Smitfraud, deepdive et zlob.downloader

fred -  
^^Marie^^ Messages postés 41884 Date d'inscription   Statut Membre Dernière intervention   -
Bonjour a tous, et surtout aux pros de l'informatique qui animent ce forum.

j'ai aujourd'hui scanner mon pc avec spybot S&D qui me dit que je suis infecté de deepdive, smitfraud-C et MSVPS et zlob.dowloader.vcd
j'ai donc nettoyer avec spybot et CCleaner, mais ils reviennent toujours.

j'ai donc suivi la procédure avec smitfraudfix pour éradiquer smitfraud-c et msvps, mais je ne peux pas démarrer en mode sans échec pour lancer ma désinfection, je ne sais pas pourquoi et cela m'inquiete un peu.

Ci joint le 1° rapport smitfraudfix et hijackthis

Merci d'y jeter un oeil et de me dire comment regler ce problème.

SmitFraudFix v2.290

Rapport fait à 18:51:46,79, 17/02/2008
Executé à partir de C:\Documents and Settings\Fredi\Bureau\pakage antiviral\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Le type du système de fichiers est NTFS
Fix executé en mode normal

»»»»»»»»»»»»»»»»»»»»»»»» Process

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\cmd.exe

»»»»»»»»»»»»»»»»»»»»»»»» hosts

Fichier hosts corrompu !

127.0.0.1 www.legal-at-spybot.info
127.0.0.1 legal-at-spybot.info

»»»»»»»»»»»»»»»»»»»»»»»» C:\

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS

C:\WINDOWS\bndsrgxt.dll PRESENT !
C:\WINDOWS\msvb.dll PRESENT !

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32

»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Fredi

»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Fredi\Application Data

»»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer

»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\Fredi\Favoris

»»»»»»»»»»»»»»»»»»»»»»»» Bureau

»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files

»»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues

»»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau

»»»»»»»»»»»»»»»»»»»»»»»» IEDFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

IEDFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri

»»»»»»»»»»»»»»»»»»»»»»»» VACFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

VACFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri
+--------------------------------------------------+
[!] Suspicious: bndsrgxt.dll
BHO: MSVPS System - {3ADCBC16-19FA-4C59-9C22-E17C71B5FD7A}
TypeLib: {A8954909-1F0F-41A5-A7FA-3B376D69E226}
Interface: {967A494A-6AEC-4555-9CAF-FA6EB00ACF91}
Interface: {9692BE2F-EB8F-49D9-A11C-C24C1EF734D5}

»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

»»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=""

»»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"System"=""

»»»»»»»»»»»»»»»»»»»»»»»» Rustock

»»»»»»»»»»»»»»»»»»»»»»»» DNS

Description: Realtek RTL8139/810x Family Fast Ethernet NIC - Miniport d'ordonnancement de paquets
DNS Server Search Order: 213.234.192.8
DNS Server Search Order: 85.21.192.3

Description: WAN (PPP/SLIP) Interface
DNS Server Search Order: 213.234.192.7
DNS Server Search Order: 195.14.50.21

HKLM\SYSTEM\CCS\Services\Tcpip\..\{201DE11F-88F5-43C0-9020-7B450DD8653B}: NameServer=213.234.192.7 195.14.50.21
HKLM\SYSTEM\CCS\Services\Tcpip\..\{A7253F1B-22F9-4A38-8443-149AEAF9E275}: DhcpNameServer=213.234.192.8 85.21.192.3
HKLM\SYSTEM\CS1\Services\Tcpip\..\{A7253F1B-22F9-4A38-8443-149AEAF9E275}: DhcpNameServer=195.14.50.1 195.14.50.21
HKLM\SYSTEM\CS2\Services\Tcpip\..\{201DE11F-88F5-43C0-9020-7B450DD8653B}: NameServer=213.234.192.7 195.14.50.21
HKLM\SYSTEM\CS2\Services\Tcpip\..\{A7253F1B-22F9-4A38-8443-149AEAF9E275}: DhcpNameServer=213.234.192.8 85.21.192.3
HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=195.14.50.1 195.14.50.21

»»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll

»»»»»»»»»»»»»»»»»»»»»»»» Fin

Logfile of HijackThis v1.99.1
Scan saved at 20:11:57, on 17/02/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
C:\WINDOWS\system32\svchost.exe
C:\Documents and Settings\Fredi\Bureau\pakage antiviral\test.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.targa.gmbh/eng/targa/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: MSVPS System - {3ADCBC16-19FA-4C59-9C22-E17C71B5FD7A} - C:\WINDOWS\bndsrgxt.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O8 - Extra context menu item: &eBay Search - res://C:\Program Files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html
O8 - Extra context menu item: Envoyer à &Bluetooth - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie.htm
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O14 - IERESET.INF: START_PAGE_URL=https://www.targa.gmbh/eng/targa/
O16 - DPF: {09F1ADAC-76D8-4D0F-99A5-5C907DADB988} - http://cdn.downloadcontrol.com/files/installers/cab/SystemDoctor2006FreeInstall_fr.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{201DE11F-88F5-43C0-9020-7B450DD8653B}: NameServer = 213.234.192.7 195.14.50.21
O17 - HKLM\System\CS2\Services\Tcpip\..\{201DE11F-88F5-43C0-9020-7B450DD8653B}: NameServer = 213.234.192.7 195.14.50.21
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: msvb - {47B7D3BC-25FE-40F2-9006-F3165E112B2F} - C:\WINDOWS\msvb.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Program Files\Windows Live\installer\WLSetupSvc.exe
Configuration: Windows XP
Firefox 2.0.0.12

8 réponses

  1. ^^Marie^^ Messages postés 41884 Date d'inscription   Statut Membre Dernière intervention   3 280
     
    Bonsoir fred

    Ton rapport smitfraud présente une infection donc autant l'éradiquer

    Démarre en mode sans échec :

    Pour cela, tu tapotes la touche F8 dès le début de l’allumage du pc sans t’arrêter.
    Une fenêtre va s’ouvrir tu te déplaces avec les flèches du clavier sur démarrer en mode sans échec puis tape entrée.
    Une fois sur le bureau s’il n’y a pas toutes les couleurs et autres c’est normal !
    (Si F8 ne marche pas utilise la touche F5).
    ----------------------------------------------------------------------------
    Relance le programme Smitfraud,
    Cette fois choisit l’option 2, répond oui a tous ;
    Sauvegarde le rapport, Redémarre en mode normal,
    copie/colle le rapport sauvegardé sur le forum

    Si tu souhaites un anti-virus plus simple tu as Antivir

    Tu navigues à tombeau ouvert,

    A++
    1
  2. fred
     
    Merci pour ta réponse mais cela me gène énormemment d'utiliser cet antivirus, n'y aurait-iil pas une autre solution?
    0
  3. fred
     
    eh bien en naviguant sur certain post, j'ai remarqué qu'il y avait beaucoup de problemes avec kapersky. probleme de compatibilites avec windows, problemes de désinstallation.

    De plus j'ai deja un antivirus qui est plutot bien donc je vois pas pourquoi en rajouter un autre pardessus!!
    0
    1. ^^Marie^^ Messages postés 41884 Date d'inscription   Statut Membre Dernière intervention   3 280
       
      >Salut

      Je pense que tu devrais te préoccuper de ton infection
      http://www.commentcamarche.net/forum/affich 5069934 smitfraud deepdive et zlob downloader#4

      A++

      0
      1. fred > ^^Marie^^ Messages postés 41884 Date d'inscription   Statut Membre Dernière intervention  
         
        bonjour Marie, voila j'ai installé antivir, j'espere etre bien protegé maintenant.



