Votre question

virus your privacy is in danger

Tags :
  • Windows
  • Sécurité
Dernière réponse : dans Sécurité et virus
18 Octobre 2007 18:28:17

bonjour,

j ai besoin d'aide pour enlever un virus win32 trojan gen et other, j ai aussi un ecran rouge en fond d'ecran avec ecrit "your privacy is in danger".
Avast dit que je suis infecté par win32 trojan mais ne l enleve pas...

SmitFraudFix v2.240

Rapport fait à 17:04:24,68, 18/10/2007
Executé à partir de C:\Documents and Settings\Moi\Bureau\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Le type du système de fichiers est FAT32
Fix executé en mode normal

»»»»»»»»»»»»»»»»»»»»»»»» Process

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\brsvc01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\brss01a.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
c:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\AsGHost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\ATK0100\HControl.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\system32\RunDLL32.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
C:\Program Files\ASUS\PowerForPhone\PowerForPhone.exe
C:\Program Files\ASUS\ASUS Live Update\ALU.exe
C:\Program Files\ASUS\Splendid\ACMON.exe
C:\Program Files\Wireless Console 2\wcourier.exe
C:\Program Files\ASUS\ATK Media\DMEDIA.EXE
C:\WINDOWS\system32\ACEngSvr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\ASUSTeK\ASUSDVD\PDVDServ.exe
C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\ATK0100\ATKOSD.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\PowerISO\PWRISOVM.EXE
C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\ASUS\Net4Switch\Net4Switch.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\ASUS\Asus MultiFrame\MultiFrame.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosBtProc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\cmd.exe

»»»»»»»»»»»»»»»»»»»»»»»» hosts

Fichier hosts corrompu !

127.0.0.1 legal-at-spybot.info
127.0.0.1 www.legal-at-spybot.info

»»»»»»»»»»»»»»»»»»»»»»»» C:\


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS

C:\WINDOWS\msmhost.dll PRESENT !
C:\WINDOWS\privacy_danger PRESENT !

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32


»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Moi


»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Moi\Application Data


»»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer


»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\MOI\FAVORIS


»»»»»»»»»»»»»»»»»»»»»»»» Bureau


»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files


»»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues


»»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]
"Source"="about:home"
"SubscribedURL"="about:home"
"FriendlyName"="my current home page"


»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll


»»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="APSHook.dll"


»»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"System"=""


»»»»»»»»»»»»»»»»»»»»»»»» Rustock



»»»»»»»»»»»»»»»»»»»»»»»» DNS

Description: WAN (PPP/SLIP) Interface
DNS Server Search Order: 80.10.246.1
DNS Server Search Order: 81.253.149.10

HKLM\SYSTEM\CCS\Services\Tcpip\..\{064A0136-A027-42E9-ADCC-707664ECC3DE}: NameServer=80.10.246.1 81.253.149.10
HKLM\SYSTEM\CS1\Services\Tcpip\..\{064A0136-A027-42E9-ADCC-707664ECC3DE}: NameServer=80.10.246.1 81.253.149.10


»»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll


»»»»»»»»»»»»»»»»»»»»»»»» Fin


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:12:13, on 18/10/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\brsvc01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\brss01a.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
c:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\AsGHost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\ATK0100\HControl.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\system32\RunDLL32.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
C:\Program Files\ASUS\PowerForPhone\PowerForPhone.exe
C:\Program Files\ASUS\ASUS Live Update\ALU.exe
C:\Program Files\ASUS\Splendid\ACMON.exe
C:\Program Files\Wireless Console 2\wcourier.exe
C:\Program Files\ASUS\ATK Media\DMEDIA.EXE
C:\WINDOWS\system32\ACEngSvr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\ASUSTeK\ASUSDVD\PDVDServ.exe
C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\ATK0100\ATKOSD.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\PowerISO\PWRISOVM.EXE
C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\ASUS\Net4Switch\Net4Switch.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\ASUS\Asus MultiFrame\MultiFrame.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosBtProc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\WANADOO\SEARCH~1.DLL (file missing)
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: MSVPS System - {480598DD-AE28-48B7-82F7-6ADDA1AA6B66} - C:\WINDOWS\ntspknlg.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {6136C646-9AE1-365B-8AE9-068A02B746F2} - C:\Program Files\ctzpmwmc\lwccmpmz.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: ASUS Security Protect Manager - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - c:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\ItIEAddIn.dll
O3 - Toolbar: The optnet - {B02534D7-8D91-49BE-A864-97DFB8E0BAB4} - C:\WINDOWS\optnet.dll (file missing)
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [HControl] C:\WINDOWS\ATK0100\HControl.exe
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
O4 - HKLM\..\Run: [PowerForPhone] C:\Program Files\ASUS\PowerForPhone\PowerForPhone.exe
O4 - HKLM\..\Run: [ASUS Live Update] C:\Program Files\ASUS\ASUS Live Update\ALU.exe
O4 - HKLM\..\Run: [CognizanceTS] rundll32.exe c:\PROGRA~1\ASUSSE~1\ASUSSE~1\Bin\ASTSVCC.dll,RegisterModule
O4 - HKLM\..\Run: [ACMON] C:\Program Files\ASUS\Splendid\ACMON.exe
O4 - HKLM\..\Run: [Wireless Console 2] C:\Program Files\Wireless Console 2\wcourier.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMEDIA.EXE
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ABLKSR] C:\WINDOWS\ABLKSR\ABLKSR.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\ASUSTeK\ASUSDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Power_Gear] C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe 1
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [FTWATCH] C:\PROGRA~1\LALIGN~1\watch.exe
O4 - HKLM\..\Run: [FTTASKBARICON] C:\PROGRA~1\LALIGN~1\taskbaricon.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [hcxqhono] regsvr32 /u "C:\Documents and Settings\All Users\Application Data\hcxqhono.dll"
O4 - HKLM\..\Run: [TrojanScanner] C:\Program Files\Trojan Remover\Trjscan.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [Net4Switch] C:\Program Files\ASUS\Net4Switch\Net4Switch.exe
O4 - HKCU\..\Run: [updateMgr] c:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: MultiFrame.lnk = ?
O4 - Global Startup: Bluetooth Manager.lnk = ?
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Absolute Poker - {13C1DBF6-7535-495c-91F6-8C13714ED485} - C:\Documents and Settings\Moi\Menu Démarrer\Programmes\Absolute Poker\Absolute Poker.lnk
O9 - Extra 'Tools' menuitem: Absolute Poker - {13C1DBF6-7535-495c-91F6-8C13714ED485} - C:\Documents and Settings\Moi\Menu Démarrer\Programmes\Absolute Poker\Absolute Poker.lnk
O9 - Extra button: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Poker\Titan Poker\casino.exe
O9 - Extra 'Tools' menuitem: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Poker\Titan Poker\casino.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: CDPoker - {A68FC757-51CF-4f3c-B13A-BFB8CA69BB99} - C:\Poker\CDPoker\casino.exe
O9 - Extra 'Tools' menuitem: CDPoker - {A68FC757-51CF-4f3c-B13A-BFB8CA69BB99} - C:\Poker\CDPoker\casino.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.asus.com
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.mail.live.com/mail/w1/ [...] NPUpld.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/micros [...] 9579906000
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activ [...] asinst.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{064A0136-A027-42E9-ADCC-707664ECC3DE}: NameServer = 80.10.246.1 81.253.149.10
O17 - HKLM\System\CS1\Services\Tcpip\..\{064A0136-A027-42E9-ADCC-707664ECC3DE}: NameServer = 80.10.246.1 81.253.149.10
O20 - AppInit_DLLs: APSHook.dll
O20 - Winlogon Notify: OneCard - c:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\ASWLNPkg.dll
O21 - SSODL: hostctrl - {8E812AC0-22B5-4A31-B5A7-733F82CDF160} - C:\WINDOWS\hostctrl.dll
O21 - SSODL: msmhost - {DC1FA3D0-9090-4C9F-954C-D549C93D9BCE} - C:\WINDOWS\msmhost.dll
O21 - SSODL: msmdev - {A4907B59-6BA0-45C3-BFBD-C2BC8529DE7E} - C:\WINDOWS\msmdev.dll (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O24 - Desktop Component 0: Privacy Protection - file:///C:\WINDOWS\privacy_danger\index.htm

--
End of file - 13909 bytes

Autres pages sur : virus your privacy danger

18 Octobre 2007 19:03:50

Bonsoir,

Redémarre en mode sans échec
/!\ Ne jamais démarrer en mode sans échec via MSCONFIG /!\
Relance Smitfraudix.
Prends cette fois l’option 2. (Oui à toutes les questions)

Si tu dois redémarrer, ton ordi fais-le .
Poste le rapport qui se situe dans C:\rapport.txt .
Ainsi qu’un nouveau rapport HiJackThis.
18 Octobre 2007 20:01:08

SmitFraudFix v2.240

Rapport fait à 19:28:18,09, 18/10/2007
Executé à partir de C:\Documents and Settings\Moi\Bureau\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Le type du système de fichiers est FAT32
Fix executé en mode sans echec

»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Avant SmitFraudFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

