Se connecter avec
S'enregistrer | Connectez-vous
Votre question

[Résolu] Virus, Windows Security Alert

Dernière réponse : dans Sécurité et virus
Partagez
9 Octobre 2008 10:24:53

Bonjour,

Une fenêtre "Windows Security Alert" apparait régulièrement sur mon ordinateur. Cette fenetre dit :


To help protect your computer, Windows Firewall has detected activity of harmful software

Do you want to block this software from sending data over the internet?
Name : Trojan-Downloader.Win32.Agent.bq
Risk Level : CRITICAL
Description : The Trojan is capable of downloading and launching files from the internet on the victim machine. It also downloads a program from the AdWare class to the victim machine.


Sur cette fenêtre il y a trois boutons : "Keep Blocking", "Unblock" et "Enable Protection". Seulement, seul le bouton "Enable Protection" est actif et renvoi vers le lien suivant :***

Cela me semble étrange qu'une fenêtre "Windows Security Alert" renvoie vers une telle adresse.


Quelqu'un pourrait-il m'aider s'il vous plait?

D'avance merci
9 Octobre 2008 16:35:26

Bonjour,

Supprime le lien de ton premier message, il renvoie vers un site douteux, voire infecté.

Télécharge Hijackthis (de Trend Micro) sur ton Bureau.

  • Double clique sur HJTInstall.exe pour lancer l'installation.
  • Clique sur Install.
  • Double clique sur le raccourci d'HijackThis qui vient d'être créé pour le lancer. (Clique droit -> lancer en tant qu'admin si sous Vista)
  • Accepte la licence en cliquant sur Yes.
  • Clique sur "Do a system scan and save a logfile".
  • Poste ici[ le rapport généré.

    Note : Le rapport se trouve également ici : C:\Program Files\Trend Micro\Hijackthis\Hijackthis.log

    Aide : Comment utiliser HijackThis.

    ;) 
    9 Octobre 2008 18:35:42

    Rebonjour,

    Désolé pour le lien. Quelqu'un a dû le retirer, je ne le vois plus.
    Voici le rapport générer par HijackThis (merci pour votre aide!!!):

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 18:29:17, on 09/10/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16705)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\Documents and Settings\All Users\Application Data\bqbodyxo\rufqxmje.exe
    C:\WINDOWS\system32\VTTimer.exe
    C:\Program Files\Trend Micro\Internet Security 12\pccguide.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\Program Files\Creative\Creative Live! Cam\VideoFX\StartFX.exe
    C:\WINDOWS\V0220Mon.exe
    C:\Program Files\MSN Messenger\MsnMsgr.Exe
    C:\Program Files\Skype\Phone\Skype.exe
    C:\Program Files\Creative\Creative Live! Cam\Live! Cam Manager\CTLCMgr.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe
    C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICAE.EXE
    C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    C:\WINDOWS\system32\petapkxm.exe
    C:\Program Files\Adobe\Adobe Acrobat 6.0\Distillr\acrotray.exe
    C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe
    C:\WINDOWS\System32\svchost.exe
    C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
    C:\Program Files\Skype\Plugin Manager\skypePM.exe
    C:\Program Files\MSN Messenger\usnsvc.exe
    C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe
    C:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\BitComet\BitComet.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.msn.fr/spbasic.htm
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
    O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.8.30.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat\AcroIEFavClient.dll (file missing)
    O2 - BHO: (no name) - {C5A28212-A58F-47D3-AAC3-276AFA7CBB98} - C:\DOCUME~1\MOIMME~1\LOCALS~1\Temp\~DP8F.dll (file missing)
    O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
    O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat\AcroIEFavClient.dll (file missing)
    O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
    O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [pccguide.exe] "C:\Program Files\Trend Micro\Internet Security 12\pccguide.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [AVFX Engine] C:\Program Files\Creative\Creative Live! Cam\VideoFX\StartFX.exe
    O4 - HKLM\..\Run: [V0220Mon.exe] C:\WINDOWS\V0220Mon.exe
    O4 - HKLM\..\Run: [LogMeIn GUI] "C:\Program Files\x86\LogMeInSystray.exe"
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
    O4 - HKLM\..\RunOnce: [SpybotDeletingA1747] command /c del "C:\WINDOWS\system32\smp\msrc.exe"
    O4 - HKLM\..\RunOnce: [SpybotDeletingC5637] cmd /c del "C:\WINDOWS\system32\smp\msrc.exe"
    O4 - HKLM\..\RunOnce: [SpybotDeletingA4470] command /c del "C:\WINDOWS\iTunesMusic.exe"
    O4 - HKLM\..\RunOnce: [SpybotDeletingC3638] cmd /c del "C:\WINDOWS\iTunesMusic.exe"
    O4 - HKLM\..\RunOnce: [SpybotDeletingA7438] command /c del "C:\WINDOWS\winsystem.exe"
    O4 - HKLM\..\RunOnce: [SpybotDeletingC827] cmd /c del "C:\WINDOWS\winsystem.exe"
    O4 - HKLM\..\RunOnce: [SpybotDeletingA5716] command /c del "C:\WINDOWS\system32\akttzn.exe"
    O4 - HKLM\..\RunOnce: [SpybotDeletingC1652] cmd /c del "C:\WINDOWS\system32\akttzn.exe"
    O4 - HKLM\..\RunOnce: [SpybotDeletingA5243] command /c del "C:\WINDOWS\system32\anticipator.dll"
    O4 - HKLM\..\RunOnce: [SpybotDeletingC1903] cmd /c del "C:\WINDOWS\system32\anticipator.dll"
    O4 - HKLM\..\RunOnce: [SpybotDeletingA7346] command /c del "C:\WINDOWS\system32\awtoolb.dll"
    O4 - HKLM\..\RunOnce: [SpybotDeletingC3071] cmd /c del "C:\WINDOWS\system32\awtoolb.dll"
    O4 - HKLM\..\RunOnce: [SpybotDeletingA1921] command /c del "C:\WINDOWS\system32\bdn.com"
    O4 - HKLM\..\RunOnce: [SpybotDeletingC2926] cmd /c del "C:\WINDOWS\system32\bdn.com"
    O4 - HKLM\..\RunOnce: [SpybotDeletingA9487] command /c del "C:\WINDOWS\system32\bsva-egihsg52.exe"
    O4 - HKLM\..\RunOnce: [SpybotDeletingC2293] cmd /c del "C:\WINDOWS\system32\bsva-egihsg52.exe"
    O4 - HKLM\..\RunOnce: [SpybotDeletingA840] command /c del "C:\WINDOWS\system32\dpcproxy.exe"
    O4 - HKLM\..\RunOnce: [SpybotDeletingC5879] cmd /c del "C:\WINDOWS\system32\dpcproxy.exe"
    O4 - HKLM\..\RunOnce: [SpybotDeletingA4276] command /c del "C:\WINDOWS\system32\emesx.dll"
    O4 - HKLM\..\RunOnce: [SpybotDeletingC8170] cmd /c del "C:\WINDOWS\system32\emesx.dll"
    O4 - HKLM\..\RunOnce: [SpybotDeletingA433] command /c del "C:\WINDOWS\system32\hoproxy.dll"
    O4 - HKLM\..\RunOnce: [SpybotDeletingC5603] cmd /c del "C:\WINDOWS\system32\hoproxy.dll"
    O4 - HKLM\..\RunOnce: [SpybotDeletingA200] command /c del "C:\WINDOWS\system32\hxiwlgpm.dat"
    O4 - HKLM\..\RunOnce: [SpybotDeletingC1499] cmd /c del "C:\WINDOWS\system32\hxiwlgpm.dat"
    O4 - HKLM\..\RunOnce: [SpybotDeletingA557] command /c del "C:\WINDOWS\system32\hxiwlgpm.exe"
    O4 - HKLM\..\RunOnce: [SpybotDeletingC3729] cmd /c del "C:\WINDOWS\system32\hxiwlgpm.exe"
    O4 - HKLM\..\RunOnce: [SpybotDeletingA9600] command /c del "C:\WINDOWS\system32\medup012.dll"
    O4 - HKLM\..\RunOnce: [SpybotDeletingC5569] cmd /c del "C:\WINDOWS\system32\medup012.dll"
    O4 - HKLM\..\RunOnce: [SpybotDeletingA776] command /c del "C:\WINDOWS\system32\msgp.exe"
    O4 - HKLM\..\RunOnce: [SpybotDeletingC6934] cmd /c del "C:\WINDOWS\system32\msgp.exe"
    O4 - HKLM\..\RunOnce: [SpybotDeletingA7831] command /c del "C:\WINDOWS\system32\msnbho.dll"
    O4 - HKLM\..\RunOnce: [SpybotDeletingC5926] cmd /c del "C:\WINDOWS\system32\msnbho.dll"
    O4 - HKLM\..\RunOnce: [SpybotDeletingA2027] command /c del "C:\WINDOWS\system32\mssecu.exe"
    O4 - HKLM\..\RunOnce: [SpybotDeletingC5591] cmd /c del "C:\WINDOWS\system32\mssecu.exe"
    O4 - HKLM\..\RunOnce: [SpybotDeletingA656] command /c del "C:\WINDOWS\system32\msvchost.exe"
    O4 - HKLM\..\RunOnce: [SpybotDeletingC2127] cmd /c del "C:\WINDOWS\system32\msvchost.exe"
    O4 - HKLM\..\RunOnce: [SpybotDeletingA5486] command /c del "C:\WINDOWS\system32\mtr2.exe"
    O4 - HKLM\..\RunOnce: [SpybotDeletingC7525] cmd /c del "C:\WINDOWS\system32\mtr2.exe"
    O4 - HKLM\..\RunOnce: [SpybotDeletingA7882] command /c del "C:\WINDOWS\system32\mwin32.exe"
    O4 - HKLM\..\RunOnce: [SpybotDeletingC7915] cmd /c del "C:\WINDOWS\system32\mwin32.exe"
    O4 - HKLM\..\RunOnce: [SpybotDeletingA44] command /c del "C:\WINDOWS\system32\netode.exe"
    O4 - HKLM\..\RunOnce: [SpybotDeletingC1143] cmd /c del "C:\WINDOWS\system32\netode.exe"
    O4 - HKLM\..\RunOnce: [SpybotDeletingA113] command /c del "C:\WINDOWS\system32\newsd32.exe"
    O4 - HKLM\..\RunOnce: [SpybotDeletingC2944] cmd /c del "C:\WINDOWS\system32\newsd32.exe"
    O4 - HKLM\..\RunOnce: [SpybotDeletingA567] command /c del "C:\WINDOWS\system32\ps1.exe"
    O4 - HKLM\..\RunOnce: [SpybotDeletingC4256] cmd /c del "C:\WINDOWS\system32\ps1.exe"
    O4 - HKLM\..\RunOnce: [SpybotDeletingA4624] command /c del "C:\WINDOWS\system32\psof1.exe"
    O4 - HKLM\..\RunOnce: [SpybotDeletingC9082] cmd /c del "C:\WINDOWS\system32\psof1.exe"
    O4 - HKLM\..\RunOnce: [SpybotDeletingA8213] command /c del "C:\WINDOWS\system32\psoft1.exe"
    O4 - HKLM\..\RunOnce: [SpybotDeletingC4] cmd /c del "C:\WINDOWS\system32\psoft1.exe"
    O4 - HKLM\..\RunOnce: [SpybotDeletingA2153] command /c del "C:\WINDOWS\system32\regc64.dll"
    O4 - HKLM\..\RunOnce: [SpybotDeletingC5144] cmd /c del "C:\WINDOWS\system32\regc64.dll"
    O4 - HKLM\..\RunOnce: [SpybotDeletingA3610] command /c del "C:\WINDOWS\system32\regm64.dll"
    O4 - HKLM\..\RunOnce: [SpybotDeletingC2528] cmd /c del "C:\WINDOWS\system32\regm64.dll"
    O4 - HKLM\..\RunOnce: [SpybotDeletingA3642] command /c del "C:\WINDOWS\system32\Rundl1.exe"
    O4 - HKLM\..\RunOnce: [SpybotDeletingC7241] cmd /c del "C:\WINDOWS\system32\Rundl1.exe"
    O4 - HKLM\..\RunOnce: [SpybotDeletingA6491] command /c del "C:\WINDOWS\system32\sncntr.exe"
    O4 - HKLM\..\RunOnce: [SpybotDeletingC3309] cmd /c del "C:\WINDOWS\system32\sncntr.exe"
    O4 - HKLM\..\RunOnce: [SpybotDeletingA2012] command /c del "C:\WINDOWS\system32\ssurf022.dll"
    O4 - HKLM\..\RunOnce: [SpybotDeletingC4714] cmd /c del "C:\WINDOWS\system32\ssurf022.dll"
    O4 - HKLM\..\RunOnce: [SpybotDeletingA5228] command /c del "C:\WINDOWS\system32\ssvchost.com"
    O4 - HKLM\..\RunOnce: [SpybotDeletingC3635] cmd /c del "C:\WINDOWS\system32\ssvchost.com"
    O4 - HKLM\..\RunOnce: [SpybotDeletingA6982] command /c del "C:\WINDOWS\system32\ssvchost.exe"
    O4 - HKLM\..\RunOnce: [SpybotDeletingC8909] cmd /c del "C:\WINDOWS\system32\ssvchost.exe"
    O4 - HKLM\..\RunOnce: [SpybotDeletingA2680] command /c del "C:\WINDOWS\system32\sysreq.exe"
    O4 - HKLM\..\RunOnce: [SpybotDeletingC5710] cmd /c del "C:\WINDOWS\system32\sysreq.exe"
    O4 - HKLM\..\RunOnce: [SpybotDeletingA3549] command /c del "C:\WINDOWS\system32\taack.dat"
    O4 - HKLM\..\RunOnce: [SpybotDeletingC4779] cmd /c del "C:\WINDOWS\system32\taack.dat"
    O4 - HKLM\..\RunOnce: [SpybotDeletingA7712] command /c del "C:\WINDOWS\system32\taack.exe"
    O4 - HKLM\..\RunOnce: [SpybotDeletingC817] cmd /c del "C:\WINDOWS\system32\taack.exe"
    O4 - HKLM\..\RunOnce: [SpybotDeletingA3688] command /c del "C:\WINDOWS\system32\temp#01.exe"
    O4 - HKLM\..\RunOnce: [SpybotDeletingC7656] cmd /c del "C:\WINDOWS\system32\temp#01.exe"
    O4 - HKLM\..\RunOnce: [SpybotDeletingA506] command /c del "C:\WINDOWS\system32\thun.dll"
    O4 - HKLM\..\RunOnce: [SpybotDeletingC7220] cmd /c del "C:\WINDOWS\system32\thun.dll"
    O4 - HKLM\..\RunOnce: [SpybotDeletingA2742] command /c del "C:\WINDOWS\system32\thun32.dll"
    O4 - HKLM\..\RunOnce: [SpybotDeletingC2467] cmd /c del "C:\WINDOWS\system32\thun32.dll"
    O4 - HKLM\..\RunOnce: [SpybotDeletingA1376] command /c del "C:\WINDOWS\system32\VBIEWER.OCX"
    O4 - HKLM\..\RunOnce: [SpybotDeletingC3781] cmd /c del "C:\WINDOWS\system32\VBIEWER.OCX"
    O4 - HKLM\..\RunOnce: [SpybotDeletingA2032] command /c del "C:\WINDOWS\system32\vbsys2.dll"
    O4 - HKLM\..\RunOnce: [SpybotDeletingC2457] cmd /c del "C:\WINDOWS\system32\vbsys2.dll"
    O4 - HKLM\..\RunOnce: [SpybotDeletingA3105] command /c del "C:\WINDOWS\system32\vcatchpi.dll"
    O4 - HKLM\..\RunOnce: [SpybotDeletingC2781] cmd /c del "C:\WINDOWS\system32\vcatchpi.dll"
    O4 - HKLM\..\RunOnce: [SpybotDeletingA8063] command /c del "C:\WINDOWS\system32\winlogonpc.exe"
    O4 - HKLM\..\RunOnce: [SpybotDeletingC175] cmd /c del "C:\WINDOWS\system32\winlogonpc.exe"
    O4 - HKLM\..\RunOnce: [SpybotDeletingA321] command /c del "C:\WINDOWS\system32\winsystem.exe"
    O4 - HKLM\..\RunOnce: [SpybotDeletingC7339] cmd /c del "C:\WINDOWS\system32\winsystem.exe"
    O4 - HKLM\..\RunOnce: [SpybotDeletingA4400] command /c del "C:\WINDOWS\system32\WINWGPX.EXE"
    O4 - HKLM\..\RunOnce: [SpybotDeletingC5400] cmd /c del "C:\WINDOWS\system32\WINWGPX.EXE"
    O4 - HKLM\..\RunOnce: [SpybotDeletingA4845] command /c del "C:\WINDOWS\a.bat"
    O4 - HKLM\..\RunOnce: [SpybotDeletingC9080] cmd /c del "C:\WINDOWS\a.bat"
    O4 - HKLM\..\RunOnce: [SpybotDeletingA3484] command /c del "C:\WINDOWS\base64.tmp"
    O4 - HKLM\..\RunOnce: [SpybotDeletingC9901] cmd /c del "C:\WINDOWS\base64.tmp"
    O4 - HKLM\..\RunOnce: [SpybotDeletingA4963] command /c del "C:\WINDOWS\bdn.com"
    O4 - HKLM\..\RunOnce: [SpybotDeletingC6505] cmd /c del "C:\WINDOWS\bdn.com"
    O4 - HKLM\..\RunOnce: [SpybotDeletingA7274] command /c del "C:\WINDOWS\FVProtect.exe"
    O4 - HKLM\..\RunOnce: [SpybotDeletingC5443] cmd /c del "C:\WINDOWS\FVProtect.exe"
    O4 - HKLM\..\RunOnce: [SpybotDeletingA8153] command /c del "C:\WINDOWS\mssecu.exe"
    O4 - HKLM\..\RunOnce: [SpybotDeletingC9757] cmd /c del "C:\WINDOWS\mssecu.exe"
    O4 - HKLM\..\RunOnce: [SpybotDeletingA8501] command /c del "C:\WINDOWS\userconfig9x.dll"
    O4 - HKLM\..\RunOnce: [SpybotDeletingC1051] cmd /c del "C:\WINDOWS\userconfig9x.dll"
    O4 - HKLM\..\RunOnce: [SpybotDeletingA6170] command /c del "C:\WINDOWS\zip1.tmp"
    O4 - HKLM\..\RunOnce: [SpybotDeletingC6372] cmd /c del "C:\WINDOWS\zip1.tmp"
    O4 - HKLM\..\RunOnce: [SpybotDeletingA6336] command /c del "C:\WINDOWS\zip2.tmp"
    O4 - HKLM\..\RunOnce: [SpybotDeletingC6357] cmd /c del "C:\WINDOWS\zip2.tmp"
    O4 - HKLM\..\RunOnce: [SpybotDeletingA7652] command /c del "C:\WINDOWS\zip3.tmp"
    O4 - HKLM\..\RunOnce: [SpybotDeletingC5491] cmd /c del "C:\WINDOWS\zip3.tmp"
    O4 - HKLM\..\RunOnce: [SpybotDeletingA299] command /c del "C:\WINDOWS\zipped.tmp"
    O4 - HKLM\..\RunOnce: [SpybotDeletingC1020] cmd /c del "C:\WINDOWS\zipped.tmp"
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
    O4 - HKCU\..\Run: [Configuration de la C-BOX] C:\Program Files\Cegetel\C-BOX\Wizard\QuickAccess.exe
    O4 - HKCU\..\Run: [Creative Live! Cam Manager] "C:\Program Files\Creative\Creative Live! Cam\Live! Cam Manager\CTLCMgr.exe"
    O4 - HKCU\..\Run: [AnyDVD] C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [BitComet] "C:\Program Files\BitComet\BitComet.exe" /tray
    O4 - HKCU\..\Run: [EPSON Stylus DX4400 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICAE.EXE /FU "C:\WINDOWS\TEMP\E_S24A.tmp" /EF "HKCU"
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    O4 - HKCU\..\Run: [apicfgwin] C:\WINDOWS\system32\petapkxm.exe
    O4 - HKCU\..\RunOnce: [SpybotDeletingB5206] command /c del "C:\WINDOWS\system32\smp\msrc.exe"
    O4 - HKCU\..\RunOnce: [SpybotDeletingD8864] cmd /c del "C:\WINDOWS\system32\smp\msrc.exe"
    O4 - HKCU\..\RunOnce: [SpybotDeletingB6590] command /c del "C:\WINDOWS\iTunesMusic.exe"
    O4 - HKCU\..\RunOnce: [SpybotDeletingD5461] cmd /c del "C:\WINDOWS\iTunesMusic.exe"
    O4 - HKCU\..\RunOnce: [SpybotDeletingB1221] command /c del "C:\WINDOWS\winsystem.exe"
    O4 - HKCU\..\RunOnce: [SpybotDeletingD7062] cmd /c del "C:\WINDOWS\winsystem.exe"
    O4 - HKCU\..\RunOnce: [SpybotDeletingB1479] command /c del "C:\WINDOWS\system32\akttzn.exe"
    O4 - HKCU\..\RunOnce: [SpybotDeletingD2271] cmd /c del "C:\WINDOWS\system32\akttzn.exe"
    O4 - HKCU\..\RunOnce: [SpybotDeletingB9778] command /c del "C:\WINDOWS\system32\anticipator.dll"
    O4 - HKCU\..\RunOnce: [SpybotDeletingD4464] cmd /c del "C:\WINDOWS\system32\anticipator.dll"
    O4 - HKCU\..\RunOnce: [SpybotDeletingB5689] command /c del "C:\WINDOWS\system32\awtoolb.dll"
    O4 - HKCU\..\RunOnce: [SpybotDeletingD1669] cmd /c del "C:\WINDOWS\system32\awtoolb.dll"
    O4 - HKCU\..\RunOnce: [SpybotDeletingB866] command /c del "C:\WINDOWS\FVProtect.exe"
    O4 - HKCU\..\RunOnce: [SpybotDeletingD7972] cmd /c del "C:\WINDOWS\system32\bdn.com"
    O4 - HKCU\..\RunOnce: [SpybotDeletingB5803] command /c del "C:\WINDOWS\system32\bsva-egihsg52.exe"
    O4 - HKCU\..\RunOnce: [SpybotDeletingD6418] cmd /c del "C:\WINDOWS\system32\bsva-egihsg52.exe"
    O4 - HKCU\..\RunOnce: [SpybotDeletingB2293] command /c del "C:\WINDOWS\system32\dpcproxy.exe"
    O4 - HKCU\..\RunOnce: [SpybotDeletingD169] cmd /c del "C:\WINDOWS\system32\dpcproxy.exe"
    O4 - HKCU\..\RunOnce: [SpybotDeletingB4436] command /c del "C:\WINDOWS\system32\emesx.dll"
    O4 - HKCU\..\RunOnce: [SpybotDeletingD715] cmd /c del "C:\WINDOWS\system32\emesx.dll"
    O4 - HKCU\..\RunOnce: [SpybotDeletingB2032] command /c del "C:\WINDOWS\system32\hoproxy.dll"
    O4 - HKCU\..\RunOnce: [SpybotDeletingD7132] cmd /c del "C:\WINDOWS\system32\hoproxy.dll"
    O4 - HKCU\..\RunOnce: [SpybotDeletingB7078] command /c del "C:\WINDOWS\system32\hxiwlgpm.dat"
    O4 - HKCU\..\RunOnce: [SpybotDeletingD554] cmd /c del "C:\WINDOWS\system32\hxiwlgpm.dat"
    O4 - HKCU\..\RunOnce: [SpybotDeletingB4828] command /c del "C:\WINDOWS\system32\hxiwlgpm.exe"
    O4 - HKCU\..\RunOnce: [SpybotDeletingD9868] cmd /c del "C:\WINDOWS\system32\hxiwlgpm.exe"
    O4 - HKCU\..\RunOnce: [SpybotDeletingB5978] command /c del "C:\WINDOWS\system32\medup012.dll"
    O4 - HKCU\..\RunOnce: [SpybotDeletingD4125] cmd /c del "C:\WINDOWS\system32\medup012.dll"
    O4 - HKCU\..\RunOnce: [SpybotDeletingB3098] command /c del "C:\WINDOWS\system32\msgp.exe"
    O4 - HKCU\..\RunOnce: [SpybotDeletingD79] cmd /c del "C:\WINDOWS\system32\msgp.exe"
    O4 - HKCU\..\RunOnce: [SpybotDeletingB4288] command /c del "C:\WINDOWS\system32\msnbho.dll"
    O4 - HKCU\..\RunOnce: [SpybotDeletingD7599] cmd /c del "C:\WINDOWS\system32\msnbho.dll"
    O4 - HKCU\..\RunOnce: [SpybotDeletingB5727] command /c del "C:\WINDOWS\system32\mssecu.exe"
    O4 - HKCU\..\RunOnce: [SpybotDeletingD1609] cmd /c del "C:\WINDOWS\system32\mssecu.exe"
    O4 - HKCU\..\RunOnce: [SpybotDeletingB7955] command /c del "C:\WINDOWS\system32\msvchost.exe"
    O4 - HKCU\..\RunOnce: [SpybotDeletingD1155] cmd /c del "C:\WINDOWS\system32\msvchost.exe"
    O4 - HKCU\..\RunOnce: [SpybotDeletingB6618] command /c del "C:\WINDOWS\system32\mtr2.exe"
    O4 - HKCU\..\RunOnce: [SpybotDeletingD3780] cmd /c del "C:\WINDOWS\system32\mtr2.exe"
    O4 - HKCU\..\RunOnce: [SpybotDeletingB4105] command /c del "C:\WINDOWS\system32\mwin32.exe"
    O4 - HKCU\..\RunOnce: [SpybotDeletingD5028] cmd /c del "C:\WINDOWS\system32\mwin32.exe"
    O4 - HKCU\..\RunOnce: [SpybotDeletingB7947] command /c del "C:\WINDOWS\system32\netode.exe"
    O4 - HKCU\..\RunOnce: [SpybotDeletingD3095] cmd /c del "C:\WINDOWS\system32\netode.exe"
    O4 - HKCU\..\RunOnce: [SpybotDeletingB5725] command /c del "C:\WINDOWS\system32\newsd32.exe"
    O4 - HKCU\..\RunOnce: [SpybotDeletingD5360] cmd /c del "C:\WINDOWS\system32\newsd32.exe"
    O4 - HKCU\..\RunOnce: [SpybotDeletingB5398] command /c del "C:\WINDOWS\system32\ps1.exe"
    O4 - HKCU\..\RunOnce: [SpybotDeletingD6288] cmd /c del "C:\WINDOWS\system32\ps1.exe"
    O4 - HKCU\..\RunOnce: [SpybotDeletingB4153] command /c del "C:\WINDOWS\system32\psof1.exe"
    O4 - HKCU\..\RunOnce: [SpybotDeletingD6675] cmd /c del "C:\WINDOWS\system32\psof1.exe"
    O4 - HKCU\..\RunOnce: [SpybotDeletingB3143] command /c del "C:\WINDOWS\system32\psoft1.exe"
    O4 - HKCU\..\RunOnce: [SpybotDeletingD9862] cmd /c del "C:\WINDOWS\system32\psoft1.exe"
    O4 - HKCU\..\RunOnce: [SpybotDeletingB662] command /c del "C:\WINDOWS\system32\regc64.dll"
    O4 - HKCU\..\RunOnce: [SpybotDeletingD3084] cmd /c del "C:\WINDOWS\system32\regc64.dll"
    O4 - HKCU\..\RunOnce: [SpybotDeletingB6585] command /c del "C:\WINDOWS\system32\regm64.dll"
    O4 - HKCU\..\RunOnce: [SpybotDeletingD9175] cmd /c del "C:\WINDOWS\system32\regm64.dll"
    O4 - HKCU\..\RunOnce: [SpybotDeletingB3373] command /c del "C:\WINDOWS\system32\Rundl1.exe"
    O4 - HKCU\..\RunOnce: [SpybotDeletingD9822] cmd /c del "C:\WINDOWS\system32\Rundl1.exe"
    O4 - HKCU\..\RunOnce: [SpybotDeletingB1837] command /c del "C:\WINDOWS\system32\sncntr.exe"
    O4 - HKCU\..\RunOnce: [SpybotDeletingD4691] cmd /c del "C:\WINDOWS\system32\sncntr.exe"
    O4 - HKCU\..\RunOnce: [SpybotDeletingB6515] command /c del "C:\WINDOWS\system32\ssurf022.dll"
    O4 - HKCU\..\RunOnce: [SpybotDeletingD9935] cmd /c del "C:\WINDOWS\system32\ssurf022.dll"
    O4 - HKCU\..\RunOnce: [SpybotDeletingB9175] command /c del "C:\WINDOWS\system32\ssvchost.com"
    O4 - HKCU\..\RunOnce: [SpybotDeletingD6319] cmd /c del "C:\WINDOWS\system32\ssvchost.com"
    O4 - HKCU\..\RunOnce: [SpybotDeletingB6447] command /c del "C:\WINDOWS\system32\ssvchost.exe"
    O4 - HKCU\..\RunOnce: [SpybotDeletingD6844] cmd /c del "C:\WINDOWS\system32\ssvchost.exe"
    O4 - HKCU\..\RunOnce: [SpybotDeletingB2535] command /c del "C:\WINDOWS\system32\sysreq.exe"
    O4 - HKCU\..\RunOnce: [SpybotDeletingD6963] cmd /c del "C:\WINDOWS\system32\sysreq.exe"
    O4 - HKCU\..\RunOnce: [SpybotDeletingB9300] command /c del "C:\WINDOWS\system32\taack.dat"
    O4 - HKCU\..\RunOnce: [SpybotDeletingD6702] cmd /c del "C:\WINDOWS\system32\taack.dat"
    O4 - HKCU\..\RunOnce: [SpybotDeletingB6837] command /c del "C:\WINDOWS\system32\taack.exe"
    O4 - HKCU\..\RunOnce: [SpybotDeletingD7467] cmd /c del "C:\WINDOWS\system32\taack.exe"
    O4 - HKCU\..\RunOnce: [SpybotDeletingB987] command /c del "C:\WINDOWS\system32\temp#01.exe"
    O4 - HKCU\..\RunOnce: [SpybotDeletingD8253] cmd /c del "C:\WINDOWS\system32\temp#01.exe"
    O4 - HKCU\..\RunOnce: [SpybotDeletingB7029] command /c del "C:\WINDOWS\system32\thun.dll"
    O4 - HKCU\..\RunOnce: [SpybotDeletingD835] cmd /c del "C:\WINDOWS\system32\thun.dll"
    O4 - HKCU\..\RunOnce: [SpybotDeletingB375] command /c del "C:\WINDOWS\system32\thun32.dll"
    O4 - HKCU\..\RunOnce: [SpybotDeletingD597] cmd /c del "C:\WINDOWS\system32\thun32.dll"
    O4 - HKCU\..\RunOnce: [SpybotDeletingB7111] command /c del "C:\WINDOWS\system32\VBIEWER.OCX"
    O4 - HKCU\..\RunOnce: [SpybotDeletingD1738] cmd /c del "C:\WINDOWS\system32\VBIEWER.OCX"
    O4 - HKCU\..\RunOnce: [SpybotDeletingB6955] command /c del "C:\WINDOWS\system32\vbsys2.dll"
    O4 - HKCU\..\RunOnce: [SpybotDeletingD5660] cmd /c del "C:\WINDOWS\system32\vbsys2.dll"
    O4 - HKCU\..\RunOnce: [SpybotDeletingB9154] command /c del "C:\WINDOWS\system32\vcatchpi.dll"
    O4 - HKCU\..\RunOnce: [SpybotDeletingD7187] cmd /c del "C:\WINDOWS\system32\vcatchpi.dll"
    O4 - HKCU\..\RunOnce: [SpybotDeletingB420] command /c del "C:\WINDOWS\system32\winlogonpc.exe"
    O4 - HKCU\..\RunOnce: [SpybotDeletingD2953] cmd /c del "C:\WINDOWS\system32\winlogonpc.exe"
    O4 - HKCU\..\RunOnce: [SpybotDeletingB8337] command /c del "C:\WINDOWS\system32\winsystem.exe"
    O4 - HKCU\..\RunOnce: [SpybotDeletingD6356] cmd /c del "C:\WINDOWS\system32\winsystem.exe"
    O4 - HKCU\..\RunOnce: [SpybotDeletingB9084] command /c del "C:\WINDOWS\system32\WINWGPX.EXE"
    O4 - HKCU\..\RunOnce: [SpybotDeletingD3606] cmd /c del "C:\WINDOWS\system32\WINWGPX.EXE"
    O4 - HKCU\..\RunOnce: [SpybotDeletingB7683] command /c del "C:\WINDOWS\a.bat"
    O4 - HKCU\..\RunOnce: [SpybotDeletingD7069] cmd /c del "C:\WINDOWS\a.bat"
    O4 - HKCU\..\RunOnce: [SpybotDeletingB9246] command /c del "C:\WINDOWS\base64.tmp"
    O4 - HKCU\..\RunOnce: [SpybotDeletingD6922] cmd /c del "C:\WINDOWS\base64.tmp"
    O4 - HKCU\..\RunOnce: [SpybotDeletingB65] command /c del "C:\WINDOWS\bdn.com"
    O4 - HKCU\..\RunOnce: [SpybotDeletingD4477] cmd /c del "C:\WINDOWS\bdn.com"
    O4 - HKCU\..\RunOnce: [SpybotDeletingD7447] cmd /c del "C:\WINDOWS\FVProtect.exe"
    O4 - HKCU\..\RunOnce: [SpybotDeletingB1694] command /c del "C:\WINDOWS\mssecu.exe"
    O4 - HKCU\..\RunOnce: [SpybotDeletingD7289] cmd /c del "C:\WINDOWS\mssecu.exe"
    O4 - HKCU\..\RunOnce: [SpybotDeletingB8172] command /c del "C:\WINDOWS\userconfig9x.dll"
    O4 - HKCU\..\RunOnce: [SpybotDeletingD4456] cmd /c del "C:\WINDOWS\userconfig9x.dll"
    O4 - HKCU\..\RunOnce: [SpybotDeletingB5020] command /c del "C:\WINDOWS\zip1.tmp"
    O4 - HKCU\..\RunOnce: [SpybotDeletingD6787] cmd /c del "C:\WINDOWS\zip1.tmp"
    O4 - HKCU\..\RunOnce: [SpybotDeletingB4829] command /c del "C:\WINDOWS\zip2.tmp"
    O4 - HKCU\..\RunOnce: [SpybotDeletingD6606] cmd /c del "C:\WINDOWS\zip2.tmp"
    O4 - HKCU\..\RunOnce: [SpybotDeletingB5169] command /c del "C:\WINDOWS\zip3.tmp"
    O4 - HKCU\..\RunOnce: [SpybotDeletingD5179] cmd /c del "C:\WINDOWS\zip3.tmp"
    O4 - HKCU\..\RunOnce: [SpybotDeletingB1422] command /c del "C:\WINDOWS\zipped.tmp"
    O4 - HKCU\..\RunOnce: [SpybotDeletingD9978] cmd /c del "C:\WINDOWS\zipped.tmp"
    O4 - HKLM\..\Policies\Explorer\Run: [kPv5ZlRg3F] C:\Documents and Settings\All Users\Application Data\bqbodyxo\rufqxmje.exe
    O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Global Startup: Assistant d'Acrobat.lnk = C:\Program Files\Adobe\Adobe Acrobat 6.0\Distillr\acrotray.exe
    O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
    O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
    O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: BitComet Search - {461CC20B-FB6E-4f16-8FE8-C29359DB100E} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.8.30.dll
    O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
    O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
    O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} (Performance Viewer Activex Control) - https://secure.logmein.com/activex/RACtrl.cab
    O17 - HKLM\System\CCS\Services\Tcpip\..\{59B8D619-0CD9-41D8-8364-6B2BAB9BF950}: NameServer = 213.30.96.108,213.203.124.146
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
    O21 - SSODL: infoen - {08AA84D9-CBF4-F2DD-3E1A-01F02C470590} - C:\Program Files\dhahmac\infoen.dll
    O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Program Files\x86\RaMaint.exe
    O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Program Files\x86\LogMeIn.exe
    O23 - Service: Trend Micro Central Control Component (PcCtlCom) - Trend Micro Incorporated. - C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe
    O23 - Service: Trend Micro Real-time Service (Tmntsrv) - Trend Micro Incorporated. - C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe
    O23 - Service: Trend Micro Personal Firewall (TmPfw) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
    O23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe
    O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Program Files\Windows Live\installer\WLSetupSvc.exe

