message: Warning! potential spyware operation Résolu

Question

Bonjour,
Depuis hier aprem, j'ai une fenetre windows security alert qui s'ouvre "Warning! potential spyware operation".
Depuis qu'elle s'affiche, je n'ai plus accès ni au panneau de configuration, ni aux registres, ni à la fenetre qui s'ouvre après ctrl alt suppr (message d'erreur comme quoi je ne suis pas administrateur, alors que je suis administrateur et seul utilisateur de ce pc perso (XP home)).
L'affichage du message "Warning! potential spyware operation" et les restrictions administrateur s'opèrent aussi en mode sans échec.

J'ai exécuté AVG et Spybot en mode sans échec à plusieurs reprises.
Ré-apparaissent à chaque fois sur AVG "Heuristic.win32.dialer" et "trojan.qhost.my", même si je les mets en quarantaine à chaque fois puis que je les détruis.
De plus, à chaque ouverture de windows, j'ai maintenant le message relatif à C:\WINDOWS\System32\printer.exe qui s'affiche (comme quoi il ne le trouve plus).
Enfin, impossible de faire une restauration du système à une date antérieure. 
J'exécute actuellement un scan du pc à l'aide de bitdefender online, comme celà a été conseillé dans un autre post.

Avez vous déjà rencontré ce problème?
Si oui, que puis je faire d'autre que ce que je fais actuellement, afin d'avoir de nouveau accès aux droits administrateurs et ne plus avoir le message "Warning! potential spyware operation"?
Merci d'avance.

jlpjlp · Answer

slt,
smit fraud fix (colle le rapport)

1/ telecharger :

http://siri.urz.free.fr/Fix/SmitfraudFix.php




2/ double clique sur smitfraudfix. puis sélectionne 1 et appuyer sur entrée afin de créer le rapport des infection présentes. une fois le rapport effectué redémarre en mode sans échec (en appuyant sur F8 ou suppr, ou F5 au démarrage en général) 

3/ puis refaire comme en 2/ mais sélectionne l'option 2 et appuyer sur entrée pour commencer la désinfection. lorsque le programme demande si tu veut nettoyer le registre mets oui en tapant 0 et entrée

____________

colle le rapport avg antispyware

gringosky · Answer

Bonjour,
merci de m'aider.
J'ai téléchargé le SmitfraudFix et l'ai lancé (étape '1' - rapport ci dessous).
a noter que lors de son exécution, plusieurs fenetres relatives à l'impossibilité d'accéder aux registres par limitation des droits administrateurs se sont ouvertes.

Pour l'étape '2', je redémarrerai le pc en mode sans échec une fois le scan de bitdefender terminé (je transmettrai le rapport à ce moment).
J'effecteurai une nouvelle anayle AVG Spyware en parallèle et transmettrai le rapport.

SmitFraudFix v2.240

Rapport fait à 11:14:06,98, 18/10/2007
Executé à partir de C:\WINDOWS\BDOSCAN8\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Le type du système de fichiers est NTFS
Fix executé en mode normal

»»»»»»»»»»»»»»»»»»»»»»»» Process

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
c:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
c:\Program Files\Norton AntiVirus
avapsvc.exe
c:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\Explorer.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\system32\hphmon06.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\keyhook.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\WINDOWS\system32\CTHELPER.EXE
C:\Program Files\Creative\SBAudigy2ZS\DVDAudio\CTDVDDet.EXE
C:\Program Files\Arcadyan Wireless\Configuration\SoftAp.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\WINDOWS\system32\ps2.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Fichiers communs\VirusGarde\stmon.exe
C:\WINDOWS\system32\CTSvcCDA.EXE
C:\PROGRA~1\HELPAN~1\Pavilion\XPEWWBF4\plugin\bin\pchbutton.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\autorun.exe
C:\WINDOWS\system32
vsvc32.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Arcadyan Wireless\pctwpasv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
c:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32
otepad.exe
C:\WINDOWS\system32\cmd.exe

»»»»»»»»»»»»»»»»»»»»»»»» hosts

Fichier hosts corrompu !

127.0.0.1	legal-at-spybot.info
127.0.0.1	www.legal-at-spybot.info

»»»»»»»»»»»»»»»»»»»»»»»» C:\


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32

C:\WINDOWS\system32\printer.exe PRESENT !
C:\WINDOWS\system32\sulimo.dat PRESENT !
C:\WINDOWS\system32\vtr???.dll PRESENT !

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32\LogFiles


»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\HP_Administrateur


»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\HP_Administrateur\Application Data


»»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer

C:\DOCUME~1\HP_ADM~1\MENUDM~1\PROGRA~1\DMARRA~1\system.exe PRESENT !
C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\DMARRA~1\autorun.exe PRESENT !

»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\HP_ADM~1\Favoris


»»»»»»»»»»»»»»»»»»»»»»»» Bureau


»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files 


»»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues


»»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau
 
 

»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll


»»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\WINDOWS\system32\sulimo.dat"


»»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"System"=""


»»»»»»»»»»»»»»»»»»»»»»»» Rustock



»»»»»»»»»»»»»»»»»»»»»»»» DNS

Description: Realtek RTL8139/810x Family Fast Ethernet NIC - Miniport d'ordonnancement de paquets
DNS Server Search Order: 212.27.54.252
DNS Server Search Order: 212.27.53.252

Description: Wireless PCI 802.11b/g adapter WN4201B - Miniport d'ordonnancement de paquets
DNS Server Search Order: 213.228.0.23
DNS Server Search Order: 212.27.32.176

HKLM\SYSTEM\CCS\Services\Tcpip\..\{8065FA02-E52A-443D-873E-58DEC07F2D81}: NameServer=213.228.0.23,212.27.32.176
HKLM\SYSTEM\CCS\Services\Tcpip\..\{F10D2860-EFA5-42FC-930E-D6C89E7D55E6}: DhcpNameServer=212.27.54.252 212.27.53.252
HKLM\SYSTEM\CS1\Services\Tcpip\..\{8065FA02-E52A-443D-873E-58DEC07F2D81}: NameServer=213.228.0.23,212.27.32.176
HKLM\SYSTEM\CS1\Services\Tcpip\..\{F10D2860-EFA5-42FC-930E-D6C89E7D55E6}: DhcpNameServer=212.27.54.252 212.27.53.252
HKLM\SYSTEM\CS3\Services\Tcpip\..\{8065FA02-E52A-443D-873E-58DEC07F2D81}: NameServer=213.228.0.23,212.27.32.176
HKLM\SYSTEM\CS3\Services\Tcpip\..\{F10D2860-EFA5-42FC-930E-D6C89E7D55E6}: DhcpNameServer=212.27.54.252 212.27.53.252
HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=212.27.54.252 212.27.53.252
HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=212.27.54.252 212.27.53.252
HKLM\SYSTEM\CS3\Services\Tcpip\Parameters: DhcpNameServer=212.27.54.252 212.27.53.252


»»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll


»»»»»»»»»»»»»»»»»»»»»»»» Fin

jlpjlp · Answer

ok fais bien smitfraud fix deuxieme partie car il a trouvé des infections!

gringosky · Answer

Ci dessous le rapportde BitDefender.
Je passe en mode sans echec.
@+

BitDefender Online Scanner
  
  
 
Scan report generated at: Thu, Oct 18, 2007 - 12:10:36
 
 
  
  
 
Scan path: C:\;D:\;E:\;F:\;G:\;H:\;I:\;J:\;
  
  
 
 
  
  
 
Statistics
 
Time
 01:34:19
 
Files
 436287
 
Folders
 7282
 
Boot Sectors
 3
 
Archives
 40197
 
Packed Files
 22697
 
  
  
 
Results
 
Identified Viruses 
 141
 
Infected Files 
 197
 
Suspect Files 
 0
 
Warnings
 0
 
Disinfected
 0
 
Deleted Files
 206
 
  
  
 
Engines Info
 
Virus Definitions
 827131
 
Engine build
 AVCORE v1.0 (build 2422) (i386) (Sep 25 2007 08:26:36)
 
Scan plugins
 14
 
Archive plugins
 38
 
Unpack plugins
 7
 
E-mail plugins
 6
 
System plugins
 1
 
  
  
 
Scan Settings
 
First Action
 Disinfect
 
Second Action
 Delete
 
Heuristics
 Yes
 
Enable Warnings
 Yes
 
Scanned Extensions
 *;
 
Exclude Extensions
  
 
Scan Emails
 Yes
 
Scan Archives
 Yes
 
Scan Packed
 Yes
 
Scan Files
 Yes
 
Scan Boot
 Yes
 
  
  
 
  Scanned File
  Status
 
C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Démarrage\system.exe
 Infected with: Trojan.Peed.JZ
 
C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Démarrage\system.exe
 Disinfection failed
 
C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Démarrage\system.exe
 Deleted
 
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\autorun.exe
 Infected with: Trojan.Peed.JZ
 
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\autorun.exe
 Disinfection failed
 
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\autorun.exe
 Delete failed
 
C:\Documents and Settings\HP_Administrateur\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\java-35010e04-31033e8e.zip=>BaaaaBaa.class
 Infected with: Trojan.Exploit.Byteverify.AF
 
C:\Documents and Settings\HP_Administrateur\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\java-35010e04-31033e8e.zip=>BaaaaBaa.class
 Disinfection failed
 
C:\Documents and Settings\HP_Administrateur\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\java-35010e04-31033e8e.zip=>BaaaaBaa.class
 Deleted
 
C:\Documents and Settings\HP_Administrateur\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\java-35010e04-31033e8e.zip
 Updated
 
C:\Documents and Settings\HP_Administrateur\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\java-35010e04-31033e8e.zip=>Dvnny.class
 Infected with: Java.Trojan.Exploit.Bytverify
 
C:\Documents and Settings\HP_Administrateur\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\java-35010e04-31033e8e.zip=>Dvnny.class
 Disinfection failed
 
C:\Documents and Settings\HP_Administrateur\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\java-35010e04-31033e8e.zip=>Dvnny.class
 Deleted
 
C:\Documents and Settings\HP_Administrateur\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\java-35010e04-31033e8e.zip
 Updated
 
C:\Documents and Settings\HP_Administrateur\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\statistic.jar-997dd73-285f2500.zip=>BaaaaBaa.class
 Infected with: Java.Trojan.Exploit.Bytverify
 
C:\Documents and Settings\HP_Administrateur\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\statistic.jar-997dd73-285f2500.zip=>BaaaaBaa.class
 Disinfection failed
 
C:\Documents and Settings\HP_Administrateur\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\statistic.jar-997dd73-285f2500.zip=>BaaaaBaa.class
 Deleted
 
C:\Documents and Settings\HP_Administrateur\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\statistic.jar-997dd73-285f2500.zip
 Updated
 
C:\Documents and Settings\HP_Administrateur\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\statistic.jar-997dd73-285f2500.zip=>VaaaaaaaBaa.class
 Infected with: Trojan.Java.ClassLoader.D
 
C:\Documents and Settings\HP_Administrateur\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\statistic.jar-997dd73-285f2500.zip=>VaaaaaaaBaa.class
 Disinfection failed
 
C:\Documents and Settings\HP_Administrateur\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\statistic.jar-997dd73-285f2500.zip=>VaaaaaaaBaa.class
 Deleted
 
C:\Documents and Settings\HP_Administrateur\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\statistic.jar-997dd73-285f2500.zip
 Updated
 
C:\Documents and Settings\HP_Administrateur\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\statistic.jar-997dd73-285f2500.zip=>Dvnny.class
 Infected with: Java.Trojan.Exploit.Bytverify
 
C:\Documents and Settings\HP_Administrateur\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\statistic.jar-997dd73-285f2500.zip=>Dvnny.class
 Disinfection failed
 
C:\Documents and Settings\HP_Administrateur\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\statistic.jar-997dd73-285f2500.zip=>Dvnny.class
 Deleted
 
C:\Documents and Settings\HP_Administrateur\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\statistic.jar-997dd73-285f2500.zip
 Updated
 
C:\Documents and Settings\HP_Administrateur\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\statistic.jar-997dd73-285f2500.zip=>Baaaaa.class
 Infected with: Java.Trojan.Exploit.Bytverify.I
 
C:\Documents and Settings\HP_Administrateur\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\statistic.jar-997dd73-285f2500.zip=>Baaaaa.class
 Disinfection failed
 
C:\Documents and Settings\HP_Administrateur\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\statistic.jar-997dd73-285f2500.zip=>Baaaaa.class
 Deleted
 
C:\Documents and Settings\HP_Administrateur\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\statistic.jar-997dd73-285f2500.zip
 Updated
 
C:\Documents and Settings\HP_Administrateur\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\statistic.jar-997dd73-285f2500.zip=>Dex.class
 Infected with: Trojan.Classloader.G
 
C:\Documents and Settings\HP_Administrateur\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\statistic.jar-997dd73-285f2500.zip=>Dex.class
 Disinfection failed
 
C:\Documents and Settings\HP_Administrateur\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\statistic.jar-997dd73-285f2500.zip=>Dex.class
 Deleted
 
C:\Documents and Settings\HP_Administrateur\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\statistic.jar-997dd73-285f2500.zip
 Updated
 
C:\Documents and Settings\HP_Administrateur\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\statistic.jar-997dd73-285f2500.zip=>Dix.class
 Infected with: Trojan.Java.ClassLoader.D
 
C:\Documents and Settings\HP_Administrateur\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\statistic.jar-997dd73-285f2500.zip=>Dix.class
 Disinfection failed
 
C:\Documents and Settings\HP_Administrateur\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\statistic.jar-997dd73-285f2500.zip=>Dix.class
 Deleted
 
C:\Documents and Settings\HP_Administrateur\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\statistic.jar-997dd73-285f2500.zip
 Updated
 
C:\Documents and Settings\HP_Administrateur\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\statistic.jar-997dd73-285f2500.zip=>Dux.class
 Infected with: Trojan.Java.ClassLoader.D
 
C:\Documents and Settings\HP_Administrateur\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\statistic.jar-997dd73-285f2500.zip=>Dux.class
 Disinfection failed
 
C:\Documents and Settings\HP_Administrateur\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\statistic.jar-997dd73-285f2500.zip=>Dux.class
 Deleted
 
C:\Documents and Settings\HP_Administrateur\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\statistic.jar-997dd73-285f2500.zip
 Updated
 
C:\Documents and Settings\HP_Administrateur\Bureau\Drivers\kazaaspeedup.exe=>(VISE Installer o)=>msbb.exe
 Infected with: Trojan.Dialer.BJ
 
C:\Documents and Settings\HP_Administrateur\Bureau\Drivers\kazaaspeedup.exe=>(VISE Installer o)=>msbb.exe
 Disinfection failed
 
C:\Documents and Settings\HP_Administrateur\Bureau\Drivers\kazaaspeedup.exe=>(VISE Installer o)=>msbb.exe
 Deleted
 
C:\Documents and Settings\HP_Administrateur\Bureau\Drivers\kazaaspeedup.exe=>(VISE Installer o)
 Update failed
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 725)
 Infected with: Generic.Peed.Eml.7C159879
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 725)
 Disinfection failed
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 725)
 Deleted
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx
 Update failed
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 730)
 Infected with: Generic.Peed.Eml.E5873A83
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 730)
 Disinfection failed
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 730)
 Deleted
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx
 Update failed
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 748)
 Infected with: Generic.Peed.Eml.771BCF09
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 748)
 Disinfection failed
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 748)
 Deleted
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx
 Update failed
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 769)
 Infected with: Generic.Peed.Eml.85DDB835
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 769)
 Disinfection failed
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 769)
 Deleted
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx
 Update failed
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 794)
 Infected with: Generic.Peed.Eml.E6378384
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 794)
 Disinfection failed
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 794)
 Deleted
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx
 Update failed
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 797)
 Infected with: Generic.Peed.Eml.B3DAAD5B
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 797)
 Disinfection failed
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 797)
 Deleted
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx
 Update failed
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 798)
 Infected with: Generic.Peed.Eml.844A33E5
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 798)
 Disinfection failed
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 798)
 Deleted
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx
 Update failed
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 803)
 Infected with: Generic.Peed.Eml.91A069D4
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 803)
 Disinfection failed
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 803)
 Deleted
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx
 Update failed
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 804)
 Infected with: Generic.Peed.Eml.2B319AB6
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 804)
 Disinfection failed
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 804)
 Deleted
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx
 Update failed
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 805)
 Infected with: Generic.Peed.Eml.412EF583
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 805)
 Disinfection failed
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 805)
 Deleted
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx
 Update failed
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 806)
 Infected with: Generic.Peed.Eml.21FA3391
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 806)
 Disinfection failed
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 806)
 Deleted
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx
 Update failed
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 811)
 Infected with: Generic.Peed.Eml.A641B708
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 811)
 Disinfection failed
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 811)
 Deleted
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx
 Update failed
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 812)
 Infected with: Generic.Peed.Eml.AE149538
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 812)
 Disinfection failed
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 812)
 Deleted
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx
 Update failed
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 814)
 Infected with: Generic.Peed.Eml.C3155A01
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 814)
 Disinfection failed
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 814)
 Deleted
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx
 Update failed
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 818)
 Infected with: Generic.Peed.Eml.F56808BA
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 818)
 Disinfection failed
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 818)
 Deleted
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx
 Update failed
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 820)
 Infected with: Generic.Peed.Eml.2CEA8013
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 820)
 Disinfection failed
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 820)
 Deleted
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx
 Update failed
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 823)
 Infected with: Generic.Peed.Eml.30E51E9A
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 823)
 Disinfection failed
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 823)
 Deleted
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx
 Update failed
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 826)
 Infected with: Generic.Peed.Eml.2C219030
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 826)
 Disinfection failed
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 826)
 Deleted
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx
 Update failed
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 827)
 Infected with: Generic.Peed.Eml.E99BEED6
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 827)
 Disinfection failed
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 827)
 Deleted
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx
 Update failed
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 828)
 Infected with: Generic.Peed.Eml.C055ADC5
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 828)
 Disinfection failed
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 828)
 Deleted
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx
 Update failed
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 829)
 Infected with: Generic.Peed.Eml.E28A42D7
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 829)
 Disinfection failed
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 829)
 Deleted
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx
 Update failed
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 833)
 Infected with: Generic.Peed.Eml.1535FAA2
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 833)
 Disinfection failed
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 833)
 Deleted
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx
 Update failed
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 840)
 Infected with: Generic.Peed.Eml.60D2597C
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 840)
 Disinfection failed
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 840)
 Deleted
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx
 Update failed
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 843)
 Infected with: Generic.Peed.Eml.06066054
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 843)
 Disinfection failed
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 843)
 Deleted
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx
 Update failed
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 845)
 Infected with: Generic.Peed.Eml.1DB029F7
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 845)
 Disinfection failed
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 845)
 Deleted
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx
 Update failed
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 850)
 Infected with: Generic.Peed.Eml.1F1745C4
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 850)
 Disinfection failed
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 850)
 Deleted
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx
 Update failed
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 852)
 Infected with: Generic.Peed.Eml.50779EB2
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 852)
 Disinfection failed
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 852)
 Deleted
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx
 Update failed
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 853)
 Infected with: Generic.Peed.Eml.40594FAB
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 853)
 Disinfection failed
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 853)
 Deleted
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx
 Update failed
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 858)
 Infected with: Generic.Peed.Eml.07E3E57E
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 858)
 Disinfection failed
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 858)
 Deleted
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx
 Update failed
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 866)
 Infected with: Generic.Peed.Eml.8E032B2E
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 866)
 Disinfection failed
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 866)
 Deleted
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx
 Update failed
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 867)
 Infected with: Generic.Peed.Eml.31A067A2
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 867)
 Disinfection failed
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 867)
 Deleted
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx
 Update failed
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 873)
 Infected with: Generic.Peed.Eml.058FAE91
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 873)
 Disinfection failed
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 873)
 Deleted
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx
 Update failed
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 878)
 Infected with: Generic.Peed.Eml.D32BBF88
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 878)
 Disinfection failed
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 878)
 Deleted
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx
 Update failed
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 883)
 Infected with: Generic.Peed.Eml.0B4228BE
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 883)
 Disinfection failed
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 883)
 Deleted
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx
 Update failed
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 885)
 Infected with: Generic.Peed.Eml.8571E6D3
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 885)
 Disinfection failed
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 885)
 Deleted
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx
 Update failed
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 891)
 Infected with: Generic.Peed.Eml.B7F81244
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 891)
 Disinfection failed
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 891)
 Deleted
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx
 Update failed
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 892)
 Infected with: Generic.Peed.Eml.4557C9E1
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 892)
 Disinfection failed
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 892)
 Deleted
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx
 Update failed
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 893)
 Infected with: Generic.Peed.Eml.DF57071A
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 893)
 Disinfection failed
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 893)
 Deleted
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx
 Update failed
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 894)
 Infected with: Generic.Peed.Eml.739EBEA7
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 894)
 Disinfection failed
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 894)
 Deleted
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx
 Update failed
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 896)
 Infected with: Generic.Peed.Eml.2E256AC6
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 896)
 Disinfection failed
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 896)
 Deleted
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx
 Update failed
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 897)
 Infected with: Generic.Peed.Eml.6281C9A3
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 897)
 Disinfection failed
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 897)
 Deleted
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx
 Update failed
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 898)
 Infected with: Generic.Peed.Eml.4433921E
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 898)
 Disinfection failed
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 898)
 Deleted
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx
 Update failed
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 899)
 Infected with: Generic.Peed.Eml.9E7E453A
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 899)
 Disinfection failed
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 899)
 Deleted
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx
 Update failed
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 903)
 Infected with: Generic.Peed.Eml.28DBFAB0
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 903)
 Disinfection failed
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 903)
 Deleted
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx
 Update failed
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 907)
 Infected with: Generic.Peed.Eml.82DD965B
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 907)
 Disinfection failed
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 907)
 Deleted
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx
 Update failed
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 909)
 Infected with: Generic.Peed.Eml.39F41B5F
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 909)
 Disinfection failed
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 909)
 Deleted
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx
 Update failed
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 912)
 Infected with: Generic.Peed.Eml.323DBCD8
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 912)
 Disinfection failed
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 912)
 Deleted
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx
 Update failed
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 916)
 Infected with: Generic.Peed.Eml.978D23A4
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 916)
 Disinfection failed
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 916)
 Deleted
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx
 Update failed
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 920)
 Infected with: Generic.Peed.Eml.2847BBC1
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 920)
 Disinfection failed
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 920)
 Deleted
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx
 Update failed
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 922)
 Infected with: Generic.Peed.Eml.F667DBDD
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 922)
 Disinfection failed
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 922)
 Deleted
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx
 Update failed
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 923)
 Infected with: Generic.Peed.Eml.58EF75AE
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 923)
 Disinfection failed
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 923)
 Deleted
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx
 Update failed
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 927)
 Infected with: Generic.Peed.Eml.2236AC01
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 927)
 Disinfection failed
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 927)
 Deleted
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx
 Update failed
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 930)
 Infected with: Generic.Peed.Eml.A62D599E
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 930)
 Disinfection failed
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 930)
 Deleted
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx
 Update failed
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 933)
 Infected with: Generic.Peed.Eml.8ACF7800
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 933)
 Disinfection failed
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 933)
 Deleted
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx
 Update failed
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 939)
 Infected with: Generic.Peed.Eml.379A56CC
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 939)
 Disinfection failed
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 939)
 Deleted
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx
 Update failed
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 943)
 Infected with: Generic.Peed.Eml.C3EF8CF8
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 943)
 Disinfection failed
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 943)
 Deleted
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx
 Update failed
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 945)
 Infected with: Generic.Peed.Eml.68D8EDA1
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 945)
 Disinfection failed
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 945)
 Deleted
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx
 Update failed
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 949)
 Infected with: Generic.Peed.Eml.09D05CD3
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 949)
 Disinfection failed
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 949)
 Deleted
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx
 Update failed
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 951)
 Infected with: Generic.Peed.Eml.7788CBEE
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 951)
 Disinfection failed
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 951)
 Deleted
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx
 Update failed
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 953)
 Infected with: Generic.Peed.Eml.9EA380FB
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 953)
 Disinfection failed
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 953)
 Deleted
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx
 Update failed
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 955)
 Infected with: Generic.Peed.Eml.5F2BE7B2
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 955)
 Disinfection failed
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 955)
 Deleted
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx
 Update failed
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 960)
 Infected with: Generic.Peed.Eml.11F2917A
 