»»»»»»»»»»»»»»»»»»»»»»»» Arret des processus


»»»»»»»»»»»»»»»»»»»»»»»» hosts

127.0.0.1 localhost

127.0.0.1 007guard.com
127.0.0.1 www.007guard.com
127.0.0.1 008i.com
127.0.0.1 008k.com
127.0.0.1 www.008k.com
127.0.0.1 00hq.com
127.0.0.1 www.00hq.com
127.0.0.1 010402.com
127.0.0.1 032439.com
127.0.0.1 www.032439.com
127.0.0.1 1001-search.info
127.0.0.1 www.1001-search.info
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 100sexlinks.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
127.0.0.1 123topsearch.com
127.0.0.1 www.123topsearch.com
127.0.0.1 132.com
127.0.0.1 www.132.com
127.0.0.1 136136.net
127.0.0.1 www.136136.net
127.0.0.1 139mm.com
127.0.0.1 www.139mm.com
127.0.0.1 163ns.com
127.0.0.1 www.163ns.com
127.0.0.1 171203.com
127.0.0.1 17-plus.com
127.0.0.1 1800searchonline.com
127.0.0.1 www.1800searchonline.com
127.0.0.1 180searchassistant.com
127.0.0.1 www.180searchassistant.com
127.0.0.1 180solutions.com
127.0.0.1 www.180solutions.com
127.0.0.1 181.365soft.info
127.0.0.1 www.181.365soft.info
127.0.0.1 1987324.com
127.0.0.1 www.1987324.com
127.0.0.1 1-domains-registrations.com
127.0.0.1 www.1-domains-registrations.com
127.0.0.1 1-extreme.biz
127.0.0.1 www.1-extreme.biz
127.0.0.1 1sexparty.com
127.0.0.1 www.1sexparty.com
127.0.0.1 1stantivirus.com
127.0.0.1 www.1stantivirus.com
127.0.0.1 1stpagehere.com
127.0.0.1 www.1stpagehere.com
127.0.0.1 1stsearchportal.com
127.0.0.1 www.1stsearchportal.com
127.0.0.1 2.82211.net
127.0.0.1 www.2006ooo.com
127.0.0.1 2007-download.com
127.0.0.1 www.2007-download.com
127.0.0.1 2020search.com
127.0.0.1 www.2020search.com
127.0.0.1 20x2p.com
127.0.0.1 24.365soft.info
127.0.0.1 www.24.365soft.info
127.0.0.1 24-7pharmacy.info
127.0.0.1 www.24-7pharmacy.info
127.0.0.1 24-7searching-and-more.com
127.0.0.1 www.24-7searching-and-more.com
127.0.0.1 24teen.com
127.0.0.1 www.24teen.com
127.0.0.1 2every.net
127.0.0.1 www.2every.net
127.0.0.1 2ndpower.com
127.0.0.1 2search.com
127.0.0.1 www.2search.com
127.0.0.1 2search.org
127.0.0.1 www.2search.org
127.0.0.1 2squared.com
127.0.0.1 www.2squared.com
127.0.0.1 3322.org
127.0.0.1 www.3322.org
127.0.0.1 365soft.info
127.0.0.1 36site.com
127.0.0.1 www.36site.com
127.0.0.1 3721.com
127.0.0.1 39-93.com
127.0.0.1 3abetterinternet.com
127.0.0.1 www.3abetterinternet.com
127.0.0.1 3bay.it
127.0.0.1 www.3bay.it
127.0.0.1 3ebay.it
127.0.0.1 www.3ebay.it
127.0.0.1 404dns.com
127.0.0.1 www.404dns.com
127.0.0.1 4199.com
127.0.0.1 www.4199.com
127.0.0.1 4corn.net
127.0.0.1 www.4corn.net
127.0.0.1 4ebay.it
127.0.0.1 www.4ebay.it
127.0.0.1 4klm.com
127.0.0.1 4repubblica.it
127.0.0.1 www.4repubblica.it
127.0.0.1 4softget.com
127.0.0.1 www.4softget.com
127.0.0.1 5iscali.it
127.0.0.1 www.5iscali.it
127.0.0.1 5repubblica.it
127.0.0.1 www.5repubblica.it
127.0.0.1 5starvideos.com
127.0.0.1 www.5starvideos.com
127.0.0.1 5tiscali.it
127.0.0.1 www.5tiscali.it
127.0.0.1 5zgmu7o20kt5d8yq.com
127.0.0.1 www.5zgmu7o20kt5d8yq.com
127.0.0.1 6iscali.it
127.0.0.1 www.6iscali.it
127.0.0.1 6sek.com
127.0.0.1 www.6sek.com
127.0.0.1 6tiscali.it
127.0.0.1 www.6tiscali.it
127.0.0.1 7322.com
127.0.0.1 www.7322.com
127.0.0.1 75tz.com
127.0.0.1 777search.com
127.0.0.1 www.777search.com
127.0.0.1 777top.com
127.0.0.1 www.777top.com
127.0.0.1 7939.com
127.0.0.1 www.7939.com
127.0.0.1 7search.com
127.0.0.1 www.7search.com
127.0.0.1 80gw6ry3i3x3qbrkwhxhw.032439.com
127.0.0.1 82211.net
127.0.0.1 8866.org
127.0.0.1 888.com
127.0.0.1 www.888.com
127.0.0.1 8ad.com
127.0.0.1 www.8ad.com
127.0.0.1 9505.com
127.0.0.1 www.9505.com
127.0.0.1 971searchbox.com
127.0.0.1 www.971searchbox.com
127.0.0.1 a.bestmanage.org
127.0.0.1 aaasexypics.com
127.0.0.1 aaawebfinder.com
127.0.0.1 www.aaawebfinder.com
127.0.0.1 aavc.com
127.0.0.1 abc-find.info
127.0.0.1 www.abc-find.info
127.0.0.1 abetterinternet.com
127.0.0.1 www.abetterinternet.com
127.0.0.1 abnetsoft.info
127.0.0.1 www.abnetsoft.info
127.0.0.1 aboutclicker.com
127.0.0.1 www.aboutclicker.com
127.0.0.1 abrp.net
127.0.0.1 www.abrp.net
127.0.0.1 absolutee.com
127.0.0.1 www.absolutee.com
127.0.0.1 abyssmedia.com
127.0.0.1 www.abyssmedia.com
127.0.0.1 ac66.cn
127.0.0.1 www.ac66.cn
127.0.0.1 access.Navinetwork.com
127.0.0.1 access.rapid-pass.net
127.0.0.1 accessactivexvideo.com
127.0.0.1 www.accessactivexvideo.com
127.0.0.1 accessclips.com
127.0.0.1 www.accessclips.com
127.0.0.1 access-dvd.com
127.0.0.1 www.access-dvd.com
127.0.0.1 accesskeygenerator.com
127.0.0.1 www.accesskeygenerator.com
127.0.0.1 accessorygeeks.com
127.0.0.1 www.accessorygeeks.com
127.0.0.1 accessthefuture.net
127.0.0.1 www.accessthefuture.net
127.0.0.1 accessvid.net
127.0.0.1 www.accessvid.net
127.0.0.1 acemedic.com
127.0.0.1 www.acemedic.com
127.0.0.1 ace-webmaster.com
127.0.0.1 www.ace-webmaster.com
127.0.0.1 acjp.com
127.0.0.1 acrobat-2007.com
127.0.0.1 www.acrobat-2007.com
127.0.0.1 acrobat-8.com
127.0.0.1 www.acrobat-8.com
127.0.0.1 acrobat-center.com
127.0.0.1 www.acrobat-center.com
127.0.0.1 acrobat-hq.com
127.0.0.1 www.acrobat-hq.com
127.0.0.1 acrobatreader-8.com
127.0.0.1 www.acrobatreader-8.com
127.0.0.1 acrobat-reader-8.de
127.0.0.1 www.acrobat-reader-8.de
127.0.0.1 acrobat-stop.com
127.0.0.1 www.acrobat-stop.com
127.0.0.1 actionbreastcancer.org
127.0.0.1 www.actionbreastcancer.org
127.0.0.1 activesearcher.info
127.0.0.1 www.activesearcher.info
127.0.0.1 activexaccessobject.com
127.0.0.1 www.activexaccessobject.com
127.0.0.1 activexaccessvideo.com
127.0.0.1 www.activexaccessvideo.com
127.0.0.1 activexemedia.com
127.0.0.1 www.activexemedia.com
127.0.0.1 activexmediaobject.com
127.0.0.1 www.activexmediaobject.com
127.0.0.1 activexmediapro.com
127.0.0.1 www.activexmediapro.com
127.0.0.1 activexmediasite.com
127.0.0.1 www.activexmediasite.com
127.0.0.1 activexmediasoftware.com
127.0.0.1 www.activexmediasoftware.com
127.0.0.1 activexmediasource.com
127.0.0.1 www.activexmediasource.com
127.0.0.1 activexmediatool.com
127.0.0.1 www.activexmediatool.com
127.0.0.1 activexmediatour.com
127.0.0.1 www.activexmediatour.com
127.0.0.1 activexsoftwares.com
127.0.0.1 www.activexsoftwares.com
127.0.0.1 activexsource.com
127.0.0.1 www.activexsource.com
127.0.0.1 activexupdate.com
127.0.0.1 www.activexupdate.com
127.0.0.1 activexvideo.com
127.0.0.1 www.activexvideo.com
127.0.0.1 activexvideotool.com
127.0.0.1 www.activexvideotool.com
127.0.0.1 ad.marketingsector.com
127.0.0.1 www.ad.marketingsector.com
127.0.0.1 ad.mokead.com
127.0.0.1 www.ad.mokead.com
127.0.0.1 ad.yieldmanager.com
127.0.0.1 www.ad.yieldmanager.com
127.0.0.1 ad25.com
127.0.0.1 ad45.com
127.0.0.1 ad77.com
127.0.0.1 ad86.com
127.0.0.1 adamsupportgroup.org
127.0.0.1 www.adamsupportgroup.org
127.0.0.1 adarmor.com
127.0.0.1 www.adarmor.com
127.0.0.1 adasearch.com
127.0.0.1 www.adasearch.com
127.0.0.1 adaware.cc
127.0.0.1 adawarenow.com
127.0.0.1 www.adawarenow.com
127.0.0.1 addictivetechnologies.com
127.0.0.1 www.addictivetechnologies.com
127.0.0.1 addictivetechnologies.net
127.0.0.1 www.addictivetechnologies.net
127.0.0.1 add-manager.com
127.0.0.1 www.add-manager.com
127.0.0.1 adgate.info
127.0.0.1 www.adgate.info
127.0.0.1 adipics.com
127.0.0.1 www.adipics.com
127.0.0.1 admin2cash.biz
127.0.0.1 www.admin2cash.biz
127.0.0.1 adnet-plus.com
127.0.0.1 adobe-download-now.com
127.0.0.1 adobe-downloads.com
127.0.0.1 www.adobe-downloads.com
127.0.0.1 adobe-reader-8.fr
127.0.0.1 www.adobe-reader-8.fr
127.0.0.1 adprotect.com
127.0.0.1 www.adprotect.com
127.0.0.1 ads.centralmedia.ws
127.0.0.1 ads.k8l.info
127.0.0.1 ads.kmpads.com
127.0.0.1 ads.marketingsector.com
127.0.0.1 ads.searchingbooth.com
127.0.0.1 ads.z-quest.com
127.0.0.1 ads183.com
127.0.0.1 www.ads183.com
127.0.0.1 adscontex.com
127.0.0.1 www.adscontex.com
127.0.0.1 adservices1.enhance.com
127.0.0.1 www.adservices1.enhance.com
127.0.0.1 adservs.com
127.0.0.1 adsextend.net
127.0.0.1 www.adsextend.net
127.0.0.1 adshttp.com
127.0.0.1 www.adshttp.com
127.0.0.1 adsonwww.com
127.0.0.1 www.adsonwww.com
127.0.0.1 adspics.com
127.0.0.1 www.adspics.com
127.0.0.1 adtrak.net
127.0.0.1 www.adtrak.net
127.0.0.1 adtrgt.com
127.0.0.1 adult777search.info
127.0.0.1 www.adult777search.info
127.0.0.1 adultan.com
127.0.0.1 www.adultan.com
127.0.0.1 adult-engine-search.com
127.0.0.1 www.adult-engine-search.com
127.0.0.1 adult-erotic-guide.net
127.0.0.1 www.adult-erotic-guide.net
127.0.0.1 adultfilmsite.com
127.0.0.1 www.adultfilmsite.com
127.0.0.1 adult-friends-finder.net
127.0.0.1 www.adult-friends-finder.net
127.0.0.1 adultgambling.org
127.0.0.1 adult-host.org
127.0.0.1 adulthyperlinks.com
127.0.0.1 www.adulthyperlinks.com
127.0.0.1 adultmovieplus.com
127.0.0.1 www.adultmovieplus.com
127.0.0.1 adult-personal.us
127.0.0.1 adultsgames.net
127.0.0.1 adultsper.com
127.0.0.1 www.adultsper.com
127.0.0.1 adulttds.com
127.0.0.1 www.adulttds.com
127.0.0.1 adultzoneworld.com
127.0.0.1 www.adultzoneworld.com
127.0.0.1 advcash.biz
127.0.0.1 www.advcash.biz
127.0.0.1 advert.exaccess.ru
127.0.0.1 advertisemoney.info
127.0.0.1 www.advertisemoney.info
127.0.0.1 advertising.paltalk.com
127.0.0.1 advertising-money.info
127.0.0.1 www.advertising-money.info
127.0.0.1 ad-ware.cc
127.0.0.1 ad-w-a-r-e.com
127.0.0.1 www.ad-w-a-r-e.com
127.0.0.1 a-d-w-a-r-e.com
127.0.0.1 www.a-d-w-a-r-e.com
127.0.0.1 adwarebazooka.com
127.0.0.1 www.adwarebazooka.com
127.0.0.1 adwarefinder.com
127.0.0.1 www.adwarefinder.com
127.0.0.1 adwareprotectionsite.com
127.0.0.1 www.adwareprotectionsite.com
127.0.0.1 adwarepunisher.com
127.0.0.1 www.adwarepunisher.com
127.0.0.1 aflgate.com
127.0.0.1 www.aflgate.com
127.0.0.1 africaspromise.org
127.0.0.1 agava.com
127.0.0.1 agava.ru
127.0.0.1 agentstudio.com
127.0.0.1 aginegialle.it
127.0.0.1 www.aginegialle.it
127.0.0.1 www.aifind.info
127.0.0.1 aifind.info
127.0.0.1 airtleworld.com
127.0.0.1 www.airtleworld.com
127.0.0.1 aitalia.it
127.0.0.1 www.aitalia.it
127.0.0.1 akamai.downloadv3.com
127.0.0.1 aklitalia.it
127.0.0.1 www.aklitalia.it
127.0.0.1 akril.com
127.0.0.1 alcatel.ws
127.0.0.1 alfacleaner.com
127.0.0.1 www.alfacleaner.com
127.0.0.1 alfa-search.com
127.0.0.1 alialia.it
127.0.0.1 www.alialia.it
127.0.0.1 aliotalia.it
127.0.0.1 www.aliotalia.it
127.0.0.1 alirtalia.it
127.0.0.1 www.alirtalia.it
127.0.0.1 alitaia.it
127.0.0.1 www.alitaia.it
127.0.0.1 alitaklia.it
127.0.0.1 www.alitaklia.it
127.0.0.1 alitala.it
127.0.0.1 www.alitala.it
127.0.0.1 alitali.it
127.0.0.1 www.alitali.it
127.0.0.1 alitaliaq.it
127.0.0.1 www.alitaliaq.it
127.0.0.1 alitalias.it
127.0.0.1 www.alitalias.it
127.0.0.1 alitaliaz.it
127.0.0.1 www.alitaliaz.it
127.0.0.1 alitalioa.it
127.0.0.1 www.alitalioa.it
127.0.0.1 alitalisa.it
127.0.0.1 www.alitalisa.it
127.0.0.1 alitaliua.it
127.0.0.1 www.alitaliua.it
127.0.0.1 alitalkia.it
127.0.0.1 www.alitalkia.it
127.0.0.1 alitaloia.it
127.0.0.1 www.alitaloia.it
127.0.0.1 alitaluia.it
127.0.0.1 www.alitaluia.it
127.0.0.1 alitaslia.it
127.0.0.1 www.alitaslia.it
127.0.0.1 alitlia.it
127.0.0.1 www.alitlia.it
127.0.0.1 alitralia.it
127.0.0.1 www.alitralia.it
127.0.0.1 alitsalia.it
127.0.0.1 www.alitsalia.it
127.0.0.1 aliutalia.it
127.0.0.1 www.aliutalia.it
127.0.0.1 ALL1COUNT.NET
127.0.0.1 www.ALL1COUNT.NET
127.0.0.1 all4internet.com
127.0.0.1 www.all4internet.com
127.0.0.1 allabtcars.com
127.0.0.1 allabtjeeps.com
127.0.0.1 all-bittorrent.com
127.0.0.1 www.all-bittorrent.com
127.0.0.1 www.allcybersearch.com
127.0.0.1 allcybersearch.com
127.0.0.1 alldnserrors.com
127.0.0.1 www.alldnserrors.com
127.0.0.1 all-downloads-now.com
127.0.0.1 www.all-downloads-now.com
127.0.0.1 all-edonkey.com
127.0.0.1 www.all-edonkey.com
127.0.0.1 allforadult.com
127.0.0.1 allhyperlinks.com
127.0.0.1 alliesecurity.com
127.0.0.1 www.alliesecurity.com
127.0.0.1 all-inet.com
127.0.0.1 allinternetbusiness.com
127.0.0.1 all-limewire.com
127.0.0.1 www.all-limewire.com
127.0.0.1 allmegabucks.com
127.0.0.1 www.allmegabucks.com
127.0.0.1 allprotections.com
127.0.0.1 www.allprotections.com
127.0.0.1 allresultz.net
127.0.0.1 www.allresultz.net
127.0.0.1 allsecuritynotes.com
127.0.0.1 www.allsecuritynotes.com
127.0.0.1 allsecuritysite.com
127.0.0.1 www.allsecuritysite.com
127.0.0.1 allstarsvideos.net
127.0.0.1 www.allstarsvideos.net
127.0.0.1 alltruesoftware.com
127.0.0.1 www.alltruesoftware.com
127.0.0.1 allvideoactivex.com
127.0.0.1 www.allvideoactivex.com
127.0.0.1 almanah.biz
127.0.0.1 www.almanah.biz
127.0.0.1 almarvideos.com
127.0.0.1 aloitalia.it
127.0.0.1 www.aloitalia.it
127.0.0.1 aluitalia.it
127.0.0.1 www.aluitalia.it
127.0.0.1 amaena.com
127.0.0.1 www.amaena.com
127.0.0.1 amandamountains.com
127.0.0.1 amateurliveshow.com
127.0.0.1 www.amateurliveshow.com
127.0.0.1 amediasoftware.com
127.0.0.1 www.amediasoftware.com
127.0.0.1 amediasource.com
127.0.0.1 www.amediasource.com
127.0.0.1 americancarbargains.com
127.0.0.1 www.americancarbargains.com
127.0.0.1 american-teens.net
127.0.0.1 amigeek.com
127.0.0.1 amisbusiness.com
127.0.0.1 ampmsearch.com
127.0.0.1 www.ampmsearch.com
127.0.0.1 analcord.com
127.0.0.1 www.analcord.com
127.0.0.1 analmovi.com
127.0.0.1 anarchylolita.com
127.0.0.1 www.anarchylolita.com
127.0.0.1 anarchyporn.com
127.0.0.1 andromedical.com
127.0.0.1 www.andromedical.com
127.0.0.1 animepornmag.com
127.0.0.1 www.animepornmag.com
127.0.0.1 anin.org
127.0.0.1 anjpn-avxiz.biz
127.0.0.1 www.anjpn-avxiz.biz
127.0.0.1 anjpnzqav.biz
127.0.0.1 www.anjpnzqav.biz
127.0.0.1 anjpn-zqav.biz
127.0.0.1 www.anjpn-zqav.biz
127.0.0.1 annaromeo.com
127.0.0.1 antiddos.us
127.0.0.1 www.antiddos.us
127.0.0.1 Antiespiadorado.com
127.0.0.1 www.Antiespiadorado.com
127.0.0.1 Antiespionspack.com
127.0.0.1 www.Antiespionspack.com
127.0.0.1 Antigusanos2008.com
127.0.0.1 www.Antigusanos2008.com
127.0.0.1 Antispionage.com
127.0.0.1 www.Antispionage.com
127.0.0.1 Antispionagepro.com
127.0.0.1 www.Antispionagepro.com
127.0.0.1 antispydns.biz
127.0.0.1 www.antispydns.biz
127.0.0.1 antispylab.com
127.0.0.1 www.antispylab.com
127.0.0.1 antispysolutions.com
127.0.0.1 www.antispysolutions.com
127.0.0.1 antispyware.com
127.0.0.1 www.antispyware.com
127.0.0.1 antispywarebot.com
127.0.0.1 www.antispywarebot.com
127.0.0.1 antispywarebox.com
127.0.0.1 www.antispywarebox.com
127.0.0.1 antispywaredownloads.com
127.0.0.1 www.antispywaredownloads.com
127.0.0.1 Antispywaresuite.com
127.0.0.1 www.Antispywaresuite.com
127.0.0.1 Antispyweb.net
127.0.0.1 www.Antispyweb.net
127.0.0.1 Antiver2008.com
127.0.0.1 www.Antiver2008.com
127.0.0.1 antivermins.com
127.0.0.1 www.antivermins.com
127.0.0.1 anti-vermins.com
127.0.0.1 www.anti-vermins.com
127.0.0.1 antivir2007.com
127.0.0.1 www.antivir2007.com
127.0.0.1 antivirgear.com
127.0.0.1 www.antivirgear.com
127.0.0.1 antivirus.fastfreedownload.com
127.0.0.1 www.antivirus.fastfreedownload.com
127.0.0.1 antivirusgolden.com
127.0.0.1 www.antivirusgolden.com
127.0.0.1 antivirus-hq.net
127.0.0.1 www.antivirus-hq.net
127.0.0.1 anti-virus-pro.com
127.0.0.1 www.anti-virus-pro.com
127.0.0.1 antivirusprotector.com
127.0.0.1 www.antivirusprotector.com
127.0.0.1 antivirussecuritypro.com
127.0.0.1 www.antivirussecuritypro.com
127.0.0.1 antivirus-stop.com
127.0.0.1 www.antivirus-stop.com
127.0.0.1 Antiworm2008.com
127.0.0.1 www.Antiworm2008.com
127.0.0.1 Antiwurm2008.com
127.0.0.1 www.Antiwurm2008.com
127.0.0.1 antrocity.com
127.0.0.1 anyofus.com
127.0.0.1 www.anyofus.com
127.0.0.1 anysn.seproger.com
127.0.0.1 www.anysn.seproger.com
127.0.0.1 anything4health.com
127.0.0.1 apicpreview.com
127.0.0.1 www.apicpreview.com
127.0.0.1 apmebf.com
127.0.0.1 www.apmebf.com
127.0.0.1 appealcircuit.com
127.0.0.1 www.appealcircuit.com
127.0.0.1 approvedlinks.com
127.0.0.1 www.approvedlinks.com
127.0.0.1 apps.deskwizz.com
127.0.0.1 apps.webservicehost.com
127.0.0.1 aprotectedpage.com
127.0.0.1 www.aprotectedpage.com
127.0.0.1 apsua.com
127.0.0.1 archiviosex.net
127.0.0.1 www.archiviosex.net
127.0.0.1 aregay.com
127.0.0.1 ares-freebie.com
127.0.0.1 www.ares-freebie.com
127.0.0.1 arespro2007.com
127.0.0.1 www.arespro2007.com
127.0.0.1 aresultra.com
127.0.0.1 www.aresultra.com
127.0.0.1 ares-usa.com
127.0.0.1 www.ares-usa.com
127.0.0.1 arheo.com
127.0.0.1 arizonaweb.org
127.0.0.1 armitageinn.com
127.0.0.1 arquivojpgs.smtp.ru
127.0.0.1 www.arquivojpgs.smtp.ru
127.0.0.1 artachnid.com
127.0.0.1 art-func.com
127.0.0.1 art-xxx.com
127.0.0.1 asafebrowser.com
127.0.0.1 www.asafebrowser.com
127.0.0.1 asafetynotice.com
127.0.0.1 www.asafetynotice.com
127.0.0.1 asafetypage.com
127.0.0.1 www.asafetypage.com
127.0.0.1 asdbiz.biz
127.0.0.1 www.asdbiz.biz
127.0.0.1 asdeykuddq.com
127.0.0.1 www.asdeykuddq.com
127.0.0.1 asecurebar.com
127.0.0.1 www.asecurebar.com
127.0.0.1 asecureboard.com
127.0.0.1 www.asecureboard.com
127.0.0.1 asecurevalue.com
127.0.0.1 www.asecurevalue.com
127.0.0.1 asecurityissue.com
127.0.0.1 www.asecurityissue.com
127.0.0.1 asecuritynotice.com
127.0.0.1 www.asecuritynotice.com
127.0.0.1 asecuritypaper.com
127.0.0.1 www.asecuritypaper.com
127.0.0.1 asecuritystuff.com
127.0.0.1 www.asecuritystuff.com
127.0.0.1 asiankingkong.com
127.0.0.1 asianpornmag.com
127.0.0.1 www.asianpornmag.com
127.0.0.1 asiantoolbar.com
127.0.0.1 www.asiantoolbar.com
127.0.0.1 asidseiupc.com
127.0.0.1 www.asidseiupc.com
127.0.0.1 aslitalia.it
127.0.0.1 www.aslitalia.it
127.0.0.1 ass-gals.com
127.0.0.1 assureprotection.com
127.0.0.1 www.assureprotection.com
127.0.0.1 asta-killer.com
127.0.0.1 asupereva.it
127.0.0.1 www.asupereva.it
127.0.0.1 athenrye.com
127.0.0.1 atotalsafety.com
127.0.0.1 www.atotalsafety.com
127.0.0.1 atrueprotection.com
127.0.0.1 www.atrueprotection.com
127.0.0.1 atruesecurity.com
127.0.0.1 www.atruesecurity.com
127.0.0.1 attackware.com
127.0.0.1 www.attackware.com
127.0.0.1 attrezzi.biz
127.0.0.1 www.attrezzi.biz
127.0.0.1 aulde.net
127.0.0.1 www.aulde.net
127.0.0.1 aupereva.it
127.0.0.1 www.aupereva.it
127.0.0.1 autocontext.begun.ru
127.0.0.1 www.autocontext.begun.ru
127.0.0.1 autoescrowpay.com
127.0.0.1 avast.free-software-center.com
127.0.0.1 www.avast.free-software-center.com
127.0.0.1 avast-2007.com
127.0.0.1 www.avast-2007.com
127.0.0.1 avast-downloads.com
127.0.0.1 www.avast-downloads.com
127.0.0.1 avast-hq.com
127.0.0.1 www.avast-hq.com
127.0.0.1 avforce.com
127.0.0.1 www.avforce.com
127.0.0.1 avg.grab-it-today.net
127.0.0.1 www.avg.grab-it-today.net
127.0.0.1 avg.softwarecenterz.com
127.0.0.1 www.avg.softwarecenterz.com
127.0.0.1 avg-secure.com
127.0.0.1 www.avg-secure.com
127.0.0.1 avian-ads.com
127.0.0.1 avideoaxaccess.com
127.0.0.1 www.avideoaxaccess.com
127.0.0.1 avideosurfer.com
127.0.0.1 www.avideosurfer.com
127.0.0.1 aviewersoft.com
127.0.0.1 www.aviewersoft.com
127.0.0.1 avpcheckupdate.com
127.0.0.1 www.avpcheckupdate.com
127.0.0.1 avxizaaqada.biz
127.0.0.1 www.avxizaaqada.biz
127.0.0.1 avxiz-anjpn.biz
127.0.0.1 www.avxiz-anjpn.biz
127.0.0.1 avxizueorn.biz
127.0.0.1 www.avxizueorn.biz
127.0.0.1 avxiz-ueorn.biz
127.0.0.1 www.avxiz-ueorn.biz
127.0.0.1 avxiz-vtvcp.biz
127.0.0.1 www.avxiz-vtvcp.biz
127.0.0.1 avxiz-ygco.biz
127.0.0.1 www.avxiz-ygco.biz
127.0.0.1 avxiz-zqav.biz
127.0.0.1 www.avxiz-zqav.biz
127.0.0.1 awarninglist.com
127.0.0.1 www.awarninglist.com
127.0.0.1 awbeta.net-nucleus.com
127.0.0.1 awesomehomepage.com
127.0.0.1 www.awesomehomepage.com
127.0.0.1 awmcash.biz
127.0.0.1 awmdabest.com
127.0.0.1 axemediasoftware.com
127.0.0.1 www.axemediasoftware.com
127.0.0.1 aximageobject.com
127.0.0.1 www.aximageobject.com
127.0.0.1 axmediaproject.com
127.0.0.1 www.axmediaproject.com
127.0.0.1 axmediasoftware.com
127.0.0.1 www.axmediasoftware.com
127.0.0.1 axmediasolutions.com
127.0.0.1 www.axmediasolutions.com
127.0.0.1 axobjectpage.com
127.0.0.1 www.axobjectpage.com
127.0.0.1 axobjectsource.com
127.0.0.1 www.axobjectsource.com
127.0.0.1 axsoftwaretool.com
127.0.0.1 www.axsoftwaretool.com
127.0.0.1 axvideoproject.com
127.0.0.1 www.axvideoproject.com
127.0.0.1 axvideosetup.com
127.0.0.1 www.axvideosetup.com
127.0.0.1 ayakawamura.com
127.0.0.1 ayb.dns-look-up.com
127.0.0.1 ayb.netbios-wait.com
127.0.0.1 ayumitaniguchi.com
127.0.0.1 azebar.com
127.0.0.1 azureusclub.com
127.0.0.1 www.azureusclub.com
127.0.0.1 azureus-freebie.com
127.0.0.1 www.azureus-freebie.com
127.0.0.1 azzetta.it
127.0.0.1 www.azzetta.it
127.0.0.1 b.casalemedia.com
127.0.0.1 babe.k-lined.com
127.0.0.1 www.babe.k-lined.com
127.0.0.1 babe.the-killer.bz
127.0.0.1 www.babe.the-killer.bz
127.0.0.1 babenet.com
127.0.0.1 www.babenet.com
127.0.0.1 babespornmag.com
127.0.0.1 www.babespornmag.com
127.0.0.1 babeweb.de
127.0.0.1 www.babeweb.de
127.0.0.1 baccarat-other.info
127.0.0.1 www.baccarat-other.info
127.0.0.1 Backstripgirls.com
127.0.0.1 www.Backstripgirls.com
127.0.0.1 backup.mabou.org
127.0.0.1 balotierra.com
127.0.0.1 www.balotierra.com
127.0.0.1 bannedhost.net
127.0.0.1 barbudafarms.com
127.0.0.1 bardownload.com
127.0.0.1 www.bardownload.com
127.0.0.1 barnandfence.com
127.0.0.1 batsearch.com
127.0.0.1 baygraphicsllc.com
127.0.0.1 bbbsearch.com
127.0.0.1 bb-search.com
127.0.0.1 bdsmlibrary.net
127.0.0.1 bdsmpornmag.com
127.0.0.1 www.bdsmpornmag.com
127.0.0.1 bearshare.download-me.info
127.0.0.1 www.bearshare.download-me.info
127.0.0.1 bearshare.mp3-muzic.com
127.0.0.1 www.bearshare.mp3-muzic.com
127.0.0.1 bearshare-download.org
127.0.0.1 www.bearshare-download.org
127.0.0.1 bearshare-downloads.net
127.0.0.1 www.bearshare-downloads.net
127.0.0.1 bearsharelive.co.uk
127.0.0.1 www.bearsharelive.co.uk
127.0.0.1 bearshare-music-downloads.com
127.0.0.1 www.bearshare-music-downloads.com
127.0.0.1 bearsharepro2007.com
127.0.0.1 www.bearsharepro2007.com
127.0.0.1 bearshare-usa.com
127.0.0.1 www.bearshare-usa.com
127.0.0.1 bedhome.com
127.0.0.1 bediadance.com
127.0.0.1 beebappyy.biz
127.0.0.1 www.beebappyy.biz
127.0.0.1 begin2search.com
127.0.0.1 www.begin2search.com
127.0.0.1 bellabasketsfl.com
127.0.0.1 bernaolatwin.com
127.0.0.1 best-counter.com
127.0.0.1 bestcrawler.com
127.0.0.1 bestfor.ru
127.0.0.1 best-hardpics.com
127.0.0.1 bestmanage.org
127.0.0.1 www.bestmanage.org
127.0.0.1 bestmanage0.org
127.0.0.1 www.bestmanage0.org
127.0.0.1 bestmanage1.org
127.0.0.1 www.bestmanage1.org
127.0.0.1 bestmanage2.org
127.0.0.1 www.bestmanage2.org
127.0.0.1 bestmanage3.org
127.0.0.1 www.bestmanage3.org
127.0.0.1 bestmanage4.org
127.0.0.1 www.bestmanage4.org
127.0.0.1 bestmanage5.org
127.0.0.1 www.bestmanage5.org
127.0.0.1 bestmanage6.org
127.0.0.1 www.bestmanage6.org
127.0.0.1 bestmanage7.org
127.0.0.1 www.bestmanage7.org
127.0.0.1 bestmanage8.org
127.0.0.1 www.bestmanage8.org
127.0.0.1 bestmanage9.org
127.0.0.1 www.bestmanage9.org
127.0.0.1 bestporngate.com
127.0.0.1 bestsafetyguide.net
127.0.0.1 www.bestsafetyguide.net
127.0.0.1 best-spyware.info
127.0.0.1 www.best-spyware.info
127.0.0.1 best-targeted-traffic.com
127.0.0.1 www.best-targeted-traffic.com
127.0.0.1 best-voyeur.info
127.0.0.1 www.best-voyeur.info
127.0.0.1 bestweblinks.com
127.0.0.1 best-winning-casino.com
127.0.0.1 bestworldgirls-for-u.net
127.0.0.1 www.bestworldgirls-for-u.net
127.0.0.1 bestxporno.com
127.0.0.1 bettersearch.biz
127.0.0.1 www.bettersearch.biz
127.0.0.1 bgazzetta.it
127.0.0.1 www.bgazzetta.it
127.0.0.1 bgoogle.it
127.0.0.1 www.bgoogle.it
127.0.0.1 bigtrafficnetwork.com
127.0.0.1 www.bigtrafficnetwork.com
127.0.0.1 bigwww.com
127.0.0.1 www.bigwww.com
127.0.0.1 bin.errorprotector.com
127.0.0.1 bins.media-motor.net
127.0.0.1 bins2.media-motor.net
127.0.0.1 bis.180solutions.com
127.0.0.1 bitchesonline.net
127.0.0.1 bitcomet-freebie.com
127.0.0.1 www.bitcomet-freebie.com
127.0.0.1 biz.biz
127.0.0.1 blackblues00.com
127.0.0.1 www.blackblues00.com
127.0.0.1 blackhats.tc
127.0.0.1 www.blackhats.tc
127.0.0.1 blackhawksoftware.com
127.0.0.1 www.blackhawksoftware.com
127.0.0.1 blackjack-free.net
127.0.0.1 blazefind.com
127.0.0.1 blender.xu.pl
127.0.0.1 blondetgp.com
127.0.0.1 blue-elefant.com
127.0.0.1 www.blue-elefant.com
127.0.0.1 bm.theaimonline.com
127.0.0.1 www.bm.theaimonline.com
127.0.0.1 bnmgate.com
127.0.0.1 www.bnmgate.com
127.0.0.1 bodaciousbabette.com
127.0.0.1 bonzi.com
127.0.0.1 www.bonzi.com
127.0.0.1 boobdoll.com
127.0.0.1 boobsandtits.com
127.0.0.1 boobsclub.com
127.0.0.1 bookedspace.com
127.0.0.1 www.bookedspace.com
127.0.0.1 boom.com.vn
127.0.0.1 www.boom.com.vn
127.0.0.1 boredlife.com
127.0.0.1 bowlofogumbo.com
127.0.0.1 bpfq02.com
127.0.0.1 www.bpfq02.com
127.0.0.1 bqgate.com
127.0.0.1 www.bqgate.com
127.0.0.1 br.errorsafe.com
127.0.0.1 br.winantivirus.com
127.0.0.1 br.winfixer.com
127.0.0.1 bradcoem.org
127.0.0.1 braincodec.com
127.0.0.1 www.braincodec.com
127.0.0.1 brandiyoung.com
127.0.0.1 bravesentry.com
127.0.0.1 www.bravesentry.com
127.0.0.1 breenten.biz
127.0.0.1 www.breenten.biz
127.0.0.1 brodbfm.net
127.0.0.1 www.brodbfm.net
127.0.0.1 brookeburn.com
127.0.0.1 browserwise.com
127.0.0.1 www.browserwise.com
127.0.0.1 bucps.com
127.0.0.1 buhartes.info
127.0.0.1 buldog-stats.com
127.0.0.1 bullseye-network.com
127.0.0.1 www.bullseye-network.com
127.0.0.1 burgerkingbigscreen.com
127.0.0.1 burnsrecyclinginc.com
127.0.0.1 www.burnsrecyclinginc.com
127.0.0.1 buscards.net
127.0.0.1 bustyrussell.com
127.0.0.1 busysearch.net
127.0.0.1 www.busysearch.net
127.0.0.1 buttejazz.org
127.0.0.1 buy-find.info
127.0.0.1 www.buy-find.info
127.0.0.1 buyselldomain.net
127.0.0.1 buytraff.biz
127.0.0.1 www.buytraff.biz
127.0.0.1 buz.ru
127.0.0.1 bvirgilio.it
127.0.0.1 www.bvirgilio.it
127.0.0.1 c.centralmedia.ws
127.0.0.1 c.enhance.com
127.0.0.1 www.c.enhance.com
127.0.0.1 c.goclick.com
127.0.0.1 c4tdownload.com
127.0.0.1 www.c4tdownload.com
127.0.0.1 c5.www4free.info
127.0.0.1 www.c5.www4free.info
127.0.0.1 cache.surfaccuracy.com
127.0.0.1 www.cache.surfaccuracy.com
127.0.0.1 cache.ysbweb.com
127.0.0.1 calcioturris.com
127.0.0.1 calendaralerts.net
127.0.0.1 www.calendaralerts.net
127.0.0.1 cameouk.co.uk
127.0.0.1 www.cameouk.co.uk
127.0.0.1 cameup.com
127.0.0.1 camouflageclothingonline.net
127.0.0.1 www.camouflageclothingonline.net
127.0.0.1 camup.net
127.0.0.1 canberracricketcoaching.com
127.0.0.1 candycantaloupes.com
127.0.0.1 canidetect.org
127.0.0.1 www.canidetect.org
127.0.0.1 cantfind.com
127.0.0.1 www.cantfind.com
127.0.0.1 careers.dulcineasystems.net
127.0.0.1 carsands.com
127.0.0.1 carsrentals.net
127.0.0.1 cartoes.uol.com.br
127.0.0.1 casalemedia.com
127.0.0.1 www.casalemedia.com
127.0.0.1 cashdeluxe.net
127.0.0.1 www.cashdeluxe.net
127.0.0.1 cashengines.com
127.0.0.1 www.cashengines.com
127.0.0.1 cashsearch.biz
127.0.0.1 cashsurfers.com
127.0.0.1 www.cashsurfers.com
127.0.0.1 CashUnlim.com
127.0.0.1 www.CashUnlim.com
127.0.0.1 casino.com.free.game.pogo.gratisdownloads.nl
127.0.0.1 casino2win.net
127.0.0.1 casino-gambling-1.net
127.0.0.1 casino-gambling-2.net
127.0.0.1 casinomidas.net
127.0.0.1 casinonline.net
127.0.0.1 casino-onlines.net
127.0.0.1 castingsamateur.com
127.0.0.1 www.castingsamateur.com
127.0.0.1 catallogue.com
127.0.0.1 catch-dc.info
127.0.0.1 www.catch-dc.info
127.0.0.1 categories.mygeek.com
127.0.0.1 catsss.da.ru
127.0.0.1 caxa.ru
127.0.0.1 cc.panet.org
127.0.0.1 ccecaedbebfcaf.com
127.0.0.1 www.ccecaedbebfcaf.com
127.0.0.1 cclebali.org
127.0.0.1 ccorriere.it
127.0.0.1 www.ccorriere.it
127.0.0.1 cdegate.com
127.0.0.1 www.cdegate.com
127.0.0.1 cdn.drivecleaner.com
127.0.0.1 cdn.errorsafe.com
127.0.0.1 cdn.movies-etc.com
127.0.0.1 cdn.winsoftware.com
127.0.0.1 cdn2.movies-etc.com
127.0.0.1 cdorriere.it
127.0.0.1 www.cdorriere.it
127.0.0.1 ceewawires.org
127.0.0.1 centralmedia.ws
127.0.0.1 certumgroup.com
127.0.0.1 cforriere.it
127.0.0.1 www.cforriere.it
127.0.0.1 check.jupitersatellites.biz
127.0.0.1 www.check.jupitersatellites.biz
127.0.0.1 checkin100.com
127.0.0.1 www.checkin100.com
127.0.0.1 checkssecurity.com
127.0.0.1 www.checkssecurity.com
127.0.0.1 chelancatering.com
127.0.0.1 chenshijituan.com
127.0.0.1 www.chenshijituan.com
127.0.0.1 childrenvilla.com
127.0.0.1 chips-4-free.com
127.0.0.1 chrisswasey.com
127.0.0.1 chriswallace.net
127.0.0.1 cia-trjn.myvnc.com
127.0.0.1 www.cia-trjn.myvnc.com
127.0.0.1 ciorriere.it
127.0.0.1 www.ciorriere.it
127.0.0.1 cirriere.it
127.0.0.1 www.cirriere.it
127.0.0.1 ckick4thumbs.com
127.0.0.1 cl55.biz
127.0.0.1 clackamasliteraryreview.com
127.0.0.1 cleansoftwares.com
127.0.0.1 www.cleansoftwares.com
127.0.0.1 clearsearch.cc
127.0.0.1 clearsearch.net
127.0.0.1 clickaire.com
127.0.0.1 click-codec.com
127.0.0.1 www.click-codec.com
127.0.0.1 clickhere4search.com
127.0.0.1 www.clickhere4search.com
127.0.0.1 click-now.net
127.0.0.1 clickspring.net
127.0.0.1 www.clickspring.net
127.0.0.1 click-to-download.com
127.0.0.1 www.click-to-download.com
127.0.0.1 clicktomakeasearch.com
127.0.0.1 www.clicktomakeasearch.com
127.0.0.1 clickyestoenter.net
127.0.0.1 client.exeupdate.com
127.0.0.1 client.myadultexplorer.com
127.0.0.1 cliks.org
127.0.0.1 www.cliks.org
127.0.0.1 clorriere.it
127.0.0.1 www.clorriere.it
127.0.0.1 clrsch.com
127.0.0.1 clubxxxvideo.com
127.0.0.1 www.clubxxxvideo.com
127.0.0.1 clusif.free.fr
127.0.0.1 cmtapestry.com
127.0.0.1 cnetadd.com
127.0.0.1 www.cnetadd.com
127.0.0.1 cnzz.com
127.0.0.1 www.cnzz.com
127.0.0.1 code.ignphrases.com
127.0.0.1 codec.ninoa.com
127.0.0.1 codecdvd.net
127.0.0.1 www.codecdvd.net
127.0.0.1 codec-fun.com
127.0.0.1 www.codec-fun.com
127.0.0.1 codecsoft.net
127.0.0.1 www.codecsoft.net
127.0.0.1 codrriere.it
127.0.0.1 www.codrriere.it
127.0.0.1 coeriere.it
127.0.0.1 www.coeriere.it
127.0.0.1 coerriere.it
127.0.0.1 www.coerriere.it
127.0.0.1 cofrriere.it
127.0.0.1 www.cofrriere.it
127.0.0.1 cogrriere.it
127.0.0.1 www.cogrriere.it
127.0.0.1 coirriere.it
127.0.0.1 www.coirriere.it
127.0.0.1 command.adservs.com
127.0.0.1 www.commonname.com
127.0.0.1 computerpcgames.net
127.0.0.1 www.computerpcgames.net
127.0.0.1 computerrecover.com
127.0.0.1 www.computerrecover.com
127.0.0.1 config.180solutions.com
127.0.0.1 content.dollarrevenue.com
127.0.0.1 www.content.dollarrevenue.com
127.0.0.1 content.ireit.com
127.0.0.1 www.content.ireit.com
127.0.0.1 content.onerateld.com
127.0.0.1 contentmatch.net
127.0.0.1 www.contentmatch.net
127.0.0.1 contra-virus.com
127.0.0.1 www.contra-virus.com
127.0.0.1 controlmeh.com
127.0.0.1 www.controlmeh.com
127.0.0.1 cool.ne.jp
127.0.0.1 cooldeskalert.com
127.0.0.1 www.cooldeskalert.com
127.0.0.1 coolfetishsite.com
127.0.0.1 coolfreehost.com
127.0.0.1 coolfreepage.com
127.0.0.1 coolfreepages.com
127.0.0.1 cool-homepage.co
127.0.0.1 cool-homepage.com
127.0.0.1 coolmoneysearch.com
127.0.0.1 coolpornsearch.com
127.0.0.1 cool-search.net
127.0.0.1 cool-search.netfartpost.com
127.0.0.1 coolsearcher.info
127.0.0.1 coolservecorp.net
127.0.0.1 www.coolservecorp.net
127.0.0.1 coolwebsearch.com
127.0.0.1 www.coolwebsearch.com
127.0.0.1 cool-web-search.com
127.0.0.1 coolwebsearsh.com
127.0.0.1 coolwwwsearch.com
127.0.0.1 www.coolwwwsearch.com
127.0.0.1 cool-xxx.net
127.0.0.1 coorriere.it
127.0.0.1 www.coorriere.it
127.0.0.1 copmtraine.com
127.0.0.1 coprriere.it
127.0.0.1 www.coprriere.it
127.0.0.1 core.psyche-evolution.com
127.0.0.1 www.core.psyche-evolution.com
127.0.0.1 coreiere.it
127.0.0.1 www.coreiere.it
127.0.0.1 coreriere.it
127.0.0.1 www.coreriere.it
127.0.0.1 corrdiere.it
127.0.0.1 www.corrdiere.it
127.0.0.1 correiere.it
127.0.0.1 www.correiere.it
127.0.0.1 corrfiere.it
127.0.0.1 www.corrfiere.it
127.0.0.1 corrgiere.it
127.0.0.1 www.corrgiere.it
127.0.0.1 corridere.it
127.0.0.1 www.corridere.it
127.0.0.1 corriedre.it
127.0.0.1 www.corriedre.it
127.0.0.1 corriee.it
127.0.0.1 www.corriee.it
127.0.0.1 corrieere.it
127.0.0.1 www.corrieere.it
127.0.0.1 corriefre.it
127.0.0.1 www.corriefre.it
127.0.0.1 corriegre.it
127.0.0.1 www.corriegre.it
127.0.0.1 corrierde.it
127.0.0.1 www.corrierde.it
127.0.0.1 corriered.it
127.0.0.1 www.corriered.it
