Probléme de spyware

iceman -  
 Utilisateur anonyme -
Bonjour

Depuis dimanche dernier, il y avait trois icones sur mon bureau, Error cleaner, Privacy Protector et Spyware&Malware protection. De plus en bas à droite de l'écran un rond rouge avec une croix blanche qui clignote et qui me disait "System alert". Dés lors, j'ai utilisé spybot pour les effacer. Cependant, une icone persiste c'est privacy protector et un triangle jaune avec un point d'exclamation noir à l'intérieur a succédé a la croix blanche. Mais le triangle s'enléve en cliquan dessus et il ouvre une page web pour un antispyware... En outre, aprés quelques instant j'ai constaté que les trois icones réapparaissent. Je recoit par intermitence une fenetre qui me dit que je suis attaqué par un virus Wormwin 32. Pourtant, mon pack securité de neuf telecom ne détecte rien...
Je ne sait plus quoi faire.
Donc, est ce que quelqu'un pourrait m'aider et m'indiquer la marche à suivre pour éliminer ce probleme.
Merci de votre aide....
A voir également:

54 réponses

Précédent
Réponse 21 / 54
mikia06
 
ok je reste avec toi je vais arreter la discussion avec l'autre helper...nan mais comme tu ne me répondais pas j'ai penser que tu en avait marre de m'aider....dsl encore je ne savais pas que ce n'était pas bon...
0
Utilisateur anonyme
 
pas de souci donc suis bien les démarches de mon dernier post
0
Réponse 22 / 54
mikia06
 
voila le rapport smitfraud:

SmitFraudFix v2.315

Rapport fait à 18:02:45,20, 22/04/2008
Executé à partir de C:\Documents and Settings\FARID\Bureau\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Le type du système de fichiers est NTFS
Fix executé en mode normal

»»»»»»»»»»»»»»»»»»»»»»»» Process

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\Program Files\Norton Internet Security\ISSVC.exe
C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\PROGRA~1\PACKSC~1\backweb\361343\Program\SERVIC~1.EXE
c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe
C:\Program Files\Pack Sécurité\Anti-Virus\fsgk32st.exe
C:\Program Files\Pack Sécurité\backweb\361343\Program\fspex.exe
C:\Program Files\Pack Sécurité\Anti-Virus\FSGK32.EXE
C:\Program Files\Pack Sécurité\backweb\361343\program\fsbwsys.exe
C:\Program Files\Pack Sécurité\Common\FSMA32.EXE
c:\APPS\HIDSERVICE\HIDSERVICE.exe
C:\Program Files\Pack Sécurité\Common\FSMB32.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Pack Sécurité\Common\FCH32.EXE
C:\Program Files\Microsoft SQL Server\MSSQL$INVENTORCONTENT\Binn\sqlservr.exe
C:\Program Files\Pack Sécurité\Anti-Virus\fsqh.exe
C:\Program Files\Pack Sécurité\Common\FAMEH32.EXE
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\Program Files\Pack Sécurité\Anti-Virus\fsrw.exe
C:\Program Files\Pack Sécurité\FSPC\fspc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\system32\svchost.exe
c:\APPS\Powercinema\Kernel\TV\CLSched.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\Apps\Powercinema\PCMService.exe
C:\apps\ABoard\ABoard.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\apps\ABoard\AOSD.exe
C:\Program Files\D-Tools\daemon.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Pack Sécurité\Common\FSM32.EXE
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\BitComet\BitComet.exe
C:\Program Files\Pack Sécurité\FWES\Program\fsdfwd.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Pack Sécurité\Anti-Virus\fssm32.exe
C:\documents and settings\farid\local settings\application data\qddzopibi.exe
C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Pack Sécurité\Anti-Virus\fsav32.exe
C:\Program Files\Pack Sécurité\Anti-Spyware\fsaw.exe
C:\Program Files\Pack Sécurité\FSGUI\fsguidll.exe
C:\Documents and Settings\FARID\Bureau\test.exe.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NSMdtr.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\cmd.exe

»»»»»»»»»»»»»»»»»»»»»»»» hosts

Fichier hosts corrompu !

127.0.0.1 www.legal-at-spybot.info
127.0.0.1 legal-at-spybot.info

»»»»»»»»»»»»»»»»»»»»»»»» C:\


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32


»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\FARID


»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\FARID\Application Data


»»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer


»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\FARID\Favoris


»»»»»»»»»»»»»»»»»»»»»»»» Bureau

C:\DOCUME~1\FARID\Bureau\Privacy Protector.url PRESENT !

»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files


»»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues


»»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau



»»»»»»»»»»»»»»»»»»»»»»»» IEDFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
0
Utilisateur anonyme
 
ok maintenant l'étape2 et le rapport de virtu

à+
0
Réponse 23 / 54
mikia06
 
voici le rapport smifraud:

SmitFraudFix v2.315

Rapport fait à 18:16:15,01, 22/04/2008
Executé à partir de C:\Documents and Settings\FARID\Bureau\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Le type du système de fichiers est NTFS
Fix executé en mode sans echec

»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Avant SmitFraudFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