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA

jlpjlp · Answer

fait la deuxieme partie de smitfraudfix

_________________

toutes ces infections sont dans ta messageries outlook express donc vire les messages de ta corbeille et ceux que tu ne connais pas!


C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Identities\{FBBA69F1-AF6E-40DC-A91C-CBA0B621E1C4}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 725)
Infected with: Generic.Peed.Eml.7C159879 



_________________
installe la nouvelle version java:
https://www.java.com/fr/


puis vas dans panneau de configuration puis AJOUT/SUPPRESSION DE PROG et supprime l'ancienne version java 

__________________

colle le rapport AVG antispyware
_________________

Télécharge ce tool de sUBs : 

http://www.techsupportforum.com/sectools/Hacked_by_Godzilla_Remover.exe 

Double-clique dessus et laisse-toiguider.

____________________

Clean permettra de faire du nettoyage et supprimer des fichiers que des anti-virus et anti-spywares n'ont pas pu trouver. Le logiciel est régulièrement mis à jour, vous devrez donc le re-téléchargé pour obtenir une version plus récente.

•  Téléchargez clean.zip, décompressez-le sur votre bureau (clic droit / extraire tout), vous obtenez alors un dossier clean 
•  Démarrez Windows en mode sans échec : Guide pour redémarrer en mode sans échec 
•  Ouvrez le dossier clean qui se trouve sur ton bureau, et double-cliquez sur clean.cmd, une fenêtre noire va apparaître pendant un instant, laissez la ouverte jusqu'à ce qu'elle se ferme.

http://kerio.probb.fr/tuto-Clean-h37.html
______________________


refait un scan en ligne et colle le rapport


_______________________

colle un rapport hijackthis 
 
http://www.trendsecure.com/portal/en-US/tools/security_tools/hijackthis/download

manuel :

https://leblogdeclaude.blogspot.com/2006/10/informatique-section-hijackthis.html


Je conseille de renomer Hijackthis, pour contrer une éventuelle infection de Vundo. 

ex:Renomme le fichier HijackThis.exe en eden.exe pour cela, fais un clic droit sur le fichier HijackThis.exe et choisis renommer dans la liste 

Ensuite avec Explorer créer un dossier c:\hijackthis 
Décompresser Hijackthis dans ce dossier. 
C'est important pour les sauvegardes."

gringosky · Answer

Ci dessous la deuxieme partie de smitfraudfix.
J'ai de nouveau accès à ctrl alt suppr, au panneau de configuration, mais toujours pas aux registres.
D'ailleurs, à chaque fois que smitfraudfix voulait accéder à la modification d'un registre, une fenetre windows security alert s'ouvrait pour dire que je n'avais pas les droits administrateurs.
Sinon, la fenetre fenetre windows security alert "Warning! potential spyware operation" semble ne plus s'ouvrir...
En revanche, toujours le message à l'ouverture de windows concernant C:\WINDOWS\System32\printer.exe.
Peux tu continuer à m'aider à faire les modifications requises pour les registres stp?
Merci d'avance.
@+


SmitFraudFix v2.240

Rapport fait à 12:27:07,34, 18/10/2007
Executé à partir de C:\Documents and Settings\HP_Administrateur\Bureau\Drivers\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Le type du système de fichiers est NTFS
Fix executé en mode sans echec

»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Avant SmitFraudFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