127.0.0.1 corrieree.it
127.0.0.1 www.corrieree.it
127.0.0.1 corrieref.it
127.0.0.1 www.corrieref.it
127.0.0.1 corrierer.it
127.0.0.1 www.corrierer.it
127.0.0.1 corrieres.it
127.0.0.1 www.corrieres.it
127.0.0.1 corrierew.it
127.0.0.1 www.corrierew.it
127.0.0.1 corrierfe.it
127.0.0.1 www.corrierfe.it
127.0.0.1 corrierge.it
127.0.0.1 www.corrierge.it
127.0.0.1 corrierr.it
127.0.0.1 www.corrierr.it
127.0.0.1 corrierre.it
127.0.0.1 www.corrierre.it
127.0.0.1 corrierse.it
127.0.0.1 www.corrierse.it
127.0.0.1 corrierte.it
127.0.0.1 www.corrierte.it
127.0.0.1 corrierw.it
127.0.0.1 www.corrierw.it
127.0.0.1 corrierwe.it
127.0.0.1 www.corrierwe.it
127.0.0.1 corriesre.it
127.0.0.1 www.corriesre.it
127.0.0.1 corriete.it
127.0.0.1 www.corriete.it
127.0.0.1 corrietre.it
127.0.0.1 www.corrietre.it
127.0.0.1 corriewre.it
127.0.0.1 www.corriewre.it
127.0.0.1 corrifere.it
127.0.0.1 www.corrifere.it
127.0.0.1 corriiere.it
127.0.0.1 www.corriiere.it
127.0.0.1 corrilere.it
127.0.0.1 www.corrilere.it
127.0.0.1 corrioere.it
127.0.0.1 www.corrioere.it
127.0.0.1 corrire.it
127.0.0.1 www.corrire.it
127.0.0.1 corrirere.it
127.0.0.1 www.corrirere.it
127.0.0.1 corrirre.it
127.0.0.1 www.corrirre.it
127.0.0.1 corrisere.it
127.0.0.1 www.corrisere.it
127.0.0.1 corriuere.it
127.0.0.1 www.corriuere.it
127.0.0.1 corriwere.it
127.0.0.1 www.corriwere.it
127.0.0.1 corriwre.it
127.0.0.1 www.corriwre.it
127.0.0.1 corrliere.it
127.0.0.1 www.corrliere.it
127.0.0.1 corroere.it
127.0.0.1 www.corroere.it
127.0.0.1 corroiere.it
127.0.0.1 www.corroiere.it
127.0.0.1 corrriere.it
127.0.0.1 www.corrriere.it
127.0.0.1 corrtiere.it
127.0.0.1 www.corrtiere.it
127.0.0.1 corruere.it
127.0.0.1 www.corruere.it
127.0.0.1 corruiere.it
127.0.0.1 www.corruiere.it
127.0.0.1 cortiere.it
127.0.0.1 www.cortiere.it
127.0.0.1 cortriere.it
127.0.0.1 www.cortriere.it
127.0.0.1 costrike.com
127.0.0.1 www.costrike.com
127.0.0.1 cotriere.it
127.0.0.1 www.cotriere.it
127.0.0.1 cotrriere.it
127.0.0.1 www.cotrriere.it
127.0.0.1 couldnotfind.com
127.0.0.1 count.cc
127.0.0.1 count.hitscount.net
127.0.0.1 count-all.com
127.0.0.1 countdutycall.info
127.0.0.1 www.countdutycall.info
127.0.0.1 counter.sexmaniack.com
127.0.0.1 cporriere.it
127.0.0.1 www.cporriere.it
127.0.0.1 cprriere.it
127.0.0.1 www.cprriere.it
127.0.0.1 cpvfeed.com
127.0.0.1 cracks.me.uk
127.0.0.1 cracks4all.com
127.0.0.1 www.cracks4all.com
127.0.0.1 crapsgold.info
127.0.0.1 www.crapsgold.info
127.0.0.1 Crazygirls-world.com
127.0.0.1 crazywinnings.com
127.0.0.1 www.crazywinnings.com
127.0.0.1 creamedcutties.com
127.0.0.1 createaccesskey.com
127.0.0.1 www.createaccesskey.com
127.0.0.1 creditsearchonline.com
127.0.0.1 crestring.com
127.0.0.1 crooder.com
127.0.0.1 crriere.it
127.0.0.1 www.crriere.it
127.0.0.1 crystalysmedia.com
127.0.0.1 www.crystalysmedia.com
127.0.0.1 csx.adservs.com
127.0.0.1 www.csx.adservs.com
127.0.0.1 cts.180solutions.com
127.0.0.1 cuisinartoven.com
127.0.0.1 www.cuisinartoven.com
127.0.0.1 curedc.info
127.0.0.1 www.curedc.info
127.0.0.1 curepcsolutions.com
127.0.0.1 www.curepcsolutions.com
127.0.0.1 curvedspaces.com
127.0.0.1 cutadult.com
127.0.0.1 www.cutadult.com
127.0.0.1 cvirgilio.it
127.0.0.1 www.cvirgilio.it
127.0.0.1 cvorriere.it
127.0.0.1 www.cvorriere.it
127.0.0.1 cvs.jps.ru
127.0.0.1 cvsymphony.com
127.0.0.1 cxorriere.it
127.0.0.1 www.cxorriere.it
127.0.0.1 cyberrape.com
127.0.0.1 www.cyberrape.com
127.0.0.1 cydom.com
127.0.0.1 cydoor.com
127.0.0.1 www.cydoor.com
127.0.0.1 daily-gals.com
127.0.0.1 dailypornmag.com
127.0.0.1 www.dailypornmag.com
127.0.0.1 dailyteenspic.com
127.0.0.1 dailytoolbar.com
127.0.0.1 www.dailytoolbar.com
127.0.0.1 dancingbabycd.com
127.0.0.1 data-hoster.com
127.0.0.1 www.data-hoster.com
127.0.0.1 datanotary.com
127.0.0.1 datareco.com
127.0.0.1 dating-galaxy.info
127.0.0.1 www.dating-galaxy.info
127.0.0.1 dating-search.net
127.0.0.1 davemarshall.org
127.0.0.1 db105.com
127.0.0.1 dbdecicated.com
127.0.0.1 www.dbdecicated.com
127.0.0.1 dbxcompany.com
127.0.0.1 www.dbxcompany.com
127.0.0.1 dcdl.dmcast.com
127.0.0.1 dcfitusa.com
127.0.0.1 dcorriere.it
127.0.0.1 www.dcorriere.it
127.0.0.1 dcurtis.com
127.0.0.1 www.dcurtis.com
127.0.0.1 dcww.dmcast.com
127.0.0.1 de.ag
127.0.0.1 de.drivecleaner.com
127.0.0.1 de.errorsafe.com
127.0.0.1 de.winantivirus.com
127.0.0.1 de98.remsys.org
127.0.0.1 debay.it
127.0.0.1 www.debay.it
127.0.0.1 dedmazay.3322.org
127.0.0.1 dedsearch.com
127.0.0.1 www.dedsearch.com
127.0.0.1 defaultsearch.net
127.0.0.1 Defensaantimalware.com
127.0.0.1 www.Defensaantimalware.com
127.0.0.1 deja-rue.com
127.0.0.1 www.deja-rue.com
127.0.0.1 derklaif.biz
127.0.0.1 www.derklaif.biz
127.0.0.1 derrari.it
127.0.0.1 www.derrari.it
127.0.0.1 desarrollocreativo.com
127.0.0.1 deskbar.worldtostart.com
127.0.0.1 www.deskbar.worldtostart.com
127.0.0.1 deskwizz.com
127.0.0.1 www.deskwizz.com
127.0.0.1 dev.ntcor.com
127.0.0.1 develip.com
127.0.0.1 dewis.spb.ru
127.0.0.1 dewis.us
127.0.0.1 df809jow4wj2304lfd0sf9fsd0a2t4ldf809jow4wj2304lfd0sf9fsd0a2t4ld.biz
127.0.0.1 dgbusiness.com
127.0.0.1 www.dgbusiness.com
127.0.0.1 dialer2004.com
127.0.0.1 dialerclub.com
127.0.0.1 www.dialerclub.com
127.0.0.1 dialer-shop.com
127.0.0.1 www.dialer-shop.com
127.0.0.1 dialoff.com
127.0.0.1 www.dialoff.com
127.0.0.1 did.i-used.cc
127.0.0.1 www.did.i-used.cc
127.0.0.1 dietpills4free.com
127.0.0.1 dietpussy.com
127.0.0.1 digikeygen.com
127.0.0.1 www.digikeygen.com
127.0.0.1 digistreamsa.com
127.0.0.1 digitalcoders.net
127.0.0.1 www.digitalcoders.net
127.0.0.1 www.digitalfan.com
127.0.0.1 digital-pornography.com
127.0.0.1 dionforvalleycouncil.org
127.0.0.1 directdvdpro.com
127.0.0.1 www.directdvdpro.com
127.0.0.1 directporta.info
127.0.0.1 www.directporta.info
127.0.0.1 directsearchzone.com
127.0.0.1 www.directsearchzone.com
127.0.0.1 dist.checkin100.com
127.0.0.1 dl.ad-ware.cc
127.0.0.1 dl.malwarewipe.com
127.0.0.1 dl.targetsaver.com
127.0.0.1 www.dl.targetsaver.com
127.0.0.1 dl.web-nexus.net
127.0.0.1 dl1.antivermins.com
127.0.0.1 dl1.antivirgear.com
127.0.0.1 dl1.spydawn.com
127.0.0.1 dl1.virusprotectpro.com
127.0.0.1 dl10.spyfalcon.com
127.0.0.1 dl16.spyfalcon.com
127.0.0.1 dl2.spyfalcon.com
127.0.0.1 dl2.spyheal.com
127.0.0.1 dl2.spywarestrike.com
127.0.0.1 dl3.spyfalcon.com
127.0.0.1 dl3.spyheal.com
127.0.0.1 dl3.spywarestrike.com
127.0.0.1 dl4.spyfalcon.com
127.0.0.1 dl4.spywarestrike.com
127.0.0.1 dl5.spyfalcon.com
127.0.0.1 dl5.spywarestrike.com
127.0.0.1 dl6.spywarestrike.com
127.0.0.1 dl7.spywarestrike.com
127.0.0.1 dl8.spyheal.com
127.0.0.1 dl8.spywarestrike.com
127.0.0.1 dl9.spyfalcon.com
127.0.0.1 dmcast.com
127.0.0.1 www.dmcast.com
127.0.0.1 dnaads.com
127.0.0.1 www.dnaads.com
127.0.0.1 dnl.mabou.org
127.0.0.1 dns-look-up.com
127.0.0.1 www.dns-look-up.com
127.0.0.1 doctorwaldron.com
127.0.0.1 document-not-found.pornpic.org
127.0.0.1 doggyaction.com
127.0.0.1 dogproblemswebsite.com
127.0.0.1 www.dogproblemswebsite.com
127.0.0.1 doktorxxx.com
127.0.0.1 dollarrevenue.com
127.0.0.1 domaincar.com
127.0.0.1 www.domaincar.com
127.0.0.1 domains2003.net
127.0.0.1 domains-for-you-online.com
127.0.0.1 domain-your-registration.com
127.0.0.1 domkrat.com
127.0.0.1 dotcomtoolbar.com
127.0.0.1 www.dotcomtoolbar.com
127.0.0.1 down.136136.net
127.0.0.1 download.abetterinternet.com
127.0.0.1 download.antispywarebot.com
127.0.0.1 www.download.antispywarebot.com
127.0.0.1 download.bardownload.com
127.0.0.1 www.download.bardownload.com
127.0.0.1 download.bravesentry.com
127.0.0.1 www.download.bravesentry.com
127.0.0.1 download.cdn.drivecleaner.com
127.0.0.1 download.cdn.errorsafe.com
127.0.0.1 download.cdn.winsoftware.com
127.0.0.1 download.errorsafe.com
127.0.0.1 download.jupitersatellites.biz
127.0.0.1 www.download.jupitersatellites.biz
127.0.0.1 download.searchtabs.net
127.0.0.1 download.secureyournet.biz
127.0.0.1 www.download.secureyournet.biz
127.0.0.1 download.spyonthis.net
127.0.0.1 download.spy-shredder.com
127.0.0.1 download.systemdoctor.com
127.0.0.1 download.winantispyware.com
127.0.0.1 download.winantivirus.com
127.0.0.1 download.windrivecleaner.com
127.0.0.1 download.winfixer.com
127.0.0.1 download10.spywarequake.com
127.0.0.1 download11.spywarequake.com
127.0.0.1 download12.spywarequake.com
127.0.0.1 download13.spywarequake.com
127.0.0.1 download15.spywarequake.com
127.0.0.1 download2.spywarequake.com
127.0.0.1 download-2007.com
127.0.0.1 www.download-2007.com
127.0.0.1 download3.spyaxe.com
127.0.0.1 download3.spywarequake.com
127.0.0.1 download4.spyaxe.com
127.0.0.1 download4.spywarequake.com
127.0.0.1 download5.spyaxe.com
127.0.0.1 download5.spywarequake.com
127.0.0.1 download6.spyaxe.com
127.0.0.1 download7.spywarequake.com
127.0.0.1 download8.spywarequake.com
127.0.0.1 download9.spywarequake.com
127.0.0.1 download-ad-aware.com
127.0.0.1 www.download-ad-aware.com
127.0.0.1 download-all-4-free.com
127.0.0.1 www.download-all-4-free.com
127.0.0.1 download-all-area.com
127.0.0.1 www.download-all-area.com
127.0.0.1 download-antivir.com
127.0.0.1 www.download-antivir.com
127.0.0.1 downloadanysong.com
127.0.0.1 www.downloadanysong.com
127.0.0.1 download-avast.com
127.0.0.1 www.download-avast.com
127.0.0.1 downloadcorporation.com
127.0.0.1 www.downloadcorporation.com
127.0.0.1 download-dvdshrink.com
127.0.0.1 www.download-dvdshrink.com
127.0.0.1 download-for-free.net
127.0.0.1 www.download-for-free.net
127.0.0.1 downloadfreesoft.com
127.0.0.1 www.downloadfreesoft.com
127.0.0.1 downloadfreeway.com
127.0.0.1 www.downloadfreeway.com
127.0.0.1 downloadimesh.com
127.0.0.1 www.downloadimesh.com
127.0.0.1 download-itunes-now.com
127.0.0.1 www.download-itunes-now.com
127.0.0.1 download-limewire.org
127.0.0.1 www.download-limewire.org
127.0.0.1 downloadlost.tv
127.0.0.1 www.downloadlost.tv
127.0.0.1 downloadmax.net
127.0.0.1 www.downloadmax.net
127.0.0.1 download-mcafee.com
127.0.0.1 www.download-mcafee.com
127.0.0.1 download-me.info
127.0.0.1 downloadmediaax.com
127.0.0.1 www.downloadmediaax.com
127.0.0.1 downloadpics.net
127.0.0.1 www.downloadpics.net
127.0.0.1 download-real-player.com
127.0.0.1 www.download-real-player.com
127.0.0.1 downloads.180solutions.com
127.0.0.1 downloads.adaware.cc
127.0.0.1 downloadservicearea.com
127.0.0.1 www.downloadservicearea.com
127.0.0.1 downloads-free.org
127.0.0.1 www.downloads-free.org
127.0.0.1 downloadsglobe.com
127.0.0.1 www.downloadsglobe.com
127.0.0.1 download-this.us
127.0.0.1 www.download-this.us
127.0.0.1 download-trillian.com
127.0.0.1 www.download-trillian.com
127.0.0.1 downloadv3.com
127.0.0.1 www.downloadv3.com
127.0.0.1 downloadvax.com
127.0.0.1 www.downloadvax.com
127.0.0.1 download-windvd.com
127.0.0.1 www.download-windvd.com
127.0.0.1 download-winrar.com
127.0.0.1 www.download-winrar.com
127.0.0.1 downloadwizard.com
127.0.0.1 downloadzcenter.com
127.0.0.1 downloadzcentral.com
127.0.0.1 downloadzfree.com
127.0.0.1 www.downloadzfree.com
127.0.0.1 downloadznow.net
127.0.0.1 download-zone-free.com
127.0.0.1 www.download-zone-free.com
127.0.0.1 download-zone-free.net
127.0.0.1 www.download-zone-free.net
127.0.0.1 dp-host.com
127.0.0.1 dr.mcboo.com
127.0.0.1 dr.webhancer.com
127.0.0.1 www.dr.webhancer.com
127.0.0.1 dr2.webhancer.com
127.0.0.1 www.dr2.webhancer.com
127.0.0.1 dr38.mcboo.com
127.0.0.1 dr47.mcboo.com
127.0.0.1 dragqueen.gay-clan.com
127.0.0.1 drepubblica.it
127.0.0.1 www.drepubblica.it
127.0.0.1 drivecleaner.com
127.0.0.1 www.drivecleaner.com
127.0.0.1 drivecleanr.com
127.0.0.1 www.drivecleanr.com
127.0.0.1 drocherway.com
127.0.0.1 dropspam.com
127.0.0.1 www.dropspam.com
127.0.0.1 drug-sources-exposed.com
127.0.0.1 drvvv.com
127.0.0.1 dsupereva.it
127.0.0.1 www.dsupereva.it
127.0.0.1 dtlproduct.com
127.0.0.1 www.dtlproduct.com
127.0.0.1 dudu.com
127.0.0.1 www.dudu.com
127.0.0.1 dulcineasystems.net
127.0.0.1 dumpserv.com
127.0.0.1 duolaimi.net
127.0.0.1 dutch-sex.com
127.0.0.1 dvdaccess.net
127.0.0.1 www.dvdaccess.net
127.0.0.1 dvdbank.org
127.0.0.1 dvdcodec.net
127.0.0.1 www.dvdcodec.net
127.0.0.1 dvdsmovies.net
127.0.0.1 www.dvdsmovies.net
127.0.0.1 dvdsvideos.net
127.0.0.1 www.dvdsvideos.net
127.0.0.1 dvdtocdsite.com
127.0.0.1 www.dvdtocdsite.com
127.0.0.1 dynamique.drivecleaner.com
127.0.0.1 e3bay.it
127.0.0.1 www.e3bay.it
127.0.0.1 e4bay.it
127.0.0.1 www.e4bay.it
127.0.0.1 eager-sex.com
127.0.0.1 earthllnk.net
127.0.0.1 www.earthllnk.net
127.0.0.1 eases.net
127.0.0.1 easyantispy.com
127.0.0.1 easybestdeals.com
127.0.0.1 www.easybestdeals.com
127.0.0.1 easycategories.com
127.0.0.1 easymp3musicnow.com
127.0.0.1 www.easymp3musicnow.com
127.0.0.1 easy-pharmacy.info
127.0.0.1 www.easy-pharmacy.info
127.0.0.1 easy-search.net
127.0.0.1 easysearch4you.com
127.0.0.1 www.easysearch4you.com
127.0.0.1 easysearchingtips.com
127.0.0.1 easyspyware.com
127.0.0.1 www.easyspyware.com
127.0.0.1 easywww.info
127.0.0.1 www.easywww.info
127.0.0.1 eba6y.it
127.0.0.1 www.eba6y.it
127.0.0.1 eba7y.it
127.0.0.1 www.eba7y.it
127.0.0.1 ebaay.it
127.0.0.1 www.ebaay.it
127.0.0.1 ebagy.it
127.0.0.1 www.ebagy.it
127.0.0.1 ebahy.it
127.0.0.1 www.ebahy.it
127.0.0.1 ebajy.it
127.0.0.1 www.ebajy.it
127.0.0.1 ebaqy.it
127.0.0.1 www.ebaqy.it
127.0.0.1 ebasy.it
127.0.0.1 www.ebasy.it
127.0.0.1 ebaty.it
127.0.0.1 www.ebaty.it
127.0.0.1 ebauy.it
127.0.0.1 www.ebauy.it
127.0.0.1 ebav.com
127.0.0.1 ebaw.com
127.0.0.1 ebawy.it
127.0.0.1 www.ebawy.it
127.0.0.1 ebaxy.it
127.0.0.1 www.ebaxy.it
127.0.0.1 ebay6.it
127.0.0.1 www.ebay6.it
127.0.0.1 ebay7.it
127.0.0.1 www.ebay7.it
127.0.0.1 ebayg.it
127.0.0.1 www.ebayg.it
127.0.0.1 ebayh.it
127.0.0.1 www.ebayh.it
127.0.0.1 ebayj.it
127.0.0.1 www.ebayj.it
127.0.0.1 ebayt.it
127.0.0.1 www.ebayt.it
127.0.0.1 ebayu.it
127.0.0.1 www.ebayu.it
127.0.0.1 ebazy.it
127.0.0.1 www.ebazy.it
127.0.0.1 ebch.com
127.0.0.1 ebdv.com
127.0.0.1 ebdw.com
127.0.0.1 ebestfind.org
127.0.0.1 www.ebestfind.org
127.0.0.1 ebgay.it
127.0.0.1 www.ebgay.it
127.0.0.1 ebgo.com
127.0.0.1 ebhay.it
127.0.0.1 www.ebhay.it
127.0.0.1 ebjp.com
127.0.0.1 ebkb.com
127.0.0.1 ebkn.com
127.0.0.1 ebky.com
127.0.0.1 eblv.com
127.0.0.1 ebmu.com
127.0.0.1 ebnay.it
127.0.0.1 www.ebnay.it
127.0.0.1 ebony-pornmag.com
127.0.0.1 www.ebony-pornmag.com
127.0.0.1 ebonypornmag.com
127.0.0.1 www.ebonypornmag.com
127.0.0.1 ebqay.it
127.0.0.1 www.ebqay.it
127.0.0.1 ebsay.it
127.0.0.1 www.ebsay.it
127.0.0.1 ebsy.it
127.0.0.1 www.ebsy.it
127.0.0.1 ebvay.it
127.0.0.1 www.ebvay.it
127.0.0.1 ebvr.com
127.0.0.1 ebway.it
127.0.0.1 www.ebway.it
127.0.0.1 ebxay.it
127.0.0.1 www.ebxay.it
127.0.0.1 ebzay.it
127.0.0.1 www.ebzay.it
127.0.0.1 ecmh.com
127.0.0.1 ecmp.com
127.0.0.1 ecosrioplatenses.org
127.0.0.1 ecpm.com
127.0.0.1 ecstasyporn.net
127.0.0.1 ecwz.com
127.0.0.1 ecyb.com
127.0.0.1 edbay.it
127.0.0.1 www.edbay.it
127.0.0.1 edhq.com
127.0.0.1 edietprogram.com
127.0.0.1 www.edietprogram.com
127.0.0.1 edty.com
127.0.0.1 eduy.com
127.0.0.1 eebay.it
127.0.0.1 www.eebay.it
127.0.0.1 eeev.com
127.0.0.1 eepubblica.it
127.0.0.1 www.eepubblica.it
127.0.0.1 efbay.it
127.0.0.1 www.efbay.it
127.0.0.1 egbay.it
127.0.0.1 www.egbay.it
127.0.0.1 ehbay.it
127.0.0.1 www.ehbay.it
127.0.0.1 eikokoike.com
127.0.0.1 elitecodec.com
127.0.0.1 www.elitecodec.com
127.0.0.1 elitemediagroup.net
127.0.0.1 www.elitemediagroup.net
127.0.0.1 e-localad.com
127.0.0.1 emailicon.org
127.0.0.1 www.emailicon.org
127.0.0.1 emch.com
127.0.0.1 emcodec.com
127.0.0.1 www.emcodec.com
127.0.0.1 emediacodec.com
127.0.0.1 www.emediacodec.com
127.0.0.1 emjcd.com
127.0.0.1 www.emjcd.com
127.0.0.1 emule.mp3-muzic.com
127.0.0.1 www.emule.mp3-muzic.com
127.0.0.1 emuledownloadhome.com
127.0.0.1 www.emuledownloadhome.com
127.0.0.1 emule-freebie.com
127.0.0.1 www.emule-freebie.com
127.0.0.1 enay.it
127.0.0.1 www.enay.it
127.0.0.1 enbay.it
127.0.0.1 www.enbay.it
127.0.0.1 energy-factor.com
127.0.0.1 www.energy-factor.com
127.0.0.1 engineplay.com
127.0.0.1 www.engineplay.com
127.0.0.1 engine-ticket.com
127.0.0.1 www.engine-ticket.com
127.0.0.1 enhance.com
127.0.0.1 www.enhance.com
127.0.0.1 enhancevideos.com
127.0.0.1 www.enhancevideos.com
127.0.0.1 enitinvest.net
127.0.0.1 enjoywebsurf.com
127.0.0.1 entertainsite.net
127.0.0.1 www.entertainsite.net
127.0.0.1 enterthesearch.com
127.0.0.1 www.enterthesearch.com
127.0.0.1 e-plus.cc
127.0.0.1 epornsex.com
127.0.0.1 eprotectionline.com
127.0.0.1 www.eprotectionline.com
127.0.0.1 eprotectpage.com
127.0.0.1 www.eprotectpage.com
127.0.0.1 erbay.it
127.0.0.1 www.erbay.it
127.0.0.1 erepubblica.it
127.0.0.1 www.erepubblica.it
127.0.0.1 ergosites.com
127.0.0.1 erossoalice.it
127.0.0.1 www.erossoalice.it
127.0.0.1 errari.it
127.0.0.1 www.errari.it
127.0.0.1 error404site.com
127.0.0.1 www.error404site.com
127.0.0.1 error404site.net
127.0.0.1 www.error404site.net
127.0.0.1 errorkiller.com
127.0.0.1 www.errorkiller.com
127.0.0.1 errorprotector.com
127.0.0.1 www.errorprotector.com
127.0.0.1 errorsafe.com
127.0.0.1 www.errorsafe.com
127.0.0.1 errorsdns.com
127.0.0.1 www.errorsdns.com
127.0.0.1 ert0003.e76.163ns.com
127.0.0.1 ertikadeswiokinganfujas.com
127.0.0.1 www.ertikadeswiokinganfujas.com
127.0.0.1 es.winantivirus.com
127.0.0.1 es0-www.5zgmu7o20kt5d8yq.com
127.0.0.1 es1-www.5zgmu7o20kt5d8yq.com
127.0.0.1 es2-www.5zgmu7o20kt5d8yq.com
127.0.0.1 es3-www.5zgmu7o20kt5d8yq.com
127.0.0.1 es4-www.5zgmu7o20kt5d8yq.com
127.0.0.1 es5-www.5zgmu7o20kt5d8yq.com
127.0.0.1 es6-www.5zgmu7o20kt5d8yq.com
127.0.0.1 es7-www.5zgmu7o20kt5d8yq.com
127.0.0.1 es8-www.5zgmu7o20kt5d8yq.com
127.0.0.1 es9-www.5zgmu7o20kt5d8yq.com
127.0.0.1 esafetylist.com
127.0.0.1 www.esafetylist.com
127.0.0.1 esafetypage.com
127.0.0.1 www.esafetypage.com
127.0.0.1 esbay.it
127.0.0.1 www.esbay.it
127.0.0.1 esearch2005.com
127.0.0.1 www.esearch2005.com
127.0.0.1 esecuritynote.com
127.0.0.1 www.esecuritynote.com
127.0.0.1 esecuritypage.com
127.0.0.1 www.esecuritypage.com
127.0.0.1 esupereva.it
127.0.0.1 www.esupereva.it
127.0.0.1 etomi.all-downloads-now.com
127.0.0.1 www.etomi.all-downloads-now.com
127.0.0.1 eupdatepage.com
127.0.0.1 www.eupdatepage.com
127.0.0.1 euuu.com
127.0.0.1 evbay.it
127.0.0.1 www.evbay.it
127.0.0.1 evidence-detector.biz
127.0.0.1 evilspidercomics.com
127.0.0.1 evko.biz
127.0.0.1 www.evko.biz
127.0.0.1 ewbay.it
127.0.0.1 www.ewbay.it
127.0.0.1 ewebsearch.net
127.0.0.1 e-websitesolutions.com
127.0.0.1 ewizard.cc
127.0.0.1 exaccess.ru
127.0.0.1 www.exaccess.ru
127.0.0.1 excellentsckin.com
127.0.0.1 exeupdate.com
127.0.0.1 www.exeupdate.com
127.0.0.1 exflow.org
127.0.0.1 www.exflow.org
127.0.0.1 exit.megago.com
127.0.0.1 expandvideo.com
127.0.0.1 www.expandvideo.com
127.0.0.1 exportplay.com
127.0.0.1 www.exportplay.com
127.0.0.1 extremepaidsurveys.com
127.0.0.1 www.extremepaidsurveys.com
127.0.0.1 extremeseek.net
127.0.0.1 eza1netsearch.com
127.0.0.1 www.eza1netsearch.com
127.0.0.1 ezcybersearch.com
127.0.0.1 www.ezcybersearch.com
127.0.0.1 ez-searching.com
127.0.0.1 ezwebsearching.com
127.0.0.1 www.ezwebsearching.com
127.0.0.1 f1.bestmanage.org
127.0.0.1 f1.truth-is-out-there.org
127.0.0.1 f1organizer.com
127.0.0.1 www.f1organizer.com
127.0.0.1 f2.bestmanage.org
127.0.0.1 f2.truth-is-out-there.org
127.0.0.1 f3.bestmanage.org
127.0.0.1 f3.truth-is-out-there.org
127.0.0.1 f4.bestmanage.org
127.0.0.1 f4.truth-is-out-there.org
127.0.0.1 f5.bestmanage.org
127.0.0.1 f5.truth-is-out-there.org
127.0.0.1 f6.bestmanage.org
127.0.0.1 f7.bestmanage.org
127.0.0.1 f7.truth-is-out-there.org
127.0.0.1 f8.bestmanage.org
127.0.0.1 f8.truth-is-out-there.org
127.0.0.1 f9.bestmanage.org
127.0.0.1 f9.truth-is-out-there.org
127.0.0.1 fairsearcher.com
127.0.0.1 www.fairsearcher.com
127.0.0.1 faithstevens.com
127.0.0.1 fantasiewelten.com
127.0.0.1 farmacept32.phpnet.us
127.0.0.1 farmsteadbandb.com
127.0.0.1 farse.com
127.0.0.1 fartpost.com
127.0.0.1 fastfreedownload.com
127.0.0.1 fastmetasearch.com
127.0.0.1 www.fastmetasearch.com
127.0.0.1 fastssearch.com
127.0.0.1 www.fastssearch.com
127.0.0.1 fastwebfinder.com
127.0.0.1 faxporn.com
127.0.0.1 fazzetta.it
127.0.0.1 www.fazzetta.it
127.0.0.1 fcorriere.it
127.0.0.1 www.fcorriere.it
127.0.0.1 featured-results.com
127.0.0.1 febay.it
127.0.0.1 www.febay.it
127.0.0.1 feed.dedsearch.com
127.0.0.1 feeds.2search.com
127.0.0.1 www.feeds.2search.com
127.0.0.1 feeds2.2search.org
127.0.0.1 www.feeds2.2search.org
127.0.0.1 ferraeri.it
127.0.0.1 www.ferraeri.it
127.0.0.1 ferrai.it
127.0.0.1 www.ferrai.it
127.0.0.1 ferrarei.it
127.0.0.1 www.ferrarei.it
127.0.0.1 ferrarti.it
127.0.0.1 www.ferrarti.it
127.0.0.1 ferrasri.it
127.0.0.1 www.ferrasri.it
127.0.0.1 ferratri.it
127.0.0.1 www.ferratri.it
127.0.0.1 ferreari.it
127.0.0.1 www.ferreari.it
127.0.0.1 ferrri.it
127.0.0.1 www.ferrri.it
127.0.0.1 ferrsari.it
127.0.0.1 www.ferrsari.it
127.0.0.1 ferrtari.it
127.0.0.1 www.ferrtari.it
127.0.0.1 fetrrari.it
127.0.0.1 www.fetrrari.it
127.0.0.1 fgazzetta.it
127.0.0.1 www.fgazzetta.it
127.0.0.1 fgoogle.it
127.0.0.1 www.fgoogle.it
127.0.0.1 fhg.panet.org
127.0.0.1 fhgate.com
127.0.0.1 www.fhgate.com
127.0.0.1 fickenisgeil.de
127.0.0.1 file.unionsms.net
127.0.0.1 filestore.com
127.0.0.1 www.filestore.com
127.0.0.1 filetretporn.com
127.0.0.1 www.filetretporn.com
127.0.0.1 Filtrodetrojan.com
127.0.0.1 www.Filtrodetrojan.com
127.0.0.1 finalfantasyactionfigures.com
127.0.0.1 www.finalfantasyactionfigures.com
127.0.0.1 finance-loans.com
127.0.0.1 find4u.net
127.0.0.1 find-52.com
127.0.0.1 www.find-52.com
127.0.0.1 findanyshow.org
127.0.0.1 www.findanyshow.org
127.0.0.1 find-find-777.net
127.0.0.1 www.find-find-777.net
127.0.0.1 find-itnow.com
127.0.0.1 findit-now.com
127.0.0.1 findloss.com
127.0.0.1 findthesite.com
127.0.0.1 findthewebsiteyouneed.com
127.0.0.1 www.findthewebsiteyouneed.com
127.0.0.1 find-uk-health.co.uk
127.0.0.1 findwapsite.org
127.0.0.1 www.findwapsite.org
127.0.0.1 findwhatevernow.com
127.0.0.1 www.findwhatevernow.com
127.0.0.1 fined.biz
127.0.0.1 fine-search.net
127.0.0.1 fionasteel.com
127.0.0.1 firefoxdownload-now.com
127.0.0.1 www.firefoxdownload-now.com
127.0.0.1 firehunt.com
127.0.0.1 www.firehunt.com
127.0.0.1 firgilio.it
127.0.0.1 www.firgilio.it
127.0.0.1 firstbookmark.net
127.0.0.1 firstgoodsearch.com
127.0.0.1 www.firstgoodsearch.com
127.0.0.1 fitness-free.com
127.0.0.1 fixerantispy.com
127.0.0.1 www.fixerantispy.com
127.0.0.1 fjsynebcod.com
127.0.0.1 www.fjsynebcod.com
127.0.0.1 flashdollars.com
127.0.0.1 www.flashdollars.com
127.0.0.1 flashflashmx.3322.org
127.0.0.1 floorsovertexas.com
127.0.0.1 www.floorsovertexas.com
127.0.0.1 floproject.com
127.0.0.1 www.floproject.com
127.0.0.1 flrxtools.greatnuke.com
127.0.0.1 flrx-tools.net
127.0.0.1 www.flrx-tools.net
127.0.0.1 fn777.greatbahamas.com
127.0.0.1 www.fn777.greatbahamas.com
127.0.0.1 foodvacations.net
127.0.0.1 forex.jps.ru
127.0.0.1 forexcredit.com
127.0.0.1 forexcredit.ru
127.0.0.1 formingfusions.com
127.0.0.1 forsythfire.net
127.0.0.1 forthline.com
127.0.0.1 foxmin.com
127.0.0.1 www.foxmin.com
127.0.0.1 fp.gad-network.com
127.0.0.1 fr.drivecleaner.com
127.0.0.1 www.fr.drivecleaner.com
127.0.0.1 fr.winantivirus.com
127.0.0.1 fr.winfixer.com
127.0.0.1 frame.crazywinnings.com
127.0.0.1 free4porno.net
127.0.0.1 free64all.com
127.0.0.1 free-adobe-download-support.com
127.0.0.1 www.free-adobe-download-support.com
127.0.0.1 free-avg.org
127.0.0.1 www.free-avg.org
127.0.0.1 free-avg-download.com
127.0.0.1 www.free-avg-download.com
127.0.0.1 free-bearshares.com
127.0.0.1 www.free-bearshares.com
127.0.0.1 freebookmark.net
127.0.0.1 freebookmarks.net
127.0.0.1 freecat.biz
127.0.0.1 www.freecat.biz
127.0.0.1 freecategories.com
127.0.0.1 free-chipes.com
127.0.0.1 freecj.com
127.0.0.1 freecoolhost.com
127.0.0.1 freedownloadhq.com
127.0.0.1 www.freedownloadhq.com
127.0.0.1 freedownloadpage.com
127.0.0.1 www.freedownloadpage.com
127.0.0.1 free-download-place.com
127.0.0.1 www.free-download-place.com
127.0.0.1 free-download-support.com
127.0.0.1 www.free-download-support.com
127.0.0.1 freedownloadzone.com
127.0.0.1 www.freedownloadzone.com
127.0.0.1 free-hit.com
127.0.0.1 freehqmovies.com
127.0.0.1 freeimageheaven.com
127.0.0.1 www.freeimageheaven.com
127.0.0.1 freemp3access.com
127.0.0.1 www.freemp3access.com
127.0.0.1 free-music-network.com
127.0.0.1 www.free-music-network.com
127.0.0.1 free-pics-and-movies.com
127.0.0.1 free-popup-killer.com
127.0.0.1 www.free-popup-killer.com
127.0.0.1 free-porn-movies.info
127.0.0.1 www.free-porn-movies.info
127.0.0.1 free-program-download.com
127.0.0.1 www.free-program-download.com
127.0.0.1 freerbhost.com
127.0.0.1 freescratchandwin.com
127.0.0.1 free-sex-movie-clips.net
127.0.0.1 freeshemalepics.net
127.0.0.1 free-software-center.com
127.0.0.1 www.free-software-center.com
127.0.0.1 free-spybot.com
127.0.0.1 www.free-spybot.com
127.0.0.1 freeunlimitedskype.com
127.0.0.1 www.freeunlimitedskype.com
127.0.0.1 freeyaho.com
127.0.0.1 fregat.drocherway.com
127.0.0.1 frepubblica.it
127.0.0.1 www.frepubblica.it
127.0.0.1 freshseek.com
127.0.0.1 freshteensite.com
127.0.0.1 fric.cn
127.0.0.1 frrari.it
127.0.0.1 www.frrari.it
127.0.0.1 frrrari.it
127.0.0.1 www.frrrari.it
127.0.0.1 ftiscali.it
127.0.0.1 www.ftiscali.it
127.0.0.1 ftrenitalia.it
127.0.0.1 www.ftrenitalia.it
127.0.0.1 ftuttogratis.it
127.0.0.1 www.ftuttogratis.it
127.0.0.1 full-search.net
127.0.0.1 fullsoftwaredownloadz.com
127.0.0.1 www.fullsoftwaredownloadz.com
127.0.0.1 full-tgp.net
127.0.0.1 funcodec.com
127.0.0.1 www.funcodec.com
127.0.0.1 funny-girls.com
127.0.0.1 funnysuperxxx.com
127.0.0.1 www.funnysuperxxx.com
127.0.0.1 fun-photo.com
127.0.0.1 www.fun-photo.com
127.0.0.1 fvirgilio.it
127.0.0.1 www.fvirgilio.it
127.0.0.1 fwrrari.it
127.0.0.1 www.fwrrari.it
127.0.0.1 g0oogle.it
127.0.0.1 www.g0oogle.it
127.0.0.1 g9oogle.it
127.0.0.1 www.g9oogle.it
127.0.0.1 ga31.com
127.0.0.1 gaazzetta.it
127.0.0.1 www.gaazzetta.it
127.0.0.1 gabrielscott.com
127.0.0.1 gad-network.com
127.0.0.1 www.gad-network.com
127.0.0.1 galleryclick.net
127.0.0.1 www.galleryclick.net
127.0.0.1 gallerypictures.net
127.0.0.1 www.gallerypictures.net
127.0.0.1 galpostgirls.com
127.0.0.1 gals-for-free.com
127.0.0.1 gambling-online4you.com
127.0.0.1 game4all.biz
127.0.0.1 www.game4all.biz
127.0.0.1 games.de.ag
127.0.0.1 www.games.de.ag
127.0.0.1 games.uzoogle.com
127.0.0.1 games-desktop.com
127.0.0.1 www.games-desktop.com
127.0.0.1 gameterror.net
127.0.0.1 gaqzzetta.it
127.0.0.1 www.gaqzzetta.it
127.0.0.1 gaszzetta.it
127.0.0.1 www.gaszzetta.it
127.0.0.1 gaxzetta.it
127.0.0.1 www.gaxzetta.it
127.0.0.1 gaxzzetta.it
127.0.0.1 www.gaxzzetta.it
127.0.0.1 gay50.com
127.0.0.1 gay-clan.com
127.0.0.1 gayspornmag.com
127.0.0.1 www.gayspornmag.com
127.0.0.1 gaystogay.com
127.0.0.1 www.gaystogay.com
127.0.0.1 gazxetta.it
127.0.0.1 www.gazxetta.it
127.0.0.1 gazxzetta.it
127.0.0.1 www.gazxzetta.it
127.0.0.1 gazzaetta.it
127.0.0.1 www.gazzaetta.it
127.0.0.1 gazzdetta.it
127.0.0.1 www.gazzdetta.it
127.0.0.1 gazzedtta.it
127.0.0.1 www.gazzedtta.it
127.0.0.1 gazzeetta.it
127.0.0.1 www.gazzeetta.it
127.0.0.1 gazzeftta.it
127.0.0.1 www.gazzeftta.it
127.0.0.1 gazzegtta.it
127.0.0.1 www.gazzegtta.it
127.0.0.1 gazzehtta.it
127.0.0.1 www.gazzehtta.it
127.0.0.1 gazzerta.it
127.0.0.1 www.gazzerta.it
127.0.0.1 gazzertta.it
127.0.0.1 www.gazzertta.it
127.0.0.1 gazzestta.it
127.0.0.1 www.gazzestta.it
127.0.0.1 gazzetra.it
127.0.0.1 www.gazzetra.it
127.0.0.1 gazzett.it
127.0.0.1 www.gazzett.it
127.0.0.1 gazzettaa.it
127.0.0.1 www.gazzettaa.it
127.0.0.1 gazzettaq.it
127.0.0.1 www.gazzettaq.it
127.0.0.1 gazzettas.it
127.0.0.1 www.gazzettas.it
127.0.0.1 gazzettaz.it
127.0.0.1 www.gazzettaz.it
127.0.0.1 gazzettfa.it
127.0.0.1 www.gazzettfa.it
127.0.0.1 gazzettga.it
127.0.0.1 www.gazzettga.it
127.0.0.1 gazzettha.it
127.0.0.1 www.gazzettha.it
127.0.0.1 gazzettqa.it
127.0.0.1 www.gazzettqa.it
127.0.0.1 gazzettra.it
127.0.0.1 www.gazzettra.it
127.0.0.1 gazzetts.it
127.0.0.1 www.gazzetts.it
127.0.0.1 gazzettsa.it
127.0.0.1 www.gazzettsa.it
127.0.0.1 gazzettya.it
127.0.0.1 www.gazzettya.it
127.0.0.1 gazzettza.it
127.0.0.1 www.gazzettza.it
127.0.0.1 gazzetya.it
127.0.0.1 www.gazzetya.it
127.0.0.1 gazzetyta.it
127.0.0.1 www.gazzetyta.it
127.0.0.1 gazzeyta.it
127.0.0.1 www.gazzeyta.it
127.0.0.1 gazzeytta.it
127.0.0.1 www.gazzeytta.it
127.0.0.1 gazzfetta.it
127.0.0.1 www.gazzfetta.it
127.0.0.1 gazzretta.it
127.0.0.1 www.gazzretta.it
127.0.0.1 gazzrtta.it
127.0.0.1 www.gazzrtta.it
127.0.0.1 gazzsetta.it
127.0.0.1 www.gazzsetta.it
127.0.0.1 gazztta.it
127.0.0.1 www.gazztta.it
127.0.0.1 gazzwetta.it
127.0.0.1 www.gazzwetta.it
127.0.0.1 gazzwtta.it
127.0.0.1 www.gazzwtta.it
127.0.0.1 gazzxetta.it
127.0.0.1 www.gazzxetta.it
127.0.0.1 gbazzetta.it
127.0.0.1 www.gbazzetta.it
127.0.0.1 gboogle.it
127.0.0.1 www.gboogle.it
127.0.0.1 geil-de.info
127.0.0.1 www.geil-de.info
127.0.0.1 generalsmeltingofcanada.com
127.0.0.1 generateskey.com
127.0.0.1 www.generateskey.com
127.0.0.1 germany.rub.to
127.0.0.1 gerrari.it
127.0.0.1 www.gerrari.it
127.0.0.1 get.adwarebazooka.com
127.0.0.1 get.hitvirus.com
127.0.0.1 www.get-access.host.sk
127.0.0.1 getanysoftware.com
127.0.0.1 www.getanysoftware.com
127.0.0.1 getbestloanrate.info
127.0.0.1 www.getbestloanrate.info
127.0.0.1 getdvdshrink2007.com
127.0.0.1 www.getdvdshrink2007.com
127.0.0.1 geteens.com
127.0.0.1 getfound.com
127.0.0.1 www.getfound.com
127.0.0.1 getimageactivex.com
127.0.0.1 www.getimageactivex.com
127.0.0.1 get-ipod-music.com
127.0.0.1 www.get-ipod-music.com
127.0.0.1 getmirar.com
127.0.0.1 get-mp3-onlined.com
127.0.0.1 www.get-mp3-onlined.com
127.0.0.1 getpatytoday.info
127.0.0.1 www.getpatytoday.info
127.0.0.1 getphotosets.com
127.0.0.1 www.getphotosets.com
127.0.0.1 getpicshere.com
127.0.0.1 getpornmag.com
127.0.0.1 www.getpornmag.com
127.0.0.1 get-realplayer.com
127.0.0.1 www.get-realplayer.com
127.0.0.1 get-spybot.com
127.0.0.1 www.get-spybot.com
127.0.0.1 getvaxobject.com
127.0.0.1 www.getvaxobject.com
127.0.0.1 getvideosource.com
127.0.0.1 www.getvideosource.com
127.0.0.1 get-winrar.com
127.0.0.1 www.get-winrar.com
127.0.0.1 gfazzetta.it
127.0.0.1 www.gfazzetta.it
127.0.0.1 gfoogle.it
127.0.0.1 www.gfoogle.it
127.0.0.1 gfxgraphics.net
127.0.0.1 www.gfxgraphics.net
127.0.0.1 ggazzetta.it
127.0.0.1 www.ggazzetta.it
127.0.0.1 ghazzetta.it
127.0.0.1 www.ghazzetta.it
127.0.0.1 ghoogle.it
127.0.0.1 www.ghoogle.it
127.0.0.1 giangho.biz
127.0.0.1 www.giangho.biz
127.0.0.1 gigaz.info
127.0.0.1 www.gigaz.info
127.0.0.1 gimmezamore.com
127.0.0.1 gimnasiaer.com
127.0.0.1 giogle.it
127.0.0.1 www.giogle.it
127.0.0.1 gioogle.it
127.0.0.1 www.gioogle.it
127.0.0.1 girgilio.it
127.0.0.1 www.girgilio.it
127.0.0.1 girls4rent.net
127.0.0.1 girls-porn-life.com
127.0.0.1 giscali.it
127.0.0.1 www.giscali.it
127.0.0.1 givecnt.info
127.0.0.1 www.givecnt.info
127.0.0.1 gkoogle.it
127.0.0.1 www.gkoogle.it
127.0.0.1 gl.secdep.info
127.0.0.1 www.gl.secdep.info
127.0.0.1 glbdf.org
127.0.0.1 globalefinder.com
127.0.0.1 www.globalefinder.com
127.0.0.1 global-finder.com
127.0.0.1 globalwebsearch.com
127.0.0.1 globe-finder.cc
127.0.0.1 globe-finder.com
127.0.0.1 globesearch.com
127.0.0.1 www.globesearch.com
127.0.0.1 glogle.it
127.0.0.1 www.glogle.it
127.0.0.1 go.drivecleaner.com
127.0.0.1 go.errorsafe.com
127.0.0.1 go.systemdoctor.com
127.0.0.1 go.winantispyware.com
127.0.0.1 go.winantivirus.com
127.0.0.1 go0ogle.it
127.0.0.1 www.go0ogle.it
127.0.0.1 go2realsearch.com
127.0.0.1 www.go2realsearch.com
127.0.0.1 go2-search.com
127.0.0.1 go9ogle.it
127.0.0.1 www.go9ogle.it
127.0.0.1 goclick.com
127.0.0.1 www.goclick.com
127.0.0.1 gocodec.com
127.0.0.1 www.gocodec.com
127.0.0.1 gocybersearch.com
127.0.0.1 www.gocybersearch.com
127.0.0.1
Contenus similaires
18 Octobre 2007 20:01:39

