Virus defensenetsurfage
Résolu/Fermé
A voir également:
- Virus defensenetsurfage
- Youtu.be virus - Accueil - Guide virus
- Svchost.exe virus - Guide
- Faux message virus ordinateur - Accueil - Arnaque
- Softonic virus ✓ - Forum Virus
- Faux message virus iphone - Forum iPhone
45 réponses
Regis59
Messages postés
21143
Date d'inscription
mardi 27 juin 2006
Statut
Contributeur sécurité
Dernière intervention
22 juin 2016
1 321
4 nov. 2007 à 19:55
4 nov. 2007 à 19:55
Bienvenue sur le forum d’entraide de CommentCaMarche.net
Nous connaissons votre situation et nous vous conseillons de ne surtout pas vous inquiéter.
De plus, au vu du nombre croissant de désinfections effectuées sur le forum, nous vous demandons un peu de patience et surtout de ne pas créer plusieurs postes pour le même problème.
Merci de votre compréhension.
Copie colle ton rapport HijackThis.
Bon courage
A+
Nous connaissons votre situation et nous vous conseillons de ne surtout pas vous inquiéter.
De plus, au vu du nombre croissant de désinfections effectuées sur le forum, nous vous demandons un peu de patience et surtout de ne pas créer plusieurs postes pour le même problème.
Merci de votre compréhension.
Copie colle ton rapport HijackThis.
Bon courage
A+
Ok merci beaucoup d'avoir répondu é désolé d'avoir créé 2postes... voici mon raport hijackthis :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:36:13, on 04/11/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\EPSON\EBAPI\eEBSVC.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\cisvc.exe
C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\tcpsvcs.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\SYSTEM32\cidaemon.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\CursorXP\CursorXP.exe
C:\Program Files\SAGEM Wi-Fi USB 802.11g\WLANUTL.exe
C:\Program Files\eMule\emule.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\explorer.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FR_FR&c=Q404&bd=pavilion&pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.bearshare.com/sidebar.html?src=ssb
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = 255.255.255.255
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 255.255.255.255:80
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - <default> - (no file)
R3 - URLSearchHook: (no name) - {1BB22D38-A411-4B13-A746-C2A4F4EC7344} - (no file)
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (file missing)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: MSVPS System - {077F45D5-5CC9-4FC8-A7BB-9D79836A6066} - C:\WINDOWS\movctrlnkd.dll
O2 - BHO: (no name) - {549B5CA7-4A86-11D7-A4DF-000874180BB3} - (no file)
O2 - BHO: (no name) - {65D5A3B2-859E-42F5-AE9E-BC6D7EC1B0EB} - C:\WINDOWS\system32\VBA232.DLL (file missing)
O2 - BHO: SpamBlockerUtility - {74CC49F7-EB32-4A08-B204-948962A6E3DB} - C:\Program Files\SpamBlockerUtility\Bin\4.8.0.0\SbHostIE.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: (no name) - {8bf5b8fc-11cb-409f-8c91-4d4ca04a1b6d} - C:\Program Files\VideoKeyCodec\isaddon.dll (file missing)
O2 - BHO: ADefaultSearch Class - {944864A5-3916-46E2-96A9-A2E84F3F1208} - C:\Program Files\Accoona\ASearchAssist.dll (file missing)
O2 - BHO: BHO pour Compagnon Web Encarta - {955BE0B8-BC85-4CAF-856E-8E0D8B610560} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Web Companion\2007\ENCWCBAR.DLL
O2 - BHO: (no name) - {B7531CF3-3DBE-4D68-BED9-E3697F3CDC9B} - C:\WINDOWS\system32\dplay32.dll (file missing)
O2 - BHO: (no name) - {C2EA6A7E-79FC-4CFB-90E4-898C742B44C5} - C:\WINDOWS\system32\mobsyncd.dll (file missing)
O2 - BHO: TGTSoft Explorer Toolbar Changer - {C333CF63-767F-4831-94AC-E683D962C63C} - C:\Program Files\TGTSoft\StyleXP\TGT_BHO.dll
O2 - BHO: (no name) - {F3E3A0A8-906B-47D7-8E5E-8C7F1D3C0BDC} - C:\WINDOWS\system32\ulib32.dll (file missing)
O2 - BHO: XBTP01621 - {F6104497-54FD-4688-9162-5115CC8AB0FB} - C:\PROGRA~1\BEARSH~2\BEARSH~2\MediaBar.dll (file missing)
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
O3 - Toolbar: Vue HP - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll
O3 - Toolbar: SpamBlockerUtility - {74CC49F7-EB32-4A08-B204-948962A6E3DB} - C:\Program Files\SpamBlockerUtility\Bin\4.8.0.0\SbHostIE.dll (file missing)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (file missing)
O3 - Toolbar: (no name) - {1a29a79a-b9c8-44a9-bedf-7fadde3cf33f} - (no file)
O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)
O3 - Toolbar: BearShare MediaBar - {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - C:\Program Files\BearShare applications\BearShare MediaBar\MediaBar.dll (file missing)
O3 - Toolbar: Compagnon Web Encarta - {147D6308-0614-4112-89B1-31402F9B82C4} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Web Companion\2007\ENCWCBAR.DLL
O3 - Toolbar: (no name) - {AC9BBDB2-8FCD-49C8-96F7-CC3CF7B453CD} - (no file)
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Explorer] C:\WINDOWS\system32\expIorer.exe
O4 - HKLM\..\Run: [HPHUPD06] c:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe
O4 - HKLM\..\Run: [h3yb0y] C:\WINDOWS\SYSTEM32\DRIVERS\etc\LSASS.exe C:\WINDOWS\SYSTEM32\DRIVERS\etc\service.exe C:\WINDOWS\SYSTEM32\DRIVERS\etc\conf.dll
O4 - HKLM\..\Run: [h3yb0y1] C:\WINDOWS\SYSTEM32\DRIVERS\etc\LSASS.exe C:\WINDOWS\SYSTEM32\DRIVERS\etc\system.exe C:\WINDOWS\SYSTEM32\DRIVERS\etc\serv-u.ini
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [helpr] C:\Program Files\SETI\helper.exe -loader -nolog
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [HPHmon06] C:\WINDOWS\system32\hphmon06.exe
O4 - HKLM\..\Run: [EPSON Stylus CX3200] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE /P19 "EPSON Stylus CX3200" /O6 "USB001" /M "Stylus CX3200"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKCU\..\Run: [PCShield] regsvr32 /s "C:\WINDOWS\system32\sfg.dll"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [STYLEXP] C:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide
O4 - HKCU\..\Run: [L07FXLRD_674447171] "C:\Program Files\Microsoft Etudes\Microsoft Encarta 2007 - Études DVD\EDICT.EXE" -m
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [Philips Intelligent Agent] "C:\Program Files\Philips Intelligent Agent\Philips Intelligent Agent.exe" /SILENT
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [CursorXP] C:\Program Files\CursorXP\CursorXP.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - Startup: Utilitaire réseau pour SAGEM Wi-Fi 11g USB adapter.lnk = ?
O8 - Extra context menu item: Télécharger avec FlashGet - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: Télécharger tout avec FlashGet - C:\Program Files\FlashGet\jc_all.htm
O9 - Extra button: Barre de recherche Encarta - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe (file missing)
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe (file missing)
O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe (file missing)
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by16fd.bay16.hotmail.msn.com/resources/MsnPUpld.cab
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.5.0) - http://javadl-esd.sun.com/update/1.5.0/jinstall-1_5_0_11-windows-i586-jc.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{0715969B-283B-4E93-8F2C-A4343706CA61}: NameServer = 85.155.115.94,85.155.118.94
O17 - HKLM\System\CCS\Services\Tcpip\..\{14DCEE1F-2437-4031-BA4A-C5A1D2178B73}: NameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{A4936D06-CABB-4B7A-B4A3-C8CD91583420}: NameServer = 85.255.115.94,85.255.112.24
O17 - HKLM\System\CCS\Services\Tcpip\..\{D76BD333-1E83-4E68-AF63-C008CBBC9822}: NameServer = 85.255.115.94,85.255.112.24
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.115.94 85.255.112.24
O17 - HKLM\System\CS1\Services\Tcpip\..\{0715969B-283B-4E93-8F2C-A4343706CA61}: NameServer = 85.255.115.94,85.255.112.24
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 85.255.115.94 85.255.112.24
O17 - HKLM\System\CS2\Services\Tcpip\..\{0715969B-283B-4E93-8F2C-A4343706CA61}: NameServer = 85.255.115.94,85.255.112.24
O17 - HKLM\System\CS3\Services\Tcpip\Parameters: NameServer = 85.255.115.94 85.255.112.24
O17 - HKLM\System\CS3\Services\Tcpip\..\{0715969B-283B-4E93-8F2C-A4343706CA61}: NameServer = 85.255.115.94,85.255.112.24
O17 - HKLM\System\CS4\Services\Tcpip\Parameters: NameServer = 85.255.115.94 85.255.112.24
O17 - HKLM\System\CS4\Services\Tcpip\..\{0715969B-283B-4E93-8F2C-A4343706CA61}: NameServer = 85.255.115.94,85.255.112.24
O17 - HKLM\System\CS5\Services\Tcpip\Parameters: NameServer = 85.255.115.94 85.255.112.24
O17 - HKLM\System\CS5\Services\Tcpip\..\{0715969B-283B-4E93-8F2C-A4343706CA61}: NameServer = 85.155.115.94,85.155.118.94
O17 - HKLM\System\CS6\Services\Tcpip\Parameters: NameServer = 85.255.115.94 85.255.112.24
O17 - HKLM\System\CS6\Services\Tcpip\..\{0715969B-283B-4E93-8F2C-A4343706CA61}: NameServer = 85.155.115.94,85.155.118.94
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.115.94 85.255.112.24
O18 - Filter hijack: text/html - {03974811-C15F-462c-B6B0-2D2336AA57D0} - C:\WINDOWS\system32\hlwin.dll
O20 - AppInit_DLLs: . 3 SF3.DLL,noxizaca.dll C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O21 - SSODL: bxsbang - {D117607A-ED64-4810-9909-CD719374EE12} - C:\WINDOWS\bxsbang.dll
O21 - SSODL: ocgrep - {8FFDD5BE-033D-4645-89DD-F81933FEDE44} - C:\WINDOWS\ocgrep.dll (file missing)
O21 - SSODL: msmhost - {15FFDB8C-56FB-4F8A-B706-B188429645AA} - C:\WINDOWS\msmhost.dll
O21 - SSODL: msmdev - {DB0855E8-80B3-44FE-B65C-8C23E45D0C0B} - C:\WINDOWS\msmdev.dll (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Boonty Games - Unknown owner - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe (file missing)
O23 - Service: EpsonBidirectionalService - Unknown owner - C:\Program Files\Fichiers communs\EPSON\EBAPI\eEBSVC.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Unknown owner - C:\Program Files\iPod\bin\iPodService.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: Noxizac Service (NoxizacSrv) - Unknown owner - C:\WINDOWS\system32\noxizac.exe (file missing)
O23 - Service: NTLOAD - Unknown owner - c:\windows\system32\dllcache\win32\winlogon.exe
O23 - Service: NTSVCMGR - Unknown owner - c:\windows\system32\dllcache\win32\winlogon.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: OCBNEXFH - Sysinternals - www.sysinternals.com - C:\DOCUME~1\HP_PRO~1\LOCALS~1\Temp\OCBNEXFH.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Fichiers communs\PCSuite\Services\ServiceLayer.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:36:13, on 04/11/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\EPSON\EBAPI\eEBSVC.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\cisvc.exe
C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\tcpsvcs.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\SYSTEM32\cidaemon.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\CursorXP\CursorXP.exe
C:\Program Files\SAGEM Wi-Fi USB 802.11g\WLANUTL.exe
C:\Program Files\eMule\emule.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\explorer.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FR_FR&c=Q404&bd=pavilion&pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.bearshare.com/sidebar.html?src=ssb
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = 255.255.255.255
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 255.255.255.255:80
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - <default> - (no file)
R3 - URLSearchHook: (no name) - {1BB22D38-A411-4B13-A746-C2A4F4EC7344} - (no file)
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (file missing)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: MSVPS System - {077F45D5-5CC9-4FC8-A7BB-9D79836A6066} - C:\WINDOWS\movctrlnkd.dll
O2 - BHO: (no name) - {549B5CA7-4A86-11D7-A4DF-000874180BB3} - (no file)
O2 - BHO: (no name) - {65D5A3B2-859E-42F5-AE9E-BC6D7EC1B0EB} - C:\WINDOWS\system32\VBA232.DLL (file missing)
O2 - BHO: SpamBlockerUtility - {74CC49F7-EB32-4A08-B204-948962A6E3DB} - C:\Program Files\SpamBlockerUtility\Bin\4.8.0.0\SbHostIE.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: (no name) - {8bf5b8fc-11cb-409f-8c91-4d4ca04a1b6d} - C:\Program Files\VideoKeyCodec\isaddon.dll (file missing)
O2 - BHO: ADefaultSearch Class - {944864A5-3916-46E2-96A9-A2E84F3F1208} - C:\Program Files\Accoona\ASearchAssist.dll (file missing)
O2 - BHO: BHO pour Compagnon Web Encarta - {955BE0B8-BC85-4CAF-856E-8E0D8B610560} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Web Companion\2007\ENCWCBAR.DLL
O2 - BHO: (no name) - {B7531CF3-3DBE-4D68-BED9-E3697F3CDC9B} - C:\WINDOWS\system32\dplay32.dll (file missing)
O2 - BHO: (no name) - {C2EA6A7E-79FC-4CFB-90E4-898C742B44C5} - C:\WINDOWS\system32\mobsyncd.dll (file missing)
O2 - BHO: TGTSoft Explorer Toolbar Changer - {C333CF63-767F-4831-94AC-E683D962C63C} - C:\Program Files\TGTSoft\StyleXP\TGT_BHO.dll
O2 - BHO: (no name) - {F3E3A0A8-906B-47D7-8E5E-8C7F1D3C0BDC} - C:\WINDOWS\system32\ulib32.dll (file missing)
O2 - BHO: XBTP01621 - {F6104497-54FD-4688-9162-5115CC8AB0FB} - C:\PROGRA~1\BEARSH~2\BEARSH~2\MediaBar.dll (file missing)
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
O3 - Toolbar: Vue HP - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll
O3 - Toolbar: SpamBlockerUtility - {74CC49F7-EB32-4A08-B204-948962A6E3DB} - C:\Program Files\SpamBlockerUtility\Bin\4.8.0.0\SbHostIE.dll (file missing)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (file missing)
O3 - Toolbar: (no name) - {1a29a79a-b9c8-44a9-bedf-7fadde3cf33f} - (no file)
O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)
O3 - Toolbar: BearShare MediaBar - {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - C:\Program Files\BearShare applications\BearShare MediaBar\MediaBar.dll (file missing)
O3 - Toolbar: Compagnon Web Encarta - {147D6308-0614-4112-89B1-31402F9B82C4} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Web Companion\2007\ENCWCBAR.DLL
O3 - Toolbar: (no name) - {AC9BBDB2-8FCD-49C8-96F7-CC3CF7B453CD} - (no file)
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Explorer] C:\WINDOWS\system32\expIorer.exe
O4 - HKLM\..\Run: [HPHUPD06] c:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe
O4 - HKLM\..\Run: [h3yb0y] C:\WINDOWS\SYSTEM32\DRIVERS\etc\LSASS.exe C:\WINDOWS\SYSTEM32\DRIVERS\etc\service.exe C:\WINDOWS\SYSTEM32\DRIVERS\etc\conf.dll
O4 - HKLM\..\Run: [h3yb0y1] C:\WINDOWS\SYSTEM32\DRIVERS\etc\LSASS.exe C:\WINDOWS\SYSTEM32\DRIVERS\etc\system.exe C:\WINDOWS\SYSTEM32\DRIVERS\etc\serv-u.ini
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [helpr] C:\Program Files\SETI\helper.exe -loader -nolog
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [HPHmon06] C:\WINDOWS\system32\hphmon06.exe
O4 - HKLM\..\Run: [EPSON Stylus CX3200] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE /P19 "EPSON Stylus CX3200" /O6 "USB001" /M "Stylus CX3200"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKCU\..\Run: [PCShield] regsvr32 /s "C:\WINDOWS\system32\sfg.dll"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [STYLEXP] C:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide
O4 - HKCU\..\Run: [L07FXLRD_674447171] "C:\Program Files\Microsoft Etudes\Microsoft Encarta 2007 - Études DVD\EDICT.EXE" -m
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [Philips Intelligent Agent] "C:\Program Files\Philips Intelligent Agent\Philips Intelligent Agent.exe" /SILENT
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [CursorXP] C:\Program Files\CursorXP\CursorXP.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - Startup: Utilitaire réseau pour SAGEM Wi-Fi 11g USB adapter.lnk = ?
O8 - Extra context menu item: Télécharger avec FlashGet - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: Télécharger tout avec FlashGet - C:\Program Files\FlashGet\jc_all.htm
O9 - Extra button: Barre de recherche Encarta - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe (file missing)
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe (file missing)
O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe (file missing)
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by16fd.bay16.hotmail.msn.com/resources/MsnPUpld.cab
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.5.0) - http://javadl-esd.sun.com/update/1.5.0/jinstall-1_5_0_11-windows-i586-jc.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{0715969B-283B-4E93-8F2C-A4343706CA61}: NameServer = 85.155.115.94,85.155.118.94
O17 - HKLM\System\CCS\Services\Tcpip\..\{14DCEE1F-2437-4031-BA4A-C5A1D2178B73}: NameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{A4936D06-CABB-4B7A-B4A3-C8CD91583420}: NameServer = 85.255.115.94,85.255.112.24
O17 - HKLM\System\CCS\Services\Tcpip\..\{D76BD333-1E83-4E68-AF63-C008CBBC9822}: NameServer = 85.255.115.94,85.255.112.24
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.115.94 85.255.112.24
O17 - HKLM\System\CS1\Services\Tcpip\..\{0715969B-283B-4E93-8F2C-A4343706CA61}: NameServer = 85.255.115.94,85.255.112.24
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 85.255.115.94 85.255.112.24
O17 - HKLM\System\CS2\Services\Tcpip\..\{0715969B-283B-4E93-8F2C-A4343706CA61}: NameServer = 85.255.115.94,85.255.112.24
O17 - HKLM\System\CS3\Services\Tcpip\Parameters: NameServer = 85.255.115.94 85.255.112.24
O17 - HKLM\System\CS3\Services\Tcpip\..\{0715969B-283B-4E93-8F2C-A4343706CA61}: NameServer = 85.255.115.94,85.255.112.24
O17 - HKLM\System\CS4\Services\Tcpip\Parameters: NameServer = 85.255.115.94 85.255.112.24
O17 - HKLM\System\CS4\Services\Tcpip\..\{0715969B-283B-4E93-8F2C-A4343706CA61}: NameServer = 85.255.115.94,85.255.112.24
O17 - HKLM\System\CS5\Services\Tcpip\Parameters: NameServer = 85.255.115.94 85.255.112.24
O17 - HKLM\System\CS5\Services\Tcpip\..\{0715969B-283B-4E93-8F2C-A4343706CA61}: NameServer = 85.155.115.94,85.155.118.94
O17 - HKLM\System\CS6\Services\Tcpip\Parameters: NameServer = 85.255.115.94 85.255.112.24
O17 - HKLM\System\CS6\Services\Tcpip\..\{0715969B-283B-4E93-8F2C-A4343706CA61}: NameServer = 85.155.115.94,85.155.118.94
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.115.94 85.255.112.24
O18 - Filter hijack: text/html - {03974811-C15F-462c-B6B0-2D2336AA57D0} - C:\WINDOWS\system32\hlwin.dll
O20 - AppInit_DLLs: . 3 SF3.DLL,noxizaca.dll C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O21 - SSODL: bxsbang - {D117607A-ED64-4810-9909-CD719374EE12} - C:\WINDOWS\bxsbang.dll
O21 - SSODL: ocgrep - {8FFDD5BE-033D-4645-89DD-F81933FEDE44} - C:\WINDOWS\ocgrep.dll (file missing)
O21 - SSODL: msmhost - {15FFDB8C-56FB-4F8A-B706-B188429645AA} - C:\WINDOWS\msmhost.dll
O21 - SSODL: msmdev - {DB0855E8-80B3-44FE-B65C-8C23E45D0C0B} - C:\WINDOWS\msmdev.dll (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Boonty Games - Unknown owner - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe (file missing)
O23 - Service: EpsonBidirectionalService - Unknown owner - C:\Program Files\Fichiers communs\EPSON\EBAPI\eEBSVC.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Unknown owner - C:\Program Files\iPod\bin\iPodService.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: Noxizac Service (NoxizacSrv) - Unknown owner - C:\WINDOWS\system32\noxizac.exe (file missing)
O23 - Service: NTLOAD - Unknown owner - c:\windows\system32\dllcache\win32\winlogon.exe
O23 - Service: NTSVCMGR - Unknown owner - c:\windows\system32\dllcache\win32\winlogon.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: OCBNEXFH - Sysinternals - www.sysinternals.com - C:\DOCUME~1\HP_PRO~1\LOCALS~1\Temp\OCBNEXFH.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Fichiers communs\PCSuite\Services\ServiceLayer.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
Regis59
Messages postés
21143
Date d'inscription
mardi 27 juin 2006
Statut
Contributeur sécurité
Dernière intervention
22 juin 2016
1 321
4 nov. 2007 à 21:58
4 nov. 2007 à 21:58
Ok. Très infecté, fais attention ou tu surfes (sites X...)
Télécharge ceci: (merci a S!RI pour ce programme).
http://siri.urz.free.fr/Fix/SmitfraudFix.exe
Exécute le Smitfraudfix.exe et choisit l’option 1, il va générer un rapport
Copie/colle le sur le poste stp.
----------------------------------------------------------------------------
Démarre en mode sans échec :
Pour cela, tu tapotes la touche F8 dès le début de l’allumage du pc sans t’arrêter
Une fenêtre va s’ouvrir tu te déplaces avec les flèches du clavier sur démarrer en mode sans échec puis tape entrée.
Une fois sur le bureau s’il n’y a pas toutes les couleurs et autres c’est normal !
(Si F8 ne marche pas utilise la touche F5).
----------------------------------------------------------------------------
Relance le programme Smitfraud,
Cette fois choisit l’option 2, répond oui a tous ;
Sauvegarde le rapport, Redémarre en mode normal, copie/colle le rapport sauvegardé sur le forum
A+
Télécharge ceci: (merci a S!RI pour ce programme).
http://siri.urz.free.fr/Fix/SmitfraudFix.exe
Exécute le Smitfraudfix.exe et choisit l’option 1, il va générer un rapport
Copie/colle le sur le poste stp.
----------------------------------------------------------------------------
Démarre en mode sans échec :
Pour cela, tu tapotes la touche F8 dès le début de l’allumage du pc sans t’arrêter
Une fenêtre va s’ouvrir tu te déplaces avec les flèches du clavier sur démarrer en mode sans échec puis tape entrée.
Une fois sur le bureau s’il n’y a pas toutes les couleurs et autres c’est normal !
(Si F8 ne marche pas utilise la touche F5).
----------------------------------------------------------------------------
Relance le programme Smitfraud,
Cette fois choisit l’option 2, répond oui a tous ;
Sauvegarde le rapport, Redémarre en mode normal, copie/colle le rapport sauvegardé sur le forum
A+
ok voici le rappor de smitfraudfix :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:36:13, on 04/11/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\EPSON\EBAPI\eEBSVC.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\cisvc.exe
C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\tcpsvcs.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\SYSTEM32\cidaemon.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\CursorXP\CursorXP.exe
C:\Program Files\SAGEM Wi-Fi USB 802.11g\WLANUTL.exe
C:\Program Files\eMule\emule.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\explorer.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FR_FR&c=Q404&bd=pavilion&pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.bearshare.com/sidebar.html?src=ssb
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = 255.255.255.255
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 255.255.255.255:80
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - <default> - (no file)
R3 - URLSearchHook: (no name) - {1BB22D38-A411-4B13-A746-C2A4F4EC7344} - (no file)
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (file missing)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: MSVPS System - {077F45D5-5CC9-4FC8-A7BB-9D79836A6066} - C:\WINDOWS\movctrlnkd.dll
O2 - BHO: (no name) - {549B5CA7-4A86-11D7-A4DF-000874180BB3} - (no file)
O2 - BHO: (no name) - {65D5A3B2-859E-42F5-AE9E-BC6D7EC1B0EB} - C:\WINDOWS\system32\VBA232.DLL (file missing)
O2 - BHO: SpamBlockerUtility - {74CC49F7-EB32-4A08-B204-948962A6E3DB} - C:\Program Files\SpamBlockerUtility\Bin\4.8.0.0\SbHostIE.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: (no name) - {8bf5b8fc-11cb-409f-8c91-4d4ca04a1b6d} - C:\Program Files\VideoKeyCodec\isaddon.dll (file missing)
O2 - BHO: ADefaultSearch Class - {944864A5-3916-46E2-96A9-A2E84F3F1208} - C:\Program Files\Accoona\ASearchAssist.dll (file missing)
O2 - BHO: BHO pour Compagnon Web Encarta - {955BE0B8-BC85-4CAF-856E-8E0D8B610560} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Web Companion\2007\ENCWCBAR.DLL
O2 - BHO: (no name) - {B7531CF3-3DBE-4D68-BED9-E3697F3CDC9B} - C:\WINDOWS\system32\dplay32.dll (file missing)
O2 - BHO: (no name) - {C2EA6A7E-79FC-4CFB-90E4-898C742B44C5} - C:\WINDOWS\system32\mobsyncd.dll (file missing)
O2 - BHO: TGTSoft Explorer Toolbar Changer - {C333CF63-767F-4831-94AC-E683D962C63C} - C:\Program Files\TGTSoft\StyleXP\TGT_BHO.dll
O2 - BHO: (no name) - {F3E3A0A8-906B-47D7-8E5E-8C7F1D3C0BDC} - C:\WINDOWS\system32\ulib32.dll (file missing)
O2 - BHO: XBTP01621 - {F6104497-54FD-4688-9162-5115CC8AB0FB} - C:\PROGRA~1\BEARSH~2\BEARSH~2\MediaBar.dll (file missing)
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
O3 - Toolbar: Vue HP - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll
O3 - Toolbar: SpamBlockerUtility - {74CC49F7-EB32-4A08-B204-948962A6E3DB} - C:\Program Files\SpamBlockerUtility\Bin\4.8.0.0\SbHostIE.dll (file missing)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (file missing)
O3 - Toolbar: (no name) - {1a29a79a-b9c8-44a9-bedf-7fadde3cf33f} - (no file)
O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)
O3 - Toolbar: BearShare MediaBar - {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - C:\Program Files\BearShare applications\BearShare MediaBar\MediaBar.dll (file missing)
O3 - Toolbar: Compagnon Web Encarta - {147D6308-0614-4112-89B1-31402F9B82C4} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Web Companion\2007\ENCWCBAR.DLL
O3 - Toolbar: (no name) - {AC9BBDB2-8FCD-49C8-96F7-CC3CF7B453CD} - (no file)
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Explorer] C:\WINDOWS\system32\expIorer.exe
O4 - HKLM\..\Run: [HPHUPD06] c:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe
O4 - HKLM\..\Run: [h3yb0y] C:\WINDOWS\SYSTEM32\DRIVERS\etc\LSASS.exe C:\WINDOWS\SYSTEM32\DRIVERS\etc\service.exe C:\WINDOWS\SYSTEM32\DRIVERS\etc\conf.dll
O4 - HKLM\..\Run: [h3yb0y1] C:\WINDOWS\SYSTEM32\DRIVERS\etc\LSASS.exe C:\WINDOWS\SYSTEM32\DRIVERS\etc\system.exe C:\WINDOWS\SYSTEM32\DRIVERS\etc\serv-u.ini
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [helpr] C:\Program Files\SETI\helper.exe -loader -nolog
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [HPHmon06] C:\WINDOWS\system32\hphmon06.exe
O4 - HKLM\..\Run: [EPSON Stylus CX3200] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE /P19 "EPSON Stylus CX3200" /O6 "USB001" /M "Stylus CX3200"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKCU\..\Run: [PCShield] regsvr32 /s "C:\WINDOWS\system32\sfg.dll"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [STYLEXP] C:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide
O4 - HKCU\..\Run: [L07FXLRD_674447171] "C:\Program Files\Microsoft Etudes\Microsoft Encarta 2007 - Études DVD\EDICT.EXE" -m
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [Philips Intelligent Agent] "C:\Program Files\Philips Intelligent Agent\Philips Intelligent Agent.exe" /SILENT
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [CursorXP] C:\Program Files\CursorXP\CursorXP.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - Startup: Utilitaire réseau pour SAGEM Wi-Fi 11g USB adapter.lnk = ?
O8 - Extra context menu item: Télécharger avec FlashGet - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: Télécharger tout avec FlashGet - C:\Program Files\FlashGet\jc_all.htm
O9 - Extra button: Barre de recherche Encarta - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe (file missing)
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe (file missing)
O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe (file missing)
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by16fd.bay16.hotmail.msn.com/resources/MsnPUpld.cab
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.5.0) - http://javadl-esd.sun.com/update/1.5.0/jinstall-1_5_0_11-windows-i586-jc.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{0715969B-283B-4E93-8F2C-A4343706CA61}: NameServer = 85.155.115.94,85.155.118.94
O17 - HKLM\System\CCS\Services\Tcpip\..\{14DCEE1F-2437-4031-BA4A-C5A1D2178B73}: NameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{A4936D06-CABB-4B7A-B4A3-C8CD91583420}: NameServer = 85.255.115.94,85.255.112.24
O17 - HKLM\System\CCS\Services\Tcpip\..\{D76BD333-1E83-4E68-AF63-C008CBBC9822}: NameServer = 85.255.115.94,85.255.112.24
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.115.94 85.255.112.24
O17 - HKLM\System\CS1\Services\Tcpip\..\{0715969B-283B-4E93-8F2C-A4343706CA61}: NameServer = 85.255.115.94,85.255.112.24
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 85.255.115.94 85.255.112.24
O17 - HKLM\System\CS2\Services\Tcpip\..\{0715969B-283B-4E93-8F2C-A4343706CA61}: NameServer = 85.255.115.94,85.255.112.24
O17 - HKLM\System\CS3\Services\Tcpip\Parameters: NameServer = 85.255.115.94 85.255.112.24
O17 - HKLM\System\CS3\Services\Tcpip\..\{0715969B-283B-4E93-8F2C-A4343706CA61}: NameServer = 85.255.115.94,85.255.112.24
O17 - HKLM\System\CS4\Services\Tcpip\Parameters: NameServer = 85.255.115.94 85.255.112.24
O17 - HKLM\System\CS4\Services\Tcpip\..\{0715969B-283B-4E93-8F2C-A4343706CA61}: NameServer = 85.255.115.94,85.255.112.24
O17 - HKLM\System\CS5\Services\Tcpip\Parameters: NameServer = 85.255.115.94 85.255.112.24
O17 - HKLM\System\CS5\Services\Tcpip\..\{0715969B-283B-4E93-8F2C-A4343706CA61}: NameServer = 85.155.115.94,85.155.118.94
O17 - HKLM\System\CS6\Services\Tcpip\Parameters: NameServer = 85.255.115.94 85.255.112.24
O17 - HKLM\System\CS6\Services\Tcpip\..\{0715969B-283B-4E93-8F2C-A4343706CA61}: NameServer = 85.155.115.94,85.155.118.94
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.115.94 85.255.112.24
O18 - Filter hijack: text/html - {03974811-C15F-462c-B6B0-2D2336AA57D0} - C:\WINDOWS\system32\hlwin.dll
O20 - AppInit_DLLs: . 3 SF3.DLL,noxizaca.dll C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O21 - SSODL: bxsbang - {D117607A-ED64-4810-9909-CD719374EE12} - C:\WINDOWS\bxsbang.dll
O21 - SSODL: ocgrep - {8FFDD5BE-033D-4645-89DD-F81933FEDE44} - C:\WINDOWS\ocgrep.dll (file missing)
O21 - SSODL: msmhost - {15FFDB8C-56FB-4F8A-B706-B188429645AA} - C:\WINDOWS\msmhost.dll
O21 - SSODL: msmdev - {DB0855E8-80B3-44FE-B65C-8C23E45D0C0B} - C:\WINDOWS\msmdev.dll (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Boonty Games - Unknown owner - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe (file missing)
O23 - Service: EpsonBidirectionalService - Unknown owner - C:\Program Files\Fichiers communs\EPSON\EBAPI\eEBSVC.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Unknown owner - C:\Program Files\iPod\bin\iPodService.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: Noxizac Service (NoxizacSrv) - Unknown owner - C:\WINDOWS\system32\noxizac.exe (file missing)
O23 - Service: NTLOAD - Unknown owner - c:\windows\system32\dllcache\win32\winlogon.exe
O23 - Service: NTSVCMGR - Unknown owner - c:\windows\system32\dllcache\win32\winlogon.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: OCBNEXFH - Sysinternals - www.sysinternals.com - C:\DOCUME~1\HP_PRO~1\LOCALS~1\Temp\OCBNEXFH.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Fichiers communs\PCSuite\Services\ServiceLayer.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:36:13, on 04/11/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\EPSON\EBAPI\eEBSVC.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\cisvc.exe
C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\tcpsvcs.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\SYSTEM32\cidaemon.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\CursorXP\CursorXP.exe
C:\Program Files\SAGEM Wi-Fi USB 802.11g\WLANUTL.exe
C:\Program Files\eMule\emule.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\explorer.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FR_FR&c=Q404&bd=pavilion&pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.bearshare.com/sidebar.html?src=ssb
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = 255.255.255.255
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 255.255.255.255:80
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - <default> - (no file)
R3 - URLSearchHook: (no name) - {1BB22D38-A411-4B13-A746-C2A4F4EC7344} - (no file)
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (file missing)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: MSVPS System - {077F45D5-5CC9-4FC8-A7BB-9D79836A6066} - C:\WINDOWS\movctrlnkd.dll
O2 - BHO: (no name) - {549B5CA7-4A86-11D7-A4DF-000874180BB3} - (no file)
O2 - BHO: (no name) - {65D5A3B2-859E-42F5-AE9E-BC6D7EC1B0EB} - C:\WINDOWS\system32\VBA232.DLL (file missing)
O2 - BHO: SpamBlockerUtility - {74CC49F7-EB32-4A08-B204-948962A6E3DB} - C:\Program Files\SpamBlockerUtility\Bin\4.8.0.0\SbHostIE.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: (no name) - {8bf5b8fc-11cb-409f-8c91-4d4ca04a1b6d} - C:\Program Files\VideoKeyCodec\isaddon.dll (file missing)
O2 - BHO: ADefaultSearch Class - {944864A5-3916-46E2-96A9-A2E84F3F1208} - C:\Program Files\Accoona\ASearchAssist.dll (file missing)
O2 - BHO: BHO pour Compagnon Web Encarta - {955BE0B8-BC85-4CAF-856E-8E0D8B610560} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Web Companion\2007\ENCWCBAR.DLL
O2 - BHO: (no name) - {B7531CF3-3DBE-4D68-BED9-E3697F3CDC9B} - C:\WINDOWS\system32\dplay32.dll (file missing)
O2 - BHO: (no name) - {C2EA6A7E-79FC-4CFB-90E4-898C742B44C5} - C:\WINDOWS\system32\mobsyncd.dll (file missing)
O2 - BHO: TGTSoft Explorer Toolbar Changer - {C333CF63-767F-4831-94AC-E683D962C63C} - C:\Program Files\TGTSoft\StyleXP\TGT_BHO.dll
O2 - BHO: (no name) - {F3E3A0A8-906B-47D7-8E5E-8C7F1D3C0BDC} - C:\WINDOWS\system32\ulib32.dll (file missing)
O2 - BHO: XBTP01621 - {F6104497-54FD-4688-9162-5115CC8AB0FB} - C:\PROGRA~1\BEARSH~2\BEARSH~2\MediaBar.dll (file missing)
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
O3 - Toolbar: Vue HP - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll
O3 - Toolbar: SpamBlockerUtility - {74CC49F7-EB32-4A08-B204-948962A6E3DB} - C:\Program Files\SpamBlockerUtility\Bin\4.8.0.0\SbHostIE.dll (file missing)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (file missing)
O3 - Toolbar: (no name) - {1a29a79a-b9c8-44a9-bedf-7fadde3cf33f} - (no file)
O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)
O3 - Toolbar: BearShare MediaBar - {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - C:\Program Files\BearShare applications\BearShare MediaBar\MediaBar.dll (file missing)
O3 - Toolbar: Compagnon Web Encarta - {147D6308-0614-4112-89B1-31402F9B82C4} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Web Companion\2007\ENCWCBAR.DLL
O3 - Toolbar: (no name) - {AC9BBDB2-8FCD-49C8-96F7-CC3CF7B453CD} - (no file)
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Explorer] C:\WINDOWS\system32\expIorer.exe
O4 - HKLM\..\Run: [HPHUPD06] c:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe
O4 - HKLM\..\Run: [h3yb0y] C:\WINDOWS\SYSTEM32\DRIVERS\etc\LSASS.exe C:\WINDOWS\SYSTEM32\DRIVERS\etc\service.exe C:\WINDOWS\SYSTEM32\DRIVERS\etc\conf.dll
O4 - HKLM\..\Run: [h3yb0y1] C:\WINDOWS\SYSTEM32\DRIVERS\etc\LSASS.exe C:\WINDOWS\SYSTEM32\DRIVERS\etc\system.exe C:\WINDOWS\SYSTEM32\DRIVERS\etc\serv-u.ini
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [helpr] C:\Program Files\SETI\helper.exe -loader -nolog
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [HPHmon06] C:\WINDOWS\system32\hphmon06.exe
O4 - HKLM\..\Run: [EPSON Stylus CX3200] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE /P19 "EPSON Stylus CX3200" /O6 "USB001" /M "Stylus CX3200"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKCU\..\Run: [PCShield] regsvr32 /s "C:\WINDOWS\system32\sfg.dll"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [STYLEXP] C:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide
O4 - HKCU\..\Run: [L07FXLRD_674447171] "C:\Program Files\Microsoft Etudes\Microsoft Encarta 2007 - Études DVD\EDICT.EXE" -m
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [Philips Intelligent Agent] "C:\Program Files\Philips Intelligent Agent\Philips Intelligent Agent.exe" /SILENT
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [CursorXP] C:\Program Files\CursorXP\CursorXP.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - Startup: Utilitaire réseau pour SAGEM Wi-Fi 11g USB adapter.lnk = ?
O8 - Extra context menu item: Télécharger avec FlashGet - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: Télécharger tout avec FlashGet - C:\Program Files\FlashGet\jc_all.htm
O9 - Extra button: Barre de recherche Encarta - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe (file missing)
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe (file missing)
O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe (file missing)
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by16fd.bay16.hotmail.msn.com/resources/MsnPUpld.cab
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.5.0) - http://javadl-esd.sun.com/update/1.5.0/jinstall-1_5_0_11-windows-i586-jc.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{0715969B-283B-4E93-8F2C-A4343706CA61}: NameServer = 85.155.115.94,85.155.118.94
O17 - HKLM\System\CCS\Services\Tcpip\..\{14DCEE1F-2437-4031-BA4A-C5A1D2178B73}: NameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{A4936D06-CABB-4B7A-B4A3-C8CD91583420}: NameServer = 85.255.115.94,85.255.112.24
O17 - HKLM\System\CCS\Services\Tcpip\..\{D76BD333-1E83-4E68-AF63-C008CBBC9822}: NameServer = 85.255.115.94,85.255.112.24
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.115.94 85.255.112.24
O17 - HKLM\System\CS1\Services\Tcpip\..\{0715969B-283B-4E93-8F2C-A4343706CA61}: NameServer = 85.255.115.94,85.255.112.24
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 85.255.115.94 85.255.112.24
O17 - HKLM\System\CS2\Services\Tcpip\..\{0715969B-283B-4E93-8F2C-A4343706CA61}: NameServer = 85.255.115.94,85.255.112.24
O17 - HKLM\System\CS3\Services\Tcpip\Parameters: NameServer = 85.255.115.94 85.255.112.24
O17 - HKLM\System\CS3\Services\Tcpip\..\{0715969B-283B-4E93-8F2C-A4343706CA61}: NameServer = 85.255.115.94,85.255.112.24
O17 - HKLM\System\CS4\Services\Tcpip\Parameters: NameServer = 85.255.115.94 85.255.112.24
O17 - HKLM\System\CS4\Services\Tcpip\..\{0715969B-283B-4E93-8F2C-A4343706CA61}: NameServer = 85.255.115.94,85.255.112.24
O17 - HKLM\System\CS5\Services\Tcpip\Parameters: NameServer = 85.255.115.94 85.255.112.24
O17 - HKLM\System\CS5\Services\Tcpip\..\{0715969B-283B-4E93-8F2C-A4343706CA61}: NameServer = 85.155.115.94,85.155.118.94
O17 - HKLM\System\CS6\Services\Tcpip\Parameters: NameServer = 85.255.115.94 85.255.112.24
O17 - HKLM\System\CS6\Services\Tcpip\..\{0715969B-283B-4E93-8F2C-A4343706CA61}: NameServer = 85.155.115.94,85.155.118.94
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.115.94 85.255.112.24
O18 - Filter hijack: text/html - {03974811-C15F-462c-B6B0-2D2336AA57D0} - C:\WINDOWS\system32\hlwin.dll
O20 - AppInit_DLLs: . 3 SF3.DLL,noxizaca.dll C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O21 - SSODL: bxsbang - {D117607A-ED64-4810-9909-CD719374EE12} - C:\WINDOWS\bxsbang.dll
O21 - SSODL: ocgrep - {8FFDD5BE-033D-4645-89DD-F81933FEDE44} - C:\WINDOWS\ocgrep.dll (file missing)
O21 - SSODL: msmhost - {15FFDB8C-56FB-4F8A-B706-B188429645AA} - C:\WINDOWS\msmhost.dll
O21 - SSODL: msmdev - {DB0855E8-80B3-44FE-B65C-8C23E45D0C0B} - C:\WINDOWS\msmdev.dll (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Boonty Games - Unknown owner - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe (file missing)
O23 - Service: EpsonBidirectionalService - Unknown owner - C:\Program Files\Fichiers communs\EPSON\EBAPI\eEBSVC.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Unknown owner - C:\Program Files\iPod\bin\iPodService.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: Noxizac Service (NoxizacSrv) - Unknown owner - C:\WINDOWS\system32\noxizac.exe (file missing)
O23 - Service: NTLOAD - Unknown owner - c:\windows\system32\dllcache\win32\winlogon.exe
O23 - Service: NTSVCMGR - Unknown owner - c:\windows\system32\dllcache\win32\winlogon.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: OCBNEXFH - Sysinternals - www.sysinternals.com - C:\DOCUME~1\HP_PRO~1\LOCALS~1\Temp\OCBNEXFH.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Fichiers communs\PCSuite\Services\ServiceLayer.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
ah... encore un problème... l'ordi veut pas se redémarrer en mode sans échec il charge les fichiers et tout d'un coup y se redémare... pourtant je l'ai déja fait plusieur fois auparavent mais c'est la première fois qu'il ne se rédémarre pas... peux- tu me dire ce que je dois faire stp?? merci d'avance!
