Troyens en pagaille qui reviennent Résolu/Fermé

Question

Bonjour à tous et toutes, 

J'ai un souci avec mon ordi qui n'est pas trop gênant pour le moment mais on n'est jamais trop prudent... Je viens de réinstaller Windows Xp pack 1, ait téléchargé le pack 2, que j'ai ajouté. Mais depuis hier, quand j'ouvrais Explorer, il m'ouvrait des pages olé-olé en mettant une musique immonde que je ne pouvais pas couper, même en fermant les fenêtres. 

Ni une ni deux, je te télécharge AVG antispyware, Avast, Ad Aware, C Cleaner, Spybot et  je te lance tout le bouzin... Il me trouve des dizaines de troyens, que j'efface gentiment, mais d'autres reviennent sans arrêt... 

Quand je lance un scan rapide de AVG, pas de souci. Quand je lance un complet, il plante sur un dossier sans bouger, dossier qui se nomme "C:\System Volume Information	racking.log"
Ad-Aware a planté aussi, je ne sais pas où. 
Spybot ne trouve rien
C Cleaner a fait le ménage 12 fois
Avast a l'air crevé à force de tourner. 

Redémarrage après tout ça, Internet fonctionnait (MSN en ligne sans problèmes, mise à jour de Avast sans souci) mais impossible d'utiliser Explorer et Firefox, qui paraissaient ne pas trouver de pages. 
Redémarrage again, je retrouve mes navigateurs et je vais télécharger Hijackthis. Au bout de 10 secondes, le programme est téléchargé, je ferme la fenêtre et Firefox m'informe que ça interrompra le téléchargement, sauf que je ne téléchargeais plus rien...

Alors là, inquiétude, message sur le forum, mode panique et rapport Hijackthis que voici...

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 06:49:31, on 21/10/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\ATKKBService.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\System32
vsvc32.exe
C:\WINDOWS\System32	cpsvcs.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Alwil Software\Avast4\ashSimpl.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {7b98f4d3-ab63-4274-91b5-8396c5d90c6d} - C:\WINDOWS\system32\kbdlmn.dll (file missing)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: (no name) - {BACEB7AF-8D88-456E-82D0-7BEB9A4410FE} - (no file)
O2 - BHO: (no name) - {F855B6D4-839F-4140-8711-8C32EE0CF2F6} - (no file)
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [c456f9a5] rundll32.exe "C:\WINDOWS\awusqn.dll",b
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\RunServices: [msmss.exe] C:\WINDOWS\System32\winns.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\WINDOWS\system32\kbdlmn.dll (file missing)
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\WINDOWS\system32\kbdlmn.dll (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - https://www.touslesdrivers.com/index.php?v_page=29
O20 - AppInit_DLLs: c:\windows\system32\vtsttrp.dll
O20 - Winlogon Notify: kbdlmn - kbdlmn.dll (file missing)
O20 - Winlogon Notify: urqqoml - urqqoml.dll (file missing)
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - Unknown owner - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe (file missing)
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - Unknown owner - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe (file missing)
O23 - Service: AVG E-mail Scanner (AVGEMS) - Unknown owner - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe (file missing)
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Microsoft Agent - Unknown owner - C:\WINDOWS\System32\dllcache\frehost.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32
vsvc32.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

Le sioux · Answer

Bonjour Julien

Tu aurais du installer Avast avant d aller sur intenet !!  Bien qu avec Avast pas sur qu il aurait bloqué :

 Sache qu avec Avast, tu n es pas très bien protégé:

Comparatif avast VS Antivir :  http://forum.malekal.com/ftopic3528.php

Du coup tu es infecté par l adware Vundo, on va t en debarrasser :

Télécharge VundoFix.exe par Atribune  http://www.atribune.org/content/view/24/2/ sur ton Bureau.

    * Double-clique sur VundoFix.exe afin de le lancer
    * Clique sur le bouton Scan for Vundo
    * Lorsque le scan est terminé, clique sur le bouton Remove Vundo
    * Une invite te demandera si tu veux supprimer les fichiers, clique YES
    * Après avoir cliqué "Yes", le Bureau disparaîtra un moment lors de la suppression des fichiers
    * Tu verras une invite qui t'annonce que ton PC va redémarrer; clique sur  OK

     --> Copie/colle le contenu du rapport situé dans C:\vundofix.txt ainsi qu'un nouveau rapport HijackThis! dans ta prochaine réponse

Note: Il est possible que VundoFix soit confronté à un fichier qu'il ne peut supprimer. Si tel est le cas, l'outil se lancera au prochain redémarrage; il faut simplement suivre les instructions ci-haut, à partir de "clique sur le bouton Scan for Vundo".

@ suivre

Julien · Answer

Bien , merci mais... 

J'ai essayé 3 fois (avec rémarrage entre chaque), le logiciel ne trouve rien...

A toutes fins utiles, je copie-colle quand quand même les 2 rapports... 

Et le truc drôle là-dedans, c'est que j'ai été sur Internet sans antivirus uniquement pour chercher une update windows et un antivirus pour éviter ce genre de problèmes ! Si c'est pas fun ! 

Voilà les rapports : 

VundoFix V6.5.10

Checking Java version...

Scan started at 15:33:59 21/10/2007

Listing files found while scanning....

No infected files were found.

et Hijackthis : 

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:35:35, on 21/10/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\ATKKBService.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\System32
vsvc32.exe
C:\WINDOWS\System32	cpsvcs.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7b98f4d3-ab63-4274-91b5-8396c5d90c6d} - C:\WINDOWS\system32\kbdlmn.dll (file missing)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: (no name) - {BACEB7AF-8D88-456E-82D0-7BEB9A4410FE} - (no file)
O2 - BHO: (no name) - {F855B6D4-839F-4140-8711-8C32EE0CF2F6} - (no file)
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [c456f9a5] rundll32.exe "C:\WINDOWS\awusqn.dll",b
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\RunServices: [msmss.exe] C:\WINDOWS\System32\winns.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\kbdlmn.dll (file missing)
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\kbdlmn.dll (file missing)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\WINDOWS\system32\kbdlmn.dll (file missing)
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\WINDOWS\system32\kbdlmn.dll (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - https://www.touslesdrivers.com/index.php?v_page=29
O20 - AppInit_DLLs: c:\windows\system32\vtsttrp.dll
O20 - Winlogon Notify: kbdlmn - kbdlmn.dll (file missing)
O20 - Winlogon Notify: urqqoml - urqqoml.dll (file missing)
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - Unknown owner - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe (file missing)
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - Unknown owner - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe (file missing)
O23 - Service: AVG E-mail Scanner (AVGEMS) - Unknown owner - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe (file missing)
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Microsoft Agent - Unknown owner - C:\WINDOWS\System32\dllcache\frehost.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32
vsvc32.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

Julien · Answer

En farfouillant un peu sur le forum, j'ai aussi trouvé un truc qui s'appelle Virtumundobegone, que j'ai aussi utilisé... Je colle aussi les rapports, puisque j'ai refait un hijackthis...

Merci à celui qui pourra m'aider pour l'étape suivante...

Le rapport VBG : 

[10/21/2007, 16:05:28] - VirtumundoBeGone v1.5 ( "C:\Documents and Settings\Julien\Bureau\VirtumundoBeGone.exe" )
[10/21/2007, 16:05:35] - Detected System Information:
[10/21/2007, 16:05:35] -  Windows Version: 5.1.2600, Service Pack 2
[10/21/2007, 16:05:35] -  Current Username: Julien (Admin)
[10/21/2007, 16:05:35] -  Windows is in NORMAL mode.
[10/21/2007, 16:05:35] - Searching for Browser Helper Objects:
[10/21/2007, 16:05:35] -  BHO 1: {53707962-6F74-2D53-2644-206D7942484F} (Spybot-S&D IE Protection)
[10/21/2007, 16:05:35] -  BHO 2: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (SSVHelper Class)
[10/21/2007, 16:05:35] -  BHO 3: {7b98f4d3-ab63-4274-91b5-8396c5d90c6d} ()
[10/21/2007, 16:05:35] - WARNING: BHO has no default name. Checking for Winlogon reference.
[10/21/2007, 16:05:35] -  Checking for HKLM\...\Winlogon\Notify\kbdlmn
[10/21/2007, 16:05:35] -  Found: HKLM\...\Winlogon\Notify\kbdlmn - This is probably Virtumundo.
[10/21/2007, 16:05:35] -  Assigning {7b98f4d3-ab63-4274-91b5-8396c5d90c6d} MSEvents Object
[10/21/2007, 16:05:35] - BHO list has been changed! Starting over...
[10/21/2007, 16:05:35] -  BHO 1: {53707962-6F74-2D53-2644-206D7942484F} (Spybot-S&D IE Protection)
[10/21/2007, 16:05:35] -  BHO 2: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (SSVHelper Class)
[10/21/2007, 16:05:35] -  BHO 3: {7b98f4d3-ab63-4274-91b5-8396c5d90c6d} (MSEvents Object)
[10/21/2007, 16:05:35] - ALERT: Found MSEvents Object!
[10/21/2007, 16:05:35] -  BHO 4: {7E853D72-626A-48EC-A868-BA8D5E23E045} ()
[10/21/2007, 16:05:35] - WARNING: BHO has no default name. Checking for Winlogon reference.
[10/21/2007, 16:05:35] -  No filename found. Continuing.
[10/21/2007, 16:05:35] -  BHO 5: {BACEB7AF-8D88-456E-82D0-7BEB9A4410FE} ()
[10/21/2007, 16:05:35] - WARNING: BHO has no default name. Checking for Winlogon reference.
[10/21/2007, 16:05:35] -  No filename found. Continuing.
[10/21/2007, 16:05:35] -  BHO 6: {F855B6D4-839F-4140-8711-8C32EE0CF2F6} ()
[10/21/2007, 16:05:36] - WARNING: BHO has no default name. Checking for Winlogon reference.
[10/21/2007, 16:05:36] -  No filename found. Continuing.
[10/21/2007, 16:05:36] - Finished Searching Browser Helper Objects
[10/21/2007, 16:05:36] - *** Detected MSEvents Object
[10/21/2007, 16:05:36] - Trying to remove MSEvents Object...
[10/21/2007, 16:05:37] -    Terminating Process: IEXPLORE.EXE
[10/21/2007, 16:05:37] -    Terminating Process: RUNDLL32.EXE
[10/21/2007, 16:05:37] -    Disabling Automatic Shell Restart
[10/21/2007, 16:05:37] -    Terminating Process: EXPLORER.EXE
[10/21/2007, 16:05:37] -    Suspending the NT Session Manager System Service
[10/21/2007, 16:05:37] -    Terminating Windows NT Logon/Logoff Manager
[10/21/2007, 16:05:38] -    Re-enabling Automatic Shell Restart
[10/21/2007, 16:05:38] -   File to disable: C:\WINDOWS\system32\kbdlmn.dll
[10/21/2007, 16:05:38] -   Removing HKLM\...\Browser Helper Objects\{7b98f4d3-ab63-4274-91b5-8396c5d90c6d}
[10/21/2007, 16:05:38] -   Removing HKCR\CLSID\{7b98f4d3-ab63-4274-91b5-8396c5d90c6d}
[10/21/2007, 16:05:38] -   Adding Kill Bit for ActiveX for GUID: {7b98f4d3-ab63-4274-91b5-8396c5d90c6d}
[10/21/2007, 16:05:38] -   Deleting ATLEvents/MSEvents Registry entries
[10/21/2007, 16:05:38] -   Removing HKLM\...\Winlogon\Notify\kbdlmn
[10/21/2007, 16:05:38] - Searching for Browser Helper Objects:
[10/21/2007, 16:05:38] -  BHO 1: {53707962-6F74-2D53-2644-206D7942484F} (Spybot-S&D IE Protection)
[10/21/2007, 16:05:38] -  BHO 2: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (SSVHelper Class)
[10/21/2007, 16:05:38] -  BHO 3: {7E853D72-626A-48EC-A868-BA8D5E23E045} ()
[10/21/2007, 16:05:38] - WARNING: BHO has no default name. Checking for Winlogon reference.
[10/21/2007, 16:05:38] -  No filename found. Continuing.
[10/21/2007, 16:05:38] -  BHO 4: {BACEB7AF-8D88-456E-82D0-7BEB9A4410FE} ()
[10/21/2007, 16:05:38] - WARNING: BHO has no default name. Checking for Winlogon reference.
[10/21/2007, 16:05:38] -  No filename found. Continuing.
[10/21/2007, 16:05:38] -  BHO 5: {F855B6D4-839F-4140-8711-8C32EE0CF2F6} ()
[10/21/2007, 16:05:38] - WARNING: BHO has no default name. Checking for Winlogon reference.
[10/21/2007, 16:05:38] -  No filename found. Continuing.
[10/21/2007, 16:05:38] - Finished Searching Browser Helper Objects
[10/21/2007, 16:05:38] - Finishing up...
[10/21/2007, 16:05:38] - A restart is needed.
[10/21/2007, 16:05:46] - Attempting to Restart via STOP error (Blue Screen!)


Le nouveau rapport Hijackthis : 

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:09:14, on 21/10/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\savedump.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\ATKKBService.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\System32
vsvc32.exe
C:\WINDOWS\System32	cpsvcs.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: (no name) - {BACEB7AF-8D88-456E-82D0-7BEB9A4410FE} - (no file)
O2 - BHO: (no name) - {F855B6D4-839F-4140-8711-8C32EE0CF2F6} - (no file)
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [c456f9a5] rundll32.exe "C:\WINDOWS\awusqn.dll",b
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\RunServices: [msmss.exe] C:\WINDOWS\System32\winns.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\kbdlmn.dll (file missing)
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\kbdlmn.dll (file missing)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\WINDOWS\system32\kbdlmn.dll (file missing)
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\WINDOWS\system32\kbdlmn.dll (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - https://www.touslesdrivers.com/index.php?v_page=29
O20 - AppInit_DLLs: c:\windows\system32\vtsttrp.dll
O20 - Winlogon Notify: urqqoml - urqqoml.dll (file missing)
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - Unknown owner - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe (file missing)
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - Unknown owner - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe (file missing)
O23 - Service: AVG E-mail Scanner (AVGEMS) - Unknown owner - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe (file missing)
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Microsoft Agent - Unknown owner - C:\WINDOWS\System32\dllcache\frehost.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32
vsvc32.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

Julien · Answer

Voudrait pas insister les gars, mais y'a t'y personne qui pourrait m'aider ? :) 

Parce que j'ai comme l'impression que j'en suis pas sorti, et je n'ose rien toucher dans hijackthis une fois les rapports faits...

Merci beaucoup

Le sioux · Answer

Bonsoir Julien

Ba , désolé , mais je suis pas toujours scotché a l écran de mon pc.. j ai dormi toute la journée..

Je regarde tes rapports et on voit ce que l on peut faire.

@+

Julien · Answer

Merci, j'attends de tes nouvelles... 
Et moi qui croyais que les sioux ne dormaient que d'un oeil... :)

Le sioux · Answer

Rebonsoir

Tu as deux antivirus resident sur ton pc avg7 et avast, desintalle en un des deux.

Ne confond pas avec avg antispyware7.5

Puis reposte un log et on voit pour la suite apres.

@+

Julien · Answer

Re aussi, 

bizarre, ça... Quand ça a commencé hier, j'avais en effet AVG et je l'ai donc désinstallé et mis Avast à la place pour voir si ça marchait mieux... 

Maintenant, AVG a planté pendant la désinstall, ceci expliquant peut-être cela... J'ai dû réssayer plusieurs fois avant qu'il ne l'enlève, et je ne suis pas sûr qu'il ne reste pas de traces quelque part, j'avoue.

J'ai quand même vérifié à l'instant avec Ccleaner, Tune Up Uninstall Manager et l'ajout/suppresion de programmes de Windows, pas de trace de AVG antivirus... 

A toutes fins utiles, je te remets un rapport hijackthis ci-après. 

Merci encore pour le coup de main ! 

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:21:06, on 21/10/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\ATKKBService.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\System32
vsvc32.exe
C:\WINDOWS\System32	cpsvcs.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\System32\msiexec.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.01net.com/telecharger/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.01net.com/telecharger/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.01net.com/telecharger/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: (no name) - {BACEB7AF-8D88-456E-82D0-7BEB9A4410FE} - (no file)
O2 - BHO: (no name) - {F855B6D4-839F-4140-8711-8C32EE0CF2F6} - (no file)
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [c456f9a5] rundll32.exe "C:\WINDOWS\awusqn.dll",b
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe
O4 - HKLM\..\RunServices: [msmss.exe] C:\WINDOWS\System32\winns.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: http://www.secuser.com
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - https://www.trendmicro.com/en_us/forHome/products/housecall.html
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - https://www.touslesdrivers.com/index.php?v_page=29
O20 - AppInit_DLLs: c:\windows\system32\vtsttrp.dll
O20 - Winlogon Notify: urqqoml - urqqoml.dll (file missing)
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - Unknown owner - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe (file missing)
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - Unknown owner - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe (file missing)
O23 - Service: AVG E-mail Scanner (AVGEMS) - Unknown owner - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe (file missing)
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Microsoft Agent - Unknown owner - C:\WINDOWS\System32\dllcache\frehost.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32
vsvc32.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

Le sioux · Answer

Re

Demarer / executer / tapes services.msc puis cherche 

AVG7 Update Service (Avg7UpdSvc)
 clique droit sur la ligne; puis propriétés et a type d affichage mets desactivé puis valide  par appliquer puis ok 

Fais de meme avec 

 AVG E-mail Scanner (AVGEMS)

Redemarre ton pc et reposte un nouvel hijackthis.Ensuite on passe a l action ;-)

@+

Julien · Answer

sitôt dit, sitôt (presque) fait ! 

J'ai fait ce que tu as dit, j'ai aussi désactivé un troisième truc, AVG7 Alert Manager Server, qui avait l'air d'être très copains avec les autres... J'ai bien fait ? 

Voilà le log : 

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:53:46, on 21/10/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\ATKKBService.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\System32
vsvc32.exe
C:\WINDOWS\System32	cpsvcs.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.01net.com/telecharger/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.01net.com/telecharger/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.01net.com/telecharger/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: (no name) - {BACEB7AF-8D88-456E-82D0-7BEB9A4410FE} - (no file)
O2 - BHO: (no name) - {F855B6D4-839F-4140-8711-8C32EE0CF2F6} - (no file)
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [c456f9a5] rundll32.exe "C:\WINDOWS\awusqn.dll",b
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe
O4 - HKLM\..\RunServices: [msmss.exe] C:\WINDOWS\System32\winns.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: http://www.secuser.com
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - https://www.trendmicro.com/en_us/forHome/products/housecall.html
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - https://www.touslesdrivers.com/index.php?v_page=29
O20 - AppInit_DLLs: c:\windows\system32\vtsttrp.dll
O20 - Winlogon Notify: urqqoml - urqqoml.dll (file missing)
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Microsoft Agent - Unknown owner - C:\WINDOWS\System32\dllcache\frehost.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32
vsvc32.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

Le sioux · Answer

Re

J'ai fait ce que tu as dit, j'ai aussi désactivé un troisième truc, AVG7 Alert Manager Server, qui avait l'air d'être très copains avec les autres... J'ai bien fait ?  

 oui bien joué

 Je regarde ton log de plus pret et je te dis quoi faire pour commencer.

@+

Le sioux · Answer

Re

Tout d abord on va eviter qu msn et skype ne se lancent inutilement au demarrage du pc 

Lance msn /outils /options /onglet general / decoche "executer messenger automatiquement a l ouverture de Windows" puis appliquer et ok.
Lance skype et decoche "lancer skype au demarrage de Windows".

Puis , on attaque les choses serieuses 

Je te conseille d'enregistrer la page en sélectionnant toutes les lignes puis de copier cette sélection dans un fichier texte sur ton PC pour pouvoir appliquer la procedure correctement.
(Note: tu n'auras pas accès à Internet à partir du moment ou te redemarrera en mode sans echec)
Il faut exécuter toutes les étapes, sans interruption, dans l'ordre exact indiqué ci-dessous.
Si un élément te paraît obscur, demande des explications avant de commencer la désinfection

1)  OTMoveIt (de Old_Timer)

Télécharge  OTMoveIt (de Old_Timer) sur ton Bureau.

  http://download.bleepingcomputer.com/oldtimer/OTMoveIt.exe

N y touche pas pour l instant.

2) Lance HijackThis.

Ferme toutes les autres fenêtres, tous les autres programmes .Pas de connexion Internet.

Clique surDo a system scan only et coche les lignes suivantes, Clique sur Fix Checked puis clique sur OK


R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
O2 - BHO: (no name) - {BACEB7AF-8D88-456E-82D0-7BEB9A4410FE} - (no file)
O2 - BHO: (no name) - {F855B6D4-839F-4140-8711-8C32EE0CF2F6} - (no file)
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\RunServices: [msmss.exe] C:\WINDOWS\System32\winns.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE

3) OTMoveIt.exe 

Double clique  sur OTMoveIt.exe pour le lancer.
copie la liste qui se trouve en citation ci-dessous,
et colle-la dans le cadre de gauche de OTMoveIt :
Paste List of Files/Folders to be moved.

C:\WINDOWS\System32\winns.exe

Clique sur MoveIt! pour lancer la suppression.
le résultat apparaitra dans le cadre Results.
clique sur Exit pour fermer.
poste le rapport situé dans C:\_OTMoveIt\MovedFiles.

il te sera peut-être demander de redémarrer le pc pour achever la suppression.
si c'est le cas accepte par Yes. 

4) Rapports

Redemarre ton pc en mode normal..

Poste un nouvel HijackThis ainsi que le rapport d OTMoveIt.

Bon courage, @+

Julien · Answer

Ok, je me lance de suite. Pour msn, c'est fait, pour skype, je l'ai pas, ça m'étonne qu'il se lance ! :) Tout ça a l'air très clair, je te remercie. Je fais tout ça et je te poste le résultat. 

Merci encore (oui, ben on le dit jamais assez !)

Le sioux · Answer

Re

Ok, pour skype c est dans un copier/coller tout pres j ai oublié de l enlever lol  excuse.

@+

Julien · Answer

ok pour skype, ça paraît plus logique ! :)

Alors, j'ai tout fait comme indiqué à 2 choses près. Les lignes suivantes ne sont pas apparues en mode sans échec dans Hijackthis, je n'ai donc pas pu les cocher : 

O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background 
et
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL') 

Pour le reste, j'ai tout fait. Le PC n'a pas demandé de redémarrage. 

Voilà le rapport OTmove it : 

C:\WINDOWS\System32\winns.exe moved successfully.
 
Created on 10/22/2007 01:03:15

et le dernier log hijack : 

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 01:10:38, on 22/10/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\ATKKBService.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\System32
vsvc32.exe
C:\WINDOWS\System32	cpsvcs.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.01net.com/telecharger/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.01net.com/telecharger/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.01net.com/telecharger/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [c456f9a5] rundll32.exe "C:\WINDOWS\awusqn.dll",b
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user')
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: http://www.secuser.com
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - https://www.trendmicro.com/en_us/forHome/products/housecall.html
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - https://www.touslesdrivers.com/index.php?v_page=29
O20 - AppInit_DLLs: c:\windows\system32\vtsttrp.dll
O20 - Winlogon Notify: urqqoml - urqqoml.dll (file missing)
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Microsoft Agent - Unknown owner - C:\WINDOWS\System32\dllcache\frehost.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32
vsvc32.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

Le sioux · Answer

Re

Ok, bien joué , on continue

    Télécharge Combofix.exe d' sUBs sur ton Bureau

    http://download.bleepingcomputer.com/sUBs/ComboFix.exe

    Double clique combofix.exe et suis les invites.

    Lorsque le scan sera complété, un rapport apparaîtra.

    Copie/colle ce rapport dans ta prochaine réponse avec un nouveau HijackThis.

@+

Julien · Answer

Pas de souci, j'aurais trouvé ça tout seul, tu peux y aller ! lol S'il y a encore des étapes, dis-le moi, mais si ça prend du temps, faudra que je pense à aller me coucher, moi, ça bosse demain ! :) Je checke notre discussion dans 5 minutes et sinon, je regarde demain soir en rentrant. Quoiqu'il en soit, heureusement que t'es là, parce que pour le coup je fais plein de trucs que je ne pige pas du tout ! Une bonne soirée / nuit. le log Combofix : ComboFix 07-10-20.6 - Julien 2007-10-22 1:23:03.1 - NTFSx86 Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.1665 [GMT 2:00] Running from: C:\Documents and Settings\Julien\Bureau\ComboFix.exe * Created a new restore point . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . C:\Documents and Settings\Julien\Application Data mp23.tmp.exe C:\Documents and Settings\Julien\Application Data mp23.tmp.exe C:\Documents and Settings\Julien\Application Data mp26.tmp.exe C:\Documents and Settings\Julien\Application Data mp26.tmp.exe C:\Documents and Settings\Julien\Application Data mp2A.tmp.exe C:\Documents and Settings\Julien\Application Data mp2A.tmp.exe C:\Documents and Settings\Julien\Application Data mp2D.tmp.exe C:\Documents and Settings\Julien\Application Data mp2D.tmp.exe C:\Documents and Settings\Julien\Application Data mp6.tmp.exe C:\Documents and Settings\Julien\Application Data mp6.tmp.exe C:\Documents and Settings\Julien\Application Data mp9.tmp.exe C:\Documents and Settings\Julien\Application Data mp9.tmp.exe C:\Documents and Settings\Julien\Application Data mpA72.tmp.exe C:\Documents and Settings\Julien\Application Data mpA72.tmp.exe C:\Documents and Settings\Julien\Application Data mpA75.tmp.exe C:\Documents and Settings\Julien\Application Data mpA75.tmp.exe C:\WINDOWS\cookies.ini . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\LEGACY_DOMAINSERVICE -------\LEGACY_IPRIP -------\Iprip ((((((((((((((((((((((((((((( Fichiers créés 2007-09-21 to 2007-10-21 )))))))))))))))))))))))))))))))))))) . 2007-10-22 01:21 51,200 --a------ C:\WINDOWS\NirCmd.exe 2007-10-21 20:37 d-------- C:\WINDOWS eport 2007-10-21 20:37 d-------- C:\WINDOWS\AU_Backup 2007-10-21 20:37 1,163,344 --a------ C:\WINDOWS\vsapi32.dll 2007-10-21 20:37 267,845 --a------ C:\WINDOWS sc.exe 2007-10-21 20:37 86,094 --a------ C:\WINDOWS\BPMNT.dll 2007-10-21 20:37 71,749 --a------ C:\WINDOWS\hcextoutput.dll 2007-10-21 20:36 d-------- C:\WINDOWS\AU_Temp 2007-10-21 20:36 d-------- C:\WINDOWS\AU_Log 2007-10-21 20:36 507,904 --a------ C:\WINDOWS\TMUPDATE.DLL 2007-10-21 20:36 286,720 --a------ C:\WINDOWS\PATCH.EXE 2007-10-21 20:36 69,689 --a------ C:\WINDOWS\UNZIP.DLL 2007-10-21 20:27 d--h----- C:\WINDOWS\msdownld.tmp 2007-10-21 20:26 d-------- C:\WINDOWS\system32\fr-fr 2007-10-21 20:22 33,792 --a--c--- C:\WINDOWS\system32\dllcache\custsat.dll 2007-10-21 20:09 d-------- C:\VundoFix Backups 2007-10-21 16:30 d-------- C:\Documents and Settings\Julien\Application Data\vlc 2007-10-21 16:29 d-------- C:\Program Files\VideoLAN 2007-10-21 15:59 d-------- C:\Program Files\hp deskjet 840c series 2007-10-21 15:59 d-------- C:\Program Files\Hewlett-Packard 2007-10-21 15:26 d-------- C:\WINDOWS\Sun 2007-10-21 15:25 d-------- C:\Program Files\Java 2007-10-21 15:25 d-------- C:\Program Files\Fichiers communs\Java 2007-10-21 06:36 d-------- C:\Program Files\Trend Micro 2007-10-21 06:27 d-------- C:\Program Files\Lavasoft 2007-10-21 06:27 d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft 2007-10-21 04:51 95,608 --a------ C:\WINDOWS\system32\AvastSS.scr 2007-10-21 04:51 94,416 --a------ C:\WINDOWS\system32\drivers\aswmon2.sys 2007-10-21 04:51 92,848 --a------ C:\WINDOWS\system32\drivers\aswmon.sys 2007-10-21 04:51 42,912 --a------ C:\WINDOWS\system32\drivers\aswTdi.sys 2007-10-21 04:51 26,624 --a------ C:\WINDOWS\system32\drivers\aavmker4.sys 2007-10-21 04:51 23,152 --a------ C:\WINDOWS\system32\drivers\aswRdr.sys 2007-10-21 04:50 801,144 --a------ C:\WINDOWS\system32\aswBoot.exe 2007-10-21 03:50 d-------- C:\Program Files\Alwil Software 2007-10-21 03:50 1,060,864 --a------ C:\WINDOWS\system32\MFC71.dll 2007-10-21 03:24 85,056 --a------ C:\WINDOWS\awusqn.dll 2007-10-20 12:19 d-------- C:\WINDOWS\ShellNew 2007-10-20 02:44 d-------- C:\Documents and Settings\Julien\Application Data\Apple Computer 2007-10-20 02:43 d-------- C:\Program Files\QuickTime 2007-10-20 02:43 d-------- C:\Program Files\iTunes 2007-10-20 02:43 d-------- C:\Program Files\iPod 2007-10-20 02:43 d-------- C:\Program Files\Apple Software Update 2007-10-20 02:43 d-------- C:\Documents and Settings\All Users\Application Data\Apple Computer 2007-10-20 02:42 d-------- C:\Program Files\Fichiers communs\Apple 2007-10-20 02:42 d-------- C:\Documents and Settings\All Users\Application Data\Apple 2007-10-20 02:40 d-------- C:\Program Files\QuickZip4 2007-10-20 02:25 d-------- C:\Program Files\Azureus 2007-10-20 02:06 d-------- C:\Program Files\eMule 2007-10-20 01:55 d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy 2007-10-20 01:49 d-------- C:\Program Files\Winamp 2007-10-20 01:49 d-------- C:\Documents and Settings\Julien\Application Data\Winamp 2007-10-20 01:44 d-------- C:\Program Files\TuneUp Utilities 2007 2007-10-20 01:44 d-------- C:\Documents and Settings\Julien\Application Data\TuneUp Software 2007-10-20 01:44 d-------- C:\Documents and Settings\All Users\Application Data\TuneUp Software 2007-10-20 01:44 29,704 --a------ C:\WINDOWS\system32\uxtuneup.dll 2007-10-20 01:43 d-------- C:\Program Files\Fichiers communs\Wise Installation Wizard 2007-10-20 01:42 d-------- C:\Program Files\CCleaner 2007-10-20 01:37 d-------- C:\Documents and Settings\Julien\Application Data\Grisoft 2007-10-20 01:37 10,872 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys 2007-10-20 01:32 d-------- C:\Documents and Settings\Julien\Contacts 2007-10-20 01:31 d----c--- C:\WINDOWS\system32\DRVSTORE 2007-10-20 01:31 d-------- C:\Program Files\MSN Messenger 2007-10-19 21:03 1,277 --a------ C:\WINDOWS\mozver.dat 2007-10-19 20:32 d-------- C:\WINDOWS\system32\Lang 2007-10-19 20:32 d-------- C:\Documents and Settings\LocalService\Menu D‚marrer 2007-10-19 20:28 d-------- C:\Documents and Settings\All Users\Application Data\MailFrontier 2007-10-19 20:28 75,932 --a------ C:\WINDOWS\system32\drivers\klick.dat 2007-10-19 20:28 75,248 --a------ C:\WINDOWS\zllsputility.exe 2007-10-19 20:28 74,396 --a------ C:\WINDOWS\system32\drivers\klin.dat 2007-10-19 20:28 54,672 --a------ C:\WINDOWS\system32\vsutil_loc040c.dll 2007-10-19 20:28 42,384 --a------ C:\WINDOWS\zllsputility_loc040c.dll 2007-10-19 20:28 21,904 --a------ C:\WINDOWS\system32\imsinstall_loc040c.dll 2007-10-19 20:28 17,808 --a------ C:\WINDOWS\system32\imslsp_install_loc040c.dll 2007-10-19 20:28 11,264 --a------ C:\WINDOWS\system32\SpOrder.dll 2007-10-19 20:28 4,212 ---h----- C:\WINDOWS\system32\zllictbl.dat 2007-10-19 20:26 d-------- C:\WINDOWS\Internet Logs 2007-10-19 20:24 d-------- C:\WINDOWS\IIS Temporary Compressed Files 2007-10-19 20:18 0 --a------ C:\WINDOWS sreg.dat 2007-10-19 20:11 d-------- C:\WINDOWS\pss 2007-10-19 20:11 551,984 ---hs---- C:\WINDOWS\system32\gjkmp.bak2 2007-10-19 20:11 32,664 --a------ C:\WINDOWS\system32 skmgr.exe 2007-10-19 20:10 1,635 --a------ C:\WINDOWS\system32\ozef.exe 2007-10-19 20:03 550,985 ---hs---- C:\WINDOWS\system32\gjkmp.bak1 2007-10-19 20:01 d-------- C:\WINDOWS\ServicePackFiles 2007-10-19 20:00 549,720 --a------ C:\WINDOWS\system32\wuapi.dll 2007-10-19 20:00 351,232 --a------ C:\WINDOWS\system32\winhttp.dll 2007-10-19 20:00 325,976 --a------ C:\WINDOWS\system32\wucltui.dll 2007-10-19 20:00 43,352 --a------ C:\WINDOWS\system32\wups2.dll 2007-10-19 20:00 33,624 --a------ C:\WINDOWS\system32\wups.dll . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2007-10-21 23:25 5,077,024 --sha-w C:\WINDOWS\system32\drivers\fidbox.dat 2007-10-21 23:25 44,156 --sha-w C:\WINDOWS\system32\drivers\fidbox.idx 2007-10-21 04:35 9,344 ----a-w C:\WINDOWS\system32\drivers\NSDriver.sys 2007-10-21 04:35 8,320 ----a-w C:\WINDOWS\system32\drivers\AWRTRD.sys 2007-10-21 02:01 --------- d-----w C:\Documents and Settings\All Users\Application Data\avg7 2007-10-21 01:07 --------- d-----w C:\Documents and Settings\Julien\Application Data\AVG7 2007-10-19 23:37 --------- d-----w C:\Documents and Settings\All Users\Application Data\Grisoft 2007-10-19 18:01 --------- d-----w C:\Documents and Settings\Julien\Application Data\ma-config.com 2007-10-19 17:57 --------- d-----w C:\Program Files\ASUSTeK 2007-10-19 17:55 274,425,064 ----a-w C:\WINDOWS\WindowsXP-KB835935-SP2-FRA.exe 2007-10-19 17:54 --------- d-----w C:\Program Files\ma-config.com 2007-10-19 17:54 --------- d-----w C:\Program Files\Fichiers communs\InstallShield 2007-10-19 17:50 --------- d-----w C:\Program Files\Intel 2007-10-19 17:45 --------- d-----w C:\Program Files\microsoft frontpage 2007-10-19 17:43 --------- d-----w C:\Program Files\Fichiers communs\MSSoap 2007-10-19 17:42 --------- d-----w C:\Program Files\Services en ligne 2007-10-19 17:31 13,824 ----a-w C: emovewga_removewga_1.2_anglais_21437.exe 2007-07-30 17:19 92,504 ----a-w C:\WINDOWS\system32\cdm.dll 2007-07-30 17:19 53,080 ----a-w C:\WINDOWS\system32\wuauclt.exe 2007-07-30 17:19 203,096 ----a-w C:\WINDOWS\system32\wuweb.dll 2007-07-30 17:19 1,712,984 ----a-w C:\WINDOWS\system32\wuaueng.dll 2007-03-19 19:04:13 550,985 --sh--w C:\WINDOWS\system32\gjkmp.bak1 . ((((((((((((((((((((((((((((((((( Point de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2005-12-14 08:51] "RTHDCPL"="RTHDCPL.EXE" [2006-06-28 08:54 C:\WINDOWS\RTHDCPL.exe] "ZoneAlarm Client"="C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" [2007-06-21 21:54] "!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 11:25] "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2007-09-26 14:42] "c456f9a5"="C:\WINDOWS\awusqn.dll" [2007-10-21 03:24] "avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-09-06 12:06] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11] "HPDJ Taskbar Utility"="C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe" [2001-11-15 19:05] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system] "DisableRegistryTools"=0 (0x0) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon otify\urqqoml] urqqoml.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "appinit_dlls"=c:\windows\system32\vtsttrp.dll [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Local Security Authority Service] C:\WINDOWS\System32\lssas.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msmss.exe] C:\WINDOWS\System32\winns.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg wiz] nwiz.exe /install [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spooler SubSystem App] C:\WINDOWS\System32\spooIsv.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Winamp Agent] C:\WINDOWS\System32\winamp.exe R2 UxTuneUp;TuneUp Extension de thème;C:\WINDOWS\System32\svchost.exe -k netsvcs S2 Microsoft Agent;Microsoft Agent;"C:\WINDOWS\System32\dllcache\frehost.exe" HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs UxTuneUp [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f690a679-7e9c-11dc-96f0-00138fd5f064}] Auto\command - F:\sxs.exe AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL sxs.exe . Contenu du dossier 'Scheduled Tasks/Tâches planifiées' "2007-10-20 00:43:09 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job" - C:\Program Files\Apple Software Update\SoftwareUpdate.exe "2007-10-19 23:44:33 C:\WINDOWS\Tasks\Maintenance en 1 clic.job" - C:\Program Files\TuneUp Utilities 2007\SystemOptimizer.exe . ************************************************************************** catchme 0.3.1232 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2007-10-22 01:25:52 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** . Completion time: 2007-10-22 1:27:56 - machine was rebooted . --- E O F --- Et le log hijackthis : Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 01:31:09, on 22/10/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16544) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\ZoneLabs\vsmon.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\RTHDCPL.EXE C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe C:\Program Files\iTunes\iTunesHelper.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\WINDOWS\ATKKBService.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\WINDOWS\System32 vsvc32.exe C:\WINDOWS\System32 cpsvcs.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\WINDOWS\system32\wscntfy.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\Program Files\iPod\bin\iPodService.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Winamp\winamp.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.01net.com/telecharger/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.01net.com/telecharger/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [c456f9a5] rundll32.exe "C:\WINDOWS\awusqn.dll",b O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user') O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O15 - Trusted Zone: http://www.secuser.com O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/... O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - https://www.trendmicro.com/en_us/forHome/products/housecall.html O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - https://www.touslesdrivers.com/index.php?v_page=29 O20 - AppInit_DLLs: c:\windows\system32\vtsttrp.dll O20 - Winlogon Notify: urqqoml - urqqoml.dll (file missing) O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Microsoft Agent - Unknown owner - C:\WINDOWS\System32\dllcache\frehost.exe (file missing) O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32 vsvc32.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

Le sioux · Answer

Re

Je vais regarder tout cela, j en ai pour un moment, surtout je suis avec un pote en ce moment, je vois cela des que possible  ;-)

Comment va le pc ?

@ suivre

Julien · Answer

Ok, ben prends ton temps et passe une bonne soirée alors ! :)

Je repasse voir ça demain soir après le taf

Le Pc a l'air en forme. J'ai refait pour voir un scan rapide AVG antispyware, première fois qu'il trouve pas quarante merdes d'un coup ! L'a même rien trouvé... On va dire que c'est bon signe ! 

pour la suite, je lance des scans complets demain histoire de voir si ça plantouille encore. Plus de signes de sites olé-olé et de musiques pourries non plus, sauf quand c'est moi qui les écoute ! ;-).
Ciao

Le sioux · Answer

Re

C est le moment de te faire lire ce qui suit, je ne t oblige a rien, mais regarde bien le lien de Malekal_Morte  ;-)

 Sache qu avec Avast, tu n es pas très bien protégé:

Comparatif avast VS Antivir :  http://forum.malekal.com/ftopic3528.php

------------------------------------------------------------------------------------------------------------------

Si tu te decides a installer Antivir, désinstalle avast d abord et fait ce qui suit :

------------------------------------------------------------------------------------------------------------------

1)Télécharge Avira antivir

-- Télécharge Avira antivir PersonalEdition Classic a partir de ce lien :
https://www.avira.com/  sur ton bureau.

2) Désinstallation d avast

Mets toi hors connexion , puis désinstalle Avast via démarrer /panneau de config/ ajout et suppression de programmes

3) Installe et paramètre puis mets a jour Antivir

Double clique sur son set up sur ton bureau pour lancer l’installation.

Paramètre le comme indiqué ici :
http://speedweb1.free.fr/frames2.php?page=tuto5
ou la : https://www.malekal.com/avira-free-security-antivirus-gratuit/

Effectue sa mise a jour puis ferme ce programme pour l’instant.

4) Redémarre en mode sans échec

Au redémarrage de l'ordinateur, une fois le chargement du BIOS terminé, il y a un écran noir qui apparaît rapidement, appuyer sur la touche [F8] (ou [F5] sur certains pc) jusqu'à l'affichage du menu des options avancées de Windows.
Sélectionner "Mode sans échec" et appuyer sur [Entrée]
Il te faudra choisir ta session habituelle, pas le compte "Administrateur" ou une autre.

Voir si besoin C) https://forum.pcastuces.com/sujet.asp?f=25&s=3902

5) Scan Antivirus et nettoyage avec Avira Antivir

Lance Avira antivir en faisant un click droit sur l’icône d’Antivir dans ta barre des taches en bas a droite puis « start Antivir »
Clique sur l’onglet « scanner » puis vérifie a RootKit search et Manuelle détection (en développant avec la petite croix devant chacun d'eux) que tous tes disques durs soient bien cochés, puis clique sur la loupe (en dessous de statut)
Une fenetre va s’ouvrir « Luke Filewalker » .. le scan va démarrer.
Mets tout ce qu il trouve en "quarantine"
Une fois le scan achevé, ferme les deux fenêtres d'Antivir et sauvegarde le rapport qui vient d'apparaître sur ton bureau..

6) Rapport

Redémarre en mode normal puis poste le rapport d'Antivir (que tu as sauvegardé sur ton bureau).

Tuto http://www.malekal.com/tutorial_antivir.html  et/ou  http://www.libellules.ch/tuto_antivir.php

@ suivre

Le sioux · Answer

Re

Je te conseille d'enregistrer la page en sélectionnant toutes les lignes puis de copier cette sélection dans un fichier texte sur ton PC pour pouvoir appliquer la procedure correctement.
(Note: tu n'auras pas accès à Internet à partir du moment ou te redemarrera en mode sans echec)
Il faut exécuter toutes les étapes, sans interruption, dans l'ordre exact indiqué ci-dessous.
Si un élément te paraît obscur, demande des explications avant de commencer la désinfection

1) Redémarre en mode sans échec

Au redémarrage de l'ordinateur, une fois le chargement du BIOS terminé, il y a un écran noir qui apparaît rapidement, appuyer sur la touche [F8]  (ou [F5]  sur certains pc) jusqu'à l'affichage du menu des options avancées de Windows.
Sélectionner "Mode sans échec" et appuyer sur  [Entrée] 
Il te faudra choisir ta session habituelle, pas le compte "Administrateur" ou une autre. 

2) Lance HijackThis.

Ferme toutes les autres fenêtres, tous les autres programmes .Pas de connexion Internet.

Clique surDo a system scan only et coche les lignes suivantes, Clique sur Fix Checked puis clique sur OK

O4 - HKLM\..\Run: [c456f9a5] rundll32.exe "C:\WINDOWS\awusqn.dll",b
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM')

3) OTMoveIt.exe 

Double clique  sur OTMoveIt.exe pour le lancer.
copie la liste qui se trouve en citation ci-dessous,
et colle-la dans le cadre de gauche de OTMoveIt :
Paste List of Files/Folders to be moved.

C:\windows\system32\vtsttrp.dll
C:\WINDOWS\awusqn.dll
C:\windows\system32\urqqoml.dll

Clique sur MoveIt! pour lancer la suppression.
le résultat apparaitra dans le cadre Results.
clique sur Exit pour fermer.
poste le rapport situé dans C:\_OTMoveIt\MovedFiles.

il te sera peut-être demander de redémarrer le pc pour achever la suppression.
si c'est le cas accepte par Yes. 

4) Rapports

Redemarre en mode normal puis poste un nouvel HijackThis et le rapport d OTMoveIt.

@+

Je dois examiner ton log combofix pour voir s il y a d autres fichiers malsains cachés a supprimer, je le ferais des que possible.

Julien · Answer

Bonsoir Le Sioux, 

Alors j'ai essayé à plusieurs reprises de télécharger Antivir, mais à chaque fois le téléchargement s'est interrompu... J'ai alors essayé de prendre un autre truc sur un autre site (Quicktime sur 01.net), même combat, le download ne s'effectue pas. Conclusion, je n'ai pas pu installé Antivir et faire la première partie de ton message... On va dire que je ne m'inquiète pas, tout baigne... :-) Mais ça ne me dit rien qui vaille quand même...

Par contre, j'ai fait la deuxième partie et résultat pour Hijackthis : 

Je n'ai pas trouvé la ligne 
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL') 
et n'ai donc pas pu la cocher
Quant à la ligne
O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM') 
elle n'existait pas non plus. Il y avait ça à la place, 
HKUS \.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM') 
qui était suffisamment ressemblante pour que je prenne le risque de la cocher quand même (en souhaitant quand même fort que je n'ai pas fait une bêtise...)

Sinon, voilà le log OTmoveit : 

File/Folder C:\windows\system32\vtsttrp.dll not found.
DllUnregisterServer procedure not found in C:\WINDOWS\awusqn.dll
C:\WINDOWS\awusqn.dll NOT unregistered.
C:\WINDOWS\awusqn.dll moved successfully.
File/Folder C:\windows\system32\urqqoml.dll not found.
 
Created on 10/23/2007 00:17:12

et le Hijackthis : 

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 00:28:36, on 23/10/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\ATKKBService.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\System32
vsvc32.exe
C:\WINDOWS\System32	cpsvcs.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.01net.com/telecharger/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.01net.com/telecharger/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SERVICE LOCAL')
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: http://www.secuser.com
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - https://www.trendmicro.com/en_us/forHome/products/housecall.html
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - https://www.touslesdrivers.com/index.php?v_page=29
O20 - AppInit_DLLs: c:\windows\system32\vtsttrp.dll
O20 - Winlogon Notify: urqqoml - urqqoml.dll (file missing)
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Microsoft Agent - Unknown owner - C:\WINDOWS\System32\dllcache\frehost.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32
vsvc32.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

Le sioux · Answer

Bonsoir Julien

On voit pour Antivir par la suite, pour le moment, je vais dans une prochaine procédure te faire nettoyer ce qui reste comme cochonneries.

Je te poste cela des que possible, je te fais attendre, mais j ai besoin dune confirmation pour cette procédure.

@ très bientôt.

Le sioux · Answer

Bonjour julien

J ai besoin d un autre rapport avant de finir le nettoyage :

Télécharge SREng par Smallfrogs de ce lien:

http://www.kztechs.com/eng/download.html

Extrais tout son contenu sur ton Bureau.

Du dossier sreng2 qui se trouve maintenant sur ton Bureau, double clique sur SREng.exe afin de lancer l'outil
Clique sur Smart Scan
Ensuite, clique sur le bouton [Scan]

Lorsque complété, clique sur le bouton [Save Reports]
Sauvegarde le rapport sur ton Bureau.

Copie/colle le contenu du fichier SREnglLOG.log dans ta prochaine réponse, s'il te plaît.

@+

Julien · Answer

Salut le Sioux, J'avais déjà posté un message mais y'a eu un léger problème de plantage, je recommence donc en espérant que ça fera pas de doublon ! Donc, faisons un résumé rapide : toujours impossible de télécharger un truc "lourd" mais j'ai pu prendre SREng, qui est trop léger pour ça ait eu le temps de planter. Antivir, ça veut toujours pas ! Avast, AVG et Ad-Aware se vautrent aussi dès que je tente un sacn complet et/ou minutieux. Les tracking cookies continuent d'affluer alors que je ne me connecte sur Internet quasiment que pour suivre notre conversation. Spybot repère Virtumonde, me dit qu'il corrige le problème mais à l'analyse suivante, le coco fort désagréable est revenu ! Bref, merci encore pour ton aide et pour t'en remercier, voilà le rapport le plus long du monder, celui de SREng que tu m'as demandé @+ Julien Rapport SREng : [CODE] 2007-10-24,20:29:11 System Repair Engineer 2.5.16.900 Smallfrogs (http://www.KZTechs.com) Windows XP Professional Service Pack 2 (Build 2600) - Administrative User - Completed Functions Allowed Follow item(s) have been choosed: All Boot Items (Including Registry, Startup Folders, Services and so on) Browser Add-ons Runing Processes (Including process model information) File Associations Winsock Provider Autorun.Inf HOSTS File Process Privileges Scan Boot Items Registry [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] [(Verified)Microsoft Windows Hardware Compatibility Publisher] [(Verified)Microsoft Windows Hardware Compatibility Publisher] <"C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"> [(Verified)Check Point Software Technologies Ltd.] <"C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized> [(Verified)GRISOFT LTD] <"C:\Program Files\iTunes\iTunesHelper.exe"> [(Verified)"Apple Computer, Inc."] [(Verified)ALWIL Software] <"C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"> [(Verified)"Sun Microsystems, Inc."] [(Verified)Microsoft Windows Hardware Compatibility Publisher, E=""] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] [(Verified)Microsoft Windows Publisher] [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] [N/A] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] <{57B86673-276A-48B2-BAE7-C6DBB3020EB8}> [(Verified)GRISOFT LTD] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\urqqoml] [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\<{12d0ed0d-0ee0-4f90-8827-78cefb8f4988}] [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}] <%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}] <%SystemRoot%\system32 egsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32 hemeui.dll> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}] <"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}] [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}] [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}] [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}] <"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] <; C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP> [N/A] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] <; C:\WINDOWS\System32\ctfmon.exe> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] <; C:\WINDOWS\System32\lssas.exe> [N/A] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] <; "C:\Program Files\Messenger\msmsgs.exe" /background> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] <; C:\WINDOWS\System32\winns.exe> [N/A] <; RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup> [(Verified)Microsoft Windows Hardware Compatibility Publisher] <; RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit> [(Verified)Microsoft Windows Hardware Compatibility Publisher] <; nwiz.exe /install> [] <; C:\WINDOWS\System32\spooIsv.exe> [N/A] <; C:\WINDOWS\System32\winamp.exe> [N/A] ================================== Startup Folders N/A ================================== Services [Ad-Aware 2007 Service / aawservice][Running/Auto Start] <"C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe"> [Apple Mobile Device / Apple Mobile Device][Running/Auto Start] <"C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe"> [avast! iAVS4 Control Service / aswUpdSv][Running/Auto Start] <"C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe"> [ATK Keyboard Service / ATKKeyboardService][Running/Auto Start] [avast! Antivirus / avast! Antivirus][Running/Auto Start] <"C:\Program Files\Alwil Software\Avast4\ashServ.exe"> [avast! Mail Scanner / avast! Mail Scanner][Running/Manual Start] <"C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service> [avast! Web Scanner / avast! Web Scanner][Running/Manual Start] <"C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service> [AVG Anti-Spyware Guard / AVG Anti-Spyware Guard][Running/Auto Start] [AVG7 Alert Manager Server / Avg7Alrt][Stopped/Disabled] [AVG7 Update Service / Avg7UpdSvc][Stopped/Disabled] [AVG E-mail Scanner / AVGEMS][Stopped/Disabled] [Accès du périphérique d'interface utilisateur / HidServ][Stopped/Disabled] %SystemRoot%\System32\hidserv.dll> [Service de l'iPod / iPod Service][Running/Manual Start] <"C:\Program Files\iPod\bin\iPodService.exe"> [Microsoft Agent / Microsoft Agent][Stopped/Auto Start] <"C:\WINDOWS\System32\dllcache\frehost.exe"> [NVIDIA Display Driver Service / NVSvc][Running/Auto Start] [TrueVector Internet Monitor / vsmon][Running/Auto Start] ================================== Drivers [Enhanced Display Driver Helper Service / asuskbnt][Running/System Start] [AVG Anti-Spyware Driver / AVG Anti-Spyware Driver][Running/System Start] <\??\C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.sys> [AVG7 Kernel / Avg7Core][Stopped/System Start] <\SystemRoot\System32\Drivers\avg7core.sys> [AVG7 Wrap Driver / Avg7RsW][Running/System Start] <\SystemRoot\System32\Drivers\avg7rsw.sys> [AVG7 Resident Driver XP / Avg7RsXP][Stopped/System Start] <\SystemRoot\System32\Drivers\avg7rsxp.sys> [AVG Anti-Spyware Clean Driver / AvgAsCln][Running/System Start] [AVG7 Clean Driver / AvgClean][Running/System Start] <\SystemRoot\System32\Drivers\avgclean.sys> [AVG Network Redirector / AvgTdi][Running/Auto Start] <\SystemRoot\System32\Drivers\avgtdi.sys> [catchme / catchme][Stopped/Manual Start] <\??\C:\DOCUME~1\Julien\LOCALS~1\Temp\catchme.sys> [driverhardwarev2 / driverhardwarev2][Stopped/Manual Start] <\??\C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys> [EIO / EIO][Running/Auto Start] <\??\C:\WINDOWS\system32\drivers\EIO.sys> [GEARAspiWDM / GEARAspiWDM][Running/Manual Start] [Microsoft UAA Bus Driver for High Definition Audio / HDAudBus][Running/Manual Start] [Service for Realtek HD Audio (WDM) / IntcAzAudAddService][Running/Manual Start] [kl1 / kl1][Running/Boot Start] <\SystemRoot\system32\DRIVERS\kl1.sys> [KLIF / KLIF][Running/System Start] [nv / nv][Running/Manual Start] [Pilote de liaison parallèle directe / Ptilink][Running/Manual Start] [PxHelp20 / PxHelp20][Running/Boot Start] <\SystemRoot\System32\Drivers\PxHelp20.sys> [Realtek 10/100/1000 NIC Family all in one NDIS XP Driver / RTL8023xp][Running/Manual Start] [Secdrv / Secdrv][Stopped/Manual Start] [srescan / srescan][Running/Boot Start] <\SystemRoot\system32\ZoneLabs\srescan.sys> [vsdatant / vsdatant][Running/System Start] ================================== Browser Add-ons [Spybot-S&D IE Protection] {53707962-6F74-2D53-2644-206D7942484F} [SSVHelper Class] {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} [Java Plug-in 1.6.0_03] {08B0E5C0-4FCB-11CF-AAA5-00401C608501} [Spybot-S&D IE Protection] {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} [] {e2e2dd38-d088-4134-82b7-f2ba38496583} <%windir%\Network Diagnostic\xpnetdiag.exe, N/A> [Messenger] {FB5F1910-F110-11d2-BB9E-00C04F795683} [WUWebControl Class] {6414512B-B978-451D-A0D8-FCFDF33E833C} [HouseCall Control] {74D05D43-3236-11D4-BDCD-00C04F9A3B61} [HardwareDetection Control] {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} [Java Plug-in 1.6.0_03] {8AD9C840-044E-11D1-B3E9-00805F499D93} [Java Plug-in 1.6.0_03] {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} [Java Plug-in 1.6.0_03] {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [Spybot-S&D IE Protection] {53707962-6F74-2D53-2644-206D7942484F} [WUWebControl Class] {6414512B-B978-451D-A0D8-FCFDF33E833C} [Windows Media Player] {6BF52A52-394A-11D3-B153-00C04F79FAA6} [HouseCall Control] {74D05D43-3236-11D4-BDCD-00C04F9A3B61} [SSVHelper Class] {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} [SearchAssistantOC] {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\System32\shdocvw.dll, N/A> [Shockwave Flash Object] {D27CDB6E-AE6D-11CF-96B8-444553540000} [E&xporter vers Microsoft Excel] ================================== Running Processes [PID: 720 / SYSTEM][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 780 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 804 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)] [PID: 848 / SYSTEM][C:\WINDOWS\system32\services.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 860 / SYSTEM][C:\WINDOWS\system32\lsass.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 1020 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 1096 / SERVICE RÉSEAU][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 1192 / SYSTEM][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [c:\windows\system32\uxtuneup.dll] [TuneUp Software GmbH, 2.0.0.8] [C:\WINDOWS\system32\Normaliz.dll] [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)] [C:\WINDOWS\system32\iertutil.dll] [Microsoft Corporation, 7.00.6000.16544 (vista_gdr.070814-1500)] [C:\WINDOWS\System32\wups2.dll] [Microsoft Corporation, 7.0.6000.381 (winmain(wmbla).070730-1740)] [PID: 1304 / SERVICE RÉSEAU][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 1392 / SERVICE LOCAL][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\Normaliz.dll] [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)] [C:\WINDOWS\system32\iertutil.dll] [Microsoft Corporation, 7.00.6000.16544 (vista_gdr.070814-1500)] [PID: 1636 / Julien][C:\WINDOWS\Explorer.EXE] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\Normaliz.dll] [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)] [C:\WINDOWS\system32\iertutil.dll] [Microsoft Corporation, 7.00.6000.16544 (vista_gdr.070814-1500)] [C:\WINDOWS\system32\ieframe.dll] [Microsoft Corporation, 7.00.6000.16544 (vista_gdr.070814-1500)] [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)] [C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\shellexecutehook.dll] [GRISOFT s.r.o., 7, 5, 1, 36] [PID: 1900 / SYSTEM][C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe] [Lavasoft AB, 7, 0, 2, 3] [C:\Program Files\Lavasoft\Ad-Aware 2007\CEAPI.dll] [Lavasoft AB, 7, 0, 2, 3] [C:\Program Files\Lavasoft\Ad-Aware 2007\PKArchive84cb.dll] [PKWARE, Inc., 8.4.219.0] [C:\WINDOWS\system32\Normaliz.dll] [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)] [C:\WINDOWS\system32\iertutil.dll] [Microsoft Corporation, 7.00.6000.16544 (vista_gdr.070814-1500)] [C:\Program Files\Lavasoft\Ad-Aware 2007\Update.dll] [, 7, 0, 1, 3] [PID: 1964 / SYSTEM][C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe] [ALWIL Software, 4, 7, 1043, 0] [C:\Program Files\Alwil Software\Avast4\aswCmnS.dll] [ALWIL Software, 4, 7, 1043, 0] [C:\Program Files\Alwil Software\Avast4\aswCmnOS.dll] [ALWIL Software, 4, 7, 1043, 0] [C:\WINDOWS\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0] [C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4] [C:\Program Files\Alwil Software\Avast4\aswCmnB.dll] [ALWIL Software, 4, 7, 1043, 0] [PID: 160 / SYSTEM][C:\Program Files\Alwil Software\Avast4\ashServ.exe] [ALWIL Software, 4, 7, 1043, 0] [C:\Program Files\Alwil Software\Avast4\aswAux.dll] [ALWIL Software, 4, 7, 1043, 0] [C:\WINDOWS\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0] [C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4] [C:\Program Files\Alwil Software\Avast4\aswCmnB.dll] [ALWIL Software, 4, 7, 1043, 0] [C:\Program Files\Alwil Software\Avast4\aswCmnOS.dll] [ALWIL Software, 4, 7, 1043, 0] [C:\Program Files\Alwil Software\Avast4\aswEngin.dll] [ALWIL Software, 4, 7, 1043, 0] [C:\Program Files\Alwil Software\Avast4\aswScan.dll] [ALWIL Software, 4, 7, 1043, 0] [C:\Program Files\Alwil Software\Avast4\aswCmnS.dll] [ALWIL Software, 4, 7, 1043, 0] [C:\Program Files\Alwil Software\Avast4\ashBase.dll] [ALWIL Software, 4, 7, 1043, 0] [C:\Program Files\Alwil Software\Avast4\ashTask.dll] [ALWIL Software, 4, 7, 1043, 0] [C:\Program Files\Alwil Software\Avast4\aswInteg.dll] [ALWIL Software, 4, 7, 1043, 0] [C:\Program Files\Alwil Software\Avast4\aswIdle.dll] [ALWIL Software, 4, 7, 1043, 0] [C:\Program Files\Alwil Software\Avast4\Aavm4h.dll] [ALWIL Software, 4, 7, 1043, 0] [C:\Program Files\Alwil Software\Avast4\French\Base.dll] [ALWIL Software, 4, 7, 1038, 0] [C:\Program Files\Alwil Software\Avast4\UNACEV2.DLL] [N/A, ] [C:\Program Files\Alwil Software\Avast4\AhResMai.dll] [ALWIL Software, 4, 7, 1043, 0] [C:\Program Files\Alwil Software\Avast4\ahResMes.dll] [ALWIL Software, 4, 7, 1043, 0] [C:\Program Files\Alwil Software\Avast4\AhResNS.dll] [ALWIL Software, 4, 7, 1043, 0] [C:\Program Files\Alwil Software\Avast4\AhResOut.dll] [ALWIL Software, 4, 7, 1043, 0] [C:\Program Files\Alwil Software\Avast4\ahResP2P.dll] [ALWIL Software, 4, 7, 1043, 0] [C:\Program Files\Alwil Software\Avast4\AhResStd.dll] [ALWIL Software, 4, 7, 1043, 0] [C:\Program Files\Alwil Software\Avast4\AhResWS.dll] [ALWIL Software, 4, 7, 1043, 0] [C:\Program Files\Alwil Software\Avast4\ashSSqlt.dll] [ALWIL Software, 4, 7, 1043, 0] [PID: 492 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\hpzlnt04.dll] [HP, 2,80,0,0] [PID: 1132 / SYSTEM][C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe] [Apple, Inc., 1, 14, 0, 0] [PID: 1144 / SYSTEM][C:\WINDOWS\ATKKBService.exe] [ASUSTeK COMPUTER INC., 1, 0, 0, 0] [PID: 1276 / SYSTEM][C:\WINDOWS\System32 vsvc32.exe] [NVIDIA Corporation, 6.14.10.8265] [PID: 1320 / SYSTEM][C:\WINDOWS\System32 cpsvcs.exe] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)] [PID: 1448 / SERVICE LOCAL][C:\WINDOWS\system32\wdfmgr.exe] [Microsoft Corporation, 5.2.3790.1230 built by: dnsrv(bld4act)] [PID: 2172 / SYSTEM][C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe] [ALWIL Software, 4, 7, 1043, 0] [C:\Program Files\Alwil Software\Avast4\ashBase.dll] [ALWIL Software, 4, 7, 1043, 0] [C:\WINDOWS\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0] [C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4] [C:\Program Files\Alwil Software\Avast4\aswCmnOS.dll] [ALWIL Software, 4, 7, 1043, 0] [C:\Program Files\Alwil Software\Avast4\aswCmnB.dll] [ALWIL Software, 4, 7, 1043, 0] [C:\Program Files\Alwil Software\Avast4\aswCmnS.dll] [ALWIL Software, 4, 7, 1043, 0] [C:\Program Files\Alwil Software\Avast4\Aavm4h.dll] [ALWIL Software, 4, 7, 1043, 0] [C:\Program Files\Alwil Software\Avast4\ashTask.dll] [ALWIL Software, 4, 7, 1043, 0] [C:\Program Files\Alwil Software\Avast4\aswAux.dll] [ALWIL Software, 4, 7, 1043, 0] [C:\Program Files\Alwil Software\Avast4\AhResMai.dll] [ALWIL Software, 4, 7, 1043, 0] [C:\Program Files\Alwil Software\Avast4\French\Base.dll] [ALWIL Software, 4, 7, 1038, 0] [C:\Program Files\Alwil Software\Avast4\aswEngin.dll] [ALWIL Software, 4, 7, 1043, 0] [C:\Program Files\Alwil Software\Avast4\aswScan.dll] [ALWIL Software, 4, 7, 1043, 0] [C:\Program Files\Alwil Software\Avast4\ashUInt.dll] [ALWIL Software, 4, 7, 1043, 0] [C:\Program Files\Alwil Software\Avast4\XT1922.dll] [Codejock Software, 1, 9, 4, 0] [C:\WINDOWS\system32\MFC71.DLL] [Microsoft Corporation, 7.10.3077.0] [C:\Program Files\Alwil Software\Avast4\French\Lang.dll] [ALWIL Software, 4, 7, 1038, 0] [C:\Program Files\Alwil Software\Avast4\French\langmai.dll] [ALWIL Software, 4, 7, 1038, 0] [PID: 2196 / SYSTEM][C:\Program Files\Alwil Software\Avast4\ashWebSv.exe] [ALWIL Software, 4, 7, 1043, 0] [C:\Program Files\Alwil Software\Avast4\ashBase.dll] [ALWIL Software, 4, 7, 1043, 0] [C:\WINDOWS\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0] [C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4] [C:\Program Files\Alwil Software\Avast4\aswCmnOS.dll] [ALWIL Software, 4, 7, 1043, 0] [C:\Program Files\Alwil Software\Avast4\aswCmnB.dll] [ALWIL Software, 4, 7, 1043, 0] [C:\Program Files\Alwil Software\Avast4\aswCmnS.dll] [ALWIL Software, 4, 7, 1043, 0] [C:\Program Files\Alwil Software\Avast4\Aavm4h.dll] [ALWIL Software, 4, 7, 1043, 0] [C:\Program Files\Alwil Software\Avast4\ashTask.dll] [ALWIL Software, 4, 7, 1043, 0] [C:\Program Files\Alwil Software\Avast4\aswAux.dll] [ALWIL Software, 4, 7, 1043, 0] [C:\Program Files\Alwil Software\Avast4\French\Base.dll] [ALWIL Software, 4, 7, 1038, 0] [C:\Program Files\Alwil Software\Avast4\ashWsFtr.dll] [ALWIL Software, 4, 7, 1043, 0] [C:\Program Files\Alwil Software\Avast4\aswScan.dll] [ALWIL Software, 4, 7, 1043, 0] [C:\PROGRA~1\ALWILS~1\Avast4\AhResWs.dll] [ALWIL Software, 4, 7, 1043, 0] [C:\Program Files\Alwil Software\Avast4\aswEngin.dll] [ALWIL Software, 4, 7, 1043, 0] [PID: 2576 / SERVICE LOCAL][C:\WINDOWS\System32\alg.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 2608 / Julien][C:\WINDOWS\system32\wscntfy.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 3140 / Julien][C:\WINDOWS\RTHDCPL.EXE] [Realtek Semiconductor Corp., 2.0.7.3] [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)] [PID: 3172 / Julien][C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe] [GRISOFT s.r.o., 7, 5, 1, 43] [C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\engine.dll] [GRISOFT s.r.o., 4, 2, 0, 19] [PID: 3180 / Julien][C:\Program Files\iTunes\iTunesHelper.exe] [Apple Inc., 7.4.3.1] [C:\WINDOWS\system32\Normaliz.dll] [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)] [C:\WINDOWS\system32\iertutil.dll] [Microsoft Corporation, 7.00.6000.16544 (vista_gdr.070814-1500)] [C:\Program Files\iTunes\iTunesHelper.Resources\fr.lproj\iTunesHelperLocalized.DLL] [Apple Inc., 7.4.0.17] [C:\Program Files\iTunes\iTunesHelper.Resources\iTunesHelper.DLL] [Apple Inc., 7.4.3.1] [C:\Program Files\QuickTime\QTSystem\QuickTime.qts] [Apple Inc., 7.2] [C:\Program Files\QuickTime\QTSystem\CoreVideo.qtx] [Apple Computer, Inc., 7.2] [C:\Program Files\QuickTime\QTSystem\QuickTime3GPP.qtx] [Apple Inc., 7.2] [C:\Program Files\QuickTime\QTSystem\QuickTime3GPPAuthoring.qtx] [Apple Inc., 7.2] [C:\Program Files\QuickTime\QTSystem\QuickTimeAudioSupport.qtx] [Apple Computer, Inc., 7.2] [C:\Program Files\QuickTime\QTSystem\QuickTimeAuthoring.qtx] [Apple Inc., 7.2] [C:\Program Files\QuickTime\QTSystem\QuickTimeCapture.qtx] [Apple Inc., 7.2] [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)] [C:\Program Files\QuickTime\QTSystem\QuickTimeEffects.qtx] [Apple Inc., 7.2] [C:\Program Files\QuickTime\QTSystem\QuickTimeEssentials.qtx] [Apple Inc., 7.2] [C:\Program Files\QuickTime\QTSystem\QuickTimeH264.qtx] [Apple Inc., 7.2] [C:\Program Files\QuickTime\QTSystem\QuickTimeImage.qtx] [Apple Inc., 7.2] [C:\Program Files\QuickTime\QTSystem\QuickTimeInternetExtras.qtx] [Apple Inc., 7.2] [C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG.qtx] [Apple Inc., 7.2] [C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG4.qtx] [Apple Inc., 7.2] [C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG4Authoring.qtx] [Apple Inc., 7.2] [C:\Program Files\QuickTime\QTSystem\QuickTimeMusic.qtx] [Apple Inc., 7.2] [C:\Program Files\QuickTime\QTSystem\QuickTimeQD3D.qtx] [Apple Inc., 7.2] [C:\Program Files\QuickTime\QTSystem\QuickTimeStreaming.qtx] [Apple Inc., 7.2] [C:\Program Files\QuickTime\QTSystem\QuickTimeStreamingAuthoring.qtx] [Apple Inc., 7.2] [C:\Program Files\QuickTime\QTSystem\QuickTimeStreamingExtras.qtx] [Apple Inc., 7.2] [C:\Program Files\QuickTime\QTSystem\QuickTimeVR.qtx] [Apple Inc., 7.2] [C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\iTunesMobileDevice.dll] [Apple Inc., 7, 4, 104, 0] [PID: 3188 / Julien][C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe] [ALWIL Software, 4, 7, 1043, 0] [C:\PROGRA~1\ALWILS~1\Avast4\aswCmnOS.dll] [ALWIL Software, 4, 7, 1043, 0] [C:\WINDOWS\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0] [C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4] [C:\PROGRA~1\ALWILS~1\Avast4\ashBase.dll] [ALWIL Software, 4, 7, 1043, 0] [C:\PROGRA~1\ALWILS~1\Avast4\aswCmnB.dll] [ALWIL Software, 4, 7, 1043, 0] [C:\PROGRA~1\ALWILS~1\Avast4\aswCmnS.dll] [ALWIL Software, 4, 7, 1043, 0] [C:\PROGRA~1\ALWILS~1\Avast4\ashTask.dll] [ALWIL Software, 4, 7, 1043, 0] [C:\PROGRA~1\ALWILS~1\Avast4\aswAux.dll] [ALWIL Software, 4, 7, 1043, 0] [C:\PROGRA~1\ALWILS~1\Avast4\Aavm4h.dll] [ALWIL Software, 4, 7, 1043, 0] [C:\Program Files\Alwil Software\Avast4\French\Base.dll] [ALWIL Software, 4, 7, 1038, 0] [C:\Program Files\Alwil Software\Avast4\French\Lang.dll] [ALWIL Software, 4, 7, 1038, 0] [C:\WINDOWS\system32\MFC71.DLL] [Microsoft Corporation, 7.10.3077.0] [C:\PROGRA~1\ALWILS~1\Avast4\AavmRpch.dll] [ALWIL Software, 4, 7, 1043, 0] [c:\program files\alwil software\avast4\ahruimai.dll] [ALWIL Software, 4, 7, 1043, 0] [C:\PROGRA~1\ALWILS~1\Avast4\ashUInt.dll] [ALWIL Software, 4, 7, 1043, 0] [C:\PROGRA~1\ALWILS~1\Avast4\XT1922.dll] [Codejock Software, 1, 9, 4, 0] [c:\program files\alwil software\avast4\ahruimes.dll] [ALWIL Software, 4, 7, 1043, 0] [c:\program files\alwil software\avast4\ahruins.dll] [ALWIL Software, 4, 7, 1043, 0] [c:\program files\alwil software\avast4\ahruiout.dll] [ALWIL Software, 4, 7, 1043, 0] [C:\WINDOWS\system32\MAPI32.dll] [Microsoft Corporation, 1.0.2536.0 (XPClient.010817-1148)] [c:\program files\alwil software\avast4\ahruip2p.dll] [ALWIL Software, 4, 7, 1043, 0] [c:\program files\alwil software\avast4\ahruistd.dll] [ALWIL Software, 4, 7, 1043, 0] [c:\program files\alwil software\avast4\ahruiws.dll] [ALWIL Software, 4, 7, 1043, 0] [PID: 3200 / Julien][C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe] [Sun Microsystems, Inc., 6.0.30.5] [C:\WINDOWS\system32\Normaliz.dll] [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)] [C:\WINDOWS\system32\iertutil.dll] [Microsoft Corporation, 7.00.6000.16544 (vista_gdr.070814-1500)] [PID: 3232 / Julien][C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe] [HP, 2,80,0,0] [C:\WINDOWS\system32\spool\drivers\w32x86\3\HPZR3204.DLL] [HP, 2,80,0,0] [PID: 3244 / Julien][C:\WINDOWS\system32\ctfmon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 3516 / SYSTEM][C:\Program Files\iPod\bin\iPodService.exe] [Apple Inc., 7.4.3.1] [C:\Program Files\iPod\bin\iPodService.Resources\fr.lproj\iPodServiceLocalized.DLL] [Apple Inc., 7.4.0.17] [C:\Program Files\iPod\bin\iPodService.Resources\iPodService.DLL] [Apple Inc., 7.4.3.1] [PID: 4080 / Julien][C:\Program Files\Mozilla Firefox\firefox.exe] [Mozilla Corporation, 1.8.1.8: 2007100816] [C:\Program Files\Mozilla Firefox\js3250.dll] [Netscape Communications Corporation, 4.0] [C:\Program Files\Mozilla Firefox spr4.dll] [Netscape Communications Corporation, 4.6.7] [C:\Program Files\Mozilla Firefox\xpcom_core.dll] [Mozilla Foundation, 1.8.1.8: 2007100816] [C:\Program Files\Mozilla Firefox\plc4.dll] [Netscape Communications Corporation, 4.6.7] [C:\Program Files\Mozilla Firefox\plds4.dll] [Netscape Communications Corporation, 4.6.7] [C:\Program Files\Mozilla Firefox\smime3.dll] [Mozilla Foundation, 3.11.5 Basic ECC] [C:\Program Files\Mozilla Firefox ss3.dll] [Mozilla Foundation, 3.11.5 Basic ECC] [C:\Program Files\Mozilla Firefox\softokn3.dll] [Mozilla Foundation, 3.11.4 Basic ECC] [C:\Program Files\Mozilla Firefox\ssl3.dll] [Mozilla Foundation, 3.11.5 Basic ECC] [C:\Program Files\Mozilla Firefox\xpcom_compat.dll] [Mozilla Foundation, 1.8.1.8: 2007100816] [C:\Program Files\Mozilla Firefox\components\myspell.dll] [Mozilla Foundation, 1.8.1.8: 2007100816] [C:\Program Files\Mozilla Firefox\components\jar50.dll] [Mozilla Foundation, 1.8.1.8: 2007100816] [C:\Documents and Settings\Julien\Application Data\Mozilla\Firefox\Profiles\6cn91608.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\metrics.dll] [N/A, ] [C:\Program Files\Mozilla Firefox\xpcom.dll] [Mozilla Foundation, 1.8.1.8: 2007100816] [C:\Documents and Settings\Julien\Application Data\Mozilla\Firefox\Profiles\6cn91608.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\googletoolbar.dll] [N/A, ] [C:\WINDOWS\system32\Normaliz.dll] [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)] [C:\WINDOWS\system32\iertutil.dll] [Microsoft Corporation, 7.00.6000.16544 (vista_gdr.070814-1500)] [C:\Program Files\Mozilla Firefox\freebl3.dll] [Mozilla Foundation, 3.11.4 Basic ECC] [C:\Program Files\Mozilla Firefox ssckbi.dll] [Mozilla Foundation, 1.64] [C:\Program Files\Mozilla Firefox\components\spellchk.dll] [Mozilla Foundation, 1.8.1.8: 2007100816] [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)] [C:\Program Files\Mozilla Firefox\plugins\NPSWF32.dll] [, ] [C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\shellexecutehook.dll] [GRISOFT s.r.o., 7, 5, 1, 36] [PID: 920 / Julien][C:\Documents and Settings\Julien\Bureau\SREngPS.EXE] [Smallfrogs Studio, 2.5.16.900] [C:\WINDOWS\system32\Normaliz.dll] [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)] [C:\WINDOWS\system32\iertutil.dll] [Microsoft Corporation, 7.00.6000.16544 (vista_gdr.070814-1500)] [C:\Documents and Settings\Julien\Bureau\Upload\3rdUpd.DLL] [Smallfrogs Studio, 2, 1, 0, 15] ================================== File Associations .TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1] .EXE OK. ["%1" %*] .COM OK. ["%1" %*] .PIF OK. ["%1" %*] .REG OK. [regedit.exe "%1"] .BAT OK. ["%1" %*] .SCR OK. ["%1" /S] .CHM OK. ["C:\WINDOWS\hh.exe" %1] .HLP OK. [%SystemRoot%\System32\winhlp32.exe %1] .INI OK. [%SystemRoot%\System32\NOTEPAD.EXE %1] .INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1] .VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*] .JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*] .LNK OK. [{00021401-0000-0000-C000-000000000046}] ================================== Winsock Provider N/A ================================== Autorun.Inf N/A ================================== HOSTS File 127.0.0.1 localhost 127.0.0.1 007guard.com 127.0.0.1 www.007guard.com 127.0.0.1 008i.com 127.0.0.1 008k.com 127.0.0.1 www.008k.com 127.0.0.1 00hq.com 127.0.0.1 www.00hq.com 127.0.0.1 010402.com 127.0.0.1 032439.com 127.0.0.1 www.032439.com 127.0.0.1 1001-search.info 127.0.0.1 www.1001-search.info 127.0.0.1 100888290cs.com 127.0.0.1 www.100888290cs.com 127.0.0.1 100sexlinks.com 127.0.0.1 www.100sexlinks.com 127.0.0.1 10sek.com 127.0.0.1 www.10sek.com 127.0.0.1 123topsearch.com 127.0.0.1 www.123topsearch.com 127.0.0.1 132.com 127.0.0.1 www.132.com 127.0.0.1 136136.net 127.0.0.1 www.136136.net 127.0.0.1 139mm.com 127.0.0.1 www.139mm.com 127.0.0.1 163ns.com 127.0.0.1 www.163ns.com 127.0.0.1 171203.com 127.0.0.1 17-plus.com 127.0.0.1 1800searchonline.com 127.0.0.1 www.1800searchonline.com 127.0.0.1 180searchassistant.com 127.0.0.1 www.180searchassistant.com 127.0.0.1 180solutions.com 127.0.0.1 www.180solutions.com 127.0.0.1 181.365soft.info 127.0.0.1 www.181.365soft.info 127.0.0.1 1987324.com 127.0.0.1 www.1987324.com 127.0.0.1 1-domains-registrations.com 127.0.0.1 www.1-domains-registrations.com 127.0.0.1 1-extreme.biz 127.0.0.1 www.1-extreme.biz 127.0.0.1 1sexparty.com 127.0.0.1 www.1sexparty.com 127.0.0.1 1stantivirus.com 127.0.0.1 www.1stantivirus.com 127.0.0.1 1stpagehere.com 127.0.0.1 www.1stpagehere.com 127.0.0.1 1stsearchportal.com 127.0.0.1 www.1stsearchportal.com 127.0.0.1 2.82211.net 127.0.0.1 www.2006ooo.com 127.0.0.1 2007-download.com 127.0.0.1 www.2007-download.com 127.0.0.1 2020search.com 127.0.0.1 www.2020search.com 127.0.0.1 20x2p.com 127.0.0.1 24.365soft.info 127.0.0.1 www.24.365soft.info 127.0.0.1 24-7pharmacy.info 127.0.0.1 www.24-7pharmacy.info 127.0.0.1 24-7searching-and-more.com 127.0.0.1 www.24-7searching-and-more.com 127.0.0.1 24teen.com 127.0.0.1 www.24teen.com 127.0.0.1 2every.net 127.0.0.1 www.2every.net 127.0.0.1 2ndpower.com 127.0.0.1 2search.com 127.0.0.1 www.2search.com 127.0.0.1 2search.org 127.0.0.1 www.2search.org 127.0.0.1 2squared.com 127.0.0.1 www.2squared.com 127.0.0.1 3322.org 127.0.0.1 www.3322.org 127.0.0.1 365soft.info 127.0.0.1 36site.com 127.0.0.1 www.36site.com 127.0.0.1 3721.com 127.0.0.1 39-93.com 127.0.0.1 3abetterinternet.com 127.0.0.1 www.3abetterinternet.com 127.0.0.1 3bay.it 127.0.0.1 www.3bay.it 127.0.0.1 3ebay.it 127.0.0.1 www.3ebay.it 127.0.0.1 404dns.com 127.0.0.1 www.404dns.com 127.0.0.1 4199.com 127.0.0.1 www.4199.com 127.0.0.1 4corn.net 127.0.0.1 www.4corn.net 127.0.0.1 4ebay.it 127.0.0.1 www.4ebay.it 127.0.0.1 4klm.com 127.0.0.1 4repubblica.it 127.0.0.1 www.4repubblica.it 127.0.0.1 4softget.com 127.0.0.1 www.4softget.com 127.0.0.1 5iscali.it 127.0.0.1 www.5iscali.it 127.0.0.1 5repubblica.it 127.0.0.1 www.5repubblica.it 127.0.0.1 5starvideos.com 127.0.0.1 www.5starvideos.com 127.0.0.1 5tiscali.it 127.0.0.1 www.5tiscali.it 127.0.0.1 5zgmu7o20kt5d8yq.com 127.0.0.1 www.5zgmu7o20kt5d8yq.com 127.0.0.1 6iscali.it 127.0.0.1 www.6iscali.it 127.0.0.1 6sek.com 127.0.0.1 www.6sek.com 127.0.0.1 6tiscali.it 127.0.0.1 www.6tiscali.it 127.0.0.1 7322.com 127.0.0.1 www.7322.com 127.0.0.1 75tz.com 127.0.0.1 777search.com 127.0.0.1 www.777search.com 127.0.0.1 777top.com 127.0.0.1 www.777top.com 127.0.0.1 7939.com 127.0.0.1 www.7939.com 127.0.0.1 7search.com 127.0.0.1 www.7search.com 127.0.0.1 80gw6ry3i3x3qbrkwhxhw.032439.com 127.0.0.1 82211.net 127.0.0.1 8866.org 127.0.0.1 888.com 127.0.0.1 www.888.com 127.0.0.1 8ad.com 127.0.0.1 www.8ad.com 127.0.0.1 9505.com 127.0.0.1 www.9505.com 127.0.0.1 971searchbox.com 127.0.0.1 www.971searchbox.com 127.0.0.1 a.bestmanage.org 127.0.0.1 aaasexypics.com 127.0.0.1 aaawebfinder.com 127.0.0.1 www.aaawebfinder.com 127.0.0.1 aavc.com 127.0.0.1 abc-find.info 127.0.0.1 www.abc-find.info 127.0.0.1 abetterinternet.com 127.0.0.1 www.abetterinternet.com 127.0.0.1 abnetsoft.info 127.0.0.1 www.abnetsoft.info 127.0.0.1 aboutclicker.com 127.0.0.1 www.aboutclicker.com 127.0.0.1 abrp.net 127.0.0.1 www.abrp.net 127.0.0.1 absolutee.com 127.0.0.1 www.absolutee.com 127.0.0.1 abyssmedia.com 127.0.0.1 www.abyssmedia.com 127.0.0.1 ac66.cn 127.0.0.1 www.ac66.cn 127.0.0.1 access.Navinetwork.com 127.0.0.1 access.rapid-pass.net 127.0.0.1 accessactivexvideo.com 127.0.0.1 www.accessactivexvideo.com 127.0.0.1 accessclips.com 127.0.0.1 www.accessclips.com 127.0.0.1 access-dvd.com 127.0.0.1 www.access-dvd.com 127.0.0.1 accesskeygenerator.com 127.0.0.1 www.accesskeygenerator.com 127.0.0.1 accessorygeeks.com 127.0.0.1 www.accessorygeeks.com 127.0.0.1 accessthefuture.net 127.0.0.1 www.accessthefuture.net 127.0.0.1 accessvid.net 127.0.0.1 www.accessvid.net 127.0.0.1 acemedic.com 127.0.0.1 www.acemedic.com 127.0.0.1 ace-webmaster.com 127.0.0.1 www.ace-webmaster.com 127.0.0.1 acjp.com 127.0.0.1 acrobat-2007.com 127.0.0.1 www.acrobat-2007.com 127.0.0.1 acrobat-8.com 127.0.0.1 www.acrobat-8.com 127.0.0.1 acrobat-center.com 127.0.0.1 www.acrobat-center.com 127.0.0.1 acrobat-hq.com 127.0.0.1 www.acrobat-hq.com 127.0.0.1 acrobatreader-8.com 127.0.0.1 www.acrobatreader-8.com 127.0.0.1 acrobat-reader-8.de 127.0.0.1 www.acrobat-reader-8.de 127.0.0.1 acrobat-stop.com 127.0.0.1 www.acrobat-stop.com 127.0.0.1 actionbreastcancer.org 127.0.0.1 www.actionbreastcancer.org 127.0.0.1 activesearcher.info 127.0.0.1 www.activesearcher.info 127.0.0.1 activexaccessobject.com 127.0.0.1 www.activexaccessobject.com 127.0.0.1 activexaccessvideo.com 127.0.0.1 www.activexaccessvideo.com 127.0.0.1 activexemedia.com 127.0.0.1 www.activexemedia.com 127.0.0.1 activexmediaobject.com 127.0.0.1 www.activexmediaobject.com 127.0.0.1 activexmediapro.com 127.0.0.1 www.activexmediapro.com 127.0.0.1 activexmediasite.com 127.0.0.1 www.activexmediasite.com 127.0.0.1 activexmediasoftware.com 127.0.0.1 www.activexmediasoftware.com 127.0.0.1 activexmediasource.com 127.0.0.1 www.activexmediasource.com 127.0.0.1 activexmediatool.com 127.0.0.1 www.activexmediatool.com 127.0.0.1 activexmediatour.com 127.0.0.1 www.activexmediatour.com 127.0.0.1 activexsoftwares.com 127.0.0.1 www.activexsoftwares.com 127.0.0.1 activexsource.com 127.0.0.1 www.activexsource.com 127.0.0.1 activexupdate.com 127.0.0.1 www.activexupdate.com 127.0.0.1 activexvideo.com 127.0.0.1 www.activexvideo.com 127.0.0.1 activexvideotool.com 127.0.0.1 www.activexvideotool.com 127.0.0.1 ad.marketingsector.com 127.0.0.1 www.ad.marketingsector.com 127.0.0.1 ad.mokead.com 127.0.0.1 www.ad.mokead.com 127.0.0.1 ad.yieldmanager.com 127.0.0.1 www.ad.yieldmanager.com 127.0.0.1 ad25.com 127.0.0.1 ad45.com 127.0.0.1 ad77.com 127.0.0.1 ad86.com 127.0.0.1 adamsupportgroup.org 127.0.0.1 www.adamsupportgroup.org 127.0.0.1 adarmor.com 127.0.0.1 www.adarmor.com 127.0.0.1 adasearch.com 127.0.0.1 www.adasearch.com 127.0.0.1 adaware.cc 127.0.0.1 adawarenow.com 127.0.0.1 www.adawarenow.com 127.0.0.1 addictivetechnologies.com 127.0.0.1 www.addictivetechnologies.com 127.0.0.1 addictivetechnologies.net 127.0.0.1 www.addictivetechnologies.net 127.0.0.1 add-manager.com 127.0.0.1 www.add-manager.com 127.0.0.1 adgate.info 127.0.0.1 www.adgate.info 127.0.0.1 adipics.com 127.0.0.1 www.adipics.com 127.0.0.1 admin2cash.biz 127.0.0.1 www.admin2cash.biz 127.0.0.1 adnet-plus.com 127.0.0.1 adobe-download-now.com 127.0.0.1 adobe-downloads.com 127.0.0.1 www.adobe-downloads.com 127.0.0.1 adobe-reader-8.fr 127.0.0.1 www.adobe-reader-8.fr 127.0.0.1 adprotect.com 127.0.0.1 www.adprotect.com 127.0.0.1 ads.centralmedia.ws 127.0.0.1 ads.k8l.info 127.0.0.1 ads.kmpads.com 127.0.0.1 ads.marketingsector.com 127.0.0.1 ads.searchingbooth.com 127.0.0.1 ads.z-quest.com 127.0.0.1 ads183.com 127.0.0.1 www.ads183.com 127.0.0.1 adscontex.com 127.0.0.1 www.adscontex.com 127.0.0.1 adservices1.enhance.com 127.0.0.1 www.adservices1.enhance.com 127.0.0.1 adservs.com 127.0.0.1 adsextend.net 127.0.0.1 www.adsextend.net 127.0.0.1 adshttp.com 127.0.0.1 www.adshttp.com 127.0.0.1 adsonwww.com 127.0.0.1 www.adsonwww.com 127.0.0.1 adspics.com 127.0.0.1 www.adspics.com 127.0.0.1 adtrak.net 127.0.0.1 www.adtrak.net 127.0.0.1 adtrgt.com 127.0.0.1 adult777search.info 127.0.0.1 www.adult777search.info 127.0.0.1 adultan.com 127.0.0.1 www.adultan.com 127.0.0.1 adult-engine-search.com 127.0.0.1 www.adult-engine-search.com 127.0.0.1 adult-erotic-guide.net 127.0.0.1 www.adult-erotic-guide.net 127.0.0.1 adultfilmsite.com 127.0.0.1 www.adultfilmsite.com 127.0.0.1 adult-friends-finder.net 127.0.0.1 www.adult-friends-finder.net 127.0.0.1 adultgambling.org 127.0.0.1 adult-host.org 127.0.0.1 adulthyperlinks.com 127.0.0.1 www.adulthyperlinks.com 127.0.0.1 adultmovieplus.com 127.0.0.1 www.adultmovieplus.com 127.0.0.1 adult-personal.us 127.0.0.1 adultsgames.net 127.0.0.1 adultsper.com 127.0.0.1 www.adultsper.com 127.0.0.1 adulttds.com 127.0.0.1 www.adulttds.com 127.0.0.1 adultzoneworld.com 127.0.0.1 www.adultzoneworld.com 127.0.0.1 advcash.biz 127.0.0.1 www.advcash.biz 127.0.0.1 advert.exaccess.ru 127.0.0.1 advertisemoney.info 127.0.0.1 www.advertisemoney.info 127.0.0.1 advertising.paltalk.com 127.0.0.1 advertising-money.info 127.0.0.1 www.advertising-money.info 127.0.0.1 ad-ware.cc 127.0.0.1 ad-w-a-r-e.com 127.0.0.1 www.ad-w-a-r-e.com 127.0.0.1 a-d-w-a-r-e.com 127.0.0.1 www.a-d-w-a-r-e.com 127.0.0.1 adwarebazooka.com 127.0.0.1 www.adwarebazooka.com 127.0.0.1 adwarefinder.com 127.0.0.1 www.adwarefinder.com 127.0.0.1 adwareprotectionsite.com 127.0.0.1 www.adwareprotectionsite.com 127.0.0.1 adwarepunisher.com 127.0.0.1 www.adwarepunisher.com 127.0.0.1 aflgate.com 127.0.0.1 www.aflgate.com 127.0.0.1 africaspromise.org 127.0.0.1 agava.com 127.0.0.1 agava.ru 127.0.0.1 agentstudio.com 127.0.0.1 aginegialle.it 127.0.0.1 www.aginegialle.it 127.0.0.1 www.aifind.info 127.0.0.1 aifind.info 127.0.0.1 airtleworld.com 127.0.0.1 www.airtleworld.com 127.0.0.1 aitalia.it 127.0.0.1 www.aitalia.it 127.0.0.1 akamai.downloadv3.com 127.0.0.1 aklitalia.it 127.0.0.1 www.aklitalia.it 127.0.0.1 akril.com 127.0.0.1 alcatel.ws 127.0.0.1 alfacleaner.com 127.0.0.1 www.alfacleaner.com 127.0.0.1 alfa-search.com 127.0.0.1 alialia.it 127.0.0.1 www.alialia.it 127.0.0.1 aliotalia.it 127.0.0.1 www.aliotalia.it 127.0.0.1 alirtalia.it 127.0.0.1 www.alirtalia.it 127.0.0.1 alitaia.it 127.0.0.1 www.alitaia.it 127.0.0.1 alitaklia.it 127.0.0.1 www.alitaklia.it 127.0.0.1 alitala.it 127.0.0.1 www.alitala.it 127.0.0.1 alitali.it 127.0.0.1 www.alitali.it 127.0.0.1 alitaliaq.it 127.0.0.1 www.alitaliaq.it 127.0.0.1 alitalias.it 127.0.0.1 www.alitalias.it 127.0.0.1 alitaliaz.it 127.0.0.1 www.alitaliaz.it 127.0.0.1 alitalioa.it 127.0.0.1 www.alitalioa.it 127.0.0.1 alitalisa.it 127.0.0.1 www.alitalisa.it 127.0.0.1 alitaliua.it 127.0.0.1 www.alitaliua.it 127.0.0.1 alitalkia.it 127.0.0.1 www.alitalkia.it 127.0.0.1 alitaloia.it 127.0.0.1 www.alitaloia.it 127.0.0.1 alitaluia.it 127.0.0.1 www.alitaluia.it 127.0.0.1 alitaslia.it 127.0.0.1 www.alitaslia.it 127.0.0.1 alitlia.it 127.0.0.1 www.alitlia.it 127.0.0.1 alitralia.it 127.0.0.1 www.alitralia.it 127.0.0.1 alitsalia.it 127.0.0.1 www.alitsalia.it 127.0.0.1 aliutalia.it 127.0.0.1 www.aliutalia.it 127.0.0.1 ALL1COUNT.NET 127.0.0.1 www.ALL1COUNT.NET 127.0.0.1 all4internet.com 127.0.0.1 www.all4internet.com 127.0.0.1 allabtcars.com 127.0.0.1 allabtjeeps.com 127.0.0.1 all-bittorrent.com 127.0.0.1 www.all-bittorrent.com 127.0.0.1 www.allcybersearch.com 127.0.0.1 allcybersearch.com 127.0.0.1 alldnserrors.com 127.0.0.1 www.alldnserrors.com 127.0.0.1 all-downloads-now.com 127.0.0.1 www.all-downloads-now.com 127.0.0.1 all-edonkey.com 127.0.0.1 www.all-edonkey.com 127.0.0.1 allforadult.com 127.0.0.1 allhyperlinks.com 127.0.0.1 alliesecurity.com 127.0.0.1 www.alliesecurity.com 127.0.0.1 all-inet.com 127.0.0.1 allinternetbusiness.com 127.0.0.1 all-limewire.com 127.0.0.1 www.all-limewire.com 127.0.0.1 allmegabucks.com 127.0.0.1 www.allmegabucks.com 127.0.0.1 allprotections.com 127.0.0.1 www.allprotections.com 127.0.0.1 allresultz.net 127.0.0.1 www.allresultz.net 127.0.0.1 allsecuritynotes.com 127.0.0.1 www.allsecuritynotes.com 127.0.0.1 allsecuritysite.com 127.0.0.1 www.allsecuritysite.com 127.0.0.1 allstarsvideos.net 127.0.0.1 www.allstarsvideos.net 127.0.0.1 alltruesoftware.com 127.0.0.1 www.alltruesoftware.com 127.0.0.1 allvideoactivex.com 127.0.0.1 www.allvideoactivex.com 127.0.0.1 almanah.biz 127.0.0.1 www.almanah.biz 127.0.0.1 almarvideos.com 127.0.0.1 aloitalia.it 127.0.0.1 www.aloitalia.it 127.0.0.1 aluitalia.it 127.0.0.1 www.aluitalia.it 127.0.0.1 amaena.com 127.0.0.1 www.amaena.com 127.0.0.1 amandamountains.com 127.0.0.1 amateurliveshow.com 127.0.0.1 www.amateurliveshow.com 127.0.0.1 amediasoftware.com 127.0.0.1 www.amediasoftware.com 127.0.0.1 amediasource.com 127.0.0.1 www.amediasource.com 127.0.0.1 americancarbargains.com 127.0.0.1 www.americancarbargains.com 127.0.0.1 american-teens.net 127.0.0.1 amigeek.com 127.0.0.1 amisbusiness.com 127.0.0.1 ampmsearch.com 127.0.0.1 www.ampmsearch.com 127.0.0.1 analcord.com 127.0.0.1 www.analcord.com 127.0.0.1 analmovi.com 127.0.0.1 anarchylolita.com 127.0.0.1 www.anarchylolita.com 127.0.0.1 anarchyporn.com 127.0.0.1 andromedical.com 127.0.0.1 www.andromedical.com 127.0.0.1 animepornmag.com 127.0.0.1 www.animepornmag.com 127.0.0.1 anin.org 127.0.0.1 anjpn-avxiz.biz 127.0.0.1 www.anjpn-avxiz.biz 127.0.0.1 anjpnzqav.biz 127.0.0.1 www.anjpnzqav.biz 127.0.0.1 anjpn-zqav.biz 127.0.0.1 www.anjpn-zqav.biz 127.0.0.1 annaromeo.com 127.0.0.1 antiddos.us 127.0.0.1 www.antiddos.us 127.0.0.1 Antiespiadorado.com 127.0.0.1 www.Antiespiadorado.com 127.0.0.1 Antiespionspack.com 127.0.0.1 www.Antiespionspack.com 127.0.0.1 Antigusanos2008.com 127.0.0.1 www.Antigusanos2008.com 127.0.0.1 Antispionage.com 127.0.0.1 www.Antispionage.com 127.0.0.1 Antispionagepro.com 127.0.0.1 www.Antispionagepro.com 127.0.0.1 antispydns.biz 127.0.0.1 www.antispydns.biz 127.0.0.1 antispylab.com 127.0.0.1 www.antispylab.com 127.0.0.1 antispysolutions.com 127.0.0.1 www.antispysolutions.com 127.0.0.1 antispyware.com 127.0.0.1 www.antispyware.com 127.0.0.1 antispywarebot.com 127.0.0.1 www.antispywarebot.com 127.0.0.1 antispywarebox.com 127.0.0.1 www.antispywarebox.com 127.0.0.1 antispywaredownloads.com 127.0.0.1 www.antispywaredownloads.com 127.0.0.1 Antispywaresuite.com 127.0.0.1 www.Antispywaresuite.com 127.0.0.1 Antispyweb.net 127.0.0.1 www.Antispyweb.net 127.0.0.1 Antiver2008.com 127.0.0.1 www.Antiver2008.com 127.0.0.1 antivermins.com 127.0.0.1 www.antivermins.com 127.0.0.1 anti-vermins.com 127.0.0.1 www.anti-vermins.com 127.0.0.1 antivir2007.com 127.0.0.1 www.antivir2007.com 127.0.0.1 antivirgear.com 127.0.0.1 www.antivirgear.com 127.0.0.1 antivirus.fastfreedownload.com 127.0.0.1 www.antivirus.fastfreedownload.com 127.0.0.1 antivirusgolden.com 127.0.0.1 www.antivirusgolden.com 127.0.0.1 antivirus-hq.net 127.0.0.1 www.antivirus-hq.net 127.0.0.1 anti-virus-pro.com 127.0.0.1 www.anti-virus-pro.com 127.0.0.1 antivirusprotector.com 127.0.0.1 www.antivirusprotector.com 127.0.0.1 antivirussecuritypro.com 127.0.0.1 www.antivirussecuritypro.com 127.0.0.1 antivirus-stop.com 127.0.0.1 www.antivirus-stop.com 127.0.0.1 Antiworm2008.com 127.0.0.1 www.Antiworm2008.com 127.0.0.1 Antiwurm2008.com 127.0.0.1 www.Antiwurm2008.com 127.0.0.1 antrocity.com 127.0.0.1 anyofus.com 127.0.0.1 www.anyofus.com 127.0.0.1 anysn.seproger.com 127.0.0.1 www.anysn.seproger.com 127.0.0.1 anything4health.com 127.0.0.1 apicpreview.com 127.0.0.1 www.apicpreview.com 127.0.0.1 apmebf.com 127.0.0.1 www.apmebf.com 127.0.0.1 appealcircuit.com 127.0.0.1 www.appealcircuit.com 127.0.0.1 approvedlinks.com 127.0.0.1 www.approvedlinks.com 127.0.0.1 apps.deskwizz.com 127.0.0.1 apps.webservicehost.com 127.0.0.1 aprotectedpage.com 127.0.0.1 www.aprotectedpage.com 127.0.0.1 apsua.com 127.0.0.1 archiviosex.net 127.0.0.1 www.archiviosex.net 127.0.0.1 aregay.com 127.0.0.1 ares-freebie.com 127.0.0.1 www.ares-freebie.com 127.0.0.1 arespro2007.com 127.0.0.1 www.arespro2007.com 127.0.0.1 aresultra.com 127.0.0.1 www.aresultra.com 127.0.0.1 ares-usa.com 127.0.0.1 www.ares-usa.com 127.0.0.1 arheo.com 127.0.0.1 arizonaweb.org 127.0.0.1 armitageinn.com 127.0.0.1 arquivojpgs.smtp.ru 127.0.0.1 www.arquivojpgs.smtp.ru 127.0.0.1 artachnid.com 127.0.0.1 art-func.com 127.0.0.1 art-xxx.com 127.0.0.1 asafebrowser.com 127.0.0.1 www.asafebrowser.com 127.0.0.1 asafetynotice.com 127.0.0.1 www.asafetynotice.com 127.0.0.1 asafetypage.com 127.0.0.1 www.asafetypage.com 127.0.0.1 asdbiz.biz 127.0.0.1 www.asdbiz.biz 127.0.0.1 asdeykuddq.com 127.0.0.1 www.asdeykuddq.com 127.0.0.1 asecurebar.com 127.0.0.1 www.asecurebar.com 127.0.0.1 asecureboard.com 127.0.0.1 www.asecureboard.com 127.0.0.1 asecurevalue.com 127.0.0.1 www.asecurevalue.com 127.0.0.1 asecurityissue.com 127.0.0.1 www.asecurityissue.com 127.0.0.1 asecuritynotice.com 127.0.0.1 www.asecuritynotice.com 127.0.0.1 asecuritypaper.com 127.0.0.1 www.asecuritypaper.com 127.0.0.1 asecuritystuff.com 127.0.0.1 www.asecuritystuff.com 127.0.0.1 asiankingkong.com 127.0.0.1 asianpornmag.com 127.0.0.1 www.asianpornmag.com 127.0.0.1 asiantoolbar.com 127.0.0.1 www.asiantoolbar.com 127.0.0.1 asidseiupc.com 127.0.0.1 www.asidseiupc.com 127.0.0.1 aslitalia.it 127.0.0.1 www.aslitalia.it 127.0.0.1 ass-gals.com 127.0.0.1 assureprotection.com 127.0.0.1 www.assureprotection.com 127.0.0.1 asta-killer.com 127.0.0.1 asupereva.it 127.0.0.1 www.asupereva.it 127.0.0.1 athenrye.com 127.0.0.1 atotalsafety.com 127.0.0.1 www.atotalsafety.com 127.0.0.1 atrueprotection.com 127.0.0.1 www.atrueprotection.com 127.0.0.1 atruesecurity.com 127.0.0.1 www.atruesecurity.com 127.0.0.1 attackware.com 127.0.0.1 www.attackware.com 127.0.0.1 attrezzi.biz 127.0.0.1 www.attrezzi.biz 127.0.0.1 aulde.net 127.0.0.1 www.aulde.net 127.0.0.1 aupereva.it 127.0.0.1 www.aupereva.it 127.0.0.1 autocontext.begun.ru 127.0.0.1 www.autocontext.begun.ru 127.0.0.1 autoescrowpay.com 127.0.0.1 avast.free-software-center.com 127.0.0.1 www.avast.free-software-center.com 127.0.0.1 avast-2007.com 127.0.0.1 www.avast-2007.com 127.0.0.1 avast-downloads.com 127.0.0.1 www.avast-downloads.com 127.0.0.1 avast-hq.com 127.0.0.1 www.avast-hq.com 127.0.0.1 avforce.com 127.0.0.1 www.avforce.com 127.0.0.1 avg.grab-it-today.net 127.0.0.1 www.avg.grab-it-today.net 127.0.0.1 avg.softwarecenterz.com 127.0.0.1 www.avg.softwarecenterz.com 127.0.0.1 avg-secure.com 127.0.0.1 www.avg-secure.com 127.0.0.1 avian-ads.com 127.0.0.1 avideoaxaccess.com 127.0.0.1 www.avideoaxaccess.com 127.0.0.1 avideosurfer.com 127.0.0.1 www.avideosurfer.com 127.0.0.1 aviewersoft.com 127.0.0.1 www.aviewersoft.com 127.0.0.1 avpcheckupdate.com 127.0.0.1 www.avpcheckupdate.com 127.0.0.1 avxizaaqada.biz 127.0.0.1 www.avxizaaqada.biz 127.0.0.1 avxiz-anjpn.biz 127.0.0.1 www.avxiz-anjpn.biz 127.0.0.1 avxizueorn.biz 127.0.0.1 www.avxizueorn.biz 127.0.0.1 avxiz-ueorn.biz 127.0.0.1 www.avxiz-ueorn.biz 127.0.0.1 avxiz-vtvcp.biz 127.0.0.1 www.avxiz-vtvcp.biz 127.0.0.1 avxiz-ygco.biz 127.0.0.1 www.avxiz-ygco.biz 127.0.0.1 avxiz-zqav.biz 127.0.0.1 www.avxiz-zqav.biz 127.0.0.1 awarninglist.com 127.0.0.1 www.awarninglist.com 127.0.0.1 awbeta.net-nucleus.com 127.0.0.1 awesomehomepage.com 127.0.0.1 www.awesomehomepage.com 127.0.0.1 awmcash.biz 127.0.0.1 awmdabest.com 127.0.0.1 axemediasoftware.com 127.0.0.1 www.axemediasoftware.com 127.0.0.1 aximageobject.com 127.0.0.1 www.aximageobject.com 127.0.0.1 axmediaproject.com 127.0.0.1 www.axmediaproject.com 127.0.0.1 axmediasoftware.com 127.0.0.1 www.axmediasoftware.com 127.0.0.1 axmediasolutions.com 127.0.0.1 www.axmediasolutions.com 127.0.0.1 axobjectpage.com 127.0.0.1 www.axobjectpage.com 127.0.0.1 axobjectsource.com 127.0.0.1 www.axobjectsource.com 127.0.0.1 axsoftwaretool.com 127.0.0.1 www.axsoftwaretool.com 127.0.0.1 axvideoproject.com 127.0.0.1 www.axvideoproject.com 127.0.0.1 axvideosetup.com 127.0.0.1 www.axvideosetup.com 127.0.0.1 ayakawamura.com 127.0.0.1 ayb.dns-look-up.com 127.0.0.1 ayb.netbios-wait.com 127.0.0.1 ayumitaniguchi.com 127.0.0.1 azebar.com 127.0.0.1 azureusclub.com 127.0.0.1 www.azureusclub.com 127.0.0.1 azureus-freebie.com 127.0.0.1 www.azureus-freebie.com 127.0.0.1 azzetta.it 127.0.0.1 www.azzetta.it 127.0.0.1 b.casalemedia.com 127.0.0.1 babe.k-lined.com 127.0.0.1 www.babe.k-lined.com 127.0.0.1 babe.the-killer.bz 127.0.0.1 www.babe.the-killer.bz 127.0.0.1 babenet.com 127.0.0.1 www.babenet.com 127.0.0.1 babespornmag.com 127.0.0.1 www.babespornmag.com 127.0.0.1 babeweb.de 127.0.0.1 www.babeweb.de 127.0.0.1 baccarat-other.info 127.0.0.1 www.baccarat-other.info 127.0.0.1 Backstripgirls.com 127.0.0.1 www.Backstripgirls.com 127.0.0.1 backup.mabou.org 127.0.0.1 balotierra.com 127.0.0.1 www.balotierra.com 127.0.0.1 bannedhost.net 127.0.0.1 barbudafarms.com 127.0.0.1 bardownload.com 127.0.0.1 www.bardownload.com 127.0.0.1 barnandfence.com 127.0.0.1 batsearch.com 127.0.0.1 baygraphicsllc.com 127.0.0.1 bbbsearch.com 127.0.0.1 bb-search.com 127.0.0.1 bdsmlibrary.net 127.0.0.1 bdsmpornmag.com 127.0.0.1 www.bdsmpornmag.com 127.0.0.1 bearshare.download-me.info 127.0.0.1 www.bearshare.download-me.info 127.0.0.1 bearshare.mp3-muzic.com 127.0.0.1 www.bearshare.mp3-muzic.com 127.0.0.1 bearshare-download.org 127.0.0.1 www.bearshare-download.org 127.0.0.1 bearshare-downloads.net 127.0.0.1 www.bearshare-downloads.net 127.0.0.1 bearsharelive.co.uk 127.0.0.1 www.bearsharelive.co.uk 127.0.0.1 bearshare-music-downloads.com 127.0.0.1 www.bearshare-music-downloads.com 127.0.0.1 bearsharepro2007.com 127.0.0.1 www.bearsharepro2007.com 127.0.0.1 bearshare-usa.com 127.0.0.1 www.bearshare-usa.com 127.0.0.1 bedhome.com 127.0.0.1 bediadance.com 127.0.0.1 beebappyy.biz 127.0.0.1 www.beebappyy.biz 127.0.0.1 begin2search.com 127.0.0.1 www.begin2search.com 127.0.0.1 bellabasketsfl.com 127.0.0.1 bernaolatwin.com 127.0.0.1 best-counter.com 127.0.0.1 bestcrawler.com 127.0.0.1 bestfor.ru 127.0.0.1 best-hardpics.com 127.0.0.1 bestmanage.org 127.0.0.1 www.bestmanage.org 127.0.0.1 bestmanage0.org 127.0.0.1 www.bestmanage0.org 127.0.0.1 bestmanage1.org 127.0.0.1 www.bestmanage1.org 127.0.0.1 bestmanage2.org 127.0.0.1 www.bestmanage2.org 127.0.0.1 bestmanage3.org 127.0.0.1 www.bestmanage3.org 127.0.0.1 bestmanage4.org 127.0.0.1 www.bestmanage4.org 127.0.0.1 bestmanage5.org 127.0.0.1 www.bestmanage5.org 127.0.0.1 bestmanage6.org 127.0.0.1 www.bestmanage6.org 127.0.0.1 bestmanage7.org 127.0.0.1 www.bestmanage7.org 127.0.0.1 bestmanage8.org 127.0.0.1 www.bestmanage8.org 127.0.0.1 bestmanage9.org 127.0.0.1 www.bestmanage9.org 127.0.0.1 bestporngate.com 127.0.0.1 bestsafetyguide.net 127.0.0.1 www.bestsafetyguide.net 127.0.0.1 best-spyware.info 127.0.0.1 www.best-spyware.info 127.0.0.1 best-targeted-traffic.com 127.0.0.1 www.best-targeted-traffic.com 127.0.0.1 best-voyeur.info 127.0.0.1 www.best-voyeur.info 127.0.0.1 bestweblinks.com 127.0.0.1 best-winning-casino.com 127.0.0.1 bestworldgirls-for-u.net 127.0.0.1 www.bestworldgirls-for-u.net 127.0.0.1 bestxporno.com 127.0.0.1 bettersearch.biz 127.0.0.1 www.bettersearch.biz 127.0.0.1 bgazzetta.it 127.0.0.1 www.bgazzetta.it 127.0.0.1 bgoogle.it 127.0.0.1 www.bgoogle.it 127.0.0.1 bigtrafficnetwork.com 127.0.0.1 www.bigtrafficnetwork.com 127.0.0.1 bigwww.com 127.0.0.1 www.bigwww.com 127.0.0.1 bin.errorprotector.com 127.0.0.1 bins.media-motor.net 127.0.0.1 bins2.media-motor.net 127.0.0.1 bis.180solutions.com 127.0.0.1 bitchesonline.net 127.0.0.1 bitcomet-freebie.com 127.0.0.1 www.bitcomet-freebie.com 127.0.0.1 biz.biz 127.0.0.1 blackblues00.com 127.0.0.1 www.blackblues00.com 127.0.0.1 blackhats.tc 127.0.0.1 www.blackhats.tc 127.0.0.1 blackhawksoftware.com 127.0.0.1 www.blackhawksoftware.com 127.0.0.1 blackjack-free.net 127.0.0.1 blazefind.com 127.0.0.1 blender.xu.pl 127.0.0.1 blondetgp.com 127.0.0.1 blue-elefant.com 127.0.0.1 www.blue-elefant.com 127.0.0.1 bm.theaimonline.com 127.0.0.1 www.bm.theaimonline.com 127.0.0.1 bnmgate.com 127.0.0.1 www.bnmgate.com 127.0.0.1 bodaciousbabette.com 127.0.0.1 bonzi.com 127.0.0.1 www.bonzi.com 127.0.0.1 boobdoll.com 127.0.0.1 boobsandtits.com 127.0.0.1 boobsclub.com 127.0.0.1 bookedspace.com 127.0.0.1 www.bookedspace.com 127.0.0.1 boom.com.vn 127.0.0.1 www.boom.com.vn 127.0.0.1 boredlife.com 127.0.0.1 bowlofogumbo.com 127.0.0.1 bpfq02.com 127.0.0.1 www.bpfq02.com 127.0.0.1 bqgate.com 127.0.0.1 www.bqgate.com 127.0.0.1 br.errorsafe.com 127.0.0.1 br.winantivirus.com 127.0.0.1 br.winfixer.com 127.0.0.1 bradcoem.org 127.0.0.1 braincodec.com 127.0.0.1 www.braincodec.com 127.0.0.1 brandiyoung.com 127.0.0.1 bravesentry.com 127.0.0.1 www.bravesentry.com 127.0.0.1 breenten.biz 127.0.0.1 www.breenten.biz 127.0.0.1 brodbfm.net 127.0.0.1 www.brodbfm.net 127.0.0.1 brookeburn.com 127.0.0.1

