Tom's Guide > Forum > Sécurité - Virus > [RESOLU] plusieurs infection diverses

[RESOLU] plusieurs infection diverses

Forum Sécurité - Virus : [RESOLU] plusieurs infection diverses

TomsGuide.com : 800 000 inscrits répondent à toutes vos questions high-tech et informatique. Pour obtenir de l'aide, inscrivez-vous gratuitement !
Créer un nouveau sujet Répondre
Mot :    Pseudo :           
 
toufous35   04-12-2008 à 07:36:53

Bonjour à tous,

Alors voila, suite à un fichier pourrie hérité via le p2p, mon pc ne va plus:

Plusieurs virus ont été trouvés et éliminés par Avast mais il restait des problèmes.

Je suis passé en Safe Mode, ai lancé Spyware doctor, qui a trouvé et viré certains truc; mais pas suffisant!
toujours en safe mode, ai fait RogueRemover sans succes, AVG Rootkit non plus, ai fait un scan avec Antivir et enfin avec Spybot qui ont eux trouvé des choses et les ont supprimer.

Mais il me restait comme problème, l'ouverture intempestive de Firefox sur des sites inconnus, le blocage des onglets des propriété d'affichage (je ne peux plus changer mon fond d'écran!) avec un fond d'écran noir et un petit cadre dont le texte clignote indiquant une infection spyware.

et au démarrage windows, des erreurs avec la demande :"Annuler,Ignorer,Recommencer"

l'ouverture de la boite de dialogue pour l'intallation d'un nouveau matériel .


Alors, j'ai dl Smidfraudfix et voila:


SmitFraudFix v2.380

Rapport fait à 18:52:25,70, 02/12/2008
Executé à partir de C:\Documents and Settings\Moi\Bureau\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Le type du système de fichiers est NTFS
Fix executé en mode sans echec

»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Avant SmitFraudFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