»»»»»»»»»»»»»»»»»»»»»»»» Arret des processus


»»»»»»»»»»»»»»»»»»»»»»»» hosts


127.0.0.1 localhost
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.1001-search.info
127.0.0.1 1001-search.info
127.0.0.1 www.100888290cs.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 www.10sek.com
127.0.0.1 10sek.com
127.0.0.1 www.123topsearch.com
127.0.0.1 123topsearch.com
127.0.0.1 www.132.com
127.0.0.1 132.com
127.0.0.1 www.136136.net
127.0.0.1 136136.net
127.0.0.1 www.139mm.com
127.0.0.1 139mm.com
127.0.0.1 www.163ns.com
127.0.0.1 163ns.com
127.0.0.1 171203.com
127.0.0.1 17-plus.com
127.0.0.1 www.1800searchonline.com
127.0.0.1 1800searchonline.com
127.0.0.1 www.180searchassistant.com
127.0.0.1 180searchassistant.com
127.0.0.1 www.180solutions.com
127.0.0.1 180solutions.com
127.0.0.1 www.181.365soft.info
127.0.0.1 181.365soft.info
127.0.0.1 www.1987324.com
127.0.0.1 1987324.com
127.0.0.1 www.1-domains-registrations.com
127.0.0.1 1-domains-registrations.com
127.0.0.1 www.1-extreme.biz
127.0.0.1 1-extreme.biz
127.0.0.1 www.1sexparty.com
127.0.0.1 1sexparty.com
127.0.0.1 www.1stantivirus.com
127.0.0.1 1stantivirus.com
127.0.0.1 www.1stpagehere.com
127.0.0.1 1stpagehere.com
127.0.0.1 www.1stsearchportal.com
127.0.0.1 1stsearchportal.com
127.0.0.1 2.82211.net
127.0.0.1 www.2006ooo.com
127.0.0.1 www.2007-download.com
127.0.0.1 2007-download.com
127.0.0.1 www.2020search.com
127.0.0.1 2020search.com
127.0.0.1 20x2p.com
127.0.0.1 www.24.365soft.info
127.0.0.1 24.365soft.info
127.0.0.1 www.24-7pharmacy.info
127.0.0.1 24-7pharmacy.info
127.0.0.1 www.24-7searching-and-more.com
127.0.0.1 24-7searching-and-more.com
127.0.0.1 www.24teen.com
127.0.0.1 24teen.com
127.0.0.1 www.2every.net
127.0.0.1 2every.net
127.0.0.1 2ndpower.com
127.0.0.1 www.2search.com
127.0.0.1 2search.com
127.0.0.1 www.2search.org
127.0.0.1 2search.org
127.0.0.1 www.2squared.com
127.0.0.1 2squared.com
127.0.0.1 www.3322.org
127.0.0.1 3322.org
127.0.0.1 365soft.info
127.0.0.1 www.36site.com
127.0.0.1 36site.com
127.0.0.1 3721.com
127.0.0.1 39-93.com
127.0.0.1 www.3abetterinternet.com
127.0.0.1 3abetterinternet.com
127.0.0.1 www.3bay.it
127.0.0.1 3bay.it
127.0.0.1 www.3ebay.it
127.0.0.1 3ebay.it
127.0.0.1 www.3xclipsonline.com
127.0.0.1 3xclipsonline.com
127.0.0.1 www.3xcurves.com
127.0.0.1 3xcurves.com
127.0.0.1 www.3xfestival.com
127.0.0.1 3xfestival.com
127.0.0.1 www.3x-festival.com
127.0.0.1 3x-festival.com
127.0.0.1 www.3x-galls.com
127.0.0.1 3x-galls.com
127.0.0.1 www.3xmiracle.com
127.0.0.1 3xmiracle.com
127.0.0.1 www.3xmoviesblog.com
127.0.0.1 3xmoviesblog.com
127.0.0.1 www.404dns.com
127.0.0.1 404dns.com
127.0.0.1 www.4199.com
127.0.0.1 4199.com
127.0.0.1 www.4corn.net
127.0.0.1 4corn.net
127.0.0.1 www.4ebay.it
127.0.0.1 4ebay.it
127.0.0.1 4klm.com
127.0.0.1 www.4mpg.com
127.0.0.1 4mpg.com
127.0.0.1 www.4repubblica.it
127.0.0.1 4repubblica.it
127.0.0.1 www.4softget.com
127.0.0.1 4softget.com
127.0.0.1 www.5iscali.it
127.0.0.1 5iscali.it
127.0.0.1 www.5repubblica.it
127.0.0.1 5repubblica.it
127.0.0.1 www.5starvideos.com
127.0.0.1 5starvideos.com
127.0.0.1 www.5tiscali.it
127.0.0.1 5tiscali.it
127.0.0.1 www.5zgmu7o20kt5d8yq.com
127.0.0.1 5zgmu7o20kt5d8yq.com
127.0.0.1 www.680180.net
127.0.0.1 680180.net
127.0.0.1 www.6iscali.it
127.0.0.1 6iscali.it
127.0.0.1 www.6njaga.com
127.0.0.1 6njaga.com
127.0.0.1 www.6sek.com
127.0.0.1 6sek.com
127.0.0.1 www.6tiscali.it
127.0.0.1 6tiscali.it
127.0.0.1 www.70-music.com
127.0.0.1 70-music.com
127.0.0.1 www.7322.com
127.0.0.1 7322.com
127.0.0.1 75tz.com
127.0.0.1 www.777search.com
127.0.0.1 777search.com
127.0.0.1 www.777top.com
127.0.0.1 777top.com
127.0.0.1 www.7939.com
127.0.0.1 7939.com
127.0.0.1 www.7search.com
127.0.0.1 7search.com
127.0.0.1 80gw6ry3i3x3qbrkwhxhw.032439.com
127.0.0.1 www.80-music.com
127.0.0.1 80-music.com
127.0.0.1 82211.net
127.0.0.1 8866.org
127.0.0.1 www.888.com
127.0.0.1 888.com
127.0.0.1 www.8ad.com
127.0.0.1 8ad.com
127.0.0.1 www.90-music.com
127.0.0.1 90-music.com
127.0.0.1 www.9505.com
127.0.0.1 9505.com
127.0.0.1 www.971searchbox.com
127.0.0.1 971searchbox.com
127.0.0.1 a.bestmanage.org
127.0.0.1 www.aaabesthomepage.com
127.0.0.1 aaabesthomepage.com
127.0.0.1 aaasexypics.com
127.0.0.1 www.aaawebfinder.com
127.0.0.1 aaawebfinder.com
127.0.0.1 www.aaqadarsztriv.com
127.0.0.1 aaqadarsztriv.com
127.0.0.1 www.aaqada-rsztriv.com
127.0.0.1 aaqada-rsztriv.com
127.0.0.1 www.aaqadaueorn.com
127.0.0.1 aaqadaueorn.com
127.0.0.1 www.aaqada-ueorn.com
127.0.0.1 aaqada-ueorn.com
127.0.0.1 www.aaqada-ygco.com
127.0.0.1 aaqada-ygco.com
127.0.0.1 www.aaqada-ymct.com
127.0.0.1 aaqada-ymct.com
127.0.0.1 aavc.com
127.0.0.1 www.abcdperformance.com
127.0.0.1 abcdperformance.com
127.0.0.1 www.abc-find.info
127.0.0.1 abc-find.info
127.0.0.1 www.abcsearch.com
127.0.0.1 abcsearch.com
127.0.0.1 www.abetterinternet.com
127.0.0.1 abetterinternet.com
127.0.0.1 www.abnetsoft.info
127.0.0.1 abnetsoft.info
127.0.0.1 www.aboutclicker.com
127.0.0.1 aboutclicker.com
127.0.0.1 www.abrp.net
127.0.0.1 abrp.net
127.0.0.1 www.absolutee.com
127.0.0.1 absolutee.com
127.0.0.1 www.abyssmedia.com
127.0.0.1 abyssmedia.com
127.0.0.1 www.ac66.cn
127.0.0.1 ac66.cn
127.0.0.1 access.navinetwork.com
127.0.0.1 access.rapid-pass.net
127.0.0.1 www.accessactivexvideo.com
127.0.0.1 accessactivexvideo.com
127.0.0.1 www.accessclips.com
127.0.0.1 accessclips.com
127.0.0.1 www.access-dvd.com
127.0.0.1 access-dvd.com
127.0.0.1 www.accesskeygenerator.com
127.0.0.1 accesskeygenerator.com
127.0.0.1 www.accessthefuture.net
127.0.0.1 accessthefuture.net
127.0.0.1 www.accessvid.net
127.0.0.1 accessvid.net
127.0.0.1 www.acemedic.com
127.0.0.1 acemedic.com
127.0.0.1 www.ace-webmaster.com
127.0.0.1 ace-webmaster.com
127.0.0.1 acjp.com
127.0.0.1 www.acrobat-2007.com
127.0.0.1 acrobat-2007.com
127.0.0.1 www.acrobat-8.com
127.0.0.1 acrobat-8.com
127.0.0.1 www.acrobat-center.com
127.0.0.1 acrobat-center.com
127.0.0.1 www.acrobat-hq.com
127.0.0.1 acrobat-hq.com
127.0.0.1 www.acrobatreader-8.com
127.0.0.1 acrobatreader-8.com
127.0.0.1 www.acrobat-reader-8.de
127.0.0.1 acrobat-reader-8.de
127.0.0.1 www.acrobat-stop.com
127.0.0.1 acrobat-stop.com
127.0.0.1 www.actionbreastcancer.org
127.0.0.1 actionbreastcancer.org
127.0.0.1 www.activesearcher.info
127.0.0.1 activesearcher.info
127.0.0.1 www.activexaccessobject.com
127.0.0.1 activexaccessobject.com
127.0.0.1 www.activexaccessvideo.com
127.0.0.1 activexaccessvideo.com
127.0.0.1 www.activexemedia.com
127.0.0.1 activexemedia.com
127.0.0.1 www.activexmediaobject.com
127.0.0.1 activexmediaobject.com
127.0.0.1 www.activexmediapro.com
127.0.0.1 activexmediapro.com
127.0.0.1 www.activexmediasite.com
127.0.0.1 activexmediasite.com
127.0.0.1 www.activexmediasoftware.com
127.0.0.1 activexmediasoftware.com
127.0.0.1 www.activexmediasource.com
127.0.0.1 activexmediasource.com
127.0.0.1 www.activexmediatool.com
127.0.0.1 activexmediatool.com
127.0.0.1 www.activexmediatour.com
127.0.0.1 activexmediatour.com
127.0.0.1 www.activexsoftwares.com
127.0.0.1 activexsoftwares.com
127.0.0.1 www.activexsource.com
127.0.0.1 activexsource.com
127.0.0.1 www.activexupdate.com
127.0.0.1 activexupdate.com
127.0.0.1 www.activexvideo.com
127.0.0.1 activexvideo.com
127.0.0.1 www.activexvideotool.com
127.0.0.1 activexvideotool.com
127.0.0.1 www.ad.marketingsector.com
127.0.0.1 ad.marketingsector.com
127.0.0.1 www.ad.mokead.com
127.0.0.1 ad.mokead.com
127.0.0.1 ad.oinadserver.com
127.0.0.1 ad.outerinfoads.com
127.0.0.1 www.ad25.com
127.0.0.1 ad25.com
127.0.0.1 www.ad45.com
127.0.0.1 ad45.com
127.0.0.1 www.ad77.com
127.0.0.1 ad77.com
127.0.0.1 www.ad86.com
127.0.0.1 ad86.com
127.0.0.1 www.adamsupportgroup.org
127.0.0.1 adamsupportgroup.org
127.0.0.1 www.adarmor.com
127.0.0.1 adarmor.com
127.0.0.1 www.adasearch.com
127.0.0.1 adasearch.com
127.0.0.1 adaware.cc
127.0.0.1 www.adawarenow.com
127.0.0.1 adawarenow.com
127.0.0.1 adchannel.contextplus.net
127.0.0.1 www.addetect.com
127.0.0.1 addetect.com
127.0.0.1 www.add-hhh.info
127.0.0.1 add-hhh.info
127.0.0.1 www.addictivetechnologies.com
127.0.0.1 addictivetechnologies.com
127.0.0.1 www.addictivetechnologies.net
127.0.0.1 addictivetechnologies.net
127.0.0.1 www.addioerrori.com
127.0.0.1 addioerrori.com
127.0.0.1 www.add-manager.com
127.0.0.1 add-manager.com
127.0.0.1 www.adgate.info
127.0.0.1 adgate.info
127.0.0.1 www.adintelligence.net
127.0.0.1 adintelligence.net
127.0.0.1 www.adioserrores.com
127.0.0.1 adioserrores.com
127.0.0.1 www.adipics.com
127.0.0.1 adipics.com
127.0.0.1 www.adlogix.com
127.0.0.1 adlogix.com
127.0.0.1 www.admin2cash.biz
127.0.0.1 admin2cash.biz
127.0.0.1 adnet-plus.com
127.0.0.1 www.adnetserver.com
127.0.0.1 adnetserver.com
127.0.0.1 adobe-download-now.com
127.0.0.1 www.adobe-downloads.com
127.0.0.1 adobe-downloads.com
127.0.0.1 www.adobe-reader-8.fr
127.0.0.1 adobe-reader-8.fr
127.0.0.1 www.adprotect.com
127.0.0.1 adprotect.com
127.0.0.1 ads.centralmedia.ws
127.0.0.1 ads.k8l.info
127.0.0.1 ads.kmpads.com
127.0.0.1 ads.kw.revenue.net
127.0.0.1 ads.marketingsector.com
127.0.0.1 ads.searchingbooth.com
127.0.0.1 ads.z-quest.com
127.0.0.1 ads1.revenue.net
127.0.0.1 www.ads183.com
127.0.0.1 ads183.com
127.0.0.1 www.adscontex.com
127.0.0.1 adscontex.com
127.0.0.1 www.adservices1.enhance.com
127.0.0.1 adservices1.enhance.com
127.0.0.1 adservs.com
127.0.0.1 www.adsextend.net
127.0.0.1 adsextend.net
127.0.0.1 www.adshttp.com
127.0.0.1 adshttp.com
127.0.0.1 www.adsniffer.com
127.0.0.1 adsniffer.com
127.0.0.1 www.adsonwww.com
127.0.0.1 adsonwww.com
127.0.0.1 www.adspics.com
127.0.0.1 adspics.com
127.0.0.1 www.adsrevenue.net
127.0.0.1 adsrevenue.net
127.0.0.1 www.adtrak.net
127.0.0.1 adtrak.net
127.0.0.1 adtrgt.com
127.0.0.1 www.adult777search.info
127.0.0.1 adult777search.info
127.0.0.1 www.adultan.com
127.0.0.1 adultan.com
127.0.0.1 www.adult-engine-search.com
127.0.0.1 adult-engine-search.com
127.0.0.1 www.adult-erotic-guide.net
127.0.0.1 adult-erotic-guide.net
127.0.0.1 www.adultfilmsite.com
127.0.0.1 adultfilmsite.com
127.0.0.1 www.adult-friends-finder.net
127.0.0.1 adult-friends-finder.net
127.0.0.1 adultgambling.org
127.0.0.1 adult-host.org
127.0.0.1 www.adulthyperlinks.com
127.0.0.1 adulthyperlinks.com
127.0.0.1 www.adultmovieplus.com
127.0.0.1 adultmovieplus.com
127.0.0.1 www.adult-mpg.net
127.0.0.1 adult-mpg.net
127.0.0.1 adult-personal.us
127.0.0.1 adultsgames.net
127.0.0.1 www.adultsonlyvids.com
127.0.0.1 adultsonlyvids.com
127.0.0.1 www.adultsper.com
127.0.0.1 adultsper.com
127.0.0.1 www.adulttds.com
127.0.0.1 adulttds.com
127.0.0.1 www.adultzoneworld.com
127.0.0.1 adultzoneworld.com
127.0.0.1 www.advancedcleaner.com
127.0.0.1 advancedcleaner.com
127.0.0.1 www.advcash.biz
127.0.0.1 advcash.biz
127.0.0.1 advert.exaccess.ru
127.0.0.1 www.advertisemoney.info
127.0.0.1 advertisemoney.info
127.0.0.1 advertising.paltalk.com
127.0.0.1 www.advertising-money.info
127.0.0.1 advertising-money.info
127.0.0.1 ad-ware.cc
127.0.0.1 www.ad-w-a-r-e.com
127.0.0.1 ad-w-a-r-e.com
127.0.0.1 www.a-d-w-a-r-e.com
127.0.0.1 a-d-w-a-r-e.com
127.0.0.1 www.adware.pro
127.0.0.1 adware.pro
127.0.0.1 www.adwarealert.com
127.0.0.1 adwarealert.com
127.0.0.1 www.ad-warealert.com
127.0.0.1 ad-warealert.com
127.0.0.1 www.adwarearrest.com
127.0.0.1 adwarearrest.com
127.0.0.1 www.adwarebazooka.com
127.0.0.1 adwarebazooka.com
127.0.0.1 www.adwarecommander.com
127.0.0.1 adwarecommander.com
127.0.0.1 www.adwarefinder.com
127.0.0.1 adwarefinder.com
127.0.0.1 www.adwaregold.com
127.0.0.1 adwaregold.com
127.0.0.1 www.adwarepatrol.com
127.0.0.1 adwarepatrol.com
127.0.0.1 www.adwareplatinum.com
127.0.0.1 adwareplatinum.com
127.0.0.1 www.adwareprotectionsite.com
127.0.0.1 adwareprotectionsite.com
127.0.0.1 www.adwarepunisher.com
127.0.0.1 adwarepunisher.com
127.0.0.1 www.adwareremover.ws
127.0.0.1 adwareremover.ws
127.0.0.1 www.adwaresafety.com
127.0.0.1 adwaresafety.com
127.0.0.1 www.adwarexp.com
127.0.0.1 adwarexp.com
127.0.0.1 affiliate.idownload.com
127.0.0.1 www.aflgate.com
127.0.0.1 aflgate.com
127.0.0.1 africaspromise.org
127.0.0.1 agava.com
127.0.0.1 agava.ru
127.0.0.1 agentstudio.com
127.0.0.1 www.aginegialle.it
127.0.0.1 aginegialle.it
127.0.0.1 www.ahnenforschung.de
127.0.0.1 ahnenforschung.de
127.0.0.1 aifind.info
127.0.0.1 www.aifind.info
127.0.0.1 www.airtleworld.com
127.0.0.1 airtleworld.com
127.0.0.1 www.aitalia.it
127.0.0.1 aitalia.it
127.0.0.1 akamai.downloadv3.com
127.0.0.1 www.aklitalia.it
127.0.0.1 aklitalia.it
127.0.0.1 akril.com
127.0.0.1 alcatel.ws
127.0.0.1 www.alertspy.com
127.0.0.1 alertspy.com
127.0.0.1 www.alfacleaner.com
127.0.0.1 alfacleaner.com
127.0.0.1 alfa-search.com
127.0.0.1 www.alialia.it
127.0.0.1 alialia.it
127.0.0.1 www.aliotalia.it
127.0.0.1 aliotalia.it
127.0.0.1 www.alirtalia.it
127.0.0.1 alirtalia.it
127.0.0.1 www.alitaia.it
127.0.0.1 alitaia.it
127.0.0.1 www.alitaklia.it
127.0.0.1 alitaklia.it
127.0.0.1 www.alitala.it
127.0.0.1 alitala.it
127.0.0.1 www.alitali.it
127.0.0.1 alitali.it
127.0.0.1 www.alitaliaq.it
127.0.0.1 alitaliaq.it
127.0.0.1 www.alitalias.it
127.0.0.1 alitalias.it
127.0.0.1 www.alitaliaz.it
127.0.0.1 alitaliaz.it
127.0.0.1 www.alitalioa.it
127.0.0.1 alitalioa.it
127.0.0.1 www.alitalisa.it
127.0.0.1 alitalisa.it
127.0.0.1 www.alitaliua.it
127.0.0.1 alitaliua.it
127.0.0.1 www.alitalkia.it
127.0.0.1 alitalkia.it
127.0.0.1 www.alitaloia.it
127.0.0.1 alitaloia.it
127.0.0.1 www.alitaluia.it
127.0.0.1 alitaluia.it
127.0.0.1 www.alitaslia.it
127.0.0.1 alitaslia.it
127.0.0.1 www.alitlia.it
127.0.0.1 alitlia.it
127.0.0.1 www.alitralia.it
127.0.0.1 alitralia.it
127.0.0.1 www.alitsalia.it
127.0.0.1 alitsalia.it
127.0.0.1 www.aliutalia.it
127.0.0.1 aliutalia.it
127.0.0.1 www.all1count.net
127.0.0.1 all1count.net
127.0.0.1 www.all4internet.com
127.0.0.1 all4internet.com
127.0.0.1 allabtcars.com
127.0.0.1 allabtjeeps.com
127.0.0.1 www.all-bittorrent.com
127.0.0.1 all-bittorrent.com
127.0.0.1 www.allcollisions.com
127.0.0.1 allcollisions.com
127.0.0.1 allcybersearch.com
127.0.0.1 www.allcybersearch.com
127.0.0.1 www.alldnserrors.com
127.0.0.1 alldnserrors.com
127.0.0.1 www.all-downloads-now.com
127.0.0.1 all-downloads-now.com
127.0.0.1 www.all-edonkey.com
127.0.0.1 all-edonkey.com
127.0.0.1 www.allertaminacce.com
127.0.0.1 allertaminacce.com
127.0.0.1 allforadult.com
127.0.0.1 allhyperlinks.com
127.0.0.1 www.alliesecurity.com
127.0.0.1 alliesecurity.com
127.0.0.1 all-inet.com
127.0.0.1 allinternetbusiness.com
127.0.0.1 www.all-limewire.com
127.0.0.1 all-limewire.com
127.0.0.1 www.allmegabucks.com
127.0.0.1 allmegabucks.com
127.0.0.1 www.allprotections.com
127.0.0.1 allprotections.com
127.0.0.1 www.allresultz.net
127.0.0.1 allresultz.net
127.0.0.1 www.allsearch.us
127.0.0.1 allsearch.us
127.0.0.1 www.allsecuritynotes.com
127.0.0.1 allsecuritynotes.com
127.0.0.1 www.allsecuritysite.com
127.0.0.1 allsecuritysite.com
127.0.0.1 www.allstarsvideos.net
127.0.0.1 allstarsvideos.net
127.0.0.1 www.alltiettantivirus.com
127.0.0.1 alltiettantivirus.com
127.0.0.1 www.alltruesoftware.com
127.0.0.1 alltruesoftware.com
127.0.0.1 www.allvideoactivex.com
127.0.0.1 allvideoactivex.com
127.0.0.1 www.almanah.biz
127.0.0.1 almanah.biz
127.0.0.1 almarvideos.com
127.0.0.1 www.aloitalia.it
127.0.0.1 aloitalia.it
127.0.0.1 www.aluitalia.it
127.0.0.1 aluitalia.it
127.0.0.1 www.amaena.com
127.0.0.1 amaena.com
127.0.0.1 amandamountains.com
127.0.0.1 www.amateurliveshow.com
127.0.0.1 amateurliveshow.com
127.0.0.1 www.amediasoftware.com
127.0.0.1 amediasoftware.com
127.0.0.1 www.amediasource.com
127.0.0.1 amediasource.com
127.0.0.1 www.americanautobargains.com
127.0.0.1 americanautobargains.com
127.0.0.1 www.americancarbargains.com
127.0.0.1 americancarbargains.com
127.0.0.1 american-teens.net
127.0.0.1 amigeek.com
127.0.0.1 www.amigobore.com
127.0.0.1 amigobore.com
127.0.0.1 amisbusiness.com
127.0.0.1 www.ampmsearch.com
127.0.0.1 ampmsearch.com
127.0.0.1 www.analcord.com
127.0.0.1 analcord.com
127.0.0.1 analmovi.com
127.0.0.1 www.anarchylolita.com
127.0.0.1 anarchylolita.com
127.0.0.1 anarchyporn.com
127.0.0.1 www.andromedical.com
127.0.0.1 andromedical.com
127.0.0.1 www.animepornmag.com
127.0.0.1 animepornmag.com
127.0.0.1 anin.org
127.0.0.1 www.anjpn-avxiz.biz
127.0.0.1 anjpn-avxiz.biz
127.0.0.1 www.anjpnzqav.biz
127.0.0.1 anjpnzqav.biz
127.0.0.1 www.anjpn-zqav.biz
127.0.0.1 anjpn-zqav.biz
127.0.0.1 annaromeo.com
127.0.0.1 www.antiddos.us
127.0.0.1 antiddos.us
127.0.0.1 www.antiespiadorado.com
127.0.0.1 antiespiadorado.com
127.0.0.1 www.antiespionspack.com
127.0.0.1 antiespionspack.com
127.0.0.1 www.antigusanos2008.com
127.0.0.1 antigusanos2008.com
127.0.0.1 www.antispamassistant.com
127.0.0.1 antispamassistant.com
127.0.0.1 www.antispamdeluxe.com
127.0.0.1 antispamdeluxe.com
127.0.0.1 www.antispionage.com
127.0.0.1 antispionage.com
127.0.0.1 www.antispionagepro.com
127.0.0.1 antispionagepro.com
127.0.0.1 www.antispyadvanced.com
127.0.0.1 antispyadvanced.com
127.0.0.1 www.antispydns.biz
127.0.0.1 antispydns.biz
127.0.0.1 www.antispykit.com
127.0.0.1 antispykit.com
127.0.0.1 www.antispylab.com
127.0.0.1 antispylab.com
127.0.0.1 www.antispyshield.com
127.0.0.1 antispyshield.com
127.0.0.1 www.antispysolutions.com
127.0.0.1 antispysolutions.com
127.0.0.1 www.antispyware.com
127.0.0.1 antispyware.com
127.0.0.1 www.antispywareboot.com
127.0.0.1 antispywareboot.com
127.0.0.1 www.antispywarebot.com
127.0.0.1 antispywarebot.com
127.0.0.1 www.antispywarebox.com