Julien · Answer

Salut le Sioux, J'avais déjà posté un message mais y'a eu un léger problème de plantage, je recommence donc en espérant que ça fera pas de doublon ! Donc, faisons un résumé rapide : toujours impossible de télécharger un truc "lourd" mais j'ai pu prendre SREng, qui est trop léger pour ça ait eu le temps de planter. Antivir, ça veut toujours pas ! Avast, AVG et Ad-Aware se vautrent aussi dès que je tente un sacn complet et/ou minutieux. Les tracking cookies continuent d'affluer alors que je ne me connecte sur Internet quasiment que pour suivre notre conversation. Spybot repère Virtumonde, me dit qu'il corrige le problème mais à l'analyse suivante, le coco fort désagréable est revenu ! Bref, merci encore pour ton aide et pour t'en remercier, voilà le rapport le plus long du monder, celui de SREng que tu m'as demandé @+ Julien Rapport SREng : [CODE] 2007-10-24,20:29:11 System Repair Engineer 2.5.16.900 Smallfrogs (http://www.KZTechs.com) Windows XP Professional Service Pack 2 (Build 2600) - Administrative User - Completed Functions Allowed Follow item(s) have been choosed: All Boot Items (Including Registry, Startup Folders, Services and so on) Browser Add-ons Runing Processes (Including process model information) File Associations Winsock Provider Autorun.Inf HOSTS File Process Privileges Scan Boot Items Registry [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] [(Verified)Microsoft Windows Hardware Compatibility Publisher] [(Verified)Microsoft Windows Hardware Compatibility Publisher] <"C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"> [(Verified)Check Point Software Technologies Ltd.] <"C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized> [(Verified)GRISOFT LTD] <"C:\Program Files\iTunes\iTunesHelper.exe"> [(Verified)"Apple Computer, Inc."] [(Verified)ALWIL Software] <"C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"> [(Verified)"Sun Microsystems, Inc."] [(Verified)Microsoft Windows Hardware Compatibility Publisher, E=""] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] [(Verified)Microsoft Windows Publisher] [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] [N/A] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] <{57B86673-276A-48B2-BAE7-C6DBB3020EB8}> [(Verified)GRISOFT LTD] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\urqqoml] [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\<{12d0ed0d-0ee0-4f90-8827-78cefb8f4988}] [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}] <%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}] <%SystemRoot%\system32 egsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32 hemeui.dll> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}] <"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}] [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}] [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}] [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}] <"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] <; C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP> [N/A] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] <; C:\WINDOWS\System32\ctfmon.exe> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] <; C:\WINDOWS\System32\lssas.exe> [N/A] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] <; "C:\Program Files\Messenger\msmsgs.exe" /background> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] <; C:\WINDOWS\System32\winns.exe> [N/A] <; RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup> [(Verified)Microsoft Windows Hardware Compatibility Publisher] <; RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit> [(Verified)Microsoft Windows Hardware Compatibility Publisher] <; nwiz.exe /install> [] <; C:\WINDOWS\System32\spooIsv.exe> [N/A] <; C:\WINDOWS\System32\winamp.exe> [N/A] ================================== Startup Folders N/A ================================== Services [Ad-Aware 2007 Service / aawservice][Running/Auto Start] <"C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe"> [Apple Mobile Device / Apple Mobile Device][Running/Auto Start] <"C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe"> [avast! iAVS4 Control Service / aswUpdSv][Running/Auto Start] <"C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe"> [ATK Keyboard Service / ATKKeyboardService][Running/Auto Start] [avast! Antivirus / avast! Antivirus][Running/Auto Start] <"C:\Program Files\Alwil Software\Avast4\ashServ.exe"> [avast! Mail Scanner / avast! Mail Scanner][Running/Manual Start] <"C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service> [avast! Web Scanner / avast! Web Scanner][Running/Manual Start] <"C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service> [AVG Anti-Spyware Guard / AVG Anti-Spyware Guard][Running/Auto Start] [AVG7 Alert Manager Server / Avg7Alrt][Stopped/Disabled] [AVG7 Update Service / Avg7UpdSvc][Stopped/Disabled] [AVG E-mail Scanner / AVGEMS][Stopped/Disabled] [Accès du périphérique d'interface utilisateur / HidServ][Stopped/Disabled] %SystemRoot%\System32\hidserv.dll> [Service de l'iPod / iPod Service][Running/Manual Start] <"C:\Program Files\iPod\bin\iPodService.exe"> [Microsoft Agent / Microsoft Agent][Stopped/Auto Start] <"C:\WINDOWS\System32\dllcache\frehost.exe"> [NVIDIA Display Driver Service / NVSvc][Running/Auto Start] [TrueVector Internet Monitor / vsmon][Running/Auto Start] ================================== Drivers [Enhanced Display Driver Helper Service / asuskbnt][Running/System Start] [AVG Anti-Spyware Driver / AVG Anti-Spyware Driver][Running/System Start] <\??\C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.sys> [AVG7 Kernel / Avg7Core][Stopped/System Start] <\SystemRoot\System32\Drivers\avg7core.sys> [AVG7 Wrap Driver / Avg7RsW][Running/System Start] <\SystemRoot\System32\Drivers\avg7rsw.sys> [AVG7 Resident Driver XP / Avg7RsXP][Stopped/System Start] <\SystemRoot\System32\Drivers\avg7rsxp.sys> [AVG Anti-Spyware Clean Driver / AvgAsCln][Running/System Start] [AVG7 Clean Driver / AvgClean][Running/System Start] <\SystemRoot\System32\Drivers\avgclean.sys> [AVG Network Redirector / AvgTdi][Running/Auto Start] <\SystemRoot\System32\Drivers\avgtdi.sys> [catchme / catchme][Stopped/Manual Start] <\??\C:\DOCUME~1\Julien\LOCALS~1\Temp\catchme.sys> [driverhardwarev2 / driverhardwarev2][Stopped/Manual Start] <\??\C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys> [EIO / EIO][Running/Auto Start] <\??\C:\WINDOWS\system32\drivers\EIO.sys> [GEARAspiWDM / GEARAspiWDM][Running/Manual Start] [Microsoft UAA Bus Driver for High Definition Audio / HDAudBus][Running/Manual Start] [Service for Realtek HD Audio (WDM) / IntcAzAudAddService][Running/Manual Start] [kl1 / kl1][Running/Boot Start] <\SystemRoot\system32\DRIVERS\kl1.sys> [KLIF / KLIF][Running/System Start] [nv / nv][Running/Manual Start] [Pilote de liaison parallèle directe / Ptilink][Running/Manual Start] [PxHelp20 / PxHelp20][Running/Boot Start] <\SystemRoot\System32\Drivers\PxHelp20.sys> [Realtek 10/100/1000 NIC Family all in one NDIS XP Driver / RTL8023xp][Running/Manual Start] [Secdrv / Secdrv][Stopped/Manual Start] [srescan / srescan][Running/Boot Start] <\SystemRoot\system32\ZoneLabs\srescan.sys> [vsdatant / vsdatant][Running/System Start] ================================== Browser Add-ons [Spybot-S&D IE Protection] {53707962-6F74-2D53-2644-206D7942484F} [SSVHelper Class] {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} [Java Plug-in 1.6.0_03] {08B0E5C0-4FCB-11CF-AAA5-00401C608501} [Spybot-S&D IE Protection] {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} [] {e2e2dd38-d088-4134-82b7-f2ba38496583} <%windir%\Network Diagnostic\xpnetdiag.exe, N/A> [Messenger] {FB5F1910-F110-11d2-BB9E-00C04F795683} [WUWebControl Class] {6414512B-B978-451D-A0D8-FCFDF33E833C} [HouseCall Control] {74D05D43-3236-11D4-BDCD-00C04F9A3B61} [HardwareDetection Control] {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} [Java Plug-in 1.6.0_03] {8AD9C840-044E-11D1-B3E9-00805F499D93} [Java Plug-in 1.6.0_03] {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} [Java Plug-in 1.6.0_03] {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [Spybot-S&D IE Protection] {53707962-6F74-2D53-2644-206D7942484F} [WUWebControl Class] {6414512B-B978-451D-A0D8-FCFDF33E833C} [Windows Media Player] {6BF52A52-394A-11D3-B153-00C04F79FAA6} [HouseCall Control] {74D05D43-3236-11D4-BDCD-00C04F9A3B61} [SSVHelper Class] {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} [SearchAssistantOC] {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\System32\shdocvw.dll, N/A> [Shockwave Flash Object] {D27CDB6E-AE6D-11CF-96B8-444553540000} [E&xporter vers Microsoft Excel] ================================== Running Processes [PID: 720 / SYSTEM][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 780 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 804 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)] [PID: 848 / SYSTEM][C:\WINDOWS\system32\services.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 860 / SYSTEM][C:\WINDOWS\system32\lsass.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 1020 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 1096 / SERVICE RÉSEAU][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 1192 / SYSTEM][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [c:\windows\system32\uxtuneup.dll] [TuneUp Software GmbH, 2.0.0.8] [C:\WINDOWS\system32\Normaliz.dll] [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)] [C:\WINDOWS\system32\iertutil.dll] [Microsoft Corporation, 7.00.6000.16544 (vista_gdr.070814-1500)] [C:\WINDOWS\System32\wups2.dll] [Microsoft Corporation, 7.0.6000.381 (winmain(wmbla).070730-1740)] [PID: 1304 / SERVICE RÉSEAU][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 1392 / SERVICE LOCAL][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\Normaliz.dll] [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)] [C:\WINDOWS\system32\iertutil.dll] [Microsoft Corporation, 7.00.6000.16544 (vista_gdr.070814-1500)] [PID: 1636 / Julien][C:\WINDOWS\Explorer.EXE] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\Normaliz.dll] [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)] [C:\WINDOWS\system32\iertutil.dll] [Microsoft Corporation, 7.00.6000.16544 (vista_gdr.070814-1500)] [C:\WINDOWS\system32\ieframe.dll] [Microsoft Corporation, 7.00.6000.16544 (vista_gdr.070814-1500)] [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)] [C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\shellexecutehook.dll] [GRISOFT s.r.o., 7, 5, 1, 36] [PID: 1900 / SYSTEM][C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe] [Lavasoft AB, 7, 0, 2, 3] [C:\Program Files\Lavasoft\Ad-Aware 2007\CEAPI.dll] [Lavasoft AB, 7, 0, 2, 3] [C:\Program Files\Lavasoft\Ad-Aware 2007\PKArchive84cb.dll] [PKWARE, Inc., 8.4.219.0] [C:\WINDOWS\system32\Normaliz.dll] [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)] [C:\WINDOWS\system32\iertutil.dll] [Microsoft Corporation, 7.00.6000.16544 (vista_gdr.070814-1500)] [C:\Program Files\Lavasoft\Ad-Aware 2007\Update.dll] [, 7, 0, 1, 3] [PID: 1964 / SYSTEM][C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe] [ALWIL Software, 4, 7, 1043, 0] [C:\Program Files\Alwil Software\Avast4\aswCmnS.dll] [ALWIL Software, 4, 7, 1043, 0] [C:\Program Files\Alwil Software\Avast4\aswCmnOS.dll] [ALWIL Software, 4, 7, 1043, 0] [C:\WINDOWS\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0] [C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4] [C:\Program Files\Alwil Software\Avast4\aswCmnB.dll] [ALWIL Software, 4, 7, 1043, 0] [PID: 160 / SYSTEM][C:\Program Files\Alwil Software\Avast4\ashServ.exe] [ALWIL Software, 4, 7, 1043, 0] [C:\Program Files\Alwil Software\Avast4\aswAux.dll] [ALWIL Software, 4, 7, 1043, 0] [C:\WINDOWS\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0] [C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4] [C:\Program Files\Alwil Software\Avast4\aswCmnB.dll] [ALWIL Software, 4, 7, 1043, 0] [C:\Program Files\Alwil Software\Avast4\aswCmnOS.dll] [ALWIL Software, 4, 7, 1043, 0] [C:\Program Files\Alwil Software\Avast4\aswEngin.dll] [ALWIL Software, 4, 7, 1043, 0] [C:\Program Files\Alwil Software\Avast4\aswScan.dll] [ALWIL Software, 4, 7, 1043, 0] [C:\Program Files\Alwil Software\Avast4\aswCmnS.dll] [ALWIL Software, 4, 7, 1043, 0] [C:\Program Files\Alwil Software\Avast4\ashBase.dll] [ALWIL Software, 4, 7, 1043, 0] [C:\Program Files\Alwil Software\Avast4\ashTask.dll] [ALWIL Software, 4, 7, 1043, 0] [C:\Program Files\Alwil Software\Avast4\aswInteg.dll] [ALWIL Software, 4, 7, 1043, 0] [C:\Program Files\Alwil Software\Avast4\aswIdle.dll] [ALWIL Software, 4, 7, 1043, 0] [C:\Program Files\Alwil Software\Avast4\Aavm4h.dll] [ALWIL Software, 4, 7, 1043, 0] [C:\Program Files\Alwil Software\Avast4\French\Base.dll] [ALWIL Software, 4, 7, 1038, 0] [C:\Program Files\Alwil Software\Avast4\UNACEV2.DLL] [N/A, ] [C:\Program Files\Alwil Software\Avast4\AhResMai.dll] [ALWIL Software, 4, 7, 1043, 0] [C:\Program Files\Alwil Software\Avast4\ahResMes.dll] [ALWIL Software, 4, 7, 1043, 0] [C:\Program Files\Alwil Software\Avast4\AhResNS.dll] [ALWIL Software, 4, 7, 1043, 0] [C:\Program Files\Alwil Software\Avast4\AhResOut.dll] [ALWIL Software, 4, 7, 1043, 0] [C:\Program Files\Alwil Software\Avast4\ahResP2P.dll] [ALWIL Software, 4, 7, 1043, 0] [C:\Program Files\Alwil Software\Avast4\AhResStd.dll] [ALWIL Software, 4, 7, 1043, 0] [C:\Program Files\Alwil Software\Avast4\AhResWS.dll] [ALWIL Software, 4, 7, 1043, 0] [C:\Program Files\Alwil Software\Avast4\ashSSqlt.dll] [ALWIL Software, 4, 7, 1043, 0] [PID: 492 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\hpzlnt04.dll] [HP, 2,80,0,0] [PID: 1132 / SYSTEM][C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe] [Apple, Inc., 1, 14, 0, 0] [PID: 1144 / SYSTEM][C:\WINDOWS\ATKKBService.exe] [ASUSTeK COMPUTER INC., 1, 0, 0, 0] [PID: 1276 / SYSTEM][C:\WINDOWS\System32 vsvc32.exe] [NVIDIA Corporation, 6.14.10.8265] [PID: 1320 / SYSTEM][C:\WINDOWS\System32 cpsvcs.exe] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)] [PID: 1448 / SERVICE LOCAL][C:\WINDOWS\system32\wdfmgr.exe] [Microsoft Corporation, 5.2.3790.1230 built by: dnsrv(bld4act)] [PID: 2172 / SYSTEM][C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe] [ALWIL Software, 4, 7, 1043, 0] [C:\Program Files\Alwil Software\Avast4\ashBase.dll] [ALWIL Software, 4, 7, 1043, 0] [C:\WINDOWS\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0] [C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4] [C:\Program Files\Alwil Software\Avast4\aswCmnOS.dll] [ALWIL Software, 4, 7, 1043, 0] [C:\Program Files\Alwil Software\Avast4\aswCmnB.dll] [ALWIL Software, 4, 7, 1043, 0] [C:\Program Files\Alwil Software\Avast4\aswCmnS.dll] [ALWIL Software, 4, 7, 1043, 0] [C:\Program Files\Alwil Software\Avast4\Aavm4h.dll] [ALWIL Software, 4, 7, 1043, 0] [C:\Program Files\Alwil Software\Avast4\ashTask.dll] [ALWIL Software, 4, 7, 1043, 0] [C:\Program Files\Alwil Software\Avast4\aswAux.dll] [ALWIL Software, 4, 7, 1043, 0] [C:\Program Files\Alwil Software\Avast4\AhResMai.dll] [ALWIL Software, 4, 7, 1043, 0] [C:\Program Files\Alwil Software\Avast4\French\Base.dll] [ALWIL Software, 4, 7, 1038, 0] [C:\Program Files\Alwil Software\Avast4\aswEngin.dll] [ALWIL Software, 4, 7, 1043, 0] [C:\Program Files\Alwil Software\Avast4\aswScan.dll] [ALWIL Software, 4, 7, 1043, 0] [C:\Program Files\Alwil Software\Avast4\ashUInt.dll] [ALWIL Software, 4, 7, 1043, 0] [C:\Program Files\Alwil Software\Avast4\XT1922.dll] [Codejock Software, 1, 9, 4, 0] [C:\WINDOWS\system32\MFC71.DLL] [Microsoft Corporation, 7.10.3077.0] [C:\Program Files\Alwil Software\Avast4\French\Lang.dll] [ALWIL Software, 4, 7, 1038, 0] [C:\Program Files\Alwil Software\Avast4\French\langmai.dll] [ALWIL Software, 4, 7, 1038, 0] [PID: 2196 / SYSTEM][C:\Program Files\Alwil Software\Avast4\ashWebSv.exe] [ALWIL Software, 4, 7, 1043, 0] [C:\Program Files\Alwil Software\Avast4\ashBase.dll] [ALWIL Software, 4, 7, 1043, 0] [C:\WINDOWS\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0] [C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4] [C:\Program Files\Alwil Software\Avast4\aswCmnOS.dll] [ALWIL Software, 4, 7, 1043, 0] [C:\Program Files\Alwil Software\Avast4\aswCmnB.dll] [ALWIL Software, 4, 7, 1043, 0] [C:\Program Files\Alwil Software\Avast4\aswCmnS.dll] [ALWIL Software, 4, 7, 1043, 0] [C:\Program Files\Alwil Software\Avast4\Aavm4h.dll] [ALWIL Software, 4, 7, 1043, 0] [C:\Program Files\Alwil Software\Avast4\ashTask.dll] [ALWIL Software, 4, 7, 1043, 0] [C:\Program Files\Alwil Software\Avast4\aswAux.dll] [ALWIL Software, 4, 7, 1043, 0] [C:\Program Files\Alwil Software\Avast4\French\Base.dll] [ALWIL Software, 4, 7, 1038, 0] [C:\Program Files\Alwil Software\Avast4\ashWsFtr.dll] [ALWIL Software, 4, 7, 1043, 0] [C:\Program Files\Alwil Software\Avast4\aswScan.dll] [ALWIL Software, 4, 7, 1043, 0] [C:\PROGRA~1\ALWILS~1\Avast4\AhResWs.dll] [ALWIL Software, 4, 7, 1043, 0] [C:\Program Files\Alwil Software\Avast4\aswEngin.dll] [ALWIL Software, 4, 7, 1043, 0] [PID: 2576 / SERVICE LOCAL][C:\WINDOWS\System32\alg.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 2608 / Julien][C:\WINDOWS\system32\wscntfy.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 3140 / Julien][C:\WINDOWS\RTHDCPL.EXE] [Realtek Semiconductor Corp., 2.0.7.3] [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)] [PID: 3172 / Julien][C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe] [GRISOFT s.r.o., 7, 5, 1, 43] [C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\engine.dll] [GRISOFT s.r.o., 4, 2, 0, 19] [PID: 3180 / Julien][C:\Program Files\iTunes\iTunesHelper.exe] [Apple Inc., 7.4.3.1] [C:\WINDOWS\system32\Normaliz.dll] [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)] [C:\WINDOWS\system32\iertutil.dll] [Microsoft Corporation, 7.00.6000.16544 (vista_gdr.070814-1500)] [C:\Program Files\iTunes\iTunesHelper.Resources\fr.lproj\iTunesHelperLocalized.DLL] [Apple Inc., 7.4.0.17] [C:\Program Files\iTunes\iTunesHelper.Resources\iTunesHelper.DLL] [Apple Inc., 7.4.3.1] [C:\Program Files\QuickTime\QTSystem\QuickTime.qts] [Apple Inc., 7.2] [C:\Program Files\QuickTime\QTSystem\CoreVideo.qtx] [Apple Computer, Inc., 7.2] [C:\Program Files\QuickTime\QTSystem\QuickTime3GPP.qtx] [Apple Inc., 7.2] [C:\Program Files\QuickTime\QTSystem\QuickTime3GPPAuthoring.qtx] [Apple Inc., 7.2] [C:\Program Files\QuickTime\QTSystem\QuickTimeAudioSupport.qtx] [Apple Computer, Inc., 7.2] [C:\Program Files\QuickTime\QTSystem\QuickTimeAuthoring.qtx] [Apple Inc., 7.2] [C:\Program Files\QuickTime\QTSystem\QuickTimeCapture.qtx] [Apple Inc., 7.2] [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)] [C:\Program Files\QuickTime\QTSystem\QuickTimeEffects.qtx] [Apple Inc., 7.2] [C:\Program Files\QuickTime\QTSystem\QuickTimeEssentials.qtx] [Apple Inc., 7.2] [C:\Program Files\QuickTime\QTSystem\QuickTimeH264.qtx] [Apple Inc., 7.2] [C:\Program Files\QuickTime\QTSystem\QuickTimeImage.qtx] [Apple Inc., 7.2] [C:\Program Files\QuickTime\QTSystem\QuickTimeInternetExtras.qtx] [Apple Inc., 7.2] [C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG.qtx] [Apple Inc., 7.2] [C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG4.qtx] [Apple Inc., 7.2] [C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG4Authoring.qtx] [Apple Inc., 7.2] [C:\Program Files\QuickTime\QTSystem\QuickTimeMusic.qtx] [Apple Inc., 7.2] [C:\Program Files\QuickTime\QTSystem\QuickTimeQD3D.qtx] [Apple Inc., 7.2] [C:\Program Files\QuickTime\QTSystem\QuickTimeStreaming.qtx] [Apple Inc., 7.2] [C:\Program Files\QuickTime\QTSystem\QuickTimeStreamingAuthoring.qtx] [Apple Inc., 7.2] [C:\Program Files\QuickTime\QTSystem\QuickTimeStreamingExtras.qtx] [Apple Inc., 7.2] [C:\Program Files\QuickTime\QTSystem\QuickTimeVR.qtx] [Apple Inc., 7.2] [C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\iTunesMobileDevice.dll] [Apple Inc., 7, 4, 104, 0] [PID: 3188 / Julien][C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe] [ALWIL Software, 4, 7, 1043, 0] [C:\PROGRA~1\ALWILS~1\Avast4\aswCmnOS.dll] [ALWIL Software, 4, 7, 1043, 0] [C:\WINDOWS\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0] [C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4] [C:\PROGRA~1\ALWILS~1\Avast4\ashBase.dll] [ALWIL Software, 4, 7, 1043, 0] [C:\PROGRA~1\ALWILS~1\Avast4\aswCmnB.dll] [ALWIL Software, 4, 7, 1043, 0] [C:\PROGRA~1\ALWILS~1\Avast4\aswCmnS.dll] [ALWIL Software, 4, 7, 1043, 0] [C:\PROGRA~1\ALWILS~1\Avast4\ashTask.dll] [ALWIL Software, 4, 7, 1043, 0] [C:\PROGRA~1\ALWILS~1\Avast4\aswAux.dll] [ALWIL Software, 4, 7, 1043, 0] [C:\PROGRA~1\ALWILS~1\Avast4\Aavm4h.dll] [ALWIL Software, 4, 7, 1043, 0] [C:\Program Files\Alwil Software\Avast4\French\Base.dll] [ALWIL Software, 4, 7, 1038, 0] [C:\Program Files\Alwil Software\Avast4\French\Lang.dll] [ALWIL Software, 4, 7, 1038, 0] [C:\WINDOWS\system32\MFC71.DLL] [Microsoft Corporation, 7.10.3077.0] [C:\PROGRA~1\ALWILS~1\Avast4\AavmRpch.dll] [ALWIL Software, 4, 7, 1043, 0] [c:\program files\alwil software\avast4\ahruimai.dll] [ALWIL Software, 4, 7, 1043, 0] [C:\PROGRA~1\ALWILS~1\Avast4\ashUInt.dll] [ALWIL Software, 4, 7, 1043, 0] [C:\PROGRA~1\ALWILS~1\Avast4\XT1922.dll] [Codejock Software, 1, 9, 4, 0] [c:\program files\alwil software\avast4\ahruimes.dll] [ALWIL Software, 4, 7, 1043, 0] [c:\program files\alwil software\avast4\ahruins.dll] [ALWIL Software, 4, 7, 1043, 0] [c:\program files\alwil software\avast4\ahruiout.dll] [ALWIL Software, 4, 7, 1043, 0] [C:\WINDOWS\system32\MAPI32.dll] [Microsoft Corporation, 1.0.2536.0 (XPClient.010817-1148)] [c:\program files\alwil software\avast4\ahruip2p.dll] [ALWIL Software, 4, 7, 1043, 0] [c:\program files\alwil software\avast4\ahruistd.dll] [ALWIL Software, 4, 7, 1043, 0] [c:\program files\alwil software\avast4\ahruiws.dll] [ALWIL Software, 4, 7, 1043, 0] [PID: 3200 / Julien][C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe] [Sun Microsystems, Inc., 6.0.30.5] [C:\WINDOWS\system32\Normaliz.dll] [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)] [C:\WINDOWS\system32\iertutil.dll] [Microsoft Corporation, 7.00.6000.16544 (vista_gdr.070814-1500)] [PID: 3232 / Julien][C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe] [HP, 2,80,0,0] [C:\WINDOWS\system32\spool\drivers\w32x86\3\HPZR3204.DLL] [HP, 2,80,0,0] [PID: 3244 / Julien][C:\WINDOWS\system32\ctfmon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 3516 / SYSTEM][C:\Program Files\iPod\bin\iPodService.exe] [Apple Inc., 7.4.3.1] [C:\Program Files\iPod\bin\iPodService.Resources\fr.lproj\iPodServiceLocalized.DLL] [Apple Inc., 7.4.0.17] [C:\Program Files\iPod\bin\iPodService.Resources\iPodService.DLL] [Apple Inc., 7.4.3.1] [PID: 4080 / Julien][C:\Program Files\Mozilla Firefox\firefox.exe] [Mozilla Corporation, 1.8.1.8: 2007100816] [C:\Program Files\Mozilla Firefox\js3250.dll] [Netscape Communications Corporation, 4.0] [C:\Program Files\Mozilla Firefox spr4.dll] [Netscape Communications Corporation, 4.6.7] [C:\Program Files\Mozilla Firefox\xpcom_core.dll] [Mozilla Foundation, 1.8.1.8: 2007100816] [C:\Program Files\Mozilla Firefox\plc4.dll] [Netscape Communications Corporation, 4.6.7] [C:\Program Files\Mozilla Firefox\plds4.dll] [Netscape Communications Corporation, 4.6.7] [C:\Program Files\Mozilla Firefox\smime3.dll] [Mozilla Foundation, 3.11.5 Basic ECC] [C:\Program Files\Mozilla Firefox ss3.dll] [Mozilla Foundation, 3.11.5 Basic ECC] [C:\Program Files\Mozilla Firefox\softokn3.dll] [Mozilla Foundation, 3.11.4 Basic ECC] [C:\Program Files\Mozilla Firefox\ssl3.dll] [Mozilla Foundation, 3.11.5 Basic ECC] [C:\Program Files\Mozilla Firefox\xpcom_compat.dll] [Mozilla Foundation, 1.8.1.8: 2007100816] [C:\Program Files\Mozilla Firefox\components\myspell.dll] [Mozilla Foundation, 1.8.1.8: 2007100816] [C:\Program Files\Mozilla Firefox\components\jar50.dll] [Mozilla Foundation, 1.8.1.8: 2007100816] [C:\Documents and Settings\Julien\Application Data\Mozilla\Firefox\Profiles\6cn91608.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\metrics.dll] [N/A, ] [C:\Program Files\Mozilla Firefox\xpcom.dll] [Mozilla Foundation, 1.8.1.8: 2007100816] [C:\Documents and Settings\Julien\Application Data\Mozilla\Firefox\Profiles\6cn91608.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\googletoolbar.dll] [N/A, ] [C:\WINDOWS\system32\Normaliz.dll] [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)] [C:\WINDOWS\system32\iertutil.dll] [Microsoft Corporation, 7.00.6000.16544 (vista_gdr.070814-1500)] [C:\Program Files\Mozilla Firefox\freebl3.dll] [Mozilla Foundation, 3.11.4 Basic ECC] [C:\Program Files\Mozilla Firefox ssckbi.dll] [Mozilla Foundation, 1.64] [C:\Program Files\Mozilla Firefox\components\spellchk.dll] [Mozilla Foundation, 1.8.1.8: 2007100816] [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)] [C:\Program Files\Mozilla Firefox\plugins\NPSWF32.dll] [, ] [C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\shellexecutehook.dll] [GRISOFT s.r.o., 7, 5, 1, 36] [PID: 920 / Julien][C:\Documents and Settings\Julien\Bureau\SREngPS.EXE] [Smallfrogs Studio, 2.5.16.900] [C:\WINDOWS\system32\Normaliz.dll] [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)] [C:\WINDOWS\system32\iertutil.dll] [Microsoft Corporation, 7.00.6000.16544 (vista_gdr.070814-1500)] [C:\Documents and Settings\Julien\Bureau\Upload\3rdUpd.DLL] [Smallfrogs Studio, 2, 1, 0, 15] ================================== File Associations .TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1] .EXE OK. ["%1" %*] .COM OK. ["%1" %*] .PIF OK. ["%1" %*] .REG OK. [regedit.exe "%1"] .BAT OK. ["%1" %*] .SCR OK. ["%1" /S] .CHM OK. ["C:\WINDOWS\hh.exe" %1] .HLP OK. [%SystemRoot%\System32\winhlp32.exe %1] .INI OK. [%SystemRoot%\System32\NOTEPAD.EXE %1] .INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1] .VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*] .JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*] .LNK OK. [{00021401-0000-0000-C000-000000000046}] ================================== Winsock Provider N/A ================================== Autorun.Inf N/A ================================== HOSTS File 127.0.0.1 localhost 127.0.0.1 007guard.com 127.0.0.1 www.007guard.com 127.0.0.1 008i.com 127.0.0.1 008k.com 127.0.0.1 www.008k.com 127.0.0.1 00hq.com 127.0.0.1 www.00hq.com 127.0.0.1 010402.com 127.0.0.1 032439.com 127.0.0.1 www.032439.com 127.0.0.1 1001-search.info 127.0.0.1 www.1001-search.info 127.0.0.1 100888290cs.com 127.0.0.1 www.100888290cs.com 127.0.0.1 100sexlinks.com 127.0.0.1 www.100sexlinks.com 127.0.0.1 10sek.com 127.0.0.1 www.10sek.com 127.0.0.1 123topsearch.com 127.0.0.1 www.123topsearch.com 127.0.0.1 132.com 127.0.0.1 www.132.com 127.0.0.1 136136.net 127.0.0.1 www.136136.net 127.0.0.1 139mm.com 127.0.0.1 www.139mm.com 127.0.0.1 163ns.com 127.0.0.1 www.163ns.com 127.0.0.1 171203.com 127.0.0.1 17-plus.com 127.0.0.1 1800searchonline.com 127.0.0.1 www.1800searchonline.com 127.0.0.1 180searchassistant.com 127.0.0.1 www.180searchassistant.com 127.0.0.1 180solutions.com 127.0.0.1 www.180solutions.com 127.0.0.1 181.365soft.info 127.0.0.1 www.181.365soft.info 127.0.0.1 1987324.com 127.0.0.1 www.1987324.com 127.0.0.1 1-domains-registrations.com 127.0.0.1 www.1-domains-registrations.com 127.0.0.1 1-extreme.biz 127.0.0.1 www.1-extreme.biz 127.0.0.1 1sexparty.com 127.0.0.1 www.1sexparty.com 127.0.0.1 1stantivirus.com 127.0.0.1 www.1stantivirus.com 127.0.0.1 1stpagehere.com 127.0.0.1 www.1stpagehere.com 127.0.0.1 1stsearchportal.com 127.0.0.1 www.1stsearchportal.com 127.0.0.1 2.82211.net 127.0.0.1 www.2006ooo.com 127.0.0.1 2007-download.com 127.0.0.1 www.2007-download.com 127.0.0.1 2020search.com 127.0.0.1 www.2020search.com 127.0.0.1 20x2p.com 127.0.0.1 24.365soft.info 127.0.0.1 www.24.365soft.info 127.0.0.1 24-7pharmacy.info 127.0.0.1 www.24-7pharmacy.info 127.0.0.1 24-7searching-and-more.com 127.0.0.1 www.24-7searching-and-more.com 127.0.0.1 24teen.com 127.0.0.1 www.24teen.com 127.0.0.1 2every.net 127.0.0.1 www.2every.net 127.0.0.1 2ndpower.com 127.0.0.1 2search.com 127.0.0.1 www.2search.com 127.0.0.1 2search.org 127.0.0.1 www.2search.org 127.0.0.1 2squared.com 127.0.0.1 www.2squared.com 127.0.0.1 3322.org 127.0.0.1 www.3322.org 127.0.0.1 365soft.info 127.0.0.1 36site.com 127.0.0.1 www.36site.com 127.0.0.1 3721.com 127.0.0.1 39-93.com 127.0.0.1 3abetterinternet.com 127.0.0.1 www.3abetterinternet.com 127.0.0.1 3bay.it 127.0.0.1 www.3bay.it 127.0.0.1 3ebay.it 127.0.0.1 www.3ebay.it 127.0.0.1 404dns.com 127.0.0.1 www.404dns.com 127.0.0.1 4199.com 127.0.0.1 www.4199.com 127.0.0.1 4corn.net 127.0.0.1 www.4corn.net 127.0.0.1 4ebay.it 127.0.0.1 www.4ebay.it 127.0.0.1 4klm.com 127.0.0.1 4repubblica.it 127.0.0.1 www.4repubblica.it 127.0.0.1 4softget.com 127.0.0.1 www.4softget.com 127.0.0.1 5iscali.it 127.0.0.1 www.5iscali.it 127.0.0.1 5repubblica.it 127.0.0.1 www.5repubblica.it 127.0.0.1 5starvideos.com 127.0.0.1 www.5starvideos.com 127.0.0.1 5tiscali.it 127.0.0.1 www.5tiscali.it 127.0.0.1 5zgmu7o20kt5d8yq.com 127.0.0.1 www.5zgmu7o20kt5d8yq.com 127.0.0.1 6iscali.it 127.0.0.1 www.6iscali.it 127.0.0.1 6sek.com 127.0.0.1 www.6sek.com 127.0.0.1 6tiscali.it 127.0.0.1 www.6tiscali.it 127.0.0.1 7322.com 127.0.0.1 www.7322.com 127.0.0.1 75tz.com 127.0.0.1 777search.com 127.0.0.1 www.777search.com 127.0.0.1 777top.com 127.0.0.1 www.777top.com 127.0.0.1 7939.com 127.0.0.1 www.7939.com 127.0.0.1 7search.com 127.0.0.1 www.7search.com 127.0.0.1 80gw6ry3i3x3qbrkwhxhw.032439.com 127.0.0.1 82211.net 127.0.0.1 8866.org 127.0.0.1 888.com 127.0.0.1 www.888.com 127.0.0.1 8ad.com 127.0.0.1 www.8ad.com 127.0.0.1 9505.com 127.0.0.1 www.9505.com 127.0.0.1 971searchbox.com 127.0.0.1 www.971searchbox.com 127.0.0.1 a.bestmanage.org 127.0.0.1 aaasexypics.com 127.0.0.1 aaawebfinder.com 127.0.0.1 www.aaawebfinder.com 127.0.0.1 aavc.com 127.0.0.1 abc-find.info 127.0.0.1 www.abc-find.info 127.0.0.1 abetterinternet.com 127.0.0.1 www.abetterinternet.com 127.0.0.1 abnetsoft.info 127.0.0.1 www.abnetsoft.info 127.0.0.1 aboutclicker.com 127.0.0.1 www.aboutclicker.com 127.0.0.1 abrp.net 127.0.0.1 www.abrp.net 127.0.0.1 absolutee.com 127.0.0.1 www.absolutee.com 127.0.0.1 abyssmedia.com 127.0.0.1 www.abyssmedia.com 127.0.0.1 ac66.cn 127.0.0.1 www.ac66.cn 127.0.0.1 access.Navinetwork.com 127.0.0.1 access.rapid-pass.net 127.0.0.1 accessactivexvideo.com 127.0.0.1 www.accessactivexvideo.com 127.0.0.1 accessclips.com 127.0.0.1 www.accessclips.com 127.0.0.1 access-dvd.com 127.0.0.1 www.access-dvd.com 127.0.0.1 accesskeygenerator.com 127.0.0.1 www.accesskeygenerator.com 127.0.0.1 accessorygeeks.com 127.0.0.1 www.accessorygeeks.com 127.0.0.1 accessthefuture.net 127.0.0.1 www.accessthefuture.net 127.0.0.1 accessvid.net 127.0.0.1 www.accessvid.net 127.0.0.1 acemedic.com 127.0.0.1 www.acemedic.com 127.0.0.1 ace-webmaster.com 127.0.0.1 www.ace-webmaster.com 127.0.0.1 acjp.com 127.0.0.1 acrobat-2007.com 127.0.0.1 www.acrobat-2007.com 127.0.0.1 acrobat-8.com 127.0.0.1 www.acrobat-8.com 127.0.0.1 acrobat-center.com 127.0.0.1 www.acrobat-center.com 127.0.0.1 acrobat-hq.com 127.0.0.1 www.acrobat-hq.com 127.0.0.1 acrobatreader-8.com 127.0.0.1 www.acrobatreader-8.com 127.0.0.1 acrobat-reader-8.de 127.0.0.1 www.acrobat-reader-8.de 127.0.0.1 acrobat-stop.com 127.0.0.1 www.acrobat-stop.com 127.0.0.1 actionbreastcancer.org 127.0.0.1 www.actionbreastcancer.org 127.0.0.1 activesearcher.info 127.0.0.1 www.activesearcher.info 127.0.0.1 activexaccessobject.com 127.0.0.1 www.activexaccessobject.com 127.0.0.1 activexaccessvideo.com 127.0.0.1 www.activexaccessvideo.com 127.0.0.1 activexemedia.com 127.0.0.1 www.activexemedia.com 127.0.0.1 activexmediaobject.com 127.0.0.1 www.activexmediaobject.com 127.0.0.1 activexmediapro.com 127.0.0.1 www.activexmediapro.com 127.0.0.1 activexmediasite.com 127.0.0.1 www.activexmediasite.com 127.0.0.1 activexmediasoftware.com 127.0.0.1 www.activexmediasoftware.com 127.0.0.1 activexmediasource.com 127.0.0.1 www.activexmediasource.com 127.0.0.1 activexmediatool.com 127.0.0.1 www.activexmediatool.com 127.0.0.1 activexmediatour.com 127.0.0.1 www.activexmediatour.com 127.0.0.1 activexsoftwares.com 127.0.0.1 www.activexsoftwares.com 127.0.0.1 activexsource.com 127.0.0.1 www.activexsource.com 127.0.0.1 activexupdate.com 127.0.0.1 www.activexupdate.com 127.0.0.1 activexvideo.com 127.0.0.1 www.activexvideo.com 127.0.0.1 activexvideotool.com 127.0.0.1 www.activexvideotool.com 127.0.0.1 ad.marketingsector.com 127.0.0.1 www.ad.marketingsector.com 127.0.0.1 ad.mokead.com 127.0.0.1 www.ad.mokead.com 127.0.0.1 ad.yieldmanager.com 127.0.0.1 www.ad.yieldmanager.com 127.0.0.1 ad25.com 127.0.0.1 ad45.com 127.0.0.1 ad77.com 127.0.0.1 ad86.com 127.0.0.1 adamsupportgroup.org 127.0.0.1 www.adamsupportgroup.org 127.0.0.1 adarmor.com 127.0.0.1 www.adarmor.com 127.0.0.1 adasearch.com 127.0.0.1 www.adasearch.com 127.0.0.1 adaware.cc 127.0.0.1 adawarenow.com 127.0.0.1 www.adawarenow.com 127.0.0.1 addictivetechnologies.com 127.0.0.1 www.addictivetechnologies.com 127.0.0.1 addictivetechnologies.net 127.0.0.1 www.addictivetechnologies.net 127.0.0.1 add-manager.com 127.0.0.1 www.add-manager.com 127.0.0.1 adgate.info 127.0.0.1 www.adgate.info 127.0.0.1 adipics.com 127.0.0.1 www.adipics.com 127.0.0.1 admin2cash.biz 127.0.0.1 www.admin2cash.biz 127.0.0.1 adnet-plus.com 127.0.0.1 adobe-download-now.com 127.0.0.1 adobe-downloads.com 127.0.0.1 www.adobe-downloads.com 127.0.0.1 adobe-reader-8.fr 127.0.0.1 www.adobe-reader-8.fr 127.0.0.1 adprotect.com 127.0.0.1 www.adprotect.com 127.0.0.1 ads.centralmedia.ws 127.0.0.1 ads.k8l.info 127.0.0.1 ads.kmpads.com 127.0.0.1 ads.marketingsector.com 127.0.0.1 ads.searchingbooth.com 127.0.0.1 ads.z-quest.com 127.0.0.1 ads183.com 127.0.0.1 www.ads183.com 127.0.0.1 adscontex.com 127.0.0.1 www.adscontex.com 127.0.0.1 adservices1.enhance.com 127.0.0.1 www.adservices1.enhance.com 127.0.0.1 adservs.com 127.0.0.1 adsextend.net 127.0.0.1 www.adsextend.net 127.0.0.1 adshttp.com 127.0.0.1 www.adshttp.com 127.0.0.1 adsonwww.com 127.0.0.1 www.adsonwww.com 127.0.0.1 adspics.com 127.0.0.1 www.adspics.com 127.0.0.1 adtrak.net 127.0.0.1 www.adtrak.net 127.0.0.1 adtrgt.com 127.0.0.1 adult777search.info 127.0.0.1 www.adult777search.info 127.0.0.1 adultan.com 127.0.0.1 www.adultan.com 127.0.0.1 adult-engine-search.com 127.0.0.1 www.adult-engine-search.com 127.0.0.1 adult-erotic-guide.net 127.0.0.1 www.adult-erotic-guide.net 127.0.0.1 adultfilmsite.com 127.0.0.1 www.adultfilmsite.com 127.0.0.1 adult-friends-finder.net 127.0.0.1 www.adult-friends-finder.net 127.0.0.1 adultgambling.org 127.0.0.1 adult-host.org 127.0.0.1 adulthyperlinks.com 127.0.0.1 www.adulthyperlinks.com 127.0.0.1 adultmovieplus.com 127.0.0.1 www.adultmovieplus.com 127.0.0.1 adult-personal.us 127.0.0.1 adultsgames.net 127.0.0.1 adultsper.com 127.0.0.1 www.adultsper.com 127.0.0.1 adulttds.com 127.0.0.1 www.adulttds.com 127.0.0.1 adultzoneworld.com 127.0.0.1 www.adultzoneworld.com 127.0.0.1 advcash.biz 127.0.0.1 www.advcash.biz 127.0.0.1 advert.exaccess.ru 127.0.0.1 advertisemoney.info 127.0.0.1 www.advertisemoney.info 127.0.0.1 advertising.paltalk.com 127.0.0.1 advertising-money.info 127.0.0.1 www.advertising-money.info 127.0.0.1 ad-ware.cc 127.0.0.1 ad-w-a-r-e.com 127.0.0.1 www.ad-w-a-r-e.com 127.0.0.1 a-d-w-a-r-e.com 127.0.0.1 www.a-d-w-a-r-e.com 127.0.0.1 adwarebazooka.com 127.0.0.1 www.adwarebazooka.com 127.0.0.1 adwarefinder.com 127.0.0.1 www.adwarefinder.com 127.0.0.1 adwareprotectionsite.com 127.0.0.1 www.adwareprotectionsite.com 127.0.0.1 adwarepunisher.com 127.0.0.1 www.adwarepunisher.com 127.0.0.1 aflgate.com 127.0.0.1 www.aflgate.com 127.0.0.1 africaspromise.org 127.0.0.1 agava.com 127.0.0.1 agava.ru 127.0.0.1 agentstudio.com 127.0.0.1 aginegialle.it 127.0.0.1 www.aginegialle.it 127.0.0.1 www.aifind.info 127.0.0.1 aifind.info 127.0.0.1 airtleworld.com 127.0.0.1 www.airtleworld.com 127.0.0.1 aitalia.it 127.0.0.1 www.aitalia.it 127.0.0.1 akamai.downloadv3.com 127.0.0.1 aklitalia.it 127.0.0.1 www.aklitalia.it 127.0.0.1 akril.com 127.0.0.1 alcatel.ws 127.0.0.1 alfacleaner.com 127.0.0.1 www.alfacleaner.com 127.0.0.1 alfa-search.com 127.0.0.1 alialia.it 127.0.0.1 www.alialia.it 127.0.0.1 aliotalia.it 127.0.0.1 www.aliotalia.it 127.0.0.1 alirtalia.it 127.0.0.1 www.alirtalia.it 127.0.0.1 alitaia.it 127.0.0.1 www.alitaia.it 127.0.0.1 alitaklia.it 127.0.0.1 www.alitaklia.it 127.0.0.1 alitala.it 127.0.0.1 www.alitala.it 127.0.0.1 alitali.it 127.0.0.1 www.alitali.it 127.0.0.1 alitaliaq.it 127.0.0.1 www.alitaliaq.it 127.0.0.1 alitalias.it 127.0.0.1 www.alitalias.it 127.0.0.1 alitaliaz.it 127.0.0.1 www.alitaliaz.it 127.0.0.1 alitalioa.it 127.0.0.1 www.alitalioa.it 127.0.0.1 alitalisa.it 127.0.0.1 www.alitalisa.it 127.0.0.1 alitaliua.it 127.0.0.1 www.alitaliua.it 127.0.0.1 alitalkia.it 127.0.0.1 www.alitalkia.it 127.0.0.1 alitaloia.it 127.0.0.1 www.alitaloia.it 127.0.0.1 alitaluia.it 127.0.0.1 www.alitaluia.it 127.0.0.1 alitaslia.it 127.0.0.1 www.alitaslia.it 127.0.0.1 alitlia.it 127.0.0.1 www.alitlia.it 127.0.0.1 alitralia.it 127.0.0.1 www.alitralia.it 127.0.0.1 alitsalia.it 127.0.0.1 www.alitsalia.it 127.0.0.1 aliutalia.it 127.0.0.1 www.aliutalia.it 127.0.0.1 ALL1COUNT.NET 127.0.0.1 www.ALL1COUNT.NET 127.0.0.1 all4internet.com 127.0.0.1 www.all4internet.com 127.0.0.1 allabtcars.com 127.0.0.1 allabtjeeps.com 127.0.0.1 all-bittorrent.com 127.0.0.1 www.all-bittorrent.com 127.0.0.1 www.allcybersearch.com 127.0.0.1 allcybersearch.com 127.0.0.1 alldnserrors.com 127.0.0.1 www.alldnserrors.com 127.0.0.1 all-downloads-now.com 127.0.0.1 www.all-downloads-now.com 127.0.0.1 all-edonkey.com 127.0.0.1 www.all-edonkey.com 127.0.0.1 allforadult.com 127.0.0.1 allhyperlinks.com 127.0.0.1 alliesecurity.com 127.0.0.1 www.alliesecurity.com 127.0.0.1 all-inet.com 127.0.0.1 allinternetbusiness.com 127.0.0.1 all-limewire.com 127.0.0.1 www.all-limewire.com 127.0.0.1 allmegabucks.com 127.0.0.1 www.allmegabucks.com 127.0.0.1 allprotections.com 127.0.0.1 www.allprotections.com 127.0.0.1 allresultz.net 127.0.0.1 www.allresultz.net 127.0.0.1 allsecuritynotes.com 127.0.0.1 www.allsecuritynotes.com 127.0.0.1 allsecuritysite.com 127.0.0.1 www.allsecuritysite.com 127.0.0.1 allstarsvideos.net 127.0.0.1 www.allstarsvideos.net 127.0.0.1 alltruesoftware.com 127.0.0.1 www.alltruesoftware.com 127.0.0.1 allvideoactivex.com 127.0.0.1 www.allvideoactivex.com 127.0.0.1 almanah.biz 127.0.0.1 www.almanah.biz 127.0.0.1 almarvideos.com 127.0.0.1 aloitalia.it 127.0.0.1 www.aloitalia.it 127.0.0.1 aluitalia.it 127.0.0.1 www.aluitalia.it 127.0.0.1 amaena.com 127.0.0.1 www.amaena.com 127.0.0.1 amandamountains.com 127.0.0.1 amateurliveshow.com 127.0.0.1 www.amateurliveshow.com 127.0.0.1 amediasoftware.com 127.0.0.1 www.amediasoftware.com 127.0.0.1 amediasource.com 127.0.0.1 www.amediasource.com 127.0.0.1 americancarbargains.com 127.0.0.1 www.americancarbargains.com 127.0.0.1 american-teens.net 127.0.0.1 amigeek.com 127.0.0.1 amisbusiness.com 127.0.0.1 ampmsearch.com 127.0.0.1 www.ampmsearch.com 127.0.0.1 analcord.com 127.0.0.1 www.analcord.com 127.0.0.1 analmovi.com 127.0.0.1 anarchylolita.com 127.0.0.1 www.anarchylolita.com 127.0.0.1 anarchyporn.com 127.0.0.1 andromedical.com 127.0.0.1 www.andromedical.com 127.0.0.1 animepornmag.com 127.0.0.1 www.animepornmag.com 127.0.0.1 anin.org 127.0.0.1 anjpn-avxiz.biz 127.0.0.1 www.anjpn-avxiz.biz 127.0.0.1 anjpnzqav.biz 127.0.0.1 www.anjpnzqav.biz 127.0.0.1 anjpn-zqav.biz 127.0.0.1 www.anjpn-zqav.biz 127.0.0.1 annaromeo.com 127.0.0.1 antiddos.us 127.0.0.1 www.antiddos.us 127.0.0.1 Antiespiadorado.com 127.0.0.1 www.Antiespiadorado.com 127.0.0.1 Antiespionspack.com 127.0.0.1 www.Antiespionspack.com 127.0.0.1 Antigusanos2008.com 127.0.0.1 www.Antigusanos2008.com 127.0.0.1 Antispionage.com 127.0.0.1 www.Antispionage.com 127.0.0.1 Antispionagepro.com 127.0.0.1 www.Antispionagepro.com 127.0.0.1 antispydns.biz 127.0.0.1 www.antispydns.biz 127.0.0.1 antispylab.com 127.0.0.1 www.antispylab.com 127.0.0.1 antispysolutions.com 127.0.0.1 www.antispysolutions.com 127.0.0.1 antispyware.com 127.0.0.1 www.antispyware.com 127.0.0.1 antispywarebot.com 127.0.0.1 www.antispywarebot.com 127.0.0.1 antispywarebox.com 127.0.0.1 www.antispywarebox.com 127.0.0.1 antispywaredownloads.com 127.0.0.1 www.antispywaredownloads.com 127.0.0.1 Antispywaresuite.com 127.0.0.1 www.Antispywaresuite.com 127.0.0.1 Antispyweb.net 127.0.0.1 www.Antispyweb.net 127.0.0.1 Antiver2008.com 127.0.0.1 www.Antiver2008.com 127.0.0.1 antivermins.com 127.0.0.1 www.antivermins.com 127.0.0.1 anti-vermins.com 127.0.0.1 www.anti-vermins.com 127.0.0.1 antivir2007.com 127.0.0.1 www.antivir2007.com 127.0.0.1 antivirgear.com 127.0.0.1 www.antivirgear.com 127.0.0.1 antivirus.fastfreedownload.com 127.0.0.1 www.antivirus.fastfreedownload.com 127.0.0.1 antivirusgolden.com 127.0.0.1 www.antivirusgolden.com 127.0.0.1 antivirus-hq.net 127.0.0.1 www.antivirus-hq.net 127.0.0.1 anti-virus-pro.com 127.0.0.1 www.anti-virus-pro.com 127.0.0.1 antivirusprotector.com 127.0.0.1 www.antivirusprotector.com 127.0.0.1 antivirussecuritypro.com 127.0.0.1 www.antivirussecuritypro.com 127.0.0.1 antivirus-stop.com 127.0.0.1 www.antivirus-stop.com 127.0.0.1 Antiworm2008.com 127.0.0.1 www.Antiworm2008.com 127.0.0.1 Antiwurm2008.com 127.0.0.1 www.Antiwurm2008.com 127.0.0.1 antrocity.com 127.0.0.1 anyofus.com 127.0.0.1 www.anyofus.com 127.0.0.1 anysn.seproger.com 127.0.0.1 www.anysn.seproger.com 127.0.0.1 anything4health.com 127.0.0.1 apicpreview.com 127.0.0.1 www.apicpreview.com 127.0.0.1 apmebf.com 127.0.0.1 www.apmebf.com 127.0.0.1 appealcircuit.com 127.0.0.1 www.appealcircuit.com 127.0.0.1 approvedlinks.com 127.0.0.1 www.approvedlinks.com 127.0.0.1 apps.deskwizz.com 127.0.0.1 apps.webservicehost.com 127.0.0.1 aprotectedpage.com 127.0.0.1 www.aprotectedpage.com 127.0.0.1 apsua.com 127.0.0.1 archiviosex.net 127.0.0.1 www.archiviosex.net 127.0.0.1 aregay.com 127.0.0.1 ares-freebie.com 127.0.0.1 www.ares-freebie.com 127.0.0.1 arespro2007.com 127.0.0.1 www.arespro2007.com 127.0.0.1 aresultra.com 127.0.0.1 www.aresultra.com 127.0.0.1 ares-usa.com 127.0.0.1 www.ares-usa.com 127.0.0.1 arheo.com 127.0.0.1 arizonaweb.org 127.0.0.1 armitageinn.com 127.0.0.1 arquivojpgs.smtp.ru 127.0.0.1 www.arquivojpgs.smtp.ru 127.0.0.1 artachnid.com 127.0.0.1 art-func.com 127.0.0.1 art-xxx.com 127.0.0.1 asafebrowser.com 127.0.0.1 www.asafebrowser.com 127.0.0.1 asafetynotice.com 127.0.0.1 www.asafetynotice.com 127.0.0.1 asafetypage.com 127.0.0.1 www.asafetypage.com 127.0.0.1 asdbiz.biz 127.0.0.1 www.asdbiz.biz 127.0.0.1 asdeykuddq.com 127.0.0.1 www.asdeykuddq.com 127.0.0.1 asecurebar.com 127.0.0.1 www.asecurebar.com 127.0.0.1 asecureboard.com 127.0.0.1 www.asecureboard.com 127.0.0.1 asecurevalue.com 127.0.0.1 www.asecurevalue.com 127.0.0.1 asecurityissue.com 127.0.0.1 www.asecurityissue.com 127.0.0.1 asecuritynotice.com 127.0.0.1 www.asecuritynotice.com 127.0.0.1 asecuritypaper.com 127.0.0.1 www.asecuritypaper.com 127.0.0.1 asecuritystuff.com 127.0.0.1 www.asecuritystuff.com 127.0.0.1 asiankingkong.com 127.0.0.1 asianpornmag.com 127.0.0.1 www.asianpornmag.com 127.0.0.1 asiantoolbar.com 127.0.0.1 www.asiantoolbar.com 127.0.0.1 asidseiupc.com 127.0.0.1 www.asidseiupc.com 127.0.0.1 aslitalia.it 127.0.0.1 www.aslitalia.it 127.0.0.1 ass-gals.com 127.0.0.1 assureprotection.com 127.0.0.1 www.assureprotection.com 127.0.0.1 asta-killer.com 127.0.0.1 asupereva.it 127.0.0.1 www.asupereva.it 127.0.0.1 athenrye.com 127.0.0.1 atotalsafety.com 127.0.0.1 www.atotalsafety.com 127.0.0.1 atrueprotection.com 127.0.0.1 www.atrueprotection.com 127.0.0.1 atruesecurity.com 127.0.0.1 www.atruesecurity.com 127.0.0.1 attackware.com 127.0.0.1 www.attackware.com 127.0.0.1 attrezzi.biz 127.0.0.1 www.attrezzi.biz 127.0.0.1 aulde.net 127.0.0.1 www.aulde.net 127.0.0.1 aupereva.it 127.0.0.1 www.aupereva.it 127.0.0.1 autocontext.begun.ru 127.0.0.1 www.autocontext.begun.ru 127.0.0.1 autoescrowpay.com 127.0.0.1 avast.free-software-center.com 127.0.0.1 www.avast.free-software-center.com 127.0.0.1 avast-2007.com 127.0.0.1 www.avast-2007.com 127.0.0.1 avast-downloads.com 127.0.0.1 www.avast-downloads.com 127.0.0.1 avast-hq.com 127.0.0.1 www.avast-hq.com 127.0.0.1 avforce.com 127.0.0.1 www.avforce.com 127.0.0.1 avg.grab-it-today.net 127.0.0.1 www.avg.grab-it-today.net 127.0.0.1 avg.softwarecenterz.com 127.0.0.1 www.avg.softwarecenterz.com 127.0.0.1 avg-secure.com 127.0.0.1 www.avg-secure.com 127.0.0.1 avian-ads.com 127.0.0.1 avideoaxaccess.com 127.0.0.1 www.avideoaxaccess.com 127.0.0.1 avideosurfer.com 127.0.0.1 www.avideosurfer.com 127.0.0.1 aviewersoft.com 127.0.0.1 www.aviewersoft.com 127.0.0.1 avpcheckupdate.com 127.0.0.1 www.avpcheckupdate.com 127.0.0.1 avxizaaqada.biz 127.0.0.1 www.avxizaaqada.biz 127.0.0.1 avxiz-anjpn.biz 127.0.0.1 www.avxiz-anjpn.biz 127.0.0.1 avxizueorn.biz 127.0.0.1 www.avxizueorn.biz 127.0.0.1 avxiz-ueorn.biz 127.0.0.1 www.avxiz-ueorn.biz 127.0.0.1 avxiz-vtvcp.biz 127.0.0.1 www.avxiz-vtvcp.biz 127.0.0.1 avxiz-ygco.biz 127.0.0.1 www.avxiz-ygco.biz 127.0.0.1 avxiz-zqav.biz 127.0.0.1 www.avxiz-zqav.biz 127.0.0.1 awarninglist.com 127.0.0.1 www.awarninglist.com 127.0.0.1 awbeta.net-nucleus.com 127.0.0.1 awesomehomepage.com 127.0.0.1 www.awesomehomepage.com 127.0.0.1 awmcash.biz 127.0.0.1 awmdabest.com 127.0.0.1 axemediasoftware.com 127.0.0.1 www.axemediasoftware.com 127.0.0.1 aximageobject.com 127.0.0.1 www.aximageobject.com 127.0.0.1 axmediaproject.com 127.0.0.1 www.axmediaproject.com 127.0.0.1 axmediasoftware.com 127.0.0.1 www.axmediasoftware.com 127.0.0.1 axmediasolutions.com 127.0.0.1 www.axmediasolutions.com 127.0.0.1 axobjectpage.com 127.0.0.1 www.axobjectpage.com 127.0.0.1 axobjectsource.com 127.0.0.1 www.axobjectsource.com 127.0.0.1 axsoftwaretool.com 127.0.0.1 www.axsoftwaretool.com 127.0.0.1 axvideoproject.com 127.0.0.1 www.axvideoproject.com 127.0.0.1 axvideosetup.com 127.0.0.1 www.axvideosetup.com 127.0.0.1 ayakawamura.com 127.0.0.1 ayb.dns-look-up.com 127.0.0.1 ayb.netbios-wait.com 127.0.0.1 ayumitaniguchi.com 127.0.0.1 azebar.com 127.0.0.1 azureusclub.com 127.0.0.1 www.azureusclub.com 127.0.0.1 azureus-freebie.com 127.0.0.1 www.azureus-freebie.com 127.0.0.1 azzetta.it 127.0.0.1 www.azzetta.it 127.0.0.1 b.casalemedia.com 127.0.0.1 babe.k-lined.com 127.0.0.1 www.babe.k-lined.com 127.0.0.1 babe.the-killer.bz 127.0.0.1 www.babe.the-killer.bz 127.0.0.1 babenet.com 127.0.0.1 www.babenet.com 127.0.0.1 babespornmag.com 127.0.0.1 www.babespornmag.com 127.0.0.1 babeweb.de 127.0.0.1 www.babeweb.de 127.0.0.1 baccarat-other.info 127.0.0.1 www.baccarat-other.info 127.0.0.1 Backstripgirls.com 127.0.0.1 www.Backstripgirls.com 127.0.0.1 backup.mabou.org 127.0.0.1 balotierra.com 127.0.0.1 www.balotierra.com 127.0.0.1 bannedhost.net 127.0.0.1 barbudafarms.com 127.0.0.1 bardownload.com 127.0.0.1 www.bardownload.com 127.0.0.1 barnandfence.com 127.0.0.1 batsearch.com 127.0.0.1 baygraphicsllc.com 127.0.0.1 bbbsearch.com 127.0.0.1 bb-search.com 127.0.0.1 bdsmlibrary.net 127.0.0.1 bdsmpornmag.com 127.0.0.1 www.bdsmpornmag.com 127.0.0.1 bearshare.download-me.info 127.0.0.1 www.bearshare.download-me.info 127.0.0.1 bearshare.mp3-muzic.com 127.0.0.1 www.bearshare.mp3-muzic.com 127.0.0.1 bearshare-download.org 127.0.0.1 www.bearshare-download.org 127.0.0.1 bearshare-downloads.net 127.0.0.1 www.bearshare-downloads.net 127.0.0.1 bearsharelive.co.uk 127.0.0.1 www.bearsharelive.co.uk 127.0.0.1 bearshare-music-downloads.com 127.0.0.1 www.bearshare-music-downloads.com 127.0.0.1 bearsharepro2007.com 127.0.0.1 www.bearsharepro2007.com 127.0.0.1 bearshare-usa.com 127.0.0.1 www.bearshare-usa.com 127.0.0.1 bedhome.com 127.0.0.1 bediadance.com 127.0.0.1 beebappyy.biz 127.0.0.1 www.beebappyy.biz 127.0.0.1 begin2search.com 127.0.0.1 www.begin2search.com 127.0.0.1 bellabasketsfl.com 127.0.0.1 bernaolatwin.com 127.0.0.1 best-counter.com 127.0.0.1 bestcrawler.com 127.0.0.1 bestfor.ru 127.0.0.1 best-hardpics.com 127.0.0.1 bestmanage.org 127.0.0.1 www.bestmanage.org 127.0.0.1 bestmanage0.org 127.0.0.1 www.bestmanage0.org 127.0.0.1 bestmanage1.org 127.0.0.1 www.bestmanage1.org 127.0.0.1 bestmanage2.org 127.0.0.1 www.bestmanage2.org 127.0.0.1 bestmanage3.org 127.0.0.1 www.bestmanage3.org 127.0.0.1 bestmanage4.org 127.0.0.1 www.bestmanage4.org 127.0.0.1 bestmanage5.org 127.0.0.1 www.bestmanage5.org 127.0.0.1 bestmanage6.org 127.0.0.1 www.bestmanage6.org 127.0.0.1 bestmanage7.org 127.0.0.1 www.bestmanage7.org 127.0.0.1 bestmanage8.org 127.0.0.1 www.bestmanage8.org 127.0.0.1 bestmanage9.org 127.0.0.1 www.bestmanage9.org 127.0.0.1 bestporngate.com 127.0.0.1 bestsafetyguide.net 127.0.0.1 www.bestsafetyguide.net 127.0.0.1 best-spyware.info 127.0.0.1 www.best-spyware.info 127.0.0.1 best-targeted-traffic.com 127.0.0.1 www.best-targeted-traffic.com 127.0.0.1 best-voyeur.info 127.0.0.1 www.best-voyeur.info 127.0.0.1 bestweblinks.com 127.0.0.1 best-winning-casino.com 127.0.0.1 bestworldgirls-for-u.net 127.0.0.1 www.bestworldgirls-for-u.net 127.0.0.1 bestxporno.com 127.0.0.1 bettersearch.biz 127.0.0.1 www.bettersearch.biz 127.0.0.1 bgazzetta.it 127.0.0.1 www.bgazzetta.it 127.0.0.1 bgoogle.it 127.0.0.1 www.bgoogle.it 127.0.0.1 bigtrafficnetwork.com 127.0.0.1 www.bigtrafficnetwork.com 127.0.0.1 bigwww.com 127.0.0.1 www.bigwww.com 127.0.0.1 bin.errorprotector.com 127.0.0.1 bins.media-motor.net 127.0.0.1 bins2.media-motor.net 127.0.0.1 bis.180solutions.com 127.0.0.1 bitchesonline.net 127.0.0.1 bitcomet-freebie.com 127.0.0.1 www.bitcomet-freebie.com 127.0.0.1 biz.biz 127.0.0.1 blackblues00.com 127.0.0.1 www.blackblues00.com 127.0.0.1 blackhats.tc 127.0.0.1 www.blackhats.tc 127.0.0.1 blackhawksoftware.com 127.0.0.1 www.blackhawksoftware.com 127.0.0.1 blackjack-free.net 127.0.0.1 blazefind.com 127.0.0.1 blender.xu.pl 127.0.0.1 blondetgp.com 127.0.0.1 blue-elefant.com 127.0.0.1 www.blue-elefant.com 127.0.0.1 bm.theaimonline.com 127.0.0.1 www.bm.theaimonline.com 127.0.0.1 bnmgate.com 127.0.0.1 www.bnmgate.com 127.0.0.1 bodaciousbabette.com 127.0.0.1 bonzi.com 127.0.0.1 www.bonzi.com 127.0.0.1 boobdoll.com 127.0.0.1 boobsandtits.com 127.0.0.1 boobsclub.com 127.0.0.1 bookedspace.com 127.0.0.1 www.bookedspace.com 127.0.0.1 boom.com.vn 127.0.0.1 www.boom.com.vn 127.0.0.1 boredlife.com 127.0.0.1 bowlofogumbo.com 127.0.0.1 bpfq02.com 127.0.0.1 www.bpfq02.com 127.0.0.1 bqgate.com 127.0.0.1 www.bqgate.com 127.0.0.1 br.errorsafe.com 127.0.0.1 br.winantivirus.com 127.0.0.1 br.winfixer.com 127.0.0.1 bradcoem.org 127.0.0.1 braincodec.com 127.0.0.1 www.braincodec.com 127.0.0.1 brandiyoung.com 127.0.0.1 bravesentry.com 127.0.0.1 www.bravesentry.com 127.0.0.1 breenten.biz 127.0.0.1 www.breenten.biz 127.0.0.1 brodbfm.net 127.0.0.1 www.brodbfm.net 127.0.0.1 brookeburn.com 127.0.0.1

Le sioux · Answer

Bonsoir

Est ce toi qui a inscrit les sites listés au dessus dans ton fichier Host, si ce n est pas le cas alors :

Telecharge RHosts de Siri 

http://siri.urz.free.fr/RHosts.php

Clique sur  restaurer fichier Hosts puis valide par ok.

