303.winmx.com c3311.z1304.winmx.com c3311.z1305.winmx.com c3311.z1306.winmx.com c3315.z1301.winmx.com c3315.z1302.winmx.com c3315.z1303.winmx.com c3315.z1304.winmx.com c3315.z1305.winmx.com c3315.z1306.winmx.com
O1 - Hosts: 82.43.224.20 c3319.z1301.winmx.com c3319.z1302.winmx.com c3319.z1303.winmx.com c3319.z1304.winmx.com c3319.z1305.winmx.com c3319.z1306.winmx.com
O1 - Hosts: 209.67.209.50 c3520.z1301.winmx.com c3520.z1302.winmx.com c3520.z1303.winmx.com c3520.z1304.winmx.com c3520.z1305.winmx.com c3520.z1306.winmx.com c3522.z1301.winmx.com c3522.z1302.winmx.com c3522.z1303.winmx.com c3522.z1304.winmx.com c3522.z1305.winmx.com c3522.z1306.winmx.com c3524.z1301.winmx.com c3524.z1302.winmx.com c3524.z1303.winmx.com c3524.z1304.winmx.com c3524.z1305.winmx.com c3524.z1306.winmx.com c3526.z1301.winmx.com c3526.z1302.winmx.com c3526.z1303.winmx.com c3526.z1304.winmx.com c3526.z1305.winmx.com c3526.z1306.winmx.com c3528.z1301.winmx.com c3528.z1302.winmx.com c3528.z1303.winmx.com c3528.z1304.winmx.com c3528.z1305.winmx.com c3528.z1306.winmx.com
O1 - Hosts: 212.227.64.159 c3523.z1301.winmx.com c3523.z1302.winmx.com c3523.z1303.winmx.com c3523.z1304.winmx.com c3523.z1305.winmx.com c3523.z1306.winmx.com c3527.z1301.winmx.com c3527.z1302.winmx.com c3527.z1303.winmx.com c3527.z1304.winmx.com c3527.z1305.winmx.com c3527.z1306.winmx.com
O1 - Hosts: 82.195.155.5 c3521.z1301.winmx.com c3521.z1302.winmx.com c3521.z1303.winmx.com c3521.z1304.winmx.com c3521.z1305.winmx.com c3521.z1306.winmx.com c3525.z1301.winmx.com c3525.z1302.winmx.com c3525.z1303.winmx.com c3525.z1304.winmx.com c3525.z1305.winmx.com c3525.z1306.winmx.com
O1 - Hosts: 82.43.224.20 c3529.z1301.winmx.com c3529.z1302.winmx.com c3529.z1303.winmx.com c3529.z1304.winmx.com c3529.z1305.winmx.com c3529.z1306.winmx.com
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: AltaVista Toolbar - {4E7BD74F-2B8D-469E-92EA-EC65A294AE31} - C:\WINDOWS\DOWNLO~1\CONFLICT.1\ALTAVI~1.DLL
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - :C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (file missing)
O3 - Toolbar: AltaVista Toolbar - {4E7BD74F-2B8D-469E-92EA-EC65A294AE31} - C:\WINDOWS\DOWNLO~1\CONFLICT.1\ALTAVI~1.DLL
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn4\yt.dll
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [Daily Weather Forecast] C:\Program Files\Daily Weather Forecast\weather.exe
O4 - HKLM\..\Run: [EPSON Stylus CX6600 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9EE.EXE /P26 "EPSON Stylus CX6600 Series" /O6 "USB001" /M "Stylus CX6600"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [TrojanScanner] C:\Program Files\Trojan Remover\Trjscan.exe
O4 - HKLM\..\Run: [SunServer] C:\Program Files\Sunbelt Software\CounterSpy\Consumer\sunserver.exe
O4 - HKCU\..\Run: [MSMSGS] :"C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [LDM] \Program\
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: SYSTRANET.lnk = C:\Program Files\Systran\Classic3.0\Systrnet.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Recherche AltaVista - file://C:\Program Files\ALTAVISTA Toolbar\Cache\SelectedContextSearch.htm
O8 - Extra context menu item: SYSTRAN: &Effacer le cache de traduction - C:\Program Files\Systran\Classic3.0\menuClearCache.html
O8 - Extra context menu item: SYSTRAN: &Options - C:\Program Files\Systran\Classic3.0\menuConfigure.html
O8 - Extra context menu item: SYSTRAN: &Traduire - C:\Program Files\Systran\Classic3.0\menuTranslate.html
O8 - Extra context menu item: SYSTRAN: En®istrement - C:\Program Files\Systran\Classic3.0\menuRegister.html
O8 - Extra context menu item: SYSTRAN: Rechercher les &mises à jour - C:\Program Files\Systran\Classic3.0\menuUpdate.html
O8 - Extra context menu item: SYSTRAN: Traduire les &cadres - C:\Program Files\Systran\Classic3.0\menuTranslateAll.html
O8 - Extra context menu item: Traduction - file://C:\Program Files\ALTAVISTA Toolbar\Cache\SelectedContextTranslation.htm
O8 - Extra context menu item: Télécharger en utilisant Download &Express - C:\Program Files\Download Express\Add_Url.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: @sysiecom.dll,-2100 - {703436F1-3E1F-11d3-8F6B-00105A2A1D59} - C:\Program Files\Systran\Classic3.0\MenuTranslate.html