Regis59
Messages postés
21143
Date d'inscription
mardi 27 juin 2006
Statut
Contributeur sécurité
Dernière intervention
22 juin 2016
1 321
4 nov. 2007 à 22:55
4 nov. 2007 à 22:55
Déjà; j'atend l'option 1 de Smitfraudfix. suis bien les indications stp.
A+
A+
Oh excuse moi j'ai collé le mauvais rapport celui de l'option 1 est là :
SmitFraudFix v2.248
Rapport fait à 23:04:18.10, 04/11/2007
Executé à partir de C:\Documents and Settings\HP_Propri‚taire\Bureau\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Le type du système de fichiers est NTFS
Fix executé en mode normal
»»»»»»»»»»»»»»»»»»»»»»»» Process
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\EPSON\EBAPI\eEBSVC.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\cisvc.exe
C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\CursorXP\CursorXP.exe
C:\WINDOWS\system32\tcpsvcs.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\SAGEM Wi-Fi USB 802.11g\WLANUTL.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\SYSTEM32\cidaemon.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\cmd.exe
»»»»»»»»»»»»»»»»»»»»»»»» hosts
»»»»»»»»»»»»»»»»»»»»»»»» C:\
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS
C:\WINDOWS\bxsbang.dll PRESENT !
C:\WINDOWS\kthemup.exe PRESENT !
C:\WINDOWS\movctrlnkd.dll PRESENT !
C:\WINDOWS\msmhost.dll PRESENT !
C:\WINDOWS\privacy_danger PRESENT !
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32\LogFiles
»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\HP_Propri‚taire
»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\HP_Propri‚taire\Application Data
»»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer
C:\DOCUME~1\HP_PRO~1\MENUDM~1\PROGRA~1\MovieCommander PRESENT !
»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\HP_PRO~1\Favoris
»»»»»»»»»»»»»»»»»»»»»»»» Bureau
»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files
C:\Program Files\MovieCommander\ PRESENT !
»»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues
»»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]
"Source"="file:///C:\\WINDOWS\\privacy_danger\\index.htm"
"SubscribedURL"=""
"FriendlyName"="Privacy Protection"
»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll
»»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=". 3 SF3.DLL,noxizaca.dll C:\\PROGRA~1\\Google\\GOOGLE~1\\GOEC62~1.DLL"
"LoadAppInit_DLLs"=dword:00000001
»»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"System"="lsass.exe"
»»»»»»»»»»»»»»»»»»»»»»»» Rustock
»»»»»»»»»»»»»»»»»»»»»»»» DNS
Description: Sagem XG703 USB 802.11g - Miniport d'ordonnancement de paquets
DNS Server Search Order: 192.168.1.1
HKLM\SYSTEM\CCS\Services\Tcpip\..\{0715969B-283B-4E93-8F2C-A4343706CA61}: NameServer=85.155.115.94,85.155.118.94
HKLM\SYSTEM\CCS\Services\Tcpip\..\{14DCEE1F-2437-4031-BA4A-C5A1D2178B73}: NameServer=192.168.1.1
HKLM\SYSTEM\CCS\Services\Tcpip\..\{A4936D06-CABB-4B7A-B4A3-C8CD91583420}: DhcpNameServer=85.255.115.94,85.255.112.24
HKLM\SYSTEM\CCS\Services\Tcpip\..\{A4936D06-CABB-4B7A-B4A3-C8CD91583420}: NameServer=85.255.115.94,85.255.112.24
HKLM\SYSTEM\CCS\Services\Tcpip\..\{BCEA4CCD-5AD7-462A-BC53-19A51F9571AC}: DhcpNameServer=85.255.115.94,85.255.112.24
HKLM\SYSTEM\CCS\Services\Tcpip\..\{D76BD333-1E83-4E68-AF63-C008CBBC9822}: NameServer=85.255.115.94,85.255.112.24
HKLM\SYSTEM\CS1\Services\Tcpip\..\{0715969B-283B-4E93-8F2C-A4343706CA61}: DhcpNameServer=85.255.115.94,85.255.112.24
HKLM\SYSTEM\CS1\Services\Tcpip\..\{0715969B-283B-4E93-8F2C-A4343706CA61}: NameServer=85.255.115.94,85.255.112.24
HKLM\SYSTEM\CS1\Services\Tcpip\..\{14DCEE1F-2437-4031-BA4A-C5A1D2178B73}: DhcpNameServer=192.168.1.1 0.0.0.0
HKLM\SYSTEM\CS1\Services\Tcpip\..\{14DCEE1F-2437-4031-BA4A-C5A1D2178B73}: NameServer=85.255.115.94,85.255.112.24
HKLM\SYSTEM\CS1\Services\Tcpip\..\{A4936D06-CABB-4B7A-B4A3-C8CD91583420}: DhcpNameServer=85.255.115.94,85.255.112.24
HKLM\SYSTEM\CS1\Services\Tcpip\..\{A4936D06-CABB-4B7A-B4A3-C8CD91583420}: NameServer=85.255.115.94,85.255.112.24
HKLM\SYSTEM\CS1\Services\Tcpip\..\{A8BD60E3-62AE-4BF3-BE4B-4DD66B50BFFD}: DhcpNameServer=85.255.115.94,85.255.112.24
HKLM\SYSTEM\CS1\Services\Tcpip\..\{A8BD60E3-62AE-4BF3-BE4B-4DD66B50BFFD}: NameServer=85.255.115.94,85.255.112.24
HKLM\SYSTEM\CS1\Services\Tcpip\..\{BCEA4CCD-5AD7-462A-BC53-19A51F9571AC}: DhcpNameServer=85.255.115.94,85.255.112.24
HKLM\SYSTEM\CS1\Services\Tcpip\..\{D76BD333-1E83-4E68-AF63-C008CBBC9822}: DhcpNameServer=85.255.115.94,85.255.112.24
HKLM\SYSTEM\CS1\Services\Tcpip\..\{D76BD333-1E83-4E68-AF63-C008CBBC9822}: NameServer=85.255.115.94,85.255.112.24
HKLM\SYSTEM\CS2\Services\Tcpip\..\{0715969B-283B-4E93-8F2C-A4343706CA61}: DhcpNameServer=85.255.115.94,85.255.112.24
HKLM\SYSTEM\CS2\Services\Tcpip\..\{0715969B-283B-4E93-8F2C-A4343706CA61}: NameServer=85.255.115.94,85.255.112.24
HKLM\SYSTEM\CS2\Services\Tcpip\..\{14DCEE1F-2437-4031-BA4A-C5A1D2178B73}: DhcpNameServer=192.168.1.1 0.0.0.0
HKLM\SYSTEM\CS2\Services\Tcpip\..\{14DCEE1F-2437-4031-BA4A-C5A1D2178B73}: NameServer=85.255.115.94,85.255.112.24
HKLM\SYSTEM\CS2\Services\Tcpip\..\{A4936D06-CABB-4B7A-B4A3-C8CD91583420}: DhcpNameServer=85.255.115.94,85.255.112.24
HKLM\SYSTEM\CS2\Services\Tcpip\..\{A4936D06-CABB-4B7A-B4A3-C8CD91583420}: NameServer=85.255.115.94,85.255.112.24
HKLM\SYSTEM\CS2\Services\Tcpip\..\{A8BD60E3-62AE-4BF3-BE4B-4DD66B50BFFD}: DhcpNameServer=85.255.115.94,85.255.112.24
HKLM\SYSTEM\CS2\Services\Tcpip\..\{A8BD60E3-62AE-4BF3-BE4B-4DD66B50BFFD}: NameServer=85.255.115.94,85.255.112.24
HKLM\SYSTEM\CS2\Services\Tcpip\..\{BCEA4CCD-5AD7-462A-BC53-19A51F9571AC}: DhcpNameServer=85.255.115.94,85.255.112.24
HKLM\SYSTEM\CS2\Services\Tcpip\..\{D76BD333-1E83-4E68-AF63-C008CBBC9822}: DhcpNameServer=85.255.115.94,85.255.112.24
HKLM\SYSTEM\CS2\Services\Tcpip\..\{D76BD333-1E83-4E68-AF63-C008CBBC9822}: NameServer=85.255.115.94,85.255.112.24
HKLM\SYSTEM\CS3\Services\Tcpip\..\{0715969B-283B-4E93-8F2C-A4343706CA61}: DhcpNameServer=85.255.115.94,85.255.112.24
HKLM\SYSTEM\CS3\Services\Tcpip\..\{0715969B-283B-4E93-8F2C-A4343706CA61}: NameServer=85.255.115.94,85.255.112.24
HKLM\SYSTEM\CS3\Services\Tcpip\..\{14DCEE1F-2437-4031-BA4A-C5A1D2178B73}: DhcpNameServer=192.168.1.1 0.0.0.0
HKLM\SYSTEM\CS3\Services\Tcpip\..\{14DCEE1F-2437-4031-BA4A-C5A1D2178B73}: NameServer=85.255.115.94,85.255.112.24
HKLM\SYSTEM\CS3\Services\Tcpip\..\{A4936D06-CABB-4B7A-B4A3-C8CD91583420}: DhcpNameServer=85.255.115.94,85.255.112.24
HKLM\SYSTEM\CS3\Services\Tcpip\..\{A4936D06-CABB-4B7A-B4A3-C8CD91583420}: NameServer=85.255.115.94,85.255.112.24
HKLM\SYSTEM\CS3\Services\Tcpip\..\{A8BD60E3-62AE-4BF3-BE4B-4DD66B50BFFD}: DhcpNameServer=85.255.115.94,85.255.112.24
HKLM\SYSTEM\CS3\Services\Tcpip\..\{A8BD60E3-62AE-4BF3-BE4B-4DD66B50BFFD}: NameServer=85.255.115.94,85.255.112.24
HKLM\SYSTEM\CS3\Services\Tcpip\..\{BCEA4CCD-5AD7-462A-BC53-19A51F9571AC}: DhcpNameServer=85.255.115.94,85.255.112.24
HKLM\SYSTEM\CS3\Services\Tcpip\..\{D76BD333-1E83-4E68-AF63-C008CBBC9822}: DhcpNameServer=85.255.115.94,85.255.112.24
HKLM\SYSTEM\CS3\Services\Tcpip\..\{D76BD333-1E83-4E68-AF63-C008CBBC9822}: NameServer=85.255.115.94,85.255.112.24
HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: NameServer=85.255.115.94 85.255.112.24
HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1 0.0.0.0
HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: NameServer=85.255.115.94 85.255.112.24
HKLM\SYSTEM\CS2\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1 0.0.0.0
HKLM\SYSTEM\CS2\Services\Tcpip\Parameters: NameServer=85.255.115.94 85.255.112.24
HKLM\SYSTEM\CS3\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1 0.0.0.0
HKLM\SYSTEM\CS3\Services\Tcpip\Parameters: NameServer=85.255.115.94 85.255.112.24
»»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll
»»»»»»»»»»»»»»»»»»»»»»»» Fin
Désolé de m'être trompé...
SmitFraudFix v2.248
Rapport fait à 23:04:18.10, 04/11/2007
Executé à partir de C:\Documents and Settings\HP_Propri‚taire\Bureau\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Le type du système de fichiers est NTFS
Fix executé en mode normal
»»»»»»»»»»»»»»»»»»»»»»»» Process
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\EPSON\EBAPI\eEBSVC.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\cisvc.exe
C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\CursorXP\CursorXP.exe
C:\WINDOWS\system32\tcpsvcs.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\SAGEM Wi-Fi USB 802.11g\WLANUTL.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\SYSTEM32\cidaemon.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\cmd.exe
»»»»»»»»»»»»»»»»»»»»»»»» hosts
»»»»»»»»»»»»»»»»»»»»»»»» C:\
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS
C:\WINDOWS\bxsbang.dll PRESENT !
C:\WINDOWS\kthemup.exe PRESENT !
C:\WINDOWS\movctrlnkd.dll PRESENT !
C:\WINDOWS\msmhost.dll PRESENT !
C:\WINDOWS\privacy_danger PRESENT !
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32\LogFiles
»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\HP_Propri‚taire
»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\HP_Propri‚taire\Application Data
»»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer
C:\DOCUME~1\HP_PRO~1\MENUDM~1\PROGRA~1\MovieCommander PRESENT !
»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\HP_PRO~1\Favoris
»»»»»»»»»»»»»»»»»»»»»»»» Bureau
»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files
C:\Program Files\MovieCommander\ PRESENT !
»»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues
»»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]
"Source"="file:///C:\\WINDOWS\\privacy_danger\\index.htm"
"SubscribedURL"=""
"FriendlyName"="Privacy Protection"
»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll
»»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=". 3 SF3.DLL,noxizaca.dll C:\\PROGRA~1\\Google\\GOOGLE~1\\GOEC62~1.DLL"
"LoadAppInit_DLLs"=dword:00000001
»»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"System"="lsass.exe"
»»»»»»»»»»»»»»»»»»»»»»»» Rustock
»»»»»»»»»»»»»»»»»»»»»»»» DNS
Description: Sagem XG703 USB 802.11g - Miniport d'ordonnancement de paquets
DNS Server Search Order: 192.168.1.1
HKLM\SYSTEM\CCS\Services\Tcpip\..\{0715969B-283B-4E93-8F2C-A4343706CA61}: NameServer=85.155.115.94,85.155.118.94
HKLM\SYSTEM\CCS\Services\Tcpip\..\{14DCEE1F-2437-4031-BA4A-C5A1D2178B73}: NameServer=192.168.1.1
HKLM\SYSTEM\CCS\Services\Tcpip\..\{A4936D06-CABB-4B7A-B4A3-C8CD91583420}: DhcpNameServer=85.255.115.94,85.255.112.24
HKLM\SYSTEM\CCS\Services\Tcpip\..\{A4936D06-CABB-4B7A-B4A3-C8CD91583420}: NameServer=85.255.115.94,85.255.112.24
HKLM\SYSTEM\CCS\Services\Tcpip\..\{BCEA4CCD-5AD7-462A-BC53-19A51F9571AC}: DhcpNameServer=85.255.115.94,85.255.112.24
HKLM\SYSTEM\CCS\Services\Tcpip\..\{D76BD333-1E83-4E68-AF63-C008CBBC9822}: NameServer=85.255.115.94,85.255.112.24
HKLM\SYSTEM\CS1\Services\Tcpip\..\{0715969B-283B-4E93-8F2C-A4343706CA61}: DhcpNameServer=85.255.115.94,85.255.112.24
HKLM\SYSTEM\CS1\Services\Tcpip\..\{0715969B-283B-4E93-8F2C-A4343706CA61}: NameServer=85.255.115.94,85.255.112.24
HKLM\SYSTEM\CS1\Services\Tcpip\..\{14DCEE1F-2437-4031-BA4A-C5A1D2178B73}: DhcpNameServer=192.168.1.1 0.0.0.0
HKLM\SYSTEM\CS1\Services\Tcpip\..\{14DCEE1F-2437-4031-BA4A-C5A1D2178B73}: NameServer=85.255.115.94,85.255.112.24
HKLM\SYSTEM\CS1\Services\Tcpip\..\{A4936D06-CABB-4B7A-B4A3-C8CD91583420}: DhcpNameServer=85.255.115.94,85.255.112.24
HKLM\SYSTEM\CS1\Services\Tcpip\..\{A4936D06-CABB-4B7A-B4A3-C8CD91583420}: NameServer=85.255.115.94,85.255.112.24
HKLM\SYSTEM\CS1\Services\Tcpip\..\{A8BD60E3-62AE-4BF3-BE4B-4DD66B50BFFD}: DhcpNameServer=85.255.115.94,85.255.112.24
HKLM\SYSTEM\CS1\Services\Tcpip\..\{A8BD60E3-62AE-4BF3-BE4B-4DD66B50BFFD}: NameServer=85.255.115.94,85.255.112.24
HKLM\SYSTEM\CS1\Services\Tcpip\..\{BCEA4CCD-5AD7-462A-BC53-19A51F9571AC}: DhcpNameServer=85.255.115.94,85.255.112.24
HKLM\SYSTEM\CS1\Services\Tcpip\..\{D76BD333-1E83-4E68-AF63-C008CBBC9822}: DhcpNameServer=85.255.115.94,85.255.112.24
HKLM\SYSTEM\CS1\Services\Tcpip\..\{D76BD333-1E83-4E68-AF63-C008CBBC9822}: NameServer=85.255.115.94,85.255.112.24
HKLM\SYSTEM\CS2\Services\Tcpip\..\{0715969B-283B-4E93-8F2C-A4343706CA61}: DhcpNameServer=85.255.115.94,85.255.112.24
HKLM\SYSTEM\CS2\Services\Tcpip\..\{0715969B-283B-4E93-8F2C-A4343706CA61}: NameServer=85.255.115.94,85.255.112.24
HKLM\SYSTEM\CS2\Services\Tcpip\..\{14DCEE1F-2437-4031-BA4A-C5A1D2178B73}: DhcpNameServer=192.168.1.1 0.0.0.0
HKLM\SYSTEM\CS2\Services\Tcpip\..\{14DCEE1F-2437-4031-BA4A-C5A1D2178B73}: NameServer=85.255.115.94,85.255.112.24
HKLM\SYSTEM\CS2\Services\Tcpip\..\{A4936D06-CABB-4B7A-B4A3-C8CD91583420}: DhcpNameServer=85.255.115.94,85.255.112.24
HKLM\SYSTEM\CS2\Services\Tcpip\..\{A4936D06-CABB-4B7A-B4A3-C8CD91583420}: NameServer=85.255.115.94,85.255.112.24
HKLM\SYSTEM\CS2\Services\Tcpip\..\{A8BD60E3-62AE-4BF3-BE4B-4DD66B50BFFD}: DhcpNameServer=85.255.115.94,85.255.112.24
HKLM\SYSTEM\CS2\Services\Tcpip\..\{A8BD60E3-62AE-4BF3-BE4B-4DD66B50BFFD}: NameServer=85.255.115.94,85.255.112.24
HKLM\SYSTEM\CS2\Services\Tcpip\..\{BCEA4CCD-5AD7-462A-BC53-19A51F9571AC}: DhcpNameServer=85.255.115.94,85.255.112.24
HKLM\SYSTEM\CS2\Services\Tcpip\..\{D76BD333-1E83-4E68-AF63-C008CBBC9822}: DhcpNameServer=85.255.115.94,85.255.112.24
HKLM\SYSTEM\CS2\Services\Tcpip\..\{D76BD333-1E83-4E68-AF63-C008CBBC9822}: NameServer=85.255.115.94,85.255.112.24
HKLM\SYSTEM\CS3\Services\Tcpip\..\{0715969B-283B-4E93-8F2C-A4343706CA61}: DhcpNameServer=85.255.115.94,85.255.112.24
HKLM\SYSTEM\CS3\Services\Tcpip\..\{0715969B-283B-4E93-8F2C-A4343706CA61}: NameServer=85.255.115.94,85.255.112.24
HKLM\SYSTEM\CS3\Services\Tcpip\..\{14DCEE1F-2437-4031-BA4A-C5A1D2178B73}: DhcpNameServer=192.168.1.1 0.0.0.0
HKLM\SYSTEM\CS3\Services\Tcpip\..\{14DCEE1F-2437-4031-BA4A-C5A1D2178B73}: NameServer=85.255.115.94,85.255.112.24
HKLM\SYSTEM\CS3\Services\Tcpip\..\{A4936D06-CABB-4B7A-B4A3-C8CD91583420}: DhcpNameServer=85.255.115.94,85.255.112.24
HKLM\SYSTEM\CS3\Services\Tcpip\..\{A4936D06-CABB-4B7A-B4A3-C8CD91583420}: NameServer=85.255.115.94,85.255.112.24
HKLM\SYSTEM\CS3\Services\Tcpip\..\{A8BD60E3-62AE-4BF3-BE4B-4DD66B50BFFD}: DhcpNameServer=85.255.115.94,85.255.112.24
HKLM\SYSTEM\CS3\Services\Tcpip\..\{A8BD60E3-62AE-4BF3-BE4B-4DD66B50BFFD}: NameServer=85.255.115.94,85.255.112.24
HKLM\SYSTEM\CS3\Services\Tcpip\..\{BCEA4CCD-5AD7-462A-BC53-19A51F9571AC}: DhcpNameServer=85.255.115.94,85.255.112.24
HKLM\SYSTEM\CS3\Services\Tcpip\..\{D76BD333-1E83-4E68-AF63-C008CBBC9822}: DhcpNameServer=85.255.115.94,85.255.112.24
HKLM\SYSTEM\CS3\Services\Tcpip\..\{D76BD333-1E83-4E68-AF63-C008CBBC9822}: NameServer=85.255.115.94,85.255.112.24
HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: NameServer=85.255.115.94 85.255.112.24
HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1 0.0.0.0
HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: NameServer=85.255.115.94 85.255.112.24
HKLM\SYSTEM\CS2\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1 0.0.0.0
HKLM\SYSTEM\CS2\Services\Tcpip\Parameters: NameServer=85.255.115.94 85.255.112.24
HKLM\SYSTEM\CS3\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1 0.0.0.0
HKLM\SYSTEM\CS3\Services\Tcpip\Parameters: NameServer=85.255.115.94 85.255.112.24
»»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll
»»»»»»»»»»»»»»»»»»»»»»»» Fin
Désolé de m'être trompé...
Regis59
Messages postés
21143
Date d'inscription
mardi 27 juin 2006
Statut
Contributeur sécurité
Dernière intervention
22 juin 2016
1 321
5 nov. 2007 à 11:44
5 nov. 2007 à 11:44
Ok pas de soucis,
Tu me disais que tu n'avais pas accès au Mode Sans Echec?
A+
Tu me disais que tu n'avais pas accès au Mode Sans Echec?
A+
Oui je n'y ai pas accès mais je ne sais pas du tout pourquoi! tous les fichiers se chargent mais après l'ordi se redémarre à nouveau et il ne s'allume qu'en le démarran normalement...
A+
A+
Regis59
Messages postés
21143
Date d'inscription
mardi 27 juin 2006
Statut
Contributeur sécurité
Dernière intervention
22 juin 2016
1 321
5 nov. 2007 à 13:44
5 nov. 2007 à 13:44
Ok
Execute smitfraudfix option 2 en mode normal et copie colle le rapport.
A+
Execute smitfraudfix option 2 en mode normal et copie colle le rapport.
A+
Ok c'est bon je l'ai fait mais un moment il y avait écrit :
"...
Recherche DNS
C:\Documents an Settings\HP_Propriétaire\Bureau\SmitfraudFix\FixDNS.vbs
Erreur d'exécution Microsoft VBScript (214, 3) : Objet requis : ' '
..."
et voila le rapport :
SmitFraudFix v2.248
Rapport fait à 14:35:02.54, 05/11/2007
Executé à partir de C:\Documents and Settings\HP_Propri‚taire\Bureau\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Le type du système de fichiers est NTFS
Fix executé en mode normal
»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Avant SmitFraudFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll
»»»»»»»»»»»»»»»»»»»»»»»» Arret des processus
»»»»»»»»»»»»»»»»»»»»»»»» hosts
127.0.0.1 localhost
127.0.0.1 serial.alcohol-soft.com
127.0.0.1 www.alcohol-soft.com
127.0.0.1 007guard.com
127.0.0.1 www.007guard.com
127.0.0.1 008i.com
127.0.0.1 008k.com
127.0.0.1 www.008k.com
127.0.0.1 00hq.com
127.0.0.1 www.00hq.com
127.0.0.1 010402.com
127.0.0.1 032439.com
127.0.0.1 www.032439.com
127.0.0.1 1001-search.info
127.0.0.1 www.1001-search.info
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 100sexlinks.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
127.0.0.1 123topsearch.com
127.0.0.1 www.123topsearch.com
127.0.0.1 132.com
127.0.0.1 www.132.com
127.0.0.1 136136.net
127.0.0.1 www.136136.net
127.0.0.1 139mm.com
127.0.0.1 www.139mm.com
127.0.0.1 163ns.com
127.0.0.1 www.163ns.com
127.0.0.1 171203.com
127.0.0.1 17-plus.com
127.0.0.1 1800searchonline.com
127.0.0.1 www.1800searchonline.com
127.0.0.1 180searchassistant.com
127.0.0.1 www.180searchassistant.com
127.0.0.1 180solutions.com
127.0.0.1 www.180solutions.com
127.0.0.1 181.365soft.info
127.0.0.1 www.181.365soft.info
127.0.0.1 1987324.com
127.0.0.1 www.1987324.com
127.0.0.1 1-domains-registrations.com
127.0.0.1 www.1-domains-registrations.com
127.0.0.1 1-extreme.biz
127.0.0.1 www.1-extreme.biz
127.0.0.1 1sexparty.com
127.0.0.1 www.1sexparty.com
127.0.0.1 1stantivirus.com
127.0.0.1 www.1stantivirus.com
127.0.0.1 1stpagehere.com
127.0.0.1 www.1stpagehere.com
127.0.0.1 1stsearchportal.com
127.0.0.1 www.1stsearchportal.com
127.0.0.1 2.82211.net
127.0.0.1 www.2006ooo.com
127.0.0.1 2007-download.com
127.0.0.1 www.2007-download.com
127.0.0.1 2020search.com
127.0.0.1 www.2020search.com
127.0.0.1 20x2p.com
127.0.0.1 24.365soft.info
127.0.0.1 www.24.365soft.info
127.0.0.1 24-7pharmacy.info
127.0.0.1 www.24-7pharmacy.info
127.0.0.1 24-7searching-and-more.com
127.0.0.1 www.24-7searching-and-more.com
127.0.0.1 24teen.com
127.0.0.1 www.24teen.com
127.0.0.1 2every.net
127.0.0.1 www.2every.net
127.0.0.1 2ndpower.com
127.0.0.1 2search.com
127.0.0.1 www.2search.com
127.0.0.1 2search.org
127.0.0.1 www.2search.org
127.0.0.1 2squared.com
127.0.0.1 www.2squared.com
127.0.0.1 3322.org
127.0.0.1 www.3322.org
127.0.0.1 365soft.info
127.0.0.1 36site.com
127.0.0.1 www.36site.com
127.0.0.1 3721.com
127.0.0.1 39-93.com
127.0.0.1 3abetterinternet.com
127.0.0.1 www.3abetterinternet.com
127.0.0.1 3bay.it
127.0.0.1 www.3bay.it
127.0.0.1 3ebay.it
127.0.0.1 www.3ebay.it
127.0.0.1 404dns.com
127.0.0.1 www.404dns.com
127.0.0.1 4199.com
127.0.0.1 www.4199.com
127.0.0.1 4corn.net
127.0.0.1 www.4corn.net
127.0.0.1 4ebay.it
127.0.0.1 www.4ebay.it
127.0.0.1 4klm.com
127.0.0.1 4repubblica.it
127.0.0.1 www.4repubblica.it
127.0.0.1 4softget.com
127.0.0.1 www.4softget.com
127.0.0.1 5iscali.it
127.0.0.1 www.5iscali.it
127.0.0.1 5repubblica.it
127.0.0.1 www.5repubblica.it
127.0.0.1 5starvideos.com
127.0.0.1 www.5starvideos.com
127.0.0.1 5tiscali.it
127.0.0.1 www.5tiscali.it
127.0.0.1 5zgmu7o20kt5d8yq.com
127.0.0.1 www.5zgmu7o20kt5d8yq.com
127.0.0.1 6iscali.it
127.0.0.1 www.6iscali.it
127.0.0.1 6sek.com
127.0.0.1 www.6sek.com
127.0.0.1 6tiscali.it
127.0.0.1 www.6tiscali.it
127.0.0.1 7322.com
127.0.0.1 www.7322.com
127.0.0.1 75tz.com
127.0.0.1 777search.com
127.0.0.1 www.777search.com
127.0.0.1 777top.com
127.0.0.1 www.777top.com
127.0.0.1 7939.com
127.0.0.1 www.7939.com
127.0.0.1 7search.com
127.0.0.1 www.7search.com
127.0.0.1 80gw6ry3i3x3qbrkwhxhw.032439.com
127.0.0.1 82211.net
127.0.0.1 8866.org
127.0.0.1 888.com
127.0.0.1 www.888.com
127.0.0.1 8ad.com
127.0.0.1 www.8ad.com
127.0.0.1 9505.com
127.0.0.1 www.9505.com
127.0.0.1 971searchbox.com
127.0.0.1 www.971searchbox.com
127.0.0.1 a.bestmanage.org
127.0.0.1 aaasexypics.com
127.0.0.1 aaawebfinder.com
127.0.0.1 www.aaawebfinder.com
127.0.0.1 aavc.com
127.0.0.1 abc-find.info
127.0.0.1 www.abc-find.info
127.0.0.1 abetterinternet.com
127.0.0.1 www.abetterinternet.com
127.0.0.1 abnetsoft.info
127.0.0.1 www.abnetsoft.info
127.0.0.1 aboutclicker.com
127.0.0.1 www.aboutclicker.com
127.0.0.1 abrp.net
127.0.0.1 www.abrp.net
127.0.0.1 absolutee.com
127.0.0.1 www.absolutee.com
127.0.0.1 abyssmedia.com
127.0.0.1 www.abyssmedia.com
127.0.0.1 ac66.cn
127.0.0.1 www.ac66.cn
127.0.0.1 access.Navinetwork.com
127.0.0.1 access.rapid-pass.net
127.0.0.1 accessactivexvideo.com
127.0.0.1 www.accessactivexvideo.com
127.0.0.1 accessclips.com
127.0.0.1 www.accessclips.com
127.0.0.1 access-dvd.com
127.0.0.1 www.access-dvd.com
127.0.0.1 accesskeygenerator.com
127.0.0.1 www.accesskeygenerator.com
127.0.0.1 accessorygeeks.com
127.0.0.1 www.accessorygeeks.com
127.0.0.1 accessthefuture.net
127.0.0.1 www.accessthefuture.net
127.0.0.1 accessvid.net
127.0.0.1 www.accessvid.net
127.0.0.1 acemedic.com
127.0.0.1 www.acemedic.com
127.0.0.1 ace-webmaster.com
127.0.0.1 www.ace-webmaster.com
127.0.0.1 acjp.com
127.0.0.1 acrobat-2007.com
127.0.0.1 www.acrobat-2007.com
127.0.0.1 acrobat-8.com
127.0.0.1 www.acrobat-8.com
127.0.0.1 acrobat-center.com
127.0.0.1 www.acrobat-center.com
127.0.0.1 acrobat-hq.com
127.0.0.1 www.acrobat-hq.com
127.0.0.1 acrobatreader-8.com
127.0.0.1 www.acrobatreader-8.com
127.0.0.1 acrobat-reader-8.de
127.0.0.1 www.acrobat-reader-8.de
127.0.0.1 acrobat-stop.com
127.0.0.1 www.acrobat-stop.com
127.0.0.1 actionbreastcancer.org
127.0.0.1 www.actionbreastcancer.org
127.0.0.1 activesearcher.info
127.0.0.1 www.activesearcher.info
127.0.0.1 activexaccessobject.com
127.0.0.1 www.activexaccessobject.com
127.0.0.1 activexaccessvideo.com
127.0.0.1 www.activexaccessvideo.com
127.0.0.1 activexemedia.com
127.0.0.1 www.activexemedia.com
127.0.0.1 activexmediaobject.com
127.0.0.1 www.activexmediaobject.com
127.0.0.1 activexmediapro.com
127.0.0.1 www.activexmediapro.com
127.0.0.1 activexmediasite.com
127.0.0.1 www.activexmediasite.com
127.0.0.1 activexmediasoftware.com
127.0.0.1 www.activexmediasoftware.com
127.0.0.1 activexmediasource.com
127.0.0.1 www.activexmediasource.com
127.0.0.1 activexmediatool.com
127.0.0.1 www.activexmediatool.com
127.0.0.1 activexmediatour.com
127.0.0.1 www.activexmediatour.com
127.0.0.1 activexsoftwares.com
127.0.0.1 www.activexsoftwares.com
127.0.0.1 activexsource.com
127.0.0.1 www.activexsource.com
127.0.0.1 activexupdate.com
127.0.0.1 www.activexupdate.com
127.0.0.1 activexvideo.com
127.0.0.1 www.activexvideo.com
127.0.0.1 activexvideotool.com
127.0.0.1 www.activexvideotool.com
127.0.0.1 ad.marketingsector.com
127.0.0.1 www.ad.marketingsector.com
127.0.0.1 ad.mokead.com
127.0.0.1 www.ad.mokead.com
127.0.0.1 ad.yieldmanager.com
127.0.0.1 www.ad.yieldmanager.com
127.0.0.1 ad25.com
127.0.0.1 ad45.com
127.0.0.1 ad77.com
127.0.0.1 ad86.com
127.0.0.1 adamsupportgroup.org
127.0.0.1 www.adamsupportgroup.org
127.0.0.1 adarmor.com
127.0.0.1 www.adarmor.com
127.0.0.1 adasearch.com
127.0.0.1 www.adasearch.com
127.0.0.1 adaware.cc
127.0.0.1 adawarenow.com
127.0.0.1 www.adawarenow.com
127.0.0.1 addictivetechnologies.com
127.0.0.1 www.addictivetechnologies.com
127.0.0.1 addictivetechnologies.net
127.0.0.1 www.addictivetechnologies.net
127.0.0.1 add-manager.com
127.0.0.1 www.add-manager.com
127.0.0.1 adgate.info
127.0.0.1 www.adgate.info
127.0.0.1 adipics.com
127.0.0.1 www.adipics.com
127.0.0.1 admin2cash.biz
127.0.0.1 www.admin2cash.biz
127.0.0.1 adnet-plus.com
127.0.0.1 adobe-download-now.com
127.0.0.1 adobe-downloads.com
127.0.0.1 www.adobe-downloads.com
127.0.0.1 adobe-reader-8.fr
127.0.0.1 www.adobe-reader-8.fr
127.0.0.1 adprotect.com
127.0.0.1 www.adprotect.com
127.0.0.1 ads.centralmedia.ws
127.0.0.1 ads.k8l.info
127.0.0.1 ads.kmpads.com
127.0.0.1 ads.marketingsector.com
127.0.0.1 ads.searchingbooth.com
127.0.0.1 ads.z-quest.com
127.0.0.1 ads183.com
127.0.0.1 www.ads183.com
127.0.0.1 adscontex.com
127.0.0.1 www.adscontex.com
127.0.0.1 adservices1.enhance.com
127.0.0.1 www.adservices1.enhance.com
127.0.0.1 adservs.com
127.0.0.1 adsextend.net
127.0.0.1 www.adsextend.net
127.0.0.1 adshttp.com
127.0.0.1 www.adshttp.com
127.0.0.1 adsonwww.com
127.0.0.1 www.adsonwww.com
127.0.0.1 adspics.com
127.0.0.1 www.adspics.com
127.0.0.1 adtrak.net
127.0.0.1 www.adtrak.net
127.0.0.1 adtrgt.com
127.0.0.1 adult777search.info
127.0.0.1 www.adult777search.info
127.0.0.1 adultan.com
127.0.0.1 www.adultan.com
127.0.0.1 adult-engine-search.com
127.0.0.1 www.adult-engine-search.com
127.0.0.1 adult-erotic-guide.net
127.0.0.1 www.adult-erotic-guide.net
127.0.0.1 adultfilmsite.com
127.0.0.1 www.adultfilmsite.com
127.0.0.1 adult-friends-finder.net
127.0.0.1 www.adult-friends-finder.net
127.0.0.1 adultgambling.org
127.0.0.1 adult-host.org
127.0.0.1 adulthyperlinks.com
127.0.0.1 www.adulthyperlinks.com
127.0.0.1 adultmovieplus.com
127.0.0.1 www.adultmovieplus.com
127.0.0.1 adult-personal.us
127.0.0.1 adultsgames.net
127.0.0.1 adultsper.com
127.0.0.1 www.adultsper.com
127.0.0.1 adulttds.com
127.0.0.1 www.adulttds.com
127.0.0.1 adultzoneworld.com
127.0.0.1 www.adultzoneworld.com
127.0.0.1 advcash.biz
127.0.0.1 www.advcash.biz
127.0.0.1 advert.exaccess.ru
127.0.0.1 advertisemoney.info
127.0.0.1 www.advertisemoney.info
127.0.0.1 advertising.paltalk.com
127.0.0.1 advertising-money.info
127.0.0.1 www.advertising-money.info
127.0.0.1 ad-ware.cc
127.0.0.1 ad-w-a-r-e.com
127.0.0.1 www.ad-w-a-r-e.com
127.0.0.1 a-d-w-a-r-e.com
127.0.0.1 www.a-d-w-a-r-e.com
127.0.0.1 adwarebazooka.com
127.0.0.1 www.adwarebazooka.com
127.0.0.1 adwarefinder.com
127.0.0.1 www.adwarefinder.com
127.0.0.1 adwareprotectionsite.com
127.0.0.1 www.adwareprotectionsite.com
127.0.0.1 adwarepunisher.com
127.0.0.1 www.adwarepunisher.com
127.0.0.1 aflgate.com
127.0.0.1 www.aflgate.com
127.0.0.1 africaspromise.org
127.0.0.1 agava.com
127.0.0.1 agava.ru
127.0.0.1 agentstudio.com
127.0.0.1 aginegialle.it
127.0.0.1 www.aginegialle.it
127.0.0.1 www.aifind.info
127.0.0.1 aifind.info
127.0.0.1 airtleworld.com
127.0.0.1 www.airtleworld.com
127.0.0.1 aitalia.it
127.0.0.1 www.aitalia.it
127.0.0.1 akamai.downloadv3.com
127.0.0.1 aklitalia.it
127.0.0.1 www.aklitalia.it
127.0.0.1 akril.com
127.0.0.1 alcatel.ws
127.0.0.1 alfacleaner.com
127.0.0.1 www.alfacleaner.com
127.0.0.1 alfa-search.com
127.0.0.1 alialia.it
127.0.0.1 www.alialia.it
127.0.0.1 aliotalia.it
127.0.0.1 www.aliotalia.it
127.0.0.1 alirtalia.it
127.0.0.1 www.alirtalia.it
127.0.0.1 alitaia.it
127.0.0.1 www.alitaia.it
127.0.0.1 alitaklia.it
127.0.0.1 www.alitaklia.it
127.0.0.1 alitala.it
127.0.0.1 www.alitala.it
127.0.0.1 alitali.it
127.0.0.1 www.alitali.it
127.0.0.1 alitaliaq.it
127.0.0.1 www.alitaliaq.it
127.0.0.1 alitalias.it
127.0.0.1 www.alitalias.it
127.0.0.1 alitaliaz.it
127.0.0.1 www.alitaliaz.it
127.0.0.1 alitalioa.it
127.0.0.1 www.alitalioa.it
127.0.0.1 alitalisa.it
127.0.0.1 www.alitalisa.it
127.0.0.1 alitaliua.it
127.0.0.1 www.alitaliua.it
127.0.0.1 alitalkia.it
127.0.0.1 www.alitalkia.it
127.0.0.1 alitaloia.it
127.0.0.1 www.alitaloia.it
127.0.0.1 alitaluia.it
127.0.0.1 www.alitaluia.it
127.0.0.1 alitaslia.it
127.0.0.1 www.alitaslia.it
127.0.0.1 alitlia.it
127.0.0.1 www.alitlia.it
127.0.0.1 alitralia.it
127.0.0.1 www.alitralia.it
127.0.0.1 alitsalia.it
127.0.0.1 www.alitsalia.it