Puis 

 SDFix

1) Télécharge   SDFix d' AndyManchesta 

  http://downloads.andymanchesta.com/RemovalTools/SDFix.exe   sur ton Bureau.

Double clique sur SDFix.exe et choisis Install pour l'extraire dans un dossier dédié sur le Bureau. N y touche pas pour l instant.

2) Redemarre en mode sans echec

Au redémarrage de l'ordinateur, une fois le chargement du BIOS terminé, il y a un écran noir qui apparaît rapidement, appuyer sur la touche [F8] ou [F5] jusqu'à l'affichage du menu des options avancées de Windows.
Sélectionner "Mode sans échec" et appuyer sur [Entrée]
Il te faudra choisir ta session habituelle, pas le compte "Administrateur" ou une autre.

3) SDFix

    * Ouvre le dossier SDFix qui vient d'être créé dans le répertoire C:\ et double clique sur RunThis.bat pour lancer le script.
    * Appuie sur Y pour commencer le processus de nettoyage.
    * Il va supprimer les services et les entrées du Registre de certains trojans trouvés puis te demandera d'appuyer sur une touche pour redémarrer.
    * Appuie sur une touche pour redémarrer le PC.
    * Ton système sera plus long pour redémarrer qu'à l'accoutumée car l'outil va continuer à s'exécuter et supprimer des fichiers.
    * Après le chargement du Bureau, l'outil terminera son travail et affichera Finished.
    * Appuie sur une touche pour finir l'exécution du script et charger les icônes de ton Bureau.
    * Les icônes du Bureau affichées, le rapport SDFix s'ouvrira à l'écran et s'enregistrera aussi dans le dossier SDFix sous le nom Report.txt.

Par la suite je te faire une manip avec combofix et un script

 Merci a Fill PCA pour le coup de main

@ suivre

Julien · Answer

Salut, 

Pour être sûr, tu parles bien de la super longue liste où tout commence par 127.0.0.1 ? Parce que si c'est bien ça, non, je ne sais absolument pas ce que c'est que tout ça... Et dans ce cas, je me lance dans le truc que tu décris.

Une fois fini, je te transmets un log de sdfix ou de hijackthis ?

Merci aussi à Fill PCA ! :-)

Le sioux · Answer

Re

 Parce que si c'est bien ça, non, je ne sais absolument pas ce que c'est que tout ça... Et dans ce cas, je me lance dans le truc que tu décris.    Yes


Une fois fini, je te transmets un log de sdfix ou de hijackthis ?   les 2 mon capitaine  ;-)

@+

Julien · Answer

Ok, alors voilà les 2 bestiaux...

Rapport SDFix : 


SDFix: Version 1.111

Run by Julien on 24/10/2007 at 23:05

Microsoft Windows XP [version 5.1.2600]

Running From: C:\DOCUME~1\Julien\Bureau\SDFix

Safe Mode:
Checking Services: 

Name:
Microsoft Agent

ImagePath:
"C:\WINDOWS\System32\dllcache\frehost.exe" 

Microsoft Agent - Deleted



Restoring Windows Registry Values
Restoring Windows Default Hosts File

Rebooting...


Normal Mode:
Checking Files: 

Trojan Files Found:

C:\WINDOWS\system32\TFTP19120  - Deleted
C:\WINDOWS\system32	skmgr.exe  - Deleted



Removing Temp Files...

ADS Check:

C:\WINDOWS
No streams found. 

C:\WINDOWS\system32
No streams found. 

C:\WINDOWS\system32\svchost.exe
No streams found.
 
C:\WINDOWS\system32
toskrnl.exe
No streams found.
 


                                 Final Check:

Remaining Services:
------------------



Authorized Application Key Export:

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

Remaining Files:
---------------

File Backups: - C:\DOCUME~1\Julien\Bureau\SDFix\backups\backups.zip

Files with Hidden Attributes:

Mon 19 Mar 2007       550,985 ..SH. --- "C:\WINDOWS\system32\gjkmp.bak1"
Fri 19 Oct 2007       551,984 ..SH. --- "C:\WINDOWS\system32\gjkmp.bak2"
Fri 19 Oct 2007       437,760 A.SHR --- "C:\_OTMoveIt\MovedFiles\WINDOWS\System32\winns.exe"

Finished! 

Et le désormais classique (mais toujours incompréhensible pour moi je te rassure ! ;-)) Hijackthis : 

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:14:42, on 24/10/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\ATKKBService.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\System32
vsvc32.exe
C:\WINDOWS\System32	cpsvcs.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.01net.com/telecharger/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.01net.com/telecharger/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O4 - HKLM\..\Run: [NvCplDaemon] ; RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe
O4 - HKLM\..\Run: [AVG7_CC] ; C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [msmss.exe] ; C:\WINDOWS\System32\winns.exe
O4 - HKLM\..\Run: [NvMediaCenter] ; RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [nwiz] ; nwiz.exe /install
O4 - HKCU\..\Run: [ctfmon.exe] ; C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] ; "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SERVICE LOCAL')
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: http://www.secuser.com
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - https://www.trendmicro.com/en_us/forHome/products/housecall.html
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - https://www.touslesdrivers.com/index.php?v_page=29
O20 - AppInit_DLLs: c:\windows\system32\vtsttrp.dll
O20 - Winlogon Notify: urqqoml - urqqoml.dll (file missing)
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32
vsvc32.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

Le sioux · Answer

Re OTMoveIt.exe Double clique sur OTMoveIt.exe pour le lancer. copie la liste qui se trouve en citation ci-dessous, et colle-la dans le cadre de gauche de OTMoveIt : Paste List of Files/Folders to be moved. C:\WINDOWS\system32\gjkmp.bak1 C:\WINDOWS\system32\gjkmp.bak2 Clique sur MoveIt! pour lancer la suppression. le résultat apparaitra dans le cadre Results. clique sur Exit pour fermer. poste le rapport situé dans C:\_OTMoveIt\MovedFiles. il te sera peut-être demander de redémarrer le pc pour achever la suppression. si c'est le cas accepte par Yes.

Julien · Answer

On progresse, on progresse... :-)

Rapport OTMove it : 

C:\WINDOWS\system32\gjkmp.bak1 moved successfully.
C:\WINDOWS\system32\gjkmp.bak2 moved successfully.
 
Created on 10/24/2007 23:36:54

Le sioux · Answer

Re

Ok, c est reparti

*  Sélectionne le texte suivant :

Registry::
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\urqqoml]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Local Security Authority Service"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"msmss.exe"=-

File::
C:\WINDOWS\System32\lssas.exe
C:\WINDOWS\System32\winns.exe
C:\WINDOWS\System32\dllcache\frehost.exe
c:\windows\system32\vtsttrp.dll

* Copie le texte sélectionné (CTRL+C).
* Ouvre le bloc-notes (programme>Accessoires >bloc-notes).
* Colle le texte copié dans ce bloc-notes (CTRL+V).
* Sauvegarde ce fichier sous le nom de CFScript.txt
* Fais un glisser/déposer de ce fichier CFScript sur le fichier ComboFix.exe ( sur ton bureau)

* Une fenêtre bleue va apparaître: au message qui apparaît  Type 1 to continue, or 2 to abort , tape 1 puis valide.

* Patiente le temps du scan. Le bureau va disparaître à plusieurs reprises : c'est normal!

Ne touche à rien tant que le scan n'est pas terminé. 

* Une fois le scan achevé, un rapport va s'afficher : Poste son contenu. ( Si le fichier ne s'ouvre pas, il se trouve ici > C:\ComboFix.txt)

Ainsi qu un nouvel Hijackthis et fais un nouveau Sreng et envoie aussi ce rapport.

Merci a FillPCA pour le coup de main 

@ suivre

Julien · Answer

Oh, en général, quand tu tapes à suivre en fin de message, c'est qu'on va se coucher tard ! :-))) Alors, le rapport ComboFix : ComboFix 07-10-20.6 - Julien 2007-10-24 23:52:09.2 - NTFSx86 Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.1609 [GMT 2:00] Running from: C:\Documents and Settings\Julien\Bureau\ComboFix.exe Command switches used :: C:\Documents and Settings\Julien\Bureau\CFScript.txt * Created a new restore point FILE:: C:\WINDOWS\System32\dllcache\frehost.exe C:\WINDOWS\System32\lssas.exe c:\windows\system32\vtsttrp.dll C:\WINDOWS\System32\winns.exe . ((((((((((((((((((((((((((((( Fichiers créés 2007-09-24 to 2007-10-24 )))))))))))))))))))))))))))))))))))) . 2007-10-24 23:04 d-------- C:\WINDOWS\ERUNT 2007-10-22 01:21 51,200 --a------ C:\WINDOWS\NirCmd.exe 2007-10-21 20:37 d-------- C:\WINDOWS\report 2007-10-21 20:37 d-------- C:\WINDOWS\AU_Backup 2007-10-21 20:37 1,163,344 --a------ C:\WINDOWS\vsapi32.dll 2007-10-21 20:37 267,845 --a------ C:\WINDOWS\tsc.exe 2007-10-21 20:37 86,094 --a------ C:\WINDOWS\BPMNT.dll 2007-10-21 20:37 71,749 --a------ C:\WINDOWS\hcextoutput.dll 2007-10-21 20:36 d-------- C:\WINDOWS\AU_Temp 2007-10-21 20:36 d-------- C:\WINDOWS\AU_Log 2007-10-21 20:36 507,904 --a------ C:\WINDOWS\TMUPDATE.DLL 2007-10-21 20:36 286,720 --a------ C:\WINDOWS\PATCH.EXE 2007-10-21 20:36 69,689 --a------ C:\WINDOWS\UNZIP.DLL 2007-10-21 20:27 d--h----- C:\WINDOWS\msdownld.tmp 2007-10-21 20:26 d-------- C:\WINDOWS\system32\fr-fr 2007-10-21 20:22 33,792 --a--c--- C:\WINDOWS\system32\dllcache\custsat.dll 2007-10-21 20:09 d-------- C:\VundoFix Backups 2007-10-21 16:30 d-------- C:\Documents and Settings\Julien\Application Data\vlc 2007-10-21 16:29 d-------- C:\Program Files\VideoLAN 2007-10-21 15:59 d-------- C:\Program Files\hp deskjet 840c series 2007-10-21 15:59 d-------- C:\Program Files\Hewlett-Packard 2007-10-21 15:26 d-------- C:\WINDOWS\Sun 2007-10-21 15:25 d-------- C:\Program Files\Java 2007-10-21 15:25 d-------- C:\Program Files\Fichiers communs\Java 2007-10-21 06:36 d-------- C:\Program Files\Trend Micro 2007-10-21 06:27 d-------- C:\Program Files\Lavasoft 2007-10-21 06:27 d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft 2007-10-21 04:51 95,608 --a------ C:\WINDOWS\system32\AvastSS.scr 2007-10-21 04:51 94,416 --a------ C:\WINDOWS\system32\drivers\aswmon2.sys 2007-10-21 04:51 92,848 --a------ C:\WINDOWS\system32\drivers\aswmon.sys 2007-10-21 04:51 42,912 --a------ C:\WINDOWS\system32\drivers\aswTdi.sys 2007-10-21 04:51 26,624 --a------ C:\WINDOWS\system32\drivers\aavmker4.sys 2007-10-21 04:51 23,152 --a------ C:\WINDOWS\system32\drivers\aswRdr.sys 2007-10-21 04:50 801,144 --a------ C:\WINDOWS\system32\aswBoot.exe 2007-10-21 03:50 d-------- C:\Program Files\Alwil Software 2007-10-21 03:50 1,060,864 --a------ C:\WINDOWS\system32\MFC71.dll 2007-10-20 12:19 d-------- C:\WINDOWS\ShellNew 2007-10-20 02:44 d-------- C:\Documents and Settings\Julien\Application Data\Apple Computer 2007-10-20 02:43 d-------- C:\Program Files\QuickTime 2007-10-20 02:43 d-------- C:\Program Files\iTunes 2007-10-20 02:43 d-------- C:\Program Files\iPod 2007-10-20 02:43 d-------- C:\Program Files\Apple Software Update 2007-10-20 02:43 d-------- C:\Documents and Settings\All Users\Application Data\Apple Computer 2007-10-20 02:42 d-------- C:\Program Files\Fichiers communs\Apple 2007-10-20 02:42 d-------- C:\Documents and Settings\All Users\Application Data\Apple 2007-10-20 02:40 d-------- C:\Program Files\QuickZip4 2007-10-20 02:25 d-------- C:\Program Files\Azureus 2007-10-20 02:06 d-------- C:\Program Files\eMule 2007-10-20 01:55 d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy 2007-10-20 01:49 d-------- C:\Program Files\Winamp 2007-10-20 01:49 d-------- C:\Documents and Settings\Julien\Application Data\Winamp 2007-10-20 01:44 d-------- C:\Program Files\TuneUp Utilities 2007 2007-10-20 01:44 d-------- C:\Documents and Settings\Julien\Application Data\TuneUp Software 2007-10-20 01:44 d-------- C:\Documents and Settings\All Users\Application Data\TuneUp Software 2007-10-20 01:44 29,704 --a------ C:\WINDOWS\system32\uxtuneup.dll 2007-10-20 01:43 d-------- C:\Program Files\Fichiers communs\Wise Installation Wizard 2007-10-20 01:42 d-------- C:\Program Files\CCleaner 2007-10-20 01:37 d-------- C:\Documents and Settings\Julien\Application Data\Grisoft 2007-10-20 01:37 10,872 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys 2007-10-20 01:32 d-------- C:\Documents and Settings\Julien\Contacts 2007-10-20 01:31 d----c--- C:\WINDOWS\system32\DRVSTORE 2007-10-20 01:31 d-------- C:\Program Files\MSN Messenger 2007-10-19 21:03 1,277 --a------ C:\WINDOWS\mozver.dat 2007-10-19 20:32 d-------- C:\WINDOWS\system32\Lang 2007-10-19 20:32 d-------- C:\Documents and Settings\LocalService\Menu D‚marrer 2007-10-19 20:28 d-------- C:\Documents and Settings\All Users\Application Data\MailFrontier 2007-10-19 20:28 75,932 --a------ C:\WINDOWS\system32\drivers\klick.dat 2007-10-19 20:28 75,248 --a------ C:\WINDOWS\zllsputility.exe 2007-10-19 20:28 74,396 --a------ C:\WINDOWS\system32\drivers\klin.dat 2007-10-19 20:28 54,672 --a------ C:\WINDOWS\system32\vsutil_loc040c.dll 2007-10-19 20:28 42,384 --a------ C:\WINDOWS\zllsputility_loc040c.dll 2007-10-19 20:28 21,904 --a------ C:\WINDOWS\system32\imsinstall_loc040c.dll 2007-10-19 20:28 17,808 --a------ C:\WINDOWS\system32\imslsp_install_loc040c.dll 2007-10-19 20:28 11,264 --a------ C:\WINDOWS\system32\SpOrder.dll 2007-10-19 20:28 4,212 ---h----- C:\WINDOWS\system32\zllictbl.dat 2007-10-19 20:26 d-------- C:\WINDOWS\Internet Logs 2007-10-19 20:24 d-------- C:\WINDOWS\IIS Temporary Compressed Files 2007-10-19 20:18 0 --a------ C:\WINDOWS\nsreg.dat 2007-10-19 20:11 d-------- C:\WINDOWS\pss 2007-10-19 20:10 1,635 --a------ C:\WINDOWS\system32\ozef.exe 2007-10-19 20:01 d-------- C:\WINDOWS\ServicePackFiles 2007-10-19 20:00 549,720 --a------ C:\WINDOWS\system32\wuapi.dll 2007-10-19 20:00 351,232 --a------ C:\WINDOWS\system32\winhttp.dll 2007-10-19 20:00 325,976 --a------ C:\WINDOWS\system32\wucltui.dll 2007-10-19 20:00 43,352 --a------ C:\WINDOWS\system32\wups2.dll 2007-10-19 20:00 33,624 --a------ C:\WINDOWS\system32\wups.dll . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2007-10-24 21:02 53,252 --sha-w C:\WINDOWS\system32\drivers\fidbox.idx 2007-10-24 21:02 5,077,024 --sha-w C:\WINDOWS\system32\drivers\fidbox.dat 2007-10-21 04:35 9,344 ----a-w C:\WINDOWS\system32\drivers\NSDriver.sys 2007-10-21 04:35 8,320 ----a-w C:\WINDOWS\system32\drivers\AWRTRD.sys 2007-10-21 02:01 --------- d-----w C:\Documents and Settings\All Users\Application Data\avg7 2007-10-21 01:07 --------- d-----w C:\Documents and Settings\Julien\Application Data\AVG7 2007-10-19 23:37 --------- d-----w C:\Documents and Settings\All Users\Application Data\Grisoft 2007-10-19 18:01 --------- d-----w C:\Documents and Settings\Julien\Application Data\ma-config.com 2007-10-19 17:57 --------- d-----w C:\Program Files\ASUSTeK 2007-10-19 17:55 274,425,064 ----a-w C:\WINDOWS\WindowsXP-KB835935-SP2-FRA.exe 2007-10-19 17:54 --------- d-----w C:\Program Files\ma-config.com 2007-10-19 17:54 --------- d-----w C:\Program Files\Fichiers communs\InstallShield 2007-10-19 17:50 --------- d-----w C:\Program Files\Intel 2007-10-19 17:45 --------- d-----w C:\Program Files\microsoft frontpage 2007-10-19 17:43 --------- d-----w C:\Program Files\Fichiers communs\MSSoap 2007-10-19 17:42 --------- d-----w C:\Program Files\Services en ligne 2007-10-19 17:31 13,824 ----a-w C:\removewga_removewga_1.2_anglais_21437.exe 2007-07-30 17:19 92,504 ----a-w C:\WINDOWS\system32\cdm.dll 2007-07-30 17:19 53,080 ----a-w C:\WINDOWS\system32\wuauclt.exe 2007-07-30 17:19 203,096 ----a-w C:\WINDOWS\system32\wuweb.dll 2007-07-30 17:19 1,712,984 ----a-w C:\WINDOWS\system32\wuaueng.dll . ((((((((((((((((((((((((((((( snapshot@2007-10-22_ 1.27.31.03 ))))))))))))))))))))))))))))))))))))))))) . + 2007-10-23 01:32:46 163,328 ----a-w C:\WINDOWS\ERUNT\SDFIX\ERDNT.EXE + 2007-10-24 21:04:49 2,813,952 ----a-w C:\WINDOWS\ERUNT\SDFIX\Users\[u]0[/u]0000001\NTUSER.DAT + 2007-10-24 21:04:49 147,456 ----a-w C:\WINDOWS\ERUNT\SDFIX\Users\[u]0[/u]0000002\UsrClass.dat + 2007-10-23 01:32:46 163,328 ----a-w C:\WINDOWS\ERUNT\SDFIX_First_Run\ERDNT.EXE + 2007-10-24 21:04:41 2,813,952 ----a-w C:\WINDOWS\ERUNT\SDFIX_First_Run\Users\[u]0[/u]0000001\NTUSER.DAT + 2007-10-24 21:04:41 147,456 ----a-w C:\WINDOWS\ERUNT\SDFIX_First_Run\Users\[u]0[/u]0000002\UsrClass.dat + 2007-10-24 21:09:33 16,384 ----atw C:\WINDOWS\Temp\Perflib_Perfdata_118.dat . ((((((((((((((((((((((((((((((((( Point de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NvCplDaemon"="C:\WINDOWS\System32\NvCpl.dll" [2005-12-14 08:51] "RTHDCPL"="RTHDCPL.EXE" [2006-06-28 08:54 C:\WINDOWS\RTHDCPL.exe] "ZoneAlarm Client"="C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" [2007-06-21 21:54] "!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 11:25] "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2007-09-26 14:42] "avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-09-06 12:06] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11] "HPDJ Taskbar Utility"="C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe" [2001-11-15 19:05] "AVG7_CC"="C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" [] "NvMediaCenter"="C:\WINDOWS\System32\NvMcTray.dll" [2005-12-14 08:51] "nwiz"="nwiz.exe" [2005-12-14 08:51 C:\WINDOWS\system32\nwiz.exe] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="C:\WINDOWS\System32\ctfmon.exe" [2004-08-19 16:09] "MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-08-19 16:10] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "appinit_dlls"=c:\windows\system32\vtsttrp.dll R2 UxTuneUp;TuneUp Extension de thème;C:\WINDOWS\System32\svchost.exe -k netsvcs HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs UxTuneUp [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f690a679-7e9c-11dc-96f0-00138fd5f064}] Auto\command - F:\sxs.exe AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL sxs.exe . Contenu du dossier 'Scheduled Tasks/Tâches planifiées' "2007-10-20 00:43:09 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job" - C:\Program Files\Apple Software Update\SoftwareUpdate.exe "2007-10-19 23:44:33 C:\WINDOWS\Tasks\Maintenance en 1 clic.job" - C:\Program Files\TuneUp Utilities 2007\SystemOptimizer.exe . ************************************************************************** catchme 0.3.1232 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2007-10-24 23:53:20 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** . Completion time: 2007-10-24 23:53:59 C:\ComboFix2.txt ... 2007-10-22 01:27 . --- E O F --- Et mister Hijackthis : Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 23:55:10, on 24/10/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16544) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\ZoneLabs\vsmon.exe C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\WINDOWS\ATKKBService.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\WINDOWS\System32\nvsvc32.exe C:\WINDOWS\System32\tcpsvcs.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\WINDOWS\system32\wscntfy.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\RTHDCPL.EXE C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\Program Files\iTunes\iTunesHelper.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe C:\WINDOWS\explorer.exe C:\WINDOWS\system32\notepad.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.01net.com/telecharger/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.01net.com/telecharger/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O4 - HKLM\..\Run: [NvCplDaemon] ; RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe O4 - HKLM\..\Run: [AVG7_CC] ; C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP O4 - HKLM\..\Run: [NvMediaCenter] ; RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [nwiz] ; nwiz.exe /install O4 - HKCU\..\Run: [ctfmon.exe] ; C:\WINDOWS\System32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] ; "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SERVICE LOCAL') O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O15 - Trusted Zone: http://www.secuser.com O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/... O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - https://www.trendmicro.com/en_us/forHome/products/housecall.html O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - https://www.touslesdrivers.com/index.php?v_page=29 O20 - AppInit_DLLs: c:\windows\system32\vtsttrp.dll O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

Le sioux · Answer

re

Fais un nouveau Sreng et envoie aussi ce rapport.Merci

@+

Julien · Answer

Re aussi, Voilà le rapport (plus court que la dernière fois, ça doit être bon signe !) : [CODE] 2007-10-25,00:04:30 System Repair Engineer 2.5.16.900 Smallfrogs (http://www.KZTechs.com) Windows XP Professional Service Pack 2 (Build 2600) - Administrative User - Completed Functions Allowed Follow item(s) have been choosed: All Boot Items (Including Registry, Startup Folders, Services and so on) Browser Add-ons Runing Processes (Including process model information) File Associations Winsock Provider Autorun.Inf HOSTS File Process Privileges Scan Boot Items Registry [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] <; C:\WINDOWS\System32\ctfmon.exe> [(Verified)Microsoft Windows Publisher] <; "C:\Program Files\Messenger\msmsgs.exe" /background> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] <; RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup> [(Verified)Microsoft Windows Hardware Compatibility Publisher] [(Verified)Microsoft Windows Hardware Compatibility Publisher] <"C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"> [(Verified)Check Point Software Technologies Ltd.] <"C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized> [(Verified)GRISOFT LTD] <"C:\Program Files\iTunes\iTunesHelper.exe"> [(Verified)"Apple Computer, Inc."] [(Verified)ALWIL Software] <"C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"> [(Verified)"Sun Microsystems, Inc."] [(Verified)Microsoft Windows Hardware Compatibility Publisher, E=""] <; C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP> [N/A] <; RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit> [(Verified)Microsoft Windows Hardware Compatibility Publisher] <; nwiz.exe /install> [] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] [(Verified)Microsoft Windows Publisher] [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] [N/A] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] <{57B86673-276A-48B2-BAE7-C6DBB3020EB8}> [(Verified)GRISOFT LTD] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\<{12d0ed0d-0ee0-4f90-8827-78cefb8f4988}] [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}] <%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}] <%SystemRoot%\system32 egsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32 hemeui.dll> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}] <"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}] [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}] [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}] [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}] <"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install> [N/A] ================================== Startup Folders N/A ================================== Services [Ad-Aware 2007 Service / aawservice][Running/Auto Start] <"C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe"> [Apple Mobile Device / Apple Mobile Device][Running/Auto Start] <"C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe"> [avast! iAVS4 Control Service / aswUpdSv][Running/Auto Start] <"C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe"> [ATK Keyboard Service / ATKKeyboardService][Running/Auto Start] [avast! Antivirus / avast! Antivirus][Running/Auto Start] <"C:\Program Files\Alwil Software\Avast4\ashServ.exe"> [avast! Mail Scanner / avast! Mail Scanner][Running/Manual Start] <"C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service> [avast! Web Scanner / avast! Web Scanner][Running/Manual Start] <"C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service> [AVG Anti-Spyware Guard / AVG Anti-Spyware Guard][Running/Auto Start] [AVG7 Alert Manager Server / Avg7Alrt][Stopped/Disabled] [AVG7 Update Service / Avg7UpdSvc][Stopped/Disabled] [AVG E-mail Scanner / AVGEMS][Stopped/Disabled] [Accès du périphérique d'interface utilisateur / HidServ][Stopped/Disabled] %SystemRoot%\System32\hidserv.dll> [Service de l'iPod / iPod Service][Running/Manual Start] <"C:\Program Files\iPod\bin\iPodService.exe"> [NVIDIA Display Driver Service / NVSvc][Running/Auto Start] [TrueVector Internet Monitor / vsmon][Running/Auto Start] ================================== Drivers [Enhanced Display Driver Helper Service / asuskbnt][Running/System Start] [AVG Anti-Spyware Driver / AVG Anti-Spyware Driver][Running/System Start] <\??\C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.sys> [AVG7 Kernel / Avg7Core][Stopped/System Start] <\SystemRoot\System32\Drivers\avg7core.sys> [AVG7 Wrap Driver / Avg7RsW][Running/System Start] <\SystemRoot\System32\Drivers\avg7rsw.sys> [AVG7 Resident Driver XP / Avg7RsXP][Stopped/System Start] <\SystemRoot\System32\Drivers\avg7rsxp.sys> [AVG Anti-Spyware Clean Driver / AvgAsCln][Running/System Start] [AVG7 Clean Driver / AvgClean][Running/System Start] <\SystemRoot\System32\Drivers\avgclean.sys> [AVG Network Redirector / AvgTdi][Running/Auto Start] <\SystemRoot\System32\Drivers\avgtdi.sys> [catchme / catchme][Running/Manual Start] <\??\C:\DOCUME~1\Julien\LOCALS~1\Temp\catchme.sys> [driverhardwarev2 / driverhardwarev2][Stopped/Manual Start] <\??\C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys> [EIO / EIO][Running/Auto Start] <\??\C:\WINDOWS\system32\drivers\EIO.sys> [GEARAspiWDM / GEARAspiWDM][Running/Manual Start] [Microsoft UAA Bus Driver for High Definition Audio / HDAudBus][Running/Manual Start] [Service for Realtek HD Audio (WDM) / IntcAzAudAddService][Running/Manual Start] [kl1 / kl1][Running/Boot Start] <\SystemRoot\system32\DRIVERS\kl1.sys> [KLIF / KLIF][Running/System Start] [nv / nv][Running/Manual Start] [Pilote de liaison parallèle directe / Ptilink][Running/Manual Start] [PxHelp20 / PxHelp20][Running/Boot Start] <\SystemRoot\System32\Drivers\PxHelp20.sys> [Realtek 10/100/1000 NIC Family all in one NDIS XP Driver / RTL8023xp][Running/Manual Start] [Secdrv / Secdrv][Stopped/Manual Start] [srescan / srescan][Running/Boot Start] <\SystemRoot\system32\ZoneLabs\srescan.sys> [vsdatant / vsdatant][Running/System Start] ================================== Browser Add-ons [Spybot-S&D IE Protection] {53707962-6F74-2D53-2644-206D7942484F} [SSVHelper Class] {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} [Java Plug-in 1.6.0_03] {08B0E5C0-4FCB-11CF-AAA5-00401C608501} [Spybot-S&D IE Protection] {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} [] {e2e2dd38-d088-4134-82b7-f2ba38496583} <%windir%\Network Diagnostic\xpnetdiag.exe, N/A> [Messenger] {FB5F1910-F110-11d2-BB9E-00C04F795683} [WUWebControl Class] {6414512B-B978-451D-A0D8-FCFDF33E833C} [HouseCall Control] {74D05D43-3236-11D4-BDCD-00C04F9A3B61} [HardwareDetection Control] {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} [Java Plug-in 1.6.0_03] {8AD9C840-044E-11D1-B3E9-00805F499D93} [Java Plug-in 1.6.0_03] {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} [Java Plug-in 1.6.0_03] {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [Spybot-S&D IE Protection] {53707962-6F74-2D53-2644-206D7942484F} [WUWebControl Class] {6414512B-B978-451D-A0D8-FCFDF33E833C} [Windows Media Player] {6BF52A52-394A-11D3-B153-00C04F79FAA6} [HouseCall Control] {74D05D43-3236-11D4-BDCD-00C04F9A3B61} [SSVHelper Class] {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} [SearchAssistantOC] {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\System32\shdocvw.dll, N/A> [Shockwave Flash Object] {D27CDB6E-AE6D-11CF-96B8-444553540000} [E&xporter vers Microsoft Excel] ================================== Running Processes [PID: 720 / SYSTEM][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 784 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 808 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)] [PID: 852 / SYSTEM][C:\WINDOWS\system32\services.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 864 / SYSTEM][C:\WINDOWS\system32\lsass.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 1020 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 1096 / SERVICE RÉSEAU][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 1192 / SYSTEM][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [c:\windows\system32\uxtuneup.dll] [TuneUp Software GmbH, 2.0.0.8] [C:\WINDOWS\system32\Normaliz.dll] [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)] [C:\WINDOWS\system32\iertutil.dll] [Microsoft Corporation, 7.00.6000.16544 (vista_gdr.070814-1500)] [PID: 1312 / SERVICE RÉSEAU][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 1392 / SERVICE LOCAL][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\Normaliz.dll] [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)] [C:\WINDOWS\system32\iertutil.dll] [Microsoft Corporation, 7.00.6000.16544 (vista_gdr.070814-1500)] [PID: 1896 / SYSTEM][C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe] [Lavasoft AB, 7, 0, 2, 3] [C:\Program Files\Lavasoft\Ad-Aware 2007\CEAPI.dll] [Lavasoft AB, 7, 0, 2, 3] [C:\Program Files\Lavasoft\Ad-Aware 2007\PKArchive84cb.dll] [PKWARE, Inc., 8.4.219.0] [C:\WINDOWS\system32\Normaliz.dll] [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)] [C:\WINDOWS\system32\iertutil.dll] [Microsoft Corporation, 7.00.6000.16544 (vista_gdr.070814-1500)] [C:\Program Files\Lavasoft\Ad-Aware 2007\Update.dll] [, 7, 0, 1, 3] [PID: 2020 / SYSTEM][C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe] [ALWIL Software, 4, 7, 1043, 0] [C:\Program Files\Alwil Software\Avast4\aswCmnS.dll] [ALWIL Software, 4, 7, 1043, 0] [C:\Program Files\Alwil Software\Avast4\aswCmnOS.dll] [ALWIL Software, 4, 7, 1043, 0] [C:\WINDOWS\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0] [C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4] [C:\Program Files\Alwil Software\Avast4\aswCmnB.dll] [ALWIL Software, 4, 7, 1043, 0] [PID: 280 / SYSTEM][C:\Program Files\Alwil Software\Avast4\ashServ.exe] [ALWIL Software, 4, 7, 1043, 0] [C:\Program Files\Alwil Software\Avast4\aswAux.dll] [ALWIL Software, 4, 7, 1043, 0] [C:\WINDOWS\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0] [C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4] [C:\Program Files\Alwil Software\Avast4\aswCmnB.dll] [ALWIL Software, 4, 7, 1043, 0] [C:\Program Files\Alwil Software\Avast4\aswCmnOS.dll] [ALWIL Software, 4, 7, 1043, 0] [C:\Program Files\Alwil Software\Avast4\aswEngin.dll] [ALWIL Software, 4, 7, 1043, 0] [C:\Program Files\Alwil Software\Avast4\aswScan.dll] [ALWIL Software, 4, 7, 1043, 0] [C:\Program Files\Alwil Software\Avast4\aswCmnS.dll] [ALWIL Software, 4, 7, 1043, 0] [C:\Program Files\Alwil Software\Avast4\ashBase.dll] [ALWIL Software, 4, 7, 1043, 0] [C:\Program Files\Alwil Software\Avast4\ashTask.dll] [ALWIL Software, 4, 7, 1043, 0] [C:\Program Files\Alwil Software\Avast4\aswInteg.dll] [ALWIL Software, 4, 7, 1043, 0] [C:\Program Files\Alwil Software\Avast4\aswIdle.dll] [ALWIL Software, 4, 7, 1043, 0] [C:\Program Files\Alwil Software\Avast4\Aavm4h.dll] [ALWIL Software, 4, 7, 1043, 0] [C:\Program Files\Alwil Software\Avast4\French\Base.dll] [ALWIL Software, 4, 7, 1038, 0] [C:\Program Files\Alwil Software\Avast4\UNACEV2.DLL] [N/A, ] [C:\Program Files\Alwil Software\Avast4\AhResMai.dll] [ALWIL Software, 4, 7, 1043, 0] [C:\Program Files\Alwil Software\Avast4\ahResMes.dll] [ALWIL Software, 4, 7, 1043, 0] [C:\Program Files\Alwil Software\Avast4\AhResNS.dll] [ALWIL Software, 4, 7, 1043, 0] [C:\Program Files\Alwil Software\Avast4\AhResOut.dll] [ALWIL Software, 4, 7, 1043, 0] [C:\Program Files\Alwil Software\Avast4\ahResP2P.dll] [ALWIL Software, 4, 7, 1043, 0] [C:\Program Files\Alwil Software\Avast4\AhResStd.dll] [ALWIL Software, 4, 7, 1043, 0] [C:\Program Files\Alwil Software\Avast4\AhResWS.dll] [ALWIL Software, 4, 7, 1043, 0] [C:\Program Files\Alwil Software\Avast4\ashSSqlt.dll] [ALWIL Software, 4, 7, 1043, 0] [PID: 1652 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\hpzlnt04.dll] [HP, 2,80,0,0] [PID: 576 / SYSTEM][C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe] [Apple, Inc., 1, 14, 0, 0] [PID: 1916 / SYSTEM][C:\WINDOWS\ATKKBService.exe] [ASUSTeK COMPUTER INC., 1, 0, 0, 0] [PID: 604 / SYSTEM][C:\WINDOWS\System32 vsvc32.exe] [NVIDIA Corporation, 6.14.10.8265] [PID: 1256 / SYSTEM][C:\WINDOWS\System32 cpsvcs.exe] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)] [PID: 1696 / SERVICE LOCAL][C:\WINDOWS\system32\wdfmgr.exe] [Microsoft Corporation, 5.2.3790.1230 built by: dnsrv(bld4act)] [PID: 468 / SYSTEM][C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe] [ALWIL Software, 4, 7, 1043, 0] [C:\Program Files\Alwil Software\Avast4\ashBase.dll] [ALWIL Software, 4, 7, 1043, 0] [C:\WINDOWS\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0] [C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4] [C:\Program Files\Alwil Software\Avast4\aswCmnOS.dll] [ALWIL Software, 4, 7, 1043, 0] [C:\Program Files\Alwil Software\Avast4\aswCmnB.dll] [ALWIL Software, 4, 7, 1043, 0] [C:\Program Files\Alwil Software\Avast4\aswCmnS.dll] [ALWIL Software, 4, 7, 1043, 0] [C:\Program Files\Alwil Software\Avast4\Aavm4h.dll] [ALWIL Software, 4, 7, 1043, 0] [C:\Program Files\Alwil Software\Avast4\ashTask.dll] [ALWIL Software, 4, 7, 1043, 0] [C:\Program Files\Alwil Software\Avast4\aswAux.dll] [ALWIL Software, 4, 7, 1043, 0] [C:\Program Files\Alwil Software\Avast4\AhResMai.dll] [ALWIL Software, 4, 7, 1043, 0] [C:\Program Files\Alwil Software\Avast4\French\Base.dll] [ALWIL Software, 4, 7, 1038, 0] [C:\Program Files\Alwil Software\Avast4\aswEngin.dll] [ALWIL Software, 4, 7, 1043, 0] [C:\Program Files\Alwil Software\Avast4\aswScan.dll] [ALWIL Software, 4, 7, 1043, 0] [C:\Program Files\Alwil Software\Avast4\ashUInt.dll] [ALWIL Software, 4, 7, 1043, 0] [C:\Program Files\Alwil Software\Avast4\XT1922.dll] [Codejock Software, 1, 9, 4, 0] [C:\WINDOWS\system32\MFC71.DLL] [Microsoft Corporation, 7.10.3077.0] [C:\Program Files\Alwil Software\Avast4\French\Lang.dll] [ALWIL Software, 4, 7, 1038, 0] [C:\Program Files\Alwil Software\Avast4\French\langmai.dll] [ALWIL Software, 4, 7, 1038, 0] [PID: 1928 / Julien][C:\WINDOWS\system32\wscntfy.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 1176 / SYSTEM][C:\Program Files\Alwil Software\Avast4\ashWebSv.exe] [ALWIL Software, 4, 7, 1043, 0] [C:\Program Files\Alwil Software\Avast4\ashBase.dll] [ALWIL Software, 4, 7, 1043, 0] [C:\WINDOWS\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0] [C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4] [C:\Program Files\Alwil Software\Avast4\aswCmnOS.dll] [ALWIL Software, 4, 7, 1043, 0] [C:\Program Files\Alwil Software\Avast4\aswCmnB.dll] [ALWIL Software, 4, 7, 1043, 0] [C:\Program Files\Alwil Software\Avast4\aswCmnS.dll] [ALWIL Software, 4, 7, 1043, 0] [C:\Program Files\Alwil Software\Avast4\Aavm4h.dll] [ALWIL Software, 4, 7, 1043, 0] [C:\Program Files\Alwil Software\Avast4\ashTask.dll] [ALWIL Software, 4, 7, 1043, 0] [C:\Program Files\Alwil Software\Avast4\aswAux.dll] [ALWIL Software, 4, 7, 1043, 0] [C:\Program Files\Alwil Software\Avast4\French\Base.dll] [ALWIL Software, 4, 7, 1038, 0] [C:\Program Files\Alwil Software\Avast4\ashWsFtr.dll] [ALWIL Software, 4, 7, 1043, 0] [C:\Program Files\Alwil Software\Avast4\aswScan.dll] [ALWIL Software, 4, 7, 1043, 0] [C:\PROGRA~1\ALWILS~1\Avast4\AhResWs.dll] [ALWIL Software, 4, 7, 1043, 0] [C:\Program Files\Alwil Software\Avast4\aswEngin.dll] [ALWIL Software, 4, 7, 1043, 0] [PID: 2160 / SERVICE LOCAL][C:\WINDOWS\System32\alg.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 3716 / Julien][C:\WINDOWS\RTHDCPL.EXE] [Realtek Semiconductor Corp., 2.0.7.3] [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)] [PID: 4048 / Julien][C:\Program Files\iTunes\iTunesHelper.exe] [Apple Inc., 7.4.3.1] [C:\WINDOWS\system32\Normaliz.dll] [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)] [C:\WINDOWS\system32\iertutil.dll] [Microsoft Corporation, 7.00.6000.16544 (vista_gdr.070814-1500)] [C:\Program Files\iTunes\iTunesHelper.Resources\fr.lproj\iTunesHelperLocalized.DLL] [Apple Inc., 7.4.0.17] [C:\Program Files\iTunes\iTunesHelper.Resources\iTunesHelper.DLL] [Apple Inc., 7.4.3.1] [C:\Program Files\QuickTime\QTSystem\QuickTime.qts] [Apple Inc., 7.2] [C:\Program Files\QuickTime\QTSystem\CoreVideo.qtx] [Apple Computer, Inc., 7.2] [C:\Program Files\QuickTime\QTSystem\QuickTime3GPP.qtx] [Apple Inc., 7.2] [C:\Program Files\QuickTime\QTSystem\QuickTime3GPPAuthoring.qtx] [Apple Inc., 7.2] [C:\Program Files\QuickTime\QTSystem\QuickTimeAudioSupport.qtx] [Apple Computer, Inc., 7.2] [C:\Program Files\QuickTime\QTSystem\QuickTimeAuthoring.qtx] [Apple Inc., 7.2] [C:\Program Files\QuickTime\QTSystem\QuickTimeCapture.qtx] [Apple Inc., 7.2] [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)] [C:\Program Files\QuickTime\QTSystem\QuickTimeEffects.qtx] [Apple Inc., 7.2] [C:\Program Files\QuickTime\QTSystem\QuickTimeEssentials.qtx] [Apple Inc., 7.2] [C:\Program Files\QuickTime\QTSystem\QuickTimeH264.qtx] [Apple Inc., 7.2] [C:\Program Files\QuickTime\QTSystem\QuickTimeImage.qtx] [Apple Inc., 7.2] [C:\Program Files\QuickTime\QTSystem\QuickTimeInternetExtras.qtx] [Apple Inc., 7.2] [C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG.qtx] [Apple Inc., 7.2] [C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG4.qtx] [Apple Inc., 7.2] [C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG4Authoring.qtx] [Apple Inc., 7.2] [C:\Program Files\QuickTime\QTSystem\QuickTimeMusic.qtx] [Apple Inc., 7.2] [C:\Program Files\QuickTime\QTSystem\QuickTimeQD3D.qtx] [Apple Inc., 7.2] [C:\Program Files\QuickTime\QTSystem\QuickTimeStreaming.qtx] [Apple Inc., 7.2] [C:\Program Files\QuickTime\QTSystem\QuickTimeStreamingAuthoring.qtx] [Apple Inc., 7.2] [C:\Program Files\QuickTime\QTSystem\QuickTimeStreamingExtras.qtx] [Apple Inc., 7.2] [C:\Program Files\QuickTime\QTSystem\QuickTimeVR.qtx] [Apple Inc., 7.2] [C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\iTunesMobileDevice.dll] [Apple Inc., 7, 4, 104, 0] [PID: 4068 / Julien][C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe] [ALWIL Software, 4, 7, 1043, 0] [C:\PROGRA~1\ALWILS~1\Avast4\aswCmnOS.dll] [ALWIL Software, 4, 7, 1043, 0] [C:\WINDOWS\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0] [C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4] [C:\PROGRA~1\ALWILS~1\Avast4\ashBase.dll] [ALWIL Software, 4, 7, 1043, 0] [C:\PROGRA~1\ALWILS~1\Avast4\aswCmnB.dll] [ALWIL Software, 4, 7, 1043, 0] [C:\PROGRA~1\ALWILS~1\Avast4\aswCmnS.dll] [ALWIL Software, 4, 7, 1043, 0] [C:\PROGRA~1\ALWILS~1\Avast4\ashTask.dll] [ALWIL Software, 4, 7, 1043, 0] [C:\PROGRA~1\ALWILS~1\Avast4\aswAux.dll] [ALWIL Software, 4, 7, 1043, 0] [C:\PROGRA~1\ALWILS~1\Avast4\Aavm4h.dll] [ALWIL Software, 4, 7, 1043, 0] [C:\Program Files\Alwil Software\Avast4\French\Base.dll] [ALWIL Software, 4, 7, 1038, 0] [C:\Program Files\Alwil Software\Avast4\French\Lang.dll] [ALWIL Software, 4, 7, 1038, 0] [C:\WINDOWS\system32\MFC71.DLL] [Microsoft Corporation, 7.10.3077.0] [C:\PROGRA~1\ALWILS~1\Avast4\AavmRpch.dll] [ALWIL Software, 4, 7, 1043, 0] [c:\program files\alwil software\avast4\ahruimai.dll] [ALWIL Software, 4, 7, 1043, 0] [C:\PROGRA~1\ALWILS~1\Avast4\ashUInt.dll] [ALWIL Software, 4, 7, 1043, 0] [C:\PROGRA~1\ALWILS~1\Avast4\XT1922.dll] [Codejock Software, 1, 9, 4, 0] [c:\program files\alwil software\avast4\ahruimes.dll] [ALWIL Software, 4, 7, 1043, 0] [c:\program files\alwil software\avast4\ahruins.dll] [ALWIL Software, 4, 7, 1043, 0] [c:\program files\alwil software\avast4\ahruiout.dll] [ALWIL Software, 4, 7, 1043, 0] [C:\WINDOWS\system32\MAPI32.dll] [Microsoft Corporation, 1.0.2536.0 (XPClient.010817-1148)] [c:\program files\alwil software\avast4\ahruip2p.dll] [ALWIL Software, 4, 7, 1043, 0] [c:\program files\alwil software\avast4\ahruistd.dll] [ALWIL Software, 4, 7, 1043, 0] [c:\program files\alwil software\avast4\ahruiws.dll] [ALWIL Software, 4, 7, 1043, 0] [PID: 312 / Julien][C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe] [Sun Microsystems, Inc., 6.0.30.5] [C:\WINDOWS\system32\Normaliz.dll] [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)] [C:\WINDOWS\system32\iertutil.dll] [Microsoft Corporation, 7.00.6000.16544 (vista_gdr.070814-1500)] [PID: 568 / SYSTEM][C:\Program Files\iPod\bin\iPodService.exe] [Apple Inc., 7.4.3.1] [C:\Program Files\iPod\bin\iPodService.Resources\fr.lproj\iPodServiceLocalized.DLL] [Apple Inc., 7.4.0.17] [C:\Program Files\iPod\bin\iPodService.Resources\iPodService.DLL] [Apple Inc., 7.4.3.1] [PID: 308 / Julien][C:\Program Files\Mozilla Firefox\firefox.exe] [Mozilla Corporation, 1.8.1.8: 2007100816] [C:\Program Files\Mozilla Firefox\js3250.dll] [Netscape Communications Corporation, 4.0] [C:\Program Files\Mozilla Firefox spr4.dll] [Netscape Communications Corporation, 4.6.7] [C:\Program Files\Mozilla Firefox\xpcom_core.dll] [Mozilla Foundation, 1.8.1.8: 2007100816] [C:\Program Files\Mozilla Firefox\plc4.dll] [Netscape Communications Corporation, 4.6.7] [C:\Program Files\Mozilla Firefox\plds4.dll] [Netscape Communications Corporation, 4.6.7] [C:\Program Files\Mozilla Firefox\smime3.dll] [Mozilla Foundation, 3.11.5 Basic ECC] [C:\Program Files\Mozilla Firefox ss3.dll] [Mozilla Foundation, 3.11.5 Basic ECC] [C:\Program Files\Mozilla Firefox\softokn3.dll] [Mozilla Foundation, 3.11.4 Basic ECC] [C:\Program Files\Mozilla Firefox\ssl3.dll] [Mozilla Foundation, 3.11.5 Basic ECC] [C:\Program Files\Mozilla Firefox\xpcom_compat.dll] [Mozilla Foundation, 1.8.1.8: 2007100816] [C:\Program Files\Mozilla Firefox\components\myspell.dll] [Mozilla Foundation, 1.8.1.8: 2007100816] [C:\Program Files\Mozilla Firefox\components\jar50.dll] [Mozilla Foundation, 1.8.1.8: 2007100816] [C:\Documents and Settings\Julien\Application Data\Mozilla\Firefox\Profiles\6cn91608.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\metrics.dll] [N/A, ] [C:\Program Files\Mozilla Firefox\xpcom.dll] [Mozilla Foundation, 1.8.1.8: 2007100816] [C:\Documents and Settings\Julien\Application Data\Mozilla\Firefox\Profiles\6cn91608.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\googletoolbar.dll] [N/A, ] [C:\WINDOWS\system32\Normaliz.dll] [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)] [C:\WINDOWS\system32\iertutil.dll] [Microsoft Corporation, 7.00.6000.16544 (vista_gdr.070814-1500)] [C:\Program Files\Mozilla Firefox\freebl3.dll] [Mozilla Foundation, 3.11.4 Basic ECC] [C:\Program Files\Mozilla Firefox ssckbi.dll] [Mozilla Foundation, 1.64] [C:\Program Files\Mozilla Firefox\components\spellchk.dll] [Mozilla Foundation, 1.8.1.8: 2007100816] [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)] [C:\Program Files\Mozilla Firefox\plugins\NPSWF32.dll] [, ] [PID: 3832 / Julien][C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe] [GRISOFT s.r.o., 7, 5, 1, 43] [C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\engine.dll] [GRISOFT s.r.o., 4, 2, 0, 19] [C:\WINDOWS\system32\ieframe.dll] [Microsoft Corporation, 7.00.6000.16544 (vista_gdr.070814-1500)] [C:\WINDOWS\system32\iertutil.dll] [Microsoft Corporation, 7.00.6000.16544 (vista_gdr.070814-1500)] [PID: 3828 / Julien][C:\WINDOWS\explorer.exe] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\Normaliz.dll] [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)] [C:\WINDOWS\system32\iertutil.dll] [Microsoft Corporation, 7.00.6000.16544 (vista_gdr.070814-1500)] [C:\WINDOWS\system32\ieframe.dll] [Microsoft Corporation, 7.00.6000.16544 (vista_gdr.070814-1500)] [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)] [C:\PROGRA~1\SPYBOT~1\SDHelper.dll] [Safer Networking Limited, 1, 5, 0, 8] [C:\Program Files\Microsoft Office\Office10\msohev.dll] [Microsoft Corporation, 10.0.2609] [C:\Program Files\WinRAR arext.dll] [N/A, ] [C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\shellexecutehook.dll] [GRISOFT s.r.o., 7, 5, 1, 36] [PID: 3168 / Julien][C:\Documents and Settings\Julien\Bureau\SREng\SREngPS.EXE] [Smallfrogs Studio, 2.5.16.900] [C:\WINDOWS\system32\Normaliz.dll] [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)] [C:\WINDOWS\system32\iertutil.dll] [Microsoft Corporation, 7.00.6000.16544 (vista_gdr.070814-1500)] [C:\Documents and Settings\Julien\Bureau\SREng\Upload\3rdUpd.DLL] [Smallfrogs Studio, 2, 1, 0, 15] ================================== File Associations .TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1] .EXE OK. ["%1" %*] .COM OK. ["%1" %*] .PIF OK. ["%1" %*] .REG OK. [regedit.exe "%1"] .BAT OK. ["%1" %*] .SCR OK. ["%1" /S] .CHM OK. ["C:\WINDOWS\hh.exe" %1] .HLP OK. [%SystemRoot%\System32\winhlp32.exe %1] .INI OK. [%SystemRoot%\System32\NOTEPAD.EXE %1] .INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1] .VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*] .JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*] .LNK OK. [{00021401-0000-0000-C000-000000000046}] ================================== Winsock Provider N/A ================================== Autorun.Inf N/A ================================== HOSTS File 127.0.0.1 localhost ================================== Process Privileges Scan Special Privilege Enabled: SeLoadDriverPrivilege [PID = 576, C:\PROGRAM FILES\FICHIERS COMMUNS\APPLE\MOBILE DEVICE SUPPORT\BIN\APPLEMOBILEDEVICESERVICE.EXE] ================================== API HOOK N/A ================================== Hidden Process N/A ================================== [/CODE]

Le sioux · Answer

Re

Bon, R host a fait son travail et a remis la liste host comme a l origine.

pour le reste tu m a donné plein de lecture lol

Je regarde tout cela, je te repondrai demain.

Au fait, comment va le pc ?

@ demain

Julien · Answer

Ok, fabuleux ! 

Etrangement, depuis le début de tout ça, le PC tourne sans trop de soucis, c'est juste les anti-virus / spywares et l' Internet qui semblent fatigués. Bref, le PC va toujours, pour le moment, tu as été plus que de bon conseil ! 

En plus, j'ai parcouru en attendant la liste des trucs Host là, y'avait plein de sites avec des noms pas très catholiques, voire franchement douteux ! :-) C'est quand même bizarre que tous les trucs qu'installent les troyens soient assez rarement des sites de lecture d'ouvrages philosophiques, non ? ;-) 

Plutôt content que R Host a fait son taf du coup ! 

Bonne lecture, bonne soirée
A demain

Le sioux · Answer

Bonjour

La liste Hosts est une protection passive pour interdir l acces a certains site, il est trs interressant de garnir la sienne mais a fiare soi meme ou encore avec l aide de Spybot .
Dans ta liste je doutais sur plusieurs sites sités, je prefere qu elle soit remise a neuf, tu te servira par la suite de spybot pour la garnir utilement.

Un peu d info sur ce qu'est le fichier hosts http://perso.orange.fr/jesses/Docs/Bases/FichierHosts.htm

On continu

*  Sélectionne le texte suivant :

Registry::

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"appinit_dlls"=""

File::

C:\WINDOWS\system32\ozef.exe

* Copie le texte sélectionné (CTRL+C).
* Ouvre le bloc-notes (programme>Accessoires >bloc-notes).
* Colle le texte copié dans ce bloc-notes (CTRL+V).
* Sauvegarde ce fichier sous le nom de CFScript.txt
* Fais un glisser/déposer de ce fichier CFScript sur le fichier ComboFix.exe ( sur ton bureau)

* Une fenêtre bleue va apparaître: au message qui apparaît  Type 1 to continue, or 2 to abort , tape 1 puis valide.

* Patiente le temps du scan. Le bureau va disparaître à plusieurs reprises : c'est normal!

Ne touche à rien tant que le scan n'est pas terminé. 

* Une fois le scan achevé, un rapport va s'afficher : Poste son contenu.

* Si le fichier ne s'ouvre pas, il se trouve ici > C:\ComboFix.txt

@ suivre

Julien · Answer

Bonsoir le Sioux, j'espère que tout va bien pour toi. Merci pour l'explication sur les hosts, me voilà (un peu) moins bête ! Opé effectuée, voilà le rapport ComboFix : ComboFix 07-10-20.6 - Julien 2007-10-25 22:27:32.3 - NTFSx86 Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.1574 [GMT 2:00] Running from: C:\Documents and Settings\Julien\Bureau\ComboFix.exe Command switches used :: C:\Documents and Settings\Julien\Bureau\CFScript.txt * Created a new restore point FILE:: C:\WINDOWS\system32\ozef.exe . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . C:\WINDOWS\system32\ozef.exe . ((((((((((((((((((((((((((((( Fichiers créés 2007-09-25 to 2007-10-25 )))))))))))))))))))))))))))))))))))) . 2007-10-24 23:04 d-------- C:\WINDOWS\ERUNT 2007-10-22 01:21 51,200 --a------ C:\WINDOWS\NirCmd.exe 2007-10-21 20:37 d-------- C:\WINDOWS\report 2007-10-21 20:37 d-------- C:\WINDOWS\AU_Backup 2007-10-21 20:37 1,163,344 --a------ C:\WINDOWS\vsapi32.dll 2007-10-21 20:37 267,845 --a------ C:\WINDOWS\tsc.exe 2007-10-21 20:37 86,094 --a------ C:\WINDOWS\BPMNT.dll 2007-10-21 20:37 71,749 --a------ C:\WINDOWS\hcextoutput.dll 2007-10-21 20:36 d-------- C:\WINDOWS\AU_Temp 2007-10-21 20:36 d-------- C:\WINDOWS\AU_Log 2007-10-21 20:36 507,904 --a------ C:\WINDOWS\TMUPDATE.DLL 2007-10-21 20:36 286,720 --a------ C:\WINDOWS\PATCH.EXE 2007-10-21 20:36 69,689 --a------ C:\WINDOWS\UNZIP.DLL 2007-10-21 20:27 d--h----- C:\WINDOWS\msdownld.tmp 2007-10-21 20:26 d-------- C:\WINDOWS\system32\fr-fr 2007-10-21 20:22 33,792 --a--c--- C:\WINDOWS\system32\dllcache\custsat.dll 2007-10-21 20:09 d-------- C:\VundoFix Backups 2007-10-21 16:30 d-------- C:\Documents and Settings\Julien\Application Data\vlc 2007-10-21 16:29 d-------- C:\Program Files\VideoLAN 2007-10-21 15:59 d-------- C:\Program Files\hp deskjet 840c series 2007-10-21 15:59 d-------- C:\Program Files\Hewlett-Packard 2007-10-21 15:26 d-------- C:\WINDOWS\Sun 2007-10-21 15:25 d-------- C:\Program Files\Java 2007-10-21 15:25 d-------- C:\Program Files\Fichiers communs\Java 2007-10-21 06:36 d-------- C:\Program Files\Trend Micro 2007-10-21 06:27 d-------- C:\Program Files\Lavasoft 2007-10-21 06:27 d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft 2007-10-21 04:51 95,608 --a------ C:\WINDOWS\system32\AvastSS.scr 2007-10-21 04:51 94,416 --a------ C:\WINDOWS\system32\drivers\aswmon2.sys 2007-10-21 04:51 92,848 --a------ C:\WINDOWS\system32\drivers\aswmon.sys 2007-10-21 04:51 42,912 --a------ C:\WINDOWS\system32\drivers\aswTdi.sys 2007-10-21 04:51 26,624 --a------ C:\WINDOWS\system32\drivers\aavmker4.sys 2007-10-21 04:51 23,152 --a------ C:\WINDOWS\system32\drivers\aswRdr.sys 2007-10-21 04:50 801,144 --a------ C:\WINDOWS\system32\aswBoot.exe 2007-10-21 03:50 d-------- C:\Program Files\Alwil Software 2007-10-21 03:50 1,060,864 --a------ C:\WINDOWS\system32\MFC71.dll 2007-10-20 12:19 d-------- C:\WINDOWS\ShellNew 2007-10-20 02:44 d-------- C:\Documents and Settings\Julien\Application Data\Apple Computer 2007-10-20 02:43 d-------- C:\Program Files\QuickTime 2007-10-20 02:43 d-------- C:\Program Files\iTunes 2007-10-20 02:43 d-------- C:\Program Files\iPod 2007-10-20 02:43 d-------- C:\Program Files\Apple Software Update 2007-10-20 02:43 d-------- C:\Documents and Settings\All Users\Application Data\Apple Computer 2007-10-20 02:42 d-------- C:\Program Files\Fichiers communs\Apple 2007-10-20 02:42 d-------- C:\Documents and Settings\All Users\Application Data\Apple 2007-10-20 02:40 d-------- C:\Program Files\QuickZip4 2007-10-20 02:25 d-------- C:\Program Files\Azureus 2007-10-20 02:06 d-------- C:\Program Files\eMule 2007-10-20 01:55 d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy 2007-10-20 01:49 d-------- C:\Program Files\Winamp 2007-10-20 01:49 d-------- C:\Documents and Settings\Julien\Application Data\Winamp 2007-10-20 01:44 d-------- C:\Program Files\TuneUp Utilities 2007 2007-10-20 01:44 d-------- C:\Documents and Settings\Julien\Application Data\TuneUp Software 2007-10-20 01:44 d-------- C:\Documents and Settings\All Users\Application Data\TuneUp Software 2007-10-20 01:44 29,704 --a------ C:\WINDOWS\system32\uxtuneup.dll 2007-10-20 01:43 d-------- C:\Program Files\Fichiers communs\Wise Installation Wizard 2007-10-20 01:42 d-------- C:\Program Files\CCleaner 2007-10-20 01:37 d-------- C:\Documents and Settings\Julien\Application Data\Grisoft 2007-10-20 01:37 10,872 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys 2007-10-20 01:32 d-------- C:\Documents and Settings\Julien\Contacts 2007-10-20 01:31 d----c--- C:\WINDOWS\system32\DRVSTORE 2007-10-20 01:31 d-------- C:\Program Files\MSN Messenger 2007-10-19 21:03 1,277 --a------ C:\WINDOWS\mozver.dat 2007-10-19 20:32 d-------- C:\WINDOWS\system32\Lang 2007-10-19 20:32 d-------- C:\Documents and Settings\LocalService\Menu D‚marrer 2007-10-19 20:28 d-------- C:\Documents and Settings\All Users\Application Data\MailFrontier 2007-10-19 20:28 75,932 --a------ C:\WINDOWS\system32\drivers\klick.dat 2007-10-19 20:28 75,248 --a------ C:\WINDOWS\zllsputility.exe 2007-10-19 20:28 74,396 --a------ C:\WINDOWS\system32\drivers\klin.dat 2007-10-19 20:28 54,672 --a------ C:\WINDOWS\system32\vsutil_loc040c.dll 2007-10-19 20:28 42,384 --a------ C:\WINDOWS\zllsputility_loc040c.dll 2007-10-19 20:28 21,904 --a------ C:\WINDOWS\system32\imsinstall_loc040c.dll 2007-10-19 20:28 17,808 --a------ C:\WINDOWS\system32\imslsp_install_loc040c.dll 2007-10-19 20:28 11,264 --a------ C:\WINDOWS\system32\SpOrder.dll 2007-10-19 20:28 4,212 ---h----- C:\WINDOWS\system32\zllictbl.dat 2007-10-19 20:26 d-------- C:\WINDOWS\Internet Logs 2007-10-19 20:24 d-------- C:\WINDOWS\IIS Temporary Compressed Files 2007-10-19 20:18 0 --a------ C:\WINDOWS\nsreg.dat 2007-10-19 20:11 d-------- C:\WINDOWS\pss 2007-10-19 20:01 d-------- C:\WINDOWS\ServicePackFiles 2007-10-19 20:00 549,720 --a------ C:\WINDOWS\system32\wuapi.dll 2007-10-19 20:00 351,232 --a------ C:\WINDOWS\system32\winhttp.dll 2007-10-19 20:00 325,976 --a------ C:\WINDOWS\system32\wucltui.dll 2007-10-19 20:00 43,352 --a------ C:\WINDOWS\system32\wups2.dll 2007-10-19 20:00 33,624 --a------ C:\WINDOWS\system32\wups.dll . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2007-10-24 22:45 54,284 --sha-w C:\WINDOWS\system32\drivers\fidbox.idx 2007-10-24 22:45 5,077,024 --sha-w C:\WINDOWS\system32\drivers\fidbox.dat 2007-10-21 04:35 9,344 ----a-w C:\WINDOWS\system32\drivers\NSDriver.sys 2007-10-21 04:35 8,320 ----a-w C:\WINDOWS\system32\drivers\AWRTRD.sys 2007-10-21 02:01 --------- d-----w C:\Documents and Settings\All Users\Application Data\avg7 2007-10-21 01:07 --------- d-----w C:\Documents and Settings\Julien\Application Data\AVG7 2007-10-19 23:37 --------- d-----w C:\Documents and Settings\All Users\Application Data\Grisoft 2007-10-19 18:01 --------- d-----w C:\Documents and Settings\Julien\Application Data\ma-config.com 2007-10-19 17:57 --------- d-----w C:\Program Files\ASUSTeK 2007-10-19 17:55 274,425,064 ----a-w C:\WINDOWS\WindowsXP-KB835935-SP2-FRA.exe 2007-10-19 17:54 --------- d-----w C:\Program Files\ma-config.com 2007-10-19 17:54 --------- d-----w C:\Program Files\Fichiers communs\InstallShield 2007-10-19 17:50 --------- d-----w C:\Program Files\Intel 2007-10-19 17:45 --------- d-----w C:\Program Files\microsoft frontpage 2007-10-19 17:43 --------- d-----w C:\Program Files\Fichiers communs\MSSoap 2007-10-19 17:42 --------- d-----w C:\Program Files\Services en ligne 2007-10-19 17:31 13,824 ----a-w C:\removewga_removewga_1.2_anglais_21437.exe 2007-07-30 17:19 92,504 ----a-w C:\WINDOWS\system32\cdm.dll 2007-07-30 17:19 53,080 ----a-w C:\WINDOWS\system32\wuauclt.exe 2007-07-30 17:19 203,096 ----a-w C:\WINDOWS\system32\wuweb.dll 2007-07-30 17:19 1,712,984 ----a-w C:\WINDOWS\system32\wuaueng.dll . ((((((((((((((((((((((((((((( snapshot@2007-10-22_ 1.27.31.03 ))))))))))))))))))))))))))))))))))))))))) . + 2007-10-23 01:32:46 163,328 ----a-w C:\WINDOWS\ERUNT\SDFIX\ERDNT.EXE + 2007-10-24 21:04:49 2,813,952 ----a-w C:\WINDOWS\ERUNT\SDFIX\Users\[u]0[/u]0000001\NTUSER.DAT + 2007-10-24 21:04:49 147,456 ----a-w C:\WINDOWS\ERUNT\SDFIX\Users\[u]0[/u]0000002\UsrClass.dat + 2007-10-23 01:32:46 163,328 ----a-w C:\WINDOWS\ERUNT\SDFIX_First_Run\ERDNT.EXE + 2007-10-24 21:04:41 2,813,952 ----a-w C:\WINDOWS\ERUNT\SDFIX_First_Run\Users\[u]0[/u]0000001\NTUSER.DAT + 2007-10-24 21:04:41 147,456 ----a-w C:\WINDOWS\ERUNT\SDFIX_First_Run\Users\[u]0[/u]0000002\UsrClass.dat + 2007-10-25 20:18:26 16,384 ----atw C:\WINDOWS\Temp\Perflib_Perfdata_d8.dat . ((((((((((((((((((((((((((((((((( Point de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NvCplDaemon"="C:\WINDOWS\System32\NvCpl.dll" [2005-12-14 08:51] "RTHDCPL"="RTHDCPL.EXE" [2006-06-28 08:54 C:\WINDOWS\RTHDCPL.exe] "ZoneAlarm Client"="C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" [2007-06-21 21:54] "!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 11:25] "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2007-09-26 14:42] "avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-09-06 12:06] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11] "HPDJ Taskbar Utility"="C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe" [2001-11-15 19:05] "AVG7_CC"="C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" [] "NvMediaCenter"="C:\WINDOWS\System32\NvMcTray.dll" [2005-12-14 08:51] "nwiz"="nwiz.exe" [2005-12-14 08:51 C:\WINDOWS\system32\nwiz.exe] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-19 16:09] "MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-08-19 16:10] R2 UxTuneUp;TuneUp Extension de thème;C:\WINDOWS\System32\svchost.exe -k netsvcs HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs UxTuneUp [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f690a679-7e9c-11dc-96f0-00138fd5f064}] Auto\command - F:\sxs.exe AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL sxs.exe . Contenu du dossier 'Scheduled Tasks/Tâches planifiées' "2007-10-20 00:43:09 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job" - C:\Program Files\Apple Software Update\SoftwareUpdate.exe "2007-10-19 23:44:33 C:\WINDOWS\Tasks\Maintenance en 1 clic.job" - C:\Program Files\TuneUp Utilities 2007\SystemOptimizer.exe . ************************************************************************** catchme 0.3.1232 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2007-10-25 22:28:45 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** . Completion time: 2007-10-25 22:29:19 C:\ComboFix2.txt ... 2007-10-24 23:54 C:\ComboFix3.txt ... 2007-10-22 01:27 . --- E O F --- Dans le doute, je te mets aussi un hijackthis. A défaut de faire du bien, ça peut pas faire de mal... Rapport Hijackthis : Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 22:32:44, on 25/10/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16544) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\ZoneLabs\vsmon.exe C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\WINDOWS\ATKKBService.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\WINDOWS\System32\nvsvc32.exe C:\WINDOWS\System32\tcpsvcs.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\RTHDCPL.EXE C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe C:\Program Files\iTunes\iTunesHelper.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\iPod\bin\iPodService.exe C:\WINDOWS\explorer.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.01net.com/telecharger/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.01net.com/telecharger/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O4 - HKLM\..\Run: [NvCplDaemon] ; RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe O4 - HKLM\..\Run: [AVG7_CC] ; C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP O4 - HKLM\..\Run: [NvMediaCenter] ; RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [nwiz] ; nwiz.exe /install O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] ; "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SERVICE LOCAL') O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O15 - Trusted Zone: http://www.secuser.com O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/... O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - https://www.trendmicro.com/en_us/forHome/products/housecall.html O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - https://www.touslesdrivers.com/index.php?v_page=29 O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

Le sioux · Answer

Bonsoir Julien

Bien joué ;-) 

Je regarde tout cela et te tiens au courant.

@+

Julien · Answer

Ok, ça marche. 

Pour info, malgré tout ce que nous avons pu faire, mes navigateurs continuent à fatiguer et me dire que des téléchargement sont en cours quand je veux fermer les fenêtres et que je ne télécharge rien... Par ailleurs, une simple bande-annonce (la dernière de I Am Legend, bah merde, je la regarderais au bureau tiens :-)) se stoppe toute seule ! Impossible de l'emmener au bout. 

AVG anti-Spyware continue de bloquer sa recherche complète sur le même truc mentionné tout au début, le tracking.log. Et continue de trouver des tracking cookies par dizaines tous les jours en cas de recherche rapide. 

En revanche, Spybot ne trouve plus de Virtumonde...

Ad-Aware et Avast, j'essaie même plus ! 

Je ne sais pas si ça peut t'aider mais ça coûte rien de le mentionner ! 

Merci
Une bonne soirée / nuit
@+

Le sioux · Answer

Bonjour

* Pour les cookies, ce qu ils sont :


Cookies (biscuit)
Un cookie est un enregistrement d' informations par le serveur dans un fichier texte situé sur l'ordinateur client.
Il se compose d' un ensemble de variables que le client et le serveur s'échangent lors de transactions HTTP, ce qui permet d'éviter de se connecter à nouveau sur un forum par exemple ou d'aller directement sur la page d'un site...
Sans problème quand ils sont utilisés par des "entités", ils peuvent se révéler très dangereux mal employés.
En effet ils peuvent stocker une multitudes de renseignements qui récoltés par un spyware, permet de se connecter au service Web sous le compte de l'utilisateur.
De gigrionne  https://forum.pcastuces.com/sujet.asp?f=25&s=14911

*  Il faut mieux "gérer" les cookies :

Avec I.E outils/options/onglet confidentialité/avancés
*Cocher ignorer gestion automatique des cookies
*Cocher accepter cookies interne et refuser cookies tiers puis appliquer et ok

Avec Firefox outils/options/vie privée
*Conserver les cookies jusqu à la fermeture de Firefox sur PC Astuces>Firefox
*Dans paramètres, cocher cookies
*Cocher toujours effacer mes informations personnelles à la fermeture de Firefox puis valider par ok
Sinon pour FF, il y a des extensions pour cela (au- 4 à C)>https://www.hugedomains.com/domain_profile.cfm?d=geckozone&e=org#C

* Pour Avast : si tu peux amener a bien le telechargement, fais ce que je t ai conseillé au poste 20

@ suivre..

Julien · Answer

Bonsoir le Sioux, 

Pour les cookies, ça, je connaissais, pour une fois ! :-) Juste que je n'en avais jamais eu autant en si peu de temps ! Le bouclier résident de AVG Antispyware fonctionne d'habitude mieux que ça !

Sinon, bonne nouvelle, après 3 millions d'essais infructueux, mon navigateur a enfin accepté de télécharger les 20 Go d'Antivir ! Quelle performance ! J'ai donc suivi tes conseils de désinstallation d'Avast et de scan complet de Antivir. J'ai quand même regardé d'autres comparatifs sur Internet, en effet, il a l'air costaud, le coco d'Antivir. y'a juste pas de scan email, m'en fous, j'utilise Hotmail ! ;-)

Je te poste donc enfin le rapport d'Antivir, ce qui doit sensiblement être le 300 000ème rapport que tu lis de mon PC, que tu connais maintenant bien mieux que moi !!! :-)

Bon, j'ai quand même une question. Avec toute l'aide que tu m'as déjà apportée, on progresse, on avance, on en voit le bout ? On s'est débarrassé de presque tout ou on n'est pas sorti ? 

Enfin, bref, une bonne soirée / nuit, je repasse demain. 

Merci
@+

Rapport Antivir : 



AntiVir PersonalEdition Classic
Report file date: samedi 27 octobre 2007  03:35

Scanning for 904194 virus strains and unwanted programs.

Licensed to:      Avira AntiVir PersonalEdition Classic
Serial number:    0000149996-ADJIE-0001
Platform:         Windows XP
Windows version:  (Service Pack 2)  [5.1.2600]
Username:         Julien
Computer name:    CHARPENT-UM4M4U

Version information:
BUILD.DAT    : 270           15603 Bytes  19/09/2007 13:32:00
AVSCAN.EXE   : 7.0.6.1      290856 Bytes  23/08/2007 12:16:29
AVSCAN.DLL   : 7.0.6.0       49192 Bytes  16/08/2007 11:23:51
LUKE.DLL     : 7.0.5.3      147496 Bytes  14/08/2007 14:32:47
LUKERES.DLL  : 7.0.6.1       10280 Bytes  21/08/2007 11:35:20
ANTIVIR0.VDF : 6.40.0.0    11030528 Bytes  18/07/2007 01:19:03
ANTIVIR1.VDF : 7.0.0.0     1640448 Bytes  13/09/2007 01:19:03
ANTIVIR2.VDF : 7.0.0.140    940544 Bytes  26/10/2007 01:19:03
ANTIVIR3.VDF : 7.0.0.142      3072 Bytes  26/10/2007 01:19:03
AVEWIN32.DLL : 7.6.0.30    3056128 Bytes  27/10/2007 01:19:03
AVWINLL.DLL  : 1.0.0.7       14376 Bytes  26/02/2007 09:36:26
AVPREF.DLL   : 7.0.2.2       25640 Bytes  18/07/2007 06:39:17
AVREP.DLL    : 7.0.0.1      155688 Bytes  16/04/2007 12:16:24
AVPACK32.DLL : 7.3.0.15     360488 Bytes  03/08/2007 07:46:00
AVREG.DLL    : 7.0.1.6       30760 Bytes  18/07/2007 06:17:06
AVARKT.DLL   : 1.0.0.20     278568 Bytes  28/08/2007 11:26:33
AVEVTLOG.DLL : 7.0.0.20      86056 Bytes  18/07/2007 06:10:18
NETNT.DLL    : 7.0.0.0        7720 Bytes  08/03/2007 10:09:42
RCIMAGE.DLL  : 7.0.1.30    2342952 Bytes  07/08/2007 11:38:13
RCTEXT.DLL   : 7.0.62.0      86056 Bytes  21/08/2007 11:50:37
SQLITE3.DLL  : 3.3.17.1     339968 Bytes  23/07/2007 08:37:21

Configuration settings for the scan:
Jobname..........................: Manual Selection
Configuration file...............: C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\PROFILES\folder.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: off
Scan boot sector.................: on
Boot sectors.....................: D:, 
Scan memory......................: on
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: All files
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Deviating archive types..........: +BSD Mailbox, +Netscape/Mozilla Mailbox, +Eudora Mailbox, +Squid cache, +Pegasus Mailbox, +MS Outlook Mailbox, 
Macro heuristic..................: on
File heuristic...................: high
Deviating risk categories........: +APPL,+GAME,+JOKE,+PCK,+SPR,

Start of the scan: samedi 27 octobre 2007  03:35

The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'notepad.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'guard.exe' - '1' Module(s) have been scanned
Scan process 'aawservice.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
14 processes with 14 modules were scanned

Start scanning boot sectors:
Boot sector 'C:\'
      [NOTE]      No virus was found!
Boot sector 'D:\'
      [NOTE]      No virus was found!

Starting to scan the registry.
The registry was scanned ( '23' files ).


Starting the file scan:

Begin scan in 'C:\'
C:\pagefile.sys
      [WARNING]   The file could not be opened!
C:\Documents and Settings\Julien\Bureau\ComboFix.exe
  [0] Archive type: RAR SFX (self extracting)
  --> nircmd.exe
      [DETECTION] Contains detection pattern of the application APPL/NirCmd.1
  --> nircmd.cfexe
      [DETECTION] Contains detection pattern of the application APPL/NirCmd.1
      [INFO]      The file was moved to '478f9686.qua'!
C:\Documents and Settings\Julien\Bureau\Bordel à virus\Antivirtumonde\VirtumundoBeGone.exe
      [DETECTION] Contains detection pattern of the application APPL/Processor
      [INFO]      The file was moved to '479496c1.qua'!
C:\Documents and Settings\Julien\Bureau\Yann Tiersen\Yann Tiersen - Rue Des Cascades - 160Kbps - Sg.ace
  [0] Archive type: ACE
  --> YANN TIERSEN - Rue Des Cascades\01 - J'y Suis Jamais All&#130;.mp3
      [WARNING]   Error creating the file
  --> YANN TIERSEN - Rue Des Cascades\02 - Rue Des Cascades.mp3
      [WARNING]   No further files can be extracted from this archive. The archive will be closed
      [WARNING]   No further files can be extracted from this archive. The archive will be closed
C:\qoobox\Quarantine\C\Documents and Settings\Julien\Application Data	mp23.tmp.exe.vir
      [DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
      [INFO]      The file was moved to '479299ec.qua'!
C:\qoobox\Quarantine\C\Documents and Settings\Julien\Application Data	mp26.tmp.exe.vir
      [DETECTION] Is the Trojan horse TR/Dldr.ConHook.Gen
      [INFO]      The file was moved to '479299f0.qua'!
C:\qoobox\Quarantine\C\Documents and Settings\Julien\Application Data	mp2A.tmp.exe.vir
      [DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
      [INFO]      The file was moved to '479299f4.qua'!
C:\qoobox\Quarantine\C\Documents and Settings\Julien\Application Data	mp2D.tmp.exe.vir
      [DETECTION] Is the Trojan horse TR/Dldr.ConHook.Gen
      [INFO]      The file was moved to '479299f6.qua'!
C:\qoobox\Quarantine\C\Documents and Settings\Julien\Application Data	mp6.tmp.exe.vir
      [DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
      [INFO]      The file was moved to '479299f9.qua'!
C:\qoobox\Quarantine\C\Documents and Settings\Julien\Application Data	mp9.tmp.exe.vir
      [DETECTION] Is the Trojan horse TR/Dldr.ConHook.Gen
      [INFO]      The file was moved to '479299fb.qua'!
C:\qoobox\Quarantine\C\Documents and Settings\Julien\Application Data	mpA72.tmp.exe.vir
      [DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
      [INFO]      The file was moved to '479299fe.qua'!
C:\qoobox\Quarantine\C\Documents and Settings\Julien\Application Data	mpA75.tmp.exe.vir
      [DETECTION] Is the Trojan horse TR/Dldr.ConHook.Gen
      [INFO]      The file was moved to '47929a02.qua'!
C:\WINDOWS\NirCmd.exe
      [DETECTION] Contains detection pattern of the application APPL/NirCmd.1
      [INFO]      The file was moved to '47949a0a.qua'!
C:\_OTMoveIt\MovedFiles\WINDOWS\awusqn.dll
      [DETECTION] Is the Trojan horse TR/Dldr.ConHook.Gen
      [INFO]      The file was moved to '47979d77.qua'!
C:\_OTMoveIt\MovedFiles\WINDOWS\System32\winns.exe
      [DETECTION] Contains suspicious code HEUR/Crypted
      [INFO]      The file was moved to '47909d6f.qua'!
Begin scan in 'D:\'


End of the scan: samedi 27 octobre 2007  04:07
Used time: 31:22 min

The scan has been done completely.

