[resolu]urgent spyware!!!!!!!!!!!!!!!!!!
Forum Sécurité - Virus : [resolu]urgent spyware!!!!!!!!!!!!!!!!!!
Bonjour,
J'ai un gros probleme car j'avais donc la fenetre warning spyware...... qui s affichait. J'ai alors mis antivir pour enlever cela et je n'est plus cette fenetre, mais je ne suis toujours pas administrateur alors comment faire. Voici un scan hijackthis:
Logfile of HijackThis v1.99.1
Scan saved at 11:39, on 2007-09-17
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16473)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
C:\WINDOWS\system32\agrsmsvc.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\UAService7.exe
C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\ThinkPad\ConnectUtilities\SvcGuiHlpr.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\Explorer.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Shareaza\Shareaza.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Hijackthis Version Française\hijackthis vf.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {1d1b60fd-b21f-4b9a-8a5f-64e8544828d7} - (no file)
R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - (no file)
R3 - URLSearchHook: Multi_Media_France toolbar - {7009fcd4-05be-44f4-9583-93fe419ab7b0} - C:\Program Files\Multi_Media_France\tbMult.dll
F2 - REG:system.ini: Shell=Explorer.exe C:\WINDOWS\system32\printer.exe
O2 - BHO: (no name) - {ABCDECF0-4B15-11D1-ABED-709549C10000} - (no file)
O3 - Toolbar: (no name) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - (no file)
O3 - Toolbar: (no name) - {1d1b60fd-b21f-4b9a-8a5f-64e8544828d7} - (no file)
O3 - Toolbar: Multi_Media_France toolbar - {7009fcd4-05be-44f4-9583-93fe419ab7b0} - C:\Program Files\Multi_Media_France\tbMult.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [WinAVX] C:\WINDOWS\system32\WinAvXX.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O7 - HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O11 - Options group: [INTERNATIONAL] International*
O14 - IERESET.INF: START_PAGE_URL=http://www.lenovo.com/welcome/3000notebook
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/5 [...] plugin.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/bina [...] b56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/ [...] wflash.cab
O16 - DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} - http://camera1.mairie-brest.fr/activex/AMC.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\FICHIE~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\WINDOWS\system32\systems.txt
O20 - Winlogon Notify: ACNotify - ACNotify.dll (file missing)
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Ac Profile Manager Service (AcPrfMgrSvc) - Unknown owner - C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
O23 - Service: Access Connections Main Service (AcSvc) - Lenovo - C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\WINDOWS\system32\agrsmsvc.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - Unknown owner - C:\Program Files\Spyware Doctor\svcntaux.exe (file missing)
O23 - Service: PC Tools Security Service (sdCoreService) - Unknown owner - C:\Program Files\Spyware Doctor\swdsvc.exe (file missing)
O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Sony DADC Austria AG. - C:\WINDOWS\system32\UAService7.exe
O23 - Service: VideoAcceleratorEngine - Unknown owner - C:\PROGRA~1\SPEEDB~1\VideoAcceleratorEngine.exe (file missing)
O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Program Files\Windows Live\installer\WLSetupSvc.exe
Message édité par klanet le 19-09-2007 à 12:58:34
Bonjour
Télécharge SmitfraudFix de S!Ri:
http://siri.urz.free.fr/Fix/SmitfraudFix.exe
Tu le mets sur le Bureau.
Tu ouvres SmitfraudFix, tu double cliques sur SmitfraudFix.cmd et tu choisis l’option 1
Poste le rapport.
Vous avez un problème ? Créez votre propre post !
Répondre à chercheur_
SmitFraudFix v2.225
Rapport fait à 17:28:22.82, 2007-09-17
Executé à partir de C:\Documents and Settings\lanet kevin\Bureau\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Le type du système de fichiers est NTFS
Fix executé en mode normal
»»»»»»»»»»»»»»»»»»»»»»»» Process
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
C:\WINDOWS\system32\agrsmsvc.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\UAService7.exe
C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\ThinkPad\ConnectUtilities\SvcGuiHlpr.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\Explorer.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Shareaza\Shareaza.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\cmd.exe
»»»»»»»»»»»»»»»»»»»»»»»» hosts
Fichier hosts corrompu !
127.0.0.1 www.legal-at-spybot.info
127.0.0.1 legal-at-spybot.info
»»»»»»»»»»»»»»»»»»»»»»»» C:\
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32
C:\WINDOWS\system32\vtr???.dll PRESENT !
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32\LogFiles
»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\lanet kevin
»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\lanet kevin\Application Data
»»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer
»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\LANETK~1\MESDOC~1\Favoris
»»»»»»»»»»»»»»»»»»»»»»»» Bureau
»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files
»»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues
»»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau
»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll
»»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\\WINDOWS\\system32\\systems.txt"
"LoadAppInit_DLLs"=dword:00000001
»»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"System"=""
»»»»»»»»»»»»»»»»»»»»»»»» Rustock
»»»»»»»»»»»»»»»»»»»»»»»» DNS
Description: Carte réseau Broadcom 802.11g - Miniport d'ordonnancement de paquets
DNS Server Search Order: 212.27.54.252
DNS Server Search Order: 212.27.53.252
HKLM\SYSTEM\CCS\Services\Tcpip\..\{DE186D5C-5522-4E9A-8365-8D571671727B}: DhcpNameServer=212.27.54.252 212.27.53.252
HKLM\SYSTEM\CS1\Services\Tcpip\..\{DE186D5C-5522-4E9A-8365-8D571671727B}: DhcpNameServer=212.27.54.252 212.27.53.252
HKLM\SYSTEM\CS2\Services\Tcpip\..\{DE186D5C-5522-4E9A-8365-8D571671727B}: DhcpNameServer=212.27.54.252 212.27.53.252
HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=212.27.54.252 212.27.53.252
HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=212.27.54.252 212.27.53.252
HKLM\SYSTEM\CS2\Services\Tcpip\Parameters: DhcpNameServer=212.27.54.252 212.27.53.252
»»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll
»»»»»»»»»»»»»»»»»»»»»»»» Fin
Re
$$ Télécharge
CCleaner.
http://www.filehippo.com/download_ccleaner.html
Installe le dans un répertoire dédié.
clean.zip
http://www.malekal.com/download/clean.zip
Décompresse-le sur ton bureau (clic droit / extraire tout), tu dois obtenir un dossier clean.
$$ Redémarre en mode sans échec. Attention, tu n'as pas accès à internet dans ce mode, note bien ce que tu as à faire.
Démarres l'ordinateur.
Une fois le chargement du BIOS terminé, il y a un écran noir. Appuyes sur la touche F8 ou F5 jusqu'à l'affichage du menu des options avancées de Windows.
En utilisant les touches du curseur, sélectionnes le mode sans échec approprié et appuyes sur Entrée.
$$ Lance le nettoyage avec CCleaner.
$$ Relance SmitfraudFix. Choisis cette fois l’option 2 et réponds oui à tout.
$$ Ouvre le dossier Clean qui se trouve sur ton bureau, et double-clic sur clean.cmd.
Choisis l'option 2
Enregistre le rapport une fois le scan terminé
$$ Redémarre normalement et communique le deuxième rapport de SmitfraudFix, celui qui se trouve ici C:\rapport_clean.txt avec un nouveau rapport Hijackthis.
Vous avez un problème ? Créez votre propre post !
Répondre à chercheur_
VOILA CE KE TU M A DEMANDER:
SmitFraudFix v2.225
Rapport fait à 18:23:39.68, 2007-09-17
Executé à partir de C:\Documents and Settings\lanet kevin\Bureau\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Le type du système de fichiers est NTFS
Fix executé en mode sans echec
»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Avant SmitFraudFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll
»»»»»»»»»»»»»»»»»»»»»»»» Arret des processus
»»»»»»»»»»»»»»»»»»»»»»»» hosts
192.168.200.3 ad.doubleclick.net
192.168.200.3 ad.fastclick.net
192.168.200.3 ads.fastclick.net
192.168.200.3 atdmt.com
192.168.200.3 awaps.net
192.168.200.3 banner.fastclick.net
192.168.200.3 banners.fastclick.net
192.168.200.3 click.atdmt.com
192.168.200.3 clicks.atdmt.com
192.168.200.3 engine.awaps.net
192.168.200.3 fastclick.net
192.168.200.3 ftp.avp.ch
192.168.200.3 ftp.kasperskylab.ru
192.168.200.3 updates5.kaspersky-labs.com
192.168.200.3 www.awaps.net
192.168.200.3 www.symantec.com
192.168.200.3 www.viruslist.ru
127.0.0.1 babe.the-killer.bz
127.0.0.1 www.babe.the-killer.bz
127.0.0.1 babe.k-lined.com
127.0.0.1 www.babe.k-lined.com
127.0.0.1 did.i-used.cc
127.0.0.1 www.did.i-used.cc
127.0.0.1 coolwwwsearch.com
127.0.0.1 www.coolwwwsearch.com
127.0.0.1 coolwebsearch.com
127.0.0.1 www.coolwebsearch.com
127.0.0.1 hi.studioaperto.net
127.0.0.1 www.hi.studioaperto.net
127.0.0.1 wazzupnet.com
127.0.0.1 www.wazzupnet.com
127.0.0.1 gueb.com
127.0.0.1 www.gueb.com
127.0.0.1 kabex.com
127.0.0.1 www.kabex.com
127.0.0.1 hityou.com
127.0.0.1 www.hityou.com
127.0.0.1 miosearch.com
127.0.0.1 www.miosearch.com
127.0.0.1 blue-elefant.com
127.0.0.1 www.blue-elefant.com
127.0.0.1 babeweb.de
127.0.0.1 www.babeweb.de
127.0.0.1 start-seite.com
127.0.0.1 www.start-seite.com
127.0.0.1 sexolymp.com
127.0.0.1 www.sexolymp.com
127.0.0.1 toriii.cc
127.0.0.1 www.toriii.cc
127.0.0.1 xtipp.de
127.0.0.1 www.xtipp.de
127.0.0.1 urawa.cool.ne.jp
127.0.0.1 777search.com
127.0.0.1 www.777search.com
127.0.0.1 ace-webmaster.com
127.0.0.1 www.ace-webmaster.com
127.0.0.1 aifind.info
127.0.0.1 www.aifind.info
127.0.0.1 amateurliveshow.com
127.0.0.1 www.amateurliveshow.com
127.0.0.1 anarchylolita.com
127.0.0.1 www.anarchylolita.com
127.0.0.1 anarchyporn.com
127.0.0.1 approvedlinks.com
127.0.0.1 www.approvedlinks.com
127.0.0.1 cantfind.com
127.0.0.1 www.cantfind.com
127.0.0.1 castingsamateur.com
127.0.0.1 www.castingsamateur.com
127.0.0.1 cyberrape.com
127.0.0.1 www.cyberrape.com
127.0.0.1 dialerclub.com
127.0.0.1 www.dialerclub.com
127.0.0.1 megago.com
127.0.0.1 exit.megago.com
127.0.0.1 www.megago.com
127.0.0.1 fastmetasearch.com
127.0.0.1 www.fastmetasearch.com
127.0.0.1 findwhatevernow.com
127.0.0.1 www.findwhatevernow.com
127.0.0.1 globesearch.com
127.0.0.1 www.globesearch.com
127.0.0.1 hotfreebies.com
127.0.0.1 www.hotfreebies.com
127.0.0.1 krankin.com
127.0.0.1 www.krankin.com
127.0.0.1 begin2search.com
127.0.0.1 www.begin2search.com
127.0.0.1 mainstreamdollars.com
127.0.0.1 www.mainstreamdollars.com
127.0.0.1 live.sex-explorer.com
127.0.0.1 www.live.sex-explorer.com
127.0.0.1 loveadot.com
127.0.0.1 www.loveadot.com
127.0.0.1 megaseek.net
127.0.0.1 www.megaseek.net
127.0.0.1 mixsearch.com
127.0.0.1 www.mixsearch.com
127.0.0.1 munky.com
127.0.0.1 www.munky.com
127.0.0.1 newtopsites.com
127.0.0.1 www.newtopsites.com
127.0.0.1 noblindlinks.com
127.0.0.1 www.noblindlinks.com
127.0.0.1 babenet.com
127.0.0.1 r.babenet.com
127.0.0.1 www.babenet.com
127.0.0.1 searchresult.net
127.0.0.1 www.searchresult.net
127.0.0.1 sexarena.org
127.0.0.1 www.sexarena.org
127.0.0.1 skeech.com
127.0.0.1 www.skeech.com
127.0.0.1 superwp.by.ru
127.0.0.1 sureseeker.com
127.0.0.1 www.sureseeker.com
127.0.0.1 wethere.com
127.0.0.1 www.wethere.com
127.0.0.1 wowsearch.org
127.0.0.1 www.wowsearch.org
127.0.0.1 xxx.com
127.0.0.1 www.xxx.com
127.0.0.1 art-xxx.com
127.0.0.1 websearch.com
127.0.0.1 www.websearch.com
127.0.0.1 firehunt.com
127.0.0.1 www.firehunt.com
127.0.0.1 partner23.firehunt.com
127.0.0.1 screensaver.it
127.0.0.1 www.screensaver.it
127.0.0.1 cliks.org
127.0.0.1 www.cliks.org
127.0.0.1 xads.cliks.org
127.0.0.1 xwebsearch.biz
127.0.0.1 www.xwebsearch.biz
127.0.0.1 znext.com
127.0.0.1 www.znext.com
127.0.0.1 rawtocash.net
127.0.0.1 www.rawtocash.net
127.0.0.1 7search.com
127.0.0.1 www.7search.com
127.0.0.1 zestyfind.com
127.0.0.1 www.zestyfind.com
127.0.0.1 ntcor.com
127.0.0.1 www.ntcor.com
127.0.0.1 dev.ntcor.com
127.0.0.1 xrenoder.com
127.0.0.1 www.xrenoder.com
127.0.0.1 search.xrenoder.com
127.0.0.1 allcybersearch.com
127.0.0.1 www.allcybersearch.com
127.0.0.1 tinybar.com
127.0.0.1 www.tinybar.com
127.0.0.1 topsite.us
127.0.0.1 www.topsite.us
127.0.0.1 topsites.us
127.0.0.1 www.topsites.us
127.0.0.1 topsitez.us
127.0.0.1 www.topsitez.us
127.0.0.1 true-counter.com
127.0.0.1 www.true-counter.com
127.0.0.1 out.true-counter.com
127.0.0.1 cnetadd.com
127.0.0.1 www.cnetadd.com
127.0.0.1 okmmm.com
127.0.0.1 www.okmmm.com
127.0.0.1 139mm.com
127.0.0.1 www.139mm.com
127.0.0.1 008k.com
127.0.0.1 www.008k.com
127.0.0.1 00hq.com
127.0.0.1 www.00hq.com
127.0.0.1 1-domains-registrations.com
127.0.0.1 www.1-domains-registrations.com
127.0.0.1 100sexlinks.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 1sexparty.com
127.0.0.1 www.1sexparty.com
127.0.0.1 1stpagehere.com
127.0.0.1 www.1stpagehere.com
127.0.0.1 2020search.com
127.0.0.1 www.2020search.com
127.0.0.1 24teen.com
127.0.0.1 www.24teen.com
127.0.0.1 36site.com
127.0.0.1 www.36site.com
127.0.0.1 4corn.net
127.0.0.1 www.4corn.net
127.0.0.1 777top.com
127.0.0.1 www.777top.com
127.0.0.1 8ad.com
127.0.0.1 www.8ad.com
127.0.0.1 aboutclicker.com
127.0.0.1 www.aboutclicker.com
127.0.0.1 abrp.net
127.0.0.1 www.abrp.net
127.0.0.1 accessthefuture.net
127.0.0.1 www.accessthefuture.net
127.0.0.1 acemedic.com
127.0.0.1 www.acemedic.com
127.0.0.1 actionbreastcancer.org
127.0.0.1 www.actionbreastcancer.org
127.0.0.1 activexupdate.com
