[Résolu] Virus, Windows Security Alert
Dernière réponse : dans Sécurité
Bonjour,
Une fenêtre "Windows Security Alert" apparait régulièrement sur mon ordinateur. Cette fenetre dit :
To help protect your computer, Windows Firewall has detected activity of harmful software
Do you want to block this software from sending data over the internet?
Name : Trojan-Downloader.Win32.Agent.bq
Risk Level : CRITICAL
Description : The Trojan is capable of downloading and launching files from the internet on the victim machine. It also downloads a program from the AdWare class to the victim machine.
Sur cette fenêtre il y a trois boutons : "Keep Blocking", "Unblock" et "Enable Protection". Seulement, seul le bouton "Enable Protection" est actif et renvoi vers le lien suivant :***
Cela me semble étrange qu'une fenêtre "Windows Security Alert" renvoie vers une telle adresse.
Quelqu'un pourrait-il m'aider s'il vous plait?
D'avance merci
Une fenêtre "Windows Security Alert" apparait régulièrement sur mon ordinateur. Cette fenetre dit :
To help protect your computer, Windows Firewall has detected activity of harmful software
Do you want to block this software from sending data over the internet?
Name : Trojan-Downloader.Win32.Agent.bq
Risk Level : CRITICAL
Description : The Trojan is capable of downloading and launching files from the internet on the victim machine. It also downloads a program from the AdWare class to the victim machine.
Sur cette fenêtre il y a trois boutons : "Keep Blocking", "Unblock" et "Enable Protection". Seulement, seul le bouton "Enable Protection" est actif et renvoi vers le lien suivant :***
Cela me semble étrange qu'une fenêtre "Windows Security Alert" renvoie vers une telle adresse.
Quelqu'un pourrait-il m'aider s'il vous plait?
D'avance merci
Autres pages sur : resolu virus windows security alert
Lassé par la pub ? Créez un compte
Bonjour,
Supprime le lien de ton premier message, il renvoie vers un site douteux, voire infecté.
Télécharge Hijackthis (de Trend Micro) sur ton Bureau.
Double clique sur HJTInstall.exe pour lancer l'installation.
Clique sur Install.
Double clique sur le raccourci d'HijackThis qui vient d'être créé pour le lancer. (Clique droit -> lancer en tant qu'admin si sous Vista)
Accepte la licence en cliquant sur Yes.
Clique sur "Do a system scan and save a logfile".
Poste ici[ le rapport généré.
Note : Le rapport se trouve également ici : C:\Program Files\Trend Micro\Hijackthis\Hijackthis.log
Aide : Comment utiliser HijackThis.
![;)]( ";)")
Supprime le lien de ton premier message, il renvoie vers un site douteux, voire infecté.
Télécharge Hijackthis (de Trend Micro) sur ton Bureau.
Note : Le rapport se trouve également ici : C:\Program Files\Trend Micro\Hijackthis\Hijackthis.log
Aide : Comment utiliser HijackThis.
- | Alerter
Rebonjour,
Désolé pour le lien. Quelqu'un a dû le retirer, je ne le vois plus.
Voici le rapport générer par HijackThis (merci pour votre aide!!!):
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:29:17, on 09/10/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Documents and Settings\All Users\Application Data\bqbodyxo\rufqxmje.exe
C:\WINDOWS\system32\VTTimer.exe
C:\Program Files\Trend Micro\Internet Security 12\pccguide.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Creative\Creative Live! Cam\VideoFX\StartFX.exe
C:\WINDOWS\V0220Mon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Creative\Creative Live! Cam\Live! Cam Manager\CTLCMgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICAE.EXE
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\WINDOWS\system32\petapkxm.exe
C:\Program Files\Adobe\Adobe Acrobat 6.0\Distillr\acrotray.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\BitComet\BitComet.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.msn.fr/spbasic.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.8.30.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat\AcroIEFavClient.dll (file missing)
O2 - BHO: (no name) - {C5A28212-A58F-47D3-AAC3-276AFA7CBB98} - C:\DOCUME~1\MOIMME~1\LOCALS~1\Temp\~DP8F.dll (file missing)
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat\AcroIEFavClient.dll (file missing)
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [pccguide.exe] "C:\Program Files\Trend Micro\Internet Security 12\pccguide.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [AVFX Engine] C:\Program Files\Creative\Creative Live! Cam\VideoFX\StartFX.exe
O4 - HKLM\..\Run: [V0220Mon.exe] C:\WINDOWS\V0220Mon.exe
O4 - HKLM\..\Run: [LogMeIn GUI] "C:\Program Files\x86\LogMeInSystray.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\RunOnce: [SpybotDeletingA1747] command /c del "C:\WINDOWS\system32\smp\msrc.exe"
O4 - HKLM\..\RunOnce: [SpybotDeletingC5637] cmd /c del "C:\WINDOWS\system32\smp\msrc.exe"
O4 - HKLM\..\RunOnce: [SpybotDeletingA4470] command /c del "C:\WINDOWS\iTunesMusic.exe"
O4 - HKLM\..\RunOnce: [SpybotDeletingC3638] cmd /c del "C:\WINDOWS\iTunesMusic.exe"
O4 - HKLM\..\RunOnce: [SpybotDeletingA7438] command /c del "C:\WINDOWS\winsystem.exe"
O4 - HKLM\..\RunOnce: [SpybotDeletingC827] cmd /c del "C:\WINDOWS\winsystem.exe"
O4 - HKLM\..\RunOnce: [SpybotDeletingA5716] command /c del "C:\WINDOWS\system32\akttzn.exe"
O4 - HKLM\..\RunOnce: [SpybotDeletingC1652] cmd /c del "C:\WINDOWS\system32\akttzn.exe"
O4 - HKLM\..\RunOnce: [SpybotDeletingA5243] command /c del "C:\WINDOWS\system32\anticipator.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingC1903] cmd /c del "C:\WINDOWS\system32\anticipator.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingA7346] command /c del "C:\WINDOWS\system32\awtoolb.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingC3071] cmd /c del "C:\WINDOWS\system32\awtoolb.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingA1921] command /c del "C:\WINDOWS\system32\bdn.com"
O4 - HKLM\..\RunOnce: [SpybotDeletingC2926] cmd /c del "C:\WINDOWS\system32\bdn.com"
O4 - HKLM\..\RunOnce: [SpybotDeletingA9487] command /c del "C:\WINDOWS\system32\bsva-egihsg52.exe"
O4 - HKLM\..\RunOnce: [SpybotDeletingC2293] cmd /c del "C:\WINDOWS\system32\bsva-egihsg52.exe"
O4 - HKLM\..\RunOnce: [SpybotDeletingA840] command /c del "C:\WINDOWS\system32\dpcproxy.exe"
O4 - HKLM\..\RunOnce: [SpybotDeletingC5879] cmd /c del "C:\WINDOWS\system32\dpcproxy.exe"
O4 - HKLM\..\RunOnce: [SpybotDeletingA4276] command /c del "C:\WINDOWS\system32\emesx.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingC8170] cmd /c del "C:\WINDOWS\system32\emesx.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingA433] command /c del "C:\WINDOWS\system32\hoproxy.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingC5603] cmd /c del "C:\WINDOWS\system32\hoproxy.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingA200] command /c del "C:\WINDOWS\system32\hxiwlgpm.dat"
O4 - HKLM\..\RunOnce: [SpybotDeletingC1499] cmd /c del "C:\WINDOWS\system32\hxiwlgpm.dat"
O4 - HKLM\..\RunOnce: [SpybotDeletingA557] command /c del "C:\WINDOWS\system32\hxiwlgpm.exe"
O4 - HKLM\..\RunOnce: [SpybotDeletingC3729] cmd /c del "C:\WINDOWS\system32\hxiwlgpm.exe"
O4 - HKLM\..\RunOnce: [SpybotDeletingA9600] command /c del "C:\WINDOWS\system32\medup012.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingC5569] cmd /c del "C:\WINDOWS\system32\medup012.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingA776] command /c del "C:\WINDOWS\system32\msgp.exe"
O4 - HKLM\..\RunOnce: [SpybotDeletingC6934] cmd /c del "C:\WINDOWS\system32\msgp.exe"
O4 - HKLM\..\RunOnce: [SpybotDeletingA7831] command /c del "C:\WINDOWS\system32\msnbho.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingC5926] cmd /c del "C:\WINDOWS\system32\msnbho.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingA2027] command /c del "C:\WINDOWS\system32\mssecu.exe"
O4 - HKLM\..\RunOnce: [SpybotDeletingC5591] cmd /c del "C:\WINDOWS\system32\mssecu.exe"
O4 - HKLM\..\RunOnce: [SpybotDeletingA656] command /c del "C:\WINDOWS\system32\msvchost.exe"
O4 - HKLM\..\RunOnce: [SpybotDeletingC2127] cmd /c del "C:\WINDOWS\system32\msvchost.exe"
O4 - HKLM\..\RunOnce: [SpybotDeletingA5486] command /c del "C:\WINDOWS\system32\mtr2.exe"
O4 - HKLM\..\RunOnce: [SpybotDeletingC7525] cmd /c del "C:\WINDOWS\system32\mtr2.exe"
O4 - HKLM\..\RunOnce: [SpybotDeletingA7882] command /c del "C:\WINDOWS\system32\mwin32.exe"
O4 - HKLM\..\RunOnce: [SpybotDeletingC7915] cmd /c del "C:\WINDOWS\system32\mwin32.exe"
O4 - HKLM\..\RunOnce: [SpybotDeletingA44] command /c del "C:\WINDOWS\system32\netode.exe"
O4 - HKLM\..\RunOnce: [SpybotDeletingC1143] cmd /c del "C:\WINDOWS\system32\netode.exe"
O4 - HKLM\..\RunOnce: [SpybotDeletingA113] command /c del "C:\WINDOWS\system32\newsd32.exe"
O4 - HKLM\..\RunOnce: [SpybotDeletingC2944] cmd /c del "C:\WINDOWS\system32\newsd32.exe"
O4 - HKLM\..\RunOnce: [SpybotDeletingA567] command /c del "C:\WINDOWS\system32\ps1.exe"
O4 - HKLM\..\RunOnce: [SpybotDeletingC4256] cmd /c del "C:\WINDOWS\system32\ps1.exe"
O4 - HKLM\..\RunOnce: [SpybotDeletingA4624] command /c del "C:\WINDOWS\system32\psof1.exe"
O4 - HKLM\..\RunOnce: [SpybotDeletingC9082] cmd /c del "C:\WINDOWS\system32\psof1.exe"
O4 - HKLM\..\RunOnce: [SpybotDeletingA8213] command /c del "C:\WINDOWS\system32\psoft1.exe"
O4 - HKLM\..\RunOnce: [SpybotDeletingC4] cmd /c del "C:\WINDOWS\system32\psoft1.exe"
O4 - HKLM\..\RunOnce: [SpybotDeletingA2153] command /c del "C:\WINDOWS\system32\regc64.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingC5144] cmd /c del "C:\WINDOWS\system32\regc64.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingA3610] command /c del "C:\WINDOWS\system32\regm64.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingC2528] cmd /c del "C:\WINDOWS\system32\regm64.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingA3642] command /c del "C:\WINDOWS\system32\Rundl1.exe"
O4 - HKLM\..\RunOnce: [SpybotDeletingC7241] cmd /c del "C:\WINDOWS\system32\Rundl1.exe"
O4 - HKLM\..\RunOnce: [SpybotDeletingA6491] command /c del "C:\WINDOWS\system32\sncntr.exe"
O4 - HKLM\..\RunOnce: [SpybotDeletingC3309] cmd /c del "C:\WINDOWS\system32\sncntr.exe"
O4 - HKLM\..\RunOnce: [SpybotDeletingA2012] command /c del "C:\WINDOWS\system32\ssurf022.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingC4714] cmd /c del "C:\WINDOWS\system32\ssurf022.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingA5228] command /c del "C:\WINDOWS\system32\ssvchost.com"
O4 - HKLM\..\RunOnce: [SpybotDeletingC3635] cmd /c del "C:\WINDOWS\system32\ssvchost.com"
O4 - HKLM\..\RunOnce: [SpybotDeletingA6982] command /c del "C:\WINDOWS\system32\ssvchost.exe"
O4 - HKLM\..\RunOnce: [SpybotDeletingC8909] cmd /c del "C:\WINDOWS\system32\ssvchost.exe"
O4 - HKLM\..\RunOnce: [SpybotDeletingA2680] command /c del "C:\WINDOWS\system32\sysreq.exe"
O4 - HKLM\..\RunOnce: [SpybotDeletingC5710] cmd /c del "C:\WINDOWS\system32\sysreq.exe"
O4 - HKLM\..\RunOnce: [SpybotDeletingA3549] command /c del "C:\WINDOWS\system32\taack.dat"
O4 - HKLM\..\RunOnce: [SpybotDeletingC4779] cmd /c del "C:\WINDOWS\system32\taack.dat"
O4 - HKLM\..\RunOnce: [SpybotDeletingA7712] command /c del "C:\WINDOWS\system32\taack.exe"
O4 - HKLM\..\RunOnce: [SpybotDeletingC817] cmd /c del "C:\WINDOWS\system32\taack.exe"
O4 - HKLM\..\RunOnce: [SpybotDeletingA3688] command /c del "C:\WINDOWS\system32\temp#01.exe"
O4 - HKLM\..\RunOnce: [SpybotDeletingC7656] cmd /c del "C:\WINDOWS\system32\temp#01.exe"
O4 - HKLM\..\RunOnce: [SpybotDeletingA506] command /c del "C:\WINDOWS\system32\thun.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingC7220] cmd /c del "C:\WINDOWS\system32\thun.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingA2742] command /c del "C:\WINDOWS\system32\thun32.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingC2467] cmd /c del "C:\WINDOWS\system32\thun32.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingA1376] command /c del "C:\WINDOWS\system32\VBIEWER.OCX"
O4 - HKLM\..\RunOnce: [SpybotDeletingC3781] cmd /c del "C:\WINDOWS\system32\VBIEWER.OCX"
O4 - HKLM\..\RunOnce: [SpybotDeletingA2032] command /c del "C:\WINDOWS\system32\vbsys2.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingC2457] cmd /c del "C:\WINDOWS\system32\vbsys2.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingA3105] command /c del "C:\WINDOWS\system32\vcatchpi.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingC2781] cmd /c del "C:\WINDOWS\system32\vcatchpi.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingA8063] command /c del "C:\WINDOWS\system32\winlogonpc.exe"
O4 - HKLM\..\RunOnce: [SpybotDeletingC175] cmd /c del "C:\WINDOWS\system32\winlogonpc.exe"
O4 - HKLM\..\RunOnce: [SpybotDeletingA321] command /c del "C:\WINDOWS\system32\winsystem.exe"
O4 - HKLM\..\RunOnce: [SpybotDeletingC7339] cmd /c del "C:\WINDOWS\system32\winsystem.exe"
O4 - HKLM\..\RunOnce: [SpybotDeletingA4400] command /c del "C:\WINDOWS\system32\WINWGPX.EXE"
O4 - HKLM\..\RunOnce: [SpybotDeletingC5400] cmd /c del "C:\WINDOWS\system32\WINWGPX.EXE"
O4 - HKLM\..\RunOnce: [SpybotDeletingA4845] command /c del "C:\WINDOWS\a.bat"
O4 - HKLM\..\RunOnce: [SpybotDeletingC9080] cmd /c del "C:\WINDOWS\a.bat"
O4 - HKLM\..\RunOnce: [SpybotDeletingA3484] command /c del "C:\WINDOWS\base64.tmp"
O4 - HKLM\..\RunOnce: [SpybotDeletingC9901] cmd /c del "C:\WINDOWS\base64.tmp"
O4 - HKLM\..\RunOnce: [SpybotDeletingA4963] command /c del "C:\WINDOWS\bdn.com"
O4 - HKLM\..\RunOnce: [SpybotDeletingC6505] cmd /c del "C:\WINDOWS\bdn.com"
O4 - HKLM\..\RunOnce: [SpybotDeletingA7274] command /c del "C:\WINDOWS\FVProtect.exe"
O4 - HKLM\..\RunOnce: [SpybotDeletingC5443] cmd /c del "C:\WINDOWS\FVProtect.exe"
O4 - HKLM\..\RunOnce: [SpybotDeletingA8153] command /c del "C:\WINDOWS\mssecu.exe"
O4 - HKLM\..\RunOnce: [SpybotDeletingC9757] cmd /c del "C:\WINDOWS\mssecu.exe"
O4 - HKLM\..\RunOnce: [SpybotDeletingA8501] command /c del "C:\WINDOWS\userconfig9x.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingC1051] cmd /c del "C:\WINDOWS\userconfig9x.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingA6170] command /c del "C:\WINDOWS\zip1.tmp"
O4 - HKLM\..\RunOnce: [SpybotDeletingC6372] cmd /c del "C:\WINDOWS\zip1.tmp"
O4 - HKLM\..\RunOnce: [SpybotDeletingA6336] command /c del "C:\WINDOWS\zip2.tmp"
O4 - HKLM\..\RunOnce: [SpybotDeletingC6357] cmd /c del "C:\WINDOWS\zip2.tmp"
O4 - HKLM\..\RunOnce: [SpybotDeletingA7652] command /c del "C:\WINDOWS\zip3.tmp"
O4 - HKLM\..\RunOnce: [SpybotDeletingC5491] cmd /c del "C:\WINDOWS\zip3.tmp"
O4 - HKLM\..\RunOnce: [SpybotDeletingA299] command /c del "C:\WINDOWS\zipped.tmp"
O4 - HKLM\..\RunOnce: [SpybotDeletingC1020] cmd /c del "C:\WINDOWS\zipped.tmp"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [Configuration de la C-BOX] C:\Program Files\Cegetel\C-BOX\Wizard\QuickAccess.exe
O4 - HKCU\..\Run: [Creative Live! Cam Manager] "C:\Program Files\Creative\Creative Live! Cam\Live! Cam Manager\CTLCMgr.exe"
O4 - HKCU\..\Run: [AnyDVD] C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BitComet] "C:\Program Files\BitComet\BitComet.exe" /tray
O4 - HKCU\..\Run: [EPSON Stylus DX4400 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICAE.EXE /FU "C:\WINDOWS\TEMP\E_S24A.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [apicfgwin] C:\WINDOWS\system32\petapkxm.exe
O4 - HKCU\..\RunOnce: [SpybotDeletingB5206] command /c del "C:\WINDOWS\system32\smp\msrc.exe"
O4 - HKCU\..\RunOnce: [SpybotDeletingD8864] cmd /c del "C:\WINDOWS\system32\smp\msrc.exe"
O4 - HKCU\..\RunOnce: [SpybotDeletingB6590] command /c del "C:\WINDOWS\iTunesMusic.exe"
O4 - HKCU\..\RunOnce: [SpybotDeletingD5461] cmd /c del "C:\WINDOWS\iTunesMusic.exe"
O4 - HKCU\..\RunOnce: [SpybotDeletingB1221] command /c del "C:\WINDOWS\winsystem.exe"
O4 - HKCU\..\RunOnce: [SpybotDeletingD7062] cmd /c del "C:\WINDOWS\winsystem.exe"
O4 - HKCU\..\RunOnce: [SpybotDeletingB1479] command /c del "C:\WINDOWS\system32\akttzn.exe"
O4 - HKCU\..\RunOnce: [SpybotDeletingD2271] cmd /c del "C:\WINDOWS\system32\akttzn.exe"
O4 - HKCU\..\RunOnce: [SpybotDeletingB9778] command /c del "C:\WINDOWS\system32\anticipator.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingD4464] cmd /c del "C:\WINDOWS\system32\anticipator.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingB5689] command /c del "C:\WINDOWS\system32\awtoolb.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingD1669] cmd /c del "C:\WINDOWS\system32\awtoolb.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingB866] command /c del "C:\WINDOWS\FVProtect.exe"
O4 - HKCU\..\RunOnce: [SpybotDeletingD7972] cmd /c del "C:\WINDOWS\system32\bdn.com"
O4 - HKCU\..\RunOnce: [SpybotDeletingB5803] command /c del "C:\WINDOWS\system32\bsva-egihsg52.exe"
O4 - HKCU\..\RunOnce: [SpybotDeletingD6418] cmd /c del "C:\WINDOWS\system32\bsva-egihsg52.exe"
O4 - HKCU\..\RunOnce: [SpybotDeletingB2293] command /c del "C:\WINDOWS\system32\dpcproxy.exe"
O4 - HKCU\..\RunOnce: [SpybotDeletingD169] cmd /c del "C:\WINDOWS\system32\dpcproxy.exe"
O4 - HKCU\..\RunOnce: [SpybotDeletingB4436] command /c del "C:\WINDOWS\system32\emesx.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingD715] cmd /c del "C:\WINDOWS\system32\emesx.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingB2032] command /c del "C:\WINDOWS\system32\hoproxy.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingD7132] cmd /c del "C:\WINDOWS\system32\hoproxy.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingB7078] command /c del "C:\WINDOWS\system32\hxiwlgpm.dat"
O4 - HKCU\..\RunOnce: [SpybotDeletingD554] cmd /c del "C:\WINDOWS\system32\hxiwlgpm.dat"
O4 - HKCU\..\RunOnce: [SpybotDeletingB4828] command /c del "C:\WINDOWS\system32\hxiwlgpm.exe"
O4 - HKCU\..\RunOnce: [SpybotDeletingD9868] cmd /c del "C:\WINDOWS\system32\hxiwlgpm.exe"
O4 - HKCU\..\RunOnce: [SpybotDeletingB5978] command /c del "C:\WINDOWS\system32\medup012.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingD4125] cmd /c del "C:\WINDOWS\system32\medup012.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingB3098] command /c del "C:\WINDOWS\system32\msgp.exe"
O4 - HKCU\..\RunOnce: [SpybotDeletingD79] cmd /c del "C:\WINDOWS\system32\msgp.exe"
O4 - HKCU\..\RunOnce: [SpybotDeletingB4288] command /c del "C:\WINDOWS\system32\msnbho.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingD7599] cmd /c del "C:\WINDOWS\system32\msnbho.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingB5727] command /c del "C:\WINDOWS\system32\mssecu.exe"
O4 - HKCU\..\RunOnce: [SpybotDeletingD1609] cmd /c del "C:\WINDOWS\system32\mssecu.exe"
O4 - HKCU\..\RunOnce: [SpybotDeletingB7955] command /c del "C:\WINDOWS\system32\msvchost.exe"
O4 - HKCU\..\RunOnce: [SpybotDeletingD1155] cmd /c del "C:\WINDOWS\system32\msvchost.exe"
O4 - HKCU\..\RunOnce: [SpybotDeletingB6618] command /c del "C:\WINDOWS\system32\mtr2.exe"
O4 - HKCU\..\RunOnce: [SpybotDeletingD3780] cmd /c del "C:\WINDOWS\system32\mtr2.exe"
O4 - HKCU\..\RunOnce: [SpybotDeletingB4105] command /c del "C:\WINDOWS\system32\mwin32.exe"
O4 - HKCU\..\RunOnce: [SpybotDeletingD5028] cmd /c del "C:\WINDOWS\system32\mwin32.exe"
O4 - HKCU\..\RunOnce: [SpybotDeletingB7947] command /c del "C:\WINDOWS\system32\netode.exe"
O4 - HKCU\..\RunOnce: [SpybotDeletingD3095] cmd /c del "C:\WINDOWS\system32\netode.exe"
O4 - HKCU\..\RunOnce: [SpybotDeletingB5725] command /c del "C:\WINDOWS\system32\newsd32.exe"
O4 - HKCU\..\RunOnce: [SpybotDeletingD5360] cmd /c del "C:\WINDOWS\system32\newsd32.exe"
O4 - HKCU\..\RunOnce: [SpybotDeletingB5398] command /c del "C:\WINDOWS\system32\ps1.exe"
O4 - HKCU\..\RunOnce: [SpybotDeletingD6288] cmd /c del "C:\WINDOWS\system32\ps1.exe"
O4 - HKCU\..\RunOnce: [SpybotDeletingB4153] command /c del "C:\WINDOWS\system32\psof1.exe"
O4 - HKCU\..\RunOnce: [SpybotDeletingD6675] cmd /c del "C:\WINDOWS\system32\psof1.exe"
O4 - HKCU\..\RunOnce: [SpybotDeletingB3143] command /c del "C:\WINDOWS\system32\psoft1.exe"
O4 - HKCU\..\RunOnce: [SpybotDeletingD9862] cmd /c del "C:\WINDOWS\system32\psoft1.exe"
O4 - HKCU\..\RunOnce: [SpybotDeletingB662] command /c del "C:\WINDOWS\system32\regc64.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingD3084] cmd /c del "C:\WINDOWS\system32\regc64.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingB6585] command /c del "C:\WINDOWS\system32\regm64.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingD9175] cmd /c del "C:\WINDOWS\system32\regm64.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingB3373] command /c del "C:\WINDOWS\system32\Rundl1.exe"
O4 - HKCU\..\RunOnce: [SpybotDeletingD9822] cmd /c del "C:\WINDOWS\system32\Rundl1.exe"
O4 - HKCU\..\RunOnce: [SpybotDeletingB1837] command /c del "C:\WINDOWS\system32\sncntr.exe"
O4 - HKCU\..\RunOnce: [SpybotDeletingD4691] cmd /c del "C:\WINDOWS\system32\sncntr.exe"
O4 - HKCU\..\RunOnce: [SpybotDeletingB6515] command /c del "C:\WINDOWS\system32\ssurf022.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingD9935] cmd /c del "C:\WINDOWS\system32\ssurf022.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingB9175] command /c del "C:\WINDOWS\system32\ssvchost.com"
O4 - HKCU\..\RunOnce: [SpybotDeletingD6319] cmd /c del "C:\WINDOWS\system32\ssvchost.com"
O4 - HKCU\..\RunOnce: [SpybotDeletingB6447] command /c del "C:\WINDOWS\system32\ssvchost.exe"
O4 - HKCU\..\RunOnce: [SpybotDeletingD6844] cmd /c del "C:\WINDOWS\system32\ssvchost.exe"
O4 - HKCU\..\RunOnce: [SpybotDeletingB2535] command /c del "C:\WINDOWS\system32\sysreq.exe"
O4 - HKCU\..\RunOnce: [SpybotDeletingD6963] cmd /c del "C:\WINDOWS\system32\sysreq.exe"
O4 - HKCU\..\RunOnce: [SpybotDeletingB9300] command /c del "C:\WINDOWS\system32\taack.dat"
O4 - HKCU\..\RunOnce: [SpybotDeletingD6702] cmd /c del "C:\WINDOWS\system32\taack.dat"
O4 - HKCU\..\RunOnce: [SpybotDeletingB6837] command /c del "C:\WINDOWS\system32\taack.exe"
O4 - HKCU\..\RunOnce: [SpybotDeletingD7467] cmd /c del "C:\WINDOWS\system32\taack.exe"
O4 - HKCU\..\RunOnce: [SpybotDeletingB987] command /c del "C:\WINDOWS\system32\temp#01.exe"
O4 - HKCU\..\RunOnce: [SpybotDeletingD8253] cmd /c del "C:\WINDOWS\system32\temp#01.exe"
O4 - HKCU\..\RunOnce: [SpybotDeletingB7029] command /c del "C:\WINDOWS\system32\thun.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingD835] cmd /c del "C:\WINDOWS\system32\thun.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingB375] command /c del "C:\WINDOWS\system32\thun32.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingD597] cmd /c del "C:\WINDOWS\system32\thun32.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingB7111] command /c del "C:\WINDOWS\system32\VBIEWER.OCX"
O4 - HKCU\..\RunOnce: [SpybotDeletingD1738] cmd /c del "C:\WINDOWS\system32\VBIEWER.OCX"
O4 - HKCU\..\RunOnce: [SpybotDeletingB6955] command /c del "C:\WINDOWS\system32\vbsys2.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingD5660] cmd /c del "C:\WINDOWS\system32\vbsys2.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingB9154] command /c del "C:\WINDOWS\system32\vcatchpi.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingD7187] cmd /c del "C:\WINDOWS\system32\vcatchpi.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingB420] command /c del "C:\WINDOWS\system32\winlogonpc.exe"
O4 - HKCU\..\RunOnce: [SpybotDeletingD2953] cmd /c del "C:\WINDOWS\system32\winlogonpc.exe"
O4 - HKCU\..\RunOnce: [SpybotDeletingB8337] command /c del "C:\WINDOWS\system32\winsystem.exe"
O4 - HKCU\..\RunOnce: [SpybotDeletingD6356] cmd /c del "C:\WINDOWS\system32\winsystem.exe"
O4 - HKCU\..\RunOnce: [SpybotDeletingB9084] command /c del "C:\WINDOWS\system32\WINWGPX.EXE"
O4 - HKCU\..\RunOnce: [SpybotDeletingD3606] cmd /c del "C:\WINDOWS\system32\WINWGPX.EXE"
O4 - HKCU\..\RunOnce: [SpybotDeletingB7683] command /c del "C:\WINDOWS\a.bat"
O4 - HKCU\..\RunOnce: [SpybotDeletingD7069] cmd /c del "C:\WINDOWS\a.bat"
O4 - HKCU\..\RunOnce: [SpybotDeletingB9246] command /c del "C:\WINDOWS\base64.tmp"
O4 - HKCU\..\RunOnce: [SpybotDeletingD6922] cmd /c del "C:\WINDOWS\base64.tmp"
O4 - HKCU\..\RunOnce: [SpybotDeletingB65] command /c del "C:\WINDOWS\bdn.com"
O4 - HKCU\..\RunOnce: [SpybotDeletingD4477] cmd /c del "C:\WINDOWS\bdn.com"
O4 - HKCU\..\RunOnce: [SpybotDeletingD7447] cmd /c del "C:\WINDOWS\FVProtect.exe"
O4 - HKCU\..\RunOnce: [SpybotDeletingB1694] command /c del "C:\WINDOWS\mssecu.exe"
O4 - HKCU\..\RunOnce: [SpybotDeletingD7289] cmd /c del "C:\WINDOWS\mssecu.exe"
O4 - HKCU\..\RunOnce: [SpybotDeletingB8172] command /c del "C:\WINDOWS\userconfig9x.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingD4456] cmd /c del "C:\WINDOWS\userconfig9x.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingB5020] command /c del "C:\WINDOWS\zip1.tmp"
O4 - HKCU\..\RunOnce: [SpybotDeletingD6787] cmd /c del "C:\WINDOWS\zip1.tmp"
O4 - HKCU\..\RunOnce: [SpybotDeletingB4829] command /c del "C:\WINDOWS\zip2.tmp"
O4 - HKCU\..\RunOnce: [SpybotDeletingD6606] cmd /c del "C:\WINDOWS\zip2.tmp"
O4 - HKCU\..\RunOnce: [SpybotDeletingB5169] command /c del "C:\WINDOWS\zip3.tmp"
O4 - HKCU\..\RunOnce: [SpybotDeletingD5179] cmd /c del "C:\WINDOWS\zip3.tmp"
O4 - HKCU\..\RunOnce: [SpybotDeletingB1422] command /c del "C:\WINDOWS\zipped.tmp"
O4 - HKCU\..\RunOnce: [SpybotDeletingD9978] cmd /c del "C:\WINDOWS\zipped.tmp"
O4 - HKLM\..\Policies\Explorer\Run: [kPv5ZlRg3F] C:\Documents and Settings\All Users\Application Data\bqbodyxo\rufqxmje.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Assistant d'Acrobat.lnk = C:\Program Files\Adobe\Adobe Acrobat 6.0\Distillr\acrotray.exe
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: BitComet Search - {461CC20B-FB6E-4f16-8FE8-C29359DB100E} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.8.30.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} (Performance Viewer Activex Control) - https://secure.logmein.com/activex/RACtrl.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{59B8D619-0CD9-41D8-8364-6B2BAB9BF950}: NameServer = 213.30.96.108,213.203.124.146
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O21 - SSODL: infoen - {08AA84D9-CBF4-F2DD-3E1A-01F02C470590} - C:\Program Files\dhahmac\infoen.dll
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Program Files\x86\RaMaint.exe
O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Program Files\x86\LogMeIn.exe
O23 - Service: Trend Micro Central Control Component (PcCtlCom) - Trend Micro Incorporated. - C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe
O23 - Service: Trend Micro Real-time Service (Tmntsrv) - Trend Micro Incorporated. - C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe
O23 - Service: Trend Micro Personal Firewall (TmPfw) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
O23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe
O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Program Files\Windows Live\installer\WLSetupSvc.exe
--
End of file - 28322 bytes
Désolé pour le lien. Quelqu'un a dû le retirer, je ne le vois plus.
Voici le rapport générer par HijackThis (merci pour votre aide!!!):
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:29:17, on 09/10/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Documents and Settings\All Users\Application Data\bqbodyxo\rufqxmje.exe
C:\WINDOWS\system32\VTTimer.exe
C:\Program Files\Trend Micro\Internet Security 12\pccguide.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Creative\Creative Live! Cam\VideoFX\StartFX.exe
C:\WINDOWS\V0220Mon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Creative\Creative Live! Cam\Live! Cam Manager\CTLCMgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICAE.EXE
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\WINDOWS\system32\petapkxm.exe
C:\Program Files\Adobe\Adobe Acrobat 6.0\Distillr\acrotray.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\BitComet\BitComet.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.msn.fr/spbasic.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.8.30.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat\AcroIEFavClient.dll (file missing)
O2 - BHO: (no name) - {C5A28212-A58F-47D3-AAC3-276AFA7CBB98} - C:\DOCUME~1\MOIMME~1\LOCALS~1\Temp\~DP8F.dll (file missing)
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat\AcroIEFavClient.dll (file missing)
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [pccguide.exe] "C:\Program Files\Trend Micro\Internet Security 12\pccguide.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [AVFX Engine] C:\Program Files\Creative\Creative Live! Cam\VideoFX\StartFX.exe
O4 - HKLM\..\Run: [V0220Mon.exe] C:\WINDOWS\V0220Mon.exe
O4 - HKLM\..\Run: [LogMeIn GUI] "C:\Program Files\x86\LogMeInSystray.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\RunOnce: [SpybotDeletingA1747] command /c del "C:\WINDOWS\system32\smp\msrc.exe"
O4 - HKLM\..\RunOnce: [SpybotDeletingC5637] cmd /c del "C:\WINDOWS\system32\smp\msrc.exe"
O4 - HKLM\..\RunOnce: [SpybotDeletingA4470] command /c del "C:\WINDOWS\iTunesMusic.exe"
O4 - HKLM\..\RunOnce: [SpybotDeletingC3638] cmd /c del "C:\WINDOWS\iTunesMusic.exe"
O4 - HKLM\..\RunOnce: [SpybotDeletingA7438] command /c del "C:\WINDOWS\winsystem.exe"
O4 - HKLM\..\RunOnce: [SpybotDeletingC827] cmd /c del "C:\WINDOWS\winsystem.exe"
O4 - HKLM\..\RunOnce: [SpybotDeletingA5716] command /c del "C:\WINDOWS\system32\akttzn.exe"
O4 - HKLM\..\RunOnce: [SpybotDeletingC1652] cmd /c del "C:\WINDOWS\system32\akttzn.exe"
O4 - HKLM\..\RunOnce: [SpybotDeletingA5243] command /c del "C:\WINDOWS\system32\anticipator.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingC1903] cmd /c del "C:\WINDOWS\system32\anticipator.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingA7346] command /c del "C:\WINDOWS\system32\awtoolb.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingC3071] cmd /c del "C:\WINDOWS\system32\awtoolb.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingA1921] command /c del "C:\WINDOWS\system32\bdn.com"
O4 - HKLM\..\RunOnce: [SpybotDeletingC2926] cmd /c del "C:\WINDOWS\system32\bdn.com"
O4 - HKLM\..\RunOnce: [SpybotDeletingA9487] command /c del "C:\WINDOWS\system32\bsva-egihsg52.exe"
O4 - HKLM\..\RunOnce: [SpybotDeletingC2293] cmd /c del "C:\WINDOWS\system32\bsva-egihsg52.exe"
O4 - HKLM\..\RunOnce: [SpybotDeletingA840] command /c del "C:\WINDOWS\system32\dpcproxy.exe"
O4 - HKLM\..\RunOnce: [SpybotDeletingC5879] cmd /c del "C:\WINDOWS\system32\dpcproxy.exe"
O4 - HKLM\..\RunOnce: [SpybotDeletingA4276] command /c del "C:\WINDOWS\system32\emesx.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingC8170] cmd /c del "C:\WINDOWS\system32\emesx.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingA433] command /c del "C:\WINDOWS\system32\hoproxy.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingC5603] cmd /c del "C:\WINDOWS\system32\hoproxy.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingA200] command /c del "C:\WINDOWS\system32\hxiwlgpm.dat"
O4 - HKLM\..\RunOnce: [SpybotDeletingC1499] cmd /c del "C:\WINDOWS\system32\hxiwlgpm.dat"
O4 - HKLM\..\RunOnce: [SpybotDeletingA557] command /c del "C:\WINDOWS\system32\hxiwlgpm.exe"
O4 - HKLM\..\RunOnce: [SpybotDeletingC3729] cmd /c del "C:\WINDOWS\system32\hxiwlgpm.exe"
O4 - HKLM\..\RunOnce: [SpybotDeletingA9600] command /c del "C:\WINDOWS\system32\medup012.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingC5569] cmd /c del "C:\WINDOWS\system32\medup012.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingA776] command /c del "C:\WINDOWS\system32\msgp.exe"
O4 - HKLM\..\RunOnce: [SpybotDeletingC6934] cmd /c del "C:\WINDOWS\system32\msgp.exe"
O4 - HKLM\..\RunOnce: [SpybotDeletingA7831] command /c del "C:\WINDOWS\system32\msnbho.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingC5926] cmd /c del "C:\WINDOWS\system32\msnbho.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingA2027] command /c del "C:\WINDOWS\system32\mssecu.exe"
O4 - HKLM\..\RunOnce: [SpybotDeletingC5591] cmd /c del "C:\WINDOWS\system32\mssecu.exe"
O4 - HKLM\..\RunOnce: [SpybotDeletingA656] command /c del "C:\WINDOWS\system32\msvchost.exe"
O4 - HKLM\..\RunOnce: [SpybotDeletingC2127] cmd /c del "C:\WINDOWS\system32\msvchost.exe"
O4 - HKLM\..\RunOnce: [SpybotDeletingA5486] command /c del "C:\WINDOWS\system32\mtr2.exe"
O4 - HKLM\..\RunOnce: [SpybotDeletingC7525] cmd /c del "C:\WINDOWS\system32\mtr2.exe"
O4 - HKLM\..\RunOnce: [SpybotDeletingA7882] command /c del "C:\WINDOWS\system32\mwin32.exe"
O4 - HKLM\..\RunOnce: [SpybotDeletingC7915] cmd /c del "C:\WINDOWS\system32\mwin32.exe"
O4 - HKLM\..\RunOnce: [SpybotDeletingA44] command /c del "C:\WINDOWS\system32\netode.exe"
O4 - HKLM\..\RunOnce: [SpybotDeletingC1143] cmd /c del "C:\WINDOWS\system32\netode.exe"
O4 - HKLM\..\RunOnce: [SpybotDeletingA113] command /c del "C:\WINDOWS\system32\newsd32.exe"
O4 - HKLM\..\RunOnce: [SpybotDeletingC2944] cmd /c del "C:\WINDOWS\system32\newsd32.exe"
O4 - HKLM\..\RunOnce: [SpybotDeletingA567] command /c del "C:\WINDOWS\system32\ps1.exe"
O4 - HKLM\..\RunOnce: [SpybotDeletingC4256] cmd /c del "C:\WINDOWS\system32\ps1.exe"
O4 - HKLM\..\RunOnce: [SpybotDeletingA4624] command /c del "C:\WINDOWS\system32\psof1.exe"
O4 - HKLM\..\RunOnce: [SpybotDeletingC9082] cmd /c del "C:\WINDOWS\system32\psof1.exe"
O4 - HKLM\..\RunOnce: [SpybotDeletingA8213] command /c del "C:\WINDOWS\system32\psoft1.exe"
O4 - HKLM\..\RunOnce: [SpybotDeletingC4] cmd /c del "C:\WINDOWS\system32\psoft1.exe"
O4 - HKLM\..\RunOnce: [SpybotDeletingA2153] command /c del "C:\WINDOWS\system32\regc64.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingC5144] cmd /c del "C:\WINDOWS\system32\regc64.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingA3610] command /c del "C:\WINDOWS\system32\regm64.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingC2528] cmd /c del "C:\WINDOWS\system32\regm64.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingA3642] command /c del "C:\WINDOWS\system32\Rundl1.exe"
O4 - HKLM\..\RunOnce: [SpybotDeletingC7241] cmd /c del "C:\WINDOWS\system32\Rundl1.exe"
O4 - HKLM\..\RunOnce: [SpybotDeletingA6491] command /c del "C:\WINDOWS\system32\sncntr.exe"
O4 - HKLM\..\RunOnce: [SpybotDeletingC3309] cmd /c del "C:\WINDOWS\system32\sncntr.exe"
O4 - HKLM\..\RunOnce: [SpybotDeletingA2012] command /c del "C:\WINDOWS\system32\ssurf022.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingC4714] cmd /c del "C:\WINDOWS\system32\ssurf022.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingA5228] command /c del "C:\WINDOWS\system32\ssvchost.com"
O4 - HKLM\..\RunOnce: [SpybotDeletingC3635] cmd /c del "C:\WINDOWS\system32\ssvchost.com"
O4 - HKLM\..\RunOnce: [SpybotDeletingA6982] command /c del "C:\WINDOWS\system32\ssvchost.exe"
O4 - HKLM\..\RunOnce: [SpybotDeletingC8909] cmd /c del "C:\WINDOWS\system32\ssvchost.exe"
O4 - HKLM\..\RunOnce: [SpybotDeletingA2680] command /c del "C:\WINDOWS\system32\sysreq.exe"
O4 - HKLM\..\RunOnce: [SpybotDeletingC5710] cmd /c del "C:\WINDOWS\system32\sysreq.exe"
O4 - HKLM\..\RunOnce: [SpybotDeletingA3549] command /c del "C:\WINDOWS\system32\taack.dat"
O4 - HKLM\..\RunOnce: [SpybotDeletingC4779] cmd /c del "C:\WINDOWS\system32\taack.dat"
O4 - HKLM\..\RunOnce: [SpybotDeletingA7712] command /c del "C:\WINDOWS\system32\taack.exe"
O4 - HKLM\..\RunOnce: [SpybotDeletingC817] cmd /c del "C:\WINDOWS\system32\taack.exe"
O4 - HKLM\..\RunOnce: [SpybotDeletingA3688] command /c del "C:\WINDOWS\system32\temp#01.exe"
O4 - HKLM\..\RunOnce: [SpybotDeletingC7656] cmd /c del "C:\WINDOWS\system32\temp#01.exe"
O4 - HKLM\..\RunOnce: [SpybotDeletingA506] command /c del "C:\WINDOWS\system32\thun.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingC7220] cmd /c del "C:\WINDOWS\system32\thun.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingA2742] command /c del "C:\WINDOWS\system32\thun32.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingC2467] cmd /c del "C:\WINDOWS\system32\thun32.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingA1376] command /c del "C:\WINDOWS\system32\VBIEWER.OCX"
O4 - HKLM\..\RunOnce: [SpybotDeletingC3781] cmd /c del "C:\WINDOWS\system32\VBIEWER.OCX"
O4 - HKLM\..\RunOnce: [SpybotDeletingA2032] command /c del "C:\WINDOWS\system32\vbsys2.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingC2457] cmd /c del "C:\WINDOWS\system32\vbsys2.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingA3105] command /c del "C:\WINDOWS\system32\vcatchpi.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingC2781] cmd /c del "C:\WINDOWS\system32\vcatchpi.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingA8063] command /c del "C:\WINDOWS\system32\winlogonpc.exe"
O4 - HKLM\..\RunOnce: [SpybotDeletingC175] cmd /c del "C:\WINDOWS\system32\winlogonpc.exe"
O4 - HKLM\..\RunOnce: [SpybotDeletingA321] command /c del "C:\WINDOWS\system32\winsystem.exe"
O4 - HKLM\..\RunOnce: [SpybotDeletingC7339] cmd /c del "C:\WINDOWS\system32\winsystem.exe"
O4 - HKLM\..\RunOnce: [SpybotDeletingA4400] command /c del "C:\WINDOWS\system32\WINWGPX.EXE"
O4 - HKLM\..\RunOnce: [SpybotDeletingC5400] cmd /c del "C:\WINDOWS\system32\WINWGPX.EXE"
O4 - HKLM\..\RunOnce: [SpybotDeletingA4845] command /c del "C:\WINDOWS\a.bat"
O4 - HKLM\..\RunOnce: [SpybotDeletingC9080] cmd /c del "C:\WINDOWS\a.bat"
O4 - HKLM\..\RunOnce: [SpybotDeletingA3484] command /c del "C:\WINDOWS\base64.tmp"
O4 - HKLM\..\RunOnce: [SpybotDeletingC9901] cmd /c del "C:\WINDOWS\base64.tmp"
O4 - HKLM\..\RunOnce: [SpybotDeletingA4963] command /c del "C:\WINDOWS\bdn.com"
O4 - HKLM\..\RunOnce: [SpybotDeletingC6505] cmd /c del "C:\WINDOWS\bdn.com"
O4 - HKLM\..\RunOnce: [SpybotDeletingA7274] command /c del "C:\WINDOWS\FVProtect.exe"
O4 - HKLM\..\RunOnce: [SpybotDeletingC5443] cmd /c del "C:\WINDOWS\FVProtect.exe"
O4 - HKLM\..\RunOnce: [SpybotDeletingA8153] command /c del "C:\WINDOWS\mssecu.exe"
O4 - HKLM\..\RunOnce: [SpybotDeletingC9757] cmd /c del "C:\WINDOWS\mssecu.exe"
O4 - HKLM\..\RunOnce: [SpybotDeletingA8501] command /c del "C:\WINDOWS\userconfig9x.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingC1051] cmd /c del "C:\WINDOWS\userconfig9x.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingA6170] command /c del "C:\WINDOWS\zip1.tmp"
O4 - HKLM\..\RunOnce: [SpybotDeletingC6372] cmd /c del "C:\WINDOWS\zip1.tmp"
O4 - HKLM\..\RunOnce: [SpybotDeletingA6336] command /c del "C:\WINDOWS\zip2.tmp"
O4 - HKLM\..\RunOnce: [SpybotDeletingC6357] cmd /c del "C:\WINDOWS\zip2.tmp"
O4 - HKLM\..\RunOnce: [SpybotDeletingA7652] command /c del "C:\WINDOWS\zip3.tmp"
O4 - HKLM\..\RunOnce: [SpybotDeletingC5491] cmd /c del "C:\WINDOWS\zip3.tmp"
O4 - HKLM\..\RunOnce: [SpybotDeletingA299] command /c del "C:\WINDOWS\zipped.tmp"
O4 - HKLM\..\RunOnce: [SpybotDeletingC1020] cmd /c del "C:\WINDOWS\zipped.tmp"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [Configuration de la C-BOX] C:\Program Files\Cegetel\C-BOX\Wizard\QuickAccess.exe
O4 - HKCU\..\Run: [Creative Live! Cam Manager] "C:\Program Files\Creative\Creative Live! Cam\Live! Cam Manager\CTLCMgr.exe"
O4 - HKCU\..\Run: [AnyDVD] C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BitComet] "C:\Program Files\BitComet\BitComet.exe" /tray
O4 - HKCU\..\Run: [EPSON Stylus DX4400 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICAE.EXE /FU "C:\WINDOWS\TEMP\E_S24A.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [apicfgwin] C:\WINDOWS\system32\petapkxm.exe
O4 - HKCU\..\RunOnce: [SpybotDeletingB5206] command /c del "C:\WINDOWS\system32\smp\msrc.exe"
O4 - HKCU\..\RunOnce: [SpybotDeletingD8864] cmd /c del "C:\WINDOWS\system32\smp\msrc.exe"
O4 - HKCU\..\RunOnce: [SpybotDeletingB6590] command /c del "C:\WINDOWS\iTunesMusic.exe"
O4 - HKCU\..\RunOnce: [SpybotDeletingD5461] cmd /c del "C:\WINDOWS\iTunesMusic.exe"
O4 - HKCU\..\RunOnce: [SpybotDeletingB1221] command /c del "C:\WINDOWS\winsystem.exe"
O4 - HKCU\..\RunOnce: [SpybotDeletingD7062] cmd /c del "C:\WINDOWS\winsystem.exe"
O4 - HKCU\..\RunOnce: [SpybotDeletingB1479] command /c del "C:\WINDOWS\system32\akttzn.exe"
O4 - HKCU\..\RunOnce: [SpybotDeletingD2271] cmd /c del "C:\WINDOWS\system32\akttzn.exe"
O4 - HKCU\..\RunOnce: [SpybotDeletingB9778] command /c del "C:\WINDOWS\system32\anticipator.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingD4464] cmd /c del "C:\WINDOWS\system32\anticipator.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingB5689] command /c del "C:\WINDOWS\system32\awtoolb.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingD1669] cmd /c del "C:\WINDOWS\system32\awtoolb.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingB866] command /c del "C:\WINDOWS\FVProtect.exe"
O4 - HKCU\..\RunOnce: [SpybotDeletingD7972] cmd /c del "C:\WINDOWS\system32\bdn.com"
O4 - HKCU\..\RunOnce: [SpybotDeletingB5803] command /c del "C:\WINDOWS\system32\bsva-egihsg52.exe"
O4 - HKCU\..\RunOnce: [SpybotDeletingD6418] cmd /c del "C:\WINDOWS\system32\bsva-egihsg52.exe"
O4 - HKCU\..\RunOnce: [SpybotDeletingB2293] command /c del "C:\WINDOWS\system32\dpcproxy.exe"
O4 - HKCU\..\RunOnce: [SpybotDeletingD169] cmd /c del "C:\WINDOWS\system32\dpcproxy.exe"
O4 - HKCU\..\RunOnce: [SpybotDeletingB4436] command /c del "C:\WINDOWS\system32\emesx.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingD715] cmd /c del "C:\WINDOWS\system32\emesx.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingB2032] command /c del "C:\WINDOWS\system32\hoproxy.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingD7132] cmd /c del "C:\WINDOWS\system32\hoproxy.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingB7078] command /c del "C:\WINDOWS\system32\hxiwlgpm.dat"
O4 - HKCU\..\RunOnce: [SpybotDeletingD554] cmd /c del "C:\WINDOWS\system32\hxiwlgpm.dat"
O4 - HKCU\..\RunOnce: [SpybotDeletingB4828] command /c del "C:\WINDOWS\system32\hxiwlgpm.exe"
O4 - HKCU\..\RunOnce: [SpybotDeletingD9868] cmd /c del "C:\WINDOWS\system32\hxiwlgpm.exe"
O4 - HKCU\..\RunOnce: [SpybotDeletingB5978] command /c del "C:\WINDOWS\system32\medup012.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingD4125] cmd /c del "C:\WINDOWS\system32\medup012.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingB3098] command /c del "C:\WINDOWS\system32\msgp.exe"
O4 - HKCU\..\RunOnce: [SpybotDeletingD79] cmd /c del "C:\WINDOWS\system32\msgp.exe"
O4 - HKCU\..\RunOnce: [SpybotDeletingB4288] command /c del "C:\WINDOWS\system32\msnbho.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingD7599] cmd /c del "C:\WINDOWS\system32\msnbho.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingB5727] command /c del "C:\WINDOWS\system32\mssecu.exe"
O4 - HKCU\..\RunOnce: [SpybotDeletingD1609] cmd /c del "C:\WINDOWS\system32\mssecu.exe"
O4 - HKCU\..\RunOnce: [SpybotDeletingB7955] command /c del "C:\WINDOWS\system32\msvchost.exe"
O4 - HKCU\..\RunOnce: [SpybotDeletingD1155] cmd /c del "C:\WINDOWS\system32\msvchost.exe"
O4 - HKCU\..\RunOnce: [SpybotDeletingB6618] command /c del "C:\WINDOWS\system32\mtr2.exe"
O4 - HKCU\..\RunOnce: [SpybotDeletingD3780] cmd /c del "C:\WINDOWS\system32\mtr2.exe"
O4 - HKCU\..\RunOnce: [SpybotDeletingB4105] command /c del "C:\WINDOWS\system32\mwin32.exe"
O4 - HKCU\..\RunOnce: [SpybotDeletingD5028] cmd /c del "C:\WINDOWS\system32\mwin32.exe"
O4 - HKCU\..\RunOnce: [SpybotDeletingB7947] command /c del "C:\WINDOWS\system32\netode.exe"
O4 - HKCU\..\RunOnce: [SpybotDeletingD3095] cmd /c del "C:\WINDOWS\system32\netode.exe"
O4 - HKCU\..\RunOnce: [SpybotDeletingB5725] command /c del "C:\WINDOWS\system32\newsd32.exe"
O4 - HKCU\..\RunOnce: [SpybotDeletingD5360] cmd /c del "C:\WINDOWS\system32\newsd32.exe"
O4 - HKCU\..\RunOnce: [SpybotDeletingB5398] command /c del "C:\WINDOWS\system32\ps1.exe"
O4 - HKCU\..\RunOnce: [SpybotDeletingD6288] cmd /c del "C:\WINDOWS\system32\ps1.exe"
O4 - HKCU\..\RunOnce: [SpybotDeletingB4153] command /c del "C:\WINDOWS\system32\psof1.exe"
O4 - HKCU\..\RunOnce: [SpybotDeletingD6675] cmd /c del "C:\WINDOWS\system32\psof1.exe"
O4 - HKCU\..\RunOnce: [SpybotDeletingB3143] command /c del "C:\WINDOWS\system32\psoft1.exe"
O4 - HKCU\..\RunOnce: [SpybotDeletingD9862] cmd /c del "C:\WINDOWS\system32\psoft1.exe"
O4 - HKCU\..\RunOnce: [SpybotDeletingB662] command /c del "C:\WINDOWS\system32\regc64.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingD3084] cmd /c del "C:\WINDOWS\system32\regc64.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingB6585] command /c del "C:\WINDOWS\system32\regm64.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingD9175] cmd /c del "C:\WINDOWS\system32\regm64.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingB3373] command /c del "C:\WINDOWS\system32\Rundl1.exe"
O4 - HKCU\..\RunOnce: [SpybotDeletingD9822] cmd /c del "C:\WINDOWS\system32\Rundl1.exe"
O4 - HKCU\..\RunOnce: [SpybotDeletingB1837] command /c del "C:\WINDOWS\system32\sncntr.exe"
O4 - HKCU\..\RunOnce: [SpybotDeletingD4691] cmd /c del "C:\WINDOWS\system32\sncntr.exe"
O4 - HKCU\..\RunOnce: [SpybotDeletingB6515] command /c del "C:\WINDOWS\system32\ssurf022.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingD9935] cmd /c del "C:\WINDOWS\system32\ssurf022.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingB9175] command /c del "C:\WINDOWS\system32\ssvchost.com"
O4 - HKCU\..\RunOnce: [SpybotDeletingD6319] cmd /c del "C:\WINDOWS\system32\ssvchost.com"
O4 - HKCU\..\RunOnce: [SpybotDeletingB6447] command /c del "C:\WINDOWS\system32\ssvchost.exe"
O4 - HKCU\..\RunOnce: [SpybotDeletingD6844] cmd /c del "C:\WINDOWS\system32\ssvchost.exe"
O4 - HKCU\..\RunOnce: [SpybotDeletingB2535] command /c del "C:\WINDOWS\system32\sysreq.exe"
O4 - HKCU\..\RunOnce: [SpybotDeletingD6963] cmd /c del "C:\WINDOWS\system32\sysreq.exe"
O4 - HKCU\..\RunOnce: [SpybotDeletingB9300] command /c del "C:\WINDOWS\system32\taack.dat"
O4 - HKCU\..\RunOnce: [SpybotDeletingD6702] cmd /c del "C:\WINDOWS\system32\taack.dat"
O4 - HKCU\..\RunOnce: [SpybotDeletingB6837] command /c del "C:\WINDOWS\system32\taack.exe"
O4 - HKCU\..\RunOnce: [SpybotDeletingD7467] cmd /c del "C:\WINDOWS\system32\taack.exe"
O4 - HKCU\..\RunOnce: [SpybotDeletingB987] command /c del "C:\WINDOWS\system32\temp#01.exe"
O4 - HKCU\..\RunOnce: [SpybotDeletingD8253] cmd /c del "C:\WINDOWS\system32\temp#01.exe"
O4 - HKCU\..\RunOnce: [SpybotDeletingB7029] command /c del "C:\WINDOWS\system32\thun.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingD835] cmd /c del "C:\WINDOWS\system32\thun.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingB375] command /c del "C:\WINDOWS\system32\thun32.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingD597] cmd /c del "C:\WINDOWS\system32\thun32.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingB7111] command /c del "C:\WINDOWS\system32\VBIEWER.OCX"
O4 - HKCU\..\RunOnce: [SpybotDeletingD1738] cmd /c del "C:\WINDOWS\system32\VBIEWER.OCX"
O4 - HKCU\..\RunOnce: [SpybotDeletingB6955] command /c del "C:\WINDOWS\system32\vbsys2.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingD5660] cmd /c del "C:\WINDOWS\system32\vbsys2.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingB9154] command /c del "C:\WINDOWS\system32\vcatchpi.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingD7187] cmd /c del "C:\WINDOWS\system32\vcatchpi.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingB420] command /c del "C:\WINDOWS\system32\winlogonpc.exe"
O4 - HKCU\..\RunOnce: [SpybotDeletingD2953] cmd /c del "C:\WINDOWS\system32\winlogonpc.exe"
O4 - HKCU\..\RunOnce: [SpybotDeletingB8337] command /c del "C:\WINDOWS\system32\winsystem.exe"
O4 - HKCU\..\RunOnce: [SpybotDeletingD6356] cmd /c del "C:\WINDOWS\system32\winsystem.exe"
O4 - HKCU\..\RunOnce: [SpybotDeletingB9084] command /c del "C:\WINDOWS\system32\WINWGPX.EXE"
O4 - HKCU\..\RunOnce: [SpybotDeletingD3606] cmd /c del "C:\WINDOWS\system32\WINWGPX.EXE"
O4 - HKCU\..\RunOnce: [SpybotDeletingB7683] command /c del "C:\WINDOWS\a.bat"
O4 - HKCU\..\RunOnce: [SpybotDeletingD7069] cmd /c del "C:\WINDOWS\a.bat"
O4 - HKCU\..\RunOnce: [SpybotDeletingB9246] command /c del "C:\WINDOWS\base64.tmp"
O4 - HKCU\..\RunOnce: [SpybotDeletingD6922] cmd /c del "C:\WINDOWS\base64.tmp"
O4 - HKCU\..\RunOnce: [SpybotDeletingB65] command /c del "C:\WINDOWS\bdn.com"
O4 - HKCU\..\RunOnce: [SpybotDeletingD4477] cmd /c del "C:\WINDOWS\bdn.com"
O4 - HKCU\..\RunOnce: [SpybotDeletingD7447] cmd /c del "C:\WINDOWS\FVProtect.exe"
O4 - HKCU\..\RunOnce: [SpybotDeletingB1694] command /c del "C:\WINDOWS\mssecu.exe"
O4 - HKCU\..\RunOnce: [SpybotDeletingD7289] cmd /c del "C:\WINDOWS\mssecu.exe"
O4 - HKCU\..\RunOnce: [SpybotDeletingB8172] command /c del "C:\WINDOWS\userconfig9x.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingD4456] cmd /c del "C:\WINDOWS\userconfig9x.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingB5020] command /c del "C:\WINDOWS\zip1.tmp"
O4 - HKCU\..\RunOnce: [SpybotDeletingD6787] cmd /c del "C:\WINDOWS\zip1.tmp"
O4 - HKCU\..\RunOnce: [SpybotDeletingB4829] command /c del "C:\WINDOWS\zip2.tmp"
O4 - HKCU\..\RunOnce: [SpybotDeletingD6606] cmd /c del "C:\WINDOWS\zip2.tmp"
O4 - HKCU\..\RunOnce: [SpybotDeletingB5169] command /c del "C:\WINDOWS\zip3.tmp"
O4 - HKCU\..\RunOnce: [SpybotDeletingD5179] cmd /c del "C:\WINDOWS\zip3.tmp"
O4 - HKCU\..\RunOnce: [SpybotDeletingB1422] command /c del "C:\WINDOWS\zipped.tmp"
O4 - HKCU\..\RunOnce: [SpybotDeletingD9978] cmd /c del "C:\WINDOWS\zipped.tmp"
O4 - HKLM\..\Policies\Explorer\Run: [kPv5ZlRg3F] C:\Documents and Settings\All Users\Application Data\bqbodyxo\rufqxmje.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Assistant d'Acrobat.lnk = C:\Program Files\Adobe\Adobe Acrobat 6.0\Distillr\acrotray.exe
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: BitComet Search - {461CC20B-FB6E-4f16-8FE8-C29359DB100E} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.8.30.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} (Performance Viewer Activex Control) - https://secure.logmein.com/activex/RACtrl.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{59B8D619-0CD9-41D8-8364-6B2BAB9BF950}: NameServer = 213.30.96.108,213.203.124.146
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O21 - SSODL: infoen - {08AA84D9-CBF4-F2DD-3E1A-01F02C470590} - C:\Program Files\dhahmac\infoen.dll
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Program Files\x86\RaMaint.exe
O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Program Files\x86\LogMeIn.exe
O23 - Service: Trend Micro Central Control Component (PcCtlCom) - Trend Micro Incorporated. - C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe
O23 - Service: Trend Micro Real-time Service (Tmntsrv) - Trend Micro Incorporated. - C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe
O23 - Service: Trend Micro Personal Firewall (TmPfw) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
O23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe
O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Program Files\Windows Live\installer\WLSetupSvc.exe
--
End of file - 28322 bytes
- | Alerter
Re,
Télécharge MalwareByte's Anti-Malware sur ton Bureau.