127.0.0.1 aliutalia.it
127.0.0.1 www.aliutalia.it
127.0.0.1 ALL1COUNT.NET
127.0.0.1 www.ALL1COUNT.NET
127.0.0.1 all4internet.com
127.0.0.1 www.all4internet.com
127.0.0.1 allabtcars.com
127.0.0.1 allabtjeeps.com
127.0.0.1 all-bittorrent.com
127.0.0.1 www.all-bittorrent.com
127.0.0.1 www.allcybersearch.com
127.0.0.1 allcybersearch.com
127.0.0.1 alldnserrors.com
127.0.0.1 www.alldnserrors.com
127.0.0.1 all-downloads-now.com
127.0.0.1 www.all-downloads-now.com
127.0.0.1 all-edonkey.com
127.0.0.1 www.all-edonkey.com
127.0.0.1 allforadult.com
127.0.0.1 allhyperlinks.com
127.0.0.1 alliesecurity.com
127.0.0.1 www.alliesecurity.com
127.0.0.1 all-inet.com
127.0.0.1 allinternetbusiness.com
127.0.0.1 all-limewire.com
127.0.0.1 www.all-limewire.com
127.0.0.1 allmegabucks.com
127.0.0.1 www.allmegabucks.com
127.0.0.1 allprotections.com
127.0.0.1 www.allprotections.com
127.0.0.1 allresultz.net
127.0.0.1 www.allresultz.net
127.0.0.1 allsecuritynotes.com
127.0.0.1 www.allsecuritynotes.com
127.0.0.1 allsecuritysite.com
127.0.0.1 www.allsecuritysite.com
127.0.0.1 allstarsvideos.net
127.0.0.1 www.allstarsvideos.net
127.0.0.1 alltruesoftware.com
127.0.0.1 www.alltruesoftware.com
127.0.0.1 allvideoactivex.com
127.0.0.1 www.allvideoactivex.com
127.0.0.1 almanah.biz
127.0.0.1 www.almanah.biz
127.0.0.1 almarvideos.com
127.0.0.1 aloitalia.it
127.0.0.1 www.aloitalia.it
127.0.0.1 aluitalia.it
127.0.0.1 www.aluitalia.it
127.0.0.1 amaena.com
127.0.0.1 www.amaena.com
127.0.0.1 amandamountains.com
127.0.0.1 amateurliveshow.com
127.0.0.1 www.amateurliveshow.com
127.0.0.1 amediasoftware.com
127.0.0.1 www.amediasoftware.com
127.0.0.1 amediasource.com
127.0.0.1 www.amediasource.com
127.0.0.1 americancarbargains.com
127.0.0.1 www.americancarbargains.com
127.0.0.1 american-teens.net
127.0.0.1 amigeek.com
127.0.0.1 amisbusiness.com
127.0.0.1 ampmsearch.com
127.0.0.1 www.ampmsearch.com
127.0.0.1 analcord.com
127.0.0.1 www.analcord.com
127.0.0.1 analmovi.com
127.0.0.1 anarchylolita.com
127.0.0.1 www.anarchylolita.com
127.0.0.1 anarchyporn.com
127.0.0.1 andromedical.com
127.0.0.1 www.andromedical.com
127.0.0.1 animepornmag.com
127.0.0.1 www.animepornmag.com
127.0.0.1 anin.org
127.0.0.1 anjpn-avxiz.biz
127.0.0.1 www.anjpn-avxiz.biz
127.0.0.1 anjpnzqav.biz
127.0.0.1 www.anjpnzqav.biz
127.0.0.1 anjpn-zqav.biz
127.0.0.1 www.anjpn-zqav.biz
127.0.0.1 annaromeo.com
127.0.0.1 antiddos.us
127.0.0.1 www.antiddos.us
127.0.0.1 Antiespiadorado.com
127.0.0.1 www.Antiespiadorado.com
127.0.0.1 Antiespionspack.com
127.0.0.1 www.Antiespionspack.com
127.0.0.1 Antigusanos2008.com
127.0.0.1 www.Antigusanos2008.com
127.0.0.1 Antispionage.com
127.0.0.1 www.Antispionage.com
127.0.0.1 Antispionagepro.com
127.0.0.1 www.Antispionagepro.com
127.0.0.1 antispydns.biz
127.0.0.1 www.antispydns.biz
127.0.0.1 antispylab.com
127.0.0.1 www.antispylab.com
127.0.0.1 antispysolutions.com
127.0.0.1 www.antispysolutions.com
127.0.0.1 antispyware.com
127.0.0.1 www.antispyware.com
127.0.0.1 antispywarebot.com
127.0.0.1 www.antispywarebot.com
127.0.0.1 antispywarebox.com
127.0.0.1 www.antispywarebox.com
127.0.0.1 antispywaredownloads.com
127.0.0.1 www.antispywaredownloads.com
127.0.0.1 Antispywaresuite.com
127.0.0.1 www.Antispywaresuite.com
127.0.0.1 Antispyweb.net
127.0.0.1 www.Antispyweb.net
127.0.0.1 Antiver2008.com
127.0.0.1 www.Antiver2008.com
127.0.0.1 antivermins.com
127.0.0.1 www.antivermins.com
127.0.0.1 anti-vermins.com
127.0.0.1 www.anti-vermins.com
127.0.0.1 antivir2007.com
127.0.0.1 www.antivir2007.com
127.0.0.1 antivirgear.com
127.0.0.1 www.antivirgear.com
127.0.0.1 antivirus.fastfreedownload.com
127.0.0.1 www.antivirus.fastfreedownload.com
127.0.0.1 antivirusgolden.com
127.0.0.1 www.antivirusgolden.com
127.0.0.1 antivirus-hq.net
127.0.0.1 www.antivirus-hq.net
127.0.0.1 anti-virus-pro.com
127.0.0.1 www.anti-virus-pro.com
127.0.0.1 antivirusprotector.com
127.0.0.1 www.antivirusprotector.com
127.0.0.1 antivirussecuritypro.com
127.0.0.1 www.antivirussecuritypro.com
127.0.0.1 antivirus-stop.com
127.0.0.1 www.antivirus-stop.com
127.0.0.1 Antiworm2008.com
127.0.0.1 www.Antiworm2008.com
127.0.0.1 Antiwurm2008.com
127.0.0.1 www.Antiwurm2008.com
127.0.0.1 antrocity.com
127.0.0.1 anyofus.com
127.0.0.1 www.anyofus.com
127.0.0.1 anysn.seproger.com
127.0.0.1 www.anysn.seproger.com
127.0.0.1 anything4health.com
127.0.0.1 apicpreview.com
127.0.0.1 www.apicpreview.com
127.0.0.1 appealcircuit.com
127.0.0.1 www.appealcircuit.com
127.0.0.1 approvedlinks.com
127.0.0.1 www.approvedlinks.com
127.0.0.1 apps.deskwizz.com
127.0.0.1 apps.webservicehost.com
127.0.0.1 aprotectedpage.com
127.0.0.1 www.aprotectedpage.com
127.0.0.1 apsua.com
127.0.0.1 archiviosex.net
127.0.0.1 www.archiviosex.net
127.0.0.1 aregay.com
127.0.0.1 ares-freebie.com
127.0.0.1 www.ares-freebie.com
127.0.0.1 arespro2007.com
127.0.0.1 www.arespro2007.com
127.0.0.1 aresultra.com
127.0.0.1 www.aresultra.com
127.0.0.1 ares-usa.com
127.0.0.1 www.ares-usa.com
127.0.0.1 arheo.com
127.0.0.1 arizonaweb.org
127.0.0.1 armitageinn.com
127.0.0.1 arquivojpgs.smtp.ru
127.0.0.1 www.arquivojpgs.smtp.ru
127.0.0.1 artachnid.com
127.0.0.1 art-func.com
127.0.0.1 art-xxx.com
127.0.0.1 asafebrowser.com
127.0.0.1 www.asafebrowser.com
127.0.0.1 asafetynotice.com
127.0.0.1 www.asafetynotice.com
127.0.0.1 asafetypage.com
127.0.0.1 www.asafetypage.com
127.0.0.1 asdbiz.biz
127.0.0.1 www.asdbiz.biz
127.0.0.1 asdeykuddq.com
127.0.0.1 www.asdeykuddq.com
127.0.0.1 asecurebar.com
127.0.0.1 www.asecurebar.com
127.0.0.1 asecureboard.com
127.0.0.1 www.asecureboard.com
127.0.0.1 asecurevalue.com
127.0.0.1 www.asecurevalue.com
127.0.0.1 asecurityissue.com
127.0.0.1 www.asecurityissue.com
127.0.0.1 asecuritynotice.com
127.0.0.1 www.asecuritynotice.com
127.0.0.1 asecuritypaper.com
127.0.0.1 www.asecuritypaper.com
127.0.0.1 asecuritystuff.com
127.0.0.1 www.asecuritystuff.com
127.0.0.1 asiankingkong.com
127.0.0.1 asianpornmag.com
127.0.0.1 www.asianpornmag.com
127.0.0.1 asiantoolbar.com
127.0.0.1 www.asiantoolbar.com
127.0.0.1 asidseiupc.com
127.0.0.1 www.asidseiupc.com
127.0.0.1 aslitalia.it
127.0.0.1 www.aslitalia.it
127.0.0.1 ass-gals.com
127.0.0.1 assureprotection.com
127.0.0.1 www.assureprotection.com
127.0.0.1 asta-killer.com
127.0.0.1 asupereva.it
127.0.0.1 www.asupereva.it
127.0.0.1 athenrye.com
127.0.0.1 atotalsafety.com
127.0.0.1 www.atotalsafety.com
127.0.0.1 atrueprotection.com
127.0.0.1 www.atrueprotection.com
127.0.0.1 atruesecurity.com
127.0.0.1 www.atruesecurity.com
127.0.0.1 attackware.com
127.0.0.1 www.attackware.com
127.0.0.1 attrezzi.biz
127.0.0.1 www.attrezzi.biz
127.0.0.1 aulde.net
127.0.0.1 www.aulde.net
127.0.0.1 aupereva.it
127.0.0.1 www.aupereva.it
127.0.0.1 autocontext.begun.ru
127.0.0.1 www.autocontext.begun.ru
127.0.0.1 autoescrowpay.com
127.0.0.1 avast.free-software-center.com
127.0.0.1 www.avast.free-software-center.com
127.0.0.1 avast-2007.com
127.0.0.1 www.avast-2007.com
127.0.0.1 avast-downloads.com
127.0.0.1 www.avast-downloads.com
127.0.0.1 avast-hq.com
127.0.0.1 www.avast-hq.com
127.0.0.1 avforce.com
127.0.0.1 www.avforce.com
127.0.0.1 avg.grab-it-today.net
127.0.0.1 www.avg.grab-it-today.net
127.0.0.1 avg.softwarecenterz.com
127.0.0.1 www.avg.softwarecenterz.com
127.0.0.1 avg-secure.com
127.0.0.1 www.avg-secure.com
127.0.0.1 avian-ads.com
127.0.0.1 avideoaxaccess.com
127.0.0.1 www.avideoaxaccess.com
127.0.0.1 avideosurfer.com
127.0.0.1 www.avideosurfer.com
127.0.0.1 aviewersoft.com
127.0.0.1 www.aviewersoft.com
127.0.0.1 avpcheckupdate.com
127.0.0.1 www.avpcheckupdate.com
127.0.0.1 avxizaaqada.biz
127.0.0.1 www.avxizaaqada.biz
127.0.0.1 avxiz-anjpn.biz
127.0.0.1 www.avxiz-anjpn.biz
127.0.0.1 avxizueorn.biz
127.0.0.1 www.avxizueorn.biz
127.0.0.1 avxiz-ueorn.biz
127.0.0.1 www.avxiz-ueorn.biz
127.0.0.1 avxiz-vtvcp.biz
127.0.0.1 www.avxiz-vtvcp.biz
127.0.0.1 avxiz-ygco.biz
127.0.0.1 www.avxiz-ygco.biz
127.0.0.1 avxiz-zqav.biz
127.0.0.1 www.avxiz-zqav.biz
127.0.0.1 awarninglist.com
127.0.0.1 www.awarninglist.com
127.0.0.1 awbeta.net-nucleus.com
127.0.0.1 awesomehomepage.com
127.0.0.1 www.awesomehomepage.com
127.0.0.1 awmcash.biz
127.0.0.1 awmdabest.com
127.0.0.1 axemediasoftware.com
127.0.0.1 www.axemediasoftware.com
127.0.0.1 aximageobject.com
127.0.0.1 www.aximageobject.com
127.0.0.1 axmediaproject.com
127.0.0.1 www.axmediaproject.com
127.0.0.1 axmediasoftware.com
127.0.0.1 www.axmediasoftware.com
127.0.0.1 axmediasolutions.com
127.0.0.1 www.axmediasolutions.com
127.0.0.1 axobjectpage.com
127.0.0.1 www.axobjectpage.com
127.0.0.1 axobjectsource.com
127.0.0.1 www.axobjectsource.com
127.0.0.1 axsoftwaretool.com
127.0.0.1 www.axsoftwaretool.com
127.0.0.1 axvideoproject.com
127.0.0.1 www.axvideoproject.com
127.0.0.1 axvideosetup.com
127.0.0.1 www.axvideosetup.com
127.0.0.1 ayakawamura.com
127.0.0.1 ayb.dns-look-up.com
127.0.0.1 ayb.netbios-wait.com
127.0.0.1 ayumitaniguchi.com
127.0.0.1 azebar.com
127.0.0.1 azureusclub.com
127.0.0.1 www.azureusclub.com
127.0.0.1 azureus-freebie.com
127.0.0.1 www.azureus-freebie.com
127.0.0.1 azzetta.it
127.0.0.1 www.azzetta.it
127.0.0.1 b.casalemedia.com
127.0.0.1 babe.k-lined.com
127.0.0.1 www.babe.k-lined.com
127.0.0.1 babe.the-killer.bz
127.0.0.1 www.babe.the-killer.bz
127.0.0.1 babenet.com
127.0.0.1 www.babenet.com
127.0.0.1 babespornmag.com
127.0.0.1 www.babespornmag.com
127.0.0.1 babeweb.de
127.0.0.1 www.babeweb.de
127.0.0.1 baccarat-other.info
127.0.0.1 www.baccarat-other.info
127.0.0.1 Backstripgirls.com
127.0.0.1 www.Backstripgirls.com
127.0.0.1 backup.mabou.org
127.0.0.1 balotierra.com
127.0.0.1 www.balotierra.com
127.0.0.1 bannedhost.net
127.0.0.1 barbudafarms.com
127.0.0.1 bardownload.com
127.0.0.1 www.bardownload.com
127.0.0.1 barnandfence.com
127.0.0.1 batsearch.com
127.0.0.1 baygraphicsllc.com
127.0.0.1 bbbsearch.com
127.0.0.1 bb-search.com
127.0.0.1 bdsmlibrary.net
127.0.0.1 bdsmpornmag.com
127.0.0.1 www.bdsmpornmag.com
127.0.0.1 bearshare.download-me.info
127.0.0.1 www.bearshare.download-me.info
127.0.0.1 bearshare.mp3-muzic.com
127.0.0.1 www.bearshare.mp3-muzic.com
127.0.0.1 bearshare-download.org
127.0.0.1 www.bearshare-download.org
127.0.0.1 bearshare-downloads.net
127.0.0.1 www.bearshare-downloads.net
127.0.0.1 bearsharelive.co.uk
127.0.0.1 www.bearsharelive.co.uk
127.0.0.1 bearshare-music-downloads.com
127.0.0.1 www.bearshare-music-downloads.com
127.0.0.1 bearsharepro2007.com
127.0.0.1 www.bearsharepro2007.com
127.0.0.1 bearshare-usa.com
127.0.0.1 www.bearshare-usa.com
127.0.0.1 bedhome.com
127.0.0.1 bediadance.com
127.0.0.1 beebappyy.biz
127.0.0.1 www.beebappyy.biz
127.0.0.1 begin2search.com
127.0.0.1 www.begin2search.com
127.0.0.1 bellabasketsfl.com
127.0.0.1 bernaolatwin.com
127.0.0.1 best-counter.com
127.0.0.1 bestcrawler.com
127.0.0.1 bestfor.ru
127.0.0.1 best-hardpics.com
127.0.0.1 bestmanage.org
127.0.0.1 www.bestmanage.org
127.0.0.1 bestmanage0.org
127.0.0.1 www.bestmanage0.org
127.0.0.1 bestmanage1.org
127.0.0.1 www.bestmanage1.org
127.0.0.1 bestmanage2.org
127.0.0.1 www.bestmanage2.org
127.0.0.1 bestmanage3.org
127.0.0.1 www.bestmanage3.org
127.0.0.1 bestmanage4.org
127.0.0.1 www.bestmanage4.org
127.0.0.1 bestmanage5.org
127.0.0.1 www.bestmanage5.org
127.0.0.1 bestmanage6.org
127.0.0.1 www.bestmanage6.org
127.0.0.1 bestmanage7.org
127.0.0.1 www.bestmanage7.org
127.0.0.1 bestmanage8.org
127.0.0.1 www.bestmanage8.org
127.0.0.1 bestmanage9.org
127.0.0.1 www.bestmanage9.org
127.0.0.1 bestporngate.com
127.0.0.1 bestsafetyguide.net
127.0.0.1 www.bestsafetyguide.net
127.0.0.1 best-spyware.info
127.0.0.1 www.best-spyware.info
127.0.0.1 best-targeted-traffic.com
127.0.0.1 www.best-targeted-traffic.com
127.0.0.1 best-voyeur.info
127.0.0.1 www.best-voyeur.info
127.0.0.1 bestweblinks.com
127.0.0.1 best-winning-casino.com
127.0.0.1 bestworldgirls-for-u.net
127.0.0.1 www.bestworldgirls-for-u.net
127.0.0.1 bestxporno.com
127.0.0.1 bettersearch.biz
127.0.0.1 www.bettersearch.biz
127.0.0.1 bgazzetta.it
127.0.0.1 www.bgazzetta.it
127.0.0.1 bgoogle.it
127.0.0.1 www.bgoogle.it
127.0.0.1 bigtrafficnetwork.com
127.0.0.1 www.bigtrafficnetwork.com
127.0.0.1 bigwww.com
127.0.0.1 www.bigwww.com
127.0.0.1 bin.errorprotector.com
127.0.0.1 bins.media-motor.net
127.0.0.1 bins2.media-motor.net
127.0.0.1 bis.180solutions.com
127.0.0.1 bitchesonline.net
127.0.0.1 bitcomet-freebie.com
127.0.0.1 www.bitcomet-freebie.com
127.0.0.1 biz.biz
127.0.0.1 blackblues00.com
127.0.0.1 www.blackblues00.com
127.0.0.1 blackhats.tc
127.0.0.1 www.blackhats.tc
127.0.0.1 blackhawksoftware.com
127.0.0.1 www.blackhawksoftware.com
127.0.0.1 blackjack-free.net
127.0.0.1 blazefind.com
127.0.0.1 blender.xu.pl
127.0.0.1 blondetgp.com
127.0.0.1 blue-elefant.com
127.0.0.1 www.blue-elefant.com
127.0.0.1 bm.theaimonline.com
127.0.0.1 www.bm.theaimonline.com
127.0.0.1 bnmgate.com
127.0.0.1 www.bnmgate.com
127.0.0.1 bodaciousbabette.com
127.0.0.1 bonzi.com
127.0.0.1 www.bonzi.com
127.0.0.1 boobdoll.com
127.0.0.1 boobsandtits.com
127.0.0.1 boobsclub.com
127.0.0.1 bookedspace.com
127.0.0.1 www.bookedspace.com
127.0.0.1 boom.com.vn
127.0.0.1 www.boom.com.vn
127.0.0.1 boredlife.com
127.0.0.1 bowlofogumbo.com
127.0.0.1 bpfq02.com
127.0.0.1 www.bpfq02.com
127.0.0.1 bqgate.com
127.0.0.1 www.bqgate.com
127.0.0.1 br.errorsafe.com
127.0.0.1 br.winantivirus.com
127.0.0.1 br.winfixer.com
127.0.0.1 bradcoem.org
127.0.0.1 braincodec.com
127.0.0.1 www.braincodec.com
127.0.0.1 brandiyoung.com
127.0.0.1 bravesentry.com
127.0.0.1 www.bravesentry.com
127.0.0.1 breenten.biz
127.0.0.1 www.breenten.biz
127.0.0.1 brodbfm.net
127.0.0.1 www.brodbfm.net
127.0.0.1 brookeburn.com
127.0.0.1 browserwise.com
127.0.0.1 www.browserwise.com
127.0.0.1 bucps.com
127.0.0.1 buhartes.info
127.0.0.1 buldog-stats.com
127.0.0.1 bullseye-network.com
127.0.0.1 www.bullseye-network.com
127.0.0.1 burgerkingbigscreen.com
127.0.0.1 burnsrecyclinginc.com
127.0.0.1 www.burnsrecyclinginc.com
127.0.0.1 buscards.net
127.0.0.1 bustyrussell.com
127.0.0.1 busysearch.net
127.0.0.1 www.busysearch.net
127.0.0.1 buttejazz.org
127.0.0.1 buy-find.info
127.0.0.1 www.buy-find.info
127.0.0.1 buyselldomain.net
127.0.0.1 buytraff.biz
127.0.0.1 www.buytraff.biz
127.0.0.1 buz.ru
127.0.0.1 bvirgilio.it
127.0.0.1 www.bvirgilio.it
127.0.0.1 c.centralmedia.ws
127.0.0.1 c.enhance.com
127.0.0.1 www.c.enhance.com
127.0.0.1 c.goclick.com
127.0.0.1 c4tdownload.com
127.0.0.1 www.c4tdownload.com
127.0.0.1 c5.www4free.info
127.0.0.1 www.c5.www4free.info
127.0.0.1 cache.surfaccuracy.com
127.0.0.1 www.cache.surfaccuracy.com
127.0.0.1 cache.ysbweb.com
127.0.0.1 calcioturris.com
127.0.0.1 calendaralerts.net
127.0.0.1 www.calendaralerts.net
127.0.0.1 cameouk.co.uk
127.0.0.1 www.cameouk.co.uk
127.0.0.1 cameup.com
127.0.0.1 camouflageclothingonline.net
127.0.0.1 www.camouflageclothingonline.net
127.0.0.1 camup.net
127.0.0.1 canberracricketcoaching.com
127.0.0.1 candycantaloupes.com
127.0.0.1 canidetect.org
127.0.0.1 www.canidetect.org
127.0.0.1 cantfind.com
127.0.0.1 www.cantfind.com
127.0.0.1 careers.dulcineasystems.net
127.0.0.1 carsands.com
127.0.0.1 carsrentals.net
127.0.0.1 cartoes.uol.com.br
127.0.0.1 casalemedia.com
127.0.0.1 www.casalemedia.com
127.0.0.1 cashdeluxe.net
127.0.0.1 www.cashdeluxe.net
127.0.0.1 cashengines.com
127.0.0.1 www.cashengines.com
127.0.0.1 cashsearch.biz
127.0.0.1 cashsurfers.com
127.0.0.1 www.cashsurfers.com
127.0.0.1 CashUnlim.com
127.0.0.1 www.CashUnlim.com
127.0.0.1 casino.com.free.game.pogo.gratisdownloads.nl
127.0.0.1 casino2win.net
127.0.0.1 casino-gambling-1.net
127.0.0.1 casino-gambling-2.net
127.0.0.1 casinomidas.net
127.0.0.1 casinonline.net
127.0.0.1 casino-onlines.net
127.0.0.1 castingsamateur.com
127.0.0.1 www.castingsamateur.com
127.0.0.1 catallogue.com
127.0.0.1 catch-dc.info
127.0.0.1 www.catch-dc.info
127.0.0.1 categories.mygeek.com
127.0.0.1 catsss.da.ru
127.0.0.1 caxa.ru
127.0.0.1 cc.panet.org
127.0.0.1 ccecaedbebfcaf.com
127.0.0.1 www.ccecaedbebfcaf.com
127.0.0.1 cclebali.org
127.0.0.1 ccorriere.it
127.0.0.1 www.ccorriere.it
127.0.0.1 cdegate.com
127.0.0.1 www.cdegate.com
127.0.0.1 cdn.drivecleaner.com
127.0.0.1 cdn.errorsafe.com
127.0.0.1 cdn.movies-etc.com
127.0.0.1 cdn.winsoftware.com
127.0.0.1 cdn2.movies-etc.com
127.0.0.1 cdorriere.it
127.0.0.1 www.cdorriere.it
127.0.0.1 ceewawires.org
127.0.0.1 centralmedia.ws
127.0.0.1 certumgroup.com
127.0.0.1 cforriere.it
127.0.0.1 www.cforriere.it
127.0.0.1 check.jupitersatellites.biz
127.0.0.1 www.check.jupitersatellites.biz
127.0.0.1 checkin100.com
127.0.0.1 www.checkin100.com
127.0.0.1 checkssecurity.com
127.0.0.1 www.checkssecurity.com
127.0.0.1 chelancatering.com
127.0.0.1 chenshijituan.com
127.0.0.1 www.chenshijituan.com
127.0.0.1 childrenvilla.com
127.0.0.1 chips-4-free.com
127.0.0.1 chrisswasey.com
127.0.0.1 chriswallace.net
127.0.0.1 cia-trjn.myvnc.com
127.0.0.1 www.cia-trjn.myvnc.com
127.0.0.1 ciorriere.it
127.0.0.1 www.ciorriere.it
127.0.0.1 cirriere.it
127.0.0.1 www.cirriere.it
127.0.0.1 ckick4thumbs.com
127.0.0.1 cl55.biz
127.0.0.1 clackamasliteraryreview.com
127.0.0.1 cleansoftwares.com
127.0.0.1 www.cleansoftwares.com
127.0.0.1 clearsearch.cc
127.0.0.1 clearsearch.net
127.0.0.1 clickaire.com
127.0.0.1 click-codec.com
127.0.0.1 www.click-codec.com
127.0.0.1 clickhere4search.com
127.0.0.1 www.clickhere4search.com
127.0.0.1 click-now.net
127.0.0.1 clickspring.net
127.0.0.1 www.clickspring.net
127.0.0.1 click-to-download.com
127.0.0.1 www.click-to-download.com
127.0.0.1 clicktomakeasearch.com
127.0.0.1 www.clicktomakeasearch.com
127.0.0.1 clickyestoenter.net
127.0.0.1 client.exeupdate.com
127.0.0.1 client.myadultexplorer.com
127.0.0.1 cliks.org
127.0.0.1 www.cliks.org
127.0.0.1 clorriere.it
127.0.0.1 www.clorriere.it
127.0.0.1 clrsch.com
127.0.0.1 clubxxxvideo.com
127.0.0.1 www.clubxxxvideo.com
127.0.0.1 clusif.free.fr
127.0.0.1 cmtapestry.com
127.0.0.1 cnetadd.com
127.0.0.1 www.cnetadd.com
127.0.0.1 cnzz.com
127.0.0.1 www.cnzz.com
127.0.0.1 code.ignphrases.com
127.0.0.1 codec.ninoa.com
127.0.0.1 codecdvd.net
127.0.0.1 www.codecdvd.net
127.0.0.1 codec-fun.com
127.0.0.1 www.codec-fun.com
127.0.0.1 codecsoft.net
127.0.0.1 www.codecsoft.net
127.0.0.1 codrriere.it
127.0.0.1 www.codrriere.it
127.0.0.1 coeriere.it
127.0.0.1 www.coeriere.it
127.0.0.1 coerriere.it
127.0.0.1 www.coerriere.it
127.0.0.1 cofrriere.it
127.0.0.1 www.cofrriere.it
127.0.0.1 cogrriere.it
127.0.0.1 www.cogrriere.it
127.0.0.1 coirriere.it
127.0.0.1 www.coirriere.it
127.0.0.1 command.adservs.com
127.0.0.1 www.commonname.com
127.0.0.1 computerpcgames.net
127.0.0.1 www.computerpcgames.net
127.0.0.1 computerrecover.com
127.0.0.1 www.computerrecover.com
127.0.0.1 config.180solutions.com
127.0.0.1 content.dollarrevenue.com
127.0.0.1 www.content.dollarrevenue.com
127.0.0.1 content.ireit.com
127.0.0.1 www.content.ireit.com
127.0.0.1 content.onerateld.com
127.0.0.1 contentmatch.net
127.0.0.1 www.contentmatch.net
127.0.0.1 contra-virus.com
127.0.0.1 www.contra-virus.com
127.0.0.1 controlmeh.com
127.0.0.1 www.controlmeh.com
127.0.0.1 cooldeskalert.com
127.0.0.1 www.cooldeskalert.com
127.0.0.1 coolfetishsite.com
127.0.0.1 coolfreehost.com
127.0.0.1 coolfreepage.com
127.0.0.1 coolfreepages.com
127.0.0.1 cool-homepage.co
127.0.0.1 cool-homepage.com
127.0.0.1 coolmoneysearch.com
127.0.0.1 coolpornsearch.com
127.0.0.1 cool-search.net
127.0.0.1 cool-search.netfartpost.com
127.0.0.1 coolsearcher.info
127.0.0.1 coolservecorp.net
127.0.0.1 www.coolservecorp.net
127.0.0.1 coolwebsearch.com
127.0.0.1 www.coolwebsearch.com
127.0.0.1 cool-web-search.com
127.0.0.1 coolwebsearsh.com
127.0.0.1 coolwwwsearch.com
127.0.0.1 www.coolwwwsearch.com
127.0.0.1 cool-xxx.net
127.0.0.1 coorriere.it
127.0.0.1 www.coorriere.it
127.0.0.1 copmtraine.com
127.0.0.1 coprriere.it
127.0.0.1 www.coprriere.it
127.0.0.1 core.psyche-evolution.com
127.0.0.1 www.core.psyche-evolution.com
127.0.0.1 coreiere.it
127.0.0.1 www.coreiere.it
127.0.0.1 coreriere.it
127.0.0.1 www.coreriere.it
127.0.0.1 corrdiere.it
127.0.0.1 www.corrdiere.it
127.0.0.1 correiere.it
127.0.0.1 www.correiere.it
127.0.0.1 corrfiere.it
127.0.0.1 www.corrfiere.it
127.0.0.1 corrgiere.it
127.0.0.1 www.corrgiere.it
127.0.0.1 corridere.it
127.0.0.1 www.corridere.it
127.0.0.1 corriedre.it
127.0.0.1 www.corriedre.it
127.0.0.1 corriee.it
127.0.0.1 www.corriee.it
127.0.0.1 corrieere.it
127.0.0.1 www.corrieere.it
127.0.0.1 corriefre.it
127.0.0.1 www.corriefre.it
127.0.0.1 corriegre.it
127.0.0.1 www.corriegre.it
127.0.0.1 corrierde.it
127.0.0.1 www.corrierde.it
127.0.0.1 corriered.it
127.0.0.1 www.corriered.it
127.0.0.1 corrieree.it
127.0.0.1 www.corrieree.it
127.0.0.1 corrieref.it
127.0.0.1 www.corrieref.it
127.0.0.1 corrierer.it
127.0.0.1 www.corrierer.it
127.0.0.1 corrieres.it
127.0.0.1 www.corrieres.it
127.0.0.1 corrierew.it
127.0.0.1 www.corrierew.it
127.0.0.1 corrierfe.it
127.0.0.1 www.corrierfe.it
127.0.0.1 corrierge.it
127.0.0.1 www.corrierge.it
127.0.0.1 corrierr.it
127.0.0.1 www.corrierr.it
127.0.0.1 corrierre.it
127.0.0.1 www.corrierre.it
127.0.0.1 corrierse.it
127.0.0.1 www.corrierse.it
127.0.0.1 corrierte.it
127.0.0.1 www.corrierte.it
127.0.0.1 corrierw.it
127.0.0.1 www.corrierw.it
127.0.0.1 corrierwe.it
127.0.0.1 www.corrierwe.it
127.0.0.1 corriesre.it
127.0.0.1 www.corriesre.it
127.0.0.1 corriete.it
127.0.0.1 www.corriete.it
127.0.0.1 corrietre.it
127.0.0.1 www.corrietre.it
127.0.0.1 corriewre.it
127.0.0.1 www.corriewre.it
127.0.0.1 corrifere.it
127.0.0.1 www.corrifere.it
127.0.0.1 corriiere.it
127.0.0.1 www.corriiere.it
127.0.0.1 corrilere.it
127.0.0.1 www.corrilere.it
127.0.0.1 corrioere.it
127.0.0.1 www.corrioere.it
127.0.0.1 corrire.it
127.0.0.1 www.corrire.it
127.0.0.1 corrirere.it
127.0.0.1 www.corrirere.it
127.0.0.1 corrirre.it
127.0.0.1 www.corrirre.it
127.0.0.1 corrisere.it
127.0.0.1 www.corrisere.it
127.0.0.1 corriuere.it
127.0.0.1 www.corriuere.it
127.0.0.1 corriwere.it
127.0.0.1 www.corriwere.it
127.0.0.1 corriwre.it
127.0.0.1 www.corriwre.it
127.0.0.1 corrliere.it
127.0.0.1 www.corrliere.it
127.0.0.1 corroere.it
127.0.0.1 www.corroere.it
127.0.0.1 corroiere.it
127.0.0.1 www.corroiere.it
127.0.0.1 corrriere.it
127.0.0.1 www.corrriere.it
127.0.0.1 corrtiere.it
127.0.0.1 www.corrtiere.it
127.0.0.1 corruere.it
127.0.0.1 www.corruere.it
127.0.0.1 corruiere.it
127.0.0.1 www.corruiere.it
127.0.0.1 cortiere.it
127.0.0.1 www.cortiere.it
127.0.0.1 cortriere.it
127.0.0.1 www.cortriere.it
127.0.0.1 costrike.com
127.0.0.1 www.costrike.com
127.0.0.1 cotriere.it
127.0.0.1 www.cotriere.it
127.0.0.1 cotrriere.it
127.0.0.1 www.cotrriere.it
127.0.0.1 couldnotfind.com
127.0.0.1 count.cc
127.0.0.1 count.hitscount.net
127.0.0.1 count-all.com
127.0.0.1 countdutycall.info
127.0.0.1 www.countdutycall.info
127.0.0.1 counter.sexmaniack.com
127.0.0.1 cporriere.it
127.0.0.1 www.cporriere.it
127.0.0.1 cprriere.it
127.0.0.1 www.cprriere.it
127.0.0.1 cpvfeed.com
127.0.0.1 cracks.me.uk
127.0.0.1 cracks4all.com
127.0.0.1 www.cracks4all.com
127.0.0.1 crapsgold.info
127.0.0.1 www.crapsgold.info
127.0.0.1 Crazygirls-world.com
127.0.0.1 crazywinnings.com
127.0.0.1 www.crazywinnings.com
127.0.0.1 creamedcutties.com
127.0.0.1 createaccesskey.com
127.0.0.1 www.createaccesskey.com
127.0.0.1 creditsearchonline.com
127.0.0.1 crestring.com
127.0.0.1 crooder.com
127.0.0.1 crriere.it
127.0.0.1 www.crriere.it
127.0.0.1 crystalysmedia.com
127.0.0.1 www.crystalysmedia.com
127.0.0.1 csx.adservs.com
127.0.0.1 www.csx.adservs.com
127.0.0.1 cts.180solutions.com
127.0.0.1 cuisinartoven.com
127.0.0.1 www.cuisinartoven.com
127.0.0.1 curedc.info
127.0.0.1 www.curedc.info
127.0.0.1 curepcsolutions.com
127.0.0.1 www.curepcsolutions.com
127.0.0.1 curvedspaces.com
127.0.0.1 cutadult.com
127.0.0.1 www.cutadult.com
127.0.0.1 cvirgilio.it
127.0.0.1 www.cvirgilio.it
127.0.0.1 cvorriere.it
127.0.0.1 www.cvorriere.it
127.0.0.1 cvs.jps.ru
127.0.0.1 cvsymphony.com
127.0.0.1 cxorriere.it
127.0.0.1 www.cxorriere.it
127.0.0.1 cyberrape.com
127.0.0.1 www.cyberrape.com
127.0.0.1 cydom.com
127.0.0.1 cydoor.com
127.0.0.1 www.cydoor.com
127.0.0.1 daily-gals.com
127.0.0.1 dailypornmag.com
127.0.0.1 www.dailypornmag.com
127.0.0.1 dailyteenspic.com
127.0.0.1 dailytoolbar.com
127.0.0.1 www.dailytoolbar.com
127.0.0.1 dancingbabycd.com
127.0.0.1 data-hoster.com
127.0.0.1 www.data-hoster.com
127.0.0.1 datanotary.com
127.0.0.1 datareco.com
127.0.0.1 dating-galaxy.info
127.0.0.1 www.dating-galaxy.info
127.0.0.1 dating-search.net
127.0.0.1 davemarshall.org
127.0.0.1 db105.com
127.0.0.1 dbdecicated.com
127.0.0.1 www.dbdecicated.com
127.0.0.1 dbxcompany.com
127.0.0.1 www.dbxcompany.com
127.0.0.1 dcdl.dmcast.com
127.0.0.1 dcfitusa.com
127.0.0.1 dcorriere.it
127.0.0.1 www.dcorriere.it
127.0.0.1 dcurtis.com
127.0.0.1 www.dcurtis.com
127.0.0.1 dcww.dmcast.com
127.0.0.1 de.ag
127.0.0.1 de.drivecleaner.com
127.0.0.1 de.errorsafe.com
127.0.0.1 de.winantivirus.com
127.0.0.1 de98.remsys.org
127.0.0.1 debay.it
127.0.0.1 www.debay.it
127.0.0.1 dedmazay.3322.org
127.0.0.1 dedsearch.com
127.0.0.1 www.dedsearch.com
127.0.0.1 defaultsearch.net
127.0.0.1 Defensaantimalware.com
127.0.0.1 www.Defensaantimalware.com
127.0.0.1 deja-rue.com
127.0.0.1 www.deja-rue.com
127.0.0.1 derklaif.biz
127.0.0.1 www.derklaif.biz
127.0.0.1 derrari.it
127.0.0.1 www.derrari.it
127.0.0.1 desarrollocreativo.com
127.0.0.1 deskbar.worldtostart.com
127.0.0.1 www.deskbar.worldtostart.com
127.0.0.1 deskwizz.com
127.0.0.1 www.deskwizz.com
127.0.0.1 dev.ntcor.com
127.0.0.1 develip.com
127.0.0.1 dewis.spb.ru
127.0.0.1 dewis.us
127.0.0.1 df809jow4wj2304lfd0sf9fsd0a2t4ldf809jow4wj2304lfd0sf9fsd0a2t4ld.biz
127.0.0.1 dgbusiness.com
127.0.0.1 www.dgbusiness.com
127.0.0.1 dialer2004.com
127.0.0.1 dialerclub.com
127.0.0.1 www.dialerclub.com
127.0.0.1 dialer-shop.com
127.0.0.1 www.dialer-shop.com
127.0.0.1 dialoff.com
127.0.0.1 www.dialoff.com
127.0.0.1 did.i-used.cc
127.0.0.1 www.did.i-used.cc
127.0.0.1 dietpills4free.com
127.0.0.1 dietpussy.com
127.0.0.1 digikeygen.com
127.0.0.1 www.digikeygen.com
127.0.0.1 digistreamsa.com
127.0.0.1 digitalcoders.net
127.0.0.1 www.digitalcoders.net
127.0.0.1 www.digitalfan.com
127.0.0.1 digital-pornography.com
127.0.0.1 dionforvalleycouncil.org
127.0.0.1 directdvdpro.com
127.0.0.1 www.directdvdpro.com
127.0.0.1 directporta.info
127.0.0.1 www.directporta.info
127.0.0.1 directsearchzone.com
127.0.0.1 www.directsearchzone.com
127.0.0.1 dist.checkin100.com
127.0.0.1 dl.ad-ware.cc
127.0.0.1 dl.malwarewipe.com
127.0.0.1 dl.targetsaver.com
127.0.0.1 www.dl.targetsaver.com
127.0.0.1 dl.web-nexus.net
127.0.0.1 dl1.antivermins.com
127.0.0.1 dl1.antivirgear.com
127.0.0.1 dl1.spydawn.com
127.0.0.1 dl1.virusprotectpro.com
127.0.0.1 dl10.spyfalcon.com
127.0.0.1 dl16.spyfalcon.com
127.0.0.1 dl2.spyfalcon.com
127.0.0.1 dl2.spyheal.com
127.0.0.1 dl2.spywarestrike.com
127.0.0.1 dl3.spyfalcon.com
127.0.0.1 dl3.spyheal.com
127.0.0.1 dl3.spywarestrike.com
127.0.0.1 dl4.spyfalcon.com
127.0.0.1 dl4.spywarestrike.com
127.0.0.1 dl5.spyfalcon.com
127.0.0.1 dl5.spywarestrike.com
127.0.0.1 dl6.spywarestrike.com
127.0.0.1 dl7.spywarestrike.com
127.0.0.1 dl8.spyheal.com
127.0.0.1 dl8.spywarestrike.com
127.0.0.1 dl9.spyfalcon.com
127.0.0.1 dmcast.com
127.0.0.1 www.dmcast.com
127.0.0.1 dnaads.com
127.0.0.1 www.dnaads.com
127.0.0.1 dnl.mabou.org
127.0.0.1 dns-look-up.com
127.0.0.1 www.dns-look-up.com
127.0.0.1 doctorwaldron.com
127.0.0.1 document-not-found.pornpic.org
127.0.0.1 doggyaction.com
127.0.0.1 dogproblemswebsite.com
127.0.0.1 www.dogproblemswebsite.com
127.0.0.1 doktorxxx.com
127.0.0.1 dollarrevenue.com
127.0.0.1 domaincar.com
127.0.0.1 www.domaincar.com
127.0.0.1 domains2003.net
127.0.0.1 domains-for-you-online.com
127.0.0.1 domain-your-registration.com
127.0.0.1 domkrat.com
127.0.0.1 dotcomtoolbar.com
127.0.0.1 www.dotcomtoolbar.com
127.0.0.1 down.136136.net
127.0.0.1 download.abetterinternet.com
127.0.0.1 download.antispywarebot.com