127.0.0.1 www.activexupdate.com
127.0.0.1 adamsupportgroup.org
127.0.0.1 www.adamsupportgroup.org
127.0.0.1 adasearch.com
127.0.0.1 www.adasearch.com
127.0.0.1 adipics.com
127.0.0.1 www.adipics.com
127.0.0.1 adspics.com
127.0.0.1 www.adspics.com
127.0.0.1 adult-engine-search.com
127.0.0.1 www.adult-engine-search.com
127.0.0.1 adult-erotic-guide.net
127.0.0.1 www.adult-erotic-guide.net
127.0.0.1 adult-friends-finder.net
127.0.0.1 www.adult-friends-finder.net
127.0.0.1 adulthyperlinks.com
127.0.0.1 www.adulthyperlinks.com
127.0.0.1 adulttds.com
127.0.0.1 www.adulttds.com
127.0.0.1 exaccess.ru
127.0.0.1 www.exaccess.ru
127.0.0.1 advert.exaccess.ru
127.0.0.1 agentstudio.com
127.0.0.1 africaspromise.org
127.0.0.1 akril.com
127.0.0.1 alcatel.ws
127.0.0.1 alfa-search.com
127.0.0.1 all-inet.com
127.0.0.1 allabtcars.com
127.0.0.1 allabtjeeps.com
127.0.0.1 allhyperlinks.com
127.0.0.1 allinternetbusiness.com
127.0.0.1 almarvideos.com
127.0.0.1 amandamountains.com
127.0.0.1 amigeek.com
127.0.0.1 amisbusiness.com
127.0.0.1 analmovi.com
127.0.0.1 anin.org
127.0.0.1 annaromeo.com
127.0.0.1 antrocity.com
127.0.0.1 anything4health.com
127.0.0.1 apsua.com
127.0.0.1 aregay.com
127.0.0.1 arheo.com
127.0.0.1 arizonaweb.org
127.0.0.1 armitageinn.com
127.0.0.1 art-func.com
127.0.0.1 artachnid.com
127.0.0.1 asiankingkong.com
127.0.0.1 ass-gals.com
127.0.0.1 athenrye.com
127.0.0.1 avian-ads.com
127.0.0.1 ayakawamura.com
127.0.0.1 ayumitaniguchi.com
127.0.0.1 bannedhost.net
127.0.0.1 barbudafarms.com
127.0.0.1 barnandfence.com
127.0.0.1 batsearch.com
127.0.0.1 baygraphicsllc.com
127.0.0.1 bb-search.com
127.0.0.1 bbbsearch.com
127.0.0.1 bedhome.com
127.0.0.1 bediadance.com
127.0.0.1 bellabasketsfl.com
127.0.0.1 bernaolatwin.com
127.0.0.1 best-counter.com
127.0.0.1 best-hardpics.com
127.0.0.1 best-winning-casino.com
127.0.0.1 bestcrawler.com
127.0.0.1 bestfor.ru
127.0.0.1 bestporngate.com
127.0.0.1 bestxporno.com
127.0.0.1 blackjack-free.net
127.0.0.1 blender.xu.pl
127.0.0.1 bodaciousbabette.com
127.0.0.1 boobdoll.com
127.0.0.1 boobsandtits.com
127.0.0.1 boobsclub.com
127.0.0.1 boredlife.com
127.0.0.1 bowlofogumbo.com
127.0.0.1 bradcoem.org
127.0.0.1 brandiyoung.com
127.0.0.1 brookeburn.com
127.0.0.1 bucps.com
127.0.0.1 burgerkingbigscreen.com
127.0.0.1 buscards.net
127.0.0.1 bustyrussell.com
127.0.0.1 buttejazz.org
127.0.0.1 buyselldomain.net
127.0.0.1 calcioturris.com
127.0.0.1 canberracricketcoaching.com
127.0.0.1 candycantaloupes.com
127.0.0.1 careers.dulcineasystems.net
127.0.0.1 carsands.com
127.0.0.1 carsrentals.net
127.0.0.1 casino-gambling-1.net
127.0.0.1 casino-gambling-2.net
127.0.0.1 casino-onlines.net
127.0.0.1 casino.com.free.game.pogo.gratisdownloads.nl
127.0.0.1 casino2win.net
127.0.0.1 casinomidas.net
127.0.0.1 casinonline.net
127.0.0.1 catallogue.com
127.0.0.1 catsss.da.ru
127.0.0.1 caxa.ru
127.0.0.1 cclebali.org
127.0.0.1 ceewawires.org
127.0.0.1 certumgroup.com
127.0.0.1 chelancatering.com
127.0.0.1 childrenvilla.com
127.0.0.1 chips-4-free.com
127.0.0.1 chrisswasey.com
127.0.0.1 chriswallace.net
127.0.0.1 ckick4thumbs.com
127.0.0.1 clackamasliteraryreview.com
127.0.0.1 clearsearch.cc
127.0.0.1 clearsearch.net
127.0.0.1 clickaire.com
127.0.0.1 clickyestoenter.net
127.0.0.1 clrsch.com
127.0.0.1 cmtapestry.com
127.0.0.1 cool-homepage.co
127.0.0.1 cool-homepage.com
127.0.0.1 cool-search.net
127.0.0.1 cool-search.netfartpost.com
127.0.0.1 cool-web-search.com
127.0.0.1 coolfetishsite.com
127.0.0.1 coolfreehost.com
127.0.0.1 coolfreepage.com
127.0.0.1 coolfreepages.com
127.0.0.1 coolmoneysearch.com
127.0.0.1 coolpornsearch.com
127.0.0.1 coolsearcher.info
127.0.0.1 coolwebsearsh.com
127.0.0.1 copmtraine.com
127.0.0.1 couldnotfind.com
127.0.0.1 count-all.com
127.0.0.1 cracks.me.uk
127.0.0.1 creamedcutties.com
127.0.0.1 creditsearchonline.com
127.0.0.1 crestring.com
127.0.0.1 crooder.com
127.0.0.1 curvedspaces.com
127.0.0.1 cvs.jps.ru
127.0.0.1 cvsymphony.com
127.0.0.1 cydom.com
127.0.0.1 daily-gals.com
127.0.0.1 dancingbabycd.com
127.0.0.1 datanotary.com
127.0.0.1 datareco.com
127.0.0.1 davemarshall.org
127.0.0.1 dcfitusa.com
127.0.0.1 defaultsearch.net
127.0.0.1 desarrollocreativo.com
127.0.0.1 develip.com
127.0.0.1 dewis.spb.ru
127.0.0.1 dewis.us
127.0.0.1 df809jow4wj2304lfd0sf9fsd0a2t4ldf809jow4wj2304lfd0sf9fsd0a2t4ld.biz
127.0.0.1 dietpills4free.com
127.0.0.1 dietpussy.com
127.0.0.1 digistreamsa.com
127.0.0.1 dionforvalleycouncil.org
127.0.0.1 doctorwaldron.com
127.0.0.1 document-not-found.pornpic.org
127.0.0.1 doggyaction.com
127.0.0.1 domain-your-registration.com
127.0.0.1 domains-for-you-online.com
127.0.0.1 domains2003.net
127.0.0.1 domkrat.com
127.0.0.1 dp-host.com
127.0.0.1 dragqueen.gay-clan.com
127.0.0.1 drug-sources-exposed.com
127.0.0.1 drvvv.com
127.0.0.1 dutch-sex.com
127.0.0.1 dvdbank.org
127.0.0.1 e-localad.com
127.0.0.1 e-plus.cc
127.0.0.1 e-websitesolutions.com
127.0.0.1 eases.net
127.0.0.1 easy-search.net
127.0.0.1 easycategories.com
127.0.0.1 ecosrioplatenses.org
127.0.0.1 ecstasyporn.net
127.0.0.1 eikokoike.com
127.0.0.1 epornsex.com
127.0.0.1 euuu.com
127.0.0.1 evidence-detector.biz
127.0.0.1 evilspidercomics.com
127.0.0.1 ewebsearch.net
127.0.0.1 findloss.com
127.0.0.1 excellentsckin.com
127.0.0.1 extremeseek.net
127.0.0.1 faithstevens.com
127.0.0.1 fantasiewelten.com
127.0.0.1 farmsteadbandb.com
127.0.0.1 fartpost.com
127.0.0.1 fastwebfinder.com
127.0.0.1 faxporn.com
127.0.0.1 fickenisgeil.de
127.0.0.1 finance-loans.com
127.0.0.1 find-itnow.com
127.0.0.1 find-uk-health.co.uk
127.0.0.1 find4u.net
127.0.0.1 findit-now.com
127.0.0.1 findthesite.com
127.0.0.1 findthewebsiteyouneed.com
127.0.0.1 www.findthewebsiteyouneed.com
127.0.0.1 fionasteel.com
127.0.0.1 firstbookmark.net
127.0.0.1 fitness-free.com
127.0.0.1 foodvacations.net
127.0.0.1 forex.jps.ru
127.0.0.1 forexcredit.com
127.0.0.1 forexcredit.ru
127.0.0.1 formingfusions.com
127.0.0.1 forsythfire.net
127.0.0.1 forthline.com
127.0.0.1 free-chipes.com
127.0.0.1 free-hit.com
127.0.0.1 free-pics-and-movies.com
127.0.0.1 free-sex-movie-clips.net
127.0.0.1 free4porno.net
127.0.0.1 free64all.com
127.0.0.1 freebookmark.net
127.0.0.1 freebookmarks.net
127.0.0.1 freecategories.com
127.0.0.1 freecoolhost.com
127.0.0.1 freerbhost.com
127.0.0.1 freeshemalepics.net
127.0.0.1 freeyaho.com
127.0.0.1 freshseek.com
127.0.0.1 freshteensite.com
127.0.0.1 gabrielscott.com
127.0.0.1 galpostgirls.com
127.0.0.1 gals-for-free.com
127.0.0.1 gambling-online4you.com
127.0.0.1 gameterror.net
127.0.0.1 gay50.com
127.0.0.1 generalsmeltingofcanada.com
127.0.0.1 geteens.com
127.0.0.1 getpicshere.com
127.0.0.1 gimmezamore.com
127.0.0.1 gimnasiaer.com
127.0.0.1 girls-porn-life.com
127.0.0.1 glbdf.org
127.0.0.1 global-finder.com
127.0.0.1 globe-finder.cc
127.0.0.1 globe-finder.com
127.0.0.1 gocybersearch.com
127.0.0.1 golftennis.net
127.0.0.1 good-mortgages-calculator.com
127.0.0.1 good-mortgages.net
127.0.0.1 goodsexs.com
127.0.0.1 googlebar.jps.ru
127.0.0.1 googlf.com
127.0.0.1 gradforum.org
127.0.0.1 gratis-porn-movie.com
127.0.0.1 gratis-pornopics.com
127.0.0.1 guzzycats.com
127.0.0.1 gzphoenix.com
127.0.0.1 hallnetaccolade.com
127.0.0.1 hand-book.com
127.0.0.1 happyanal.com
127.0.0.1 hard-gals.com
127.0.0.1 hardbodytgp.com
127.0.0.1 hardcoreover.com
127.0.0.1 hardloved.com
127.0.0.1 hardwareseek.net
127.0.0.1 harukaigawa.com
127.0.0.1 hccsolanonapa.org
127.0.0.1 health-protein.com
127.0.0.1 hentai4u.net
127.0.0.1 here4search.com
127.0.0.1 heyrichy.com
127.0.0.1 hi-search.com
127.0.0.1 hiddenguides.com
127.0.0.1 hitlistlyrics.com
127.0.0.1 holidayautostr.com
127.0.0.1 homemortage.ws
127.0.0.1 hostssp.com
127.0.0.1 hot-cartoon-sex.anime.american-teens.net
127.0.0.1 hotbookmark.com
127.0.0.1 hotels-list.net
127.0.0.1 hotelxxxcams.com
127.0.0.1 hotpopup.com
127.0.0.1 hotsearchbox.com
127.0.0.1 hotsex-series.com
127.0.0.1 hotstartpage.com
127.0.0.1 hqsex.biz
127.0.0.1 hugeporn4u.net
127.0.0.1 hunacsa.com
127.0.0.1 hupacasath.com
127.0.0.1 hzsx.com
127.0.0.1 icansearch.net
127.0.0.1 idgsearch.com
127.0.0.1 ie-search.com
127.0.0.1 incestporngate.com
127.0.0.1 infodigger.net
127.0.0.1 infoglobus.com
127.0.0.1 inherhole.com
127.0.0.1 insertthiscock.com
127.0.0.1 insurance-flood.net
127.0.0.1 insuranceall.net
127.0.0.1 internetsearch.ru
127.0.0.1 ionichost.com
127.0.0.1 ionomist.com
127.0.0.1 ipsex.net
127.0.0.1 itsanal.com
127.0.0.1 itseasy.us
127.0.0.1 iweb-commerce.com
127.0.0.1 iwebland.com
127.0.0.1 jeannineoldfield.com
127.0.0.1 jethomepage.com
127.0.0.1 jetseeker.com
127.0.0.1 jmhgallery.org
127.0.0.1 joannelatham.com
127.0.0.1 judin.ru
127.0.0.1 junkysex.com
127.0.0.1 karleyt.narod.ru
127.0.0.1 kathisomers.com
127.0.0.1 kazaa-lite.ws
127.0.0.1 keithgreenpro.com
127.0.0.1 kenmccaul.com
127.0.0.1 kilosex.com
127.0.0.1 kimhines.com
127.0.0.1 kinoru.com
127.0.0.1 ksdspups.org
127.0.0.1 landrape.com
127.0.0.1 lauraroebuck.com
127.0.0.1 leannalovelace.com
127.0.0.1 lesobank.ru
127.0.0.1 libertyonlinehosting.com
127.0.0.1 lingerie-mania.com
127.0.0.1 lisamatthew.com
127.0.0.1 liveholio.com
127.0.0.1 livenewspaper.com
127.0.0.1 louiseleeds.com
127.0.0.1 love-pix.com
127.0.0.1 lovelas.com
127.0.0.1 lovelysearch.com
127.0.0.1 low-taxes.com
127.0.0.1 luckysearch.net
127.0.0.1 lunitaweb.net
127.0.0.1 lustful-porno.com
127.0.0.1 mackinnonsbrook.org
127.0.0.1 madfinder.com
127.0.0.1 madisonmoons.com
127.0.0.1 madisonoilco.com
127.0.0.1 madonalive.com
127.0.0.1 majuozawa.com
127.0.0.1 makin-do.com
127.0.0.1 male4free.com
127.0.0.1 map-quest.org
127.0.0.1 marilynchamber.com
127.0.0.1 martfinder.com
127.0.0.1 massearch.com
127.0.0.1 matetrava.com
127.0.0.1 mature50.com
127.0.0.1 matureporngate.com
127.0.0.1 maxdzines.com
127.0.0.1 mcgeeforlabor.com
127.0.0.1 mdstunisie.org
127.0.0.1 medicare-insurance.net
127.0.0.1 medicare-supplemental.com
127.0.0.1 mega-dating-tips.com
127.0.0.1 megumikanzaki.com
127.0.0.1 meshalynn.com
127.0.0.1 meta-adult.com
127.0.0.1 meta-casino.com
127.0.0.1 meta-mobile.com
127.0.0.1 meta-porn.com
127.0.0.1 metafora.ru
127.0.0.1 metapoisk.ru
127.0.0.1 michiyonakajima.com
127.0.0.1 miconsultamedica.com
127.0.0.1 mikasakamoto.com
127.0.0.1 mikoni.com
127.0.0.1 militarygods.porn4porn.net
127.0.0.1 millennialpeople.org
127.0.0.1 mipham.org
127.0.0.1 missingcommand.com
127.0.0.1 mommykiss.com
127.0.0.1 moneyhunters.com
127.0.0.1 montgomeryhospitalanesthesia.com
127.0.0.1 morflot.com
127.0.0.1 mortgage-debt.net
127.0.0.1 mortismaximus.com
127.0.0.1 moscowwhores.com
127.0.0.1 moviecategories.com
127.0.0.1 mp3-pix.com
127.0.0.1 mrtg.jps.ru
127.0.0.1 msn-info.net
127.0.0.1 multipussy.com
127.0.0.1 mundopolar.com
127.0.0.1 mustv.com
127.0.0.1 mywebsearch.net
127.0.0.1 nativehardcore.com
127.0.0.1 naturalspy.com
127.0.0.1 nbasportsbook.net
127.0.0.1 nellyslyrics.com
127.0.0.1 nepgyan.com
127.0.0.1 nesrecords.com
127.0.0.1 netshastra.net
127.0.0.1 nettime.ru
127.0.0.1 nettracker.jps.ru
127.0.0.1 netyellowpages.info
127.0.0.1 new-incest.com
127.0.0.1 newcategories.com
127.0.0.1 newcracks.com
127.0.0.1 newcracks.net
127.0.0.1 newlife-lajolla.com
127.0.0.1 newsexgate.com
127.0.0.1 newtonsracks.com
127.0.0.1 newxpics.com
127.0.0.1 nhlsportsbook.net
127.0.0.1 niagaracapital.com
127.0.0.1 niche-tv.com
127.0.0.1 nmrba.com
127.0.0.1 nocalories.net
127.0.0.1 nocensor.com
127.0.0.1 ormandcompany.com
127.0.0.1 nsbabes.com
127.0.0.1 nuclearwitness.org
127.0.0.1 nursemania.com
127.0.0.1 nvntour.com
127.0.0.1 nvphall.org
127.0.0.1 oborot.com
127.0.0.1 ocalalivestockmarket.com
127.0.0.1 ocsff.com
127.0.0.1 oeatlanta.com
127.0.0.1 oharrowsearch.com
127.0.0.1 ok-search.com
127.0.0.1 okulta.com
127.0.0.1 omegabrains.net
127.0.0.1 online-casino-1.net
127.0.0.1 online-casino-bonus.info
127.0.0.1 online-casinos-x.com
127.0.0.1 online-winning.net
127.0.0.1 onlineserverz.com
127.0.0.1 onlinetradings.net
127.0.0.1 onlycunt.com
127.0.0.1 onlyinsured.com
127.0.0.1 operanabuco.com
127.0.0.1 opsex.com
127.0.0.1 oregoncharters.org
127.0.0.1 otrlives.com
127.0.0.1 ozawamadoka.com
127.0.0.1 paigesummer.com
127.0.0.1 pamelacollections.com
127.0.0.1 panamcup.com
127.0.0.1 pantygirls4u.com
127.0.0.1 pantyhoserealm.com
127.0.0.1 pantyplace.com
127.0.0.1 pastubes.com
127.0.0.1 paulapage.com
127.0.0.1 paulhoover.com
127.0.0.1 payfortraffic.net
127.0.0.1 pedo.ws
127.0.0.1 people.1gb.ru
127.0.0.1 pervertbot.com
127.0.0.1 pharma-diet-pills.com
127.0.0.1 pharmacy2003.com
127.0.0.1 pharmalocator.com
127.0.0.1 phendimetrazine-tenuate-adipex.com
127.0.0.1 pics-videos.com
127.0.0.1 picsdir.com
127.0.0.1 picsforbucks.com
127.0.0.1 picsofseductiveladies.com
127.0.0.1 pills-birth-control.com
127.0.0.1 pillsmall.com
127.0.0.1 pilotronix.com
127.0.0.1 pixpox.com
127.0.0.1 planemusic.com
127.0.0.1 poiska.net
127.0.0.1 poker-casino-free.com
127.0.0.1 poker-games-free.net
127.0.0.1 polradiologia.com
127.0.0.1 pooi.net
127.0.0.1 porn-teacher.com
127.0.0.1 porncamz.com
127.0.0.1 pornfree.info
127.0.0.1 pornnightdreams.com
127.0.0.1 pornokopec.com
127.0.0.1 porntetris.com
127.0.0.1 porntwist.com
127.0.0.1 powerwebsearch.com
127.0.0.1 prblitz.com
127.0.0.1 pretypics.com
127.0.0.1 pribalt.com
127.0.0.1 privacy-support.biz
127.0.0.1 privateporn.net
127.0.0.1 prostactive.com
127.0.0.1 prostol.com
127.0.0.1 protect-yourself.biz
127.0.0.1 prsainlandempire.org
127.0.0.1 put-your-link-here.com
127.0.0.1 pyrocorp.com
127.0.0.1 quick-search.ws
127.0.0.1 quiksearchgenealogy.com
127.0.0.1 radfrall.org
127.0.0.1 ramgo.com
127.0.0.1 ranafrog.ne
127.0.0.1 rapegate.com
127.0.0.1 redbudbmx.com
127.0.0.1 refinance-help.com
127.0.0.1 removeearthkeepers.org
127.0.0.1 rightfinder.net
127.0.0.1 robbsproshop.com
127.0.0.1 robertferencz.com
127.0.0.1 rotocasters.com
127.0.0.1 royalsearch.net