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:52:32, on 18/10/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Safe mode

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
C:\Program Files\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\WANADOO\SEARCH~1.DLL (file missing)
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: MSVPS System - {480598DD-AE28-48B7-82F7-6ADDA1AA6B66} - C:\WINDOWS\ntspknlg.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {6136C646-9AE1-365B-8AE9-068A02B746F2} - C:\Program Files\ctzpmwmc\lwccmpmz.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: ASUS Security Protect Manager - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - c:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\ItIEAddIn.dll
O3 - Toolbar: The optnet - {B02534D7-8D91-49BE-A864-97DFB8E0BAB4} - C:\WINDOWS\optnet.dll (file missing)
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [HControl] C:\WINDOWS\ATK0100\HControl.exe
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
O4 - HKLM\..\Run: [PowerForPhone] C:\Program Files\ASUS\PowerForPhone\PowerForPhone.exe
O4 - HKLM\..\Run: [ASUS Live Update] C:\Program Files\ASUS\ASUS Live Update\ALU.exe
O4 - HKLM\..\Run: [CognizanceTS] rundll32.exe c:\PROGRA~1\ASUSSE~1\ASUSSE~1\Bin\ASTSVCC.dll,RegisterModule
O4 - HKLM\..\Run: [ACMON] C:\Program Files\ASUS\Splendid\ACMON.exe
O4 - HKLM\..\Run: [Wireless Console 2] C:\Program Files\Wireless Console 2\wcourier.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMEDIA.EXE
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ABLKSR] C:\WINDOWS\ABLKSR\ABLKSR.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\ASUSTeK\ASUSDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Power_Gear] C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe 1
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [FTWATCH] C:\PROGRA~1\LALIGN~1\watch.exe
O4 - HKLM\..\Run: [FTTASKBARICON] C:\PROGRA~1\LALIGN~1\taskbaricon.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [hcxqhono] regsvr32 /u "C:\Documents and Settings\All Users\Application Data\hcxqhono.dll"
O4 - HKLM\..\Run: [TrojanScanner] C:\Program Files\Trojan Remover\Trjscan.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [Net4Switch] C:\Program Files\ASUS\Net4Switch\Net4Switch.exe
O4 - HKCU\..\Run: [updateMgr] c:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: MultiFrame.lnk = ?
O4 - Global Startup: Bluetooth Manager.lnk = ?
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Absolute Poker - {13C1DBF6-7535-495c-91F6-8C13714ED485} - C:\Documents and Settings\Moi\Menu Démarrer\Programmes\Absolute Poker\Absolute Poker.lnk
O9 - Extra 'Tools' menuitem: Absolute Poker - {13C1DBF6-7535-495c-91F6-8C13714ED485} - C:\Documents and Settings\Moi\Menu Démarrer\Programmes\Absolute Poker\Absolute Poker.lnk
O9 - Extra button: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Poker\Titan Poker\casino.exe
O9 - Extra 'Tools' menuitem: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Poker\Titan Poker\casino.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: CDPoker - {A68FC757-51CF-4f3c-B13A-BFB8CA69BB99} - C:\Poker\CDPoker\casino.exe
O9 - Extra 'Tools' menuitem: CDPoker - {A68FC757-51CF-4f3c-B13A-BFB8CA69BB99} - C:\Poker\CDPoker\casino.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.asus.com
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.mail.live.com/mail/w1/resources/MSNPUpld.ca...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Contro...
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst....
O20 - AppInit_DLLs: APSHook.dll
O20 - Winlogon Notify: OneCard - c:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\ASWLNPkg.dll
O21 - SSODL: hostctrl - {8E812AC0-22B5-4A31-B5A7-733F82CDF160} - C:\WINDOWS\hostctrl.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe

--
End of file - 10214 bytes
18 Octobre 2007 20:10:51

Re,

Télécharge R-Hosts

Lance R-host en double cliquant sur l'exe, puis clique sur restaurer , puis ok.



Télécharge SDFix

Enregistre le sur ton le bureau.

Lances le.
Fais install afin qu'il puisse s'extraire.

Redémarre en mode sans échec
/!\ Ne jamais démarrer en mode sans échec via MSCONFIG /!\

Lance SDFix.
Double clique sur RunThis.bat.
Appuie sur Y pour le lancer.

Il te sera demandé d'appuyer sur une touche pour redemarrer , fais le
Il est probable que le redémarrage soit un peu plus long que d'habitude.
Une fois l'apparition de ton Bureau, il affichera Finished

Appuie sur une touche.

Un rapport est généré , poste le dans ta réponse.
Il se trouve également. dans le dossier SDFix >Report.txt<
18 Octobre 2007 20:48:37


SDFix: Version 1.109

Run by Moi on 18/10/2007 at 20:41

Microsoft Windows XP [version 5.1.2600]

Running From: C:\DOCUME~1\Moi\Bureau\SDfix\SDFix

Safe Mode:
Checking Services:


Restoring Windows Registry Values
Restoring Windows Default Hosts File
Restoring Default HomePage Value
Restoring Default Desktop Components Value

Rebooting...


Normal Mode:
Checking Files:

Trojan Files Found:

C:\WINDOWS\hostctrl.dll - Deleted
C:\WINDOWS\nmcuninstall.exe - Deleted
C:\WINDOWS\ntspknlg.dll - Deleted



Removing Temp Files...

ADS Check:

C:\WINDOWS
No streams found.

C:\WINDOWS\system32
No streams found.

C:\WINDOWS\system32\svchost.exe
No streams found.

C:\WINDOWS\system32\ntoskrnl.exe
No streams found.



Final Check:

Remaining Services:
------------------



Authorized Application Key Export:

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\\Program Files\\MSN Messenger\\msncall.exe"="C:\\Program Files\\MSN Messenger\\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)"
"D:\\Programmes files\\EA GAMES\\La Bataille pour la Terre du Milieu(tm)\\game.dat"="D:\\Programmes files\\EA GAMES\\La Bataille pour la Terre du Milieu(tm)\\game.dat:*:Enabled:La Bataille pour la Terre du Milieu(tm)"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"D:\\Programmes files\\EA GAMES\\MOHDA\\moh_spearhead.exe"="D:\\Programmes files\\EA GAMES\\MOHDA\\moh_spearhead.exe:*:Enabled:Medal of Honor Allied Assault(tm) Spearhead"
"D:\\Programmes files\\EA GAMES\\MOHDA\\fpupdate.exe"="D:\\Programmes files\\EA GAMES\\MOHDA\\fpupdate.exe:*:Enabled:fpupdate"
"D:\\Programmes files\\EA GAMES\\MOHDA\\MOHAA.exe"="D:\\Programmes files\\EA GAMES\\MOHDA\\MOHAA.exe:*:Enabled:Medal of Honor Allied Assault(tm)"
"D:\\Programmes files\\Ubisoft\\Splinter Cell Pandora Tomorrow\\Pandora.exe"="D:\\Programmes files\\Ubisoft\\Splinter Cell Pandora Tomorrow\\Pandora.exe:*:Enabled:p andora"
"D:\\Programmes files\\EA GAMES\\Battlefield 2\\bf2_w32ded.exe"="D:\\Programmes files\\EA GAMES\\Battlefield 2\\bf2_w32ded.exe:*:Enabled:bf2_w32ded"
"D:\\Programmes files\\Warcraft III\\Warcraft III.exe"="D:\\Programmes files\\Warcraft III\\Warcraft III.exe:*:Enabled:Warcraft III"
"C:\\Program Files\\VideoLAN\\VLC\\vlc.exe"="C:\\Program Files\\VideoLAN\\VLC\\vlc.exe:*:Enabled:VLC media player"
"D:\\Programmes files\\EA GAMES\\MOHDA\\moh_Breakthrough.exe"="D:\\Programmes files\\EA GAMES\\MOHDA\\moh_Breakthrough.exe:*:Enabled:Medal of Honor Allied Assault(tm) Breakthrough"
"C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"="C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"D:\\Programmes files\\sierra\\FEAR\\FEAR.exe"="D:\\Programmes files\\sierra\\FEAR\\FEAR.exe:*:Enabled:FEAR"
"D:\\Programmes files\\sierra\\FEAR\\FEARMP.exe"="D:\\Programmes files\\sierra\\FEAR\\FEARMP.exe:*:Enabled:FEAR"
"D:\\Programmes files\\uTorrent\\utorrent.exe"="D:\\Programmes files\\uTorrent\\utorrent.exe:*:Enabled:æTorrent"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\\Program Files\\iTunes\\iTunes.exe"="C:\\Program Files\\iTunes\\iTunes.exe:*:Enabled:iTunes"
"C:\\Program Files\\Skype\\Phone\\Skype.exe"="C:\\Program Files\\Skype\\Phone\\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\MSN Messenger\\msncall.exe"="C:\\Program Files\\MSN Messenger\\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"

Remaining Files:
---------------

File Backups: - C:\DOCUME~1\Moi\Bureau\SDfix\SDFix\backups\backups.zip

Files with Hidden Attributes:

Thu 7 Jun 2007 5,375,800 A..H. --- "C:\Program Files\Picasa2\setup.exe"
Thu 11 Jan 2007 4,964,776 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\S-1-5-18\298e7ea8e15e512fc2290a7c10f398c7\BIT71.tmp"
Thu 11 Jan 2007 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\S-1-5-18\53a3a14f74503141a8462ffdac5b76db\BIT7A.tmp"
Thu 11 Jan 2007 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\S-1-5-18\eabe1622973d561afb591ab24f972644\BIT79.tmp"
Fri 9 Mar 2007 4,348 A..H. --- "C:\Documents and Settings\Moi\Bureau\Musique\Brasil\License Backup\drmv1key.bak"
Fri 9 Mar 2007 20 A..H. --- "C:\Documents and Settings\Moi\Bureau\Musique\Brasil\License Backup\drmv1lic.bak"
Mon 19 Feb 2007 312 A.SH. --- "C:\Documents and Settings\Moi\Bureau\Musique\Brasil\License Backup\drmv2key.bak"

Finished!
18 Octobre 2007 21:31:01

Reposte un Hijackthis.
18 Octobre 2007 21:49:54

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:49:39, on 18/10/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\brsvc01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\brss01a.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\dllhost.exe
c:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\AsGHost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ATK0100\HControl.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\system32\RunDLL32.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
C:\Program Files\ASUS\PowerForPhone\PowerForPhone.exe
C:\Program Files\ASUS\ASUS Live Update\ALU.exe
C:\Program Files\ASUS\Splendid\ACMON.exe
C:\Program Files\Wireless Console 2\wcourier.exe
C:\WINDOWS\system32\ACEngSvr.exe
C:\Program Files\ASUS\ATK Media\DMEDIA.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\ATK0100\ATKOSD.exe
C:\Program Files\ASUSTeK\ASUSDVD\PDVDServ.exe
C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
C:\Program Files\PowerISO\PWRISOVM.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\ASUS\Net4Switch\Net4Switch.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\ASUS\Asus MultiFrame\MultiFrame.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosBtProc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Poker\Titan Poker\casino.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\WANADOO\SEARCH~1.DLL (file missing)
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {6136C646-9AE1-365B-8AE9-068A02B746F2} - C:\Program Files\ctzpmwmc\lwccmpmz.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: ASUS Security Protect Manager - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - c:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\ItIEAddIn.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [HControl] C:\WINDOWS\ATK0100\HControl.exe
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
O4 - HKLM\..\Run: [PowerForPhone] C:\Program Files\ASUS\PowerForPhone\PowerForPhone.exe
O4 - HKLM\..\Run: [ASUS Live Update] C:\Program Files\ASUS\ASUS Live Update\ALU.exe
O4 - HKLM\..\Run: [CognizanceTS] rundll32.exe c:\PROGRA~1\ASUSSE~1\ASUSSE~1\Bin\ASTSVCC.dll,RegisterModule
O4 - HKLM\..\Run: [ACMON] C:\Program Files\ASUS\Splendid\ACMON.exe
O4 - HKLM\..\Run: [Wireless Console 2] C:\Program Files\Wireless Console 2\wcourier.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMEDIA.EXE
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ABLKSR] C:\WINDOWS\ABLKSR\ABLKSR.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\ASUSTeK\ASUSDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Power_Gear] C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe 1
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [FTWATCH] C:\PROGRA~1\LALIGN~1\watch.exe
O4 - HKLM\..\Run: [FTTASKBARICON] C:\PROGRA~1\LALIGN~1\taskbaricon.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [hcxqhono] regsvr32 /u "C:\Documents and Settings\All Users\Application Data\hcxqhono.dll"
O4 - HKLM\..\Run: [TrojanScanner] C:\Program Files\Trojan Remover\Trjscan.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [Net4Switch] C:\Program Files\ASUS\Net4Switch\Net4Switch.exe
O4 - HKCU\..\Run: [updateMgr] c:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: MultiFrame.lnk = ?
O4 - Global Startup: Bluetooth Manager.lnk = ?
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Absolute Poker - {13C1DBF6-7535-495c-91F6-8C13714ED485} - C:\Documents and Settings\Moi\Menu Démarrer\Programmes\Absolute Poker\Absolute Poker.lnk
O9 - Extra 'Tools' menuitem: Absolute Poker - {13C1DBF6-7535-495c-91F6-8C13714ED485} - C:\Documents and Settings\Moi\Menu Démarrer\Programmes\Absolute Poker\Absolute Poker.lnk
O9 - Extra button: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Poker\Titan Poker\casino.exe
O9 - Extra 'Tools' menuitem: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Poker\Titan Poker\casino.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: CDPoker - {A68FC757-51CF-4f3c-B13A-BFB8CA69BB99} - C:\Poker\CDPoker\casino.exe
O9 - Extra 'Tools' menuitem: CDPoker - {A68FC757-51CF-4f3c-B13A-BFB8CA69BB99} - C:\Poker\CDPoker\casino.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.asus.com
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.mail.live.com/mail/w1/resources/MSNPUpld.ca...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Contro...
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst....
O17 - HKLM\System\CCS\Services\Tcpip\..\{064A0136-A027-42E9-ADCC-707664ECC3DE}: NameServer = 80.10.246.130 80.10.246.3
O17 - HKLM\System\CS1\Services\Tcpip\..\{064A0136-A027-42E9-ADCC-707664ECC3DE}: NameServer = 80.10.246.130 80.10.246.3
O20 - AppInit_DLLs: APSHook.dll
O20 - Winlogon Notify: OneCard - c:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\ASWLNPkg.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe

--
End of file - 12827 bytes
18 Octobre 2007 21:53:35

merci pour le temps que tu passes a essayer de resoudre le probleme!! ;) 
18 Octobre 2007 22:00:07

Re,

C'est mieux ?