»»»»»»»»»»»»»»»»»»»»»»»» Arret des processus


»»»»»»»»»»»»»»»»»»»»»»»» hosts

127.0.0.1 localhost
127.255.255.255 serial.alcohol-soft.com
127.255.255.255 www.alcohol-soft.com
127.255.255.255 images.alcohol-soft.com
127.0.0.1 007guard.com
127.0.0.1 www.007guard.com
127.0.0.1 008i.com
127.0.0.1 008k.com
127.0.0.1 www.008k.com
127.0.0.1 00hq.com
127.0.0.1 www.00hq.com
127.0.0.1 010402.com
127.0.0.1 032439.com
127.0.0.1 www.032439.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 100sexlinks.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
127.0.0.1 123topsearch.com
127.0.0.1 www.123topsearch.com
127.0.0.1 132.com
127.0.0.1 www.132.com
127.0.0.1 136136.net
127.0.0.1 www.136136.net
127.0.0.1 163ns.com
127.0.0.1 www.163ns.com
127.0.0.1 171203.com
127.0.0.1 17-plus.com
127.0.0.1 1800searchonline.com
127.0.0.1 www.1800searchonline.com
127.0.0.1 180searchassistant.com
127.0.0.1 www.180searchassistant.com
127.0.0.1 180solutions.com
127.0.0.1 www.180solutions.com
127.0.0.1 181.365soft.info
127.0.0.1 www.181.365soft.info
127.0.0.1 1987324.com
127.0.0.1 www.1987324.com
127.0.0.1 1-domains-registrations.com
127.0.0.1 www.1-domains-registrations.com
127.0.0.1 1sexparty.com
127.0.0.1 www.1sexparty.com
127.0.0.1 1stantivirus.com
127.0.0.1 www.1stantivirus.com
127.0.0.1 1stpagehere.com
127.0.0.1 www.1stpagehere.com
127.0.0.1 1stsearchportal.com
127.0.0.1 www.1stsearchportal.com
127.0.0.1 2.82211.net
127.0.0.1 www.2006ooo.com
127.0.0.1 2007-download.com
127.0.0.1 www.2007-download.com
127.0.0.1 2020search.com
127.0.0.1 www.2020search.com
127.0.0.1 20x2p.com
127.0.0.1 24.365soft.info
127.0.0.1 www.24.365soft.info
127.0.0.1 24-7pharmacy.info
127.0.0.1 www.24-7pharmacy.info
127.0.0.1 24-7searching-and-more.com
127.0.0.1 www.24-7searching-and-more.com
127.0.0.1 24teen.com
127.0.0.1 www.24teen.com
127.0.0.1 2ndpower.com
127.0.0.1 2search.com
127.0.0.1 www.2search.com
127.0.0.1 2search.org
127.0.0.1 www.2search.org
127.0.0.1 2squared.com
127.0.0.1 www.2squared.com
127.0.0.1 3322.org
127.0.0.1 www.3322.org
127.0.0.1 365soft.info
127.0.0.1 36site.com
127.0.0.1 www.36site.com
127.0.0.1 3721.com
127.0.0.1 39-93.com
127.0.0.1 3bay.it
127.0.0.1 www.3bay.it
127.0.0.1 404dns.com
127.0.0.1 www.404dns.com
127.0.0.1 4199.com
127.0.0.1 www.4199.com
127.0.0.1 4corn.net
127.0.0.1 www.4corn.net
127.0.0.1 4ebay.it
127.0.0.1 www.4ebay.it
127.0.0.1 4klm.com
127.0.0.1 5zgmu7o20kt5d8yq.com
127.0.0.1 www.5zgmu7o20kt5d8yq.com
127.0.0.1 6sek.com
127.0.0.1 www.6sek.com
127.0.0.1 7322.com
127.0.0.1 www.7322.com
127.0.0.1 75tz.com
127.0.0.1 777search.com
127.0.0.1 www.777search.com
127.0.0.1 777top.com
127.0.0.1 www.777top.com
127.0.0.1 7939.com
127.0.0.1 www.7939.com
127.0.0.1 7search.com
127.0.0.1 www.7search.com
127.0.0.1 80gw6ry3i3x3qbrkwhxhw.032439.com
127.0.0.1 82211.net
127.0.0.1 8866.org
127.0.0.1 8ad.com
127.0.0.1 www.8ad.com
127.0.0.1 9505.com
127.0.0.1 www.9505.com
127.0.0.1 971searchbox.com
127.0.0.1 www.971searchbox.com
127.0.0.1 a.bestmanage.org
127.0.0.1 aaasexypics.com
127.0.0.1 aaawebfinder.com
127.0.0.1 www.aaawebfinder.com
127.0.0.1 aavc.com
127.0.0.1 abc-find.info
127.0.0.1 www.abc-find.info
127.0.0.1 abetterinternet.com
127.0.0.1 www.abetterinternet.com
127.0.0.1 abnetsoft.info
127.0.0.1 www.abnetsoft.info
127.0.0.1 aboutclicker.com
127.0.0.1 www.aboutclicker.com
127.0.0.1 abrp.net
127.0.0.1 www.abrp.net
127.0.0.1 absolutee.com
127.0.0.1 www.absolutee.com
127.0.0.1 ac66.cn
127.0.0.1 www.ac66.cn
127.0.0.1 access.Navinetwork.com
127.0.0.1 access.rapid-pass.net
127.0.0.1 accessactivexvideo.com
127.0.0.1 www.accessactivexvideo.com
127.0.0.1 accessclips.com
127.0.0.1 www.accessclips.com
127.0.0.1 access-dvd.com
127.0.0.1 www.access-dvd.com
127.0.0.1 accesskeygenerator.com
127.0.0.1 www.accesskeygenerator.com
127.0.0.1 accessorygeeks.com
127.0.0.1 www.accessorygeeks.com
127.0.0.1 accessthefuture.net
127.0.0.1 www.accessthefuture.net
127.0.0.1 accessvid.net
127.0.0.1 www.accessvid.net
127.0.0.1 acemedic.com
127.0.0.1 www.acemedic.com
127.0.0.1 ace-webmaster.com
127.0.0.1 www.ace-webmaster.com
127.0.0.1 acjp.com
127.0.0.1 acrobat-2007.com
127.0.0.1 www.acrobat-2007.com
127.0.0.1 acrobat-8.com
127.0.0.1 www.acrobat-8.com
127.0.0.1 acrobat-center.com
127.0.0.1 www.acrobat-center.com
127.0.0.1 acrobat-hq.com
127.0.0.1 www.acrobat-hq.com
127.0.0.1 acrobatreader-8.com
127.0.0.1 www.acrobatreader-8.com
127.0.0.1 acrobat-reader-8.de
127.0.0.1 www.acrobat-reader-8.de
127.0.0.1 acrobat-stop.com
127.0.0.1 www.acrobat-stop.com
127.0.0.1 actionbreastcancer.org
127.0.0.1 www.actionbreastcancer.org
127.0.0.1 activesearcher.info
127.0.0.1 www.activesearcher.info
127.0.0.1 activexaccessobject.com
127.0.0.1 www.activexaccessobject.com
127.0.0.1 activexaccessvideo.com
127.0.0.1 www.activexaccessvideo.com
127.0.0.1 activexemedia.com
127.0.0.1 www.activexemedia.com
127.0.0.1 activexmediaobject.com
127.0.0.1 www.activexmediaobject.com
127.0.0.1 activexmediapro.com
127.0.0.1 www.activexmediapro.com
127.0.0.1 activexmediasite.com
127.0.0.1 www.activexmediasite.com
127.0.0.1 activexmediasoftware.com
127.0.0.1 www.activexmediasoftware.com
127.0.0.1 activexmediasource.com
127.0.0.1 www.activexmediasource.com
127.0.0.1 activexmediatool.com
127.0.0.1 www.activexmediatool.com
127.0.0.1 activexmediatour.com
127.0.0.1 www.activexmediatour.com
127.0.0.1 activexsoftwares.com
127.0.0.1 www.activexsoftwares.com
127.0.0.1 activexsource.com
127.0.0.1 www.activexsource.com
127.0.0.1 activexupdate.com
127.0.0.1 www.activexupdate.com
127.0.0.1 activexvideo.com
127.0.0.1 www.activexvideo.com
127.0.0.1 activexvideotool.com
127.0.0.1 www.activexvideotool.com
127.0.0.1 ad.marketingsector.com
127.0.0.1 www.ad.marketingsector.com
127.0.0.1 ad.mokead.com
127.0.0.1 www.ad.mokead.com
127.0.0.1 ad.yieldmanager.com
127.0.0.1 www.ad.yieldmanager.com
127.0.0.1 ad25.com
127.0.0.1 ad45.com
127.0.0.1 ad77.com
127.0.0.1 ad86.com
127.0.0.1 adamsupportgroup.org
127.0.0.1 www.adamsupportgroup.org
127.0.0.1 adarmor.com
127.0.0.1 www.adarmor.com
127.0.0.1 adasearch.com
127.0.0.1 www.adasearch.com
127.0.0.1 adaware.cc
127.0.0.1 adawarenow.com
127.0.0.1 www.adawarenow.com
127.0.0.1 addictivetechnologies.com
127.0.0.1 www.addictivetechnologies.com
127.0.0.1 addictivetechnologies.net
127.0.0.1 www.addictivetechnologies.net
127.0.0.1 add-manager.com
127.0.0.1 www.add-manager.com
127.0.0.1 adgate.info
127.0.0.1 www.adgate.info
127.0.0.1 adipics.com
127.0.0.1 www.adipics.com
127.0.0.1 admin2cash.biz
127.0.0.1 www.admin2cash.biz
127.0.0.1 adnet-plus.com
127.0.0.1 adobe-download-now.com
127.0.0.1 adobe-downloads.com
127.0.0.1 www.adobe-downloads.com
127.0.0.1 adobe-reader-8.fr
127.0.0.1 www.adobe-reader-8.fr
127.0.0.1 adprotect.com
127.0.0.1 www.adprotect.com
127.0.0.1 ads.centralmedia.ws
127.0.0.1 ads.k8l.info
127.0.0.1 ads.kmpads.com
127.0.0.1 ads.marketingsector.com
127.0.0.1 ads.searchingbooth.com
127.0.0.1 ads.z-quest.com
127.0.0.1 ads183.com
127.0.0.1 www.ads183.com
127.0.0.1 adscontex.com
127.0.0.1 www.adscontex.com
127.0.0.1 adservices1.enhance.com
127.0.0.1 www.adservices1.enhance.com
127.0.0.1 adservs.com
127.0.0.1 adsextend.net
127.0.0.1 www.adsextend.net
127.0.0.1 adshttp.com
127.0.0.1 www.adshttp.com
127.0.0.1 adsonwww.com
127.0.0.1 www.adsonwww.com
127.0.0.1 adspics.com
127.0.0.1 www.adspics.com
127.0.0.1 adtrak.net
127.0.0.1 www.adtrak.net
127.0.0.1 adtrgt.com
127.0.0.1 adult777search.info
127.0.0.1 www.adult777search.info
127.0.0.1 adultan.com
127.0.0.1 www.adultan.com
127.0.0.1 adult-engine-search.com
127.0.0.1 www.adult-engine-search.com
127.0.0.1 adult-erotic-guide.net
127.0.0.1 www.adult-erotic-guide.net
127.0.0.1 adultfilmsite.com
127.0.0.1 www.adultfilmsite.com
127.0.0.1 adult-friends-finder.net
127.0.0.1 www.adult-friends-finder.net
127.0.0.1 adultgambling.org
127.0.0.1 adult-host.org
127.0.0.1 adulthyperlinks.com
127.0.0.1 www.adulthyperlinks.com
127.0.0.1 adultmovieplus.com
127.0.0.1 www.adultmovieplus.com
127.0.0.1 adult-personal.us
127.0.0.1 adultsgames.net
127.0.0.1 adultsper.com
127.0.0.1 www.adultsper.com
127.0.0.1 adulttds.com
127.0.0.1 www.adulttds.com
127.0.0.1 adultzoneworld.com
127.0.0.1 www.adultzoneworld.com
127.0.0.1 advcash.biz
127.0.0.1 www.advcash.biz
127.0.0.1 advert.exaccess.ru
127.0.0.1 advertisemoney.info
127.0.0.1 www.advertisemoney.info
127.0.0.1 advertising.paltalk.com
127.0.0.1 advertising-money.info
127.0.0.1 www.advertising-money.info
127.0.0.1 ad-ware.cc
127.0.0.1 ad-w-a-r-e.com
127.0.0.1 www.ad-w-a-r-e.com
127.0.0.1 a-d-w-a-r-e.com
127.0.0.1 www.a-d-w-a-r-e.com
127.0.0.1 adwarebazooka.com
127.0.0.1 www.adwarebazooka.com
127.0.0.1 adwarefinder.com
127.0.0.1 www.adwarefinder.com
127.0.0.1 adwareprotectionsite.com
127.0.0.1 www.adwareprotectionsite.com
127.0.0.1 adwarepunisher.com
127.0.0.1 www.adwarepunisher.com
127.0.0.1 aflgate.com
127.0.0.1 www.aflgate.com
127.0.0.1 africaspromise.org
127.0.0.1 agava.com
127.0.0.1 agava.ru
127.0.0.1 agentstudio.com
127.0.0.1 aginegialle.it
127.0.0.1 www.aginegialle.it
127.0.0.1 www.aifind.info
127.0.0.1 aifind.info
127.0.0.1 airtleworld.com
127.0.0.1 www.airtleworld.com
127.0.0.1 aitalia.it
127.0.0.1 www.aitalia.it
127.0.0.1 akamai.downloadv3.com
127.0.0.1 aklitalia.it
127.0.0.1 www.aklitalia.it
127.0.0.1 akril.com
127.0.0.1 alcatel.ws
127.0.0.1 alfacleaner.com
127.0.0.1 www.alfacleaner.com
127.0.0.1 alfa-search.com
127.0.0.1 alialia.it
127.0.0.1 www.alialia.it
127.0.0.1 aliotalia.it
127.0.0.1 www.aliotalia.it
127.0.0.1 alirtalia.it
127.0.0.1 www.alirtalia.it
127.0.0.1 alitaia.it
127.0.0.1 www.alitaia.it
127.0.0.1 alitaklia.it
127.0.0.1 www.alitaklia.it
127.0.0.1 alitala.it
127.0.0.1 www.alitala.it
127.0.0.1 alitali.it
127.0.0.1 www.alitali.it
127.0.0.1 alitaliaq.it
127.0.0.1 www.alitaliaq.it
127.0.0.1 alitalias.it
127.0.0.1 www.alitalias.it
127.0.0.1 alitaliaz.it
127.0.0.1 www.alitaliaz.it
127.0.0.1 alitalioa.it
127.0.0.1 www.alitalioa.it
127.0.0.1 alitalisa.it
127.0.0.1 www.alitalisa.it
127.0.0.1 alitaliua.it
127.0.0.1 www.alitaliua.it
127.0.0.1 alitalkia.it
127.0.0.1 www.alitalkia.it
127.0.0.1 alitaloia.it
127.0.0.1 www.alitaloia.it
127.0.0.1 alitaluia.it
127.0.0.1 www.alitaluia.it
127.0.0.1 alitaslia.it
127.0.0.1 www.alitaslia.it
127.0.0.1 alitlia.it
127.0.0.1 www.alitlia.it
127.0.0.1 alitralia.it
127.0.0.1 www.alitralia.it
127.0.0.1 alitsalia.it
127.0.0.1 www.alitsalia.it
127.0.0.1 aliutalia.it
127.0.0.1 www.aliutalia.it
127.0.0.1 ALL1COUNT.NET
127.0.0.1 www.ALL1COUNT.NET
127.0.0.1 all4internet.com
127.0.0.1 www.all4internet.com
127.0.0.1 allabtcars.com
127.0.0.1 allabtjeeps.com
127.0.0.1 all-bittorrent.com
127.0.0.1 www.all-bittorrent.com
127.0.0.1 www.allcybersearch.com
127.0.0.1 allcybersearch.com
127.0.0.1 alldnserrors.com
127.0.0.1 www.alldnserrors.com
127.0.0.1 all-downloads-now.com
127.0.0.1 www.all-downloads-now.com
127.0.0.1 all-edonkey.com
127.0.0.1 www.all-edonkey.com
127.0.0.1 allforadult.com
127.0.0.1 allhyperlinks.com
127.0.0.1 alliesecurity.com
127.0.0.1 www.alliesecurity.com
127.0.0.1 all-inet.com
127.0.0.1 allinternetbusiness.com
127.0.0.1 all-limewire.com
127.0.0.1 www.all-limewire.com
127.0.0.1 allmegabucks.com
127.0.0.1 www.allmegabucks.com
127.0.0.1 allprotections.com
127.0.0.1 www.allprotections.com
127.0.0.1 allresultz.net
127.0.0.1 www.allresultz.net
127.0.0.1 allsecuritynotes.com
127.0.0.1 www.allsecuritynotes.com
127.0.0.1 allsecuritysite.com
127.0.0.1 www.allsecuritysite.com
127.0.0.1 allstarsvideos.net
127.0.0.1 www.allstarsvideos.net
127.0.0.1 alltruesoftware.com
127.0.0.1 www.alltruesoftware.com
127.0.0.1 allvideoactivex.com
127.0.0.1 www.allvideoactivex.com
127.0.0.1 almanah.biz
127.0.0.1 www.almanah.biz
127.0.0.1 almarvideos.com
127.0.0.1 aloitalia.it
127.0.0.1 www.aloitalia.it
127.0.0.1 aluitalia.it
127.0.0.1 www.aluitalia.it
127.0.0.1 amaena.com
127.0.0.1 www.amaena.com
127.0.0.1 amandamountains.com
127.0.0.1 amateurliveshow.com
127.0.0.1 www.amateurliveshow.com
127.0.0.1 amediasoftware.com
127.0.0.1 www.amediasoftware.com
127.0.0.1 amediasource.com
127.0.0.1 www.amediasource.com
127.0.0.1 americancarbargains.com
127.0.0.1 www.americancarbargains.com
127.0.0.1 american-teens.net
127.0.0.1 amigeek.com
127.0.0.1 amisbusiness.com
127.0.0.1 ampmsearch.com
127.0.0.1 www.ampmsearch.com
127.0.0.1 analcord.com
127.0.0.1 www.analcord.com
127.0.0.1 analmovi.com
127.0.0.1 anarchylolita.com
127.0.0.1 www.anarchylolita.com
127.0.0.1 anarchyporn.com
127.0.0.1 andromedical.com
127.0.0.1 www.andromedical.com
127.0.0.1 animepornmag.com
127.0.0.1 www.animepornmag.com
127.0.0.1 anin.org
127.0.0.1 anjpn-avxiz.biz
127.0.0.1 www.anjpn-avxiz.biz
127.0.0.1 anjpnzqav.biz
127.0.0.1 www.anjpnzqav.biz
127.0.0.1 anjpn-zqav.biz
127.0.0.1 www.anjpn-zqav.biz
127.0.0.1 annaromeo.com
127.0.0.1 antiddos.us
127.0.0.1 www.antiddos.us
127.0.0.1 Antiespiadorado.com
127.0.0.1 www.Antiespiadorado.com
127.0.0.1 Antiespionspack.com
127.0.0.1 www.Antiespionspack.com
127.0.0.1 Antigusanos2008.com
127.0.0.1 www.Antigusanos2008.com
127.0.0.1 Antispionage.com
127.0.0.1 www.Antispionage.com
127.0.0.1 Antispionagepro.com
127.0.0.1 www.Antispionagepro.com
127.0.0.1 antispydns.biz
127.0.0.1 www.antispydns.biz
127.0.0.1 antispylab.com
127.0.0.1 www.antispylab.com
127.0.0.1 antispysolutions.com
127.0.0.1 www.antispysolutions.com
127.0.0.1 antispyware.com
127.0.0.1 www.antispyware.com
127.0.0.1 antispywarebot.com
127.0.0.1 www.antispywarebot.com
127.0.0.1 antispywarebox.com
127.0.0.1 www.antispywarebox.com
127.0.0.1 antispywaredownloads.com
127.0.0.1 www.antispywaredownloads.com
127.0.0.1 Antispywaresuite.com
127.0.0.1 www.Antispywaresuite.com
127.0.0.1 Antispyweb.net
127.0.0.1 www.Antispyweb.net
127.0.0.1 Antiver2008.com
127.0.0.1 www.Antiver2008.com
127.0.0.1 antivermins.com
127.0.0.1 www.antivermins.com
127.0.0.1 anti-vermins.com
127.0.0.1 www.anti-vermins.com
127.0.0.1 antivir2007.com
127.0.0.1 www.antivir2007.com
127.0.0.1 antivirgear.com
127.0.0.1 www.antivirgear.com
127.0.0.1 antivirus.fastfreedownload.com
127.0.0.1 www.antivirus.fastfreedownload.com
127.0.0.1 antivirusgolden.com
127.0.0.1 www.antivirusgolden.com
127.0.0.1 antivirus-hq.net
127.0.0.1 www.antivirus-hq.net
127.0.0.1 anti-virus-pro.com
127.0.0.1 www.anti-virus-pro.com
127.0.0.1 antivirusprotector.com
127.0.0.1 www.antivirusprotector.com
127.0.0.1 antivirussecuritypro.com
127.0.0.1 www.antivirussecuritypro.com
127.0.0.1 antivirus-stop.com
127.0.0.1 www.antivirus-stop.com
127.0.0.1 Antiworm2008.com
127.0.0.1 www.Antiworm2008.com
127.0.0.1 Antiwurm2008.com
127.0.0.1 www.Antiwurm2008.com
127.0.0.1 antrocity.com
127.0.0.1 anyofus.com
127.0.0.1 www.anyofus.com
127.0.0.1 anysn.seproger.com
127.0.0.1 www.anysn.seproger.com
127.0.0.1 anything4health.com
127.0.0.1 apicpreview.com
127.0.0.1 www.apicpreview.com
127.0.0.1 appealcircuit.com
127.0.0.1 www.appealcircuit.com
127.0.0.1 approvedlinks.com
127.0.0.1 www.approvedlinks.com
127.0.0.1 apps.deskwizz.com
127.0.0.1 apps.webservicehost.com
127.0.0.1 aprotectedpage.com
127.0.0.1 www.aprotectedpage.com
127.0.0.1 apsua.com
127.0.0.1 archiviosex.net
127.0.0.1 www.archiviosex.net
127.0.0.1 aregay.com
127.0.0.1 ares-freebie.com
127.0.0.1 www.ares-freebie.com
127.0.0.1 arespro2007.com
127.0.0.1 www.arespro2007.com
127.0.0.1 aresultra.com
127.0.0.1 www.aresultra.com
127.0.0.1 ares-usa.com
127.0.0.1 www.ares-usa.com
127.0.0.1 arheo.com
127.0.0.1 arizonaweb.org
127.0.0.1 armitageinn.com
127.0.0.1 arquivojpgs.smtp.ru
127.0.0.1 www.arquivojpgs.smtp.ru
127.0.0.1 artachnid.com
127.0.0.1 art-func.com
127.0.0.1 art-xxx.com
127.0.0.1 asafebrowser.com
127.0.0.1 www.asafebrowser.com
127.0.0.1 asafetynotice.com
127.0.0.1 www.asafetynotice.com
127.0.0.1 asafetypage.com
127.0.0.1 www.asafetypage.com
127.0.0.1 asdbiz.biz
127.0.0.1 www.asdbiz.biz
127.0.0.1 asdeykuddq.com
127.0.0.1 www.asdeykuddq.com
127.0.0.1 asecurebar.com
127.0.0.1 www.asecurebar.com
127.0.0.1 asecureboard.com
127.0.0.1 www.asecureboard.com
127.0.0.1 asecurevalue.com
127.0.0.1 www.asecurevalue.com
127.0.0.1 asecurityissue.com
127.0.0.1 www.asecurityissue.com
127.0.0.1 asecuritynotice.com
127.0.0.1 www.asecuritynotice.com
127.0.0.1 asecuritypaper.com
127.0.0.1 www.asecuritypaper.com
127.0.0.1 asecuritystuff.com
127.0.0.1 www.asecuritystuff.com
127.0.0.1 asiankingkong.com
127.0.0.1 asianpornmag.com
127.0.0.1 www.asianpornmag.com
127.0.0.1 asiantoolbar.com
127.0.0.1 www.asiantoolbar.com
127.0.0.1 asidseiupc.com
127.0.0.1 www.asidseiupc.com
127.0.0.1 aslitalia.it
127.0.0.1 www.aslitalia.it
127.0.0.1 ass-gals.com
127.0.0.1 assureprotection.com
127.0.0.1 www.assureprotection.com
127.0.0.1 asta-killer.com
127.0.0.1 asupereva.it
127.0.0.1 www.asupereva.it
127.0.0.1 athenrye.com
127.0.0.1 atotalsafety.com
127.0.0.1 www.atotalsafety.com
127.0.0.1 atrueprotection.com
127.0.0.1 www.atrueprotection.com
127.0.0.1 atruesecurity.com
127.0.0.1 www.atruesecurity.com
127.0.0.1 attackware.com
127.0.0.1 www.attackware.com
127.0.0.1 attrezzi.biz
127.0.0.1 www.attrezzi.biz
127.0.0.1 aulde.net
127.0.0.1 www.aulde.net
127.0.0.1 aupereva.it
127.0.0.1 www.aupereva.it
127.0.0.1 autocontext.begun.ru
127.0.0.1 www.autocontext.begun.ru
127.0.0.1 autoescrowpay.com
127.0.0.1 avast.free-software-center.com
127.0.0.1 www.avast.free-software-center.com
127.0.0.1 avast-2007.com
127.0.0.1 www.avast-2007.com
127.0.0.1 avast-downloads.com
127.0.0.1 www.avast-downloads.com
127.0.0.1 avast-hq.com
127.0.0.1 www.avast-hq.com
127.0.0.1 avforce.com
127.0.0.1 www.avforce.com
127.0.0.1 avg.grab-it-today.net
127.0.0.1 www.avg.grab-it-today.net
127.0.0.1 avg.softwarecenterz.com
127.0.0.1 www.avg.softwarecenterz.com
127.0.0.1 avg-secure.com
127.0.0.1 www.avg-secure.com
127.0.0.1 avian-ads.com
127.0.0.1 avideoaxaccess.com
127.0.0.1 www.avideoaxaccess.com
127.0.0.1 avideosurfer.com
127.0.0.1 www.avideosurfer.com
127.0.0.1 aviewersoft.com
127.0.0.1 www.aviewersoft.com
127.0.0.1 avpcheckupdate.com
127.0.0.1 www.avpcheckupdate.com
127.0.0.1 avxizaaqada.biz
127.0.0.1 www.avxizaaqada.biz
127.0.0.1 avxiz-anjpn.biz
127.0.0.1 www.avxiz-anjpn.biz
127.0.0.1 avxizueorn.biz
127.0.0.1 www.avxizueorn.biz
127.0.0.1 avxiz-ueorn.biz
127.0.0.1 www.avxiz-ueorn.biz
127.0.0.1 avxiz-vtvcp.biz
127.0.0.1 www.avxiz-vtvcp.biz
127.0.0.1 avxiz-ygco.biz
127.0.0.1 www.avxiz-ygco.biz
127.0.0.1 avxiz-zqav.biz
127.0.0.1 www.avxiz-zqav.biz
127.0.0.1 awarninglist.com
127.0.0.1 www.awarninglist.com
127.0.0.1 awbeta.net-nucleus.com
127.0.0.1 awesomehomepage.com
127.0.0.1 www.awesomehomepage.com
127.0.0.1 awmcash.biz
127.0.0.1 awmdabest.com
127.0.0.1 axemediasoftware.com
127.0.0.1 www.axemediasoftware.com
127.0.0.1 aximageobject.com
127.0.0.1 www.aximageobject.com
127.0.0.1 axmediaproject.com
127.0.0.1 www.axmediaproject.com
127.0.0.1 axmediasoftware.com
127.0.0.1 www.axmediasoftware.com
127.0.0.1 axmediasolutions.com
127.0.0.1 www.axmediasolutions.com
127.0.0.1 axobjectpage.com
127.0.0.1 www.axobjectpage.com
127.0.0.1 axobjectsource.com
127.0.0.1 www.axobjectsource.com
127.0.0.1 axsoftwaretool.com
127.0.0.1 www.axsoftwaretool.com
127.0.0.1 axvideoproject.com
127.0.0.1 www.axvideoproject.com
127.0.0.1 axvideosetup.com
127.0.0.1 www.axvideosetup.com
127.0.0.1 ayakawamura.com
127.0.0.1 ayb.dns-look-up.com
127.0.0.1 ayb.netbios-wait.com
127.0.0.1 ayumitaniguchi.com
127.0.0.1 azebar.com
127.0.0.1 azureusclub.com
127.0.0.1 www.azureusclub.com
127.0.0.1 azureus-freebie.com
127.0.0.1 www.azureus-freebie.com
127.0.0.1 azzetta.it
127.0.0.1 www.azzetta.it
127.0.0.1 b.casalemedia.com
127.0.0.1 babe.k-lined.com
127.0.0.1 www.babe.k-lined.com
127.0.0.1 babe.the-killer.bz
127.0.0.1 www.babe.the-killer.bz
127.0.0.1 babenet.com
127.0.0.1 www.babenet.com
127.0.0.1 babespornmag.com
127.0.0.1 www.babespornmag.com
127.0.0.1 babeweb.de
127.0.0.1 www.babeweb.de
127.0.0.1 baccarat-other.info
127.0.0.1 www.baccarat-other.info
127.0.0.1 Backstripgirls.com
127.0.0.1 www.Backstripgirls.com
127.0.0.1 backup.mabou.org
127.0.0.1 balotierra.com
127.0.0.1 www.balotierra.com
127.0.0.1 bannedhost.net
127.0.0.1 barbudafarms.com
127.0.0.1 bardownload.com
127.0.0.1 www.bardownload.com
127.0.0.1 barnandfence.com
127.0.0.1 batsearch.com
127.0.0.1 baygraphicsllc.com
127.0.0.1 bbbsearch.com
127.0.0.1 bb-search.com
127.0.0.1 bdsmlibrary.net
127.0.0.1 bdsmpornmag.com
127.0.0.1 www.bdsmpornmag.com
127.0.0.1 bearshare.download-me.info
127.0.0.1 www.bearshare.download-me.info
127.0.0.1 bearshare.mp3-muzic.com
127.0.0.1 www.bearshare.mp3-muzic.com
127.0.0.1 bearshare-download.org
127.0.0.1 www.bearshare-download.org
127.0.0.1 bearshare-downloads.net
127.0.0.1 www.bearshare-downloads.net
127.0.0.1 bearsharelive.co.uk
127.0.0.1 www.bearsharelive.co.uk
127.0.0.1 bearshare-music-downloads.com
127.0.0.1 www.bearshare-music-downloads.com
127.0.0.1 bearsharepro2007.com