127.0.0.1 runsearch.com
127.0.0.1 russiansponsor.com
127.0.0.1 russogay.com
127.0.0.1 s2.exocrew.com
127.0.0.1 sacitylife.com
127.0.0.1 samplegals.com
127.0.0.1 sbssurvivor.com
127.0.0.1 scarypix.com
127.0.0.1 sccdnet.com
127.0.0.1 schoolforest.com
127.0.0.1 search-1.net
127.0.0.1 search-2003.com
127.0.0.1 search-about.net
127.0.0.1 search-hawk.com
127.0.0.1 search-log.com
127.0.0.1 search-meta.com
127.0.0.1 search-safe.com
127.0.0.1 search.psn.cn
127.0.0.1 searchadultweb.com
127.0.0.1 searchbutler.com
127.0.0.1 searchbuttler.com
127.0.0.1 searchbutler.org
127.0.0.1 searchcomplete.com
127.0.0.1 searchdesire.com
127.0.0.1 searchdot.net
127.0.0.1 searchexpander.com
127.0.0.1 searchfastnet.com
127.0.0.1 searchforge.com
127.0.0.1 searching-the-net.com
127.0.0.1 searchmeta.md
127.0.0.1 searchmeta.net
127.0.0.1 searchmeta.ru
127.0.0.1 searchmeta.webhost.ru
127.0.0.1 searchnow.ws
127.0.0.1 searchonfly.com
127.0.0.1 searchv.com
127.0.0.1 searchxl.com
127.0.0.1 searchxp.com
127.0.0.1 sebot.com
127.0.0.1 securenp.org
127.0.0.1 security-warning.biz
127.0.0.1 seehardcore.com
127.0.0.1 seekwell.net
127.0.0.1 selfbookmark.com
127.0.0.1 selfbookmark.info
127.0.0.1 selfbookmark.net
127.0.0.1 sex.free4porno.net
127.0.0.1 sex-coach.com
127.0.0.1 sex-festival.com
127.0.0.1 sex-video-galleries.com
127.0.0.1 sexgalleries4all.com
127.0.0.1 sexmoviesnet.com
127.0.0.1 sexpatriot.net
127.0.0.1 sexy18.cc
127.0.0.1 sexycat.adult-host.org
127.0.0.1 sfbayfolkboats.com
127.0.0.1 sgirls.net
127.0.0.1 sharempeg.com
127.0.0.1 shopcards.net
127.0.0.1 shopknights.com
127.0.0.1 sic02.com
127.0.0.1 sintrader.com
127.0.0.1 site1.ru
127.0.0.1 sites-in-web.com
127.0.0.1 sitevictoria.com
127.0.0.1 sixroads.com
127.0.0.1 skakalka.ru
127.0.0.1 slawsearch.com
127.0.0.1 slotch.com
127.0.0.1 slotchbar.com
127.0.0.1 smartsumo.com
127.0.0.1 smutarchive.net
127.0.0.1 solongas.com
127.0.0.1 sonomaevents.com
127.0.0.1 spermatrix.com
127.0.0.1 sportbooks-free4you.com
127.0.0.1 spros.com
127.0.0.1 spyass.com
127.0.0.1 spyorgy.net
127.0.0.1 staceyowens.com
127.0.0.1 stacistaxx.com
127.0.0.1 stacystaxx.com
127.0.0.1 start-space.com
127.0.0.1 steamycock.com
127.0.0.1 sterva.com
127.0.0.1 stevecashdollar.com
127.0.0.1 stop-tracking.biz
127.0.0.1 stopvotefraud.com
127.0.0.1 stopxxxpics.com
127.0.0.1 strekoza.com
127.0.0.1 stuffstore.com
127.0.0.1 styleclickink.com
127.0.0.1 summercollins.com
127.0.0.1 summitcross.com
127.0.0.1 super-spider.com
127.0.0.1 super-websearch.com
127.0.0.1 supersexmachine.com
127.0.0.1 superwebsearch.com
127.0.0.1 supret.com
127.0.0.1 suzannebrecht.com
127.0.0.1 sweeteenz.com
127.0.0.1 tacil.org
127.0.0.1 tangounion.com
127.0.0.1 tastethemusic.com
127.0.0.1 tax-refund4you.com
127.0.0.1 tech-jobs.ws
127.0.0.1 technology-related.com
127.0.0.1 teen-biz.com
127.0.0.1 teen-pic-post.com
127.0.0.1 teenpornosex.com
127.0.0.1 teens4free.net
127.0.0.1 teensact.com
127.0.0.1 teensgate.com
127.0.0.1 teensguru.com
127.0.0.1 teenswamp.com
127.0.0.1 testosterone-birth-control.com
127.0.0.1 the-exit.com
127.0.0.1 the-huns-yellow-pages.com
127.0.0.1 thefakejournal.com
127.0.0.1 thehuy.net
127.0.0.1 theproxy.org
127.0.0.1 therealsearch.com
127.0.0.1 thesten.com
127.0.0.1 thornleygroup.com
127.0.0.1 tings.org
127.0.0.1 tit-x.com
127.0.0.1 titanvision.com
127.0.0.1 titsianna.com
127.0.0.1 toddhayes.com
127.0.0.1 toon-comics.com
127.0.0.1 tooncomics.com
127.0.0.1 topsearcher.com
127.0.0.1 trafficback.com
127.0.0.1 trafficswitcher.com
127.0.0.1 travel.picture-posters.com
127.0.0.1 true-portal.com
127.0.0.1 trytechnical.com
127.0.0.1 ufindall.click-now.net
127.0.0.1 umaxsearch.com
127.0.0.1 une-autre-france.com
127.0.0.1 unigays.com
127.0.0.1 unipages.cc
127.0.0.1 up2you.ru
127.0.0.1 urlstat.com
127.0.0.1 urlstat.ru
127.0.0.1 uralitel.ru
127.0.0.1 ursie.net
127.0.0.1 utahsweet.com
127.0.0.1 utopicportal.com
127.0.0.1 uusocialjustice.org
127.0.0.1 v61.com
127.0.0.1 vaginpics.com
127.0.0.1 valmyers.com
127.0.0.1 vegas-free.com
127.0.0.1 vegbuy.com
127.0.0.1 veloventures.com
127.0.0.1 verzila.com
127.0.0.1 victoriaadam.com
127.0.0.1 videocategories.com
127.0.0.1 vitamins-for-each.com
127.0.0.1 votehowe.org
127.0.0.1 vxebony.com
127.0.0.1 wakeupdick.com
127.0.0.1 warnomore.org
127.0.0.1 watersport-specialties.com
127.0.0.1 web-homepage.net
127.0.0.1 web-search.tk
127.0.0.1 webcoolsearch.com
127.0.0.1 websearchdot.com
127.0.0.1 weekend-movies.com
127.0.0.1 wetpornostars.com
127.0.0.1 whatsyoursearch.com
127.0.0.1 white-pages.ws
127.0.0.1 whittierblvd.com
127.0.0.1 win-in-casino.com
127.0.0.1 wiresearch.com
127.0.0.1 wolfpacracing.com
127.0.0.1 wordlist.jps.ru
127.0.0.1 wpc2001.org
127.0.0.1 wspzone.sexpornonline.com
127.0.0.1 wwwbet.net
127.0.0.1 wwwbetting.net
127.0.0.1 wwwpokergames.com
127.0.0.1 wwwpokerplayers.com
127.0.0.1 wwwroulette.net
127.0.0.1 x-library.com
127.0.0.1 x-webdesign.com
127.0.0.1 xcomics4u.com
127.0.0.1 xic-bs.com
127.0.0.1 xldr.com
127.0.0.1 xp18.com
127.0.0.1 xrenosearch.com
127.0.0.1 xtragay.com
127.0.0.1 xu.xu.pl
127.0.0.1 xxxcategories.com
127.0.0.1 xxxemailxxx.com
127.0.0.1 y-e-l-l-o-w.com
127.0.0.1 yellow500.com
127.0.0.1 yezol.com
127.0.0.1 you-search.com
127.0.0.1 you-search.com.ru
127.0.0.1 youfindall.com
127.0.0.1 youfindall.net
127.0.0.1 your-prescriptions.net
127.0.0.1 yourbookmarks.info
127.0.0.1 yourbookmarks.ws
127.0.0.1 ypir.com
127.0.0.1 ysa-info.net
127.0.0.1 yukohamano.com
127.0.0.1 ywebsearch.info
127.0.0.1 zapros.com
127.0.0.1 zesearch.com
127.0.0.1 ziportal.com
127.0.0.1 zipportal.com
127.0.0.1 zoneoffreeporn.com
127.0.0.1 zoomegasite.com
127.0.0.1 zvimigdal.com
127.0.0.1 zyban-zocor-levitra.com
127.0.0.1 t.rack.cc
127.0.0.1 omega-search.com
127.0.0.1 cool-xxx.net
127.0.0.1 revolto3.da.ru
127.0.0.1 dating-search.net
127.0.0.1 linksummary.com
127.0.0.1 duolaimi.net
127.0.0.1 ez-searching.com
127.0.0.1 freehqmovies.com
127.0.0.1 xzoomy.com
127.0.0.1 freescratchandwin.com
127.0.0.1 globalwebsearch.com
127.0.0.1 www.gocybersearch.com
127.0.0.1 mayancasino.com
127.0.0.1 www.hastalavista.com
127.0.0.1 www.free-popup-killer.com
127.0.0.1 www.digitalfan.com
127.0.0.1 google123.web1000.com
127.0.0.1 search.ieplugin.com
127.0.0.1 i-lookup.com
127.0.0.1 spidersearch.com
127.0.0.1 istarthere.com
127.0.0.1 xxxtoolbar.com
127.0.0.1 www.seekporn.org
127.0.0.1 17-plus.com
127.0.0.1 lolita4all1.xrensmagpost.com
127.0.0.1 mafiapics.com
127.0.0.1 www.teenmonster.com
127.0.0.1 ie.marketdart.com
127.0.0.1 masterbar.com
127.0.0.1 search.netzany.co
127.0.0.1 only-virgins.com
127.0.0.1 passthison.com
127.0.0.1 blondetgp.com
127.0.0.1 prolivation.com
127.0.0.1 server-au.imrworldwide.com
127.0.0.1 rocketsearch.com
127.0.0.1 roar.com
127.0.0.1 searchaccurate.com
127.0.0.1 searchalot.com
127.0.0.1 searchandbrowse.com
127.0.0.1 gtawarehouse.com
127.0.0.1 startium.com
127.0.0.1 searchandclick.com
127.0.0.1 searchby.net
127.0.0.1 searchdot.com
127.0.0.1 search-exe.com
127.0.0.1 secret-crush.com
127.0.0.1 seekseek.com
127.0.0.1 sexarena.com
127.0.0.1 sexocean.play-lolita.com
127.0.0.1 startsurfing.com
127.0.0.1 srng.net
127.0.0.1 apps.webservicehost.com
127.0.0.1 search.shopnav.com
127.0.0.1 wish7.com
127.0.0.1 www.supersexpass.com
127.0.0.1 surferbar.com
127.0.0.1 xlola.underagehost.com
127.0.0.1 hotlolitas.underagehost.com
127.0.0.1 loading-lolita.com
127.0.0.1 www.xupiter.com
127.0.0.1 xjupiter.com
127.0.0.1 www.xjupiter.com
127.0.0.1 www.browserwise.com
127.0.0.1 sqwire.com
127.0.0.1 orbitexplorer.com
127.0.0.1 searchcentrix.com
127.0.0.1 categories.mygeek.com
127.0.0.1 web-entrance.co
127.0.0.1 whazit.com
127.0.0.1 windowenhancer.com
127.0.0.1 buz.ru
127.0.0.1 iwon.com
127.0.0.1 www.bonzi.com
127.0.0.1 featured-results.com
127.0.0.1 searchmadesafe.net
127.0.0.1 quicklaunch.com
127.0.0.1 www.cashsurfers.com
127.0.0.1 lop.com
127.0.0.1 tjdo.com
127.0.0.1 ebav.com
127.0.0.1 ebgo.com
127.0.0.1 ebaw.com
127.0.0.1 ebkb.com
127.0.0.1 ebmu.com
127.0.0.1 ecmp.com
127.0.0.1 edhq.com
127.0.0.1 edty.com
127.0.0.1 sbee.com
127.0.0.1 aavc.com
127.0.0.1 acjp.com
127.0.0.1 ecmh.com
127.0.0.1 emch.com
127.0.0.1 ecpm.com
127.0.0.1 wabu.com
127.0.0.1 wabq.com
127.0.0.1 ebch.com
127.0.0.1 ebdv.com
127.0.0.1 ebdw.com
127.0.0.1 ebjp.com
127.0.0.1 ebkn.com
127.0.0.1 ebky.com
127.0.0.1 eblv.com
127.0.0.1 wbkb.com
127.0.0.1 ebvr.com
127.0.0.1 ecwz.com
127.0.0.1 ecyb.com
127.0.0.1 eduy.com
127.0.0.1 eeev.com
127.0.0.1 farse.com
127.0.0.1 ibmx.com
127.0.0.1 icwb.com
127.0.0.1 icwo.com
127.0.0.1 icwp.com
127.0.0.1 iddh.com
127.0.0.1 idhh.com
127.0.0.1 ifiz.com
127.0.0.1 iguu.com
127.0.0.1 samz.com
127.0.0.1 saoe.com
127.0.0.1 sbjr.com
127.0.0.1 sbnl.com
127.0.0.1 sbnt.com
127.0.0.1 sbvr.com
127.0.0.1 scbm.com
127.0.0.1 sckr.com
127.0.0.1 scrk.com
127.0.0.1 sdry.com
127.0.0.1 seld.com
127.0.0.1 sfux.com
127.0.0.1 sheat.com
127.0.0.1 sipo.com
127.0.0.1 smds.com
127.0.0.1 srib.com
127.0.0.1 srox.com
127.0.0.1 srsf.com
127.0.0.1 ssaw.com
127.0.0.1 ssby.com
127.0.0.1 surj.com
127.0.0.1 tbvg.com
127.0.0.1 tdak.com
127.0.0.1 tdmy.com
127.0.0.1 tefs.com
127.0.0.1 tfil.com
127.0.0.1 tjar.com
127.0.0.1 tjaw.com
127.0.0.1 tjgo.com
127.0.0.1 tjem.com
127.0.0.1 torc.com
127.0.0.1 wfix.com
127.0.0.1 wflu.com
127.0.0.1 tdko.com
127.0.0.1 thko.com
127.0.0.1 H24413.tfil.com
127.0.0.1 germany.rub.to
127.0.0.1 search.rub.to
127.0.0.1 unitedstates.rub.to
127.0.0.1 www.commonname.com
127.0.0.1 www.ezcybersearch.com
127.0.0.1 www.jethomepage.com
127.0.0.1 www.gohip.com
127.0.0.1 hotbar.com
127.0.0.1 www.huntbar.com
127.0.0.1 search.imiserver.com
127.0.0.1 searchenhancement.com
127.0.0.1 newtonknows.com
127.0.0.1 search-explorer.net
127.0.0.1 searchsquire.com
127.0.0.1 secondpower.com
127.0.0.1 2ndpower.com
127.0.0.1 searchgateway.net
127.0.0.1 worldusa.com
127.0.0.1 www.topsearcher.com
127.0.0.1 smutserver.com
127.0.0.1 searchmeup.com
127.0.0.1 cameup.com
127.0.0.1 kliksearch.com
127.0.0.1 realphx.com
127.0.0.1 blazefind.com
127.0.0.1 zoofil.com
127.0.0.1 terafinder.com
127.0.0.1 008i.com
127.0.0.1 171203.com
127.0.0.1 39-93.com
127.0.0.1 adult-personal.us
127.0.0.1 cashsearch.biz
127.0.0.1 cl55.biz
127.0.0.1 dailyteenspic.com
127.0.0.1 dialer2004.com
127.0.0.1 digital-pornography.com
127.0.0.1 eager-sex.com
127.0.0.1 ergosites.com
127.0.0.1 freecj.com
127.0.0.1 greg-search.com
127.0.0.1 incest-host.com
127.0.0.1 ironcarteam.com
127.0.0.1 is-best.com
127.0.0.1 killerpornstars.com
127.0.0.1 lollitop.com
127.0.0.1 love-host.com
127.0.0.1 myexexex.com
127.0.0.1 my-finder.com
127.0.0.1 onlineclick.net
127.0.0.1 onlysex.ws
127.0.0.1 regfreeze.com
127.0.0.1 ruworld.com
127.0.0.1 selltraffic.biz
127.0.0.1 sexunique.net
127.0.0.1 sinpussy.com
127.0.0.1 teenhost.net
127.0.0.1 ultraload.net
127.0.0.1 vse-moe.biz
127.0.0.1 xsex.ws
127.0.0.1 75tz.com
127.0.0.1 iefeadsl.com
127.0.0.1 rf104.com
127.0.0.1 www.v61.com
127.0.0.1 ads.centralmedia.ws
127.0.0.1 c.centralmedia.ws
127.0.0.1 count.cc
127.0.0.1 topx.cc
127.0.0.1 sidefind.com
127.0.0.1 thenewsearch.com
127.0.0.1 new-search.net
127.0.0.1 x-google.net
127.0.0.1 adultgambling.org
127.0.0.1 bitchesonline.net
127.0.0.1 girls4rent.net
127.0.0.1 usefullsoft.net
127.0.0.1 livegambling.com
127.0.0.1 adultsgames.net
127.0.0.1 easyantispy.com
127.0.0.1 spybotremover.net
127.0.0.1 winprotect.net
127.0.0.1 funny-girls.com
127.0.0.1 winmsn.com
127.0.0.1 oneclicksearches.com
127.0.0.1 bestweblinks.com
127.0.0.1 iqsearch.net
127.0.0.1 dumpserv.com
127.0.0.1 helpyoursearch.com
127.0.0.1 sgrunt.biz
127.0.0.1 yeak.net
127.0.0.1 u45.cx
127.0.0.1 u46.cx
127.0.0.1 u47.cc
127.0.0.1 u48.cc
127.0.0.1 sfonditalia.biz
127.0.0.1 realarea.biz
127.0.0.1 archiviosex.net
127.0.0.1 agava.com
127.0.0.1 agava.ru
127.0.0.1 hut1.ru
127.0.0.1 hu15.ru
127.0.0.1 winfixer.com
127.0.0.1 3721.com
127.0.0.1 easysearchingtips.com
127.0.0.1 fine-search.net
127.0.0.1 noproblemsurf.com
127.0.0.1 pcspyremover.com
127.0.0.1 search-motor.com
127.0.0.1 searchwhatuwant.com
127.0.0.1 ad25.com
127.0.0.1 ad45.com
127.0.0.1 ad77.com
127.0.0.1 ad86.com
127.0.0.1 full-search.net
127.0.0.1 go2-search.com
127.0.0.1 onemoresearch.net
127.0.0.1 search-777.com
127.0.0.1 search-to-find.com
127.0.0.1 search-what.net
127.0.0.1 winshow.biz
127.0.0.1 lookfor.cc
127.0.0.1 looking-for.cc
127.0.0.1 tgp-4-you.com
127.0.0.1 veryeasysearch.com
127.0.0.1 010402.com
127.0.0.1 20x2p.com
127.0.0.1 db105.com
127.0.0.1 ga31.com
127.0.0.1 mpeg-look.com
127.0.0.1 n-udd.com
127.0.0.1 p-uud.com
127.0.0.1 porn-screen.com
127.0.0.1 rb37.com
127.0.0.1 t058.com
127.0.0.1 u-239.com
127.0.0.1 v-224.com
127.0.0.1 trackhits.cc
127.0.0.1 tracktraff.cc
127.0.0.1 power-cleaner.com
127.0.0.1 yoursitebar.com
127.0.0.1 ysbweb.com
127.0.0.1 www.ysbweb.com
127.0.0.1 installcash.com
127.0.0.1 toolbarcash.com
127.0.0.1 enjoywebsurf.com
127.0.0.1 msnguard.cc
127.0.0.1 searchclick.cc
127.0.0.1 havy.biz
127.0.0.1 ewizard.cc
127.0.0.1 4klm.com
127.0.0.1 camup.net
127.0.0.1 bdsmlibrary.net
127.0.0.1 n-glx.s-redirect.com
127.0.0.1 aaasexypics.com
127.0.0.1 allforadult.com
127.0.0.1 autoescrowpay.com
127.0.0.1 awmcash.biz
127.0.0.1 awmdabest.com
127.0.0.1 buldog-stats.com
127.0.0.1 counter.sexmaniack.com
127.0.0.1 fregat.drocherway.com
127.0.0.1 greg-tut.com
127.0.0.1 iframe.biz
127.0.0.1 megapornix.com
127.0.0.1 newiframe.biz
127.0.0.1 nylonsexy.com
127.0.0.1 pizdato.biz
127.0.0.1 sexfiles.nu
127.0.0.1 slutmania.biz
127.0.0.1 sp2fucked.biz
127.0.0.1 toolbarpartner.com
127.0.0.1 vesbiz.biz
127.0.0.1 virgin-tgp.net
127.0.0.1 vparivalka.com
127.0.0.1 x.full-tgp.net
127.0.0.1 toolbar.cc
127.0.0.1 himen.biz
127.0.0.1 msupdater.net
127.0.0.1 www.msupdater.net
127.0.0.1 1800searchonline.com
127.0.0.1 www.1800searchonline.com
127.0.0.1 1stsearchportal.com