   2766 Scanning directories
 136386 Files were scanned
     13 viruses and/or unwanted programs were found
      1 Files were classified as suspicious:
      0 files were deleted
      0 files were repaired
     13 files were moved to quarantine
      0 files were renamed
      1 Files cannot be scanned
 136373 Files not concerned
    819 Archives were scanned
      4 Warnings
      1 Notes

Julien · Answer

Oh, et petiie chose en plus, histoire de...

Au redémarrage de Windows en mode normal, Antivir s'est aussi relancé tout seul... Et devine quoi...

En arrivant sur le fameux dossier C:\System Volume Information	racking.log
ben il a fait comme tout le monde (Avast, AVG antivirus quand il était encore là, AVG antipsyware et Ad-Aware), il a planté !!!!!

Mais c'est quoi cette vilaine bestiole qui fait planter TOUS mes systèmes de protection , m'obligeant à les fermer puis à les relancer ? Le Obi-Wan Kenobi de la saloperie informatique ? 

Voilà, c'était l'info de tard le soir... tracking.log est visiblement le plus fort ! Bah zut alors ! ;-)

Le sioux · Answer

Bonsoir Julien

Un peu qu on en voit le bout, enfin ..  ;-)  lol

Je viens de voir que tu ecrivais un message en meme temps que moi, et qu Antivir plantait sur la restauration, on va donc l activer / reactiver.

1) Vide la quarantaine d Antivir : 

-->  start Antivir puis quarantine , selectionne ce qui s y trouve en cliquant sur la 1ere detection puis ctrl + A afin de selectionner la liste entiere et delete, confirme par ok. 

2)  Nettoyage des outils utilisés 

Lance OTMoveIt et clique sur clean up, ceci aura pour effet de supprimer les outils utilisés, Antivir en a deja saisis certains d ailleurs ;-)

3) Désactive ta "Restauration du système" puis réactive la  

* Désactivation : 
Cliquer droit sur le "Poste de travail" > Propriétés > onglet "Restauration du système" > cocher la case "Désactiver la Restauration du système sur tous les lecteurs" 
> Appliquer patiente jusqu'a que cela soit marqué "désactivée" puis Ok. 

* Activation : 
Suivre le même chemin ; décocher la case "Désactiver la Restauration du système sur tous les lecteurs" 
> Appliquer attends que cela soit a nouveau sur "surveillance" puis Ok. Redémarrer l'ordinateur.. 

4)  scan en ligne chez Bitdefender 

* fais un scan antivirus en ligne https://www.bitdefender.fr/ avec IE et copie colle le résultat ici 
* En bas, à gauche de la fenêtre, clique sur BitDefender SCAN ONLINE 
* Dans la nouvelle fenêtre, clique sur I agree 
* La fenêtre change encore, clique sur Click here to scan 
* Les signatures se chargent, etc. 

Tuto (merci Morgane) 

http://pageperso.aol.fr/loraline60/bitdefender_scan.htm 

5)  Rapports 

Poste le rapport d'OTMoveItet celui de BitDefenderScan en ligne. ( qui se trouve ici C:\windows\bdoscan8\scanres.txt ou scanres.html  )

@ suivre car il restera des conseils de sécurité a appliquer.

PS pense a regler I.E et FireFox pour les cookies comme demandé plus haut

Julien · Answer

Salut Le Sioux, 

Alors j'ai dû mal faire un truc parce que j'ai bien lancé OtMove it, bien appuyé sur Clean up et il m'a demandé de redémarrer. Après le redémarrage, il est tellement fort OTMove it qu'il s'était auto-enlevé !!! Donc difficile de poster le moindre rapport, il ne m'en a pas proposé, il est plus là  ! 

Ensuite, pour BitDefender online, même punition que pour tous les autres. Il chemine tranquillement dans mon ordinateur mais, arrivé dans le fameux dossier C:\System Volume Information (pas plus d'infos quant au chemin mais je suis prêt à parier ma chemise que ça s'arrête par tracking.log), il... s'arrête ! 

Le temps d'analyse monte,monte,monte, la barre de de progression ne bouge plus d'un pouce et il en est à son 1/4 d'heure d'analyse sur le même dossier...Le temps que j'écrive ce message d'ailleurs et que je me fasse un petit café, il continue à ne pas bouger...on en est à 20 minutes...
C'est d'ailleurs ce que j'entendais par planter sur tous les autres, j'aurais peut-être dû le préciser avant, ça ! 

J'ai aussi effectué l'activation/désactivation de la restauration du système dans l'ordre préconisé, ça n'a rien changé.

Pour le moment, j'arrête le scan, c'est visiblement inutile...

Bah voilà...
@+

Julien · Answer

oups, en regardant dans ma corbeille, j'ai trouvé ça, qui pourrait être le rapport OT Move it (ça y ressemble, puisque qu'à la fin il parle d'auto-effacement... Je ne sais pas si c'est complet mais c'est mieux que rien, on va dire... [nobackups] avenger.zip Avenger avenger.txt bfu.zip BFU combofix.exe QooBox ComboFix*.txt catchme.exe nircmd.exe swreg.exe Swxcacls.exe Swsc.exe dss.exe Deckard FindAWF.exe AWF.txt fixwareout.exe fixwareout fsbl.exe fsbl*.log gmer.exe gmer.dll gmer.ini gmer.log gmer_uninstall.cmd gmer.sys gmer haxfix.exe haxfix.txt killbox.exe !Killbox NoLop.exe NoLop.txt NoLopOLD.txt delete.bat OTMoveIt.exe _OTMoveIt rustbfix.exe Rustbfix sdfix.exe SDFix SmitfraudFix.exe SmitfraudFix rapport.txt SysInsite VundoFix.exe VundoFix Backups vundofix.txt win32delfkil.exe _backupD windelf.txt winpfind.exe WinPfind winpfind3u.exe WinPFind3u cleanup.txt [deleteself] @+

Le sioux · Answer

Bonsoir Julien

Alors, tu as apprécié le tour de passe passe d'OTMoveIt  ;-)

Bien joué pour le log .

Par contre cela me gene que les scan s arretent sur ta restauration et bloquent ainsi, c est pour cela que j ai dérogé a la regle en tentant de te faire desactiver/reactiver cette derniere (avant la fin de nettoyage, comme j ai l habitude de conseiller uniquement)..mais cela en vain...

Je vais devoir demander le relais a un(e) ami (e) car je pars en vacances une dizaine de jours, j espere que l on arrivera au bout de nos peines.

Content d'avoir pu te filer un coup de main, @ +

Julien · Answer

Salut le Sioux, 

Je te rassure, ça me gêne aussi ! ;-)

D'ailleurs, j'ai un autre truc qui m'emm... qui m'ennuie :-), c'est que ma barre de notification n'affiche pas que que je lui demande d'afficher (Antivir n'apparaît pas alors que je lui ai bien précisé "toujours afficher" par exemple)...

Quoi qu'il en soit, merci pour le coup de main et la disponibilité, ça fait plaisir de savoir qu'on peut être une bille en informatique et tout de même faire plein de trucs avec un coup de patte ! 

Dommage que nous n'ayons pas eu le temps de finir ! 

J'espère avoir vite des nouvelles de ton ami(e) et te souhaite de bonnes vacances... Et je croise les doigts pour que quand tu reviennes, mes soucis soient réglés parce que là, quand même, je pensais que ça prendrait autant de temps ! 

Mercie encore

FillPCA · Answer

Bonjour,

Je prends la suite du Sioux.

    *  Fais un scan en ligne en cliquant ici : http://assiste.com.free.fr/...
    * Choisis Kaspersky.
    * Tu dois réaliser le scan en utilisant Internet explorer. Une information apparait en haut, près de la barre d'état. Tu dois accepter et installer l'activeX proposé. La mise à jour de l'antivirus se lance.
    * Réalise un scan complet du système.
    * Sauvegarde le rapport en mode texte à l'issue du scan.

Edite le rapport Kaspersky.

FillPCA

Le sioux · Answer

Bonsoir Julien, FillPCA

Bonne continuation a vous 2. Tu es en de tres bonnes mains avec FillPCA.

Merci a FillPca pour le relais. :-)  

@ plus.

FillPCA · Answer

Salut Le Sioux,

Et passe de bonnes vacances !

FillPCA

Julien · Answer

Bonsoir FillPCA, 

D'abord merci à le Sioux d'avoir trouvé quelqu'un d'autre pour m'aider aussi vite ! Encore bonnes vacances ! :-) 
Ensuite, merci à toi de prendre le relais. 

Maintenant, pour changer un p'tit peu de la routine, j'ai donc été sur I.E. faire le scan Kapersky demandé et... Ben pareil qu'avec tout le reste, une fois arrivé sur le dossier :
C:\System Volume Information	racking.log
ça continue à mouliner dans le vide sans aller plus loin... Là, il est bloqué dessus depuis environ 20 minutes, alors que jusque là tout allait vite et bien ! (0 virus trouvé, 65% du scan fait en un petit quart d'heure)

Mes navigateurs Internet (que ce soit I.E. ou Firefox, que j'utilise plus volontiers) rament de plus en plus chaque jour qui passe, alors que ma connexion Internet a l'air tout à fait valide (aucun problème sur Messenger notamment, les mises à jours Antispam effectuées sans problèmes). J'ai de plus en plus de soucis à naviguer sur des sites de news type allociné, cool ! :-)

Bref, que ce soit AVG, Avast, Antivir, BitDefender en ligne, Secuser ou Kapersky en ligne, ce foutu tracking.log bloque tout le monde ! Et je ne sais absolument pas ce que c'est. 

Impossible donc de te fournir un log de l'analyse, puisque je ne peux pas la finir ! 

Voilà ! 
Je ne sais pas dans quelles mesures le Sioux t'a mis au courant de tout ce que nous avons pu faire, je t'expliquerais volontiers dans la mesure de mes moyens (parce que je me rends compte qu'au-dessus, y'a quand même beaucouup de lecture !!! ;-))

FillPCA · Answer

Re,

A/     *  Télécharge DiagHelp.zip sur ton bureau(Merci Malekal)  : http://www.malekal.com/download/DiagHelp.zip
Tuto : http://www.malekal.com/DiagHelp/DiagHelp.php
    * Ne double-clique pas dessus !! Fais un clic droit sur le fichier et extraire tout.
    * Un nouveau dossier chercher va être créé.
    * Ouvre le et double-clic sur go.cmd (le .cmd peut ne pas apparaître)
    * Une fenêtre va s'ouvrir, choisis l'option 1
    * L'analyse va commencer, ceci peut durer quelques minutes, laisse faire et appuie sur une touche quand on te le demande.
    * Pendant l'analyse après le rapport CATCHME sur l'écran rouge, tu dois appuyer sue entrée pour que l'outil continue ses recherches. Suis les consignes écrites.
    * Une fenêtre avec le rapport s'ouvre alors. Copie/colle son contenu. (Il se trouve aussi ici : c:\resultat.txt)
    * Double-clique sur ce fichier, Fais CTRL+A puis CTRL+C.
    * Dans ta prochaine réponse, colle le rapport en faisant CTRL+V.


B/     *  Télécharge SREng (de Smallfrogs) : http://www.kztechs.com/eng/download.html
    * Dézippe tout son contenu sur ton bureau (clic droit >Extraire ici).
    * Ouvre le dossier SReng2 et double-clique sur SREng.exe.
    * Clique sur "smart scan".
    * Clique sur le bouton "scan".
    * Quand l'analyse est terminée, clique sur le bouton "save reports".
    * Sauvegarde alors le rapport sur ton bureau.
    * Copie/colle le contenu du rapport  SREnglLOG.log dans ta prochaine réponse.

C/ Étape 1:
Télécharge eScan Antivirus Toolkit ici : http://www.spywareinfo.dk/download/mwav.exe
Sauvegarde-le sur ton Bureau.
Avant de lancer le programme, il faut le mettre à jour tel qu'indiqué à l'étape 2.

Étape 2:
Voici comment mettre l'outil à jour :

1.) Double-clique le fichier mwav.exe qui se trouve sur le Bureau ; dézippe les fichiers dans le nouveau dossier suggéré (C:\Kaspersky).
Le programme va se lancer, et tu dois le quitter (clique sur "Exit" puis "Exit").

2.) Double-clique sur le Poste de travail, puis double-clique sur le lecteur principal (habituellement C:\), double-clique sur le dossier Kaspersky ; ensuite, double-clique sur le fichier kavupd.exe. Tu verras maintenant une fenêtre DOS apparaître, et la mise à jour se complètera en quelques minutes.

3.) Lorsque la mise à jour sera complétée, tu verras "Press any key to continue" ; tape sur une clé pour continuer. Deux nouveaux répertoires (dossiers) ont été créés lors de la mise à jour (C:\Bases et C:\Downloads).

4.) Sélectionne/copie tous les fichiers présents dans le dossier C:\Downloads, puis colle-les dans le dossier C:\Kaspersky. Accepte à l'invite de remplacer les fichiers existants.

Ne pas lancer le scan tout de suite !

Étape 3:
Redémarre en mode Sans Échec :
1) Redémarre ton ordi
2) Tapote la touche F8 immédiatement, juste après le "Bip"
3) Tu verras un écran avec options de démarrage apparaître
4) Choisis la première option : Sans Échec, et valide avec "Entrée"
5) Choisis ton compte régulier, et non Administrateur


Étape 4:
Du mode Sans Échec, voici comment utiliser le programme :

1.) Pour lancer "eScan Antivirus Toolkit", trouve le fichier mwavscan.com situé dans le dossier C:\Kaspersky

2.) Double-clique sur mwavscan.com ; l'interface d'eScan va apparaître à l'écran.

3.) Il est très important de bien cocher ces boîtes sous Scan Option : Memory, Registry, Startup Folders, System Folders, Services.

4.) Coche la boîte Drive, ce qui donne accès à une nouvelle boîte Drive (bouton rond) juste dessous ; coche ce bouton "Drive" (très important..), et tu verras une nouvelle boîte de navigation apparaître à la droite. Clique sur la petite flèche de cette boîte and choisi la lettre de ton disque dur, habituellement C:\.

5.) Juste au-dessous, assure-toi que Scan All Files est coché, et non Program Files.

6.) Clique sur Scan Clean et laisse le tool vérifier tout le disque dur (ça peut être long..). Lorsque terminé, tu verras Scan Completed. Ne pas quitter tout de suite !

7.) Ouvre un nouveau fichier Bloc notes (clique sur "Démarrer" >> "Programmes" >>"Accessoires" >> "Bloc notes"), puis copie/colle tout le contenu de la fenêtre Virus Log Information (la deuxième, au bas) dans le fichier texte, et sauvegarde le. eScan génère également un rapport complet dans le dossier C:\Kaspersky (nommé mwav.log), mais il est trop lourd pour poster sur le forum.

Ferme le programme. Redémarre ton PC en mode Normal. Poste (copie/colle) le rapport que tu as sauvegardé dans ta prochaine réponse.

D/ Edite le rapport Diaghelp, SREng, Escan et un nouveau rapport Hijackthis.

FillPCA

Julien · Answer

Re FillPCA, ça m'a pris du temps, mais j'en ai vu le bout ! :-) J'avais fait un Rhost avec Le Sioux pour enlever tous les trucs qui commençaient par 127.0.0.1 qui apparaissaient dans le rapport SREng, mais ils sont revenus ! Peut-être est-ce dû au fait que je fais des vaccinations avec Spybot ? Pour le reste, la bonne -mauvaise ? Je suis pas sûr pour le coup !- nouvelle est que Escan n'a rient trouvé, il n'y avait absolument rien dans le virus log ! J'ai fait ce que tu as dit à la lettre et n'ai scanné que C:. Mon disque est partitionné, mais l'autre versant me sert à garder les photos, musiques et vidéos (d'ailleurs, à ce propos, lors de la partition avec Xp pack 1, il n'a trouvé que 130 GO alors que le disque en fait 200 et l'installation du pack 2 n'a rien changé, c'est normal ?), peu de chances qu'il y ait des virus et autres dans la partition. Bref, voilà les rapports... Je pense que tu en as pour un moment à dépiauter tout ça, je repasse donc demain soir si je finis pas trop tard ! Vu la longueur et vu que mon PC a parfois du mal à rafraîchir les fenêtres, je le poste en plusieurs fois... (d'ailleurs, ça a pas raté, la première fois a planté, j'espère qu'il n'y aura pas de doublons...) Une bonne soirée ! @+ Le Rapport SREng part. 1 : [CODE] 2007-10-28,22:37:22 System Repair Engineer 2.5.16.900 Smallfrogs (http://www.KZTechs.com) Windows XP Professional Service Pack 2 (Build 2600) - Administrative User - Completed Functions Allowed Follow item(s) have been choosed: All Boot Items (Including Registry, Startup Folders, Services and so on) Browser Add-ons Runing Processes (Including process model information) File Associations Winsock Provider Autorun.Inf HOSTS File Process Privileges Scan Boot Items Registry [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] [(Verified)Microsoft Windows Publisher] <"C:\Program Files\Messenger\msmsgs.exe" /background> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] [(Verified)Microsoft Windows Hardware Compatibility Publisher] <"C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"> [(Verified)Check Point Software Technologies Ltd.] <"C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized> [(Verified)GRISOFT LTD] <"C:\Program Files\iTunes\iTunesHelper.exe"> [(Verified)"Apple Computer, Inc."] <"C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"> [(Verified)"Sun Microsystems, Inc."] [(Verified)Microsoft Windows Hardware Compatibility Publisher, E=""] [(Verified)Microsoft Windows Hardware Compatibility Publisher] <"C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min> [Avira GmbH] <"C:\Program Files\QuickTime\qttask.exe" -atboottime> [Apple Inc.] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] [(Verified)Microsoft Windows Publisher] [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] <> [N/A] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] <{57B86673-276A-48B2-BAE7-C6DBB3020EB8}> [(Verified)GRISOFT LTD] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\<{12d0ed0d-0ee0-4f90-8827-78cefb8f4988}] [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}] <%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}] <%SystemRoot%\system32 egsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32 hemeui.dll> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}] <"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}] [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}] [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}] [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}] <"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install> [N/A] ================================== Startup Folders N/A ================================== Services [Ad-Aware 2007 Service / aawservice][Running/Auto Start] <"C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe"> [AntiVir PersonalEdition Classic Scheduler / AntiVirScheduler][Running/Auto Start] <"C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe"> [AntiVir PersonalEdition Classic Guard / AntiVirService][Running/Auto Start] <"C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe"> [Apple Mobile Device / Apple Mobile Device][Stopped/Manual Start] <"C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe"> [ATK Keyboard Service / ATKKeyboardService][Running/Auto Start] [AVG Anti-Spyware Guard / AVG Anti-Spyware Guard][Running/Auto Start] [AVG7 Alert Manager Server / Avg7Alrt][Stopped/Disabled] [AVG7 Update Service / Avg7UpdSvc][Stopped/Disabled] [AVG E-mail Scanner / AVGEMS][Stopped/Disabled] [Accès du périphérique d'interface utilisateur / HidServ][Stopped/Disabled] %SystemRoot%\System32\hidserv.dll> [Service de l'iPod / iPod Service][Running/Manual Start] <"C:\Program Files\iPod\bin\iPodService.exe"> [NVIDIA Display Driver Service / NVSvc][Running/Auto Start] [TrueVector Internet Monitor / vsmon][Running/Auto Start] ================================== Drivers [Enhanced Display Driver Helper Service / asuskbnt][Running/System Start] [AVG Anti-Spyware Driver / AVG Anti-Spyware Driver][Running/System Start] <\??\C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.sys> [AVG7 Kernel / Avg7Core][Stopped/System Start] <\SystemRoot\System32\Drivers\avg7core.sys> [AVG7 Wrap Driver / Avg7RsW][Running/System Start] <\SystemRoot\System32\Drivers\avg7rsw.sys> [AVG7 Resident Driver XP / Avg7RsXP][Stopped/System Start] <\SystemRoot\System32\Drivers\avg7rsxp.sys> [AVG Anti-Spyware Clean Driver / AvgAsCln][Running/System Start] [AVG7 Clean Driver / AvgClean][Running/System Start] <\SystemRoot\System32\Drivers\avgclean.sys> [avgio / avgio][Running/System Start] <\??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys> [avgntflt / avgntflt][Running/Manual Start] <\??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys> [AVG Network Redirector / AvgTdi][Running/Auto Start] <\SystemRoot\System32\Drivers\avgtdi.sys> [avipbb / avipbb][Running/System Start] [catchme / catchme][Stopped/Manual Start] <\??\C:\DOCUME~1\Julien\LOCALS~1\Temp\catchme.sys> [EIO / EIO][Running/Auto Start] <\??\C:\WINDOWS\system32\drivers\EIO.sys> [GEARAspiWDM / GEARAspiWDM][Running/Manual Start] [Microsoft UAA Bus Driver for High Definition Audio / HDAudBus][Running/Manual Start] [Service for Realtek HD Audio (WDM) / IntcAzAudAddService][Running/Manual Start] [kl1 / kl1][Running/Boot Start] <\SystemRoot\system32\DRIVERS\kl1.sys> [KLIF / KLIF][Running/System Start] [nv / nv][Running/Manual Start] [Pilote de liaison parallèle directe / Ptilink][Running/Manual Start] [PxHelp20 / PxHelp20][Running/Boot Start] <\SystemRoot\System32\Drivers\PxHelp20.sys> [Realtek 10/100/1000 NIC Family all in one NDIS XP Driver / RTL8023xp][Running/Manual Start] [Secdrv / Secdrv][Stopped/Manual Start] [srescan / srescan][Running/Boot Start] <\SystemRoot\system32\ZoneLabs\srescan.sys> [ssmdrv / ssmdrv][Running/System Start] [vsdatant / vsdatant][Running/System Start] ================================== Browser Add-ons [Spybot-S&D IE Protection] {53707962-6F74-2D53-2644-206D7942484F} [SSVHelper Class] {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} [Java Plug-in 1.6.0_03] {08B0E5C0-4FCB-11CF-AAA5-00401C608501} [] {85d1f590-48f4-11d9-9669-0800200c9a66} <%windir%\bdoscandel.exe, N/A> [Spybot-S&D IE Protection] {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} [] {e2e2dd38-d088-4134-82b7-f2ba38496583} <%windir%\Network Diagnostic\xpnetdiag.exe, N/A> [Messenger] {FB5F1910-F110-11d2-BB9E-00C04F795683} [CKAVWebScan Object] {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} [BDSCANONLINE Control] {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} [WUWebControl Class] {6414512B-B978-451D-A0D8-FCFDF33E833C} [HouseCall Control] {74D05D43-3236-11D4-BDCD-00C04F9A3B61} [Java Plug-in 1.6.0_03] {8AD9C840-044E-11D1-B3E9-00805F499D93} [Java Plug-in 1.6.0_03] {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} [Java Plug-in 1.6.0_03] {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [CKAVWebScan Object] {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} [InformationCardSigninHelper Class] {19916E01-B44E-4E31-94A4-4696DF46157B} [QuickTime Object] {4063BE15-3B08-470D-A0D5-B37161CFFD69} [Spybot-S&D IE Protection] {53707962-6F74-2D53-2644-206D7942484F} [BDSCANONLINE Control] {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} [CKAVReportCtrl Object] {6117669B-8C2D-41FA-A6D9-9E484B999CF0} [WUWebControl Class] {6414512B-B978-451D-A0D8-FCFDF33E833C} [Windows Media Player] {6BF52A52-394A-11D3-B153-00C04F79FAA6} [HouseCall Control] {74D05D43-3236-11D4-BDCD-00C04F9A3B61} [SSVHelper Class] {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} [SearchAssistantOC] {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\System32\shdocvw.dll, N/A> [Shockwave Flash Object] {D27CDB6E-AE6D-11CF-96B8-444553540000} [] {E1771B7F-98BE-407F-BA67-AA16ADA5D0C5} [XML HTTP Request] {ED8C108E-4349-11D2-91A4-00C04F7969E8} <%SystemRoot%\System32\msxml3.dll, N/A> [E&xporter vers Microsoft Excel] ================================== Running Processes [PID: 720 / SYSTEM][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 780 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 804 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)] [PID: 848 / SYSTEM][C:\WINDOWS\system32\services.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 860 / SYSTEM][C:\WINDOWS\system32\lsass.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 1020 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 1096 / SERVICE RÉSEAU][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 1192 / SYSTEM][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [c:\windows\system32\uxtuneup.dll] [TuneUp Software GmbH, 2.0.0.8] [C:\WINDOWS\system32\Normaliz.dll] [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)] [C:\WINDOWS\system32\iertutil.dll] [Microsoft Corporation, 7.00.6000.16544 (vista_gdr.070814-1500)] [PID: 1328 / SERVICE RÉSEAU][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 1392 / SERVICE LOCAL][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\Normaliz.dll] [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)] [C:\WINDOWS\system32\iertutil.dll] [Microsoft Corporation, 7.00.6000.16544 (vista_gdr.070814-1500)] [PID: 1628 / Julien][C:\WINDOWS\Explorer.EXE] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\Normaliz.dll] [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)] [C:\WINDOWS\system32\iertutil.dll] [Microsoft Corporation, 7.00.6000.16544 (vista_gdr.070814-1500)] [C:\WINDOWS\system32\ieframe.dll] [Microsoft Corporation, 7.00.6000.16544 (vista_gdr.070814-1500)] [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)] [C:\WINDOWS\System32 vcpl.dll] [NVIDIA Corporation, 6.14.10.8265] [C:\WINDOWS\system32\NVRSFR.DLL] [NVIDIA Corporation, 6.14.10.8265] [C:\WINDOWS\System32 vshell.dll] [, ] [C:\PROGRA~1\SPYBOT~1\SDHelper.dll] [Safer Networking Limited, 1, 5, 0, 8] [C:\Program Files\WinRAR arext.dll] [N/A, ] [C:\Program Files\Zone Labs\ZoneAlarm\zlavscan.dll] [Zone Labs, LLC, 7.0.362.000] [C:\Program Files\Zone Labs\ZoneAlarm\zlavscan_Loc040c.dll] [Zone Labs Inc., 5.3.017.000] [C:\Program Files\TuneUp Utilities 2007\SDShelEx-win32.dll] [TuneUp Software GmbH, 2.0.0.4] [C:\Program Files\Avira\AntiVir PersonalEdition Classic\shlext.dll] [Avira GmbH, 7.00.00.10] [C:\Program Files\Avira\AntiVir PersonalEdition Classic\MFC71U.DLL] [Microsoft Corporation, 7.10.3077.0] [C:\Program Files\Avira\AntiVir PersonalEdition Classic\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4] [C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\context.dll] [GRISOFT s.r.o., 7, 5, 1, 36] [C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\shellexecutehook.dll] [GRISOFT s.r.o., 7, 5, 1, 36] [C:\WINDOWS\system32\msdmo.dll] [, ] [C:\WINDOWS\System32\l3codeca.acm] [Fraunhofer Institut Integrierte Schaltungen IIS, 1, 9, 0, 0305] [C:\Program Files\Microsoft Office\Office10\msohev.dll] [Microsoft Corporation, 10.0.2609] [PID: 1896 / SYSTEM][C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe] [Lavasoft AB, 7, 0, 2, 3] [C:\Program Files\Lavasoft\Ad-Aware 2007\CEAPI.dll] [Lavasoft AB, 7, 0, 2, 3] [C:\Program Files\Lavasoft\Ad-Aware 2007\PKArchive84cb.dll] [PKWARE, Inc., 8.4.219.0] [C:\WINDOWS\system32\Normaliz.dll] [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)] [C:\WINDOWS\system32\iertutil.dll] [Microsoft Corporation, 7.00.6000.16544 (vista_gdr.070814-1500)] [C:\Program Files\Lavasoft\Ad-Aware 2007\Update.dll] [, 7, 0, 1, 3] [PID: 228 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\hpzlnt04.dll] [HP, 2,80,0,0] [PID: 280 / SYSTEM][C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe] [Avira GmbH, 7.00.00.82] [C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.dll] [Avira GmbH, 7.00.00.01] [C:\Program Files\Avira\AntiVir PersonalEdition Classic\avevtlog.dll] [Avira GmbH, 7.00.00.20] [C:\Program Files\Avira\AntiVir PersonalEdition Classic\guardmsg.dll] [Avira GmbH, 7.00.11.00] [C:\Program Files\Avira\AntiVir PersonalEdition Classic\sqlite3.dll] [, 3, 3, 17, 1] [C:\Program Files\Avira\AntiVir PersonalEdition Classic\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4] [C:\Program Files\Avira\AntiVir PersonalEdition Classic\AVPREF.DLL] [Avira GmbH, 7.00.02.02] [C:\Program Files\Avira\AntiVir PersonalEdition Classic\SMTPLIB.DLL] [Avira GmbH, 1.02.00.17] [C:\Program Files\Avira\AntiVir PersonalEdition Classic\AVPACK32.DLL] [Avira GmbH, 7.03.00.15] [C:\Program Files\Avira\AntiVir PersonalEdition Classic\unacev2.dll] [N/A, ] [C:\Program Files\Avira\AntiVir PersonalEdition Classic\AVEWIN32.DLL] [Avira GmbH, 7.6.0.30] [C:\Program Files\Avira\AntiVir PersonalEdition Classic\avipc.dll] [Avira GmbH, 1.00.00.04] [PID: 568 / Julien][C:\WINDOWS\RTHDCPL.EXE] [Realtek Semiconductor Corp., 2.0.7.3] [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)] [PID: 600 / Julien][C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe] [GRISOFT s.r.o., 7, 5, 1, 43] [C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\engine.dll] [GRISOFT s.r.o., 4, 2, 0, 19] [C:\WINDOWS\system32\ieframe.dll] [Microsoft Corporation, 7.00.6000.16544 (vista_gdr.070814-1500)] [C:\WINDOWS\system32\iertutil.dll] [Microsoft Corporation, 7.00.6000.16544 (vista_gdr.070814-1500)] [PID: 608 / Julien][C:\Program Files\iTunes\iTunesHelper.exe] [Apple Inc., 7.4.3.1] [C:\WINDOWS\system32\Normaliz.dll] [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)] [C:\WINDOWS\system32\iertutil.dll] [Microsoft Corporation, 7.00.6000.16544 (vista_gdr.070814-1500)] [C:\Program Files\iTunes\iTunesHelper.Resources\fr.lproj\iTunesHelperLocalized.DLL] [Apple Inc., 7.4.0.17] [C:\Program Files\iTunes\iTunesHelper.Resources\iTunesHelper.DLL] [Apple Inc., 7.4.3.1] [C:\Program Files\QuickTime\QTSystem\QuickTime.qts] [Apple Inc., 7.2] [C:\Program Files\QuickTime\QTSystem\CoreVideo.qtx] [Apple Computer, Inc., 7.2] [C:\Program Files\QuickTime\QTSystem\QuickTime3GPP.qtx] [Apple Inc., 7.2] [C:\Program Files\QuickTime\QTSystem\QuickTime3GPPAuthoring.qtx] [Apple Inc., 7.2] [C:\Program Files\QuickTime\QTSystem\QuickTimeAudioSupport.qtx] [Apple Computer, Inc., 7.2] [C:\Program Files\QuickTime\QTSystem\QuickTimeAuthoring.qtx] [Apple Inc., 7.2] [C:\Program Files\QuickTime\QTSystem\QuickTimeCapture.qtx] [Apple Inc., 7.2] [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)] [C:\Program Files\QuickTime\QTSystem\QuickTimeEffects.qtx] [Apple Inc., 7.2] [C:\Program Files\QuickTime\QTSystem\QuickTimeEssentials.qtx] [Apple Inc., 7.2] [C:\Program Files\QuickTime\QTSystem\QuickTimeH264.qtx] [Apple Inc., 7.2] [C:\Program Files\QuickTime\QTSystem\QuickTimeImage.qtx] [Apple Inc., 7.2] [C:\Program Files\QuickTime\QTSystem\QuickTimeInternetExtras.qtx] [Apple Inc., 7.2] [C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG.qtx] [Apple Inc., 7.2] [C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG4.qtx] [Apple Inc., 7.2] [C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG4Authoring.qtx] [Apple Inc., 7.2] [C:\Program Files\QuickTime\QTSystem\QuickTimeMusic.qtx] [Apple Inc., 7.2] [C:\Program Files\QuickTime\QTSystem\QuickTimeQD3D.qtx] [Apple Inc., 7.2] [C:\Program Files\QuickTime\QTSystem\QuickTimeStreaming.qtx] [Apple Inc., 7.2] [C:\Program Files\QuickTime\QTSystem\QuickTimeStreamingAuthoring.qtx] [Apple Inc., 7.2] [C:\Program Files\QuickTime\QTSystem\QuickTimeStreamingExtras.qtx] [Apple Inc., 7.2] [C:\Program Files\QuickTime\QTSystem\QuickTimeVR.qtx] [Apple Inc., 7.2] [C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\iTunesMobileDevice.dll] [Apple Inc., 7, 4, 104, 0] [PID: 616 / Julien][C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe] [Sun Microsystems, Inc., 6.0.30.5] [C:\WINDOWS\system32\Normaliz.dll] [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)] [C:\WINDOWS\system32\iertutil.dll] [Microsoft Corporation, 7.00.6000.16544 (vista_gdr.070814-1500)] [PID: 664 / Julien][C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe] [HP, 2,80,0,0] [C:\WINDOWS\system32\spool\drivers\w32x86\3\HPZR3204.DLL] [HP, 2,80,0,0] [PID: 748 / Julien][C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe] [Avira GmbH, 7.02.00.16] [C:\Program Files\Avira\AntiVir PersonalEdition Classic\MFC71U.DLL] [Microsoft Corporation, 7.10.3077.0] [C:\Program Files\Avira\AntiVir PersonalEdition Classic\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4] [C:\Program Files\Avira\AntiVir PersonalEdition Classic\cclib.dll] [Avira GmbH, 7.02.00.03] [C:\Program Files\Avira\AntiVir PersonalEdition Classic\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0] [c:\program files\avira\antivir personaledition classic\ccgen.dll] [Avira GmbH, 7.02.00.10] [c:\program files\avira\antivir personaledition classic\ccgenrc.dll] [Avira GmbH, 7.02.04.02] [c:\program files\avira\antivir personaledition classic\ccguard.dll] [Avira GmbH, 7.00.01.35] [c:\program files\avira\antivir personaledition classic\ccgrdrc.dll] [Avira GmbH, 7.00.06.00] [C:\Program Files\Avira\AntiVir PersonalEdition Classic\avipc.dll] [Avira GmbH, 1.00.00.04] [c:\program files\avira\antivir personaledition classic\ccupdate.dll] [Avira GmbH, 7.02.00.04] [c:\program files\avira\antivir personaledition classic\ccupdrc.dll] [Avira GmbH, 7.02.01.00] [c:\program files\avira\antivir personaledition classic\cclic.dll] [Avira GmbH, 7.02.00.04] [c:\program files\avira\antivir personaledition classic\cclicrc.dll] [Avira GmbH, 7.02.01.00] [c:\program files\avira\antivir personaledition classic\ccmsg.dll] [Avira GmbH, 7.00.00.00] [PID: 752 / Julien][C:\WINDOWS\system32\ctfmon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 772 / Julien][C:\Program Files\Messenger\msmsgs.exe] [Microsoft Corporation, 4.7.3000] [C:\WINDOWS\system32\Normaliz.dll] [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)] [C:\WINDOWS\system32\iertutil.dll] [Microsoft Corporation, 7.00.6000.16544 (vista_gdr.070814-1500)] [PID: 1712 / SYSTEM][C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe] [Avira GmbH, 7.00.00.62] [C:\Program Files\Avira\AntiVir PersonalEdition Classic\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4] [C:\Program Files\Avira\AntiVir PersonalEdition Classic\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0] [C:\Program Files\Avira\AntiVir PersonalEdition Classic\schedr.dll] [Avira GmbH, 7.00.24.00] [C:\Program Files\Avira\AntiVir PersonalEdition Classic\avevtlog.dll] [Avira GmbH, 7.00.00.20] [C:\Program Files\Avira\AntiVir PersonalEdition Classic\sqlite3.dll] [, 3, 3, 17, 1] [C:\Program Files\Avira\AntiVir PersonalEdition Classic\avipc.dll] [Avira GmbH, 1.00.00.04] [PID: 1740 / SYSTEM][C:\WINDOWS\ATKKBService.exe] [ASUSTeK COMPUTER INC., 1, 0, 0, 0] [PID: 1440 / SYSTEM][C:\WINDOWS\System32 vsvc32.exe] [NVIDIA Corporation, 6.14.10.8265] [PID: 276 / SYSTEM][C:\WINDOWS\System32 cpsvcs.exe] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)] [PID: 348 / SERVICE LOCAL][C:\WINDOWS\system32\wdfmgr.exe] [Microsoft Corporation, 5.2.3790.1230 built by: dnsrv(bld4act)] [PID: 2360 / Julien][C:\WINDOWS\system32\wscntfy.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 2824 / SERVICE LOCAL][C:\WINDOWS\System32\alg.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 3168 / SYSTEM][C:\Program Files\iPod\bin\iPodService.exe] [Apple Inc., 7.4.3.1] [C:\Program Files\iPod\bin\iPodService.Resources\fr.lproj\iPodServiceLocalized.DLL] [Apple Inc., 7.4.0.17] [C:\Program Files\iPod\bin\iPodService.Resources\iPodService.DLL] [Apple Inc., 7.4.3.1] [PID: 3388 / SYSTEM][C:\Program Files\MSN Messenger\usnsvc.exe] [Microsoft Corporation, 8.1.0178.00] [C:\Program Files\MSN Messenger\usnsvcps.dll] [Microsoft Corporation, 8.1.0178.00] [PID: 1868 / Julien][C:\WINDOWS\system32 otepad.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 6084 / Julien][C:\Program Files\Mozilla Firefox\firefox.exe] [Mozilla Corporation, 1.8.1.8: 2007100816] [C:\Program Files\Mozilla Firefox\js3250.dll] [Netscape Communications Corporation, 4.0] [C:\Program Files\Mozilla Firefox spr4.dll] [Netscape Communications Corporation, 4.6.7] [C:\Program Files\Mozilla Firefox\xpcom_core.dll] [Mozilla Foundation, 1.8.1.8: 2007100816] [C:\Program Files\Mozilla Firefox\plc4.dll] [Netscape Communications Corporation, 4.6.7] [C:\Program Files\Mozilla Firefox\plds4.dll] [Netscape Communications Corporation, 4.6.7] [C:\Program Files\Mozilla Firefox\smime3.dll] [Mozilla Foundation, 3.11.5 Basic ECC] [C:\Program Files\Mozilla Firefox ss3.dll] [Mozilla Foundation, 3.11.5 Basic ECC] [C:\Program Files\Mozilla Firefox\softokn3.dll] [Mozilla Foundation, 3.11.4 Basic ECC] [C:\Program Files\Mozilla Firefox\ssl3.dll] [Mozilla Foundation, 3.11.5 Basic ECC] [C:\Program Files\Mozilla Firefox\xpcom_compat.dll] [Mozilla Foundation, 1.8.1.8: 2007100816] [C:\Program Files\Mozilla Firefox\components\myspell.dll] [Mozilla Foundation, 1.8.1.8: 2007100816] [C:\Program Files\Mozilla Firefox\components\jar50.dll] [Mozilla Foundation, 1.8.1.8: 2007100816] [C:\Documents and Settings\Julien\Application Data\Mozilla\Firefox\Profiles\6cn91608.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\metrics.dll] [N/A, ] [C:\Program Files\Mozilla Firefox\xpcom.dll] [Mozilla Foundation, 1.8.1.8: 2007100816] [C:\Documents and Settings\Julien\Application Data\Mozilla\Firefox\Profiles\6cn91608.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\googletoolbar.dll] [N/A, ] [C:\WINDOWS\system32\Normaliz.dll] [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)] [C:\WINDOWS\system32\iertutil.dll] [Microsoft Corporation, 7.00.6000.16544 (vista_gdr.070814-1500)] [C:\Program Files\Mozilla Firefox\freebl3.dll] [Mozilla Foundation, 3.11.4 Basic ECC] [C:\Program Files\Mozilla Firefox ssckbi.dll] [Mozilla Foundation, 1.64] [C:\Program Files\Mozilla Firefox\components\spellchk.dll] [Mozilla Foundation, 1.8.1.8: 2007100816] [C:\Program Files\Mozilla Firefox\plugins\NPSWF32.dll] [, ] [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)] [PID: 5760 / Julien][C:\Documents and Settings\Julien\Bureau\SREng\SREngPS.EXE] [Smallfrogs Studio, 2.5.16.900] [C:\WINDOWS\system32\Normaliz.dll] [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)] [C:\WINDOWS\system32\iertutil.dll] [Microsoft Corporation, 7.00.6000.16544 (vista_gdr.070814-1500)] [C:\Documents and Settings\Julien\Bureau\SREng\Upload\3rdUpd.DLL] [Smallfrogs Studio, 2, 1, 0, 15] ================================== File Associations .TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1] .EXE OK. ["%1" %*] .COM OK. ["%1" %*] .PIF OK. ["%1" %*] .REG OK. [regedit.exe "%1"] .BAT OK. ["%1" %*] .SCR OK. ["%1" /S] .CHM OK. ["C:\WINDOWS\hh.exe" %1] .HLP OK. [%SystemRoot%\System32\winhlp32.exe %1] .INI OK. [%SystemRoot%\System32\NOTEPAD.EXE %1] .INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1] .VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*] .JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*] .LNK OK. [{00021401-0000-0000-C000-000000000046}] ================================== Winsock Provider N/A ================================== Autorun.Inf N/A

Julien · Answer

Le Rapport SREng part. 2 : 

==================================
HOSTS File
127.0.0.1 localhost
127.0.0.1	007guard.com
127.0.0.1	www.007guard.com
127.0.0.1	008i.com
127.0.0.1	008k.com
127.0.0.1	www.008k.com
127.0.0.1	00hq.com
127.0.0.1	www.00hq.com
127.0.0.1	010402.com
127.0.0.1	032439.com
127.0.0.1	www.032439.com
127.0.0.1	1001-search.info
127.0.0.1	www.1001-search.info
127.0.0.1	100888290cs.com
127.0.0.1	www.100888290cs.com
127.0.0.1	100sexlinks.com
127.0.0.1	www.100sexlinks.com
127.0.0.1	10sek.com
127.0.0.1	www.10sek.com
127.0.0.1	123topsearch.com
127.0.0.1	www.123topsearch.com
127.0.0.1	132.com
127.0.0.1	www.132.com
127.0.0.1	136136.net
127.0.0.1	www.136136.net
127.0.0.1	139mm.com
127.0.0.1	www.139mm.com
127.0.0.1	163ns.com
127.0.0.1	www.163ns.com
127.0.0.1	171203.com
127.0.0.1	17-plus.com
127.0.0.1	1800searchonline.com
127.0.0.1	www.1800searchonline.com
127.0.0.1	180searchassistant.com
127.0.0.1	www.180searchassistant.com
127.0.0.1	180solutions.com
127.0.0.1	www.180solutions.com
127.0.0.1	181.365soft.info
127.0.0.1	www.181.365soft.info
127.0.0.1	1987324.com
127.0.0.1	www.1987324.com
127.0.0.1	1-domains-registrations.com
127.0.0.1	www.1-domains-registrations.com
127.0.0.1	1-extreme.biz
127.0.0.1	www.1-extreme.biz
127.0.0.1	1sexparty.com
127.0.0.1	www.1sexparty.com
127.0.0.1	1stantivirus.com
127.0.0.1	www.1stantivirus.com
127.0.0.1	1stpagehere.com
127.0.0.1	www.1stpagehere.com
127.0.0.1	1stsearchportal.com
127.0.0.1	www.1stsearchportal.com
127.0.0.1	2.82211.net
127.0.0.1	www.2006ooo.com
127.0.0.1	2007-download.com
127.0.0.1	www.2007-download.com
127.0.0.1	2020search.com
127.0.0.1	www.2020search.com
127.0.0.1	20x2p.com
127.0.0.1	24.365soft.info
127.0.0.1	www.24.365soft.info
127.0.0.1	24-7pharmacy.info
127.0.0.1	www.24-7pharmacy.info
127.0.0.1	24-7searching-and-more.com
127.0.0.1	www.24-7searching-and-more.com
127.0.0.1	24teen.com
127.0.0.1	www.24teen.com
127.0.0.1	2every.net
127.0.0.1	www.2every.net
127.0.0.1	2ndpower.com
127.0.0.1	2search.com
127.0.0.1	www.2search.com
127.0.0.1	2search.org
127.0.0.1	www.2search.org
127.0.0.1	2squared.com
127.0.0.1	www.2squared.com
127.0.0.1	3322.org
127.0.0.1	www.3322.org
127.0.0.1	365soft.info
127.0.0.1	36site.com
127.0.0.1	www.36site.com
127.0.0.1	3721.com
127.0.0.1	39-93.com
127.0.0.1	3abetterinternet.com
127.0.0.1	www.3abetterinternet.com
127.0.0.1	3bay.it
127.0.0.1	www.3bay.it
127.0.0.1	3ebay.it
127.0.0.1	www.3ebay.it
127.0.0.1	404dns.com
127.0.0.1	www.404dns.com
127.0.0.1	4199.com
127.0.0.1	www.4199.com
127.0.0.1	4corn.net
127.0.0.1	www.4corn.net
127.0.0.1	4ebay.it
127.0.0.1	www.4ebay.it
127.0.0.1	4klm.com
127.0.0.1	4repubblica.it
127.0.0.1	www.4repubblica.it
127.0.0.1	4softget.com
127.0.0.1	www.4softget.com
127.0.0.1	5iscali.it
127.0.0.1	www.5iscali.it
127.0.0.1	5repubblica.it
127.0.0.1	www.5repubblica.it
127.0.0.1	5starvideos.com
127.0.0.1	www.5starvideos.com
127.0.0.1	5tiscali.it
127.0.0.1	www.5tiscali.it
127.0.0.1	5zgmu7o20kt5d8yq.com
127.0.0.1	www.5zgmu7o20kt5d8yq.com
127.0.0.1	6iscali.it
127.0.0.1	www.6iscali.it
127.0.0.1	6sek.com
127.0.0.1	www.6sek.com
127.0.0.1	6tiscali.it
127.0.0.1	www.6tiscali.it
127.0.0.1	7322.com
127.0.0.1	www.7322.com
127.0.0.1	75tz.com
127.0.0.1	777search.com
127.0.0.1	www.777search.com
127.0.0.1	777top.com
127.0.0.1	www.777top.com
127.0.0.1	7939.com
127.0.0.1	www.7939.com
127.0.0.1	7search.com
127.0.0.1	www.7search.com
127.0.0.1	80gw6ry3i3x3qbrkwhxhw.032439.com
127.0.0.1	82211.net
127.0.0.1	8866.org
127.0.0.1	888.com
127.0.0.1	www.888.com
127.0.0.1	8ad.com
127.0.0.1	www.8ad.com
127.0.0.1	9505.com
127.0.0.1	www.9505.com
127.0.0.1	971searchbox.com
127.0.0.1	www.971searchbox.com
127.0.0.1	a.bestmanage.org
127.0.0.1	aaasexypics.com
127.0.0.1	aaawebfinder.com
127.0.0.1	www.aaawebfinder.com
127.0.0.1	aavc.com
127.0.0.1	abc-find.info
127.0.0.1	www.abc-find.info
127.0.0.1	abetterinternet.com
127.0.0.1	www.abetterinternet.com
127.0.0.1	abnetsoft.info
127.0.0.1	www.abnetsoft.info
127.0.0.1	aboutclicker.com
127.0.0.1	www.aboutclicker.com
127.0.0.1	abrp.net
127.0.0.1	www.abrp.net
127.0.0.1	absolutee.com
127.0.0.1	www.absolutee.com
127.0.0.1	abyssmedia.com
127.0.0.1	www.abyssmedia.com
127.0.0.1	ac66.cn
127.0.0.1	www.ac66.cn
127.0.0.1	access.Navinetwork.com
127.0.0.1	access.rapid-pass.net
127.0.0.1	accessactivexvideo.com
127.0.0.1	www.accessactivexvideo.com
127.0.0.1	accessclips.com
127.0.0.1	www.accessclips.com
127.0.0.1	access-dvd.com
127.0.0.1	www.access-dvd.com
127.0.0.1	accesskeygenerator.com
127.0.0.1	www.accesskeygenerator.com
127.0.0.1	accessorygeeks.com
127.0.0.1	www.accessorygeeks.com
127.0.0.1	accessthefuture.net
127.0.0.1	www.accessthefuture.net
127.0.0.1	accessvid.net
127.0.0.1	www.accessvid.net
127.0.0.1	acemedic.com
127.0.0.1	www.acemedic.com
127.0.0.1	ace-webmaster.com
127.0.0.1	www.ace-webmaster.com
127.0.0.1	acjp.com
127.0.0.1	acrobat-2007.com
127.0.0.1	www.acrobat-2007.com
127.0.0.1	acrobat-8.com
127.0.0.1	www.acrobat-8.com
127.0.0.1	acrobat-center.com
127.0.0.1	www.acrobat-center.com
127.0.0.1	acrobat-hq.com
127.0.0.1	www.acrobat-hq.com
127.0.0.1	acrobatreader-8.com
127.0.0.1	www.acrobatreader-8.com
127.0.0.1	acrobat-reader-8.de
127.0.0.1	www.acrobat-reader-8.de
127.0.0.1	acrobat-stop.com
127.0.0.1	www.acrobat-stop.com
127.0.0.1	actionbreastcancer.org
127.0.0.1	www.actionbreastcancer.org
127.0.0.1	activesearcher.info
127.0.0.1	www.activesearcher.info
127.0.0.1	activexaccessobject.com
127.0.0.1	www.activexaccessobject.com
127.0.0.1	activexaccessvideo.com
127.0.0.1	www.activexaccessvideo.com
127.0.0.1	activexemedia.com
127.0.0.1	www.activexemedia.com
127.0.0.1	activexmediaobject.com
127.0.0.1	www.activexmediaobject.com
127.0.0.1	activexmediapro.com
127.0.0.1	www.activexmediapro.com
127.0.0.1	activexmediasite.com
127.0.0.1	www.activexmediasite.com
127.0.0.1	activexmediasoftware.com
127.0.0.1	www.activexmediasoftware.com
127.0.0.1	activexmediasource.com
127.0.0.1	www.activexmediasource.com
127.0.0.1	activexmediatool.com
127.0.0.1	www.activexmediatool.com
127.0.0.1	activexmediatour.com
127.0.0.1	www.activexmediatour.com
127.0.0.1	activexsoftwares.com
127.0.0.1	www.activexsoftwares.com
127.0.0.1	activexsource.com
127.0.0.1	www.activexsource.com
127.0.0.1	activexupdate.com
127.0.0.1	www.activexupdate.com
127.0.0.1	activexvideo.com
127.0.0.1	www.activexvideo.com
127.0.0.1	activexvideotool.com
127.0.0.1	www.activexvideotool.com
127.0.0.1	ad.marketingsector.com
127.0.0.1	www.ad.marketingsector.com
127.0.0.1	ad.mokead.com
127.0.0.1	www.ad.mokead.com
127.0.0.1	ad.yieldmanager.com
127.0.0.1	www.ad.yieldmanager.com
127.0.0.1	ad25.com
127.0.0.1	ad45.com
127.0.0.1	ad77.com
127.0.0.1	ad86.com
127.0.0.1	adamsupportgroup.org
127.0.0.1	www.adamsupportgroup.org
127.0.0.1	adarmor.com
127.0.0.1	www.adarmor.com
127.0.0.1	adasearch.com
127.0.0.1	www.adasearch.com
127.0.0.1	adaware.cc
127.0.0.1	adawarenow.com
127.0.0.1	www.adawarenow.com
127.0.0.1	addictivetechnologies.com
127.0.0.1	www.addictivetechnologies.com
127.0.0.1	addictivetechnologies.net
127.0.0.1	www.addictivetechnologies.net
127.0.0.1	add-manager.com
127.0.0.1	www.add-manager.com
127.0.0.1	adgate.info
127.0.0.1	www.adgate.info
127.0.0.1	adipics.com
127.0.0.1	www.adipics.com
127.0.0.1	admin2cash.biz
127.0.0.1	www.admin2cash.biz
127.0.0.1	adnet-plus.com
127.0.0.1	adobe-download-now.com
127.0.0.1	adobe-downloads.com
127.0.0.1	www.adobe-downloads.com
127.0.0.1	adobe-reader-8.fr
127.0.0.1	www.adobe-reader-8.fr
127.0.0.1	adprotect.com
127.0.0.1	www.adprotect.com
127.0.0.1	ads.centralmedia.ws
127.0.0.1	ads.k8l.info
127.0.0.1	ads.kmpads.com
127.0.0.1	ads.marketingsector.com
127.0.0.1	ads.searchingbooth.com
127.0.0.1	ads.z-quest.com
127.0.0.1	ads183.com
127.0.0.1	www.ads183.com
127.0.0.1	adscontex.com
127.0.0.1	www.adscontex.com
127.0.0.1	adservices1.enhance.com
127.0.0.1	www.adservices1.enhance.com
127.0.0.1	adservs.com
127.0.0.1	adsextend.net
127.0.0.1	www.adsextend.net
127.0.0.1	adshttp.com
127.0.0.1	www.adshttp.com
127.0.0.1	adsonwww.com
127.0.0.1	www.adsonwww.com
127.0.0.1	adspics.com
127.0.0.1	www.adspics.com
127.0.0.1	adtrak.net
127.0.0.1	www.adtrak.net
127.0.0.1	adtrgt.com
127.0.0.1	adult777search.info
127.0.0.1	www.adult777search.info
127.0.0.1	adultan.com
127.0.0.1	www.adultan.com
127.0.0.1	adult-engine-search.com
127.0.0.1	www.adult-engine-search.com
127.0.0.1	adult-erotic-guide.net
127.0.0.1	www.adult-erotic-guide.net
127.0.0.1	adultfilmsite.com
127.0.0.1	www.adultfilmsite.com
127.0.0.1	adult-friends-finder.net
127.0.0.1	www.adult-friends-finder.net
127.0.0.1	adultgambling.org
127.0.0.1	adult-host.org
127.0.0.1	adulthyperlinks.com
127.0.0.1	www.adulthyperlinks.com
127.0.0.1	adultmovieplus.com
127.0.0.1	www.adultmovieplus.com
127.0.0.1	adult-personal.us
127.0.0.1	adultsgames.net
127.0.0.1	adultsper.com
127.0.0.1	www.adultsper.com
127.0.0.1	adulttds.com
127.0.0.1	www.adulttds.com
127.0.0.1	adultzoneworld.com
127.0.0.1	www.adultzoneworld.com
127.0.0.1	advcash.biz
127.0.0.1	www.advcash.biz
127.0.0.1	advert.exaccess.ru
127.0.0.1	advertisemoney.info
127.0.0.1	www.advertisemoney.info
127.0.0.1	advertising.paltalk.com
127.0.0.1	advertising-money.info
127.0.0.1	www.advertising-money.info
127.0.0.1	ad-ware.cc
127.0.0.1	ad-w-a-r-e.com
127.0.0.1	www.ad-w-a-r-e.com
127.0.0.1	a-d-w-a-r-e.com
127.0.0.1	www.a-d-w-a-r-e.com
127.0.0.1	adwarebazooka.com
127.0.0.1	www.adwarebazooka.com
127.0.0.1	adwarefinder.com
127.0.0.1	www.adwarefinder.com
127.0.0.1	adwareprotectionsite.com
127.0.0.1	www.adwareprotectionsite.com
127.0.0.1	adwarepunisher.com
127.0.0.1	www.adwarepunisher.com
127.0.0.1	aflgate.com
127.0.0.1	www.aflgate.com
127.0.0.1	africaspromise.org
127.0.0.1	agava.com
127.0.0.1	agava.ru
127.0.0.1	agentstudio.com
127.0.0.1	aginegialle.it
127.0.0.1	www.aginegialle.it
127.0.0.1	www.aifind.info
127.0.0.1	aifind.info
127.0.0.1	airtleworld.com
127.0.0.1	www.airtleworld.com
127.0.0.1	aitalia.it
127.0.0.1	www.aitalia.it
127.0.0.1	akamai.downloadv3.com
127.0.0.1	aklitalia.it
127.0.0.1	www.aklitalia.it
127.0.0.1	akril.com
127.0.0.1	alcatel.ws
127.0.0.1	alfacleaner.com
127.0.0.1	www.alfacleaner.com
127.0.0.1	alfa-search.com
127.0.0.1	alialia.it
127.0.0.1	www.alialia.it
127.0.0.1	aliotalia.it
127.0.0.1	www.aliotalia.it
127.0.0.1	alirtalia.it
127.0.0.1	www.alirtalia.it
127.0.0.1	alitaia.it
127.0.0.1	www.alitaia.it
127.0.0.1	alitaklia.it
127.0.0.1	www.alitaklia.it
127.0.0.1	alitala.it
127.0.0.1	www.alitala.it
127.0.0.1	alitali.it
127.0.0.1	www.alitali.it
127.0.0.1	alitaliaq.it
127.0.0.1	www.alitaliaq.it
127.0.0.1	alitalias.it
127.0.0.1	www.alitalias.it
127.0.0.1	alitaliaz.it
127.0.0.1	www.alitaliaz.it
127.0.0.1	alitalioa.it
127.0.0.1	www.alitalioa.it
127.0.0.1	alitalisa.it
127.0.0.1	www.alitalisa.it
127.0.0.1	alitaliua.it
127.0.0.1	www.alitaliua.it
127.0.0.1	alitalkia.it
127.0.0.1	www.alitalkia.it
127.0.0.1	alitaloia.it
127.0.0.1	www.alitaloia.it
127.0.0.1	alitaluia.it
127.0.0.1	www.alitaluia.it
127.0.0.1	alitaslia.it
127.0.0.1	www.alitaslia.it
127.0.0.1	alitlia.it
127.0.0.1	www.alitlia.it
127.0.0.1	alitralia.it
127.0.0.1	www.alitralia.it
127.0.0.1	alitsalia.it
127.0.0.1	www.alitsalia.it
127.0.0.1	aliutalia.it
127.0.0.1	www.aliutalia.it
127.0.0.1	ALL1COUNT.NET
127.0.0.1	www.ALL1COUNT.NET
127.0.0.1	all4internet.com
127.0.0.1	www.all4internet.com
127.0.0.1	allabtcars.com
127.0.0.1	allabtjeeps.com
127.0.0.1	all-bittorrent.com
127.0.0.1	www.all-bittorrent.com
127.0.0.1	www.allcybersearch.com
127.0.0.1	allcybersearch.com
127.0.0.1	alldnserrors.com
127.0.0.1	www.alldnserrors.com
127.0.0.1	all-downloads-now.com
127.0.0.1	www.all-downloads-now.com
127.0.0.1	all-edonkey.com
127.0.0.1	www.all-edonkey.com
127.0.0.1	allforadult.com
127.0.0.1	allhyperlinks.com
127.0.0.1	alliesecurity.com
127.0.0.1	www.alliesecurity.com
127.0.0.1	all-inet.com
127.0.0.1	allinternetbusiness.com
127.0.0.1	all-limewire.com
127.0.0.1	www.all-limewire.com
127.0.0.1	allmegabucks.com
127.0.0.1	www.allmegabucks.com
127.0.0.1	allprotections.com
127.0.0.1	www.allprotections.com
127.0.0.1	allresultz.net
127.0.0.1	www.allresultz.net
127.0.0.1	allsecuritynotes.com
127.0.0.1	www.allsecuritynotes.com
127.0.0.1	allsecuritysite.com
127.0.0.1	www.allsecuritysite.com
127.0.0.1	allstarsvideos.net
127.0.0.1	www.allstarsvideos.net
127.0.0.1	alltruesoftware.com
127.0.0.1	www.alltruesoftware.com
127.0.0.1	allvideoactivex.com
127.0.0.1	www.allvideoactivex.com
127.0.0.1	almanah.biz
127.0.0.1	www.almanah.biz
127.0.0.1	almarvideos.com
127.0.0.1	aloitalia.it
127.0.0.1	www.aloitalia.it
127.0.0.1	aluitalia.it
127.0.0.1	www.aluitalia.it
127.0.0.1	amaena.com
127.0.0.1	www.amaena.com
127.0.0.1	amandamountains.com
127.0.0.1	amateurliveshow.com
127.0.0.1	www.amateurliveshow.com
127.0.0.1	amediasoftware.com
127.0.0.1	www.amediasoftware.com
127.0.0.1	amediasource.com
127.0.0.1	www.amediasource.com
127.0.0.1	americancarbargains.com
127.0.0.1	www.americancarbargains.com
127.0.0.1	american-teens.net
127.0.0.1	amigeek.com
127.0.0.1	amisbusiness.com
127.0.0.1	ampmsearch.com
127.0.0.1	www.ampmsearch.com
127.0.0.1	analcord.com
127.0.0.1	www.analcord.com
127.0.0.1	analmovi.com
127.0.0.1	anarchylolita.com
127.0.0.1	www.anarchylolita.com
127.0.0.1	anarchyporn.com
127.0.0.1	andromedical.com
127.0.0.1	www.andromedical.com
127.0.0.1	animepornmag.com
127.0.0.1	www.animepornmag.com
127.0.0.1	anin.org
127.0.0.1	anjpn-avxiz.biz
127.0.0.1	www.anjpn-avxiz.biz
127.0.0.1	anjpnzqav.biz
127.0.0.1	www.anjpnzqav.biz
127.0.0.1	anjpn-zqav.biz
127.0.0.1	www.anjpn-zqav.biz
127.0.0.1	annaromeo.com
127.0.0.1	antiddos.us
127.0.0.1	www.antiddos.us
127.0.0.1	Antiespiadorado.com
127.0.0.1	www.Antiespiadorado.com
127.0.0.1	Antiespionspack.com
127.0.0.1	www.Antiespionspack.com
127.0.0.1	Antigusanos2008.com
127.0.0.1	www.Antigusanos2008.com
127.0.0.1	Antispionage.com
127.0.0.1	www.Antispionage.com
127.0.0.1	Antispionagepro.com
127.0.0.1	www.Antispionagepro.com
127.0.0.1	antispydns.biz
127.0.0.1	www.antispydns.biz
127.0.0.1	antispylab.com
127.0.0.1	www.antispylab.com
127.0.0.1	antispysolutions.com
127.0.0.1	www.antispysolutions.com
127.0.0.1	antispyware.com
127.0.0.1	www.antispyware.com
127.0.0.1	antispywarebot.com
127.0.0.1	www.antispywarebot.com
127.0.0.1	antispywarebox.com
127.0.0.1	www.antispywarebox.com
127.0.0.1	antispywaredownloads.com
127.0.0.1	www.antispywaredownloads.com
127.0.0.1	Antispywaresuite.com
127.0.0.1	www.Antispywaresuite.com
127.0.0.1	Antispyweb.net
127.0.0.1	www.Antispyweb.net
127.0.0.1	Antiver2008.com
127.0.0.1	www.Antiver2008.com
127.0.0.1	antivermins.com
127.0.0.1	www.antivermins.com
127.0.0.1	anti-vermins.com
127.0.0.1	www.anti-vermins.com
127.0.0.1	antivir2007.com
127.0.0.1	www.antivir2007.com
127.0.0.1	antivirgear.com
127.0.0.1	www.antivirgear.com
127.0.0.1	antivirus.fastfreedownload.com
127.0.0.1	www.antivirus.fastfreedownload.com
127.0.0.1	antivirusgolden.com
127.0.0.1	www.antivirusgolden.com
127.0.0.1	antivirus-hq.net
127.0.0.1	www.antivirus-hq.net
127.0.0.1	anti-virus-pro.com
127.0.0.1	www.anti-virus-pro.com
127.0.0.1	antivirusprotector.com
127.0.0.1	www.antivirusprotector.com
127.0.0.1	antivirussecuritypro.com
127.0.0.1	www.antivirussecuritypro.com
127.0.0.1	antivirus-stop.com
127.0.0.1	www.antivirus-stop.com
127.0.0.1	Antiworm2008.com
127.0.0.1	www.Antiworm2008.com
127.0.0.1	Antiwurm2008.com
127.0.0.1	www.Antiwurm2008.com
127.0.0.1	antrocity.com
127.0.0.1	anyofus.com
127.0.0.1	www.anyofus.com
127.0.0.1	anysn.seproger.com
127.0.0.1	www.anysn.seproger.com
127.0.0.1	anything4health.com
127.0.0.1	apicpreview.com
127.0.0.1	www.apicpreview.com
127.0.0.1	appealcircuit.com
127.0.0.1	www.appealcircuit.com
127.0.0.1	approvedlinks.com
127.0.0.1	www.approvedlinks.com
127.0.0.1	apps.deskwizz.com
127.0.0.1	apps.webservicehost.com
127.0.0.1	aprotectedpage.com
127.0.0.1	www.aprotectedpage.com
127.0.0.1	apsua.com
127.0.0.1	archiviosex.net
127.0.0.1	www.archiviosex.net
127.0.0.1	aregay.com
127.0.0.1	ares-freebie.com
127.0.0.1	www.ares-freebie.com
127.0.0.1	arespro2007.com
127.0.0.1	www.arespro2007.com
127.0.0.1	aresultra.com
127.0.0.1	www.aresultra.com
127.0.0.1	ares-usa.com
127.0.0.1	www.ares-usa.com
127.0.0.1	arheo.com
127.0.0.1	arizonaweb.org
127.0.0.1	armitageinn.com
127.0.0.1	arquivojpgs.smtp.ru
127.0.0.1	www.arquivojpgs.smtp.ru
127.0.0.1	artachnid.com
127.0.0.1	art-func.com
127.0.0.1	art-xxx.com
127.0.0.1	asafebrowser.com
127.0.0.1	www.asafebrowser.com
127.0.0.1	asafetynotice.com
127.0.0.1	www.asafetynotice.com
127.0.0.1	asafetypage.com
127.0.0.1	www.asafetypage.com
127.0.0.1	asdbiz.biz
127.0.0.1	www.asdbiz.biz
127.0.0.1	asdeykuddq.com
127.0.0.1	www.asdeykuddq.com
127.0.0.1	asecurebar.com
127.0.0.1	www.asecurebar.com
127.0.0.1	asecureboard.com
127.0.0.1	www.asecureboard.com
127.0.0.1	asecurevalue.com
127.0.0.1	www.asecurevalue.com
127.0.0.1	asecurityissue.com
127.0.0.1	www.asecurityissue.com
127.0.0.1	asecuritynotice.com
127.0.0.1	www.asecuritynotice.com
127.0.0.1	asecuritypaper.com
127.0.0.1	www.asecuritypaper.com
127.0.0.1	asecuritystuff.com
127.0.0.1	www.asecuritystuff.com
127.0.0.1	asiankingkong.com
127.0.0.1	asianpornmag.com
127.0.0.1	www.asianpornmag.com
127.0.0.1	asiantoolbar.com
127.0.0.1	www.asiantoolbar.com
127.0.0.1	asidseiupc.com
127.0.0.1	www.asidseiupc.com
127.0.0.1	aslitalia.it
127.0.0.1	www.aslitalia.it
127.0.0.1	ass-gals.com
127.0.0.1	assureprotection.com
127.0.0.1	www.assureprotection.com
127.0.0.1	asta-killer.com
127.0.0.1	asupereva.it
127.0.0.1	www.asupereva.it
127.0.0.1	athenrye.com
127.0.0.1	atotalsafety.com
127.0.0.1	www.atotalsafety.com
127.0.0.1	atrueprotection.com
127.0.0.1	www.atrueprotection.com
127.0.0.1	atruesecurity.com
127.0.0.1	www.atruesecurity.com
127.0.0.1	attackware.com
127.0.0.1	www.attackware.com
127.0.0.1	attrezzi.biz
127.0.0.1	www.attrezzi.biz
127.0.0.1	aulde.net
127.0.0.1	www.aulde.net
127.0.0.1	aupereva.it
127.0.0.1	www.aupereva.it
127.0.0.1	autocontext.begun.ru
127.0.0.1	www.autocontext.begun.ru
127.0.0.1	autoescrowpay.com
127.0.0.1	avast.free-software-center.com
127.0.0.1	www.avast.free-software-center.com
127.0.0.1	avast-2007.com
127.0.0.1	www.avast-2007.com
127.0.0.1	avast-downloads.com
127.0.0.1	www.avast-downloads.com
127.0.0.1	avast-hq.com
127.0.0.1	www.avast-hq.com
127.0.0.1	avforce.com
127.0.0.1	www.avforce.com
127.0.0.1	avg.grab-it-today.net
127.0.0.1	www.avg.grab-it-today.net
127.0.0.1	avg.softwarecenterz.com
127.0.0.1	www.avg.softwarecenterz.com
127.0.0.1	avg-secure.com
127.0.0.1	www.avg-secure.com
127.0.0.1	avian-ads.com
127.0.0.1	avideoaxaccess.com
127.0.0.1	www.avideoaxaccess.com
127.0.0.1	avideosurfer.com
127.0.0.1	www.avideosurfer.com
127.0.0.1	aviewersoft.com
127.0.0.1	www.aviewersoft.com
127.0.0.1	avpcheckupdate.com
127.0.0.1	www.avpcheckupdate.com
127.0.0.1	avxizaaqada.biz
127.0.0.1	www.avxizaaqada.biz
127.0.0.1	avxiz-anjpn.biz
127.0.0.1	www.avxiz-anjpn.biz
127.0.0.1	avxizueorn.biz
127.0.0.1	www.avxizueorn.biz
127.0.0.1	avxiz-ueorn.biz
127.0.0.1	www.avxiz-ueorn.biz
127.0.0.1	avxiz-vtvcp.biz
127.0.0.1	www.avxiz-vtvcp.biz
127.0.0.1	avxiz-ygco.biz
127.0.0.1	www.avxiz-ygco.biz
127.0.0.1	avxiz-zqav.biz
127.0.0.1	www.avxiz-zqav.biz
127.0.0.1	awarninglist.com
127.0.0.1	www.awarninglist.com
127.0.0.1	awbeta.net-nucleus.com
127.0.0.1	awesomehomepage.com
127.0.0.1	www.awesomehomepage.com
127.0.0.1	awmcash.biz
127.0.0.1	awmdabest.com
127.0.0.1	axemediasoftware.com
127.0.0.1	www.axemediasoftware.com
127.0.0.1	aximageobject.com
127.0.0.1	www.aximageobject.com
127.0.0.1	axmediaproject.com
127.0.0.1	www.axmediaproject.com
127.0.0.1	axmediasoftware.com
127.0.0.1	www.axmediasoftware.com
127.0.0.1	axmediasolutions.com
127.0.0.1	www.axmediasolutions.com
127.0.0.1	axobjectpage.com
127.0.0.1	www.axobjectpage.com
127.0.0.1	axobjectsource.com
127.0.0.1	www.axobjectsource.com
127.0.0.1	axsoftwaretool.com
127.0.0.1	www.axsoftwaretool.com
127.0.0.1	axvideoproject.com
127.0.0.1	www.axvideoproject.com
127.0.0.1	axvideosetup.com
127.0.0.1	www.axvideosetup.com
127.0.0.1	ayakawamura.com
127.0.0.1	ayb.dns-look-up.com
127.0.0.1	ayb.netbios-wait.com
127.0.0.1	ayumitaniguchi.com
127.0.0.1	azebar.com
127.0.0.1	azureusclub.com
127.0.0.1	www.azureusclub.com
127.0.0.1	azureus-freebie.com
127.0.0.1	www.azureus-freebie.com
127.0.0.1	azzetta.it
127.0.0.1	www.azzetta.it
127.0.0.1	b.casalemedia.com
127.0.0.1	babe.k-lined.com
127.0.0.1	www.babe.k-lined.com
127.0.0.1	babe.the-killer.bz
127.0.0.1	www.babe.the-killer.bz
127.0.0.1	babenet.com
127.0.0.1	www.babenet.com
127.0.0.1	babespornmag.com
127.0.0.1	www.babespornmag.com
127.0.0.1	babeweb.de
127.0.0.1	www.babeweb.de
127.0.0.1	baccarat-other.info
127.0.0.1	www.baccarat-other.info
127.0.0.1	Backstripgirls.com
127.0.0.1	www.Backstripgirls.com
127.0.0.1	backup.mabou.org
127.0.0.1	balotierra.com
127.0.0.1	www.balotierra.com
127.0.0.1	bannedhost.net
127.0.0.1	barbudafarms.com
127.0.0.1	bardownload.com
127.0.0.1	www.bardownload.com
127.0.0.1	barnandfence.com
127.0.0.1	batsearch.com
127.0.0.1	baygraphicsllc.com
127.0.0.1	bbbsearch.com
127.0.0.1	bb-search.com
127.0.0.1	bdsmlibrary.net
127.0.0.1	bdsmpornmag.com
127.0.0.1	www.bdsmpornmag.com
127.0.0.1	bearshare.download-me.info
127.0.0.1	www.bearshare.download-me.info
127.0.0.1	bearshare.mp3-muzic.com
127.0.0.1	www.bearshare.mp3-muzic.com
127.0.0.1	bearshare-download.org
127.0.0.1	www.bearshare-download.org
127.0.0.1	bearshare-downloads.net
127.0.0.1	www.bearshare-downloads.net
127.0.0.1	bearsharelive.co.uk
127.0.0.1	www.bearsharelive.co.uk
127.0.0.1	bearshare-music-downloads.com
127.0.0.1	www.bearshare-music-downloads.com
127.0.0.1	bearsharepro2007.com
127.0.0.1	www.bearsharepro2007.com
127.0.0.1	bearshare-usa.com
127.0.0.1	www.bearshare-usa.com
127.0.0.1	bedhome.com
127.0.0.1	bediadance.com
127.0.0.1	beebappyy.biz
127.0.0.1	www.beebappyy.biz
127.0.0.1	begin2search.com
127.0.0.1	www.begin2search.com
127.0.0.1	bellabasketsfl.com
127.0.0.1	bernaolatwin.com
127.0.0.1	best-counter.com
127.0.0.1	bestcrawler.com
127.0.0.1	bestfor.ru
127.0.0.1	best-hardpics.com
127.0.0.1	bestmanage.org
127.0.0.1	www.bestmanage.org
127.0.0.1	bestmanage0.org
127.0.0.1	www.bestmanage0.org
127.0.0.1	bestmanage1.org
127.0.0.1	www.bestmanage1.org
127.0.0.1	bestmanage2.org
127.0.0.1	www.bestmanage2.org
127.0.0.1	bestmanage3.org
127.0.0.1	www.bestmanage3.org
127.0.0.1	bestmanage4.org
127.0.0.1	www.bestmanage4.org
127.0.0.1	bestmanage5.org
127.0.0.1	www.bestmanage5.org
127.0.0.1	bestmanage6.org
127.0.0.1	www.bestmanage6.org
127.0.0.1	bestmanage7.org
127.0.0.1	www.bestmanage7.org
127.0.0.1	bestmanage8.org
127.0.0.1	www.bestmanage8.org
127.0.0.1	bestmanage9.org
127.0.0.1	www.bestmanage9.org
127.0.0.1	bestporngate.com
127.0.0.1	bestsafetyguide.net
127.0.0.1	www.bestsafetyguide.net
127.0.0.1	best-spyware.info
127.0.0.1	www.best-spyware.info
127.0.0.1	best-targeted-traffic.com
127.0.0.1	www.best-targeted-traffic.com
127.0.0.1	best-voyeur.info
127.0.0.1	www.best-voyeur.info
127.0.0.1	bestweblinks.com
127.0.0.1	best-winning-casino.com
127.0.0.1	bestworldgirls-for-u.net
127.0.0.1	www.bestworldgirls-for-u.net
127.0.0.1	bestxporno.com
127.0.0.1	bettersearch.biz
127.0.0.1	www.bettersearch.biz
127.0.0.1	bgazzetta.it
127.0.0.1	www.bgazzetta.it
127.0.0.1	bgoogle.it
127.0.0.1	www.bgoogle.it
127.0.0.1	bigtrafficnetwork.com
127.0.0.1	www.bigtrafficnetwork.com
127.0.0.1	bigwww.com
127.0.0.1	www.bigwww.com
127.0.0.1	bin.errorprotector.com
127.0.0.1	bins.media-motor.net
127.0.0.1	bins2.media-motor.net
127.0.0.1	bis.180solutions.com
127.0.0.1	bitchesonline.net
127.0.0.1	bitcomet-freebie.com
127.0.0.1	www.bitcomet-freebie.com
127.0.0.1	biz.biz
127.0.0.1	blackblues00.com
127.0.0.1	www.blackblues00.com
127.0.0.1	blackhats.tc
127.0.0.1	www.blackhats.tc
127.0.0.1	blackhawksoftware.com
127.0.0.1	www.blackhawksoftware.com
127.0.0.1	blackjack-free.net
127.0.0.1	blazefind.com
127.0.0.1	blender.xu.pl
127.0.0.1	blondetgp.com
127.0.0.1	blue-elefant.com
127.0.0.1	www.blue-elefant.com
127.0.0.1	bm.theaimonline.com
127.0.0.1	www.bm.theaimonline.com
127.0.0.1	bnmgate.com
127.0.0.1	www.bnmgate.com
127.0.0.1	bodaciousbabette.com
127.0.0.1	bonzi.com
127.0.0.1	www.bonzi.com
127.0.0.1	boobdoll.com
127.0.0.1	boobsandtits.com
127.0.0.1	boobsclub.com
127.0.0.1	bookedspace.com
127.0.0.1	www.bookedspace.com
127.0.0.1	boom.com.vn
127.0.0.1	www.boom.com.vn
127.0.0.1	boredlife.com
127.0.0.1	bowlofogumbo.com
127.0.0.1	bpfq02.com
127.0.0.1	www.bpfq02.com
127.0.0.1	bqgate.com
127.0.0.1	www.bqgate.com
127.0.0.1	br.errorsafe.com
127.0.0.1	br.winantivirus.com
127.0.0.1	br.winfixer.com
127.0.0.1	bradcoem.org
127.0.0.1	braincodec.com
127.0.0.1	www.braincodec.com
127.0.0.1	brandiyoung.com
127.0.0.1	bravesentry.com
127.0.0.1	www.bravesentry.com
127.0.0.1	breenten.biz
127.0.0.1	www.breenten.biz
127.0.0.1	brodbfm.net
127.0.0.1	www.brodbfm.net
127.0.0.1	brookeburn.com
127.0.0.1	browserwise.com
127.0.0.1	www.browserwise.com
127.0.0.1	bucps.com
127.0.0.1	buhartes.info
127.0.0.1	buldog-stats.com
127.0.0.1	bullseye-network.com
127.0.0.1	www.bullseye-network.com
127.0.0.1	burgerkingbigscreen.com
127.0.0.1	burnsrecyclinginc.com
127.0.0.1	www.burnsrecyclinginc.com
127.0.0.1	buscards.net
127.0.0.1	bustyrussell.com
127.0.0.1	busysearch.net
127.0.0.1	www.busysearch.net
127.0.0.1	buttejazz.org
127.0.0.1	buy-find.info
127.0.0.1	www.buy-find.info
127.0.0.1	buyselldomain.net
127.0.0.1	buytraff.biz
127.0.0.1	www.buytraff.biz
127.0.0.1	buz.ru
127.0.0.1	bvirgilio.it
127.0.0.1	www.bvirgilio.it
127.0.0.1	c.centralmedia.ws
127.0.0.1	c.enhance.com
127.0.0.1	www.c.enhance.com
127.0.0.1	c.goclick.com
127.0.0.1	c4tdownload.com
127.0.0.1	www.c4tdownload.com
127.0.0.1	c5.www4free.info
127.0.0.1	www.c5.www4free.info
127.0.0.1	cache.surfaccuracy.com
127.0.0.1	www.cache.surfaccuracy.com
127.0.0.1	cache.ysbweb.com
127.0.0.1	calcioturris.com
127.0.0.1	calendaralerts.net
127.0.0.1	www.calendaralerts.net
127.0.0.1	cameouk.co.uk
127.0.0.1	www.cameouk.co.uk
127.0.0.1	cameup.com
127.0.0.1	camouflageclothingonline.net
127.0.0.1	www.camouflageclothingonline.net
127.0.0.1	camup.net
127.0.0.1	canberracricketcoaching.com
127.0.0.1	candycantaloupes.com
127.0.0.1	canidetect.org
127.0.0.1	www.canidetect.org
127.0.0.1	cantfind.com
127.0.0.1	www.cantfind.com
127.0.0.1	careers.dulcineasystems.net
127.0.0.1	carsands.com
127.0.0.1	carsrentals.net
127.0.0.1	cartoes.uol.com.br
127.0.0.1	casalemedia.com
127.0.0.1	www.casalemedia.com
127.0.0.1	cashdeluxe.net
127.0.0.1	www.cashdeluxe.net
127.0.0.1	cashengines.com
127.0.0.1	www.cashengines.com
127.0.0.1	cashsearch.biz
127.0.0.1	cashsurfers.com
127.0.0.1	www.cashsurfers.com
127.0.0.1	CashUnlim.com
127.0.0.1	www.CashUnlim.com
127.0.0.1	casino.com.free.game.pogo.gratisdownloads.nl
127.0.0.1	casino2win.net
127.0.0.1	casino-gambling-1.net
127.0.0.1	casino-gambling-2.net
127.0.0.1	casinomidas.net
127.0.0.1	casinonline.net
127.0.0.1	casino-onlines.net
127.0.0.1	castingsamateur.com
127.0.0.1	www.castingsamateur.com
127.0.0.1	catallogue.com
127.0.0.1	catch-dc.info
127.0.0.1	www.catch-dc.info
127.0.0.1	categories.mygeek.com
127.0.0.1	catsss.da.ru
127.0.0.1	caxa.ru
127.0.0.1	cc.panet.org
127.0.0.1	ccecaedbebfcaf.com
127.0.0.1	www.ccecaedbebfcaf.com
127.0.0.1	cclebali.org
127.0.0.1	ccorriere.it
127.0.0.1	www.ccorriere.it
127.0.0.1	cdegate.com
127.0.0.1	www.cdegate.com
127.0.0.1	cdn.drivecleaner.com
127.0.0.1	cdn.errorsafe.com
127.0.0.1	cdn.movies-etc.com
127.0.0.1	cdn.winsoftware.com
127.0.0.1	cdn2.movies-etc.com
127.0.0.1	cdorriere.it
127.0.0.1	www.cdorriere.it
127.0.0.1	ceewawires.org
127.0.0.1	centralmedia.ws
127.0.0.1	certumgroup.com
127.0.0.1	cforriere.it
127.0.0.1	www.cforriere.it
127.0.0.1	check.jupitersatellites.biz
127.0.0.1	www.check.jupitersatellites.biz
127.0.0.1	checkin100.com
127.0.0.1	www.checkin100.com
127.0.0.1	checkssecurity.com
127.0.0.1	www.checkssecurity.com
127.0.0.1	chelancatering.com
127.0.0.1	chenshijituan.com
127.0.0.1	www.chenshijituan.com
127.0.0.1	childrenvilla.com
127.0.0.1	chips-4-free.com
127.0.0.1	chrisswasey.com
127.0.0.1	chriswallace.net
127.0.0.1	cia-trjn.myvnc.com
127.0.0.1	www.cia-trjn.myvnc.com
127.0.0.1	ciorriere.it
127.0.0.1	www.ciorriere.it
127.0.0.1	cirriere.it
127.0.0.1	www.cirriere.it
127.0.0.1	ckick4thumbs.com
127.0.0.1	cl55.biz
127.0.0.1	clackamasliteraryreview.com
127.0.0.1	cleansoftwares.com
127.0.0.1	www.cleansoftwares.com
127.0.0.1	clearsearch.cc
127.0.0.1	clearsearch.net
127.0.0.1	clickaire.com
127.0.0.1	click-codec.com
127.0.0.1	www.click-codec.com
127.0.0.1	clickhere4search.com
127.0.0.1	www.clickhere4search.com
127.0.0.1	click-now.net
127.0.0.1	clickspring.net
127.0.0.1	www.clickspring.net
127.0.0.1	click-to-download.com
127.0.0.1	www.click-to-download.com
127.0.0.1	clicktomakeasearch.com
127.0.0.1	www.clicktomakeasearch.com
127.0.0.1	clickyestoenter.net
127.0.0.1	client.exeupdate.com
127.0.0.1	client.myadultexplorer.com
127.0.0.1	cliks.org
127.0.0.1	www.cliks.org
127.0.0.1	clorriere.it
127.0.0.1	www.clorriere.it
127.0.0.1	clrsch.com
127.0.0.1	clubxxxvideo.com
127.0.0.1	www.clubxxxvideo.com
127.0.0.1	clusif.free.fr
127.0.0.1	cmtapestry.com
127.0.0.1	cnetadd.com
127.0.0.1	www.cnetadd.com
127.0.0.1	cnzz.com
127.0.0.1	www.cnzz.com
127.0.0.1	code.ignphrases.com
127.0.0.1	codec.ninoa.com
127.0.0.1	codecdvd.net
127.0.0.1	www.codecdvd.net
127.0.0.1	codec-fun.com
127.0.0.1	www.codec-fun.com
127.0.0.1	codecsoft.net
127.0.0.1	www.codecsoft.net
127.0.0.1	codrriere.it
127.0.0.1	www.codrriere.it
127.0.0.1	coeriere.it
127.0.0.1	www.coeriere.it
127.0.0.1	coerriere.it
127.0.0.1	www.coerriere.it
127.0.0.1	cofrriere.it
127.0.0.1	www.cofrriere.it
127.0.0.1	cogrriere.it
127.0.0.1	www.cogrriere.it
127.0.0.1	coirriere.it
127.0.0.1	www.coirriere.it
127.0.0.1	command.adservs.com
127.0.0.1	www.commonname.com
127.0.0.1	computerpcgames.net
127.0.0.1	www.computerpcgames.net
127.0.0.1	computerrecover.com
127.0.0.1	www.computerrecover.com
127.0.0.1	config.180solutions.com
127.0.0.1	content.dollarrevenue.com
127.0.0.1	www.content.dollarrevenue.com
127.0.0.1	content.ireit.com
127.0.0.1	www.content.ireit.com
127.0.0.1	content.onerateld.com
127.0.0.1	contentmatch.net
127.0.0.1	www.contentmatch.net
127.0.0.1	contra-virus.com
127.0.0.1	www.contra-virus.com
127.0.0.1	controlmeh.com
127.0.0.1	www.controlmeh.com
127.0.0.1	cooldeskalert.com
127.0.0.1	www.cooldeskalert.com
127.0.0.1	coolfetishsite.com
127.0.0.1	coolfreehost.com
127.0.0.1	coolfreepage.com
127.0.0.1	coolfreepages.com
127.0.0.1	cool-homepage.co
127.0.0.1	cool-homepage.com
127.0.0.1	coolmoneysearch.com
127.0.0.1	coolpornsearch.com
127.0.0.1	cool-search.net
127.0.0.1	cool-search.netfartpost.com
127.0.0.1	coolsearcher.info
127.0.0.1	coolservecorp.net
127.0.0.1	www.coolservecorp.net
127.0.0.1	coolwebsearch.com
127.0.0.1	www.coolwebsearch.com
127.0.0.1	cool-web-search.com
127.0.0.1	coolwebsearsh.com
127.0.0.1	coolwwwsearch.com
127.0.0.1	www.coolwwwsearch.com
127.0.0.1	cool-xxx.net
127.0.0.1	coorriere.it
127.0.0.1	www.coorriere.it
127.0.0.1	copmtraine.com
127.0.0.1	coprriere.it
127.0.0.1	www.coprriere.it
127.0.0.1	core.psyche-evolution.com
127.0.0.1	www.core.psyche-evolution.com
127.0.0.1	coreiere.it
127.0.0.1	www.coreiere.it
127.0.0.1	coreriere.it
127.0.0.1	www.coreriere.it
127.0.0.1	corrdiere.it
127.0.0.1	www.corrdiere.it
127.0.0.1	correiere.it
127.0.0.1	www.correiere.it
127.0.0.1	corrfiere.it
127.0.0.1	www.corrfiere.it
127.0.0.1	corrgiere.it
127.0.0.1	www.corrgiere.it
127.0.0.1	corridere.it
127.0.0.1	www.corridere.it
127.0.0.1	corriedre.it
127.0.0.1	www.corriedre.it
127.0.0.1	corriee.it
127.0.0.1	www.corriee.it
127.0.0.1	corrieere.it
127.0.0.1	www.corrieere.it
127.0.0.1	corriefre.it
127.0.0.1	www.corriefre.it
127.0.0.1	corriegre.it
127.0.0.1	www.corriegre.it
127.0.0.1	corrierde.it
127.0.0.1	www.corrierde.it
127.0.0.1	corriered.it
127.0.0.1	www.corriered.it
127.0.0.1	corrieree.it
127.0.0.1	www.corrieree.it
127.0.0.1	corrieref.it
127.0.0.1	www.corrieref.it
127.0.0.1	corrierer.it
127.0.0.1	www.corrierer.it
127.0.0.1	corrieres.it
127.0.0.1	www.corrieres.it
127.0.0.1	corrierew.it
127.0.0.1	www.corrierew.it
127.0.0.1	corrierfe.it
127.0.0.1	www.corrierfe.it
127.0.0.1	corrierge.it
127.0.0.1	www.corrierge.it
127.0.0.1	corrierr.it
127.0.0.1	www.corrierr.it
127.0.0.1	corrierre.it
127.0.0.1	www.corrierre.it
127.0.0.1	corrierse.it
127.0.0.1	www.corrierse.it
127.0.0.1	corrierte.it
127.0.0.1	www.corrierte.it
127.0.0.1	corrierw.it
127.0.0.1	www.corrierw.it
127.0.0.1	corrierwe.it
127.0.0.1	www.corrierwe.it
127.0.0.1	corriesre.it
127.0.0.1	www.corriesre.it
127.0.0.1	corriete.it
127.0.0.1	www.corriete.it
127.0.0.1	corrietre.it
127.0.0.1	www.corrietre.it
127.0.0.1	corriewre.it
127.0.0.1	www.corriewre.it
127.0.0.1	corrifere.it
127.0.0.1	www.corrifere.it
127.0.0.1	corriiere.it
127.0.0.1	www.corriiere.it
127.0.0.1	corrilere.it
127.0.0.1	www.corrilere.it
127.0.0.1	corrioere.it
127.0.0.1	www.corrioere.it
127.0.0.1	corrire.it
127.0.0.1	www.corrire.it
127.0.0.1	corrirere.it
127.0.0.1	www.corrirere.it
127.0.0.1	corrirre.it
127.0.0.1	www.corrirre.it
127.0.0.1	corrisere.it
127.0.0.1	www.corrisere.it
127.0.0.1	corriuere.it
127.0.0.1	www.corriuere.it
127.0.0.1	corriwere.it
127.0.0.1	www.corriwere.it
127.0.0.1	corriwre.it
127.0.0.1	www.corriwre.it
127.0.0.1	corrliere.it
127.0.0.1	www.corrliere.it
127.0.0.1	corroere.it
127.0.0.1	www.corroere.it
127.0.0.1	corroiere.it
127.0.0.1	www.corroiere.it
127.0.0.1	corrriere.it
127.0.0.1	www.corrriere.it
127.0.0.1	corrtiere.it
127.0.0.1	www.corrtiere.it
127.0.0.1	corruere.it
127.0.0.1	www.corruere.it
127.0.0.1	corruiere.it
127.0.0.1	www.corruiere.it
127.0.0.1	cortiere.it
127.0.0.1	www.cortiere.it
127.0.0.1	cortriere.it
127.0.0.1	www.cortriere.it
127.0.0.1	costrike.com
127.0.0.1	www.costrike.com
127.0.0.1	cotriere.it
127.0.0.1	www.cotriere.it
127.0.0.1	cotrriere.it
127.0.0.1	www.cotrriere.it
127.0.0.1	couldnotfind.com
127.0.0.1	count.cc
127.0.0.1	count.hitscount.net
127.0.0.1	count-all.com
127.0.0.1	countdutycall.info
127.0.0.1	www.countdutycall.info
127.0.0.1	counter.sexmaniack.com
127.0.0.1	cporriere.it
127.0.0.1	www.cporriere.it
127.0.0.1	cprriere.it
127.0.0.1	www.cprriere.it
127.0.0.1	cpvfeed.com
127.0.0.1	cracks.me.uk
127.0.0.1	cracks4all.com
127.0.0.1	www.cracks4all.com
127.0.0.1	crapsgold.info
127.0.0.1	www.crapsgold.info
127.0.0.1	Crazygirls-world.com
127.0.0.1	crazywinnings.com
127.0.0.1	www.crazywinnings.com
127.0.0.1	creamedcutties.com
127.0.0.1	createaccesskey.com
127.0.0.1	www.createaccesskey.com
127.0.0.1	creditsearchonline.com
127.0.0.1	crestring.com
127.0.0.1	crooder.com
127.0.0.1	crriere.it
127.0.0.1	www.crriere.it
127.0.0.1	crystalysmedia.com
127.0.0.1	www.crystalysmedia.com
127.0.0.1	csx.adservs.com
127.0.0.1	www.csx.adservs.com
127.0.0.1	cts.180solutions.com
127.0.0.1	cuisinartoven.com
127.0.0.1	www.cuisinartoven.com
127.0.0.1	curedc.info
127.0.0.1	www.curedc.info
127.0.0.1	curepcsolutions.com
127.0.0.1	www.curepcsolutions.com
127.0.0.1	curvedspaces.com
127.0.0.1	cutadult.com
127.0.0.1	www.cutadult.com
127.0.0.1	cvirgilio.it
127.0.0.1	www.cvirgilio.it
127.0.0.1	cvorriere.it
127.0.0.1	www.cvorriere.it
127.0.0.1	cvs.jps.ru
127.0.0.1	cvsymphony.com
127.0.0.1	cxorriere.it
127.0.0.1	www.cxorriere.it
127.0.0.1	cyberrape.com
127.0.0.1	www.cyberrape.com
127.0.0.1	cydom.com
127.0.0.1	cydoor.com
127.0.0.1	www.cydoor.com
127.0.0.1	daily-gals.com
127.0.0.1	dailypornmag.com
127.0.0.1	www.dailypornmag.com
127.0.0.1	dailyteenspic.com
127.0.0.1	dailytoolbar.com
127.0.0.1	www.dailytoolbar.com
127.0.0.1	dancingbabycd.com
127.0.0.1	data-hoster.com
127.0.0.1	www.data-hoster.com
127.0.0.1	datanotary.com
127.0.0.1	datareco.com
127.0.0.1	dating-galaxy.info
127.0.0.1	www.dating-galaxy.info
127.0.0.1	dating-search.net
127.0.0.1	davemarshall.org
127.0.0.1	db105.com
127.0.0.1	dbdecicated.com
127.0.0.1	www.dbdecicated.com
127.0.0.1	dbxcompany.com
127.0.0.1	www.dbxcompany.com
127.0.0.1	dcdl.dmcast.com
127.0.0.1	dcfitusa.com
127.0.0.1	dcorriere.it
127.0.0.1	www.dcorriere.it
127.0.0.1	dcurtis.com
127.0.0.1	www.dcurtis.com
127.0.0.1	dcww.dmcast.com
127.0.0.1	de.ag
127.0.0.1	de.drivecleaner.com
127.0.0.1	de.errorsafe.com
127.0.0.1	de.winantivirus.com
127.0.0.1	de98.remsys.org
127.0.0.1	debay.it
127.0.0.1	www.debay.it
127.0.0.1	dedmazay.3322.org
127.0.0.1	dedsearch.com
127.0.0.1	www.dedsearch.com
127.0.0.1	defaultsearch.net
127.0.0.1	Defensaantimalware.com
127.0.0.1	www.Defensaantimalware.com
127.0.0.1	deja-rue.com
127.0.0.1	www.deja-rue.com
127.0.0.1	derklaif.biz
127.0.0.1	www.derklaif.biz
127.0.0.1	derrari.it
127.0.0.1	www.derrari.it
127.0.0.1	desarrollocreativo.com
127.0.0.1	deskbar.worldtostart.com
127.0.0.1	www.deskbar.worldtostart.com
127.0.0.1	deskwizz.com
127.0.0.1	www.deskwizz.com
127.0.0.1	dev.ntcor.com
127.0.0.1	develip.com
127.0.0.1	dewis.spb.ru
127.0.0.1	dewis.us
127.0.0.1	df809jow4wj2304lfd0sf9fsd0a2t4ldf809jow4wj2304lfd0sf9fsd0a2t4ld.biz
127.0.0.1	dgbusiness.com
127.0.0.1	www.dgbusiness.com
127.0.0.1	dialer2004.com
127.0.0.1	dialerclub.com
127.0.0.1	www.dialerclub.com
127.0.0.1	dialer-shop.com
127.0.0.1	www.dialer-shop.com
127.0.0.1	dialoff.com
127.0.0.1	www.dialoff.com
127.0.0.1	did.i-used.cc
127.0.0.1	www.did.i-used.cc
127.0.0.1	dietpills4free.com
127.0.0.1	dietpussy.com
127.0.0.1	digikeygen.com
127.0.0.1	www.digikeygen.com
127.0.0.1	digistreamsa.com
127.0.0.1	digitalcoders.net
127.0.0.1	www.digitalcoders.net
127.0.0.1	www.digitalfan.com
127.0.0.1	digital-pornography.com
127.0.0.1	dionforvalleycouncil.org
127.0.0.1	directdvdpro.com
127.0.0.1	www.directdvdpro.com
127.0.0.1	directporta.info
127.0.0.1	www.directporta.info
127.0.0.1	directsearchzone.com
127.0.0.1	www.directsearchzone.com
127.0.0.1	dist.checkin100.com
127.0.0.1	dl.ad-ware.cc
127.0.0.1	dl.malwarewipe.com
127.0.0.1	dl.targetsaver.com
127.0.0.1	www.dl.targetsaver.com
127.0.0.1	dl.web-nexus.net
127.0.0.1	dl1.antivermins.com
127.0.0.1	dl1.antivirgear.com
127.0.0.1	dl1.spydawn.com
127.0.0.1	dl1.virusprotectpro.com
127.0.0.1	dl10.spyfalcon.com
127.0.0.1	dl16.spyfalcon.com
127.0.0.1	dl2.spyfalcon.com
127.0.0.1	dl2.spyheal.com
127.0.0.1	dl2.spywarestrike.com
127.0.0.1	dl3.spyfalcon.com
127.0.0.1	dl3.spyheal.com
127.0.0.1	dl3.spywarestrike.com
127.0.0.1	dl4.spyfalcon.com
127.0.0.1	dl4.spywarestrike.com
127.0.0.1	dl5.spyfalcon.com
127.0.0.1	dl5.spywarestrike.com
127.0.0.1	dl6.spywarestrike.com
127.0.0.1	dl7.spywarestrike.com
127.0.0.1	dl8.spyheal.com
127.0.0.1	dl8.spywarestrike.com
127.0.0.1	dl9.spyfalcon.com
127.0.0.1	dmcast.com
127.0.0.1	www.dmcast.com
127.0.0.1	dnaads.com
127.0.0.1	www.dnaads.com
127.0.0.1	dnl.mabou.org
127.0.0.1	dns-look-up.com
127.0.0.1	www.dns-look-up.com
127.0.0.1	doctorwaldron.com
127.0.0.1	document-not-found.pornpic.org
127.0.0.1	doggyaction.com
127.0.0.1	dogproblemswebsite.com
127.0.0.1	www.dogproblemswebsite.com
127.0.0.1	doktorxxx.com
127.0.0.1	dollarrevenue.com
127.0.0.1	domaincar.com
127.0.0.1	www.domaincar.com
127.0.0.1	domains2003.net
127.0.0.1	domains-for-you-online.com
127.0.0.1	domain-your-registration.com
127.0.0.1	domkrat.com
127.0.0.1	dotcomtoolbar.com
127.0.0.1	www.dotcomtoolbar.com
127.0.0.1	down.136136.net
127.0.0.1	download.abetterinternet.com
127.0.0.1	download.antispywarebot.com
127.0.0.1	www.download.antispywarebot.com
127.0.0.1	download.bardownload.com
127.0.0.1	www.download.bardownload.com
127.0.0.1	download.bravesentry.com
127.0.0.1	www.download.bravesentry.com
127.0.0.1	download.cdn.drivecleaner.com
127.0.0.1	download.cdn.errorsafe.com
127.0.0.1	download.cdn.winsoftware.com
127.0.0.1	download.errorsafe.com
127.0.0.1	download.jupitersatellites.biz
127.0.0.1	www.download.jupitersatellites.biz
127.0.0.1	download.searchtabs.net
127.0.0.1	download.secureyournet.biz
127.0.0.1	www.download.secureyournet.biz
127.0.0.1	download.spyonthis.net
127.0.0.1	download.spy-shredder.com
127.0.0.1	download.systemdoctor.com
127.0.0.1	download.winantispyware.com
127.0.0.1	download.winantivirus.com
127.0.0.1	download.windrivecleaner.com
127.0.0.1	download.winfixer.com
127.0.0.1	download10.spywarequake.com
127.0.0.1	download11.spywarequake.com
127.0.0.1	download12.spywarequake.com
127.0.0.1	download13.spywarequake.com
127.0.0.1	download15.spywarequake.com
127.0.0.1	download2.spywarequake.com
127.0.0.1	download-2007.com
127.0.0.1	www.download-2007.com
127.0.0.1	download3.spyaxe.com
127.0.0.1	download3.spywarequake.com
127.0.0.1	download4.spyaxe.com
127.0.0.1	download4.spywarequake.com
127.0.0.1	download5.spyaxe.com
127.0.0.1	download5.spywarequake.com
127.0.0.1	download6.spyaxe.com
127.0.0.1	download7.spywarequake.com
127.0.0.1	download8.spywarequake.com
127.0.0.1	download9.spywarequake.com
127.0.0.1	download-ad-aware.com
127.0.0.1	www.download-ad-aware.com
127.0.0.1	download-all-4-free.com
127.0.0.1	www.download-all-4-free.com
127.0.0.1	download-all-area.com
127.0.0.1	www.download-all-area.com
127.0.0.1	download-antivir.com
127.0.0.1	www.download-antivir.com
127.0.0.1	downloadanysong.com
127.0.0.1	www.downloadanysong.com
127.0.0.1	download-avast.com
127.0.0.1	www.download-avast.com
127.0.0.1	downloadcorporation.com
127.0.0.1	www.downloadcorporation.com
127.0.0.1	download-dvdshrink.com
127.0.0.1	www.download-dvdshrink.com
127.0.0.1	download-for-free.net
127.0.0.1	www.download-for-free.net
127.0.0.1	downloadfreesoft.com
127.0.0.1	www.downloadfreesoft.com
127.0.0.1	downloadfreeway.com
127.0.0.1	www.downloadfreeway.com
127.0.0.1	downloadimesh.com
127.0.0.1	www.downloadimesh.com
127.0.0.1	download-itunes-now.com
127.0.0.1	www.download-itunes-now.com
127.0.0.1	download-limewire.org
127.0.0.1	www.download-limewire.org
127.0.0.1	downloadlost.tv
127.0.0.1	www.downloadlost.tv
127.0.0.1	downloadmax.net
127.0.0.1	www.downloadmax.net
127.0.0.1	download-mcafee.com
127.0.0.1	www.download-mcafee.com
127.0.0.1	download-me.info
127.0.0.1	downloadmediaax.com
127.0.0.1	www.downloadmediaax.com
127.0.0.1	downloadpics.net
127.0.0.1	www.downloadpics.net
127.0.0.1	download-real-player.com
127.0.0.1	www.download-real-player.com
127.0.0.1	downloads.180solutions.com
127.0.0.1	downloads.adaware.cc
127.0.0.1	downloadservicearea.com
127.0.0.1	www.downloadservicearea.com
127.0.0.1	downloads-free.org
127.0.0.1	www.downloads-free.org
127.0.0.1	downloadsglobe.com
127.0.0.1	www.downloadsglobe.com
127.0.0.1	download-this.us
127.0.0.1	www.download-this.us
127.0.0.1	download-trillian.com
127.0.0.1	www.download-trillian.com
127.0.0.1	downloadv3.com
127.0.0.1	www.downloadv3.com
127.0.0.1	downloadvax.com
127.0.0.1	www.downloadvax.com
127.0.0.1	download-windvd.com
127.0.0.1	www.download-windvd.com
127.0.0.1	download-winrar.com
127.0.0.1	www.download-winrar.com
127.0.0.1	downloadwizard.com
127.0.0.1	downloadzcenter.com
127.0.0.1	downloadzcentral.com
127.0.0.1	downloadzfree.com
127.0.0.1	www.downloadzfree.com
127.0.0.1	downloadznow.net
127.0.0.1	download-zone-free.com
127.0.0.1	www.download-zone-free.com
127.0.0.1	download-zone-free.net
127.0.0.1	www.download-zone-free.net
127.0.0.1	dp-host.com
127.0.0.1	dr.mcboo.com
127.0.0.1	dr.webhancer.com
127.0.0.1	www.dr.webhancer.com
127.0.0.1	dr2.webhancer.com
127.0.0.1	www.dr2.webhancer.com
127.0.0.1	dr38.mcboo.com
127.0.0.1	dr47.mcboo.com
127.0.0.1	dragqueen.gay-clan.com
127.0.0.1	drepubblica.it
127.0.0.1	www.drepubblica.it
127.0.0.1	drivecleaner.com
127.0.0.1	www.drivecleaner.com
127.0.0.1	drivecleanr.com
127.0.0.1	www.drivecleanr.com
127.0.0.1	drocherway.com
127.0.0.1	dropspam.com
127.0.0.1	www.dropspam.com
127.0.0.1	drug-sources-exposed.com
127.0.0.1	drvvv.com
127.0.0.1	dsupereva.it
127.0.0.1	www.dsupereva.it
127.0.0.1	dtlproduct.com
127.0.0.1	www.dtlproduct.com
127.0.0.1	dudu.com
127.0.0.1	www.dudu.com
127.0.0.1	dulcineasystems.net
127.0.0.1	dumpserv.com
127.0.0.1	duolaimi.net
127.0.0.1	dutch-sex.com
127.0.0.1	dvdaccess.net
127.0.0.1	www.dvdaccess.net
127.0.0.1	dvdbank.org
127.0.0.1	dvdcodec.net
127.0.0.1	www.dvdcodec.net
127.0.0.1	dvdsmovies.net
127.0.0.1	www.dvdsmovies.net
127.0.0.1	dvdsvideos.net
127.0.0.1	www.dvdsvideos.net
127.0.0.1	dvdtocdsite.com
127.0.0.1	www.dvdtocdsite.com
127.0.0.1	dynamique.drivecleaner.com
127.0.0.1	e3bay.it
127.0.0.1	www.e3bay.it
127.0.0.1	e4bay.it
127.0.0.1	www.e4bay.it
127.0.0.1	eager-sex.com
127.0.0.1	earthllnk.net
127.0.0.1	www.earthllnk.net
127.0.0.1	eases.net
127.0.0.1	easyantispy.com
127.0.0.1	easybestdeals.com
127.0.0.1	www.easybestdeals.com
127.0.0.1	easycategories.com
127.0.0.1	easymp3musicnow.com
127.0.0.1	www.easymp3musicnow.com
127.0.0.1	easy-pharmacy.info
127.0.0.1	www.easy-pharmacy.info
127.0.0.1	easy-search.net
127.0.0.1	easysearch4you.com
127.0.0.1	www.easysearch4you.com
127.0.0.1	easysearchingtips.com
127.0.0.1	easyspyware.com
127.0.0.1	www.easyspyware.com
127.0.0.1	easywww.info
127.0.0.1	www.easywww.info
127.0.0.1	eba6y.it
127.0.0.1	www.eba6y.it
127.0.0.1	eba7y.it
127.0.0.1	www.eba7y.it
127.0.0.1	ebaay.it
127.0.0.1	www.ebaay.it
127.0.0.1	ebagy.it
127.0.0.1	www.ebagy.it
127.0.0.1	ebahy.it
127.0.0.1	www.ebahy.it
127.0.0.1	ebajy.it
127.0.0.1	www.ebajy.it
127.0.0.1	ebaqy.it
127.0.0.1	www.ebaqy.it
127.0.0.1	ebasy.it
127.0.0.1	www.ebasy.it
127.0.0.1	ebaty.it
127.0.0.1	www.ebaty.it
127.0.0.1	ebauy.it
127.0.0.1	www.ebauy.it
127.0.0.1	ebav.com
127.0.0.1	ebaw.com
127.0.0.1	ebawy.it
127.0.0.1	www.ebawy.it
127.0.0.1	ebaxy.it
127.0.0.1	www.ebaxy.it
127.0.0.1	ebay6.it
127.0.0.1	www.ebay6.it
127.0.0.1	ebay7.it
127.0.0.1	www.ebay7.it
127.0.0.1	ebayg.it
127.0.0.1	www.ebayg.it
127.0.0.1	ebayh.it
127.0.0.1	www.ebayh.it
127.0.0.1	ebayj.it
127.0.0.1	www.ebayj.it
127.0.0.1	ebayt.it
127.0.0.1	www.ebayt.it
127.0.0.1	ebayu.it
127.0.0.1	www.ebayu.it
127.0.0.1	ebazy.it
127.0.0.1	www.ebazy.it
127.0.0.1	ebch.com
127.0.0.1	ebdv.com
127.0.0.1	ebdw.com
127.0.0.1	ebestfind.org
127.0.0.1	www.ebestfind.org
127.0.0.1	ebgay.it
127.0.0.1	www.ebgay.it
127.0.0.1	ebgo.com
127.0.0.1	ebhay.it
127.0.0.1	www.ebhay.it
127.0.0.1	ebjp.com
127.0.0.1	ebkb.com
127.0.0.1	ebkn.com
127.0.0.1	ebky.com
127.0.0.1	eblv.com
127.0.0.1	ebmu.com
127.0.0.1	ebnay.it
127.0.0.1	www.ebnay.it
127.0.0.1	ebony-pornmag.com
127.0.0.1	www.ebony-pornmag.com
127.0.0.1	ebonypornmag.com
127.0.0.1	www.ebonypornmag.com
127.0.0.1	ebqay.it
127.0.0.1	www.ebqay.it
127.0.0.1	ebsay.it
127.0.0.1	www.ebsay.it
127.0.0.1	ebsy.it
127.0.0.1	www.ebsy.it
127.0.0.1	ebvay.it
127.0.0.1	www.ebvay.it
127.0.0.1	ebvr.com
127.0.0.1	ebway.it
127.0.0.1	www.ebway.it
127.0.0.1	ebxay.it
127.0.0.1	www.ebxay.it
127.0.0.1	ebzay.it
127.0.0.1	www.ebzay.it
127.0.0.1	ecmh.com
127.0.0.1	ecmp.com
127.0.0.1	ecosrioplatenses.org
127.0.0.1	ecpm.com
127.0.0.1	ecstasyporn.net
127.0.0.1	ecwz.com
127.0.0.1	ecyb.com
127.0.0.1	edbay.it
127.0.0.1	www.edbay.it
127.0.0.1	edhq.com
127.0.0.1	edietprogram.com
127.0.0.1	www.edietprogram.com
127.0.0.1	edty.com
127.0.0.1	eduy.com
127.0.0.1	eebay.it
127.0.0.1	www.eebay.it
127.0.0.1	eeev.com
127.0.0.1	eepubblica.it
127.0.0.1	www.eepubblica.it
127.0.0.1	efbay.it
127.0.0.1	www.efbay.it
127.0.0.1	egbay.it
127.0.0.1	www.egbay.it
127.0.0.1	ehbay.it
127.0.0.1	www.ehbay.it
127.0.0.1	eikokoike.com
127.0.0.1	elitecodec.com
127.0.0.1	www.elitecodec.com
127.0.0.1	elitemediagroup.net
127.0.0.1	www.elitemediagroup.net
127.0.0.1	e-localad.com
127.0.0.1	emailicon.org
127.0.0.1	www.emailicon.org
127.0.0.1	emch.com
127.0.0.1	emcodec.com
127.0.0.1	www.emcodec.com
127.0.0.1	emediacodec.com
127.0.0.1	www.emediacodec.com
127.0.0.1	emule.mp3-muzic.com
127.0.0.1	www.emule.mp3-muzic.com
127.0.0.1	emuledownloadhome.com
127.0.0.1	www.emuledownloadhome.com
127.0.0.1	emule-freebie.com
127.0.0.1	www.emule-freebie.com
127.0.0.1	enay.it
127.0.0.1	www.enay.it
127.0.0.1	enbay.it
127.0.0.1	www.enbay.it
127.0.0.1	energy-factor.com
127.0.0.1	www.energy-factor.com
127.0.0.1	engineplay.com
127.0.0.1	www.engineplay.com
127.0.0.1	engine-ticket.com
127.0.0.1	www.engine-ticket.com
127.0.0.1	enhance.com
127.0.0.1	www.enhance.com
127.0.0.1	enhancevideos.com
127.0.0.1	www.enhancevideos.com
127.0.0.1	enitinvest.net
127.0.0.1	enjoywebsurf.com
127.0.0.1	entertainsite.net
127.0.0.1	www.entertainsite.net
127.0.0.1	enterthesearch.com
127.0.0.1	www.enterthesearch.com
127.0.0.1	e-plus.cc
127.0.0.1	epornsex.com
127.0.0.1	eprotectionline.com
127.0.0.1	www.eprotectionline.com
127.0.0.1	eprotectpage.com
127.0.0.1	www.eprotectpage.com
127.0.0.1	erbay.it
127.0.0.1	www.erbay.it
127.0.0.1	erepubblica.it
127.0.0.1	www.erepubblica.it
127.0.0.1	ergosites.com
127.0.0.1	erossoalice.it
127.0.0.1	www.erossoalice.it
127.0.0.1	errari.it
127.0.0.1	www.errari.it
127.0.0.1	error404site.com
127.0.0.1	www.error404site.com
127.0.0.1	error404site.net
127.0.0.1	www.error404site.net
127.0.0.1	errorkiller.com
127.0.0.1	www.errorkiller.com
127.0.0.1	errorprotector.com
127.0.0.1	www.errorprotector.com
127.0.0.1	errorsafe.com
127.0.0.1	www.errorsafe.com
127.0.0.1	errorsdns.com
127.0.0.1	www.errorsdns.com
127.0.0.1	ert0003.e76.163ns.com
127.0.0.1	ertikadeswiokinganfujas.com
127.0.0.1	www.ertikadeswiokinganfujas.com
127.0.0.1	es.winantivirus.com
127.0.0.1	es0-www.5zgmu7o20kt5d8yq.com
127.0.0.1	es1-www.5zgmu7o20kt5d8yq.com
127.0.0.1	es2-www.5zgmu7o20kt5d8yq.com
127.0.0.1	es3-www.5zgmu7o20kt5d8yq.com
127.0.0.1	es4-www.5zgmu7o20kt5d8yq.com
127.0.0.1	es5-www.5zgmu7o20kt5d8yq.com
127.0.0.1	es6-www.5zgmu7o20kt5d8yq.com
127.0.0.1	es7-www.5zgmu7o20kt5d8yq.com
127.0.0.1	es8-www.5zgmu7o20kt5d8yq.com
127.0.0.1	es9-www.5zgmu7o20kt5d8yq.com
127.0.0.1	esafetylist.com
127.0.0.1	www.esafetylist.com
127.0.0.1	esafetypage.com
127.0.0.1	www.esafetypage.com
127.0.0.1	esbay.it
127.0.0.1	www.esbay.it
127.0.0.1	esearch2005.com
127.0.0.1	www.esearch2005.com
127.0.0.1	esecuritynote.com
127.0.0.1	www.esecuritynote.com
127.0.0.1	esecuritypage.com
127.0.0.1	www.esecuritypage.com
127.0.0.1	esupereva.it
127.0.0.1	www.esupereva.it
127.0.0.1	etomi.all-downloads-now.com
127.0.0.1	www.etomi.all-downloads-now.com
127.0.0.1	eupdatepage.com
127.0.0.1	www.eupdatepage.com
127.0.0.1	euuu.com
127.0.0.1	evbay.it
127.0.0.1	www.evbay.it
127.0.0.1	evidence-detector.biz
127.0.0.1	evilspidercomics.com
127.0.0.1	evko.biz
127.0.0.1	www.evko.biz
127.0.0.1	ewbay.it
127.0.0.1	www.ewbay.it
127.0.0.1	ewebsearch.net
127.0.0.1	e-websitesolutions.com
127.0.0.1	ewizard.cc
127.0.0.1	exaccess.ru
127.0.0.1	www.exaccess.ru
127.0.0.1	excellentsckin.com
127.0.0.1	exeupdate.com
127.0.0.1	www.exeupdate.com
127.0.0.1	exflow.org
127.0.0.1	www.exflow.org
127.0.0.1	exit.megago.com
127.0.0.1	expandvideo.com
127.0.0.1	www.expandvideo.com
127.0.0.1	exportplay.com
127.0.0.1	www.exportplay.com
127.0.0.1	extremepaidsurveys.com
127.0.0.1	www.extremepaidsurveys.com
127.0.0.1	extremeseek.net
127.0.0.1	eza1netsearch.com
127.0.0.1	www.eza1netsearch.com
127.0.0.1	ezcybersearch.com
127.0.0.1	www.ezcybersearch.com
127.0.0.1	ez-searching.com
127.0.0.1	ezwebsearching.com
127.0.0.1	www.ezwebsearching.com
127.0.0.1	f1.bestmanage.org
127.0.0.1	f1.truth-is-out-there.org
127.0.0.1	f1organizer.com
127.0.0.1	www.f1organizer.com
127.0.0.1	f2.bestmanage.org
127.0.0.1	f2.truth-is-out-there.org
127.0.0.1	f3.bestmanage.org
127.0.0.1	f3.truth-is-out-there.org
127.0.0.1	f4.bestmanage.org
127.0.0.1	f4.truth-is-out-there.org
127.0.0.1	f5.bestmanage.org
127.0.0.1	f5.truth-is-out-there.org
127.0.0.1	f6.bestmanage.org
127.0.0.1	f7.bestmanage.org
127.0.0.1	f7.truth-is-out-there.org
127.0.0.1	f8.bestmanage.org
127.0.0.1	f8.truth-is-out-there.org
127.0.0.1	f9.bestmanage.org
127.0.0.1	f9.truth-is-out-there.org
127.0.0.1	fairsearcher.com
127.0.0.1	www.fairsearcher.com
127.0.0.1	faithstevens.com
127.0.0.1	fantasiewelten.com
127.0.0.1	farmacept32.phpnet.us
127.0.0.1	farmsteadbandb.com
127.0.0.1	farse.com
127.0.0.1	fartpost.com
127.0.0.1	fastfreedownload.com
127.0.0.1	fastmetasearch.com
127.0.0.1	www.fastmetasearch.com
127.0.0.1	fastssearch.com
127.0.0.1	www.fastssearch.com
127.0.0.1	fastwebfinder.com
127.0.0.1	faxporn.com
127.0.0.1	fazzetta.it
127.0.0.1	www.fazzetta.it
127.0.0.1	fcorriere.it
127.0.0.1	www.fcorriere.it
127.0.0.1	featured-results.com
127.0.0.1	febay.it
127.0.0.1	www.febay.it
127.0.0.1	feed.dedsearch.com
127.0.0.1	feeds.2search.com
127.0.0.1	www.feeds.2search.com
127.0.0.1	feeds2.2search.org
127.0.0.1	www.feeds2.2search.org
127.0.0.1	ferraeri.it
127.0.0.1	www.ferraeri.it
127.0.0.1	ferrai.it
127.0.0.1	www.ferrai.it
127.0.0.1	ferrarei.it
127.0.0.1	www.ferrarei.it
127.0.0.1	ferrarti.it
127.0.0.1	www.ferrarti.it
127.0.0.1	ferrasri.it
127.0.0.1	www.ferrasri.it
127.0.0.1	ferratri.it
127.0.0.1	www.ferratri.it
127.0.0.1	ferreari.it
127.0.0.1	www.ferreari.it
127.0.0.1	ferrri.it
127.0.0.1	www.ferrri.it
127.0.0.1	ferrsari.it
127.0.0.1	www.ferrsari.it
127.0.0.1	ferrtari.it
127.0.0.1	www.ferrtari.it
127.0.0.1	fetrrari.it
127.0.0.1	www.fetrrari.it
127.0.0.1	fgazzetta.it
127.0.0.1	www.fgazzetta.it
127.0.0.1	fgoogle.it
127.0.0.1	www.fgoogle.it
127.0.0.1	fhg.panet.org
127.0.0.1	fhgate.com
127.0.0.1	www.fhgate.com
127.0.0.1	fickenisgeil.de
127.0.0.1	file.unionsms.net
127.0.0.1	filestore.com
127.0.0.1	www.filestore.com
127.0.0.1	filetretporn.com
127.0.0.1	www.filetretporn.com
127.0.0.1	Filtrodetrojan.com
127.0.0.1	www.Filtrodetrojan.com
127.0.0.1	finalfantasyactionfigures.com
127.0.0.1	www.finalfantasyactionfigures.com
127.0.0.1	finance-loans.com
127.0.0.1	find4u.net
127.0.0.1	find-52.com
127.0.0.1	www.find-52.com
127.0.0.1	findanyshow.org
127.0.0.1	www.findanyshow.org
127.0.0.1	find-find-777.net
127.0.0.1	www.find-find-777.net
127.0.0.1	find-itnow.com
127.0.0.1	findit-now.com
127.0.0.1	findloss.com
127.0.0.1	findthesite.com
127.0.0.1	findthewebsiteyouneed.com
127.0.0.1	www.findthewebsiteyouneed.com
127.0.0.1	find-uk-health.co.uk
127.0.0.1	findwapsite.org
127.0.0.1	www.findwapsite.org
127.0.0.1	findwhatevernow.com
127.0.0.1	www.findwhatevernow.com
127.0.0.1	fined.biz
127.0.0.1	fine-search.net
127.0.0.1	fionasteel.com
127.0.0.1	firefoxdownload-now.com
127.0.0.1	www.firefoxdownload-now.com
127.0.0.1	firehunt.com
127.0.0.1	www.firehunt.com
127.0.0.1	firgilio.it
127.0.0.1	www.firgilio.it
127.0.0.1	firstbookmark.net
127.0.0.1	firstgoodsearch.com
127.0.0.1	www.firstgoodsearch.com
127.0.0.1	fitness-free.com
127.0.0.1	fixerantispy.com
127.0.0.1	www.fixerantispy.com
127.0.0.1	fjsynebcod.com
127.0.0.1	www.fjsynebcod.com
127.0.0.1	flashdollars.com
127.0.0.1	www.flashdollars.com
127.0.0.1	flashflashmx.3322.org
127.0.0.1	floorsovertexas.com
127.0.0.1	www.floorsovertexas.com
127.0.0.1	floproject.com
127.0.0.1	www.floproject.com
127.0.0.1	flrxtools.greatnuke.com
127.0.0.1	flrx-tools.net
127.0.0.1	www.flrx-tools.net
127.0.0.1	fn777.greatbahamas.com
127.0.0.1	www.fn777.greatbahamas.com
127.0.0.1	foodvacations.net
127.0.0.1	forex.jps.ru
127.0.0.1	forexcredit.com
127.0.0.1	forexcredit.ru
127.0.0.1	formingfusions.com
127.0.0.1	forsythfire.net
127.0.0.1	forthline.com
127.0.0.1	foxmin.com
127.0.0.1	www.foxmin.com
127.0.0.1	fp.gad-network.com
127.0.0.1	fr.drivecleaner.com
127.0.0.1	www.fr.drivecleaner.com
127.0.0.1	fr.winantivirus.com
127.0.0.1	fr.winfixer.com
127.0.0.1	frame.crazywinnings.com
127.0.0.1	free4porno.net
127.0.0.1	free64all.com
127.0.0.1	free-adobe-download-support.com
127.0.0.1	www.free-adobe-download-support.com
127.0.0.1	free-avg.org
127.0.0.1	www.free-avg.org
127.0.0.1	free-avg-download.com
127.0.0.1	www.free-avg-download.com
127.0.0.1	free-bearshares.com
127.0.0.1	www.free-bearshares.com
127.0.0.1	freebookmark.net
127.0.0.1	freebookmarks.net
127.0.0.1	freecat.biz
127.0.0.1	www.freecat.biz
127.0.0.1	freecategories.com
127.0.0.1	free-chipes.com
127.0.0.1	freecj.com
127.0.0.1	freecoolhost.com
127.0.0.1	freedownloadhq.com
127.0.0.1	www.freedownloadhq.com
127.0.0.1	freedownloadpage.com
127.0.0.1	www.freedownloadpage.com
127.0.0.1	free-download-place.com
127.0.0.1	www.free-download-place.com
127.0.0.1	free-download-support.com
127.0.0.1	www.free-download-support.com
127.0.0.1	freedownloadzone.com
127.0.0.1	www.freedownloadzone.com
127.0.0.1	free-hit.com
127.0.0.1	freehqmovies.com
127.0.0.1	freeimageheaven.com
127.0.0.1	www.freeimageheaven.com
127.0.0.1	freemp3access.com
127.0.0.1	www.freemp3access.com
127.0.0.1	free-music-network.com
127.0.0.1	www.free-music-network.com
127.0.0.1	free-pics-and-movies.com
127.0.0.1	free-popup-killer.com
127.0.0.1	www.free-popup-killer.com
127.0.0.1	free-porn-movies.info
127.0.0.1	www.free-porn-movies.info
127.0.0.1	free-program-download.com
127.0.0.1	www.free-program-download.com
127.0.0.1	freerbhost.com
127.