127.0.0.1 antispywarebox.com
127.0.0.1 www.antispywaredownloads.com
127.0.0.1 antispywaredownloads.com
127.0.0.1 www.antispywaresuite.com
127.0.0.1 antispywaresuite.com
127.0.0.1 www.antispywareupdates.net
127.0.0.1 antispywareupdates.net
127.0.0.1 www.antispywarexp.com
127.0.0.1 antispywarexp.com
127.0.0.1 www.antispyweb.net
127.0.0.1 antispyweb.net
127.0.0.1 www.antiver2008.com
127.0.0.1 antiver2008.com
127.0.0.1 www.antivermins.com
127.0.0.1 antivermins.com
127.0.0.1 www.anti-vermins.com
127.0.0.1 anti-vermins.com
127.0.0.1 www.antivir2007.com
127.0.0.1 antivir2007.com
127.0.0.1 www.antivirgear.com
127.0.0.1 antivirgear.com
127.0.0.1 www.antivirus.fastfreedownload.com
127.0.0.1 antivirus.fastfreedownload.com
127.0.0.1 www.antivirusadvance.com
127.0.0.1 antivirusadvance.com
127.0.0.1 www.antivirusaskeladd.com
127.0.0.1 antivirusaskeladd.com
127.0.0.1 www.antivirusgereedschap.com
127.0.0.1 antivirusgereedschap.com
127.0.0.1 www.antivirusgolden.com
127.0.0.1 antivirusgolden.com
127.0.0.1 www.antivirus-hq.net
127.0.0.1 antivirus-hq.net
127.0.0.1 www.antiviruspcsuite.com
127.0.0.1 antiviruspcsuite.com
127.0.0.1 www.antiviruspremium.com
127.0.0.1 antiviruspremium.com
127.0.0.1 www.anti-virus-pro.com
127.0.0.1 anti-virus-pro.com
127.0.0.1 www.antivirusprotector.com
127.0.0.1 antivirusprotector.com
127.0.0.1 www.antivirusscherm.com
127.0.0.1 antivirusscherm.com
127.0.0.1 www.antivirussecuritypro.com
127.0.0.1 antivirussecuritypro.com
127.0.0.1 www.antivirus-stop.com
127.0.0.1 antivirus-stop.com
127.0.0.1 www.antiworm2008.com
127.0.0.1 antiworm2008.com
127.0.0.1 www.antiwurm2008.com
127.0.0.1 antiwurm2008.com
127.0.0.1 antrocity.com
127.0.0.1 www.anyofus.com
127.0.0.1 anyofus.com
127.0.0.1 www.anysn.seproger.com
127.0.0.1 anysn.seproger.com
127.0.0.1 anything4health.com
127.0.0.1 www.apicpreview.com
127.0.0.1 apicpreview.com
127.0.0.1 www.appealcircuit.com
127.0.0.1 appealcircuit.com
127.0.0.1 www.approvedlinks.com
127.0.0.1 approvedlinks.com
127.0.0.1 apps.deskwizz.com
127.0.0.1 apps.webservicehost.com
127.0.0.1 www.aprotectedpage.com
127.0.0.1 aprotectedpage.com
127.0.0.1 apsua.com
127.0.0.1 www.archivioadulti.com
127.0.0.1 archivioadulti.com
127.0.0.1 www.archiviosex.net
127.0.0.1 archiviosex.net
127.0.0.1 aregay.com
127.0.0.1 www.ares.click-new-download.com
127.0.0.1 ares.click-new-download.com
127.0.0.1 www.ares-freebie.com
127.0.0.1 ares-freebie.com
127.0.0.1 www.arespro2007.com
127.0.0.1 arespro2007.com
127.0.0.1 www.aresultra.com
127.0.0.1 aresultra.com
127.0.0.1 www.ares-usa.com
127.0.0.1 ares-usa.com
127.0.0.1 arheo.com
127.0.0.1 arizonaweb.org
127.0.0.1 armitageinn.com
127.0.0.1 www.arquivojpgs.smtp.ru
127.0.0.1 arquivojpgs.smtp.ru
127.0.0.1 artachnid.com
127.0.0.1 art-func.com
127.0.0.1 art-xxx.com
127.0.0.1 www.asafebrowser.com
127.0.0.1 asafebrowser.com
127.0.0.1 www.asafetyalways.com
127.0.0.1 asafetyalways.com
127.0.0.1 www.asafetynotice.com
127.0.0.1 asafetynotice.com
127.0.0.1 www.asafetypage.com
127.0.0.1 asafetypage.com
127.0.0.1 www.asdbiz.biz
127.0.0.1 asdbiz.biz
127.0.0.1 www.asdeykuddq.com
127.0.0.1 asdeykuddq.com
127.0.0.1 www.asecurebar.com
127.0.0.1 asecurebar.com
127.0.0.1 www.asecureboard.com
127.0.0.1 asecureboard.com
127.0.0.1 www.asecurevalue.com
127.0.0.1 asecurevalue.com
127.0.0.1 www.asecurityissue.com
127.0.0.1 asecurityissue.com
127.0.0.1 www.asecuritynotice.com
127.0.0.1 asecuritynotice.com
127.0.0.1 www.asecuritypaper.com
127.0.0.1 asecuritypaper.com
127.0.0.1 www.asecuritystuff.com
127.0.0.1 asecuritystuff.com
127.0.0.1 asiankingkong.com
127.0.0.1 www.asianpornmag.com
127.0.0.1 asianpornmag.com
127.0.0.1 www.asiantoolbar.com
127.0.0.1 asiantoolbar.com
127.0.0.1 www.asidseiupc.com
127.0.0.1 asidseiupc.com
127.0.0.1 www.aslitalia.it
127.0.0.1 aslitalia.it
127.0.0.1 ass-gals.com
127.0.0.1 www.assureprotection.com
127.0.0.1 assureprotection.com
127.0.0.1 asta-killer.com
127.0.0.1 www.astrologie-server.com
127.0.0.1 astrologie-server.com
127.0.0.1 www.asupereva.it
127.0.0.1 asupereva.it
127.0.0.1 www.ataprogram.com
127.0.0.1 ataprogram.com
127.0.0.1 athenrye.com
127.0.0.1 www.atotalsafety.com
127.0.0.1 atotalsafety.com
127.0.0.1 www.atrueprotection.com
127.0.0.1 atrueprotection.com
127.0.0.1 www.atruesecurity.com
127.0.0.1 atruesecurity.com
127.0.0.1 www.attackware.com
127.0.0.1 attackware.com
127.0.0.1 www.attrezzi.biz
127.0.0.1 attrezzi.biz
127.0.0.1 www.aucunsvirus.com
127.0.0.1 aucunsvirus.com
127.0.0.1 www.aulde.net
127.0.0.1 aulde.net
127.0.0.1 www.aupereva.it
127.0.0.1 aupereva.it
127.0.0.1 www.autobargains.org
127.0.0.1 autobargains.org
127.0.0.1 www.autobargainsnetwork.com
127.0.0.1 autobargainsnetwork.com
127.0.0.1 www.autocontext.begun.ru
127.0.0.1 autocontext.begun.ru
127.0.0.1 autoescrowpay.com
127.0.0.1 www.avadvance.com
127.0.0.1 avadvance.com
127.0.0.1 www.avast.free-software-center.com
127.0.0.1 avast.free-software-center.com
127.0.0.1 www.avast-2007.com
127.0.0.1 avast-2007.com
127.0.0.1 www.avast-downloads.com
127.0.0.1 avast-downloads.com
127.0.0.1 www.avast-hq.com
127.0.0.1 avast-hq.com
127.0.0.1 www.avforce.com
127.0.0.1 avforce.com
127.0.0.1 www.avg.grab-it-today.net
127.0.0.1 avg.grab-it-today.net
127.0.0.1 www.avg.softwarecenterz.com
127.0.0.1 avg.softwarecenterz.com
127.0.0.1 www.avg-secure.com
127.0.0.1 avg-secure.com
127.0.0.1 www.aviadaptation.com
127.0.0.1 aviadaptation.com
127.0.0.1 avian-ads.com
127.0.0.1 www.avicoupler.com
127.0.0.1 avicoupler.com
127.0.0.1 www.avideoaxaccess.com
127.0.0.1 avideoaxaccess.com
127.0.0.1 www.avideosurfer.com
127.0.0.1 avideosurfer.com
127.0.0.1 www.avidirection.com
127.0.0.1 avidirection.com
127.0.0.1 www.aviewersoft.com
127.0.0.1 aviewersoft.com
127.0.0.1 www.avpcheckupdate.com
127.0.0.1 avpcheckupdate.com
127.0.0.1 www.avsmanufacture.com
127.0.0.1 avsmanufacture.com
127.0.0.1 www.avsystemcare.com
127.0.0.1 avsystemcare.com
127.0.0.1 www.avxizaaqada.biz
127.0.0.1 avxizaaqada.biz
127.0.0.1 www.avxiz-anjpn.biz
127.0.0.1 avxiz-anjpn.biz
127.0.0.1 www.avxizueorn.biz
127.0.0.1 avxizueorn.biz
127.0.0.1 www.avxiz-ueorn.biz
127.0.0.1 avxiz-ueorn.biz
127.0.0.1 www.avxiz-vtvcp.biz
127.0.0.1 avxiz-vtvcp.biz
127.0.0.1 www.avxiz-ygco.biz
127.0.0.1 avxiz-ygco.biz
127.0.0.1 www.avxiz-zqav.biz
127.0.0.1 avxiz-zqav.biz
127.0.0.1 www.awarenesstech.com
127.0.0.1 awarenesstech.com
127.0.0.1 www.awarninglist.com
127.0.0.1 awarninglist.com
127.0.0.1 awbeta.net-nucleus.com
127.0.0.1 www.awesomehomepage.com
127.0.0.1 awesomehomepage.com
127.0.0.1 awmcash.biz
127.0.0.1 awmdabest.com
127.0.0.1 www.axemediasoftware.com
127.0.0.1 axemediasoftware.com
127.0.0.1 www.aximageobject.com
127.0.0.1 aximageobject.com
127.0.0.1 www.axmediaproject.com
127.0.0.1 axmediaproject.com
127.0.0.1 www.axmediasoftware.com
127.0.0.1 axmediasoftware.com
127.0.0.1 www.axmediasolutions.com
127.0.0.1 axmediasolutions.com
127.0.0.1 www.axobjectpage.com
127.0.0.1 axobjectpage.com
127.0.0.1 www.axobjectsource.com
127.0.0.1 axobjectsource.com
127.0.0.1 www.axsoftwaretool.com
127.0.0.1 axsoftwaretool.com
127.0.0.1 www.axvideoproject.com
127.0.0.1 axvideoproject.com
127.0.0.1 www.axvideosetup.com
127.0.0.1 axvideosetup.com
127.0.0.1 ayakawamura.com
127.0.0.1 ayb.dns-look-up.com
127.0.0.1 ayb.netbios-wait.com
127.0.0.1 ayumitaniguchi.com
127.0.0.1 azebar.com
127.0.0.1 www.azureusclub.com
127.0.0.1 azureusclub.com
127.0.0.1 www.azureus-freebie.com
127.0.0.1 azureus-freebie.com
127.0.0.1 www.azzetta.it
127.0.0.1 azzetta.it
127.0.0.1 b.casalemedia.com
127.0.0.1 b122.mcboo.com
127.0.0.1 www.babe.k-lined.com
127.0.0.1 babe.k-lined.com
127.0.0.1 www.babe.the-killer.bz
127.0.0.1 babe.the-killer.bz
127.0.0.1 www.babenet.com
127.0.0.1 babenet.com
127.0.0.1 www.babespornmag.com
127.0.0.1 babespornmag.com
127.0.0.1 www.babeweb.de
127.0.0.1 babeweb.de
127.0.0.1 www.baccarat-other.info
127.0.0.1 baccarat-other.info
127.0.0.1 www.backstripgirls.com
127.0.0.1 backstripgirls.com
127.0.0.1 backup.mabou.org
127.0.0.1 www.baidu.com
127.0.0.1 baidu.com
127.0.0.1 www.balotierra.com
127.0.0.1 balotierra.com
127.0.0.1 bannedhost.net
127.0.0.1 bar.baidu.com
127.0.0.1 barbudafarms.com
127.0.0.1 www.bardownload.com
127.0.0.1 bardownload.com
127.0.0.1 barnandfence.com
127.0.0.1 batsearch.com
127.0.0.1 baygraphicsllc.com
127.0.0.1 bbbsearch.com
127.0.0.1 bb-search.com
127.0.0.1 www.bcnproduction.com
127.0.0.1 bcnproduction.com
127.0.0.1 bdsmlibrary.net
127.0.0.1 www.bdsmpornmag.com
127.0.0.1 bdsmpornmag.com
127.0.0.1 www.bearshare.click-new-download.com
127.0.0.1 bearshare.click-new-download.com
127.0.0.1 www.bearshare.download-me.info
127.0.0.1 bearshare.download-me.info
127.0.0.1 www.bearshare.mp3-muzic.com
127.0.0.1 bearshare.mp3-muzic.com
127.0.0.1 www.bearshare-download.org
127.0.0.1 bearshare-download.org
127.0.0.1 www.bearshare-downloads.net
127.0.0.1 bearshare-downloads.net
127.0.0.1 www.bearsharelive.co.uk
127.0.0.1 bearsharelive.co.uk
127.0.0.1 www.bearshare-music-downloads.com
127.0.0.1 bearshare-music-downloads.com
127.0.0.1 www.bearsharepro2007.com
127.0.0.1 bearsharepro2007.com
127.0.0.1 www.bearshare-usa.com
127.0.0.1 bearshare-usa.com
127.0.0.1 bedhome.com
127.0.0.1 bediadance.com
127.0.0.1 www.beebappyy.biz
127.0.0.1 beebappyy.biz
127.0.0.1 www.begin2search.com
127.0.0.1 begin2search.com
127.0.0.1 bellabasketsfl.com
127.0.0.1 bernaolatwin.com
127.0.0.1 www.berufe-jobs.de
127.0.0.1 berufe-jobs.de
127.0.0.1 www.berufe-server.de
127.0.0.1 berufe-server.de
127.0.0.1 www.berufe-welt.de
127.0.0.1 berufe-welt.de
127.0.0.1 www.berufs-wahl.de
127.0.0.1 berufs-wahl.de
127.0.0.1 www.beruijindegunhadesun.com
127.0.0.1 beruijindegunhadesun.com
127.0.0.1 www.best3xclips.com
127.0.0.1 best3xclips.com
127.0.0.1 www.bestadults.com
127.0.0.1 bestadults.com
127.0.0.1 best-counter.com
127.0.0.1 bestcrawler.com
127.0.0.1 www.bestdailyvids.com
127.0.0.1 bestdailyvids.com
127.0.0.1 bestfor.ru
127.0.0.1 www.bestfuckvids.com
127.0.0.1 bestfuckvids.com
127.0.0.1 best-hardpics.com
127.0.0.1 www.bestmanage.org
127.0.0.1 bestmanage.org
127.0.0.1 www.bestmanage0.org
127.0.0.1 bestmanage0.org
127.0.0.1 www.bestmanage1.org
127.0.0.1 bestmanage1.org
127.0.0.1 www.bestmanage2.org
127.0.0.1 bestmanage2.org
127.0.0.1 www.bestmanage3.org
127.0.0.1 bestmanage3.org
127.0.0.1 www.bestmanage4.org
127.0.0.1 bestmanage4.org
127.0.0.1 www.bestmanage5.org
127.0.0.1 bestmanage5.org
127.0.0.1 www.bestmanage6.org
127.0.0.1 bestmanage6.org
127.0.0.1 www.bestmanage7.org
127.0.0.1 bestmanage7.org
127.0.0.1 www.bestmanage8.org
127.0.0.1 bestmanage8.org
127.0.0.1 www.bestmanage9.org
127.0.0.1 bestmanage9.org
127.0.0.1 www.bestmovszone.com
127.0.0.1 bestmovszone.com
127.0.0.1 www.bestoffersnetworks.com
127.0.0.1 bestoffersnetworks.com
127.0.0.1 bestporngate.com
127.0.0.1 www.bestsafetyguide.net
127.0.0.1 bestsafetyguide.net
127.0.0.1 www.bestsearch.cc
127.0.0.1 bestsearch.cc
127.0.0.1 www.best-spyware.info
127.0.0.1 best-spyware.info
127.0.0.1 www.best-targeted-traffic.com
127.0.0.1 best-targeted-traffic.com
127.0.0.1 www.best-voyeur.info
127.0.0.1 best-voyeur.info
127.0.0.1 bestweblinks.com
127.0.0.1 best-winning-casino.com
127.0.0.1 www.bestworldgirls-for-u.net
127.0.0.1 bestworldgirls-for-u.net
127.0.0.1 www.bestxclips.com
127.0.0.1 bestxclips.com
127.0.0.1 bestxporno.com
127.0.0.1 www.bestxxxmpegs.com
127.0.0.1 bestxxxmpegs.com
127.0.0.1 www.bettersearch.biz
127.0.0.1 bettersearch.biz
127.0.0.1 www.bgazzetta.it
127.0.0.1 bgazzetta.it
127.0.0.1 www.bgoogle.it
127.0.0.1 bgoogle.it
127.0.0.1 www.bigtrafficnetwork.com
127.0.0.1 bigtrafficnetwork.com
127.0.0.1 www.bigwww.com
127.0.0.1 bigwww.com
127.0.0.1 www.bill.de
127.0.0.1 bill.de
127.0.0.1 bin.errorprotector.com
127.0.0.1 bins.media-motor.net
127.0.0.1 bins2.media-motor.net
127.0.0.1 bis.180solutions.com
127.0.0.1 bitchesonline.net
127.0.0.1 www.bitcomet-freebie.com
127.0.0.1 bitcomet-freebie.com
127.0.0.1 www.bittorrent.click-new-download.com
127.0.0.1 bittorrent.click-new-download.com
127.0.0.1 biz.biz
127.0.0.1 www.bkvcompany.com
127.0.0.1 bkvcompany.com
127.0.0.1 www.blackblues00.com
127.0.0.1 blackblues00.com
127.0.0.1 www.blackcodec.com
127.0.0.1 blackcodec.com
127.0.0.1 www.blackcodec.net
127.0.0.1 blackcodec.net
127.0.0.1 www.blackhats.tc
127.0.0.1 blackhats.tc
127.0.0.1 www.blackhawksoftware.com
127.0.0.1 blackhawksoftware.com
127.0.0.1 blackjack-free.net
127.0.0.1 www.blacklegion.info
127.0.0.1 blacklegion.info
127.0.0.1 blazefind.com
127.0.0.1 blender.xu.pl
127.0.0.1 www.blockcheckercontrol.com
127.0.0.1 blockcheckercontrol.com
127.0.0.1 blondetgp.com
127.0.0.1 www.blue-elefant.com
127.0.0.1 blue-elefant.com
127.0.0.1 www.bm.theaimonline.com
127.0.0.1 bm.theaimonline.com
127.0.0.1 www.bnmgate.com
127.0.0.1 bnmgate.com
127.0.0.1 bodaciousbabette.com
127.0.0.1 www.bonzi.com
127.0.0.1 bonzi.com
127.0.0.1 boobdoll.com
127.0.0.1 boobsandtits.com
127.0.0.1 boobsclub.com
127.0.0.1 www.bookedspace.com
127.0.0.1 bookedspace.com
127.0.0.1 www.boom.com.vn
127.0.0.1 boom.com.vn
127.0.0.1 boredlife.com
127.0.0.1 bowlofogumbo.com
127.0.0.1 www.bpfq02.com
127.0.0.1 bpfq02.com
127.0.0.1 www.bqgate.com
127.0.0.1 bqgate.com
127.0.0.1 br.errorsafe.com
127.0.0.1 br.winantivirus.com
127.0.0.1 br.winfixer.com
127.0.0.1 bradcoem.org
127.0.0.1 www.braincodec.com
127.0.0.1 braincodec.com
127.0.0.1 brandiyoung.com
127.0.0.1 www.bravesentry.com
127.0.0.1 bravesentry.com
127.0.0.1 www.breenten.biz
127.0.0.1 breenten.biz
127.0.0.1 www.brodbfm.net
127.0.0.1 brodbfm.net
127.0.0.1 brookeburn.com
127.0.0.1 www.browserwise.com
127.0.0.1 browserwise.com
127.0.0.1 bsa.safetydownload.com
127.0.0.1 www.bsplaycodec.com
127.0.0.1 bsplaycodec.com
127.0.0.1 bucps.com
127.0.0.1 buhartes.info
127.0.0.1 buldog-stats.com
127.0.0.1 www.bullseye-network.com
127.0.0.1 bullseye-network.com
127.0.0.1 burgerkingbigscreen.com
127.0.0.1 www.burningsite.com
127.0.0.1 burningsite.com
127.0.0.1 www.burnsrecyclinginc.com
127.0.0.1 burnsrecyclinginc.com
127.0.0.1 buscards.net
127.0.0.1 bustyrussell.com
127.0.0.1 www.busysearch.net
127.0.0.1 busysearch.net
127.0.0.1 buttejazz.org
127.0.0.1 www.buy-find.info
127.0.0.1 buy-find.info
127.0.0.1 buyselldomain.net
127.0.0.1 www.buytraff.biz
127.0.0.1 buytraff.biz
127.0.0.1 buz.ru
127.0.0.1 www.bvdtechinque.com
127.0.0.1 bvdtechinque.com
127.0.0.1 www.bvirgilio.it
127.0.0.1 bvirgilio.it
127.0.0.1 c.centralmedia.ws
127.0.0.1 www.c.enhance.com
127.0.0.1 c.enhance.com
127.0.0.1 c.goclick.com
127.0.0.1 www.c4tdownload.com
127.0.0.1 c4tdownload.com
127.0.0.1 www.c5.www4free.info
127.0.0.1 c5.www4free.info
127.0.0.1 www.cache.surfaccuracy.com
127.0.0.1 cache.surfaccuracy.com
127.0.0.1 cache.ysbweb.com
127.0.0.1 www.cadesfinjeriokas.com
127.0.0.1 cadesfinjeriokas.com
127.0.0.1 calcioturris.com
127.0.0.1 www.calendaralerts.net
127.0.0.1 calendaralerts.net
127.0.0.1 www.callinghome.biz
127.0.0.1 callinghome.biz
127.0.0.1 www.cameouk.co.uk
127.0.0.1 cameouk.co.uk
127.0.0.1 cameup.com
127.0.0.1 www.camouflageclothingonline.net
127.0.0.1 camouflageclothingonline.net
127.0.0.1 campaigns.outerinfo.net
127.0.0.1 camup.net
127.0.0.1 canberracricketcoaching.com
127.0.0.1 candycantaloupes.com
127.0.0.1 www.canidetect.org
127.0.0.1 canidetect.org
127.0.0.1 www.cantfind.com
127.0.0.1 cantfind.com
127.0.0.1 careers.dulcineasystems.net
127.0.0.1 carsands.com
127.0.0.1 carsrentals.net
127.0.0.1 cartoes.uol.com.br
127.0.0.1 www.casalemedia.com
127.0.0.1 casalemedia.com
127.0.0.1 www.cashdeluxe.net
127.0.0.1 cashdeluxe.net
127.0.0.1 www.cashengines.com
127.0.0.1 cashengines.com
127.0.0.1 cashsearch.biz
127.0.0.1 www.cashsurfers.com
127.0.0.1 cashsurfers.com
127.0.0.1 www.cashunlim.com
127.0.0.1 cashunlim.com
127.0.0.1 casino.com.free.game.pogo.gratisdownloads.nl
127.0.0.1 casino2win.net
127.0.0.1 casino-gambling-1.net
127.0.0.1 casino-gambling-2.net
127.0.0.1 casinomidas.net
127.0.0.1 casinonline.net
127.0.0.1 casino-onlines.net
127.0.0.1 www.castingsamateur.com
127.0.0.1 castingsamateur.com
127.0.0.1 catallogue.com
127.0.0.1 www.catch-dc.info
127.0.0.1 catch-dc.info
127.0.0.1 categories.mygeek.com
127.0.0.1 catsss.da.ru
127.0.0.1 caxa.ru
127.0.0.1 cazygirls-world.com
127.0.0.1 cc.panet.org
127.0.0.1 www.ccecaedbebfcaf.com
127.0.0.1 ccecaedbebfcaf.com
127.0.0.1 cclebali.org
127.0.0.1 www.ccorriere.it
127.0.0.1 ccorriere.it
127.0.0.1 www.cdcopysite.com
127.0.0.1 cdcopysite.com
127.0.0.1 www.cdegate.com
127.0.0.1 cdegate.com
127.0.0.1 cdn.drivecleaner.com
127.0.0.1 cdn.errorsafe.com
127.0.0.1 cdn.movies-etc.com
127.0.0.1 cdn.winsoftware.com
127.0.0.1 cdn2.movies-etc.com
127.0.0.1 www.cdorriere.it
127.0.0.1 cdorriere.it
127.0.0.1 ceewawires.org
127.0.0.1 centralmedia.ws
127.0.0.1 certumgroup.com
127.0.0.1 www.cforriere.it
127.0.0.1 cforriere.it
127.0.0.1 www.check.jupitersatellites.biz
127.0.0.1 check.jupitersatellites.biz
127.0.0.1 www.checkin100.com
127.0.0.1 checkin100.com
127.0.0.1 www.checkssecurity.com
127.0.0.1 checkssecurity.com
127.0.0.1 chelancatering.com
127.0.0.1 www.chenshijituan.com
127.0.0.1 chenshijituan.com
127.0.0.1 childrenvilla.com
127.0.0.1 www.chilly3xvids.com
127.0.0.1 chilly3xvids.com
127.0.0.1 www.chillymovs.com
127.0.0.1 chillymovs.com
127.0.0.1 chips-4-free.com
127.0.0.1 chrisswasey.com
127.0.0.1 chriswallace.net
127.0.0.1 www.cia-trjn.myvnc.com
127.0.0.1 cia-trjn.myvnc.com
127.0.0.1 www.cinemadownload.com
127.0.0.1 cinemadownload.com
127.0.0.1 www.ciorriere.it
127.0.0.1 ciorriere.it
127.0.0.1 www.cirriere.it