O9 - Extra 'Tools' menuitem: @sysiecom.dll,-2102 - {703436F1-3E1F-11d3-8F6B-00105A2A1D59} - C:\Program Files\Systran\Classic3.0\MenuTranslate.html
O9 - Extra button: @sysiecom.dll,-2103 - {703436F2-3E1F-11d3-8F6B-00105A2A1D59} - C:\Program Files\Systran\Classic3.0\MenuTranslateAll.html
O9 - Extra 'Tools' menuitem: @sysiecom.dll,-2105 - {703436F2-3E1F-11d3-8F6B-00105A2A1D59} - C:\Program Files\Systran\Classic3.0\MenuTranslateAll.html
O9 - Extra button: @sysiecom.dll,-2115 - {703436F3-3E1F-11d3-8F6B-00105A2A1D59} - C:\Program Files\Systran\Classic3.0\MenuConfigure.html
O9 - Extra 'Tools' menuitem: @sysiecom.dll,-2117 - {703436F3-3E1F-11d3-8F6B-00105A2A1D59} - C:\Program Files\Systran\Classic3.0\MenuConfigure.html
O9 - Extra button: (no name) - {703436F4-3E1F-11d3-8F6B-00105A2A1D59} - C:\Program Files\Systran\Classic3.0\MenuClearCache.html
O9 - Extra 'Tools' menuitem: @sysiecom.dll,-2108 - {703436F4-3E1F-11d3-8F6B-00105A2A1D59} - C:\Program Files\Systran\Classic3.0\MenuClearCache.html
O9 - Extra button: (no name) - {703436F5-3E1F-11d3-8F6B-00105A2A1D59} - C:\Program Files\Systran\Classic3.0\MenuRegister.html
O9 - Extra 'Tools' menuitem: @sysiecom.dll,-2111 - {703436F5-3E1F-11d3-8F6B-00105A2A1D59} - C:\Program Files\Systran\Classic3.0\MenuRegister.html
O9 - Extra button: (no name) - {703436F6-3E1F-11d3-8F6B-00105A2A1D59} - C:\Program Files\Systran\Classic3.0\MenuUpdates.html (file missing)
O9 - Extra 'Tools' menuitem: @sysiecom.dll,-2114 - {703436F6-3E1F-11d3-8F6B-00105A2A1D59} - C:\Program Files\Systran\Classic3.0\MenuUpdates.html (file missing)
O9 - Extra button: MP3Chansons - {76DD9E77-F06C-4471-AB6C-CF03C5C6B5B0} - C:\WINDOWS\system32\MP3Chansons (file missing)
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: www.archiviosex.net
O15 - Trusted Zone: *.boxsearch.net
O15 - Trusted Zone: www.redfunny.com
O15 - Trusted Zone: www.skymasters.biz
O15 - Trusted Zone: *.webseeking.com
O16 - DPF: teleir_cert - https://static.ir.dgi.minefi.gouv.fr/secure/connexion/archives/ie4n4/teleir_cert.cab
O16 - DPF: Yahoo! Chess - http://download.games.yahoo.com/games/clients/y/ct2_x.cab
O16 - DPF: Yahoo! Dominoes - http://download.games.yahoo.com/games/clients/y/dot8_x.cab
O16 - DPF: Yahoo! Fleet - http://download.games.yahoo.com/games/clients/y/fltt3_x.cab
O16 - DPF: Yahoo! Freecell Solitaire - http://presence.games.yahoo.com/yog/y/fs10_x.cab
O16 - DPF: Yahoo! Go - http://download.games.yahoo.com/games/clients/y/gt2_x.cab
O16 - DPF: Yahoo! MahJong Solitaire - http://download.games.yahoo.com/games/clients/y/mjst4_x.cab
O16 - DPF: {00000000-0000-0000-0000-000020030000} - http://www.advnt01.com/dialer/france_pep.exe
O16 - DPF: {084DAC27-6FA3-4F55-9005-033F2F102F5C} (ITPPDiagIE Class) - http://data.jeuxclassiques.com/npwwg.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/yinst/yinst_current.cab
O16 - DPF: {4E7BD74F-2B8D-469E-92EA-EC65A294AE31} (AltaVista Toolbar) - http://toolbar.altavista.com/static/toolbar/altavista.cab?r=1110389595
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1109927122234
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/housecall/xscan53.cab
O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} (AvxScanOnline Control) - http://www.bitdefender.com/scan/Msie/bitdefender.cab
O16 - DPF: {88C51E90-8E9C-4C96-8A45-574D88B63FAF} - http://acceso.masminutos.com/laaplicacion.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5/asinst.cab
O16 - DPF: {D19781C5-2051-44F8-8445-DDC82933C191} - http://advnt01.com/dialer/internazionale_ver11.CAB
O17 - HKLM\System\CCS\Services\Tcpip\..\{795317C0-9A69-42CD-8488-D9CF87A7B05A}: NameServer = 80.118.192.112 80.118.196.42
O17 - HKLM\System\CS1\Services\Tcpip\..\{795317C0-9A69-42CD-8488-D9CF87A7B05A}: NameServer = 80.118.192.112 80.118.196.42
O18 - Protocol: bw+0 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Ahead Software AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
lol
tu as resolu tes probleme de cette fameuse dll mais tu as pas fixer les lignes que je t'ai indiqué !