    --
    End of file - 28322 bytes
    Contenus similaires
    9 Octobre 2008 19:24:10

    Re,

    Télécharge MalwareByte's Anti-Malware sur ton Bureau.
    Installe-le en double-cliquant sur le fichier Download_mbam-setup.exe.

    Une fois l'installation et la mise à jour effectuées, redémarre en mode sans échec.
    AIDE : Redémarrer en mode sans échec

  • Exécute maintenant MalwareByte's Anti-Malware. Si cela n'est pas déjà fait, sélectionne "Exécuter un examen complet".
  • Afin de lancer la recherche, clic sur"Rechercher".
  • Une fois le scan terminé, une fenêtre s'ouvre, clic sur OK. Deux possibilités s'offrent à toi :
    -- si le programme n'a rien trouvé, appuie sur OK. Un rapport va apparaître, ferme-le.
    -- si des infections sont présentes, clic sur "Afficher les résultats" puis sur "Supprimer la sélection". Enregistre le rapport sur ton Bureau afin de le poster dans ta prochaine réponse.
    [#ff0000]REMARQUE : Si MalwareByte's Anti-Malware a besoin de redémarrer pour terminer la suppression, accepte en cliquant sur Ok.[/#f]

    AIDE : Tuto en images sur MBAM

    ;) 
    10 Octobre 2008 10:01:37

    Bonjour,

    j'ai executé Malwarebyte's Anti-Malware et voici le rapport :


    Malwarebytes' Anti-Malware 1.28
    Database version: 1248
    Windows 5.1.2600 Service Pack 2

    09/10/2008 23:54:10
    mbam-log-2008-10-09 (23-54-10).txt

    Scan type: Full Scan (C:\|D:\|)
    Objects scanned: 131335
    Time elapsed: 1 hour(s), 14 minute(s), 21 second(s)

    Memory Processes Infected: 0
    Memory Modules Infected: 0
    Registry Keys Infected: 3
    Registry Values Infected: 4
    Registry Data Items Infected: 0
    Folders Infected: 5
    Files Infected: 20

    Memory Processes Infected:
    (No malicious items detected)

    Memory Modules Infected:
    (No malicious items detected)

    Registry Keys Infected:
    HKEY_CLASSES_ROOT\CLSID\{08AA84D9-CBF4-F2DD-3E1A-01F02C470590} (Trojan.FakeAlert.H) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\xp_antispyware (Rogue.XPAntiSpyware) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\XP_Antispyware (Rogue.XPAntiSpyware) -> Quarantined and deleted successfully.

    Registry Values Infected:
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\infoen (Trojan.FakeAlert.H) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\brastk (Trojan.FakeAlert.H) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\kpv5zlrg3f (Trojan.FakeAlert.H) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\xp antispyware 2009 (Rogue.XPAntiSpyware) -> Quarantined and deleted successfully.

    Registry Data Items Infected:
    (No malicious items detected)

    Folders Infected:
    C:\Program Files\XP_AntiSpyware (Rogue.XPAntiSpyware) -> Quarantined and deleted successfully.
    C:\Program Files\XP_AntiSpyware\data (Rogue.XPAntiSpyware) -> Quarantined and deleted successfully.
    C:\Program Files\XP_AntiSpyware\Microsoft.VC80.CRT (Rogue.XPAntiSpyware) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Moi Même\Application Data\DriveCleaner 2006 Free (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Moi Même\Application Data\DriveCleaner 2006 Free\Logs (Rogue.DriveCleaner) -> Quarantined and deleted successfully.

    Files Infected:
    C:\Program Files\dhahmac\infoen.dll (Trojan.FakeAlert.H) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\brastk.exe (Trojan.FakeAlert.H) -> Quarantined and deleted successfully.
    C:\Documents and Settings\All Users\Application Data\bqbodyxo\rufqxmje.exe (Trojan.FakeAlert.H) -> Quarantined and deleted successfully.
    C:\Program Files\XP_AntiSpyware\comp.dat (Rogue.XPAntiSpyware) -> Quarantined and deleted successfully.
    C:\Program Files\XP_AntiSpyware\htmlayout.dll (Rogue.XPAntiSpyware) -> Quarantined and deleted successfully.
    C:\Program Files\XP_AntiSpyware\pthreadVC2.dll (Rogue.XPAntiSpyware) -> Quarantined and deleted successfully.
    C:\Program Files\XP_AntiSpyware\Uninstall.exe (Rogue.XPAntiSpyware) -> Quarantined and deleted successfully.
    C:\Program Files\XP_AntiSpyware\wscui.cpl (Rogue.XPAntiSpyware) -> Quarantined and deleted successfully.
    C:\Program Files\XP_AntiSpyware\XP_AntiSpyware.exe (Rogue.XPAntiSpyware) -> Quarantined and deleted successfully.
    C:\Program Files\XP_AntiSpyware\data\daily.cvd (Rogue.XPAntiSpyware) -> Quarantined and deleted successfully.
    C:\Program Files\XP_AntiSpyware\Microsoft.VC80.CRT\Microsoft.VC80.CRT.manifest (Rogue.XPAntiSpyware) -> Quarantined and deleted successfully.
    C:\Program Files\XP_AntiSpyware\Microsoft.VC80.CRT\msvcm80.dll (Rogue.XPAntiSpyware) -> Quarantined and deleted successfully.
    C:\Program Files\XP_AntiSpyware\Microsoft.VC80.CRT\msvcp80.dll (Rogue.XPAntiSpyware) -> Quarantined and deleted successfully.
    C:\Program Files\XP_AntiSpyware\Microsoft.VC80.CRT\msvcr80.dll (Rogue.XPAntiSpyware) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Moi Même\Application Data\DriveCleaner 2006 Free\Logs\update.log (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Moi Même\Application Data\Microsoft\Internet Explorer\Quick Launch\XP_AntiSpyware.lnk (Rogue.XPAntiSpyware) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\_scui.cpl (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Moi Même\Bureau\XP_AntiSpyware.lnk (Rogue.XPAntiSpyware) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Moi Même\delself.bat (Malware.Trace) -> Quarantined and deleted successfully.
    C:\Program Files\services.sma (Heuristics.Reserved.Word.Exploit) -> Quarantined and deleted successfully.
    10 Octobre 2008 10:07:47

    J'ai également fait des recherche sur le site malekal.com hier soir concernant les rogues et j'ai executé SmitFraudFix.exe qui m'a généré deux rapports (1 avant correction et 1 après), les voici :

    (ces deux rapports sont sur le même post.



    RAPPORT AVANT CORRECTION

    SmitFraudFix v2.357

    Rapport fait à 9:15:41,48, 10/10/2008
    Executé à partir de C:\Documents and Settings\Moi Mˆme\Bureau\SmitfraudFix
    OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
    Le type du système de fichiers est NTFS
    Fix executé en mode sans echec

    »»»»»»»»»»»»»»»»»»»»»»»» Process

    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\cmd.exe

    »»»»»»»»»»»»»»»»»»»»»»»» hosts

    Fichier hosts corrompu !

    127.0.0.1 www.legal-at-spybot.info
    127.0.0.1 legal-at-spybot.info

    »»»»»»»»»»»»»»»»»»»»»»»» C:\


    »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS


    »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system


    »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web


    »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32


    »»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Administrateur


    »»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Administrateur\Application Data


    »»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer


    »»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\ADMINI~1\Favoris


    »»»»»»»»»»»»»»»»»»»»»»»» Bureau


    »»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files


    »»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues


    »»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau



    »»»»»»»»»»»»»»»»»»»»»»»» o4Patch
    !!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

    o4Patch
    Credits: Malware Analysis & Diagnostic
    Code: S!Ri



    »»»»»»»»»»»»»»»»»»»»»»»» IEDFix
    !!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

    IEDFix
    Credits: Malware Analysis & Diagnostic
    Code: S!Ri



    »»»»»»»»»»»»»»»»»»»»»»»» VACFix
    !!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

    VACFix
    Credits: Malware Analysis & Diagnostic
    Code: S!Ri


    »»»»»»»»»»»»»»»»»»»»»»»» 404Fix
    !!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

    404Fix
    Credits: Malware Analysis & Diagnostic
    Code: S!Ri


    »»»»»»»»»»»»»»»»»»»»»»»» AntiXPVSTFix
    !!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

    AntiXPVSTFix
    Credits: Malware Analysis & Diagnostic
    Code: S!Ri



    »»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
    !!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

    SrchSTS.exe by S!Ri
    Search SharedTaskScheduler's .dll


    »»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs
    !!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
    "AppInit_DLLs"=""


    »»»»»»»»»»»»»»»»»»»»»»»» Winlogon
    !!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
    "Userinit"="C:\\WINDOWS\\system32\\userinit.exe,"
    "System"=""


    »»»»»»»»»»»»»»»»»»»»»»»» RK



    »»»»»»»»»»»»»»»»»»»»»»»» DNS

    HKLM\SYSTEM\CCS\Services\Tcpip\..\{59B8D619-0CD9-41D8-8364-6B2BAB9BF950}: NameServer=213.30.96.108,213.203.124.146
    HKLM\SYSTEM\CS1\Services\Tcpip\..\{59B8D619-0CD9-41D8-8364-6B2BAB9BF950}: NameServer=213.30.96.108,213.203.124.146
    HKLM\SYSTEM\CS3\Services\Tcpip\..\{59B8D619-0CD9-41D8-8364-6B2BAB9BF950}: NameServer=213.30.96.108,213.203.124.146


    »»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll


    »»»»»»»»»»»»»»»»»»»»»»»» Fin



    RAPPORT APRES CORRECTION

    SmitFraudFix v2.357

    Rapport fait à 9:19:12,12, 10/10/2008
    Executé à partir de C:\Documents and Settings\Moi Mˆme\Bureau\SmitfraudFix
    OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
    Le type du système de fichiers est NTFS
    Fix executé en mode sans echec

    »»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Avant SmitFraudFix
    !!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