Installe-le en double-cliquant sur le fichier Download_mbam-setup.exe.
Une fois l'installation et la mise à jour effectuées, redémarre en mode sans échec.
AIDE : Redémarrer en mode sans échec
Exécute maintenant MalwareByte's Anti-Malware. Si cela n'est pas déjà fait, sélectionne "Exécuter un examen complet".
Afin de lancer la recherche, clic sur"Rechercher".
Une fois le scan terminé, une fenêtre s'ouvre, clic sur OK. Deux possibilités s'offrent à toi :
-- si le programme n'a rien trouvé, appuie sur OK. Un rapport va apparaître, ferme-le.
-- si des infections sont présentes, clic sur "Afficher les résultats" puis sur "Supprimer la sélection". Enregistre le rapport sur ton Bureau afin de le poster dans ta prochaine réponse.
[#ff0000]REMARQUE : Si MalwareByte's Anti-Malware a besoin de redémarrer pour terminer la suppression, accepte en cliquant sur Ok.[/#f]
AIDE : Tuto en images sur MBAM
![;)]( ";)")
Télécharge MalwareByte's Anti-Malware sur ton Bureau.
Installe-le en double-cliquant sur le fichier Download_mbam-setup.exe.
Une fois l'installation et la mise à jour effectuées, redémarre en mode sans échec.
AIDE : Redémarrer en mode sans échec
-- si le programme n'a rien trouvé, appuie sur OK. Un rapport va apparaître, ferme-le.
-- si des infections sont présentes, clic sur "Afficher les résultats" puis sur "Supprimer la sélection". Enregistre le rapport sur ton Bureau afin de le poster dans ta prochaine réponse.
[#ff0000]REMARQUE : Si MalwareByte's Anti-Malware a besoin de redémarrer pour terminer la suppression, accepte en cliquant sur Ok.[/#f]
AIDE : Tuto en images sur MBAM
- | Alerter
Contenus similaires
- Windows alert security virus - Forum
- Virus window live - Forum
- Virus gendarmerie window xp - Forum
- Virus alerte sécurité windows - Forum
Bonjour,
j'ai executé Malwarebyte's Anti-Malware et voici le rapport :
Malwarebytes' Anti-Malware 1.28
Database version: 1248
Windows 5.1.2600 Service Pack 2
09/10/2008 23:54:10
mbam-log-2008-10-09 (23-54-10).txt
Scan type: Full Scan (C:\|D:\|)
Objects scanned: 131335
Time elapsed: 1 hour(s), 14 minute(s), 21 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 3
Registry Values Infected: 4
Registry Data Items Infected: 0
Folders Infected: 5
Files Infected: 20
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
HKEY_CLASSES_ROOT\CLSID\{08AA84D9-CBF4-F2DD-3E1A-01F02C470590} (Trojan.FakeAlert.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\xp_antispyware (Rogue.XPAntiSpyware) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\XP_Antispyware (Rogue.XPAntiSpyware) -> Quarantined and deleted successfully.
Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\infoen (Trojan.FakeAlert.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\brastk (Trojan.FakeAlert.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\kpv5zlrg3f (Trojan.FakeAlert.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\xp antispyware 2009 (Rogue.XPAntiSpyware) -> Quarantined and deleted successfully.
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
C:\Program Files\XP_AntiSpyware (Rogue.XPAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\XP_AntiSpyware\data (Rogue.XPAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\XP_AntiSpyware\Microsoft.VC80.CRT (Rogue.XPAntiSpyware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Moi Même\Application Data\DriveCleaner 2006 Free (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
C:\Documents and Settings\Moi Même\Application Data\DriveCleaner 2006 Free\Logs (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
Files Infected:
C:\Program Files\dhahmac\infoen.dll (Trojan.FakeAlert.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\brastk.exe (Trojan.FakeAlert.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\bqbodyxo\rufqxmje.exe (Trojan.FakeAlert.H) -> Quarantined and deleted successfully.
C:\Program Files\XP_AntiSpyware\comp.dat (Rogue.XPAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\XP_AntiSpyware\htmlayout.dll (Rogue.XPAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\XP_AntiSpyware\pthreadVC2.dll (Rogue.XPAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\XP_AntiSpyware\Uninstall.exe (Rogue.XPAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\XP_AntiSpyware\wscui.cpl (Rogue.XPAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\XP_AntiSpyware\XP_AntiSpyware.exe (Rogue.XPAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\XP_AntiSpyware\data\daily.cvd (Rogue.XPAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\XP_AntiSpyware\Microsoft.VC80.CRT\Microsoft.VC80.CRT.manifest (Rogue.XPAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\XP_AntiSpyware\Microsoft.VC80.CRT\msvcm80.dll (Rogue.XPAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\XP_AntiSpyware\Microsoft.VC80.CRT\msvcp80.dll (Rogue.XPAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\XP_AntiSpyware\Microsoft.VC80.CRT\msvcr80.dll (Rogue.XPAntiSpyware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Moi Même\Application Data\DriveCleaner 2006 Free\Logs\update.log (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
C:\Documents and Settings\Moi Même\Application Data\Microsoft\Internet Explorer\Quick Launch\XP_AntiSpyware.lnk (Rogue.XPAntiSpyware) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\_scui.cpl (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\Moi Même\Bureau\XP_AntiSpyware.lnk (Rogue.XPAntiSpyware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Moi Même\delself.bat (Malware.Trace) -> Quarantined and deleted successfully.
C:\Program Files\services.sma (Heuristics.Reserved.Word.Exploit) -> Quarantined and deleted successfully.
j'ai executé Malwarebyte's Anti-Malware et voici le rapport :
Malwarebytes' Anti-Malware 1.28
Database version: 1248
Windows 5.1.2600 Service Pack 2
09/10/2008 23:54:10
mbam-log-2008-10-09 (23-54-10).txt
Scan type: Full Scan (C:\|D:\|)
Objects scanned: 131335
Time elapsed: 1 hour(s), 14 minute(s), 21 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 3
Registry Values Infected: 4
Registry Data Items Infected: 0
Folders Infected: 5
Files Infected: 20
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
HKEY_CLASSES_ROOT\CLSID\{08AA84D9-CBF4-F2DD-3E1A-01F02C470590} (Trojan.FakeAlert.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\xp_antispyware (Rogue.XPAntiSpyware) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\XP_Antispyware (Rogue.XPAntiSpyware) -> Quarantined and deleted successfully.
Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\infoen (Trojan.FakeAlert.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\brastk (Trojan.FakeAlert.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\kpv5zlrg3f (Trojan.FakeAlert.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\xp antispyware 2009 (Rogue.XPAntiSpyware) -> Quarantined and deleted successfully.
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
C:\Program Files\XP_AntiSpyware (Rogue.XPAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\XP_AntiSpyware\data (Rogue.XPAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\XP_AntiSpyware\Microsoft.VC80.CRT (Rogue.XPAntiSpyware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Moi Même\Application Data\DriveCleaner 2006 Free (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
C:\Documents and Settings\Moi Même\Application Data\DriveCleaner 2006 Free\Logs (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
Files Infected:
C:\Program Files\dhahmac\infoen.dll (Trojan.FakeAlert.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\brastk.exe (Trojan.FakeAlert.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\bqbodyxo\rufqxmje.exe (Trojan.FakeAlert.H) -> Quarantined and deleted successfully.
C:\Program Files\XP_AntiSpyware\comp.dat (Rogue.XPAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\XP_AntiSpyware\htmlayout.dll (Rogue.XPAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\XP_AntiSpyware\pthreadVC2.dll (Rogue.XPAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\XP_AntiSpyware\Uninstall.exe (Rogue.XPAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\XP_AntiSpyware\wscui.cpl (Rogue.XPAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\XP_AntiSpyware\XP_AntiSpyware.exe (Rogue.XPAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\XP_AntiSpyware\data\daily.cvd (Rogue.XPAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\XP_AntiSpyware\Microsoft.VC80.CRT\Microsoft.VC80.CRT.manifest (Rogue.XPAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\XP_AntiSpyware\Microsoft.VC80.CRT\msvcm80.dll (Rogue.XPAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\XP_AntiSpyware\Microsoft.VC80.CRT\msvcp80.dll (Rogue.XPAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\XP_AntiSpyware\Microsoft.VC80.CRT\msvcr80.dll (Rogue.XPAntiSpyware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Moi Même\Application Data\DriveCleaner 2006 Free\Logs\update.log (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
C:\Documents and Settings\Moi Même\Application Data\Microsoft\Internet Explorer\Quick Launch\XP_AntiSpyware.lnk (Rogue.XPAntiSpyware) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\_scui.cpl (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\Moi Même\Bureau\XP_AntiSpyware.lnk (Rogue.XPAntiSpyware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Moi Même\delself.bat (Malware.Trace) -> Quarantined and deleted successfully.
C:\Program Files\services.sma (Heuristics.Reserved.Word.Exploit) -> Quarantined and deleted successfully.
- | Alerter
J'ai également fait des recherche sur le site malekal.com hier soir concernant les rogues et j'ai executé SmitFraudFix.exe qui m'a généré deux rapports (1 avant correction et 1 après), les voici :
(ces deux rapports sont sur le même post.
RAPPORT AVANT CORRECTION
SmitFraudFix v2.357
Rapport fait à 9:15:41,48, 10/10/2008
Executé à partir de C:\Documents and Settings\Moi Mˆme\Bureau\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Le type du système de fichiers est NTFS
Fix executé en mode sans echec
»»»»»»»»»»»»»»»»»»»»»»»» Process
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\cmd.exe
»»»»»»»»»»»»»»»»»»»»»»»» hosts
Fichier hosts corrompu !
127.0.0.1 www.legal-at-spybot.info
127.0.0.1 legal-at-spybot.info
»»»»»»»»»»»»»»»»»»»»»»»» C:\
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32
»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Administrateur
»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Administrateur\Application Data
»»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer
»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\ADMINI~1\Favoris
»»»»»»»»»»»»»»»»»»»»»»»» Bureau
»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files
»»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues
»»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau
»»»»»»»»»»»»»»»»»»»»»»»» o4Patch
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
o4Patch
Credits: Malware Analysis & Diagnostic
Code: S!Ri
»»»»»»»»»»»»»»»»»»»»»»»» IEDFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
IEDFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri
»»»»»»»»»»»»»»»»»»»»»»»» VACFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
VACFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri
»»»»»»»»»»»»»»»»»»»»»»»» 404Fix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
404Fix
Credits: Malware Analysis & Diagnostic
Code: S!Ri
»»»»»»»»»»»»»»»»»»»»»»»» AntiXPVSTFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
AntiXPVSTFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri
»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll
»»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=""
»»»»»»»»»»»»»»»»»»»»»»»» Winlogon
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"Userinit"="C:\\WINDOWS\\system32\\userinit.exe,"
"System"=""
»»»»»»»»»»»»»»»»»»»»»»»» RK
»»»»»»»»»»»»»»»»»»»»»»»» DNS
HKLM\SYSTEM\CCS\Services\Tcpip\..\{59B8D619-0CD9-41D8-8364-6B2BAB9BF950}: NameServer=213.30.96.108,213.203.124.146
HKLM\SYSTEM\CS1\Services\Tcpip\..\{59B8D619-0CD9-41D8-8364-6B2BAB9BF950}: NameServer=213.30.96.108,213.203.124.146
HKLM\SYSTEM\CS3\Services\Tcpip\..\{59B8D619-0CD9-41D8-8364-6B2BAB9BF950}: NameServer=213.30.96.108,213.203.124.146
»»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll
»»»»»»»»»»»»»»»»»»»»»»»» Fin
RAPPORT APRES CORRECTION
SmitFraudFix v2.357
Rapport fait à 9:19:12,12, 10/10/2008
Executé à partir de C:\Documents and Settings\Moi Mˆme\Bureau\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Le type du système de fichiers est NTFS
Fix executé en mode sans echec
»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Avant SmitFraudFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll
»»»»»»»»»»»»»»»»»»»»»»»» Arret des processus
»»»»»»»»»»»»»»»»»»»»»»»» hosts
127.0.0.1 localhost
127.0.0.1 iw2.slysoft.com
127.0.0.1 h3.slysoft.com
127.0.0.1 slysoft.com
127.0.0.1 sb2slysoft.com
127.0.0.1 ns6.gandi.net
127.0.0.1 ev1slysoft.com
127.0.0.1 ev1.slysoft.com
127.0.0.1 iw2.slysoft.com
127.0.0.1 reverse.privatedns.com
127.0.0.1 iw2.slysoft.com
127.0.0.1 h3.slysoft.com
127.0.0.1 slysoft.com
127.0.0.1 sb2slysoft.com
127.0.0.1 ns6.gandi.net
127.0.0.1 ev1slysoft.com
127.0.0.1 ev1.slysoft.com
127.0.0.1 iw2.slysoft.com
127.0.0.1 reverse.privatedns.com
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
127.0.0.1 123topsearch.com
127.0.0.1 www.123topsearch.com
127.0.0.1 132.com
127.0.0.1 www.132.com
127.0.0.1 www.136136.net
127.0.0.1 136136.net
127.0.0.1 163ns.com
127.0.0.1 www.163ns.com
127.0.0.1 171203.com
127.0.0.1 17-plus.com
127.0.0.1 1800searchonline.com
127.0.0.1 www.1800searchonline.com
127.0.0.1 180searchassistant.com
127.0.0.1 www.180searchassistant.com
127.0.0.1 www.180solutions.com
127.0.0.1 180solutions.com
127.0.0.1 181.365soft.info
127.0.0.1 www.181.365soft.info
127.0.0.1 www.1987324.com
127.0.0.1 1987324.com
127.0.0.1 1clickpcfix.com
127.0.0.1 www.1clickpcfix.com
127.0.0.1 1-domains-registrations.com
127.0.0.1 www.1-domains-registrations.com
127.0.0.1 www.1sexparty.com
127.0.0.1 1sexparty.com
127.0.0.1 www.1stantivirus.com
127.0.0.1 1stantivirus.com
127.0.0.1 www.1stpagehere.com
127.0.0.1 1stpagehere.com
127.0.0.1 www.1stsearchportal.com
127.0.0.1 1stsearchportal.com
127.0.0.1 2.82211.net
127.0.0.1 www.2006ooo.com
127.0.0.1 2006ooo.com
127.0.0.1 www.2007-download.com
127.0.0.1 2007-download.com
127.0.0.1 www.2008-search-destroy.com
127.0.0.1 2008-search-destroy.com
127.0.0.1 www.2020search.com
127.0.0.1 2020search.com
127.0.0.1 20x2p.com
127.0.0.1 24.365soft.info
127.0.0.1 www.24.365soft.info
127.0.0.1 www.24-7pharmacy.info
127.0.0.1 24-7pharmacy.info
127.0.0.1 24-7searching-and-more.com
127.0.0.1 www.24-7searching-and-more.com
127.0.0.1 www.24teen.com
127.0.0.1 24teen.com
127.0.0.1 2ndpower.com
127.0.0.1 www.2search.com
127.0.0.1 2search.com
127.0.0.1 www.2search.org
127.0.0.1 2search.org
127.0.0.1 www.2squared.com
127.0.0.1 2squared.com
127.0.0.1 www.3322.org
127.0.0.1 3322.org
127.0.0.1 365soft.info
127.0.0.1 www.36site.com
127.0.0.1 36site.com
127.0.0.1 3721.com
127.0.0.1 39-93.com
127.0.0.1 www.3bay.it
127.0.0.1 3bay.it
127.0.0.1 www.3xclipsonline.com
127.0.0.1 3xclipsonline.com
127.0.0.1 www.3xcurves.com
127.0.0.1 3xcurves.com
127.0.0.1 www.3xfestival.com
127.0.0.1 3xfestival.com
127.0.0.1 3x-festival.com
127.0.0.1 www.3x-festival.com
127.0.0.1 3x-galls.com
127.0.0.1 www.3x-galls.com
127.0.0.1 www.3xmiracle.com
127.0.0.1 3xmiracle.com
127.0.0.1 www.3xmoviesblog.com
127.0.0.1 3xmoviesblog.com
127.0.0.1 www.404dns.com
127.0.0.1 404dns.com
127.0.0.1 www.4199.com
127.0.0.1 4199.com
127.0.0.1 www.4corn.net
127.0.0.1 4corn.net
127.0.0.1 www.4ebay.it
127.0.0.1 4ebay.it
127.0.0.1 4klm.com
127.0.0.1 www.4mpg.com
127.0.0.1 4mpg.com
127.0.0.1 www.59cn.cn
127.0.0.1 59cn.cn
127.0.0.1 www.5starsblog.com
127.0.0.1 5starsblog.com
127.0.0.1 www.5zgmu7o20kt5d8yq.com
127.0.0.1 5zgmu7o20kt5d8yq.com
127.0.0.1 www.680180.net
127.0.0.1 680180.net
127.0.0.1 www.6sek.com
127.0.0.1 6sek.com
127.0.0.1 www.70-music.com
127.0.0.1 70-music.com
127.0.0.1 www.7322.com
127.0.0.1 7322.com
127.0.0.1 www.745970.com
127.0.0.1 745970.com
127.0.0.1 75tz.com
127.0.0.1 www.777search.com
127.0.0.1 777search.com
127.0.0.1 www.777top.com
127.0.0.1 777top.com
127.0.0.1 www.7939.com
127.0.0.1 7939.com
127.0.0.1 www.7search.com
127.0.0.1 7search.com
127.0.0.1 80gw6ry3i3x3qbrkwhxhw.032439.com
127.0.0.1 www.80-music.com
127.0.0.1 80-music.com
127.0.0.1 82211.net
127.0.0.1 8866.org
127.0.0.1 www.88vcd.com
127.0.0.1 88vcd.com
127.0.0.1 www.8ad.com
127.0.0.1 8ad.com
127.0.0.1 www.90-music.com
127.0.0.1 90-music.com
127.0.0.1 www.9505.com
127.0.0.1 9505.com
127.0.0.1 www.971searchbox.com
127.0.0.1 971searchbox.com
127.0.0.1 9mmporn.com
127.0.0.1 a.bestmanage.org
127.0.0.1 www.aaabesthomepage.com
127.0.0.1 aaabesthomepage.com
127.0.0.1 aaasexypics.com
127.0.0.1 www.aaawebfinder.com
127.0.0.1 aaawebfinder.com
127.0.0.1 aaqadarsztriv.com
127.0.0.1 www.aaqadarsztriv.com
127.0.0.1 www.aaqada-rsztriv.com
127.0.0.1 aaqada-rsztriv.com
127.0.0.1 www.aaqadaueorn.com
127.0.0.1 aaqadaueorn.com
127.0.0.1 www.aaqada-ueorn.com
127.0.0.1 aaqada-ueorn.com
127.0.0.1 aaqada-ygco.com
127.0.0.1 www.aaqada-ygco.com
127.0.0.1 aaqada-ymct.com
127.0.0.1 www.aaqada-ymct.com
127.0.0.1 aav2008.com
127.0.0.1 www.aav2008.com
127.0.0.1 aavc.com
127.0.0.1 www.abccodec.com
127.0.0.1 abccodec.com
127.0.0.1 www.abcdperformance.com
127.0.0.1 abcdperformance.com
127.0.0.1 abc-find.info
127.0.0.1 www.abc-find.info
127.0.0.1 abcsearch.com
127.0.0.1 www.abcsearch.com
127.0.0.1 www.abcways.com
127.0.0.1 abcways.com
127.0.0.1 abetterinternet.com
127.0.0.1 www.abetterinternet.com
127.0.0.1 www.abnetsoft.info
127.0.0.1 abnetsoft.info
127.0.0.1 about-adult.net
127.0.0.1 www.about-adult.net
127.0.0.1 aboutclicker.com
127.0.0.1 www.aboutclicker.com
127.0.0.1 abrp.net
127.0.0.1 www.abrp.net
127.0.0.1 absolutee.com
127.0.0.1 www.absolutee.com
127.0.0.1 www.abyssmedia.com
127.0.0.1 abyssmedia.com
127.0.0.1 ac66.cn
127.0.0.1 www.ac66.cn
127.0.0.1 access.navinetwork.com
127.0.0.1 access.rapid-pass.net
127.0.0.1 accessactivexvideo.com
127.0.0.1 www.accessactivexvideo.com
127.0.0.1 www.accessclips.com
127.0.0.1 accessclips.com
127.0.0.1 access-dvd.com
127.0.0.1 www.access-dvd.com
127.0.0.1 accesskeygenerator.com
127.0.0.1 www.accesskeygenerator.com
127.0.0.1 accessthefuture.net
127.0.0.1 www.accessthefuture.net
127.0.0.1 accessvid.net
127.0.0.1 www.accessvid.net
127.0.0.1 acemedic.com
127.0.0.1 www.acemedic.com
127.0.0.1 www.ace-webmaster.com
127.0.0.1 ace-webmaster.com
127.0.0.1 acjp.com
127.0.0.1 acrobat-2007.com
127.0.0.1 www.acrobat-2007.com
127.0.0.1 www.acrobat-8.com
127.0.0.1 acrobat-8.com
127.0.0.1 acrobat-center.com
127.0.0.1 www.acrobat-center.com
127.0.0.1 acrobat-hq.com
127.0.0.1 www.acrobat-hq.com
127.0.0.1 acrobatreader-8.com
127.0.0.1 www.acrobatreader-8.com
127.0.0.1 www.acrobat-reader-8.de
127.0.0.1 acrobat-reader-8.de
127.0.0.1 www.acrobat-stop.com
127.0.0.1 acrobat-stop.com
127.0.0.1 actionbreastcancer.org
127.0.0.1 www.actionbreastcancer.org
127.0.0.1 www.activesearcher.info
127.0.0.1 activesearcher.info
127.0.0.1 activexaccessobject.com
127.0.0.1 www.activexaccessobject.com
127.0.0.1 www.activexaccessvideo.com
127.0.0.1 activexaccessvideo.com
127.0.0.1 activexemedia.com
127.0.0.1 www.activexemedia.com
127.0.0.1 activexmediaobject.com
127.0.0.1 www.activexmediaobject.com
127.0.0.1 www.activexmediapro.com
127.0.0.1 activexmediapro.com
127.0.0.1 activexmediasite.com
127.0.0.1 www.activexmediasite.com
127.0.0.1 activexmediasoftware.com
127.0.0.1 www.activexmediasoftware.com
127.0.0.1 activexmediasource.com
127.0.0.1 www.activexmediasource.com
127.0.0.1 activexmediatool.com
127.0.0.1 www.activexmediatool.com
127.0.0.1 www.activexmediatour.com
127.0.0.1 activexmediatour.com
127.0.0.1 activexsoftwares.com
127.0.0.1 www.activexsoftwares.com
127.0.0.1 activexsource.com
127.0.0.1 www.activexsource.com
127.0.0.1 activexupdate.com
127.0.0.1 www.activexupdate.com
127.0.0.1 activexvideo.com
127.0.0.1 www.activexvideo.com
127.0.0.1 www.activexvideotool.com
127.0.0.1 activexvideotool.com
127.0.0.1 ad.marketingsector.com
127.0.0.1 www.ad.marketingsector.com
127.0.0.1 www.ad.mokead.com
127.0.0.1 ad.mokead.com
127.0.0.1 ad.oinadserver.com
127.0.0.1 ad.outerinfoads.com
127.0.0.1 www.ad25.com
127.0.0.1 ad25.com
127.0.0.1 ad45.com
127.0.0.1 www.ad45.com
127.0.0.1 www.ad77.com
127.0.0.1 ad77.com
127.0.0.1 www.ad86.com
127.0.0.1 ad86.com
127.0.0.1 adamsupportgroup.org
127.0.0.1 www.adamsupportgroup.org
127.0.0.1 www.adarmor.com
127.0.0.1 adarmor.com
127.0.0.1 adasearch.com
127.0.0.1 www.adasearch.com
127.0.0.1 adaware.cc
127.0.0.1 www.adawarenow.com
127.0.0.1 adawarenow.com
127.0.0.1 adchannel.contextplus.net
127.0.0.1 www.addetect.com
127.0.0.1 addetect.com
127.0.0.1 www.add-hhh.info
127.0.0.1 add-hhh.info
127.0.0.1 addictivetechnologies.com
127.0.0.1 www.addictivetechnologies.com
127.0.0.1 www.addictivetechnologies.net
127.0.0.1 addictivetechnologies.net
127.0.0.1 www.addioerrori.com
127.0.0.1 addioerrori.com
127.0.0.1 www.add-manager.com
127.0.0.1 add-manager.com
127.0.0.1 www.adgate.info
127.0.0.1 adgate.info
127.0.0.1 www.adintelligence.net
127.0.0.1 adintelligence.net
127.0.0.1 www.adioserrores.com
127.0.0.1 adioserrores.com
127.0.0.1 www.adipics.com
127.0.0.1 adipics.com
127.0.0.1 www.adlogix.com
127.0.0.1 adlogix.com
127.0.0.1 admin2cash.biz
127.0.0.1 www.admin2cash.biz
127.0.0.1 adnet-plus.com
127.0.0.1 www.adnetserver.com
127.0.0.1 adnetserver.com
127.0.0.1 adobe-download-now.com
127.0.0.1 www.adobe-downloads.com
127.0.0.1 adobe-downloads.com
127.0.0.1 www.adobe-reader-8.fr
127.0.0.1 adobe-reader-8.fr
127.0.0.1 www.adprotect.com
127.0.0.1 adprotect.com
127.0.0.1 ads.centralmedia.ws
127.0.0.1 ads.k8l.info
127.0.0.1 ads.kmpads.com
127.0.0.1 ads.kw.revenue.net
127.0.0.1 ads.marketingsector.com
127.0.0.1 ads.searchingbooth.com
127.0.0.1 ads.z-quest.com
127.0.0.1 ads1.revenue.net
127.0.0.1 www.ads183.com
127.0.0.1 ads183.com
127.0.0.1 adscontex.com
127.0.0.1 www.adscontex.com
127.0.0.1 adservices1.enhance.com
127.0.0.1 www.adservices1.enhance.com
127.0.0.1 adservs.com
127.0.0.1 adsextend.net
127.0.0.1 www.adsextend.net
127.0.0.1 adshttp.com
127.0.0.1 www.adshttp.com
127.0.0.1 www.adsniffer.com
127.0.0.1 adsniffer.com
127.0.0.1 adsonwww.com
127.0.0.1 www.adsonwww.com
127.0.0.1 www.adspics.com
127.0.0.1 adspics.com
127.0.0.1 www.adsrevenue.net
127.0.0.1 adsrevenue.net
127.0.0.1 www.adtrak.net
127.0.0.1 adtrak.net
127.0.0.1 adtrgt.com
127.0.0.1 www.adult18codec.com
127.0.0.1 adult18codec.com
127.0.0.1 adult777search.info
127.0.0.1 www.adult777search.info
127.0.0.1 www.adultadworld.com
127.0.0.1 adultadworld.com
127.0.0.1 www.adultan.com
127.0.0.1 adultan.com
127.0.0.1 adultcodec-2008.com
127.0.0.1 www.adultcodec-2008.com
127.0.0.1 www.adultcodecstars.com
127.0.0.1 adultcodecstars.com
127.0.0.1 adult-engine-search.com
127.0.0.1 www.adult-engine-search.com
127.0.0.1 www.adult-erotic-guide.net
127.0.0.1 adult-erotic-guide.net
127.0.0.1 adultfilmsite.com
127.0.0.1 www.adultfilmsite.com
127.0.0.1 adult-friends-finder.net
127.0.0.1 www.adult-friends-finder.net
127.0.0.1 adultgambling.org
127.0.0.1 adult-host.org
127.0.0.1 www.adulthyperlinks.com
127.0.0.1 adulthyperlinks.com
127.0.0.1 www.adultmovieplus.com
127.0.0.1 adultmovieplus.com
127.0.0.1 www.adult-mpg.net
127.0.0.1 adult-mpg.net
127.0.0.1 adult-personal.us
127.0.0.1 adultsgames.net
127.0.0.1 adultsonlyvids.com
127.0.0.1 www.adultsonlyvids.com
127.0.0.1 www.adultsper.com
127.0.0.1 adultsper.com
127.0.0.1 adulttds.com
127.0.0.1 www.adulttds.com
127.0.0.1 www.adultzoneworld.com
127.0.0.1 adultzoneworld.com
127.0.0.1 www.advancedcleaner.com
127.0.0.1 advancedcleaner.com
127.0.0.1 www.advancedpccleaner.com
127.0.0.1 advancedpccleaner.com
127.0.0.1 www.advancedxpfixer.com
127.0.0.1 advancedxpfixer.com
127.0.0.1 advcash.biz
127.0.0.1 www.advcash.biz
127.0.0.1 advert.exaccess.ru
127.0.0.1 www.advertisemoney.info
127.0.0.1 advertisemoney.info
127.0.0.1 advertising.paltalk.com
127.0.0.1 advertising-money.info
127.0.0.1 www.advertising-money.info
127.0.0.1 www.advert-network.com
127.0.0.1 advert-network.com
127.0.0.1 ad-ware.cc
127.0.0.1 ad-w-a-r-e.com
127.0.0.1 www.ad-w-a-r-e.com
127.0.0.1 a-d-w-a-r-e.com
127.0.0.1 www.a-d-w-a-r-e.com
127.0.0.1 www.adware.pro
127.0.0.1 adware.pro
127.0.0.1 www.adwarealert.com
127.0.0.1 adwarealert.com
127.0.0.1 www.ad-warealert.com
127.0.0.1 ad-warealert.com
127.0.0.1 adwarearrest.com
127.0.0.1 www.adwarearrest.com
127.0.0.1 adwarebazooka.com
127.0.0.1 www.adwarebazooka.com
127.0.0.1 adwarebot.com
127.0.0.1 www.adwarebot.com
127.0.0.1 www.adwarecommander.com
127.0.0.1 adwarecommander.com
127.0.0.1 adware-download.com
127.0.0.1 www.adware-download.com
127.0.0.1 www.adwarefinder.com
127.0.0.1 adwarefinder.com
127.0.0.1 www.adwaregold.com
127.0.0.1 adwaregold.com
127.0.0.1 www.adwarepatrol.com
127.0.0.1 adwarepatrol.com
127.0.0.1 www.adwareplatinum.com
127.0.0.1 adwareplatinum.com
127.0.0.1 www.adwarepro.org
127.0.0.1 adwarepro.org
127.0.0.1 www.adwareprotectionsite.com
127.0.0.1 adwareprotectionsite.com
127.0.0.1 www.adwarepunisher.com
127.0.0.1 adwarepunisher.com
127.0.0.1 www.adwareremover.ws
127.0.0.1 adwareremover.ws
127.0.0.1 www.adwaresafety.com
127.0.0.1 adwaresafety.com
127.0.0.1 www.adwarexp.com
127.0.0.1 adwarexp.com
127.0.0.1 www.adwareye.com
127.0.0.1 adwareye.com
127.0.0.1 affiliate.idownload.com
127.0.0.1 www.aflgate.com
127.0.0.1 aflgate.com
127.0.0.1 africaspromise.org
127.0.0.1 agava.com
127.0.0.1 agava.ru
127.0.0.1 agentstudio.com
127.0.0.1 www.ageofconans.net
127.0.0.1 ageofconans.net
127.0.0.1 www.aginegialle.it
127.0.0.1 aginegialle.it
127.0.0.1 www.ahnenforschung.de
127.0.0.1 ahnenforschung.de
127.0.0.1 www.aifind.info
127.0.0.1 aifind.info
127.0.0.1 www.airtleworld.com
127.0.0.1 airtleworld.com
127.0.0.1 www.aitalia.it
127.0.0.1 aitalia.it
127.0.0.1 akamai.downloadv3.com
127.0.0.1 www.aklitalia.it
127.0.0.1 aklitalia.it
127.0.0.1 akril.com
127.0.0.1 alcatel.ws
127.0.0.1 www.alertspy.com
127.0.0.1 alertspy.com
127.0.0.1 www.alfacleaner.com
127.0.0.1 alfacleaner.com
127.0.0.1 alfa-search.com
127.0.0.1 www.alialia.it
127.0.0.1 alialia.it
127.0.0.1 www.aliotalia.it
127.0.0.1 aliotalia.it
127.0.0.1 www.alirtalia.it
127.0.0.1 alirtalia.it
127.0.0.1 www.alitaia.it
127.0.0.1 alitaia.it
127.0.0.1 www.alitaklia.it
127.0.0.1 alitaklia.it
127.0.0.1 www.alitala.it
127.0.0.1 alitala.it
127.0.0.1 www.alitali.it
127.0.0.1 alitali.it
127.0.0.1 www.alitaliaq.it
127.0.0.1 alitaliaq.it
127.0.0.1 www.alitalias.it
127.0.0.1 alitalias.it
127.0.0.1 www.alitaliaz.it
127.0.0.1 alitaliaz.it
127.0.0.1 www.alitalioa.it
127.0.0.1 alitalioa.it
127.0.0.1 www.alitalisa.it
127.0.0.1 alitalisa.it
127.0.0.1 www.alitaliua.it
127.0.0.1 alitaliua.it
127.0.0.1 www.alitalkia.it
127.0.0.1 alitalkia.it
127.0.0.1 www.alitaloia.it
127.0.0.1 alitaloia.it
127.0.0.1 www.alitaluia.it
127.0.0.1 alitaluia.it
127.0.0.1 www.alitaslia.it
127.0.0.1 alitaslia.it
127.0.0.1 www.alitlia.it
127.0.0.1 alitlia.it
127.0.0.1 www.alitralia.it
127.0.0.1 alitralia.it
127.0.0.1 www.alitsalia.it
127.0.0.1 alitsalia.it
127.0.0.1 www.aliutalia.it
127.0.0.1 aliutalia.it
127.0.0.1 all1count.net
127.0.0.1 www.all1count.net
127.0.0.1 all4internet.com
127.0.0.1 www.all4internet.com
127.0.0.1 allabtcars.com
127.0.0.1 allabtjeeps.com
127.0.0.1 all-bittorrent.com
127.0.0.1 www.all-bittorrent.com
127.0.0.1 www.allcollisions.com
127.0.0.1 allcollisions.com
127.0.0.1 www.allcybersearch.com
127.0.0.1 allcybersearch.com
127.0.0.1 www.alldiskscheck300.com
127.0.0.1 alldiskscheck300.com
127.0.0.1 alldnserrors.com
127.0.0.1 www.alldnserrors.com
127.0.0.1 www.all-downloads-now.com
127.0.0.1 all-downloads-now.com
127.0.0.1 all-edonkey.com
127.0.0.1 www.all-edonkey.com
127.0.0.1 www.allertaminacce.com
127.0.0.1 allertaminacce.com
127.0.0.1 allforadult.com
127.0.0.1 allhyperlinks.com
127.0.0.1 alliesecurity.com
127.0.0.1 www.alliesecurity.com
127.0.0.1 all-inet.com
127.0.0.1 allinternetbusiness.com
127.0.0.1 www.all-limewire.com
127.0.0.1 all-limewire.com
127.0.0.1 www.allmegabucks.com
127.0.0.1 allmegabucks.com
127.0.0.1 www.allprotections.com
127.0.0.1 allprotections.com
127.0.0.1 www.allresultz.net
127.0.0.1 allresultz.net
127.0.0.1 www.allsearch.us
127.0.0.1 allsearch.us
127.0.0.1 www.allsecuritynotes.com
127.0.0.1 allsecuritynotes.com
127.0.0.1 www.allsecuritysite.com
127.0.0.1 allsecuritysite.com
127.0.0.1 www.allstarsvideos.net
127.0.0.1 allstarsvideos.net
127.0.0.1 www.alltiettantivirus.com
127.0.0.1 alltiettantivirus.com
127.0.0.1 www.alltruesoftware.com
127.0.0.1 alltruesoftware.com
127.0.0.1 www.allvideoactivex.com
127.0.0.1 allvideoactivex.com
127.0.0.1 www.almanah.biz
127.0.0.1 almanah.biz
127.0.0.1 almarvideos.com
127.0.0.1 www.aloitalia.it
127.0.0.1 aloitalia.it
127.0.0.1 www.aluitalia.it
127.0.0.1 aluitalia.it
127.0.0.1 www.amaena.com
127.0.0.1 amaena.com
127.0.0.1 amandamountains.com
127.0.0.1 www.amateurliveshow.com
127.0.0.1 amateurliveshow.com
127.0.0.1 www.amediasoftware.com
127.0.0.1 amediasoftware.com
127.0.0.1 www.amediasource.com
127.0.0.1 amediasource.com
127.0.0.1 americanautobargains.com
127.0.0.1 www.americanautobargains.com
127.0.0.1 americancarbargains.com
127.0.0.1 www.americancarbargains.com
127.0.0.1 american-teens.net
127.0.0.1 amigeek.com
127.0.0.1 www.amigobore.com
127.0.0.1 amigobore.com
127.0.0.1 amisbusiness.com
127.0.0.1 www.ampmsearch.com
127.0.0.1 ampmsearch.com
127.0.0.1 www.analcord.com
127.0.0.1 analcord.com
127.0.0.1 analmovi.com
127.0.0.1 www.anarchylolita.com
127.0.0.1 anarchylolita.com
127.0.0.1 anarchyporn.com
127.0.0.1 www.andromedical.com
127.0.0.1 andromedical.com
127.0.0.1 www.animepornmag.com
127.0.0.1 animepornmag.com
127.0.0.1 anin.org
127.0.0.1 www.anjpn-avxiz.biz
127.0.0.1 anjpn-avxiz.biz
127.0.0.1 anjpnzqav.biz
127.0.0.1 www.anjpnzqav.biz
127.0.0.1 anjpn-zqav.biz
127.0.0.1 www.anjpn-zqav.biz
127.0.0.1 annaromeo.com
127.0.0.1 www.antiddos.us
127.0.0.1 antiddos.us
127.0.0.1 www.antiespiadorado.com
127.0.0.1 antiespiadorado.com
127.0.0.1 www.antiespionspack.com
127.0.0.1 antiespionspack.com
127.0.0.1 www.antigusanos2008.com
127.0.0.1 antigusanos2008.com
127.0.0.1 antispamassistant.com
127.0.0.1 www.antispamassistant.com
127.0.0.1 antispamdeluxe.com
127.0.0.1 www.antispamdeluxe.com
127.0.0.1 www.antispionage.com
127.0.0.1 antispionage.com
127.0.0.1 www.antispionagepro.com
127.0.0.1 antispionagepro.com
127.0.0.1 www.antispyadvanced.com
127.0.0.1 antispyadvanced.com
127.0.0.1 antispycheck.com
127.0.0.1 www.antispycheck.com
127.0.0.1 www.antispydns.biz
127.0.0.1 antispydns.biz
127.0.0.1 www.antispykit.com
127.0.0.1 antispykit.com
127.0.0.1 www.antispylab.com
127.0.0.1 antispylab.com
127.0.0.1 antispyshield.com
127.0.0.1 www.antispyshield.com
127.0.0.1 www.antispysolutions.com
127.0.0.1 antispysolutions.com
127.0.0.1 antispyware.com
127.0.0.1 www.antispyware.com
127.0.0.1 www.antispyware-2008.info
127.0.0.1 antispyware-2008.info
127.0.0.1 antispyware2008.name
127.0.0.1 www.antispyware2008.name
127.0.0.1 antispyware-2008.name
127.0.0.1 www.antispyware-2008.name
127.0.0.1 antispyware2008.org
127.0.0.1 www.antispyware2008.org
127.0.0.1 www.antispyware-2008.org
127.0.0.1 antispyware-2008.org
127.0.0.1 www.antispyware2008-download.com
127.0.0.1 antispyware2008-download.com
127.0.0.1 www.antispyware-2008-download.com
127.0.0.1 antispyware-2008-download.com
127.0.0.1 antispyware2008-download.name
127.0.0.1 www.antispyware2008-download.name
127.0.0.1 antispyware2008-download.org
127.0.0.1 www.antispyware2008-download.org
127.0.0.1 www.antispyware-2008-download.org
127.0.0.1 antispyware-2008-download.org
127.0.0.1 www.antispywareboot.com
127.0.0.1 antispywareboot.com
127.0.0.1 www.antispywarebot.com
127.0.0.1 antispywarebot.com
127.0.0.1 www.antispywarebox.com
127.0.0.1 antispywarebox.com
127.0.0.1 antispywaredownloads.com
127.0.0.1 www.antispywaredownloads.com
127.0.0.1 www.antispywareexpert.com
127.0.0.1 antispywareexpert.com
127.0.0.1 www.antispywaremaster.com
127.0.0.1 antispywaremaster.com
127.0.0.1 www.antispyware-review.info
127.0.0.1 antispyware-review.info
127.0.0.1 www.antispywaresales.com
127.0.0.1 antispywaresales.com
127.0.0.1 antispywaresuite.com
127.0.0.1 www.antispywaresuite.com
127.0.0.1 antispywareupdates.net
127.0.0.1 www.antispywareupdates.net
127.0.0.1 antispywarexp.com
127.0.0.1 www.antispywarexp.com
127.0.0.1 antispyweb.net
127.0.0.1 www.antispyweb.net
127.0.0.1 antiver2008.com
127.0.0.1 www.antiver2008.com
127.0.0.1 antivermins.com
127.0.0.1 www.antivermins.com
127.0.0.1 anti-vermins.com
127.0.0.1 www.anti-vermins.com
127.0.0.1 www.antivir2007.com
127.0.0.1 antivir2007.com
127.0.0.1 antivirgear.com
127.0.0.1 www.antivirgear.com
127.0.0.1 www.antivirprotect.com
127.0.0.1 antivirprotect.com
127.0.0.1 www.antivirus.fastfreedownload.com
127.0.0.1 antivirus.fastfreedownload.com
127.0.0.1 antivirus2008pro.com
127.0.0.1 www.antivirus2008pro.com
127.0.0.1 www.antivirus-2008pro.com
127.0.0.1 antivirus-2008pro.com
127.0.0.1 www.antivirus-2008-pro.com
127.0.0.1 antivirus-2008-pro.com
127.0.0.1 antivirus2008pro.info
127.0.0.1 www.antivirus2008pro.info
127.0.0.1 antivirus-2008pro.info
127.0.0.1 www.antivirus-2008pro.info
127.0.0.1 antivirus-2008-pro.info
127.0.0.1 www.antivirus-2008-pro.info
127.0.0.1 antivirus2008pro.net
127.0.0.1 www.antivirus2008pro.net
127.0.0.1 antivirus-2008pro.net
127.0.0.1 www.antivirus-2008pro.net
127.0.0.1 antivirus-2008-pro.net
127.0.0.1 www.antivirus-2008-pro.net
127.0.0.1 www.antivirus2008pro.org
127.0.0.1 antivirus2008pro.org
127.0.0.1 www.antivirus-2008pro.org
127.0.0.1 antivirus-2008pro.org
127.0.0.1 www.antivirus-2008-pro.org
127.0.0.1 antivirus-2008-pro.org
127.0.0.1 www.antivirus2008scanner.com
127.0.0.1 antivirus2008scanner.com
127.0.0.1 antivirus2008x.com
127.0.0.1 www.antivirus2008x.com
127.0.0.1 antivirus-2009.com
127.0.0.1 www.antivirus-2009.com
127.0.0.1 www.antivirus2009-freescan.com
127.0.0.1 antivirus2009-freescan.com
127.0.0.1 www.antivirus-2009pro.com
127.0.0.1 antivirus-2009pro.com
127.0.0.1 www.antivirus2009professional.com
127.0.0.1 antivirus2009professional.com
127.0.0.1 antivirusadvance.com
127.0.0.1 www.antivirusadvance.com
127.0.0.1 www.antivirusaskeladd.com
127.0.0.1 antivirusaskeladd.com
127.0.0.1 www.antivirus-database.com
127.0.0.1 antivirus-database.com
127.0.0.1 www.antivirusgereedschap.com
127.0.0.1 antivirusgereedschap.com
127.0.0.1 antivirusgolden.com
127.0.0.1 www.antivirusgolden.com
127.0.0.1 antivirus-hq.net
127.0.0.1 www.antivirus-hq.net
127.0.0.1 www.antiviruspcsuite.com
127.0.0.1 antiviruspcsuite.com
127.0.0.1 www.antiviruspremium.com
127.0.0.1 antiviruspremium.com
127.0.0.1 www.anti-virus-pro.com
127.0.0.1 anti-virus-pro.com
127.0.0.1 antivirusprotector.com
127.0.0.1 www.antivirusprotector.com
127.0.0.1 www.antivirus-scanner.com
127.0.0.1 antivirus-scanner.com
127.0.0.1 antivirusscherm.com
127.0.0.1 www.antivirusscherm.com
127.0.0.1 antivirussecuritypro.com
127.0.0.1 www.antivirussecuritypro.com
127.0.0.1 antivirus-server.com
127.0.0.1 www.antivirus-server.com
127.0.0.1 antivirus-stop.com
127.0.0.1 www.antivirus-stop.com
127.0.0.1 www.antivirussuite.com
127.0.0.1 antivirussuite.com
127.0.0.1 www.antiworm2008.com
127.0.0.1 antiworm2008.com
127.0.0.1 www.antiwurm2008.com
127.0.0.1 antiwurm2008.com
127.0.0.1 antrocity.com
127.0.0.1 www.anyofus.com
127.0.0.1 anyofus.com
127.0.0.1 www.anysafereviews.com
127.0.0.1 anysafereviews.com
127.0.0.1 www.anysn.seproger.com
127.0.0.1 anysn.seproger.com
127.0.0.1 anything4health.com
127.0.0.1 www.apicpreview.com
127.0.0.1 apicpreview.com
127.0.0.1 www.appealcircuit.com
127.0.0.1 appealcircuit.com
127.0.0.1 www.approvedlinks.com
127.0.0.1 approvedlinks.com
127.0.0.1 apps.deskwizz.com
127.0.0.1 apps.webservicehost.com