        Pour ce qui est de smitfraud fix voila le rapport, sauf que j'ai pas reussi a le lancer avec le mode sans echec.
        j'ai une merde avec le mode sans echec et je sais pas si cela provient d'un virus, ou si cela proviendrait d'une installation raté de ubuntu





        SmitFraudFix v2.290

        Rapport fait à 8:52:29,82, 02/03/2008
        Executé à partir de C:\Documents and Settings\Fredi\Bureau\pakage antiviral\SmitfraudFix
        OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
        Le type du système de fichiers est NTFS
        Fix executé en mode normal

        »»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Avant SmitFraudFix
        !!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

        SrchSTS.exe by S!Ri
        Search SharedTaskScheduler's .dll

        »»»»»»»»»»»»»»»»»»»»»»»» Arret des processus


        »»»»»»»»»»»»»»»»»»»»»»»» hosts




        127.0.0.1 ad45.com
        127.0.0.1 ad77.com
        127.0.0.1 ad86.com
        127.0.0.1 www.adamsupportgroup.org
        127.0.0.1 adamsupportgroup.org

        127.0.0.1 www.add-manager.com
        127.0.0.1 add-manager.com
        127.0.0.1 www.adgate.info
        127.0.0.1 adgate.info
        127.0.0.1 www.adioserrores.com
        127.0.0.1 adioserrores.com
        127.0.0.1 www.adipics.com
        127.0.0.1 adipics.com
        127.0.0.1 www.adlogix.com

        127.0.0.1 agentstudio.com
        127.0.0.1 www.aginegialle.it
        127.0.0.1 aginegialle.it
        127.0.0.1 aifind.info
        127.0.0.1 www.aifind.info
        127.0.0.1 www.airtleworld.com
        127.0.0.1 airtleworld.com
        127.0.0.1 www.aitalia.it
        127.0.0.1 aitalia.it
        127.0.0.1 akamai.downloadv3.com
        127.0.0.1 www.aklitalia.it
        127.0.0.1 aklitalia.it
        127.0.0.1 akril.com
        127.0.0.1 alcatel.ws
        127.0.0.1 www.alertspy.com
        127.0.0.1 alertspy.com
        127.0.0.1 www.alfacleaner.com
        127.0.0.1 alfacleaner.com
        127.0.0.1 alfa-search.com
        127.0.0.1 www.alialia.it
        127.0.0.1 alialia.it
        127.0.0.1 www.aliotalia.it
        127.0.0.1 aliotalia.it
        127.0.0.1 www.alirtalia.it
        127.0.0.1 alirtalia.it
        127.0.0.1 www.alitaia.it
        127.0.0.1 alitaia.it
        127.0.0.1 www.alitaklia.it
        127.0.0.1 alitaklia.it
        127.0.0.1 www.alitala.it
        127.0.0.1 alitala.it
        127.0.0.1 www.alitali.it
        127.0.0.1 alitali.it
        127.0.0.1 www.alitaliaq.it
        127.0.0.1 alitaliaq.it
        127.0.0.1 www.alitalias.it
        127.0.0.1 alitalias.it
        127.0.0.1 www.alitaliaz.it
        127.0.0.1 alitaliaz.it
        127.0.0.1 www.alitalioa.it
        127.0.0.1 alitalioa.it
        127.0.0.1 www.alitalisa.it
        127.0.0.1 alitalisa.it
        127.0.0.1 www.alitaliua.it
        127.0.0.1 alitaliua.it
        127.0.0.1 www.alitalkia.it
        127.0.0.1 alitalkia.it
        127.0.0.1 www.alitaloia.it
        127.0.0.1 alitaloia.it
        127.0.0.1 www.alitaluia.it
        127.0.0.1 alitaluia.it
        127.0.0.1 www.alitaslia.it
        127.0.0.1 alitaslia.it
        127.0.0.1 www.alitlia.it
        127.0.0.1 alitlia.it
        127.0.0.1 www.alitralia.it
        127.0.0.1 alitralia.it
        127.0.0.1 www.alitsalia.it
        127.0.0.1 alitsalia.it
        127.0.0.1 www.aliutalia.it
        127.0.0.1 aliutalia.it

        127.0.0.1 amisbusiness.com
        127.0.0.1 www.ampmsearch.com
        127.0.0.1 ampmsearch.com
        127.0.0.1 www.analcord.com
        127.0.0.1 analcord.com
        127.0.0.1 analmovi.com
        127.0.0.1 www.anarchylolita.com
        127.0.0.1 anarchylolita.com
        127.0.0.1 anarchyporn.com
        127.0.0.1 www.andromedical.com
        127.0.0.1 andromedical.com