Télécharge Lop S&D
Dézippe-le sur le bureau
Lance le fichier Scan.bat
Exécute l’option R .
Poste le rapport généré en fin d’analyse.
Le rapport se trouve aussi ici : C:\Lopr.txt

( Si le Bureau ne réapparait pas presse Ctrl + Alt + Suppr , Onglet Fichier , tape explorer et valide )

+++++++++++++++++++++

Télécharge Gmer.
Dézippe le dans un dossier ou sur ton bureau.

Déconnecte toi d'Internet puis ferme tous les programmes.
Double-clique sur Gmer.exe.

Si une alerte de ton antivirus apparaît pour le fichier gmer.sys ou gmer.exe, laisse le s'executer.

Clique sur l'onglet rootkit.
A droite, coche Files et Services.
Clique maintenant sur Scan.

Lorsque le scan est terminé, clique sur Copy.

Ouvre le Bloc-notes puis clique sur le Menu Edition / Coller.
Le rapport doit alors apparaître.
Enregistre le fichier sur ton bureau et poste le contenu ici.
18 Octobre 2007 22:14:29

oui c est mieux, apparement j ai plus l'ecran de fond rouge
18 Octobre 2007 22:17:23


------------------------------[ Lop S&D 1.3 ]----------------------------

Version : Microsoft Windows XP [version 5.1.2600] [ OS : Windows_NT ]

Lancé depuis : "C:\Documents and Settings\Moi\Bureau\LopSD\Lop S&D"

Rapport créé Le 18/10/2007 à 22:16:11,71 PC : VINCE

! Faire analyser le rapport par un Helper avant intervention !

-------------[ Listing des Dossiers dans Application Data ]-------------

C:\Documents and settings\Default User\Application Data\Intel
C:\Documents and settings\Default User\Application Data\Symantec
C:\Documents and settings\Default User\Application Data\Skype
C:\Documents and settings\Default User\Application Data\Identities
C:\Documents and settings\Default User\Application Data\desktop.ini
C:\Documents and settings\Default User\Application Data\Microsoft

C:\Documents and settings\All Users\Application Data\TEMP
C:\Documents and settings\All Users\Application Data\Yahoo! Companion
C:\Documents and settings\All Users\Application Data\Age of Empires 3
C:\Documents and settings\All Users\Application Data\Apple Computer
C:\Documents and settings\All Users\Application Data\Google
C:\Documents and settings\All Users\Application Data\Microsoft Help
C:\Documents and settings\All Users\Application Data\Trymedia
C:\Documents and settings\All Users\Application Data\Adobe
C:\Documents and settings\All Users\Application Data\Spybot - Search & Destroy
C:\Documents and settings\All Users\Application Data\POPWWPROFILES
C:\Documents and settings\All Users\Application Data\Windows Genuine Advantage
C:\Documents and settings\All Users\Application Data\nView_Profiles
C:\Documents and settings\All Users\Application Data\CyberLink
C:\Documents and settings\All Users\Application Data\Intel
C:\Documents and settings\All Users\Application Data\Symantec
C:\Documents and settings\All Users\Application Data\Skype
C:\Documents and settings\All Users\Application Data\desktop.ini
C:\Documents and settings\All Users\Application Data\Microsoft

C:\Documents and settings\NetworkService\Application Data\Intel
C:\Documents and settings\NetworkService\Application Data\Microsoft

C:\Documents and settings\LocalService\Application Data\Intel
C:\Documents and settings\LocalService\Application Data\Microsoft

C:\Documents and settings\Administrateur\Application Data\Intel
C:\Documents and settings\Administrateur\Application Data\Symantec
C:\Documents and settings\Administrateur\Application Data\Skype
C:\Documents and settings\Administrateur\Application Data\Identities
C:\Documents and settings\Administrateur\Application Data\desktop.ini
C:\Documents and settings\Administrateur\Application Data\Microsoft

C:\Documents and settings\Moi\Application Data\Simply Super Software
C:\Documents and settings\Moi\Application Data\Uniblue
C:\Documents and settings\Moi\Application Data\Lavasoft
C:\Documents and settings\Moi\Application Data\Apple Computer
C:\Documents and settings\Moi\Application Data\SecondLife
C:\Documents and settings\Moi\Application Data\uTorrent
C:\Documents and settings\Moi\Application Data\dvdcss
C:\Documents and settings\Moi\Application Data\InstallShield
C:\Documents and settings\Moi\Application Data\Sun
C:\Documents and settings\Moi\Application Data\Cyberlink
C:\Documents and settings\Moi\Application Data\U3
C:\Documents and settings\Moi\Application Data\Asus MiVo Messenger
C:\Documents and settings\Moi\Application Data\vlc
C:\Documents and settings\Moi\Application Data\La Bataille pour la Terre du Milieu
C:\Documents and settings\Moi\Application Data\Asus
C:\Documents and settings\Moi\Application Data\AdobeUM
C:\Documents and settings\Moi\Application Data\Adobe
C:\Documents and settings\Moi\Application Data\Help
C:\Documents and settings\Moi\Application Data\Talkback
C:\Documents and settings\Moi\Application Data\Mozilla
C:\Documents and settings\Moi\Application Data\ASUS Security Protect Manager
C:\Documents and settings\Moi\Application Data\Macromedia
C:\Documents and settings\Moi\Application Data\Intel
C:\Documents and settings\Moi\Application Data\Symantec
C:\Documents and settings\Moi\Application Data\Skype
C:\Documents and settings\Moi\Application Data\Identities
C:\Documents and settings\Moi\Application Data\desktop.ini
C:\Documents and settings\Moi\Application Data\Microsoft

----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]---------------

C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\SA.DAT
C:\WINDOWS\tasks\desktop.ini

---------------[ Listing des dossiers dans Program Files ]--------------

C:\Program Files\_uninstallation_info
C:\Program Files\Absolute Poker
C:\Program Files\Adobe
C:\Program Files\Ahead
C:\Program Files\Alwil Software
C:\Program Files\Apple Software Update
C:\Program Files\Asus
C:\Program Files\ASUS Security Center
C:\Program Files\ASUS_1600x1200_white
C:\Program Files\ASUSTeK
C:\Program Files\bjballroom
C:\Program Files\Brother
C:\Program Files\Brownie
C:\Program Files\CCleaner
C:\Program Files\Common Files
C:\Program Files\ComPlus Applications
C:\Program Files\ctzpmwmc
C:\Program Files\CyberLink
C:\Program Files\DAEMON Tools
C:\Program Files\DivX
C:\Program Files\Fichiers communs
C:\Program Files\Fingerprint Sensor
C:\Program Files\FLV Player
C:\Program Files\GameSpy Arcade
C:\Program Files\Google
C:\Program Files\Intel
C:\Program Files\Internet Explorer
C:\Program Files\iPod
C:\Program Files\iTunes
C:\Program Files\Java
C:\Program Files\LaLigneADSL
C:\Program Files\Lavasoft
C:\Program Files\Messager Wanadoo
C:\Program Files\Messenger
C:\Program Files\Microsoft CAPICOM 2.1.0.2
C:\Program Files\microsoft frontpage
C:\Program Files\Microsoft Games
C:\Program Files\Microsoft Office
C:\Program Files\Microsoft Visual Studio
C:\Program Files\Microsoft Works
C:\Program Files\Microsoft.NET
C:\Program Files\Motorola
C:\Program Files\Movie Maker
C:\Program Files\Mozilla Firefox
C:\Program Files\MSBuild
C:\Program Files\MSN
C:\Program Files\MSN Gaming Zone
C:\Program Files\MSN Messenger
C:\Program Files\MSXML 4.0
C:\Program Files\NetMeeting
C:\Program Files\Online Services
C:\Program Files\Outlook Express
C:\Program Files\ParadisePoker
C:\Program Files\Picasa2
C:\Program Files\PowerISO
C:\Program Files\QuickTime
C:\Program Files\Realtek
C:\Program Files\SecondLife
C:\Program Files\Services en ligne
C:\Program Files\Skype
C:\Program Files\SLD Codec Pack
C:\Program Files\SPSS Student
C:\Program Files\Spybot - Search & Destroy
C:\Program Files\Synaptics
C:\Program Files\TexasCalculatem
C:\Program Files\Toshiba
C:\Program Files\Trend Micro
C:\Program Files\TribalWeb.net
C:\Program Files\Trojan Remover
C:\Program Files\VideoLAN
C:\Program Files\Wanadoo
C:\Program Files\Winamp
C:\Program Files\Windows Live Safety Center
C:\Program Files\Windows Media Player
C:\Program Files\Windows NT
C:\Program Files\Windows Plus
C:\Program Files\WinRAR
C:\Program Files\Wireless Console 2
C:\Program Files\xerox
C:\Program Files\Yahoo!

------[ Listing des dossiers dans Program Files\Fichiers Communs ]------

C:\program files\fichiers communs\Adobe
C:\program files\fichiers communs\Ahead
C:\program files\fichiers communs\DESIGNER
C:\program files\fichiers communs\InstallShield
C:\program files\fichiers communs\Java
C:\program files\fichiers communs\Microsoft Shared
C:\program files\fichiers communs\MSSoap
C:\program files\fichiers communs\ODBC
C:\program files\fichiers communs\Services
C:\program files\fichiers communs\SpeechEngines
C:\program files\fichiers communs\SWF Studio
C:\program files\fichiers communs\System

----------------------[ Recherche dans le Registre ]----------------------

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]


[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]

"hcxqhono"="regsvr32 /u \"C:\\Documents and Settings\\All Users\\Application Data\\hcxqhono.dll\""

-----------------[ Recherche de Fichiers - Dossiers Lop ]-----------------

C:\WINDOWS\Prefetch\WINWORD.EXE-15ED065E.pf
C:\WINDOWS\Prefetch\DFRGFAT.EXE-22605FE5.pf
C:\WINDOWS\Prefetch\HELPSVC.EXE-1C192440.pf
C:\WINDOWS\Prefetch\WMIPRVSE.EXE-0D449B4F.pf
C:\WINDOWS\Prefetch\ALCMTR.EXE-01A7139B.pf
C:\WINDOWS\Prefetch\SNDVOL32.EXE-0EC6FD20.pf
C:\WINDOWS\Prefetch\LOGON.SCR-24ADF392.pf
C:\WINDOWS\Prefetch\ACRORD32.EXE-1CE22EA3.pf
C:\WINDOWS\Prefetch\CASINO.EXE-17445361.pf
C:\WINDOWS\Prefetch\EHTRAY.EXE-337AC592.pf
C:\WINDOWS\Prefetch\FIREFOX.EXE-06188867.pf
C:\WINDOWS\Prefetch\EHMSAS.EXE-1E4CE886.pf
C:\WINDOWS\Prefetch\LOGONUI.EXE-312BE1BF.pf
C:\WINDOWS\Prefetch\ASGHOST.EXE-02F40964.pf
C:\WINDOWS\Prefetch\POWERFORPHONE.EXE-22AC9332.pf
C:\WINDOWS\Prefetch\WGATRAY.EXE-350D4455.pf
C:\WINDOWS\Prefetch\RUNDLL32.EXE-6ACD0C83.pf
C:\WINDOWS\Prefetch\NWIZ.EXE-2D374245.pf
C:\WINDOWS\Prefetch\AVAST.SETUP-295443AF.pf
C:\WINDOWS\Prefetch\SETUP.OVR-1ABDA79A.pf
C:\WINDOWS\Prefetch\WUAUCLT.EXE-1360D60A.pf
C:\WINDOWS\Prefetch\EHREC.EXE-2365F918.pf
C:\WINDOWS\Prefetch\TOSBTPROC.EXE-149F607A.pf
C:\WINDOWS\Prefetch\WLLOGINPROXY.EXE-090074F0.pf
C:\WINDOWS\Prefetch\SKYTEL.EXE-15B3DBDE.pf
C:\WINDOWS\Prefetch\USERINIT.EXE-0743FDA9.pf
C:\WINDOWS\Prefetch\IEXPLORE.EXE-2D97EBE6.pf
C:\WINDOWS\Prefetch\EXPLORER.EXE-02121B1A.pf
C:\WINDOWS\Prefetch\RUNDLL32.EXE-6C108BAF.pf
C:\WINDOWS\Prefetch\HCONTROL.EXE-27D377E4.pf
C:\WINDOWS\Prefetch\ALU.EXE-2C2D4C95.pf
C:\WINDOWS\Prefetch\MSNMSGR.EXE-3744B6D8.pf
C:\WINDOWS\Prefetch\ACMON.EXE-33F9B875.pf
C:\WINDOWS\Prefetch\SYNTPENH.EXE-2B70B91C.pf
C:\WINDOWS\Prefetch\ADOBEUPDATEMANAGER.EXE-0075C43E.pf
C:\WINDOWS\Prefetch\ATKOSD.EXE-283F7FA7.pf
C:\WINDOWS\Prefetch\ZCFGSVC.EXE-3A532485.pf
C:\WINDOWS\Prefetch\IFRMEWRK.EXE-02DE6F7E.pf
C:\WINDOWS\Prefetch\SKYPE.EXE-2EAF99A0.pf
C:\WINDOWS\Prefetch\DOT1XCFG.EXE-007A59B8.pf
C:\WINDOWS\Prefetch\IPODSERVICE.EXE-37043579.pf
C:\WINDOWS\Prefetch\BTWLANDP.EXE-2C3F2F8D.pf
C:\WINDOWS\Prefetch\TEXASCALC.EXE-379D94F5.pf
C:\WINDOWS\Prefetch\DAEMON.EXE-3B58F055.pf
C:\WINDOWS\Prefetch\RUNDLL32.EXE-41C4C933.pf
C:\WINDOWS\Prefetch\WINAMP.EXE-22223556.pf
C:\WINDOWS\Prefetch\SM56HLPR.EXE-04841EE3.pf
C:\WINDOWS\Prefetch\TOSOBEX.EXE-390888A4.pf
C:\WINDOWS\Prefetch\WCOURIER.EXE-17A9A216.pf
C:\WINDOWS\Prefetch\ASHDISP.EXE-310C231B.pf
C:\WINDOWS\Prefetch\RUNDLL32.EXE-5469015F.pf
C:\WINDOWS\Prefetch\RTHDCPL.EXE-005A6E31.pf
C:\WINDOWS\Prefetch\QTTASK.EXE-1876A1A1.pf
C:\WINDOWS\Prefetch\ACRORD32INFO.EXE-10255AA7.pf
C:\WINDOWS\Prefetch\ITUNESHELPER.EXE-0A1B0F2C.pf
C:\WINDOWS\Prefetch\CTFMON.EXE-05E57A5E.pf
C:\WINDOWS\Prefetch\TOSBTHSP.EXE-0BBCDF76.pf
C:\WINDOWS\Prefetch\RUNDLL32.EXE-6E8D4657.pf
C:\WINDOWS\Prefetch\DW20.EXE-31F7F56F.pf
C:\WINDOWS\Prefetch\OFFDIAG.EXE-1DE00EB2.pf
C:\WINDOWS\Prefetch\RUNDLL32.EXE-6471536F.pf
C:\WINDOWS\Prefetch\RUNDLL32.EXE-3FF8D876.pf
C:\WINDOWS\Prefetch\POKER.EXE-1340AF3B.pf
C:\WINDOWS\Prefetch\UPDATE.EXE-37B63430.pf
C:\WINDOWS\Prefetch\OUTLOOK.EXE-326CF986.pf
C:\WINDOWS\Prefetch\MULTIFRAME.EXE-044B7F25.pf
C:\WINDOWS\Prefetch\RUNDLL32.EXE-41FB74E5.pf
C:\WINDOWS\Prefetch\RUNDLL32.EXE-69BEEE70.pf
C:\WINDOWS\Prefetch\IS-OAEBI.TMP-301BBF53.pf
C:\WINDOWS\Prefetch\TEXASCALCSETUP.EXE-1D3B0BC4.pf
C:\WINDOWS\Prefetch\UTORRENT.EXE-37B6FE2A.pf
C:\WINDOWS\Prefetch\CMD.EXE-034B0549.pf
C:\WINDOWS\Prefetch\DEFRAG.EXE-2858C7E2.pf
C:\WINDOWS\Prefetch\TEXAS_CALCULATEM_V4.01.0023_B-2B3A0CC5.pf
C:\WINDOWS\Prefetch\CRACK.EXE-1293A470.pf
C:\WINDOWS\Prefetch\BMXKSX.EXE-27DF84F7.pf
C:\WINDOWS\Prefetch\BX18DXV.DAT-00CEAF31.pf
C:\WINDOWS\Prefetch\REGSVR32.EXE-396DEA2C.pf
C:\WINDOWS\Prefetch\EDI.EXE-0D7D2372.pf
C:\WINDOWS\Prefetch\NMCUNINSTALL.EXE-1BF8706C.pf
C:\WINDOWS\Prefetch\SW_INS.EXE-1C5E0579.pf
C:\WINDOWS\Prefetch\ASHLOGV.EXE-1BE54756.pf
C:\WINDOWS\Prefetch\CLEANMGR.EXE-31B430FE.pf
C:\WINDOWS\Prefetch\AD-AWARE.EXE-1853B83A.pf
C:\WINDOWS\Prefetch\ASHAVAST.EXE-1EA93A67.pf
C:\WINDOWS\Prefetch\ASHSIMPL.EXE-20AB57BA.pf
C:\WINDOWS\Prefetch\DMEDIA.EXE-0002C3C0.pf
C:\WINDOWS\Prefetch\BATTERYLIFE.EXE-09B13A23.pf
C:\WINDOWS\Prefetch\ACENGSVR.EXE-1BD20C1E.pf
C:\WINDOWS\Prefetch\JUSCHED.EXE-2C643E17.pf
C:\WINDOWS\Prefetch\PWRISOVM.EXE-3B5E032A.pf
C:\WINDOWS\Prefetch\LIVEUPDT.EXE-046FB5E1.pf
C:\WINDOWS\Prefetch\CSCRIPT.EXE-0A13A05C.pf
C:\WINDOWS\Prefetch\WINAMPA.EXE-15BD1ED5.pf
C:\WINDOWS\Prefetch\RUNDLL32.EXE-4EE39BB6.pf
C:\WINDOWS\Prefetch\NEROCHECK.EXE-30941580.pf
C:\WINDOWS\Prefetch\PDVDSERV.EXE-0B0AEB20.pf
C:\WINDOWS\Prefetch\RUNDLL32.EXE-70A2A6FF.pf
C:\WINDOWS\Prefetch\WINRAR.EXE-0AA31BB9.pf
C:\WINDOWS\Prefetch\CHCP.COM-17EDBDC9.pf
C:\WINDOWS\Prefetch\SWREG.EXE-26F9D764.pf
C:\WINDOWS\Prefetch\FINDSTR.EXE-1A4FC238.pf
C:\WINDOWS\Prefetch\SWREG.EXE-056B1DD2.pf
C:\WINDOWS\Prefetch\FIND.EXE-0EEAD1A7.pf
C:\WINDOWS\Prefetch\REG.EXE-07FA5B3F.pf
C:\WINDOWS\Prefetch\SORT.EXE-19728AC5.pf
C:\WINDOWS\Prefetch\NOTEPAD.EXE-2F2D61E1.pf
C:\WINDOWS\Prefetch\CCSETUP201.EXE-2855E043.pf
C:\WINDOWS\Prefetch\GLJ1E5.TMP-37080754.pf
C:\WINDOWS\Prefetch\GLB1E3.TMP-2DFD0EC7.pf
C:\WINDOWS\Prefetch\YCOMP_~1.EXE-0069499B.pf
C:\WINDOWS\Prefetch\GLB1DC.TMP-1050B671.pf
C:\WINDOWS\Prefetch\YTB3.EXE-1F927DBA.pf
C:\WINDOWS\Prefetch\CCLEANER.EXE-09CFC2BC.pf
C:\WINDOWS\Prefetch\RUNDLL32.EXE-5560CAC5.pf
C:\WINDOWS\Prefetch\BFU.EXE-1DF5CB94.pf
C:\WINDOWS\Prefetch\AT.EXE-02A43BFA.pf
C:\WINDOWS\Prefetch\LOOK2ME-DESTROYER.EXE-04749DE1.pf
C:\WINDOWS\Prefetch\REGEDIT.EXE-2AE3423E.pf
C:\WINDOWS\Prefetch\NTOSBOOT-B00DFAAD.pf
C:\WINDOWS\Prefetch\Layout.ini
C:\WINDOWS\Prefetch\VERCLSID.EXE-28F52AD2.pf
C:\WINDOWS\Prefetch\NET4SWITCH.EXE-0BC41403.pf
C:\WINDOWS\Prefetch\TOSBTMNG.EXE-02925DC5.pf
C:\WINDOWS\Prefetch\TOSA2DP.EXE-2F2EC385.pf
C:\WINDOWS\Prefetch\TOSBTHID.EXE-14CF6E59.pf
C:\WINDOWS\Prefetch\RUNDLL32.EXE-54023F1C.pf
C:\WINDOWS\Prefetch\RUNDLL32.EXE-57C8756E.pf
C:\WINDOWS\Prefetch\IMAPI.EXE-201490BB.pf
C:\WINDOWS\Prefetch\READER_SL.EXE-2FCCA463.pf

--------------------[ Vérification du fichier Hosts ]---------------------

Fichier Hosts : Propre

--------------[ Recherche de fichiers cachés avec Catchme ]---------------

catchme 0.3.1066 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-10-18 22:16:20
Windows 5.1.2600 Service Pack 2 FAT NTAPI
scanning hidden processes ...
scanning hidden services ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0

--------------------[ Recherche d'autres infections ]---------------------

C:\WINDOWS\pack.epk
! EGDACCESS Possible !


--------------------[ Fin du rapport à 22:16:53,40 ]----------------------
18 Octobre 2007 22:25:52

GMER 1.0.13.12551 - http://www.gmer.net
Rootkit scan 2007-10-18 22:24:44
Windows 5.1.2600 Service Pack 2


---- System - GMER 1.0.13 ----

SSDT sptd.sys ZwCreateKey
SSDT sptd.sys ZwEnumerateKey
SSDT sptd.sys ZwEnumerateValueKey
SSDT sptd.sys ZwOpenKey
SSDT sptd.sys ZwQueryKey
SSDT sptd.sys ZwQueryValueKey
SSDT sptd.sys ZwSetValueKey

---- Kernel code sections - GMER 1.0.13 ----

? C:\WINDOWS\system32\drivers\sptd.sys Le processus ne peut pas accéder au fichier car ce fichier est utilisé par un autre processus.
.text USBPORT.SYS!DllUnload B9F4F7AE 5 Bytes JMP 899CC1C8
? System32\Drivers\aw0ps3nq.SYS Le fichier spécifié est introuvable.

---- User code sections - GMER 1.0.13 ----

.text C:\Program Files\MSN Messenger\MsnMsgr.Exe[3532] kernel32.dll!SetUnhandledExceptionFilter 7C84467D 5 Bytes JMP 004DE392 C:\Program Files\MSN Messenger\MsnMsgr.Exe

---- Kernel IAT/EAT - GMER 1.0.13 ----

IAT atapi.sys[HAL.dll!READ_PORT_UCHAR] [BA6CEAB4] sptd.sys
IAT atapi.sys[HAL.dll!READ_PORT_BUFFER_USHORT] [BA6CEBFA] sptd.sys
IAT atapi.sys[HAL.dll!READ_PORT_USHORT] [BA6CEB7C] sptd.sys
IAT atapi.sys[HAL.dll!WRITE_PORT_BUFFER_USHORT] [BA6CF728] sptd.sys
IAT atapi.sys[HAL.dll!WRITE_PORT_UCHAR] [BA6CF5FE] sptd.sys
IAT \SystemRoot\system32\DRIVERS\i8042prt.sys[HAL.dll!READ_PORT_UCHAR] [BA6E1C5A] sptd.sys

Device \FileSystem\Fastfat \FatCdrom IRP_MJ_CREATE 89DD91E8
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_CLOSE 89DD91E8
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_READ 89DD91E8
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_WRITE 89DD91E8
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_QUERY_INFORMATION 89DD91E8
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_SET_INFORMATION 89DD91E8
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_QUERY_EA 89DD91E8
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_SET_EA 89DD91E8
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_FLUSH_BUFFERS 89DD91E8
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_QUERY_VOLUME_INFORMATION 89DD91E8
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_SET_VOLUME_INFORMATION 89DD91E8
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_DIRECTORY_CONTROL 89DD91E8
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_FILE_SYSTEM_CONTROL 89DD91E8
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_DEVICE_CONTROL 89DD91E8
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_SHUTDOWN 89DD91E8
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_LOCK_CONTROL 89DD91E8
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_CLEANUP 89DD91E8
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_PNP 89DD91E8
Device \Driver\NetBT \Device\NetBT_Tcpip_{7984F596-9DAF-40E2-9343-8BBCE5BD8FB8} IRP_MJ_CREATE 89B7B980
Device \Driver\NetBT \Device\NetBT_Tcpip_{7984F596-9DAF-40E2-9343-8BBCE5BD8FB8} IRP_MJ_CLOSE 89B7B980
Device \Driver\NetBT \Device\NetBT_Tcpip_{7984F596-9DAF-40E2-9343-8BBCE5BD8FB8} IRP_MJ_DEVICE_CONTROL 89B7B980
Device \Driver\NetBT \Device\NetBT_Tcpip_{7984F596-9DAF-40E2-9343-8BBCE5BD8FB8} IRP_MJ_INTERNAL_DEVICE_CONTROL 89B7B980
Device \Driver\NetBT \Device\NetBT_Tcpip_{7984F596-9DAF-40E2-9343-8BBCE5BD8FB8} IRP_MJ_CLEANUP 89B7B980
Device \Driver\NetBT \Device\NetBT_Tcpip_{7984F596-9DAF-40E2-9343-8BBCE5BD8FB8} IRP_MJ_PNP 89B7B980

AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_CREATE [BAA788E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_CREATE_NAMED_PIPE [BAA788E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_CLOSE [BAA788E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_READ [BAA788E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_WRITE [BAA788E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_QUERY_INFORMATION [BAA788E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_SET_INFORMATION [BAA788E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_QUERY_EA [BAA788E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_SET_EA [BAA788E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_FLUSH_BUFFERS [BAA788E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_QUERY_VOLUME_INFORMATION [BAA788E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_SET_VOLUME_INFORMATION [BAA788E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_DIRECTORY_CONTROL [BAA788E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_FILE_SYSTEM_CONTROL [BAA788E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_DEVICE_CONTROL [BAA788E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_INTERNAL_DEVICE_CONTROL [BAA782C0] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_SHUTDOWN [BAA788E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_LOCK_CONTROL [BAA788E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_CLEANUP [BAA788E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_CREATE_MAILSLOT [BAA788E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_QUERY_SECURITY [BAA788E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_SET_SECURITY [BAA788E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_POWER [BAA788E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_SYSTEM_CONTROL [BAA788E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_DEVICE_CHANGE [BAA788E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_QUERY_QUOTA [BAA788E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_SET_QUOTA [BAA788E6] aswTdi.SYS
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 IRP_MJ_CREATE [B9F00A30] SynTP.sys
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 IRP_MJ_CREATE_NAMED_PIPE [B9F00A30] SynTP.sys
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 IRP_MJ_CLOSE [B9F00A30] SynTP.sys
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 IRP_MJ_READ [B9F00A30] SynTP.sys
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 IRP_MJ_WRITE [B9F00A30] SynTP.sys
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 IRP_MJ_QUERY_INFORMATION [B9F00A30] SynTP.sys
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 IRP_MJ_SET_INFORMATION [B9F00A30] SynTP.sys
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 IRP_MJ_QUERY_EA [B9F00A30] SynTP.sys
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 IRP_MJ_SET_EA [B9F00A30] SynTP.sys
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 IRP_MJ_FLUSH_BUFFERS [B9F00A30] SynTP.sys
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 IRP_MJ_QUERY_VOLUME_INFORMATION [B9F00A30] SynTP.sys
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 IRP_MJ_SET_VOLUME_INFORMATION [B9F00A30] SynTP.sys
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 IRP_MJ_DIRECTORY_CONTROL [B9F00A30] SynTP.sys
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 IRP_MJ_FILE_SYSTEM_CONTROL [B9F00A30] SynTP.sys
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 IRP_MJ_DEVICE_CONTROL [B9F00A30] SynTP.sys
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 IRP_MJ_INTERNAL_DEVICE_CONTROL [B9F00A30] SynTP.sys
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 IRP_MJ_SHUTDOWN [B9F00A30] SynTP.sys
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 IRP_MJ_LOCK_CONTROL [B9F00A30] SynTP.sys
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 IRP_MJ_CLEANUP [B9F00A30] SynTP.sys
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 IRP_MJ_CREATE_MAILSLOT [B9F00A30] SynTP.sys
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 IRP_MJ_QUERY_SECURITY [B9F00A30] SynTP.sys
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 IRP_MJ_SET_SECURITY [B9F00A30] SynTP.sys
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 IRP_MJ_POWER [B9F00A30] SynTP.sys
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 IRP_MJ_SYSTEM_CONTROL [B9F00A30] SynTP.sys
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 IRP_MJ_DEVICE_CHANGE [B9F00A30] SynTP.sys
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 IRP_MJ_QUERY_QUOTA [B9F00A30] SynTP.sys
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 IRP_MJ_SET_QUOTA [B9F00A30] SynTP.sys
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 IRP_MJ_CREATE [B9F00A30] SynTP.sys
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 IRP_MJ_CREATE_NAMED_PIPE [B9F00A30] SynTP.sys
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 IRP_MJ_CLOSE [B9F00A30] SynTP.sys
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 IRP_MJ_READ [B9F00A30] SynTP.sys
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 IRP_MJ_WRITE [B9F00A30] SynTP.sys
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 IRP_MJ_QUERY_INFORMATION [B9F00A30] SynTP.sys
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 IRP_MJ_SET_INFORMATION [B9F00A30] SynTP.sys
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 IRP_MJ_QUERY_EA [B9F00A30] SynTP.sys
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 IRP_MJ_SET_EA [B9F00A30] SynTP.sys
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 IRP_MJ_FLUSH_BUFFERS [B9F00A30] SynTP.sys
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 IRP_MJ_QUERY_VOLUME_INFORMATION [B9F00A30] SynTP.sys
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 IRP_MJ_SET_VOLUME_INFORMATION [B9F00A30] SynTP.sys
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 IRP_MJ_DIRECTORY_CONTROL [B9F00A30] SynTP.sys
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 IRP_MJ_FILE_SYSTEM_CONTROL [B9F00A30] SynTP.sys
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 IRP_MJ_DEVICE_CONTROL [B9F00A30] SynTP.sys
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 IRP_MJ_INTERNAL_DEVICE_CONTROL [B9F00A30] SynTP.sys
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 IRP_MJ_SHUTDOWN [B9F00A30] SynTP.sys
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 IRP_MJ_LOCK_CONTROL [B9F00A30] SynTP.sys
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 IRP_MJ_CLEANUP [B9F00A30] SynTP.sys
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 IRP_MJ_CREATE_MAILSLOT [B9F00A30] SynTP.sys
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 IRP_MJ_QUERY_SECURITY [B9F00A30] SynTP.sys
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 IRP_MJ_SET_SECURITY [B9F00A30] SynTP.sys
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 IRP_MJ_POWER [B9F00A30] SynTP.sys
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 IRP_MJ_SYSTEM_CONTROL [B9F00A30] SynTP.sys
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 IRP_MJ_DEVICE_CHANGE [B9F00A30] SynTP.sys
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 IRP_MJ_QUERY_QUOTA [B9F00A30] SynTP.sys
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 IRP_MJ_SET_QUOTA [B9F00A30] SynTP.sys

Device \Driver\usbuhci \Device\USBPDO-0 IRP_MJ_CREATE 899CB1E8
Device \Driver\usbuhci \Device\USBPDO-0 IRP_MJ_CLOSE 899CB1E8
Device \Driver\usbuhci \Device\USBPDO-0 IRP_MJ_DEVICE_CONTROL 899CB1E8
Device \Driver\usbuhci \Device\USBPDO-0 IRP_MJ_INTERNAL_DEVICE_CONTROL 899CB1E8
Device \Driver\usbuhci \Device\USBPDO-0 IRP_MJ_POWER 899CB1E8
Device \Driver\usbuhci \Device\USBPDO-0 IRP_MJ_SYSTEM_CONTROL 899CB1E8
Device \Driver\usbuhci \Device\USBPDO-0 IRP_MJ_PNP 899CB1E8
Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_CREATE 89E4E1E8
Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_CLOSE 89E4E1E8
Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_READ 89E4E1E8
Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_WRITE 89E4E1E8
Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_FLUSH_BUFFERS 89E4E1E8
Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_DEVICE_CONTROL 89E4E1E8
Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_INTERNAL_DEVICE_CONTROL 89E4E1E8
Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_SHUTDOWN 89E4E1E8
Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_POWER 89E4E1E8
Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_SYSTEM_CONTROL 89E4E1E8
Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_PNP 89E4E1E8
Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_CREATE 89E4E1E8
Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_CLOSE 89E4E1E8
Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_READ 89E4E1E8
Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_WRITE 89E4E1E8
Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_FLUSH_BUFFERS 89E4E1E8
Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_DEVICE_CONTROL 89E4E1E8
Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_INTERNAL_DEVICE_CONTROL 89E4E1E8
Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_SHUTDOWN 89E4E1E8
Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_POWER 89E4E1E8
Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_SYSTEM_CONTROL 89E4E1E8
Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_PNP 89E4E1E8
Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_CREATE 89E4E1E8
Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_CLOSE 89E4E1E8
Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_READ 89E4E1E8
Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_WRITE 89E4E1E8
Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_FLUSH_BUFFERS 89E4E1E8
Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_DEVICE_CONTROL 89E4E1E8
Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_INTERNAL_DEVICE_CONTROL 89E4E1E8
Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_SHUTDOWN 89E4E1E8
Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_POWER 89E4E1E8
Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_SYSTEM_CONTROL 89E4E1E8
Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_PNP 89E4E1E8
Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_CREATE 89E4E1E8
Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_CLOSE 89E4E1E8
Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_READ 89E4E1E8
Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_WRITE 89E4E1E8
Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_FLUSH_BUFFERS 89E4E1E8
Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_DEVICE_CONTROL 89E4E1E8
Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_INTERNAL_DEVICE_CONTROL 89E4E1E8
Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_SHUTDOWN 89E4E1E8
Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_POWER 89E4E1E8
Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_SYSTEM_CONTROL 89E4E1E8
Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_PNP 89E4E1E8
Device \Driver\usbuhci \Device\USBPDO-1 IRP_MJ_CREATE 899CB1E8
Device \Driver\usbuhci \Device\USBPDO-1 IRP_MJ_CLOSE 899CB1E8
Device \Driver\usbuhci \Device\USBPDO-1 IRP_MJ_DEVICE_CONTROL 899CB1E8
Device \Driver\usbuhci \Device\USBPDO-1 IRP_MJ_INTERNAL_DEVICE_CONTROL 899CB1E8
Device \Driver\usbuhci \Device\USBPDO-1 IRP_MJ_POWER 899CB1E8
Device \Driver\usbuhci \Device\USBPDO-1 IRP_MJ_SYSTEM_CONTROL 899CB1E8
Device \Driver\usbuhci \Device\USBPDO-1 IRP_MJ_PNP 899CB1E8
Device \Driver\usbuhci \Device\USBPDO-2 IRP_MJ_CREATE 899CB1E8
Device \Driver\usbuhci \Device\USBPDO-2 IRP_MJ_CLOSE 899CB1E8
Device \Driver\usbuhci \Device\USBPDO-2 IRP_MJ_DEVICE_CONTROL 899CB1E8
Device \Driver\usbuhci \Device\USBPDO-2 IRP_MJ_INTERNAL_DEVICE_CONTROL 899CB1E8
Device \Driver\usbuhci \Device\USBPDO-2 IRP_MJ_POWER 899CB1E8
Device \Driver\usbuhci \Device\USBPDO-2 IRP_MJ_SYSTEM_CONTROL 899CB1E8
Device \Driver\usbuhci \Device\USBPDO-2 IRP_MJ_PNP 899CB1E8
Device \Driver\usbuhci \Device\USBPDO-3 IRP_MJ_CREATE 899CB1E8
Device \Driver\usbuhci \Device\USBPDO-3 IRP_MJ_CLOSE 899CB1E8
Device \Driver\usbuhci \Device\USBPDO-3 IRP_MJ_DEVICE_CONTROL 899CB1E8
Device \Driver\usbuhci \Device\USBPDO-3 IRP_MJ_INTERNAL_DEVICE_CONTROL 899CB1E8
Device \Driver\usbuhci \Device\USBPDO-3 IRP_MJ_POWER 899CB1E8
Device \Driver\usbuhci \Device\USBPDO-3 IRP_MJ_SYSTEM_CONTROL 899CB1E8
Device \Driver\usbuhci \Device\USBPDO-3 IRP_MJ_PNP 899CB1E8
Device \Driver\usbehci \Device\USBPDO-4 IRP_MJ_CREATE 8999E600
Device \Driver\usbehci \Device\USBPDO-4 IRP_MJ_CLOSE 8999E600
Device \Driver\usbehci \Device\USBPDO-4 IRP_MJ_DEVICE_CONTROL 8999E600
Device \Driver\usbehci \Device\USBPDO-4 IRP_MJ_INTERNAL_DEVICE_CONTROL 8999E600
Device \Driver\usbehci \Device\USBPDO-4 IRP_MJ_POWER 8999E600
Device \Driver\usbehci \Device\USBPDO-4 IRP_MJ_SYSTEM_CONTROL 8999E600
Device \Driver\usbehci \Device\USBPDO-4 IRP_MJ_PNP 8999E600
Device \Driver\NetBT \Device\NetBT_Tcpip_{8D801809-0EBD-44CB-ABA5-B47007BBE8AF} IRP_MJ_CREATE 89B7B980
Device \Driver\NetBT \Device\NetBT_Tcpip_{8D801809-0EBD-44CB-ABA5-B47007BBE8AF} IRP_MJ_CLOSE 89B7B980
Device \Driver\NetBT \Device\NetBT_Tcpip_{8D801809-0EBD-44CB-ABA5-B47007BBE8AF} IRP_MJ_DEVICE_CONTROL 89B7B980
Device \Driver\NetBT \Device\NetBT_Tcpip_{8D801809-0EBD-44CB-ABA5-B47007BBE8AF} IRP_MJ_INTERNAL_DEVICE_CONTROL 89B7B980
Device \Driver\NetBT \Device\NetBT_Tcpip_{8D801809-0EBD-44CB-ABA5-B47007BBE8AF} IRP_MJ_CLEANUP 89B7B980
Device \Driver\NetBT \Device\NetBT_Tcpip_{8D801809-0EBD-44CB-ABA5-B47007BBE8AF} IRP_MJ_PNP 89B7B980

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_CREATE [BAA788E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_CREATE_NAMED_PIPE [BAA788E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_CLOSE [BAA788E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_READ [BAA788E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_WRITE [BAA788E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_QUERY_INFORMATION [BAA788E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_SET_INFORMATION [BAA788E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_QUERY_EA [BAA788E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_SET_EA [BAA788E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_FLUSH_BUFFERS [BAA788E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_QUERY_VOLUME_INFORMATION [BAA788E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_SET_VOLUME_INFORMATION [BAA788E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_DIRECTORY_CONTROL [BAA788E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_FILE_SYSTEM_CONTROL [BAA788E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_DEVICE_CONTROL [BAA788E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_INTERNAL_DEVICE_CONTROL [BAA782C0] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_SHUTDOWN [BAA788E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_LOCK_CONTROL [BAA788E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_CLEANUP [BAA788E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_CREATE_MAILSLOT [BAA788E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_QUERY_SECURITY [BAA788E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_SET_SECURITY [BAA788E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_POWER [BAA788E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_SYSTEM_CONTROL [BAA788E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_DEVICE_CHANGE [BAA788E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_QUERY_QUOTA [BAA788E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_SET_QUOTA [BAA788E6] aswTdi.SYS

Device \Driver\PCI_NTPNP5800 \Device\00000056 IRP_MJ_CREATE [BA6FAF18] sptd.sys
Device \Driver\PCI_NTPNP5800 \Device\00000056 IRP_MJ_CREATE_NAMED_PIPE [BA6FAF18] sptd.sys
Device \Driver\PCI_NTPNP5800 \Device\00000056 IRP_MJ_CLOSE [BA6FAF18] sptd.sys
Device \Driver\PCI_NTPNP5800 \Device\00000056 IRP_MJ_READ [BA6FAF18] sptd.sys
Device \Driver\PCI_NTPNP5800 \Device\00000056 IRP_MJ_WRITE [BA6FAF18] sptd.sys
Device \Driver\PCI_NTPNP5800 \Device\00000056 IRP_MJ_QUERY_INFORMATION [BA6FAF18] sptd.sys
Device \Driver\PCI_NTPNP5800 \Device\00000056 IRP_MJ_SET_INFORMATION [BA6FAF18] sptd.sys
Device \Driver\PCI_NTPNP5800 \Device\00000056 IRP_MJ_QUERY_EA [BA6FAF18] sptd.sys
Device \Driver\PCI_NTPNP5800 \Device\00000056 IRP_MJ_SET_EA [BA6FAF18] sptd.sys
Device \Driver\PCI_NTPNP5800 \Device\00000056 IRP_MJ_FLUSH_BUFFERS [BA6FAF18] sptd.sys
Device \Driver\PCI_NTPNP5800 \Device\00000056 IRP_MJ_QUERY_VOLUME_INFORMATION [BA6FAF18] sptd.sys
Device \Driver\PCI_NTPNP5800 \Device\00000056 IRP_MJ_SET_VOLUME_INFORMATION [BA6FAF18] sptd.sys
Device \Driver\PCI_NTPNP5800 \Device\00000056 IRP_MJ_DIRECTORY_CONTROL [BA6FAF18] sptd.sys
Device \Driver\PCI_NTPNP5800 \Device\00000056 IRP_MJ_FILE_SYSTEM_CONTROL [BA6FAF18] sptd.sys
Device \Driver\PCI_NTPNP5800 \Device\00000056 IRP_MJ_DEVICE_CONTROL [BA6FAF18] sptd.sys
Device \Driver\PCI_NTPNP5800 \Device\00000056 IRP_MJ_INTERNAL_DEVICE_CONTROL [BA6FAF18] sptd.sys
Device \Driver\PCI_NTPNP5800 \Device\00000056 IRP_MJ_SHUTDOWN [BA6FAF18] sptd.sys
Device \Driver\PCI_NTPNP5800 \Device\00000056 IRP_MJ_LOCK_CONTROL [BA6FAF18] sptd.sys
Device \Driver\PCI_NTPNP5800 \Device\00000056 IRP_MJ_CLEANUP [BA6FAF18] sptd.sys
Device \Driver\PCI_NTPNP5800 \Device\00000056 IRP_MJ_CREATE_MAILSLOT [BA6FAF18] sptd.sys
Device \Driver\PCI_NTPNP5800 \Device\00000056 IRP_MJ_QUERY_SECURITY [BA6FAF18] sptd.sys
Device \Driver\PCI_NTPNP5800 \Device\00000056 IRP_MJ_SET_SECURITY [BA6FAF18] sptd.sys
Device \Driver\PCI_NTPNP5800 \Device\00000056 IRP_MJ_POWER [BA6DCDB8] sptd.sys
Device \Driver\PCI_NTPNP5800 \Device\00000056 IRP_MJ_SYSTEM_CONTROL [BA6F7344] sptd.sys
Device \Driver\PCI_NTPNP5800 \Device\00000056 IRP_MJ_DEVICE_CHANGE [BA6FAF18] sptd.sys
Device \Driver\PCI_NTPNP5800 \Device\00000056 IRP_MJ_QUERY_QUOTA [BA6FAF18] sptd.sys
Device \Driver\PCI_NTPNP5800 \Device\00000056 IRP_MJ_SET_QUOTA [BA6FAF18] sptd.sys
Device \Driver\PCI_NTPNP5800 \Device\00000056 IRP_MJ_PNP [BA6F82D0] sptd.sys
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_CREATE 89DDB1E8
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_READ 89DDB1E8
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_WRITE 89DDB1E8
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_FLUSH_BUFFERS 89DDB1E8
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_DEVICE_CONTROL 89DDB1E8
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_INTERNAL_DEVICE_CONTROL 89DDB1E8
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_SHUTDOWN 89DDB1E8
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_CLEANUP 89DDB1E8
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_POWER 89DDB1E8
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_SYSTEM_CONTROL 89DDB1E8
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_PNP 89DDB1E8
Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_CREATE 89DDB1E8
Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_READ 89DDB1E8
Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_WRITE 89DDB1E8
Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_FLUSH_BUFFERS 89DDB1E8
Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_DEVICE_CONTROL 89DDB1E8
Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_INTERNAL_DEVICE_CONTROL 89DDB1E8
Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_SHUTDOWN 89DDB1E8
Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_CLEANUP 89DDB1E8
Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_POWER 89DDB1E8
Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_SYSTEM_CONTROL 89DDB1E8
Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_PNP 89DDB1E8
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_CREATE 899901E8
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_CLOSE 899901E8
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_READ 899901E8
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_WRITE 899901E8
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_FLUSH_BUFFERS 899901E8
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_DEVICE_CONTROL 899901E8
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_INTERNAL_DEVICE_CONTROL 899901E8
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_SHUTDOWN 899901E8
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_POWER 899901E8
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_SYSTEM_CONTROL 899901E8
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_PNP 899901E8
Device \Driver\Ftdisk \Device\HarddiskVolume3 IRP_MJ_CREATE 89DDB1E8
Device \Driver\Ftdisk \Device\HarddiskVolume3 IRP_MJ_READ 89DDB1E8
Device \Driver\Ftdisk \Device\HarddiskVolume3 IRP_MJ_WRITE 89DDB1E8
Device \Driver\Ftdisk \Device\HarddiskVolume3 IRP_MJ_FLUSH_BUFFERS 89DDB1E8
Device \Driver\Ftdisk \Device\HarddiskVolume3 IRP_MJ_DEVICE_CONTROL 89DDB1E8
Device \Driver\Ftdisk \Device\HarddiskVolume3 IRP_MJ_INTERNAL_DEVICE_CONTROL 89DDB1E8
Device \Driver\Ftdisk \Device\HarddiskVolume3 IRP_MJ_SHUTDOWN 89DDB1E8
Device \Driver\Ftdisk \Device\HarddiskVolume3 IRP_MJ_CLEANUP 89DDB1E8
Device \Driver\Ftdisk \Device\HarddiskVolume3 IRP_MJ_POWER 89DDB1E8
Device \Driver\Ftdisk \Device\HarddiskVolume3 IRP_MJ_SYSTEM_CONTROL 89DDB1E8
Device \Driver\Ftdisk \Device\HarddiskVolume3 IRP_MJ_PNP 89DDB1E8
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_CREATE 899901E8
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_CLOSE 899901E8
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_READ 899901E8
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_WRITE 899901E8
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_FLUSH_BUFFERS 899901E8
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_DEVICE_CONTROL 899901E8
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_INTERNAL_DEVICE_CONTROL 899901E8
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_SHUTDOWN 899901E8
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_POWER 899901E8
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_SYSTEM_CONTROL 899901E8
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_PNP 899901E8
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 IRP_MJ_CREATE 89DDA1E8
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 IRP_MJ_CLOSE 89DDA1E8
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 IRP_MJ_DEVICE_CONTROL 89DDA1E8
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 IRP_MJ_INTERNAL_DEVICE_CONTROL 89DDA1E8
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 IRP_MJ_POWER 89DDA1E8
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 IRP_MJ_SYSTEM_CONTROL 89DDA1E8
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 IRP_MJ_PNP 89DDA1E8
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_CREATE 89DDA1E8
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_CLOSE 89DDA1E8
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_DEVICE_CONTROL 89DDA1E8
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_INTERNAL_DEVICE_CONTROL 89DDA1E8
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_POWER 89DDA1E8
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_SYSTEM_CONTROL 89DDA1E8
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_PNP 89DDA1E8
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_CREATE 89DDA1E8
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_CLOSE 89DDA1E8
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_DEVICE_CONTROL 89DDA1E8
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_INTERNAL_DEVICE_CONTROL 89DDA1E8
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_POWER 89DDA1E8
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_SYSTEM_CONTROL 89DDA1E8
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_PNP 89DDA1E8
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-e IRP_MJ_CREATE 89DDA1E8
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-e IRP_MJ_CLOSE 89DDA1E8
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-e IRP_MJ_DEVICE_CONTROL 89DDA1E8
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-e IRP_MJ_INTERNAL_DEVICE_CONTROL 89DDA1E8
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-e IRP_MJ_POWER 89DDA1E8
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-e IRP_MJ_SYSTEM_CONTROL 89DDA1E8
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-e IRP_MJ_PNP 89DDA1E8
Device \Driver\NetBT \Device\NetBT_Tcpip_{EA5F13E1-1272-4532-B1CB-6A5F7AD68F75} IRP_MJ_CREATE 89B7B980
Device \Driver\NetBT \Device\NetBT_Tcpip_{EA5F13E1-1272-4532-B1CB-6A5F7AD68F75} IRP_MJ_CLOSE 89B7B980
Device \Driver\NetBT \Device\NetBT_Tcpip_{EA5F13E1-1272-4532-B1CB-6A5F7AD68F75} IRP_MJ_DEVICE_CONTROL 89B7B980
Device \Driver\NetBT \Device\NetBT_Tcpip_{EA5F13E1-1272-4532-B1CB-6A5F7AD68F75} IRP_MJ_INTERNAL_DEVICE_CONTROL 89B7B980
Device \Driver\NetBT \Device\NetBT_Tcpip_{EA5F13E1-1272-4532-B1CB-6A5F7AD68F75} IRP_MJ_CLEANUP 89B7B980
Device \Driver\NetBT \Device\NetBT_Tcpip_{EA5F13E1-1272-4532-B1CB-6A5F7AD68F75} IRP_MJ_PNP 89B7B980
Device \Driver\NetBT \Device\NetBt_Wins_Export IRP_MJ_CREATE 89B7B980
Device \Driver\NetBT \Device\NetBt_Wins_Export IRP_MJ_CLOSE 89B7B980
Device \Driver\NetBT \Device\NetBt_Wins_Export IRP_MJ_DEVICE_CONTROL 89B7B980
Device \Driver\NetBT \Device\NetBt_Wins_Export IRP_MJ_INTERNAL_DEVICE_CONTROL 89B7B980
Device \Driver\NetBT \Device\NetBt_Wins_Export IRP_MJ_CLEANUP 89B7B980
Device \Driver\NetBT \Device\NetBt_Wins_Export IRP_MJ_PNP 89B7B980
Device \Driver\NetBT \Device\NetbiosSmb IRP_MJ_CREATE 89B7B980
Device \Driver\NetBT \Device\NetbiosSmb IRP_MJ_CLOSE 89B7B980
Device \Driver\NetBT \Device\NetbiosSmb IRP_MJ_DEVICE_CONTROL 89B7B980
Device \Driver\NetBT \Device\NetbiosSmb IRP_MJ_INTERNAL_DEVICE_CONTROL 89B7B980
Device \Driver\NetBT \Device\NetbiosSmb IRP_MJ_CLEANUP 89B7B980
Device \Driver\NetBT \Device\NetbiosSmb IRP_MJ_PNP 89B7B980

AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_CREATE [BAA788E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_CREATE_NAMED_PIPE [BAA788E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_CLOSE [BAA788E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_READ [BAA788E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_WRITE [BAA788E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_QUERY_INFORMATION [BAA788E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_SET_INFORMATION [BAA788E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_QUERY_EA [BAA788E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_SET_EA [BAA788E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_FLUSH_BUFFERS [BAA788E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_QUERY_VOLUME_INFORMATION [BAA788E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_SET_VOLUME_INFORMATION [BAA788E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_DIRECTORY_CONTROL [BAA788E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_FILE_SYSTEM_CONTROL [BAA788E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_DEVICE_CONTROL [BAA788E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_INTERNAL_DEVICE_CONTROL [BAA782C0] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_SHUTDOWN [BAA788E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_LOCK_CONTROL [BAA788E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_CLEANUP [BAA788E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_CREATE_MAILSLOT [BAA788E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_QUERY_SECURITY [BAA788E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_SET_SECURITY [BAA788E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_POWER [BAA788E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_SYSTEM_CONTROL [BAA788E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_DEVICE_CHANGE [BAA788E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_QUERY_QUOTA [BAA788E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_SET_QUOTA [BAA788E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_CREATE [BAA788E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_CREATE_NAMED_PIPE [BAA788E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_CLOSE [BAA788E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_READ [BAA788E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_WRITE [BAA788E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_QUERY_INFORMATION [BAA788E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_SET_INFORMATION [BAA788E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_QUERY_EA [BAA788E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_SET_EA [BAA788E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_FLUSH_BUFFERS [BAA788E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_QUERY_VOLUME_INFORMATION [BAA788E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_SET_VOLUME_INFORMATION [BAA788E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_DIRECTORY_CONTROL [BAA788E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_FILE_SYSTEM_CONTROL [BAA788E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_DEVICE_CONTROL [BAA788E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_INTERNAL_DEVICE_CONTROL [BAA782C0] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_SHUTDOWN [BAA788E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_LOCK_CONTROL [BAA788E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_CLEANUP [BAA788E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_CREATE_MAILSLOT [BAA788E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_QUERY_SECURITY [BAA788E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_SET_SECURITY [BAA788E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_POWER [BAA788E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_SYSTEM_CONTROL [BAA788E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_DEVICE_CHANGE [BAA788E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_QUERY_QUOTA [BAA788E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_SET_QUOTA [BAA788E6] aswTdi.SYS

Device \Driver\usbuhci \Device\USBFDO-0 IRP_MJ_CREATE 899CB1E8
Device \Driver\usbuhci \Device\USBFDO-0 IRP_MJ_CLOSE 899CB1E8
Device \Driver\usbuhci \Device\USBFDO-0 IRP_MJ_DEVICE_CONTROL 899CB1E8
Device \Driver\usbuhci \Device\USBFDO-0 IRP_MJ_INTERNAL_DEVICE_CONTROL 899CB1E8
Device \Driver\usbuhci \Device\USBFDO-0 IRP_MJ_POWER 899CB1E8
Device \Driver\usbuhci \Device\USBFDO-0 IRP_MJ_SYSTEM_CONTROL 899CB1E8
Device \Driver\usbuhci \Device\USBFDO-0 IRP_MJ_PNP 899CB1E8
Device \Driver\usbuhci \Device\USBFDO-1 IRP_MJ_CREATE 899CB1E8
Device \Driver\usbuhci \Device\USBFDO-1 IRP_MJ_CLOSE 899CB1E8
Device \Driver\usbuhci \Device\USBFDO-1 IRP_MJ_DEVICE_CONTROL 899CB1E8
Device \Driver\usbuhci \Device\USBFDO-1 IRP_MJ_INTERNAL_DEVICE_CONTROL 899CB1E8
Device \Driver\usbuhci \Device\USBFDO-1 IRP_MJ_POWER 899CB1E8
Device \Driver\usbuhci \Device\USBFDO-1 IRP_MJ_SYSTEM_CONTROL 899CB1E8
Device \Driver\usbuhci \Device\USBFDO-1 IRP_MJ_PNP 899CB1E8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_CREATE 88A141E8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_CREATE_NAMED_PIPE 88A141E8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_CLOSE 88A141E8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_READ 88A141E8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_WRITE 88A141E8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_QUERY_INFORMATION 88A141E8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_SET_INFORMATION 88A141E8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_QUERY_EA 88A141E8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_SET_EA 88A141E8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_FLUSH_BUFFERS 88A141E8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_QUERY_VOLUME_INFORMATION 88A141E8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_SET_VOLUME_INFORMATION 88A141E8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_DIRECTORY_CONTROL 88A141E8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_FILE_SYSTEM_CONTROL 88A141E8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_DEVICE_CONTROL 88A141E8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_INTERNAL_DEVICE_CONTROL 88A141E8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_SHUTDOWN 88A141E8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_LOCK_CONTROL 88A141E8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_CLEANUP 88A141E8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_CREATE_MAILSLOT 88A141E8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_QUERY_SECURITY 88A141E8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_SET_SECURITY 88A141E8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_POWER 88A141E8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_SYSTEM_CONTROL 88A141E8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_DEVICE_CHANGE 88A141E8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_QUERY_QUOTA 88A141E8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_SET_QUOTA 88A141E8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_PNP 88A141E8
Device \Driver\usbuhci \Device\USBFDO-2 IRP_MJ_CREATE 899CB1E8
Device \Driver\usbuhci \Device\USBFDO-2 IRP_MJ_CLOSE 899CB1E8
Device \Driver\usbuhci \Device\USBFDO-2 IRP_MJ_DEVICE_CONTROL 899CB1E8
Device \Driver\usbuhci \Device\USBFDO-2 IRP_MJ_INTERNAL_DEVICE_CONTROL 899CB1E8
Device \Driver\usbuhci \Device\USBFDO-2 IRP_MJ_POWER 899CB1E8
Device \Driver\usbuhci \Device\USBFDO-2 IRP_MJ_SYSTEM_CONTROL 899CB1E8
Device \Driver\usbuhci \Device\USBFDO-2 IRP_MJ_PNP 899CB1E8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_CREATE 88A141E8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_CREATE_NAMED_PIPE 88A141E8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_CLOSE 88A141E8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_READ 88A141E8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_WRITE 88A141E8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_QUERY_INFORMATION 88A141E8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_SET_INFORMATION 88A141E8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_QUERY_EA 88A141E8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_SET_EA 88A141E8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_FLUSH_BUFFERS 88A141E8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_QUERY_VOLUME_INFORMATION 88A141E8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_SET_VOLUME_I
18 Octobre 2007 22:34:31

Re,

Relance Lop S&D
Exécute cette fois-ci l’option S.
Poste le rapport généré en fin d’analyse.
Le rapport se trouve aussi ici : C:\Lopr.txt

( Si le Bureau ne réapparait pas presse Ctrl + Alt + Suppr , Onglet Fichier , tape explorer et valide )


+++++++++++++++


Télécharge Navilog

Enregistre-le sur ton Bureau.
Installe-le en double cliquant sur navilog.exe.
Une fois l'installation terminée, l'utilitaire s'exécutera automatiquement.
(Si ce n'est pas le cas, double clique sur le raccourci présent sur le Bureau)

Laisse-toi guider par l'utilitaire. Choisis l'option 1 puis valide.
! N'utilise pas l'option 2,3 et 4 sans notre accord !
Patiente jusqu'à l'apparition de ce message :
"*** Analyse Termine le ..... ***"
Appuie sur une touche comme demandé. Le Bloc-notes va s'ouvrir. Poste le rapport ici.