127.0.0.1 www.aprotectedpage.com
127.0.0.1 aprotectedpage.com
127.0.0.1 apsua.com
127.0.0.1 www.archivioadulti.com
127.0.0.1 archivioadulti.com
127.0.0.1 www.archiviosex.net
127.0.0.1 archiviosex.net
127.0.0.1 aregay.com
127.0.0.1 ares.click-new-download.com
127.0.0.1 www.ares.click-new-download.com
127.0.0.1 www.ares-freebie.com
127.0.0.1 ares-freebie.com
127.0.0.1 www.arespro2007.com
127.0.0.1 arespro2007.com
127.0.0.1 aresultra.com
127.0.0.1 www.aresultra.com
127.0.0.1 www.ares-usa.com
127.0.0.1 ares-usa.com
127.0.0.1 arheo.com
127.0.0.1 arizonaweb.org
127.0.0.1 armitageinn.com
127.0.0.1 www.arquivojpgs.smtp.ru
127.0.0.1 arquivojpgs.smtp.ru
127.0.0.1 artachnid.com
127.0.0.1 art-func.com
127.0.0.1 art-xxx.com
127.0.0.1 www.asafebrowser.com
127.0.0.1 asafebrowser.com
127.0.0.1 www.asafetyalways.com
127.0.0.1 asafetyalways.com
127.0.0.1 www.asafetynote.com
127.0.0.1 asafetynote.com
127.0.0.1 www.asafetynotice.com
127.0.0.1 asafetynotice.com
127.0.0.1 www.asafetypage.com
127.0.0.1 asafetypage.com
127.0.0.1 www.asdbiz.biz
127.0.0.1 asdbiz.biz
127.0.0.1 www.asdeykuddq.com
127.0.0.1 asdeykuddq.com
127.0.0.1 www.asecurebar.com
127.0.0.1 asecurebar.com
127.0.0.1 www.asecureboard.com
127.0.0.1 asecureboard.com
127.0.0.1 www.asecurevalue.com
127.0.0.1 asecurevalue.com
127.0.0.1 www.asecurityissue.com
127.0.0.1 asecurityissue.com
127.0.0.1 www.asecuritynotice.com
127.0.0.1 asecuritynotice.com
127.0.0.1 www.asecuritypaper.com
127.0.0.1 asecuritypaper.com
127.0.0.1 www.asecuritystuff.com
127.0.0.1 asecuritystuff.com
127.0.0.1 www.asfadaptation.com
127.0.0.1 asfadaptation.com
127.0.0.1 asiankingkong.com
127.0.0.1 www.asianpornmag.com
127.0.0.1 asianpornmag.com
127.0.0.1 www.asiantoolbar.com
127.0.0.1 asiantoolbar.com
127.0.0.1 www.asidseiupc.com
127.0.0.1 asidseiupc.com
127.0.0.1 www.aslitalia.it
127.0.0.1 aslitalia.it
127.0.0.1 ass-gals.com
127.0.0.1 www.assureprotection.com
127.0.0.1 assureprotection.com
127.0.0.1 asta-killer.com
127.0.0.1 www.astrologie-server.com
127.0.0.1 astrologie-server.com
127.0.0.1 www.asupereva.it
127.0.0.1 asupereva.it
127.0.0.1 www.ataprogram.com
127.0.0.1 ataprogram.com
127.0.0.1 athenrye.com
127.0.0.1 www.atotalsafety.com
127.0.0.1 atotalsafety.com
127.0.0.1 www.atrueprotection.com
127.0.0.1 atrueprotection.com
127.0.0.1 www.atruesecurity.com
127.0.0.1 atruesecurity.com
127.0.0.1 www.attackware.com
127.0.0.1 attackware.com
127.0.0.1 www.attrezzi.biz
127.0.0.1 attrezzi.biz
127.0.0.1 www.aucunsvirus.com
127.0.0.1 aucunsvirus.com
127.0.0.1 www.aulde.net
127.0.0.1 aulde.net
127.0.0.1 www.aupereva.it
127.0.0.1 aupereva.it
127.0.0.1 www.autobargains.org
127.0.0.1 autobargains.org
127.0.0.1 www.autobargainsnetwork.com
127.0.0.1 autobargainsnetwork.com
127.0.0.1 www.autocontext.begun.ru
127.0.0.1 autocontext.begun.ru
127.0.0.1 autoescrowpay.com
127.0.0.1 www.autotuningportal.com
127.0.0.1 autotuningportal.com
127.0.0.1 avadvance.com
127.0.0.1 www.avadvance.com
127.0.0.1 avast.free-software-center.com
127.0.0.1 www.avast.free-software-center.com
127.0.0.1 www.avast-2007.com
127.0.0.1 avast-2007.com
127.0.0.1 www.avast-downloads.com
127.0.0.1 avast-downloads.com
127.0.0.1 www.avast-hq.com
127.0.0.1 avast-hq.com
127.0.0.1 avforce.com
127.0.0.1 www.avforce.com
127.0.0.1 www.avg.grab-it-today.net
127.0.0.1 avg.grab-it-today.net
127.0.0.1 avg.softwarecenterz.com
127.0.0.1 www.avg.softwarecenterz.com
127.0.0.1 avg-secure.com
127.0.0.1 www.avg-secure.com
127.0.0.1 aviadaptation.com
127.0.0.1 www.aviadaptation.com
127.0.0.1 avian-ads.com
127.0.0.1 avicoupler.com
127.0.0.1 www.avicoupler.com
127.0.0.1 avideoaxaccess.com
127.0.0.1 www.avideoaxaccess.com
127.0.0.1 avideosurfer.com
127.0.0.1 www.avideosurfer.com
127.0.0.1 www.avidirection.com
127.0.0.1 avidirection.com
127.0.0.1 aviewersoft.com
127.0.0.1 www.aviewersoft.com
127.0.0.1 www.aviexecution.com
127.0.0.1 aviexecution.com
127.0.0.1 avihelper.com
127.0.0.1 www.avihelper.com
127.0.0.1 aviinstrument.com
127.0.0.1 www.aviinstrument.com
127.0.0.1 aviplugin.com
127.0.0.1 www.aviplugin.com
127.0.0.1 avitool.com
127.0.0.1 www.avitool.com
127.0.0.1 aviupdate.com
127.0.0.1 www.aviupdate.com
127.0.0.1 aviutility.com
127.0.0.1 www.aviutility.com
127.0.0.1 www.avpcheckupdate.com
127.0.0.1 avpcheckupdate.com
127.0.0.1 avsmanufacture.com
127.0.0.1 www.avsmanufacture.com
127.0.0.1 www.avsystemcare.com
127.0.0.1 avsystemcare.com
127.0.0.1 www.avxizaaqada.biz
127.0.0.1 avxizaaqada.biz
127.0.0.1 www.avxiz-anjpn.biz
127.0.0.1 avxiz-anjpn.biz
127.0.0.1 www.avxizueorn.biz
127.0.0.1 avxizueorn.biz
127.0.0.1 www.avxiz-ueorn.biz
127.0.0.1 avxiz-ueorn.biz
127.0.0.1 avxiz-vtvcp.biz
127.0.0.1 www.avxiz-vtvcp.biz
127.0.0.1 avxiz-ygco.biz
127.0.0.1 www.avxiz-ygco.biz
127.0.0.1 avxiz-zqav.biz
127.0.0.1 www.avxiz-zqav.biz
127.0.0.1 www.av-xp-08.com
127.0.0.1 av-xp-08.com
127.0.0.1 www.awarenesstech.com
127.0.0.1 awarenesstech.com
127.0.0.1 www.awarninglist.com
127.0.0.1 awarninglist.com
127.0.0.1 awbeta.net-nucleus.com
127.0.0.1 www.awesomehomepage.com
127.0.0.1 awesomehomepage.com
127.0.0.1 awmcash.biz
127.0.0.1 awmdabest.com
127.0.0.1 www.axemediasoftware.com
127.0.0.1 axemediasoftware.com
127.0.0.1 www.aximageobject.com
127.0.0.1 aximageobject.com
127.0.0.1 www.axmediaproject.com
127.0.0.1 axmediaproject.com
127.0.0.1 www.axmediasoftware.com
127.0.0.1 axmediasoftware.com
127.0.0.1 www.axmediasolutions.com
127.0.0.1 axmediasolutions.com
127.0.0.1 www.axobjectpage.com
127.0.0.1 axobjectpage.com
127.0.0.1 www.axobjectsource.com
127.0.0.1 axobjectsource.com
127.0.0.1 www.axsoftwaretool.com
127.0.0.1 axsoftwaretool.com
127.0.0.1 www.axvideoproject.com
127.0.0.1 axvideoproject.com
127.0.0.1 www.axvideosetup.com
127.0.0.1 axvideosetup.com
127.0.0.1 ayakawamura.com
127.0.0.1 ayb.dns-look-up.com
127.0.0.1 ayb.netbios-wait.com
127.0.0.1 ayumitaniguchi.com
127.0.0.1 azebar.com
127.0.0.1 azureusclub.com
127.0.0.1 www.azureusclub.com
127.0.0.1 azureus-freebie.com
127.0.0.1 www.azureus-freebie.com
127.0.0.1 www.azzetta.it
127.0.0.1 azzetta.it
127.0.0.1 b.casalemedia.com
127.0.0.1 b122.mcboo.com
127.0.0.1 www.babe.k-lined.com
127.0.0.1 babe.k-lined.com
127.0.0.1 www.babe.the-killer.bz
127.0.0.1 babe.the-killer.bz
127.0.0.1 www.babenet.com
127.0.0.1 babenet.com
127.0.0.1 www.babespornmag.com
127.0.0.1 babespornmag.com
127.0.0.1 www.babeweb.de
127.0.0.1 babeweb.de
127.0.0.1 www.baccarat-other.info
127.0.0.1 baccarat-other.info
127.0.0.1 www.backstripgirls.com
127.0.0.1 backstripgirls.com
127.0.0.1 backup.mabou.org
127.0.0.1 www.baiduqqsina.cn
127.0.0.1 baiduqqsina.cn
127.0.0.1 www.balotierra.com
127.0.0.1 balotierra.com
127.0.0.1 bannedhost.net
127.0.0.1 barbudafarms.com
127.0.0.1 www.bardownload.com
127.0.0.1 bardownload.com
127.0.0.1 barnandfence.com
127.0.0.1 www.basteln-und-heimwerken.com
127.0.0.1 basteln-und-heimwerken.com
127.0.0.1 batsearch.com
127.0.0.1 baygraphicsllc.com
127.0.0.1 bb.wudiliuliang.com
127.0.0.1 bbbsearch.com
127.0.0.1 bb-search.com
127.0.0.1 www.bcnproduction.com
127.0.0.1 bcnproduction.com
127.0.0.1 bdsmlibrary.net
127.0.0.1 www.bdsmpornmag.com
127.0.0.1 bdsmpornmag.com
127.0.0.1 www.bearshare.click-new-download.com
127.0.0.1 bearshare.click-new-download.com
127.0.0.1 www.bearshare.download-me.info
127.0.0.1 bearshare.download-me.info
127.0.0.1 www.bearshare.mp3-muzic.com
127.0.0.1 bearshare.mp3-muzic.com
127.0.0.1 www.bearshare-download.org
127.0.0.1 bearshare-download.org
127.0.0.1 bearshare-downloads.net
127.0.0.1 www.bearshare-downloads.net
127.0.0.1 bearsharelive.co.uk
127.0.0.1 www.bearsharelive.co.uk
127.0.0.1 www.bearshare-music-downloads.com
127.0.0.1 bearshare-music-downloads.com
127.0.0.1 bearsharepro2007.com
127.0.0.1 www.bearsharepro2007.com
127.0.0.1 bearshare-usa.com
127.0.0.1 www.bearshare-usa.com
127.0.0.1 bedhome.com
127.0.0.1 bediadance.com
127.0.0.1 www.beebappyy.biz
127.0.0.1 beebappyy.biz
127.0.0.1 www.begin2search.com
127.0.0.1 begin2search.com
127.0.0.1 bellabasketsfl.com
127.0.0.1 bernaolatwin.com
127.0.0.1 www.berufe-jobs.de
127.0.0.1 berufe-jobs.de
127.0.0.1 www.berufe-server.de
127.0.0.1 berufe-server.de
127.0.0.1 www.berufe-welt.de
127.0.0.1 berufe-welt.de
127.0.0.1 www.berufs-wahl.de
127.0.0.1 berufs-wahl.de
127.0.0.1 www.beruijindegunhadesun.com
127.0.0.1 beruijindegunhadesun.com
127.0.0.1 www.best3xclips.com
127.0.0.1 best3xclips.com
127.0.0.1 bestadults.com
127.0.0.1 www.bestadults.com
127.0.0.1 best-codec.com
127.0.0.1 www.best-codec.com
127.0.0.1 best-counter.com
127.0.0.1 bestcrawler.com
127.0.0.1 www.bestdailyvids.com
127.0.0.1 bestdailyvids.com
127.0.0.1 bestfor.ru
127.0.0.1 bestfuckvids.com
127.0.0.1 www.bestfuckvids.com
127.0.0.1 best-hardpics.com
127.0.0.1 bestmanage.org
127.0.0.1 www.bestmanage.org
127.0.0.1 www.bestmanage0.org
127.0.0.1 bestmanage0.org
127.0.0.1 bestmanage1.org
127.0.0.1 www.bestmanage1.org
127.0.0.1 www.bestmanage2.org
127.0.0.1 bestmanage2.org
127.0.0.1 www.bestmanage3.org
127.0.0.1 bestmanage3.org
127.0.0.1 bestmanage4.org
127.0.0.1 www.bestmanage4.org
127.0.0.1 www.bestmanage5.org
127.0.0.1 bestmanage5.org
127.0.0.1 www.bestmanage6.org
127.0.0.1 bestmanage6.org
127.0.0.1 www.bestmanage7.org
127.0.0.1 bestmanage7.org
127.0.0.1 www.bestmanage8.org
127.0.0.1 bestmanage8.org
127.0.0.1 bestmanage9.org
127.0.0.1 www.bestmanage9.org
127.0.0.1 www.bestmovszone.com
127.0.0.1 bestmovszone.com
127.0.0.1 bestnetwok.net
127.0.0.1 www.bestnetwok.net
127.0.0.1 www.bestnetwork.net
127.0.0.1 bestnetwork.net
127.0.0.1 www.bestoffersnetworks.com
127.0.0.1 bestoffersnetworks.com
127.0.0.1 www.best-porncollection.com
127.0.0.1 best-porncollection.com
127.0.0.1 bestporngate.com
127.0.0.1 bestsafetyguide.net
127.0.0.1 www.bestsafetyguide.net
127.0.0.1 www.bestsearch.cc
127.0.0.1 bestsearch.cc
127.0.0.1 www.bestsearchworld.info
127.0.0.1 bestsearchworld.info
127.0.0.1 www.best-spyware.info
127.0.0.1 best-spyware.info
127.0.0.1 www.best-targeted-traffic.com
127.0.0.1 best-targeted-traffic.com
127.0.0.1 best-voyeur.info
127.0.0.1 www.best-voyeur.info
127.0.0.1 bestweblinks.com
127.0.0.1 best-winning-casino.com
127.0.0.1 www.bestworldgirls-for-u.net
127.0.0.1 bestworldgirls-for-u.net
127.0.0.1 www.bestxclips.com
127.0.0.1 bestxclips.com
127.0.0.1 bestxporno.com
127.0.0.1 www.bestxxxmpegs.com
127.0.0.1 bestxxxmpegs.com
127.0.0.1 www.bettersearch.biz
127.0.0.1 bettersearch.biz
127.0.0.1 www.bewerbungsexperte.com
127.0.0.1 bewerbungsexperte.com
127.0.0.1 www.bgazzetta.it
127.0.0.1 bgazzetta.it
127.0.0.1 www.bgoogle.it
127.0.0.1 bgoogle.it
127.0.0.1 www.bigcodecadult.com
127.0.0.1 bigcodecadult.com
127.0.0.1 bigcodecadult2008.com
127.0.0.1 www.bigcodecadult2008.com
127.0.0.1 bigcodecadult2008-17.com
127.0.0.1 www.bigcodecadult2008-17.com
127.0.0.1 bighot18adult2008.com
127.0.0.1 www.bighot18adult2008.com
127.0.0.1 www.bighot18-adult2008.com
127.0.0.1 bighot18-adult2008.com
127.0.0.1 www.bighot18codec2008.com
127.0.0.1 bighot18codec2008.com
127.0.0.1 bighot18-codec2008.com
127.0.0.1 www.bighot18-codec2008.com
127.0.0.1 www.bigtrafficnetwork.com
127.0.0.1 bigtrafficnetwork.com
127.0.0.1 www.bigwww.com
127.0.0.1 bigwww.com
127.0.0.1 www.bill.de
127.0.0.1 bill.de
127.0.0.1 bin.errorprotector.com
127.0.0.1 bins.media-motor.net
127.0.0.1 bins2.media-motor.net
127.0.0.1 bis.180solutions.com
127.0.0.1 bitchesonline.net
127.0.0.1 www.bitcomet-freebie.com
127.0.0.1 bitcomet-freebie.com
127.0.0.1 www.bittorrent.click-new-download.com
127.0.0.1 bittorrent.click-new-download.com
127.0.0.1 biz.biz
127.0.0.1 www.bkvcompany.com
127.0.0.1 bkvcompany.com
127.0.0.1 blackblues00.com
127.0.0.1 www.blackblues00.com
127.0.0.1 blackcodec.com
127.0.0.1 www.blackcodec.com
127.0.0.1 www.black-codec.com
127.0.0.1 black-codec.com
127.0.0.1 www.blackcodec.net
127.0.0.1 blackcodec.net
127.0.0.1 www.blackhats.tc
127.0.0.1 blackhats.tc
127.0.0.1 www.blackhawksoftware.com
127.0.0.1 blackhawksoftware.com
127.0.0.1 blackjack-free.net
127.0.0.1 www.blacklegion.info
127.0.0.1 blacklegion.info
127.0.0.1 blazefind.com
127.0.0.1 blender.xu.pl
127.0.0.1 www.blockcheckercontrol.com
127.0.0.1 blockcheckercontrol.com
127.0.0.1 blondetgp.com
127.0.0.1 www.blue-elefant.com
127.0.0.1 blue-elefant.com
127.0.0.1 www.bm.theaimonline.com
127.0.0.1 bm.theaimonline.com
127.0.0.1 www.bnmgate.com
127.0.0.1 bnmgate.com
127.0.0.1 bodaciousbabette.com
127.0.0.1 www.bonzi.com
127.0.0.1 bonzi.com
127.0.0.1 boobdoll.com
127.0.0.1 boobsandtits.com
127.0.0.1 boobsclub.com
127.0.0.1 www.bookedspace.com
127.0.0.1 bookedspace.com
127.0.0.1 www.boom.com.vn
127.0.0.1 boom.com.vn
127.0.0.1 www.boomgirltv.com
127.0.0.1 boomgirltv.com
127.0.0.1 boredlife.com
127.0.0.1 bowlofogumbo.com
127.0.0.1 www.bpfq02.com
127.0.0.1 bpfq02.com
127.0.0.1 www.bqgate.com
127.0.0.1 bqgate.com
127.0.0.1 br.errorsafe.com
127.0.0.1 br.winantivirus.com
127.0.0.1 br.winfixer.com
127.0.0.1 bradcoem.org
127.0.0.1 www.braincodec.com
127.0.0.1 braincodec.com
127.0.0.1 www.brakecodec.com
127.0.0.1 brakecodec.com
127.0.0.1 www.brakecodec.net
127.0.0.1 brakecodec.net
127.0.0.1 brandiyoung.com
127.0.0.1 www.bravesentry.com
127.0.0.1 bravesentry.com
127.0.0.1 www.breenten.biz
127.0.0.1 breenten.biz
127.0.0.1 www.brodbfm.net
127.0.0.1 brodbfm.net
127.0.0.1 brookeburn.com
127.0.0.1 www.browserwise.com
127.0.0.1 browserwise.com
127.0.0.1 bsa.safetydownload.com
127.0.0.1 www.bsplaycodec.com
127.0.0.1 bsplaycodec.com
127.0.0.1 bucps.com
127.0.0.1 buhartes.info
127.0.0.1 buldog-stats.com
127.0.0.1 www.bullseye-network.com
127.0.0.1 bullseye-network.com
127.0.0.1 burgerkingbigscreen.com
127.0.0.1 www.burningsite.com
127.0.0.1 burningsite.com
127.0.0.1 www.burnsrecyclinginc.com
127.0.0.1 burnsrecyclinginc.com
127.0.0.1 buscards.net
127.0.0.1 bustyrussell.com
127.0.0.1 www.busysearch.net
127.0.0.1 busysearch.net
127.0.0.1 buttejazz.org
127.0.0.1 www.buy-find.info
127.0.0.1 buy-find.info
127.0.0.1 buyselldomain.net
127.0.0.1 www.buytraff.biz
127.0.0.1 buytraff.biz
127.0.0.1 buz.ru
127.0.0.1 www.bvdtechinque.com
127.0.0.1 bvdtechinque.com
127.0.0.1 www.bvirgilio.it
127.0.0.1 bvirgilio.it
127.0.0.1 www.bye-spyware.com
127.0.0.1 bye-spyware.com
127.0.0.1 c.centralmedia.ws
127.0.0.1 www.c.enhance.com
127.0.0.1 c.enhance.com
127.0.0.1 c.goclick.com
127.0.0.1 www.c4tdownload.com
127.0.0.1 c4tdownload.com
127.0.0.1 www.c5.www4free.info
127.0.0.1 c5.www4free.info
127.0.0.1 www.cache.surfaccuracy.com
127.0.0.1 cache.surfaccuracy.com
127.0.0.1 cache.ysbweb.com
127.0.0.1 www.cadesfinjeriokas.com
127.0.0.1 cadesfinjeriokas.com
127.0.0.1 calcioturris.com
127.0.0.1 www.calendaralerts.net
127.0.0.1 calendaralerts.net
127.0.0.1 www.callinghome.biz
127.0.0.1 callinghome.biz
127.0.0.1 www.cameouk.co.uk
127.0.0.1 cameouk.co.uk
127.0.0.1 cameup.com
127.0.0.1 www.camouflageclothingonline.net
127.0.0.1 camouflageclothingonline.net
127.0.0.1 campaigns.outerinfo.net
127.0.0.1 www.camping-community.com
127.0.0.1 camping-community.com
127.0.0.1 camup.net
127.0.0.1 canberracricketcoaching.com
127.0.0.1 candycantaloupes.com
127.0.0.1 www.canidetect.org
127.0.0.1 canidetect.org
127.0.0.1 www.cantfind.com
127.0.0.1 cantfind.com
127.0.0.1 careers.dulcineasystems.net
127.0.0.1 carsands.com
127.0.0.1 carsrentals.net
127.0.0.1 cartoes.uol.com.br
127.0.0.1 www.casalemedia.com
127.0.0.1 casalemedia.com
127.0.0.1 www.cashdeluxe.net
127.0.0.1 cashdeluxe.net
127.0.0.1 www.cashengines.com
127.0.0.1 cashengines.com
127.0.0.1 cashsearch.biz
127.0.0.1 www.cashsurfers.com
127.0.0.1 cashsurfers.com
127.0.0.1 www.cashunlim.com
127.0.0.1 cashunlim.com
127.0.0.1 casino.com.free.game.pogo.gratisdownloads.nl
127.0.0.1 casino2win.net
127.0.0.1 casino-gambling-1.net
127.0.0.1 casino-gambling-2.net
127.0.0.1 casinomidas.net
127.0.0.1 casinonline.net
127.0.0.1 casino-onlines.net
127.0.0.1 www.castingsamateur.com
127.0.0.1 castingsamateur.com
127.0.0.1 catallogue.com
127.0.0.1 www.catch-dc.info
127.0.0.1 catch-dc.info
127.0.0.1 categories.mygeek.com
127.0.0.1 catsss.da.ru
127.0.0.1 caxa.ru
127.0.0.1 cazygirls-world.com
127.0.0.1 cc.panet.org
127.0.0.1 www.ccecaedbebfcaf.com
127.0.0.1 ccecaedbebfcaf.com
127.0.0.1 cclebali.org
127.0.0.1 www.ccorriere.it
127.0.0.1 ccorriere.it
127.0.0.1 www.cdcopysite.com
127.0.0.1 cdcopysite.com
127.0.0.1 www.cdegate.com
127.0.0.1 cdegate.com
127.0.0.1 cdn.drivecleaner.com
127.0.0.1 cdn.errorsafe.com
127.0.0.1 cdn.movies-etc.com
127.0.0.1 cdn.winsoftware.com
127.0.0.1 cdn2.movies-etc.com
127.0.0.1 www.cdorriere.it
127.0.0.1 cdorriere.it
127.0.0.1 ceewawires.org
127.0.0.1 centralmedia.ws
127.0.0.1 certumgroup.com
127.0.0.1 www.cforriere.it
127.0.0.1 cforriere.it
127.0.0.1 cheapest.extra.hu
127.0.0.1 www.check.jupitersatellites.biz
127.0.0.1 check.jupitersatellites.biz
127.0.0.1 www.checkin100.com
127.0.0.1 checkin100.com
127.0.0.1 www.checkssecurity.com
127.0.0.1 checkssecurity.com
127.0.0.1 www.checksystem-online.com
127.0.0.1 checksystem-online.com
127.0.0.1 chelancatering.com
127.0.0.1 www.chenshijituan.com
127.0.0.1 chenshijituan.com
127.0.0.1 childrenvilla.com
127.0.0.1 www.chilly3xvids.com
127.0.0.1 chilly3xvids.com
127.0.0.1 www.chillymovs.com
127.0.0.1 chillymovs.com
127.0.0.1 chips-4-free.com
127.0.0.1 chrisswasey.com
127.0.0.1 chriswallace.net
127.0.0.1 www.cia-trjn.myvnc.com
127.0.0.1 cia-trjn.myvnc.com
127.0.0.1 www.cinemadownload.com
127.0.0.1 cinemadownload.com
127.0.0.1 www.ciorriere.it
127.0.0.1 ciorriere.it
127.0.0.1 www.cirriere.it
127.0.0.1 cirriere.it
127.0.0.1 citycodec.com
127.0.0.1 www.citycodec.com
127.0.0.1 city-codec.com
127.0.0.1 www.city-codec.com
127.0.0.1 ckick4thumbs.com
127.0.0.1 cl55.biz
127.0.0.1 clackamasliteraryreview.com
127.0.0.1 www.clckm.com
127.0.0.1 clckm.com
127.0.0.1 cleancodec.com
127.0.0.1 www.cleancodec.com
127.0.0.1 www.cleancodec.net
127.0.0.1 cleancodec.net
127.0.0.1 clean-codec.net
127.0.0.1 www.clean-codec.net
127.0.0.1 www.cleansoftwares.com
127.0.0.1 cleansoftwares.com
127.0.0.1 clearsearch.cc
127.0.0.1 clearsearch.net
127.0.0.1 clickaire.com
127.0.0.1 www.click-codec.com
127.0.0.1 click-codec.com
127.0.0.1 www.clickhere4search.com
127.0.0.1 clickhere4search.com
127.0.0.1 www.click-new-download.com
127.0.0.1 click-new-download.com
127.0.0.1 click-now.net
127.0.0.1 www.clickspring.net
127.0.0.1 clickspring.net
127.0.0.1 click-to-download.com
127.0.0.1 www.click-to-download.com
127.0.0.1 www.clicktomakeasearch.com
127.0.0.1 clicktomakeasearch.com
127.0.0.1 clickyestoenter.net
127.0.0.1 client.exeupdate.com
127.0.0.1 client.myadultexplorer.com
127.0.0.1 www.cliks.org
127.0.0.1 cliks.org
127.0.0.1 www.cliparts4free.com
127.0.0.1 cliparts4free.com
127.0.0.1 www.clipsfestival.com
127.0.0.1 clipsfestival.com
127.0.0.1 www.clipsreality.com
127.0.0.1 clipsreality.com
127.0.0.1 www.clorriere.it
127.0.0.1 clorriere.it
127.0.0.1 clrsch.com
127.0.0.1 www.clubxxxvideo.com
127.0.0.1 clubxxxvideo.com
127.0.0.1 clusif.free.fr
127.0.0.1 cmtapestry.com
127.0.0.1 www.cnetadd.com
127.0.0.1 cnetadd.com
127.0.0.1 www.cnomy.com
127.0.0.1 cnomy.com
127.0.0.1 www.cnzz.com
127.0.0.1 cnzz.com
127.0.0.1 www.cocktails-ideen.de
127.0.0.1 cocktails-ideen.de
127.0.0.1 code.ignphrases.com
127.0.0.1 codec.ninoa.com
127.0.0.1 codecadult18.com
127.0.0.1 www.codecadult18.com
127.0.0.1 codecbest.com
127.0.0.1 www.codecbest.com
127.0.0.1 codecbsplay.com
127.0.0.1 www.codecbsplay.com
127.0.0.1 codecdemo.com
127.0.0.1 www.codecdemo.com
127.0.0.1 www.codecdvd.net
127.0.0.1 codecdvd.net
127.0.0.1 codecdvi.com
127.0.0.1 www.codecdvi.com
127.0.0.1 codec-fun.com
127.0.0.1 www.codec-fun.com
127.0.0.1 www.codechard.com
127.0.0.1 codechard.com
127.0.0.1 www.codechot.net
127.0.0.1 codechot.net
127.0.0.1 www.codechq.net
127.0.0.1 codechq.net
127.0.0.1 www.codecmeg.net
127.0.0.1 codecmeg.net
127.0.0.1 www.codecmega.com
127.0.0.1 codecmega.com
127.0.0.1 www.codecmega.net
127.0.0.1 codecmega.net
127.0.0.1 www.codecmoon.com
127.0.0.1 codecmoon.com
127.0.0.1 www.codecmpg.com
127.0.0.1 codecmpg.com
127.0.0.1 www.codecnice.net
127.0.0.1 codecnice.net
127.0.0.1 www.codecnitro.com
127.0.0.1 codecnitro.com
127.0.0.1 www.codecops.net
127.0.0.1 codecops.net
127.0.0.1 www.codecplay.com
127.0.0.1 codecplay.com
127.0.0.1 www.codecpretty.net
127.0.0.1 codecpretty.net
127.0.0.1 www.codecpro.net
127.0.0.1 codecpro.net
127.0.0.1 www.codecred.net
127.0.0.1 codecred.net
127.0.0.1 www.codecsoft.net
127.0.0.1 codecsoft.net
127.0.0.1 www.codecthe.com
127.0.0.1 codecthe.com
127.0.0.1 www.codectime.com
127.0.0.1 codectime.com
127.0.0.1 www.codecultra.net
127.0.0.1 codecultra.net
127.0.0.1 www.codecvids.com
127.0.0.1 codecvids.com
127.0.0.1 www.codecvip.com
127.0.0.1 codecvip.com
127.0.0.1 www.codecviva.com
127.0.0.1 codecviva.com
127.0.0.1 www.codeczang.net
127.0.0.1 codeczang.net
127.0.0.1 www.codrriere.it
127.0.0.1 codrriere.it
127.0.0.1 www.coeriere.it
127.0.0.1 coeriere.it
127.0.0.1 www.coerriere.it
127.0.0.1 coerriere.it
127.0.0.1 www.cofrriere.it
127.0.0.1 cofrriere.it
127.0.0.1 www.cogrriere.it
127.0.0.1 cogrriere.it
127.0.0.1 www.coirriere.it
127.0.0.1 coirriere.it
127.0.0.1 command.adservs.com
127.0.0.1 www.commonname.com
127.0.0.1 commonname.com
127.0.0.1 www.comparespywareremover.org
127.0.0.1 comparespywareremover.org
127.0.0.1 www.computerpcgames.net
127.0.0.1 computerpcgames.net
127.0.0.1 www.computerrecover.com
127.0.0.1 computerrecover.com
127.0.0.1 config.180solutions.com
127.0.0.1 www.congtouzailai.net
127.0.0.1 congtouzailai.net
127.0.0.1 www.consumers-reviews.net
127.0.0.1 consumers-reviews.net
127.0.0.1 www.content.dollarrevenue.com
127.0.0.1 content.dollarrevenue.com
127.0.0.1 www.content.ireit.com
127.0.0.1 content.ireit.com
127.0.0.1 content.onerateld.com
127.0.0.1 www.contentmatch.net
127.0.0.1 contentmatch.net
127.0.0.1 www.contextplus.net
127.0.0.1 contextplus.net
127.0.0.1 www.contra-virus.com
127.0.0.1 contra-virus.com
127.0.0.1 www.controlmeh.com
127.0.0.1 controlmeh.com
127.0.0.1 www.controlpage.info
127.0.0.1 controlpage.info
127.0.0.1 www.convenient-search.com
127.0.0.1 convenient-search.com
127.0.0.1 www.cookingluck.com
127.0.0.1 cookingluck.com
127.0.0.1 cooldeskalert.com
127.0.0.1 www.cooldeskalert.com
127.0.0.1 coolfetishsite.com
127.0.0.1 coolfreehost.com
127.0.0.1 coolfreepage.com
127.0.0.1 coolfreepages.com
127.0.0.1 cool-homepage.co
127.0.0.1 cool-homepage.com
127.0.0.1 coolmoneysearch.com
127.0.0.1 www.coolonlinebusiness.com
127.0.0.1 coolonlinebusiness.com
127.0.0.1 coolpornsearch.com
127.0.0.1 cool-search.net
127.0.0.1 cool-search.netfartpost.com
127.0.0.1 coolsearcher.info
127.0.0.1 www.coolservecorp.net
127.0.0.1 coolservecorp.net
127.0.0.1 coolwebsearch.com
127.0.0.1 www.coolwebsearch.com
127.0.0.1 cool-web-search.com
127.0.0.1 coolwebsearsh.com
127.0.0.1 www.coolwwwsearch.com
127.0.0.1 coolwwwsearch.com
127.0.0.1 cool-xxx.net
127.0.0.1 www.coorriere.it
127.0.0.1 coorriere.it
127.0.0.1 copmtraine.com
127.0.0.1 www.coprriere.it
127.0.0.1 coprriere.it
127.0.0.1 www.core.psyche-evolution.com
127.0.0.1 core.psyche-evolution.com
127.0.0.1 www.coreiere.it
127.0.0.1 coreiere.it
127.0.0.1 www.coreriere.it
127.0.0.1 coreriere.it
127.0.0.1 www.corrdiere.it
127.0.0.1 corrdiere.it
127.0.0.1 www.correiere.it
127.0.0.1 correiere.it
127.0.0.1 www.corrfiere.it
127.0.0.1 corrfiere.it
127.0.0.1 www.corrgiere.it
127.0.0.1 corrgiere.it
127.0.0.1 www.corridere.it
127.0.0.1 corridere.it
127.0.0.1 www.corriedre.it
127.0.0.1 corriedre.it
127.0.0.1 www.corriee.it
127.0.0.1 corriee.it
127.0.0.1 www.corrieere.it
127.0.0.1 corrieere.it
127.0.0.1 www.corriefre.it
127.0.0.1 corriefre.it
127.0.0.1 www.corriegre.it
127.0.0.1 corriegre.it
127.0.0.1 www.corrierde.it
127.0.0.1 corrierde.it
127.0.0.1 www.corriered.it
127.0.0.1 corriered.it
127.0.0.1 www.corrieree.it
127.0.0.1 corrieree.it
127.0.0.1 www.corrieref.it
127.0.0.1 corrieref.it
127.0.0.1 www.corrierer.it
127.0.0.1 corrierer.it
127.0.0.1 www.corrieres.it
127.0.0.1 corrieres.it
127.0.0.1 www.corrierew.it
127.0.0.1 corrierew.it
127.0.0.1 www.corrierfe.it
127.0.0.1 corrierfe.it
127.0.0.1 www.corrierge.it
127.0.0.1 corrierge.it
127.0.0.1 www.corrierr.it
127.0.0.1 corrierr.it
127.0.0.1 www.corrierre.it
127.0.0.1 corrierre.it
127.0.0.1 www.corrierse.it
127.0.0.1 corrierse.it
127.0.0.1 www.corrierte.it
127.0.0.1 corrierte.it
127.0.0.1 www.corrierw.it
127.0.0.1 corrierw.it
127.0.0.1 www.corrierwe.it
127.0.0.1 corrierwe.it
127.0.0.1 www.corriesre.it
127.0.0.1 corriesre.it
127.0.0.1 www.corriete.it
127.0.0.1 corriete.it
127.0.0.1 www.corrietre.it
127.0.0.1 corrietre.it
127.0.0.1 www.corriewre.it
127.0.0.1 corriewre.it
127.0.0.1 www.corrifere.it
127.0.0.1 corrifere.it
127.0.0.1 www.corriiere.it
127.0.0.1 corriiere.it
127.0.0.1 www.corrilere.it
127.0.0.1 corrilere.it
127.0.0.1 www.corrioere.it
127.0.0.1 corrioere.it
127.0.0.1 www.corrire.it
127.0.0.1 corrire.it
127.0.0.1 www.corrirere.it
127.0.0.1 corrirere.it
127.0.0.1 www.corrirre.it
127.0.0.1 corrirre.it
127.0.0.1 www.corrisere.it
127.0.0.1 corrisere.it
127.0.0.1 www.corriuere.it
127.0.0.1 corriuere.it
127.0.0.1 www.corriwere.it
127.0.0.1 corriwere.it
127.0.0.1 www.corriwre.it
127.0.0.1 corriwre.it
127.0.0.1 www.corrliere.it
127.0.0.1 corrliere.it
127.0.0.1 www.corroere.it
127.0.0.1 corroere.it
127.0.0.1 www.corroiere.it
127.0.0.1 corroiere.it
127.0.0.1 www.corrriere.it
127.0.0.1 corrriere.it
127.0.0.1 www.corrtiere.it
127.0.0.1 corrtiere.it
127.0.0.1 www.corruere.it
127.0.0.1 corruere.it
127.0.0.1 www.corruiere.it
127.0.0.1 corruiere.it
127.0.0.1 www.cortiere.it
127.0.0.1 cortiere.it
127.0.0.1 www.cortriere.it
127.0.0.1 cortriere.it
127.0.0.1 www.costrike.com
127.0.0.1 costrike.com
127.0.0.1 www.cotriere.it
127.0.0.1 cotriere.it
127.0.0.1 www.cotrriere.it
127.0.0.1 cotrriere.it
127.0.0.1 couldnotfind.com
127.0.0.1 count.cc
127.0.0.1 count.hitscount.net
127.0.0.1 count-all.com
127.0.0.1 www.countdutycall.info
127.0.0.1 countdutycall.info
127.0.0.1 counter.sexmaniack.com
127.0.0.1 www.courtrecordslookup.com
127.0.0.1 courtrecordslookup.com
127.0.0.1 www.cporriere.it
127.0.0.1 cporriere.it
127.0.0.1 www.cprriere.it
127.0.0.1 cprriere.it
127.0.0.1 cpvfeed.com
127.0.0.1 cracks.me.uk
127.0.0.1 www.cracks4all.com
127.0.0.1 cracks4all.com
127.0.0.1 www.crapsgold.info
127.0.0.1 crapsgold.info
127.0.0.1 www.crazygirls-world.com
127.0.0.1 crazygirls-world.com
127.0.0.1 www.crazywinnings.com
127.0.0.1 crazywinnings.com
127.0.0.1 creamedcutties.com
127.0.0.1 www.createaccesskey.com
127.0.0.1 createaccesskey.com
127.0.0.1 www.creatonsoft.com
127.0.0.1 creatonsoft.com
127.0.0.1 creditsearchonline.com
127.0.0.1 crestring.com
127.0.0.1 crooder.com
127.0.0.1 www.crriere.it
127.0.0.1 crriere.it
127.0.0.1 www.cryptdrive.com
127.0.0.1 cryptdrive.com
127.0.0.1 www.crystalysmedia.com
127.0.0.1 crystalysmedia.com
127.0.0.1 www.csx.adservs.com
127.0.0.1 csx.adservs.com
127.0.0.1 cts.180solutions.com
127.0.0.1 www.cuisinartoven.com
127.0.0.1 cuisinartoven.com
127.0.0.1 www.curedc.info
127.0.0.1 curedc.info
127.0.0.1 www.curepcsolutions.com
127.0.0.1 curepcsolutions.com
127.0.0.1 curvedspaces.com
127.0.0.1 www.cutadult.com
127.0.0.1 cutadult.com
127.0.0.1 www.cutoffspyware.com
127.0.0.1 cutoffspyware.com
127.0.0.1 www.cvirgilio.it
127.0.0.1 cvirgilio.it
127.0.0.1 www.cvorriere.it
127.0.0.1 cvorriere.it
127.0.0.1 cvs.jps.ru
127.0.0.1 cvsymphony.com
127.0.0.1 www.cxorriere.it
127.0.0.1 cxorriere.it
127.0.0.1 www.cyberrape.com
127.0.0.1 cyberrape.com
127.0.0.1 cydom.com
127.0.0.1 www.cydoor.com
127.0.0.1 cydoor.com
127.0.0.1 d34s.qfdfqawd.cn
127.0.0.1 www.daily3xlinks.com
127.0.0.1 daily3xlinks.com
127.0.0.1 www.dailybestclips.com
127.0.0.1 dailybestclips.com
127.0.0.1 daily-gals.com
127.0.0.1 www.dailyhugemovs.com
127.0.0.1 dailyhugemovs.com
127.0.0.1 www.dailykeys.com
127.0.0.1 dailykeys.com
127.0.0.1 www.dailypornmag.com
127.0.0.1 dailypornmag.com
127.0.0.1 dailyteenspic.com
127.0.0.1 www.dailytoolbar.com
127.0.0.1 dailytoolbar.com
127.0.0.1 www.dailyxvids.com
127.0.0.1 dailyxvids.com
127.0.0.1 dancingbabycd.com
127.0.0.1 www.dapsol.com
127.0.0.1 dapsol.com
127.0.0.1 www.dapsolution.com
127.0.0.1 dapsolution.com
127.0.0.1 www.data-hoster.com
127.0.0.1 data-hoster.com
127.0.0.1 datanotary.com
127.0.0.1 datareco.com
127.0.0.1 www.dateanybabe.com
127.0.0.1 dateanybabe.com
127.0.0.1 www.dateanychick.com
127.0.0.1 dateanychick.com
127.0.0.1 datingdoctorsite.com
127.0.0.1 www.datingdoctorsite.com
127.0.0.1 dating-galaxy.info
127.0.0.1 www.dating-galaxy.info
127.0.0.1 dating-search.net
127.0.0.1 davemarshall.org
127.0.0.1 db105.com
127.0.0.1 www.dbdecicated.com
127.0.0.1 dbdecicated.com
127.0.0.1 www.dbxcompany.com
127.0.0.1 dbxcompany.com
127.0.0.1 dcdl.dmcast.com
127.0.0.1 dcfitusa.com
127.0.0.1 www.dcorriere.it
127.0.0.1 dcorriere.it
127.0.0.1 www.dcurtis.com
127.0.0.1 dcurtis.com
127.0.0.1 dcww.dmcast.com
127.0.0.1 de.ag
127.0.0.1 de.drivecleaner.com
127.0.0.1 de.errorsafe.com
127.0.0.1 de.winantivirus.com
127.0.0.1 de98.remsys.org
127.0.0.1 www.debay.it
127.0.0.1 debay.it
127.0.0.1 www.decknews.com
127.0.0.1 decknews.com
127.0.0.1 dedmazay.3322.org
127.0.0.1 www.dedsearch.com
127.0.0.1 dedsearch.com
127.0.0.1 defaultsearch.net
127.0.0.1 www.defensaantimalware.com
127.0.0.1 defensaantimalware.com
127.0.0.1 www.deja-rue.com
127.0.0.1 deja-rue.com
127.0.0.1 www.delficodec.com
127.0.0.1 delficodec.com
127.0.0.1 www.democodec.com
127.0.0.1 democodec.com
127.0.0.1 demo-codec.com
127.0.0.1 www.demo-codec.com
127.0.0.1 www.democodec.net
127.0.0.1 democodec.net
127.0.0.1 demo-codec.net
127.0.0.1 www.demo-codec.net
127.0.0.1 www.derklaif.biz
127.0.0.1 derklaif.biz
127.0.0.1 www.derrari.it
127.0.0.1 derrari.it
127.0.0.1 desarrollocreativo.com
127.0.0.1 www.deskbar.worldtostart.com
127.0.0.1 deskbar.worldtostart.com
127.0.0.1 www.deskwizz.com
127.0.0.1 deskwizz.com
127.0.0.1 www.destroy-spy.com
127.0.0.1 destroy-spy.com
127.0.0.1 www.destroy-spyware.net
127.0.0.1 destroy-spyware.net
127.0.0.1 www.destruktor.to.pl
127.0.0.1 destruktor.to.pl
127.0.0.1 www.detection-file101.com
127.0.0.1 detection-file101.com
127.0.0.1 www.detectivehound.com
127.0.0.1 detectivehound.com
127.0.0.1 www.detectivesearches.com
127.0.0.1 detectivesearches.com
127.0.0.1 dev.ntcor.com
127.0.0.1 develip.com
127.0.0.1 dewis.spb.ru
127.0.0.1 dewis.us
127.0.0.1 df809jow4wj2304lfd0sf9fsd0a2t4ldf809jow4wj2304lfd0sf9fsd0a2t4ld.biz
127.0.0.1 www.dgbusiness.com
127.0.0.1 dgbusiness.com
127.0.0.1 dialer2004.com
127.0.0.1 dialerclub.com
127.0.0.1 www.dialerclub.com
127.0.0.1 dialer-shop.com
127.0.0.1 www.dialer-shop.com
127.0.0.1 www.dialoff.com
127.0.0.1 dialoff.com
127.0.0.1 www.did.i-used.cc
127.0.0.1 did.i-used.cc
127.0.0.1 dietpills4free.com
127.0.0.1 dietpussy.com
127.0.0.1 www.digikeygen.com
127.0.0.1 digikeygen.com
127.0.0.1 digistreamsa.com
127.0.0.1 www.digitalcoders.net
127.0.0.1 digitalcoders.net
127.0.0.1 www.digitalfan.com
127.0.0.1 digitalfan.com
127.0.0.1 digital-pornography.com
127.0.0.1 dionforvalleycouncil.org
127.0.0.1 www.directdvdpro.com
127.0.0.1 directdvdpro.com
127.0.0.1 www.directnameservice.com
127.0.0.1 directnameservice.com
127.0.0.1 www.directporta.info
127.0.0.1 directporta.info
127.0.0.1 www.directsearchzone.com
127.0.0.1 directsearchzone.com
127.0.0.1 www.diskretter.com
127.0.0.1 diskretter.com
127.0.0.1 dist.checkin100.com
127.0.0.1 dl.ad-ware.cc
127.0.0.1 dl.malwarewipe.com
127.0.0.1 dl.mcboo.com
127.0.0.1 www.dl.targetsaver.com
127.0.0.1 dl.targetsaver.com
127.0.0.1 dl.web-nexus.net
127.0.0.1 dl1.antivermins.com
127.0.0.1 dl1.antivirgear.com
127.0.0.1 dl1.spydawn.com
127.0.0.1 dl1.virusprotectpro.com
127.0.0.1 dl10.spyfalcon.com
127.0.0.1 dl16.spyfalcon.com
127.0.0.1 dl2.spyfalcon.com
127.0.0.1 dl2.spyheal.com
127.0.0.1 dl2.spywarestrike.com
127.0.0.1 dl3.spyfalcon.com
127.0.0.1 dl3.spyheal.com
127.0.0.1 dl3.spywarestrike.com
127.0.0.1 dl4.spyfalcon.com
127.0.0.1 dl4.spywarestrike.com
127.0.0.1 dl5.spyfalcon.com
127.0.0.1 dl5.spywarestrike.com
127.0.0.1 dl6.spywarestrike.com
127.0.0.1 dl7.spywarestrike.com
127.0.0.1 dl8.spyheal.com
127.0.0.1 dl8.spywarestrike.com
127.0.0.1 dl9.spyfalcon.com
127.0.0.1 dload.contextplus.net
127.0.0.1 www.dltsolution.com
127.0.0.1 dltsolution.com
127.0.0.1 www.dmcast.com
127.0.0.1 dmcast.com
127.0.0.1 www.dmqfirm.com
127.0.0.1 dmqfirm.com
127.0.0.1 www.dnaads.com
127.0.0.1 dnaads.com
127.0.0.1 dnl.mabou.org
127.0.0.1 www.dnld.antivirusdwl.com
127.0.0.1 dnld.antivirusdwl.com
127.0.0.1 www.dns-look-up.com
127.0.0.1 dns-look-up.com
127.0.0.1 www.dns-problem.com
127.0.0.1 dns-problem.com
127.0.0.1 doctorwaldron.com
127.0.0.1 document-not-found.pornpic.org
127.0.0.1 doggyaction.com
127.0.0.1 www.dogproblemswebsite.com
127.0.0.1 dogproblemswebsite.com
127.0.0.1 doktorxxx.com
127.0.0.1 dollarrevenue.com
127.0.0.1 www.domaincar.com
127.0.0.1 domaincar.com
127.0.0.1 domains2003.net
127.0.0.1 domains-for-you-online.com
127.0.0.1 domain-your-registration.com
127.0.0.1 domkrat.com
127.0.0.1 www.doofo.com
127.0.0.1 doofo.com
127.0.0.1 www.dota11.cn
127.0.0.1 dota11.cn
127.0.0.1 www.dotcomtoolbar.com
127.0.0.1 dotcomtoolbar.com
127.0.0.1 down.136136.net
127.0.0.1 download.abetterinternet.com
127.0.0.1 download.adintelligence.net
127.0.0.1 www.download.antispywarebot.com
127.0.0.1 download.antispywarebot.com
127.0.0.1 www.download.bardownload.com
127.0.0.1 download.bardownload.com
127.0.0.1 www.download.bravesentry.com
127.0.0.1 download.bravesentry.com
127.0.0.1 download.cdn.drivecleaner.com
127.0.0.1 download.cdn.errorsafe.com
127.0.0.1 download.cdn.winsoftware.com
127.0.0.1 download.contextplus.net
127.0.0.1 download.errorsafe.com
127.0.0.1 www.download.jupitersatellites.biz
127.0.0.1 download.jupitersatellites.biz
127.0.0.1 download.malwarealarm.com
127.0.0.1 download.searchtabs.net
127.0.0.1 www.download.secureyournet.biz
127.0.0.1 download.secureyournet.biz
127.0.0.1 download.spyonthis.net
127.0.0.1 download.spy-shredder.com
127.0.0.1 download.spywares-removal.info
127.0.0.1 download.systemdoctor.com
127.0.0.1 download.winantispyware.com
127.0.0.1 download.winantivirus.com
127.0.0.1 download.windrivecleaner.com
127.0.0.1 download.winfixer.com
127.0.0.1 download10.spywarequake.com
127.0.0.1 download11.spywarequake.com
127.0.0.1 download12.spywarequake.com
127.0.0.1 download13.spywarequake.com
127.0.0.1 download15.spywarequake.com
127.0.0.1 download2.spywarequake.com
127.0.0.1 download-2007.com
127.0.0.1 www.download-2007.com
127.0.0.1 download3.spyaxe.com
127.0.0.1 download3.spywarequake.com
127.0.0.1 www.download3xpics.com
127.0.0.1 download3xpics.com
127.0.0.1 download4.spyaxe.com
127.0.0.1 download4.spywarequake.com
127.0.0.1 download5.spyaxe.com
127.0.0.1 download5.spywarequake.com
127.0.0.1 download6.spyaxe.com
127.0.0.1 download7.spywarequake.com
127.0.0.1 download8.spywarequake.com
127.0.0.1 download9.spywarequake.com
127.0.0.1 downloadacceleratorsite.com
127.0.0.1 www.downloadacceleratorsite.com
127.0.0.1 www.download-ad-aware.com
127.0.0.1 download-ad-aware.com
127.0.0.1 download-all-4-free.com
127.0.0.1 www.download-all-4-free.com
127.0.0.1 www.download-all-area.com
127.0.0.1 download-all-area.com
127.0.0.1 www.download-antivir.com
127.0.0.1 download-antivir.com
127.0.0.1 www.downloadanysong.com
127.0.0.1 downloadanysong.com
127.0.0.1 www.downloadaresnow.com
127.0.0.1 downloadaresnow.com
127.0.0.1 www.download-avast.com
127.0.0.1 download-avast.com
127.0.0.1 downloadcorporation.com
127.0.0.1 www.downloadcorporation.com
127.0.0.1 www.download-dvdshrink.com
127.0.0.1 download-dvdshrink.com
127.0.0.1 download-for-free.net
127.0.0.1 www.download-for-free.net
127.0.0.1 www.downloadfreesoft.com
127.0.0.1 dow
(ces deux rapports sont sur le même post.
RAPPORT AVANT CORRECTION
SmitFraudFix v2.357
Rapport fait à 9:15:41,48, 10/10/2008
Executé à partir de C:\Documents and Settings\Moi Mˆme\Bureau\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Le type du système de fichiers est NTFS
Fix executé en mode sans echec
»»»»»»»»»»»»»»»»»»»»»»»» Process
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\cmd.exe
»»»»»»»»»»»»»»»»»»»»»»»» hosts
Fichier hosts corrompu !
