Sujet Précédent Sujet Suivant

Message: Warning! potential spyware operation

Résolu/Fermé
gringosky - 18 oct. 2007 à 11:04
jlpjlp Messages postés 51580 Date d'inscription vendredi 18 mai 2007 Statut Contributeur sécurité Dernière intervention 3 mai 2022 - 1 nov. 2007 à 20:41
Bonjour,
Depuis hier aprem, j'ai une fenetre windows security alert qui s'ouvre "Warning! potential spyware operation".
Depuis qu'elle s'affiche, je n'ai plus accès ni au panneau de configuration, ni aux registres, ni à la fenetre qui s'ouvre après ctrl alt suppr (message d'erreur comme quoi je ne suis pas administrateur, alors que je suis administrateur et seul utilisateur de ce pc perso (XP home)).
L'affichage du message "Warning! potential spyware operation" et les restrictions administrateur s'opèrent aussi en mode sans échec.

J'ai exécuté AVG et Spybot en mode sans échec à plusieurs reprises.
Ré-apparaissent à chaque fois sur AVG "Heuristic.win32.dialer" et "trojan.qhost.my", même si je les mets en quarantaine à chaque fois puis que je les détruis.
De plus, à chaque ouverture de windows, j'ai maintenant le message relatif à C:\WINDOWS\System32\printer.exe qui s'affiche (comme quoi il ne le trouve plus).
Enfin, impossible de faire une restauration du système à une date antérieure.
J'exécute actuellement un scan du pc à l'aide de bitdefender online, comme celà a été conseillé dans un autre post.

Avez vous déjà rencontré ce problème?
Si oui, que puis je faire d'autre que ce que je fais actuellement, afin d'avoir de nouveau accès aux droits administrateurs et ne plus avoir le message "Warning! potential spyware operation"?
Merci d'avance.

21 réponses

  • 1
  • 2
Réponse 1 / 21
jlpjlp Messages postés 51580 Date d'inscription vendredi 18 mai 2007 Statut Contributeur sécurité Dernière intervention 3 mai 2022 5 040
18 oct. 2007 à 11:08
slt,
smit fraud fix (colle le rapport)

1/ telecharger :

http://siri.urz.free.fr/Fix/SmitfraudFix.php




2/ double clique sur smitfraudfix. puis sélectionne 1 et appuyer sur entrée afin de créer le rapport des infection présentes. une fois le rapport effectué redémarre en mode sans échec (en appuyant sur F8 ou suppr, ou F5 au démarrage en général)

3/ puis refaire comme en 2/ mais sélectionne l'option 2 et appuyer sur entrée pour commencer la désinfection. lorsque le programme demande si tu veut nettoyer le registre mets oui en tapant 0 et entrée

____________

colle le rapport avg antispyware
0
Réponse 2 / 21
gringosky
18 oct. 2007 à 11:21
Bonjour,
merci de m'aider.
J'ai téléchargé le SmitfraudFix et l'ai lancé (étape '1' - rapport ci dessous).
a noter que lors de son exécution, plusieurs fenetres relatives à l'impossibilité d'accéder aux registres par limitation des droits administrateurs se sont ouvertes.

Pour l'étape '2', je redémarrerai le pc en mode sans échec une fois le scan de bitdefender terminé (je transmettrai le rapport à ce moment).
J'effecteurai une nouvelle anayle AVG Spyware en parallèle et transmettrai le rapport.

SmitFraudFix v2.240

Rapport fait à 11:14:06,98, 18/10/2007
Executé à partir de C:\WINDOWS\BDOSCAN8\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Le type du système de fichiers est NTFS
Fix executé en mode normal

»»»»»»»»»»»»»»»»»»»»»»»» Process

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
c:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
c:\Program Files\Norton AntiVirus\navapsvc.exe
c:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\Explorer.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\system32\hphmon06.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\keyhook.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\WINDOWS\system32\CTHELPER.EXE
C:\Program Files\Creative\SBAudigy2ZS\DVDAudio\CTDVDDet.EXE
C:\Program Files\Arcadyan Wireless\Configuration\SoftAp.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\WINDOWS\system32\ps2.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Fichiers communs\VirusGarde\stmon.exe
C:\WINDOWS\system32\CTSvcCDA.EXE
C:\PROGRA~1\HELPAN~1\Pavilion\XPEWWBF4\plugin\bin\pchbutton.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\autorun.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Arcadyan Wireless\pctwpasv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
c:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\notepad.exe
C:\WINDOWS\system32\cmd.exe

»»»»»»»»»»»»»»»»»»»»»»»» hosts

Fichier hosts corrompu !

127.0.0.1 legal-at-spybot.info
127.0.0.1 www.legal-at-spybot.info

»»»»»»»»»»»»»»»»»»»»»»»» C:\


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32

C:\WINDOWS\system32\printer.exe PRESENT !
C:\WINDOWS\system32\sulimo.dat PRESENT !
C:\WINDOWS\system32\vtr???.dll PRESENT !

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32\LogFiles


»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\HP_Administrateur


»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\HP_Administrateur\Application Data


»»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer

C:\DOCUME~1\HP_ADM~1\MENUDM~1\PROGRA~1\DMARRA~1\system.exe PRESENT !
C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\DMARRA~1\autorun.exe PRESENT !

»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\HP_ADM~1\Favoris


»»»»»»»»»»»»»»»»»»»»»»»» Bureau


»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files


»»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues


»»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau



»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll


»»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\\WINDOWS\\system32\\sulimo.dat"


»»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"System"=""


»»»»»»»»»»»»»»»»»»»»»»»» Rustock



»»»»»»»»»»»»»»»»»»»»»»»» DNS

Description: Realtek RTL8139/810x Family Fast Ethernet NIC - Miniport d'ordonnancement de paquets
DNS Server Search Order: 212.27.54.252
DNS Server Search Order: 212.27.53.252

Description: Wireless PCI 802.11b/g adapter WN4201B - Miniport d'ordonnancement de paquets
DNS Server Search Order: 213.228.0.23
DNS Server Search Order: 212.27.32.176

HKLM\SYSTEM\CCS\Services\Tcpip\..\{8065FA02-E52A-443D-873E-58DEC07F2D81}: NameServer=213.228.0.23,212.27.32.176
HKLM\SYSTEM\CCS\Services\Tcpip\..\{F10D2860-EFA5-42FC-930E-D6C89E7D55E6}: DhcpNameServer=212.27.54.252 212.27.53.252
HKLM\SYSTEM\CS1\Services\Tcpip\..\{8065FA02-E52A-443D-873E-58DEC07F2D81}: NameServer=213.228.0.23,212.27.32.176
HKLM\SYSTEM\CS1\Services\Tcpip\..\{F10D2860-EFA5-42FC-930E-D6C89E7D55E6}: DhcpNameServer=212.27.54.252 212.27.53.252
HKLM\SYSTEM\CS3\Services\Tcpip\..\{8065FA02-E52A-443D-873E-58DEC07F2D81}: NameServer=213.228.0.23,212.27.32.176
HKLM\SYSTEM\CS3\Services\Tcpip\..\{F10D2860-EFA5-42FC-930E-D6C89E7D55E6}: DhcpNameServer=212.27.54.252 212.27.53.252
HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=212.27.54.252 212.27.53.252
HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=212.27.54.252 212.27.53.252
HKLM\SYSTEM\CS3\Services\Tcpip\Parameters: DhcpNameServer=212.27.54.252 212.27.53.252


»»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll


»»»»»»»»»»»»»»»»»»»»»»»» Fin
0
Réponse 3 / 21
jlpjlp Messages postés 51580 Date d'inscription vendredi 18 mai 2007 Statut Contributeur sécurité Dernière intervention 3 mai 2022 5 040
18 oct. 2007 à 11:46
ok fais bien smitfraud fix deuxieme partie car il a trouvé des infections!

0
Réponse 4 / 21
gringosky
18 oct. 2007 à 12:13
Ci dessous le rapportde BitDefender.
Je passe en mode sans echec.
@+

BitDefender Online Scanner



Scan report generated at: Thu, Oct 18, 2007 - 12:10:36





Scan path: C:\;D:\;E:\;F:\;G:\;H:\;I:\;J:\;







Statistics

Time
01:34:19

Files
436287

Folders
7282

Boot Sectors
3

Archives
40197

Packed Files
22697




Results

Identified Viruses
141

Infected Files
197

Suspect Files
0

Warnings
0

Disinfected
0

Deleted Files
206




Engines Info

Virus Definitions
827131

Engine build
AVCORE v1.0 (build 2422) (i386) (Sep 25 2007 08:26:36)

Scan plugins
14

Archive plugins
38

Unpack plugins
7

E-mail plugins
6

System plugins
1




Scan Settings

First Action
Disinfect

Second Action
Delete

Heuristics
Yes

Enable Warnings
Yes

Scanned Extensions
*;

Exclude Extensions


Scan Emails
Yes

Scan Archives
Yes

Scan Packed
Yes

Scan Files
Yes

Scan Boot
Yes




Scanned File
Status

C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Démarrage\system.exe
Infected with: Trojan.Peed.JZ

C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Démarrage\system.exe
Disinfection failed

C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Démarrage\system.exe
Deleted

C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\autorun.exe
Infected with: Trojan.Peed.JZ

C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\autorun.exe
Disinfection failed

C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\autorun.exe
Delete failed

C:\Documents and Settings\HP_Administrateur\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\java-35010e04-31033e8e.zip=>BaaaaBaa.class
Infected with: Trojan.Exploit.Byteverify.AF

C:\Documents and Settings\HP_Administrateur\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\java-35010e04-31033e8e.zip=>BaaaaBaa.class
Disinfection failed

C:\Documents and Settings\HP_Administrateur\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\java-35010e04-31033e8e.zip=>BaaaaBaa.class
Deleted

C:\Documents and Settings\HP_Administrateur\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\java-35010e04-31033e8e.zip
Updated

C:\Documents and Settings\HP_Administrateur\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\java-35010e04-31033e8e.zip=>Dvnny.class
Infected with: Java.Trojan.Exploit.Bytverify

C:\Documents and Settings\HP_Administrateur\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\java-35010e04-31033e8e.zip=>Dvnny.class
Disinfection failed

C:\Documents and Settings\HP_Administrateur\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\java-35010e04-31033e8e.zip=>Dvnny.class
Deleted

C:\Documents and Settings\HP_Administrateur\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\java-35010e04-31033e8e.zip
Updated

C:\Documents and Settings\HP_Administrateur\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\statistic.jar-997dd73-285f2500.zip=>BaaaaBaa.class
Infected with: Java.Trojan.Exploit.Bytverify

C:\Documents and Settings\HP_Administrateur\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\statistic.jar-997dd73-285f2500.zip=>BaaaaBaa.class
Disinfection failed

C:\Documents and Settings\HP_Administrateur\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\statistic.jar-997dd73-285f2500.zip=>BaaaaBaa.class
Deleted

C:\Documents and Settings\HP_Administrateur\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\statistic.jar-997dd73-285f2500.zip
Updated

C:\Documents and Settings\HP_Administrateur\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\statistic.jar-997dd73-285f2500.zip=>VaaaaaaaBaa.class
Infected with: Trojan.Java.ClassLoader.D

C:\Documents and Settings\HP_Administrateur\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\statistic.jar-997dd73-285f2500.zip=>VaaaaaaaBaa.class
Disinfection failed

C:\Documents and Settings\HP_Administrateur\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\statistic.jar-997dd73-285f2500.zip=>VaaaaaaaBaa.class
Deleted

C:\Documents and Settings\HP_Administrateur\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\statistic.jar-997dd73-285f2500.zip
Updated

C:\Documents and Settings\HP_Administrateur\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\statistic.jar-997dd73-285f2500.zip=>Dvnny.class
Infected with: Java.Trojan.Exploit.Bytverify

C:\Documents and Settings\HP_Administrateur\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\statistic.jar-997dd73-285f2500.zip=>Dvnny.class
Disinfection failed

C:\Documents and Settings\HP_Administrateur\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\statistic.jar-997dd73-285f2500.zip=>Dvnny.class
Deleted

C:\Documents and Settings\HP_Administrateur\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\statistic.jar-997dd73-285f2500.zip
Updated

C:\Documents and Settings\HP_Administrateur\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\statistic.jar-997dd73-285f2500.zip=>Baaaaa.class
Infected with: Java.Trojan.Exploit.Bytverify.I

C:\Documents and Settings\HP_Administrateur\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\statistic.jar-997dd73-285f2500.zip=>Baaaaa.class
Disinfection failed

C:\Documents and Settings\HP_Administrateur\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\statistic.jar-997dd73-285f2500.zip=>Baaaaa.class
Deleted

C:\Documents and Settings\HP_Administrateur\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\statistic.jar-997dd73-285f2500.zip
Updated

C:\Documents and Settings\HP_Administrateur\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\statistic.jar-997dd73-285f2500.zip=>Dex.class
Infected with: Trojan.Classloader.G

C:\Documents and Settings\HP_Administrateur\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\statistic.jar-997dd73-285f2500.zip=>Dex.class
Disinfection failed

C:\Documents and Settings\HP_Administrateur\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\statistic.jar-997dd73-285f2500.zip=>Dex.class
Deleted

C:\Documents and Settings\HP_Administrateur\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\statistic.jar-997dd73-285f2500.zip
Updated

C:\Documents and Settings\HP_Administrateur\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\statistic.jar-997dd73-285f2500.zip=>Dix.class
Infected with: Trojan.Java.ClassLoader.D

C:\Documents and Settings\HP_Administrateur\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\statistic.jar-997dd73-285f2500.zip=>Dix.class
Disinfection failed

C:\Documents and Settings\HP_Administrateur\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\statistic.jar-997dd73-285f2500.zip=>Dix.class
Deleted

C:\Documents and Settings\HP_Administrateur\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\statistic.jar-997dd73-285f2500.zip
Updated

C:\Documents and Settings\HP_Administrateur\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\statistic.jar-997dd73-285f2500.zip=>Dux.class
Infected with: Trojan.Java.ClassLoader.D

C:\Documents and Settings\HP_Administrateur\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\statistic.jar-997dd73-285f2500.zip=>Dux.class
Disinfection failed

C:\Documents and Settings\HP_Administrateur\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\statistic.jar-997dd73-285f2500.zip=>Dux.class
Deleted

C:\Documents and Settings\HP_Administrateur\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\statistic.jar-997dd73-285f2500.zip
Updated

C:\Documents and Settings\HP_Administrateur\Bureau\Drivers\kazaaspeedup.exe=>(VISE Installer o)=>msbb.exe
Infected with: Trojan.Dialer.BJ

C:\Documents and Settings\HP_Administrateur\Bureau\Drivers\kazaaspeedup.exe=>(VISE Installer o)=>msbb.exe
Disinfection failed

C:\Documents and Settings\HP_Administrateur\Bureau\Drivers\kazaaspeedup.exe=>(VISE Installer o)=>msbb.exe
Deleted

C:\Documents and Settings\HP_Administrateur\Bureau\Drivers\kazaaspeedup.exe=>(VISE Installer o)
Update failed

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 725)
Infected with: Generic.Peed.Eml.7C159879

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 725)
Disinfection failed

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 725)
Deleted

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx
Update failed

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 730)
Infected with: Generic.Peed.Eml.E5873A83

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 730)
Disinfection failed

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 730)
Deleted

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx
Update failed

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 748)
Infected with: Generic.Peed.Eml.771BCF09

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 748)
Disinfection failed

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 748)
Deleted

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx
Update failed

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 769)
Infected with: Generic.Peed.Eml.85DDB835

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 769)
Disinfection failed

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 769)
Deleted

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx
Update failed

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 794)
Infected with: Generic.Peed.Eml.E6378384

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 794)
Disinfection failed

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 794)
Deleted

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx
Update failed

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 797)
Infected with: Generic.Peed.Eml.B3DAAD5B

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 797)
Disinfection failed

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 797)
Deleted

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx
Update failed

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 798)
Infected with: Generic.Peed.Eml.844A33E5

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 798)
Disinfection failed

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 798)
Deleted

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx
Update failed

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 803)
Infected with: Generic.Peed.Eml.91A069D4

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 803)
Disinfection failed

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 803)
Deleted

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx
Update failed

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 804)
Infected with: Generic.Peed.Eml.2B319AB6

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 804)
Disinfection failed

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 804)
Deleted

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx
Update failed

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 805)
Infected with: Generic.Peed.Eml.412EF583

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 805)
Disinfection failed

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 805)
Deleted

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx
Update failed

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 806)
Infected with: Generic.Peed.Eml.21FA3391

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 806)
Disinfection failed

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 806)
Deleted

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx
Update failed

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 811)
Infected with: Generic.Peed.Eml.A641B708

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 811)
Disinfection failed

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 811)
Deleted

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx
Update failed

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 812)
Infected with: Generic.Peed.Eml.AE149538

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 812)
Disinfection failed

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 812)
Deleted

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx
Update failed

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 814)
Infected with: Generic.Peed.Eml.C3155A01

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 814)
Disinfection failed

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 814)
Deleted

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx
Update failed

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 818)
Infected with: Generic.Peed.Eml.F56808BA

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 818)
Disinfection failed

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 818)
Deleted

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx
Update failed

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 820)
Infected with: Generic.Peed.Eml.2CEA8013

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 820)
Disinfection failed

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 820)
Deleted

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx
Update failed

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 823)
Infected with: Generic.Peed.Eml.30E51E9A

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 823)
Disinfection failed

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 823)
Deleted

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx
Update failed

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 826)
Infected with: Generic.Peed.Eml.2C219030

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 826)
Disinfection failed

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 826)
Deleted

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx
Update failed

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 827)
Infected with: Generic.Peed.Eml.E99BEED6

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 827)
Disinfection failed

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 827)
Deleted

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx
Update failed

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 828)
Infected with: Generic.Peed.Eml.C055ADC5

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 828)
Disinfection failed

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 828)
Deleted

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx
Update failed

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 829)
Infected with: Generic.Peed.Eml.E28A42D7

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 829)
Disinfection failed

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 829)
Deleted

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx
Update failed

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 833)
Infected with: Generic.Peed.Eml.1535FAA2

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 833)
Disinfection failed

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 833)
Deleted

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx
Update failed

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 840)
Infected with: Generic.Peed.Eml.60D2597C

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 840)
Disinfection failed

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 840)
Deleted

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx
Update failed

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 843)
Infected with: Generic.Peed.Eml.06066054

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 843)
Disinfection failed

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 843)
Deleted

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx
Update failed

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 845)
Infected with: Generic.Peed.Eml.1DB029F7

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 845)
Disinfection failed

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 845)
Deleted

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx
Update failed

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 850)
Infected with: Generic.Peed.Eml.1F1745C4

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 850)
Disinfection failed

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 850)
Deleted

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx
Update failed

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 852)
Infected with: Generic.Peed.Eml.50779EB2

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 852)
Disinfection failed

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 852)
Deleted

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx
Update failed

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 853)
Infected with: Generic.Peed.Eml.40594FAB

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 853)
Disinfection failed

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 853)
Deleted

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx
Update failed

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 858)
Infected with: Generic.Peed.Eml.07E3E57E

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 858)
Disinfection failed

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 858)
Deleted

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx
Update failed

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 866)
Infected with: Generic.Peed.Eml.8E032B2E

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 866)
Disinfection failed

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 866)
Deleted

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx
Update failed

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 867)
Infected with: Generic.Peed.Eml.31A067A2

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 867)
Disinfection failed

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 867)
Deleted

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx
Update failed

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 873)
Infected with: Generic.Peed.Eml.058FAE91

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 873)
Disinfection failed

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 873)
Deleted

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx
Update failed

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 878)
Infected with: Generic.Peed.Eml.D32BBF88

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 878)
Disinfection failed

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 878)
Deleted

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx
Update failed

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 883)
Infected with: Generic.Peed.Eml.0B4228BE