ouvre hijack , clik sur la 2eme case et coche les case en face de ces lignes ensuite tu fais fix checked
ensuite supprime manuellment les fichiers ou dossiers en gras
R3 - Default URLSearchHook is missing
O1 - Hosts: 205.238.40.2 www.winmx.com
O1 - Hosts: 205.238.40.2 err.winmx.com
O1 - Hosts: 209.67.209.50 test3201.winmx.com test3203.winmx.com test3205.winmx.com test3207.winmx.com
O1 - Hosts: 82.43.224.20 test3202.winmx.com test3204.winmx.com test3206.winmx.com test3208.winmx.com
O1 - Hosts: 209.67.209.50 c3310.z1301.winmx.com c3310.z1302.winmx.com c3310.z1303.winmx.com c3310.z1304.winmx.com c3310.z1305.winmx.com c3310.z1306.winmx.com c3312.z1301.winmx.com c3312.z1302.winmx.com c3312.z1303.winmx.com c3312.z1304.winmx.com c3312.z1305.winmx.com c3312.z1306.winmx.com c3314.z1301.winmx.com c3314.z1302.winmx.com c3314.z1303.winmx.com c3314.z1304.winmx.com c3314.z1305.winmx.com c3314.z1306.winmx.com c3316.z1301.winmx.com c3316.z1302.winmx.com c3316.z1303.winmx.com c3316.z1304.winmx.com c3316.z1305.winmx.com c3316.z1306.winmx.com c3318.z1301.winmx.com c3318.z1302.winmx.com c3318.z1303.winmx.com c3318.z1304.winmx.com c3318.z1305.winmx.com c3318.z1306.winmx.com
O1 - Hosts: 212.227.64.159 c3313.z1301.winmx.com c3313.z1302.winmx.com c3313.z1303.winmx.com c3313.z1304.winmx.com c3313.z1305.winmx.com c3313.z1306.winmx.com c3317.z1301.winmx.com c3317.z1302.winmx.com c3317.z1303.winmx.com c3317.z1304.winmx.com c3317.z1305.winmx.com c3317.z1306.winmx.com
O1 - Hosts: 82.195.155.5 c3311.z1301.winmx.com c3311.z1302.winmx.com c3311.z1303.winmx.com c3311.z1304.winmx.com c3311.z1305.winmx.com c3311.z1306.winmx.com c3315.z1301.winmx.com c3315.z1302.winmx.com c3315.z1303.winmx.com c3315.z1304.winmx.com c3315.z1305.winmx.com c3315.z1306.winmx.com
O1 - Hosts: 82.43.224.20 c3319.z1301.winmx.com c3319.z1302.winmx.com c3319.z1303.winmx.com c3319.z1304.winmx.com c3319.z1305.winmx.com c3319.z1306.winmx.com
O1 - Hosts: 209.67.209.50 c3520.z1301.winmx.com c3520.z1302.winmx.com c3520.z1303.winmx.com c3520.z1304.winmx.com c3520.z1305.winmx.com c3520.z1306.winmx.com c3522.z1301.winmx.com c3522.z1302.winmx.com c3522.z1303.winmx.com c3522.z1304.winmx.com c3522.z1305.winmx.com c3522.z1306.winmx.com c3524.z1301.winmx.com c3524.z1302.winmx.com c3524.z1303.winmx.com c3524.z1304.winmx.com c3524.z1305.winmx.com c3524.z1306.winmx.com c3526.z1301.winmx.com c3526.z1302.winmx.com c3526.z1303.winmx.com c3526.z1304.winmx.com c3526.z1305.winmx.com c3526.z1306.winmx.com c3528.z1301.winmx.com c3528.z1302.winmx.com c3528.z1303.winmx.com c3528.z1304.winmx.com c3528.z1305.winmx.com c3528.z1306.winmx.com
O1 - Hosts: 212.227.64.159 c3523.z1301.winmx.com c3523.z1302.winmx.com c3523.z1303.winmx.com c3523.z1304.winmx.com c3523.z1305.winmx.com c3523.z1306.winmx.com c3527.z1301.winmx.com c3527.z1302.winmx.com c3527.z1303.winmx.com c3527.z1304.winmx.com c3527.z1305.winmx.com c3527.z1306.winmx.com
O1 - Hosts: 82.195.155.5 c3521.z1301.winmx.com c3521.z1302.winmx.com c3521.z1303.winmx.com c3521.z1304.winmx.com c3521.z1305.winmx.com c3521.z1306.winmx.com c3525.z1301.winmx.com c3525.z1302.winmx.com c3525.z1303.winmx.com c3525.z1304.winmx.com c3525.z1305.winmx.com c3525.z1306.winmx.com
O1 - Hosts: 82.43.224.20 c3529.z1301.winmx.com c3529.z1302.winmx.com c3529.z1303.winmx.com c3529.z1304.winmx.com c3529.z1305.winmx.com c3529.z1306.winmx.com
O4 - HKLM\..\Run: [Daily Weather Forecast] C:\Program Files\Daily Weather Forecast\weather.exe
tu as resolu tes probleme de cette fameuse dll mais tu as pas fixer les lignes que je t'ai indiqué !