127.0.0.1 www.legal-at-spybot.info
127.0.0.1 legal-at-spybot.info
»»»»»»»»»»»»»»»»»»»»»»»» C:\
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32
»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Administrateur
»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Administrateur\Application Data
»»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer
»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\ADMINI~1\Favoris
»»»»»»»»»»»»»»»»»»»»»»»» Bureau
»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files
»»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues
»»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau
»»»»»»»»»»»»»»»»»»»»»»»» o4Patch
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
o4Patch
Credits: Malware Analysis & Diagnostic
Code: S!Ri
»»»»»»»»»»»»»»»»»»»»»»»» IEDFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
IEDFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri
»»»»»»»»»»»»»»»»»»»»»»»» VACFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
VACFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri
»»»»»»»»»»»»»»»»»»»»»»»» 404Fix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
404Fix
Credits: Malware Analysis & Diagnostic
Code: S!Ri
»»»»»»»»»»»»»»»»»»»»»»»» AntiXPVSTFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
AntiXPVSTFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri
»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll
»»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=""
»»»»»»»»»»»»»»»»»»»»»»»» Winlogon
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"Userinit"="C:\\WINDOWS\\system32\\userinit.exe,"
"System"=""
»»»»»»»»»»»»»»»»»»»»»»»» RK
»»»»»»»»»»»»»»»»»»»»»»»» DNS
HKLM\SYSTEM\CCS\Services\Tcpip\..\{59B8D619-0CD9-41D8-8364-6B2BAB9BF950}: NameServer=213.30.96.108,213.203.124.146
HKLM\SYSTEM\CS1\Services\Tcpip\..\{59B8D619-0CD9-41D8-8364-6B2BAB9BF950}: NameServer=213.30.96.108,213.203.124.146
HKLM\SYSTEM\CS3\Services\Tcpip\..\{59B8D619-0CD9-41D8-8364-6B2BAB9BF950}: NameServer=213.30.96.108,213.203.124.146
»»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll
»»»»»»»»»»»»»»»»»»»»»»»» Fin
RAPPORT APRES CORRECTION
SmitFraudFix v2.357
Rapport fait à 9:19:12,12, 10/10/2008
Executé à partir de C:\Documents and Settings\Moi Mˆme\Bureau\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Le type du système de fichiers est NTFS
Fix executé en mode sans echec
»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Avant SmitFraudFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll
»»»»»»»»»»»»»»»»»»»»»»»» Arret des processus
»»»»»»»»»»»»»»»»»»»»»»»» hosts
127.0.0.1 localhost
127.0.0.1 iw2.slysoft.com
127.0.0.1 h3.slysoft.com
127.0.0.1 slysoft.com
127.0.0.1 sb2slysoft.com
127.0.0.1 ns6.gandi.net
127.0.0.1 ev1slysoft.com
127.0.0.1 ev1.slysoft.com
127.0.0.1 iw2.slysoft.com
127.0.0.1 reverse.privatedns.com
127.0.0.1 iw2.slysoft.com
127.0.0.1 h3.slysoft.com
127.0.0.1 slysoft.com
127.0.0.1 sb2slysoft.com
127.0.0.1 ns6.gandi.net
127.0.0.1 ev1slysoft.com
127.0.0.1 ev1.slysoft.com
127.0.0.1 iw2.slysoft.com
127.0.0.1 reverse.privatedns.com
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
127.0.0.1 123topsearch.com
127.0.0.1 www.123topsearch.com
127.0.0.1 132.com
127.0.0.1 www.132.com
127.0.0.1 www.136136.net
127.0.0.1 136136.net
127.0.0.1 163ns.com
127.0.0.1 www.163ns.com
127.0.0.1 171203.com
127.0.0.1 17-plus.com
127.0.0.1 1800searchonline.com
127.0.0.1 www.1800searchonline.com
127.0.0.1 180searchassistant.com
127.0.0.1 www.180searchassistant.com
127.0.0.1 www.180solutions.com
127.0.0.1 180solutions.com
127.0.0.1 181.365soft.info
127.0.0.1 www.181.365soft.info
127.0.0.1 www.1987324.com
127.0.0.1 1987324.com
127.0.0.1 1clickpcfix.com
127.0.0.1 www.1clickpcfix.com
127.0.0.1 1-domains-registrations.com
127.0.0.1 www.1-domains-registrations.com
127.0.0.1 www.1sexparty.com
127.0.0.1 1sexparty.com
127.0.0.1 www.1stantivirus.com
127.0.0.1 1stantivirus.com
127.0.0.1 www.1stpagehere.com
127.0.0.1 1stpagehere.com
127.0.0.1 www.1stsearchportal.com
127.0.0.1 1stsearchportal.com
127.0.0.1 2.82211.net
127.0.0.1 www.2006ooo.com
127.0.0.1 2006ooo.com
127.0.0.1 www.2007-download.com
127.0.0.1 2007-download.com
127.0.0.1 www.2008-search-destroy.com
127.0.0.1 2008-search-destroy.com
127.0.0.1 www.2020search.com
127.0.0.1 2020search.com
127.0.0.1 20x2p.com
127.0.0.1 24.365soft.info
127.0.0.1 www.24.365soft.info
127.0.0.1 www.24-7pharmacy.info
127.0.0.1 24-7pharmacy.info
127.0.0.1 24-7searching-and-more.com
127.0.0.1 www.24-7searching-and-more.com
127.0.0.1 www.24teen.com
127.0.0.1 24teen.com
127.0.0.1 2ndpower.com
127.0.0.1 www.2search.com
127.0.0.1 2search.com
127.0.0.1 www.2search.org
127.0.0.1 2search.org
127.0.0.1 www.2squared.com
127.0.0.1 2squared.com
127.0.0.1 www.3322.org
127.0.0.1 3322.org
127.0.0.1 365soft.info
127.0.0.1 www.36site.com
127.0.0.1 36site.com
127.0.0.1 3721.com
127.0.0.1 39-93.com
127.0.0.1 www.3bay.it
127.0.0.1 3bay.it
127.0.0.1 www.3xclipsonline.com
127.0.0.1 3xclipsonline.com
127.0.0.1 www.3xcurves.com
127.0.0.1 3xcurves.com
127.0.0.1 www.3xfestival.com
127.0.0.1 3xfestival.com
127.0.0.1 3x-festival.com
127.0.0.1 www.3x-festival.com
127.0.0.1 3x-galls.com
127.0.0.1 www.3x-galls.com
127.0.0.1 www.3xmiracle.com
127.0.0.1 3xmiracle.com
127.0.0.1 www.3xmoviesblog.com
127.0.0.1 3xmoviesblog.com
127.0.0.1 www.404dns.com
127.0.0.1 404dns.com
127.0.0.1 www.4199.com
127.0.0.1 4199.com
127.0.0.1 www.4corn.net
127.0.0.1 4corn.net
127.0.0.1 www.4ebay.it
127.0.0.1 4ebay.it
127.0.0.1 4klm.com
127.0.0.1 www.4mpg.com
127.0.0.1 4mpg.com
127.0.0.1 www.59cn.cn
127.0.0.1 59cn.cn
127.0.0.1 www.5starsblog.com
127.0.0.1 5starsblog.com
127.0.0.1 www.5zgmu7o20kt5d8yq.com
127.0.0.1 5zgmu7o20kt5d8yq.com
127.0.0.1 www.680180.net
127.0.0.1 680180.net
127.0.0.1 www.6sek.com
127.0.0.1 6sek.com
127.0.0.1 www.70-music.com
127.0.0.1 70-music.com
127.0.0.1 www.7322.com
127.0.0.1 7322.com
127.0.0.1 www.745970.com
127.0.0.1 745970.com
127.0.0.1 75tz.com
127.0.0.1 www.777search.com
127.0.0.1 777search.com
127.0.0.1 www.777top.com
127.0.0.1 777top.com
127.0.0.1 www.7939.com
127.0.0.1 7939.com
127.0.0.1 www.7search.com
127.0.0.1 7search.com
127.0.0.1 80gw6ry3i3x3qbrkwhxhw.032439.com
127.0.0.1 www.80-music.com
127.0.0.1 80-music.com
127.0.0.1 82211.net
127.0.0.1 8866.org
127.0.0.1 www.88vcd.com
127.0.0.1 88vcd.com
127.0.0.1 www.8ad.com
127.0.0.1 8ad.com
127.0.0.1 www.90-music.com
127.0.0.1 90-music.com
127.0.0.1 www.9505.com
127.0.0.1 9505.com
127.0.0.1 www.971searchbox.com
127.0.0.1 971searchbox.com
127.0.0.1 9mmporn.com
127.0.0.1 a.bestmanage.org
127.0.0.1 www.aaabesthomepage.com
127.0.0.1 aaabesthomepage.com
127.0.0.1 aaasexypics.com
127.0.0.1 www.aaawebfinder.com
127.0.0.1 aaawebfinder.com
127.0.0.1 aaqadarsztriv.com
127.0.0.1 www.aaqadarsztriv.com
127.0.0.1 www.aaqada-rsztriv.com
127.0.0.1 aaqada-rsztriv.com
127.0.0.1 www.aaqadaueorn.com
127.0.0.1 aaqadaueorn.com
127.0.0.1 www.aaqada-ueorn.com
127.0.0.1 aaqada-ueorn.com
127.0.0.1 aaqada-ygco.com
127.0.0.1 www.aaqada-ygco.com
127.0.0.1 aaqada-ymct.com
127.0.0.1 www.aaqada-ymct.com
127.0.0.1 aav2008.com
127.0.0.1 www.aav2008.com
127.0.0.1 aavc.com
127.0.0.1 www.abccodec.com
127.0.0.1 abccodec.com
127.0.0.1 www.abcdperformance.com
127.0.0.1 abcdperformance.com
127.0.0.1 abc-find.info
127.0.0.1 www.abc-find.info
127.0.0.1 abcsearch.com
127.0.0.1 www.abcsearch.com
127.0.0.1 www.abcways.com
127.0.0.1 abcways.com
127.0.0.1 abetterinternet.com
127.0.0.1 www.abetterinternet.com
127.0.0.1 www.abnetsoft.info
127.0.0.1 abnetsoft.info
127.0.0.1 about-adult.net
127.0.0.1 www.about-adult.net
127.0.0.1 aboutclicker.com
127.0.0.1 www.aboutclicker.com
127.0.0.1 abrp.net
127.0.0.1 www.abrp.net
127.0.0.1 absolutee.com
127.0.0.1 www.absolutee.com
127.0.0.1 www.abyssmedia.com
127.0.0.1 abyssmedia.com
127.0.0.1 ac66.cn
127.0.0.1 www.ac66.cn
127.0.0.1 access.navinetwork.com
127.0.0.1 access.rapid-pass.net
127.0.0.1 accessactivexvideo.com
127.0.0.1 www.accessactivexvideo.com
127.0.0.1 www.accessclips.com
127.0.0.1 accessclips.com
127.0.0.1 access-dvd.com
127.0.0.1 www.access-dvd.com
127.0.0.1 accesskeygenerator.com
127.0.0.1 www.accesskeygenerator.com
127.0.0.1 accessthefuture.net
127.0.0.1 www.accessthefuture.net
127.0.0.1 accessvid.net
127.0.0.1 www.accessvid.net
127.0.0.1 acemedic.com
127.0.0.1 www.acemedic.com
127.0.0.1 www.ace-webmaster.com
127.0.0.1 ace-webmaster.com
127.0.0.1 acjp.com
127.0.0.1 acrobat-2007.com
127.0.0.1 www.acrobat-2007.com
127.0.0.1 www.acrobat-8.com
127.0.0.1 acrobat-8.com
127.0.0.1 acrobat-center.com
127.0.0.1 www.acrobat-center.com
127.0.0.1 acrobat-hq.com
127.0.0.1 www.acrobat-hq.com
127.0.0.1 acrobatreader-8.com
127.0.0.1 www.acrobatreader-8.com
127.0.0.1 www.acrobat-reader-8.de
127.0.0.1 acrobat-reader-8.de
127.0.0.1 www.acrobat-stop.com
127.0.0.1 acrobat-stop.com
127.0.0.1 actionbreastcancer.org
127.0.0.1 www.actionbreastcancer.org
127.0.0.1 www.activesearcher.info
127.0.0.1 activesearcher.info
127.0.0.1 activexaccessobject.com
127.0.0.1 www.activexaccessobject.com
127.0.0.1 www.activexaccessvideo.com
127.0.0.1 activexaccessvideo.com
127.0.0.1 activexemedia.com
127.0.0.1 www.activexemedia.com
127.0.0.1 activexmediaobject.com
127.0.0.1 www.activexmediaobject.com
127.0.0.1 www.activexmediapro.com
127.0.0.1 activexmediapro.com
127.0.0.1 activexmediasite.com
127.0.0.1 www.activexmediasite.com
127.0.0.1 activexmediasoftware.com
127.0.0.1 www.activexmediasoftware.com
127.0.0.1 activexmediasource.com
127.0.0.1 www.activexmediasource.com
127.0.0.1 activexmediatool.com
127.0.0.1 www.activexmediatool.com
127.0.0.1 www.activexmediatour.com
127.0.0.1 activexmediatour.com
127.0.0.1 activexsoftwares.com
127.0.0.1 www.activexsoftwares.com
127.0.0.1 activexsource.com
127.0.0.1 www.activexsource.com
127.0.0.1 activexupdate.com
127.0.0.1 www.activexupdate.com
127.0.0.1 activexvideo.com
127.0.0.1 www.activexvideo.com
127.0.0.1 www.activexvideotool.com
127.0.0.1 activexvideotool.com
127.0.0.1 ad.marketingsector.com
127.0.0.1 www.ad.marketingsector.com
127.0.0.1 www.ad.mokead.com
127.0.0.1 ad.mokead.com
127.0.0.1 ad.oinadserver.com
127.0.0.1 ad.outerinfoads.com
127.0.0.1 www.ad25.com
127.0.0.1 ad25.com
127.0.0.1 ad45.com
127.0.0.1 www.ad45.com
127.0.0.1 www.ad77.com
127.0.0.1 ad77.com
127.0.0.1 www.ad86.com
127.0.0.1 ad86.com
127.0.0.1 adamsupportgroup.org
127.0.0.1 www.adamsupportgroup.org
127.0.0.1 www.adarmor.com
127.0.0.1 adarmor.com
127.0.0.1 adasearch.com
127.0.0.1 www.adasearch.com
127.0.0.1 adaware.cc
127.0.0.1 www.adawarenow.com
127.0.0.1 adawarenow.com
127.0.0.1 adchannel.contextplus.net
127.0.0.1 www.addetect.com
127.0.0.1 addetect.com
127.0.0.1 www.add-hhh.info
127.0.0.1 add-hhh.info
127.0.0.1 addictivetechnologies.com
127.0.0.1 www.addictivetechnologies.com
127.0.0.1 www.addictivetechnologies.net
127.0.0.1 addictivetechnologies.net
127.0.0.1 www.addioerrori.com
127.0.0.1 addioerrori.com
127.0.0.1 www.add-manager.com
127.0.0.1 add-manager.com
127.0.0.1 www.adgate.info
127.0.0.1 adgate.info
127.0.0.1 www.adintelligence.net
127.0.0.1 adintelligence.net
127.0.0.1 www.adioserrores.com
127.0.0.1 adioserrores.com
127.0.0.1 www.adipics.com
127.0.0.1 adipics.com
127.0.0.1 www.adlogix.com
127.0.0.1 adlogix.com
127.0.0.1 admin2cash.biz
127.0.0.1 www.admin2cash.biz
127.0.0.1 adnet-plus.com
127.0.0.1 www.adnetserver.com
127.0.0.1 adnetserver.com
127.0.0.1 adobe-download-now.com
127.0.0.1 www.adobe-downloads.com
127.0.0.1 adobe-downloads.com
127.0.0.1 www.adobe-reader-8.fr
127.0.0.1 adobe-reader-8.fr
127.0.0.1 www.adprotect.com
127.0.0.1 adprotect.com
127.0.0.1 ads.centralmedia.ws
127.0.0.1 ads.k8l.info
127.0.0.1 ads.kmpads.com
127.0.0.1 ads.kw.revenue.net
127.0.0.1 ads.marketingsector.com
127.0.0.1 ads.searchingbooth.com
127.0.0.1 ads.z-quest.com
127.0.0.1 ads1.revenue.net
127.0.0.1 www.ads183.com
127.0.0.1 ads183.com
127.0.0.1 adscontex.com
127.0.0.1 www.adscontex.com
127.0.0.1 adservices1.enhance.com
127.0.0.1 www.adservices1.enhance.com
127.0.0.1 adservs.com
127.0.0.1 adsextend.net
127.0.0.1 www.adsextend.net
127.0.0.1 adshttp.com
127.0.0.1 www.adshttp.com
127.0.0.1 www.adsniffer.com
127.0.0.1 adsniffer.com
127.0.0.1 adsonwww.com
127.0.0.1 www.adsonwww.com
127.0.0.1 www.adspics.com
127.0.0.1 adspics.com
127.0.0.1 www.adsrevenue.net
127.0.0.1 adsrevenue.net
127.0.0.1 www.adtrak.net
127.0.0.1 adtrak.net
127.0.0.1 adtrgt.com
127.0.0.1 www.adult18codec.com
127.0.0.1 adult18codec.com
127.0.0.1 adult777search.info
127.0.0.1 www.adult777search.info
127.0.0.1 www.adultadworld.com
127.0.0.1 adultadworld.com
127.0.0.1 www.adultan.com
127.0.0.1 adultan.com
127.0.0.1 adultcodec-2008.com
127.0.0.1 www.adultcodec-2008.com
127.0.0.1 www.adultcodecstars.com
127.0.0.1 adultcodecstars.com
127.0.0.1 adult-engine-search.com
127.0.0.1 www.adult-engine-search.com
127.0.0.1 www.adult-erotic-guide.net
127.0.0.1 adult-erotic-guide.net
127.0.0.1 adultfilmsite.com
127.0.0.1 www.adultfilmsite.com
127.0.0.1 adult-friends-finder.net
127.0.0.1 www.adult-friends-finder.net
127.0.0.1 adultgambling.org
127.0.0.1 adult-host.org
127.0.0.1 www.adulthyperlinks.com
127.0.0.1 adulthyperlinks.com
127.0.0.1 www.adultmovieplus.com
127.0.0.1 adultmovieplus.com
127.0.0.1 www.adult-mpg.net
127.0.0.1 adult-mpg.net
127.0.0.1 adult-personal.us
127.0.0.1 adultsgames.net
127.0.0.1 adultsonlyvids.com
127.0.0.1 www.adultsonlyvids.com
127.0.0.1 www.adultsper.com
127.0.0.1 adultsper.com
127.0.0.1 adulttds.com
127.0.0.1 www.adulttds.com
127.0.0.1 www.adultzoneworld.com
127.0.0.1 adultzoneworld.com
127.0.0.1 www.advancedcleaner.com
127.0.0.1 advancedcleaner.com
127.0.0.1 www.advancedpccleaner.com
127.0.0.1 advancedpccleaner.com
127.0.0.1 www.advancedxpfixer.com
127.0.0.1 advancedxpfixer.com
127.0.0.1 advcash.biz
127.0.0.1 www.advcash.biz
127.0.0.1 advert.exaccess.ru
127.0.0.1 www.advertisemoney.info
127.0.0.1 advertisemoney.info
127.0.0.1 advertising.paltalk.com
127.0.0.1 advertising-money.info
127.0.0.1 www.advertising-money.info
127.0.0.1 www.advert-network.com
127.0.0.1 advert-network.com
127.0.0.1 ad-ware.cc
127.0.0.1 ad-w-a-r-e.com
127.0.0.1 www.ad-w-a-r-e.com
127.0.0.1 a-d-w-a-r-e.com
127.0.0.1 www.a-d-w-a-r-e.com
127.0.0.1 www.adware.pro
127.0.0.1 adware.pro
127.0.0.1 www.adwarealert.com
127.0.0.1 adwarealert.com
127.0.0.1 www.ad-warealert.com
127.0.0.1 ad-warealert.com
127.0.0.1 adwarearrest.com
127.0.0.1 www.adwarearrest.com
127.0.0.1 adwarebazooka.com
127.0.0.1 www.adwarebazooka.com
127.0.0.1 adwarebot.com
127.0.0.1 www.adwarebot.com
127.0.0.1 www.adwarecommander.com
127.0.0.1 adwarecommander.com
127.0.0.1 adware-download.com
127.0.0.1 www.adware-download.com
127.0.0.1 www.adwarefinder.com
127.0.0.1 adwarefinder.com
127.0.0.1 www.adwaregold.com
127.0.0.1 adwaregold.com
127.0.0.1 www.adwarepatrol.com
127.0.0.1 adwarepatrol.com
127.0.0.1 www.adwareplatinum.com
127.0.0.1 adwareplatinum.com
127.0.0.1 www.adwarepro.org
127.0.0.1 adwarepro.org
127.0.0.1 www.adwareprotectionsite.com
127.0.0.1 adwareprotectionsite.com
127.0.0.1 www.adwarepunisher.com
127.0.0.1 adwarepunisher.com
127.0.0.1 www.adwareremover.ws
127.0.0.1 adwareremover.ws
127.0.0.1 www.adwaresafety.com
127.0.0.1 adwaresafety.com
127.0.0.1 www.adwarexp.com
127.0.0.1 adwarexp.com
127.0.0.1 www.adwareye.com
127.0.0.1 adwareye.com
127.0.0.1 affiliate.idownload.com
127.0.0.1 www.aflgate.com
127.0.0.1 aflgate.com
127.0.0.1 africaspromise.org
127.0.0.1 agava.com
127.0.0.1 agava.ru
127.0.0.1 agentstudio.com
127.0.0.1 www.ageofconans.net
127.0.0.1 ageofconans.net
127.0.0.1 www.aginegialle.it
127.0.0.1 aginegialle.it
127.0.0.1 www.ahnenforschung.de
127.0.0.1 ahnenforschung.de
127.0.0.1 www.aifind.info
127.0.0.1 aifind.info
127.0.0.1 www.airtleworld.com
127.0.0.1 airtleworld.com
127.0.0.1 www.aitalia.it
127.0.0.1 aitalia.it
127.0.0.1 akamai.downloadv3.com
127.0.0.1 www.aklitalia.it
127.0.0.1 aklitalia.it
127.0.0.1 akril.com
127.0.0.1 alcatel.ws
127.0.0.1 www.alertspy.com
127.0.0.1 alertspy.com
127.0.0.1 www.alfacleaner.com
127.0.0.1 alfacleaner.com
127.0.0.1 alfa-search.com
127.0.0.1 www.alialia.it
127.0.0.1 alialia.it
127.0.0.1 www.aliotalia.it
127.0.0.1 aliotalia.it
127.0.0.1 www.alirtalia.it
127.0.0.1 alirtalia.it
127.0.0.1 www.alitaia.it
127.0.0.1 alitaia.it
127.0.0.1 www.alitaklia.it
127.0.0.1 alitaklia.it
127.0.0.1 www.alitala.it
127.0.0.1 alitala.it
127.0.0.1 www.alitali.it
127.0.0.1 alitali.it
127.0.0.1 www.alitaliaq.it
127.0.0.1 alitaliaq.it
127.0.0.1 www.alitalias.it
127.0.0.1 alitalias.it
127.0.0.1 www.alitaliaz.it
127.0.0.1 alitaliaz.it
127.0.0.1 www.alitalioa.it
127.0.0.1 alitalioa.it
127.0.0.1 www.alitalisa.it
127.0.0.1 alitalisa.it
127.0.0.1 www.alitaliua.it
127.0.0.1 alitaliua.it
127.0.0.1 www.alitalkia.it
127.0.0.1 alitalkia.it
127.0.0.1 www.alitaloia.it
127.0.0.1 alitaloia.it
127.0.0.1 www.alitaluia.it
127.0.0.1 alitaluia.it
127.0.0.1 www.alitaslia.it
127.0.0.1 alitaslia.it
127.0.0.1 www.alitlia.it
127.0.0.1 alitlia.it
127.0.0.1 www.alitralia.it
127.0.0.1 alitralia.it
127.0.0.1 www.alitsalia.it
127.0.0.1 alitsalia.it
127.0.0.1 www.aliutalia.it
127.0.0.1 aliutalia.it
127.0.0.1 all1count.net
127.0.0.1 www.all1count.net
127.0.0.1 all4internet.com
127.0.0.1 www.all4internet.com
127.0.0.1 allabtcars.com
127.0.0.1 allabtjeeps.com
127.0.0.1 all-bittorrent.com
127.0.0.1 www.all-bittorrent.com
127.0.0.1 www.allcollisions.com
127.0.0.1 allcollisions.com
127.0.0.1 www.allcybersearch.com
127.0.0.1 allcybersearch.com
127.0.0.1 www.alldiskscheck300.com
127.0.0.1 alldiskscheck300.com
127.0.0.1 alldnserrors.com
127.0.0.1 www.alldnserrors.com
127.0.0.1 www.all-downloads-now.com
127.0.0.1 all-downloads-now.com
127.0.0.1 all-edonkey.com
127.0.0.1 www.all-edonkey.com
127.0.0.1 www.allertaminacce.com
127.0.0.1 allertaminacce.com
127.0.0.1 allforadult.com
127.0.0.1 allhyperlinks.com
127.0.0.1 alliesecurity.com
127.0.0.1 www.alliesecurity.com
127.0.0.1 all-inet.com
127.0.0.1 allinternetbusiness.com
127.0.0.1 www.all-limewire.com
127.0.0.1 all-limewire.com
127.0.0.1 www.allmegabucks.com
127.0.0.1 allmegabucks.com
127.0.0.1 www.allprotections.com
127.0.0.1 allprotections.com
127.0.0.1 www.allresultz.net
127.0.0.1 allresultz.net
127.0.0.1 www.allsearch.us
127.0.0.1 allsearch.us
127.0.0.1 www.allsecuritynotes.com
127.0.0.1 allsecuritynotes.com
127.0.0.1 www.allsecuritysite.com
127.0.0.1 allsecuritysite.com
127.0.0.1 www.allstarsvideos.net
127.0.0.1 allstarsvideos.net
127.0.0.1 www.alltiettantivirus.com
127.0.0.1 alltiettantivirus.com
127.0.0.1 www.alltruesoftware.com
127.0.0.1 alltruesoftware.com
127.0.0.1 www.allvideoactivex.com
127.0.0.1 allvideoactivex.com
127.0.0.1 www.almanah.biz
127.0.0.1 almanah.biz
127.0.0.1 almarvideos.com
127.0.0.1 www.aloitalia.it
127.0.0.1 aloitalia.it
127.0.0.1 www.aluitalia.it
127.0.0.1 aluitalia.it
127.0.0.1 www.amaena.com
127.0.0.1 amaena.com
127.0.0.1 amandamountains.com
127.0.0.1 www.amateurliveshow.com
127.0.0.1 amateurliveshow.com
127.0.0.1 www.amediasoftware.com
127.0.0.1 amediasoftware.com
127.0.0.1 www.amediasource.com
127.0.0.1 amediasource.com
127.0.0.1 americanautobargains.com
127.0.0.1 www.americanautobargains.com
127.0.0.1 americancarbargains.com
127.0.0.1 www.americancarbargains.com
127.0.0.1 american-teens.net
127.0.0.1 amigeek.com
127.0.0.1 www.amigobore.com
127.0.0.1 amigobore.com
127.0.0.1 amisbusiness.com
127.0.0.1 www.ampmsearch.com
127.0.0.1 ampmsearch.com
127.0.0.1 www.analcord.com
127.0.0.1 analcord.com
127.0.0.1 analmovi.com
127.0.0.1 www.anarchylolita.com
127.0.0.1 anarchylolita.com
127.0.0.1 anarchyporn.com
127.0.0.1 www.andromedical.com
127.0.0.1 andromedical.com
127.0.0.1 www.animepornmag.com
127.0.0.1 animepornmag.com
127.0.0.1 anin.org
127.0.0.1 www.anjpn-avxiz.biz
127.0.0.1 anjpn-avxiz.biz
127.0.0.1 anjpnzqav.biz
127.0.0.1 www.anjpnzqav.biz
127.0.0.1 anjpn-zqav.biz
127.0.0.1 www.anjpn-zqav.biz
127.0.0.1 annaromeo.com
127.0.0.1 www.antiddos.us
127.0.0.1 antiddos.us
127.0.0.1 www.antiespiadorado.com
127.0.0.1 antiespiadorado.com
127.0.0.1 www.antiespionspack.com
127.0.0.1 antiespionspack.com
127.0.0.1 www.antigusanos2008.com
127.0.0.1 antigusanos2008.com
127.0.0.1 antispamassistant.com
127.0.0.1 www.antispamassistant.com
127.0.0.1 antispamdeluxe.com
127.0.0.1 www.antispamdeluxe.com
127.0.0.1 www.antispionage.com
127.0.0.1 antispionage.com
127.0.0.1 www.antispionagepro.com
127.0.0.1 antispionagepro.com
127.0.0.1 www.antispyadvanced.com
127.0.0.1 antispyadvanced.com
127.0.0.1 antispycheck.com
127.0.0.1 www.antispycheck.com
127.0.0.1 www.antispydns.biz
127.0.0.1 antispydns.biz
127.0.0.1 www.antispykit.com
127.0.0.1 antispykit.com
127.0.0.1 www.antispylab.com
127.0.0.1 antispylab.com
127.0.0.1 antispyshield.com
127.0.0.1 www.antispyshield.com
127.0.0.1 www.antispysolutions.com
127.0.0.1 antispysolutions.com
127.0.0.1 antispyware.com
127.0.0.1 www.antispyware.com
127.0.0.1 www.antispyware-2008.info
127.0.0.1 antispyware-2008.info
127.0.0.1 antispyware2008.name
127.0.0.1 www.antispyware2008.name
127.0.0.1 antispyware-2008.name
127.0.0.1 www.antispyware-2008.name
127.0.0.1 antispyware2008.org
127.0.0.1 www.antispyware2008.org
127.0.0.1 www.antispyware-2008.org
127.0.0.1 antispyware-2008.org
127.0.0.1 www.antispyware2008-download.com
127.0.0.1 antispyware2008-download.com
127.0.0.1 www.antispyware-2008-download.com
127.0.0.1 antispyware-2008-download.com
127.0.0.1 antispyware2008-download.name
127.0.0.1 www.antispyware2008-download.name
127.0.0.1 antispyware2008-download.org
127.0.0.1 www.antispyware2008-download.org
127.0.0.1 www.antispyware-2008-download.org
127.0.0.1 antispyware-2008-download.org
127.0.0.1 www.antispywareboot.com
127.0.0.1 antispywareboot.com
127.0.0.1 www.antispywarebot.com
127.0.0.1 antispywarebot.com
127.0.0.1 www.antispywarebox.com
127.0.0.1 antispywarebox.com
127.0.0.1 antispywaredownloads.com
127.0.0.1 www.antispywaredownloads.com
127.0.0.1 www.antispywareexpert.com
127.0.0.1 antispywareexpert.com
127.0.0.1 www.antispywaremaster.com
127.0.0.1 antispywaremaster.com
127.0.0.1 www.antispyware-review.info
127.0.0.1 antispyware-review.info
127.0.0.1 www.antispywaresales.com
127.0.0.1 antispywaresales.com
127.0.0.1 antispywaresuite.com
127.0.0.1 www.antispywaresuite.com
127.0.0.1 antispywareupdates.net
127.0.0.1 www.antispywareupdates.net
127.0.0.1 antispywarexp.com
127.0.0.1 www.antispywarexp.com
127.0.0.1 antispyweb.net
127.0.0.1 www.antispyweb.net
127.0.0.1 antiver2008.com
127.0.0.1 www.antiver2008.com
127.0.0.1 antivermins.com
127.0.0.1 www.antivermins.com
127.0.0.1 anti-vermins.com
127.0.0.1 www.anti-vermins.com
127.0.0.1 www.antivir2007.com
127.0.0.1 antivir2007.com
127.0.0.1 antivirgear.com
127.0.0.1 www.antivirgear.com
127.0.0.1 www.antivirprotect.com
127.0.0.1 antivirprotect.com
127.0.0.1 www.antivirus.fastfreedownload.com
127.0.0.1 antivirus.fastfreedownload.com
127.0.0.1 antivirus2008pro.com
127.0.0.1 www.antivirus2008pro.com
127.0.0.1 www.antivirus-2008pro.com
127.0.0.1 antivirus-2008pro.com
127.0.0.1 www.antivirus-2008-pro.com
127.0.0.1 antivirus-2008-pro.com
127.0.0.1 antivirus2008pro.info
127.0.0.1 www.antivirus2008pro.info
127.0.0.1 antivirus-2008pro.info
127.0.0.1 www.antivirus-2008pro.info
127.0.0.1 antivirus-2008-pro.info
127.0.0.1 www.antivirus-2008-pro.info
127.0.0.1 antivirus2008pro.net
127.0.0.1 www.antivirus2008pro.net
127.0.0.1 antivirus-2008pro.net
127.0.0.1 www.antivirus-2008pro.net
127.0.0.1 antivirus-2008-pro.net
127.0.0.1 www.antivirus-2008-pro.net
127.0.0.1 www.antivirus2008pro.org
127.0.0.1 antivirus2008pro.org
127.0.0.1 www.antivirus-2008pro.org
127.0.0.1 antivirus-2008pro.org
127.0.0.1 www.antivirus-2008-pro.org
127.0.0.1 antivirus-2008-pro.org
127.0.0.1 www.antivirus2008scanner.com
127.0.0.1 antivirus2008scanner.com
127.0.0.1 antivirus2008x.com
127.0.0.1 www.antivirus2008x.com
127.0.0.1 antivirus-2009.com
127.0.0.1 www.antivirus-2009.com
127.0.0.1 www.antivirus2009-freescan.com
127.0.0.1 antivirus2009-freescan.com
127.0.0.1 www.antivirus-2009pro.com
127.0.0.1 antivirus-2009pro.com
127.0.0.1 www.antivirus2009professional.com
127.0.0.1 antivirus2009professional.com
127.0.0.1 antivirusadvance.com
127.0.0.1 www.antivirusadvance.com
127.0.0.1 www.antivirusaskeladd.com
127.0.0.1 antivirusaskeladd.com
127.0.0.1 www.antivirus-database.com
127.0.0.1 antivirus-database.com
127.0.0.1 www.antivirusgereedschap.com
127.0.0.1 antivirusgereedschap.com
127.0.0.1 antivirusgolden.com
127.0.0.1 www.antivirusgolden.com
127.0.0.1 antivirus-hq.net
127.0.0.1 www.antivirus-hq.net
127.0.0.1 www.antiviruspcsuite.com
127.0.0.1 antiviruspcsuite.com
127.0.0.1 www.antiviruspremium.com
127.0.0.1 antiviruspremium.com
127.0.0.1 www.anti-virus-pro.com
127.0.0.1 anti-virus-pro.com
127.0.0.1 antivirusprotector.com
127.0.0.1 www.antivirusprotector.com
127.0.0.1 www.antivirus-scanner.com
127.0.0.1 antivirus-scanner.com
127.0.0.1 antivirusscherm.com
127.0.0.1 www.antivirusscherm.com
127.0.0.1 antivirussecuritypro.com
127.0.0.1 www.antivirussecuritypro.com
127.0.0.1 antivirus-server.com
127.0.0.1 www.antivirus-server.com
127.0.0.1 antivirus-stop.com
127.0.0.1 www.antivirus-stop.com
127.0.0.1 www.antivirussuite.com
127.0.0.1 antivirussuite.com
127.0.0.1 www.antiworm2008.com
127.0.0.1 antiworm2008.com
127.0.0.1 www.antiwurm2008.com
127.0.0.1 antiwurm2008.com
127.0.0.1 antrocity.com
127.0.0.1 www.anyofus.com
127.0.0.1 anyofus.com
127.0.0.1 www.anysafereviews.com
127.0.0.1 anysafereviews.com
127.0.0.1 www.anysn.seproger.com
127.0.0.1 anysn.seproger.com
127.0.0.1 anything4health.com
127.0.0.1 www.apicpreview.com
127.0.0.1 apicpreview.com
127.0.0.1 www.appealcircuit.com
127.0.0.1 appealcircuit.com
127.0.0.1 www.approvedlinks.com
127.0.0.1 approvedlinks.com
127.0.0.1 apps.deskwizz.com
127.0.0.1 apps.webservicehost.com
127.0.0.1 www.aprotectedpage.com
127.0.0.1 aprotectedpage.com
127.0.0.1 apsua.com
127.0.0.1 www.archivioadulti.com
127.0.0.1 archivioadulti.com
127.0.0.1 www.archiviosex.net
127.0.0.1 archiviosex.net
127.0.0.1 aregay.com
127.0.0.1 ares.click-new-download.com
127.0.0.1 www.ares.click-new-download.com
127.0.0.1 www.ares-freebie.com
127.0.0.1 ares-freebie.com
127.0.0.1 www.arespro2007.com
127.0.0.1 arespro2007.com
127.0.0.1 aresultra.com
127.0.0.1 www.aresultra.com
127.0.0.1 www.ares-usa.com
127.0.0.1 ares-usa.com
127.0.0.1 arheo.com
127.0.0.1 arizonaweb.org
127.0.0.1 armitageinn.com
127.0.0.1 www.arquivojpgs.smtp.ru
127.0.0.1 arquivojpgs.smtp.ru
127.0.0.1 artachnid.com
127.0.0.1 art-func.com
127.0.0.1 art-xxx.com
127.0.0.1 www.asafebrowser.com
127.0.0.1 asafebrowser.com
127.0.0.1 www.asafetyalways.com
127.0.0.1 asafetyalways.com
127.0.0.1 www.asafetynote.com
127.0.0.1 asafetynote.com
127.0.0.1 www.asafetynotice.com
127.0.0.1 asafetynotice.com
127.0.0.1 www.asafetypage.com
127.0.0.1 asafetypage.com
127.0.0.1 www.asdbiz.biz
127.0.0.1 asdbiz.biz
127.0.0.1 www.asdeykuddq.com
127.0.0.1 asdeykuddq.com
127.0.0.1 www.asecurebar.com
127.0.0.1 asecurebar.com
127.0.0.1 www.asecureboard.com
127.0.0.1 asecureboard.com
127.0.0.1 www.asecurevalue.com
127.0.0.1 asecurevalue.com
127.0.0.1 www.asecurityissue.com
127.0.0.1 asecurityissue.com
127.0.0.1 www.asecuritynotice.com
127.0.0.1 asecuritynotice.com
127.0.0.1 www.asecuritypaper.com
127.0.0.1 asecuritypaper.com
127.0.0.1 www.asecuritystuff.com
127.0.0.1 asecuritystuff.com
127.0.0.1 www.asfadaptation.com
127.0.0.1 asfadaptation.com
127.0.0.1 asiankingkong.com
127.0.0.1 www.asianpornmag.com
127.0.0.1 asianpornmag.com
127.0.0.1 www.asiantoolbar.com
127.0.0.1 asiantoolbar.com
127.0.0.1 www.asidseiupc.com
127.0.0.1 asidseiupc.com
127.0.0.1 www.aslitalia.it
127.0.0.1 aslitalia.it
127.0.0.1 ass-gals.com
127.0.0.1 www.assureprotection.com
127.0.0.1 assureprotection.com
127.0.0.1 asta-killer.com
127.0.0.1 www.astrologie-server.com
127.0.0.1 astrologie-server.com
127.0.0.1 www.asupereva.it
127.0.0.1 asupereva.it
127.0.0.1 www.ataprogram.com
127.0.0.1 ataprogram.com
127.0.0.1 athenrye.com
127.0.0.1 www.atotalsafety.com
127.0.0.1 atotalsafety.com
127.0.0.1 www.atrueprotection.com
127.0.0.1 atrueprotection.com
127.0.0.1 www.atruesecurity.com
127.0.0.1 atruesecurity.com
127.0.0.1 www.attackware.com
127.0.0.1 attackware.com
127.0.0.1 www.attrezzi.biz
127.0.0.1 attrezzi.biz
127.0.0.1 www.aucunsvirus.com
127.0.0.1 aucunsvirus.com
127.0.0.1 www.aulde.net
127.0.0.1 aulde.net
127.0.0.1 www.aupereva.it
127.0.0.1 aupereva.it
127.0.0.1 www.autobargains.org
127.0.0.1 autobargains.org
127.0.0.1 www.autobargainsnetwork.com
127.0.0.1 autobargainsnetwork.com
127.0.0.1 www.autocontext.begun.ru
127.0.0.1 autocontext.begun.ru
127.0.0.1 autoescrowpay.com
127.0.0.1 www.autotuningportal.com
127.0.0.1 autotuningportal.com
127.0.0.1 avadvance.com
127.0.0.1 www.avadvance.com
127.0.0.1 avast.free-software-center.com
127.0.0.1 www.avast.free-software-center.com
127.0.0.1 www.avast-2007.com
127.0.0.1 avast-2007.com
127.0.0.1 www.avast-downloads.com
127.0.0.1 avast-downloads.com
127.0.0.1 www.avast-hq.com
127.0.0.1 avast-hq.com
127.0.0.1 avforce.com
127.0.0.1 www.avforce.com
127.0.0.1 www.avg.grab-it-today.net
127.0.0.1 avg.grab-it-today.net
127.0.0.1 avg.softwarecenterz.com
127.0.0.1 www.avg.softwarecenterz.com
127.0.0.1 avg-secure.com
127.0.0.1 www.avg-secure.com
127.0.0.1 aviadaptation.com
127.0.0.1 www.aviadaptation.com
127.0.0.1 avian-ads.com
127.0.0.1 avicoupler.com
127.0.0.1 www.avicoupler.com
127.0.0.1 avideoaxaccess.com
127.0.0.1 www.avideoaxaccess.com
127.0.0.1 avideosurfer.com
127.0.0.1 www.avideosurfer.com
127.0.0.1 www.avidirection.com
127.0.0.1 avidirection.com
127.0.0.1 aviewersoft.com
127.0.0.1 www.aviewersoft.com
127.0.0.1 www.aviexecution.com
127.0.0.1 aviexecution.com
127.0.0.1 avihelper.com
127.0.0.1 www.avihelper.com
127.0.0.1 aviinstrument.com
127.0.0.1 www.aviinstrument.com
127.0.0.1 aviplugin.com
127.0.0.1 www.aviplugin.com
127.0.0.1 avitool.com
127.0.0.1 www.avitool.com
127.0.0.1 aviupdate.com
127.0.0.1 www.aviupdate.com
127.0.0.1 aviutility.com
127.0.0.1 www.aviutility.com
127.0.0.1 www.avpcheckupdate.com
127.0.0.1 avpcheckupdate.com
127.0.0.1 avsmanufacture.com
127.0.0.1 www.avsmanufacture.com
127.0.0.1 www.avsystemcare.com
127.0.0.1 avsystemcare.com
127.0.0.1 www.avxizaaqada.biz
127.0.0.1 avxizaaqada.biz
127.0.0.1 www.avxiz-anjpn.biz
127.0.0.1 avxiz-anjpn.biz
127.0.0.1 www.avxizueorn.biz
127.0.0.1 avxizueorn.biz
127.0.0.1 www.avxiz-ueorn.biz
127.0.0.1 avxiz-ueorn.biz
127.0.0.1 avxiz-vtvcp.biz
127.0.0.1 www.avxiz-vtvcp.biz
127.0.0.1 avxiz-ygco.biz
127.0.0.1 www.avxiz-ygco.biz
127.0.0.1 avxiz-zqav.biz
127.0.0.1 www.avxiz-zqav.biz
127.0.0.1 www.av-xp-08.com
127.0.0.1 av-xp-08.com
127.0.0.1 www.awarenesstech.com
127.0.0.1 awarenesstech.com
127.0.0.1 www.awarninglist.com
127.0.0.1 awarninglist.com
127.0.0.1 awbeta.net-nucleus.com
127.0.0.1 www.awesomehomepage.com
127.0.0.1 awesomehomepage.com
127.0.0.1 awmcash.biz
127.0.0.1 awmdabest.com
127.0.0.1 www.axemediasoftware.com
127.0.0.1 axemediasoftware.com
127.0.0.1 www.aximageobject.com
127.0.0.1 aximageobject.com
127.0.0.1 www.axmediaproject.com
127.0.0.1 axmediaproject.com
127.0.0.1 www.axmediasoftware.com
127.0.0.1 axmediasoftware.com
127.0.0.1 www.axmediasolutions.com
127.0.0.1 axmediasolutions.com
127.0.0.1 www.axobjectpage.com
127.0.0.1 axobjectpage.com
127.0.0.1 www.axobjectsource.com
127.0.0.1 axobjectsource.com
127.0.0.1 www.axsoftwaretool.com
127.0.0.1 axsoftwaretool.com
127.0.0.1 www.axvideoproject.com
127.0.0.1 axvideoproject.com
127.0.0.1 www.axvideosetup.com
127.0.0.1 axvideosetup.com
127.0.0.1 ayakawamura.com
127.0.0.1 ayb.dns-look-up.com
127.0.0.1 ayb.netbios-wait.com
127.0.0.1 ayumitaniguchi.com
127.0.0.1 azebar.com
127.0.0.1 azureusclub.com
127.0.0.1 www.azureusclub.com
127.0.0.1 azureus-freebie.com
127.0.0.1 www.azureus-freebie.com
127.0.0.1 www.azzetta.it
127.0.0.1 azzetta.it
127.0.0.1 b.casalemedia.com
127.0.0.1 b122.mcboo.com
127.0.0.1 www.babe.k-lined.com
127.0.0.1 babe.k-lined.com
127.0.0.1 www.babe.the-killer.bz
127.0.0.1 babe.the-killer.bz
127.0.0.1 www.babenet.com
127.0.0.1 babenet.com
127.0.0.1 www.babespornmag.com
127.0.0.1 babespornmag.com
127.0.0.1 www.babeweb.de
127.0.0.1 babeweb.de
127.0.0.1 www.baccarat-other.info
127.0.0.1 baccarat-other.info
127.0.0.1 www.backstripgirls.com
127.0.0.1 backstripgirls.com
127.0.0.1 backup.mabou.org
127.0.0.1 www.baiduqqsina.cn
127.0.0.1 baiduqqsina.cn
127.0.0.1 www.balotierra.com
127.0.0.1 balotierra.com
127.0.0.1 bannedhost.net
127.0.0.1 barbudafarms.com
127.0.0.1 www.bardownload.com
127.0.0.1 bardownload.com
127.0.0.1 barnandfence.com
127.0.0.1 www.basteln-und-heimwerken.com
127.0.0.1 basteln-und-heimwerken.com
127.0.0.1 batsearch.com
127.0.0.1 baygraphicsllc.com
127.0.0.1 bb.wudiliuliang.com
127.0.0.1 bbbsearch.com
127.0.0.1 bb-search.com
127.0.0.1 www.bcnproduction.com
127.0.0.1 bcnproduction.com
127.0.0.1 bdsmlibrary.net
127.0.0.1 www.bdsmpornmag.com
127.0.0.1 bdsmpornmag.com
127.0.0.1 www.bearshare.click-new-download.com
127.0.0.1 bearshare.click-new-download.com
127.0.0.1 www.bearshare.download-me.info
127.0.0.1 bearshare.download-me.info
127.0.0.1 www.bearshare.mp3-muzic.com
127.0.0.1 bearshare.mp3-muzic.com
127.0.0.1 www.bearshare-download.org
127.0.0.1 bearshare-download.org
127.0.0.1 bearshare-downloads.net
127.0.0.1 www.bearshare-downloads.net
127.0.0.1 bearsharelive.co.uk
127.0.0.1 www.bearsharelive.co.uk
127.0.0.1 www.bearshare-music-downloads.com
127.0.0.1 bearshare-music-downloads.com
127.0.0.1 bearsharepro2007.com
127.0.0.1 www.bearsharepro2007.com
127.0.0.1 bearshare-usa.com
127.0.0.1 www.bearshare-usa.com
127.0.0.1 bedhome.com
127.0.0.1 bediadance.com
127.0.0.1 www.beebappyy.biz
127.0.0.1 beebappyy.biz
127.0.0.1 www.begin2search.com
127.0.0.1 begin2search.com
127.0.0.1 bellabasketsfl.com
127.0.0.1 bernaolatwin.com
127.0.0.1 www.berufe-jobs.de
127.0.0.1 berufe-jobs.de
127.0.0.1 www.berufe-server.de
127.0.0.1 berufe-server.de
127.0.0.1 www.berufe-welt.de
127.0.0.1 berufe-welt.de
127.0.0.1 www.berufs-wahl.de
127.0.0.1 berufs-wahl.de
127.0.0.1 www.beruijindegunhadesun.com
127.0.0.1 beruijindegunhadesun.com
127.0.0.1 www.best3xclips.com
127.0.0.1 best3xclips.com
127.0.0.1 bestadults.com
127.0.0.1 www.bestadults.com
127.0.0.1 best-codec.com
127.0.0.1 www.best-codec.com
127.0.0.1 best-counter.com
127.0.0.1 bestcrawler.com
127.0.0.1 www.bestdailyvids.com
127.0.0.1 bestdailyvids.com
127.0.0.1 bestfor.ru
127.0.0.1 bestfuckvids.com
127.0.0.1 www.bestfuckvids.com
127.0.0.1 best-hardpics.com
127.0.0.1 bestmanage.org
127.0.0.1 www.bestmanage.org
127.0.0.1 www.bestmanage0.org
127.0.0.1 bestmanage0.org
127.0.0.1 bestmanage1.org
127.0.0.1 www.bestmanage1.org
127.0.0.1 www.bestmanage2.org
127.0.0.1 bestmanage2.org
127.0.0.1 www.bestmanage3.org
127.0.0.1 bestmanage3.org
127.0.0.1 bestmanage4.org
127.0.0.1 www.bestmanage4.org
127.0.0.1 www.bestmanage5.org
127.0.0.1 bestmanage5.org
127.0.0.1 www.bestmanage6.org
127.0.0.1 bestmanage6.org
127.0.0.1 www.bestmanage7.org
127.0.0.1 bestmanage7.org
127.0.0.1 www.bestmanage8.org
127.0.0.1 bestmanage8.org
127.0.0.1 bestmanage9.org
127.0.0.1 www.bestmanage9.org
127.0.0.1 www.bestmovszone.com
127.0.0.1 bestmovszone.com
127.0.0.1 bestnetwok.net
127.0.0.1 www.bestnetwok.net
127.0.0.1 www.bestnetwork.net
127.0.0.1 bestnetwork.net
127.0.0.1 www.bestoffersnetworks.com
127.0.0.1 bestoffersnetworks.com
127.0.0.1 www.best-porncollection.com
127.0.0.1 best-porncollection.com
127.0.0.1 bestporngate.com
127.0.0.1 bestsafetyguide.net
127.0.0.1 www.bestsafetyguide.net
127.0.0.1 www.bestsearch.cc
127.0.0.1 bestsearch.cc
127.0.0.1 www.bestsearchworld.info
127.0.0.1 bestsearchworld.info
127.0.0.1 www.best-spyware.info
127.0.0.1 best-spyware.info
127.0.0.1 www.best-targeted-traffic.com
127.0.0.1 best-targeted-traffic.com
127.0.0.1 best-voyeur.info
127.0.0.1 www.best-voyeur.info
127.0.0.1 bestweblinks.com
127.0.0.1 best-winning-casino.com
127.0.0.1 www.bestworldgirls-for-u.net
127.0.0.1 bestworldgirls-for-u.net
127.0.0.1 www.bestxclips.com
127.0.0.1 bestxclips.com
127.0.0.1 bestxporno.com
127.0.0.1 www.bestxxxmpegs.com
127.0.0.1 bestxxxmpegs.com
127.0.0.1 www.bettersearch.biz
127.0.0.1 bettersearch.biz
127.0.0.1 www.bewerbungsexperte.com
127.0.0.1 bewerbungsexperte.com
127.0.0.1 www.bgazzetta.it
127.0.0.1 bgazzetta.it
127.0.0.1 www.bgoogle.it
127.0.0.1 bgoogle.it
127.0.0.1 www.bigcodecadult.com
127.0.0.1 bigcodecadult.com
127.0.0.1 bigcodecadult2008.com
127.0.0.1 www.bigcodecadult2008.com
127.0.0.1 bigcodecadult2008-17.com
127.0.0.1 www.bigcodecadult2008-17.com
127.0.0.1 bighot18adult2008.com
127.0.0.1 www.bighot18adult2008.com
127.0.0.1 www.bighot18-adult2008.com
127.0.0.1 bighot18-adult2008.com
127.0.0.1 www.bighot18codec2008.com
127.0.0.1 bighot18codec2008.com
127.0.0.1 bighot18-codec2008.com
127.0.0.1 www.bighot18-codec2008.com
127.0.0.1 www.bigtrafficnetwork.com
127.0.0.1 bigtrafficnetwork.com
127.0.0.1 www.bigwww.com
127.0.0.1 bigwww.com
127.0.0.1 www.bill.de
127.0.0.1 bill.de
127.0.0.1 bin.errorprotector.com
127.0.0.1 bins.media-motor.net
127.0.0.1 bins2.media-motor.net
127.0.0.1 bis.180solutions.com
127.0.0.1 bitchesonline.net
127.0.0.1 www.bitcomet-freebie.com
127.0.0.1 bitcomet-freebie.com
127.0.0.1 www.bittorrent.click-new-download.com
127.0.0.1 bittorrent.click-new-download.com
127.0.0.1 biz.biz
127.0.0.1 www.bkvcompany.com
127.0.0.1 bkvcompany.com
127.0.0.1 blackblues00.com
127.0.0.1 www.blackblues00.com
127.0.0.1 blackcodec.com
127.0.0.1 www.blackcodec.com
127.0.0.1 www.black-codec.com
127.0.0.1 black-codec.com
127.0.0.1 www.blackcodec.net
127.0.0.1 blackcodec.net
127.0.0.1 www.blackhats.tc
127.0.0.1 blackhats.tc
127.0.0.1 www.blackhawksoftware.com
127.0.0.1 blackhawksoftware.com
127.0.0.1 blackjack-free.net
127.0.0.1 www.blacklegion.info
127.0.0.1 blacklegion.info
127.0.0.1 blazefind.com
127.0.0.1 blender.xu.pl
127.0.0.1 www.blockcheckercontrol.com
127.0.0.1 blockcheckercontrol.com
127.0.0.1 blondetgp.com
127.0.0.1 www.blue-elefant.com
127.0.0.1 blue-elefant.com
127.0.0.1 www.bm.theaimonline.com
127.0.0.1 bm.theaimonline.com
127.0.0.1 www.bnmgate.com
127.0.0.1 bnmgate.com
127.0.0.1 bodaciousbabette.com
127.0.0.1 www.bonzi.com
127.0.0.1 bonzi.com
127.0.0.1 boobdoll.com
127.0.0.1 boobsandtits.com
127.0.0.1 boobsclub.com
127.0.0.1 www.bookedspace.com
127.0.0.1 bookedspace.com
127.0.0.1 www.boom.com.vn
127.0.0.1 boom.com.vn
127.0.0.1 www.boomgirltv.com
127.0.0.1 boomgirltv.com
127.0.0.1 boredlife.com
127.0.0.1 bowlofogumbo.com
127.0.0.1 www.bpfq02.com
127.0.0.1 bpfq02.com
127.0.0.1 www.bqgate.com
127.0.0.1 bqgate.com
127.0.0.1 br.errorsafe.com
127.0.0.1 br.winantivirus.com
127.0.0.1 br.winfixer.com
127.0.0.1 bradcoem.org
127.0.0.1 www.braincodec.com
127.0.0.1 braincodec.com
127.0.0.1 www.brakecodec.com
127.0.0.1 brakecodec.com
127.0.0.1 www.brakecodec.net
127.0.0.1 brakecodec.net
127.0.0.1 brandiyoung.com
127.0.0.1 www.bravesentry.com
127.0.0.1 bravesentry.com
127.0.0.1 www.breenten.biz
127.0.0.1 breenten.biz
127.0.0.1 www.brodbfm.net
127.0.0.1 brodbfm.net
127.0.0.1 brookeburn.com
127.0.0.1 www.browserwise.com
127.0.0.1 browserwise.com
127.0.0.1 bsa.safetydownload.com
127.0.0.1 www.bsplaycodec.com
127.0.0.1 bsplaycodec.com
127.0.0.1 bucps.com
127.0.0.1 buhartes.info
127.0.0.1 buldog-stats.com
127.0.0.1 www.bullseye-network.com
127.0.0.1 bullseye-network.com
127.0.0.1 burgerkingbigscreen.com
127.0.0.1 www.burningsite.com
127.0.0.1 burningsite.com
127.0.0.1 www.burnsrecyclinginc.com
127.0.0.1 burnsrecyclinginc.com
127.0.0.1 buscards.net
127.0.0.1 bustyrussell.com
127.0.0.1 www.busysearch.net
127.0.0.1 busysearch.net
127.0.0.1 buttejazz.org
127.0.0.1 www.buy-find.info
127.0.0.1 buy-find.info
127.0.0.1 buyselldomain.net
127.0.0.1 www.buytraff.biz
127.0.0.1 buytraff.biz
127.0.0.1 buz.ru
127.0.0.1 www.bvdtechinque.com
127.0.0.1 bvdtechinque.com
127.0.0.1 www.bvirgilio.it
127.0.0.1 bvirgilio.it
127.0.0.1 www.bye-spyware.com
127.0.0.1 bye-spyware.com
127.0.0.1 c.centralmedia.ws
127.0.0.1 www.c.enhance.com
127.0.0.1 c.enhance.com
127.0.0.1 c.goclick.com
127.0.0.1 www.c4tdownload.com
127.0.0.1 c4tdownload.com
127.0.0.1 www.c5.www4free.info
127.0.0.1 c5.www4free.info
127.0.0.1 www.cache.surfaccuracy.com
127.0.0.1 cache.surfaccuracy.com
127.0.0.1 cache.ysbweb.com
127.0.0.1 www.cadesfinjeriokas.com
127.0.0.1 cadesfinjeriokas.com
127.0.0.1 calcioturris.com
127.0.0.1 www.calendaralerts.net
127.0.0.1 calendaralerts.net
127.0.0.1 www.callinghome.biz
127.0.0.1 callinghome.biz
127.0.0.1 www.cameouk.co.uk
127.0.0.1 cameouk.co.uk
127.0.0.1 cameup.com
127.0.0.1 www.camouflageclothingonline.net
127.0.0.1 camouflageclothingonline.net
127.0.0.1 campaigns.outerinfo.net
127.0.0.1 www.camping-community.com
127.0.0.1 camping-community.com
127.0.0.1 camup.net
127.0.0.1 canberracricketcoaching.com
127.0.0.1 candycantaloupes.com
127.0.0.1 www.canidetect.org
127.0.0.1 canidetect.org
127.0.0.1 www.cantfind.com
127.0.0.1 cantfind.com
127.0.0.1 careers.dulcineasystems.net
127.0.0.1 carsands.com
127.0.0.1 carsrentals.net
127.0.0.1 cartoes.uol.com.br
127.0.0.1 www.casalemedia.com
127.0.0.1 casalemedia.com
127.0.0.1 www.cashdeluxe.net
127.0.0.1 cashdeluxe.net
127.0.0.1 www.cashengines.com
127.0.0.1 cashengines.com
127.0.0.1 cashsearch.biz
127.0.0.1 www.cashsurfers.com
127.0.0.1 cashsurfers.com
127.0.0.1 www.cashunlim.com
127.0.0.1 cashunlim.com
127.0.0.1 casino.com.free.game.pogo.gratisdownloads.nl
127.0.0.1 casino2win.net
127.0.0.1 casino-gambling-1.net
127.0.0.1 casino-gambling-2.net
127.0.0.1 casinomidas.net
127.0.0.1 casinonline.net
127.0.0.1 casino-onlines.net
127.0.0.1 www.castingsamateur.com
127.0.0.1 castingsamateur.com
127.0.0.1 catallogue.com
127.0.0.1 www.catch-dc.info
127.0.0.1 catch-dc.info
127.0.0.1 categories.mygeek.com
127.0.0.1 catsss.da.ru
127.0.0.1 caxa.ru
127.0.0.1 cazygirls-world.com
127.0.0.1 cc.panet.org
127.0.0.1 www.ccecaedbebfcaf.com
127.0.0.1 ccecaedbebfcaf.com
127.0.0.1 cclebali.org
127.0.0.1 www.ccorriere.it
127.0.0.1 ccorriere.it
127.0.0.1 www.cdcopysite.com
127.0.0.1 cdcopysite.com
127.0.0.1 www.cdegate.com
127.0.0.1 cdegate.com
127.0.0.1 cdn.drivecleaner.com
127.0.0.1 cdn.errorsafe.com
127.0.0.1 cdn.movies-etc.com
127.0.0.1 cdn.winsoftware.com
127.0.0.1 cdn2.movies-etc.com
127.0.0.1 www.cdorriere.it
127.0.0.1 cdorriere.it
127.0.0.1 ceewawires.org
127.0.0.1 centralmedia.ws
127.0.0.1 certumgroup.com
127.0.0.1 www.cforriere.it
127.0.0.1 cforriere.it
127.0.0.1 cheapest.extra.hu
127.0.0.1 www.check.jupitersatellites.biz
127.0.0.1 check.jupitersatellites.biz
127.0.0.1 www.checkin100.com
127.0.0.1 checkin100.com
127.0.0.1 www.checkssecurity.com
127.0.0.1 checkssecurity.com
127.0.0.1 www.checksystem-online.com
127.0.0.1 checksystem-online.com
127.0.0.1 chelancatering.com
127.0.0.1 www.chenshijituan.com
127.0.0.1 chenshijituan.com
127.0.0.1 childrenvilla.com
127.0.0.1 www.chilly3xvids.com
127.0.0.1 chilly3xvids.com
127.0.0.1 www.chillymovs.com
127.0.0.1 chillymovs.com
127.0.0.1 chips-4-free.com
127.0.0.1 chrisswasey.com
127.0.0.1 chriswallace.net
127.0.0.1 www.cia-trjn.myvnc.com
127.0.0.1 cia-trjn.myvnc.com
127.0.0.1 www.cinemadownload.com
127.0.0.1 cinemadownload.com
127.0.0.1 www.ciorriere.it
127.0.0.1 ciorriere.it
127.0.0.1 www.cirriere.it
127.0.0.1 cirriere.it
127.0.0.1 citycodec.com
127.0.0.1 www.citycodec.com
127.0.0.1 city-codec.com
127.0.0.1 www.city-codec.com
127.0.0.1 ckick4thumbs.com
127.0.0.1 cl55.biz
127.0.0.1 clackamasliteraryreview.com
127.0.0.1 www.clckm.com
127.0.0.1 clckm.com
127.0.0.1 cleancodec.com
127.0.0.1 www.cleancodec.com
127.0.0.1 www.cleancodec.net
127.0.0.1 cleancodec.net
127.0.0.1 clean-codec.net
127.0.0.1 www.clean-codec.net
127.0.0.1 www.cleansoftwares.com
127.0.0.1 cleansoftwares.com
127.0.0.1 clearsearch.cc
127.0.0.1 clearsearch.net
127.0.0.1 clickaire.com
127.0.0.1 www.click-codec.com
127.0.0.1 click-codec.com
127.0.0.1 www.clickhere4search.com
127.0.0.1 clickhere4search.com
127.0.0.1 www.click-new-download.com
127.0.0.1 click-new-download.com
127.0.0.1 click-now.net
127.0.0.1 www.clickspring.net
127.0.0.1 clickspring.net
127.0.0.1 click-to-download.com
127.0.0.1 www.click-to-download.com
127.0.0.1 www.clicktomakeasearch.com
127.0.0.1 clicktomakeasearch.com
127.0.0.1 clickyestoenter.net
127.0.0.1 client.exeupdate.com
127.0.0.1 client.myadultexplorer.com
127.0.0.1 www.cliks.org
127.0.0.1 cliks.org
127.0.0.1 www.cliparts4free.com
127.0.0.1 cliparts4free.com
127.0.0.1 www.clipsfestival.com
127.0.0.1 clipsfestival.com
127.0.0.1 www.clipsreality.com
127.0.0.1 clipsreality.com
127.0.0.1 www.clorriere.it
127.0.0.1 clorriere.it
127.0.0.1 clrsch.com
127.0.0.1 www.clubxxxvideo.com
127.0.0.1 clubxxxvideo.com
127.0.0.1 clusif.free.fr
127.0.0.1 cmtapestry.com
127.0.0.1 www.cnetadd.com
127.0.0.1 cnetadd.com
127.0.0.1 www.cnomy.com
127.0.0.1 cnomy.com
127.0.0.1 www.cnzz.com
127.0.0.1 cnzz.com
127.0.0.1 www.cocktails-ideen.de
127.0.0.1 cocktails-ideen.de
127.0.0.1 code.ignphrases.com
127.0.0.1 codec.ninoa.com
127.0.0.1 codecadult18.com
127.0.0.1 www.codecadult18.com
127.0.0.1 codecbest.com
127.0.0.1 www.codecbest.com
127.0.0.1 codecbsplay.com
127.0.0.1 www.codecbsplay.com
127.0.0.1 codecdemo.com
127.0.0.1 www.codecdemo.com
127.0.0.1 www.codecdvd.net
127.0.0.1 codecdvd.net
127.0.0.1 codecdvi.com
127.0.0.1 www.codecdvi.com
127.0.0.1 codec-fun.com
127.0.0.1 www.codec-fun.com
127.0.0.1 www.codechard.com
127.0.0.1 codechard.com
127.0.0.1 www.codechot.net
127.0.0.1 codechot.net
127.0.0.1 www.codechq.net
127.0.0.1 codechq.net
127.0.0.1 www.codecmeg.net
127.0.0.1 codecmeg.net
127.0.0.1 www.codecmega.com
127.0.0.1 codecmega.com
127.0.0.1 www.codecmega.net
127.0.0.1 codecmega.net
127.0.0.1 www.codecmoon.com
127.0.0.1 codecmoon.com
127.0.0.1 www.codecmpg.com
127.0.0.1 codecmpg.com
127.0.0.1 www.codecnice.net
127.0.0.1 codecnice.net
127.0.0.1 www.codecnitro.com
127.0.0.1 codecnitro.com
127.0.0.1 www.codecops.net
127.0.0.1 codecops.net
127.0.0.1 www.codecplay.com
127.0.0.1 codecplay.com
127.0.0.1 www.codecpretty.net
127.0.0.1 codecpretty.net
127.0.0.1 www.codecpro.net
127.0.0.1 codecpro.net
127.0.0.1 www.codecred.net
127.0.0.1 codecred.net
127.0.0.1 www.codecsoft.net
127.0.0.1 codecsoft.net
127.0.0.1 www.codecthe.com
127.0.0.1 codecthe.com
127.0.0.1 www.codectime.com
127.0.0.1 codectime.com
127.0.0.1 www.codecultra.net
127.0.0.1 codecultra.net
127.0.0.1 www.codecvids.com
127.0.0.1 codecvids.com
127.0.0.1 www.codecvip.com
127.0.0.1 codecvip.com
127.0.0.1 www.codecviva.com
127.0.0.1 codecviva.com
127.0.0.1 www.codeczang.net
127.0.0.1 codeczang.net
127.0.0.1 www.codrriere.it
127.0.0.1 codrriere.it
127.0.0.1 www.coeriere.it
127.0.0.1 coeriere.it
127.0.0.1 www.coerriere.it
127.0.0.1 coerriere.it
127.0.0.1 www.cofrriere.it
127.0.0.1 cofrriere.it
127.0.0.1 www.cogrriere.it
127.0.0.1 cogrriere.it
127.0.0.1 www.coirriere.it
127.0.0.1 coirriere.it
127.0.0.1 command.adservs.com
127.0.0.1 www.commonname.com
127.0.0.1 commonname.com
127.0.0.1 www.comparespywareremover.org
127.0.0.1 comparespywareremover.org
127.0.0.1 www.computerpcgames.net
127.0.0.1 computerpcgames.net
127.0.0.1 www.computerrecover.com
127.0.0.1 computerrecover.com
127.0.0.1 config.180solutions.com
127.0.0.1 www.congtouzailai.net
127.0.0.1 congtouzailai.net
127.0.0.1 www.consumers-reviews.net
127.0.0.1 consumers-reviews.net
127.0.0.1 www.content.dollarrevenue.com
127.0.0.1 content.dollarrevenue.com
127.0.0.1 www.content.ireit.com
127.0.0.1 content.ireit.com
127.0.0.1 content.onerateld.com
127.0.0.1 www.contentmatch.net
127.0.0.1 contentmatch.net
127.0.0.1 www.contextplus.net
127.0.0.1 contextplus.net
127.0.0.1 www.contra-virus.com
127.0.0.1 contra-virus.com
127.0.0.1 www.controlmeh.com
127.0.0.1 controlmeh.com
127.0.0.1 www.controlpage.info
127.0.0.1 controlpage.info
127.0.0.1 www.convenient-search.com
127.0.0.1 convenient-search.com
127.0.0.1 www.cookingluck.com
127.0.0.1 cookingluck.com
127.0.0.1 cooldeskalert.com
127.0.0.1 www.cooldeskalert.com
127.0.0.1 coolfetishsite.com
127.0.0.1 coolfreehost.com
127.0.0.1 coolfreepage.com
127.0.0.1 coolfreepages.com
127.0.0.1 cool-homepage.co
127.0.0.1 cool-homepage.com
127.0.0.1 coolmoneysearch.com
127.0.0.1 www.coolonlinebusiness.com
127.0.0.1 coolonlinebusiness.com
127.0.0.1 coolpornsearch.com
127.0.0.1 cool-search.net
127.0.0.1 cool-search.netfartpost.com
127.0.0.1 coolsearcher.info
127.0.0.1 www.coolservecorp.net
127.0.0.1 coolservecorp.net
127.0.0.1 coolwebsearch.com
127.0.0.1 www.coolwebsearch.com
127.0.0.1 cool-web-search.com
127.0.0.1 coolwebsearsh.com
127.0.0.1 www.coolwwwsearch.com
127.0.0.1 coolwwwsearch.com
127.0.0.1 cool-xxx.net
127.0.0.1 www.coorriere.it
127.0.0.1 coorriere.it
127.0.0.1 copmtraine.com
127.0.0.1 www.coprriere.it
127.0.0.1 coprriere.it
127.0.0.1 www.core.psyche-evolution.com
127.0.0.1 core.psyche-evolution.com
127.0.0.1 www.coreiere.it
127.0.0.1 coreiere.it
127.0.0.1 www.coreriere.it
127.0.0.1 coreriere.it
127.0.0.1 www.corrdiere.it
127.0.0.1 corrdiere.it
127.0.0.1 www.correiere.it
127.0.0.1 correiere.it
127.0.0.1 www.corrfiere.it
127.0.0.1 corrfiere.it
127.0.0.1 www.corrgiere.it
127.0.0.1 corrgiere.it
127.0.0.1 www.corridere.it
127.0.0.1 corridere.it
127.0.0.1 www.corriedre.it
127.0.0.1 corriedre.it
127.0.0.1 www.corriee.it
127.0.0.1 corriee.it
127.0.0.1 www.corrieere.it
127.0.0.1 corrieere.it
127.0.0.1 www.corriefre.it
127.0.0.1 corriefre.it
127.0.0.1 www.corriegre.it
127.0.0.1 corriegre.it
127.0.0.1 www.corrierde.it
127.0.0.1 corrierde.it
127.0.0.1 www.corriered.it
127.0.0.1 corriered.it
127.0.0.1 www.corrieree.it
127.0.0.1 corrieree.it
127.0.0.1 www.corrieref.it
127.0.0.1 corrieref.it
127.0.0.1 www.corrierer.it
127.0.0.1 corrierer.it
127.0.0.1 www.corrieres.it
127.0.0.1 corrieres.it
127.0.0.1 www.corrierew.it
127.0.0.1 corrierew.it
127.0.0.1 www.corrierfe.it
127.0.0.1 corrierfe.it
127.0.0.1 www.corrierge.it
127.0.0.1 corrierge.it
127.0.0.1 www.corrierr.it
127.0.0.1 corrierr.it
127.0.0.1 www.corrierre.it
127.0.0.1 corrierre.it
127.0.0.1 www.corrierse.it
127.0.0.1 corrierse.it
127.0.0.1 www.corrierte.it
127.0.0.1 corrierte.it
127.0.0.1 www.corrierw.it
127.0.0.1 corrierw.it
127.0.0.1 www.corrierwe.it
127.0.0.1 corrierwe.it
127.0.0.1 www.corriesre.it
127.0.0.1 corriesre.it
127.0.0.1 www.corriete.it
127.0.0.1 corriete.it
127.0.0.1 www.corrietre.it
127.0.0.1 corrietre.it
127.0.0.1 www.corriewre.it
127.0.0.1 corriewre.it
127.0.0.1 www.corrifere.it
127.0.0.1 corrifere.it
127.0.0.1 www.corriiere.it
127.0.0.1 corriiere.it
127.0.0.1 www.corrilere.it
127.0.0.1 corrilere.it
127.0.0.1 www.corrioere.it
127.0.0.1 corrioere.it
127.0.0.1 www.corrire.it
127.0.0.1 corrire.it
127.0.0.1 www.corrirere.it
127.0.0.1 corrirere.it
127.0.0.1 www.corrirre.it
127.0.0.1 corrirre.it
127.0.0.1 www.corrisere.it
127.0.0.1 corrisere.it
127.0.0.1 www.corriuere.it
127.0.0.1 corriuere.it
127.0.0.1 www.corriwere.it
127.0.0.1 corriwere.it
127.0.0.1 www.corriwre.it
127.0.0.1 corriwre.it
127.0.0.1 www.corrliere.it
127.0.0.1 corrliere.it
127.0.0.1 www.corroere.it
127.0.0.1 corroere.it
127.0.0.1 www.corroiere.it
127.0.0.1 corroiere.it
127.0.0.1 www.corrriere.it
127.0.0.1 corrriere.it
127.0.0.1 www.corrtiere.it
127.0.0.1 corrtiere.it
127.0.0.1 www.corruere.it
127.0.0.1 corruere.it
127.0.0.1 www.corruiere.it
127.0.0.1 corruiere.it
127.0.0.1 www.cortiere.it
127.0.0.1 cortiere.it
127.0.0.1 www.cortriere.it
127.0.0.1 cortriere.it
127.0.0.1 www.costrike.com
127.0.0.1 costrike.com
127.0.0.1 www.cotriere.it
127.0.0.1 cotriere.it
127.0.0.1 www.cotrriere.it
127.0.0.1 cotrriere.it
127.0.0.1 couldnotfind.com
127.0.0.1 count.cc
127.0.0.1 count.hitscount.net
127.0.0.1 count-all.com
127.0.0.1 www.countdutycall.info