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 883)
Disinfection failed

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 883)
Deleted

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx
Update failed

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 885)
Infected with: Generic.Peed.Eml.8571E6D3

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 885)
Disinfection failed

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 885)
Deleted

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx
Update failed

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 891)
Infected with: Generic.Peed.Eml.B7F81244

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 891)
Disinfection failed

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 891)
Deleted

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx
Update failed

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 892)
Infected with: Generic.Peed.Eml.4557C9E1

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 892)
Disinfection failed

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 892)
Deleted

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx
Update failed

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 893)
Infected with: Generic.Peed.Eml.DF57071A

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 893)
Disinfection failed

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 893)
Deleted

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx
Update failed

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 894)
Infected with: Generic.Peed.Eml.739EBEA7

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 894)
Disinfection failed

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 894)
Deleted

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx
Update failed

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 896)
Infected with: Generic.Peed.Eml.2E256AC6

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 896)
Disinfection failed

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 896)
Deleted

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx
Update failed

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 897)
Infected with: Generic.Peed.Eml.6281C9A3

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 897)
Disinfection failed

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 897)
Deleted

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx
Update failed

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 898)
Infected with: Generic.Peed.Eml.4433921E

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 898)
Disinfection failed

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 898)
Deleted

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx
Update failed

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 899)
Infected with: Generic.Peed.Eml.9E7E453A

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 899)
Disinfection failed

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 899)
Deleted

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx
Update failed

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 903)
Infected with: Generic.Peed.Eml.28DBFAB0

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 903)
Disinfection failed

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 903)
Deleted

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx
Update failed

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 907)
Infected with: Generic.Peed.Eml.82DD965B

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 907)
Disinfection failed

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 907)
Deleted

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx
Update failed

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 909)
Infected with: Generic.Peed.Eml.39F41B5F

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 909)
Disinfection failed

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 909)
Deleted

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx
Update failed

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 912)
Infected with: Generic.Peed.Eml.323DBCD8

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 912)
Disinfection failed

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 912)
Deleted

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx
Update failed

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 916)
Infected with: Generic.Peed.Eml.978D23A4

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 916)
Disinfection failed

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 916)
Deleted

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx
Update failed

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 920)
Infected with: Generic.Peed.Eml.2847BBC1

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 920)
Disinfection failed

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 920)
Deleted

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx
Update failed

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 922)
Infected with: Generic.Peed.Eml.F667DBDD

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 922)
Disinfection failed

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 922)
Deleted

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx
Update failed

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 923)
Infected with: Generic.Peed.Eml.58EF75AE

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 923)
Disinfection failed

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 923)
Deleted

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx
Update failed

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 927)
Infected with: Generic.Peed.Eml.2236AC01

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 927)
Disinfection failed

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 927)
Deleted

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx
Update failed

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 930)
Infected with: Generic.Peed.Eml.A62D599E

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 930)
Disinfection failed

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 930)
Deleted

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx
Update failed

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 933)
Infected with: Generic.Peed.Eml.8ACF7800

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 933)
Disinfection failed

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 933)
Deleted

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx
Update failed

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 939)
Infected with: Generic.Peed.Eml.379A56CC

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 939)
Disinfection failed

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 939)
Deleted

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx
Update failed

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 943)
Infected with: Generic.Peed.Eml.C3EF8CF8

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 943)
Disinfection failed

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 943)
Deleted

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx
Update failed

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 945)
Infected with: Generic.Peed.Eml.68D8EDA1

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 945)
Disinfection failed

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 945)
Deleted

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx
Update failed

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 949)
Infected with: Generic.Peed.Eml.09D05CD3

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 949)
Disinfection failed

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 949)
Deleted

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx
Update failed

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 951)
Infected with: Generic.Peed.Eml.7788CBEE

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 951)
Disinfection failed

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 951)
Deleted

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx
Update failed

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 953)
Infected with: Generic.Peed.Eml.9EA380FB

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 953)
Disinfection failed

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 953)
Deleted

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx
Update failed

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 955)
Infected with: Generic.Peed.Eml.5F2BE7B2

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 955)
Disinfection failed

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 955)
Deleted

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx
Update failed

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 960)
Infected with: Generic.Peed.Eml.11F2917A

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 21
jlpjlp Messages postés 51580 Date d'inscription vendredi 18 mai 2007 Statut Contributeur sécurité Dernière intervention 3 mai 2022 5 040
18 oct. 2007 à 12:29
fait la deuxieme partie de smitfraudfix

_________________

toutes ces infections sont dans ta messageries outlook express donc vire les messages de ta corbeille et ceux que tu ne connais pas!


C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 725)
Infected with: Generic.Peed.Eml.7C159879



_________________
installe la nouvelle version java:
https://www.java.com/fr/


puis vas dans panneau de configuration puis AJOUT/SUPPRESSION DE PROG et supprime l'ancienne version java

__________________

colle le rapport AVG antispyware
_________________

Télécharge ce tool de sUBs :

http://www.techsupportforum.com/sectools/Hacked_by_Godzilla_Remover.exe

Double-clique dessus et laisse-toiguider.

____________________

Clean permettra de faire du nettoyage et supprimer des fichiers que des anti-virus et anti-spywares n'ont pas pu trouver. Le logiciel est régulièrement mis à jour, vous devrez donc le re-téléchargé pour obtenir une version plus récente.

• Téléchargez clean.zip, décompressez-le sur votre bureau (clic droit / extraire tout), vous obtenez alors un dossier clean
• Démarrez Windows en mode sans échec : Guide pour redémarrer en mode sans échec
• Ouvrez le dossier clean qui se trouve sur ton bureau, et double-cliquez sur clean.cmd, une fenêtre noire va apparaître pendant un instant, laissez la ouverte jusqu'à ce qu'elle se ferme.

http://kerio.probb.fr/tuto-Clean-h37.html
______________________


refait un scan en ligne et colle le rapport


_______________________

colle un rapport hijackthis

http://www.trendsecure.com/portal/en-US/tools/security_tools/hijackthis/download

manuel :

https://leblogdeclaude.blogspot.com/2006/10/informatique-section-hijackthis.html


Je conseille de renomer Hijackthis, pour contrer une éventuelle infection de Vundo.

ex:Renomme le fichier HijackThis.exe en eden.exe pour cela, fais un clic droit sur le fichier HijackThis.exe et choisis renommer dans la liste

Ensuite avec Explorer créer un dossier c:\hijackthis
Décompresser Hijackthis dans ce dossier.
C'est important pour les sauvegardes."
0
Réponse 6 / 21
gringosky
18 oct. 2007 à 12:43
Ci dessous la deuxieme partie de smitfraudfix.
J'ai de nouveau accès à ctrl alt suppr, au panneau de configuration, mais toujours pas aux registres.
D'ailleurs, à chaque fois que smitfraudfix voulait accéder à la modification d'un registre, une fenetre windows security alert s'ouvrait pour dire que je n'avais pas les droits administrateurs.
Sinon, la fenetre fenetre windows security alert "Warning! potential spyware operation" semble ne plus s'ouvrir...
En revanche, toujours le message à l'ouverture de windows concernant C:\WINDOWS\System32\printer.exe.
Peux tu continuer à m'aider à faire les modifications requises pour les registres stp?
Merci d'avance.
@+


SmitFraudFix v2.240

Rapport fait à 12:27:07,34, 18/10/2007
Executé à partir de C:\Documents and Settings\HP_Administrateur\Bureau\Drivers\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Le type du système de fichiers est NTFS
Fix executé en mode sans echec

»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Avant SmitFraudFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