        127.0.0.1 tuiscali.it
        127.0.0.1 www.tuksolution.com
        127.0.0.1 tuksolution.com
        127.0.0.1 www.turbocodec.net
        127.0.0.1 turbocodec.net
        127.0.0.1 www.turtogratis.it
        127.0.0.1 turtogratis.it
        127.0.0.1 www.tutogratis.it
        127.0.0.1 tutogratis.it
        127.0.0.1 www.tutorial-hq.com
        127.0.0.1 tutorial-hq.com
        127.0.0.1 www.tutrogratis.it
        127.0.0.1 tutrogratis.it
        127.0.0.1 www.tuttgratis.it
        127.0.0.1 tuttgratis.it
        127.0.0.1 www.tuttoavolonta.com
        127.0.0.1 tuttoavolonta.com
        127.0.0.1 www.tuttofratis.it
        127.0.0.1 tuttofratis.it
        127.0.0.1 www.tuttogeratis.it
        127.0.0.1 tuttogeratis.it
        127.0.0.1 www.tuttograatis.it
        127.0.0.1 tuttograatis.it
        127.0.0.1 www.tuttograis.it
        127.0.0.1 tuttograis.it
        127.0.0.1 www.tuttograris.it
        127.0.0.1 tuttograris.it
        127.0.0.1 www.tuttograti.it
        127.0.0.1 tuttograti.it
        127.0.0.1 www.tuttogratia.it
        127.0.0.1 tuttogratia.it
        127.0.0.1 www.tuttogratias.it
        127.0.0.1 tuttogratias.it
        127.0.0.1 www.tuttogratiis.it
        127.0.0.1 tuttogratiis.it
        127.0.0.1 www.tuttogratisa.it
        127.0.0.1 tuttogratisa.it
        127.0.0.1 www.tuttogratiss.it
        127.0.0.1 tuttogratiss.it
        127.0.0.1 www.tuttogratos.it
        127.0.0.1 tuttogratos.it
        127.0.0.1 www.tuttograts.it
        127.0.0.1 tuttograts.it
        127.0.0.1 www.tuttograttis.it
        127.0.0.1 tuttograttis.it
        127.0.0.1 www.tuttogratus.it
        127.0.0.1 tuttogratus.it
        127.0.0.1 www.tuttograyis.it
        127.0.0.1 tuttograyis.it
        127.0.0.1 www.tuttogrratis.it
        127.0.0.1 tuttogrratis.it
        127.0.0.1 www.tuttogrstis.it
        127.0.0.1 tuttogrstis.it
        127.0.0.1 www.tuttogrtatis.it
        127.0.0.1 tuttogrtatis.it
        127.0.0.1 www.tuttogtratis.it
        127.0.0.1 tuttogtratis.it
        127.0.0.1 www.tuttohratis.it
        127.0.0.1 tuttohratis.it
        127.0.0.1 www.tuttoigratis.it
        127.0.0.1 tuttoigratis.it
        127.0.0.1 www.tuttoogratis.it
        127.0.0.1 tuttoogratis.it
        127.0.0.1 www.tuttopgratis.it
        127.0.0.1 tuttopgratis.it
        127.0.0.1 www.tuttoratis.it
        127.0.0.1 tuttoratis.it
        127.0.0.1 www.tuttpgratis.it
        127.0.0.1 tuttpgratis.it
        127.0.0.1 www.tutttogratis.it
        127.0.0.1 tutttogratis.it
        127.0.0.1 www.tuttyogratis.it
        127.0.0.1 tuttyogratis.it
        127.0.0.1 www.tutyogratis.it
        127.0.0.1 tutyogratis.it
        127.0.0.1 www.tutytogratis.it
        127.0.0.1 tutytogratis.it
        127.0.0.1 www.tuuttogratis.it
        127.0.0.1 tuuttogratis.it
        127.0.0.1 www.tuvcompany.com
        127.0.0.1 tuvcompany.com
        127.0.0.1 www.tuytogratis.it
        127.0.0.1 tuytogratis.it
        127.0.0.1 tv.180solutions.com
        127.0.0.1 www.tvadvanced.com
        127.0.0.1 tvadvanced.com
        127.0.0.1 www.tv-auf-dem-pc.de
        127.0.0.1 tv-auf-dem-pc.de
        127.0.0.1 www.tvcodec.com
        127.0.0.1 tvcodec.com
        127.0.0.1 www.tv-codec.com
        127.0.0.1 tv-codec.com
        127.0.0.1 www.tv-codecs.com
        127.0.0.1 tv-codecs.com
        127.0.0.1 www.tv-en-pc.es
        127.0.0.1 tv-en-pc.es
        127.0.0.1 www.tvnowsite.com
        127.0.0.1 tvnowsite.com
        127.0.0.1 www.tvsatellitepourpc.com
        127.0.0.1 tvsatellitepourpc.com
        127.0.0.1 www.tvscodec.com
        127.0.0.1 tvscodec.com
        127.0.0.1 www.tvshowcollection.com
        127.0.0.1 tvshowcollection.com
        127.0.0.1 www.tv-sur-pc.com
        127.0.0.1 tv-sur-pc.com
        127.0.0.1 www.tyiscali.it
        127.0.0.1 tyiscali.it
        127.0.0.1 www.type2find.com
        127.0.0.1 type2find.com
        127.0.0.1 www.tyttogratis.it
        127.0.0.1 tyttogratis.it
        127.0.0.1 www.tzxsj.com
        127.0.0.1 tzxsj.com
        127.0.0.1 u.webbuying.net
        127.0.0.1 u-239.com
        127.0.0.1 u45.cx
        127.0.0.1 u46.cx
        127.0.0.1 u47.cc
        127.0.0.1 u48.cc
        127.0.0.1 www.u7u.cn
        127.0.0.1 u7u.cn
        127.0.0.1 www.uc8010.com
        127.0.0.1 uc8010.com
        127.0.0.1 www.ucleaner.com
        127.0.0.1 ucleaner.com
        127.0.0.1 www.ucmal.com
        127.0.0.1 ucmal.com
        127.0.0.1 ucmore.com
        127.0.0.1 www.udefender.com
        127.0.0.1 udefender.com
        127.0.0.1 www.ueornaaqada.com
        127.0.0.1 ueornaaqada.com
        127.0.0.1 www.ueornavxiz.biz
        127.0.0.1 ueornavxiz.biz
        127.0.0.1 www.ueornmbkkhmf.biz
        127.0.0.1 ueornmbkkhmf.biz
        127.0.0.1 www.ueorn-rsztriv.com
        127.0.0.1 ueorn-rsztriv.com
        127.0.0.1 www.ueorn-vtvcp.com
        127.0.0.1 ueorn-vtvcp.com
        127.0.0.1 www.ueornygco.com
        127.0.0.1 ueornygco.com
        127.0.0.1 www.ueornymct.com
        127.0.0.1 ueornymct.com
        127.0.0.1 ufindall.click-now.net
        127.0.0.1 www.ufixer.com
        127.0.0.1 ufixer.com
        127.0.0.1 www.uglyphotos.net
        127.0.0.1 uglyphotos.net
        127.0.0.1 www.uibo.it
        127.0.0.1 uibo.it
        127.0.0.1 www.uige.it
        127.0.0.1 uige.it
        127.0.0.1 www.uimi.it
        127.0.0.1 uimi.it
        127.0.0.1 www.uincodec.com
        127.0.0.1 uincodec.com
        127.0.0.1 www.uinimi.it
        127.0.0.1 uinimi.it
        127.0.0.1 www.uipd.it
        127.0.0.1 uipd.it
        127.0.0.1 www.uipg.it
        127.0.0.1 uipg.it
        127.0.0.1 www.uito.it
        127.0.0.1 uito.it
        127.0.0.1 www.ukiee.com
        127.0.0.1 ukiee.com
        127.0.0.1 ulink13.dudu.com
        127.0.0.1 ulink7.dudu.com
        127.0.0.1 ulog.systemdoctor.com
        127.0.0.1 ulog.winantivirus.com
        127.0.0.1 www.ultimatemp3player.com
        127.0.0.1 ultimatemp3player.com
        127.0.0.1 ultimateprotect.com
        127.0.0.1 www.ultimatevideosite.com
        127.0.0.1 ultimatevideosite.com
        127.0.0.1 www.ultracodec.com
        127.0.0.1 ultracodec.com
        127.0.0.1 www.ultrahqcodec.com
        127.0.0.1 ultrahqcodec.com
        127.0.0.1 ultraload.net
        127.0.0.1 umaxsearch.com
        127.0.0.1 www.umibo.it
        127.0.0.1 umibo.it
        127.0.0.1 www.umige.it
        127.0.0.1 umige.it
        127.0.0.1 www.umimi.it
        127.0.0.1 umimi.it
        127.0.0.1 www.umipd.it
        127.0.0.1 umipd.it
        127.0.0.1 www.umipv.it
        127.0.0.1 umipv.it
        127.0.0.1 www.umnibo.it
        127.0.0.1 umnibo.it
        127.0.0.1 www.unbo.it
        127.0.0.1 unbo.it
        127.0.0.1 www.uncj.filetretporn.com
        127.0.0.1 uncj.filetretporn.com
        127.0.0.1 underagehost.com
        127.0.0.1 une-autre-france.com
        127.0.0.1 www.unge.it
        127.0.0.1 unge.it
        127.0.0.1 www.unibno.it
        127.0.0.1 unibno.it
        127.0.0.1 www.unie.it
        127.0.0.1 unie.it
        127.0.0.1 www.uniformpornmag.com
        127.0.0.1 uniformpornmag.com
        127.0.0.1 www.unig.it
        127.0.0.1 unig.it
        127.0.0.1 unigays.com
        127.0.0.1 www.unii.it
        127.0.0.1 unii.it
        127.0.0.1 www.unini.it
        127.0.0.1 unini.it
        127.0.0.1 www.unionseek.com
        127.0.0.1 unionseek.com
        127.0.0.1 www.unionsms.net
        127.0.0.1 unionsms.net
        127.0.0.1 unipages.cc
        127.0.0.1 unitedstates.rub.to
        127.0.0.1 www.univo.it
        127.0.0.1 univo.it
        127.0.0.1 www.unknownip.com
        127.0.0.1 unknownip.com
        127.0.0.1 www.unlimite.net
        127.0.0.1 unlimite.net
        127.0.0.1 www.unlimitedmp3downloads.com
        127.0.0.1 unlimitedmp3downloads.com
        127.0.0.1 www.unlimitedtvshowdownload.com
        127.0.0.1 unlimitedtvshowdownload.com
        127.0.0.1 www.unmi.it
        127.0.0.1 unmi.it
        127.0.0.1 www.unmibo.it
        127.0.0.1 unmibo.it
        127.0.0.1 www.unobo.it
        127.0.0.1 unobo.it
        127.0.0.1 www.unpd.it
        127.0.0.1 unpd.it
        127.0.0.1 www.unpg.it
        127.0.0.1 unpg.it
        127.0.0.1 www.unto.it
        127.0.0.1 unto.it
        127.0.0.1 www.unubo.it
        127.0.0.1 unubo.it
        127.0.0.1 up2you.ru
        127.0.0.1 upd.lop.com
        127.0.0.1 upd.zone-media.com
        127.0.0.1 update.680180.net
        127.0.0.1 www.updatemysettings.com
        127.0.0.1 updatemysettings.com
        127.0.0.1 updates.spywarequake.com
        127.0.0.1 www.upereva.it
        127.0.0.1 upereva.it
        127.0.0.1 uploads.180solutions.com
        127.0.0.1 www.upspiral.com
        127.0.0.1 upspiral.com
        127.0.0.1 www.uptodateprotect.com
        127.0.0.1 uptodateprotect.com
        127.0.0.1 www.uptodatesecurity.com
        127.0.0.1 uptodatesecurity.com
        127.0.0.1 www.uptofind.com
        127.0.0.1 uptofind.com
        127.0.0.1 upx.tsx.org
        127.0.0.1 uralitel.ru
        127.0.0.1 www.urgentsystemupdate.biz
        127.0.0.1 urgentsystemupdate.biz
        127.0.0.1 www.urgentsystemupdate.com
        127.0.0.1 urgentsystemupdate.com
        127.0.0.1 www.url.cpvfeed.com