127.0.0.1 cirriere.it
127.0.0.1 www.citycodec.com
127.0.0.1 citycodec.com
127.0.0.1 ckick4thumbs.com
127.0.0.1 cl55.biz
127.0.0.1 clackamasliteraryreview.com
127.0.0.1 www.clckm.com
127.0.0.1 clckm.com
127.0.0.1 www.cleancodec.com
127.0.0.1 cleancodec.com
127.0.0.1 www.cleansoftwares.com
127.0.0.1 cleansoftwares.com
127.0.0.1 clearsearch.cc
127.0.0.1 clearsearch.net
127.0.0.1 clickaire.com
127.0.0.1 www.click-codec.com
127.0.0.1 click-codec.com
127.0.0.1 www.clickhere4search.com
127.0.0.1 clickhere4search.com
127.0.0.1 www.click-new-download.com
127.0.0.1 click-new-download.com
127.0.0.1 click-now.net
127.0.0.1 www.clickspring.net
127.0.0.1 clickspring.net
127.0.0.1 www.click-to-download.com
127.0.0.1 click-to-download.com
127.0.0.1 www.clicktomakeasearch.com
127.0.0.1 clicktomakeasearch.com
127.0.0.1 clickyestoenter.net
127.0.0.1 client.exeupdate.com
127.0.0.1 client.myadultexplorer.com
127.0.0.1 www.cliks.org
127.0.0.1 cliks.org
127.0.0.1 www.clipsfestival.com
127.0.0.1 clipsfestival.com
127.0.0.1 www.clipsreality.com
127.0.0.1 clipsreality.com
127.0.0.1 www.clorriere.it
127.0.0.1 clorriere.it
127.0.0.1 clrsch.com
127.0.0.1 www.clubxxxvideo.com
127.0.0.1 clubxxxvideo.com
127.0.0.1 clusif.free.fr
127.0.0.1 cmtapestry.com
127.0.0.1 www.cnetadd.com
127.0.0.1 cnetadd.com
127.0.0.1 www.cnomy.com
127.0.0.1 cnomy.com
127.0.0.1 www.cnzz.com
127.0.0.1 cnzz.com
127.0.0.1 www.cocktails-ideen.de
127.0.0.1 cocktails-ideen.de
127.0.0.1 code.ignphrases.com
127.0.0.1 codec.ninoa.com
127.0.0.1 www.codecbsplay.com
127.0.0.1 codecbsplay.com
127.0.0.1 www.codecdvd.net
127.0.0.1 codecdvd.net
127.0.0.1 www.codecdvi.com
127.0.0.1 codecdvi.com
127.0.0.1 www.codec-fun.com
127.0.0.1 codec-fun.com
127.0.0.1 www.codechard.com
127.0.0.1 codechard.com
127.0.0.1 www.codechot.net
127.0.0.1 codechot.net
127.0.0.1 www.codechq.net
127.0.0.1 codechq.net
127.0.0.1 www.codecmeg.net
127.0.0.1 codecmeg.net
127.0.0.1 www.codecmega.net
127.0.0.1 codecmega.net
127.0.0.1 www.codecmoon.com
127.0.0.1 codecmoon.com
127.0.0.1 www.codecmpg.com
127.0.0.1 codecmpg.com
127.0.0.1 www.codecnice.net
127.0.0.1 codecnice.net
127.0.0.1 www.codecops.net
127.0.0.1 codecops.net
127.0.0.1 www.codecplay.com
127.0.0.1 codecplay.com
127.0.0.1 www.codecpretty.net
127.0.0.1 codecpretty.net
127.0.0.1 www.codecpro.net
127.0.0.1 codecpro.net
127.0.0.1 www.codecsoft.net
127.0.0.1 codecsoft.net
127.0.0.1 www.codectime.com
127.0.0.1 codectime.com
127.0.0.1 www.codecultra.net
127.0.0.1 codecultra.net
127.0.0.1 www.codecvids.com
127.0.0.1 codecvids.com
127.0.0.1 www.codecvip.com
127.0.0.1 codecvip.com
127.0.0.1 www.codecviva.com
127.0.0.1 codecviva.com
127.0.0.1 www.codeczang.net
127.0.0.1 codeczang.net
127.0.0.1 www.codrriere.it
127.0.0.1 codrriere.it
127.0.0.1 www.coeriere.it
127.0.0.1 coeriere.it
127.0.0.1 www.coerriere.it
127.0.0.1 coerriere.it
127.0.0.1 www.cofrriere.it
127.0.0.1 cofrriere.it
127.0.0.1 www.cogrriere.it
127.0.0.1 cogrriere.it
127.0.0.1 www.coirriere.it
127.0.0.1 coirriere.it
127.0.0.1 command.adservs.com
127.0.0.1 www.commonname.com
127.0.0.1 www.computerpcgames.net
127.0.0.1 computerpcgames.net
127.0.0.1 www.computerrecover.com
127.0.0.1 computerrecover.com
127.0.0.1 config.180solutions.com
127.0.0.1 www.content.dollarrevenue.com
127.0.0.1 content.dollarrevenue.com
127.0.0.1 www.content.ireit.com
127.0.0.1 content.ireit.com
127.0.0.1 content.onerateld.com
127.0.0.1 www.contentmatch.net
127.0.0.1 contentmatch.net
127.0.0.1 www.contextplus.net
127.0.0.1 contextplus.net
127.0.0.1 www.contra-virus.com
127.0.0.1 contra-virus.com
127.0.0.1 www.controlmeh.com
127.0.0.1 controlmeh.com
127.0.0.1 www.convenient-search.com
127.0.0.1 convenient-search.com
127.0.0.1 www.cookingluck.com
127.0.0.1 cookingluck.com
127.0.0.1 www.cooldeskalert.com
127.0.0.1 cooldeskalert.com
127.0.0.1 coolfetishsite.com
127.0.0.1 coolfreehost.com
127.0.0.1 coolfreepage.com
127.0.0.1 coolfreepages.com
127.0.0.1 cool-homepage.co
127.0.0.1 cool-homepage.com
127.0.0.1 coolmoneysearch.com
127.0.0.1 coolpornsearch.com
127.0.0.1 cool-search.net
127.0.0.1 cool-search.netfartpost.com
127.0.0.1 coolsearcher.info
127.0.0.1 www.coolservecorp.net
127.0.0.1 coolservecorp.net
127.0.0.1 www.coolwebsearch.com
127.0.0.1 coolwebsearch.com
127.0.0.1 cool-web-search.com
127.0.0.1 coolwebsearsh.com
127.0.0.1 www.coolwwwsearch.com
127.0.0.1 coolwwwsearch.com
127.0.0.1 cool-xxx.net
127.0.0.1 www.coorriere.it
127.0.0.1 coorriere.it
127.0.0.1 copmtraine.com
127.0.0.1 www.coprriere.it
127.0.0.1 coprriere.it
127.0.0.1 www.core.psyche-evolution.com
127.0.0.1 core.psyche-evolution.com
127.0.0.1 www.coreiere.it
127.0.0.1 coreiere.it
127.0.0.1 www.coreriere.it
127.0.0.1 coreriere.it
127.0.0.1 www.corrdiere.it
127.0.0.1 corrdiere.it
127.0.0.1 www.correiere.it
127.0.0.1 correiere.it
127.0.0.1 www.corrfiere.it
127.0.0.1 corrfiere.it
127.0.0.1 www.corrgiere.it
127.0.0.1 corrgiere.it
127.0.0.1 www.corridere.it
127.0.0.1 corridere.it
127.0.0.1 www.corriedre.it
127.0.0.1 corriedre.it
127.0.0.1 www.corriee.it
127.0.0.1 corriee.it
127.0.0.1 www.corrieere.it
127.0.0.1 corrieere.it
127.0.0.1 www.corriefre.it
127.0.0.1 corriefre.it
127.0.0.1 www.corriegre.it
127.0.0.1 corriegre.it
127.0.0.1 www.corrierde.it
127.0.0.1 corrierde.it
127.0.0.1 www.corriered.it
127.0.0.1 corriered.it
127.0.0.1 www.corrieree.it
127.0.0.1 corrieree.it
127.0.0.1 www.corrieref.it
127.0.0.1 corrieref.it
127.0.0.1 www.corrierer.it
127.0.0.1 corrierer.it
127.0.0.1 www.corrieres.it
127.0.0.1 corrieres.it
127.0.0.1 www.corrierew.it
127.0.0.1 corrierew.it
127.0.0.1 www.corrierfe.it
127.0.0.1 corrierfe.it
127.0.0.1 www.corrierge.it
127.0.0.1 corrierge.it
127.0.0.1 www.corrierr.it
127.0.0.1 corrierr.it
127.0.0.1 www.corrierre.it
127.0.0.1 corrierre.it
127.0.0.1 www.corrierse.it
127.0.0.1 corrierse.it
127.0.0.1 www.corrierte.it
127.0.0.1 corrierte.it
127.0.0.1 www.corrierw.it
127.0.0.1 corrierw.it
127.0.0.1 www.corrierwe.it
127.0.0.1 corrierwe.it
127.0.0.1 www.corriesre.it
127.0.0.1 corriesre.it
127.0.0.1 www.corriete.it
127.0.0.1 corriete.it
127.0.0.1 www.corrietre.it
127.0.0.1 corrietre.it
127.0.0.1 www.corriewre.it
127.0.0.1 corriewre.it
127.0.0.1 www.corrifere.it
127.0.0.1 corrifere.it
127.0.0.1 www.corriiere.it
127.0.0.1 corriiere.it
127.0.0.1 www.corrilere.it
127.0.0.1 corrilere.it
127.0.0.1 www.corrioere.it
127.0.0.1 corrioere.it
127.0.0.1 www.corrire.it
127.0.0.1 corrire.it
127.0.0.1 www.corrirere.it
127.0.0.1 corrirere.it
127.0.0.1 www.corrirre.it
127.0.0.1 corrirre.it
127.0.0.1 www.corrisere.it
127.0.0.1 corrisere.it
127.0.0.1 www.corriuere.it
127.0.0.1 corriuere.it
127.0.0.1 www.corriwere.it
127.0.0.1 corriwere.it
127.0.0.1 www.corriwre.it
127.0.0.1 corriwre.it
127.0.0.1 www.corrliere.it
127.0.0.1 corrliere.it
127.0.0.1 www.corroere.it
127.0.0.1 corroere.it
127.0.0.1 www.corroiere.it
127.0.0.1 corroiere.it
127.0.0.1 www.corrriere.it
127.0.0.1 corrriere.it
127.0.0.1 www.corrtiere.it
127.0.0.1 corrtiere.it
127.0.0.1 www.corruere.it
127.0.0.1 corruere.it
127.0.0.1 www.corruiere.it
127.0.0.1 corruiere.it
127.0.0.1 www.cortiere.it
127.0.0.1 cortiere.it
127.0.0.1 www.cortriere.it
127.0.0.1 cortriere.it
127.0.0.1 www.costrike.com
127.0.0.1 costrike.com
127.0.0.1 www.cotriere.it
127.0.0.1 cotriere.it
127.0.0.1 www.cotrriere.it
127.0.0.1 cotrriere.it
127.0.0.1 couldnotfind.com
127.0.0.1 count.cc
127.0.0.1 count.hitscount.net
127.0.0.1 count-all.com
127.0.0.1 www.countdutycall.info
127.0.0.1 countdutycall.info
127.0.0.1 counter.sexmaniack.com
127.0.0.1 www.courtrecordslookup.com
127.0.0.1 courtrecordslookup.com
127.0.0.1 www.cporriere.it
127.0.0.1 cporriere.it
127.0.0.1 www.cprriere.it
127.0.0.1 cprriere.it
127.0.0.1 cpvfeed.com
127.0.0.1 cracks.me.uk
127.0.0.1 www.cracks4all.com
127.0.0.1 cracks4all.com
127.0.0.1 www.crapsgold.info
127.0.0.1 crapsgold.info
127.0.0.1 crazygirls-world.com
127.0.0.1 www.crazywinnings.com
127.0.0.1 crazywinnings.com
127.0.0.1 creamedcutties.com
127.0.0.1 www.createaccesskey.com
127.0.0.1 createaccesskey.com
127.0.0.1 www.creatonsoft.com
127.0.0.1 creatonsoft.com
127.0.0.1 creditsearchonline.com
127.0.0.1 crestring.com
127.0.0.1 crooder.com
127.0.0.1 www.crriere.it
127.0.0.1 crriere.it
127.0.0.1 www.cryptdrive.com
127.0.0.1 cryptdrive.com
127.0.0.1 www.crystalysmedia.com
127.0.0.1 crystalysmedia.com
127.0.0.1 www.csx.adservs.com
127.0.0.1 csx.adservs.com
127.0.0.1 cts.180solutions.com
127.0.0.1 www.cuisinartoven.com
127.0.0.1 cuisinartoven.com
127.0.0.1 www.curedc.info
127.0.0.1 curedc.info
127.0.0.1 www.curepcsolutions.com
127.0.0.1 curepcsolutions.com
127.0.0.1 curvedspaces.com
127.0.0.1 www.cutadult.com
127.0.0.1 cutadult.com
127.0.0.1 www.cvirgilio.it
127.0.0.1 cvirgilio.it
127.0.0.1 www.cvorriere.it
127.0.0.1 cvorriere.it
127.0.0.1 cvs.jps.ru
127.0.0.1 cvsymphony.com
127.0.0.1 www.cxorriere.it
127.0.0.1 cxorriere.it
127.0.0.1 www.cyberrape.com
127.0.0.1 cyberrape.com
127.0.0.1 cydom.com
127.0.0.1 www.cydoor.com
127.0.0.1 cydoor.com
127.0.0.1 www.daily3xlinks.com
127.0.0.1 daily3xlinks.com
127.0.0.1 www.dailybestclips.com
127.0.0.1 dailybestclips.com
127.0.0.1 daily-gals.com
127.0.0.1 www.dailyhugemovs.com
127.0.0.1 dailyhugemovs.com
127.0.0.1 www.dailykeys.com
127.0.0.1 dailykeys.com
127.0.0.1 www.dailypornmag.com
127.0.0.1 dailypornmag.com
127.0.0.1 dailyteenspic.com
127.0.0.1 www.dailytoolbar.com
127.0.0.1 dailytoolbar.com
127.0.0.1 www.dailyxvids.com
127.0.0.1 dailyxvids.com
127.0.0.1 dancingbabycd.com
127.0.0.1 www.dapsol.com
127.0.0.1 dapsol.com
127.0.0.1 www.dapsolution.com
127.0.0.1 dapsolution.com
127.0.0.1 www.data-hoster.com
127.0.0.1 data-hoster.com
127.0.0.1 datanotary.com
127.0.0.1 datareco.com
127.0.0.1 www.dateanybabe.com
127.0.0.1 dateanybabe.com
127.0.0.1 www.dateanychick.com
127.0.0.1 dateanychick.com
127.0.0.1 www.datingdoctorsite.com
127.0.0.1 datingdoctorsite.com
127.0.0.1 www.dating-galaxy.info
127.0.0.1 dating-galaxy.info
127.0.0.1 dating-search.net
127.0.0.1 davemarshall.org
127.0.0.1 db105.com
127.0.0.1 www.dbdecicated.com
127.0.0.1 dbdecicated.com
127.0.0.1 www.dbxcompany.com
127.0.0.1 dbxcompany.com
127.0.0.1 dcdl.dmcast.com
127.0.0.1 dcfitusa.com
127.0.0.1 www.dcorriere.it
127.0.0.1 dcorriere.it
127.0.0.1 www.dcurtis.com
127.0.0.1 dcurtis.com
127.0.0.1 dcww.dmcast.com
127.0.0.1 de.ag
127.0.0.1 de.drivecleaner.com
127.0.0.1 de.errorsafe.com
127.0.0.1 de.winantivirus.com
127.0.0.1 de98.remsys.org
127.0.0.1 www.debay.it
127.0.0.1 debay.it
127.0.0.1 www.decknews.com
127.0.0.1 decknews.com
127.0.0.1 dedmazay.3322.org
127.0.0.1 www.dedsearch.com
127.0.0.1 dedsearch.com
127.0.0.1 defaultsearch.net
127.0.0.1 www.defensaantimalware.com
127.0.0.1 defensaantimalware.com
127.0.0.1 www.deja-rue.com
127.0.0.1 deja-rue.com
127.0.0.1 www.delficodec.com
127.0.0.1 delficodec.com
127.0.0.1 www.democodec.com
127.0.0.1 democodec.com
127.0.0.1 www.derklaif.biz
127.0.0.1 derklaif.biz
127.0.0.1 www.derrari.it
127.0.0.1 derrari.it
127.0.0.1 desarrollocreativo.com
127.0.0.1 www.deskbar.worldtostart.com
127.0.0.1 deskbar.worldtostart.com
127.0.0.1 www.deskwizz.com
127.0.0.1 deskwizz.com
127.0.0.1 www.destruktor.to.pl
127.0.0.1 destruktor.to.pl
127.0.0.1 www.detectivehound.com
127.0.0.1 detectivehound.com
127.0.0.1 www.detectivesearches.com
127.0.0.1 detectivesearches.com
127.0.0.1 dev.ntcor.com
127.0.0.1 develip.com
127.0.0.1 dewis.spb.ru
127.0.0.1 dewis.us
127.0.0.1 df809jow4wj2304lfd0sf9fsd0a2t4ldf809jow4wj2304lfd0sf9fsd0a2t4ld.biz
127.0.0.1 www.dgbusiness.com
127.0.0.1 dgbusiness.com
127.0.0.1 dialer2004.com
127.0.0.1 www.dialerclub.com
127.0.0.1 dialerclub.com
127.0.0.1 www.dialer-shop.com
127.0.0.1 dialer-shop.com
127.0.0.1 www.dialoff.com
127.0.0.1 dialoff.com
127.0.0.1 www.did.i-used.cc
127.0.0.1 did.i-used.cc
127.0.0.1 dietpills4free.com
127.0.0.1 dietpussy.com
127.0.0.1 www.digikeygen.com
127.0.0.1 digikeygen.com
127.0.0.1 digistreamsa.com
127.0.0.1 www.digitalcoders.net
127.0.0.1 digitalcoders.net
127.0.0.1 www.digitalfan.com
127.0.0.1 digital-pornography.com
127.0.0.1 dionforvalleycouncil.org
127.0.0.1 www.directdvdpro.com
127.0.0.1 directdvdpro.com
127.0.0.1 www.directnameservice.com
127.0.0.1 directnameservice.com
127.0.0.1 www.directporta.info
127.0.0.1 directporta.info
127.0.0.1 www.directsearchzone.com
127.0.0.1 directsearchzone.com
127.0.0.1 www.diskretter.com
127.0.0.1 diskretter.com
127.0.0.1 dist.checkin100.com
127.0.0.1 dl.ad-ware.cc
127.0.0.1 dl.malwarewipe.com
127.0.0.1 dl.mcboo.com
127.0.0.1 www.dl.targetsaver.com
127.0.0.1 dl.targetsaver.com
127.0.0.1 dl.web-nexus.net
127.0.0.1 dl1.antivermins.com
127.0.0.1 dl1.antivirgear.com
127.0.0.1 dl1.spydawn.com
127.0.0.1 dl1.virusprotectpro.com
127.0.0.1 dl10.spyfalcon.com
127.0.0.1 dl16.spyfalcon.com
127.0.0.1 dl2.spyfalcon.com
127.0.0.1 dl2.spyheal.com
127.0.0.1 dl2.spywarestrike.com
127.0.0.1 dl3.spyfalcon.com
127.0.0.1 dl3.spyheal.com
127.0.0.1 dl3.spywarestrike.com
127.0.0.1 dl4.spyfalcon.com
127.0.0.1 dl4.spywarestrike.com
127.0.0.1 dl5.spyfalcon.com
127.0.0.1 dl5.spywarestrike.com
127.0.0.1 dl6.spywarestrike.com
127.0.0.1 dl7.spywarestrike.com
127.0.0.1 dl8.spyheal.com
127.0.0.1 dl8.spywarestrike.com
127.0.0.1 dl9.spyfalcon.com
127.0.0.1 dload.contextplus.net
127.0.0.1 www.dltsolution.com
127.0.0.1 dltsolution.com
127.0.0.1 www.dmcast.com
127.0.0.1 dmcast.com
127.0.0.1 www.dmqfirm.com
127.0.0.1 dmqfirm.com
127.0.0.1 www.dnaads.com
127.0.0.1 dnaads.com
127.0.0.1 dnl.mabou.org
127.0.0.1 www.dns-look-up.com
127.0.0.1 dns-look-up.com
127.0.0.1 doctorwaldron.com
127.0.0.1 document-not-found.pornpic.org
127.0.0.1 doggyaction.com
127.0.0.1 www.dogproblemswebsite.com
127.0.0.1 dogproblemswebsite.com
127.0.0.1 doktorxxx.com
127.0.0.1 dollarrevenue.com
127.0.0.1 www.domaincar.com
127.0.0.1 domaincar.com
127.0.0.1 domains2003.net
127.0.0.1 domains-for-you-online.com
127.0.0.1 domain-your-registration.com
127.0.0.1 domkrat.com
127.0.0.1 www.doofo.com
127.0.0.1 doofo.com
127.0.0.1 www.dotcomtoolbar.com
127.0.0.1 dotcomtoolbar.com
127.0.0.1 down.136136.net
127.0.0.1 download.abetterinternet.com
127.0.0.1 download.adintelligence.net
127.0.0.1 www.download.antispywarebot.com
127.0.0.1 download.antispywarebot.com
127.0.0.1 www.download.bardownload.com
127.0.0.1 download.bardownload.com
127.0.0.1 www.download.bravesentry.com
127.0.0.1 download.bravesentry.com
127.0.0.1 download.cdn.drivecleaner.com
127.0.0.1 download.cdn.errorsafe.com
127.0.0.1 download.cdn.winsoftware.com
127.0.0.1 download.contextplus.net
127.0.0.1 download.errorsafe.com
127.0.0.1 www.download.jupitersatellites.biz
127.0.0.1 download.jupitersatellites.biz
127.0.0.1 download.malwarealarm.com
127.0.0.1 download.searchtabs.net
127.0.0.1 www.download.secureyournet.biz
127.0.0.1 download.secureyournet.biz
127.0.0.1 download.spyonthis.net
127.0.0.1 download.spy-shredder.com
127.0.0.1 download.systemdoctor.com
127.0.0.1 download.winantispyware.com
127.0.0.1 download.winantivirus.com
127.0.0.1 download.windrivecleaner.com
127.0.0.1 download.winfixer.com
127.0.0.1 download10.spywarequake.com
127.0.0.1 download11.spywarequake.com
127.0.0.1 download12.spywarequake.com
127.0.0.1 download13.spywarequake.com
127.0.0.1 download15.spywarequake.com
127.0.0.1 download2.spywarequake.com
127.0.0.1 www.download-2007.com
127.0.0.1 download-2007.com
127.0.0.1 download3.spyaxe.com
127.0.0.1 download3.spywarequake.com
127.0.0.1 www.download3xpics.com
127.0.0.1 download3xpics.com
127.0.0.1 download4.spyaxe.com
127.0.0.1 download4.spywarequake.com
127.0.0.1 download5.spyaxe.com
127.0.0.1 download5.spywarequake.com
127.0.0.1 download6.spyaxe.com
127.0.0.1 download7.spywarequake.com
127.0.0.1 download8.spywarequake.com
127.0.0.1 download9.spywarequake.com
127.0.0.1 www.downloadacceleratorsite.com
127.0.0.1 downloadacceleratorsite.com
127.0.0.1 www.download-ad-aware.com
127.0.0.1 download-ad-aware.com
127.0.0.1 www.download-all-4-free.com
127.0.0.1 download-all-4-free.com
127.0.0.1 www.download-all-area.com
127.0.0.1 download-all-area.com
127.0.0.1 www.download-antivir.com
127.0.0.1 download-antivir.com
127.0.0.1 www.downloadanysong.com
127.0.0.1 downloadanysong.com
127.0.0.1 www.downloadaresnow.com
127.0.0.1 downloadaresnow.com
127.0.0.1 www.download-avast.com
127.0.0.1 download-avast.com
127.0.0.1 www.downloadcorporation.com
127.0.0.1 downloadcorporation.com
127.0.0.1 www.download-dvdshrink.com
127.0.0.1 download-dvdshrink.com
127.0.0.1 www.download-for-free.net
127.0.0.1 download-for-free.net
127.0.0.1 www.downloadfreesoft.com
127.0.0.1 downloadfreesoft.com
127.0.0.1 www.downloadfreeway.com
127.0.0.1 downloadfreeway.com
127.0.0.1 www.downloadimesh.com
127.0.0.1 downloadimesh.com
127.0.0.1 www.download-itunes-now.com
127.0.0.1 download-itunes-now.com
127.0.0.1 www.download-limewire.org
127.0.0.1 download-limewire.org
127.0.0.1 www.downloadlost.tv
127.0.0.1 downloadlost.tv
127.0.0.1 www.downloadmax.net
127.0.0.1 downloadmax.net
127.0.0.1 www.download-mcafee.com
127.0.0.1 download-mcafee.com
127.0.0.1 download-me.info
127.0.0.1 www.downloadmediaax.com
127.0.0.1 downloadmediaax.com
127.0.0.1 www.downloadpics.net
127.0.0.1 downloadpics.net
127.0.0.1 www.downloadprovider.net
127.0.0.1 downloadprovider.net
127.0.0.1 www.download-real-player.com
127.0.0.1 download-real-player.com
127.0.0.1 downloads.180solutions.com
127.0.0.1 downloads.adaware.cc
127.0.0.1 www.downloadservicearea.com
127.0.0.1 downloadservicearea.com
127.0.0.1 www.downloads-free.org
1
0
Réponse 24 / 54
mikia06
 