127.0.0.1 www.1stsearchportal.com
127.0.0.1 24-7searching-and-more.com
127.0.0.1 www.24-7searching-and-more.com
127.0.0.1 971searchbox.com
127.0.0.1 www.971searchbox.com
127.0.0.1 aaawebfinder.com
127.0.0.1 www.aaawebfinder.com
127.0.0.1 ampmsearch.com
127.0.0.1 www.ampmsearch.com
127.0.0.1 clickhere4search.com
127.0.0.1 www.clickhere4search.com
127.0.0.1 clicktomakeasearch.com
127.0.0.1 www.clicktomakeasearch.com
127.0.0.1 directsearchzone.com
127.0.0.1 www.directsearchzone.com
127.0.0.1 easysearch4you.com
127.0.0.1 www.easysearch4you.com
127.0.0.1 enterthesearch.com
127.0.0.1 www.enterthesearch.com
127.0.0.1 esearch2005.com
127.0.0.1 www.esearch2005.com
127.0.0.1 eza1netsearch.com
127.0.0.1 www.eza1netsearch.com
127.0.0.1 ezwebsearching.com
127.0.0.1 www.ezwebsearching.com
127.0.0.1 globalefinder.com
127.0.0.1 www.globalefinder.com
127.0.0.1 go2realsearch.com
127.0.0.1 www.go2realsearch.com
127.0.0.1 myseachexplorer.com
127.0.0.1 www.myseachexplorer.com
127.0.0.1 quicksearch360.com
127.0.0.1 www.quicksearch360.com
127.0.0.1 s1s1s1search.com
127.0.0.1 www.s1s1s1search.com
127.0.0.1 search101online.com
127.0.0.1 www.search101online.com
127.0.0.1 search123forme.com
127.0.0.1 www.search123forme.com
127.0.0.1 search345quest.com
127.0.0.1 www.search345quest.com
127.0.0.1 searchmiracle.com
127.0.0.1 www.searchmiracle.com
127.0.0.1 searchtheworld4you.com
127.0.0.1 www.searchtheworld4you.com
127.0.0.1 searchwebzone.com
127.0.0.1 www.searchwebzone.com
127.0.0.1 seektheglobe.com
127.0.0.1 www.seektheglobe.com
127.0.0.1 sitesearchcentral.com
127.0.0.1 www.sitesearchcentral.com
127.0.0.1 the818search-co.com
127.0.0.1 www.the818search-co.com
127.0.0.1 type2find.com
127.0.0.1 www.type2find.com
127.0.0.1 xosearchox.com
127.0.0.1 www.xosearchox.com
127.0.0.1 yoursearchspace.com
127.0.0.1 www.yoursearchspace.com
127.0.0.1 httpwwwads.com
127.0.0.1 www.httpwwwads.com
127.0.0.1 adshttp.com
127.0.0.1 www.adshttp.com
127.0.0.1 adsonwww.com
127.0.0.1 www.adsonwww.com
127.0.0.1 dnaads.com
127.0.0.1 www.dnaads.com
127.0.0.1 marketengines.com
127.0.0.1 www.marketengines.com
127.0.0.1 ad-w-a-r-e.com
127.0.0.1 www.ad-w-a-r-e.com
127.0.0.1 a-d-w-a-r-e.com
127.0.0.1 www.a-d-w-a-r-e.com
127.0.0.1 securityindex.net
127.0.0.1 www.securityindex.net
127.0.0.1 sexpicsporn.com
127.0.0.1 www.sexpicsporn.com
127.0.0.1 free-spybot.com
127.0.0.1 www.free-spybot.com
127.0.0.1 cashengines.com
127.0.0.1 www.cashengines.com
127.0.0.1 microsoftantispyware.net
127.0.0.1 www.microsoftantispyware.net
127.0.0.1 mircosoftantispy.com
127.0.0.1 www.mircosoftantispy.com
127.0.0.1 msantispy.com
127.0.0.1 www.msantispy.com
127.0.0.1 netspyprotector.com
127.0.0.1 www.netspyprotector.com
127.0.0.1 avforce.com
127.0.0.1 www.avforce.com
127.0.0.1 savehits.com
127.0.0.1 www.savehits.com
127.0.0.1 saveli.com
127.0.0.1 www.saveli.com
127.0.0.1 metastop.com
127.0.0.1 www.metastop.com
127.0.0.1 perlink.biz
127.0.0.1 www.perlink.biz
127.0.0.1 highdialer.com
127.0.0.1 www.highdialer.com
127.0.0.1 online-more.com
127.0.0.1 www.online-more.com
127.0.0.1 www.syserrors.com
127.0.0.1 www.vcodec.com
127.0.0.1 toolbartraff.biz
127.0.0.1 www.toolbartraff.biz
127.0.0.1 pcadprotector.cc
127.0.0.1 www.pcadprotector.cc
127.0.0.1 airtleworld.com
127.0.0.1 www.airtleworld.com
127.0.0.1 domaincar.com
127.0.0.1 www.domaincar.com
127.0.0.1 worldray.com
127.0.0.1 www.worldray.com
127.0.0.1 www5.worldray.com
127.0.0.1 www6.worldray.com
127.0.0.1 www.spytrooper.com
127.0.0.1 spytrooper.com
127.0.0.1 dl.ad-ware.cc
127.0.0.1 ad-ware.cc
127.0.0.1 downloads.adaware.cc
127.0.0.1 adaware.cc
127.0.0.1 hitscount.net
127.0.0.1 count.hitscount.net
127.0.0.1 fined.biz
127.0.0.1 de.ag
127.0.0.1 games.de.ag
127.0.0.1 www.games.de.ag
127.0.0.1 little-download.net
127.0.0.1 www.little-download.net
127.0.0.1 little-help.com
127.0.0.1 www.little-help.com
127.0.0.1 www.spyaxe.net
127.0.0.1 www.spyaxe.com
127.0.0.1 www.spyaxe.biz
127.0.0.1 www.malwarewipe.com
127.0.0.1 dl.malwarewipe.com
127.0.0.1 www.malwarewipeupdate.com
127.0.0.1 unionseek.com
127.0.0.1 www.unionseek.com
127.0.0.1 sirh0t.blackhats.tc
127.0.0.1 blackhats.tc
127.0.0.1 www.blackhats.tc
127.0.0.1 ritztours.com
127.0.0.1 www.ritztours.com
127.0.0.1 flashflashmx.3322.org
127.0.0.1 3322.org
127.0.0.1 www.3322.org
127.0.0.1 jupitersatellites.biz
127.0.0.1 www.jupitersatellites.biz
127.0.0.1 yops.biz
127.0.0.1 www.yops.biz
127.0.0.1 goldengr.hypermart.net
127.0.0.1 web-nexus.net
127.0.0.1 safe-sales.biz
127.0.0.1 www.safe-sales.biz
127.0.0.1 jerrynews.com
127.0.0.1 www.jerrynews.com
127.0.0.1 Teslaplus.com
127.0.0.1 www.Teslaplus.com
127.0.0.1 WorldAntiSpy.com
127.0.0.1 www.WorldAntiSpy.com
127.0.0.1 www.securitycaution.com
127.0.0.1 securitycaution.com
127.0.0.1 adservs.com
127.0.0.1 csx.adservs.com
127.0.0.1 www.csx.adservs.com
127.0.0.1 toolbarbest.biz
127.0.0.1 www.toolbarbest.biz
127.0.0.1 game4all.biz
127.0.0.1 www.game4all.biz
127.0.0.1 wm.kannylizaciya.info
127.0.0.1 www.wm.kannylizaciya.info
127.0.0.1 wm.buhartes.info
127.0.0.1 www.wm.buhartes.info
127.0.0.1 login.fric.cn
127.0.0.1 www.login.fric.cn
127.0.0.1 xsremover.com
127.0.0.1 www.xsremover.com
127.0.0.1 spydeface.com
127.0.0.1 www.spydeface.com
127.0.0.1 alfacleaner.com
127.0.0.1 www.alfacleaner.com
127.0.0.1 innovagest2000.com
127.0.0.1 www.innovagest2000.com
127.0.0.1 www.thespyguard.com
127.0.0.1 thespyguard.com
127.0.0.1 www.adwarepunisher.com
127.0.0.1 adwarepunisher.com
127.0.0.1 www.spyiblock.com
127.0.0.1 spyiblock.com
127.0.0.1 www.uvu-channel.com
127.0.0.1 uvu-channel.com
127.0.0.1 www.hachimitsu-lemon.com
127.0.0.1 hachimitsu-lemon.com
127.0.0.1 SEARCHTOFIND.NET
127.0.0.1 www.SEARCHTOFIND.NET
127.0.0.1 www.pestrap.com
127.0.0.1 pestrap.com
127.0.0.1 uptodatesecurity.com
127.0.0.1 www.uptodatesecurity.com
127.0.0.1 thinstall.abetterinternet.com
127.0.0.1 www.3abetterinternet.com
127.0.0.1 download.abetterinternet.com
127.0.0.1 www.abetterinternet.com
127.0.0.1 qmex.psyche-evolution.com
127.0.0.1 www.qmex.psyche-evolution.com
127.0.0.1 core.psyche-evolution.com
127.0.0.1 www.core.psyche-evolution.com
127.0.0.1 1stantivirus.com
127.0.0.1 www.1stantivirus.com
127.0.0.1 scanandrepair.com
127.0.0.1 www.scanandrepair.com
127.0.0.1 uydsiygeds.com
127.0.0.1 www.uydsiygeds.com
127.0.0.1 pesttrap.com
127.0.0.1 www.pesttrap.com
127.0.0.1 adwarebazooka.com
127.0.0.1 get.adwarebazooka.com
127.0.0.1 www.adwarebazooka.com
127.0.0.1 kliksoftware.com
127.0.0.1 www.kliksoftware.com
127.0.0.1 hitvirus.com
127.0.0.1 get.hitvirus.com
127.0.0.1 www.hitvirus.com
127.0.0.1 promo.dollarrevenue.com
127.0.0.1 www.promo.dollarrevenue.com
127.0.0.1 maxifile.com
127.0.0.1 www.maxifile.com
127.0.0.1 targetsaver.com
127.0.0.1 www.targetsaver.com
127.0.0.1 dl.targetsaver.com
127.0.0.1 www.dl.targetsaver.com
127.0.0.1 nonameforthisdomain.com
127.0.0.1 www.nonameforthisdomain.com
127.0.0.1 hypoteches.com
127.0.0.1 www.hypoteches.com
127.0.0.1 www.earthllnk.net
127.0.0.1 earthllnk.net
127.0.0.1 hostance.net
127.0.0.1 www.hostance.net
127.0.0.1 my-dedik-one.com
127.0.0.1 www.my-dedik-one.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
127.0.0.1 6sek.com
127.0.0.1 www.6sek.com
127.0.0.1 cashdeluxe.net
127.0.0.1 www.cashdeluxe.net
127.0.0.1 stats.cashdeluxe.net
127.0.0.1 www.stats.cashdeluxe.net
127.0.0.1 www.2006ooo.com
127.0.0.1 www.spyware-stop.com
127.0.0.1 spyware-stop.com
127.0.0.1 www.SpyShield.org
127.0.0.1 SpyShield.org
127.0.0.1 utils.winfixer.com
127.0.0.1 www.utils.winfixer.com
127.0.0.1 toolbarbucks.biz
127.0.0.1 www.toolbarbucks.biz
127.0.0.1 derklaif.biz
127.0.0.1 www.derklaif.biz
127.0.0.1 www.v-codec.com
127.0.0.1 v-codec.com
127.0.0.1 www.emediacodec.com
127.0.0.1 emediacodec.com
127.0.0.1 www.popentertain.com
127.0.0.1 popentertain.com
127.0.0.1 softwareprofit.com
127.0.0.1 www.softwareprofit.com
127.0.0.1 de.winantivirus.com
127.0.0.1 download.winantivirus.com
127.0.0.1 winantivirus.com
127.0.0.1 www.winantivirus.com
127.0.0.1 offers.bullseye-network.com
127.0.0.1 www.offers.bullseye-network.com
127.0.0.1 bullseye-network.com
127.0.0.1 www.bullseye-network.com
127.0.0.1 sponsor2.ucmore.com
127.0.0.1 www.sponsor2.ucmore.com
127.0.0.1 hostthesky.com
127.0.0.1 www.hostthesky.com
127.0.0.1 dbdecicated.com
127.0.0.1 www.dbdecicated.com
127.0.0.1 readagreement.net
127.0.0.1 www.readagreement.net
127.0.0.1 gl.secdep.info
127.0.0.1 www.gl.secdep.info
127.0.0.1 spyfalcon.com
127.0.0.1 www.spyfalcon.com
127.0.0.1 spyfalconupdate.com
127.0.0.1 www.spyfalconupdate.com
127.0.0.1 spy-shield.com
127.0.0.1 www.spy-shield.com
127.0.0.1 winnanny.com
127.0.0.1 www.winnanny.com
127.0.0.1 winsoftware.com
127.0.0.1 www.winsoftware.com
127.0.0.1 winfirewall.com
127.0.0.1 www.winfirewall.com
127.0.0.1 winantispyware.com
127.0.0.1 www.winantispyware.com
127.0.0.1 udefender.com
127.0.0.1 www.udefender.com
127.0.0.1 bravesentry.com
127.0.0.1 www.bravesentry.com
127.0.0.1 content.dollarrevenue.com
127.0.0.1 www.content.dollarrevenue.com
127.0.0.1 toolbar.azebar.com
127.0.0.1 www.toolbar.azebar.com
127.0.0.1 traffsale1.biz
127.0.0.1 www.traffsale1.biz
127.0.0.1 spywaredisinfector.com
127.0.0.1 www.spywaredisinfector.com
127.0.0.1 SpyCut.com
127.0.0.1 www.SpyCut.com
127.0.0.1 almanah.biz
127.0.0.1 www.almanah.biz
127.0.0.1 antispydns.biz
127.0.0.1 www.antispydns.biz
127.0.0.1 spyaxeupdate.com
127.0.0.1 www.spyaxeupdate.com
127.0.0.1 malwarewipesupport.com
127.0.0.1 www.malwarewipesupport.com
127.0.0.1 remedyantispy.com
127.0.0.1 www.remedyantispy.com
127.0.0.1 systemstable.com
127.0.0.1 www.systemstable.com
127.0.0.1 whoisprivacyprotect.com
127.0.0.1 www.whoisprivacyprotect.com
127.0.0.1 prime.webhancer.com
127.0.0.1 www.prime.webhancer.com
127.0.0.1 webhancer.com
127.0.0.1 www.webhancer.com
127.0.0.1 dr.webhancer.com
127.0.0.1 www.dr.webhancer.com
127.0.0.1 dr2.webhancer.com
127.0.0.1 www.dr2.webhancer.com
127.0.0.1 www.onli-ne.com
127.0.0.1 spycontra.com
127.0.0.1 www.spycontra.com
127.0.0.1 anti-virus-pro.com
127.0.0.1 www.anti-virus-pro.com
127.0.0.1 check.jupitersatellites.biz
127.0.0.1 www.check.jupitersatellites.biz
127.0.0.1 necessaryupdates.com
127.0.0.1 www.necessaryupdates.com
127.0.0.1 bestworldgirls-for-u.net
127.0.0.1 www.bestworldgirls-for-u.net
127.0.0.1 stejax.pl
127.0.0.1 www.stejax.pl
127.0.0.1 kitehosting.com
127.0.0.1 www.kitehosting.com
127.0.0.1 ware2006.com
127.0.0.1 www.ware2006.com
127.0.0.1 filestore.com
127.0.0.1 www.filestore.com
127.0.0.1 systemupdates.net
127.0.0.1 www.systemupdates.net
127.0.0.1 logs.vapochille.com
127.0.0.1 www.logs.vapochille.com
127.0.0.1 goldenfreehost.com
127.0.0.1 www.goldenfreehost.com
127.0.0.1 todaywarnings.com
127.0.0.1 www.todaywarnings.com
127.0.0.1 spywarequake.com
127.0.0.1 spywarequake.info
127.0.0.1 www.spywarequake.info
127.0.0.1 www.spywarequake.com
127.0.0.1 download2.spywarequake.com
127.0.0.1 download3.spywarequake.com
127.0.0.1 download4.spywarequake.com
127.0.0.1 download5.spywarequake.com
127.0.0.1 download7.spywarequake.com
127.0.0.1 download8.spywarequake.com
127.0.0.1 download9.spywarequake.com
127.0.0.1 download10.spywarequake.com
127.0.0.1 download11.spywarequake.com
127.0.0.1 download12.spywarequake.com
127.0.0.1 download13.spywarequake.com
127.0.0.1 download15.spywarequake.com
127.0.0.1 updates.spywarequake.com
127.0.0.1 urgentsystemupdate.com
127.0.0.1 www.urgentsystemupdate.com
127.0.0.1 dl2.spywarestrike.com
127.0.0.1 dl3.spywarestrike.com
127.0.0.1 dl4.spywarestrike.com
127.0.0.1 dl5.spywarestrike.com
127.0.0.1 dl6.spywarestrike.com
127.0.0.1 dl7.spywarestrike.com
127.0.0.1 dl8.spywarestrike.com
127.0.0.1 nospywaresoft.com
127.0.0.1 spywarestrike.com
127.0.0.1 www.nospywaresoft.com
127.0.0.1 www.spywarestrike.com
127.0.0.1 spyaxesupport.com
127.0.0.1 www.spyaxesupport.com
127.0.0.1 download3.spyaxe.com
127.0.0.1 download4.spyaxe.com
127.0.0.1 download5.spyaxe.com
127.0.0.1 download6.spyaxe.com
127.0.0.1 dl2.spyfalcon.com
127.0.0.1 dl3.spyfalcon.com
127.0.0.1 dl4.spyfalcon.com
127.0.0.1 dl5.spyfalcon.com
127.0.0.1 dl9.spyfalcon.com
127.0.0.1 dl10.spyfalcon.com
127.0.0.1 dl16.spyfalcon.com
127.0.0.1 www.sgrunt.biz
127.0.0.1 traffbest.biz
127.0.0.1 www.traffbest.biz
127.0.0.1 securityfeature.com
127.0.0.1 www.securityfeature.com
127.0.0.1 pimasoft.com
127.0.0.1 www.pimasoft.com
127.0.0.1 blackhawksoftware.com
127.0.0.1 www.blackhawksoftware.com
127.0.0.1 spy-sniper.com
127.0.0.1 www.spy-sniper.com
127.0.0.1 safetydefender.com
127.0.0.1 www.safetydefender.com
127.0.0.1 securitywarnings.net
127.0.0.1 www.securitywarnings.net
127.0.0.1 urgentsystemupdate.biz
127.0.0.1 www.urgentsystemupdate.biz
127.0.0.1 antispylab.com
127.0.0.1 www.antispylab.com
127.0.0.1 spywaresheriff.com
127.0.0.1 www.spywaresheriff.com
127.0.0.1 allmegabucks.com
127.0.0.1 www.allmegabucks.com
127.0.0.1 rizalof.com
127.0.0.1 www.rizalof.com
127.0.0.1 rc.rizalof.com
127.0.0.1 media-codec.com
127.0.0.1 www.media-codec.com
127.0.0.1 SpywareScraper.com
127.0.0.1 www.SpywareScraper.com
127.0.0.1 crystalysmedia.com
127.0.0.1 www.crystalysmedia.com
127.0.0.1 180solutions.com
127.0.0.1 cts.180solutions.com
127.0.0.1 bis.180solutions.com
127.0.0.1 downloads.180solutions.com
127.0.0.1 uploads.180solutions.com
127.0.0.1 installs.180solutions.com
127.0.0.1 config.180solutions.com
127.0.0.1 ping.180solutions.com
127.0.0.1 tv.180solutions.com
127.0.0.1 nowhere.180solutions.com
127.0.0.1 www.180solutions.com
127.0.0.1 180searchassistant.com
127.0.0.1 www.180searchassistant.com
127.0.0.1 theguardservices.com
127.0.0.1 www.theguardservices.com
127.0.0.1 securitybulletin.net
127.0.0.1 www.securitybulletin.net
127.0.0.1 www.supernet.speedserv.com
127.0.0.1 spyonthis.net
127.0.0.1 download.spyonthis.net