        127.0.0.1 urlstat.com
        127.0.0.1 urlstat.ru
        127.0.0.1 ursie.net
        127.0.0.1 www.usecodec.com
        127.0.0.1 usecodec.com
        127.0.0.1 usefullsoft.net
        127.0.0.1 www.use-play.com
        127.0.0.1 use-play.com
        127.0.0.1 utahsweet.com
        127.0.0.1 www.utiledeprotection.com
        127.0.0.1 utiledeprotection.com
        127.0.0.1 utils.errorsafe.com
        127.0.0.1 utils.winantivirus.com
        127.0.0.1 www.utils.winfixer.com
        127.0.0.1 utils.winfixer.com
        127.0.0.1 utopicportal.com
        127.0.0.1 uusocialjustice.org
        127.0.0.1 www.uvu-channel.com
        127.0.0.1 uvu-channel.com
        127.0.0.1 www.uydsiygeds.com
        127.0.0.1 uydsiygeds.com
        127.0.0.1 www.uzoogle.com
        127.0.0.1 uzoogle.com
        127.0.0.1 v-224.com
        127.0.0.1 www.v61.com
        127.0.0.1 v61.com
        127.0.0.1 www.v8irgilio.it
        127.0.0.1 v8irgilio.it
        127.0.0.1 www.v8rgilio.it
        127.0.0.1 v8rgilio.it
        127.0.0.1 www.v9irgilio.it
        127.0.0.1 v9irgilio.it
        127.0.0.1 www.v9rgilio.it
        127.0.0.1 v9rgilio.it
        127.0.0.1 www.vac-soft.com
        127.0.0.1 vac-soft.com
        127.0.0.1 www.vacwebsoft.com
        127.0.0.1 vacwebsoft.com
        127.0.0.1 www.vadesrunhdefunnjansdeikin.com
        127.0.0.1 vadesrunhdefunnjansdeikin.com
        127.0.0.1 vaginpics.com
        127.0.0.1 valmyers.com
        127.0.0.1 www.vapochille.com
        127.0.0.1 vapochille.com
        127.0.0.1 www.vaserjungenfujinas.com
        127.0.0.1 vaserjungenfujinas.com
        127.0.0.1 www.vaulimited.com
        127.0.0.1 vaulimited.com
        127.0.0.1 www.vaxcodec.com
        127.0.0.1 vaxcodec.com
        127.0.0.1 www.vaxdownload.com
        127.0.0.1 vaxdownload.com
        127.0.0.1 www.vaxobject.com
        127.0.0.1 vaxobject.com
        127.0.0.1 www.vaxobjectinstall.com
        127.0.0.1 vaxobjectinstall.com
        127.0.0.1 www.vbirgilio.it
        127.0.0.1 vbirgilio.it
        127.0.0.1 www.vcirgilio.it
        127.0.0.1 vcirgilio.it
        127.0.0.1 www.vcodec.com
        127.0.0.1 vcodec.com
        127.0.0.1 www.v-codec.com
        127.0.0.1 v-codec.com
        127.0.0.1 www.vcodec2007.com
        127.0.0.1 vcodec2007.com
        127.0.0.1 www.vcorriere.it
        127.0.0.1 vcorriere.it
        127.0.0.1 vegas-free.com
        127.0.0.1 vegbuy.com
        127.0.0.1 veloventures.com
        127.0.0.1 verkaufen.wegvonviren.com
        127.0.0.1 www.vertionkinhunfenrunhasde.com
        127.0.0.1 vertionkinhunfenrunhasde.com
        127.0.0.1 veryeasysearch.com
        127.0.0.1 verzila.com
        127.0.0.1 vesbiz.biz
        127.0.0.1 www.veyyhlucwa.net
        127.0.0.1 veyyhlucwa.net
        127.0.0.1 www.vfirgilio.it
        127.0.0.1 vfirgilio.it
        127.0.0.1 www.vgazzetta.it
        127.0.0.1 vgazzetta.it
        127.0.0.1 www.vgirgilio.it
        127.0.0.1 vgirgilio.it
        127.0.0.1 www.vgoogle.it
        127.0.0.1 vgoogle.it
        127.0.0.1 www.vi4gilio.it
        127.0.0.1 vi4gilio.it
        127.0.0.1 www.vi4rgilio.it
        127.0.0.1 vi4rgilio.it
        127.0.0.1 www.vi5gilio.it
        127.0.0.1 vi5gilio.it
        127.0.0.1 www.vi5rgilio.it
        127.0.0.1 vi5rgilio.it
        127.0.0.1 www.vi8rgilio.it
        127.0.0.1 vi8rgilio.it
        127.0.0.1 www.vi9rgilio.it
        127.0.0.1 vi9rgilio.it
        127.0.0.1 www.vicodec.com
        127.0.0.1 vicodec.com
        127.0.0.1 victoriaadam.com
        127.0.0.1 www.vidaccess.net
        127.0.0.1 vidaccess.net
        127.0.0.1 www.vidcodecs.com
        127.0.0.1 vidcodecs.com
        127.0.0.1 www.videoaccessactivex.com
        127.0.0.1 videoaccessactivex.com
        127.0.0.1 www.videoactivexlist.com
        127.0.0.1 videoactivexlist.com
        127.0.0.1 www.videoactivexmode.com
        127.0.0.1 videoactivexmode.com
        127.0.0.1 www.videoactivexnote.com
        127.0.0.1 videoactivexnote.com
        127.0.0.1 www.videoactivexsetup.com
        127.0.0.1 videoactivexsetup.com
        127.0.0.1 www.videoactivexsoft.com
        127.0.0.1 videoactivexsoft.com
        127.0.0.1 www.videoactivexsoftware.com
        127.0.0.1 videoactivexsoftware.com
        127.0.0.1 www.videoaxdata.com
        127.0.0.1 videoaxdata.com
        127.0.0.1 www.videoaxdownload.com
        127.0.0.1 videoaxdownload.com
        127.0.0.1 www.videoaxobject.com
        127.0.0.1 videoaxobject.com
        127.0.0.1 www.videoaxproject.com
        127.0.0.1 videoaxproject.com
        127.0.0.1 www.videoaxsoftware.com
        127.0.0.1 videoaxsoftware.com
        127.0.0.1 www.videoaxsolution.com
        127.0.0.1 videoaxsolution.com
        127.0.0.1 videocategories.com
        127.0.0.1 www.video-clips.in
        127.0.0.1 video-clips.in
        127.0.0.1 www.videoobjectax.com
        127.0.0.1 videoobjectax.com
        127.0.0.1 www.videoobjectmedia.com
        127.0.0.1 videoobjectmedia.com
        127.0.0.1 www.videoplayersite.com
        127.0.0.1 videoplayersite.com
        127.0.0.1 www.videos-access.com
        127.0.0.1 videos-access.com
        127.0.0.1 www.videosaccess.net
        127.0.0.1 videosaccess.net
        127.0.0.1 www.videoscodec.com
        127.0.0.1 videoscodec.com
        127.0.0.1 www.videosfan.com
        127.0.0.1 videosfan.com
        127.0.0.1 www.videosoftonline.com
        127.0.0.1 videosoftonline.com
        127.0.0.1 www.videosoftwareax.com
        127.0.0.1 videosoftwareax.com
        127.0.0.1 www.videossoftware.com
        127.0.0.1 videossoftware.com
        127.0.0.1 www.videowebproject.com
        127.0.0.1 videowebproject.com
        127.0.0.1 www.videowebsoft.com
        127.0.0.1 videowebsoft.com
        127.0.0.1 www.videozapping.com
        127.0.0.1 videozapping.com
        127.0.0.1 www.vidrgilio.it
        127.0.0.1 vidrgilio.it
        127.0.0.1 www.vids-access.com
        127.0.0.1 vids-access.com
        127.0.0.1 www.vidscodec.com
        127.0.0.1 vidscodec.com
        127.0.0.1 www.vidsfest.com
        127.0.0.1 vidsfest.com
        127.0.0.1 www.viegilio.it
        127.0.0.1 viegilio.it
        127.0.0.1 www.viergilio.it
        127.0.0.1 viergilio.it
        127.0.0.1 www.viewimageonline.com
        127.0.0.1 viewimageonline.com
        127.0.0.1 www.vifgilio.it
        127.0.0.1 vifgilio.it
        127.0.0.1 www.vifrgilio.it
        127.0.0.1 vifrgilio.it
        127.0.0.1 www.vigrgilio.it
        127.0.0.1 vigrgilio.it
        127.0.0.1 www.vigrilio.it
        127.0.0.1 vigrilio.it
        127.0.0.1 www.vijrgilio.it
        127.0.0.1 vijrgilio.it
        127.0.0.1 www.vikrgilio.it
        127.0.0.1 vikrgilio.it
        127.0.0.1 www.vilrgilio.it
        127.0.0.1 vilrgilio.it
        127.0.0.1 www.viorgilio.it
        127.0.0.1 viorgilio.it
        127.0.0.1 www.vipru.com
        127.0.0.1 vipru.com
        127.0.0.1 www.vir4gilio.it
        127.0.0.1 vir4gilio.it
        127.0.0.1 www.vir5gilio.it
        127.0.0.1 vir5gilio.it
        127.0.0.1 www.virbgilio.it
        127.0.0.1 virbgilio.it
        127.0.0.1 www.virbilio.it
        127.0.0.1 virbilio.it
        127.0.0.1 www.virdgilio.it
        127.0.0.1 virdgilio.it
        127.0.0.1 www.viregilio.it
        127.0.0.1 viregilio.it
        127.0.0.1 www.virfgilio.it
        127.0.0.1 virfgilio.it
        127.0.0.1 www.virg8ilio.it
        127.0.0.1 virg8ilio.it
        127.0.0.1 www.virg8lio.it
        127.0.0.1 virg8lio.it
        127.0.0.1 www.virg9ilio.it
        127.0.0.1 virg9ilio.it
        127.0.0.1 www.virg9lio.it
        127.0.0.1 virg9lio.it
        127.0.0.1 www.virgbilio.it
        127.0.0.1 virgbilio.it
        127.0.0.1 www.virgfilio.it
        127.0.0.1 virgfilio.it
        127.0.0.1 www.virghilio.it
        127.0.0.1 virghilio.it
        127.0.0.1 www.virgi8lio.it
        127.0.0.1 virgi8lio.it
        127.0.0.1 www.virgi9lio.it
        127.0.0.1 virgi9lio.it
        127.0.0.1 www.virgiilo.it
        127.0.0.1 virgiilo.it
        127.0.0.1 www.virgiio.it
        127.0.0.1 virgiio.it
        127.0.0.1 www.virgijlio.it
        127.0.0.1 virgijlio.it
        127.0.0.1 www.virgiklio.it
        127.0.0.1 virgiklio.it
        127.0.0.1 www.virgil8io.it
        127.0.0.1 virgil8io.it
        127.0.0.1 www.virgil9io.it
        127.0.0.1 virgil9io.it
        127.0.0.1 www.virgili0.it
        127.0.0.1 virgili0.it
        127.0.0.1 www.virgili8o.it
        127.0.0.1 virgili8o.it
        127.0.0.1 www.virgili9.it
        127.0.0.1 virgili9.it
        127.0.0.1 www.virgili9o.it
        127.0.0.1 virgili9o.it
        127.0.0.1 www.virgilijo.it
        127.0.0.1 virgilijo.it
        127.0.0.1 www.virgiliko.it
        127.0.0.1 virgiliko.it
        127.0.0.1 www.virgilil.it
        127.0.0.1 virgilil.it
        127.0.0.1 www.virgililo.it
        127.0.0.1 virgililo.it
        127.0.0.1 www.virgilio0.it
        127.0.0.1 virgilio0.it
        127.0.0.1 www.virgilio9.it
        127.0.0.1 virgilio9.it
        127.0.0.1 www.virgilioi.it
        127.0.0.1 virgilioi.it
        127.0.0.1 www.virgiliok.it
        127.0.0.1 virgiliok.it
        127.0.0.1 www.virgiliol.it
        127.0.0.1 virgiliol.it
        127.0.0.1 www.virgiliop.it