    SrchSTS.exe by S!Ri
    Search SharedTaskScheduler's .dll

    »»»»»»»»»»»»»»»»»»»»»»»» Arret des processus


    »»»»»»»»»»»»»»»»»»»»»»»» hosts


    127.0.0.1 localhost
    127.0.0.1 iw2.slysoft.com
    127.0.0.1 h3.slysoft.com
    127.0.0.1 slysoft.com
    127.0.0.1 sb2slysoft.com
    127.0.0.1 ns6.gandi.net
    127.0.0.1 ev1slysoft.com
    127.0.0.1 ev1.slysoft.com
    127.0.0.1 iw2.slysoft.com
    127.0.0.1 reverse.privatedns.com
    127.0.0.1 iw2.slysoft.com
    127.0.0.1 h3.slysoft.com
    127.0.0.1 slysoft.com
    127.0.0.1 sb2slysoft.com
    127.0.0.1 ns6.gandi.net
    127.0.0.1 ev1slysoft.com
    127.0.0.1 ev1.slysoft.com
    127.0.0.1 iw2.slysoft.com
    127.0.0.1 reverse.privatedns.com
    127.0.0.1 www.007guard.com
    127.0.0.1 007guard.com
    127.0.0.1 008i.com
    127.0.0.1 www.008k.com
    127.0.0.1 008k.com
    127.0.0.1 www.00hq.com
    127.0.0.1 00hq.com
    127.0.0.1 010402.com
    127.0.0.1 www.032439.com
    127.0.0.1 032439.com
    127.0.0.1 www.0scan.com
    127.0.0.1 0scan.com
    127.0.0.1 100888290cs.com
    127.0.0.1 www.100888290cs.com
    127.0.0.1 www.100sexlinks.com
    127.0.0.1 100sexlinks.com
    127.0.0.1 10sek.com
    127.0.0.1 www.10sek.com
    127.0.0.1 123topsearch.com
    127.0.0.1 www.123topsearch.com
    127.0.0.1 132.com
    127.0.0.1 www.132.com
    127.0.0.1 www.136136.net
    127.0.0.1 136136.net
    127.0.0.1 163ns.com
    127.0.0.1 www.163ns.com
    127.0.0.1 171203.com
    127.0.0.1 17-plus.com
    127.0.0.1 1800searchonline.com
    127.0.0.1 www.1800searchonline.com
    127.0.0.1 180searchassistant.com
    127.0.0.1 www.180searchassistant.com
    127.0.0.1 www.180solutions.com
    127.0.0.1 180solutions.com
    127.0.0.1 181.365soft.info
    127.0.0.1 www.181.365soft.info
    127.0.0.1 www.1987324.com
    127.0.0.1 1987324.com
    127.0.0.1 1clickpcfix.com
    127.0.0.1 www.1clickpcfix.com
    127.0.0.1 1-domains-registrations.com
    127.0.0.1 www.1-domains-registrations.com
    127.0.0.1 www.1sexparty.com
    127.0.0.1 1sexparty.com
    127.0.0.1 www.1stantivirus.com
    127.0.0.1 1stantivirus.com
    127.0.0.1 www.1stpagehere.com
    127.0.0.1 1stpagehere.com
    127.0.0.1 www.1stsearchportal.com
    127.0.0.1 1stsearchportal.com
    127.0.0.1 2.82211.net
    127.0.0.1 www.2006ooo.com
    127.0.0.1 2006ooo.com
    127.0.0.1 www.2007-download.com
    127.0.0.1 2007-download.com
    127.0.0.1 www.2008-search-destroy.com
    127.0.0.1 2008-search-destroy.com
    127.0.0.1 www.2020search.com
    127.0.0.1 2020search.com
    127.0.0.1 20x2p.com
    127.0.0.1 24.365soft.info
    127.0.0.1 www.24.365soft.info
    127.0.0.1 www.24-7pharmacy.info
    127.0.0.1 24-7pharmacy.info
    127.0.0.1 24-7searching-and-more.com
    127.0.0.1 www.24-7searching-and-more.com
    127.0.0.1 www.24teen.com
    127.0.0.1 24teen.com
    127.0.0.1 2ndpower.com
    127.0.0.1 www.2search.com
    127.0.0.1 2search.com
    127.0.0.1 www.2search.org
    127.0.0.1 2search.org
    127.0.0.1 www.2squared.com
    127.0.0.1 2squared.com
    127.0.0.1 www.3322.org
    127.0.0.1 3322.org
    127.0.0.1 365soft.info
    127.0.0.1 www.36site.com
    127.0.0.1 36site.com
    127.0.0.1 3721.com
    127.0.0.1 39-93.com
    127.0.0.1 www.3bay.it
    127.0.0.1 3bay.it
    127.0.0.1 www.3xclipsonline.com
    127.0.0.1 3xclipsonline.com
    127.0.0.1 www.3xcurves.com
    127.0.0.1 3xcurves.com
    127.0.0.1 www.3xfestival.com
    127.0.0.1 3xfestival.com
    127.0.0.1 3x-festival.com
    127.0.0.1 www.3x-festival.com
    127.0.0.1 3x-galls.com
    127.0.0.1 www.3x-galls.com
    127.0.0.1 www.3xmiracle.com
    127.0.0.1 3xmiracle.com
    127.0.0.1 www.3xmoviesblog.com
    127.0.0.1 3xmoviesblog.com
    127.0.0.1 www.404dns.com
    127.0.0.1 404dns.com
    127.0.0.1 www.4199.com
    127.0.0.1 4199.com
    127.0.0.1 www.4corn.net
    127.0.0.1 4corn.net
    127.0.0.1 www.4ebay.it
    127.0.0.1 4ebay.it
    127.0.0.1 4klm.com
    127.0.0.1 www.4mpg.com
    127.0.0.1 4mpg.com
    127.0.0.1 www.59cn.cn
    127.0.0.1 59cn.cn
    127.0.0.1 www.5starsblog.com
    127.0.0.1 5starsblog.com
    127.0.0.1 www.5zgmu7o20kt5d8yq.com
    127.0.0.1 5zgmu7o20kt5d8yq.com
    127.0.0.1 www.680180.net
    127.0.0.1 680180.net
    127.0.0.1 www.6sek.com
    127.0.0.1 6sek.com
    127.0.0.1 www.70-music.com
    127.0.0.1 70-music.com
    127.0.0.1 www.7322.com
    127.0.0.1 7322.com
    127.0.0.1 www.745970.com
    127.0.0.1 745970.com
    127.0.0.1 75tz.com
    127.0.0.1 www.777search.com
    127.0.0.1 777search.com
    127.0.0.1 www.777top.com
    127.0.0.1 777top.com
    127.0.0.1 www.7939.com
    127.0.0.1 7939.com
    127.0.0.1 www.7search.com
    127.0.0.1 7search.com
    127.0.0.1 80gw6ry3i3x3qbrkwhxhw.032439.com
    127.0.0.1 www.80-music.com
    127.0.0.1 80-music.com
    127.0.0.1 82211.net
    127.0.0.1 8866.org
    127.0.0.1 www.88vcd.com
    127.0.0.1 88vcd.com
    127.0.0.1 www.8ad.com
    127.0.0.1 8ad.com
    127.0.0.1 www.90-music.com
    127.0.0.1 90-music.com
    127.0.0.1 www.9505.com
    127.0.0.1 9505.com
    127.0.0.1 www.971searchbox.com
    127.0.0.1 971searchbox.com
    127.0.0.1 9mmporn.com
    127.0.0.1 a.bestmanage.org
    127.0.0.1 www.aaabesthomepage.com
    127.0.0.1 aaabesthomepage.com
    127.0.0.1 aaasexypics.com
    127.0.0.1 www.aaawebfinder.com
    127.0.0.1 aaawebfinder.com
    127.0.0.1 aaqadarsztriv.com
    127.0.0.1 www.aaqadarsztriv.com
    127.0.0.1 www.aaqada-rsztriv.com
    127.0.0.1 aaqada-rsztriv.com
    127.0.0.1 www.aaqadaueorn.com
    127.0.0.1 aaqadaueorn.com
    127.0.0.1 www.aaqada-ueorn.com
    127.0.0.1 aaqada-ueorn.com
    127.0.0.1 aaqada-ygco.com
    127.0.0.1 www.aaqada-ygco.com
    127.0.0.1 aaqada-ymct.com
    127.0.0.1 www.aaqada-ymct.com
    127.0.0.1 aav2008.com
    127.0.0.1 www.aav2008.com
    127.0.0.1 aavc.com
    127.0.0.1 www.abccodec.com
    127.0.0.1 abccodec.com
    127.0.0.1 www.abcdperformance.com
    127.0.0.1 abcdperformance.com
    127.0.0.1 abc-find.info
    127.0.0.1 www.abc-find.info
    127.0.0.1 abcsearch.com
    127.0.0.1 www.abcsearch.com
    127.0.0.1 www.abcways.com
    127.0.0.1 abcways.com
    127.0.0.1 abetterinternet.com
    127.0.0.1 www.abetterinternet.com
    127.0.0.1 www.abnetsoft.info
    127.0.0.1 abnetsoft.info
    127.0.0.1 about-adult.net
    127.0.0.1 www.about-adult.net
    127.0.0.1 aboutclicker.com
    127.0.0.1 www.aboutclicker.com
    127.0.0.1 abrp.net
    127.0.0.1 www.abrp.net
    127.0.0.1 absolutee.com
    127.0.0.1 www.absolutee.com
    127.0.0.1 www.abyssmedia.com
    127.0.0.1 abyssmedia.com
    127.0.0.1 ac66.cn
    127.0.0.1 www.ac66.cn
    127.0.0.1 access.navinetwork.com
    127.0.0.1 access.rapid-pass.net
    127.0.0.1 accessactivexvideo.com
    127.0.0.1 www.accessactivexvideo.com
    127.0.0.1 www.accessclips.com
    127.0.0.1 accessclips.com
    127.0.0.1 access-dvd.com
    127.0.0.1 www.access-dvd.com
    127.0.0.1 accesskeygenerator.com
    127.0.0.1 www.accesskeygenerator.com
    127.0.0.1 accessthefuture.net
    127.0.0.1 www.accessthefuture.net
    127.0.0.1 accessvid.net
    127.0.0.1 www.accessvid.net
    127.0.0.1 acemedic.com
    127.0.0.1 www.acemedic.com
    127.0.0.1 www.ace-webmaster.com
    127.0.0.1 ace-webmaster.com
    127.0.0.1 acjp.com
    127.0.0.1 acrobat-2007.com
    127.0.0.1 www.acrobat-2007.com
    127.0.0.1 www.acrobat-8.com
    127.0.0.1 acrobat-8.com
    127.0.0.1 acrobat-center.com
    127.0.0.1 www.acrobat-center.com
    127.0.0.1 acrobat-hq.com
    127.0.0.1 www.acrobat-hq.com
    127.0.0.1 acrobatreader-8.com
    127.0.0.1 www.acrobatreader-8.com
    127.0.0.1 www.acrobat-reader-8.de
    127.0.0.1 acrobat-reader-8.de
    127.0.0.1 www.acrobat-stop.com
    127.0.0.1 acrobat-stop.com
    127.0.0.1 actionbreastcancer.org
    127.0.0.1 www.actionbreastcancer.org
    127.0.0.1 www.activesearcher.info
    127.0.0.1 activesearcher.info
    127.0.0.1 activexaccessobject.com
    127.0.0.1 www.activexaccessobject.com
    127.0.0.1 www.activexaccessvideo.com
    127.0.0.1 activexaccessvideo.com
    127.0.0.1 activexemedia.com
    127.0.0.1 www.activexemedia.com
    127.0.0.1 activexmediaobject.com
    127.0.0.1 www.activexmediaobject.com
    127.0.0.1 www.activexmediapro.com
    127.0.0.1 activexmediapro.com
    127.0.0.1 activexmediasite.com
    127.0.0.1 www.activexmediasite.com
    127.0.0.1 activexmediasoftware.com
    127.0.0.1 www.activexmediasoftware.com
    127.0.0.1 activexmediasource.com
    127.0.0.1 www.activexmediasource.com
    127.0.0.1 activexmediatool.com
    127.0.0.1 www.activexmediatool.com
    127.0.0.1 www.activexmediatour.com
    127.0.0.1 activexmediatour.com
    127.0.0.1 activexsoftwares.com
    127.0.0.1 www.activexsoftwares.com
    127.0.0.1 activexsource.com
    127.0.0.1 www.activexsource.com
    127.0.0.1 activexupdate.com
    127.0.0.1 www.activexupdate.com
    127.0.0.1 activexvideo.com
    127.0.0.1 www.activexvideo.com
    127.0.0.1 www.activexvideotool.com
    127.0.0.1 activexvideotool.com
    127.0.0.1 ad.marketingsector.com
    127.0.0.1 www.ad.marketingsector.com
    127.0.0.1 www.ad.mokead.com
    127.0.0.1 ad.mokead.com
    127.0.0.1 ad.oinadserver.com
    127.0.0.1 ad.outerinfoads.com
    127.0.0.1 www.ad25.com
    127.0.0.1 ad25.com
    127.0.0.1 ad45.com
    127.0.0.1 www.ad45.com
    127.0.0.1 www.ad77.com
    127.0.0.1 ad77.com
    127.0.0.1 www.ad86.com
    127.0.0.1 ad86.com
    127.0.0.1 adamsupportgroup.org
    127.0.0.1 www.adamsupportgroup.org
    127.0.0.1 www.adarmor.com
    127.0.0.1 adarmor.com
    127.0.0.1 adasearch.com
    127.0.0.1 www.adasearch.com
    127.0.0.1 adaware.cc
    127.0.0.1 www.adawarenow.com
    127.0.0.1 adawarenow.com
    127.0.0.1 adchannel.contextplus.net
    127.0.0.1 www.addetect.com
    127.0.0.1 addetect.com
    127.0.0.1 www.add-hhh.info
    127.0.0.1 add-hhh.info
    127.0.0.1 addictivetechnologies.com
    127.0.0.1 www.addictivetechnologies.com
    127.0.0.1 www.addictivetechnologies.net
    127.0.0.1 addictivetechnologies.net
    127.0.0.1 www.addioerrori.com
    127.0.0.1 addioerrori.com
    127.0.0.1 www.add-manager.com
    127.0.0.1 add-manager.com
    127.0.0.1 www.adgate.info
    127.0.0.1 adgate.info
    127.0.0.1 www.adintelligence.net
    127.0.0.1 adintelligence.net
    127.0.0.1 www.adioserrores.com
    127.0.0.1 adioserrores.com
    127.0.0.1 www.adipics.com
    127.0.0.1 adipics.com
    127.0.0.1 www.adlogix.com
    127.0.0.1 adlogix.com
    127.0.0.1 admin2cash.biz
    127.0.0.1 www.admin2cash.biz
    127.0.0.1 adnet-plus.com
    127.0.0.1 www.adnetserver.com
    127.0.0.1 adnetserver.com
    127.0.0.1 adobe-download-now.com
    127.0.0.1 www.adobe-downloads.com
    127.0.0.1 adobe-downloads.com
    127.0.0.1 www.adobe-reader-8.fr
    127.0.0.1 adobe-reader-8.fr
    127.0.0.1 www.adprotect.com
    127.0.0.1 adprotect.com
    127.0.0.1 ads.centralmedia.ws
    127.0.0.1 ads.k8l.info
    127.0.0.1 ads.kmpads.com
    127.0.0.1 ads.kw.revenue.net
    127.0.0.1 ads.marketingsector.com
    127.0.0.1 ads.searchingbooth.com
    127.0.0.1 ads.z-quest.com
    127.0.0.1 ads1.revenue.net
    127.0.0.1 www.ads183.com
    127.0.0.1 ads183.com
    127.0.0.1 adscontex.com
    127.0.0.1 www.adscontex.com
    127.0.0.1 adservices1.enhance.com
    127.0.0.1 www.adservices1.enhance.com
    127.0.0.1 adservs.com
    127.0.0.1 adsextend.net
    127.0.0.1 www.adsextend.net
    127.0.0.1 adshttp.com
    127.0.0.1 www.adshttp.com
    127.0.0.1 www.adsniffer.com
    127.0.0.1 adsniffer.com
    127.0.0.1 adsonwww.com
    127.0.0.1 www.adsonwww.com
    127.0.0.1 www.adspics.com
    127.0.0.1 adspics.com
    127.0.0.1 www.adsrevenue.net
    127.0.0.1 adsrevenue.net
    127.0.0.1 www.adtrak.net
    127.0.0.1 adtrak.net
    127.0.0.1 adtrgt.com
    127.0.0.1 www.adult18codec.com
    127.0.0.1 adult18codec.com
    127.0.0.1 adult777search.info
    127.0.0.1 www.adult777search.info
    127.0.0.1 www.adultadworld.com
    127.0.0.1 adultadworld.com
    127.0.0.1 www.adultan.com
    127.0.0.1 adultan.com
    127.0.0.1 adultcodec-2008.com
    127.0.0.1 www.adultcodec-2008.com
    127.0.0.1 www.adultcodecstars.com
    127.0.0.1 adultcodecstars.com
    127.0.0.1 adult-engine-search.com
    127.0.0.1 www.adult-engine-search.com
    127.0.0.1 www.adult-erotic-guide.net
    127.0.0.1 adult-erotic-guide.net
    127.0.0.1 adultfilmsite.com
    127.0.0.1 www.adultfilmsite.com
    127.0.0.1 adult-friends-finder.net
    127.0.0.1 www.adult-friends-finder.net
    127.0.0.1 adultgambling.org
    127.0.0.1 adult-host.org
    127.0.0.1 www.adulthyperlinks.com
    127.0.0.1 adulthyperlinks.com
    127.0.0.1 www.adultmovieplus.com
    127.0.0.1 adultmovieplus.com
    127.0.0.1 www.adult-mpg.net
    127.0.0.1 adult-mpg.net
    127.0.0.1 adult-personal.us
    127.0.0.1 adultsgames.net
    127.0.0.1 adultsonlyvids.com
    127.0.0.1 www.adultsonlyvids.com
    127.0.0.1 www.adultsper.com
    127.0.0.1 adultsper.com
    127.0.0.1 adulttds.com
    127.0.0.1 www.adulttds.com
    127.0.0.1 www.adultzoneworld.com
    127.0.0.1 adultzoneworld.com
    127.0.0.1 www.advancedcleaner.com
    127.0.0.1 advancedcleaner.com
    127.0.0.1 www.advancedpccleaner.com
    127.0.0.1 advancedpccleaner.com
    127.0.0.1 www.advancedxpfixer.com
    127.0.0.1 advancedxpfixer.com
    127.0.0.1 advcash.biz
    127.0.0.1 www.advcash.biz
    127.0.0.1 advert.exaccess.ru
    127.0.0.1 www.advertisemoney.info
    127.0.0.1 advertisemoney.info
    127.0.0.1 advertising.paltalk.com
    127.0.0.1 advertising-money.info
    127.0.0.1 www.advertising-money.info
    127.0.0.1 www.advert-network.com
    127.0.0.1 advert-network.com
    127.0.0.1 ad-ware.cc
    127.0.0.1 ad-w-a-r-e.com
    127.0.0.1 www.ad-w-a-r-e.com
    127.0.0.1 a-d-w-a-r-e.com
    127.0.0.1 www.a-d-w-a-r-e.com
    127.0.0.1 www.adware.pro
    127.0.0.1 adware.pro
    127.0.0.1 www.adwarealert.com
    127.0.0.1 adwarealert.com
    127.0.0.1 www.ad-warealert.com
    127.0.0.1 ad-warealert.com
    127.0.0.1 adwarearrest.com
    127.0.0.1 www.adwarearrest.com
    127.0.0.1 adwarebazooka.com
    127.0.0.1 www.adwarebazooka.com
    127.0.0.1 adwarebot.com
    127.0.0.1 www.adwarebot.com
    127.0.0.1 www.adwarecommander.com
    127.0.0.1 adwarecommander.com
    127.0.0.1 adware-download.com
    127.0.0.1 www.adware-download.com
    127.0.0.1 www.adwarefinder.com
    127.0.0.1 adwarefinder.com
    127.0.0.1 www.adwaregold.com
    127.0.0.1 adwaregold.com
    127.0.0.1 www.adwarepatrol.com
    127.0.0.1 adwarepatrol.com
    127.0.0.1 www.adwareplatinum.com
    127.0.0.1 adwareplatinum.com
    127.0.0.1 www.adwarepro.org
    127.0.0.1 adwarepro.org
    127.0.0.1 www.adwareprotectionsite.com
    127.0.0.1 adwareprotectionsite.com
    127.0.0.1 www.adwarepunisher.com
    127.0.0.1 adwarepunisher.com
    127.0.0.1 www.adwareremover.ws
    127.0.0.1 adwareremover.ws
    127.0.0.1 www.adwaresafety.com
    127.0.0.1 adwaresafety.com
    127.0.0.1 www.adwarexp.com
    127.0.0.1 adwarexp.com
    127.0.0.1 www.adwareye.com
    127.0.0.1 adwareye.com
    127.0.0.1 affiliate.idownload.com
    127.0.0.1 www.aflgate.com
    127.0.0.1 aflgate.com
    127.0.0.1 africaspromise.org
    127.0.0.1 agava.com
    127.0.0.1 agava.ru
    127.0.0.1 agentstudio.com
    127.0.0.1 www.ageofconans.net
    127.0.0.1 ageofconans.net
    127.0.0.1 www.aginegialle.it
    127.0.0.1 aginegialle.it
    127.0.0.1 www.ahnenforschung.de
    127.0.0.1 ahnenforschung.de
    127.0.0.1 www.aifind.info
    127.0.0.1 aifind.info
    127.0.0.1 www.airtleworld.com
    127.0.0.1 airtleworld.com
    127.0.0.1 www.aitalia.it
    127.0.0.1 aitalia.it
    127.0.0.1 akamai.downloadv3.com
    127.0.0.1 www.aklitalia.it
    127.0.0.1 aklitalia.it
    127.0.0.1 akril.com
    127.0.0.1 alcatel.ws
    127.0.0.1 www.alertspy.com
    127.0.0.1 alertspy.com
    127.0.0.1 www.alfacleaner.com
    127.0.0.1 alfacleaner.com
    127.0.0.1 alfa-search.com
    127.0.0.1 www.alialia.it
    127.0.0.1 alialia.it
    127.0.0.1 www.aliotalia.it
    127.0.0.1 aliotalia.it
    127.0.0.1 www.alirtalia.it
    127.0.0.1 alirtalia.it
    127.0.0.1 www.alitaia.it
    127.0.0.1 alitaia.it
    127.0.0.1 www.alitaklia.it
    127.0.0.1 alitaklia.it
    127.0.0.1 www.alitala.it
    127.0.0.1 alitala.it
    127.0.0.1 www.alitali.it
    127.0.0.1 alitali.it
    127.0.0.1 www.alitaliaq.it
    127.0.0.1 alitaliaq.it
    127.0.0.1 www.alitalias.it
    127.0.0.1 alitalias.it
    127.0.0.1 www.alitaliaz.it
    127.0.0.1 alitaliaz.it
    127.0.0.1 www.alitalioa.it
    127.0.0.1 alitalioa.it
    127.0.0.1 www.alitalisa.it
    127.0.0.1 alitalisa.it
    127.0.0.1 www.alitaliua.it
    127.0.0.1 alitaliua.it
    127.0.0.1 www.alitalkia.it
    127.0.0.1 alitalkia.it
    127.0.0.1 www.alitaloia.it
    127.0.0.1 alitaloia.it
    127.0.0.1 www.alitaluia.it
    127.0.0.1 alitaluia.it
    127.0.0.1 www.alitaslia.it
    127.0.0.1 alitaslia.it
    127.0.0.1 www.alitlia.it
    127.0.0.1 alitlia.it
    127.0.0.1 www.alitralia.it
    127.0.0.1 alitralia.it
    127.0.0.1 www.alitsalia.it
    127.0.0.1 alitsalia.it
    127.0.0.1 www.aliutalia.it
    127.0.0.1 aliutalia.it
    127.0.0.1 all1count.net
    127.0.0.1 www.all1count.net
    127.0.0.1 all4internet.com
    127.0.0.1 www.all4internet.com
    127.0.0.1 allabtcars.com
    127.0.0.1 allabtjeeps.com
    127.0.0.1 all-bittorrent.com
    127.0.0.1 www.all-bittorrent.com
    127.0.0.1 www.allcollisions.com
    127.0.0.1 allcollisions.com
    127.0.0.1 www.allcybersearch.com
    127.0.0.1 allcybersearch.com
    127.0.0.1 www.alldiskscheck300.com
    127.0.0.1 alldiskscheck300.com
    127.0.0.1 alldnserrors.com
    127.0.0.1 www.alldnserrors.com
    127.0.0.1 www.all-downloads-now.com
    127.0.0.1 all-downloads-now.com
    127.0.0.1 all-edonkey.com
    127.0.0.1 www.all-edonkey.com
    127.0.0.1 www.allertaminacce.com
    127.0.0.1 allertaminacce.com
    127.0.0.1 allforadult.com
    127.0.0.1 allhyperlinks.com
    127.0.0.1 alliesecurity.com
    127.0.0.1 www.alliesecurity.com
    127.0.0.1 all-inet.com
    127.0.0.1 allinternetbusiness.com
    127.0.0.1 www.all-limewire.com
    127.0.0.1 all-limewire.com
    127.0.0.1 www.allmegabucks.com
    127.0.0.1 allmegabucks.com
    127.0.0.1 www.allprotections.com
    127.0.0.1 allprotections.com
    127.0.0.1 www.allresultz.net
    127.0.0.1 allresultz.net
    127.0.0.1 www.allsearch.us
    127.0.0.1 allsearch.us
    127.0.0.1 www.allsecuritynotes.com
    127.0.0.1 allsecuritynotes.com
    127.0.0.1 www.allsecuritysite.com
    127.0.0.1 allsecuritysite.com
    127.0.0.1 www.allstarsvideos.net
    127.0.0.1 allstarsvideos.net
    127.0.0.1 www.alltiettantivirus.com
    127.0.0.1 alltiettantivirus.com
    127.0.0.1 www.alltruesoftware.com
    127.0.0.1 alltruesoftware.com
    127.0.0.1 www.allvideoactivex.com
    127.0.0.1 allvideoactivex.com
    127.0.0.1 www.almanah.biz
    127.0.0.1 almanah.biz
    127.0.0.1 almarvideos.com
    127.0.0.1 www.aloitalia.it
    127.0.0.1 aloitalia.it
    127.0.0.1 www.aluitalia.it
    127.0.0.1 aluitalia.it
    127.0.0.1 www.amaena.com
    127.0.0.1 amaena.com
    127.0.0.1 amandamountains.com
    127.0.0.1 www.amateurliveshow.com
    127.0.0.1 amateurliveshow.com
    127.0.0.1 www.amediasoftware.com
    127.0.0.1 amediasoftware.com
    127.0.0.1 www.amediasource.com
    127.0.0.1 amediasource.com
    127.0.0.1 americanautobargains.com
    127.0.0.1 www.americanautobargains.com
    127.0.0.1 americancarbargains.com
    127.0.0.1 www.americancarbargains.com
    127.0.0.1 american-teens.net
    127.0.0.1 amigeek.com
    127.0.0.1 www.amigobore.com
    127.0.0.1 amigobore.com
    127.0.0.1 amisbusiness.com
    127.0.0.1 www.ampmsearch.com
    127.0.0.1 ampmsearch.com
    127.0.0.1 www.analcord.com
    127.0.0.1 analcord.com
    127.0.0.1 analmovi.com
    127.0.0.1 www.anarchylolita.com
    127.0.0.1 anarchylolita.com
    127.0.0.1 anarchyporn.com
    127.0.0.1 www.andromedical.com
    127.0.0.1 andromedical.com
    127.0.0.1 www.animepornmag.com
    127.0.0.1 animepornmag.com
    127.0.0.1 anin.org
    127.0.0.1 www.anjpn-avxiz.biz
    127.0.0.1 anjpn-avxiz.biz
    127.0.0.1 anjpnzqav.biz
    127.0.0.1 www.anjpnzqav.biz
    127.0.0.1 anjpn-zqav.biz
    127.0.0.1 www.anjpn-zqav.biz
    127.0.0.1 annaromeo.com
    127.0.0.1 www.antiddos.us
    127.0.0.1 antiddos.us
    127.0.0.1 www.antiespiadorado.com
    127.0.0.1 antiespiadorado.com
    127.0.0.1 www.antiespionspack.com
    127.0.0.1 antiespionspack.com
    127.0.0.1 www.antigusanos2008.com
    127.0.0.1 antigusanos2008.com
    127.0.0.1 antispamassistant.com
    127.0.0.1 www.antispamassistant.com
    127.0.0.1 antispamdeluxe.com
    127.0.0.1 www.antispamdeluxe.com
    127.0.0.1 www.antispionage.com
    127.0.0.1 antispionage.com
    127.0.0.1 www.antispionagepro.com
    127.0.0.1 antispionagepro.com
    127.0.0.1 www.antispyadvanced.com
    127.0.0.1 antispyadvanced.com
    127.0.0.1 antispycheck.com
    127.0.0.1 www.antispycheck.com
    127.0.0.1 www.antispydns.biz
    127.0.0.1 antispydns.biz
    127.0.0.1 www.antispykit.com
    127.0.0.1 antispykit.com
    127.0.0.1 www.antispylab.com
    127.0.0.1 antispylab.com
    127.0.0.1 antispyshield.com
    127.0.0.1 www.antispyshield.com
    127.0.0.1 www.antispysolutions.com
    127.0.0.1 antispysolutions.com
    127.0.0.1 antispyware.com
    127.0.0.1 www.antispyware.com
    127.0.0.1 www.antispyware-2008.info
    127.0.0.1 antispyware-2008.info
    127.0.0.1 antispyware2008.name
    127.0.0.1 www.antispyware2008.name
    127.0.0.1 antispyware-2008.name
    127.0.0.1 www.antispyware-2008.name
    127.0.0.1 antispyware2008.org
    127.0.0.1 www.antispyware2008.org
    127.0.0.1 www.antispyware-2008.org
    127.0.0.1 antispyware-2008.org
    127.0.0.1 www.antispyware2008-download.com
    127.0.0.1 antispyware2008-download.com
    127.0.0.1 www.antispyware-2008-download.com
    127.0.0.1 antispyware-2008-download.com
    127.0.0.1 antispyware2008-download.name
    127.0.0.1 www.antispyware2008-download.name
    127.0.0.1 antispyware2008-download.org
    127.0.0.1 www.antispyware2008-download.org
    127.0.0.1 www.antispyware-2008-download.org
    127.0.0.1 antispyware-2008-download.org
    127.0.0.1 www.antispywareboot.com
    127.0.0.1 antispywareboot.com
    127.0.0.1 www.antispywarebot.com
    127.0.0.1 antispywarebot.com
    127.0.0.1 www.antispywarebox.com
    127.0.0.1 antispywarebox.com
    127.0.0.1 antispywaredownloads.com
    127.0.0.1 www.antispywaredownloads.com
    127.0.0.1 www.antispywareexpert.com
    127.0.0.1 antispywareexpert.com
    127.0.0.1 www.antispywaremaster.com
    127.0.0.1 antispywaremaster.com
    127.0.0.1 www.antispyware-review.info
    127.0.0.1 antispyware-review.info
    127.0.0.1 www.antispywaresales.com
    127.0.0.1 antispywaresales.com
    127.0.0.1 antispywaresuite.com
    127.0.0.1 www.antispywaresuite.com
    127.0.0.1 antispywareupdates.net
    127.0.0.1 www.antispywareupdates.net
    127.0.0.1 antispywarexp.com
    127.0.0.1 www.antispywarexp.com
    127.0.0.1 antispyweb.net
    127.0.0.1 www.antispyweb.net
    127.0.0.1 antiver2008.com
    127.0.0.1 www.antiver2008.com
    127.0.0.1 antivermins.com
    127.0.0.1 www.antivermins.com
    127.0.0.1 anti-vermins.com
    127.0.0.1 www.anti-vermins.com
    127.0.0.1 www.antivir2007.com
    127.0.0.1 antivir2007.com
    127.0.0.1 antivirgear.com
    127.0.0.1 www.antivirgear.com
    127.0.0.1 www.antivirprotect.com
    127.0.0.1 antivirprotect.com
    127.0.0.1 www.antivirus.fastfreedownload.com
    127.0.0.1 antivirus.fastfreedownload.com
    127.0.0.1 antivirus2008pro.com
    127.0.0.1 www.antivirus2008pro.com
    127.0.0.1 www.antivirus-2008pro.com
    127.0.0.1 antivirus-2008pro.com
    127.0.0.1 www.antivirus-2008-pro.com
    127.0.0.1 antivirus-2008-pro.com
    127.0.0.1 antivirus2008pro.info
    127.0.0.1 www.antivirus2008pro.info
    127.0.0.1 antivirus-2008pro.info
    127.0.0.1 www.antivirus-2008pro.info
    127.0.0.1 antivirus-2008-pro.info
    127.0.0.1 www.antivirus-2008-pro.info
    127.0.0.1 antivirus2008pro.net
    127.0.0.1 www.antivirus2008pro.net
    127.0.0.1 antivirus-2008pro.net
    127.0.0.1 www.antivirus-2008pro.net
    127.0.0.1 antivirus-2008-pro.net
    127.0.0.1 www.antivirus-2008-pro.net
    127.0.0.1 www.antivirus2008pro.org
    127.0.0.1 antivirus2008pro.org
    127.0.0.1 www.antivirus-2008pro.org
    127.0.0.1 antivirus-2008pro.org
    127.0.0.1 www.antivirus-2008-pro.org
    127.0.0.1 antivirus-2008-pro.org
    127.0.0.1 www.antivirus2008scanner.com
    127.0.0.1 antivirus2008scanner.com
    127.0.0.1 antivirus2008x.com
    127.0.0.1 www.antivirus2008x.com
    127.0.0.1 antivirus-2009.com
    127.0.0.1 www.antivirus-2009.com
    127.0.0.1 www.antivirus2009-freescan.com
    127.0.0.1 antivirus2009-freescan.com
    127.0.0.1 www.antivirus-2009pro.com
    127.0.0.1 antivirus-2009pro.com
    127.0.0.1 www.antivirus2009professional.com
    127.0.0.1 antivirus2009professional.com
    127.0.0.1 antivirusadvance.com
    127.0.0.1 www.antivirusadvance.com
    127.0.0.1 www.antivirusaskeladd.com
    127.0.0.1 antivirusaskeladd.com
    127.0.0.1 www.antivirus-database.com
    127.0.0.1 antivirus-database.com
    127.0.0.1 www.antivirusgereedschap.com
    127.0.0.1 antivirusgereedschap.com
    127.0.0.1 antivirusgolden.com
    127.0.0.1 www.antivirusgolden.com
    127.0.0.1 antivirus-hq.net
    127.0.0.1 www.antivirus-hq.net
    127.0.0.1 www.antiviruspcsuite.com
    127.0.0.1 antiviruspcsuite.com
    127.0.0.1 www.antiviruspremium.com
    127.0.0.1 antiviruspremium.com
    127.0.0.1 www.anti-virus-pro.com
    127.0.0.1 anti-virus-pro.com
    127.0.0.1 antivirusprotector.com
    127.0.0.1 www.antivirusprotector.com
    127.0.0.1 www.antivirus-scanner.com
    127.0.0.1 antivirus-scanner.com
    127.0.0.1 antivirusscherm.com
    127.0.0.1 www.antivirusscherm.com
    127.0.0.1 antivirussecuritypro.com
    127.0.0.1 www.antivirussecuritypro.com
    127.0.0.1 antivirus-server.com
    127.0.0.1 www.antivirus-server.com
    127.0.0.1 antivirus-stop.com
    127.0.0.1 www.antivirus-stop.com
    127.0.0.1 www.antivirussuite.com
    127.0.0.1 antivirussuite.com
    127.0.0.1 www.antiworm2008.com
    127.0.0.1 antiworm2008.com
    127.0.0.1 www.antiwurm2008.com
    127.0.0.1 antiwurm2008.com
    127.0.0.1 antrocity.com
    127.0.0.1 www.anyofus.com
    127.0.0.1 anyofus.com
    127.0.0.1 www.anysafereviews.com
    127.0.0.1 anysafereviews.com
    127.0.0.1 www.anysn.seproger.com
    127.0.0.1 anysn.seproger.com
    127.0.0.1 anything4health.com
    127.0.0.1 www.apicpreview.com
    127.0.0.1 apicpreview.com
    127.0.0.1 www.appealcircuit.com
    127.0.0.1 appealcircuit.com
    127.0.0.1 www.approvedlinks.com
    127.0.0.1 approvedlinks.com
    127.0.0.1 apps.deskwizz.com
    127.0.0.1 apps.webservicehost.com
    127.0.0.1 www.aprotectedpage.com
    127.0.0.1 aprotectedpage.com
    127.0.0.1 apsua.com
    127.0.0.1 www.archivioadulti.com
    127.0.0.1 archivioadulti.com
    127.0.0.1 www.archiviosex.net
    127.0.0.1 archiviosex.net
    127.0.0.1 aregay.com
    127.0.0.1 ares.click-new-download.com
    127.0.0.1 www.ares.click-new-download.com
    127.0.0.1 www.ares-freebie.com
    127.0.0.1 ares-freebie.com
    127.0.0.1 www.arespro2007.com
    127.0.0.1 arespro2007.com
    127.0.0.1 aresultra.com
    127.0.0.1 www.aresultra.com
    127.0.0.1 www.ares-usa.com
    127.0.0.1 ares-usa.com
    127.0.0.1 arheo.com
    127.0.0.1 arizonaweb.org
    127.0.0.1 armitageinn.com
    127.0.0.1 www.arquivojpgs.smtp.ru
    127.0.0.1 arquivojpgs.smtp.ru
    127.0.0.1 artachnid.com
    127.0.0.1 art-func.com
    127.0.0.1 art-xxx.com
    127.0.0.1 www.asafebrowser.com
    127.0.0.1 asafebrowser.com
    127.0.0.1 www.asafetyalways.com
    127.0.0.1 asafetyalways.com
    127.0.0.1 www.asafetynote.com
    127.0.0.1 asafetynote.com
    127.0.0.1 www.asafetynotice.com
    127.0.0.1 asafetynotice.com
    127.0.0.1 www.asafetypage.com
    127.0.0.1 asafetypage.com
    127.0.0.1 www.asdbiz.biz
    127.0.0.1 asdbiz.biz
    127.0.0.1 www.asdeykuddq.com
    127.0.0.1 asdeykuddq.com
    127.0.0.1 www.asecurebar.com
    127.0.0.1 asecurebar.com
    127.0.0.1 www.asecureboard.com
    127.0.0.1 asecureboard.com
    127.0.0.1 www.asecurevalue.com
    127.0.0.1 asecurevalue.com
    127.0.0.1 www.asecurityissue.com
    127.0.0.1 asecurityissue.com
    127.0.0.1 www.asecuritynotice.com
    127.0.0.1 asecuritynotice.com
    127.0.0.1 www.asecuritypaper.com
    127.0.0.1 asecuritypaper.com
    127.0.0.1 www.asecuritystuff.com
    127.0.0.1 asecuritystuff.com
    127.0.0.1 www.asfadaptation.com
    127.0.0.1 asfadaptation.com
    127.0.0.1 asiankingkong.com
    127.0.0.1 www.asianpornmag.com
    127.0.0.1 asianpornmag.com
    127.0.0.1 www.asiantoolbar.com
    127.0.0.1 asiantoolbar.com
    127.0.0.1 www.asidseiupc.com
    127.0.0.1 asidseiupc.com
    127.0.0.1 www.aslitalia.it
    127.0.0.1 aslitalia.it
    127.0.0.1 ass-gals.com
    127.0.0.1 www.assureprotection.com
    127.0.0.1 assureprotection.com
    127.0.0.1 asta-killer.com
    127.0.0.1 www.astrologie-server.com
    127.0.0.1 astrologie-server.com
    127.0.0.1 www.asupereva.it
    127.0.0.1 asupereva.it
    127.0.0.1 www.ataprogram.com
    127.0.0.1 ataprogram.com
    127.0.0.1 athenrye.com
    127.0.0.1 www.atotalsafety.com
    127.0.0.1 atotalsafety.com
    127.0.0.1 www.atrueprotection.com
    127.0.0.1 atrueprotection.com
    127.0.0.1 www.atruesecurity.com
    127.0.0.1 atruesecurity.com
    127.0.0.1 www.attackware.com
    127.0.0.1 attackware.com
    127.0.0.1 www.attrezzi.biz
    127.0.0.1 attrezzi.biz
    127.0.0.1 www.aucunsvirus.com
    127.0.0.1 aucunsvirus.com
    127.0.0.1 www.aulde.net
    127.0.0.1 aulde.net
    127.0.0.1 www.aupereva.it
    127.0.0.1 aupereva.it
    127.0.0.1 www.autobargains.org
    127.0.0.1 autobargains.org
    127.0.0.1 www.autobargainsnetwork.com
    127.0.0.1 autobargainsnetwork.com
    127.0.0.1 www.autocontext.begun.ru
    127.0.0.1 autocontext.begun.ru
    127.0.0.1 autoescrowpay.com
    127.0.0.1 www.autotuningportal.com
    127.0.0.1 autotuningportal.com
    127.0.0.1 avadvance.com
    127.0.0.1 www.avadvance.com
    127.0.0.1 avast.free-software-center.com
    127.0.0.1 www.avast.free-software-center.com
    127.0.0.1 www.avast-2007.com
    127.0.0.1 avast-2007.com
    127.0.0.1 www.avast-downloads.com
    127.0.0.1 avast-downloads.com
    127.0.0.1 www.avast-hq.com
    127.0.0.1 avast-hq.com
    127.0.0.1 avforce.com
    127.0.0.1 www.avforce.com
    127.0.0.1 www.avg.grab-it-today.net
    127.0.0.1 avg.grab-it-today.net
    127.0.0.1 avg.softwarecenterz.com
    127.0.0.1 www.avg.softwarecenterz.com
    127.0.0.1 avg-secure.com
    127.0.0.1 www.avg-secure.com
    127.0.0.1 aviadaptation.com
    127.0.0.1 www.aviadaptation.com
    127.0.0.1 avian-ads.com
    127.0.0.1 avicoupler.com
    127.0.0.1 www.avicoupler.com
    127.0.0.1 avideoaxaccess.com
    127.0.0.1 www.avideoaxaccess.com
    127.0.0.1 avideosurfer.com
    127.0.0.1 www.avideosurfer.com
    127.0.0.1 www.avidirection.com
    127.0.0.1 avidirection.com
    127.0.0.1 aviewersoft.com
    127.0.0.1 www.aviewersoft.com
    127.0.0.1 www.aviexecution.com
    127.0.0.1 aviexecution.com
    127.0.0.1 avihelper.com
    127.0.0.1 www.avihelper.com
    127.0.0.1 aviinstrument.com
    127.0.0.1 www.aviinstrument.com
    127.0.0.1 aviplugin.com
    127.0.0.1 www.aviplugin.com
    127.0.0.1 avitool.com
    127.0.0.1 www.avitool.com
    127.0.0.1 aviupdate.com
    127.0.0.1 www.aviupdate.com
    127.0.0.1 aviutility.com
    127.0.0.1 www.aviutility.com
    127.0.0.1 www.avpcheckupdate.com
    127.0.0.1 avpcheckupdate.com
    127.0.0.1 avsmanufacture.com
    127.0.0.1 www.avsmanufacture.com
    127.0.0.1 www.avsystemcare.com
    127.0.0.1 avsystemcare.com
    127.0.0.1 www.avxizaaqada.biz
    127.0.0.1 avxizaaqada.biz
    127.0.0.1 www.avxiz-anjpn.biz
    127.0.0.1 avxiz-anjpn.biz
    127.0.0.1 www.avxizueorn.biz
    127.0.0.1 avxizueorn.biz
    127.0.0.1 www.avxiz-ueorn.biz
    127.0.0.1 avxiz-ueorn.biz
    127.0.0.1 avxiz-vtvcp.biz
    127.0.0.1 www.avxiz-vtvcp.biz
    127.0.0.1 avxiz-ygco.biz
    127.0.0.1 www.avxiz-ygco.biz
    127.0.0.1 avxiz-zqav.biz
    127.0.0.1 www.avxiz-zqav.biz
    127.0.0.1 www.av-xp-08.com
    127.0.0.1 av-xp-08.com
    127.0.0.1 www.awarenesstech.com
    127.0.0.1 awarenesstech.com
    127.0.0.1 www.awarninglist.com
    127.0.0.1 awarninglist.com
    127.0.0.1 awbeta.net-nucleus.com
    127.0.0.1 www.awesomehomepage.com
    127.0.0.1 awesomehomepage.com
    127.0.0.1 awmcash.biz
    127.0.0.1 awmdabest.com
    127.0.0.1 www.axemediasoftware.com
    127.0.0.1 axemediasoftware.com
    127.0.0.1 www.aximageobject.com
    127.0.0.1 aximageobject.com
    127.0.0.1 www.axmediaproject.com
    127.0.0.1 axmediaproject.com
    127.0.0.1 www.axmediasoftware.com
    127.0.0.1 axmediasoftware.com
    127.0.0.1 www.axmediasolutions.com
    127.0.0.1 axmediasolutions.com
    127.0.0.1 www.axobjectpage.com
    127.0.0.1 axobjectpage.com
    127.0.0.1 www.axobjectsource.com
    127.0.0.1 axobjectsource.com
    127.0.0.1 www.axsoftwaretool.com
    127.0.0.1 axsoftwaretool.com
    127.0.0.1 www.axvideoproject.com
    127.0.0.1 axvideoproject.com
    127.0.0.1 www.axvideosetup.com
    127.0.0.1 axvideosetup.com
    127.0.0.1 ayakawamura.com
    127.0.0.1 ayb.dns-look-up.com
    127.0.0.1 ayb.netbios-wait.com
    127.0.0.1 ayumitaniguchi.com
    127.0.0.1 azebar.com
    127.0.0.1 azureusclub.com
    127.0.0.1 www.azureusclub.com
    127.0.0.1 azureus-freebie.com
    127.0.0.1 www.azureus-freebie.com
    127.0.0.1 www.azzetta.it