»»»»»»»»»»»»»»»»»»»»»»»» Arret des processus


»»»»»»»»»»»»»»»»»»»»»»»» hosts


192.168.200.3	ad.doubleclick.net
192.168.200.3	ad.fastclick.net
192.168.200.3	ads.fastclick.net
192.168.200.3	atdmt.com
192.168.200.3	awaps.net
192.168.200.3	banner.fastclick.net
192.168.200.3	banners.fastclick.net
192.168.200.3	click.atdmt.com
192.168.200.3	clicks.atdmt.com
192.168.200.3	engine.awaps.net
192.168.200.3	fastclick.net
192.168.200.3	ftp.avp.ch
192.168.200.3	ftp.kasperskylab.ru
192.168.200.3	updates5.kaspersky-labs.com
192.168.200.3	www.awaps.net
192.168.200.3	www.viruslist.ru
127.0.0.1	007guard.com
127.0.0.1	www.007guard.com
127.0.0.1	008i.com
127.0.0.1	008k.com
127.0.0.1	www.008k.com
127.0.0.1	00hq.com
127.0.0.1	www.00hq.com
127.0.0.1	010402.com
127.0.0.1	032439.com
127.0.0.1	www.032439.com
127.0.0.1	1001-search.info
127.0.0.1	www.1001-search.info
127.0.0.1	100888290cs.com
127.0.0.1	www.100888290cs.com
127.0.0.1	100sexlinks.com
127.0.0.1	www.100sexlinks.com
127.0.0.1	10sek.com
127.0.0.1	www.10sek.com
127.0.0.1	123topsearch.com
127.0.0.1	www.123topsearch.com
127.0.0.1	132.com
127.0.0.1	www.132.com
127.0.0.1	136136.net
127.0.0.1	www.136136.net
127.0.0.1	139mm.com
127.0.0.1	www.139mm.com
127.0.0.1	163ns.com
127.0.0.1	www.163ns.com
127.0.0.1	171203.com
127.0.0.1	17-plus.com
127.0.0.1	1800searchonline.com
127.0.0.1	www.1800searchonline.com
127.0.0.1	180searchassistant.com
127.0.0.1	www.180searchassistant.com
127.0.0.1	180solutions.com
127.0.0.1	www.180solutions.com
127.0.0.1	181.365soft.info
127.0.0.1	www.181.365soft.info
127.0.0.1	1987324.com
127.0.0.1	www.1987324.com
127.0.0.1	1-domains-registrations.com
127.0.0.1	www.1-domains-registrations.com
127.0.0.1	1-extreme.biz
127.0.0.1	www.1-extreme.biz
127.0.0.1	1sexparty.com
127.0.0.1	www.1sexparty.com
127.0.0.1	1stantivirus.com
127.0.0.1	www.1stantivirus.com
127.0.0.1	1stpagehere.com
127.0.0.1	www.1stpagehere.com
127.0.0.1	1stsearchportal.com
127.0.0.1	www.1stsearchportal.com
127.0.0.1	2.82211.net
127.0.0.1	www.2006ooo.com
127.0.0.1	2007-download.com
127.0.0.1	www.2007-download.com
127.0.0.1	2020search.com
127.0.0.1	www.2020search.com
127.0.0.1	20x2p.com
127.0.0.1	24.365soft.info
127.0.0.1	www.24.365soft.info
127.0.0.1	24-7pharmacy.info
127.0.0.1	www.24-7pharmacy.info
127.0.0.1	24-7searching-and-more.com
127.0.0.1	www.24-7searching-and-more.com
127.0.0.1	24teen.com
127.0.0.1	www.24teen.com
127.0.0.1	2every.net
127.0.0.1	www.2every.net
127.0.0.1	2ndpower.com
127.0.0.1	2search.com
127.0.0.1	www.2search.com
127.0.0.1	2search.org
127.0.0.1	www.2search.org
127.0.0.1	2squared.com
127.0.0.1	www.2squared.com
127.0.0.1	3322.org
127.0.0.1	www.3322.org
127.0.0.1	365soft.info
127.0.0.1	36site.com
127.0.0.1	www.36site.com
127.0.0.1	3721.com
127.0.0.1	39-93.com
127.0.0.1	3abetterinternet.com
127.0.0.1	www.3abetterinternet.com
127.0.0.1	3bay.it
127.0.0.1	www.3bay.it
127.0.0.1	3ebay.it
127.0.0.1	www.3ebay.it
127.0.0.1	404dns.com
127.0.0.1	www.404dns.com
127.0.0.1	4199.com
127.0.0.1	www.4199.com
127.0.0.1	4corn.net
127.0.0.1	www.4corn.net
127.0.0.1	4ebay.it
127.0.0.1	www.4ebay.it
127.0.0.1	4klm.com
127.0.0.1	4repubblica.it
127.0.0.1	www.4repubblica.it
127.0.0.1	4softget.com
127.0.0.1	www.4softget.com
127.0.0.1	5iscali.it
127.0.0.1	www.5iscali.it
127.0.0.1	5repubblica.it
127.0.0.1	www.5repubblica.it
127.0.0.1	5starvideos.com
127.0.0.1	www.5starvideos.com
127.0.0.1	5tiscali.it
127.0.0.1	www.5tiscali.it
127.0.0.1	5zgmu7o20kt5d8yq.com
127.0.0.1	www.5zgmu7o20kt5d8yq.com
127.0.0.1	6iscali.it
127.0.0.1	www.6iscali.it
127.0.0.1	6sek.com
127.0.0.1	www.6sek.com
127.0.0.1	6tiscali.it
127.0.0.1	www.6tiscali.it
127.0.0.1	7322.com
127.0.0.1	www.7322.com
127.0.0.1	75tz.com
127.0.0.1	777search.com
127.0.0.1	www.777search.com
127.0.0.1	777top.com
127.0.0.1	www.777top.com
127.0.0.1	7939.com
127.0.0.1	www.7939.com
127.0.0.1	7search.com
127.0.0.1	www.7search.com
127.0.0.1	80gw6ry3i3x3qbrkwhxhw.032439.com
127.0.0.1	82211.net
127.0.0.1	8866.org
127.0.0.1	888.com
127.0.0.1	www.888.com
127.0.0.1	8ad.com
127.0.0.1	www.8ad.com
127.0.0.1	9505.com
127.0.0.1	www.9505.com
127.0.0.1	971searchbox.com
127.0.0.1	www.971searchbox.com
127.0.0.1	a.bestmanage.org
127.0.0.1	aaasexypics.com
127.0.0.1	aaawebfinder.com
127.0.0.1	www.aaawebfinder.com
127.0.0.1	aavc.com
127.0.0.1	abc-find.info
127.0.0.1	www.abc-find.info
127.0.0.1	abetterinternet.com
127.0.0.1	www.abetterinternet.com
127.0.0.1	abnetsoft.info
127.0.0.1	www.abnetsoft.info
127.0.0.1	aboutclicker.com
127.0.0.1	www.aboutclicker.com
127.0.0.1	abrp.net
127.0.0.1	www.abrp.net
127.0.0.1	absolutee.com
127.0.0.1	www.absolutee.com
127.0.0.1	abyssmedia.com
127.0.0.1	www.abyssmedia.com
127.0.0.1	ac66.cn
127.0.0.1	www.ac66.cn
127.0.0.1	access.Navinetwork.com
127.0.0.1	access.rapid-pass.net
127.0.0.1	accessactivexvideo.com
127.0.0.1	www.accessactivexvideo.com
127.0.0.1	accessclips.com
127.0.0.1	www.accessclips.com
127.0.0.1	access-dvd.com
127.0.0.1	www.access-dvd.com
127.0.0.1	accesskeygenerator.com
127.0.0.1	www.accesskeygenerator.com
127.0.0.1	accessorygeeks.com
127.0.0.1	www.accessorygeeks.com
127.0.0.1	accessthefuture.net
127.0.0.1	www.accessthefuture.net
127.0.0.1	accessvid.net
127.0.0.1	www.accessvid.net
127.0.0.1	acemedic.com
127.0.0.1	www.acemedic.com
127.0.0.1	ace-webmaster.com
127.0.0.1	www.ace-webmaster.com
127.0.0.1	acjp.com
127.0.0.1	acrobat-2007.com
127.0.0.1	www.acrobat-2007.com
127.0.0.1	acrobat-8.com
127.0.0.1	www.acrobat-8.com
127.0.0.1	acrobat-center.com
127.0.0.1	www.acrobat-center.com
127.0.0.1	acrobat-hq.com
127.0.0.1	www.acrobat-hq.com
127.0.0.1	acrobatreader-8.com
127.0.0.1	www.acrobatreader-8.com
127.0.0.1	acrobat-reader-8.de
127.0.0.1	www.acrobat-reader-8.de
127.0.0.1	acrobat-stop.com
127.0.0.1	www.acrobat-stop.com
127.0.0.1	actionbreastcancer.org
127.0.0.1	www.actionbreastcancer.org
127.0.0.1	activesearcher.info
127.0.0.1	www.activesearcher.info
127.0.0.1	activexaccessobject.com
127.0.0.1	www.activexaccessobject.com
127.0.0.1	activexaccessvideo.com
127.0.0.1	www.activexaccessvideo.com
127.0.0.1	activexemedia.com
127.0.0.1	www.activexemedia.com
127.0.0.1	activexmediaobject.com
127.0.0.1	www.activexmediaobject.com
127.0.0.1	activexmediapro.com
127.0.0.1	www.activexmediapro.com
127.0.0.1	activexmediasite.com
127.0.0.1	www.activexmediasite.com
127.0.0.1	activexmediasoftware.com
127.0.0.1	www.activexmediasoftware.com
127.0.0.1	activexmediasource.com
127.0.0.1	www.activexmediasource.com
127.0.0.1	activexmediatool.com
127.0.0.1	www.activexmediatool.com
127.0.0.1	activexmediatour.com
127.0.0.1	www.activexmediatour.com
127.0.0.1	activexsoftwares.com
127.0.0.1	www.activexsoftwares.com
127.0.0.1	activexsource.com
127.0.0.1	www.activexsource.com
127.0.0.1	activexupdate.com
127.0.0.1	www.activexupdate.com
127.0.0.1	activexvideo.com
127.0.0.1	www.activexvideo.com
127.0.0.1	activexvideotool.com
127.0.0.1	www.activexvideotool.com
127.0.0.1	ad.marketingsector.com
127.0.0.1	www.ad.marketingsector.com
127.0.0.1	ad.mokead.com
127.0.0.1	www.ad.mokead.com
127.0.0.1	ad.yieldmanager.com
127.0.0.1	www.ad.yieldmanager.com
127.0.0.1	ad25.com
127.0.0.1	ad45.com
127.0.0.1	ad77.com
127.0.0.1	ad86.com
127.0.0.1	adamsupportgroup.org
127.0.0.1	www.adamsupportgroup.org
127.0.0.1	adarmor.com
127.0.0.1	www.adarmor.com
127.0.0.1	adasearch.com
127.0.0.1	www.adasearch.com
127.0.0.1	adaware.cc
127.0.0.1	adawarenow.com
127.0.0.1	www.adawarenow.com
127.0.0.1	addictivetechnologies.com
127.0.0.1	www.addictivetechnologies.com
127.0.0.1	addictivetechnologies.net
127.0.0.1	www.addictivetechnologies.net
127.0.0.1	add-manager.com
127.0.0.1	www.add-manager.com
127.0.0.1	adgate.info
127.0.0.1	www.adgate.info
127.0.0.1	adipics.com
127.0.0.1	www.adipics.com
127.0.0.1	admin2cash.biz
127.0.0.1	www.admin2cash.biz
127.0.0.1	adnet-plus.com
127.0.0.1	adobe-download-now.com
127.0.0.1	adobe-downloads.com
127.0.0.1	www.adobe-downloads.com
127.0.0.1	adobe-reader-8.fr
127.0.0.1	www.adobe-reader-8.fr
127.0.0.1	adprotect.com
127.0.0.1	www.adprotect.com
127.0.0.1	ads.centralmedia.ws
127.0.0.1	ads.k8l.info
127.0.0.1	ads.kmpads.com
127.0.0.1	ads.marketingsector.com
127.0.0.1	ads.searchingbooth.com
127.0.0.1	ads.z-quest.com
127.0.0.1	ads183.com
127.0.0.1	www.ads183.com
127.0.0.1	adscontex.com
127.0.0.1	www.adscontex.com
127.0.0.1	adservices1.enhance.com
127.0.0.1	www.adservices1.enhance.com
127.0.0.1	adservs.com
127.0.0.1	adsextend.net
127.0.0.1	www.adsextend.net
127.0.0.1	adshttp.com
127.0.0.1	www.adshttp.com
127.0.0.1	adsonwww.com
127.0.0.1	www.adsonwww.com
127.0.0.1	adspics.com
127.0.0.1	www.adspics.com
127.0.0.1	adtrak.net
127.0.0.1	www.adtrak.net
127.0.0.1	adtrgt.com
127.0.0.1	adult777search.info
127.0.0.1	www.adult777search.info
127.0.0.1	adultan.com
127.0.0.1	www.adultan.com
127.0.0.1	adult-engine-search.com
127.0.0.1	www.adult-engine-search.com
127.0.0.1	adult-erotic-guide.net
127.0.0.1	www.adult-erotic-guide.net
127.0.0.1	adultfilmsite.com
127.0.0.1	www.adultfilmsite.com
127.0.0.1	adult-friends-finder.net
127.0.0.1	www.adult-friends-finder.net
127.0.0.1	adultgambling.org
127.0.0.1	adult-host.org
127.0.0.1	adulthyperlinks.com
127.0.0.1	www.adulthyperlinks.com
127.0.0.1	adultmovieplus.com
127.0.0.1	www.adultmovieplus.com
127.0.0.1	adult-personal.us
127.0.0.1	adultsgames.net
127.0.0.1	adultsper.com
127.0.0.1	www.adultsper.com
127.0.0.1	adulttds.com
127.0.0.1	www.adulttds.com
127.0.0.1	adultzoneworld.com
127.0.0.1	www.adultzoneworld.com
127.0.0.1	advcash.biz
127.0.0.1	www.advcash.biz
127.0.0.1	advert.exaccess.ru
127.0.0.1	advertisemoney.info
127.0.0.1	www.advertisemoney.info
127.0.0.1	advertising.paltalk.com
127.0.0.1	advertising-money.info
127.0.0.1	www.advertising-money.info
127.0.0.1	ad-ware.cc
127.0.0.1	ad-w-a-r-e.com
127.0.0.1	www.ad-w-a-r-e.com
127.0.0.1	a-d-w-a-r-e.com
127.0.0.1	www.a-d-w-a-r-e.com
127.0.0.1	adwarebazooka.com
127.0.0.1	www.adwarebazooka.com
127.0.0.1	adwarefinder.com
127.0.0.1	www.adwarefinder.com
127.0.0.1	adwareprotectionsite.com
127.0.0.1	www.adwareprotectionsite.com
127.0.0.1	adwarepunisher.com
127.0.0.1	www.adwarepunisher.com
127.0.0.1	aflgate.com
127.0.0.1	www.aflgate.com
127.0.0.1	africaspromise.org
127.0.0.1	agava.com
127.0.0.1	agava.ru
127.0.0.1	agentstudio.com
127.0.0.1	aginegialle.it
127.0.0.1	www.aginegialle.it
127.0.0.1	www.aifind.info
127.0.0.1	aifind.info
127.0.0.1	airtleworld.com
127.0.0.1	www.airtleworld.com
127.0.0.1	aitalia.it
127.0.0.1	www.aitalia.it
127.0.0.1	akamai.downloadv3.com
127.0.0.1	aklitalia.it
127.0.0.1	www.aklitalia.it
127.0.0.1	akril.com
127.0.0.1	alcatel.ws
127.0.0.1	alfacleaner.com
127.0.0.1	www.alfacleaner.com
127.0.0.1	alfa-search.com
127.0.0.1	alialia.it
127.0.0.1	www.alialia.it
127.0.0.1	aliotalia.it
127.0.0.1	www.aliotalia.it
127.0.0.1	alirtalia.it
127.0.0.1	www.alirtalia.it
127.0.0.1	alitaia.it
127.0.0.1	www.alitaia.it
127.0.0.1	alitaklia.it
127.0.0.1	www.alitaklia.it
127.0.0.1	alitala.it
127.0.0.1	www.alitala.it
127.0.0.1	alitali.it
127.0.0.1	www.alitali.it
127.0.0.1	alitaliaq.it
127.0.0.1	www.alitaliaq.it
127.0.0.1	alitalias.it
127.0.0.1	www.alitalias.it
127.0.0.1	alitaliaz.it
127.0.0.1	www.alitaliaz.it
127.0.0.1	alitalioa.it
127.0.0.1	www.alitalioa.it
127.0.0.1	alitalisa.it
127.0.0.1	www.alitalisa.it
127.0.0.1	alitaliua.it
127.0.0.1	www.alitaliua.it
127.0.0.1	alitalkia.it
127.0.0.1	www.alitalkia.it
127.0.0.1	alitaloia.it
127.0.0.1	www.alitaloia.it
127.0.0.1	alitaluia.it
127.0.0.1	www.alitaluia.it
127.0.0.1	alitaslia.it
127.0.0.1	www.alitaslia.it
127.0.0.1	alitlia.it
127.0.0.1	www.alitlia.it
127.0.0.1	alitralia.it
127.0.0.1	www.alitralia.it
127.0.0.1	alitsalia.it
127.0.0.1	www.alitsalia.it
127.0.0.1	aliutalia.it
127.0.0.1	www.aliutalia.it
127.0.0.1	ALL1COUNT.NET
127.0.0.1	www.ALL1COUNT.NET
127.0.0.1	all4internet.com
127.0.0.1	www.all4internet.com
127.0.0.1	allabtcars.com
127.0.0.1	allabtjeeps.com
127.0.0.1	all-bittorrent.com
127.0.0.1	www.all-bittorrent.com
127.0.0.1	www.allcybersearch.com
127.0.0.1	allcybersearch.com
127.0.0.1	alldnserrors.com
127.0.0.1	www.alldnserrors.com
127.0.0.1	all-downloads-now.com
127.0.0.1	www.all-downloads-now.com
127.0.0.1	all-edonkey.com
127.0.0.1	www.all-edonkey.com
127.0.0.1	allforadult.com
127.0.0.1	allhyperlinks.com
127.0.0.1	alliesecurity.com
127.0.0.1	www.alliesecurity.com
127.0.0.1	all-inet.com
127.0.0.1	allinternetbusiness.com
127.0.0.1	all-limewire.com
127.0.0.1	www.all-limewire.com
127.0.0.1	allmegabucks.com
127.0.0.1	www.allmegabucks.com
127.0.0.1	allprotections.com
127.0.0.1	www.allprotections.com
127.0.0.1	allresultz.net
127.0.0.1	www.allresultz.net
127.0.0.1	allsecuritynotes.com
127.0.0.1	www.allsecuritynotes.com
127.0.0.1	allsecuritysite.com
127.0.0.1	www.allsecuritysite.com
127.0.0.1	allstarsvideos.net
127.0.0.1	www.allstarsvideos.net
127.0.0.1	alltruesoftware.com
127.0.0.1	www.alltruesoftware.com
127.0.0.1	allvideoactivex.com
127.0.0.1	www.allvideoactivex.com
127.0.0.1	almanah.biz
127.0.0.1	www.almanah.biz
127.0.0.1	almarvideos.com
127.0.0.1	aloitalia.it
127.0.0.1	www.aloitalia.it
127.0.0.1	aluitalia.it
127.0.0.1	www.aluitalia.it
127.0.0.1	amaena.com
127.0.0.1	www.amaena.com
127.0.0.1	amandamountains.com
127.0.0.1	amateurliveshow.com
127.0.0.1	www.amateurliveshow.com
127.0.0.1	amediasoftware.com
127.0.0.1	www.amediasoftware.com
127.0.0.1	amediasource.com
127.0.0.1	www.amediasource.com
127.0.0.1	americancarbargains.com
127.0.0.1	www.americancarbargains.com
127.0.0.1	american-teens.net
127.0.0.1	amigeek.com
127.0.0.1	amisbusiness.com
127.0.0.1	ampmsearch.com
127.0.0.1	www.ampmsearch.com
127.0.0.1	analcord.com
127.0.0.1	www.analcord.com
127.0.0.1	analmovi.com
127.0.0.1	anarchylolita.com
127.0.0.1	www.anarchylolita.com
127.0.0.1	anarchyporn.com
127.0.0.1	andromedical.com
127.0.0.1	www.andromedical.com
127.0.0.1	animepornmag.com
127.0.0.1	www.animepornmag.com
127.0.0.1	anin.org
127.0.0.1	anjpn-avxiz.biz
127.0.0.1	www.anjpn-avxiz.biz
127.0.0.1	anjpnzqav.biz
127.0.0.1	www.anjpnzqav.biz
127.0.0.1	anjpn-zqav.biz
127.0.0.1	www.anjpn-zqav.biz
127.0.0.1	annaromeo.com
127.0.0.1	antiddos.us
127.0.0.1	www.antiddos.us
127.0.0.1	Antiespiadorado.com
127.0.0.1	www.Antiespiadorado.com
127.0.0.1	Antiespionspack.com
127.0.0.1	www.Antiespionspack.com
127.0.0.1	Antigusanos2008.com
127.0.0.1	www.Antigusanos2008.com
127.0.0.1	Antispionage.com
127.0.0.1	www.Antispionage.com
127.0.0.1	Antispionagepro.com
127.0.0.1	www.Antispionagepro.com
127.0.0.1	antispydns.biz
127.0.0.1	www.antispydns.biz
127.0.0.1	antispylab.com
127.0.0.1	www.antispylab.com
127.0.0.1	antispysolutions.com
127.0.0.1	www.antispysolutions.com
127.0.0.1	antispyware.com
127.0.0.1	www.antispyware.com
127.0.0.1	antispywarebot.com
127.0.0.1	www.antispywarebot.com
127.0.0.1	antispywarebox.com
127.0.0.1	www.antispywarebox.com
127.0.0.1	antispywaredownloads.com
127.0.0.1	www.antispywaredownloads.com
127.0.0.1	Antispywaresuite.com
127.0.0.1	www.Antispywaresuite.com
127.0.0.1	Antispyweb.net
127.0.0.1	www.Antispyweb.net
127.0.0.1	Antiver2008.com
127.0.0.1	www.Antiver2008.com
127.0.0.1	antivermins.com
127.0.0.1	www.antivermins.com
127.0.0.1	anti-vermins.com
127.0.0.1	www.anti-vermins.com
127.0.0.1	antivir2007.com
127.0.0.1	www.antivir2007.com
127.0.0.1	antivirgear.com
127.0.0.1	www.antivirgear.com
127.0.0.1	antivirus.fastfreedownload.com
127.0.0.1	www.antivirus.fastfreedownload.com
127.0.0.1	antivirusgolden.com
127.0.0.1	www.antivirusgolden.com
127.0.0.1	antivirus-hq.net
127.0.0.1	www.antivirus-hq.net
127.0.0.1	anti-virus-pro.com
127.0.0.1	www.anti-virus-pro.com
127.0.0.1	antivirusprotector.com
127.0.0.1	www.antivirusprotector.com
127.0.0.1	antivirussecuritypro.com
127.0.0.1	www.antivirussecuritypro.com
127.0.0.1	antivirus-stop.com
127.0.0.1	www.antivirus-stop.com
127.0.0.1	Antiworm2008.com
127.0.0.1	www.Antiworm2008.com
127.0.0.1	Antiwurm2008.com
127.0.0.1	www.Antiwurm2008.com
127.0.0.1	antrocity.com
127.0.0.1	anyofus.com
127.0.0.1	www.anyofus.com
127.0.0.1	anysn.seproger.com
127.0.0.1	www.anysn.seproger.com
127.0.0.1	anything4health.com
127.0.0.1	apicpreview.com
127.0.0.1	www.apicpreview.com
127.0.0.1	apmebf.com
127.0.0.1	www.apmebf.com
127.0.0.1	appealcircuit.com
127.0.0.1	www.appealcircuit.com
127.0.0.1	approvedlinks.com
127.0.0.1	www.approvedlinks.com
127.0.0.1	apps.deskwizz.com
127.0.0.1	apps.webservicehost.com
127.0.0.1	aprotectedpage.com
127.0.0.1	www.aprotectedpage.com
127.0.0.1	apsua.com
127.0.0.1	archiviosex.net
127.0.0.1	www.archiviosex.net
127.0.0.1	aregay.com
127.0.0.1	ares-freebie.com
127.0.0.1	www.ares-freebie.com
127.0.0.1	arespro2007.com
127.0.0.1	www.arespro2007.com
127.0.0.1	aresultra.com
127.0.0.1	www.aresultra.com
127.0.0.1	ares-usa.com
127.0.0.1	www.ares-usa.com
127.0.0.1	arheo.com
127.0.0.1	arizonaweb.org
127.0.0.1	armitageinn.com
127.0.0.1	arquivojpgs.smtp.ru
127.0.0.1	www.arquivojpgs.smtp.ru
127.0.0.1	artachnid.com
127.0.0.1	art-func.com
127.0.0.1	art-xxx.com
127.0.0.1	asafebrowser.com
127.0.0.1	www.asafebrowser.com
127.0.0.1	asafetynotice.com
127.0.0.1	www.asafetynotice.com
127.0.0.1	asafetypage.com
127.0.0.1	www.asafetypage.com
127.0.0.1	asdbiz.biz
127.0.0.1	www.asdbiz.biz
127.0.0.1	asdeykuddq.com
127.0.0.1	www.asdeykuddq.com
127.0.0.1	asecurebar.com
127.0.0.1	www.asecurebar.com
127.0.0.1	asecureboard.com
127.0.0.1	www.asecureboard.com
127.0.0.1	asecurevalue.com
127.0.0.1	www.asecurevalue.com
127.0.0.1	asecurityissue.com
127.0.0.1	www.asecurityissue.com
127.0.0.1	asecuritynotice.com
127.0.0.1	www.asecuritynotice.com
127.0.0.1	asecuritypaper.com
127.0.0.1	www.asecuritypaper.com
127.0.0.1	asecuritystuff.com
127.0.0.1	www.asecuritystuff.com
127.0.0.1	asiankingkong.com
127.0.0.1	asianpornmag.com
127.0.0.1	www.asianpornmag.com
127.0.0.1	asiantoolbar.com
127.0.0.1	www.asiantoolbar.com
127.0.0.1	asidseiupc.com
127.0.0.1	www.asidseiupc.com
127.0.0.1	aslitalia.it
127.0.0.1	www.aslitalia.it
127.0.0.1	ass-gals.com
127.0.0.1	assureprotection.com
127.0.0.1	www.assureprotection.com
127.0.0.1	asta-killer.com
127.0.0.1	asupereva.it
127.0.0.1	www.asupereva.it
127.0.0.1	athenrye.com
127.0.0.1	atotalsafety.com
127.0.0.1	www.atotalsafety.com
127.0.0.1	atrueprotection.com
127.0.0.1	www.atrueprotection.com
127.0.0.1	atruesecurity.com
127.0.0.1	www.atruesecurity.com
127.0.0.1	attackware.com
127.0.0.1	www.attackware.com
127.0.0.1	attrezzi.biz
127.0.0.1	www.attrezzi.biz
127.0.0.1	aulde.net
127.0.0.1	www.aulde.net
127.0.0.1	aupereva.it
127.0.0.1	www.aupereva.it