        127.0.0.1 virgiliop.it
        127.0.0.1 www.virgilipo.it
        127.0.0.1 virgilipo.it
        127.0.0.1 www.virgiliuo.it
        127.0.0.1 virgiliuo.it
        127.0.0.1 www.virgiljio.it
        127.0.0.1 virgiljio.it
        127.0.0.1 www.virgilkio.it
        127.0.0.1 virgilkio.it
        127.0.0.1 www.virgiloio.it
        127.0.0.1 virgiloio.it
        127.0.0.1 www.virgiloo.it
        127.0.0.1 virgiloo.it
        127.0.0.1 www.virgilpio.it
        127.0.0.1 virgilpio.it
        127.0.0.1 www.virgiluio.it
        127.0.0.1 virgiluio.it
        127.0.0.1 www.virgiluo.it
        127.0.0.1 virgiluo.it
        127.0.0.1 virgin-tgp.net
        127.0.0.1 www.virgioio.it
        127.0.0.1 virgioio.it
        127.0.0.1 www.virgiolio.it
        127.0.0.1 virgiolio.it
        127.0.0.1 www.virgiplio.it
        127.0.0.1 virgiplio.it
        127.0.0.1 www.virgiulio.it
        127.0.0.1 virgiulio.it
        127.0.0.1 www.virgjilio.it
        127.0.0.1 virgjilio.it
        127.0.0.1 www.virgkilio.it
        127.0.0.1 virgkilio.it
        127.0.0.1 www.virgklio.it
        127.0.0.1 virgklio.it
        127.0.0.1 www.virglilio.it
        127.0.0.1 virglilio.it
        127.0.0.1 www.virgoilio.it
        127.0.0.1 virgoilio.it
        127.0.0.1 www.virgtilio.it
        127.0.0.1 virgtilio.it
        127.0.0.1 www.virguilio.it
        127.0.0.1 virguilio.it
        127.0.0.1 www.virgvilio.it
        127.0.0.1 virgvilio.it
        127.0.0.1 www.virgyilio.it
        127.0.0.1 virgyilio.it
        127.0.0.1 www.virhgilio.it
        127.0.0.1 virhgilio.it
        127.0.0.1 www.virprotect.com
        127.0.0.1 virprotect.com
        127.0.0.1 www.virtgilio.it
        127.0.0.1 virtgilio.it
        127.0.0.1 www.virtilio.it
        127.0.0.1 virtilio.it
        127.0.0.1 www.virtualcodec.com
        127.0.0.1 virtualcodec.com
        127.0.0.1 www.virtual-ticket.net
        127.0.0.1 virtual-ticket.net
        127.0.0.1 www.virusburst.com
        127.0.0.1 virusburst.com
        127.0.0.1 www.viruscrusher.com
        127.0.0.1 viruscrusher.com
        127.0.0.1 www.virusdifesa.com
        127.0.0.1 virusdifesa.com
        127.0.0.1 www.virusforsvar.com
        127.0.0.1 virusforsvar.com
        127.0.0.1 www.virusgarde.com
        127.0.0.1 virusgarde.com
        127.0.0.1 www.virushunter.com
        127.0.0.1 virushunter.com
        127.0.0.1 www.virusnuke.com
        127.0.0.1 virusnuke.com
        127.0.0.1 virusprotectpro.com
        127.0.0.1 www.virusranger.com
        127.0.0.1 virusranger.com
        127.0.0.1 www.virusrescue.com
        127.0.0.1 virusrescue.com
        127.0.0.1 www.virusscansite.com
        127.0.0.1 virusscansite.com
        127.0.0.1 www.virusschlacht.com
        127.0.0.1 virusschlacht.com
        127.0.0.1 www.virusvakt.com
        127.0.0.1 virusvakt.com
        127.0.0.1 www.virvgilio.it
        127.0.0.1 virvgilio.it
        127.0.0.1 www.virvilio.it
        127.0.0.1 virvilio.it
        127.0.0.1 www.virygilio.it
        127.0.0.1 virygilio.it
        127.0.0.1 vitamins-for-each.com
        127.0.0.1 www.vitrgilio.it
        127.0.0.1 vitrgilio.it
        127.0.0.1 www.viurgilio.it
        127.0.0.1 viurgilio.it
        127.0.0.1 www.vivacodec.net
        127.0.0.1 vivacodec.net
        127.0.0.1 www.vjirgilio.it
        127.0.0.1 vjirgilio.it
        127.0.0.1 www.vkirgilio.it
        127.0.0.1 vkirgilio.it
        127.0.0.1 www.vkrgilio.it
        127.0.0.1 vkrgilio.it
        127.0.0.1 www.vlirgilio.it
        127.0.0.1 vlirgilio.it
        127.0.0.1 www.voghp.com
        127.0.0.1 voghp.com
        127.0.0.1 void.truth-is-out-there.org
        127.0.0.1 www.voirgilio.it
        127.0.0.1 voirgilio.it
        127.0.0.1 www.vorriere.it
        127.0.0.1 vorriere.it
        127.0.0.1 votehowe.org
        127.0.0.1 www.vother.info
        127.0.0.1 vother.info
        127.0.0.1 www.votreenton.biz
        127.0.0.1 votreenton.biz
        127.0.0.1 vparivalka.com
        127.0.0.1 www.vplprocedure.com
        127.0.0.1 vplprocedure.com
        127.0.0.1 vse-moe.biz
        127.0.0.1 www.vskeylogger.nazwa.pl
        127.0.0.1 vskeylogger.nazwa.pl
        127.0.0.1 www.vtvcp-ueorn.com
        127.0.0.1 vtvcp-ueorn.com
        127.0.0.1 www.vtvcp-ymct.com
        127.0.0.1 vtvcp-ymct.com
        127.0.0.1 www.vuirgilio.it
        127.0.0.1 vuirgilio.it
        127.0.0.1 vxebony.com
        127.0.0.1 wabq.com
        127.0.0.1 wabu.com
        127.0.0.1 wakeupdick.com
        127.0.0.1 www.walitalia.it
        127.0.0.1 walitalia.it
        127.0.0.1 www.wanfuchina.com
        127.0.0.1 wanfuchina.com
        127.0.0.1 www.ware2006.com
        127.0.0.1 ware2006.com
        127.0.0.1 www.warez.com
        127.0.0.1 warez.com
        127.0.0.1 www.warningiepage.com
        127.0.0.1 warningiepage.com
        127.0.0.1 warnomore.org
        127.0.0.1 www.watchonline.tv
        127.0.0.1 watchonline.tv
        127.0.0.1 watersport-specialties.com
        127.0.0.1 www.wazzupnet.com
        127.0.0.1 wazzupnet.com
        127.0.0.1 www.wbay.it
        127.0.0.1 wbay.it
        127.0.0.1 wbkb.com
        127.0.0.1 web.links4all.biz
        127.0.0.1 web1000.com
        127.0.0.1 www.webaccelerating.com
        127.0.0.1 webaccelerating.com
        127.0.0.1 www.webbuying.net
        127.0.0.1 webbuying.net
        127.0.0.1 www.web-codec.com
        127.0.0.1 web-codec.com
        127.0.0.1 webcoolsearch.com
        127.0.0.1 web-entrance.co
        127.0.0.1 www.web-fastserve.com
        127.0.0.1 web-fastserve.com
        127.0.0.1 www.webhancer.com
        127.0.0.1 webhancer.com
        127.0.0.1 web-homepage.net
        127.0.0.1 www.webinvestigator.com
        127.0.0.1 webinvestigator.com
        127.0.0.1 www.webiphoneaccess.com
        127.0.0.1 webiphoneaccess.com
        127.0.0.1 www.webiphonedownloads.com
        127.0.0.1 webiphonedownloads.com
        127.0.0.1 www.webipoddownload.com
        127.0.0.1 webipoddownload.com
        127.0.0.1 www.Web-mediaplayer.com
        127.0.0.1 Web-mediaplayer.com
        127.0.0.1 www.webnetinfo.net
        127.0.0.1 webnetinfo.net
        127.0.0.1 web-nexus.net
        127.0.0.1 www.webpspdownload.com
        127.0.0.1 webpspdownload.com
        127.0.0.1 www.websearch.com
        127.0.0.1 websearch.com
        127.0.0.1 web-search.tk
        127.0.0.1 www.websearch24.com
        127.0.0.1 websearch24.com
        127.0.0.1 websearchdot.com
        127.0.0.1 www.websopot.com
        127.0.0.1 websopot.com
        127.0.0.1 www.webspyshield.com
        127.0.0.1 webspyshield.com
        127.0.0.1 www.webtop100.net
        127.0.0.1 webtop100.net
        127.0.0.1 www.webtopsecurity.com
        127.0.0.1 webtopsecurity.com
        127.0.0.1 weekend-movies.com
        127.0.0.1 www.weeproject.com
        127.0.0.1 weeproject.com
        127.0.0.1 www.wegvonviren.com
        127.0.0.1 wegvonviren.com
        127.0.0.1 www.wethere.com
        127.0.0.1 wethere.com
        127.0.0.1 wetpornostars.com
        127.0.0.1 wfix.com
        127.0.0.1 wflu.com
        127.0.0.1 www.wg581.com
        127.0.0.1 wg581.com
        127.0.0.1 www.whatmetodonow.org
        127.0.0.1 whatmetodonow.org
        127.0.0.1 whatsyoursearch.com
        127.0.0.1 whazit.com
        127.0.0.1 www.whitecodec.com
        127.0.0.1 whitecodec.com
        127.0.0.1 white-pages.ws
        127.0.0.1 www.whitescat.com
        127.0.0.1 whitescat.com
        127.0.0.1 whittierblvd.com
        127.0.0.1 www.whoisprivacyprotect.com
        127.0.0.1 whoisprivacyprotect.com
        127.0.0.1 www.winamp2007.com
        127.0.0.1 winamp2007.com
        127.0.0.1 www.winamp-download-now.com
        127.0.0.1 winamp-download-now.com
        127.0.0.1 www.winamp-hq.com
        127.0.0.1 winamp-hq.com
        127.0.0.1 www.winantispam.com
        127.0.0.1 winantispam.com
        127.0.0.1 www.winantispy.com
        127.0.0.1 winantispy.com
        127.0.0.1 www.winantispyware.com
        127.0.0.1 winantispyware.com
        127.0.0.1 www.winantivirus.com
        127.0.0.1 winantivirus.com
        127.0.0.1 www.winantiviruspro.com
        127.0.0.1 winantiviruspro.com
        127.0.0.1 www.win-anti-virus-pro.com
        127.0.0.1 win-anti-virus-pro.com
        127.0.0.1 www.windefender.com
        127.0.0.1 windefender.com
        127.0.0.1 windowenhancer.com
        127.0.0.1 www.windrivecleaner.com
        127.0.0.1 windrivecleaner.com
        127.0.0.1 www.windrivesafe.com
        127.0.0.1 windrivesafe.com
        127.0.0.1 windupdates.com
        127.0.0.1 www.winfirewall.com
        127.0.0.1 winfirewall.com
        127.0.0.1 www.winfixer.com
        127.0.0.1 winfixer.com
        127.0.0.1 www.winfixer2006.com
        127.0.0.1 winfixer2006.com
        127.0.0.1 win-in-casino.com
        127.0.0.1 www.winmediacodec.com
        127.0.0.1 winmediacodec.com
        127.0.0.1 winmsn.com
        127.0.0.1 www.winmx.click-new-download.com
        127.0.0.1 winmx.click-new-download.com
        127.0.0.1 www.winmxfrance.com
        127.0.0.1 winmxfrance.com
        127.0.0.1 www.winmx-freebie.com
        127.0.0.1 winmx-freebie.com
        127.0.0.1 www.winmx-music-download.com