127.0.0.1 www.bearsharepro2007.com
127.0.0.1 bearshare-usa.com
127.0.0.1 www.bearshare-usa.com
127.0.0.1 bedhome.com
127.0.0.1 bediadance.com
127.0.0.1 beebappyy.biz
127.0.0.1 www.beebappyy.biz
127.0.0.1 begin2search.com
127.0.0.1 www.begin2search.com
127.0.0.1 bellabasketsfl.com
127.0.0.1 bernaolatwin.com
127.0.0.1 best-counter.com
127.0.0.1 bestcrawler.com
127.0.0.1 bestfor.ru
127.0.0.1 best-hardpics.com
127.0.0.1 bestmanage.org
127.0.0.1 www.bestmanage.org
127.0.0.1 bestmanage0.org
127.0.0.1 www.bestmanage0.org
127.0.0.1 bestmanage1.org
127.0.0.1 www.bestmanage1.org
127.0.0.1 bestmanage2.org
127.0.0.1 www.bestmanage2.org
127.0.0.1 bestmanage3.org
127.0.0.1 www.bestmanage3.org
127.0.0.1 bestmanage4.org
127.0.0.1 www.bestmanage4.org
127.0.0.1 bestmanage5.org
127.0.0.1 www.bestmanage5.org
127.0.0.1 bestmanage6.org
127.0.0.1 www.bestmanage6.org
127.0.0.1 bestmanage7.org
127.0.0.1 www.bestmanage7.org
127.0.0.1 bestmanage8.org
127.0.0.1 www.bestmanage8.org
127.0.0.1 bestmanage9.org
127.0.0.1 www.bestmanage9.org
127.0.0.1 bestporngate.com
127.0.0.1 bestsafetyguide.net
127.0.0.1 www.bestsafetyguide.net
127.0.0.1 best-spyware.info
127.0.0.1 www.best-spyware.info
127.0.0.1 best-targeted-traffic.com
127.0.0.1 www.best-targeted-traffic.com
127.0.0.1 best-voyeur.info
127.0.0.1 www.best-voyeur.info
127.0.0.1 bestweblinks.com
127.0.0.1 best-winning-casino.com
127.0.0.1 bestworldgirls-for-u.net
127.0.0.1 www.bestworldgirls-for-u.net
127.0.0.1 bestxporno.com
127.0.0.1 bettersearch.biz
127.0.0.1 www.bettersearch.biz
127.0.0.1 bgazzetta.it
127.0.0.1 www.bgazzetta.it
127.0.0.1 bgoogle.it
127.0.0.1 www.bgoogle.it
127.0.0.1 bigtrafficnetwork.com
127.0.0.1 www.bigtrafficnetwork.com
127.0.0.1 bigwww.com
127.0.0.1 www.bigwww.com
127.0.0.1 bin.errorprotector.com
127.0.0.1 bins.media-motor.net
127.0.0.1 bins2.media-motor.net
127.0.0.1 bis.180solutions.com
127.0.0.1 bitchesonline.net
127.0.0.1 bitcomet-freebie.com
127.0.0.1 www.bitcomet-freebie.com
127.0.0.1 biz.biz
127.0.0.1 blackblues00.com
127.0.0.1 www.blackblues00.com
127.0.0.1 blackhats.tc
127.0.0.1 www.blackhats.tc
127.0.0.1 blackhawksoftware.com
127.0.0.1 www.blackhawksoftware.com
127.0.0.1 blackjack-free.net
127.0.0.1 blazefind.com
127.0.0.1 blender.xu.pl
127.0.0.1 blondetgp.com
127.0.0.1 blue-elefant.com
127.0.0.1 www.blue-elefant.com
127.0.0.1 bm.theaimonline.com
127.0.0.1 www.bm.theaimonline.com
127.0.0.1 bnmgate.com
127.0.0.1 www.bnmgate.com
127.0.0.1 bodaciousbabette.com
127.0.0.1 bonzi.com
127.0.0.1 www.bonzi.com
127.0.0.1 boobdoll.com
127.0.0.1 boobsandtits.com
127.0.0.1 boobsclub.com
127.0.0.1 bookedspace.com
127.0.0.1 www.bookedspace.com
127.0.0.1 boom.com.vn
127.0.0.1 www.boom.com.vn
127.0.0.1 boredlife.com
127.0.0.1 bowlofogumbo.com
127.0.0.1 bpfq02.com
127.0.0.1 www.bpfq02.com
127.0.0.1 bqgate.com
127.0.0.1 www.bqgate.com
127.0.0.1 br.errorsafe.com
127.0.0.1 br.winantivirus.com
127.0.0.1 br.winfixer.com
127.0.0.1 bradcoem.org
127.0.0.1 braincodec.com
127.0.0.1 www.braincodec.com
127.0.0.1 brandiyoung.com
127.0.0.1 bravesentry.com
127.0.0.1 www.bravesentry.com
127.0.0.1 breenten.biz
127.0.0.1 www.breenten.biz
127.0.0.1 brodbfm.net
127.0.0.1 www.brodbfm.net
127.0.0.1 brookeburn.com
127.0.0.1 browserwise.com
127.0.0.1 www.browserwise.com
127.0.0.1 bucps.com
127.0.0.1 buhartes.info
127.0.0.1 buldog-stats.com
127.0.0.1 bullseye-network.com
127.0.0.1 www.bullseye-network.com
127.0.0.1 burgerkingbigscreen.com
127.0.0.1 burnsrecyclinginc.com
127.0.0.1 www.burnsrecyclinginc.com
127.0.0.1 buscards.net
127.0.0.1 bustyrussell.com
127.0.0.1 busysearch.net
127.0.0.1 www.busysearch.net
127.0.0.1 buttejazz.org
127.0.0.1 buy-find.info
127.0.0.1 www.buy-find.info
127.0.0.1 buyselldomain.net
127.0.0.1 buytraff.biz
127.0.0.1 www.buytraff.biz
127.0.0.1 buz.ru
127.0.0.1 bvirgilio.it
127.0.0.1 www.bvirgilio.it
127.0.0.1 c.centralmedia.ws
127.0.0.1 c.enhance.com
127.0.0.1 www.c.enhance.com
127.0.0.1 c.goclick.com
127.0.0.1 c4tdownload.com
127.0.0.1 www.c4tdownload.com
127.0.0.1 c5.www4free.info
127.0.0.1 www.c5.www4free.info
127.0.0.1 cache.surfaccuracy.com
127.0.0.1 www.cache.surfaccuracy.com
127.0.0.1 cache.ysbweb.com
127.0.0.1 calcioturris.com
127.0.0.1 calendaralerts.net
127.0.0.1 www.calendaralerts.net
127.0.0.1 cameouk.co.uk
127.0.0.1 www.cameouk.co.uk
127.0.0.1 cameup.com
127.0.0.1 camouflageclothingonline.net
127.0.0.1 www.camouflageclothingonline.net
127.0.0.1 camup.net
127.0.0.1 canberracricketcoaching.com
127.0.0.1 candycantaloupes.com
127.0.0.1 canidetect.org
127.0.0.1 www.canidetect.org
127.0.0.1 cantfind.com
127.0.0.1 www.cantfind.com
127.0.0.1 careers.dulcineasystems.net
127.0.0.1 carsands.com
127.0.0.1 carsrentals.net
127.0.0.1 cartoes.uol.com.br
127.0.0.1 casalemedia.com
127.0.0.1 www.casalemedia.com
127.0.0.1 cashdeluxe.net
127.0.0.1 www.cashdeluxe.net
127.0.0.1 cashengines.com
127.0.0.1 www.cashengines.com
127.0.0.1 cashsearch.biz
127.0.0.1 cashsurfers.com
127.0.0.1 www.cashsurfers.com
127.0.0.1 CashUnlim.com
127.0.0.1 www.CashUnlim.com
127.0.0.1 casino.com.free.game.pogo.gratisdownloads.nl
127.0.0.1 casino2win.net
127.0.0.1 casino-gambling-1.net
127.0.0.1 casino-gambling-2.net
127.0.0.1 casinomidas.net
127.0.0.1 casinonline.net
127.0.0.1 casino-onlines.net
127.0.0.1 castingsamateur.com
127.0.0.1 www.castingsamateur.com
127.0.0.1 catallogue.com
127.0.0.1 catch-dc.info
127.0.0.1 www.catch-dc.info
127.0.0.1 categories.mygeek.com
127.0.0.1 catsss.da.ru
127.0.0.1 caxa.ru
127.0.0.1 cc.panet.org
127.0.0.1 ccecaedbebfcaf.com
127.0.0.1 www.ccecaedbebfcaf.com
127.0.0.1 cclebali.org
127.0.0.1 ccorriere.it
127.0.0.1 www.ccorriere.it
127.0.0.1 cdegate.com
127.0.0.1 www.cdegate.com
127.0.0.1 cdn.drivecleaner.com
127.0.0.1 cdn.errorsafe.com
127.0.0.1 cdn.movies-etc.com
127.0.0.1 cdn.winsoftware.com
127.0.0.1 cdn2.movies-etc.com
127.0.0.1 cdorriere.it
127.0.0.1 www.cdorriere.it
127.0.0.1 ceewawires.org
127.0.0.1 centralmedia.ws
127.0.0.1 certumgroup.com
127.0.0.1 cforriere.it
127.0.0.1 www.cforriere.it
127.0.0.1 check.jupitersatellites.biz
127.0.0.1 www.check.jupitersatellites.biz
127.0.0.1 checkin100.com
127.0.0.1 www.checkin100.com
127.0.0.1 checkssecurity.com
127.0.0.1 www.checkssecurity.com
127.0.0.1 chelancatering.com
127.0.0.1 chenshijituan.com
127.0.0.1 www.chenshijituan.com
127.0.0.1 childrenvilla.com
127.0.0.1 chips-4-free.com
127.0.0.1 chrisswasey.com
127.0.0.1 chriswallace.net
127.0.0.1 cia-trjn.myvnc.com
127.0.0.1 www.cia-trjn.myvnc.com
127.0.0.1 ciorriere.it
127.0.0.1 www.ciorriere.it
127.0.0.1 cirriere.it
127.0.0.1 www.cirriere.it
127.0.0.1 ckick4thumbs.com
127.0.0.1 cl55.biz
127.0.0.1 clackamasliteraryreview.com
127.0.0.1 cleansoftwares.com
127.0.0.1 www.cleansoftwares.com
127.0.0.1 clearsearch.cc
127.0.0.1 clearsearch.net
127.0.0.1 clickaire.com
127.0.0.1 click-codec.com
127.0.0.1 www.click-codec.com
127.0.0.1 clickhere4search.com
127.0.0.1 www.clickhere4search.com
127.0.0.1 click-now.net
127.0.0.1 clickspring.net
127.0.0.1 www.clickspring.net
127.0.0.1 click-to-download.com
127.0.0.1 www.click-to-download.com
127.0.0.1 clicktomakeasearch.com
127.0.0.1 www.clicktomakeasearch.com
127.0.0.1 clickyestoenter.net
127.0.0.1 client.exeupdate.com
127.0.0.1 client.myadultexplorer.com
127.0.0.1 cliks.org
127.0.0.1 www.cliks.org
127.0.0.1 clorriere.it
127.0.0.1 www.clorriere.it
127.0.0.1 clrsch.com
127.0.0.1 clubxxxvideo.com
127.0.0.1 www.clubxxxvideo.com
127.0.0.1 clusif.free.fr
127.0.0.1 cmtapestry.com
127.0.0.1 cnetadd.com
127.0.0.1 www.cnetadd.com
127.0.0.1 cnzz.com
127.0.0.1 www.cnzz.com
127.0.0.1 code.ignphrases.com
127.0.0.1 codec.ninoa.com
127.0.0.1 codecdvd.net
127.0.0.1 www.codecdvd.net
127.0.0.1 codec-fun.com
127.0.0.1 www.codec-fun.com
127.0.0.1 codecsoft.net
127.0.0.1 www.codecsoft.net
127.0.0.1 codrriere.it
127.0.0.1 www.codrriere.it
127.0.0.1 coeriere.it
127.0.0.1 www.coeriere.it
127.0.0.1 coerriere.it
127.0.0.1 www.coerriere.it
127.0.0.1 cofrriere.it
127.0.0.1 www.cofrriere.it
127.0.0.1 cogrriere.it
127.0.0.1 www.cogrriere.it
127.0.0.1 coirriere.it
127.0.0.1 www.coirriere.it
127.0.0.1 command.adservs.com
127.0.0.1 www.commonname.com
127.0.0.1 computerpcgames.net
127.0.0.1 www.computerpcgames.net
127.0.0.1 computerrecover.com
127.0.0.1 www.computerrecover.com
127.0.0.1 config.180solutions.com
127.0.0.1 content.dollarrevenue.com
127.0.0.1 www.content.dollarrevenue.com
127.0.0.1 content.ireit.com
127.0.0.1 www.content.ireit.com
127.0.0.1 content.onerateld.com
127.0.0.1 contentmatch.net
127.0.0.1 www.contentmatch.net
127.0.0.1 contra-virus.com
127.0.0.1 www.contra-virus.com
127.0.0.1 controlmeh.com
127.0.0.1 www.controlmeh.com
127.0.0.1 cooldeskalert.com
127.0.0.1 www.cooldeskalert.com
127.0.0.1 coolfetishsite.com
127.0.0.1 coolfreehost.com
127.0.0.1 coolfreepage.com
127.0.0.1 coolfreepages.com
127.0.0.1 cool-homepage.co
127.0.0.1 cool-homepage.com
127.0.0.1 coolmoneysearch.com
127.0.0.1 coolpornsearch.com
127.0.0.1 cool-search.net
127.0.0.1 cool-search.netfartpost.com
127.0.0.1 coolsearcher.info
127.0.0.1 coolservecorp.net
127.0.0.1 www.coolservecorp.net
127.0.0.1 coolwebsearch.com
127.0.0.1 www.coolwebsearch.com
127.0.0.1 cool-web-search.com
127.0.0.1 coolwebsearsh.com
127.0.0.1 coolwwwsearch.com
127.0.0.1 www.coolwwwsearch.com
127.0.0.1 cool-xxx.net
127.0.0.1 coorriere.it
127.0.0.1 www.coorriere.it
127.0.0.1 copmtraine.com
127.0.0.1 coprriere.it
127.0.0.1 www.coprriere.it
127.0.0.1 core.psyche-evolution.com
127.0.0.1 www.core.psyche-evolution.com
127.0.0.1 coreiere.it
127.0.0.1 www.coreiere.it
127.0.0.1 coreriere.it
127.0.0.1 www.coreriere.it
127.0.0.1 corrdiere.it
127.0.0.1 www.corrdiere.it
127.0.0.1 correiere.it
127.0.0.1 www.correiere.it
127.0.0.1 corrfiere.it
127.0.0.1 www.corrfiere.it
127.0.0.1 corrgiere.it
127.0.0.1 www.corrgiere.it
127.0.0.1 corridere.it
127.0.0.1 www.corridere.it
127.0.0.1 corriedre.it
127.0.0.1 www.corriedre.it
127.0.0.1 corriee.it
127.0.0.1 www.corriee.it
127.0.0.1 corrieere.it
127.0.0.1 www.corrieere.it
127.0.0.1 corriefre.it
127.0.0.1 www.corriefre.it
127.0.0.1 corriegre.it
127.0.0.1 www.corriegre.it
127.0.0.1 corrierde.it
127.0.0.1 www.corrierde.it
127.0.0.1 corriered.it
127.0.0.1 www.corriered.it
127.0.0.1 corrieree.it
127.0.0.1 www.corrieree.it
127.0.0.1 corrieref.it
127.0.0.1 www.corrieref.it
127.0.0.1 corrierer.it
127.0.0.1 www.corrierer.it
127.0.0.1 corrieres.it
127.0.0.1 www.corrieres.it
127.0.0.1 corrierew.it
127.0.0.1 www.corrierew.it
127.0.0.1 corrierfe.it
127.0.0.1 www.corrierfe.it
127.0.0.1 corrierge.it
127.0.0.1 www.corrierge.it
127.0.0.1 corrierr.it
127.0.0.1 www.corrierr.it
127.0.0.1 corrierre.it
127.0.0.1 www.corrierre.it
127.0.0.1 corrierse.it
127.0.0.1 www.corrierse.it
127.0.0.1 corrierte.it
127.0.0.1 www.corrierte.it
127.0.0.1 corrierw.it
127.0.0.1 www.corrierw.it
127.0.0.1 corrierwe.it
127.0.0.1 www.corrierwe.it
127.0.0.1 corriesre.it
127.0.0.1 www.corriesre.it
127.0.0.1 corriete.it
127.0.0.1 www.corriete.it
127.0.0.1 corrietre.it
127.0.0.1 www.corrietre.it
127.0.0.1 corriewre.it
127.0.0.1 www.corriewre.it
127.0.0.1 corrifere.it
127.0.0.1 www.corrifere.it
127.0.0.1 corriiere.it
127.0.0.1 www.corriiere.it
127.0.0.1 corrilere.it
127.0.0.1 www.corrilere.it
127.0.0.1 corrioere.it
127.0.0.1 www.corrioere.it
127.0.0.1 corrire.it
127.0.0.1 www.corrire.it
127.0.0.1 corrirere.it
127.0.0.1 www.corrirere.it
127.0.0.1 corrirre.it
127.0.0.1 www.corrirre.it
127.0.0.1 corrisere.it
127.0.0.1 www.corrisere.it
127.0.0.1 corriuere.it
127.0.0.1 www.corriuere.it
127.0.0.1 corriwere.it
127.0.0.1 www.corriwere.it
127.0.0.1 corriwre.it
127.0.0.1 www.corriwre.it
127.0.0.1 corrliere.it
127.0.0.1 www.corrliere.it
127.0.0.1 corroere.it
127.0.0.1 www.corroere.it
127.0.0.1 corroiere.it
127.0.0.1 www.corroiere.it
127.0.0.1 corrriere.it
127.0.0.1 www.corrriere.it
127.0.0.1 corrtiere.it
127.0.0.1 www.corrtiere.it
127.0.0.1 corruere.it
127.0.0.1 www.corruere.it
127.0.0.1 corruiere.it
127.0.0.1 www.corruiere.it
127.0.0.1 cortiere.it
127.0.0.1 www.cortiere.it
127.0.0.1 cortriere.it
127.0.0.1 www.cortriere.it
127.0.0.1 costrike.com
127.0.0.1 www.costrike.com
127.0.0.1 cotriere.it
127.0.0.1 www.cotriere.it
127.0.0.1 cotrriere.it
127.0.0.1 www.cotrriere.it
127.0.0.1 couldnotfind.com
127.0.0.1 count.cc
127.0.0.1 count.hitscount.net
127.0.0.1 count-all.com
127.0.0.1 countdutycall.info
127.0.0.1 www.countdutycall.info
127.0.0.1 counter.sexmaniack.com
127.0.0.1 cporriere.it
127.0.0.1 www.cporriere.it
127.0.0.1 cprriere.it
127.0.0.1 www.cprriere.it
127.0.0.1 cpvfeed.com
127.0.0.1 cracks.me.uk
127.0.0.1 cracks4all.com
127.0.0.1 www.cracks4all.com
127.0.0.1 crapsgold.info
127.0.0.1 www.crapsgold.info
127.0.0.1 Crazygirls-world.com
127.0.0.1 crazywinnings.com
127.0.0.1 www.crazywinnings.com
127.0.0.1 creamedcutties.com
127.0.0.1 createaccesskey.com
127.0.0.1 www.createaccesskey.com
127.0.0.1 creditsearchonline.com
127.0.0.1 crestring.com
127.0.0.1 crooder.com
127.0.0.1 crriere.it
127.0.0.1 www.crriere.it
127.0.0.1 crystalysmedia.com
127.0.0.1 www.crystalysmedia.com
127.0.0.1 csx.adservs.com
127.0.0.1 www.csx.adservs.com
127.0.0.1 cts.180solutions.com
127.0.0.1 cuisinartoven.com
127.0.0.1 www.cuisinartoven.com
127.0.0.1 curedc.info
127.0.0.1 www.curedc.info
127.0.0.1 curepcsolutions.com
127.0.0.1 www.curepcsolutions.com
127.0.0.1 curvedspaces.com
127.0.0.1 cutadult.com
127.0.0.1 www.cutadult.com
127.0.0.1 cvirgilio.it
127.0.0.1 www.cvirgilio.it
127.0.0.1 cvorriere.it
127.0.0.1 www.cvorriere.it
127.0.0.1 cvs.jps.ru
127.0.0.1 cvsymphony.com
127.0.0.1 cxorriere.it
127.0.0.1 www.cxorriere.it
127.0.0.1 cyberrape.com
127.0.0.1 www.cyberrape.com
127.0.0.1 cydom.com
127.0.0.1 cydoor.com
127.0.0.1 www.cydoor.com
127.0.0.1 daily-gals.com
127.0.0.1 dailypornmag.com
127.0.0.1 www.dailypornmag.com
127.0.0.1 dailyteenspic.com
127.0.0.1 dailytoolbar.com
127.0.0.1 www.dailytoolbar.com
127.0.0.1 dancingbabycd.com
127.0.0.1 data-hoster.com
127.0.0.1 www.data-hoster.com
127.0.0.1 datanotary.com
127.0.0.1 datareco.com
127.0.0.1 dating-galaxy.info
127.0.0.1 www.dating-galaxy.info
127.0.0.1 dating-search.net
127.0.0.1 davemarshall.org
127.0.0.1 db105.com
127.0.0.1 dbdecicated.com
127.0.0.1 www.dbdecicated.com
127.0.0.1 dbxcompany.com
127.0.0.1 www.dbxcompany.com
127.0.0.1 dcdl.dmcast.com
127.0.0.1 dcfitusa.com
127.0.0.1 dcorriere.it
127.0.0.1 www.dcorriere.it
127.0.0.1 dcurtis.com
127.0.0.1 www.dcurtis.com
127.0.0.1 dcww.dmcast.com
127.0.0.1 de.ag
127.0.0.1 de.drivecleaner.com
127.0.0.1 de.errorsafe.com
127.0.0.1 de.winantivirus.com
127.0.0.1 de98.remsys.org
127.0.0.1 debay.it
127.0.0.1 www.debay.it
127.0.0.1 dedmazay.3322.org
127.0.0.1 dedsearch.com
127.0.0.1 www.dedsearch.com
127.0.0.1 defaultsearch.net
127.0.0.1 Defensaantimalware.com
127.0.0.1 www.Defensaantimalware.com
127.0.0.1 deja-rue.com
127.0.0.1 www.deja-rue.com
127.0.0.1 derklaif.biz
127.0.0.1 www.derklaif.biz
127.0.0.1 derrari.it
127.0.0.1 www.derrari.it
127.0.0.1 desarrollocreativo.com
127.0.0.1 deskbar.worldtostart.com
127.0.0.1 www.deskbar.worldtostart.com
127.0.0.1 deskwizz.com
127.0.0.1 www.deskwizz.com
127.0.0.1 dev.ntcor.com
127.0.0.1 develip.com
127.0.0.1 dewis.spb.ru
127.0.0.1 dewis.us
127.0.0.1 df809jow4wj2304lfd0sf9fsd0a2t4ldf809jow4wj2304lfd0sf9fsd0a2t4ld.biz
127.0.0.1 dgbusiness.com
127.0.0.1 www.dgbusiness.com
127.0.0.1 dialer2004.com
127.0.0.1 dialerclub.com
127.0.0.1 www.dialerclub.com
127.0.0.1 dialer-shop.com
127.0.0.1 www.dialer-shop.com
127.0.0.1 dialoff.com
127.0.0.1 www.dialoff.com
127.0.0.1 did.i-used.cc
127.0.0.1 www.did.i-used.cc
127.0.0.1 dietpills4free.com
127.0.0.1 dietpussy.com
127.0.0.1 digikeygen.com
127.0.0.1 www.digikeygen.com
127.0.0.1 digistreamsa.com
127.0.0.1 digitalcoders.net
127.0.0.1 www.digitalcoders.net
127.0.0.1 www.digitalfan.com
127.0.0.1 digital-pornography.com
127.0.0.1 dionforvalleycouncil.org
127.0.0.1 directdvdpro.com
127.0.0.1 www.directdvdpro.com
127.0.0.1 directporta.info
127.0.0.1 www.directporta.info
127.0.0.1 directsearchzone.com
127.0.0.1 www.directsearchzone.com
127.0.0.1 dist.checkin100.com
127.0.0.1 dl.ad-ware.cc
127.0.0.1 dl.malwarewipe.com
127.0.0.1 dl.targetsaver.com
127.0.0.1 www.dl.targetsaver.com
127.0.0.1 dl.web-nexus.net
127.0.0.1 dl1.antivermins.com
127.0.0.1 dl1.antivirgear.com
127.0.0.1 dl1.spydawn.com
127.0.0.1 dl1.virusprotectpro.com
127.0.0.1 dl10.spyfalcon.com
127.0.0.1 dl16.spyfalcon.com
127.0.0.1 dl2.spyfalcon.com
127.0.0.1 dl2.spyheal.com
127.0.0.1 dl2.spywarestrike.com
127.0.0.1 dl3.spyfalcon.com
127.0.0.1 dl3.spyheal.com
127.0.0.1 dl3.spywarestrike.com
127.0.0.1 dl4.spyfalcon.com
127.0.0.1 dl4.spywarestrike.com
127.0.0.1 dl5.spyfalcon.com
127.0.0.1 dl5.spywarestrike.com
127.0.0.1 dl6.spywarestrike.com
127.0.0.1 dl7.spywarestrike.com
127.0.0.1 dl8.spyheal.com
127.0.0.1 dl8.spywarestrike.com
127.0.0.1 dl9.spyfalcon.com
127.0.0.1 dmcast.com
127.0.0.1 www.dmcast.com
127.0.0.1 dnaads.com
127.0.0.1 www.dnaads.com
127.0.0.1 dnl.mabou.org
127.0.0.1 dns-look-up.com
127.0.0.1 www.dns-look-up.com
127.0.0.1 doctorwaldron.com
127.0.0.1 document-not-found.pornpic.org
127.0.0.1 doggyaction.com
127.0.0.1 dogproblemswebsite.com
127.0.0.1 www.dogproblemswebsite.com
127.0.0.1 doktorxxx.com
127.0.0.1 dollarrevenue.com
127.0.0.1 domaincar.com
127.0.0.1 www.domaincar.com
127.0.0.1 domains2003.net
127.0.0.1 domains-for-you-online.com
127.0.0.1 domain-your-registration.com
127.0.0.1 domkrat.com
127.0.0.1 dotcomtoolbar.com
127.0.0.1 www.dotcomtoolbar.com
127.0.0.1 down.136136.net
127.0.0.1 download.abetterinternet.com
127.0.0.1 download.antispywarebot.com
127.0.0.1 www.download.antispywarebot.com
127.0.0.1 download.bardownload.com
127.0.0.1 www.download.bardownload.com
127.0.0.1 download.bravesentry.com
127.0.0.1 www.download.bravesentry.com
127.0.0.1 download.cdn.drivecleaner.com
127.0.0.1 download.cdn.errorsafe.com
127.0.0.1 download.cdn.winsoftware.com
127.0.0.1 download.errorsafe.com
127.0.0.1 download.jupitersatellites.biz
127.0.0.1 www.download.jupitersatellites.biz
127.0.0.1 download.searchtabs.net
127.0.0.1 download.secureyournet.biz
127.0.0.1 www.download.secureyournet.biz
127.0.0.1 download.spyonthis.net
127.0.0.1 download.spy-shredder.com
127.0.0.1 download.systemdoctor.com
127.0.0.1 download.winantispyware.com
127.0.0.1 download.winantivirus.com
127.0.0.1 download.windrivecleaner.com
127.0.0.1 download.winfixer.com
127.0.0.1 download10.spywarequake.com
127.0.0.1 download11.spywarequake.com
127.0.0.1 download12.spywarequake.com
127.0.0.1 download13.spywarequake.com
127.0.0.1 download15.spywarequake.com
127.0.0.1 download2.spywarequake.com
127.0.0.1 download-2007.com
127.0.0.1 www.download-2007.com
127.0.0.1 download3.spyaxe.com
127.0.0.1 download3.spywarequake.com
127.0.0.1 download4.spyaxe.com
127.0.0.1 download4.spywarequake.com
127.0.0.1 download5.spyaxe.com
127.0.0.1 download5.spywarequake.com
127.0.0.1 download6.spyaxe.com
127.0.0.1 download7.spywarequake.com
127.0.0.1 download8.spywarequake.com
127.0.0.1 download9.spywarequake.com
127.0.0.1 download-ad-aware.com
127.0.0.1 www.download-ad-aware.com
127.0.0.1 download-all-4-free.com
127.0.0.1 www.download-all-4-free.com
127.0.0.1 download-all-area.com
127.0.0.1 www.download-all-area.com
127.0.0.1 download-antivir.com
127.0.0.1 www.download-antivir.com
127.0.0.1 downloadanysong.com
127.0.0.1 www.downloadanysong.com
127.0.0.1 download-avast.com
127.0.0.1 www.download-avast.com
127.0.0.1 downloadcorporation.com
127.0.0.1 www.downloadcorporation.com
127.0.0.1 download-dvdshrink.com
127.0.0.1 www.download-dvdshrink.com
127.0.0.1 download-for-free.net
127.0.0.1 www.download-for-free.net
127.0.0.1 downloadfreesoft.com
127.0.0.1 www.downloadfreesoft.com
127.0.0.1 downloadfreeway.com
127.0.0.1 www.downloadfreeway.com
127.0.0.1 downloadimesh.com
127.0.0.1 www.downloadimesh.com
127.0.0.1 download-itunes-now.com
127.0.0.1 www.download-itunes-now.com
127.0.0.1 download-limewire.org
127.0.0.1 www.download-limewire.org
127.0.0.1 downloadlost.tv
127.0.0.1 www.downloadlost.tv
127.0.0.1 downloadmax.net
127.0.0.1 www.downloadmax.net
127.0.0.1 download-mcafee.com
127.0.0.1 www.download-mcafee.com
127.0.0.1 download-me.info
127.0.0.1 downloadmediaax.com
127.0.0.1 www.downloadmediaax.com
127.0.0.1 downloadpics.net
127.0.0.1 www.downloadpics.net
127.0.0.1 download-real-player.com
127.0.0.1 www.download-real-player.com
127.0.0.1 downloads.180solutions.com
127.0.0.1 downloads.adaware.cc
127.0.0.1 downloadservicearea.com
127.0.0.1 www.downloadservicearea.com
127.0.0.1 downloads-free.org
127.0.0.1 www.downloads-free.org
127.0.0.1 downloadsglobe.com
127.0.0.1 www.downloadsglobe.com
127.0.0.1 download-this.us
127.0.0.1 www.download-this.us
127.0.0.1 download-trillian.com
127.0.0.1 www.download-trillian.com
127.0.0.1 downloadv3.com
127.0.0.1 www.downloadv3.com
127.0.0.1 downloadvax.com
127.0.0.1 www.downloadvax.com