127.0.0.1 www.download.antispywarebot.com
127.0.0.1 download.bardownload.com
127.0.0.1 www.download.bardownload.com
127.0.0.1 download.bravesentry.com
127.0.0.1 www.download.bravesentry.com
127.0.0.1 download.cdn.drivecleaner.com
127.0.0.1 download.cdn.errorsafe.com
127.0.0.1 download.cdn.winsoftware.com
127.0.0.1 download.errorsafe.com
127.0.0.1 download.jupitersatellites.biz
127.0.0.1 www.download.jupitersatellites.biz
127.0.0.1 download.searchtabs.net
127.0.0.1 download.secureyournet.biz
127.0.0.1 www.download.secureyournet.biz
127.0.0.1 download.spyonthis.net
127.0.0.1 download.spy-shredder.com
127.0.0.1 download.systemdoctor.com
127.0.0.1 download.winantispyware.com
127.0.0.1 download.winantivirus.com
127.0.0.1 download.windrivecleaner.com
127.0.0.1 download.winfixer.com
127.0.0.1 download10.spywarequake.com
127.0.0.1 download11.spywarequake.com
127.0.0.1 download12.spywarequake.com
127.0.0.1 download13.spywarequake.com
127.0.0.1 download15.spywarequake.com
127.0.0.1 download2.spywarequake.com
127.0.0.1 download-2007.com
127.0.0.1 www.download-2007.com
127.0.0.1 download3.spyaxe.com
127.0.0.1 download3.spywarequake.com
127.0.0.1 download4.spyaxe.com
127.0.0.1 download4.spywarequake.com
127.0.0.1 download5.spyaxe.com
127.0.0.1 download5.spywarequake.com
127.0.0.1 download6.spyaxe.com
127.0.0.1 download7.spywarequake.com
127.0.0.1 download8.spywarequake.com
127.0.0.1 download9.spywarequake.com
127.0.0.1 download-ad-aware.com
127.0.0.1 www.download-ad-aware.com
127.0.0.1 download-all-4-free.com
127.0.0.1 www.download-all-4-free.com
127.0.0.1 download-all-area.com
127.0.0.1 www.download-all-area.com
127.0.0.1 download-antivir.com
127.0.0.1 www.download-antivir.com
127.0.0.1 downloadanysong.com
127.0.0.1 www.downloadanysong.com
127.0.0.1 download-avast.com
127.0.0.1 www.download-avast.com
127.0.0.1 downloadcorporation.com
127.0.0.1 www.downloadcorporation.com
127.0.0.1 download-dvdshrink.com
127.0.0.1 www.download-dvdshrink.com
127.0.0.1 download-for-free.net
127.0.0.1 www.download-for-free.net
127.0.0.1 downloadfreesoft.com
127.0.0.1 www.downloadfreesoft.com
127.0.0.1 downloadfreeway.com
127.0.0.1 www.downloadfreeway.com
127.0.0.1 downloadimesh.com
127.0.0.1 www.downloadimesh.com
127.0.0.1 download-itunes-now.com
127.0.0.1 www.download-itunes-now.com
127.0.0.1 download-limewire.org
127.0.0.1 www.download-limewire.org
127.0.0.1 downloadlost.tv
127.0.0.1 www.downloadlost.tv
127.0.0.1 downloadmax.net
127.0.0.1 www.downloadmax.net
127.0.0.1 download-mcafee.com
127.0.0.1 www.download-mcafee.com
127.0.0.1 download-me.info
127.0.0.1 downloadmediaax.com
127.0.0.1 www.downloadmediaax.com
127.0.0.1 downloadpics.net
127.0.0.1 www.downloadpics.net
127.0.0.1 download-real-player.com
127.0.0.1 www.download-real-player.com
127.0.0.1 downloads.180solutions.com
127.0.0.1 downloads.adaware.cc
127.0.0.1 downloadservicearea.com
127.0.0.1 www.downloadservicearea.com
127.0.0.1 downloads-free.org
127.0.0.1 www.downloads-free.org
127.0.0.1 downloadsglobe.com
127.0.0.1 www.downloadsglobe.com
127.0.0.1 download-this.us
127.0.0.1 www.download-this.us
127.0.0.1 download-trillian.com
127.0.0.1 www.download-trillian.com
127.0.0.1 downloadv3.com
127.0.0.1 www.downloadv3.com
127.0.0.1 downloadvax.com
127.0.0.1 www.downloadvax.com
127.0.0.1 download-windvd.com
127.0.0.1 www.download-windvd.com
127.0.0.1 download-winrar.com
127.0.0.1 www.download-winrar.com
127.0.0.1 downloadwizard.com
127.0.0.1 downloadzcenter.com
127.0.0.1 downloadzcentral.com
127.0.0.1 downloadzfree.com
127.0.0.1 www.downloadzfree.com
127.0.0.1 downloadznow.net
127.0.0.1 download-zone-free.com
127.0.0.1 www.download-zone-free.com
127.0.0.1 download-zone-free.net
127.0.0.1 www.download-zone-free.net
127.0.0.1 dp-host.com
127.0.0.1 dr.mcboo.com
127.0.0.1 dr.webhancer.com
127.0.0.1 www.dr.webhancer.com
127.0.0.1 dr2.webhancer.com
127.0.0.1 www.dr2.webhancer.com
127.0.0.1 dr38.mcboo.com
127.0.0.1 dr47.mcboo.com
127.0.0.1 dragqueen.gay-clan.com
127.0.0.1 drepubblica.it
127.0.0.1 www.drepubblica.it
127.0.0.1 drivecleaner.com
127.0.0.1 www.drivecleaner.com
127.0.0.1 drivecleanr.com
127.0.0.1 www.drivecleanr.com
127.0.0.1 drocherway.com
127.0.0.1 dropspam.com
127.0.0.1 www.dropspam.com
127.0.0.1 drug-sources-exposed.com
127.0.0.1 drvvv.com
127.0.0.1 dsupereva.it
127.0.0.1 www.dsupereva.it
127.0.0.1 dtlproduct.com
127.0.0.1 www.dtlproduct.com
127.0.0.1 dudu.com
127.0.0.1 www.dudu.com
127.0.0.1 dulcineasystems.net
127.0.0.1 dumpserv.com
127.0.0.1 duolaimi.net
127.0.0.1 dutch-sex.com
127.0.0.1 dvdaccess.net
127.0.0.1 www.dvdaccess.net
127.0.0.1 dvdbank.org
127.0.0.1 dvdcodec.net
127.0.0.1 www.dvdcodec.net
127.0.0.1 dvdsmovies.net
127.0.0.1 www.dvdsmovies.net
127.0.0.1 dvdsvideos.net
127.0.0.1 www.dvdsvideos.net
127.0.0.1 dvdtocdsite.com
127.0.0.1 www.dvdtocdsite.com
127.0.0.1 dynamique.drivecleaner.com
127.0.0.1 e3bay.it
127.0.0.1 www.e3bay.it
127.0.0.1 e4bay.it
127.0.0.1 www.e4bay.it
127.0.0.1 eager-sex.com
127.0.0.1 earthllnk.net
127.0.0.1 www.earthllnk.net
127.0.0.1 eases.net
127.0.0.1 easyantispy.com
127.0.0.1 easybestdeals.com
127.0.0.1 www.easybestdeals.com
127.0.0.1 easycategories.com
127.0.0.1 easymp3musicnow.com
127.0.0.1 www.easymp3musicnow.com
127.0.0.1 easy-pharmacy.info
127.0.0.1 www.easy-pharmacy.info
127.0.0.1 easy-search.net
127.0.0.1 easysearch4you.com
127.0.0.1 www.easysearch4you.com
127.0.0.1 easysearchingtips.com
127.0.0.1 easyspyware.com
127.0.0.1 www.easyspyware.com
127.0.0.1 easywww.info
127.0.0.1 www.easywww.info
127.0.0.1 eba6y.it
127.0.0.1 www.eba6y.it
127.0.0.1 eba7y.it
127.0.0.1 www.eba7y.it
127.0.0.1 ebaay.it
127.0.0.1 www.ebaay.it
127.0.0.1 ebagy.it
127.0.0.1 www.ebagy.it
127.0.0.1 ebahy.it
127.0.0.1 www.ebahy.it
127.0.0.1 ebajy.it
127.0.0.1 www.ebajy.it
127.0.0.1 ebaqy.it
127.0.0.1 www.ebaqy.it
127.0.0.1 ebasy.it
127.0.0.1 www.ebasy.it
127.0.0.1 ebaty.it
127.0.0.1 www.ebaty.it
127.0.0.1 ebauy.it
127.0.0.1 www.ebauy.it
127.0.0.1 ebav.com
127.0.0.1 ebaw.com
127.0.0.1 ebawy.it
127.0.0.1 www.ebawy.it
127.0.0.1 ebaxy.it
127.0.0.1 www.ebaxy.it
127.0.0.1 ebay6.it
127.0.0.1 www.ebay6.it
127.0.0.1 ebay7.it
127.0.0.1 www.ebay7.it
127.0.0.1 ebayg.it
127.0.0.1 www.ebayg.it
127.0.0.1 ebayh.it
127.0.0.1 www.ebayh.it
127.0.0.1 ebayj.it
127.0.0.1 www.ebayj.it
127.0.0.1 ebayt.it
127.0.0.1 www.ebayt.it
127.0.0.1 ebayu.it
127.0.0.1 www.ebayu.it
127.0.0.1 ebazy.it
127.0.0.1 www.ebazy.it
127.0.0.1 ebch.com
127.0.0.1 ebdv.com
127.0.0.1 ebdw.com
127.0.0.1 ebestfind.org
127.0.0.1 www.ebestfind.org
127.0.0.1 ebgay.it
127.0.0.1 www.ebgay.it
127.0.0.1 ebgo.com
127.0.0.1 ebhay.it
127.0.0.1 www.ebhay.it
127.0.0.1 ebjp.com
127.0.0.1 ebkb.com
127.0.0.1 ebkn.com
127.0.0.1 ebky.com
127.0.0.1 eblv.com
127.0.0.1 ebmu.com
127.0.0.1 ebnay.it
127.0.0.1 www.ebnay.it
127.0.0.1 ebony-pornmag.com
127.0.0.1 www.ebony-pornmag.com
127.0.0.1 ebonypornmag.com
127.0.0.1 www.ebonypornmag.com
127.0.0.1 ebqay.it
127.0.0.1 www.ebqay.it
127.0.0.1 ebsay.it
127.0.0.1 www.ebsay.it
127.0.0.1 ebsy.it
127.0.0.1 www.ebsy.it
127.0.0.1 ebvay.it
127.0.0.1 www.ebvay.it
127.0.0.1 ebvr.com
127.0.0.1 ebway.it
127.0.0.1 www.ebway.it
127.0.0.1 ebxay.it
127.0.0.1 www.ebxay.it
127.0.0.1 ebzay.it
127.0.0.1 www.ebzay.it
127.0.0.1 ecmh.com
127.0.0.1 ecmp.com
127.0.0.1 ecosrioplatenses.org
127.0.0.1 ecpm.com
127.0.0.1 ecstasyporn.net
127.0.0.1 ecwz.com
127.0.0.1 ecyb.com
127.0.0.1 edbay.it
127.0.0.1 www.edbay.it
127.0.0.1 edhq.com
127.0.0.1 edietprogram.com
127.0.0.1 www.edietprogram.com
127.0.0.1 edty.com
127.0.0.1 eduy.com
127.0.0.1 eebay.it
127.0.0.1 www.eebay.it
127.0.0.1 eeev.com
127.0.0.1 eepubblica.it
127.0.0.1 www.eepubblica.it
127.0.0.1 efbay.it
127.0.0.1 www.efbay.it
127.0.0.1 egbay.it
127.0.0.1 www.egbay.it
127.0.0.1 ehbay.it
127.0.0.1 www.ehbay.it
127.0.0.1 eikokoike.com
127.0.0.1 elitecodec.com
127.0.0.1 www.elitecodec.com
127.0.0.1 elitemediagroup.net
127.0.0.1 www.elitemediagroup.net
127.0.0.1 e-localad.com
127.0.0.1 emailicon.org
127.0.0.1 www.emailicon.org
127.0.0.1 emch.com
127.0.0.1 emcodec.com
127.0.0.1 www.emcodec.com
127.0.0.1 emediacodec.com
127.0.0.1 www.emediacodec.com
127.0.0.1 emule.mp3-muzic.com
127.0.0.1 www.emule.mp3-muzic.com
127.0.0.1 emuledownloadhome.com
127.0.0.1 www.emuledownloadhome.com
127.0.0.1 emule-freebie.com
127.0.0.1 www.emule-freebie.com
127.0.0.1 enay.it
127.0.0.1 www.enay.it
127.0.0.1 enbay.it
127.0.0.1 www.enbay.it
127.0.0.1 energy-factor.com
127.0.0.1 www.energy-factor.com
127.0.0.1 engineplay.com
127.0.0.1 www.engineplay.com
127.0.0.1 engine-ticket.com
127.0.0.1 www.engine-ticket.com
127.0.0.1 enhance.com
127.0.0.1 www.enhance.com
127.0.0.1 enhancevideos.com
127.0.0.1 www.enhancevideos.com
127.0.0.1 enitinvest.net
127.0.0.1 enjoywebsurf.com
127.0.0.1 entertainsite.net
127.0.0.1 www.entertainsite.net
127.0.0.1 enterthesearch.com
127.0.0.1 www.enterthesearch.com
127.0.0.1 e-plus.cc
127.0.0.1 epornsex.com
127.0.0.1 eprotectionline.com
127.0.0.1 www.eprotectionline.com
127.0.0.1 eprotectpage.com
127.0.0.1 www.eprotectpage.com
127.0.0.1 erbay.it
127.0.0.1 www.erbay.it
127.0.0.1 erepubblica.it
127.0.0.1 www.erepubblica.it
127.0.0.1 ergosites.com
127.0.0.1 erossoalice.it
127.0.0.1 www.erossoalice.it
127.0.0.1 errari.it
127.0.0.1 www.errari.it
127.0.0.1 error404site.com
127.0.0.1 www.error404site.com
127.0.0.1 error404site.net
127.0.0.1 www.error404site.net
127.0.0.1 errorkiller.com
127.0.0.1 www.errorkiller.com
127.0.0.1 errorprotector.com
127.0.0.1 www.errorprotector.com
127.0.0.1 errorsafe.com
127.0.0.1 www.errorsafe.com
127.0.0.1 errorsdns.com
127.0.0.1 www.errorsdns.com
127.0.0.1 ert0003.e76.163ns.com
127.0.0.1 ertikadeswiokinganfujas.com
127.0.0.1 www.ertikadeswiokinganfujas.com
127.0.0.1 es.winantivirus.com
127.0.0.1 es0-www.5zgmu7o20kt5d8yq.com
127.0.0.1 es1-www.5zgmu7o20kt5d8yq.com
127.0.0.1 es2-www.5zgmu7o20kt5d8yq.com
127.0.0.1 es3-www.5zgmu7o20kt5d8yq.com
127.0.0.1 es4-www.5zgmu7o20kt5d8yq.com
127.0.0.1 es5-www.5zgmu7o20kt5d8yq.com
127.0.0.1 es6-www.5zgmu7o20kt5d8yq.com
127.0.0.1 es7-www.5zgmu7o20kt5d8yq.com
127.0.0.1 es8-www.5zgmu7o20kt5d8yq.com
127.0.0.1 es9-www.5zgmu7o20kt5d8yq.com
127.0.0.1 esafetylist.com
127.0.0.1 www.esafetylist.com
127.0.0.1 esafetypage.com
127.0.0.1 www.esafetypage.com
127.0.0.1 esbay.it
127.0.0.1 www.esbay.it
127.0.0.1 esearch2005.com
127.0.0.1 www.esearch2005.com
127.0.0.1 esecuritynote.com
127.0.0.1 www.esecuritynote.com
127.0.0.1 esecuritypage.com
127.0.0.1 www.esecuritypage.com
127.0.0.1 esupereva.it
127.0.0.1 www.esupereva.it
127.0.0.1 etomi.all-downloads-now.com
127.0.0.1 www.etomi.all-downloads-now.com
127.0.0.1 eupdatepage.com
127.0.0.1 www.eupdatepage.com
127.0.0.1 euuu.com
127.0.0.1 evbay.it
127.0.0.1 www.evbay.it
127.0.0.1 evidence-detector.biz
127.0.0.1 evilspidercomics.com
127.0.0.1 evko.biz
127.0.0.1 www.evko.biz
127.0.0.1 ewbay.it
127.0.0.1 www.ewbay.it
127.0.0.1 ewebsearch.net
127.0.0.1 e-websitesolutions.com
127.0.0.1 ewizard.cc
127.0.0.1 exaccess.ru
127.0.0.1 www.exaccess.ru
127.0.0.1 excellentsckin.com
127.0.0.1 exeupdate.com
127.0.0.1 www.exeupdate.com
127.0.0.1 exflow.org
127.0.0.1 www.exflow.org
127.0.0.1 exit.megago.com
127.0.0.1 expandvideo.com
127.0.0.1 www.expandvideo.com
127.0.0.1 exportplay.com
127.0.0.1 www.exportplay.com
127.0.0.1 extremepaidsurveys.com
127.0.0.1 www.extremepaidsurveys.com
127.0.0.1 extremeseek.net
127.0.0.1 eza1netsearch.com
127.0.0.1 www.eza1netsearch.com
127.0.0.1 ezcybersearch.com
127.0.0.1 www.ezcybersearch.com
127.0.0.1 ez-searching.com
127.0.0.1 ezwebsearching.com
127.0.0.1 www.ezwebsearching.com
127.0.0.1 f1.bestmanage.org
127.0.0.1 f1.truth-is-out-there.org
127.0.0.1 f1organizer.com
127.0.0.1 www.f1organizer.com
127.0.0.1 f2.bestmanage.org
127.0.0.1 f2.truth-is-out-there.org
127.0.0.1 f3.bestmanage.org
127.0.0.1 f3.truth-is-out-there.org
127.0.0.1 f4.bestmanage.org
127.0.0.1 f4.truth-is-out-there.org
127.0.0.1 f5.bestmanage.org
127.0.0.1 f5.truth-is-out-there.org
127.0.0.1 f6.bestmanage.org
127.0.0.1 f7.bestmanage.org
127.0.0.1 f7.truth-is-out-there.org
127.0.0.1 f8.bestmanage.org
127.0.0.1 f8.truth-is-out-there.org
127.0.0.1 f9.bestmanage.org
127.0.0.1 f9.truth-is-out-there.org
127.0.0.1 fairsearcher.com
127.0.0.1 www.fairsearcher.com
127.0.0.1 faithstevens.com
127.0.0.1 fantasiewelten.com
127.0.0.1 farmacept32.phpnet.us
127.0.0.1 farmsteadbandb.com
127.0.0.1 farse.com
127.0.0.1 fartpost.com
127.0.0.1 fastfreedownload.com
127.0.0.1 fastmetasearch.com
127.0.0.1 www.fastmetasearch.com
127.0.0.1 fastssearch.com
127.0.0.1 www.fastssearch.com
127.0.0.1 fastwebfinder.com
127.0.0.1 faxporn.com
127.0.0.1 fazzetta.it
127.0.0.1 www.fazzetta.it
127.0.0.1 fcorriere.it
127.0.0.1 www.fcorriere.it
127.0.0.1 featured-results.com
127.0.0.1 febay.it
127.0.0.1 www.febay.it
127.0.0.1 feed.dedsearch.com
127.0.0.1 feeds.2search.com
127.0.0.1 www.feeds.2search.com
127.0.0.1 feeds2.2search.org
127.0.0.1 www.feeds2.2search.org
127.0.0.1 ferraeri.it
127.0.0.1 www.ferraeri.it
127.0.0.1 ferrai.it
127.0.0.1 www.ferrai.it
127.0.0.1 ferrarei.it
127.0.0.1 www.ferrarei.it
127.0.0.1 ferrarti.it
127.0.0.1 www.ferrarti.it
127.0.0.1 ferrasri.it
127.0.0.1 www.ferrasri.it
127.0.0.1 ferratri.it
127.0.0.1 www.ferratri.it
127.0.0.1 ferreari.it
127.0.0.1 www.ferreari.it
127.0.0.1 ferrri.it
127.0.0.1 www.ferrri.it
127.0.0.1 ferrsari.it
127.0.0.1 www.ferrsari.it
127.0.0.1 ferrtari.it
127.0.0.1 www.ferrtari.it
127.0.0.1 fetrrari.it
127.0.0.1 www.fetrrari.it
127.0.0.1 fgazzetta.it
127.0.0.1 www.fgazzetta.it
127.0.0.1 fgoogle.it
127.0.0.1 www.fgoogle.it
127.0.0.1 fhg.panet.org
127.0.0.1 fhgate.com
127.0.0.1 www.fhgate.com
127.0.0.1 fickenisgeil.de
127.0.0.1 file.unionsms.net
127.0.0.1 filestore.com
127.0.0.1 www.filestore.com
127.0.0.1 filetretporn.com
127.0.0.1 www.filetretporn.com
127.0.0.1 Filtrodetrojan.com
127.0.0.1 www.Filtrodetrojan.com
127.0.0.1 finalfantasyactionfigures.com
127.0.0.1 www.finalfantasyactionfigures.com
127.0.0.1 finance-loans.com
127.0.0.1 find4u.net
127.0.0.1 find-52.com
127.0.0.1 www.find-52.com
127.0.0.1 findanyshow.org
127.0.0.1 www.findanyshow.org
127.0.0.1 find-find-777.net
127.0.0.1 www.find-find-777.net
127.0.0.1 find-itnow.com
127.0.0.1 findit-now.com
127.0.0.1 findloss.com
127.0.0.1 findthesite.com
127.0.0.1 findthewebsiteyouneed.com
127.0.0.1 www.findthewebsiteyouneed.com
127.0.0.1 find-uk-health.co.uk
127.0.0.1 findwapsite.org
127.0.0.1 www.findwapsite.org
127.0.0.1 findwhatevernow.com
127.0.0.1 www.findwhatevernow.com
127.0.0.1 fined.biz
127.0.0.1 fine-search.net
127.0.0.1 fionasteel.com
127.0.0.1 firefoxdownload-now.com
127.0.0.1 www.firefoxdownload-now.com
127.0.0.1 firehunt.com
127.0.0.1 www.firehunt.com
127.0.0.1 firgilio.it
127.0.0.1 www.firgilio.it
127.0.0.1 firstbookmark.net
127.0.0.1 firstgoodsearch.com
127.0.0.1 www.firstgoodsearch.com
127.0.0.1 fitness-free.com
127.0.0.1 fixerantispy.com
127.0.0.1 www.fixerantispy.com
127.0.0.1 fjsynebcod.com
127.0.0.1 www.fjsynebcod.com
127.0.0.1 flashdollars.com
127.0.0.1 www.flashdollars.com
127.0.0.1 flashflashmx.3322.org
127.0.0.1 floorsovertexas.com
127.0.0.1 www.floorsovertexas.com
127.0.0.1 floproject.com
127.0.0.1 www.floproject.com
127.0.0.1 flrxtools.greatnuke.com
127.0.0.1 flrx-tools.net
127.0.0.1 www.flrx-tools.net
127.0.0.1 fn777.greatbahamas.com
127.0.0.1 www.fn777.greatbahamas.com
127.0.0.1 foodvacations.net
127.0.0.1 forex.jps.ru
127.0.0.1 forexcredit.com
127.0.0.1 forexcredit.ru
127.0.0.1 formingfusions.com
127.0.0.1 forsythfire.net
127.0.0.1 forthline.com
127.0.0.1 foxmin.com
127.0.0.1 www.foxmin.com
127.0.0.1 fp.gad-network.com
127.0.0.1 fr.drivecleaner.com
127.0.0.1 www.fr.drivecleaner.com
127.0.0.1 fr.winantivirus.com
127.0.0.1 fr.winfixer.com
127.0.0.1 frame.crazywinnings.com
127.0.0.1 free4porno.net
127.0.0.1 free64all.com
127.0.0.1 free-adobe-download-support.com
127.0.0.1 www.free-adobe-download-support.com
127.0.0.1 free-avg.org
127.0.0.1 www.free-avg.org
127.0.0.1 free-avg-download.com
127.0.0.1 www.free-avg-download.com
127.0.0.1 free-bearshares.com
127.0.0.1 www.free-bearshares.com
127.0.0.1 freebookmark.net
127.0.0.1 freebookmarks.net
127.0.0.1 freecat.biz
127.0.0.1 www.freecat.biz
127.0.0.1 freecategories.com
127.0.0.1 free-chipes.com
127.0.0.1 freecj.com
127.0.0.1 freecoolhost.com
127.0.0.1 freedownloadhq.com
127.0.0.1 www.freedownloadhq.co
"...
Recherche DNS
C:\Documents an Settings\HP_Propriétaire\Bureau\SmitfraudFix\FixDNS.vbs
Erreur d'exécution Microsoft VBScript (214, 3) : Objet requis : ' '
..."
et voila le rapport :
SmitFraudFix v2.248
Rapport fait à 14:35:02.54, 05/11/2007
Executé à partir de C:\Documents and Settings\HP_Propri‚taire\Bureau\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Le type du système de fichiers est NTFS
Fix executé en mode normal
»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Avant SmitFraudFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll
»»»»»»»»»»»»»»»»»»»»»»»» Arret des processus
»»»»»»»»»»»»»»»»»»»»»»»» hosts
127.0.0.1 localhost
127.0.0.1 serial.alcohol-soft.com
127.0.0.1 www.alcohol-soft.com
127.0.0.1 007guard.com
127.0.0.1 www.007guard.com
127.0.0.1 008i.com
127.0.0.1 008k.com
127.0.0.1 www.008k.com
127.0.0.1 00hq.com
127.0.0.1 www.00hq.com
127.0.0.1 010402.com
127.0.0.1 032439.com
127.0.0.1 www.032439.com
127.0.0.1 1001-search.info
127.0.0.1 www.1001-search.info
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 100sexlinks.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
127.0.0.1 123topsearch.com
127.0.0.1 www.123topsearch.com
127.0.0.1 132.com
127.0.0.1 www.132.com
127.0.0.1 136136.net
127.0.0.1 www.136136.net
127.0.0.1 139mm.com
127.0.0.1 www.139mm.com
127.0.0.1 163ns.com
127.0.0.1 www.163ns.com
127.0.0.1 171203.com
127.0.0.1 17-plus.com
127.0.0.1 1800searchonline.com
127.0.0.1 www.1800searchonline.com
127.0.0.1 180searchassistant.com
127.0.0.1 www.180searchassistant.com
127.0.0.1 180solutions.com
127.0.0.1 www.180solutions.com
127.0.0.1 181.365soft.info
127.0.0.1 www.181.365soft.info
127.0.0.1 1987324.com
127.0.0.1 www.1987324.com
127.0.0.1 1-domains-registrations.com
127.0.0.1 www.1-domains-registrations.com
127.0.0.1 1-extreme.biz
127.0.0.1 www.1-extreme.biz
127.0.0.1 1sexparty.com
127.0.0.1 www.1sexparty.com
127.0.0.1 1stantivirus.com
127.0.0.1 www.1stantivirus.com
127.0.0.1 1stpagehere.com
127.0.0.1 www.1stpagehere.com
127.0.0.1 1stsearchportal.com
127.0.0.1 www.1stsearchportal.com
127.0.0.1 2.82211.net
127.0.0.1 www.2006ooo.com
127.0.0.1 2007-download.com
127.0.0.1 www.2007-download.com
127.0.0.1 2020search.com
127.0.0.1 www.2020search.com
127.0.0.1 20x2p.com
127.0.0.1 24.365soft.info
127.0.0.1 www.24.365soft.info
127.0.0.1 24-7pharmacy.info
127.0.0.1 www.24-7pharmacy.info
127.0.0.1 24-7searching-and-more.com
127.0.0.1 www.24-7searching-and-more.com
127.0.0.1 24teen.com
127.0.0.1 www.24teen.com
127.0.0.1 2every.net
127.0.0.1 www.2every.net
127.0.0.1 2ndpower.com
127.0.0.1 2search.com
127.0.0.1 www.2search.com
127.0.0.1 2search.org
127.0.0.1 www.2search.org
127.0.0.1 2squared.com
127.0.0.1 www.2squared.com
127.0.0.1 3322.org
127.0.0.1 www.3322.org
127.0.0.1 365soft.info
127.0.0.1 36site.com
127.0.0.1 www.36site.com
127.0.0.1 3721.com
127.0.0.1 39-93.com
127.0.0.1 3abetterinternet.com
127.0.0.1 www.3abetterinternet.com
127.0.0.1 3bay.it
127.0.0.1 www.3bay.it
127.0.0.1 3ebay.it
127.0.0.1 www.3ebay.it
127.0.0.1 404dns.com
127.0.0.1 www.404dns.com
127.0.0.1 4199.com
127.0.0.1 www.4199.com
127.0.0.1 4corn.net
127.0.0.1 www.4corn.net
127.0.0.1 4ebay.it
127.0.0.1 www.4ebay.it
127.0.0.1 4klm.com
127.0.0.1 4repubblica.it
127.0.0.1 www.4repubblica.it
127.0.0.1 4softget.com
127.0.0.1 www.4softget.com
127.0.0.1 5iscali.it
127.0.0.1 www.5iscali.it
127.0.0.1 5repubblica.it
127.0.0.1 www.5repubblica.it
127.0.0.1 5starvideos.com
127.0.0.1 www.5starvideos.com
127.0.0.1 5tiscali.it
127.0.0.1 www.5tiscali.it
127.0.0.1 5zgmu7o20kt5d8yq.com
127.0.0.1 www.5zgmu7o20kt5d8yq.com
127.0.0.1 6iscali.it
127.0.0.1 www.6iscali.it
127.0.0.1 6sek.com
127.0.0.1 www.6sek.com
127.0.0.1 6tiscali.it
127.0.0.1 www.6tiscali.it
127.0.0.1 7322.com
127.0.0.1 www.7322.com
127.0.0.1 75tz.com
127.0.0.1 777search.com
127.0.0.1 www.777search.com
127.0.0.1 777top.com
127.0.0.1 www.777top.com
127.0.0.1 7939.com
127.0.0.1 www.7939.com
127.0.0.1 7search.com
127.0.0.1 www.7search.com
127.0.0.1 80gw6ry3i3x3qbrkwhxhw.032439.com
127.0.0.1 82211.net
127.0.0.1 8866.org
127.0.0.1 888.com
127.0.0.1 www.888.com
127.0.0.1 8ad.com
127.0.0.1 www.8ad.com
127.0.0.1 9505.com
127.0.0.1 www.9505.com
127.0.0.1 971searchbox.com
127.0.0.1 www.971searchbox.com
127.0.0.1 a.bestmanage.org
127.0.0.1 aaasexypics.com
127.0.0.1 aaawebfinder.com
127.0.0.1 www.aaawebfinder.com
127.0.0.1 aavc.com
127.0.0.1 abc-find.info
127.0.0.1 www.abc-find.info
127.0.0.1 abetterinternet.com
127.0.0.1 www.abetterinternet.com
127.0.0.1 abnetsoft.info
127.0.0.1 www.abnetsoft.info
127.0.0.1 aboutclicker.com
127.0.0.1 www.aboutclicker.com
127.0.0.1 abrp.net
127.0.0.1 www.abrp.net
127.0.0.1 absolutee.com
127.0.0.1 www.absolutee.com
127.0.0.1 abyssmedia.com
127.0.0.1 www.abyssmedia.com
127.0.0.1 ac66.cn
127.0.0.1 www.ac66.cn
127.0.0.1 access.Navinetwork.com
127.0.0.1 access.rapid-pass.net
127.0.0.1 accessactivexvideo.com
127.0.0.1 www.accessactivexvideo.com
127.0.0.1 accessclips.com
127.0.0.1 www.accessclips.com
127.0.0.1 access-dvd.com
127.0.0.1 www.access-dvd.com
127.0.0.1 accesskeygenerator.com
127.0.0.1 www.accesskeygenerator.com
127.0.0.1 accessorygeeks.com
127.0.0.1 www.accessorygeeks.com
127.0.0.1 accessthefuture.net
127.0.0.1 www.accessthefuture.net
127.0.0.1 accessvid.net
127.0.0.1 www.accessvid.net
127.0.0.1 acemedic.com
127.0.0.1 www.acemedic.com
127.0.0.1 ace-webmaster.com
127.0.0.1 www.ace-webmaster.com
127.0.0.1 acjp.com
127.0.0.1 acrobat-2007.com
127.0.0.1 www.acrobat-2007.com
127.0.0.1 acrobat-8.com
127.0.0.1 www.acrobat-8.com
127.0.0.1 acrobat-center.com
127.0.0.1 www.acrobat-center.com
127.0.0.1 acrobat-hq.com
127.0.0.1 www.acrobat-hq.com
127.0.0.1 acrobatreader-8.com
127.0.0.1 www.acrobatreader-8.com
127.0.0.1 acrobat-reader-8.de
127.0.0.1 www.acrobat-reader-8.de
127.0.0.1 acrobat-stop.com
127.0.0.1 www.acrobat-stop.com
127.0.0.1 actionbreastcancer.org
127.0.0.1 www.actionbreastcancer.org
127.0.0.1 activesearcher.info
127.0.0.1 www.activesearcher.info
127.0.0.1 activexaccessobject.com
127.0.0.1 www.activexaccessobject.com
127.0.0.1 activexaccessvideo.com
127.0.0.1 www.activexaccessvideo.com
127.0.0.1 activexemedia.com
127.0.0.1 www.activexemedia.com
127.0.0.1 activexmediaobject.com
127.0.0.1 www.activexmediaobject.com
127.0.0.1 activexmediapro.com
127.0.0.1 www.activexmediapro.com
127.0.0.1 activexmediasite.com
127.0.0.1 www.activexmediasite.com
127.0.0.1 activexmediasoftware.com
127.0.0.1 www.activexmediasoftware.com
127.0.0.1 activexmediasource.com
127.0.0.1 www.activexmediasource.com
127.0.0.1 activexmediatool.com
127.0.0.1 www.activexmediatool.com
127.0.0.1 activexmediatour.com
127.0.0.1 www.activexmediatour.com
127.0.0.1 activexsoftwares.com
127.0.0.1 www.activexsoftwares.com
127.0.0.1 activexsource.com
127.0.0.1 www.activexsource.com
127.0.0.1 activexupdate.com
127.0.0.1 www.activexupdate.com
127.0.0.1 activexvideo.com
127.0.0.1 www.activexvideo.com
127.0.0.1 activexvideotool.com
127.0.0.1 www.activexvideotool.com
127.0.0.1 ad.marketingsector.com
127.0.0.1 www.ad.marketingsector.com
127.0.0.1 ad.mokead.com
127.0.0.1 www.ad.mokead.com
127.0.0.1 ad.yieldmanager.com
127.0.0.1 www.ad.yieldmanager.com
127.0.0.1 ad25.com
127.0.0.1 ad45.com
127.0.0.1 ad77.com
127.0.0.1 ad86.com
127.0.0.1 adamsupportgroup.org
127.0.0.1 www.adamsupportgroup.org
127.0.0.1 adarmor.com
127.0.0.1 www.adarmor.com
127.0.0.1 adasearch.com
127.0.0.1 www.adasearch.com
127.0.0.1 adaware.cc
127.0.0.1 adawarenow.com
127.0.0.1 www.adawarenow.com
127.0.0.1 addictivetechnologies.com
127.0.0.1 www.addictivetechnologies.com
127.0.0.1 addictivetechnologies.net
127.0.0.1 www.addictivetechnologies.net
127.0.0.1 add-manager.com
127.0.0.1 www.add-manager.com
127.0.0.1 adgate.info
127.0.0.1 www.adgate.info
127.0.0.1 adipics.com
127.0.0.1 www.adipics.com
127.0.0.1 admin2cash.biz
127.0.0.1 www.admin2cash.biz
127.0.0.1 adnet-plus.com
127.0.0.1 adobe-download-now.com
127.0.0.1 adobe-downloads.com
127.0.0.1 www.adobe-downloads.com
127.0.0.1 adobe-reader-8.fr
127.0.0.1 www.adobe-reader-8.fr
127.0.0.1 adprotect.com
127.0.0.1 www.adprotect.com
127.0.0.1 ads.centralmedia.ws
127.0.0.1 ads.k8l.info
127.0.0.1 ads.kmpads.com
127.0.0.1 ads.marketingsector.com
127.0.0.1 ads.searchingbooth.com
127.0.0.1 ads.z-quest.com
127.0.0.1 ads183.com
127.0.0.1 www.ads183.com
127.0.0.1 adscontex.com
127.0.0.1 www.adscontex.com
127.0.0.1 adservices1.enhance.com
127.0.0.1 www.adservices1.enhance.com
127.0.0.1 adservs.com
127.0.0.1 adsextend.net
127.0.0.1 www.adsextend.net
127.0.0.1 adshttp.com
127.0.0.1 www.adshttp.com
127.0.0.1 adsonwww.com
127.0.0.1 www.adsonwww.com
127.0.0.1 adspics.com
127.0.0.1 www.adspics.com
127.0.0.1 adtrak.net
127.0.0.1 www.adtrak.net
127.0.0.1 adtrgt.com
127.0.0.1 adult777search.info
127.0.0.1 www.adult777search.info
127.0.0.1 adultan.com
127.0.0.1 www.adultan.com
127.0.0.1 adult-engine-search.com
127.0.0.1 www.adult-engine-search.com
127.0.0.1 adult-erotic-guide.net
127.0.0.1 www.adult-erotic-guide.net
127.0.0.1 adultfilmsite.com
127.0.0.1 www.adultfilmsite.com
127.0.0.1 adult-friends-finder.net
127.0.0.1 www.adult-friends-finder.net
127.0.0.1 adultgambling.org
127.0.0.1 adult-host.org
127.0.0.1 adulthyperlinks.com
127.0.0.1 www.adulthyperlinks.com
127.0.0.1 adultmovieplus.com
127.0.0.1 www.adultmovieplus.com
127.0.0.1 adult-personal.us
127.0.0.1 adultsgames.net
127.0.0.1 adultsper.com
127.0.0.1 www.adultsper.com
127.0.0.1 adulttds.com
127.0.0.1 www.adulttds.com
127.0.0.1 adultzoneworld.com
127.0.0.1 www.adultzoneworld.com
127.0.0.1 advcash.biz
127.0.0.1 www.advcash.biz
127.0.0.1 advert.exaccess.ru
127.0.0.1 advertisemoney.info
127.0.0.1 www.advertisemoney.info
127.0.0.1 advertising.paltalk.com
127.0.0.1 advertising-money.info
127.0.0.1 www.advertising-money.info
127.0.0.1 ad-ware.cc
127.0.0.1 ad-w-a-r-e.com
127.0.0.1 www.ad-w-a-r-e.com
127.0.0.1 a-d-w-a-r-e.com
127.0.0.1 www.a-d-w-a-r-e.com
127.0.0.1 adwarebazooka.com
127.0.0.1 www.adwarebazooka.com
127.0.0.1 adwarefinder.com
127.0.0.1 www.adwarefinder.com
127.0.0.1 adwareprotectionsite.com
127.0.0.1 www.adwareprotectionsite.com
127.0.0.1 adwarepunisher.com
127.0.0.1 www.adwarepunisher.com
127.0.0.1 aflgate.com
127.0.0.1 www.aflgate.com
127.0.0.1 africaspromise.org
127.0.0.1 agava.com
127.0.0.1 agava.ru
127.0.0.1 agentstudio.com
127.0.0.1 aginegialle.it
127.0.0.1 www.aginegialle.it
127.0.0.1 www.aifind.info
127.0.0.1 aifind.info
127.0.0.1 airtleworld.com
127.0.0.1 www.airtleworld.com
127.0.0.1 aitalia.it
127.0.0.1 www.aitalia.it
127.0.0.1 akamai.downloadv3.com
127.0.0.1 aklitalia.it
127.0.0.1 www.aklitalia.it
127.0.0.1 akril.com
127.0.0.1 alcatel.ws
127.0.0.1 alfacleaner.com
127.0.0.1 www.alfacleaner.com
127.0.0.1 alfa-search.com
127.0.0.1 alialia.it
127.0.0.1 www.alialia.it
127.0.0.1 aliotalia.it
127.0.0.1 www.aliotalia.it
127.0.0.1 alirtalia.it
127.0.0.1 www.alirtalia.it
127.0.0.1 alitaia.it
127.0.0.1 www.alitaia.it
127.0.0.1 alitaklia.it
127.0.0.1 www.alitaklia.it
127.0.0.1 alitala.it
127.0.0.1 www.alitala.it
127.0.0.1 alitali.it
127.0.0.1 www.alitali.it
127.0.0.1 alitaliaq.it
127.0.0.1 www.alitaliaq.it
127.0.0.1 alitalias.it
127.0.0.1 www.alitalias.it
127.0.0.1 alitaliaz.it
127.0.0.1 www.alitaliaz.it
127.0.0.1 alitalioa.it
127.0.0.1 www.alitalioa.it
127.0.0.1 alitalisa.it
127.0.0.1 www.alitalisa.it
127.0.0.1 alitaliua.it
127.0.0.1 www.alitaliua.it
127.0.0.1 alitalkia.it
127.0.0.1 www.alitalkia.it
127.0.0.1 alitaloia.it
127.0.0.1 www.alitaloia.it
127.0.0.1 alitaluia.it
127.0.0.1 www.alitaluia.it
127.0.0.1 alitaslia.it
127.0.0.1 www.alitaslia.it
127.0.0.1 alitlia.it
127.0.0.1 www.alitlia.it
127.0.0.1 alitralia.it