»»»»»»»»»»»»»»»»»»»»»»»» Arret des processus


»»»»»»»»»»»»»»»»»»»»»»»» hosts


192.168.200.3 ad.doubleclick.net
192.168.200.3 ad.fastclick.net
192.168.200.3 ads.fastclick.net
192.168.200.3 atdmt.com
192.168.200.3 awaps.net
192.168.200.3 banner.fastclick.net
192.168.200.3 banners.fastclick.net
192.168.200.3 click.atdmt.com
192.168.200.3 clicks.atdmt.com
192.168.200.3 engine.awaps.net
192.168.200.3 fastclick.net
192.168.200.3 ftp.avp.ch
192.168.200.3 ftp.kasperskylab.ru
192.168.200.3 updates5.kaspersky-labs.com
192.168.200.3 www.awaps.net
192.168.200.3 www.viruslist.ru
127.0.0.1 007guard.com
127.0.0.1 www.007guard.com
127.0.0.1 008i.com
127.0.0.1 008k.com
127.0.0.1 www.008k.com
127.0.0.1 00hq.com
127.0.0.1 www.00hq.com
127.0.0.1 010402.com
127.0.0.1 032439.com
127.0.0.1 www.032439.com
127.0.0.1 1001-search.info
127.0.0.1 www.1001-search.info
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 100sexlinks.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
127.0.0.1 123topsearch.com
127.0.0.1 www.123topsearch.com
127.0.0.1 132.com
127.0.0.1 www.132.com
127.0.0.1 136136.net
127.0.0.1 www.136136.net
127.0.0.1 139mm.com
127.0.0.1 www.139mm.com
127.0.0.1 163ns.com
127.0.0.1 www.163ns.com
127.0.0.1 171203.com
127.0.0.1 17-plus.com
127.0.0.1 1800searchonline.com
127.0.0.1 www.1800searchonline.com
127.0.0.1 180searchassistant.com
127.0.0.1 www.180searchassistant.com
127.0.0.1 180solutions.com
127.0.0.1 www.180solutions.com
127.0.0.1 181.365soft.info
127.0.0.1 www.181.365soft.info
127.0.0.1 1987324.com
127.0.0.1 www.1987324.com
127.0.0.1 1-domains-registrations.com
127.0.0.1 www.1-domains-registrations.com
127.0.0.1 1-extreme.biz
127.0.0.1 www.1-extreme.biz
127.0.0.1 1sexparty.com
127.0.0.1 www.1sexparty.com
127.0.0.1 1stantivirus.com
127.0.0.1 www.1stantivirus.com
127.0.0.1 1stpagehere.com
127.0.0.1 www.1stpagehere.com
127.0.0.1 1stsearchportal.com
127.0.0.1 www.1stsearchportal.com
127.0.0.1 2.82211.net
127.0.0.1 www.2006ooo.com
127.0.0.1 2007-download.com
127.0.0.1 www.2007-download.com
127.0.0.1 2020search.com
127.0.0.1 www.2020search.com
127.0.0.1 20x2p.com
127.0.0.1 24.365soft.info
127.0.0.1 www.24.365soft.info
127.0.0.1 24-7pharmacy.info
127.0.0.1 www.24-7pharmacy.info
127.0.0.1 24-7searching-and-more.com
127.0.0.1 www.24-7searching-and-more.com
127.0.0.1 24teen.com
127.0.0.1 www.24teen.com
127.0.0.1 2every.net
127.0.0.1 www.2every.net
127.0.0.1 2ndpower.com
127.0.0.1 2search.com
127.0.0.1 www.2search.com
127.0.0.1 2search.org
127.0.0.1 www.2search.org
127.0.0.1 2squared.com
127.0.0.1 www.2squared.com
127.0.0.1 3322.org
127.0.0.1 www.3322.org
127.0.0.1 365soft.info
127.0.0.1 36site.com
127.0.0.1 www.36site.com
127.0.0.1 3721.com
127.0.0.1 39-93.com
127.0.0.1 3abetterinternet.com
127.0.0.1 www.3abetterinternet.com
127.0.0.1 3bay.it
127.0.0.1 www.3bay.it
127.0.0.1 3ebay.it
127.0.0.1 www.3ebay.it
127.0.0.1 404dns.com
127.0.0.1 www.404dns.com
127.0.0.1 4199.com
127.0.0.1 www.4199.com
127.0.0.1 4corn.net
127.0.0.1 www.4corn.net
127.0.0.1 4ebay.it
127.0.0.1 www.4ebay.it
127.0.0.1 4klm.com
127.0.0.1 4repubblica.it
127.0.0.1 www.4repubblica.it
127.0.0.1 4softget.com
127.0.0.1 www.4softget.com
127.0.0.1 5iscali.it
127.0.0.1 www.5iscali.it
127.0.0.1 5repubblica.it
127.0.0.1 www.5repubblica.it
127.0.0.1 5starvideos.com
127.0.0.1 www.5starvideos.com
127.0.0.1 5tiscali.it
127.0.0.1 www.5tiscali.it
127.0.0.1 5zgmu7o20kt5d8yq.com
127.0.0.1 www.5zgmu7o20kt5d8yq.com
127.0.0.1 6iscali.it
127.0.0.1 www.6iscali.it
127.0.0.1 6sek.com
127.0.0.1 www.6sek.com
127.0.0.1 6tiscali.it
127.0.0.1 www.6tiscali.it
127.0.0.1 7322.com
127.0.0.1 www.7322.com
127.0.0.1 75tz.com
127.0.0.1 777search.com
127.0.0.1 www.777search.com
127.0.0.1 777top.com
127.0.0.1 www.777top.com
127.0.0.1 7939.com
127.0.0.1 www.7939.com
127.0.0.1 7search.com
127.0.0.1 www.7search.com
127.0.0.1 80gw6ry3i3x3qbrkwhxhw.032439.com
127.0.0.1 82211.net
127.0.0.1 8866.org
127.0.0.1 888.com
127.0.0.1 www.888.com
127.0.0.1 8ad.com
127.0.0.1 www.8ad.com
127.0.0.1 9505.com
127.0.0.1 www.9505.com
127.0.0.1 971searchbox.com
127.0.0.1 www.971searchbox.com
127.0.0.1 a.bestmanage.org
127.0.0.1 aaasexypics.com
127.0.0.1 aaawebfinder.com
127.0.0.1 www.aaawebfinder.com
127.0.0.1 aavc.com
127.0.0.1 abc-find.info
127.0.0.1 www.abc-find.info
127.0.0.1 abetterinternet.com
127.0.0.1 www.abetterinternet.com
127.0.0.1 abnetsoft.info
127.0.0.1 www.abnetsoft.info
127.0.0.1 aboutclicker.com
127.0.0.1 www.aboutclicker.com
127.0.0.1 abrp.net
127.0.0.1 www.abrp.net
127.0.0.1 absolutee.com
127.0.0.1 www.absolutee.com
127.0.0.1 abyssmedia.com
127.0.0.1 www.abyssmedia.com
127.0.0.1 ac66.cn
127.0.0.1 www.ac66.cn
127.0.0.1 access.Navinetwork.com
127.0.0.1 access.rapid-pass.net
127.0.0.1 accessactivexvideo.com
127.0.0.1 www.accessactivexvideo.com
127.0.0.1 accessclips.com
127.0.0.1 www.accessclips.com
127.0.0.1 access-dvd.com
127.0.0.1 www.access-dvd.com
127.0.0.1 accesskeygenerator.com
127.0.0.1 www.accesskeygenerator.com
127.0.0.1 accessorygeeks.com
127.0.0.1 www.accessorygeeks.com
127.0.0.1 accessthefuture.net
127.0.0.1 www.accessthefuture.net
127.0.0.1 accessvid.net
127.0.0.1 www.accessvid.net
127.0.0.1 acemedic.com
127.0.0.1 www.acemedic.com
127.0.0.1 ace-webmaster.com
127.0.0.1 www.ace-webmaster.com
127.0.0.1 acjp.com
127.0.0.1 acrobat-2007.com
127.0.0.1 www.acrobat-2007.com
127.0.0.1 acrobat-8.com
127.0.0.1 www.acrobat-8.com
127.0.0.1 acrobat-center.com
127.0.0.1 www.acrobat-center.com
127.0.0.1 acrobat-hq.com
127.0.0.1 www.acrobat-hq.com
127.0.0.1 acrobatreader-8.com
127.0.0.1 www.acrobatreader-8.com
127.0.0.1 acrobat-reader-8.de
127.0.0.1 www.acrobat-reader-8.de
127.0.0.1 acrobat-stop.com
127.0.0.1 www.acrobat-stop.com
127.0.0.1 actionbreastcancer.org
127.0.0.1 www.actionbreastcancer.org
127.0.0.1 activesearcher.info
127.0.0.1 www.activesearcher.info
127.0.0.1 activexaccessobject.com
127.0.0.1 www.activexaccessobject.com
127.0.0.1 activexaccessvideo.com
127.0.0.1 www.activexaccessvideo.com
127.0.0.1 activexemedia.com
127.0.0.1 www.activexemedia.com
127.0.0.1 activexmediaobject.com
127.0.0.1 www.activexmediaobject.com
127.0.0.1 activexmediapro.com
127.0.0.1 www.activexmediapro.com
127.0.0.1 activexmediasite.com
127.0.0.1 www.activexmediasite.com
127.0.0.1 activexmediasoftware.com
127.0.0.1 www.activexmediasoftware.com
127.0.0.1 activexmediasource.com
127.0.0.1 www.activexmediasource.com
127.0.0.1 activexmediatool.com
127.0.0.1 www.activexmediatool.com
127.0.0.1 activexmediatour.com
127.0.0.1 www.activexmediatour.com
127.0.0.1 activexsoftwares.com
127.0.0.1 www.activexsoftwares.com
127.0.0.1 activexsource.com
127.0.0.1 www.activexsource.com
127.0.0.1 activexupdate.com
127.0.0.1 www.activexupdate.com
127.0.0.1 activexvideo.com
127.0.0.1 www.activexvideo.com
127.0.0.1 activexvideotool.com
127.0.0.1 www.activexvideotool.com
127.0.0.1 ad.marketingsector.com
127.0.0.1 www.ad.marketingsector.com
127.0.0.1 ad.mokead.com
127.0.0.1 www.ad.mokead.com
127.0.0.1 ad.yieldmanager.com
127.0.0.1 www.ad.yieldmanager.com
127.0.0.1 ad25.com
127.0.0.1 ad45.com
127.0.0.1 ad77.com
127.0.0.1 ad86.com
127.0.0.1 adamsupportgroup.org
127.0.0.1 www.adamsupportgroup.org
127.0.0.1 adarmor.com
127.0.0.1 www.adarmor.com
127.0.0.1 adasearch.com
127.0.0.1 www.adasearch.com
127.0.0.1 adaware.cc
127.0.0.1 adawarenow.com
127.0.0.1 www.adawarenow.com
127.0.0.1 addictivetechnologies.com
127.0.0.1 www.addictivetechnologies.com
127.0.0.1 addictivetechnologies.net
127.0.0.1 www.addictivetechnologies.net
127.0.0.1 add-manager.com
127.0.0.1 www.add-manager.com
127.0.0.1 adgate.info
127.0.0.1 www.adgate.info
127.0.0.1 adipics.com
127.0.0.1 www.adipics.com
127.0.0.1 admin2cash.biz
127.0.0.1 www.admin2cash.biz
127.0.0.1 adnet-plus.com
127.0.0.1 adobe-download-now.com
127.0.0.1 adobe-downloads.com
127.0.0.1 www.adobe-downloads.com
127.0.0.1 adobe-reader-8.fr
127.0.0.1 www.adobe-reader-8.fr
127.0.0.1 adprotect.com
127.0.0.1 www.adprotect.com
127.0.0.1 ads.centralmedia.ws
127.0.0.1 ads.k8l.info
127.0.0.1 ads.kmpads.com
127.0.0.1 ads.marketingsector.com
127.0.0.1 ads.searchingbooth.com
127.0.0.1 ads.z-quest.com
127.0.0.1 ads183.com
127.0.0.1 www.ads183.com
127.0.0.1 adscontex.com
127.0.0.1 www.adscontex.com
127.0.0.1 adservices1.enhance.com
127.0.0.1 www.adservices1.enhance.com
127.0.0.1 adservs.com
127.0.0.1 adsextend.net
127.0.0.1 www.adsextend.net
127.0.0.1 adshttp.com
127.0.0.1 www.adshttp.com
127.0.0.1 adsonwww.com
127.0.0.1 www.adsonwww.com
127.0.0.1 adspics.com
127.0.0.1 www.adspics.com
127.0.0.1 adtrak.net
127.0.0.1 www.adtrak.net
127.0.0.1 adtrgt.com
127.0.0.1 adult777search.info
127.0.0.1 www.adult777search.info
127.0.0.1 adultan.com
127.0.0.1 www.adultan.com
127.0.0.1 adult-engine-search.com
127.0.0.1 www.adult-engine-search.com
127.0.0.1 adult-erotic-guide.net
127.0.0.1 www.adult-erotic-guide.net
127.0.0.1 adultfilmsite.com
127.0.0.1 www.adultfilmsite.com
127.0.0.1 adult-friends-finder.net
127.0.0.1 www.adult-friends-finder.net
127.0.0.1 adultgambling.org
127.0.0.1 adult-host.org
127.0.0.1 adulthyperlinks.com
127.0.0.1 www.adulthyperlinks.com
127.0.0.1 adultmovieplus.com
127.0.0.1 www.adultmovieplus.com
127.0.0.1 adult-personal.us
127.0.0.1 adultsgames.net
127.0.0.1 adultsper.com
127.0.0.1 www.adultsper.com
127.0.0.1 adulttds.com
127.0.0.1 www.adulttds.com
127.0.0.1 adultzoneworld.com
127.0.0.1 www.adultzoneworld.com
127.0.0.1 advcash.biz
127.0.0.1 www.advcash.biz
127.0.0.1 advert.exaccess.ru
127.0.0.1 advertisemoney.info
127.0.0.1 www.advertisemoney.info
127.0.0.1 advertising.paltalk.com
127.0.0.1 advertising-money.info
127.0.0.1 www.advertising-money.info
127.0.0.1 ad-ware.cc
127.0.0.1 ad-w-a-r-e.com
127.0.0.1 www.ad-w-a-r-e.com
127.0.0.1 a-d-w-a-r-e.com
127.0.0.1 www.a-d-w-a-r-e.com
127.0.0.1 adwarebazooka.com
127.0.0.1 www.adwarebazooka.com
127.0.0.1 adwarefinder.com
127.0.0.1 www.adwarefinder.com
127.0.0.1 adwareprotectionsite.com
127.0.0.1 www.adwareprotectionsite.com
127.0.0.1 adwarepunisher.com
127.0.0.1 www.adwarepunisher.com
127.0.0.1 aflgate.com
127.0.0.1 www.aflgate.com
127.0.0.1 africaspromise.org
127.0.0.1 agava.com
127.0.0.1 agava.ru
127.0.0.1 agentstudio.com
127.0.0.1 aginegialle.it
127.0.0.1 www.aginegialle.it
127.0.0.1 www.aifind.info
127.0.0.1 aifind.info
127.0.0.1 airtleworld.com
127.0.0.1 www.airtleworld.com
127.0.0.1 aitalia.it
127.0.0.1 www.aitalia.it
127.0.0.1 akamai.downloadv3.com
127.0.0.1 aklitalia.it
127.0.0.1 www.aklitalia.it
127.0.0.1 akril.com
127.0.0.1 alcatel.ws
127.0.0.1 alfacleaner.com
127.0.0.1 www.alfacleaner.com
127.0.0.1 alfa-search.com
127.0.0.1 alialia.it
127.0.0.1 www.alialia.it
127.0.0.1 aliotalia.it
127.0.0.1 www.aliotalia.it
127.0.0.1 alirtalia.it
127.0.0.1 www.alirtalia.it
127.0.0.1 alitaia.it
127.0.0.1 www.alitaia.it
127.0.0.1 alitaklia.it
127.0.0.1 www.alitaklia.it
127.0.0.1 alitala.it
127.0.0.1 www.alitala.it
127.0.0.1 alitali.it
127.0.0.1 www.alitali.it
127.0.0.1 alitaliaq.it
127.0.0.1 www.alitaliaq.it
127.0.0.1 alitalias.it
127.0.0.1 www.alitalias.it
127.0.0.1 alitaliaz.it
127.0.0.1 www.alitaliaz.it
127.0.0.1 alitalioa.it
127.0.0.1 www.alitalioa.it
127.0.0.1 alitalisa.it
127.0.0.1 www.alitalisa.it
127.0.0.1 alitaliua.it
127.0.0.1 www.alitaliua.it
127.0.0.1 alitalkia.it
127.0.0.1 www.alitalkia.it
127.0.0.1 alitaloia.it
127.0.0.1 www.alitaloia.it
127.0.0.1 alitaluia.it
127.0.0.1 www.alitaluia.it
127.0.0.1 alitaslia.it
127.0.0.1 www.alitaslia.it
127.0.0.1 alitlia.it
127.0.0.1 www.alitlia.it
127.0.0.1 alitralia.it
127.0.0.1 www.alitralia.it
127.0.0.1 alitsalia.it
127.0.0.1 www.alitsalia.it
127.0.0.1 aliutalia.it
127.0.0.1 www.aliutalia.it
127.0.0.1 ALL1COUNT.NET
127.0.0.1 www.ALL1COUNT.NET
127.0.0.1 all4internet.com
127.0.0.1 www.all4internet.com
127.0.0.1 allabtcars.com
127.0.0.1 allabtjeeps.com
127.0.0.1 all-bittorrent.com
127.0.0.1 www.all-bittorrent.com
127.0.0.1 www.allcybersearch.com
127.0.0.1 allcybersearch.com
127.0.0.1 alldnserrors.com
127.0.0.1 www.alldnserrors.com
127.0.0.1 all-downloads-now.com
127.0.0.1 www.all-downloads-now.com
127.0.0.1 all-edonkey.com
127.0.0.1 www.all-edonkey.com
127.0.0.1 allforadult.com
127.0.0.1 allhyperlinks.com
127.0.0.1 alliesecurity.com
127.0.0.1 www.alliesecurity.com
127.0.0.1 all-inet.com
127.0.0.1 allinternetbusiness.com
127.0.0.1 all-limewire.com
127.0.0.1 www.all-limewire.com
127.0.0.1 allmegabucks.com
127.0.0.1 www.allmegabucks.com
127.0.0.1 allprotections.com
127.0.0.1 www.allprotections.com
127.0.0.1 allresultz.net
127.0.0.1 www.allresultz.net
127.0.0.1 allsecuritynotes.com
127.0.0.1 www.allsecuritynotes.com
127.0.0.1 allsecuritysite.com
127.0.0.1 www.allsecuritysite.com
127.0.0.1 allstarsvideos.net
127.0.0.1 www.allstarsvideos.net
127.0.0.1 alltruesoftware.com
127.0.0.1 www.alltruesoftware.com
127.0.0.1 allvideoactivex.com
127.0.0.1 www.allvideoactivex.com
127.0.0.1 almanah.biz
127.0.0.1 www.almanah.biz
127.0.0.1 almarvideos.com
127.0.0.1 aloitalia.it
127.0.0.1 www.aloitalia.it
127.0.0.1 aluitalia.it
127.0.0.1 www.aluitalia.it
127.0.0.1 amaena.com
127.0.0.1 www.amaena.com
127.0.0.1 amandamountains.com
127.0.0.1 amateurliveshow.com
127.0.0.1 www.amateurliveshow.com
127.0.0.1 amediasoftware.com
127.0.0.1 www.amediasoftware.com
127.0.0.1 amediasource.com
127.0.0.1 www.amediasource.com
127.0.0.1 americancarbargains.com
127.0.0.1 www.americancarbargains.com
127.0.0.1 american-teens.net
127.0.0.1 amigeek.com
127.0.0.1 amisbusiness.com
127.0.0.1 ampmsearch.com
127.0.0.1 www.ampmsearch.com
127.0.0.1 analcord.com
127.0.0.1 www.analcord.com
127.0.0.1 analmovi.com
127.0.0.1 anarchylolita.com
127.0.0.1 www.anarchylolita.com
127.0.0.1 anarchyporn.com
127.0.0.1 andromedical.com
127.0.0.1 www.andromedical.com
127.0.0.1 animepornmag.com
127.0.0.1 www.animepornmag.com
127.0.0.1 anin.org
127.0.0.1 anjpn-avxiz.biz
127.0.0.1 www.anjpn-avxiz.biz
127.0.0.1 anjpnzqav.biz
127.0.0.1 www.anjpnzqav.biz
127.0.0.1 anjpn-zqav.biz
127.0.0.1 www.anjpn-zqav.biz
127.0.0.1 annaromeo.com
127.0.0.1 antiddos.us
127.0.0.1 www.antiddos.us
127.0.0.1 Antiespiadorado.com
127.0.0.1 www.Antiespiadorado.com
127.0.0.1 Antiespionspack.com
127.0.0.1 www.Antiespionspack.com
127.0.0.1 Antigusanos2008.com
127.0.0.1 www.Antigusanos2008.com
127.0.0.1 Antispionage.com
127.0.0.1 www.Antispionage.com
127.0.0.1 Antispionagepro.com
127.0.0.1 www.Antispionagepro.com
127.0.0.1 antispydns.biz
127.0.0.1 www.antispydns.biz
127.0.0.1 antispylab.com
127.0.0.1 www.antispylab.com
127.0.0.1 antispysolutions.com
127.0.0.1 www.antispysolutions.com
127.0.0.1 antispyware.com
127.0.0.1 www.antispyware.com
127.0.0.1 antispywarebot.com
127.0.0.1 www.antispywarebot.com
127.0.0.1 antispywarebox.com
127.0.0.1 www.antispywarebox.com
127.0.0.1 antispywaredownloads.com
127.0.0.1 www.antispywaredownloads.com
127.0.0.1 Antispywaresuite.com
127.0.0.1 www.Antispywaresuite.com
127.0.0.1 Antispyweb.net
127.0.0.1 www.Antispyweb.net
127.0.0.1 Antiver2008.com
127.0.0.1 www.Antiver2008.com
127.0.0.1 antivermins.com
127.0.0.1 www.antivermins.com
127.0.0.1 anti-vermins.com
127.0.0.1 www.anti-vermins.com
127.0.0.1 antivir2007.com
127.0.0.1 www.antivir2007.com
127.0.0.1 antivirgear.com
127.0.0.1 www.antivirgear.com
127.0.0.1 antivirus.fastfreedownload.com
127.0.0.1 www.antivirus.fastfreedownload.com
127.0.0.1 antivirusgolden.com
127.0.0.1 www.antivirusgolden.com
127.0.0.1 antivirus-hq.net
127.0.0.1 www.antivirus-hq.net
127.0.0.1 anti-virus-pro.com
127.0.0.1 www.anti-virus-pro.com
127.0.0.1 antivirusprotector.com
127.0.0.1 www.antivirusprotector.com
127.0.0.1 antivirussecuritypro.com
127.0.0.1 www.antivirussecuritypro.com
127.0.0.1 antivirus-stop.com
127.0.0.1 www.antivirus-stop.com
127.0.0.1 Antiworm2008.com
127.0.0.1 www.Antiworm2008.com
127.0.0.1 Antiwurm2008.com
127.0.0.1 www.Antiwurm2008.com
127.0.0.1 antrocity.com
127.0.0.1 anyofus.com
127.0.0.1 www.anyofus.com
127.0.0.1 anysn.seproger.com
127.0.0.1 www.anysn.seproger.com
127.0.0.1 anything4health.com
127.0.0.1 apicpreview.com
127.0.0.1 www.apicpreview.com
127.0.0.1 apmebf.com
127.0.0.1 www.apmebf.com
127.0.0.1 appealcircuit.com
127.0.0.1 www.appealcircuit.com
127.0.0.1 approvedlinks.com
127.0.0.1 www.approvedlinks.com
127.0.0.1 apps.deskwizz.com
127.0.0.1 apps.webservicehost.com
127.0.0.1 aprotectedpage.com
127.0.0.1 www.aprotectedpage.com
127.0.0.1 apsua.com
127.0.0.1 archiviosex.net
127.0.0.1 www.archiviosex.net
127.0.0.1 aregay.com
127.0.0.1 ares-freebie.com
127.0.0.1 www.ares-freebie.com
127.0.0.1 arespro2007.com
127.0.0.1 www.arespro2007.com
127.0.0.1 aresultra.com
127.0.0.1 www.aresultra.com
127.0.0.1 ares-usa.com
127.0.0.1 www.ares-usa.com
127.0.0.1 arheo.com
127.0.0.1 arizonaweb.org
127.0.0.1 armitageinn.com
127.0.0.1 arquivojpgs.smtp.ru
127.0.0.1 www.arquivojpgs.smtp.ru
127.0.0.1 artachnid.com
127.0.0.1 art-func.com
127.0.0.1 art-xxx.com
127.0.0.1 asafebrowser.com
127.0.0.1 www.asafebrowser.com
127.0.0.1 asafetynotice.com
127.0.0.1 www.asafetynotice.com
127.0.0.1 asafetypage.com
127.0.0.1 www.asafetypage.com
127.0.0.1 asdbiz.biz
127.0.0.1 www.asdbiz.biz
127.0.0.1 asdeykuddq.com
127.0.0.1 www.asdeykuddq.com
127.0.0.1 asecurebar.com
127.0.0.1 www.asecurebar.com
127.0.0.1 asecureboard.com
127.0.0.1 www.asecureboard.com
127.0.0.1 asecurevalue.com
127.0.0.1 www.asecurevalue.com
127.0.0.1 asecurityissue.com
127.0.0.1 www.asecurityissue.com
127.0.0.1 asecuritynotice.com
127.0.0.1 www.asecuritynotice.com
127.0.0.1 asecuritypaper.com
127.0.0.1 www.asecuritypaper.com
127.0.0.1 asecuritystuff.com
127.0.0.1 www.asecuritystuff.com
127.0.0.1 asiankingkong.com
127.0.0.1 asianpornmag.com
127.0.0.1 www.asianpornmag.com
127.0.0.1 asiantoolbar.com
127.0.0.1 www.asiantoolbar.com
127.0.0.1 asidseiupc.com
127.0.0.1 www.asidseiupc.com
127.0.0.1 aslitalia.it
127.0.0.1 www.aslitalia.it
127.0.0.1 ass-gals.com
127.0.0.1 assureprotection.com
127.0.0.1 www.assureprotection.com
127.0.0.1 asta-killer.com
127.0.0.1 asupereva.it
127.0.0.1 www.asupereva.it
127.0.0.1 athenrye.com
127.0.0.1 atotalsafety.com
127.0.0.1 www.atotalsafety.com
127.0.0.1 atrueprotection.com
127.0.0.1 www.atrueprotection.com
127.0.0.1 atruesecurity.com
127.0.0.1 www.atruesecurity.com
127.0.0.1 attackware.com
127.0.0.1 www.attackware.com
127.0.0.1 attrezzi.biz
127.0.0.1 www.attrezzi.biz
127.0.0.1 aulde.net
127.0.0.1 www.aulde.net
127.0.0.1 aupereva.it
127.0.0.1 www.aupereva.it
127.0.0.1 autocontext.begun.ru
127.0.0.1 www.autocontext.begun.ru
127.0.0.1 autoescrowpay.com
127.0.0.1 avast.free-software-center.com
127.0.0.1 www.avast.free-software-center.com
127.0.0.1 avast-2007.com
127.0.0.1 www.avast-2007.com
127.0.0.1 avast-downloads.com
127.0.0.1 www.avast-downloads.com
127.0.0.1 avast-hq.com