127.0.0.1 download-windvd.com
127.0.0.1 www.download-windvd.com
127.0.0.1 download-winrar.com
127.0.0.1 www.download-winrar.com
127.0.0.1 downloadwizard.com
127.0.0.1 downloadzcenter.com
127.0.0.1 downloadzcentral.com
127.0.0.1 downloadzfree.com
127.0.0.1 www.downloadzfree.com
127.0.0.1 downloadznow.net
127.0.0.1 download-zone-free.com
127.0.0.1 www.download-zone-free.com
127.0.0.1 download-zone-free.net
127.0.0.1 www.download-zone-free.net
127.0.0.1 dp-host.com
127.0.0.1 dr.mcboo.com
127.0.0.1 dr.webhancer.com
127.0.0.1 www.dr.webhancer.com
127.0.0.1 dr2.webhancer.com
127.0.0.1 www.dr2.webhancer.com
127.0.0.1 dr38.mcboo.com
127.0.0.1 dr47.mcboo.com
127.0.0.1 dragqueen.gay-clan.com
127.0.0.1 drepubblica.it
127.0.0.1 www.drepubblica.it
127.0.0.1 drivecleaner.com
127.0.0.1 www.drivecleaner.com
127.0.0.1 drivecleanr.com
127.0.0.1 www.drivecleanr.com
127.0.0.1 drocherway.com
127.0.0.1 dropspam.com
127.0.0.1 www.dropspam.com
127.0.0.1 drug-sources-exposed.com
127.0.0.1 drvvv.com
127.0.0.1 dsupereva.it
127.0.0.1 www.dsupereva.it
127.0.0.1 dtlproduct.com
127.0.0.1 www.dtlproduct.com
127.0.0.1 dudu.com
127.0.0.1 www.dudu.com
127.0.0.1 dulcineasystems.net
127.0.0.1 dumpserv.com
127.0.0.1 duolaimi.net
127.0.0.1 dutch-sex.com
127.0.0.1 dvdaccess.net
127.0.0.1 www.dvdaccess.net
127.0.0.1 dvdbank.org
127.0.0.1 dvdcodec.net
127.0.0.1 www.dvdcodec.net
127.0.0.1 dvdsmovies.net
127.0.0.1 www.dvdsmovies.net
127.0.0.1 dvdsvideos.net
127.0.0.1 www.dvdsvideos.net
127.0.0.1 dvdtocdsite.com
127.0.0.1 www.dvdtocdsite.com
127.0.0.1 dynamique.drivecleaner.com
127.0.0.1 e3bay.it
127.0.0.1 www.e3bay.it
127.0.0.1 e4bay.it
127.0.0.1 www.e4bay.it
127.0.0.1 eager-sex.com
127.0.0.1 earthllnk.net
127.0.0.1 www.earthllnk.net
127.0.0.1 eases.net
127.0.0.1 easyantispy.com
127.0.0.1 easybestdeals.com
127.0.0.1 www.easybestdeals.com
127.0.0.1 easycategories.com
127.0.0.1 easymp3musicnow.com
127.0.0.1 www.easymp3musicnow.com
127.0.0.1 easy-pharmacy.info
127.0.0.1 www.easy-pharmacy.info
127.0.0.1 easy-search.net
127.0.0.1 easysearch4you.com
127.0.0.1 www.easysearch4you.com
127.0.0.1 easysearchingtips.com
127.0.0.1 easyspyware.com
127.0.0.1 www.easyspyware.com
127.0.0.1 easywww.info
127.0.0.1 www.easywww.info
127.0.0.1 eba6y.it
127.0.0.1 www.eba6y.it
127.0.0.1 eba7y.it
127.0.0.1 www.eba7y.it
127.0.0.1 ebaay.it
127.0.0.1 www.ebaay.it
127.0.0.1 ebagy.it
127.0.0.1 www.ebagy.it
127.0.0.1 ebahy.it
127.0.0.1 www.ebahy.it
127.0.0.1 ebajy.it
127.0.0.1 www.ebajy.it
127.0.0.1 ebaqy.it
127.0.0.1 www.ebaqy.it
127.0.0.1 ebasy.it
127.0.0.1 www.ebasy.it
127.0.0.1 ebaty.it
127.0.0.1 www.ebaty.it
127.0.0.1 ebauy.it
127.0.0.1 www.ebauy.it
127.0.0.1 ebav.com
127.0.0.1 ebaw.com
127.0.0.1 ebawy.it
127.0.0.1 www.ebawy.it
127.0.0.1 ebaxy.it
127.0.0.1 www.ebaxy.it
127.0.0.1 ebay6.it
127.0.0.1 www.ebay6.it
127.0.0.1 ebay7.it
127.0.0.1 www.ebay7.it
127.0.0.1 ebayg.it
127.0.0.1 www.ebayg.it
127.0.0.1 ebayh.it
127.0.0.1 www.ebayh.it
127.0.0.1 ebayj.it
127.0.0.1 www.ebayj.it
127.0.0.1 ebayt.it
127.0.0.1 www.ebayt.it
127.0.0.1 ebayu.it
127.0.0.1 www.ebayu.it
127.0.0.1 ebazy.it
127.0.0.1 www.ebazy.it
127.0.0.1 ebch.com
127.0.0.1 ebdv.com
127.0.0.1 ebdw.com
127.0.0.1 ebestfind.org
127.0.0.1 www.ebestfind.org
127.0.0.1 ebgay.it
127.0.0.1 www.ebgay.it
127.0.0.1 ebgo.com
127.0.0.1 ebhay.it
127.0.0.1 www.ebhay.it
127.0.0.1 ebjp.com
127.0.0.1 ebkb.com
127.0.0.1 ebkn.com
127.0.0.1 ebky.com
127.0.0.1 eblv.com
127.0.0.1 ebmu.com
127.0.0.1 ebnay.it
127.0.0.1 www.ebnay.it
127.0.0.1 ebony-pornmag.com
127.0.0.1 www.ebony-pornmag.com
127.0.0.1 ebonypornmag.com
127.0.0.1 www.ebonypornmag.com
127.0.0.1 ebqay.it
127.0.0.1 www.ebqay.it
127.0.0.1 ebsay.it
127.0.0.1 www.ebsay.it
127.0.0.1 ebsy.it
127.0.0.1 www.ebsy.it
127.0.0.1 ebvay.it
127.0.0.1 www.ebvay.it
127.0.0.1 ebvr.com
127.0.0.1 ebway.it
127.0.0.1 www.ebway.it
127.0.0.1 ebxay.it
127.0.0.1 www.ebxay.it
127.0.0.1 ebzay.it
127.0.0.1 www.ebzay.it
127.0.0.1 ecmh.com
127.0.0.1 ecmp.com
127.0.0.1 ecosrioplatenses.org
127.0.0.1 ecpm.com
127.0.0.1 ecstasyporn.net
127.0.0.1 ecwz.com
127.0.0.1 ecyb.com
127.0.0.1 edbay.it
127.0.0.1 www.edbay.it
127.0.0.1 edhq.com
127.0.0.1 edietprogram.com
127.0.0.1 www.edietprogram.com
127.0.0.1 edty.com
127.0.0.1 eduy.com
127.0.0.1 eebay.it
127.0.0.1 www.eebay.it
127.0.0.1 eeev.com
127.0.0.1 eepubblica.it
127.0.0.1 www.eepubblica.it
127.0.0.1 efbay.it
127.0.0.1 www.efbay.it
127.0.0.1 egbay.it
127.0.0.1 www.egbay.it
127.0.0.1 ehbay.it
127.0.0.1 www.ehbay.it
127.0.0.1 eikokoike.com
127.0.0.1 elitecodec.com
127.0.0.1 www.elitecodec.com
127.0.0.1 elitemediagroup.net
127.0.0.1 www.elitemediagroup.net
127.0.0.1 e-localad.com
127.0.0.1 emailicon.org
127.0.0.1 www.emailicon.org
127.0.0.1 emch.com
127.0.0.1 emcodec.com
127.0.0.1 www.emcodec.com
127.0.0.1 emediacodec.com
127.0.0.1 www.emediacodec.com
127.0.0.1 emule.mp3-muzic.com
127.0.0.1 www.emule.mp3-muzic.com
127.0.0.1 emuledownloadhome.com
127.0.0.1 www.emuledownloadhome.com
127.0.0.1 emule-freebie.com
127.0.0.1 www.emule-freebie.com
127.0.0.1 enay.it
127.0.0.1 www.enay.it
127.0.0.1 enbay.it
127.0.0.1 www.enbay.it
127.0.0.1 energy-factor.com
127.0.0.1 www.energy-factor.com
127.0.0.1 engineplay.com
127.0.0.1 www.engineplay.com
127.0.0.1 engine-ticket.com
127.0.0.1 www.engine-ticket.com
127.0.0.1 enhance.com
127.0.0.1 www.enhance.com
127.0.0.1 enhancevideos.com
127.0.0.1 www.enhancevideos.com
127.0.0.1 enitinvest.net
127.0.0.1 enjoywebsurf.com
127.0.0.1 entertainsite.net
127.0.0.1 www.entertainsite.net
127.0.0.1 enterthesearch.com
127.0.0.1 www.enterthesearch.com
127.0.0.1 e-plus.cc
127.0.0.1 epornsex.com
127.0.0.1 eprotectionline.com
127.0.0.1 www.eprotectionline.com
127.0.0.1 eprotectpage.com
127.0.0.1 www.eprotectpage.com
127.0.0.1 erbay.it
127.0.0.1 www.erbay.it
127.0.0.1 erepubblica.it
127.0.0.1 www.erepubblica.it
127.0.0.1 ergosites.com
127.0.0.1 erossoalice.it
127.0.0.1 www.erossoalice.it
127.0.0.1 errari.it
127.0.0.1 www.errari.it
127.0.0.1 error404site.com
127.0.0.1 www.error404site.com
127.0.0.1 error404site.net
127.0.0.1 www.error404site.net
127.0.0.1 errorkiller.com
127.0.0.1 www.errorkiller.com
127.0.0.1 errorprotector.com
127.0.0.1 www.errorprotector.com
127.0.0.1 errorsafe.com
127.0.0.1 www.errorsafe.com
127.0.0.1 errorsdns.com
127.0.0.1 www.errorsdns.com
127.0.0.1 ert0003.e76.163ns.com
127.0.0.1 ertikadeswiokinganfujas.com
127.0.0.1 www.ertikadeswiokinganfujas.com
127.0.0.1 es.winantivirus.com
127.0.0.1 es0-www.5zgmu7o20kt5d8yq.com
127.0.0.1 es1-www.5zgmu7o20kt5d8yq.com
127.0.0.1 es2-www.5zgmu7o20kt5d8yq.com
127.0.0.1 es3-www.5zgmu7o20kt5d8yq.com
127.0.0.1 es4-www.5zgmu7o20kt5d8yq.com
127.0.0.1 es5-www.5zgmu7o20kt5d8yq.com
127.0.0.1 es6-www.5zgmu7o20kt5d8yq.com
127.0.0.1 es7-www.5zgmu7o20kt5d8yq.com
127.0.0.1 es8-www.5zgmu7o20kt5d8yq.com
127.0.0.1 es9-www.5zgmu7o20kt5d8yq.com
127.0.0.1 esafetylist.com
127.0.0.1 www.esafetylist.com
127.0.0.1 esafetypage.com
127.0.0.1 www.esafetypage.com
127.0.0.1 esbay.it
127.0.0.1 www.esbay.it
127.0.0.1 esearch2005.com
127.0.0.1 www.esearch2005.com
127.0.0.1 esecuritynote.com
127.0.0.1 www.esecuritynote.com
127.0.0.1 esecuritypage.com
127.0.0.1 www.esecuritypage.com
127.0.0.1 esupereva.it
127.0.0.1 www.esupereva.it
127.0.0.1 etomi.all-downloads-now.com
127.0.0.1 www.etomi.all-downloads-now.com
127.0.0.1 eupdatepage.com
127.0.0.1 www.eupdatepage.com
127.0.0.1 euuu.com
127.0.0.1 evbay.it
127.0.0.1 www.evbay.it
127.0.0.1 evidence-detector.biz
127.0.0.1 evilspidercomics.com
127.0.0.1 evko.biz
127.0.0.1 www.evko.biz
127.0.0.1 ewbay.it
127.0.0.1 www.ewbay.it
127.0.0.1 ewebsearch.net
127.0.0.1 e-websitesolutions.com
127.0.0.1 ewizard.cc
127.0.0.1 exaccess.ru
127.0.0.1 www.exaccess.ru
127.0.0.1 excellentsckin.com
127.0.0.1 exeupdate.com
127.0.0.1 www.exeupdate.com
127.0.0.1 exflow.org
127.0.0.1 www.exflow.org
127.0.0.1 exit.megago.com
127.0.0.1 expandvideo.com
127.0.0.1 www.expandvideo.com
127.0.0.1 exportplay.com
127.0.0.1 www.exportplay.com
127.0.0.1 extremepaidsurveys.com
127.0.0.1 www.extremepaidsurveys.com
127.0.0.1 extremeseek.net
127.0.0.1 eza1netsearch.com
127.0.0.1 www.eza1netsearch.com
127.0.0.1 ezcybersearch.com
127.0.0.1 www.ezcybersearch.com
127.0.0.1 ez-searching.com
127.0.0.1 ezwebsearching.com
127.0.0.1 www.ezwebsearching.com
127.0.0.1 f1.bestmanage.org
127.0.0.1 f1.truth-is-out-there.org
127.0.0.1 f1organizer.com
127.0.0.1 www.f1organizer.com
127.0.0.1 f2.bestmanage.org
127.0.0.1 f2.truth-is-out-there.org
127.0.0.1 f3.bestmanage.org
127.0.0.1 f3.truth-is-out-there.org
127.0.0.1 f4.bestmanage.org
127.0.0.1 f4.truth-is-out-there.org
127.0.0.1 f5.bestmanage.org
127.0.0.1 f5.truth-is-out-there.org
127.0.0.1 f6.bestmanage.org
127.0.0.1 f7.bestmanage.org
127.0.0.1 f7.truth-is-out-there.org
127.0.0.1 f8.bestmanage.org
127.0.0.1 f8.truth-is-out-there.org
127.0.0.1 f9.bestmanage.org
127.0.0.1 f9.truth-is-out-there.org
127.0.0.1 fairsearcher.com
127.0.0.1 www.fairsearcher.com
127.0.0.1 faithstevens.com
127.0.0.1 fantasiewelten.com
127.0.0.1 farmacept32.phpnet.us
127.0.0.1 farmsteadbandb.com
127.0.0.1 farse.com
127.0.0.1 fartpost.com
127.0.0.1 fastfreedownload.com
127.0.0.1 fastmetasearch.com
127.0.0.1 www.fastmetasearch.com
127.0.0.1 fastssearch.com
127.0.0.1 www.fastssearch.com
127.0.0.1 fastwebfinder.com
127.0.0.1 faxporn.com
127.0.0.1 fazzetta.it
127.0.0.1 www.fazzetta.it
127.0.0.1 fcorriere.it
127.0.0.1 www.fcorriere.it
127.0.0.1 featured-results.com
127.0.0.1 febay.it
127.0.0.1 www.febay.it
127.0.0.1 feed.dedsearch.com
127.0.0.1 feeds.2search.com
127.0.0.1 www.feeds.2search.com
127.0.0.1 feeds2.2search.org
127.0.0.1 www.feeds2.2search.org
127.0.0.1 ferraeri.it
127.0.0.1 www.ferraeri.it
127.0.0.1 ferrai.it
127.0.0.1 www.ferrai.it
127.0.0.1 ferrarei.it
127.0.0.1 www.ferrarei.it
127.0.0.1 ferrarti.it
127.0.0.1 www.ferrarti.it
127.0.0.1 ferrasri.it
127.0.0.1 www.ferrasri.it
127.0.0.1 ferratri.it
127.0.0.1 www.ferratri.it
127.0.0.1 ferreari.it
127.0.0.1 www.ferreari.it
127.0.0.1 ferrri.it
127.0.0.1 www.ferrri.it
127.0.0.1 ferrsari.it
127.0.0.1 www.ferrsari.it
127.0.0.1 ferrtari.it
127.0.0.1 www.ferrtari.it
127.0.0.1 fetrrari.it
127.0.0.1 www.fetrrari.it
127.0.0.1 fgazzetta.it
127.0.0.1 www.fgazzetta.it
127.0.0.1 fgoogle.it
127.0.0.1 www.fgoogle.it
127.0.0.1 fhg.panet.org
127.0.0.1 fhgate.com
127.0.0.1 www.fhgate.com
127.0.0.1 fickenisgeil.de
127.0.0.1 file.unionsms.net
127.0.0.1 filestore.com
127.0.0.1 www.filestore.com
127.0.0.1 filetretporn.com
127.0.0.1 www.filetretporn.com
127.0.0.1 Filtrodetrojan.com
127.0.0.1 www.Filtrodetrojan.com
127.0.0.1 finalfantasyactionfigures.com
127.0.0.1 www.finalfantasyactionfigures.com
127.0.0.1 finance-loans.com
127.0.0.1 find4u.net
127.0.0.1 find-52.com
127.0.0.1 www.find-52.com
127.0.0.1 findanyshow.org
127.0.0.1 www.findanyshow.org
127.0.0.1 find-find-777.net
127.0.0.1 www.find-find-777.net
127.0.0.1 find-itnow.com
127.0.0.1 findit-now.com
127.0.0.1 findloss.com
127.0.0.1 findthesite.com
127.0.0.1 findthewebsiteyouneed.com
127.0.0.1 www.findthewebsiteyouneed.com
127.0.0.1 find-uk-health.co.uk
127.0.0.1 findwapsite.org
127.0.0.1 www.findwapsite.org
127.0.0.1 findwhatevernow.com
127.0.0.1 www.findwhatevernow.com
127.0.0.1 fined.biz
127.0.0.1 fine-search.net
127.0.0.1 fionasteel.com
127.0.0.1 firefoxdownload-now.com
127.0.0.1 www.firefoxdownload-now.com
127.0.0.1 firehunt.com
127.0.0.1 www.firehunt.com
127.0.0.1 firgilio.it
127.0.0.1 www.firgilio.it
127.0.0.1 firstbookmark.net
127.0.0.1 firstgoodsearch.com
127.0.0.1 www.firstgoodsearch.com
127.0.0.1 fitness-free.com
127.0.0.1 fixerantispy.com
127.0.0.1 www.fixerantispy.com
127.0.0.1 fjsynebcod.com
127.0.0.1 www.fjsynebcod.com
127.0.0.1 flashdollars.com
127.0.0.1 www.flashdollars.com
127.0.0.1 flashflashmx.3322.org
127.0.0.1 floorsovertexas.com
127.0.0.1 www.floorsovertexas.com
127.0.0.1 floproject.com
127.0.0.1 www.floproject.com
127.0.0.1 flrxtools.greatnuke.com
127.0.0.1 flrx-tools.net
127.0.0.1 www.flrx-tools.net
127.0.0.1 fn777.greatbahamas.com
127.0.0.1 www.fn777.greatbahamas.com
127.0.0.1 foodvacations.net
127.0.0.1 forex.jps.ru
127.0.0.1 forexcredit.com
127.0.0.1 forexcredit.ru
127.0.0.1 formingfusions.com
127.0.0.1 forsythfire.net
127.0.0.1 forthline.com
127.0.0.1 foxmin.com
127.0.0.1 www.foxmin.com
127.0.0.1 fp.gad-network.com
127.0.0.1 fr.drivecleaner.com
127.0.0.1 www.fr.drivecleaner.com
127.0.0.1 fr.winantivirus.com
127.0.0.1 fr.winfixer.com
127.0.0.1 frame.crazywinnings.com
127.0.0.1 free4porno.net
127.0.0.1 free64all.com
127.0.0.1 free-adobe-download-support.com
127.0.0.1 www.free-adobe-download-support.com
127.0.0.1 free-avg.org
127.0.0.1 www.free-avg.org
127.0.0.1 free-avg-download.com
127.0.0.1 www.free-avg-download.com
127.0.0.1 free-bearshares.com
127.0.0.1 www.free-bearshares.com
127.0.0.1 freebookmark.net
127.0.0.1 freebookmarks.net
127.0.0.1 freecat.biz
127.0.0.1 www.freecat.biz
127.0.0.1 freecategories.com
127.0.0.1 free-chipes.com
127.0.0.1 freecj.com
127.0.0.1 freecoolhost.com
127.0.0.1 freedownloadhq.com
127.0.0.1 www.freedownloadhq.com
127.0.0.1 freedownloadpage.com
127.0.0.1 www.freedownloadpage.com
127.0.0.1 free-download-place.com
127.0.0.1 www.free-download-place.com
127.0.0.1 free-download-support.com
127.0.0.1 www.free-download-support.com
127.0.0.1 freedownloadzone.com
127.0.0.1 www.freedownloadzone.com
127.0.0.1 free-hit.com
127.0.0.1 freehqmovies.com
127.0.0.1 freeimageheaven.com
127.0.0.1 www.freeimageheaven.com
127.0.0.1 freemp3access.com
127.0.0.1 www.freemp3access.com
127.0.0.1 free-music-network.com
127.0.0.1 www.free-music-network.com
127.0.0.1 free-pics-and-movies.com
127.0.0.1 free-popup-killer.com
127.0.0.1 www.free-popup-killer.com
127.0.0.1 free-porn-movies.info
127.0.0.1 www.free-porn-movies.info
127.0.0.1 free-program-download.com
127.0.0.1 www.free-program-download.com
127.0.0.1 freerbhost.com
127.0.0.1 freescratchandwin.com
127.0.0.1 free-sex-movie-clips.net
127.0.0.1 freeshemalepics.net
127.0.0.1 free-software-center.com
127.0.0.1 www.free-software-center.com
127.0.0.1 free-spybot.com
127.0.0.1 www.free-spybot.com
127.0.0.1 freeunlimitedskype.com
127.0.0.1 www.freeunlimitedskype.com
127.0.0.1 freeyaho.com
127.0.0.1 fregat.drocherway.com
127.0.0.1 frepubblica.it
127.0.0.1 www.frepubblica.it
127.0.0.1 freshseek.com
127.0.0.1 freshteensite.com
127.0.0.1 fric.cn
127.0.0.1 frrari.it
127.0.0.1 www.frrari.it
127.0.0.1 frrrari.it
127.0.0.1 www.frrrari.it
127.0.0.1 ftiscali.it
127.0.0.1 www.ftiscali.it
127.0.0.1 ftrenitalia.it
127.0.0.1 www.ftrenitalia.it
127.0.0.1 ftuttogratis.it
127.0.0.1 www.ftuttogratis.it
127.0.0.1 full-search.net
127.0.0.1 fullsoftwaredownloadz.com
127.0.0.1 www.fullsoftwaredownloadz.com
127.0.0.1 full-tgp.net
127.0.0.1 funcodec.com
127.0.0.1 www.funcodec.com
127.0.0.1 funny-girls.com
127.0.0.1 funnysuperxxx.com
127.0.0.1 www.funnysuperxxx.com
127.0.0.1 fun-photo.com
127.0.0.1 www.fun-photo.com
127.0.0.1 fvirgilio.it
127.0.0.1 www.fvirgilio.it
127.0.0.1 fwrrari.it
127.0.0.1 www.fwrrari.it
127.0.0.1 g0oogle.it
127.0.0.1 www.g0oogle.it
127.0.0.1 g9oogle.it
127.0.0.1 www.g9oogle.it
127.0.0.1 ga31.com
127.0.0.1 gaazzetta.it
127.0.0.1 www.gaazzetta.it
127.0.0.1 gabrielscott.com
127.0.0.1 gad-network.com
127.0.0.1 www.gad-network.com
127.0.0.1 galleryclick.net
127.0.0.1 www.galleryclick.net
127.0.0.1 gallerypictures.net
127.0.0.1 www.gallerypictures.net
127.0.0.1 galpostgirls.com
127.0.0.1 gals-for-free.com
127.0.0.1 gambling-online4you.com
127.0.0.1 game4all.biz
127.0.0.1 www.game4all.biz
127.0.0.1 games.de.ag
127.0.0.1 www.games.de.ag
127.0.0.1 games.uzoogle.com
127.0.0.1 games-desktop.com
127.0.0.1 www.games-desktop.com
127.0.0.1 gameterror.net
127.0.0.1 gaqzzetta.it
127.0.0.1 www.gaqzzetta.it
127.0.0.1 gaszzetta.it
127.0.0.1 www.gaszzetta.it
127.0.0.1 gaxzetta.it
127.0.0.1 www.gaxzetta.it
127.0.0.1 gaxzzetta.it
127.0.0.1 www.gaxzzetta.it
127.0.0.1 gay50.com
127.0.0.1 gay-clan.com
127.0.0.1 gayspornmag.com
127.0.0.1 www.gayspornmag.com
127.0.0.1 gaystogay.com
127.0.0.1 www.gaystogay.com
127.0.0.1 gazxetta.it
127.0.0.1 www.gazxetta.it
127.0.0.1 gazxzetta.it
127.0.0.1 www.gazxzetta.it
127.0.0.1 gazzaetta.it
127.0.0.1 www.gazzaetta.it
127.0.0.1 gazzdetta.it
127.0.0.1 www.gazzdetta.it
127.0.0.1 gazzedtta.it
127.0.0.1 www.gazzedtta.it
127.0.0.1 gazzeetta.it
127.0.0.1 www.gazzeetta.it
127.0.0.1 gazzeftta.it
127.0.0.1 www.gazzeftta.it
127.0.0.1 gazzegtta.it
127.0.0.1 www.gazzegtta.it
127.0.0.1 gazzehtta.it
127.0.0.1 www.gazzehtta.it
127.0.0.1 gazzerta.it
127.0.0.1 www.gazzerta.it
127.0.0.1 gazzertta.it
127.0.0.1 www.gazzertta.it
127.0.0.1 gazzestta.it
127.0.0.1 www.gazzestta.it
127.0.0.1 gazzetra.it
127.0.0.1 www.gazzetra.it
127.0.0.1 gazzett.it
127.0.0.1 www.gazzett.it
127.0.0.1 gazzettaa.it
127.0.0.1 www.gazzettaa.it
127.0.0.1 gazzettaq.it
127.0.0.1 www.gazzettaq.it
127.0.0.1 gazzettas.it
127.0.0.1 www.gazzettas.it
127.0.0.1 gazzettaz.it
127.0.0.1 www.gazzettaz.it
127.0.0.1 gazzettfa.it
127.0.0.1 www.gazzettfa.it
127.0.0.1 gazzettga.it
127.0.0.1 www.gazzettga.it
127.0.0.1 gazzettha.it
127.0.0.1 www.gazzettha.it
127.0.0.1 gazzettqa.it
127.0.0.1 www.gazzettqa.it
127.0.0.1 gazzettra.it
127.0.0.1 www.gazzettra.it
127.0.0.1 gazzetts.it
127.0.0.1 www.gazzetts.it
127.0.0.1 gazzettsa.it
127.0.0.1 www.gazzettsa.it
127.0.0.1 gazzettya.it
127.0.0.1 www.gazzettya.it
127.0.0.1 gazzettza.it
127.0.0.1 www.gazzettza.it
127.0.0.1 gazzetya.it
127.0.0.1 www.gazzetya.it
127.0.0.1 gazzetyta.it
127.0.0.1 www.gazzetyta.it
127.0.0.1 gazzeyta.it
127.0.0.1 www.gazzeyta.it
127.0.0.1 gazzeytta.it
127.0.0.1 www.gazzeytta.it
127.0.0.1 gazzfetta.it
127.0.0.1 www.gazzfetta.it
127.0.0.1 gazzretta.it
127.0.0.1 www.gazzretta.it
127.0.0.1 gazzrtta.it
127.0.0.1 www.gazzrtta.it
127.0.0.1 gazzsetta.it
127.0.0.1 www.gazzsetta.it
127.0.0.1 gazztta.it
127.0.0.1 www.gazztta.it
127.0.0.1 gazzwetta.it
127.0.0.1 www.gazzwetta.it
127.0.0.1 gazzwtta.it
127.0.0.1 www.gazzwtta.it
127.0.0.1 gazzxetta.it
127.0.0.1 www.gazzxetta.it
127.0.0.1 gbazzetta.it
127.0.0.1 www.gbazzetta.it
127.0.0.1 gboogle.it
127.0.0.1 www.gboogle.it
127.0.0.1 geil-de.info
127.0.0.1 www.geil-de.info
127.0.0.1 generalsmeltingofcanada.com
127.0.0.1 generateskey.com
127.0.0.1 www.generateskey.com
127.0.0.1 germany.rub.to
127.0.0.1 gerrari.it
127.0.0.1 www.gerrari.it
127.0.0.1 get.adwarebazooka.com
127.0.0.1 get.hitvirus.com
127.0.0.1 www.get-access.host.sk
127.0.0.1 getanysoftware.com
127.0.0.1 www.getanysoftware.com
127.0.0.1 getbestloanrate.info
127.0.0.1 www.getbestloanrate.info
127.0.0.1 getdvdshrink2007.com
127.0.0.1 www.getdvdshrink2007.com
127.0.0.1 geteens.com
127.0.0.1 getfound.com
127.0.0.1 www.getfound.com
127.0.0.1 getimageactivex.com
127.0.0.1 www.getimageactivex.com
127.0.0.1 get-ipod-music.com
127.0.0.1 www.get-ipod-music.com
127.0.0.1 getmirar.com
127.0.0.1 get-mp3-onlined.com
127.0.0.1 www.get-mp3-onlined.com
127.0.0.1 getpatytoday.info
127.0.0.1 www.getpatytoday.info
127.0.0.1 getphotosets.com
127.0.0.1 www.getphotosets.com
127.0.0.1 getpicshere.com
127.0.0.1 getpornmag.com
127.0.0.1 www.getpornmag.com
127.0.0.1 get-realplayer.com
127.0.0.1 www.get-realplayer.com
127.0.0.1 get-spybot.com
127.0.0.1 www.get-spybot.com
127.0.0.1 getvaxobject.com
127.0.0.1 www.getvaxobject.com
127.0.0.1 getvideosource.com
127.0.0.1 www.getvideosource.com
127.0.0.1 get-winrar.com
127.0.0.1 www.get-winrar.com
127.0.0.1 gfazzetta.it
127.0.0.1 www.gfazzetta.it
127.0.0.1 gfoogle.it
127.0.0.1 www.gfoogle.it
127.0.0.1 gfxgraphics.net
127.0.0.1 www.gfxgraphics.net
127.0.0.1 ggazzetta.it
127.0.0.1 www.ggazzetta.it
127.0.0.1 ghazzetta.it
127.0.0.1 www.ghazzetta.it
127.0.0.1 ghoogle.it
127.0.0.1 www.ghoogle.it
127.0.0.1 giangho.biz
127.0.0.1 www.giangho.biz
127.0.0.1 gigaz.info
127.0.0.1 www.gigaz.info
127.0.0.1 gimmezamore.com
127.0.0.1 gimnasiaer.com
127.0.0.1 giogle.it
127.0.0.1 www.giogle.it
127.0.0.1 gioogle.it
127.0.0.1 www.gioogle.it
127.0.0.1 girgilio.it
127.0.0.1 www.girgilio.it
127.0.0.1 girls4rent.net
127.0.0.1 girls-porn-life.com
127.0.0.1 giscali.it
127.0.0.1 www.giscali.it
127.0.0.1 givecnt.info
127.0.0.1 www.givecnt.info
127.0.0.1 gkoogle.it
127.0.0.1 www.gkoogle.it
127.0.0.1 gl.secdep.info
127.0.0.1 www.gl.secdep.info
127.0.0.1 glbdf.org
127.0.0.1 globalefinder.com
127.0.0.1 www.globalefinder.com
127.0.0.1 global-finder.com
127.0.0.1 globalwebsearch.com
127.0.0.1 globe-finder.cc
127.0.0.1 globe-finder.com
127.0.0.1 globesearch.com
127.0.0.1 www.globesearch.com
127.0.0.1 glogle.it
127.0.0.1 www.glogle.it
127.0.0.1 go.drivecleaner.com
127.0.0.1 go.errorsafe.com
127.0.0.1 go.systemdoctor.com
127.0.0.1 go.winantispyware.com
127.0.0.1 go.winantivirus.com
127.0.0.1 go0ogle.it
127.0.0.1 www.go0ogle.it
127.0.0.1 go2realsearch.com
127.0.0.1 www.go2realsearch.com
127.0.0.1 go2-search.com
127.0.0.1 go9ogle.it
127.0.0.1 www.go9