127.0.0.1 www.spyonthis.net
127.0.0.1 hijack-this.net
127.0.0.1 www.hijack-this.net
127.0.0.1 errorsafe.com
127.0.0.1 de.errorsafe.com
127.0.0.1 download.errorsafe.com
127.0.0.1 www.errorsafe.com
127.0.0.1 amaena.com
127.0.0.1 trial.updates.winsoftware.com
127.0.0.1 instlog.winfixer.com
127.0.0.1 winfixer2006.com
127.0.0.1 www.winfixer2006.com
127.0.0.1 webtopsecurity.com
127.0.0.1 www.webtopsecurity.com
127.0.0.1 traff5all.biz
127.0.0.1 www.traff5all.biz
127.0.0.1 1-extreme.biz
127.0.0.1 www.1-extreme.biz
127.0.0.1 download.bravesentry.com
127.0.0.1 www.download.bravesentry.com
127.0.0.1 evko.biz
127.0.0.1 www.evko.biz
127.0.0.1 lavasoftupdate.com
127.0.0.1 www.lavasoftupdate.com
127.0.0.1 download.secureyournet.biz
127.0.0.1 www.download.secureyournet.biz
127.0.0.1 secureyournet.biz
127.0.0.1 www.secureyournet.biz
127.0.0.1 windupdates.com
127.0.0.1 asdbiz.biz
127.0.0.1 www.asdbiz.biz
127.0.0.1 spywarelabs.com
127.0.0.1 www.spywarelabs.com
127.0.0.1 traffweb1.biz
127.0.0.1 www.traffweb1.biz
127.0.0.1 newtoolbar.biz
127.0.0.1 www.newtoolbar.biz
127.0.0.1 buytraff.biz
127.0.0.1 www.buytraff.biz
127.0.0.1 safetyuptodate.com
127.0.0.1 www.safetyuptodate.com
127.0.0.1 crazywinnings.com
127.0.0.1 frame.crazywinnings.com
127.0.0.1 www.crazywinnings.com
127.0.0.1 topconverting.com
127.0.0.1 www.topconverting.com
127.0.0.1 casalemedia.com
127.0.0.1 b.casalemedia.com
127.0.0.1 www.casalemedia.com
127.0.0.1 addictivetechnologies.com
127.0.0.1 www.addictivetechnologies.com
127.0.0.1 addictivetechnologies.net
127.0.0.1 www.addictivetechnologies.net
127.0.0.1 admin2cash.biz
127.0.0.1 www.admin2cash.biz
127.0.0.1 advcash.biz
127.0.0.1 www.advcash.biz
127.0.0.1 all4internet.com
127.0.0.1 www.all4internet.com
127.0.0.1 bettersearch.biz
127.0.0.1 www.bettersearch.biz
127.0.0.1 c4tdownload.com
127.0.0.1 www.c4tdownload.com
127.0.0.1 clickspring.net
127.0.0.1 www.clickspring.net
127.0.0.1 contentmatch.net
127.0.0.1 www.contentmatch.net
127.0.0.1 dialer-shop.com
127.0.0.1 www.dialer-shop.com
127.0.0.1 dialoff.com
127.0.0.1 www.dialoff.com
127.0.0.1 energy-factor.com
127.0.0.1 www.energy-factor.com
127.0.0.1 hardcorefantasyland.com
127.0.0.1 www.hardcorefantasyland.com
127.0.0.1 hardfootballbabes.com
127.0.0.1 www.hardfootballbabes.com
127.0.0.1 linkautomatici.com
127.0.0.1 www.linkautomatici.com
127.0.0.1 master69.biz
127.0.0.1 www.master69.biz
127.0.0.1 master70.biz
127.0.0.1 www.master70.biz
127.0.0.1 master71.biz
127.0.0.1 www.master71.biz
127.0.0.1 mcdial.biz
127.0.0.1 www.mcdial.biz
127.0.0.1 mt-download.com
127.0.0.1 www.mt-download.com
127.0.0.1 my-teensex.com
127.0.0.1 overpro.com
127.0.0.1 private-dialer.biz
127.0.0.1 private-iframe.biz
127.0.0.1 redfunny.com
127.0.0.1 scoobidoo.com
127.0.0.1 skoobidoo.com
127.0.0.1 sexvideopro.com
127.0.0.1 storage-tasp.com
127.0.0.1 xbeta69.com
127.0.0.1 securityuptodate.net
127.0.0.1 www.securityuptodate.net
127.0.0.1 troonety.biz
127.0.0.1 www.troonety.biz
127.0.0.1 zurrusco.com
127.0.0.1 www.zurrusco.com
127.0.0.1 breenten.biz
127.0.0.1 www.breenten.biz
127.0.0.1 votreenton.biz
127.0.0.1 www.votreenton.biz
127.0.0.1 ozonung.biz
127.0.0.1 www.ozonung.biz
127.0.0.1 digikeygen.com
127.0.0.1 www.digikeygen.com
127.0.0.1 5starvideos.com
127.0.0.1 www.5starvideos.com
127.0.0.1 moviereality.com
127.0.0.1 www.moviereality.com
127.0.0.1 perfectedsecurity.com
127.0.0.1 www.perfectedsecurity.com
127.0.0.1 securityprecaution.net
127.0.0.1 www.securityprecaution.net
127.0.0.1 securityupdatesite.com
127.0.0.1 www.securityupdatesite.com
127.0.0.1 dns-look-up.com
127.0.0.1 www.dns-look-up.com
127.0.0.1 ayb.dns-look-up.com
127.0.0.1 search200.com
127.0.0.1 www.search200.com
127.0.0.1 404dns.com
127.0.0.1 www.404dns.com
127.0.0.1 mcboo.com
127.0.0.1 dr.mcboo.com
127.0.0.1 www.mcboo.com
127.0.0.1 appealcircuit.com
127.0.0.1 www.appealcircuit.com
127.0.0.1 balotierra.com
127.0.0.1 www.balotierra.com
127.0.0.1 oldflock.com
127.0.0.1 www.oldflock.com
127.0.0.1 pornmagpass.com
127.0.0.1 www.pornmagpass.com
127.0.0.1 dailypornmag.com
127.0.0.1 www.dailypornmag.com
127.0.0.1 babespornmag.com
127.0.0.1 www.babespornmag.com
127.0.0.1 teenspornmag.com
127.0.0.1 www.teenspornmag.com
127.0.0.1 maturespornmag.com
127.0.0.1 www.maturespornmag.com
127.0.0.1 hardcorepornmag.com
127.0.0.1 www.hardcorepornmag.com
127.0.0.1 gayspornmag.com
127.0.0.1 www.gayspornmag.com
127.0.0.1 topsecuritysite.net
127.0.0.1 www.topsecuritysite.net
127.0.0.1 bestsafetyguide.net
127.0.0.1 www.bestsafetyguide.net
127.0.0.1 searchweb2.com
127.0.0.1 www.searchweb2.com
127.0.0.1 www.lop.com
127.0.0.1 vidscodec.com
127.0.0.1 www.vidscodec.com
127.0.0.1 newvidscodec.net
127.0.0.1 www.newvidscodec.net
127.0.0.1 media-codec.net
127.0.0.1 www.media-codec.net
127.0.0.1 mediacodec.net
127.0.0.1 www.mediacodec.net
127.0.0.1 imediacodec.com
127.0.0.1 www.imediacodec.com
127.0.0.1 emcodec.com
127.0.0.1 www.emcodec.com
127.0.0.1 vicodec.com
127.0.0.1 www.vicodec.com
127.0.0.1 xpasswordmanager.com
127.0.0.1 www.xpasswordmanager.com
127.0.0.1 cracks4all.com
127.0.0.1 www.cracks4all.com
127.0.0.1 media-motor.net
127.0.0.1 mmm.media-motor.net
127.0.0.1 bins.media-motor.net
127.0.0.1 bins2.media-motor.net
127.0.0.1 logs.media-motor.net
127.0.0.1 mmohsix.com
127.0.0.1 www.mmohsix.com
127.0.0.1 pops.mmohsix.com
127.0.0.1 megalocast.net
127.0.0.1 js.megalocast.net
127.0.0.1 www.megalocast.net
127.0.0.1 dl.web-nexus.net
127.0.0.1 movies-etc.com
127.0.0.1 cdn.movies-etc.com
127.0.0.1 cdn2.movies-etc.com
127.0.0.1 internet-optimizer.com
127.0.0.1 www.internet-optimizer.com
127.0.0.1 888.com
127.0.0.1 www.888.com
127.0.0.1 images.888.com
127.0.0.1 surfsidekick.com
127.0.0.1 www.surfsidekick.com
127.0.0.1 sdl.surfsidekick.com
127.0.0.1 kmpads.com
127.0.0.1 www.kmpads.com
127.0.0.1 ads.kmpads.com
127.0.0.1 zipcodec.com
127.0.0.1 www.zipcodec.com
127.0.0.1 ibankis.org
127.0.0.1 www.ibankis.org
127.0.0.1 adwarefinder.com
127.0.0.1 www.adwarefinder.com
127.0.0.1 nbcsearch.com
127.0.0.1 www.nbcsearch.com
127.0.0.1 TBCODE.COM
127.0.0.1 www.TBCODE.COM
127.0.0.1 1987324.com
127.0.0.1 www.1987324.com
127.0.0.1 www.archiviosex.net
127.0.0.1 sysnetsecurity.com
127.0.0.1 www.sysnetsecurity.com
127.0.0.1 sysnetsecurity.net
127.0.0.1 www.sysnetsecurity.net
127.0.0.1 error404site.com
127.0.0.1 www.error404site.com
127.0.0.1 error404site.net
127.0.0.1 www.error404site.net
127.0.0.1 wm.vother.info
127.0.0.1 www.wm.vother.info
127.0.0.1 vother.info
127.0.0.1 www.vother.info
127.0.0.1 wm.komforochka.info
127.0.0.1 www.wm.komforochka.info
127.0.0.1 komforochka.info
127.0.0.1 www.komforochka.info
127.0.0.1 hervam.com
127.0.0.1 www.hervam.com
127.0.0.1 www.nunah.info
127.0.0.1 nunah.info
127.0.0.1 www.searchmeup.com
127.0.0.1 www.searchcolours.com
127.0.0.1 searchcolours.com
127.0.0.1 brodbfm.net
127.0.0.1 www.brodbfm.net
127.0.0.1 easybestdeals.com
127.0.0.1 www.easybestdeals.com
127.0.0.1 spywareno.com
127.0.0.1 www.spywareno.com
127.0.0.1 spyheal.com
127.0.0.1 www.spyheal.com
127.0.0.1 www.streamxs.ws
127.0.0.1 streamxs.ws
127.0.0.1 asta-killer.com
127.0.0.1 newmediaidea.com
127.0.0.1 www.newmediaidea.com
127.0.0.1 syssecuritysite.net
127.0.0.1 www.syssecuritysite.net
127.0.0.1 aulde.net
127.0.0.1 www.aulde.net
127.0.0.1 searchdrive.info
127.0.0.1 wwwsearchdrive.info
127.0.0.1 download.bardownload.com
127.0.0.1 www.download.bardownload.com
127.0.0.1 bardownload.com
127.0.0.1 www.bardownload.com
127.0.0.1 intcodec.com
127.0.0.1 www.intcodec.com
127.0.0.1 newupdates.lzio.com
127.0.0.1 uptofind.com
127.0.0.1 www.uptofind.com
127.0.0.1 homelandnetwork.COM
127.0.0.1 www.homelandnetwork.COM
127.0.0.1 getmirar.com
127.0.0.1 mirarsearch.com
127.0.0.1 net-nucleus.com
127.0.0.1 zenotecnico.com
127.0.0.1 www.zenotecnico.com
127.0.0.1 zenotecnico2.com
127.0.0.1 www.zenotecnico2.com
127.0.0.1 surfaccuracy.com
127.0.0.1 www.surfaccuracy.com
127.0.0.1 cache.surfaccuracy.com
127.0.0.1 www.cache.surfaccuracy.com
127.0.0.1 www.the.007guard.com
127.0.0.1 the.007guard.com
127.0.0.1 install.007guard.com
127.0.0.1 www.install.007guard.com
127.0.0.1 007guard.com
127.0.0.1 www.007guard.com
127.0.0.1 feeds.2search.com
127.0.0.1 www.feeds.2search.com
127.0.0.1 2search.com
127.0.0.1 www.2search.com
127.0.0.1 feeds2.2search.org
127.0.0.1 www.feeds2.2search.org
127.0.0.1 2search.org
127.0.0.1 www.2search.org
127.0.0.1 zangocash.com
127.0.0.1 www.zangocash.com
127.0.0.1 static.zangocash.com
127.0.0.1 www.static.zangocash.com
127.0.0.1 public.zangocash.com
127.0.0.1 www.public.zangocash.com
127.0.0.1 code.ignphrases.com
127.0.0.1 www.ignphrases.com
127.0.0.1 ignphrases.com
127.0.0.1 www.igetnet.com
127.0.0.1 igetnet.com
127.0.0.1 www.topbrowsing.com
127.0.0.1 topbrowsing.com
127.0.0.1 www.download.jupitersatellites.biz
127.0.0.1 download.jupitersatellites.biz
127.0.0.1 voghp.com
127.0.0.1 www.voghp.com
127.0.0.1 zhmbscwdgk.biz
127.0.0.1 www.zhmbscwdgk.biz
127.0.0.1 zabywjwzlr.biz.biz
127.0.0.1 www.zabywjwzlr.biz.biz
127.0.0.1 i-femdom.com
127.0.0.1 www.i-femdom.com
127.0.0.1 buy-find.info
127.0.0.1 www.buy-find.info
127.0.0.1 searche.info
127.0.0.1 www.searche.info
127.0.0.1 easy-pharmacy.info
127.0.0.1 www.easy-pharmacy.info
127.0.0.1 good-casino.net
127.0.0.1 www.good-casino.net
127.0.0.1 busysearch.net
127.0.0.1 www.busysearch.net
127.0.0.1 1001-search.info
127.0.0.1 www.1001-search.info
127.0.0.1 24-7pharmacy.info
127.0.0.1 www.24-7pharmacy.info
127.0.0.1 dating-galaxy.info
127.0.0.1 www.dating-galaxy.info
127.0.0.1 spyware-best.com
127.0.0.1 www.spyware-best.com
127.0.0.1 easyspyware.com
127.0.0.1 www.easyspyware.com
127.0.0.1 best-spyware.info
127.0.0.1 www.best-spyware.info
127.0.0.1 anyofus.com
127.0.0.1 www.anyofus.com
127.0.0.1 specialoems.com
127.0.0.1 www.specialoems.com
127.0.0.1 svideocodec.com
127.0.0.1 www.svideocodec.com
127.0.0.1 getpornmag.com
127.0.0.1 www.getpornmag.com
127.0.0.1 animepornmag.com
127.0.0.1 www.animepornmag.com
127.0.0.1 syssecuritypage.com
127.0.0.1 www.syssecuritypage.com
127.0.0.1 safetyhomepage.com
127.0.0.1 www.safetyhomepage.com
127.0.0.1 CashUnlim.com
127.0.0.1 www.CashUnlim.com
127.0.0.1 bdsmpornmag.com
127.0.0.1 www.bdsmpornmag.com
127.0.0.1 ebonypornmag.com
127.0.0.1 www.ebonypornmag.com
127.0.0.1 nylonporn.com
127.0.0.1 www.nylonporn.com
127.0.0.1 uniformpornmag.com
127.0.0.1 www.uniformpornmag.com
127.0.0.1 maturepornmag.com
127.0.0.1 www.maturepornmag.com
127.0.0.1 pornstarspornmag.com
127.0.0.1 www.pornstarspornmag.com
127.0.0.1 shemalepornmag.com
127.0.0.1 www.shemalepornmag.com
127.0.0.1 lesbianpornmag.com
127.0.0.1 www.lesbianpornmag.com
127.0.0.1 dailytoolbar.com
127.0.0.1 www.dailytoolbar.com
127.0.0.1 maturetoolbar.com
127.0.0.1 www.maturetoolbar.com
127.0.0.1 asiantoolbar.com
127.0.0.1 www.asiantoolbar.com
127.0.0.1 www.ac66.cn
127.0.0.1 ac66.cn
127.0.0.1 mir.100888290cs.com
127.0.0.1 woool.100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 100888290cs.com
127.0.0.1 ert0003.e76.163ns.com
127.0.0.1 www.163ns.com
127.0.0.1 163ns.com
127.0.0.1 www.chenshijituan.com
127.0.0.1 chenshijituan.com
127.0.0.1 www.u7u.cn
127.0.0.1 u7u.cn
127.0.0.1 www.wg581.com
127.0.0.1 wg581.com
127.0.0.1 jhzjyj.bigwww.com
127.0.0.1 www.bigwww.com
127.0.0.1 bigwww.com
127.0.0.1 www.132.com
127.0.0.1 132.com
127.0.0.1 www.tzxsj.com
127.0.0.1 tzxsj.com
127.0.0.1 www.q36.cn
127.0.0.1 q36.cn
127.0.0.1 down.136136.net
127.0.0.1 www.136136.net
127.0.0.1 136136.net
127.0.0.1 s59.cnzz.com
127.0.0.1 www.cnzz.com
127.0.0.1 cnzz.com
127.0.0.1 ulink13.dudu.com
127.0.0.1 ulink7.dudu.com
127.0.0.1 www.dudu.com
127.0.0.1 dudu.com
127.0.0.1 dcdl.dmcast.com
127.0.0.1 www.dmcast.com
127.0.0.1 dcww.dmcast.com
127.0.0.1 ibm.dmcast.com
127.0.0.1 dmcast.com
127.0.0.1 worldtostart.com
127.0.0.1 www.worldtostart.com
127.0.0.1 deskbar.worldtostart.com
127.0.0.1 www.deskbar.worldtostart.com
127.0.0.1 www.dotcomtoolbar.com
127.0.0.1 dotcomtoolbar.com
127.0.0.1 search.findthewebsiteyouneed.com
127.0.0.1 www.search.findthewebsiteyouneed.com
127.0.0.1 easywww.info
127.0.0.1 www.easywww.info
127.0.0.1 f1organizer.com
127.0.0.1 www.f1organizer.com
127.0.0.1 gamehouse.com
127.0.0.1 www.gamehouse.com
127.0.0.1 totalvelocity.com
127.0.0.1 www.totalvelocity.com
127.0.0.1 webnetinfo.net
127.0.0.1 www.webnetinfo.net
127.0.0.1 srfgate.com
127.0.0.1 www.srfgate.com
127.0.0.1 infport.com
127.0.0.1 www.infport.com
127.0.0.1 instafinder.com
127.0.0.1 www.instafinder.com
127.0.0.1 megasearchbar.com
127.0.0.1 www.megasearchbar.com
127.0.0.1 ccecaedbebfcaf.com
127.0.0.1 www.ccecaedbebfcaf.com
127.0.0.1 pcodec.com
127.0.0.1 www.pcodec.com
127.0.0.1 lightspeedsearch.net
127.0.0.1 www.lightspeedsearch.net
127.0.0.1 websopot.com
127.0.0.1 www.websopot.com
127.0.0.1 superbgirlz.com
127.0.0.1 asdeykuddq.com
127.0.0.1 asidseiupc.com
127.0.0.1 fjsynebcod.com
127.0.0.1 qiudheadsd.com
127.0.0.1 www.superbgirlz.com
127.0.0.1 www.asdeykuddq.com
127.0.0.1 www.asidseiupc.com
127.0.0.1 www.fjsynebcod.com
127.0.0.1 www.qiudheadsd.com
127.0.0.1 www.trackhits.cc
127.0.0.1 resultplacement.com
127.0.0.1 www.resultplacement.com
127.0.0.1 smartprotect.info
127.0.0.1 www.smartprotect.info
127.0.0.1 best-voyeur.info
127.0.0.1 www.best-voyeur.info
127.0.0.1 Search-Daily.com
127.0.0.1 www.Search-Daily.com
127.0.0.1 yahabags.com
127.0.0.1 www.yahabags.com
127.0.0.1 www.freecat.biz
127.0.0.1 freecat.biz
127.0.0.1 www.beebappyy.biz
127.0.0.1 beebappyy.biz
127.0.0.1 costrike.com
127.0.0.1 www.costrike.com
127.0.0.1 tgpie.com
127.0.0.1 www.tgpie.com
127.0.0.1 searcher.tgpie.com
127.0.0.1 www.searcher.tgpie.com
127.0.0.1 seproger.com
127.0.0.1 www.seproger.com
127.0.0.1 anysn.seproger.com
127.0.0.1 www.anysn.seproger.com
127.0.0.1 thereall.realfet.com