127.0.0.1 www.avast-hq.com
127.0.0.1 avforce.com
127.0.0.1 www.avforce.com
127.0.0.1 avg.grab-it-today.net
127.0.0.1 www.avg.grab-it-today.net
127.0.0.1 avg.softwarecenterz.com
127.0.0.1 www.avg.softwarecenterz.com
127.0.0.1 avg-secure.com
127.0.0.1 www.avg-secure.com
127.0.0.1 avian-ads.com
127.0.0.1 avideoaxaccess.com
127.0.0.1 www.avideoaxaccess.com
127.0.0.1 avideosurfer.com
127.0.0.1 www.avideosurfer.com
127.0.0.1 aviewersoft.com
127.0.0.1 www.aviewersoft.com
127.0.0.1 avpcheckupdate.com
127.0.0.1 www.avpcheckupdate.com
127.0.0.1 avxizaaqada.biz
127.0.0.1 www.avxizaaqada.biz
127.0.0.1 avxiz-anjpn.biz
127.0.0.1 www.avxiz-anjpn.biz
127.0.0.1 avxizueorn.biz
127.0.0.1 www.avxizueorn.biz
127.0.0.1 avxiz-ueorn.biz
127.0.0.1 www.avxiz-ueorn.biz
127.0.0.1 avxiz-vtvcp.biz
127.0.0.1 www.avxiz-vtvcp.biz
127.0.0.1 avxiz-ygco.biz
127.0.0.1 www.avxiz-ygco.biz
127.0.0.1 avxiz-zqav.biz
127.0.0.1 www.avxiz-zqav.biz
127.0.0.1 awarninglist.com
127.0.0.1 www.awarninglist.com
127.0.0.1 awbeta.net-nucleus.com
127.0.0.1 awesomehomepage.com
127.0.0.1 www.awesomehomepage.com
127.0.0.1 awmcash.biz
127.0.0.1 awmdabest.com
127.0.0.1 axemediasoftware.com
127.0.0.1 www.axemediasoftware.com
127.0.0.1 aximageobject.com
127.0.0.1 www.aximageobject.com
127.0.0.1 axmediaproject.com
127.0.0.1 www.axmediaproject.com
127.0.0.1 axmediasoftware.com
127.0.0.1 www.axmediasoftware.com
127.0.0.1 axmediasolutions.com
127.0.0.1 www.axmediasolutions.com
127.0.0.1 axobjectpage.com
127.0.0.1 www.axobjectpage.com
127.0.0.1 axobjectsource.com
127.0.0.1 www.axobjectsource.com
127.0.0.1 axsoftwaretool.com
127.0.0.1 www.axsoftwaretool.com
127.0.0.1 axvideoproject.com
127.0.0.1 www.axvideoproject.com
127.0.0.1 axvideosetup.com
127.0.0.1 www.axvideosetup.com
127.0.0.1 ayakawamura.com
127.0.0.1 ayb.dns-look-up.com
127.0.0.1 ayb.netbios-wait.com
127.0.0.1 ayumitaniguchi.com
127.0.0.1 azebar.com
127.0.0.1 azureusclub.com
127.0.0.1 www.azureusclub.com
127.0.0.1 azureus-freebie.com
127.0.0.1 www.azureus-freebie.com
127.0.0.1 azzetta.it
127.0.0.1 www.azzetta.it
127.0.0.1 b.casalemedia.com
127.0.0.1 babe.k-lined.com
127.0.0.1 www.babe.k-lined.com
127.0.0.1 babe.the-killer.bz
127.0.0.1 www.babe.the-killer.bz
127.0.0.1 babenet.com
127.0.0.1 www.babenet.com
127.0.0.1 babespornmag.com
127.0.0.1 www.babespornmag.com
127.0.0.1 babeweb.de
127.0.0.1 www.babeweb.de
127.0.0.1 baccarat-other.info
127.0.0.1 www.baccarat-other.info
127.0.0.1 Backstripgirls.com
127.0.0.1 www.Backstripgirls.com
127.0.0.1 backup.mabou.org
127.0.0.1 balotierra.com
127.0.0.1 www.balotierra.com
127.0.0.1 bannedhost.net
127.0.0.1 barbudafarms.com
127.0.0.1 bardownload.com
127.0.0.1 www.bardownload.com
127.0.0.1 barnandfence.com
127.0.0.1 batsearch.com
127.0.0.1 baygraphicsllc.com
127.0.0.1 bbbsearch.com
127.0.0.1 bb-search.com
127.0.0.1 bdsmlibrary.net
127.0.0.1 bdsmpornmag.com
127.0.0.1 www.bdsmpornmag.com
127.0.0.1 bearshare.download-me.info
127.0.0.1 www.bearshare.download-me.info
127.0.0.1 bearshare.mp3-muzic.com
127.0.0.1 www.bearshare.mp3-muzic.com
127.0.0.1 bearshare-download.org
127.0.0.1 www.bearshare-download.org
127.0.0.1 bearshare-downloads.net
127.0.0.1 www.bearshare-downloads.net
127.0.0.1 bearsharelive.co.uk
127.0.0.1 www.bearsharelive.co.uk
127.0.0.1 bearshare-music-downloads.com
127.0.0.1 www.bearshare-music-downloads.com
127.0.0.1 bearsharepro2007.com
127.0.0.1 www.bearsharepro2007.com
127.0.0.1 bearshare-usa.com
127.0.0.1 www.bearshare-usa.com
127.0.0.1 bedhome.com
127.0.0.1 bediadance.com
127.0.0.1 beebappyy.biz
127.0.0.1 www.beebappyy.biz
127.0.0.1 begin2search.com
127.0.0.1 www.begin2search.com
127.0.0.1 bellabasketsfl.com
127.0.0.1 bernaolatwin.com
127.0.0.1 best-counter.com
127.0.0.1 bestcrawler.com
127.0.0.1 bestfor.ru
127.0.0.1 best-hardpics.com
127.0.0.1 bestmanage.org
127.0.0.1 www.bestmanage.org
127.0.0.1 bestmanage0.org
127.0.0.1 www.bestmanage0.org
127.0.0.1 bestmanage1.org
127.0.0.1 www.bestmanage1.org
127.0.0.1 bestmanage2.org
127.0.0.1 www.bestmanage2.org
127.0.0.1 bestmanage3.org
127.0.0.1 www.bestmanage3.org
127.0.0.1 bestmanage4.org
127.0.0.1 www.bestmanage4.org
127.0.0.1 bestmanage5.org
127.0.0.1 www.bestmanage5.org
127.0.0.1 bestmanage6.org
127.0.0.1 www.bestmanage6.org
127.0.0.1 bestmanage7.org
127.0.0.1 www.bestmanage7.org
127.0.0.1 bestmanage8.org
127.0.0.1 www.bestmanage8.org
127.0.0.1 bestmanage9.org
127.0.0.1 www.bestmanage9.org
127.0.0.1 bestporngate.com
127.0.0.1 bestsafetyguide.net
127.0.0.1 www.bestsafetyguide.net
127.0.0.1 best-spyware.info
127.0.0.1 www.best-spyware.info
127.0.0.1 best-targeted-traffic.com
127.0.0.1 www.best-targeted-traffic.com
127.0.0.1 best-voyeur.info
127.0.0.1 www.best-voyeur.info
127.0.0.1 bestweblinks.com
127.0.0.1 best-winning-casino.com
127.0.0.1 bestworldgirls-for-u.net
127.0.0.1 www.bestworldgirls-for-u.net
127.0.0.1 bestxporno.com
127.0.0.1 bettersearch.biz
127.0.0.1 www.bettersearch.biz
127.0.0.1 bgazzetta.it
127.0.0.1 www.bgazzetta.it
127.0.0.1 bgoogle.it
127.0.0.1 www.bgoogle.it
127.0.0.1 bigtrafficnetwork.com
127.0.0.1 www.bigtrafficnetwork.com
127.0.0.1 bigwww.com
127.0.0.1 www.bigwww.com
127.0.0.1 bin.errorprotector.com
127.0.0.1 bins.media-motor.net
127.0.0.1 bins2.media-motor.net
127.0.0.1 bis.180solutions.com
127.0.0.1 bitchesonline.net
127.0.0.1 bitcomet-freebie.com
127.0.0.1 www.bitcomet-freebie.com
127.0.0.1 biz.biz
127.0.0.1 blackblues00.com
127.0.0.1 www.blackblues00.com
127.0.0.1 blackhats.tc
127.0.0.1 www.blackhats.tc
127.0.0.1 blackhawksoftware.com
127.0.0.1 www.blackhawksoftware.com
127.0.0.1 blackjack-free.net
127.0.0.1 blazefind.com
127.0.0.1 blender.xu.pl
127.0.0.1 blondetgp.com
127.0.0.1 blue-elefant.com
127.0.0.1 www.blue-elefant.com
127.0.0.1 bm.theaimonline.com
127.0.0.1 www.bm.theaimonline.com
127.0.0.1 bnmgate.com
127.0.0.1 www.bnmgate.com
127.0.0.1 bodaciousbabette.com
127.0.0.1 bonzi.com
127.0.0.1 www.bonzi.com
127.0.0.1 boobdoll.com
127.0.0.1 boobsandtits.com
127.0.0.1 boobsclub.com
127.0.0.1 bookedspace.com
127.0.0.1 www.bookedspace.com
127.0.0.1 boom.com.vn
127.0.0.1 www.boom.com.vn
127.0.0.1 boredlife.com
127.0.0.1 bowlofogumbo.com
127.0.0.1 bpfq02.com
127.0.0.1 www.bpfq02.com
127.0.0.1 bqgate.com
127.0.0.1 www.bqgate.com
127.0.0.1 br.errorsafe.com
127.0.0.1 br.winantivirus.com
127.0.0.1 br.winfixer.com
127.0.0.1 bradcoem.org
127.0.0.1 braincodec.com
127.0.0.1 www.braincodec.com
127.0.0.1 brandiyoung.com
127.0.0.1 bravesentry.com
127.0.0.1 www.bravesentry.com
127.0.0.1 breenten.biz
127.0.0.1 www.breenten.biz
127.0.0.1 brodbfm.net
127.0.0.1 www.brodbfm.net
127.0.0.1 brookeburn.com
127.0.0.1 browserwise.com
127.0.0.1 www.browserwise.com
127.0.0.1 bucps.com
127.0.0.1 buhartes.info
127.0.0.1 buldog-stats.com
127.0.0.1 bullseye-network.com
127.0.0.1 www.bullseye-network.com
127.0.0.1 burgerkingbigscreen.com
127.0.0.1 burnsrecyclinginc.com
127.0.0.1 www.burnsrecyclinginc.com
127.0.0.1 buscards.net
127.0.0.1 bustyrussell.com
127.0.0.1 busysearch.net
127.0.0.1 www.busysearch.net
127.0.0.1 buttejazz.org
127.0.0.1 buy-find.info
127.0.0.1 www.buy-find.info
127.0.0.1 buyselldomain.net
127.0.0.1 buytraff.biz
127.0.0.1 www.buytraff.biz
127.0.0.1 buz.ru
127.0.0.1 bvirgilio.it
127.0.0.1 www.bvirgilio.it
127.0.0.1 c.centralmedia.ws
127.0.0.1 c.enhance.com
127.0.0.1 www.c.enhance.com
127.0.0.1 c.goclick.com
127.0.0.1 c4tdownload.com
127.0.0.1 www.c4tdownload.com
127.0.0.1 c5.www4free.info
127.0.0.1 www.c5.www4free.info
127.0.0.1 cache.surfaccuracy.com
127.0.0.1 www.cache.surfaccuracy.com
127.0.0.1 cache.ysbweb.com
127.0.0.1 calcioturris.com
127.0.0.1 calendaralerts.net
127.0.0.1 www.calendaralerts.net
127.0.0.1 cameouk.co.uk
127.0.0.1 www.cameouk.co.uk
127.0.0.1 cameup.com
127.0.0.1 camouflageclothingonline.net
127.0.0.1 www.camouflageclothingonline.net
127.0.0.1 camup.net
127.0.0.1 canberracricketcoaching.com
127.0.0.1 candycantaloupes.com
127.0.0.1 canidetect.org
127.0.0.1 www.canidetect.org
127.0.0.1 cantfind.com
127.0.0.1 www.cantfind.com
127.0.0.1 careers.dulcineasystems.net
127.0.0.1 carsands.com
127.0.0.1 carsrentals.net
127.0.0.1 cartoes.uol.com.br
127.0.0.1 casalemedia.com
127.0.0.1 www.casalemedia.com
127.0.0.1 cashdeluxe.net
127.0.0.1 www.cashdeluxe.net
127.0.0.1 cashengines.com
127.0.0.1 www.cashengines.com
127.0.0.1 cashsearch.biz
127.0.0.1 cashsurfers.com
127.0.0.1 www.cashsurfers.com
127.0.0.1 CashUnlim.com
127.0.0.1 www.CashUnlim.com
127.0.0.1 casino.com.free.game.pogo.gratisdownloads.nl
127.0.0.1 casino2win.net
127.0.0.1 casino-gambling-1.net
127.0.0.1 casino-gambling-2.net
127.0.0.1 casinomidas.net
127.0.0.1 casinonline.net
127.0.0.1 casino-onlines.net
127.0.0.1 castingsamateur.com
127.0.0.1 www.castingsamateur.com
127.0.0.1 catallogue.com
127.0.0.1 catch-dc.info
127.0.0.1 www.catch-dc.info
127.0.0.1 categories.mygeek.com
127.0.0.1 catsss.da.ru
127.0.0.1 caxa.ru
127.0.0.1 cc.panet.org
127.0.0.1 ccecaedbebfcaf.com
127.0.0.1 www.ccecaedbebfcaf.com
127.0.0.1 cclebali.org
127.0.0.1 ccorriere.it
127.0.0.1 www.ccorriere.it
127.0.0.1 cdegate.com
127.0.0.1 www.cdegate.com
127.0.0.1 cdn.drivecleaner.com
127.0.0.1 cdn.errorsafe.com
127.0.0.1 cdn.movies-etc.com
127.0.0.1 cdn.winsoftware.com
127.0.0.1 cdn2.movies-etc.com
127.0.0.1 cdorriere.it
127.0.0.1 www.cdorriere.it
127.0.0.1 ceewawires.org
127.0.0.1 centralmedia.ws
127.0.0.1 certumgroup.com
127.0.0.1 cforriere.it
127.0.0.1 www.cforriere.it
127.0.0.1 check.jupitersatellites.biz
127.0.0.1 www.check.jupitersatellites.biz
127.0.0.1 checkin100.com
127.0.0.1 www.checkin100.com
127.0.0.1 checkssecurity.com
127.0.0.1 www.checkssecurity.com
127.0.0.1 chelancatering.com
127.0.0.1 chenshijituan.com
127.0.0.1 www.chenshijituan.com
127.0.0.1 childrenvilla.com
127.0.0.1 chips-4-free.com
127.0.0.1 chrisswasey.com
127.0.0.1 chriswallace.net
127.0.0.1 cia-trjn.myvnc.com
127.0.0.1 www.cia-trjn.myvnc.com
127.0.0.1 ciorriere.it
127.0.0.1 www.ciorriere.it
127.0.0.1 cirriere.it
127.0.0.1 www.cirriere.it
127.0.0.1 ckick4thumbs.com
127.0.0.1 cl55.biz
127.0.0.1 clackamasliteraryreview.com
127.0.0.1 cleansoftwares.com
127.0.0.1 www.cleansoftwares.com
127.0.0.1 clearsearch.cc
127.0.0.1 clearsearch.net
127.0.0.1 clickaire.com
127.0.0.1 click-codec.com
127.0.0.1 www.click-codec.com
127.0.0.1 clickhere4search.com
127.0.0.1 www.clickhere4search.com
127.0.0.1 click-now.net
127.0.0.1 clickspring.net
127.0.0.1 www.clickspring.net
127.0.0.1 click-to-download.com
127.0.0.1 www.click-to-download.com
127.0.0.1 clicktomakeasearch.com
127.0.0.1 www.clicktomakeasearch.com
127.0.0.1 clickyestoenter.net
127.0.0.1 client.exeupdate.com
127.0.0.1 client.myadultexplorer.com
127.0.0.1 cliks.org
127.0.0.1 www.cliks.org
127.0.0.1 clorriere.it
127.0.0.1 www.clorriere.it
127.0.0.1 clrsch.com
127.0.0.1 clubxxxvideo.com
127.0.0.1 www.clubxxxvideo.com
127.0.0.1 clusif.free.fr
127.0.0.1 cmtapestry.com
127.0.0.1 cnetadd.com
127.0.0.1 www.cnetadd.com
127.0.0.1 cnzz.com
127.0.0.1 www.cnzz.com
127.0.0.1 code.ignphrases.com
127.0.0.1 codec.ninoa.com
127.0.0.1 codecdvd.net
127.0.0.1 www.codecdvd.net
127.0.0.1 codec-fun.com
127.0.0.1 www.codec-fun.com
127.0.0.1 codecsoft.net
127.0.0.1 www.codecsoft.net
127.0.0.1 codrriere.it
127.0.0.1 www.codrriere.it
127.0.0.1 coeriere.it
127.0.0.1 www.coeriere.it
127.0.0.1 coerriere.it
127.0.0.1 www.coerriere.it
127.0.0.1 cofrriere.it
127.0.0.1 www.cofrriere.it
127.0.0.1 cogrriere.it
127.0.0.1 www.cogrriere.it
127.0.0.1 coirriere.it
127.0.0.1 www.coirriere.it
127.0.0.1 command.adservs.com
127.0.0.1 www.commonname.com
127.0.0.1 computerpcgames.net
127.0.0.1 www.computerpcgames.net
127.0.0.1 computerrecover.com
127.0.0.1 www.computerrecover.com
127.0.0.1 config.180solutions.com
127.0.0.1 content.dollarrevenue.com
127.0.0.1 www.content.dollarrevenue.com
127.0.0.1 content.ireit.com
127.0.0.1 www.content.ireit.com
127.0.0.1 content.onerateld.com
127.0.0.1 contentmatch.net
127.0.0.1 www.contentmatch.net
127.0.0.1 contra-virus.com
127.0.0.1 www.contra-virus.com
127.0.0.1 controlmeh.com
127.0.0.1 www.controlmeh.com
127.0.0.1 cool.ne.jp
127.0.0.1 cooldeskalert.com
127.0.0.1 www.cooldeskalert.com
127.0.0.1 coolfetishsite.com
127.0.0.1 coolfreehost.com
127.0.0.1 coolfreepage.com
127.0.0.1 coolfreepages.com
127.0.0.1 cool-homepage.co
127.0.0.1 cool-homepage.com
127.0.0.1 coolmoneysearch.com
127.0.0.1 coolpornsearch.com
127.0.0.1 cool-search.net
127.0.0.1 cool-search.netfartpost.com
127.0.0.1 coolsearcher.info
127.0.0.1 coolservecorp.net
127.0.0.1 www.coolservecorp.net
127.0.0.1 coolwebsearch.com
127.0.0.1 www.coolwebsearch.com
127.0.0.1 cool-web-search.com
127.0.0.1 coolwebsearsh.com
127.0.0.1 coolwwwsearch.com
127.0.0.1 www.coolwwwsearch.com
127.0.0.1 cool-xxx.net
127.0.0.1 coorriere.it
127.0.0.1 www.coorriere.it
127.0.0.1 copmtraine.com
127.0.0.1 coprriere.it
127.0.0.1 www.coprriere.it
127.0.0.1 core.psyche-evolution.com
127.0.0.1 www.core.psyche-evolution.com
127.0.0.1 coreiere.it
127.0.0.1 www.coreiere.it
127.0.0.1 coreriere.it
127.0.0.1 www.coreriere.it
127.0.0.1 corrdiere.it
127.0.0.1 www.corrdiere.it
127.0.0.1 correiere.it
127.0.0.1 www.correiere.it
127.0.0.1 corrfiere.it
127.0.0.1 www.corrfiere.it
127.0.0.1 corrgiere.it
127.0.0.1 www.corrgiere.it
127.0.0.1 corridere.it
127.0.0.1 www.corridere.it
127.0.0.1 corriedre.it
127.0.0.1 www.corriedre.it
127.0.0.1 corriee.it
127.0.0.1 www.corriee.it
127.0.0.1 corrieere.it
127.0.0.1 www.corrieere.it
127.0.0.1 corriefre.it
127.0.0.1 www.corriefre.it
127.0.0.1 corriegre.it
127.0.0.1 www.corriegre.it
127.0.0.1 corrierde.it
127.0.0.1 www.corrierde.it
127.0.0.1 corriered.it
127.0.0.1 www.corriered.it
127.0.0.1 corrieree.it
127.0.0.1 www.corrieree.it
127.0.0.1 corrieref.it
127.0.0.1 www.corrieref.it
127.0.0.1 corrierer.it
127.0.0.1 www.corrierer.it
127.0.0.1 corrieres.it
127.0.0.1 www.corrieres.it
127.0.0.1 corrierew.it
127.0.0.1 www.corrierew.it
127.0.0.1 corrierfe.it
127.0.0.1 www.corrierfe.it
127.0.0.1 corrierge.it
127.0.0.1 www.corrierge.it
127.0.0.1 corrierr.it
127.0.0.1 www.corrierr.it
127.0.0.1 corrierre.it
127.0.0.1 www.corrierre.it
127.0.0.1 corrierse.it
127.0.0.1 www.corrierse.it
127.0.0.1 corrierte.it
127.0.0.1 www.corrierte.it
127.0.0.1 corrierw.it
127.0.0.1 www.corrierw.it
127.0.0.1 corrierwe.it
127.0.0.1 www.corrierwe.it
127.0.0.1 corriesre.it
127.0.0.1 www.corriesre.it
127.0.0.1 corriete.it
127.0.0.1 www.corriete.it
127.0.0.1 corrietre.it
127.0.0.1 www.corrietre.it
127.0.0.1 corriewre.it
127.0.0.1 www.corriewre.it
127.0.0.1 corrifere.it
127.0.0.1 www.corrifere.it
127.0.0.1 corriiere.it
127.0.0.1 www.corriiere.it
127.0.0.1 corrilere.it
127.0.0.1 www.corrilere.it
127.0.0.1 corrioere.it
127.0.0.1 www.corrioere.it
127.0.0.1 corrire.it
127.0.0.1 www.corrire.it
127.0.0.1 corrirere.it
127.0.0.1 www.corrirere.it
127.0.0.1 corrirre.it
127.0.0.1 www.corrirre.it
127.0.0.1 corrisere.it
127.0.0.1 www.corrisere.it
127.0.0.1 corriuere.it
127.0.0.1 www.corriuere.it
127.0.0.1 corriwere.it
127.0.0.1 www.corriwere.it
127.0.0.1 corriwre.it
127.0.0.1 www.corriwre.it
127.0.0.1 corrliere.it
127.0.0.1 www.corrliere.it
127.0.0.1 corroere.it
127.0.0.1 www.corroere.it
127.0.0.1 corroiere.it
127.0.0.1 www.corroiere.it
127.0.0.1 corrriere.it
127.0.0.1 www.corrriere.it
127.0.0.1 corrtiere.it
127.0.0.1 www.corrtiere.it
127.0.0.1 corruere.it
127.0.0.1 www.corruere.it
127.0.0.1 corruiere.it
127.0.0.1 www.corruiere.it
127.0.0.1 cortiere.it
127.0.0.1 www.cortiere.it
127.0.0.1 cortriere.it
127.0.0.1 www.cortriere.it
127.0.0.1 costrike.com
127.0.0.1 www.costrike.com
127.0.0.1 cotriere.it
127.0.0.1 www.cotriere.it
127.0.0.1 cotrriere.it
127.0.0.1 www.cotrriere.it
127.0.0.1 couldnotfind.com
127.0.0.1 count.cc
127.0.0.1 count.hitscount.net
127.0.0.1 count-all.com
127.0.0.1 countdutycall.info
127.0.0.1 www.countdutycall.info
127.0.0.1 counter.sexmaniack.com
127.0.0.1 cporriere.it
127.0.0.1 www.cporriere.it
127.0.0.1 cprriere.it
127.0.0.1 www.cprriere.it
127.0.0.1 cpvfeed.com
127.0.0.1 cracks.me.uk
127.0.0.1 cracks4all.com
127.0.0.1 www.cracks4all.com
127.0.0.1 crapsgold.info
127.0.0.1 www.crapsgold.info
127.0.0.1 Crazygirls-world.com
127.0.0.1 crazywinnings.com
127.0.0.1 www.crazywinnings.com
127.0.0.1 creamedcutties.com
127.0.0.1 createaccesskey.com
127.0.0.1 www.createaccesskey.com
127.0.0.1 creditsearchonline.com
127.0.0.1 crestring.com
127.0.0.1 crooder.com
127.0.0.1 crriere.it
127.0.0.1 www.crriere.it
127.0.0.1 crystalysmedia.com
127.0.0.1 www.crystalysmedia.com
127.0.0.1 csx.adservs.com
127.0.0.1 www.csx.adservs.com
127.0.0.1 cts.180solutions.com
127.0.0.1 cuisinartoven.com
127.0.0.1 www.cuisinartoven.com
127.0.0.1 curedc.info
127.0.0.1 www.curedc.info
127.0.0.1 curepcsolutions.com
127.0.0.1 www.curepcsolutions.com
127.0.0.1 curvedspaces.com
127.0.0.1 cutadult.com
127.0.0.1 www.cutadult.com
127.0.0.1 cvirgilio.it
127.0.0.1 www.cvirgilio.it
127.0.0.1 cvorriere.it
127.0.0.1 www.cvorriere.it
127.0.0.1 cvs.jps.ru
127.0.0.1 cvsymphony.com
127.0.0.1 cxorriere.it
127.0.0.1 www.cxorriere.it
127.0.0.1 cyberrape.com
127.0.0.1 www.cyberrape.com
127.0.0.1 cydom.com
127.0.0.1 cydoor.com
127.0.0.1 www.cydoor.com
127.0.0.1 daily-gals.com
127.0.0.1 dailypornmag.com
127.0.0.1 www.dailypornmag.com
127.0.0.1 dailyteenspic.com
127.0.0.1 dailytoolbar.com
127.0.0.1 www.dailytoolbar.com
127.0.0.1 dancingbabycd.com
127.0.0.1 data-hoster.com
127.0.0.1 www.data-hoster.com
127.0.0.1 datanotary.com
127.0.0.1 datareco.com
127.0.0.1 dating-galaxy.info
127.0.0.1 www.dating-galaxy.info
127.0.0.1 dating-search.net
127.0.0.1 davemarshall.org
127.0.0.1 db105.com
127.0.0.1 dbdecicated.com
127.0.0.1 www.dbdecicated.com
127.0.0.1 dbxcompany.com
127.0.0.1 www.dbxcompany.com
127.0.0.1 dcdl.dmcast.com
127.0.0.1 dcfitusa.com
127.0.0.1 dcorriere.it
127.0.0.1 www.dcorriere.it
127.0.0.1 dcurtis.com
127.0.0.1 www.dcurtis.com
127.0.0.1 dcww.dmcast.com
127.0.0.1 de.ag
127.0.0.1 de.drivecleaner.com
127.0.0.1 de.errorsafe.com
127.0.0.1 de.winantivirus.com
127.0.0.1 de98.remsys.org
127.0.0.1 debay.it
127.0.0.1 www.debay.it
127.0.0.1 dedmazay.3322.org
127.0.0.1 dedsearch.com
127.0.0.1 www.dedsearch.com
127.0.0.1 defaultsearch.net
127.0.0.1 Defensaantimalware.com
127.0.0.1 www.Defensaantimalware.com
127.0.0.1 deja-rue.com
127.0.0.1 www.deja-rue.com
127.0.0.1 derklaif.biz
127.0.0.1 www.derklaif.biz
127.0.0.1 derrari.it
127.0.0.1 www.derrari.it
127.0.0.1 desarrollocreativo.com
127.0.0.1 deskbar.worldtostart.com
127.0.0.1 www.deskbar.worldtostart.com
127.0.0.1 deskwizz.com
127.0.0.1 www.deskwizz.com
127.0.0.1 dev.ntcor.com
127.0.0.1 develip.com
127.0.0.1 dewis.spb.ru
127.0.0.1 dewis.us
127.0.0.1 df809jow4wj2304lfd0sf9fsd0a2t4ldf809jow4wj2304lfd0sf9fsd0a2t4ld.biz