Le rapport se trouve ici :C:\fixnavi.txt
18 Octobre 2007 22:34:45


IRP_MJ_SET_VOLUME_INFORMATION 88A141E8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_DIRECTORY_CONTROL 88A141E8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_FILE_SYSTEM_CONTROL 88A141E8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_DEVICE_CONTROL 88A141E8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_INTERNAL_DEVICE_CONTROL 88A141E8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_SHUTDOWN 88A141E8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_LOCK_CONTROL 88A141E8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_CLEANUP 88A141E8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_CREATE_MAILSLOT 88A141E8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_QUERY_SECURITY 88A141E8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_SET_SECURITY 88A141E8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_POWER 88A141E8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_SYSTEM_CONTROL 88A141E8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_DEVICE_CHANGE 88A141E8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_QUERY_QUOTA 88A141E8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_SET_QUOTA 88A141E8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_PNP 88A141E8
Device \Driver\usbuhci \Device\USBFDO-3 IRP_MJ_CREATE 899CB1E8
Device \Driver\usbuhci \Device\USBFDO-3 IRP_MJ_CLOSE 899CB1E8
Device \Driver\usbuhci \Device\USBFDO-3 IRP_MJ_DEVICE_CONTROL 899CB1E8
Device \Driver\usbuhci \Device\USBFDO-3 IRP_MJ_INTERNAL_DEVICE_CONTROL 899CB1E8
Device \Driver\usbuhci \Device\USBFDO-3 IRP_MJ_POWER 899CB1E8
Device \Driver\usbuhci \Device\USBFDO-3 IRP_MJ_SYSTEM_CONTROL 899CB1E8
Device \Driver\usbuhci \Device\USBFDO-3 IRP_MJ_PNP 899CB1E8
Device \Driver\usbehci \Device\USBFDO-4 IRP_MJ_CREATE 8999E600
Device \Driver\usbehci \Device\USBFDO-4 IRP_MJ_CLOSE 8999E600
Device \Driver\usbehci \Device\USBFDO-4 IRP_MJ_DEVICE_CONTROL 8999E600
Device \Driver\usbehci \Device\USBFDO-4 IRP_MJ_INTERNAL_DEVICE_CONTROL 8999E600
Device \Driver\usbehci \Device\USBFDO-4 IRP_MJ_POWER 8999E600
Device \Driver\usbehci \Device\USBFDO-4 IRP_MJ_SYSTEM_CONTROL 8999E600
Device \Driver\usbehci \Device\USBFDO-4 IRP_MJ_PNP 8999E600
Device \Driver\Ftdisk \Device\FtControl IRP_MJ_CREATE 89DDB1E8
Device \Driver\Ftdisk \Device\FtControl IRP_MJ_READ 89DDB1E8
Device \Driver\Ftdisk \Device\FtControl IRP_MJ_WRITE 89DDB1E8
Device \Driver\Ftdisk \Device\FtControl IRP_MJ_FLUSH_BUFFERS 89DDB1E8
Device \Driver\Ftdisk \Device\FtControl IRP_MJ_DEVICE_CONTROL 89DDB1E8
Device \Driver\Ftdisk \Device\FtControl IRP_MJ_INTERNAL_DEVICE_CONTROL 89DDB1E8
Device \Driver\Ftdisk \Device\FtControl IRP_MJ_SHUTDOWN 89DDB1E8
Device \Driver\Ftdisk \Device\FtControl IRP_MJ_CLEANUP 89DDB1E8
Device \Driver\Ftdisk \Device\FtControl IRP_MJ_POWER 89DDB1E8
Device \Driver\Ftdisk \Device\FtControl IRP_MJ_SYSTEM_CONTROL 89DDB1E8
Device \Driver\Ftdisk \Device\FtControl IRP_MJ_PNP 89DDB1E8
Device \Driver\aw0ps3nq \Device\Scsi\aw0ps3nq1 IRP_MJ_CREATE 8993C5B0
Device \Driver\aw0ps3nq \Device\Scsi\aw0ps3nq1 IRP_MJ_CLOSE 8993C5B0
Device \Driver\aw0ps3nq \Device\Scsi\aw0ps3nq1 IRP_MJ_DEVICE_CONTROL 8993C5B0
Device \Driver\aw0ps3nq \Device\Scsi\aw0ps3nq1 IRP_MJ_INTERNAL_DEVICE_CONTROL 8993C5B0
Device \Driver\aw0ps3nq \Device\Scsi\aw0ps3nq1 IRP_MJ_POWER 8993C5B0
Device \Driver\aw0ps3nq \Device\Scsi\aw0ps3nq1 IRP_MJ_SYSTEM_CONTROL 8993C5B0
Device \Driver\aw0ps3nq \Device\Scsi\aw0ps3nq1 IRP_MJ_PNP 8993C5B0
Device \Driver\aw0ps3nq \Device\Scsi\aw0ps3nq1Port2Path0Target0Lun0 IRP_MJ_CREATE 8993C5B0
Device \Driver\aw0ps3nq \Device\Scsi\aw0ps3nq1Port2Path0Target0Lun0 IRP_MJ_CLOSE 8993C5B0
Device \Driver\aw0ps3nq \Device\Scsi\aw0ps3nq1Port2Path0Target0Lun0 IRP_MJ_DEVICE_CONTROL 8993C5B0
Device \Driver\aw0ps3nq \Device\Scsi\aw0ps3nq1Port2Path0Target0Lun0 IRP_MJ_INTERNAL_DEVICE_CONTROL 8993C5B0
Device \Driver\aw0ps3nq \Device\Scsi\aw0ps3nq1Port2Path0Target0Lun0 IRP_MJ_POWER 8993C5B0
Device \Driver\aw0ps3nq \Device\Scsi\aw0ps3nq1Port2Path0Target0Lun0 IRP_MJ_SYSTEM_CONTROL 8993C5B0
Device \Driver\aw0ps3nq \Device\Scsi\aw0ps3nq1Port2Path0Target0Lun0 IRP_MJ_PNP 8993C5B0
Device \FileSystem\Fastfat \Fat IRP_MJ_CREATE 89DD91E8
Device \FileSystem\Fastfat \Fat IRP_MJ_CLOSE 89DD91E8
Device \FileSystem\Fastfat \Fat IRP_MJ_READ 89DD91E8
Device \FileSystem\Fastfat \Fat IRP_MJ_WRITE 89DD91E8
Device \FileSystem\Fastfat \Fat IRP_MJ_QUERY_INFORMATION 89DD91E8
Device \FileSystem\Fastfat \Fat IRP_MJ_SET_INFORMATION 89DD91E8
Device \FileSystem\Fastfat \Fat IRP_MJ_QUERY_EA 89DD91E8
Device \FileSystem\Fastfat \Fat IRP_MJ_SET_EA 89DD91E8
Device \FileSystem\Fastfat \Fat IRP_MJ_FLUSH_BUFFERS 89DD91E8
Device \FileSystem\Fastfat \Fat IRP_MJ_QUERY_VOLUME_INFORMATION 89DD91E8
Device \FileSystem\Fastfat \Fat IRP_MJ_SET_VOLUME_INFORMATION 89DD91E8
Device \FileSystem\Fastfat \Fat IRP_MJ_DIRECTORY_CONTROL 89DD91E8
Device \FileSystem\Fastfat \Fat IRP_MJ_FILE_SYSTEM_CONTROL 89DD91E8
Device \FileSystem\Fastfat \Fat IRP_MJ_DEVICE_CONTROL 89DD91E8
Device \FileSystem\Fastfat \Fat IRP_MJ_SHUTDOWN 89DD91E8
Device \FileSystem\Fastfat \Fat IRP_MJ_LOCK_CONTROL 89DD91E8
Device \FileSystem\Fastfat \Fat IRP_MJ_CLEANUP 89DD91E8
Device \FileSystem\Fastfat \Fat IRP_MJ_PNP 89DD91E8

AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_CREATE [B5043812] aswMon2.SYS
AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_CREATE_NAMED_PIPE [B5043812] aswMon2.SYS
AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_CLOSE [B5043812] aswMon2.SYS
AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_READ [B5043812] aswMon2.SYS
AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_WRITE [B5043812] aswMon2.SYS
AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_QUERY_INFORMATION [B5043812] aswMon2.SYS
AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_SET_INFORMATION [B5043812] aswMon2.SYS
AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_QUERY_EA [B5043812] aswMon2.SYS
AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_SET_EA [B5043812] aswMon2.SYS
AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_FLUSH_BUFFERS [B5043812] aswMon2.SYS
AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_QUERY_VOLUME_INFORMATION [B5043812] aswMon2.SYS
AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_SET_VOLUME_INFORMATION [B5043812] aswMon2.SYS
AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_DIRECTORY_CONTROL [B5043812] aswMon2.SYS
AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_FILE_SYSTEM_CONTROL [B5044F76] aswMon2.SYS
AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_DEVICE_CONTROL [B5043812] aswMon2.SYS
AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_INTERNAL_DEVICE_CONTROL [B5043812] aswMon2.SYS
AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_SHUTDOWN [B5043812] aswMon2.SYS
AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_LOCK_CONTROL [B5043812] aswMon2.SYS
AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_CLEANUP [B5043812] aswMon2.SYS
AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_CREATE_MAILSLOT [B5043812] aswMon2.SYS
AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_QUERY_SECURITY [B5043812] aswMon2.SYS
AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_SET_SECURITY [B5043812] aswMon2.SYS
AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_POWER [B5043812] aswMon2.SYS
AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_SYSTEM_CONTROL [B5043812] aswMon2.SYS
AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_DEVICE_CHANGE [B5043812] aswMon2.SYS
AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_QUERY_QUOTA [B5043812] aswMon2.SYS
AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_SET_QUOTA [B5043812] aswMon2.SYS

Device \FileSystem\Cdfs \Cdfs IRP_MJ_CREATE 89BE91E8
Device \FileSystem\Cdfs \Cdfs IRP_MJ_CLOSE 89BE91E8
Device \FileSystem\Cdfs \Cdfs IRP_MJ_READ 89BE91E8
Device \FileSystem\Cdfs \Cdfs IRP_MJ_QUERY_INFORMATION 89BE91E8
Device \FileSystem\Cdfs \Cdfs IRP_MJ_SET_INFORMATION 89BE91E8
Device \FileSystem\Cdfs \Cdfs IRP_MJ_QUERY_VOLUME_INFORMATION 89BE91E8
Device \FileSystem\Cdfs \Cdfs IRP_MJ_DIRECTORY_CONTROL 89BE91E8
Device \FileSystem\Cdfs \Cdfs IRP_MJ_FILE_SYSTEM_CONTROL 89BE91E8
Device \FileSystem\Cdfs \Cdfs IRP_MJ_DEVICE_CONTROL 89BE91E8
Device \FileSystem\Cdfs \Cdfs IRP_MJ_SHUTDOWN 89BE91E8
Device \FileSystem\Cdfs \Cdfs IRP_MJ_LOCK_CONTROL 89BE91E8
Device \FileSystem\Cdfs \Cdfs IRP_MJ_CLEANUP 89BE91E8
Device \FileSystem\Cdfs \Cdfs IRP_MJ_PNP 89BE91E8

---- EOF - GMER 1.0.13 ----
18 Octobre 2007 22:37:10


------------------------------[ Lop S&D 1.3 ]----------------------------

Version : Microsoft Windows XP [version 5.1.2600] [ OS : Windows_NT ]

Lancé depuis : "C:\Documents and Settings\Moi\Bureau\LopSD\Lop S&D"

Rapport créé Le 18/10/2007 à 22:36:09,53 PC : VINCE

! Faire analyser le rapport par un Helper avant intervention !

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION ///////////////////////////////

Supprimé - C:\WINDOWS\Prefetch\WINWORD.EXE-15ED065E.pf
Supprimé - C:\WINDOWS\Prefetch\DFRGFAT.EXE-22605FE5.pf
Supprimé - C:\WINDOWS\Prefetch\HELPSVC.EXE-1C192440.pf
Supprimé - C:\WINDOWS\Prefetch\WMIPRVSE.EXE-0D449B4F.pf
Supprimé - C:\WINDOWS\Prefetch\ALCMTR.EXE-01A7139B.pf
Supprimé - C:\WINDOWS\Prefetch\SNDVOL32.EXE-0EC6FD20.pf
Supprimé - C:\WINDOWS\Prefetch\LOGON.SCR-24ADF392.pf
Supprimé - C:\WINDOWS\Prefetch\ACRORD32.EXE-1CE22EA3.pf
Supprimé - C:\WINDOWS\Prefetch\CASINO.EXE-17445361.pf
Supprimé - C:\WINDOWS\Prefetch\EHTRAY.EXE-337AC592.pf
Supprimé - C:\WINDOWS\Prefetch\FIREFOX.EXE-06188867.pf
Supprimé - C:\WINDOWS\Prefetch\EHMSAS.EXE-1E4CE886.pf
Supprimé - C:\WINDOWS\Prefetch\LOGONUI.EXE-312BE1BF.pf
Supprimé - C:\WINDOWS\Prefetch\ASGHOST.EXE-02F40964.pf
Supprimé - C:\WINDOWS\Prefetch\POWERFORPHONE.EXE-22AC9332.pf
Supprimé - C:\WINDOWS\Prefetch\WGATRAY.EXE-350D4455.pf
Supprimé - C:\WINDOWS\Prefetch\RUNDLL32.EXE-6ACD0C83.pf
Supprimé - C:\WINDOWS\Prefetch\NWIZ.EXE-2D374245.pf
Supprimé - C:\WINDOWS\Prefetch\AVAST.SETUP-295443AF.pf
Supprimé - C:\WINDOWS\Prefetch\SETUP.OVR-1ABDA79A.pf
Supprimé - C:\WINDOWS\Prefetch\WUAUCLT.EXE-1360D60A.pf
Supprimé - C:\WINDOWS\Prefetch\EHREC.EXE-2365F918.pf
Supprimé - C:\WINDOWS\Prefetch\TOSBTPROC.EXE-149F607A.pf
Supprimé - C:\WINDOWS\Prefetch\WLLOGINPROXY.EXE-090074F0.pf
Supprimé - C:\WINDOWS\Prefetch\SKYTEL.EXE-15B3DBDE.pf
Supprimé - C:\WINDOWS\Prefetch\USERINIT.EXE-0743FDA9.pf
Supprimé - C:\WINDOWS\Prefetch\IEXPLORE.EXE-2D97EBE6.pf
Supprimé - C:\WINDOWS\Prefetch\EXPLORER.EXE-02121B1A.pf
Supprimé - C:\WINDOWS\Prefetch\RUNDLL32.EXE-6C108BAF.pf
Supprimé - C:\WINDOWS\Prefetch\HCONTROL.EXE-27D377E4.pf
Supprimé - C:\WINDOWS\Prefetch\ALU.EXE-2C2D4C95.pf
Supprimé - C:\WINDOWS\Prefetch\MSNMSGR.EXE-3744B6D8.pf
Supprimé - C:\WINDOWS\Prefetch\ACMON.EXE-33F9B875.pf
Supprimé - C:\WINDOWS\Prefetch\SYNTPENH.EXE-2B70B91C.pf
Supprimé - C:\WINDOWS\Prefetch\ADOBEUPDATEMANAGER.EXE-0075C43E.pf
Supprimé - C:\WINDOWS\Prefetch\ATKOSD.EXE-283F7FA7.pf
Supprimé - C:\WINDOWS\Prefetch\ZCFGSVC.EXE-3A532485.pf
Supprimé - C:\WINDOWS\Prefetch\IFRMEWRK.EXE-02DE6F7E.pf
Supprimé - C:\WINDOWS\Prefetch\SKYPE.EXE-2EAF99A0.pf
Supprimé - C:\WINDOWS\Prefetch\DOT1XCFG.EXE-007A59B8.pf
Supprimé - C:\WINDOWS\Prefetch\IPODSERVICE.EXE-37043579.pf
Supprimé - C:\WINDOWS\Prefetch\BTWLANDP.EXE-2C3F2F8D.pf
Supprimé - C:\WINDOWS\Prefetch\TEXASCALC.EXE-379D94F5.pf
Supprimé - C:\WINDOWS\Prefetch\DAEMON.EXE-3B58F055.pf
Supprimé - C:\WINDOWS\Prefetch\RUNDLL32.EXE-41C4C933.pf
Supprimé - C:\WINDOWS\Prefetch\WINAMP.EXE-22223556.pf
Supprimé - C:\WINDOWS\Prefetch\SM56HLPR.EXE-04841EE3.pf
Supprimé - C:\WINDOWS\Prefetch\TOSOBEX.EXE-390888A4.pf
Supprimé - C:\WINDOWS\Prefetch\WCOURIER.EXE-17A9A216.pf
Supprimé - C:\WINDOWS\Prefetch\ASHDISP.EXE-310C231B.pf
Supprimé - C:\WINDOWS\Prefetch\RUNDLL32.EXE-5469015F.pf
Supprimé - C:\WINDOWS\Prefetch\RTHDCPL.EXE-005A6E31.pf
Supprimé - C:\WINDOWS\Prefetch\QTTASK.EXE-1876A1A1.pf
Supprimé - C:\WINDOWS\Prefetch\ACRORD32INFO.EXE-10255AA7.pf
Supprimé - C:\WINDOWS\Prefetch\ITUNESHELPER.EXE-0A1B0F2C.pf
Supprimé - C:\WINDOWS\Prefetch\CTFMON.EXE-05E57A5E.pf
Supprimé - C:\WINDOWS\Prefetch\TOSBTHSP.EXE-0BBCDF76.pf
Supprimé - C:\WINDOWS\Prefetch\RUNDLL32.EXE-6E8D4657.pf
Supprimé - C:\WINDOWS\Prefetch\DW20.EXE-31F7F56F.pf
Supprimé - C:\WINDOWS\Prefetch\OFFDIAG.EXE-1DE00EB2.pf
Supprimé - C:\WINDOWS\Prefetch\RUNDLL32.EXE-6471536F.pf
Supprimé - C:\WINDOWS\Prefetch\RUNDLL32.EXE-3FF8D876.pf
Supprimé - C:\WINDOWS\Prefetch\POKER.EXE-1340AF3B.pf
Supprimé - C:\WINDOWS\Prefetch\UPDATE.EXE-37B63430.pf
Supprimé - C:\WINDOWS\Prefetch\OUTLOOK.EXE-326CF986.pf
Supprimé - C:\WINDOWS\Prefetch\MULTIFRAME.EXE-044B7F25.pf
Supprimé - C:\WINDOWS\Prefetch\RUNDLL32.EXE-41FB74E5.pf
Supprimé - C:\WINDOWS\Prefetch\RUNDLL32.EXE-69BEEE70.pf
Supprimé - C:\WINDOWS\Prefetch\IS-OAEBI.TMP-301BBF53.pf
Supprimé - C:\WINDOWS\Prefetch\TEXASCALCSETUP.EXE-1D3B0BC4.pf
Supprimé - C:\WINDOWS\Prefetch\UTORRENT.EXE-37B6FE2A.pf
Supprimé - C:\WINDOWS\Prefetch\CMD.EXE-034B0549.pf
Supprimé - C:\WINDOWS\Prefetch\DEFRAG.EXE-2858C7E2.pf
Supprimé - C:\WINDOWS\Prefetch\TEXAS_CALCULATEM_V4.01.0023_B-2B3A0CC5.pf
Supprimé - C:\WINDOWS\Prefetch\CRACK.EXE-1293A470.pf
Supprimé - C:\WINDOWS\Prefetch\BMXKSX.EXE-27DF84F7.pf
Supprimé - C:\WINDOWS\Prefetch\BX18DXV.DAT-00CEAF31.pf
Supprimé - C:\WINDOWS\Prefetch\REGSVR32.EXE-396DEA2C.pf
Supprimé - C:\WINDOWS\Prefetch\EDI.EXE-0D7D2372.pf
Supprimé - C:\WINDOWS\Prefetch\NMCUNINSTALL.EXE-1BF8706C.pf
Supprimé - C:\WINDOWS\Prefetch\SW_INS.EXE-1C5E0579.pf
Supprimé - C:\WINDOWS\Prefetch\ASHLOGV.EXE-1BE54756.pf
Supprimé - C:\WINDOWS\Prefetch\CLEANMGR.EXE-31B430FE.pf
Supprimé - C:\WINDOWS\Prefetch\AD-AWARE.EXE-1853B83A.pf
Supprimé - C:\WINDOWS\Prefetch\ASHAVAST.EXE-1EA93A67.pf
Supprimé - C:\WINDOWS\Prefetch\ASHSIMPL.EXE-20AB57BA.pf
Supprimé - C:\WINDOWS\Prefetch\DMEDIA.EXE-0002C3C0.pf
Supprimé - C:\WINDOWS\Prefetch\BATTERYLIFE.EXE-09B13A23.pf
Supprimé - C:\WINDOWS\Prefetch\ACENGSVR.EXE-1BD20C1E.pf
Supprimé - C:\WINDOWS\Prefetch\JUSCHED.EXE-2C643E17.pf
Supprimé - C:\WINDOWS\Prefetch\PWRISOVM.EXE-3B5E032A.pf
Supprimé - C:\WINDOWS\Prefetch\LIVEUPDT.EXE-046FB5E1.pf
Supprimé - C:\WINDOWS\Prefetch\CSCRIPT.EXE-0A13A05C.pf
Supprimé - C:\WINDOWS\Prefetch\WINAMPA.EXE-15BD1ED5.pf
Supprimé - C:\WINDOWS\Prefetch\RUNDLL32.EXE-4EE39BB6.pf
Supprimé - C:\WINDOWS\Prefetch\NEROCHECK.EXE-30941580.pf
Supprimé - C:\WINDOWS\Prefetch\PDVDSERV.EXE-0B0AEB20.pf
Supprimé - C:\WINDOWS\Prefetch\RUNDLL32.EXE-70A2A6FF.pf
Supprimé - C:\WINDOWS\Prefetch\WINRAR.EXE-0AA31BB9.pf
Supprimé - C:\WINDOWS\Prefetch\CHCP.COM-17EDBDC9.pf
Supprimé - C:\WINDOWS\Prefetch\SWREG.EXE-26F9D764.pf
Supprimé - C:\WINDOWS\Prefetch\FINDSTR.EXE-1A4FC238.pf
Supprimé - C:\WINDOWS\Prefetch\SWREG.EXE-056B1DD2.pf
Supprimé - C:\WINDOWS\Prefetch\FIND.EXE-0EEAD1A7.pf
Supprimé - C:\WINDOWS\Prefetch\REG.EXE-07FA5B3F.pf
Supprimé - C:\WINDOWS\Prefetch\SORT.EXE-19728AC5.pf
Supprimé - C:\WINDOWS\Prefetch\NOTEPAD.EXE-2F2D61E1.pf
Supprimé - C:\WINDOWS\Prefetch\CCSETUP201.EXE-2855E043.pf
Supprimé - C:\WINDOWS\Prefetch\GLJ1E5.TMP-37080754.pf
Supprimé - C:\WINDOWS\Prefetch\GLB1E3.TMP-2DFD0EC7.pf
Supprimé - C:\WINDOWS\Prefetch\YCOMP_~1.EXE-0069499B.pf
Supprimé - C:\WINDOWS\Prefetch\GLB1DC.TMP-1050B671.pf
Supprimé - C:\WINDOWS\Prefetch\YTB3.EXE-1F927DBA.pf
Supprimé - C:\WINDOWS\Prefetch\CCLEANER.EXE-09CFC2BC.pf
Supprimé - C:\WINDOWS\Prefetch\RUNDLL32.EXE-5560CAC5.pf
Supprimé - C:\WINDOWS\Prefetch\BFU.EXE-1DF5CB94.pf
Supprimé - C:\WINDOWS\Prefetch\AT.EXE-02A43BFA.pf
Supprimé - C:\WINDOWS\Prefetch\LOOK2ME-DESTROYER.EXE-04749DE1.pf
Supprimé - C:\WINDOWS\Prefetch\REGEDIT.EXE-2AE3423E.pf
Supprimé - C:\WINDOWS\Prefetch\NTOSBOOT-B00DFAAD.pf
Supprimé - C:\WINDOWS\Prefetch\Layout.ini
Supprimé - C:\WINDOWS\Prefetch\VERCLSID.EXE-28F52AD2.pf
Supprimé - C:\WINDOWS\Prefetch\NET4SWITCH.EXE-0BC41403.pf
Supprimé - C:\WINDOWS\Prefetch\TOSBTMNG.EXE-02925DC5.pf
Supprimé - C:\WINDOWS\Prefetch\TOSA2DP.EXE-2F2EC385.pf
Supprimé - C:\WINDOWS\Prefetch\TOSBTHID.EXE-14CF6E59.pf
Supprimé - C:\WINDOWS\Prefetch\RUNDLL32.EXE-54023F1C.pf
Supprimé - C:\WINDOWS\Prefetch\RUNDLL32.EXE-57C8756E.pf
Supprimé - C:\WINDOWS\Prefetch\IMAPI.EXE-201490BB.pf
Supprimé - C:\WINDOWS\Prefetch\READER_SL.EXE-2FCCA463.pf

\\\\\\\\\\\\\\\\\\\\\\\\\\\ DEUXIEME PASSAGE ///////////////////////////

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Copié ! - [HKLM\Software\Microsoft\Windows\CurrentVersion\Run]
Copié ! - [HKCU\Software\Microsoft\Windows\CurrentVersion\Run]

//////////////////////////////////////-\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\

-------------[ Listing des Dossiers dans Application Data ]-------------

C:\Documents and settings\Default User\Application Data\Intel
C:\Documents and settings\Default User\Application Data\Symantec
C:\Documents and settings\Default User\Application Data\Skype
C:\Documents and settings\Default User\Application Data\Identities
C:\Documents and settings\Default User\Application Data\desktop.ini
C:\Documents and settings\Default User\Application Data\Microsoft

C:\Documents and settings\All Users\Application Data\TEMP
C:\Documents and settings\All Users\Application Data\Yahoo! Companion
C:\Documents and settings\All Users\Application Data\Age of Empires 3
C:\Documents and settings\All Users\Application Data\Apple Computer
C:\Documents and settings\All Users\Application Data\Google
C:\Documents and settings\All Users\Application Data\Microsoft Help
C:\Documents and settings\All Users\Application Data\Trymedia
C:\Documents and settings\All Users\Application Data\Adobe
C:\Documents and settings\All Users\Application Data\Spybot - Search & Destroy
C:\Documents and settings\All Users\Application Data\POPWWPROFILES
C:\Documents and settings\All Users\Application Data\Windows Genuine Advantage
C:\Documents and settings\All Users\Application Data\nView_Profiles
C:\Documents and settings\All Users\Application Data\CyberLink
C:\Documents and settings\All Users\Application Data\Intel
C:\Documents and settings\All Users\Application Data\Symantec
C:\Documents and settings\All Users\Application Data\Skype
C:\Documents and settings\All Users\Application Data\desktop.ini
C:\Documents and settings\All Users\Application Data\Microsoft

C:\Documents and settings\NetworkService\Application Data\Intel
C:\Documents and settings\NetworkService\Application Data\Microsoft

C:\Documents and settings\LocalService\Application Data\Intel
C:\Documents and settings\LocalService\Application Data\Microsoft

C:\Documents and settings\Administrateur\Application Data\Intel
C:\Documents and settings\Administrateur\Application Data\Symantec
C:\Documents and settings\Administrateur\Application Data\Skype
C:\Documents and settings\Administrateur\Application Data\Identities
C:\Documents and settings\Administrateur\Application Data\desktop.ini
C:\Documents and settings\Administrateur\Application Data\Microsoft

C:\Documents and settings\Moi\Application Data\Simply Super Software
C:\Documents and settings\Moi\Application Data\Uniblue
C:\Documents and settings\Moi\Application Data\Lavasoft
C:\Documents and settings\Moi\Application Data\Apple Computer
C:\Documents and settings\Moi\Application Data\SecondLife
C:\Documents and settings\Moi\Application Data\uTorrent
C:\Documents and settings\Moi\Application Data\dvdcss
C:\Documents and settings\Moi\Application Data\InstallShield
C:\Documents and settings\Moi\Application Data\Sun
C:\Documents and settings\Moi\Application Data\Cyberlink
C:\Documents and settings\Moi\Application Data\U3
C:\Documents and settings\Moi\Application Data\Asus MiVo Messenger
C:\Documents and settings\Moi\Application Data\vlc
C:\Documents and settings\Moi\Application Data\La Bataille pour la Terre du Milieu
C:\Documents and settings\Moi\Application Data\Asus
C:\Documents and settings\Moi\Application Data\AdobeUM
C:\Documents and settings\Moi\Application Data\Adobe
C:\Documents and settings\Moi\Application Data\Help
C:\Documents and settings\Moi\Application Data\Talkback
C:\Documents and settings\Moi\Application Data\Mozilla
C:\Documents and settings\Moi\Application Data\ASUS Security Protect Manager
C:\Documents and settings\Moi\Application Data\Macromedia
C:\Documents and settings\Moi\Application Data\Intel
C:\Documents and settings\Moi\Application Data\Symantec
C:\Documents and settings\Moi\Application Data\Skype
C:\Documents and settings\Moi\Application Data\Identities
C:\Documents and settings\Moi\Application Data\desktop.ini
C:\Documents and settings\Moi\Application Data\Microsoft

----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]---------------

C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\SA.DAT
C:\WINDOWS\tasks\desktop.ini

---------------[ Listing des dossiers dans Program Files ]--------------

C:\Program Files\_uninstallation_info
C:\Program Files\Absolute Poker
C:\Program Files\Adobe
C:\Program Files\Ahead
C:\Program Files\Alwil Software
C:\Program Files\Apple Software Update
C:\Program Files\Asus
C:\Program Files\ASUS Security Center
C:\Program Files\ASUS_1600x1200_white
C:\Program Files\ASUSTeK
C:\Program Files\bjballroom
C:\Program Files\Brother
C:\Program Files\Brownie
C:\Program Files\CCleaner
C:\Program Files\Common Files
C:\Program Files\ComPlus Applications
C:\Program Files\ctzpmwmc
C:\Program Files\CyberLink
C:\Program Files\DAEMON Tools
C:\Program Files\DivX
C:\Program Files\Fichiers communs
C:\Program Files\Fingerprint Sensor
C:\Program Files\FLV Player
C:\Program Files\GameSpy Arcade
C:\Program Files\Google
C:\Program Files\Intel
C:\Program Files\Internet Explorer
C:\Program Files\iPod
C:\Program Files\iTunes
C:\Program Files\Java
C:\Program Files\LaLigneADSL
C:\Program Files\Lavasoft
C:\Program Files\Messager Wanadoo
C:\Program Files\Messenger
C:\Program Files\Microsoft CAPICOM 2.1.0.2
C:\Program Files\microsoft frontpage
C:\Program Files\Microsoft Games
C:\Program Files\Microsoft Office
C:\Program Files\Microsoft Visual Studio
C:\Program Files\Microsoft Works
C:\Program Files\Microsoft.NET
C:\Program Files\Motorola
C:\Program Files\Movie Maker
C:\Program Files\Mozilla Firefox
C:\Program Files\MSBuild
C:\Program Files\MSN
C:\Program Files\MSN Gaming Zone
C:\Program Files\MSN Messenger
C:\Program Files\MSXML 4.0
C:\Program Files\NetMeeting
C:\Program Files\Online Services
C:\Program Files\Outlook Express
C:\Program Files\ParadisePoker
C:\Program Files\Picasa2
C:\Program Files\PowerISO
C:\Program Files\QuickTime
C:\Program Files\Realtek
C:\Program Files\SecondLife
C:\Program Files\Services en ligne
C:\Program Files\Skype
C:\Program Files\SLD Codec Pack
C:\Program Files\SPSS Student
C:\Program Files\Spybot - Search & Destroy
C:\Program Files\Synaptics
C:\Program Files\TexasCalculatem
C:\Program Files\Toshiba
C:\Program Files\Trend Micro
C:\Program Files\TribalWeb.net
C:\Program Files\Trojan Remover
C:\Program Files\VideoLAN
C:\Program Files\Wanadoo
C:\Program Files\Winamp
C:\Program Files\Windows Live Safety Center
C:\Program Files\Windows Media Player
C:\Program Files\Windows NT
C:\Program Files\Windows Plus
C:\Program Files\WinRAR
C:\Program Files\Wireless Console 2
C:\Program Files\xerox
C:\Program Files\Yahoo!