voila le rapport hijackthis:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:07:08, on 22/04/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\Program Files\Norton Internet Security\ISSVC.exe
C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\PROGRA~1\PACKSC~1\backweb\361343\Program\SERVIC~1.EXE
c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
C:\Program Files\Pack Sécurité\backweb\361343\Program\fspex.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
C:\Program Files\Pack Sécurité\Anti-Virus\fsgk32st.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe
C:\Program Files\Pack Sécurité\Anti-Virus\FSGK32.EXE
C:\Program Files\Pack Sécurité\backweb\361343\program\fsbwsys.exe
C:\Program Files\Pack Sécurité\Common\FSMA32.EXE
c:\APPS\HIDSERVICE\HIDSERVICE.exe
C:\Program Files\Pack Sécurité\Common\FSMB32.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Pack Sécurité\Common\FCH32.EXE
C:\Program Files\Microsoft SQL Server\MSSQL$INVENTORCONTENT\Binn\sqlservr.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\Program Files\Pack Sécurité\Anti-Virus\fsqh.exe
C:\Program Files\Pack Sécurité\Common\FAMEH32.EXE
C:\Program Files\Pack Sécurité\Anti-Virus\fsrw.exe
C:\Program Files\Pack Sécurité\FSPC\fspc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\svchost.exe
C:\Apps\Powercinema\PCMService.exe
c:\APPS\Powercinema\Kernel\TV\CLSched.exe
C:\apps\ABoard\ABoard.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\apps\ABoard\AOSD.exe
C:\Program Files\D-Tools\daemon.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Pack Sécurité\Common\FSM32.EXE
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\BitComet\BitComet.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICAE.EXE
C:\Program Files\Pack Sécurité\FWES\Program\fsdfwd.exe
C:\Program Files\Pack Sécurité\Anti-Virus\fssm32.exe
C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Pack Sécurité\Anti-Virus\fsav32.exe
C:\Program Files\Pack Sécurité\Anti-Spyware\fsaw.exe
C:\Program Files\Pack Sécurité\FSGUI\fsguidll.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NSMdtr.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\PROGRA~1\WINDOW~4\MESSEN~1\msnmsgr.exe
C:\Documents and Settings\FARID\Bureau\test.exe.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Packard Bell
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {315E0AA4-290D-495C-AF63-C717E8E13635} - C:\WINDOWS\system32\efcbAQgG.dll (file missing)
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.11.30.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Norton Internet Security - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O2 - BHO: (no name) - {CF32F1B6-1BB6-411C-A957-0E4407947AC8} - (no file)
O2 - BHO: (no name) - {D693EA2D-09AC-4B79-8C87-7D44FD48D00E} - C:\WINDOWS\system32\qoMdETjH.dll (file missing)
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O2 - BHO: (no name) - {F11DDDE1-D450-4009-8C54-99DE4E9863C5} - C:\WINDOWS\system32\hgGvtSjK.dll
O3 - Toolbar: Norton Internet Security - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [PCMService] "c:\Apps\Powercinema\PCMService.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32"
O4 - HKLM\..\Run: [ACTIVBOARD] c:\apps\ABoard\ABoard.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\Pack Sécurité\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure Startup Wizard] "C:\Program Files\Pack Sécurité\FSGUI\FSSW.EXE" /reboot
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\Pack Sécurité\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [d467dab9] rundll32.exe "C:\WINDOWS\system32\ayjkewpr.dll",b
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BitComet] "C:\Program Files\BitComet\BitComet.exe" /tray
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9
O4 - HKCU\..\Run: [EPSON Stylus DX4400 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICAE.EXE /FU "C:\WINDOWS\TEMP\E_SF2.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [Instant Access] C:\WINDOWS\system32\nsinet.exe /res
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Pack Sécurité.lnk = ?
O4 - Global Startup: Service Manager.lnk = C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
O8 - Extra context menu item: &Bloquer cette fenêtre pub. - C:\Program Files\Pack Sécurité\Anti-Spyware\blockpopups.htm
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Parental... - {200DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\Pack Sécurité\FSPC\fspcmsie.dll
O9 - Extra button: (no name) - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Program Files\Pack Sécurité\FSPC\fspcmsie.dll
O9 - Extra 'Tools' menuitem: Parental... - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Program Files\Pack Sécurité\FSPC\fspcmsie.dll
O9 - Extra button: Protection IE - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\Pack Sécurité\Anti-Spyware\ieshield.dll
O9 - Extra 'Tools' menuitem: Protection IE... - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\Pack Sécurité\Anti-Spyware\ieshield.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\OFFICE11\REFIEBAR.DLL (file missing)
O9 - Extra button: Organise-notes - {9455301C-CF6B-11D3-A266-00C04F689C50} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Researcher\EROPROJ.DLL
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.1.11.30.dll/206 (file missing)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm
O16 - DPF: {2357B3CF-7F8D-4451-8D81-FD6097610AEE} (CamfrogWEB Advanced Unicode Control) - http://activex.camfrogweb.com/advanced/2.0.2.3/cfweb_activex.camfrogweb.com-advanced-2.0.2.3_instmodule.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: Pack Sécurité (BackWeb Plug-in - 361343) - Pack Securite - C:\PROGRA~1\PACKSC~1\backweb\361343\Program\SERVIC~1.EXE
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - C:\Program Files\Pack Sécurité\Anti-Virus\fsgk32st.exe
O23 - Service: FSBWSYS - F-Secure Corp. - C:\Program Files\Pack Sécurité\backweb\361343\program\fsbwsys.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\Pack Sécurité\FWES\Program\fsdfwd.exe
O23 - Service: FSMA - F-Secure Corporation - C:\Program Files\Pack Sécurité\Common\FSMA32.EXE
O23 - Service: Generic Service for HID Keyboard Input Collections (GenericHidService) - Unknown owner - c:\APPS\HIDSERVICE\HIDSERVICE.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: ISSvc (ISSVC) - Symantec Corporation - C:\Program Files\Norton Internet Security\ISSVC.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: MysqlInventime - Unknown owner - C:\Apps\INVENT~1\mysql\bin\mysqld-nt.exe
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
0
Utilisateur anonyme
 