Julien · Answer

Part. 3 (ben oui, c'est vraiment long ce truc !!! :-))

127.0.0.1	freescratchandwin.com
127.0.0.1	free-sex-movie-clips.net
127.0.0.1	freeshemalepics.net
127.0.0.1	free-software-center.com
127.0.0.1	www.free-software-center.com
127.0.0.1	free-spybot.com
127.0.0.1	www.free-spybot.com
127.0.0.1	freeunlimitedskype.com
127.0.0.1	www.freeunlimitedskype.com
127.0.0.1	freeyaho.com
127.0.0.1	fregat.drocherway.com
127.0.0.1	frepubblica.it
127.0.0.1	www.frepubblica.it
127.0.0.1	freshseek.com
127.0.0.1	freshteensite.com
127.0.0.1	fric.cn
127.0.0.1	frrari.it
127.0.0.1	www.frrari.it
127.0.0.1	frrrari.it
127.0.0.1	www.frrrari.it
127.0.0.1	ftiscali.it
127.0.0.1	www.ftiscali.it
127.0.0.1	ftrenitalia.it
127.0.0.1	www.ftrenitalia.it
127.0.0.1	ftuttogratis.it
127.0.0.1	www.ftuttogratis.it
127.0.0.1	full-search.net
127.0.0.1	fullsoftwaredownloadz.com
127.0.0.1	www.fullsoftwaredownloadz.com
127.0.0.1	full-tgp.net
127.0.0.1	funcodec.com
127.0.0.1	www.funcodec.com
127.0.0.1	funny-girls.com
127.0.0.1	funnysuperxxx.com
127.0.0.1	www.funnysuperxxx.com
127.0.0.1	fun-photo.com
127.0.0.1	www.fun-photo.com
127.0.0.1	fvirgilio.it
127.0.0.1	www.fvirgilio.it
127.0.0.1	fwrrari.it
127.0.0.1	www.fwrrari.it
127.0.0.1	g0oogle.it
127.0.0.1	www.g0oogle.it
127.0.0.1	g9oogle.it
127.0.0.1	www.g9oogle.it
127.0.0.1	ga31.com
127.0.0.1	gaazzetta.it
127.0.0.1	www.gaazzetta.it
127.0.0.1	gabrielscott.com
127.0.0.1	gad-network.com
127.0.0.1	www.gad-network.com
127.0.0.1	galleryclick.net
127.0.0.1	www.galleryclick.net
127.0.0.1	gallerypictures.net
127.0.0.1	www.gallerypictures.net
127.0.0.1	galpostgirls.com
127.0.0.1	gals-for-free.com
127.0.0.1	gambling-online4you.com
127.0.0.1	game4all.biz
127.0.0.1	www.game4all.biz
127.0.0.1	games.de.ag
127.0.0.1	www.games.de.ag
127.0.0.1	games.uzoogle.com
127.0.0.1	games-desktop.com
127.0.0.1	www.games-desktop.com
127.0.0.1	gameterror.net
127.0.0.1	gaqzzetta.it
127.0.0.1	www.gaqzzetta.it
127.0.0.1	gaszzetta.it
127.0.0.1	www.gaszzetta.it
127.0.0.1	gaxzetta.it
127.0.0.1	www.gaxzetta.it
127.0.0.1	gaxzzetta.it
127.0.0.1	www.gaxzzetta.it
127.0.0.1	gay50.com
127.0.0.1	gay-clan.com
127.0.0.1	gayspornmag.com
127.0.0.1	www.gayspornmag.com
127.0.0.1	gaystogay.com
127.0.0.1	www.gaystogay.com
127.0.0.1	gazxetta.it
127.0.0.1	www.gazxetta.it
127.0.0.1	gazxzetta.it
127.0.0.1	www.gazxzetta.it
127.0.0.1	gazzaetta.it
127.0.0.1	www.gazzaetta.it
127.0.0.1	gazzdetta.it
127.0.0.1	www.gazzdetta.it
127.0.0.1	gazzedtta.it
127.0.0.1	www.gazzedtta.it
127.0.0.1	gazzeetta.it
127.0.0.1	www.gazzeetta.it
127.0.0.1	gazzeftta.it
127.0.0.1	www.gazzeftta.it
127.0.0.1	gazzegtta.it
127.0.0.1	www.gazzegtta.it
127.0.0.1	gazzehtta.it
127.0.0.1	www.gazzehtta.it
127.0.0.1	gazzerta.it
127.0.0.1	www.gazzerta.it
127.0.0.1	gazzertta.it
127.0.0.1	www.gazzertta.it
127.0.0.1	gazzestta.it
127.0.0.1	www.gazzestta.it
127.0.0.1	gazzetra.it
127.0.0.1	www.gazzetra.it
127.0.0.1	gazzett.it
127.0.0.1	www.gazzett.it
127.0.0.1	gazzettaa.it
127.0.0.1	www.gazzettaa.it
127.0.0.1	gazzettaq.it
127.0.0.1	www.gazzettaq.it
127.0.0.1	gazzettas.it
127.0.0.1	www.gazzettas.it
127.0.0.1	gazzettaz.it
127.0.0.1	www.gazzettaz.it
127.0.0.1	gazzettfa.it
127.0.0.1	www.gazzettfa.it
127.0.0.1	gazzettga.it
127.0.0.1	www.gazzettga.it
127.0.0.1	gazzettha.it
127.0.0.1	www.gazzettha.it
127.0.0.1	gazzettqa.it
127.0.0.1	www.gazzettqa.it
127.0.0.1	gazzettra.it
127.0.0.1	www.gazzettra.it
127.0.0.1	gazzetts.it
127.0.0.1	www.gazzetts.it
127.0.0.1	gazzettsa.it
127.0.0.1	www.gazzettsa.it
127.0.0.1	gazzettya.it
127.0.0.1	www.gazzettya.it
127.0.0.1	gazzettza.it
127.0.0.1	www.gazzettza.it
127.0.0.1	gazzetya.it
127.0.0.1	www.gazzetya.it
127.0.0.1	gazzetyta.it
127.0.0.1	www.gazzetyta.it
127.0.0.1	gazzeyta.it
127.0.0.1	www.gazzeyta.it
127.0.0.1	gazzeytta.it
127.0.0.1	www.gazzeytta.it
127.0.0.1	gazzfetta.it
127.0.0.1	www.gazzfetta.it
127.0.0.1	gazzretta.it
127.0.0.1	www.gazzretta.it
127.0.0.1	gazzrtta.it
127.0.0.1	www.gazzrtta.it
127.0.0.1	gazzsetta.it
127.0.0.1	www.gazzsetta.it
127.0.0.1	gazztta.it
127.0.0.1	www.gazztta.it
127.0.0.1	gazzwetta.it
127.0.0.1	www.gazzwetta.it
127.0.0.1	gazzwtta.it
127.0.0.1	www.gazzwtta.it
127.0.0.1	gazzxetta.it
127.0.0.1	www.gazzxetta.it
127.0.0.1	gbazzetta.it
127.0.0.1	www.gbazzetta.it
127.0.0.1	gboogle.it
127.0.0.1	www.gboogle.it
127.0.0.1	geil-de.info
127.0.0.1	www.geil-de.info
127.0.0.1	generalsmeltingofcanada.com
127.0.0.1	generateskey.com
127.0.0.1	www.generateskey.com
127.0.0.1	germany.rub.to
127.0.0.1	gerrari.it
127.0.0.1	www.gerrari.it
127.0.0.1	get.adwarebazooka.com
127.0.0.1	get.hitvirus.com
127.0.0.1	www.get-access.host.sk
127.0.0.1	getanysoftware.com
127.0.0.1	www.getanysoftware.com
127.0.0.1	getbestloanrate.info
127.0.0.1	www.getbestloanrate.info
127.0.0.1	getdvdshrink2007.com
127.0.0.1	www.getdvdshrink2007.com
127.0.0.1	geteens.com
127.0.0.1	getfound.com
127.0.0.1	www.getfound.com
127.0.0.1	getimageactivex.com
127.0.0.1	www.getimageactivex.com
127.0.0.1	get-ipod-music.com
127.0.0.1	www.get-ipod-music.com
127.0.0.1	getmirar.com
127.0.0.1	get-mp3-onlined.com
127.0.0.1	www.get-mp3-onlined.com
127.0.0.1	getpatytoday.info
127.0.0.1	www.getpatytoday.info
127.0.0.1	getphotosets.com
127.0.0.1	www.getphotosets.com
127.0.0.1	getpicshere.com
127.0.0.1	getpornmag.com
127.0.0.1	www.getpornmag.com
127.0.0.1	get-realplayer.com
127.0.0.1	www.get-realplayer.com
127.0.0.1	get-spybot.com
127.0.0.1	www.get-spybot.com
127.0.0.1	getvaxobject.com
127.0.0.1	www.getvaxobject.com
127.0.0.1	getvideosource.com
127.0.0.1	www.getvideosource.com
127.0.0.1	get-winrar.com
127.0.0.1	www.get-winrar.com
127.0.0.1	gfazzetta.it
127.0.0.1	www.gfazzetta.it
127.0.0.1	gfoogle.it
127.0.0.1	www.gfoogle.it
127.0.0.1	gfxgraphics.net
127.0.0.1	www.gfxgraphics.net
127.0.0.1	ggazzetta.it
127.0.0.1	www.ggazzetta.it
127.0.0.1	ghazzetta.it
127.0.0.1	www.ghazzetta.it
127.0.0.1	ghoogle.it
127.0.0.1	www.ghoogle.it
127.0.0.1	giangho.biz
127.0.0.1	www.giangho.biz
127.0.0.1	gigaz.info
127.0.0.1	www.gigaz.info
127.0.0.1	gimmezamore.com
127.0.0.1	gimnasiaer.com
127.0.0.1	giogle.it
127.0.0.1	www.giogle.it
127.0.0.1	gioogle.it
127.0.0.1	www.gioogle.it
127.0.0.1	girgilio.it
127.0.0.1	www.girgilio.it
127.0.0.1	girls4rent.net
127.0.0.1	girls-porn-life.com
127.0.0.1	giscali.it
127.0.0.1	www.giscali.it
127.0.0.1	givecnt.info
127.0.0.1	www.givecnt.info
127.0.0.1	gkoogle.it
127.0.0.1	www.gkoogle.it
127.0.0.1	gl.secdep.info
127.0.0.1	www.gl.secdep.info
127.0.0.1	glbdf.org
127.0.0.1	globalefinder.com
127.0.0.1	www.globalefinder.com
127.0.0.1	global-finder.com
127.0.0.1	globalwebsearch.com
127.0.0.1	globe-finder.cc
127.0.0.1	globe-finder.com
127.0.0.1	globesearch.com
127.0.0.1	www.globesearch.com
127.0.0.1	glogle.it
127.0.0.1	www.glogle.it
127.0.0.1	go.drivecleaner.com
127.0.0.1	go.errorsafe.com
127.0.0.1	go.systemdoctor.com
127.0.0.1	go.winantispyware.com
127.0.0.1	go.winantivirus.com
127.0.0.1	go0ogle.it
127.0.0.1	www.go0ogle.it
127.0.0.1	go2realsearch.com
127.0.0.1	www.go2realsearch.com
127.0.0.1	go2-search.com
127.0.0.1	go9ogle.it
127.0.0.1	www.go9ogle.it
127.0.0.1	goclick.com
127.0.0.1	www.goclick.com
127.0.0.1	gocodec.com
127.0.0.1	www.gocodec.com
127.0.0.1	gocybersearch.com
127.0.0.1	www.gocybersearch.com
127.0.0.1	gohip.com
127.0.0.1	www.gohip.com
127.0.0.1	goigle.it
127.0.0.1	www.goigle.it
127.0.0.1	goiogle.it
127.0.0.1	www.goiogle.it
127.0.0.1	gokogle.it
127.0.0.1	www.gokogle.it
127.0.0.1	goldbaccarat.info
127.0.0.1	goldcodec.com
127.0.0.1	www.goldcodec.com
127.0.0.1	gold-craps.info
127.0.0.1	www.gold-craps.info
127.0.0.1	Goldenantispy.com
127.0.0.1	www.Goldenantispy.com
127.0.0.1	goldenfreehost.com
127.0.0.1	www.goldenfreehost.com
127.0.0.1	goldengr.hypermart.net
127.0.0.1	golftennis.net
127.0.0.1	golgle.it
127.0.0.1	www.golgle.it
127.0.0.1	gologle.it
127.0.0.1	www.gologle.it
127.0.0.1	Gomusic.com
127.0.0.1	www.Gomusic.com
127.0.0.1	gomyron.com
127.0.0.1	www.gomyron.com
127.0.0.1	goo0gle.it
127.0.0.1	www.goo0gle.it
127.0.0.1	goo9gle.it
127.0.0.1	www.goo9gle.it
127.0.0.1	goobgle.it
127.0.0.1	www.goobgle.it
127.0.0.1	gooble.it
127.0.0.1	www.gooble.it
127.0.0.1	good-casino.net
127.0.0.1	www.good-casino.net
127.0.0.1	good-mortgages.net
127.0.0.1	good-mortgages-calculator.com
127.0.0.1	goodmovielaugh.com
127.0.0.1	www.goodmovielaugh.com
127.0.0.1	good-movie-play.com
127.0.0.1	goodsexs.com
127.0.0.1	goofgle.it
127.0.0.1	www.goofgle.it
127.0.0.1	googble.it
127.0.0.1	www.googble.it
127.0.0.1	googel.it
127.0.0.1	www.googel.it
127.0.0.1	googfle.it
127.0.0.1	www.googfle.it
127.0.0.1	googhle.it
127.0.0.1	www.googhle.it
127.0.0.1	googkle.it
127.0.0.1	www.googkle.it
127.0.0.1	googl3e.it
127.0.0.1	www.googl3e.it
127.0.0.1	googl4e.it
127.0.0.1	www.googl4e.it
127.0.0.1	googld.it
127.0.0.1	www.googld.it
127.0.0.1	googlde.it
127.0.0.1	www.googlde.it
127.0.0.1	google.panet.org
127.0.0.1	google123.web1000.com
127.0.0.1	google3.it
127.0.0.1	www.google3.it
127.0.0.1	google4.it
127.0.0.1	www.google4.it
127.0.0.1	googlebar.jps.ru
127.0.0.1	googled.it
127.0.0.1	www.googled.it
127.0.0.1	googlef.it
127.0.0.1	www.googlef.it
127.0.0.1	googler.it
127.0.0.1	www.googler.it
127.0.0.1	googles.it
127.0.0.1	www.googles.it
127.0.0.1	googlew.it
127.0.0.1	www.googlew.it
127.0.0.1	googlf.com
127.0.0.1	googlf.it
127.0.0.1	www.googlf.it
127.0.0.1	googlfe.it
127.0.0.1	www.googlfe.it
127.0.0.1	googlke.it
127.0.0.1	www.googlke.it
127.0.0.1	googloe.it
127.0.0.1	www.googloe.it
127.0.0.1	googlpe.it
127.0.0.1	www.googlpe.it
127.0.0.1	googlre.it
127.0.0.1	www.googlre.it
127.0.0.1	googlse.it
127.0.0.1	www.googlse.it
127.0.0.1	googlus.com
127.0.0.1	www.googlus.com
127.0.0.1	googlwe.it
127.0.0.1	www.googlwe.it
127.0.0.1	googole.it
127.0.0.1	www.googole.it
127.0.0.1	googple.it
127.0.0.1	www.googple.it
127.0.0.1	googtle.it
127.0.0.1	www.googtle.it
127.0.0.1	googvle.it
127.0.0.1	www.googvle.it
127.0.0.1	googyle.it
127.0.0.1	www.googyle.it
127.0.0.1	goohgle.it
127.0.0.1	www.goohgle.it
127.0.0.1	goohle.it
127.0.0.1	www.goohle.it
127.0.0.1	gooigle.it
127.0.0.1	www.gooigle.it
127.0.0.1	gookgle.it
127.0.0.1	www.gookgle.it
127.0.0.1	gooogle.bz
127.0.0.1	www.gooogle.bz
127.0.0.1	goopgle.it
127.0.0.1	www.goopgle.it
127.0.0.1	gootgle.it
127.0.0.1	www.gootgle.it
127.0.0.1	gootle.it
127.0.0.1	www.gootle.it
127.0.0.1	goovgle.it
127.0.0.1	www.goovgle.it
127.0.0.1	goovle.it
127.0.0.1	www.goovle.it
127.0.0.1	gooygle.it
127.0.0.1	www.gooygle.it
127.0.0.1	gopgle.it
127.0.0.1	www.gopgle.it
127.0.0.1	gopogle.it
127.0.0.1	www.gopogle.it
127.0.0.1	gorecord.com
127.0.0.1	www.gorecord.com
127.0.0.1	Go-turf.com
127.0.0.1	www.Go-turf.com
127.0.0.1	gpogle.it
127.0.0.1	www.gpogle.it
127.0.0.1	gpoogle.it
127.0.0.1	www.gpoogle.it
127.0.0.1	gqazzetta.it
127.0.0.1	www.gqazzetta.it
127.0.0.1	grab-it-today.net
127.0.0.1	graceinthedesert.org
127.0.0.1	www.graceinthedesert.org
127.0.0.1	gradforum.org
127.0.0.1	gratisdownloads.nl
127.0.0.1	gratis-porn-movie.com
127.0.0.1	gratis-pornopics.com
127.0.0.1	greatadultvideo.com
127.0.0.1	www.greatadultvideo.com
127.0.0.1	greatbahamas.com
127.0.0.1	www.greatbahamas.com
127.0.0.1	greatcodec.com
127.0.0.1	www.greatcodec.com
127.0.0.1	great-ticket.net
127.0.0.1	www.great-ticket.net
127.0.0.1	greencardspouse.com
127.0.0.1	www.greencardspouse.com
127.0.0.1	greg-search.com
127.0.0.1	greg-tut.com
127.0.0.1	grepubblica.it
127.0.0.1	www.grepubblica.it
127.0.0.1	gsazzetta.it
127.0.0.1	www.gsazzetta.it
127.0.0.1	gszzetta.it
127.0.0.1	www.gszzetta.it
127.0.0.1	gtawarehouse.com
127.0.0.1	gtazzetta.it
127.0.0.1	www.gtazzetta.it
127.0.0.1	gtiscali.it
127.0.0.1	www.gtiscali.it
127.0.0.1	gtoogle.it
127.0.0.1	www.gtoogle.it
127.0.0.1	gtrenitalia.it
127.0.0.1	www.gtrenitalia.it
127.0.0.1	gtuttogratis.it
127.0.0.1	www.gtuttogratis.it
127.0.0.1	gueb.com
127.0.0.1	www.gueb.com
127.0.0.1	guzzycats.com
127.0.0.1	gvazzetta.it
127.0.0.1	www.gvazzetta.it
127.0.0.1	gvirgilio.it
127.0.0.1	www.gvirgilio.it
127.0.0.1	gvoogle.it
127.0.0.1	www.gvoogle.it
127.0.0.1	gyoogle.it
127.0.0.1	www.gyoogle.it
127.0.0.1	gzazzetta.it
127.0.0.1	www.gzazzetta.it
127.0.0.1	gzphoenix.com
127.0.0.1	gzzetta.it
127.0.0.1	www.gzzetta.it
127.0.0.1	H24413.tfil.com
127.0.0.1	hachimitsu-lemon.com
127.0.0.1	www.hachimitsu-lemon.com
127.0.0.1	hadesunharuikeya.com
127.0.0.1	hallnetaccolade.com
127.0.0.1	hand-book.com
127.0.0.1	hao123.com
127.0.0.1	www.hao123.com
127.0.0.1	happyanal.com
127.0.0.1	hardbodytgp.com
127.0.0.1	hardcorefantasyland.com
127.0.0.1	www.hardcorefantasyland.com
127.0.0.1	hardcoreover.com
127.0.0.1	hardcorepornmag.com
127.0.0.1	www.hardcorepornmag.com
127.0.0.1	hardcorevideosite.com
127.0.0.1	www.hardcorevideosite.com
127.0.0.1	hardfootballbabes.com
127.0.0.1	www.hardfootballbabes.com
127.0.0.1	hard-gals.com
127.0.0.1	hardloved.com
127.0.0.1	hardwareseek.net
127.0.0.1	harukaigawa.com
127.0.0.1	hastalavista.com
127.0.0.1	www.hastalavista.com
127.0.0.1	havy.biz
127.0.0.1	hazzetta.it
127.0.0.1	www.hazzetta.it
127.0.0.1	hccsolanonapa.org
127.0.0.1	headlinesandnews.com
127.0.0.1	www.headlinesandnews.com
127.0.0.1	health-protein.com
127.0.0.1	helpcodec.com
127.0.0.1	www.helpcodec.com
127.0.0.1	helpyourpcnow.com
127.0.0.1	www.helpyourpcnow.com
127.0.0.1	helpyoursearch.com
127.0.0.1	hentai4u.net
127.0.0.1	here4search.biz
127.0.0.1	www.here4search.biz
127.0.0.1	here4search.com
127.0.0.1	hervam.com
127.0.0.1	www.hervam.com
127.0.0.1	heyrichy.com
127.0.0.1	hgazzetta.it
127.0.0.1	www.hgazzetta.it
127.0.0.1	hgoogle.it
127.0.0.1	www.hgoogle.it
127.0.0.1	hi.studioaperto.net
127.0.0.1	www.hi.studioaperto.net
127.0.0.1	hiboss.com
127.0.0.1	www.hiboss.com
127.0.0.1	hiddenguides.com
127.0.0.1	highdialer.com
127.0.0.1	www.highdialer.com
127.0.0.1	hijack-this.net
127.0.0.1	www.hijack-this.net
127.0.0.1	himen.biz
127.0.0.1	hiscali.it
127.0.0.1	www.hiscali.it
127.0.0.1	hi-search.com
127.0.0.1	hitlistlyrics.com
127.0.0.1	hitscount.net
127.0.0.1	hitsdriving.com
127.0.0.1	www.hitsdriving.com
127.0.0.1	hitvirus.com
127.0.0.1	www.hitvirus.com
127.0.0.1	hityou.com
127.0.0.1	www.hityou.com
127.0.0.1	hk.winantivirus.com
127.0.0.1	hobbypesca.com.br
127.0.0.1	www.hobbypesca.com.br
127.0.0.1	holidayautostr.com
127.0.0.1	homelandnetwork.COM
127.0.0.1	www.homelandnetwork.COM
127.0.0.1	homemortage.ws
127.0.0.1	hoogle.it
127.0.0.1	www.hoogle.it
127.0.0.1	host.sk
127.0.0.1	hostance.net
127.0.0.1	www.hostance.net
127.0.0.1	host-codec.com
127.0.0.1	www.host-codec.com
127.0.0.1	hostssp.com
127.0.0.1	hostthesky.com
127.0.0.1	www.hostthesky.com
127.0.0.1	hotbar.com
127.0.0.1	hotbookmark.com
127.0.0.1	hot-cartoon-sex.anime.american-teens.net
127.0.0.1	hotelcodec.com
127.0.0.1	www.hotelcodec.com
127.0.0.1	hotels-list.net
127.0.0.1	hotelxxxcams.com
127.0.0.1	hotfreebies.com
127.0.0.1	www.hotfreebies.com
127.0.0.1	hotlolitas.underagehost.com
127.0.0.1	hotmp3music.com
127.0.0.1	www.hotmp3music.com
127.0.0.1	hotpopup.com
127.0.0.1	hotsearchbox.com
127.0.0.1	hotsex-series.com
127.0.0.1	hotstartpage.com
127.0.0.1	Hot-tv.com
127.0.0.1	www.Hot-tv.com
127.0.0.1	hotwinupdates.com
127.0.0.1	www.hotwinupdates.com
127.0.0.1	hq-downloads.com
127.0.0.1	www.hq-downloads.com
127.0.0.1	hqsex.biz
127.0.0.1	hqthefilmsxxx.com
127.0.0.1	www.hqthefilmsxxx.com
127.0.0.1	htiscali.it
127.0.0.1	www.htiscali.it
127.0.0.1	httpwwwads.com
127.0.0.1	www.httpwwwads.com
127.0.0.1	hu15.ru
127.0.0.1	hugeinvention.com
127.0.0.1	www.hugeinvention.com
127.0.0.1	hugeporn4u.net
127.0.0.1	hugevideoszone.com
127.0.0.1	www.hugevideoszone.com
127.0.0.1	hunacsa.com
127.0.0.1	huntbar.com
127.0.0.1	www.huntbar.com
127.0.0.1	huoche.com.cn
127.0.0.1	www.huoche.com.cn
127.0.0.1	hupacasath.com
127.0.0.1	hut1.ru
127.0.0.1	hwgate.com
127.0.0.1	www.hwgate.com
127.0.0.1	hypoteches.com
127.0.0.1	www.hypoteches.com
127.0.0.1	hzsx.com
127.0.0.1	iaxobjectdownload.com
127.0.0.1	www.iaxobjectdownload.com
127.0.0.1	ibankis.org
127.0.0.1	www.ibankis.org
127.0.0.1	ibm.dmcast.com
127.0.0.1	ibmx.com
127.0.0.1	icansearch.net
127.0.0.1	iconfessonline.com
127.0.0.1	www.iconfessonline.com
127.0.0.1	iconnectyou.biz
127.0.0.1	www.iconnectyou.biz
127.0.0.1	icwb.com
127.0.0.1	icwo.com
127.0.0.1	icwp.com
127.0.0.1	iddh.com
127.0.0.1	idgsearch.com
127.0.0.1	idhh.com
127.0.0.1	idnserror.com
127.0.0.1	www.idnserror.com
127.0.0.1	idolikemovies.com
127.0.0.1	www.idolikemovies.com
127.0.0.1	ie.marketdart.com
127.0.0.1	iednserror.com
127.0.0.1	www.iednserror.com
127.0.0.1	iefeadsl.com
127.0.0.1	ieplugin.com
127.0.0.1	ieprotectpage.com
127.0.0.1	www.ieprotectpage.com
127.0.0.1	iesafetypage.com
127.0.0.1	www.iesafetypage.com
127.0.0.1	iesafetywarning.com
127.0.0.1	www.iesafetywarning.com
127.0.0.1	ie-search.com
127.0.0.1	iesecurepage.com
127.0.0.1	www.iesecurepage.com
127.0.0.1	iesecuritybar.com
127.0.0.1	www.iesecuritybar.com
127.0.0.1	iesecuritytool.com
127.0.0.1	www.iesecuritytool.com
127.0.0.1	ifeelyou.info
127.0.0.1	www.ifeelyou.info
127.0.0.1	i-femdom.com
127.0.0.1	www.i-femdom.com
127.0.0.1	ifiz.com
127.0.0.1	iframe.biz
127.0.0.1	iframebiz.com
127.0.0.1	www.iframebiz.com
127.0.0.1	igetnet.com
127.0.0.1	www.igetnet.com
127.0.0.1	ignphrases.com
127.0.0.1	www.ignphrases.com
127.0.0.1	iguu.com
127.0.0.1	ikataweb.it
127.0.0.1	www.ikataweb.it
127.0.0.1	ilbero.it
127.0.0.1	www.ilbero.it
127.0.0.1	i-lookup.com
127.0.0.1	imageactivexsolution.com
127.0.0.1	www.imageactivexsolution.com
127.0.0.1	imageaxaccesssoft.com
127.0.0.1	www.imageaxaccesssoft.com
127.0.0.1	imagemediaax.com
127.0.0.1	www.imagemediaax.com
127.0.0.1	images.888.com
127.0.0.1	imagescontrol.com
127.0.0.1	www.imagescontrol.com
127.0.0.1	imagespecials.com
127.0.0.1	www.imagespecials.com
127.0.0.1	imcodec.com
127.0.0.1	www.imcodec.com
127.0.0.1	imediacodec.com
127.0.0.1	www.imediacodec.com
127.0.0.1	imergeyou.com
127.0.0.1	www.imergeyou.com
127.0.0.1	imiserver.com
127.0.0.1	imrworldwide.com
127.0.0.1	inc-codec.com
127.0.0.1	www.inc-codec.com
127.0.0.1	incest-host.com
127.0.0.1	incestporngate.com
127.0.0.1	incredimail-download-now.com
127.0.0.1	www.incredimail-download-now.com
127.0.0.1	incredimail-hq.com
127.0.0.1	www.incredimail-hq.com
127.0.0.1	incredimailpro.com
127.0.0.1	www.incredimailpro.com
127.0.0.1	infectedkernel.com
127.0.0.1	www.infectedkernel.com
127.0.0.1	infodigger.net
127.0.0.1	infoglobus.com
127.0.0.1	infport.com
127.0.0.1	www.infport.com
127.0.0.1	inherhole.com
127.0.0.1	inibo.it
127.0.0.1	www.inibo.it
127.0.0.1	innovagest2000.com
127.0.0.1	www.innovagest2000.com
127.0.0.1	insertthiscock.com
127.0.0.1	instafinder.com
127.0.0.1	www.instafinder.com
127.0.0.1	install.007guard.com
127.0.0.1	www.install.007guard.com
127.0.0.1	install.searchtab.net
127.0.0.1	installcash.com
127.0.0.1	installmoviepro.com
127.0.0.1	www.installmoviepro.com
127.0.0.1	installobject.com
127.0.0.1	www.installobject.com
127.0.0.1	installs.180solutions.com
127.0.0.1	installvaxobject.com
127.0.0.1	www.installvaxobject.com
127.0.0.1	instlog.errorsafe.com
127.0.0.1	instlog.winantivirus.com
127.0.0.1	instlog.winfixer.com
127.0.0.1	insuranceall.net
127.0.0.1	insurance-flood.net
127.0.0.1	intcodec.com
127.0.0.1	www.intcodec.com
127.0.0.1	interactivebrands.com
127.0.0.1	www.interactivebrands.com
127.0.0.1	internationalmarketingfirm.com
127.0.0.1	www.internationalmarketingfirm.com
127.0.0.1	i-nt-e-r-n-e-t.com
127.0.0.1	www.i-nt-e-r-n-e-t.com
127.0.0.1	internet-explorer.name
127.0.0.1	www.internet-explorer.name
127.0.0.1	Internetgamebox.com
127.0.0.1	www.Internetgamebox.com
127.0.0.1	Internet-media-download.com
127.0.0.1	www.Internet-media-download.com
127.0.0.1	internet-optimizer.com
127.0.0.1	www.internet-optimizer.com
127.0.0.1	internetsearch.ru
127.0.0.1	ionichost.com
127.0.0.1	ionomist.com
127.0.0.1	ipod-itunes-download-now.com
127.0.0.1	www.ipod-itunes-download-now.com
127.0.0.1	ipod-music-store.com
127.0.0.1	www.ipod-music-store.com
127.0.0.1	ipod-tunes-download.com
127.0.0.1	www.ipod-tunes-download.com
127.0.0.1	ipointyou.hk
127.0.0.1	www.ipointyou.hk
127.0.0.1	ipsex.net
127.0.0.1	iqsearch.net
127.0.0.1	ireit.com
127.0.0.1	www.ireit.com
127.0.0.1	irfanview-center.com
127.0.0.1	www.irfanview-center.com
127.0.0.1	irfanview-download-now.com
127.0.0.1	www.irfanview-download-now.com
127.0.0.1	irfanview-stop.com
127.0.0.1	www.irfanview-stop.com
127.0.0.1	ironcarteam.com
127.0.0.1	is-best.com
127.0.0.1	iscali.it
127.0.0.1	www.iscali.it
127.0.0.1	ishowbao.com
127.0.0.1	www.ishowbao.com
127.0.0.1	israilq.com
127.0.0.1	www.israilq.com
127.0.0.1	istarthere.com
127.0.0.1	itfindout.org
127.0.0.1	www.itfindout.org
127.0.0.1	itknown.net
127.0.0.1	www.itknown.net
127.0.0.1	itsanal.com
127.0.0.1	itseasy.us
127.0.0.1	itunesandipods.com
127.0.0.1	www.itunesandipods.com
127.0.0.1	itunesfreebies.com
127.0.0.1	www.itunesfreebies.com
127.0.0.1	iugate.com
127.0.0.1	www.iugate.com
127.0.0.1	iunibo.it
127.0.0.1	www.iunibo.it
127.0.0.1	iunige.it
127.0.0.1	www.iunige.it
127.0.0.1	iunimi.it
127.0.0.1	www.iunimi.it
127.0.0.1	iunipd.it
127.0.0.1	www.iunipd.it
127.0.0.1	iunipg.it
127.0.0.1	www.iunipg.it
127.0.0.1	iunipv.it
127.0.0.1	www.iunipv.it
127.0.0.1	iunito.it
127.0.0.1	www.iunito.it
127.0.0.1	i-used.cc
127.0.0.1	ivideocodec.com
127.0.0.1	www.ivideocodec.com
127.0.0.1	iweb-commerce.com
127.0.0.1	iwebland.com
127.0.0.1	iwon.com
127.0.0.1	j10.wrs.mcboo.com
127.0.0.1	jackpot-advertising.info
127.0.0.1	www.jackpot-advertising.info
127.0.0.1	jackpotcheck.info
127.0.0.1	www.jackpotcheck.info
127.0.0.1	jeannineoldfield.com
127.0.0.1	jerrynews.com
127.0.0.1	www.jerrynews.com
127.0.0.1	www.jethomepage.com
127.0.0.1	jethomepage.com
127.0.0.1	jetseeker.com
127.0.0.1	jhzjyj.bigwww.com
127.0.0.1	jkataweb.it
127.0.0.1	www.jkataweb.it
127.0.0.1	jmhgallery.org
127.0.0.1	jmsn.it
127.0.0.1	www.jmsn.it
127.0.0.1	joannelatham.com
127.0.0.1	jps.ru
127.0.0.1	js.megalocast.net
127.0.0.1	jsp.drivecleaner.com
127.0.0.1	judin.ru
127.0.0.1	jumptothat.com
127.0.0.1	www.jumptothat.com
127.0.0.1	junkysex.com
127.0.0.1	jupitersatellites.biz
127.0.0.1	www.jupitersatellites.biz
127.0.0.1	justcount.net
127.0.0.1	www.justcount.net
127.0.0.1	juyatinjesaza.com
127.0.0.1	www.juyatinjesaza.com
127.0.0.1	k8l.info
127.0.0.1	kaaweb.it
127.0.0.1	www.kaaweb.it
127.0.0.1	kabex.com
127.0.0.1	www.kabex.com
127.0.0.1	kaftaweb.it
127.0.0.1	www.kaftaweb.it
127.0.0.1	kagtaweb.it
127.0.0.1	www.kagtaweb.it
127.0.0.1	kahtaweb.it
127.0.0.1	www.kahtaweb.it
127.0.0.1	kalmarte.zapto.org
127.0.0.1	kannylizaciya.info
127.0.0.1	kaqtaweb.it
127.0.0.1	www.kaqtaweb.it
127.0.0.1	karachun.biz
127.0.0.1	www.karachun.biz
127.0.0.1	karaweb.it
127.0.0.1	www.karaweb.it
127.0.0.1	karleyt.narod.ru
127.0.0.1	kartaweb.it
127.0.0.1	www.kartaweb.it
127.0.0.1	kastaweb.it
127.0.0.1	www.kastaweb.it
127.0.0.1	kataaweb.it
127.0.0.1	www.kataaweb.it
127.0.0.1	katadweb.it
127.0.0.1	www.katadweb.it
127.0.0.1	kataeb.it
127.0.0.1	www.kataeb.it
127.0.0.1	kataeeb.it
127.0.0.1	www.kataeeb.it
127.0.0.1	kataewb.it
127.0.0.1	www.kataewb.it
127.0.0.1	kataeweb.it
127.0.0.1	www.kataeweb.it
127.0.0.1	kataqeb.it
127.0.0.1	www.kataqeb.it
127.0.0.1	kataqweb.it
127.0.0.1	www.kataqweb.it
127.0.0.1	katasweb.it
127.0.0.1	www.katasweb.it
127.0.0.1	katawaeb.it
127.0.0.1	www.katawaeb.it
127.0.0.1	katawb.it
127.0.0.1	www.katawb.it
127.0.0.1	katawdeb.it
127.0.0.1	www.katawdeb.it
127.0.0.1	katawe.it
127.0.0.1	www.katawe.it
127.0.0.1	katawebb.it
127.0.0.1	www.katawebb.it
127.0.0.1	katawebg.it
127.0.0.1	www.katawebg.it
127.0.0.1	katawebh.it
127.0.0.1	www.katawebh.it
127.0.0.1	katawebn.it
127.0.0.1	www.katawebn.it
127.0.0.1	katawebv.it
127.0.0.1	www.katawebv.it
127.0.0.1	katawedb.it
127.0.0.1	www.katawedb.it
127.0.0.1	kataweeb.it
127.0.0.1	www.kataweeb.it
127.0.0.1	katawefb.it
127.0.0.1	www.katawefb.it
127.0.0.1	katawegb.it
127.0.0.1	www.katawegb.it
127.0.0.1	katawehb.it
127.0.0.1	www.katawehb.it
127.0.0.1	katawenb.it
127.0.0.1	www.katawenb.it
127.0.0.1	katawerb.it
127.0.0.1	www.katawerb.it
127.0.0.1	katawesb.it
127.0.0.1	www.katawesb.it
127.0.0.1	katawev.it
127.0.0.1	www.katawev.it
127.0.0.1	katawevb.it
127.0.0.1	www.katawevb.it
127.0.0.1	katawfeb.it
127.0.0.1	www.katawfeb.it
127.0.0.1	katawqeb.it
127.0.0.1	www.katawqeb.it
127.0.0.1	katawrb.it
127.0.0.1	www.katawrb.it
127.0.0.1	katawreb.it
127.0.0.1	www.katawreb.it
127.0.0.1	katawseb.it
127.0.0.1	www.katawseb.it
127.0.0.1	katawwb.it
127.0.0.1	www.katawwb.it
127.0.0.1	katawweb.it
127.0.0.1	www.katawweb.it
127.0.0.1	katazweb.it
127.0.0.1	www.katazweb.it
127.0.0.1	katfaweb.it
127.0.0.1	www.katfaweb.it
127.0.0.1	katgaweb.it
127.0.0.1	www.katgaweb.it
127.0.0.1	kathaweb.it
127.0.0.1	www.kathaweb.it
127.0.0.1	kathisomers.com
127.0.0.1	katqaweb.it
127.0.0.1	www.katqaweb.it
127.0.0.1	katraweb.it
127.0.0.1	www.katraweb.it
127.0.0.1	katsaweb.it
127.0.0.1	www.katsaweb.it
127.0.0.1	katsweb.it
127.0.0.1	www.katsweb.it
127.0.0.1	kattaweb.it
127.0.0.1	www.kattaweb.it
127.0.0.1	katweb.it
127.0.0.1	www.katweb.it
127.0.0.1	katzaweb.it
127.0.0.1	www.katzaweb.it
127.0.0.1	kayaweb.it
127.0.0.1	www.kayaweb.it
127.0.0.1	kazaa-lite.ws
127.0.0.1	kaztaweb.it
127.0.0.1	www.kaztaweb.it
127.0.0.1	kb.errorsafe.com
127.0.0.1	kb.winantivirus.com
127.0.0.1	Keinegefahr.com
127.0.0.1	www.Keinegefahr.com
127.0.0.1	keithgreenpro.com
127.0.0.1	kenmccaul.com
127.0.0.1	keratomir.biz
127.0.0.1	www.keratomir.biz
127.0.0.1	keratomir2.biz
127.0.0.1	www.keratomir2.biz
127.0.0.1	keycodec.com
127.0.0.1	www.keycodec.com
127.0.0.1	key-codec.com
127.0.0.1	www.key-codec.com
127.0.0.1	keygenguru.com
127.0.0.1	www.keygenguru.com
127.0.0.1	key-ticket.com
127.0.0.1	www.key-ticket.com
127.0.0.1	khcbaym.com
127.0.0.1	www.khcbaym.com
127.0.0.1	kiataweb.it
127.0.0.1	www.kiataweb.it
127.0.0.1	kibero.it
127.0.0.1	www.kibero.it
127.0.0.1	killerpornstars.com
127.0.0.1	kilosex.com
127.0.0.1	kimhines.com
127.0.0.1	kimsoftware.com
127.0.0.1	www.kimsoftware.com
127.0.0.1	kinoru.com
127.0.0.1	kitehosting.com
127.0.0.1	www.kitehosting.com
127.0.0.1	kjataweb.it
127.0.0.1	www.kjataweb.it
127.0.0.1	kkataweb.it
127.0.0.1	www.kkataweb.it
127.0.0.1	klataweb.it
127.0.0.1	www.klataweb.it
127.0.0.1	klibero.it
127.0.0.1	www.klibero.it
127.0.0.1	klik.klikadvertising.com
127.0.0.1	klikadvertising.com
127.0.0.1	www.klikadvertising.com
127.0.0.1	kliksearch.com
127.0.0.1	kliksoftware.com
127.0.0.1	www.kliksoftware.com
127.0.0.1	k-lined.com
127.0.0.1	k-litegold.com
127.0.0.1	www.k-litegold.com
127.0.0.1	klitepro.com
127.0.0.1	www.klitepro.com
127.0.0.1	k-litetk.com
127.0.0.1	www.k-litetk.com
127.0.0.1	kmataweb.it
127.0.0.1	www.kmataweb.it
127.0.0.1	kmpads.com
127.0.0.1	www.kmpads.com
127.0.0.1	kmsn.it
127.0.0.1	www.kmsn.it
127.0.0.1	koataweb.it
127.0.0.1	www.koataweb.it
127.0.0.1	komforochka.info
127.0.0.1	www.komforochka.info
127.0.0.1	kqataweb.it
127.0.0.1	www.kqataweb.it
127.0.0.1	kr62.com
127.0.0.1	www.kr62.com
127.0.0.1	krankin.com
127.0.0.1	www.krankin.com
127.0.0.1	ksataweb.it
127.0.0.1	www.ksataweb.it
127.0.0.1	ksdspups.org
127.0.0.1	kstaweb.it
127.0.0.1	www.kstaweb.it
127.0.0.1	ktaweb.it
127.0.0.1	www.ktaweb.it
127.0.0.1	kzataweb.it
127.0.0.1	www.kzataweb.it
127.0.0.1	kzdh.com
127.0.0.1	www.kzdh.com
127.0.0.1	l.mezzicodec.net
127.0.0.1	l8bero.it
127.0.0.1	www.l8bero.it
127.0.0.1	l8ibero.it
127.0.0.1	www.l8ibero.it
127.0.0.1	l9bero.it
127.0.0.1	www.l9bero.it
127.0.0.1	l9ibero.it
127.0.0.1	www.l9ibero.it
127.0.0.1	landrape.com
127.0.0.1	Lastsoftwares.com
127.0.0.1	www.Lastsoftwares.com
127.0.0.1	laughnetwork.com
127.0.0.1	www.laughnetwork.com
127.0.0.1	lauraroebuck.com
127.0.0.1	lavasoftupdate.com
127.0.0.1	www.lavasoftupdate.com
127.0.0.1	lavl-vicky.com
127.0.0.1	www.lavl-vicky.com
127.0.0.1	lbero.it
127.0.0.1	www.lbero.it
127.0.0.1	lbiero.it
127.0.0.1	www.lbiero.it
127.0.0.1	leannalovelace.com
127.0.0.1	lebenstest.de
127.0.0.1	www.lebenstest.de
127.0.0.1	legal-at-spybot.info
127.0.0.1	www.legal-at-spybot.info
127.0.0.1	lesbianpornmag.com
127.0.0.1	www.lesbianpornmag.com
127.0.0.1	lesbianspornmag.com
127.0.0.1	www.lesbianspornmag.com
127.0.0.1	lesobank.ru
127.0.0.1	lets-get-it.info
127.0.0.1	www.lets-get-it.info
127.0.0.1	lets-get-it.net
127.0.0.1	lets-get-it.org
127.0.0.1	www.lets-get-it.org
127.0.0.1	lfxmsc.gov.cn
127.0.0.1	www.lfxmsc.gov.cn
127.0.0.1	li8bero.it
127.0.0.1	www.li8bero.it
127.0.0.1	li9bero.it
127.0.0.1	www.li9bero.it
127.0.0.1	lib3ero.it
127.0.0.1	www.lib3ero.it
127.0.0.1	lib3ro.it
127.0.0.1	www.lib3ro.it
127.0.0.1	lib4ero.it
127.0.0.1	www.lib4ero.it
127.0.0.1	lib4ro.it
127.0.0.1	www.lib4ro.it
127.0.0.1	libdero.it
127.0.0.1	www.libdero.it
127.0.0.1	libdro.it
127.0.0.1	www.libdro.it
127.0.0.1	libe3ro.it
127.0.0.1	www.libe3ro.it
127.0.0.1	libe4o.it
127.0.0.1	www.libe4o.it
127.0.0.1	libe4ro.it
127.0.0.1	www.libe4ro.it
127.0.0.1	libe5o.it
127.0.0.1	www.libe5o.it
127.0.0.1	libe5ro.it
127.0.0.1	www.libe5ro.it
127.0.0.1	libedro.it
127.0.0.1	www.libedro.it
127.0.0.1	libeeo.it
127.0.0.1	www.libeeo.it
127.0.0.1	libeero.it
127.0.0.1	www.libeero.it
127.0.0.1	libefro.it
127.0.0.1	www.libefro.it
127.0.0.1	libegro.it
127.0.0.1	www.libegro.it
127.0.0.1	liber0.it
127.0.0.1	www.liber0.it
127.0.0.1	liber0o.it
127.0.0.1	www.liber0o.it
127.0.0.1	liber4o.it
127.0.0.1	www.liber4o.it
127.0.0.1	liber5o.it
127.0.0.1	www.liber5o.it
127.0.0.1	liber9.it
127.0.0.1	www.liber9.it
127.0.0.1	liberdo.it
127.0.0.1	www.liberdo.it
127.0.0.1	libereo.it
127.0.0.1	www.libereo.it
127.0.0.1	liberfo.it
127.0.0.1	www.liberfo.it
127.0.0.1	libergo.it
127.0.0.1	www.libergo.it
127.0.0.1	liberko.it
127.0.0.1	www.liberko.it
127.0.0.1	liberl.it
127.0.0.1	www.liberl.it
127.0.0.1	liberlo.it
127.0.0.1	www.liberlo.it
127.0.0.1	libero0.it
127.0.0.1	www.libero0.it
127.0.0.1	libero9.it
127.0.0.1	www.libero9.it
127.0.0.1	liberoi.it
127.0.0.1	www.liberoi.it
127.0.0.1	liberok.it
127.0.0.1	www.liberok.it
127.0.0.1	liberol.it
127.0.0.1	www.liberol.it
127.0.0.1	liberop.it
127.0.0.1	www.liberop.it
127.0.0.1	liberpo.it
127.0.0.1	www.liberpo.it
127.0.0.1	liberro.it
127.0.0.1	www.liberro.it
127.0.0.1	libertyonlinehosting.com
127.0.0.1	libesro.it
127.0.0.1	www.libesro.it
127.0.0.1	libetro.it
127.0.0.1	www.libetro.it
127.0.0.1	libewro.it
127.0.0.1	www.libewro.it
127.0.0.1	libfero.it
127.0.0.1	www.libfero.it
127.0.0.1	libfro.it
127.0.0.1	www.libfro.it
127.0.0.1	libgero.it
127.0.0.1	www.libgero.it
127.0.0.1	libhero.it
127.0.0.1	www.libhero.it
127.0.0.1	libnero.it
127.0.0.1	www.libnero.it
127.0.0.1	libreo.it
127.0.0.1	www.libreo.it
127.0.0.1	librero.it
127.0.0.1	www.librero.it
127.0.0.1	libsero.it
127.0.0.1	www.libsero.it
127.0.0.1	libsro.it
127.0.0.1	www.libsro.it
127.0.0.1	libvero.it
127.0.0.1	www.libvero.it
127.0.0.1	libwero.it
127.0.0.1	www.libwero.it
127.0.0.1	libwro.it
127.0.0.1	www.libwro.it
127.0.0.1	ligbero.it
127.0.0.1	www.ligbero.it
127.0.0.1	ligero.it
127.0.0.1	www.ligero.it
127.0.0.1	lightcodec.com
127.0.0.1	www.lightcodec.com
127.0.0.1	lightspeedsearch.net
127.0.0.1	www.lightspeedsearch.net
127.0.0.1	lihbero.it
127.0.0.1	www.lihbero.it
127.0.0.1	lihero.it
127.0.0.1	www.lihero.it
127.0.0.1	liibero.it
127.0.0.1	www.liibero.it
127.0.0.1	lijbero.it
127.0.0.1	www.lijbero.it
127.0.0.1	likbero.it
127.0.0.1	www.likbero.it
127.0.0.1	lilbero.it
127.0.0.1	www.lilbero.it
127.0.0.1	limewire2007pro.info
127.0.0.1	www.limewire2007pro.info
127.0.0.1	limewire-download-pro.com
127.0.0.1	www.limewire-download-pro.com
127.0.0.1	limewire-mp3-share.com
127.0.0.1	www.limewire-mp3-share.com
127.0.0.1	limewirenetwork.com
127.0.0.1	www.limewirenetwork.com
127.0.0.1	limewire-pro-downloads.com
127.0.0.1	www.limewire-pro-downloads.com
127.0.0.1	limewirezone.com
127.0.0.1	www.limewirezone.com
127.0.0.1	linbero.it
127.0.0.1	www.linbero.it
127.0.0.1	linero.it
127.0.0.1	www.linero.it
127.0.0.1	lingerie-mania.com
127.0.0.1	linkautomatici.com
127.0.0.1	www.linkautomatici.com
127.0.0.1	links4all.biz
127.0.0.1	linksummary.com
127.0.0.1	liobero.it
127.0.0.1	www.liobero.it
127.0.0.1	lisamatthew.com
127.0.0.1	little-download.net
127.0.0.1	www.little-download.net
127.0.0.1	little-help.com
127.0.0.1	www.little-help.com
127.0.0.1	liubero.it
127.0.0.1	www.liubero.it
127.0.0.1	livbero.it
127.0.0.1	www.livbero.it
127.0.0.1	live.sex-explorer.com
127.0.0.1	www.live.sex-explorer.com
127.0.0.1	livegambling.com
127.0.0.1	liveholio.com
127.0.0.1	livenewspaper.com
127.0.0.1	liveplayer.tv
127.0.0.1	www.liveplayer.tv
127.0.0.1	ljbero.it
127.0.0.1	www.ljbero.it
127.0.0.1	ljibero.it
127.0.0.1	www.ljibero.it
127.0.0.1	lkataweb.it
127.0.0.1	www.lkataweb.it
127.0.0.1	lkbero.it
127.0.0.1	www.lkbero.it
127.0.0.1	lkibero.it
127.0.0.1	www.lkibero.it
127.0.0.1	llibero.it
127.0.0.1	www.llibero.it
127.0.0.1	loading-lolita.com
127.0.0.1	locked-domain.com
127.0.0.1	logerau11.com
127.0.0.1	www.logerau11.com
127.0.0.1	logih.com
127.0.0.1	login.fric.cn
127.0.0.1	www.login.fric.cn
127.0.0.1	logs.media-motor.net
127.0.0.1	logs.vapochille.com
127.0.0.1	www.logs.vapochille.com
127.0.0.1	loibero.it
127.0.0.1	www.loibero.it
127.0.0.1	lolita4all1.xrensmagpost.com
127.0.0.1	lollitop.com
127.0.0.1	lookfor.cc
127.0.0.1	looking-for.cc
127.0.0.1	lop.com
127.0.0.1	www.lop.com
127.0.0.1	lordoftibia.pl
127.0.0.1	www.lordoftibia.pl
127.0.0.1	louiseleeds.com
127.0.0.1	loveadot.com
127.0.0.1	www.loveadot.com
127.0.0.1	love-host.com
127.0.0.1	lovelas.com
127.0.0.1	lovelysearch.com
127.0.0.1	love-pix.com
127.0.0.1	lovezest.com
127.0.0.1	www.lovezest.com
127.0.0.1	loweradult.com
127.0.0.1	www.loweradult.com
127.0.0.1	low-taxes.com
127.0.0.1	lpibero.it
127.0.0.1	www.lpibero.it
127.0.0.1	luckysearch.net
127.0.0.1	luibero.it
127.0.0.1	www.luibero.it
127.0.0.1	lunitaweb.net
127.0.0.1	lustful-porno.com
127.0.0.1	lzio.com
127.0.0.1	www.lzio.com
127.0.0.1	mabou.org
127.0.0.1	www.mabou.org
127.0.0.1	mackinnonsbrook.org
127.0.0.1	macrovirus.com
127.0.0.1	www.macrovirus.com
127.0.0.1	madfinder.com
127.0.0.1	madisonmoons.com
127.0.0.1	madisonoilco.com
127.0.0.1	madonalive.com
127.0.0.1	madsexxx.com
127.0.0.1	www.madsexxx.com
127.0.0.1	mafiapics.com
127.0.0.1	magicsearch.ws
127.0.0.1	www.magicsearch.ws
127.0.0.1	mainstreamdollars.com
127.0.0.1	www.mainstreamdollars.com
127.0.0.1	majuozawa.com
127.0.0.1	makin-do.com
127.0.0.1	male4free.com
127.0.0.1	malwarealarm.com
127.0.0.1	www.malwarealarm.com
127.0.0.1	malwarebot.com
127.0.0.1	www.malwarebot.com
127.0.0.1	malwarewipe.com
127.0.0.1	www.malwarewipe.com
127.0.0.1	malwarewiped.com
127.0.0.1	www.malwarewiped.com
127.0.0.1	malwarewipesupport.com
127.0.0.1	www.malwarewipesupport.com
127.0.0.1	malwarewipeupdate.com
127.0.0.1	www.malwarewipeupdate.com
127.0.0.1	map-quest.org
127.0.0.1	marilynchamber.com
127.0.0.1	marketdart.com
127.0.0.1	marketengines.com
127.0.0.1	www.marketengines.com
127.0.0.1	marketing-know-how.com
127.0.0.1	www.marketing-know-how.com
127.0.0.1	marketingsector.com
127.0.0.1	martfinder.com
127.0.0.1	masn.it
127.0.0.1	www.masn.it
127.0.0.1	massearch.com
127.0.0.1	master69.biz
127.0.0.1	www.master69.biz
127.0.0.1	master70.biz
127.0.0.1	www.master70.biz
127.0.0.1	master71.biz
127.0.0.1	www.master71.biz
127.0.0.1	masterbar.com
127.0.0.1	matcash.com
127.0.0.1	www.matcash.com
127.0.0.1	matetrava.com
127.0.0.1	mature50.com
127.0.0.1	matureporngate.com
127.0.0.1	maturepornmag.com
127.0.0.1	www.maturepornmag.com
127.0.0.1	maturespornmag.com
127.0.0.1	www.maturespornmag.com
127.0.0.1	maturetoolbar.com
127.0.0.1	www.maturetoolbar.com
127.0.0.1	maxdzines.com
127.0.0.1	maxifile.com
127.0.0.1	www.maxifile.com
127.0.0.1	maxysize.com
127.0.0.1	www.maxysize.com
127.0.0.1	mayancasino.com
127.0.0.1	mcafee-antivirus-2007.com
127.0.0.1	www.mcafee-antivirus-2007.com
127.0.0.1	mcboo.com
127.0.0.1	www.mcboo.com
127.0.0.1	mcdial.biz
127.0.0.1	www.mcdial.biz
127.0.0.1	mcgeeforlabor.com
127.0.0.1	mdstunisie.org
127.0.0.1	medcodec.com
127.0.0.1	www.medcodec.com
127.0.0.1	media.matcash.com
127.0.0.1	media.rapid-pass.net
127.0.0.1	mediaactivex.com
127.0.0.1	www.mediaactivex.com
127.0.0.1	mediaactivexfile.com
127.0.0.1	www.mediaactivexfile.com
127.0.0.1	mediaactivexobject.com
127.0.0.1	www.mediaactivexobject.com
127.0.0.1	mediaactivextask.com
127.0.0.1	www.mediaactivextask.com
127.0.0.1	mediaaxobject.com
127.0.0.1	www.mediaaxobject.com
127.0.0.1	mediaaxproject.com
127.0.0.1	www.mediaaxproject.com
127.0.0.1	mediaaxsetup.com
127.0.0.1	www.mediaaxsetup.com
127.0.0.1	mediaaxsolution.com
127.0.0.1	www.mediaaxsolution.com
127.0.0.1	mediabusnetwork.com
127.0.0.1	www.mediabusnetwork.com
127.0.0.1	media-codec.com
127.0.0.1	www.media-codec.com
127.0.0.1	mediacodec.net
127.0.0.1	www.mediacodec.net
127.0.0.1	media-codec.net
127.0.0.1	www.media-codec.net
127.0.0.1	mediacodec2007.com
127.0.0.1	www.mediacodec2007.com
127.0.0.1	mediacount.net
127.0.0.1	www.mediacount.net
127.0.0.1	media-motor.net
127.0.0.1	mediaobjectguide.com
127.0.0.1	www.mediaobjectguide.com
127.0.0.1	mediaobjectsite.com
127.0.0.1	www.mediaobjectsite.com
127.0.0.1	mediaobjectsource.com
127.0.0.1	www.mediaobjectsource.com
127.0.0.1	mediaplayer-2007.com
127.0.0.1	www.mediaplayer-2007.com
127.0.0.1	mediaplayer-download.org
127.0.0.1	www.mediaplayer-download.org
127.0.0.1	mediaplayer-download-now.com
127.0.0.1	www.mediaplayer-download-now.com
127.0.0.1	mediaprojectaccess.com
127.0.0.1	www.mediaprojectaccess.com
127.0.0.1	medicare-insurance.net
127.0.0.1	medicare-supplemental.com
127.0.0.1	mega-adult.com
127.0.0.1	www.mega-adult.com
127.0.0.1	mega-codec.com
127.0.0.1	www.mega-codec.com
127.0.0.1	mega-dating-tips.com
127.0.0.1	megago.com
127.0.0.1	www.megago.com
127.0.0.1	megalocast.net
127.0.0.1	www.megalocast.net
127.0.0.1	megapornix.com
127.0.0.1	megasearchbar.com
127.0.0.1	www.megasearchbar.com
127.0.0.1	megaseek.net
127.0.0.1	www.megaseek.net
127.0.0.1	megumikanzaki.com
127.0.0.1	meizi7472831.com
127.0.0.1	www.meizi7472831.com
127.0.0.1	Menacerescue.com
127.0.0.1	www.Menacerescue.com
127.0.0.1	Menacesecure.com
127.0.0.1	www.Menacesecure.com
127.0.0.1	meshalynn.com
127.0.0.1	mesn.it
127.0.0.1	www.mesn.it
127.0.0.1	meta-adult.com
127.0.0.1	meta-casino.com
127.0.0.1	metafora.ru
127.0.0.1	meta-mobile.com
127.0.0.1	metapoisk.ru
127.0.0.1	meta-porn.com
127.0.0.1	metastop.com
127.0.0.1	www.metastop.com
127.0.0.1	methasearch.info
127.0.0.1	www.methasearch.info
127.0.0.1	mezzicodec.net
127.0.0.1	www.mezzicodec.net
127.0.0.1	miaminews365.net
127.0.0.1	www.miaminews365.net
127.0.0.1	michiyonakajima.com
127.0.0.1	miconsultamedica.com
127.0.0.1	micro-codec.com
127.0.0.1	www.micro-codec.com
127.0.0.1	microsoftantispyware.net
127.0.0.1	www.microsoftantispyware.net
127.0.0.1	midlets.biz
127.0.0.1	www.midlets.biz
127.0.0.1	mikasakamoto.com
127.0.0.1	mikoni.com
127.0.0.1	militarygods.porn4porn.net
127.0.0.1	millennialpeople.org
127.0.0.1	miosearch.com
127.0.0.1	www.miosearch.com
127.0.0.1	mipham.org
127.0.0.1	mir.100888290cs.com
127.0.0.1	mirarsearch.com
127.0.0.1	www.mirarsearch.com
127.0.0.1	mircosoftantispy.com
127.0.0.1	www.mircosoftantispy.com
127.0.0.1	misofthelp.com
127.0.0.1	www.misofthelp.com
127.0.0.1	missingcommand.com
127.0.0.1	mixsearch.com
127.0.0.1	www.mixsearch.com
127.0.0.1	mjsn.it
127.0.0.1	www.mjsn.it
127.0.0.1	mkataweb.it
127.0.0.1	www.mkataweb.it
127.0.0.1	mksn.it
127.0.0.1	www.mksn.it
127.0.0.1	mmcodec.com
127.0.0.1	www.mmcodec.com
127.0.0.1	mmm.elitemediagroup.net
127.0.0.1	mmm.media-motor.net
127.0.0.1	mmmike.com
127.0.0.1	www.mmmike.com
127.0.0.1	mmohsix.com
127.0.0.1	www.mmohsix.com
127.0.0.1	mnsn.it
127.0.0.1	www.mnsn.it
127.0.0.1	mokead.com
127.0.0.1	www.mokead.com
127.0.0.1	mommykiss.com
127.0.0.1	money-advertise.info
127.0.0.1	www.money-advertise.info
127.0.0.1	moneyhunters.com
127.0.0.1	montgomeryhospitalanesthesia.com
127.0.0.1	morflot.com
127.0.0.1	mortgage-debt.net
127.0.0.1	mortismaximus.com
127.0.0.1	moscowwhores.com
127.0.0.1	motioncodecs.com
127.0.0.1	www.motioncodecs.com
127.0.0.1	moviecategories.com
127.0.0.1	moviecodec.net
127.0.0.1	www.moviecodec.net
127.0.0.1	moviecodecs.net
127.0.0.1	www.moviecodecs.net
127.0.0.1	moviereality.com
127.0.0.1	www.moviereality.com
127.0.0.1	movies-codecs.com
127.0.0.1	www.movies-codecs.com
127.0.0.1	moviesdvds.net
127.0.0.1	www.moviesdvds.net
127.0.0.1	movies-etc.com
127.0.0.1	movietooklit.com
127.0.0.1	www.movietooklit.com
127.0.0.1	movscodec.com
127.0.0.1	www.movscodec.com
127.0.0.1	mp3bearshare.com
127.0.0.1	www.mp3bearshare.com
127.0.0.1	mp3-morpheus.com
127.0.0.1	www.mp3-morpheus.com
127.0.0.1	mp3musichq.com
127.0.0.1	www.mp3musichq.com
127.0.0.1	mp3-music-source.com
127.0.0.1	www.mp3-music-source.com
127.0.0.1	mp3-muzic.com
127.0.0.1	www.mp3-muzic.com
127.0.0.1	mp3-pix.com
127.0.0.1	mp3winmx.com
127.0.0.1	www.mp3winmx.com
127.0.0.1	mpeg-look.com
127.0.0.1	mrantispy.com
127.0.0.1	www.mrantispy.com
127.0.0.1	mrtg.jps.ru
127.0.0.1	msan.it
127.0.0.1	www.msan.it
127.0.0.1	msantispy.com
127.0.0.1	www.msantispy.com
127.0.0.1	msbn.it
127.0.0.1	www.msbn.it
127.0.0.1	msen.it
127.0.0.1	www.msen.it
127.0.0.1	mshn.it
127.0.0.1	www.mshn.it
127.0.0.1	msjn.it
127.0.0.1	www.msjn.it
127.0.0.1	msmn.it
127.0.0.1	www.msmn.it
127.0.0.1	msnb.it
127.0.0.1	www.msnb.it
127.0.0.1	msnguard.cc
127.0.0.1	msnh.it
127.0.0.1	www.msnh.it
127.0.0.1	msn-info.net
127.0.0.1	msnj.it
127.0.0.1	www.msnj.it
127.0.0.1	msnm.it
127.0.0.1	www.msnm.it
127.0.0.1	mssn.it
127.0.0.1	www.mssn.it
127.0.0.1	msupdate.net
127.0.0.1	www.msupdate.net
127.0.0.1	msupdater.net
127.0.0.1	www.msupdater.net
127.0.0.1	mswn.it
127.0.0.1	www.mswn.it
127.0.0.1	msxn.it
127.0.0.1	www.msxn.it
127.0.0.1	mszn.it
127.0.0.1	www.mszn.it
127.0.0.1	mt-download.com
127.0.0.1	www.mt-download.com
127.0.0.1	MUAFK.COM
127.0.0.1	www.MUAFK.COM
127.0.0.1	multimediaobject.com
127.0.0.1	www.multimediaobject.com
127.0.0.1	multi-pops.com
127.0.0.1	www.multi-pops.com
127.0.0.1	multipussy.com
127.0.0.1	multitrader.info
127.0.0.1	www.multitrader.info
127.0.0.1	mundopolar.com
127.0.0.1	munky.com
127.0.0.1	www.munky.com
127.0.0.1	musicmatch.free-software-center.com
127.0.0.1	www.musicmatch.free-software-center.com
127.0.0.1	mustv.com
127.0.0.1	mwsn.it
127.0.0.1	www.mwsn.it
127.0.0.1	mxsn.it
127.0.0.1	www.mxsn.it
127.0.0.1	myadultexplorer.com
127.0.0.1	www.myadultexplorer.com
127.0.0.1	mybestsearch2007.com
127.0.0.1	www.mybestsearch2007.com
127.0.0.1	mycpmads.com
127.0.0.1	www.mycpmads.com
127.0.0.1	my-dedik-one.com
127.0.0.1	www.my-dedik-one.com
127.0.0.1	myeasymp3downloadsnow.com
127.0.0.1	www.myeasymp3downloadsnow.com
127.0.0.1	myexes.hk
127.0.0.1	www.myexes.hk
127.0.0.1	myexexex.com
127.0.0.1	my-finder.com
127.0.0.1	myfuncards.smileycentral.com
127.0.0.1	www.myfuncards.smileycentral.com
127.0.0.1	mygeek.com
127.0.0.1	www.mygeek.com
127.0.0.1	mylimewirenetwork.com
127.0.0.1	www.mylimewirenetwork.com
127.0.0.1	mymusicaccessories.com
127.0.0.1	www.mymusicaccessories.com
127.0.0.1	my-music-space.com
127.0.0.1	www.my-music-space.com
127.0.0.1	mypornmagpass.com
127.0.0.1	www.mypornmagpass.com
127.0.0.1	myseachexplorer.com
127.0.0.1	www.myseachexplorer.com
127.0.0.1	mysoftwareprovider.com
127.0.0.1	www.mysoftwareprovider.com
127.0.0.1	my-software-space.com
127.0.0.1	www.my-software-space.com
127.0.0.1	myspyprotector.com
127.0.0.1	www.myspyprotector.com
127.0.0.1	myspywarebot.com
127.0.0.1	www.myspywarebot.com
127.0.0.1	my-teensex.com
127.0.0.1	mytunes.lets-get-it.net
127.0.0.1	www.mytunes.lets-get-it.net
127.0.0.1	myvnc.com
127.0.0.1	mywebsearch.net
127.0.0.1	mzsn.it
127.0.0.1	www.mzsn.it
127.0.0.1	n3.net
127.0.0.1	nameservicedirect.com
127.0.0.1	www.nameservicedirect.com
127.0.0.1	nativehardcore.com
127.0.0.1	naturalspy.com
127.0.0.1	nav.mabou.org
127.0.0.1	Navinetwork.com
127.0.0.1	www.Navinetwork.com
127.0.0.1	Navi-recherche.com
127.0.0.1	www.Navi-recherche.com
127.0.0.1	nbasportsbook.net
127.0.0.1	nbbrf-hnxh.biz
127.0.0.1	www.nbbrf-hnxh.biz
127.0.0.1	nbcsearch.com
127.0.0.1	www.nbcsearch.com
127.0.0.1	ncast.cn
127.0.0.1	www.ncast.cn
127.0.0.1	ncc.sex-explorer.com
127.0.0.1	necessaryupdates.com
127.0.0.1	www.necessaryupdates.com
127.0.0.1	nellyslyrics.com
127.0.0.1	nepgyan.com
127.0.0.1	nerdwareinc.com
127.0.0.1	www.nerdwareinc.com
127.0.0.1	nesrecords.com
127.0.0.1	net.mabou.org
127.0.0.1	net.xibu315.com
127.0.0.1	netbios-wait.com
127.0.0.1	www.netbios-wait.com
127.0.0.1	netfartpost.com
127.0.0.1	net-integration.net
127.0.0.1	www.net-integration.net
127.0.0.1	net-integration.us
127.0.0.1	www.net-integration.us
127.0.0.1	net-nucleus.com
127.0.0.1	www.net-nucleus.com
127.0.0.1	netsearchsoft.com
127.0.0.1	www.netsearchsoft.com
127.0.0.1	netshastra.net
127.0.0.1	netspyprotector.com
127.0.0.1	www.netspyprotector.com
127.0.0.1	netster.com
127.0.0.1	www.netster.com
127.0.0.1	nettime.ru
127.0.0.1	nettracker.jps.ru
127.0.0.1	netyellowpages.info
127.0.0.1	netzany.com
127.0.0.1	nevest.net
127.0.0.1	new.wonder-context.com
127.0.0.1	new2sh.net
127.0.0.1	www.new2sh.net
127.0.0.1	newcategories.com
127.0.0.1	newcracks.com
127.0.0.1	newcracks.net
127.0.0.1	newiframe.biz
127.0.0.1	new-incest.com
127.0.0.1	newlife-lajolla.com
127.0.0.1	newmediaidea.com
127.0.0.1	www.newmediaidea.com
127.0.0.1	new-search.net
127.0.0.1	newsexgate.com
127.0.0.1	newtonknows.com
127.0.0.1	newtonsracks.com
127.0.0.1	newtoolbar.biz
127.0.0.1	www.newtoolbar.biz
127.0.0.1	newtopsites.com
127.0.0.1	www.newtopsites.com
127.0.0.1	newupdates.lzio.com
127.0.0.1	newvidscodec.net
127.0.0.1	www.newvidscodec.net
127.0.0.1	newxpics.com
127.0.0.1	n-glx.s-redirect.com
127.0.0.1	nhlsportsbook.net
127.0.0.1	niagaracapital.com
127.0.0.1	nibo.it
127.0.0.1	www.nibo.it
127.0.0.1	nicemoviejokes.com
127.0.0.1	www.nicemoviejokes.com
127.0.0.1	nice-movie-jokes.com
127.0.0.1	niche-tv.com
127.0.0.1	nige.it
127.0.0.1	www.nige.it
127.0.0.1	ninoa.com
127.0.0.1	nipd.it
127.0.0.1	www.nipd.it
127.0.0.1	nipg.it
127.0.0.1	www.nipg.it
127.0.0.1	nl.errorsafe.com
127.0.0.1	nmextensions.com
127.0.0.1	www.nmextensions.com
127.0.0.1	nmrba.com
127.0.0.1	nmsn.it
127.0.0.1	www.nmsn.it
127.0.0.1	noblindlinks.com
127.0.0.1	www.noblindlinks.com
127.0.0.1	nocalories.net
127.0.0.1	nocensor.com
127.0.0.1	nonameforthisdomain.com
127.0.0.1	www.nonameforthisdomain.com
127.0.0.1	noogle.it
127.0.0.1	www.noogle.it
127.0.0.1	noproblemsurf.com
127.0.0.1	northernsoulclub.com
127.0.0.1	www.northernsoulclub.com
127.0.0.1	nospywaresoft.com
127.0.0.1	www.nospywaresoft.com
127.0.0.1	notify.ifeelyou.info
127.0.0.1	nowhere.180solutions.com
127.0.0.1	nownames.org
127.0.0.1	www.nownames.org
127.0.0.1	nowsearchonline.org
127.0.0.1	www.nowsearchonline.org
127.0.0.1	nsbabes.com
127.0.0.1	ntcor.com
127.0.0.1	www.ntcor.com
127.0.0.1	nuclearwitness.org
127.0.0.1	n-udd.com
127.0.0.1	numb-soft.com
127.0.0.1	www.numb-soft.com
127.0.0.1	nunah.info
127.0.0.1	www.nunah.info
127.0.0.1	nursemania.com
127.0.0.1	nvntour.com
127.0.0.1	nvphall.org
127.0.0.1	nylonporn.com
127.0.0.1	www.nylonporn.com
127.0.0.1	nylonpornmag.com
127.0.0.1	www.nylonpornmag.com
127.0.0.1	nylonsexy.com
127.0.0.1	oaginebianche.it
127.0.0.1	www.oaginebianche.it
127.0.0.1	oborot.com
127.0.0.1	ocalalivestockmarket.com
127.0.0.1	ocsff.com
127.0.0.1	oddsjackpot.info
127.0.0.1	www.oddsjackpot.info
127.0.0.1	oeatlanta.com
127.0.0.1	offers.bullseye-network.com
127.0.0.1	www.offers.bullseye-network.com
127.0.0.1	offers.ukiee.com
127.0.0.1	official-avg-download-now.com
127.0.0.1	www.official-avg-download-now.com
127.0.0.1	official--software.com
127.0.0.1	www.official--software.com
127.0.0.1	ofuxico.uol.com.br
127.0.0.1	ogogle.it
127.0.0.1	www.ogogle.it
127.0.0.1	oharrowsearch.com
127.0.0.1	oibero.it
127.0.0.1	www.oibero.it
127.0.0.1	okataweb.it
127.0.0.1	www.okataweb.it
127.0.0.1	okmmm.com
127.0.0.1	www.okmmm.com
127.0.0.1	ok-search.com
127.0.0.1	okulta.com
127.0.0.1	oldflock.com
127.0.0.1	www.oldflock.com
127.0.0.1	olibero.it
127.0.0.1	www.olibero.it
127.0.0.1	omegabrains.net
127.0.0.1	omega-search.com
127.0.0.1	oneclicksearches.com
127.0.0.1	onemoresearch.net
127.0.0.1	onerateld.com
127.0.0.1	www.onerateld.com
127.0.0.1	onli-ne.com
127.0.0.1	www.onli-ne.com
127.0.0.1	online-casino-1.net
127.0.0.1	online-casino-bonus.info
127.0.0.1	online-casinos-x.com
127.0.0.1	onlineclick.net
127.0.0.1	online-fernsehen.tv
127.0.0.1	www.online-fernsehen.tv
127.0.0.1	online-more.com
127.0.0.1	www.online-more.com
127.0.0.1	onlineplayer.tv
127.0.0.1	www.onlineplayer.tv
127.0.0.1	onlinesafepro.com
127.0.0.1	www.onlinesafepro.com
127.0.0.1	onlinesecuritynet.com
127.0.0.1	www.onlinesecuritynet.com
127.0.0.1	onlinesecurityworld.com
127.0.0.1	www.onlinesecurityworld.com
127.0.0.1	onlineserverz.com
127.0.0.1	onlinetradings.net
127.0.0.1	onlinevideoset.com
127.0.0.1	www.onlinevideoset.com
127.0.0.1	online-winning.net
127.0.0.1	onlycunt.com
127.0.0.1	onlyinsured.com
127.0.0.1	onlysex.ws
127.0.0.1	only-virgins.com
127.0.0.1	onporn.info
127.0.0.1	www.onporn.info
127.0.0.1	oogle.it
127.0.0.1	www.oogle.it
127.0.0.1	opaginebianche.it
127.0.0.1	www.opaginebianche.it
127.0.0.1	operanabuco.com
127.0.0.1	opsex.com
127.0.0.1	Orantiespion.com
127.0.0.1	www.Orantiespion.com
127.0.0.1	orbitexplorer.com
127.0.0.1	oregoncharters.org
127.0.0.1	oridian.com
127.0.0.1	www.oridian.com
127.0.0.1	ormandcompany.com
127.0.0.1	orriere.it
127.0.0.1	www.orriere.it
127.0.0.1	ossoalice.it
127.0.0.1	www.ossoalice.it
127.0.0.1	otcmomo.com
127.0.0.1	other-baccarat.info
127.0.0.1	www.other-baccarat.info
127.0.0.1	otherchance.com
127.0.0.1	www.otherchance.com
127.0.0.1	othergold.info
127.0.0.1	www.othergold.info
127.0.0.1	otrlives.com
127.0.0.1	out.true-counter.com
127.0.0.1	outerinfo.com
127.0.0.1	www.outerinfo.com
127.0.0.1	outlook-express-utilities.com
127.0.0.1	www.outlook-express-utilities.com
127.0.0.1	overpro.com
127.0.0.1	owntibia.com
127.0.0.1	www.owntibia.com
127.0.0.1	oxfordclockrepairs.co.uk
127.0.0.1	www.oxfordclockrepairs.co.uk
127.0.0.1	ozawamadoka.com
127.0.0.1	ozonung.biz
127.0.0.1	www.ozonung.biz
127.0.0.1	p0rt2.com
127.0.0.1	p2p-heute.de
127.0.0.1	www.p2p-heute.de
127.0.0.1	p2psoft.biz
127.0.0.1	www.p2psoft.biz
127.0.0.1	paaginebianche.it
127.0.0.1	www.paaginebianche.it
127.0.0.1	pafginebianche.it
127.0.0.1	www.pafginebianche.it
127.0.0.1	pafinebianche.it
127.0.0.1	www.pafinebianche.it
127.0.0.1	pafinegialle.it
127.0.0.1	www.pafinegialle.it
127.0.0.1	pagfinebianche.it
127.0.0.1	www.pagfinebianche.it
127.0.0.1	paghinebianche.it
127.0.0.1	www.paghinebianche.it
127.0.0.1	pagibegialle.it
127.0.0.1	www.pagibegialle.it
127.0.0.1	pagiegialle.it
127.0.0.1	www.pagiegialle.it
127.0.0.1	pagiinebianche.it
127.0.0.1	www.pagiinebianche.it
127.0.0.1	pagimebianche.it
127.0.0.1	www.pagimebianche.it
127.0.0.1	pagimegialle.it
127.0.0.1	www.pagimegialle.it
127.0.0.1	pagimnebianche.it
127.0.0.1	www.pagimnebianche.it
127.0.0.1	paginbianche.it
127.0.0.1	www.paginbianche.it
127.0.0.1	paginebbianche.it
127.0.0.1	www.paginebbianche.it
127.0.0.1	paginebiaanche.it
127.0.0.1	www.paginebiaanche.it
127.0.0.1	paginebiamche.it
127.0.0.1	www.paginebiamche.it
127.0.0.1	paginebiamnche.it
127.0.0.1	www.paginebiamnche.it
127.0.0.1	paginebiancche.it
127.0.0.1	www.paginebiancche.it
127.0.0.1	paginebiancge.it
127.0.0.1	www.paginebiancge.it
127.0.0.1	paginebiancghe.it
127.0.0.1	www.paginebiancghe.it
127.0.0.1	paginebianchee.it
127.0.0.1	www.paginebianchee.it
127.0.0.1	paginebiancher.it
127.0.0.1	www.paginebiancher.it
127.0.0.1	paginebianchew.it
127.0.0.1	www.paginebianchew.it
127.0.0.1	paginebianchge.it
127.0.0.1	www.paginebianchge.it
127.0.0.1	paginebianchhe.it
127.0.0.1	www.paginebianchhe.it
127.0.0.1	paginebianchr.it
127.0.0.1	www.paginebianchr.it
127.0.0.1	paginebianchre.it
127.0.0.1	www.paginebianchre.it
127.0.0.1	paginebianchwe.it
127.0.0.1	www.paginebianchwe.it
127.0.0.1	paginebiancjhe.it
127.0.0.1	www.paginebiancjhe.it
127.0.0.1	paginebiancvhe.it
127.0.0.1	www.paginebiancvhe.it
127.0.0.1	paginebiancxhe.it
127.0.0.1	www.paginebiancxhe.it
127.0.0.1	paginebianmche.it
127.0.0.1	www.paginebianmche.it
127.0.0.1	paginebiannche.it
127.0.0.1	www.paginebiannche.it
127.0.0.1	paginebianvche.it
127.0.0.1	www.paginebianvche.it
127.0.0.1	paginebianvhe.it
127.0.0.1	www.paginebianvhe.it
127.0.0.1	paginebianxche.it
127.0.0.1	www.paginebianxche.it
127.0.0.1	paginebiasnche.it
127.0.0.1	paginebiianche.it
127.0.0.1	www.paginebiianche.it
127.0.0.1	paginebioanche.it
127.0.0.1	www.paginebioanche.it
127.0.0.1	paginebisanche.it
127.0.0.1	www.paginebisanche.it
127.0.0.1	paginebiuanche.it
127.0.0.1	www.paginebiuanche.it
127.0.0.1	paginebnianche.it
127.0.0.1	www.paginebnianche.it
127.0.0.1	pagineboianche.it
127.0.0.1	www.pagineboianche.it
127.0.0.1	paginebuanche.it
127.0.0.1	www.paginebuanche.it
127.0.0.1	paginebuianche.it
127.0.0.1	www.paginebuianche.it
127.0.0.1	pagineebianche.it
127.0.0.1	www.pagineebianche.it
127.0.0.1	paginefialle.it
127.0.0.1	www.paginefialle.it
127.0.0.1	paginegalle.it
127.0.0.1	www.paginegalle.it
127.0.0.1	paginegiaklle.it
127.0.0.1	www.paginegiaklle.it
127.0.0.1	paginegialkle.it
127.0.0.1	www.paginegialkle.it
127.0.0.1	paginegiallee.it
127.0.0.1	www.paginegiallee.it
127.0.0.1	paginegialler.it
127.0.0.1	www.paginegialler.it
127.0.0.1	paginegiallew.it
127.0.0.1	www.paginegiallew.it
127.0.0.1	paginegiallw.it
127.0.0.1	www.paginegiallw.it
127.0.0.1	paginegille.it
127.0.0.1	www.paginegille.it
127.0.0.1	paginegoalle.it
127.0.0.1	www.paginegoalle.it
127.0.0.1	paginegualle.it
127.0.0.1	www.paginegualle.it
127.0.0.1	pagineialle.it
127.0.0.1	www.pagineialle.it
127.0.0.1	pagineianche.it
127.0.0.1	www.pagineianche.it
127.0.0.1	paginenianche.it
127.0.0.1	www.paginenianche.it
127.0.0.1	paginerbianche.it
127.0.0.1	www.paginerbianche.it
127.0.0.1	paginevbianche.it
127.0.0.1	www.paginevbianche.it
127.0.0.1	paginevianche.it
127.0.0.1	www.paginevianche.it
127.0.0.1	paginewbianche.it
127.0.0.1	www.paginewbianche.it
127.0.0.1	paginnebianche.it
127.0.0.1	www.paginnebianche.it
127.0.0.1	paginrbianche.it
127.0.0.1	www.paginrbianche.it
127.0.0.1	paginrebianche.it
127.0.0.1	www.paginrebianche.it
127.0.0.1	paginrgialle.it
127.0.0.1	www.paginrgialle.it
127.0.0.1	paginwebianche.it
127.0.0.1	www.paginwebianche.it
127.0.0.1	pagionebianche.it
127.0.0.1	www.pagionebianche.it
127.0.0.1	pagiunebianche.it
127.0.0.1	www.pagiunebianche.it
127.0.0.1	pagnebianche.it
127.0.0.1	www.pagnebianche.it
127.0.0.1	pagnegialle.it
127.0.0.1	www.pagnegialle.it
127.0.0.1	pagoinebianche.it
127.0.0.1	www.pagoinebianche.it
127.0.0.1	pagonebianche.it
127.0.0.1	www.pagonebianche.it
127.0.0.1	pagonegialle.it
127.0.0.1	www.pagonegialle.it
127.0.0.1	paguinebianche.it
127.0.0.1	www.paguinebianche.it
127.0.0.1	pagunegialle.it
127.0.0.1	www.pagunegialle.it
127.0.0.1	pahginebianche.it
127.0.0.1	www.pahginebianche.it
127.0.0.1	paigesummer.com
127.0.0.1	painegialle.it
127.0.0.1	www.painegialle.it
127.0.0.1	pamelacollections.com
127.0.0.1	panamcup.com
127.0.0.1	pandaantivirus-2007.com
127.0.0.1	www.pandaantivirus-2007.com
127.0.0.1	pandadownload-now.com
127.0.0.1	www.pandadownload-now.com
127.0.0.1	panda-hq.com
127.0.0.1	www.panda-hq.com
127.0.0.1	panet.org
127.0.0.1	www.panet.org
127.0.0.1	pantygirls4u.com
127.0.0.1	pantyhoserealm.com
127.0.0.1	pantyplace.com
127.0.0.1	pardize-search.net
127.0.0.1	www.pardize-search.net
127.0.0.1	partner23.firehunt.com
127.0.0.1	party-ticket.com
127.0.0.1	www.party-ticket.com
127.0.0.1	pasginebianche.it
127.0.0.1	www.pasginebianche.it
127.0.0.1	passthison.com
127.0.0.1	passtosites.net
127.0.0.1	www.passtosites.net
127.0.0.1	pastubes.com
127.0.0.1	paulapage.com
127.0.0.1	paulhoover.com
127.0.0.1	payfortraffic.net
127.0.0.1	paypopup.com
127.0.0.1	www.paypopup.com
127.0.0.1	pcadprotector.cc
127.0.0.1	www.pcadprotector.cc
127.0.0.1	pcflashsoft.com
127.0.0.1	www.pcflashsoft.com
127.0.0.1	pcgewinnen.de
127.0.0.1	www.pcgewinnen.de
127.0.0.1	pcodec.com
127.0.0.1	www.pcodec.com
127.0.0.1	Pc-on-internet.com
127.0.0.1	www.Pc-on-internet.com
127.0.0.1	pcspyremover.com
127.0.0.1	pdesoftware.com
127.0.0.1	www.pdesoftware.com
127.0.0.1	pedo.ws
127.0.0.1	people.1gb.ru
127.0.0.1	perfectcodec.com
127.0.0.1	www.perfectcodec.com
127.0.0.1	perfectedsecurity.com
127.0.0.1	www.perfectedsecurity.com