ouvre hijack , clik sur la 2eme case et coche les case en face de ces lignes ensuite tu fais fix checked
ensuite supprime manuellment les fichiers ou dossiers en gras
R3 - Default URLSearchHook is missing
O1 - Hosts: 205.238.40.2 www.winmx.com
O1 - Hosts: 205.238.40.2 err.winmx.com
O1 - Hosts: 209.67.209.50 test3201.winmx.com test3203.winmx.com test3205.winmx.com test3207.winmx.com
O1 - Hosts: 82.43.224.20 test3202.winmx.com test3204.winmx.com test3206.winmx.com test3208.winmx.com
O1 - Hosts: 209.67.209.50 c3310.z1301.winmx.com c3310.z1302.winmx.com c3310.z1303.winmx.com c3310.z1304.winmx.com c3310.z1305.winmx.com c3310.z1306.winmx.com c3312.z1301.winmx.com c3312.z1302.winmx.com c3312.z1303.winmx.com c3312.z1304.winmx.com c3312.z1305.winmx.com c3312.z1306.winmx.com c3314.z1301.winmx.com c3314.z1302.winmx.com c3314.z1303.winmx.com c3314.z1304.winmx.com c3314.z1305.winmx.com c3314.z1306.winmx.com c3316.z1301.winmx.com c3316.z1302.winmx.com c3316.z1303.winmx.com c3316.z1304.winmx.com c3316.z1305.winmx.com c3316.z1306.winmx.com c3318.z1301.winmx.com c3318.z1302.winmx.com c3318.z1303.winmx.com c3318.z1304.winmx.com c3318.z1305.winmx.com c3318.z1306.winmx.com
O1 - Hosts: 212.227.64.159 c3313.z1301.winmx.com c3313.z1302.winmx.com c3313.z1303.winmx.com c3313.z1304.winmx.com c3313.z1305.winmx.com c3313.z1306.winmx.com c3317.z1301.winmx.com c3317.z1302.winmx.com c3317.z1303.winmx.com c3317.z1304.winmx.com c3317.z1305.winmx.com c3317.z1306.winmx.com
O1 - Hosts: 82.195.155.5 c3311.z1301.winmx.com c3311.z1302.winmx.com c3311.z1303.winmx.com c3311.z1304.winmx.com c3311.z1305.winmx.com c3311.z1306.winmx.com c3315.z1301.winmx.com c3315.z1302.winmx.com c3315.z1303.winmx.com c3315.z1304.winmx.com c3315.z1305.winmx.com c3315.z1306.winmx.com
O1 - Hosts: 82.43.224.20 c3319.z1301.winmx.com c3319.z1302.winmx.com c3319.z1303.winmx.com c3319.z1304.winmx.com c3319.z1305.winmx.com c3319.z1306.winmx.com
O1 - Hosts: 209.67.209.50 c3520.z1301.winmx.com c3520.z1302.winmx.com c3520.z1303.winmx.com c3520.z1304.winmx.com c3520.z1305.winmx.com c3520.z1306.winmx.com c3522.z1301.winmx.com c3522.z1302.winmx.com c3522.z1303.winmx.com c3522.z1304.winmx.com c3522.z1305.winmx.com c3522.z1306.winmx.com c3524.z1301.winmx.com c3524.z1302.winmx.com c3524.z1303.winmx.com c3524.z1304.winmx.com c3524.z1305.winmx.com c3524.z1306.winmx.com c3526.z1301.winmx.com c3526.z1302.winmx.com c3526.z1303.winmx.com c3526.z1304.winmx.com c3526.z1305.winmx.com c3526.z1306.winmx.com c3528.z1301.winmx.com c3528.z1302.winmx.com c3528.z1303.winmx.com c3528.z1304.winmx.com c3528.z1305.winmx.com c3528.z1306.winmx.com
O1 - Hosts: 212.227.64.159 c3523.z1301.winmx.com c3523.z1302.winmx.com c3523.z1303.winmx.com c3523.z1304.winmx.com c3523.z1305.winmx.com c3523.z1306.winmx.com c3527.z1301.winmx.com c3527.z1302.winmx.com c3527.z1303.winmx.com c3527.z1304.winmx.com c3527.z1305.winmx.com c3527.z1306.winmx.com
O1 - Hosts: 82.195.155.5 c3521.z1301.winmx.com c3521.z1302.winmx.com c3521.z1303.winmx.com c3521.z1304.winmx.com c3521.z1305.winmx.com c3521.z1306.winmx.com c3525.z1301.winmx.com c3525.z1302.winmx.com c3525.z1303.winmx.com c3525.z1304.winmx.com c3525.z1305.winmx.com c3525.z1306.winmx.com
O1 - Hosts: 82.43.224.20 c3529.z1301.winmx.com c3529.z1302.winmx.com c3529.z1303.winmx.com c3529.z1304.winmx.com c3529.z1305.winmx.com c3529.z1306.winmx.com
O4 - HKLM\..\Run: [Daily Weather Forecast] C:\Program Files\Daily Weather Forecast\weather.exe
dsl
fixe encore ca
O15 - Trusted Zone: www.archiviosex.net
O15 - Trusted Zone: *.boxsearch.net
O15 - Trusted Zone: www.redfunny.com
O15 - Trusted Zone: www.skymasters.biz
O15 - Trusted Zone: *.webseeking.com
O16 - DPF: teleir_cert - https://static.ir.dgi.minefi.gouv.fr/secure/connexion/archives/ie4n4/teleir_cert.cab
O16 - DPF: Yahoo! Chess - http://download.games.yahoo.com/games/clients/y/ct2_x.cab
O16 - DPF: Yahoo! Dominoes - http://download.games.yahoo.com/games/clients/y/dot8_x.cab
O16 - DPF: Yahoo! Fleet - http://download.games.yahoo.com/games/clients/y/fltt3_x.cab
O16 - DPF: Yahoo! Freecell Solitaire - http://presence.games.yahoo.com/yog/y/fs10_x.cab
O16 - DPF: Yahoo! Go - http://download.games.yahoo.com/games/clients/y/gt2_x.cab
O16 - DPF: Yahoo! MahJong Solitaire - http://download.games.yahoo.com/games/clients/y/mjst4_x.cab
O16 - DPF: {00000000-0000-0000-0000-000020030000} - http://www.advnt01.com/dialer/france_pep.exe
O16 - DPF: {084DAC27-6FA3-4F55-9005-033F2F102F5C} (ITPPDiagIE Class) - http://data.jeuxclassiques.com/npwwg.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/yinst/yinst_current.cab
O16 - DPF: {4E7BD74F-2B8D-469E-92EA-EC65A294AE31} (AltaVista Toolbar) - http://toolbar.altavista.com/static/toolbar/altavista.cab?r=1110389595
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1109927122234
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/housecall/xscan53.cab
O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} (AvxScanOnline Control) - http://www.bitdefender.com/scan/Msie/bitdefender.cab