regarde sur le poste 27

http://www.commentcamarche.net/forum/affich 6048715 probleme de spyware#27

car il me manque virtu et as tu fixé toutes les lignes?
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 25 / 54
mikia06
 
oui g fixé toute les lignes
0
Réponse 26 / 54
mikia06
 
mais je vais regardé a nouveau
0
Réponse 27 / 54
mikia06
 
nan j'ai regardé de nouveau et j'ai tout bien coché
0
Utilisateur anonyme
 
ET CA TU NE LA PAS FAIS

Télécharger VirtumundoBegone sur le bureau:

http://secured2k.home.comcast.net/tools/VirtumundoBeGone.exe


Double cliquer sur VirtumundoBeGone.exe et suivre les instructions.
Une fois terminé, redémarrer le PC, le rapport VBG.TXT sera crée sur le bureau . ET POSTE LE RAPPORT!!
(Si un message Ecran bleu "Erreur fatale" apparaît, pas d’inquiétude car c'est normal et attendu). Comme précédemment, repost un rapport hijackthis,
0
Réponse 28 / 54
mikia06
 
ah désolé le voila:



[04/22/2008, 18:49:02] - VirtumundoBeGone v1.5 ( "C:\Documents and Settings\FARID\Bureau\VirtumundoBeGone.exe" )
[04/22/2008, 18:49:12] - Detected System Information:
[04/22/2008, 18:49:12] - Windows Version: 5.1.2600, Service Pack 2
[04/22/2008, 18:49:12] - Current Username: FARID (Admin)
[04/22/2008, 18:49:12] - Windows is in NORMAL mode.
[04/22/2008, 18:49:12] - Searching for Browser Helper Objects:
[04/22/2008, 18:49:12] - BHO 1: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (Adobe PDF Reader Link Helper)
[04/22/2008, 18:49:12] - BHO 2: {26551DC9-C422-4D3F-B606-BDD17E132925} ()
[04/22/2008, 18:49:12] - WARNING: BHO has no default name. Checking for Winlogon reference.
[04/22/2008, 18:49:12] - Checking for HKLM\...\Winlogon\Notify\hgGvtSjK
[04/22/2008, 18:49:12] - Key not found: HKLM\...\Winlogon\Notify\hgGvtSjK, continuing.
[04/22/2008, 18:49:12] - BHO 3: {315E0AA4-290D-495C-AF63-C717E8E13635} ()
[04/22/2008, 18:49:12] - WARNING: BHO has no default name. Checking for Winlogon reference.
[04/22/2008, 18:49:12] - Checking for HKLM\...\Winlogon\Notify\efcbAQgG
[04/22/2008, 18:49:12] - Key not found: HKLM\...\Winlogon\Notify\efcbAQgG, continuing.
[04/22/2008, 18:49:12] - BHO 4: {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} (BitComet Helper)
[04/22/2008, 18:49:12] - BHO 5: {53707962-6F74-2D53-2644-206D7942484F} (Spybot-S&D IE Protection)
[04/22/2008, 18:49:13] - BHO 6: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (SSVHelper Class)
[04/22/2008, 18:49:13] - BHO 7: {9030D464-4C02-4ABF-8ECC-5164760863C6} (Programme d'aide de l'Assistant de connexion Windows Live)
[04/22/2008, 18:49:13] - BHO 8: {9ECB9560-04F9-4bbc-943D-298DDF1699E1} (CNisExtBho Class)
[04/22/2008, 18:49:13] - BHO 9: {AA58ED58-01DD-4d91-8333-CF10577473F7} (Google Toolbar Helper)
[04/22/2008, 18:49:13] - BHO 10: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} (Google Toolbar Notifier BHO)
[04/22/2008, 18:49:13] - BHO 11: {BDF3E430-B101-42AD-A544-FADC6B084872} (CNavExtBho Class)
[04/22/2008, 18:49:13] - BHO 12: {CF32F1B6-1BB6-411C-A957-0E4407947AC8} ()
[04/22/2008, 18:49:13] - WARNING: BHO has no default name. Checking for Winlogon reference.
[04/22/2008, 18:49:13] - No filename found. Continuing.
[04/22/2008, 18:49:13] - BHO 13: {D693EA2D-09AC-4B79-8C87-7D44FD48D00E} ()
[04/22/2008, 18:49:13] - WARNING: BHO has no default name. Checking for Winlogon reference.
[04/22/2008, 18:49:13] - Checking for HKLM\...\Winlogon\Notify\qoMdETjH
[04/22/2008, 18:49:13] - Key not found: HKLM\...\Winlogon\Notify\qoMdETjH, continuing.
[04/22/2008, 18:49:13] - BHO 14: {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} (EpsonToolBandKicker Class)
[04/22/2008, 18:49:13] - Finished Searching Browser Helper Objects
[04/22/2008, 18:49:13] - Finishing up...
[04/22/2008, 18:49:13] - Nothing found! Exiting...
0
Utilisateur anonyme
 
POSTE UN HIJACKTHIS ET AS TU TOUJOURS DES SOUCIS,
0
Réponse 29 / 54
mikia06
 
Pour l'instant tout marche trés bien...
voila le rapport:


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:19:42, on 22/04/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\Program Files\Norton Internet Security\ISSVC.exe
C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\PROGRA~1\PACKSC~1\backweb\361343\Program\SERVIC~1.EXE
c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
C:\Program Files\Pack Sécurité\backweb\361343\Program\fspex.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
C:\Program Files\Pack Sécurité\Anti-Virus\fsgk32st.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe
C:\Program Files\Pack Sécurité\Anti-Virus\FSGK32.EXE
C:\Program Files\Pack Sécurité\backweb\361343\program\fsbwsys.exe
C:\Program Files\Pack Sécurité\Common\FSMA32.EXE
c:\APPS\HIDSERVICE\HIDSERVICE.exe
C:\Program Files\Pack Sécurité\Common\FSMB32.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Pack Sécurité\Common\FCH32.EXE
C:\Program Files\Microsoft SQL Server\MSSQL$INVENTORCONTENT\Binn\sqlservr.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\Program Files\Pack Sécurité\Anti-Virus\fsqh.exe
C:\Program Files\Pack Sécurité\Common\FAMEH32.EXE
C:\Program Files\Pack Sécurité\Anti-Virus\fsrw.exe
C:\Program Files\Pack Sécurité\FSPC\fspc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\svchost.exe
C:\Apps\Powercinema\PCMService.exe
c:\APPS\Powercinema\Kernel\TV\CLSched.exe
C:\apps\ABoard\ABoard.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\apps\ABoard\AOSD.exe
C:\Program Files\D-Tools\daemon.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Pack Sécurité\Common\FSM32.EXE
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICAE.EXE
C:\Program Files\Pack Sécurité\FWES\Program\fsdfwd.exe
C:\Program Files\Pack Sécurité\Anti-Virus\fssm32.exe
C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Pack Sécurité\Anti-Virus\fsav32.exe
C:\Program Files\Pack Sécurité\Anti-Spyware\fsaw.exe
C:\Program Files\Pack Sécurité\FSGUI\fsguidll.exe
C:\PROGRA~1\WINDOW~4\MESSEN~1\msnmsgr.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\BitComet\BitComet.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NSMdtr.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Documents and Settings\FARID\Bureau\test.exe.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Packard Bell
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {315E0AA4-290D-495C-AF63-C717E8E13635} - C:\WINDOWS\system32\efcbAQgG.dll (file missing)
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.11.30.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Norton Internet Security - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O2 - BHO: (no name) - {CF32F1B6-1BB6-411C-A957-0E4407947AC8} - (no file)
O2 - BHO: (no name) - {D693EA2D-09AC-4B79-8C87-7D44FD48D00E} - C:\WINDOWS\system32\qoMdETjH.dll (file missing)
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O2 - BHO: (no name) - {F11DDDE1-D450-4009-8C54-99DE4E9863C5} - C:\WINDOWS\system32\hgGvtSjK.dll
O3 - Toolbar: Norton Internet Security - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [PCMService] "c:\Apps\Powercinema\PCMService.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32"
O4 - HKLM\..\Run: [ACTIVBOARD] c:\apps\ABoard\ABoard.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\Pack Sécurité\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure Startup Wizard] "C:\Program Files\Pack Sécurité\FSGUI\FSSW.EXE" /reboot
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\Pack Sécurité\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [d467dab9] rundll32.exe "C:\WINDOWS\system32\ayjkewpr.dll",b
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BitComet] "C:\Program Files\BitComet\BitComet.exe" /tray
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9
O4 - HKCU\..\Run: [EPSON Stylus DX4400 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICAE.EXE /FU "C:\WINDOWS\TEMP\E_SF2.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [Instant Access] C:\WINDOWS\system32\nsinet.exe /res
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Pack Sécurité.lnk = ?
O4 - Global Startup: Service Manager.lnk = C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
O8 - Extra context menu item: &Bloquer cette fenêtre pub. - C:\Program Files\Pack Sécurité\Anti-Spyware\blockpopups.htm
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Parental... - {200DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\Pack Sécurité\FSPC\fspcmsie.dll
O9 - Extra button: (no name) - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Program Files\Pack Sécurité\FSPC\fspcmsie.dll
O9 - Extra 'Tools' menuitem: Parental... - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Program Files\Pack Sécurité\FSPC\fspcmsie.dll
O9 - Extra button: Protection IE - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\Pack Sécurité\Anti-Spyware\ieshield.dll
O9 - Extra 'Tools' menuitem: Protection IE... - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\Pack Sécurité\Anti-Spyware\ieshield.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\OFFICE11\REFIEBAR.DLL (file missing)
O9 - Extra button: Organise-notes - {9455301C-CF6B-11D3-A266-00C04F689C50} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Researcher\EROPROJ.DLL
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.1.11.30.dll/206 (file missing)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm
O16 - DPF: {2357B3CF-7F8D-4451-8D81-FD6097610AEE} (CamfrogWEB Advanced Unicode Control) - http://activex.camfrogweb.com/advanced/2.0.2.3/cfweb_activex.camfrogweb.com-advanced-2.0.2.3_instmodule.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: Pack Sécurité (BackWeb Plug-in - 361343) - Pack Securite - C:\PROGRA~1\PACKSC~1\backweb\361343\Program\SERVIC~1.EXE
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - C:\Program Files\Pack Sécurité\Anti-Virus\fsgk32st.exe
O23 - Service: FSBWSYS - F-Secure Corp. - C:\Program Files\Pack Sécurité\backweb\361343\program\fsbwsys.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\Pack Sécurité\FWES\Program\fsdfwd.exe
O23 - Service: FSMA - F-Secure Corporation - C:\Program Files\Pack Sécurité\Common\FSMA32.EXE
O23 - Service: Generic Service for HID Keyboard Input Collections (GenericHidService) - Unknown owner - c:\APPS\HIDSERVICE\HIDSERVICE.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: ISSvc (ISSVC) - Symantec Corporation - C:\Program Files\Norton Internet Security\ISSVC.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: MysqlInventime - Unknown owner - C:\Apps\INVENT~1\mysql\bin\mysqld-nt.exe
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
0
Utilisateur anonyme
 
refix les lignes ci dessous

O2 - BHO: (no name) - {315E0AA4-290D-495C-AF63-C717E8E13635} - C:\WINDOWS\system32\efcbAQgG.dll (file missing)

O2 - BHO: (no name) - {CF32F1B6-1BB6-411C-A957-0E4407947AC8} - (no file)

O2 - BHO: (no name) - {D693EA2D-09AC-4B79-8C87-7D44FD48D00E} - C:\WINDOWS\system32\qoMdETjH.dll (file missing)

2 - BHO: (no name) - {F11DDDE1-D450-4009-8C54-99DE4E9863C5} - C:\WINDOWS\system32\hgGvtSjK.dll

O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC

O4 - HKLM\..\Run: [d467dab9] rundll32.exe "C:\WINDOWS\system32\ayjkewpr.dll",b

O4 - HKCU\..\Run: [Instant Access] C:\WINDOWS\system32\nsinet.exe /res

Télécharges ComboFix à partir d'un de ces liens :

http://download.bleepingcomputer.com/sUBs/ComboFix.exe
https://forospyware.com
http://www.geekstogo.com/forum/files/file/197-combofix-by-subs/

Et important, enregistre le sur le bureau.

Avant d'utiliser ComboFix :

► Déconnecte toi d'internet et referme les fenêtres de tous les programmes en cours.

► Désactive provisoirement et seulement le temps de l'utilisation de ComboFix, la protection en temps réel de ton Antivirus et de tes Antispywares, qui peuvent géner fortement la procédure de recherche et de nettoyage de l'outil.


Une fois fait, sur ton bureau double-clic sur Combofix.exe.

- Répond oui au message d'avertissement, pour que le programme commence à procéder à l'analyse du pc.

/!\ Pendant la durée de cette étape, ne te sert pas du pc et n'ouvre aucun programmes.

- En fin de scan il est possible que ComboFix ait besoin de redemarrer le pc pour finaliser la désinfection\recherche, laisses-le faire.

- Un rapport s'ouvrira ensuite dans le bloc notes, ce fichier rapport Combofix.txt, est automatiquement sauvegardé et rangé à C:\Combofix.txt)

► Réactive la protection en temps réel de ton Antivirus et de tes Antispywares, avant de te reconnecter à internet.

► Reviens sur le forum, et copie et colle la totalité du contenu de C:\Combofix.txt dans ton prochain message.
0
Réponse 30 / 54
mikia06
 
mais je n'arrive toujours pas a restaurer mon systeme car je ne peut qu'accéder au mois d'avril....
0
Utilisateur anonyme
 
regarde mon post 43
0
Réponse 31 / 54
mikia06
 
bon je vais faire les manips
0
Utilisateur anonyme
 
c est pas 43 c'est le poste 45
0
Réponse 32 / 54
mikia06
 
il me manque les lignes suivantes sur hijack:



2 - BHO: (no name) - {F11DDDE1-D450-4009-8C54-99DE4E9863C5} - C:\WINDOWS\system32\hgGvtSjK.dll


O4 - HKLM\..\Run: [d467dab9] rundll32.exe "C:\WINDOWS\system32\ayjkewpr.dll",b
0
Utilisateur anonyme
 
fais la suite!!
0
Réponse 33 / 54
mikia06
 
ok
0
Réponse 34 / 54
mikia06
 
voila le rapport combo:

ComboFix 08-04-22.3 - FARID 2008-04-23 16:03:13.1 - NTFSx86 NETWORK
Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.331 [GMT 2:00]
Endroit: C:\Documents and Settings\FARID\Bureau\ComboFix.exe
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\FARID\Bureaublackbird.jpg
C:\Documents and Settings\FARID\BureauEditorFKWP1.5.exe
C:\Documents and Settings\FARID\BureauEditorFKWP2.0.exe
C:\Documents and Settings\FARID\Bureaufilemanagerclient.exe
C:\Documents and Settings\FARID\Bureaufkwp1.5.exe
C:\Documents and Settings\FARID\Bureaufkwp2.0.exe
C:\Documents and Settings\FARID\Bureaufwebd.exe
C:\Documents and Settings\FARID\BureauFWebdEditor.exe
C:\Documents and Settings\FARID\BureauTrojan.Win32.BlackBird.exe
C:\Documents and Settings\FARID\Bureauvirii
C:\Documents and Settings\FARID\Local Settings\Application Data\onnizfcfy.dat
C:\Documents and Settings\FARID\Local Settings\Application Data\onnizfcfy_nav.dat
C:\Documents and Settings\FARID\Local Settings\Application Data\onnizfcfy_navps.dat
c:\Documents and Settings\FARID\Local Settings\Application Data\qddzopibi.dat
C:\Documents and Settings\FARID\Local Settings\Application Data\qddzopibi.exe
c:\Documents and Settings\FARID\Local Settings\Application Data\qddzopibi_nav.dat
c:\Documents and Settings\FARID\Local Settings\Application Data\qddzopibi_navps.dat
c:\Documents and Settings\FARID\Local Settings\Application Data\qddzopibi_navup.dat
C:\Program Files\PC-Cleaner
C:\WINDOWS\cookies.ini
C:\WINDOWS\system32\aqdeuktx.ini
C:\WINDOWS\system32\ayjkewpr.dll
C:\WINDOWS\system32\BaIhPXbc.ini
C:\WINDOWS\system32\BaIhPXbc.ini2
C:\WINDOWS\system32\BegjQqru.ini
C:\WINDOWS\system32\BegjQqru.ini2
C:\WINDOWS\system32\BHjlmnmp.ini
C:\WINDOWS\system32\BHjlmnmp.ini2
C:\WINDOWS\system32\BHNUxGgh.ini
C:\WINDOWS\system32\BHNUxGgh.ini2
C:\WINDOWS\system32\cddccfii.ini
C:\WINDOWS\system32\cddccfii.ini2
C:\WINDOWS\system32\fccBrrPG.dll
C:\WINDOWS\system32\GgQAbcfe.ini
C:\WINDOWS\system32\GgQAbcfe.ini2
C:\WINDOWS\system32\hgGvtSjK.dll
C:\WINDOWS\system32\jjQBKnmp.ini
C:\WINDOWS\system32\jjQBKnmp.ini2
C:\WINDOWS\system32\KjStvGgh.ini
C:\WINDOWS\system32\KjStvGgh.ini2
C:\WINDOWS\system32\lSssDJlm.ini
C:\WINDOWS\system32\lSssDJlm.ini2
C:\WINDOWS\system32\mcrh.tmp
C:\WINDOWS\system32\nsinet.exe
C:\WINDOWS\system32\rAyxyyxx.ini
C:\WINDOWS\system32\rAyxyyxx.ini2
C:\WINDOWS\system32\rpwekjya.ini
C:\WINDOWS\system32\sYbHknnn.ini
C:\WINDOWS\system32\sYbHknnn.ini2
C:\WINDOWS\system32\xtkuedqa.dll
C:\WINDOWS\system32bdn.com
C:\WINDOWS\system32hxiwlgpm.dat
C:\WINDOWS\system32ssvchost.com
C:\WINDOWS\system32taack.dat
C:\WINDOWS\system32VBIEWER.OCX

.
((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-03-23 to 2008-04-23 ))))))))))))))))))))))))))))))))))))
.