127.0.0.1 dgbusiness.com
127.0.0.1 www.dgbusiness.com
127.0.0.1 dialer2004.com
127.0.0.1 dialerclub.com
127.0.0.1 www.dialerclub.com
127.0.0.1 dialer-shop.com
127.0.0.1 www.dialer-shop.com
127.0.0.1 dialoff.com
127.0.0.1 www.dialoff.com
127.0.0.1 did.i-used.cc
127.0.0.1 www.did.i-used.cc
127.0.0.1 dietpills4free.com
127.0.0.1 dietpussy.com
127.0.0.1 digikeygen.com
127.0.0.1 www.digikeygen.com
127.0.0.1 digistreamsa.com
127.0.0.1 digitalcoders.net
127.0.0.1 www.digitalcoders.net
127.0.0.1 www.digitalfan.com
127.0.0.1 digital-pornography.com
127.0.0.1 dionforvalleycouncil.org
127.0.0.1 directdvdpro.com
127.0.0.1 www.directdvdpro.com
127.0.0.1 directporta.info
127.0.0.1 www.directporta.info
127.0.0.1 directsearchzone.com
127.0.0.1 www.directsearchzone.com
127.0.0.1 dist.checkin100.com
127.0.0.1 dl.ad-ware.cc
127.0.0.1 dl.malwarewipe.com
127.0.0.1 dl.targetsaver.com
127.0.0.1 www.dl.targetsaver.com
127.0.0.1 dl.web-nexus.net
127.0.0.1 dl1.antivermins.com
127.0.0.1 dl1.antivirgear.com
127.0.0.1 dl1.spydawn.com
127.0.0.1 dl1.virusprotectpro.com
127.0.0.1 dl10.spyfalcon.com
127.0.0.1 dl16.spyfalcon.com
127.0.0.1 dl2.spyfalcon.com
127.0.0.1 dl2.spyheal.com
127.0.0.1 dl2.spywarestrike.com
127.0.0.1 dl3.spyfalcon.com
127.0.0.1 dl3.spyheal.com
127.0.0.1 dl3.spywarestrike.com
127.0.0.1 dl4.spyfalcon.com
127.0.0.1 dl4.spywarestrike.com
127.0.0.1 dl5.spyfalcon.com
127.0.0.1 dl5.spywarestrike.com
127.0.0.1 dl6.spywarestrike.com
127.0.0.1 dl7.spywarestrike.com
127.0.0.1 dl8.spyheal.com
127.0.0.1 dl8.spywarestrike.com
127.0.0.1 dl9.spyfalcon.com
127.0.0.1 dmcast.com
127.0.0.1 www.dmcast.com
127.0.0.1 dnaads.com
127.0.0.1 www.dnaads.com
127.0.0.1 dnl.mabou.org
127.0.0.1 dns-look-up.com
127.0.0.1 www.dns-look-up.com
127.0.0.1 doctorwaldron.com
127.0.0.1 document-not-found.pornpic.org
127.0.0.1 doggyaction.com
127.0.0.1 dogproblemswebsite.com
127.0.0.1 www.dogproblemswebsite.com
127.0.0.1 doktorxxx.com
127.0.0.1 dollarrevenue.com
127.0.0.1 domaincar.com
127.0.0.1 www.domaincar.com
127.0.0.1 domains2003.net
127.0.0.1 domains-for-you-online.com
127.0.0.1 domain-your-registration.com
127.0.0.1 domkrat.com
127.0.0.1 dotcomtoolbar.com
127.0.0.1 www.dotcomtoolbar.com
127.0.0.1 down.136136.net
127.0.0.1 download.abetterinternet.com
127.0.0.1 download.antispywarebot.com
127.0.0.1 www.download.antispywarebot.com
127.0.0.1 download.bardownload.com
127.0.0.1 www.download.bardownload.com
127.0.0.1 download.bravesentry.com
127.0.0.1 www.download.bravesentry.com
127.0.0.1 download.cdn.drivecleaner.com
127.0.0.1 download.cdn.errorsafe.com
127.0.0.1 download.cdn.winsoftware.com
127.0.0.1 download.errorsafe.com
127.0.0.1 download.jupitersatellites.biz
127.0.0.1 www.download.jupitersatellites.biz
127.0.0.1 download.searchtabs.net
127.0.0.1 download.secureyournet.biz
127.0.0.1 www.download.secureyournet.biz
127.0.0.1 download.spyonthis.net
127.0.0.1 download.spy-shredder.com
127.0.0.1 download.systemdoctor.com
127.0.0.1 download.winantispyware.com
127.0.0.1 download.winantivirus.com
127.0.0.1 download.windrivecleaner.com
127.0.0.1 download.winfixer.com
127.0.0.1 download10.spywarequake.com
127.0.0.1 download11.spywarequake.com
127.0.0.1 download12.spywarequake.com
127.0.0.1 download13.spywarequake.com
127.0.0.1 download15.spywarequake.com
127.0.0.1 download2.spywarequake.com
127.0.0.1 download-2007.com
127.0.0.1 www.download-2007.com
127.0.0.1 download3.spyaxe.com
127.0.0.1 download3.spywarequake.com
127.0.0.1 download4.spyaxe.com
127.0.0.1 download4.spywarequake.com
127.0.0.1 download5.spyaxe.com
127.0.0.1 download5.spywarequake.com
127.0.0.1 download6.spyaxe.com
127.0.0.1 download7.spywarequake.com
127.0.0.1 download8.spywarequake.com
127.0.0.1 download9.spywarequake.com
127.0.0.1 download-ad-aware.com
127.0.0.1 www.download-ad-aware.com
127.0.0.1 download-all-4-free.com
127.0.0.1 www.download-all-4-free.com
127.0.0.1 download-all-area.com
127.0.0.1 www.download-all-area.com
127.0.0.1 download-antivir.com
127.0.0.1 www.download-antivir.com
127.0.0.1 downloadanysong.com
127.0.0.1 www.downloadanysong.com
127.0.0.1 download-avast.com
127.0.0.1 www.download-avast.com
127.0.0.1 downloadcorporation.com
127.0.0.1 www.downloadcorporation.com
127.0.0.1 download-dvdshrink.com
127.0.0.1 www.download-dvdshrink.com
127.0.0.1 download-for-free.net
127.0.0.1 www.download-for-free.net
127.0.0.1 downloadfreesoft.com
127.0.0.1 www.downloadfreesoft.com
127.0.0.1 downloadfreeway.com
127.0.0.1 www.downloadfreeway.com
127.0.0.1 downloadimesh.com
127.0.0.1 www.downloadimesh.com
127.0.0.1 download-itunes-now.com
127.0.0.1 www.download-itunes-now.com
127.0.0.1 download-limewire.org
127.0.0.1 www.download-limewire.org
127.0.0.1 downloadlost.tv
127.0.0.1 www.downloadlost.tv
127.0.0.1 downloadmax.net
127.0.0.1 www.downloadmax.net
127.0.0.1 download-mcafee.com
127.0.0.1 www.download-mcafee.com
127.0.0.1 download-me.info
127.0.0.1 downloadmediaax.com
127.0.0.1 www.downloadmediaax.com
127.0.0.1 downloadpics.net
127.0.0.1 www.downloadpics.net
127.0.0.1 download-real-player.com
127.0.0.1 www.download-real-player.com
127.0.0.1 downloads.180solutions.com
127.0.0.1 downloads.adaware.cc
127.0.0.1 downloadservicearea.com
127.0.0.1 www.downloadservicearea.com
127.0.0.1 downloads-free.org
127.0.0.1 www.downloads-free.org
127.0.0.1 downloadsglobe.com
127.0.0.1 www.downloadsglobe.com
127.0.0.1 download-this.us
127.0.0.1 www.download-this.us
127.0.0.1 download-trillian.com
127.0.0.1 www.download-trillian.com
127.0.0.1 downloadv3.com
127.0.0.1 www.downloadv3.com
127.0.0.1 downloadvax.com
127.0.0.1 www.downloadvax.com
127.0.0.1 download-windvd.com
127.0.0.1 www.download-windvd.com
127.0.0.1 download-winrar.com
127.0.0.1 www.download-winrar.com
127.0.0.1 downloadwizard.com
127.0.0.1 downloadzcenter.com
127.0.0.1 downloadzcentral.com
127.0.0.1 downloadzfree.com
127.0.0.1 www.downloadzfree.com
127.0.0.1 downloadznow.net
127.0.0.1 download-zone-free.com
127.0.0.1 www.download-zone-free.com
127.0.0.1 download-zone-free.net
127.0.0.1 www.download-zone-free.net
127.0.0.1 dp-host.com
127.0.0.1 dr.mcboo.com
127.0.0.1 dr.webhancer.com
127.0.0.1 www.dr.webhancer.com
127.0.0.1 dr2.webhancer.com
127.0.0.1 www.dr2.webhancer.com
127.0.0.1 dr38.mcboo.com
127.0.0.1 dr47.mcboo.com
127.0.0.1 dragqueen.gay-clan.com
127.0.0.1 drepubblica.it
127.0.0.1 www.drepubblica.it
127.0.0.1 drivecleaner.com
127.0.0.1 www.drivecleaner.com
127.0.0.1 drivecleanr.com
127.0.0.1 www.drivecleanr.com
127.0.0.1 drocherway.com
127.0.0.1 dropspam.com
127.0.0.1 www.dropspam.com
127.0.0.1 drug-sources-exposed.com
127.0.0.1 drvvv.com
127.0.0.1 dsupereva.it
127.0.0.1 www.dsupereva.it
127.0.0.1 dtlproduct.com
127.0.0.1 www.dtlproduct.com
127.0.0.1 dudu.com
127.0.0.1 www.dudu.com
127.0.0.1 dulcineasystems.net
127.0.0.1 dumpserv.com
127.0.0.1 duolaimi.net
127.0.0.1 dutch-sex.com
127.0.0.1 dvdaccess.net
127.0.0.1 www.dvdaccess.net
127.0.0.1 dvdbank.org
127.0.0.1 dvdcodec.net
127.0.0.1 www.dvdcodec.net
127.0.0.1 dvdsmovies.net
127.0.0.1 www.dvdsmovies.net
127.0.0.1 dvdsvideos.net
127.0.0.1 www.dvdsvideos.net
127.0.0.1 dvdtocdsite.com
127.0.0.1 www.dvdtocdsite.com
127.0.0.1 dynamique.drivecleaner.com
127.0.0.1 e3bay.it
127.0.0.1 www.e3bay.it
127.0.0.1 e4bay.it
127.0.0.1 www.e4bay.it
127.0.0.1 eager-sex.com
127.0.0.1 earthllnk.net
127.0.0.1 www.earthllnk.net
127.0.0.1 eases.net
127.0.0.1 easyantispy.com
127.0.0.1 easybestdeals.com
127.0.0.1 www.easybestdeals.com
127.0.0.1 easycategories.com
127.0.0.1 easymp3musicnow.com
127.0.0.1 www.easymp3musicnow.com
127.0.0.1 easy-pharmacy.info
127.0.0.1 www.easy-pharmacy.info
127.0.0.1 easy-search.net
127.0.0.1 easysearch4you.com
127.0.0.1 www.easysearch4you.com
127.0.0.1 easysearchingtips.com
127.0.0.1 easyspyware.com
127.0.0.1 www.easyspyware.com
127.0.0.1 easywww.info
127.0.0.1 www.easywww.info
127.0.0.1 eba6y.it
127.0.0.1 www.eba6y.it
127.0.0.1 eba7y.it
127.0.0.1 www.eba7y.it
127.0.0.1 ebaay.it
127.0.0.1 www.ebaay.it
127.0.0.1 ebagy.it
127.0.0.1 www.ebagy.it
127.0.0.1 ebahy.it
127.0.0.1 www.ebahy.it
127.0.0.1 ebajy.it
127.0.0.1 www.ebajy.it
127.0.0.1 ebaqy.it
127.0.0.1 www.ebaqy.it
127.0.0.1 ebasy.it
127.0.0.1 www.ebasy.it
127.0.0.1 ebaty.it
127.0.0.1 www.ebaty.it
127.0.0.1 ebauy.it
127.0.0.1 www.ebauy.it
127.0.0.1 ebav.com
127.0.0.1 ebaw.com
127.0.0.1 ebawy.it
127.0.0.1 www.ebawy.it
127.0.0.1 ebaxy.it
127.0.0.1 www.ebaxy.it
127.0.0.1 ebay6.it
127.0.0.1 www.ebay6.it
127.0.0.1 ebay7.it
127.0.0.1 www.ebay7.it
127.0.0.1 ebayg.it
127.0.0.1 www.ebayg.it
127.0.0.1 ebayh.it
127.0.0.1 www.ebayh.it
127.0.0.1 ebayj.it
127.0.0.1 www.ebayj.it
127.0.0.1 ebayt.it
127.0.0.1 www.ebayt.it
127.0.0.1 ebayu.it
127.0.0.1 www.ebayu.it
127.0.0.1 ebazy.it
127.0.0.1 www.ebazy.it
127.0.0.1 ebch.com
127.0.0.1 ebdv.com
127.0.0.1 ebdw.com
127.0.0.1 ebestfind.org
127.0.0.1 www.ebestfind.org
127.0.0.1 ebgay.it
127.0.0.1 www.ebgay.it
127.0.0.1 ebgo.com
127.0.0.1 ebhay.it
127.0.0.1 www.ebhay.it
127.0.0.1 ebjp.com
127.0.0.1 ebkb.com
127.0.0.1 ebkn.com
127.0.0.1 ebky.com
127.0.0.1 eblv.com
127.0.0.1 ebmu.com
127.0.0.1 ebnay.it
127.0.0.1 www.ebnay.it
127.0.0.1 ebony-pornmag.com
127.0.0.1 www.ebony-pornmag.com
127.0.0.1 ebonypornmag.com
127.0.0.1 www.ebonypornmag.com
127.0.0.1 ebqay.it
127.0.0.1 www.ebqay.it
127.0.0.1 ebsay.it
127.0.0.1 www.ebsay.it
127.0.0.1 ebsy.it
127.0.0.1 www.ebsy.it
127.0.0.1 ebvay.it
127.0.0.1 www.ebvay.it
127.0.0.1 ebvr.com
127.0.0.1 ebway.it
127.0.0.1 www.ebway.it
127.0.0.1 ebxay.it
127.0.0.1 www.ebxay.it
127.0.0.1 ebzay.it
127.0.0.1 www.ebzay.it
127.0.0.1 ecmh.com
127.0.0.1 ecmp.com
127.0.0.1 ecosrioplatenses.org
127.0.0.1 ecpm.com
127.0.0.1 ecstasyporn.net
127.0.0.1 ecwz.com
127.0.0.1 ecyb.com
127.0.0.1 edbay.it
127.0.0.1 www.edbay.it
127.0.0.1 edhq.com
127.0.0.1 edietprogram.com
127.0.0.1 www.edietprogram.com
127.0.0.1 edty.com
127.0.0.1 eduy.com
127.0.0.1 eebay.it
127.0.0.1 www.eebay.it
127.0.0.1 eeev.com
127.0.0.1 eepubblica.it
127.0.0.1 www.eepubblica.it
127.0.0.1 efbay.it
127.0.0.1 www.efbay.it
127.0.0.1 egbay.it
127.0.0.1 www.egbay.it
127.0.0.1 ehbay.it
127.0.0.1 www.ehbay.it
127.0.0.1 eikokoike.com
127.0.0.1 elitecodec.com
127.0.0.1 www.elitecodec.com
127.0.0.1 elitemediagroup.net
127.0.0.1 www.elitemediagroup.net
127.0.0.1 e-localad.com
127.0.0.1 emailicon.org
127.0.0.1 www.emailicon.org
127.0.0.1 emch.com
127.0.0.1 emcodec.com
127.0.0.1 www.emcodec.com
127.0.0.1 emediacodec.com
127.0.0.1 www.emediacodec.com
127.0.0.1 emjcd.com
127.0.0.1 www.emjcd.com
127.0.0.1 emule.mp3-muzic.com
127.0.0.1 www.emule.mp3-muzic.com
127.0.0.1 emuledownloadhome.com
127.0.0.1 www.emuledownloadhome.com
127.0.0.1 emule-freebie.com
127.0.0.1 www.emule-freebie.com
127.0.0.1 enay.it
127.0.0.1 www.enay.it
127.0.0.1 enbay.it
127.0.0.1 www.enbay.it
127.0.0.1 energy-factor.com
127.0.0.1 www.energy-factor.com
127.0.0.1 engineplay.com
127.0.0.1 www.engineplay.com
127.0.0.1 engine-ticket.com
127.0.0.1 www.engine-ticket.com
127.0.0.1 enhance.com
127.0.0.1 www.enhance.com
127.0.0.1 enhancevideos.com
127.0.0.1 www.enhancevideos.com
127.0.0.1 enitinvest.net
127.0.0.1 enjoywebsurf.com
127.0.0.1 entertainsite.net
127.0.0.1 www.entertainsite.net
127.0.0.1 enterthesearch.com
127.0.0.1 www.enterthesearch.com
127.0.0.1 e-plus.cc
127.0.0.1 epornsex.com
127.0.0.1 eprotectionline.com
127.0.0.1 www.eprotectionline.com
127.0.0.1 eprotectpage.com
127.0.0.1 www.eprotectpage.com
127.0.0.1 erbay.it
127.0.0.1 www.erbay.it
127.0.0.1 erepubblica.it
127.0.0.1 www.erepubblica.it
127.0.0.1 ergosites.com
127.0.0.1 erossoalice.it
127.0.0.1 www.erossoalice.it
127.0.0.1 errari.it
127.0.0.1 www.errari.it
127.0.0.1 error404site.com
127.0.0.1 www.error404site.com
127.0.0.1 error404site.net
127.0.0.1 www.error404site.net
127.0.0.1 errorkiller.com
127.0.0.1 www.errorkiller.com
127.0.0.1 errorprotector.com
127.0.0.1 www.errorprotector.com
127.0.0.1 errorsafe.com
127.0.0.1 www.errorsafe.com
127.0.0.1 errorsdns.com
127.0.0.1 www.errorsdns.com
127.0.0.1 ert0003.e76.163ns.com
127.0.0.1 ertikadeswiokinganfujas.com
127.0.0.1 www.ertikadeswiokinganfujas.com
127.0.0.1 es.winantivirus.com
127.0.0.1 es0-www.5zgmu7o20kt5d8yq.com
127.0.0.1 es1-www.5zgmu7o20kt5d8yq.com
127.0.0.1 es2-www.5zgmu7o20kt5d8yq.com
127.0.0.1 es3-www.5zgmu7o20kt5d8yq.com
127.0.0.1 es4-www.5zgmu7o20kt5d8yq.com
127.0.0.1 es5-www.5zgmu7o20kt5d8yq.com
127.0.0.1 es6-www.5zgmu7o20kt5d8yq.com
127.0.0.1 es7-www.5zgmu7o20kt5d8yq.com
127.0.0.1 es8-www.5zgmu7o20kt5d8yq.com
127.0.0.1 es9-www.5zgmu7o20kt5d8yq.com
127.0.0.1 esafetylist.com
127.0.0.1 www.esafetylist.com
127.0.0.1 esafetypage.com
127.0.0.1 www.esafetypage.com
127.0.0.1 esbay.it
127.0.0.1 www.esbay.it
127.0.0.1 esearch2005.com
127.0.0.1 www.esearch2005.com
127.0.0.1 esecuritynote.com
127.0.0.1 www.esecuritynote.com
127.0.0.1 esecuritypage.com
127.0.0.1 www.esecuritypage.com
127.0.0.1 esupereva.it
127.0.0.1 www.esupereva.it
127.0.0.1 etomi.all-downloads-now.com
127.0.0.1 www.etomi.all-downloads-now.com
127.0.0.1 eupdatepage.com
127.0.0.1 www.eupdatepage.com
127.0.0.1 euuu.com
127.0.0.1 evbay.it
127.0.0.1 www.evbay.it
127.0.0.1 evidence-detector.biz
127.0.0.1 evilspidercomics.com
127.0.0.1 evko.biz
127.0.0.1 www.evko.biz
127.0.0.1 ewbay.it
127.0.0.1 www.ewbay.it
127.0.0.1 ewebsearch.net
127.0.0.1 e-websitesolutions.com
127.0.0.1 ewizard.cc
127.0.0.1 exaccess.ru
127.0.0.1 www.exaccess.ru
127.0.0.1 excellentsckin.com
127.0.0.1 exeupdate.com
127.0.0.1 www.exeupdate.com
127.0.0.1 exflow.org
127.0.0.1 www.exflow.org
127.0.0.1 exit.megago.com
127.0.0.1 expandvideo.com
127.0.0.1 www.expandvideo.com
127.0.0.1 exportplay.com
127.0.0.1 www.exportplay.com
127.0.0.1 extremepaidsurveys.com
127.0.0.1 www.extremepaidsurveys.com
127.0.0.1 extremeseek.net
127.0.0.1 eza1netsearch.com
127.0.0.1 www.eza1netsearch.com
127.0.0.1 ezcybersearch.com
127.0.0.1 www.ezcybersearch.com
127.0.0.1 ez-searching.com
127.0.0.1 ezwebsearching.com
127.0.0.1 www.ezwebsearching.com
127.0.0.1 f1.bestmanage.org
127.0.0.1 f1.truth-is-out-there.org
127.0.0.1 f1organizer.com
127.0.0.1 www.f1organizer.com
127.0.0.1 f2.bestmanage.org
127.0.0.1 f2.truth-is-out-there.org
127.0.0.1 f3.bestmanage.org
127.0.0.1 f3.truth-is-out-there.org
127.0.0.1 f4.bestmanage.org
127.0.0.1 f4.truth-is-out-there.org
127.0.0.1 f5.bestmanage.org
127.0.0.1 f5.truth-is-out-there.org
127.0.0.1 f6.bestmanage.org
127.0.0.1 f7.bestmanage.org
127.0.0.1 f7.truth-is-out-there.org
127.0.0.1 f8.bestmanage.org
127.0.0.1 f8.truth-is-out-there.org
127.0.0.1 f9.bestmanage.org
127.0.0.1 f9.truth-is-out-there.org
127.0.0.1 fairsearcher.com
127.0.0.1 www.fairsearcher.com
127.0.0.1 faithstevens.com
127.0.0.1 fantasiewelten.com
127.0.0.1 farmacept32.phpnet.us
127.0.0.1 farmsteadbandb.com
127.0.0.1 farse.com
127.0.0.1 fartpost.com
127.0.0.1 fastfreedownload.com
127.0.0.1 fastmetasearch.com
127.0.0.1 www.fastmetasearch.com
127.0.0.1 fastssearch.com
127.0.0.1 www.fastssearch.com
127.0.0.1 fastwebfinder.com
127.0.0.1 faxporn.com
127.0.0.1 fazzetta.it
127.0.0.1 www.fazzetta.it
127.0.0.1 fcorriere.it
127.0.0.1 www.fcorriere.it
127.0.0.1 featured-results.com
127.0.0.1 febay.it
127.0.0.1 www.febay.it
127.0.0.1 feed.dedsearch.com
127.0.0.1 feeds.2search.com
127.0.0.1 www.feeds.2search.com
127.0.0.1 feeds2.2search.org
127.0.0.1 www.feeds2.2search.org
127.0.0.1 ferraeri.it
127.0.0.1 www.ferraeri.it
127.0.0.1 ferrai.it
127.0.0.1 www.ferrai.it
127.0.0.1 ferrarei.it
127.0.0.1 www.ferrarei.it
127.0.0.1 ferrarti.it
127.0.0.1 www.ferrarti.it
127.0.0.1 ferrasri.it
127.0.0.1 www.ferrasri.it
127.0.0.1 ferratri.it
127.0.0.1 www.ferratri.it
127.0.0.1 ferreari.it
127.0.0.1 www.ferreari.it
127.0.0.1 ferrri.it
127.0.0.1 www.ferrri.it
127.0.0.1 ferrsari.it
127.0.0.1 www.ferrsari.it
127.0.0.1 ferrtari.it
127.0.0.1 www.ferrtari.it
127.0.0.1 fetrrari.it
127.0.0.1 www.fetrrari.it
127.0.0.1 fgazzetta.it
127.0.0.1 www.fgazzetta.it
127.0.0.1 fgoogle.it
127.0.0.1 www.fgoogle.it
127.0.0.1 fhg.panet.org
127.0.0.1 fhgate.com
127.0.0.1 www.fhgate.com
127.0.0.1 fickenisgeil.de
127.0.0.1 file.unionsms.net
127.0.0.1 filestore.com
127.0.0.1 www.filestore.com
127.0.0.1 filetretporn.com
127.0.0.1 www.filetretporn.com
127.0.0.1 Filtrodetrojan.com
127.0.0.1 www.Filtrodetrojan.com
127.0.0.1 finalfantasyactionfigures.com
127.0.0.1 www.finalfantasyactionfigures.com
127.0.0.1 finance-loans.com
127.0.0.1 find4u.net
127.0.0.1 find-52.com
127.0.0.1 www.find-52.com
127.0.0.1 findanyshow.org
127.0.0.1 www.findanyshow.org
127.0.0.1 find-find-777.net
127.0.0.1 www.find-find-777.net
127.0.0.1 find-itnow.com
127.0.0.1 findit-now.com
127.0.0.1 findloss.com
127.0.0.1 findthesite.com
127.0.0.1 findthewebsiteyouneed.com
127.0.0.1 www.findthewebsiteyouneed.com
127.0.0.1 find-uk-health.co.uk
127.0.0.1 findwapsite.org
127.0.0.1 www.findwapsite.org
127.0.0.1 findwhatevernow.com
127.0.0.1 www.findwhatevernow.com
127.0.0.1 fined.biz
127.0.0.1 fine-search.net
127.0.0.1 fionasteel.com
127.0.0.1 firefoxdownload-now.com
127.0.0.1 www.firefoxdownload-now.com
127.0.0.1 firehunt.com
127.0.0.1 www.firehunt.com
127.0.0.1 firgilio.it
127.0.0.1 www.firgilio.it
127.0.0.1 firstbookmark.net
127.0.0.1 firstgoodsearch.com
127.0.0.1 www.firstgoodsearch.com
127.0.0.1 fitness-free.com
127.0.0.1 fixerantispy.com
127.0.0.1 www.fixerantispy.com
127.0.0.1 fjsynebcod.com
127.0.0.1 www.fjsynebcod.com
127.0.0.1 flashdollars.com
127.0.0.1 www.flashdollars.com
127.0.0.1 flashflashmx.3322.org
127.0.0.1 floorsovertexas.com
127.0.0.1 www.floorsovertexas.com
127.0.0.1 floproject.com
127.0.0.1 www.floproject.com
127.0.0.1 flrxtools.greatnuke.com
127.0.0.1 flrx-tools.net
127.0.0.1 www.flrx-tools.net
127.0.0.1 fn777.greatbahamas.com
127.0.0.1 www.fn777.greatbahamas.com
127.0.0.1 foodvacations.net
127.0.0.1 forex.jps.ru
127.0.0.1 forexcredit.com
127.0.0.1 forexcredit.ru
0
Réponse 7 / 21
jlpjlp Messages postés 51580 Date d'inscription vendredi 18 mai 2007 Statut Contributeur sécurité Dernière intervention 3 mai 2022 5 040
18 oct. 2007 à 12:50
regarde mon message precedant et fais la suite
0
Réponse 8 / 21
gringosky
18 oct. 2007 à 13:27
Pardon, je n'avais pas fait attention qu'il y avait une suite.
- Pour Outlook express, j'ai supprimé l'ensemble des fichiers situés dans "éléments supprimés",
- J'ai installé la nouvelle version de Java et supprimé l'ancienne,
- J'ai lancé AVG pour une recherche rapide en mode normal (rapport ci dessous),
- Le lien vers le tool de sUBs est inactif, je ne l'ai donc pas lancé,
- J'ai téléchargé Clean, je passe en mode sans échec pour le lancer,
- Je ferai le scan en ligne et le hijackthis ensuite (j'ai déjà effectué les modifications de dossier et de nom) pour enfin coller les rapoorts.
@+