127.0.0.1 countdutycall.info
127.0.0.1 counter.sexmaniack.com
127.0.0.1 www.courtrecordslookup.com
127.0.0.1 courtrecordslookup.com
127.0.0.1 www.cporriere.it
127.0.0.1 cporriere.it
127.0.0.1 www.cprriere.it
127.0.0.1 cprriere.it
127.0.0.1 cpvfeed.com
127.0.0.1 cracks.me.uk
127.0.0.1 www.cracks4all.com
127.0.0.1 cracks4all.com
127.0.0.1 www.crapsgold.info
127.0.0.1 crapsgold.info
127.0.0.1 www.crazygirls-world.com
127.0.0.1 crazygirls-world.com
127.0.0.1 www.crazywinnings.com
127.0.0.1 crazywinnings.com
127.0.0.1 creamedcutties.com
127.0.0.1 www.createaccesskey.com
127.0.0.1 createaccesskey.com
127.0.0.1 www.creatonsoft.com
127.0.0.1 creatonsoft.com
127.0.0.1 creditsearchonline.com
127.0.0.1 crestring.com
127.0.0.1 crooder.com
127.0.0.1 www.crriere.it
127.0.0.1 crriere.it
127.0.0.1 www.cryptdrive.com
127.0.0.1 cryptdrive.com
127.0.0.1 www.crystalysmedia.com
127.0.0.1 crystalysmedia.com
127.0.0.1 www.csx.adservs.com
127.0.0.1 csx.adservs.com
127.0.0.1 cts.180solutions.com
127.0.0.1 www.cuisinartoven.com
127.0.0.1 cuisinartoven.com
127.0.0.1 www.curedc.info
127.0.0.1 curedc.info
127.0.0.1 www.curepcsolutions.com
127.0.0.1 curepcsolutions.com
127.0.0.1 curvedspaces.com
127.0.0.1 www.cutadult.com
127.0.0.1 cutadult.com
127.0.0.1 www.cutoffspyware.com
127.0.0.1 cutoffspyware.com
127.0.0.1 www.cvirgilio.it
127.0.0.1 cvirgilio.it
127.0.0.1 www.cvorriere.it
127.0.0.1 cvorriere.it
127.0.0.1 cvs.jps.ru
127.0.0.1 cvsymphony.com
127.0.0.1 www.cxorriere.it
127.0.0.1 cxorriere.it
127.0.0.1 www.cyberrape.com
127.0.0.1 cyberrape.com
127.0.0.1 cydom.com
127.0.0.1 www.cydoor.com
127.0.0.1 cydoor.com
127.0.0.1 d34s.qfdfqawd.cn
127.0.0.1 www.daily3xlinks.com
127.0.0.1 daily3xlinks.com
127.0.0.1 www.dailybestclips.com
127.0.0.1 dailybestclips.com
127.0.0.1 daily-gals.com
127.0.0.1 www.dailyhugemovs.com
127.0.0.1 dailyhugemovs.com
127.0.0.1 www.dailykeys.com
127.0.0.1 dailykeys.com
127.0.0.1 www.dailypornmag.com
127.0.0.1 dailypornmag.com
127.0.0.1 dailyteenspic.com
127.0.0.1 www.dailytoolbar.com
127.0.0.1 dailytoolbar.com
127.0.0.1 www.dailyxvids.com
127.0.0.1 dailyxvids.com
127.0.0.1 dancingbabycd.com
127.0.0.1 www.dapsol.com
127.0.0.1 dapsol.com
127.0.0.1 www.dapsolution.com
127.0.0.1 dapsolution.com
127.0.0.1 www.data-hoster.com
127.0.0.1 data-hoster.com
127.0.0.1 datanotary.com
127.0.0.1 datareco.com
127.0.0.1 www.dateanybabe.com
127.0.0.1 dateanybabe.com
127.0.0.1 www.dateanychick.com
127.0.0.1 dateanychick.com
127.0.0.1 datingdoctorsite.com
127.0.0.1 www.datingdoctorsite.com
127.0.0.1 dating-galaxy.info
127.0.0.1 www.dating-galaxy.info
127.0.0.1 dating-search.net
127.0.0.1 davemarshall.org
127.0.0.1 db105.com
127.0.0.1 www.dbdecicated.com
127.0.0.1 dbdecicated.com
127.0.0.1 www.dbxcompany.com
127.0.0.1 dbxcompany.com
127.0.0.1 dcdl.dmcast.com
127.0.0.1 dcfitusa.com
127.0.0.1 www.dcorriere.it
127.0.0.1 dcorriere.it
127.0.0.1 www.dcurtis.com
127.0.0.1 dcurtis.com
127.0.0.1 dcww.dmcast.com
127.0.0.1 de.ag
127.0.0.1 de.drivecleaner.com
127.0.0.1 de.errorsafe.com
127.0.0.1 de.winantivirus.com
127.0.0.1 de98.remsys.org
127.0.0.1 www.debay.it
127.0.0.1 debay.it
127.0.0.1 www.decknews.com
127.0.0.1 decknews.com
127.0.0.1 dedmazay.3322.org
127.0.0.1 www.dedsearch.com
127.0.0.1 dedsearch.com
127.0.0.1 defaultsearch.net
127.0.0.1 www.defensaantimalware.com
127.0.0.1 defensaantimalware.com
127.0.0.1 www.deja-rue.com
127.0.0.1 deja-rue.com
127.0.0.1 www.delficodec.com
127.0.0.1 delficodec.com
127.0.0.1 www.democodec.com
127.0.0.1 democodec.com
127.0.0.1 demo-codec.com
127.0.0.1 www.demo-codec.com
127.0.0.1 www.democodec.net
127.0.0.1 democodec.net
127.0.0.1 demo-codec.net
127.0.0.1 www.demo-codec.net
127.0.0.1 www.derklaif.biz
127.0.0.1 derklaif.biz
127.0.0.1 www.derrari.it
127.0.0.1 derrari.it
127.0.0.1 desarrollocreativo.com
127.0.0.1 www.deskbar.worldtostart.com
127.0.0.1 deskbar.worldtostart.com
127.0.0.1 www.deskwizz.com
127.0.0.1 deskwizz.com
127.0.0.1 www.destroy-spy.com
127.0.0.1 destroy-spy.com
127.0.0.1 www.destroy-spyware.net
127.0.0.1 destroy-spyware.net
127.0.0.1 www.destruktor.to.pl
127.0.0.1 destruktor.to.pl
127.0.0.1 www.detection-file101.com
127.0.0.1 detection-file101.com
127.0.0.1 www.detectivehound.com
127.0.0.1 detectivehound.com
127.0.0.1 www.detectivesearches.com
127.0.0.1 detectivesearches.com
127.0.0.1 dev.ntcor.com
127.0.0.1 develip.com
127.0.0.1 dewis.spb.ru
127.0.0.1 dewis.us
127.0.0.1 df809jow4wj2304lfd0sf9fsd0a2t4ldf809jow4wj2304lfd0sf9fsd0a2t4ld.biz
127.0.0.1 www.dgbusiness.com
127.0.0.1 dgbusiness.com
127.0.0.1 dialer2004.com
127.0.0.1 dialerclub.com
127.0.0.1 www.dialerclub.com
127.0.0.1 dialer-shop.com
127.0.0.1 www.dialer-shop.com
127.0.0.1 www.dialoff.com
127.0.0.1 dialoff.com
127.0.0.1 www.did.i-used.cc
127.0.0.1 did.i-used.cc
127.0.0.1 dietpills4free.com
127.0.0.1 dietpussy.com
127.0.0.1 www.digikeygen.com
127.0.0.1 digikeygen.com
127.0.0.1 digistreamsa.com
127.0.0.1 www.digitalcoders.net
127.0.0.1 digitalcoders.net
127.0.0.1 www.digitalfan.com
127.0.0.1 digitalfan.com
127.0.0.1 digital-pornography.com
127.0.0.1 dionforvalleycouncil.org
127.0.0.1 www.directdvdpro.com
127.0.0.1 directdvdpro.com
127.0.0.1 www.directnameservice.com
127.0.0.1 directnameservice.com
127.0.0.1 www.directporta.info
127.0.0.1 directporta.info
127.0.0.1 www.directsearchzone.com
127.0.0.1 directsearchzone.com
127.0.0.1 www.diskretter.com
127.0.0.1 diskretter.com
127.0.0.1 dist.checkin100.com
127.0.0.1 dl.ad-ware.cc
127.0.0.1 dl.malwarewipe.com
127.0.0.1 dl.mcboo.com
127.0.0.1 www.dl.targetsaver.com
127.0.0.1 dl.targetsaver.com
127.0.0.1 dl.web-nexus.net
127.0.0.1 dl1.antivermins.com
127.0.0.1 dl1.antivirgear.com
127.0.0.1 dl1.spydawn.com
127.0.0.1 dl1.virusprotectpro.com
127.0.0.1 dl10.spyfalcon.com
127.0.0.1 dl16.spyfalcon.com
127.0.0.1 dl2.spyfalcon.com
127.0.0.1 dl2.spyheal.com
127.0.0.1 dl2.spywarestrike.com
127.0.0.1 dl3.spyfalcon.com
127.0.0.1 dl3.spyheal.com
127.0.0.1 dl3.spywarestrike.com
127.0.0.1 dl4.spyfalcon.com
127.0.0.1 dl4.spywarestrike.com
127.0.0.1 dl5.spyfalcon.com
127.0.0.1 dl5.spywarestrike.com
127.0.0.1 dl6.spywarestrike.com
127.0.0.1 dl7.spywarestrike.com
127.0.0.1 dl8.spyheal.com
127.0.0.1 dl8.spywarestrike.com
127.0.0.1 dl9.spyfalcon.com
127.0.0.1 dload.contextplus.net
127.0.0.1 www.dltsolution.com
127.0.0.1 dltsolution.com
127.0.0.1 www.dmcast.com
127.0.0.1 dmcast.com
127.0.0.1 www.dmqfirm.com
127.0.0.1 dmqfirm.com
127.0.0.1 www.dnaads.com
127.0.0.1 dnaads.com
127.0.0.1 dnl.mabou.org
127.0.0.1 www.dnld.antivirusdwl.com
127.0.0.1 dnld.antivirusdwl.com
127.0.0.1 www.dns-look-up.com
127.0.0.1 dns-look-up.com
127.0.0.1 www.dns-problem.com
127.0.0.1 dns-problem.com
127.0.0.1 doctorwaldron.com
127.0.0.1 document-not-found.pornpic.org
127.0.0.1 doggyaction.com
127.0.0.1 www.dogproblemswebsite.com
127.0.0.1 dogproblemswebsite.com
127.0.0.1 doktorxxx.com
127.0.0.1 dollarrevenue.com
127.0.0.1 www.domaincar.com
127.0.0.1 domaincar.com
127.0.0.1 domains2003.net
127.0.0.1 domains-for-you-online.com
127.0.0.1 domain-your-registration.com
127.0.0.1 domkrat.com
127.0.0.1 www.doofo.com
127.0.0.1 doofo.com
127.0.0.1 www.dota11.cn
127.0.0.1 dota11.cn
127.0.0.1 www.dotcomtoolbar.com
127.0.0.1 dotcomtoolbar.com
127.0.0.1 down.136136.net
127.0.0.1 download.abetterinternet.com
127.0.0.1 download.adintelligence.net
127.0.0.1 www.download.antispywarebot.com
127.0.0.1 download.antispywarebot.com
127.0.0.1 www.download.bardownload.com
127.0.0.1 download.bardownload.com
127.0.0.1 www.download.bravesentry.com
127.0.0.1 download.bravesentry.com
127.0.0.1 download.cdn.drivecleaner.com
127.0.0.1 download.cdn.errorsafe.com
127.0.0.1 download.cdn.winsoftware.com
127.0.0.1 download.contextplus.net
127.0.0.1 download.errorsafe.com
127.0.0.1 www.download.jupitersatellites.biz
127.0.0.1 download.jupitersatellites.biz
127.0.0.1 download.malwarealarm.com
127.0.0.1 download.searchtabs.net
127.0.0.1 www.download.secureyournet.biz
127.0.0.1 download.secureyournet.biz
127.0.0.1 download.spyonthis.net
127.0.0.1 download.spy-shredder.com
127.0.0.1 download.spywares-removal.info
127.0.0.1 download.systemdoctor.com
127.0.0.1 download.winantispyware.com
127.0.0.1 download.winantivirus.com
127.0.0.1 download.windrivecleaner.com
127.0.0.1 download.winfixer.com
127.0.0.1 download10.spywarequake.com
127.0.0.1 download11.spywarequake.com
127.0.0.1 download12.spywarequake.com
127.0.0.1 download13.spywarequake.com
127.0.0.1 download15.spywarequake.com
127.0.0.1 download2.spywarequake.com
127.0.0.1 download-2007.com
127.0.0.1 www.download-2007.com
127.0.0.1 download3.spyaxe.com
127.0.0.1 download3.spywarequake.com
127.0.0.1 www.download3xpics.com
127.0.0.1 download3xpics.com
127.0.0.1 download4.spyaxe.com
127.0.0.1 download4.spywarequake.com
127.0.0.1 download5.spyaxe.com
127.0.0.1 download5.spywarequake.com
127.0.0.1 download6.spyaxe.com
127.0.0.1 download7.spywarequake.com
127.0.0.1 download8.spywarequake.com
127.0.0.1 download9.spywarequake.com
127.0.0.1 downloadacceleratorsite.com
127.0.0.1 www.downloadacceleratorsite.com
127.0.0.1 www.download-ad-aware.com
127.0.0.1 download-ad-aware.com
127.0.0.1 download-all-4-free.com
127.0.0.1 www.download-all-4-free.com
127.0.0.1 www.download-all-area.com
127.0.0.1 download-all-area.com
127.0.0.1 www.download-antivir.com
127.0.0.1 download-antivir.com
127.0.0.1 www.downloadanysong.com
127.0.0.1 downloadanysong.com
127.0.0.1 www.downloadaresnow.com
127.0.0.1 downloadaresnow.com
127.0.0.1 www.download-avast.com
127.0.0.1 download-avast.com
127.0.0.1 downloadcorporation.com
127.0.0.1 www.downloadcorporation.com
127.0.0.1 www.download-dvdshrink.com
127.0.0.1 download-dvdshrink.com
127.0.0.1 download-for-free.net
127.0.0.1 www.download-for-free.net
127.0.0.1 www.downloadfreesoft.com
127.0.0.1 dow
- | Alerter
Le problème est toujours présent.
Si cela peut vous aider, j'ai effectué un scan HiJackThis dont voici le rapport :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 09:49:32, on 10/10/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\VTTimer.exe
C:\Program Files\Trend Micro\Internet Security 12\pccguide.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Creative\Creative Live! Cam\VideoFX\StartFX.exe
C:\WINDOWS\V0220Mon.exe
C:\Program Files\x86\LogMeInSystray.exe
C:\Program Files\a-squared Anti-Malware\a2guard.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\x86\LMIGuardian.exe
C:\Program Files\Creative\Creative Live! Cam\Live! Cam Manager\CTLCMgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe
C:\Program Files\BitComet\BitComet.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\WINDOWS\system32\petapkxm.exe
C:\Program Files\Adobe\Adobe Acrobat 6.0\Distillr\acrotray.exe
C:\Program Files\a-squared Anti-Malware\a2service.exe
C:\Program Files\x86\RaMaint.exe
C:\Program Files\x86\LogMeIn.exe
C:\Program Files\x86\LMIGuardian.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe
C:\PROGRAM FILES\A-SQUARED ANTI-MALWARE\a2wizard.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\WINDOWS\system32\notepad.exe
C:\WINDOWS\system32\petapkxm.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.8.30.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat\AcroIEFavClient.dll (file missing)
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [pccguide.exe] "C:\Program Files\Trend Micro\Internet Security 12\pccguide.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [AVFX Engine] C:\Program Files\Creative\Creative Live! Cam\VideoFX\StartFX.exe
O4 - HKLM\..\Run: [V0220Mon.exe] C:\WINDOWS\V0220Mon.exe
O4 - HKLM\..\Run: [LogMeIn GUI] "C:\Program Files\x86\LogMeInSystray.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [a-squared] "C:\Program Files\a-squared Anti-Malware\a2guard.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [Configuration de la C-BOX] C:\Program Files\Cegetel\C-BOX\Wizard\QuickAccess.exe
O4 - HKCU\..\Run: [Creative Live! Cam Manager] "C:\Program Files\Creative\Creative Live! Cam\Live! Cam Manager\CTLCMgr.exe"
O4 - HKCU\..\Run: [AnyDVD] C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BitComet] "C:\Program Files\BitComet\BitComet.exe" /tray
O4 - HKCU\..\Run: [EPSON Stylus DX4400 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICAE.EXE /FU "C:\WINDOWS\TEMP\E_S24A.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [apicfgwin] C:\WINDOWS\system32\petapkxm.exe
O4 - HKCU\..\Run: [brastk] C:\WINDOWS\system32\brastk.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Assistant d'Acrobat.lnk = C:\Program Files\Adobe\Adobe Acrobat 6.0\Distillr\acrotray.exe
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: BitComet Search - {461CC20B-FB6E-4f16-8FE8-C29359DB100E} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.8.30.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} (Performance Viewer Activex Control) - https://secure.logmein.com/activex/RACtrl.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{59B8D619-0CD9-41D8-8364-6B2BAB9BF950}: NameServer = 213.30.96.108,213.203.124.146
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: a-squared Anti-Malware Service (a2AntiMalware) - Emsi Software GmbH - C:\Program Files\a-squared Anti-Malware\a2service.exe
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Program Files\x86\RaMaint.exe
O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Program Files\x86\LogMeIn.exe
O23 - Service: Trend Micro Central Control Component (PcCtlCom) - Trend Micro Incorporated. - C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe
O23 - Service: Trend Micro Real-time Service (Tmntsrv) - Trend Micro Incorporated. - C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe
O23 - Service: Trend Micro Personal Firewall (TmPfw) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
O23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe
O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Program Files\Windows Live\installer\WLSetupSvc.exe
--
End of file - 7829 bytes
Si cela peut vous aider, j'ai effectué un scan HiJackThis dont voici le rapport :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 09:49:32, on 10/10/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\VTTimer.exe
C:\Program Files\Trend Micro\Internet Security 12\pccguide.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Creative\Creative Live! Cam\VideoFX\StartFX.exe
C:\WINDOWS\V0220Mon.exe
C:\Program Files\x86\LogMeInSystray.exe
C:\Program Files\a-squared Anti-Malware\a2guard.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\x86\LMIGuardian.exe
C:\Program Files\Creative\Creative Live! Cam\Live! Cam Manager\CTLCMgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe
C:\Program Files\BitComet\BitComet.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\WINDOWS\system32\petapkxm.exe
C:\Program Files\Adobe\Adobe Acrobat 6.0\Distillr\acrotray.exe
C:\Program Files\a-squared Anti-Malware\a2service.exe
C:\Program Files\x86\RaMaint.exe
C:\Program Files\x86\LogMeIn.exe
C:\Program Files\x86\LMIGuardian.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe
C:\PROGRAM FILES\A-SQUARED ANTI-MALWARE\a2wizard.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\WINDOWS\system32\notepad.exe
C:\WINDOWS\system32\petapkxm.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.8.30.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat\AcroIEFavClient.dll (file missing)
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [pccguide.exe] "C:\Program Files\Trend Micro\Internet Security 12\pccguide.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [AVFX Engine] C:\Program Files\Creative\Creative Live! Cam\VideoFX\StartFX.exe
O4 - HKLM\..\Run: [V0220Mon.exe] C:\WINDOWS\V0220Mon.exe
O4 - HKLM\..\Run: [LogMeIn GUI] "C:\Program Files\x86\LogMeInSystray.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [a-squared] "C:\Program Files\a-squared Anti-Malware\a2guard.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [Configuration de la C-BOX] C:\Program Files\Cegetel\C-BOX\Wizard\QuickAccess.exe
O4 - HKCU\..\Run: [Creative Live! Cam Manager] "C:\Program Files\Creative\Creative Live! Cam\Live! Cam Manager\CTLCMgr.exe"
O4 - HKCU\..\Run: [AnyDVD] C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BitComet] "C:\Program Files\BitComet\BitComet.exe" /tray
O4 - HKCU\..\Run: [EPSON Stylus DX4400 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICAE.EXE /FU "C:\WINDOWS\TEMP\E_S24A.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [apicfgwin] C:\WINDOWS\system32\petapkxm.exe
O4 - HKCU\..\Run: [brastk] C:\WINDOWS\system32\brastk.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Assistant d'Acrobat.lnk = C:\Program Files\Adobe\Adobe Acrobat 6.0\Distillr\acrotray.exe
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: BitComet Search - {461CC20B-FB6E-4f16-8FE8-C29359DB100E} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.8.30.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} (Performance Viewer Activex Control) - https://secure.logmein.com/activex/RACtrl.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{59B8D619-0CD9-41D8-8364-6B2BAB9BF950}: NameServer = 213.30.96.108,213.203.124.146
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: a-squared Anti-Malware Service (a2AntiMalware) - Emsi Software GmbH - C:\Program Files\a-squared Anti-Malware\a2service.exe
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Program Files\x86\RaMaint.exe
O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Program Files\x86\LogMeIn.exe
O23 - Service: Trend Micro Central Control Component (PcCtlCom) - Trend Micro Incorporated. - C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe
O23 - Service: Trend Micro Real-time Service (Tmntsrv) - Trend Micro Incorporated. - C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe
O23 - Service: Trend Micro Personal Firewall (TmPfw) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
O23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe
O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Program Files\Windows Live\installer\WLSetupSvc.exe
--
End of file - 7829 bytes
- | Alerter
Re,
On continue![:)]( ":)")
Télécharge random's system information tool (RSIT) par random/random et sauvegarde-le sur le Bureau.
Double-clique sur RSIT.exe afin de lancer RSIT.
Clique Continue à l'écran Disclaimer.
Si l'outil HIjackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.
Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. Poste le contenu de log.txt (<<qui sera affiché)
ainsi que de info.txt (<<qui sera réduit dans la Barre des Tâches).
NB : Les rapports sont sauvegardés dans le dossier C:\rsit
Veille bien à me poster l'intégralité des rapports, vérifie qu'ils soient complets une fois que tu les as postés.
![;)]( ";)")
On continue
Télécharge random's system information tool (RSIT) par random/random et sauvegarde-le sur le Bureau.
ainsi que de info.txt (<<qui sera réduit dans la Barre des Tâches).
- | Alerter
Salut!
Voici les rapports (log.txt en premier) et info.txt en second). On va y arriver!!! :
Logfile of random's system information tool 1.04 (written by random/random)
Run by Moi Même at 2008-10-11 08:54:27
Microsoft Windows XP Professionnel Service Pack 2
System drive C: has 9 GB (23%) free of 40 GB
Total RAM: 447 MB (13% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 08:54:38, on 11/10/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\VTTimer.exe
C:\Program Files\Trend Micro\Internet Security 12\pccguide.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Creative\Creative Live! Cam\VideoFX\StartFX.exe
C:\WINDOWS\V0220Mon.exe
C:\Program Files\x86\LogMeInSystray.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\x86\LMIGuardian.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Creative\Creative Live! Cam\Live! Cam Manager\CTLCMgr.exe
C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\BitComet\BitComet.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\WINDOWS\system32\petapkxm.exe
C:\Program Files\Adobe\Adobe Acrobat 6.0\Distillr\acrotray.exe
C:\Program Files\a-squared Anti-Malware\a2service.exe
C:\Program Files\x86\RaMaint.exe
C:\Program Files\x86\LogMeIn.exe
C:\Program Files\x86\LMIGuardian.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\Moi Même\Local Settings\Temporary Internet Files\Content.IE5\VURLW211\RSIT[1].exe
C:\Program Files\Trend Micro\HijackThis\Moi Même.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.8.30.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat\AcroIEFavClient.dll (file missing)
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [pccguide.exe] "C:\Program Files\Trend Micro\Internet Security 12\pccguide.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [AVFX Engine] C:\Program Files\Creative\Creative Live! Cam\VideoFX\StartFX.exe
O4 - HKLM\..\Run: [V0220Mon.exe] C:\WINDOWS\V0220Mon.exe
O4 - HKLM\..\Run: [LogMeIn GUI] "C:\Program Files\x86\LogMeInSystray.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [a-squared] "C:\Program Files\a-squared Anti-Malware\a2guard.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [Configuration de la C-BOX] C:\Program Files\Cegetel\C-BOX\Wizard\QuickAccess.exe
O4 - HKCU\..\Run: [Creative Live! Cam Manager] "C:\Program Files\Creative\Creative Live! Cam\Live! Cam Manager\CTLCMgr.exe"
O4 - HKCU\..\Run: [AnyDVD] C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BitComet] "C:\Program Files\BitComet\BitComet.exe" /tray
O4 - HKCU\..\Run: [EPSON Stylus DX4400 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICAE.EXE /FU "C:\WINDOWS\TEMP\E_S24A.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [apicfgwin] C:\WINDOWS\system32\petapkxm.exe
O4 - HKCU\..\Run: [brastk] C:\WINDOWS\system32\brastk.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Assistant d'Acrobat.lnk = C:\Program Files\Adobe\Adobe Acrobat 6.0\Distillr\acrotray.exe
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: BitComet Search - {461CC20B-FB6E-4f16-8FE8-C29359DB100E} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.8.30.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} (Performance Viewer Activex Control) - https://secure.logmein.com/activex/RACtrl.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{59B8D619-0CD9-41D8-8364-6B2BAB9BF950}: NameServer = 213.30.96.108,213.203.124.146
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: a-squared Anti-Malware Service (a2AntiMalware) - Emsi Software GmbH - C:\Program Files\a-squared Anti-Malware\a2service.exe
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Program Files\x86\RaMaint.exe
O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Program Files\x86\LogMeIn.exe
O23 - Service: Trend Micro Central Control Component (PcCtlCom) - Trend Micro Incorporated. - C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe
O23 - Service: Trend Micro Real-time Service (Tmntsrv) - Trend Micro Incorporated. - C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe
O23 - Service: Trend Micro Personal Firewall (TmPfw) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
O23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe
O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Program Files\Windows Live\installer\WLSetupSvc.exe
--
End of file - 7765 bytes
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{39F7E362-828A-4B5A-BCAF-5B79BFDFEA60}]
BitComet Helper - C:\Program Files\BitComet\tools\BitCometBHO_1.1.8.30.dll [2007-08-30 513336]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E99421FB-68DD-40F0-B4AC-B7027CAE2F1A}]
EpsonToolBandKicker Class - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2005-02-21 368640]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat\AcroIEFavClient.dll []
{EE5D279F-081B-4404-994D-C6B60AAEBA6D} - EPSON Web-To-Page - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2005-02-21 368640]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"VTTimer"=C:\WINDOWS\system32\VTTimer.exe [2004-10-01 53248]
"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2004-02-13 155648]
"pccguide.exe"=C:\Program Files\Trend Micro\Internet Security 12\pccguide.exe [2004-10-27 823361]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2006-08-31 282624]
"AVFX Engine"=C:\Program Files\Creative\Creative Live! Cam\VideoFX\StartFX.exe [2006-06-09 24576]
"V0220Mon.exe"=C:\WINDOWS\V0220Mon.exe [2006-06-28 32768]
"LogMeIn GUI"=C:\Program Files\x86\LogMeInSystray.exe [2007-09-12 63048]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2007-10-10 39792]
"KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k []
"a-squared"=C:\Program Files\a-squared Anti-Malware\a2guard.exe [2008-10-07 2776720]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"=C:\Program Files\MSN Messenger\MsnMsgr.Exe [2007-01-19 5674352]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2007-11-12 21760296]
"Configuration de la C-BOX"=C:\Program Files\Cegetel\C-BOX\Wizard\QuickAccess.exe []
"Creative Live! Cam Manager"=C:\Program Files\Creative\Creative Live! Cam\Live! Cam Manager\CTLCMgr.exe [2006-05-31 143360]
"AnyDVD"=C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe [2007-10-12 1563584]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2004-08-19 15360]
"BitComet"=C:\Program Files\BitComet\BitComet.exe [2007-09-10 6338360]
"EPSON Stylus DX4400 Series"=C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICAE.EXE [2007-03-01 180736]
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2008-09-16 1833296]
"apicfgwin"=C:\WINDOWS\system32\petapkxm.exe [2008-10-08 98304]
"brastk"=C:\WINDOWS\system32\brastk.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AudioDeck]
C:\Program Files\VIAudioi\SBADeck\ADeck.exe [2005-09-06 450560]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPSON Stylus C66 Series]
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0S2.EXE /P23 EPSON Stylus C66 Series /O6 USB001 /M Stylus C66 []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Logitech Utility]
C:\WINDOWS\Logi_MwX.Exe [2003-12-17 19968]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Assistant d'Acrobat.lnk]
C:\PROGRA~1\Adobe\ADOBEA~1.0\Distillr\acrotray.exe [2003-10-24 217194]
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
Adobe Gamma Loader.lnk - C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
Assistant d'Acrobat.lnk - C:\Program Files\Adobe\Adobe Acrobat 6.0\Distillr\acrotray.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LMIinit]
C:\WINDOWS\system32\LMIinit.dll [2008-05-28 87352]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"ForceClassicControlPanel"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\SightSpeed\SightSpeed.exe"="C:\Program Files\SightSpeed\SightSpeed.exe:*:Enabled:SightSpeed"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\Program Files\eMule\emule.exe"="C:\Program Files\eMule\emule.exe:*:Enabled:eMule"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1e53a0fc-ba10-11dc-ad51-0013d3ee7e6e}]
shell\AutoRun\command - F:\LaunchU3.exe -a
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4206997a-9dc6-11dc-ad3a-0013d3ee7e6e}]
shell\AutoRun\command - F:\LaunchU3.exe -a
======List of files/folders created in the last 1 months======
2008-10-11 08:54:27 ----D---- C:\rsit
2008-10-10 09:15:48 ----A---- C:\WINDOWS\system32\tmp.txt
2008-10-10 09:05:43 ----D---- C:\Program Files\a-squared Anti-Malware
2008-10-09 19:22:32 ----A---- C:\WINDOWS\ntbtlog.txt
2008-10-09 19:19:55 ----D---- C:\Documents and Settings\Moi Même\Application Data\Malwarebytes
2008-10-09 19:19:50 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-10-09 19:19:49 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2008-10-09 18:43:32 ----A---- C:\WINDOWS\system32\wini104552502.exe
2008-10-09 09:17:05 ----A---- C:\WINDOWS\wininit.ini
2008-10-08 22:13:47 ----D---- C:\Program Files\dhahmac
2008-10-08 22:13:45 ----D---- C:\Documents and Settings\All Users\Application Data\bqbodyxo
2008-10-08 22:13:43 ----A---- C:\WINDOWS\system32\petapkxm.exe
2008-10-07 10:13:15 ----D---- C:\Program Files\GoldWave
2008-10-06 17:20:02 ----A---- C:\WINDOWS\system32\ZeroFile.dll
2008-10-05 10:15:47 ----D---- C:\Program Files\SDHelper (Spybot - Search & Destroy)
2008-10-05 10:15:46 ----D---- C:\Program Files\TeaTimer (Spybot - Search & Destroy)
2008-10-05 09:42:20 ----A---- C:\WINDOWS\system32\PICSDK2.dll
2008-10-05 09:42:20 ----A---- C:\WINDOWS\system32\PICSDK.ini
2008-10-05 09:42:20 ----A---- C:\WINDOWS\system32\PICSDK.dll
2008-10-05 09:42:20 ----A---- C:\WINDOWS\system32\PICEntry.dll
2008-10-05 09:42:20 ----A---- C:\WINDOWS\system32\EpPicPrt.dll
2008-10-05 09:42:20 ----A---- C:\WINDOWS\system32\EPPicMgr.dll
2008-10-05 09:41:25 ----D---- C:\Documents and Settings\Moi Même\Application Data\InstallShield
2008-10-05 09:39:41 ----D---- C:\Documents and Settings\All Users\Application Data\EPSON
2008-10-05 09:39:35 ----A---- C:\WINDOWS\system32\E_FLBCAE.DLL
2008-10-05 09:39:35 ----A---- C:\WINDOWS\system32\E_FD4BCAE.DLL
2008-10-05 09:30:14 ----A---- C:\WINDOWS\system32\eswiaml.dll
2008-10-05 09:30:14 ----A---- C:\WINDOWS\system32\eswia7e.dll
2008-10-05 09:30:14 ----A---- C:\WINDOWS\system32\esint7e.dll
2008-10-04 18:07:15 ----D---- C:\Program Files\Red Kawa
2008-10-04 18:04:49 ----RSD---- C:\WINDOWS\assembly
2008-10-04 18:03:46 ----D---- C:\WINDOWS\Microsoft.NET
2008-10-04 17:54:53 ----D---- C:\Program Files\PQDVD
2008-10-04 13:08:00 ----D---- C:\Program Files\Rockstar Custom Tracks
2008-10-04 10:45:28 ----D---- C:\Program Files\Exact Audio Copy PSP Edition
======List of files/folders modified in the last 1 months======
2008-10-11 08:53:55 ----D---- C:\WINDOWS\Prefetch
2008-10-11 08:51:56 ----D---- C:\Documents and Settings\Moi Même\Application Data\Skype
2008-10-11 08:17:32 ----D---- C:\WINDOWS\Temp
2008-10-11 08:13:30 ----D---- C:\Documents and Settings\Moi Même\Application Data\skypePM
2008-10-11 08:12:58 ----D---- C:\Program Files
2008-10-11 08:12:46 ----A---- C:\Program Files\dbg_LMI_proc.txt
2008-10-10 20:26:11 ----A---- C:\WINDOWS\SchedLgU.Txt
2008-10-10 17:25:18 ----D---- C:\Program Files\Mozilla Firefox
2008-10-10 11:51:09 ----A---- C:\WINDOWS\NeroDigital.ini
2008-10-10 09:30:21 ----D---- C:\WINDOWS\system32
2008-10-10 09:23:56 ----SHD---- C:\RECYCLER
2008-10-09 23:55:40 ----D---- C:\WINDOWS\security
2008-10-09 19:23:02 ----D---- C:\Documents and Settings
2008-10-09 19:22:32 ----D---- C:\WINDOWS
2008-10-09 19:19:52 ----D---- C:\WINDOWS\system32\drivers
2008-10-09 18:40:56 ----RSHDC---- C:\WINDOWS\system32\dllcache
2008-10-09 18:28:37 ----D---- C:\Program Files\Trend Micro
2008-10-09 11:09:10 ----D---- C:\Program Files\eMule
2008-10-07 20:39:27 ----HD---- C:\WINDOWS\inf
2008-10-07 10:27:01 ----D---- C:\WINDOWS\system32\CatRoot2
2008-10-06 17:25:41 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-10-05 10:21:42 ----D---- C:\Program Files\Spybot - Search & Destroy
2008-10-05 09:44:21 ----HD---- C:\Program Files\InstallShield Installation Information
2008-10-05 09:43:53 ----D---- C:\Program Files\EPSON
2008-10-05 09:30:14 ----D---- C:\WINDOWS\twain_32
2008-10-04 18:07:11 ----SHD---- C:\WINDOWS\Installer
2008-10-04 18:07:10 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2008-10-04 18:04:51 ----D---- C:\WINDOWS\WinSxS
2008-10-04 18:03:55 ----D---- C:\WINDOWS\system32\mui
2008-10-04 18:03:55 ----D---- C:\Program Files\Internet Explorer
2008-10-04 17:55:22 ----D---- C:\Temp
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 AmdK8;AMD Processor Driver; C:\WINDOWS\System32\DRIVERS\AmdK8.sys [2005-03-09 36352]
R1 ElbyCDIO;ElbyCDIO Driver; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [2007-08-07 25160]
R1 tmtdi;Trend Micro TDI Driver; C:\WINDOWS\System32\Drivers\tmtdi.sys [2005-01-18 35456]
R2 LMIInfo;LogMeIn Kernel Information Provider; \??\C:\Program Files\x86\RaInfo.sys []
R2 LMIRfsDriver;LogMeIn Remote File System Driver; \??\C:\WINDOWS\system32\drivers\LMIRfsDriver.sys []
R2 tm_cfw;Common Firewall Driver; C:\WINDOWS\System32\Drivers\tm_cfw.sys [2005-01-18 838870]
R2 Tmfilter;Tmfilter; C:\WINDOWS\system32\drivers\TmXPFlt.sys [2008-07-18 205328]
R2 Tmpreflt;Tmpreflt; C:\WINDOWS\system32\drivers\Tmpreflt.sys [2008-07-18 36368]
R2 Vsapint;Vsapint; C:\WINDOWS\system32\drivers\Vsapint.sys [2008-07-18 1195448]
R3 AnyDVD;AnyDVD; C:\WINDOWS\System32\Drivers\AnyDVD.sys [2007-10-11 96832]
R3 ElbyDelay;ElbyDelay; C:\WINDOWS\System32\Drivers\ElbyDelay.sys [2007-02-16 11984]
R3 FETNDISB;VIA Rhine Family Fast Ethernet Adapter Driver Service; C:\WINDOWS\System32\DRIVERS\fetnd5b.sys [2004-04-15 42496]
R3 L8042pr2;Logitech PS/2 Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\L8042pr2.Sys [2003-12-17 51729]
R3 lmimirr;lmimirr; C:\WINDOWS\system32\DRIVERS\lmimirr.sys [2007-09-12 10144]
R3 LMouFlt2;Logitech Mouse Class Filter Driver; C:\WINDOWS\system32\DRIVERS\LMouFlt2.Sys [2003-12-17 70801]
R3 usbehci;Pilote miniport de contrôleur hôte amélioré USB 2.0 Microsoft; C:\WINDOWS\System32\DRIVERS\usbehci.sys [2004-08-03 26624]
R3 usbhub;Concentrateur USB2; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2004-08-03 57600]
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2004-08-03 20480]
R3 V0220Dev;Live! Cam Video IM; C:\WINDOWS\system32\DRIVERS\V0220Dev.sys [2006-06-29 146112]
R3 V0220Vfx;V0220VFX; C:\WINDOWS\system32\DRIVERS\V0220Vfx.sys [2006-06-08 6272]
R3 viagfx;viagfx; C:\WINDOWS\System32\DRIVERS\vtmini.sys [2004-10-07 174592]
R3 VIAudio;Vinyl AC'97 Audio Controller (WDM); C:\WINDOWS\system32\drivers\vinyl97.sys [2005-08-03 202112]
S1 wceusbsh;Pilote d'hôte USB série pour Windows CE; C:\WINDOWS\system32\DRIVERS\wceusbsh.sys [2004-08-19 32128]
S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-04 17024]
S3 FETNDIS;Pilote NT de carte VIA PCI 10/100Mo Fast Ethernet; C:\WINDOWS\System32\DRIVERS\fetnd5.sys [2001-08-17 27165]
S3 GMSIPCI;GMSIPCI; \??\E:\INSTALL\GMSIPCI.SYS []
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]
S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-04 85376]
S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-04 10880]
S3 NTACCESS;NTACCESS; \??\E:\NTACCESS.sys []
S3 SetupNTGLM7X;SetupNTGLM7X; \??\E:\NTGLM7X.sys []
S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-04 11136]
S3 SONYPVU1;Pilote de filtrage Sony USB (SONYPVU1); C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-04 15360]
S3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2004-08-03 59264]
S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
S3 WpdUsb;WpdUsb; C:\WINDOWS\System32\Drivers\wpdusb.sys [2005-01-28 18944]
S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-04 19328]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
S4 LMIRfsClientNP;LMIRfsClientNP; C:\WINDOWS\system32\drivers\LMIRfsClientNP.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 a2AntiMalware;a-squared Anti-Malware Service; C:\Program Files\a-squared Anti-Malware\a2service.exe [2008-10-04 418936]
R2 LMIMaint;LogMeIn Maintenance Service; C:\Program Files\x86\RaMaint.exe [2008-05-28 116032]
R2 LogMeIn;LogMeIn; C:\Program Files\x86\LogMeIn.exe [2007-09-12 63040]
R2 MDM;Machine Debug Manager; C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
R2 PcCtlCom;Trend Micro Central Control Component; C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe [2004-11-15 860242]
R2 Tmntsrv;Trend Micro Real-time Service; C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe [2004-10-27 282696]
R2 TmPfw;Trend Micro Personal Firewall; C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe [2005-01-18 585789]
R2 tmproxy;Trend Micro Proxy Service; C:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe [2004-09-15 188484]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\System32\wdfmgr.exe [2005-01-28 38912]
R3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\MSN Messenger\usnsvc.exe [2007-01-19 97136]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe [2006-11-14 68096]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-05-16 228208]
-----------------EOF-----------------
info.txt logfile of random's system information tool 1.04 2008-10-11 08:54:43
======Uninstall list======
-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
-->C:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EFB21DE7-8C19-4A88-BB28-A766E16493BC}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{15B3F9F8-4CF9-452A-9AF2-AA8553765DA7}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2C81600D-D6C7-4687-9362-DD4A78B3483E}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{513D9FB1-27A2-44E4-8F2D-77A6737921A5}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{63A317D0-60A6-43FC-848A-9FE4A53B29CE}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6BE926E5-66F4-4166-A5E5-E14D7A165BBD}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{88B1984E-36F0-47B8-B8DC-728966807A9C}\SETUP.EXE" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A82F10CB-18B5-4EAC-AEF2-FA49CD565626}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D5BA7C09-E523-478C-9C37-A1D86C76383E}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EAF97B2C-0B9B-403C-829C-EF8099237DA9}\setup.exe" -l0x40c
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
-->VTUninst.exe -reg 5 'HKLM\Software\S3\VT\S3Uninst\S3Timer'
Adobe Acrobat - Reader 6.0.2 Update-->MsiExec.exe /I{AC76BA86-0000-0000-0000-6028747ADE01}
Adobe Acrobat 6.0.1 Professional - English, Français, Deutsch-->MsiExec.exe /I{AC76BA86-1033-F400-7760-000000000001}
Adobe Acrobat and Reader 6.0.3 Update-->MsiExec.exe /I{AC76BA86-0000-7EC8-7489-000000000603}
Adobe Acrobat and Reader 6.0.4 Update-->MsiExec.exe /I{AC76BA86-0000-7EC8-7489-000000000604}
Adobe Acrobat and Reader 6.0.5 Update-->MsiExec.exe /I{AC76BA86-0000-7EC8-7489-000000000605}
Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742)-->MsiExec.exe /X{6846389C-BAC0-4374-808E-B120F86AF5D7}
Adobe Creative Suite-->C:\PROGRA~1\INSTAL~1\{D52EC~1\setup.exe /Relaunched=yes /Uninstall /Relaunched=yes
Adobe Flash Player 9 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\FlashUtil9c.exe -uninstallUnlock
Adobe Reader 8.1.1 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A81000000003}
Adobe Reader 8.1.2 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A81200000003}
Advanced Video FX Engine-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D5BA7C09-E523-478C-9C37-A1D86C76383E}\setup.exe" -l0x40c /remove
AnyDVD-->"C:\Program Files\SlySoft\AnyDVD\AnyDVD-uninst.exe" /D="C:\Program Files\SlySoft\AnyDVD"
Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe
a-squared Anti-Malware 4.0-->"C:\Program Files\a-squared Anti-Malware\unins000.exe"
BitComet 0.93-->C:\Program Files\BitComet\uninst.exe
Blender (remove only)-->"C:\Program Files\Blender Foundation\Blender\uninstall.exe"
CloneDVD2-->"C:\Program Files\Elaborate Bytes\CloneDVD2\CloneDVD2-uninst.exe" /D="C:\Program Files\Elaborate Bytes\CloneDVD2"
Correctif pour Windows Internet Explorer 7 (KB947864)-->"C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\spuninst.exe"
Correctif pour Windows XP (KB914440)-->"C:\WINDOWS\$NtUninstallKB914440$\spuninst\spuninst.exe"
Correctif pour Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
Correctif Windows XP - KB873339-->C:\WINDOWS\$NtUninstallKB873339$\spuninst\spuninst.exe
Correctif Windows XP - KB885250-->C:\WINDOWS\$NtUninstallKB885250$\spuninst\spuninst.exe
Correctif Windows XP - KB885835-->C:\WINDOWS\$NtUninstallKB885835$\spuninst\spuninst.exe
Correctif Windows XP - KB885836-->C:\WINDOWS\$NtUninstallKB885836$\spuninst\spuninst.exe
Correctif Windows XP - KB885884-->C:\WINDOWS\$NtUninstallKB885884$\spuninst\spuninst.exe
Correctif Windows XP - KB886185-->C:\WINDOWS\$NtUninstallKB886185$\spuninst\spuninst.exe
Correctif Windows XP - KB887472-->C:\WINDOWS\$NtUninstallKB887472$\spuninst\spuninst.exe
Correctif Windows XP - KB887742-->C:\WINDOWS\$NtUninstallKB887742$\spuninst\spuninst.exe
Correctif Windows XP - KB888113-->C:\WINDOWS\$NtUninstallKB888113$\spuninst\spuninst.exe
Correctif Windows XP - KB888302-->C:\WINDOWS\$NtUninstallKB888302$\spuninst\spuninst.exe
Correctif Windows XP - KB890859-->"C:\WINDOWS\$NtUninstallKB890859$\spuninst\spuninst.exe"
Correctif Windows XP - KB891781-->C:\WINDOWS\$NtUninstallKB891781$\spuninst\spuninst.exe
Creative Live! Cam Center-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6BE926E5-66F4-4166-A5E5-E14D7A165BBD}\setup.exe" -l0x40c /remove
Creative Live! Cam Manager-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{15B3F9F8-4CF9-452A-9AF2-AA8553765DA7}\setup.exe" -l0x40c /remove
Creative Live! Cam Video IM Driver (1.01.01.00)-->C:\WINDOWS\CtDrvIns.exe -uninstall -script VF0220.uns -unsext NT -plugin V0220Pin.dll -pluginres CtCamPin.crl
Creative Photo Calendar-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2C81600D-D6C7-4687-9362-DD4A78B3483E}\setup.exe" -l0x40c /remove
Creative Photo Manager-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{513D9FB1-27A2-44E4-8F2D-77A6737921A5}\setup.exe" -l0x40c /remove
Creative Software AutoUpdate-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{88B1984E-36F0-47B8-B8DC-728966807A9C}\SETUP.EXE" -l0x40c /remove
Creative System Information-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{63A317D0-60A6-43FC-848A-9FE4A53B29CE}\setup.exe" -l0x40c /remove
CX4300_5500_DX4400 Manuel-->C:\Program Files\EPSON\TPMANUAL\CX4300_5500_DX4400\FRA\USE_G\DOCUNINS.EXE
DivX Codec-->C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
DivX Content Uploader-->C:\Program Files\DivX\DivXContentUploaderUninstall.exe /CUPLOADER
DivX Converter-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
DivX Player-->C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
DivX Web Player-->C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
DVD Decrypter (Remove Only)-->"C:\Program Files\DVD Decrypter\uninstall.exe"
eMule-->"C:\Program Files\eMule\Uninstall.exe"
EPSON Copy Utility 3-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{67EDD823-135A-4D59-87BD-950616D6E857}\SETUP.EXE" -l0x40c -UnInstall
EPSON Logiciel imprimante-->C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\EPUPDATE.EXE /R
EPSON Scan-->C:\Program Files\epson\escndv\setup\setup.exe /r
EPSON Web-To-Page-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7F14F68C-17FA-4F88-B3FD-7F449C1EBF32}\SETUP.EXE" -l0x40c -anything
GoldWave v5.25-->"C:\Program Files\GoldWave\unstall.exe" "GoldWave v5.25" "C:\Program Files\GoldWave\unstall.log"
Google Toolbar for Firefox-->MsiExec.exe /X{2CCBABCB-6427-4A55-B091-49864623C43F}
HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Hotfix for Windows XP (KB915865)-->"C:\WINDOWS\$NtUninstallKB915865$\spuninst\spuninst.exe"
Installer Yahoo! Messenger-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EAF97B2C-0B9B-403C-829C-EF8099237DA9}\setup.exe" -l0x40c /remove
IrfanView (remove only)-->C:\Program Files\IrfanView\iv_uninstall.exe
Lecteur Windows Media 10-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Logitech MouseWare 9.79.1 -->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5809E7CF-4DCF-11D4-9875-00105ACE7734}\Setup.exe" -l0x40c -l040c UNINSTALL
LogMeIn-->MsiExec.exe /I{EFED5763-E48C-4664-A343-3CA6BC0C865F}
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Manuel d'utilisation de Creative Live! Cam Video IM (Français)-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\Creative\Creative Live! Cam Video IM\Manuel d'utilisation de Creative Live! Cam Video IM\French\CTManual.isu"
MathType 5-->"C:\Program Files\MathType\Setup.exe" -R
Microsoft .NET Framework 2.0-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.exe
Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
Microsoft Money-->C:\Program Files\Microsoft Money 2005\MNYCoreFiles\Setup\uninst.exe /s:120
Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
Microsoft Office Professional Edition 2003-->MsiExec.exe /I{9011040C-6000-11D3-8CFE-0150048383C9}
Microsoft Plus! pour Windows XP-->MsiExec.exe /I{EEC2DAFD-5558-40AC-8E9C-5005C8F810E8}
Mise à jour de sécurité pour Lecteur Windows Media (KB911564)-->"C:\WINDOWS\$NtUninstallKB911564$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 10 (KB911565)-->"C:\WINDOWS\$NtUninstallKB911565$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 10 (KB917734)-->"C:\WINDOWS\$NtUninstallKB917734_WMP10$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 10 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP10$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 6.4 (KB925398)-->"C:\WINDOWS\$NtUninstallKB925398_WMP64$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB939653)-->"C:\WINDOWS\ie7updates\KB939653-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB942615)-->"C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB944533)-->"C:\WINDOWS\ie7updates\KB944533-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB950759)-->"C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB953838)-->"C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB890046)-->"C:\WINDOWS\$NtUninstallKB890046$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB893756)-->"C:\WINDOWS\$NtUninstallKB893756$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB896358)-->"C:\WINDOWS\$NtUninstallKB896358$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB896422)-->"C:\WINDOWS\$NtUninstallKB896422$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB896423)-->"C:\WINDOWS\$NtUninstallKB896423$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB896424)-->"C:\WINDOWS\$NtUninstallKB896424$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB896428)-->"C:\WINDOWS\$NtUninstallKB896428$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB899587)-->"C:\WINDOWS\$NtUninstallKB899587$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB899589)-->"C:\WINDOWS\$NtUninstallKB899589$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB899591)-->"C:\WINDOWS\$NtUninstallKB899591$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB900725)-->"C:\WINDOWS\$NtUninstallKB900725$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB901017)-->"C:\WINDOWS\$NtUninstallKB901017$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB901214)-->"C:\WINDOWS\$NtUninstallKB901214$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB902400)-->"C:\WINDOWS\$NtUninstallKB902400$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB904706)-->"C:\WINDOWS\$NtUninstallKB904706$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB905414)-->"C:\WINDOWS\$NtUninstallKB905414$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB905749)-->"C:\WINDOWS\$NtUninstallKB905749$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB908519)-->"C:\WINDOWS\$NtUninstallKB908519$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB911280)-->"C:\WINDOWS\$NtUninstallKB911280$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB911562)-->"C:\WINDOWS\$NtUninstallKB911562$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB911567)-->"C:\WINDOWS\$NtUninstallKB911567$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB911927)-->"C:\WINDOWS\$NtUninstallKB911927$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB912812)-->"C:\WINDOWS\$NtUninstallKB912812$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB912919)-->"C:\WINDOWS\$NtUninstallKB912919$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB913433)-->C:\WINDOWS\system32\MacroMed\Flash\genuinst.exe C:\WINDOWS\system32\MacroMed\Flash\KB913433.inf