2008-04-22 21:28 . 2008-04-22 21:28 16,776,718 --a------ C:\Program Files\EURO08.exe
2008-04-22 21:06 . 2007-10-12 15:14 3,734,536 --a------ C:\WINDOWS\system32\d3dx9_36.dll
2008-04-22 21:05 . 2007-03-12 16:42 3,495,784 --a------ C:\WINDOWS\system32\d3dx9_33.dll
2008-04-22 21:05 . 2006-11-29 13:06 3,426,072 --a------ C:\WINDOWS\system32\d3dx9_32.dll
2008-04-22 21:05 . 2006-09-28 16:05 2,414,360 --a------ C:\WINDOWS\system32\d3dx9_31.dll
2008-04-22 21:05 . 2007-03-12 16:42 1,123,696 --a------ C:\WINDOWS\system32\D3DCompiler_33.dll
2008-04-22 21:05 . 2007-03-15 16:57 443,752 --a------ C:\WINDOWS\system32\d3dx10_33.dll
2008-04-22 21:05 . 2007-04-04 18:55 261,480 --a------ C:\WINDOWS\system32\xactengine2_7.dll
2008-04-22 21:05 . 2007-01-24 15:27 255,848 --a------ C:\WINDOWS\system32\xactengine2_6.dll
2008-04-22 21:05 . 2006-12-08 12:02 251,672 --a------ C:\WINDOWS\system32\xactengine2_5.dll
2008-04-22 21:05 . 2006-09-28 16:05 237,848 --a------ C:\WINDOWS\system32\xactengine2_4.dll
2008-04-22 21:05 . 2007-04-04 18:53 81,768 --a------ C:\WINDOWS\system32\xinput1_3.dll
2008-04-22 21:05 . 2007-03-05 12:42 15,128 --a------ C:\WINDOWS\system32\x3daudio1_1.dll
2008-04-22 18:02 . 2007-09-06 00:22 289,144 --a------ C:\WINDOWS\system32\VCCLSID.exe
2008-04-22 18:02 . 2006-04-27 17:49 288,417 --a------ C:\WINDOWS\system32\SrchSTS.exe
2008-04-22 18:02 . 2008-04-14 19:28 86,528 --a------ C:\WINDOWS\system32\VACFix.exe
2008-04-22 18:02 . 2008-04-21 10:01 82,432 --a------ C:\WINDOWS\system32\IEDFix.exe
2008-04-22 18:02 . 2003-06-05 21:13 53,248 --a------ C:\WINDOWS\system32\Process.exe
2008-04-22 18:02 . 2004-07-31 18:50 51,200 --a------ C:\WINDOWS\system32\dumphive.exe
2008-04-22 18:02 . 2007-10-04 00:36 25,600 --a------ C:\WINDOWS\system32\WS2Fix.exe
2008-04-22 17:23 . 2008-04-22 17:23 98,304 --a------ C:\WINDOWS\system32\cnonyjcd.exe
2008-04-22 17:09 . 2008-04-22 17:58 1,540,849 ---hs---- C:\WINDOWS\system32\cpkntvaq.ini
2008-04-22 16:03 . 2008-04-22 16:03 <REP> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-04-22 16:03 . 2008-04-22 16:03 <REP> d-------- C:\Documents and Settings\FARID\Application Data\Malwarebytes
2008-04-22 16:03 . 2008-04-22 16:03 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-04-22 14:28 . 2008-04-22 14:28 1,540,617 ---hs---- C:\WINDOWS\system32\waeddoos.ini
2008-04-22 13:54 . 2008-04-22 13:54 106,496 --a------ C:\WINDOWS\system32\vgxgjyxy.exe
2008-04-22 12:14 . 2008-04-22 15:30 <REP> d-------- C:\VundoFix Backups
2008-04-22 11:58 . 2008-04-22 11:58 106,496 --a------ C:\WINDOWS\system32\qjqbqhwz.exe
2008-04-21 20:39 . 2008-04-21 20:40 1,540,617 ---hs---- C:\WINDOWS\system32\thtlmlgr.ini
2008-04-21 18:05 . 2008-04-21 18:05 244 --ah----- C:\sqmnoopt04.sqm
2008-04-21 18:05 . 2008-04-21 18:05 232 --ah----- C:\sqmdata04.sqm
2008-04-21 17:54 . 2008-04-21 18:00 1,540,677 ---hs---- C:\WINDOWS\system32\jnhtcycn.ini
2008-04-21 17:03 . 2008-04-22 18:17 4,218 --a------ C:\WINDOWS\system32\tmp.reg
2008-04-21 15:08 . 2008-04-21 15:08 94,208 --a------ C:\WINDOWS\system32\almryrcr.exe
2008-04-21 12:57 . 2008-04-21 12:58 114,688 --a------ C:\WINDOWS\system32\exmjuvap.exe
2008-04-21 10:51 . 2008-04-21 11:37 466 ---hs---- C:\WINDOWS\system32\kbrkaodt.ini
2008-04-20 21:15 . 2008-04-20 21:15 98,304 --a------ C:\WINDOWS\system32\nwlmdqrg.exe
2008-04-20 20:27 . 2008-04-20 20:38 294 ---hs---- C:\WINDOWS\system32\txvrkvir.ini
2008-04-20 20:00 . 2008-04-20 20:00 106,496 --a------ C:\WINDOWS\system32\ahsbedyx.exe
2008-04-20 14:35 . 2008-04-20 14:35 294 ---hs---- C:\WINDOWS\system32\cukdxbdv.ini
2008-04-20 14:10 . 2008-04-22 15:19 2,175 --a------ C:\WINDOWS\wininit.ini
2008-04-20 11:26 . 2008-04-20 14:03 1,540,617 ---hs---- C:\WINDOWS\system32\oumgicqj.ini
2008-04-19 21:15 . 2008-04-19 21:16 <REP> d-------- C:\Program Files\Spybot - Search & Destroy
2008-04-19 21:15 . 2008-04-20 14:12 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-04-19 18:20 . 2008-04-21 14:25 <REP> d-------- C:\Documents and Settings\FARID\Application Data\TmpRecentIcons
2008-04-19 18:11 . 2008-04-19 18:11 <REP> dr-h----- C:\Documents and Settings\FARID\Application Data\SecuROM
2008-04-19 12:16 . 2008-04-19 12:16 <REP> d-------- C:\Documents and Settings\All Users\Application Data\spatwtip
2008-04-19 12:16 . 2008-04-18 17:48 184,320 --a------ C:\WINDOWS\qtvglped.dll
2008-04-19 12:16 . 2008-04-18 17:48 102,400 --a------ C:\WINDOWS\npqtsrak.exe
2008-04-19 12:16 . 2008-04-18 17:48 98,304 --a------ C:\WINDOWS\rtqmekwg.exe
2008-04-19 11:52 . 2008-04-19 11:52 <REP> d-------- C:\Program Files\Nouveau dossier
2008-04-13 14:26 . 2008-04-20 21:35 <REP> d-------- C:\Program Files\NCH Software
2008-04-13 14:26 . 2008-04-13 14:26 <REP> d-------- C:\Documents and Settings\All Users\Application Data\NCH Software
2008-04-05 13:59 . 2008-04-05 13:59 <REP> d-------- C:\Documents and Settings\FARID\Application Data\AVS4YOU
2008-04-05 13:55 . 2008-04-05 14:03 <REP> d-------- C:\Documents and Settings\All Users\Application Data\AVS4YOU
2008-04-05 13:45 . 2008-04-20 21:34 <REP> d-------- C:\Program Files\Fichiers communs\AVSMedia
2008-04-05 13:44 . 2008-04-21 20:15 <REP> d-------- C:\Program Files\AVS4YOU
2008-04-05 13:44 . 2007-02-27 19:36 524,288 --a------ C:\WINDOWS\system32\xvidcore.dll
2008-04-05 13:44 . 2007-02-27 19:36 261,632 --a------ C:\WINDOWS\system32\mcdvd_32.dll
2008-04-05 13:44 . 2007-02-27 19:36 156,910 --a------ C:\WINDOWS\WMSysPr8.prx
2008-04-05 13:44 . 2007-02-27 19:36 139,264 --a------ C:\WINDOWS\system32\xvidvfw.dll
2008-04-05 13:44 . 2007-02-27 19:36 82,944 --a------ C:\WINDOWS\system32\vct3216.acm
2008-04-05 13:44 . 2007-02-27 19:36 81,920 --a------ C:\WINDOWS\system32\AC3ACM.acm
2008-04-05 13:44 . 2007-02-27 19:36 38,912 --a------ C:\WINDOWS\system32\alf2cd.acm
2008-04-05 13:44 . 2007-02-27 19:36 24,576 --a------ C:\WINDOWS\system32\msxml3a.dll
2008-04-05 13:44 . 2007-02-27 19:36 13,239 --a------ C:\WINDOWS\system32\Scg726.acm
2008-03-30 14:35 . 2008-03-30 14:35 <REP> d-------- C:\Documents and Settings\FARID\Application Data\EPSON
2008-03-30 14:35 . 2008-03-30 14:35 29 --a------ C:\WINDOWS\DEBUGSM.INI
2008-03-29 19:40 . 2008-03-29 19:40 <REP> d-------- C:\Documents and Settings\All Users\Application Data\UDL
2008-03-29 19:26 . 2008-03-29 19:26 <REP> d-------- C:\Documents and Settings\FARID\Application Data\InstallShield
2008-03-29 19:23 . 2008-03-29 19:23 <REP> d-------- C:\Documents and Settings\All Users\Application Data\EPSON
2008-03-29 19:23 . 2006-12-08 04:04 76,800 --a------ C:\WINDOWS\system32\E_FLBCAE.DLL
2008-03-29 19:23 . 2006-04-19 04:00 62,976 --a------ C:\WINDOWS\system32\E_FD4BCAE.DLL
2008-03-29 19:23 . 2004-09-10 22:12 49,152 --a------ C:\WINDOWS\system32\E_DCINST.DLL
2008-03-29 19:23 . 2004-08-04 00:01 25,856 --a------ C:\WINDOWS\system32\drivers\usbprint.sys
2008-03-29 19:23 . 2004-08-04 00:01 25,856 --a------ C:\WINDOWS\system32\dllcache\usbprint.sys
2008-03-29 19:22 . 2004-08-03 23:58 15,104 --a------ C:\WINDOWS\system32\drivers\usbscan.sys
2008-03-29 19:22 . 2004-08-03 23:58 15,104 --a------ C:\WINDOWS\system32\dllcache\usbscan.sys
2008-03-29 19:14 . 2008-03-29 19:31 <REP> d-------- C:\Program Files\epson
2008-03-29 19:14 . 2006-12-28 01:00 208,896 --a------ C:\WINDOWS\system32\esint7e.dll
2008-03-29 19:14 . 2006-12-28 01:00 66,560 --a------ C:\WINDOWS\system32\eswia7e.dll
2008-03-29 19:14 . 2006-03-10 01:00 3,584 --a------ C:\WINDOWS\system32\eswiaml.dll
2008-03-29 19:13 . 2008-03-29 19:13 27 --a------ C:\WINDOWS\CDE DX4400DEFGIPS.ini

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-04-22 19:50 --------- d-----w C:\Program Files\EA SPORTS
2008-04-22 09:30 --------- d-----w C:\Program Files\Fichiers communs\Symantec Shared
2008-04-19 10:01 --------- d-----w C:\Program Files\Fichiers communs\SureThing Shared
2008-04-16 18:28 3,327 ----a-w C:\Program Files\reloaded.nfo
2008-04-02 18:15 --------- d-----w C:\Program Files\BitComet
2008-03-29 17:55 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-03-29 17:48 --------- d-----w C:\Program Files\Fichiers communs\InstallShield
2008-03-26 14:09 --------- d-----w C:\Program Files\DkZ Studio
2008-03-19 17:51 --------- d-----w C:\Documents and Settings\FARID\Application Data\MechSoft
2008-03-16 14:44 --------- d-----w C:\Program Files\Java
2008-03-09 16:19 141,464 ----a-w C:\Documents and Settings\FARID\Application Data\GDIPFONTCACHEV1.DAT
2008-02-28 13:32 --------- d-----w C:\Documents and Settings\FARID\Application Data\AdobeUM
2007-03-05 17:25 3,032 ----a-w C:\Documents and Settings\FARID\Application Data\wklnhst.dat
2004-08-05 12:00 65,024 --sha-w C:\WINDOWS\system32\asycfilt.dll
2006-08-25 15:51 617,472 --sha-w C:\WINDOWS\system32\comctl32.dll
2004-08-05 12:00 1,028,096 --sha-w C:\WINDOWS\system32\mfc42.dll
2004-08-05 12:00 57,344 --sha-w C:\WINDOWS\system32\mfc42loc.dll
2004-08-05 12:00 413,696 --sha-w C:\WINDOWS\system32\msvcp60.dll
2004-08-05 12:00 343,040 --sha-w C:\WINDOWS\system32\msvcrt.dll
2004-08-05 12:00 253,952 --sha-w C:\WINDOWS\system32\msvcrt20.dll
2007-12-04 18:41 550,912 --sha-w C:\WINDOWS\system32\oleaut32.dll
2004-08-05 12:00 83,456 --sha-w C:\WINDOWS\system32\olepro32.dll
2004-08-05 12:00 30,749 --sha-w C:\WINDOWS\system32\vbajet32.dll
.

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{331330E9-2E19-4160-B151-1232F0A948CF}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 14:00 15360]
"BitComet"="C:\Program Files\BitComet\BitComet.exe" [2007-12-07 17:03 1913656]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-01-09 16:06 68856]
"updateMgr"="C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" [2006-03-30 17:45 313472]
"EPSON Stylus DX4400 Series"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICAE.exe" [2007-03-01 08:01 180736]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2008-01-28 11:43 2097488]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PHIME2002A"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [2004-08-05 14:00 455168]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2005-05-07 00:14 5562368]
"nwiz"="nwiz.exe" [2005-05-07 00:14 1495040 C:\WINDOWS\system32\nwiz.exe]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2005-05-07 00:14 86016]
"SoundMan"="SOUNDMAN.EXE" [2005-01-20 20:04 77824 C:\WINDOWS\SOUNDMAN.EXE]
"PCMService"="c:\Apps\Powercinema\PCMService.exe" [2005-05-11 13:48 127118]
"ccApp"="C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe" [2004-09-07 15:25 58488]
"IMJPMIG8.1"="C:\WINDOWS\IME\imjp8_1\IMJPMIG.exe" [2004-08-05 14:00 208952]
"ACTIVBOARD"="c:\apps\ABoard\ABoard.exe" [2003-05-02 11:31 24576]
"TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" [2005-10-10 18:59 180269]
"DAEMON Tools-1033"="C:\Program Files\D-Tools\daemon.exe" [2003-10-02 03:20 81920]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2005-10-10 19:06 98304]
"F-Secure Manager"="C:\Program Files\Pack Sécurité\Common\FSM32.exe" [ ]
"F-Secure Startup Wizard"="C:\Program Files\Pack Sécurité\FSGUI\FSSW.exe" [ ]
"F-Secure TNB"="C:\Program Files\Pack Sécurité\FSGUI\TNBUtil.exe" [ ]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 05:25 144784]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-05 14:00 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"AllowLegacyWebView"= 1 (0x1)
"AllowUnhashedWebView"= 1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.scg726"= scg726.acm
"msacm.alf2cd"= alf2cd.acm
"vidc.dvsd"= mcdvd_32.dll

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%ProgramFiles%\\AOL 9.0\\aol.exe"=
"%ProgramFiles%\\UBISOFT\\Splinter Cell Pandora Tomorrow\\logo_ubi.exe"=
"%ProgramFiles%\\UBISOFT\\Splinter Cell Pandora Tomorrow\\pandora.exe"=
"%windir%\\system32\\sessmgr.exe"=
"C:\\APPS\\Inventime\\my.exe"=
"C:\\Program Files\\Messenger\\msmsgs.exe"=
"C:\\APPS\\skype\\phone\\Skype.exe"=
"C:\\Program Files\\KONAMI\\Pro Evolution Soccer 2008\\PES2008.exe"=
"C:\\Documents and Settings\\FARID\\Bureau\\PES2008.exe"=
"C:\\Program Files\\BitComet\\BitComet.exe"=
"C:\\Program Files\\SopCast\\adv\\SopAdver.exe"=
"C:\\Program Files\\SopCast\\SopCast.exe"=
"C:\\Program Files\\SopCast\\sopvod.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"13943:TCP"= 13943:TCP:BitComet 13943 TCP
"13943:UDP"= 13943:UDP:BitComet 13943 UDP

R0 FSFW;F-Secure Firewall Driver;C:\WINDOWS\system32\drivers\fsdfw.sys [2006-06-08 18:21]
R0 pnpshark;pnpshark;C:\WINDOWS\system32\DRIVERS\pnpshark.sys [2003-10-02 04:16]
R0 st3shark;st3shark;C:\WINDOWS\system32\DRIVERS\st3shark.sys [2003-09-27 15:37]
R2 BackWeb Plug-in - 361343;Pack Sécurité;C:\PROGRA~1\PACKSC~1\backweb\361343\Program\SERVIC~1.EXE [2008-01-11 18:45]
R2 MSSQL$INVENTORCONTENT;MSSQL$INVENTORCONTENT;C:\Program Files\Microsoft SQL Server\MSSQL$INVENTORCONTENT\Binn\sqlservr.exe [2002-12-17 18:26]
R3 F-Secure Gatekeeper;F-Secure Gatekeeper;C:\Program Files\Pack Sécurité\Anti-Virus\minifilter\fsgk.sys []
S3 PCASp50;PCASp50 NDIS Protocol Driver;C:\WINDOWS\system32\Drivers\PCASp50.sys [2005-11-19 03:13]
S3 S3chipid;S3chipid;C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\{2B43252C-A1E3-4C47-927C-9F2C276D3515}\S3chipid.sys []
S3 SQLAgent$INVENTORCONTENT;SQLAgent$INVENTORCONTENT;C:\Program Files\Microsoft SQL Server\MSSQL$INVENTORCONTENT\Binn\sqlagent.EXE [2002-12-17 18:23]
S4 F-Secure Filter;F-Secure File System Filter;C:\Program Files\Pack Sécurité\Anti-Virus\Win2K\FSfilter.sys []
S4 F-Secure Recognizer;F-Secure File System Recognizer;C:\Program Files\Pack Sécurité\Anti-Virus\Win2K\FSrec.sys []

.
Contenu du dossier 'Scheduled Tasks/Tƒches planifi‚es'
"2008-04-23 10:14:26 C:\WINDOWS\Tasks\Scheduled scanning task.job"
- C:\PROGRA~1\PACKSC~1\ANTI-V~1\fsav.exeQ /HARD /POLICY /SCHED /NOBREAK /REPORT=C:\PROGRA~1\PACKSC~1\ANTI-V~1\report.txt
.
**************************************************************************

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-04-23 16:12:06
Windows 5.1.2600 Service Pack 2 NTFS

Balayage processus cach‚s ...