127.0.0.1 www.thereall.realfet.com
127.0.0.1 greatbahamas.com
127.0.0.1 www.greatbahamas.com
127.0.0.1 fn777.greatbahamas.com
127.0.0.1 www.fn777.greatbahamas.com
127.0.0.1 sef516.greatbahamas.com
127.0.0.1 www.sef516.greatbahamas.com
127.0.0.1 rich777.greatbahamas.com
127.0.0.1 www.rich777.greatbahamas.com
127.0.0.1 rng650.greatbahamas.com
127.0.0.1 www.rng650.greatbahamas.com
127.0.0.1 realm.superbahamas.com
127.0.0.1 www.realm.superbahamas.com
127.0.0.1 enhance.com
127.0.0.1 www.enhance.com
127.0.0.1 c.enhance.com
127.0.0.1 www.c.enhance.com
127.0.0.1 adservices1.enhance.com
127.0.0.1 www.adservices1.enhance.com
127.0.0.1 traffic-ssl1.com
127.0.0.1 www.traffic-ssl1.com
127.0.0.1 traffic-acc.com
127.0.0.1 www.traffic-acc.com
127.0.0.1 filetretporn.com
127.0.0.1 www.filetretporn.com
127.0.0.1 uncj.filetretporn.com
127.0.0.1 www.uncj.filetretporn.com
127.0.0.1 rzvonporn.com
127.0.0.1 www.rzvonporn.com
127.0.0.1 theaimonline.com
127.0.0.1 www.theaimonline.com
127.0.0.1 bm.theaimonline.com
127.0.0.1 www.bm.theaimonline.com
127.0.0.1 kqzyfj.com
127.0.0.1 www.kqzyfj.com
127.0.0.1 apmebf.com
127.0.0.1 www.apmebf.com
127.0.0.1 emjcd.com
127.0.0.1 www.emjcd.com
127.0.0.1 upspiral.com
127.0.0.1 www.upspiral.com
127.0.0.1 lovezest.com
127.0.0.1 www.lovezest.com
127.0.0.1 maxysize.com
127.0.0.1 www.maxysize.com
127.0.0.1 camouflageclothingonline.net
127.0.0.1 www.camouflageclothingonline.net
127.0.0.1 getfound.com
127.0.0.1 www.getfound.com
127.0.0.1 search.getfound.com
127.0.0.1 www.search.getfound.com
127.0.0.1 searchfeed.com
127.0.0.1 www.searchfeed.com
127.0.0.1 netster.com
127.0.0.1 www.netster.com
127.0.0.1 ireit.com
127.0.0.1 www.ireit.com
127.0.0.1 content.ireit.com
127.0.0.1 www.content.ireit.com
127.0.0.1 toseeka.com
127.0.0.1 www.toseeka.com
127.0.0.1 zcodec.com
127.0.0.1 www.zcodec.com
127.0.0.1 strcodec.com
127.0.0.1 www.strcodec.com
127.0.0.1 uglyphotos.net
127.0.0.1 www.uglyphotos.net
127.0.0.1 imcodec.com
127.0.0.1 www.imcodec.com
127.0.0.1 softcodec.com
127.0.0.1 www.softcodec.com
127.0.0.1 dvdcodec.net
127.0.0.1 www.dvdcodec.net
127.0.0.1 playercodec.net
127.0.0.1 www.playercodec.net
127.0.0.1 lightcodec.com
127.0.0.1 www.lightcodec.com
127.0.0.1 winmediacodec.com
127.0.0.1 www.winmediacodec.com
127.0.0.1 videoscodec.com
127.0.0.1 www.videoscodec.com
127.0.0.1 mmcodec.com
127.0.0.1 www.mmcodec.com
127.0.0.1 xpassgenerator.com
127.0.0.1 www.xpassgenerator.com
127.0.0.1 mypornmagpass.com
127.0.0.1 www.mypornmagpass.com
127.0.0.1 searchbee.net
127.0.0.1 www.searchbee.net
127.0.0.1 warez.com
127.0.0.1 www.warez.com
127.0.0.1 srv.warez.com
127.0.0.1 prosearching.com
127.0.0.1 www.prosearching.com
127.0.0.1 zelaznyworld.com
127.0.0.1 www.zelaznyworld.com
127.0.0.1 mabou.org
127.0.0.1 net.mabou.org
127.0.0.1 www.mabou.org
127.0.0.1 infectedkernel.com
127.0.0.1 www.infectedkernel.com
127
est ce normal que tout ne peut pas etre afficher sur le forum
Oui, car ton rapport est trop long.
Télécharge R-Hosts
http://siri.urz.free.fr/RHosts.php
Installe le sur le Bureau.
Lance le. Clique sur Restaurer.
Confirme.
Ferme le programme.
Poste un nouveau rapport Smitfraudfix option 1.
Poste aussi les autres rapports demandés (Clean et Hijackthis).
Vous avez un problème ? Créez votre propre post !
Répondre à chercheur_
SmitFraudFix v2.225
Rapport fait à 21:09:12.12, 2007-09-17
Executé à partir de C:\Documents and Settings\lanet kevin\Bureau\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Le type du système de fichiers est NTFS
Fix executé en mode normal
»»»»»»»»»»»»»»»»»»»»»»»» Process
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
C:\WINDOWS\system32\agrsmsvc.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\UAService7.exe
C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\ThinkPad\ConnectUtilities\SvcGuiHlpr.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\Explorer.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\cmd.exe
»»»»»»»»»»»»»»»»»»»»»»»» hosts
»»»»»»»»»»»»»»»»»»»»»»»» C:\
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32\LogFiles
»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\lanet kevin
»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\lanet kevin\Application Data
»»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer
»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\LANETK~1\MESDOC~1\Favoris
»»»»»»»»»»»»»»»»»»»»»»»» Bureau
»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files
»»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues
»»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau
»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll
»»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\\WINDOWS\\system32\\systems.txt"
"LoadAppInit_DLLs"=dword:00000001
»»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"System"=""
»»»»»»»»»»»»»»»»»»»»»»»» Rustock
»»»»»»»»»»»»»»»»»»»»»»»» DNS
Description: Carte réseau Broadcom 802.11g - Miniport d'ordonnancement de paquets
DNS Server Search Order: 212.27.54.252
DNS Server Search Order: 212.27.53.252
HKLM\SYSTEM\CCS\Services\Tcpip\..\{DE186D5C-5522-4E9A-8365-8D571671727B}: DhcpNameServer=212.27.54.252 212.27.53.252
HKLM\SYSTEM\CS1\Services\Tcpip\..\{DE186D5C-5522-4E9A-8365-8D571671727B}: DhcpNameServer=212.27.54.252 212.27.53.252
HKLM\SYSTEM\CS2\Services\Tcpip\..\{DE186D5C-5522-4E9A-8365-8D571671727B}: DhcpNameServer=212.27.54.252 212.27.53.252
HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=212.27.54.252 212.27.53.252
HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=212.27.54.252 212.27.53.252
HKLM\SYSTEM\CS2\Services\Tcpip\Parameters: DhcpNameServer=212.27.54.252 212.27.53.252
»»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll
»»»»»»»»»»»»»»»»»»»»»»»» Fin
ENSUITE LES RAPPORT DE LA DERNIERE MANIP C SA
Script execute en mode sans echec
Rapport clean par Malekal_morte - http://www.malekal.com
Script execute en mode sans echec 2007-09-17 a 18:26:17.12
Microsoft Windows XP [version 5.1.2600]
*** Suppression des fichiers dans C:
*** Suppression des fichiers dans C:\WINDOWS\
tentative de suppression de C:\WINDOWS\UnGins.exe
tentative de suppression de "C:\WINDOWS\photo album.zip"
*** Suppression des fichiers dans C:\WINDOWS\system32
tentative de suppression de C:\WINDOWS\system32\kernel???.exe
tentative de suppression de "C:\Documents and Settings\lanet kevin\Application Data\ezpinst.exe"
*** Suppression des fichiers dans C:\Program Files
tentative de suppression de "C:\Program Files\Fichiers communs\WinAntivirus Pro 2007\"
tentative de suppression de "C:\Program Files\Fichiers communs\Totem Shared\"
tentative de suppression de "C:\Program Files\Multi_Media_France\"
*** Suppression des clefs du registre effectuee..
*** Fin du rapport !
Logfile of HijackThis v1.99.1
Scan saved at 18:30, on 2007-09-17
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16473)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
C:\WINDOWS\system32\agrsmsvc.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\UAService7.exe
C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\ThinkPad\ConnectUtilities\SvcGuiHlpr.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\Explorer.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Hijackthis Version Française\hijackthis vf.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {1d1b60fd-b21f-4b9a-8a5f-64e8544828d7} - (no file)
R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - (no file)
R3 - URLSearchHook: Multi_Media_France toolbar - {7009fcd4-05be-44f4-9583-93fe419ab7b0} - C:\Program Files\Multi_Media_France\tbMult.dll (file missing)
F2 - REG:system.ini: Shell=Explorer.exe C:\WINDOWS\system32\printer.exe
O2 - BHO: (no name) - {ABCDECF0-4B15-11D1-ABED-709549C10000} - (no file)
O3 - Toolbar: (no name) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - (no file)
O3 - Toolbar: (no name) - {1d1b60fd-b21f-4b9a-8a5f-64e8544828d7} - (no file)
O3 - Toolbar: Multi_Media_France toolbar - {7009fcd4-05be-44f4-9583-93fe419ab7b0} - C:\Program Files\Multi_Media_France\tbMult.dll (file missing)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [WinAVX] C:\WINDOWS\system32\WinAvXX.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Actual Transparent Window] "C:\Program Files\Actual Transparent Window\ActualTransparentWindowCenter.exe"
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O7 - HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O11 - Options group: [INTERNATIONAL] International*
O14 - IERESET.INF: START_PAGE_URL=http://www.lenovo.com/welcome/3000notebook
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/5 [...] plugin.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/bina [...] b56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/ [...] wflash.cab
O16 - DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} - http://camera1.mairie-brest.fr/activex/AMC.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\FICHIE~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\WINDOWS\system32\systems.txt
O20 - Winlogon Notify: ACNotify - ACNotify.dll (file missing)
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Ac Profile Manager Service (AcPrfMgrSvc) - Unknown owner - C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
O23 - Service: Access Connections Main Service (AcSvc) - Lenovo - C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\WINDOWS\system32\agrsmsvc.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - Unknown owner - C:\Program Files\Spyware Doctor\svcntaux.exe (file missing)
O23 - Service: PC Tools Security Service (sdCoreService) - Unknown owner - C:\Program Files\Spyware Doctor\swdsvc.exe (file missing)
O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Sony DADC Austria AG. - C:\WINDOWS\system32\UAService7.exe
O23 - Service: VideoAcceleratorEngine - Unknown owner - C:\PROGRA~1\SPEEDB~1\VideoAcceleratorEngine.exe (file missing)
O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Program Files\Windows Live\installer\WLSetupSvc.exe
Re
Relance un scan HijackThis et coche les lignes ci-dessous :
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R3 - URLSearchHook: (no name) - {1d1b60fd-b21f-4b9a-8a5f-64e8544828d7} - (no file)
R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - (no file)
R3 - URLSearchHook: Multi_Media_France toolbar - {7009fcd4-05be-44f4-9583-93fe419ab7b0} - C:\Program Files\Multi_Media_France\tbMult.dll (file missing)
F2 - REG:system.ini: Shell=Explorer.exe C:\WINDOWS\system32\printer.exe
O2 - BHO: (no name) - {ABCDECF0-4B15-11D1-ABED-709549C10000} - (no file)
O3 - Toolbar: (no name) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - (no file)
O3 - Toolbar: (no name) - {1d1b60fd-b21f-4b9a-8a5f-64e8544828d7} - (no file)
O3 - Toolbar: Multi_Media_France toolbar - {7009fcd4-05be-44f4-9583-93fe419ab7b0} - C:\Program Files\Multi_Media_France\tbMult.dll (file missing)
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [WinAVX] C:\WINDOWS\system32\WinAvXX.exe
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O7 - HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/5 [...] plugin.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/bina [...] b56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/ [...] wflash.cab
O20 - AppInit_DLLs: C:\WINDOWS\system32\systems.txt
O20 - Winlogon Notify: ACNotify - ACNotify.dll (file missing)
Ferme toutes les fenêtres Windows, Internet explorer, Outlook,sauf le logiciel Hijackthis et clique sur « Fix checked »
Télécharge Combofix.exe (par sUBs) sur ton Bureau
http://download.bleepingcomputer.com/sUBs/ComboFix.exe
Double clique combofix.exe et suis les invites.
Lorsque le scan sera complété, un rapport apparaîtra.
Copie/colle ce rapport dans ta prochaine réponse avec un nouveau HijackThis.
Vous avez un problème ? Créez votre propre post !
Répondre à chercheur_
je met fixer objet ou pas car il y a pas fix checked
ComboFix 07-09-17.2 - "lanet kevin" 2007-09-17 21:52:45.2 - NTFSx86
Microsoft Windows XP dition familiale 5.1.2600.2.1252.1.1036.18.1063 [GMT 2:00]
* Created a new restore point
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\DOCUME~1\ALLUSE~1\APPLIC~1.\salesmonitor
C:\DOCUME~1\ALLUSE~1\APPLIC~1\WinAntiVirus Pro 2007
C:\DOCUME~1\LANETK~1\APPLIC~1\ShoppingReport
C:\DOCUME~1\LANETK~1\APPLIC~1\ShoppingReport\cs\Config.xml
C:\DOCUME~1\LANETK~1\APPLIC~1\ShoppingReport\cs\db\Aliases.dbs
C:\DOCUME~1\LANETK~1\APPLIC~1\ShoppingReport\cs\db\Sites.dbs
C:\DOCUME~1\LANETK~1\APPLIC~1\ShoppingReport\cs\dwld\WhiteList.xip
C:\DOCUME~1\LANETK~1\APPLIC~1\ShoppingReport\cs\persist.dbs
C:\DOCUME~1\LANETK~1\APPLIC~1\ShoppingReport\cs\report\aggr_storage.xml
C:\DOCUME~1\LANETK~1\APPLIC~1\ShoppingReport\cs\report\send_storage.xml
C:\DOCUME~1\LANETK~1\APPLIC~1\ShoppingReport\cs\res1\WhiteList.dbs
C:\DOCUME~1\LANETK~1\err.log
C:\DOCUME~1\LOCALS~1\APPLIC~1\ShoppingReport
C:\DOCUME~1\LOCALS~1\APPLIC~1\ShoppingReport\cs\Config.xml
C:\DOCUME~1\LOCALS~1\APPLIC~1\ShoppingReport\cs\dwld\WhiteList.xip
C:\DOCUME~1\LOCALS~1\APPLIC~1\ShoppingReport\cs\persist.dbs
C:\DOCUME~1\LOCALS~1\APPLIC~1\ShoppingReport\cs\report\aggr_storage.xml
C:\DOCUME~1\LOCALS~1\APPLIC~1\ShoppingReport\cs\report\send_storage.xml
C:\DOCUME~1\LOCALS~1\APPLIC~1\ShoppingReport\cs\res1\WhiteList.dbs
C:\Program Files\Fichiers communs\companion wizard
C:\Program Files\Fichiers communs\companion wizard\CompWiz.xml
C:\Program Files\Fichiers communs\Companion Wizard\CompWiz.xml
C:\WINDOWS\system32\drivers\fopn.sys
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
-------\LEGACY_FOPN
-------\poof
((((((((((((((((((((((((( Files Created from 2007-08-17 to 2007-09-17 )))))))))))))))))))))))))))))))
.