127.0.0.1 www.alitralia.it
127.0.0.1 alitsalia.it
127.0.0.1 www.alitsalia.it
127.0.0.1 aliutalia.it
127.0.0.1 www.aliutalia.it
127.0.0.1 ALL1COUNT.NET
127.0.0.1 www.ALL1COUNT.NET
127.0.0.1 all4internet.com
127.0.0.1 www.all4internet.com
127.0.0.1 allabtcars.com
127.0.0.1 allabtjeeps.com
127.0.0.1 all-bittorrent.com
127.0.0.1 www.all-bittorrent.com
127.0.0.1 www.allcybersearch.com
127.0.0.1 allcybersearch.com
127.0.0.1 alldnserrors.com
127.0.0.1 www.alldnserrors.com
127.0.0.1 all-downloads-now.com
127.0.0.1 www.all-downloads-now.com
127.0.0.1 all-edonkey.com
127.0.0.1 www.all-edonkey.com
127.0.0.1 allforadult.com
127.0.0.1 allhyperlinks.com
127.0.0.1 alliesecurity.com
127.0.0.1 www.alliesecurity.com
127.0.0.1 all-inet.com
127.0.0.1 allinternetbusiness.com
127.0.0.1 all-limewire.com
127.0.0.1 www.all-limewire.com
127.0.0.1 allmegabucks.com
127.0.0.1 www.allmegabucks.com
127.0.0.1 allprotections.com
127.0.0.1 www.allprotections.com
127.0.0.1 allresultz.net
127.0.0.1 www.allresultz.net
127.0.0.1 allsecuritynotes.com
127.0.0.1 www.allsecuritynotes.com
127.0.0.1 allsecuritysite.com
127.0.0.1 www.allsecuritysite.com
127.0.0.1 allstarsvideos.net
127.0.0.1 www.allstarsvideos.net
127.0.0.1 alltruesoftware.com
127.0.0.1 www.alltruesoftware.com
127.0.0.1 allvideoactivex.com
127.0.0.1 www.allvideoactivex.com
127.0.0.1 almanah.biz
127.0.0.1 www.almanah.biz
127.0.0.1 almarvideos.com
127.0.0.1 aloitalia.it
127.0.0.1 www.aloitalia.it
127.0.0.1 aluitalia.it
127.0.0.1 www.aluitalia.it
127.0.0.1 amaena.com
127.0.0.1 www.amaena.com
127.0.0.1 amandamountains.com
127.0.0.1 amateurliveshow.com
127.0.0.1 www.amateurliveshow.com
127.0.0.1 amediasoftware.com
127.0.0.1 www.amediasoftware.com
127.0.0.1 amediasource.com
127.0.0.1 www.amediasource.com
127.0.0.1 americancarbargains.com
127.0.0.1 www.americancarbargains.com
127.0.0.1 american-teens.net
127.0.0.1 amigeek.com
127.0.0.1 amisbusiness.com
127.0.0.1 ampmsearch.com
127.0.0.1 www.ampmsearch.com
127.0.0.1 analcord.com
127.0.0.1 www.analcord.com
127.0.0.1 analmovi.com
127.0.0.1 anarchylolita.com
127.0.0.1 www.anarchylolita.com
127.0.0.1 anarchyporn.com
127.0.0.1 andromedical.com
127.0.0.1 www.andromedical.com
127.0.0.1 animepornmag.com
127.0.0.1 www.animepornmag.com
127.0.0.1 anin.org
127.0.0.1 anjpn-avxiz.biz
127.0.0.1 www.anjpn-avxiz.biz
127.0.0.1 anjpnzqav.biz
127.0.0.1 www.anjpnzqav.biz
127.0.0.1 anjpn-zqav.biz
127.0.0.1 www.anjpn-zqav.biz
127.0.0.1 annaromeo.com
127.0.0.1 antiddos.us
127.0.0.1 www.antiddos.us
127.0.0.1 Antiespiadorado.com
127.0.0.1 www.Antiespiadorado.com
127.0.0.1 Antiespionspack.com
127.0.0.1 www.Antiespionspack.com
127.0.0.1 Antigusanos2008.com
127.0.0.1 www.Antigusanos2008.com
127.0.0.1 Antispionage.com
127.0.0.1 www.Antispionage.com
127.0.0.1 Antispionagepro.com
127.0.0.1 www.Antispionagepro.com
127.0.0.1 antispydns.biz
127.0.0.1 www.antispydns.biz
127.0.0.1 antispylab.com
127.0.0.1 www.antispylab.com
127.0.0.1 antispysolutions.com
127.0.0.1 www.antispysolutions.com
127.0.0.1 antispyware.com
127.0.0.1 www.antispyware.com
127.0.0.1 antispywarebot.com
127.0.0.1 www.antispywarebot.com
127.0.0.1 antispywarebox.com
127.0.0.1 www.antispywarebox.com
127.0.0.1 antispywaredownloads.com
127.0.0.1 www.antispywaredownloads.com
127.0.0.1 Antispywaresuite.com
127.0.0.1 www.Antispywaresuite.com
127.0.0.1 Antispyweb.net
127.0.0.1 www.Antispyweb.net
127.0.0.1 Antiver2008.com
127.0.0.1 www.Antiver2008.com
127.0.0.1 antivermins.com
127.0.0.1 www.antivermins.com
127.0.0.1 anti-vermins.com
127.0.0.1 www.anti-vermins.com
127.0.0.1 antivir2007.com
127.0.0.1 www.antivir2007.com
127.0.0.1 antivirgear.com
127.0.0.1 www.antivirgear.com
127.0.0.1 antivirus.fastfreedownload.com
127.0.0.1 www.antivirus.fastfreedownload.com
127.0.0.1 antivirusgolden.com
127.0.0.1 www.antivirusgolden.com
127.0.0.1 antivirus-hq.net
127.0.0.1 www.antivirus-hq.net
127.0.0.1 anti-virus-pro.com
127.0.0.1 www.anti-virus-pro.com
127.0.0.1 antivirusprotector.com
127.0.0.1 www.antivirusprotector.com
127.0.0.1 antivirussecuritypro.com
127.0.0.1 www.antivirussecuritypro.com
127.0.0.1 antivirus-stop.com
127.0.0.1 www.antivirus-stop.com
127.0.0.1 Antiworm2008.com
127.0.0.1 www.Antiworm2008.com
127.0.0.1 Antiwurm2008.com
127.0.0.1 www.Antiwurm2008.com
127.0.0.1 antrocity.com
127.0.0.1 anyofus.com
127.0.0.1 www.anyofus.com
127.0.0.1 anysn.seproger.com
127.0.0.1 www.anysn.seproger.com
127.0.0.1 anything4health.com
127.0.0.1 apicpreview.com
127.0.0.1 www.apicpreview.com
127.0.0.1 appealcircuit.com
127.0.0.1 www.appealcircuit.com
127.0.0.1 approvedlinks.com
127.0.0.1 www.approvedlinks.com
127.0.0.1 apps.deskwizz.com
127.0.0.1 apps.webservicehost.com
127.0.0.1 aprotectedpage.com
127.0.0.1 www.aprotectedpage.com
127.0.0.1 apsua.com
127.0.0.1 archiviosex.net
127.0.0.1 www.archiviosex.net
127.0.0.1 aregay.com
127.0.0.1 ares-freebie.com
127.0.0.1 www.ares-freebie.com
127.0.0.1 arespro2007.com
127.0.0.1 www.arespro2007.com
127.0.0.1 aresultra.com
127.0.0.1 www.aresultra.com
127.0.0.1 ares-usa.com
127.0.0.1 www.ares-usa.com
127.0.0.1 arheo.com
127.0.0.1 arizonaweb.org
127.0.0.1 armitageinn.com
127.0.0.1 arquivojpgs.smtp.ru
127.0.0.1 www.arquivojpgs.smtp.ru
127.0.0.1 artachnid.com
127.0.0.1 art-func.com
127.0.0.1 art-xxx.com
127.0.0.1 asafebrowser.com
127.0.0.1 www.asafebrowser.com
127.0.0.1 asafetynotice.com
127.0.0.1 www.asafetynotice.com
127.0.0.1 asafetypage.com
127.0.0.1 www.asafetypage.com
127.0.0.1 asdbiz.biz
127.0.0.1 www.asdbiz.biz
127.0.0.1 asdeykuddq.com
127.0.0.1 www.asdeykuddq.com
127.0.0.1 asecurebar.com
127.0.0.1 www.asecurebar.com
127.0.0.1 asecureboard.com
127.0.0.1 www.asecureboard.com
127.0.0.1 asecurevalue.com
127.0.0.1 www.asecurevalue.com
127.0.0.1 asecurityissue.com
127.0.0.1 www.asecurityissue.com
127.0.0.1 asecuritynotice.com
127.0.0.1 www.asecuritynotice.com
127.0.0.1 asecuritypaper.com
127.0.0.1 www.asecuritypaper.com
127.0.0.1 asecuritystuff.com
127.0.0.1 www.asecuritystuff.com
127.0.0.1 asiankingkong.com
127.0.0.1 asianpornmag.com
127.0.0.1 www.asianpornmag.com
127.0.0.1 asiantoolbar.com
127.0.0.1 www.asiantoolbar.com
127.0.0.1 asidseiupc.com
127.0.0.1 www.asidseiupc.com
127.0.0.1 aslitalia.it
127.0.0.1 www.aslitalia.it
127.0.0.1 ass-gals.com
127.0.0.1 assureprotection.com
127.0.0.1 www.assureprotection.com
127.0.0.1 asta-killer.com
127.0.0.1 asupereva.it
127.0.0.1 www.asupereva.it
127.0.0.1 athenrye.com
127.0.0.1 atotalsafety.com
127.0.0.1 www.atotalsafety.com
127.0.0.1 atrueprotection.com
127.0.0.1 www.atrueprotection.com
127.0.0.1 atruesecurity.com
127.0.0.1 www.atruesecurity.com
127.0.0.1 attackware.com
127.0.0.1 www.attackware.com
127.0.0.1 attrezzi.biz
127.0.0.1 www.attrezzi.biz
127.0.0.1 aulde.net
127.0.0.1 www.aulde.net
127.0.0.1 aupereva.it
127.0.0.1 www.aupereva.it
127.0.0.1 autocontext.begun.ru
127.0.0.1 www.autocontext.begun.ru
127.0.0.1 autoescrowpay.com
127.0.0.1 avast.free-software-center.com
127.0.0.1 www.avast.free-software-center.com
127.0.0.1 avast-2007.com
127.0.0.1 www.avast-2007.com
127.0.0.1 avast-downloads.com
127.0.0.1 www.avast-downloads.com
127.0.0.1 avast-hq.com
127.0.0.1 www.avast-hq.com
127.0.0.1 avforce.com
127.0.0.1 www.avforce.com
127.0.0.1 avg.grab-it-today.net
127.0.0.1 www.avg.grab-it-today.net
127.0.0.1 avg.softwarecenterz.com
127.0.0.1 www.avg.softwarecenterz.com
127.0.0.1 avg-secure.com
127.0.0.1 www.avg-secure.com
127.0.0.1 avian-ads.com
127.0.0.1 avideoaxaccess.com
127.0.0.1 www.avideoaxaccess.com
127.0.0.1 avideosurfer.com
127.0.0.1 www.avideosurfer.com
127.0.0.1 aviewersoft.com
127.0.0.1 www.aviewersoft.com
127.0.0.1 avpcheckupdate.com
127.0.0.1 www.avpcheckupdate.com
127.0.0.1 avxizaaqada.biz
127.0.0.1 www.avxizaaqada.biz
127.0.0.1 avxiz-anjpn.biz
127.0.0.1 www.avxiz-anjpn.biz
127.0.0.1 avxizueorn.biz
127.0.0.1 www.avxizueorn.biz
127.0.0.1 avxiz-ueorn.biz
127.0.0.1 www.avxiz-ueorn.biz
127.0.0.1 avxiz-vtvcp.biz
127.0.0.1 www.avxiz-vtvcp.biz
127.0.0.1 avxiz-ygco.biz
127.0.0.1 www.avxiz-ygco.biz
127.0.0.1 avxiz-zqav.biz
127.0.0.1 www.avxiz-zqav.biz
127.0.0.1 awarninglist.com
127.0.0.1 www.awarninglist.com
127.0.0.1 awbeta.net-nucleus.com
127.0.0.1 awesomehomepage.com
127.0.0.1 www.awesomehomepage.com
127.0.0.1 awmcash.biz
127.0.0.1 awmdabest.com
127.0.0.1 axemediasoftware.com
127.0.0.1 www.axemediasoftware.com
127.0.0.1 aximageobject.com
127.0.0.1 www.aximageobject.com
127.0.0.1 axmediaproject.com
127.0.0.1 www.axmediaproject.com
127.0.0.1 axmediasoftware.com
127.0.0.1 www.axmediasoftware.com
127.0.0.1 axmediasolutions.com
127.0.0.1 www.axmediasolutions.com
127.0.0.1 axobjectpage.com
127.0.0.1 www.axobjectpage.com
127.0.0.1 axobjectsource.com
127.0.0.1 www.axobjectsource.com
127.0.0.1 axsoftwaretool.com
127.0.0.1 www.axsoftwaretool.com
127.0.0.1 axvideoproject.com
127.0.0.1 www.axvideoproject.com
127.0.0.1 axvideosetup.com
127.0.0.1 www.axvideosetup.com
127.0.0.1 ayakawamura.com
127.0.0.1 ayb.dns-look-up.com
127.0.0.1 ayb.netbios-wait.com
127.0.0.1 ayumitaniguchi.com
127.0.0.1 azebar.com
127.0.0.1 azureusclub.com
127.0.0.1 www.azureusclub.com
127.0.0.1 azureus-freebie.com
127.0.0.1 www.azureus-freebie.com
127.0.0.1 azzetta.it
127.0.0.1 www.azzetta.it
127.0.0.1 b.casalemedia.com
127.0.0.1 babe.k-lined.com
127.0.0.1 www.babe.k-lined.com
127.0.0.1 babe.the-killer.bz
127.0.0.1 www.babe.the-killer.bz
127.0.0.1 babenet.com
127.0.0.1 www.babenet.com
127.0.0.1 babespornmag.com
127.0.0.1 www.babespornmag.com
127.0.0.1 babeweb.de
127.0.0.1 www.babeweb.de
127.0.0.1 baccarat-other.info
127.0.0.1 www.baccarat-other.info
127.0.0.1 Backstripgirls.com
127.0.0.1 www.Backstripgirls.com
127.0.0.1 backup.mabou.org
127.0.0.1 balotierra.com
127.0.0.1 www.balotierra.com
127.0.0.1 bannedhost.net
127.0.0.1 barbudafarms.com
127.0.0.1 bardownload.com
127.0.0.1 www.bardownload.com
127.0.0.1 barnandfence.com
127.0.0.1 batsearch.com
127.0.0.1 baygraphicsllc.com
127.0.0.1 bbbsearch.com
127.0.0.1 bb-search.com
127.0.0.1 bdsmlibrary.net
127.0.0.1 bdsmpornmag.com
127.0.0.1 www.bdsmpornmag.com
127.0.0.1 bearshare.download-me.info
127.0.0.1 www.bearshare.download-me.info
127.0.0.1 bearshare.mp3-muzic.com
127.0.0.1 www.bearshare.mp3-muzic.com
127.0.0.1 bearshare-download.org
127.0.0.1 www.bearshare-download.org
127.0.0.1 bearshare-downloads.net
127.0.0.1 www.bearshare-downloads.net
127.0.0.1 bearsharelive.co.uk
127.0.0.1 www.bearsharelive.co.uk
127.0.0.1 bearshare-music-downloads.com
127.0.0.1 www.bearshare-music-downloads.com
127.0.0.1 bearsharepro2007.com
127.0.0.1 www.bearsharepro2007.com
127.0.0.1 bearshare-usa.com
127.0.0.1 www.bearshare-usa.com
127.0.0.1 bedhome.com
127.0.0.1 bediadance.com
127.0.0.1 beebappyy.biz
127.0.0.1 www.beebappyy.biz
127.0.0.1 begin2search.com
127.0.0.1 www.begin2search.com
127.0.0.1 bellabasketsfl.com
127.0.0.1 bernaolatwin.com
127.0.0.1 best-counter.com
127.0.0.1 bestcrawler.com
127.0.0.1 bestfor.ru
127.0.0.1 best-hardpics.com
127.0.0.1 bestmanage.org
127.0.0.1 www.bestmanage.org
127.0.0.1 bestmanage0.org
127.0.0.1 www.bestmanage0.org
127.0.0.1 bestmanage1.org
127.0.0.1 www.bestmanage1.org
127.0.0.1 bestmanage2.org
127.0.0.1 www.bestmanage2.org
127.0.0.1 bestmanage3.org
127.0.0.1 www.bestmanage3.org
127.0.0.1 bestmanage4.org
127.0.0.1 www.bestmanage4.org
127.0.0.1 bestmanage5.org
127.0.0.1 www.bestmanage5.org
127.0.0.1 bestmanage6.org
127.0.0.1 www.bestmanage6.org
127.0.0.1 bestmanage7.org
127.0.0.1 www.bestmanage7.org
127.0.0.1 bestmanage8.org
127.0.0.1 www.bestmanage8.org
127.0.0.1 bestmanage9.org
127.0.0.1 www.bestmanage9.org
127.0.0.1 bestporngate.com
127.0.0.1 bestsafetyguide.net
127.0.0.1 www.bestsafetyguide.net
127.0.0.1 best-spyware.info
127.0.0.1 www.best-spyware.info
127.0.0.1 best-targeted-traffic.com
127.0.0.1 www.best-targeted-traffic.com
127.0.0.1 best-voyeur.info
127.0.0.1 www.best-voyeur.info
127.0.0.1 bestweblinks.com
127.0.0.1 best-winning-casino.com
127.0.0.1 bestworldgirls-for-u.net
127.0.0.1 www.bestworldgirls-for-u.net
127.0.0.1 bestxporno.com
127.0.0.1 bettersearch.biz
127.0.0.1 www.bettersearch.biz
127.0.0.1 bgazzetta.it
127.0.0.1 www.bgazzetta.it
127.0.0.1 bgoogle.it
127.0.0.1 www.bgoogle.it
127.0.0.1 bigtrafficnetwork.com
127.0.0.1 www.bigtrafficnetwork.com
127.0.0.1 bigwww.com
127.0.0.1 www.bigwww.com
127.0.0.1 bin.errorprotector.com
127.0.0.1 bins.media-motor.net
127.0.0.1 bins2.media-motor.net
127.0.0.1 bis.180solutions.com
127.0.0.1 bitchesonline.net
127.0.0.1 bitcomet-freebie.com
127.0.0.1 www.bitcomet-freebie.com
127.0.0.1 biz.biz
127.0.0.1 blackblues00.com
127.0.0.1 www.blackblues00.com
127.0.0.1 blackhats.tc
127.0.0.1 www.blackhats.tc
127.0.0.1 blackhawksoftware.com
127.0.0.1 www.blackhawksoftware.com
127.0.0.1 blackjack-free.net
127.0.0.1 blazefind.com
127.0.0.1 blender.xu.pl
127.0.0.1 blondetgp.com
127.0.0.1 blue-elefant.com
127.0.0.1 www.blue-elefant.com
127.0.0.1 bm.theaimonline.com
127.0.0.1 www.bm.theaimonline.com
127.0.0.1 bnmgate.com
127.0.0.1 www.bnmgate.com
127.0.0.1 bodaciousbabette.com
127.0.0.1 bonzi.com
127.0.0.1 www.bonzi.com
127.0.0.1 boobdoll.com
127.0.0.1 boobsandtits.com
127.0.0.1 boobsclub.com
127.0.0.1 bookedspace.com
127.0.0.1 www.bookedspace.com
127.0.0.1 boom.com.vn
127.0.0.1 www.boom.com.vn
127.0.0.1 boredlife.com
127.0.0.1 bowlofogumbo.com
127.0.0.1 bpfq02.com
127.0.0.1 www.bpfq02.com
127.0.0.1 bqgate.com
127.0.0.1 www.bqgate.com
127.0.0.1 br.errorsafe.com
127.0.0.1 br.winantivirus.com
127.0.0.1 br.winfixer.com
127.0.0.1 bradcoem.org
127.0.0.1 braincodec.com
127.0.0.1 www.braincodec.com
127.0.0.1 brandiyoung.com
127.0.0.1 bravesentry.com
127.0.0.1 www.bravesentry.com
127.0.0.1 breenten.biz
127.0.0.1 www.breenten.biz
127.0.0.1 brodbfm.net
127.0.0.1 www.brodbfm.net
127.0.0.1 brookeburn.com
127.0.0.1 browserwise.com
127.0.0.1 www.browserwise.com
127.0.0.1 bucps.com
127.0.0.1 buhartes.info
127.0.0.1 buldog-stats.com
127.0.0.1 bullseye-network.com
127.0.0.1 www.bullseye-network.com
127.0.0.1 burgerkingbigscreen.com
127.0.0.1 burnsrecyclinginc.com
127.0.0.1 www.burnsrecyclinginc.com
127.0.0.1 buscards.net
127.0.0.1 bustyrussell.com
127.0.0.1 busysearch.net
127.0.0.1 www.busysearch.net
127.0.0.1 buttejazz.org
127.0.0.1 buy-find.info
127.0.0.1 www.buy-find.info
127.0.0.1 buyselldomain.net
127.0.0.1 buytraff.biz
127.0.0.1 www.buytraff.biz
127.0.0.1 buz.ru
127.0.0.1 bvirgilio.it
127.0.0.1 www.bvirgilio.it
127.0.0.1 c.centralmedia.ws
127.0.0.1 c.enhance.com
127.0.0.1 www.c.enhance.com
127.0.0.1 c.goclick.com
127.0.0.1 c4tdownload.com
127.0.0.1 www.c4tdownload.com
127.0.0.1 c5.www4free.info
127.0.0.1 www.c5.www4free.info
127.0.0.1 cache.surfaccuracy.com
127.0.0.1 www.cache.surfaccuracy.com
127.0.0.1 cache.ysbweb.com
127.0.0.1 calcioturris.com
127.0.0.1 calendaralerts.net
127.0.0.1 www.calendaralerts.net
127.0.0.1 cameouk.co.uk
127.0.0.1 www.cameouk.co.uk
127.0.0.1 cameup.com
127.0.0.1 camouflageclothingonline.net
127.0.0.1 www.camouflageclothingonline.net
127.0.0.1 camup.net
127.0.0.1 canberracricketcoaching.com
127.0.0.1 candycantaloupes.com
127.0.0.1 canidetect.org
127.0.0.1 www.canidetect.org
127.0.0.1 cantfind.com
127.0.0.1 www.cantfind.com
127.0.0.1 careers.dulcineasystems.net
127.0.0.1 carsands.com
127.0.0.1 carsrentals.net
127.0.0.1 cartoes.uol.com.br
127.0.0.1 casalemedia.com
127.0.0.1 www.casalemedia.com
127.0.0.1 cashdeluxe.net
127.0.0.1 www.cashdeluxe.net
127.0.0.1 cashengines.com
127.0.0.1 www.cashengines.com
127.0.0.1 cashsearch.biz
127.0.0.1 cashsurfers.com
127.0.0.1 www.cashsurfers.com
127.0.0.1 CashUnlim.com
127.0.0.1 www.CashUnlim.com
127.0.0.1 casino.com.free.game.pogo.gratisdownloads.nl
127.0.0.1 casino2win.net
127.0.0.1 casino-gambling-1.net
127.0.0.1 casino-gambling-2.net
127.0.0.1 casinomidas.net
127.0.0.1 casinonline.net
127.0.0.1 casino-onlines.net
127.0.0.1 castingsamateur.com
127.0.0.1 www.castingsamateur.com
127.0.0.1 catallogue.com
127.0.0.1 catch-dc.info
127.0.0.1 www.catch-dc.info
127.0.0.1 categories.mygeek.com
127.0.0.1 catsss.da.ru
127.0.0.1 caxa.ru
127.0.0.1 cc.panet.org
127.0.0.1 ccecaedbebfcaf.com
127.0.0.1 www.ccecaedbebfcaf.com
127.0.0.1 cclebali.org
127.0.0.1 ccorriere.it
127.0.0.1 www.ccorriere.it
127.0.0.1 cdegate.com
127.0.0.1 www.cdegate.com
127.0.0.1 cdn.drivecleaner.com
127.0.0.1 cdn.errorsafe.com
127.0.0.1 cdn.movies-etc.com
127.0.0.1 cdn.winsoftware.com
127.0.0.1 cdn2.movies-etc.com
127.0.0.1 cdorriere.it
127.0.0.1 www.cdorriere.it
127.0.0.1 ceewawires.org
127.0.0.1 centralmedia.ws
127.0.0.1 certumgroup.com
127.0.0.1 cforriere.it
127.0.0.1 www.cforriere.it
127.0.0.1 check.jupitersatellites.biz
127.0.0.1 www.check.jupitersatellites.biz
127.0.0.1 checkin100.com
127.0.0.1 www.checkin100.com
127.0.0.1 checkssecurity.com
127.0.0.1 www.checkssecurity.com
127.0.0.1 chelancatering.com
127.0.0.1 chenshijituan.com
127.0.0.1 www.chenshijituan.com
127.0.0.1 childrenvilla.com
127.0.0.1 chips-4-free.com
127.0.0.1 chrisswasey.com
127.0.0.1 chriswallace.net
127.0.0.1 cia-trjn.myvnc.com
127.0.0.1 www.cia-trjn.myvnc.com
127.0.0.1 ciorriere.it
127.0.0.1 www.ciorriere.it
127.0.0.1 cirriere.it
127.0.0.1 www.cirriere.it
127.0.0.1 ckick4thumbs.com
127.0.0.1 cl55.biz
127.0.0.1 clackamasliteraryreview.com
127.0.0.1 cleansoftwares.com
127.0.0.1 www.cleansoftwares.com
127.0.0.1 clearsearch.cc
127.0.0.1 clearsearch.net
127.0.0.1 clickaire.com
127.0.0.1 click-codec.com
127.0.0.1 www.click-codec.com
127.0.0.1 clickhere4search.com
127.0.0.1 www.clickhere4search.com
127.0.0.1 click-now.net
127.0.0.1 clickspring.net
127.0.0.1 www.clickspring.net
127.0.0.1 click-to-download.com
127.0.0.1 www.click-to-download.com
127.0.0.1 clicktomakeasearch.com
127.0.0.1 www.clicktomakeasearch.com
127.0.0.1 clickyestoenter.net
127.0.0.1 client.exeupdate.com
127.0.0.1 client.myadultexplorer.com
127.0.0.1 cliks.org
127.0.0.1 www.cliks.org
127.0.0.1 clorriere.it
127.0.0.1 www.clorriere.it
127.0.0.1 clrsch.com
127.0.0.1 clubxxxvideo.com
127.0.0.1 www.clubxxxvideo.com
127.0.0.1 clusif.free.fr
127.0.0.1 cmtapestry.com
127.0.0.1 cnetadd.com
127.0.0.1 www.cnetadd.com
127.0.0.1 cnzz.com
127.0.0.1 www.cnzz.com
127.0.0.1 code.ignphrases.com
127.0.0.1 codec.ninoa.com
127.0.0.1 codecdvd.net
127.0.0.1 www.codecdvd.net
127.0.0.1 codec-fun.com
127.0.0.1 www.codec-fun.com
127.0.0.1 codecsoft.net
127.0.0.1 www.codecsoft.net
127.0.0.1 codrriere.it
127.0.0.1 www.codrriere.it
127.0.0.1 coeriere.it
127.0.0.1 www.coeriere.it
127.0.0.1 coerriere.it
127.0.0.1 www.coerriere.it
127.0.0.1 cofrriere.it
127.0.0.1 www.cofrriere.it
127.0.0.1 cogrriere.it
127.0.0.1 www.cogrriere.it
127.0.0.1 coirriere.it
127.0.0.1 www.coirriere.it
127.0.0.1 command.adservs.com
127.0.0.1 www.commonname.com
127.0.0.1 computerpcgames.net
127.0.0.1 www.computerpcgames.net
127.0.0.1 computerrecover.com
127.0.0.1 www.computerrecover.com
127.0.0.1 config.180solutions.com
127.0.0.1 content.dollarrevenue.com
127.0.0.1 www.content.dollarrevenue.com
127.0.0.1 content.ireit.com
127.0.0.1 www.content.ireit.com
127.0.0.1 content.onerateld.com
127.0.0.1 contentmatch.net
127.0.0.1 www.contentmatch.net
127.0.0.1 contra-virus.com
127.0.0.1 www.contra-virus.com
127.0.0.1 controlmeh.com
127.0.0.1 www.controlmeh.com
127.0.0.1 cooldeskalert.com
127.0.0.1 www.cooldeskalert.com
127.0.0.1 coolfetishsite.com
127.0.0.1 coolfreehost.com
127.0.0.1 coolfreepage.com
127.0.0.1 coolfreepages.com
127.0.0.1 cool-homepage.co
127.0.0.1 cool-homepage.com
127.0.0.1 coolmoneysearch.com
127.0.0.1 coolpornsearch.com
127.0.0.1 cool-search.net
127.0.0.1 cool-search.netfartpost.com
127.0.0.1 coolsearcher.info
127.0.0.1 coolservecorp.net
127.0.0.1 www.coolservecorp.net
127.0.0.1 coolwebsearch.com
127.0.0.1 www.coolwebsearch.com
127.0.0.1 cool-web-search.com
127.0.0.1 coolwebsearsh.com
127.0.0.1 coolwwwsearch.com
127.0.0.1 www.coolwwwsearch.com
127.0.0.1 cool-xxx.net
127.0.0.1 coorriere.it
127.0.0.1 www.coorriere.it
127.0.0.1 copmtraine.com
127.0.0.1 coprriere.it
127.0.0.1 www.coprriere.it
127.0.0.1 core.psyche-evolution.com
127.0.0.1 www.core.psyche-evolution.com
127.0.0.1 coreiere.it
127.0.0.1 www.coreiere.it
127.0.0.1 coreriere.it
127.0.0.1 www.coreriere.it
127.0.0.1 corrdiere.it
127.0.0.1 www.corrdiere.it
127.0.0.1 correiere.it
127.0.0.1 www.correiere.it
127.0.0.1 corrfiere.it
127.0.0.1 www.corrfiere.it
127.0.0.1 corrgiere.it
127.0.0.1 www.corrgiere.it
127.0.0.1 corridere.it
127.0.0.1 www.corridere.it
127.0.0.1 corriedre.it
127.0.0.1 www.corriedre.it
127.0.0.1 corriee.it
127.0.0.1 www.corriee.it
127.0.0.1 corrieere.it
127.0.0.1 www.corrieere.it
127.0.0.1 corriefre.it
127.0.0.1 www.corriefre.it
127.0.0.1 corriegre.it
127.0.0.1 www.corriegre.it
127.0.0.1 corrierde.it
127.0.0.1 www.corrierde.it
127.0.0.1 corriered.it
127.0.0.1 www.corriered.it
127.0.0.1 corrieree.it
127.0.0.1 www.corrieree.it
127.0.0.1 corrieref.it
127.0.0.1 www.corrieref.it
127.0.0.1 corrierer.it
127.0.0.1 www.corrierer.it
127.0.0.1 corrieres.it
127.0.0.1 www.corrieres.it
127.0.0.1 corrierew.it
127.0.0.1 www.corrierew.it
127.0.0.1 corrierfe.it
127.0.0.1 www.corrierfe.it
127.0.0.1 corrierge.it
127.0.0.1 www.corrierge.it
127.0.0.1 corrierr.it
127.0.0.1 www.corrierr.it
127.0.0.1 corrierre.it
127.0.0.1 www.corrierre.it
127.0.0.1 corrierse.it
127.0.0.1 www.corrierse.it
127.0.0.1 corrierte.it
127.0.0.1 www.corrierte.it
127.0.0.1 corrierw.it
127.0.0.1 www.corrierw.it
127.0.0.1 corrierwe.it
127.0.0.1 www.corrierwe.it
127.0.0.1 corriesre.it
127.0.0.1 www.corriesre.it
127.0.0.1 corriete.it
127.0.0.1 www.corriete.it
127.0.0.1 corrietre.it
127.0.0.1 www.corrietre.it
127.0.0.1 corriewre.it
127.0.0.1 www.corriewre.it
127.0.0.1 corrifere.it
127.0.0.1 www.corrifere.it
127.0.0.1 corriiere.it
127.0.0.1 www.corriiere.it
127.0.0.1 corrilere.it
127.0.0.1 www.corrilere.it
127.0.0.1 corrioere.it
127.0.0.1 www.corrioere.it
127.0.0.1 corrire.it
127.0.0.1 www.corrire.it
127.0.0.1 corrirere.it
127.0.0.1 www.corrirere.it
127.0.0.1 corrirre.it
127.0.0.1 www.corrirre.it
127.0.0.1 corrisere.it
127.0.0.1 www.corrisere.it
127.0.0.1 corriuere.it
127.0.0.1 www.corriuere.it
127.0.0.1 corriwere.it
127.0.0.1 www.corriwere.it
127.0.0.1 corriwre.it
127.0.0.1 www.corriwre.it
127.0.0.1 corrliere.it
127.0.0.1 www.corrliere.it
127.0.0.1 corroere.it
127.0.0.1 www.corroere.it
127.0.0.1 corroiere.it
127.0.0.1 www.corroiere.it
127.0.0.1 corrriere.it
127.0.0.1 www.corrriere.it
127.0.0.1 corrtiere.it
127.0.0.1 www.corrtiere.it
127.0.0.1 corruere.it
127.0.0.1 www.corruere.it
127.0.0.1 corruiere.it
127.0.0.1 www.corruiere.it
127.0.0.1 cortiere.it
127.0.0.1 www.cortiere.it
127.0.0.1 cortriere.it
127.0.0.1 www.cortriere.it
127.0.0.1 costrike.com
127.0.0.1 www.costrike.com
127.0.0.1 cotriere.it
127.0.0.1 www.cotriere.it
127.0.0.1 cotrriere.it
127.0.0.1 www.cotrriere.it
127.0.0.1 couldnotfind.com
127.0.0.1 count.cc
127.0.0.1 count.hitscount.net
127.0.0.1 count-all.com
127.0.0.1 countdutycall.info
127.0.0.1 www.countdutycall.info
127.0.0.1 counter.sexmaniack.com
127.0.0.1 cporriere.it
127.0.0.1 www.cporriere.it
127.0.0.1 cprriere.it
127.0.0.1 www.cprriere.it
127.0.0.1 cpvfeed.com
127.0.0.1 cracks.me.uk
127.0.0.1 cracks4all.com
127.0.0.1 www.cracks4all.com
127.0.0.1 crapsgold.info
127.0.0.1 www.crapsgold.info
127.0.0.1 Crazygirls-world.com
127.0.0.1 crazywinnings.com
127.0.0.1 www.crazywinnings.com
127.0.0.1 creamedcutties.com
127.0.0.1 createaccesskey.com
127.0.0.1 www.createaccesskey.com
127.0.0.1 creditsearchonline.com
127.0.0.1 crestring.com
127.0.0.1 crooder.com
127.0.0.1 crriere.it
127.0.0.1 www.crriere.it
127.0.0.1 crystalysmedia.com
127.0.0.1 www.crystalysmedia.com
127.0.0.1 csx.adservs.com
127.0.0.1 www.csx.adservs.com
127.0.0.1 cts.180solutions.com
127.0.0.1 cuisinartoven.com
127.0.0.1 www.cuisinartoven.com
127.0.0.1 curedc.info
127.0.0.1 www.curedc.info
127.0.0.1 curepcsolutions.com
127.0.0.1 www.curepcsolutions.com
127.0.0.1 curvedspaces.com
127.0.0.1 cutadult.com
127.0.0.1 www.cutadult.com
127.0.0.1 cvirgilio.it
127.0.0.1 www.cvirgilio.it
127.0.0.1 cvorriere.it
127.0.0.1 www.cvorriere.it
127.0.0.1 cvs.jps.ru
127.0.0.1 cvsymphony.com
127.0.0.1 cxorriere.it
127.0.0.1 www.cxorriere.it
127.0.0.1 cyberrape.com
127.0.0.1 www.cyberrape.com
127.0.0.1 cydom.com
127.0.0.1 cydoor.com
127.0.0.1 www.cydoor.com
127.0.0.1 daily-gals.com
127.0.0.1 dailypornmag.com
127.0.0.1 www.dailypornmag.com
127.0.0.1 dailyteenspic.com
127.0.0.1 dailytoolbar.com
127.0.0.1 www.dailytoolbar.com
127.0.0.1 dancingbabycd.com
127.0.0.1 data-hoster.com
127.0.0.1 www.data-hoster.com
127.0.0.1 datanotary.com
127.0.0.1 datareco.com
127.0.0.1 dating-galaxy.info
127.0.0.1 www.dating-galaxy.info
127.0.0.1 dating-search.net
127.0.0.1 davemarshall.org
127.0.0.1 db105.com
127.0.0.1 dbdecicated.com
127.0.0.1 www.dbdecicated.com
127.0.0.1 dbxcompany.com
127.0.0.1 www.dbxcompany.com
127.0.0.1 dcdl.dmcast.com
127.0.0.1 dcfitusa.com
127.0.0.1 dcorriere.it
127.0.0.1 www.dcorriere.it
127.0.0.1 dcurtis.com
127.0.0.1 www.dcurtis.com
127.0.0.1 dcww.dmcast.com
127.0.0.1 de.ag
127.0.0.1 de.drivecleaner.com
127.0.0.1 de.errorsafe.com
127.0.0.1 de.winantivirus.com
127.0.0.1 de98.remsys.org
127.0.0.1 debay.it
127.0.0.1 www.debay.it
127.0.0.1 dedmazay.3322.org
127.0.0.1 dedsearch.com
127.0.0.1 www.dedsearch.com
127.0.0.1 defaultsearch.net
127.0.0.1 Defensaantimalware.com
127.0.0.1 www.Defensaantimalware.com
127.0.0.1 deja-rue.com
127.0.0.1 www.deja-rue.com
127.0.0.1 derklaif.biz
127.0.0.1 www.derklaif.biz
127.0.0.1 derrari.it
127.0.0.1 www.derrari.it
127.0.0.1 desarrollocreativo.com
127.0.0.1 deskbar.worldtostart.com
127.0.0.1 www.deskbar.worldtostart.com
127.0.0.1 deskwizz.com
127.0.0.1 www.deskwizz.com
127.0.0.1 dev.ntcor.com
127.0.0.1 develip.com
127.0.0.1 dewis.spb.ru
127.0.0.1 dewis.us
127.0.0.1 df809jow4wj2304lfd0sf9fsd0a2t4ldf809jow4wj2304lfd0sf9fsd0a2t4ld.biz
127.0.0.1 dgbusiness.com
127.0.0.1 www.dgbusiness.com
127.0.0.1 dialer2004.com
127.0.0.1 dialerclub.com
127.0.0.1 www.dialerclub.com
127.0.0.1 dialer-shop.com
127.0.0.1 www.dialer-shop.com
127.0.0.1 dialoff.com
127.0.0.1 www.dialoff.com
127.0.0.1 did.i-used.cc
127.0.0.1 www.did.i-used.cc
127.0.0.1 dietpills4free.com
127.0.0.1 dietpussy.com
127.0.0.1 digikeygen.com
127.0.0.1 www.digikeygen.com
127.0.0.1 digistreamsa.com
127.0.0.1 digitalcoders.net
127.0.0.1 www.digitalcoders.net
127.0.0.1 www.digitalfan.com
127.0.0.1 digital-pornography.com
127.0.0.1 dionforvalleycouncil.org
127.0.0.1 directdvdpro.com
127.0.0.1 www.directdvdpro.com
127.0.0.1 directporta.info
127.0.0.1 www.directporta.info
127.0.0.1 directsearchzone.com
127.0.0.1 www.directsearchzone.com
127.0.0.1 dist.checkin100.com
127.0.0.1 dl.ad-ware.cc
127.0.0.1 dl.malwarewipe.com
127.0.0.1 dl.targetsaver.com
127.0.0.1 www.dl.targetsaver.com
127.0.0.1 dl.web-nexus.net
127.0.0.1 dl1.antivermins.com
127.0.0.1 dl1.antivirgear.com
127.0.0.1 dl1.spydawn.com
127.0.0.1 dl1.virusprotectpro.com
127.0.0.1 dl10.spyfalcon.com
127.0.0.1 dl16.spyfalcon.com
127.0.0.1 dl2.spyfalcon.com
127.0.0.1 dl2.spyheal.com
127.0.0.1 dl2.spywarestrike.com
127.0.0.1 dl3.spyfalcon.com
127.0.0.1 dl3.spyheal.com
127.0.0.1 dl3.spywarestrike.com
127.0.0.1 dl4.spyfalcon.com
127.0.0.1 dl4.spywarestrike.com
127.0.0.1 dl5.spyfalcon.com
127.0.0.1 dl5.spywarestrike.com
127.0.0.1 dl6.spywarestrike.com
127.0.0.1 dl7.spywarestrike.com
127.0.0.1 dl8.spyheal.com
127.0.0.1 dl8.spywarestrike.com
127.0.0.1 dl9.spyfalcon.com
127.0.0.1 dmcast.com
127.0.0.1 www.dmcast.com
127.0.0.1 dnaads.com
127.0.0.1 www.dnaads.com
127.0.0.1 dnl.mabou.org
127.0.0.1 dns-look-up.com
127.0.0.1 www.dns-look-up.com
127.0.0.1 doctorwaldron.com
127.0.0.1 document-not-found.pornpic.org
127.0.0.1 doggyaction.com
127.0.0.1 dogproblemswebsite.com
127.0.0.1 www.dogproblemswebsite.com
127.0.0.1 doktorxxx.com
127.0.0.1 dollarrevenue.com
127.0.0.1 domaincar.com
127.0.0.1 www.domaincar.com
127.0.0.1 domains2003.net
127.0.0.1 domains-for-you-online.com
127.0.0.1 domain-your-registration.com
127.0.0.1 domkrat.com
127.0.0.1 dotcomtoolbar.com
127.0.0.1 www.dotcomtoolbar.com
127.0.0.1 down.136136.net