127.0.0.1	autocontext.begun.ru
127.0.0.1	www.autocontext.begun.ru
127.0.0.1	autoescrowpay.com
127.0.0.1	avast.free-software-center.com
127.0.0.1	www.avast.free-software-center.com
127.0.0.1	avast-2007.com
127.0.0.1	www.avast-2007.com
127.0.0.1	avast-downloads.com
127.0.0.1	www.avast-downloads.com
127.0.0.1	avast-hq.com
127.0.0.1	www.avast-hq.com
127.0.0.1	avforce.com
127.0.0.1	www.avforce.com
127.0.0.1	avg.grab-it-today.net
127.0.0.1	www.avg.grab-it-today.net
127.0.0.1	avg.softwarecenterz.com
127.0.0.1	www.avg.softwarecenterz.com
127.0.0.1	avg-secure.com
127.0.0.1	www.avg-secure.com
127.0.0.1	avian-ads.com
127.0.0.1	avideoaxaccess.com
127.0.0.1	www.avideoaxaccess.com
127.0.0.1	avideosurfer.com
127.0.0.1	www.avideosurfer.com
127.0.0.1	aviewersoft.com
127.0.0.1	www.aviewersoft.com
127.0.0.1	avpcheckupdate.com
127.0.0.1	www.avpcheckupdate.com
127.0.0.1	avxizaaqada.biz
127.0.0.1	www.avxizaaqada.biz
127.0.0.1	avxiz-anjpn.biz
127.0.0.1	www.avxiz-anjpn.biz
127.0.0.1	avxizueorn.biz
127.0.0.1	www.avxizueorn.biz
127.0.0.1	avxiz-ueorn.biz
127.0.0.1	www.avxiz-ueorn.biz
127.0.0.1	avxiz-vtvcp.biz
127.0.0.1	www.avxiz-vtvcp.biz
127.0.0.1	avxiz-ygco.biz
127.0.0.1	www.avxiz-ygco.biz
127.0.0.1	avxiz-zqav.biz
127.0.0.1	www.avxiz-zqav.biz
127.0.0.1	awarninglist.com
127.0.0.1	www.awarninglist.com
127.0.0.1	awbeta.net-nucleus.com
127.0.0.1	awesomehomepage.com
127.0.0.1	www.awesomehomepage.com
127.0.0.1	awmcash.biz
127.0.0.1	awmdabest.com
127.0.0.1	axemediasoftware.com
127.0.0.1	www.axemediasoftware.com
127.0.0.1	aximageobject.com
127.0.0.1	www.aximageobject.com
127.0.0.1	axmediaproject.com
127.0.0.1	www.axmediaproject.com
127.0.0.1	axmediasoftware.com
127.0.0.1	www.axmediasoftware.com
127.0.0.1	axmediasolutions.com
127.0.0.1	www.axmediasolutions.com
127.0.0.1	axobjectpage.com
127.0.0.1	www.axobjectpage.com
127.0.0.1	axobjectsource.com
127.0.0.1	www.axobjectsource.com
127.0.0.1	axsoftwaretool.com
127.0.0.1	www.axsoftwaretool.com
127.0.0.1	axvideoproject.com
127.0.0.1	www.axvideoproject.com
127.0.0.1	axvideosetup.com
127.0.0.1	www.axvideosetup.com
127.0.0.1	ayakawamura.com
127.0.0.1	ayb.dns-look-up.com
127.0.0.1	ayb.netbios-wait.com
127.0.0.1	ayumitaniguchi.com
127.0.0.1	azebar.com
127.0.0.1	azureusclub.com
127.0.0.1	www.azureusclub.com
127.0.0.1	azureus-freebie.com
127.0.0.1	www.azureus-freebie.com
127.0.0.1	azzetta.it
127.0.0.1	www.azzetta.it
127.0.0.1	b.casalemedia.com
127.0.0.1	babe.k-lined.com
127.0.0.1	www.babe.k-lined.com
127.0.0.1	babe.the-killer.bz
127.0.0.1	www.babe.the-killer.bz
127.0.0.1	babenet.com
127.0.0.1	www.babenet.com
127.0.0.1	babespornmag.com
127.0.0.1	www.babespornmag.com
127.0.0.1	babeweb.de
127.0.0.1	www.babeweb.de
127.0.0.1	baccarat-other.info
127.0.0.1	www.baccarat-other.info
127.0.0.1	Backstripgirls.com
127.0.0.1	www.Backstripgirls.com
127.0.0.1	backup.mabou.org
127.0.0.1	balotierra.com
127.0.0.1	www.balotierra.com
127.0.0.1	bannedhost.net
127.0.0.1	barbudafarms.com
127.0.0.1	bardownload.com
127.0.0.1	www.bardownload.com
127.0.0.1	barnandfence.com
127.0.0.1	batsearch.com
127.0.0.1	baygraphicsllc.com
127.0.0.1	bbbsearch.com
127.0.0.1	bb-search.com
127.0.0.1	bdsmlibrary.net
127.0.0.1	bdsmpornmag.com
127.0.0.1	www.bdsmpornmag.com
127.0.0.1	bearshare.download-me.info
127.0.0.1	www.bearshare.download-me.info
127.0.0.1	bearshare.mp3-muzic.com
127.0.0.1	www.bearshare.mp3-muzic.com
127.0.0.1	bearshare-download.org
127.0.0.1	www.bearshare-download.org
127.0.0.1	bearshare-downloads.net
127.0.0.1	www.bearshare-downloads.net
127.0.0.1	bearsharelive.co.uk
127.0.0.1	www.bearsharelive.co.uk
127.0.0.1	bearshare-music-downloads.com
127.0.0.1	www.bearshare-music-downloads.com
127.0.0.1	bearsharepro2007.com
127.0.0.1	www.bearsharepro2007.com
127.0.0.1	bearshare-usa.com
127.0.0.1	www.bearshare-usa.com
127.0.0.1	bedhome.com
127.0.0.1	bediadance.com
127.0.0.1	beebappyy.biz
127.0.0.1	www.beebappyy.biz
127.0.0.1	begin2search.com
127.0.0.1	www.begin2search.com
127.0.0.1	bellabasketsfl.com
127.0.0.1	bernaolatwin.com
127.0.0.1	best-counter.com
127.0.0.1	bestcrawler.com
127.0.0.1	bestfor.ru
127.0.0.1	best-hardpics.com
127.0.0.1	bestmanage.org
127.0.0.1	www.bestmanage.org
127.0.0.1	bestmanage0.org
127.0.0.1	www.bestmanage0.org
127.0.0.1	bestmanage1.org
127.0.0.1	www.bestmanage1.org
127.0.0.1	bestmanage2.org
127.0.0.1	www.bestmanage2.org
127.0.0.1	bestmanage3.org
127.0.0.1	www.bestmanage3.org
127.0.0.1	bestmanage4.org
127.0.0.1	www.bestmanage4.org
127.0.0.1	bestmanage5.org
127.0.0.1	www.bestmanage5.org
127.0.0.1	bestmanage6.org
127.0.0.1	www.bestmanage6.org
127.0.0.1	bestmanage7.org
127.0.0.1	www.bestmanage7.org
127.0.0.1	bestmanage8.org
127.0.0.1	www.bestmanage8.org
127.0.0.1	bestmanage9.org
127.0.0.1	www.bestmanage9.org
127.0.0.1	bestporngate.com
127.0.0.1	bestsafetyguide.net
127.0.0.1	www.bestsafetyguide.net
127.0.0.1	best-spyware.info
127.0.0.1	www.best-spyware.info
127.0.0.1	best-targeted-traffic.com
127.0.0.1	www.best-targeted-traffic.com
127.0.0.1	best-voyeur.info
127.0.0.1	www.best-voyeur.info
127.0.0.1	bestweblinks.com
127.0.0.1	best-winning-casino.com
127.0.0.1	bestworldgirls-for-u.net
127.0.0.1	www.bestworldgirls-for-u.net
127.0.0.1	bestxporno.com
127.0.0.1	bettersearch.biz
127.0.0.1	www.bettersearch.biz
127.0.0.1	bgazzetta.it
127.0.0.1	www.bgazzetta.it
127.0.0.1	bgoogle.it
127.0.0.1	www.bgoogle.it
127.0.0.1	bigtrafficnetwork.com
127.0.0.1	www.bigtrafficnetwork.com
127.0.0.1	bigwww.com
127.0.0.1	www.bigwww.com
127.0.0.1	bin.errorprotector.com
127.0.0.1	bins.media-motor.net
127.0.0.1	bins2.media-motor.net
127.0.0.1	bis.180solutions.com
127.0.0.1	bitchesonline.net
127.0.0.1	bitcomet-freebie.com
127.0.0.1	www.bitcomet-freebie.com
127.0.0.1	biz.biz
127.0.0.1	blackblues00.com
127.0.0.1	www.blackblues00.com
127.0.0.1	blackhats.tc
127.0.0.1	www.blackhats.tc
127.0.0.1	blackhawksoftware.com
127.0.0.1	www.blackhawksoftware.com
127.0.0.1	blackjack-free.net
127.0.0.1	blazefind.com
127.0.0.1	blender.xu.pl
127.0.0.1	blondetgp.com
127.0.0.1	blue-elefant.com
127.0.0.1	www.blue-elefant.com
127.0.0.1	bm.theaimonline.com
127.0.0.1	www.bm.theaimonline.com
127.0.0.1	bnmgate.com
127.0.0.1	www.bnmgate.com
127.0.0.1	bodaciousbabette.com
127.0.0.1	bonzi.com
127.0.0.1	www.bonzi.com
127.0.0.1	boobdoll.com
127.0.0.1	boobsandtits.com
127.0.0.1	boobsclub.com
127.0.0.1	bookedspace.com
127.0.0.1	www.bookedspace.com
127.0.0.1	boom.com.vn
127.0.0.1	www.boom.com.vn
127.0.0.1	boredlife.com
127.0.0.1	bowlofogumbo.com
127.0.0.1	bpfq02.com
127.0.0.1	www.bpfq02.com
127.0.0.1	bqgate.com
127.0.0.1	www.bqgate.com
127.0.0.1	br.errorsafe.com
127.0.0.1	br.winantivirus.com
127.0.0.1	br.winfixer.com
127.0.0.1	bradcoem.org
127.0.0.1	braincodec.com
127.0.0.1	www.braincodec.com
127.0.0.1	brandiyoung.com
127.0.0.1	bravesentry.com
127.0.0.1	www.bravesentry.com
127.0.0.1	breenten.biz
127.0.0.1	www.breenten.biz
127.0.0.1	brodbfm.net
127.0.0.1	www.brodbfm.net
127.0.0.1	brookeburn.com
127.0.0.1	browserwise.com
127.0.0.1	www.browserwise.com
127.0.0.1	bucps.com
127.0.0.1	buhartes.info
127.0.0.1	buldog-stats.com
127.0.0.1	bullseye-network.com
127.0.0.1	www.bullseye-network.com
127.0.0.1	burgerkingbigscreen.com
127.0.0.1	burnsrecyclinginc.com
127.0.0.1	www.burnsrecyclinginc.com
127.0.0.1	buscards.net
127.0.0.1	bustyrussell.com
127.0.0.1	busysearch.net
127.0.0.1	www.busysearch.net
127.0.0.1	buttejazz.org
127.0.0.1	buy-find.info
127.0.0.1	www.buy-find.info
127.0.0.1	buyselldomain.net
127.0.0.1	buytraff.biz
127.0.0.1	www.buytraff.biz
127.0.0.1	buz.ru
127.0.0.1	bvirgilio.it
127.0.0.1	www.bvirgilio.it
127.0.0.1	c.centralmedia.ws
127.0.0.1	c.enhance.com
127.0.0.1	www.c.enhance.com
127.0.0.1	c.goclick.com
127.0.0.1	c4tdownload.com
127.0.0.1	www.c4tdownload.com
127.0.0.1	c5.www4free.info
127.0.0.1	www.c5.www4free.info
127.0.0.1	cache.surfaccuracy.com
127.0.0.1	www.cache.surfaccuracy.com
127.0.0.1	cache.ysbweb.com
127.0.0.1	calcioturris.com
127.0.0.1	calendaralerts.net
127.0.0.1	www.calendaralerts.net
127.0.0.1	cameouk.co.uk
127.0.0.1	www.cameouk.co.uk
127.0.0.1	cameup.com
127.0.0.1	camouflageclothingonline.net
127.0.0.1	www.camouflageclothingonline.net
127.0.0.1	camup.net
127.0.0.1	canberracricketcoaching.com
127.0.0.1	candycantaloupes.com
127.0.0.1	canidetect.org
127.0.0.1	www.canidetect.org
127.0.0.1	cantfind.com
127.0.0.1	www.cantfind.com
127.0.0.1	careers.dulcineasystems.net
127.0.0.1	carsands.com
127.0.0.1	carsrentals.net
127.0.0.1	cartoes.uol.com.br
127.0.0.1	casalemedia.com
127.0.0.1	www.casalemedia.com
127.0.0.1	cashdeluxe.net
127.0.0.1	www.cashdeluxe.net
127.0.0.1	cashengines.com
127.0.0.1	www.cashengines.com
127.0.0.1	cashsearch.biz
127.0.0.1	cashsurfers.com
127.0.0.1	www.cashsurfers.com
127.0.0.1	CashUnlim.com
127.0.0.1	www.CashUnlim.com
127.0.0.1	casino.com.free.game.pogo.gratisdownloads.nl
127.0.0.1	casino2win.net
127.0.0.1	casino-gambling-1.net
127.0.0.1	casino-gambling-2.net
127.0.0.1	casinomidas.net
127.0.0.1	casinonline.net
127.0.0.1	casino-onlines.net
127.0.0.1	castingsamateur.com
127.0.0.1	www.castingsamateur.com
127.0.0.1	catallogue.com
127.0.0.1	catch-dc.info
127.0.0.1	www.catch-dc.info
127.0.0.1	categories.mygeek.com
127.0.0.1	catsss.da.ru
127.0.0.1	caxa.ru
127.0.0.1	cc.panet.org
127.0.0.1	ccecaedbebfcaf.com
127.0.0.1	www.ccecaedbebfcaf.com
127.0.0.1	cclebali.org
127.0.0.1	ccorriere.it
127.0.0.1	www.ccorriere.it
127.0.0.1	cdegate.com
127.0.0.1	www.cdegate.com
127.0.0.1	cdn.drivecleaner.com
127.0.0.1	cdn.errorsafe.com
127.0.0.1	cdn.movies-etc.com
127.0.0.1	cdn.winsoftware.com
127.0.0.1	cdn2.movies-etc.com
127.0.0.1	cdorriere.it
127.0.0.1	www.cdorriere.it
127.0.0.1	ceewawires.org
127.0.0.1	centralmedia.ws
127.0.0.1	certumgroup.com
127.0.0.1	cforriere.it
127.0.0.1	www.cforriere.it
127.0.0.1	check.jupitersatellites.biz
127.0.0.1	www.check.jupitersatellites.biz
127.0.0.1	checkin100.com
127.0.0.1	www.checkin100.com
127.0.0.1	checkssecurity.com
127.0.0.1	www.checkssecurity.com
127.0.0.1	chelancatering.com
127.0.0.1	chenshijituan.com
127.0.0.1	www.chenshijituan.com
127.0.0.1	childrenvilla.com
127.0.0.1	chips-4-free.com
127.0.0.1	chrisswasey.com
127.0.0.1	chriswallace.net
127.0.0.1	cia-trjn.myvnc.com
127.0.0.1	www.cia-trjn.myvnc.com
127.0.0.1	ciorriere.it
127.0.0.1	www.ciorriere.it
127.0.0.1	cirriere.it
127.0.0.1	www.cirriere.it
127.0.0.1	ckick4thumbs.com
127.0.0.1	cl55.biz
127.0.0.1	clackamasliteraryreview.com
127.0.0.1	cleansoftwares.com
127.0.0.1	www.cleansoftwares.com
127.0.0.1	clearsearch.cc
127.0.0.1	clearsearch.net
127.0.0.1	clickaire.com
127.0.0.1	click-codec.com
127.0.0.1	www.click-codec.com
127.0.0.1	clickhere4search.com
127.0.0.1	www.clickhere4search.com
127.0.0.1	click-now.net
127.0.0.1	clickspring.net
127.0.0.1	www.clickspring.net
127.0.0.1	click-to-download.com
127.0.0.1	www.click-to-download.com
127.0.0.1	clicktomakeasearch.com
127.0.0.1	www.clicktomakeasearch.com
127.0.0.1	clickyestoenter.net
127.0.0.1	client.exeupdate.com
127.0.0.1	client.myadultexplorer.com
127.0.0.1	cliks.org
127.0.0.1	www.cliks.org
127.0.0.1	clorriere.it
127.0.0.1	www.clorriere.it
127.0.0.1	clrsch.com
127.0.0.1	clubxxxvideo.com
127.0.0.1	www.clubxxxvideo.com
127.0.0.1	clusif.free.fr
127.0.0.1	cmtapestry.com
127.0.0.1	cnetadd.com
127.0.0.1	www.cnetadd.com
127.0.0.1	cnzz.com
127.0.0.1	www.cnzz.com
127.0.0.1	code.ignphrases.com
127.0.0.1	codec.ninoa.com
127.0.0.1	codecdvd.net
127.0.0.1	www.codecdvd.net
127.0.0.1	codec-fun.com
127.0.0.1	www.codec-fun.com
127.0.0.1	codecsoft.net
127.0.0.1	www.codecsoft.net
127.0.0.1	codrriere.it
127.0.0.1	www.codrriere.it
127.0.0.1	coeriere.it
127.0.0.1	www.coeriere.it
127.0.0.1	coerriere.it
127.0.0.1	www.coerriere.it
127.0.0.1	cofrriere.it
127.0.0.1	www.cofrriere.it
127.0.0.1	cogrriere.it
127.0.0.1	www.cogrriere.it
127.0.0.1	coirriere.it
127.0.0.1	www.coirriere.it
127.0.0.1	command.adservs.com
127.0.0.1	www.commonname.com
127.0.0.1	computerpcgames.net
127.0.0.1	www.computerpcgames.net
127.0.0.1	computerrecover.com
127.0.0.1	www.computerrecover.com
127.0.0.1	config.180solutions.com
127.0.0.1	content.dollarrevenue.com
127.0.0.1	www.content.dollarrevenue.com
127.0.0.1	content.ireit.com
127.0.0.1	www.content.ireit.com
127.0.0.1	content.onerateld.com
127.0.0.1	contentmatch.net
127.0.0.1	www.contentmatch.net
127.0.0.1	contra-virus.com
127.0.0.1	www.contra-virus.com
127.0.0.1	controlmeh.com
127.0.0.1	www.controlmeh.com
127.0.0.1	cool.ne.jp
127.0.0.1	cooldeskalert.com
127.0.0.1	www.cooldeskalert.com
127.0.0.1	coolfetishsite.com
127.0.0.1	coolfreehost.com
127.0.0.1	coolfreepage.com
127.0.0.1	coolfreepages.com
127.0.0.1	cool-homepage.co
127.0.0.1	cool-homepage.com
127.0.0.1	coolmoneysearch.com
127.0.0.1	coolpornsearch.com
127.0.0.1	cool-search.net
127.0.0.1	cool-search.netfartpost.com
127.0.0.1	coolsearcher.info
127.0.0.1	coolservecorp.net
127.0.0.1	www.coolservecorp.net
127.0.0.1	coolwebsearch.com
127.0.0.1	www.coolwebsearch.com
127.0.0.1	cool-web-search.com
127.0.0.1	coolwebsearsh.com
127.0.0.1	coolwwwsearch.com
127.0.0.1	www.coolwwwsearch.com
127.0.0.1	cool-xxx.net
127.0.0.1	coorriere.it
127.0.0.1	www.coorriere.it
127.0.0.1	copmtraine.com
127.0.0.1	coprriere.it
127.0.0.1	www.coprriere.it
127.0.0.1	core.psyche-evolution.com
127.0.0.1	www.core.psyche-evolution.com
127.0.0.1	coreiere.it
127.0.0.1	www.coreiere.it
127.0.0.1	coreriere.it
127.0.0.1	www.coreriere.it
127.0.0.1	corrdiere.it
127.0.0.1	www.corrdiere.it
127.0.0.1	correiere.it
127.0.0.1	www.correiere.it
127.0.0.1	corrfiere.it
127.0.0.1	www.corrfiere.it
127.0.0.1	corrgiere.it
127.0.0.1	www.corrgiere.it
127.0.0.1	corridere.it
127.0.0.1	www.corridere.it
127.0.0.1	corriedre.it
127.0.0.1	www.corriedre.it
127.0.0.1	corriee.it
127.0.0.1	www.corriee.it
127.0.0.1	corrieere.it
127.0.0.1	www.corrieere.it
127.0.0.1	corriefre.it
127.0.0.1	www.corriefre.it
127.0.0.1	corriegre.it
127.0.0.1	www.corriegre.it
127.0.0.1	corrierde.it
127.0.0.1	www.corrierde.it
127.0.0.1	corriered.it
127.0.0.1	www.corriered.it
127.0.0.1	corrieree.it
127.0.0.1	www.corrieree.it
127.0.0.1	corrieref.it
127.0.0.1	www.corrieref.it
127.0.0.1	corrierer.it
127.0.0.1	www.corrierer.it
127.0.0.1	corrieres.it
127.0.0.1	www.corrieres.it
127.0.0.1	corrierew.it
127.0.0.1	www.corrierew.it
127.0.0.1	corrierfe.it
127.0.0.1	www.corrierfe.it
127.0.0.1	corrierge.it
127.0.0.1	www.corrierge.it
127.0.0.1	corrierr.it
127.0.0.1	www.corrierr.it
127.0.0.1	corrierre.it
127.0.0.1	www.corrierre.it
127.0.0.1	corrierse.it
127.0.0.1	www.corrierse.it
127.0.0.1	corrierte.it
127.0.0.1	www.corrierte.it
127.0.0.1	corrierw.it
127.0.0.1	www.corrierw.it
127.0.0.1	corrierwe.it
127.0.0.1	www.corrierwe.it
127.0.0.1	corriesre.it
127.0.0.1	www.corriesre.it
127.0.0.1	corriete.it
127.0.0.1	www.corriete.it
127.0.0.1	corrietre.it
127.0.0.1	www.corrietre.it
127.0.0.1	corriewre.it
127.0.0.1	www.corriewre.it
127.0.0.1	corrifere.it
127.0.0.1	www.corrifere.it
127.0.0.1	corriiere.it
127.0.0.1	www.corriiere.it
127.0.0.1	corrilere.it
127.0.0.1	www.corrilere.it
127.0.0.1	corrioere.it
127.0.0.1	www.corrioere.it
127.0.0.1	corrire.it
127.0.0.1	www.corrire.it
127.0.0.1	corrirere.it
127.0.0.1	www.corrirere.it
127.0.0.1	corrirre.it
127.0.0.1	www.corrirre.it
127.0.0.1	corrisere.it
127.0.0.1	www.corrisere.it
127.0.0.1	corriuere.it
127.0.0.1	www.corriuere.it
127.0.0.1	corriwere.it
127.0.0.1	www.corriwere.it
127.0.0.1	corriwre.it
127.0.0.1	www.corriwre.it
127.0.0.1	corrliere.it
127.0.0.1	www.corrliere.it
127.0.0.1	corroere.it
127.0.0.1	www.corroere.it
127.0.0.1	corroiere.it
127.0.0.1	www.corroiere.it
127.0.0.1	corrriere.it
127.0.0.1	www.corrriere.it
127.0.0.1	corrtiere.it
127.0.0.1	www.corrtiere.it
127.0.0.1	corruere.it
127.0.0.1	www.corruere.it
127.0.0.1	corruiere.it
127.0.0.1	www.corruiere.it
127.0.0.1	cortiere.it
127.0.0.1	www.cortiere.it
127.0.0.1	cortriere.it
127.0.0.1	www.cortriere.it
127.0.0.1	costrike.com
127.0.0.1	www.costrike.com
127.0.0.1	cotriere.it
127.0.0.1	www.cotriere.it
127.0.0.1	cotrriere.it
127.0.0.1	www.cotrriere.it
127.0.0.1	couldnotfind.com
127.0.0.1	count.cc
127.0.0.1	count.hitscount.net
127.0.0.1	count-all.com
127.0.0.1	countdutycall.info
127.0.0.1	www.countdutycall.info
127.0.0.1	counter.sexmaniack.com
127.0.0.1	cporriere.it
127.0.0.1	www.cporriere.it
127.0.0.1	cprriere.it
127.0.0.1	www.cprriere.it
127.0.0.1	cpvfeed.com
127.0.0.1	cracks.me.uk
127.0.0.1	cracks4all.com
127.0.0.1	www.cracks4all.com
127.0.0.1	crapsgold.info
127.0.0.1	www.crapsgold.info
127.0.0.1	Crazygirls-world.com
127.0.0.1	crazywinnings.com
127.0.0.1	www.crazywinnings.com
127.0.0.1	creamedcutties.com
127.0.0.1	createaccesskey.com
127.0.0.1	www.createaccesskey.com
127.0.0.1	creditsearchonline.com
127.0.0.1	crestring.com
127.0.0.1	crooder.com
127.0.0.1	crriere.it
127.0.0.1	www.crriere.it
127.0.0.1	crystalysmedia.com
127.0.0.1	www.crystalysmedia.com
127.0.0.1	csx.adservs.com
127.0.0.1	www.csx.adservs.com
127.0.0.1	cts.180solutions.com
127.0.0.1	cuisinartoven.com
127.0.0.1	www.cuisinartoven.com
127.0.0.1	curedc.info
127.0.0.1	www.curedc.info
127.0.0.1	curepcsolutions.com
127.0.0.1	www.curepcsolutions.com
127.0.0.1	curvedspaces.com
127.0.0.1	cutadult.com
127.0.0.1	www.cutadult.com
127.0.0.1	cvirgilio.it
127.0.0.1	www.cvirgilio.it
127.0.0.1	cvorriere.it
127.0.0.1	www.cvorriere.it
127.0.0.1	cvs.jps.ru
127.0.0.1	cvsymphony.com
127.0.0.1	cxorriere.it
127.0.0.1	www.cxorriere.it
127.0.0.1	cyberrape.com
127.0.0.1	www.cyberrape.com
127.0.0.1	cydom.com
127.0.0.1	cydoor.com
127.0.0.1	www.cydoor.com
127.0.0.1	daily-gals.com
127.0.0.1	dailypornmag.com
127.0.0.1	www.dailypornmag.com
127.0.0.1	dailyteenspic.com
127.0.0.1	dailytoolbar.com
127.0.0.1	www.dailytoolbar.com
127.0.0.1	dancingbabycd.com
127.0.0.1	data-hoster.com
127.0.0.1	www.data-hoster.com
127.0.0.1	datanotary.com
127.0.0.1	datareco.com
127.0.0.1	dating-galaxy.info
127.0.0.1	www.dating-galaxy.info
127.0.0.1	dating-search.net
127.0.0.1	davemarshall.org
127.0.0.1	db105.com
127.0.0.1	dbdecicated.com
127.0.0.1	www.dbdecicated.com
127.0.0.1	dbxcompany.com
127.0.0.1	www.dbxcompany.com
127.0.0.1	dcdl.dmcast.com
127.0.0.1	dcfitusa.com
127.0.0.1	dcorriere.it
127.0.0.1	www.dcorriere.it
127.0.0.1	dcurtis.com
127.0.0.1	www.dcurtis.com
127.0.0.1	dcww.dmcast.com
127.0.0.1	de.ag
127.0.0.1	de.drivecleaner.com
127.0.0.1	de.errorsafe.com
127.0.0.1	de.winantivirus.com
127.0.0.1	de98.remsys.org
127.0.0.1	debay.it
127.0.0.1	www.debay.it
127.0.0.1	dedmazay.3322.org
127.0.0.1	dedsearch.com
127.0.0.1	www.dedsearch.com