Message édité par toufous35 le 07-12-2008 à 20:44:30
Répondre
Liens sponsorisés
Inscrivez-vous ou connectez-vous pour masquer ceci.
Egwene   04-12-2008 à 10:07:56
- 0 +

:hello: Bonjour,

Je vais t'aider à résoudre ton problème. Merci de suivre à la lettre mes instructions et de ne pas prendre d'initiatives personnelles. Si tu as la moindre question, je suis à ton écoute.

Merci de prendre en compte que je suis bénévole et que j'ai une vie privée : je passe au moins une fois par jour.

Si tu penses avoir été oublié, envoie-moi un MP pour me le signaler.

1) Télécharge Gmer.

  • Dézippe-le dans un dossier dédié ou sur ton Bureau.
  • Déconnecte toi d'Internet puis ferme tous les programmes.
  • Double-clique sur Gmer.exe.

Si une alerte de ton antivirus apparaît pour le fichier gmer.sys ou gmer.exe, laisse le s'executer.

  • Clique sur l'onglet Rootkit.
  • A droite, coche tout.
  • Clique maintenant sur Scan.
  • Lorsque le scan est terminé, clique sur Copy.
  • Ouvre le Bloc-notes puis clique sur le Menu Edition / Coller.
  • Le rapport doit alors apparaître.
  • Enregistre le fichier sur ton Bureau et upload-le sur mediafire.


Uploader un fichier sur mediafire :

  • Rends-toi sur ce lien : http://www.mediafire.com/
  • Clique en haut sur "Upload files To Media fire". Choisis ensuite "I want to upload without an account"
  • Une fenêtre de ton explorateur windows va s'ouvrir. Navigue jusqu'au rapport que je te demande d'uploader, sélectionne-le puis clique sur "ouvrir".
  • Clique ensuite sur "Upload".
  • A droite de l'écran, choisis : "upload to a new folder". Laisse le nom par défaut ( = la date )
  • Valide et laisse l'upload se faire.
  • Clique sur "Vieuw uploaded file" et copie-moi l'url ( = le lien ) du nouvel onglet ou de la nouvelle fenêtre qui va s'ouvrir dans ton prochain message. Ainsi, je pourrais télécharger le rapport demandé.


2) Télécharge DDS de sUBs et sauvegarde-le sur ton bureau.

  • Désactive tout script bloquant, tel q'un antivirus, un logiciel comme ad-block, noscript etc.
  • Double-clique sur dds.scr pour lancer l'outil. Ne double clique qu'une seule fois dessus, sois patient !
  • Une fois le scan fini, un document texte, DDS.txt, va s'ouvrir .
  • Clique Oui à la prochaine invite Optional Scan.
  • Sauvegarde les deux rapports sur ton bureau et poste-moi uniquement le DDS.txt, garde l'autre sous la main si jamais je te le demande. Copie/colle le rapport sur le forum. N'uploade des fichiers sur mediafire que si j'en fais la demande explicite.


;)

------------------------------ Prière de signaler si vous vous faites déjà aider sur un autre forum ou dans un autre topic.

Sécurité / Prévention
Répondre à Egwene
toufous35   05-12-2008 à 07:21:48
- 0 +

Lien mediafire :

[url=http://www.mediafire.com/?sharekey=0976eec96a1c4c7a91b20cc0d07ba4d2e5e93ad891896988][/url]

merci

Répondre à toufous35
toufous35   05-12-2008 à 07:26:22
- 0 +

Rapport DDS:


DDS (Version 1.0) - NTFSx86
Run by Moi at 7:24:54,73 on 05/12/2008
Microsoft Windows XP Professionnel 5.1.2600.2.1252.33.1036.18.1023.539 [GMT 1:00]

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
C:\WINDOWS\Explorer.EXE
svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\Program Files\Neuf\Kit\WiFi\9wifi.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\Program Files\FreePOPs\freepopsservice.exe
C:\Program Files\FreePOPs\freepopsd.exe
C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
C:\WINDOWS\system32\slserv.exe
C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe
C:\WINDOWS\System32\svchost.exe -k imgsvc
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Fichiers communs\Logishrd\LQCVFX\COCIManager.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\IncrediMail\bin\IMApp.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Moi\Bureau\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://home.neuf.fr/
uSearch Bar = hxxp://g.msn.fr/0SEFRFR/SAOS02
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
BHO: {1a2df15e-5bea-4a72-aa17-1c11412a369c} - c:\windows\system32\zepusf.dll
BHO: {6D794CB4-C7CD-4c6f-BFDC-9B77AFBDC02C} - c:\windows\system32\ssqPhIcB.dll
BHO: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre1.6.0_07\bin\ssv.dll
BHO: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\fichiers communs\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: {CC92FC51-1599-4A0A-A200-203DA1CD719E} - c:\windows\system32\jkkjjjif.dll
uRun: [AlcoholAutomount] "c:\program files\alcohol soft\alcohol 52\axcmd.exe" /automount
uRun: [IncrediMail] c:\program files\incredimail\bin\IncMail.exe /c
uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
mRun: [SiSUSBRG] c:\windows\SiSUSBrg.exe
mRun: [avast!] c:\progra~1\alwils~1\avast4\ashDisp.exe
mRun: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
mRun: [LogitechCommunicationsManager] "c:\program files\fichiers communs\logishrd\lcommgr\Communications_Helper.exe"
mRun: [LogitechQuickCamRibbon] "c:\program files\logitech\quickcam\Quickcam.exe" /hide
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"
mRun: [Autoconfigurateur WiFi SFR] "c:\program files\neuf\kit\wifi\9wifi.exe"
mRun: [4c20d9c7] rundll32.exe "c:\windows\system32\gksjrkhr.dll",b
mRunOnce: [WIAWizardMenu] RUNDLL32.EXE c:\windows\system32\sti_ci.dll,WiaCreateWizardMenu
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
dRunOnce: [SSS2006] "c:\program files\steganos security suite 2006\SSS2006.exe" -firstboot
StartupFolder: c:\documents and settings\all users\menu démarrer\programmes\démarrage\freepopsd.exe
StartupFolder: c:\documents and settings\all users\menu démarrer\programmes\démarrage\freepopsd.exe
uPolicies-explorer: NoSetActiveDesktop = 1 (0x1)
uPolicies-explorer: NoActiveDesktopChanges = 0 (0x0)
mPolicies-explorer: NoSetActiveDesktop = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 0
IE: E&xporter vers Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0004-ABCDEFFEDCBC} - c:\program files\java\jre1.6.0_07\bin\ssv.dll
IE: {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - {A1EDC4A1-940F-48E0-8DFD-E38F1D501021}
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
LSP: c:\program files\fichiers communs\pc tools\lsp\PCTLsp.dll
Handler: cetihpz - {CF184AD3-CDCB-4168-A3F7-8E447D129300} - c:\program files\hp\hpcoretech\comp\hpuiprot.dll
Notify: ssqPhIcB - ssqPhIcB.dll
AppInit_DLLs: zepusf.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: {6D794CB4-C7CD-4c6f-BFDC-9B77AFBDC02C} - c:\windows\system32\ssqPhIcB.dll
LSA: Authentication Packages = msv1_0 c:\windows\system32\jkkjjjif

============= SERVICES / DRIVERS ===============

R0 AVG Anti-Rootkit;AVG Anti-Rootkit;c:\windows\system32\drivers\avgarkt.sys [2007-1-31 5632]
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2008-6-8 111184]
R1 AvgArCln;Avg Anti-Rootkit Clean Driver;c:\windows\system32\drivers\AvgArCln.sys [2008-11-30 3968]
R1 pctfw2;pctfw2;\??\c:\windows\system32\drivers\pctfw2.sys [2008-11-30 160792]
R1 SLEE_13_DRIVER;Steganos Live Encryption Engine 13 [Driver];\??\c:\windows\system32\drivers\SLEE13.sys [2005-10-4 74240]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2008-6-8 20560]
R2 avast! Antivirus;avast! Antivirus;"c:\program files\alwil software\avast4\ashServ.exe" [2007-9-28 155160]
R3 avast! Mail Scanner;avast! Mail Scanner;"c:\program files\alwil software\avast4\ashMaiSv.exe" /service [2007-9-28 254040]
R3 avast! Web Scanner;avast! Web Scanner;"c:\program files\alwil software\avast4\ashWebSv.exe" /service [2007-9-28 352920]
R3 NETDLWL;D-Link Air Wireless Adapter(DL) NT Driver;c:\windows\system32\drivers\NETDLWL.SYS [2003-11-14 183680]
S0 xmasscsi;xmasscsi;c:\windows\system32\drivers\xmasscsi.sys []
S2 asc3550p;asc3550p; []
S2 Machnm32;Machnm32 Driver;\??\c:\windows\system32\Machnm32.sys []
S3 Duntlw;UNTLW device;c:\windows\system32\drivers\DuntlwNT.sys []
S3 fbxusb;FreeBox USB Network Adapter;c:\windows\system32\drivers\fbxusb.sys [2007-12-18 18848]
S3 IKFileSec;File Security Driver;c:\windows\system32\drivers\ikfilesec.sys [2008-11-30 40840]
S3 IkSysFlt;System Filter Driver;c:\windows\system32\drivers\iksysflt.sys [2008-11-30 66952]
S3 IKSysSec;System Security Driver;c:\windows\system32\drivers\iksyssec.sys [2008-11-30 81288]
S3 MEMSWEEP2;MEMSWEEP2;\??\c:\windows\system32\32.tmp []
S3 MSSQL$VLMSDE2KSP3;MSSQL$VLMSDE2KSP3;c:\program files\microsoft sql server\mssql$vlmsde2ksp3\binn\sqlservr.exe -sVLMSDE2KSP3 []
S3 sdAuxService;PC Tools Auxiliary Service;c:\program files\spyware doctor\pctsAuxs.exe [2008-11-30 356920]
S3 sdCoreService;PC Tools Security Service;c:\program files\spyware doctor\pctsSvc.exe [2008-11-30 1079176]
S3 SQLAgent$VLMSDE2KSP3;SQLAgent$VLMSDE2KSP3;c:\program files\microsoft sql server\mssql$vlmsde2ksp3\binn\sqlagent.EXE -i VLMSDE2KSP3 []
S4 Boonty Games;Boonty Games;"c:\program files\fichiers communs\boonty shared\service\Boonty.exe" []

=============== Created Last 30 ================

2008-12-05 07:10 250 a------- c:\windows\gmer.ini
2008-12-05 06:59 129,024 a------- c:\windows\system32\zepusf.dll
2008-12-05 06:59 129,024 a------- c:\windows\system32\tqgqijtx.dll
2008-12-05 06:56 120 ---sh--- c:\windows\system32\rhkrjskg.ini
2008-12-05 06:56 72,704 a------- c:\windows\system32\gksjrkhr.dll
2008-12-04 07:41 244 a---h--- C:\sqmnoopt02.sqm
2008-12-04 07:41 232 a---h--- C:\sqmdata02.sqm
2008-12-04 06:57 129,024 a------- c:\windows\system32\tgqopc.dll
2008-12-04 06:57 129,024 a------- c:\windows\system32\exqccgdg.dll
2008-12-04 06:55 120 ---sh--- c:\windows\system32\iswuialu.ini
2008-12-04 06:55 72,704 -------- c:\windows\system32\ulaiuwsi.dll
2008-12-03 18:36 129,024 a------- c:\windows\system32\drbqxq.dll
2008-12-03 18:36 129,024 a------- c:\windows\system32\dyqnwjas.dll
2008-12-03 18:33 120 ---sh--- c:\windows\system32\chcpfeli.ini
2008-12-03 07:43 244 a---h--- C:\sqmnoopt01.sqm
2008-12-03 07:43 232 a---h--- C:\sqmdata01.sqm
2008-12-02 22:55 563,732 a--sh--- c:\windows\system32\fijjjkkj.ini2
2008-12-02 18:32 129,024 a------- c:\windows\system32\mhttlp.dll
2008-12-02 18:32 120 ---sh--- c:\windows\system32\naxaoitn.ini
2008-12-02 18:32 129,024 a------- c:\windows\system32\wptbkadr.dll
2008-12-02 18:32 564,071 a--sh--- c:\windows\system32\fijjjkkj.ini
2008-12-02 18:32 302,592 a------- c:\windows\system32\jkkjjjif.dll
2008-12-02 18:24 244 a---h--- C:\sqmnoopt00.sqm
2008-12-02 18:24 232 a---h--- C:\sqmdata00.sqm
2008-12-02 18:05 120 ---sh--- c:\windows\system32\arluphly.ini
2008-12-02 18:05 72,704 a------- c:\windows\system32\ylhpulra.dll
2008-12-02 18:04 129,024 a------- c:\windows\system32\yxyqglan.dll
2008-12-02 18:04 129,024 a------- c:\windows\system32\sywagp.dll
2008-12-01 12:58 2,015 ----hr-- c:\windows\system32\drivers\hosts
2008-12-01 12:58 <DIR> --d----- c:\program files\RogueRemover PRO
2008-12-01 09:07 <DIR> --d----- c:\program files\RogueRemover FREE
2008-12-01 08:56 <DIR> --d----- c:\program files\Spybot - Search & Destroy
2008-11-30 22:10 <DIR> --d----- c:\documents and settings\moi\SmitfraudFix
2008-11-30 22:05 72,704 a------- c:\windows\system32\telgdaoo.dll
2008-11-30 22:02 129,024 a------- c:\windows\system32\ivbojn.dll
2008-11-30 22:02 129,024 a------- c:\windows\system32\lkuhydim.dll
2008-11-30 21:42 160,792 a------- c:\windows\system32\drivers\pctfw2.sys
2008-11-30 21:18 3,968 a------- c:\windows\system32\drivers\AvgArCln.sys
2008-11-30 20:42 129,024 a------- c:\windows\system32\yudybg.dll
2008-11-30 20:42 129,024 a------- c:\windows\system32\jhiplcfs.dll
2008-11-30 19:24 81,288 a------- c:\windows\system32\drivers\iksyssec.sys
2008-11-30 19:24 66,952 a------- c:\windows\system32\drivers\iksysflt.sys
2008-11-30 19:24 40,840 a------- c:\windows\system32\drivers\ikfilesec.sys
2008-11-30 19:24 29,576 a------- c:\windows\system32\drivers\kcom.sys
2008-11-30 19:24 <DIR> --d----- c:\program files\Spyware Doctor
2008-11-30 19:24 <DIR> --d----- c:\docume~1\alluse~1\applic~1\PC Tools
2008-11-30 19:13 <DIR> --d----- c:\docume~1\alluse~1\applic~1\WinZipSE
2008-11-30 19:13 4,785 a------- c:\windows\system32\warning.gif
2008-11-30 19:13 3,104 a------- c:\windows\system32\ntdll64.exe
2008-11-30 19:13 1 a------- c:\windows\system32\test.ttt
2008-11-30 19:12 32,256 a------- c:\windows\system32\frmwrk32.exe
2008-11-30 19:12 38,400 a------- c:\windows\system32\ssqPhIcB.dll
2008-11-19 12:27 <DIR> --d----- c:\documents and settings\moi\.LOGOComfort6
2008-11-19 11:35 <DIR> --d----- c:\documents and settings\moi\.LOGOComfort4
2008-11-19 11:34 <DIR> --d----- c:\program files\Siemens
2008-11-15 11:01 54,156 a---h--- c:\windows\QTFont.qfn
2008-11-15 11:01 1,409 a------- c:\windows\QTFont.for
2008-11-10 21:03 <DIR> --d----- c:\docume~1\alluse~1\applic~1\SFR
2008-11-10 21:02 <DIR> --d----- c:\program files\SFR
2008-11-07 12:42 <DIR> --d----- c:\program files\FreePOPs

==================== Find3M ====================

2008-12-02 18:59 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Spybot - Search & Destroy
2008-12-02 18:53 2,754 a------- c:\windows\system32\tmp.reg
2008-12-02 18:08 <DIR> --d-h--- c:\program files\Zero G Registry
2008-12-02 18:08 <DIR> --d----- c:\program files\Destinator PC Portal
2008-11-30 21:51 492,146 a------- c:\windows\system32\perfh00C.dat
2008-11-30 21:51 84,654 a------- c:\windows\system32\perfc00C.dat
2008-11-30 21:42 <DIR> --d----- c:\program files\fichiers communs\PC Tools
2008-11-30 20:23 <DIR> --d----- c:\program files\eMule
2008-11-07 12:19 <DIR> --d----- c:\program files\Nvu
2008-11-01 15:28 5,120 a------- c:\windows\system32\lwel-manifest.dll
2008-10-26 12:22 <DIR> --d----- c:\program files\NetMeter
2008-10-26 12:21 <DIR> --d----- c:\program files\Pinnacle
2008-10-26 12:19 <DIR> --d----- c:\program files\Schneider Electric
2008-10-26 11:32 <DIR> --d----- c:\program files\NetDrive
2008-09-15 17:49 <DIR> --d----- c:\docume~1\moi\applic~1\GARMIN
2008-03-26 07:43 <DIR> --d----- c:\docume~1\alluse~1\applic~1\IM
2008-03-26 07:42 <DIR> --d----- c:\docume~1\alluse~1\applic~1\IncrediMail
2008-03-23 12:08 <DIR> --d----- c:\docume~1\moi\applic~1\BitTorrent
2008-03-23 09:54 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Pinnacle VideoSpin
2008-03-23 09:52 <DIR> --d----- c:\docume~1\alluse~1\applic~1\VideoSpin
2008-01-21 10:31 <DIR> --d----- c:\docume~1\alluse~1\applic~1\License
2008-01-19 17:50 <DIR> --d----- c:\docume~1\alluse~1\applic~1\HipSoft
2007-10-17 09:14 <DIR> --d----- c:\docume~1\moi\applic~1\tor
2007-09-30 08:15 <DIR> --d----- c:\docume~1\moi\applic~1\Nvu
2007-09-27 13:41 <DIR> --d----- c:\docume~1\moi\applic~1\Bull
2007-09-27 13:31 <DIR> --d----- c:\docume~1\moi\applic~1\Feedreader
2007-09-27 11:33 <DIR> --d----- c:\docume~1\moi\applic~1\AveDesk
2007-09-14 15:53 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Messenger Plus!
2007-08-16 10:02 <DIR> --d----- c:\docume~1\moi\applic~1\SolidWorks
2007-08-09 19:18 <DIR> --d----- c:\docume~1\moi\applic~1\Zylom
2007-08-09 11:14 <DIR> --d----- c:\docume~1\alluse~1\applic~1\SpinTop Games
2007-08-07 10:17 <DIR> --d----- c:\docume~1\moi\applic~1\SolidWorksNewsReader
2007-08-07 10:13 <DIR> --d----- c:\docume~1\moi\applic~1\DWGeditor
2007-07-25 18:16 <DIR> --d----- c:\docume~1\moi\applic~1\Samsung
2007-07-24 18:05 <DIR> --d----- c:\docume~1\moi\applic~1\funkitron
2007-07-24 13:02 <DIR> --d----- c:\docume~1\moi\applic~1\EA
2007-07-24 13:02 <DIR> --d----- c:\docume~1\alluse~1\applic~1\EA
2007-07-23 19:56 <DIR> --d----- c:\docume~1\moi\applic~1\iWin
2007-07-14 09:11 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Friends Games
2007-06-29 16:43 <DIR> --d----- c:\docume~1\moi\applic~1\Dynamique
2007-06-29 16:43 <DIR> --d----- c:\docume~1\moi\applic~1\Sites prédéfinis
2007-06-25 14:51 <DIR> --d----- c:\docume~1\alluse~1\applic~1\JollyBear
2007-06-22 09:30 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Playtonium Games
2007-06-20 17:28 <DIR> --d----- c:\docume~1\moi\applic~1\FloodLightGames
2007-06-20 17:28 <DIR> --d----- c:\docume~1\alluse~1\applic~1\FloodLightGames
2007-06-13 14:44 <DIR> --d----- c:\docume~1\moi\applic~1\Beep Industries
2007-06-01 12:30 <DIR> --d----- c:\docume~1\alluse~1\applic~1\BOONTY
2007-05-14 16:45 <DIR> --d----- c:\docume~1\moi\applic~1\Printer Info Cache
2007-04-29 14:27 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Symantec
2007-03-28 18:13 <DIR> --d----- c:\docume~1\moi\applic~1\fltk.org
2007-03-04 21:38 <DIR> --d----- c:\docume~1\moi\applic~1\Webshots
2007-03-01 10:49 <DIR> --d----- c:\docume~1\alluse~1\applic~1\MSScanAppDataDir
2007-02-24 17:56 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Zylom
2007-02-04 22:15 <DIR> --d----- c:\docume~1\moi\applic~1\PC Tools
2007-02-03 10:01 <DIR> --d----- c:\docume~1\moi\applic~1\.gaim
2006-08-07 15:52 <DIR> --d----- c:\docume~1\moi\applic~1\IsolatedStorage
2006-08-05 15:16 <DIR> --d----- c:\docume~1\moi\applic~1\Symantec
2006-08-07 09:30 2,828 a--sh--- c:\windows\system32\KGyGaAvL.sys

============= FINISH: 7:25:44,62 ===============

Répondre à toufous35
Egwene   05-12-2008 à 10:31:14
- 0 +

Re,

! Désactive tes protections résidentes (antivirus, Spybot-S&D, etc.) !

  • Télécharge ComboFix (sUBs) sur ton Bureau.
  • Double clique sur ComboFix.exe (le .exe n'est pas forcément visible) afin de le lancer.
  • Il va te demander d'installer la console de récupération : accepte.
  • Lorsque la recherche sera terminée, un rapport apparaîtra. Poste ce rapport (C:\combofix.txt*) dans ta prochaine réponse.