127.0.0.1 download.abetterinternet.com
127.0.0.1 download.antispywarebot.com
127.0.0.1 www.download.antispywarebot.com
127.0.0.1 download.bardownload.com
127.0.0.1 www.download.bardownload.com
127.0.0.1 download.bravesentry.com
127.0.0.1 www.download.bravesentry.com
127.0.0.1 download.cdn.drivecleaner.com
127.0.0.1 download.cdn.errorsafe.com
127.0.0.1 download.cdn.winsoftware.com
127.0.0.1 download.errorsafe.com
127.0.0.1 download.jupitersatellites.biz
127.0.0.1 www.download.jupitersatellites.biz
127.0.0.1 download.searchtabs.net
127.0.0.1 download.secureyournet.biz
127.0.0.1 www.download.secureyournet.biz
127.0.0.1 download.spyonthis.net
127.0.0.1 download.spy-shredder.com
127.0.0.1 download.systemdoctor.com
127.0.0.1 download.winantispyware.com
127.0.0.1 download.winantivirus.com
127.0.0.1 download.windrivecleaner.com
127.0.0.1 download.winfixer.com
127.0.0.1 download10.spywarequake.com
127.0.0.1 download11.spywarequake.com
127.0.0.1 download12.spywarequake.com
127.0.0.1 download13.spywarequake.com
127.0.0.1 download15.spywarequake.com
127.0.0.1 download2.spywarequake.com
127.0.0.1 download-2007.com
127.0.0.1 www.download-2007.com
127.0.0.1 download3.spyaxe.com
127.0.0.1 download3.spywarequake.com
127.0.0.1 download4.spyaxe.com
127.0.0.1 download4.spywarequake.com
127.0.0.1 download5.spyaxe.com
127.0.0.1 download5.spywarequake.com
127.0.0.1 download6.spyaxe.com
127.0.0.1 download7.spywarequake.com
127.0.0.1 download8.spywarequake.com
127.0.0.1 download9.spywarequake.com
127.0.0.1 download-ad-aware.com
127.0.0.1 www.download-ad-aware.com
127.0.0.1 download-all-4-free.com
127.0.0.1 www.download-all-4-free.com
127.0.0.1 download-all-area.com
127.0.0.1 www.download-all-area.com
127.0.0.1 download-antivir.com
127.0.0.1 www.download-antivir.com
127.0.0.1 downloadanysong.com
127.0.0.1 www.downloadanysong.com
127.0.0.1 download-avast.com
127.0.0.1 www.download-avast.com
127.0.0.1 downloadcorporation.com
127.0.0.1 www.downloadcorporation.com
127.0.0.1 download-dvdshrink.com
127.0.0.1 www.download-dvdshrink.com
127.0.0.1 download-for-free.net
127.0.0.1 www.download-for-free.net
127.0.0.1 downloadfreesoft.com
127.0.0.1 www.downloadfreesoft.com
127.0.0.1 downloadfreeway.com
127.0.0.1 www.downloadfreeway.com
127.0.0.1 downloadimesh.com
127.0.0.1 www.downloadimesh.com
127.0.0.1 download-itunes-now.com
127.0.0.1 www.download-itunes-now.com
127.0.0.1 download-limewire.org
127.0.0.1 www.download-limewire.org
127.0.0.1 downloadlost.tv
127.0.0.1 www.downloadlost.tv
127.0.0.1 downloadmax.net
127.0.0.1 www.downloadmax.net
127.0.0.1 download-mcafee.com
127.0.0.1 www.download-mcafee.com
127.0.0.1 download-me.info
127.0.0.1 downloadmediaax.com
127.0.0.1 www.downloadmediaax.com
127.0.0.1 downloadpics.net
127.0.0.1 www.downloadpics.net
127.0.0.1 download-real-player.com
127.0.0.1 www.download-real-player.com
127.0.0.1 downloads.180solutions.com
127.0.0.1 downloads.adaware.cc
127.0.0.1 downloadservicearea.com
127.0.0.1 www.downloadservicearea.com
127.0.0.1 downloads-free.org
127.0.0.1 www.downloads-free.org
127.0.0.1 downloadsglobe.com
127.0.0.1 www.downloadsglobe.com
127.0.0.1 download-this.us
127.0.0.1 www.download-this.us
127.0.0.1 download-trillian.com
127.0.0.1 www.download-trillian.com
127.0.0.1 downloadv3.com
127.0.0.1 www.downloadv3.com
127.0.0.1 downloadvax.com
127.0.0.1 www.downloadvax.com
127.0.0.1 download-windvd.com
127.0.0.1 www.download-windvd.com
127.0.0.1 download-winrar.com
127.0.0.1 www.download-winrar.com
127.0.0.1 downloadwizard.com
127.0.0.1 downloadzcenter.com
127.0.0.1 downloadzcentral.com
127.0.0.1 downloadzfree.com
127.0.0.1 www.downloadzfree.com
127.0.0.1 downloadznow.net
127.0.0.1 download-zone-free.com
127.0.0.1 www.download-zone-free.com
127.0.0.1 download-zone-free.net
127.0.0.1 www.download-zone-free.net
127.0.0.1 dp-host.com
127.0.0.1 dr.mcboo.com
127.0.0.1 dr.webhancer.com
127.0.0.1 www.dr.webhancer.com
127.0.0.1 dr2.webhancer.com
127.0.0.1 www.dr2.webhancer.com
127.0.0.1 dr38.mcboo.com
127.0.0.1 dr47.mcboo.com
127.0.0.1 dragqueen.gay-clan.com
127.0.0.1 drepubblica.it
127.0.0.1 www.drepubblica.it
127.0.0.1 drivecleaner.com
127.0.0.1 www.drivecleaner.com
127.0.0.1 drivecleanr.com
127.0.0.1 www.drivecleanr.com
127.0.0.1 drocherway.com
127.0.0.1 dropspam.com
127.0.0.1 www.dropspam.com
127.0.0.1 drug-sources-exposed.com
127.0.0.1 drvvv.com
127.0.0.1 dsupereva.it
127.0.0.1 www.dsupereva.it
127.0.0.1 dtlproduct.com
127.0.0.1 www.dtlproduct.com
127.0.0.1 dudu.com
127.0.0.1 www.dudu.com
127.0.0.1 dulcineasystems.net
127.0.0.1 dumpserv.com
127.0.0.1 duolaimi.net
127.0.0.1 dutch-sex.com
127.0.0.1 dvdaccess.net
127.0.0.1 www.dvdaccess.net
127.0.0.1 dvdbank.org
127.0.0.1 dvdcodec.net
127.0.0.1 www.dvdcodec.net
127.0.0.1 dvdsmovies.net
127.0.0.1 www.dvdsmovies.net
127.0.0.1 dvdsvideos.net
127.0.0.1 www.dvdsvideos.net
127.0.0.1 dvdtocdsite.com
127.0.0.1 www.dvdtocdsite.com
127.0.0.1 dynamique.drivecleaner.com
127.0.0.1 e3bay.it
127.0.0.1 www.e3bay.it
127.0.0.1 e4bay.it
127.0.0.1 www.e4bay.it
127.0.0.1 eager-sex.com
127.0.0.1 earthllnk.net
127.0.0.1 www.earthllnk.net
127.0.0.1 eases.net
127.0.0.1 easyantispy.com
127.0.0.1 easybestdeals.com
127.0.0.1 www.easybestdeals.com
127.0.0.1 easycategories.com
127.0.0.1 easymp3musicnow.com
127.0.0.1 www.easymp3musicnow.com
127.0.0.1 easy-pharmacy.info
127.0.0.1 www.easy-pharmacy.info
127.0.0.1 easy-search.net
127.0.0.1 easysearch4you.com
127.0.0.1 www.easysearch4you.com
127.0.0.1 easysearchingtips.com
127.0.0.1 easyspyware.com
127.0.0.1 www.easyspyware.com
127.0.0.1 easywww.info
127.0.0.1 www.easywww.info
127.0.0.1 eba6y.it
127.0.0.1 www.eba6y.it
127.0.0.1 eba7y.it
127.0.0.1 www.eba7y.it
127.0.0.1 ebaay.it
127.0.0.1 www.ebaay.it
127.0.0.1 ebagy.it
127.0.0.1 www.ebagy.it
127.0.0.1 ebahy.it
127.0.0.1 www.ebahy.it
127.0.0.1 ebajy.it
127.0.0.1 www.ebajy.it
127.0.0.1 ebaqy.it
127.0.0.1 www.ebaqy.it
127.0.0.1 ebasy.it
127.0.0.1 www.ebasy.it
127.0.0.1 ebaty.it
127.0.0.1 www.ebaty.it
127.0.0.1 ebauy.it
127.0.0.1 www.ebauy.it
127.0.0.1 ebav.com
127.0.0.1 ebaw.com
127.0.0.1 ebawy.it
127.0.0.1 www.ebawy.it
127.0.0.1 ebaxy.it
127.0.0.1 www.ebaxy.it
127.0.0.1 ebay6.it
127.0.0.1 www.ebay6.it
127.0.0.1 ebay7.it
127.0.0.1 www.ebay7.it
127.0.0.1 ebayg.it
127.0.0.1 www.ebayg.it
127.0.0.1 ebayh.it
127.0.0.1 www.ebayh.it
127.0.0.1 ebayj.it
127.0.0.1 www.ebayj.it
127.0.0.1 ebayt.it
127.0.0.1 www.ebayt.it
127.0.0.1 ebayu.it
127.0.0.1 www.ebayu.it
127.0.0.1 ebazy.it
127.0.0.1 www.ebazy.it
127.0.0.1 ebch.com
127.0.0.1 ebdv.com
127.0.0.1 ebdw.com
127.0.0.1 ebestfind.org
127.0.0.1 www.ebestfind.org
127.0.0.1 ebgay.it
127.0.0.1 www.ebgay.it
127.0.0.1 ebgo.com
127.0.0.1 ebhay.it
127.0.0.1 www.ebhay.it
127.0.0.1 ebjp.com
127.0.0.1 ebkb.com
127.0.0.1 ebkn.com
127.0.0.1 ebky.com
127.0.0.1 eblv.com
127.0.0.1 ebmu.com
127.0.0.1 ebnay.it
127.0.0.1 www.ebnay.it
127.0.0.1 ebony-pornmag.com
127.0.0.1 www.ebony-pornmag.com
127.0.0.1 ebonypornmag.com
127.0.0.1 www.ebonypornmag.com
127.0.0.1 ebqay.it
127.0.0.1 www.ebqay.it
127.0.0.1 ebsay.it
127.0.0.1 www.ebsay.it
127.0.0.1 ebsy.it
127.0.0.1 www.ebsy.it
127.0.0.1 ebvay.it
127.0.0.1 www.ebvay.it
127.0.0.1 ebvr.com
127.0.0.1 ebway.it
127.0.0.1 www.ebway.it
127.0.0.1 ebxay.it
127.0.0.1 www.ebxay.it
127.0.0.1 ebzay.it
127.0.0.1 www.ebzay.it
127.0.0.1 ecmh.com
127.0.0.1 ecmp.com
127.0.0.1 ecosrioplatenses.org
127.0.0.1 ecpm.com
127.0.0.1 ecstasyporn.net
127.0.0.1 ecwz.com
127.0.0.1 ecyb.com
127.0.0.1 edbay.it
127.0.0.1 www.edbay.it
127.0.0.1 edhq.com
127.0.0.1 edietprogram.com
127.0.0.1 www.edietprogram.com
127.0.0.1 edty.com
127.0.0.1 eduy.com
127.0.0.1 eebay.it
127.0.0.1 www.eebay.it
127.0.0.1 eeev.com
127.0.0.1 eepubblica.it
127.0.0.1 www.eepubblica.it
127.0.0.1 efbay.it
127.0.0.1 www.efbay.it
127.0.0.1 egbay.it
127.0.0.1 www.egbay.it
127.0.0.1 ehbay.it
127.0.0.1 www.ehbay.it
127.0.0.1 eikokoike.com
127.0.0.1 elitecodec.com
127.0.0.1 www.elitecodec.com
127.0.0.1 elitemediagroup.net
127.0.0.1 www.elitemediagroup.net
127.0.0.1 e-localad.com
127.0.0.1 emailicon.org
127.0.0.1 www.emailicon.org
127.0.0.1 emch.com
127.0.0.1 emcodec.com
127.0.0.1 www.emcodec.com
127.0.0.1 emediacodec.com
127.0.0.1 www.emediacodec.com
127.0.0.1 emule.mp3-muzic.com
127.0.0.1 www.emule.mp3-muzic.com
127.0.0.1 emuledownloadhome.com
127.0.0.1 www.emuledownloadhome.com
127.0.0.1 emule-freebie.com
127.0.0.1 www.emule-freebie.com
127.0.0.1 enay.it
127.0.0.1 www.enay.it
127.0.0.1 enbay.it
127.0.0.1 www.enbay.it
127.0.0.1 energy-factor.com
127.0.0.1 www.energy-factor.com
127.0.0.1 engineplay.com
127.0.0.1 www.engineplay.com
127.0.0.1 engine-ticket.com
127.0.0.1 www.engine-ticket.com
127.0.0.1 enhance.com
127.0.0.1 www.enhance.com
127.0.0.1 enhancevideos.com
127.0.0.1 www.enhancevideos.com
127.0.0.1 enitinvest.net
127.0.0.1 enjoywebsurf.com
127.0.0.1 entertainsite.net
127.0.0.1 www.entertainsite.net
127.0.0.1 enterthesearch.com
127.0.0.1 www.enterthesearch.com
127.0.0.1 e-plus.cc
127.0.0.1 epornsex.com
127.0.0.1 eprotectionline.com
127.0.0.1 www.eprotectionline.com
127.0.0.1 eprotectpage.com
127.0.0.1 www.eprotectpage.com
127.0.0.1 erbay.it
127.0.0.1 www.erbay.it
127.0.0.1 erepubblica.it
127.0.0.1 www.erepubblica.it
127.0.0.1 ergosites.com
127.0.0.1 erossoalice.it
127.0.0.1 www.erossoalice.it
127.0.0.1 errari.it
127.0.0.1 www.errari.it
127.0.0.1 error404site.com
127.0.0.1 www.error404site.com
127.0.0.1 error404site.net
127.0.0.1 www.error404site.net
127.0.0.1 errorkiller.com
127.0.0.1 www.errorkiller.com
127.0.0.1 errorprotector.com
127.0.0.1 www.errorprotector.com
127.0.0.1 errorsafe.com
127.0.0.1 www.errorsafe.com
127.0.0.1 errorsdns.com
127.0.0.1 www.errorsdns.com
127.0.0.1 ert0003.e76.163ns.com
127.0.0.1 ertikadeswiokinganfujas.com
127.0.0.1 www.ertikadeswiokinganfujas.com
127.0.0.1 es.winantivirus.com
127.0.0.1 es0-www.5zgmu7o20kt5d8yq.com
127.0.0.1 es1-www.5zgmu7o20kt5d8yq.com
127.0.0.1 es2-www.5zgmu7o20kt5d8yq.com
127.0.0.1 es3-www.5zgmu7o20kt5d8yq.com
127.0.0.1 es4-www.5zgmu7o20kt5d8yq.com
127.0.0.1 es5-www.5zgmu7o20kt5d8yq.com
127.0.0.1 es6-www.5zgmu7o20kt5d8yq.com
127.0.0.1 es7-www.5zgmu7o20kt5d8yq.com
127.0.0.1 es8-www.5zgmu7o20kt5d8yq.com
127.0.0.1 es9-www.5zgmu7o20kt5d8yq.com
127.0.0.1 esafetylist.com
127.0.0.1 www.esafetylist.com
127.0.0.1 esafetypage.com
127.0.0.1 www.esafetypage.com
127.0.0.1 esbay.it
127.0.0.1 www.esbay.it
127.0.0.1 esearch2005.com
127.0.0.1 www.esearch2005.com
127.0.0.1 esecuritynote.com
127.0.0.1 www.esecuritynote.com
127.0.0.1 esecuritypage.com
127.0.0.1 www.esecuritypage.com
127.0.0.1 esupereva.it
127.0.0.1 www.esupereva.it
127.0.0.1 etomi.all-downloads-now.com
127.0.0.1 www.etomi.all-downloads-now.com
127.0.0.1 eupdatepage.com
127.0.0.1 www.eupdatepage.com
127.0.0.1 euuu.com
127.0.0.1 evbay.it
127.0.0.1 www.evbay.it
127.0.0.1 evidence-detector.biz
127.0.0.1 evilspidercomics.com
127.0.0.1 evko.biz
127.0.0.1 www.evko.biz
127.0.0.1 ewbay.it
127.0.0.1 www.ewbay.it
127.0.0.1 ewebsearch.net
127.0.0.1 e-websitesolutions.com
127.0.0.1 ewizard.cc
127.0.0.1 exaccess.ru
127.0.0.1 www.exaccess.ru
127.0.0.1 excellentsckin.com
127.0.0.1 exeupdate.com
127.0.0.1 www.exeupdate.com
127.0.0.1 exflow.org
127.0.0.1 www.exflow.org
127.0.0.1 exit.megago.com
127.0.0.1 expandvideo.com
127.0.0.1 www.expandvideo.com
127.0.0.1 exportplay.com
127.0.0.1 www.exportplay.com
127.0.0.1 extremepaidsurveys.com
127.0.0.1 www.extremepaidsurveys.com
127.0.0.1 extremeseek.net
127.0.0.1 eza1netsearch.com
127.0.0.1 www.eza1netsearch.com
127.0.0.1 ezcybersearch.com
127.0.0.1 www.ezcybersearch.com
127.0.0.1 ez-searching.com
127.0.0.1 ezwebsearching.com
127.0.0.1 www.ezwebsearching.com
127.0.0.1 f1.bestmanage.org
127.0.0.1 f1.truth-is-out-there.org
127.0.0.1 f1organizer.com
127.0.0.1 www.f1organizer.com
127.0.0.1 f2.bestmanage.org
127.0.0.1 f2.truth-is-out-there.org
127.0.0.1 f3.bestmanage.org
127.0.0.1 f3.truth-is-out-there.org
127.0.0.1 f4.bestmanage.org
127.0.0.1 f4.truth-is-out-there.org
127.0.0.1 f5.bestmanage.org
127.0.0.1 f5.truth-is-out-there.org
127.0.0.1 f6.bestmanage.org
127.0.0.1 f7.bestmanage.org
127.0.0.1 f7.truth-is-out-there.org
127.0.0.1 f8.bestmanage.org
127.0.0.1 f8.truth-is-out-there.org
127.0.0.1 f9.bestmanage.org
127.0.0.1 f9.truth-is-out-there.org
127.0.0.1 fairsearcher.com
127.0.0.1 www.fairsearcher.com
127.0.0.1 faithstevens.com
127.0.0.1 fantasiewelten.com
127.0.0.1 farmacept32.phpnet.us
127.0.0.1 farmsteadbandb.com
127.0.0.1 farse.com
127.0.0.1 fartpost.com
127.0.0.1 fastfreedownload.com
127.0.0.1 fastmetasearch.com
127.0.0.1 www.fastmetasearch.com
127.0.0.1 fastssearch.com
127.0.0.1 www.fastssearch.com
127.0.0.1 fastwebfinder.com
127.0.0.1 faxporn.com
127.0.0.1 fazzetta.it
127.0.0.1 www.fazzetta.it
127.0.0.1 fcorriere.it
127.0.0.1 www.fcorriere.it
127.0.0.1 featured-results.com
127.0.0.1 febay.it
127.0.0.1 www.febay.it
127.0.0.1 feed.dedsearch.com
127.0.0.1 feeds.2search.com
127.0.0.1 www.feeds.2search.com
127.0.0.1 feeds2.2search.org
127.0.0.1 www.feeds2.2search.org
127.0.0.1 ferraeri.it
127.0.0.1 www.ferraeri.it
127.0.0.1 ferrai.it
127.0.0.1 www.ferrai.it
127.0.0.1 ferrarei.it
127.0.0.1 www.ferrarei.it
127.0.0.1 ferrarti.it
127.0.0.1 www.ferrarti.it
127.0.0.1 ferrasri.it
127.0.0.1 www.ferrasri.it
127.0.0.1 ferratri.it
127.0.0.1 www.ferratri.it
127.0.0.1 ferreari.it
127.0.0.1 www.ferreari.it
127.0.0.1 ferrri.it
127.0.0.1 www.ferrri.it
127.0.0.1 ferrsari.it
127.0.0.1 www.ferrsari.it
127.0.0.1 ferrtari.it
127.0.0.1 www.ferrtari.it
127.0.0.1 fetrrari.it
127.0.0.1 www.fetrrari.it
127.0.0.1 fgazzetta.it
127.0.0.1 www.fgazzetta.it
127.0.0.1 fgoogle.it
127.0.0.1 www.fgoogle.it
127.0.0.1 fhg.panet.org
127.0.0.1 fhgate.com
127.0.0.1 www.fhgate.com
127.0.0.1 fickenisgeil.de
127.0.0.1 file.unionsms.net
127.0.0.1 filestore.com
127.0.0.1 www.filestore.com
127.0.0.1 filetretporn.com
127.0.0.1 www.filetretporn.com
127.0.0.1 Filtrodetrojan.com
127.0.0.1 www.Filtrodetrojan.com
127.0.0.1 finalfantasyactionfigures.com
127.0.0.1 www.finalfantasyactionfigures.com
127.0.0.1 finance-loans.com
127.0.0.1 find4u.net
127.0.0.1 find-52.com
127.0.0.1 www.find-52.com
127.0.0.1 findanyshow.org
127.0.0.1 www.findanyshow.org
127.0.0.1 find-find-777.net
127.0.0.1 www.find-find-777.net
127.0.0.1 find-itnow.com
127.0.0.1 findit-now.com
127.0.0.1 findloss.com
127.0.0.1 findthesite.com
127.0.0.1 findthewebsiteyouneed.com
127.0.0.1 www.findthewebsiteyouneed.com
127.0.0.1 find-uk-health.co.uk
127.0.0.1 findwapsite.org
127.0.0.1 www.findwapsite.org
127.0.0.1 findwhatevernow.com
127.0.0.1 www.findwhatevernow.com
127.0.0.1 fined.biz
127.0.0.1 fine-search.net
127.0.0.1 fionasteel.com
127.0.0.1 firefoxdownload-now.com
127.0.0.1 www.firefoxdownload-now.com
127.0.0.1 firehunt.com
127.0.0.1 www.firehunt.com
127.0.0.1 firgilio.it
127.0.0.1 www.firgilio.it
127.0.0.1 firstbookmark.net
127.0.0.1 firstgoodsearch.com
127.0.0.1 www.firstgoodsearch.com
127.0.0.1 fitness-free.com
127.0.0.1 fixerantispy.com
127.0.0.1 www.fixerantispy.com
127.0.0.1 fjsynebcod.com
127.0.0.1 www.fjsynebcod.com
127.0.0.1 flashdollars.com
127.0.0.1 www.flashdollars.com
127.0.0.1 flashflashmx.3322.org
127.0.0.1 floorsovertexas.com
127.0.0.1 www.floorsovertexas.com
127.0.0.1 floproject.com
127.0.0.1 www.floproject.com
127.0.0.1 flrxtools.greatnuke.com
127.0.0.1 flrx-tools.net
127.0.0.1 www.flrx-tools.net
127.0.0.1 fn777.greatbahamas.com
127.0.0.1 www.fn777.greatbahamas.com
127.0.0.1 foodvacations.net
127.0.0.1 forex.jps.ru
127.0.0.1 forexcredit.com
127.0.0.1 forexcredit.ru
127.0.0.1 formingfusions.com
127.0.0.1 forsythfire.net
127.0.0.1 forthline.com
127.0.0.1 foxmin.com
127.0.0.1 www.foxmin.com
127.0.0.1 fp.gad-network.com
127.0.0.1 fr.drivecleaner.com
127.0.0.1 www.fr.drivecleaner.com
127.0.0.1 fr.winantivirus.com
127.0.0.1 fr.winfixer.com
127.0.0.1 frame.crazywinnings.com
127.0.0.1 free4porno.net
127.0.0.1 free64all.com
127.0.0.1 free-adobe-download-support.com
127.0.0.1 www.free-adobe-download-support.com
127.0.0.1 free-avg.org
127.0.0.1 www.free-avg.org
127.0.0.1 free-avg-download.com
127.0.0.1 www.free-avg-download.com
127.0.0.1 free-bearshares.com
127.0.0.1 www.free-bearshares.com
127.0.0.1 freebookmark.net
127.0.0.1 freebookmarks.net
127.0.0.1 freecat.biz
127.0.0.1 www.freecat.biz
127.0.0.1 freecategories.com
127.0.0.1 free-chipes.com
127.0.0.1 freecj.com
127.0.0.1 freecoolhost.com
127.0.0.1 freedownloadhq.com
127.0.0.1 www.freedownloadhq.co
...
»»»»»»»»»»»»»»»»»»»»»»»» Winsock2 Fix
S!Ri's WS2Fix: LSP not Found.
»»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix
GenericRenosFix by S!Ri
»»»»»»»»»»»»»»»»»»»»»»»» Suppression des fichiers infectés
»»»»»»»»»»»»»»»»»»»»»»»» DNS
HKLM\SYSTEM\CCS\Services\Tcpip\..\{0715969B-283B-4E93-8F2C-A4343706CA61}: NameServer=85.155.115.94,85.155.118.94
HKLM\SYSTEM\CCS\Services\Tcpip\..\{14DCEE1F-2437-4031-BA4A-C5A1D2178B73}: NameServer=192.168.1.1
HKLM\SYSTEM\CCS\Services\Tcpip\..\{A4936D06-CABB-4B7A-B4A3-C8CD91583420}: DhcpNameServer=85.255.115.94,85.255.112.24
HKLM\SYSTEM\CCS\Services\Tcpip\..\{A4936D06-CABB-4B7A-B4A3-C8CD91583420}: NameServer=85.255.115.94,85.255.112.24
HKLM\SYSTEM\CCS\Services\Tcpip\..\{BCEA4CCD-5AD7-462A-BC53-19A51F9571AC}: DhcpNameServer=85.255.115.94,85.255.112.24
HKLM\SYSTEM\CCS\Services\Tcpip\..\{D76BD333-1E83-4E68-AF63-C008CBBC9822}: NameServer=85.255.115.94,85.255.112.24
HKLM\SYSTEM\CS1\Services\Tcpip\..\{0715969B-283B-4E93-8F2C-A4343706CA61}: DhcpNameServer=85.255.115.94,85.255.112.24
HKLM\SYSTEM\CS1\Services\Tcpip\..\{0715969B-283B-4E93-8F2C-A4343706CA61}: NameServer=85.255.115.94,85.255.112.24
HKLM\SYSTEM\CS1\Services\Tcpip\..\{14DCEE1F-2437-4031-BA4A-C5A1D2178B73}: DhcpNameServer=192.168.1.1 0.0.0.0
HKLM\SYSTEM\CS1\Services\Tcpip\..\{14DCEE1F-2437-4031-BA4A-C5A1D2178B73}: NameServer=85.255.115.94,85.255.112.24
HKLM\SYSTEM\CS1\Services\Tcpip\..\{A4936D06-CABB-4B7A-B4A3-C8CD91583420}: DhcpNameServer=85.255.115.94,85.255.112.24
HKLM\SYSTEM\CS1\Services\Tcpip\..\{A4936D06-CABB-4B7A-B4A3-C8CD91583420}: NameServer=85.255.115.94,85.255.112.24
HKLM\SYSTEM\CS1\Services\Tcpip\..\{A8BD60E3-62AE-4BF3-BE4B-4DD66B50BFFD}: DhcpNameServer=85.255.115.94,85.255.112.24
HKLM\SYSTEM\CS1\Services\Tcpip\..\{A8BD60E3-62AE-4BF3-BE4B-4DD66B50BFFD}: NameServer=85.255.115.94,85.255.112.24
HKLM\SYSTEM\CS1\Services\Tcpip\..\{BCEA4CCD-5AD7-462A-BC53-19A51F9571AC}: DhcpNameServer=85.255.115.94,85.255.112.24
HKLM\SYSTEM\CS1\Services\Tcpip\..\{D76BD333-1E83-4E68-AF63-C008CBBC9822}: DhcpNameServer=85.255.115.94,85.255.112.24
HKLM\SYSTEM\CS1\Services\Tcpip\..\{D76BD333-1E83-4E68-AF63-C008CBBC9822}: NameServer=85.255.115.94,85.255.112.24
HKLM\SYSTEM\CS2\Services\Tcpip\..\{0715969B-283B-4E93-8F2C-A4343706CA61}: DhcpNameServer=85.255.115.94,85.255.112.24
HKLM\SYSTEM\CS2\Services\Tcpip\..\{0715969B-283B-4E93-8F2C-A4343706CA61}: NameServer=85.255.115.94,85.255.112.24
HKLM\SYSTEM\CS2\Services\Tcpip\..\{14DCEE1F-2437-4031-BA4A-C5A1D2178B73}: DhcpNameServer=192.168.1.1 0.0.0.0
HKLM\SYSTEM\CS2\Services\Tcpip\..\{14DCEE1F-2437-4031-BA4A-C5A1D2178B73}: NameServer=85.255.115.94,85.255.112.24
HKLM\SYSTEM\CS2\Services\Tcpip\..\{A4936D06-CABB-4B7A-B4A3-C8CD91583420}: DhcpNameServer=85.255.115.94,85.255.112.24
HKLM\SYSTEM\CS2\Services\Tcpip\..\{A4936D06-CABB-4B7A-B4A3-C8CD91583420}: NameServer=85.255.115.94,85.255.112.24
HKLM\SYSTEM\CS2\Services\Tcpip\..\{A8BD60E3-62AE-4BF3-BE4B-4DD66B50BFFD}: DhcpNameServer=85.255.115.94,85.255.112.24
HKLM\SYSTEM\CS2\Services\Tcpip\..\{A8BD60E3-62AE-4BF3-BE4B-4DD66B50BFFD}: NameServer=85.255.115.94,85.255.112.24
HKLM\SYSTEM\CS2\Services\Tcpip\..\{BCEA4CCD-5AD7-462A-BC53-19A51F9571AC}: DhcpNameServer=85.255.115.94,85.255.112.24
HKLM\SYSTEM\CS2\Services\Tcpip\..\{D76BD333-1E83-4E68-AF63-C008CBBC9822}: DhcpNameServer=85.255.115.94,85.255.112.24
HKLM\SYSTEM\CS2\Services\Tcpip\..\{D76BD333-1E83-4E68-AF63-C008CBBC9822}: NameServer=85.255.115.94,85.255.112.24
HKLM\SYSTEM\CS3\Services\Tcpip\..\{0715969B-283B-4E93-8F2C-A4343706CA61}: DhcpNameServer=85.255.115.94,85.255.112.24
HKLM\SYSTEM\CS3\Services\Tcpip\..\{0715969B-283B-4E93-8F2C-A4343706CA61}: NameServer=85.255.115.94,85.255.112.24
HKLM\SYSTEM\CS3\Services\Tcpip\..\{14DCEE1F-2437-4031-BA4A-C5A1D2178B73}: DhcpNameServer=192.168.1.1 0.0.0.0
HKLM\SYSTEM\CS3\Services\Tcpip\..\{14DCEE1F-2437-4031-BA4A-C5A1D2178B73}: NameServer=85.255.115.94,85.255.112.24
HKLM\SYSTEM\CS3\Services\Tcpip\..\{A4936D06-CABB-4B7A-B4A3-C8CD91583420}: DhcpNameServer=85.255.115.94,85.255.112.24
HKLM\SYSTEM\CS3\Services\Tcpip\..\{A4936D06-CABB-4B7A-B4A3-C8CD91583420}: NameServer=85.255.115.94,85.255.112.24
HKLM\SYSTEM\CS3\Services\Tcpip\..\{A8BD60E3-62AE-4BF3-BE4B-4DD66B50BFFD}: DhcpNameServer=85.255.115.94,85.255.112.24
HKLM\SYSTEM\CS3\Services\Tcpip\..\{A8BD60E3-62AE-4BF3-BE4B-4DD66B50BFFD}: NameServer=85.255.115.94,85.255.112.24
HKLM\SYSTEM\CS3\Services\Tcpip\..\{BCEA4CCD-5AD7-462A-BC53-19A51F9571AC}: DhcpNameServer=85.255.115.94,85.255.112.24
HKLM\SYSTEM\CS3\Services\Tcpip\..\{D76BD333-1E83-4E68-AF63-C008CBBC9822}: DhcpNameServer=85.255.115.94,85.255.112.24
HKLM\SYSTEM\CS3\Services\Tcpip\..\{D76BD333-1E83-4E68-AF63-C008CBBC9822}: NameServer=85.255.115.94,85.255.112.24
HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: NameServer=85.255.115.94 85.255.112.24
HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1 0.0.0.0
HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: NameServer=85.255.115.94 85.255.112.24
HKLM\SYSTEM\CS2\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1 0.0.0.0
HKLM\SYSTEM\CS2\Services\Tcpip\Parameters: NameServer=85.255.115.94 85.255.112.24
HKLM\SYSTEM\CS3\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1 0.0.0.0
HKLM\SYSTEM\CS3\Services\Tcpip\Parameters: NameServer=85.255.115.94 85.255.112.24
»»»»»»»»»»»»»»»»»»»»»»»» Suppression Fichiers Temporaires
»»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"System"="lsass.exe"
»»»»»»»»»»»»»»»»»»»»»»»» Nettoyage du registre
Nettoyage terminé.
»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Après SmitFraudFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll
»»»»»»»»»»»»»»»»»»»»»»»» Fin
»»»»»»»»»»»»»»»»»»»»»»»» Winsock2 Fix
S!Ri's WS2Fix: LSP not Found.
»»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix
GenericRenosFix by S!Ri
»»»»»»»»»»»»»»»»»»»»»»»» Suppression des fichiers infectés
»»»»»»»»»»»»»»»»»»»»»»»» DNS
HKLM\SYSTEM\CCS\Services\Tcpip\..\{0715969B-283B-4E93-8F2C-A4343706CA61}: NameServer=85.155.115.94,85.155.118.94
HKLM\SYSTEM\CCS\Services\Tcpip\..\{14DCEE1F-2437-4031-BA4A-C5A1D2178B73}: NameServer=192.168.1.1
HKLM\SYSTEM\CCS\Services\Tcpip\..\{A4936D06-CABB-4B7A-B4A3-C8CD91583420}: DhcpNameServer=85.255.115.94,85.255.112.24
HKLM\SYSTEM\CCS\Services\Tcpip\..\{A4936D06-CABB-4B7A-B4A3-C8CD91583420}: NameServer=85.255.115.94,85.255.112.24
HKLM\SYSTEM\CCS\Services\Tcpip\..\{BCEA4CCD-5AD7-462A-BC53-19A51F9571AC}: DhcpNameServer=85.255.115.94,85.255.112.24
HKLM\SYSTEM\CCS\Services\Tcpip\..\{D76BD333-1E83-4E68-AF63-C008CBBC9822}: NameServer=85.255.115.94,85.255.112.24
HKLM\SYSTEM\CS1\Services\Tcpip\..\{0715969B-283B-4E93-8F2C-A4343706CA61}: DhcpNameServer=85.255.115.94,85.255.112.24
HKLM\SYSTEM\CS1\Services\Tcpip\..\{0715969B-283B-4E93-8F2C-A4343706CA61}: NameServer=85.255.115.94,85.255.112.24
HKLM\SYSTEM\CS1\Services\Tcpip\..\{14DCEE1F-2437-4031-BA4A-C5A1D2178B73}: DhcpNameServer=192.168.1.1 0.0.0.0
HKLM\SYSTEM\CS1\Services\Tcpip\..\{14DCEE1F-2437-4031-BA4A-C5A1D2178B73}: NameServer=85.255.115.94,85.255.112.24
HKLM\SYSTEM\CS1\Services\Tcpip\..\{A4936D06-CABB-4B7A-B4A3-C8CD91583420}: DhcpNameServer=85.255.115.94,85.255.112.24
HKLM\SYSTEM\CS1\Services\Tcpip\..\{A4936D06-CABB-4B7A-B4A3-C8CD91583420}: NameServer=85.255.115.94,85.255.112.24
HKLM\SYSTEM\CS1\Services\Tcpip\..\{A8BD60E3-62AE-4BF3-BE4B-4DD66B50BFFD}: DhcpNameServer=85.255.115.94,85.255.112.24
HKLM\SYSTEM\CS1\Services\Tcpip\..\{A8BD60E3-62AE-4BF3-BE4B-4DD66B50BFFD}: NameServer=85.255.115.94,85.255.112.24
HKLM\SYSTEM\CS1\Services\Tcpip\..\{BCEA4CCD-5AD7-462A-BC53-19A51F9571AC}: DhcpNameServer=85.255.115.94,85.255.112.24
HKLM\SYSTEM\CS1\Services\Tcpip\..\{D76BD333-1E83-4E68-AF63-C008CBBC9822}: DhcpNameServer=85.255.115.94,85.255.112.24
HKLM\SYSTEM\CS1\Services\Tcpip\..\{D76BD333-1E83-4E68-AF63-C008CBBC9822}: NameServer=85.255.115.94,85.255.112.24
HKLM\SYSTEM\CS2\Services\Tcpip\..\{0715969B-283B-4E93-8F2C-A4343706CA61}: DhcpNameServer=85.255.115.94,85.255.112.24
HKLM\SYSTEM\CS2\Services\Tcpip\..\{0715969B-283B-4E93-8F2C-A4343706CA61}: NameServer=85.255.115.94,85.255.112.24
HKLM\SYSTEM\CS2\Services\Tcpip\..\{14DCEE1F-2437-4031-BA4A-C5A1D2178B73}: DhcpNameServer=192.168.1.1 0.0.0.0
HKLM\SYSTEM\CS2\Services\Tcpip\..\{14DCEE1F-2437-4031-BA4A-C5A1D2178B73}: NameServer=85.255.115.94,85.255.112.24
HKLM\SYSTEM\CS2\Services\Tcpip\..\{A4936D06-CABB-4B7A-B4A3-C8CD91583420}: DhcpNameServer=85.255.115.94,85.255.112.24
HKLM\SYSTEM\CS2\Services\Tcpip\..\{A4936D06-CABB-4B7A-B4A3-C8CD91583420}: NameServer=85.255.115.94,85.255.112.24
HKLM\SYSTEM\CS2\Services\Tcpip\..\{A8BD60E3-62AE-4BF3-BE4B-4DD66B50BFFD}: DhcpNameServer=85.255.115.94,85.255.112.24
HKLM\SYSTEM\CS2\Services\Tcpip\..\{A8BD60E3-62AE-4BF3-BE4B-4DD66B50BFFD}: NameServer=85.255.115.94,85.255.112.24
HKLM\SYSTEM\CS2\Services\Tcpip\..\{BCEA4CCD-5AD7-462A-BC53-19A51F9571AC}: DhcpNameServer=85.255.115.94,85.255.112.24
HKLM\SYSTEM\CS2\Services\Tcpip\..\{D76BD333-1E83-4E68-AF63-C008CBBC9822}: DhcpNameServer=85.255.115.94,85.255.112.24
HKLM\SYSTEM\CS2\Services\Tcpip\..\{D76BD333-1E83-4E68-AF63-C008CBBC9822}: NameServer=85.255.115.94,85.255.112.24
HKLM\SYSTEM\CS3\Services\Tcpip\..\{0715969B-283B-4E93-8F2C-A4343706CA61}: DhcpNameServer=85.255.115.94,85.255.112.24
HKLM\SYSTEM\CS3\Services\Tcpip\..\{0715969B-283B-4E93-8F2C-A4343706CA61}: NameServer=85.255.115.94,85.255.112.24
HKLM\SYSTEM\CS3\Services\Tcpip\..\{14DCEE1F-2437-4031-BA4A-C5A1D2178B73}: DhcpNameServer=192.168.1.1 0.0.0.0
HKLM\SYSTEM\CS3\Services\Tcpip\..\{14DCEE1F-2437-4031-BA4A-C5A1D2178B73}: NameServer=85.255.115.94,85.255.112.24
HKLM\SYSTEM\CS3\Services\Tcpip\..\{A4936D06-CABB-4B7A-B4A3-C8CD91583420}: DhcpNameServer=85.255.115.94,85.255.112.24
HKLM\SYSTEM\CS3\Services\Tcpip\..\{A4936D06-CABB-4B7A-B4A3-C8CD91583420}: NameServer=85.255.115.94,85.255.112.24
HKLM\SYSTEM\CS3\Services\Tcpip\..\{A8BD60E3-62AE-4BF3-BE4B-4DD66B50BFFD}: DhcpNameServer=85.255.115.94,85.255.112.24
HKLM\SYSTEM\CS3\Services\Tcpip\..\{A8BD60E3-62AE-4BF3-BE4B-4DD66B50BFFD}: NameServer=85.255.115.94,85.255.112.24
HKLM\SYSTEM\CS3\Services\Tcpip\..\{BCEA4CCD-5AD7-462A-BC53-19A51F9571AC}: DhcpNameServer=85.255.115.94,85.255.112.24
HKLM\SYSTEM\CS3\Services\Tcpip\..\{D76BD333-1E83-4E68-AF63-C008CBBC9822}: DhcpNameServer=85.255.115.94,85.255.112.24
HKLM\SYSTEM\CS3\Services\Tcpip\..\{D76BD333-1E83-4E68-AF63-C008CBBC9822}: NameServer=85.255.115.94,85.255.112.24
HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: NameServer=85.255.115.94 85.255.112.24
HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1 0.0.0.0
HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: NameServer=85.255.115.94 85.255.112.24
HKLM\SYSTEM\CS2\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1 0.0.0.0
HKLM\SYSTEM\CS2\Services\Tcpip\Parameters: NameServer=85.255.115.94 85.255.112.24
HKLM\SYSTEM\CS3\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1 0.0.0.0
HKLM\SYSTEM\CS3\Services\Tcpip\Parameters: NameServer=85.255.115.94 85.255.112.24
»»»»»»»»»»»»»»»»»»»»»»»» Suppression Fichiers Temporaires
»»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"System"="lsass.exe"
»»»»»»»»»»»»»»»»»»»»»»»» Nettoyage du registre
Nettoyage terminé.
»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Après SmitFraudFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll
»»»»»»»»»»»»»»»»»»»»»»»» Fin
Regis59
Messages postés
21143
Date d'inscription
mardi 27 juin 2006
Statut
Contributeur sécurité
Dernière intervention
22 juin 2016
1 321
5 nov. 2007 à 18:49
5 nov. 2007 à 18:49
ok....