Julien · Answer

On va y arriver...

Part. 4 : 

127.0.0.1	perlink.biz
127.0.0.1	www.perlink.biz
127.0.0.1	pervertbot.com
127.0.0.1	pestcapture.com
127.0.0.1	www.pestcapture.com
127.0.0.1	pestrap.com
127.0.0.1	www.pestrap.com
127.0.0.1	pesttrap.com
127.0.0.1	www.pesttrap.com
127.0.0.1	pginegialle.it
127.0.0.1	www.pginegialle.it
127.0.0.1	pharmacy2003.com
127.0.0.1	pharma-diet-pills.com
127.0.0.1	pharmalocator.com
127.0.0.1	phendimetrazine-tenuate-adipex.com
127.0.0.1	photoshop.downloadzcentral.com
127.0.0.1	www.photoshop.downloadzcentral.com
127.0.0.1	photoshop.softwarecenterz.com
127.0.0.1	www.photoshop.softwarecenterz.com
127.0.0.1	photoshop-stop.com
127.0.0.1	www.photoshop-stop.com
127.0.0.1	pibero.it
127.0.0.1	www.pibero.it
127.0.0.1	picsdir.com
127.0.0.1	picsforbucks.com
127.0.0.1	picsofseductiveladies.com
127.0.0.1	pics-videos.com
127.0.0.1	picture-posters.com
127.0.0.1	picturesspot.com
127.0.0.1	www.picturesspot.com
127.0.0.1	pills-birth-control.com
127.0.0.1	pillsmall.com
127.0.0.1	pilotcodec.com
127.0.0.1	www.pilotcodec.com
127.0.0.1	pilotronix.com
127.0.0.1	pimasoft.com
127.0.0.1	www.pimasoft.com
127.0.0.1	pinaccesscode.com
127.0.0.1	www.pinaccesscode.com
127.0.0.1	ping.180solutions.com
127.0.0.1	pixpox.com
127.0.0.1	pizdato.biz
127.0.0.1	planemusic.com
127.0.0.1	play3w.com
127.0.0.1	www.play3w.com
127.0.0.1	playbrowse.com
127.0.0.1	www.playbrowse.com
127.0.0.1	playcodecs.com
127.0.0.1	www.playcodecs.com
127.0.0.1	player-codec.com
127.0.0.1	www.player-codec.com
127.0.0.1	playercodec.net
127.0.0.1	www.playercodec.net
127.0.0.1	player-codec.net
127.0.0.1	www.player-codec.net
127.0.0.1	playerscodec.com
127.0.0.1	www.playerscodec.com
127.0.0.1	play-lolita.com
127.0.0.1	playon.play3w.com
127.0.0.1	play-ticket.com
127.0.0.1	www.play-ticket.com
127.0.0.1	plibero.it
127.0.0.1	www.plibero.it
127.0.0.1	plus-play.com
127.0.0.1	www.plus-play.com
127.0.0.1	poaginebianche.it
127.0.0.1	www.poaginebianche.it
127.0.0.1	pochta.ru
127.0.0.1	www.pochta.ru
127.0.0.1	poiska.net
127.0.0.1	poker-casino-free.com
127.0.0.1	poker-games-free.net
127.0.0.1	polradiologia.com
127.0.0.1	pooi.net
127.0.0.1	popcodec.com
127.0.0.1	www.popcodec.com
127.0.0.1	popcorn.net
127.0.0.1	www.popcorn.net
127.0.0.1	popentertain.com
127.0.0.1	www.popentertain.com
127.0.0.1	pops.mmohsix.com
127.0.0.1	popunder.adtrgt.com
127.0.0.1	www.popunder.adtrgt.com
127.0.0.1	porn4porn.net
127.0.0.1	porncamz.com
127.0.0.1	pornfree.info
127.0.0.1	pornissex.com
127.0.0.1	www.pornissex.com
127.0.0.1	pornmagpass.com
127.0.0.1	www.pornmagpass.com
127.0.0.1	pornnightdreams.com
127.0.0.1	pornohome.net
127.0.0.1	www.pornohome.net
127.0.0.1	pornokopec.com
127.0.0.1	porn-party.net
127.0.0.1	www.porn-party.net
127.0.0.1	pornpic.org
127.0.0.1	porn-screen.com
127.0.0.1	pornstarspornmag.com
127.0.0.1	www.pornstarspornmag.com
127.0.0.1	porn-teacher.com
127.0.0.1	porntetris.com
127.0.0.1	porntwist.com
127.0.0.1	pornxxxfilm.com
127.0.0.1	www.pornxxxfilm.com
127.0.0.1	portal-ticket.com
127.0.0.1	www.portal-ticket.com
127.0.0.1	power-cleaner.com
127.0.0.1	powercodec.com
127.0.0.1	www.powercodec.com
127.0.0.1	powerdvd2007.info
127.0.0.1	www.powerdvd2007.info
127.0.0.1	powerdvd-7.com
127.0.0.1	www.powerdvd-7.com
127.0.0.1	powerwebsearch.com
127.0.0.1	ppaginebianche.it
127.0.0.1	www.ppaginebianche.it
127.0.0.1	prblitz.com
127.0.0.1	premiumtvchannels.com
127.0.0.1	www.premiumtvchannels.com
127.0.0.1	pretypics.com
127.0.0.1	pribalt.com
127.0.0.1	prime.webhancer.com
127.0.0.1	www.prime.webhancer.com
127.0.0.1	prisonbreakseason.tv
127.0.0.1	www.prisonbreakseason.tv
127.0.0.1	privacy-support.biz
127.0.0.1	privateaxsoftware.com
127.0.0.1	www.privateaxsoftware.com
127.0.0.1	private-dialer.biz
127.0.0.1	private-iframe.biz
127.0.0.1	privateporn.net
127.0.0.1	prolivation.com
127.0.0.1	promo.dollarrevenue.com
127.0.0.1	www.promo.dollarrevenue.com
127.0.0.1	prosearching.com
127.0.0.1	www.prosearching.com
127.0.0.1	prostactive.com
127.0.0.1	prostol.com
127.0.0.1	protectionssoft.com
127.0.0.1	www.protectionssoft.com
127.0.0.1	protectionwarn.com
127.0.0.1	www.protectionwarn.com
127.0.0.1	protectmypc.net
127.0.0.1	www.protectmypc.net
127.0.0.1	protect-yourself.biz
127.0.0.1	prsainlandempire.org
127.0.0.1	psaginebianche.it
127.0.0.1	www.psaginebianche.it
127.0.0.1	psginebianche.it
127.0.0.1	www.psginebianche.it
127.0.0.1	psginegialle.it
127.0.0.1	www.psginegialle.it
127.0.0.1	psn.cn
127.0.0.1	psyche-evolution.com
127.0.0.1	public.zangocash.com
127.0.0.1	www.public.zangocash.com
127.0.0.1	pussyharem.com
127.0.0.1	www.pussyharem.com
127.0.0.1	put-your-link-here.com
127.0.0.1	p-uud.com
127.0.0.1	pyrocorp.com
127.0.0.1	q36.cn
127.0.0.1	www.q36.cn
127.0.0.1	qalitalia.it
127.0.0.1	www.qalitalia.it
127.0.0.1	qippi.com
127.0.0.1	www.qippi.com
127.0.0.1	qiudheadsd.com
127.0.0.1	www.qiudheadsd.com
127.0.0.1	qmex.psyche-evolution.com
127.0.0.1	www.qmex.psyche-evolution.com
127.0.0.1	qnavigate.com
127.0.0.1	www.qnavigate.com
127.0.0.1	qualitycodec.com
127.0.0.1	www.qualitycodec.com
127.0.0.1	quick.searchfromyourbrowser.net
127.0.0.1	quickiefilez.com
127.0.0.1	www.quickiefilez.com
127.0.0.1	quicklaunch.com
127.0.0.1	quick-search.ws
127.0.0.1	quicksearch360.com
127.0.0.1	www.quicksearch360.com
127.0.0.1	quicktime.downloadzcenter.com
127.0.0.1	www.quicktime.downloadzcenter.com
127.0.0.1	quicktime-download-now.com
127.0.0.1	www.quicktime-download-now.com
127.0.0.1	quiksearchgenealogy.com
127.0.0.1	qwecompany.com
127.0.0.1	www.qwecompany.com
127.0.0.1	r.babenet.com
127.0.0.1	r16254.coolservecorp.net
127.0.0.1	rack.cc
127.0.0.1	radfrall.org
127.0.0.1	ramgo.com
127.0.0.1	ranafrog.ne
127.0.0.1	rapegate.com
127.0.0.1	rapid-pass.net
127.0.0.1	www.rapid-pass.net
127.0.0.1	rawtocash.net
127.0.0.1	www.rawtocash.net
127.0.0.1	razespyware.net
127.0.0.1	www.razespyware.net
127.0.0.1	rb37.com
127.0.0.1	rbay.it
127.0.0.1	www.rbay.it
127.0.0.1	rbnnetwork.com
127.0.0.1	www.rbnnetwork.com
127.0.0.1	rc.rizalof.com
127.0.0.1	rdepubblica.it
127.0.0.1	www.rdepubblica.it
127.0.0.1	readagreement.net
127.0.0.1	www.readagreement.net
127.0.0.1	realarea.biz
127.0.0.1	realfet.com
127.0.0.1	realm.superbahamas.com
127.0.0.1	www.realm.superbahamas.com
127.0.0.1	realphx.com
127.0.0.1	realplayer-download-now.com
127.0.0.1	www.realplayer-download-now.com
127.0.0.1	realplayer-hq.com
127.0.0.1	www.realplayer-hq.com
127.0.0.1	rebay.it
127.0.0.1	www.rebay.it
127.0.0.1	redbudbmx.com
127.0.0.1	redfunny.com
127.0.0.1	redir.ws
127.0.0.1	www.redir.ws
127.0.0.1	redirect.msupdate.net
127.0.0.1	redpubblica.it
127.0.0.1	www.redpubblica.it
127.0.0.1	reepubblica.it
127.0.0.1	www.reepubblica.it
127.0.0.1	refinance-help.com
127.0.0.1	refpubblica.it
127.0.0.1	www.refpubblica.it
127.0.0.1	regfreeze.com
127.0.0.1	registrycleanersite.com
127.0.0.1	www.registrycleanersite.com
127.0.0.1	releaseforlife.com
127.0.0.1	www.releaseforlife.com
127.0.0.1	relevantknowledge.com
127.0.0.1	www.relevantknowledge.com
127.0.0.1	relpubblica.it
127.0.0.1	www.relpubblica.it
127.0.0.1	remedyantispy.com
127.0.0.1	www.remedyantispy.com
127.0.0.1	removeearthkeepers.org
127.0.0.1	remsys.org
127.0.0.1	reopubblica.it
127.0.0.1	www.reopubblica.it
127.0.0.1	reossoalice.it
127.0.0.1	www.reossoalice.it
127.0.0.1	reoubblica.it
127.0.0.1	www.reoubblica.it
127.0.0.1	repbblica.it
127.0.0.1	www.repbblica.it
127.0.0.1	rephubblica.it
127.0.0.1	www.rephubblica.it
127.0.0.1	repibblica.it
127.0.0.1	www.repibblica.it
127.0.0.1	repiubblica.it
127.0.0.1	www.repiubblica.it
127.0.0.1	replubblica.it
127.0.0.1	www.replubblica.it
127.0.0.1	report.dropspam.com
127.0.0.1	repoubblica.it
127.0.0.1	www.repoubblica.it
127.0.0.1	repubbglica.it
127.0.0.1	www.repubbglica.it
127.0.0.1	repubbhlica.it
127.0.0.1	www.repubbhlica.it
127.0.0.1	repubbkica.it
127.0.0.1	www.repubbkica.it
127.0.0.1	repubbklica.it
127.0.0.1	www.repubbklica.it
127.0.0.1	repubblicaa.it
127.0.0.1	www.repubblicaa.it
127.0.0.1	repubblicaq.it
127.0.0.1	www.repubblicaq.it
127.0.0.1	repubblicas.it
127.0.0.1	www.repubblicas.it
127.0.0.1	repubblicca.it
127.0.0.1	www.repubblicca.it
127.0.0.1	repubblicda.it
127.0.0.1	www.repubblicda.it
127.0.0.1	repubblicfa.it
127.0.0.1	www.repubblicfa.it
127.0.0.1	repubblics.it
127.0.0.1	www.repubblics.it
127.0.0.1	repubblicsa.it
127.0.0.1	www.repubblicsa.it
127.0.0.1	repubblicva.it
127.0.0.1	www.repubblicva.it
127.0.0.1	repubblicza.it
127.0.0.1	www.repubblicza.it
127.0.0.1	repubblidca.it
127.0.0.1	www.repubblidca.it
127.0.0.1	repubblifca.it
127.0.0.1	www.repubblifca.it
127.0.0.1	repubbliica.it
127.0.0.1	www.repubbliica.it
127.0.0.1	repubblilca.it
127.0.0.1	www.repubblilca.it
127.0.0.1	repubblioca.it
127.0.0.1	www.repubblioca.it
127.0.0.1	repubbliuca.it
127.0.0.1	www.repubbliuca.it
127.0.0.1	repubbliva.it
127.0.0.1	www.repubbliva.it
127.0.0.1	repubblivca.it
127.0.0.1	www.repubblivca.it
127.0.0.1	repubblixa.it
127.0.0.1	www.repubblixa.it
127.0.0.1	repubblixca.it
127.0.0.1	www.repubblixca.it
127.0.0.1	repubbllica.it
127.0.0.1	www.repubbllica.it
127.0.0.1	repubbloca.it
127.0.0.1	www.repubbloca.it
127.0.0.1	repubbloica.it
127.0.0.1	www.repubbloica.it
127.0.0.1	repubblpica.it
127.0.0.1	www.repubblpica.it
127.0.0.1	repubbluica.it
127.0.0.1	www.repubbluica.it
127.0.0.1	repubbnlica.it
127.0.0.1	www.repubbnlica.it
127.0.0.1	repubbolica.it
127.0.0.1	www.repubbolica.it
127.0.0.1	repubbplica.it
127.0.0.1	www.repubbplica.it
127.0.0.1	repubbvlica.it
127.0.0.1	www.repubbvlica.it
127.0.0.1	repubnblica.it
127.0.0.1	www.repubnblica.it
127.0.0.1	repubnlica.it
127.0.0.1	www.repubnlica.it
127.0.0.1	repubvblica.it
127.0.0.1	www.repubvblica.it
127.0.0.1	repubvlica.it
127.0.0.1	www.repubvlica.it
127.0.0.1	repugbblica.it
127.0.0.1	www.repugbblica.it
127.0.0.1	repuhbblica.it
127.0.0.1	www.repuhbblica.it
127.0.0.1	repuibblica.it
127.0.0.1	www.repuibblica.it
127.0.0.1	repunbblica.it
127.0.0.1	www.repunbblica.it
127.0.0.1	repunblica.it
127.0.0.1	www.repunblica.it
127.0.0.1	repuubblica.it
127.0.0.1	www.repuubblica.it
127.0.0.1	repuvbblica.it
127.0.0.1	www.repuvbblica.it
127.0.0.1	repuvblica.it
127.0.0.1	www.repuvblica.it
127.0.0.1	repybblica.it
127.0.0.1	www.repybblica.it
127.0.0.1	repyubblica.it
127.0.0.1	www.repyubblica.it
127.0.0.1	rerpubblica.it
127.0.0.1	www.rerpubblica.it
127.0.0.1	Rescatedeamenazas.com
127.0.0.1	www.Rescatedeamenazas.com
127.0.0.1	reserved-company.info
127.0.0.1	www.reserved-company.info
127.0.0.1	resultplacement.com
127.0.0.1	www.resultplacement.com
127.0.0.1	reubblica.it
127.0.0.1	www.reubblica.it
127.0.0.1	review-play.com
127.0.0.1	www.review-play.com
127.0.0.1	reviewsit.net
127.0.0.1	www.reviewsit.net
127.0.0.1	revolto3.da.ru
127.0.0.1	revolt-search.com
127.0.0.1	www.revolt-search.com
127.0.0.1	rewpubblica.it
127.0.0.1	www.rewpubblica.it
127.0.0.1	rf104.com
127.0.0.1	rfepubblica.it
127.0.0.1	www.rfepubblica.it
127.0.0.1	rfthud.com
127.0.0.1	www.rfthud.com
127.0.0.1	rgepubblica.it
127.0.0.1	www.rgepubblica.it
127.0.0.1	rich777.greatbahamas.com
127.0.0.1	www.rich777.greatbahamas.com
127.0.0.1	ridewash.com
127.0.0.1	www.ridewash.com
127.0.0.1	rightfinder.net
127.0.0.1	riscali.it
127.0.0.1	www.riscali.it
127.0.0.1	ritztours.com
127.0.0.1	www.ritztours.com
127.0.0.1	rizalof.com
127.0.0.1	www.rizalof.com
127.0.0.1	rms.vapochille.com
127.0.0.1	rng650.greatbahamas.com
127.0.0.1	www.rng650.greatbahamas.com
127.0.0.1	roar.com
127.0.0.1	roassoalice.it
127.0.0.1	www.roassoalice.it
127.0.0.1	robbsproshop.com
127.0.0.1	robertferencz.com
127.0.0.1	rocketsearch.com
127.0.0.1	roissoalice.it
127.0.0.1	www.roissoalice.it
127.0.0.1	roogle.it
127.0.0.1	www.roogle.it
127.0.0.1	roossoalice.it
127.0.0.1	www.roossoalice.it
127.0.0.1	ropssoalice.it
127.0.0.1	www.ropssoalice.it
127.0.0.1	rosaoalice.it
127.0.0.1	www.rosaoalice.it
127.0.0.1	rosasoalice.it
127.0.0.1	www.rosasoalice.it
127.0.0.1	rossaoalice.it
127.0.0.1	www.rossaoalice.it
127.0.0.1	rossdoalice.it
127.0.0.1	www.rossdoalice.it
127.0.0.1	rossoaalice.it
127.0.0.1	www.rossoaalice.it
127.0.0.1	rossoaice.it
127.0.0.1	www.rossoaice.it
127.0.0.1	rossoalce.it
127.0.0.1	www.rossoalce.it
127.0.0.1	rossoalic.it
127.0.0.1	www.rossoalic.it
127.0.0.1	rossoalicce.it
127.0.0.1	www.rossoalicce.it
127.0.0.1	rossoalicee.it
127.0.0.1	www.rossoalicee.it
127.0.0.1	rossoalicer.it
127.0.0.1	www.rossoalicer.it
127.0.0.1	rossoalicew.it
127.0.0.1	www.rossoalicew.it
127.0.0.1	rossoalicr.it
127.0.0.1	www.rossoalicr.it
127.0.0.1	rossoalicre.it
127.0.0.1	www.rossoalicre.it
127.0.0.1	rossoalicve.it
127.0.0.1	www.rossoalicve.it
127.0.0.1	rossoalicw.it
127.0.0.1	www.rossoalicw.it
127.0.0.1	rossoalicwe.it
127.0.0.1	www.rossoalicwe.it
127.0.0.1	rossoalicxe.it
127.0.0.1	www.rossoalicxe.it
127.0.0.1	rossoalie.it
127.0.0.1	www.rossoalie.it
127.0.0.1	rossoaliice.it
127.0.0.1	www.rossoaliice.it
127.0.0.1	rossoalioce.it
127.0.0.1	www.rossoalioce.it
127.0.0.1	rossoalivce.it
127.0.0.1	www.rossoalivce.it
127.0.0.1	rossoalive.it
127.0.0.1	www.rossoalive.it
127.0.0.1	rossoalixce.it
127.0.0.1	www.rossoalixce.it
127.0.0.1	rossoalixe.it
127.0.0.1	www.rossoalixe.it
127.0.0.1	rossoalkice.it
127.0.0.1	www.rossoalkice.it
127.0.0.1	rossoallice.it
127.0.0.1	www.rossoallice.it
127.0.0.1	rossoaloce.it
127.0.0.1	www.rossoaloce.it
127.0.0.1	rossoaloice.it
127.0.0.1	www.rossoaloice.it
127.0.0.1	rossoaluce.it
127.0.0.1	www.rossoaluce.it
127.0.0.1	rossoaslice.it
127.0.0.1	www.rossoaslice.it
127.0.0.1	rossolice.it
127.0.0.1	www.rossolice.it
127.0.0.1	rossooalice.it
127.0.0.1	www.rossooalice.it
127.0.0.1	rossopalice.it
127.0.0.1	www.rossopalice.it
127.0.0.1	rossosalice.it
127.0.0.1	www.rossosalice.it
127.0.0.1	rosspalice.it
127.0.0.1	www.rosspalice.it
127.0.0.1	rosspoalice.it
127.0.0.1	www.rosspoalice.it
127.0.0.1	rosssoalice.it
127.0.0.1	www.rosssoalice.it
127.0.0.1	rotocasters.com
127.0.0.1	royalsearch.net
127.0.0.1	rrenitalia.it
127.0.0.1	www.rrenitalia.it
127.0.0.1	rrepubblica.it
127.0.0.1	www.rrepubblica.it
127.0.0.1	rrossoalice.it
127.0.0.1	www.rrossoalice.it
127.0.0.1	rrpubblica.it
127.0.0.1	www.rrpubblica.it
127.0.0.1	rsepubblica.it
127.0.0.1	www.rsepubblica.it
127.0.0.1	rssoalice.it
127.0.0.1	www.rssoalice.it
127.0.0.1	rsztriv-avxiz.biz
127.0.0.1	www.rsztriv-avxiz.biz
127.0.0.1	rtepubblica.it
127.0.0.1	www.rtepubblica.it
127.0.0.1	rtiscali.it
127.0.0.1	www.rtiscali.it
127.0.0.1	rtossoalice.it
127.0.0.1	www.rtossoalice.it
127.0.0.1	rtrenitalia.it
127.0.0.1	www.rtrenitalia.it
127.0.0.1	rtuttogratis.it
127.0.0.1	www.rtuttogratis.it
127.0.0.1	rub.to
127.0.0.1	runsearch.com
127.0.0.1	russiansponsor.com
127.0.0.1	russogay.com
127.0.0.1	ruworld.com
127.0.0.1	rwepubblica.it
127.0.0.1	www.rwepubblica.it
127.0.0.1	rzvonporn.com
127.0.0.1	www.rzvonporn.com
127.0.0.1	s1.bestmanage.org
127.0.0.1	s1.truth-is-out-there.org
127.0.0.1	s1s1s1search.com
127.0.0.1	www.s1s1s1search.com
127.0.0.1	s2.bestmanage.org
127.0.0.1	s2.exocrew.com
127.0.0.1	s2.truth-is-out-there.org
127.0.0.1	s3.bestmanage.org
127.0.0.1	s3.truth-is-out-there.org
127.0.0.1	s4.bestmanage.org
127.0.0.1	s4.truth-is-out-there.org
127.0.0.1	s5.bestmanage.org
127.0.0.1	s5.truth-is-out-there.org
127.0.0.1	s59.cnzz.com
127.0.0.1	s6.bestmanage.org
127.0.0.1	s6.truth-is-out-there.org
127.0.0.1	s7.bestmanage.org
127.0.0.1	s7.truth-is-out-there.org
127.0.0.1	s8.bestmanage.org
127.0.0.1	s8.truth-is-out-there.org
127.0.0.1	s9.bestmanage.org
127.0.0.1	s9.truth-is-out-there.org
127.0.0.1	sacitylife.com
127.0.0.1	safeiepage.com
127.0.0.1	www.safeiepage.com
127.0.0.1	safe-sales.biz
127.0.0.1	www.safe-sales.biz
127.0.0.1	safetydefender.com
127.0.0.1	www.safetydefender.com
127.0.0.1	safetyhall.com
127.0.0.1	www.safetyhall.com
127.0.0.1	safetyhomepage.com
127.0.0.1	www.safetyhomepage.com
127.0.0.1	safetypropage.com
127.0.0.1	www.safetypropage.com
127.0.0.1	safetyuptodate.com
127.0.0.1	www.safetyuptodate.com
127.0.0.1	salitalia.it
127.0.0.1	www.salitalia.it
127.0.0.1	samplegals.com
127.0.0.1	samz.com
127.0.0.1	sandracounter.com
127.0.0.1	www.sandracounter.com
127.0.0.1	saoe.com
127.0.0.1	saupereva.it
127.0.0.1	www.saupereva.it
127.0.0.1	savehits.com
127.0.0.1	www.savehits.com
127.0.0.1	saveli.com
127.0.0.1	www.saveli.com
127.0.0.1	sbee.com
127.0.0.1	sbjr.com
127.0.0.1	sbnl.com
127.0.0.1	sbnt.com
127.0.0.1	sbssurvivor.com
127.0.0.1	sbvr.com
127.0.0.1	scanandrepair.com
127.0.0.1	www.scanandrepair.com
127.0.0.1	scarypix.com
127.0.0.1	scbm.com
127.0.0.1	sccdnet.com
127.0.0.1	schoolforest.com
127.0.0.1	sckr.com
127.0.0.1	scoobidoo.com
127.0.0.1	screensaver.it
127.0.0.1	www.screensaver.it
127.0.0.1	scripts.downloadv3.com
127.0.0.1	scrk.com
127.0.0.1	sd.ncast.cn
127.0.0.1	www.sd.ncast.cn
127.0.0.1	sdbot.n3.net
127.0.0.1	sdl.surfsidekick.com
127.0.0.1	sdry.com
127.0.0.1	sdupereva.it
127.0.0.1	www.sdupereva.it
127.0.0.1	se.errorsafe.com
127.0.0.1	search.findthewebsiteyouneed.com
127.0.0.1	www.search.findthewebsiteyouneed.com
127.0.0.1	search.getfound.com
127.0.0.1	www.search.getfound.com
127.0.0.1	search.ieplugin.com
127.0.0.1	search.imiserver.com
127.0.0.1	search.keyword.exeupdate.com
127.0.0.1	search.netzany.com
127.0.0.1	search.psn.cn
127.0.0.1	search.rub.to
127.0.0.1	search.shopnav.com
127.0.0.1	search.xrenoder.com
127.0.0.1	search-1.net
127.0.0.1	search101online.com
127.0.0.1	www.search101online.com
127.0.0.1	search123forme.com
127.0.0.1	www.search123forme.com
127.0.0.1	search200.com
127.0.0.1	www.search200.com
127.0.0.1	search-2003.com
127.0.0.1	search2find.biz
127.0.0.1	www.search2find.biz
127.0.0.1	search345quest.com
127.0.0.1	www.search345quest.com
127.0.0.1	search-777.com
127.0.0.1	search-about.net
127.0.0.1	searchaccurate.com
127.0.0.1	searchadultweb.com
127.0.0.1	searchalot.com
127.0.0.1	searchandbrowse.com
127.0.0.1	searchandclick.com
127.0.0.1	searchbee.net
127.0.0.1	www.searchbee.net
127.0.0.1	searchbutler.com
127.0.0.1	searchbutler.org
127.0.0.1	searchbuttler.com
127.0.0.1	searchby.net
127.0.0.1	searchcentrix.com
127.0.0.1	searchclick.cc
127.0.0.1	searchclickads.net
127.0.0.1	www.searchclickads.net
127.0.0.1	searchcolours.com
127.0.0.1	www.searchcolours.com
127.0.0.1	searchcomplete.com
127.0.0.1	Search-Daily.com
127.0.0.1	www.Search-Daily.com
127.0.0.1	searchdesire.com
127.0.0.1	searchdot.com
127.0.0.1	searchdot.net
127.0.0.1	searchdrive.info
127.0.0.1	searche.info
127.0.0.1	www.searche.info
127.0.0.1	search-empire.info
127.0.0.1	www.search-empire.info
127.0.0.1	searchenhancement.com
127.0.0.1	searcher.tgpie.com
127.0.0.1	www.searcher.tgpie.com
127.0.0.1	search-exe.com
127.0.0.1	searchexpander.com
127.0.0.1	search-explorer.net
127.0.0.1	searchfastnet.com
127.0.0.1	searchfeed.com
127.0.0.1	www.searchfeed.com
127.0.0.1	searchfindsearch.com
127.0.0.1	www.searchfindsearch.com
127.0.0.1	searchforge.com
127.0.0.1	searchfromyourbrowser.net
127.0.0.1	www.searchfromyourbrowser.net
127.0.0.1	searchgateway.net
127.0.0.1	search-hawk.com
127.0.0.1	searchingbooth.com
127.0.0.1	www.searchingbooth.com
127.0.0.1	searching-the-net.com
127.0.0.1	searchinmates.org
127.0.0.1	www.searchinmates.org
127.0.0.1	search-log.com
127.0.0.1	searchmadesafe.net
127.0.0.1	search-meta.com
127.0.0.1	searchmeta.md
127.0.0.1	searchmeta.net
127.0.0.1	www.searchmeta.net
127.0.0.1	searchmeta.ru
127.0.0.1	searchmeta.webhost.ru
127.0.0.1	searchmeup.com
127.0.0.1	www.searchmeup.com
127.0.0.1	searchmiracle.com
127.0.0.1	www.searchmiracle.com
127.0.0.1	search-motor.com
127.0.0.1	searchnow.ws
127.0.0.1	searchonfly.com
127.0.0.1	searchresult.net
127.0.0.1	www.searchresult.net
127.0.0.1	search-safe.com
127.0.0.1	searchsquire.com
127.0.0.1	searchtab.net
127.0.0.1	www.searchtab.net
127.0.0.1	searchtabs.net
127.0.0.1	searchtheworld4you.com
127.0.0.1	www.searchtheworld4you.com
127.0.0.1	search-to-find.com
127.0.0.1	SEARCHTOFIND.NET
127.0.0.1	www.SEARCHTOFIND.NET
127.0.0.1	searchv.com
127.0.0.1	searchweb2.com
127.0.0.1	www.searchweb2.com
127.0.0.1	searchwebzone.com
127.0.0.1	www.searchwebzone.com
127.0.0.1	search-what.net
127.0.0.1	searchwhatuwant.com
127.0.0.1	searchxl.com
127.0.0.1	searchxp.com
127.0.0.1	sebay.it
127.0.0.1	www.sebay.it
127.0.0.1	sebot.com
127.0.0.1	secdep.info
127.0.0.1	secondpower.com
127.0.0.1	secret-crush.com
127.0.0.1	secure.drivecleaner.com
127.0.0.1	secure.errorsafe.com
127.0.0.1	secure.ucleaner.com
127.0.0.1	secure.winantispam.com
127.0.0.1	secure.winantispy.com
127.0.0.1	secure.winantivirus.com
127.0.0.1	securenp.org
127.0.0.1	secureserver3.com
127.0.0.1	www.secureserver3.com
127.0.0.1	securetoolbar.com
127.0.0.1	www.securetoolbar.com
127.0.0.1	securetoolbars.com
127.0.0.1	www.securetoolbars.com
127.0.0.1	secureyournet.biz
127.0.0.1	www.secureyournet.biz
127.0.0.1	securitybulletin.net
127.0.0.1	www.securitybulletin.net
127.0.0.1	securitycaution.com
127.0.0.1	www.securitycaution.com
127.0.0.1	securityfeature.com
127.0.0.1	www.securityfeature.com
127.0.0.1	securityindex.net
127.0.0.1	www.securityindex.net
127.0.0.1	securityplugins.com
127.0.0.1	www.securityplugins.com
127.0.0.1	securityprecaution.net
127.0.0.1	www.securityprecaution.net
127.0.0.1	securityupdatesite.com
127.0.0.1	www.securityupdatesite.com
127.0.0.1	securityuptodate.net
127.0.0.1	www.securityuptodate.net
127.0.0.1	security-warning.biz
127.0.0.1	securitywarnings.net
127.0.0.1	www.securitywarnings.net
127.0.0.1	seehardcore.com
127.0.0.1	seekporn.org
127.0.0.1	www.seekporn.org
127.0.0.1	seekseek.com
127.0.0.1	seektheglobe.com
127.0.0.1	www.seektheglobe.com
127.0.0.1	seekwell.net
127.0.0.1	sef516.greatbahamas.com
127.0.0.1	www.sef516.greatbahamas.com
127.0.0.1	seld.com
127.0.0.1	selfbookmark.com
127.0.0.1	selfbookmark.info
127.0.0.1	selfbookmark.net
127.0.0.1	selltraffic.biz
127.0.0.1	sense-super.com
127.0.0.1	www.sense-super.com
127.0.0.1	seobiz.us
127.0.0.1	www.seobiz.us
127.0.0.1	seorganisation.com
127.0.0.1	www.seorganisation.com
127.0.0.1	seproger.com
127.0.0.1	www.seproger.com
127.0.0.1	Serialplayers.com
127.0.0.1	www.Serialplayers.com
127.0.0.1	servedby.headlinesandnews.com
127.0.0.1	server-au.imrworldwide.com
127.0.0.1	serverc.org
127.0.0.1	www.serverc.org
127.0.0.1	service.multi-pops.com
127.0.0.1	settings.controlmeh.com
127.0.0.1	settings.gfxgraphics.net
127.0.0.1	settings.iconnectyou.biz
127.0.0.1	settings.imergeyou.com
127.0.0.1	settings.updatemysettings.com
127.0.0.1	setup.bestmanage.org
127.0.0.1	setup.truth-is-out-there.org
127.0.0.1	sex.free4porno.net
127.0.0.1	sex2person.info
127.0.0.1	www.sex2person.info
127.0.0.1	sexarena.com
127.0.0.1	sexarena.org
127.0.0.1	www.sexarena.org
127.0.0.1	sex-coach.com
127.0.0.1	sex-explorer.com
127.0.0.1	sex-festival.com
127.0.0.1	sexfiles.nu
127.0.0.1	sexgalleries4all.com
127.0.0.1	sexmaniack.com
127.0.0.1	sexmoviesnet.com
127.0.0.1	sexocean.play-lolita.com
127.0.0.1	sexolymp.com
127.0.0.1	www.sexolymp.com
127.0.0.1	sexpatriot.net
127.0.0.1	sexpicsporn.com
127.0.0.1	www.sexpicsporn.com
127.0.0.1	sexpornonline.com
127.0.0.1	sexunique.net
127.0.0.1	sex-video-galleries.com
127.0.0.1	sexvideopro.com
127.0.0.1	Sexxpassport.com
127.0.0.1	www.Sexxpassport.com
127.0.0.1	sexxxpassport.com
127.0.0.1	www.sexxxpassport.com
127.0.0.1	sexy18.cc
127.0.0.1	sexycat.adult-host.org
127.0.0.1	sfbayfolkboats.com
127.0.0.1	sfonditalia.biz
127.0.0.1	sfux.com
127.0.0.1	sgirls.net
127.0.0.1	www.sgrunt.biz
127.0.0.1	sgrunt.biz
127.0.0.1	sh.ncast.cn
127.0.0.1	www.sh.ncast.cn
127.0.0.1	sharedgamesite.com
127.0.0.1	www.sharedgamesite.com
127.0.0.1	sharedmoviesite.com
127.0.0.1	www.sharedmoviesite.com
127.0.0.1	sharedtvsite.com
127.0.0.1	www.sharedtvsite.com
127.0.0.1	sharempeg.com
127.0.0.1	sheat.com
127.0.0.1	shemalepornmag.com
127.0.0.1	www.shemalepornmag.com
127.0.0.1	shemalespornmag.com
127.0.0.1	www.shemalespornmag.com
127.0.0.1	shopcards.net
127.0.0.1	shopknights.com
127.0.0.1	shopnav.com
127.0.0.1	sic02.com
127.0.0.1	sidefind.com
127.0.0.1	sigmadown.biz
127.0.0.1	www.sigmadown.biz
127.0.0.1	signupprocess.com
127.0.0.1	www.signupprocess.com
127.0.0.1	silvercodec.com
127.0.0.1	www.silvercodec.com
127.0.0.1	simpaticissimo.com
127.0.0.1	www.simpaticissimo.com
127.0.0.1	sinpussy.com
127.0.0.1	sintrader.com
127.0.0.1	sipereva.it
127.0.0.1	www.sipereva.it
127.0.0.1	sipo.com
127.0.0.1	sirh0t.blackhats.tc
127.0.0.1	sisdotnet.com
127.0.0.1	www.sisdotnet.com
127.0.0.1	site.accessorygeeks.com
127.0.0.1	www.site.accessorygeeks.com
127.0.0.1	site1.ru
127.0.0.1	siteentrance.net
127.0.0.1	www.siteentrance.net
127.0.0.1	site-entrance.net
127.0.0.1	www.site-entrance.net
127.0.0.1	siteentrances.com
127.0.0.1	www.siteentrances.com
127.0.0.1	sitekeygenerator.com
127.0.0.1	www.sitekeygenerator.com
127.0.0.1	sitesearchcentral.com
127.0.0.1	www.sitesearchcentral.com
127.0.0.1	sitesentrance.com
127.0.0.1	www.sitesentrance.com
127.0.0.1	sites-entrance.com
127.0.0.1	www.sites-entrance.com
127.0.0.1	sites-entrance.net
127.0.0.1	www.sites-entrance.net
127.0.0.1	sites-in-web.com
127.0.0.1	sitesticket.net
127.0.0.1	www.sitesticket.net
127.0.0.1	sitestickets.net
127.0.0.1	www.sitestickets.net
127.0.0.1	siteticket.net
127.0.0.1	www.siteticket.net
127.0.0.1	site-ticket.net
127.0.0.1	www.site-ticket.net
127.0.0.1	sitevictoria.com
127.0.0.1	siupereva.it
127.0.0.1	www.siupereva.it
127.0.0.1	sixroads.com
127.0.0.1	skakalka.ru
127.0.0.1	skeech.com
127.0.0.1	www.skeech.com
127.0.0.1	skoobidoo.com
127.0.0.1	skype-download-now.com
127.0.0.1	www.skype-download-now.com
127.0.0.1	skype-free-calls.com
127.0.0.1	www.skype-free-calls.com
127.0.0.1	skype-hq.com
127.0.0.1	www.skype-hq.com
127.0.0.1	skype-stop.com
127.0.0.1	www.skype-stop.com
127.0.0.1	slawsearch.com
127.0.0.1	slotch.com
127.0.0.1	slotchbar.com
127.0.0.1	slutmania.biz
127.0.0.1	smartprotect.info
127.0.0.1	www.smartprotect.info
127.0.0.1	smart-security.biz
127.0.0.1	smartsumo.com
127.0.0.1	smds.com
127.0.0.1	smetsys.net
127.0.0.1	www.smetsys.net
127.0.0.1	smileycentral.com
127.0.0.1	smtp.ru
127.0.0.1	www.smtp.ru
127.0.0.1	smutarchive.net
127.0.0.1	smutserver.com
127.0.0.1	snipernet.biz
127.0.0.1	www.snipernet.biz
127.0.0.1	softcodec.com
127.0.0.1	www.softcodec.com
127.0.0.1	softomate.com
127.0.0.1	www.softomate.com
127.0.0.1	softwarecenterz.com
127.0.0.1	software-club.com
127.0.0.1	www.software-club.com
127.0.0.1	softwareprofit.com
127.0.0.1	www.softwareprofit.com
127.0.0.1	softwarereferral.com
127.0.0.1	www.softwarereferral.com
127.0.0.1	solongas.com
127.0.0.1	Some-Standards.com
127.0.0.1	www.Some-Standards.com
127.0.0.1	sonomaevents.com
127.0.0.1	souljah.com
127.0.0.1	www.souljah.com
127.0.0.1	sp2fucked.biz
127.0.0.1	specialoems.com
127.0.0.1	www.specialoems.com
127.0.0.1	spereva.it
127.0.0.1	www.spereva.it
127.0.0.1	spermatrix.com
127.0.0.1	spidersearch.com
127.0.0.1	sploso.com
127.0.0.1	www.sploso.com
127.0.0.1	sponsor2.ucmore.com
127.0.0.1	www.sponsor2.ucmore.com
127.0.0.1	sportbooks-free4you.com
127.0.0.1	spros.com
127.0.0.1	spyanalyst.com
127.0.0.1	www.spyanalyst.com
127.0.0.1	spyass.com
127.0.0.1	spyaxe.biz
127.0.0.1	www.spyaxe.biz
127.0.0.1	spyaxe.com
127.0.0.1	www.spyaxe.com
127.0.0.1	spyaxe.net
127.0.0.1	www.spyaxe.net
127.0.0.1	spyaxesupport.com
127.0.0.1	www.spyaxesupport.com
127.0.0.1	spyaxeupdate.com
127.0.0.1	www.spyaxeupdate.com
127.0.0.1	spyboot.com
127.0.0.1	www.spyboot.com
127.0.0.1	spy-bot.com
127.0.0.1	www.spy-bot.com
127.0.0.1	spybot.reviewsit.net
127.0.0.1	www.spybot.reviewsit.net
127.0.0.1	spybot2007.com
127.0.0.1	www.spybot2007.com
127.0.0.1	spybot-2007.com
127.0.0.1	www.spybot-2007.com
127.0.0.1	spybotdownload-now.com
127.0.0.1	www.spybotdownload-now.com
127.0.0.1	spybot-ib.com
127.0.0.1	www.spybot-ib.com
127.0.0.1	spybot-now.com
127.0.0.1	www.spybot-now.com
127.0.0.1	spybotremover.net
127.0.0.1	spybot-scan.com
127.0.0.1	www.spybot-scan.com
127.0.0.1	spybot-sd.net
127.0.0.1	www.spybot-sd.net
127.0.0.1	spybot-uk.com
127.0.0.1	www.spybot-uk.com
127.0.0.1	spycontra.com
127.0.0.1	www.spycontra.com
127.0.0.1	spycrush.com
127.0.0.1	www.spycrush.com
127.0.0.1	SpyCut.com
127.0.0.1	www.SpyCut.com
127.0.0.1	spydawn.com
127.0.0.1	www.spydawn.com
127.0.0.1	spydeface.com
127.0.0.1	www.spydeface.com
127.0.0.1	spydefence.com
127.0.0.1	www.spydefence.com
127.0.0.1	spydefenderpro.com
127.0.0.1	www.spydefenderpro.com
127.0.0.1	spyfalcon.com
127.0.0.1	www.spyfalcon.com
127.0.0.1	spyfalconupdate.com
127.0.0.1	www.spyfalconupdate.com
127.0.0.1	spyheal.com
127.0.0.1	www.spyheal.com
127.0.0.1	spyiblock.com
127.0.0.1	www.spyiblock.com
127.0.0.1	spylocked.com
127.0.0.1	www.spylocked.com
127.0.0.1	spylog.com
127.0.0.1	www.spylog.com
127.0.0.1	spyofficer.com
127.0.0.1	www.spyofficer.com
127.0.0.1	spyonthis.net
127.0.0.1	www.spyonthis.net
127.0.0.1	spyorgy.net
127.0.0.1	spyot.info
127.0.0.1	www.spyot.info
127.0.0.1	spy-shield.com
127.0.0.1	www.spy-shield.com
127.0.0.1	SpyShield.org
127.0.0.1	www.SpyShield.org
127.0.0.1	spy-shredder.com
127.0.0.1	spy-sniper.com
127.0.0.1	www.spy-sniper.com
127.0.0.1	spysoldier.com
127.0.0.1	www.spysoldier.com
127.0.0.1	spytrooper.com
127.0.0.1	www.spytrooper.com
127.0.0.1	spyware-best.com
127.0.0.1	www.spyware-best.com
127.0.0.1	spywarebot.com
127.0.0.1	www.spywarebot.com
127.0.0.1	spywarebott.com
127.0.0.1	www.spywarebott.com
127.0.0.1	spywarebot-t.com
127.0.0.1	www.spywarebot-t.com
127.0.0.1	spyware-browser.com
127.0.0.1	www.spyware-browser.com
127.0.0.1	spywaredisinfector.com
127.0.0.1	www.spywaredisinfector.com
127.0.0.1	spywareknight.com
127.0.0.1	www.spywareknight.com
127.0.0.1	spywarelabs.com
127.0.0.1	www.spywarelabs.com
127.0.0.1	spywareno.com
127.0.0.1	www.spywareno.com
127.0.0.1	spywarequake.com
127.0.0.1	www.spywarequake.com
127.0.0.1	spywarequake.info
127.0.0.1	www.spywarequake.info
127.0.0.1	spywareremoversite.com
127.0.0.1	www.spywareremoversite.com
127.0.0.1	SpywareScraper.com
127.0.0.1	www.SpywareScraper.com
127.0.0.1	spyware-secure.com
127.0.0.1	www.spyware-secure.com
127.0.0.1	spywaresheriff.com
127.0.0.1	www.spywaresheriff.com
127.0.0.1	spyware-stop.com
127.0.0.1	www.spyware-stop.com
127.0.0.1	spywarestrike.com
127.0.0.1	www.spywarestrike.com
127.0.0.1	spywarewizard.net
127.0.0.1	www.spywarewizard.net
127.0.0.1	spywarezapper.com
127.0.0.1	www.spywarezapper.com
127.0.0.1	sqwire.com
127.0.0.1	s-redirect.com
127.0.0.1	srfgate.com
127.0.0.1	www.srfgate.com
127.0.0.1	srib.com
127.0.0.1	srng.net
127.0.0.1	srox.com
127.0.0.1	srsf.com
127.0.0.1	srv.warez.com
127.0.0.1	ss.panet.org
127.0.0.1	ssaw.com
127.0.0.1	ssby.com
127.0.0.1	staceyowens.com
127.0.0.1	stacistaxx.com
127.0.0.1	stacystaxx.com
127.0.0.1	standardinternet.com
127.0.0.1	www.standardinternet.com
127.0.0.1	starcleaningservice.com.au
127.0.0.1	www.starcleaningservice.com.au
127.0.0.1	starsdoor.com
127.0.0.1	www.starsdoor.com
127.0.0.1	start-downloading.com
127.0.0.1	www.start-downloading.com
127.0.0.1	startium.com
127.0.0.1	start-seite.com
127.0.0.1	www.start-seite.com
127.0.0.1	start-space.com
127.0.0.1	startsurfing.com
127.0.0.1	static.zangocash.com
127.0.0.1	www.static.zangocash.com
127.0.0.1	stats.cashdeluxe.net
127.0.0.1	www.stats.cashdeluxe.net
127.0.0.1	statwebreports.us
127.0.0.1	www.statwebreports.us
127.0.0.1	steamycock.com
127.0.0.1	stejax.pl
127.0.0.1	www.stejax.pl
127.0.0.1	sterva.com
127.0.0.1	stevecashdollar.com
127.0.0.1	stop-tracking.biz
127.0.0.1	stopvotefraud.com
127.0.0.1	stopxxxpics.com
127.0.0.1	storage-tasp.com
127.0.0.1	strcodec.com
127.0.0.1	www.strcodec.com
127.0.0.1	streamxs.ws
127.0.0.1	www.streamxs.ws
127.0.0.1	strekoza.com
127.0.0.1	studioaperto.net
127.0.0.1	stuffstore.com
127.0.0.1	stuff-your-ipod.com
127.0.0.1	www.stuff-your-ipod.com
127.0.0.1	stvg.info
127.0.0.1	www.stvg.info
127.0.0.1	styleclickink.com
127.0.0.1	Sudoplanet.com
127.0.0.1	www.Sudoplanet.com
127.0.0.1	suereva.it
127.0.0.1	www.suereva.it
127.0.0.1	suipereva.it
127.0.0.1	www.suipereva.it
127.0.0.1	summercollins.com
127.0.0.1	summitcross.com
127.0.0.1	suoereva.it
127.0.0.1	www.suoereva.it
127.0.0.1	suopereva.it
127.0.0.1	www.suopereva.it
127.0.0.1	supeereva.it
127.0.0.1	www.supeereva.it
127.0.0.1	supeeva.it
127.0.0.1	www.supeeva.it
127.0.0.1	superadultfriend.com
127.0.0.1	www.superadultfriend.com
127.0.0.1	superbahamas.com
127.0.0.1	superbgirlz.com
127.0.0.1	www.superbgirlz.com
127.0.0.1	supercodec.com
127.0.0.1	www.supercodec.com
127.0.0.1	superea.it
127.0.0.1	www.superea.it
127.0.0.1	supereba.it
127.0.0.1	www.supereba.it
127.0.0.1	superebva.it
127.0.0.1	www.superebva.it
127.0.0.1	superecva.it
127.0.0.1	www.superecva.it
127.0.0.1	supereeva.it
127.0.0.1	www.supereeva.it
127.0.0.1	supererva.it
127.0.0.1	www.supererva.it
127.0.0.1	superev.it
127.0.0.1	www.superev.it
127.0.0.1	superevaq.it
127.0.0.1	www.superevaq.it
127.0.0.1	superevaw.it
127.0.0.1	www.superevaw.it
127.0.0.1	superevaz.it
127.0.0.1	www.superevaz.it
127.0.0.1	superevba.it
127.0.0.1	www.superevba.it
127.0.0.1	superevca.it
127.0.0.1	www.superevca.it
127.0.0.1	superevsa.it
127.0.0.1	www.superevsa.it
127.0.0.1	superevva.it
127.0.0.1	www.superevva.it
127.0.0.1	superevw.it
127.0.0.1	www.superevw.it
127.0.0.1	superevz.it
127.0.0.1	www.superevz.it
127.0.0.1	superewva.it
127.0.0.1	www.superewva.it
127.0.0.1	www.supernet.speedserv.com
127.0.0.1	superporncity.com
127.0.0.1	www.superporncity.com
127.0.0.1	superreva.it
127.0.0.1	www.superreva.it
127.0.0.1	super-servers.net
127.0.0.1	www.super-servers.net
127.0.0.1	supersexmachine.com
127.0.0.1	supersexpass.com
127.0.0.1	www.supersexpass.com
127.0.0.1	super-spider.com
127.0.0.1	superteva.it
127.0.0.1	www.superteva.it
127.0.0.1	superwebsearch.com
127.0.0.1	super-websearch.com
127.0.0.1	superweva.it
127.0.0.1	www.superweva.it
127.0.0.1	superwp.by.ru
127.0.0.1	superwva.it
127.0.0.1	www.superwva.it
127.0.0.1	supeteva.it
127.0.0.1	www.supeteva.it
127.0.0.1	supetreva.it
127.0.0.1	www.supetreva.it
127.0.0.1	supewreva.it
127.0.0.1	www.supewreva.it
127.0.0.1	supoereva.it
127.0.0.1	www.supoereva.it
127.0.0.1	suppereva.it
127.0.0.1	www.suppereva.it
127.0.0.1	support.365soft.info
127.0.0.1	www.support.365soft.info
127.0.0.1	support.winantivirus.com
127.0.0.1	suprereva.it
127.0.0.1	www.suprereva.it
127.0.0.1	supret.com
127.0.0.1	supreva.it
127.0.0.1	www.supreva.it
127.0.0.1	supwereva.it
127.0.0.1	www.supwereva.it
127.0.0.1	supwreva.it
127.0.0.1	www.supwreva.it
127.0.0.1	sureadult.com
127.0.0.1	www.sureadult.com
127.0.0.1	sureseeker.com
127.0.0.1	www.sureseeker.com
127.0.0.1	surfaccuracy.com
127.0.0.1	www.surfaccuracy.com
127.0.0.1	surferbar.com
127.0.0.1	surfsidekick.com
127.0.0.1	www.surfsidekick.com
127.0.0.1	surj.com
127.0.0.1	suupereva.it
127.0.0.1	www.suupereva.it
127.0.0.1	suypereva.it
127.0.0.1	www.suypereva.it
127.0.0.1	suzannebrecht.com
127.0.0.1	sverner.info
127.0.0.1	www.sverner.info
127.0.0.1	svideocodec.com
127.0.0.1	www.svideocodec.com
127.0.0.1	sweeteenz.com
127.0.0.1	swz2006.to.8866.org
127.0.0.1	www.swz2006.to.8866.org
127.0.0.1	sxload.com
127.0.0.1	www.sxload.com
127.0.0.1	sypereva.it
127.0.0.1	www.sypereva.it
127.0.0.1	syserrors.com
127.0.0.1	www.syserrors.com
127.0.0.1	sysnetsecurity.com
127.0.0.1	www.sysnetsecurity.com
127.0.0.1	sysnetsecurity.net
127.0.0.1	www.sysnetsecurity.net
127.0.0.1	sysprotect.com
127.0.0.1	www.sysprotect.com
127.0.0.1	syssecuritypage.com
127.0.0.1	www.syssecuritypage.com
127.0.0.1	syssecuritysite.net
127.0.0.1	www.syssecuritysite.net
127.0.0.1	systemdoctor.com
127.0.0.1	www.systemdoctor.com
127.0.0.1	systemstable.com
127.0.0.1	www.systemstable.com
127.0.0.1	systemupdates.net
127.0.0.1	www.systemupdates.net
127.0.0.1	syupereva.it
127.0.0.1	www.syupereva.it
127.0.0.1	t.rack.cc
127.0.0.1	t058.com
127.0.0.1	t8iscali.it
127.0.0.1	www.t8iscali.it
127.0.0.1	t9iscali.it
127.0.0.1	www.t9iscali.it
127.0.0.1	tacil.org
127.0.0.1	tamotua.com
127.0.0.1	www.tamotua.com
127.0.0.1	tangounion.com
127.0.0.1	targetsaver.com
127.0.0.1	www.targetsaver.com
127.0.0.1	tastethemusic.com
127.0.0.1	tax-refund4you.com
127.0.0.1	TBCODE.COM
127.0.0.1	www.TBCODE.COM
127.0.0.1	tbvg.com
127.0.0.1	tdak.com
127.0.0.1	tdko.com
127.0.0.1	tdmy.com
127.0.0.1	tech-jobs.ws
127.0.0.1	technology-related.com
127.0.0.1	teen-biz.com
127.0.0.1	teenhost.net
127.0.0.1	teenmonster.com
127.0.0.1	www.teenmonster.com
127.0.0.1	teen-pic-post.com
127.0.0.1	teenpornosex.com
127.0.0.1	teens4free.net
127.0.0.1	teensact.com
127.0.0.1	teensgate.com
127.0.0.1	teensguru.com
127.0.0.1	teenspornmag.com
127.0.0.1	www.teenspornmag.com
127.0.0.1	teenswamp.com
127.0.0.1	tefs.com
127.0.0.1	telecharger-avast.com
127.0.0.1	www.telecharger-avast.com
127.0.0.1	tepubblica.it
127.0.0.1	www.tepubblica.it
127.0.0.1	terafinder.com
127.0.0.1	Teslaplus.com
127.0.0.1	www.Teslaplus.com
127.0.0.1	testosterone-birth-control.com
127.0.0.1	tfil.com
127.0.0.1	tfiscali.it
127.0.0.1	www.tfiscali.it
127.0.0.1	tgazzetta.it
127.0.0.1	www.tgazzetta.it
127.0.0.1	tgiscali.it
127.0.0.1	www.tgiscali.it
127.0.0.1	tgoogle.it
127.0.0.1	www.tgoogle.it
127.0.0.1	tgp-4-you.com
127.0.0.1	tgpie.com
127.0.0.1	www.tgpie.com
127.0.0.1	the.007guard.com
127.0.0.1	www.the.007guard.com
127.0.0.1	the818search-co.com
127.0.0.1	www.the818search-co.com
127.0.0.1	theadulteye.com
127.0.0.1	www.theadulteye.com
127.0.0.1	theaimonline.com
127.0.0.1	www.theaimonline.com
127.0.0.1	the-codec.com
127.0.0.1	www.the-codec.com
127.0.0.1	the-exit.com
127.0.0.1	thefakejournal.com
127.0.0.1	theguardservices.com
127.0.0.1	www.theguardservices.com
127.0.0.1	the-huns-yellow-pages.com
127.0.0.1	thehuy.net
127.0.0.1	thelimewiredownload.com
127.0.0.1	www.thelimewiredownload.com
127.0.0.1	thenewsearch.com
127.0.0.1	theproxy.org
127.0.0.1	thereall.realfet.com
127.0.0.1	www.thereall.realfet.com
127.0.0.1	therealsearch.com
127.0.0.1	thesafebar.com
127.0.0.1	www.thesafebar.com
127.0.0.1	thesafetytool.com
127.0.0.1	www.thesafetytool.com
127.0.0.1	thespyguard.com
127.0.0.1	www.thespyguard.com
127.0.0.1	thesten.com
127.0.0.1	thesuperxxx.com
127.0.0.1	www.thesuperxxx.com
127.0.0.1	the-ticket.net
127.0.0.1	www.the-ticket.net
127.0.0.1	think-adz.com
127.0.0.1	www.think-adz.com
127.0.0.1	think-adz2.com
127.0.0.1	www.think-adz2.com
127.0.0.1	thinstall.abetterinternet.com
127.0.0.1	thiscali.it
127.0.0.1	www.thiscali.it
127.0.0.1	thko.com
127.0.0.1	thornleygroup.com
127.0.0.1	ti8scali.it
127.0.0.1	www.ti8scali.it
127.0.0.1	ti9scali.it
127.0.0.1	www.ti9scali.it
127.0.0.1	tiacali.it
127.0.0.1	www.tiacali.it
127.0.0.1	tiascali.it
127.0.0.1	www.tiascali.it
127.0.0.1	ticali.it
127.0.0.1	www.ticali.it
127.0.0.1	tidcali.it
127.0.0.1	www.tidcali.it
127.0.0.1	tidscali.it
127.0.0.1	www.tidscali.it
127.0.0.1	tiiscali.it
127.0.0.1	www.tiiscali.it
127.0.0.1	tijscali.it
127.0.0.1	www.tijscali.it
127.0.0.1	tikscali.it
127.0.0.1	www.tikscali.it
127.0.0.1	tilscali.it
127.0.0.1	www.tilscali.it
127.0.0.1	tings.org
127.0.0.1	www.tinybar.com
127.0.0.1	tinybar.com
127.0.0.1	tioscali.it
127.0.0.1	www.tioscali.it
127.0.0.1	tisacali.it
127.0.0.1	www.tisacali.it
127.0.0.1	tisacli.it
127.0.0.1	www.tisacli.it
127.0.0.1	tiscaali.it
127.0.0.1	www.tiscaali.it
127.0.0.1	tiscail.it
127.0.0.1	www.tiscail.it
127.0.0.1	tiscaki.it
127.0.0.1	www.tiscaki.it
127.0.0.1	tiscakli.it
127.0.0.1	www.tiscakli.it
127.0.0.1	tiscal8.it
127.0.0.1	www.tiscal8.it
127.0.0.1	tiscal9.it
127.0.0.1	www.tiscal9.it
127.0.0.1	tiscalii.it
127.0.0.1	www.tiscalii.it
127.0.0.1	tiscalij.it
127.0.0.1	www.tiscalij.it
127.0.0.1	tiscalik.it
127.0.0.1	www.tiscalik.it
127.0.0.1	tiscalil.it
127.0.0.1	www.tiscalil.it
127.0.0.1	tiscaliu.it
127.0.0.1	www.tiscaliu.it
127.0.0.1	tiscalji.it
127.0.0.1	www.tiscalji.it
127.0.0.1	tiscalk.it
127.0.0.1	www.tiscalk.it
127.0.0.1	tiscalki.it
127.0.0.1	www.tiscalki.it
127.0.0.1	tiscalli.it
127.0.0.1	www.tiscalli.it
127.0.0.1	tiscalo.it
127.0.0.1	www.tiscalo.it
127.0.0.1	tiscaloi.it
127.0.0.1	www.tiscaloi.it
127.0.0.1	tiscalui.it
127.0.0.1	www.tiscalui.it
127.0.0.1	tiscaoi.it
127.0.0.1	www.tiscaoi.it
127.0.0.1	tiscaoli.it
127.0.0.1	www.tiscaoli.it
127.0.0.1	tiscaqli.it
127.0.0.1	www.tiscaqli.it
127.0.0.1	tiscasli.it
127.0.0.1	www.tiscasli.it
127.0.0.1	tiscawli.it
127.0.0.1	www.tiscawli.it
127.0.0.1	tiscaxli.it
127.0.0.1	www.tiscaxli.it
127.0.0.1	tiscazli.it
127.0.0.1	www.tiscazli.it
127.0.0.1	tiscdali.it
127.0.0.1	www.tiscdali.it
127.0.0.1	tiscfali.it
127.0.0.1	www.tiscfali.it
127.0.0.1	tisclai.it
127.0.0.1	www.tisclai.it
127.0.0.1	tiscli.it
127.0.0.1	www.tiscli.it
127.0.0.1	tiscqali.it
127.0.0.1	www.tiscqali.it
127.0.0.1	tiscqli.it
127.0.0.1	www.tiscqli.it
127.0.0.1	tiscsali.it
127.0.0.1	www.tiscsali.it
127.0.0.1	tiscsli.it
127.0.0.1	www.tiscsli.it
127.0.0.1	tiscvali.it
127.0.0.1	www.tiscvali.it
127.0.0.1	tiscwali.it
127.0.0.1	www.tiscwali.it
127.0.0.1	tiscxali.it
127.0.0.1	www.tiscxali.it
127.0.0.1	tisczali.it
127.0.0.1	www.tisczali.it
127.0.0.1	tisczli.it
127.0.0.1	www.tisczli.it
127.0.0.1	tisdcali.it
127.0.0.1	www.tisdcali.it
127.0.0.1	tisecali.it
127.0.0.1	www.tisecali.it
127.0.0.1	tisfcali.it
127.0.0.1	www.tisfcali.it
127.0.0.1	tisscali.it
127.0.0.1	www.tisscali.it
127.0.0.1	tisvcali.it
127.0.0.1	www.tisvcali.it
127.0.0.1	tiswcali.it
127.0.0.1	www.tiswcali.it
127.0.0.1	tisxali.it
127.0.0.1	www.tisxali.it
127.0.0.1	tisxcali.it
127.0.0.1	www.tisxcali.it
127.0.0.1	titanmotors.com
127.0.0.1	www.titanmotors.com
127.0.0.1	titanvision.com
127.0.0.1	titsianna.com
127.0.0.1	tit-x.com
127.0.0.1	tiuscali.it
127.0.0.1	www.tiuscali.it
127.0.0.1	tiwcali.it
127.0.0.1	www.tiwcali.it
127.0.0.1	tiwscali.it
127.0.0.1	www.tiwscali.it
127.0.0.1	tixcali.it
127.0.0.1	www.tixcali.it
127.0.0.1	tixscali.it
127.0.0.1	www.tixscali.it
127.0.0.1	tizscali.it
127.0.0.1	www.tizscali.it
127.0.0.1	tjar.com
127.0.0.1	tjaw.com
127.0.0.1	tjdo.com
127.0.0.1	tjem.com
127.0.0.1	tjgo.com
127.0.0.1	tjiscali.it
127.0.0.1	www.tjiscali.it
127.0.0.1	tkiscali.it
127.0.0.1	www.tkiscali.it
127.0.0.1	tliscali.it
127.0.0.1	www.tliscali.it
127.0.0.1	tns-counter.ru
127.0.0.1	www.tns-counter.ru
127.0.0.1	todaywarnings.com
127.0.0.1	www.todaywarnings.com
127.0.0.1	toddhayes.com
127.0.0.1	toiscali.it
127.0.0.1	www.toiscali.it
127.0.0.1	toogle.it
127.0.0.1	www.toogle.it
127.0.0.1	toohs.com
127.0.0.1	www.toohs.com
127.0.0.1	toolbar.azebar.com
127.0.0.1	www.toolbar.azebar.com
127.0.0.1	toolbar.cc
127.0.0.1	www.toolbar3.trafficgeneration.biz
127.0.0.1	www.toolbar5.trafficgeneration.biz
127.0.0.1	toolbarbest.biz
127.0.0.1	www.toolbarbest.biz
127.0.0.1	toolbarbucks.biz
127.0.0.1	www.toolbarbucks.biz
127.0.0.1	toolbarcash.com
127.0.0.1	toolbardollars.biz
127.0.0.1	www.toolbardollars.biz
127.0.0.1	toolbarpartner.com
127.0.0.1	toolbartraff.biz
127.0.0.1	www.toolbartraff.biz
127.0.0.1	toolsjambo.com
127.0.0.1	www.toolsjambo.com
127.0.0.1	toolster.de
127.0.0.1	www.toolster.de
127.0.0.1	toon-comics.com
127.0.0.1	tooncomics.com
127.0.0.1	top100drugs.info
127.0.0.1	www.top100drugs.info
127.0.0.1	top-banners.com
127.0.0.1	www.top-banners.com
127.0.0.1	topbrowsing.com
127.0.0.1	www.topbrowsing.com
127.0.0.1	topconverting.com
127.0.0.1	www.topconverting.com
127.0.0.1	topsearcher.com
127.0.0.1	www.topsearcher.com
127.0.0.1	topsecuritypage.com
127.0.0.1	www.topsecuritypage.com
127.0.0.1	topsecuritysite.net
127.0.0.1	www.topsecuritysite.net
127.0.0.1	topsite.us
127.0.0.1	www.topsite.us
127.0.0.1	topsites.us
127.0.0.1	www.topsites.us
127.0.0.1	topsitez.us
127.0.0.1	www.topsitez.us
127.0.0.1	topx.cc
127.0.0.1	torc.com
127.0.0.1	toriii.cc
127.0.0.1	www.toriii.cc
127.0.0.1	toscali.it
127.0.0.1	www.toscali.it
127.0.0.1	toseeka.com
127.0.0.1	www.toseeka.com
127.0.0.1	tossoalice.it
127.0.0.1	www.tossoalice.it
127.0.0.1	totalvelocity.com
127.0.0.1	www.totalvelocity.com
127.0.0.1	touchnsearch.com
127.0.0.1	www.touchnsearch.com
127.0.0.1	trackhits.cc
127.0.0.1	www.trackhits.cc
127.0.0.1	tracktraff.cc
127.0.0.1	traff.justcount.net
127.0.0.1	traff5all.biz
127.0.0.1	www.traff5all.biz
127.0.0.1	traffbest.biz
127.0.0.1	www.traffbest.biz
127.0.0.1	traffic-acc.com
127.0.0.1	www.traffic-acc.com
127.0.0.1	trafficback.com
127.0.0.1	trafficgeneration.biz
127.0.0.1	www.trafficgeneration.biz
127.0.0.1	trafficroup.com
127.0.0.1	www.trafficroup.com
127.0.0.1	traffic-ssl1.com
127.0.0.1	www.traffic-ssl1.com
127.0.0.1	trafficswitcher.com
127.0.0.1	traffsale1.biz
127.0.0.1	www.traffsale1.biz
127.0.0.1	traffstats.biz
127.0.0.1	www.traffstats.biz
127.0.0.1	traffweb1.biz
127.0.0.1	www.traffweb1.biz
127.0.0.1	travel.picture-posters.com
127.0.0.1	trebitalia.it
127.0.0.1	www.trebitalia.it
127.0.0.1	treenitalia.it
127.0.0.1	www.treenitalia.it
127.0.0.1	treitalia.it
127.0.0.1	www.treitalia.it
127.0.0.1	tremnitalia.it
127.0.0.1	www.tremnitalia.it
127.0.0.1	treniralia.it
127.0.0.1	www.treniralia.it
127.0.0.1	trenitaalia.it
127.0.0.1	www.trenitaalia.it
127.0.0.1	trenitaia.it
127.0.0.1	www.trenitaia.it
127.0.0.1	trenitakia.it
127.0.0.1	www.trenitakia.it
127.0.0.1	trenitaliaa.it
127.0.0.1	www.trenitaliaa.it
127.0.0.1	trenitaliaq.it
127.0.0.1	www.trenitaliaq.it
127.0.0.1	trenitalias.it
127.0.0.1	www.trenitalias.it
127.0.0.1	trenitaliaz.it
127.0.0.1	www.trenitaliaz.it
127.0.0.1	trenitaliia.it
127.0.0.1	www.trenitaliia.it
127.0.0.1	trenitalis.it
127.0.0.1	www.trenitalis.it
127.0.0.1	trenitalisa.it
127.0.0.1	www.trenitalisa.it
127.0.0.1	trenitallia.it
127.0.0.1	www.trenitallia.it
127.0.0.1	trenitaloa.it
127.0.0.1	www.trenitaloa.it
127.0.0.1	trenitalua.it
127.0.0.1	www.trenitalua.it
127.0.0.1	trenitralia.it
127.0.0.1	www.trenitralia.it
127.0.0.1	trenitslia.it
127.0.0.1	www.trenitslia.it
127.0.0.1	trenittalia.it
127.0.0.1	www.trenittalia.it
127.0.0.1	treniutalia.it
127.0.0.1	www.treniutalia.it
127.0.0.1	treniyalia.it
127.0.0.1	www.treniyalia.it
127.0.0.1	trenmitalia.it
127.0.0.1	www.trenmitalia.it
127.0.0.1	trennitalia.it
127.0.0.1	www.trennitalia.it
127.0.0.1	trenotalia.it
127.0.0.1	www.trenotalia.it
127.0.0.1	trentalia.it
127.0.0.1	www.trentalia.it
127.0.0.1	trenutalia.it
127.0.0.1	www.trenutalia.it
127.0.0.1	trepubblica.it
127.0.0.1	www.trepubblica.it
127.0.0.1	trernitalia.it
127.0.0.1	www.trernitalia.it
127.0.0.1	trewnitalia.it
127.0.0.1	www.trewnitalia.it
127.0.0.1	trial.updates.winsoftware.com
127.0.0.1	triscali.it
127.0.0.1	www.triscali.it
127.0.0.1	Trojanerfilter.com
127.0.0.1	www.Trojanerfilter.com
127.0.0.1	Trojansfilter.com
127.0.0.1	www.Trojansfilter.com
127.0.0.1	Trojansfiltre.com
127.0.0.1	www.Trojansfiltre.com
127.0.0.1	troonety.biz
127.0.0.1	www.troonety.biz
127.0.0.1	trossoalice.it
127.0.0.1	www.trossoalice.it
127.0.0.1	trrenitalia.it
127.0.0.1	www.trrenitalia.it
127.0.0.1	trtenitalia.it
127.0.0.1	www.trtenitalia.it
127.0.0.1	truecodec.com
127.0.0.1	www.truecodec.com
127.0.0.1	true-counter.com
127.0.0.1	www.true-counter.com
127.0.0.1	true-portal.com
127.0.0.1	truth-is-out-there.org
127.0.0.1	www.truth-is-out-there.org
127.0.0.1	truttogratis.it
127.0.0.1	www.truttogratis.it
127.0.0.1	trytechnical.com
127.0.0.1	tscali.it
127.0.0.1	www.tscali.it
127.0.0.1	tscodec.com
127.0.0.1	www.tscodec.com
127.0.0.1	tsx.org
127.0.0.1	ttiscali.it
127.0.0.1	www.ttiscali.it
127.0.0.1	ttrenitalia.it
127.0.0.1	www.ttrenitalia.it
127.0.0.1	tttogratis.it
127.0.0.1	www.tttogratis.it
127.0.0.1	ttuttogratis.it
127.0.0.1	www.ttuttogratis.it
127.0.0.1	tuiscali.it
127.0.0.1	www.tuiscali.it
127.0.0.1	tuksolution.com
127.0.0.1	www.tuksolution.com
127.0.0.1	turtogratis.it
127.0.0.1	www.turtogratis.it
127.0.0.1	tutogratis.it
127.0.0.1	www.tutogratis.it
127.0.0.1	tutorial-hq.com
127.0.0.1	www.tutorial-hq.com
127.0.0.1	tutrogratis.it
127.0.0.1	www.tutrogratis.it
127.0.0.1	tuttgratis.it
127.0.0.1	www.tuttgratis.it
127.0.0.1	tuttofratis.it
127.0.0.1	www.tuttofratis.it
127.0.0.1	tuttogeratis.it
127.0.0.1	www.tuttogeratis.it
127.0.0.1	tuttograatis.it
127.0.0.1	www.tuttograatis.it
127.0.0.1	tuttograis.it
127.0.0.1	www.tuttograis.it
127.0.0.1	tuttograris.it
127.0.0.1	www.tuttograris.it
127.0.0.1	tuttograti.it
127.0.0.1	www.tuttograti.it
127.0.0.1	tuttogratia.it
127.0.0.1	www.tuttogratia.it
127.0.0.1	tuttogratias.it
127.0.0.1	www.tuttogratias.it
127.0.0.1	tuttogratiis.it
127.0.0.1	www.tuttogratiis.it
127.0.0.1	tuttogratisa.it
127.0.0.1	www.tuttogratisa.it
127.0.0.1	tuttogratiss.it
127.0.0.1	www.tuttogratiss.it
127.0.0.1	tuttogratos.it
127.0.0.1	www.tuttogratos.it
127.0.0.1	tuttograts.it
127.0.0.1	www.tuttograts.it
127.0.0.1	tuttograttis.it
127.0.0.1	www.tuttograttis.it
127.0.0.1	tuttogratus.it
127.0.0.1	www.tuttogratus.it
127.0.0.1	tuttograyis.it
127.0.0.1	www.tuttograyis.it
127.0.0.1	tuttogrratis.it
127.0.0.1	www.tuttogrratis.it
127.0.0.1	tuttogrstis.it
127.0.0.1	www.tuttogrstis.it
127.0.0.1	tuttogrtatis.it
127.0.0.1	www.tuttogrtatis.it
127.0.0.1	tuttogtratis.it
127.0.0.1	www.tuttogtratis.it
127.0.0.1	tuttohratis.it
127.0.0.1	www.tuttohratis.it
127.0.0.1	tuttoigratis.it
127.0.0.1	www.tuttoigratis.it
127.0.0.1	tuttoogratis.it
127.0.0.1	www.tuttoogratis.it
127.0.0.1	tuttopgratis.it
127.0.0.1	www.tuttopgratis.it
127.0.0.1	tuttoratis.it
127.0.0.1	www.tuttoratis.it
127.0.0.1	tuttpgratis.it
127.0.0.1	www.tuttpgratis.it
127.0.0.1	tutttogratis.it
127.0.0.1	www.tutttogratis.it
127.0.0.1	tuttyogratis.it
127.0.0.1	www.tuttyogratis.it
127.0.0.1	tutyogratis.it
127.0.0.1	www.tutyogratis.it
127.0.0.1	tutytogratis.it
127.0.0.1	www.tutytogratis.it
127.0.0.1	tuuttogratis.it
127.0.0.1	www.tuuttogratis.it
127.0.0.1	tuytogratis.it
127.0.0.1	www.tuytogratis.it
127.0.0.1	tv.180solutions.com
127.0.0.1	tv-auf-dem-pc.de
127.0.0.1	www.tv-auf-dem-pc.de
127.0.0.1	tvcodec.com
127.0.0.1	www.tvcodec.com
127.0.0.1	tv-codec.com
127.0.0.1	www.tv-codec.com
127.0.0.1	tv-codecs.com
127.0.0.1	www.tv-codecs.com
127.0.0.1	tv-en-pc.es
127.0.0.1	www.tv-en-pc.es
127.0.0.1	tvsatellitepourpc.com
127.0.0.1	www.tvsatellitepourpc.com
127.0.0.1	tvscodec.com
127.0.0.1	www.tvscodec.com
127.0.0.1	tv-sur-pc.com
127.0.0.1	www.tv-sur-pc.com
127.0.0.1	tyiscali.it
127.0.0.1	www.tyiscali.it
127.0.0.1	type2find.com
127.0.0.1	www.type2find.com
127.0.0.1	tyttogratis.it
127.0.0.1	www.tyttogratis.it
127.0.0.1	tzxsj.com
127.0.0.1	www.tzxsj.com
127.0.0.1	u.webbuying.net
127.0.0.1	u-239.com
127.0.0.1	u45.cx
127.0.0.1	u46.cx
127.0.0.1	u47.cc
127.0.0.1	u48.cc
127.0.0.1	u7u.cn
127.0.0.1	www.u7u.cn
127.0.0.1	ucleaner.com
127.0.0.1	www.ucleaner.com
127.0.0.1	ucmore.com
127.0.0.1	udefender.com
127.0.0.1	www.udefender.com
127.0.0.1	ueornavxiz.biz
127.0.0.1	www.ueornavxiz.biz
127.0.0.1	ueornmbkkhmf.biz
127.0.0.1	www.ueornmbkkhmf.biz
127.0.0.1	ufindall.click-now.net
127.0.0.1	ufixer.com
127.0.0.1	www.ufixer.com
127.0.0.1	uglyphotos.net
127.0.0.1	www.uglyphotos.net
127.0.0.1	uibo.it
127.0.0.1	www.uibo.it
127.0.0.1	uige.it
127.0.0.1	www.uige.it
127.0.0.1	uimi.it
127.0.0.1	www.uimi.it
127.0.0.1	uinimi.it
127.0.0.1	www.uinimi.it
127.0.0.1	uipd.it
127.0.0.1	www.uipd.it
127.0.0.1	uipg.it
127.0.0.1	www.uipg.it
127.0.0.1	uito.it
127.0.0.1	www.uito.it
127.0.0.1	ukiee.com
127.0.0.1	www.ukiee.com
127.0.0.1	ulink13.dudu.com
127.0.0.1	ulink7.dudu.com
127.0.0.1	ulog.systemdoctor.com
127.0.0.1	ulog.winantivirus.com
127.0.0.1	ultimateprotect.com
127.0.0.1	ultraload.net
127.0.0.1	umaxsearch.com
127.0.0.1	umibo.it
127.0.0.1	www.umibo.it
127.0.0.1	umige.it
127.0.0.1	www.umige.it
127.0.0.1	umimi.it
127.0.0.1	www.umimi.it
127.0.0.1	umipd.it
127.0.0.1	www.umipd.it
127.0.0.1	umipv.it
127.0.0.1	www.umipv.it
127.0.0.1	umnibo.it
127.0.0.1	www.umnibo.it
127.0.0.1	unbo.it
127.0.0.1	www.unbo.it
127.0.0.1	uncj.filetretporn.com
127.0.0.1	www.uncj.filetretporn.com
127.0.0.1	underagehost.com
127.0.0.1	une-autre-france.com
127.0.0.1	unge.it
127.0.0.1	www.unge.it
127.0.0.1	unibno.it
127.0.0.1	www.unibno.it
127.0.0.1	unie.it
127.0.0.1	www.unie.it
127.0.0.1	uniformpornmag.com
127.0.0.1	www.uniformpornmag.com
127.0.0.1	unig.it
127.0.0.1	www.unig.it
127.0.0.1	unigays.com
127.0.0.1	unii.it
127.0.0.1	www.unii.it
127.0.0.1	unini.it
127.0.0.1	www.unini.it
127.0.0.1	unionseek.com
127.0.0.1	www.unionseek.com
127.0.0.1	unionsms.net
127.0.0.1	www.unionsms.net
127.0.0.1	unipages.cc
127.0.0.1	unitedstates.rub.to
127.0.0.1	univo.it
127.0.0.1	www.univo.it
127.0.0.1	unmi.it
127.0.0.1	www.unmi.it
127.0.0.1	unmibo.it
127.0.0.1	www.unmibo.it
127.0.0.1	unobo.it
127.0.0.1	www.unobo.it
127.0.0.1	unpd.it
127.0.0.1	www.unpd.it
127.0.0.1	unpg.it
127.0.0.1	www.unpg.it
127.0.0.1	unto.it
127.0.0.1	www.unto.it
127.0.0.1	unubo.it
127.0.0.1	www.unubo.it
127.0.0.1	up2you.ru
127.0.0.1	upd.lop.com
127.0.0.1	upd.zone-media.com
127.0.0.1	updatemysettings.com
127.0.0.1	www.updatemysettings.com
127.0.0.1	updates.spywarequake.com
127.0.0.1	upereva.it
127.0.0.1	www.upereva.it
127.0.0.1	uploads.180solutions.com
127.0.0.1	upspiral.com
127.0.0.1	www.upspiral.com
127.0.0.1	uptodateprotect.com
127.0.0.1	www.uptodateprotect.com
127.0.0.1	uptodatesecurity.com
127.0.0.1	www.uptodatesecurity.com
127.0.0.1	uptofind.com
127.0.0.1	www.uptofind.com
127.0.0.1	upx.tsx.org
127.0.0.1	uralitel.ru
127.0.0.1	urgentsystemupdate.biz
127.0.0.1	www.urgentsystemupdate.biz
127.0.0.1	urgentsystemupdate.com
127.0.0.1	www.urgentsystemupdate.com
127.0.0.1	www.url.cpvfeed.com
127.0.0.1	urlstat.com
127.0.0.1	urlstat.ru
127.0.0.1	ursie.net
127.0.0.1	usecodec.com
127.0.0.1	www.usecodec.com
127.0.0.1	usefullsoft.net
127.0.0.1	use-play.com
127.0.0.1	www.use-play.com
127.0.0.1	utahsweet.com
127.0.0.1	utils.errorsafe.com
127.0.0.1	utils.winantivirus.com
127.0.0.1	utils.winfixer.com
127.0.0.1	www.utils.winfixer.com
127.0.0.1	utopicportal.com
127.0.0.1	uusocialjustice.org
127.0.0.1	uvu-channel.com
127.0.0.1	www.uvu-channel.com
127.0.0.1	uydsiygeds.com
127.0.0.1	www.uydsiygeds.com
127.0.0.1	uzoogle.com
127.0.0.1	www.uzoogle.com
127.0.0.1	v-224.com
127.0.0.1	v61.com
127.0.0.1	www.v61.com
127.0.0.1	v8irgilio.it
127.0.0.1	www.v8irgilio.it
127.0.0.1	v8rgilio.it
127.0.0.1	www.v8rgilio.it
127.0.0.1	v9irgilio.it
127.0.0.1	www.v9irgilio.it
127.0.0.1	v9rgilio.it
127.0.0.1	www.v9rgilio.it
127.0.0.1	vac-soft.com
127.0.0.1	www.vac-soft.com
127.0.0.1	vacwebsoft.com
127.0.0.1	www.vacwebsoft.com
127.0.0.1	vaginpics.com
127.0.0.1	valmyers.com
127.0.0.1	vapochille.com
127.0.0.1	www.vapochille.com
127.0.0.1	vaxcodec.com
127.0.0.1	www.vaxcodec.com
127.0.0.1	vaxdownload.com
127.0.0.1	www.vaxdownload.com
127.0.0.1	vaxobject.com
127.0.0.1	www.vaxobject.com
127.0.0.1	vaxobjectinstall.com
127.0.0.1	www.vaxobjectinstall.com
127.0.0.1	vbirgilio.it
127.0.0.1	www.vbirgilio.it
127.0.0.1	vcirgilio.it
127.0.0.1	www.vcirgilio.it
127.0.0.1	vcodec.com
127.0.0.1	www.vcodec.com
127.0.0.1	v-codec.com
127.0.0.1	www.v-codec.com
127.0.0.1	vcodec2007.com
127.0.0.1	www.vcodec2007.com
127.0.0.1	vcorriere.it
127.0.0.1	www.vcorriere.it
127.0.0.1	vegas-free.com
127.0.0.1	vegbuy.com
127.0.0.1	veloventures.com
127.0.0.1	verkaufen.wegvonviren.com
127.0.0.1	veryeasysearch.com
127.0.0.1	verzila.com
127.0.0.1	vesbiz.biz
127.0.0.1	veyyhlucwa.net
127.0.0.1	www.veyyhlucwa.net
127.0.0.1	vfirgilio.it
127.0.0.1	www.vfirgilio.it
127.0.0.1	vgazzetta.it
127.0.0.1	www.vgazzetta.it
127.0.0.1	vgirgilio.it
127.0.0.1	www.vgirgilio.it
127.0.0.1	vgoogle.it
127.0.0.1	www.vgoogle.it
127.0.0.1	vi4gilio.it
127.0.0.1	www.vi4gilio.it
127.0.0.1	vi4rgilio.it
127.0.0.1	www.vi4rgilio.it
127.0.0.1	vi5gilio.it
127.0.0.1	www.vi5gilio.it
127.0.0.1	vi5rgilio.it
127.0.0.1	www.vi5rgilio.it
127.0.0.1	vi8rgilio.it
127.0.0.1	www.vi8rgilio.it
127.0.0.1	vi9rgilio.it
127.0.0.1	www.vi9rgilio.it
127.0.0.1	vicodec.com
127.0.0.1	www.vicodec.com
127.0.0.1	victoriaadam.com
127.0.0.1	vidaccess.net
127.0.0.1	www.vidaccess.net
127.0.0.1	vidcodecs.com
127.0.0.1	www.vidcodecs.com
127.0.0.1	videoaccessactivex.com
127.0.0.1	www.videoaccessactivex.com
127.0.0.1	videoactivexlist.com
127.0.0.1	www.videoactivexlist.com
127.0.0.1	videoactivexmode.com
127.0.0.1	www.videoactivexmode.com
127.0.0.1	videoactivexnote.com
127.0.0.1	www.videoactivexnote.com
127.0.0.1	videoactivexsetup.com
127.0.0.1	www.videoactivexsetup.com
127.0.0.1	videoactivexsoft.com
127.0.0.1	www.videoactivexsoft.com
127.0.0.1	videoactivexsoftware.com
127.0.0.1	www.videoactivexsoftware.com
127.0.0.1	videoaxdata.com
127.0.0.1	www.videoaxdata.com
127.0.0.1	videoaxdownload.com
127.0.0.1	www.videoaxdownload.com
127.0.0.1	videoaxobject.com
127.0.0.1	www.videoaxobject.com
127.0.0.1	videoaxproject.com
127.0.0.1	www.videoaxproject.com