        127.0.0.1 yahabags.com
        127.0.0.1 www.yahabags.com
        127.0.0.1 yahoo.downloadznow.net
        127.0.0.1 yahoo.panet.org
        127.0.0.1 www.yboeragu.com
        127.0.0.1 yboeragu.com
        127.0.0.1 www.ydaproject.com
        127.0.0.1 ydaproject.com
        127.0.0.1 yeak.net
        127.0.0.1 y-e-l-l-o-w.com
        127.0.0.1 yellow500.com
        127.0.0.1 yezol.com
        127.0.0.1 www.ygcoueorn.com
        127.0.0.1 ygcoueorn.com
        127.0.0.1 www.ygcovtvcp.com
        127.0.0.1 ygcovtvcp.com
        127.0.0.1 www.ygoogle.it
        127.0.0.1 ygoogle.it
        127.0.0.1 ygsondheks.info
        127.0.0.1 www.ygsondheks.info
        127.0.0.1 yim-stop.com
        127.0.0.1 www.yim-stop.com
        127.0.0.1 www.yiscali.it
        127.0.0.1 yiscali.it
        127.0.0.1 www.ymctaaqada.com
        127.0.0.1 ymctaaqada.com
        127.0.0.1 www.ymct-aaqada.com
        127.0.0.1 ymct-aaqada.com
        127.0.0.1 www.ymctavxiz.biz
        127.0.0.1 ymctavxiz.biz
        127.0.0.1 yoogee.com
        127.0.0.1 www.yoogee.com
        127.0.0.1 www.yoogle.it
        127.0.0.1 yoogle.it
        127.0.0.1 yootube.info
        127.0.0.1 yops.biz
        127.0.0.1 www.yops.biz
        127.0.0.1 youfindall.com
        127.0.0.1 youfindall.net
        127.0.0.1 www.youlikehere.com
        127.0.0.1 youlikehere.com
        127.0.0.1 www.youniyouwo.com
        127.0.0.1 youniyouwo.com
        127.0.0.1 yourbookmarks.info
        127.0.0.1 yourbookmarks.ws
        127.0.0.1 www.yourchillyvids.com
        127.0.0.1 yourchillyvids.com
        127.0.0.1 yourcodec.com
        127.0.0.1 www.yourcodec.com
        127.0.0.1 yourieprotect.com
        127.0.0.1 www.yourieprotect.com
        127.0.0.1 youriesafety.com
        127.0.0.1 www.youriesafety.com
        127.0.0.1 youriesecure.com
        127.0.0.1 www.youriesecure.com
        127.0.0.1 www.yourphotozone.com
        127.0.0.1 yourphotozone.com
        127.0.0.1 your-prescriptions.net
        127.0.0.1 yoursearchspace.com
        127.0.0.1 www.yoursearchspace.com
        127.0.0.1 yoursitebar.com
        127.0.0.1 you-search.com
        127.0.0.1 you-search.com.ru
        127.0.0.1 ypir.com
        127.0.0.1 ysa-info.net
        127.0.0.1 ysbweb.com
        127.0.0.1 www.ysbweb.com
        127.0.0.1 www.ytiscali.it
        127.0.0.1 ytiscali.it
        127.0.0.1 www.ytrenitalia.it
        127.0.0.1 ytrenitalia.it
        127.0.0.1 yukohamano.com
        127.0.0.1 www.yunibo.it
        127.0.0.1 yunibo.it
        127.0.0.1 ywebsearch.info
        127.0.0.1 zabywjwzlr.biz.biz
        127.0.0.1 www.zabywjwzlr.biz.biz
        127.0.0.1 www.zalitalia.it
        127.0.0.1 zalitalia.it
        127.0.0.1 www.zangcodec.net
        127.0.0.1 zangcodec.net
        127.0.0.1 zangocash.com
        127.0.0.1 www.zangocash.com
        127.0.0.1 zapros.com
        127.0.0.1 zcodec.com
        127.0.0.1 www.zcodec.com
        127.0.0.1 zdrqmpad.com
        127.0.0.1 www.zdrqmpad.com
        127.0.0.1 zelaznyworld.com
        127.0.0.1 www.zelaznyworld.com
        127.0.0.1 zenotecnico.com
        127.0.0.1 www.zenotecnico.com
        127.0.0.1 zenotecnico2.com
        127.0.0.1 www.zenotecnico2.com
        127.0.0.1 zero.bestmanage.org
        127.0.0.1 zero.bestmanage0.org
        127.0.0.1 zero.bestmanage1.org
        127.0.0.1 zero.bestmanage2.org
        127.0.0.1 zero.bestmanage3.org
        127.0.0.1 zero.bestmanage4.org
        127.0.0.1 zero.bestmanage5.org
        127.0.0.1 zero.bestmanage6.org
        127.0.0.1 zero.bestmanage7.org
        127.0.0.1 zero.bestmanage8.org
        127.0.0.1 zero.bestmanage9.org
        127.0.0.1 zero.serverc.org
        127.0.0.1 zero.sisdotnet.com
        127.0.0.1 www.zerocodec.com
        127.0.0.1 zerocodec.com
        127.0.0.1 zero-codec.com
        127.0.0.1 www.zero-codec.com
        127.0.0.1 zesearch.com
        127.0.0.1 zestyfind.com
        127.0.0.1 www.zestyfind.com
        127.0.0.1 zfxaqzkevi.com
        127.0.0.1 www.zfxaqzkevi.com
        127.0.0.1 zhmbscwdgk.biz
        127.0.0.1 www.zhmbscwdgk.biz
        127.0.0.1 zipcodec.com
        127.0.0.1 www.zipcodec.com
        127.0.0.1 ziportal.com
        127.0.0.1 zipportal.com
        127.0.0.1 zippy-lookup.com
        127.0.0.1 www.zippy-lookup.com
        127.0.0.1 zjkjw.gov.cn
        127.0.0.1 www.zjkjw.gov.cn
        127.0.0.1 znext.com
        127.0.0.1 www.znext.com
        127.0.0.1 zonealarm-download-now.com
        127.0.0.1 www.zonealarm-download-now.com
        127.0.0.1 zonealarm-stop.com
        127.0.0.1 www.zonealarm-stop.com
        127.0.0.1 zone-media.com
        127.0.0.1 www.zone-media.com
        127.0.0.1 zoneoffreeporn.com
        127.0.0.1 zoofil.com
        127.0.0.1 zoomegasite.com
        127.0.0.1 www.zpwebsource.com
        127.0.0.1 zpwebsource.com
        127.0.0.1 www.zqavanjpn.biz
        127.0.0.1 zqavanjpn.biz
        127.0.0.1 z-quest.com
        127.0.0.1 www.z-quest.com
        127.0.0.1 www.zsupereva.it
        127.0.0.1 zsupereva.it
        127.0.0.1 www.zsvcompany.com
        127.0.0.1 zsvcompany.com
        127.0.0.1 zurrusco.com
        127.0.0.1 www.zurrusco.com
        127.0.0.1 zvimigdal.com
        127.0.0.1 www.zxcsolution.com
        127.0.0.1 zxcsolution.com
        127.0.0.1 zxlinks.com
        127.0.0.1 www.zxlinks.com
        127.0.0.1 zyban-zocor-levitra.com