O16 - DPF: {88C51E90-8E9C-4C96-8A45-574D88B63FAF} - http://acceso.masminutos.com/laaplicacion.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5/asinst.cab
O16 - DPF: {D19781C5-2051-44F8-8445-DDC82933C191} - http://advnt01.com/dialer/internazionale_ver11.CAB
fixe encore ca
O15 - Trusted Zone: www.archiviosex.net
O15 - Trusted Zone: *.boxsearch.net
O15 - Trusted Zone: www.redfunny.com
O15 - Trusted Zone: www.skymasters.biz
O15 - Trusted Zone: *.webseeking.com
O16 - DPF: teleir_cert - https://static.ir.dgi.minefi.gouv.fr/secure/connexion/archives/ie4n4/teleir_cert.cab
O16 - DPF: Yahoo! Chess - http://download.games.yahoo.com/games/clients/y/ct2_x.cab
O16 - DPF: Yahoo! Dominoes - http://download.games.yahoo.com/games/clients/y/dot8_x.cab
O16 - DPF: Yahoo! Fleet - http://download.games.yahoo.com/games/clients/y/fltt3_x.cab
O16 - DPF: Yahoo! Freecell Solitaire - http://presence.games.yahoo.com/yog/y/fs10_x.cab
O16 - DPF: Yahoo! Go - http://download.games.yahoo.com/games/clients/y/gt2_x.cab
O16 - DPF: Yahoo! MahJong Solitaire - http://download.games.yahoo.com/games/clients/y/mjst4_x.cab
O16 - DPF: {00000000-0000-0000-0000-000020030000} - http://www.advnt01.com/dialer/france_pep.exe
O16 - DPF: {084DAC27-6FA3-4F55-9005-033F2F102F5C} (ITPPDiagIE Class) - http://data.jeuxclassiques.com/npwwg.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/yinst/yinst_current.cab
O16 - DPF: {4E7BD74F-2B8D-469E-92EA-EC65A294AE31} (AltaVista Toolbar) - http://toolbar.altavista.com/static/toolbar/altavista.cab?r=1110389595
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1109927122234
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/housecall/xscan53.cab
O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} (AvxScanOnline Control) - http://www.bitdefender.com/scan/Msie/bitdefender.cab
O16 - DPF: {88C51E90-8E9C-4C96-8A45-574D88B63FAF} - http://acceso.masminutos.com/laaplicacion.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5/asinst.cab
O16 - DPF: {D19781C5-2051-44F8-8445-DDC82933C191} - http://advnt01.com/dialer/internazionale_ver11.CAB
Salut Ben
je te remercie encore 1 fois pour ton aide et ton super serieux bravo !
j'ai fait ce que tu me disais dans le message précédent
et je te joins le fichier HijackThis.
je vais attende ta réponse car je vais déconnecter ce PC pour passer ma connection internet sur un autre PC, celui-ci je le donne à ma Femme. @+ Gégé
Logfile of HijackThis v1.99.1
Scan saved at 13:04:51, on 16/01/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Sunbelt Software\CounterSpy\Consumer\sunThreatEngine.exe
C:\Program Files\Sunbelt Software\CounterSpy\Consumer\SunProtectionServer.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\Program Files\Ahead\InCD\InCD.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\Sunbelt Software\CounterSpy\Consumer\sunserver.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\ewido anti-malware\ewidoguard.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Messenger\msmsgs.exe
C:\Documents and Settings\gege\Mes documents\Mes fichiers reçus\Hijackthis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.neuf.fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://votreportail.neuf.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - Default URLSearchHook is missing
O1 - Hosts: 205.238.40.2 www.winmx.com
O1 - Hosts: 205.238.40.2 err.winmx.com
O1 - Hosts: 209.67.209.50 test3201.winmx.com test3203.winmx.com test3205.winmx.com test3207.winmx.com
O1 - Hosts: 82.43.224.20 test3202.winmx.com test3204.winmx.com test3206.winmx.com test3208.winmx.com
O1 - Hosts: 209.67.209.50 c3310.z1301.winmx.com c3310.z1302.winmx.com c3310.z1303.winmx.com c3310.z1304.winmx.com c3310.z1305.winmx.com c3310.z1306.winmx.com c3312.z1301.winmx.com c3312.z1302.winmx.com c3312.z1303.winmx.com c3312.z1304.winmx.com c3312.z1305.winmx.com c3312.z1306.winmx.com c3314.z1301.winmx.com c3314.z1302.winmx.com c3314.z1303.winmx.com c3314.z1304.winmx.com c3314.z1305.winmx.com c3314.z1306.winmx.com c3316.z1301.winmx.com c3316.z1302.winmx.com c3316.z1303.winmx.com c3316.z1304.winmx.com c3316.z1305.winmx.com c3316.z1306.winmx.com c3318.z1301.winmx.com c3318.z1302.winmx.com c3318.z1303.winmx.com c3318.z1304.winmx.com c3318.z1305.winmx.com c3318.z1306.winmx.com
O1 - Hosts: 212.227.64.159 c3313.z1301.winmx.com c3313.z1302.winmx.com c3313.z1303.winmx.com c3313.z1304.winmx.com c3313.z1305.winmx.com c3313.z1306.winmx.com c3317.z1301.winmx.com c3317.z1302.winmx.com c3317.z1303.winmx.com c3317.z1304.winmx.com c3317.z1305.winmx.com c3317.z1306.winmx.com
O1 - Hosts: 82.195.155.5 c3311.z1301.winmx.com c3311.z1302.winmx.com c3311.z1303.winmx.com c3311.z1304.winmx.com c3311.z1305.winmx.com c3311.z1306.winmx.com c3315.z1301.winmx.com c3315.z1302.winmx.com c3315.z1303.winmx.com c3315.z1304.winmx.com c3315.z1305.winmx.com c3315.z1306.winmx.com
O1 - Hosts: 82.43.224.20 c3319.z1301.winmx.com c3319.z1302.winmx.com c3319.z1303.winmx.com c3319.z1304.winmx.com c3319.z1305.winmx.com c3319.z1306.winmx.com