Julien · Answer

Part. 5 : (désolé pour la longueur, mais je préfère tout mettre, même si tout ne sert pas...) : 

127.0.0.1	videoaxsoftware.com
127.0.0.1	www.videoaxsoftware.com
127.0.0.1	videoaxsolution.com
127.0.0.1	www.videoaxsolution.com
127.0.0.1	videocategories.com
127.0.0.1	video-clips.in
127.0.0.1	www.video-clips.in
127.0.0.1	videoobjectax.com
127.0.0.1	www.videoobjectax.com
127.0.0.1	videoobjectmedia.com
127.0.0.1	www.videoobjectmedia.com
127.0.0.1	videos-access.com
127.0.0.1	www.videos-access.com
127.0.0.1	videosaccess.net
127.0.0.1	www.videosaccess.net
127.0.0.1	videoscodec.com
127.0.0.1	www.videoscodec.com
127.0.0.1	videosfan.com
127.0.0.1	www.videosfan.com
127.0.0.1	videosoftwareax.com
127.0.0.1	www.videosoftwareax.com
127.0.0.1	videossoftware.com
127.0.0.1	www.videossoftware.com
127.0.0.1	videowebproject.com
127.0.0.1	www.videowebproject.com
127.0.0.1	videozapping.com
127.0.0.1	www.videozapping.com
127.0.0.1	vidrgilio.it
127.0.0.1	www.vidrgilio.it
127.0.0.1	vids-access.com
127.0.0.1	www.vids-access.com
127.0.0.1	vidscodec.com
127.0.0.1	www.vidscodec.com
127.0.0.1	viegilio.it
127.0.0.1	www.viegilio.it
127.0.0.1	viergilio.it
127.0.0.1	www.viergilio.it
127.0.0.1	viewimageonline.com
127.0.0.1	www.viewimageonline.com
127.0.0.1	vifgilio.it
127.0.0.1	www.vifgilio.it
127.0.0.1	vifrgilio.it
127.0.0.1	www.vifrgilio.it
127.0.0.1	vigrgilio.it
127.0.0.1	www.vigrgilio.it
127.0.0.1	vigrilio.it
127.0.0.1	www.vigrilio.it
127.0.0.1	vijrgilio.it
127.0.0.1	www.vijrgilio.it
127.0.0.1	vikrgilio.it
127.0.0.1	www.vikrgilio.it
127.0.0.1	vilrgilio.it
127.0.0.1	www.vilrgilio.it
127.0.0.1	viorgilio.it
127.0.0.1	www.viorgilio.it
127.0.0.1	vipru.com
127.0.0.1	www.vipru.com
127.0.0.1	vir4gilio.it
127.0.0.1	www.vir4gilio.it
127.0.0.1	vir5gilio.it
127.0.0.1	www.vir5gilio.it
127.0.0.1	virbgilio.it
127.0.0.1	www.virbgilio.it
127.0.0.1	virbilio.it
127.0.0.1	www.virbilio.it
127.0.0.1	virdgilio.it
127.0.0.1	www.virdgilio.it
127.0.0.1	viregilio.it
127.0.0.1	www.viregilio.it
127.0.0.1	virfgilio.it
127.0.0.1	www.virfgilio.it
127.0.0.1	virg8ilio.it
127.0.0.1	www.virg8ilio.it
127.0.0.1	virg8lio.it
127.0.0.1	www.virg8lio.it
127.0.0.1	virg9ilio.it
127.0.0.1	www.virg9ilio.it
127.0.0.1	virg9lio.it
127.0.0.1	www.virg9lio.it
127.0.0.1	virgbilio.it
127.0.0.1	www.virgbilio.it
127.0.0.1	virgfilio.it
127.0.0.1	www.virgfilio.it
127.0.0.1	virghilio.it
127.0.0.1	www.virghilio.it
127.0.0.1	virgi8lio.it
127.0.0.1	www.virgi8lio.it
127.0.0.1	virgi9lio.it
127.0.0.1	www.virgi9lio.it
127.0.0.1	virgiilo.it
127.0.0.1	www.virgiilo.it
127.0.0.1	virgiio.it
127.0.0.1	www.virgiio.it
127.0.0.1	virgijlio.it
127.0.0.1	www.virgijlio.it
127.0.0.1	virgiklio.it
127.0.0.1	www.virgiklio.it
127.0.0.1	virgil8io.it
127.0.0.1	www.virgil8io.it
127.0.0.1	virgil9io.it
127.0.0.1	www.virgil9io.it
127.0.0.1	virgili0.it
127.0.0.1	www.virgili0.it
127.0.0.1	virgili8o.it
127.0.0.1	www.virgili8o.it
127.0.0.1	virgili9.it
127.0.0.1	www.virgili9.it
127.0.0.1	virgili9o.it
127.0.0.1	www.virgili9o.it
127.0.0.1	virgilijo.it
127.0.0.1	www.virgilijo.it
127.0.0.1	virgiliko.it
127.0.0.1	www.virgiliko.it
127.0.0.1	virgilil.it
127.0.0.1	www.virgilil.it
127.0.0.1	virgililo.it
127.0.0.1	www.virgililo.it
127.0.0.1	virgilio0.it
127.0.0.1	www.virgilio0.it
127.0.0.1	virgilio9.it
127.0.0.1	www.virgilio9.it
127.0.0.1	virgilioi.it
127.0.0.1	www.virgilioi.it
127.0.0.1	virgiliok.it
127.0.0.1	www.virgiliok.it
127.0.0.1	virgiliol.it
127.0.0.1	www.virgiliol.it
127.0.0.1	virgiliop.it
127.0.0.1	www.virgiliop.it
127.0.0.1	virgilipo.it
127.0.0.1	www.virgilipo.it
127.0.0.1	virgiliuo.it
127.0.0.1	www.virgiliuo.it
127.0.0.1	virgiljio.it
127.0.0.1	www.virgiljio.it
127.0.0.1	virgilkio.it
127.0.0.1	www.virgilkio.it
127.0.0.1	virgiloio.it
127.0.0.1	www.virgiloio.it
127.0.0.1	virgiloo.it
127.0.0.1	www.virgiloo.it
127.0.0.1	virgilpio.it
127.0.0.1	www.virgilpio.it
127.0.0.1	virgiluio.it
127.0.0.1	www.virgiluio.it
127.0.0.1	virgiluo.it
127.0.0.1	www.virgiluo.it
127.0.0.1	virgin-tgp.net
127.0.0.1	virgioio.it
127.0.0.1	www.virgioio.it
127.0.0.1	virgiolio.it
127.0.0.1	www.virgiolio.it
127.0.0.1	virgiplio.it
127.0.0.1	www.virgiplio.it
127.0.0.1	virgiulio.it
127.0.0.1	www.virgiulio.it
127.0.0.1	virgjilio.it
127.0.0.1	www.virgjilio.it
127.0.0.1	virgkilio.it
127.0.0.1	www.virgkilio.it
127.0.0.1	virgklio.it
127.0.0.1	www.virgklio.it
127.0.0.1	virglilio.it
127.0.0.1	www.virglilio.it
127.0.0.1	virgoilio.it
127.0.0.1	www.virgoilio.it
127.0.0.1	virgtilio.it
127.0.0.1	www.virgtilio.it
127.0.0.1	virguilio.it
127.0.0.1	www.virguilio.it
127.0.0.1	virgvilio.it
127.0.0.1	www.virgvilio.it
127.0.0.1	virgyilio.it
127.0.0.1	www.virgyilio.it
127.0.0.1	virhgilio.it
127.0.0.1	www.virhgilio.it
127.0.0.1	virtgilio.it
127.0.0.1	www.virtgilio.it
127.0.0.1	virtilio.it
127.0.0.1	www.virtilio.it
127.0.0.1	virtualcodec.com
127.0.0.1	www.virtualcodec.com
127.0.0.1	virtual-ticket.net
127.0.0.1	www.virtual-ticket.net
127.0.0.1	virusburst.com
127.0.0.1	www.virusburst.com
127.0.0.1	virusprotectpro.com
127.0.0.1	virusrescue.com
127.0.0.1	www.virusrescue.com
127.0.0.1	virvgilio.it
127.0.0.1	www.virvgilio.it
127.0.0.1	virvilio.it
127.0.0.1	www.virvilio.it
127.0.0.1	virygilio.it
127.0.0.1	www.virygilio.it
127.0.0.1	vitamins-for-each.com
127.0.0.1	vitrgilio.it
127.0.0.1	www.vitrgilio.it
127.0.0.1	viurgilio.it
127.0.0.1	www.viurgilio.it
127.0.0.1	vjirgilio.it
127.0.0.1	www.vjirgilio.it
127.0.0.1	vkirgilio.it
127.0.0.1	www.vkirgilio.it
127.0.0.1	vkrgilio.it
127.0.0.1	www.vkrgilio.it
127.0.0.1	vlirgilio.it
127.0.0.1	www.vlirgilio.it
127.0.0.1	voghp.com
127.0.0.1	www.voghp.com
127.0.0.1	void.truth-is-out-there.org
127.0.0.1	voirgilio.it
127.0.0.1	www.voirgilio.it
127.0.0.1	vorriere.it
127.0.0.1	www.vorriere.it
127.0.0.1	votehowe.org
127.0.0.1	vother.info
127.0.0.1	www.vother.info
127.0.0.1	votreenton.biz
127.0.0.1	www.votreenton.biz
127.0.0.1	vparivalka.com
127.0.0.1	vse-moe.biz
127.0.0.1	vskeylogger.nazwa.pl
127.0.0.1	www.vskeylogger.nazwa.pl
127.0.0.1	vuirgilio.it
127.0.0.1	www.vuirgilio.it
127.0.0.1	vxebony.com
127.0.0.1	wabq.com
127.0.0.1	wabu.com
127.0.0.1	wakeupdick.com
127.0.0.1	walitalia.it
127.0.0.1	www.walitalia.it
127.0.0.1	wanfuchina.com
127.0.0.1	www.wanfuchina.com
127.0.0.1	ware2006.com
127.0.0.1	www.ware2006.com
127.0.0.1	warez.com
127.0.0.1	www.warez.com
127.0.0.1	warningiepage.com
127.0.0.1	www.warningiepage.com
127.0.0.1	warnomore.org
127.0.0.1	watchonline.tv
127.0.0.1	www.watchonline.tv
127.0.0.1	watersport-specialties.com
127.0.0.1	wazzupnet.com
127.0.0.1	www.wazzupnet.com
127.0.0.1	wbay.it
127.0.0.1	www.wbay.it
127.0.0.1	wbkb.com
127.0.0.1	web.links4all.biz
127.0.0.1	web1000.com
127.0.0.1	webbuying.net
127.0.0.1	www.webbuying.net
127.0.0.1	web-codec.com
127.0.0.1	www.web-codec.com
127.0.0.1	webcoolsearch.com
127.0.0.1	web-entrance.co
127.0.0.1	webhancer.com
127.0.0.1	www.webhancer.com
127.0.0.1	web-homepage.net
127.0.0.1	Web-mediaplayer.com
127.0.0.1	www.Web-mediaplayer.com
127.0.0.1	webnetinfo.net
127.0.0.1	www.webnetinfo.net
127.0.0.1	web-nexus.net
127.0.0.1	websearch.com
127.0.0.1	www.websearch.com
127.0.0.1	web-search.tk
127.0.0.1	websearchdot.com
127.0.0.1	websopot.com
127.0.0.1	www.websopot.com
127.0.0.1	webtop100.net
127.0.0.1	www.webtop100.net
127.0.0.1	webtopsecurity.com
127.0.0.1	www.webtopsecurity.com
127.0.0.1	weekend-movies.com
127.0.0.1	wegvonviren.com
127.0.0.1	www.wegvonviren.com
127.0.0.1	wethere.com
127.0.0.1	www.wethere.com
127.0.0.1	wetpornostars.com
127.0.0.1	wfix.com
127.0.0.1	wflu.com
127.0.0.1	wg581.com
127.0.0.1	www.wg581.com
127.0.0.1	whatmetodonow.org
127.0.0.1	www.whatmetodonow.org
127.0.0.1	whatsyoursearch.com
127.0.0.1	whazit.com
127.0.0.1	white-pages.ws
127.0.0.1	whitescat.com
127.0.0.1	www.whitescat.com
127.0.0.1	whittierblvd.com
127.0.0.1	whoisprivacyprotect.com
127.0.0.1	www.whoisprivacyprotect.com
127.0.0.1	winamp2007.com
127.0.0.1	www.winamp2007.com
127.0.0.1	winamp-download-now.com
127.0.0.1	www.winamp-download-now.com
127.0.0.1	winamp-hq.com
127.0.0.1	www.winamp-hq.com
127.0.0.1	winantispam.com
127.0.0.1	www.winantispam.com
127.0.0.1	winantispy.com
127.0.0.1	www.winantispy.com
127.0.0.1	winantispyware.com
127.0.0.1	www.winantispyware.com
127.0.0.1	winantivirus.com
127.0.0.1	www.winantivirus.com
127.0.0.1	winantiviruspro.com
127.0.0.1	www.winantiviruspro.com
127.0.0.1	win-anti-virus-pro.com
127.0.0.1	www.win-anti-virus-pro.com
127.0.0.1	windowenhancer.com
127.0.0.1	windrivecleaner.com
127.0.0.1	www.windrivecleaner.com
127.0.0.1	windrivesafe.com
127.0.0.1	www.windrivesafe.com
127.0.0.1	windupdates.com
127.0.0.1	winfirewall.com
127.0.0.1	www.winfirewall.com
127.0.0.1	winfixer.com
127.0.0.1	www.winfixer.com
127.0.0.1	winfixer2006.com
127.0.0.1	www.winfixer2006.com
127.0.0.1	win-in-casino.com
127.0.0.1	winmediacodec.com
127.0.0.1	www.winmediacodec.com
127.0.0.1	winmsn.com
127.0.0.1	winmxfrance.com
127.0.0.1	www.winmxfrance.com
127.0.0.1	winmx-freebie.com
127.0.0.1	www.winmx-freebie.com
127.0.0.1	winmx-music-download.com
127.0.0.1	www.winmx-music-download.com
127.0.0.1	winnanny.com
127.0.0.1	www.winnanny.com
127.0.0.1	winprotect.net
127.0.0.1	winrar-download-now.com
127.0.0.1	www.winrar-download-now.com
127.0.0.1	winrar-hq.com
127.0.0.1	www.winrar-hq.com
127.0.0.1	winrar-stop.com
127.0.0.1	www.winrar-stop.com
127.0.0.1	winshow.biz
127.0.0.1	winsoftware.com
127.0.0.1	www.winsoftware.com
127.0.0.1	wintvguide.com
127.0.0.1	www.wintvguide.com
127.0.0.1	win-virus-pro.com
127.0.0.1	www.win-virus-pro.com
127.0.0.1	winzip-11.com
127.0.0.1	www.winzip-11.com
127.0.0.1	winzip-hq.com
127.0.0.1	www.winzip-hq.com
127.0.0.1	wiresearch.com
127.0.0.1	wish7.com
127.0.0.1	wm.buhartes.info
127.0.0.1	www.wm.buhartes.info
127.0.0.1	wm.kannylizaciya.info
127.0.0.1	www.wm.kannylizaciya.info
127.0.0.1	wm.komforochka.info
127.0.0.1	www.wm.komforochka.info
127.0.0.1	wm.vother.info
127.0.0.1	www.wm.vother.info
127.0.0.1	wolfpacracing.com
127.0.0.1	wonder-context.com
127.0.0.1	www.wonder-context.com
127.0.0.1	woool.100888290cs.com
127.0.0.1	wordlist.jps.ru
127.0.0.1	WorldAntiSpy.com
127.0.0.1	www.WorldAntiSpy.com
127.0.0.1	worldbestadult.com
127.0.0.1	www.worldbestadult.com
127.0.0.1	worldray.com
127.0.0.1	www.worldray.com
127.0.0.1	worldsecurityonline.biz
127.0.0.1	www.worldsecurityonline.biz
127.0.0.1	worldtostart.com
127.0.0.1	www.worldtostart.com
127.0.0.1	worldusa.com
127.0.0.1	worldwideadvertisingservices.info
127.0.0.1	www.worldwideadvertisingservices.info
127.0.0.1	wowsearch.org
127.0.0.1	www.wowsearch.org
127.0.0.1	wpc2001.org
127.0.0.1	wrs.mcboo.com
127.0.0.1	wspzone.sexpornonline.com
127.0.0.1	wsupereva.it
127.0.0.1	www.wsupereva.it
127.0.0.1	www.www2.p0rt2.com
127.0.0.1	www2.p0rt2.com
127.0.0.1	www224.paypopup.com
127.0.0.1	www3.bigtrafficnetwork.com
127.0.0.1	www3.hadesunharuikeya.com
127.0.0.1	www4free.info
127.0.0.1	www5.worldray.com
127.0.0.1	www6.worldray.com
127.0.0.1	www.www7.logih.com
127.0.0.1	www7.logih.com
127.0.0.1	wwwadobe-download-now.com
127.0.0.1	www.www-audacity.com
127.0.0.1	www-audacity.com
127.0.0.1	wwwbet.net
127.0.0.1	wwwbetting.net
127.0.0.1	wwwCrazygirls-world.com
127.0.0.1	wwwdownloadwizard.com
127.0.0.1	www.www-free-tunes.com
127.0.0.1	www-free-tunes.com
127.0.0.1	wwwpokergames.com
127.0.0.1	wwwpokerplayers.com
127.0.0.1	wwwroulette.net
127.0.0.1	www.wwwsearch.biz
127.0.0.1	wwwsearch.biz
127.0.0.1	wwwsearchdrive.info
127.0.0.1	www.www-spyboot.com
127.0.0.1	www-spyboot.com
127.0.0.1	www.www-spybot.net
127.0.0.1	www-spybot.net
127.0.0.1	wwww.2211.net
127.0.0.1	wwww.adnet-plus.com
127.0.0.1	www.www-win-mx.com
127.0.0.1	www-win-mx.com
127.0.0.1	wwwxtremesoftware-ltd.com
127.0.0.1	wwwyahoo.downloadznow.net
127.0.0.1	www.wzdq.cn
127.0.0.1	wzdq.cn
127.0.0.1	x.full-tgp.net
127.0.0.1	xads.cliks.org
127.0.0.1	www.xathzesocc.com
127.0.0.1	xathzesocc.com
127.0.0.1	xbeta69.com
127.0.0.1	www.xbxxrvnyes.com
127.0.0.1	xbxxrvnyes.com
127.0.0.1	xcomics4u.com
127.0.0.1	xcorriere.it
127.0.0.1	www.xcorriere.it
127.0.0.1	x-google.net
127.0.0.1	www.xibu315.com
127.0.0.1	xibu315.com
127.0.0.1	xic-bs.com
127.0.0.1	www.xjupiter.com
127.0.0.1	xjupiter.com
127.0.0.1	xldr.com
127.0.0.1	x-library.com
127.0.0.1	xlola.underagehost.com
127.0.0.1	xmlsearch.mygeek.com
127.0.0.1	xorriere.it
127.0.0.1	www.xorriere.it
127.0.0.1	www.xosearchox.com
127.0.0.1	xosearchox.com
127.0.0.1	xp.attrezzi.biz
127.0.0.1	xp18.com
127.0.0.1	www.xpassgenerator.com
127.0.0.1	xpassgenerator.com
127.0.0.1	www.xpasswordmanager.com
127.0.0.1	xpasswordmanager.com
127.0.0.1	www.xp-vista.com
127.0.0.1	xp-vista.com
127.0.0.1	www.x-ratedclips.com
127.0.0.1	x-ratedclips.com
127.0.0.1	www.xrenoder.com
127.0.0.1	xrenoder.com
127.0.0.1	xrenosearch.com
127.0.0.1	xrensmagpost.com
127.0.0.1	www.xsec.org
127.0.0.1	xsec.org
127.0.0.1	xsex.ws
127.0.0.1	www.xsremover.com
127.0.0.1	xsremover.com
127.0.0.1	www.xtipp.de
127.0.0.1	xtipp.de
127.0.0.1	xtosearch.biz
127.0.0.1	www.xtosearch.biz
127.0.0.1	xtragay.com
127.0.0.1	xtremesoftware-ltd.com
127.0.0.1	xu.pl
127.0.0.1	xu.xu.pl
127.0.0.1	xupiter.com
127.0.0.1	www.xupiter.com
127.0.0.1	www.xvgate.com
127.0.0.1	xvgate.com
127.0.0.1	x-webdesign.com
127.0.0.1	www.xwebsearch.biz
127.0.0.1	xwebsearch.biz
127.0.0.1	xxlblog.info
127.0.0.1	www.xxlblog.info
127.0.0.1	xxx.com
127.0.0.1	www.xxx.com
127.0.0.1	www.xxxallvideo.com
127.0.0.1	xxxallvideo.com
127.0.0.1	xxxcategories.com
127.0.0.1	xxxemailxxx.com
127.0.0.1	www.xxxmovietour.com
127.0.0.1	xxxmovietour.com
127.0.0.1	www.xxxteenfilm.com
127.0.0.1	xxxteenfilm.com
127.0.0.1	xxxtoolbar.com
127.0.0.1	www.xxxzonevideo.com
127.0.0.1	xxxzonevideo.com
127.0.0.1	xzoomy.com
127.0.0.1	www.yahabags.com
127.0.0.1	yahabags.com
127.0.0.1	yahoo.downloadznow.net
127.0.0.1	yahoo.panet.org
127.0.0.1	yboeragu.com
127.0.0.1	www.yboeragu.com
127.0.0.1	yeak.net
127.0.0.1	y-e-l-l-o-w.com
127.0.0.1	yellow500.com
127.0.0.1	yezol.com
127.0.0.1	ygoogle.it
127.0.0.1	www.ygoogle.it
127.0.0.1	www.ygsondheks.info
127.0.0.1	ygsondheks.info
127.0.0.1	www.yim-stop.com
127.0.0.1	yim-stop.com
127.0.0.1	yiscali.it
127.0.0.1	www.yiscali.it
127.0.0.1	ymctavxiz.biz
127.0.0.1	www.ymctavxiz.biz
127.0.0.1	www.yoogee.com
127.0.0.1	yoogee.com
127.0.0.1	yoogle.it
127.0.0.1	www.yoogle.it
127.0.0.1	yootube.info
127.0.0.1	www.yops.biz
127.0.0.1	yops.biz
127.0.0.1	youfindall.com
127.0.0.1	youfindall.net
127.0.0.1	yourbookmarks.info
127.0.0.1	yourbookmarks.ws
127.0.0.1	www.yourcodec.com
127.0.0.1	yourcodec.com
127.0.0.1	www.yourieprotect.com
127.0.0.1	yourieprotect.com
127.0.0.1	www.youriesafety.com
127.0.0.1	youriesafety.com
127.0.0.1	www.youriesecure.com
127.0.0.1	youriesecure.com
127.0.0.1	your-prescriptions.net
127.0.0.1	www.yoursearchspace.com
127.0.0.1	yoursearchspace.com
127.0.0.1	yoursitebar.com
127.0.0.1	you-search.com.ru
127.0.0.1	you-search.com
127.0.0.1	ypir.com
127.0.0.1	ysa-info.net
127.0.0.1	www.ysbweb.com
127.0.0.1	ysbweb.com
127.0.0.1	ytiscali.it
127.0.0.1	www.ytiscali.it
127.0.0.1	ytrenitalia.it
127.0.0.1	www.ytrenitalia.it
127.0.0.1	yukohamano.com
127.0.0.1	yunibo.it
127.0.0.1	www.yunibo.it
127.0.0.1	ywebsearch.info
127.0.0.1	www.zabywjwzlr.biz.biz
127.0.0.1	zabywjwzlr.biz.biz
127.0.0.1	zalitalia.it
127.0.0.1	www.zalitalia.it
127.0.0.1	www.zangocash.com
127.0.0.1	zangocash.com
127.0.0.1	zapros.com
127.0.0.1	www.zcodec.com
127.0.0.1	zcodec.com
127.0.0.1	www.zdrqmpad.com
127.0.0.1	zdrqmpad.com
127.0.0.1	www.zelaznyworld.com
127.0.0.1	zelaznyworld.com
127.0.0.1	www.zenotecnico.com
127.0.0.1	zenotecnico.com
127.0.0.1	www.zenotecnico2.com
127.0.0.1	zenotecnico2.com
127.0.0.1	zero.bestmanage.org
127.0.0.1	zero.bestmanage0.org
127.0.0.1	zero.bestmanage1.org
127.0.0.1	zero.bestmanage2.org
127.0.0.1	zero.bestmanage3.org
127.0.0.1	zero.bestmanage4.org
127.0.0.1	zero.bestmanage5.org
127.0.0.1	zero.bestmanage6.org
127.0.0.1	zero.bestmanage7.org
127.0.0.1	zero.bestmanage8.org
127.0.0.1	zero.bestmanage9.org
127.0.0.1	zero.serverc.org
127.0.0.1	zero.sisdotnet.com
127.0.0.1	www.zero-codec.com
127.0.0.1	zero-codec.com
127.0.0.1	zesearch.com
127.0.0.1	www.zestyfind.com
127.0.0.1	zestyfind.com
127.0.0.1	www.zfxaqzkevi.com
127.0.0.1	zfxaqzkevi.com
127.0.0.1	www.zhmbscwdgk.biz
127.0.0.1	zhmbscwdgk.biz
127.0.0.1	www.zipcodec.com
127.0.0.1	zipcodec.com
127.0.0.1	ziportal.com
127.0.0.1	zipportal.com
127.0.0.1	www.zippy-lookup.com
127.0.0.1	zippy-lookup.com
127.0.0.1	www.zjkjw.gov.cn
127.0.0.1	zjkjw.gov.cn
127.0.0.1	www.znext.com
127.0.0.1	znext.com
127.0.0.1	www.zonealarm-download-now.com
127.0.0.1	zonealarm-download-now.com
127.0.0.1	www.zonealarm-stop.com
127.0.0.1	zonealarm-stop.com
127.0.0.1	www.zone-media.com
127.0.0.1	zone-media.com
127.0.0.1	zoneoffreeporn.com
127.0.0.1	zoofil.com
127.0.0.1	zoomegasite.com
127.0.0.1	zpwebsource.com
127.0.0.1	www.zpwebsource.com
127.0.0.1	zqavanjpn.biz
127.0.0.1	www.zqavanjpn.biz
127.0.0.1	www.z-quest.com
127.0.0.1	z-quest.com
127.0.0.1	zsupereva.it
127.0.0.1	www.zsupereva.it
127.0.0.1	www.zurrusco.com
127.0.0.1	zurrusco.com
127.0.0.1	zvimigdal.com
127.0.0.1	www.zxlinks.com
127.0.0.1	zxlinks.com
127.0.0.1	zyban-zocor-levitra.com
127.0.0.1	errordoctor.com
127.0.0.1	www.errordoctor.com
127.0.0.1	performanceoptimizer.com
127.0.0.1	www.performanceoptimizer.com
127.0.0.1	680180.net
127.0.0.1	www.680180.net
127.0.0.1	aaabesthomepage.com
127.0.0.1	www.aaabesthomepage.com
127.0.0.1	adlogix.com
127.0.0.1	www.adlogix.com
127.0.0.1	decknews.com
127.0.0.1	www.decknews.com
127.0.0.1	update.680180.net
127.0.0.1	websearch24.com
127.0.0.1	www.websearch24.com
127.0.0.1	addioerrori.com
127.0.0.1	www.addioerrori.com
127.0.0.1	antivirusgereedschap.com
127.0.0.1	www.antivirusgereedschap.com
127.0.0.1	aucunsvirus.com
127.0.0.1	www.aucunsvirus.com
127.0.0.1	echterschutz.com
127.0.0.1	www.echterschutz.com
127.0.0.1	fiksfeil.com
127.0.0.1	www.fiksfeil.com
127.0.0.1	harddrevvagt.com
127.0.0.1	www.harddrevvagt.com
127.0.0.1	herramientadereparacion.com
127.0.0.1	www.herramientadereparacion.com
127.0.0.1	hukommelsesbeskytter.com
127.0.0.1	www.hukommelsesbeskytter.com
127.0.0.1	kyoishusei.com
127.0.0.1	www.kyoishusei.com
127.0.0.1	megaviruskit.com
127.0.0.1	www.megaviruskit.com
127.0.0.1	memoiredefenseur.com
127.0.0.1	www.memoiredefenseur.com
127.0.0.1	mendingtool.com
127.0.0.1	www.mendingtool.com
127.0.0.1	minnesverktyg.com
127.0.0.1	www.minnesverktyg.com
127.0.0.1	nientevirus.com
127.0.0.1	www.nientevirus.com
127.0.0.1	pcopschoner.com
127.0.0.1	www.pcopschoner.com
127.0.0.1	pcopschoningsstel.com
127.0.0.1	www.pcopschoningsstel.com
127.0.0.1	puliscitutto.com
127.0.0.1	www.puliscitutto.com
127.0.0.1	rensningverktyg.com
127.0.0.1	www.rensningverktyg.com
127.0.0.1	reparameacas.com
127.0.0.1	www.reparameacas.com
127.0.0.1	reparamenazas.com
127.0.0.1	www.reparamenazas.com
127.0.0.1	reparetudo.com
127.0.0.1	www.reparetudo.com
127.0.0.1	shufukutsuru.com
127.0.0.1	www.shufukutsuru.com
127.0.0.1	sicheressystem.com
127.0.0.1	www.sicheressystem.com
127.0.0.1	syskontroller.com
127.0.0.1	www.syskontroller.com
127.0.0.1	trustedantivirus.com
127.0.0.1	www.trustedantivirus.com
127.0.0.1	utiledeprotection.com
127.0.0.1	www.utiledeprotection.com
127.0.0.1	web-fastserve.com
127.0.0.1	www.web-fastserve.com
127.0.0.1	prettycodec.com
127.0.0.1	www.prettycodec.com
127.0.0.1	ricenhancement.com
127.0.0.1	www.ricenhancement.com
127.0.0.1	hotcodec.net
127.0.0.1	www.hotcodec.net
127.0.0.1	nicecodec.net
127.0.0.1	www.nicecodec.net
127.0.0.1	hoetechnology.com
127.0.0.1	www.hoetechnology.com
127.0.0.1	xyzlimited.com
127.0.0.1	www.xyzlimited.com
127.0.0.1	servicevah.com
127.0.0.1	www.servicevah.com
127.0.0.1	webspyshield.com
127.0.0.1	www.webspyshield.com
127.0.0.1	bestsearch.cc
127.0.0.1	www.bestsearch.cc
127.0.0.1	dapsol.com
127.0.0.1	www.dapsol.com
127.0.0.1	hacker.com.cn
127.0.0.1	www.hacker.com.cn
127.0.0.1	envolo.peopleonpage.com
127.0.0.1	node2.ocslab.com
127.0.0.1	ocslab.com
127.0.0.1	www.ocslab.com
127.0.0.1	peopleonpage.com
127.0.0.1	www.peopleonpage.com
127.0.0.1	adchannel.contextplus.net
127.0.0.1	contextplus.net
127.0.0.1	www.contextplus.net
127.0.0.1	dload.contextplus.net
127.0.0.1	download.contextplus.net
127.0.0.1	ge.net
127.0.0.1	www.ge.net
127.0.0.1	70-music.com
127.0.0.1	www.70-music.com
127.0.0.1	80-music.com
127.0.0.1	www.80-music.com
127.0.0.1	90-music.com
127.0.0.1	www.90-music.com
127.0.0.1	addetect.com
127.0.0.1	www.addetect.com
127.0.0.1	adsniffer.com
127.0.0.1	www.adsniffer.com
127.0.0.1	adwarecommander.com
127.0.0.1	www.adwarecommander.com
127.0.0.1	adwaregold.com
127.0.0.1	www.adwaregold.com
127.0.0.1	adwarepatrol.com
127.0.0.1	www.adwarepatrol.com
127.0.0.1	adwareplatinum.com
127.0.0.1	www.adwareplatinum.com
127.0.0.1	adwareremover.ws
127.0.0.1	www.adwareremover.ws
127.0.0.1	adwaresafety.com
127.0.0.1	www.adwaresafety.com
127.0.0.1	adwarexp.com
127.0.0.1	www.adwarexp.com
127.0.0.1	alertspy.com
127.0.0.1	www.alertspy.com
127.0.0.1	americanautobargains.com
127.0.0.1	www.americanautobargains.com
127.0.0.1	antispamassistant.com
127.0.0.1	www.antispamassistant.com
127.0.0.1	antispamdeluxe.com
127.0.0.1	www.antispamdeluxe.com
127.0.0.1	antispyadvanced.com
127.0.0.1	www.antispyadvanced.com
127.0.0.1	antispywarexp.com
127.0.0.1	www.antispywarexp.com
127.0.0.1	antivirusadvance.com
127.0.0.1	www.antivirusadvance.com
127.0.0.1	antiviruspremium.com
127.0.0.1	www.antiviruspremium.com
127.0.0.1	ares.click-new-download.com
127.0.0.1	www.ares.click-new-download.com
127.0.0.1	autobargains.org
127.0.0.1	www.autobargains.org
127.0.0.1	autobargainsnetwork.com
127.0.0.1	www.autobargainsnetwork.com
127.0.0.1	avadvance.com
127.0.0.1	www.avadvance.com
127.0.0.1	bearshare.click-new-download.com
127.0.0.1	www.bearshare.click-new-download.com
127.0.0.1	bittorrent.click-new-download.com
127.0.0.1	www.bittorrent.click-new-download.com
127.0.0.1	burningsite.com
127.0.0.1	www.burningsite.com
127.0.0.1	cdcopysite.com
127.0.0.1	www.cdcopysite.com
127.0.0.1	cinemadownload.com
127.0.0.1	www.cinemadownload.com
127.0.0.1	courtrecordslookup.com
127.0.0.1	www.courtrecordslookup.com
127.0.0.1	dateanybabe.com
127.0.0.1	www.dateanybabe.com
127.0.0.1	dateanychick.com
127.0.0.1	www.dateanychick.com
127.0.0.1	datingdoctorsite.com
127.0.0.1	www.datingdoctorsite.com
127.0.0.1	detectivehound.com
127.0.0.1	www.detectivehound.com
127.0.0.1	detectivesearches.com
127.0.0.1	www.detectivesearches.com
127.0.0.1	downloadacceleratorsite.com
127.0.0.1	www.downloadacceleratorsite.com
127.0.0.1	downloadaresnow.com
127.0.0.1	www.downloadaresnow.com
127.0.0.1	dvdxgold.com
127.0.0.1	www.dvdxgold.com
127.0.0.1	dvdxpremium.com
127.0.0.1	www.dvdxpremium.com
127.0.0.1	easycdrip.com
127.0.0.1	www.easycdrip.com
127.0.0.1	easymovieplayer.com
127.0.0.1	www.easymovieplayer.com
127.0.0.1	easymus.cn
127.0.0.1	www.easymus.cn
127.0.0.1	easypspdownloads.com
127.0.0.1	www.easypspdownloads.com
127.0.0.1	e-mp3now.com
127.0.0.1	www.e-mp3now.com
127.0.0.1	emule.click-new-download.com
127.0.0.1	www.emule.click-new-download.com
127.0.0.1	etdscanner.com
127.0.0.1	www.etdscanner.com
127.0.0.1	ezdvdx.com
127.0.0.1	www.ezdvdx.com
127.0.0.1	fastmp.net
127.0.0.1	www.fastmp.net
127.0.0.1	fastpspdownloads.com
127.0.0.1	www.fastpspdownloads.com
127.0.0.1	fasttvdownloads.com
127.0.0.1	www.fasttvdownloads.com
127.0.0.1	fidoproblems.com
127.0.0.1	www.fidoproblems.com
127.0.0.1	filesharing-downloads.com
127.0.0.1	www.filesharing-downloads.com
127.0.0.1	filevoom.com
127.0.0.1	www.filevoom.com
127.0.0.1	firewallgold.com
127.0.0.1	www.firewallgold.com
127.0.0.1	firewallprotectionpro.com
127.0.0.1	www.firewallprotectionpro.com
127.0.0.1	firewallprotectionsite.com
127.0.0.1	www.firewallprotectionsite.com
127.0.0.1	firewallprotector.com
127.0.0.1	www.firewallprotector.com
127.0.0.1	frostwire.click-new-download.com
127.0.0.1	www.frostwire.click-new-download.com
127.0.0.1	fullmusicdownload.com
127.0.0.1	www.fullmusicdownload.com
127.0.0.1	fullpaidsurveys.com
127.0.0.1	www.fullpaidsurveys.com
127.0.0.1	fullsoftwarecenter.com
127.0.0.1	www.fullsoftwarecenter.com
127.0.0.1	fulltvdownloading.com
127.0.0.1	www.fulltvdownloading.com
127.0.0.1	getpcmusic.com
127.0.0.1	www.getpcmusic.com
127.0.0.1	get-zune.com
127.0.0.1	www.get-zune.com
127.0.0.1	goldensurvey.com
127.0.0.1	www.goldensurvey.com
127.0.0.1	guyvsgirl.com
127.0.0.1	www.guyvsgirl.com
127.0.0.1	hotmp3download.com
127.0.0.1	www.hotmp3download.com
127.0.0.1	hotmp3now.com
127.0.0.1	www.hotmp3now.com
127.0.0.1	imesh.click-new-download.com
127.0.0.1	www.imesh.click-new-download.com
127.0.0.1	imp3download.com
127.0.0.1	www.imp3download.com
127.0.0.1	imusicadvance.com
127.0.0.1	www.imusicadvance.com
127.0.0.1	instantpsp.com
127.0.0.1	www.instantpsp.com
127.0.0.1	ipo.net
127.0.0.1	www.ipo.net
127.0.0.1	ipoddownloadingpro.com
127.0.0.1	www.ipoddownloadingpro.com
127.0.0.1	ipod-wiz.com
127.0.0.1	www.ipod-wiz.com
127.0.0.1	ipspdownload.com
127.0.0.1	www.ipspdownload.com
127.0.0.1	itvdownload.com
127.0.0.1	www.itvdownload.com
127.0.0.1	k9instructor.com
127.0.0.1	www.k9instructor.com
127.0.0.1	klitegeneration.com
127.0.0.1	www.klitegeneration.com
127.0.0.1	k-litegold.com
127.0.0.1	www.k-litegold.com
127.0.0.1	klitepro.com
127.0.0.1	www.klitepro.com
127.0.0.1	k-litepro.com
127.0.0.1	www.k-litepro.com
127.0.0.1	k-litetk.com
127.0.0.1	www.k-litetk.com
127.0.0.1	limewire.click-new-download.com
127.0.0.1	www.limewire.click-new-download.com
127.0.0.1	masterpsp.com
127.0.0.1	www.masterpsp.com
127.0.0.1	mediaburning.com
127.0.0.1	www.mediaburning.com
127.0.0.1	microantivirus.com
127.0.0.1	www.microantivirus.com
127.0.0.1	microantivirusxp.com
127.0.0.1	www.microantivirusxp.com
127.0.0.1	morpheus.click-new-download.com
127.0.0.1	www.morpheus.click-new-download.com
127.0.0.1	moviedownloadreview.biz
127.0.0.1	www.moviedownloadreview.biz
127.0.0.1	mp3downloadin.net
127.0.0.1	www.mp3downloadin.net
127.0.0.1	mp3downloadpro.com
127.0.0.1	www.mp3downloadpro.com
127.0.0.1	mp3downloadsnow.com
127.0.0.1	www.mp3downloadsnow.com
127.0.0.1	mp3easyplay.com
127.0.0.1	www.mp3easyplay.com
127.0.0.1	mp3musicdirect.com
127.0.0.1	www.mp3musicdirect.com
127.0.0.1	mp3musichit.com
127.0.0.1	www.mp3musichit.com
127.0.0.1	mp3must.com
127.0.0.1	www.mp3must.com
127.0.0.1	mp3review.biz
127.0.0.1	www.mp3review.biz
127.0.0.1	mp3universal.net
127.0.0.1	www.mp3universal.net
127.0.0.1	musicaccess.com
127.0.0.1	www.musicaccess.com
127.0.0.1	musicsite.com
127.0.0.1	www.musicsite.com
127.0.0.1	myipodaccess.com
127.0.0.1	www.myipodaccess.com
127.0.0.1	my-ipodaccess.com
127.0.0.1	www.my-ipodaccess.com
127.0.0.1	mypspcenter.com
127.0.0.1	www.mypspcenter.com
127.0.0.1	mypspdownloading.com
127.0.0.1	www.mypspdownloading.com
127.0.0.1	myvirusguardian.com
127.0.0.1	www.myvirusguardian.com
127.0.0.1	netdogtrainer.com
127.0.0.1	www.netdogtrainer.com
127.0.0.1	netfreemoney.com
127.0.0.1	www.netfreemoney.com
127.0.0.1	netonlineinvestigators.com
127.0.0.1	www.netonlineinvestigators.com
127.0.0.1	netpaidsurveys.com
127.0.0.1	www.netpaidsurveys.com
127.0.0.1	netpspdownloads.com
127.0.0.1	www.netpspdownloads.com
127.0.0.1	netpspmovies.com
127.0.0.1	www.netpspmovies.com
127.0.0.1	onlineinvestigator.com
127.0.0.1	www.onlineinvestigator.com
127.0.0.1	paidshopping.com
127.0.0.1	www.paidshopping.com
127.0.0.1	paidsurveys.com
127.0.0.1	www.paidsurveys.com
127.0.0.1	penile-enlargement.biz
127.0.0.1	www.penile-enlargement.biz
127.0.0.1	peoplelookup.info
127.0.0.1	www.peoplelookup.info
127.0.0.1	peopleregistry.info
127.0.0.1	www.peopleregistry.info
127.0.0.1	peoplesearchengine.info
127.0.0.1	www.peoplesearchengine.info
127.0.0.1	pestbot.com
127.0.0.1	www.pestbot.com
127.0.0.1	pestguardian.com
127.0.0.1	www.pestguardian.com
127.0.0.1	platinumrevi.ws
127.0.0.1	www.platinumrevi.ws
127.0.0.1	proadware.com
127.0.0.1	www.proadware.com
127.0.0.1	publicrecordlookup.com
127.0.0.1	www.publicrecordlookup.com
127.0.0.1	quickdvdcopy.com
127.0.0.1	www.quickdvdcopy.com
127.0.0.1	quickipoddownloads.com
127.0.0.1	www.quickipoddownloads.com
127.0.0.1	registryassistant.com
127.0.0.1	www.registryassistant.com
127.0.0.1	registrydebug.com
127.0.0.1	www.registrydebug.com
127.0.0.1	registryrepair.ws
127.0.0.1	www.registryrepair.ws
127.0.0.1	repocarfinder.com
127.0.0.1	www.repocarfinder.com
127.0.0.1	reverseindexlookup.com
127.0.0.1	www.reverseindexlookup.com
127.0.0.1	reversephonesite.com
127.0.0.1	www.reversephonesite.com
127.0.0.1	shareaza.click-new-download.com
127.0.0.1	www.shareaza.click-new-download.com
127.0.0.1	softwaresite.com
127.0.0.1	www.softwaresite.com
127.0.0.1	spyadvanced.com
127.0.0.1	www.spyadvanced.com
127.0.0.1	spywarecommander.com
127.0.0.1	www.spywarecommander.com
127.0.0.1	spywaredeluxe.com
127.0.0.1	www.spywaredeluxe.com
127.0.0.1	spywareremoval.ws
127.0.0.1	www.spywareremoval.ws
127.0.0.1	spywarexp.com
127.0.0.1	www.spywarexp.com
127.0.0.1	suprnova.cn
127.0.0.1	www.suprnova.cn
127.0.0.1	thespamblock.com
127.0.0.1	www.thespamblock.com
127.0.0.1	topmp3choices.com
127.0.0.1	www.topmp3choices.com
127.0.0.1	tvadvanced.com
127.0.0.1	www.tvadvanced.com
127.0.0.1	tvnowsite.com
127.0.0.1	www.tvnowsite.com
127.0.0.1	tvshowcollection.com
127.0.0.1	www.tvshowcollection.com
127.0.0.1	ultimatemp3player.com
127.0.0.1	www.ultimatemp3player.com
127.0.0.1	ultimatevideosite.com
127.0.0.1	www.ultimatevideosite.com
127.0.0.1	unknownip.com
127.0.0.1	www.unknownip.com
127.0.0.1	unlimite.net
127.0.0.1	www.unlimite.net
127.0.0.1	unlimitedmp3downloads.com
127.0.0.1	www.unlimitedmp3downloads.com
127.0.0.1	unlimitedtvshowdownload.com
127.0.0.1	www.unlimitedtvshowdownload.com
127.0.0.1	videoplayersite.com
127.0.0.1	www.videoplayersite.com
127.0.0.1	viruscrusher.com
127.0.0.1	www.viruscrusher.com
127.0.0.1	virusnuke.com
127.0.0.1	www.virusnuke.com
127.0.0.1	virusscansite.com
127.0.0.1	www.virusscansite.com
127.0.0.1	webaccelerating.com
127.0.0.1	www.webaccelerating.com
127.0.0.1	webinvestigator.com
127.0.0.1	www.webinvestigator.com
127.0.0.1	webiphoneaccess.com
127.0.0.1	www.webiphoneaccess.com
127.0.0.1	webiphonedownloads.com
127.0.0.1	www.webiphonedownloads.com
127.0.0.1	webipoddownload.com
127.0.0.1	www.webipoddownload.com
127.0.0.1	webpspdownload.com
127.0.0.1	www.webpspdownload.com
127.0.0.1	winmx.click-new-download.com
127.0.0.1	www.winmx.click-new-download.com
127.0.0.1	click-new-download.com
127.0.0.1	www.click-new-download.com
127.0.0.1	mp3mus.cn
127.0.0.1	www.mp3mus.cn
127.0.0.1	clckm.com
127.0.0.1	www.clckm.com
127.0.0.1	forseo.com
127.0.0.1	www.forseo.com
127.0.0.1	searchdom.net
127.0.0.1	www.searchdom.net
127.0.0.1	www.www-Spybot.net
127.0.0.1	adultsonlyvids.com
127.0.0.1	www.adultsonlyvids.com
127.0.0.1	bestfuckvids.com
127.0.0.1	www.bestfuckvids.com
127.0.0.1	bestxclips.com
127.0.0.1	www.bestxclips.com
127.0.0.1	bestxxxmpegs.com
127.0.0.1	www.bestxxxmpegs.com
127.0.0.1	downloadxmoveis.com
127.0.0.1	www.downloadxmoveis.com
127.0.0.1	downloadxvids.com
127.0.0.1	www.downloadxvids.com
127.0.0.1	dvicodec.com
127.0.0.1	www.dvicodec.com
127.0.0.1	efcsoftware.com
127.0.0.1	www.efcsoftware.com
127.0.0.1	exclusivexxxclips.com
127.0.0.1	www.exclusivexxxclips.com
127.0.0.1	freeclipoftheday.com
127.0.0.1	www.freeclipoftheday.com
127.0.0.1	freefuckmovs.com
127.0.0.1	www.freefuckmovs.com
127.0.0.1	fulltimevideos.com
127.0.0.1	www.fulltimevideos.com
127.0.0.1	getdailyimages.com
127.0.0.1	www.getdailyimages.com
127.0.0.1	getfreepornvideo.com
127.0.0.1	www.getfreepornvideo.com
127.0.0.1	getpornvideoz.com
127.0.0.1	www.getpornvideoz.com
127.0.0.1	getxmovies.com
127.0.0.1	www.getxmovies.com
127.0.0.1	gigacodec.net
127.0.0.1	www.gigacodec.net
127.0.0.1	givemepornvids.com
127.0.0.1	www.givemepornvids.com
127.0.0.1	hqadultvideos.com
127.0.0.1	www.hqadultvideos.com
127.0.0.1	hqexplicitvids.com
127.0.0.1	www.hqexplicitvids.com
127.0.0.1	hugefreevids.com
127.0.0.1	www.hugefreevids.com
127.0.0.1	imagesezine.com
127.0.0.1	www.imagesezine.com
127.0.0.1	morexvids.com
127.0.0.1	www.morexvids.com
127.0.0.1	mpegcodec.net
127.0.0.1	www.mpegcodec.net
127.0.0.1	mpeghouse.com
127.0.0.1	www.mpeghouse.com
127.0.0.1	newpornmovs.com
127.0.0.1	www.newpornmovs.com
127.0.0.1	onlybestpornmovies.com
127.0.0.1	www.onlybestpornmovies.com
127.0.0.1	pbaperformance.com
127.0.0.1	www.pbaperformance.com
127.0.0.1	pornclipstube.com
127.0.0.1	www.pornclipstube.com
127.0.0.1	pornmoviesindex.com
127.0.0.1	www.pornmoviesindex.com
127.0.0.1	privatexclips.com
127.0.0.1	www.privatexclips.com
127.0.0.1	sexclipsdownload.com
127.0.0.1	www.sexclipsdownload.com
127.0.0.1	smutgates.com
127.0.0.1	www.smutgates.com
127.0.0.1	spicypornvideos.com
127.0.0.1	www.spicypornvideos.com
127.0.0.1	topsmutclips.com
127.0.0.1	www.topsmutclips.com
127.0.0.1	x-porngalleries.com
127.0.0.1	www.x-porngalleries.com
127.0.0.1	x-pornmoviez.com
127.0.0.1	www.x-pornmoviez.com
127.0.0.1	xrdenterprise.com
127.0.0.1	www.xrdenterprise.com
127.0.0.1	xtravideos.com
127.0.0.1	www.xtravideos.com
127.0.0.1	xvidscollection.com
127.0.0.1	www.xvidscollection.com
127.0.0.1	xxxpornmovs.com
127.0.0.1	www.xxxpornmovs.com
127.0.0.1	yourphotozone.com
127.0.0.1	www.yourphotozone.com
127.0.0.1	ibsprogram.com
127.0.0.1	wwwibsprogram.com
127.0.0.1	nfzsolution.com
127.0.0.1	www.nfzsolution.com
127.0.0.1	ixcodec.com
127.0.0.1	www.ixcodec.com
127.0.0.1	delficodec.com
127.0.0.1	www.delficodec.com

==================================
Process Privileges Scan
Special Privilege Enabled: SeLoadDriverPrivilege [PID = 280, C:\PROGRAM FILES\AVIRA\ANTIVIR PERSONALEDITION CLASSIC\AVGUARD.EXE]
Special Privilege Enabled: SeLoadDriverPrivilege [PID = 748, C:\PROGRAM FILES\AVIRA\ANTIVIR PERSONALEDITION CLASSIC\AVGNT.EXE]

==================================
API HOOK
N/A

==================================
Hidden Process
N/A

==================================


[/CODE]

Julien · Answer

Enfin !!! Fin du rapport SREng !!! :-)

Rapport DiagHelp :

DiagHelp version v1.3 - http://www.malekal.com
excute le 28/10/2007 à 22:25:43,26

Liste des derniers fichies modifies/crees dans windir\system32 et prefetch
C:\WINDOWS\prefetch\Layout.ini -->27/10/2007 14:09:54
C:\WINDOWS\prefetch\WSCNTFY.EXE-1B24F5EB.pf -->21/10/2007 04:35:46
C:\WINDOWS\prefetch\FIREFOX.EXE-28641590.pf -->21/10/2007 04:35:14
C:\WINDOWS\prefetch\ASHCHEST.EXE-0FED8209.pf -->21/10/2007 04:31:31
C:\WINDOWS\prefetch\ASHSIMPL.EXE-14F851AB.pf -->21/10/2007 04:31:27
C:\WINDOWS\prefetch\ASHAVAST.EXE-12F63458.pf -->21/10/2007 04:31:17
C:\WINDOWS\prefetch\IEXPLORE.EXE-27122324.pf -->21/10/2007 04:29:38
C:\WINDOWS\prefetch\UPDCLIENT.EXE-215FC96B.pf -->21/10/2007 04:23:33
C:\WINDOWS\prefetch\SETUP.OVR-154CE291.pf -->21/10/2007 04:16:42
C:\WINDOWS\prefetch\AVAST.SETUP-032170A8.pf -->21/10/2007 04:16:34

C:\WINDOWS\System32\drivers\fidbox.dat -->28/10/2007 22:24:30
C:\WINDOWS\System32\drivers\fidbox.idx -->28/10/2007 14:50:26
C:\WINDOWS\System32\drivers\avipbb.sys -->27/10/2007 02:19:03
C:\WINDOWS\System32\drivers\NSDriver.sys -->21/10/2007 05:35:51
C:\WINDOWS\System32\drivers\AWRTRD.sys -->21/10/2007 05:35:51
C:\WINDOWS\System32\drivers\klin.dat -->19/10/2007 19:28:02
C:\WINDOWS\System32\drivers\klick.dat -->19/10/2007 19:28:02

C:\WINDOWS\System32\nvapps.xml -->28/10/2007 18:18:46
C:\WINDOWS\System32\vsconfig.xml -->28/10/2007 18:18:29
C:\WINDOWS\System32\perfh00C.dat -->28/10/2007 13:12:53
C:\WINDOWS\System32\perfh009.dat -->28/10/2007 13:12:53
C:\WINDOWS\System32\perfc00C.dat -->28/10/2007 13:12:53
C:\WINDOWS\System32\perfc009.dat -->28/10/2007 13:12:53
C:\WINDOWS\System32\PerfStringBackup.INI -->28/10/2007 13:12:52
C:\WINDOWS\System32\CONFIG.NT -->27/10/2007 02:12:45
C:\WINDOWS\System32\wpa.dbl -->27/10/2007 01:14:27
C:\WINDOWS\System32\jupdate-1.6.0_03-b05.log -->21/10/2007 14:26:34
C:\WINDOWS\System32\FNTCACHE.DAT -->20/10/2007 18:35:49
C:\WINDOWS\System32\LoopyMusic.wav -->19/10/2007 19:32:18
C:\WINDOWS\System32\BuzzingBee.wav -->19/10/2007 19:32:18
C:\WINDOWS\System32\spupdwxp.log -->19/10/2007 19:32:02
C:\WINDOWS\System32\zllictbl.dat -->19/10/2007 19:29:53
C:\WINDOWS\System32\gjkmp.ini -->19/10/2007 19:16:52
C:\WINDOWS\System32\yzhcmllf.exe -->19/10/2007 18:58:39
C:\WINDOWS\System32\csnt.exe -->19/10/2007 18:55:47
C:\WINDOWS\System32\wmpscheme.xml -->19/10/2007 18:49:34
C:\WINDOWS\System32\$winnt$.inf -->19/10/2007 18:47:05
C:\WINDOWS\System32\nscompat.tlb -->19/10/2007 18:45:35
C:\WINDOWS\System32\amcompat.tlb -->19/10/2007 18:45:35
C:\WINDOWS\System32\WindowsLogon.manifest -->19/10/2007 18:44:45
C:\WINDOWS\System32\logonui.exe.manifest -->19/10/2007 18:44:45
C:\WINDOWS\System32\wuaucpl.cpl.manifest -->19/10/2007 18:44:40

C:\WINDOWS\setupapi.log -->28/10/2007 21:35:07
C:\WINDOWS\0.log -->28/10/2007 18:19:06
C:\WINDOWS\WindowsUpdate.log -->28/10/2007 18:18:56
C:\WINDOWS\QTFont.qfn -->28/10/2007 18:18:55
C:\WINDOWS\bootstat.dat -->28/10/2007 18:18:20
C:\WINDOWS\wiadebug.log -->27/10/2007 23:19:44
C:\WINDOWS\KB892130.log -->27/10/2007 23:18:41
C:\WINDOWS\tsoc.log -->27/10/2007 23:18:28
C:\WINDOWS\tabletoc.log -->27/10/2007 23:18:28
C:\WINDOWS\ocmsn.log -->27/10/2007 23:18:28
C:\WINDOWS\ocgen.log -->27/10/2007 23:18:28
C:\WINDOWS\ntdtcsetup.log -->27/10/2007 23:18:28
C:\WINDOWS\netfxocm.log -->27/10/2007 23:18:28
C:\WINDOWS\msgsocm.log -->27/10/2007 23:18:28
C:\WINDOWS\MedCtrOC.log -->27/10/2007 23:18:28

MD5 des fichiers sensibles
tcpip.sys 9f4b36614a0fc234525ba224957de55c
ndis.sys 558635d3af1c7546d26067d5d9b6959e
null.sys 73c1e1f395918bc2c6dd67af7591a3ad
svchost.exe 2979b03d5382a602623c0535b16ab9c0

ListDLLs v2.25 - DLL lister for Win9x/NT
Copyright (C) 1997-2004 Mark Russinovich
Sysinternals - www.sysinternals.com

------------------------------------------------------------------------------
explorer.exe pid: 1628
Command line: C:\WINDOWS\Explorer.EXE

Base Size Version Path
0x44080000 0xcf000 7.00.6000.16544 C:\WINDOWS\system32\WININET.dll
0x00400000 0x9000 6.00.5441.0000 C:\WINDOWS\system32\Normaliz.dll
0x43e00000 0x45000 7.00.6000.16544 C:\WINDOWS\system32\iertutil.dll
0x76f80000 0x7f000 2001.12.4414.0258 C:\WINDOWS\system32\CLBCATQ.DLL
0x77000000 0xd4000 2001.12.4414.0258 C:\WINDOWS\system32\COMRes.dll
0x76ac0000 0x11000 3.05.2284.0000 C:\WINDOWS\system32\ATL.DLL
0x44360000 0x5cb000 7.00.6000.16544 C:\WINDOWS\system32\ieframe.dll
0x745e0000 0x2c6000 3.01.4000.2435 C:\WINDOWS\system32\msi.dll
0x44160000 0x124000 7.00.6000.16544 C:\WINDOWS\system32\urlmon.dll
0x442b0000 0x3c000 7.00.6000.16544 C:\WINDOWS\system32\webcheck.dll
0x027b0000 0x70d000 6.14.0010.8265 C:\WINDOWS\System32\nvcpl.dll
0x74bf0000 0x2c000 4.02.5406.0000 C:\WINDOWS\System32\OLEACC.dll
0x76010000 0x65000 6.02.3104.0000 C:\WINDOWS\System32\MSVCP60.dll
0x02ec0000 0x44000 6.14.0010.8265 C:\WINDOWS\system32\NVRSFR.DLL
0x02f10000 0x73000 6.14.0010.11014 C:\WINDOWS\System32\nvshell.dll
0x02100000 0x11a000 1.05.0000.0008 C:\PROGRA~1\SPYBOT~1\SDHelper.dll
0x086d0000 0x246000 10.00.0000.3802 C:\WINDOWS\system32\wmvcore.dll
0x070d0000 0x3a000 10.00.0000.3802 C:\WINDOWS\system32\WMASF.DLL
0x03300000 0x2e000 C:\Program Files\WinRAR\rarext.dll
0x52200000 0xb000 7.00.0362.0000 C:\Program Files\Zone Labs\ZoneAlarm\zlavscan.dll
0x10000000 0x4000 5.03.0017.0000 C:\Program Files\Zone Labs\ZoneAlarm\zlavscan_Loc040c.dll
0x02580000 0x9000 2.00.0000.0004 C:\Program Files\TuneUp Utilities 2007\SDShelEx-win32.dll
0x025c0000 0x11000 7.00.0000.0010 C:\Program Files\Avira\AntiVir PersonalEdition Classic\shlext.dll
0x7c250000 0x102000 7.10.3077.0000 C:\Program Files\Avira\AntiVir PersonalEdition Classic\MFC71U.DLL
0x03750000 0x56000 7.10.3052.0004 C:\Program Files\Avira\AntiVir PersonalEdition Classic\MSVCR71.dll
0x038d0000 0x2a000 7.05.0001.0036 C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\context.dll
0x02fd0000 0x13000 7.05.0001.0036 C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\shellexecutehook.dll
0x58640000 0x8a000 1.09.0000.0305 C:\WINDOWS\System32\l3codeca.acm
0x6c3f0000 0x7e000 6.04.0009.1125 C:\WINDOWS\system32\dxmasf.dll
0x097e0000 0x41000 10.00.0000.3802 C:\WINDOWS\system32\DRMClien.DLL
0x32520000 0x12000 10.00.2609.0000 C:\Program Files\Microsoft Office\Office10\msohev.dll
0x60980000 0x7000 3.01.4000.1823 C:\WINDOWS\system32\MSISIP.DLL
0x74e10000 0x10000 5.06.0000.8820 C:\WINDOWS\System32\wshext.dll
0x73d20000 0xfe000 6.02.4131.0000 C:\WINDOWS\system32\MFC42.DLL
0x61d70000 0xe000 6.00.8665.0000 C:\WINDOWS\system32\MFC42LOC.DLL
0x59000000 0xe000 5.06.0000.6626 C:\WINDOWS\System32\wshFR.DLL
0x365a0000 0x15000 10.00.2625.0000 C:\PROGRA~1\MICROS~2\Office10\MCPS.DLL

ListDLLs v2.25 - DLL lister for Win9x/NT
Copyright (C) 1997-2004 Mark Russinovich
Sysinternals - www.sysinternals.com

------------------------------------------------------------------------------
winlogon.exe pid: 804
Command line: winlogon.exe

Base Size Version Path
0x01000000 0x81000 \??\C:\WINDOWS\system32\winlogon.exe
0x74730000 0x3d000 3.525.1117.0000 C:\WINDOWS\system32\ODBC32.dll
0x20000000 0x18000 3.525.1117.0000 C:\WINDOWS\system32\odbcint.dll
0x77000000 0xd4000 2001.12.4414.0258 C:\WINDOWS\system32\COMRes.dll
0x76f80000 0x7f000 2001.12.4414.0258 C:\WINDOWS\system32\CLBCATQ.DLL
0x76010000 0x65000 6.02.3104.0000 C:\WINDOWS\system32\MSVCP60.dll

Le volume dans le lecteur C n'a pas de nom.
Le numéro de série du volume est C456-F90A

Répertoire de C:\WINDOWS\system32

19/10/2007 18:55 1 635 csnt.exe
19/08/2004 15:09 6 144 csrss.exe
2 fichier(s) 7 779 octets
0 Rép(s) 17 881 362 432 octets libres

Contenu de Downloaded Program Files
Le volume dans le lecteur C n'a pas de nom.
Le numéro de série du volume est C456-F90A

Répertoire de C:\WINDOWS\Downloaded Program Files

28/10/2007 21:35 <REP> .
28/10/2007 21:35 <REP> ..
07/12/2004 16:07 32 bdcore.dll
25/05/2006 00:21 118 784 bdupd.dll
19/10/2007 18:44 65 desktop.ini
23/03/2007 11:17 1 292 erma.inf
14/08/2007 13:02 1 588 hardwaredetection.inf
25/05/2006 00:21 53 248 ipsupd.dll
07/01/2007 12:55 2 305 kavwebscan.inf
16/03/2005 11:34 7 407 lang.ini
07/12/2004 16:07 32 libfn.dll
14/03/2005 13:38 126 live.ini
01/06/2006 01:57 1 331 oscan8.inf
01/06/2006 01:54 471 040 oscan8.ocx
31/05/2006 03:15 10 oscan81.ocx_x
14/03/2005 13:58 7 073 scanoptions.tsi
11/08/2004 01:22 3 036 wmv9dmo.inf
30/07/2007 18:24 293 wuweb.inf
02/11/2005 17:01 1 777 xscan.inf
02/11/2005 17:07 435 712 xscan53.ocx
18 fichier(s) 1 105 151 octets

Total des fichiers listés :
18 fichier(s) 1 105 151 octets
2 Rép(s) 17 881 358 336 octets libres

Recherche de rootkit! (Merci S!Ri)

Recherche d'infections connues

Export des clefs sensibles..