------[ Listing des dossiers dans Program Files\Fichiers Communs ]------

C:\program files\fichiers communs\Adobe
C:\program files\fichiers communs\Ahead
C:\program files\fichiers communs\DESIGNER
C:\program files\fichiers communs\InstallShield
C:\program files\fichiers communs\Java
C:\program files\fichiers communs\Microsoft Shared
C:\program files\fichiers communs\MSSoap
C:\program files\fichiers communs\ODBC
C:\program files\fichiers communs\Services
C:\program files\fichiers communs\SpeechEngines
C:\program files\fichiers communs\SWF Studio
C:\program files\fichiers communs\System

----------------------[ Recherche dans le Registre ]----------------------

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]

"hcxqhono"="regsvr32 /u \"C:\\Documents and Settings\\All Users\\Application Data\\hcxqhono.dll\""

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]


-----------------[ Recherche de Fichiers - Dossiers Lop ]-----------------

Aucun dossier Lop trouvé !

--------------------[ Vérification du fichier Hosts ]---------------------

Fichier Hosts : Propre

--------------[ Recherche de fichiers cachés avec Catchme ]---------------

catchme 0.3.1066 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-10-18 22:36:17
Windows 5.1.2600 Service Pack 2 FAT NTAPI
scanning hidden processes ...
scanning hidden services ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0

--------------------[ Recherche d'autres infections ]---------------------

C:\WINDOWS\pack.epk
! EGDACCESS Possible !


--------------------[ Fin du rapport à 22:36:34,20 ]----------------------

18 Octobre 2007 22:40:19

Search Navipromo version 3.3.0 commencé le 18/10/2007 à 22:39:41,90

!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
!!! Postez ce rapport sur le forum pour le faire analyser !!!
!!! Ne lancez pas la partie désinfection sans l'avis d'un spécialiste !!!

Outil exécuté depuis C:\Program Files\navilog1
Mise à jour le 17.10.2007 à 20h00 par IL-MAFIOSO


Microsoft Windows XP [version 5.1.2600]
Internet Explorer : 7.0.5730.11


*** Recherche Programmes installés ***




*** Recherche dossiers dans C:\WINDOWS ***



*** Recherche dossiers dans C:\Program Files ***



*** Recherche dossiers dans C:\Documents and Settings\All Users\Application Data ***




*** Recherche dossiers dans C:\Documents and Settings\Moi\Application Data ***


*** Recherche dossiers dans C:\DOCUME~1\ALLUSE~1\MENUDÉ~1\PROGRA~1 ***


*** Recherche avec Catchme-rootkit/stealth malware detector par gmer ***
pour + d'infos : http://www.gmer.net

Aucun fichier trouvé dans :

- C:\WINDOWS\system32
- C:\DOCUME~1\MOI\LOCALS~1\APPLIC~1



*** Recherche avec GenericNaviSearch ***
!!! Tous ces résultats peuvent révéler des fichiers légitimes !!!
!!! A vérifier impérativement avant toute suppression manuelle !!!

* Recherche dans C:\WINDOWS\system32 *

* Recherche dans C:\DOCUME~1\MOI\LOCALS~1\APPLIC~1 *



*** Recherche fichiers ***


C:\WINDOWS\pack.epk trouvé !


*** Recherche clés spécifiques dans le Registre ***


*** Module de Recherche complémentaire ***
(Recherche fichiers spécifiques)

1)Recherche fichiers connus:

2)Recherche Heuristique :



3)Recherche Certificats :

Certificat Egroup absent !


*** Analyse terminée le 18/10/2007 à 22:39:58,09 ***
18 Octobre 2007 22:53:05

il est si infecte que ca mon pc? vu toutes les
manipulations qu'il faut faire...
19 Octobre 2007 16:45:05

Supprime C:\WINDOWS\pack.epk
Bah ton pc est infecté.
On fait les finitions maintenant.

Télécharge sur ton bureau : Clean
Dézippe le sur ton bureau. Double-clic sur ce dossier clean.
Double-clic sur clean.cmd. Cela va ouvrir une fenêtre noire.
Un menu va apparaître, choisis l'option 1 puis entrée. Ensuite appuies sur une touche comme il te sera demandé et poste le rapport ici.
Le rapport se trouve ici : C:\rapport_clean.txt
Tuto
19 Octobre 2007 16:57:44

salut!! je trouve pas le C:\WINDOWS\pack.epk
19 Octobre 2007 16:59:30

pardon j ai trouve
19 Octobre 2007 17:01:12

19/10/2007 a 17:00:34,90

*** Recherche des fichiers dans C:

*** Recherche des fichiers dans C:\WINDOWS\

*** Recherche des fichiers dans C:\WINDOWS\system32

*** Recherche des fichiers dans C:\Program Files
*** Fin du rapport !
19 Octobre 2007 17:53:02

Re,

Fais une analyse antivirus en ligne sur Kaspersky avec Internet Explorer. (Tuto)
Autorise les active x.
Clique sur Démarrer Online Scanner.
Sélectionne le poste de travail comme analyse. Enregistres sous le rapport en format .txt.
Colle son rapport ici.

Puis reposte un Hijackthis.
19 Octobre 2007 22:24:07

-------------------------------------------------------------------------------
KASPERSKY ON-LINE SCANNER REPORT
Friday, October 19, 2007 10:21:50 PM
Système d'exploitation : Microsoft Windows XP Professional, Service Pack 2 (Build 2600)
Kaspersky On-line Scanner version : 5.0.83.0
Dernière mise à jour de la base antivirus Kaspersky : 19/10/2007
Enregistrements dans la base antivirus Kaspersky : 414195
-------------------------------------------------------------------------------

Paramètres d'analyse:
Analyser avec la base antivirus suivante: standard
Analyser les archives: vrai
Analyser les bases de messagerie: vrai

Cible de l'analyse - Poste de travail:
C:\
D:\
E:\
F:\
H:\

Statistiques de l'analyse:
Total d'objets analysés: 81410
Nombre de virus trouvés: 1
Nombre d'objets infectés: 11 / 0
Nombre d'objets suspects: 0
Durée de l'analyse: 00:54:32

Nom de l'objet infecté / Nom du virus / Dernière action
C:\WINDOWS\system32\config\system.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\software.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\default.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SECURITY L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SAM L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SAM.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SECURITY.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\Media Ce.evt L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SYSTEM L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SOFTWARE L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\DEFAULT L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\ASUS Sec.evt L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SysEvent.Evt L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\AppEvent.Evt L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SecEvent.Evt L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\Internet.evt L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\Antivirus.Evt L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\OSession.evt L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\ODiag.evt L'objet est verrouillé ignoré
C:\WINDOWS\system32\drivers\sptd.sys L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR L'objet est verrouillé ignoré
C:\WINDOWS\system32\CatRoot2\tmp.edb L'objet est verrouillé ignoré
C:\WINDOWS\system32\CatRoot2\edb.log L'objet est verrouillé ignoré
C:\WINDOWS\system32\h323log.txt L'objet est verrouillé ignoré
C:\WINDOWS\Temp\_avast4_\Webshlock.txt L'objet est verrouillé ignoré
C:\WINDOWS\Temp\Perflib_Perfdata_318.dat L'objet est verrouillé ignoré
C:\WINDOWS\Debug\PASSWD.LOG L'objet est verrouillé ignoré
C:\WINDOWS\wiaservc.log L'objet est verrouillé ignoré
C:\WINDOWS\wiadebug.log L'objet est verrouillé ignoré
C:\WINDOWS\WindowsUpdate.log L'objet est verrouillé ignoré
C:\WINDOWS\SchedLgU.Txt L'objet est verrouillé ignoré
C:\WINDOWS\Sti_Trace.log L'objet est verrouillé ignoré
C:\WINDOWS\Registration\{02D4B3F1-FD88-11D1-960D-00805FC79235}.{0F44D189-F298-4405-A893-48845D972DFE}.crmlog L'objet est verrouillé ignoré
C:\WINDOWS\ModemLog_Motorola SM56 Speakerphone Modem.txt L'objet est verrouillé ignoré
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log L'objet est verrouillé ignoré
C:\WINDOWS\ModemLog_Câble de communication entre deux ordinateurs.txt L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\eHome\logs\ehRecvr.log L'objet est verrouillé ignoré
C:\Documents and Settings\NetworkService\NTUSER.DAT L'objet est verrouillé ignoré
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré
C:\Documents and Settings\NetworkService\ntuser.dat.LOG L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\NTUSER.DAT L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\Local Settings\Historique\History.IE5\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\Cookies\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\ntuser.dat.LOG L'objet est verrouillé ignoré
C:\Documents and Settings\Moi\NTUSER.DAT L'objet est verrouillé ignoré
C:\Documents and Settings\Moi\ntuser.dat.LOG L'objet est verrouillé ignoré
C:\Documents and Settings\Moi\Local Settings\Temp\~DFE12E.tmp L'objet est verrouillé ignoré
C:\Documents and Settings\Moi\Local Settings\Temp\~DFE142.tmp L'objet est verrouillé ignoré
C:\Documents and Settings\Moi\Local Settings\Temp\~DF6BB8.tmp L'objet est verrouillé ignoré
C:\Documents and Settings\Moi\Local Settings\Temp\~DF6BEA.tmp L'objet est verrouillé ignoré
C:\Documents and Settings\Moi\Local Settings\Temp\~DFB045.tmp L'objet est verrouillé ignoré
C:\Documents and Settings\Moi\Local Settings\Temp\~DFB04D.tmp L'objet est verrouillé ignoré
C:\Documents and Settings\Moi\Local Settings\Historique\History.IE5\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\Moi\Local Settings\Historique\History.IE5\MSHist012007101920071020\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\Moi\Local Settings\Temporary Internet Files\Content.IE5\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\Moi\Local Settings\Temporary Internet Files\Content.IE5\3VH9EOLO\i-i[1].htm L'objet est verrouillé ignoré
C:\Documents and Settings\Moi\Local Settings\Temporary Internet Files\Content.IE5\3VH9EOLO\i-i[2].htm L'objet est verrouillé ignoré
C:\Documents and Settings\Moi\Local Settings\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat L'objet est verrouillé ignoré
C:\Documents and Settings\Moi\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré
C:\Documents and Settings\Moi\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré
C:\Documents and Settings\Moi\Local Settings\Application Data\Microsoft\Windows Live Contacts\thevincou@hotmail.com\real\members.stg L'objet est verrouillé ignoré
C:\Documents and Settings\Moi\Local Settings\Application Data\Microsoft\Windows Live Contacts\thevincou@hotmail.com\shadow\members.stg L'objet est verrouillé ignoré
C:\Documents and Settings\Moi\Local Settings\Application Data\Microsoft\Feeds Cache\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\Moi\Local Settings\Application Data\Mozilla\Firefox\Profiles\dj7mh1k8.default\Cache\_CACHE_MAP_ L'objet est verrouillé ignoré
C:\Documents and Settings\Moi\Local Settings\Application Data\Mozilla\Firefox\Profiles\dj7mh1k8.default\Cache\_CACHE_001_ L'objet est verrouillé ignoré
C:\Documents and Settings\Moi\Local Settings\Application Data\Mozilla\Firefox\Profiles\dj7mh1k8.default\Cache\_CACHE_002_ L'objet est verrouillé ignoré
C:\Documents and Settings\Moi\Local Settings\Application Data\Mozilla\Firefox\Profiles\dj7mh1k8.default\Cache\_CACHE_003_ L'objet est verrouillé ignoré
C:\Documents and Settings\Moi\Bureau\Raccourci utilitaires\SDfix\SDFix\backups\backups.zip/backups/nmcuninstall.exe Infecté : Trojan-Downloader.Win32.Zlob.dmx ignoré
C:\Documents and Settings\Moi\Bureau\Raccourci utilitaires\SDfix\SDFix\backups\backups.zip ZIP: infecté - 1 ignoré
C:\Documents and Settings\Moi\Cookies\index.dat L'objet est verrouillé ignoré
C:\Program Files\Asus\Net4Switch\Resource.bin L'objet est verrouillé ignoré
C:\Program Files\Alwil Software\Avast4\DATA\report\Protection résidente.txt L'objet est verrouillé ignoré
C:\Program Files\Alwil Software\Avast4\DATA\log\nshield.log L'objet est verrouillé ignoré
C:\Program Files\Alwil Software\Avast4\DATA\log\AshWebSv.ws L'objet est verrouillé ignoré
C:\Program Files\Alwil Software\Avast4\DATA\log\aswMaiSv.log L'objet est verrouillé ignoré
C:\Program Files\Alwil Software\Avast4\DATA\aswResp.dat L'objet est verrouillé ignoré
C:\Program Files\Alwil Software\Avast4\DATA\Avast4.db L'objet est verrouillé ignoré
C:\Program Files\TexasCalculatem\crack.exe/stream/data0003 Infecté : Trojan-Downloader.Win32.Zlob.dmx ignoré
C:\Program Files\TexasCalculatem\crack.exe/stream Infecté : Trojan-Downloader.Win32.Zlob.dmx ignoré
C:\Program Files\TexasCalculatem\crack.exe NSIS: infecté - 2 ignoré
C:\System Volume Information\_restore{8120864E-BD6F-4D4F-9351-3F1693E7EB34}\RP253\A0051899.exe/crack.exe/stream/data0003 Infecté : Trojan-Downloader.Win32.Zlob.dmx ignoré
C:\System Volume Information\_restore{8120864E-BD6F-4D4F-9351-3F1693E7EB34}\RP253\A0051899.exe/crack.exe/stream Infecté : Trojan-Downloader.Win32.Zlob.dmx ignoré
C:\System Volume Information\_restore{8120864E-BD6F-4D4F-9351-3F1693E7EB34}\RP253\A0051899.exe/crack.exe Infecté : Trojan-Downloader.Win32.Zlob.dmx ignoré
C:\System Volume Information\_restore{8120864E-BD6F-4D4F-9351-3F1693E7EB34}\RP253\A0051899.exe ZIP: infecté - 3 ignoré
C:\System Volume Information\_restore{8120864E-BD6F-4D4F-9351-3F1693E7EB34}\RP254\A0052257.exe Infecté : Trojan-Downloader.Win32.Zlob.dmx ignoré
C:\System Volume Information\_restore{8120864E-BD6F-4D4F-9351-3F1693E7EB34}\RP254\A0052264.exe Infecté : Trojan-Downloader.Win32.Zlob.dmx ignoré
C:\System Volume Information\_restore{8120864E-BD6F-4D4F-9351-3F1693E7EB34}\RP254\change.log L'objet est verrouillé ignoré

Analyse terminée.
19 Octobre 2007 22:26:22

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:25:07, on 19/10/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\brsvc01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\brss01a.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\dllhost.exe
c:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\AsGHost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ATK0100\HControl.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\system32\RunDLL32.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
C:\Program Files\ASUS\PowerForPhone\PowerForPhone.exe
C:\Program Files\ASUS\ASUS Live Update\ALU.exe
C:\Program Files\ASUS\Splendid\ACMON.exe
C:\WINDOWS\system32\ACEngSvr.exe
C:\Program Files\Wireless Console 2\wcourier.exe
C:\Program Files\ASUS\ATK Media\DMEDIA.EXE
C:\WINDOWS\ATK0100\ATKOSD.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\ASUSTeK\ASUSDVD\PDVDServ.exe
C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\PowerISO\PWRISOVM.EXE
C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\ASUS\Net4Switch\Net4Switch.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\ASUS\Asus MultiFrame\MultiFrame.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosBtProc.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\WANADOO\SEARCH~1.DLL (file missing)
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {6136C646-9AE1-365B-8AE9-068A02B746F2} - C:\Program Files\ctzpmwmc\lwccmpmz.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: ASUS Security Protect Manager - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - c:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\ItIEAddIn.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [HControl] C:\WINDOWS\ATK0100\HControl.exe
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
O4 - HKLM\..\Run: [PowerForPhone] C:\Program Files\ASUS\PowerForPhone\PowerForPhone.exe
O4 - HKLM\..\Run: [ASUS Live Update] C:\Program Files\ASUS\ASUS Live Update\ALU.exe
O4 - HKLM\..\Run: [CognizanceTS] rundll32.exe c:\PROGRA~1\ASUSSE~1\ASUSSE~1\Bin\ASTSVCC.dll,RegisterModule
O4 - HKLM\..\Run: [ACMON] C:\Program Files\ASUS\Splendid\ACMON.exe
O4 - HKLM\..\Run: [Wireless Console 2] C:\Program Files\Wireless Console 2\wcourier.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMEDIA.EXE
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ABLKSR] C:\WINDOWS\ABLKSR\ABLKSR.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\ASUSTeK\ASUSDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Power_Gear] C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe 1
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [FTWATCH] C:\PROGRA~1\LALIGN~1\watch.exe
O4 - HKLM\..\Run: [FTTASKBARICON] C:\PROGRA~1\LALIGN~1\taskbaricon.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [hcxqhono] regsvr32 /u "C:\Documents and Settings\All Users\Application Data\hcxqhono.dll"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [Net4Switch] C:\Program Files\ASUS\Net4Switch\Net4Switch.exe
O4 - HKCU\..\Run: [updateMgr] c:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: MultiFrame.lnk = ?
O4 - Global Startup: Bluetooth Manager.lnk = ?
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Absolute Poker - {13C1DBF6-7535-495c-91F6-8C13714ED485} - C:\Documents and Settings\Moi\Menu Démarrer\Programmes\Absolute Poker\Absolute Poker.lnk
O9 - Extra 'Tools' menuitem: Absolute Poker - {13C1DBF6-7535-495c-91F6-8C13714ED485} - C:\Documents and Settings\Moi\Menu Démarrer\Programmes\Absolute Poker\Absolute Poker.lnk
O9 - Extra button: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Poker\Titan Poker\casino.exe
O9 - Extra 'Tools' menuitem: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Poker\Titan Poker\casino.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: CDPoker - {A68FC757-51CF-4f3c-B13A-BFB8CA69BB99} - C:\Poker\CDPoker\casino.exe
O9 - Extra 'Tools' menuitem: CDPoker - {A68FC757-51CF-4f3c-B13A-BFB8CA69BB99} - C:\Poker\CDPoker\casino.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.asus.com
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.mail.live.com/mail/w1/resources/MSNPUpld.ca...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Contro...
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst....
O17 - HKLM\System\CCS\Services\Tcpip\..\{064A0136-A027-42E9-ADCC-707664ECC3DE}: NameServer = 80.10.246.1 80.10.246.132
O17 - HKLM\System\CS1\Services\Tcpip\..\{064A0136-A027-42E9-ADCC-707664ECC3DE}: NameServer = 80.10.246.1 80.10.246.132
O20 - AppInit_DLLs: APSHook.dll
O20 - Winlogon Notify: OneCard - c:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\ASWLNPkg.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe

--
End of file - 12846 bytes

20 Octobre 2007 10:52:19

Re,

Télécharge OTMoveIt

Sauvegarde-le sur le Bureau

Séléctionne l'encadré ci-dessous
C:\Program Files\ctzpmwmc\
C:\Documents and Settings\All Users\Application Data\hcxqhono.dll
C:\Program Files\TexasCalculatem\crack.exe

Lance maintenant OTMoveIt .

Deux cadres apparaissent , clique droit sur le cadre de gauche , puis colle l'encadré ci desssus.
Et clique sur Movelt !

Si le programme te demande de redemarrer, accepte.

Poste le rapport qui se trouve dans : C:\_OTMoveIt\MovedFiles\date de création!

Désactive-réactive la restauration système

Relance HiJackThis, do a system scan only, coche ces lignes :
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\WANADOO\SEARCH~1.DLL (file missing)
O2 - BHO: (no name) - {6136C646-9AE1-365B-8AE9-068A02B746F2} - C:\Program Files\ctzpmwmc\lwccmpmz.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [hcxqhono] regsvr32 /u "C:\Documents and Settings\All Users\Application Data\hcxqhono.dll"
O4 - HKCU\..\Run: [updateMgr] c:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll

Puis Fix Checked !

20 Octobre 2007 12:35:47

C:\Program Files\ctzpmwmc moved successfully.
File/Folder C:\Documents and Settings\All Users\Application Data\hcxqhono.dll not found.
C:\Program Files\TexasCalculatem\crack.exe moved successfully.

Created on 10/20/2007 12:34:47

20 Octobre 2007 12:42:49

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:42:26, on 20/10/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\brsvc01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\brss01a.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\dllhost.exe
c:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\AsGHost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ATK0100\HControl.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\system32\RunDLL32.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
C:\Program Files\ASUS\PowerForPhone\PowerForPhone.exe
C:\Program Files\ASUS\ASUS Live Update\ALU.exe
C:\Program Files\ASUS\Splendid\ACMON.exe
C:\Program Files\Wireless Console 2\wcourier.exe
C:\WINDOWS\system32\ACEngSvr.exe
C:\Program Files\ASUS\ATK Media\DMEDIA.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\ATK0100\ATKOSD.exe
C:\Program Files\ASUSTeK\ASUSDVD\PDVDServ.exe
C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\PowerISO\PWRISOVM.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
C:\Program Files\ASUS\Net4Switch\Net4Switch.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\ASUS\Asus MultiFrame\MultiFrame.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosBtProc.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: ASUS Security Protect Manager - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - c:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\ItIEAddIn.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [HControl] C:\WINDOWS\ATK0100\HControl.exe
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
O4 - HKLM\..\Run: [PowerForPhone] C:\Program Files\ASUS\PowerForPhone\PowerForPhone.exe
O4 - HKLM\..\Run: [ASUS Live Update] C:\Program Files\ASUS\ASUS Live Update\ALU.exe
O4 - HKLM\..\Run: [CognizanceTS] rundll32.exe c:\PROGRA~1\ASUSSE~1\ASUSSE~1\Bin\ASTSVCC.dll,RegisterModule
O4 - HKLM\..\Run: [ACMON] C:\Program Files\ASUS\Splendid\ACMON.exe
O4 - HKLM\..\Run: [Wireless Console 2] C:\Program Files\Wireless Console 2\wcourier.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMEDIA.EXE
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ABLKSR] C:\WINDOWS\ABLKSR\ABLKSR.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\ASUSTeK\ASUSDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [Power_Gear] C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe 1
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [FTWATCH] C:\PROGRA~1\LALIGN~1\watch.exe
O4 - HKLM\..\Run: [FTTASKBARICON] C:\PROGRA~1\LALIGN~1\taskbaricon.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [Net4Switch] C:\Program Files\ASUS\Net4Switch\Net4Switch.exe
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: MultiFrame.lnk = ?
O4 - Global Startup: Bluetooth Manager.lnk = ?
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Absolute Poker - {13C1DBF6-7535-495c-91F6-8C13714ED485} - C:\Documents and Settings\Moi\Menu Démarrer\Programmes\Absolute Poker\Absolute Poker.lnk
O9 - Extra 'Tools' menuitem: Absolute Poker - {13C1DBF6-7535-495c-91F6-8C13714ED485} - C:\Documents and Settings\Moi\Menu Démarrer\Programmes\Absolute Poker\Absolute Poker.lnk
O9 - Extra button: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Poker\Titan Poker\casino.exe
O9 - Extra 'Tools' menuitem: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Poker\Titan Poker\casino.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: CDPoker - {A68FC757-51CF-4f3c-B13A-BFB8CA69BB99} - C:\Poker\CDPoker\casino.exe
O9 - Extra 'Tools' menuitem: CDPoker - {A68FC757-51CF-4f3c-B13A-BFB8CA69BB99} - C:\Poker\CDPoker\casino.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.asus.com
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.mail.live.com/mail/w1/resources/MSNPUpld.ca...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Contro...
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst....
O17 - HKLM\System\CCS\Services\Tcpip\..\{064A0136-A027-42E9-ADCC-707664ECC3DE}: NameServer = 80.10.246.130 80.10.246.3
O17 - HKLM\System\CS1\Services\Tcpip\..\{064A0136-A027-42E9-ADCC-707664ECC3DE}: NameServer = 80.10.246.130 80.10.246.3
O20 - AppInit_DLLs: APSHook.dll
O20 - Winlogon Notify: OneCard - c:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\ASWLNPkg.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe

--
End of file - 11537 bytes
20 Octobre 2007 13:15:14

Bien, plus d'infection visible. Toujours des problèmes ?

Désinstalle avast, redémarre et supprime ~~>C:\Program Files\Alwil Software

Télécharge ccleaner (>>tuto à lire !<<), tu download «the latest version » puis installe le en décochant - Ajouter la Barre d'Outils Yahoo! CCleaner
Puis lance le nettoyage, puis fais chercher des erreurs et sauvegardes si tu le souhaites.

Télécharge et installe Antivir. (tuto)
Pourquoi changer ? Avast vs Antivir
20 Octobre 2007 18:43:16

salut!

j ai plus l impression d'avoir de problème pour le moment.

Merci beaucoup pour ton aide, j'aurais jamais réussi tout seul.

Merci pour tout le temps que tu as passé.

@++
20 Octobre 2007 19:16:04

De rien, bonne soirée ..


Désinstalle, supprime tous les logiciels utilisés pour la désinfection ainsi que les dossiers créés correspondants.. Garde ccleaner, avg et antivir si nous les avons installé..
Rapporte ton infection sur Malware Complaints
Tuto
Ton infection : Smitfraud & Lop
Tom's guide dans le monde
  • Allemagne
  • Italie
  • Irlande
  • Royaume Uni
  • Etats Unis
Suivre Tom's Guide
Inscrivez-vous à la Newsletter
  • ajouter à twitter
  • ajouter à facebook
  • ajouter un flux RSS