O1 - Hosts: 209.67.209.50 c3520.z1301.winmx.com c3520.z1302.winmx.com c3520.z1303.winmx.com c3520.z1304.winmx.com c3520.z1305.winmx.com c3520.z1306.winmx.com c3522.z1301.winmx.com c3522.z1302.winmx.com c3522.z1303.winmx.com c3522.z1304.winmx.com c3522.z1305.winmx.com c3522.z1306.winmx.com c3524.z1301.winmx.com c3524.z1302.winmx.com c3524.z1303.winmx.com c3524.z1304.winmx.com c3524.z1305.winmx.com c3524.z1306.winmx.com c3526.z1301.winmx.com c3526.z1302.winmx.com c3526.z1303.winmx.com c3526.z1304.winmx.com c3526.z1305.winmx.com c3526.z1306.winmx.com c3528.z1301.winmx.com c3528.z1302.winmx.com c3528.z1303.winmx.com c3528.z1304.winmx.com c3528.z1305.winmx.com c3528.z1306.winmx.com
O1 - Hosts: 212.227.64.159 c3523.z1301.winmx.com c3523.z1302.winmx.com c3523.z1303.winmx.com c3523.z1304.winmx.com c3523.z1305.winmx.com c3523.z1306.winmx.com c3527.z1301.winmx.com c3527.z1302.winmx.com c3527.z1303.winmx.com c3527.z1304.winmx.com c3527.z1305.winmx.com c3527.z1306.winmx.com
O1 - Hosts: 82.195.155.5 c3521.z1301.winmx.com c3521.z1302.winmx.com c3521.z1303.winmx.com c3521.z1304.winmx.com c3521.z1305.winmx.com c3521.z1306.winmx.com c3525.z1301.winmx.com c3525.z1302.winmx.com c3525.z1303.winmx.com c3525.z1304.winmx.com c3525.z1305.winmx.com c3525.z1306.winmx.com
O1 - Hosts: 82.43.224.20 c3529.z1301.winmx.com c3529.z1302.winmx.com c3529.z1303.winmx.com c3529.z1304.winmx.com c3529.z1305.winmx.com c3529.z1306.winmx.com
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - :C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (file missing)
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn4\yt.dll
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [EPSON Stylus CX6600 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9EE.EXE /P26 "EPSON Stylus CX6600 Series" /O6 "USB001" /M "Stylus CX6600"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [TrojanScanner] C:\Program Files\Trojan Remover\Trjscan.exe
O4 - HKLM\..\Run: [SunServer] C:\Program Files\Sunbelt Software\CounterSpy\Consumer\sunserver.exe
O4 - HKCU\..\Run: [MSMSGS] :"C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [LDM] \Program\
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: SYSTRANET.lnk = C:\Program Files\Systran\Classic3.0\Systrnet.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: SYSTRAN: &Effacer le cache de traduction - C:\Program Files\Systran\Classic3.0\menuClearCache.html
O8 - Extra context menu item: SYSTRAN: &Options - C:\Program Files\Systran\Classic3.0\menuConfigure.html
O8 - Extra context menu item: SYSTRAN: &Traduire - C:\Program Files\Systran\Classic3.0\menuTranslate.html
O8 - Extra context menu item: SYSTRAN: En®istrement - C:\Program Files\Systran\Classic3.0\menuRegister.html
O8 - Extra context menu item: SYSTRAN: Rechercher les &mises à jour - C:\Program Files\Systran\Classic3.0\menuUpdate.html
O8 - Extra context menu item: SYSTRAN: Traduire les &cadres - C:\Program Files\Systran\Classic3.0\menuTranslateAll.html
O8 - Extra context menu item: Télécharger en utilisant Download &Express - C:\Program Files\Download Express\Add_Url.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: @sysiecom.dll,-2100 - {703436F1-3E1F-11d3-8F6B-00105A2A1D59} - C:\Program Files\Systran\Classic3.0\MenuTranslate.html
O9 - Extra 'Tools' menuitem: @sysiecom.dll,-2102 - {703436F1-3E1F-11d3-8F6B-00105A2A1D59} - C:\Program Files\Systran\Classic3.0\MenuTranslate.html
O9 - Extra button: @sysiecom.dll,-2103 - {703436F2-3E1F-11d3-8F6B-00105A2A1D59} - C:\Program Files\Systran\Classic3.0\MenuTranslateAll.html
O9 - Extra 'Tools' menuitem: @sysiecom.dll,-2105 - {703436F2-3E1F-11d3-8F6B-00105A2A1D59} - C:\Program Files\Systran\Classic3.0\MenuTranslateAll.html
O9 - Extra button: @sysiecom.dll,-2115 - {703436F3-3E1F-11d3-8F6B-00105A2A1D59} - C:\Program Files\Systran\Classic3.0\MenuConfigure.html
O9 - Extra 'Tools' menuitem: @sysiecom.dll,-2117 - {703436F3-3E1F-11d3-8F6B-00105A2A1D59} - C:\Program Files\Systran\Classic3.0\MenuConfigure.html
O9 - Extra button: (no name) - {703436F4-3E1F-11d3-8F6B-00105A2A1D59} - C:\Program Files\Systran\Classic3.0\MenuClearCache.html
O9 - Extra 'Tools' menuitem: @sysiecom.dll,-2108 - {703436F4-3E1F-11d3-8F6B-00105A2A1D59} - C:\Program Files\Systran\Classic3.0\MenuClearCache.html
O9 - Extra button: (no name) - {703436F5-3E1F-11d3-8F6B-00105A2A1D59} - C:\Program Files\Systran\Classic3.0\MenuRegister.html
O9 - Extra 'Tools' menuitem: @sysiecom.dll,-2111 - {703436F5-3E1F-11d3-8F6B-00105A2A1D59} - C:\Program Files\Systran\Classic3.0\MenuRegister.html
O9 - Extra button: (no name) - {703436F6-3E1F-11d3-8F6B-00105A2A1D59} - C:\Program Files\Systran\Classic3.0\MenuUpdates.html (file missing)
O9 - Extra 'Tools' menuitem: @sysiecom.dll,-2114 - {703436F6-3E1F-11d3-8F6B-00105A2A1D59} - C:\Program Files\Systran\Classic3.0\MenuUpdates.html (file missing)
O9 - Extra button: MP3Chansons - {76DD9E77-F06C-4471-AB6C-CF03C5C6B5B0} - C:\WINDOWS\system32\MP3Chansons (file missing)
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: bw+0 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Ahead Software AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
je te remercie encore 1 fois pour ton aide et ton super serieux bravo !