127.0.0.1	defaultsearch.net
127.0.0.1	Defensaantimalware.com
127.0.0.1	www.Defensaantimalware.com
127.0.0.1	deja-rue.com
127.0.0.1	www.deja-rue.com
127.0.0.1	derklaif.biz
127.0.0.1	www.derklaif.biz
127.0.0.1	derrari.it
127.0.0.1	www.derrari.it
127.0.0.1	desarrollocreativo.com
127.0.0.1	deskbar.worldtostart.com
127.0.0.1	www.deskbar.worldtostart.com
127.0.0.1	deskwizz.com
127.0.0.1	www.deskwizz.com
127.0.0.1	dev.ntcor.com
127.0.0.1	develip.com
127.0.0.1	dewis.spb.ru
127.0.0.1	dewis.us
127.0.0.1	df809jow4wj2304lfd0sf9fsd0a2t4ldf809jow4wj2304lfd0sf9fsd0a2t4ld.biz
127.0.0.1	dgbusiness.com
127.0.0.1	www.dgbusiness.com
127.0.0.1	dialer2004.com
127.0.0.1	dialerclub.com
127.0.0.1	www.dialerclub.com
127.0.0.1	dialer-shop.com
127.0.0.1	www.dialer-shop.com
127.0.0.1	dialoff.com
127.0.0.1	www.dialoff.com
127.0.0.1	did.i-used.cc
127.0.0.1	www.did.i-used.cc
127.0.0.1	dietpills4free.com
127.0.0.1	dietpussy.com
127.0.0.1	digikeygen.com
127.0.0.1	www.digikeygen.com
127.0.0.1	digistreamsa.com
127.0.0.1	digitalcoders.net
127.0.0.1	www.digitalcoders.net
127.0.0.1	www.digitalfan.com
127.0.0.1	digital-pornography.com
127.0.0.1	dionforvalleycouncil.org
127.0.0.1	directdvdpro.com
127.0.0.1	www.directdvdpro.com
127.0.0.1	directporta.info
127.0.0.1	www.directporta.info
127.0.0.1	directsearchzone.com
127.0.0.1	www.directsearchzone.com
127.0.0.1	dist.checkin100.com
127.0.0.1	dl.ad-ware.cc
127.0.0.1	dl.malwarewipe.com
127.0.0.1	dl.targetsaver.com
127.0.0.1	www.dl.targetsaver.com
127.0.0.1	dl.web-nexus.net
127.0.0.1	dl1.antivermins.com
127.0.0.1	dl1.antivirgear.com
127.0.0.1	dl1.spydawn.com
127.0.0.1	dl1.virusprotectpro.com
127.0.0.1	dl10.spyfalcon.com
127.0.0.1	dl16.spyfalcon.com
127.0.0.1	dl2.spyfalcon.com
127.0.0.1	dl2.spyheal.com
127.0.0.1	dl2.spywarestrike.com
127.0.0.1	dl3.spyfalcon.com
127.0.0.1	dl3.spyheal.com
127.0.0.1	dl3.spywarestrike.com
127.0.0.1	dl4.spyfalcon.com
127.0.0.1	dl4.spywarestrike.com
127.0.0.1	dl5.spyfalcon.com
127.0.0.1	dl5.spywarestrike.com
127.0.0.1	dl6.spywarestrike.com
127.0.0.1	dl7.spywarestrike.com
127.0.0.1	dl8.spyheal.com
127.0.0.1	dl8.spywarestrike.com
127.0.0.1	dl9.spyfalcon.com
127.0.0.1	dmcast.com
127.0.0.1	www.dmcast.com
127.0.0.1	dnaads.com
127.0.0.1	www.dnaads.com
127.0.0.1	dnl.mabou.org
127.0.0.1	dns-look-up.com
127.0.0.1	www.dns-look-up.com
127.0.0.1	doctorwaldron.com
127.0.0.1	document-not-found.pornpic.org
127.0.0.1	doggyaction.com
127.0.0.1	dogproblemswebsite.com
127.0.0.1	www.dogproblemswebsite.com
127.0.0.1	doktorxxx.com
127.0.0.1	dollarrevenue.com
127.0.0.1	domaincar.com
127.0.0.1	www.domaincar.com
127.0.0.1	domains2003.net
127.0.0.1	domains-for-you-online.com
127.0.0.1	domain-your-registration.com
127.0.0.1	domkrat.com
127.0.0.1	dotcomtoolbar.com
127.0.0.1	www.dotcomtoolbar.com
127.0.0.1	down.136136.net
127.0.0.1	download.abetterinternet.com
127.0.0.1	download.antispywarebot.com
127.0.0.1	www.download.antispywarebot.com
127.0.0.1	download.bardownload.com
127.0.0.1	www.download.bardownload.com
127.0.0.1	download.bravesentry.com
127.0.0.1	www.download.bravesentry.com
127.0.0.1	download.cdn.drivecleaner.com
127.0.0.1	download.cdn.errorsafe.com
127.0.0.1	download.cdn.winsoftware.com
127.0.0.1	download.errorsafe.com
127.0.0.1	download.jupitersatellites.biz
127.0.0.1	www.download.jupitersatellites.biz
127.0.0.1	download.searchtabs.net
127.0.0.1	download.secureyournet.biz
127.0.0.1	www.download.secureyournet.biz
127.0.0.1	download.spyonthis.net
127.0.0.1	download.spy-shredder.com
127.0.0.1	download.systemdoctor.com
127.0.0.1	download.winantispyware.com
127.0.0.1	download.winantivirus.com
127.0.0.1	download.windrivecleaner.com
127.0.0.1	download.winfixer.com
127.0.0.1	download10.spywarequake.com
127.0.0.1	download11.spywarequake.com
127.0.0.1	download12.spywarequake.com
127.0.0.1	download13.spywarequake.com
127.0.0.1	download15.spywarequake.com
127.0.0.1	download2.spywarequake.com
127.0.0.1	download-2007.com
127.0.0.1	www.download-2007.com
127.0.0.1	download3.spyaxe.com
127.0.0.1	download3.spywarequake.com
127.0.0.1	download4.spyaxe.com
127.0.0.1	download4.spywarequake.com
127.0.0.1	download5.spyaxe.com
127.0.0.1	download5.spywarequake.com
127.0.0.1	download6.spyaxe.com
127.0.0.1	download7.spywarequake.com
127.0.0.1	download8.spywarequake.com
127.0.0.1	download9.spywarequake.com
127.0.0.1	download-ad-aware.com
127.0.0.1	www.download-ad-aware.com
127.0.0.1	download-all-4-free.com
127.0.0.1	www.download-all-4-free.com
127.0.0.1	download-all-area.com
127.0.0.1	www.download-all-area.com
127.0.0.1	download-antivir.com
127.0.0.1	www.download-antivir.com
127.0.0.1	downloadanysong.com
127.0.0.1	www.downloadanysong.com
127.0.0.1	download-avast.com
127.0.0.1	www.download-avast.com
127.0.0.1	downloadcorporation.com
127.0.0.1	www.downloadcorporation.com
127.0.0.1	download-dvdshrink.com
127.0.0.1	www.download-dvdshrink.com
127.0.0.1	download-for-free.net
127.0.0.1	www.download-for-free.net
127.0.0.1	downloadfreesoft.com
127.0.0.1	www.downloadfreesoft.com
127.0.0.1	downloadfreeway.com
127.0.0.1	www.downloadfreeway.com
127.0.0.1	downloadimesh.com
127.0.0.1	www.downloadimesh.com
127.0.0.1	download-itunes-now.com
127.0.0.1	www.download-itunes-now.com
127.0.0.1	download-limewire.org
127.0.0.1	www.download-limewire.org
127.0.0.1	downloadlost.tv
127.0.0.1	www.downloadlost.tv
127.0.0.1	downloadmax.net
127.0.0.1	www.downloadmax.net
127.0.0.1	download-mcafee.com
127.0.0.1	www.download-mcafee.com
127.0.0.1	download-me.info
127.0.0.1	downloadmediaax.com
127.0.0.1	www.downloadmediaax.com
127.0.0.1	downloadpics.net
127.0.0.1	www.downloadpics.net
127.0.0.1	download-real-player.com
127.0.0.1	www.download-real-player.com
127.0.0.1	downloads.180solutions.com
127.0.0.1	downloads.adaware.cc
127.0.0.1	downloadservicearea.com
127.0.0.1	www.downloadservicearea.com
127.0.0.1	downloads-free.org
127.0.0.1	www.downloads-free.org
127.0.0.1	downloadsglobe.com
127.0.0.1	www.downloadsglobe.com
127.0.0.1	download-this.us
127.0.0.1	www.download-this.us
127.0.0.1	download-trillian.com
127.0.0.1	www.download-trillian.com
127.0.0.1	downloadv3.com
127.0.0.1	www.downloadv3.com
127.0.0.1	downloadvax.com
127.0.0.1	www.downloadvax.com
127.0.0.1	download-windvd.com
127.0.0.1	www.download-windvd.com
127.0.0.1	download-winrar.com
127.0.0.1	www.download-winrar.com
127.0.0.1	downloadwizard.com
127.0.0.1	downloadzcenter.com
127.0.0.1	downloadzcentral.com
127.0.0.1	downloadzfree.com
127.0.0.1	www.downloadzfree.com
127.0.0.1	downloadznow.net
127.0.0.1	download-zone-free.com
127.0.0.1	www.download-zone-free.com
127.0.0.1	download-zone-free.net
127.0.0.1	www.download-zone-free.net
127.0.0.1	dp-host.com
127.0.0.1	dr.mcboo.com
127.0.0.1	dr.webhancer.com
127.0.0.1	www.dr.webhancer.com
127.0.0.1	dr2.webhancer.com
127.0.0.1	www.dr2.webhancer.com
127.0.0.1	dr38.mcboo.com
127.0.0.1	dr47.mcboo.com
127.0.0.1	dragqueen.gay-clan.com
127.0.0.1	drepubblica.it
127.0.0.1	www.drepubblica.it
127.0.0.1	drivecleaner.com
127.0.0.1	www.drivecleaner.com
127.0.0.1	drivecleanr.com
127.0.0.1	www.drivecleanr.com
127.0.0.1	drocherway.com
127.0.0.1	dropspam.com
127.0.0.1	www.dropspam.com
127.0.0.1	drug-sources-exposed.com
127.0.0.1	drvvv.com
127.0.0.1	dsupereva.it
127.0.0.1	www.dsupereva.it
127.0.0.1	dtlproduct.com
127.0.0.1	www.dtlproduct.com
127.0.0.1	dudu.com
127.0.0.1	www.dudu.com
127.0.0.1	dulcineasystems.net
127.0.0.1	dumpserv.com
127.0.0.1	duolaimi.net
127.0.0.1	dutch-sex.com
127.0.0.1	dvdaccess.net
127.0.0.1	www.dvdaccess.net
127.0.0.1	dvdbank.org
127.0.0.1	dvdcodec.net
127.0.0.1	www.dvdcodec.net
127.0.0.1	dvdsmovies.net
127.0.0.1	www.dvdsmovies.net
127.0.0.1	dvdsvideos.net
127.0.0.1	www.dvdsvideos.net
127.0.0.1	dvdtocdsite.com
127.0.0.1	www.dvdtocdsite.com
127.0.0.1	dynamique.drivecleaner.com
127.0.0.1	e3bay.it
127.0.0.1	www.e3bay.it
127.0.0.1	e4bay.it
127.0.0.1	www.e4bay.it
127.0.0.1	eager-sex.com
127.0.0.1	earthllnk.net
127.0.0.1	www.earthllnk.net
127.0.0.1	eases.net
127.0.0.1	easyantispy.com
127.0.0.1	easybestdeals.com
127.0.0.1	www.easybestdeals.com
127.0.0.1	easycategories.com
127.0.0.1	easymp3musicnow.com
127.0.0.1	www.easymp3musicnow.com
127.0.0.1	easy-pharmacy.info
127.0.0.1	www.easy-pharmacy.info
127.0.0.1	easy-search.net
127.0.0.1	easysearch4you.com
127.0.0.1	www.easysearch4you.com
127.0.0.1	easysearchingtips.com
127.0.0.1	easyspyware.com
127.0.0.1	www.easyspyware.com
127.0.0.1	easywww.info
127.0.0.1	www.easywww.info
127.0.0.1	eba6y.it
127.0.0.1	www.eba6y.it
127.0.0.1	eba7y.it
127.0.0.1	www.eba7y.it
127.0.0.1	ebaay.it
127.0.0.1	www.ebaay.it
127.0.0.1	ebagy.it
127.0.0.1	www.ebagy.it
127.0.0.1	ebahy.it
127.0.0.1	www.ebahy.it
127.0.0.1	ebajy.it
127.0.0.1	www.ebajy.it
127.0.0.1	ebaqy.it
127.0.0.1	www.ebaqy.it
127.0.0.1	ebasy.it
127.0.0.1	www.ebasy.it
127.0.0.1	ebaty.it
127.0.0.1	www.ebaty.it
127.0.0.1	ebauy.it
127.0.0.1	www.ebauy.it
127.0.0.1	ebav.com
127.0.0.1	ebaw.com
127.0.0.1	ebawy.it
127.0.0.1	www.ebawy.it
127.0.0.1	ebaxy.it
127.0.0.1	www.ebaxy.it
127.0.0.1	ebay6.it
127.0.0.1	www.ebay6.it
127.0.0.1	ebay7.it
127.0.0.1	www.ebay7.it
127.0.0.1	ebayg.it
127.0.0.1	www.ebayg.it
127.0.0.1	ebayh.it
127.0.0.1	www.ebayh.it
127.0.0.1	ebayj.it
127.0.0.1	www.ebayj.it
127.0.0.1	ebayt.it
127.0.0.1	www.ebayt.it
127.0.0.1	ebayu.it
127.0.0.1	www.ebayu.it
127.0.0.1	ebazy.it
127.0.0.1	www.ebazy.it
127.0.0.1	ebch.com
127.0.0.1	ebdv.com
127.0.0.1	ebdw.com
127.0.0.1	ebestfind.org
127.0.0.1	www.ebestfind.org
127.0.0.1	ebgay.it
127.0.0.1	www.ebgay.it
127.0.0.1	ebgo.com
127.0.0.1	ebhay.it
127.0.0.1	www.ebhay.it
127.0.0.1	ebjp.com
127.0.0.1	ebkb.com
127.0.0.1	ebkn.com
127.0.0.1	ebky.com
127.0.0.1	eblv.com
127.0.0.1	ebmu.com
127.0.0.1	ebnay.it
127.0.0.1	www.ebnay.it
127.0.0.1	ebony-pornmag.com
127.0.0.1	www.ebony-pornmag.com
127.0.0.1	ebonypornmag.com
127.0.0.1	www.ebonypornmag.com
127.0.0.1	ebqay.it
127.0.0.1	www.ebqay.it
127.0.0.1	ebsay.it
127.0.0.1	www.ebsay.it
127.0.0.1	ebsy.it
127.0.0.1	www.ebsy.it
127.0.0.1	ebvay.it
127.0.0.1	www.ebvay.it
127.0.0.1	ebvr.com
127.0.0.1	ebway.it
127.0.0.1	www.ebway.it
127.0.0.1	ebxay.it
127.0.0.1	www.ebxay.it
127.0.0.1	ebzay.it
127.0.0.1	www.ebzay.it
127.0.0.1	ecmh.com
127.0.0.1	ecmp.com
127.0.0.1	ecosrioplatenses.org
127.0.0.1	ecpm.com
127.0.0.1	ecstasyporn.net
127.0.0.1	ecwz.com
127.0.0.1	ecyb.com
127.0.0.1	edbay.it
127.0.0.1	www.edbay.it
127.0.0.1	edhq.com
127.0.0.1	edietprogram.com
127.0.0.1	www.edietprogram.com
127.0.0.1	edty.com
127.0.0.1	eduy.com
127.0.0.1	eebay.it
127.0.0.1	www.eebay.it
127.0.0.1	eeev.com
127.0.0.1	eepubblica.it
127.0.0.1	www.eepubblica.it
127.0.0.1	efbay.it
127.0.0.1	www.efbay.it
127.0.0.1	egbay.it
127.0.0.1	www.egbay.it
127.0.0.1	ehbay.it
127.0.0.1	www.ehbay.it
127.0.0.1	eikokoike.com
127.0.0.1	elitecodec.com
127.0.0.1	www.elitecodec.com
127.0.0.1	elitemediagroup.net
127.0.0.1	www.elitemediagroup.net
127.0.0.1	e-localad.com
127.0.0.1	emailicon.org
127.0.0.1	www.emailicon.org
127.0.0.1	emch.com
127.0.0.1	emcodec.com
127.0.0.1	www.emcodec.com
127.0.0.1	emediacodec.com
127.0.0.1	www.emediacodec.com
127.0.0.1	emjcd.com
127.0.0.1	www.emjcd.com
127.0.0.1	emule.mp3-muzic.com
127.0.0.1	www.emule.mp3-muzic.com
127.0.0.1	emuledownloadhome.com
127.0.0.1	www.emuledownloadhome.com
127.0.0.1	emule-freebie.com
127.0.0.1	www.emule-freebie.com
127.0.0.1	enay.it
127.0.0.1	www.enay.it
127.0.0.1	enbay.it
127.0.0.1	www.enbay.it
127.0.0.1	energy-factor.com
127.0.0.1	www.energy-factor.com
127.0.0.1	engineplay.com
127.0.0.1	www.engineplay.com
127.0.0.1	engine-ticket.com
127.0.0.1	www.engine-ticket.com
127.0.0.1	enhance.com
127.0.0.1	www.enhance.com
127.0.0.1	enhancevideos.com
127.0.0.1	www.enhancevideos.com
127.0.0.1	enitinvest.net
127.0.0.1	enjoywebsurf.com
127.0.0.1	entertainsite.net
127.0.0.1	www.entertainsite.net
127.0.0.1	enterthesearch.com
127.0.0.1	www.enterthesearch.com
127.0.0.1	e-plus.cc
127.0.0.1	epornsex.com
127.0.0.1	eprotectionline.com
127.0.0.1	www.eprotectionline.com
127.0.0.1	eprotectpage.com
127.0.0.1	www.eprotectpage.com
127.0.0.1	erbay.it
127.0.0.1	www.erbay.it
127.0.0.1	erepubblica.it
127.0.0.1	www.erepubblica.it
127.0.0.1	ergosites.com
127.0.0.1	erossoalice.it
127.0.0.1	www.erossoalice.it
127.0.0.1	errari.it
127.0.0.1	www.errari.it
127.0.0.1	error404site.com
127.0.0.1	www.error404site.com
127.0.0.1	error404site.net
127.0.0.1	www.error404site.net
127.0.0.1	errorkiller.com
127.0.0.1	www.errorkiller.com
127.0.0.1	errorprotector.com
127.0.0.1	www.errorprotector.com
127.0.0.1	errorsafe.com
127.0.0.1	www.errorsafe.com
127.0.0.1	errorsdns.com
127.0.0.1	www.errorsdns.com
127.0.0.1	ert0003.e76.163ns.com
127.0.0.1	ertikadeswiokinganfujas.com
127.0.0.1	www.ertikadeswiokinganfujas.com
127.0.0.1	es.winantivirus.com
127.0.0.1	es0-www.5zgmu7o20kt5d8yq.com
127.0.0.1	es1-www.5zgmu7o20kt5d8yq.com
127.0.0.1	es2-www.5zgmu7o20kt5d8yq.com
127.0.0.1	es3-www.5zgmu7o20kt5d8yq.com
127.0.0.1	es4-www.5zgmu7o20kt5d8yq.com
127.0.0.1	es5-www.5zgmu7o20kt5d8yq.com
127.0.0.1	es6-www.5zgmu7o20kt5d8yq.com
127.0.0.1	es7-www.5zgmu7o20kt5d8yq.com
127.0.0.1	es8-www.5zgmu7o20kt5d8yq.com
127.0.0.1	es9-www.5zgmu7o20kt5d8yq.com
127.0.0.1	esafetylist.com
127.0.0.1	www.esafetylist.com
127.0.0.1	esafetypage.com
127.0.0.1	www.esafetypage.com
127.0.0.1	esbay.it
127.0.0.1	www.esbay.it
127.0.0.1	esearch2005.com
127.0.0.1	www.esearch2005.com
127.0.0.1	esecuritynote.com
127.0.0.1	www.esecuritynote.com
127.0.0.1	esecuritypage.com
127.0.0.1	www.esecuritypage.com
127.0.0.1	esupereva.it
127.0.0.1	www.esupereva.it
127.0.0.1	etomi.all-downloads-now.com
127.0.0.1	www.etomi.all-downloads-now.com
127.0.0.1	eupdatepage.com
127.0.0.1	www.eupdatepage.com
127.0.0.1	euuu.com
127.0.0.1	evbay.it
127.0.0.1	www.evbay.it
127.0.0.1	evidence-detector.biz
127.0.0.1	evilspidercomics.com
127.0.0.1	evko.biz
127.0.0.1	www.evko.biz
127.0.0.1	ewbay.it
127.0.0.1	www.ewbay.it
127.0.0.1	ewebsearch.net
127.0.0.1	e-websitesolutions.com
127.0.0.1	ewizard.cc
127.0.0.1	exaccess.ru
127.0.0.1	www.exaccess.ru
127.0.0.1	excellentsckin.com
127.0.0.1	exeupdate.com
127.0.0.1	www.exeupdate.com
127.0.0.1	exflow.org
127.0.0.1	www.exflow.org
127.0.0.1	exit.megago.com
127.0.0.1	expandvideo.com
127.0.0.1	www.expandvideo.com
127.0.0.1	exportplay.com
127.0.0.1	www.exportplay.com
127.0.0.1	extremepaidsurveys.com
127.0.0.1	www.extremepaidsurveys.com
127.0.0.1	extremeseek.net
127.0.0.1	eza1netsearch.com
127.0.0.1	www.eza1netsearch.com
127.0.0.1	ezcybersearch.com
127.0.0.1	www.ezcybersearch.com
127.0.0.1	ez-searching.com
127.0.0.1	ezwebsearching.com
127.0.0.1	www.ezwebsearching.com
127.0.0.1	f1.bestmanage.org
127.0.0.1	f1.truth-is-out-there.org
127.0.0.1	f1organizer.com
127.0.0.1	www.f1organizer.com
127.0.0.1	f2.bestmanage.org
127.0.0.1	f2.truth-is-out-there.org
127.0.0.1	f3.bestmanage.org
127.0.0.1	f3.truth-is-out-there.org
127.0.0.1	f4.bestmanage.org
127.0.0.1	f4.truth-is-out-there.org
127.0.0.1	f5.bestmanage.org
127.0.0.1	f5.truth-is-out-there.org
127.0.0.1	f6.bestmanage.org
127.0.0.1	f7.bestmanage.org
127.0.0.1	f7.truth-is-out-there.org
127.0.0.1	f8.bestmanage.org
127.0.0.1	f8.truth-is-out-there.org
127.0.0.1	f9.bestmanage.org
127.0.0.1	f9.truth-is-out-there.org
127.0.0.1	fairsearcher.com
127.0.0.1	www.fairsearcher.com
127.0.0.1	faithstevens.com
127.0.0.1	fantasiewelten.com
127.0.0.1	farmacept32.phpnet.us
127.0.0.1	farmsteadbandb.com
127.0.0.1	farse.com
127.0.0.1	fartpost.com
127.0.0.1	fastfreedownload.com
127.0.0.1	fastmetasearch.com
127.0.0.1	www.fastmetasearch.com
127.0.0.1	fastssearch.com
127.0.0.1	www.fastssearch.com
127.0.0.1	fastwebfinder.com
127.0.0.1	faxporn.com
127.0.0.1	fazzetta.it
127.0.0.1	www.fazzetta.it
127.0.0.1	fcorriere.it
127.0.0.1	www.fcorriere.it
127.0.0.1	featured-results.com
127.0.0.1	febay.it
127.0.0.1	www.febay.it
127.0.0.1	feed.dedsearch.com
127.0.0.1	feeds.2search.com
127.0.0.1	www.feeds.2search.com
127.0.0.1	feeds2.2search.org
127.0.0.1	www.feeds2.2search.org
127.0.0.1	ferraeri.it
127.0.0.1	www.ferraeri.it
127.0.0.1	ferrai.it
127.0.0.1	www.ferrai.it
127.0.0.1	ferrarei.it
127.0.0.1	www.ferrarei.it
127.0.0.1	ferrarti.it
127.0.0.1	www.ferrarti.it
127.0.0.1	ferrasri.it
127.0.0.1	www.ferrasri.it
127.0.0.1	ferratri.it
127.0.0.1	www.ferratri.it
127.0.0.1	ferreari.it
127.0.0.1	www.ferreari.it
127.0.0.1	ferrri.it
127.0.0.1	www.ferrri.it
127.0.0.1	ferrsari.it
127.0.0.1	www.ferrsari.it
127.0.0.1	ferrtari.it
127.0.0.1	www.ferrtari.it
127.0.0.1	fetrrari.it
127.0.0.1	www.fetrrari.it
127.0.0.1	fgazzetta.it
127.0.0.1	www.fgazzetta.it
127.0.0.1	fgoogle.it
127.0.0.1	www.fgoogle.it
127.0.0.1	fhg.panet.org
127.0.0.1	fhgate.com
127.0.0.1	www.fhgate.com
127.0.0.1	fickenisgeil.de
127.0.0.1	file.unionsms.net
127.0.0.1	filestore.com
127.0.0.1	www.filestore.com
127.0.0.1	filetretporn.com
127.0.0.1	www.filetretporn.com
127.0.0.1	Filtrodetrojan.com
127.0.0.1	www.Filtrodetrojan.com
127.0.0.1	finalfantasyactionfigures.com
127.0.0.1	www.finalfantasyactionfigures.com
127.0.0.1	finance-loans.com
127.0.0.1	find4u.net
127.0.0.1	find-52.com
127.0.0.1	www.find-52.com
127.0.0.1	findanyshow.org
127.0.0.1	www.findanyshow.org
127.0.0.1	find-find-777.net
127.0.0.1	www.find-find-777.net
127.0.0.1	find-itnow.com
127.0.0.1	findit-now.com
127.0.0.1	findloss.com
127.0.0.1	findthesite.com
127.0.0.1	findthewebsiteyouneed.com
127.0.0.1	www.findthewebsiteyouneed.com
127.0.0.1	find-uk-health.co.uk
127.0.0.1	findwapsite.org
127.0.0.1	www.findwapsite.org
127.0.0.1	findwhatevernow.com
127.0.0.1	www.findwhatevernow.com
127.0.0.1	fined.biz
127.0.0.1	fine-search.net
127.0.0.1	fionasteel.com
127.0.0.1	firefoxdownload-now.com
127.0.0.1	www.firefoxdownload-now.com
127.0.0.1	firehunt.com
127.0.0.1	www.firehunt.com
127.0.0.1	firgilio.it
127.0.0.1	www.firgilio.it
127.0.0.1	firstbookmark.net
127.0.0.1	firstgoodsearch.com
127.0.0.1	www.firstgoodsearch.com
127.0.0.1	fitness-free.com
127.0.0.1	fixerantispy.com
127.0.0.1	www.fixerantispy.com
127.0.0.1	fjsynebcod.com
127.0.0.1	www.fjsynebcod.com
127.0.0.1	flashdollars.com
127.0.0.1	www.flashdollars.com
127.0.0.1	flashflashmx.3322.org
127.0.0.1	floorsovertexas.com
127.0.0.1	www.floorsovertexas.com
127.0.0.1	floproject.com
127.0.0.1	www.floproject.com
127.0.0.1	flrxtools.greatnuke.com
127.0.0.1	flrx-tools.net
127.0.0.1	www.flrx-tools.net
127.0.0.1	fn777.greatbahamas.com
127.0.0.1	www.fn777.greatbahamas.com
127.0.0.1	foodvacations.net
127.0.0.1	forex.jps.ru
127.0.0.1	forexcredit.com
127.0.0.1	forexcredit.ru