Mise à jour de sécurité pour Windows XP (KB913446)-->"C:\WINDOWS\$NtUninstallKB913446$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB913580)-->"C:\WINDOWS\$NtUninstallKB913580$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB914388)-->"C:\WINDOWS\$NtUninstallKB914388$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB914389)-->"C:\WINDOWS\$NtUninstallKB914389$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB916281)-->"C:\WINDOWS\$NtUninstallKB916281$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB917159)-->"C:\WINDOWS\$NtUninstallKB917159$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB917344)-->"C:\WINDOWS\$NtUninstallKB917344$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB917422)-->"C:\WINDOWS\$NtUninstallKB917422$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB917953)-->"C:\WINDOWS\$NtUninstallKB917953$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB918118)-->"C:\WINDOWS\$NtUninstallKB918118$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB918439)-->"C:\WINDOWS\$NtUninstallKB918439$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB918899)-->"C:\WINDOWS\$NtUninstallKB918899$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB919007)-->"C:\WINDOWS\$NtUninstallKB919007$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB920213)-->"C:\WINDOWS\$NtUninstallKB920213$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB920214)-->"C:\WINDOWS\$NtUninstallKB920214$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB920670)-->"C:\WINDOWS\$NtUninstallKB920670$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB920683)-->"C:\WINDOWS\$NtUninstallKB920683$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB920685)-->"C:\WINDOWS\$NtUninstallKB920685$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB921398)-->"C:\WINDOWS\$NtUninstallKB921398$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB921503)-->"C:\WINDOWS\$NtUninstallKB921503$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB921883)-->"C:\WINDOWS\$NtUninstallKB921883$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB922616)-->"C:\WINDOWS\$NtUninstallKB922616$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB922760)-->"C:\WINDOWS\$NtUninstallKB922760$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB922819)-->"C:\WINDOWS\$NtUninstallKB922819$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB923191)-->"C:\WINDOWS\$NtUninstallKB923191$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB923414)-->"C:\WINDOWS\$NtUninstallKB923414$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB923689)-->"C:\WINDOWS\$NtUninstallKB923689$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB923694)-->"C:\WINDOWS\$NtUninstallKB923694$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB923980)-->"C:\WINDOWS\$NtUninstallKB923980$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB924191)-->"C:\WINDOWS\$NtUninstallKB924191$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB924270)-->"C:\WINDOWS\$NtUninstallKB924270$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB924496)-->"C:\WINDOWS\$NtUninstallKB924496$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB924667)-->"C:\WINDOWS\$NtUninstallKB924667$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB925454)-->"C:\WINDOWS\$NtUninstallKB925454$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB925486)-->"C:\WINDOWS\$NtUninstallKB925486$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB925902)-->"C:\WINDOWS\$NtUninstallKB925902$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB926255)-->"C:\WINDOWS\$NtUninstallKB926255$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB926436)-->"C:\WINDOWS\$NtUninstallKB926436$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB927779)-->"C:\WINDOWS\$NtUninstallKB927779$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB927802)-->"C:\WINDOWS\$NtUninstallKB927802$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB928090)-->"C:\WINDOWS\$NtUninstallKB928090$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB928255)-->"C:\WINDOWS\$NtUninstallKB928255$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB928843)-->"C:\WINDOWS\$NtUninstallKB928843$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB929123)-->"C:\WINDOWS\$NtUninstallKB929123$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB929969)-->"C:\WINDOWS\$NtUninstallKB929969$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB930178)-->"C:\WINDOWS\$NtUninstallKB930178$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB931261)-->"C:\WINDOWS\$NtUninstallKB931261$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB931768)-->"C:\WINDOWS\$NtUninstallKB931768$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB931784)-->"C:\WINDOWS\$NtUninstallKB931784$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB932168)-->"C:\WINDOWS\$NtUninstallKB932168$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB933566)-->"C:\WINDOWS\$NtUninstallKB933566$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB933729)-->"C:\WINDOWS\$NtUninstallKB933729$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB935839)-->"C:\WINDOWS\$NtUninstallKB935839$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB935840)-->"C:\WINDOWS\$NtUninstallKB935840$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB936021)-->"C:\WINDOWS\$NtUninstallKB936021$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB937143)-->"C:\WINDOWS\$NtUninstallKB937143$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB937894)-->"C:\WINDOWS\$NtUninstallKB937894$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB938127)-->"C:\WINDOWS\$NtUninstallKB938127$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB938829)-->"C:\WINDOWS\$NtUninstallKB938829$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB941202)-->"C:\WINDOWS\$NtUninstallKB941202$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB941568)-->"C:\WINDOWS\$NtUninstallKB941568$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB941644)-->"C:\WINDOWS\$NtUninstallKB941644$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB941693)-->"C:\WINDOWS\$NtUninstallKB941693$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB943055)-->"C:\WINDOWS\$NtUninstallKB943055$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB943460)-->"C:\WINDOWS\$NtUninstallKB943460$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB943485)-->"C:\WINDOWS\$NtUninstallKB943485$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB944653)-->"C:\WINDOWS\$NtUninstallKB944653$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB945553)-->"C:\WINDOWS\$NtUninstallKB945553$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB946026)-->"C:\WINDOWS\$NtUninstallKB946026$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB948590)-->"C:\WINDOWS\$NtUninstallKB948590$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB948881)-->"C:\WINDOWS\$NtUninstallKB948881$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950749)-->"C:\WINDOWS\$NtUninstallKB950749$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951376)-->"C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB894391)-->"C:\WINDOWS\$NtUninstallKB894391$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB898461)-->"C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB900485)-->"C:\WINDOWS\$NtUninstallKB900485$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB904942)-->"C:\WINDOWS\$NtUninstallKB904942$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB908531)-->"C:\WINDOWS\$NtUninstallKB908531$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB910437)-->"C:\WINDOWS\$NtUninstallKB910437$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB916595)-->"C:\WINDOWS\$NtUninstallKB916595$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB920872)-->"C:\WINDOWS\$NtUninstallKB920872$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB922582)-->"C:\WINDOWS\$NtUninstallKB922582$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB927891)-->"C:\WINDOWS\$NtUninstallKB927891$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB929338)-->"C:\WINDOWS\$NtUninstallKB929338$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB930916)-->"C:\WINDOWS\$NtUninstallKB930916$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB931836)-->"C:\WINDOWS\$NtUninstallKB931836$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB932823-v3)-->"C:\WINDOWS\$NtUninstallKB932823-v3$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB933360)-->"C:\WINDOWS\$NtUninstallKB933360$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB938828)-->"C:\WINDOWS\$NtUninstallKB938828$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB942763)-->"C:\WINDOWS\$NtUninstallKB942763$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
Mozilla Firefox (3.0.3)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MP3PowerEncoder-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{969B3B70-8765-11D5-9809-0050BACBF861}\Setup.exe" -uninstall
Nero OEM-->C:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL
PowerDVD-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\Setup.exe" -uninstall
PSP Video 9 2.25-->C:\Program Files\Red Kawa\Video Converter\uninstaller.exe
PSP Video Express(remove only)-->"C:\Program Files\PQDVD\PSPVideoExpress\bt-uninst.exe"
QuickTime-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{C21D5524-A970-42FA-AC8A-59B8C7CDCA31} /l1036
RealPlayer-->C:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
S3 S3Display-->vtuninst.exe -reg 5 'HKLM\Software\S3\VT\S3Uninst\S3Display'
S3 S3Gamma2-->vtuninst.exe -reg 5 'HKLM\Software\S3\VT\S3Uninst\S3Gamma2'
S3 S3Info2-->vtuninst.exe -reg 5 'HKLM\Software\S3\VT\S3Uninst\S3Info2'
S3 S3Overlay-->vtuninst.exe -reg 5 'HKLM\Software\S3\VT\S3Uninst\S3Overlay'
S3 S3TrayPlus-->vtuninst.exe -reg 5 'HKLM\Software\S3\VT\S3Uninst\S3TrayPlus'
SightSpeed (remove only)-->"C:\Program Files\SightSpeed\uninst.exe"
Skype™ 3.6-->MsiExec.exe /X{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}
Sony ATRAC3 Audio Codec (remove only)-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall.NT 132 C:\WINDOWS\INF\atrac3.inf
Spybot - Search & Destroy 1.4-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe"
Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins001.exe"
SUPER © Version 2006.19 (FIX)-->C:\PROGRA~1\SUPER\Setup.exe /remove /q0
Trend Micro PC-cillin Internet Security 12-->MsiExec.exe /X{7698EDA5-A90F-4205-99CB-8FF6F9048ED9}
TV sur PC-->C:\Program Files\Neuf\TV_PC\uninstall.exe
UniChrome Pro IGP Display Driver and Utilities-->C:\PROGRA~1\S3Inc\S3\s3setvga.exe -s -fC:\PROGRA~1\S3Inc\S3\S3.uns
VIA Platform Device Manager-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{20D4A895-748C-4D88-871C-FDB1695B0169}
VIA Vinyl Audio Codecs Driver Setup Program-->RunDll32.exe UnAudioNT.dll,UninstallAudio C:\WINDOWS\IsUninst.exe -y-f"C:\PROGRA~1\VIAudioi\SBASetup\Uninst.isu"
Windows Installer 3.1 (KB893803)-->"C:\WINDOWS\$MSI31Uninstall_KB893803v2$\spuninst\spuninst.exe"
Windows Internet Explorer 7-->"C:\WINDOWS\ie7\spuninst\spuninst.exe"
Windows Live installer-->MsiExec.exe /I{A90D10BA-1E82-44E1-87DE-56A22BA151DA}
Windows Live Messenger-->MsiExec.exe /I{F6326B60-1B1D-4ABF-BFCD-7B7404F44411}
Windows Live Sign-in Assistant-->MsiExec.exe /I{22B3CC30-77B8-419C-AA4B-F571FDF5D66D}
Windows Media Format Runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows XP Service Pack 2-->C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe
xp-AntiSpy 3.95-1-->C:\Program Files\xp-AntiSpy\Uninstall.exe
======Hosts File======
127.0.0.1 iw2.slysoft.com
127.0.0.1 h3.slysoft.com
127.0.0.1 slysoft.com
127.0.0.1 sb2slysoft.com
127.0.0.1 ns6.gandi.net
127.0.0.1 ev1slysoft.com
127.0.0.1 ev1.slysoft.com
127.0.0.1 iw2.slysoft.com
127.0.0.1 reverse.privatedns.com
127.0.0.1 iw2.slysoft.com
======Security center information======
AV: Trend Micro PC-cillin Internet Security 12
FW: Trend Micro PC-cillin Internet Security 12
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\QuickTime\QTSystem\
"windir"=%SystemRoot%
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 44 Stepping 2, AuthenticAMD
"PROCESSOR_REVISION"=2c02
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"FP_NO_HOST_CHECK"=NO
"CLASSPATH"=.;C:\Program Files\QuickTime\QTSystem\QTJava.zip
"QTJAVA"=C:\Program Files\QuickTime\QTSystem\QTJava.zip
-----------------EOF-----------------
Voici les rapports (log.txt en premier) et info.txt en second). On va y arriver!!! :
Logfile of random's system information tool 1.04 (written by random/random)
Run by Moi Même at 2008-10-11 08:54:27
Microsoft Windows XP Professionnel Service Pack 2
System drive C: has 9 GB (23%) free of 40 GB
Total RAM: 447 MB (13% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 08:54:38, on 11/10/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\VTTimer.exe
C:\Program Files\Trend Micro\Internet Security 12\pccguide.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Creative\Creative Live! Cam\VideoFX\StartFX.exe
C:\WINDOWS\V0220Mon.exe
C:\Program Files\x86\LogMeInSystray.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\x86\LMIGuardian.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Creative\Creative Live! Cam\Live! Cam Manager\CTLCMgr.exe
C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\BitComet\BitComet.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\WINDOWS\system32\petapkxm.exe
C:\Program Files\Adobe\Adobe Acrobat 6.0\Distillr\acrotray.exe
C:\Program Files\a-squared Anti-Malware\a2service.exe
C:\Program Files\x86\RaMaint.exe
C:\Program Files\x86\LogMeIn.exe
C:\Program Files\x86\LMIGuardian.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\Moi Même\Local Settings\Temporary Internet Files\Content.IE5\VURLW211\RSIT[1].exe
C:\Program Files\Trend Micro\HijackThis\Moi Même.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.8.30.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat\AcroIEFavClient.dll (file missing)
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [pccguide.exe] "C:\Program Files\Trend Micro\Internet Security 12\pccguide.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [AVFX Engine] C:\Program Files\Creative\Creative Live! Cam\VideoFX\StartFX.exe
O4 - HKLM\..\Run: [V0220Mon.exe] C:\WINDOWS\V0220Mon.exe
O4 - HKLM\..\Run: [LogMeIn GUI] "C:\Program Files\x86\LogMeInSystray.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [a-squared] "C:\Program Files\a-squared Anti-Malware\a2guard.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [Configuration de la C-BOX] C:\Program Files\Cegetel\C-BOX\Wizard\QuickAccess.exe
O4 - HKCU\..\Run: [Creative Live! Cam Manager] "C:\Program Files\Creative\Creative Live! Cam\Live! Cam Manager\CTLCMgr.exe"
O4 - HKCU\..\Run: [AnyDVD] C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BitComet] "C:\Program Files\BitComet\BitComet.exe" /tray
O4 - HKCU\..\Run: [EPSON Stylus DX4400 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICAE.EXE /FU "C:\WINDOWS\TEMP\E_S24A.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [apicfgwin] C:\WINDOWS\system32\petapkxm.exe
O4 - HKCU\..\Run: [brastk] C:\WINDOWS\system32\brastk.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Assistant d'Acrobat.lnk = C:\Program Files\Adobe\Adobe Acrobat 6.0\Distillr\acrotray.exe
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: BitComet Search - {461CC20B-FB6E-4f16-8FE8-C29359DB100E} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.8.30.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} (Performance Viewer Activex Control) - https://secure.logmein.com/activex/RACtrl.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{59B8D619-0CD9-41D8-8364-6B2BAB9BF950}: NameServer = 213.30.96.108,213.203.124.146
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: a-squared Anti-Malware Service (a2AntiMalware) - Emsi Software GmbH - C:\Program Files\a-squared Anti-Malware\a2service.exe
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Program Files\x86\RaMaint.exe
O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Program Files\x86\LogMeIn.exe
O23 - Service: Trend Micro Central Control Component (PcCtlCom) - Trend Micro Incorporated. - C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe
O23 - Service: Trend Micro Real-time Service (Tmntsrv) - Trend Micro Incorporated. - C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe
O23 - Service: Trend Micro Personal Firewall (TmPfw) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
O23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe
O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Program Files\Windows Live\installer\WLSetupSvc.exe
--
End of file - 7765 bytes
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{39F7E362-828A-4B5A-BCAF-5B79BFDFEA60}]
BitComet Helper - C:\Program Files\BitComet\tools\BitCometBHO_1.1.8.30.dll [2007-08-30 513336]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E99421FB-68DD-40F0-B4AC-B7027CAE2F1A}]
EpsonToolBandKicker Class - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2005-02-21 368640]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat\AcroIEFavClient.dll []
{EE5D279F-081B-4404-994D-C6B60AAEBA6D} - EPSON Web-To-Page - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2005-02-21 368640]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"VTTimer"=C:\WINDOWS\system32\VTTimer.exe [2004-10-01 53248]
"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2004-02-13 155648]
"pccguide.exe"=C:\Program Files\Trend Micro\Internet Security 12\pccguide.exe [2004-10-27 823361]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2006-08-31 282624]
"AVFX Engine"=C:\Program Files\Creative\Creative Live! Cam\VideoFX\StartFX.exe [2006-06-09 24576]
"V0220Mon.exe"=C:\WINDOWS\V0220Mon.exe [2006-06-28 32768]
"LogMeIn GUI"=C:\Program Files\x86\LogMeInSystray.exe [2007-09-12 63048]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2007-10-10 39792]
"KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k []
"a-squared"=C:\Program Files\a-squared Anti-Malware\a2guard.exe [2008-10-07 2776720]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"=C:\Program Files\MSN Messenger\MsnMsgr.Exe [2007-01-19 5674352]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2007-11-12 21760296]
"Configuration de la C-BOX"=C:\Program Files\Cegetel\C-BOX\Wizard\QuickAccess.exe []
"Creative Live! Cam Manager"=C:\Program Files\Creative\Creative Live! Cam\Live! Cam Manager\CTLCMgr.exe [2006-05-31 143360]
"AnyDVD"=C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe [2007-10-12 1563584]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2004-08-19 15360]
"BitComet"=C:\Program Files\BitComet\BitComet.exe [2007-09-10 6338360]
"EPSON Stylus DX4400 Series"=C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICAE.EXE [2007-03-01 180736]
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2008-09-16 1833296]
"apicfgwin"=C:\WINDOWS\system32\petapkxm.exe [2008-10-08 98304]
"brastk"=C:\WINDOWS\system32\brastk.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AudioDeck]
C:\Program Files\VIAudioi\SBADeck\ADeck.exe [2005-09-06 450560]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPSON Stylus C66 Series]
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0S2.EXE /P23 EPSON Stylus C66 Series /O6 USB001 /M Stylus C66 []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Logitech Utility]
C:\WINDOWS\Logi_MwX.Exe [2003-12-17 19968]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Assistant d'Acrobat.lnk]
C:\PROGRA~1\Adobe\ADOBEA~1.0\Distillr\acrotray.exe [2003-10-24 217194]
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
Adobe Gamma Loader.lnk - C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
Assistant d'Acrobat.lnk - C:\Program Files\Adobe\Adobe Acrobat 6.0\Distillr\acrotray.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LMIinit]
C:\WINDOWS\system32\LMIinit.dll [2008-05-28 87352]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"ForceClassicControlPanel"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\SightSpeed\SightSpeed.exe"="C:\Program Files\SightSpeed\SightSpeed.exe:*:Enabled:SightSpeed"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\Program Files\eMule\emule.exe"="C:\Program Files\eMule\emule.exe:*:Enabled:eMule"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1e53a0fc-ba10-11dc-ad51-0013d3ee7e6e}]
shell\AutoRun\command - F:\LaunchU3.exe -a
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4206997a-9dc6-11dc-ad3a-0013d3ee7e6e}]
shell\AutoRun\command - F:\LaunchU3.exe -a
======List of files/folders created in the last 1 months======
2008-10-11 08:54:27 ----D---- C:\rsit
2008-10-10 09:15:48 ----A---- C:\WINDOWS\system32\tmp.txt
2008-10-10 09:05:43 ----D---- C:\Program Files\a-squared Anti-Malware
2008-10-09 19:22:32 ----A---- C:\WINDOWS\ntbtlog.txt
2008-10-09 19:19:55 ----D---- C:\Documents and Settings\Moi Même\Application Data\Malwarebytes
2008-10-09 19:19:50 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-10-09 19:19:49 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2008-10-09 18:43:32 ----A---- C:\WINDOWS\system32\wini104552502.exe
2008-10-09 09:17:05 ----A---- C:\WINDOWS\wininit.ini
2008-10-08 22:13:47 ----D---- C:\Program Files\dhahmac
2008-10-08 22:13:45 ----D---- C:\Documents and Settings\All Users\Application Data\bqbodyxo
2008-10-08 22:13:43 ----A---- C:\WINDOWS\system32\petapkxm.exe
2008-10-07 10:13:15 ----D---- C:\Program Files\GoldWave
2008-10-06 17:20:02 ----A---- C:\WINDOWS\system32\ZeroFile.dll
2008-10-05 10:15:47 ----D---- C:\Program Files\SDHelper (Spybot - Search & Destroy)
2008-10-05 10:15:46 ----D---- C:\Program Files\TeaTimer (Spybot - Search & Destroy)
2008-10-05 09:42:20 ----A---- C:\WINDOWS\system32\PICSDK2.dll
2008-10-05 09:42:20 ----A---- C:\WINDOWS\system32\PICSDK.ini
2008-10-05 09:42:20 ----A---- C:\WINDOWS\system32\PICSDK.dll
2008-10-05 09:42:20 ----A---- C:\WINDOWS\system32\PICEntry.dll
2008-10-05 09:42:20 ----A---- C:\WINDOWS\system32\EpPicPrt.dll
2008-10-05 09:42:20 ----A---- C:\WINDOWS\system32\EPPicMgr.dll
2008-10-05 09:41:25 ----D---- C:\Documents and Settings\Moi Même\Application Data\InstallShield
2008-10-05 09:39:41 ----D---- C:\Documents and Settings\All Users\Application Data\EPSON
2008-10-05 09:39:35 ----A---- C:\WINDOWS\system32\E_FLBCAE.DLL
2008-10-05 09:39:35 ----A---- C:\WINDOWS\system32\E_FD4BCAE.DLL
2008-10-05 09:30:14 ----A---- C:\WINDOWS\system32\eswiaml.dll
2008-10-05 09:30:14 ----A---- C:\WINDOWS\system32\eswia7e.dll
2008-10-05 09:30:14 ----A---- C:\WINDOWS\system32\esint7e.dll
2008-10-04 18:07:15 ----D---- C:\Program Files\Red Kawa
2008-10-04 18:04:49 ----RSD---- C:\WINDOWS\assembly
2008-10-04 18:03:46 ----D---- C:\WINDOWS\Microsoft.NET
2008-10-04 17:54:53 ----D---- C:\Program Files\PQDVD
2008-10-04 13:08:00 ----D---- C:\Program Files\Rockstar Custom Tracks
2008-10-04 10:45:28 ----D---- C:\Program Files\Exact Audio Copy PSP Edition
======List of files/folders modified in the last 1 months======
2008-10-11 08:53:55 ----D---- C:\WINDOWS\Prefetch
2008-10-11 08:51:56 ----D---- C:\Documents and Settings\Moi Même\Application Data\Skype
2008-10-11 08:17:32 ----D---- C:\WINDOWS\Temp
2008-10-11 08:13:30 ----D---- C:\Documents and Settings\Moi Même\Application Data\skypePM
2008-10-11 08:12:58 ----D---- C:\Program Files
2008-10-11 08:12:46 ----A---- C:\Program Files\dbg_LMI_proc.txt
2008-10-10 20:26:11 ----A---- C:\WINDOWS\SchedLgU.Txt
2008-10-10 17:25:18 ----D---- C:\Program Files\Mozilla Firefox
2008-10-10 11:51:09 ----A---- C:\WINDOWS\NeroDigital.ini
2008-10-10 09:30:21 ----D---- C:\WINDOWS\system32
2008-10-10 09:23:56 ----SHD---- C:\RECYCLER
2008-10-09 23:55:40 ----D---- C:\WINDOWS\security
2008-10-09 19:23:02 ----D---- C:\Documents and Settings
2008-10-09 19:22:32 ----D---- C:\WINDOWS
2008-10-09 19:19:52 ----D---- C:\WINDOWS\system32\drivers
2008-10-09 18:40:56 ----RSHDC---- C:\WINDOWS\system32\dllcache
2008-10-09 18:28:37 ----D---- C:\Program Files\Trend Micro
2008-10-09 11:09:10 ----D---- C:\Program Files\eMule
2008-10-07 20:39:27 ----HD---- C:\WINDOWS\inf
2008-10-07 10:27:01 ----D---- C:\WINDOWS\system32\CatRoot2
2008-10-06 17:25:41 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-10-05 10:21:42 ----D---- C:\Program Files\Spybot - Search & Destroy
2008-10-05 09:44:21 ----HD---- C:\Program Files\InstallShield Installation Information
2008-10-05 09:43:53 ----D---- C:\Program Files\EPSON
2008-10-05 09:30:14 ----D---- C:\WINDOWS\twain_32
2008-10-04 18:07:11 ----SHD---- C:\WINDOWS\Installer
2008-10-04 18:07:10 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2008-10-04 18:04:51 ----D---- C:\WINDOWS\WinSxS
2008-10-04 18:03:55 ----D---- C:\WINDOWS\system32\mui
2008-10-04 18:03:55 ----D---- C:\Program Files\Internet Explorer
2008-10-04 17:55:22 ----D---- C:\Temp
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 AmdK8;AMD Processor Driver; C:\WINDOWS\System32\DRIVERS\AmdK8.sys [2005-03-09 36352]
R1 ElbyCDIO;ElbyCDIO Driver; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [2007-08-07 25160]
R1 tmtdi;Trend Micro TDI Driver; C:\WINDOWS\System32\Drivers\tmtdi.sys [2005-01-18 35456]
R2 LMIInfo;LogMeIn Kernel Information Provider; \??\C:\Program Files\x86\RaInfo.sys []
R2 LMIRfsDriver;LogMeIn Remote File System Driver; \??\C:\WINDOWS\system32\drivers\LMIRfsDriver.sys []
R2 tm_cfw;Common Firewall Driver; C:\WINDOWS\System32\Drivers\tm_cfw.sys [2005-01-18 838870]
R2 Tmfilter;Tmfilter; C:\WINDOWS\system32\drivers\TmXPFlt.sys [2008-07-18 205328]
R2 Tmpreflt;Tmpreflt; C:\WINDOWS\system32\drivers\Tmpreflt.sys [2008-07-18 36368]
R2 Vsapint;Vsapint; C:\WINDOWS\system32\drivers\Vsapint.sys [2008-07-18 1195448]
R3 AnyDVD;AnyDVD; C:\WINDOWS\System32\Drivers\AnyDVD.sys [2007-10-11 96832]
R3 ElbyDelay;ElbyDelay; C:\WINDOWS\System32\Drivers\ElbyDelay.sys [2007-02-16 11984]
R3 FETNDISB;VIA Rhine Family Fast Ethernet Adapter Driver Service; C:\WINDOWS\System32\DRIVERS\fetnd5b.sys [2004-04-15 42496]
R3 L8042pr2;Logitech PS/2 Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\L8042pr2.Sys [2003-12-17 51729]
R3 lmimirr;lmimirr; C:\WINDOWS\system32\DRIVERS\lmimirr.sys [2007-09-12 10144]
R3 LMouFlt2;Logitech Mouse Class Filter Driver; C:\WINDOWS\system32\DRIVERS\LMouFlt2.Sys [2003-12-17 70801]
R3 usbehci;Pilote miniport de contrôleur hôte amélioré USB 2.0 Microsoft; C:\WINDOWS\System32\DRIVERS\usbehci.sys [2004-08-03 26624]
R3 usbhub;Concentrateur USB2; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2004-08-03 57600]
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2004-08-03 20480]
R3 V0220Dev;Live! Cam Video IM; C:\WINDOWS\system32\DRIVERS\V0220Dev.sys [2006-06-29 146112]
R3 V0220Vfx;V0220VFX; C:\WINDOWS\system32\DRIVERS\V0220Vfx.sys [2006-06-08 6272]
R3 viagfx;viagfx; C:\WINDOWS\System32\DRIVERS\vtmini.sys [2004-10-07 174592]
R3 VIAudio;Vinyl AC'97 Audio Controller (WDM); C:\WINDOWS\system32\drivers\vinyl97.sys [2005-08-03 202112]
S1 wceusbsh;Pilote d'hôte USB série pour Windows CE; C:\WINDOWS\system32\DRIVERS\wceusbsh.sys [2004-08-19 32128]
S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-04 17024]
S3 FETNDIS;Pilote NT de carte VIA PCI 10/100Mo Fast Ethernet; C:\WINDOWS\System32\DRIVERS\fetnd5.sys [2001-08-17 27165]
S3 GMSIPCI;GMSIPCI; \??\E:\INSTALL\GMSIPCI.SYS []
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]
S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-04 85376]
S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-04 10880]
S3 NTACCESS;NTACCESS; \??\E:\NTACCESS.sys []
S3 SetupNTGLM7X;SetupNTGLM7X; \??\E:\NTGLM7X.sys []
S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-04 11136]
S3 SONYPVU1;Pilote de filtrage Sony USB (SONYPVU1); C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-04 15360]
S3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2004-08-03 59264]
S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
S3 WpdUsb;WpdUsb; C:\WINDOWS\System32\Drivers\wpdusb.sys [2005-01-28 18944]
S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-04 19328]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
S4 LMIRfsClientNP;LMIRfsClientNP; C:\WINDOWS\system32\drivers\LMIRfsClientNP.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 a2AntiMalware;a-squared Anti-Malware Service; C:\Program Files\a-squared Anti-Malware\a2service.exe [2008-10-04 418936]
R2 LMIMaint;LogMeIn Maintenance Service; C:\Program Files\x86\RaMaint.exe [2008-05-28 116032]
R2 LogMeIn;LogMeIn; C:\Program Files\x86\LogMeIn.exe [2007-09-12 63040]
R2 MDM;Machine Debug Manager; C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
R2 PcCtlCom;Trend Micro Central Control Component; C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe [2004-11-15 860242]
R2 Tmntsrv;Trend Micro Real-time Service; C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe [2004-10-27 282696]
R2 TmPfw;Trend Micro Personal Firewall; C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe [2005-01-18 585789]
R2 tmproxy;Trend Micro Proxy Service; C:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe [2004-09-15 188484]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\System32\wdfmgr.exe [2005-01-28 38912]
R3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\MSN Messenger\usnsvc.exe [2007-01-19 97136]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe [2006-11-14 68096]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-05-16 228208]
-----------------EOF-----------------
info.txt logfile of random's system information tool 1.04 2008-10-11 08:54:43
======Uninstall list======
-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
-->C:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EFB21DE7-8C19-4A88-BB28-A766E16493BC}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{15B3F9F8-4CF9-452A-9AF2-AA8553765DA7}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2C81600D-D6C7-4687-9362-DD4A78B3483E}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{513D9FB1-27A2-44E4-8F2D-77A6737921A5}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{63A317D0-60A6-43FC-848A-9FE4A53B29CE}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6BE926E5-66F4-4166-A5E5-E14D7A165BBD}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{88B1984E-36F0-47B8-B8DC-728966807A9C}\SETUP.EXE" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A82F10CB-18B5-4EAC-AEF2-FA49CD565626}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D5BA7C09-E523-478C-9C37-A1D86C76383E}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EAF97B2C-0B9B-403C-829C-EF8099237DA9}\setup.exe" -l0x40c
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
-->VTUninst.exe -reg 5 'HKLM\Software\S3\VT\S3Uninst\S3Timer'
Adobe Acrobat - Reader 6.0.2 Update-->MsiExec.exe /I{AC76BA86-0000-0000-0000-6028747ADE01}
Adobe Acrobat 6.0.1 Professional - English, Français, Deutsch-->MsiExec.exe /I{AC76BA86-1033-F400-7760-000000000001}
Adobe Acrobat and Reader 6.0.3 Update-->MsiExec.exe /I{AC76BA86-0000-7EC8-7489-000000000603}
Adobe Acrobat and Reader 6.0.4 Update-->MsiExec.exe /I{AC76BA86-0000-7EC8-7489-000000000604}
Adobe Acrobat and Reader 6.0.5 Update-->MsiExec.exe /I{AC76BA86-0000-7EC8-7489-000000000605}
Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742)-->MsiExec.exe /X{6846389C-BAC0-4374-808E-B120F86AF5D7}
Adobe Creative Suite-->C:\PROGRA~1\INSTAL~1\{D52EC~1\setup.exe /Relaunched=yes /Uninstall /Relaunched=yes
Adobe Flash Player 9 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\FlashUtil9c.exe -uninstallUnlock
Adobe Reader 8.1.1 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A81000000003}
Adobe Reader 8.1.2 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A81200000003}
Advanced Video FX Engine-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D5BA7C09-E523-478C-9C37-A1D86C76383E}\setup.exe" -l0x40c /remove
AnyDVD-->"C:\Program Files\SlySoft\AnyDVD\AnyDVD-uninst.exe" /D="C:\Program Files\SlySoft\AnyDVD"
Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe
a-squared Anti-Malware 4.0-->"C:\Program Files\a-squared Anti-Malware\unins000.exe"
BitComet 0.93-->C:\Program Files\BitComet\uninst.exe
Blender (remove only)-->"C:\Program Files\Blender Foundation\Blender\uninstall.exe"
CloneDVD2-->"C:\Program Files\Elaborate Bytes\CloneDVD2\CloneDVD2-uninst.exe" /D="C:\Program Files\Elaborate Bytes\CloneDVD2"
Correctif pour Windows Internet Explorer 7 (KB947864)-->"C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\spuninst.exe"
Correctif pour Windows XP (KB914440)-->"C:\WINDOWS\$NtUninstallKB914440$\spuninst\spuninst.exe"
Correctif pour Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
Correctif Windows XP - KB873339-->C:\WINDOWS\$NtUninstallKB873339$\spuninst\spuninst.exe
Correctif Windows XP - KB885250-->C:\WINDOWS\$NtUninstallKB885250$\spuninst\spuninst.exe
Correctif Windows XP - KB885835-->C:\WINDOWS\$NtUninstallKB885835$\spuninst\spuninst.exe
Correctif Windows XP - KB885836-->C:\WINDOWS\$NtUninstallKB885836$\spuninst\spuninst.exe
Correctif Windows XP - KB885884-->C:\WINDOWS\$NtUninstallKB885884$\spuninst\spuninst.exe
Correctif Windows XP - KB886185-->C:\WINDOWS\$NtUninstallKB886185$\spuninst\spuninst.exe
Correctif Windows XP - KB887472-->C:\WINDOWS\$NtUninstallKB887472$\spuninst\spuninst.exe
Correctif Windows XP - KB887742-->C:\WINDOWS\$NtUninstallKB887742$\spuninst\spuninst.exe
Correctif Windows XP - KB888113-->C:\WINDOWS\$NtUninstallKB888113$\spuninst\spuninst.exe
Correctif Windows XP - KB888302-->C:\WINDOWS\$NtUninstallKB888302$\spuninst\spuninst.exe
Correctif Windows XP - KB890859-->"C:\WINDOWS\$NtUninstallKB890859$\spuninst\spuninst.exe"
Correctif Windows XP - KB891781-->C:\WINDOWS\$NtUninstallKB891781$\spuninst\spuninst.exe
Creative Live! Cam Center-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6BE926E5-66F4-4166-A5E5-E14D7A165BBD}\setup.exe" -l0x40c /remove
Creative Live! Cam Manager-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{15B3F9F8-4CF9-452A-9AF2-AA8553765DA7}\setup.exe" -l0x40c /remove
Creative Live! Cam Video IM Driver (1.01.01.00)-->C:\WINDOWS\CtDrvIns.exe -uninstall -script VF0220.uns -unsext NT -plugin V0220Pin.dll -pluginres CtCamPin.crl
Creative Photo Calendar-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2C81600D-D6C7-4687-9362-DD4A78B3483E}\setup.exe" -l0x40c /remove
Creative Photo Manager-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{513D9FB1-27A2-44E4-8F2D-77A6737921A5}\setup.exe" -l0x40c /remove
Creative Software AutoUpdate-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{88B1984E-36F0-47B8-B8DC-728966807A9C}\SETUP.EXE" -l0x40c /remove
Creative System Information-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{63A317D0-60A6-43FC-848A-9FE4A53B29CE}\setup.exe" -l0x40c /remove
CX4300_5500_DX4400 Manuel-->C:\Program Files\EPSON\TPMANUAL\CX4300_5500_DX4400\FRA\USE_G\DOCUNINS.EXE
DivX Codec-->C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
DivX Content Uploader-->C:\Program Files\DivX\DivXContentUploaderUninstall.exe /CUPLOADER
DivX Converter-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
DivX Player-->C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
DivX Web Player-->C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
DVD Decrypter (Remove Only)-->"C:\Program Files\DVD Decrypter\uninstall.exe"
eMule-->"C:\Program Files\eMule\Uninstall.exe"
EPSON Copy Utility 3-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{67EDD823-135A-4D59-87BD-950616D6E857}\SETUP.EXE" -l0x40c -UnInstall
EPSON Logiciel imprimante-->C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\EPUPDATE.EXE /R
EPSON Scan-->C:\Program Files\epson\escndv\setup\setup.exe /r
EPSON Web-To-Page-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7F14F68C-17FA-4F88-B3FD-7F449C1EBF32}\SETUP.EXE" -l0x40c -anything
GoldWave v5.25-->"C:\Program Files\GoldWave\unstall.exe" "GoldWave v5.25" "C:\Program Files\GoldWave\unstall.log"
Google Toolbar for Firefox-->MsiExec.exe /X{2CCBABCB-6427-4A55-B091-49864623C43F}
HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Hotfix for Windows XP (KB915865)-->"C:\WINDOWS\$NtUninstallKB915865$\spuninst\spuninst.exe"
Installer Yahoo! Messenger-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EAF97B2C-0B9B-403C-829C-EF8099237DA9}\setup.exe" -l0x40c /remove
IrfanView (remove only)-->C:\Program Files\IrfanView\iv_uninstall.exe
Lecteur Windows Media 10-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Logitech MouseWare 9.79.1 -->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5809E7CF-4DCF-11D4-9875-00105ACE7734}\Setup.exe" -l0x40c -l040c UNINSTALL
LogMeIn-->MsiExec.exe /I{EFED5763-E48C-4664-A343-3CA6BC0C865F}
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Manuel d'utilisation de Creative Live! Cam Video IM (Français)-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\Creative\Creative Live! Cam Video IM\Manuel d'utilisation de Creative Live! Cam Video IM\French\CTManual.isu"
MathType 5-->"C:\Program Files\MathType\Setup.exe" -R
Microsoft .NET Framework 2.0-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.exe
Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
Microsoft Money-->C:\Program Files\Microsoft Money 2005\MNYCoreFiles\Setup\uninst.exe /s:120
Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
Microsoft Office Professional Edition 2003-->MsiExec.exe /I{9011040C-6000-11D3-8CFE-0150048383C9}
Microsoft Plus! pour Windows XP-->MsiExec.exe /I{EEC2DAFD-5558-40AC-8E9C-5005C8F810E8}
Mise à jour de sécurité pour Lecteur Windows Media (KB911564)-->"C:\WINDOWS\$NtUninstallKB911564$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 10 (KB911565)-->"C:\WINDOWS\$NtUninstallKB911565$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 10 (KB917734)-->"C:\WINDOWS\$NtUninstallKB917734_WMP10$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 10 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP10$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 6.4 (KB925398)-->"C:\WINDOWS\$NtUninstallKB925398_WMP64$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB939653)-->"C:\WINDOWS\ie7updates\KB939653-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB942615)-->"C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB944533)-->"C:\WINDOWS\ie7updates\KB944533-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB950759)-->"C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB953838)-->"C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB890046)-->"C:\WINDOWS\$NtUninstallKB890046$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB893756)-->"C:\WINDOWS\$NtUninstallKB893756$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB896358)-->"C:\WINDOWS\$NtUninstallKB896358$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB896422)-->"C:\WINDOWS\$NtUninstallKB896422$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB896423)-->"C:\WINDOWS\$NtUninstallKB896423$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB896424)-->"C:\WINDOWS\$NtUninstallKB896424$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB896428)-->"C:\WINDOWS\$NtUninstallKB896428$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB899587)-->"C:\WINDOWS\$NtUninstallKB899587$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB899589)-->"C:\WINDOWS\$NtUninstallKB899589$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB899591)-->"C:\WINDOWS\$NtUninstallKB899591$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB900725)-->"C:\WINDOWS\$NtUninstallKB900725$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB901017)-->"C:\WINDOWS\$NtUninstallKB901017$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB901214)-->"C:\WINDOWS\$NtUninstallKB901214$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB902400)-->"C:\WINDOWS\$NtUninstallKB902400$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB904706)-->"C:\WINDOWS\$NtUninstallKB904706$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB905414)-->"C:\WINDOWS\$NtUninstallKB905414$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB905749)-->"C:\WINDOWS\$NtUninstallKB905749$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB908519)-->"C:\WINDOWS\$NtUninstallKB908519$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB911280)-->"C:\WINDOWS\$NtUninstallKB911280$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB911562)-->"C:\WINDOWS\$NtUninstallKB911562$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB911567)-->"C:\WINDOWS\$NtUninstallKB911567$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB911927)-->"C:\WINDOWS\$NtUninstallKB911927$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB912812)-->"C:\WINDOWS\$NtUninstallKB912812$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB912919)-->"C:\WINDOWS\$NtUninstallKB912919$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB913433)-->C:\WINDOWS\system32\MacroMed\Flash\genuinst.exe C:\WINDOWS\system32\MacroMed\Flash\KB913433.inf
Mise à jour de sécurité pour Windows XP (KB913446)-->"C:\WINDOWS\$NtUninstallKB913446$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB913580)-->"C:\WINDOWS\$NtUninstallKB913580$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB914388)-->"C:\WINDOWS\$NtUninstallKB914388$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB914389)-->"C:\WINDOWS\$NtUninstallKB914389$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB916281)-->"C:\WINDOWS\$NtUninstallKB916281$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB917159)-->"C:\WINDOWS\$NtUninstallKB917159$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB917344)-->"C:\WINDOWS\$NtUninstallKB917344$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB917422)-->"C:\WINDOWS\$NtUninstallKB917422$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB917953)-->"C:\WINDOWS\$NtUninstallKB917953$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB918118)-->"C:\WINDOWS\$NtUninstallKB918118$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB918439)-->"C:\WINDOWS\$NtUninstallKB918439$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB918899)-->"C:\WINDOWS\$NtUninstallKB918899$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB919007)-->"C:\WINDOWS\$NtUninstallKB919007$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB920213)-->"C:\WINDOWS\$NtUninstallKB920213$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB920214)-->"C:\WINDOWS\$NtUninstallKB920214$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB920670)-->"C:\WINDOWS\$NtUninstallKB920670$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB920683)-->"C:\WINDOWS\$NtUninstallKB920683$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB920685)-->"C:\WINDOWS\$NtUninstallKB920685$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB921398)-->"C:\WINDOWS\$NtUninstallKB921398$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB921503)-->"C:\WINDOWS\$NtUninstallKB921503$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB921883)-->"C:\WINDOWS\$NtUninstallKB921883$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB922616)-->"C:\WINDOWS\$NtUninstallKB922616$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB922760)-->"C:\WINDOWS\$NtUninstallKB922760$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB922819)-->"C:\WINDOWS\$NtUninstallKB922819$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB923191)-->"C:\WINDOWS\$NtUninstallKB923191$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB923414)-->"C:\WINDOWS\$NtUninstallKB923414$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB923689)-->"C:\WINDOWS\$NtUninstallKB923689$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB923694)-->"C:\WINDOWS\$NtUninstallKB923694$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB923980)-->"C:\WINDOWS\$NtUninstallKB923980$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB924191)-->"C:\WINDOWS\$NtUninstallKB924191$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB924270)-->"C:\WINDOWS\$NtUninstallKB924270$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB924496)-->"C:\WINDOWS\$NtUninstallKB924496$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB924667)-->"C:\WINDOWS\$NtUninstallKB924667$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB925454)-->"C:\WINDOWS\$NtUninstallKB925454$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB925486)-->"C:\WINDOWS\$NtUninstallKB925486$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB925902)-->"C:\WINDOWS\$NtUninstallKB925902$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB926255)-->"C:\WINDOWS\$NtUninstallKB926255$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB926436)-->"C:\WINDOWS\$NtUninstallKB926436$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB927779)-->"C:\WINDOWS\$NtUninstallKB927779$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB927802)-->"C:\WINDOWS\$NtUninstallKB927802$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB928090)-->"C:\WINDOWS\$NtUninstallKB928090$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB928255)-->"C:\WINDOWS\$NtUninstallKB928255$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB928843)-->"C:\WINDOWS\$NtUninstallKB928843$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB929123)-->"C:\WINDOWS\$NtUninstallKB929123$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB929969)-->"C:\WINDOWS\$NtUninstallKB929969$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB930178)-->"C:\WINDOWS\$NtUninstallKB930178$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB931261)-->"C:\WINDOWS\$NtUninstallKB931261$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB931768)-->"C:\WINDOWS\$NtUninstallKB931768$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB931784)-->"C:\WINDOWS\$NtUninstallKB931784$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB932168)-->"C:\WINDOWS\$NtUninstallKB932168$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB933566)-->"C:\WINDOWS\$NtUninstallKB933566$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB933729)-->"C:\WINDOWS\$NtUninstallKB933729$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB935839)-->"C:\WINDOWS\$NtUninstallKB935839$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB935840)-->"C:\WINDOWS\$NtUninstallKB935840$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB936021)-->"C:\WINDOWS\$NtUninstallKB936021$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB937143)-->"C:\WINDOWS\$NtUninstallKB937143$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB937894)-->"C:\WINDOWS\$NtUninstallKB937894$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB938127)-->"C:\WINDOWS\$NtUninstallKB938127$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB938829)-->"C:\WINDOWS\$NtUninstallKB938829$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB941202)-->"C:\WINDOWS\$NtUninstallKB941202$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB941568)-->"C:\WINDOWS\$NtUninstallKB941568$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB941644)-->"C:\WINDOWS\$NtUninstallKB941644$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB941693)-->"C:\WINDOWS\$NtUninstallKB941693$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB943055)-->"C:\WINDOWS\$NtUninstallKB943055$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB943460)-->"C:\WINDOWS\$NtUninstallKB943460$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB943485)-->"C:\WINDOWS\$NtUninstallKB943485$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB944653)-->"C:\WINDOWS\$NtUninstallKB944653$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB945553)-->"C:\WINDOWS\$NtUninstallKB945553$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB946026)-->"C:\WINDOWS\$NtUninstallKB946026$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB948590)-->"C:\WINDOWS\$NtUninstallKB948590$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB948881)-->"C:\WINDOWS\$NtUninstallKB948881$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950749)-->"C:\WINDOWS\$NtUninstallKB950749$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951376)-->"C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB894391)-->"C:\WINDOWS\$NtUninstallKB894391$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB898461)-->"C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB900485)-->"C:\WINDOWS\$NtUninstallKB900485$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB904942)-->"C:\WINDOWS\$NtUninstallKB904942$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB908531)-->"C:\WINDOWS\$NtUninstallKB908531$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB910437)-->"C:\WINDOWS\$NtUninstallKB910437$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB916595)-->"C:\WINDOWS\$NtUninstallKB916595$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB920872)-->"C:\WINDOWS\$NtUninstallKB920872$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB922582)-->"C:\WINDOWS\$NtUninstallKB922582$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB927891)-->"C:\WINDOWS\$NtUninstallKB927891$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB929338)-->"C:\WINDOWS\$NtUninstallKB929338$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB930916)-->"C:\WINDOWS\$NtUninstallKB930916$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB931836)-->"C:\WINDOWS\$NtUninstallKB931836$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB932823-v3)-->"C:\WINDOWS\$NtUninstallKB932823-v3$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB933360)-->"C:\WINDOWS\$NtUninstallKB933360$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB938828)-->"C:\WINDOWS\$NtUninstallKB938828$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB942763)-->"C:\WINDOWS\$NtUninstallKB942763$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
Mozilla Firefox (3.0.3)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MP3PowerEncoder-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{969B3B70-8765-11D5-9809-0050BACBF861}\Setup.exe" -uninstall
Nero OEM-->C:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL
PowerDVD-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\Setup.exe" -uninstall
PSP Video 9 2.25-->C:\Program Files\Red Kawa\Video Converter\uninstaller.exe
PSP Video Express(remove only)-->"C:\Program Files\PQDVD\PSPVideoExpress\bt-uninst.exe"
QuickTime-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{C21D5524-A970-42FA-AC8A-59B8C7CDCA31} /l1036
RealPlayer-->C:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
S3 S3Display-->vtuninst.exe -reg 5 'HKLM\Software\S3\VT\S3Uninst\S3Display'
S3 S3Gamma2-->vtuninst.exe -reg 5 'HKLM\Software\S3\VT\S3Uninst\S3Gamma2'
S3 S3Info2-->vtuninst.exe -reg 5 'HKLM\Software\S3\VT\S3Uninst\S3Info2'
S3 S3Overlay-->vtuninst.exe -reg 5 'HKLM\Software\S3\VT\S3Uninst\S3Overlay'
S3 S3TrayPlus-->vtuninst.exe -reg 5 'HKLM\Software\S3\VT\S3Uninst\S3TrayPlus'
SightSpeed (remove only)-->"C:\Program Files\SightSpeed\uninst.exe"
Skype™ 3.6-->MsiExec.exe /X{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}
Sony ATRAC3 Audio Codec (remove only)-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall.NT 132 C:\WINDOWS\INF\atrac3.inf
Spybot - Search & Destroy 1.4-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe"
Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins001.exe"
SUPER © Version 2006.19 (FIX)-->C:\PROGRA~1\SUPER\Setup.exe /remove /q0
Trend Micro PC-cillin Internet Security 12-->MsiExec.exe /X{7698EDA5-A90F-4205-99CB-8FF6F9048ED9}
TV sur PC-->C:\Program Files\Neuf\TV_PC\uninstall.exe
UniChrome Pro IGP Display Driver and Utilities-->C:\PROGRA~1\S3Inc\S3\s3setvga.exe -s -fC:\PROGRA~1\S3Inc\S3\S3.uns
VIA Platform Device Manager-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{20D4A895-748C-4D88-871C-FDB1695B0169}
VIA Vinyl Audio Codecs Driver Setup Program-->RunDll32.exe UnAudioNT.dll,UninstallAudio C:\WINDOWS\IsUninst.exe -y-f"C:\PROGRA~1\VIAudioi\SBASetup\Uninst.isu"
Windows Installer 3.1 (KB893803)-->"C:\WINDOWS\$MSI31Uninstall_KB893803v2$\spuninst\spuninst.exe"
Windows Internet Explorer 7-->"C:\WINDOWS\ie7\spuninst\spuninst.exe"
Windows Live installer-->MsiExec.exe /I{A90D10BA-1E82-44E1-87DE-56A22BA151DA}
Windows Live Messenger-->MsiExec.exe /I{F6326B60-1B1D-4ABF-BFCD-7B7404F44411}
Windows Live Sign-in Assistant-->MsiExec.exe /I{22B3CC30-77B8-419C-AA4B-F571FDF5D66D}
Windows Media Format Runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows XP Service Pack 2-->C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe
xp-AntiSpy 3.95-1-->C:\Program Files\xp-AntiSpy\Uninstall.exe
======Hosts File======
127.0.0.1 iw2.slysoft.com
127.0.0.1 h3.slysoft.com
127.0.0.1 slysoft.com
127.0.0.1 sb2slysoft.com
127.0.0.1 ns6.gandi.net
127.0.0.1 ev1slysoft.com
127.0.0.1 ev1.slysoft.com
127.0.0.1 iw2.slysoft.com
127.0.0.1 reverse.privatedns.com
127.0.0.1 iw2.slysoft.com
======Security center information======
AV: Trend Micro PC-cillin Internet Security 12
FW: Trend Micro PC-cillin Internet Security 12
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\QuickTime\QTSystem\
"windir"=%SystemRoot%
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 44 Stepping 2, AuthenticAMD
"PROCESSOR_REVISION"=2c02
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"FP_NO_HOST_CHECK"=NO
"CLASSPATH"=.;C:\Program Files\QuickTime\QTSystem\QTJava.zip
"QTJAVA"=C:\Program Files\QuickTime\QTSystem\QTJava.zip
-----------------EOF-----------------
- | Alerter
Re,
Merci de visiter ce lien pour savoir comment installer et exécuter ComboFix :
http://www.bleepingcomputer.com/combofix/fr/comment-uti...
Cela inclut l'installation de la console de récupération windows si jamais elle n'est pas déjà été installée sur le PC. Il est vivement recommandé d'installer la console de récupération windows, car elle permet d'avoir accès à un très grand nombre de fonctionnalités dans le cas où le PC ne redémarrerait plus. C'est une sécurité supplémentaire en quelque sorte.
Une fois la console de récupération installée, vous aurez le choix au démarrage entre votre windows habituel et la console de récupération. Lancez votre windows habituel, puisque nous n'avons pas besoin d'utiliser la console de récupération, qui ne sert qu'en cas de problèmes. Par défaut, votre OS est sélectionné et il se lance automatiquement au bout de deux secondes. C'est normal![:)]( ":)")
Merci de me poster dans ta prochaine réponse le rapport de combofix accompagné d'un nouveau rapport HijackThis.
![;)]( ";)")
Merci de visiter ce lien pour savoir comment installer et exécuter ComboFix :
http://www.bleepingcomputer.com/combofix/fr/comment-uti...
Cela inclut l'installation de la console de récupération windows si jamais elle n'est pas déjà été installée sur le PC. Il est vivement recommandé d'installer la console de récupération windows, car elle permet d'avoir accès à un très grand nombre de fonctionnalités dans le cas où le PC ne redémarrerait plus. C'est une sécurité supplémentaire en quelque sorte.
Une fois la console de récupération installée, vous aurez le choix au démarrage entre votre windows habituel et la console de récupération. Lancez votre windows habituel, puisque nous n'avons pas besoin d'utiliser la console de récupération, qui ne sert qu'en cas de problèmes. Par défaut, votre OS est sélectionné et il se lance automatiquement au bout de deux secondes. C'est normal
Merci de me poster dans ta prochaine réponse le rapport de combofix accompagné d'un nouveau rapport HijackThis.