Peux tu me dire ou tu habites? Espagne?
Rends toi ici:
C:\Windows\System32\drivers\etc\hosts
Ouvre hosts avec le bloc note et laisses y que:
Puis enregistre.
Ensuite:
Télécharge le FixWareout sur le bureau:
http://download.bleepingcomputer.com/lonny/Fixwareout.exe
Lance le fix: clique sur Next, puis Install, puis assure toi que "Run fixit" est activé puis clique sur Finish.
Le fix va commencer, suis les messages à l'écran. Il te sera demandé de redémarrer ton ordinateur, fais le. Ton système mettra un peu plus de temps au démarrage, c'est normal.
Quand ton système aura redémarré, suis les invites des messages. Ensuite lance HijackThis. Clique sur Scan et coche les lignes suivantes:
O17 - HKLM\System\CCS\Services\Tcpip\..\{A4936D06-CABB-4B7A-B4A3-C8CD91583420}: NameServer = 85.255.115.94,85.255.112.24
O17 - HKLM\System\CCS\Services\Tcpip\..\{D76BD333-1E83-4E68-AF63-C008CBBC9822}: NameServer = 85.255.115.94,85.255.112.24
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.115.94 85.255.112.24
O17 - HKLM\System\CS1\Services\Tcpip\..\{0715969B-283B-4E93-8F2C-A4343706CA61}: NameServer = 85.255.115.94,85.255.112.24
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 85.255.115.94 85.255.112.24
O17 - HKLM\System\CS2\Services\Tcpip\..\{0715969B-283B-4E93-8F2C-A4343706CA61}: NameServer = 85.255.115.94,85.255.112.24
O17 - HKLM\System\CS3\Services\Tcpip\Parameters: NameServer = 85.255.115.94 85.255.112.24
O17 - HKLM\System\CS3\Services\Tcpip\..\{0715969B-283B-4E93-8F2C-A4343706CA61}: NameServer = 85.255.115.94,85.255.112.24
O17 - HKLM\System\CS4\Services\Tcpip\Parameters: NameServer = 85.255.115.94 85.255.112.24
O17 - HKLM\System\CS4\Services\Tcpip\..\{0715969B-283B-4E93-8F2C-A4343706CA61}: NameServer = 85.255.115.94,85.255.112.24
O17 - HKLM\System\CS6\Services\Tcpip\Parameters: NameServer = 85.255.115.94 85.255.112.24
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.115.94 85.255.112.24
Clique sur Fix Checked. Ferme HijackThis et clique sur OK pour continuer la procédure.
A la fin du fix, tu auras peut-être encore besoin de redémarrer le PC.
Au final, poste le contenu de C:\fixwareout\report.txt avec un nouveau rapport HijackThis.
A+
Peux tu me dire ou tu habites? Espagne?
Rends toi ici:
C:\Windows\System32\drivers\etc\hosts
Ouvre hosts avec le bloc note et laisses y que:
# Copyright (c) 1993-1999 Microsoft Corp. # # Ceci est un exemple de fichier HOSTS utilisé par Microsoft TCP/IP # pour Windows. # # Ce fichier contient les correspondances des adresses IP aux noms d'hôtes. # Chaque entrée doit être sur une ligne propre. L'adresse IP doit être placée # dans la première colonne, suivie par le nom d'hôte correspondant. L'adresse # IP et le nom d'hôte doivent être séparés par au moins un espace. # # De plus, des commentaires (tels que celui-ci) peuvent être insérés sur des # lignes propres ou après le nom d'ordinateur. Ils sont indiqué par le # symbole '#'. # # Par exemple : # # 102.54.94.97 rhino.acme.com # serveur source # 38.25.63.10 x.acme.com # hôte client x 127.0.0.1 localhost
Puis enregistre.
Ensuite:
Télécharge le FixWareout sur le bureau:
http://download.bleepingcomputer.com/lonny/Fixwareout.exe
Lance le fix: clique sur Next, puis Install, puis assure toi que "Run fixit" est activé puis clique sur Finish.
Le fix va commencer, suis les messages à l'écran. Il te sera demandé de redémarrer ton ordinateur, fais le. Ton système mettra un peu plus de temps au démarrage, c'est normal.
Quand ton système aura redémarré, suis les invites des messages. Ensuite lance HijackThis. Clique sur Scan et coche les lignes suivantes:
O17 - HKLM\System\CCS\Services\Tcpip\..\{A4936D06-CABB-4B7A-B4A3-C8CD91583420}: NameServer = 85.255.115.94,85.255.112.24
O17 - HKLM\System\CCS\Services\Tcpip\..\{D76BD333-1E83-4E68-AF63-C008CBBC9822}: NameServer = 85.255.115.94,85.255.112.24
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.115.94 85.255.112.24
O17 - HKLM\System\CS1\Services\Tcpip\..\{0715969B-283B-4E93-8F2C-A4343706CA61}: NameServer = 85.255.115.94,85.255.112.24
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 85.255.115.94 85.255.112.24
O17 - HKLM\System\CS2\Services\Tcpip\..\{0715969B-283B-4E93-8F2C-A4343706CA61}: NameServer = 85.255.115.94,85.255.112.24
O17 - HKLM\System\CS3\Services\Tcpip\Parameters: NameServer = 85.255.115.94 85.255.112.24
O17 - HKLM\System\CS3\Services\Tcpip\..\{0715969B-283B-4E93-8F2C-A4343706CA61}: NameServer = 85.255.115.94,85.255.112.24
O17 - HKLM\System\CS4\Services\Tcpip\Parameters: NameServer = 85.255.115.94 85.255.112.24
O17 - HKLM\System\CS4\Services\Tcpip\..\{0715969B-283B-4E93-8F2C-A4343706CA61}: NameServer = 85.255.115.94,85.255.112.24
O17 - HKLM\System\CS6\Services\Tcpip\Parameters: NameServer = 85.255.115.94 85.255.112.24
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.115.94 85.255.112.24
Clique sur Fix Checked. Ferme HijackThis et clique sur OK pour continuer la procédure.
A la fin du fix, tu auras peut-être encore besoin de redémarrer le PC.
Au final, poste le contenu de C:\fixwareout\report.txt avec un nouveau rapport HijackThis.
A+
Non j'habite en France pourquoi?!
Ok j'ai tout fait voila le rapport fixwareout :
sername "HP_Propri‚taire" - 05/11/2007 21:20:59 [Fixwareout edited 9/01/2007]
~~~~~ Prerun check
Cache de résolution DNS vidé.
System was rebooted successfully.
~~~~~ Postrun check
HKLM\SOFTWARE\~\Winlogon\ "System"="lsass.exe"
....
....
~~~~~ Misc files.
....
~~~~~ Checking for older varients.
....
~~~~~ Current runs (hklm hkcu "run" Keys Only)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="RUNDLL32.EXE C:\\WINDOWS\\system32\\NvCpl.dll,NvStartup"
"Explorer"="C:\\WINDOWS\\system32\\expIorer.exe"
"HPHUPD06"="c:\\Program Files\\HP\\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\\hphupd06.exe"
"h3yb0y"="C:\\WINDOWS\\SYSTEM32\\DRIVERS\\etc\\LSASS.exe C:\\WINDOWS\\SYSTEM32\\DRIVERS\\etc\\service.exe C:\\WINDOWS\\SYSTEM32\\DRIVERS\\etc\\conf.dll"
"h3yb0y1"="C:\\WINDOWS\\SYSTEM32\\DRIVERS\\etc\\LSASS.exe C:\\WINDOWS\\SYSTEM32\\DRIVERS\\etc\\system.exe C:\\WINDOWS\\SYSTEM32\\DRIVERS\\etc\\serv-u.ini"
"WOOWATCH"="C:\\PROGRA~1\\Wanadoo\\Watch.exe"
"WOOTASKBARICON"="C:\\PROGRA~1\\Wanadoo\\GestMaj.exe TaskBarIcon.exe"
"helpr"="C:\\Program Files\\SETI\\helper.exe -loader -nolog"
"LVCOMSX"="C:\\WINDOWS\\system32\\LVCOMSX.EXE"
"hpsysdrv"="c:\\windows\\system\\hpsysdrv.exe"
"AlcxMonitor"="ALCXMNTR.EXE"
"PS2"="C:\\WINDOWS\\system32\\ps2.exe"
"avast!"="C:\\PROGRA~1\\ALWILS~1\\Avast4\\ashDisp.exe"
"HPHmon06"="C:\\WINDOWS\\system32\\hphmon06.exe"
"EPSON Stylus CX3200"="C:\\WINDOWS\\System32\\spool\\DRIVERS\\W32X86\\3\\E_S10IC2.EXE /P19 \"EPSON Stylus CX3200\" /O6 \"USB001\" /M \"Stylus CX3200\""
"NeroFilterCheck"="C:\\Program Files\\Fichiers communs\\Ahead\\Lib\\NeroCheck.exe"
"KernelFaultCheck"=hex(2):25,73,79,73,74,65,6d,72,6f,6f,74,25,5c,73,79,73,74,\
65,6d,33,32,5c,64,75,6d,70,72,65,70,20,30,20,2d,6b,00
"Google Desktop Search"="\"C:\\Program Files\\Google\\Google Desktop Search\\GoogleDesktop.exe\" /startup"
"Recguard"="C:\\WINDOWS\\SMINST\\RECGUARD.EXE"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PCShield"="regsvr32 /s \"C:\\WINDOWS\\system32\\sfg.dll\""
"ctfmon.exe"="C:\\WINDOWS\\system32\\ctfmon.exe"
"STYLEXP"="C:\\Program Files\\TGTSoft\\StyleXP\\StyleXP.exe -Hide"
"L07FXLRD_674447171"="\"C:\\Program Files\\Microsoft Etudes\\Microsoft Encarta 2007 - Études DVD\\EDICT.EXE\" -m"
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="\"C:\\Program Files\\Fichiers communs\\Ahead\\Lib\\NMBgMonitor.exe\""
"Philips Intelligent Agent"="\"C:\\Program Files\\Philips Intelligent Agent\\Philips Intelligent Agent.exe\" /SILENT"
"LightScribe Control Panel"="C:\\Program Files\\Fichiers communs\\LightScribe\\LightScribeControlPanel.exe -hidden"
"CursorXP"="C:\\Program Files\\CursorXP\\CursorXP.exe"
"WMPNSCFG"="C:\\Program Files\\Windows Media Player\\WMPNSCFG.exe"
"SpybotSD TeaTimer"="C:\\Program Files\\Spybot - Search & Destroy\\TeaTimer.exe"
....
Hosts file was reset, If you use a custom hosts file please replace it...
C:\WINDOWS\System32\AUTOEXEC.NT missing
~~~~~ End report ~~~~~
Et voici le rapport Hijack this :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:36:22, on 05/11/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Fichiers communs\EPSON\EBAPI\eEBSVC.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\cisvc.exe
C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\tcpsvcs.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\CursorXP\CursorXP.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\SAGEM Wi-Fi USB 802.11g\WLANUTL.exe
C:\WINDOWS\SYSTEM32\cidaemon.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = 255.255.255.255
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 255.255.255.255:80
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - <default> - (no file)
R3 - URLSearchHook: (no name) - {1BB22D38-A411-4B13-A746-C2A4F4EC7344} - (no file)
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (file missing)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {549B5CA7-4A86-11D7-A4DF-000874180BB3} - (no file)
O2 - BHO: (no name) - {65D5A3B2-859E-42F5-AE9E-BC6D7EC1B0EB} - C:\WINDOWS\system32\VBA232.DLL (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: ADefaultSearch Class - {944864A5-3916-46E2-96A9-A2E84F3F1208} - C:\Program Files\Accoona\ASearchAssist.dll (file missing)
O2 - BHO: BHO pour Compagnon Web Encarta - {955BE0B8-BC85-4CAF-856E-8E0D8B610560} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Web Companion\2007\ENCWCBAR.DLL
O2 - BHO: (no name) - {B7531CF3-3DBE-4D68-BED9-E3697F3CDC9B} - C:\WINDOWS\system32\dplay32.dll (file missing)
O2 - BHO: (no name) - {C2EA6A7E-79FC-4CFB-90E4-898C742B44C5} - C:\WINDOWS\system32\mobsyncd.dll (file missing)
O2 - BHO: TGTSoft Explorer Toolbar Changer - {C333CF63-767F-4831-94AC-E683D962C63C} - C:\Program Files\TGTSoft\StyleXP\TGT_BHO.dll
O2 - BHO: (no name) - {F3E3A0A8-906B-47D7-8E5E-8C7F1D3C0BDC} - C:\WINDOWS\system32\ulib32.dll (file missing)
O2 - BHO: XBTP01621 - {F6104497-54FD-4688-9162-5115CC8AB0FB} - C:\PROGRA~1\BEARSH~2\BEARSH~2\MediaBar.dll (file missing)
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
O3 - Toolbar: Vue HP - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (file missing)
O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)
O3 - Toolbar: BearShare MediaBar - {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - C:\Program Files\BearShare applications\BearShare MediaBar\MediaBar.dll (file missing)
O3 - Toolbar: Compagnon Web Encarta - {147D6308-0614-4112-89B1-31402F9B82C4} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Web Companion\2007\ENCWCBAR.DLL
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Explorer] C:\WINDOWS\system32\expIorer.exe
O4 - HKLM\..\Run: [HPHUPD06] c:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe
O4 - HKLM\..\Run: [h3yb0y] C:\WINDOWS\SYSTEM32\DRIVERS\etc\LSASS.exe C:\WINDOWS\SYSTEM32\DRIVERS\etc\service.exe C:\WINDOWS\SYSTEM32\DRIVERS\etc\conf.dll
O4 - HKLM\..\Run: [h3yb0y1] C:\WINDOWS\SYSTEM32\DRIVERS\etc\LSASS.exe C:\WINDOWS\SYSTEM32\DRIVERS\etc\system.exe C:\WINDOWS\SYSTEM32\DRIVERS\etc\serv-u.ini
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [helpr] C:\Program Files\SETI\helper.exe -loader -nolog
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [HPHmon06] C:\WINDOWS\system32\hphmon06.exe
O4 - HKLM\..\Run: [EPSON Stylus CX3200] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE /P19 "EPSON Stylus CX3200" /O6 "USB001" /M "Stylus CX3200"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKCU\..\Run: [PCShield] regsvr32 /s "C:\WINDOWS\system32\sfg.dll"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [STYLEXP] C:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide
O4 - HKCU\..\Run: [L07FXLRD_674447171] "C:\Program Files\Microsoft Etudes\Microsoft Encarta 2007 - Études DVD\EDICT.EXE" -m
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [Philips Intelligent Agent] "C:\Program Files\Philips Intelligent Agent\Philips Intelligent Agent.exe" /SILENT
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [CursorXP] C:\Program Files\CursorXP\CursorXP.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - Startup: Utilitaire réseau pour SAGEM Wi-Fi 11g USB adapter.lnk = ?
O8 - Extra context menu item: Télécharger avec FlashGet - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: Télécharger tout avec FlashGet - C:\Program Files\FlashGet\jc_all.htm
O9 - Extra button: Barre de recherche Encarta - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe (file missing)
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe (file missing)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe (file missing)
O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe (file missing)
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by16fd.bay16.hotmail.msn.com/resources/MsnPUpld.cab
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.5.0) - http://javadl-esd.sun.com/update/1.5.0/jinstall-1_5_0_11-windows-i586-jc.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{0715969B-283B-4E93-8F2C-A4343706CA61}: NameServer = 85.155.115.94,85.155.118.94
O17 - HKLM\System\CCS\Services\Tcpip\..\{14DCEE1F-2437-4031-BA4A-C5A1D2178B73}: NameServer = 192.168.1.1
O17 - HKLM\System\CS5\Services\Tcpip\..\{0715969B-283B-4E93-8F2C-A4343706CA61}: NameServer = 85.155.115.94,85.155.118.94
O17 - HKLM\System\CS6\Services\Tcpip\..\{0715969B-283B-4E93-8F2C-A4343706CA61}: NameServer = 85.155.115.94,85.155.118.94
O18 - Filter hijack: text/html - {03974811-C15F-462c-B6B0-2D2336AA57D0} - C:\WINDOWS\system32\hlwin.dll
O20 - AppInit_DLLs: . 3 SF3.DLL,noxizaca.dll C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O21 - SSODL: bxsbang - {D117607A-ED64-4810-9909-CD719374EE12} - C:\WINDOWS\bxsbang.dll (file missing)
O21 - SSODL: ocgrep - {8FFDD5BE-033D-4645-89DD-F81933FEDE44} - C:\WINDOWS\ocgrep.dll (file missing)
O21 - SSODL: msmhost - {4A21A9D8-A5F1-40D7-AAC3-942C449D9180} - (no file)
O21 - SSODL: msmdev - {1BD78B53-5B73-4CCE-8BE2-CB16CCEA2F69} - C:\WINDOWS\msmdev.dll (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Boonty Games - Unknown owner - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe (file missing)
O23 - Service: EpsonBidirectionalService - Unknown owner - C:\Program Files\Fichiers communs\EPSON\EBAPI\eEBSVC.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Unknown owner - C:\Program Files\iPod\bin\iPodService.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: Noxizac Service (NoxizacSrv) - Unknown owner - C:\WINDOWS\system32\noxizac.exe (file missing)
O23 - Service: NTLOAD - Unknown owner - c:\windows\system32\dllcache\win32\winlogon.exe (file missing)
O23 - Service: NTSVCMGR - Unknown owner - c:\windows\system32\dllcache\win32\winlogon.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: OCBNEXFH - Unknown owner - C:\DOCUME~1\HP_PRO~1\LOCALS~1\Temp\OCBNEXFH.exe (file missing)
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Fichiers communs\PCSuite\Services\ServiceLayer.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
Ok j'ai tout fait voila le rapport fixwareout :
sername "HP_Propri‚taire" - 05/11/2007 21:20:59 [Fixwareout edited 9/01/2007]
~~~~~ Prerun check
Cache de résolution DNS vidé.
System was rebooted successfully.
~~~~~ Postrun check
HKLM\SOFTWARE\~\Winlogon\ "System"="lsass.exe"
....
....
~~~~~ Misc files.
....
~~~~~ Checking for older varients.
....
~~~~~ Current runs (hklm hkcu "run" Keys Only)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="RUNDLL32.EXE C:\\WINDOWS\\system32\\NvCpl.dll,NvStartup"
"Explorer"="C:\\WINDOWS\\system32\\expIorer.exe"
"HPHUPD06"="c:\\Program Files\\HP\\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\\hphupd06.exe"
"h3yb0y"="C:\\WINDOWS\\SYSTEM32\\DRIVERS\\etc\\LSASS.exe C:\\WINDOWS\\SYSTEM32\\DRIVERS\\etc\\service.exe C:\\WINDOWS\\SYSTEM32\\DRIVERS\\etc\\conf.dll"
"h3yb0y1"="C:\\WINDOWS\\SYSTEM32\\DRIVERS\\etc\\LSASS.exe C:\\WINDOWS\\SYSTEM32\\DRIVERS\\etc\\system.exe C:\\WINDOWS\\SYSTEM32\\DRIVERS\\etc\\serv-u.ini"
"WOOWATCH"="C:\\PROGRA~1\\Wanadoo\\Watch.exe"
"WOOTASKBARICON"="C:\\PROGRA~1\\Wanadoo\\GestMaj.exe TaskBarIcon.exe"
"helpr"="C:\\Program Files\\SETI\\helper.exe -loader -nolog"
"LVCOMSX"="C:\\WINDOWS\\system32\\LVCOMSX.EXE"
"hpsysdrv"="c:\\windows\\system\\hpsysdrv.exe"
"AlcxMonitor"="ALCXMNTR.EXE"
"PS2"="C:\\WINDOWS\\system32\\ps2.exe"
"avast!"="C:\\PROGRA~1\\ALWILS~1\\Avast4\\ashDisp.exe"
"HPHmon06"="C:\\WINDOWS\\system32\\hphmon06.exe"
"EPSON Stylus CX3200"="C:\\WINDOWS\\System32\\spool\\DRIVERS\\W32X86\\3\\E_S10IC2.EXE /P19 \"EPSON Stylus CX3200\" /O6 \"USB001\" /M \"Stylus CX3200\""
"NeroFilterCheck"="C:\\Program Files\\Fichiers communs\\Ahead\\Lib\\NeroCheck.exe"
"KernelFaultCheck"=hex(2):25,73,79,73,74,65,6d,72,6f,6f,74,25,5c,73,79,73,74,\
65,6d,33,32,5c,64,75,6d,70,72,65,70,20,30,20,2d,6b,00
"Google Desktop Search"="\"C:\\Program Files\\Google\\Google Desktop Search\\GoogleDesktop.exe\" /startup"
"Recguard"="C:\\WINDOWS\\SMINST\\RECGUARD.EXE"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PCShield"="regsvr32 /s \"C:\\WINDOWS\\system32\\sfg.dll\""
"ctfmon.exe"="C:\\WINDOWS\\system32\\ctfmon.exe"
"STYLEXP"="C:\\Program Files\\TGTSoft\\StyleXP\\StyleXP.exe -Hide"
"L07FXLRD_674447171"="\"C:\\Program Files\\Microsoft Etudes\\Microsoft Encarta 2007 - Études DVD\\EDICT.EXE\" -m"
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="\"C:\\Program Files\\Fichiers communs\\Ahead\\Lib\\NMBgMonitor.exe\""
"Philips Intelligent Agent"="\"C:\\Program Files\\Philips Intelligent Agent\\Philips Intelligent Agent.exe\" /SILENT"
"LightScribe Control Panel"="C:\\Program Files\\Fichiers communs\\LightScribe\\LightScribeControlPanel.exe -hidden"
"CursorXP"="C:\\Program Files\\CursorXP\\CursorXP.exe"
"WMPNSCFG"="C:\\Program Files\\Windows Media Player\\WMPNSCFG.exe"
"SpybotSD TeaTimer"="C:\\Program Files\\Spybot - Search & Destroy\\TeaTimer.exe"
....
Hosts file was reset, If you use a custom hosts file please replace it...
C:\WINDOWS\System32\AUTOEXEC.NT missing
~~~~~ End report ~~~~~
Et voici le rapport Hijack this :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:36:22, on 05/11/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Fichiers communs\EPSON\EBAPI\eEBSVC.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\cisvc.exe
C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\tcpsvcs.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\CursorXP\CursorXP.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\SAGEM Wi-Fi USB 802.11g\WLANUTL.exe
C:\WINDOWS\SYSTEM32\cidaemon.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = 255.255.255.255
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 255.255.255.255:80
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - <default> - (no file)
R3 - URLSearchHook: (no name) - {1BB22D38-A411-4B13-A746-C2A4F4EC7344} - (no file)
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (file missing)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {549B5CA7-4A86-11D7-A4DF-000874180BB3} - (no file)
O2 - BHO: (no name) - {65D5A3B2-859E-42F5-AE9E-BC6D7EC1B0EB} - C:\WINDOWS\system32\VBA232.DLL (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: ADefaultSearch Class - {944864A5-3916-46E2-96A9-A2E84F3F1208} - C:\Program Files\Accoona\ASearchAssist.dll (file missing)
O2 - BHO: BHO pour Compagnon Web Encarta - {955BE0B8-BC85-4CAF-856E-8E0D8B610560} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Web Companion\2007\ENCWCBAR.DLL
O2 - BHO: (no name) - {B7531CF3-3DBE-4D68-BED9-E3697F3CDC9B} - C:\WINDOWS\system32\dplay32.dll (file missing)
O2 - BHO: (no name) - {C2EA6A7E-79FC-4CFB-90E4-898C742B44C5} - C:\WINDOWS\system32\mobsyncd.dll (file missing)
O2 - BHO: TGTSoft Explorer Toolbar Changer - {C333CF63-767F-4831-94AC-E683D962C63C} - C:\Program Files\TGTSoft\StyleXP\TGT_BHO.dll
O2 - BHO: (no name) - {F3E3A0A8-906B-47D7-8E5E-8C7F1D3C0BDC} - C:\WINDOWS\system32\ulib32.dll (file missing)
O2 - BHO: XBTP01621 - {F6104497-54FD-4688-9162-5115CC8AB0FB} - C:\PROGRA~1\BEARSH~2\BEARSH~2\MediaBar.dll (file missing)
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
O3 - Toolbar: Vue HP - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (file missing)
O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)
O3 - Toolbar: BearShare MediaBar - {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - C:\Program Files\BearShare applications\BearShare MediaBar\MediaBar.dll (file missing)
O3 - Toolbar: Compagnon Web Encarta - {147D6308-0614-4112-89B1-31402F9B82C4} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Web Companion\2007\ENCWCBAR.DLL
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Explorer] C:\WINDOWS\system32\expIorer.exe
O4 - HKLM\..\Run: [HPHUPD06] c:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe
O4 - HKLM\..\Run: [h3yb0y] C:\WINDOWS\SYSTEM32\DRIVERS\etc\LSASS.exe C:\WINDOWS\SYSTEM32\DRIVERS\etc\service.exe C:\WINDOWS\SYSTEM32\DRIVERS\etc\conf.dll
O4 - HKLM\..\Run: [h3yb0y1] C:\WINDOWS\SYSTEM32\DRIVERS\etc\LSASS.exe C:\WINDOWS\SYSTEM32\DRIVERS\etc\system.exe C:\WINDOWS\SYSTEM32\DRIVERS\etc\serv-u.ini
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [helpr] C:\Program Files\SETI\helper.exe -loader -nolog
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [HPHmon06] C:\WINDOWS\system32\hphmon06.exe
O4 - HKLM\..\Run: [EPSON Stylus CX3200] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE /P19 "EPSON Stylus CX3200" /O6 "USB001" /M "Stylus CX3200"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKCU\..\Run: [PCShield] regsvr32 /s "C:\WINDOWS\system32\sfg.dll"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [STYLEXP] C:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide
O4 - HKCU\..\Run: [L07FXLRD_674447171] "C:\Program Files\Microsoft Etudes\Microsoft Encarta 2007 - Études DVD\EDICT.EXE" -m
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [Philips Intelligent Agent] "C:\Program Files\Philips Intelligent Agent\Philips Intelligent Agent.exe" /SILENT
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [CursorXP] C:\Program Files\CursorXP\CursorXP.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - Startup: Utilitaire réseau pour SAGEM Wi-Fi 11g USB adapter.lnk = ?
O8 - Extra context menu item: Télécharger avec FlashGet - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: Télécharger tout avec FlashGet - C:\Program Files\FlashGet\jc_all.htm
O9 - Extra button: Barre de recherche Encarta - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe (file missing)
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe (file missing)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe (file missing)
O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe (file missing)
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by16fd.bay16.hotmail.msn.com/resources/MsnPUpld.cab
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.5.0) - http://javadl-esd.sun.com/update/1.5.0/jinstall-1_5_0_11-windows-i586-jc.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{0715969B-283B-4E93-8F2C-A4343706CA61}: NameServer = 85.155.115.94,85.155.118.94
O17 - HKLM\System\CCS\Services\Tcpip\..\{14DCEE1F-2437-4031-BA4A-C5A1D2178B73}: NameServer = 192.168.1.1
O17 - HKLM\System\CS5\Services\Tcpip\..\{0715969B-283B-4E93-8F2C-A4343706CA61}: NameServer = 85.155.115.94,85.155.118.94
O17 - HKLM\System\CS6\Services\Tcpip\..\{0715969B-283B-4E93-8F2C-A4343706CA61}: NameServer = 85.155.115.94,85.155.118.94
O18 - Filter hijack: text/html - {03974811-C15F-462c-B6B0-2D2336AA57D0} - C:\WINDOWS\system32\hlwin.dll
O20 - AppInit_DLLs: . 3 SF3.DLL,noxizaca.dll C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O21 - SSODL: bxsbang - {D117607A-ED64-4810-9909-CD719374EE12} - C:\WINDOWS\bxsbang.dll (file missing)
O21 - SSODL: ocgrep - {8FFDD5BE-033D-4645-89DD-F81933FEDE44} - C:\WINDOWS\ocgrep.dll (file missing)
O21 - SSODL: msmhost - {4A21A9D8-A5F1-40D7-AAC3-942C449D9180} - (no file)
O21 - SSODL: msmdev - {1BD78B53-5B73-4CCE-8BE2-CB16CCEA2F69} - C:\WINDOWS\msmdev.dll (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Boonty Games - Unknown owner - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe (file missing)
O23 - Service: EpsonBidirectionalService - Unknown owner - C:\Program Files\Fichiers communs\EPSON\EBAPI\eEBSVC.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Unknown owner - C:\Program Files\iPod\bin\iPodService.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: Noxizac Service (NoxizacSrv) - Unknown owner - C:\WINDOWS\system32\noxizac.exe (file missing)
O23 - Service: NTLOAD - Unknown owner - c:\windows\system32\dllcache\win32\winlogon.exe (file missing)
O23 - Service: NTSVCMGR - Unknown owner - c:\windows\system32\dllcache\win32\winlogon.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: OCBNEXFH - Unknown owner - C:\DOCUME~1\HP_PRO~1\LOCALS~1\Temp\OCBNEXFH.exe (file missing)
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Fichiers communs\PCSuite\Services\ServiceLayer.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
Regis59
Messages postés
21143
Date d'inscription
mardi 27 juin 2006
Statut
Contributeur sécurité
Dernière intervention
22 juin 2016
1 321
5 nov. 2007 à 22:31
5 nov. 2007 à 22:31
Y'a semble t il encore pas mal de boulot.
Télécharge Combofix sUBs :
http://download.bleepingcomputer.com/sUBs/ComboFix.exe
et sauvegarde le sur ton bureau et pas ailleurs!
Double-clic sur combofix, Il va te poser une question, réponds par la touche 1 et entrée pour valider.
Attends que combofix ait terminé, un rapport sera créé. Poste le rapport.
Copie/colle un nouveau rapport HiJackThis avec.
Télécharge Combofix sUBs :
http://download.bleepingcomputer.com/sUBs/ComboFix.exe
et sauvegarde le sur ton bureau et pas ailleurs!
Double-clic sur combofix, Il va te poser une question, réponds par la touche 1 et entrée pour valider.
Attends que combofix ait terminé, un rapport sera créé. Poste le rapport.
Copie/colle un nouveau rapport HiJackThis avec.
Peut être qu'il semble encore avoir pas mal de boulot mais le virus semble avoir été supprimé! L'antivirus ne le détecte plus et il n'est plus actif comme avant!
Mais voici kan même le rapport de combofix :
ComboFix 07-11-05.2 - HP_Propriétaire 2007-11-05 22:56:40.1 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.426 [GMT 1:00]
Running from: C:\Documents and Settings\HP_Propriétaire\Bureau\ComboFix.exe
* Created a new restore point
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\Documents and Settings\All Users\Application Data.\salesmonitor
C:\Documents and Settings\HP_Propriétaire\Application Data\hidires
C:\Redemption.ECF
C:\WINDOWS\pack.epk
C:\WINDOWS\rs.txt
C:\WINDOWS\search_res.txt
C:\WINDOWS\system32\stera.log
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\LEGACY_FOPN
-------\LEGACY_IPRIP
-------\LEGACY_NTLOAD
-------\LEGACY_NWSAPAGENT
-------\LEGACY_VSPF
-------\LEGACY_VSPF_HK
-------\Iprip
-------\m_hook
-------\NTLOAD
-------\NwSapAgent
-------\vspf
-------\vspf_hk
((((((((((((((((((((((((((((( Fichiers cr‚‚s 2007-10-05 to 2007-11-05 ))))))))))))))))))))))))))))))))))))
.
2007-11-05 22:54 51,200 --a------ C:\WINDOWS\NirCmd.exe
2007-11-05 13:56 <REP> d----c--- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2007-11-05 10:52 289,144 --a------ C:\WINDOWS\system32\VCCLSID.exe
2007-11-05 10:52 288,417 --a------ C:\WINDOWS\system32\SrchSTS.exe
2007-11-05 10:52 53,248 --a------ C:\WINDOWS\system32\Process.exe
2007-11-05 10:52 51,200 --a------ C:\WINDOWS\system32\dumphive.exe
2007-11-05 10:52 25,600 --a------ C:\WINDOWS\system32\WS2Fix.exe
2007-11-04 22:05 4,332 --a------ C:\WINDOWS\system32\tmp.reg
2007-11-04 14:32 <REP> d----c--- C:\VundoFix Backups
2007-11-03 19:41 <REP> d----c--- C:\Program Files\Trend Micro
2007-10-30 18:55 2,855 --a------ C:\WINDOWS\system32\edit.PIF
2007-10-27 09:07 44,032 --a------ C:\WINDOWS\system32\VuPassword.dll
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-11-05 21:46 --------- dc----w C:\Program Files\eMule
2007-11-05 20:26 --------- dc----w C:\Program Files\Wanadoo
2007-10-27 17:45 --------- dc----w C:\Program Files\DivX
2007-10-15 17:37 --------- dc----w C:\Program Files\Shareaza
2007-09-28 16:07 43,528 ------w C:\WINDOWS\system32\drivers\pxhelp20.sys
2007-09-23 20:09 --------- dc----w C:\Program Files\Dictionnaire
2007-09-06 10:05 94,416 ----a-w C:\WINDOWS\system32\drivers\aswmon2.sys
2007-09-06 10:05 92,848 ----a-w C:\WINDOWS\system32\drivers\aswmon.sys
2007-09-06 10:03 23,152 ----a-w C:\WINDOWS\system32\drivers\aswRdr.sys
2007-09-06 10:02 42,912 ----a-w C:\WINDOWS\system32\drivers\aswTdi.sys
2007-09-06 10:00 26,624 ----a-w C:\WINDOWS\system32\drivers\aavmker4.sys
2005-08-23 15:40:18 0 --sha-w C:\WINDOWS\SMINST\HPCD.sys
2005-10-24 07:39:23 56 --sh--r C:\WINDOWS\system32\8CD90E1E38.sys
2003-08-16 19:56:00 579,584 --sha-r C:\WINDOWS\system32\cd.exe
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{549B5CA7-4A86-11D7-A4DF-000874180BB3}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{65D5A3B2-859E-42F5-AE9E-BC6D7EC1B0EB}]
C:\WINDOWS\system32\VBA232.DLL
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{944864A5-3916-46E2-96A9-A2E84F3F1208}]
C:\Program Files\Accoona\ASearchAssist.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{B7531CF3-3DBE-4D68-BED9-E3697F3CDC9B}]
C:\WINDOWS\system32\dplay32.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{C2EA6A7E-79FC-4CFB-90E4-898C742B44C5}]
C:\WINDOWS\system32\mobsyncd.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{F3E3A0A8-906B-47D7-8E5E-8C7F1D3C0BDC}]
C:\WINDOWS\system32\ulib32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2004-07-01 23:12]
"HPHUPD06"="c:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe" [2004-06-07 18:53]
"h3yb0y"="C:\WINDOWS\SYSTEM32\DRIVERS\etc\LSASS.exe" []
"h3yb0y1"="C:\WINDOWS\SYSTEM32\DRIVERS\etc\LSASS.exe" []
"WOOWATCH"="C:\PROGRA~1\Wanadoo\Watch.exe" [2004-08-23 14:49]
"WOOTASKBARICON"="C:\PROGRA~1\Wanadoo\GestMaj.exe" [2004-10-14 16:55]
"helpr"="C:\Program Files\SETI\helper.exe" []
"LVCOMSX"="C:\WINDOWS\system32\LVCOMSX.EXE" [2004-10-08 10:52]
"hpsysdrv"="c:\windows\system\hpsysdrv.exe" [1998-05-07 16:04]
"AlcxMonitor"="ALCXMNTR.EXE" []
"PS2"="C:\WINDOWS\system32\ps2.exe" []
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-09-06 11:06]
"HPHmon06"="C:\WINDOWS\system32\hphmon06.exe" [2004-06-07 18:43]
"EPSON Stylus CX3200"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.exe" [2002-07-01 04:05]
"NeroFilterCheck"="C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe" [2007-03-15 19:02]
"Google Desktop Search"="C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" [2007-08-18 08:38]
"Recguard"="C:\WINDOWS\SMINST\RECGUARD.EXE" [2004-04-14 20:43]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PCShield"="regsvr32 /s C:\WINDOWS\system32\sfg.dll" []
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 11:00]
"STYLEXP"="C:\Program Files\TGTSoft\StyleXP\StyleXP.exe" [2006-05-24 19:31]
"L07FXLRD_674447171"="C:\Program Files\Microsoft Etudes\Microsoft Encarta 2007 - Études DVD\EDICT.exe" []
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe" [2007-03-22 07:51]
"Philips Intelligent Agent"="C:\Program Files\Philips Intelligent Agent\Philips Intelligent Agent.exe" [2007-03-06 10:58]
"LightScribe Control Panel"="C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe" [2007-05-15 16:12]
"CursorXP"="C:\Program Files\CursorXP\CursorXP.exe" [2005-01-19 16:34]
"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2006-11-03 09:59]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2007-08-31 16:46]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"EditLevel"=0 (0x0)
"NoCommonGroups"=0 (0x0)
"DisallowRun"=0 (0x0)
"NoToolbarsOnTaskbar"=0 (0x0)
"NoTrayContextMenu"=0 (0x0)
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\disallowrun]
"1"=edi.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
"bxsbang"= {D117607A-ED64-4810-9909-CD719374EE12} - C:\WINDOWS\bxsbang.dll [ ]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"System"="lsass.exe"
"UIHost"=hex(2):25,53,79,73,74,65,6d,52,6f,6f,74,25,5c,73,79,73,74,65,6d,33,32,\
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=. 3 SF3.DLL,noxizaca.dll C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
[color=red]SafeBoot registry key needs repairs. This machine cannot enter Safe Mode.[/color]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\File system]
@="Driver Group"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vgasave.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E967-E325-11CE-BFC1-08002BE10318}]
@="DiskDrive"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96A-E325-11CE-BFC1-08002BE10318}]
@="Hdc"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96B-E325-11CE-BFC1-08002BE10318}]
@="Keyboard"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96F-E325-11CE-BFC1-08002BE10318}]
@="Mouse"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97D-E325-11CE-BFC1-08002BE10318}]
@="System"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{71A27CDD-812A-11D0-BEC7-08002BE2092F}]
@="Volume"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acme.PCHButton]
C:\PROGRA~1\HELPAN~1\Pavilion\XPHWWBF4\plugin\bin\PCHButton.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
nwiz.exe /installquiet /keeploaded /nodetect
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCShield]
regsvr32 /s "C:\WINDOWS\system32\sfg.dll"
R0 sfsync03;StarForce Protection Synchronization Driver (version 3.x);C:\WINDOWS\system32\drivers\sfsync03.sys
R0 vax347b2;vax347b2;C:\WINDOWS\system32\DRIVERS\vax347b2.sys
R0 vax347s2;vax347s2;C:\WINDOWS\system32\Drivers\vax347s2.sys
R2 MicroGuard;MicroGuard Copy Protection;\??\C:\WINDOWS\system32\drivers\mgnt.sys
R2 Planificateur LiveUpdate automatique;Planificateur LiveUpdate automatique;"C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe"
R3 Cap7134;ASUS TV7134 WDM Video Capture;C:\WINDOWS\system32\DRIVERS\Cap7134.sys
R3 PhTVTune;ASUS WDM TV Tuner;C:\WINDOWS\system32\DRIVERS\PhTVTune.sys
R3 USBSTOR;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
R3 WlanUIG;Sagem 802.11g Wireless LAN USB Adapter Driver;C:\WINDOWS\system32\DRIVERS\WlanUIG.sys
S2 NoxizacDriver;Noxizac Driver;\??\C:\WINDOWS\system32\noxizac.sys
S2 NoxizacSrv;Noxizac Service;C:\WINDOWS\system32\noxizac.exe
S3 Boonty Games;Boonty Games;"C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe"
S3 DFUBTUSB;WIDCOMM USB Bluetooth Driver in DFU State;C:\WINDOWS\system32\Drivers\frmupgr.sys
S3 hSONYPVh;hSONYPVh;\??\C:\DOCUME~1\HP_PRO~1\LOCALS~1\Temp\hSONYPVh.sys
S3 MEMSWEEP2;MEMSWEEP2;\??\C:\WINDOWS\system32\SophosMEMSWEEP.SYS
S3 OCBNEXFH;OCBNEXFH;C:\DOCUME~1\HP_PRO~1\LOCALS~1\Temp\OCBNEXFH.exe
S3 p2pgasvc;Authentification de groupe réseau homologue;C:\WINDOWS\system32\svchost.exe -k p2psvc
S3 p2pimsvc;Gestionnaire d'identité réseau homologue;C:\WINDOWS\system32\svchost.exe -k p2psvc
S3 p2psvc;Réseau homologue;C:\WINDOWS\system32\svchost.exe -k p2psvc
S3 PavSRK.sys;PavSRK.sys;\??\C:\WINDOWS\system32\PavSRK.sys
S3 PNRPSvc;Protocole de résolution de noms d'homologues;C:\WINDOWS\system32\svchost.exe -k p2psvc
S3 SaiH0464;SaiH0464;C:\WINDOWS\system32\DRIVERS\SaiH0464.sys
S3 usbscan;Pilote de scanneur USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys
S4 PavProc;Panda Process Protection Driver;\??\C:\WINDOWS\system32\DRIVERS\PavProc.sys
S4 QVMKLIL;QVMKLIL;C:\DOCUME~1\HP_PRO~1\LOCALS~1\Temp\QVMKLIL.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
p2psvc p2psvc p2pimsvc p2pgasvc PNRPSvc
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{096db9a4-0d52-11dc-b652-0060b3b148b3}]
\Shell\AutoRun\command - G:\SETUP.EXE
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{16e5fb2a-6824-11db-a3db-806d6172696f}]
\Shell\AutoRun\command - G:\setup.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{3970f550-40b0-11db-9d5b-806d6172696f}]
\Shell\AutoRun\command - K:\SETUP.EXE
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{3d6f0b4a-35e0-11dc-9a38-806d6172696f}]
\Shell\AutoRun\command - E:\autoplay.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{47c058ab-3c1b-11dc-b036-806d6172696f}]
\Shell\AutoRun\command - H:\autorun.exe
\Shell\directx\command - H:\DirectX9\dxsetup.exe
\Shell\setup\command - H:\install.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{47c058c3-3c1b-11dc-b036-0060b3b148b3}]
\Shell\AutoRun\command - EXPLORER.EXE
\Shell\explore\Command - EXPLORER.EXE
\Shell\open\Command - EXPLORER.EXE
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{5d5377a8-4a78-11db-90ea-806d6172696f}]
\Shell\AutoRun\command - E:\setup.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{5d5377aa-4a78-11db-90ea-806d6172696f}]
\Shell\AutoRun\command - G:\Autorun.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{6d37e11a-0923-11dc-b645-0060b3b148b3}]
\Shell\AutoRun\command - EXPLORER.EXE
\Shell\explore\Command - EXPLORER.EXE
\Shell\open\Command - EXPLORER.EXE
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{94c17f00-5499-11db-a6fe-806d6172696f}]
\Shell\AutoRun\command - D:\setupSNK.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a11c522a-3d00-11db-bb3c-806d6172696f}]
\Shell\AutoRun\command - G:\autorun.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a4b15c4f-cf59-11db-9570-806d6172696f}]
\Shell\AutoRun\command - F:\autorun.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ab1b69cc-4bad-11db-8e77-806d6172696f}]
\Shell\AutoRun\command - D:\setupSNK.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ab1b69d0-4bad-11db-8e77-806d6172696f}]
\Shell\AutoRun\command - G:\EE2AutoRun.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d6a63ceb-b08e-11db-b7cf-0060b3b148b3}]
\Shell\AutoRun\command - M:\Autorun.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{de217750-44a2-11db-a39c-806d6172696f}]
\Shell\AutoRun\command - G:\Autorun.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f4043a5a-56c1-11db-a1c1-806d6172696f}]
\Shell\AutoRun\command - D:\setupSNK.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f7d74926-5151-11db-a6d7-806d6172696f}]
\Shell\AutoRun\command - D:\setupSNK.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f7d74928-5151-11db-a6d7-806d6172696f}]
\Shell\AutoRun\command - E:\AUTORUN\AUTORUN.EXE
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f7d7492a-5151-11db-a6d7-806d6172696f}]
\Shell\AutoRun\command - G:\Autorun.exe
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
"C:\Program Files\Fichiers communs\LightScribe\LSRunOnce.exe"
.