---------------------------------------------------------
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------

+ Créé à: 13:25:43 18/10/2007

+ Résultat de l'analyse:



C:\WINDOWS\ekdia140.exe -> Heuristic.Win32.Dialer : Aucune action entreprise.
C:\Documents and Settings\HP_Administrateur\Cookies\hp_administrateur@2o7[1].txt -> TrackingCookie.2o7 : Aucune action entreprise.
C:\Documents and Settings\HP_Administrateur\Cookies\hp_administrateur@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Aucune action entreprise.
C:\Documents and Settings\HP_Administrateur\Cookies\hp_administrateur@advertising[2].txt -> TrackingCookie.Advertising : Aucune action entreprise.
C:\Documents and Settings\HP_Administrateur\Cookies\hp_administrateur@ssl-hints.netflame[1].txt -> TrackingCookie.Netflame : Aucune action entreprise.
C:\Documents and Settings\HP_Administrateur\Cookies\hp_administrateur@bs.serving-sys[1].txt -> TrackingCookie.Serving-sys : Aucune action entreprise.
C:\Documents and Settings\HP_Administrateur\Cookies\hp_administrateur@serving-sys[2].txt -> TrackingCookie.Serving-sys : Aucune action entreprise.


Fin du rapport
0
Réponse 9 / 21
gringosky
18 oct. 2007 à 13:47
R.A.S. pour clean en mode sans échec.
Ci dessous le rapport de hijackthis.
Toujours pas accès aux registres et toujours message à l'ouverture de windows concernant C:\WINDOWS\System32\printer.exe.
Je viens de lancer le scan en ligne (Bitdefender) et AVG pour une analyse complète en mode normal.
@+


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:46:08, on 18/10/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
c:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
c:\Program Files\Norton AntiVirus\navapsvc.exe
c:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\Explorer.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\ehome\ehtray.exe
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\system32\hphmon06.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\keyhook.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\WINDOWS\system32\CTHELPER.EXE
C:\Program Files\Creative\SBAudigy2ZS\DVDAudio\CTDVDDet.EXE
C:\Program Files\Arcadyan Wireless\Configuration\SoftAp.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\WINDOWS\system32\ps2.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Fichiers communs\VirusGarde\stmon.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\PROGRA~1\HELPAN~1\Pavilion\XPEWWBF4\plugin\bin\pchbutton.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\system32\CTSvcCDA.EXE
C:\WINDOWS\eHome\ehRecvr.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Arcadyan Wireless\pctwpasv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
c:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Outlook Express\msimn.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\hijackthis\eden.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr?cobrand=hp-desktop.msn.com&ocid=HPDHP&pc=HPDTDF
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FR_FR&c=Q404&bd=pavilion&pf=desktop
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FR_FR&c=Q404&bd=pavilion&pf=desktop
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://www.msn.com/fr-fr?cobrand=hp-desktop.msn.com&ocid=HPDHP&pc=HPDTDF
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
F2 - REG:system.ini: Shell=Explorer.exe C:\WINDOWS\system32\printer.exe
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {ABCDECF0-4B15-11D1-ABED-709549C10000} - (no file)
O3 - Toolbar: Vue HP - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - c:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [HPHUPD06] c:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe
O4 - HKLM\..\Run: [HPHmon06] C:\WINDOWS\system32\hphmon06.exe
O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [SiS Windows KeyHook] C:\WINDOWS\system32\keyhook.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [CTDVDDET] C:\Program Files\Creative\SBAudigy2ZS\DVDAudio\CTDVDDet.EXE
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [SoftAP] C:\Program Files\Arcadyan Wireless\NetCfgWizard.exe /U
O4 - HKLM\..\Run: [Wireless SoftAP] "C:\Program Files\Arcadyan Wireless\Configuration\SoftAp.exe" /M
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Resume copy] copyfstq.exe /startup
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [POINTER] point32.exe
O4 - HKLM\..\Run: [RavAV] C:\WINDOWS\AdobeR.exe
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Salestart] "C:\Program Files\Fichiers communs\VirusGarde\stmon.exe" dm=http://virusgarde.com; ad=http://virusgarde.com
O4 - HKLM\..\Run: [rtasks] C:\Program Files\VirusGarde\rtasks.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
O4 - HKCU\..\Run: [Acme.PCHButton] C:\PROGRA~1\HELPAN~1\Pavilion\XPEWWBF4\plugin\bin\pchbutton.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\RunOnce: [SetDefaultMIDI] MIDIDEF.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SetDefaultMIDI] MIDIDEF.EXE (User 'Default user')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {E87F6C8E-16C0-11D3-BEF7-009027438003} (Persits Software XUpload) - https://tiragesphoto.fnac.com/
O17 - HKLM\System\CCS\Services\Tcpip\..\{8065FA02-E52A-443D-873E-58DEC07F2D81}: NameServer = 213.228.0.23,212.27.32.176
O20 - AppInit_DLLs: C:\WINDOWS\system32\sulimo.dat
O20 - Winlogon Notify: msldr32 - msldr32.dll (file missing)
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTSvcCDA.EXE
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - c:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SoftAP WPA Authenticator Service (PCTWPASV) - PCTEL Inc. - C:\Program Files\Arcadyan Wireless\pctwpasv.exe
O23 - Service: SAVScan - Symantec Corporation - c:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
0
Réponse 10 / 21
jlpjlp Messages postés 51580 Date d'inscription vendredi 18 mai 2007 Statut Contributeur sécurité Dernière intervention 3 mai 2022 5 040
18 oct. 2007 à 14:18
le tool de sUBs
a faire:
http://www.techsupportforum.com/sectools/sUBs/Flash_Disinfector.exe


pour virer RJUMP virus ici:
O4 - HKLM\..\Run: [RavAV] C:\WINDOWS\AdobeR.exe
____________

tu as mal fais avg antispyware car rien n'a été viré!


Si un fichier est infecté en fin d'analyse

->Clique sur "Appliquer toutes les actions "


C:\WINDOWS\ekdia140.exe -> Heuristic.Win32.Dialer : Aucune action entreprise.

__________

Télécharge SDFix (créé par AndyManchesta) et sauvegarde le sur ton Bureau.
http://downloads.andymanchesta.com/RemovalTools/SDFix.exe
Double clique sur SDFix.exe et choisis Install pour l'extraire dans un dossier dédié sur le Bureau. Redémarre ton ordinateur en mode sans échec en suivant la procédure que voici :
• Redémarre ton ordinateur
• Après avoir entendu l'ordinateur biper lors du démarrage, mais avant que l'icône Windows apparaisse, tapote la touche F8 (une pression par seconde).
• A la place du chargement normal de Windows, un menu avec différentes options devrait apparaître.
• Choisis la première option, pour exécuter Windows en mode sans échec, puis appuie sur "Entrée".
• Choisis ton compte.
Déroule la liste des instructions ci-dessous :
• Ouvre le dossier SDFix qui vient d'être créé dans le répertoire C:\ et double clique sur RunThis.bat pour lancer le script.
• Appuie sur Y pour commencer le processus de nettoyage.
• Il va supprimer les services et les entrées du Registre de certains trojans trouvés puis te demandera d'appuyer sur une touche pour redémarrer.
• Appuie sur une touche pour redémarrer le PC.
• Ton système sera plus long pour redémarrer qu'à l'accoutumée car l'outil va continuer à s'exécuter et supprimer des fichiers.
• Après le chargement du Bureau, l'outil terminera son travail et affichera Finished.
• Appuie sur une touche pour finir l'exécution du script et charger les icônes de ton Bureau.
• Les icônes du Bureau affichées, le rapport SDFix s'ouvrira à l'écran et s'enregistrera aussi dans le dossier SDFix sous le nom Report.txt.
• Enfin, copie/colle le contenu du fichier Report.txt dans ta prochaine réponse sur le forum

________________

lance rogue remover

https://www.01net.com/telecharger/


________________


scan avec vundofix (colle le rapport)

Téléchargez VundoFix -> http://www.atribune.org/ccount/click.php?id=4

Double cliquez VundoFix.exe pour l'exécuter.
Quand VundoFix s'ouvre, cliquez sur le bouton Scan for Vundo.
Une fois le scan fini, cliquez sur le bouton Remove Vundo.
Vous recevrez un avertissement vous demandant si vous voulez effacer ces
fichiers répondez en cliquant sur YES
Une fois que vous avez cliqué yes, votre bureau deviendra vide au moment où il
enlève Vundo.