2007-09-17 18:13 <REP> dr------- C:\DOCUME~1\ADMINI~1\Mes documents
2007-09-17 18:13 <REP> dr------- C:\DOCUME~1\ADMINI~1\Menu D‚marrer
2007-09-17 18:13 <REP> dr------- C:\DOCUME~1\ADMINI~1\Favoris
2007-09-17 18:13 <REP> d--h----- C:\DOCUME~1\ADMINI~1\Voisinage r‚seau
2007-09-17 18:13 <REP> d--h----- C:\DOCUME~1\ADMINI~1\Voisinage d'impression
2007-09-17 18:13 <REP> d--h----- C:\DOCUME~1\ADMINI~1\ModŠles
2007-09-17 18:13 <REP> d-------- C:\DOCUME~1\ADMINI~1\Bureau
2007-09-17 18:07 <REP> d-------- C:\Program Files\CCleaner
2007-09-17 18:02 <REP> d-------- C:\Program Files\Actual Transparent Window
2007-09-17 18:02 <REP> d-------- C:\DOCUME~1\LANETK~1\APPLIC~1\Actual Tools
2007-09-17 17:28 53,248 --a------ C:\WINDOWS\system32\Process.exe
2007-09-17 17:28 51,200 --a------ C:\WINDOWS\system32\dumphive.exe
2007-09-17 17:28 289,144 --a------ C:\WINDOWS\system32\VCCLSID.exe
2007-09-17 17:28 288,417 --a------ C:\WINDOWS\system32\SrchSTS.exe
2007-09-17 17:28 1,818 --a------ C:\WINDOWS\system32\tmp.reg
2007-09-16 22:20 <REP> d-------- C:\Program Files\Avira
2007-09-16 22:20 <REP> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Avira
2007-09-16 21:49 6,144 --a------ C:\WINDOWS\reppor.exe
2007-09-12 16:53 25,856 --a------ C:\WINDOWS\system32\drivers\usbprint.sys
2007-09-12 16:53 25,856 --a------ C:\WINDOWS\system32\dllcache\usbprint.sys
2007-09-12 16:52 31,616 --a------ C:\WINDOWS\system32\drivers\usbccgp.sys
2007-09-12 16:52 31,616 --a------ C:\WINDOWS\system32\dllcache\usbccgp.sys
2007-09-12 15:04 10,872 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys
2007-09-09 15:39 107,888 --a------ C:\WINDOWS\system32\CmdLineExt.dll
2007-09-08 15:07 51,200 --a------ C:\WINDOWS\NirCmd.exe
2007-09-08 14:42 <REP> d-------- C:\Program Files\Hijackthis Version Fran‡aise
2007-09-08 12:22 <REP> d-------- C:\Program Files\Lavalys
2007-09-08 12:07 <REP> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
2007-09-07 21:58 <REP> d-------- C:\Program Files\Lavasoft
2007-09-07 21:58 <REP> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
2007-09-05 19:11 <REP> d-------- C:\Program Files\adslTV
2007-09-05 19:11 <REP> d-------- C:\DOCUME~1\LANETK~1\APPLIC~1\vlc
2007-09-04 23:29 8,704 --a------ C:\WINDOWS\system32\SpOrder.dll
2007-09-04 23:11 82,248 --a------ C:\WINDOWS\system32\drivers\iksyssec.sys
2007-09-04 23:11 57,672 --a------ C:\WINDOWS\system32\drivers\iksysflt.sys
2007-09-04 23:11 40,264 --a------ C:\WINDOWS\system32\drivers\ikfilesec.sys
2007-09-04 23:11 29,000 --a------ C:\WINDOWS\system32\drivers\kcom.sys
2007-09-02 22:54 <REP> d-------- C:\Program Files\Shareaza
2007-09-02 13:25 <REP> d-------- C:\Program Files\QuickTime
2007-08-26 14:33 <REP> d-------- C:\WINDOWS\system32\(null)
2007-08-25 18:19 553,472 --------- C:\WINDOWS\system32\oleaut32.dll
2007-08-22 14:48 <REP> d-------- C:\Program Files\Live_TV
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-09-15 18:05 --------- d-------- C:\Program Files\eMule
2007-09-14 19:57 --------- d-------- C:\Program Files\Google
2007-09-07 21:57 --------- d-------- C:\Program Files\Fichiers communs\Wise Installation Wizard
2007-08-31 21:29 --------- d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft Help
2007-08-29 19:51 --------- d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
2007-08-29 08:43 --------- d--h----- C:\Program Files\InstallShield Installation Information
2007-08-29 08:43 --------- d-------- C:\Program Files\Lenovo
2007-08-29 08:41 --------- d-------- C:\Program Files\ThinkVantage
2007-08-29 08:40 --------- d-------- C:\Program Files\Fichiers communs\Lenovo
2007-08-29 08:38 --------- d-------- C:\Program Files\Axis Communications
2007-08-26 14:28 --------- d-------- C:\DOCUME~1\LANETK~1\APPLIC~1\Lenovo
2007-08-26 14:28 --------- d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lenovo
2007-08-26 14:26 23552 --a------ C:\WINDOWS\system32\drivers\psasrv.exe
2007-08-24 11:13 --------- d-------- C:\Program Files\MultiMedia France Toolbar
2007-08-22 20:37 --------- d-------- C:\DOCUME~1\LANETK~1\APPLIC~1\Draw burn
2007-08-22 19:53 --------- d-------- C:\DOCUME~1\LOCALS~1\APPLIC~1\Draw burn
2007-08-20 17:02 --------- d-------- C:\DOCUME~1\LANETK~1\APPLIC~1\LimeWire
2007-08-15 13:08 --------- d-------- C:\Program Files\MSXML 4.0
2007-08-12 15:34 --------- d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skyline
2007-08-12 14:46 12464 --a------ C:\WINDOWS\system32\drivers\CdaC15BA.SYS
2007-08-12 14:46 --------- d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Macrovision
2007-08-12 00:19 --------- d-------- C:\DOCUME~1\LOCALS~1\APPLIC~1\Media Player Classic
2007-08-10 15:30 --------- d-------- C:\Program Files\Fichiers communs\BOONTY Shared
2007-08-10 15:30 --------- d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\BOONTY
2007-08-09 01:07 --------- d-------- C:\DOCUME~1\LANETK~1\APPLIC~1\Skyline
2007-08-08 15:11 --------- d-------- C:\DOCUME~1\LANETK~1\APPLIC~1\Media Player Classic
2007-08-08 12:01 --------- d-------- C:\Program Files\MP3Dancer
2007-08-08 01:15 --------- d-------- C:\DOCUME~1\LANETK~1\APPLIC~1\aMule
2007-08-07 00:53 --------- d-------- C:\Program Files\K-Lite Codec Pack
2007-08-03 15:41 --------- d-------- C:\Program Files\TuneUp Utilities 2007
2007-08-03 14:44 --------- d-------- C:\DOCUME~1\LANETK~1\APPLIC~1\TuneUp Software
2007-08-03 14:44 --------- d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\TuneUp Software
2007-08-02 21:46 --------- d-------- C:\Program Files\AnmSMP
2007-08-01 18:44 --------- d-------- C:\Program Files\Picasa2
2007-07-31 23:05 --------- d-------- C:\Program Files\MSN Messenger
2007-07-31 23:04 --------- d-------- C:\Program Files\Windows Live
2007-07-31 23:04 --------- d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
2007-07-31 23:04 --------- d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\WindowsLiveInstaller
2007-07-28 00:00 23152 --a------ C:\WINDOWS\system32\drivers\aswRdr.sys
2007-07-23 19:04 --------- d-------- C:\DOCUME~1\LANETK~1\APPLIC~1\Command & Conquer 3 Les guerres du Tiberium
2007-07-23 10:24 --------- dr-h----- C:\DOCUME~1\LANETK~1\APPLIC~1\SecuROM
2007-07-19 20:27 --------- d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
2007-06-17 09:31 5749 --a------ C:\WINDOWS\BricoPackFoldersDelete.cmd
2007-06-17 09:31 56815 --a--c--- C:\WINDOWS\BricoPackUninst.cmd
2007-04-01 10:37 47360 --a--c--- C:\DOCUME~1\LANETK~1\APPLIC~1\pcouffin.sys
--------- C:\Program Files\Hijackthis Version Française
2007-02-10 13:08:39 8,192 -csha-w C:\WINDOWS\o2cLicStore.bin
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 11:25]
"avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2007-08-31 12:25]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 13:00]
"Actual Transparent Window"="C:\Program Files\Actual Transparent Window\ActualTransparentWindowCenter.exe" [2007-06-20 04:05]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableRegistryTools"=0 (0x0)
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"EditLevel"=0 (0x0)
"NoFileMenu"=0 (0x0)
"NoCommonGroups"=0 (0x0)
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
"Notification Packages"= scecli ACGina
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Adobe Reader Synchronizer.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Adobe Reader Synchronizer.lnk
backup=C:\WINDOWS\pss\Adobe Reader Synchronizer.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^autorun.exe]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\autorun.exe
backup=C:\WINDOWS\pss\autorun.exeCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Lancement rapide d'Adobe Reader.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Lancement rapide d'Adobe Reader.lnk
backup=C:\WINDOWS\pss\Lancement rapide d'Adobe Reader.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^lanet kevin^Menu Démarrer^Programmes^Démarrage^BoontyBox 01net.lnk]
path=C:\Documents and Settings\lanet kevin\Menu Démarrer\Programmes\Démarrage\BoontyBox 01net.lnk
backup=C:\WINDOWS\pss\BoontyBox 01net.lnkStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^lanet kevin^Menu Démarrer^Programmes^Démarrage^MP3 Dancer.lnk]
path=C:\Documents and Settings\lanet kevin\Menu Démarrer\Programmes\Démarrage\MP3 Dancer.lnk
backup=C:\WINDOWS\pss\MP3 Dancer.lnkStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^lanet kevin^Menu Démarrer^Programmes^Démarrage^system.exe]
path=C:\Documents and Settings\lanet kevin\Menu Démarrer\Programmes\Démarrage\system.exe
backup=C:\WINDOWS\pss\system.exeStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\!AVG Anti-Spyware]
"C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
"C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AGRSMMSG]
AGRSMMSG.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr]
ALCMTR.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AMSG]
C:\PROGRA~1\THINKV~1\AMSG\amsg.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\avast!]
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AzMixerSel]
C:\Program Files\Realtek\InstallShield\AzMixerSel.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
"C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Broadcom Wireless Manager UI]
C:\WINDOWS\system32\WLTRAY.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cssauth]
"C:\Program Files\Lenovo\Client Security Solution\cssauth.exe" silent
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
C:\WINDOWS\system32\ctfmon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DiskeeperSystray]
"C:\Program Files\Diskeeper Corporation\Diskeeper\DkIcon.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eMuleAutoStart]
C:\Program Files\eMule\emule.exe -AutoStart
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Farces & Attrapes]
\\BARDELLINU\SharedDocs\Mes vidéos\WinAutorun.exe \farces
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxhkcmd]
C:\WINDOWS\system32\hkcmd.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxpers]
C:\WINDOWS\system32\igfxpers.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxtray]
C:\WINDOWS\system32\igfxtray.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
"C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LPManager]
C:\PROGRA~1\Lenovo\LENOVO~2\LPMGR.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Magentic]
C:\PROGRA~1\Magentic\bin\Magentic.exe /c
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Picasa Media Detector]
C:\Program Files\Picasa2\PicasaMediaDetector.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PMHandler]
C:\PROGRA~1\Lenovo\PMDRIV~1\PMHandler.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
"C:\Program Files\QuickTime\qttask.exe" -atboottime
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
RTHDCPL.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Shareaza]
"C:\Program Files\Shareaza\Shareaza.exe" -tray
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SkyTel]
SkyTel.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\snpstd]
C:\WINDOWS\vsnpstd.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
"c:\valve\steam\steam.exe" -silent
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
"C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TuneUp MemOptimizer]
"C:\Program Files\TuneUp Utilities 2007\MemOptimizer.exe" autostart
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TVT Scheduler Proxy]
C:\Program Files\Fichiers communs\Lenovo\Scheduler\scheduler_proxy.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uwa7pcw]
"C:\Program Files\Fichiers communs\WinAntiVirus Pro 2007\uwa7pcw.exe" -c
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinAVX]
C:\WINDOWS\system32\WinAvXX.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
C:\Program Files\Windows Media Player\WMPNSCFG.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"gusvc"=3 (0x3)
"Boonty Games"=3 (0x3)
"avast! Web Scanner"=3 (0x3)
"avast! Mail Scanner"=3 (0x3)
"avast! Antivirus"=2 (0x2)
"aswUpdSv"=2 (0x2)
R1 ANC;ANC;C:\WINDOWS\system32\drivers\ANC.SYS
R1 IBMTPCHK;IBMTPCHK;\??\C:\WINDOWS\system32\Drivers\IBMBLDID.sys
R1 PMHler;PMHler;C:\WINDOWS\system32\drivers\PMHler.sys
R2 UxTuneUp;TuneUp Extension de thème;C:\WINDOWS\System32\svchost.exe -k netsvcs
S2 sbbotdi;sbbotdi;\??\C:\PROGRA~1\SPEEDB~1\sbbotdi.sys
S3 sony_ssm.sys;sony_ssm.sys;\??\C:\DOCUME~1\LANETK~1\LOCALS~1\Temp\sony_ssm.sys
S3 USBSTOR;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
S4 Boonty Games;Boonty Games;"C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe"
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Contents of the 'Scheduled Tasks' folder
"2007-09-17 19:04:13 C:\WINDOWS\Tasks\Maintenance en 1 clic.job"
- C:\Program Files\TuneUp Utilities 2007\SystemOptimizer.exe
.
**************************************************************************
catchme 0.3.1061 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-09-17 21:57:48
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
Completion time: 2007-09-17 21:59:49 - machine was rebooted
C:\ComboFix-quarantined-files.txt ... 2007-09-17 21:59
.
--- E O F ---
Logfile of HijackThis v1.99.1
Scan saved at 22:02:08, on 17/09/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16473)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
C:\WINDOWS\system32\agrsmsvc.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\UAService7.exe
C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\ThinkPad\ConnectUtilities\SvcGuiHlpr.exe
C:\Program Files\Diskeeper Corporation\Diskeeper\DkIcon.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Hijackthis Version Française\hijackthis vf.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Actual Transparent Window] "C:\Program Files\Actual Transparent Window\ActualTransparentWindowCenter.exe"
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O14 - IERESET.INF: START_PAGE_URL=http://www.lenovo.com/welcome/3000notebook
O16 - DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} - http://camera1.mairie-brest.fr/activex/AMC.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\FICHIE~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Ac Profile Manager Service (AcPrfMgrSvc) - Unknown owner - C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
O23 - Service: Access Connections Main Service (AcSvc) - Lenovo - C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\WINDOWS\system32\agrsmsvc.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - Unknown owner - C:\Program Files\Spyware Doctor\svcntaux.exe (file missing)
O23 - Service: PC Tools Security Service (sdCoreService) - Unknown owner - C:\Program Files\Spyware Doctor\swdsvc.exe (file missing)
O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Sony DADC Austria AG. - C:\WINDOWS\system32\UAService7.exe
O23 - Service: VideoAcceleratorEngine - Unknown owner - C:\PROGRA~1\SPEEDB~1\VideoAcceleratorEngine.exe (file missing)
O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Program Files\Windows Live\installer\WLSetupSvc.exe
je suis redevenu administrateur de mon pc ce ki est pas mal mntnt j espere qu il n y a plus rien a signaler
Re
Copie (Ctrl+C) le texte ci-dessous :
File::
C:\WINDOWS\system32\WinAvXX.exe
Folder::
C:\Program Files\Fichiers communs\WinAntiVirus Pro 2007
C:\Program Files\MultiMedia France Toolbar
Registry::
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uwa7pcw]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinAVX]
Ouvre le Bloc-Notes puis colle (Ctrl+V) le texte précedemment copié.
Sauvegarde ce fichier sous le nom de CFScript.txt
Comme l'image le montre, fait glisser CFScript.txt sur Combofix.exe
Une fenêtre bleue va apparaître: au message qui apparaît ( Type 1 to continue, or 2 to abort) , tape 1 puis valide.
Patiente le temps du scan.Le bureau va disparaître à plusieurs reprises: c'est normal!
Ne touche à rien tant que le scan n'est pas terminé.
Une fois le scan achevé, un rapport va s'afficher: poste son contenu.
Si le fichier ne s'ouvre pas, il se trouve ici > C:\ComboFix.txt
Vous avez un problème ? Créez votre propre post !
Répondre à chercheur_
je te remercie enormement de ton aide est ce que tu autre chose a signaler qui ne va pas
Regarde au dessus.
Vous avez un problème ? Créez votre propre post !
Répondre à chercheur_
okok
ComboFix 07-09-17.2 - "lanet kevin" 2007-09-17 22:27:03.3 - NTFSx86
Microsoft Windows XP dition familiale 5.1.2600.2.1252.1.1036.18.1046 [GMT 2:00]
Command switches used :: C:\Documents and Settings\lanet kevin\Bureau\CFScript.txt
* Created a new restore point
FILE::
C:\WINDOWS\system32\WinAvXX.exe
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\Program Files\MultiMedia France Toolbar
C:\Program Files\MultiMedia France Toolbar\INSTALL.LOG
C:\Program Files\MultiMedia France Toolbar\Multi_Media_France.exe
C:\Program Files\MultiMedia France Toolbar\MultiMedia - Installer.exe
C:\Program Files\MultiMedia France Toolbar\UNWISE.EXE
.
((((((((((((((((((((((((((((( Fichiers créés 2007-08-17 to 2007-09-17 ))))))))))))))))))))))))))))))))))))
.