AIDE : Un guide et un tutoriel sur l'utilisation de ComboFix
* le nom de la partition peut changer

;)

Répondre à Egwene
toufous35   05-12-2008 à 19:39:39
- 0 +

Alors voici le rapport ComboFix:

ComboFix 08-12-05.01 - Moi 2008-12-05 19:31:51.1 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.646 [GMT 1:00]
Lancé depuis: c:\documents and settings\Moi\Bureau\ComboFix.exe
Commutateurs utilisés :: c:\documents and settings\Moi\Bureau\WindowsXP-KB310994-SP2-Pro-BootDisk-FRA.exe
* Un nouveau point de restauration a été créé
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\system32\arluphly.ini
c:\windows\system32\chcpfeli.ini
c:\windows\system32\drbqxq.dll
c:\windows\system32\dyqnwjas.dll
c:\windows\system32\emdfqolm.ini
c:\windows\system32\exqccgdg.dll
c:\windows\system32\fijjjkkj.ini
c:\windows\system32\fijjjkkj.ini2
c:\windows\system32\iswuialu.ini
c:\windows\system32\ivbojn.dll
c:\windows\system32\jhiplcfs.dll
c:\windows\system32\jkkjjjif.dll
c:\windows\system32\lkuhydim.dll
c:\windows\system32\mhttlp.dll
c:\windows\system32\mloqfdme.dll
c:\windows\system32\naxaoitn.ini
c:\windows\system32\omicph.dll
c:\windows\system32\rhkrjskg.ini
c:\windows\system32\sywagp.dll
c:\windows\system32\telgdaoo.dll
c:\windows\system32\tgqopc.dll
c:\windows\system32\tqgqijtx.dll
c:\windows\system32\uxvdpbpc.dll
c:\windows\system32\wptbkadr.dll
c:\windows\system32\ylhpulra.dll
c:\windows\system32\yudybg.dll
c:\windows\system32\yxyqglan.dll
c:\windows\system32\zepusf.dll
c:\windows\Tasks\dyjdgzlx.job

.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_ASC3550P
-------\Legacy_BOONTY_GAMES
-------\Legacy_NPF
-------\Service_asc3550p
-------\Service_Boonty Games


((((((((((((((((((((((((((((( Fichiers créés du 2008-11-05 au 2008-12-05 ))))))))))))))))))))))))))))))))))))
.

2008-12-05 07:10 . 2008-12-05 07:10 250 --a------ c:\windows\gmer.ini
2008-12-04 07:41 . 2008-12-04 07:41 244 --ah----- C:\sqmnoopt02.sqm
2008-12-04 07:41 . 2008-12-04 07:41 232 --ah----- C:\sqmdata02.sqm
2008-12-03 07:43 . 2008-12-03 07:43 244 --ah----- C:\sqmnoopt01.sqm
2008-12-03 07:43 . 2008-12-03 07:43 232 --ah----- C:\sqmdata01.sqm
2008-12-02 18:24 . 2008-12-02 18:24 244 --ah----- C:\sqmnoopt00.sqm
2008-12-02 18:24 . 2008-12-02 18:24 232 --ah----- C:\sqmdata00.sqm
2008-12-01 12:58 . 2008-12-01 12:58 <REP> d-------- c:\program files\RogueRemover PRO
2008-12-01 12:58 . 2008-12-01 12:58 2,015 -r-h----- c:\windows\system32\drivers\hosts
2008-12-01 09:07 . 2008-12-01 12:55 <REP> d-------- c:\program files\RogueRemover FREE
2008-12-01 08:56 . 2008-12-01 09:07 <REP> d-------- c:\program files\Spybot - Search & Destroy
2008-11-30 22:10 . 2008-12-02 18:40 <REP> d-------- c:\documents and settings\Moi\SmitfraudFix
2008-11-30 21:42 . 2008-07-28 12:29 160,792 --a------ c:\windows\system32\drivers\pctfw2.sys
2008-11-30 21:18 . 2007-01-18 13:00 3,968 --a------ c:\windows\system32\drivers\AvgArCln.sys
2008-11-30 21:10 . 2008-11-30 21:10 <REP> dr------- c:\documents and settings\LocalService\Favoris
2008-11-30 19:24 . 2008-12-01 13:12 <REP> d-------- c:\program files\Spyware Doctor
2008-11-30 19:24 . 2008-11-30 19:24 <REP> d-------- c:\documents and settings\All Users\Application Data\PC Tools
2008-11-30 19:24 . 2008-08-25 12:36 81,288 --a------ c:\windows\system32\drivers\iksyssec.sys
2008-11-30 19:24 . 2008-08-25 12:36 66,952 --a------ c:\windows\system32\drivers\iksysflt.sys
2008-11-30 19:24 . 2008-08-25 12:36 40,840 --a------ c:\windows\system32\drivers\ikfilesec.sys
2008-11-30 19:24 . 2008-06-02 16:19 29,576 --a------ c:\windows\system32\drivers\kcom.sys
2008-11-30 19:13 . 2008-11-30 19:13 <REP> d-------- c:\documents and settings\All Users\Application Data\WinZipSE
2008-11-30 19:13 . 2008-12-01 12:22 4,785 --a------ c:\windows\system32\warning.gif
2008-11-30 19:13 . 2008-12-01 12:22 3,104 --a------ c:\windows\system32\ntdll64.exe
2008-11-30 19:13 . 2008-11-30 19:13 1 --a------ c:\windows\system32\test.ttt
2008-11-30 19:12 . 2008-11-30 19:12 38,400 --a------ c:\windows\system32\ssqPhIcB.dll
2008-11-30 19:12 . 2008-11-27 13:19 32,256 --a------ c:\windows\system32\frmwrk32.exe
2008-11-19 12:27 . 2008-11-20 10:29 <REP> d-------- c:\documents and settings\Moi\.LOGOComfort6
2008-11-19 11:35 . 2008-12-02 18:08 <REP> d-------- c:\documents and settings\Moi\.LOGOComfort4
2008-11-19 11:34 . 2008-11-19 12:27 <REP> d-------- c:\program files\Siemens
2008-11-15 11:01 . 2008-11-23 11:08 54,156 --ah----- c:\windows\QTFont.qfn
2008-11-15 11:01 . 2008-11-15 11:01 1,409 --a------ c:\windows\QTFont.for
2008-11-10 21:03 . 2008-11-10 21:03 <REP> d-------- c:\documents and settings\All Users\Application Data\SFR
2008-11-10 21:02 . 2008-11-10 21:02 <REP> d-------- c:\program files\SFR
2008-11-07 12:42 . 2008-11-07 12:47 <REP> d-------- c:\program files\FreePOPs

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-12-02 17:59 --------- d-----w c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2008-12-02 17:53 2,754 ----a-w c:\windows\system32\tmp.reg
2008-12-02 17:08 --------- d--h--w c:\program files\Zero G Registry
2008-12-02 17:08 --------- d-----w c:\program files\Destinator PC Portal
2008-12-01 12:12 --------- d---a-w c:\documents and settings\All Users\Application Data\TEMP
2008-11-30 20:42 --------- d-----w c:\program files\Fichiers communs\PC Tools
2008-11-30 19:23 --------- d-----w c:\program files\eMule
2008-11-25 14:24 --------- d-----w c:\documents and settings\Moi\Application Data\Canon
2008-11-20 09:27 --------- d--h--w c:\program files\InstallShield Installation Information
2008-11-08 09:24 --------- d-----w c:\program files\Fichiers communs\Adobe
2008-11-07 11:19 --------- d-----w c:\program files\Nvu
2008-11-07 08:24 --------- d-----w c:\documents and settings\All Users\Application Data\Skype
2008-11-07 08:22 --------- d-----w c:\documents and settings\Moi\Application Data\skypePM
2008-11-01 14:28 5,120 ----a-w c:\windows\system32\lwel-manifest.dll
2008-10-26 11:22 --------- d-----w c:\program files\NetMeter
2008-10-26 11:21 --------- d-----w c:\program files\Pinnacle
2008-10-26 11:19 --------- d-----w c:\program files\Schneider Electric
2008-10-26 10:32 --------- d-----w c:\program files\NetDrive
2008-10-18 20:12 --------- d-----w c:\documents and settings\Moi\Application Data\FileZilla
2008-10-14 17:38 --------- d-----w c:\program files\Fichiers communs\LogiShrd
2008-10-14 17:27 --------- d-----w c:\program files\Logitech
2008-10-14 17:27 --------- d-----w c:\documents and settings\All Users\Application Data\Logishrd
2008-10-06 05:44 --------- d-----w c:\documents and settings\Moi\Application Data\OpenOffice.org2
2008-09-21 13:28 8 ----a-w c:\documents and settings\Moi\.bztarotcumul.dat
2006-08-07 08:30 2,828 --sha-w c:\windows\system32\KGyGaAvL.sys
.

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{6D794CB4-C7CD-4c6f-BFDC-9B77AFBDC02C}]
2008-11-30 19:12 38400 --a------ c:\windows\system32\ssqPhIcB.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AlcoholAutomount"="c:\program files\Alcohol Soft\Alcohol 52\axcmd.exe" [2007-07-02 219008]
"IncrediMail"="c:\program files\IncrediMail\bin\IncMail.exe" [2008-07-24 243072]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2007-11-06 5724184]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SiSUSBRG"="c:\windows\SiSUSBrg.exe" [2002-07-12 106496]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2008-11-26 81000]
"LogitechCommunicationsManager"="c:\program files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe" [2007-10-25 563984]
"LogitechQuickCamRibbon"="c:\program files\Logitech\QuickCam\Quickcam.exe" [2007-10-25 2178832]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-15 39792]
"Autoconfigurateur WiFi SFR"="c:\program files\Neuf\Kit\WiFi\9wifi.exe" [2008-09-01 287984]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"WIAWizardMenu"="c:\windows\system32\sti_ci.dll" [2004-08-19 138240]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2004-08-19 15360]

c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
freepopsd.exe [2008-11-01 49152]

c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
freepopsd.exe [2008-11-01 49152]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{6D794CB4-C7CD-4c6f-BFDC-9B77AFBDC02C}"= "c:\windows\system32\ssqPhIcB.dll" [2008-11-30 38400]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ssqPhIcB]
2008-11-30 19:12 38400 c:\windows\system32\ssqPhIcB.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=omicph.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"vidc.VSPX"= vspxvfw.dll

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001
"UpdatesDisableNotify"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\WINDOWS\\system32\\sessmgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\FTP Expert 3\\ftpxpert3.exe"=
"c:\\WINDOWS\\system32\\mmc.exe"=
"c:\\Program Files\\IncrediMail\\bin\\IMApp.exe"=
"c:\\Program Files\\IncrediMail\\bin\\IncMail.exe"=
"c:\\Program Files\\IncrediMail\\bin\\ImpCnt.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\program files\Neuf\Media Center\httpd\httpd.exe"= c:\program files\Neuf\Media Center\httpd\httpd.exe:172.16.255.0/255.255.255.0,192.168.1.2/255.255.255.255:Enabled:Serveur de partage Media Center (Player Neuf Cegetel)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"58520:TCP"= 58520:TCP:emuleTCP
"65192:TCP"= 65192:TCP:emuleUDP

R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2008-06-08 111184]
R1 pctfw2;pctfw2;\??\c:\windows\system32\drivers\pctfw2.sys [2008-11-30 160792]
R1 SLEE_13_DRIVER;Steganos Live Encryption Engine 13 [Driver];\??\c:\windows\system32\drivers\SLEE13.sys [2005-10-04 16:42:36 74240]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\DRIVERS\aswFsBlk.sys [2008-06-08 20560]
R3 NETDLWL;D-Link Air Wireless Adapter(DL) NT Driver;c:\windows\system32\DRIVERS\NETDLWL.SYS [2003-11-14 183680]
S0 xmasscsi;xmasscsi;c:\windows\system32\Drivers\xmasscsi.sys []
S2 Machnm32;Machnm32 Driver;\??\c:\windows\System32\Machnm32.sys []
S3 Duntlw;UNTLW device;c:\windows\system32\Drivers\DuntlwNT.sys []
S3 fbxusb;FreeBox USB Network Adapter;c:\windows\system32\DRIVERS\fbxusb.sys [2007-12-18 18848]
S3 MEMSWEEP2;MEMSWEEP2;\??\c:\windows\system32\32.tmp []
S3 MSSQL$VLMSDE2KSP3;MSSQL$VLMSDE2KSP3;c:\program files\Microsoft SQL Server\MSSQL$VLMSDE2KSP3\Binn\sqlservr.exe -sVLMSDE2KSP3 []
S3 sdAuxService;PC Tools Auxiliary Service;c:\program files\Spyware Doctor\pctsAuxs.exe [2008-11-30 356920]
S3 SQLAgent$VLMSDE2KSP3;SQLAgent$VLMSDE2KSP3;c:\program files\Microsoft SQL Server\MSSQL$VLMSDE2KSP3\Binn\sqlagent.EXE -i VLMSDE2KSP3 []

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{7f6de3b2-c9bf-11db-bd44-000b6a48fc42}]
\Shell\AutoRun\command - F:\CdAutoRun.exe
.
Contenu du dossier 'Tâches planifiées'

2008-01-25 c:\windows\Tasks\dfrg.job
- c:\windows\system32\dfrg.msc [2001-08-28 15:00]
.
- - - - ORPHELINS SUPPRIMES - - - -

BHO-{3f9b412d-e91b-40cd-88b3-12db6b5be17e} - c:\windows\system32\omicph.dll
BHO-{80DC4791-EAC6-445E-BC6B-D21F27C5912B} - (no file)
BHO-{D236C1BD-175D-4E1D-BB7A-D14A68A1DE4B} - c:\windows\system32\jkkjjjif.dll
HKU-Default-RunOnce-SSS2006 - c:\program files\Steganos Security Suite 2006\SSS2006.exe


.
------- Examen supplémentaire -------
.
uStart Page = hxxp://home.neuf.fr/
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
LSP: c:\program files\Fichiers communs\PC Tools\LSP\PCTLsp.dll

O16 -: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab
c:\windows\Downloaded Program Files\DirectAnimation Java Classes.osd

O16 -: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
c:\windows\Downloaded Program Files\Microsoft XML Parser for Java.osd
FireFox -: Profile - c:\documents and settings\Moi\Application Data\Mozilla\Firefox\Profiles\0se24t9z.default\
FF -: plugin - c:\documents and settings\All Users\Application Data\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll
FF -: plugin - c:\program files\Mozilla Firefox\plugins\npyaxmpb.dll
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-12-05 19:36:30
Windows 5.1.2600 Service Pack 2 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet003\Services\MEMSWEEP2]
"ImagePath"="\??\c:\windows\system32\32.tmp"
.
--------------------- DLLs chargées dans les processus actifs ---------------------

- - - - - - - > 'winlogon.exe'(804)
c:\windows\system32\ssqPhIcB.dll

- - - - - - - > 'lsass.exe'(860)
c:\program files\Fichiers communs\PC Tools\LSP\PCTLsp.dll
.
------------------------ Autres processus actifs ------------------------
.
c:\program files\Alwil Software\Avast4\aswUpdSv.exe
c:\program files\Alwil Software\Avast4\ashServ.exe
c:\windows\system32\drivers\CDAC11BA.EXE
c:\program files\FreePOPs\freepopsservice.exe
c:\program files\FreePOPs\freepopsd.exe
c:\program files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
c:\program files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe
c:\program files\IncrediMail\bin\IMApp.exe
c:\program files\Alwil Software\Avast4\ashMaiSv.exe
c:\program files\Alwil Software\Avast4\ashWebSv.exe
c:\program files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
c:\program files\Fichiers communs\LogiShrd\LQCVFX\COCIManager.exe
.
**************************************************************************
.
Heure de fin: 2008-12-05 19:39:27 - La machine a redémarré
ComboFix-quarantined-files.txt 2008-12-05 18:39:23

Avant-CF: 67 054 616 576 octets libres
Après-CF: 66,999,713,792 octets libres

WindowsXP-KB310994-SP2-Pro-BootDisk-FRA.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professionnel" /fastdetect /NoExecute=OptIn

252 --- E O F --- 2008-01-09 21:58:25

Répondre à toufous35
Egwene   05-12-2008 à 20:30:12
- 0 +

Re,

Sélectionne l'intégralité du cadre ci-dessous :

http://www.infos-du-net.com/forum/283924-11-plusieur-infection-diverses#bas

Collect::
c:\windows\system32\ssqPhIcB.dll
c:\windows\system32\frmwrk32.exe
c:\windows\system32\ntdll64.exe

FileLook::
c:\windows\system32\warning.gif
c:\windows\system32\test.ttt
c:\documents and settings\Moi\.bztarotcumul.dat

Registry::
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{6D794CB4-C7CD-4c6f-BFDC-9B77AFBDC02C}]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{6D794CB4-C7CD-4c6f-BFDC-9B77AFBDC02C}"=-
[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ssqPhIcB]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=""
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"58520:TCP"=-
"65192:TCP"=-
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{7f6de3b2-c9bf-11db-bd44-000b6a48fc42}]



  • Copie/colle le dans le Bloc Notes (Démarrer\Tous les programmes\Accessoires\Bloc notes.)
  • Enregistre le sous sur ton bureau sous le nom de CFScript.txt
  • Glisse maintenant le fichier CFScript.txt dans ComboFix.exe comme ci-dessous :

http://membres.lycos.fr/wawaseb8/images/help/cfscript.gif

  • Cela va relancer Combofix.
  • ComboFix créera ces fichiers sur ton Bureau :

- Un fichier zippé nommé Submit [Date Time].zip
- Un second fichier nommé - CF-Submit.htm

  • ComboFix peut exiger un redémarrage pour compléter son travail. Accepte.
  • Lorsque l'outil aura terminé, un rapport ComboFix.log apparaîtra à l'écran.
  • Une nouvelle fenêtre avec invite "Submit Files for further analysis" s'ouvrira. Clique "OK"
  • Ton navigateur se lancera automatiquement avec le fichier CF-Submit.htm et une fenêtre s'ouvrira :

- Clique sur le bouton "Browse"("Parcourir" ) et navigue vers le fichier
Submit [Date Time].zip qui est sur ton Bureau.
- Clique sur le fichier afin de le sélectionner.

  • Soumets le fichier en cliquant "OK"
  • Lorsque cette opération sera complétée, tu peux supprimer ces deux fichiers qui se trouvent sur ton Bureau.

Poste le contenu du rapport ComboFix.txt après redémarrage s'il y en a un.

;)

Répondre à Egwene
toufous35   06-12-2008 à 08:52:21
- 0 +

Salut, alors le copier/coller dans le txt => OK!
le txt dans ComboFix => OK!
Création des 2 fichiers (le zip et le htm) => Négatif !

Combofix démarre bien, et s'exécute jusqu'à faire son rapport !

Mais toute la partie dont tu me parles avec le reboot et mon navigateur (au passage, j'utilise FireFox), rien de tout cela n'as eu lieu.

Voici quand même le rapport de ComboFix:

ComboFix 08-12-05.02 - Moi 2008-12-06 8:42:56.3 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.550 [GMT 1:00]
Lancé depuis: c:\documents and settings\Moi\Bureau\ComboFix.exe
Commutateurs utilisés :: c:\documents and settings\Moi\Bureau\CFScript.txt
* Un nouveau point de restauration a été créé
.

((((((((((((((((((((((((((((( Fichiers créés du 2008-11-06 au 2008-12-06 ))))))))))))))))))))))))))))))))))))
.

2008-12-05 07:10 . 2008-12-05 07:10 250 --a------ c:\windows\gmer.ini
2008-12-04 07:41 . 2008-12-04 07:41 244 --ah----- C:\sqmnoopt02.sqm
2008-12-04 07:41 . 2008-12-04 07:41 232 --ah----- C:\sqmdata02.sqm
2008-12-03 07:43 . 2008-12-03 07:43 244 --ah----- C:\sqmnoopt01.sqm
2008-12-03 07:43 . 2008-12-03 07:43 232 --ah----- C:\sqmdata01.sqm
2008-12-02 18:24 . 2008-12-02 18:24 244 --ah----- C:\sqmnoopt00.sqm
2008-12-02 18:24 . 2008-12-02 18:24 232 --ah----- C:\sqmdata00.sqm
2008-12-01 12:58 . 2008-12-01 12:58 <REP> d-------- c:\program files\RogueRemover PRO
2008-12-01 12:58 . 2008-12-01 12:58 2,015 -r-h----- c:\windows\system32\drivers\hosts
2008-12-01 09:07 . 2008-12-01 12:55 <REP> d-------- c:\program files\RogueRemover FREE
2008-12-01 08:56 . 2008-12-01 09:07 <REP> d-------- c:\program files\Spybot - Search & Destroy
2008-11-30 22:10 . 2008-12-02 18:40 <REP> d-------- c:\documents and settings\Moi\SmitfraudFix
2008-11-30 21:42 . 2008-07-28 12:29 160,792 --a------ c:\windows\system32\drivers\pctfw2.sys
2008-11-30 21:18 . 2007-01-18 13:00 3,968 --a------ c:\windows\system32\drivers\AvgArCln.sys
2008-11-30 21:10 . 2008-11-30 21:10 <REP> dr------- c:\documents and settings\LocalService\Favoris
2008-11-30 19:24 . 2008-12-01 13:12 <REP> d-------- c:\program files\Spyware Doctor
2008-11-30 19:24 . 2008-11-30 19:24 <REP> d-------- c:\documents and settings\All Users\Application Data\PC Tools
2008-11-30 19:24 . 2008-08-25 12:36 81,288 --a------ c:\windows\system32\drivers\iksyssec.sys
2008-11-30 19:24 . 2008-08-25 12:36 66,952 --a------ c:\windows\system32\drivers\iksysflt.sys
2008-11-30 19:24 . 2008-08-25 12:36 40,840 --a------ c:\windows\system32\drivers\ikfilesec.sys
2008-11-30 19:24 . 2008-06-02 16:19 29,576 --a------ c:\windows\system32\drivers\kcom.sys
2008-11-30 19:13 . 2008-11-30 19:13 <REP> d-------- c:\documents and settings\All Users\Application Data\WinZipSE
2008-11-30 19:13 . 2008-12-01 12:22 4,785 --a------ c:\windows\system32\warning.gif
2008-11-30 19:13 . 2008-11-30 19:13 1 --a------ c:\windows\system32\test.ttt
2008-11-19 12:27 . 2008-11-20 10:29 <REP> d-------- c:\documents and settings\Moi\.LOGOComfort6
2008-11-19 11:35 . 2008-12-02 18:08 <REP> d-------- c:\documents and settings\Moi\.LOGOComfort4
2008-11-19 11:34 . 2008-11-19 12:27 <REP> d-------- c:\program files\Siemens
2008-11-15 11:01 . 2008-11-23 11:08 54,156 --ah----- c:\windows\QTFont.qfn
2008-11-15 11:01 . 2008-11-15 11:01 1,409 --a------ c:\windows\QTFont.for
2008-11-10 21:03 . 2008-11-10 21:03 <REP> d-------- c:\documents and settings\All Users\Application Data\SFR
2008-11-10 21:02 . 2008-11-10 21:02 <REP> d-------- c:\program files\SFR
2008-11-07 12:42 . 2008-11-07 12:47 <REP> d-------- c:\program files\FreePOPs

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-12-02 17:59 --------- d-----w c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2008-12-02 17:53 2,754 ----a-w c:\windows\system32\tmp.reg
2008-12-02 17:08 --------- d--h--w c:\program files\Zero G Registry
2008-12-02 17:08 --------- d-----w c:\program files\Destinator PC Portal
2008-12-01 12:12 --------- d---a-w c:\documents and settings\All Users\Application Data\TEMP
2008-11-30 20:42 --------- d-----w c:\program files\Fichiers communs\PC Tools
2008-11-30 19:23 --------- d-----w c:\program files\eMule
2008-11-25 14:24 --------- d-----w c:\documents and settings\Moi\Application Data\Canon
2008-11-20 09:27 --------- d--h--w c:\program files\InstallShield Installation Information
2008-11-08 09:24 --------- d-----w c:\program files\Fichiers communs\Adobe
2008-11-07 11:19 --------- d-----w c:\program files\Nvu
2008-11-07 08:24 --------- d-----w c:\documents and settings\All Users\Application Data\Skype
2008-11-07 08:22 --------- d-----w c:\documents and settings\Moi\Application Data\skypePM
2008-11-01 14:28 5,120 ----a-w c:\windows\system32\lwel-manifest.dll
2008-10-26 11:22 --------- d-----w c:\program files\NetMeter
2008-10-26 11:21 --------- d-----w c:\program files\Pinnacle
2008-10-26 11:19 --------- d-----w c:\program files\Schneider Electric
2008-10-26 10:32 --------- d-----w c:\program files\NetDrive
2008-10-18 20:12 --------- d-----w c:\documents and settings\Moi\Application Data\FileZilla
2008-10-14 17:38 --------- d-----w c:\program files\Fichiers communs\LogiShrd
2008-10-14 17:27 --------- d-----w c:\program files\Logitech
2008-10-14 17:27 --------- d-----w c:\documents and settings\All Users\Application Data\Logishrd
2008-10-06 05:44 --------- d-----w c:\documents and settings\Moi\Application Data\OpenOffice.org2
2008-09-21 13:28 8 ----a-w c:\documents and settings\Moi\.bztarotcumul.dat
2006-08-07 08:30 2,828 --sha-w c:\windows\system32\KGyGaAvL.sys
.