    127.0.0.1 azzetta.it
    127.0.0.1 b.casalemedia.com
    127.0.0.1 b122.mcboo.com
    127.0.0.1 www.babe.k-lined.com
    127.0.0.1 babe.k-lined.com
    127.0.0.1 www.babe.the-killer.bz
    127.0.0.1 babe.the-killer.bz
    127.0.0.1 www.babenet.com
    127.0.0.1 babenet.com
    127.0.0.1 www.babespornmag.com
    127.0.0.1 babespornmag.com
    127.0.0.1 www.babeweb.de
    127.0.0.1 babeweb.de
    127.0.0.1 www.baccarat-other.info
    127.0.0.1 baccarat-other.info
    127.0.0.1 www.backstripgirls.com
    127.0.0.1 backstripgirls.com
    127.0.0.1 backup.mabou.org
    127.0.0.1 www.baiduqqsina.cn
    127.0.0.1 baiduqqsina.cn
    127.0.0.1 www.balotierra.com
    127.0.0.1 balotierra.com
    127.0.0.1 bannedhost.net
    127.0.0.1 barbudafarms.com
    127.0.0.1 www.bardownload.com
    127.0.0.1 bardownload.com
    127.0.0.1 barnandfence.com
    127.0.0.1 www.basteln-und-heimwerken.com
    127.0.0.1 basteln-und-heimwerken.com
    127.0.0.1 batsearch.com
    127.0.0.1 baygraphicsllc.com
    127.0.0.1 bb.wudiliuliang.com
    127.0.0.1 bbbsearch.com
    127.0.0.1 bb-search.com
    127.0.0.1 www.bcnproduction.com
    127.0.0.1 bcnproduction.com
    127.0.0.1 bdsmlibrary.net
    127.0.0.1 www.bdsmpornmag.com
    127.0.0.1 bdsmpornmag.com
    127.0.0.1 www.bearshare.click-new-download.com
    127.0.0.1 bearshare.click-new-download.com
    127.0.0.1 www.bearshare.download-me.info
    127.0.0.1 bearshare.download-me.info
    127.0.0.1 www.bearshare.mp3-muzic.com
    127.0.0.1 bearshare.mp3-muzic.com
    127.0.0.1 www.bearshare-download.org
    127.0.0.1 bearshare-download.org
    127.0.0.1 bearshare-downloads.net
    127.0.0.1 www.bearshare-downloads.net
    127.0.0.1 bearsharelive.co.uk
    127.0.0.1 www.bearsharelive.co.uk
    127.0.0.1 www.bearshare-music-downloads.com
    127.0.0.1 bearshare-music-downloads.com
    127.0.0.1 bearsharepro2007.com
    127.0.0.1 www.bearsharepro2007.com
    127.0.0.1 bearshare-usa.com
    127.0.0.1 www.bearshare-usa.com
    127.0.0.1 bedhome.com
    127.0.0.1 bediadance.com
    127.0.0.1 www.beebappyy.biz
    127.0.0.1 beebappyy.biz
    127.0.0.1 www.begin2search.com
    127.0.0.1 begin2search.com
    127.0.0.1 bellabasketsfl.com
    127.0.0.1 bernaolatwin.com
    127.0.0.1 www.berufe-jobs.de
    127.0.0.1 berufe-jobs.de
    127.0.0.1 www.berufe-server.de
    127.0.0.1 berufe-server.de
    127.0.0.1 www.berufe-welt.de
    127.0.0.1 berufe-welt.de
    127.0.0.1 www.berufs-wahl.de
    127.0.0.1 berufs-wahl.de
    127.0.0.1 www.beruijindegunhadesun.com
    127.0.0.1 beruijindegunhadesun.com
    127.0.0.1 www.best3xclips.com
    127.0.0.1 best3xclips.com
    127.0.0.1 bestadults.com
    127.0.0.1 www.bestadults.com
    127.0.0.1 best-codec.com
    127.0.0.1 www.best-codec.com
    127.0.0.1 best-counter.com
    127.0.0.1 bestcrawler.com
    127.0.0.1 www.bestdailyvids.com
    127.0.0.1 bestdailyvids.com
    127.0.0.1 bestfor.ru
    127.0.0.1 bestfuckvids.com
    127.0.0.1 www.bestfuckvids.com
    127.0.0.1 best-hardpics.com
    127.0.0.1 bestmanage.org
    127.0.0.1 www.bestmanage.org
    127.0.0.1 www.bestmanage0.org
    127.0.0.1 bestmanage0.org
    127.0.0.1 bestmanage1.org
    127.0.0.1 www.bestmanage1.org
    127.0.0.1 www.bestmanage2.org
    127.0.0.1 bestmanage2.org
    127.0.0.1 www.bestmanage3.org
    127.0.0.1 bestmanage3.org
    127.0.0.1 bestmanage4.org
    127.0.0.1 www.bestmanage4.org
    127.0.0.1 www.bestmanage5.org
    127.0.0.1 bestmanage5.org
    127.0.0.1 www.bestmanage6.org
    127.0.0.1 bestmanage6.org
    127.0.0.1 www.bestmanage7.org
    127.0.0.1 bestmanage7.org
    127.0.0.1 www.bestmanage8.org
    127.0.0.1 bestmanage8.org
    127.0.0.1 bestmanage9.org
    127.0.0.1 www.bestmanage9.org
    127.0.0.1 www.bestmovszone.com
    127.0.0.1 bestmovszone.com
    127.0.0.1 bestnetwok.net
    127.0.0.1 www.bestnetwok.net
    127.0.0.1 www.bestnetwork.net
    127.0.0.1 bestnetwork.net
    127.0.0.1 www.bestoffersnetworks.com
    127.0.0.1 bestoffersnetworks.com
    127.0.0.1 www.best-porncollection.com
    127.0.0.1 best-porncollection.com
    127.0.0.1 bestporngate.com
    127.0.0.1 bestsafetyguide.net
    127.0.0.1 www.bestsafetyguide.net
    127.0.0.1 www.bestsearch.cc
    127.0.0.1 bestsearch.cc
    127.0.0.1 www.bestsearchworld.info
    127.0.0.1 bestsearchworld.info
    127.0.0.1 www.best-spyware.info
    127.0.0.1 best-spyware.info
    127.0.0.1 www.best-targeted-traffic.com
    127.0.0.1 best-targeted-traffic.com
    127.0.0.1 best-voyeur.info
    127.0.0.1 www.best-voyeur.info
    127.0.0.1 bestweblinks.com
    127.0.0.1 best-winning-casino.com
    127.0.0.1 www.bestworldgirls-for-u.net
    127.0.0.1 bestworldgirls-for-u.net
    127.0.0.1 www.bestxclips.com
    127.0.0.1 bestxclips.com
    127.0.0.1 bestxporno.com
    127.0.0.1 www.bestxxxmpegs.com
    127.0.0.1 bestxxxmpegs.com
    127.0.0.1 www.bettersearch.biz
    127.0.0.1 bettersearch.biz
    127.0.0.1 www.bewerbungsexperte.com
    127.0.0.1 bewerbungsexperte.com
    127.0.0.1 www.bgazzetta.it
    127.0.0.1 bgazzetta.it
    127.0.0.1 www.bgoogle.it
    127.0.0.1 bgoogle.it
    127.0.0.1 www.bigcodecadult.com
    127.0.0.1 bigcodecadult.com
    127.0.0.1 bigcodecadult2008.com
    127.0.0.1 www.bigcodecadult2008.com
    127.0.0.1 bigcodecadult2008-17.com
    127.0.0.1 www.bigcodecadult2008-17.com
    127.0.0.1 bighot18adult2008.com
    127.0.0.1 www.bighot18adult2008.com
    127.0.0.1 www.bighot18-adult2008.com
    127.0.0.1 bighot18-adult2008.com
    127.0.0.1 www.bighot18codec2008.com
    127.0.0.1 bighot18codec2008.com
    127.0.0.1 bighot18-codec2008.com
    127.0.0.1 www.bighot18-codec2008.com
    127.0.0.1 www.bigtrafficnetwork.com
    127.0.0.1 bigtrafficnetwork.com
    127.0.0.1 www.bigwww.com
    127.0.0.1 bigwww.com
    127.0.0.1 www.bill.de
    127.0.0.1 bill.de
    127.0.0.1 bin.errorprotector.com
    127.0.0.1 bins.media-motor.net
    127.0.0.1 bins2.media-motor.net
    127.0.0.1 bis.180solutions.com
    127.0.0.1 bitchesonline.net
    127.0.0.1 www.bitcomet-freebie.com
    127.0.0.1 bitcomet-freebie.com
    127.0.0.1 www.bittorrent.click-new-download.com
    127.0.0.1 bittorrent.click-new-download.com
    127.0.0.1 biz.biz
    127.0.0.1 www.bkvcompany.com
    127.0.0.1 bkvcompany.com
    127.0.0.1 blackblues00.com
    127.0.0.1 www.blackblues00.com
    127.0.0.1 blackcodec.com
    127.0.0.1 www.blackcodec.com
    127.0.0.1 www.black-codec.com
    127.0.0.1 black-codec.com
    127.0.0.1 www.blackcodec.net
    127.0.0.1 blackcodec.net
    127.0.0.1 www.blackhats.tc
    127.0.0.1 blackhats.tc
    127.0.0.1 www.blackhawksoftware.com
    127.0.0.1 blackhawksoftware.com
    127.0.0.1 blackjack-free.net
    127.0.0.1 www.blacklegion.info
    127.0.0.1 blacklegion.info
    127.0.0.1 blazefind.com
    127.0.0.1 blender.xu.pl
    127.0.0.1 www.blockcheckercontrol.com
    127.0.0.1 blockcheckercontrol.com
    127.0.0.1 blondetgp.com
    127.0.0.1 www.blue-elefant.com
    127.0.0.1 blue-elefant.com
    127.0.0.1 www.bm.theaimonline.com
    127.0.0.1 bm.theaimonline.com
    127.0.0.1 www.bnmgate.com
    127.0.0.1 bnmgate.com
    127.0.0.1 bodaciousbabette.com
    127.0.0.1 www.bonzi.com
    127.0.0.1 bonzi.com
    127.0.0.1 boobdoll.com
    127.0.0.1 boobsandtits.com
    127.0.0.1 boobsclub.com
    127.0.0.1 www.bookedspace.com
    127.0.0.1 bookedspace.com
    127.0.0.1 www.boom.com.vn
    127.0.0.1 boom.com.vn
    127.0.0.1 www.boomgirltv.com
    127.0.0.1 boomgirltv.com
    127.0.0.1 boredlife.com
    127.0.0.1 bowlofogumbo.com
    127.0.0.1 www.bpfq02.com
    127.0.0.1 bpfq02.com
    127.0.0.1 www.bqgate.com
    127.0.0.1 bqgate.com
    127.0.0.1 br.errorsafe.com
    127.0.0.1 br.winantivirus.com
    127.0.0.1 br.winfixer.com
    127.0.0.1 bradcoem.org
    127.0.0.1 www.braincodec.com
    127.0.0.1 braincodec.com
    127.0.0.1 www.brakecodec.com
    127.0.0.1 brakecodec.com
    127.0.0.1 www.brakecodec.net
    127.0.0.1 brakecodec.net
    127.0.0.1 brandiyoung.com
    127.0.0.1 www.bravesentry.com
    127.0.0.1 bravesentry.com
    127.0.0.1 www.breenten.biz
    127.0.0.1 breenten.biz
    127.0.0.1 www.brodbfm.net
    127.0.0.1 brodbfm.net
    127.0.0.1 brookeburn.com
    127.0.0.1 www.browserwise.com
    127.0.0.1 browserwise.com
    127.0.0.1 bsa.safetydownload.com
    127.0.0.1 www.bsplaycodec.com
    127.0.0.1 bsplaycodec.com
    127.0.0.1 bucps.com
    127.0.0.1 buhartes.info
    127.0.0.1 buldog-stats.com
    127.0.0.1 www.bullseye-network.com
    127.0.0.1 bullseye-network.com
    127.0.0.1 burgerkingbigscreen.com
    127.0.0.1 www.burningsite.com
    127.0.0.1 burningsite.com
    127.0.0.1 www.burnsrecyclinginc.com
    127.0.0.1 burnsrecyclinginc.com
    127.0.0.1 buscards.net
    127.0.0.1 bustyrussell.com
    127.0.0.1 www.busysearch.net
    127.0.0.1 busysearch.net
    127.0.0.1 buttejazz.org
    127.0.0.1 www.buy-find.info
    127.0.0.1 buy-find.info
    127.0.0.1 buyselldomain.net
    127.0.0.1 www.buytraff.biz
    127.0.0.1 buytraff.biz
    127.0.0.1 buz.ru
    127.0.0.1 www.bvdtechinque.com
    127.0.0.1 bvdtechinque.com
    127.0.0.1 www.bvirgilio.it
    127.0.0.1 bvirgilio.it
    127.0.0.1 www.bye-spyware.com
    127.0.0.1 bye-spyware.com
    127.0.0.1 c.centralmedia.ws
    127.0.0.1 www.c.enhance.com
    127.0.0.1 c.enhance.com
    127.0.0.1 c.goclick.com
    127.0.0.1 www.c4tdownload.com
    127.0.0.1 c4tdownload.com
    127.0.0.1 www.c5.www4free.info
    127.0.0.1 c5.www4free.info
    127.0.0.1 www.cache.surfaccuracy.com
    127.0.0.1 cache.surfaccuracy.com
    127.0.0.1 cache.ysbweb.com
    127.0.0.1 www.cadesfinjeriokas.com
    127.0.0.1 cadesfinjeriokas.com
    127.0.0.1 calcioturris.com
    127.0.0.1 www.calendaralerts.net
    127.0.0.1 calendaralerts.net
    127.0.0.1 www.callinghome.biz
    127.0.0.1 callinghome.biz
    127.0.0.1 www.cameouk.co.uk
    127.0.0.1 cameouk.co.uk
    127.0.0.1 cameup.com
    127.0.0.1 www.camouflageclothingonline.net
    127.0.0.1 camouflageclothingonline.net
    127.0.0.1 campaigns.outerinfo.net
    127.0.0.1 www.camping-community.com
    127.0.0.1 camping-community.com
    127.0.0.1 camup.net
    127.0.0.1 canberracricketcoaching.com
    127.0.0.1 candycantaloupes.com
    127.0.0.1 www.canidetect.org
    127.0.0.1 canidetect.org
    127.0.0.1 www.cantfind.com
    127.0.0.1 cantfind.com
    127.0.0.1 careers.dulcineasystems.net
    127.0.0.1 carsands.com
    127.0.0.1 carsrentals.net
    127.0.0.1 cartoes.uol.com.br
    127.0.0.1 www.casalemedia.com
    127.0.0.1 casalemedia.com
    127.0.0.1 www.cashdeluxe.net
    127.0.0.1 cashdeluxe.net
    127.0.0.1 www.cashengines.com
    127.0.0.1 cashengines.com
    127.0.0.1 cashsearch.biz
    127.0.0.1 www.cashsurfers.com
    127.0.0.1 cashsurfers.com
    127.0.0.1 www.cashunlim.com
    127.0.0.1 cashunlim.com
    127.0.0.1 casino.com.free.game.pogo.gratisdownloads.nl
    127.0.0.1 casino2win.net
    127.0.0.1 casino-gambling-1.net
    127.0.0.1 casino-gambling-2.net
    127.0.0.1 casinomidas.net
    127.0.0.1 casinonline.net
    127.0.0.1 casino-onlines.net
    127.0.0.1 www.castingsamateur.com
    127.0.0.1 castingsamateur.com
    127.0.0.1 catallogue.com
    127.0.0.1 www.catch-dc.info
    127.0.0.1 catch-dc.info
    127.0.0.1 categories.mygeek.com
    127.0.0.1 catsss.da.ru
    127.0.0.1 caxa.ru
    127.0.0.1 cazygirls-world.com
    127.0.0.1 cc.panet.org
    127.0.0.1 www.ccecaedbebfcaf.com
    127.0.0.1 ccecaedbebfcaf.com
    127.0.0.1 cclebali.org
    127.0.0.1 www.ccorriere.it
    127.0.0.1 ccorriere.it
    127.0.0.1 www.cdcopysite.com
    127.0.0.1 cdcopysite.com
    127.0.0.1 www.cdegate.com
    127.0.0.1 cdegate.com
    127.0.0.1 cdn.drivecleaner.com
    127.0.0.1 cdn.errorsafe.com
    127.0.0.1 cdn.movies-etc.com
    127.0.0.1 cdn.winsoftware.com
    127.0.0.1 cdn2.movies-etc.com
    127.0.0.1 www.cdorriere.it
    127.0.0.1 cdorriere.it
    127.0.0.1 ceewawires.org
    127.0.0.1 centralmedia.ws
    127.0.0.1 certumgroup.com
    127.0.0.1 www.cforriere.it
    127.0.0.1 cforriere.it
    127.0.0.1 cheapest.extra.hu
    127.0.0.1 www.check.jupitersatellites.biz
    127.0.0.1 check.jupitersatellites.biz
    127.0.0.1 www.checkin100.com
    127.0.0.1 checkin100.com
    127.0.0.1 www.checkssecurity.com
    127.0.0.1 checkssecurity.com
    127.0.0.1 www.checksystem-online.com
    127.0.0.1 checksystem-online.com
    127.0.0.1 chelancatering.com
    127.0.0.1 www.chenshijituan.com
    127.0.0.1 chenshijituan.com
    127.0.0.1 childrenvilla.com
    127.0.0.1 www.chilly3xvids.com
    127.0.0.1 chilly3xvids.com
    127.0.0.1 www.chillymovs.com
    127.0.0.1 chillymovs.com
    127.0.0.1 chips-4-free.com
    127.0.0.1 chrisswasey.com
    127.0.0.1 chriswallace.net
    127.0.0.1 www.cia-trjn.myvnc.com
    127.0.0.1 cia-trjn.myvnc.com
    127.0.0.1 www.cinemadownload.com
    127.0.0.1 cinemadownload.com
    127.0.0.1 www.ciorriere.it
    127.0.0.1 ciorriere.it
    127.0.0.1 www.cirriere.it
    127.0.0.1 cirriere.it
    127.0.0.1 citycodec.com
    127.0.0.1 www.citycodec.com
    127.0.0.1 city-codec.com
    127.0.0.1 www.city-codec.com
    127.0.0.1 ckick4thumbs.com
    127.0.0.1 cl55.biz
    127.0.0.1 clackamasliteraryreview.com
    127.0.0.1 www.clckm.com
    127.0.0.1 clckm.com
    127.0.0.1 cleancodec.com
    127.0.0.1 www.cleancodec.com
    127.0.0.1 www.cleancodec.net
    127.0.0.1 cleancodec.net
    127.0.0.1 clean-codec.net
    127.0.0.1 www.clean-codec.net
    127.0.0.1 www.cleansoftwares.com
    127.0.0.1 cleansoftwares.com
    127.0.0.1 clearsearch.cc
    127.0.0.1 clearsearch.net
    127.0.0.1 clickaire.com
    127.0.0.1 www.click-codec.com
    127.0.0.1 click-codec.com
    127.0.0.1 www.clickhere4search.com
    127.0.0.1 clickhere4search.com
    127.0.0.1 www.click-new-download.com
    127.0.0.1 click-new-download.com
    127.0.0.1 click-now.net
    127.0.0.1 www.clickspring.net
    127.0.0.1 clickspring.net
    127.0.0.1 click-to-download.com
    127.0.0.1 www.click-to-download.com
    127.0.0.1 www.clicktomakeasearch.com
    127.0.0.1 clicktomakeasearch.com
    127.0.0.1 clickyestoenter.net
    127.0.0.1 client.exeupdate.com
    127.0.0.1 client.myadultexplorer.com
    127.0.0.1 www.cliks.org
    127.0.0.1 cliks.org
    127.0.0.1 www.cliparts4free.com
    127.0.0.1 cliparts4free.com
    127.0.0.1 www.clipsfestival.com
    127.0.0.1 clipsfestival.com
    127.0.0.1 www.clipsreality.com
    127.0.0.1 clipsreality.com
    127.0.0.1 www.clorriere.it
    127.0.0.1 clorriere.it
    127.0.0.1 clrsch.com
    127.0.0.1 www.clubxxxvideo.com
    127.0.0.1 clubxxxvideo.com
    127.0.0.1 clusif.free.fr
    127.0.0.1 cmtapestry.com
    127.0.0.1 www.cnetadd.com
    127.0.0.1 cnetadd.com
    127.0.0.1 www.cnomy.com
    127.0.0.1 cnomy.com
    127.0.0.1 www.cnzz.com
    127.0.0.1 cnzz.com
    127.0.0.1 www.cocktails-ideen.de
    127.0.0.1 cocktails-ideen.de
    127.0.0.1 code.ignphrases.com
    127.0.0.1 codec.ninoa.com
    127.0.0.1 codecadult18.com
    127.0.0.1 www.codecadult18.com
    127.0.0.1 codecbest.com
    127.0.0.1 www.codecbest.com
    127.0.0.1 codecbsplay.com
    127.0.0.1 www.codecbsplay.com
    127.0.0.1 codecdemo.com
    127.0.0.1 www.codecdemo.com
    127.0.0.1 www.codecdvd.net
    127.0.0.1 codecdvd.net
    127.0.0.1 codecdvi.com
    127.0.0.1 www.codecdvi.com
    127.0.0.1 codec-fun.com
    127.0.0.1 www.codec-fun.com
    127.0.0.1 www.codechard.com
    127.0.0.1 codechard.com
    127.0.0.1 www.codechot.net
    127.0.0.1 codechot.net
    127.0.0.1 www.codechq.net
    127.0.0.1 codechq.net
    127.0.0.1 www.codecmeg.net
    127.0.0.1 codecmeg.net
    127.0.0.1 www.codecmega.com
    127.0.0.1 codecmega.com
    127.0.0.1 www.codecmega.net
    127.0.0.1 codecmega.net
    127.0.0.1 www.codecmoon.com
    127.0.0.1 codecmoon.com
    127.0.0.1 www.codecmpg.com
    127.0.0.1 codecmpg.com
    127.0.0.1 www.codecnice.net
    127.0.0.1 codecnice.net
    127.0.0.1 www.codecnitro.com
    127.0.0.1 codecnitro.com
    127.0.0.1 www.codecops.net
    127.0.0.1 codecops.net
    127.0.0.1 www.codecplay.com
    127.0.0.1 codecplay.com
    127.0.0.1 www.codecpretty.net
    127.0.0.1 codecpretty.net
    127.0.0.1 www.codecpro.net
    127.0.0.1 codecpro.net
    127.0.0.1 www.codecred.net
    127.0.0.1 codecred.net
    127.0.0.1 www.codecsoft.net
    127.0.0.1 codecsoft.net
    127.0.0.1 www.codecthe.com
    127.0.0.1 codecthe.com
    127.0.0.1 www.codectime.com
    127.0.0.1 codectime.com
    127.0.0.1 www.codecultra.net
    127.0.0.1 codecultra.net
    127.0.0.1 www.codecvids.com
    127.0.0.1 codecvids.com
    127.0.0.1 www.codecvip.com
    127.0.0.1 codecvip.com
    127.0.0.1 www.codecviva.com
    127.0.0.1 codecviva.com
    127.0.0.1 www.codeczang.net
    127.0.0.1 codeczang.net
    127.0.0.1 www.codrriere.it
    127.0.0.1 codrriere.it
    127.0.0.1 www.coeriere.it
    127.0.0.1 coeriere.it
    127.0.0.1 www.coerriere.it
    127.0.0.1 coerriere.it
    127.0.0.1 www.cofrriere.it
    127.0.0.1 cofrriere.it
    127.0.0.1 www.cogrriere.it
    127.0.0.1 cogrriere.it
    127.0.0.1 www.coirriere.it
    127.0.0.1 coirriere.it
    127.0.0.1 command.adservs.com
    127.0.0.1 www.commonname.com
    127.0.0.1 commonname.com
    127.0.0.1 www.comparespywareremover.org
    127.0.0.1 comparespywareremover.org
    127.0.0.1 www.computerpcgames.net
    127.0.0.1 computerpcgames.net
    127.0.0.1 www.computerrecover.com
    127.0.0.1 computerrecover.com
    127.0.0.1 config.180solutions.com
    127.0.0.1 www.congtouzailai.net
    127.0.0.1 congtouzailai.net
    127.0.0.1 www.consumers-reviews.net
    127.0.0.1 consumers-reviews.net
    127.0.0.1 www.content.dollarrevenue.com
    127.0.0.1 content.dollarrevenue.com
    127.0.0.1 www.content.ireit.com
    127.0.0.1 content.ireit.com
    127.0.0.1 content.onerateld.com
    127.0.0.1 www.contentmatch.net
    127.0.0.1 contentmatch.net
    127.0.0.1 www.contextplus.net
    127.0.0.1 contextplus.net
    127.0.0.1 www.contra-virus.com
    127.0.0.1 contra-virus.com
    127.0.0.1 www.controlmeh.com
    127.0.0.1 controlmeh.com
    127.0.0.1 www.controlpage.info
    127.0.0.1 controlpage.info
    127.0.0.1 www.convenient-search.com
    127.0.0.1 convenient-search.com
    127.0.0.1 www.cookingluck.com
    127.0.0.1 cookingluck.com
    127.0.0.1 cooldeskalert.com
    127.0.0.1 www.cooldeskalert.com
    127.0.0.1 coolfetishsite.com
    127.0.0.1 coolfreehost.com
    127.0.0.1 coolfreepage.com
    127.0.0.1 coolfreepages.com
    127.0.0.1 cool-homepage.co
    127.0.0.1 cool-homepage.com
    127.0.0.1 coolmoneysearch.com
    127.0.0.1 www.coolonlinebusiness.com
    127.0.0.1 coolonlinebusiness.com
    127.0.0.1 coolpornsearch.com
    127.0.0.1 cool-search.net
    127.0.0.1 cool-search.netfartpost.com
    127.0.0.1 coolsearcher.info
    127.0.0.1 www.coolservecorp.net
    127.0.0.1 coolservecorp.net
    127.0.0.1 coolwebsearch.com
    127.0.0.1 www.coolwebsearch.com
    127.0.0.1 cool-web-search.com
    127.0.0.1 coolwebsearsh.com
    127.0.0.1 www.coolwwwsearch.com
    127.0.0.1 coolwwwsearch.com
    127.0.0.1 cool-xxx.net
    127.0.0.1 www.coorriere.it
    127.0.0.1 coorriere.it
    127.0.0.1 copmtraine.com
    127.0.0.1 www.coprriere.it
    127.0.0.1 coprriere.it
    127.0.0.1 www.core.psyche-evolution.com
    127.0.0.1 core.psyche-evolution.com
    127.0.0.1 www.coreiere.it
    127.0.0.1 coreiere.it
    127.0.0.1 www.coreriere.it
    127.0.0.1 coreriere.it
    127.0.0.1 www.corrdiere.it
    127.0.0.1 corrdiere.it
    127.0.0.1 www.correiere.it
    127.0.0.1 correiere.it
    127.0.0.1 www.corrfiere.it
    127.0.0.1 corrfiere.it
    127.0.0.1 www.corrgiere.it
    127.0.0.1 corrgiere.it
    127.0.0.1 www.corridere.it
    127.0.0.1 corridere.it
    127.0.0.1 www.corriedre.it
    127.0.0.1 corriedre.it
    127.0.0.1 www.corriee.it
    127.0.0.1 corriee.it
    127.0.0.1 www.corrieere.it
    127.0.0.1 corrieere.it
    127.0.0.1 www.corriefre.it
    127.0.0.1 corriefre.it
    127.0.0.1 www.corriegre.it
    127.0.0.1 corriegre.it
    127.0.0.1 www.corrierde.it
    127.0.0.1 corrierde.it
    127.0.0.1 www.corriered.it
    127.0.0.1 corriered.it
    127.0.0.1 www.corrieree.it
    127.0.0.1 corrieree.it
    127.0.0.1 www.corrieref.it
    127.0.0.1 corrieref.it
    127.0.0.1 www.corrierer.it
    127.0.0.1 corrierer.it
    127.0.0.1 www.corrieres.it
    127.0.0.1 corrieres.it
    127.0.0.1 www.corrierew.it
    127.0.0.1 corrierew.it
    127.0.0.1 www.corrierfe.it
    127.0.0.1 corrierfe.it
    127.0.0.1 www.corrierge.it
    127.0.0.1 corrierge.it
    127.0.0.1 www.corrierr.it
    127.0.0.1 corrierr.it
    127.0.0.1 www.corrierre.it
    127.0.0.1 corrierre.it
    127.0.0.1 www.corrierse.it
    127.0.0.1 corrierse.it
    127.0.0.1 www.corrierte.it
    127.0.0.1 corrierte.it
    127.0.0.1 www.corrierw.it
    127.0.0.1 corrierw.it
    127.0.0.1 www.corrierwe.it
    127.0.0.1 corrierwe.it
    127.0.0.1 www.corriesre.it
    127.0.0.1 corriesre.it
    127.0.0.1 www.corriete.it
    127.0.0.1 corriete.it
    127.0.0.1 www.corrietre.it
    127.0.0.1 corrietre.it
    127.0.0.1 www.corriewre.it
    127.0.0.1 corriewre.it
    127.0.0.1 www.corrifere.it
    127.0.0.1 corrifere.it
    127.0.0.1 www.corriiere.it
    127.0.0.1 corriiere.it
    127.0.0.1 www.corrilere.it
    127.0.0.1 corrilere.it
    127.0.0.1 www.corrioere.it
    127.0.0.1 corrioere.it
    127.0.0.1 www.corrire.it
    127.0.0.1 corrire.it
    127.0.0.1 www.corrirere.it
    127.0.0.1 corrirere.it
    127.0.0.1 www.corrirre.it
    127.0.0.1 corrirre.it
    127.0.0.1 www.corrisere.it
    127.0.0.1 corrisere.it
    127.0.0.1 www.corriuere.it
    127.0.0.1 corriuere.it
    127.0.0.1 www.corriwere.it
    127.0.0.1 corriwere.it
    127.0.0.1 www.corriwre.it
    127.0.0.1 corriwre.it
    127.0.0.1 www.corrliere.it
    127.0.0.1 corrliere.it
    127.0.0.1 www.corroere.it
    127.0.0.1 corroere.it
    127.0.0.1 www.corroiere.it
    127.0.0.1 corroiere.it
    127.0.0.1 www.corrriere.it
    127.0.0.1 corrriere.it
    127.0.0.1 www.corrtiere.it
    127.0.0.1 corrtiere.it
    127.0.0.1 www.corruere.it
    127.0.0.1 corruere.it
    127.0.0.1 www.corruiere.it
    127.0.0.1 corruiere.it
    127.0.0.1 www.cortiere.it
    127.0.0.1 cortiere.it
    127.0.0.1 www.cortriere.it
    127.0.0.1 cortriere.it
    127.0.0.1 www.costrike.com
    127.0.0.1 costrike.com
    127.0.0.1 www.cotriere.it
    127.0.0.1 cotriere.it
    127.0.0.1 www.cotrriere.it
    127.0.0.1 cotrriere.it
    127.0.0.1 couldnotfind.com
    127.0.0.1 count.cc
    127.0.0.1 count.hitscount.net
    127.0.0.1 count-all.com
    127.0.0.1 www.countdutycall.info
    127.0.0.1 countdutycall.info
    127.0.0.1 counter.sexmaniack.com
    127.0.0.1 www.courtrecordslookup.com
    127.0.0.1 courtrecordslookup.com
    127.0.0.1 www.cporriere.it
    127.0.0.1 cporriere.it
    127.0.0.1 www.cprriere.it
    127.0.0.1 cprriere.it
    127.0.0.1 cpvfeed.com
    127.0.0.1 cracks.me.uk
    127.0.0.1 www.cracks4all.com
    127.0.0.1 cracks4all.com
    127.0.0.1 www.crapsgold.info
    127.0.0.1 crapsgold.info
    127.0.0.1 www.crazygirls-world.com
    127.0.0.1 crazygirls-world.com
    127.0.0.1 www.crazywinnings.com
    127.0.0.1 crazywinnings.com
    127.0.0.1 creamedcutties.com
    127.0.0.1 www.createaccesskey.com
    127.0.0.1 createaccesskey.com
    127.0.0.1 www.creatonsoft.com
    127.0.0.1 creatonsoft.com
    127.0.0.1 creditsearchonline.com
    127.0.0.1 crestring.com
    127.0.0.1 crooder.com
    127.0.0.1 www.crriere.it
    127.0.0.1 crriere.it
    127.0.0.1 www.cryptdrive.com
    127.0.0.1 cryptdrive.com
    127.0.0.1 www.crystalysmedia.com
    127.0.0.1 crystalysmedia.com
    127.0.0.1 www.csx.adservs.com
    127.0.0.1 csx.adservs.com
    127.0.0.1 cts.180solutions.com
    127.0.0.1 www.cuisinartoven.com
    127.0.0.1 cuisinartoven.com
    127.0.0.1 www.curedc.info
    127.0.0.1 curedc.info
    127.0.0.1 www.curepcsolutions.com
    127.0.0.1 curepcsolutions.com
    127.0.0.1 curvedspaces.com
    127.0.0.1 www.cutadult.com
    127.0.0.1 cutadult.com
    127.0.0.1 www.cutoffspyware.com
    127.0.0.1 cutoffspyware.com
    127.0.0.1 www.cvirgilio.it
    127.0.0.1 cvirgilio.it
    127.0.0.1 www.cvorriere.it
    127.0.0.1 cvorriere.it
    127.0.0.1 cvs.jps.ru
    127.0.0.1 cvsymphony.com
    127.0.0.1 www.cxorriere.it
    127.0.0.1 cxorriere.it
    127.0.0.1 www.cyberrape.com
    127.0.0.1 cyberrape.com
    127.0.0.1 cydom.com
    127.0.0.1 www.cydoor.com
    127.0.0.1 cydoor.com
    127.0.0.1 d34s.qfdfqawd.cn
    127.0.0.1 www.daily3xlinks.com
    127.0.0.1 daily3xlinks.com
    127.0.0.1 www.dailybestclips.com
    127.0.0.1 dailybestclips.com
    127.0.0.1 daily-gals.com
    127.0.0.1 www.dailyhugemovs.com
    127.0.0.1 dailyhugemovs.com
    127.0.0.1 www.dailykeys.com
    127.0.0.1 dailykeys.com
    127.0.0.1 www.dailypornmag.com
    127.0.0.1 dailypornmag.com
    127.0.0.1 dailyteenspic.com
    127.0.0.1 www.dailytoolbar.com
    127.0.0.1 dailytoolbar.com
    127.0.0.1 www.dailyxvids.com
    127.0.0.1 dailyxvids.com
    127.0.0.1 dancingbabycd.com
    127.0.0.1 www.dapsol.com
    127.0.0.1 dapsol.com
    127.0.0.1 www.dapsolution.com
    127.0.0.1 dapsolution.com
    127.0.0.1 www.data-hoster.com
    127.0.0.1 data-hoster.com
    127.0.0.1 datanotary.com
    127.0.0.1 datareco.com
    127.0.0.1 www.dateanybabe.com
    127.0.0.1 dateanybabe.com
    127.0.0.1 www.dateanychick.com
    127.0.0.1 dateanychick.com
    127.0.0.1 datingdoctorsite.com
    127.0.0.1 www.datingdoctorsite.com
    127.0.0.1 dating-galaxy.info
    127.0.0.1 www.dating-galaxy.info
    127.0.0.1 dating-search.net
    127.0.0.1 davemarshall.org
    127.0.0.1 db105.com
    127.0.0.1 www.dbdecicated.com
    127.0.0.1 dbdecicated.com
    127.0.0.1 www.dbxcompany.com
    127.0.0.1 dbxcompany.com
    127.0.0.1 dcdl.dmcast.com
    127.0.0.1 dcfitusa.com
    127.0.0.1 www.dcorriere.it
    127.0.0.1 dcorriere.it
    127.0.0.1 www.dcurtis.com
    127.0.0.1 dcurtis.com
    127.0.0.1 dcww.dmcast.com
    127.0.0.1 de.ag
    127.0.0.1 de.drivecleaner.com
    127.0.0.1 de.errorsafe.com
    127.0.0.1 de.winantivirus.com
    127.0.0.1 de98.remsys.org
    127.0.0.1 www.debay.it
    127.0.0.1 debay.it
    127.0.0.1 www.decknews.com
    127.0.0.1 decknews.com
    127.0.0.1 dedmazay.3322.org
    127.0.0.1 www.dedsearch.com
    127.0.0.1 dedsearch.com
    127.0.0.1 defaultsearch.net
    127.0.0.1 www.defensaantimalware.com
    127.0.0.1 defensaantimalware.com
    127.0.0.1 www.deja-rue.com
    127.0.0.1 deja-rue.com
    127.0.0.1 www.delficodec.com
    127.0.0.1 delficodec.com
    127.0.0.1 www.democodec.com
    127.0.0.1 democodec.com
    127.0.0.1 demo-codec.com
    127.0.0.1 www.demo-codec.com
    127.0.0.1 www.democodec.net
    127.0.0.1 democodec.net
    127.0.0.1 demo-codec.net
    127.0.0.1 www.demo-codec.net
    127.0.0.1 www.derklaif.biz
    127.0.0.1 derklaif.biz
    127.0.0.1 www.derrari.it
    127.0.0.1 derrari.it
    127.0.0.1 desarrollocreativo.com
    127.0.0.1 www.deskbar.worldtostart.com
    127.0.0.1 deskbar.worldtostart.com
    127.0.0.1 www.deskwizz.com
    127.0.0.1 deskwizz.com
    127.0.0.1 www.destroy-spy.com
    127.0.0.1 destroy-spy.com
    127.0.0.1 www.destroy-spyware.net
    127.0.0.1 destroy-spyware.net
    127.0.0.1 www.destruktor.to.pl
    127.0.0.1 destruktor.to.pl
    127.0.0.1 www.detection-file101.com
    127.0.0.1 detection-file101.com
    127.0.0.1 www.detectivehound.com
    127.0.0.1 detectivehound.com
    127.0.0.1 www.detectivesearches.com
    127.0.0.1 detectivesearches.com
    127.0.0.1 dev.ntcor.com
    127.0.0.1 develip.com
    127.0.0.1 dewis.spb.ru
    127.0.0.1 dewis.us
    127.0.0.1 df809jow4wj2304lfd0sf9fsd0a2t4ldf809jow4wj2304lfd0sf9fsd0a2t4ld.biz
    127.0.0.1 www.dgbusiness.com
    127.0.0.1 dgbusiness.com
    127.0.0.1 dialer2004.com
    127.0.0.1 dialerclub.com
    127.0.0.1 www.dialerclub.com
    127.0.0.1 dialer-shop.com
    127.0.0.1 www.dialer-shop.com
    127.0.0.1 www.dialoff.com
    127.0.0.1 dialoff.com
    127.0.0.1 www.did.i-used.cc
    127.0.0.1 did.i-used.cc
    127.0.0.1 dietpills4free.com
    127.0.0.1 dietpussy.com
    127.0.0.1 www.digikeygen.com
    127.0.0.1 digikeygen.com
    127.0.0.1 digistreamsa.com
    127.0.0.1 www.digitalcoders.net
    127.0.0.1 digitalcoders.net
    127.0.0.1 www.digitalfan.com
    127.0.0.1 digitalfan.com
    127.0.0.1 digital-pornography.com
    127.0.0.1 dionforvalleycouncil.org
    127.0.0.1 www.directdvdpro.com
    127.0.0.1 directdvdpro.com
    127.0.0.1 www.directnameservice.com
    127.0.0.1 directnameservice.com
    127.0.0.1 www.directporta.info
    127.0.0.1 directporta.info
    127.0.0.1 www.directsearchzone.com
    127.0.0.1 directsearchzone.com
    127.0.0.1 www.diskretter.com
    127.0.0.1 diskretter.com
    127.0.0.1 dist.checkin100.com
    127.0.0.1 dl.ad-ware.cc
    127.0.0.1 dl.malwarewipe.com
    127.0.0.1 dl.mcboo.com
    127.0.0.1 www.dl.targetsaver.com
    127.0.0.1 dl.targetsaver.com
    127.0.0.1 dl.web-nexus.net
    127.0.0.1 dl1.antivermins.com
    127.0.0.1 dl1.antivirgear.com
    127.0.0.1 dl1.spydawn.com
    127.0.0.1 dl1.virusprotectpro.com
    127.0.0.1 dl10.spyfalcon.com
    127.0.0.1 dl16.spyfalcon.com
    127.0.0.1 dl2.spyfalcon.com
    127.0.0.1 dl2.spyheal.com
    127.0.0.1 dl2.spywarestrike.com
    127.0.0.1 dl3.spyfalcon.com
    127.0.0.1 dl3.spyheal.com
    127.0.0.1 dl3.spywarestrike.com
    127.0.0.1 dl4.spyfalcon.com
    127.0.0.1 dl4.spywarestrike.com
    127.0.0.1 dl5.spyfalcon.com
    127.0.0.1 dl5.spywarestrike.com
    127.0.0.1 dl6.spywarestrike.com
    127.0.0.1 dl7.spywarestrike.com
    127.0.0.1 dl8.spyheal.com
    127.0.0.1 dl8.spywarestrike.com
    127.0.0.1 dl9.spyfalcon.com
    127.0.0.1 dload.contextplus.net
    127.0.0.1 www.dltsolution.com
    127.0.0.1 dltsolution.com
    127.0.0.1 www.dmcast.com
    127.0.0.1 dmcast.com
    127.0.0.1 www.dmqfirm.com
    127.0.0.1 dmqfirm.com
    127.0.0.1 www.dnaads.com
    127.0.0.1 dnaads.com
    127.0.0.1 dnl.mabou.org
    127.0.0.1 www.dnld.antivirusdwl.com
    127.0.0.1 dnld.antivirusdwl.com
    127.0.0.1 www.dns-look-up.com
    127.0.0.1 dns-look-up.com
    127.0.0.1 www.dns-problem.com
    127.0.0.1 dns-problem.com
    127.0.0.1 doctorwaldron.com
    127.0.0.1 document-not-found.pornpic.org
    127.0.0.1 doggyaction.com
    127.0.0.1 www.dogproblemswebsite.com
    127.0.0.1 dogproblemswebsite.com
    127.0.0.1 doktorxxx.com
    127.0.0.1 dollarrevenue.com
    127.0.0.1 www.domaincar.com
    127.0.0.1 domaincar.com
    127.0.0.1 domains2003.net
    127.0.0.1 domains-for-you-online.com
    127.0.0.1 domain-your-registration.com
    127.0.0.1 domkrat.com
    127.0.0.1 www.doofo.com
    127.0.0.1 doofo.com
    127.0.0.1 www.dota11.cn
    127.0.0.1 dota11.cn
    127.0.0.1 www.dotcomtoolbar.com
    127.0.0.1 dotcomtoolbar.com
    127.0.0.1 down.136136.net
    127.0.0.1 download.abetterinternet.com
    127.0.0.1 download.adintelligence.net
    127.0.0.1 www.download.antispywarebot.com
    127.0.0.1 download.antispywarebot.com
    127.0.0.1 www.download.bardownload.com
    127.0.0.1 download.bardownload.com
    127.0.0.1 www.download.bravesentry.com
    127.0.0.1 download.bravesentry.com
    127.0.0.1 download.cdn.drivecleaner.com
    127.0.0.1 download.cdn.errorsafe.com
    127.0.0.1 download.cdn.winsoftware.com
    127.0.0.1 download.contextplus.net
    127.0.0.1 download.errorsafe.com
    127.0.0.1 www.download.jupitersatellites.biz
    127.0.0.1 download.jupitersatellites.biz
    127.0.0.1 download.malwarealarm.com
    127.0.0.1 download.searchtabs.net
    127.0.0.1 www.download.secureyournet.biz
    127.0.0.1 download.secureyournet.biz
    127.0.0.1 download.spyonthis.net
    127.0.0.1 download.spy-shredder.com
    127.0.0.1 download.spywares-removal.info
    127.0.0.1 download.systemdoctor.com
    127.0.0.1 download.winantispyware.com
    127.0.0.1 download.winantivirus.com
    127.0.0.1 download.windrivecleaner.com
    127.0.0.1 download.winfixer.com
    127.0.0.1 download10.spywarequake.com
    127.0.0.1 download11.spywarequake.com
    127.0.0.1 download12.spywarequake.com
    127.0.0.1 download13.spywarequake.com
    127.0.0.1 download15.spywarequake.com
    127.0.0.1 download2.spywarequake.com
    127.0.0.1 download-2007.com
    127.0.0.1 www.download-2007.com
    127.0.0.1 download3.spyaxe.com
    127.0.0.1 download3.spywarequake.com
    127.0.0.1 www.download3xpics.com
    127.0.0.1 download3xpics.com
    127.0.0.1 download4.spyaxe.com
    127.0.0.1 download4.spywarequake.com
    127.0.0.1 download5.spyaxe.com
    127.0.0.1 download5.spywarequake.com
    127.0.0.1 download6.spyaxe.com
    127.0.0.1 download7.spywarequake.com
    127.0.0.1 download8.spywarequake.com
    127.0.0.1 download9.spywarequake.com
    127.0.0.1 downloadacceleratorsite.com
    127.0.0.1 www.downloadacceleratorsite.com
    127.0.0.1 www.download-ad-aware.com
    127.0.0.1 download-ad-aware.com
    127.0.0.1 download-all-4-free.com
    127.0.0.1 www.download-all-4-free.com
    127.0.0.1 www.download-all-area.com
    127.0.0.1 download-all-area.com
    127.0.0.1 www.download-antivir.com
    127.0.0.1 download-antivir.com
    127.0.0.1 www.downloadanysong.com
    127.0.0.1 downloadanysong.com
    127.0.0.1 www.downloadaresnow.com
    127.0.0.1 downloadaresnow.com
    127.0.0.1 www.download-avast.com
    127.0.0.1 download-avast.com
    127.0.0.1 downloadcorporation.com
    127.0.0.1 www.downloadcorporation.com
    127.0.0.1 www.download-dvdshrink.com
    127.0.0.1 download-dvdshrink.com
    127.0.0.1 download-for-free.net
    127.0.0.1 www.download-for-free.net
    127.0.0.1 www.downloadfreesoft.com
    127.0.0.1 dow
    10 Octobre 2008 10:09:33