Quand c'est fini, il vous sera demandé de redémarrer votre ordinateur, cliquez
OK.

_________________

combofix (colle le rapport)

http://mickael.barroux.free.fr/securite/combofix.php


___________________

recolle hijackthis et dis tes pbs si printer encore present
0
Réponse 11 / 21
gringosky
18 oct. 2007 à 14:57
Voilà où j'en suis.
- Scan PC et recherche AVG toujours en cours;
C'est assez long.
Quasiment rien de détecté pour le moment.
En parallèle :
- SUBs téléchargé et exécuté,
- RJUMP supprimé,
- Pour l'antispyware, pas de souci, j'ai juste imprimé un rapport intermédiaire. Je les ai supprimé juste après.
- SDFix téléchargé.
J'attends que le scan et AVG aient terminé pour l'exécuter en mode sans échec,
- Rogue remover exécuté. Deux fichiers supprimés (rapport ci dessous),
- Combofix exécuté (rapport ci dessous),
- Vundofix exécuté. J'attends la fin du scan et d'AVG pour accepter de redémarrer.
Je redémarrerai en mode sans échec et finirai avec SDFix.
Enfin, je relancerai hijackthis.
Je te tiens au courant des différents résultats.
@+

--------------------------------------------------------------------------------------------------------------------------------

Malwarebytes' RogueRemover
Malwarebytes ©2007 https://www.malwarebytes.com/
5680 total fingerprints loaded.

Loading database ...
Expanding environmental variables ...

Scanning files ... [ 100% ].
Scanning folders ... [ 100% ].
Scanning registry keys ... [ 100% ].
Scanning registry values ... [ 100% ].

--------------------------------------------------------------------------------------------------------------------------------

ComboFix 07-10-18.6 - HP_Administrateur 2007-10-18 14:38:37.1 - NTFSx86
Le temps d'ex‚cution du script a ‚t‚ d‚pass‚ pour le script "C:\ComboFix\osid.vbs".
L'ex‚cution du script a pris fin.
Running from: C:\Documents and Settings\HP_Administrateur\Bureau\Drivers\ComboFix.exe
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\All Users\Application Data.\salesmonitor
C:\Documents and Settings\HP_Administrateur\Application Data\install_fr[1].exe

.
((((((((((((((((((((((((((((( Fichiers créés 2007-09-18 to 2007-10-18 ))))))))))))))))))))))))))))))))))))
.

2007-10-18 14:31 <REP> d-------- C:\Program Files\RogueRemover FREE
2007-10-18 14:27 51,200 --a------ C:\WINDOWS\nircmd.exe
2007-10-18 13:21 <REP> d-------- C:\hijackthis
2007-10-18 11:14 5,104 --a------ C:\WINDOWS\system32\tmp.reg
2007-10-18 11:13 289,144 --a------ C:\WINDOWS\system32\VCCLSID.exe
2007-10-18 11:13 288,417 --a------ C:\WINDOWS\system32\SrchSTS.exe
2007-10-18 11:13 53,248 --a------ C:\WINDOWS\system32\Process.exe
2007-10-18 11:13 51,200 --a------ C:\WINDOWS\system32\dumphive.exe
2007-10-18 11:13 25,600 --a------ C:\WINDOWS\system32\WS2Fix.exe
2007-10-18 10:33 <REP> d-------- C:\WINDOWS\BDOSCAN8
2007-10-17 23:17 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2007-10-17 23:01 <REP> d--h----- C:\WINDOWS\system32\GroupPolicy
2007-10-17 21:56 266,360 --a------ C:\WINDOWS\system32\TweakUI.exe
2007-10-17 21:04 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Grisoft
2007-10-17 20:50 <REP> d-------- C:\Program Files\Fichiers communs\VirusGarde
2007-10-17 20:50 24,064 --a------ C:\WINDOWS\system32\msxml3a.dll
2007-10-17 14:50 1,536 --a------ C:\WINDOWS\system32\Delete_Me_Dummy_sulimo.dat

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-10-18 11:14 --------- d-----w C:\Program Files\Java
2007-10-17 11:45 --------- d-----w C:\Program Files\Diablo II
2007-10-17 11:44 43,520 ----a-w C:\WINDOWS\system32\CmdLineExt03.dll
2007-10-13 19:14 --------- d-----w C:\Program Files\eMule
2007-10-13 17:45 --------- d-----w C:\Documents and Settings\HP_Administrateur\Application Data\U3
2007-10-02 21:49 --------- d-----w C:\Documents and Settings\HP_Administrateur\Application Data\Azureus
2007-10-02 19:19 --------- d-----w C:\Program Files\Azureus
2007-09-11 20:18 30,648 ----a-w C:\Documents and Settings\HP_Administrateur\Application Data\GDIPFONTCACHEV1.DAT
2007-08-30 18:20 --------- d-----w C:\Documents and Settings\All Users\Application Data\nView_Profiles
2007-08-21 06:17 683,520 ----a-w C:\WINDOWS\system32\inetcomm.dll
2007-07-30 17:19 92,504 ----a-w C:\WINDOWS\system32\cdm.dll
2007-07-30 17:19 549,720 ----a-w C:\WINDOWS\system32\wuapi.dll
2007-07-30 17:19 53,080 ----a-w C:\WINDOWS\system32\wuauclt.exe
2007-07-30 17:19 43,352 ----a-w C:\WINDOWS\system32\wups2.dll
2007-07-30 17:19 325,976 ----a-w C:\WINDOWS\system32\wucltui.dll
2007-07-30 17:19 203,096 ----a-w C:\WINDOWS\system32\wuweb.dll
2007-07-30 17:19 1,712,984 ----a-w C:\WINDOWS\system32\wuaueng.dll
2007-07-30 17:18 33,624 ----a-w C:\WINDOWS\system32\wups.dll
.

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray"="C:\WINDOWS\ehome\ehtray.exe" [2004-08-10 12:04]
"hpsysdrv"="c:\windows\system\hpsysdrv.exe" [1998-05-07 17:04]
"HPHUPD06"="c:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe" [2004-06-07 19:53]
"HPHmon06"="C:\WINDOWS\system32\hphmon06.exe" [2004-06-07 19:43]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2004-06-08 21:31]
"Recguard"="C:\WINDOWS\SMINST\RECGUARD.EXE" [2004-04-14 21:43]
"VTTimer"="VTTimer.exe" []
"SiS Windows KeyHook"="C:\WINDOWS\system32\keyhook.exe" [2004-05-20 10:47]
"ccApp"="C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe" [2005-04-06 10:59]
"CTHelper"="CTHELPER.EXE" [2003-11-14 02:18 C:\WINDOWS\system32\CTHELPER.EXE]
"ATIPTA"="C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2005-09-14 22:05]
"CTDVDDET"="C:\Program Files\Creative\SBAudigy2ZS\DVDAudio\CTDVDDet.EXE" [2003-06-18 02:00]
"UpdReg"="C:\WINDOWS\UpdReg.EXE" [2000-05-11 02:00]
"SoftAP"="C:\Program Files\Arcadyan Wireless\NetCfgWizard.exe" [2004-02-17 11:19]
"Wireless SoftAP"="C:\Program Files\Arcadyan Wireless\Configuration\SoftAp.exe" [2004-02-17 11:20]
"Symantec NetDriver Monitor"="C:\PROGRA~1\SYMNET~1\SNDMon.exe" [2005-08-19 19:31]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 11:50]
"Resume copy"="copyfstq.exe" [2005-09-19 17:52 C:\WINDOWS\copyfstq.exe]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2004-01-01 11:33]
"LVCOMSX"="C:\WINDOWS\system32\LVCOMSX.EXE" [2004-02-25 17:15]
"LogitechVideoRepair"="C:\Program Files\Logitech\Video\ISStart.exe" [2004-02-25 18:15]
"LogitechVideoTray"="C:\Program Files\Logitech\Video\LogiTray.exe" [2004-02-25 18:06]
"POINTER"="point32.exe" []
"PS2"="C:\WINDOWS\system32\ps2.exe" [2002-10-16 17:57]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2007-04-12 23:44]
"nwiz"="nwiz.exe" [2007-04-12 23:44 C:\WINDOWS\system32\nwiz.exe]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2007-04-12 23:44]
"SunJavaUpdateSched"="C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe" []

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Acme.PCHButton"="C:\PROGRA~1\HELPAN~1\Pavilion\XPEWWBF4\plugin\bin\pchbutton.exe" [2004-01-01 11:42]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-06-27 08:45]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2007-08-31 16:46]

[HKEY_USERS\.default\software\microsoft\windows\currentversion\runonce]
"SetDefaultMIDI"=MIDIDEF.EXE
"StartMS"="C:\Program Files\Creative\Shared Files\Media Sniffer\StartMS.EXE" /s
"CMSRegOW.exe"="C:\Program Files\InstallShield Installation Information\{56F3E1FF-54FE-4384-A153-6CCABA097814}\CMSRegOW.exe" /r

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"=C:\WINDOWS\Resources\Themes\Royale.theme

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\msldr32]
msldr32.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"appinit_dlls"=C:\WINDOWS\system32\sulimo.dat

R2 PCTWPASV;SoftAP WPA Authenticator Service;"C:\Program Files\Arcadyan Wireless\pctwpasv.exe"
R3 PCTINDIS5;PCTINDIS5 NDIS Protocol Driver;\??\C:\WINDOWS\system32\PCTINDIS5.SYS
R3 PRISM_A00;Intersil PRISM 802.11a/g Driver;C:\WINDOWS\system32\DRIVERS\PCTELSAP.SYS
R3 USBSTOR;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
S3 AR5523;NETGEAR WG111T USB2.0 Wireless Card Service;C:\WINDOWS\system32\DRIVERS\wg11tnd5.sys
S3 ATHFMWDL;NETGEAR WG111T bootloader driver;C:\WINDOWS\system32\Drivers\ATHFMWDL.sys
S3 DNINDIS5;DNINDIS5 NDIS Protocol Driver;\??\C:\WINDOWS\system32\DNINDIS5.SYS
S3 NUVision;Hauppauge WinTV USB Pro (PAL/SECAM);C:\WINDOWS\system32\DRIVERS\NUVision.sys

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\K]
AutoRun\command - K:\LaunchU3.exe -a

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\L]
AutoRun\command - L:\LaunchU3.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2a36cafe-33bf-11dc-8849-00112fd1a626}]
AutoRun\command - explorer.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{6a9dbb71-068e-11db-85a4-00112fd1a626}]
AutoRun\command - explorer.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{9bffcf53-8434-11da-84c2-000fb5978528}]
AutoRun\command - explorer.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ee809dfe-ad0d-11da-8503-00112fd1a626}]
AutoRun\command - explorer.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ee97117a-52a8-11dc-885f-00112fd1a626}]
AutoRun\command - explorer.exe

*Newly Created Service* - CATCHME
.
Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
"2007-10-07 02:00:00 C:\WINDOWS\Tasks\Norton AntiVirus - Analyser mon ordinateur - HP_Administrateur.job"
- c:\PROGRA~1\NORTON~1\Navw32.exe
"2007-10-18 11:28:02 C:\WINDOWS\Tasks\Symantec NetDetect.job"
"2007-10-09 01:00:00 C:\WINDOWS\Tasks\XoftSpySE.job"
- C:\Documents and Settings\HP_Administrateur\Bureau\Drivers\XoftSpySE\XoftSpy.exe
.
**************************************************************************

catchme 0.3.1169 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-10-18 14:46:47
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2007-10-18 14:47:56
.
--- E O F ---

RogueRemover has detected rogue antispyware components! Results below...

Type: Registry Value
Vendor: WinAntiVirus 2007
Location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|rtasks
Selected for removal: Yes

Type: Registry Value
Vendor: ErrorProtector
Location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|Salestart
Selected for removal: Yes

RogueRemover has found the objects above.

--------------------------------------------------------------------------------------------------------------------------------
0
Réponse 12 / 21
gringosky
18 oct. 2007 à 15:31
Ca y est, j'ai tout exécuté.
Ci dessous les rapports de SDFix et de Hijackthis.
Je ne sais pas s'il y a encore des erreurs, mais j'ai de nouveau accès aux registres, et le message d'erreur à l'entame de windows ne s'affiche plus.
Un très grand merci pour tout.
Très bonne continuation.




SDFix: Version 1.109

Run by HP_Administrateur on 18/10/2007 at 15:11

Microsoft Windows XP [version 5.1.2600]

Running From: C:\SDFix

Safe Mode:
Checking Services:


Restoring Windows Registry Values
Restoring Windows Default Hosts File

Rebooting...


Normal Mode:
Checking Files:

No Trojan Files Found




Removing Temp Files...

ADS Check:

C:\WINDOWS
No streams found.

C:\WINDOWS\system32
No streams found.

C:\WINDOWS\system32\svchost.exe
No streams found.

C:\WINDOWS\system32\ntoskrnl.exe
No streams found.



Final Check:

Remaining Services:
------------------



Authorized Application Key Export:

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

Remaining Files:
---------------


Files with Hidden Attributes:

Wed 22 Dec 2004 204 ..SHR --- "C:\BOOT.BAK"
Wed 22 Dec 2004 4,348 A.SH. --- "C:\Documents and Settings\All Users\DRM\DRMv1.bak"
Sat 5 Feb 2005 782 A.SH. --- "C:\Documents and Settings\All Users\DRM\DRMv10.bak"
Mon 9 May 2005 401 A.SH. --- "C:\Documents and Settings\All Users\DRM\DRMv11.bak"
Mon 17 Oct 2005 782 A.SH. --- "C:\Documents and Settings\All Users\DRM\DRMv13.bak"
Mon 17 Oct 2005 1,163 A.SH. --- "C:\Documents and Settings\All Users\DRM\DRMv15.bak"
Sun 12 Jun 2005 1,163 A.SH. --- "C:\Documents and Settings\All Users\DRM\DRMv16.bak"
Mon 9 May 2005 401 A.SH. --- "C:\Documents and Settings\All Users\DRM\DRMv17.bak"
Mon 23 May 2005 1,163 A.SH. --- "C:\Documents and Settings\All Users\DRM\DRMv18.bak"
Sat 5 Feb 2005 401 A.SH. --- "C:\Documents and Settings\All Users\DRM\DRMv19.bak"
Tue 16 Oct 2007 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\d03f71700772ecd1d20bacc33c473cd5\BIT5C.tmp"
Mon 12 Feb 2007 3,096,576 A..H. --- "C:\Documents and Settings\HP_Administrateur\Application Data\U3\temp\Launchpad Removal.exe"
Thu 18 Oct 2007 5,998 A.SH. --- "C:\Documents and Settings\All Users\Documents\Recorded TV\TempRec\TempSBE\SBE1.tmp"
Fri 3 Nov 2006 579,584 A..H. --- "C:\Documents and Settings\HP_Administrateur\Bureau\Sky\Boulot\R‚daction Manuscrit\~WRL0005.tmp"
Sun 5 Nov 2006 589,824 A..H. --- "C:\Documents and Settings\HP_Administrateur\Bureau\Sky\Boulot\R‚daction Manuscrit\~WRL0340.tmp"
Sun 5 Nov 2006 588,800 A..H. --- "C:\Documents and Settings\HP_Administrateur\Bureau\Sky\Boulot\R‚daction Manuscrit\~WRL0482.tmp"
Sun 5 Nov 2006 589,312 A..H. --- "C:\Documents and Settings\HP_Administrateur\Bureau\Sky\Boulot\R‚daction Manuscrit\~WRL0662.tmp"
Sun 5 Nov 2006 588,800 A..H. --- "C:\Documents and Settings\HP_Administrateur\Bureau\Sky\Boulot\R‚daction Manuscrit\~WRL0916.tmp"
Fri 3 Nov 2006 386,560 A..H. --- "C:\Documents and Settings\HP_Administrateur\Bureau\Sky\Boulot\R‚daction Manuscrit\~WRL2466.tmp"
Sun 5 Nov 2006 589,824 A..H. --- "C:\Documents and Settings\HP_Administrateur\Bureau\Sky\Boulot\R‚daction Manuscrit\~WRL2782.tmp"
Sun 5 Nov 2006 589,312 A..H. --- "C:\Documents and Settings\HP_Administrateur\Bureau\Sky\Boulot\R‚daction Manuscrit\~WRL3654.tmp"
Sun 5 Nov 2006 588,288 A..H. --- "C:\Documents and Settings\HP_Administrateur\Bureau\Sky\Boulot\R‚daction Manuscrit\~WRL3659.tmp"
Fri 7 Oct 2005 74,240 A..H. --- "C:\Documents and Settings\HP_Administrateur\Bureau\Sky\Boulot\IEEE TNN\Publi IEEE TNN\~WRL0672.tmp"
Tue 11 Oct 2005 71,680 A..H. --- "C:\Documents and Settings\HP_Administrateur\Bureau\Sky\Boulot\IEEE TNN\Publi IEEE TNN\~WRL1150.tmp"

Finished!