j'ai fait ce que tu me disais dans le message précédent
et je te joins le fichier HijackThis.
je vais attende ta réponse car je vais déconnecter ce PC pour passer ma connection internet sur un autre PC, celui-ci je le donne à ma Femme. @+ Gégé
Logfile of HijackThis v1.99.1
Scan saved at 13:04:51, on 16/01/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Sunbelt Software\CounterSpy\Consumer\sunThreatEngine.exe
C:\Program Files\Sunbelt Software\CounterSpy\Consumer\SunProtectionServer.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\Program Files\Ahead\InCD\InCD.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\Sunbelt Software\CounterSpy\Consumer\sunserver.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\ewido anti-malware\ewidoguard.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Messenger\msmsgs.exe
C:\Documents and Settings\gege\Mes documents\Mes fichiers reçus\Hijackthis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.neuf.fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://votreportail.neuf.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - Default URLSearchHook is missing
O1 - Hosts: 205.238.40.2 www.winmx.com
O1 - Hosts: 205.238.40.2 err.winmx.com
O1 - Hosts: 209.67.209.50 test3201.winmx.com test3203.winmx.com test3205.winmx.com test3207.winmx.com
O1 - Hosts: 82.43.224.20 test3202.winmx.com test3204.winmx.com test3206.winmx.com test3208.winmx.com
O1 - Hosts: 209.67.209.50 c3310.z1301.winmx.com c3310.z1302.winmx.com c3310.z1303.winmx.com c3310.z1304.winmx.com c3310.z1305.winmx.com c3310.z1306.winmx.com c3312.z1301.winmx.com c3312.z1302.winmx.com c3312.z1303.winmx.com c3312.z1304.winmx.com c3312.z1305.winmx.com c3312.z1306.winmx.com c3314.z1301.winmx.com c3314.z1302.winmx.com c3314.z1303.winmx.com c3314.z1304.winmx.com c3314.z1305.winmx.com c3314.z1306.winmx.com c3316.z1301.winmx.com c3316.z1302.winmx.com c3316.z1303.winmx.com c3316.z1304.winmx.com c3316.z1305.winmx.com c3316.z1306.winmx.com c3318.z1301.winmx.com c3318.z1302.winmx.com c3318.z1303.winmx.com c3318.z1304.winmx.com c3318.z1305.winmx.com c3318.z1306.winmx.com
O1 - Hosts: 212.227.64.159 c3313.z1301.winmx.com c3313.z1302.winmx.com c3313.z1303.winmx.com c3313.z1304.winmx.com c3313.z1305.winmx.com c3313.z1306.winmx.com c3317.z1301.winmx.com c3317.z1302.winmx.com c3317.z1303.winmx.com c3317.z1304.winmx.com c3317.z1305.winmx.com c3317.z1306.winmx.com
O1 - Hosts: 82.195.155.5 c3311.z1301.winmx.com c3311.z1302.winmx.com c3311.z1303.winmx.com c3311.z1304.winmx.com c3311.z1305.winmx.com c3311.z1306.winmx.com c3315.z1301.winmx.com c3315.z1302.winmx.com c3315.z1303.winmx.com c3315.z1304.winmx.com c3315.z1305.winmx.com c3315.z1306.winmx.com
O1 - Hosts: 82.43.224.20 c3319.z1301.winmx.com c3319.z1302.winmx.com c3319.z1303.winmx.com c3319.z1304.winmx.com c3319.z1305.winmx.com c3319.z1306.winmx.com
O1 - Hosts: 209.67.209.50 c3520.z1301.winmx.com c3520.z1302.winmx.com c3520.z1303.winmx.com c3520.z1304.winmx.com c3520.z1305.winmx.com c3520.z1306.winmx.com c3522.z1301.winmx.com c3522.z1302.winmx.com c3522.z1303.winmx.com c3522.z1304.winmx.com c3522.z1305.winmx.com c3522.z1306.winmx.com c3524.z1301.winmx.com c3524.z1302.winmx.com c3524.z1303.winmx.com c3524.z1304.winmx.com c3524.z1305.winmx.com c3524.z1306.winmx.com c3526.z1301.winmx.com c3526.z1302.winmx.com c3526.z1303.winmx.com c3526.z1304.winmx.com c3526.z1305.winmx.com c3526.z1306.winmx.com c3528.z1301.winmx.com c3528.z1302.winmx.com c3528.z1303.winmx.com c3528.z1304.winmx.com c3528.z1305.winmx.com c3528.z1306.winmx.com
O1 - Hosts: 212.227.64.159 c3523.z1301.winmx.com c3523.z1302.winmx.com c3523.z1303.winmx.com c3523.z1304.winmx.com c3523.z1305.winmx.com c3523.z1306.winmx.com c3527.z1301.winmx.com c3527.z1302.winmx.com c3527.z1303.winmx.com c3527.z1304.winmx.com c3527.z1305.winmx.com c3527.z1306.winmx.com
O1 - Hosts: 82.195.155.5 c3521.z1301.winmx.com c3521.z1302.winmx.com c3521.z1303.winmx.com c3521.z1304.winmx.com c3521.z1305.winmx.com c3521.z1306.winmx.com c3525.z1301.winmx.com c3525.z1302.winmx.com c3525.z1303.winmx.com c3525.z1304.winmx.com c3525.z1305.winmx.com c3525.z1306.winmx.com