        »»»»»»»»»»»»»»»»»»»»»»»» VACFix

        VACFix
        Credits: Malware Analysis & Diagnostic
        Code: S!Ri


        »»»»»»»»»»»»»»»»»»»»»»»» Winsock2 Fix

        S!Ri's WS2Fix: LSP not Found.


        »»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix

        GenericRenosFix by S!Ri


        »»»»»»»»»»»»»»»»»»»»»»»» Suppression des fichiers infectés


        »»»»»»»»»»»»»»»»»»»»»»»» IEDFix

        IEDFix
        Credits: Malware Analysis & Diagnostic
        Code: S!Ri


        »»»»»»»»»»»»»»»»»»»»»»»» DNS

        Description: Realtek RTL8139/810x Family Fast Ethernet NIC - Miniport d'ordonnancement de paquets
        DNS Server Search Order: 213.234.192.8
        DNS Server Search Order: 85.21.192.3

        Description: WAN (PPP/SLIP) Interface
        DNS Server Search Order: 213.234.192.7
        DNS Server Search Order: 195.14.50.21

        HKLM\SYSTEM\CCS\Services\Tcpip\..\{201DE11F-88F5-43C0-9020-7B450DD8653B}: NameServer=213.234.192.7 195.14.50.21
        HKLM\SYSTEM\CCS\Services\Tcpip\..\{A7253F1B-22F9-4A38-8443-149AEAF9E275}: DhcpNameServer=213.234.192.8 85.21.192.3
        HKLM\SYSTEM\CS1\Services\Tcpip\..\{A7253F1B-22F9-4A38-8443-149AEAF9E275}: DhcpNameServer=195.14.50.1 195.14.50.21
        HKLM\SYSTEM\CS2\Services\Tcpip\..\{201DE11F-88F5-43C0-9020-7B450DD8653B}: NameServer=213.234.192.7 195.14.50.21
        HKLM\SYSTEM\CS2\Services\Tcpip\..\{A7253F1B-22F9-4A38-8443-149AEAF9E275}: DhcpNameServer=213.234.192.8 85.21.192.3
        HKLM\SYSTEM\CS3\Services\Tcpip\..\{A7253F1B-22F9-4A38-8443-149AEAF9E275}: DhcpNameServer=213.234.192.8 85.21.192.3
        HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=195.14.50.1 195.14.50.21
        HKLM\SYSTEM\CS3\Services\Tcpip\Parameters: DhcpNameServer=213.234.192.8 85.21.192.3


        »»»»»»»»»»»»»»»»»»»»»»»» Suppression Fichiers Temporaires


        »»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
        !!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

        [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
        "System"=""


        »»»»»»»»»»»»»»»»»»»»»»»» Nettoyage du registre

        Nettoyage terminé.

        »»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Après SmitFraudFix
        !!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

        SrchSTS.exe by S!Ri
        Search SharedTaskScheduler's .dll


        »»»»»»»»»»»»»»»»»»»»»»»» Fin
        0
  4. ^^Marie^^ Messages postés 41884 Date d'inscription   Statut Membre Dernière intervention   3 280
     
    Salut

    Télécharge Zeb-Restore

    http://telechargement.zebulon.fr/zeb-restore.html

    enregistre ce fichier sur le bureau.

    -Clic droit Zeb-Restore.zip ==> Extraire tout choisis comme lieu d'enregistrement le bureau.
    -Ouvre le dossier ZR_1.0.0.37 ==> double clic sur Zeb-Restore.exe
    - Coche la case devant : Réinitialiser Fichier Hosts
    - Ne coche aucune autre case
    -Clique sur Restaurer
    -Redémarre ton PC+++

    Re-essaie smitfraud option 2
    0
    1. fredbed Messages postés 17 Date d'inscription   Statut Membre
       
      Bonjour Marie,

      Merci de m'avoir répondu

      j'ai fais ce que tu m'as dis, et voila rapport mais pas avec le mode ss echec



      SmitFraudFix v2.290

      Rapport fait à 12:53:05,68, 02/03/2008
      Executé à partir de C:\Documents and Settings\Fredi\Bureau\pakage antiviral\SmitfraudFix
      OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
      Le type du système de fichiers est NTFS
      Fix executé en mode normal

      »»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Avant SmitFraudFix
      !!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

      SrchSTS.exe by S!Ri
      Search SharedTaskScheduler's .dll

      »»»»»»»»»»»»»»»»»»»»»»»» Arret des processus


      »»»»»»»»»»»»»»»»»»»»»»»» hosts


      127.0.0.1 localhost



      »»»»»»»»»»»»»»»»»»»»»»»» VACFix

      VACFix
      Credits: Malware Analysis & Diagnostic
      Code: S!Ri


      »»»»»»»»»»»»»»»»»»»»»»»» Winsock2 Fix

      S!Ri's WS2Fix: LSP not Found.