Balayage cach‚ autostart entries ...

Balayage des fichiers cach‚s ...

Scan termin‚ avec succŠs
Les fichiers cach‚s: 144

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\MysqlInventime]
"ImagePath"="C:\Apps\INVENT~1\mysql\bin\mysqld-nt --defaults-file=C:\Apps\Inventime\mysql\my.ini MysqlInventime"
.
------------------------ Other Running Processes ------------------------
.
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\Program Files\Norton Internet Security\ISSVC.exe
C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
C:\Program Files\Pack Sécurité\backweb\361343\Program\fspex.exe
C:\Program Files\Pack Sécurité\Anti-Virus\fsgk32st.exe
C:\Program Files\Pack Sécurité\Anti-Virus\fsgk32.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe
C:\Program Files\Pack Sécurité\backweb\361343\Program\fsbwsys.exe
C:\Program Files\Pack Sécurité\Common\FSMA32.EXE
C:\APPS\HIDSERVICE\HidService.exe
C:\Program Files\Pack Sécurité\Common\FSMB32.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Pack Sécurité\Common\FCH32.EXE
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\Program Files\Pack Sécurité\Anti-Virus\fsqh.exe
C:\Program Files\Pack Sécurité\Common\FAMEH32.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Pack Sécurité\Anti-Virus\fsrw.exe
C:\Program Files\Pack Sécurité\FSPC\fspc.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\WINDOWS\system32\rundll32.exe
C:\APPS\Powercinema\Kernel\TV\CLSched.exe
C:\APPS\ABOARD\AOSD.EXE
C:\Program Files\Pack Sécurité\Anti-Virus\fssm32.exe
C:\Program Files\Pack Sécurité\FWES\program\fsdfwd.exe
C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
C:\Program Files\Pack Sécurité\Anti-Virus\fsav32.exe
C:\Program Files\Pack Sécurité\Anti-Spyware\fsaw.exe
C:\Program Files\Pack Sécurité\FSGUI\fsguidll.exe
.
**************************************************************************
.
Temps d'accomplissement: 2008-04-23 16:31:30 - machine was rebooted
ComboFix-quarantined-files.txt 2008-04-23 14:29:49

Pre-Run: 100,044,775,424 octets libres
Post-Run: 100,427,112,448 octets libres

311 --- E O F --- 2008-04-17 11:34:55
0
Utilisateur anonyme
 
et un hijackthis stp
0
Réponse 35 / 54
mikia06
 
le voila:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:51:08, on 23/04/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\Program Files\Norton Internet Security\ISSVC.exe
C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\PROGRA~1\PACKSC~1\backweb\361343\Program\SERVIC~1.EXE
c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
C:\Program Files\Pack Sécurité\backweb\361343\Program\fspex.exe
C:\Program Files\Pack Sécurité\Anti-Virus\fsgk32st.exe
C:\Program Files\Pack Sécurité\Anti-Virus\FSGK32.EXE
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe
C:\Program Files\Pack Sécurité\backweb\361343\program\fsbwsys.exe
C:\Program Files\Pack Sécurité\Common\FSMA32.EXE
c:\APPS\HIDSERVICE\HIDSERVICE.exe
C:\Program Files\Pack Sécurité\Common\FSMB32.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Pack Sécurité\Common\FCH32.EXE
C:\Program Files\Microsoft SQL Server\MSSQL$INVENTORCONTENT\Binn\sqlservr.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\Program Files\Pack Sécurité\Anti-Virus\fsqh.exe
C:\Program Files\Pack Sécurité\Common\FAMEH32.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Pack Sécurité\Anti-Virus\fsrw.exe
C:\Program Files\Pack Sécurité\FSPC\fspc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\SOUNDMAN.EXE
c:\APPS\Powercinema\Kernel\TV\CLSched.exe
C:\Apps\Powercinema\PCMService.exe
C:\apps\ABoard\ABoard.exe
C:\apps\ABoard\AOSD.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\D-Tools\daemon.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Pack Sécurité\Common\FSM32.EXE
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\BitComet\BitComet.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Pack Sécurité\Anti-Virus\fssm32.exe
C:\Program Files\Pack Sécurité\FWES\Program\fsdfwd.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Pack Sécurité\Anti-Virus\fsav32.exe
C:\Program Files\Pack Sécurité\Anti-Spyware\fsaw.exe
C:\Program Files\Pack Sécurité\FSGUI\fsguidll.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Pack Sécurité\FSGUI\fsavgui.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NSMdtr.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Documents and Settings\FARID\Bureau\test.exe.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {331330E9-2E19-4160-B151-1232F0A948CF} - (no file)
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.11.30.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Norton Internet Security - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Norton Internet Security - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [PCMService] "c:\Apps\Powercinema\PCMService.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32"
O4 - HKLM\..\Run: [ACTIVBOARD] c:\apps\ABoard\ABoard.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\Pack Sécurité\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure Startup Wizard] "C:\Program Files\Pack Sécurité\FSGUI\FSSW.EXE" /reboot
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\Pack Sécurité\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\RunOnce: [Spybot - Search & Destroy] "C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe" /autocheck
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BitComet] "C:\Program Files\BitComet\BitComet.exe" /tray
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9
O4 - HKCU\..\Run: [EPSON Stylus DX4400 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICAE.EXE /FU "C:\WINDOWS\TEMP\E_SF2.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [Instant Access] C:\WINDOWS\system32\nsinet.exe /res
O4 - HKCU\..\RunOnce: [SpybotDeletingD2961] cmd /c del "C:\WINDOWS\system32\jqcigmuo.dll_old"
O4 - HKCU\..\RunOnce: [SpybotDeletingD3863] cmd /c del "C:\WINDOWS\system32\xxyyxyAr.dll_old"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Pack Sécurité.lnk = ?
O4 - Global Startup: Service Manager.lnk = C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
O8 - Extra context menu item: &Bloquer cette fenêtre pub. - C:\Program Files\Pack Sécurité\Anti-Spyware\blockpopups.htm
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Parental... - {200DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\Pack Sécurité\FSPC\fspcmsie.dll
O9 - Extra button: (no name) - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Program Files\Pack Sécurité\FSPC\fspcmsie.dll
O9 - Extra 'Tools' menuitem: Parental... - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Program Files\Pack Sécurité\FSPC\fspcmsie.dll
O9 - Extra button: Protection IE - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\Pack Sécurité\Anti-Spyware\ieshield.dll
O9 - Extra 'Tools' menuitem: Protection IE... - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\Pack Sécurité\Anti-Spyware\ieshield.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\OFFICE11\REFIEBAR.DLL (file missing)
O9 - Extra button: Organise-notes - {9455301C-CF6B-11D3-A266-00C04F689C50} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Researcher\EROPROJ.DLL
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.1.11.30.dll/206 (file missing)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm
O16 - DPF: {2357B3CF-7F8D-4451-8D81-FD6097610AEE} (CamfrogWEB Advanced Unicode Control) - http://activex.camfrogweb.com/advanced/2.0.2.3/cfweb_activex.camfrogweb.com-advanced-2.0.2.3_instmodule.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: Pack Sécurité (BackWeb Plug-in - 361343) - Pack Securite - C:\PROGRA~1\PACKSC~1\backweb\361343\Program\SERVIC~1.EXE
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - C:\Program Files\Pack Sécurité\Anti-Virus\fsgk32st.exe
O23 - Service: FSBWSYS - F-Secure Corp. - C:\Program Files\Pack Sécurité\backweb\361343\program\fsbwsys.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\Pack Sécurité\FWES\Program\fsdfwd.exe
O23 - Service: FSMA - F-Secure Corporation - C:\Program Files\Pack Sécurité\Common\FSMA32.EXE
O23 - Service: Generic Service for HID Keyboard Input Collections (GenericHidService) - Unknown owner - c:\APPS\HIDSERVICE\HIDSERVICE.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: ISSvc (ISSVC) - Symantec Corporation - C:\Program Files\Norton Internet Security\ISSVC.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: MysqlInventime - Unknown owner - C:\Apps\INVENT~1\mysql\bin\mysqld-nt.exe
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
0
Utilisateur anonyme
 
relance hijackthis et fix les lignes ci dessous

O2 - BHO: (no name) - {331330E9-2E19-4160-B151-1232F0A948CF} - (no file)
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [Instant Access] C:\WINDOWS\system32\nsinet.exe /res
O4 - HKCU\..\RunOnce: [SpybotDeletingD2961] cmd /c del "C:\WINDOWS\system32\jqcigmuo.dll_old"
O4 - HKCU\..\RunOnce: [SpybotDeletingD3863] cmd /c del "C:\WINDOWS\system32\xxyyxyAr.dll_old"
O4 - Global Startup: Pack Sécurité.lnk = ?
O4 - Global Startup: Service Manager.lnk = C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\OFFICE11\REFIEBAR.DLL (file missing)


comment ce comporte ce pc ?
0
Réponse 36 / 54
mikia06
 
voici le rapport:


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:23:26, on 23/04/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\Program Files\Norton Internet Security\ISSVC.exe
C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\PROGRA~1\PACKSC~1\backweb\361343\Program\SERVIC~1.EXE
c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
C:\Program Files\Pack Sécurité\backweb\361343\Program\fspex.exe
C:\Program Files\Pack Sécurité\Anti-Virus\fsgk32st.exe
C:\Program Files\Pack Sécurité\Anti-Virus\FSGK32.EXE
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe
C:\Program Files\Pack Sécurité\backweb\361343\program\fsbwsys.exe
C:\Program Files\Pack Sécurité\Common\FSMA32.EXE
c:\APPS\HIDSERVICE\HIDSERVICE.exe
C:\Program Files\Pack Sécurité\Common\FSMB32.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Pack Sécurité\Common\FCH32.EXE
C:\Program Files\Microsoft SQL Server\MSSQL$INVENTORCONTENT\Binn\sqlservr.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\Program Files\Pack Sécurité\Anti-Virus\fsqh.exe
C:\Program Files\Pack Sécurité\Common\FAMEH32.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Pack Sécurité\Anti-Virus\fsrw.exe
C:\Program Files\Pack Sécurité\FSPC\fspc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\SOUNDMAN.EXE
c:\APPS\Powercinema\Kernel\TV\CLSched.exe
C:\Apps\Powercinema\PCMService.exe
C:\apps\ABoard\ABoard.exe
C:\apps\ABoard\AOSD.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\D-Tools\daemon.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Pack Sécurité\Common\FSM32.EXE
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\BitComet\BitComet.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Pack Sécurité\Anti-Virus\fssm32.exe
C:\Program Files\Pack Sécurité\FWES\Program\fsdfwd.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Pack Sécurité\Anti-Virus\fsav32.exe
C:\Program Files\Pack Sécurité\Anti-Spyware\fsaw.exe
C:\Program Files\Pack Sécurité\FSGUI\fsguidll.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Documents and Settings\FARID\Bureau\test.exe.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {331330E9-2E19-4160-B151-1232F0A948CF} - (no file)
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.11.30.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Norton Internet Security - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Norton Internet Security - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [PCMService] "c:\Apps\Powercinema\PCMService.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32"
O4 - HKLM\..\Run: [ACTIVBOARD] c:\apps\ABoard\ABoard.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\Pack Sécurité\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure Startup Wizard] "C:\Program Files\Pack Sécurité\FSGUI\FSSW.EXE" /reboot
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\Pack Sécurité\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\RunOnce: [Spybot - Search & Destroy] "C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe" /autocheck
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BitComet] "C:\Program Files\BitComet\BitComet.exe" /tray
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9
O4 - HKCU\..\Run: [EPSON Stylus DX4400 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICAE.EXE /FU "C:\WINDOWS\TEMP\E_SF2.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [Instant Access] C:\WINDOWS\system32\nsinet.exe /res
O4 - HKCU\..\RunOnce: [SpybotDeletingD2961] cmd /c del "C:\WINDOWS\system32\jqcigmuo.dll_old"
O4 - HKCU\..\RunOnce: [SpybotDeletingD3863] cmd /c del "C:\WINDOWS\system32\xxyyxyAr.dll_old"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Pack Sécurité.lnk = ?
O4 - Global Startup: Service Manager.lnk = C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
O8 - Extra context menu item: &Bloquer cette fenêtre pub. - C:\Program Files\Pack Sécurité\Anti-Spyware\blockpopups.htm
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Parental... - {200DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\Pack Sécurité\FSPC\fspcmsie.dll
O9 - Extra button: (no name) - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Program Files\Pack Sécurité\FSPC\fspcmsie.dll
O9 - Extra 'Tools' menuitem: Parental... - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Program Files\Pack Sécurité\FSPC\fspcmsie.dll
O9 - Extra button: Protection IE - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\Pack Sécurité\Anti-Spyware\ieshield.dll
O9 - Extra 'Tools' menuitem: Protection IE... - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\Pack Sécurité\Anti-Spyware\ieshield.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\OFFICE11\REFIEBAR.DLL (file missing)
O9 - Extra button: Organise-notes - {9455301C-CF6B-11D3-A266-00C04F689C50} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Researcher\EROPROJ.DLL
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.1.11.30.dll/206 (file missing)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm
O16 - DPF: {2357B3CF-7F8D-4451-8D81-FD6097610AEE} (CamfrogWEB Advanced Unicode Control) - http://activex.camfrogweb.com/advanced/2.0.2.3/cfweb_activex.camfrogweb.com-advanced-2.0.2.3_instmodule.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: Pack Sécurité (BackWeb Plug-in - 361343) - Pack Securite - C:\PROGRA~1\PACKSC~1\backweb\361343\Program\SERVIC~1.EXE
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - C:\Program Files\Pack Sécurité\Anti-Virus\fsgk32st.exe
O23 - Service: FSBWSYS - F-Secure Corp. - C:\Program Files\Pack Sécurité\backweb\361343\program\fsbwsys.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\Pack Sécurité\FWES\Program\fsdfwd.exe
O23 - Service: FSMA - F-Secure Corporation - C:\Program Files\Pack Sécurité\Common\FSMA32.EXE
O23 - Service: Generic Service for HID Keyboard Input Collections (GenericHidService) - Unknown owner - c:\APPS\HIDSERVICE\HIDSERVICE.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: ISSvc (ISSVC) - Symantec Corporation - C:\Program Files\Norton Internet Security\ISSVC.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: MysqlInventime - Unknown owner - C:\Apps\INVENT~1\mysql\bin\mysqld-nt.exe
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
0
Réponse 37 / 54
mikia06
 
ben mon pc marche pour l'instant trés bien. Mais est-ce que c'est normal que je ne paut toujours pas restaurer mon systéme?
0
Utilisateur anonyme
 
as tu fait ceci

http://www.commentcamarche.net/forum/affich 6048715 probleme de spyware?page=2#55

et explique pour ta resto ce qui ce passe
0
Réponse 38 / 54
mikia06
 
oui je l'ai fait. Ben je ne peut pas choisir un pointe de restauration autre que aujourd'hui.. Je ne peut pas accéder au autre mois..
0
Réponse 39 / 54
mikia06
 
mais j'ai un gros probléme avec mon pack neuf, mintenan...
0
Utilisateur anonyme
 
c'est a dire!!

et pour la resto le calendrier a disparu si oui vas sur ce lien
http://www.cybersolus.net/windows/windows_xp/restauration/calendrier_blanc.html
0
Réponse 40 / 54
mikia06
 
pour la restauration ca va...mais mon pack sécurité a été désactivé et un dossier backups a été ajouté sur mon bureau..avec pleins de fichier nommer backup..est-ce normal?
0