O1 - Hosts: 82.43.224.20 c3529.z1301.winmx.com c3529.z1302.winmx.com c3529.z1303.winmx.com c3529.z1304.winmx.com c3529.z1305.winmx.com c3529.z1306.winmx.com
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - :C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (file missing)
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn4\yt.dll
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [EPSON Stylus CX6600 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9EE.EXE /P26 "EPSON Stylus CX6600 Series" /O6 "USB001" /M "Stylus CX6600"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [TrojanScanner] C:\Program Files\Trojan Remover\Trjscan.exe
O4 - HKLM\..\Run: [SunServer] C:\Program Files\Sunbelt Software\CounterSpy\Consumer\sunserver.exe
O4 - HKCU\..\Run: [MSMSGS] :"C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [LDM] \Program\
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: SYSTRANET.lnk = C:\Program Files\Systran\Classic3.0\Systrnet.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: SYSTRAN: &Effacer le cache de traduction - C:\Program Files\Systran\Classic3.0\menuClearCache.html
O8 - Extra context menu item: SYSTRAN: &Options - C:\Program Files\Systran\Classic3.0\menuConfigure.html
O8 - Extra context menu item: SYSTRAN: &Traduire - C:\Program Files\Systran\Classic3.0\menuTranslate.html
O8 - Extra context menu item: SYSTRAN: En®istrement - C:\Program Files\Systran\Classic3.0\menuRegister.html
O8 - Extra context menu item: SYSTRAN: Rechercher les &mises à jour - C:\Program Files\Systran\Classic3.0\menuUpdate.html
O8 - Extra context menu item: SYSTRAN: Traduire les &cadres - C:\Program Files\Systran\Classic3.0\menuTranslateAll.html
O8 - Extra context menu item: Télécharger en utilisant Download &Express - C:\Program Files\Download Express\Add_Url.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: @sysiecom.dll,-2100 - {703436F1-3E1F-11d3-8F6B-00105A2A1D59} - C:\Program Files\Systran\Classic3.0\MenuTranslate.html
O9 - Extra 'Tools' menuitem: @sysiecom.dll,-2102 - {703436F1-3E1F-11d3-8F6B-00105A2A1D59} - C:\Program Files\Systran\Classic3.0\MenuTranslate.html
O9 - Extra button: @sysiecom.dll,-2103 - {703436F2-3E1F-11d3-8F6B-00105A2A1D59} - C:\Program Files\Systran\Classic3.0\MenuTranslateAll.html
O9 - Extra 'Tools' menuitem: @sysiecom.dll,-2105 - {703436F2-3E1F-11d3-8F6B-00105A2A1D59} - C:\Program Files\Systran\Classic3.0\MenuTranslateAll.html
O9 - Extra button: @sysiecom.dll,-2115 - {703436F3-3E1F-11d3-8F6B-00105A2A1D59} - C:\Program Files\Systran\Classic3.0\MenuConfigure.html
O9 - Extra 'Tools' menuitem: @sysiecom.dll,-2117 - {703436F3-3E1F-11d3-8F6B-00105A2A1D59} - C:\Program Files\Systran\Classic3.0\MenuConfigure.html
O9 - Extra button: (no name) - {703436F4-3E1F-11d3-8F6B-00105A2A1D59} - C:\Program Files\Systran\Classic3.0\MenuClearCache.html
O9 - Extra 'Tools' menuitem: @sysiecom.dll,-2108 - {703436F4-3E1F-11d3-8F6B-00105A2A1D59} - C:\Program Files\Systran\Classic3.0\MenuClearCache.html
O9 - Extra button: (no name) - {703436F5-3E1F-11d3-8F6B-00105A2A1D59} - C:\Program Files\Systran\Classic3.0\MenuRegister.html
O9 - Extra 'Tools' menuitem: @sysiecom.dll,-2111 - {703436F5-3E1F-11d3-8F6B-00105A2A1D59} - C:\Program Files\Systran\Classic3.0\MenuRegister.html
O9 - Extra button: (no name) - {703436F6-3E1F-11d3-8F6B-00105A2A1D59} - C:\Program Files\Systran\Classic3.0\MenuUpdates.html (file missing)
O9 - Extra 'Tools' menuitem: @sysiecom.dll,-2114 - {703436F6-3E1F-11d3-8F6B-00105A2A1D59} - C:\Program Files\Systran\Classic3.0\MenuUpdates.html (file missing)
O9 - Extra button: MP3Chansons - {76DD9E77-F06C-4471-AB6C-CF03C5C6B5B0} - C:\WINDOWS\system32\MP3Chansons (file missing)
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: bw+0 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {0538244F-7304-48FB-AC3B-77DEB1795A46} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Ahead Software AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