      »»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix

      GenericRenosFix by S!Ri


      »»»»»»»»»»»»»»»»»»»»»»»» Suppression des fichiers infectés


      »»»»»»»»»»»»»»»»»»»»»»»» IEDFix

      IEDFix
      Credits: Malware Analysis & Diagnostic
      Code: S!Ri


      »»»»»»»»»»»»»»»»»»»»»»»» DNS

      HKLM\SYSTEM\CS1\Services\Tcpip\..\{A7253F1B-22F9-4A38-8443-149AEAF9E275}: DhcpNameServer=195.14.50.1 195.14.50.21
      HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=195.14.50.1 195.14.50.21


      »»»»»»»»»»»»»»»»»»»»»»»» Suppression Fichiers Temporaires


      »»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
      !!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
      "System"=""


      »»»»»»»»»»»»»»»»»»»»»»»» Nettoyage du registre

      Nettoyage terminé.

      »»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Après SmitFraudFix
      !!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

      SrchSTS.exe by S!Ri
      Search SharedTaskScheduler's .dll


      »»»»»»»»»»»»»»»»»»»»»»»» Fin
      0
  5. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  6. ^^Marie^^ Messages postés 41884 Date d'inscription   Statut Membre Dernière intervention   3 280
     
    Que se passe-t-il avec le Mode sans échec ??

    Refais un log hijackthis
    stp
    0
    1. fredbed Messages postés 17 Date d'inscription   Statut Membre
       
      Voila pour Hijackthis

      Pour le mode sans echec, je sais pas trop , mais serait il possible que se soit lier a un plantage de l'installation de ubuntu?






      Logfile of HijackThis v1.99.1
      Scan saved at 13:06:30, on 02/03/2008
      Platform: Windows XP SP2 (WinNT 5.01.2600)
      MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

      Running processes:
      C:\WINDOWS\System32\smss.exe
      C:\WINDOWS\system32\winlogon.exe
      C:\WINDOWS\system32\services.exe
      C:\WINDOWS\system32\lsass.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\System32\svchost.exe
      C:\WINDOWS\system32\spoolsv.exe
      C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
      C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
      C:\WINDOWS\AGRSMMSG.exe
      C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
      C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
      C:\WINDOWS\system32\ctfmon.exe
      C:\Program Files\Windows Live\Messenger\msnmsgr.exe
      C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
      C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE
      C:\WINDOWS\explorer.exe
      C:\Program Files\Mozilla Firefox\firefox.exe
      C:\Documents and Settings\Fredi\Bureau\pakage antiviral\test.exe

      R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
      O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
      O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
      O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
      O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
      O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
      O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
      O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
      O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
      O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
      O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
      O8 - Extra context menu item: &eBay Search - res://C:\Program Files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html
      O8 - Extra context menu item: Envoyer à &Bluetooth - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie_ctx.htm
      O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
      O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
      O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie.htm
      O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie.htm
      O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
      O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
      O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
      O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
      O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
      O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
      O14 - IERESET.INF: START_PAGE_URL=https://www.targa.gmbh/eng/targa/
      O16 - DPF: {09F1ADAC-76D8-4D0F-99A5-5C907DADB988} - http://cdn.downloadcontrol.com/
      O17 - HKLM\System\CCS\Services\Tcpip\..\{201DE11F-88F5-43C0-9020-7B450DD8653B}: NameServer = 213.234.192.7 195.14.50.21
      O17 - HKLM\System\CS2\Services\Tcpip\..\{201DE11F-88F5-43C0-9020-7B450DD8653B}: NameServer = 213.234.192.7 195.14.50.21
      O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
      O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
      O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
      O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
      O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
      O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
      O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
      O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe
      O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe
      O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe
      O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
      O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
      O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Program Files\Windows Live\installer\WLSetupSvc.exe
      0
  7. fredbed Messages postés 17 Date d'inscription   Statut Membre
     
    Voila pour Hijackthis

    Pour le mode sans echec, je sais pas trop , mais serait il possible que se soit lier a un plantage de l'installation de ubuntu?

    0
  8. ^^Marie^^ Messages postés 41884 Date d'inscription   Statut Membre Dernière intervention   3 280
     
    Salut

    # Télécharger FixWareout sur le bureau : http://downloads.subratam.org/Fixwareout.exe
    # Lancer le fix : cliquer sur Next, puis Install, s’assurer que l’option Run fixit est activée puis cliquer sur Finish.
    # Il sera demandé ensuite de redémarrer l’ordinateur : redémarrer le.
    # Si le système met un peu plus de temps au démarrage, c'est normal.
    # Le contenu du rapport qui s'affichera à l'écran sera enregistrai dans un fichier nommé report.txt., poste la

    4/ Lance HijackThis
    puis --> Do a system scan only
    coche les lignes indiquées ci-dessous
    puis --> Fix checked
    puis oui à la question de confirmation

    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
    O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
    O16 - DPF: {09F1ADAC-76D8-4D0F-99A5-5C907DADB988} - http://cdn.downloadcontrol.com/


    Mets JAVA à jour
    https://www.java.com/fr/download/manual.jsp

    Refais un log hijacthis + les symptômes de ton PC

    ++

    0
    1. fredbed
       
      Bonjour Marie,
      Voila le log de fixwareout et de hijackthis



      Username "Fredi" - 24/03/2008 7:58:43 [Fixwareout edited 9/01/2007]

      ~~~~~ Prerun check

      Impossible de vider la cache de résolution DNS : La fonction a échoué lors de l'exécution.


      System was rebooted successfully.

      ~~~~~ Postrun check
      HKLM\SOFTWARE\~\Winlogon\ "System"=""
      ....
      ....
      ~~~~~ Misc files.
      ....
      ~~~~~ Checking for older varients.
      ....

      ~~~~~ Current runs (hklm hkcu "run" Keys Only)
      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "ATIPTA"="C:\\Program Files\\ATI Technologies\\ATI Control Panel\\atiptaxx.exe"
      "AGRSMMSG"="AGRSMMSG.exe"
      "SunJavaUpdateSched"="C:\\Program Files\\Java\\jre1.5.0_06\\bin\\jusched.exe"

      [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "ctfmon.exe"="C:\\WINDOWS\\system32\\ctfmon.exe"
      ....
      Hosts file was reset, If you use a custom hosts file please replace it...
      ~~~~~ End report ~~~~~






      Logfile of HijackThis v1.99.1
      Scan saved at 08:18:38, on 24/03/2008
      Platform: Windows XP SP2 (WinNT 5.01.2600)
      MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

      Running processes:
      C:\WINDOWS\System32\smss.exe
      C:\WINDOWS\system32\winlogon.exe
      C:\WINDOWS\system32\services.exe
      C:\WINDOWS\system32\lsass.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\System32\svchost.exe
      C:\WINDOWS\system32\spoolsv.exe
      C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
      C:\WINDOWS\Explorer.EXE
      C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
      C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe
      C:\Program Files\Autodesk\3dsMax8\mentalray\satellite\raysat_3dsmax8server.exe
      C:\WINDOWS\system32\notepad.exe
      C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
      C:\WINDOWS\AGRSMMSG.exe
      C:\WINDOWS\system32\ctfmon.exe
      C:\Program Files\Mozilla Firefox\firefox.exe
      C:\WINDOWS\system32\msiexec.exe
      C:\Documents and Settings\Fredi\Bureau\pakage antiviral\test.exe

      R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
      O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
      O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
      O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
      O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
      O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
      O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
      O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
      O8 - Extra context menu item: &eBay Search - res://C:\Program Files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html
      O8 - Extra context menu item: Envoyer à &Bluetooth - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie_ctx.htm
      O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
      O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
      O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie.htm
      O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie.htm
      O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
      O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
      O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
      O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
      O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
      O14 - IERESET.INF: START_PAGE_URL=https://www.targa.gmbh/eng/targa/
      O17 - HKLM\System\CCS\Services\Tcpip\..\{201DE11F-88F5-43C0-9020-7B450DD8653B}: NameServer = 213.234.192.7 195.14.50.21
      O17 - HKLM\System\CS2\Services\Tcpip\..\{201DE11F-88F5-43C0-9020-7B450DD8653B}: NameServer = 213.234.192.7 195.14.50.21
      O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
      O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
      O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
      O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
      O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
      O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
      O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe
      O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
      O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe
      O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe
      O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe
      O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
      O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
      O23 - Service: RaySat_3dsmax8 Server (mi-raysat_3dsmax8) - Unknown owner - C:\Program Files\Autodesk\3dsMax8\mentalray\satellite\raysat_3dsmax8server.exe

      je vais voir ce que ca donne et je te tiens au courant.

      En attendant merci pour ton aide qui m'ait tres precieuse

      ++
      0
  9. ^^Marie^^ Messages postés 41884 Date d'inscription   Statut Membre Dernière intervention   3 280
     
    Salur

    relance smitfraud option 5
    Stp

    0