jlpjlp · Answer

regarde mon message precedant et fais la suite

gringosky · Answer

Pardon, je n'avais pas fait attention qu'il y avait une suite.
- Pour Outlook express, j'ai supprimé l'ensemble des fichiers situés dans "éléments supprimés",
- J'ai installé la nouvelle version de Java et supprimé l'ancienne,
- J'ai lancé AVG pour une recherche rapide en mode normal (rapport ci dessous),
- Le lien vers le tool de sUBs est inactif, je ne l'ai donc pas lancé,
- J'ai téléchargé Clean, je passe en mode sans échec pour le lancer,
- Je ferai le scan en ligne et le hijackthis ensuite (j'ai déjà effectué les modifications de dossier et de nom) pour enfin coller les rapoorts.
@+


---------------------------------------------------------
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------

 + Créé à:	13:25:43 18/10/2007

 + Résultat de l'analyse:	



C:\WINDOWS\ekdia140.exe -> Heuristic.Win32.Dialer : Aucune action entreprise.
C:\Documents and Settings\HP_Administrateur\Cookies\hp_administrateur@2o7[1].txt -> TrackingCookie.2o7 : Aucune action entreprise.
C:\Documents and Settings\HP_Administrateur\Cookies\hp_administrateur@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Aucune action entreprise.
C:\Documents and Settings\HP_Administrateur\Cookies\hp_administrateur@advertising[2].txt -> TrackingCookie.Advertising : Aucune action entreprise.
C:\Documents and Settings\HP_Administrateur\Cookies\hp_administrateur@ssl-hints.netflame[1].txt -> TrackingCookie.Netflame : Aucune action entreprise.
C:\Documents and Settings\HP_Administrateur\Cookies\hp_administrateur@bs.serving-sys[1].txt -> TrackingCookie.Serving-sys : Aucune action entreprise.
C:\Documents and Settings\HP_Administrateur\Cookies\hp_administrateur@serving-sys[2].txt -> TrackingCookie.Serving-sys : Aucune action entreprise.


Fin du rapport

gringosky · Answer

R.A.S. pour clean en mode sans échec.
Ci dessous le rapport de hijackthis.
Toujours pas accès aux registres et toujours message à l'ouverture de windows concernant C:\WINDOWS\System32\printer.exe.
Je viens de lancer le scan en ligne (Bitdefender) et AVG pour une analyse complète en mode normal.
@+


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:46:08, on 18/10/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
c:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
c:\Program Files\Norton AntiVirus
avapsvc.exe
c:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\Explorer.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\ehome\ehtray.exe
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\system32\hphmon06.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\keyhook.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\WINDOWS\system32\CTHELPER.EXE
C:\Program Files\Creative\SBAudigy2ZS\DVDAudio\CTDVDDet.EXE
C:\Program Files\Arcadyan Wireless\Configuration\SoftAp.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\WINDOWS\system32\ps2.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Fichiers communs\VirusGarde\stmon.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\PROGRA~1\HELPAN~1\Pavilion\XPEWWBF4\plugin\bin\pchbutton.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\system32\CTSvcCDA.EXE
C:\WINDOWS\eHome\ehRecvr.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\system32
vsvc32.exe
C:\Program Files\Arcadyan Wireless\pctwpasv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
c:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Outlook Express\msimn.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\hijackthis\eden.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr?cobrand=hp-desktop.msn.com&ocid=HPDHP&pc=HPDTDF
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FR_FR&c=Q404&bd=pavilion&pf=desktop
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FR_FR&c=Q404&bd=pavilion&pf=desktop
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://www.msn.com/fr-fr?cobrand=hp-desktop.msn.com&ocid=HPDHP&pc=HPDTDF
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
F2 - REG:system.ini: Shell=Explorer.exe C:\WINDOWS\system32\printer.exe
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {ABCDECF0-4B15-11D1-ABED-709549C10000} - (no file)
O3 - Toolbar: Vue HP - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - c:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [HPHUPD06] c:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe
O4 - HKLM\..\Run: [HPHmon06] C:\WINDOWS\system32\hphmon06.exe
O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [SiS Windows KeyHook] C:\WINDOWS\system32\keyhook.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [CTDVDDET] C:\Program Files\Creative\SBAudigy2ZS\DVDAudio\CTDVDDet.EXE
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [SoftAP] C:\Program Files\Arcadyan Wireless\NetCfgWizard.exe /U
O4 - HKLM\..\Run: [Wireless SoftAP] "C:\Program Files\Arcadyan Wireless\Configuration\SoftAp.exe" /M
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Resume copy] copyfstq.exe /startup
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [POINTER] point32.exe
O4 - HKLM\..\Run: [RavAV] C:\WINDOWS\AdobeR.exe
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Salestart] "C:\Program Files\Fichiers communs\VirusGarde\stmon.exe" dm=http://virusgarde.com; ad=http://virusgarde.com
O4 - HKLM\..\Run: [rtasks] C:\Program Files\VirusGardetasks.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
O4 - HKCU\..\Run: [Acme.PCHButton] C:\PROGRA~1\HELPAN~1\Pavilion\XPEWWBF4\plugin\bin\pchbutton.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\RunOnce: [SetDefaultMIDI] MIDIDEF.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SetDefaultMIDI] MIDIDEF.EXE (User 'Default user')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {E87F6C8E-16C0-11D3-BEF7-009027438003} (Persits Software XUpload) - https://tiragesphoto.fnac.com/
O17 - HKLM\System\CCS\Services\Tcpip\..\{8065FA02-E52A-443D-873E-58DEC07F2D81}: NameServer = 213.228.0.23,212.27.32.176
O20 - AppInit_DLLs: C:\WINDOWS\system32\sulimo.dat
O20 - Winlogon Notify: msldr32 - msldr32.dll (file missing)
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTSvcCDA.EXE
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - c:\Program Files\Norton AntiVirus
avapsvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32
vsvc32.exe
O23 - Service: SoftAP WPA Authenticator Service (PCTWPASV) - PCTEL Inc. - C:\Program Files\Arcadyan Wireless\pctwpasv.exe
O23 - Service: SAVScan - Symantec Corporation - c:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe

jlpjlp · Answer

le tool de sUBs
a faire:
http://www.techsupportforum.com/sectools/sUBs/Flash_Disinfector.exe


pour virer RJUMP virus ici:
O4 - HKLM\..\Run: [RavAV] C:\WINDOWS\AdobeR.exe 
____________

tu as mal fais avg antispyware car rien n'a été viré!


Si un fichier est infecté en fin d'analyse 

->Clique sur "Appliquer toutes les actions " 


C:\WINDOWS\ekdia140.exe -> Heuristic.Win32.Dialer : Aucune action entreprise. 

__________

Télécharge SDFix (créé par AndyManchesta) et sauvegarde le sur ton Bureau. 
http://downloads.andymanchesta.com/RemovalTools/SDFix.exe 
Double clique sur SDFix.exe et choisis Install pour l'extraire dans un dossier dédié sur le Bureau. Redémarre ton ordinateur en mode sans échec en suivant la procédure que voici : 
• Redémarre ton ordinateur 
• Après avoir entendu l'ordinateur biper lors du démarrage, mais avant que l'icône Windows apparaisse, tapote la touche F8 (une pression par seconde). 
• A la place du chargement normal de Windows, un menu avec différentes options devrait apparaître. 
• Choisis la première option, pour exécuter Windows en mode sans échec, puis appuie sur "Entrée". 
• Choisis ton compte. 
Déroule la liste des instructions ci-dessous : 
• Ouvre le dossier SDFix qui vient d'être créé dans le répertoire C:\ et double clique sur RunThis.bat pour lancer le script. 
• Appuie sur Y pour commencer le processus de nettoyage. 
• Il va supprimer les services et les entrées du Registre de certains trojans trouvés puis te demandera d'appuyer sur une touche pour redémarrer. 
• Appuie sur une touche pour redémarrer le PC. 
• Ton système sera plus long pour redémarrer qu'à l'accoutumée car l'outil va continuer à s'exécuter et supprimer des fichiers. 
• Après le chargement du Bureau, l'outil terminera son travail et affichera Finished. 
• Appuie sur une touche pour finir l'exécution du script et charger les icônes de ton Bureau. 
• Les icônes du Bureau affichées, le rapport SDFix s'ouvrira à l'écran et s'enregistrera aussi dans le dossier SDFix sous le nom Report.txt. 
• Enfin, copie/colle le contenu du fichier Report.txt dans ta prochaine réponse sur le forum

________________

lance rogue remover 

https://www.01net.com/telecharger/ 


________________


scan avec vundofix (colle le rapport)

Téléchargez VundoFix -> http://www.atribune.org/ccount/click.php?id=4

Double cliquez VundoFix.exe pour l'exécuter.
Quand VundoFix s'ouvre, cliquez sur le bouton Scan for Vundo.
Une fois le scan fini, cliquez sur le bouton Remove Vundo.
Vous recevrez un avertissement vous demandant si vous voulez effacer ces
fichiers répondez en cliquant sur YES
Une fois que vous avez cliqué yes, votre bureau deviendra vide au moment où il
enlève Vundo.