Liste des fichiers en exception sur le pare-feu XP SP2

Export de la clef SharedTaskScheduler

[SharedTaskScheduler]
"{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Pré-chargeur Browseui"
"{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Démon de cache des catégories de composant"

exports des policies
REGEDIT4

[system]
"dontdisplaylastusername"=dword:00000000
"legalnoticecaption"=""
"legalnoticetext"=""
"shutdownwithoutlogon"=dword:00000001
"undockwithoutlogon"=dword:00000001

Export des clefs sensibles..
Rechercher adresses sensibles dans le fichier HOSTS...
127.0.0.1 activexupdate.com
127.0.0.1 www.activexupdate.com
127.0.0.1 avpcheckupdate.com
127.0.0.1 www.avpcheckupdate.com
127.0.0.1 client.exeupdate.com
127.0.0.1 eupdatepage.com
127.0.0.1 www.eupdatepage.com
127.0.0.1 exeupdate.com
127.0.0.1 www.exeupdate.com
127.0.0.1 hotwinupdates.com
127.0.0.1 www.hotwinupdates.com
127.0.0.1 lavasoftupdate.com
127.0.0.1 www.lavasoftupdate.com
127.0.0.1 malwarewipeupdate.com
127.0.0.1 www.malwarewipeupdate.com
127.0.0.1 msupdate.net
127.0.0.1 www.msupdate.net
127.0.0.1 msupdater.net
127.0.0.1 www.msupdater.net
127.0.0.1 necessaryupdates.com
127.0.0.1 www.necessaryupdates.com
127.0.0.1 newupdates.lzio.com
127.0.0.1 redirect.msupdate.net
127.0.0.1 search.keyword.exeupdate.com
127.0.0.1 securityupdatesite.com
127.0.0.1 www.securityupdatesite.com
127.0.0.1 settings.updatemysettings.com
127.0.0.1 spyaxeupdate.com
127.0.0.1 www.spyaxeupdate.com
127.0.0.1 spyfalconupdate.com
127.0.0.1 www.spyfalconupdate.com
127.0.0.1 systemupdates.net
127.0.0.1 www.systemupdates.net
127.0.0.1 trial.updates.winsoftware.com
127.0.0.1 updatemysettings.com
127.0.0.1 www.updatemysettings.com
127.0.0.1 updates.spywarequake.com
127.0.0.1 urgentsystemupdate.biz
127.0.0.1 www.urgentsystemupdate.biz
127.0.0.1 urgentsystemupdate.com
127.0.0.1 www.urgentsystemupdate.com
127.0.0.1 windupdates.com
127.0.0.1 update.680180.net
127.0.0.1 pandaantivirus-2007.com
127.0.0.1 www.pandaantivirus-2007.com
127.0.0.1 pandadownload-now.com
127.0.0.1 www.pandadownload-now.com
127.0.0.1 panda-hq.com
127.0.0.1 www.panda-hq.com
catchme 0.3.1232 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-10-28 22:26:07
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden services & system hive ...

scanning hidden registry entries ...

scanning hidden files ...

scan completed successfully
hidden services: 0
hidden files: 0

KProcCheck Version 0.2-beta1 Proof-of-Concept by SIG^2 (www.security.org.sg)

Process list by traversal of KiWaitListHead

4 - System
280 - avguard.exe
568 - RTHDCPL.exe
584 - zlclient.exe
600 - avgas.exe
608 - iTunesHelper.ex
748 - avgnt.exe
752 - ctfmon.exe
772 - msmsgs.exe
780 - csrss.exe
804 - winlogon.exe
848 - services.exe
860 - lsass.exe
1020 - svchost.exe
1096 - svchost.exe
1192 - svchost.exe
1392 - svchost.exe
1416 - vsmon.exe
1440 - nvsvc32.exe
1628 - explorer.exe
1712 - sched.exe
1724 - guard.exe
1868 - notepad.exe
1896 - aawservice.exe
2360 - wscntfy.exe
2844 - cmd.exe
3168 - iPodService.exe

Total number of processes = 27
NOTE: Under WinXP, this will not show all processes.

KProcCheck Version 0.2-beta1 Proof-of-Concept by SIG^2 (www.security.org.sg)

Driver/Module list by traversal of PsLoadedModuleList

804D7000 - \WINDOWS\system32\ntoskrnl.exe
80701000 - \WINDOWS\system32\hal.dll
F7987000 - \WINDOWS\system32\KDCOM.DLL
F7897000 - \WINDOWS\system32\BOOTVID.dll
F75A7000 - ACPI.sys
F7989000 - \WINDOWS\System32\DRIVERS\WMILIB.SYS
F7596000 - pci.sys
F75F7000 - isapnp.sys
F7607000 - ohci1394.sys
F7617000 - \WINDOWS\System32\DRIVERS\1394BUS.SYS
F7A4F000 - pciide.sys
F7707000 - \WINDOWS\System32\DRIVERS\PCIIDEX.SYS
F7627000 - MountMgr.sys
F74D7000 - ftdisk.sys
F798B000 - dmload.sys
F74B1000 - dmio.sys
F770F000 - PartMgr.sys
F7637000 - VolSnap.sys
F7499000 - atapi.sys
F7647000 - disk.sys
F7657000 - \WINDOWS\System32\DRIVERS\CLASSPNP.SYS
F747A000 - fltmgr.sys
F7468000 - sr.sys
F7667000 - PxHelp20.sys
F7870000 - KSecDD.sys
F7B52000 - Ntfs.sys
F7843000 - NDIS.sys
F7827000 - kl1.sys
F7717000 - \WINDOWS\system32\DRIVERS\TDI.SYS
F7973000 - srescan.sys
F7958000 - Mup.sys
F7556000 - \SystemRoot\System32\DRIVERS\intelppm.sys
BA7EE000 - \SystemRoot\System32\DRIVERS\nv4_mini.sys
BA7DA000 - \SystemRoot\System32\DRIVERS\VIDEOPRT.SYS
BA7A1000 - \SystemRoot\system32\DRIVERS\HDAudBus.sys
BA78D000 - \SystemRoot\System32\DRIVERS\Rtenicxp.sys
F775F000 - \SystemRoot\System32\DRIVERS\usbuhci.sys
BA76A000 - \SystemRoot\System32\DRIVERS\USBPORT.SYS
F7536000 - \SystemRoot\System32\DRIVERS\nic1394.sys
F7767000 - \SystemRoot\System32\DRIVERS\fdc.sys
BA756000 - \SystemRoot\System32\DRIVERS\parport.sys
BAFE0000 - \SystemRoot\System32\DRIVERS\gameenum.sys
F7526000 - \SystemRoot\System32\DRIVERS\i8042prt.sys
F776F000 - \SystemRoot\System32\DRIVERS\kbdclass.sys
F7777000 - \SystemRoot\System32\DRIVERS\mouclass.sys
BA745000 - \SystemRoot\System32\DRIVERS\serial.sys
BAFDC000 - \SystemRoot\System32\DRIVERS\serenum.sys
F7516000 - \SystemRoot\System32\Drivers\Imapi.SYS
F7506000 - \SystemRoot\System32\DRIVERS\cdrom.sys
F74F6000 - \SystemRoot\System32\DRIVERS\redbook.sys
BA722000 - \SystemRoot\System32\DRIVERS\ks.sys
F777F000 - \SystemRoot\System32\Drivers\GEARAspiWDM.sys
BAFD4000 - \SystemRoot\system32\drivers\atkkbnt.sys
F7ABA000 - \SystemRoot\System32\DRIVERS\audstub.sys
F7458000 - \SystemRoot\System32\DRIVERS\rasl2tp.sys
BAFD0000 - \SystemRoot\System32\DRIVERS\ndistapi.sys
BA6E3000 - \SystemRoot\System32\DRIVERS\ndiswan.sys
F7448000 - \SystemRoot\System32\DRIVERS\raspppoe.sys
F7438000 - \SystemRoot\System32\DRIVERS\raspptp.sys
BA6D2000 - \SystemRoot\System32\DRIVERS\psched.sys
F7428000 - \SystemRoot\System32\DRIVERS\msgpc.sys
F7787000 - \SystemRoot\System32\DRIVERS\ptilink.sys
F778F000 - \SystemRoot\System32\DRIVERS\raspti.sys
BA6A1000 - \SystemRoot\System32\DRIVERS\rdpdr.sys
F7418000 - \SystemRoot\System32\DRIVERS\termdd.sys
F798D000 - \SystemRoot\System32\DRIVERS\swenum.sys
BA66D000 - \SystemRoot\System32\DRIVERS\update.sys
BAFB8000 - \SystemRoot\System32\DRIVERS\mssmbios.sys
F7408000 - \SystemRoot\System32\Drivers\NDProxy.SYS
B7C63000 - \SystemRoot\system32\drivers\RtkHDAud.sys
B7B51000 - \SystemRoot\system32\drivers\portcls.sys
BAD36000 - \SystemRoot\system32\drivers\drmk.sys
BAD26000 - \SystemRoot\System32\DRIVERS\usbhub.sys
F79A1000 - \SystemRoot\System32\DRIVERS\USBD.SYS
F77AF000 - \SystemRoot\System32\DRIVERS\flpydisk.sys
B7B08000 - \SystemRoot\system32\DRIVERS\klif.sys
F79B1000 - \SystemRoot\System32\Drivers\Fs_Rec.SYS
F7A5F000 - \SystemRoot\System32\Drivers\Null.SYS
F79B3000 - \SystemRoot\System32\Drivers\Beep.SYS
F7A5D000 - \SystemRoot\System32\DRIVERS\AvgAsCln.sys
F7A62000 - \SystemRoot\System32\Drivers\avgclean.sys
F77C7000 - \SystemRoot\System32\drivers\vga.sys
F79B5000 - \SystemRoot\System32\Drivers\mnmdd.SYS
F79B7000 - \SystemRoot\System32\DRIVERS\RDPCDD.sys
F77CF000 - \SystemRoot\System32\Drivers\Msfs.SYS
F77D7000 - \SystemRoot\System32\Drivers\Npfs.SYS
BA71E000 - \SystemRoot\System32\DRIVERS\rasacd.sys
B7AD5000 - \SystemRoot\System32\DRIVERS\ipsec.sys
B7A7D000 - \SystemRoot\System32\DRIVERS\tcpip.sys
B7A55000 - \SystemRoot\System32\DRIVERS\netbt.sys
B7A34000 - \SystemRoot\System32\DRIVERS\ipnat.sys
BAD06000 - \SystemRoot\System32\DRIVERS\wanarp.sys
B79D4000 - \SystemRoot\System32\vsdatant.sys
BACF6000 - \SystemRoot\System32\DRIVERS\arp1394.sys
B798A000 - \SystemRoot\System32\drivers\afd.sys
BACD6000 - \SystemRoot\System32\DRIVERS\netbios.sys
F77E7000 - \SystemRoot\system32\DRIVERS\ssmdrv.sys
F77EF000 - \SystemRoot\System32\DRIVERS\usbprint.sys
B795E000 - \SystemRoot\System32\DRIVERS\rdbss.sys
B78EF000 - \SystemRoot\System32\DRIVERS\mrxsmb.sys
BACB6000 - \SystemRoot\System32\Drivers\Fips.SYS
F76C7000 - \SystemRoot\system32\DRIVERS\avipbb.sys
F79BD000 - \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys
F79C5000 - \SystemRoot\System32\Drivers\avg7rsw.sys
F7AAB000 - \??\C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.sys
F7576000 - \SystemRoot\System32\Drivers\Cdfs.SYS
B78D7000 - \SystemRoot\System32\Drivers\dump_atapi.sys
F79D1000 - \SystemRoot\System32\Drivers\dump_WMILIB.SYS
BF800000 - \SystemRoot\System32\win32k.sys
B7BBB000 - \SystemRoot\System32\watchdog.sys
F7933000 - \SystemRoot\System32\drivers\Dxapi.sys
BF9C1000 - \SystemRoot\System32\drivers\dxg.sys
F7AA1000 - \SystemRoot\System32\drivers\dxgthk.sys
BF9D3000 - \SystemRoot\System32\atkdisp.dll
BFA0E000 - \SystemRoot\System32\nv4_disp.dll
B78BB000 - \SystemRoot\System32\DRIVERS\ndisuio.sys
B6467000 - \SystemRoot\System32\Drivers\Fastfat.SYS
B6362000 - \SystemRoot\system32\drivers\wdmaud.sys
B65FA000 - \SystemRoot\system32\drivers\sysaudio.sys
B612E000 - \SystemRoot\System32\DRIVERS\mrxdav.sys
B6003000 - \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys
F79A3000 - \SystemRoot\System32\Drivers\ParVdm.SYS
F79F9000 - \SystemRoot\System32\Drivers\avgtdi.sys
B5FE3000 - \??\C:\WINDOWS\system32\drivers\EIO.sys
BFA0B000 - \SystemRoot\System32\atkosdmini.dll
BFFA0000 - \SystemRoot\System32\ATMFD.DLL
B539C000 - \SystemRoot\System32\DRIVERS\srv.sys
B4FC1000 - \SystemRoot\System32\Drivers\HTTP.sys
AC953000 - \SystemRoot\system32\drivers\kmixer.sys
BAB73000 - \SystemRoot\System32\DRIVERS\KProcCheck.sys

Total number of drivers = 130

Liste des programmes installes

Ad-Aware 2007
Adobe Flash Player ActiveX
Apple Mobile Device Support
Apple Software Update
Archiveur WinRAR
ASUS Enhanced Display Driver
ASUS nVIDIA Driver
AVG Anti-Spyware 7.5
Avira AntiVir PersonalEdition Classic
Azureus Vuze
BSPlayer
CCleaner (remove only)
Correctif pour Windows XP (KB914440)
eMule
High Definition Audio Driver Package - KB888111
HijackThis 2.0.2
Hotfix for Windows XP (KB915865)
hp deskjet 840c series (Supprimer uniquement)
iTunes
Java(TM) 6 Update 3
Kaspersky Online Scanner
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office XP Media Content
Microsoft Office XP Professional avec FrontPage
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB939653)
Mise à jour pour Windows XP (KB898461)
Mise à jour pour Windows XP (KB904942)
Mozilla Firefox (2.0.0.8)
NVIDIA Drivers
Quick Zip 4.60.019
QuickTime
Realtek High Definition Audio Driver
REALTEK PCIE NIC Driver
Spybot - Search & Destroy
TuneUp Utilities 2007
VideoLAN VLC media player 0.8.6c
WebFldrs XP
Winamp
Windows Genuine Advantage Validation Tool (KB892130)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Installer 3.1 (KB893803)
Windows Internet Explorer 7
Windows Live Messenger
Windows Media Format Runtime
Windows XP Service Pack 2
ZoneAlarm

Le volume dans le lecteur C n'a pas de nom.
Le numéro de série du volume est C456-F90A

Répertoire de C:\Program Files

27/10/2007 20:53 <REP> .
27/10/2007 20:53 <REP> ..
21/10/2007 03:50 <REP> Alwil Software
20/10/2007 01:43 <REP> Apple Software Update
19/10/2007 18:57 <REP> ASUSTeK
27/10/2007 03:29 <REP> Avira
27/10/2007 13:48 <REP> Azureus
20/10/2007 00:43 <REP> CCleaner
19/10/2007 18:43 <REP> ComPlus Applications
28/10/2007 20:33 <REP> eMule
21/10/2007 14:25 <REP> Fichiers communs
21/10/2007 03:20 <REP> Grisoft
21/10/2007 14:59 <REP> Hewlett-Packard
21/10/2007 15:25 <REP> hp deskjet 840c series
19/10/2007 18:50 <REP> Intel
21/10/2007 19:28 <REP> Internet Explorer
20/10/2007 01:43 <REP> iPod
20/10/2007 01:44 <REP> iTunes
21/10/2007 14:26 <REP> Java
21/10/2007 05:32 <REP> Lavasoft
19/04/2007 19:08 <REP> Messenger
19/10/2007 18:45 <REP> microsoft frontpage
20/10/2007 11:20 <REP> Microsoft Office
19/10/2007 19:02 <REP> Movie Maker
28/10/2007 21:28 <REP> Mozilla Firefox
19/10/2007 18:42 <REP> MSN
19/10/2007 18:42 <REP> MSN Gaming Zone
20/10/2007 00:37 <REP> MSN Messenger
19/10/2007 19:00 <REP> NetMeeting
19/10/2007 19:00 <REP> Outlook Express
20/10/2007 01:43 <REP> QuickTime
20/10/2007 01:40 <REP> QuickZip4
19/04/2007 19:11 <REP> Realtek
19/10/2007 18:42 <REP> Services en ligne
20/10/2007 00:55 <REP> Spybot - Search & Destroy
21/10/2007 05:36 <REP> Trend Micro
27/10/2007 20:55 <REP> TuneUp Utilities 2007
21/10/2007 15:30 <REP> VideoLAN
27/10/2007 17:49 <REP> Webteh
20/10/2007 00:55 <REP> Winamp
20/10/2007 01:53 <REP> Windows Media Player
19/10/2007 19:00 <REP> Windows NT
21/10/2007 19:17 <REP> WinRAR
19/10/2007 18:45 <REP> xerox
20/10/2007 00:28 <REP> Zone Labs
0 fichier(s) 0 octets
45 Rép(s) 17 881 260 032 octets libres
Le volume dans le lecteur C n'a pas de nom.
Le numéro de série du volume est C456-F90A

Répertoire de C:\Program Files\fichiers communs

21/10/2007 14:25 <REP> .
21/10/2007 14:25 <REP> ..
20/10/2007 01:42 <REP> Apple
20/10/2007 11:20 <REP> Designer
19/10/2007 18:54 <REP> InstallShield
21/10/2007 14:25 <REP> Java
20/10/2007 11:20 <REP> Microsoft Shared
19/10/2007 18:43 <REP> MSSoap
12/01/2007 06:58 <REP> ODBC
19/10/2007 18:43 <REP> Services
12/01/2007 06:58 <REP> SpeechEngines
20/10/2007 11:20 <REP> System
21/10/2007 05:26 <REP> Wise Installation Wizard
0 fichier(s) 0 octets
13 Rép(s) 17 881 260 032 octets libres
Le volume dans le lecteur C n'a pas de nom.
Le numéro de série du volume est C456-F90A

Répertoire de C:\Program Files\fichiers communs\Microsoft Shared\Web Folders

20/10/2007 11:20 <REP> .
20/10/2007 11:20 <REP> ..
20/10/2007 11:20 <REP> 1033
20/10/2007 11:20 <REP> 1036
15/02/2001 04:45 1 318 912 MSONSEXT.DLL
13/02/2001 07:23 58 784 MSOSV.DLL
03/06/1999 13:09 122 937 MSOWS409.DLL
07/03/2001 08:00 127 033 MSOWS40c.DLL
06/08/2000 08:04 401 462 MSVCP60.DLL
22/01/2001 02:25 69 632 PKMAXCTL.DLL
22/01/2001 02:25 872 448 PKMCDO.DLL
22/01/2001 02:25 159 744 PKMCORE.DLL
07/02/2001 08:59 106 496 PKMFORMS.DLL
12/02/2001 03:03 684 032 PKMRES.DLL
22/01/2001 02:25 28 672 PKMSSTLB.DLL
22/01/2001 02:25 40 960 PKMTEMPL.DLL
22/01/2001 02:25 24 576 PKMTRACE.DLL
22/01/2001 02:25 86 016 PKMWS.DLL
22/01/2001 02:25 237 568 PROMDEMO.DLL
22/01/2001 02:25 184 320 SECMGR.DLL
22/01/2001 02:25 323 584 VAIDDMGR.DLL
22/01/2001 02:25 32 768 VAIMEM.DLL
18 fichier(s) 4 879 944 octets
4 Rép(s) 17 881 255 936 octets libres
Le volume dans le lecteur C n'a pas de nom.
Le numéro de série du volume est C456-F90A

Répertoire de C:\

19/10/2007 18:31 13 824 removewga_removewga_1.2_anglais_21437.exe
1 fichier(s) 13 824 octets
0 Rép(s) 17 881 255 936 octets libres

c:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 7.4.3.1\iTunesSetupAdmin.exe
c:\Documents and Settings\Julien\Bureau\mwav.exe
c:\Documents and Settings\Julien\Bureau\Bordel à virus\RHosts.exe
c:\Documents and Settings\Julien\Bureau\Bordel à virus\SDFix.exe
c:\Documents and Settings\Julien\Bureau\Bordel à virus\Antivirtumonde\VundoFix.exe
c:\Documents and Settings\Julien\Bureau\Bordel à virus\SDFix\catchme.exe
c:\Documents and Settings\Julien\Bureau\Bordel à virus\SDFix\apps\cliptext.exe
c:\Documents and Settings\Julien\Bureau\Bordel à virus\SDFix\apps\download.exe
c:\Documents and Settings\Julien\Bureau\Bordel à virus\SDFix\apps\ERUNT.EXE
c:\Documents and Settings\Julien\Bureau\Bordel à virus\SDFix\apps\FixPath.exe
c:\Documents and Settings\Julien\Bureau\Bordel à virus\SDFix\apps\isadmin.exe
c:\Documents and Settings\Julien\Bureau\Bordel à virus\SDFix\apps\LS.exe
c:\Documents and Settings\Julien\Bureau\Bordel à virus\SDFix\apps\MD5File.exe
c:\Documents and Settings\Julien\Bureau\Bordel à virus\SDFix\apps\moveex.exe
c:\Documents and Settings\Julien\Bureau\Bordel à virus\SDFix\apps\Process.exe
c:\Documents and Settings\Julien\Bureau\Bordel à virus\SDFix\apps\procs.exe
c:\Documents and Settings\Julien\Bureau\Bordel à virus\SDFix\apps\psservice.exe
c:\Documents and Settings\Julien\Bureau\Bordel à virus\SDFix\apps\RegDACL.exe
c:\Documents and Settings\Julien\Bureau\Bordel à virus\SDFix\apps\regedit.exe
c:\Documents and Settings\Julien\Bureau\Bordel à virus\SDFix\apps\RestartIt!.exe
c:\Documents and Settings\Julien\Bureau\Bordel à virus\SDFix\apps\sc.exe
c:\Documents and Settings\Julien\Bureau\Bordel à virus\SDFix\apps\SF.exe
c:\Documents and Settings\Julien\Bureau\Bordel à virus\SDFix\apps\shutdown.exe
c:\Documents and Settings\Julien\Bureau\Bordel à virus\SDFix\apps\swreg.exe
c:\Documents and Settings\Julien\Bureau\Bordel à virus\SDFix\apps\swsc.exe
c:\Documents and Settings\Julien\Bureau\Bordel à virus\SDFix\apps\unzip.exe
c:\Documents and Settings\Julien\Bureau\Bordel à virus\SDFix\apps\WINMSG.EXE
c:\Documents and Settings\Julien\Bureau\Bordel à virus\SDFix\apps\zip.exe
c:\Documents and Settings\Julien\Bureau\Bordel à virus\SDFix\apps\Replace\W2K.exe
c:\Documents and Settings\Julien\Bureau\Bordel à virus\SDFix\apps\Replace\XP.exe
c:\Documents and Settings\Julien\Bureau\Bordel à virus\SDFix\backups\attrib.exe
c:\Documents and Settings\Julien\Bureau\Bordel à virus\SDFix\backups\find.exe
c:\Documents and Settings\Julien\Bureau\Bordel à virus\SDFix\backups\findstr.exe
c:\Documents and Settings\Julien\Bureau\Bordel à virus\SDFix\backups\regedit.exe
c:\Documents and Settings\Julien\Bureau\DiagHelp\catchme.exe
c:\Documents and Settings\Julien\Bureau\DiagHelp\diff.exe
c:\Documents and Settings\Julien\Bureau\DiagHelp\dumphive.exe
c:\Documents and Settings\Julien\Bureau\DiagHelp\FilesInfoCmd.exe
c:\Documents and Settings\Julien\Bureau\DiagHelp\find2.exe
c:\Documents and Settings\Julien\Bureau\DiagHelp\Fport.exe
c:\Documents and Settings\Julien\Bureau\DiagHelp\grep.exe
c:\Documents and Settings\Julien\Bureau\DiagHelp\gzip.exe
c:\Documents and Settings\Julien\Bureau\DiagHelp\KProcCheck.exe
c:\Documents and Settings\Julien\Bureau\DiagHelp\LFiles.exe
c:\Documents and Settings\Julien\Bureau\DiagHelp\LISTDLLS.exe
c:\Documents and Settings\Julien\Bureau\DiagHelp\md5sums.exe
c:\Documents and Settings\Julien\Bureau\DiagHelp\pslist.exe
c:\Documents and Settings\Julien\Bureau\DiagHelp\streams.exe
c:\Documents and Settings\Julien\Bureau\DiagHelp\swreg.exe
c:\Documents and Settings\Julien\Bureau\DiagHelp\tar.exe
c:\Documents and Settings\Julien\Bureau\SREng\SREngPS.EXE
c:\Documents and Settings\Julien\Local Settings\Temp\i4jdel0.exe
c:\Documents and Settings\All Users\Application Data\Grisoft\AVG Anti-Spyware 7.5\Downloads\help.dll
c:\Documents and Settings\All Users\Application Data\Microsoft\IdentityCRL\production\ppcrlconfig.dll
c:\Documents and Settings\Julien\Application Data\Mozilla\Firefox\Profiles\6cn91608.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\googletoolbar.dll
c:\Documents and Settings\Julien\Application Data\Mozilla\Firefox\Profiles\6cn91608.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\metrics.dll
c:\Documents and Settings\LocalService\Application Data\Microsoft\UPnP Device Host\upnphost\udhisapi.dll

****** Fin du rapport DiagHelp
Veuillez svp envoyer le fichier C:\upload_moi_CHARPENT-UM4M4U.tar.gz a l'adresse http://upload.malekal.com

Julien · Answer

Et enfin le Hijackthis ! 

Bonne soirée. 

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:38:54, on 28/10/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\ATKKBService.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\System32
vsvc32.exe
C:\WINDOWS\System32	cpsvcs.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Winamp\winamp.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.01net.com/telecharger/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.01net.com/telecharger/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SERVICE LOCAL')
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: http://www.secuser.com
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/71365/kavwebscan_unicode.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - https://www.trendmicro.com/en_us/forHome/products/housecall.html
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} - https://www.touslesdrivers.com/index.php?v_page=29
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32
vsvc32.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

FillPCA · Answer

Bonjour,

1/ Désinstalle AVG antivirus.

2/ * Télécharge navilog1 (Merci il.mafioso!)

http://perso.orange.fr/il.mafioso/Navifix/Navilog1.exe

    * Ensuite double clique sur navilog1.exe pour lancer l'installation.

    * Une fois l'installation terminée, le fix s'exécutera automatiquement.

    * (Si ce n'est pas le cas, double-clique sur le raccourci Navilog1 présent sur le bureau).

* Laisse-toi guider. Au menu principal, choisis 1 et valides.

/*\ Ne fais pas le choix 2,3 ou 4 sans notre avis/accord /*\

* Patiente jusqu'au message : *** Analyse terminée le ..... ***

    * Appuie sur une touche comme demandé, le Bloc-notes va s'ouvrir.

    * Copie-colle l'intégralité du rapport dans ta prochaine réponse. Referme le Bloc-notes.

    * Le rapport est en outre sauvegardé à la racine du disque (fixnavi.txt) 

3/ # Télécharge Vundofix  (par Atribune) sur ton Bureau : http://www.atribune.org/ccount/click.php?id=4
# Double-clique VundoFix.exe afin de le lancer.
# Clique sur le bouton Scan for Vundo.
# Lorsque le scan est complété, clique sur le bouton Remove Vundo (uniquement si des fichiers infectieux sont trouvés).
# Une invite te demandera si tu veux supprimer les fichiers, clique YES.
# Après avoir cliqué "Yes", le Bureau disparaîtra un moment lors de la suppression des fichiers.
# Tu verras une invite qui t'annonce que ton PC va redémarrer; clique OK.
# Copie/colle le contenu du rapport situé dans C:\vundofix.txt ainsi qu'un nouveau rapport HijackThis! dans ta prochaine réponse.

4/     *  Télécharge OTMoveIt  (de Old_Timer) sur ton bureau : http://download.bleepingcomputer.com/oldtimer/OTMoveIt.exe
    * Double-clique sur OTMoveIt.exe pour lancer le programme,
    * Copie la liste de fichiers ou de dossiers ci-dessous et colle-la dans la fenêtre du programme "Paste List Of Files/Folders to be moved" :

C:\WINDOWS\System32\yzhcmllf.exe
C:\WINDOWS\System32\csnt.exe
c:\Documents and Settings\Julien\Local Settings\Temp\i4jdel0.exe

    * Clique sur MoveIt! pour lancer la suppression,
    * Le résultat appraraîtra dans le cadre Results.
    * Clique sur Exit pour fermer le programme.
    * Poste le rapport qui est situé ici : C:\\_OTMoveIt\MovedFiles
    * Il te sera peut-être demandé de redémarrer ton PC. Dans ce cas, clique sur Yes.

5/ Edite le rapport Vundofix, Hijackthis, navilog et OTMoveIt.

FillPCA

Julien · Answer

Bonjour FillPCA, 


J'ai déjà désinstallé AVG (qui avait planté à la désinstall, Le Sioux m'a donc fait coupé ce qui restait en passant par services.msc), et ai pris Antivir comme me l'a conseillé le Sioux. 

Veux-tu que je désinstalle mon antivirus ??? 
Parce que vu que mon Internet se bloque en download, j'ai mis une semaine avant de réussir à télécharger les 20 petits Mo de Antivir...

Bref, dois-je désinstaller mon Antivirus avant de me servir de Navilog1 ? Et dans ce cas, quand puis-je le réinstaller ? 
Sinon, dès que je rentre (suis au bureau), j'essaie le reste. 
Sache tout de même que pour Vundofix, j'ai déjà essayé (ainsi que VirtumondoBeGone), sans résultats. Mais je veux bien réessayer.

Keep me posted
Bonne journée
Julien

FillPCA · Answer

Re,

Les serveurs d'Antivir sont parfois lents.
Inutile de désinstaller quoique ce soit.

Pour VUndo, ça ressemble à quelques fichiers oubliés et anciens qui devraient partir avec OTMoveIT.
Navilog nous en dira plus.

FillPCA

Julien · Answer

Bonsoir FillPCA, 

J'ai enfin trouvé un peu de temps pour faire les actions demandés...

Vundofix n'a rien trouvé, pas de rapport à afficher...

Pour le reste...

Rapport Navilog : 

Outil exécuté depuis C:\Program Files
avilog1
Mise à jour le 30.10.2007 à 19h00 par IL-MAFIOSO


Microsoft Windows XP [version 5.1.2600]
Internet Explorer : 7.0.5730.11 


*** Recherche Programmes installés ***




*** Recherche dossiers dans C:\WINDOWS ***



*** Recherche dossiers dans C:\Program Files ***



*** Recherche dossiers dans C:\Documents and Settings\All Users\Application Data ***




*** Recherche dossiers dans C:\Documents and Settings\Julien\Application Data ***


*** Recherche dossiers dans C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1 ***


*** Recherche avec Catchme-rootkit/stealth malware detector par gmer ***
pour + d'infos : http://www.gmer.net

Aucun fichier trouvé dans :

- C:\WINDOWS\system32
- C:\DOCUME~1\JULIEN\LOCALS~1\APPLIC~1



*** Recherche avec GenericNaviSearch ***
!!! Tous ces résultats peuvent révéler des fichiers légitimes !!!
!!! A vérifier impérativement avant toute suppression manuelle !!!

* Recherche dans C:\WINDOWS\system32 *

* Recherche dans C:\DOCUME~1\JULIEN\LOCALS~1\APPLIC~1 *



*** Recherche fichiers *** 




*** Recherche clés spécifiques dans le Registre ***


*** Module de Recherche complémentaire ***
(Recherche fichiers spécifiques)

1)Recherche fichiers connus:

2)Recherche Heuristique :



3)Recherche Certificats :

Certificat Egroup absent !


*** Analyse terminée le 30/10/2007 à 23:28:06,73 ***


Rapport OTMove it : 

C:\WINDOWS\System32\yzhcmllf.exe moved successfully.
C:\WINDOWS\System32\csnt.exe moved successfully.
c:\Documents and Settings\Julien\Local Settings\Temp\i4jdel0.exe moved successfully.
 
Created on 10/30/2007 23:31:19

Et le Hijackthis : 

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:35:18, on 30/10/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\ATKKBService.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\System32
vsvc32.exe
C:\WINDOWS\System32	cpsvcs.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.01net.com/telecharger/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.01net.com/telecharger/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SERVICE LOCAL')
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: http://www.secuser.com
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/71365/kavwebscan_unicode.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - https://www.trendmicro.com/en_us/forHome/products/housecall.html
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} - https://www.touslesdrivers.com/index.php?v_page=29
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32
vsvc32.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

FillPCA · Answer

Bonsoir,

1/     *  Lance OTmoveIT.
    * Clique sur CleanUp! (le programme va télécharger un fichier texte qui servira a nettoyer les programmes que l'on a téléchargés).

NOTE : Normalement, ton firewall (parefeu) devrait te demander si OTmoveIT peut accéder à internet, Autorise le.

    * Une liste apparaît dans la partie gauche d'OTmoveIT.
    * Un message apparaît pour confirmer le nettoyage. Confirme.
    * Les fichiers infectés qui se trouvent dans les quarantaines seront supprimés aussi.

2/ Peux-tu me dire comment le pc se porte ?

FillPCA

Julien · Answer

Re,

Au cas où, je te poste le rapport OTMove it (qui s'était auto-effacé puis mis dans la corbeille, mais je suis un malin ! :-)):

[nobackups]
avenger.zip <Avenger by Swandog46>
Avenger
avenger.txt
bfu.zip <BFU by Merijn>
BFU
combofix.exe <ComboFix by sUBs>
QooBox
ComboFix*.txt
catchme.exe
nircmd.exe
swreg.exe
Swxcacls.exe
Swsc.exe
dss.exe <Deckard's System Scanner by Deckard>
Deckard
FindAWF.exe <FindAWF by noahdfear>
AWF.txt
fixwareout.exe <FixWareout by LonnyRJones>
fixwareout
fsbl.exe <F-Secure BlackLight>
fsbl*.log
gmer.exe <GMER by Gmer>
gmer.dll
gmer.ini
gmer.log
gmer_uninstall.cmd
gmer.sys
gmer <delete service>
haxfix.exe <Haxfix by Markie>
haxfix.txt
killbox.exe <Killbox by Option^Explicit>
!Killbox
NoLop.exe <NoLop by ?>
NoLop.txt
NoLopOLD.txt
delete.bat
OTMoveIt.exe <OTMoveIt by OldTimer>
_OTMoveIt
rustbfix.exe <Rustbfix by Ejvindh>
Rustbfix
sdfix.exe <SDFix by Andy_Manchesta>
SDFix
SmitfraudFix.exe <SmitfraudFix by S!Ri>
SmitfraudFix
rapport.txt
SysInsite <System Insite by Bobbi Flekman>
VundoFix.exe <VundoFix by Atribune>
VundoFix Backups
vundofix.txt
win32delfkil.exe <WinDelfKil by Markie>
_backupD
windelf.txt
winpfind.exe <WinPfind by OldTimer>
WinPfind
winpfind3u.exe <WinPFind3 by OldTimer>
WinPFind3u
cleanup.txt
[deleteself]

Ensuite, pour le PC.
Antivir trouve un virus avec Navilog, puis-je maintenant le mettre en quarantaine voire l'effacer ?

Un truc qui ne paraît rien mais qui me gêne bcp, c'est le fait que ma zone de notificaton ne veut pas afficher l'icône antivir ni celui du son, ce qui est enquiquinant au plus haut point quand tu dois passer par le panneau de configuration pour jouer avec le son alors que des gens dorment à côté... Les 2 éléments précédents sont passés dans la case "éléments précédents "et j'ai beau les mettre "toujours afficher", ça veut pas ! Comment je peux faire pour rétablir ça ?

Ensuite, j'ai téléchargé une BA de 30 Mo pour voir l'état de Firefox, il a refusé trois fois (en gros, il s'est arrêté tout seul, comme un plantage, avec la barre de téléchargement te donnant la progression, le débit et le temps restant alors que plus rien ne bouge) puis s'y est mis. On dira donc qu'il y a du progrès !

Enfin, AVG antispyware et Antivir plantent toujours au même endroit, sur C:\System Volume Information\tracking.log

Bref, dans l'ensemble, l'ordi marche plutôt pas mal mais avec tous ces plantages de mes systèmes de protection, j'ose pas trop aller sur mes sites à mot de passe (genre ma banque, quoi... je vais finir par me faire jeter par mon banquier, moi ;-))

FillPCA · Answer

Bonjour,

1/ * Désinstalle Navilog1 soit:
    * Par Ajout/suppression de programmes du Panneau de configuration, en sélectionnant Navilog1 dans la liste > Supprimer
    * Ou par le menu: Démarrer / Tous le programmes / Navilog1 / Désinstaller Navilog1
    * Enfin, après désinstallation, supprimer le dossier C:\Program Files\Navilog1, si encore existant.

2/ Tu dois désactiver la restauration système. Pour cela, fais un clic droit sur « poste de travail ». Dans l’onglet « restauration du système », coche la case « désactiver la restauration système ». Clique sur appliquer>OK.

3/     *  Fais un scan en ligne en cliquant ici : http://assiste.com.free.fr/...
    * Choisis Kaspersky.
    * Tu dois réaliser le scan en utilisant Internet explorer. Une information apparait en haut, près de la barre d'état. Tu dois accepter et installer l'activeX proposé. La mise à jour de l'antivirus se lance.
    * Réalise un scan complet du système.
    * Sauvegarde le rapport en mode texte à l'issue du scan.

Edite ce rapport.


4/ Tu dois réactiver la restauration système. Pour cela, fais un clic droit sur « poste de travail ». Dans l’onglet « restauration du système », décoche la case « désactiver la restauration système ». Clique sur appliquer>OK.

FillPCA

Julien · Answer

Bonjour à toi FillPCA,

Alors bon ben j'ai fait ce que tu m'as dit, et la sanction a été la même que la première fois que nous avons essayé avec le Sioux. Kapersky a trouvé 2 objets infectés et 1 virus mais arrivé sur ce pu... de dossier C:\System Volume Information	racking.log, c'est comme d'hab, ça plante ! Pas moyen d'aller plus loin ou de stopper le scanner, il faut forcer la fenêtre à se fermer...

Une fois de plus, je n'ai donc pas de rapport à poster, puisque JE NE PEUX PAS SCANNER INTEGRALEMENT, avec aucun système de protection !!!!!!

J'avais pourtant bien désactivé la restauration système comme demandé...

Je vais donc voir si je peux faire un scan complet et l'arrêter avant ce dossier et essayer d'avoir un rapport... Si tu vois autre chose...

@+

Julien · Answer

Re, 

J'ai arrêté le scan dès qu'il a trouvé quelque chose, c'était juste le setp up de NAVILOG qu'était encore là, les fichiers infectés !!! Je l'ai donc viré. 

Et te poste le rapport plus que partiel, puisqu'en fait il a trouvé très vite. 

-------------------------------------------------------------------------------
 KASPERSKY ONLINE SCANNER REPORT
 Friday, November 02, 2007 3:55:30 PM
 Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600)
 Kaspersky Online Scanner version: 5.0.98.0
 Kaspersky Anti-Virus database last update:  2/11/2007
 Kaspersky Anti-Virus database records: 450434
-------------------------------------------------------------------------------

Scan Settings:
	Scan using the following antivirus database: extended
	Scan Archives: true
	Scan Mail Bases: true

Scan Target - My Computer:
	A:\
	C:\
	D:\
	E:\

Scan Statistics:
	Total number of scanned objects: 1580
	Number of viruses found: 1
	Number of infected objects: 2
	Number of suspicious objects: 0
	Duration of the scan process: 00:01:13

Infected Object Name / Virus Name / Last Action
C:\Documents and Settings\Julien\Application Data\Mozilla\Firefox\Profiles\6cn91608.default\cert8.db	Object is locked	skipped
C:\Documents and Settings\Julien\Application Data\Mozilla\Firefox\Profiles\6cn91608.default\formhistory.dat	Object is locked	skipped
C:\Documents and Settings\Julien\Application Data\Mozilla\Firefox\Profiles\6cn91608.default\history.dat	Object is locked	skipped
C:\Documents and Settings\Julien\Application Data\Mozilla\Firefox\Profiles\6cn91608.default\key3.db	Object is locked	skipped
C:\Documents and Settings\Julien\Application Data\Mozilla\Firefox\Profiles\6cn91608.default\parent.lock	Object is locked	skipped
C:\Documents and Settings\Julien\Application Data\Mozilla\Firefox\Profiles\6cn91608.default\search.sqlite	Object is locked	skipped
C:\Documents and Settings\Julien\Application Data\Mozilla\Firefox\Profiles\6cn91608.default\urlclassifier2.sqlite	Object is locked	skipped
C:\Documents and Settings\Julien\Bureau\Bordel à virus\Navilog1.exe/file7	Infected: not-a-virus:RiskTool.Win32.Reboot.f	skipped
C:\Documents and Settings\Julien\Bureau\Bordel à virus\Navilog1.exe	Inno: infected - 1	skipped

Scan was interrupted by user!

J'ai retenté un scan ensuite, la punition est toujours la même.
mon Internet (enfin, mes navigateurs et mes logiciels de téléchargement, j'ai testé ma connexion sur le site de Free, elle est au même niveau qu'avant tout ce cirque !) rame, ma zone de notification ne fonctionne pas comme je veux, mes sytèmes de protection plantent tous mais à part ça, eh ben ça va ! 
Et toi, ça va ? :-)

FillPCA · Answer

Re,

Mais il ne fallait pas l'interrompre. Je voulais avoir un scan complet.

FillPCA

Julien · Answer

Re aussi,

Au risque de me répéter, je ne peux pas faire un scan complet, tout plante sur le fichier C:\System Volume Information	racking.log

Et quand je dis tout, c'est tout. Anti-spyware, antivirus, antivirus en ligne, ça plante. Kapersky aussi. Comme les autres. 
Dès que je tente un scan profond, quel que soit le logiciel, le résultat est le même. 

ça fait un peu 15 jours que c'est le cas et je réssaye à chaque fois avec bonne volonté dès que vous le me l'indiquez mais je n'insiste maintenant plus vraiment. J'espère à cahque fois que toute l'aide que vous m'avez apporté aura servi à ce que le scan passe, mais à ce jour, bon, il y a toujours un truc qui ne va pas. 

Désolé de ne pouvoir faire de scan, je sais que ça ne facilite pas les choses;

FillPCA · Answer

Re,

Désolé, mais il y a un truc que je ne comprends pas. La désactivation de la restauration système devrait vider le dossier c:\Systeme Volume Information.

Donc je ne comprends pas dans ces conditions pourquoi ça continue à planter.

Ceci étant dit, je ne pense que le problème soit toujours infectieux, compte-tenu qu'Escan et Antivir ont été réalisés.

FillPCA

Julien · Answer

Est-ce que ça changerait quelque chose si j'essayais de désactiver / réactiver en mode sans échec ?

FillPCA · Answer

Re,

Non. J'aimerais refaire un dernier test. Après, je suis à court d'idée.

1/ Tu dois désactiver la restauration système. Pour cela, fais un clic droit sur « poste de travail ». Dans l’onglet « restauration du système », coche la case « désactiver la restauration système ». Clique sur appliquer>OK et redémarre le PC

2/ Tente le scan en ligne.

3/ Tu dois réactiver la restauration système. Pour cela, fais un clic droit sur « poste de travail ». Dans l’onglet « restauration du système »,décoche la case « désactiver la restauration système ». Clique sur appliquer>OK et redémarre le PC.

FillPCA

Julien · Answer

Viens d'essayer, ça n'a pas marché non plus...

FillPCA · Answer

Re,

1/     *  Télécharge PCA (d'Evosla) : http://ww25.evosla.com/pca_cpt.php?agr=pca_securite
    * Dézippe-le dans un répertoire dédié comme c:\PCA au moyen d'un clic droit (Extraire...),
    * Clique sur l'onglet  "diagnostic du PC" puis "analyser".
    * Laisse l'analyse se dérouler. Cela ne prend que quelques secondes.
    * Clique sur "enregistrer le rapport" en bas à droite et sauvegarde-le sur le bureau.
    * Edite le contenu de ce rapport dans ta prochaine réponse. Il se nomme PCA_LOG.txt

2/     *  Télécharge GenProc (de Lazzzy et Narco4) sur ton bureau : http://www.alt-shift-return.org/Info/Fichiers/GenProc.zip
    * Dézippe-le sur ton bureau (Clic droit>Extraire ici).
    * Double-clique sur GenProc.bat et édite le rapport généré par le programme.
    * Tu trouveras une aide en images ici : http://www.alt-shift-return.org/Info/GenProc-HowTo.html

3/ Un scan avec Antivir en mode sans échec avec Antivir fonctionne-t-il ? Apparemment, ça vait marché le samedi 27 octobre 2007 à 04h23:05.

FillPCA

Julien · Answer

Alors, rien dans le rapport GenProc (je l'ai pas sauvegardé, il était vide sauf une ligne genre "tout baigne"). 

Voilà le rapport PCA : 

# PCA Sécurité V 1.0.2, (fichier LOG).
# Rapport du  :02/11/2007 23:21:56
Microsoft Windows XP  Service Pack 2
 
==>> Processus <==
\SystemRoot\System32\smss.exe
\??\C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\ATKKBService.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\System32
vsvc32.exe
C:\WINDOWS\System32	cpsvcs.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Julien\Bureau\pca.exe
 
//pages de démarrage et de recherche d'Internet Explorer
RO - HKLM\Software\Microsoft\Internet Explorer\Main\Start Page = https://www.01net.com/telecharger/
RO - HKLM\Software\Microsoft\Internet Explorer\Main\Default_Page_URL = https://www.01net.com/telecharger/
RO - HKCU\Software\Microsoft\Internet Explorer\Main\Start Page = about:blank
RO - HKCU\Software\Microsoft\Internet Explorer\Toolbar\LinksFolderName = Liens
R1 - HKLM\Software\Microsoft\Internet Explorer\Main\Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main\Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKCU\Software\Microsoft\Internet Explorer\Main\Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
R1 - HKLM\Software\Microsoft\Internet Explorer\Search\CustomizeSearch = https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchcust.htm
R1 - HKLM\Software\Microsoft\Internet Explorer\Search\SearchAssistant = https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchasst.htm
//applications lancées depuis system.ini,win.ini 
//03 - Browser Helper Objects (BHOs)
02 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
02 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
//04 - applications chargées automatiquement
04 - HKLM\..\RUN: [RTHDCPL] - RTHDCPL.EXE
04 - HKLM\..\RUN: [ZoneAlarm Client] - "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
04 - HKLM\..\RUN: [!AVG Anti-Spyware] - "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
04 - HKLM\..\RUN: [SunJavaUpdateSched] - "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
04 - HKLM\..\RUN: [HPDJ Taskbar Utility] - C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe
04 - HKLM\..\RUN: [NvCplDaemon] - RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
04 - HKLM\..\RUN: [avgnt] - "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
04 - HKLM\..\RUN: [QuickTime Task] - "C:\Program Files\QuickTime\qttask.exe" -atboottime
04 - HKLU\..\RUN: [ctfmon.exe] - C:\WINDOWS\system32\ctfmon.exe
04 - HKLU\..\RUN: [MSMSGS] - "C:\Program Files\Messenger\msmsgs.exe" /background
04 - HKLU\..\RUN: [msnmsgr] - "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
04 - HKUS\S-1-5-19\..\RUN: [CTFMON.EXE] - RTHDCPL.EXE
04 - HKUS\S-1-5-19\..\RUN: [AVG7_Run] - "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
04 - HKUS\S-1-5-21-1844237615-920026266-725345543-1003\..\RUN: [ctfmon.exe] - RTHDCPL.EXE
04 - HKUS\S-1-5-21-1844237615-920026266-725345543-1003\..\RUN: [MSMSGS] - "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
04 - HKUS\S-1-5-21-1844237615-920026266-725345543-1003\..\RUN: [msnmsgr] - "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
//05 - Accès au panneau de contrôle d'Internet Explorer (control.ini) 
//06-  interdiction à l' accès au options (Internet Explorer) 
//07 -  blocage de l'exécution de Regedit 
//08 - lignes supplémentaires dans le menu contextuel d'Internet Explorer
08 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
//09 - boutons situés sur la barre d'outils principale d'Internet Explorer
09 - Extra button:  - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
09 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
09 - Extra button:  - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe
09 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe
09 - Extra button:  - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
09 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
09 - Extra button:  - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
09 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
09 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
09 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
//O10 - Pirates de Winsock
//O11 - Onglet supplémentaire dans les options avancées d'Internet Explorer) 
O11 - Options group: [INTERNATIONAL] - International*
//O12 - IE plugins
//013 : DefaultPrefix 
//014 - Option : (Rétablir les paramètres Web) 
//015 - Zone de confiance d'Internet Explorer
//O16 - Objets ActiveX
O16 - DPF :  CKAVWebScan Object - {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} - C:\WINDOWS\system32\Kaspersky Lab\Kaspersky Online Scanner\kavwebscan.dll
O16 - DPF :   - {33564D57-9980-0010-8000-00AA00389B71} - 
O16 - DPF :  BDSCANONLINE Control - {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - C:\WINDOWS\BDOSCAN8\oscan82.ocx
O16 - DPF :  WUWebControl Class - {6414512B-B978-451D-A0D8-FCFDF33E833C} - C:\WINDOWS\System32\wuweb.dll
O16 - DPF :  HouseCall Control - {74D05D43-3236-11D4-BDCD-00C04F9A3B61} - C:\WINDOWS\DOWNLO~1\xscan53.ocx
O16 - DPF :   - {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} - 
O16 - DPF :   - {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - 
//O17 - piratage de domaine Lop.com
//O18 - protocoles additionnels
O18 - Protocol: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files\Fichiers communs\Microsoft Shared\Web Folders\PKMCDO.DLL
O18 - Protocol: lid - {5C135180-9973-46D9-ABF4-148267CBB8BF} - C:\WINDOWS\System32\msvidctl.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} - 
O18 - Protocol: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\System32\itss.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: mso-offdap - {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\PROGRA~1\FICHIE~1\MICROS~1\WEBCOM~1\10\OWC10.DLL
//O19 - feuille de style de l'utilisateur
//O20 - valeur de Registre AppInit_DLLs et les sous-clés Winlogon Notify
//O21 - ShellServiceObjectDelayLoad
O21 - SSODL: UPnP Tray Monitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll
//O22 - SharedTaskScheduler
O22 - SharedTaskScheduler: Pré-chargeur Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - %SystemRoot%\System32\browseui.dll
O22 - SharedTaskScheduler: Démon de cache des catégories de composant - {8C7461EF-2B13-11d2-BE35-3078302C2030} - %SystemRoot%\System32\browseui.dll
//O23 - services de XP,NT, 2000, et 2003
O23 - Service: [Ad-Aware 2007 Service] - "C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe"
O23 - Service: [Service de la passerelle de la couche Application] - %SystemRoot%\System32\alg.exe
O23 - Service: [AntiVir PersonalEdition Classic Scheduler] - "C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe"
O23 - Service: [AntiVir PersonalEdition Classic Guard] - "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe"
O23 - Service: [Apple Mobile Device] - "C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe"
O23 - Service: [ATK Keyboard Service] - C:\WINDOWS\ATKKBService.exe
O23 - Service: [AVG Anti-Spyware Guard] - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: [AVG7 Alert Manager Server] - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: [AVG7 Update Service] - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: [AVG E-mail Scanner] - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: [Gestionnaire de l'Album] - %SystemRoot%\system32\clipsrv.exe
O23 - Service: [Application système COM+] - C:\WINDOWS\System32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}
O23 - Service: [Service COM de gravage de CD IMAPI] - 
O23 - Service: [Service de l'iPod] - "C:\Program Files\iPod\bin\iPodService.exe"
O23 - Service: [Partage de Bureau à distance NetMeeting] - C:\WINDOWS\System32\mnmsrvc.exe
O23 - Service: [Distributed Transaction Coordinator] - C:\WINDOWS\System32\msdtc.exe
O23 - Service: [NVIDIA Display Driver Service] - %SystemRoot%\System32
vsvc32.exe
O23 - Service: [Gestionnaire de session d'aide sur le Bureau à distance] - C:\WINDOWS\system32\sessmgr.exe
O23 - Service: [Localisateur d'appels de procédure distante (RPC)] - %SystemRoot%\System32\locator.exe
O23 - Service: [QoS RSVP] - %SystemRoot%\System32svp.exe
O23 - Service: [Spouleur d'impression] - %SystemRoot%\system32\spoolsv.exe
O23 - Service: [MS Software Shadow Copy Provider] - C:\WINDOWS\System32\dllhost.exe /Processid:{9C4BC94E-516D-456E-B1C4-2B529E5B5F4D}
O23 - Service: [Journaux et alertes de performance] - %SystemRoot%\system32\smlogsvc.exe
O23 - Service: [Telnet] - C:\WINDOWS\System32	lntsvr.exe
O23 - Service: [Windows User Mode Driver Framework] - C:\WINDOWS\system32\wdfmgr.exe
O23 - Service: [Uninterruptible Power Supply] - %SystemRoot%\System32\ups.exe
O23 - Service: [Service Messenger Sharing Folders USN Journal Reader] - "C:\Program Files\MSN Messenger\usnsvc.exe"
O23 - Service: [TrueVector Internet Monitor] - C:\WINDOWS\system32\ZoneLabs\vsmon.exe -service
O23 - Service: [Cliché instantané de volume] - %SystemRoot%\System32\vssvc.exe
O23 - Service: [Carte de performance WMI] - C:\WINDOWS\System32\wbem\wmiapsrv.exe


Antivir en mode sans échec avait en effet fonctionné et trouvé une douzaine de saloperies. Tu veux que je réitère ?

FillPCA · Answer

Re,

1/ Tu as AVGantispyware, ce qui est une bonne chose, mais aussi AVGantivirus. Il faut un antivirus unique donc tu dois désinstaller ce dernier, Antivir lui étant supérieur. En-dehors de ceci, c'est propre.

2/ J'aimerais en effet que tu tentes un scan avec Antivir.

FillPCA

Julien · Answer

Ok, donc, résumons-nous. 

J'ai désinstallé AVG antivirus mais j'ai eu un plantage pendant la désisntall et visiblement il reste des composants. Pourtant,quand je regarde avec ajout/désinstallation de programmes, avec CCleaner ou TuneUp, il ne trouve plus le programmme. 

Le Sioux m'a fait donc fait passer par services.msc pour "éteindre" ce qui restait. Y'a-t-il un autre moyen d'enlever pour de bon ce qui reste ? 

Je te fais le scan Antivir ASAP.

FillPCA · Answer

Re,

1/ Pour la désinstallation, il y a ceci : http://www1.grisoft.com/doc/51/us/crp/0/num/288#faq_288

2/ Tu ré-éditeras un rapport PCA ensuite pour voir si la désinstallation a été effective.

FillPCA

Julien · Answer

Merci pour l'astuce mais... Bben, je dois pas être doué, moi. 

AVG ne me propose qu'une installation, et quand j'essaye de cliquer sur install pour aller plus loin, ce satané programme me demande une clé de licence que je n'ai absolument pas...  Comment pourrais-je l'avoir d'ailleurs vu que je viens de télécharger le programme...

Bref, un plantage pendant la désinstall, c'est Noël, tu le gardes à jamais ton programme ! :-)

Le sacn complet en mode sans échec d'Antivir a fonctionné. 
Il n'a rien troué. Voilà le rapport. 

Une bonne soirée. 



AntiVir PersonalEdition Classic
Report file date: vendredi 2 novembre 2007  23:52

Scanning for 912530 virus strains and unwanted programs.

Licensed to:      Avira AntiVir PersonalEdition Classic
Serial number:    0000149996-ADJIE-0001
Platform:         Windows XP
Windows version:  (Service Pack 2)  [5.1.2600]
Username:         Julien
Computer name:    CHARPENT-UM4M4U

Version information:
BUILD.DAT    : 270           15603 Bytes  19/09/2007 13:32:00
AVSCAN.EXE   : 7.0.6.1      290856 Bytes  23/08/2007 12:16:29
AVSCAN.DLL   : 7.0.6.0       49192 Bytes  16/08/2007 11:23:51
LUKE.DLL     : 7.0.5.3      147496 Bytes  14/08/2007 14:32:47
LUKERES.DLL  : 7.0.6.1       10280 Bytes  21/08/2007 11:35:20
ANTIVIR0.VDF : 6.40.0.0    11030528 Bytes  18/07/2007 01:19:03
ANTIVIR1.VDF : 7.0.0.0     1640448 Bytes  13/09/2007 01:19:03
ANTIVIR2.VDF : 7.0.0.140    940544 Bytes  26/10/2007 01:19:03
ANTIVIR3.VDF : 7.0.0.162    117760 Bytes  01/11/2007 02:39:51
AVEWIN32.DLL : 7.6.0.30    3056128 Bytes  27/10/2007 01:19:03
AVWINLL.DLL  : 1.0.0.7       14376 Bytes  26/02/2007 09:36:26
AVPREF.DLL   : 7.0.2.2       25640 Bytes  18/07/2007 06:39:17
AVREP.DLL    : 7.0.0.1      155688 Bytes  16/04/2007 12:16:24
AVPACK32.DLL : 7.3.0.15     360488 Bytes  03/08/2007 07:46:00
AVREG.DLL    : 7.0.1.6       30760 Bytes  18/07/2007 06:17:06
AVARKT.DLL   : 1.0.0.20     278568 Bytes  28/08/2007 11:26:33
AVEVTLOG.DLL : 7.0.0.20      86056 Bytes  18/07/2007 06:10:18
NETNT.DLL    : 7.0.0.0        7720 Bytes  08/03/2007 10:09:42
RCIMAGE.DLL  : 7.0.1.30    2342952 Bytes  07/08/2007 11:38:13
RCTEXT.DLL   : 7.0.62.0      86056 Bytes  21/08/2007 11:50:37
SQLITE3.DLL  : 3.3.17.1     339968 Bytes  23/07/2007 08:37:21

Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: off
Scan boot sector.................: on
Boot sectors.....................: D:, 
Scan memory......................: on
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: All files
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Deviating archive types..........: +BSD Mailbox, +Netscape/Mozilla Mailbox, +Eudora Mailbox, +Squid cache, +Pegasus Mailbox, +MS Outlook Mailbox, 
Macro heuristic..................: on
File heuristic...................: high
Deviating risk categories........: +APPL,+GAME,+JOKE,+PCK,+SPR,

Start of the scan: vendredi 2 novembre 2007  23:52

The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'guard.exe' - '1' Module(s) have been scanned
Scan process 'aawservice.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
13 processes with 13 modules were scanned

Start scanning boot sectors:
Boot sector 'C:\'
      [NOTE]      No virus was found!
Boot sector 'D:\'
      [NOTE]      No virus was found!

Starting to scan the registry.
The registry was scanned ( '23' files ).


Starting the file scan:

Begin scan in 'C:\'
C:\pagefile.sys
      [WARNING]   The file could not be opened!
C:\Documents and Settings\Julien\Bureau\Zik Check\Yann Tiersen\Yann Tiersen - Rue Des Cascades - 160Kbps - Sg.ace
  [0] Archive type: ACE
  --> YANN TIERSEN - Rue Des Cascades\01 - J'y Suis Jamais All&#130;.mp3
      [WARNING]   Error creating the file
  --> YANN TIERSEN - Rue Des Cascades\02 - Rue Des Cascades.mp3
      [WARNING]   No further files can be extracted from this archive. The archive will be closed
      [WARNING]   No further files can be extracted from this archive. The archive will be closed
Begin scan in 'D:\'


End of the scan: samedi 3 novembre 2007  00:28
Used time: 35:20 min

The scan has been done completely.

   2917 Scanning directories
 122311 Files were scanned
      0 viruses and/or unwanted programs were found
      0 Files were classified as suspicious:
      0 files were deleted
      0 files were repaired
      0 files were moved to quarantine
      0 files were renamed
      1 Files cannot be scanned
 122311 Files not concerned
   1004 Archives were scanned
      4 Warnings
    140 Notes

FillPCA · Answer

Bonjour,

1/
    *  Imprime ceci.
    * Télécharge Brute Force Uninstaller (de Merijn) : http://www.merijn.org/files/bfu.zip
    * Créé un nouveau dossier directement sur le C:\ et nomme-le BFU.
    * Décompresse le fichier téléchargé dans ce nouveau dossier au moyen d'un clic droit (Extraire vers...C:\BFU).
    * Ouvre le bloc-note de windows.
    * Copie-colle ces lignes dans la fenêtre du bloc-note :

OptionUnloadShell
ServiceStop AVG7 Alert Manager Server
ServiceDisable AVG7 Alert Manager Server
ServiceDelete AVG7 Alert Manager Server
ServiceStop AVG7 Update Service
ServiceDisable AVG7 Update Service
ServiceDelete AVG7 Update Service
ServiceStop AVG E-mail Scanner
ServiceDisable AVG E-mail Scanner
ServiceDelete AVG E-mail Scanner

FolderDelete %PROGRAMFILES%\Grisoft\AVG7

SystemEmptyTempFolder
SystemEmptyInternetCache
SystemEmptyRecycleBin

    * Enregistre le fichier sur le bureau en fix.txt
    * Fais un clic droit sur ce fichier, choisis Renommer et dans la case, indique le nom fix.BFU.
    * Déplace-le dans le même dossier que Brute Force Uninstaller soit dans c:\BFU
    * Tu dois maintenant avoir deux fichiers dans le dossier C:\BFU : fix.bfu et BFU.exe (très important).
    * Redémarre en mode Sans Échec : au redémarrage, tapote immédiatement la touche F8 (ou F5); tu verras un écran avec choix de démarrages apparaître. Utilisant les flèches du clavier, choisis "Mode Sans Échec" et valide avec "Entrée". Choisis ton compte usuel, et non Administrateur.
    * Démarre le "Brute Force Uninstaller" en double-cliquant BFU.exe (du dossier C:\BFU).
    * Clique sur le petit dossier jaune, à la droite de la boîte Scriptline to execute, et double-clique sur : fix.bfu.
    * Dans la boîte "Scriptline to execute", tu devrais maintenant voir ceci : C:\BFU\fix.bfu
    * Clique sur Execute et laisse-le faire son travail.
    * Attendre que Complete script execution apparaîsse et clique sur OK.
    * Clique Exit pour fermer le programme BFU.
    * Redémarre normalement ton PC.

2/ Edite un nouveau rapport PCA.

FillPCA

Julien · Answer

Salut, j'ai fait ce que tu m'as demandé...

Voilà le rapport PCA : 

# PCA Sécurité V 1.0.2, (fichier LOG).
# Rapport du  :03/11/2007 13:16:40
Microsoft Windows XP  Service Pack 2
 
==>> Processus <==
\SystemRoot\System32\smss.exe
\??\C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\ATKKBService.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\System32
vsvc32.exe
C:\WINDOWS\System32	cpsvcs.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Julien\Bureau\Bordel à virus\pca.exe
 
//pages de démarrage et de recherche d'Internet Explorer
RO - HKLM\Software\Microsoft\Internet Explorer\Main\Start Page = https://www.01net.com/telecharger/
RO - HKLM\Software\Microsoft\Internet Explorer\Main\Default_Page_URL = http://www.01net.com/telecharger/
RO - HKCU\Software\Microsoft\Internet Explorer\Main\Start Page = about:blank
RO - HKCU\Software\Microsoft\Internet Explorer\Toolbar\LinksFolderName = Liens
R1 - HKLM\Software\Microsoft\Internet Explorer\Main\Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main\Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Internet Explorer\Main\Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
R1 - HKLM\Software\Microsoft\Internet Explorer\Search\CustomizeSearch = https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchcust.htm
R1 - HKLM\Software\Microsoft\Internet Explorer\Search\SearchAssistant = https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchasst.htm
//applications lancées depuis system.ini,win.ini 
//03 - Browser Helper Objects (BHOs)
02 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
02 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
02 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
//04 - applications chargées automatiquement
04 - HKLM\..\RUN: [RTHDCPL] - RTHDCPL.EXE
04 - HKLM\..\RUN: [ZoneAlarm Client] - "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
04 - HKLM\..\RUN: [!AVG Anti-Spyware] - "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
04 - HKLM\..\RUN: [SunJavaUpdateSched] - "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
04 - HKLM\..\RUN: [HPDJ Taskbar Utility] - C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe
04 - HKLM\..\RUN: [NvCplDaemon] - RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
04 - HKLM\..\RUN: [avgnt] - "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
04 - HKLU\..\RUN: [MSMSGS] - "C:\Program Files\Messenger\msmsgs.exe" /background
04 - HKLU\..\RUN: [msnmsgr] - "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
04 - HKLU\..\RUN: [ctfmon.exe] - C:\WINDOWS\system32\ctfmon.exe
04 - HKUS\S-1-5-19\..\RUN: [CTFMON.EXE] - RTHDCPL.EXE
04 - HKUS\S-1-5-19\..\RUN: [AVG7_Run] - "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
04 - HKUS\S-1-5-21-1844237615-920026266-725345543-1003\..\RUN: [MSMSGS] - RTHDCPL.EXE
04 - HKUS\S-1-5-21-1844237615-920026266-725345543-1003\..\RUN: [msnmsgr] - "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
04 - HKUS\S-1-5-21-1844237615-920026266-725345543-1003\..\RUN: [ctfmon.exe] - "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
//05 - Accès au panneau de contrôle d'Internet Explorer (control.ini) 
//06-  interdiction à l' accès au options (Internet Explorer) 
//07 -  blocage de l'exécution de Regedit 
//08 - lignes supplémentaires dans le menu contextuel d'Internet Explorer
08 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
//09 - boutons situés sur la barre d'outils principale d'Internet Explorer
09 - Extra button:  - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
09 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
09 - Extra button:  - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe
09 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe
09 - Extra button:  - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
09 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
09 - Extra button:  - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
09 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
09 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
09 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
//O10 - Pirates de Winsock
//O11 - Onglet supplémentaire dans les options avancées d'Internet Explorer) 
O11 - Options group: [INTERNATIONAL] - International*
//O12 - IE plugins
//013 : DefaultPrefix 
//014 - Option : (Rétablir les paramètres Web) 
//015 - Zone de confiance d'Internet Explorer
//O16 - Objets ActiveX
O16 - DPF :  CKAVWebScan Object - {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} - C:\WINDOWS\system32\Kaspersky Lab\Kaspersky Online Scanner\kavwebscan.dll
O16 - DPF :   - {33564D57-9980-0010-8000-00AA00389B71} - 
O16 - DPF :  BDSCANONLINE Control - {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - C:\WINDOWS\BDOSCAN8\oscan82.ocx
O16 - DPF :  WUWebControl Class - {6414512B-B978-451D-A0D8-FCFDF33E833C} - C:\WINDOWS\System32\wuweb.dll
O16 - DPF :  HouseCall Control - {74D05D43-3236-11D4-BDCD-00C04F9A3B61} - C:\WINDOWS\DOWNLO~1\xscan53.ocx
O16 - DPF :   - {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} - 
O16 - DPF :   - {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - 
//O17 - piratage de domaine Lop.com
//O18 - protocoles additionnels
O18 - Protocol: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files\Fichiers communs\Microsoft Shared\Web Folders\PKMCDO.DLL
O18 - Protocol: lid - {5C135180-9973-46D9-ABF4-148267CBB8BF} - C:\WINDOWS\System32\msvidctl.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} - 
O18 - Protocol: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\System32\itss.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: mso-offdap - {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\PROGRA~1\FICHIE~1\MICROS~1\WEBCOM~1\10\OWC10.DLL
//O19 - feuille de style de l'utilisateur
//O20 - valeur de Registre AppInit_DLLs et les sous-clés Winlogon Notify
//O21 - ShellServiceObjectDelayLoad
O21 - SSODL: UPnP Tray Monitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll
//O22 - SharedTaskScheduler
O22 - SharedTaskScheduler: Pré-chargeur Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - %SystemRoot%\System32\browseui.dll
O22 - SharedTaskScheduler: Démon de cache des catégories de composant - {8C7461EF-2B13-11d2-BE35-3078302C2030} - %SystemRoot%\System32\browseui.dll
//O23 - services de XP,NT, 2000, et 2003
O23 - Service: [Ad-Aware 2007 Service] - "C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe"
O23 - Service: [Service de la passerelle de la couche Application] - %SystemRoot%\System32\alg.exe
O23 - Service: [AntiVir PersonalEdition Classic Scheduler] - "C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe"
O23 - Service: [AntiVir PersonalEdition Classic Guard] - "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe"
O23 - Service: [Apple Mobile Device] - "C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe"
O23 - Service: [ATK Keyboard Service] - C:\WINDOWS\ATKKBService.exe
O23 - Service: [AVG Anti-Spyware Guard] - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: [Gestionnaire de l'Album] - %SystemRoot%\system32\clipsrv.exe
O23 - Service: [Application système COM+] - C:\WINDOWS\System32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}
O23 - Service: [Service COM de gravage de CD IMAPI] - 
O23 - Service: [Service de l'iPod] - "C:\Program Files\iPod\bin\iPodService.exe"
O23 - Service: [Partage de Bureau à distance NetMeeting] - C:\WINDOWS\System32\mnmsrvc.exe
O23 - Service: [Distributed Transaction Coordinator] - C:\WINDOWS\System32\msdtc.exe
O23 - Service: [NVIDIA Display Driver Service] - %SystemRoot%\System32
vsvc32.exe
O23 - Service: [Gestionnaire de session d'aide sur le Bureau à distance] - C:\WINDOWS\system32\sessmgr.exe
O23 - Service: [Localisateur d'appels de procédure distante (RPC)] - %SystemRoot%\System32\locator.exe
O23 - Service: [QoS RSVP] - %SystemRoot%\System32svp.exe
O23 - Service: [Spouleur d'impression] - %SystemRoot%\system32\spoolsv.exe
O23 - Service: [MS Software Shadow Copy Provider] - C:\WINDOWS\System32\dllhost.exe /Processid:{9C4BC94E-516D-456E-B1C4-2B529E5B5F4D}
O23 - Service: [Journaux et alertes de performance] - %SystemRoot%\system32\smlogsvc.exe
O23 - Service: [Telnet] - C:\WINDOWS\System32	lntsvr.exe
O23 - Service: [Windows User Mode Driver Framework] - C:\WINDOWS\system32\wdfmgr.exe
O23 - Service: [Uninterruptible Power Supply] - %SystemRoot%\System32\ups.exe
O23 - Service: [Service Messenger Sharing Folders USN Journal Reader] - "C:\Program Files\MSN Messenger\usnsvc.exe"
O23 - Service: [TrueVector Internet Monitor] - C:\WINDOWS\system32\ZoneLabs\vsmon.exe -service
O23 - Service: [Cliché instantané de volume] - %SystemRoot%\System32\vssvc.exe
O23 - Service: [Carte de performance WMI] - C:\WINDOWS\System32\wbem\wmiapsrv.exe

On dirait que ça a marché, non ?

FillPCA · Answer

Re,

Le rapport est propre. Ré-active ta restauration système et redémarre le pc. 
Peux-tu faire le point sur les problèmes qui demeurent car ce n'est plus un problème d'infection selon moi.

FillPCA

Julien · Answer

Bonjour FillPCA, 

Avant tout, encore une fois mille fois merci à toi au Sioux pour toute l'aide que vous avez pu apporté. Bon, j'ai fait plein de trucs auxquels je n'ai absolument rien compris, mais tout a eu l'air de marcher ! :-) 
Alors chapeau à tous les deux pour la disponibilité. 

En ce qui concerne le PC, tout a l'air de rouler à peu près. Plus de plantages, plus de détections de virus en effet. J'ai fait aussi une défrag, un scandisk et un ccleaner en espérant remettre le bouzin dans le droit chemin. 

Mais il y a toujours les 2 mêmes choses qui refusent de fonctionner. 

A savoir la zone de notification (pas grave, mais relou, elle était revenue hier avant les dernières actions demandées, je crois les doigts pour que ça revienne...) Elle affiche bien messenger, Zone Alarm et AVG antispyware, mais pas le son et Antivir

Et évidemment, le + emmerdant, l'impossibilité de faire un scan complet/minutieux malgré les multiples désactivation/réactivation de la restauration, le dossier C:\system volume information	racking.log continue de tous les faire planter. 

Et la partition. Vu que le windows que je possède est un service pack 1, au moment de l'install windows, il ne voit que 130 Go de disque alors qu'il fait 200. je ne sais pas comment récupérer les 70 (!!!) Go restants sans tout devoir réinstaller. Il peut y avoir un lien ? 

Si ce n'est pas un problème infectieux, peut-être est-ce un problème logiciel ? J'ai téléchargé le pack 2 sur 01.net et l'ai isntallé, ce qui fait que ça a reconnu ma carte son (pas le avec le pack 1) et que j'ai du son, mais par contre pour les autres soucis sus-mentionnés demeurent...

Voilà
Julien

FillPCA · Answer

Salut,

Là, j'ai pas d'autre idée pour cela. Ma spécialité, c'est les bébettes. Essaie d'ouvrir un sujet sur le forum windows.

Bon surf, et content de t'avoir aidé à dératiser avec Le Sioux !

FillPCA

Julien · Answer

Ok, 

Encore un grand merci pour votre aide ! Transmets mes remerciements au vacancier quand il rentre ! ;-)
Je tente de passer au forum Windows pour la suite, j'y arriverais ! :-)

@+
Julien

FillPCA · Answer

Re,

Pas de soucis. Quand il aura capturé plein de bisons, il reviendra nettoyer des pc avec nous.

FillPCA

Le sioux · Answer

Bonsoir Julien, 

Bonsoir FillPCA et  merci .

Ca y est I am de retour lol  je vois que vous avez bien bossé pendant que  je bullais dans le sud  ;-) 

@ +

Troyens en pagaille qui reviennent

91 réponses

Discussions similaires