- | Alerter
Bonjour, voici les deux rapports :
RAPPORT COMBOFIX :
RAPPORT HIJACKTHIS
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:13:50, on 12/10/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\VTTimer.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Creative\Creative Live! Cam\VideoFX\StartFX.exe
C:\WINDOWS\V0220Mon.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Creative\Creative Live! Cam\Live! Cam Manager\CTLCMgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe
C:\WINDOWS\system32\petapkxm.exe
C:\Program Files\Adobe\Adobe Acrobat 6.0\Distillr\acrotray.exe
C:\Program Files\a-squared Anti-Malware\a2service.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\BitComet\BitComet.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\PccGuide.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://orange.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.8.30.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat\AcroIEFavClient.dll (file missing)
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [pccguide.exe] "C:\Program Files\Trend Micro\Internet Security 12\pccguide.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [AVFX Engine] C:\Program Files\Creative\Creative Live! Cam\VideoFX\StartFX.exe
O4 - HKLM\..\Run: [V0220Mon.exe] C:\WINDOWS\V0220Mon.exe
O4 - HKLM\..\Run: [LogMeIn GUI] "C:\Program Files\x86\LogMeInSystray.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [a-squared] "C:\Program Files\a-squared Anti-Malware\a2guard.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [Creative Live! Cam Manager] "C:\Program Files\Creative\Creative Live! Cam\Live! Cam Manager\CTLCMgr.exe"
O4 - HKCU\..\Run: [AnyDVD] C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BitComet] "C:\Program Files\BitComet\BitComet.exe" /tray
O4 - HKCU\..\Run: [EPSON Stylus DX4400 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICAE.EXE /FU "C:\WINDOWS\TEMP\E_S24A.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [apicfgwin] C:\WINDOWS\system32\petapkxm.exe
O4 - HKCU\..\Run: [Configuration de la C-BOX] C:\Program Files\Cegetel\C-BOX\Wizard\QuickAccess.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Assistant d'Acrobat.lnk = C:\Program Files\Adobe\Adobe Acrobat 6.0\Distillr\acrotray.exe
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: BitComet Search - {461CC20B-FB6E-4f16-8FE8-C29359DB100E} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.8.30.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} (Performance Viewer Activex Control) - https://secure.logmein.com/activex/RACtrl.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{59B8D619-0CD9-41D8-8364-6B2BAB9BF950}: NameServer = 213.30.96.108,213.203.124.146
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: a-squared Anti-Malware Service (a2AntiMalware) - Emsi Software GmbH - C:\Program Files\a-squared Anti-Malware\a2service.exe
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Program Files\x86\RaMaint.exe
O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Program Files\x86\LogMeIn.exe
O23 - Service: Trend Micro Central Control Component (PcCtlCom) - Trend Micro Incorporated. - C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe
O23 - Service: Trend Micro Real-time Service (Tmntsrv) - Trend Micro Incorporated. - C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe
O23 - Service: Trend Micro Personal Firewall (TmPfw) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
O23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe
O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Program Files\Windows Live\installer\WLSetupSvc.exe
--
End of file - 7454 bytes
RAPPORT COMBOFIX :
ComboFix 08-10-11.02 - Moi Même 2008-10-12 14:20:13.2 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.174 [GMT 2:00]
Lancé depuis: C:\Documents and Settings\Moi Même\Bureau\ComboFix.exe
Commutateurs utilisés :: C:\Documents and Settings\Moi Même\Bureau\WindowsXP-KB310994-SP2-Pro-BootDisk-FRA.exe
* Un nouveau point de restauration a été créé
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\Documents and Settings\Moi Même\err.log
C:\Documents and Settings\Moi Même\Local Settings\Temporary Internet Files\101.gif
C:\Documents and Settings\Moi Même\Local Settings\Temporary Internet Files\102.gif
C:\Documents and Settings\Moi Même\Local Settings\Temporary Internet Files\103.gif
C:\Documents and Settings\Moi Même\Local Settings\Temporary Internet Files\104.gif
C:\Documents and Settings\Moi Même\Local Settings\Temporary Internet Files\105.gif
C:\Documents and Settings\Moi Même\Local Settings\Temporary Internet Files\106.gif
C:\Documents and Settings\Moi Même\Menu Démarrer\Programmes\XP_AntiSpyware
C:\Documents and Settings\Moi Même\Menu Démarrer\Programmes\XP_AntiSpyware\Uninstall.lnk
C:\Documents and Settings\Moi Même\Menu Démarrer\Programmes\XP_AntiSpyware\XP_AntiSpyware.lnk
C:\WINDOWS\IE4 Error Log.txt
.
((((((((((((((((((((((((((((( Fichiers créés du 2008-09-12 au 2008-10-12 ))))))))))))))))))))))))))))))))))))
.
2008-10-11 08:54 . 2008-10-11 08:54 <REP> d-------- C:\rsit
2008-10-10 09:15 . 2008-10-10 09:19 2,874 --a------ C:\WINDOWS\system32\tmp.reg
2008-10-10 09:05 . 2008-10-10 09:08 <REP> d-------- C:\Program Files\a-squared Anti-Malware
2008-10-09 19:24 . 2008-10-09 19:24 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\Malwarebytes
2008-10-09 19:23 . 2006-05-04 10:33 <REP> d--h----- C:\Documents and Settings\Administrateur\Voisinage réseau
2008-10-09 19:23 . 2006-05-04 10:33 <REP> d--h----- C:\Documents and Settings\Administrateur\Voisinage d'impression
2008-10-09 19:23 . 2006-05-04 09:55 <REP> d--h----- C:\Documents and Settings\Administrateur\Modèles
2008-10-09 19:23 . 2006-05-04 10:33 <REP> d-------- C:\Documents and Settings\Administrateur\Mes documents
2008-10-09 19:23 . 2006-05-04 10:33 <REP> dr------- C:\Documents and Settings\Administrateur\Menu Démarrer
2008-10-09 19:23 . 2006-05-04 10:33 <REP> d-------- C:\Documents and Settings\Administrateur\Favoris
2008-10-09 19:23 . 2008-10-10 00:34 <REP> d-------- C:\Documents and Settings\Administrateur\Bureau
2008-10-09 19:23 . 2008-10-09 19:23 <REP> d-------- C:\Documents and Settings\Administrateur
2008-10-09 19:19 . 2008-10-09 19:19 <REP> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-10-09 19:19 . 2008-10-09 19:19 <REP> d-------- C:\Documents and Settings\Moi Même\Application Data\Malwarebytes
2008-10-09 19:19 . 2008-10-09 19:19 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-10-09 19:19 . 2008-09-10 00:04 38,528 --a------ C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2008-10-09 19:19 . 2008-09-10 00:03 17,200 --a------ C:\WINDOWS\system32\drivers\mbam.sys
2008-10-09 18:43 . 2008-10-09 19:07 65,428 --a------ C:\WINDOWS\system32\wini104552502.exe
2008-10-09 09:17 . 2008-10-09 09:31 2,764 --a------ C:\WINDOWS\wininit.ini
2008-10-08 22:13 . 2008-10-09 23:54 <REP> d-------- C:\Program Files\dhahmac
2008-10-08 22:13 . 2008-10-09 23:54 <REP> d-------- C:\Documents and Settings\All Users\Application Data\bqbodyxo
2008-10-08 22:13 . 2008-10-08 22:13 98,304 --a------ C:\WINDOWS\system32\petapkxm.exe
2008-10-07 10:13 . 2008-10-07 10:13 <REP> d-------- C:\Program Files\GoldWave
2008-10-06 17:20 . 2002-02-27 22:45 45,056 --a------ C:\WINDOWS\system32\ZeroFile.dll
2008-10-05 10:15 . 2008-10-05 10:15 <REP> d-------- C:\Program Files\TeaTimer (Spybot - Search & Destroy)
2008-10-05 10:15 . 2008-10-05 10:15 <REP> d-------- C:\Program Files\SDHelper (Spybot - Search & Destroy)
2008-10-05 09:41 . 2008-10-05 09:41 <REP> d-------- C:\Documents and Settings\Moi Même\Application Data\InstallShield
2008-10-05 09:39 . 2008-10-05 09:39 <REP> d-------- C:\Documents and Settings\All Users\Application Data\EPSON
2008-10-05 09:39 . 2006-12-08 04:04 76,800 --a------ C:\WINDOWS\system32\E_FLBCAE.DLL
2008-10-05 09:39 . 2006-04-19 04:00 62,976 --a------ C:\WINDOWS\system32\E_FD4BCAE.DLL
2008-10-05 09:30 . 2006-12-28 00:00 208,896 --a------ C:\WINDOWS\system32\esint7e.dll
2008-10-05 09:30 . 2006-12-28 00:00 66,560 --a------ C:\WINDOWS\system32\eswia7e.dll
2008-10-05 09:30 . 2006-03-10 00:00 3,584 --a------ C:\WINDOWS\system32\eswiaml.dll
2008-10-04 18:07 . 2008-10-04 18:07 <REP> d-------- C:\Program Files\Red Kawa
2008-10-04 17:54 . 2008-10-04 17:54 <REP> d-------- C:\Program Files\PQDVD
2008-10-04 13:08 . 2008-10-04 13:09 <REP> d-------- C:\Program Files\Rockstar Custom Tracks
2008-10-04 10:45 . 2008-10-04 18:49 <REP> d-------- C:\Program Files\Exact Audio Copy PSP Edition
2008-10-02 17:31 . 2008-10-08 22:43 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-10-02 17:31 . 2008-10-02 17:31 1,409 --a------ C:\WINDOWS\QTFont.for
2008-09-27 18:03 . 2008-09-27 18:03 244 --ah----- C:\sqmnoopt13.sqm
2008-09-27 18:03 . 2008-09-27 18:03 232 --ah----- C:\sqmdata12.sqm
2008-09-27 12:47 . 2008-09-27 12:47 244 --ah----- C:\sqmnoopt12.sqm
2008-09-27 12:47 . 2008-09-27 12:47 232 --ah----- C:\sqmdata11.sqm
2008-09-27 11:51 . 2008-09-27 11:51 244 --ah----- C:\sqmnoopt11.sqm
2008-09-27 11:51 . 2008-09-27 11:51 232 --ah----- C:\sqmdata10.sqm
2008-09-27 08:00 . 2008-09-27 08:00 244 --ah----- C:\sqmnoopt10.sqm
2008-09-27 08:00 . 2008-09-27 08:00 232 --ah----- C:\sqmdata09.sqm
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-10-12 12:20 --------- d-----w C:\Documents and Settings\Moi Même\Application Data\Skype
2008-10-12 06:00 --------- d-----w C:\Documents and Settings\Moi Même\Application Data\skypePM
2008-10-12 05:25 8,691 ----a-w C:\Program Files\LogMeIn.log
2008-10-12 05:25 67,596 ----a-w C:\Program Files\NET.dat
2008-10-12 05:25 33,804 ----a-w C:\Program Files\MEM.dat
2008-10-12 05:25 33,804 ----a-w C:\Program Files\DRV.dat
2008-10-12 05:25 11,276 ----a-w C:\Program Files\CPU.dat
2008-10-12 05:20 9,360 ----a-w C:\Program Files\dbg_LMI_proc.txt
2008-10-11 16:30 18,400 ----a-w C:\Program Files\LMI20081011.log
2008-10-10 18:26 29,067 ----a-w C:\Program Files\LMI20081010.log
2008-10-09 21:56 33,806 ----a-w C:\Program Files\LMI20081009.log
2008-10-09 16:28 --------- d-----w C:\Program Files\Trend Micro
2008-10-09 09:09 --------- d-----w C:\Program Files\eMule
2008-10-08 04:54 9,709 ----a-w C:\Program Files\LMI20081008.log
2008-10-06 15:43 9,709 ----a-w C:\Program Files\LMI20081006.log
2008-10-06 15:25 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-10-05 08:21 --------- d-----w C:\Program Files\Spybot - Search & Destroy
2008-10-05 07:44 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-10-05 07:43 --------- d-----w C:\Program Files\EPSON
2008-10-04 12:47 9,709 ----a-w C:\Program Files\LMI20081004.log
2008-10-03 05:01 9,709 ----a-w C:\Program Files\LMI20081003.log
2008-10-02 04:53 9,709 ----a-w C:\Program Files\LMI20081002.log
2008-10-01 18:33 18,400 ----a-w C:\Program Files\LMI20081001.log
2008-09-29 04:55 10,667 ----a-w C:\Program Files\LMI20080929.log
2008-09-28 14:05 7,733 ----a-w C:\Program Files\LMI20080928.log
2008-09-27 17:17 18,400 ----a-w C:\Program Files\LMI20080927.log
2008-09-24 05:14 9,781 ----a-w C:\Program Files\LMI20080924.log
2008-09-22 12:20 9,212 ----a-w C:\Program Files\LMI20080922.log
2008-09-21 09:38 17,382 ----a-w C:\Program Files\LMI20080921.log
2008-09-20 10:56 9,709 ----a-w C:\Program Files\LMI20080920.log
2008-09-19 05:33 9,212 ----a-w C:\Program Files\LMI20080919.log
2008-09-18 05:18 18,400 ----a-w C:\Program Files\LMI20080918.log
2008-09-17 05:26 8,691 ----a-w C:\Program Files\LMI20080917.log
2008-09-16 08:29 18,400 ----a-w C:\Program Files\LMI20080916.log
2008-09-15 06:13 9,709 ----a-w C:\Program Files\LMI20080915.log
2008-09-14 05:19 9,709 ----a-w C:\Program Files\LMI20080914.log
2008-09-13 05:49 8,691 ----a-w C:\Program Files\LMI20080913.log
2008-09-12 16:28 9,709 ----a-w C:\Program Files\LMI20080912.log
2008-09-11 07:37 17,903 ----a-w C:\Program Files\LMI20080911.log
2008-09-10 18:49 18,400 ----a-w C:\Program Files\LMI20080910.log
2008-09-09 05:34 9,709 ----a-w C:\Program Files\LMI20080909.log
2008-09-08 04:57 8,691 ----a-w C:\Program Files\LMI20080908.log
2008-09-07 07:14 9,709 ----a-w C:\Program Files\LMI20080907.log
2008-09-06 05:19 9,709 ----a-w C:\Program Files\LMI20080906.log
2008-09-05 04:46 8,691 ----a-w C:\Program Files\LMI20080905.log
2008-09-04 18:36 9,212 ----a-w C:\Program Files\LMI20080904.log
2008-09-03 04:59 9,709 ----a-w C:\Program Files\LMI20080903.log
2008-09-02 04:55 9,709 ----a-w C:\Program Files\LMI20080902.log
2008-08-29 18:42 9,709 ----a-w C:\Program Files\LMI20080829.log
2008-08-22 06:36 18,166 ----a-w C:\Program Files\LMI20080822.log
2008-08-18 09:54 26,625 ----a-w C:\Program Files\LMI20080818.log
2008-08-18 08:28 --------- d-----w C:\Documents and Settings\All Users\Application Data\LogMeIn
2008-08-18 08:27 388 ----a-w C:\Program Files\dbg_LMI_printer.txt
2008-08-18 08:27 --------- d-----w C:\Program Files\x86
2008-08-18 08:27 --------- d-----w C:\Program Files\x64
2008-08-17 18:34 6,924 ----a-w C:\Program Files\LMI20080817.log
2008-08-16 18:34 6,924 ----a-w C:\Program Files\LMI20080816.log
2008-08-15 18:35 24,122 ----a-w C:\Program Files\LMI20080815.log
2008-08-14 19:13 26,098 ----a-w C:\Program Files\LMI20080814.log
2008-08-13 19:10 16,511 ----a-w C:\Program Files\LMI20080813.log
2008-08-06 18:05 10,108 ----a-w C:\Program Files\LMI20080806.log
2008-08-04 11:46 16,511 ----a-w C:\Program Files\LMI20080804.log
2008-07-31 16:10 16,511 ----a-w C:\Program Files\LMI20080731.log
2008-07-30 06:30 16,511 ----a-w C:\Program Files\LMI20080730.log
2008-07-29 04:56 16,511 ----a-w C:\Program Files\LMI20080729.log
2008-07-28 04:52 9,587 ----a-w C:\Program Files\LMI20080728.log
2008-07-27 05:34 16,511 ----a-w C:\Program Files\LMI20080727.log
2008-07-26 05:00 10,180 ----a-w C:\Program Files\LMI20080726.log
2008-07-25 04:46 16,511 ----a-w C:\Program Files\LMI20080725.log
2008-07-24 04:47 16,511 ----a-w C:\Program Files\LMI20080724.log
2008-07-21 16:48 26,098 ----a-w C:\Program Files\LMI20080721.log
2008-07-20 19:22 16,511 ----a-w C:\Program Files\LMI20080720.log
2008-07-19 05:42 16,511 ----a-w C:\Program Files\LMI20080719.log
2008-07-18 20:10 94,920 ----a-w C:\WINDOWS\system32\cdm.dll
2008-07-18 20:10 53,448 ----a-w C:\WINDOWS\system32\wuauclt.exe
2008-07-18 20:10 45,768 ----a-w C:\WINDOWS\system32\wups2.dll
2008-07-18 20:10 36,552 ----a-w C:\WINDOWS\system32\wups.dll
2008-07-18 20:09 563,912 ----a-w C:\WINDOWS\system32\wuapi.dll
2008-07-18 20:09 325,832 ----a-w C:\WINDOWS\system32\wucltui.dll
2008-07-18 20:09 205,000 ----a-w C:\WINDOWS\system32\wuweb.dll
2008-07-18 20:09 1,811,656 ----a-w C:\WINDOWS\system32\wuaueng.dll
2008-07-18 20:07 270,880 ----a-w C:\WINDOWS\system32\mucltui.dll
2008-07-18 20:07 210,976 ----a-w C:\WINDOWS\system32\muweb.dll
2008-07-18 04:50 16,511 ----a-w C:\Program Files\LMI20080718.log
2008-07-17 04:41 9,587 ----a-w C:\Program Files\LMI20080717.log
2008-07-16 11:59 26,098 ----a-w C:\Program Files\LMI20080716.log
2008-07-15 05:37 19,174 ----a-w C:\Program Files\LMI20080715.log
2008-07-14 08:23 16,511 ----a-w C:\Program Files\LMI20080714.log
2008-05-28 10:32 5,102,100 ----a-w C:\Program Files\template.rab
2007-11-16 08:49 32 ----a-w C:\Documents and Settings\All Users\Application Data\ezsid.dat
2007-10-09 18:04 854 ----a-w C:\Program Files\journal.dat
2007-09-12 08:20 6,189 ----a-w C:\Program Files\file.sma
2007-09-12 08:20 5,902 ----a-w C:\Program Files\email.sma
2007-09-12 08:20 5,855 ----a-w C:\Program Files\ping.sma
2007-09-12 08:20 5,750 ----a-w C:\Program Files\WapClients.cfg
2007-09-12 08:20 4,810 ----a-w C:\Program Files\processes.sma
2007-09-12 08:20 4,364 ----a-w C:\Program Files\WatchProcess.sma
2007-09-12 08:20 3,188 ----a-w C:\Program Files\CheckCDrive.sma
2007-09-12 08:20 24,967 ----a-w C:\Program Files\MonitoringScript.txt
2005-05-13 16:12 217,073 --sha-r C:\WINDOWS\meta4.exe
2005-10-24 10:13 66,560 --sha-r C:\WINDOWS\MOTA113.exe
2005-10-13 20:27 422,400 --sha-r C:\WINDOWS\x2.64.exe
2005-10-07 18:14 308,224 --sha-r C:\WINDOWS\system32\avisynth.dll
2005-07-14 11:31 27,648 --sha-r C:\WINDOWS\system32\AVSredirect.dll
2005-06-26 14:32 616,448 --sha-r C:\WINDOWS\system32\cygwin1.dll
2005-06-21 21:37 45,568 --sha-r C:\WINDOWS\system32\cygz.dll
2004-01-24 23:00 70,656 --sha-r C:\WINDOWS\system32\i420vfw.dll
2006-04-27 09:24 2,945,024 --sha-r C:\WINDOWS\system32\Smab.dll
2005-02-28 12:16 240,128 --sha-r C:\WINDOWS\system32\x.264.exe
2004-01-24 23:00 70,656 --sha-r C:\WINDOWS\system32\yv12vfw.dll
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.Exe" [2007-01-19 5674352]
"Skype"="C:\Program Files\Skype\Phone\Skype.exe" [2007-11-12 21760296]
"Creative Live! Cam Manager"="C:\Program Files\Creative\Creative Live! Cam\Live! Cam Manager\CTLCMgr.exe" [2006-05-31 143360]
"AnyDVD"="C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe" [2007-10-12 1563584]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-19 15360]
"BitComet"="C:\Program Files\BitComet\BitComet.exe" [2007-09-10 6338360]
"EPSON Stylus DX4400 Series"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICAE.EXE" [2007-03-01 180736]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2008-09-16 1833296]
"apicfgwin"="C:\WINDOWS\system32\petapkxm.exe" [2008-10-08 98304]
"Configuration de la C-BOX"="C:\Program Files\Cegetel\C-BOX\Wizard\QuickAccess.exe" [BU]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2004-02-13 155648]
"pccguide.exe"="C:\Program Files\Trend Micro\Internet Security 12\pccguide.exe" [2004-10-27 823361]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2006-08-31 282624]
"AVFX Engine"="C:\Program Files\Creative\Creative Live! Cam\VideoFX\StartFX.exe" [2006-06-09 24576]
"V0220Mon.exe"="C:\WINDOWS\V0220Mon.exe" [2006-06-28 32768]
"LogMeIn GUI"="C:\Program Files\x86\LogMeInSystray.exe" [2007-09-12 63048]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-10-10 39792]
"a-squared"="C:\Program Files\a-squared Anti-Malware\a2guard.exe" [2008-10-07 2776720]
"VTTimer"="VTTimer.exe" [2004-10-01 C:\WINDOWS\system32\VTTimer.exe]
C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
Adobe Gamma Loader.lnk - C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe [2006-11-14 113664]
Assistant d'Acrobat.lnk - C:\Program Files\Adobe\Adobe Acrobat 6.0\Distillr\acrotray.exe [2003-10-24 217194]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"ForceClassicControlPanel"= 1 (0x1)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LMIinit]
2008-05-28 12:32 87352 C:\WINDOWS\system32\LMIinit.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.I420"= i420vfw.dll
"msacm.clmp3enc"= C:\PROGRA~1\CYBERL~1\MP3POW~1\CLMP3Enc.ACM
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Assistant d'Acrobat.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Assistant d'Acrobat.lnk
backup=C:\WINDOWS\pss\Assistant d'Acrobat.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AudioDeck]
--a------ 2005-09-06 05:10 450560 C:\Program Files\VIAudioi\SBADeck\ADeck.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Logitech Utility]
--------- 2003-12-17 09:50 19968 C:\WINDOWS\LOGI_MWX.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\TrendAntiVirus]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\TrendFirewall]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\SightSpeed\\SightSpeed.exe"=
"C:\\Program Files\\eMule\\emule.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"C:\\Program Files\\MSN Messenger\\livecall.exe"=
"C:\\Program Files\\Skype\\Phone\\Skype.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"14031:TCP"= 14031:TCP:BitComet 14031 TCP
"14031:UDP"= 14031:UDP:BitComet 14031 UDP
R2 LMIRfsDriver;LogMeIn Remote File System Driver;C:\WINDOWS\system32\drivers\LMIRfsDriver.sys [2008-03-07 45848]
R3 V0220Dev;Live! Cam Video IM;C:\WINDOWS\system32\DRIVERS\V0220Dev.sys [2006-06-29 146112]
R3 V0220Vfx;V0220VFX;C:\WINDOWS\system32\DRIVERS\V0220Vfx.sys [2006-06-08 6272]
S2 LMIInfo;LogMeIn Kernel Information Provider;C:\Program Files\x86\RaInfo.sys [2008-02-28 12856]
S3 SetupNTGLM7X;SetupNTGLM7X;E:\NTGLM7X.sys [ ]
S3 usbscan;Pilote de scanneur USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 USBSTOR;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1e53a0fc-ba10-11dc-ad51-0013d3ee7e6e}]
\Shell\AutoRun\command - F:\LaunchU3.exe -a
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4206997a-9dc6-11dc-ad3a-0013d3ee7e6e}]
\Shell\AutoRun\command - F:\LaunchU3.exe -a
*Newly Created Service* - CATCHME
*Newly Created Service* - PROCEXP90
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{969B3B70-8765-11D5-9809-0050BACBF861}]
rundll32.exe advpack.dll,LaunchINFSection C:\Program Files\CyberLink\MP3PowerEncoder\Cyber.inf,PerUserStub
.
- - - - ORPHELINS SUPPRIMES - - - -
HKCU-Run-Configuration de la C-BOX - C:\Program Files\Cegetel\C-BOX\Wizard\QuickAccess.exe
HKCU-Run-brastk - C:\WINDOWS\system32\brastk.exe
Notify-WgaLogon - (no file)
MSConfigStartUp-EPSON Stylus C66 Series - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0S2.EXE
.
------- Examen supplémentaire -------
.
FireFox -: Profile - C:\Documents and Settings\Moi Même\Application Data\Mozilla\Firefox\Profiles\r4qdkys0.default\
FireFox -: prefs.js - SEARCH.DEFAULTURL - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FireFox -: prefs.js - STARTUP.HOMEPAGE - hxxp://fr.msn.com/
FF -: plugin - C:\Program Files\DivX\DivX Content Uploader\npUpload.dll
FF -: plugin - C:\Program Files\Mozilla Firefox\plugins\npmozax.dll
FF -: plugin - C:\Program Files\Neuf\TV_PC\VLC\npvlc.dll
.
**************************************************************************
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-10-12 14:21:46
Windows 5.1.2600 Service Pack 2 NTFS
Recherche de processus cachés ...
Recherche d'éléments en démarrage automatique cachés ...
Recherche de fichiers cachés ...
Scan terminé avec succès
Fichiers cachés: 0
**************************************************************************
.
Heure de fin: 2008-10-12 14:23:14
ComboFix-quarantined-files.txt 2008-10-12 12:22:52
ComboFix2.txt 2008-10-12 11:59:36
Avant-CF: 10 089 091 072 octets libres
Après-CF: 10,064,961,536 octets libres
WindowsXP-KB310994-SP2-Pro-BootDisk-FRA.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
C:\CMDCONS\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professionnel" /fastdetect /NoExecute=OptIn
278 --- E O F --- 2008-09-10 13:26:26
Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.174 [GMT 2:00]
Lancé depuis: C:\Documents and Settings\Moi Même\Bureau\ComboFix.exe
Commutateurs utilisés :: C:\Documents and Settings\Moi Même\Bureau\WindowsXP-KB310994-SP2-Pro-BootDisk-FRA.exe
* Un nouveau point de restauration a été créé
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\Documents and Settings\Moi Même\err.log
C:\Documents and Settings\Moi Même\Local Settings\Temporary Internet Files\101.gif
C:\Documents and Settings\Moi Même\Local Settings\Temporary Internet Files\102.gif
C:\Documents and Settings\Moi Même\Local Settings\Temporary Internet Files\103.gif
C:\Documents and Settings\Moi Même\Local Settings\Temporary Internet Files\104.gif
C:\Documents and Settings\Moi Même\Local Settings\Temporary Internet Files\105.gif
C:\Documents and Settings\Moi Même\Local Settings\Temporary Internet Files\106.gif
C:\Documents and Settings\Moi Même\Menu Démarrer\Programmes\XP_AntiSpyware
C:\Documents and Settings\Moi Même\Menu Démarrer\Programmes\XP_AntiSpyware\Uninstall.lnk
C:\Documents and Settings\Moi Même\Menu Démarrer\Programmes\XP_AntiSpyware\XP_AntiSpyware.lnk
C:\WINDOWS\IE4 Error Log.txt
.
((((((((((((((((((((((((((((( Fichiers créés du 2008-09-12 au 2008-10-12 ))))))))))))))))))))))))))))))))))))
.
2008-10-11 08:54 . 2008-10-11 08:54 <REP> d-------- C:\rsit
2008-10-10 09:15 . 2008-10-10 09:19 2,874 --a------ C:\WINDOWS\system32\tmp.reg
2008-10-10 09:05 . 2008-10-10 09:08 <REP> d-------- C:\Program Files\a-squared Anti-Malware
2008-10-09 19:24 . 2008-10-09 19:24 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\Malwarebytes
2008-10-09 19:23 . 2006-05-04 10:33 <REP> d--h----- C:\Documents and Settings\Administrateur\Voisinage réseau
2008-10-09 19:23 . 2006-05-04 10:33 <REP> d--h----- C:\Documents and Settings\Administrateur\Voisinage d'impression
2008-10-09 19:23 . 2006-05-04 09:55 <REP> d--h----- C:\Documents and Settings\Administrateur\Modèles
2008-10-09 19:23 . 2006-05-04 10:33 <REP> d-------- C:\Documents and Settings\Administrateur\Mes documents
2008-10-09 19:23 . 2006-05-04 10:33 <REP> dr------- C:\Documents and Settings\Administrateur\Menu Démarrer
2008-10-09 19:23 . 2006-05-04 10:33 <REP> d-------- C:\Documents and Settings\Administrateur\Favoris
2008-10-09 19:23 . 2008-10-10 00:34 <REP> d-------- C:\Documents and Settings\Administrateur\Bureau
2008-10-09 19:23 . 2008-10-09 19:23 <REP> d-------- C:\Documents and Settings\Administrateur
2008-10-09 19:19 . 2008-10-09 19:19 <REP> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-10-09 19:19 . 2008-10-09 19:19 <REP> d-------- C:\Documents and Settings\Moi Même\Application Data\Malwarebytes
2008-10-09 19:19 . 2008-10-09 19:19 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-10-09 19:19 . 2008-09-10 00:04 38,528 --a------ C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2008-10-09 19:19 . 2008-09-10 00:03 17,200 --a------ C:\WINDOWS\system32\drivers\mbam.sys
2008-10-09 18:43 . 2008-10-09 19:07 65,428 --a------ C:\WINDOWS\system32\wini104552502.exe
2008-10-09 09:17 . 2008-10-09 09:31 2,764 --a------ C:\WINDOWS\wininit.ini
2008-10-08 22:13 . 2008-10-09 23:54 <REP> d-------- C:\Program Files\dhahmac
2008-10-08 22:13 . 2008-10-09 23:54 <REP> d-------- C:\Documents and Settings\All Users\Application Data\bqbodyxo
2008-10-08 22:13 . 2008-10-08 22:13 98,304 --a------ C:\WINDOWS\system32\petapkxm.exe
2008-10-07 10:13 . 2008-10-07 10:13 <REP> d-------- C:\Program Files\GoldWave
2008-10-06 17:20 . 2002-02-27 22:45 45,056 --a------ C:\WINDOWS\system32\ZeroFile.dll
2008-10-05 10:15 . 2008-10-05 10:15 <REP> d-------- C:\Program Files\TeaTimer (Spybot - Search & Destroy)
2008-10-05 10:15 . 2008-10-05 10:15 <REP> d-------- C:\Program Files\SDHelper (Spybot - Search & Destroy)
2008-10-05 09:41 . 2008-10-05 09:41 <REP> d-------- C:\Documents and Settings\Moi Même\Application Data\InstallShield
2008-10-05 09:39 . 2008-10-05 09:39 <REP> d-------- C:\Documents and Settings\All Users\Application Data\EPSON
2008-10-05 09:39 . 2006-12-08 04:04 76,800 --a------ C:\WINDOWS\system32\E_FLBCAE.DLL
2008-10-05 09:39 . 2006-04-19 04:00 62,976 --a------ C:\WINDOWS\system32\E_FD4BCAE.DLL
2008-10-05 09:30 . 2006-12-28 00:00 208,896 --a------ C:\WINDOWS\system32\esint7e.dll
2008-10-05 09:30 . 2006-12-28 00:00 66,560 --a------ C:\WINDOWS\system32\eswia7e.dll
2008-10-05 09:30 . 2006-03-10 00:00 3,584 --a------ C:\WINDOWS\system32\eswiaml.dll
2008-10-04 18:07 . 2008-10-04 18:07 <REP> d-------- C:\Program Files\Red Kawa
2008-10-04 17:54 . 2008-10-04 17:54 <REP> d-------- C:\Program Files\PQDVD
2008-10-04 13:08 . 2008-10-04 13:09 <REP> d-------- C:\Program Files\Rockstar Custom Tracks
2008-10-04 10:45 . 2008-10-04 18:49 <REP> d-------- C:\Program Files\Exact Audio Copy PSP Edition
2008-10-02 17:31 . 2008-10-08 22:43 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-10-02 17:31 . 2008-10-02 17:31 1,409 --a------ C:\WINDOWS\QTFont.for
2008-09-27 18:03 . 2008-09-27 18:03 244 --ah----- C:\sqmnoopt13.sqm
2008-09-27 18:03 . 2008-09-27 18:03 232 --ah----- C:\sqmdata12.sqm
2008-09-27 12:47 . 2008-09-27 12:47 244 --ah----- C:\sqmnoopt12.sqm
2008-09-27 12:47 . 2008-09-27 12:47 232 --ah----- C:\sqmdata11.sqm
2008-09-27 11:51 . 2008-09-27 11:51 244 --ah----- C:\sqmnoopt11.sqm
2008-09-27 11:51 . 2008-09-27 11:51 232 --ah----- C:\sqmdata10.sqm
2008-09-27 08:00 . 2008-09-27 08:00 244 --ah----- C:\sqmnoopt10.sqm
2008-09-27 08:00 . 2008-09-27 08:00 232 --ah----- C:\sqmdata09.sqm
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-10-12 12:20 --------- d-----w C:\Documents and Settings\Moi Même\Application Data\Skype
2008-10-12 06:00 --------- d-----w C:\Documents and Settings\Moi Même\Application Data\skypePM
2008-10-12 05:25 8,691 ----a-w C:\Program Files\LogMeIn.log
2008-10-12 05:25 67,596 ----a-w C:\Program Files\NET.dat
2008-10-12 05:25 33,804 ----a-w C:\Program Files\MEM.dat
2008-10-12 05:25 33,804 ----a-w C:\Program Files\DRV.dat
2008-10-12 05:25 11,276 ----a-w C:\Program Files\CPU.dat
2008-10-12 05:20 9,360 ----a-w C:\Program Files\dbg_LMI_proc.txt
2008-10-11 16:30 18,400 ----a-w C:\Program Files\LMI20081011.log
2008-10-10 18:26 29,067 ----a-w C:\Program Files\LMI20081010.log
2008-10-09 21:56 33,806 ----a-w C:\Program Files\LMI20081009.log
2008-10-09 16:28 --------- d-----w C:\Program Files\Trend Micro
2008-10-09 09:09 --------- d-----w C:\Program Files\eMule
2008-10-08 04:54 9,709 ----a-w C:\Program Files\LMI20081008.log
2008-10-06 15:43 9,709 ----a-w C:\Program Files\LMI20081006.log
2008-10-06 15:25 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-10-05 08:21 --------- d-----w C:\Program Files\Spybot - Search & Destroy
2008-10-05 07:44 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-10-05 07:43 --------- d-----w C:\Program Files\EPSON
2008-10-04 12:47 9,709 ----a-w C:\Program Files\LMI20081004.log
2008-10-03 05:01 9,709 ----a-w C:\Program Files\LMI20081003.log
2008-10-02 04:53 9,709 ----a-w C:\Program Files\LMI20081002.log
2008-10-01 18:33 18,400 ----a-w C:\Program Files\LMI20081001.log
2008-09-29 04:55 10,667 ----a-w C:\Program Files\LMI20080929.log
2008-09-28 14:05 7,733 ----a-w C:\Program Files\LMI20080928.log
2008-09-27 17:17 18,400 ----a-w C:\Program Files\LMI20080927.log
2008-09-24 05:14 9,781 ----a-w C:\Program Files\LMI20080924.log
2008-09-22 12:20 9,212 ----a-w C:\Program Files\LMI20080922.log
2008-09-21 09:38 17,382 ----a-w C:\Program Files\LMI20080921.log
2008-09-20 10:56 9,709 ----a-w C:\Program Files\LMI20080920.log
2008-09-19 05:33 9,212 ----a-w C:\Program Files\LMI20080919.log
2008-09-18 05:18 18,400 ----a-w C:\Program Files\LMI20080918.log
2008-09-17 05:26 8,691 ----a-w C:\Program Files\LMI20080917.log
2008-09-16 08:29 18,400 ----a-w C:\Program Files\LMI20080916.log
2008-09-15 06:13 9,709 ----a-w C:\Program Files\LMI20080915.log
2008-09-14 05:19 9,709 ----a-w C:\Program Files\LMI20080914.log
2008-09-13 05:49 8,691 ----a-w C:\Program Files\LMI20080913.log
2008-09-12 16:28 9,709 ----a-w C:\Program Files\LMI20080912.log
2008-09-11 07:37 17,903 ----a-w C:\Program Files\LMI20080911.log
2008-09-10 18:49 18,400 ----a-w C:\Program Files\LMI20080910.log
2008-09-09 05:34 9,709 ----a-w C:\Program Files\LMI20080909.log
2008-09-08 04:57 8,691 ----a-w C:\Program Files\LMI20080908.log
2008-09-07 07:14 9,709 ----a-w C:\Program Files\LMI20080907.log
2008-09-06 05:19 9,709 ----a-w C:\Program Files\LMI20080906.log
2008-09-05 04:46 8,691 ----a-w C:\Program Files\LMI20080905.log
2008-09-04 18:36 9,212 ----a-w C:\Program Files\LMI20080904.log
2008-09-03 04:59 9,709 ----a-w C:\Program Files\LMI20080903.log
2008-09-02 04:55 9,709 ----a-w C:\Program Files\LMI20080902.log
2008-08-29 18:42 9,709 ----a-w C:\Program Files\LMI20080829.log
2008-08-22 06:36 18,166 ----a-w C:\Program Files\LMI20080822.log
2008-08-18 09:54 26,625 ----a-w C:\Program Files\LMI20080818.log
2008-08-18 08:28 --------- d-----w C:\Documents and Settings\All Users\Application Data\LogMeIn
2008-08-18 08:27 388 ----a-w C:\Program Files\dbg_LMI_printer.txt
2008-08-18 08:27 --------- d-----w C:\Program Files\x86
2008-08-18 08:27 --------- d-----w C:\Program Files\x64
2008-08-17 18:34 6,924 ----a-w C:\Program Files\LMI20080817.log
2008-08-16 18:34 6,924 ----a-w C:\Program Files\LMI20080816.log
2008-08-15 18:35 24,122 ----a-w C:\Program Files\LMI20080815.log
2008-08-14 19:13 26,098 ----a-w C:\Program Files\LMI20080814.log
2008-08-13 19:10 16,511 ----a-w C:\Program Files\LMI20080813.log
2008-08-06 18:05 10,108 ----a-w C:\Program Files\LMI20080806.log
2008-08-04 11:46 16,511 ----a-w C:\Program Files\LMI20080804.log
2008-07-31 16:10 16,511 ----a-w C:\Program Files\LMI20080731.log
2008-07-30 06:30 16,511 ----a-w C:\Program Files\LMI20080730.log
2008-07-29 04:56 16,511 ----a-w C:\Program Files\LMI20080729.log
2008-07-28 04:52 9,587 ----a-w C:\Program Files\LMI20080728.log
2008-07-27 05:34 16,511 ----a-w C:\Program Files\LMI20080727.log
2008-07-26 05:00 10,180 ----a-w C:\Program Files\LMI20080726.log
2008-07-25 04:46 16,511 ----a-w C:\Program Files\LMI20080725.log
2008-07-24 04:47 16,511 ----a-w C:\Program Files\LMI20080724.log
2008-07-21 16:48 26,098 ----a-w C:\Program Files\LMI20080721.log
2008-07-20 19:22 16,511 ----a-w C:\Program Files\LMI20080720.log
2008-07-19 05:42 16,511 ----a-w C:\Program Files\LMI20080719.log
2008-07-18 20:10 94,920 ----a-w C:\WINDOWS\system32\cdm.dll
2008-07-18 20:10 53,448 ----a-w C:\WINDOWS\system32\wuauclt.exe
2008-07-18 20:10 45,768 ----a-w C:\WINDOWS\system32\wups2.dll
2008-07-18 20:10 36,552 ----a-w C:\WINDOWS\system32\wups.dll
2008-07-18 20:09 563,912 ----a-w C:\WINDOWS\system32\wuapi.dll
2008-07-18 20:09 325,832 ----a-w C:\WINDOWS\system32\wucltui.dll
2008-07-18 20:09 205,000 ----a-w C:\WINDOWS\system32\wuweb.dll
2008-07-18 20:09 1,811,656 ----a-w C:\WINDOWS\system32\wuaueng.dll
2008-07-18 20:07 270,880 ----a-w C:\WINDOWS\system32\mucltui.dll
2008-07-18 20:07 210,976 ----a-w C:\WINDOWS\system32\muweb.dll
2008-07-18 04:50 16,511 ----a-w C:\Program Files\LMI20080718.log
2008-07-17 04:41 9,587 ----a-w C:\Program Files\LMI20080717.log
2008-07-16 11:59 26,098 ----a-w C:\Program Files\LMI20080716.log
2008-07-15 05:37 19,174 ----a-w C:\Program Files\LMI20080715.log
2008-07-14 08:23 16,511 ----a-w C:\Program Files\LMI20080714.log
2008-05-28 10:32 5,102,100 ----a-w C:\Program Files\template.rab
2007-11-16 08:49 32 ----a-w C:\Documents and Settings\All Users\Application Data\ezsid.dat
2007-10-09 18:04 854 ----a-w C:\Program Files\journal.dat
2007-09-12 08:20 6,189 ----a-w C:\Program Files\file.sma
2007-09-12 08:20 5,902 ----a-w C:\Program Files\email.sma
2007-09-12 08:20 5,855 ----a-w C:\Program Files\ping.sma
2007-09-12 08:20 5,750 ----a-w C:\Program Files\WapClients.cfg
2007-09-12 08:20 4,810 ----a-w C:\Program Files\processes.sma
2007-09-12 08:20 4,364 ----a-w C:\Program Files\WatchProcess.sma
2007-09-12 08:20 3,188 ----a-w C:\Program Files\CheckCDrive.sma
2007-09-12 08:20 24,967 ----a-w C:\Program Files\MonitoringScript.txt
2005-05-13 16:12 217,073 --sha-r C:\WINDOWS\meta4.exe
2005-10-24 10:13 66,560 --sha-r C:\WINDOWS\MOTA113.exe
2005-10-13 20:27 422,400 --sha-r C:\WINDOWS\x2.64.exe
2005-10-07 18:14 308,224 --sha-r C:\WINDOWS\system32\avisynth.dll
2005-07-14 11:31 27,648 --sha-r C:\WINDOWS\system32\AVSredirect.dll
2005-06-26 14:32 616,448 --sha-r C:\WINDOWS\system32\cygwin1.dll
2005-06-21 21:37 45,568 --sha-r C:\WINDOWS\system32\cygz.dll
2004-01-24 23:00 70,656 --sha-r C:\WINDOWS\system32\i420vfw.dll
2006-04-27 09:24 2,945,024 --sha-r C:\WINDOWS\system32\Smab.dll
2005-02-28 12:16 240,128 --sha-r C:\WINDOWS\system32\x.264.exe
2004-01-24 23:00 70,656 --sha-r C:\WINDOWS\system32\yv12vfw.dll
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.Exe" [2007-01-19 5674352]
"Skype"="C:\Program Files\Skype\Phone\Skype.exe" [2007-11-12 21760296]
"Creative Live! Cam Manager"="C:\Program Files\Creative\Creative Live! Cam\Live! Cam Manager\CTLCMgr.exe" [2006-05-31 143360]
"AnyDVD"="C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe" [2007-10-12 1563584]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-19 15360]
"BitComet"="C:\Program Files\BitComet\BitComet.exe" [2007-09-10 6338360]
"EPSON Stylus DX4400 Series"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICAE.EXE" [2007-03-01 180736]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2008-09-16 1833296]
"apicfgwin"="C:\WINDOWS\system32\petapkxm.exe" [2008-10-08 98304]
"Configuration de la C-BOX"="C:\Program Files\Cegetel\C-BOX\Wizard\QuickAccess.exe" [BU]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2004-02-13 155648]
"pccguide.exe"="C:\Program Files\Trend Micro\Internet Security 12\pccguide.exe" [2004-10-27 823361]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2006-08-31 282624]
"AVFX Engine"="C:\Program Files\Creative\Creative Live! Cam\VideoFX\StartFX.exe" [2006-06-09 24576]
"V0220Mon.exe"="C:\WINDOWS\V0220Mon.exe" [2006-06-28 32768]
"LogMeIn GUI"="C:\Program Files\x86\LogMeInSystray.exe" [2007-09-12 63048]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-10-10 39792]
"a-squared"="C:\Program Files\a-squared Anti-Malware\a2guard.exe" [2008-10-07 2776720]
"VTTimer"="VTTimer.exe" [2004-10-01 C:\WINDOWS\system32\VTTimer.exe]
C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
Adobe Gamma Loader.lnk - C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe [2006-11-14 113664]
Assistant d'Acrobat.lnk - C:\Program Files\Adobe\Adobe Acrobat 6.0\Distillr\acrotray.exe [2003-10-24 217194]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"ForceClassicControlPanel"= 1 (0x1)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LMIinit]
2008-05-28 12:32 87352 C:\WINDOWS\system32\LMIinit.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.I420"= i420vfw.dll
"msacm.clmp3enc"= C:\PROGRA~1\CYBERL~1\MP3POW~1\CLMP3Enc.ACM
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Assistant d'Acrobat.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Assistant d'Acrobat.lnk
backup=C:\WINDOWS\pss\Assistant d'Acrobat.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AudioDeck]
--a------ 2005-09-06 05:10 450560 C:\Program Files\VIAudioi\SBADeck\ADeck.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Logitech Utility]
--------- 2003-12-17 09:50 19968 C:\WINDOWS\LOGI_MWX.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\TrendAntiVirus]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\TrendFirewall]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\SightSpeed\\SightSpeed.exe"=
"C:\\Program Files\\eMule\\emule.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"C:\\Program Files\\MSN Messenger\\livecall.exe"=
"C:\\Program Files\\Skype\\Phone\\Skype.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"14031:TCP"= 14031:TCP:BitComet 14031 TCP
"14031:UDP"= 14031:UDP:BitComet 14031 UDP
R2 LMIRfsDriver;LogMeIn Remote File System Driver;C:\WINDOWS\system32\drivers\LMIRfsDriver.sys [2008-03-07 45848]
R3 V0220Dev;Live! Cam Video IM;C:\WINDOWS\system32\DRIVERS\V0220Dev.sys [2006-06-29 146112]
R3 V0220Vfx;V0220VFX;C:\WINDOWS\system32\DRIVERS\V0220Vfx.sys [2006-06-08 6272]
S2 LMIInfo;LogMeIn Kernel Information Provider;C:\Program Files\x86\RaInfo.sys [2008-02-28 12856]
S3 SetupNTGLM7X;SetupNTGLM7X;E:\NTGLM7X.sys [ ]
S3 usbscan;Pilote de scanneur USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 USBSTOR;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1e53a0fc-ba10-11dc-ad51-0013d3ee7e6e}]
\Shell\AutoRun\command - F:\LaunchU3.exe -a
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4206997a-9dc6-11dc-ad3a-0013d3ee7e6e}]
\Shell\AutoRun\command - F:\LaunchU3.exe -a
*Newly Created Service* - CATCHME
*Newly Created Service* - PROCEXP90
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{969B3B70-8765-11D5-9809-0050BACBF861}]
rundll32.exe advpack.dll,LaunchINFSection C:\Program Files\CyberLink\MP3PowerEncoder\Cyber.inf,PerUserStub
.
- - - - ORPHELINS SUPPRIMES - - - -
HKCU-Run-Configuration de la C-BOX - C:\Program Files\Cegetel\C-BOX\Wizard\QuickAccess.exe
HKCU-Run-brastk - C:\WINDOWS\system32\brastk.exe
Notify-WgaLogon - (no file)
MSConfigStartUp-EPSON Stylus C66 Series - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0S2.EXE
.
------- Examen supplémentaire -------
.
FireFox -: Profile - C:\Documents and Settings\Moi Même\Application Data\Mozilla\Firefox\Profiles\r4qdkys0.default\
FireFox -: prefs.js - SEARCH.DEFAULTURL - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FireFox -: prefs.js - STARTUP.HOMEPAGE - hxxp://fr.msn.com/
FF -: plugin - C:\Program Files\DivX\DivX Content Uploader\npUpload.dll
FF -: plugin - C:\Program Files\Mozilla Firefox\plugins\npmozax.dll
FF -: plugin - C:\Program Files\Neuf\TV_PC\VLC\npvlc.dll
.
**************************************************************************
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-10-12 14:21:46
Windows 5.1.2600 Service Pack 2 NTFS
Recherche de processus cachés ...
Recherche d'éléments en démarrage automatique cachés ...
Recherche de fichiers cachés ...
Scan terminé avec succès
Fichiers cachés: 0
**************************************************************************
.
Heure de fin: 2008-10-12 14:23:14
ComboFix-quarantined-files.txt 2008-10-12 12:22:52
ComboFix2.txt 2008-10-12 11:59:36
Avant-CF: 10 089 091 072 octets libres
Après-CF: 10,064,961,536 octets libres
WindowsXP-KB310994-SP2-Pro-BootDisk-FRA.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
C:\CMDCONS\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professionnel" /fastdetect /NoExecute=OptIn
278 --- E O F --- 2008-09-10 13:26:26
RAPPORT HIJACKTHIS
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:13:50, on 12/10/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\VTTimer.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Creative\Creative Live! Cam\VideoFX\StartFX.exe
C:\WINDOWS\V0220Mon.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Creative\Creative Live! Cam\Live! Cam Manager\CTLCMgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe
C:\WINDOWS\system32\petapkxm.exe
C:\Program Files\Adobe\Adobe Acrobat 6.0\Distillr\acrotray.exe
C:\Program Files\a-squared Anti-Malware\a2service.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\BitComet\BitComet.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\PccGuide.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://orange.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.8.30.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat\AcroIEFavClient.dll (file missing)
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [pccguide.exe] "C:\Program Files\Trend Micro\Internet Security 12\pccguide.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [AVFX Engine] C:\Program Files\Creative\Creative Live! Cam\VideoFX\StartFX.exe
O4 - HKLM\..\Run: [V0220Mon.exe] C:\WINDOWS\V0220Mon.exe
O4 - HKLM\..\Run: [LogMeIn GUI] "C:\Program Files\x86\LogMeInSystray.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [a-squared] "C:\Program Files\a-squared Anti-Malware\a2guard.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [Creative Live! Cam Manager] "C:\Program Files\Creative\Creative Live! Cam\Live! Cam Manager\CTLCMgr.exe"
O4 - HKCU\..\Run: [AnyDVD] C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BitComet] "C:\Program Files\BitComet\BitComet.exe" /tray
O4 - HKCU\..\Run: [EPSON Stylus DX4400 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICAE.EXE /FU "C:\WINDOWS\TEMP\E_S24A.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [apicfgwin] C:\WINDOWS\system32\petapkxm.exe
O4 - HKCU\..\Run: [Configuration de la C-BOX] C:\Program Files\Cegetel\C-BOX\Wizard\QuickAccess.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Assistant d'Acrobat.lnk = C:\Program Files\Adobe\Adobe Acrobat 6.0\Distillr\acrotray.exe
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: BitComet Search - {461CC20B-FB6E-4f16-8FE8-C29359DB100E} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.8.30.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} (Performance Viewer Activex Control) - https://secure.logmein.com/activex/RACtrl.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{59B8D619-0CD9-41D8-8364-6B2BAB9BF950}: NameServer = 213.30.96.108,213.203.124.146
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: a-squared Anti-Malware Service (a2AntiMalware) - Emsi Software GmbH - C:\Program Files\a-squared Anti-Malware\a2service.exe
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Program Files\x86\RaMaint.exe
O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Program Files\x86\LogMeIn.exe
O23 - Service: Trend Micro Central Control Component (PcCtlCom) - Trend Micro Incorporated. - C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe
O23 - Service: Trend Micro Real-time Service (Tmntsrv) - Trend Micro Incorporated. - C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe
O23 - Service: Trend Micro Personal Firewall (TmPfw) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
O23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe
O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Program Files\Windows Live\installer\WLSetupSvc.exe
--
End of file - 7454 bytes
- | Alerter
Bonjour,Désolé pour le délais.
Evite de mettre les rapports entre balises stp, c'est plus dur à lire pour moi. Merci
Désactive toute protection résidente ( antivirus…) ! <------- Pense-y !
Copie le texte se situant dans le cadre ci-dessous : ( Ctrl + C )
File::
C:\WINDOWS\system32\wini104552502.exe
C:\WINDOWS\system32\petapkxm.exe
Folder::
C:\Program Files\dhahmac
C:\Documents and Settings\All Users\Application Data\bqbodyxo
Registry::
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1e53a0fc-ba10-11dc-ad51-0013d3ee7e6e}]
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4206997a-9dc6-11dc-ad3a-0013d3ee7e6e}]
C:\WINDOWS\system32\wini104552502.exe
C:\WINDOWS\system32\petapkxm.exe
Folder::
C:\Program Files\dhahmac
C:\Documents and Settings\All Users\Application Data\bqbodyxo
Registry::
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1e53a0fc-ba10-11dc-ad51-0013d3ee7e6e}]
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4206997a-9dc6-11dc-ad3a-0013d3ee7e6e}]
=> Ouvre le Bloc Notes : Démarrer > Tous les programmes > Accessoires > Bloc notes
- Colles y le texte (CTRL + V)
- Enregistre ce fichier dans : Bureau
- Nom du fichier : CFScript
- Type du fichier : tous les fichiers !!
- Clique sur Enregistrer
- Quitte le Bloc Notes
Fais un glisser/déposer de ce fichier CFScript sur le fichier ComboFix.exe comme sur la capture :
* Cela va relancer Combofix : au message qui apparaît ( Type 1 to continue, or 2 to abort), tape 1 puis valide.
* Patiente le temps du scan. Le bureau va disparaître à plusieurs reprises : c'est normal !
* Ne touche à rien tant que le scan n'est pas terminé.
* Une fois le scan achevé, un rapport va s'afficher : Copie/Colle son contenue sur le forum.
Si le fichier ne s'ouvre pas, il se trouve ici : C:\ComboFix.txt
* Poste un nouveau rapport hijackthis.
- | Alerter
Bonsoir, pas de soucis pour le délai ![;)]( ";)")
Voici le rapport ComboFix ainsi que le rapport HijackThis :
RAPPORT COMBOFIX :
ComboFix 08-10-12.01 - Moi Même 2008-10-13 23:06:51.3 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.185 [GMT 2:00]
Lancé depuis: C:\Documents and Settings\Moi Même\Bureau\ComboFix.exe
Commutateurs utilisés :: C:\Documents and Settings\Moi Même\Bureau\CFScript.txt
* Un nouveau point de restauration a été créé
FILE ::
C:\WINDOWS\system32\petapkxm.exe
C:\WINDOWS\system32\wini104552502.exe
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\Documents and Settings\All Users\Application Data\bqbodyxo
C:\Program Files\dhahmac
C:\WINDOWS\system32\petapkxm.exe
C:\WINDOWS\system32\wini104552502.exe
.
((((((((((((((((((((((((((((( Fichiers créés du 2008-09-13 au 2008-10-13 ))))))))))))))))))))))))))))))))))))
.