2007-09-17 18:13 <REP> dr------- C:\DOCUME~1\ADMINI~1\Mes documents
2007-09-17 18:13 <REP> dr------- C:\DOCUME~1\ADMINI~1\Menu D‚marrer
2007-09-17 18:13 <REP> dr------- C:\DOCUME~1\ADMINI~1\Favoris
2007-09-17 18:13 <REP> d--h----- C:\DOCUME~1\ADMINI~1\Voisinage r‚seau
2007-09-17 18:13 <REP> d--h----- C:\DOCUME~1\ADMINI~1\Voisinage d'impression
2007-09-17 18:13 <REP> d--h----- C:\DOCUME~1\ADMINI~1\ModŠles
2007-09-17 18:13 <REP> d-------- C:\DOCUME~1\ADMINI~1\Bureau
2007-09-17 18:07 <REP> d-------- C:\Program Files\CCleaner
2007-09-17 18:02 <REP> d-------- C:\Program Files\Actual Transparent Window
2007-09-17 18:02 <REP> d-------- C:\DOCUME~1\LANETK~1\APPLIC~1\Actual Tools
2007-09-17 17:28 53,248 --a------ C:\WINDOWS\system32\Process.exe
2007-09-17 17:28 51,200 --a------ C:\WINDOWS\system32\dumphive.exe
2007-09-17 17:28 289,144 --a------ C:\WINDOWS\system32\VCCLSID.exe
2007-09-17 17:28 288,417 --a------ C:\WINDOWS\system32\SrchSTS.exe
2007-09-17 17:28 1,818 --a------ C:\WINDOWS\system32\tmp.reg
2007-09-16 22:20 <REP> d-------- C:\Program Files\Avira
2007-09-16 22:20 <REP> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Avira
2007-09-16 21:49 6,144 --a------ C:\WINDOWS\reppor.exe
2007-09-12 16:53 25,856 --a------ C:\WINDOWS\system32\drivers\usbprint.sys
2007-09-12 16:53 25,856 --a------ C:\WINDOWS\system32\dllcache\usbprint.sys
2007-09-12 16:52 31,616 --a------ C:\WINDOWS\system32\drivers\usbccgp.sys
2007-09-12 16:52 31,616 --a------ C:\WINDOWS\system32\dllcache\usbccgp.sys
2007-09-12 15:04 10,872 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys
2007-09-09 15:39 107,888 --a------ C:\WINDOWS\system32\CmdLineExt.dll
2007-09-08 15:07 51,200 --a------ C:\WINDOWS\NirCmd.exe
2007-09-08 14:42 <REP> d-------- C:\Program Files\Hijackthis Version Fran‡aise
2007-09-08 12:22 <REP> d-------- C:\Program Files\Lavalys
2007-09-08 12:07 <REP> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
2007-09-07 21:58 <REP> d-------- C:\Program Files\Lavasoft
2007-09-07 21:58 <REP> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
2007-09-05 19:11 <REP> d-------- C:\Program Files\adslTV
2007-09-05 19:11 <REP> d-------- C:\DOCUME~1\LANETK~1\APPLIC~1\vlc
2007-09-04 23:29 8,704 --a------ C:\WINDOWS\system32\SpOrder.dll
2007-09-04 23:11 82,248 --a------ C:\WINDOWS\system32\drivers\iksyssec.sys
2007-09-04 23:11 57,672 --a------ C:\WINDOWS\system32\drivers\iksysflt.sys
2007-09-04 23:11 40,264 --a------ C:\WINDOWS\system32\drivers\ikfilesec.sys
2007-09-04 23:11 29,000 --a------ C:\WINDOWS\system32\drivers\kcom.sys
2007-09-02 22:54 <REP> d-------- C:\Program Files\Shareaza
2007-09-02 13:25 <REP> d-------- C:\Program Files\QuickTime
2007-08-26 14:33 <REP> d-------- C:\WINDOWS\system32\(null)
2007-08-25 18:19 553,472 --------- C:\WINDOWS\system32\oleaut32.dll
2007-08-22 14:48 <REP> d-------- C:\Program Files\Live_TV
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-09-15 18:05 --------- d-------- C:\Program Files\eMule
2007-09-14 19:57 --------- d-------- C:\Program Files\Google
2007-09-07 21:57 --------- d-------- C:\Program Files\Fichiers communs\Wise Installation Wizard
2007-08-31 21:29 --------- d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft Help
2007-08-29 19:51 --------- d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
2007-08-29 08:43 --------- d--h----- C:\Program Files\InstallShield Installation Information
2007-08-29 08:43 --------- d-------- C:\Program Files\Lenovo
2007-08-29 08:41 --------- d-------- C:\Program Files\ThinkVantage
2007-08-29 08:40 --------- d-------- C:\Program Files\Fichiers communs\Lenovo
2007-08-29 08:38 --------- d-------- C:\Program Files\Axis Communications
2007-08-26 14:28 --------- d-------- C:\DOCUME~1\LANETK~1\APPLIC~1\Lenovo
2007-08-26 14:28 --------- d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lenovo
2007-08-26 14:26 23552 --a------ C:\WINDOWS\system32\drivers\psasrv.exe
2007-08-26 02:11 5427 --a------ C:\WINDOWS\system32\EGATHDRV.SYS
2007-08-22 20:37 --------- d-------- C:\DOCUME~1\LANETK~1\APPLIC~1\Draw burn
2007-08-22 19:53 --------- d-------- C:\DOCUME~1\LOCALS~1\APPLIC~1\Draw burn
2007-08-20 17:02 --------- d-------- C:\DOCUME~1\LANETK~1\APPLIC~1\LimeWire
2007-08-15 13:08 --------- d-------- C:\Program Files\MSXML 4.0
2007-08-12 15:34 --------- d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skyline
2007-08-12 15:29 122880 --a------ C:\WINDOWS\system32\UAService7.exe
2007-08-12 14:46 12464 --a------ C:\WINDOWS\system32\drivers\CdaC15BA.SYS
2007-08-12 14:46 --------- d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Macrovision
2007-08-12 00:19 --------- d-------- C:\DOCUME~1\LOCALS~1\APPLIC~1\Media Player Classic
2007-08-10 15:30 --------- d-------- C:\Program Files\Fichiers communs\BOONTY Shared
2007-08-10 15:30 --------- d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\BOONTY
2007-08-09 01:07 --------- d-------- C:\DOCUME~1\LANETK~1\APPLIC~1\Skyline
2007-08-08 15:11 --------- d-------- C:\DOCUME~1\LANETK~1\APPLIC~1\Media Player Classic
2007-08-08 12:01 --------- d-------- C:\Program Files\MP3Dancer
2007-08-08 01:15 --------- d-------- C:\DOCUME~1\LANETK~1\APPLIC~1\aMule
2007-08-07 00:53 --------- d-------- C:\Program Files\K-Lite Codec Pack
2007-08-03 15:41 --------- d-------- C:\Program Files\TuneUp Utilities 2007
2007-08-03 14:44 --------- d-------- C:\DOCUME~1\LANETK~1\APPLIC~1\TuneUp Software
2007-08-03 14:44 --------- d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\TuneUp Software
2007-08-02 21:46 --------- d-------- C:\Program Files\AnmSMP
2007-08-02 12:30 1513920 --a------ C:\WINDOWS\system32\xsarxjtt.exe
2007-08-01 18:44 --------- d-------- C:\Program Files\Picasa2
2007-07-31 23:05 --------- d-------- C:\Program Files\MSN Messenger
2007-07-31 23:04 --------- d-------- C:\Program Files\Windows Live
2007-07-31 23:04 --------- d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
2007-07-31 23:04 --------- d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\WindowsLiveInstaller
2007-07-30 19:19 92504 --a------ C:\WINDOWS\system32\dllcache\cdm.dll
2007-07-30 19:19 92504 --a------ C:\WINDOWS\system32\cdm.dll
2007-07-30 19:19 549720 --a------ C:\WINDOWS\system32\wuapi.dll
2007-07-30 19:19 549720 --a------ C:\WINDOWS\system32\dllcache\wuapi.dll
2007-07-30 19:19 53080 --a------ C:\WINDOWS\system32\wuauclt.exe
2007-07-30 19:19 53080 --a------ C:\WINDOWS\system32\dllcache\wuauclt.exe
2007-07-30 19:19 43352 --a------ C:\WINDOWS\system32\wups2.dll
2007-07-30 19:19 325976 --a------ C:\WINDOWS\system32\wucltui.dll
2007-07-30 19:19 325976 --a------ C:\WINDOWS\system32\dllcache\wucltui.dll
2007-07-30 19:19 271224 --a------ C:\WINDOWS\system32\mucltui.dll
2007-07-30 19:19 207736 --a------ C:\WINDOWS\system32\muweb.dll
2007-07-30 19:19 203096 --a------ C:\WINDOWS\system32\wuweb.dll
2007-07-30 19:19 203096 --a------ C:\WINDOWS\system32\dllcache\wuweb.dll
2007-07-30 19:19 1712984 --a------ C:\WINDOWS\system32\wuaueng.dll
2007-07-30 19:19 1712984 --a------ C:\WINDOWS\system32\dllcache\wuaueng.dll
2007-07-30 19:18 33624 --a------ C:\WINDOWS\system32\wups.dll
2007-07-30 19:18 33624 --a------ C:\WINDOWS\system32\dllcache\wups.dll
2007-07-28 00:07 783224 --a------ C:\WINDOWS\system32\aswBoot.exe
2007-07-28 00:00 23152 --a------ C:\WINDOWS\system32\drivers\aswRdr.sys
2007-07-23 19:04 --------- d-------- C:\DOCUME~1\LANETK~1\APPLIC~1\Command & Conquer 3 Les guerres du Tiberium
2007-07-23 10:24 --------- dr-h----- C:\DOCUME~1\LANETK~1\APPLIC~1\SecuROM
2007-07-19 20:27 --------- d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
2007-07-03 16:29 171520 --a------ C:\WINDOWS\system32\cncs32.dll
2007-06-28 18:54 180224 --a------ C:\WINDOWS\system32\xvidvfw.dll
2007-06-28 18:52 765952 --a------ C:\WINDOWS\system32\xvidcore.dll
2007-06-17 09:31 5749 --a------ C:\WINDOWS\BricoPackFoldersDelete.cmd
2007-06-17 09:31 56815 --a--c--- C:\WINDOWS\BricoPackUninst.cmd
2007-04-01 10:37 47360 --a--c--- C:\DOCUME~1\LANETK~1\APPLIC~1\pcouffin.sys
--------- C:\Program Files\Hijackthis Version Française
2007-02-10 13:08:39 8,192 -csha-w C:\WINDOWS\o2cLicStore.bin
.
((((((((((((((((((((((((((((( snapshot_2007-09-17_215907.06 )))))))))))))))))))))))))))))))))))))))))
.
----atw 16,384 2007-09-17 20:11:55 C:\WINDOWS\Temp\Perflib_Perfdata_504.dat
.
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 11:25]
"avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2007-08-31 12:25]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 13:00]
"Actual Transparent Window"="C:\Program Files\Actual Transparent Window\ActualTransparentWindowCenter.exe" [2007-06-20 04:05]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"EditLevel"=0 (0x0)
"NoFileMenu"=0 (0x0)
"NoCommonGroups"=0 (0x0)
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
"Notification Packages"= scecli ACGina
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Adobe Reader Synchronizer.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Adobe Reader Synchronizer.lnk
backup=C:\WINDOWS\pss\Adobe Reader Synchronizer.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^autorun.exe]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\autorun.exe
backup=C:\WINDOWS\pss\autorun.exeCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Lancement rapide d'Adobe Reader.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Lancement rapide d'Adobe Reader.lnk
backup=C:\WINDOWS\pss\Lancement rapide d'Adobe Reader.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^lanet kevin^Menu Démarrer^Programmes^Démarrage^BoontyBox 01net.lnk]
path=C:\Documents and Settings\lanet kevin\Menu Démarrer\Programmes\Démarrage\BoontyBox 01net.lnk
backup=C:\WINDOWS\pss\BoontyBox 01net.lnkStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^lanet kevin^Menu Démarrer^Programmes^Démarrage^MP3 Dancer.lnk]
path=C:\Documents and Settings\lanet kevin\Menu Démarrer\Programmes\Démarrage\MP3 Dancer.lnk
backup=C:\WINDOWS\pss\MP3 Dancer.lnkStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^lanet kevin^Menu Démarrer^Programmes^Démarrage^system.exe]
path=C:\Documents and Settings\lanet kevin\Menu Démarrer\Programmes\Démarrage\system.exe
backup=C:\WINDOWS\pss\system.exeStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\!AVG Anti-Spyware]
"C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
"C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AGRSMMSG]
AGRSMMSG.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr]
ALCMTR.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AMSG]
C:\PROGRA~1\THINKV~1\AMSG\amsg.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\avast!]
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AzMixerSel]
C:\Program Files\Realtek\InstallShield\AzMixerSel.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
"C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Broadcom Wireless Manager UI]
C:\WINDOWS\system32\WLTRAY.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cssauth]
"C:\Program Files\Lenovo\Client Security Solution\cssauth.exe" silent
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
C:\WINDOWS\system32\ctfmon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DiskeeperSystray]
"C:\Program Files\Diskeeper Corporation\Diskeeper\DkIcon.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eMuleAutoStart]
C:\Program Files\eMule\emule.exe -AutoStart
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Farces & Attrapes]
\\BARDELLINU\SharedDocs\Mes vidéos\WinAutorun.exe \farces
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxhkcmd]
C:\WINDOWS\system32\hkcmd.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxpers]
C:\WINDOWS\system32\igfxpers.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxtray]
C:\WINDOWS\system32\igfxtray.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
"C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LPManager]
C:\PROGRA~1\Lenovo\LENOVO~2\LPMGR.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Magentic]
C:\PROGRA~1\Magentic\bin\Magentic.exe /c
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Picasa Media Detector]
C:\Program Files\Picasa2\PicasaMediaDetector.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PMHandler]
C:\PROGRA~1\Lenovo\PMDRIV~1\PMHandler.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
"C:\Program Files\QuickTime\qttask.exe" -atboottime
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
RTHDCPL.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Shareaza]
"C:\Program Files\Shareaza\Shareaza.exe" -tray
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SkyTel]
SkyTel.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\snpstd]
C:\WINDOWS\vsnpstd.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
"c:\valve\steam\steam.exe" -silent
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
"C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TuneUp MemOptimizer]
"C:\Program Files\TuneUp Utilities 2007\MemOptimizer.exe" autostart
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TVT Scheduler Proxy]
C:\Program Files\Fichiers communs\Lenovo\Scheduler\scheduler_proxy.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
C:\Program Files\Windows Media Player\WMPNSCFG.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"gusvc"=3 (0x3)
"Boonty Games"=3 (0x3)
"avast! Web Scanner"=3 (0x3)
"avast! Mail Scanner"=3 (0x3)
"avast! Antivirus"=2 (0x2)
"aswUpdSv"=2 (0x2)
R1 ANC;ANC;C:\WINDOWS\system32\drivers\ANC.SYS
R1 IBMTPCHK;IBMTPCHK;\??\C:\WINDOWS\system32\Drivers\IBMBLDID.sys
R1 PMHler;PMHler;C:\WINDOWS\system32\drivers\PMHler.sys
R2 UxTuneUp;TuneUp Extension de thème;C:\WINDOWS\System32\svchost.exe -k netsvcs
S2 sbbotdi;sbbotdi;\??\C:\PROGRA~1\SPEEDB~1\sbbotdi.sys
S3 sony_ssm.sys;sony_ssm.sys;\??\C:\DOCUME~1\LANETK~1\LOCALS~1\Temp\sony_ssm.sys
S3 USBSTOR;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
S4 Boonty Games;Boonty Games;"C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe"
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
"2007-09-17 19:04:13 C:\WINDOWS\Tasks\Maintenance en 1 clic.job"
- C:\Program Files\TuneUp Utilities 2007\SystemOptimizer.exe
.
**************************************************************************
catchme 0.3.1061 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-09-17 22:29:18
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
Completion time: 2007-09-17 22:30:29
C:\ComboFix-quarantined-files.txt ... 2007-09-17 22:30
C:\ComboFix2.txt ... 2007-09-17 21:59
.
--- E O F ---
On continue.
Fais une analyse antivirus en ligne sur Kaspersky
http://webscanner.kaspersky.fr/
Clique sur Démarrer Online Scanner.
Sélectionne le poste de travail comme analyse.
Colle son rapport ici.
Aide toi de ce lien.
http://www.infos-du-net.com/forum/ [...] -kaspersky
Vous avez un problème ? Créez votre propre post !
Répondre à chercheur_
C LONG ET LENT........................TRES LENT
Oui, mais très complet.
Vous avez un problème ? Créez votre propre post !
Répondre à chercheur_
tu ne l aura que dans la nui t le scan ou demain car la sa prend du temps alors dsl
Pas de problème.
Pense à éditer ton titre pour le mettre en minuscule 
Rappels : Section Sécurité - Virus
Vous avez un problème ? Créez votre propre post !
Répondre à chercheur_
ok je vais mettre ne miniscule mais il y a un probleme g du recommencer l analyse car elle c bloquer en 86% mais je te donne au plus vite je le fais ce matin a 8h00 et l analyse tu l aura si elle a fini entre midi et 2.
je n arrive pas lanalyse il me met erreur sur la page donc comment faire et sinon donne tout et on continue se soir car je rentre du taf
bon je suis rentrer alors tu peut m expliquer pk l analyse antivirus marche pas car la...........
Bonjour
Est ce que le scan montrait quelque chose ?
On change.
Fais une analyse antivirus en ligne sur Panda
http://www.pandasoftware.com/activ [...] ncipal.htm
Colle son rapport ici.
Vous avez un problème ? Créez votre propre post !
Répondre à chercheur_
le scan affichait tout normal et a un moment pu rien erreur de page
ben sur panda scan il me dit pas de rapport sauf:
Résumé:aucun virus sur votre ordinateur n'a été détécté
alors qu est ce qu il me reste a faire veux tu de nouveau rapport ou autre chose
As tu encore des dysfonctionnements ?
Vous avez un problème ? Créez votre propre post !
Répondre à chercheur_
non pas que je sache mais juste une question pourquoi mntnt shareaza me dit que je suis derriere un routeur nat ou un pare feu
Je ne sais pas. Vérifie les reglages.
Supprime les outils utilisés.
Encore deux choses.
Va sur ce lien pour mieux sécuriser ton PC
http://www.infos-du-net.com/forum/ [...] ordinateur
Edite ton premier message et ajoute Résolu à côté de ton titre.
Vous avez un problème ? Créez votre propre post !
Répondre à chercheur_
bien merci beaucoup de ton aide et bonne continuation!!!!!!!!!!!
Il y a 413 utilisateurs connus et inconnus. Pour voir la liste des connectés connus, cliquez ici.