**************************************************************************
catchme 0.3.1250 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-11-05 23:09:44
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
Completion time: 2007-11-05 23:13:58 - machine was rebooted
.
--- E O F ---
Ainsi que celui de hijackthis :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:18:11, on 05/11/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Fichiers communs\EPSON\EBAPI\eEBSVC.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\WINDOWS\system32\tcpsvcs.exe
C:\WINDOWS\System32\snmp.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\windows\system\hpsysdrv.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
C:\WINDOWS\system32\hphmon06.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\CursorXP\CursorXP.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\SAGEM Wi-Fi USB 802.11g\WLANUTL.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = 255.255.255.255
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 255.255.255.255:80
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - <default> - (no file)
R3 - URLSearchHook: (no name) - {1BB22D38-A411-4B13-A746-C2A4F4EC7344} - (no file)
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (file missing)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {549B5CA7-4A86-11D7-A4DF-000874180BB3} - (no file)
O2 - BHO: (no name) - {65D5A3B2-859E-42F5-AE9E-BC6D7EC1B0EB} - C:\WINDOWS\system32\VBA232.DLL (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: ADefaultSearch Class - {944864A5-3916-46E2-96A9-A2E84F3F1208} - C:\Program Files\Accoona\ASearchAssist.dll (file missing)
O2 - BHO: BHO pour Compagnon Web Encarta - {955BE0B8-BC85-4CAF-856E-8E0D8B610560} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Web Companion\2007\ENCWCBAR.DLL
O2 - BHO: (no name) - {B7531CF3-3DBE-4D68-BED9-E3697F3CDC9B} - C:\WINDOWS\system32\dplay32.dll (file missing)
O2 - BHO: (no name) - {C2EA6A7E-79FC-4CFB-90E4-898C742B44C5} - C:\WINDOWS\system32\mobsyncd.dll (file missing)
O2 - BHO: TGTSoft Explorer Toolbar Changer - {C333CF63-767F-4831-94AC-E683D962C63C} - C:\Program Files\TGTSoft\StyleXP\TGT_BHO.dll
O2 - BHO: (no name) - {F3E3A0A8-906B-47D7-8E5E-8C7F1D3C0BDC} - C:\WINDOWS\system32\ulib32.dll (file missing)
O2 - BHO: XBTP01621 - {F6104497-54FD-4688-9162-5115CC8AB0FB} - C:\PROGRA~1\BEARSH~2\BEARSH~2\MediaBar.dll (file missing)
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
O3 - Toolbar: Vue HP - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (file missing)
O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)
O3 - Toolbar: BearShare MediaBar - {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - C:\Program Files\BearShare applications\BearShare MediaBar\MediaBar.dll (file missing)
O3 - Toolbar: Compagnon Web Encarta - {147D6308-0614-4112-89B1-31402F9B82C4} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Web Companion\2007\ENCWCBAR.DLL
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [HPHUPD06] c:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe
O4 - HKLM\..\Run: [h3yb0y] C:\WINDOWS\SYSTEM32\DRIVERS\etc\LSASS.exe C:\WINDOWS\SYSTEM32\DRIVERS\etc\service.exe C:\WINDOWS\SYSTEM32\DRIVERS\etc\conf.dll
O4 - HKLM\..\Run: [h3yb0y1] C:\WINDOWS\SYSTEM32\DRIVERS\etc\LSASS.exe C:\WINDOWS\SYSTEM32\DRIVERS\etc\system.exe C:\WINDOWS\SYSTEM32\DRIVERS\etc\serv-u.ini
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [helpr] C:\Program Files\SETI\helper.exe -loader -nolog
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [HPHmon06] C:\WINDOWS\system32\hphmon06.exe
O4 - HKLM\..\Run: [EPSON Stylus CX3200] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE /P19 "EPSON Stylus CX3200" /O6 "USB001" /M "Stylus CX3200"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKCU\..\Run: [PCShield] regsvr32 /s "C:\WINDOWS\system32\sfg.dll"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [STYLEXP] C:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide
O4 - HKCU\..\Run: [L07FXLRD_674447171] "C:\Program Files\Microsoft Etudes\Microsoft Encarta 2007 - Études DVD\EDICT.EXE" -m
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [Philips Intelligent Agent] "C:\Program Files\Philips Intelligent Agent\Philips Intelligent Agent.exe" /SILENT
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [CursorXP] C:\Program Files\CursorXP\CursorXP.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - Startup: Utilitaire réseau pour SAGEM Wi-Fi 11g USB adapter.lnk = ?
O8 - Extra context menu item: Télécharger avec FlashGet - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: Télécharger tout avec FlashGet - C:\Program Files\FlashGet\jc_all.htm
O9 - Extra button: Barre de recherche Encarta - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe (file missing)
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe (file missing)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe (file missing)
O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe (file missing)
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by16fd.bay16.hotmail.msn.com/resources/MsnPUpld.cab
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.5.0) - http://javadl-esd.sun.com/update/1.5.0/jinstall-1_5_0_11-windows-i586-jc.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{0715969B-283B-4E93-8F2C-A4343706CA61}: NameServer = 85.155.115.94,85.155.118.94
O17 - HKLM\System\CCS\Services\Tcpip\..\{14DCEE1F-2437-4031-BA4A-C5A1D2178B73}: NameServer = 192.168.1.1
O17 - HKLM\System\CS5\Services\Tcpip\..\{0715969B-283B-4E93-8F2C-A4343706CA61}: NameServer = 85.155.115.94,85.155.118.94
O17 - HKLM\System\CS6\Services\Tcpip\..\{0715969B-283B-4E93-8F2C-A4343706CA61}: NameServer = 85.155.115.94,85.155.118.94
O20 - AppInit_DLLs: . 3 SF3.DLL,noxizaca.dll C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O21 - SSODL: bxsbang - {D117607A-ED64-4810-9909-CD719374EE12} - C:\WINDOWS\bxsbang.dll (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Boonty Games - Unknown owner - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe (file missing)
O23 - Service: EpsonBidirectionalService - Unknown owner - C:\Program Files\Fichiers communs\EPSON\EBAPI\eEBSVC.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Unknown owner - C:\Program Files\iPod\bin\iPodService.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: Noxizac Service (NoxizacSrv) - Unknown owner - C:\WINDOWS\system32\noxizac.exe (file missing)
O23 - Service: NTSVCMGR - Unknown owner - c:\windows\system32\dllcache\win32\winlogon.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: OCBNEXFH - Unknown owner - C:\DOCUME~1\HP_PRO~1\LOCALS~1\Temp\OCBNEXFH.exe (file missing)
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Fichiers communs\PCSuite\Services\ServiceLayer.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
Mais voici kan même le rapport de combofix :
ComboFix 07-11-05.2 - HP_Propriétaire 2007-11-05 22:56:40.1 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.426 [GMT 1:00]
Running from: C:\Documents and Settings\HP_Propriétaire\Bureau\ComboFix.exe
* Created a new restore point
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\Documents and Settings\All Users\Application Data.\salesmonitor
C:\Documents and Settings\HP_Propriétaire\Application Data\hidires
C:\Redemption.ECF
C:\WINDOWS\pack.epk
C:\WINDOWS\rs.txt
C:\WINDOWS\search_res.txt
C:\WINDOWS\system32\stera.log
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\LEGACY_FOPN
-------\LEGACY_IPRIP
-------\LEGACY_NTLOAD
-------\LEGACY_NWSAPAGENT
-------\LEGACY_VSPF
-------\LEGACY_VSPF_HK
-------\Iprip
-------\m_hook
-------\NTLOAD
-------\NwSapAgent
-------\vspf
-------\vspf_hk
((((((((((((((((((((((((((((( Fichiers cr‚‚s 2007-10-05 to 2007-11-05 ))))))))))))))))))))))))))))))))))))
.
2007-11-05 22:54 51,200 --a------ C:\WINDOWS\NirCmd.exe
2007-11-05 13:56 <REP> d----c--- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2007-11-05 10:52 289,144 --a------ C:\WINDOWS\system32\VCCLSID.exe
2007-11-05 10:52 288,417 --a------ C:\WINDOWS\system32\SrchSTS.exe
2007-11-05 10:52 53,248 --a------ C:\WINDOWS\system32\Process.exe
2007-11-05 10:52 51,200 --a------ C:\WINDOWS\system32\dumphive.exe
2007-11-05 10:52 25,600 --a------ C:\WINDOWS\system32\WS2Fix.exe
2007-11-04 22:05 4,332 --a------ C:\WINDOWS\system32\tmp.reg
2007-11-04 14:32 <REP> d----c--- C:\VundoFix Backups
2007-11-03 19:41 <REP> d----c--- C:\Program Files\Trend Micro
2007-10-30 18:55 2,855 --a------ C:\WINDOWS\system32\edit.PIF
2007-10-27 09:07 44,032 --a------ C:\WINDOWS\system32\VuPassword.dll
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-11-05 21:46 --------- dc----w C:\Program Files\eMule
2007-11-05 20:26 --------- dc----w C:\Program Files\Wanadoo
2007-10-27 17:45 --------- dc----w C:\Program Files\DivX
2007-10-15 17:37 --------- dc----w C:\Program Files\Shareaza
2007-09-28 16:07 43,528 ------w C:\WINDOWS\system32\drivers\pxhelp20.sys
2007-09-23 20:09 --------- dc----w C:\Program Files\Dictionnaire
2007-09-06 10:05 94,416 ----a-w C:\WINDOWS\system32\drivers\aswmon2.sys
2007-09-06 10:05 92,848 ----a-w C:\WINDOWS\system32\drivers\aswmon.sys
2007-09-06 10:03 23,152 ----a-w C:\WINDOWS\system32\drivers\aswRdr.sys
2007-09-06 10:02 42,912 ----a-w C:\WINDOWS\system32\drivers\aswTdi.sys
2007-09-06 10:00 26,624 ----a-w C:\WINDOWS\system32\drivers\aavmker4.sys
2005-08-23 15:40:18 0 --sha-w C:\WINDOWS\SMINST\HPCD.sys
2005-10-24 07:39:23 56 --sh--r C:\WINDOWS\system32\8CD90E1E38.sys
2003-08-16 19:56:00 579,584 --sha-r C:\WINDOWS\system32\cd.exe
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{549B5CA7-4A86-11D7-A4DF-000874180BB3}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{65D5A3B2-859E-42F5-AE9E-BC6D7EC1B0EB}]
C:\WINDOWS\system32\VBA232.DLL
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{944864A5-3916-46E2-96A9-A2E84F3F1208}]
C:\Program Files\Accoona\ASearchAssist.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{B7531CF3-3DBE-4D68-BED9-E3697F3CDC9B}]
C:\WINDOWS\system32\dplay32.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{C2EA6A7E-79FC-4CFB-90E4-898C742B44C5}]
C:\WINDOWS\system32\mobsyncd.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{F3E3A0A8-906B-47D7-8E5E-8C7F1D3C0BDC}]
C:\WINDOWS\system32\ulib32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2004-07-01 23:12]
"HPHUPD06"="c:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe" [2004-06-07 18:53]
"h3yb0y"="C:\WINDOWS\SYSTEM32\DRIVERS\etc\LSASS.exe" []
"h3yb0y1"="C:\WINDOWS\SYSTEM32\DRIVERS\etc\LSASS.exe" []
"WOOWATCH"="C:\PROGRA~1\Wanadoo\Watch.exe" [2004-08-23 14:49]
"WOOTASKBARICON"="C:\PROGRA~1\Wanadoo\GestMaj.exe" [2004-10-14 16:55]
"helpr"="C:\Program Files\SETI\helper.exe" []
"LVCOMSX"="C:\WINDOWS\system32\LVCOMSX.EXE" [2004-10-08 10:52]
"hpsysdrv"="c:\windows\system\hpsysdrv.exe" [1998-05-07 16:04]
"AlcxMonitor"="ALCXMNTR.EXE" []
"PS2"="C:\WINDOWS\system32\ps2.exe" []
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-09-06 11:06]
"HPHmon06"="C:\WINDOWS\system32\hphmon06.exe" [2004-06-07 18:43]
"EPSON Stylus CX3200"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.exe" [2002-07-01 04:05]
"NeroFilterCheck"="C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe" [2007-03-15 19:02]
"Google Desktop Search"="C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" [2007-08-18 08:38]
"Recguard"="C:\WINDOWS\SMINST\RECGUARD.EXE" [2004-04-14 20:43]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PCShield"="regsvr32 /s C:\WINDOWS\system32\sfg.dll" []
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 11:00]
"STYLEXP"="C:\Program Files\TGTSoft\StyleXP\StyleXP.exe" [2006-05-24 19:31]
"L07FXLRD_674447171"="C:\Program Files\Microsoft Etudes\Microsoft Encarta 2007 - Études DVD\EDICT.exe" []
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe" [2007-03-22 07:51]
"Philips Intelligent Agent"="C:\Program Files\Philips Intelligent Agent\Philips Intelligent Agent.exe" [2007-03-06 10:58]
"LightScribe Control Panel"="C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe" [2007-05-15 16:12]
"CursorXP"="C:\Program Files\CursorXP\CursorXP.exe" [2005-01-19 16:34]
"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2006-11-03 09:59]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2007-08-31 16:46]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"EditLevel"=0 (0x0)
"NoCommonGroups"=0 (0x0)
"DisallowRun"=0 (0x0)
"NoToolbarsOnTaskbar"=0 (0x0)
"NoTrayContextMenu"=0 (0x0)
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\disallowrun]
"1"=edi.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
"bxsbang"= {D117607A-ED64-4810-9909-CD719374EE12} - C:\WINDOWS\bxsbang.dll [ ]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"System"="lsass.exe"
"UIHost"=hex(2):25,53,79,73,74,65,6d,52,6f,6f,74,25,5c,73,79,73,74,65,6d,33,32,\
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=. 3 SF3.DLL,noxizaca.dll C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
[color=red]SafeBoot registry key needs repairs. This machine cannot enter Safe Mode.[/color]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\File system]
@="Driver Group"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vgasave.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E967-E325-11CE-BFC1-08002BE10318}]
@="DiskDrive"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96A-E325-11CE-BFC1-08002BE10318}]
@="Hdc"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96B-E325-11CE-BFC1-08002BE10318}]
@="Keyboard"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96F-E325-11CE-BFC1-08002BE10318}]
@="Mouse"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97D-E325-11CE-BFC1-08002BE10318}]
@="System"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{71A27CDD-812A-11D0-BEC7-08002BE2092F}]
@="Volume"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acme.PCHButton]
C:\PROGRA~1\HELPAN~1\Pavilion\XPHWWBF4\plugin\bin\PCHButton.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
nwiz.exe /installquiet /keeploaded /nodetect
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCShield]
regsvr32 /s "C:\WINDOWS\system32\sfg.dll"
R0 sfsync03;StarForce Protection Synchronization Driver (version 3.x);C:\WINDOWS\system32\drivers\sfsync03.sys
R0 vax347b2;vax347b2;C:\WINDOWS\system32\DRIVERS\vax347b2.sys
R0 vax347s2;vax347s2;C:\WINDOWS\system32\Drivers\vax347s2.sys
R2 MicroGuard;MicroGuard Copy Protection;\??\C:\WINDOWS\system32\drivers\mgnt.sys
R2 Planificateur LiveUpdate automatique;Planificateur LiveUpdate automatique;"C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe"
R3 Cap7134;ASUS TV7134 WDM Video Capture;C:\WINDOWS\system32\DRIVERS\Cap7134.sys
R3 PhTVTune;ASUS WDM TV Tuner;C:\WINDOWS\system32\DRIVERS\PhTVTune.sys
R3 USBSTOR;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
R3 WlanUIG;Sagem 802.11g Wireless LAN USB Adapter Driver;C:\WINDOWS\system32\DRIVERS\WlanUIG.sys
S2 NoxizacDriver;Noxizac Driver;\??\C:\WINDOWS\system32\noxizac.sys
S2 NoxizacSrv;Noxizac Service;C:\WINDOWS\system32\noxizac.exe
S3 Boonty Games;Boonty Games;"C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe"
S3 DFUBTUSB;WIDCOMM USB Bluetooth Driver in DFU State;C:\WINDOWS\system32\Drivers\frmupgr.sys
S3 hSONYPVh;hSONYPVh;\??\C:\DOCUME~1\HP_PRO~1\LOCALS~1\Temp\hSONYPVh.sys
S3 MEMSWEEP2;MEMSWEEP2;\??\C:\WINDOWS\system32\SophosMEMSWEEP.SYS
S3 OCBNEXFH;OCBNEXFH;C:\DOCUME~1\HP_PRO~1\LOCALS~1\Temp\OCBNEXFH.exe
S3 p2pgasvc;Authentification de groupe réseau homologue;C:\WINDOWS\system32\svchost.exe -k p2psvc
S3 p2pimsvc;Gestionnaire d'identité réseau homologue;C:\WINDOWS\system32\svchost.exe -k p2psvc
S3 p2psvc;Réseau homologue;C:\WINDOWS\system32\svchost.exe -k p2psvc
S3 PavSRK.sys;PavSRK.sys;\??\C:\WINDOWS\system32\PavSRK.sys
S3 PNRPSvc;Protocole de résolution de noms d'homologues;C:\WINDOWS\system32\svchost.exe -k p2psvc
S3 SaiH0464;SaiH0464;C:\WINDOWS\system32\DRIVERS\SaiH0464.sys
S3 usbscan;Pilote de scanneur USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys
S4 PavProc;Panda Process Protection Driver;\??\C:\WINDOWS\system32\DRIVERS\PavProc.sys
S4 QVMKLIL;QVMKLIL;C:\DOCUME~1\HP_PRO~1\LOCALS~1\Temp\QVMKLIL.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
p2psvc p2psvc p2pimsvc p2pgasvc PNRPSvc
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{096db9a4-0d52-11dc-b652-0060b3b148b3}]
\Shell\AutoRun\command - G:\SETUP.EXE
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{16e5fb2a-6824-11db-a3db-806d6172696f}]
\Shell\AutoRun\command - G:\setup.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{3970f550-40b0-11db-9d5b-806d6172696f}]
\Shell\AutoRun\command - K:\SETUP.EXE
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{3d6f0b4a-35e0-11dc-9a38-806d6172696f}]
\Shell\AutoRun\command - E:\autoplay.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{47c058ab-3c1b-11dc-b036-806d6172696f}]
\Shell\AutoRun\command - H:\autorun.exe
\Shell\directx\command - H:\DirectX9\dxsetup.exe
\Shell\setup\command - H:\install.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{47c058c3-3c1b-11dc-b036-0060b3b148b3}]
\Shell\AutoRun\command - EXPLORER.EXE
\Shell\explore\Command - EXPLORER.EXE
\Shell\open\Command - EXPLORER.EXE
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{5d5377a8-4a78-11db-90ea-806d6172696f}]
\Shell\AutoRun\command - E:\setup.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{5d5377aa-4a78-11db-90ea-806d6172696f}]
\Shell\AutoRun\command - G:\Autorun.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{6d37e11a-0923-11dc-b645-0060b3b148b3}]
\Shell\AutoRun\command - EXPLORER.EXE
\Shell\explore\Command - EXPLORER.EXE
\Shell\open\Command - EXPLORER.EXE
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{94c17f00-5499-11db-a6fe-806d6172696f}]
\Shell\AutoRun\command - D:\setupSNK.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a11c522a-3d00-11db-bb3c-806d6172696f}]
\Shell\AutoRun\command - G:\autorun.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a4b15c4f-cf59-11db-9570-806d6172696f}]
\Shell\AutoRun\command - F:\autorun.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ab1b69cc-4bad-11db-8e77-806d6172696f}]
\Shell\AutoRun\command - D:\setupSNK.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ab1b69d0-4bad-11db-8e77-806d6172696f}]
\Shell\AutoRun\command - G:\EE2AutoRun.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d6a63ceb-b08e-11db-b7cf-0060b3b148b3}]
\Shell\AutoRun\command - M:\Autorun.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{de217750-44a2-11db-a39c-806d6172696f}]
\Shell\AutoRun\command - G:\Autorun.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f4043a5a-56c1-11db-a1c1-806d6172696f}]
\Shell\AutoRun\command - D:\setupSNK.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f7d74926-5151-11db-a6d7-806d6172696f}]
\Shell\AutoRun\command - D:\setupSNK.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f7d74928-5151-11db-a6d7-806d6172696f}]
\Shell\AutoRun\command - E:\AUTORUN\AUTORUN.EXE
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f7d7492a-5151-11db-a6d7-806d6172696f}]
\Shell\AutoRun\command - G:\Autorun.exe
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
"C:\Program Files\Fichiers communs\LightScribe\LSRunOnce.exe"
.
**************************************************************************
catchme 0.3.1250 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-11-05 23:09:44
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
Completion time: 2007-11-05 23:13:58 - machine was rebooted
.
--- E O F ---
Ainsi que celui de hijackthis :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:18:11, on 05/11/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Fichiers communs\EPSON\EBAPI\eEBSVC.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\WINDOWS\system32\tcpsvcs.exe
C:\WINDOWS\System32\snmp.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\windows\system\hpsysdrv.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
C:\WINDOWS\system32\hphmon06.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\CursorXP\CursorXP.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\SAGEM Wi-Fi USB 802.11g\WLANUTL.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = 255.255.255.255
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 255.255.255.255:80
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - <default> - (no file)
R3 - URLSearchHook: (no name) - {1BB22D38-A411-4B13-A746-C2A4F4EC7344} - (no file)
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (file missing)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {549B5CA7-4A86-11D7-A4DF-000874180BB3} - (no file)
O2 - BHO: (no name) - {65D5A3B2-859E-42F5-AE9E-BC6D7EC1B0EB} - C:\WINDOWS\system32\VBA232.DLL (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: ADefaultSearch Class - {944864A5-3916-46E2-96A9-A2E84F3F1208} - C:\Program Files\Accoona\ASearchAssist.dll (file missing)
O2 - BHO: BHO pour Compagnon Web Encarta - {955BE0B8-BC85-4CAF-856E-8E0D8B610560} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Web Companion\2007\ENCWCBAR.DLL
O2 - BHO: (no name) - {B7531CF3-3DBE-4D68-BED9-E3697F3CDC9B} - C:\WINDOWS\system32\dplay32.dll (file missing)
O2 - BHO: (no name) - {C2EA6A7E-79FC-4CFB-90E4-898C742B44C5} - C:\WINDOWS\system32\mobsyncd.dll (file missing)
O2 - BHO: TGTSoft Explorer Toolbar Changer - {C333CF63-767F-4831-94AC-E683D962C63C} - C:\Program Files\TGTSoft\StyleXP\TGT_BHO.dll
O2 - BHO: (no name) - {F3E3A0A8-906B-47D7-8E5E-8C7F1D3C0BDC} - C:\WINDOWS\system32\ulib32.dll (file missing)
O2 - BHO: XBTP01621 - {F6104497-54FD-4688-9162-5115CC8AB0FB} - C:\PROGRA~1\BEARSH~2\BEARSH~2\MediaBar.dll (file missing)
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
O3 - Toolbar: Vue HP - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (file missing)
O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)
O3 - Toolbar: BearShare MediaBar - {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - C:\Program Files\BearShare applications\BearShare MediaBar\MediaBar.dll (file missing)
O3 - Toolbar: Compagnon Web Encarta - {147D6308-0614-4112-89B1-31402F9B82C4} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Web Companion\2007\ENCWCBAR.DLL
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [HPHUPD06] c:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe
O4 - HKLM\..\Run: [h3yb0y] C:\WINDOWS\SYSTEM32\DRIVERS\etc\LSASS.exe C:\WINDOWS\SYSTEM32\DRIVERS\etc\service.exe C:\WINDOWS\SYSTEM32\DRIVERS\etc\conf.dll
O4 - HKLM\..\Run: [h3yb0y1] C:\WINDOWS\SYSTEM32\DRIVERS\etc\LSASS.exe C:\WINDOWS\SYSTEM32\DRIVERS\etc\system.exe C:\WINDOWS\SYSTEM32\DRIVERS\etc\serv-u.ini
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [helpr] C:\Program Files\SETI\helper.exe -loader -nolog
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [HPHmon06] C:\WINDOWS\system32\hphmon06.exe
O4 - HKLM\..\Run: [EPSON Stylus CX3200] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE /P19 "EPSON Stylus CX3200" /O6 "USB001" /M "Stylus CX3200"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKCU\..\Run: [PCShield] regsvr32 /s "C:\WINDOWS\system32\sfg.dll"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [STYLEXP] C:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide
O4 - HKCU\..\Run: [L07FXLRD_674447171] "C:\Program Files\Microsoft Etudes\Microsoft Encarta 2007 - Études DVD\EDICT.EXE" -m
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [Philips Intelligent Agent] "C:\Program Files\Philips Intelligent Agent\Philips Intelligent Agent.exe" /SILENT
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [CursorXP] C:\Program Files\CursorXP\CursorXP.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - Startup: Utilitaire réseau pour SAGEM Wi-Fi 11g USB adapter.lnk = ?
O8 - Extra context menu item: Télécharger avec FlashGet - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: Télécharger tout avec FlashGet - C:\Program Files\FlashGet\jc_all.htm
O9 - Extra button: Barre de recherche Encarta - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe (file missing)
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe (file missing)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe (file missing)
O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe (file missing)
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by16fd.bay16.hotmail.msn.com/resources/MsnPUpld.cab
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.5.0) - http://javadl-esd.sun.com/update/1.5.0/jinstall-1_5_0_11-windows-i586-jc.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{0715969B-283B-4E93-8F2C-A4343706CA61}: NameServer = 85.155.115.94,85.155.118.94
O17 - HKLM\System\CCS\Services\Tcpip\..\{14DCEE1F-2437-4031-BA4A-C5A1D2178B73}: NameServer = 192.168.1.1
O17 - HKLM\System\CS5\Services\Tcpip\..\{0715969B-283B-4E93-8F2C-A4343706CA61}: NameServer = 85.155.115.94,85.155.118.94
O17 - HKLM\System\CS6\Services\Tcpip\..\{0715969B-283B-4E93-8F2C-A4343706CA61}: NameServer = 85.155.115.94,85.155.118.94
O20 - AppInit_DLLs: . 3 SF3.DLL,noxizaca.dll C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O21 - SSODL: bxsbang - {D117607A-ED64-4810-9909-CD719374EE12} - C:\WINDOWS\bxsbang.dll (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Boonty Games - Unknown owner - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe (file missing)
O23 - Service: EpsonBidirectionalService - Unknown owner - C:\Program Files\Fichiers communs\EPSON\EBAPI\eEBSVC.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Unknown owner - C:\Program Files\iPod\bin\iPodService.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: Noxizac Service (NoxizacSrv) - Unknown owner - C:\WINDOWS\system32\noxizac.exe (file missing)
O23 - Service: NTSVCMGR - Unknown owner - c:\windows\system32\dllcache\win32\winlogon.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: OCBNEXFH - Unknown owner - C:\DOCUME~1\HP_PRO~1\LOCALS~1\Temp\OCBNEXFH.exe (file missing)
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Fichiers communs\PCSuite\Services\ServiceLayer.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
Regis59
Messages postés
21143
Date d'inscription
mardi 27 juin 2006
Statut
Contributeur sécurité
Dernière intervention
22 juin 2016
1 321
5 nov. 2007 à 23:37
5 nov. 2007 à 23:37
Ok on verifie une chose et après on s'attaque au gros morceau.
Fais un clic droit sur ce lien :
http://perso.orange.fr/il.mafioso/Navifix/Navilog1.zip
Enregistrer la cible (du lien) sous... et enregistre-le sur ton bureau.
Fais un clic droit sur navilog1.zip et choisis "tout extraire"
Ensuite double clique sur navilog1.exe pour lancer l'installation.
Une fois l'installation terminée, le fix s'exécutera automatiquement.
(Si ce n'est pas le cas, double-clique sur le raccourci Navilog1 présent sur le bureau).
Laisse-toi guider. Au menu principal, choisis 1 et valides.
(ne fais pas le choix 2,3 ou 4 sans notre avis/accord)
Patiente jusqu'au message :
*** Analyse Termine le ..... ***
Appuie sur une touche comme demandé, le blocnote va s'ouvrir.
Copie-colle l'intégralité dans une réponse. Referme le blocnote.
Le rapport est en outre sauvegardé à la racine du disque (fixnavi.txt)
Fais un clic droit sur ce lien :
http://perso.orange.fr/il.mafioso/Navifix/Navilog1.zip
Enregistrer la cible (du lien) sous... et enregistre-le sur ton bureau.
Fais un clic droit sur navilog1.zip et choisis "tout extraire"
Ensuite double clique sur navilog1.exe pour lancer l'installation.
Une fois l'installation terminée, le fix s'exécutera automatiquement.
(Si ce n'est pas le cas, double-clique sur le raccourci Navilog1 présent sur le bureau).
Laisse-toi guider. Au menu principal, choisis 1 et valides.
(ne fais pas le choix 2,3 ou 4 sans notre avis/accord)
Patiente jusqu'au message :
*** Analyse Termine le ..... ***
Appuie sur une touche comme demandé, le blocnote va s'ouvrir.
Copie-colle l'intégralité dans une réponse. Referme le blocnote.
Le rapport est en outre sauvegardé à la racine du disque (fixnavi.txt)
Ok c'est fait :
Search Navipromo version 3.3.4 commencé le 05/11/2007 à 23:44:48.68
!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
!!! Postez ce rapport sur le forum pour le faire analyser !!!
!!! Ne lancez pas la partie désinfection sans l'avis d'un spécialiste !!!
Outil exécuté depuis C:\Program Files\navilog1
Mise à jour le 02.11.2007 à 12h00 par IL-MAFIOSO
Microsoft Windows XP [version 5.1.2600]
Internet Explorer : 7.0.5730.11
*** Recherche Programmes installés ***
*** Recherche dossiers dans C:\WINDOWS ***
*** Recherche dossiers dans C:\Program Files ***
*** Recherche dossiers dans C:\Documents and Settings\All Users\Application Data ***
*** Recherche dossiers dans C:\Documents and Settings\HP_Propri‚taire\Application Data ***
*** Recherche dossiers dans C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1 ***
*** Recherche avec Catchme-rootkit/stealth malware detector par gmer ***
pour + d'infos : http://www.gmer.net
Aucun fichier trouvé dans :
- C:\WINDOWS\system32
- C:\DOCUME~1\HP_PRO~1\LOCALS~1\APPLIC~1
*** Recherche avec GenericNaviSearch ***
!!! Tous ces résultats peuvent révéler des fichiers légitimes !!!
!!! A vérifier impérativement avant toute suppression manuelle !!!
* Recherche dans C:\WINDOWS\system32 *
* Recherche dans C:\DOCUME~1\HP_PRO~1\LOCALS~1\APPLIC~1 *
*** Recherche fichiers ***
*** Recherche clés spécifiques dans le Registre ***
*** Module de Recherche complémentaire ***
(Recherche fichiers spécifiques)
1)Recherche fichiers connus:
2)Recherche Heuristique :
C:\WINDOWS\system32\ykmxghp.dat trouvé !
3)Recherche Certificats :
Certificat Egroup absent !
*** Analyse terminée le 05/11/2007 à 23:51:11.71 ***
Search Navipromo version 3.3.4 commencé le 05/11/2007 à 23:44:48.68
!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
!!! Postez ce rapport sur le forum pour le faire analyser !!!
!!! Ne lancez pas la partie désinfection sans l'avis d'un spécialiste !!!
Outil exécuté depuis C:\Program Files\navilog1
Mise à jour le 02.11.2007 à 12h00 par IL-MAFIOSO
Microsoft Windows XP [version 5.1.2600]
Internet Explorer : 7.0.5730.11
*** Recherche Programmes installés ***
*** Recherche dossiers dans C:\WINDOWS ***
*** Recherche dossiers dans C:\Program Files ***
*** Recherche dossiers dans C:\Documents and Settings\All Users\Application Data ***
*** Recherche dossiers dans C:\Documents and Settings\HP_Propri‚taire\Application Data ***
*** Recherche dossiers dans C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1 ***
*** Recherche avec Catchme-rootkit/stealth malware detector par gmer ***
pour + d'infos : http://www.gmer.net
Aucun fichier trouvé dans :
- C:\WINDOWS\system32
- C:\DOCUME~1\HP_PRO~1\LOCALS~1\APPLIC~1
*** Recherche avec GenericNaviSearch ***
!!! Tous ces résultats peuvent révéler des fichiers légitimes !!!
!!! A vérifier impérativement avant toute suppression manuelle !!!
* Recherche dans C:\WINDOWS\system32 *
* Recherche dans C:\DOCUME~1\HP_PRO~1\LOCALS~1\APPLIC~1 *
*** Recherche fichiers ***
*** Recherche clés spécifiques dans le Registre ***
*** Module de Recherche complémentaire ***
(Recherche fichiers spécifiques)
1)Recherche fichiers connus:
2)Recherche Heuristique :
C:\WINDOWS\system32\ykmxghp.dat trouvé !
3)Recherche Certificats :
Certificat Egroup absent !
*** Analyse terminée le 05/11/2007 à 23:51:11.71 ***
Regis59
Messages postés
21143
Date d'inscription
mardi 27 juin 2006
Statut
Contributeur sécurité
Dernière intervention
22 juin 2016
1 321
6 nov. 2007 à 00:46
6 nov. 2007 à 00:46
re
Double clique sur le raccourci Navilog1 présent sur le bureau et laisse-toi guider.
Au menu principal, choisis 4 et valide.
Le fix va te demander de saisir le nom de fichier.
Saisies ce qui est en gras ci-dessous et rien d'autre puis valide:
ykmxghp
Le fix va te demander de le resaisir, fais-le et valide
Le fix va t'informer qu'il va alors redémarrer ton PC
Ferme toutes les fenêtres ouvertes et enregistre tes documents personnels ouverts
Appuie sur une touche comme demandé.
(si ton Pc ne redémarre pas automatiquement, fais le toi même)
Au redémarrage de ton PC, choisis ta session habituelle.
Patiente jusqu'au message :
*** Nettoyage Termine le ..... ***
Le blocnote va s'ouvrir.
Sauvegarde le rapport de manière à le retrouver
Referme le blocnote. Ton bureau va réapparaitre
PS:Si ton bureau ne réapparait pas, fais CTRL+ALT+SUPP pour ouvrir le gestionnaire de tâches.
Puis rends-toi à l'onglet "processus". Cliques en haut à gauche sur fichiers et choisis "exécuter"
Tapes explorer et valides. Celà te fera apparaitre ton bureau
Double clique sur le raccourci Navilog1 présent sur le bureau et laisse-toi guider.
Au menu principal, choisis 4 et valide.
Le fix va te demander de saisir le nom de fichier.
Saisies ce qui est en gras ci-dessous et rien d'autre puis valide:
ykmxghp
Le fix va te demander de le resaisir, fais-le et valide
Le fix va t'informer qu'il va alors redémarrer ton PC
Ferme toutes les fenêtres ouvertes et enregistre tes documents personnels ouverts
Appuie sur une touche comme demandé.
(si ton Pc ne redémarre pas automatiquement, fais le toi même)
Au redémarrage de ton PC, choisis ta session habituelle.
Patiente jusqu'au message :
*** Nettoyage Termine le ..... ***
Le blocnote va s'ouvrir.
Sauvegarde le rapport de manière à le retrouver
Referme le blocnote. Ton bureau va réapparaitre
PS:Si ton bureau ne réapparait pas, fais CTRL+ALT+SUPP pour ouvrir le gestionnaire de tâches.
Puis rends-toi à l'onglet "processus". Cliques en haut à gauche sur fichiers et choisis "exécuter"
Tapes explorer et valides. Celà te fera apparaitre ton bureau
re! Ok c'est fai, voici le rapport :
Clean Navipromo version 3.3.4 commencé le 06/11/2007 à 10:01:47.78
Outil exécuté depuis C:\Program Files\navilog1
Mise à jour le 02.11.2007 à 12h00 par IL-MAFIOSO
Microsoft Windows XP [version 5.1.2600]
Internet Explorer : 7.0.5730.11
Mode suppression par méthode manuelle
Nom du fichier saisi : ykmxghp
*** Recherche, création sauvegardes et suppression ***
* Suppression dans C:\WINDOWS\system32 *
ykmxghp.dat trouvé !
Copie ykmxghp.dat réalisé avec succès !
ykmxghp.dat supprimé !
* Suppression dans C:\DOCUME~1\HP_PRO~1\LOCALS~1\APPLIC~1 *
*** Suppression dossiers dans C:\WINDOWS ***
*** Suppression dossiers dans C:\Program Files ***
*** Suppression dossiers dans C:\Documents and Settings\All Users\Application Data ***
*** Suppression dossiers dans C:\Documents and Settings\HP_Propriétaire\Application Data ***
*** Suppression dossiers dans C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1 ***
*** Suppression fichiers ***
*** Suppression fichiers temporaires ***
Nettoyage contenu C:\WINDOWS\Temp effectué !
Nettoyage contenu C:\Documents and Settings\HP_Propriétaire\Local Settings\Temp effectué !
*** Traitement Recherche complémentaire ***
(Recherche fichiers spécifiques)
1)Recherche fichiers connus:
2)Recherche, création sauvegardes et suppression Heuristique :
*** Sauvegarde du Registre vers dossier Backupnavi ***
sauvegarde du Registre réalisé avec succès !
*** Nettoyage Registre ***
Nettoyage Registre Ok
*** Certificats ***
Certificat Egroup absent !
*** Nettoyage terminé le 06/11/2007 à 10:09:15.00 ***
Clean Navipromo version 3.3.4 commencé le 06/11/2007 à 10:01:47.78
Outil exécuté depuis C:\Program Files\navilog1
Mise à jour le 02.11.2007 à 12h00 par IL-MAFIOSO
Microsoft Windows XP [version 5.1.2600]
Internet Explorer : 7.0.5730.11
Mode suppression par méthode manuelle
Nom du fichier saisi : ykmxghp
*** Recherche, création sauvegardes et suppression ***
* Suppression dans C:\WINDOWS\system32 *
ykmxghp.dat trouvé !
Copie ykmxghp.dat réalisé avec succès !
ykmxghp.dat supprimé !
* Suppression dans C:\DOCUME~1\HP_PRO~1\LOCALS~1\APPLIC~1 *
*** Suppression dossiers dans C:\WINDOWS ***
*** Suppression dossiers dans C:\Program Files ***
*** Suppression dossiers dans C:\Documents and Settings\All Users\Application Data ***
*** Suppression dossiers dans C:\Documents and Settings\HP_Propriétaire\Application Data ***
*** Suppression dossiers dans C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1 ***
*** Suppression fichiers ***
*** Suppression fichiers temporaires ***
Nettoyage contenu C:\WINDOWS\Temp effectué !
Nettoyage contenu C:\Documents and Settings\HP_Propriétaire\Local Settings\Temp effectué !
*** Traitement Recherche complémentaire ***
(Recherche fichiers spécifiques)
1)Recherche fichiers connus:
2)Recherche, création sauvegardes et suppression Heuristique :
*** Sauvegarde du Registre vers dossier Backupnavi ***
sauvegarde du Registre réalisé avec succès !
*** Nettoyage Registre ***
Nettoyage Registre Ok
*** Certificats ***
Certificat Egroup absent !
*** Nettoyage terminé le 06/11/2007 à 10:09:15.00 ***