Quand c'est fini, il vous sera demandé de redémarrer votre ordinateur, cliquez
OK.

_________________

combofix (colle le rapport)

http://mickael.barroux.free.fr/securite/combofix.php


___________________

recolle hijackthis et dis tes pbs  si printer encore present

gringosky · Answer

Voilà où j'en suis. - Scan PC et recherche AVG toujours en cours; C'est assez long. Quasiment rien de détecté pour le moment. En parallèle : - SUBs téléchargé et exécuté, - RJUMP supprimé, - Pour l'antispyware, pas de souci, j'ai juste imprimé un rapport intermédiaire. Je les ai supprimé juste après. - SDFix téléchargé. J'attends que le scan et AVG aient terminé pour l'exécuter en mode sans échec, - Rogue remover exécuté. Deux fichiers supprimés (rapport ci dessous), - Combofix exécuté (rapport ci dessous), - Vundofix exécuté. J'attends la fin du scan et d'AVG pour accepter de redémarrer. Je redémarrerai en mode sans échec et finirai avec SDFix. Enfin, je relancerai hijackthis. Je te tiens au courant des différents résultats. @+ -------------------------------------------------------------------------------------------------------------------------------- Malwarebytes' RogueRemover Malwarebytes ©2007 https://www.malwarebytes.com/ 5680 total fingerprints loaded. Loading database ... Expanding environmental variables ... Scanning files ... [ 100% ]. Scanning folders ... [ 100% ]. Scanning registry keys ... [ 100% ]. Scanning registry values ... [ 100% ]. -------------------------------------------------------------------------------------------------------------------------------- ComboFix 07-10-18.6 - HP_Administrateur 2007-10-18 14:38:37.1 - NTFSx86 Le temps d'ex‚cution du script a ‚t‚ d‚pass‚ pour le script "C:\ComboFix\osid.vbs". L'ex‚cution du script a pris fin. Running from: C:\Documents and Settings\HP_Administrateur\Bureau\Drivers\ComboFix.exe . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . C:\Documents and Settings\All Users\Application Data.\salesmonitor C:\Documents and Settings\HP_Administrateur\Application Data\install_fr[1].exe . ((((((((((((((((((((((((((((( Fichiers créés 2007-09-18 to 2007-10-18 )))))))))))))))))))))))))))))))))))) . 2007-10-18 14:31 d-------- C:\Program Files\RogueRemover FREE 2007-10-18 14:27 51,200 --a------ C:\WINDOWS ircmd.exe 2007-10-18 13:21 d-------- C:\hijackthis 2007-10-18 11:14 5,104 --a------ C:\WINDOWS\system32 mp.reg 2007-10-18 11:13 289,144 --a------ C:\WINDOWS\system32\VCCLSID.exe 2007-10-18 11:13 288,417 --a------ C:\WINDOWS\system32\SrchSTS.exe 2007-10-18 11:13 53,248 --a------ C:\WINDOWS\system32\Process.exe 2007-10-18 11:13 51,200 --a------ C:\WINDOWS\system32\dumphive.exe 2007-10-18 11:13 25,600 --a------ C:\WINDOWS\system32\WS2Fix.exe 2007-10-18 10:33 d-------- C:\WINDOWS\BDOSCAN8 2007-10-17 23:17 d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy 2007-10-17 23:01 d--h----- C:\WINDOWS\system32\GroupPolicy 2007-10-17 21:56 266,360 --a------ C:\WINDOWS\system32\TweakUI.exe 2007-10-17 21:04 d-------- C:\Documents and Settings\All Users\Application Data\Grisoft 2007-10-17 20:50 d-------- C:\Program Files\Fichiers communs\VirusGarde 2007-10-17 20:50 24,064 --a------ C:\WINDOWS\system32\msxml3a.dll 2007-10-17 14:50 1,536 --a------ C:\WINDOWS\system32\Delete_Me_Dummy_sulimo.dat . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2007-10-18 11:14 --------- d-----w C:\Program Files\Java 2007-10-17 11:45 --------- d-----w C:\Program Files\Diablo II 2007-10-17 11:44 43,520 ----a-w C:\WINDOWS\system32\CmdLineExt03.dll 2007-10-13 19:14 --------- d-----w C:\Program Files\eMule 2007-10-13 17:45 --------- d-----w C:\Documents and Settings\HP_Administrateur\Application Data\U3 2007-10-02 21:49 --------- d-----w C:\Documents and Settings\HP_Administrateur\Application Data\Azureus 2007-10-02 19:19 --------- d-----w C:\Program Files\Azureus 2007-09-11 20:18 30,648 ----a-w C:\Documents and Settings\HP_Administrateur\Application Data\GDIPFONTCACHEV1.DAT 2007-08-30 18:20 --------- d-----w C:\Documents and Settings\All Users\Application Data View_Profiles 2007-08-21 06:17 683,520 ----a-w C:\WINDOWS\system32\inetcomm.dll 2007-07-30 17:19 92,504 ----a-w C:\WINDOWS\system32\cdm.dll 2007-07-30 17:19 549,720 ----a-w C:\WINDOWS\system32\wuapi.dll 2007-07-30 17:19 53,080 ----a-w C:\WINDOWS\system32\wuauclt.exe 2007-07-30 17:19 43,352 ----a-w C:\WINDOWS\system32\wups2.dll 2007-07-30 17:19 325,976 ----a-w C:\WINDOWS\system32\wucltui.dll 2007-07-30 17:19 203,096 ----a-w C:\WINDOWS\system32\wuweb.dll 2007-07-30 17:19 1,712,984 ----a-w C:\WINDOWS\system32\wuaueng.dll 2007-07-30 17:18 33,624 ----a-w C:\WINDOWS\system32\wups.dll . ((((((((((((((((((((((((((((((((( Point de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ehTray"="C:\WINDOWS\ehome\ehtray.exe" [2004-08-10 12:04] "hpsysdrv"="c:\windows\system\hpsysdrv.exe" [1998-05-07 17:04] "HPHUPD06"="c:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe" [2004-06-07 19:53] "HPHmon06"="C:\WINDOWS\system32\hphmon06.exe" [2004-06-07 19:43] "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2004-06-08 21:31] "Recguard"="C:\WINDOWS\SMINST\RECGUARD.EXE" [2004-04-14 21:43] "VTTimer"="VTTimer.exe" [] "SiS Windows KeyHook"="C:\WINDOWS\system32\keyhook.exe" [2004-05-20 10:47] "ccApp"="C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe" [2005-04-06 10:59] "CTHelper"="CTHELPER.EXE" [2003-11-14 02:18 C:\WINDOWS\system32\CTHELPER.EXE] "ATIPTA"="C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2005-09-14 22:05] "CTDVDDET"="C:\Program Files\Creative\SBAudigy2ZS\DVDAudio\CTDVDDet.EXE" [2003-06-18 02:00] "UpdReg"="C:\WINDOWS\UpdReg.EXE" [2000-05-11 02:00] "SoftAP"="C:\Program Files\Arcadyan Wireless\NetCfgWizard.exe" [2004-02-17 11:19] "Wireless SoftAP"="C:\Program Files\Arcadyan Wireless\Configuration\SoftAp.exe" [2004-02-17 11:20] "Symantec NetDriver Monitor"="C:\PROGRA~1\SYMNET~1\SNDMon.exe" [2005-08-19 19:31] "NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 11:50] "Resume copy"="copyfstq.exe" [2005-09-19 17:52 C:\WINDOWS\copyfstq.exe] "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2004-01-01 11:33] "LVCOMSX"="C:\WINDOWS\system32\LVCOMSX.EXE" [2004-02-25 17:15] "LogitechVideoRepair"="C:\Program Files\Logitech\Video\ISStart.exe" [2004-02-25 18:15] "LogitechVideoTray"="C:\Program Files\Logitech\Video\LogiTray.exe" [2004-02-25 18:06] "POINTER"="point32.exe" [] "PS2"="C:\WINDOWS\system32\ps2.exe" [2002-10-16 17:57] "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2007-04-12 23:44] "nwiz"="nwiz.exe" [2007-04-12 23:44 C:\WINDOWS\system32 wiz.exe] "NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2007-04-12 23:44] "SunJavaUpdateSched"="C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe" [] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Acme.PCHButton"="C:\PROGRA~1\HELPAN~1\Pavilion\XPEWWBF4\plugin\bin\pchbutton.exe" [2004-01-01 11:42] "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-06-27 08:45] "SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2007-08-31 16:46] [HKEY_USERS\.default\software\microsoft\windows\currentversion unonce] "SetDefaultMIDI"=MIDIDEF.EXE "StartMS"="C:\Program Files\Creative\Shared Files\Media Sniffer\StartMS.EXE" /s "CMSRegOW.exe"="C:\Program Files\InstallShield Installation Information\{56F3E1FF-54FE-4384-A153-6CCABA097814}\CMSRegOW.exe" /r [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles "InstallTheme"=C:\WINDOWS\Resources\Themes\Royale.theme [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon otify\msldr32] msldr32.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "appinit_dlls"=C:\WINDOWS\system32\sulimo.dat R2 PCTWPASV;SoftAP WPA Authenticator Service;"C:\Program Files\Arcadyan Wireless\pctwpasv.exe" R3 PCTINDIS5;PCTINDIS5 NDIS Protocol Driver;\??\C:\WINDOWS\system32\PCTINDIS5.SYS R3 PRISM_A00;Intersil PRISM 802.11a/g Driver;C:\WINDOWS\system32\DRIVERS\PCTELSAP.SYS R3 USBSTOR;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS S3 AR5523;NETGEAR WG111T USB2.0 Wireless Card Service;C:\WINDOWS\system32\DRIVERS\wg11tnd5.sys S3 ATHFMWDL;NETGEAR WG111T bootloader driver;C:\WINDOWS\system32\Drivers\ATHFMWDL.sys S3 DNINDIS5;DNINDIS5 NDIS Protocol Driver;\??\C:\WINDOWS\system32\DNINDIS5.SYS S3 NUVision;Hauppauge WinTV USB Pro (PAL/SECAM);C:\WINDOWS\system32\DRIVERS\NUVision.sys [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\K] AutoRun\command - K:\LaunchU3.exe -a [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\L] AutoRun\command - L:\LaunchU3.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2a36cafe-33bf-11dc-8849-00112fd1a626}] AutoRun\command - explorer.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{6a9dbb71-068e-11db-85a4-00112fd1a626}] AutoRun\command - explorer.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{9bffcf53-8434-11da-84c2-000fb5978528}] AutoRun\command - explorer.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ee809dfe-ad0d-11da-8503-00112fd1a626}] AutoRun\command - explorer.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ee97117a-52a8-11dc-885f-00112fd1a626}] AutoRun\command - explorer.exe *Newly Created Service* - CATCHME . Contenu du dossier 'Scheduled Tasks/Tâches planifiées' "2007-10-07 02:00:00 C:\WINDOWS\Tasks\Norton AntiVirus - Analyser mon ordinateur - HP_Administrateur.job" - c:\PROGRA~1\NORTON~1\Navw32.exe "2007-10-18 11:28:02 C:\WINDOWS\Tasks\Symantec NetDetect.job" "2007-10-09 01:00:00 C:\WINDOWS\Tasks\XoftSpySE.job" - C:\Documents and Settings\HP_Administrateur\Bureau\Drivers\XoftSpySE\XoftSpy.exe . ************************************************************************** catchme 0.3.1169 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2007-10-18 14:46:47 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** . Completion time: 2007-10-18 14:47:56 . --- E O F --- RogueRemover has detected rogue antispyware components! Results below... Type: Registry Value Vendor: WinAntiVirus 2007 Location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|rtasks Selected for removal: Yes Type: Registry Value Vendor: ErrorProtector Location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|Salestart Selected for removal: Yes RogueRemover has found the objects above. --------------------------------------------------------------------------------------------------------------------------------

gringosky · Answer

Ca y est, j'ai tout exécuté.
Ci dessous les rapports de SDFix et de Hijackthis.
Je ne sais pas s'il y a encore des erreurs, mais j'ai de nouveau accès aux registres, et le message d'erreur à l'entame de windows ne s'affiche plus.
Un très grand merci pour tout.
Très bonne continuation.




SDFix: Version 1.109

Run by HP_Administrateur on 18/10/2007 at 15:11

Microsoft Windows XP [version 5.1.2600]

Running From: C:\SDFix

Safe Mode:
Checking Services: 


Restoring Windows Registry Values
Restoring Windows Default Hosts File

Rebooting...


Normal Mode:
Checking Files: 

No Trojan Files Found




Removing Temp Files...

ADS Check:

C:\WINDOWS
No streams found. 

C:\WINDOWS\system32
No streams found. 

C:\WINDOWS\system32\svchost.exe
No streams found.
 
C:\WINDOWS\system32
toskrnl.exe
No streams found.
 


                                 Final Check:

Remaining Services:
------------------



Authorized Application Key Export:

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

Remaining Files:
---------------


Files with Hidden Attributes:

Wed 22 Dec 2004           204 ..SHR --- "C:\BOOT.BAK"
Wed 22 Dec 2004         4,348 A.SH. --- "C:\Documents and Settings\All Users\DRM\DRMv1.bak"
Sat  5 Feb 2005           782 A.SH. --- "C:\Documents and Settings\All Users\DRM\DRMv10.bak"
Mon  9 May 2005           401 A.SH. --- "C:\Documents and Settings\All Users\DRM\DRMv11.bak"
Mon 17 Oct 2005           782 A.SH. --- "C:\Documents and Settings\All Users\DRM\DRMv13.bak"
Mon 17 Oct 2005         1,163 A.SH. --- "C:\Documents and Settings\All Users\DRM\DRMv15.bak"
Sun 12 Jun 2005         1,163 A.SH. --- "C:\Documents and Settings\All Users\DRM\DRMv16.bak"
Mon  9 May 2005           401 A.SH. --- "C:\Documents and Settings\All Users\DRM\DRMv17.bak"
Mon 23 May 2005         1,163 A.SH. --- "C:\Documents and Settings\All Users\DRM\DRMv18.bak"
Sat  5 Feb 2005           401 A.SH. --- "C:\Documents and Settings\All Users\DRM\DRMv19.bak"
Tue 16 Oct 2007             0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\d03f71700772ecd1d20bacc33c473cd5\BIT5C.tmp"
Mon 12 Feb 2007     3,096,576 A..H. --- "C:\Documents and Settings\HP_Administrateur\Application Data\U3	emp\Launchpad Removal.exe"
Thu 18 Oct 2007         5,998 A.SH. --- "C:\Documents and Settings\All Users\Documents\Recorded TV\TempRec\TempSBE\SBE1.tmp"
Fri  3 Nov 2006       579,584 A..H. --- "C:\Documents and Settings\HP_Administrateur\Bureau\Sky\Boulot\R‚daction Manuscrit\~WRL0005.tmp"
Sun  5 Nov 2006       589,824 A..H. --- "C:\Documents and Settings\HP_Administrateur\Bureau\Sky\Boulot\R‚daction Manuscrit\~WRL0340.tmp"
Sun  5 Nov 2006       588,800 A..H. --- "C:\Documents and Settings\HP_Administrateur\Bureau\Sky\Boulot\R‚daction Manuscrit\~WRL0482.tmp"
Sun  5 Nov 2006       589,312 A..H. --- "C:\Documents and Settings\HP_Administrateur\Bureau\Sky\Boulot\R‚daction Manuscrit\~WRL0662.tmp"
Sun  5 Nov 2006       588,800 A..H. --- "C:\Documents and Settings\HP_Administrateur\Bureau\Sky\Boulot\R‚daction Manuscrit\~WRL0916.tmp"
Fri  3 Nov 2006       386,560 A..H. --- "C:\Documents and Settings\HP_Administrateur\Bureau\Sky\Boulot\R‚daction Manuscrit\~WRL2466.tmp"
Sun  5 Nov 2006       589,824 A..H. --- "C:\Documents and Settings\HP_Administrateur\Bureau\Sky\Boulot\R‚daction Manuscrit\~WRL2782.tmp"
Sun  5 Nov 2006       589,312 A..H. --- "C:\Documents and Settings\HP_Administrateur\Bureau\Sky\Boulot\R‚daction Manuscrit\~WRL3654.tmp"
Sun  5 Nov 2006       588,288 A..H. --- "C:\Documents and Settings\HP_Administrateur\Bureau\Sky\Boulot\R‚daction Manuscrit\~WRL3659.tmp"
Fri  7 Oct 2005        74,240 A..H. --- "C:\Documents and Settings\HP_Administrateur\Bureau\Sky\Boulot\IEEE TNN\Publi IEEE TNN\~WRL0672.tmp"
Tue 11 Oct 2005        71,680 A..H. --- "C:\Documents and Settings\HP_Administrateur\Bureau\Sky\Boulot\IEEE TNN\Publi IEEE TNN\~WRL1150.tmp"

Finished! 


---------------------------------------------------------------


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:29:25, on 18/10/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
c:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
c:\Program Files\Norton AntiVirus
avapsvc.exe
c:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\system32\CTSvcCDA.EXE
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\system32
vsvc32.exe
C:\Program Files\Arcadyan Wireless\pctwpasv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\MsPMSPSv.exe
c:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\wscntfy.exe
c:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymSCUI.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32
otepad.exe
C:\WINDOWS\ehome\ehtray.exe
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\system32\hphmon06.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\keyhook.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\WINDOWS\system32\CTHELPER.EXE
C:\Program Files\Creative\SBAudigy2ZS\DVDAudio\CTDVDDet.EXE
C:\Program Files\Arcadyan Wireless\Configuration\SoftAp.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\WINDOWS\system32\ps2.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\PROGRA~1\HELPAN~1\Pavilion\XPEWWBF4\plugin\bin\pchbutton.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\Outlook Express\msimn.exe
C:\Program Files\Messenger\msmsgs.exe
c:\Program Files\Norton AntiVirus\OPScan.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\hijackthis\eden.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr?cobrand=hp-desktop.msn.com&ocid=HPDHP&pc=HPDTDF
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FR_FR&c=Q404&bd=pavilion&pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FR_FR&c=Q404&bd=pavilion&pf=desktop
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://www.msn.com/fr-fr?cobrand=hp-desktop.msn.com&ocid=HPDHP&pc=HPDTDF
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
F2 - REG:system.ini: Shell=Explorer.exe C:\WINDOWS\system32\printer.exe
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {ABCDECF0-4B15-11D1-ABED-709549C10000} - (no file)
O3 - Toolbar: Vue HP - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - c:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [HPHUPD06] c:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe
O4 - HKLM\..\Run: [HPHmon06] C:\WINDOWS\system32\hphmon06.exe
O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [SiS Windows KeyHook] C:\WINDOWS\system32\keyhook.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [CTDVDDET] C:\Program Files\Creative\SBAudigy2ZS\DVDAudio\CTDVDDet.EXE
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [SoftAP] C:\Program Files\Arcadyan Wireless\NetCfgWizard.exe /U
O4 - HKLM\..\Run: [Wireless SoftAP] "C:\Program Files\Arcadyan Wireless\Configuration\SoftAp.exe" /M
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Resume copy] copyfstq.exe /startup
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [POINTER] point32.exe
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
O4 - HKLM\..\Run: [RavAV] C:\WINDOWS\AdobeR.exe
O4 - HKLM\..\Run: [Salestart] "C:\Program Files\Fichiers communs\VirusGarde\stmon.exe" dm=http://virusgarde.com; ad=http://virusgarde.com
O4 - HKLM\..\Run: [rtasks] C:\Program Files\VirusGardetasks.exe
O4 - HKCU\..\Run: [Acme.PCHButton] C:\PROGRA~1\HELPAN~1\Pavilion\XPEWWBF4\plugin\bin\pchbutton.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\RunOnce: [SetDefaultMIDI] MIDIDEF.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SetDefaultMIDI] MIDIDEF.EXE (User 'Default user')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {E87F6C8E-16C0-11D3-BEF7-009027438003} (Persits Software XUpload) - https://tiragesphoto.fnac.com/
O17 - HKLM\System\CCS\Services\Tcpip\..\{8065FA02-E52A-443D-873E-58DEC07F2D81}: NameServer = 213.228.0.23,212.27.32.176
O20 - AppInit_DLLs: C:\WINDOWS\system32\sulimo.dat
O20 - Winlogon Notify: msldr32 - msldr32.dll (file missing)
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTSvcCDA.EXE
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - c:\Program Files\Norton AntiVirus
avapsvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32
vsvc32.exe
O23 - Service: SoftAP WPA Authenticator Service (PCTWPASV) - PCTEL Inc. - C:\Program Files\Arcadyan Wireless\pctwpasv.exe
O23 - Service: SAVScan - Symantec Corporation - c:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe

jlpjlp · Answer

recolle apres avg et vundofix un nouveau rapport hijackthis

gringosky · Answer

Bonsoir,

Rapport AVG ci dessous.
Vundofix exécuté, aucun fichié détecté.
Rapport hijackthis ci dessous.