(((((((((((((((((((((((((((((((((((((((((((( Look )))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\Moi\.bztarotcumul.dat -- Not a PE file.
MD5: eec827ce14aabcdc10241cd2537d5d58

c:\windows\system32\test.ttt -- Not a PE file.
MD5: 68b329da9893e34099c7d8ad5cb9c940

c:\windows\system32\warning.gif -- Not a PE file.
MD5: 2a6c59b33927df1213bea4c75a2fb150


((((((((((((((((((((((((((((( snapshot@2008-12-05_19.38.52.43 )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-12-06 07:34:30 16,384 ----atw c:\windows\Temp\Perflib_Perfdata_688.dat
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AlcoholAutomount"="c:\program files\Alcohol Soft\Alcohol 52\axcmd.exe" [2007-07-02 219008]
"IncrediMail"="c:\program files\IncrediMail\bin\IncMail.exe" [2008-07-24 243072]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2007-11-06 5724184]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SiSUSBRG"="c:\windows\SiSUSBrg.exe" [2002-07-12 106496]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2008-11-26 81000]
"LogitechCommunicationsManager"="c:\program files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe" [2007-10-25 563984]
"LogitechQuickCamRibbon"="c:\program files\Logitech\QuickCam\Quickcam.exe" [2007-10-25 2178832]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-15 39792]
"Autoconfigurateur WiFi SFR"="c:\program files\Neuf\Kit\WiFi\9wifi.exe" [2008-09-01 287984]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"WIAWizardMenu"="c:\windows\system32\sti_ci.dll" [2004-08-19 138240]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2004-08-19 15360]

c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
freepopsd.exe [2008-11-01 49152]

c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
freepopsd.exe [2008-11-01 49152]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"vidc.VSPX"= vspxvfw.dll

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001
"UpdatesDisableNotify"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\WINDOWS\\system32\\sessmgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\FTP Expert 3\\ftpxpert3.exe"=
"c:\\WINDOWS\\system32\\mmc.exe"=
"c:\\Program Files\\IncrediMail\\bin\\IMApp.exe"=
"c:\\Program Files\\IncrediMail\\bin\\IncMail.exe"=
"c:\\Program Files\\IncrediMail\\bin\\ImpCnt.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\program files\Neuf\Media Center\httpd\httpd.exe"= c:\program files\Neuf\Media Center\httpd\httpd.exe:172.16.255.0/255.255.255.0,192.168.1.2/255.255.255.255:Enabled:Serveur de partage Media Center (Player Neuf Cegetel)

R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2008-06-08 111184]
R1 pctfw2;pctfw2;\??\c:\windows\system32\drivers\pctfw2.sys [2008-11-30 160792]
R1 SLEE_13_DRIVER;Steganos Live Encryption Engine 13 [Driver];\??\c:\windows\system32\drivers\SLEE13.sys [2005-10-04 16:42:36 74240]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\DRIVERS\aswFsBlk.sys [2008-06-08 20560]
R3 NETDLWL;D-Link Air Wireless Adapter(DL) NT Driver;c:\windows\system32\DRIVERS\NETDLWL.SYS [2003-11-14 183680]
S0 xmasscsi;xmasscsi;c:\windows\system32\Drivers\xmasscsi.sys []
S2 Machnm32;Machnm32 Driver;\??\c:\windows\System32\Machnm32.sys []
S3 Duntlw;UNTLW device;c:\windows\system32\Drivers\DuntlwNT.sys []
S3 fbxusb;FreeBox USB Network Adapter;c:\windows\system32\DRIVERS\fbxusb.sys [2007-12-18 18848]
S3 MEMSWEEP2;MEMSWEEP2;\??\c:\windows\system32\32.tmp []
S3 MSSQL$VLMSDE2KSP3;MSSQL$VLMSDE2KSP3;c:\program files\Microsoft SQL Server\MSSQL$VLMSDE2KSP3\Binn\sqlservr.exe -sVLMSDE2KSP3 []
S3 sdAuxService;PC Tools Auxiliary Service;c:\program files\Spyware Doctor\pctsAuxs.exe [2008-11-30 356920]
S3 SQLAgent$VLMSDE2KSP3;SQLAgent$VLMSDE2KSP3;c:\program files\Microsoft SQL Server\MSSQL$VLMSDE2KSP3\Binn\sqlagent.EXE -i VLMSDE2KSP3 []
.
Contenu du dossier 'Tâches planifiées'

2008-01-25 c:\windows\Tasks\dfrg.job
- c:\windows\system32\dfrg.msc [2001-08-28 15:00]
.
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://home.neuf.fr/
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
LSP: c:\program files\Fichiers communs\PC Tools\LSP\PCTLsp.dll

O16 -: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab
c:\windows\Downloaded Program Files\DirectAnimation Java Classes.osd

O16 -: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
c:\windows\Downloaded Program Files\Microsoft XML Parser for Java.osd
FireFox -: Profile - c:\documents and settings\Moi\Application Data\Mozilla\Firefox\Profiles\0se24t9z.default\
FF -: plugin - c:\documents and settings\All Users\Application Data\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll
FF -: plugin - c:\program files\Mozilla Firefox\plugins\npyaxmpb.dll
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-12-06 08:44:17
Windows 5.1.2600 Service Pack 2 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\MEMSWEEP2]
"ImagePath"="\??\c:\windows\system32\32.tmp"
.
--------------------- DLLs chargées dans les processus actifs ---------------------

- - - - - - - > 'lsass.exe'(860)
c:\program files\Fichiers communs\PC Tools\LSP\PCTLsp.dll
.
Heure de fin: 2008-12-06 8:45:00
ComboFix-quarantined-files.txt 2008-12-06 07:44:47
ComboFix2.txt 2008-12-06 07:37:08

Avant-CF: 66 988 834 816 octets libres
Après-CF: 66,975,440,896 octets libres

179 --- E O F --- 2008-01-09 21:58:25

Répondre à toufous35
Egwene   06-12-2008 à 12:16:41
- 0 +

:hello: Bonjour,

Rends-toi sur cette page : http://www.bleepingcomputer.com/su [...] ?channel=4 et suis les instructions pour uploader le fichier [4]-Submit_<date and time>.zip qui se situe ici > C:\Qoobox\Quarantine folder.

Une fois cela fait, reviens me le dire.

merci.

;)

Répondre à Egwene
toufous35   06-12-2008 à 13:56:51
- 0 +

Voila c'est fait à l'instant!

Euh, au passage sur la première case, j'ai mis le lien de cette page!

C'était bien çà a faire?

Message cité 1 fois
Répondre à toufous35
Egwene   06-12-2008 à 20:34:49
- 0 +

toufous35 a écrit :

Voila c'est fait à l'instant!

Euh, au passage sur la première case, j'ai mis le lien de cette page!

C'était bien çà a faire?



Oui impec' ! Merci ! :super:

Poste un nouveau rapport DDS.txt, et poste-moi le fichier attach.txt que je t'avais demandé de mettre de côté. Ensuite :

1) Télécharge MalwareByte's Anti-Malware sur ton Bureau.
Installe-le en double-cliquant sur le fichier Download_mbam-setup.exe.

Une fois l'installation et la mise à jour effectuées, redémarre en mode sans échec.
AIDE : Redémarrer en mode sans échec

  • Exécute maintenant MalwareByte's Anti-Malware. Si cela n'est pas déjà fait, sélectionne "Exécuter un examen complet".
  • Afin de lancer la recherche, clic sur"Rechercher".
  • Une fois le scan terminé, une fenêtre s'ouvre, clic sur OK. Deux possibilités s'offrent à toi :

-- si le programme n'a rien trouvé, appuie sur OK. Un rapport va apparaître, ferme-le.
-- si des infections sont présentes, clic sur "Afficher les résultats" puis sur "Supprimer la sélection". Enregistre le rapport sur ton Bureau afin de le poster dans ta prochaine réponse.
REMARQUE : Si MalwareByte's Anti-Malware a besoin de redémarrer pour terminer la suppression, accepte en cliquant sur Ok.

AIDE : Tuto en images sur MBAM

2) ~Fais une analyse antivirus en ligne sur le site de Kaspersky
http://www.kaspersky.com/kos/eng/p [...] bscan.html

  • Clique sur Accept
  • Une barre jaune va te demander si tu acceptes d'installer le Kavwebscan_Unicode.cab, installe l'Active X.
  • clique une nouvelle fois sur "Accept"
  • Les bases de mises à jour vont s'installer, patiente un moment
  • Clique sur Next.
  • Clique sur My Computer, le scan se met en route; attends la fin du scan sans fermer la fenêtre sinon il s'arrêtera. Et poste-moi le rapport que tu obtiens.


3) Télécharge Toolbar-S&D (Team IDN) sur ton Bureau.

  • Lance l'installation du programme en exécutant le fichier téléchargé.
  • Double-clique maintenant sur le raccourci de Toolbar-S&D.
  • Sélectionne la langue souhaitée en tapant la lettre de ton choix puis en validant avec la touche Entrée.
  • Choisis maintenant l'option 1 (Recherche). Patiente jusqu'à la fin de la recherche.
  • Poste le rapport généré. (C:\TB.txt)


Comment va le PC ? Toujours des problèmes ?

;)

Répondre à Egwene
toufous35   07-12-2008 à 12:34:47
- 0 +

Alors, voila deja le rapport de MalwareByte's Anti-Malware :

Malwarebytes' Anti-Malware 1.31
Database version: 1469
Windows 5.1.2600 Service Pack 2

07/12/2008 11:51:18
mbam-log-2008-12-07 (11-51-18).txt

Scan type: Full Scan (C:\|)
Objects scanned: 114939
Time elapsed: 3 hour(s), 1 minute(s), 5 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 49

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
C:\Qoobox\Quarantine\C\WINDOWS\system32\cbXPggHW.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\WINDOWS\system32\drbqxq.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\WINDOWS\system32\dyqnwjas.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\WINDOWS\system32\exqccgdg.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\WINDOWS\system32\ivbojn.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\WINDOWS\system32\jhiplcfs.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\WINDOWS\system32\jkkjjjif.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\WINDOWS\system32\lkuhydim.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\WINDOWS\system32\mhttlp.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\WINDOWS\system32\mloqfdme.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\WINDOWS\system32\omicph.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\WINDOWS\system32\sywagp.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\WINDOWS\system32\tcfvblfb.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\WINDOWS\system32\telgdaoo.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\WINDOWS\system32\tgqopc.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\WINDOWS\system32\tqgqijtx.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\WINDOWS\system32\unrbvhap.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\WINDOWS\system32\uxvdpbpc.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\WINDOWS\system32\wjlyna.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\WINDOWS\system32\wptbkadr.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\WINDOWS\system32\ylhpulra.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\WINDOWS\system32\yudybg.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\WINDOWS\system32\yxyqglan.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\WINDOWS\system32\zepusf.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{DF085163-9D13-4BC8-8D14-081C0A97CEC4}\RP2\A0000008.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{DF085163-9D13-4BC8-8D14-081C0A97CEC4}\RP2\A0000009.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{DF085163-9D13-4BC8-8D14-081C0A97CEC4}\RP2\A0000011.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{DF085163-9D13-4BC8-8D14-081C0A97CEC4}\RP2\A0000013.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{DF085163-9D13-4BC8-8D14-081C0A97CEC4}\RP2\A0000014.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{DF085163-9D13-4BC8-8D14-081C0A97CEC4}\RP2\A0000015.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{DF085163-9D13-4BC8-8D14-081C0A97CEC4}\RP2\A0000016.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{DF085163-9D13-4BC8-8D14-081C0A97CEC4}\RP2\A0000017.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{DF085163-9D13-4BC8-8D14-081C0A97CEC4}\RP2\A0000018.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{DF085163-9D13-4BC8-8D14-081C0A97CEC4}\RP2\A0000020.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{DF085163-9D13-4BC8-8D14-081C0A97CEC4}\RP2\A0000022.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{DF085163-9D13-4BC8-8D14-081C0A97CEC4}\RP2\A0000023.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{DF085163-9D13-4BC8-8D14-081C0A97CEC4}\RP2\A0000024.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{DF085163-9D13-4BC8-8D14-081C0A97CEC4}\RP2\A0000025.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{DF085163-9D13-4BC8-8D14-081C0A97CEC4}\RP2\A0000026.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{DF085163-9D13-4BC8-8D14-081C0A97CEC4}\RP2\A0000027.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{DF085163-9D13-4BC8-8D14-081C0A97CEC4}\RP2\A0000028.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{DF085163-9D13-4BC8-8D14-081C0A97CEC4}\RP2\A0000029.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{DF085163-9D13-4BC8-8D14-081C0A97CEC4}\RP2\A0000030.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{DF085163-9D13-4BC8-8D14-081C0A97CEC4}\RP2\A0000031.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{DF085163-9D13-4BC8-8D14-081C0A97CEC4}\RP4\A0000149.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{DF085163-9D13-4BC8-8D14-081C0A97CEC4}\RP4\A0000150.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{DF085163-9D13-4BC8-8D14-081C0A97CEC4}\RP4\A0000151.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{DF085163-9D13-4BC8-8D14-081C0A97CEC4}\RP4\A0000152.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\warning.gif (Trojan.FakeAlert) -> Quarantined and deleted successfully.


Au passage, mon Pc me semblait revenu à la normale! mais c'était pas l'avis de Malware!!!!!

Au passage, il me reste une anomalie!

Au chargement, freepop indique l'absence d'une DLL mais qui à priori n'a pas l'air de gêner son fonctionnement car je reçois malgré tout mes Emails Hotmails sur mon IncrédiMail!

Autre chose, une impression que le chargement Windows va plus vite!

Répondre à toufous35
Egwene   07-12-2008 à 12:37:02
- 0 +

Re,

MBAM était d'accord avec moi, il a seulement vider des zones de quarantaine que j'avais remplies :D

Fais la suite, je te dirai quoi faire ensuite.

;)

Répondre à Egwene
toufous35   07-12-2008 à 14:01:22
- 0 +

Kaspersky me donne:

KASPERSKY ONLINE SCANNER 7 REPORT
Sunday, December 7, 2008
Operating System: Microsoft Windows XP Professional Service Pack 2 (build 2600)
Kaspersky Online Scanner 7 version: 7.0.25.0
Program database last update: Sunday, December 07, 2008 03:56:00
Records in database: 1441542
Scan settings
Scan using the following database extended
Scan archives yes
Scan mail databases yes
Scan area My Computer
A:\
C:\
D:\
E:\
F:\
V:\
W:\
X:\
Y:\
Scan statistics
Files scanned 70633
Threat name 1
Infected objects 2
Suspicious objects 0
Duration of the scan 01:40:06

File name Threat name Threats count
C:\Qoobox\Quarantine\[4]-Submit_2008-12-06@8.28.zip Infected: Trojan.Win32.Monder.aanc 1
C:\System Volume Information\_restore{DF085163-9D13-4BC8-8D14-081C0A97CEC4}\RP4\A0000145.dll Infected: Trojan.Win32.Monder.aanc 1
The selected area was scanned.

Répondre à toufous35
toufous35   07-12-2008 à 14:05:47
- 0 +

Voila le rapport TB:


-----------\\ ToolBar S&D 1.2.6 XP/Vista

Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 2
X86-based PC ( Uniprocessor Free : AMD Athlon(tm) 64 Processor 3000+ )
BIOS : Default System BIOS
USER : Moi ( Administrator )
BOOT : Normal boot
Antivirus : avast! antivirus 4.8.1296 [VPS 081206-0] 4.8.1296 (Activated)
A:\ (USB)
C:\ (Local Disk) - NTFS - Total:152 Go (Free:62 Go)
D:\ (CD or DVD) - CDFS - Total:0 Go (Free:0 Go)
E:\ (CD or DVD)
F:\ (CD or DVD)
V:\ (USB)
W:\ (USB)
X:\ (USB)
Y:\ (USB)

"C:\ToolBar SD" ( MAJ : 04-12-2008|20:40 )
Option : [1] ( 07/12/2008|14:05 )

-----------\\ Recherche de Fichiers / Dossiers ...


-----------\\ [..\Internet Explorer\Main]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://home.neuf.fr/"
"Local Page"="C:\\windows\\system32\\blank.htm"
"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Default_Search_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Local Page"="C:\\windows\\system32\\blank.htm"
"Start Page"="http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home"


--------------------\\ Recherche d'autres infections

--------------------\\ Cracks & Keygens ..

C:\DOCUME~1\Moi\Local Settings\Application Data\ApplicationHistory\pl7 4.5 crack(1).exe.cb0d79ce.ini
C:\DOCUME~1\Moi\Local Settings\Application Data\ApplicationHistory\pl7 4.5 crack.exe.dcb8e35a.ini
C:\DOCUME~1\Moi\Mes documents\Alcohol ISO\Trivial Pursuit Dejante\TPUKeygen.exe
C:\DOCUME~1\Moi\Mes documents\S‚curit‚\Crack windows PIrate.exe
C:\DOCUME~1\Moi\Mes documents\S‚curit‚\WinRAR v3.20 fr+Crack.exe



1 - "C:\ToolBar SD\TB_1.txt" - 07/12/2008|14:05 - Option : [1]

-----------\\ Fin du rapport a 14:05:56,28

Répondre à toufous35
Egwene   07-12-2008 à 15:01:12
- 0 +

Citation :

C:\DOCUME~1\Moi\Local Settings\Application Data\ApplicationHistory\pl7 4.5 crack(1).exe.cb0d79ce.ini
C:\DOCUME~1\Moi\Local Settings\Application Data\ApplicationHistory\pl7 4.5 crack.exe.dcb8e35a.ini
C:\DOCUME~1\Moi\Mes documents\Alcohol ISO\Trivial Pursuit Dejante\TPUKeygen.exe
C:\DOCUME~1\Moi\Mes documents\S‚curit‚\Crack windows PIrate.exe
C:\DOCUME~1\Moi\Mes documents\S‚curit‚\WinRAR v3.20 fr+Crack.exe



Voilà l'origine de l'infection :non:

Je te conseille de désinstaller et de supprimer tous tes logiciels de p2p : 50% de ce que tu télécharges via p2p est piégé. Le p2p est le premier vecteur d'infection de nos jours.
Plus d'informations disponibles en cliquant sur le lien suivant : Cracks / P2P

Télécharge OTMoveIt3 (OldTimer). Sauvegarde-le sur ton Bureau.
Copie (Ctrl+C) le texte se situant dans le cadre ci-dessous :

:processes
explorer.exe

:files
C:\DOCUME~1\Moi\Local Settings\Application Data\ApplicationHistory\pl7 4.5 crack(1).exe.cb0d79ce.ini
C:\DOCUME~1\Moi\Local Settings\Application Data\ApplicationHistory\pl7 4.5 crack.exe.dcb8e35a.ini
C:\DOCUME~1\Moi\Mes documents\Alcohol ISO\Trivial Pursuit Dejante\TPUKeygen.exe
C:\DOCUME~1\Moi\Mes documents\S‚curit‚\Crack windows PIrate.exe
C:\DOCUME~1\Moi\Mes documents\S‚curit‚\WinRAR v3.20 fr+Crack.exe

:commands
[purity]
[emptytemp]
[start explorer]



Double clique sur OTMoveIt3.exe afin de le lancer.
Colle (ou Ctrl+V) le texte précédemment copié dans le cadre Paste Instructions for Items to be Moved.
Clique maintenant sur le bouton MoveIt! puis ferme OTMoveIt3.

Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
Accepte en cliquant sur YES.

Poste le rapport situé dans ce dossier : C:\_OTMoveIt\MovedFiles\
Le nom du rapport correspond au moment de sa création : date_heure.log

Refais un scan avec DDS et poste-moi le nouveau rapport. Poste-moi aussi le rapport attach.txt que je t'avais demandé de mettre de côté.

;)

Répondre à Egwene
toufous35   07-12-2008 à 15:16:35
- 0 +

Alors OTMoveIt3 me log çà :

========== PROCESSES ==========
Process explorer.exe killed successfully.
========== FILES ==========
C:\DOCUME~1\Moi\Local Settings\Application Data\ApplicationHistory\pl7 4.5 crack(1).exe.cb0d79ce.ini moved successfully.
C:\DOCUME~1\Moi\Local Settings\Application Data\ApplicationHistory\pl7 4.5 crack.exe.dcb8e35a.ini moved successfully.
C:\DOCUME~1\Moi\Mes documents\Alcohol ISO\Trivial Pursuit Dejante\TPUKeygen.exe moved successfully.
File/Folder C:\DOCUME~1\Moi\Mes documents\S‚curit‚\Crack windows PIrate.exe not found.
File/Folder C:\DOCUME~1\Moi\Mes documents\S‚curit‚\WinRAR v3.20 fr+Crack.exe not found.
========== COMMANDS ==========
File delete failed. C:\DOCUME~1\Moi\LOCALS~1\Temp\etilqs_bcxQTyEN9pxP7KDlPRki scheduled to be deleted on reboot.
User's Temp folder emptied.
User's Temporary Internet Files folder emptied.
User's Internet Explorer cache folder emptied.
Local Service Temp folder emptied.
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
Local Service Temporary Internet Files folder emptied.
File delete failed. C:\WINDOWS\temp\_avast4_\Webshlock.txt scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\Perflib_Perfdata_67c.dat scheduled to be deleted on reboot.
Windows Temp folder emptied.
Java cache emptied.
File delete failed. C:\Documents and Settings\Moi\Local Settings\Application Data\Mozilla\Firefox\Profiles\0se24t9z.default\Cache\_CACHE_001_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Moi\Local Settings\Application Data\Mozilla\Firefox\Profiles\0se24t9z.default\Cache\_CACHE_002_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Moi\Local Settings\Application Data\Mozilla\Firefox\Profiles\0se24t9z.default\Cache\_CACHE_003_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Moi\Local Settings\Application Data\Mozilla\Firefox\Profiles\0se24t9z.default\Cache\_CACHE_MAP_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Moi\Local Settings\Application Data\Mozilla\Firefox\Profiles\0se24t9z.default\urlclassifier3.sqlite scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Moi\Local Settings\Application Data\Mozilla\Firefox\Profiles\0se24t9z.default\XUL.mfl scheduled to be deleted on reboot.
FireFox cache emptied.
Temp folders emptied.
Explorer started successfully

OTMoveIt3 by OldTimer - Version 1.0.7.2 log created on 12072008_150715

Files moved on Reboot...
File C:\DOCUME~1\Moi\LOCALS~1\Temp\etilqs_bcxQTyEN9pxP7KDlPRki not found!
File move failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be moved on reboot.
File move failed. C:\WINDOWS\temp\_avast4_\Webshlock.txt scheduled to be moved on reboot.
C:\WINDOWS\temp\Perflib_Perfdata_67c.dat moved successfully.
C:\Documents and Settings\Moi\Local Settings\Application Data\Mozilla\Firefox\Profiles\0se24t9z.default\Cache\_CACHE_001_ moved successfully.
C:\Documents and Settings\Moi\Local Settings\Application Data\Mozilla\Firefox\Profiles\0se24t9z.default\Cache\_CACHE_002_ moved successfully.
C:\Documents and Settings\Moi\Local Settings\Application Data\Mozilla\Firefox\Profiles\0se24t9z.default\Cache\_CACHE_003_ moved successfully.
C:\Documents and Settings\Moi\Local Settings\Application Data\Mozilla\Firefox\Profiles\0se24t9z.default\Cache\_CACHE_MAP_ moved successfully.
C:\Documents and Settings\Moi\Local Settings\Application Data\Mozilla\Firefox\Profiles\0se24t9z.default\urlclassifier3.sqlite moved successfully.
C:\Documents and Settings\Moi\Local Settings\Application Data\Mozilla\Firefox\Profiles\0se24t9z.default\XUL.mfl moved successfully.