---------------------------------------------------------------


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:29:25, on 18/10/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
c:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
c:\Program Files\Norton AntiVirus\navapsvc.exe
c:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\system32\CTSvcCDA.EXE
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Arcadyan Wireless\pctwpasv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\MsPMSPSv.exe
c:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\wscntfy.exe
c:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymSCUI.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\notepad.exe
C:\WINDOWS\ehome\ehtray.exe
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\system32\hphmon06.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\keyhook.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\WINDOWS\system32\CTHELPER.EXE
C:\Program Files\Creative\SBAudigy2ZS\DVDAudio\CTDVDDet.EXE
C:\Program Files\Arcadyan Wireless\Configuration\SoftAp.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\WINDOWS\system32\ps2.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\PROGRA~1\HELPAN~1\Pavilion\XPEWWBF4\plugin\bin\pchbutton.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\Outlook Express\msimn.exe
C:\Program Files\Messenger\msmsgs.exe
c:\Program Files\Norton AntiVirus\OPScan.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\hijackthis\eden.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr?cobrand=hp-desktop.msn.com&ocid=HPDHP&pc=HPDTDF
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FR_FR&c=Q404&bd=pavilion&pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FR_FR&c=Q404&bd=pavilion&pf=desktop
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://www.msn.com/fr-fr?cobrand=hp-desktop.msn.com&ocid=HPDHP&pc=HPDTDF
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
F2 - REG:system.ini: Shell=Explorer.exe C:\WINDOWS\system32\printer.exe
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {ABCDECF0-4B15-11D1-ABED-709549C10000} - (no file)
O3 - Toolbar: Vue HP - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - c:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [HPHUPD06] c:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe
O4 - HKLM\..\Run: [HPHmon06] C:\WINDOWS\system32\hphmon06.exe
O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [SiS Windows KeyHook] C:\WINDOWS\system32\keyhook.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [CTDVDDET] C:\Program Files\Creative\SBAudigy2ZS\DVDAudio\CTDVDDet.EXE
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [SoftAP] C:\Program Files\Arcadyan Wireless\NetCfgWizard.exe /U
O4 - HKLM\..\Run: [Wireless SoftAP] "C:\Program Files\Arcadyan Wireless\Configuration\SoftAp.exe" /M
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Resume copy] copyfstq.exe /startup
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [POINTER] point32.exe
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
O4 - HKLM\..\Run: [RavAV] C:\WINDOWS\AdobeR.exe
O4 - HKLM\..\Run: [Salestart] "C:\Program Files\Fichiers communs\VirusGarde\stmon.exe" dm=http://virusgarde.com; ad=http://virusgarde.com
O4 - HKLM\..\Run: [rtasks] C:\Program Files\VirusGarde\rtasks.exe
O4 - HKCU\..\Run: [Acme.PCHButton] C:\PROGRA~1\HELPAN~1\Pavilion\XPEWWBF4\plugin\bin\pchbutton.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\RunOnce: [SetDefaultMIDI] MIDIDEF.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SetDefaultMIDI] MIDIDEF.EXE (User 'Default user')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {E87F6C8E-16C0-11D3-BEF7-009027438003} (Persits Software XUpload) - https://tiragesphoto.fnac.com/
O17 - HKLM\System\CCS\Services\Tcpip\..\{8065FA02-E52A-443D-873E-58DEC07F2D81}: NameServer = 213.228.0.23,212.27.32.176
O20 - AppInit_DLLs: C:\WINDOWS\system32\sulimo.dat
O20 - Winlogon Notify: msldr32 - msldr32.dll (file missing)
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTSvcCDA.EXE
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - c:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SoftAP WPA Authenticator Service (PCTWPASV) - PCTEL Inc. - C:\Program Files\Arcadyan Wireless\pctwpasv.exe
O23 - Service: SAVScan - Symantec Corporation - c:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
0
Réponse 13 / 21
jlpjlp Messages postés 51580 Date d'inscription vendredi 18 mai 2007 Statut Contributeur sécurité Dernière intervention 3 mai 2022 5 040
18 oct. 2007 à 15:50
recolle apres avg et vundofix un nouveau rapport hijackthis
0
Réponse 14 / 21
gringosky
18 oct. 2007 à 20:32
Bonsoir,

Rapport AVG ci dessous.
Vundofix exécuté, aucun fichié détecté.
Rapport hijackthis ci dessous.


---------------------------------------------------------
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------

+ Créé à: 20:24:19 18/10/2007

+ Résultat de l'analyse:



C:\System Volume Information\_restore{15E1A520-8A89-4825-9793-6282812E3DA8}\RP759\A0057339.exe -> Heuristic.Win32.Dialer : Nettoyé.
C:\System Volume Information\_restore{15E1A520-8A89-4825-9793-6282812E3DA8}\RP759\A0057340.exe -> Heuristic.Win32.Dialer : Nettoyé.
C:\System Volume Information\_restore{15E1A520-8A89-4825-9793-6282812E3DA8}\RP759\A0057341.exe -> Heuristic.Win32.Dialer : Nettoyé.
C:\System Volume Information\_restore{15E1A520-8A89-4825-9793-6282812E3DA8}\RP765\A0058784.exe -> Heuristic.Win32.Dialer : Nettoyé.
C:\System Volume Information\_restore{15E1A520-8A89-4825-9793-6282812E3DA8}\RP766\A0058852.exe -> Not-A-Virus.Downloader.Win32.WinFixer.z : Nettoyé.
C:\qoobox\Quarantine\C\Documents and Settings\HP_Administrateur\Application Data\install_fr[1].exe.vir -> Not-A-Virus.Downloader.Win32.WinFixer.z : Nettoyé.
C:\Documents and Settings\HP_Administrateur\Cookies\hp_administrateur@2o7[3].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\HP_Administrateur\Cookies\hp_administrateur@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\HP_Administrateur\Cookies\hp_administrateur@adtech[1].txt -> TrackingCookie.Adtech : Nettoyé.
C:\Documents and Settings\HP_Administrateur\Cookies\hp_administrateur@advertising[2].txt -> TrackingCookie.Advertising : Nettoyé.
C:\Documents and Settings\HP_Administrateur\Cookies\hp_administrateur@ssl-hints.netflame[2].txt -> TrackingCookie.Netflame : Nettoyé.
C:\Documents and Settings\HP_Administrateur\Cookies\hp_administrateur@bs.serving-sys[1].txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Documents and Settings\HP_Administrateur\Cookies\hp_administrateur@serving-sys[1].txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Documents and Settings\HP_Administrateur\Cookies\hp_administrateur@smartadserver[2].txt -> TrackingCookie.Smartadserver : Nettoyé.
C:\Documents and Settings\HP_Administrateur\Cookies\hp_administrateur@weborama[2].txt -> TrackingCookie.Weborama : Nettoyé.


Fin du rapport

-------------------------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:29:55, on 18/10/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
c:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
c:\Program Files\Norton AntiVirus\navapsvc.exe
c:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\system32\CTSvcCDA.EXE
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Arcadyan Wireless\pctwpasv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\MsPMSPSv.exe
c:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\wscntfy.exe
c:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymSCUI.exe
C:\WINDOWS\ehome\ehtray.exe
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\system32\hphmon06.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\keyhook.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\WINDOWS\system32\CTHELPER.EXE
C:\Program Files\Creative\SBAudigy2ZS\DVDAudio\CTDVDDet.EXE
C:\Program Files\Arcadyan Wireless\Configuration\SoftAp.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\WINDOWS\system32\ps2.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\PROGRA~1\HELPAN~1\Pavilion\XPEWWBF4\plugin\bin\pchbutton.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\Outlook Express\msimn.exe
C:\Program Files\Messenger\msmsgs.exe
C:\hijackthis\eden.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr?cobrand=hp-desktop.msn.com&ocid=HPDHP&pc=HPDTDF
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FR_FR&c=Q404&bd=pavilion&pf=desktop
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/webhp?sourceid=navclient&hl=fr&ie=UTF-8&rls=GGLD,GGLD:2005-24,GGLD:fr&gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FR_FR&c=Q404&bd=pavilion&pf=desktop
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://www.msn.com/fr-fr?cobrand=hp-desktop.msn.com&ocid=HPDHP&pc=HPDTDF
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
F2 - REG:system.ini: Shell=Explorer.exe C:\WINDOWS\system32\printer.exe
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {ABCDECF0-4B15-11D1-ABED-709549C10000} - (no file)
O3 - Toolbar: Vue HP - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - c:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [HPHUPD06] c:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe
O4 - HKLM\..\Run: [HPHmon06] C:\WINDOWS\system32\hphmon06.exe
O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [SiS Windows KeyHook] C:\WINDOWS\system32\keyhook.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [CTDVDDET] C:\Program Files\Creative\SBAudigy2ZS\DVDAudio\CTDVDDet.EXE
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [SoftAP] C:\Program Files\Arcadyan Wireless\NetCfgWizard.exe /U
O4 - HKLM\..\Run: [Wireless SoftAP] "C:\Program Files\Arcadyan Wireless\Configuration\SoftAp.exe" /M
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Resume copy] copyfstq.exe /startup
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [POINTER] point32.exe
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
O4 - HKLM\..\Run: [RavAV] C:\WINDOWS\AdobeR.exe
O4 - HKLM\..\Run: [Salestart] "C:\Program Files\Fichiers communs\VirusGarde\stmon.exe" dm=http://virusgarde.com; ad=http://virusgarde.com
O4 - HKLM\..\Run: [rtasks] C:\Program Files\VirusGarde\rtasks.exe
O4 - HKCU\..\Run: [Acme.PCHButton] C:\PROGRA~1\HELPAN~1\Pavilion\XPEWWBF4\plugin\bin\pchbutton.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\RunOnce: [SetDefaultMIDI] MIDIDEF.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SetDefaultMIDI] MIDIDEF.EXE (User 'Default user')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {E87F6C8E-16C0-11D3-BEF7-009027438003} (Persits Software XUpload) - https://tiragesphoto.fnac.com/
O17 - HKLM\System\CCS\Services\Tcpip\..\{8065FA02-E52A-443D-873E-58DEC07F2D81}: NameServer = 213.228.0.23,212.27.32.176
O20 - AppInit_DLLs: C:\WINDOWS\system32\sulimo.dat
O20 - Winlogon Notify: msldr32 - msldr32.dll (file missing)
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTSvcCDA.EXE
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - c:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SoftAP WPA Authenticator Service (PCTWPASV) - PCTEL Inc. - C:\Program Files\Arcadyan Wireless\pctwpasv.exe
O23 - Service: SAVScan - Symantec Corporation - c:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
0
Réponse 15 / 21
jlpjlp Messages postés 51580 Date d'inscription vendredi 18 mai 2007 Statut Contributeur sécurité Dernière intervention 3 mai 2022 5 040
18 oct. 2007 à 20:49
FIX (fix checked) CES LIGNES AVEC HIJACKTHIS apres avoir coché chacune sur la gauche



R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
F2 - REG:system.ini: Shell=Explorer.exe C:\WINDOWS\system32\printer.exe
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {ABCDECF0-4B15-11D1-ABED-709549C10000} - (no file)


O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
O4 - HKLM\..\Run: [RavAV] C:\WINDOWS\AdobeR.exe
O4 - HKLM\..\Run: [Salestart] "C:\Program Files\Fichiers communs\VirusGarde\stmon.exe" dm=http://virusgarde.com; ad=http://virusgarde.com
O4 - HKLM\..\Run: [rtasks] C:\Program Files\VirusGarde\rtasks.exe

O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll

O20 - AppInit_DLLs: C:\WINDOWS\system32\sulimo.dat
O20 - Winlogon Notify: msldr32 - msldr32.dll (file missing)




___________________


télécharge OTMoveIt http://download.bleepingcomputer.com/oldtimer/OTMoveIt.exe (de Old_Timer) sur ton Bureau.
double-clique sur OTMoveIt.exe pour le lancer.
copie la liste qui se trouve en citation ci-dessous,
et colle-la dans le cadre de gauche de OTMoveIt :Paste List of Files/Folders to be moved.

Citation :

C:\Program Files\Fichiers communs\VirusGarde\stmon.exe
C:\WINDOWS\AdobeR.exe
C:\WINDOWS\system32\printer.exe
C:\Program Files\VirusGarde\rtasks.exe
C:\WINDOWS\system32\sulimo.dat


clique sur MoveIt! pour lancer la suppression.
le résultat apparaitra dans le cadre "Results".
clique sur Exit pour fermer.
poste le rapport situé dans C:\_OTMoveIt\MovedFiles.

il te sera peut-être demander de redémarrer le pc pour achever la suppression.si c'est le cas accepte par Yes.


____________________


si tout s'est bien passé

désactive la restauration système pour purger les virus qui seraient dedans puis réactive là (dans DEMARRER puis TOUS LES PROGRAMMES puis ACCESSOIRE puis OUTILS SYSTEME puis RESTAURATION SYSTEME puis paramètre)

____________________

recolle hijackthis
0
Réponse 16 / 21
gringosky
18 oct. 2007 à 21:06
Re-Bonsoir

J'ai fixé les lignes énoncées,
J'ai téléchargé OTMoveIt et exécuté avec les citations (rapport ci dessous).
J'ai ensuite désactivé la restauration du systèm, appliqué, puis réactivé, puis appliqué.
Enfin, j'ai relancé Hijackthos (rapport ci dessous).

C:\Program Files\Fichiers communs\VirusGarde\stmon.exe moved successfully.
File/Folder C:\WINDOWS\AdobeR.exe not found.
File/Folder C:\WINDOWS\system32\printer.exe not found.
File/Folder C:\Program Files\VirusGarde\rtasks.exe not found.
File/Folder C:\WINDOWS\system32\sulimo.dat not found.

Created on 10/18/2007 20:57:32

----------------------------------------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:03:04, on 18/10/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
c:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
c:\Program Files\Norton AntiVirus\navapsvc.exe
c:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\system32\CTSvcCDA.EXE
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Arcadyan Wireless\pctwpasv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\MsPMSPSv.exe
c:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\wscntfy.exe
c:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymSCUI.exe
C:\WINDOWS\ehome\ehtray.exe
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\system32\hphmon06.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\keyhook.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\WINDOWS\system32\CTHELPER.EXE
C:\Program Files\Creative\SBAudigy2ZS\DVDAudio\CTDVDDet.EXE
C:\Program Files\Arcadyan Wireless\Configuration\SoftAp.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\WINDOWS\system32\ps2.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\PROGRA~1\HELPAN~1\Pavilion\XPEWWBF4\plugin\bin\pchbutton.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\Outlook Express\msimn.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\hijackthis\eden.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr?cobrand=hp-desktop.msn.com&ocid=HPDHP&pc=HPDTDF
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FR_FR&c=Q404&bd=pavilion&pf=desktop
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/webhp?sourceid=navclient&hl=fr&ie=UTF-8&rls=GGLD,GGLD:2005-24,GGLD:fr&gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FR_FR&c=Q404&bd=pavilion&pf=desktop
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://www.msn.com/fr-fr?cobrand=hp-desktop.msn.com&ocid=HPDHP&pc=HPDTDF
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O3 - Toolbar: Vue HP - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - c:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [HPHUPD06] c:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe
O4 - HKLM\..\Run: [HPHmon06] C:\WINDOWS\system32\hphmon06.exe
O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [SiS Windows KeyHook] C:\WINDOWS\system32\keyhook.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [CTDVDDET] C:\Program Files\Creative\SBAudigy2ZS\DVDAudio\CTDVDDet.EXE
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [SoftAP] C:\Program Files\Arcadyan Wireless\NetCfgWizard.exe /U
O4 - HKLM\..\Run: [Wireless SoftAP] "C:\Program Files\Arcadyan Wireless\Configuration\SoftAp.exe" /M
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [Resume copy] copyfstq.exe /startup
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [POINTER] point32.exe
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [Acme.PCHButton] C:\PROGRA~1\HELPAN~1\Pavilion\XPEWWBF4\plugin\bin\pchbutton.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\RunOnce: [SetDefaultMIDI] MIDIDEF.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SetDefaultMIDI] MIDIDEF.EXE (User 'Default user')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {E87F6C8E-16C0-11D3-BEF7-009027438003} (Persits Software XUpload) - https://tiragesphoto.fnac.com/
O17 - HKLM\System\CCS\Services\Tcpip\..\{8065FA02-E52A-443D-873E-58DEC07F2D81}: NameServer = 213.228.0.23,212.27.32.176
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTSvcCDA.EXE
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - c:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SoftAP WPA Authenticator Service (PCTWPASV) - PCTEL Inc. - C:\Program Files\Arcadyan Wireless\pctwpasv.exe
O23 - Service: SAVScan - Symantec Corporation - c:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
0
Réponse 17 / 21
jlpjlp Messages postés 51580 Date d'inscription vendredi 18 mai 2007 Statut Contributeur sécurité Dernière intervention 3 mai 2022 5 040
18 oct. 2007 à 21:35
regarde dans poste de travail si presents:

C:\WINDOWS\AdobeR.exe
C:\WINDOWS\system32\printer.exe
C:\Program Files\VirusGarde\rtasks.exe
C:\WINDOWS\system32\sulimo.dat


______________


colle le rapport d'un scan en ligne
avec un des suivants:


bitdefender en ligne :
http://www.bitdefender.fr/scan_fr/scan8/ie.html

Panda en ligne :
http://pandasoftware.fr

secuser en ligne :
http://www.secuser.com/outils/antivirus.htm

scan en ligne firefox

https://www.trendmicro.com/fr_fr/business.html

________________


encore des pbs?
0
Réponse 18 / 21
gringosky
19 oct. 2007 à 12:48
Bonjour,

Pas de fichier aux 4 chemins d'accès mentionnés.
Rapport de scan Bitdefender ci dessous

BitDefender Online Scanner



Scan report generated at: Fri, Oct 19, 2007 - 10:51:35





Scan path: C:\;D:\;E:\;F:\;G:\;H:\;I:\;J:\;







Statistics

Time
01:20:53

Files
403583

Folders
6966

Boot Sectors
3

Archives
33011

Packed Files
24910




Results

Identified Viruses
2

Infected Files
2

Suspect Files
0

Warnings
0

Disinfected
0

Deleted Files
2




Engines Info

Virus Definitions
835200

Engine build
AVCORE v1.0 (build 2422) (i386) (Sep 25 2007 08:26:36)

Scan plugins
14

Archive plugins
38

Unpack plugins
7

E-mail plugins
6

System plugins
1




Scan Settings

First Action
Disinfect

Second Action
Delete

Heuristics
Yes

Enable Warnings
Yes

Scanned Extensions
*;

Exclude Extensions


Scan Emails
Yes

Scan Archives
Yes

Scan Packed
Yes

Scan Files
Yes

Scan Boot
Yes




Scanned File
Status

C:\Documents and Settings\HP_Administrateur\Bureau\Drivers\Flash_Disinfector.exe=>(RAR Sfx o)=>Flash_Disinfector.cmd
Infected with: Trojan.Batc.Flashdis.A

C:\Documents and Settings\HP_Administrateur\Bureau\Drivers\Flash_Disinfector.exe=>(RAR Sfx o)=>Flash_Disinfector.cmd
Disinfection failed

C:\Documents and Settings\HP_Administrateur\Bureau\Drivers\Flash_Disinfector.exe=>(RAR Sfx o)=>Flash_Disinfector.cmd
Deleted

C:\Documents and Settings\HP_Administrateur\Bureau\Drivers\Flash_Disinfector.exe=>(RAR Sfx o)
Update failed

C:\Program Files\Norton AntiVirus\Quarantine\284C2086=>(Quarantine-2)=>naked1.rtf.pif
Infected with: Win32.Netsky.C@mm

C:\Program Files\Norton AntiVirus\Quarantine\284C2086=>(Quarantine-2)=>naked1.rtf.pif
Deleted

C:\Program Files\Norton AntiVirus\Quarantine\284C2086=>(Quarantine-2)
Updated

C:\Program Files\Norton AntiVirus\Quarantine\284C2086
Update failed

BitDefender Online Scanner - Real Time Virus Report



Generated at: Fri, Oct 19, 2007 - 12:47:04


--------------------------------------------------------------------------------

Scan Info


Scanned Files
410631

Infected Files
2


Virus Detected

Trojan.Batc.Flashdis.A
1

Win32.Netsky.C@mm
1
0
Réponse 19 / 21
jlpjlp Messages postés 51580 Date d'inscription vendredi 18 mai 2007 Statut Contributeur sécurité Dernière intervention 3 mai 2022 5 040
19 oct. 2007 à 13:15
C:\Documents and Settings\HP_Administrateur\Bureau\Drivers\Flash_Disinfector.exe=>(RAR Sfx o)=>Flash_Disinfector.cmd

ca c'est logiciels que je t'ai fais installé que tu peux desinstaller

___________


et le reste est un virus qui est dejà en quarantiane dans norton:
supprime ce qui est en quarantaine dans norton

C:\Program Files\Norton AntiVirus\Quarantine\284C2086=>(Quarantine-2)=>naked1.rtf.pif
Infected with: Win32.Netsky.C@mm



bonne continuation
0
Réponse 20 / 21
philippe
1 nov. 2007 à 20:26
Bonjour,
au secours, g le probleme decrit ci-dessus
la panique s'empare de moi
je perds plein de possibilité de mon pc
il est bourré de travail
aie
help

merci
0

Discussions similaires

qu'est-ce que diff message ?
zebulonmarie -
mumu -

18 réponses
Que veut dire le signe "^^" dans les SMS ou sur MSN ?
takataka26 -
Sarah -

12 réponses
mail forwardé, c'est quoi
kiki -
0beron -

9 réponses
Comment reconnaitre si un SMS m'indiquant un message vocal est une arnaque ?
kikidefer -
brucine -

9 réponses
Non envoyé. Appuyez pour réessayer. Problème d'envoi SMS pour un seul contact.
emembi -
amilton -

4 réponses