    Le problème est toujours présent.

    Si cela peut vous aider, j'ai effectué un scan HiJackThis dont voici le rapport :

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 09:49:32, on 10/10/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16705)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\VTTimer.exe
    C:\Program Files\Trend Micro\Internet Security 12\pccguide.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\Program Files\Creative\Creative Live! Cam\VideoFX\StartFX.exe
    C:\WINDOWS\V0220Mon.exe
    C:\Program Files\x86\LogMeInSystray.exe
    C:\Program Files\a-squared Anti-Malware\a2guard.exe
    C:\Program Files\MSN Messenger\MsnMsgr.Exe
    C:\Program Files\Skype\Phone\Skype.exe
    C:\Program Files\x86\LMIGuardian.exe
    C:\Program Files\Creative\Creative Live! Cam\Live! Cam Manager\CTLCMgr.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe
    C:\Program Files\BitComet\BitComet.exe
    C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    C:\WINDOWS\system32\petapkxm.exe
    C:\Program Files\Adobe\Adobe Acrobat 6.0\Distillr\acrotray.exe
    C:\Program Files\a-squared Anti-Malware\a2service.exe
    C:\Program Files\x86\RaMaint.exe
    C:\Program Files\x86\LogMeIn.exe
    C:\Program Files\x86\LMIGuardian.exe
    C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe
    C:\WINDOWS\System32\svchost.exe
    C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe
    C:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe
    C:\PROGRAM FILES\A-SQUARED ANTI-MALWARE\a2wizard.exe
    C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
    C:\Program Files\Skype\Plugin Manager\skypePM.exe
    C:\Program Files\MSN Messenger\usnsvc.exe
    C:\WINDOWS\system32\notepad.exe
    C:\WINDOWS\system32\petapkxm.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.8.30.dll
    O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
    O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat\AcroIEFavClient.dll (file missing)
    O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
    O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [pccguide.exe] "C:\Program Files\Trend Micro\Internet Security 12\pccguide.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [AVFX Engine] C:\Program Files\Creative\Creative Live! Cam\VideoFX\StartFX.exe
    O4 - HKLM\..\Run: [V0220Mon.exe] C:\WINDOWS\V0220Mon.exe
    O4 - HKLM\..\Run: [LogMeIn GUI] "C:\Program Files\x86\LogMeInSystray.exe"
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
    O4 - HKLM\..\Run: [a-squared] "C:\Program Files\a-squared Anti-Malware\a2guard.exe"
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
    O4 - HKCU\..\Run: [Configuration de la C-BOX] C:\Program Files\Cegetel\C-BOX\Wizard\QuickAccess.exe
    O4 - HKCU\..\Run: [Creative Live! Cam Manager] "C:\Program Files\Creative\Creative Live! Cam\Live! Cam Manager\CTLCMgr.exe"
    O4 - HKCU\..\Run: [AnyDVD] C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [BitComet] "C:\Program Files\BitComet\BitComet.exe" /tray
    O4 - HKCU\..\Run: [EPSON Stylus DX4400 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICAE.EXE /FU "C:\WINDOWS\TEMP\E_S24A.tmp" /EF "HKCU"
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    O4 - HKCU\..\Run: [apicfgwin] C:\WINDOWS\system32\petapkxm.exe
    O4 - HKCU\..\Run: [brastk] C:\WINDOWS\system32\brastk.exe
    O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Global Startup: Assistant d'Acrobat.lnk = C:\Program Files\Adobe\Adobe Acrobat 6.0\Distillr\acrotray.exe
    O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
    O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
    O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: BitComet Search - {461CC20B-FB6E-4f16-8FE8-C29359DB100E} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.8.30.dll
    O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
    O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
    O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} (Performance Viewer Activex Control) - https://secure.logmein.com/activex/RACtrl.cab
    O17 - HKLM\System\CCS\Services\Tcpip\..\{59B8D619-0CD9-41D8-8364-6B2BAB9BF950}: NameServer = 213.30.96.108,213.203.124.146
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
    O23 - Service: a-squared Anti-Malware Service (a2AntiMalware) - Emsi Software GmbH - C:\Program Files\a-squared Anti-Malware\a2service.exe
    O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Program Files\x86\RaMaint.exe
    O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Program Files\x86\LogMeIn.exe
    O23 - Service: Trend Micro Central Control Component (PcCtlCom) - Trend Micro Incorporated. - C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe
    O23 - Service: Trend Micro Real-time Service (Tmntsrv) - Trend Micro Incorporated. - C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe
    O23 - Service: Trend Micro Personal Firewall (TmPfw) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
    O23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe
    O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Program Files\Windows Live\installer\WLSetupSvc.exe

    --
    End of file - 7829 bytes
    10 Octobre 2008 21:30:39

    Re,

    On continue :) 

    Télécharge random's system information tool (RSIT) par random/random et sauvegarde-le sur le Bureau.
  • Double-clique sur RSIT.exe afin de lancer RSIT.
  • Clique Continue à l'écran Disclaimer.
  • Si l'outil HIjackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.
  • Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. Poste le contenu de log.txt (<<qui sera affiché)
    ainsi que de info.txt (<<qui sera réduit dans la Barre des Tâches).
  • NB : Les rapports sont sauvegardés dans le dossier C:\rsit
  • Veille bien à me poster l'intégralité des rapports, vérifie qu'ils soient complets une fois que tu les as postés.

    ;) 
    11 Octobre 2008 09:01:30

    Salut!

    Voici les rapports (log.txt en premier) et info.txt en second). On va y arriver!!! :


    Logfile of random's system information tool 1.04 (written by random/random)
    Run by Moi Même at 2008-10-11 08:54:27
    Microsoft Windows XP Professionnel Service Pack 2
    System drive C: has 9 GB (23%) free of 40 GB
    Total RAM: 447 MB (13% free)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 08:54:38, on 11/10/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16705)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\VTTimer.exe
    C:\Program Files\Trend Micro\Internet Security 12\pccguide.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\Program Files\Creative\Creative Live! Cam\VideoFX\StartFX.exe
    C:\WINDOWS\V0220Mon.exe
    C:\Program Files\x86\LogMeInSystray.exe
    C:\Program Files\MSN Messenger\MsnMsgr.Exe
    C:\Program Files\x86\LMIGuardian.exe
    C:\Program Files\Skype\Phone\Skype.exe
    C:\Program Files\Creative\Creative Live! Cam\Live! Cam Manager\CTLCMgr.exe
    C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\BitComet\BitComet.exe
    C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    C:\WINDOWS\system32\petapkxm.exe
    C:\Program Files\Adobe\Adobe Acrobat 6.0\Distillr\acrotray.exe
    C:\Program Files\a-squared Anti-Malware\a2service.exe
    C:\Program Files\x86\RaMaint.exe
    C:\Program Files\x86\LogMeIn.exe
    C:\Program Files\x86\LMIGuardian.exe
    C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe
    C:\WINDOWS\System32\svchost.exe
    C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
    C:\Program Files\Skype\Plugin Manager\skypePM.exe
    C:\Program Files\MSN Messenger\usnsvc.exe
    C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe
    C:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\Documents and Settings\Moi Même\Local Settings\Temporary Internet Files\Content.IE5\VURLW211\RSIT[1].exe
    C:\Program Files\Trend Micro\HijackThis\Moi Même.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.8.30.dll
    O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
    O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat\AcroIEFavClient.dll (file missing)
    O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
    O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [pccguide.exe] "C:\Program Files\Trend Micro\Internet Security 12\pccguide.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [AVFX Engine] C:\Program Files\Creative\Creative Live! Cam\VideoFX\StartFX.exe
    O4 - HKLM\..\Run: [V0220Mon.exe] C:\WINDOWS\V0220Mon.exe
    O4 - HKLM\..\Run: [LogMeIn GUI] "C:\Program Files\x86\LogMeInSystray.exe"
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
    O4 - HKLM\..\Run: [a-squared] "C:\Program Files\a-squared Anti-Malware\a2guard.exe"
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
    O4 - HKCU\..\Run: [Configuration de la C-BOX] C:\Program Files\Cegetel\C-BOX\Wizard\QuickAccess.exe
    O4 - HKCU\..\Run: [Creative Live! Cam Manager] "C:\Program Files\Creative\Creative Live! Cam\Live! Cam Manager\CTLCMgr.exe"
    O4 - HKCU\..\Run: [AnyDVD] C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [BitComet] "C:\Program Files\BitComet\BitComet.exe" /tray
    O4 - HKCU\..\Run: [EPSON Stylus DX4400 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICAE.EXE /FU "C:\WINDOWS\TEMP\E_S24A.tmp" /EF "HKCU"
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    O4 - HKCU\..\Run: [apicfgwin] C:\WINDOWS\system32\petapkxm.exe
    O4 - HKCU\..\Run: [brastk] C:\WINDOWS\system32\brastk.exe
    O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Global Startup: Assistant d'Acrobat.lnk = C:\Program Files\Adobe\Adobe Acrobat 6.0\Distillr\acrotray.exe
    O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
    O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
    O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: BitComet Search - {461CC20B-FB6E-4f16-8FE8-C29359DB100E} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.8.30.dll
    O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
    O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
    O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} (Performance Viewer Activex Control) - https://secure.logmein.com/activex/RACtrl.cab
    O17 - HKLM\System\CCS\Services\Tcpip\..\{59B8D619-0CD9-41D8-8364-6B2BAB9BF950}: NameServer = 213.30.96.108,213.203.124.146
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
    O23 - Service: a-squared Anti-Malware Service (a2AntiMalware) - Emsi Software GmbH - C:\Program Files\a-squared Anti-Malware\a2service.exe
    O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Program Files\x86\RaMaint.exe
    O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Program Files\x86\LogMeIn.exe
    O23 - Service: Trend Micro Central Control Component (PcCtlCom) - Trend Micro Incorporated. - C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe
    O23 - Service: Trend Micro Real-time Service (Tmntsrv) - Trend Micro Incorporated. - C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe
    O23 - Service: Trend Micro Personal Firewall (TmPfw) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
    O23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe
    O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Program Files\Windows Live\installer\WLSetupSvc.exe

    --
    End of file - 7765 bytes

    ======Registry dump======

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{39F7E362-828A-4B5A-BCAF-5B79BFDFEA60}]
    BitComet Helper - C:\Program Files\BitComet\tools\BitCometBHO_1.1.8.30.dll [2007-08-30 513336]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E99421FB-68DD-40F0-B4AC-B7027CAE2F1A}]
    EpsonToolBandKicker Class - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2005-02-21 368640]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    {47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat\AcroIEFavClient.dll []
    {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - EPSON Web-To-Page - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2005-02-21 368640]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    "VTTimer"=C:\WINDOWS\system32\VTTimer.exe [2004-10-01 53248]
    "NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2004-02-13 155648]
    "pccguide.exe"=C:\Program Files\Trend Micro\Internet Security 12\pccguide.exe [2004-10-27 823361]
    "QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2006-08-31 282624]
    "AVFX Engine"=C:\Program Files\Creative\Creative Live! Cam\VideoFX\StartFX.exe [2006-06-09 24576]
    "V0220Mon.exe"=C:\WINDOWS\V0220Mon.exe [2006-06-28 32768]
    "LogMeIn GUI"=C:\Program Files\x86\LogMeInSystray.exe [2007-09-12 63048]
    "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2007-10-10 39792]
    "KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k []
    "a-squared"=C:\Program Files\a-squared Anti-Malware\a2guard.exe [2008-10-07 2776720]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "MsnMsgr"=C:\Program Files\MSN Messenger\MsnMsgr.Exe [2007-01-19 5674352]
    "Skype"=C:\Program Files\Skype\Phone\Skype.exe [2007-11-12 21760296]
    "Configuration de la C-BOX"=C:\Program Files\Cegetel\C-BOX\Wizard\QuickAccess.exe []
    "Creative Live! Cam Manager"=C:\Program Files\Creative\Creative Live! Cam\Live! Cam Manager\CTLCMgr.exe [2006-05-31 143360]
    "AnyDVD"=C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe [2007-10-12 1563584]
    "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2004-08-19 15360]
    "BitComet"=C:\Program Files\BitComet\BitComet.exe [2007-09-10 6338360]
    "EPSON Stylus DX4400 Series"=C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICAE.EXE [2007-03-01 180736]
    "SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2008-09-16 1833296]
    "apicfgwin"=C:\WINDOWS\system32\petapkxm.exe [2008-10-08 98304]
    "brastk"=C:\WINDOWS\system32\brastk.exe []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AudioDeck]
    C:\Program Files\VIAudioi\SBADeck\ADeck.exe [2005-09-06 450560]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPSON Stylus C66 Series]
    C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0S2.EXE /P23 EPSON Stylus C66 Series /O6 USB001 /M Stylus C66 []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Logitech Utility]
    C:\WINDOWS\Logi_MwX.Exe [2003-12-17 19968]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Assistant d'Acrobat.lnk]
    C:\PROGRA~1\Adobe\ADOBEA~1.0\Distillr\acrotray.exe [2003-10-24 217194]

    C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
    Adobe Gamma Loader.lnk - C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
    Assistant d'Acrobat.lnk - C:\Program Files\Adobe\Adobe Acrobat 6.0\Distillr\acrotray.exe

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LMIinit]
    C:\WINDOWS\system32\LMIinit.dll [2008-05-28 87352]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "DisableTaskMgr"=0

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "dontdisplaylastusername"=0
    "legalnoticecaption"=
    "legalnoticetext"=
    "shutdownwithoutlogon"=1
    "undockwithoutlogon"=1

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoDriveTypeAutoRun"=145
    "ForceClassicControlPanel"=1

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "C:\Program Files\SightSpeed\SightSpeed.exe"="C:\Program Files\SightSpeed\SightSpeed.exe:*:Enabled:SightSpeed"
    "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
    "C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
    "C:\Program Files\eMule\emule.exe"="C:\Program Files\eMule\emule.exe:*:Enabled:eMule"
    "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
    "C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
    "C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
    "C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
    "C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
    "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
    "C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
    "C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1e53a0fc-ba10-11dc-ad51-0013d3ee7e6e}]
    shell\AutoRun\command - F:\LaunchU3.exe -a

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4206997a-9dc6-11dc-ad3a-0013d3ee7e6e}]
    shell\AutoRun\command - F:\LaunchU3.exe -a


    ======List of files/folders created in the last 1 months======

    2008-10-11 08:54:27 ----D---- C:\rsit
    2008-10-10 09:15:48 ----A---- C:\WINDOWS\system32\tmp.txt
    2008-10-10 09:05:43 ----D---- C:\Program Files\a-squared Anti-Malware
    2008-10-09 19:22:32 ----A---- C:\WINDOWS\ntbtlog.txt
    2008-10-09 19:19:55 ----D---- C:\Documents and Settings\Moi Même\Application Data\Malwarebytes
    2008-10-09 19:19:50 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
    2008-10-09 19:19:49 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
    2008-10-09 18:43:32 ----A---- C:\WINDOWS\system32\wini104552502.exe
    2008-10-09 09:17:05 ----A---- C:\WINDOWS\wininit.ini
    2008-10-08 22:13:47 ----D---- C:\Program Files\dhahmac
    2008-10-08 22:13:45 ----D---- C:\Documents and Settings\All Users\Application Data\bqbodyxo
    2008-10-08 22:13:43 ----A---- C:\WINDOWS\system32\petapkxm.exe
    2008-10-07 10:13:15 ----D---- C:\Program Files\GoldWave
    2008-10-06 17:20:02 ----A---- C:\WINDOWS\system32\ZeroFile.dll
    2008-10-05 10:15:47 ----D---- C:\Program Files\SDHelper (Spybot - Search & Destroy)
    2008-10-05 10:15:46 ----D---- C:\Program Files\TeaTimer (Spybot - Search & Destroy)
    2008-10-05 09:42:20 ----A---- C:\WINDOWS\system32\PICSDK2.dll
    2008-10-05 09:42:20 ----A---- C:\WINDOWS\system32\PICSDK.ini
    2008-10-05 09:42:20 ----A---- C:\WINDOWS\system32\PICSDK.dll
    2008-10-05 09:42:20 ----A---- C:\WINDOWS\system32\PICEntry.dll
    2008-10-05 09:42:20 ----A---- C:\WINDOWS\system32\EpPicPrt.dll
    2008-10-05 09:42:20 ----A---- C:\WINDOWS\system32\EPPicMgr.dll
    2008-10-05 09:41:25 ----D---- C:\Documents and Settings\Moi Même\Application Data\InstallShield
    2008-10-05 09:39:41 ----D---- C:\Documents and Settings\All Users\Application Data\EPSON
    2008-10-05 09:39:35 ----A---- C:\WINDOWS\system32\E_FLBCAE.DLL
    2008-10-05 09:39:35 ----A---- C:\WINDOWS\system32\E_FD4BCAE.DLL
    2008-10-05 09:30:14 ----A---- C:\WINDOWS\system32\eswiaml.dll
    2008-10-05 09:30:14 ----A---- C:\WINDOWS\system32\eswia7e.dll
    2008-10-05 09:30:14 ----A---- C:\WINDOWS\system32\esint7e.dll
    2008-10-04 18:07:15 ----D---- C:\Program Files\Red Kawa
    2008-10-04 18:04:49 ----RSD---- C:\WINDOWS\assembly
    2008-10-04 18:03:46 ----D---- C:\WINDOWS\Microsoft.NET
    2008-10-04 17:54:53 ----D---- C:\Program Files\PQDVD
    2008-10-04 13:08:00 ----D---- C:\Program Files\Rockstar Custom Tracks
    2008-10-04 10:45:28 ----D---- C:\Program Files\Exact Audio Copy PSP Edition

    ======List of files/folders modified in the last 1 months======

    2008-10-11 08:53:55 ----D---- C:\WINDOWS\Prefetch
    2008-10-11 08:51:56 ----D---- C:\Documents and Settings\Moi Même\Application Data\Skype
    2008-10-11 08:17:32 ----D---- C:\WINDOWS\Temp
    2008-10-11 08:13:30 ----D---- C:\Documents and Settings\Moi Même\Application Data\skypePM
    2008-10-11 08:12:58 ----D---- C:\Program Files
    2008-10-11 08:12:46 ----A---- C:\Program Files\dbg_LMI_proc.txt
    2008-10-10 20:26:11 ----A---- C:\WINDOWS\SchedLgU.Txt
    2008-10-10 17:25:18 ----D---- C:\Program Files\Mozilla Firefox
    2008-10-10 11:51:09 ----A---- C:\WINDOWS\NeroDigital.ini
    2008-10-10 09:30:21 ----D---- C:\WINDOWS\system32
    2008-10-10 09:23:56 ----SHD---- C:\RECYCLER
    2008-10-09 23:55:40 ----D---- C:\WINDOWS\security
    2008-10-09 19:23:02 ----D---- C:\Documents and Settings
    2008-10-09 19:22:32 ----D---- C:\WINDOWS
    2008-10-09 19:19:52 ----D---- C:\WINDOWS\system32\drivers
    2008-10-09 18:40:56 ----RSHDC---- C:\WINDOWS\system32\dllcache
    2008-10-09 18:28:37 ----D---- C:\Program Files\Trend Micro
    2008-10-09 11:09:10 ----D---- C:\Program Files\eMule
    2008-10-07 20:39:27 ----HD---- C:\WINDOWS\inf
    2008-10-07 10:27:01 ----D---- C:\WINDOWS\system32\CatRoot2
    2008-10-06 17:25:41 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
    2008-10-05 10:21:42 ----D---- C:\Program Files\Spybot - Search & Destroy
    2008-10-05 09:44:21 ----HD---- C:\Program Files\InstallShield Installation Information
    2008-10-05 09:43:53 ----D---- C:\Program Files\EPSON
    2008-10-05 09:30:14 ----D---- C:\WINDOWS\twain_32
    2008-10-04 18:07:11 ----SHD---- C:\WINDOWS\Installer
    2008-10-04 18:07:10 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
    2008-10-04 18:04:51 ----D---- C:\WINDOWS\WinSxS
    2008-10-04 18:03:55 ----D---- C:\WINDOWS\system32\mui
    2008-10-04 18:03:55 ----D---- C:\Program Files\Internet Explorer
    2008-10-04 17:55:22 ----D---- C:\Temp

    ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R1 AmdK8;AMD Processor Driver; C:\WINDOWS\System32\DRIVERS\AmdK8.sys [2005-03-09 36352]
    R1 ElbyCDIO;ElbyCDIO Driver; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [2007-08-07 25160]
    R1 tmtdi;Trend Micro TDI Driver; C:\WINDOWS\System32\Drivers\tmtdi.sys [2005-01-18 35456]
    R2 LMIInfo;LogMeIn Kernel Information Provider; \??\C:\Program Files\x86\RaInfo.sys []
    R2 LMIRfsDriver;LogMeIn Remote File System Driver; \??\C:\WINDOWS\system32\drivers\LMIRfsDriver.sys []
    R2 tm_cfw;Common Firewall Driver; C:\WINDOWS\System32\Drivers\tm_cfw.sys [2005-01-18 838870]
    R2 Tmfilter;Tmfilter; C:\WINDOWS\system32\drivers\TmXPFlt.sys [2008-07-18 205328]
    R2 Tmpreflt;Tmpreflt; C:\WINDOWS\system32\drivers\Tmpreflt.sys [2008-07-18 36368]
    R2 Vsapint;Vsapint; C:\WINDOWS\system32\drivers\Vsapint.sys [2008-07-18 1195448]
    R3 AnyDVD;AnyDVD; C:\WINDOWS\System32\Drivers\AnyDVD.sys [2007-10-11 96832]
    R3 ElbyDelay;ElbyDelay; C:\WINDOWS\System32\Drivers\ElbyDelay.sys [2007-02-16 11984]
    R3 FETNDISB;VIA Rhine Family Fast Ethernet Adapter Driver Service; C:\WINDOWS\System32\DRIVERS\fetnd5b.sys [2004-04-15 42496]
    R3 L8042pr2;Logitech PS/2 Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\L8042pr2.Sys [2003-12-17 51729]
    R3 lmimirr;lmimirr; C:\WINDOWS\system32\DRIVERS\lmimirr.sys [2007-09-12 10144]
    R3 LMouFlt2;Logitech Mouse Class Filter Driver; C:\WINDOWS\system32\DRIVERS\LMouFlt2.Sys [2003-12-17 70801]
    R3 usbehci;Pilote miniport de contrôleur hôte amélioré USB 2.0 Microsoft; C:\WINDOWS\System32\DRIVERS\usbehci.sys [2004-08-03 26624]
    R3 usbhub;Concentrateur USB2; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2004-08-03 57600]
    R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2004-08-03 20480]
    R3 V0220Dev;Live! Cam Video IM; C:\WINDOWS\system32\DRIVERS\V0220Dev.sys [2006-06-29 146112]
    R3 V0220Vfx;V0220VFX; C:\WINDOWS\system32\DRIVERS\V0220Vfx.sys [2006-06-08 6272]
    R3 viagfx;viagfx; C:\WINDOWS\System32\DRIVERS\vtmini.sys [2004-10-07 174592]
    R3 VIAudio;Vinyl AC'97 Audio Controller (WDM); C:\WINDOWS\system32\drivers\vinyl97.sys [2005-08-03 202112]
    S1 wceusbsh;Pilote d'hôte USB série pour Windows CE; C:\WINDOWS\system32\DRIVERS\wceusbsh.sys [2004-08-19 32128]
    S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-04 17024]
    S3 FETNDIS;Pilote NT de carte VIA PCI 10/100Mo Fast Ethernet; C:\WINDOWS\System32\DRIVERS\fetnd5.sys [2001-08-17 27165]
    S3 GMSIPCI;GMSIPCI; \??\E:\INSTALL\GMSIPCI.SYS []
    S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]
    S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-04 85376]
    S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-04 10880]
    S3 NTACCESS;NTACCESS; \??\E:\NTACCESS.sys []
    S3 SetupNTGLM7X;SetupNTGLM7X; \??\E:\NTGLM7X.sys []
    S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-04 11136]
    S3 SONYPVU1;Pilote de filtrage Sony USB (SONYPVU1); C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552]
    S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-04 15360]
    S3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2004-08-03 59264]
    S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
    S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
    S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
    S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
    S3 WpdUsb;WpdUsb; C:\WINDOWS\System32\Drivers\wpdusb.sys [2005-01-28 18944]
    S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-04 19328]
    S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
    S4 LMIRfsClientNP;LMIRfsClientNP; C:\WINDOWS\system32\drivers\LMIRfsClientNP.sys []

    ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R2 a2AntiMalware;a-squared Anti-Malware Service; C:\Program Files\a-squared Anti-Malware\a2service.exe [2008-10-04 418936]
    R2 LMIMaint;LogMeIn Maintenance Service; C:\Program Files\x86\RaMaint.exe [2008-05-28 116032]
    R2 LogMeIn;LogMeIn; C:\Program Files\x86\LogMeIn.exe [2007-09-12 63040]
    R2 MDM;Machine Debug Manager; C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
    R2 PcCtlCom;Trend Micro Central Control Component; C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe [2004-11-15 860242]
    R2 Tmntsrv;Trend Micro Real-time Service; C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe [2004-10-27 282696]
    R2 TmPfw;Trend Micro Personal Firewall; C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe [2005-01-18 585789]
    R2 tmproxy;Trend Micro Proxy Service; C:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe [2004-09-15 188484]
    R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\System32\wdfmgr.exe [2005-01-28 38912]
    R3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\MSN Messenger\usnsvc.exe [2007-01-19 97136]
    S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe [2006-11-14 68096]
    S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
    S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
    S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
    S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
    S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-05-16 228208]

    -----------------EOF-----------------


    info.txt logfile of random's system information tool 1.04 2008-10-11 08:54:43

    ======Uninstall list======

    -->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
    -->C:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
    -->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EFB21DE7-8C19-4A88-BB28-A766E16493BC}\setup.exe" -l0x40c
    -->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{15B3F9F8-4CF9-452A-9AF2-AA8553765DA7}\setup.exe" -l0x40c
    -->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2C81600D-D6C7-4687-9362-DD4A78B3483E}\setup.exe" -l0x40c
    -->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{513D9FB1-27A2-44E4-8F2D-77A6737921A5}\setup.exe" -l0x40c
    -->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{63A317D0-60A6-43FC-848A-9FE4A53B29CE}\setup.exe" -l0x40c
    -->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6BE926E5-66F4-4166-A5E5-E14D7A165BBD}\setup.exe" -l0x40c
    -->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{88B1984E-36F0-47B8-B8DC-728966807A9C}\SETUP.EXE" -l0x40c
    -->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A82F10CB-18B5-4EAC-AEF2-FA49CD565626}\setup.exe" -l0x40c
    -->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D5BA7C09-E523-478C-9C37-A1D86C76383E}\setup.exe" -l0x40c
    -->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EAF97B2C-0B9B-403C-829C-EF8099237DA9}\setup.exe" -l0x40c
    -->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
    -->VTUninst.exe -reg 5 'HKLM\Software\S3\VT\S3Uninst\S3Timer'
    Adobe Acrobat - Reader 6.0.2 Update-->MsiExec.exe /I{AC76BA86-0000-0000-0000-6028747ADE01}
    Adobe Acrobat 6.0.1 Professional - English, Français, Deutsch-->MsiExec.exe /I{AC76BA86-1033-F400-7760-000000000001}
    Adobe Acrobat and Reader 6.0.3 Update-->MsiExec.exe /I{AC76BA86-0000-7EC8-7489-000000000603}
    Adobe Acrobat and Reader 6.0.4 Update-->MsiExec.exe /I{AC76BA86-0000-7EC8-7489-000000000604}
    Adobe Acrobat and Reader 6.0.5 Update-->MsiExec.exe /I{AC76BA86-0000-7EC8-7489-000000000605}
    Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742)-->MsiExec.exe /X{6846389C-BAC0-4374-808E-B120F86AF5D7}
    Adobe Creative Suite-->C:\PROGRA~1\INSTAL~1\{D52EC~1\setup.exe /Relaunched=yes /Uninstall /Relaunched=yes
    Adobe Flash Player 9 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\FlashUtil9c.exe -uninstallUnlock
    Adobe Reader 8.1.1 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A81000000003}
    Adobe Reader 8.1.2 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A81200000003}
    Advanced Video FX Engine-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D5BA7C09-E523-478C-9C37-A1D86C76383E}\setup.exe" -l0x40c /remove
    AnyDVD-->"C:\Program Files\SlySoft\AnyDVD\AnyDVD-uninst.exe" /D="C:\Program Files\SlySoft\AnyDVD"
    Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe
    a-squared Anti-Malware 4.0-->"C:\Program Files\a-squared Anti-Malware\unins000.exe"
    BitComet 0.93-->C:\Program Files\BitComet\uninst.exe
    Blender (remove only)-->"C:\Program Files\Blender Foundation\Blender\uninstall.exe"
    CloneDVD2-->"C:\Program Files\Elaborate Bytes\CloneDVD2\CloneDVD2-uninst.exe" /D="C:\Program Files\Elaborate Bytes\CloneDVD2"
    Correctif pour Windows Internet Explorer 7 (KB947864)-->"C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\spuninst.exe"
    Correctif pour Windows XP (KB914440)-->"C:\WINDOWS\$NtUninstallKB914440$\spuninst\spuninst.exe"
    Correctif pour Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
    Correctif Windows XP - KB873339-->C:\WINDOWS\$NtUninstallKB873339$\spuninst\spuninst.exe
    Correctif Windows XP - KB885250-->C:\WINDOWS\$NtUninstallKB885250$\spuninst\spuninst.exe
    Correctif Windows XP - KB885835-->C:\WINDOWS\$NtUninstallKB885835$\spuninst\spuninst.exe
    Correctif Windows XP - KB885836-->C:\WINDOWS\$NtUninstallKB885836$\spuninst\spuninst.exe
    Correctif Windows XP - KB885884-->C:\WINDOWS\$NtUninstallKB885884$\spuninst\spuninst.exe
    Correctif Windows XP - KB886185-->C:\WINDOWS\$NtUninstallKB886185$\spuninst\spuninst.exe
    Correctif Windows XP - KB887472-->C:\WINDOWS\$NtUninstallKB887472$\spuninst\spuninst.exe
    Correctif Windows XP - KB887742-->C:\WINDOWS\$NtUninstallKB887742$\spuninst\spuninst.exe
    Correctif Windows XP - KB888113-->C:\WINDOWS\$NtUninstallKB888113$\spuninst\spuninst.exe
    Correctif Windows XP - KB888302-->C:\WINDOWS\$NtUninstallKB888302$\spuninst\spuninst.exe
    Correctif Windows XP - KB890859-->"C:\WINDOWS\$NtUninstallKB890859$\spuninst\spuninst.exe"
    Correctif Windows XP - KB891781-->C:\WINDOWS\$NtUninstallKB891781$\spuninst\spuninst.exe
    Creative Live! Cam Center-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6BE926E5-66F4-4166-A5E5-E14D7A165BBD}\setup.exe" -l0x40c /remove
    Creative Live! Cam Manager-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{15B3F9F8-4CF9-452A-9AF2-AA8553765DA7}\setup.exe" -l0x40c /remove
    Creative Live! Cam Video IM Driver (1.01.01.00)-->C:\WINDOWS\CtDrvIns.exe -uninstall -script VF0220.uns -unsext NT -plugin V0220Pin.dll -pluginres CtCamPin.crl
    Creative Photo Calendar-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2C81600D-D6C7-4687-9362-DD4A78B3483E}\setup.exe" -l0x40c /remove
    Creative Photo Manager-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{513D9FB1-27A2-44E4-8F2D-77A6737921A5}\setup.exe" -l0x40c /remove
    Creative Software AutoUpdate-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{88B1984E-36F0-47B8-B8DC-728966807A9C}\SETUP.EXE" -l0x40c /remove
    Creative System Information-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{63A317D0-60A6-43FC-848A-9FE4A53B29CE}\setup.exe" -l0x40c /remove
    CX4300_5500_DX4400 Manuel-->C:\Program Files\EPSON\TPMANUAL\CX4300_5500_DX4400\FRA\USE_G\DOCUNINS.EXE
    DivX Codec-->C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
    DivX Content Uploader-->C:\Program Files\DivX\DivXContentUploaderUninstall.exe /CUPLOADER
    DivX Converter-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
    DivX Player-->C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
    DivX Web Player-->C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
    DVD Decrypter (Remove Only)-->"C:\Program Files\DVD Decrypter\uninstall.exe"
    eMule-->"C:\Program Files\eMule\Uninstall.exe"
    EPSON Copy Utility 3-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{67EDD823-135A-4D59-87BD-950616D6E857}\SETUP.EXE" -l0x40c -UnInstall
    EPSON Logiciel imprimante-->C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\EPUPDATE.EXE /R
    EPSON Scan-->C:\Program Files\epson\escndv\setup\setup.exe /r
    EPSON Web-To-Page-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7F14F68C-17FA-4F88-B3FD-7F449C1EBF32}\SETUP.EXE" -l0x40c -anything
    GoldWave v5.25-->"C:\Program Files\GoldWave\unstall.exe" "GoldWave v5.25" "C:\Program Files\GoldWave\unstall.log"
    Google Toolbar for Firefox-->MsiExec.exe /X{2CCBABCB-6427-4A55-B091-49864623C43F}
    HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
    Hotfix for Windows XP (KB915865)-->"C:\WINDOWS\$NtUninstallKB915865$\spuninst\spuninst.exe"
    Installer Yahoo! Messenger-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EAF97B2C-0B9B-403C-829C-EF8099237DA9}\setup.exe" -l0x40c /remove
    IrfanView (remove only)-->C:\Program Files\IrfanView\iv_uninstall.exe
    Lecteur Windows Media 10-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
    Logitech MouseWare 9.79.1 -->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5809E7CF-4DCF-11D4-9875-00105ACE7734}\Setup.exe" -l0x40c -l040c UNINSTALL
    LogMeIn-->MsiExec.exe /I{EFED5763-E48C-4664-A343-3CA6BC0C865F}
    Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
    Manuel d'utilisation de Creative Live! Cam Video IM (Français)-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\Creative\Creative Live! Cam Video IM\Manuel d'utilisation de Creative Live! Cam Video IM\French\CTManual.isu"
    MathType 5-->"C:\Program Files\MathType\Setup.exe" -R
    Microsoft .NET Framework 2.0-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.exe
    Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
    Microsoft Money-->C:\Program Files\Microsoft Money 2005\MNYCoreFiles\Setup\uninst.exe /s:120
    Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
    Microsoft Office Professional Edition 2003-->MsiExec.exe /I{9011040C-6000-11D3-8CFE-0150048383C9}
    Microsoft Plus! pour Windows XP-->MsiExec.exe /I{EEC2DAFD-5558-40AC-8E9C-5005C8F810E8}
    Mise à jour de sécurité pour Lecteur Windows Media (KB911564)-->"C:\WINDOWS\$NtUninstallKB911564$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Lecteur Windows Media 10 (KB911565)-->"C:\WINDOWS\$NtUninstallKB911565$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Lecteur Windows Media 10 (KB917734)-->"C:\WINDOWS\$NtUninstallKB917734_WMP10$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Lecteur Windows Media 10 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP10$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Lecteur Windows Media 6.4 (KB925398)-->"C:\WINDOWS\$NtUninstallKB925398_WMP64$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB939653)-->"C:\WINDOWS\ie7updates\KB939653-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB942615)-->"C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB944533)-->"C:\WINDOWS\ie7updates\KB944533-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB950759)-->"C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB953838)-->"C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB890046)-->"C:\WINDOWS\$NtUninstallKB890046$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB893756)-->"C:\WINDOWS\$NtUninstallKB893756$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB896358)-->"C:\WINDOWS\$NtUninstallKB896358$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB896422)-->"C:\WINDOWS\$NtUninstallKB896422$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB896423)-->"C:\WINDOWS\$NtUninstallKB896423$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB896424)-->"C:\WINDOWS\$NtUninstallKB896424$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB896428)-->"C:\WINDOWS\$NtUninstallKB896428$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB899587)-->"C:\WINDOWS\$NtUninstallKB899587$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB899589)-->"C:\WINDOWS\$NtUninstallKB899589$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB899591)-->"C:\WINDOWS\$NtUninstallKB899591$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB900725)-->"C:\WINDOWS\$NtUninstallKB900725$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB901017)-->"C:\WINDOWS\$NtUninstallKB901017$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB901214)-->"C:\WINDOWS\$NtUninstallKB901214$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB902400)-->"C:\WINDOWS\$NtUninstallKB902400$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB904706)-->"C:\WINDOWS\$NtUninstallKB904706$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB905414)-->"C:\WINDOWS\$NtUninstallKB905414$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB905749)-->"C:\WINDOWS\$NtUninstallKB905749$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB908519)-->"C:\WINDOWS\$NtUninstallKB908519$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB911280)-->"C:\WINDOWS\$NtUninstallKB911280$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB911562)-->"C:\WINDOWS\$NtUninstallKB911562$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB911567)-->"C:\WINDOWS\$NtUninstallKB911567$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB911927)-->"C:\WINDOWS\$NtUninstallKB911927$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB912812)-->"C:\WINDOWS\$NtUninstallKB912812$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB912919)-->"C:\WINDOWS\$NtUninstallKB912919$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB913433)-->C:\WINDOWS\system32\MacroMed\Flash\genuinst.exe C:\WINDOWS\system32\MacroMed\Flash\KB913433.inf
    Mise à jour de sécurité pour Windows XP (KB913446)-->"C:\WINDOWS\$NtUninstallKB913446$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB913580)-->"C:\WINDOWS\$NtUninstallKB913580$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB914388)-->"C:\WINDOWS\$NtUninstallKB914388$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB914389)-->"C:\WINDOWS\$NtUninstallKB914389$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB916281)-->"C:\WINDOWS\$NtUninstallKB916281$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB917159)-->"C:\WINDOWS\$NtUninstallKB917159$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB917344)-->"C:\WINDOWS\$NtUninstallKB917344$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB917422)-->"C:\WINDOWS\$NtUninstallKB917422$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB917953)-->"C:\WINDOWS\$NtUninstallKB917953$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB918118)-->"C:\WINDOWS\$NtUninstallKB918118$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB918439)-->"C:\WINDOWS\$NtUninstallKB918439$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB918899)-->"C:\WINDOWS\$NtUninstallKB918899$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB919007)-->"C:\WINDOWS\$NtUninstallKB919007$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB920213)-->"C:\WINDOWS\$NtUninstallKB920213$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB920214)-->"C:\WINDOWS\$NtUninstallKB920214$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB920670)-->"C:\WINDOWS\$NtUninstallKB920670$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB920683)-->"C:\WINDOWS\$NtUninstallKB920683$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB920685)-->"C:\WINDOWS\$NtUninstallKB920685$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB921398)-->"C:\WINDOWS\$NtUninstallKB921398$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB921503)-->"C:\WINDOWS\$NtUninstallKB921503$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB921883)-->"C:\WINDOWS\$NtUninstallKB921883$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB922616)-->"C:\WINDOWS\$NtUninstallKB922616$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB922760)-->"C:\WINDOWS\$NtUninstallKB922760$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB922819)-->"C:\WINDOWS\$NtUninstallKB922819$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB923191)-->"C:\WINDOWS\$NtUninstallKB923191$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB923414)-->"C:\WINDOWS\$NtUninstallKB923414$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB923689)-->"C:\WINDOWS\$NtUninstallKB923689$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB923694)-->"C:\WINDOWS\$NtUninstallKB923694$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB923980)-->"C:\WINDOWS\$NtUninstallKB923980$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB924191)-->"C:\WINDOWS\$NtUninstallKB924191$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB924270)-->"C:\WINDOWS\$NtUninstallKB924270$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB924496)-->"C:\WINDOWS\$NtUninstallKB924496$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB924667)-->"C:\WINDOWS\$NtUninstallKB924667$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB925454)-->"C:\WINDOWS\$NtUninstallKB925454$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB925486)-->"C:\WINDOWS\$NtUninstallKB925486$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB925902)-->"C:\WINDOWS\$NtUninstallKB925902$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB926255)-->"C:\WINDOWS\$NtUninstallKB926255$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB926436)-->"C:\WINDOWS\$NtUninstallKB926436$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB927779)-->"C:\WINDOWS\$NtUninstallKB927779$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB927802)-->"C:\WINDOWS\$NtUninstallKB927802$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB928090)-->"C:\WINDOWS\$NtUninstallKB928090$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB928255)-->"C:\WINDOWS\$NtUninstallKB928255$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB928843)-->"C:\WINDOWS\$NtUninstallKB928843$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB929123)-->"C:\WINDOWS\$NtUninstallKB929123$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB929969)-->"C:\WINDOWS\$NtUninstallKB929969$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB930178)-->"C:\WINDOWS\$NtUninstallKB930178$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB931261)-->"C:\WINDOWS\$NtUninstallKB931261$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB931768)-->"C:\WINDOWS\$NtUninstallKB931768$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB931784)-->"C:\WINDOWS\$NtUninstallKB931784$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB932168)-->"C:\WINDOWS\$NtUninstallKB932168$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB933566)-->"C:\WINDOWS\$NtUninstallKB933566$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB933729)-->"C:\WINDOWS\$NtUninstallKB933729$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB935839)-->"C:\WINDOWS\$NtUninstallKB935839$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB935840)-->"C:\WINDOWS\$NtUninstallKB935840$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB936021)-->"C:\WINDOWS\$NtUninstallKB936021$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB937143)-->"C:\WINDOWS\$NtUninstallKB937143$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB937894)-->"C:\WINDOWS\$NtUninstallKB937894$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB938127)-->"C:\WINDOWS\$NtUninstallKB938127$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB938829)-->"C:\WINDOWS\$NtUninstallKB938829$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB941202)-->"C:\WINDOWS\$NtUninstallKB941202$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB941568)-->"C:\WINDOWS\$NtUninstallKB941568$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB941644)-->"C:\WINDOWS\$NtUninstallKB941644$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB941693)-->"C:\WINDOWS\$NtUninstallKB941693$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB943055)-->"C:\WINDOWS\$NtUninstallKB943055$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB943460)-->"C:\WINDOWS\$NtUninstallKB943460$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB943485)-->"C:\WINDOWS\$NtUninstallKB943485$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB944653)-->"C:\WINDOWS\$NtUninstallKB944653$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB945553)-->"C:\WINDOWS\$NtUninstallKB945553$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB946026)-->"C:\WINDOWS\$NtUninstallKB946026$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB948590)-->"C:\WINDOWS\$NtUninstallKB948590$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB948881)-->"C:\WINDOWS\$NtUninstallKB948881$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB950749)-->"C:\WINDOWS\$NtUninstallKB950749$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB951376)-->"C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB894391)-->"C:\WINDOWS\$NtUninstallKB894391$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB898461)-->"C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB900485)-->"C:\WINDOWS\$NtUninstallKB900485$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB904942)-->"C:\WINDOWS\$NtUninstallKB904942$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB908531)-->"C:\WINDOWS\$NtUninstallKB908531$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB910437)-->"C:\WINDOWS\$NtUninstallKB910437$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB916595)-->"C:\WINDOWS\$NtUninstallKB916595$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB920872)-->"C:\WINDOWS\$NtUninstallKB920872$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB922582)-->"C:\WINDOWS\$NtUninstallKB922582$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB927891)-->"C:\WINDOWS\$NtUninstallKB927891$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB929338)-->"C:\WINDOWS\$NtUninstallKB929338$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB930916)-->"C:\WINDOWS\$NtUninstallKB930916$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB931836)-->"C:\WINDOWS\$NtUninstallKB931836$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB932823-v3)-->"C:\WINDOWS\$NtUninstallKB932823-v3$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB933360)-->"C:\WINDOWS\$NtUninstallKB933360$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB938828)-->"C:\WINDOWS\$NtUninstallKB938828$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB942763)-->"C:\WINDOWS\$NtUninstallKB942763$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
    Mozilla Firefox (3.0.3)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
    MP3PowerEncoder-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{969B3B70-8765-11D5-9809-0050BACBF861}\Setup.exe" -uninstall
    Nero OEM-->C:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL
    PowerDVD-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\Setup.exe" -uninstall
    PSP Video 9 2.25-->C:\Program Files\Red Kawa\Video Converter\uninstaller.exe
    PSP Video Express(remove only)-->"C:\Program Files\PQDVD\PSPVideoExpress\bt-uninst.exe"
    QuickTime-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{C21D5524-A970-42FA-AC8A-59B8C7CDCA31} /l1036
    RealPlayer-->C:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
    S3 S3Display-->vtuninst.exe -reg 5 'HKLM\Software\S3\VT\S3Uninst\S3Display'
    S3 S3Gamma2-->vtuninst.exe -reg 5 'HKLM\Software\S3\VT\S3Uninst\S3Gamma2'
    S3 S3Info2-->vtuninst.exe -reg 5 'HKLM\Software\S3\VT\S3Uninst\S3Info2'
    S3 S3Overlay-->vtuninst.exe -reg 5 'HKLM\Software\S3\VT\S3Uninst\S3Overlay'
    S3 S3TrayPlus-->vtuninst.exe -reg 5 'HKLM\Software\S3\VT\S3Uninst\S3TrayPlus'
    SightSpeed (remove only)-->"C:\Program Files\SightSpeed\uninst.exe"
    Skype™ 3.6-->MsiExec.exe /X{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}
    Sony ATRAC3 Audio Codec (remove only)-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall.NT 132 C:\WINDOWS\INF\atrac3.inf
    Spybot - Search & Destroy 1.4-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe"
    Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins001.exe"
    SUPER © Version 2006.19 (FIX)-->C:\PROGRA~1\SUPER\Setup.exe /remove /q0
    Trend Micro PC-cillin Internet Security 12-->MsiExec.exe /X{7698EDA5-A90F-4205-99CB-8FF6F9048ED9}
    TV sur PC-->C:\Program Files\Neuf\TV_PC\uninstall.exe
    UniChrome Pro IGP Display Driver and Utilities-->C:\PROGRA~1\S3Inc\S3\s3setvga.exe -s -fC:\PROGRA~1\S3Inc\S3\S3.uns
    VIA Platform Device Manager-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{20D4A895-748C-4D88-871C-FDB1695B0169}
    VIA Vinyl Audio Codecs Driver Setup Program-->RunDll32.exe UnAudioNT.dll,UninstallAudio C:\WINDOWS\IsUninst.exe -y-f"C:\PROGRA~1\VIAudioi\SBASetup\Uninst.isu"
    Windows Installer 3.1 (KB893803)-->"C:\WINDOWS\$MSI31Uninstall_KB893803v2$\spuninst\spuninst.exe"
    Windows Internet Explorer 7-->"C:\WINDOWS\ie7\spuninst\spuninst.exe"
    Windows Live installer-->MsiExec.exe /I{A90D10BA-1E82-44E1-87DE-56A22BA151DA}
    Windows Live Messenger-->MsiExec.exe /I{F6326B60-1B1D-4ABF-BFCD-7B7404F44411}
    Windows Live Sign-in Assistant-->MsiExec.exe /I{22B3CC30-77B8-419C-AA4B-F571FDF5D66D}
    Windows Media Format Runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
    Windows XP Service Pack 2-->C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe
    xp-AntiSpy 3.95-1-->C:\Program Files\xp-AntiSpy\Uninstall.exe

    ======Hosts File======

    127.0.0.1 iw2.slysoft.com
    127.0.0.1 h3.slysoft.com
    127.0.0.1 slysoft.com
    127.0.0.1 sb2slysoft.com
    127.0.0.1 ns6.gandi.net
    127.0.0.1 ev1slysoft.com
    127.0.0.1 ev1.slysoft.com
    127.0.0.1 iw2.slysoft.com
    127.0.0.1 reverse.privatedns.com
    127.0.0.1 iw2.slysoft.com

    ======Security center information======

    AV: Trend Micro PC-cillin Internet Security 12
    FW: Trend Micro PC-cillin Internet Security 12

    ======Environment variables======

    "ComSpec"=%SystemRoot%\system32\cmd.exe
    "Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\QuickTime\QTSystem\
    "windir"=%SystemRoot%
    "OS"=Windows_NT
    "PROCESSOR_ARCHITECTURE"=x86
    "PROCESSOR_LEVEL"=15
    "PROCESSOR_IDENTIFIER"=x86 Family 15 Model 44 Stepping 2, AuthenticAMD
    "PROCESSOR_REVISION"=2c02
    "NUMBER_OF_PROCESSORS"=1
    "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
    "TEMP"=%SystemRoot%\TEMP
    "TMP"=%SystemRoot%\TEMP
    "FP_NO_HOST_CHECK"=NO
    "CLASSPATH"=.;C:\Program Files\QuickTime\QTSystem\QTJava.zip
    "QTJAVA"=C:\Program Files\QuickTime\QTSystem\QTJava.zip

    -----------------EOF-----------------
    11 Octobre 2008 19:10:40

    Re,

    Merci de visiter ce lien pour savoir comment installer et exécuter ComboFix :

    http://www.bleepingcomputer.com/combofix/fr/comment-uti...

    Cela inclut l'installation de la console de récupération windows si jamais elle n'est pas déjà été installée sur le PC. Il est vivement recommandé d'installer la console de récupération windows, car elle permet d'avoir accès à un très grand nombre de fonctionnalités dans le cas où le PC ne redémarrerait plus. C'est une sécurité supplémentaire en quelque sorte.

    Une fois la console de récupération installée, vous aurez le choix au démarrage entre votre windows habituel et la console de récupération. Lancez votre windows habituel, puisque nous n'avons pas besoin d'utiliser la console de récupération, qui ne sert qu'en cas de problèmes. Par défaut, votre OS est sélectionné et il se lance automatiquement au bout de deux secondes. C'est normal :) 

    Merci de me poster dans ta prochaine réponse le rapport de combofix accompagné d'un nouveau rapport HijackThis.

    ;) 
    12 Octobre 2008 15:20:35

    Bonjour, voici les deux rapports :

    RAPPORT COMBOFIX :

    ComboFix 08-10-11.02 - Moi Même 2008-10-12 14:20:13.2 - NTFSx86
    Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.174 [GMT 2:00]
    Lancé depuis: C:\Documents and Settings\Moi Même\Bureau\ComboFix.exe
    Commutateurs utilisés :: C:\Documents and Settings\Moi Même\Bureau\WindowsXP-KB310994-SP2-Pro-BootDisk-FRA.exe
    * Un nouveau point de restauration a été créé
    .

    (((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
    .

    C:\Documents and Settings\Moi Même\err.log
    C:\Documents and Settings\Moi Même\Local Settings\Temporary Internet Files\101.gif
    C:\Documents and Settings\Moi Même\Local Settings\Temporary Internet Files\102.gif
    C:\Documents and Settings\Moi Même\Local Settings\Temporary Internet Files\103.gif
    C:\Documents and Settings\Moi Même\Local Settings\Temporary Internet Files\104.gif
    C:\Documents and Settings\Moi Même\Local Settings\Temporary Internet Files\105.gif
    C:\Documents and Settings\Moi Même\Local Settings\Temporary Internet Files\106.gif
    C:\Documents and Settings\Moi Même\Menu Démarrer\Programmes\XP_AntiSpyware
    C:\Documents and Settings\Moi Même\Menu Démarrer\Programmes\XP_AntiSpyware\Uninstall.lnk
    C:\Documents and Settings\Moi Même\Menu Démarrer\Programmes\XP_AntiSpyware\XP_AntiSpyware.lnk
    C:\WINDOWS\IE4 Error Log.txt

    .
    ((((((((((((((((((((((((((((( Fichiers créés du 2008-09-12 au 2008-10-12 ))))))))))))))))))))))))))))))))))))
    .