2008-10-13 17:11 . 2008-10-13 17:11 <REP> d-------- C:\Documents and Settings\Moi Même\Application Data\EPSON
2008-10-11 08:54 . 2008-10-11 08:54 <REP> d-------- C:\rsit
2008-10-10 09:15 . 2008-10-10 09:19 2,874 --a------ C:\WINDOWS\system32\tmp.reg
2008-10-10 09:05 . 2008-10-10 09:08 <REP> d-------- C:\Program Files\a-squared Anti-Malware
2008-10-09 19:24 . 2008-10-09 19:24 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\Malwarebytes
2008-10-09 19:23 . 2006-05-04 10:33 <REP> d--h----- C:\Documents and Settings\Administrateur\Voisinage réseau
2008-10-09 19:23 . 2006-05-04 10:33 <REP> d--h----- C:\Documents and Settings\Administrateur\Voisinage d'impression
2008-10-09 19:23 . 2006-05-04 09:55 <REP> d--h----- C:\Documents and Settings\Administrateur\Modèles
2008-10-09 19:23 . 2006-05-04 10:33 <REP> d-------- C:\Documents and Settings\Administrateur\Mes documents
2008-10-09 19:23 . 2006-05-04 10:33 <REP> dr------- C:\Documents and Settings\Administrateur\Menu Démarrer
2008-10-09 19:23 . 2006-05-04 10:33 <REP> d-------- C:\Documents and Settings\Administrateur\Favoris
2008-10-09 19:23 . 2008-10-10 00:34 <REP> d-------- C:\Documents and Settings\Administrateur\Bureau
2008-10-09 19:23 . 2008-10-09 19:23 <REP> d-------- C:\Documents and Settings\Administrateur
2008-10-09 19:19 . 2008-10-09 19:19 <REP> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-10-09 19:19 . 2008-10-09 19:19 <REP> d-------- C:\Documents and Settings\Moi Même\Application Data\Malwarebytes
2008-10-09 19:19 . 2008-10-09 19:19 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-10-09 19:19 . 2008-09-10 00:04 38,528 --a------ C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2008-10-09 19:19 . 2008-09-10 00:03 17,200 --a------ C:\WINDOWS\system32\drivers\mbam.sys
2008-10-09 09:17 . 2008-10-09 09:31 2,764 --a------ C:\WINDOWS\wininit.ini
2008-10-07 10:13 . 2008-10-07 10:13 <REP> d-------- C:\Program Files\GoldWave
2008-10-06 17:20 . 2002-02-27 22:45 45,056 --a------ C:\WINDOWS\system32\ZeroFile.dll
2008-10-05 10:15 . 2008-10-05 10:15 <REP> d-------- C:\Program Files\TeaTimer (Spybot - Search & Destroy)
2008-10-05 10:15 . 2008-10-05 10:15 <REP> d-------- C:\Program Files\SDHelper (Spybot - Search & Destroy)
2008-10-05 09:41 . 2008-10-05 09:41 <REP> d-------- C:\Documents and Settings\Moi Même\Application Data\InstallShield
2008-10-05 09:39 . 2008-10-05 09:39 <REP> d-------- C:\Documents and Settings\All Users\Application Data\EPSON
2008-10-05 09:39 . 2006-12-08 04:04 76,800 --a------ C:\WINDOWS\system32\E_FLBCAE.DLL
2008-10-05 09:39 . 2006-04-19 04:00 62,976 --a------ C:\WINDOWS\system32\E_FD4BCAE.DLL
2008-10-05 09:30 . 2006-12-28 00:00 208,896 --a------ C:\WINDOWS\system32\esint7e.dll
2008-10-05 09:30 . 2006-12-28 00:00 66,560 --a------ C:\WINDOWS\system32\eswia7e.dll
2008-10-05 09:30 . 2006-03-10 00:00 3,584 --a------ C:\WINDOWS\system32\eswiaml.dll
2008-10-04 18:07 . 2008-10-04 18:07 <REP> d-------- C:\Program Files\Red Kawa
2008-10-04 17:54 . 2008-10-04 17:54 <REP> d-------- C:\Program Files\PQDVD
2008-10-04 13:08 . 2008-10-04 13:09 <REP> d-------- C:\Program Files\Rockstar Custom Tracks
2008-10-04 10:45 . 2008-10-04 18:49 <REP> d-------- C:\Program Files\Exact Audio Copy PSP Edition
2008-10-02 17:31 . 2008-10-08 22:43 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-10-02 17:31 . 2008-10-02 17:31 1,409 --a------ C:\WINDOWS\QTFont.for
2008-09-27 18:03 . 2008-09-27 18:03 244 --ah----- C:\sqmnoopt13.sqm
2008-09-27 18:03 . 2008-09-27 18:03 232 --ah----- C:\sqmdata12.sqm
2008-09-27 12:47 . 2008-09-27 12:47 244 --ah----- C:\sqmnoopt12.sqm
2008-09-27 12:47 . 2008-09-27 12:47 232 --ah----- C:\sqmdata11.sqm
2008-09-27 11:51 . 2008-09-27 11:51 244 --ah----- C:\sqmnoopt11.sqm
2008-09-27 11:51 . 2008-09-27 11:51 232 --ah----- C:\sqmdata10.sqm
2008-09-27 08:00 . 2008-09-27 08:00 244 --ah----- C:\sqmnoopt10.sqm
2008-09-27 08:00 . 2008-09-27 08:00 232 --ah----- C:\sqmdata09.sqm
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-10-13 21:01 --------- d-----w C:\Documents and Settings\Moi Même\Application Data\Skype
2008-10-13 18:59 7,733 ----a-w C:\Program Files\LogMeIn.log
2008-10-13 18:58 9,540 ----a-w C:\Program Files\dbg_LMI_proc.txt
2008-10-13 18:58 67,596 ----a-w C:\Program Files\NET.dat
2008-10-13 18:58 33,804 ----a-w C:\Program Files\MEM.dat
2008-10-13 18:58 33,804 ----a-w C:\Program Files\DRV.dat
2008-10-13 18:58 11,276 ----a-w C:\Program Files\CPU.dat
2008-10-13 18:58 --------- d-----w C:\Documents and Settings\Moi Même\Application Data\skypePM
2008-10-12 05:25 8,691 ----a-w C:\Program Files\LMI20081012.log
2008-10-11 16:30 18,400 ----a-w C:\Program Files\LMI20081011.log
2008-10-10 18:26 29,067 ----a-w C:\Program Files\LMI20081010.log
2008-10-09 21:56 33,806 ----a-w C:\Program Files\LMI20081009.log
2008-10-09 16:28 --------- d-----w C:\Program Files\Trend Micro
2008-10-09 09:09 --------- d-----w C:\Program Files\eMule
2008-10-08 04:54 9,709 ----a-w C:\Program Files\LMI20081008.log
2008-10-06 15:43 9,709 ----a-w C:\Program Files\LMI20081006.log
2008-10-06 15:25 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-10-05 08:21 --------- d-----w C:\Program Files\Spybot - Search & Destroy
2008-10-05 07:44 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-10-05 07:43 --------- d-----w C:\Program Files\EPSON
2008-10-04 12:47 9,709 ----a-w C:\Program Files\LMI20081004.log
2008-10-03 05:01 9,709 ----a-w C:\Program Files\LMI20081003.log
2008-10-02 04:53 9,709 ----a-w C:\Program Files\LMI20081002.log
2008-10-01 18:33 18,400 ----a-w C:\Program Files\LMI20081001.log
2008-09-29 04:55 10,667 ----a-w C:\Program Files\LMI20080929.log
2008-09-28 14:05 7,733 ----a-w C:\Program Files\LMI20080928.log
2008-09-27 17:17 18,400 ----a-w C:\Program Files\LMI20080927.log
2008-09-24 05:14 9,781 ----a-w C:\Program Files\LMI20080924.log
2008-09-22 12:20 9,212 ----a-w C:\Program Files\LMI20080922.log
2008-09-21 09:38 17,382 ----a-w C:\Program Files\LMI20080921.log
2008-09-20 10:56 9,709 ----a-w C:\Program Files\LMI20080920.log
2008-09-19 05:33 9,212 ----a-w C:\Program Files\LMI20080919.log
2008-09-18 05:18 18,400 ----a-w C:\Program Files\LMI20080918.log
2008-09-17 05:26 8,691 ----a-w C:\Program Files\LMI20080917.log
2008-09-16 08:29 18,400 ----a-w C:\Program Files\LMI20080916.log
2008-09-15 06:13 9,709 ----a-w C:\Program Files\LMI20080915.log
2008-09-14 05:19 9,709 ----a-w C:\Program Files\LMI20080914.log
2008-09-13 05:49 8,691 ----a-w C:\Program Files\LMI20080913.log
2008-09-12 16:28 9,709 ----a-w C:\Program Files\LMI20080912.log
2008-09-11 07:37 17,903 ----a-w C:\Program Files\LMI20080911.log
2008-09-10 18:49 18,400 ----a-w C:\Program Files\LMI20080910.log
2008-09-09 05:34 9,709 ----a-w C:\Program Files\LMI20080909.log
2008-09-08 04:57 8,691 ----a-w C:\Program Files\LMI20080908.log
2008-09-07 07:14 9,709 ----a-w C:\Program Files\LMI20080907.log
2008-09-06 05:19 9,709 ----a-w C:\Program Files\LMI20080906.log
2008-09-05 04:46 8,691 ----a-w C:\Program Files\LMI20080905.log
2008-09-04 18:36 9,212 ----a-w C:\Program Files\LMI20080904.log
2008-09-03 04:59 9,709 ----a-w C:\Program Files\LMI20080903.log
2008-09-02 04:55 9,709 ----a-w C:\Program Files\LMI20080902.log
2008-08-29 18:42 9,709 ----a-w C:\Program Files\LMI20080829.log
2008-08-22 06:36 18,166 ----a-w C:\Program Files\LMI20080822.log
2008-08-18 09:54 26,625 ----a-w C:\Program Files\LMI20080818.log
2008-08-18 08:28 --------- d-----w C:\Documents and Settings\All Users\Application Data\LogMeIn
2008-08-18 08:27 388 ----a-w C:\Program Files\dbg_LMI_printer.txt
2008-08-18 08:27 --------- d-----w C:\Program Files\x86
2008-08-18 08:27 --------- d-----w C:\Program Files\x64
2008-08-17 18:34 6,924 ----a-w C:\Program Files\LMI20080817.log
2008-08-16 18:34 6,924 ----a-w C:\Program Files\LMI20080816.log
2008-08-15 18:35 24,122 ----a-w C:\Program Files\LMI20080815.log
2008-08-14 19:13 26,098 ----a-w C:\Program Files\LMI20080814.log
2008-08-13 19:10 16,511 ----a-w C:\Program Files\LMI20080813.log
2008-08-06 18:05 10,108 ----a-w C:\Program Files\LMI20080806.log
2008-08-04 11:46 16,511 ----a-w C:\Program Files\LMI20080804.log
2008-07-31 16:10 16,511 ----a-w C:\Program Files\LMI20080731.log
2008-07-30 06:30 16,511 ----a-w C:\Program Files\LMI20080730.log
2008-07-29 04:56 16,511 ----a-w C:\Program Files\LMI20080729.log
2008-07-28 04:52 9,587 ----a-w C:\Program Files\LMI20080728.log
2008-07-27 05:34 16,511 ----a-w C:\Program Files\LMI20080727.log
2008-07-26 05:00 10,180 ----a-w C:\Program Files\LMI20080726.log
2008-07-25 04:46 16,511 ----a-w C:\Program Files\LMI20080725.log
2008-07-24 04:47 16,511 ----a-w C:\Program Files\LMI20080724.log
2008-07-21 16:48 26,098 ----a-w C:\Program Files\LMI20080721.log
2008-07-20 19:22 16,511 ----a-w C:\Program Files\LMI20080720.log
2008-07-19 05:42 16,511 ----a-w C:\Program Files\LMI20080719.log
2008-07-18 20:10 94,920 ----a-w C:\WINDOWS\system32\cdm.dll
2008-07-18 20:10 53,448 ----a-w C:\WINDOWS\system32\wuauclt.exe
2008-07-18 20:10 45,768 ----a-w C:\WINDOWS\system32\wups2.dll
2008-07-18 20:10 36,552 ----a-w C:\WINDOWS\system32\wups.dll
2008-07-18 20:09 563,912 ----a-w C:\WINDOWS\system32\wuapi.dll
2008-07-18 20:09 325,832 ----a-w C:\WINDOWS\system32\wucltui.dll
2008-07-18 20:09 205,000 ----a-w C:\WINDOWS\system32\wuweb.dll
2008-07-18 20:09 1,811,656 ----a-w C:\WINDOWS\system32\wuaueng.dll
2008-07-18 20:07 270,880 ----a-w C:\WINDOWS\system32\mucltui.dll
2008-07-18 20:07 210,976 ----a-w C:\WINDOWS\system32\muweb.dll
2008-07-18 04:50 16,511 ----a-w C:\Program Files\LMI20080718.log
2008-07-17 04:41 9,587 ----a-w C:\Program Files\LMI20080717.log
2008-07-16 11:59 26,098 ----a-w C:\Program Files\LMI20080716.log
2008-07-15 05:37 19,174 ----a-w C:\Program Files\LMI20080715.log
2008-05-28 10:32 5,102,100 ----a-w C:\Program Files\template.rab
2007-11-16 08:49 32 ----a-w C:\Documents and Settings\All Users\Application Data\ezsid.dat
2007-10-09 18:04 854 ----a-w C:\Program Files\journal.dat
2007-09-12 08:20 6,189 ----a-w C:\Program Files\file.sma
2007-09-12 08:20 5,902 ----a-w C:\Program Files\email.sma
2007-09-12 08:20 5,855 ----a-w C:\Program Files\ping.sma
2007-09-12 08:20 5,750 ----a-w C:\Program Files\WapClients.cfg
2007-09-12 08:20 4,810 ----a-w C:\Program Files\processes.sma
2007-09-12 08:20 4,364 ----a-w C:\Program Files\WatchProcess.sma
2007-09-12 08:20 3,188 ----a-w C:\Program Files\CheckCDrive.sma
2007-09-12 08:20 24,967 ----a-w C:\Program Files\MonitoringScript.txt
2005-05-13 16:12 217,073 --sha-r C:\WINDOWS\meta4.exe
2005-10-24 10:13 66,560 --sha-r C:\WINDOWS\MOTA113.exe
2005-10-13 20:27 422,400 --sha-r C:\WINDOWS\x2.64.exe
2005-10-07 18:14 308,224 --sha-r C:\WINDOWS\system32\avisynth.dll
2005-07-14 11:31 27,648 --sha-r C:\WINDOWS\system32\AVSredirect.dll
2005-06-26 14:32 616,448 --sha-r C:\WINDOWS\system32\cygwin1.dll
2005-06-21 21:37 45,568 --sha-r C:\WINDOWS\system32\cygz.dll
2004-01-24 23:00 70,656 --sha-r C:\WINDOWS\system32\i420vfw.dll
2006-04-27 09:24 2,945,024 --sha-r C:\WINDOWS\system32\Smab.dll
2005-02-28 12:16 240,128 --sha-r C:\WINDOWS\system32\x.264.exe
2004-01-24 23:00 70,656 --sha-r C:\WINDOWS\system32\yv12vfw.dll
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.Exe" [2007-01-19 5674352]
"Skype"="C:\Program Files\Skype\Phone\Skype.exe" [2007-11-12 21760296]
"Creative Live! Cam Manager"="C:\Program Files\Creative\Creative Live! Cam\Live! Cam Manager\CTLCMgr.exe" [2006-05-31 143360]
"AnyDVD"="C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe" [2007-10-12 1563584]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-19 15360]
"BitComet"="C:\Program Files\BitComet\BitComet.exe" [2007-09-10 6338360]
"EPSON Stylus DX4400 Series"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICAE.EXE" [2007-03-01 180736]
"Configuration de la C-BOX"="C:\Program Files\Cegetel\C-BOX\Wizard\QuickAccess.exe" [BU]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2004-02-13 155648]
"pccguide.exe"="C:\Program Files\Trend Micro\Internet Security 12\pccguide.exe" [2004-10-27 823361]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2006-08-31 282624]
"AVFX Engine"="C:\Program Files\Creative\Creative Live! Cam\VideoFX\StartFX.exe" [2006-06-09 24576]
"V0220Mon.exe"="C:\WINDOWS\V0220Mon.exe" [2006-06-28 32768]
"LogMeIn GUI"="C:\Program Files\x86\LogMeInSystray.exe" [2007-09-12 63048]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-10-10 39792]
"a-squared"="C:\Program Files\a-squared Anti-Malware\a2guard.exe" [2008-10-07 2776720]
"VTTimer"="VTTimer.exe" [2004-10-01 C:\WINDOWS\system32\VTTimer.exe]
C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
Adobe Gamma Loader.lnk - C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe [2006-11-14 113664]
Assistant d'Acrobat.lnk - C:\Program Files\Adobe\Adobe Acrobat 6.0\Distillr\acrotray.exe [2003-10-24 217194]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"ForceClassicControlPanel"= 1 (0x1)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LMIinit]
2008-05-28 12:32 87352 C:\WINDOWS\system32\LMIinit.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.I420"= i420vfw.dll
"msacm.clmp3enc"= C:\PROGRA~1\CYBERL~1\MP3POW~1\CLMP3Enc.ACM
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Assistant d'Acrobat.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Assistant d'Acrobat.lnk
backup=C:\WINDOWS\pss\Assistant d'Acrobat.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AudioDeck]
--a------ 2005-09-06 05:10 450560 C:\Program Files\VIAudioi\SBADeck\ADeck.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Logitech Utility]
--------- 2003-12-17 09:50 19968 C:\WINDOWS\LOGI_MWX.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\TrendAntiVirus]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\TrendFirewall]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\SightSpeed\\SightSpeed.exe"=
"C:\\Program Files\\eMule\\emule.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"C:\\Program Files\\MSN Messenger\\livecall.exe"=
"C:\\Program Files\\Skype\\Phone\\Skype.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"14031:TCP"= 14031:TCP:BitComet 14031 TCP
"14031:UDP"= 14031:UDP:BitComet 14031 UDP
R2 LMIInfo;LogMeIn Kernel Information Provider;C:\Program Files\x86\RaInfo.sys [2008-02-28 12856]
R2 LMIRfsDriver;LogMeIn Remote File System Driver;C:\WINDOWS\system32\drivers\LMIRfsDriver.sys [2008-03-07 45848]
R3 V0220Dev;Live! Cam Video IM;C:\WINDOWS\system32\DRIVERS\V0220Dev.sys [2006-06-29 146112]
R3 V0220Vfx;V0220VFX;C:\WINDOWS\system32\DRIVERS\V0220Vfx.sys [2006-06-08 6272]
S3 SetupNTGLM7X;SetupNTGLM7X;E:\NTGLM7X.sys [ ]
S3 usbscan;Pilote de scanneur USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 USBSTOR;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{969B3B70-8765-11D5-9809-0050BACBF861}]
rundll32.exe advpack.dll,LaunchINFSection C:\Program Files\CyberLink\MP3PowerEncoder\Cyber.inf,PerUserStub
.
- - - - ORPHELINS SUPPRIMES - - - -
HKCU-Run-apicfgwin - C:\WINDOWS\system32\petapkxm.exe
**************************************************************************
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-10-13 23:09:11
Windows 5.1.2600 Service Pack 2 NTFS
Recherche de processus cachés ...
Recherche d'éléments en démarrage automatique cachés ...
Recherche de fichiers cachés ...
Scan terminé avec succès
Fichiers cachés: 0
**************************************************************************
.
Heure de fin: 2008-10-13 23:10:34
ComboFix-quarantined-files.txt 2008-10-13 21:10:16
ComboFix2.txt 2008-10-12 12:23:15
ComboFix3.txt 2008-10-12 11:59:36
Avant-CF: 9 911 406 592 octets libres
Après-CF: 10,008,731,648 octets libres
263 --- E O F --- 2008-09-10 13:26:26
RAPPORT HIJACKTHIS :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:16:27, on 13/10/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\VTTimer.exe
C:\Program Files\Creative\Creative Live! Cam\VideoFX\StartFX.exe
C:\WINDOWS\V0220Mon.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Adobe\Adobe Acrobat 6.0\Distillr\acrotray.exe
C:\Program Files\a-squared Anti-Malware\a2service.exe
C:\Program Files\x86\RaMaint.exe
C:\Program Files\x86\LogMeIn.exe
C:\Program Files\x86\LMIGuardian.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\notepad.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\PccGuide.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://orange.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.8.30.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat\AcroIEFavClient.dll (file missing)
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [pccguide.exe] "C:\Program Files\Trend Micro\Internet Security 12\pccguide.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [AVFX Engine] C:\Program Files\Creative\Creative Live! Cam\VideoFX\StartFX.exe
O4 - HKLM\..\Run: [V0220Mon.exe] C:\WINDOWS\V0220Mon.exe
O4 - HKLM\..\Run: [LogMeIn GUI] "C:\Program Files\x86\LogMeInSystray.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [a-squared] "C:\Program Files\a-squared Anti-Malware\a2guard.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [Creative Live! Cam Manager] "C:\Program Files\Creative\Creative Live! Cam\Live! Cam Manager\CTLCMgr.exe"
O4 - HKCU\..\Run: [AnyDVD] C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BitComet] "C:\Program Files\BitComet\BitComet.exe" /tray
O4 - HKCU\..\Run: [EPSON Stylus DX4400 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICAE.EXE /FU "C:\WINDOWS\TEMP\E_S24A.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [Configuration de la C-BOX] C:\Program Files\Cegetel\C-BOX\Wizard\QuickAccess.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Assistant d'Acrobat.lnk = C:\Program Files\Adobe\Adobe Acrobat 6.0\Distillr\acrotray.exe
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: BitComet Search - {461CC20B-FB6E-4f16-8FE8-C29359DB100E} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.8.30.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} (Performance Viewer Activex Control) - https://secure.logmein.com/activex/RACtrl.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{59B8D619-0CD9-41D8-8364-6B2BAB9BF950}: NameServer = 213.30.96.108,213.203.124.146
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: a-squared Anti-Malware Service (a2AntiMalware) - Emsi Software GmbH - C:\Program Files\a-squared Anti-Malware\a2service.exe
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Program Files\x86\RaMaint.exe
O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Program Files\x86\LogMeIn.exe
O23 - Service: Trend Micro Central Control Component (PcCtlCom) - Trend Micro Incorporated. - C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe
O23 - Service: Trend Micro Real-time Service (Tmntsrv) - Trend Micro Incorporated. - C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe
O23 - Service: Trend Micro Personal Firewall (TmPfw) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
O23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe
O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Program Files\Windows Live\installer\WLSetupSvc.exe
--
End of file - 7086 bytes
Voici le rapport ComboFix ainsi que le rapport HijackThis :
RAPPORT COMBOFIX :
ComboFix 08-10-12.01 - Moi Même 2008-10-13 23:06:51.3 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.185 [GMT 2:00]
Lancé depuis: C:\Documents and Settings\Moi Même\Bureau\ComboFix.exe
Commutateurs utilisés :: C:\Documents and Settings\Moi Même\Bureau\CFScript.txt
* Un nouveau point de restauration a été créé
FILE ::
C:\WINDOWS\system32\petapkxm.exe
C:\WINDOWS\system32\wini104552502.exe
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\Documents and Settings\All Users\Application Data\bqbodyxo
C:\Program Files\dhahmac
C:\WINDOWS\system32\petapkxm.exe
C:\WINDOWS\system32\wini104552502.exe
.
((((((((((((((((((((((((((((( Fichiers créés du 2008-09-13 au 2008-10-13 ))))))))))))))))))))))))))))))))))))
.
2008-10-13 17:11 . 2008-10-13 17:11 <REP> d-------- C:\Documents and Settings\Moi Même\Application Data\EPSON
2008-10-11 08:54 . 2008-10-11 08:54 <REP> d-------- C:\rsit
2008-10-10 09:15 . 2008-10-10 09:19 2,874 --a------ C:\WINDOWS\system32\tmp.reg
2008-10-10 09:05 . 2008-10-10 09:08 <REP> d-------- C:\Program Files\a-squared Anti-Malware
2008-10-09 19:24 . 2008-10-09 19:24 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\Malwarebytes
2008-10-09 19:23 . 2006-05-04 10:33 <REP> d--h----- C:\Documents and Settings\Administrateur\Voisinage réseau
2008-10-09 19:23 . 2006-05-04 10:33 <REP> d--h----- C:\Documents and Settings\Administrateur\Voisinage d'impression
2008-10-09 19:23 . 2006-05-04 09:55 <REP> d--h----- C:\Documents and Settings\Administrateur\Modèles
2008-10-09 19:23 . 2006-05-04 10:33 <REP> d-------- C:\Documents and Settings\Administrateur\Mes documents
2008-10-09 19:23 . 2006-05-04 10:33 <REP> dr------- C:\Documents and Settings\Administrateur\Menu Démarrer
2008-10-09 19:23 . 2006-05-04 10:33 <REP> d-------- C:\Documents and Settings\Administrateur\Favoris
2008-10-09 19:23 . 2008-10-10 00:34 <REP> d-------- C:\Documents and Settings\Administrateur\Bureau
2008-10-09 19:23 . 2008-10-09 19:23 <REP> d-------- C:\Documents and Settings\Administrateur
2008-10-09 19:19 . 2008-10-09 19:19 <REP> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-10-09 19:19 . 2008-10-09 19:19 <REP> d-------- C:\Documents and Settings\Moi Même\Application Data\Malwarebytes
2008-10-09 19:19 . 2008-10-09 19:19 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-10-09 19:19 . 2008-09-10 00:04 38,528 --a------ C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2008-10-09 19:19 . 2008-09-10 00:03 17,200 --a------ C:\WINDOWS\system32\drivers\mbam.sys
2008-10-09 09:17 . 2008-10-09 09:31 2,764 --a------ C:\WINDOWS\wininit.ini
2008-10-07 10:13 . 2008-10-07 10:13 <REP> d-------- C:\Program Files\GoldWave
2008-10-06 17:20 . 2002-02-27 22:45 45,056 --a------ C:\WINDOWS\system32\ZeroFile.dll
2008-10-05 10:15 . 2008-10-05 10:15 <REP> d-------- C:\Program Files\TeaTimer (Spybot - Search & Destroy)
2008-10-05 10:15 . 2008-10-05 10:15 <REP> d-------- C:\Program Files\SDHelper (Spybot - Search & Destroy)
2008-10-05 09:41 . 2008-10-05 09:41 <REP> d-------- C:\Documents and Settings\Moi Même\Application Data\InstallShield
2008-10-05 09:39 . 2008-10-05 09:39 <REP> d-------- C:\Documents and Settings\All Users\Application Data\EPSON
2008-10-05 09:39 . 2006-12-08 04:04 76,800 --a------ C:\WINDOWS\system32\E_FLBCAE.DLL
2008-10-05 09:39 . 2006-04-19 04:00 62,976 --a------ C:\WINDOWS\system32\E_FD4BCAE.DLL
2008-10-05 09:30 . 2006-12-28 00:00 208,896 --a------ C:\WINDOWS\system32\esint7e.dll
2008-10-05 09:30 . 2006-12-28 00:00 66,560 --a------ C:\WINDOWS\system32\eswia7e.dll
2008-10-05 09:30 . 2006-03-10 00:00 3,584 --a------ C:\WINDOWS\system32\eswiaml.dll
2008-10-04 18:07 . 2008-10-04 18:07 <REP> d-------- C:\Program Files\Red Kawa
2008-10-04 17:54 . 2008-10-04 17:54 <REP> d-------- C:\Program Files\PQDVD
2008-10-04 13:08 . 2008-10-04 13:09 <REP> d-------- C:\Program Files\Rockstar Custom Tracks
2008-10-04 10:45 . 2008-10-04 18:49 <REP> d-------- C:\Program Files\Exact Audio Copy PSP Edition
2008-10-02 17:31 . 2008-10-08 22:43 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-10-02 17:31 . 2008-10-02 17:31 1,409 --a------ C:\WINDOWS\QTFont.for
2008-09-27 18:03 . 2008-09-27 18:03 244 --ah----- C:\sqmnoopt13.sqm
2008-09-27 18:03 . 2008-09-27 18:03 232 --ah----- C:\sqmdata12.sqm
2008-09-27 12:47 . 2008-09-27 12:47 244 --ah----- C:\sqmnoopt12.sqm
2008-09-27 12:47 . 2008-09-27 12:47 232 --ah----- C:\sqmdata11.sqm
2008-09-27 11:51 . 2008-09-27 11:51 244 --ah----- C:\sqmnoopt11.sqm
2008-09-27 11:51 . 2008-09-27 11:51 232 --ah----- C:\sqmdata10.sqm
2008-09-27 08:00 . 2008-09-27 08:00 244 --ah----- C:\sqmnoopt10.sqm
2008-09-27 08:00 . 2008-09-27 08:00 232 --ah----- C:\sqmdata09.sqm
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-10-13 21:01 --------- d-----w C:\Documents and Settings\Moi Même\Application Data\Skype
2008-10-13 18:59 7,733 ----a-w C:\Program Files\LogMeIn.log
2008-10-13 18:58 9,540 ----a-w C:\Program Files\dbg_LMI_proc.txt
2008-10-13 18:58 67,596 ----a-w C:\Program Files\NET.dat
2008-10-13 18:58 33,804 ----a-w C:\Program Files\MEM.dat
2008-10-13 18:58 33,804 ----a-w C:\Program Files\DRV.dat
2008-10-13 18:58 11,276 ----a-w C:\Program Files\CPU.dat
2008-10-13 18:58 --------- d-----w C:\Documents and Settings\Moi Même\Application Data\skypePM
2008-10-12 05:25 8,691 ----a-w C:\Program Files\LMI20081012.log
2008-10-11 16:30 18,400 ----a-w C:\Program Files\LMI20081011.log
2008-10-10 18:26 29,067 ----a-w C:\Program Files\LMI20081010.log
2008-10-09 21:56 33,806 ----a-w C:\Program Files\LMI20081009.log
2008-10-09 16:28 --------- d-----w C:\Program Files\Trend Micro
2008-10-09 09:09 --------- d-----w C:\Program Files\eMule
2008-10-08 04:54 9,709 ----a-w C:\Program Files\LMI20081008.log
2008-10-06 15:43 9,709 ----a-w C:\Program Files\LMI20081006.log
2008-10-06 15:25 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-10-05 08:21 --------- d-----w C:\Program Files\Spybot - Search & Destroy
2008-10-05 07:44 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-10-05 07:43 --------- d-----w C:\Program Files\EPSON
2008-10-04 12:47 9,709 ----a-w C:\Program Files\LMI20081004.log
2008-10-03 05:01 9,709 ----a-w C:\Program Files\LMI20081003.log
2008-10-02 04:53 9,709 ----a-w C:\Program Files\LMI20081002.log
2008-10-01 18:33 18,400 ----a-w C:\Program Files\LMI20081001.log
2008-09-29 04:55 10,667 ----a-w C:\Program Files\LMI20080929.log
2008-09-28 14:05 7,733 ----a-w C:\Program Files\LMI20080928.log
2008-09-27 17:17 18,400 ----a-w C:\Program Files\LMI20080927.log
2008-09-24 05:14 9,781 ----a-w C:\Program Files\LMI20080924.log
2008-09-22 12:20 9,212 ----a-w C:\Program Files\LMI20080922.log
2008-09-21 09:38 17,382 ----a-w C:\Program Files\LMI20080921.log
2008-09-20 10:56 9,709 ----a-w C:\Program Files\LMI20080920.log
2008-09-19 05:33 9,212 ----a-w C:\Program Files\LMI20080919.log
2008-09-18 05:18 18,400 ----a-w C:\Program Files\LMI20080918.log
2008-09-17 05:26 8,691 ----a-w C:\Program Files\LMI20080917.log
2008-09-16 08:29 18,400 ----a-w C:\Program Files\LMI20080916.log
2008-09-15 06:13 9,709 ----a-w C:\Program Files\LMI20080915.log
2008-09-14 05:19 9,709 ----a-w C:\Program Files\LMI20080914.log
2008-09-13 05:49 8,691 ----a-w C:\Program Files\LMI20080913.log
2008-09-12 16:28 9,709 ----a-w C:\Program Files\LMI20080912.log
2008-09-11 07:37 17,903 ----a-w C:\Program Files\LMI20080911.log
2008-09-10 18:49 18,400 ----a-w C:\Program Files\LMI20080910.log
2008-09-09 05:34 9,709 ----a-w C:\Program Files\LMI20080909.log
2008-09-08 04:57 8,691 ----a-w C:\Program Files\LMI20080908.log
2008-09-07 07:14 9,709 ----a-w C:\Program Files\LMI20080907.log
2008-09-06 05:19 9,709 ----a-w C:\Program Files\LMI20080906.log
2008-09-05 04:46 8,691 ----a-w C:\Program Files\LMI20080905.log
2008-09-04 18:36 9,212 ----a-w C:\Program Files\LMI20080904.log
2008-09-03 04:59 9,709 ----a-w C:\Program Files\LMI20080903.log
2008-09-02 04:55 9,709 ----a-w C:\Program Files\LMI20080902.log
2008-08-29 18:42 9,709 ----a-w C:\Program Files\LMI20080829.log
2008-08-22 06:36 18,166 ----a-w C:\Program Files\LMI20080822.log
2008-08-18 09:54 26,625 ----a-w C:\Program Files\LMI20080818.log
2008-08-18 08:28 --------- d-----w C:\Documents and Settings\All Users\Application Data\LogMeIn
2008-08-18 08:27 388 ----a-w C:\Program Files\dbg_LMI_printer.txt
2008-08-18 08:27 --------- d-----w C:\Program Files\x86
2008-08-18 08:27 --------- d-----w C:\Program Files\x64
2008-08-17 18:34 6,924 ----a-w C:\Program Files\LMI20080817.log
2008-08-16 18:34 6,924 ----a-w C:\Program Files\LMI20080816.log
2008-08-15 18:35 24,122 ----a-w C:\Program Files\LMI20080815.log
2008-08-14 19:13 26,098 ----a-w C:\Program Files\LMI20080814.log
2008-08-13 19:10 16,511 ----a-w C:\Program Files\LMI20080813.log
2008-08-06 18:05 10,108 ----a-w C:\Program Files\LMI20080806.log
2008-08-04 11:46 16,511 ----a-w C:\Program Files\LMI20080804.log
2008-07-31 16:10 16,511 ----a-w C:\Program Files\LMI20080731.log
2008-07-30 06:30 16,511 ----a-w C:\Program Files\LMI20080730.log
2008-07-29 04:56 16,511 ----a-w C:\Program Files\LMI20080729.log
2008-07-28 04:52 9,587 ----a-w C:\Program Files\LMI20080728.log
2008-07-27 05:34 16,511 ----a-w C:\Program Files\LMI20080727.log
2008-07-26 05:00 10,180 ----a-w C:\Program Files\LMI20080726.log
2008-07-25 04:46 16,511 ----a-w C:\Program Files\LMI20080725.log
2008-07-24 04:47 16,511 ----a-w C:\Program Files\LMI20080724.log
2008-07-21 16:48 26,098 ----a-w C:\Program Files\LMI20080721.log
2008-07-20 19:22 16,511 ----a-w C:\Program Files\LMI20080720.log
2008-07-19 05:42 16,511 ----a-w C:\Program Files\LMI20080719.log
2008-07-18 20:10 94,920 ----a-w C:\WINDOWS\system32\cdm.dll
2008-07-18 20:10 53,448 ----a-w C:\WINDOWS\system32\wuauclt.exe
2008-07-18 20:10 45,768 ----a-w C:\WINDOWS\system32\wups2.dll
2008-07-18 20:10 36,552 ----a-w C:\WINDOWS\system32\wups.dll
2008-07-18 20:09 563,912 ----a-w C:\WINDOWS\system32\wuapi.dll
2008-07-18 20:09 325,832 ----a-w C:\WINDOWS\system32\wucltui.dll
2008-07-18 20:09 205,000 ----a-w C:\WINDOWS\system32\wuweb.dll
2008-07-18 20:09 1,811,656 ----a-w C:\WINDOWS\system32\wuaueng.dll
2008-07-18 20:07 270,880 ----a-w C:\WINDOWS\system32\mucltui.dll
2008-07-18 20:07 210,976 ----a-w C:\WINDOWS\system32\muweb.dll
2008-07-18 04:50 16,511 ----a-w C:\Program Files\LMI20080718.log
2008-07-17 04:41 9,587 ----a-w C:\Program Files\LMI20080717.log
2008-07-16 11:59 26,098 ----a-w C:\Program Files\LMI20080716.log
2008-07-15 05:37 19,174 ----a-w C:\Program Files\LMI20080715.log
2008-05-28 10:32 5,102,100 ----a-w C:\Program Files\template.rab
2007-11-16 08:49 32 ----a-w C:\Documents and Settings\All Users\Application Data\ezsid.dat
2007-10-09 18:04 854 ----a-w C:\Program Files\journal.dat
2007-09-12 08:20 6,189 ----a-w C:\Program Files\file.sma
2007-09-12 08:20 5,902 ----a-w C:\Program Files\email.sma
2007-09-12 08:20 5,855 ----a-w C:\Program Files\ping.sma
2007-09-12 08:20 5,750 ----a-w C:\Program Files\WapClients.cfg
2007-09-12 08:20 4,810 ----a-w C:\Program Files\processes.sma
2007-09-12 08:20 4,364 ----a-w C:\Program Files\WatchProcess.sma
2007-09-12 08:20 3,188 ----a-w C:\Program Files\CheckCDrive.sma
2007-09-12 08:20 24,967 ----a-w C:\Program Files\MonitoringScript.txt
2005-05-13 16:12 217,073 --sha-r C:\WINDOWS\meta4.exe
2005-10-24 10:13 66,560 --sha-r C:\WINDOWS\MOTA113.exe
2005-10-13 20:27 422,400 --sha-r C:\WINDOWS\x2.64.exe
2005-10-07 18:14 308,224 --sha-r C:\WINDOWS\system32\avisynth.dll
2005-07-14 11:31 27,648 --sha-r C:\WINDOWS\system32\AVSredirect.dll
2005-06-26 14:32 616,448 --sha-r C:\WINDOWS\system32\cygwin1.dll
2005-06-21 21:37 45,568 --sha-r C:\WINDOWS\system32\cygz.dll
2004-01-24 23:00 70,656 --sha-r C:\WINDOWS\system32\i420vfw.dll
2006-04-27 09:24 2,945,024 --sha-r C:\WINDOWS\system32\Smab.dll
2005-02-28 12:16 240,128 --sha-r C:\WINDOWS\system32\x.264.exe
2004-01-24 23:00 70,656 --sha-r C:\WINDOWS\system32\yv12vfw.dll
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.Exe" [2007-01-19 5674352]
"Skype"="C:\Program Files\Skype\Phone\Skype.exe" [2007-11-12 21760296]
"Creative Live! Cam Manager"="C:\Program Files\Creative\Creative Live! Cam\Live! Cam Manager\CTLCMgr.exe" [2006-05-31 143360]
"AnyDVD"="C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe" [2007-10-12 1563584]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-19 15360]
"BitComet"="C:\Program Files\BitComet\BitComet.exe" [2007-09-10 6338360]
"EPSON Stylus DX4400 Series"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICAE.EXE" [2007-03-01 180736]
"Configuration de la C-BOX"="C:\Program Files\Cegetel\C-BOX\Wizard\QuickAccess.exe" [BU]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2004-02-13 155648]
"pccguide.exe"="C:\Program Files\Trend Micro\Internet Security 12\pccguide.exe" [2004-10-27 823361]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2006-08-31 282624]
"AVFX Engine"="C:\Program Files\Creative\Creative Live! Cam\VideoFX\StartFX.exe" [2006-06-09 24576]
"V0220Mon.exe"="C:\WINDOWS\V0220Mon.exe" [2006-06-28 32768]
"LogMeIn GUI"="C:\Program Files\x86\LogMeInSystray.exe" [2007-09-12 63048]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-10-10 39792]
"a-squared"="C:\Program Files\a-squared Anti-Malware\a2guard.exe" [2008-10-07 2776720]
"VTTimer"="VTTimer.exe" [2004-10-01 C:\WINDOWS\system32\VTTimer.exe]
C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
Adobe Gamma Loader.lnk - C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe [2006-11-14 113664]
Assistant d'Acrobat.lnk - C:\Program Files\Adobe\Adobe Acrobat 6.0\Distillr\acrotray.exe [2003-10-24 217194]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"ForceClassicControlPanel"= 1 (0x1)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LMIinit]
2008-05-28 12:32 87352 C:\WINDOWS\system32\LMIinit.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.I420"= i420vfw.dll
"msacm.clmp3enc"= C:\PROGRA~1\CYBERL~1\MP3POW~1\CLMP3Enc.ACM
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Assistant d'Acrobat.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Assistant d'Acrobat.lnk
backup=C:\WINDOWS\pss\Assistant d'Acrobat.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AudioDeck]
--a------ 2005-09-06 05:10 450560 C:\Program Files\VIAudioi\SBADeck\ADeck.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Logitech Utility]
--------- 2003-12-17 09:50 19968 C:\WINDOWS\LOGI_MWX.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\TrendAntiVirus]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\TrendFirewall]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\SightSpeed\\SightSpeed.exe"=
"C:\\Program Files\\eMule\\emule.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"C:\\Program Files\\MSN Messenger\\livecall.exe"=
"C:\\Program Files\\Skype\\Phone\\Skype.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"14031:TCP"= 14031:TCP:BitComet 14031 TCP
"14031:UDP"= 14031:UDP:BitComet 14031 UDP
R2 LMIInfo;LogMeIn Kernel Information Provider;C:\Program Files\x86\RaInfo.sys [2008-02-28 12856]
R2 LMIRfsDriver;LogMeIn Remote File System Driver;C:\WINDOWS\system32\drivers\LMIRfsDriver.sys [2008-03-07 45848]
R3 V0220Dev;Live! Cam Video IM;C:\WINDOWS\system32\DRIVERS\V0220Dev.sys [2006-06-29 146112]
R3 V0220Vfx;V0220VFX;C:\WINDOWS\system32\DRIVERS\V0220Vfx.sys [2006-06-08 6272]
S3 SetupNTGLM7X;SetupNTGLM7X;E:\NTGLM7X.sys [ ]
S3 usbscan;Pilote de scanneur USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 USBSTOR;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{969B3B70-8765-11D5-9809-0050BACBF861}]
rundll32.exe advpack.dll,LaunchINFSection C:\Program Files\CyberLink\MP3PowerEncoder\Cyber.inf,PerUserStub
.
- - - - ORPHELINS SUPPRIMES - - - -
HKCU-Run-apicfgwin - C:\WINDOWS\system32\petapkxm.exe
**************************************************************************
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-10-13 23:09:11
Windows 5.1.2600 Service Pack 2 NTFS
Recherche de processus cachés ...
Recherche d'éléments en démarrage automatique cachés ...
Recherche de fichiers cachés ...
Scan terminé avec succès
Fichiers cachés: 0
**************************************************************************
.
Heure de fin: 2008-10-13 23:10:34
ComboFix-quarantined-files.txt 2008-10-13 21:10:16
ComboFix2.txt 2008-10-12 12:23:15
ComboFix3.txt 2008-10-12 11:59:36
Avant-CF: 9 911 406 592 octets libres
Après-CF: 10,008,731,648 octets libres
263 --- E O F --- 2008-09-10 13:26:26
RAPPORT HIJACKTHIS :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:16:27, on 13/10/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\VTTimer.exe
C:\Program Files\Creative\Creative Live! Cam\VideoFX\StartFX.exe
C:\WINDOWS\V0220Mon.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Adobe\Adobe Acrobat 6.0\Distillr\acrotray.exe
C:\Program Files\a-squared Anti-Malware\a2service.exe
C:\Program Files\x86\RaMaint.exe
C:\Program Files\x86\LogMeIn.exe
C:\Program Files\x86\LMIGuardian.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\notepad.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\PccGuide.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://orange.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.8.30.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat\AcroIEFavClient.dll (file missing)
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [pccguide.exe] "C:\Program Files\Trend Micro\Internet Security 12\pccguide.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [AVFX Engine] C:\Program Files\Creative\Creative Live! Cam\VideoFX\StartFX.exe
O4 - HKLM\..\Run: [V0220Mon.exe] C:\WINDOWS\V0220Mon.exe
O4 - HKLM\..\Run: [LogMeIn GUI] "C:\Program Files\x86\LogMeInSystray.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [a-squared] "C:\Program Files\a-squared Anti-Malware\a2guard.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [Creative Live! Cam Manager] "C:\Program Files\Creative\Creative Live! Cam\Live! Cam Manager\CTLCMgr.exe"
O4 - HKCU\..\Run: [AnyDVD] C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BitComet] "C:\Program Files\BitComet\BitComet.exe" /tray
O4 - HKCU\..\Run: [EPSON Stylus DX4400 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICAE.EXE /FU "C:\WINDOWS\TEMP\E_S24A.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [Configuration de la C-BOX] C:\Program Files\Cegetel\C-BOX\Wizard\QuickAccess.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Assistant d'Acrobat.lnk = C:\Program Files\Adobe\Adobe Acrobat 6.0\Distillr\acrotray.exe
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: BitComet Search - {461CC20B-FB6E-4f16-8FE8-C29359DB100E} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.8.30.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} (Performance Viewer Activex Control) - https://secure.logmein.com/activex/RACtrl.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{59B8D619-0CD9-41D8-8364-6B2BAB9BF950}: NameServer = 213.30.96.108,213.203.124.146
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: a-squared Anti-Malware Service (a2AntiMalware) - Emsi Software GmbH - C:\Program Files\a-squared Anti-Malware\a2service.exe
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Program Files\x86\RaMaint.exe
O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Program Files\x86\LogMeIn.exe
O23 - Service: Trend Micro Central Control Component (PcCtlCom) - Trend Micro Incorporated. - C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe
O23 - Service: Trend Micro Real-time Service (Tmntsrv) - Trend Micro Incorporated. - C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe
O23 - Service: Trend Micro Personal Firewall (TmPfw) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
O23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe
O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Program Files\Windows Live\installer\WLSetupSvc.exe
--
End of file - 7086 bytes
- | Alerter
Bonsoir,~Fais une analyse antivirus en ligne sur le site de Kaspersky
http://www.kaspersky.com/kos/eng/partner/default/kavweb...
Comment va le PC ? Toujours des problèmes ?
- | Alerter
Salut!
Le PC va bien (la fenêtre ne s'affiche plus!!!)
Voici le rapport Kaspersky : (faut-il que je supprime les éléments en quarantaine dans C:\Qoobox\Quarantine\ ? De quelle manière?)
--------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER 7 REPORT
Thursday, October 16, 2008
Operating System: Microsoft Windows XP Professional Service Pack 2 (build 2600)
Kaspersky Online Scanner 7 version: 7.0.25.0
Program database last update: Thursday, October 16, 2008 03:31:11
Records in database: 1315135
--------------------------------------------------------------------------------
Scan settings:
Scan using the following database: extended
Scan archives: yes
Scan mail databases: yes
Scan area - My Computer:
A:\
C:\
D:\
E:\
Scan statistics:
Files scanned: 66645
Threat name: 3
Infected objects: 4
Suspicious objects: 0
Duration of the scan: 01:42:24
File name / Threat name / Threats count
C:\Documents and Settings\Moi Même\Bureau\VIRUS\SmitfraudFix\Reboot.exe Infected: not-a-virus:RiskTool.Win32.Reboot.f 1
C:\Documents and Settings\Moi Même\Bureau\VIRUS\SmitfraudFix.exe Infected: not-a-virus:RiskTool.Win32.Reboot.f 1
C:\Qoobox\Quarantine\C\WINDOWS\system32\petapkxm.exe.vir Infected: Trojan.Win32.Obfuscated.gx 1
C:\Qoobox\Quarantine\C\WINDOWS\system32\wini104552502.exe.vir Infected: not-a-virus![:D]( ":D")
ownloader.Win32.Agent.bs 1
The selected area was scanned.
Le PC va bien (la fenêtre ne s'affiche plus!!!)
Voici le rapport Kaspersky : (faut-il que je supprime les éléments en quarantaine dans C:\Qoobox\Quarantine\ ? De quelle manière?)
--------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER 7 REPORT
Thursday, October 16, 2008
Operating System: Microsoft Windows XP Professional Service Pack 2 (build 2600)
Kaspersky Online Scanner 7 version: 7.0.25.0
Program database last update: Thursday, October 16, 2008 03:31:11
Records in database: 1315135
--------------------------------------------------------------------------------
Scan settings:
Scan using the following database: extended
Scan archives: yes
Scan mail databases: yes
Scan area - My Computer:
A:\
C:\
D:\
E:\
Scan statistics:
Files scanned: 66645
Threat name: 3
Infected objects: 4
Suspicious objects: 0
Duration of the scan: 01:42:24
File name / Threat name / Threats count
C:\Documents and Settings\Moi Même\Bureau\VIRUS\SmitfraudFix\Reboot.exe Infected: not-a-virus:RiskTool.Win32.Reboot.f 1
C:\Documents and Settings\Moi Même\Bureau\VIRUS\SmitfraudFix.exe Infected: not-a-virus:RiskTool.Win32.Reboot.f 1
C:\Qoobox\Quarantine\C\WINDOWS\system32\petapkxm.exe.vir Infected: Trojan.Win32.Obfuscated.gx 1
C:\Qoobox\Quarantine\C\WINDOWS\system32\wini104552502.exe.vir Infected: not-a-virus
ownloader.Win32.Agent.bs 1The selected area was scanned.
- | Alerter
Re,
Suis ces étapes pour désinstaller proprement combofix et les tools que nous avons utilisés pendant la désinfection
Menu démarrer puis exécuter
Tape maintenant Combofix /u dans la fenêtre que apparaît puis valide par OK. Veille à bien laisser un espace entre le X et le /U, car cela est nécessaire ici.
![]()
Prévention :
- Nettoyage des fichiers temporaires :
Télécharge Ccleaner sur ton Bureau.
Clique sur "download the latest version"
Installe-le en laissant seulement les options suivantes cochées :
- Ajouter un raccourci sur le Bureau
- Contrôler automatiquement les mises à jour de CCleaner
Lance le Nettoyage
Clique sur Chercher des erreurs et sauvegarde si tu le souhaites.
Aide : Comment utiliser CCleaner.
Telecharge ATFcleaner sur ton Bureau.
Double-clique sur l'exécutable téléchargé.
Dans l'onglet Main, coche simplement la case Select All (toutes les cases vont se cocher) puis sur le bouton Empty Selected.
Si tu possèdes Firefox ou Opera comme navigateur, pense à choisir ton navigateur en haut a gauche avant de sélectionner Select All puis Empty Selected.
Puis réponds Non au message qui s'affiche, si tu ne souhaites pas perdre tes mots de passe.
Aide : Comment utiliser AFTCleaner.
-- Restauration Système :
Désactive-Réactive la restauration système.
Méthode XP :
Clique sur Démarrer, fais un clique droit sur le Poste de travail puis clique sur Propiétés. Sélectionne l'onglet Restauration du Système.
Dans cet onglet, coche la case Désactiver la Restauration du système sur tous les lecteurs.
Un message de confirmation va apparaître. Clique sur Oui, puis OK. Fais redémarrer ton ordinateur pour que les changements soient bien pris en compte.
Pour réactiver la restauration système, il suffit de décocher cette même case et de faire redémarrer ton ordinateur (en ayant suivi les mêmes étapes).
Méthode Vista :
Clique sur Démarrer, fais un clique droit sur Ordinateur, puis clique sur Propriétés. Clique à gauche sur Paramètres système avancés. Sélectionne l'onglet Protection du Système.
Dans cet onglet, décoche (une par une) tes partitions, un message de confirmation va apparaître, clique sur Désactiver la protection du système, Clique sur Appliquer, puis OK.
Fais redémarrer ton ordinateur pour que les changements soient bien pris en compte.
Pour réactiver la restauration système, il suffit de décocher cette même case et de faire redémarrer ton ordinateur (en ayant suivi les mêmes étapes).
Aide : Comment Désactiver-Réactiver la Restauration Système.
--- Affichage normal des fichiers :
Clique sur le menu Demarrer /Panneau de configuration/Options des dossiers/ puis dans l'onglet Affichage
- Décoche Afficher les fichiers et dossiers cachés
- Coche Masquer les fichiers protégés du système d'exploitation (recommandé)
clique sur Appliquer, puis OK.
---- Suppression des outils installés :
Télécharge ToolsCleaner2 (de A.Rothstein)
Installe le sur ton Bureau.
Clique sur Recherche pour lancer le scan.
Clique sur Supprimer pour nettoyer les outils utilisés.
Clique sur Quitter.
Supprime maintenant ToolsCleaner.
----- Remise en place des protections, protection du système avec les Mises à Jour ! :
Je t'invite maintenant à (ré)activer toutes tes protections résidentes (Antivirus, Antispyware, Firewall..).
Tu dois avoir accès à tes protections dans la zone systray à côté de la barre des tâches. Si tu as des difficultés, n'hésite pas à me questionner !
Si ce n'est pas fait, assure-toi que les Mises à jour Automatiques Windows soient activées !
Mets tes Softwares correctement à jour (Java, Adobe, Flash ..) grâce à Sotware Inspector (chez Secunia)
Un petit mot à propos de Java :
Une fois la nouvelle version téléchargée, installe-la et fais redémarrer ton ordinateur.
Hélas, les anciennes version de Java (qui contiennent des failles, donc dangereuses !) sont toujours présentes !
C'est donc très important que tu désinstalles les anciennes versions de Java.
Va dans Démarrer, Panneau de Configuration, Ajout/Suppression de Programmes
Déinstalles toutes les versions de Java exceptée la plus récente.
Aide : Comment utiliser Secunia Software Inspector.
------ Ton infection, tu la dénonces ? :
Tu n'es pas obligé mais ce serait bien que tu rapportes ton infection sur Malware Complaints
Ton(tes) infection(s) : Trojan Downloader.
Si tu ne la trouves pas dans la liste, poste dans Autres infections.
Aide : Comment dénoncer mon infection sur Malware Complaints.
Ajoute maintenant [Résolu] au titre. Pour cela :
* Clique, dans ton premier message, sur le bouton "Editer"![]()
* Rajoute la mention [Résolu] au titre
* Clique ensuite sur "Valider votre message"
Je t'invite maintenant à regarder ces dossiers très instructifs en terme de prévention !
- Sécurité/Prévention
- Conséquences de la multi-protection
- Toolbars : Inutilité et ralentissements
Bonne journée/soirée![:)]( ":)")
Suis ces étapes pour désinstaller proprement combofix et les tools que nous avons utilisés pendant la désinfection
Prévention :
- Nettoyage des fichiers temporaires :
Télécharge Ccleaner sur ton Bureau.
- Ajouter un raccourci sur le Bureau
- Contrôler automatiquement les mises à jour de CCleaner
Aide : Comment utiliser CCleaner.
Telecharge ATFcleaner sur ton Bureau.
Aide : Comment utiliser AFTCleaner.
-- Restauration Système :
Désactive-Réactive la restauration système.
Méthode XP :
Clique sur Démarrer, fais un clique droit sur le Poste de travail puis clique sur Propiétés. Sélectionne l'onglet Restauration du Système.
Dans cet onglet, coche la case Désactiver la Restauration du système sur tous les lecteurs.
Un message de confirmation va apparaître. Clique sur Oui, puis OK. Fais redémarrer ton ordinateur pour que les changements soient bien pris en compte.
Pour réactiver la restauration système, il suffit de décocher cette même case et de faire redémarrer ton ordinateur (en ayant suivi les mêmes étapes).
Méthode Vista :
Clique sur Démarrer, fais un clique droit sur Ordinateur, puis clique sur Propriétés. Clique à gauche sur Paramètres système avancés. Sélectionne l'onglet Protection du Système.
Dans cet onglet, décoche (une par une) tes partitions, un message de confirmation va apparaître, clique sur Désactiver la protection du système, Clique sur Appliquer, puis OK.
Fais redémarrer ton ordinateur pour que les changements soient bien pris en compte.
Pour réactiver la restauration système, il suffit de décocher cette même case et de faire redémarrer ton ordinateur (en ayant suivi les mêmes étapes).
Aide : Comment Désactiver-Réactiver la Restauration Système.
--- Affichage normal des fichiers :
Clique sur le menu Demarrer /Panneau de configuration/Options des dossiers/ puis dans l'onglet Affichage
- Décoche Afficher les fichiers et dossiers cachés
- Coche Masquer les fichiers protégés du système d'exploitation (recommandé)
clique sur Appliquer, puis OK.
---- Suppression des outils installés :
Télécharge ToolsCleaner2 (de A.Rothstein)
----- Remise en place des protections, protection du système avec les Mises à Jour ! :
Je t'invite maintenant à (ré)activer toutes tes protections résidentes (Antivirus, Antispyware, Firewall..).
Tu dois avoir accès à tes protections dans la zone systray à côté de la barre des tâches. Si tu as des difficultés, n'hésite pas à me questionner !
Si ce n'est pas fait, assure-toi que les Mises à jour Automatiques Windows soient activées !
Mets tes Softwares correctement à jour (Java, Adobe, Flash ..) grâce à Sotware Inspector (chez Secunia)
Un petit mot à propos de Java :
Une fois la nouvelle version téléchargée, installe-la et fais redémarrer ton ordinateur.
Hélas, les anciennes version de Java (qui contiennent des failles, donc dangereuses !) sont toujours présentes !
C'est donc très important que tu désinstalles les anciennes versions de Java.
Aide : Comment utiliser Secunia Software Inspector.
------ Ton infection, tu la dénonces ? :
Tu n'es pas obligé mais ce serait bien que tu rapportes ton infection sur Malware Complaints
Aide : Comment dénoncer mon infection sur Malware Complaints.
Ajoute maintenant [Résolu] au titre. Pour cela :
* Clique, dans ton premier message, sur le bouton "Editer"
* Rajoute la mention [Résolu] au titre
* Clique ensuite sur "Valider votre message"
Je t'invite maintenant à regarder ces dossiers très instructifs en terme de prévention !
- Sécurité/Prévention
- Conséquences de la multi-protection
- Toolbars : Inutilité et ralentissements
Bonne journée/soirée
- | Alerter
- | Alerter
Re,
De rien ce fut un plaisir !
Si tu en as assez d'être assailli de publicités durant ta navigation, installe Firefox sécurisé avec les extensions noscript et AdBlock Plus.
Merci de consulter ce dossier (en pdf) pour en connaître davantage sur les risques du Net.
![]()
Si tu trouves ce document intéressant, n'hésite pas à le transmettre à tes contacts.
Bonne continuation![:hello:]( ":hello:")
De rien ce fut un plaisir !
Si tu en as assez d'être assailli de publicités durant ta navigation, installe Firefox sécurisé avec les extensions noscript et AdBlock Plus.
Merci de consulter ce dossier (en pdf) pour en connaître davantage sur les risques du Net.
Si tu trouves ce document intéressant, n'hésite pas à le transmettre à tes contacts.
Bonne continuation
- | Alerter
Lassé par la pub ? Créez un compte