DDS.TXT:

========== PROCESSES ==========
Process explorer.exe killed successfully.
========== FILES ==========
C:\DOCUME~1\Moi\Local Settings\Application Data\ApplicationHistory\pl7 4.5 crack(1).exe.cb0d79ce.ini moved successfully.
C:\DOCUME~1\Moi\Local Settings\Application Data\ApplicationHistory\pl7 4.5 crack.exe.dcb8e35a.ini moved successfully.
C:\DOCUME~1\Moi\Mes documents\Alcohol ISO\Trivial Pursuit Dejante\TPUKeygen.exe moved successfully.
File/Folder C:\DOCUME~1\Moi\Mes documents\S‚curit‚\Crack windows PIrate.exe not found.
File/Folder C:\DOCUME~1\Moi\Mes documents\S‚curit‚\WinRAR v3.20 fr+Crack.exe not found.
========== COMMANDS ==========
File delete failed. C:\DOCUME~1\Moi\LOCALS~1\Temp\etilqs_bcxQTyEN9pxP7KDlPRki scheduled to be deleted on reboot.
User's Temp folder emptied.
User's Temporary Internet Files folder emptied.
User's Internet Explorer cache folder emptied.
Local Service Temp folder emptied.
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
Local Service Temporary Internet Files folder emptied.
File delete failed. C:\WINDOWS\temp\_avast4_\Webshlock.txt scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\Perflib_Perfdata_67c.dat scheduled to be deleted on reboot.
Windows Temp folder emptied.
Java cache emptied.
File delete failed. C:\Documents and Settings\Moi\Local Settings\Application Data\Mozilla\Firefox\Profiles\0se24t9z.default\Cache\_CACHE_001_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Moi\Local Settings\Application Data\Mozilla\Firefox\Profiles\0se24t9z.default\Cache\_CACHE_002_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Moi\Local Settings\Application Data\Mozilla\Firefox\Profiles\0se24t9z.default\Cache\_CACHE_003_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Moi\Local Settings\Application Data\Mozilla\Firefox\Profiles\0se24t9z.default\Cache\_CACHE_MAP_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Moi\Local Settings\Application Data\Mozilla\Firefox\Profiles\0se24t9z.default\urlclassifier3.sqlite scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Moi\Local Settings\Application Data\Mozilla\Firefox\Profiles\0se24t9z.default\XUL.mfl scheduled to be deleted on reboot.
FireFox cache emptied.
Temp folders emptied.
Explorer started successfully

OTMoveIt3 by OldTimer - Version 1.0.7.2 log created on 12072008_150715

Files moved on Reboot...
File C:\DOCUME~1\Moi\LOCALS~1\Temp\etilqs_bcxQTyEN9pxP7KDlPRki not found!
File move failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be moved on reboot.
File move failed. C:\WINDOWS\temp\_avast4_\Webshlock.txt scheduled to be moved on reboot.
C:\WINDOWS\temp\Perflib_Perfdata_67c.dat moved successfully.
C:\Documents and Settings\Moi\Local Settings\Application Data\Mozilla\Firefox\Profiles\0se24t9z.default\Cache\_CACHE_001_ moved successfully.
C:\Documents and Settings\Moi\Local Settings\Application Data\Mozilla\Firefox\Profiles\0se24t9z.default\Cache\_CACHE_002_ moved successfully.
C:\Documents and Settings\Moi\Local Settings\Application Data\Mozilla\Firefox\Profiles\0se24t9z.default\Cache\_CACHE_003_ moved successfully.
C:\Documents and Settings\Moi\Local Settings\Application Data\Mozilla\Firefox\Profiles\0se24t9z.default\Cache\_CACHE_MAP_ moved successfully.
C:\Documents and Settings\Moi\Local Settings\Application Data\Mozilla\Firefox\Profiles\0se24t9z.default\urlclassifier3.sqlite moved successfully.
C:\Documents and Settings\Moi\Local Settings\Application Data\Mozilla\Firefox\Profiles\0se24t9z.default\XUL.mfl moved successfully.


Attach.txt :


UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Version 1.0)

Microsoft Windows XP Professionnel
Boot Device: \Device\HarddiskVolume1
Install Date: 05/08/2006 15:26:53
System Uptime: 12/07/2008 15:10:01 (3552 hours ago)

Motherboard: TBD | | K8S8X
Processor: AMD Athlon(tm) 64 Processor 3000+ | CPU 1 | 1995/200mhz

==== Disk Partitions =========================

A: is Removable
C: is FIXED (NTFS) - 153 GiB total, 62,437 GiB free.
D: is CDROM (CDFS)
E: is CDROM ()
F: is CDROM ()
V: is Removable
W: is Removable
X: is Removable
Y: is Removable

==== Disabled Device Manager Items =============

Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: SiS 900-Based PCI Fast Ethernet Adapter
Device ID: PCI\VEN_1039&DEV_0900&SUBSYS_09001849&REV_90\3&267A616A&0&20
Manufacturer: SiS
Name: SiS 900-Based PCI Fast Ethernet Adapter
PNP Device ID: PCI\VEN_1039&DEV_0900&SUBSYS_09001849&REV_90\3&267A616A&0&20
Service: SISNIC

==== System Restore Points ===================

RP1: 05/12/2008 19:46:22 - Point de vérification système
RP2: 05/12/2008 19:46:22 - ComboFix created restore point
RP3: 05/12/2008 19:46:31 - Last known good configuration
RP4: 06/12/2008 08:27:54 - ComboFix created restore point
RP5: 06/12/2008 08:42:38 - ComboFix created restore point

==== Installed Programs ======================

9Giga Synchro v2.9.0
Adobe Flash Player 10 Plugin
Adobe Reader 8.1.3 - Français
Adobe Shockwave Player
Archiveur WinRAR
Assistant de connexion Windows Live
ATI - Utilitaire de désinstallation du logiciel
AusLogics Disk Defrag
avast! Antivirus
Bibliothèques GTK+ 2.6.9 rev a (supprimer uniquement)
BzTarot 1.02
C-Media 3D Audio
C-Media WDM Audio Driver
CanoScan Toolbox 4.1
Cariboost 2.0
CCleaner (remove only)
Civilization III
Civilization III: Conquests
Coffret de pilotes Logitech Legacy USB Camera
Coffret de pilotes Logitech QuickCam
DD Tournament Poker 1.0
eMule
Final Fantasy VII
FTP Expert 3
Garmin City Navigator Europe NT 2008 Update
Garmin Communicator Plugin
Google Earth
Google SketchUp 6
HP Deskjet 3840
HP Deskjet 3840 Series
HP Software Update
HTML Help Workshop
IncrediMail Xe
J2SE Runtime Environment 5.0 Update 11
Java(TM) 6 Update 3
Java(TM) 6 Update 4
Java(TM) 6 Update 5
Java(TM) 6 Update 7
Java(TM) SE Runtime Environment 6 Update 1
KC Softwares VideoInspector
Logiciel iTouch de Logitech
Logitech MouseWare 9.79
Logitech QuickCam
LOGO!Soft Comfort V6.0
Malwarebytes' Anti-Malware
MediaInfo 0.7.5.1
Messenger Plus! Live
MiCôSystème
Microsoft .NET Framework 1.1
Microsoft .NET Framework 2.0 Service Pack 1
Microsoft .NET Framework 2.0 Service Pack 1 Language Pack - FRA
Microsoft Office Professional Edition 2003
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft SQL Server Desktop Engine (VLMSDE2KSP3)
Microsoft Visual C++ 2005 Redistributable
Mise à jour de sécurité pour Windows XP (KB923789)
Mozilla Firefox (3.0.4)
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 6.0 Parser (KB933579)
MVision
Neuf - Media Center
NSIS FreePOPs (remove only)
OpenOffice.org 2.4
OpenOffice.org 2.4 Language Pack (Français)
QuickTime Alternative 2.3.0
RealPlayer
SafeCast Shared Components
Security Update for CAPICOM (KB931906)
SFR - Kit de connexion
SiS 900 PCI Fast Ethernet Adapter Driver
Spelling Dictionaries Support For Adobe Reader 8
UxTheme Multipatcher Fr
VideoLAN VLC media player 0.8.6i
WebFldrs XP
Webshots Desktop
Windows Genuine Advantage Notifications (KB905474)
Windows Live installer
Windows Live Messenger
XML Paper Specification Shared Components Pack 1.0
Xvid 1.1.2 final uninstall
YAMAHA SoftSynthesizer S-YXG70

==== Event Viewer Messages ===================


==== End Of File ===========================

Répondre à toufous35
Egwene   07-12-2008 à 16:54:45
- 0 +

Re,

1) Désinstalle via Ajout/Suppression de Programmes (si présents) :

  • Adobe Reader 8.1.3 - Français
  • eMule


Je te conseille de désinstaller et de supprimer tous tes logiciels de p2p : 50% de ce que tu télécharges via p2p est piégé. Le p2p est le premier vecteur d'infection de nos jours.
Plus d'informations disponibles en cliquant sur le lien suivant : Cracks / P2P

Tu es en train d'utiliser une vieille version de Adobe Acrobat Reader : cela peut constituer une faille de sécurité, c'est-à-dire une brèche dans ton système qu'un pirate pourrait exploiter. Tu peux le mettre à jour ici :
http://www.adobe.com/products/acrobat/readstep2.html

2) Télécharge JavaRa.zip de Paul 'Prm753' McLain et Fred de Vries.

  • Décompresse le fichier sur le bureau (clic droit > Extraire tout)
  • Double-cliquer sur le répertoire JavaRa.
  • Puis double-cliquer sur le fichier JavaRa.exe (le exe peut ne pas s'afficher)
  • Clique sur Search For Updates.
  • Sélectionner Update Using jucheck.exe puis cliquer sur Search.
  • Autorise le processus à se connecter s'il le demande, cliquer sur Install et suivre les instructions d'installation qui prennent quelques minutes.
  • L'installation est terminée, revenez à l'écran de JavaRa et clique sur Remove Older Versions.
  • Clique sur Oui pour confirmer. Laisse travailler et cliquez ensuite sur Ok, puis une deuxième fois sur Ok.
  • Un rapport va s'ouvrir à copier-coller dans la prochaine réponse.
  • Fermer l'application

Note : le rapport se trouve aussi à la racine de la partition système, en général C:\ sous le nom JavaRa.log

Comment va le PC ? Toujours des problèmes ?

;)

Répondre à Egwene
toufous35   07-12-2008 à 17:52:59
- 0 +

Alors, voila le rapport de JavaRa:

JavaRa 1.11 Removal Log.

Report follows after line.

------------------------------------

The JavaRa removal process was started on Sun Dec 07 17:49:25 2008

Found and removed: C:\Program Files\Java\jre1.5.0_11

Found and removed: C:\Program Files\Java\jre1.6.0_01

Found and removed: C:\Program Files\Java\jre1.6.0_02

Found and removed: C:\Program Files\Java\jre1.6.0_03

Found and removed: C:\Program Files\Java\jre1.6.0_04

Found and removed: C:\Program Files\Java\jre1.6.0_05

Found and removed: C:\Program Files\Java\jre1.6.0_07

Found and removed: Software\JavaSoft\Java2D\1.5.0_03

Found and removed: Software\JavaSoft\Java2D\1.5.0_11

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\Installer\Features\8A0F842331866D117AB7000B0D511001

Found and removed: SOFTWARE\Classes\Installer\Products\8A0F842331866D117AB7000B0D511001

Found and removed: SOFTWARE\Classes\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D511001

Found and removed: SOFTWARE\Classes\JavaPlugin.150_11

Found and removed: SOFTWARE\Classes\JavaWebStart.isInstalled.1.5.0.0

Found and removed: SOFTWARE\JavaSoft\Java Plug-in\1.5.0_11

Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.5

Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.5.0_11

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ACBB9B2318A96D117A58000B0D511001

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8A0F842331866D117AB7000B0D511001

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3248F0A8-6813-11D6-A77B-00B0D0150110}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBC}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBC}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBC}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBC}

Found and removed: SOFTWARE\Classes\Installer\Features\8A0F842331866D117AB7000B0D610001

Found and removed: SOFTWARE\Classes\Installer\Features\8A0F842331866D117AB7000B0D610003

Found and removed: SOFTWARE\Classes\Installer\Features\8A0F842331866D117AB7000B0D610004

Found and removed: SOFTWARE\Classes\Installer\Features\8A0F842331866D117AB7000B0D610005

Found and removed: SOFTWARE\Classes\Installer\Products\8A0F842331866D117AB7000B0D610001

Found and removed: SOFTWARE\Classes\Installer\Products\8A0F842331866D117AB7000B0D610003

Found and removed: SOFTWARE\Classes\Installer\Products\8A0F842331866D117AB7000B0D610004

Found and removed: SOFTWARE\Classes\Installer\Products\8A0F842331866D117AB7000B0D610005

Found and removed: SOFTWARE\Classes\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D610001

Found and removed: SOFTWARE\Classes\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D610003

Found and removed: SOFTWARE\Classes\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D610004

Found and removed: SOFTWARE\Classes\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D610005

Found and removed: SOFTWARE\Classes\JavaPlugin.160_01

Found and removed: SOFTWARE\Classes\JavaPlugin.160_03

Found and removed: SOFTWARE\Classes\JavaPlugin.160_04

Found and removed: SOFTWARE\Classes\JavaPlugin.160_05

Found and removed: SOFTWARE\JavaSoft\Java Plug-in\1.6.0_01

Found and removed: SOFTWARE\JavaSoft\Java Plug-in\1.6.0_03

Found and removed: SOFTWARE\JavaSoft\Java Plug-in\1.6.0_04

Found and removed: SOFTWARE\JavaSoft\Java Plug-in\1.6.0_05

Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.6.0_01

Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.6.0_03

Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.6.0_04

Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.6.0_05

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D610001

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D610003

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D610004

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D610005

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ACBB9B2318A96D117A58000B0D610001

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ACBB9B2318A96D117A58000B0D610003

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ACBB9B2318A96D117A58000B0D610004

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ACBB9B2318A96D117A58000B0D610005

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8A0F842331866D117AB7000B0D610001

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8A0F842331866D117AB7000B0D610003

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8A0F842331866D117AB7000B0D610004

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8A0F842331866D117AB7000B0D610005

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3248F0A8-6813-11D6-A77B-00B0D0160010}

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3248F0A8-6813-11D6-A77B-00B0D0160030}

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3248F0A8-6813-11D6-A77B-00B0D0160040}

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3248F0A8-6813-11D6-A77B-00B0D0160050}

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.5.0_11

Found and removed: Software\Classes\JavaPlugin.160_01

Found and removed: Software\Classes\JavaPlugin.160_03

Found and removed: Software\Classes\JavaPlugin.160_04

Found and removed: Software\Classes\JavaPlugin.160_05

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0003-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0004-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0005-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.5.0_11\

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_01\

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_02\

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_03\

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_04\

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_05\

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_01\bin\

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_03\bin\

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_04\bin\

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_05\bin\

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_02

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_03

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_04

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.2

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.2.0_01

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.6.0_01

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.6.0_03

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.6.0_04

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.6.0_05

Found and removed: Software\JavaSoft\Java2D\1.6.0_01

Found and removed: Software\JavaSoft\Java2D\1.6.0_03

Found and removed: Software\JavaSoft\Java2D\1.6.0_05

Found and removed: Software\JavaSoft\Java Runtime Environment\1.6.0_01

Found and removed: Software\JavaSoft\Java Runtime Environment\1.6.0_03

Found and removed: Software\JavaSoft\Java Runtime Environment\1.6.0_05

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0000-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0022-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0022-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0023-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0023-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0024-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0024-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0025-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0025-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0026-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0026-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0027-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0027-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0028-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0028-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0029-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0029-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0030-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0030-ABCDEFFEDCBB}

JavaRa 1.11 Removal Log.

Report follows after line.

------------------------------------

The JavaRa removal process was started on Sun Dec 07 17:50:21 2008

------------------------------------

Finished reporting.



A priori, je n'est plus de problème!

Je peux désinstaller tout les programmes que tu m'a fait charger?

Répondre à toufous35
toufous35   07-12-2008 à 17:56:33
- 0 +

Ah!

En regardant dans "ajout/suppression de programme",

dans les Java, il m'a laisse le Java 6 Update 7 de 114 Mo.

Normal ou a viré manuellement ?

Sinon, j'attends 2 jours pour être sur que tout va bien et si ok, je mais en résolu.

Et encore Merci.

Répondre à toufous35
Egwene   07-12-2008 à 19:26:51
- 0 +

Re,

Supprime la version de java ancienne qui reste.

Suis ces étapes pour désinstaller proprement combofix et les tools que nous avons utilisés pendant la désinfection

  • Menu démarrer puis exécuter
  • Tape maintenant Combofix /u dans la fenêtre que apparaît puis valide par OK. Veille à bien laisser un espace entre le X et le /U, car cela est nécessaire ici.

http://i189.photobucket.com/albums/z176/EPL47/CF_Cleanup.png

***

Prévention :

- Nettoyage des fichiers temporaires :

Télécharge Ccleaner sur ton Bureau.

  • Clique sur "download the latest version"
  • Installe-le en laissant seulement les options suivantes cochées :

- Ajouter un raccourci sur le Bureau
- Contrôler automatiquement les mises à jour de CCleaner

  • Lance le Nettoyage
  • Clique sur Chercher des erreurs et sauvegarde si tu le souhaites.


Aide : Comment utiliser CCleaner.


Telecharge ATFcleaner sur ton Bureau.

  • Double-clique sur l'exécutable téléchargé.
  • Dans l'onglet Main, coche simplement la case Select All (toutes les cases vont se cocher) puis sur le bouton Empty Selected.
  • Si tu possèdes Firefox ou Opera comme navigateur, pense à choisir ton navigateur en haut a gauche avant de sélectionner Select All puis Empty Selected.
  • Puis réponds Non au message qui s'affiche, si tu ne souhaites pas perdre tes mots de passe.


Aide : Comment utiliser AFTCleaner.

-- Restauration Système :

Désactive-Réactive la restauration système.

Méthode XP :
Clique sur Démarrer, fais un clique droit sur le Poste de travail puis clique sur Propiétés. Sélectionne l'onglet Restauration du Système.
Dans cet onglet, coche la case Désactiver la Restauration du système sur tous les lecteurs.
Un message de confirmation va apparaître. Clique sur Oui, puis OK. Fais redémarrer ton ordinateur pour que les changements soient bien pris en compte.
Pour réactiver la restauration système, il suffit de décocher cette même case et de faire redémarrer ton ordinateur (en ayant suivi les mêmes étapes).

Méthode Vista :
Clique sur Démarrer, fais un clique droit sur Ordinateur, puis clique sur Propriétés. Clique à gauche sur Paramètres système avancés. Sélectionne l'onglet Protection du Système.
Dans cet onglet, décoche (une par une) tes partitions, un message de confirmation va apparaître, clique sur Désactiver la protection du système, Clique sur Appliquer, puis OK.
Fais redémarrer ton ordinateur pour que les changements soient bien pris en compte.
Pour réactiver la restauration système, il suffit de décocher cette même case et de faire redémarrer ton ordinateur (en ayant suivi les mêmes étapes).

Aide : Comment Désactiver-Réactiver la Restauration Système.

--- Affichage normal des fichiers :

Clique sur le menu Demarrer /Panneau de configuration/Options des dossiers/ puis dans l'onglet Affichage
- Décoche Afficher les fichiers et dossiers cachés
- Coche Masquer les fichiers protégés du système d'exploitation (recommandé)
clique sur Appliquer, puis OK.

---- Suppression des outils installés :

Télécharge ToolsCleaner2 (de A.Rothstein)

  • Installe le sur ton Bureau.
  • Clique sur Recherche pour lancer le scan.
  • Clique sur Supprimer pour nettoyer les outils utilisés.
  • Clique sur Quitter.
  • Supprime maintenant ToolsCleaner.


----- Remise en place des protections, protection du système avec les Mises à Jour ! :

Je t'invite maintenant à (ré)activer toutes tes protections résidentes (Antivirus, Antispyware, Firewall..).
Tu dois avoir accès à tes protections dans la zone systray à côté de la barre des tâches. Si tu as des difficultés, n'hésite pas à me questionner !
Si ce n'est pas fait, assure-toi que les Mises à jour Automatiques Windows soient activées !
Mets tes Softwares correctement à jour (Java, Adobe, Flash ..) grâce à Sotware Inspector (chez Secunia)

Un petit mot à propos de Java :

Une fois la nouvelle version téléchargée, installe-la et fais redémarrer ton ordinateur.
Hélas, les anciennes version de Java (qui contiennent des failles, donc dangereuses !) sont toujours présentes !
C'est donc très important que tu désinstalles les anciennes versions de Java.

  • Va dans Démarrer, Panneau de Configuration, Ajout/Suppression de Programmes
  • Déinstalles toutes les versions de Java exceptée la plus récente.


Aide : Comment utiliser Secunia Software Inspector.

------ Ton infection, tu la dénonces ? :

Tu n'es pas obligé mais ce serait bien que tu rapportes ton infection sur Malware Complaints

  • Ton(tes) infection(s) : Vundo.
  • Si tu ne la trouves pas dans la liste, poste dans Autres infections.


Aide : Comment dénoncer mon infection sur Malware Complaints.

Ajoute maintenant [Résolu] au titre. Pour cela :
* Clique, dans ton premier message, sur le bouton "Editer" http://img.infos-du-net.com/forum/themes_static/images_forum/3/edit.gif
* Rajoute la mention [Résolu] au titre
* Clique ensuite sur "Valider votre message"

Je t'invite maintenant à regarder ces dossiers très instructifs en terme de prévention !

- Sécurité/Prévention
- Conséquences de la multi-protection
- Toolbars : Inutilité et ralentissements

Bonne journée/soirée :)

------------------------------ Prière de signaler si vous vous faites déjà aider sur un autre forum ou dans un autre topic.

Sécurité / Prévention
Répondre à Egwene
Créer un nouveau sujet Répondre
Tom's Guide > Forum > Sécurité - Virus > [RESOLU] plusieurs infection diverses
Aller à :

Il y a 318 utilisateurs connus et inconnus. Pour voir la liste des connectés connus, cliquez ici.

Plan du forum
Forum Bestofmedia ©
2000-2009 Bestofmedia Group
Page générée en 0,585 secondes
Attention

Vous allez répondre sur un sujet resté inactif pendant plus de 6 mois.
Assurez-vous d'apporter des éléments nouveaux à la discussion avant de poursuivre.

Répondre Annuler
Liens