    2008-10-11 08:54 . 2008-10-11 08:54 <REP> d-------- C:\rsit
    2008-10-10 09:15 . 2008-10-10 09:19 2,874 --a------ C:\WINDOWS\system32\tmp.reg
    2008-10-10 09:05 . 2008-10-10 09:08 <REP> d-------- C:\Program Files\a-squared Anti-Malware
    2008-10-09 19:24 . 2008-10-09 19:24 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\Malwarebytes
    2008-10-09 19:23 . 2006-05-04 10:33 <REP> d--h----- C:\Documents and Settings\Administrateur\Voisinage réseau
    2008-10-09 19:23 . 2006-05-04 10:33 <REP> d--h----- C:\Documents and Settings\Administrateur\Voisinage d'impression
    2008-10-09 19:23 . 2006-05-04 09:55 <REP> d--h----- C:\Documents and Settings\Administrateur\Modèles
    2008-10-09 19:23 . 2006-05-04 10:33 <REP> d-------- C:\Documents and Settings\Administrateur\Mes documents
    2008-10-09 19:23 . 2006-05-04 10:33 <REP> dr------- C:\Documents and Settings\Administrateur\Menu Démarrer
    2008-10-09 19:23 . 2006-05-04 10:33 <REP> d-------- C:\Documents and Settings\Administrateur\Favoris
    2008-10-09 19:23 . 2008-10-10 00:34 <REP> d-------- C:\Documents and Settings\Administrateur\Bureau
    2008-10-09 19:23 . 2008-10-09 19:23 <REP> d-------- C:\Documents and Settings\Administrateur
    2008-10-09 19:19 . 2008-10-09 19:19 <REP> d-------- C:\Program Files\Malwarebytes' Anti-Malware
    2008-10-09 19:19 . 2008-10-09 19:19 <REP> d-------- C:\Documents and Settings\Moi Même\Application Data\Malwarebytes
    2008-10-09 19:19 . 2008-10-09 19:19 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
    2008-10-09 19:19 . 2008-09-10 00:04 38,528 --a------ C:\WINDOWS\system32\drivers\mbamswissarmy.sys
    2008-10-09 19:19 . 2008-09-10 00:03 17,200 --a------ C:\WINDOWS\system32\drivers\mbam.sys
    2008-10-09 18:43 . 2008-10-09 19:07 65,428 --a------ C:\WINDOWS\system32\wini104552502.exe
    2008-10-09 09:17 . 2008-10-09 09:31 2,764 --a------ C:\WINDOWS\wininit.ini
    2008-10-08 22:13 . 2008-10-09 23:54 <REP> d-------- C:\Program Files\dhahmac
    2008-10-08 22:13 . 2008-10-09 23:54 <REP> d-------- C:\Documents and Settings\All Users\Application Data\bqbodyxo
    2008-10-08 22:13 . 2008-10-08 22:13 98,304 --a------ C:\WINDOWS\system32\petapkxm.exe
    2008-10-07 10:13 . 2008-10-07 10:13 <REP> d-------- C:\Program Files\GoldWave
    2008-10-06 17:20 . 2002-02-27 22:45 45,056 --a------ C:\WINDOWS\system32\ZeroFile.dll
    2008-10-05 10:15 . 2008-10-05 10:15 <REP> d-------- C:\Program Files\TeaTimer (Spybot - Search & Destroy)
    2008-10-05 10:15 . 2008-10-05 10:15 <REP> d-------- C:\Program Files\SDHelper (Spybot - Search & Destroy)
    2008-10-05 09:41 . 2008-10-05 09:41 <REP> d-------- C:\Documents and Settings\Moi Même\Application Data\InstallShield
    2008-10-05 09:39 . 2008-10-05 09:39 <REP> d-------- C:\Documents and Settings\All Users\Application Data\EPSON
    2008-10-05 09:39 . 2006-12-08 04:04 76,800 --a------ C:\WINDOWS\system32\E_FLBCAE.DLL
    2008-10-05 09:39 . 2006-04-19 04:00 62,976 --a------ C:\WINDOWS\system32\E_FD4BCAE.DLL
    2008-10-05 09:30 . 2006-12-28 00:00 208,896 --a------ C:\WINDOWS\system32\esint7e.dll
    2008-10-05 09:30 . 2006-12-28 00:00 66,560 --a------ C:\WINDOWS\system32\eswia7e.dll
    2008-10-05 09:30 . 2006-03-10 00:00 3,584 --a------ C:\WINDOWS\system32\eswiaml.dll
    2008-10-04 18:07 . 2008-10-04 18:07 <REP> d-------- C:\Program Files\Red Kawa
    2008-10-04 17:54 . 2008-10-04 17:54 <REP> d-------- C:\Program Files\PQDVD
    2008-10-04 13:08 . 2008-10-04 13:09 <REP> d-------- C:\Program Files\Rockstar Custom Tracks
    2008-10-04 10:45 . 2008-10-04 18:49 <REP> d-------- C:\Program Files\Exact Audio Copy PSP Edition
    2008-10-02 17:31 . 2008-10-08 22:43 54,156 --ah----- C:\WINDOWS\QTFont.qfn
    2008-10-02 17:31 . 2008-10-02 17:31 1,409 --a------ C:\WINDOWS\QTFont.for
    2008-09-27 18:03 . 2008-09-27 18:03 244 --ah----- C:\sqmnoopt13.sqm
    2008-09-27 18:03 . 2008-09-27 18:03 232 --ah----- C:\sqmdata12.sqm
    2008-09-27 12:47 . 2008-09-27 12:47 244 --ah----- C:\sqmnoopt12.sqm
    2008-09-27 12:47 . 2008-09-27 12:47 232 --ah----- C:\sqmdata11.sqm
    2008-09-27 11:51 . 2008-09-27 11:51 244 --ah----- C:\sqmnoopt11.sqm
    2008-09-27 11:51 . 2008-09-27 11:51 232 --ah----- C:\sqmdata10.sqm
    2008-09-27 08:00 . 2008-09-27 08:00 244 --ah----- C:\sqmnoopt10.sqm
    2008-09-27 08:00 . 2008-09-27 08:00 232 --ah----- C:\sqmdata09.sqm

    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2008-10-12 12:20 --------- d-----w C:\Documents and Settings\Moi Même\Application Data\Skype
    2008-10-12 06:00 --------- d-----w C:\Documents and Settings\Moi Même\Application Data\skypePM
    2008-10-12 05:25 8,691 ----a-w C:\Program Files\LogMeIn.log
    2008-10-12 05:25 67,596 ----a-w C:\Program Files\NET.dat
    2008-10-12 05:25 33,804 ----a-w C:\Program Files\MEM.dat
    2008-10-12 05:25 33,804 ----a-w C:\Program Files\DRV.dat
    2008-10-12 05:25 11,276 ----a-w C:\Program Files\CPU.dat
    2008-10-12 05:20 9,360 ----a-w C:\Program Files\dbg_LMI_proc.txt
    2008-10-11 16:30 18,400 ----a-w C:\Program Files\LMI20081011.log
    2008-10-10 18:26 29,067 ----a-w C:\Program Files\LMI20081010.log
    2008-10-09 21:56 33,806 ----a-w C:\Program Files\LMI20081009.log
    2008-10-09 16:28 --------- d-----w C:\Program Files\Trend Micro
    2008-10-09 09:09 --------- d-----w C:\Program Files\eMule
    2008-10-08 04:54 9,709 ----a-w C:\Program Files\LMI20081008.log
    2008-10-06 15:43 9,709 ----a-w C:\Program Files\LMI20081006.log
    2008-10-06 15:25 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
    2008-10-05 08:21 --------- d-----w C:\Program Files\Spybot - Search & Destroy
    2008-10-05 07:44 --------- d--h--w C:\Program Files\InstallShield Installation Information
    2008-10-05 07:43 --------- d-----w C:\Program Files\EPSON
    2008-10-04 12:47 9,709 ----a-w C:\Program Files\LMI20081004.log
    2008-10-03 05:01 9,709 ----a-w C:\Program Files\LMI20081003.log
    2008-10-02 04:53 9,709 ----a-w C:\Program Files\LMI20081002.log
    2008-10-01 18:33 18,400 ----a-w C:\Program Files\LMI20081001.log
    2008-09-29 04:55 10,667 ----a-w C:\Program Files\LMI20080929.log
    2008-09-28 14:05 7,733 ----a-w C:\Program Files\LMI20080928.log
    2008-09-27 17:17 18,400 ----a-w C:\Program Files\LMI20080927.log
    2008-09-24 05:14 9,781 ----a-w C:\Program Files\LMI20080924.log
    2008-09-22 12:20 9,212 ----a-w C:\Program Files\LMI20080922.log
    2008-09-21 09:38 17,382 ----a-w C:\Program Files\LMI20080921.log
    2008-09-20 10:56 9,709 ----a-w C:\Program Files\LMI20080920.log
    2008-09-19 05:33 9,212 ----a-w C:\Program Files\LMI20080919.log
    2008-09-18 05:18 18,400 ----a-w C:\Program Files\LMI20080918.log
    2008-09-17 05:26 8,691 ----a-w C:\Program Files\LMI20080917.log
    2008-09-16 08:29 18,400 ----a-w C:\Program Files\LMI20080916.log
    2008-09-15 06:13 9,709 ----a-w C:\Program Files\LMI20080915.log
    2008-09-14 05:19 9,709 ----a-w C:\Program Files\LMI20080914.log
    2008-09-13 05:49 8,691 ----a-w C:\Program Files\LMI20080913.log
    2008-09-12 16:28 9,709 ----a-w C:\Program Files\LMI20080912.log
    2008-09-11 07:37 17,903 ----a-w C:\Program Files\LMI20080911.log
    2008-09-10 18:49 18,400 ----a-w C:\Program Files\LMI20080910.log
    2008-09-09 05:34 9,709 ----a-w C:\Program Files\LMI20080909.log
    2008-09-08 04:57 8,691 ----a-w C:\Program Files\LMI20080908.log
    2008-09-07 07:14 9,709 ----a-w C:\Program Files\LMI20080907.log
    2008-09-06 05:19 9,709 ----a-w C:\Program Files\LMI20080906.log
    2008-09-05 04:46 8,691 ----a-w C:\Program Files\LMI20080905.log
    2008-09-04 18:36 9,212 ----a-w C:\Program Files\LMI20080904.log
    2008-09-03 04:59 9,709 ----a-w C:\Program Files\LMI20080903.log
    2008-09-02 04:55 9,709 ----a-w C:\Program Files\LMI20080902.log
    2008-08-29 18:42 9,709 ----a-w C:\Program Files\LMI20080829.log
    2008-08-22 06:36 18,166 ----a-w C:\Program Files\LMI20080822.log
    2008-08-18 09:54 26,625 ----a-w C:\Program Files\LMI20080818.log
    2008-08-18 08:28 --------- d-----w C:\Documents and Settings\All Users\Application Data\LogMeIn
    2008-08-18 08:27 388 ----a-w C:\Program Files\dbg_LMI_printer.txt
    2008-08-18 08:27 --------- d-----w C:\Program Files\x86
    2008-08-18 08:27 --------- d-----w C:\Program Files\x64
    2008-08-17 18:34 6,924 ----a-w C:\Program Files\LMI20080817.log
    2008-08-16 18:34 6,924 ----a-w C:\Program Files\LMI20080816.log
    2008-08-15 18:35 24,122 ----a-w C:\Program Files\LMI20080815.log
    2008-08-14 19:13 26,098 ----a-w C:\Program Files\LMI20080814.log
    2008-08-13 19:10 16,511 ----a-w C:\Program Files\LMI20080813.log
    2008-08-06 18:05 10,108 ----a-w C:\Program Files\LMI20080806.log
    2008-08-04 11:46 16,511 ----a-w C:\Program Files\LMI20080804.log
    2008-07-31 16:10 16,511 ----a-w C:\Program Files\LMI20080731.log
    2008-07-30 06:30 16,511 ----a-w C:\Program Files\LMI20080730.log
    2008-07-29 04:56 16,511 ----a-w C:\Program Files\LMI20080729.log
    2008-07-28 04:52 9,587 ----a-w C:\Program Files\LMI20080728.log
    2008-07-27 05:34 16,511 ----a-w C:\Program Files\LMI20080727.log
    2008-07-26 05:00 10,180 ----a-w C:\Program Files\LMI20080726.log
    2008-07-25 04:46 16,511 ----a-w C:\Program Files\LMI20080725.log
    2008-07-24 04:47 16,511 ----a-w C:\Program Files\LMI20080724.log
    2008-07-21 16:48 26,098 ----a-w C:\Program Files\LMI20080721.log
    2008-07-20 19:22 16,511 ----a-w C:\Program Files\LMI20080720.log
    2008-07-19 05:42 16,511 ----a-w C:\Program Files\LMI20080719.log
    2008-07-18 20:10 94,920 ----a-w C:\WINDOWS\system32\cdm.dll
    2008-07-18 20:10 53,448 ----a-w C:\WINDOWS\system32\wuauclt.exe
    2008-07-18 20:10 45,768 ----a-w C:\WINDOWS\system32\wups2.dll
    2008-07-18 20:10 36,552 ----a-w C:\WINDOWS\system32\wups.dll
    2008-07-18 20:09 563,912 ----a-w C:\WINDOWS\system32\wuapi.dll
    2008-07-18 20:09 325,832 ----a-w C:\WINDOWS\system32\wucltui.dll
    2008-07-18 20:09 205,000 ----a-w C:\WINDOWS\system32\wuweb.dll
    2008-07-18 20:09 1,811,656 ----a-w C:\WINDOWS\system32\wuaueng.dll
    2008-07-18 20:07 270,880 ----a-w C:\WINDOWS\system32\mucltui.dll
    2008-07-18 20:07 210,976 ----a-w C:\WINDOWS\system32\muweb.dll
    2008-07-18 04:50 16,511 ----a-w C:\Program Files\LMI20080718.log
    2008-07-17 04:41 9,587 ----a-w C:\Program Files\LMI20080717.log
    2008-07-16 11:59 26,098 ----a-w C:\Program Files\LMI20080716.log
    2008-07-15 05:37 19,174 ----a-w C:\Program Files\LMI20080715.log
    2008-07-14 08:23 16,511 ----a-w C:\Program Files\LMI20080714.log
    2008-05-28 10:32 5,102,100 ----a-w C:\Program Files\template.rab
    2007-11-16 08:49 32 ----a-w C:\Documents and Settings\All Users\Application Data\ezsid.dat
    2007-10-09 18:04 854 ----a-w C:\Program Files\journal.dat
    2007-09-12 08:20 6,189 ----a-w C:\Program Files\file.sma
    2007-09-12 08:20 5,902 ----a-w C:\Program Files\email.sma
    2007-09-12 08:20 5,855 ----a-w C:\Program Files\ping.sma
    2007-09-12 08:20 5,750 ----a-w C:\Program Files\WapClients.cfg
    2007-09-12 08:20 4,810 ----a-w C:\Program Files\processes.sma
    2007-09-12 08:20 4,364 ----a-w C:\Program Files\WatchProcess.sma
    2007-09-12 08:20 3,188 ----a-w C:\Program Files\CheckCDrive.sma
    2007-09-12 08:20 24,967 ----a-w C:\Program Files\MonitoringScript.txt
    2005-05-13 16:12 217,073 --sha-r C:\WINDOWS\meta4.exe
    2005-10-24 10:13 66,560 --sha-r C:\WINDOWS\MOTA113.exe
    2005-10-13 20:27 422,400 --sha-r C:\WINDOWS\x2.64.exe
    2005-10-07 18:14 308,224 --sha-r C:\WINDOWS\system32\avisynth.dll
    2005-07-14 11:31 27,648 --sha-r C:\WINDOWS\system32\AVSredirect.dll
    2005-06-26 14:32 616,448 --sha-r C:\WINDOWS\system32\cygwin1.dll
    2005-06-21 21:37 45,568 --sha-r C:\WINDOWS\system32\cygz.dll
    2004-01-24 23:00 70,656 --sha-r C:\WINDOWS\system32\i420vfw.dll
    2006-04-27 09:24 2,945,024 --sha-r C:\WINDOWS\system32\Smab.dll
    2005-02-28 12:16 240,128 --sha-r C:\WINDOWS\system32\x.264.exe
    2004-01-24 23:00 70,656 --sha-r C:\WINDOWS\system32\yv12vfw.dll
    .

    ((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
    REGEDIT4

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.Exe" [2007-01-19 5674352]
    "Skype"="C:\Program Files\Skype\Phone\Skype.exe" [2007-11-12 21760296]
    "Creative Live! Cam Manager"="C:\Program Files\Creative\Creative Live! Cam\Live! Cam Manager\CTLCMgr.exe" [2006-05-31 143360]
    "AnyDVD"="C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe" [2007-10-12 1563584]
    "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-19 15360]
    "BitComet"="C:\Program Files\BitComet\BitComet.exe" [2007-09-10 6338360]
    "EPSON Stylus DX4400 Series"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICAE.EXE" [2007-03-01 180736]
    "SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2008-09-16 1833296]
    "apicfgwin"="C:\WINDOWS\system32\petapkxm.exe" [2008-10-08 98304]
    "Configuration de la C-BOX"="C:\Program Files\Cegetel\C-BOX\Wizard\QuickAccess.exe" [BU]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2004-02-13 155648]
    "pccguide.exe"="C:\Program Files\Trend Micro\Internet Security 12\pccguide.exe" [2004-10-27 823361]
    "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2006-08-31 282624]
    "AVFX Engine"="C:\Program Files\Creative\Creative Live! Cam\VideoFX\StartFX.exe" [2006-06-09 24576]
    "V0220Mon.exe"="C:\WINDOWS\V0220Mon.exe" [2006-06-28 32768]
    "LogMeIn GUI"="C:\Program Files\x86\LogMeInSystray.exe" [2007-09-12 63048]
    "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-10-10 39792]
    "a-squared"="C:\Program Files\a-squared Anti-Malware\a2guard.exe" [2008-10-07 2776720]
    "VTTimer"="VTTimer.exe" [2004-10-01 C:\WINDOWS\system32\VTTimer.exe]

    C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
    Adobe Gamma Loader.lnk - C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe [2006-11-14 113664]
    Assistant d'Acrobat.lnk - C:\Program Files\Adobe\Adobe Acrobat 6.0\Distillr\acrotray.exe [2003-10-24 217194]

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
    "ForceClassicControlPanel"= 1 (0x1)

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LMIinit]
    2008-05-28 12:32 87352 C:\WINDOWS\system32\LMIinit.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
    "VIDC.I420"= i420vfw.dll
    "msacm.clmp3enc"= C:\PROGRA~1\CYBERL~1\MP3POW~1\CLMP3Enc.ACM

    [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Assistant d'Acrobat.lnk]
    path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Assistant d'Acrobat.lnk
    backup=C:\WINDOWS\pss\Assistant d'Acrobat.lnkCommon Startup

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AudioDeck]
    --a------ 2005-09-06 05:10 450560 C:\Program Files\VIAudioi\SBADeck\ADeck.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Logitech Utility]
    --------- 2003-12-17 09:50 19968 C:\WINDOWS\LOGI_MWX.EXE

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\TrendAntiVirus]
    "DisableMonitoring"=dword:00000001

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\TrendFirewall]
    "DisableMonitoring"=dword:00000001

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
    "EnableFirewall"= 0 (0x0)

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
    "%windir%\\system32\\sessmgr.exe"=
    "C:\\Program Files\\SightSpeed\\SightSpeed.exe"=
    "C:\\Program Files\\eMule\\emule.exe"=
    "%windir%\\Network Diagnostic\\xpnetdiag.exe"=
    "C:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
    "C:\\Program Files\\MSN Messenger\\livecall.exe"=
    "C:\\Program Files\\Skype\\Phone\\Skype.exe"=

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
    "14031:TCP"= 14031:TCP:BitComet 14031 TCP
    "14031:UDP"= 14031:UDP:BitComet 14031 UDP

    R2 LMIRfsDriver;LogMeIn Remote File System Driver;C:\WINDOWS\system32\drivers\LMIRfsDriver.sys [2008-03-07 45848]
    R3 V0220Dev;Live! Cam Video IM;C:\WINDOWS\system32\DRIVERS\V0220Dev.sys [2006-06-29 146112]
    R3 V0220Vfx;V0220VFX;C:\WINDOWS\system32\DRIVERS\V0220Vfx.sys [2006-06-08 6272]
    S2 LMIInfo;LogMeIn Kernel Information Provider;C:\Program Files\x86\RaInfo.sys [2008-02-28 12856]
    S3 SetupNTGLM7X;SetupNTGLM7X;E:\NTGLM7X.sys [ ]
    S3 usbscan;Pilote de scanneur USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
    S3 USBSTOR;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1e53a0fc-ba10-11dc-ad51-0013d3ee7e6e}]
    \Shell\AutoRun\command - F:\LaunchU3.exe -a

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4206997a-9dc6-11dc-ad3a-0013d3ee7e6e}]
    \Shell\AutoRun\command - F:\LaunchU3.exe -a

    *Newly Created Service* - CATCHME
    *Newly Created Service* - PROCEXP90

    [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{969B3B70-8765-11D5-9809-0050BACBF861}]
    rundll32.exe advpack.dll,LaunchINFSection C:\Program Files\CyberLink\MP3PowerEncoder\Cyber.inf,PerUserStub
    .
    - - - - ORPHELINS SUPPRIMES - - - -

    HKCU-Run-Configuration de la C-BOX - C:\Program Files\Cegetel\C-BOX\Wizard\QuickAccess.exe
    HKCU-Run-brastk - C:\WINDOWS\system32\brastk.exe
    Notify-WgaLogon - (no file)
    MSConfigStartUp-EPSON Stylus C66 Series - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0S2.EXE


    .
    ------- Examen supplémentaire -------
    .
    FireFox -: Profile - C:\Documents and Settings\Moi Même\Application Data\Mozilla\Firefox\Profiles\r4qdkys0.default\
    FireFox -: prefs.js - SEARCH.DEFAULTURL - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
    FireFox -: prefs.js - STARTUP.HOMEPAGE - hxxp://fr.msn.com/
    FF -: plugin - C:\Program Files\DivX\DivX Content Uploader\npUpload.dll
    FF -: plugin - C:\Program Files\Mozilla Firefox\plugins\npmozax.dll
    FF -: plugin - C:\Program Files\Neuf\TV_PC\VLC\npvlc.dll
    .

    **************************************************************************

    catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-10-12 14:21:46
    Windows 5.1.2600 Service Pack 2 NTFS

    Recherche de processus cachés ...

    Recherche d'éléments en démarrage automatique cachés ...

    Recherche de fichiers cachés ...

    Scan terminé avec succès
    Fichiers cachés: 0

    **************************************************************************
    .
    Heure de fin: 2008-10-12 14:23:14
    ComboFix-quarantined-files.txt 2008-10-12 12:22:52
    ComboFix2.txt 2008-10-12 11:59:36

    Avant-CF: 10 089 091 072 octets libres
    Après-CF: 10,064,961,536 octets libres

    WindowsXP-KB310994-SP2-Pro-BootDisk-FRA.exe
    [boot loader]
    timeout=2
    default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
    [operating systems]
    C:\CMDCONS\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
    multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professionnel" /fastdetect /NoExecute=OptIn

    278 --- E O F --- 2008-09-10 13:26:26




    RAPPORT HIJACKTHIS


    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 15:13:50, on 12/10/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16705)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\VTTimer.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\Program Files\Creative\Creative Live! Cam\VideoFX\StartFX.exe
    C:\WINDOWS\V0220Mon.exe
    C:\Program Files\Skype\Phone\Skype.exe
    C:\Program Files\Creative\Creative Live! Cam\Live! Cam Manager\CTLCMgr.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe
    C:\WINDOWS\system32\petapkxm.exe
    C:\Program Files\Adobe\Adobe Acrobat 6.0\Distillr\acrotray.exe
    C:\Program Files\a-squared Anti-Malware\a2service.exe
    C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Skype\Plugin Manager\skypePM.exe
    C:\Program Files\MSN Messenger\usnsvc.exe
    C:\Program Files\BitComet\BitComet.exe
    C:\WINDOWS\explorer.exe
    C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe
    C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe
    C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
    C:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe
    C:\PROGRA~1\TRENDM~1\INTERN~1\PccGuide.exe
    C:\Program Files\internet explorer\iexplore.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://orange.fr/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.8.30.dll
    O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
    O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat\AcroIEFavClient.dll (file missing)
    O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
    O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [pccguide.exe] "C:\Program Files\Trend Micro\Internet Security 12\pccguide.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [AVFX Engine] C:\Program Files\Creative\Creative Live! Cam\VideoFX\StartFX.exe
    O4 - HKLM\..\Run: [V0220Mon.exe] C:\WINDOWS\V0220Mon.exe
    O4 - HKLM\..\Run: [LogMeIn GUI] "C:\Program Files\x86\LogMeInSystray.exe"
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [a-squared] "C:\Program Files\a-squared Anti-Malware\a2guard.exe"
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
    O4 - HKCU\..\Run: [Creative Live! Cam Manager] "C:\Program Files\Creative\Creative Live! Cam\Live! Cam Manager\CTLCMgr.exe"
    O4 - HKCU\..\Run: [AnyDVD] C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [BitComet] "C:\Program Files\BitComet\BitComet.exe" /tray
    O4 - HKCU\..\Run: [EPSON Stylus DX4400 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICAE.EXE /FU "C:\WINDOWS\TEMP\E_S24A.tmp" /EF "HKCU"
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    O4 - HKCU\..\Run: [apicfgwin] C:\WINDOWS\system32\petapkxm.exe
    O4 - HKCU\..\Run: [Configuration de la C-BOX] C:\Program Files\Cegetel\C-BOX\Wizard\QuickAccess.exe
    O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Global Startup: Assistant d'Acrobat.lnk = C:\Program Files\Adobe\Adobe Acrobat 6.0\Distillr\acrotray.exe
    O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
    O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
    O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: BitComet Search - {461CC20B-FB6E-4f16-8FE8-C29359DB100E} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.8.30.dll
    O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
    O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} (Performance Viewer Activex Control) - https://secure.logmein.com/activex/RACtrl.cab
    O17 - HKLM\System\CCS\Services\Tcpip\..\{59B8D619-0CD9-41D8-8364-6B2BAB9BF950}: NameServer = 213.30.96.108,213.203.124.146
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
    O23 - Service: a-squared Anti-Malware Service (a2AntiMalware) - Emsi Software GmbH - C:\Program Files\a-squared Anti-Malware\a2service.exe
    O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Program Files\x86\RaMaint.exe
    O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Program Files\x86\LogMeIn.exe
    O23 - Service: Trend Micro Central Control Component (PcCtlCom) - Trend Micro Incorporated. - C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe
    O23 - Service: Trend Micro Real-time Service (Tmntsrv) - Trend Micro Incorporated. - C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe
    O23 - Service: Trend Micro Personal Firewall (TmPfw) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
    O23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe
    O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Program Files\Windows Live\installer\WLSetupSvc.exe

    --
    End of file - 7454 bytes
    13 Octobre 2008 22:13:12

    :hello:  Bonjour,

    Désolé pour le délais.

    Evite de mettre les rapports entre balises stp, c'est plus dur à lire pour moi. Merci ;) 

    Désactive toute protection résidente ( antivirus…) ! <------- Pense-y !

    Copie le texte se situant dans le cadre ci-dessous : ( Ctrl + C )

    File::
    C:\WINDOWS\system32\wini104552502.exe
    C:\WINDOWS\system32\petapkxm.exe

    Folder::
    C:\Program Files\dhahmac
    C:\Documents and Settings\All Users\Application Data\bqbodyxo

    Registry::
    [-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1e53a0fc-ba10-11dc-ad51-0013d3ee7e6e}]
    [-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4206997a-9dc6-11dc-ad3a-0013d3ee7e6e}]


    => Ouvre le Bloc Notes : Démarrer > Tous les programmes > Accessoires > Bloc notes

    - Colles y le texte (CTRL + V)
    - Enregistre ce fichier dans : Bureau
    - Nom du fichier : CFScript
    - Type du fichier : tous les fichiers !!
    - Clique sur Enregistrer
    - Quitte le Bloc Notes

    Fais un glisser/déposer de ce fichier CFScript sur le fichier ComboFix.exe comme sur la capture :



    * Cela va relancer Combofix : au message qui apparaît ( Type 1 to continue, or 2 to abort), tape 1 puis valide.
    * Patiente le temps du scan. Le bureau va disparaître à plusieurs reprises : c'est normal !
    * Ne touche à rien tant que le scan n'est pas terminé.
    * Une fois le scan achevé, un rapport va s'afficher : Copie/Colle son contenue sur le forum.
    Si le fichier ne s'ouvre pas, il se trouve ici : C:\ComboFix.txt
    * Poste un nouveau rapport hijackthis.

    ;) 
    13 Octobre 2008 23:20:13

    Bonsoir, pas de soucis pour le délai ;) 

    Voici le rapport ComboFix ainsi que le rapport HijackThis :

    RAPPORT COMBOFIX :
    ComboFix 08-10-12.01 - Moi Même 2008-10-13 23:06:51.3 - NTFSx86
    Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.185 [GMT 2:00]
    Lancé depuis: C:\Documents and Settings\Moi Même\Bureau\ComboFix.exe
    Commutateurs utilisés :: C:\Documents and Settings\Moi Même\Bureau\CFScript.txt
    * Un nouveau point de restauration a été créé

    FILE ::
    C:\WINDOWS\system32\petapkxm.exe
    C:\WINDOWS\system32\wini104552502.exe
    .

    (((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
    .

    C:\Documents and Settings\All Users\Application Data\bqbodyxo
    C:\Program Files\dhahmac
    C:\WINDOWS\system32\petapkxm.exe
    C:\WINDOWS\system32\wini104552502.exe

    .
    ((((((((((((((((((((((((((((( Fichiers créés du 2008-09-13 au 2008-10-13 ))))))))))))))))))))))))))))))))))))
    .