---------------------------------------------------------
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------

 + Créé à:	20:24:19 18/10/2007

 + Résultat de l'analyse:	



C:\System Volume Information\_restore{15E1A520-8A89-4825-9793-6282812E3DA8}\RP759\A0057339.exe -> Heuristic.Win32.Dialer : Nettoyé.
C:\System Volume Information\_restore{15E1A520-8A89-4825-9793-6282812E3DA8}\RP759\A0057340.exe -> Heuristic.Win32.Dialer : Nettoyé.
C:\System Volume Information\_restore{15E1A520-8A89-4825-9793-6282812E3DA8}\RP759\A0057341.exe -> Heuristic.Win32.Dialer : Nettoyé.
C:\System Volume Information\_restore{15E1A520-8A89-4825-9793-6282812E3DA8}\RP765\A0058784.exe -> Heuristic.Win32.Dialer : Nettoyé.
C:\System Volume Information\_restore{15E1A520-8A89-4825-9793-6282812E3DA8}\RP766\A0058852.exe -> Not-A-Virus.Downloader.Win32.WinFixer.z : Nettoyé.
C:\qoobox\Quarantine\C\Documents and Settings\HP_Administrateur\Application Data\install_fr[1].exe.vir -> Not-A-Virus.Downloader.Win32.WinFixer.z : Nettoyé.
C:\Documents and Settings\HP_Administrateur\Cookies\hp_administrateur@2o7[3].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\HP_Administrateur\Cookies\hp_administrateur@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\HP_Administrateur\Cookies\hp_administrateur@adtech[1].txt -> TrackingCookie.Adtech : Nettoyé.
C:\Documents and Settings\HP_Administrateur\Cookies\hp_administrateur@advertising[2].txt -> TrackingCookie.Advertising : Nettoyé.
C:\Documents and Settings\HP_Administrateur\Cookies\hp_administrateur@ssl-hints.netflame[2].txt -> TrackingCookie.Netflame : Nettoyé.
C:\Documents and Settings\HP_Administrateur\Cookies\hp_administrateur@bs.serving-sys[1].txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Documents and Settings\HP_Administrateur\Cookies\hp_administrateur@serving-sys[1].txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Documents and Settings\HP_Administrateur\Cookies\hp_administrateur@smartadserver[2].txt -> TrackingCookie.Smartadserver : Nettoyé.
C:\Documents and Settings\HP_Administrateur\Cookies\hp_administrateur@weborama[2].txt -> TrackingCookie.Weborama : Nettoyé.


Fin du rapport

-------------------------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:29:55, on 18/10/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
c:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
c:\Program Files\Norton AntiVirus
avapsvc.exe
c:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\system32\CTSvcCDA.EXE
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\system32
vsvc32.exe
C:\Program Files\Arcadyan Wireless\pctwpasv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\MsPMSPSv.exe
c:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\wscntfy.exe
c:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymSCUI.exe
C:\WINDOWS\ehome\ehtray.exe
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\system32\hphmon06.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\keyhook.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\WINDOWS\system32\CTHELPER.EXE
C:\Program Files\Creative\SBAudigy2ZS\DVDAudio\CTDVDDet.EXE
C:\Program Files\Arcadyan Wireless\Configuration\SoftAp.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\WINDOWS\system32\ps2.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\PROGRA~1\HELPAN~1\Pavilion\XPEWWBF4\plugin\bin\pchbutton.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\Outlook Express\msimn.exe
C:\Program Files\Messenger\msmsgs.exe
C:\hijackthis\eden.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr?cobrand=hp-desktop.msn.com&ocid=HPDHP&pc=HPDTDF
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FR_FR&c=Q404&bd=pavilion&pf=desktop
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/webhp?sourceid=navclient&hl=fr&ie=UTF-8&rls=GGLD,GGLD:2005-24,GGLD:fr&gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FR_FR&c=Q404&bd=pavilion&pf=desktop
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://www.msn.com/fr-fr?cobrand=hp-desktop.msn.com&ocid=HPDHP&pc=HPDTDF
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
F2 - REG:system.ini: Shell=Explorer.exe C:\WINDOWS\system32\printer.exe
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {ABCDECF0-4B15-11D1-ABED-709549C10000} - (no file)
O3 - Toolbar: Vue HP - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - c:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [HPHUPD06] c:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe
O4 - HKLM\..\Run: [HPHmon06] C:\WINDOWS\system32\hphmon06.exe
O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [SiS Windows KeyHook] C:\WINDOWS\system32\keyhook.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [CTDVDDET] C:\Program Files\Creative\SBAudigy2ZS\DVDAudio\CTDVDDet.EXE
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [SoftAP] C:\Program Files\Arcadyan Wireless\NetCfgWizard.exe /U
O4 - HKLM\..\Run: [Wireless SoftAP] "C:\Program Files\Arcadyan Wireless\Configuration\SoftAp.exe" /M
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Resume copy] copyfstq.exe /startup
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [POINTER] point32.exe
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
O4 - HKLM\..\Run: [RavAV] C:\WINDOWS\AdobeR.exe
O4 - HKLM\..\Run: [Salestart] "C:\Program Files\Fichiers communs\VirusGarde\stmon.exe" dm=http://virusgarde.com; ad=http://virusgarde.com
O4 - HKLM\..\Run: [rtasks] C:\Program Files\VirusGardetasks.exe
O4 - HKCU\..\Run: [Acme.PCHButton] C:\PROGRA~1\HELPAN~1\Pavilion\XPEWWBF4\plugin\bin\pchbutton.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\RunOnce: [SetDefaultMIDI] MIDIDEF.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SetDefaultMIDI] MIDIDEF.EXE (User 'Default user')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {E87F6C8E-16C0-11D3-BEF7-009027438003} (Persits Software XUpload) - https://tiragesphoto.fnac.com/
O17 - HKLM\System\CCS\Services\Tcpip\..\{8065FA02-E52A-443D-873E-58DEC07F2D81}: NameServer = 213.228.0.23,212.27.32.176
O20 - AppInit_DLLs: C:\WINDOWS\system32\sulimo.dat
O20 - Winlogon Notify: msldr32 - msldr32.dll (file missing)
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTSvcCDA.EXE
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - c:\Program Files\Norton AntiVirus
avapsvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32
vsvc32.exe
O23 - Service: SoftAP WPA Authenticator Service (PCTWPASV) - PCTEL Inc. - C:\Program Files\Arcadyan Wireless\pctwpasv.exe
O23 - Service: SAVScan - Symantec Corporation - c:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe

jlpjlp · Answer

FIX (fix checked) CES LIGNES AVEC HIJACKTHIS apres avoir coché chacune sur la gauche



R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
F2 - REG:system.ini: Shell=Explorer.exe C:\WINDOWS\system32\printer.exe
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {ABCDECF0-4B15-11D1-ABED-709549C10000} - (no file)


O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
O4 - HKLM\..\Run: [RavAV] C:\WINDOWS\AdobeR.exe
O4 - HKLM\..\Run: [Salestart] "C:\Program Files\Fichiers communs\VirusGarde\stmon.exe" dm=http://virusgarde.com; ad=http://virusgarde.com
O4 - HKLM\..\Run: [rtasks] C:\Program Files\VirusGarde\rtasks.exe

O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll

O20 - AppInit_DLLs: C:\WINDOWS\system32\sulimo.dat
O20 - Winlogon Notify: msldr32 - msldr32.dll (file missing) 




___________________


télécharge OTMoveIt http://download.bleepingcomputer.com/oldtimer/OTMoveIt.exe (de Old_Timer) sur ton Bureau. 
double-clique sur OTMoveIt.exe pour le lancer. 
copie la liste qui se trouve en citation ci-dessous, 
et colle-la dans le cadre de gauche de OTMoveIt :Paste List of Files/Folders to be moved. 

Citation : 

C:\Program Files\Fichiers communs\VirusGarde\stmon.exe
C:\WINDOWS\AdobeR.exe
C:\WINDOWS\system32\printer.exe
C:\Program Files\VirusGarde\rtasks.exe 
C:\WINDOWS\system32\sulimo.dat


clique sur MoveIt! pour lancer la suppression. 
le résultat apparaitra dans le cadre "Results". 
clique sur Exit pour fermer. 
poste le rapport situé dans C:\_OTMoveIt\MovedFiles. 

il te sera peut-être demander de redémarrer le pc pour achever la suppression.si c'est le cas accepte par Yes. 


____________________


si tout s'est bien passé

désactive la restauration système pour purger les virus qui seraient dedans puis réactive là (dans DEMARRER puis TOUS LES PROGRAMMES puis ACCESSOIRE puis OUTILS SYSTEME puis RESTAURATION SYSTEME puis paramètre)

____________________

recolle hijackthis

gringosky · Answer

Re-Bonsoir

J'ai fixé les lignes énoncées,
J'ai téléchargé OTMoveIt et exécuté avec les citations (rapport ci dessous).
J'ai ensuite désactivé la restauration du systèm, appliqué, puis réactivé, puis appliqué.
Enfin, j'ai relancé Hijackthos (rapport ci dessous).

C:\Program Files\Fichiers communs\VirusGarde\stmon.exe moved successfully.
File/Folder C:\WINDOWS\AdobeR.exe not found.
File/Folder C:\WINDOWS\system32\printer.exe not found.
File/Folder C:\Program Files\VirusGardetasks.exe not found.
File/Folder C:\WINDOWS\system32\sulimo.dat not found.
 
Created on 10/18/2007 20:57:32

----------------------------------------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:03:04, on 18/10/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
c:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
c:\Program Files\Norton AntiVirus
avapsvc.exe
c:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\system32\CTSvcCDA.EXE
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\system32
vsvc32.exe
C:\Program Files\Arcadyan Wireless\pctwpasv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\MsPMSPSv.exe
c:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\wscntfy.exe
c:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymSCUI.exe
C:\WINDOWS\ehome\ehtray.exe
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\system32\hphmon06.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\keyhook.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\WINDOWS\system32\CTHELPER.EXE
C:\Program Files\Creative\SBAudigy2ZS\DVDAudio\CTDVDDet.EXE
C:\Program Files\Arcadyan Wireless\Configuration\SoftAp.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\WINDOWS\system32\ps2.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\PROGRA~1\HELPAN~1\Pavilion\XPEWWBF4\plugin\bin\pchbutton.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\Outlook Express\msimn.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\hijackthis\eden.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr?cobrand=hp-desktop.msn.com&ocid=HPDHP&pc=HPDTDF
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FR_FR&c=Q404&bd=pavilion&pf=desktop
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/webhp?sourceid=navclient&hl=fr&ie=UTF-8&rls=GGLD,GGLD:2005-24,GGLD:fr&gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FR_FR&c=Q404&bd=pavilion&pf=desktop
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://www.msn.com/fr-fr?cobrand=hp-desktop.msn.com&ocid=HPDHP&pc=HPDTDF
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O3 - Toolbar: Vue HP - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - c:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [HPHUPD06] c:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe
O4 - HKLM\..\Run: [HPHmon06] C:\WINDOWS\system32\hphmon06.exe
O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [SiS Windows KeyHook] C:\WINDOWS\system32\keyhook.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [CTDVDDET] C:\Program Files\Creative\SBAudigy2ZS\DVDAudio\CTDVDDet.EXE
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [SoftAP] C:\Program Files\Arcadyan Wireless\NetCfgWizard.exe /U
O4 - HKLM\..\Run: [Wireless SoftAP] "C:\Program Files\Arcadyan Wireless\Configuration\SoftAp.exe" /M
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [Resume copy] copyfstq.exe /startup
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [POINTER] point32.exe
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [Acme.PCHButton] C:\PROGRA~1\HELPAN~1\Pavilion\XPEWWBF4\plugin\bin\pchbutton.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\RunOnce: [SetDefaultMIDI] MIDIDEF.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SetDefaultMIDI] MIDIDEF.EXE (User 'Default user')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {E87F6C8E-16C0-11D3-BEF7-009027438003} (Persits Software XUpload) - https://tiragesphoto.fnac.com/
O17 - HKLM\System\CCS\Services\Tcpip\..\{8065FA02-E52A-443D-873E-58DEC07F2D81}: NameServer = 213.228.0.23,212.27.32.176
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTSvcCDA.EXE
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - c:\Program Files\Norton AntiVirus
avapsvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32
vsvc32.exe
O23 - Service: SoftAP WPA Authenticator Service (PCTWPASV) - PCTEL Inc. - C:\Program Files\Arcadyan Wireless\pctwpasv.exe
O23 - Service: SAVScan - Symantec Corporation - c:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe

jlpjlp · Answer

regarde dans poste de travail si presents:

C:\WINDOWS\AdobeR.exe 
 C:\WINDOWS\system32\printer.exe 
 C:\Program Files\VirusGarde\rtasks.exe 
C:\WINDOWS\system32\sulimo.dat 


______________


 colle le rapport d'un scan en ligne 
avec un des suivants: 


bitdefender en ligne : 
http://www.bitdefender.fr/scan_fr/scan8/ie.html 

Panda en ligne : 
http://pandasoftware.fr

secuser en ligne :
http://www.secuser.com/outils/antivirus.htm

scan en ligne firefox
	
https://www.trendmicro.com/fr_fr/business.html

________________

 
encore des pbs?

gringosky · Answer

Bonjour,

Pas de fichier aux 4 chemins d'accès mentionnés.
Rapport de scan Bitdefender ci dessous

BitDefender Online Scanner
  
  
 
Scan report generated at: Fri, Oct 19, 2007 - 10:51:35
 
 
  
  
 
Scan path: C:\;D:\;E:\;F:\;G:\;H:\;I:\;J:\;
  
  
 
 
  
  
 
Statistics
 
Time
 01:20:53
 
Files
 403583
 
Folders
 6966
 
Boot Sectors
 3
 
Archives
 33011
 
Packed Files
 24910
 
  
  
 
Results
 
Identified Viruses 
 2
 
Infected Files 
 2
 
Suspect Files 
 0
 
Warnings
 0
 
Disinfected
 0
 
Deleted Files
 2
 
  
  
 
Engines Info
 
Virus Definitions
 835200
 
Engine build
 AVCORE v1.0 (build 2422) (i386) (Sep 25 2007 08:26:36)
 
Scan plugins
 14
 
Archive plugins
 38
 
Unpack plugins
 7
 
E-mail plugins
 6
 
System plugins
 1
 
  
  
 
Scan Settings
 
First Action
 Disinfect
 
Second Action
 Delete
 
Heuristics
 Yes
 
Enable Warnings
 Yes
 
Scanned Extensions
 *;
 
Exclude Extensions
  
 
Scan Emails
 Yes
 
Scan Archives
 Yes
 
Scan Packed
 Yes
 
Scan Files
 Yes
 
Scan Boot
 Yes
 
  
  
 
  Scanned File
  Status
 
C:\Documents and Settings\HP_Administrateur\Bureau\Drivers\Flash_Disinfector.exe=>(RAR Sfx o)=>Flash_Disinfector.cmd
 Infected with: Trojan.Batc.Flashdis.A
 
C:\Documents and Settings\HP_Administrateur\Bureau\Drivers\Flash_Disinfector.exe=>(RAR Sfx o)=>Flash_Disinfector.cmd
 Disinfection failed
 
C:\Documents and Settings\HP_Administrateur\Bureau\Drivers\Flash_Disinfector.exe=>(RAR Sfx o)=>Flash_Disinfector.cmd
 Deleted
 
C:\Documents and Settings\HP_Administrateur\Bureau\Drivers\Flash_Disinfector.exe=>(RAR Sfx o)
 Update failed
 
C:\Program Files\Norton AntiVirus\Quarantine\284C2086=>(Quarantine-2)=>naked1.rtf.pif
 Infected with: Win32.Netsky.C@mm
 
C:\Program Files\Norton AntiVirus\Quarantine\284C2086=>(Quarantine-2)=>naked1.rtf.pif
 Deleted
 
C:\Program Files\Norton AntiVirus\Quarantine\284C2086=>(Quarantine-2)
 Updated
 
C:\Program Files\Norton AntiVirus\Quarantine\284C2086
 Update failed
 
BitDefender Online Scanner - Real Time Virus Report
  
  
 
Generated at: Fri, Oct 19, 2007 - 12:47:04
 

--------------------------------------------------------------------------------

 Scan Info
  
   
Scanned Files
 410631
 
Infected Files
 2
 
   
Virus Detected
    
Trojan.Batc.Flashdis.A
 1
 
Win32.Netsky.C@mm
 1

jlpjlp · Answer

C:\Documents and Settings\HP_Administrateur\Bureau\Drivers\Flash_Disinfector.exe=>(RAR Sfx o)=>Flash_Disinfector.cmd 

ca c'est logiciels que je t'ai fais installé que tu peux desinstaller

___________


et le reste est un virus qui est dejà en quarantiane dans norton:
supprime ce qui est en quarantaine dans norton

C:\Program Files\Norton AntiVirus\Quarantine\284C2086=>(Quarantine-2)=>naked1.rtf.pif
Infected with: Win32.Netsky.C@mm



bonne continuation

philippe · Answer

Bonjour, 
au secours, g le probleme decrit ci-dessus
la panique s'empare de moi
je perds plein de possibilité de mon pc
il est bourré de travail
aie
help

merci

jlpjlp · Answer

slt cré ton propre post, explique bien ton pb et colle un rapport hijackthis et smitfraudfix et on t'aidera mais fais pas ca dans d'autre post merci


colle un rapport hijackthis 
 
http://www.trendsecure.com/portal/en-US/tools/security_tools/hijackthis/download

manuel :

https://leblogdeclaude.blogspot.com/2006/10/informatique-section-hijackthis.html


Je conseille de renomer Hijackthis, pour contrer une éventuelle infection de Vundo. 

ex:Renomme le fichier HijackThis.exe en eden.exe pour cela, fais un clic droit sur le fichier HijackThis.exe et choisis renommer dans la liste 

Ensuite avec Explorer créer un dossier c:\hijackthis 
Décompresser Hijackthis dans ce dossier. 
C'est important pour les sauvegardes




_____________________

smit fraud fix (colle le rapport)

1/ telecharger :

http://siri.urz.free.fr/Fix/SmitfraudFix.php




2/ double clique sur smitfraudfix. puis sélectionne 1 et appuyer sur entrée afin de créer le rapport des infection présentes. une fois le rapport effectué redémarre en mode sans échec (en appuyant sur F8 ou suppr, ou F5 au démarrage en général)

Message: Warning! potential spyware operation - Page 2

Discussions similaires

Newsletters