    2008-10-13 17:11 . 2008-10-13 17:11 <REP> d-------- C:\Documents and Settings\Moi Même\Application Data\EPSON
    2008-10-11 08:54 . 2008-10-11 08:54 <REP> d-------- C:\rsit
    2008-10-10 09:15 . 2008-10-10 09:19 2,874 --a------ C:\WINDOWS\system32\tmp.reg
    2008-10-10 09:05 . 2008-10-10 09:08 <REP> d-------- C:\Program Files\a-squared Anti-Malware
    2008-10-09 19:24 . 2008-10-09 19:24 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\Malwarebytes
    2008-10-09 19:23 . 2006-05-04 10:33 <REP> d--h----- C:\Documents and Settings\Administrateur\Voisinage réseau
    2008-10-09 19:23 . 2006-05-04 10:33 <REP> d--h----- C:\Documents and Settings\Administrateur\Voisinage d'impression
    2008-10-09 19:23 . 2006-05-04 09:55 <REP> d--h----- C:\Documents and Settings\Administrateur\Modèles
    2008-10-09 19:23 . 2006-05-04 10:33 <REP> d-------- C:\Documents and Settings\Administrateur\Mes documents
    2008-10-09 19:23 . 2006-05-04 10:33 <REP> dr------- C:\Documents and Settings\Administrateur\Menu Démarrer
    2008-10-09 19:23 . 2006-05-04 10:33 <REP> d-------- C:\Documents and Settings\Administrateur\Favoris
    2008-10-09 19:23 . 2008-10-10 00:34 <REP> d-------- C:\Documents and Settings\Administrateur\Bureau
    2008-10-09 19:23 . 2008-10-09 19:23 <REP> d-------- C:\Documents and Settings\Administrateur
    2008-10-09 19:19 . 2008-10-09 19:19 <REP> d-------- C:\Program Files\Malwarebytes' Anti-Malware
    2008-10-09 19:19 . 2008-10-09 19:19 <REP> d-------- C:\Documents and Settings\Moi Même\Application Data\Malwarebytes
    2008-10-09 19:19 . 2008-10-09 19:19 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
    2008-10-09 19:19 . 2008-09-10 00:04 38,528 --a------ C:\WINDOWS\system32\drivers\mbamswissarmy.sys
    2008-10-09 19:19 . 2008-09-10 00:03 17,200 --a------ C:\WINDOWS\system32\drivers\mbam.sys
    2008-10-09 09:17 . 2008-10-09 09:31 2,764 --a------ C:\WINDOWS\wininit.ini
    2008-10-07 10:13 . 2008-10-07 10:13 <REP> d-------- C:\Program Files\GoldWave
    2008-10-06 17:20 . 2002-02-27 22:45 45,056 --a------ C:\WINDOWS\system32\ZeroFile.dll
    2008-10-05 10:15 . 2008-10-05 10:15 <REP> d-------- C:\Program Files\TeaTimer (Spybot - Search & Destroy)
    2008-10-05 10:15 . 2008-10-05 10:15 <REP> d-------- C:\Program Files\SDHelper (Spybot - Search & Destroy)
    2008-10-05 09:41 . 2008-10-05 09:41 <REP> d-------- C:\Documents and Settings\Moi Même\Application Data\InstallShield
    2008-10-05 09:39 . 2008-10-05 09:39 <REP> d-------- C:\Documents and Settings\All Users\Application Data\EPSON
    2008-10-05 09:39 . 2006-12-08 04:04 76,800 --a------ C:\WINDOWS\system32\E_FLBCAE.DLL
    2008-10-05 09:39 . 2006-04-19 04:00 62,976 --a------ C:\WINDOWS\system32\E_FD4BCAE.DLL
    2008-10-05 09:30 . 2006-12-28 00:00 208,896 --a------ C:\WINDOWS\system32\esint7e.dll
    2008-10-05 09:30 . 2006-12-28 00:00 66,560 --a------ C:\WINDOWS\system32\eswia7e.dll
    2008-10-05 09:30 . 2006-03-10 00:00 3,584 --a------ C:\WINDOWS\system32\eswiaml.dll
    2008-10-04 18:07 . 2008-10-04 18:07 <REP> d-------- C:\Program Files\Red Kawa
    2008-10-04 17:54 . 2008-10-04 17:54 <REP> d-------- C:\Program Files\PQDVD
    2008-10-04 13:08 . 2008-10-04 13:09 <REP> d-------- C:\Program Files\Rockstar Custom Tracks
    2008-10-04 10:45 . 2008-10-04 18:49 <REP> d-------- C:\Program Files\Exact Audio Copy PSP Edition
    2008-10-02 17:31 . 2008-10-08 22:43 54,156 --ah----- C:\WINDOWS\QTFont.qfn
    2008-10-02 17:31 . 2008-10-02 17:31 1,409 --a------ C:\WINDOWS\QTFont.for
    2008-09-27 18:03 . 2008-09-27 18:03 244 --ah----- C:\sqmnoopt13.sqm
    2008-09-27 18:03 . 2008-09-27 18:03 232 --ah----- C:\sqmdata12.sqm
    2008-09-27 12:47 . 2008-09-27 12:47 244 --ah----- C:\sqmnoopt12.sqm
    2008-09-27 12:47 . 2008-09-27 12:47 232 --ah----- C:\sqmdata11.sqm
    2008-09-27 11:51 . 2008-09-27 11:51 244 --ah----- C:\sqmnoopt11.sqm
    2008-09-27 11:51 . 2008-09-27 11:51 232 --ah----- C:\sqmdata10.sqm
    2008-09-27 08:00 . 2008-09-27 08:00 244 --ah----- C:\sqmnoopt10.sqm
    2008-09-27 08:00 . 2008-09-27 08:00 232 --ah----- C:\sqmdata09.sqm

    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2008-10-13 21:01 --------- d-----w C:\Documents and Settings\Moi Même\Application Data\Skype
    2008-10-13 18:59 7,733 ----a-w C:\Program Files\LogMeIn.log
    2008-10-13 18:58 9,540 ----a-w C:\Program Files\dbg_LMI_proc.txt
    2008-10-13 18:58 67,596 ----a-w C:\Program Files\NET.dat
    2008-10-13 18:58 33,804 ----a-w C:\Program Files\MEM.dat
    2008-10-13 18:58 33,804 ----a-w C:\Program Files\DRV.dat
    2008-10-13 18:58 11,276 ----a-w C:\Program Files\CPU.dat
    2008-10-13 18:58 --------- d-----w C:\Documents and Settings\Moi Même\Application Data\skypePM
    2008-10-12 05:25 8,691 ----a-w C:\Program Files\LMI20081012.log
    2008-10-11 16:30 18,400 ----a-w C:\Program Files\LMI20081011.log
    2008-10-10 18:26 29,067 ----a-w C:\Program Files\LMI20081010.log
    2008-10-09 21:56 33,806 ----a-w C:\Program Files\LMI20081009.log
    2008-10-09 16:28 --------- d-----w C:\Program Files\Trend Micro
    2008-10-09 09:09 --------- d-----w C:\Program Files\eMule
    2008-10-08 04:54 9,709 ----a-w C:\Program Files\LMI20081008.log
    2008-10-06 15:43 9,709 ----a-w C:\Program Files\LMI20081006.log
    2008-10-06 15:25 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
    2008-10-05 08:21 --------- d-----w C:\Program Files\Spybot - Search & Destroy
    2008-10-05 07:44 --------- d--h--w C:\Program Files\InstallShield Installation Information
    2008-10-05 07:43 --------- d-----w C:\Program Files\EPSON
    2008-10-04 12:47 9,709 ----a-w C:\Program Files\LMI20081004.log
    2008-10-03 05:01 9,709 ----a-w C:\Program Files\LMI20081003.log
    2008-10-02 04:53 9,709 ----a-w C:\Program Files\LMI20081002.log
    2008-10-01 18:33 18,400 ----a-w C:\Program Files\LMI20081001.log
    2008-09-29 04:55 10,667 ----a-w C:\Program Files\LMI20080929.log
    2008-09-28 14:05 7,733 ----a-w C:\Program Files\LMI20080928.log
    2008-09-27 17:17 18,400 ----a-w C:\Program Files\LMI20080927.log
    2008-09-24 05:14 9,781 ----a-w C:\Program Files\LMI20080924.log
    2008-09-22 12:20 9,212 ----a-w C:\Program Files\LMI20080922.log
    2008-09-21 09:38 17,382 ----a-w C:\Program Files\LMI20080921.log
    2008-09-20 10:56 9,709 ----a-w C:\Program Files\LMI20080920.log
    2008-09-19 05:33 9,212 ----a-w C:\Program Files\LMI20080919.log
    2008-09-18 05:18 18,400 ----a-w C:\Program Files\LMI20080918.log
    2008-09-17 05:26 8,691 ----a-w C:\Program Files\LMI20080917.log
    2008-09-16 08:29 18,400 ----a-w C:\Program Files\LMI20080916.log
    2008-09-15 06:13 9,709 ----a-w C:\Program Files\LMI20080915.log
    2008-09-14 05:19 9,709 ----a-w C:\Program Files\LMI20080914.log
    2008-09-13 05:49 8,691 ----a-w C:\Program Files\LMI20080913.log
    2008-09-12 16:28 9,709 ----a-w C:\Program Files\LMI20080912.log
    2008-09-11 07:37 17,903 ----a-w C:\Program Files\LMI20080911.log
    2008-09-10 18:49 18,400 ----a-w C:\Program Files\LMI20080910.log
    2008-09-09 05:34 9,709 ----a-w C:\Program Files\LMI20080909.log
    2008-09-08 04:57 8,691 ----a-w C:\Program Files\LMI20080908.log
    2008-09-07 07:14 9,709 ----a-w C:\Program Files\LMI20080907.log
    2008-09-06 05:19 9,709 ----a-w C:\Program Files\LMI20080906.log
    2008-09-05 04:46 8,691 ----a-w C:\Program Files\LMI20080905.log
    2008-09-04 18:36 9,212 ----a-w C:\Program Files\LMI20080904.log
    2008-09-03 04:59 9,709 ----a-w C:\Program Files\LMI20080903.log
    2008-09-02 04:55 9,709 ----a-w C:\Program Files\LMI20080902.log
    2008-08-29 18:42 9,709 ----a-w C:\Program Files\LMI20080829.log
    2008-08-22 06:36 18,166 ----a-w C:\Program Files\LMI20080822.log
    2008-08-18 09:54 26,625 ----a-w C:\Program Files\LMI20080818.log
    2008-08-18 08:28 --------- d-----w C:\Documents and Settings\All Users\Application Data\LogMeIn
    2008-08-18 08:27 388 ----a-w C:\Program Files\dbg_LMI_printer.txt
    2008-08-18 08:27 --------- d-----w C:\Program Files\x86
    2008-08-18 08:27 --------- d-----w C:\Program Files\x64
    2008-08-17 18:34 6,924 ----a-w C:\Program Files\LMI20080817.log
    2008-08-16 18:34 6,924 ----a-w C:\Program Files\LMI20080816.log
    2008-08-15 18:35 24,122 ----a-w C:\Program Files\LMI20080815.log
    2008-08-14 19:13 26,098 ----a-w C:\Program Files\LMI20080814.log
    2008-08-13 19:10 16,511 ----a-w C:\Program Files\LMI20080813.log
    2008-08-06 18:05 10,108 ----a-w C:\Program Files\LMI20080806.log
    2008-08-04 11:46 16,511 ----a-w C:\Program Files\LMI20080804.log
    2008-07-31 16:10 16,511 ----a-w C:\Program Files\LMI20080731.log
    2008-07-30 06:30 16,511 ----a-w C:\Program Files\LMI20080730.log
    2008-07-29 04:56 16,511 ----a-w C:\Program Files\LMI20080729.log
    2008-07-28 04:52 9,587 ----a-w C:\Program Files\LMI20080728.log
    2008-07-27 05:34 16,511 ----a-w C:\Program Files\LMI20080727.log
    2008-07-26 05:00 10,180 ----a-w C:\Program Files\LMI20080726.log
    2008-07-25 04:46 16,511 ----a-w C:\Program Files\LMI20080725.log
    2008-07-24 04:47 16,511 ----a-w C:\Program Files\LMI20080724.log
    2008-07-21 16:48 26,098 ----a-w C:\Program Files\LMI20080721.log
    2008-07-20 19:22 16,511 ----a-w C:\Program Files\LMI20080720.log
    2008-07-19 05:42 16,511 ----a-w C:\Program Files\LMI20080719.log
    2008-07-18 20:10 94,920 ----a-w C:\WINDOWS\system32\cdm.dll
    2008-07-18 20:10 53,448 ----a-w C:\WINDOWS\system32\wuauclt.exe
    2008-07-18 20:10 45,768 ----a-w C:\WINDOWS\system32\wups2.dll
    2008-07-18 20:10 36,552 ----a-w C:\WINDOWS\system32\wups.dll
    2008-07-18 20:09 563,912 ----a-w C:\WINDOWS\system32\wuapi.dll
    2008-07-18 20:09 325,832 ----a-w C:\WINDOWS\system32\wucltui.dll
    2008-07-18 20:09 205,000 ----a-w C:\WINDOWS\system32\wuweb.dll
    2008-07-18 20:09 1,811,656 ----a-w C:\WINDOWS\system32\wuaueng.dll
    2008-07-18 20:07 270,880 ----a-w C:\WINDOWS\system32\mucltui.dll
    2008-07-18 20:07 210,976 ----a-w C:\WINDOWS\system32\muweb.dll
    2008-07-18 04:50 16,511 ----a-w C:\Program Files\LMI20080718.log
    2008-07-17 04:41 9,587 ----a-w C:\Program Files\LMI20080717.log
    2008-07-16 11:59 26,098 ----a-w C:\Program Files\LMI20080716.log
    2008-07-15 05:37 19,174 ----a-w C:\Program Files\LMI20080715.log
    2008-05-28 10:32 5,102,100 ----a-w C:\Program Files\template.rab
    2007-11-16 08:49 32 ----a-w C:\Documents and Settings\All Users\Application Data\ezsid.dat
    2007-10-09 18:04 854 ----a-w C:\Program Files\journal.dat
    2007-09-12 08:20 6,189 ----a-w C:\Program Files\file.sma
    2007-09-12 08:20 5,902 ----a-w C:\Program Files\email.sma
    2007-09-12 08:20 5,855 ----a-w C:\Program Files\ping.sma
    2007-09-12 08:20 5,750 ----a-w C:\Program Files\WapClients.cfg
    2007-09-12 08:20 4,810 ----a-w C:\Program Files\processes.sma
    2007-09-12 08:20 4,364 ----a-w C:\Program Files\WatchProcess.sma
    2007-09-12 08:20 3,188 ----a-w C:\Program Files\CheckCDrive.sma
    2007-09-12 08:20 24,967 ----a-w C:\Program Files\MonitoringScript.txt
    2005-05-13 16:12 217,073 --sha-r C:\WINDOWS\meta4.exe
    2005-10-24 10:13 66,560 --sha-r C:\WINDOWS\MOTA113.exe
    2005-10-13 20:27 422,400 --sha-r C:\WINDOWS\x2.64.exe
    2005-10-07 18:14 308,224 --sha-r C:\WINDOWS\system32\avisynth.dll
    2005-07-14 11:31 27,648 --sha-r C:\WINDOWS\system32\AVSredirect.dll
    2005-06-26 14:32 616,448 --sha-r C:\WINDOWS\system32\cygwin1.dll
    2005-06-21 21:37 45,568 --sha-r C:\WINDOWS\system32\cygz.dll
    2004-01-24 23:00 70,656 --sha-r C:\WINDOWS\system32\i420vfw.dll
    2006-04-27 09:24 2,945,024 --sha-r C:\WINDOWS\system32\Smab.dll
    2005-02-28 12:16 240,128 --sha-r C:\WINDOWS\system32\x.264.exe
    2004-01-24 23:00 70,656 --sha-r C:\WINDOWS\system32\yv12vfw.dll
    .

    ((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
    REGEDIT4

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.Exe" [2007-01-19 5674352]
    "Skype"="C:\Program Files\Skype\Phone\Skype.exe" [2007-11-12 21760296]
    "Creative Live! Cam Manager"="C:\Program Files\Creative\Creative Live! Cam\Live! Cam Manager\CTLCMgr.exe" [2006-05-31 143360]
    "AnyDVD"="C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe" [2007-10-12 1563584]
    "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-19 15360]
    "BitComet"="C:\Program Files\BitComet\BitComet.exe" [2007-09-10 6338360]
    "EPSON Stylus DX4400 Series"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICAE.EXE" [2007-03-01 180736]
    "Configuration de la C-BOX"="C:\Program Files\Cegetel\C-BOX\Wizard\QuickAccess.exe" [BU]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2004-02-13 155648]
    "pccguide.exe"="C:\Program Files\Trend Micro\Internet Security 12\pccguide.exe" [2004-10-27 823361]
    "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2006-08-31 282624]
    "AVFX Engine"="C:\Program Files\Creative\Creative Live! Cam\VideoFX\StartFX.exe" [2006-06-09 24576]
    "V0220Mon.exe"="C:\WINDOWS\V0220Mon.exe" [2006-06-28 32768]
    "LogMeIn GUI"="C:\Program Files\x86\LogMeInSystray.exe" [2007-09-12 63048]
    "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-10-10 39792]
    "a-squared"="C:\Program Files\a-squared Anti-Malware\a2guard.exe" [2008-10-07 2776720]
    "VTTimer"="VTTimer.exe" [2004-10-01 C:\WINDOWS\system32\VTTimer.exe]

    C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
    Adobe Gamma Loader.lnk - C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe [2006-11-14 113664]
    Assistant d'Acrobat.lnk - C:\Program Files\Adobe\Adobe Acrobat 6.0\Distillr\acrotray.exe [2003-10-24 217194]

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
    "ForceClassicControlPanel"= 1 (0x1)

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LMIinit]
    2008-05-28 12:32 87352 C:\WINDOWS\system32\LMIinit.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
    "VIDC.I420"= i420vfw.dll
    "msacm.clmp3enc"= C:\PROGRA~1\CYBERL~1\MP3POW~1\CLMP3Enc.ACM

    [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Assistant d'Acrobat.lnk]
    path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Assistant d'Acrobat.lnk
    backup=C:\WINDOWS\pss\Assistant d'Acrobat.lnkCommon Startup

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AudioDeck]
    --a------ 2005-09-06 05:10 450560 C:\Program Files\VIAudioi\SBADeck\ADeck.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Logitech Utility]
    --------- 2003-12-17 09:50 19968 C:\WINDOWS\LOGI_MWX.EXE

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\TrendAntiVirus]
    "DisableMonitoring"=dword:00000001

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\TrendFirewall]
    "DisableMonitoring"=dword:00000001

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
    "EnableFirewall"= 0 (0x0)

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
    "%windir%\\system32\\sessmgr.exe"=
    "C:\\Program Files\\SightSpeed\\SightSpeed.exe"=
    "C:\\Program Files\\eMule\\emule.exe"=
    "%windir%\\Network Diagnostic\\xpnetdiag.exe"=
    "C:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
    "C:\\Program Files\\MSN Messenger\\livecall.exe"=
    "C:\\Program Files\\Skype\\Phone\\Skype.exe"=

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
    "14031:TCP"= 14031:TCP:BitComet 14031 TCP
    "14031:UDP"= 14031:UDP:BitComet 14031 UDP

    R2 LMIInfo;LogMeIn Kernel Information Provider;C:\Program Files\x86\RaInfo.sys [2008-02-28 12856]
    R2 LMIRfsDriver;LogMeIn Remote File System Driver;C:\WINDOWS\system32\drivers\LMIRfsDriver.sys [2008-03-07 45848]
    R3 V0220Dev;Live! Cam Video IM;C:\WINDOWS\system32\DRIVERS\V0220Dev.sys [2006-06-29 146112]
    R3 V0220Vfx;V0220VFX;C:\WINDOWS\system32\DRIVERS\V0220Vfx.sys [2006-06-08 6272]
    S3 SetupNTGLM7X;SetupNTGLM7X;E:\NTGLM7X.sys [ ]
    S3 usbscan;Pilote de scanneur USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
    S3 USBSTOR;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]

    [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{969B3B70-8765-11D5-9809-0050BACBF861}]
    rundll32.exe advpack.dll,LaunchINFSection C:\Program Files\CyberLink\MP3PowerEncoder\Cyber.inf,PerUserStub
    .
    - - - - ORPHELINS SUPPRIMES - - - -

    HKCU-Run-apicfgwin - C:\WINDOWS\system32\petapkxm.exe



    **************************************************************************

    catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-10-13 23:09:11
    Windows 5.1.2600 Service Pack 2 NTFS

    Recherche de processus cachés ...

    Recherche d'éléments en démarrage automatique cachés ...

    Recherche de fichiers cachés ...

    Scan terminé avec succès
    Fichiers cachés: 0

    **************************************************************************
    .
    Heure de fin: 2008-10-13 23:10:34
    ComboFix-quarantined-files.txt 2008-10-13 21:10:16
    ComboFix2.txt 2008-10-12 12:23:15
    ComboFix3.txt 2008-10-12 11:59:36

    Avant-CF: 9 911 406 592 octets libres
    Après-CF: 10,008,731,648 octets libres

    263 --- E O F --- 2008-09-10 13:26:26



    RAPPORT HIJACKTHIS :
    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 23:16:27, on 13/10/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16705)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\VTTimer.exe
    C:\Program Files\Creative\Creative Live! Cam\VideoFX\StartFX.exe
    C:\WINDOWS\V0220Mon.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Adobe\Adobe Acrobat 6.0\Distillr\acrotray.exe
    C:\Program Files\a-squared Anti-Malware\a2service.exe
    C:\Program Files\x86\RaMaint.exe
    C:\Program Files\x86\LogMeIn.exe
    C:\Program Files\x86\LMIGuardian.exe
    C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\MSN Messenger\usnsvc.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\notepad.exe
    C:\WINDOWS\explorer.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe
    C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe
    C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
    C:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe
    C:\PROGRA~1\TRENDM~1\INTERN~1\PccGuide.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://orange.fr/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.8.30.dll
    O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
    O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat\AcroIEFavClient.dll (file missing)
    O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
    O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [pccguide.exe] "C:\Program Files\Trend Micro\Internet Security 12\pccguide.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [AVFX Engine] C:\Program Files\Creative\Creative Live! Cam\VideoFX\StartFX.exe
    O4 - HKLM\..\Run: [V0220Mon.exe] C:\WINDOWS\V0220Mon.exe
    O4 - HKLM\..\Run: [LogMeIn GUI] "C:\Program Files\x86\LogMeInSystray.exe"
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [a-squared] "C:\Program Files\a-squared Anti-Malware\a2guard.exe"
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
    O4 - HKCU\..\Run: [Creative Live! Cam Manager] "C:\Program Files\Creative\Creative Live! Cam\Live! Cam Manager\CTLCMgr.exe"
    O4 - HKCU\..\Run: [AnyDVD] C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [BitComet] "C:\Program Files\BitComet\BitComet.exe" /tray
    O4 - HKCU\..\Run: [EPSON Stylus DX4400 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICAE.EXE /FU "C:\WINDOWS\TEMP\E_S24A.tmp" /EF "HKCU"
    O4 - HKCU\..\Run: [Configuration de la C-BOX] C:\Program Files\Cegetel\C-BOX\Wizard\QuickAccess.exe
    O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Global Startup: Assistant d'Acrobat.lnk = C:\Program Files\Adobe\Adobe Acrobat 6.0\Distillr\acrotray.exe
    O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
    O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
    O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: BitComet Search - {461CC20B-FB6E-4f16-8FE8-C29359DB100E} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.8.30.dll
    O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
    O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
    O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} (Performance Viewer Activex Control) - https://secure.logmein.com/activex/RACtrl.cab
    O17 - HKLM\System\CCS\Services\Tcpip\..\{59B8D619-0CD9-41D8-8364-6B2BAB9BF950}: NameServer = 213.30.96.108,213.203.124.146
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
    O23 - Service: a-squared Anti-Malware Service (a2AntiMalware) - Emsi Software GmbH - C:\Program Files\a-squared Anti-Malware\a2service.exe
    O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Program Files\x86\RaMaint.exe
    O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Program Files\x86\LogMeIn.exe
    O23 - Service: Trend Micro Central Control Component (PcCtlCom) - Trend Micro Incorporated. - C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe
    O23 - Service: Trend Micro Real-time Service (Tmntsrv) - Trend Micro Incorporated. - C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe
    O23 - Service: Trend Micro Personal Firewall (TmPfw) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
    O23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe
    O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Program Files\Windows Live\installer\WLSetupSvc.exe

    --
    End of file - 7086 bytes



    15 Octobre 2008 23:44:57

    :hello:  Bonsoir,

    ~Fais une analyse antivirus en ligne sur le site de Kaspersky
    http://www.kaspersky.com/kos/eng/partner/default/kavweb...
  • Clique sur Accept
  • Une barre jaune va te demander si tu acceptes d'installer le Kavwebscan_Unicode.cab, installe l'Active X.
  • clique une nouvelle fois sur "Accept"
  • Les bases de mises à jour vont s'installer, patiente un moment
  • Clique sur Next.
  • Clique sur My Computer, le scan se met en route; attends la fin du scan sans fermer la fenêtre sinon il s'arrêtera. Et poste-moi le rapport que tu obtiens.

    Comment va le PC ? Toujours des problèmes ?

    ;) 
    16 Octobre 2008 10:53:26

    Salut!

    Le PC va bien (la fenêtre ne s'affiche plus!!!)

    Voici le rapport Kaspersky : (faut-il que je supprime les éléments en quarantaine dans C:\Qoobox\Quarantine\ ? De quelle manière?)

    --------------------------------------------------------------------------------
    KASPERSKY ONLINE SCANNER 7 REPORT
    Thursday, October 16, 2008
    Operating System: Microsoft Windows XP Professional Service Pack 2 (build 2600)
    Kaspersky Online Scanner 7 version: 7.0.25.0
    Program database last update: Thursday, October 16, 2008 03:31:11
    Records in database: 1315135
    --------------------------------------------------------------------------------

    Scan settings:
    Scan using the following database: extended
    Scan archives: yes
    Scan mail databases: yes

    Scan area - My Computer:
    A:\
    C:\
    D:\
    E:\

    Scan statistics:
    Files scanned: 66645
    Threat name: 3
    Infected objects: 4
    Suspicious objects: 0
    Duration of the scan: 01:42:24


    File name / Threat name / Threats count
    C:\Documents and Settings\Moi Même\Bureau\VIRUS\SmitfraudFix\Reboot.exe Infected: not-a-virus:RiskTool.Win32.Reboot.f 1
    C:\Documents and Settings\Moi Même\Bureau\VIRUS\SmitfraudFix.exe Infected: not-a-virus:RiskTool.Win32.Reboot.f 1
    C:\Qoobox\Quarantine\C\WINDOWS\system32\petapkxm.exe.vir Infected: Trojan.Win32.Obfuscated.gx 1
    C:\Qoobox\Quarantine\C\WINDOWS\system32\wini104552502.exe.vir Infected: not-a-virus:D ownloader.Win32.Agent.bs 1

    The selected area was scanned.
    17 Octobre 2008 22:28:36

    Re,

    Suis ces étapes pour désinstaller proprement combofix et les tools que nous avons utilisés pendant la désinfection

  • Menu démarrer puis exécuter
  • Tape maintenant Combofix /u dans la fenêtre que apparaît puis valide par OK. Veille à bien laisser un espace entre le X et le /U, car cela est nécessaire ici.


    Prévention :

    - Nettoyage des fichiers temporaires :

    Télécharge Ccleaner sur ton Bureau.

  • Clique sur "download the latest version"
  • Installe-le en laissant seulement les options suivantes cochées :
    - Ajouter un raccourci sur le Bureau
    - Contrôler automatiquement les mises à jour de CCleaner
  • Lance le Nettoyage
  • Clique sur Chercher des erreurs et sauvegarde si tu le souhaites.

    Aide : Comment utiliser CCleaner.


    Telecharge ATFcleaner sur ton Bureau.

  • Double-clique sur l'exécutable téléchargé.
  • Dans l'onglet Main, coche simplement la case Select All (toutes les cases vont se cocher) puis sur le bouton Empty Selected.
  • Si tu possèdes Firefox ou Opera comme navigateur, pense à choisir ton navigateur en haut a gauche avant de sélectionner Select All puis Empty Selected.
  • Puis réponds Non au message qui s'affiche, si tu ne souhaites pas perdre tes mots de passe.

    Aide : Comment utiliser AFTCleaner.

    -- Restauration Système :

    Désactive-Réactive la restauration système.

    Méthode XP :
    Clique sur Démarrer, fais un clique droit sur le Poste de travail puis clique sur Propiétés. Sélectionne l'onglet Restauration du Système.
    Dans cet onglet, coche la case Désactiver la Restauration du système sur tous les lecteurs.
    Un message de confirmation va apparaître. Clique sur Oui, puis OK. Fais redémarrer ton ordinateur pour que les changements soient bien pris en compte.
    Pour réactiver la restauration système, il suffit de décocher cette même case et de faire redémarrer ton ordinateur (en ayant suivi les mêmes étapes).

    Méthode Vista :
    Clique sur Démarrer, fais un clique droit sur Ordinateur, puis clique sur Propriétés. Clique à gauche sur Paramètres système avancés. Sélectionne l'onglet Protection du Système.
    Dans cet onglet, décoche (une par une) tes partitions, un message de confirmation va apparaître, clique sur Désactiver la protection du système, Clique sur Appliquer, puis OK.
    Fais redémarrer ton ordinateur pour que les changements soient bien pris en compte.
    Pour réactiver la restauration système, il suffit de décocher cette même case et de faire redémarrer ton ordinateur (en ayant suivi les mêmes étapes).

    Aide : Comment Désactiver-Réactiver la Restauration Système.

    --- Affichage normal des fichiers :

    Clique sur le menu Demarrer /Panneau de configuration/Options des dossiers/ puis dans l'onglet Affichage
    - Décoche Afficher les fichiers et dossiers cachés
    - Coche Masquer les fichiers protégés du système d'exploitation (recommandé)
    clique sur Appliquer, puis OK.

    ---- Suppression des outils installés :

    Télécharge ToolsCleaner2 (de A.Rothstein)

  • Installe le sur ton Bureau.
  • Clique sur Recherche pour lancer le scan.
  • Clique sur Supprimer pour nettoyer les outils utilisés.
  • Clique sur Quitter.
  • Supprime maintenant ToolsCleaner.

    ----- Remise en place des protections, protection du système avec les Mises à Jour ! :

    Je t'invite maintenant à (ré)activer toutes tes protections résidentes (Antivirus, Antispyware, Firewall..).
    Tu dois avoir accès à tes protections dans la zone systray à côté de la barre des tâches. Si tu as des difficultés, n'hésite pas à me questionner !
    Si ce n'est pas fait, assure-toi que les Mises à jour Automatiques Windows soient activées !
    Mets tes Softwares correctement à jour (Java, Adobe, Flash ..) grâce à Sotware Inspector (chez Secunia)

    Un petit mot à propos de Java :

    Une fois la nouvelle version téléchargée, installe-la et fais redémarrer ton ordinateur.
    Hélas, les anciennes version de Java (qui contiennent des failles, donc dangereuses !) sont toujours présentes !
    C'est donc très important que tu désinstalles les anciennes versions de Java.

  • Va dans Démarrer, Panneau de Configuration, Ajout/Suppression de Programmes
  • Déinstalles toutes les versions de Java exceptée la plus récente.

    Aide : Comment utiliser Secunia Software Inspector.

    ------ Ton infection, tu la dénonces ? :

    Tu n'es pas obligé mais ce serait bien que tu rapportes ton infection sur Malware Complaints
  • Ton(tes) infection(s) : Trojan Downloader.
  • Si tu ne la trouves pas dans la liste, poste dans Autres infections.

    Aide : Comment dénoncer mon infection sur Malware Complaints.

    Ajoute maintenant [Résolu] au titre. Pour cela :
    * Clique, dans ton premier message, sur le bouton "Editer"
    * Rajoute la mention [Résolu] au titre
    * Clique ensuite sur "Valider votre message"

    Je t'invite maintenant à regarder ces dossiers très instructifs en terme de prévention !

    - Sécurité/Prévention
    - Conséquences de la multi-protection
    - Toolbars : Inutilité et ralentissements

    Bonne journée/soirée :) 
    22 Octobre 2008 22:08:55

    Bonjour,

    Avec un peu de retard, tout est bon!
    Merci pour ton aide très précieuse!

    Bonne continuation! :hello: 
    24 Octobre 2008 19:39:25

    Re,

    De rien ce fut un plaisir !

    Si tu en as assez d'être assailli de publicités durant ta navigation, installe Firefox sécurisé avec les extensions noscript et AdBlock Plus.

    Merci de consulter ce dossier (en pdf) pour en connaître davantage sur les risques du Net.



    Si tu trouves ce document intéressant, n'hésite pas à le transmettre à tes contacts.

    Bonne continuation :hello: 
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter