Aller au contenu

dave36

Membres
  • Compteur de contenus

    47
  • Inscription

  • Dernière visite

Réputation sur la communauté

0 Neutral

À propos de dave36

  • Rang
    Member

Autres informations

  • Mes langues
    polonais
  1. Salut,voici le rapport hijack ------------------------------- StartupList report, 14/06/2007, 16:52:30 StartupList version: 1.52.2 Started from : C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\Rar$EX00.594\HijackThis.EXE Detected: Windows XP SP2 (WinNT 5.01.2600) Detected: Internet Explorer v7.00 (7.00.6000.16473) * Using default options * Including empty and uninteresting sections * Showing rarely important sections ================================================== Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe c:\program files\a-squared free\a2service.exe C:\Program Files\Spyware Terminator\sp_rsser.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Inventel\Gateway\wlancfg.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\windows\system\hpsysdrv.exe C:\Program Files\HP\Digital Imaging\Unload\hpqcmon.exe C:\WINDOWS\System32\hphmon05.exe C:\HP\KBD\KBD.EXE C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Program Files\Multimedia Card Reader\shwicon2k.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe C:\Program Files\ATI Multimedia\main\ATIDtct.EXE C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\TribalWeb.net\tribalweb.exe C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\Rar$EX00.594\HijackThis.exe -------------------------------------------------- Listing of startup folders: Shell folders Startup: [C:\Documents and Settings\Propriétaire\Menu Démarrer\Programmes\Démarrage] TribalWeb.lnk = C:\Program Files\TribalWeb.net\tribalweb.exe TribalWeb.net.lnk = C:\Program Files\TribalWeb.net\tribalweb.exe Shell folders AltStartup: *Folder not found* User shell folders Startup: *Folder not found* User shell folders AltStartup: *Folder not found* Shell folders Common Startup: [C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage] Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE Shell folders Common AltStartup: *Folder not found* User shell folders Common Startup: *Folder not found* User shell folders Alternate Common Startup: *Folder not found* -------------------------------------------------- Checking Windows NT UserInit: [HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] UserInit = C:\WINDOWS\system32\userinit.exe, [HKLM\Software\Microsoft\Windows\CurrentVersion\Winlogon] *Registry key not found* [HKCU\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] *Registry value not found* [HKCU\Software\Microsoft\Windows\CurrentVersion\Winlogon] *Registry key not found* -------------------------------------------------- Autorun entries from Registry: HKLM\Software\Microsoft\Windows\CurrentVersion\Run hpsysdrv = c:\windows\system\hpsysdrv.exe HotKeysCmds = C:\WINDOWS\System32\hkcmd.exe CamMonitor = c:\Program Files\HP\Digital Imaging\Unload\hpqcmon.exe HPHmon05 = C:\WINDOWS\System32\hphmon05.exe KBD = C:\HP\KBD\KBD.EXE UpdateManager = "C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe" /r Recguard = C:\WINDOWS\SMINST\RECGUARD.EXE NvCplDaemon = RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup nwiz = nwiz.exe /installquiet /keeploaded /nodetect AlcxMonitor = ALCXMNTR.EXE PS2 = C:\WINDOWS\system32\ps2.exe ATIPTA = C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe Sunkist2k = C:\Program Files\Multimedia Card Reader\shwicon2k.exe avast! = C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe SpywareTerminator = "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe" -------------------------------------------------- Autorun entries from Registry: HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce *No values found* -------------------------------------------------- Autorun entries from Registry: HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnceEx *No values found* -------------------------------------------------- Autorun entries from Registry: HKLM\Software\Microsoft\Windows\CurrentVersion\RunServices *No values found* -------------------------------------------------- Autorun entries from Registry: HKLM\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce *Registry key not found* -------------------------------------------------- Autorun entries from Registry: HKCU\Software\Microsoft\Windows\CurrentVersion\Run NVIEW = rundll32.exe nview.dll,nViewLoadHook ATI Launchpad = "C:\Program Files\ATI Multimedia\main\launchpd.exe" ATI DeviceDetect = C:\Program Files\ATI Multimedia\main\ATIDtct.EXE ctfmon.exe = C:\WINDOWS\system32\ctfmon.exe -------------------------------------------------- Autorun entries from Registry: HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce *No values found* -------------------------------------------------- Autorun entries from Registry: HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnceEx *Registry key not found* -------------------------------------------------- Autorun entries from Registry: HKCU\Software\Microsoft\Windows\CurrentVersion\RunServices *No values found* -------------------------------------------------- Autorun entries from Registry: HKCU\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce *Registry key not found* -------------------------------------------------- Autorun entries from Registry: HKLM\Software\Microsoft\Windows NT\CurrentVersion\Run *Registry key not found* -------------------------------------------------- Autorun entries from Registry: HKCU\Software\Microsoft\Windows NT\CurrentVersion\Run *Registry key not found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKLM\Software\Microsoft\Windows\CurrentVersion\Run [OptionalComponents] *No values found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce *No subkeys found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnceEx *No subkeys found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKLM\Software\Microsoft\Windows\CurrentVersion\RunServices *No subkeys found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKLM\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce *Registry key not found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKCU\Software\Microsoft\Windows\CurrentVersion\Run *No subkeys found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce *No subkeys found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnceEx *Registry key not found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKCU\Software\Microsoft\Windows\CurrentVersion\RunServices *No subkeys found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKCU\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce *Registry key not found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKLM\Software\Microsoft\Windows NT\CurrentVersion\Run *Registry key not found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKCU\Software\Microsoft\Windows NT\CurrentVersion\Run *Registry key not found* -------------------------------------------------- File association entry for .EXE: HKEY_CLASSES_ROOT\exefile\shell\open\command (Default) = "%1" %* -------------------------------------------------- File association entry for .COM: HKEY_CLASSES_ROOT\comfile\shell\open\command (Default) = "%1" %* -------------------------------------------------- File association entry for .BAT: HKEY_CLASSES_ROOT\batfile\shell\open\command (Default) = "%1" %* -------------------------------------------------- File association entry for .PIF: HKEY_CLASSES_ROOT\piffile\shell\open\command (Default) = "%1" %* -------------------------------------------------- File association entry for .SCR: HKEY_CLASSES_ROOT\scrfile\shell\open\command (Default) = "%1" /S -------------------------------------------------- File association entry for .HTA: HKEY_CLASSES_ROOT\htafile\shell\open\command (Default) = C:\WINDOWS\system32\mshta.exe "%1" %* -------------------------------------------------- File association entry for .TXT: HKEY_CLASSES_ROOT\txtfile\shell\open\command (Default) = %SystemRoot%\system32\NOTEPAD.EXE %1 -------------------------------------------------- Enumerating Active Setup stub paths: HKLM\Software\Microsoft\Active Setup\Installed Components (* = disabled by HKCU twin) [<{12d0ed0d-0ee0-4f90-8827-78cefb8f4988}] * StubPath = C:\WINDOWS\system32\ieudinit.exe [>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] StubPath = C:\WINDOWS\inf\unregmp2.exe /ShowWMP [>{26923b43-4d38-484f-9b9e-de460746276c}] * StubPath = C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig [>{60B49E34-C7CC-11D0-8953-00A0C90347FF}] * StubPath = RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP [>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}] * StubPath = %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE [{2C7339CF-2B09-4501-B3F3-F3508C9228ED}] * StubPath = %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll [{44BBA840-CC51-11CF-AAFA-00AA00B6015C}] * StubPath = "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install [{44BBA842-CC51-11CF-AAFA-00AA00B6015B}] * StubPath = rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT [{5945c046-1e7d-11d1-bc44-00c04fd912be}] * StubPath = rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser [{6BF52A52-394A-11d3-B153-00C04F79FAA6}] * StubPath = rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp11.inf,PerUserStub [{7790769C-0471-11d2-AF11-00C04FA35D02}] * StubPath = "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install [{89820200-ECBD-11cf-8B85-00AA005B4340}] * StubPath = regsvr32.exe /s /n /i:U shell32.dll [{89820200-ECBD-11cf-8B85-00AA005B4383}] * StubPath = C:\WINDOWS\system32\ie4uinit.exe -BaseSettings [{89B4C1CD-B018-4511-B0A1-5476DBF70820}] * StubPath = C:\WINDOWS\System32\Rundll32.exe C:\WINDOWS\System32\mscories.dll,Install [{8b15971b-5355-4c82-8c07-7e181ea07608}] * StubPath = rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\fxsocm.inf,Fax.Install.PerUser -------------------------------------------------- Enumerating ICQ Agent Autostart apps: HKCU\Software\Mirabilis\ICQ\Agent\Apps *Registry key not found* -------------------------------------------------- Load/Run keys from C:\WINDOWS\WIN.INI: load=*INI section not found* run=*INI section not found* Load/Run keys from Registry: HKLM\..\Windows NT\CurrentVersion\WinLogon: load=*Registry value not found* HKLM\..\Windows NT\CurrentVersion\WinLogon: run=*Registry value not found* HKLM\..\Windows\CurrentVersion\WinLogon: load=*Registry key not found* HKLM\..\Windows\CurrentVersion\WinLogon: run=*Registry key not found* HKCU\..\Windows NT\CurrentVersion\WinLogon: load=*Registry value not found* HKCU\..\Windows NT\CurrentVersion\WinLogon: run=*Registry value not found* HKCU\..\Windows\CurrentVersion\WinLogon: load=*Registry key not found* HKCU\..\Windows\CurrentVersion\WinLogon: run=*Registry key not found* HKCU\..\Windows NT\CurrentVersion\Windows: load= HKCU\..\Windows NT\CurrentVersion\Windows: run=*Registry value not found* HKLM\..\Windows NT\CurrentVersion\Windows: load=*Registry value not found* HKLM\..\Windows NT\CurrentVersion\Windows: run=*Registry value not found* HKLM\..\Windows NT\CurrentVersion\Windows: AppInit_DLLs= -------------------------------------------------- Shell & screensaver key from C:\WINDOWS\SYSTEM.INI: Shell=*INI section not found* SCRNSAVE.EXE=*INI section not found* drivers=*INI section not found* Shell & screensaver key from Registry: Shell=Explorer.exe SCRNSAVE.EXE=C:\WINDOWS\System32\ssmypics.scr drivers=*Registry value not found* Policies Shell key: HKCU\..\Policies: Shell=*Registry value not found* HKLM\..\Policies: Shell=*Registry value not found* -------------------------------------------------- Checking for EXPLORER.EXE instances: C:\WINDOWS\Explorer.exe: PRESENT! C:\Explorer.exe: not present C:\WINDOWS\Explorer\Explorer.exe: not present C:\WINDOWS\System\Explorer.exe: not present C:\WINDOWS\System32\Explorer.exe: not present C:\WINDOWS\Command\Explorer.exe: not present C:\WINDOWS\Fonts\Explorer.exe: not present -------------------------------------------------- Checking for superhidden extensions: .lnk: HIDDEN! (arrow overlay: yes) .pif: HIDDEN! (arrow overlay: yes) .exe: not hidden .com: not hidden .bat: not hidden .hta: not hidden .scr: not hidden .shs: HIDDEN! .shb: HIDDEN! .vbs: not hidden .vbe: not hidden .wsh: not hidden .scf: HIDDEN! (arrow overlay: NO!) .url: HIDDEN! (arrow overlay: yes) .js: not hidden .jse: not hidden -------------------------------------------------- Verifying REGEDIT.EXE integrity: - Regedit.exe found in C:\WINDOWS - .reg open command is normal (regedit.exe %1) - Regedit.exe has no CompanyName property! It is either missing or named something else. - Regedit.exe has no OriginalFilename property! It is either missing or named something else. - Regedit.exe has no FileDescription property! It is either missing or named something else. Registry check failed! -------------------------------------------------- Enumerating Browser Helper Objects: (no name) - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (no name) - (no file) - {7E853D72-626A-48EC-A868-BA8D5E23E045} -------------------------------------------------- Enumerating Task Scheduler jobs: *No jobs found* -------------------------------------------------- Enumerating Download Program Files: [CKAVWebScan Object] InProcServer32 = C:\WINDOWS\system32\Kaspersky Lab\Kaspersky Online Scanner\kavwebscan.dll CODEBASE = http://webscanner.kaspersky.fr/kavwebscan_unicode.cab [bDSCANONLINE Control] InProcServer32 = C:\WINDOWS\DOWNLO~1\oscan8.ocx CODEBASE = http://www.zebulon.fr/scan8/oscan8.cab [Java Plug-in 1.4.2] InProcServer32 = C:\Program Files\Java\j2re1.4.2\bin\npjpi142.dll CODEBASE = http://java.sun.com/products/plugin/autodl...indows-i586.cab [ActiveScan Installer Class] InProcServer32 = C:\WINDOWS\Downloaded Program Files\asinst.dll CODEBASE = http://acs.pandasoftware.com/activescan/as5free/asinst.cab [Java Plug-in 1.4.2] InProcServer32 = C:\Program Files\Java\j2re1.4.2\bin\npjpi142.dll CODEBASE = http://java.sun.com/products/plugin/autodl...indows-i586.cab -------------------------------------------------- Enumerating Winsock LSP files: NameSpace #1: C:\WINDOWS\System32\mswsock.dll NameSpace #2: C:\WINDOWS\System32\winrnr.dll NameSpace #3: C:\WINDOWS\System32\mswsock.dll Protocol #1: C:\WINDOWS\system32\mswsock.dll Protocol #2: C:\WINDOWS\system32\mswsock.dll Protocol #3: C:\WINDOWS\system32\mswsock.dll Protocol #4: C:\WINDOWS\system32\rsvpsp.dll Protocol #5: C:\WINDOWS\system32\rsvpsp.dll Protocol #6: C:\WINDOWS\system32\mswsock.dll Protocol #7: C:\WINDOWS\system32\mswsock.dll Protocol #8: C:\WINDOWS\system32\mswsock.dll Protocol #9: C:\WINDOWS\system32\mswsock.dll Protocol #10: C:\WINDOWS\system32\mswsock.dll Protocol #11: C:\WINDOWS\system32\mswsock.dll Protocol #12: C:\WINDOWS\system32\mswsock.dll Protocol #13: C:\WINDOWS\system32\mswsock.dll Protocol #14: C:\WINDOWS\system32\mswsock.dll Protocol #15: C:\WINDOWS\system32\mswsock.dll -------------------------------------------------- Enumerating Windows NT/2000/XP services a-squared Free Service: c:\program files\a-squared free\a2service.exe (autostart) a347bus: System32\DRIVERS\a347bus.sys (system) a347scsi: System32\Drivers\a347scsi.sys (system) Pilote ACPI Microsoft: System32\DRIVERS\ACPI.sys (system) Suppresseur d'écho acoustique (Noyau Microsoft): system32\drivers\aec.sys (manual start) Environnement de prise en charge de réseau AFD: \SystemRoot\System32\drivers\afd.sys (system) Filtre de bus AGP Intel: System32\DRIVERS\agp440.sys (system) Service for Realtek AC97 Audio (WDM): system32\drivers\ALCXWDM.SYS (manual start) Avertissement: %SystemRoot%\System32\svchost.exe -k LocalService (disabled) Service de la passerelle de la couche Application: %SystemRoot%\System32\alg.exe (manual start) Pilote de processeur AMD K7: System32\DRIVERS\amdk7.sys (system) Gestion d'applications: %SystemRoot%\system32\svchost.exe -k netsvcs (manual start) Protocole client ARP 1394: System32\DRIVERS\arp1394.sys (manual start) ASP.NET State Service: %SystemRoot%\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe (manual start) avast! iAVS4 Control Service: "C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe" (autostart) Pilote de média asynchrone RAS: System32\DRIVERS\asyncmac.sys (manual start) Contrôleur de disque dur IDE/ESDI standard: System32\DRIVERS\atapi.sys (system) Ati HotKey Poller: %SystemRoot%\system32\Ati2evxx.exe (autostart) ATI Smart: C:\WINDOWS\system32\ati2sgag.exe (autostart) ati2mtag: System32\DRIVERS\ati2mtag.sys (manual start) Protocole client ATM ARP: System32\DRIVERS\atmarpc.sys (manual start) Audio Windows: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Pilote audio Stub: System32\DRIVERS\audstub.sys (manual start) avast! Antivirus: "C:\Program Files\Alwil Software\Avast4\ashServ.exe" (autostart) avast! Mail Scanner: "C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (manual start) avast! Web Scanner: "C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (manual start) Service de transfert intelligent en arrière-plan: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start) Explorateur d'ordinateur: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Pilote de CD-ROM: System32\DRIVERS\cdrom.sys (system) Service d'indexation: %SystemRoot%\system32\cisvc.exe (manual start) Gestionnaire de l'Album: %SystemRoot%\system32\clipsrv.exe (disabled) Application système COM+: C:\WINDOWS\System32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235} (manual start) Services de cryptographie: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart) Lanceur de processus serveur DCOM: %SystemRoot%\system32\svchost -k DcomLaunch (autostart) Client DHCP: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Pilote de disque: System32\DRIVERS\disk.sys (system) Service d'administration du Gestionnaire de disque logique: %SystemRoot%\System32\dmadmin.exe /com (manual start) dmboot: System32\drivers\dmboot.sys (disabled) dmio: System32\drivers\dmio.sys (disabled) dmload: System32\drivers\dmload.sys (disabled) Gestionnaire de disque logique: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start) Synthétiseur DLS du noyau Microsoft: system32\drivers\DMusic.sys (manual start) Client DNS: %SystemRoot%\System32\svchost.exe -k NetworkService (autostart) Filtre de décodeur DRM (Noyau Microsoft): system32\drivers\drmkaud.sys (manual start) Pilote de la carte EtherLink XL 90XB/C 3Com: System32\DRIVERS\el90xbc5.sys (manual start) Service de rapport d'erreurs: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Journal des événements: %SystemRoot%\system32\services.exe (autostart) Système d'événements de COM+: C:\WINDOWS\System32\svchost.exe -k netsvcs (manual start) Compatibilité avec le Changement rapide d'utilisateur: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start) Fax: %systemroot%\system32\fxssvc.exe (manual start) Pilote de contrôleur de lecteur de disquettes: System32\DRIVERS\fdc.sys (manual start) Pilote de lecteur de disquettes: System32\DRIVERS\flpydisk.sys (manual start) FltMgr: system32\drivers\fltmgr.sys (system) Pilote du Gestionnaire de volume: System32\DRIVERS\ftdisk.sys (system) Classificateur de paquets générique: System32\DRIVERS\msgpc.sys (manual start) Aide et support: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Accès du périphérique d'interface utilisateur: %SystemRoot%\System32\svchost.exe -k netsvcs (disabled) Pilote de classe HID Microsoft: system32\DRIVERS\hidusb.sys (manual start) HSFHWBS2: System32\DRIVERS\HSFHWBS2.sys (manual start) HSF_DP: System32\DRIVERS\HSF_DP.sys (manual start) HTTP: System32\Drivers\HTTP.sys (manual start) HTTP SSL: %SystemRoot%\System32\svchost.exe -k HTTPFilter (manual start) Pilote pour clavier i8042 et souris sur port PS/2: System32\DRIVERS\i8042prt.sys (system) ialm: System32\DRIVERS\ialmnt5.sys (manual start) Pilote de filtre de gravure CD: System32\DRIVERS\imapi.sys (system) Service COM de gravage de CD IMAPI: C:\WINDOWS\System32\imapi.exe (manual start) IntelIde: System32\DRIVERS\intelide.sys (system) Pilote de processeur Intel: System32\DRIVERS\intelppm.sys (system) Pilote du pare-feu Windows IPv6: system32\drivers\ip6fw.sys (manual start) Pilote de filtre de trafic IP: System32\DRIVERS\ipfltdrv.sys (manual start) Pilote de tunnelage IP dans IP: System32\DRIVERS\ipinip.sys (manual start) Traducteur d'adresses réseau IP: System32\DRIVERS\ipnat.sys (manual start) Pilote IPSEC: System32\DRIVERS\ipsec.sys (system) Service énumérateur IR: System32\DRIVERS\irenum.sys (manual start) Pilote de bus Plug-and-Play ISA/EISA: System32\DRIVERS\isapnp.sys (system) Pilote de la classe Clavier: System32\DRIVERS\kbdclass.sys (system) Mélangeur audio Wave de noyau Microsoft: system32\drivers\kmixer.sys (manual start) KProcCheck: System32\DRIVERS\KProcCheck.sys (manual start) Serveur: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Station de travail: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Assistance TCP/IP NetBIOS: %SystemRoot%\System32\svchost.exe -k LocalService (autostart) mdmxsdk: System32\DRIVERS\mdmxsdk.sys (autostart) Affichage des messages: %SystemRoot%\System32\svchost.exe -k netsvcs (disabled) Partage de Bureau à distance NetMeeting: C:\WINDOWS\System32\mnmsrvc.exe (manual start) Pilote de la classe Souris: System32\DRIVERS\mouclass.sys (system) Pilote HID de souris: System32\DRIVERS\mouhid.sys (manual start) Redirecteur client WebDav: System32\DRIVERS\mrxdav.sys (manual start) MRXSMB: System32\DRIVERS\mrxsmb.sys (system) Distributed Transaction Coordinator: C:\WINDOWS\System32\msdtc.exe (manual start) Windows Installer: C:\WINDOWS\System32\msiexec.exe /V (manual start) Proxy de service de répartition Microsoft: system32\drivers\MSKSSRV.sys (manual start) Proxy d'horloge de répartition Microsoft: system32\drivers\MSPCLOCK.sys (manual start) Proxy de gestion de qualité de répartition Microsoft: system32\drivers\MSPQM.sys (manual start) Pilote BIOS de gestion de systèmes Microsoft: System32\DRIVERS\mssmbios.sys (manual start) Pilote TAPI NDIS d'accès distant: System32\DRIVERS\ndistapi.sys (manual start) NDIS mode utilisateur E/S Protocole: System32\DRIVERS\ndisuio.sys (manual start) Pilote réseau étendu NDIS d'accès distant: System32\DRIVERS\ndiswan.sys (manual start) Interface NetBIOS: System32\DRIVERS\netbios.sys (system) NetBT: System32\DRIVERS\netbt.sys (system) DDE réseau: %SystemRoot%\system32\netdde.exe (disabled) DSDM DDE réseau: %SystemRoot%\system32\netdde.exe (disabled) Ouverture de session réseau: %SystemRoot%\System32\lsass.exe (manual start) Connexions réseau: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start) Pilote réseau 1394: System32\DRIVERS\nic1394.sys (manual start) NLA (Network Location Awareness): %SystemRoot%\System32\svchost.exe -k netsvcs (manual start) Fournisseur de la prise en charge de sécurité LM NT: %SystemRoot%\System32\lsass.exe (manual start) Stockage amovible: %SystemRoot%\system32\svchost.exe -k netsvcs (manual start) nv: System32\DRIVERS\nv4_mini.sys (manual start) NVIDIA Driver Helper Service: %SystemRoot%\System32\nvsvc32.exe (autostart) NVIDIA nForce AGP Bus Filter: System32\DRIVERS\nv_agp.sys (system) Pilote de filtre de trafic IPX: System32\DRIVERS\nwlnkflt.sys (manual start) Pilote de transfert de trafic IPX: System32\DRIVERS\nwlnkfwd.sys (manual start) Contrôleur hôte NEC FireWarden IEEE 1394 compatible OHCI (Open Host Controller Interface): System32\DRIVERS\ohci1394.sys (system) Pilote de port parallèle: System32\DRIVERS\parport.sys (manual start) PCAMPR5 NDIS Protocol Driver: \??\C:\WINDOWS\System32\PCAMPR5.SYS (manual start) PCANDIS5 NDIS Protocol Driver: \??\C:\WINDOWS\System32\PCANDIS5.SYS (manual start) Pilote de bus PCI: System32\DRIVERS\pci.sys (system) PCIIde: \SystemRoot\System32\DRIVERS\pciide.sys (disabled) Padus ASPI Shell: system32\drivers\pfc.sys (manual start) Plug-and-Play: %SystemRoot%\system32\services.exe (autostart) Services IPSEC: %SystemRoot%\System32\lsass.exe (autostart) Miniport réseau étendu (PPTP): System32\DRIVERS\raspptp.sys (manual start) Pilote processeur: System32\DRIVERS\processr.sys (system) StarForce Protection Environment Driver v6: \SystemRoot\System32\drivers\prodrv06.sys (system) StarForce Protection Helper Driver v2: System32\drivers\prohlp02.sys (system) StarForce Protection Synchronization Driver v1: System32\drivers\prosync1.sys (system) Emplacement protégé: %SystemRoot%\system32\lsass.exe (autostart) PS2: System32\DRIVERS\PS2.sys (manual start) Planificateur de paquets QoS: System32\DRIVERS\psched.sys (manual start) Pilote de liaison parallèle directe: System32\DRIVERS\ptilink.sys (manual start) PxHelp20: System32\DRIVERS\PxHelp20.sys (system) Pilote de connexion automatique d'accès distant: System32\DRIVERS\rasacd.sys (system) Gestionnaire de connexion automatique d'accès distant: %SystemRoot%\System32\svchost.exe -k netsvcs (disabled) Miniport réseau étendu (L2TP): System32\DRIVERS\rasl2tp.sys (manual start) Gestionnaire de connexions d'accès distant: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start) Pilote PPPOE d'accès à distance: System32\DRIVERS\raspppoe.sys (manual start) Parallèle direct: System32\DRIVERS\raspti.sys (manual start) Rdbss: System32\DRIVERS\rdbss.sys (system) RDPCDD: System32\DRIVERS\RDPCDD.sys (system) Gestionnaire de session d'aide sur le Bureau à distance: C:\WINDOWS\system32\sessmgr.exe (manual start) Pilote de filtre de lecture digitale de CD audio: System32\DRIVERS\redbook.sys (system) Routage et accès distant: %SystemRoot%\System32\svchost.exe -k netsvcs (disabled) Localisateur d'appels de procédure distante (RPC): %SystemRoot%\System32\locator.exe (manual start) Appel de procédure distante (RPC): %SystemRoot%\system32\svchost -k rpcss (autostart) QoS RSVP: %SystemRoot%\System32\rsvp.exe (manual start) Realtek RTL8139/810x Family Fast Ethernet NIC NT Driver: System32\DRIVERS\R8139n51.SYS (manual start) Gestionnaire de comptes de sécurité: %SystemRoot%\system32\lsass.exe (autostart) Carte à puce: %SystemRoot%\System32\SCardSvr.exe (manual start) Planificateur de tâches: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Secdrv: System32\DRIVERS\secdrv.sys (autostart) Connexion secondaire: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Notification d'événement système: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart) Pilote de filtre Serenum: System32\DRIVERS\serenum.sys (manual start) Pilote de port série: System32\DRIVERS\serial.sys (system) StarForce Cure Driver (version 1.x): System32\drivers\sfcure01.sys (manual start) StarForce Protection Environment Driver (version 1.x): System32\drivers\sfdrv01.sys (system) StarForce Protection Helper Driver: System32\drivers\sfhlp01.sys (system) StarForce Protection Helper Driver (version 2.x): System32\drivers\sfhlp02.sys (system) StarForce Protection Synchronization Driver (version 2.x): System32\drivers\sfsync02.sys (system) StarForce Protection VFS Driver (version 2.x): System32\drivers\sfvfs02.sys (system) Windows Firewall/Internet Connection Sharing (ICS): %SystemRoot%\system32\svchost.exe -k netsvcs (autostart) Détection matériel noyau: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) SiS163 usb Wireless LAN Adapter Driver: System32\DRIVERS\sis163u.sys (manual start) SiS315: System32\DRIVERS\sisgrp.sys (manual start) SiS AGP Filter: System32\DRIVERS\SISAGPX.sys (system) SiSkp: System32\DRIVERS\srvkp.sys (system) Splitter audio du noyau Microsoft: system32\drivers\splitter.sys (manual start) Spouleur d'impression: %SystemRoot%\system32\spoolsv.exe (autostart) Spyware Terminator Clam Service: C:\Program Files\WinClamAVShield\sp_clamsrv.exe (manual start) Spyware Terminator Driver 2: \??\C:\WINDOWS\system32\drivers\sp_rsdrv2.sys (system) Spyware Terminator Realtime Shield Service: C:\Program Files\Spyware Terminator\sp_rsser.exe (autostart) Pilote de filtre de restauration système: System32\DRIVERS\sr.sys (system) Service de restauration système: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Srv: System32\DRIVERS\srv.sys (manual start) Service de découvertes SSDP: %SystemRoot%\System32\svchost.exe -k LocalService (manual start) Acquisition d'image Windows (WIA): %SystemRoot%\System32\svchost.exe -k imgsvc (autostart) Alcor Micro Corp - 9360: \??\C:\WINDOWS\System32\Drivers\sunkfilt.sys (manual start) HP && Alcor Micro Corp for Phison: \??\C:\WINDOWS\System32\Drivers\sunkfiltp.sys (manual start) Pilote de bus logiciel: System32\DRIVERS\swenum.sys (manual start) Synthétiseur de table de sons GC noyau Microsoft: system32\drivers\swmidi.sys (manual start) MS Software Shadow Copy Provider: C:\WINDOWS\System32\dllhost.exe /Processid:{CDDDA435-D8D7-420E-9821-39B0A17F117C} (manual start) Périphérique audio système du noyau Microsoft: system32\drivers\sysaudio.sys (manual start) Journaux et alertes de performance: %SystemRoot%\system32\smlogsvc.exe (manual start) Téléphonie: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start) Pilote du protocole TCP/IP: System32\DRIVERS\tcpip.sys (system) Pilote de périphérique terminal: System32\DRIVERS\termdd.sys (system) Services Terminal Server: %SystemRoot%\System32\svchost -k DComLaunch (manual start) Thèmes: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Client de suivi de lien distribué: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart) Pilote de mise à jour microcode: System32\DRIVERS\update.sys (manual start) Hôte de périphérique universel Plug-and-Play: %SystemRoot%\System32\svchost.exe -k LocalService (manual start) Onduleur: %SystemRoot%\System32\ups.exe (manual start) Pilote USB audio (WDM): system32\drivers\usbaudio.sys (manual start) Pilote parent générique USB Microsoft: System32\DRIVERS\usbccgp.sys (manual start) Pilote miniport de contrôleur hôte amélioré USB 2.0 Microsoft: System32\DRIVERS\usbehci.sys (manual start) Concentrateur USB2: System32\DRIVERS\usbhub.sys (manual start) Pilote miniport de contrôleur hôte ouvert USB Microsoft: System32\DRIVERS\usbohci.sys (manual start) Classe d'imprimantes USB Microsoft: System32\DRIVERS\usbprint.sys (manual start) Pilote de scanneur USB: System32\DRIVERS\usbscan.sys (manual start) Pilote de stockage de masse USB: System32\DRIVERS\USBSTOR.SYS (manual start) Pilote miniport de contrôleur hôte universel USB Microsoft: System32\DRIVERS\usbuhci.sys (manual start) Service Messenger Sharing Folders USN Journal Reader: "C:\Program Files\MSN Messenger\usnsvc.exe" (manual start) Carte vidéo VGA.: \SystemRoot\System32\drivers\vga.sys (system) VIA AGP Filter: System32\DRIVERS\viaagp1.sys (system) viagfx: System32\DRIVERS\vtmini.sys (manual start) ViaIde: \SystemRoot\System32\DRIVERS\viaide.sys (disabled) Cliché instantané de volume: %SystemRoot%\System32\vssvc.exe (manual start) Horloge Windows: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Pilote ARP IP d'accès distant: System32\DRIVERS\wanarp.sys (manual start) Pilote WINMM de compatibilité audio WDM Microsoft: system32\drivers\wdmaud.sys (manual start) WebClient: %SystemRoot%\System32\svchost.exe -k LocalService (autostart) winachsf: System32\DRIVERS\HSF_CNXT.sys (manual start) Infrastructure de gestion Windows: %systemroot%\system32\svchost.exe -k netsvcs (autostart) Service de lancement de WlanCfg: C:\Program Files\Inventel\Gateway\wlancfg.exe SVC (autostart) Service de numéro de série du lecteur multimédia portable: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start) Carte de performance WMI: C:\WINDOWS\System32\wbem\wmiapsrv.exe (manual start) Service Partage réseau du Lecteur Windows Media: "C:\Program Files\Windows Media Player\wmpnetwk.exe" (manual start) Security Center: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Mises à jour automatiques: %systemroot%\system32\svchost.exe -k netsvcs (autostart) Windows Driver Foundation - User-mode Driver Framework Platform Driver: system32\DRIVERS\WudfPf.sys (manual start) Windows Driver Foundation - User-mode Driver Framework Reflector: system32\DRIVERS\wudfrd.sys (manual start) Windows Driver Foundation - User-mode Driver Framework: %SystemRoot%\system32\svchost.exe -k WudfServiceGroup (manual start) Configuration automatique sans fil: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Service d'approvisionnement réseau: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start) Intel® Graphics Platform (SoftBIOS) Driver: system32\drivers\ialmsbw.sys (manual start) Intel® Graphics Chipset (KCH) Driver: system32\drivers\ialmkchw.sys (manual start) -------------------------------------------------- Enumerating Windows NT logon/logoff scripts: *No scripts set to run* Windows NT checkdisk command: BootExecute = autocheck autochk * Windows NT 'Wininit.ini': PendingFileRenameOperations: C:\Program Files\Spyware Terminator\SpywareTerminator.old|||m -------------------------------------------------- Enumerating ShellServiceObjectDelayLoad items: PostBootReminder: C:\WINDOWS\system32\SHELL32.dll CDBurn: C:\WINDOWS\system32\SHELL32.dll WebCheck: C:\WINDOWS\system32\webcheck.dll SysTray: C:\WINDOWS\System32\stobject.dll WPDShServiceObj: C:\WINDOWS\system32\WPDShServiceObj.dll -------------------------------------------------- Autorun entries from Registry: HKCU\Software\Microsoft\Windows\CurrentVersion\policies\Explorer\Run *Registry key not found* -------------------------------------------------- Autorun entries from Registry: HKLM\Software\Microsoft\Windows\CurrentVersion\policies\Explorer\Run *Registry key not found* -------------------------------------------------- End of report, 36 955 bytes Report generated in 1,360 seconds Command line options: /verbose - to add additional info on each section /complete - to include empty sections and unsuspicious data /full - to include several rarely-important sections /force9x - to include Win9x-only startups even if running on WinNT /forcent - to include WinNT-only startups even if running on Win9x /forceall - to include all Win9x and WinNT startups, regardless of platform /history - to list version history only ----------------------------------------------- et catch me (un doute sur lrésultat...un peu court,non?) ------------------------------------------------ catchme 0.3.692 W2K/XP/Vista - userland rootkit detector by Gmer, http://www.gmer.net Rootkit scan 2007-06-14 17:05:36 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden services ... scanning hidden autostart entries ... --------------- a + pour un scan kaspersky scanning hidden files ... scan completed successfully hidden processes: 0 hidden services: 0 hidden files: 0
  2. Salut! les choses avancent ,semble t il,assez bien voici le rapport qui va bien: ------------------------ Logfile of HijackThis v1.99.1 Scan saved at 21:01:18, on 13/06/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16473) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe c:\program files\a-squared free\a2service.exe C:\Program Files\Spyware Terminator\sp_rsser.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Inventel\Gateway\wlancfg.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\windows\system\hpsysdrv.exe C:\Program Files\HP\Digital Imaging\Unload\hpqcmon.exe C:\WINDOWS\System32\hphmon05.exe C:\HP\KBD\KBD.EXE C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Program Files\Multimedia Card Reader\shwicon2k.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe C:\Program Files\ATI Multimedia\main\ATIDtct.EXE C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\WinRAR\WinRAR.exe C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\Rar$EX00.266\HijackThis.exe C:\Program Files\Mozilla Firefox\firefox.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr10.hpwis.com/ R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://srch-fr10.hpwis.com/ R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://srch-fr10.hpwis.com/ R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://srch-fr10.hpwis.com/ R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr10.hpwis.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://srch-fr10.hpwis.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://fr10.hpwis.com/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O3 - Toolbar: Vue HP - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\hpdtlk02.dll O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe O4 - HKLM\..\Run: [CamMonitor] c:\Program Files\HP\Digital Imaging\Unload\hpqcmon.exe O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\System32\hphmon05.exe O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE O4 - HKLM\..\Run: [updateManager] "C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe" /r O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [sunkist2k] C:\Program Files\Multimedia Card Reader\shwicon2k.exe O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [spywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe" O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook O4 - HKCU\..\Run: [ATI Launchpad] "C:\Program Files\ATI Multimedia\main\launchpd.exe" O4 - HKCU\..\Run: [ATI DeviceDetect] C:\Program Files\ATI Multimedia\main\ATIDtct.EXE O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - Startup: TribalWeb.lnk = C:\Program Files\TribalWeb.net\tribalweb.exe O4 - Startup: TribalWeb.net.lnk = C:\Program Files\TribalWeb.net\tribalweb.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\shdocvw.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\shdocvw.dll O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\WINDOWS\System32\shdocvw.dll O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\WINDOWS\System32\shdocvw.dll O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing) O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing) O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O11 - Options group: [iNTERNATIONAL] International* O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.zebulon.fr/scan8/oscan8.cab O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{8B695DA3-02B2-4DBC-8485-2F92D380EB62}: NameServer = 80.10.246.2,80.10.246.129 O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - c:\program files\a-squared free\a2service.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: Spyware Terminator Clam Service (sp_clamsrv) - Crawler.com - C:\Program Files\WinClamAVShield\sp_clamsrv.exe O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe O23 - Service: Service de lancement de WlanCfg (Wlancfg) - Inventel - C:\Program Files\Inventel\Gateway\wlancfg.exe ---------------------- merci pour ton analyse
  3. apres le scan on a ceci: ---------------------------- Complete scanning result of "services.exe", received in VirusTotal at 06.12.2007, 20:51:37 (CET). Antivirus Version Update Result AhnLab-V3 2007.6.12.2 06.12.2007 no virus found AntiVir 7.4.0.32 06.12.2007 no virus found Authentium 4.93.8 06.12.2007 no virus found Avast 4.7.997.0 06.12.2007 no virus found AVG 7.5.0.467 06.12.2007 no virus found BitDefender 7.2 06.12.2007 no virus found CAT-QuickHeal 9.00 06.12.2007 no virus found ClamAV devel-20070416 06.12.2007 no virus found DrWeb 4.33 06.12.2007 no virus found eSafe 7.0.15.0 06.12.2007 no virus found eTrust-Vet 30.7.3713 06.12.2007 no virus found Ewido 4.0 06.12.2007 Backdoor.Autohax.b FileAdvisor 1 06.12.2007 no virus found Fortinet 2.85.0.0 06.12.2007 no virus found F-Prot 4.3.2.48 06.12.2007 no virus found F-Secure 6.70.13030.0 06.12.2007 Backdoor.Win32.Autohax.b Ikarus T3.1.1.8 06.12.2007 no virus found Kaspersky 4.0.2.24 06.12.2007 Backdoor.Win32.Autohax.b McAfee 5051 06.12.2007 no virus found Microsoft 1.2503 06.12.2007 no virus found NOD32v2 2325 06.12.2007 probably unknown NewHeur_PE virus Norman 5.80.02 06.12.2007 no virus found Panda 9.0.0.4 06.12.2007 Suspicious file Prevx1 V2 06.12.2007 no virus found Sophos 4.18.0 06.12.2007 no virus found Sunbelt 2.2.907.0 06.09.2007 no virus found Symantec 10 06.12.2007 no virus found TheHacker 6.1.6.132 06.11.2007 no virus found VBA32 3.12.0.1 06.11.2007 Backdoor.Win32.Autohax.b VirusBuster 4.3.23:9 06.12.2007 no virus found Webwasher-Gateway 6.0.1 06.12.2007 no virus found Aditional Information File size: 462848 bytes MD5: aed98c246abf2f1f14c4468c4705f972 SHA1: 1cb3388aa5c4e56b20f14fc65a6a0dd723f73f96 -------------------------------------------------------------- voila le travil...je vais remettre zone alarm en fct (il ralentit quand meme pas mal le systeme!!! mais bon ....) tiens moi au courant pour kaspersky. merci de ton aide..
  4. voila le rapport,effectivement je confirme :3 bêtes trouvés avec kasp mais pas de rapport!! sinon l'ordi semble + stable merci. -------------------------------- StartupList report, 11/06/2007, 23:00:01 StartupList version: 1.52.2 Started from : C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\Rar$EX00.921\HijackThis.EXE Detected: Windows XP SP2 (WinNT 5.01.2600) Detected: Internet Explorer v7.00 (7.00.6000.16441) * Using default options * Including empty and uninteresting sections * Showing rarely important sections ================================================== Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe c:\program files\a-squared free\a2service.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\windows\system\hpsysdrv.exe C:\Program Files\HP\Digital Imaging\Unload\hpqcmon.exe C:\WINDOWS\System32\hphmon05.exe C:\HP\KBD\KBD.EXE C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Program Files\Multimedia Card Reader\shwicon2k.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe C:\Program Files\ATI Multimedia\main\ATIDtct.EXE C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Spyware Terminator\sp_rsser.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Inventel\Gateway\wlancfg.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\Rar$EX00.921\HijackThis.exe -------------------------------------------------- Listing of startup folders: Shell folders Startup: [C:\Documents and Settings\Propriétaire\Menu Démarrer\Programmes\Démarrage] TribalWeb.lnk = C:\Program Files\TribalWeb.net\tribalweb.exe TribalWeb.net.lnk = C:\Program Files\TribalWeb.net\tribalweb.exe Shell folders AltStartup: *Folder not found* User shell folders Startup: *Folder not found* User shell folders AltStartup: *Folder not found* Shell folders Common Startup: [C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage] Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE Shell folders Common AltStartup: *Folder not found* User shell folders Common Startup: *Folder not found* User shell folders Alternate Common Startup: *Folder not found* -------------------------------------------------- Checking Windows NT UserInit: [HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] UserInit = C:\WINDOWS\system32\userinit.exe, [HKLM\Software\Microsoft\Windows\CurrentVersion\Winlogon] *Registry key not found* [HKCU\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] *Registry value not found* [HKCU\Software\Microsoft\Windows\CurrentVersion\Winlogon] *Registry key not found* -------------------------------------------------- Autorun entries from Registry: HKLM\Software\Microsoft\Windows\CurrentVersion\Run hpsysdrv = c:\windows\system\hpsysdrv.exe HotKeysCmds = C:\WINDOWS\System32\hkcmd.exe CamMonitor = c:\Program Files\HP\Digital Imaging\Unload\hpqcmon.exe HPHmon05 = C:\WINDOWS\System32\hphmon05.exe KBD = C:\HP\KBD\KBD.EXE UpdateManager = "C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe" /r Recguard = C:\WINDOWS\SMINST\RECGUARD.EXE NvCplDaemon = RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup nwiz = nwiz.exe /installquiet /keeploaded /nodetect AlcxMonitor = ALCXMNTR.EXE PS2 = C:\WINDOWS\system32\ps2.exe ATIPTA = C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe Sunkist2k = C:\Program Files\Multimedia Card Reader\shwicon2k.exe avast! = C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe SpywareTerminator = "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe" -------------------------------------------------- Autorun entries from Registry: HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce *No values found* -------------------------------------------------- Autorun entries from Registry: HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnceEx *No values found* -------------------------------------------------- Autorun entries from Registry: HKLM\Software\Microsoft\Windows\CurrentVersion\RunServices *No values found* -------------------------------------------------- Autorun entries from Registry: HKLM\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce *Registry key not found* -------------------------------------------------- Autorun entries from Registry: HKCU\Software\Microsoft\Windows\CurrentVersion\Run NVIEW = rundll32.exe nview.dll,nViewLoadHook ATI Launchpad = "C:\Program Files\ATI Multimedia\main\launchpd.exe" ATI DeviceDetect = C:\Program Files\ATI Multimedia\main\ATIDtct.EXE ctfmon.exe = C:\WINDOWS\system32\ctfmon.exe -------------------------------------------------- Autorun entries from Registry: HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce *No values found* -------------------------------------------------- Autorun entries from Registry: HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnceEx *Registry key not found* -------------------------------------------------- Autorun entries from Registry: HKCU\Software\Microsoft\Windows\CurrentVersion\RunServices *No values found* -------------------------------------------------- Autorun entries from Registry: HKCU\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce *Registry key not found* -------------------------------------------------- Autorun entries from Registry: HKLM\Software\Microsoft\Windows NT\CurrentVersion\Run *Registry key not found* -------------------------------------------------- Autorun entries from Registry: HKCU\Software\Microsoft\Windows NT\CurrentVersion\Run *Registry key not found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKLM\Software\Microsoft\Windows\CurrentVersion\Run [OptionalComponents] *No values found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce *No subkeys found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnceEx *No subkeys found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKLM\Software\Microsoft\Windows\CurrentVersion\RunServices *No subkeys found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKLM\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce *Registry key not found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKCU\Software\Microsoft\Windows\CurrentVersion\Run *No subkeys found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce *No subkeys found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnceEx *Registry key not found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKCU\Software\Microsoft\Windows\CurrentVersion\RunServices *No subkeys found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKCU\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce *Registry key not found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKLM\Software\Microsoft\Windows NT\CurrentVersion\Run *Registry key not found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKCU\Software\Microsoft\Windows NT\CurrentVersion\Run *Registry key not found* -------------------------------------------------- File association entry for .EXE: HKEY_CLASSES_ROOT\exefile\shell\open\command (Default) = "%1" %* -------------------------------------------------- File association entry for .COM: HKEY_CLASSES_ROOT\comfile\shell\open\command (Default) = "%1" %* -------------------------------------------------- File association entry for .BAT: HKEY_CLASSES_ROOT\batfile\shell\open\command (Default) = "%1" %* -------------------------------------------------- File association entry for .PIF: HKEY_CLASSES_ROOT\piffile\shell\open\command (Default) = "%1" %* -------------------------------------------------- File association entry for .SCR: HKEY_CLASSES_ROOT\scrfile\shell\open\command (Default) = "%1" /S -------------------------------------------------- File association entry for .HTA: HKEY_CLASSES_ROOT\htafile\shell\open\command (Default) = C:\WINDOWS\system32\mshta.exe "%1" %* -------------------------------------------------- File association entry for .TXT: HKEY_CLASSES_ROOT\txtfile\shell\open\command (Default) = %SystemRoot%\system32\NOTEPAD.EXE %1 -------------------------------------------------- Enumerating Active Setup stub paths: HKLM\Software\Microsoft\Active Setup\Installed Components (* = disabled by HKCU twin) [<{12d0ed0d-0ee0-4f90-8827-78cefb8f4988}] * StubPath = C:\WINDOWS\system32\ieudinit.exe [>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] StubPath = C:\WINDOWS\inf\unregmp2.exe /ShowWMP [>{26923b43-4d38-484f-9b9e-de460746276c}] * StubPath = C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig [>{60B49E34-C7CC-11D0-8953-00A0C90347FF}] * StubPath = RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP [>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}] * StubPath = %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE [{2C7339CF-2B09-4501-B3F3-F3508C9228ED}] * StubPath = %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll [{44BBA840-CC51-11CF-AAFA-00AA00B6015C}] * StubPath = "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install [{44BBA842-CC51-11CF-AAFA-00AA00B6015B}] * StubPath = rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT [{5945c046-1e7d-11d1-bc44-00c04fd912be}] * StubPath = rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser [{6BF52A52-394A-11d3-B153-00C04F79FAA6}] * StubPath = rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp11.inf,PerUserStub [{7790769C-0471-11d2-AF11-00C04FA35D02}] * StubPath = "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install [{89820200-ECBD-11cf-8B85-00AA005B4340}] * StubPath = regsvr32.exe /s /n /i:U shell32.dll [{89820200-ECBD-11cf-8B85-00AA005B4383}] * StubPath = C:\WINDOWS\system32\ie4uinit.exe -BaseSettings [{89B4C1CD-B018-4511-B0A1-5476DBF70820}] * StubPath = C:\WINDOWS\System32\Rundll32.exe C:\WINDOWS\System32\mscories.dll,Install [{8b15971b-5355-4c82-8c07-7e181ea07608}] * StubPath = rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\fxsocm.inf,Fax.Install.PerUser -------------------------------------------------- Enumerating ICQ Agent Autostart apps: HKCU\Software\Mirabilis\ICQ\Agent\Apps *Registry key not found* -------------------------------------------------- Load/Run keys from C:\WINDOWS\WIN.INI: load=*INI section not found* run=*INI section not found* Load/Run keys from Registry: HKLM\..\Windows NT\CurrentVersion\WinLogon: load=*Registry value not found* HKLM\..\Windows NT\CurrentVersion\WinLogon: run=*Registry value not found* HKLM\..\Windows\CurrentVersion\WinLogon: load=*Registry key not found* HKLM\..\Windows\CurrentVersion\WinLogon: run=*Registry key not found* HKCU\..\Windows NT\CurrentVersion\WinLogon: load=*Registry value not found* HKCU\..\Windows NT\CurrentVersion\WinLogon: run=*Registry value not found* HKCU\..\Windows\CurrentVersion\WinLogon: load=*Registry key not found* HKCU\..\Windows\CurrentVersion\WinLogon: run=*Registry key not found* HKCU\..\Windows NT\CurrentVersion\Windows: load= HKCU\..\Windows NT\CurrentVersion\Windows: run=*Registry value not found* HKLM\..\Windows NT\CurrentVersion\Windows: load=*Registry value not found* HKLM\..\Windows NT\CurrentVersion\Windows: run=*Registry value not found* HKLM\..\Windows NT\CurrentVersion\Windows: AppInit_DLLs= -------------------------------------------------- Shell & screensaver key from C:\WINDOWS\SYSTEM.INI: Shell=*INI section not found* SCRNSAVE.EXE=*INI section not found* drivers=*INI section not found* Shell & screensaver key from Registry: Shell=Explorer.exe SCRNSAVE.EXE=C:\WINDOWS\System32\ssmypics.scr drivers=*Registry value not found* Policies Shell key: HKCU\..\Policies: Shell=*Registry value not found* HKLM\..\Policies: Shell=*Registry value not found* -------------------------------------------------- Checking for EXPLORER.EXE instances: C:\WINDOWS\Explorer.exe: PRESENT! C:\Explorer.exe: not present C:\WINDOWS\Explorer\Explorer.exe: not present C:\WINDOWS\System\Explorer.exe: not present C:\WINDOWS\System32\Explorer.exe: not present C:\WINDOWS\Command\Explorer.exe: not present C:\WINDOWS\Fonts\Explorer.exe: not present -------------------------------------------------- Checking for superhidden extensions: .lnk: HIDDEN! (arrow overlay: yes) .pif: HIDDEN! (arrow overlay: yes) .exe: not hidden .com: not hidden .bat: not hidden .hta: not hidden .scr: not hidden .shs: HIDDEN! .shb: HIDDEN! .vbs: not hidden .vbe: not hidden .wsh: not hidden .scf: HIDDEN! (arrow overlay: NO!) .url: HIDDEN! (arrow overlay: yes) .js: not hidden .jse: not hidden -------------------------------------------------- Verifying REGEDIT.EXE integrity: - Regedit.exe found in C:\WINDOWS - .reg open command is normal (regedit.exe %1) - Regedit.exe has no CompanyName property! It is either missing or named something else. - Regedit.exe has no OriginalFilename property! It is either missing or named something else. - Regedit.exe has no FileDescription property! It is either missing or named something else. Registry check failed! -------------------------------------------------- Enumerating Browser Helper Objects: (no name) - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (no name) - (no file) - {7E853D72-626A-48EC-A868-BA8D5E23E045} -------------------------------------------------- Enumerating Task Scheduler jobs: *No jobs found* -------------------------------------------------- Enumerating Download Program Files: [CKAVWebScan Object] InProcServer32 = C:\WINDOWS\system32\Kaspersky Lab\Kaspersky Online Scanner\kavwebscan.dll CODEBASE = http://webscanner.kaspersky.fr/kavwebscan_unicode.cab [bDSCANONLINE Control] InProcServer32 = C:\WINDOWS\DOWNLO~1\oscan8.ocx CODEBASE = http://www.zebulon.fr/scan8/oscan8.cab [Java Plug-in 1.4.2] InProcServer32 = C:\Program Files\Java\j2re1.4.2\bin\npjpi142.dll CODEBASE = http://java.sun.com/products/plugin/autodl...indows-i586.cab [ActiveScan Installer Class] InProcServer32 = C:\WINDOWS\Downloaded Program Files\asinst.dll CODEBASE = http://acs.pandasoftware.com/activescan/as5free/asinst.cab [Java Plug-in 1.4.2] InProcServer32 = C:\Program Files\Java\j2re1.4.2\bin\npjpi142.dll CODEBASE = http://java.sun.com/products/plugin/autodl...indows-i586.cab -------------------------------------------------- Enumerating Winsock LSP files: NameSpace #1: C:\WINDOWS\System32\mswsock.dll NameSpace #2: C:\WINDOWS\System32\winrnr.dll NameSpace #3: C:\WINDOWS\System32\mswsock.dll Protocol #1: C:\WINDOWS\system32\mswsock.dll Protocol #2: C:\WINDOWS\system32\mswsock.dll Protocol #3: C:\WINDOWS\system32\mswsock.dll Protocol #4: C:\WINDOWS\system32\rsvpsp.dll Protocol #5: C:\WINDOWS\system32\rsvpsp.dll Protocol #6: C:\WINDOWS\system32\mswsock.dll Protocol #7: C:\WINDOWS\system32\mswsock.dll Protocol #8: C:\WINDOWS\system32\mswsock.dll Protocol #9: C:\WINDOWS\system32\mswsock.dll Protocol #10: C:\WINDOWS\system32\mswsock.dll Protocol #11: C:\WINDOWS\system32\mswsock.dll Protocol #12: C:\WINDOWS\system32\mswsock.dll Protocol #13: C:\WINDOWS\system32\mswsock.dll Protocol #14: C:\WINDOWS\system32\mswsock.dll Protocol #15: C:\WINDOWS\system32\mswsock.dll -------------------------------------------------- Enumerating Windows NT/2000/XP services a-squared Free Service: c:\program files\a-squared free\a2service.exe (autostart) a347bus: System32\DRIVERS\a347bus.sys (system) a347scsi: System32\Drivers\a347scsi.sys (system) Pilote ACPI Microsoft: System32\DRIVERS\ACPI.sys (system) Suppresseur d'écho acoustique (Noyau Microsoft): system32\drivers\aec.sys (manual start) Environnement de prise en charge de réseau AFD: \SystemRoot\System32\drivers\afd.sys (system) Filtre de bus AGP Intel: System32\DRIVERS\agp440.sys (system) Service for Realtek AC97 Audio (WDM): system32\drivers\ALCXWDM.SYS (manual start) Avertissement: %SystemRoot%\System32\svchost.exe -k LocalService (disabled) Service de la passerelle de la couche Application: %SystemRoot%\System32\alg.exe (manual start) Pilote de processeur AMD K7: System32\DRIVERS\amdk7.sys (system) Gestion d'applications: %SystemRoot%\system32\svchost.exe -k netsvcs (manual start) Protocole client ARP 1394: System32\DRIVERS\arp1394.sys (manual start) ASP.NET State Service: %SystemRoot%\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe (manual start) avast! iAVS4 Control Service: "C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe" (autostart) Pilote de média asynchrone RAS: System32\DRIVERS\asyncmac.sys (manual start) Contrôleur de disque dur IDE/ESDI standard: System32\DRIVERS\atapi.sys (system) Ati HotKey Poller: %SystemRoot%\system32\Ati2evxx.exe (autostart) ATI Smart: C:\WINDOWS\system32\ati2sgag.exe (autostart) ati2mtag: System32\DRIVERS\ati2mtag.sys (manual start) Protocole client ATM ARP: System32\DRIVERS\atmarpc.sys (manual start) Audio Windows: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Pilote audio Stub: System32\DRIVERS\audstub.sys (manual start) avast! Antivirus: "C:\Program Files\Alwil Software\Avast4\ashServ.exe" (autostart) avast! Mail Scanner: "C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (manual start) avast! Web Scanner: "C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (manual start) Service de transfert intelligent en arrière-plan: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start) Explorateur d'ordinateur: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Pilote de CD-ROM: System32\DRIVERS\cdrom.sys (system) Service d'indexation: %SystemRoot%\system32\cisvc.exe (manual start) Gestionnaire de l'Album: %SystemRoot%\system32\clipsrv.exe (disabled) Application système COM+: C:\WINDOWS\System32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235} (manual start) Services de cryptographie: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart) Lanceur de processus serveur DCOM: %SystemRoot%\system32\svchost -k DcomLaunch (autostart) Client DHCP: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) DHCP-Verwaltung: C:\Program Files\xerox\err\services.exe (autostart) Pilote de disque: System32\DRIVERS\disk.sys (system) Service d'administration du Gestionnaire de disque logique: %SystemRoot%\System32\dmadmin.exe /com (manual start) dmboot: System32\drivers\dmboot.sys (disabled) dmio: System32\drivers\dmio.sys (disabled) dmload: System32\drivers\dmload.sys (disabled) Gestionnaire de disque logique: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start) Synthétiseur DLS du noyau Microsoft: system32\drivers\DMusic.sys (manual start) Client DNS: %SystemRoot%\System32\svchost.exe -k NetworkService (autostart) Filtre de décodeur DRM (Noyau Microsoft): system32\drivers\drmkaud.sys (manual start) Pilote de la carte EtherLink XL 90XB/C 3Com: System32\DRIVERS\el90xbc5.sys (manual start) Service de rapport d'erreurs: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Journal des événements: %SystemRoot%\system32\services.exe (autostart) Système d'événements de COM+: C:\WINDOWS\System32\svchost.exe -k netsvcs (manual start) Compatibilité avec le Changement rapide d'utilisateur: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start) Fax: %systemroot%\system32\fxssvc.exe (manual start) Pilote de contrôleur de lecteur de disquettes: System32\DRIVERS\fdc.sys (manual start) Pilote de lecteur de disquettes: System32\DRIVERS\flpydisk.sys (manual start) FltMgr: system32\drivers\fltmgr.sys (system) Pilote du Gestionnaire de volume: System32\DRIVERS\ftdisk.sys (system) Classificateur de paquets générique: System32\DRIVERS\msgpc.sys (manual start) Aide et support: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Accès du périphérique d'interface utilisateur: %SystemRoot%\System32\svchost.exe -k netsvcs (disabled) Pilote de classe HID Microsoft: system32\DRIVERS\hidusb.sys (manual start) HSFHWBS2: System32\DRIVERS\HSFHWBS2.sys (manual start) HSF_DP: System32\DRIVERS\HSF_DP.sys (manual start) HTTP: System32\Drivers\HTTP.sys (manual start) HTTP SSL: %SystemRoot%\System32\svchost.exe -k HTTPFilter (manual start) Pilote pour clavier i8042 et souris sur port PS/2: System32\DRIVERS\i8042prt.sys (system) ialm: System32\DRIVERS\ialmnt5.sys (manual start) Pilote de filtre de gravure CD: System32\DRIVERS\imapi.sys (system) Service COM de gravage de CD IMAPI: C:\WINDOWS\System32\imapi.exe (manual start) IntelIde: System32\DRIVERS\intelide.sys (system) Pilote de processeur Intel: System32\DRIVERS\intelppm.sys (system) Pilote du pare-feu Windows IPv6: system32\drivers\ip6fw.sys (manual start) Pilote de filtre de trafic IP: System32\DRIVERS\ipfltdrv.sys (manual start) Pilote de tunnelage IP dans IP: System32\DRIVERS\ipinip.sys (manual start) Traducteur d'adresses réseau IP: System32\DRIVERS\ipnat.sys (manual start) Pilote IPSEC: System32\DRIVERS\ipsec.sys (system) Service énumérateur IR: System32\DRIVERS\irenum.sys (manual start) Pilote de bus Plug-and-Play ISA/EISA: System32\DRIVERS\isapnp.sys (system) Pilote de la classe Clavier: System32\DRIVERS\kbdclass.sys (system) Mélangeur audio Wave de noyau Microsoft: system32\drivers\kmixer.sys (manual start) KProcCheck: System32\DRIVERS\KProcCheck.sys (manual start) Serveur: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Station de travail: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Assistance TCP/IP NetBIOS: %SystemRoot%\System32\svchost.exe -k LocalService (autostart) mdmxsdk: System32\DRIVERS\mdmxsdk.sys (autostart) Affichage des messages: %SystemRoot%\System32\svchost.exe -k netsvcs (disabled) Partage de Bureau à distance NetMeeting: C:\WINDOWS\System32\mnmsrvc.exe (manual start) Pilote de la classe Souris: System32\DRIVERS\mouclass.sys (system) Pilote HID de souris: System32\DRIVERS\mouhid.sys (manual start) Redirecteur client WebDav: System32\DRIVERS\mrxdav.sys (manual start) MRXSMB: System32\DRIVERS\mrxsmb.sys (system) Distributed Transaction Coordinator: C:\WINDOWS\System32\msdtc.exe (manual start) Windows Installer: C:\WINDOWS\System32\msiexec.exe /V (manual start) Proxy de service de répartition Microsoft: system32\drivers\MSKSSRV.sys (manual start) Proxy d'horloge de répartition Microsoft: system32\drivers\MSPCLOCK.sys (manual start) Proxy de gestion de qualité de répartition Microsoft: system32\drivers\MSPQM.sys (manual start) Pilote BIOS de gestion de systèmes Microsoft: System32\DRIVERS\mssmbios.sys (manual start) Pilote TAPI NDIS d'accès distant: System32\DRIVERS\ndistapi.sys (manual start) NDIS mode utilisateur E/S Protocole: System32\DRIVERS\ndisuio.sys (manual start) Pilote réseau étendu NDIS d'accès distant: System32\DRIVERS\ndiswan.sys (manual start) Interface NetBIOS: System32\DRIVERS\netbios.sys (system) NetBT: System32\DRIVERS\netbt.sys (system) DDE réseau: %SystemRoot%\system32\netdde.exe (disabled) DSDM DDE réseau: %SystemRoot%\system32\netdde.exe (disabled) Ouverture de session réseau: %SystemRoot%\System32\lsass.exe (manual start) Connexions réseau: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start) Pilote réseau 1394: System32\DRIVERS\nic1394.sys (manual start) NLA (Network Location Awareness): %SystemRoot%\System32\svchost.exe -k netsvcs (manual start) Fournisseur de la prise en charge de sécurité LM NT: %SystemRoot%\System32\lsass.exe (manual start) Stockage amovible: %SystemRoot%\system32\svchost.exe -k netsvcs (manual start) nv: System32\DRIVERS\nv4_mini.sys (manual start) NVIDIA Driver Helper Service: %SystemRoot%\System32\nvsvc32.exe (autostart) NVIDIA nForce AGP Bus Filter: System32\DRIVERS\nv_agp.sys (system) Pilote de filtre de trafic IPX: System32\DRIVERS\nwlnkflt.sys (manual start) Pilote de transfert de trafic IPX: System32\DRIVERS\nwlnkfwd.sys (manual start) Contrôleur hôte NEC FireWarden IEEE 1394 compatible OHCI (Open Host Controller Interface): System32\DRIVERS\ohci1394.sys (system) Pilote de port parallèle: System32\DRIVERS\parport.sys (manual start) PCAMPR5 NDIS Protocol Driver: \??\C:\WINDOWS\System32\PCAMPR5.SYS (manual start) PCANDIS5 NDIS Protocol Driver: \??\C:\WINDOWS\System32\PCANDIS5.SYS (manual start) Pilote de bus PCI: System32\DRIVERS\pci.sys (system) PCIIde: \SystemRoot\System32\DRIVERS\pciide.sys (disabled) Padus ASPI Shell: system32\drivers\pfc.sys (manual start) Plug-and-Play: %SystemRoot%\system32\services.exe (autostart) Services IPSEC: %SystemRoot%\System32\lsass.exe (autostart) Miniport réseau étendu (PPTP): System32\DRIVERS\raspptp.sys (manual start) Pilote processeur: System32\DRIVERS\processr.sys (system) StarForce Protection Environment Driver v6: \SystemRoot\System32\drivers\prodrv06.sys (system) StarForce Protection Helper Driver v2: System32\drivers\prohlp02.sys (system) StarForce Protection Synchronization Driver v1: System32\drivers\prosync1.sys (system) Emplacement protégé: %SystemRoot%\system32\lsass.exe (autostart) PS2: System32\DRIVERS\PS2.sys (manual start) Planificateur de paquets QoS: System32\DRIVERS\psched.sys (manual start) Pilote de liaison parallèle directe: System32\DRIVERS\ptilink.sys (manual start) PxHelp20: System32\DRIVERS\PxHelp20.sys (system) Pilote de connexion automatique d'accès distant: System32\DRIVERS\rasacd.sys (system) Gestionnaire de connexion automatique d'accès distant: %SystemRoot%\System32\svchost.exe -k netsvcs (disabled) Miniport réseau étendu (L2TP): System32\DRIVERS\rasl2tp.sys (manual start) Gestionnaire de connexions d'accès distant: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start) Pilote PPPOE d'accès à distance: System32\DRIVERS\raspppoe.sys (manual start) Parallèle direct: System32\DRIVERS\raspti.sys (manual start) Rdbss: System32\DRIVERS\rdbss.sys (system) RDPCDD: System32\DRIVERS\RDPCDD.sys (system) Gestionnaire de session d'aide sur le Bureau à distance: C:\WINDOWS\system32\sessmgr.exe (manual start) Pilote de filtre de lecture digitale de CD audio: System32\DRIVERS\redbook.sys (system) Routage et accès distant: %SystemRoot%\System32\svchost.exe -k netsvcs (disabled) Localisateur d'appels de procédure distante (RPC): %SystemRoot%\System32\locator.exe (manual start) Appel de procédure distante (RPC): %SystemRoot%\system32\svchost -k rpcss (autostart) QoS RSVP: %SystemRoot%\System32\rsvp.exe (manual start) Realtek RTL8139/810x Family Fast Ethernet NIC NT Driver: System32\DRIVERS\R8139n51.SYS (manual start) Gestionnaire de comptes de sécurité: %SystemRoot%\system32\lsass.exe (autostart) Carte à puce: %SystemRoot%\System32\SCardSvr.exe (manual start) Planificateur de tâches: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Secdrv: System32\DRIVERS\secdrv.sys (autostart) Connexion secondaire: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Notification d'événement système: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart) Pilote de filtre Serenum: System32\DRIVERS\serenum.sys (manual start) Pilote de port série: System32\DRIVERS\serial.sys (system) StarForce Cure Driver (version 1.x): System32\drivers\sfcure01.sys (manual start) StarForce Protection Environment Driver (version 1.x): System32\drivers\sfdrv01.sys (system) StarForce Protection Helper Driver: System32\drivers\sfhlp01.sys (system) StarForce Protection Helper Driver (version 2.x): System32\drivers\sfhlp02.sys (system) StarForce Protection Synchronization Driver (version 2.x): System32\drivers\sfsync02.sys (system) StarForce Protection VFS Driver (version 2.x): System32\drivers\sfvfs02.sys (system) Windows Firewall/Internet Connection Sharing (ICS): %SystemRoot%\system32\svchost.exe -k netsvcs (autostart) Détection matériel noyau: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) SiS163 usb Wireless LAN Adapter Driver: System32\DRIVERS\sis163u.sys (manual start) SiS315: System32\DRIVERS\sisgrp.sys (manual start) SiS AGP Filter: System32\DRIVERS\SISAGPX.sys (system) SiSkp: System32\DRIVERS\srvkp.sys (system) Splitter audio du noyau Microsoft: system32\drivers\splitter.sys (manual start) Spouleur d'impression: %SystemRoot%\system32\spoolsv.exe (autostart) Spyware Terminator Clam Service: C:\Program Files\WinClamAVShield\sp_clamsrv.exe (manual start) Spyware Terminator Driver 2: \??\C:\WINDOWS\system32\drivers\sp_rsdrv2.sys (system) Spyware Terminator Realtime Shield Service: C:\Program Files\Spyware Terminator\sp_rsser.exe (autostart) Pilote de filtre de restauration système: System32\DRIVERS\sr.sys (system) Service de restauration système: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Srv: System32\DRIVERS\srv.sys (manual start) Service de découvertes SSDP: %SystemRoot%\System32\svchost.exe -k LocalService (manual start) Acquisition d'image Windows (WIA): %SystemRoot%\System32\svchost.exe -k imgsvc (autostart) Alcor Micro Corp - 9360: \??\C:\WINDOWS\System32\Drivers\sunkfilt.sys (manual start) HP && Alcor Micro Corp for Phison: \??\C:\WINDOWS\System32\Drivers\sunkfiltp.sys (manual start) Pilote de bus logiciel: System32\DRIVERS\swenum.sys (manual start) Synthétiseur de table de sons GC noyau Microsoft: system32\drivers\swmidi.sys (manual start) MS Software Shadow Copy Provider: C:\WINDOWS\System32\dllhost.exe /Processid:{CDDDA435-D8D7-420E-9821-39B0A17F117C} (manual start) Périphérique audio système du noyau Microsoft: system32\drivers\sysaudio.sys (manual start) Journaux et alertes de performance: %SystemRoot%\system32\smlogsvc.exe (manual start) Téléphonie: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start) Pilote du protocole TCP/IP: System32\DRIVERS\tcpip.sys (system) Pilote de périphérique terminal: System32\DRIVERS\termdd.sys (system) Services Terminal Server: %SystemRoot%\System32\svchost -k DComLaunch (manual start) Thèmes: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Client de suivi de lien distribué: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart) Pilote de mise à jour microcode: System32\DRIVERS\update.sys (manual start) Hôte de périphérique universel Plug-and-Play: %SystemRoot%\System32\svchost.exe -k LocalService (manual start) Onduleur: %SystemRoot%\System32\ups.exe (manual start) Pilote USB audio (WDM): system32\drivers\usbaudio.sys (manual start) Pilote parent générique USB Microsoft: System32\DRIVERS\usbccgp.sys (manual start) Pilote miniport de contrôleur hôte amélioré USB 2.0 Microsoft: System32\DRIVERS\usbehci.sys (manual start) Concentrateur USB2: System32\DRIVERS\usbhub.sys (manual start) Pilote miniport de contrôleur hôte ouvert USB Microsoft: System32\DRIVERS\usbohci.sys (manual start) Classe d'imprimantes USB Microsoft: System32\DRIVERS\usbprint.sys (manual start) Pilote de scanneur USB: System32\DRIVERS\usbscan.sys (manual start) Pilote de stockage de masse USB: System32\DRIVERS\USBSTOR.SYS (manual start) Pilote miniport de contrôleur hôte universel USB Microsoft: System32\DRIVERS\usbuhci.sys (manual start) Service Messenger Sharing Folders USN Journal Reader: "C:\Program Files\MSN Messenger\usnsvc.exe" (manual start) Carte vidéo VGA.: \SystemRoot\System32\drivers\vga.sys (system) VIA AGP Filter: System32\DRIVERS\viaagp1.sys (system) viagfx: System32\DRIVERS\vtmini.sys (manual start) ViaIde: \SystemRoot\System32\DRIVERS\viaide.sys (disabled) Cliché instantané de volume: %SystemRoot%\System32\vssvc.exe (manual start) Horloge Windows: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Pilote ARP IP d'accès distant: System32\DRIVERS\wanarp.sys (manual start) Pilote WINMM de compatibilité audio WDM Microsoft: system32\drivers\wdmaud.sys (manual start) WebClient: %SystemRoot%\System32\svchost.exe -k LocalService (autostart) winachsf: System32\DRIVERS\HSF_CNXT.sys (manual start) Infrastructure de gestion Windows: %systemroot%\system32\svchost.exe -k netsvcs (autostart) Service de lancement de WlanCfg: C:\Program Files\Inventel\Gateway\wlancfg.exe SVC (autostart) Service de numéro de série du lecteur multimédia portable: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start) Carte de performance WMI: C:\WINDOWS\System32\wbem\wmiapsrv.exe (manual start) Service Partage réseau du Lecteur Windows Media: "C:\Program Files\Windows Media Player\wmpnetwk.exe" (manual start) Security Center: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Mises à jour automatiques: %systemroot%\system32\svchost.exe -k netsvcs (autostart) Windows Driver Foundation - User-mode Driver Framework Platform Driver: system32\DRIVERS\WudfPf.sys (manual start) Windows Driver Foundation - User-mode Driver Framework Reflector: system32\DRIVERS\wudfrd.sys (manual start) Windows Driver Foundation - User-mode Driver Framework: %SystemRoot%\system32\svchost.exe -k WudfServiceGroup (manual start) Configuration automatique sans fil: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Service d'approvisionnement réseau: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start) Intel® Graphics Platform (SoftBIOS) Driver: system32\drivers\ialmsbw.sys (manual start) Intel® Graphics Chipset (KCH) Driver: system32\drivers\ialmkchw.sys (manual start) -------------------------------------------------- Enumerating Windows NT logon/logoff scripts: *No scripts set to run* Windows NT checkdisk command: BootExecute = autocheck autochk * Windows NT 'Wininit.ini': PendingFileRenameOperations: *Registry value not found* -------------------------------------------------- Enumerating ShellServiceObjectDelayLoad items: PostBootReminder: C:\WINDOWS\system32\SHELL32.dll CDBurn: C:\WINDOWS\system32\SHELL32.dll WebCheck: C:\WINDOWS\system32\webcheck.dll SysTray: C:\WINDOWS\System32\stobject.dll WPDShServiceObj: C:\WINDOWS\system32\WPDShServiceObj.dll -------------------------------------------------- Autorun entries from Registry: HKCU\Software\Microsoft\Windows\CurrentVersion\policies\Explorer\Run *Registry key not found* -------------------------------------------------- Autorun entries from Registry: HKLM\Software\Microsoft\Windows\CurrentVersion\policies\Explorer\Run *Registry key not found* -------------------------------------------------- End of report, 36 944 bytes Report generated in 1,266 seconds Command line options: /verbose - to add additional info on each section /complete - to include empty sections and unsuspicious data /full - to include several rarely-important sections /force9x - to include Win9x-only startups even if running on WinNT /forcent - to include WinNT-only startups even if running on Win9x /forceall - to include all Win9x and WinNT startups, regardless of platform /history - to list version history only ------------------------------------------------------ bonne soirée
  5. voici les rapports: --------------------- report sdfix --------------------- SDFix: Version 1.86 Run by Propri‚taire - 09/06/2007 - 14:42:05,90 Microsoft Windows XP [version 5.1.2600] Running From: C:\DOCUME~1\PROPRI~1\Bureau\SDFix Safe Mode: Checking Services: Restoring Windows Registry Values Restoring Windows Default Hosts File Restoring Missing Security Center Service Restoring Missing SharedAccess Service Rebooting... Normal Mode: Checking Files: Below files will be copied to Backups folder then removed: C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\injs.a9.exe.conf - Deleted C:\WINDOWS\system\smss.exe - Deleted Removing Temp Files... ADS Check: Checking if ADS is attached to system32 Folder C:\WINDOWS\system32 No streams found. Checking if ADS is attached to svchost.exe C:\WINDOWS\system32\svchost.exe No streams found. Checking if ADS is attached to ntoskrnl.exe C:\WINDOWS\system32\ntoskrnl.exe No streams found. Final Check: Remaining Services: ------------------ Authorized Application Key Export: [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\\Program Files\\eMule\\emule.exe"="C:\\Program Files\\eMule\\emule.exe:*:Enabled:eMule" "%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1" "C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)" "K:\\hl2.exe"="K:\\hl2.exe:*:Enabled:hl2" "C:\\Program Files\\TribalWeb.net\\tribalweb.exe"="C:\\Program Files\\TribalWeb.net\\tribalweb.exe:*:Enabled:TribalWeb.net : R‚seau priv‚ sur Internet" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1" "C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)" Remaining Files: --------------- Backups Folder: - C:\DOCUME~1\PROPRI~1\Bureau\SDFix\backups\backups.zip Listing Files with Hidden Attributes: C:\Documents and Settings\All Users\DRM\Cache\Indiv01.tmp C:\Documents and Settings\Propri‚taire\Mes documents\T‚m‚raire\Elec-BC-Alarme\Alimentations elec -BC-perte\~WRL0001.tmp Listing User Accounts: comptes d'utilisateurs de \\DAVID Administrateur HelpAssistant Invit‚ Propri‚taire SUPPORT_388945a0 SUPPORT_fddfa904 La commande s'est termin‚e correctement. Finished ------------------------------ panda:rien de detecté donc pas de rapport accessible ------------------------------ kaspersky:3 virus trouvés mais pas de rapport présent!!?? ------------------------------- je pense qu'il y a encore des vilaines bêtes ds le coin....j'ai bien suivi les indications pour les scans donc je ne vois pas trop!! merci de ton aide en attendant bonne soirée
  6. voici les differents rapports -------------------------------- catchme -------------------------------- catchme 0.3.692 W2K/XP/Vista - userland rootkit detector by Gmer, http://www.gmer.net Rootkit scan 2007-06-09 16:55:26 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden files ... scan completed successfully hidden files: 0 --------------------------------- diaghelp ---------------------------------- DiagHelp version v1.1.1 - http://www.malekal.com excute le 09/06/2007 à 16:55:11,37 Liste des derniers fichies modifies/crees dans windir\system32 C:\WINDOWS\System32/drivers\sp_rsdrv2.sys -->09/06/2007 10:48:33 C:\WINDOWS\System32/drivers\secdrv.sys -->03/05/2007 20:49:26 C:\WINDOWS\System32/drivers\aswmon.sys -->30/04/2007 17:41:55 C:\WINDOWS\System32/drivers\aswmon2.sys -->30/04/2007 17:41:42 C:\WINDOWS\System32/drivers\aswRdr.sys -->30/04/2007 17:39:41 C:\WINDOWS\System32/drivers\aswTdi.sys -->30/04/2007 17:38:51 C:\WINDOWS\System32/drivers\aavmker4.sys -->30/04/2007 17:37:23 C:\WINDOWS\System32\wpa.dbl -->09/06/2007 14:56:15 C:\WINDOWS\System32\FNTCACHE.DAT -->05/06/2007 18:47:36 C:\WINDOWS\System32\d3d9caps.dat -->01/06/2007 21:40:39 C:\WINDOWS\System32\CmdLineExt.dll -->28/05/2007 10:18:29 C:\WINDOWS\System32\CONFIG.NT -->09/05/2007 18:07:46 C:\WINDOWS\System32\aswBoot.exe -->30/04/2007 17:46:10 C:\WINDOWS\System32\AVASTSS.scr -->30/04/2007 17:35:28 C:\WINDOWS\System32\MRT.exe -->27/04/2007 22:45:12 C:\WINDOWS\System32\msi.dll -->18/04/2007 18:14:18 C:\WINDOWS\System32\CmdLineExt03.dll -->03/04/2007 20:38:47 C:\WINDOWS\System32\ieapfltr.dll -->03/04/2007 16:29:23 C:\WINDOWS\System32\ieapfltr.dat -->03/04/2007 06:36:20 C:\WINDOWS\System32\perfh00C.dat -->02/04/2007 17:17:01 C:\WINDOWS\System32\perfh009.dat -->02/04/2007 17:17:01 C:\WINDOWS\System32\perfc00C.dat -->02/04/2007 17:17:01 C:\WINDOWS\System32\perfc009.dat -->02/04/2007 17:17:01 C:\WINDOWS\System32\PerfStringBackup.INI -->02/04/2007 17:16:58 C:\WINDOWS\System32\Uninstall.ico -->25/03/2007 11:43:49 C:\WINDOWS\System32\pavas.ico -->25/03/2007 11:43:49 C:\WINDOWS\System32\Help.ico -->25/03/2007 11:43:49 C:\WINDOWS\System32\winsrv.dll -->17/03/2007 15:44:47 C:\WINDOWS\System32\xpsp3res.dll -->09/03/2007 13:51:20 C:\WINDOWS\System32\user32.dll -->08/03/2007 17:37:50 C:\WINDOWS\System32\mf3216.dll -->08/03/2007 17:37:50 C:\WINDOWS\System32\gdi32.dll -->08/03/2007 17:37:50 C:\WINDOWS\6-wlancfg.log -->09/06/2007 14:55:21 C:\WINDOWS.log -->09/06/2007 14:54:19 C:\WINDOWS\WindowsUpdate.log -->09/06/2007 14:54:12 C:\WINDOWS\wiadebug.log -->09/06/2007 14:54:12 C:\WINDOWS\wiaservc.log -->09/06/2007 14:54:09 C:\WINDOWS\bootstat.dat -->09/06/2007 14:53:18 C:\WINDOWS\ntbtlog.txt -->09/06/2007 14:32:09 C:\WINDOWS\SchedLgU.Txt -->09/06/2007 14:30:32 C:\WINDOWS\4-wlancfg.log -->09/06/2007 14:29:30 C:\WINDOWS\wmsetup.log -->09/06/2007 11:59:08 C:\WINDOWS\setupapi.log -->06/06/2007 18:47:40 C:\WINDOWS\SOF2.INI -->06/06/2007 15:42:01 C:\WINDOWS\Videodeluxe.INI -->05/06/2007 21:22:04 C:\WINDOWS\2-wlancfg.log -->05/06/2007 20:01:53 C:\WINDOWS\mgxoschk.ini -->05/06/2007 18:34:33 Le volume dans le lecteur C s'appelle HP_PAVILION Le numéro de série du volume est AC2B-766D Répertoire de C:\WINDOWS\system 07/05/1998 17:04 52 736 hpsysdrv.exe 1 fichier(s) 52 736 octets 0 Rép(s) 21 071 765 504 octets libres Le volume dans le lecteur C s'appelle HP_PAVILION Le numéro de série du volume est AC2B-766D Répertoire de C:\WINDOWS\system32 20/08/2004 01:09 6 144 csrss.exe 1 fichier(s) 6 144 octets 0 Rép(s) 21 071 765 504 octets libres Le volume dans le lecteur C s'appelle HP_PAVILION Le numéro de série du volume est AC2B-766D Répertoire de C:\WINDOWS\system32 19/08/2003 03:56 1 323 008 dmcpl.exe 1 fichier(s) 1 323 008 octets 0 Rép(s) 21 071 765 504 octets libres Contenu de Downloaded Program Files Le volume dans le lecteur C s'appelle HP_PAVILION Le numéro de série du volume est AC2B-766D Répertoire de C:\WINDOWS\Downloaded Program Files 25/03/2007 11:45 <REP> . 25/03/2007 11:45 <REP> .. 24/08/2006 08:28 141 424 asinst.dll 22/08/2006 09:06 537 asinst.inf 07/12/2004 17:07 32 bdcore.dll 25/05/2006 01:21 118 784 bdupd.dll 01/01/2003 17:38 65 desktop.ini 15/10/1997 02:52 697 DirectAnimation Java Classes.osd 25/05/2006 01:21 53 248 ipsupd.dll 16/03/2005 12:34 7 407 lang.ini 07/12/2004 17:07 32 libfn.dll 14/03/2005 14:38 126 live.ini 20/01/2000 23:25 1 162 Microsoft XML Parser for Java.osd 01/06/2006 02:57 1 331 oscan8.inf 01/06/2006 02:54 471 040 oscan8.ocx 31/05/2006 04:15 10 oscan81.ocx_x 14/03/2005 14:58 7 073 scanoptions.tsi 15 fichier(s) 802 968 octets Total des fichiers listés : 15 fichier(s) 802 968 octets 2 Rép(s) 21 071 761 408 octets libres Recherche de rootkit! (Merci S!Ri) Recherche d'infections connues Export des clefs sensibles.. Liste des fichiers en exception sur le pare-feu XP SP2 "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\\Program Files\\eMule\\emule.exe"="C:\\Program Files\\eMule\\emule.exe:*:Enabled:eMule" "%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1" "C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)" "K:\\hl2.exe"="K:\\hl2.exe:*:Enabled:hl2" "C:\\Program Files\\TribalWeb.net\\tribalweb.exe"="C:\\Program Files\\TribalWeb.net\\tribalweb.exe:*:Enabled:TribalWeb.net : Réseau privé sur Internet" "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1" "C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)" Export de la clef SharedTaskScheduler [sharedTaskScheduler] "{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Pré-chargeur Browseui" "{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Démon de cache des catégories de composant" Rechercher adresses sensibles dans le fichier HOSTS... catchme 0.3.692 W2K/XP/Vista - userland rootkit detector by Gmer, http://www.gmer.net Rootkit scan 2007-06-09 16:55:26 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden files ... scan completed successfully hidden files: 0 ---------------------------------------- hijack ----------------------------------------- Logfile of HijackThis v1.99.1 Scan saved at 17:06:16, on 09/06/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16441) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe c:\program files\a-squared free\a2service.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\windows\system\hpsysdrv.exe C:\Program Files\HP\Digital Imaging\Unload\hpqcmon.exe C:\WINDOWS\System32\hphmon05.exe C:\HP\KBD\KBD.EXE C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Program Files\Multimedia Card Reader\shwicon2k.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe C:\Program Files\ATI Multimedia\main\ATIDtct.EXE C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Spyware Terminator\sp_rsser.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Inventel\Gateway\wlancfg.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\WINDOWS\system32\cmd.exe C:\WINDOWS\system32\cmd.exe C:\Documents and Settings\Propriétaire\Bureau\DiagHelp\DiagHelp\grep.exe C:\Program Files\WinRAR\WinRAR.exe C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\Rar$EX00.672\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr10.hpwis.com/ R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://srch-fr10.hpwis.com/ R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://srch-fr10.hpwis.com/ R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://srch-fr10.hpwis.com/ R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr10.hpwis.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://srch-fr10.hpwis.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://fr10.hpwis.com/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O3 - Toolbar: Vue HP - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\hpdtlk02.dll O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe O4 - HKLM\..\Run: [CamMonitor] c:\Program Files\HP\Digital Imaging\Unload\hpqcmon.exe O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\System32\hphmon05.exe O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE O4 - HKLM\..\Run: [updateManager] "C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe" /r O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [sunkist2k] C:\Program Files\Multimedia Card Reader\shwicon2k.exe O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [spywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe" O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook O4 - HKCU\..\Run: [ATI Launchpad] "C:\Program Files\ATI Multimedia\main\launchpd.exe" O4 - HKCU\..\Run: [ATI DeviceDetect] C:\Program Files\ATI Multimedia\main\ATIDtct.EXE O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - Startup: TribalWeb.lnk = C:\Program Files\TribalWeb.net\tribalweb.exe O4 - Startup: TribalWeb.net.lnk = C:\Program Files\TribalWeb.net\tribalweb.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\shdocvw.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\shdocvw.dll O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\WINDOWS\System32\shdocvw.dll O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\WINDOWS\System32\shdocvw.dll O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing) O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing) O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O11 - Options group: [iNTERNATIONAL] International* O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.zebulon.fr/scan8/oscan8.cab O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{8B695DA3-02B2-4DBC-8485-2F92D380EB62}: NameServer = 80.10.246.2,80.10.246.129 O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - c:\program files\a-squared free\a2service.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: Spyware Terminator Clam Service (sp_clamsrv) - Crawler.com - C:\Program Files\WinClamAVShield\sp_clamsrv.exe O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe O23 - Service: Service de lancement de WlanCfg (Wlancfg) - Inventel - C:\Program Files\Inventel\Gateway\wlancfg.exe ------------------------------------------- diaghelp option 2 --------------------------------------------- FPort v2.0 - TCP/IP Process to Port Mapper Copyright 2000 by Foundstone, Inc. http://www.foundstone.com Pid Process Port Proto Path 1028 -> 135 TCP 4 System -> 139 TCP 4 System -> 445 TCP 2448 ashMaiSv -> 12025 TCP C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe 2448 ashMaiSv -> 12110 TCP C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe 2448 ashMaiSv -> 12119 TCP C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe 2448 ashMaiSv -> 12143 TCP C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe 2540 ashWebSv -> 1048 TCP C:\Program Files\Alwil Software\Avast4\ashWebSv.exe 2540 ashWebSv -> 1060 TCP C:\Program Files\Alwil Software\Avast4\ashWebSv.exe 2540 ashWebSv -> 1070 TCP C:\Program Files\Alwil Software\Avast4\ashWebSv.exe 2540 ashWebSv -> 1076 TCP C:\Program Files\Alwil Software\Avast4\ashWebSv.exe 2540 ashWebSv -> 12080 TCP C:\Program Files\Alwil Software\Avast4\ashWebSv.exe 2044 firefox -> 1033 TCP C:\Program Files\Mozilla Firefox\firefox.exe 2044 firefox -> 1034 TCP C:\Program Files\Mozilla Firefox\firefox.exe 2044 firefox -> 1037 TCP C:\Program Files\Mozilla Firefox\firefox.exe 2044 firefox -> 1038 TCP C:\Program Files\Mozilla Firefox\firefox.exe 2044 firefox -> 1047 TCP C:\Program Files\Mozilla Firefox\firefox.exe 2044 firefox -> 1059 TCP C:\Program Files\Mozilla Firefox\firefox.exe 2044 firefox -> 1069 TCP C:\Program Files\Mozilla Firefox\firefox.exe 2044 firefox -> 1075 TCP C:\Program Files\Mozilla Firefox\firefox.exe 588 sgtray -> 1083 TCP C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe 1028 -> 445 UDP 4 System -> 500 UDP 2448 ashMaiSv -> 138 UDP C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe 2540 ashWebSv -> 1900 UDP C:\Program Files\Alwil Software\Avast4\ashWebSv.exe 2044 firefox -> 1029 UDP C:\Program Files\Mozilla Firefox\firefox.exe 2044 firefox -> 1062 UDP C:\Program Files\Mozilla Firefox\firefox.exe 2044 firefox -> 1066 UDP C:\Program Files\Mozilla Firefox\firefox.exe 2044 firefox -> 123 UDP C:\Program Files\Mozilla Firefox\firefox.exe 2044 firefox -> 137 UDP C:\Program Files\Mozilla Firefox\firefox.exe 2044 firefox -> 1900 UDP C:\Program Files\Mozilla Firefox\firefox.exe 2044 firefox -> 4500 UDP C:\Program Files\Mozilla Firefox\firefox.exe PsList 1.26 - Process Information Lister Copyright © 1999-2004 Mark Russinovich Sysinternals - www.sysinternals.com Process information for DAVID: Name Pid Pri Thd Hnd VM WS Priv Idle 0 0 1 0 0 16 0 System 4 8 67 1328 1904 48 0 smss 404 11 3 21 3828 76 164 csrss 700 13 13 549 26308 2336 1640 winlogon 728 13 22 441 51500 1600 6140 ati2evxx 188 8 5 72 25644 844 764 services 772 9 15 304 37788 1720 2036 ati2evxx 952 8 4 60 19688 372 584 svchost 968 8 19 221 62128 1920 3092 wmiprvse 2692 8 6 140 38064 1968 2780 svchost 1028 8 10 252 35196 1300 1728 svchost 1064 8 85 1368 133936 9040 13708 wuauclt 3304 8 7 166 62272 3748 6252 svchost 1108 8 7 84 30300 1376 1224 svchost 1204 8 15 207 38332 1032 1752 aswUpdSv 1440 8 3 27 16848 52 460 ashServ 1496 13 25 263 100284 11660 13960 sp_rsser 1620 8 10 97 49188 6012 15432 spoolsv 1760 8 14 136 43976 880 3276 a2service 1856 8 6 51 49788 288 5192 svchost 2036 8 8 130 36960 1748 2412 WLANCFG 2140 8 5 90 40308 1608 2356 ashMaiSv 2448 8 8 86 56516 588 3120 ashWebSv 2540 8 18 145 79576 7048 9776 alg 2780 8 3 75 31904 1340 1020 lsass 792 9 19 337 41268 1208 3572 explorer 372 8 22 641 99292 17500 17416 hpsysdrv 528 8 1 25 20184 288 480 HpqCmon 556 8 1 68 33568 616 1076 hphmon05 572 8 3 49 30976 1036 904 kbd 580 13 14 258 66280 1812 3544 sgtray 588 8 1 60 33788 2712 1300 atiptaxx 660 8 2 99 36596 492 2788 ashDisp 668 8 8 80 45148 888 2380 shwicon2k 676 4 1 44 30612 340 648 Spywareterminatorshield 1132 8 3 70 39760 1620 6744 atidtct 1292 8 1 58 30796 472 888 ctfmon 1344 8 1 68 30140 588 844 firefox 2044 8 13 221 100428 42156 32636 cmd 2972 8 1 20 14008 1624 1492 pslist 3280 13 2 81 17904 1760 756 ListDLLs v2.25 - DLL lister for Win9x/NT Copyright © 1997-2004 Mark Russinovich Sysinternals - www.sysinternals.com ------------------------------------------------------------------------------ explorer.exe pid: 372 Command line: C:\WINDOWS\Explorer.EXE Base Size Version Path 0x7c800000 0x104000 5.01.2600.2945 C:\WINDOWS\system32\kernel32.dll 0x77ef0000 0x47000 5.01.2600.3099 C:\WINDOWS\system32\GDI32.dll 0x7e390000 0x90000 5.01.2600.3099 C:\WINDOWS\system32\USER32.dll 0x77f40000 0x76000 6.00.2900.3059 C:\WINDOWS\system32\SHLWAPI.dll 0x7c9d0000 0x823000 6.00.2900.3051 C:\WINDOWS\system32\SHELL32.dll 0x774a0000 0x13d000 5.01.2600.2726 C:\WINDOWS\system32\ole32.dll 0x75f10000 0xfd000 6.00.2900.3059 C:\WINDOWS\system32\BROWSEUI.dll 0x7e210000 0x171000 6.00.2900.3059 C:\WINDOWS\system32\SHDOCVW.dll 0x6fee0000 0x54000 5.01.2600.2976 C:\WINDOWS\system32\NETAPI32.dll 0x44080000 0xcf000 7.00.6000.16441 C:\WINDOWS\system32\WININET.dll 0x00400000 0x9000 6.00.5441.0000 C:\WINDOWS\system32\Normaliz.dll 0x43e00000 0x45000 7.00.6000.16441 C:\WINDOWS\system32\iertutil.dll 0x58b50000 0x9a000 5.82.2900.2982 C:\WINDOWS\system32\comctl32.dll 0x76f80000 0x7f000 2001.12.4414.0308 C:\WINDOWS\system32\CLBCATQ.DLL 0x77000000 0xd4000 2001.12.4414.0258 C:\WINDOWS\system32\COMRes.dll 0x76920000 0x8000 5.01.2600.2751 C:\WINDOWS\system32\LINKINFO.dll 0x76ac0000 0x11000 3.05.2284.0000 C:\WINDOWS\system32\ATL.DLL 0x44360000 0x5ca000 7.00.6000.16441 C:\WINDOWS\system32\ieframe.dll 0x44160000 0x124000 7.00.6000.16441 C:\WINDOWS\system32\urlmon.dll 0x442b0000 0x3c000 7.00.6000.16441 C:\WINDOWS\system32\webcheck.dll 0x76d10000 0x19000 5.01.2600.2912 C:\WINDOWS\system32\iphlpapi.dll 0x7d200000 0x2be000 3.01.4000.4039 C:\WINDOWS\system32\msi.dll 0x164a0000 0x23000 5.02.5721.5145 C:\WINDOWS\system32\WPDShServiceObj.dll 0x109c0000 0x2c000 5.02.5721.5145 C:\WINDOWS\system32\PortableDeviceTypes.dll 0x10930000 0x49000 5.02.5721.5145 C:\WINDOWS\system32\PortableDeviceApi.dll 0x72c60000 0x8000 5.01.2600.0000 C:\WINDOWS\system32\msacm32.drv 0x0ffd0000 0x28000 5.01.2600.2161 C:\WINDOWS\system32\rsaenh.dll 0x10000000 0x1a000 1.00.0000.0006 c:\Program Files\HP\Digital Imaging\bin\hpdtlk02.dll 0x73d20000 0xfe000 6.02.4131.0000 C:\WINDOWS\system32\MFC42.DLL 0x76010000 0x65000 6.02.3104.0000 C:\WINDOWS\system32\MSVCP60.dll 0x61d70000 0xe000 6.00.8665.0000 C:\WINDOWS\system32\MFC42LOC.DLL 0x01180000 0xe000 7.00.0000.1333 C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll 0x7c340000 0x56000 7.10.3052.0004 C:\WINDOWS\system32\MSVCR71.dll 0x77210000 0xb1000 5.01.2600.3019 C:\WINDOWS\system32\SXS.DLL 0x74730000 0x3d000 3.525.1117.0000 C:\WINDOWS\system32\ODBC32.dll 0x02880000 0x18000 3.525.1117.0000 C:\WINDOWS\system32\odbcint.dll 0x02680000 0x1c000 7.00.0000.0000 C:\Program Files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll 0x60980000 0x7000 3.01.4000.1823 C:\WINDOWS\system32\MSISIP.DLL 0x74e10000 0x10000 5.06.0000.8820 C:\WINDOWS\System32\wshext.dll 0x59000000 0xe000 5.06.0000.6626 C:\WINDOWS\System32\wshFR.DLL 0x365a0000 0x15000 10.00.2625.0000 C:\PROGRA~1\MICROS~4\Office10\MCPS.DLL ListDLLs v2.25 - DLL lister for Win9x/NT Copyright © 1997-2004 Mark Russinovich Sysinternals - www.sysinternals.com No matching processes were found. ListDLLs v2.25 - DLL lister for Win9x/NT Copyright © 1997-2004 Mark Russinovich Sysinternals - www.sysinternals.com ------------------------------------------------------------------------------ winlogon.exe pid: 728 Command line: winlogon.exe Base Size Version Path 0x01000000 0x81000 \??\C:\WINDOWS\system32\winlogon.exe 0x7c800000 0x104000 5.01.2600.2945 C:\WINDOWS\system32\kernel32.dll 0x77680000 0x11000 5.01.2600.2622 C:\WINDOWS\system32\AUTHZ.dll 0x7e390000 0x90000 5.01.2600.3099 C:\WINDOWS\system32\USER32.dll 0x77ef0000 0x47000 5.01.2600.3099 C:\WINDOWS\system32\GDI32.dll 0x6fee0000 0x54000 5.01.2600.2976 C:\WINDOWS\system32\NETAPI32.dll 0x7c9d0000 0x823000 6.00.2900.3051 C:\WINDOWS\system32\SHELL32.dll 0x77f40000 0x76000 6.00.2900.3059 C:\WINDOWS\system32\SHLWAPI.dll 0x58b50000 0x9a000 5.82.2900.2982 C:\WINDOWS\system32\COMCTL32.dll 0x74730000 0x3d000 3.525.1117.0000 C:\WINDOWS\system32\ODBC32.dll 0x20000000 0x18000 3.525.1117.0000 C:\WINDOWS\system32\odbcint.dll 0x776a0000 0x24000 6.00.2900.3051 C:\WINDOWS\system32\SHSVCS.dll 0x774a0000 0x13d000 5.01.2600.2726 C:\WINDOWS\system32\ole32.dll 0x77210000 0xb1000 5.01.2600.3019 C:\WINDOWS\system32\sxs.dll 0x10000000 0x11000 6.14.0010.4124 C:\WINDOWS\system32\Ati2evxx.dll 0x0ffd0000 0x28000 5.01.2600.2161 C:\WINDOWS\system32\rsaenh.dll 0x01260000 0x3b000 1.07.0017.0000 C:\WINDOWS\system32\WgaLogon.dll 0x76f80000 0x7f000 2001.12.4414.0308 C:\WINDOWS\system32\CLBCATQ.DLL 0x77000000 0xd4000 2001.12.4414.0258 C:\WINDOWS\system32\COMRes.dll 0x76d10000 0x19000 5.01.2600.2912 C:\WINDOWS\system32\iphlpapi.dll 0x72c60000 0x8000 5.01.2600.0000 C:\WINDOWS\system32\msacm32.drv ListDLLs v2.25 - DLL lister for Win9x/NT Copyright © 1997-2004 Mark Russinovich Sysinternals - www.sysinternals.com ------------------------------------------------------------------------------ services.exe pid: 772 Command line: C:\WINDOWS\system32\services.exe Base Size Version Path 0x7c800000 0x104000 5.01.2600.2945 C:\WINDOWS\system32\kernel32.dll 0x7e390000 0x90000 5.01.2600.3099 C:\WINDOWS\system32\USER32.dll 0x77ef0000 0x47000 5.01.2600.3099 C:\WINDOWS\system32\GDI32.dll 0x77680000 0x11000 5.01.2600.2622 C:\WINDOWS\system32\AUTHZ.dll 0x7dbc0000 0x21000 5.01.2600.2744 C:\WINDOWS\system32\umpnpmgr.dll 0x6fee0000 0x54000 5.01.2600.2976 C:\WINDOWS\system32\NETAPI32.dll 0x76010000 0x65000 6.02.3104.0000 C:\WINDOWS\system32\MSVCP60.dll 0x774a0000 0x13d000 5.01.2600.2726 C:\WINDOWS\system32\ole32.dll 0x7c9d0000 0x823000 6.00.2900.3051 C:\WINDOWS\system32\SHELL32.dll 0x77f40000 0x76000 6.00.2900.3059 C:\WINDOWS\system32\SHLWAPI.dll 0x58b50000 0x9a000 5.82.2900.2982 C:\WINDOWS\system32\comctl32.dll Le volume dans le lecteur C s'appelle HP_PAVILION Le numéro de série du volume est AC2B-766D Répertoire de C:\Program Files 07/06/2007 07:43 <REP> . 07/06/2007 07:43 <REP> .. 08/06/2007 18:42 <REP> a-squared Free 06/06/2007 18:36 <REP> Adobe 01/12/2006 14:38 <REP> Alcohol Soft 11/11/2006 23:56 <REP> Alwil Software 11/11/2006 23:14 <REP> ArcSoft 21/12/2006 11:48 <REP> ATI Multimedia 11/11/2006 23:13 <REP> ATI Technologies 11/11/2006 23:54 <REP> CCleaner 24/04/2007 18:49 <REP> CDBurnerXP Pro 3 01/01/2003 19:31 <REP> Common Files 01/01/2003 17:37 <REP> ComPlus Applications 31/05/2007 21:03 <REP> EA GAMES 11/11/2006 23:45 <REP> Easy Internet signup 09/06/2007 12:01 <REP> eMule 05/06/2007 18:34 <REP> Fichiers communs 30/01/2007 23:31 <REP> Gabest 22/02/2007 18:49 <REP> GameHouse 01/01/2003 19:21 <REP> Hewlett-Packard 01/01/2003 19:22 <REP> HP 01/01/2003 20:14 <REP> HP Pavilion PC Help 10/05/2007 07:23 <REP> Internet Explorer 11/11/2006 23:28 <REP> Inventel 01/01/2003 18:38 <REP> Java 01/06/2007 21:43 <REP> K-Lite Codec Pack 23/01/2007 08:43 <REP> Lavasoft 20/12/2006 18:39 <REP> Messenger 01/01/2003 17:39 <REP> microsoft frontpage 04/12/2006 18:55 <REP> Microsoft Office 04/12/2006 18:57 <REP> Microsoft Works 04/12/2006 18:50 <REP> Microsoft Works Suite 2004 19/12/2006 21:10 <REP> Movie Maker 09/06/2007 17:02 <REP> Mozilla Firefox 01/01/2003 17:36 <REP> MSN 01/01/2003 17:36 <REP> MSN Gaming Zone 05/04/2007 18:31 <REP> MSN Messenger 11/11/2006 23:13 <REP> Multimedia Card Reader 19/12/2006 21:07 <REP> NetMeeting 20/12/2006 18:32 <REP> Outlook Express 22/02/2007 18:11 <REP> PopCap Games 01/01/2003 19:50 <REP> RecordNow! 01/01/2003 20:20 <REP> Services en ligne 06/06/2007 15:35 <REP> Soldier of Fortune II - Double Helix 01/01/2003 19:50 <REP> Sonic 02/06/2007 12:17 <REP> Spybot - Search & Destroy 09/06/2007 11:07 <REP> Spyware Terminator 08/05/2007 19:59 <REP> TribalWeb.net 11/11/2006 23:37 <REP> Wanadoo 07/06/2007 17:29 <REP> WinClamAVShield 01/06/2007 21:43 <REP> Windows Media Connect 2 31/01/2007 00:12 <REP> Windows Media Player 19/12/2006 21:07 <REP> Windows NT 14/11/2006 08:45 <REP> WinRAR 28/01/2007 20:46 <REP> xerox 0 fichier(s) 0 octets 55 Rép(s) 21 106 622 464 octets libres C:\Documents and Settings\All Users\Application Data\Spyware Terminator\sp_rsdel.exe C:\Documents and Settings\Propriétaire\.housecall6.6\getMac.exe C:\Documents and Settings\Propriétaire\.housecall6.6\patch.exe C:\Documents and Settings\Propriétaire\Bureau\SDFix.exe C:\Documents and Settings\Propriétaire\Bureau\DiagHelp\DiagHelp\catchme.exe C:\Documents and Settings\Propriétaire\Bureau\DiagHelp\DiagHelp\diff.exe C:\Documents and Settings\Propriétaire\Bureau\DiagHelp\DiagHelp\dumphive.exe C:\Documents and Settings\Propriétaire\Bureau\DiagHelp\DiagHelp\FilesInfoCmd.exe C:\Documents and Settings\Propriétaire\Bureau\DiagHelp\DiagHelp\find2.exe C:\Documents and Settings\Propriétaire\Bureau\DiagHelp\DiagHelp\Fport.exe C:\Documents and Settings\Propriétaire\Bureau\DiagHelp\DiagHelp\grep.exe C:\Documents and Settings\Propriétaire\Bureau\DiagHelp\DiagHelp\KProcCheck.exe C:\Documents and Settings\Propriétaire\Bureau\DiagHelp\DiagHelp\LFiles.exe C:\Documents and Settings\Propriétaire\Bureau\DiagHelp\DiagHelp\LISTDLLS.exe C:\Documents and Settings\Propriétaire\Bureau\DiagHelp\DiagHelp\pslist.exe C:\Documents and Settings\Propriétaire\Bureau\DiagHelp\DiagHelp\streams.exe C:\Documents and Settings\Propriétaire\Bureau\DiagHelp\DiagHelp\swreg.exe C:\Documents and Settings\Propriétaire\Bureau\SDFix\catchme.exe C:\Documents and Settings\Propriétaire\Bureau\SDFix\apps\cliptext.exe C:\Documents and Settings\Propriétaire\Bureau\SDFix\apps\download.exe C:\Documents and Settings\Propriétaire\Bureau\SDFix\apps\FIXPATH.EXE C:\Documents and Settings\Propriétaire\Bureau\SDFix\apps\LS.exe C:\Documents and Settings\Propriétaire\Bureau\SDFix\apps\MD5File.exe C:\Documents and Settings\Propriétaire\Bureau\SDFix\apps\moveex.exe C:\Documents and Settings\Propriétaire\Bureau\SDFix\apps\Process.exe C:\Documents and Settings\Propriétaire\Bureau\SDFix\apps\RegDACL.exe C:\Documents and Settings\Propriétaire\Bureau\SDFix\apps\RestartIt!.exe C:\Documents and Settings\Propriétaire\Bureau\SDFix\apps\sc.exe C:\Documents and Settings\Propriétaire\Bureau\SDFix\apps\SF.exe C:\Documents and Settings\Propriétaire\Bureau\SDFix\apps\shutdown.exe C:\Documents and Settings\Propriétaire\Bureau\SDFix\apps\swreg.exe C:\Documents and Settings\Propriétaire\Bureau\SDFix\apps\swsc.exe C:\Documents and Settings\Propriétaire\Bureau\SDFix\apps\unzip.exe C:\Documents and Settings\Propriétaire\Bureau\SDFix\apps\zip.exe C:\Documents and Settings\Propriétaire\Bureau\SDFix\apps\Replace\W2K.exe C:\Documents and Settings\Propriétaire\Bureau\SDFix\apps\Replace\XP.exe C:\Documents and Settings\Propriétaire\Bureau\SDFix\backups\attrib.exe C:\Documents and Settings\Propriétaire\Bureau\SDFix\backups\find.exe C:\Documents and Settings\Propriétaire\Bureau\SDFix\backups\findstr.exe C:\Documents and Settings\Propriétaire\Bureau\SDFix\backups\regedit.exe C:\Documents and Settings\Propriétaire\Mes documents\Jeux net\GTR.Fia.GT.Racing.Game.GERMAN-NCRYSO.Crack\GTR.exe C:\Documents and Settings\Propriétaire\Mes documents\Jeux net\GTR.Fia.GT.Racing.Game.GERMAN-NCRYSO.Crack\alc192\setup.exe -------------------- merci du tps passé,en espérant que tt ça fonctionne
  7. Voici le rapport hijack en espérant que la chose avance; a noter que j'ai déjà lancé spybot, ad aware , spyware terminator et a-square ss reel succès....les messages du PC infesté réapparaissent ss arrêt avec la protection avast!!! je les met en quarantaine mais ils se réactivent avec un logiciel mais lequel? Merci de votre aide RAPPORT ----------- Logfile of HijackThis v1.99.1 Scan saved at 11:18:39, on 09/06/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16441) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\windows\system\hpsysdrv.exe C:\Program Files\HP\Digital Imaging\Unload\hpqcmon.exe C:\WINDOWS\System32\hphmon05.exe C:\HP\KBD\KBD.EXE C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Program Files\Multimedia Card Reader\shwicon2k.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Inventel\Gateway\wlancfg.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\ATI Multimedia\main\ATIDtct.EXE C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe c:\program files\a-squared free\a2service.exe C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe C:\Program Files\Spyware Terminator\sp_rsser.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\WinRAR\WinRAR.exe C:\Program Files\WinRAR\WinRAR.exe C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\Rar$EX00.063\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr10.hpwis.com/ R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://srch-fr10.hpwis.com/ R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://srch-fr10.hpwis.com/ R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://srch-fr10.hpwis.com/ R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr10.hpwis.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://srch-fr10.hpwis.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://fr10.hpwis.com/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O3 - Toolbar: Vue HP - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\hpdtlk02.dll O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe O4 - HKLM\..\Run: [CamMonitor] c:\Program Files\HP\Digital Imaging\Unload\hpqcmon.exe O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\System32\hphmon05.exe O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE O4 - HKLM\..\Run: [updateManager] "C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe" /r O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [sunkist2k] C:\Program Files\Multimedia Card Reader\shwicon2k.exe O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [.nvsvc] C:\WINDOWS\system\smss.exe /w O4 - HKLM\..\Run: [spywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe" O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook O4 - HKCU\..\Run: [ATI Launchpad] "C:\Program Files\ATI Multimedia\main\launchpd.exe" O4 - HKCU\..\Run: [ATI DeviceDetect] C:\Program Files\ATI Multimedia\main\ATIDtct.EXE O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - Startup: TribalWeb.lnk = C:\Program Files\TribalWeb.net\tribalweb.exe O4 - Startup: TribalWeb.net.lnk = C:\Program Files\TribalWeb.net\tribalweb.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\shdocvw.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\shdocvw.dll O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\WINDOWS\System32\shdocvw.dll O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\WINDOWS\System32\shdocvw.dll O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing) O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing) O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O11 - Options group: [iNTERNATIONAL] International* O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.zebulon.fr/scan8/oscan8.cab O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{8B695DA3-02B2-4DBC-8485-2F92D380EB62}: NameServer = 80.10.246.2,80.10.246.129 O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - c:\program files\a-squared free\a2service.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: Spyware Terminator Clam Service (sp_clamsrv) - Crawler.com - C:\Program Files\WinClamAVShield\sp_clamsrv.exe O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe O23 - Service: Service de lancement de WlanCfg (Wlancfg) - Inventel - C:\Program Files\Inventel\Gateway\wlancfg.exe ----------------------------------------- et le rapport AVAST ------------------------------------------ 11/11/2006 23:30:11 SYSTEM 1476 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.emule-paradise.com/fiche/dl.php?id=91606 (C:\WINDOWS\TEMP\_avast4_\unp40820066.tmp) returning error, 0000A474. 11/11/2006 23:30:22 SYSTEM 1476 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.emule-paradise.com/fiche/dl.php?id=91607 (C:\WINDOWS\TEMP\_avast4_\unp59612138.tmp) returning error, 0000A474. 11/11/2006 23:30:41 SYSTEM 1476 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.emule-paradise.com/fiche/dl.php?id=91608 (C:\WINDOWS\TEMP\_avast4_\unp34382099.tmp) returning error, 0000A474. 11/11/2006 23:31:00 SYSTEM 1476 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.emule-paradise.com/fiche/dl.php?id=91609 (C:\WINDOWS\TEMP\_avast4_\unp52262353.tmp) returning error, 0000A474. 11/11/2006 23:31:16 SYSTEM 1476 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.emule-paradise.com/fiche/dl.php?id=91611 (C:\WINDOWS\TEMP\_avast4_\unp75903221.tmp) returning error, 0000A474. 11/11/2006 23:31:36 SYSTEM 1476 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.emule-paradise.com/fiche/dl.php?id=91613 (C:\WINDOWS\TEMP\_avast4_\unp190105714.tmp) returning error, 0000A474. 11/11/2006 23:32:35 SYSTEM 1476 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.emule-paradise.com/fiche/dl.php?id=91602 (C:\WINDOWS\TEMP\_avast4_\unp176444513.tmp) returning error, 0000A474. 11/11/2006 23:32:43 SYSTEM 1476 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.emule-paradise.com/fiche/dl.php?id=91603 (C:\WINDOWS\TEMP\_avast4_\unp146539080.tmp) returning error, 0000A474. 11/11/2006 23:33:50 SYSTEM 1476 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.emule-paradise.com/fiche/dl.php?id=91699 (C:\WINDOWS\TEMP\_avast4_\unp162661017.tmp) returning error, 0000A474. 11/11/2006 23:33:59 SYSTEM 1476 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.emule-paradise.com/fiche/dl.php?id=91700 (C:\WINDOWS\TEMP\_avast4_\unp140991741.tmp) returning error, 0000A474. 11/11/2006 23:34:17 SYSTEM 1476 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.emule-paradise.com/fiche/dl.php?id=91702 (C:\WINDOWS\TEMP\_avast4_\unp176792088.tmp) returning error, 0000A474. 11/11/2006 23:36:38 SYSTEM 1476 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.emule-paradise.com/fiche/dl.php?id=87225 (C:\WINDOWS\TEMP\_avast4_\unp32559713.tmp) returning error, 0000A474. 11/11/2006 23:39:54 SYSTEM 1476 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.axabanque.fr/Design/pave_client.jpg (C:\WINDOWS\TEMP\_avast4_\unp168010316.tmp) returning error, 0000A474. 11/11/2006 23:40:27 SYSTEM 1476 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.bnpparibas.net/banque/PA_1_0_CH...ts/weboscope.js (C:\WINDOWS\TEMP\_avast4_\unp218692237.tmp) returning error, 0000A474. 11/11/2006 23:40:53 SYSTEM 1476 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.pajemploi.urssaf.fr/js/menus.js (C:\WINDOWS\TEMP\_avast4_\unp120405866.tmp) returning error, 0000A474. 11/11/2006 23:41:56 SYSTEM 1476 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.isobourse.com/forum/topics_anyw...yCnbHB0pw%3D%3D (C:\WINDOWS\TEMP\_avast4_\unp113677812.tmp) returning error, 0000A474. 11/11/2006 23:42:27 SYSTEM 1476 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://media.mediaplazza.com/t_15/64x64/031024espagne.jpg (C:\WINDOWS\TEMP\_avast4_\unp219568388.tmp) returning error, 0000A474. 11/11/2006 23:42:27 SYSTEM 1476 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://media.mediaplazza.com/t_15/64x64/031024france.jpg (C:\WINDOWS\TEMP\_avast4_\unp17721867.tmp) returning error, 0000A474. 11/11/2006 23:42:27 SYSTEM 1476 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.divxovore.com/ (C:\WINDOWS\TEMP\_avast4_\unp18732984.tmp) returning error, 0000A474. 11/11/2006 23:51:30 SYSTEM 1476 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.smartadserver.com/a/108544/show...200555708/R=0/* (C:\WINDOWS\TEMP\_avast4_\unp213457457.tmp) returning error, 0000A474. 11/11/2006 23:51:50 SYSTEM 1476 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://pagead2.googlesyndication.com/pagea...00040&color (C:\WINDOWS\TEMP\_avast4_\unp224594847.tmp) returning error, 0000A474. 11/11/2006 23:51:54 SYSTEM 1476 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.zebulon.fr/scripts/top_product_b.js (C:\WINDOWS\TEMP\_avast4_\unp206035743.tmp) returning error, 0000A474. 11/11/2006 23:52:19 SYSTEM 1476 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.pagesjaunes.fr/files/look2002/F...n/script_VED.js (C:\WINDOWS\TEMP\_avast4_\unp64283649.tmp) returning error, 0000A474. 12/11/2006 10:55:15 SYSTEM 1476 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://pagead2.googlesyndication.com/pagea...1280&u_cd=3 (C:\WINDOWS\TEMP\_avast4_\unp177305234.tmp) returning error, 0000A474. 12/11/2006 10:55:20 SYSTEM 1476 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://cartes.01net.com/image.php?id_img=662 (C:\WINDOWS\TEMP\_avast4_\unp174170291.tmp) returning error, 0000A474. 12/11/2006 10:55:29 SYSTEM 1476 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://cartes.01net.com/image.php?id_img=662 (C:\WINDOWS\TEMP\_avast4_\unp137799595.tmp) returning error, 0000A474. 12/11/2006 10:56:25 SYSTEM 1476 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://pagead2.googlesyndication.com/pagea...urs_et_decodeur (C:\WINDOWS\TEMP\_avast4_\unp118201043.tmp) returning error, 0000A474. 12/11/2006 10:56:26 SYSTEM 1476 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.smartadserver.com/82218/show23....57;5528464131;S (C:\WINDOWS\TEMP\_avast4_\unp119905687.tmp) returning error, 0000A474. 12/11/2006 10:57:11 SYSTEM 1476 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.smartadserver.com/82218/show23....57;3199787193;S (C:\WINDOWS\TEMP\_avast4_\unp55713972.tmp) returning error, 0000A474. 12/11/2006 12:20:41 Propriétaire 1500 AAVM - scanning warning: x_AavmCheckFileDirectEx [uNI]: C:\WINDOWS\System32\ICMP.DLL (C:\WINDOWS\System32\ICMP.DLL) returning error, 0000A474. 12/11/2006 12:20:49 Propriétaire 1500 AAVM - scanning warning: x_AavmCheckFileDirectEx [uNI]: C:\WINDOWS\System32\sfc.dll (C:\WINDOWS\System32\sfc.dll) returning error, 0000A474. 12/11/2006 12:21:36 Propriétaire 1500 AAVM - scanning warning: x_AavmCheckFileDirectEx [uNI]: C:\WINDOWS\System32\KsUser.dll (C:\WINDOWS\System32\KsUser.dll) returning error, 0000A474. 12/11/2006 12:23:02 Propriétaire 1500 AAVM - scanning warning: x_AavmCheckFileDirectEx [uNI]: C:\Documents and Settings\Propriétaire\Application Data\Microsoft\Internet Explorer\Desktop.htt (C:\Documents and Settings\Propriétaire\Application Data\Microsoft\Internet Explorer\Desktop.htt) returning error, 0000A474. 12/11/2006 12:35:12 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://pagead2.googlesyndication.com/pagead/show_ads.js (C:\WINDOWS\TEMP\_avast4_\unp117749737.tmp) returning error, 0000A474. 12/11/2006 12:35:20 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.smartadserver.com/82218/show23....57;5803526892;S (C:\WINDOWS\TEMP\_avast4_\unp74772100.tmp) returning error, 0000A474. 12/11/2006 12:35:22 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.01net.com/img/v5/MEA/MEA_Securite.jpg (C:\WINDOWS\TEMP\_avast4_\unp34743391.tmp) returning error, 0000A474. 12/11/2006 12:36:13 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.smartadserver.com/call/pubj/177...748640759/intru? (C:\WINDOWS\TEMP\_avast4_\unp78081692.tmp) returning error, 0000A474. 12/11/2006 12:36:14 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.boursorama.com/menu/menu_gen_media.js (C:\WINDOWS\TEMP\_avast4_\unp78330647.tmp) returning error, 0000A474. 12/11/2006 12:36:14 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.smartadserver.com/109298/show0....757;748640759;S (C:\WINDOWS\TEMP\_avast4_\unp79469059.tmp) returning error, 0000A474. 12/11/2006 12:38:48 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.smartadserver.com/113593/show0....57;5221438615;M (C:\WINDOWS\TEMP\_avast4_\unp202816619.tmp) returning error, 0000A474. 12/11/2006 12:38:54 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.boursorama.com/pub/lienssponsorises.html (C:\WINDOWS\TEMP\_avast4_\unp210413257.tmp) returning error, 0000A474. 12/11/2006 12:38:57 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.smartadserver.com/113604/show0....57;2570888612;M (C:\WINDOWS\TEMP\_avast4_\unp210939664.tmp) returning error, 0000A474. 12/11/2006 12:38:58 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.smartadserver.com/109298/show0....57;2570888612;S (C:\WINDOWS\TEMP\_avast4_\unp205752609.tmp) returning error, 0000A474. 12/11/2006 12:39:33 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.smartadserver.com/109598/show1....57;7349999370;M (C:\WINDOWS\TEMP\_avast4_\unp17726103.tmp) returning error, 0000A474. 12/11/2006 12:42:07 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://eur.i1.yimg.com/java.europe.yahoo.c...a/brandpanel.js (C:\WINDOWS\TEMP\_avast4_\unp229421158.tmp) returning error, 0000A474. 12/11/2006 12:42:10 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://eur.a1.yimg.com/eur.yimg.com/a/fr/h...olvignette1.jpg (C:\WINDOWS\TEMP\_avast4_\unp201833748.tmp) returning error, 0000A474. 12/11/2006 12:43:00 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://uk.adserver.yahoo.com/a?f=150501014...mp;t=1163331775 (C:\WINDOWS\TEMP\_avast4_\unp95307999.tmp) returning error, 0000A474. 12/11/2006 12:43:08 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://uk.adserver.yahoo.com/a?f=150501014...mp;t=1163331775 (C:\WINDOWS\TEMP\_avast4_\unp76787771.tmp) returning error, 0000A474. 12/11/2006 12:43:17 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://uk.adserver.yahoo.com/a?f=150501152...mp;t=1163331794 (C:\WINDOWS\TEMP\_avast4_\unp87325903.tmp) returning error, 0000A474. 12/11/2006 12:43:23 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://eur.a1.yimg.com/java.europe.yahoo.c...js/sp2flash7.js (C:\WINDOWS\TEMP\_avast4_\unp94446820.tmp) returning error, 0000A474. 12/11/2006 12:44:45 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://eur.a1.yimg.com/java.europe.yahoo.c...edatis010705.js (C:\WINDOWS\TEMP\_avast4_\unp186110990.tmp) returning error, 0000A474. 12/11/2006 12:44:55 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://eur.a1.yimg.com/eur.yimg.com/a/fr/h...olvignette1.jpg (C:\WINDOWS\TEMP\_avast4_\unp82470292.tmp) returning error, 0000A474. 12/11/2006 12:46:05 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://hm.msn.com/c/hotmail/N/1036/header....mp;x=4.0.5610.0 (C:\WINDOWS\TEMP\_avast4_\unp192924264.tmp) returning error, 0000A474. 12/11/2006 12:46:49 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://by108fd.bay108.hotmail.msn.com/cgi-...___10210002F.js (C:\WINDOWS\TEMP\_avast4_\unp194326473.tmp) returning error, 0000A474. 12/11/2006 12:47:13 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://view.atdmt.com/AMF/iview/msnnkmfr00...i.600/01?click= (C:\WINDOWS\TEMP\_avast4_\unp149020595.tmp) returning error, 0000A474. 12/11/2006 12:47:56 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://by108fd.bay108.hotmail.msn.com/cgi-...___10210002F.js (C:\WINDOWS\TEMP\_avast4_\unp171140696.tmp) returning error, 0000A474. 12/11/2006 13:59:37 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://eur.i1.yimg.com/eur.yimg.com/i/fr/sp/foot18.jpg (C:\WINDOWS\TEMP\_avast4_\unp163596082.tmp) returning error, 0000A474. 12/11/2006 14:00:08 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://media1.fnacmusic.com/EiLp2ZKiVGQyAj...-3ugvJf3Ps7nF9w (C:\WINDOWS\TEMP\_avast4_\unp144762779.tmp) returning error, 0000A474. 12/11/2006 14:00:09 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://media1.fnacmusic.com/IRGcrOfX-c0IOF...p_crg6o2-qKITIQ (C:\WINDOWS\TEMP\_avast4_\unp187214074.tmp) returning error, 0000A474. 12/11/2006 14:00:11 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://media1.fnacmusic.com/i7svH2ZW0eGCsn..._-s7e1GZUoatHdQ (C:\WINDOWS\TEMP\_avast4_\unp217351828.tmp) returning error, 0000A474. 12/11/2006 14:00:13 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://media1.fnacmusic.com/2emCsjoKWmr3x9...-4ND995OhWVMXJQ (C:\WINDOWS\TEMP\_avast4_\unp148242987.tmp) returning error, 0000A474. 12/11/2006 14:00:14 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://media1.fnacmusic.com/xfUJOWxc88NNfR...Ax-TT2TQGjIZmVA (C:\WINDOWS\TEMP\_avast4_\unp211834414.tmp) returning error, 0000A474. 12/11/2006 14:00:15 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.fnacmusic.com/images/left/nouv_0.jpg (C:\WINDOWS\TEMP\_avast4_\unp160002588.tmp) returning error, 0000A474. 12/11/2006 14:00:16 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://media1.fnacmusic.com/OAgSIubW0_PO-h...Fyf11f6iah41uXA (C:\WINDOWS\TEMP\_avast4_\unp210163785.tmp) returning error, 0000A474. 12/11/2006 14:00:17 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://media1.fnacmusic.com/bFzr24S0uIgTIw...f_8i3vQQ2fHaygA (C:\WINDOWS\TEMP\_avast4_\unp167714392.tmp) returning error, 0000A474. 12/11/2006 14:00:18 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://media1.fnacmusic.com/ECDh0WZWopJWZn...gT3fj6RIgq6ERIw (C:\WINDOWS\TEMP\_avast4_\unp212916893.tmp) returning error, 0000A474. 12/11/2006 14:00:19 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://media1.fnacmusic.com/0eGXp_XVCTmOvj...BoZGIgh0vgYtsXg (C:\WINDOWS\TEMP\_avast4_\unp209964273.tmp) returning error, 0000A474. 12/11/2006 14:00:20 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://media1.fnacmusic.com/U2MHN2FRckLo2L...30OWakKqYd336yA (C:\WINDOWS\TEMP\_avast4_\unp155977359.tmp) returning error, 0000A474. 12/11/2006 14:00:20 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://media1.fnacmusic.com/0eGsnBgoyvo-Dw...GKBAdFy0foqjm1A (C:\WINDOWS\TEMP\_avast4_\unp157208692.tmp) returning error, 0000A474. 12/11/2006 14:00:22 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://media1.fnacmusic.com/Dj5yQiUV4tJpWf...8Q3t9dxAiT0Xr2Q (C:\WINDOWS\TEMP\_avast4_\unp151834778.tmp) returning error, 0000A474. 12/11/2006 14:00:23 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://media1.fnacmusic.com/rZ26iv3NgrLE9A...D2us3PTYEv7X8zg (C:\WINDOWS\TEMP\_avast4_\unp154197861.tmp) returning error, 0000A474. 12/11/2006 14:00:23 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://media1.fnacmusic.com/ekr7y6WV2emerg...u_cm-tayefnRwQg (C:\WINDOWS\TEMP\_avast4_\unp153514106.tmp) returning error, 0000A474. 12/11/2006 14:00:27 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://media1.fnacmusic.com/iLgRIeDQfk5YaN...ockIEDiASFB7j0Q (C:\WINDOWS\TEMP\_avast4_\unp259089131.tmp) returning error, 0000A474. 12/11/2006 14:00:29 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://media1.fnacmusic.com/ekr0xENzSnr1xR...mUGP48jMByMIHNQ (C:\WINDOWS\TEMP\_avast4_\unp252888594.tmp) returning error, 0000A474. 12/11/2006 14:00:30 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://media1.fnacmusic.com/q5uRobmJTHwdLU...3rp_qoHxOd32gkg (C:\WINDOWS\TEMP\_avast4_\unp12849510.tmp) returning error, 0000A474. 12/11/2006 14:00:35 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.fnacmusic.com/Images/playlist/d...lackinusa_p.jpg (C:\WINDOWS\TEMP\_avast4_\unp16519598.tmp) returning error, 0000A474. 12/11/2006 14:00:55 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.fnacmusic.com/images/left/top_1.jpg (C:\WINDOWS\TEMP\_avast4_\unp238403002.tmp) returning error, 0000A474. 12/11/2006 14:01:09 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.fnacmusic.com/images/navigation/recherche.jpg (C:\WINDOWS\TEMP\_avast4_\unp235920900.tmp) returning error, 0000A474. 12/11/2006 14:01:29 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://media1.fnacmusic.com/KRmZqaKSeUnywo...WJhbMxmZUWVO1hw (C:\WINDOWS\TEMP\_avast4_\unp153453440.tmp) returning error, 0000A474. 12/11/2006 14:01:33 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.fnacmusic.com/Images/playlist/I...es/neons2_p.jpg (C:\WINDOWS\TEMP\_avast4_\unp216098775.tmp) returning error, 0000A474. 12/11/2006 14:03:49 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.fnacmusic.com/images/left/top_1.jpg (C:\WINDOWS\TEMP\_avast4_\unp218732245.tmp) returning error, 0000A474. 12/11/2006 14:05:40 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.fnacmusic.com/Images/playlist/d...nces_jazz_p.jpg (C:\WINDOWS\TEMP\_avast4_\unp95478843.tmp) returning error, 0000A474. 12/11/2006 14:05:41 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://media1.fnacmusic.com/ADApGa2d2en4yI...MEyNPRWRW9P4oGg (C:\WINDOWS\TEMP\_avast4_\unp95743187.tmp) returning error, 0000A474. 12/11/2006 14:05:42 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://media1.fnacmusic.com/IREwACQUGCiUpA...JCjI0PoW3hoyWpA (C:\WINDOWS\TEMP\_avast4_\unp259434015.tmp) returning error, 0000A474. 12/11/2006 14:06:11 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://media1.fnacmusic.com/3_9yQsn5RnawgI...10OP58yIQ6OJWZA (C:\WINDOWS\TEMP\_avast4_\unp256901193.tmp) returning error, 0000A474. 12/11/2006 14:06:14 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://media1.fnacmusic.com/AzNQYHNDsoJYaD...6y-O4stLgJixrWQ (C:\WINDOWS\TEMP\_avast4_\unp236639477.tmp) returning error, 0000A474. 12/11/2006 14:06:14 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://media1.fnacmusic.com/Wmq6inlJEyN9TQ...mADlRWwU3XVeikA (C:\WINDOWS\TEMP\_avast4_\unp261453217.tmp) returning error, 0000A474. 12/11/2006 14:06:14 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://media1.fnacmusic.com/PAxUZFhosYFGdq...Fe0jf1X9NyMLi0A (C:\WINDOWS\TEMP\_avast4_\unp262397083.tmp) returning error, 0000A474. 12/11/2006 14:06:15 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://media1.fnacmusic.com/w-ONvfnJy-v-z9...crZ_zuf-Ni4FwQg (C:\WINDOWS\TEMP\_avast4_\unp236383818.tmp) returning error, 0000A474. 12/11/2006 14:06:15 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://media1.fnacmusic.com/0eGAsDcHb1-T45...OMAaSmBYkHBY2BA (C:\WINDOWS\TEMP\_avast4_\unp239212083.tmp) returning error, 0000A474. 12/11/2006 14:09:00 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.fnacmusic.com/images/left/top_1.jpg (C:\WINDOWS\TEMP\_avast4_\unp190189764.tmp) returning error, 0000A474. 12/11/2006 14:09:26 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.fnacmusic.com/images/left/them_1.jpg (C:\WINDOWS\TEMP\_avast4_\unp250959075.tmp) returning error, 0000A474. 12/11/2006 14:09:29 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.fnacmusic.com/Images/navigation/Compils_01.jpg (C:\WINDOWS\TEMP\_avast4_\unp73513130.tmp) returning error, 0000A474. 12/11/2006 14:09:31 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://media1.fnacmusic.com/DT2-j7eH4NB5Sa...cg7FxezIAMTtuXA (C:\WINDOWS\TEMP\_avast4_\unp73742250.tmp) returning error, 0000A474. 12/11/2006 14:09:34 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://media1.fnacmusic.com/Nwe6ikR0qposHP...K8sWWnObUHxUcLg (C:\WINDOWS\TEMP\_avast4_\unp265906578.tmp) returning error, 0000A474. 12/11/2006 14:09:36 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://media1.fnacmusic.com/EiIFNb_P3OzJ_d...oiL3DyWpYxM4wAg (C:\WINDOWS\TEMP\_avast4_\unp264847659.tmp) returning error, 0000A474. 12/11/2006 14:09:40 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://media1.fnacmusic.com/7Nz1xbCAHi6QoP...5RXNdV3FDWlCygA (C:\WINDOWS\TEMP\_avast4_\unp46723880.tmp) returning error, 0000A474. 12/11/2006 14:09:41 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://media1.fnacmusic.com/98c0BMr6AjJwQO...lb16Nh9-t--WKuA (C:\WINDOWS\TEMP\_avast4_\unp35360873.tmp) returning error, 0000A474. 12/11/2006 14:10:33 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://media1.fnacmusic.com/6totHe7eVGQwAM...qLRRdVwo4vLZSYA (C:\WINDOWS\TEMP\_avast4_\unp121131730.tmp) returning error, 0000A474. 12/11/2006 14:10:43 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://media1.fnacmusic.com/oJBfb7mJ98eAsG...gGiizuToIo6ni0A (C:\WINDOWS\TEMP\_avast4_\unp224147170.tmp) returning error, 0000A474. 12/11/2006 14:12:42 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.fnacmusic.com/images/left/play_1.jpg (C:\WINDOWS\TEMP\_avast4_\unp223541831.tmp) returning error, 0000A474. 12/11/2006 14:17:31 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.fnacmusic.com//Images/playlist/...nces_jazz_p.jpg (C:\WINDOWS\TEMP\_avast4_\unp66184699.tmp) returning error, 0000A474. 12/11/2006 14:18:06 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://media1.fnacmusic.com/wfFEdK6eJhbh0d...MESiMhhspj4VxQw (C:\WINDOWS\TEMP\_avast4_\unp138171298.tmp) returning error, 0000A474. 12/11/2006 14:19:51 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.fnacmusic.com/images/left/top_1.jpg (C:\WINDOWS\TEMP\_avast4_\unp224003647.tmp) returning error, 0000A474. 12/11/2006 14:20:30 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://media1.fnacmusic.com/dER5SfLCGyuYqN...ucUcpI6aUf3VnVQ (C:\WINDOWS\TEMP\_avast4_\unp55147396.tmp) returning error, 0000A474. 12/11/2006 14:20:33 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://media1.fnacmusic.com/3u4PPyISSHgQIB...6PggwOiIQVlywgg (C:\WINDOWS\TEMP\_avast4_\unp65862374.tmp) returning error, 0000A474. 12/11/2006 14:21:07 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://media1.fnacmusic.com/xPSWppGhQ3N8TE...79M0ZE3tJZmxrWQ (C:\WINDOWS\TEMP\_avast4_\unp174678917.tmp) returning error, 0000A474. 12/11/2006 14:21:39 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://media1.fnacmusic.com/uIg-D21dzf0hER...fXW1RW5upiYN0Rg (C:\WINDOWS\TEMP\_avast4_\unp157493276.tmp) returning error, 0000A474. 12/11/2006 14:22:00 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.fnacmusic.com/Images/navigation...teFrancaise.jpg (C:\WINDOWS\TEMP\_avast4_\unp64997194.tmp) returning error, 0000A474. 12/11/2006 14:22:01 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://media1.fnacmusic.com/iblZaS0d_8vzw1...MFyCzuYS2qqBxQw (C:\WINDOWS\TEMP\_avast4_\unp144703665.tmp) returning error, 0000A474. 12/11/2006 14:22:49 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://media1.fnacmusic.com/l6eEtFxscUGXpx...Wg7GnrdTmDgQIOg (C:\WINDOWS\TEMP\_avast4_\unp6241911.tmp) returning error, 0000A474. 12/11/2006 14:29:01 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://pagead2.googlesyndication.com/pagea...1280&u_cd=3 (C:\WINDOWS\TEMP\_avast4_\unp187119689.tmp) returning error, 0000A474. 12/11/2006 14:29:14 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://s0b.bluestreak.com/ix.e?jss&wmo...492944;S;0;URL= (C:\WINDOWS\TEMP\_avast4_\unp99822588.tmp) returning error, 0000A474. 12/11/2006 14:29:32 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://pagead2.googlesyndication.com/pagea...u_w=1280&u_ (C:\WINDOWS\TEMP\_avast4_\unp120500659.tmp) returning error, 0000A474. 12/11/2006 14:29:34 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.smartadserver.com/82218/show23....57;4172613670;S (C:\WINDOWS\TEMP\_avast4_\unp117551149.tmp) returning error, 0000A474. 12/11/2006 14:29:36 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://cartes.01net.com/image.php?id_img=662 (C:\WINDOWS\TEMP\_avast4_\unp193948653.tmp) returning error, 0000A474. 12/11/2006 14:29:38 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://s0b.bluestreak.com/ix.e?jss&wmo...613670;S;0;URL= (C:\WINDOWS\TEMP\_avast4_\unp109991079.tmp) returning error, 0000A474. 12/11/2006 14:29:51 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://pagead2.googlesyndication.com/pagea..._dur_cdrom_dvd% (C:\WINDOWS\TEMP\_avast4_\unp105240652.tmp) returning error, 0000A474. 12/11/2006 14:29:54 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.smartadserver.com/82218/show23....57;9550662416;S (C:\WINDOWS\TEMP\_avast4_\unp101349126.tmp) returning error, 0000A474. 12/11/2006 14:30:45 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://pagead2.googlesyndication.com/pagea...u_w=1280&u_ (C:\WINDOWS\TEMP\_avast4_\unp80623410.tmp) returning error, 0000A474. 12/11/2006 14:30:47 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.smartadserver.com/82218/show23....57;7834339901;S (C:\WINDOWS\TEMP\_avast4_\unp75643414.tmp) returning error, 0000A474. 12/11/2006 14:30:51 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://cartes.01net.com/image.php?id_img=662 (C:\WINDOWS\TEMP\_avast4_\unp149189909.tmp) returning error, 0000A474. 12/11/2006 14:34:03 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://pagead2.googlesyndication.com/pagead/show_ads.js (C:\WINDOWS\TEMP\_avast4_\unp262614650.tmp) returning error, 0000A474. 12/11/2006 14:34:07 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://s0b.bluestreak.com/ix.e?jss&wmo...503516;S;0;URL= (C:\WINDOWS\TEMP\_avast4_\unp258957635.tmp) returning error, 0000A474. 12/11/2006 14:34:26 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://pagead2.googlesyndication.com/pagea...urs_et_decodeur (C:\WINDOWS\TEMP\_avast4_\unp139281624.tmp) returning error, 0000A474. 12/11/2006 14:34:27 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.smartadserver.com/82218/show23....57;9710258070;S (C:\WINDOWS\TEMP\_avast4_\unp140471017.tmp) returning error, 0000A474. 12/11/2006 14:34:40 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://s0b.bluestreak.com/ix.e?jss&wmo...498583;S;0;URL= (C:\WINDOWS\TEMP\_avast4_\unp243790260.tmp) returning error, 0000A474. 12/11/2006 14:39:02 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://pagead2.googlesyndication.com/pagea...urs_et_decodeur (C:\WINDOWS\TEMP\_avast4_\unp57855570.tmp) returning error, 0000A474. 12/11/2006 14:39:03 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.smartadserver.com/82218/show23....57;9941120275;S (C:\WINDOWS\TEMP\_avast4_\unp56612994.tmp) returning error, 0000A474. 12/11/2006 14:39:04 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://s0b.bluestreak.com/ix.e?jss&wmo...120275;S;0;URL= (C:\WINDOWS\TEMP\_avast4_\unp58166264.tmp) returning error, 0000A474. 12/11/2006 14:39:15 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://pagead2.googlesyndication.com/pagea...urs_et_decodeur (C:\WINDOWS\TEMP\_avast4_\unp52281684.tmp) returning error, 0000A474. 12/11/2006 14:39:16 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.smartadserver.com/82218/show23....57;3417808964;S (C:\WINDOWS\TEMP\_avast4_\unp51157223.tmp) returning error, 0000A474. 12/11/2006 14:39:42 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://s0b.bluestreak.com/ix.e?jss&wmo...087914;S;0;URL= (C:\WINDOWS\TEMP\_avast4_\unp211338890.tmp) returning error, 0000A474. 12/11/2006 14:40:06 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://pagead2.googlesyndication.com/pagea...00040&color (C:\WINDOWS\TEMP\_avast4_\unp262161846.tmp) returning error, 0000A474. 12/11/2006 14:40:11 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://forum.zebulon.fr/style_images/1/fol...ps_menu_html.js (C:\WINDOWS\TEMP\_avast4_\unp142564948.tmp) returning error, 0000A474. 12/11/2006 14:42:03 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://pagead2.googlesyndication.com/pagea...hid%3D1bd8a305a (C:\WINDOWS\TEMP\_avast4_\unp139341051.tmp) returning error, 0000A474. 12/11/2006 14:42:27 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://forum.zebulon.fr/uploads/av-147258.jpg (C:\WINDOWS\TEMP\_avast4_\unp72353507.tmp) returning error, 0000A474. 12/11/2006 14:42:54 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://pagead2.googlesyndication.com/pagea...w%26searchid%3D (C:\WINDOWS\TEMP\_avast4_\unp93949251.tmp) returning error, 0000A474. 12/11/2006 14:44:42 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://pagead2.googlesyndication.com/pagea...hid%3D1bd8a305a (C:\WINDOWS\TEMP\_avast4_\unp58510447.tmp) returning error, 0000A474. 12/11/2006 14:45:28 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://pagead2.googlesyndication.com/pagea...6sort_by%3DZ-A% (C:\WINDOWS\TEMP\_avast4_\unp161305051.tmp) returning error, 0000A474. 12/11/2006 14:45:46 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://pagead2.googlesyndication.com/pagea...ext=434951& (C:\WINDOWS\TEMP\_avast4_\unp240901248.tmp) returning error, 0000A474. 12/11/2006 14:48:12 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.boursorama.com/menu/menu_gen_media.js (C:\WINDOWS\TEMP\_avast4_\unp102984958.tmp) returning error, 0000A474. 12/11/2006 14:48:42 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://pagead2.googlesyndication.com/pagea...1280&u_cd=3 (C:\WINDOWS\TEMP\_avast4_\unp221463488.tmp) returning error, 0000A474. 12/11/2006 14:48:45 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://cartes.01net.com/image.php?id_img=662 (C:\WINDOWS\TEMP\_avast4_\unp208465532.tmp) returning error, 0000A474. 12/11/2006 14:48:49 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://cartes.01net.com/image.php?id_img=662 (C:\WINDOWS\TEMP\_avast4_\unp230178826.tmp) returning error, 0000A474. 12/11/2006 14:49:08 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://pagead2.googlesyndication.com/pagea...%2Ffiches%2F269 (C:\WINDOWS\TEMP\_avast4_\unp215738594.tmp) returning error, 0000A474. 12/11/2006 14:49:09 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.smartadserver.com/82218/show23....57;3989879238;S (C:\WINDOWS\TEMP\_avast4_\unp214829643.tmp) returning error, 0000A474. 12/11/2006 14:49:55 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://pagead2.googlesyndication.com/pagea...%2Ffiches%2F269 (C:\WINDOWS\TEMP\_avast4_\unp200314390.tmp) returning error, 0000A474. 12/11/2006 14:49:55 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.smartadserver.com/82218/show23....57;8289767914;S (C:\WINDOWS\TEMP\_avast4_\unp198392626.tmp) returning error, 0000A474. 12/11/2006 14:50:01 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://s0b.bluestreak.com/ix.e?jss&wmo...149736;S;0;URL= (C:\WINDOWS\TEMP\_avast4_\unp159218040.tmp) returning error, 0000A474. 12/11/2006 14:50:52 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://pagead2.googlesyndication.com/pagea...l.htm&color (C:\WINDOWS\TEMP\_avast4_\unp48838482.tmp) returning error, 0000A474. 12/11/2006 15:04:00 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://eur.i1.yimg.com/java.europe.yahoo.c...a/brandpanel.js (C:\WINDOWS\TEMP\_avast4_\unp118758218.tmp) returning error, 0000A474. 12/11/2006 15:11:54 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://s0b.bluestreak.com/ix.e?jss&wmo...757301;S;0;URL= (C:\WINDOWS\TEMP\_avast4_\unp214781061.tmp) returning error, 0000A474. 12/11/2006 15:13:15 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://213.91.8.214/bandeaux/lib/lib_fash_..._integrateur.js (C:\WINDOWS\TEMP\_avast4_\unp98893241.tmp) returning error, 0000A474. 12/11/2006 15:13:25 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.3suisses.fr/portail3s_img/js/util.js (C:\WINDOWS\TEMP\_avast4_\unp248990377.tmp) returning error, 0000A474. 12/11/2006 15:13:25 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.3suisses.fr/portail3s_img/js/popunder2.js (C:\WINDOWS\TEMP\_avast4_\unp250561551.tmp) returning error, 0000A474. 12/11/2006 15:13:29 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.3suisses.fr/favicon.ico (C:\WINDOWS\TEMP\_avast4_\unp221422901.tmp) returning error, 0000A474. 12/11/2006 15:17:14 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://pagead2.googlesyndication.com/pagea...olor_link=0000F (C:\WINDOWS\TEMP\_avast4_\unp83927562.tmp) returning error, 0000A474. 12/11/2006 15:21:41 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://pagead2.googlesyndication.com/pagea...00040&color (C:\WINDOWS\TEMP\_avast4_\unp40549313.tmp) returning error, 0000A474. 12/11/2006 15:21:42 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://s0b.bluestreak.com/ix.e?jss&wmo...26bsredirect%3D (C:\WINDOWS\TEMP\_avast4_\unp43661147.tmp) returning error, 0000A474. 12/11/2006 15:21:49 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://pagead2.googlesyndication.com/pagea...ext=434951& (C:\WINDOWS\TEMP\_avast4_\unp233814147.tmp) returning error, 0000A474. 12/11/2006 15:21:50 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://s0b.bluestreak.com/ix.e?jss&wmo...26bsredirect%3D (C:\WINDOWS\TEMP\_avast4_\unp230023268.tmp) returning error, 0000A474. 12/11/2006 15:22:08 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://s0b.bluestreak.com/ix.e?jss&wmo...26bsredirect%3D (C:\WINDOWS\TEMP\_avast4_\unp146631103.tmp) returning error, 0000A474. 12/11/2006 15:24:04 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://pagead2.googlesyndication.com/pagea...d%3D860257%26%2 (C:\WINDOWS\TEMP\_avast4_\unp191460598.tmp) returning error, 0000A474. 12/11/2006 15:24:49 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://pagead2.googlesyndication.com/pagea...d%3D860257%26%2 (C:\WINDOWS\TEMP\_avast4_\unp213005664.tmp) returning error, 0000A474. 12/11/2006 15:28:15 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://pagead2.googlesyndication.com/pagea...d%3D860258%26%2 (C:\WINDOWS\TEMP\_avast4_\unp225987557.tmp) returning error, 0000A474. 12/11/2006 15:47:53 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://pagead2.googlesyndication.com/pagea...mp;u_his=2& (C:\WINDOWS\TEMP\_avast4_\unp181853870.tmp) returning error, 0000A474. 12/11/2006 15:47:55 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://ad.fr.doubleclick.net/adj/N1120.01n...;ord=2644768342? (C:\WINDOWS\TEMP\_avast4_\unp182047212.tmp) returning error, 0000A474. 12/11/2006 15:48:02 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://media.mediaplazza.com/t_15/64x64/2004_02_04_cow.jpg (C:\WINDOWS\TEMP\_avast4_\unp223585364.tmp) returning error, 0000A474. 12/11/2006 15:48:03 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://ds.serving-sys.com/BurstingCachedSc...er/StdBanner.js (C:\WINDOWS\TEMP\_avast4_\unp211242884.tmp) returning error, 0000A474. 12/11/2006 15:48:05 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://pagead2.googlesyndication.com/pagea...u_w=1280&u_ (C:\WINDOWS\TEMP\_avast4_\unp210177303.tmp) returning error, 0000A474. 12/11/2006 15:48:07 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://cartes.01net.com/image.php?id_img=662 (C:\WINDOWS\TEMP\_avast4_\unp203630438.tmp) returning error, 0000A474. 12/11/2006 15:48:38 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://fr.bluestreak.com/ix.e?jss&wmod...964128;S;0;URL= (C:\WINDOWS\TEMP\_avast4_\unp188129515.tmp) returning error, 0000A474. 12/11/2006 15:49:20 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://cartes.01net.com/image.php?id_img=662 (C:\WINDOWS\TEMP\_avast4_\unp242744451.tmp) returning error, 0000A474. 12/11/2006 15:49:49 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.smartadserver.com/call/pubj/133...estiondefichier? (C:\WINDOWS\TEMP\_avast4_\unp208773028.tmp) returning error, 0000A474. 12/11/2006 15:49:51 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://img.clubic.com/photo/0064004B00123346.jpg (C:\WINDOWS\TEMP\_avast4_\unp63775273.tmp) returning error, 0000A474. 12/11/2006 15:49:54 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://img.clubic.com/photo/0082008200210537.jpg (C:\WINDOWS\TEMP\_avast4_\unp54349669.tmp) returning error, 0000A474. 12/11/2006 15:51:14 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.presence-pc.com/forum/include/onglet.js (C:\WINDOWS\TEMP\_avast4_\unp215286610.tmp) returning error, 0000A474. 12/11/2006 15:51:16 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://pagead2.googlesyndication.com/pagea...2Fppc%2FLeBistr (C:\WINDOWS\TEMP\_avast4_\unp257025431.tmp) returning error, 0000A474. 12/11/2006 15:53:01 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://pagead2.googlesyndication.com/pagea...color_text=4349 (C:\WINDOWS\TEMP\_avast4_\unp12463332.tmp) returning error, 0000A474. 12/11/2006 15:54:45 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.generation-nt.com/favicon.ico (C:\WINDOWS\TEMP\_avast4_\unp134802475.tmp) returning error, 0000A474. 12/11/2006 15:54:53 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://pagead2.googlesyndication.com/pagea...w.generation-nt. (C:\WINDOWS\TEMP\_avast4_\unp142232676.tmp) returning error, 0000A474. 12/11/2006 16:26:29 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.18plus.ro/images/erotic-pictures-jessica-alba.jpg (C:\WINDOWS\TEMP\_avast4_\unp189932919.tmp) returning error, 0000A474. 12/11/2006 16:26:30 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.18plus.ro/images/erotic-pictures-paris-hilton.jpg (C:\WINDOWS\TEMP\_avast4_\unp190812327.tmp) returning error, 0000A474. 12/11/2006 16:26:30 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.18plus.ro/images/erotic-picture...lize-theron.jpg (C:\WINDOWS\TEMP\_avast4_\unp187509776.tmp) returning error, 0000A474. 12/11/2006 16:26:31 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.18plus.ro/images/erotic-pictures-liv-tyler.jpg (C:\WINDOWS\TEMP\_avast4_\unp187142425.tmp) returning error, 0000A474. 12/11/2006 16:26:31 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.18plus.ro/images/erotic-picture...-zeta-jones.jpg (C:\WINDOWS\TEMP\_avast4_\unp187680534.tmp) returning error, 0000A474. 12/11/2006 16:26:33 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.18plus.ro/images/erotic-picture...na-aguilera.jpg (C:\WINDOWS\TEMP\_avast4_\unp248271659.tmp) returning error, 0000A474. 12/11/2006 16:26:33 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.18plus.ro/images/erotic-picture...ica-simpson.jpg (C:\WINDOWS\TEMP\_avast4_\unp187253270.tmp) returning error, 0000A474. 12/11/2006 16:26:33 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.18plus.ro/images/erotic-pictures-mandy-moore.jpg (C:\WINDOWS\TEMP\_avast4_\unp187665566.tmp) returning error, 0000A474. 12/11/2006 16:26:35 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.18plus.ro/images/erotic-pictures-ashton-moore.jpg (C:\WINDOWS\TEMP\_avast4_\unp185056599.tmp) returning error, 0000A474. 12/11/2006 16:26:37 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.18plus.ro/images/erotic-picture...any-andrews.jpg (C:\WINDOWS\TEMP\_avast4_\unp227219547.tmp) returning error, 0000A474. 12/11/2006 16:27:15 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.google.fr/search?q=isharedpics....lient=firefox-a (C:\WINDOWS\TEMP\_avast4_\unp172196717.tmp) returning error, 0000A474. 12/11/2006 16:31:16 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://eur.i1.yimg.com/java.europe.yahoo.c...a/brandpanel.js (C:\WINDOWS\TEMP\_avast4_\unp262949027.tmp) returning error, 0000A474. 12/11/2006 16:32:05 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.amateurs-gone-wild.com/images/tr_001.jpg (C:\WINDOWS\TEMP\_avast4_\unp205786342.tmp) returning error, 0000A474. 12/11/2006 16:32:05 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.amateurs-gone-wild.com/images/tr_002.jpg (C:\WINDOWS\TEMP\_avast4_\unp207261986.tmp) returning error, 0000A474. 12/11/2006 16:32:05 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.amateurs-gone-wild.com/images/tr_003.jpg (C:\WINDOWS\TEMP\_avast4_\unp207139582.tmp) returning error, 0000A474. 12/11/2006 16:32:05 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.amateurs-gone-wild.com/images/tr_004.jpg (C:\WINDOWS\TEMP\_avast4_\unp207537679.tmp) returning error, 0000A474. 12/11/2006 16:32:06 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.amateurs-gone-wild.com/images/tr_005.jpg (C:\WINDOWS\TEMP\_avast4_\unp207272256.tmp) returning error, 0000A474. 12/11/2006 16:32:06 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.amateurs-gone-wild.com/images/tr_006.jpg (C:\WINDOWS\TEMP\_avast4_\unp207177014.tmp) returning error, 0000A474. 12/11/2006 16:32:06 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.amateurs-gone-wild.com/images/tr_007.jpg (C:\WINDOWS\TEMP\_avast4_\unp206864572.tmp) returning error, 0000A474. 12/11/2006 16:32:06 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.amateurs-gone-wild.com/images/tr_008.jpg (C:\WINDOWS\TEMP\_avast4_\unp207033813.tmp) returning error, 0000A474. 12/11/2006 16:32:06 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.amateurs-gone-wild.com/images/tr_013.jpg (C:\WINDOWS\TEMP\_avast4_\unp206999033.tmp) returning error, 0000A474. 12/11/2006 16:32:07 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.amateurs-gone-wild.com/images/sex1.jpg (C:\WINDOWS\TEMP\_avast4_\unp207136051.tmp) returning error, 0000A474. 12/11/2006 16:32:07 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.amateurs-gone-wild.com/images/sex6.jpg (C:\WINDOWS\TEMP\_avast4_\unp205646006.tmp) returning error, 0000A474. 12/11/2006 16:32:07 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.amateurs-gone-wild.com/images/sex3.jpg (C:\WINDOWS\TEMP\_avast4_\unp205621903.tmp) returning error, 0000A474. 12/11/2006 16:32:12 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://amateurs-gone-wild.com/content/files3/tn_06110102.jpg (C:\WINDOWS\TEMP\_avast4_\unp21231559.tmp) returning error, 0000A474. 12/11/2006 16:33:53 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.swegold.com/images/3_08.jpg (C:\WINDOWS\TEMP\_avast4_\unp208067927.tmp) returning error, 0000A474. 12/11/2006 16:33:54 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.swegold.com/images/1_09.jpg (C:\WINDOWS\TEMP\_avast4_\unp205004352.tmp) returning error, 0000A474. 12/11/2006 16:34:52 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.exgfs.net/images/separator.jpg (C:\WINDOWS\TEMP\_avast4_\unp247834000.tmp) returning error, 0000A474. 12/11/2006 16:35:11 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.teenagegirlnude.com/header1.jpg (C:\WINDOWS\TEMP\_avast4_\unp248363475.tmp) returning error, 0000A474. 12/11/2006 16:35:11 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.teenagegirlnude.com/header4.jpg (C:\WINDOWS\TEMP\_avast4_\unp249287813.tmp) returning error, 0000A474. 12/11/2006 16:35:24 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.teenagegirlnude.com/gallery/alb...2/thumb_687.jpg (C:\WINDOWS\TEMP\_avast4_\unp254746502.tmp) returning error, 0000A474. 12/11/2006 16:35:24 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.teenagegirlnude.com/gallery/alb...thumb_6_608.jpg (C:\WINDOWS\TEMP\_avast4_\unp254748337.tmp) returning error, 0000A474. 12/11/2006 16:35:24 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.teenagegirlnude.com/gallery/alb..._1003377988.jpg (C:\WINDOWS\TEMP\_avast4_\unp255555057.tmp) returning error, 0000A474. 12/11/2006 16:35:25 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.teenagegirlnude.com/gallery/alb...mb_100_0521.jpg (C:\WINDOWS\TEMP\_avast4_\unp255761493.tmp) returning error, 0000A474. 12/11/2006 16:35:25 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.teenagegirlnude.com/gallery/alb..._1639882800.jpg (C:\WINDOWS\TEMP\_avast4_\unp255520618.tmp) returning error, 0000A474. 12/11/2006 16:35:25 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.teenagegirlnude.com/gallery/alb...b_837914559.jpg (C:\WINDOWS\TEMP\_avast4_\unp255260606.tmp) returning error, 0000A474. 12/11/2006 16:35:26 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.teenagegirlnude.com/gallery/alb...mb_IMG_0139.JPG (C:\WINDOWS\TEMP\_avast4_\unp265707901.tmp) returning error, 0000A474. 12/11/2006 16:35:26 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.teenagegirlnude.com/gallery/alb...umb_33409vs.jpg (C:\WINDOWS\TEMP\_avast4_\unp267109120.tmp) returning error, 0000A474. 12/11/2006 16:35:44 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.teenagegirlnude.com/gallery/alb..._1183968690.jpg (C:\WINDOWS\TEMP\_avast4_\unp212710519.tmp) returning error, 0000A474. 12/11/2006 16:35:44 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.teenagegirlnude.com/gallery/alb..._1086376113.jpg (C:\WINDOWS\TEMP\_avast4_\unp212467174.tmp) returning error, 0000A474. 12/11/2006 16:35:44 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.teenagegirlnude.com/gallery/alb..._1034828895.jpg (C:\WINDOWS\TEMP\_avast4_\unp213213844.tmp) returning error, 0000A474. 12/11/2006 16:35:45 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.teenagegirlnude.com/gallery/alb...b_869490414.jpg (C:\WINDOWS\TEMP\_avast4_\unp210989784.tmp) returning error, 0000A474. 12/11/2006 16:35:57 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.bejba.com/peeker.js (C:\WINDOWS\TEMP\_avast4_\unp161935728.tmp) returning error, 0000A474. 12/11/2006 16:36:00 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://freecounter.unms.com/counter.php?i=.../www.bejba.com/ (C:\WINDOWS\TEMP\_avast4_\unp157388269.tmp) returning error, 0000A474. 12/11/2006 16:36:26 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://tgp.pornsurfers-paradise.com/thumbs/p1127.jpg (C:\WINDOWS\TEMP\_avast4_\unp199747684.tmp) returning error, 0000A474. 12/11/2006 16:36:27 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://graphics.adultfriendfinder.com/imag...20.bigthumb.jpg (C:\WINDOWS\TEMP\_avast4_\unp261218810.tmp) returning error, 0000A474. 12/11/2006 16:36:28 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://tgp.pornsurfers-paradise.com/thumbs/p19042.jpg (C:\WINDOWS\TEMP\_avast4_\unp261046963.tmp) returning error, 0000A474. 12/11/2006 16:36:29 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://tgp.pornsurfers-paradise.com/thumbs/p19052.jpg (C:\WINDOWS\TEMP\_avast4_\unp235128501.tmp) returning error, 0000A474. 12/11/2006 16:36:30 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://tgp.pornsurfers-paradise.com/thumbs/p19001.jpg (C:\WINDOWS\TEMP\_avast4_\unp236586701.tmp) returning error, 0000A474. 12/11/2006 16:36:32 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://tgp.pornsurfers-paradise.com/thumbs/p9799.jpg (C:\WINDOWS\TEMP\_avast4_\unp245432141.tmp) returning error, 0000A474. 12/11/2006 16:36:32 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://tgp.pornsurfers-paradise.com/thumbs/p10999.jpg (C:\WINDOWS\TEMP\_avast4_\unp246340164.tmp) returning error, 0000A474. 12/11/2006 16:36:32 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://tgp.pornsurfers-paradise.com/thumbs/p5575.jpg (C:\WINDOWS\TEMP\_avast4_\unp245448451.tmp) returning error, 0000A474. 12/11/2006 16:36:33 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://tgp.pornsurfers-paradise.com/thumbs/p17173.jpg (C:\WINDOWS\TEMP\_avast4_\unp248149784.tmp) returning error, 0000A474. 12/11/2006 16:36:34 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://tgp.pornsurfers-paradise.com/thumbs/p8875.jpg (C:\WINDOWS\TEMP\_avast4_\unp248462265.tmp) returning error, 0000A474. 12/11/2006 16:36:34 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://tgp.pornsurfers-paradise.com/thumbs/p14552.jpg (C:\WINDOWS\TEMP\_avast4_\unp248522599.tmp) returning error, 0000A474. 12/11/2006 16:36:34 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://tgp.pornsurfers-paradise.com/thumbs/p1316.jpg (C:\WINDOWS\TEMP\_avast4_\unp250318521.tmp) returning error, 0000A474. 12/11/2006 16:36:35 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://tgp.pornsurfers-paradise.com/thumbs/p19005.jpg (C:\WINDOWS\TEMP\_avast4_\unp244208091.tmp) returning error, 0000A474. 12/11/2006 16:36:36 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://tgp.pornsurfers-paradise.com/thumbs/p18992.jpg (C:\WINDOWS\TEMP\_avast4_\unp149394613.tmp) returning error, 0000A474. 12/11/2006 16:36:52 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://graphics.adultfriendfinder.com/imag...30.bigthumb.jpg (C:\WINDOWS\TEMP\_avast4_\unp125970727.tmp) returning error, 0000A474. 12/11/2006 16:36:52 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://tgp.pornsurfers-paradise.com/thumbs/p11316.jpg (C:\WINDOWS\TEMP\_avast4_\unp125848529.tmp) returning error, 0000A474. 12/11/2006 16:36:52 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://graphics.adultfriendfinder.com/imag...30.bigthumb.jpg (C:\WINDOWS\TEMP\_avast4_\unp226508634.tmp) returning error, 0000A474. 12/11/2006 16:36:52 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://tgp.pornsurfers-paradise.com/thumbs/p9436.jpg (C:\WINDOWS\TEMP\_avast4_\unp226707721.tmp) returning error, 0000A474. 12/11/2006 16:36:53 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://graphics.adultfriendfinder.com/imag...20.bigthumb.jpg (C:\WINDOWS\TEMP\_avast4_\unp226656961.tmp) returning error, 0000A474. 12/11/2006 16:36:54 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://tgp.pornsurfers-paradise.com/thumbs/p19054.jpg (C:\WINDOWS\TEMP\_avast4_\unp129723598.tmp) returning error, 0000A474. 12/11/2006 16:36:55 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://tgp.pornsurfers-paradise.com/thumbs/p5576.jpg (C:\WINDOWS\TEMP\_avast4_\unp124381163.tmp) returning error, 0000A474. 12/11/2006 16:36:57 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://tgp.pornsurfers-paradise.com/thumbs/p11260.jpg (C:\WINDOWS\TEMP\_avast4_\unp123314999.tmp) returning error, 0000A474. 12/11/2006 16:36:57 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://tgp.pornsurfers-paradise.com/thumbs/p14758.jpg (C:\WINDOWS\TEMP\_avast4_\unp123409169.tmp) returning error, 0000A474. 12/11/2006 16:36:58 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://tgp.pornsurfers-paradise.com/thumbs/p6090.jpg (C:\WINDOWS\TEMP\_avast4_\unp122833288.tmp) returning error, 0000A474. 12/11/2006 16:36:58 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://tgp.pornsurfers-paradise.com/thumbs/p14773.jpg (C:\WINDOWS\TEMP\_avast4_\unp124795341.tmp) returning error, 0000A474. 12/11/2006 16:37:00 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://tgp.pornsurfers-paradise.com/thumbs/p3322.jpg (C:\WINDOWS\TEMP\_avast4_\unp127855434.tmp) returning error, 0000A474. 12/11/2006 16:37:01 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://tgp.pornsurfers-paradise.com/thumbs/p885.jpg (C:\WINDOWS\TEMP\_avast4_\unp128868907.tmp) returning error, 0000A474. 12/11/2006 16:37:15 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.rateblowjobbabes.com/images/tb794082.jpg (C:\WINDOWS\TEMP\_avast4_\unp67924679.tmp) returning error, 0000A474. 12/11/2006 16:37:16 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.rateblowjobbabes.com/images/tb839265.jpg (C:\WINDOWS\TEMP\_avast4_\unp67657881.tmp) returning error, 0000A474. 12/11/2006 16:37:16 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.rateblowjobbabes.com/images/tb673941.jpg (C:\WINDOWS\TEMP\_avast4_\unp67999822.tmp) returning error, 0000A474. 12/11/2006 16:37:28 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.statcounter.com/counter/counter.js (C:\WINDOWS\TEMP\_avast4_\unp72055683.tmp) returning error, 0000A474. 12/11/2006 16:37:52 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.blowjob-blog.com/thumbs/88731.jpg (C:\WINDOWS\TEMP\_avast4_\unp69432514.tmp) returning error, 0000A474. 12/11/2006 16:37:59 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.blowjob-blog.com/thumbs/11295.jpg (C:\WINDOWS\TEMP\_avast4_\unp185267242.tmp) returning error, 0000A474. 12/11/2006 16:38:00 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.blowjob-blog.com/thumbs/88666.jpg (C:\WINDOWS\TEMP\_avast4_\unp189905658.tmp) returning error, 0000A474. 12/11/2006 16:38:03 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.blowjob-blog.com/thumbs/11313.jpg (C:\WINDOWS\TEMP\_avast4_\unp170851260.tmp) returning error, 0000A474. 12/11/2006 16:38:06 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.blowjob-blog.com/thumbs/11214.jpg (C:\WINDOWS\TEMP\_avast4_\unp178672966.tmp) returning error, 0000A474. 12/11/2006 16:38:07 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.blowjob-blog.com/thumbs/11275.jpg (C:\WINDOWS\TEMP\_avast4_\unp179088565.tmp) returning error, 0000A474. 12/11/2006 16:38:08 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.blowjob-blog.com/thumbs/1053.jpg (C:\WINDOWS\TEMP\_avast4_\unp180042161.tmp) returning error, 0000A474. 12/11/2006 16:38:13 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.blowjob-blog.com/thumbs/11353.jpg (C:\WINDOWS\TEMP\_avast4_\unp177427596.tmp) returning error, 0000A474. 12/11/2006 16:39:01 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.herselfpics.com/images/red_banner_04.jpg (C:\WINDOWS\TEMP\_avast4_\unp150328806.tmp) returning error, 0000A474. 12/11/2006 16:39:07 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.herselfpics.com/previews/sunny/thumbs/003.jpg (C:\WINDOWS\TEMP\_avast4_\unp218277161.tmp) returning error, 0000A474. 12/11/2006 16:39:09 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.herselfpics.com/previews/tamara/thumbs/003.jpg (C:\WINDOWS\TEMP\_avast4_\unp212516169.tmp) returning error, 0000A474. 12/11/2006 16:39:19 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://photos.cams.com/images/streamray/won/jpg/hotmama.jpg (C:\WINDOWS\TEMP\_avast4_\unp221862427.tmp) returning error, 0000A474. 12/11/2006 16:39:20 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://photos.cams.com/images/streamray/wo.../freshcatch.jpg (C:\WINDOWS\TEMP\_avast4_\unp219985570.tmp) returning error, 0000A474. 12/11/2006 16:39:21 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://photos.cams.com/images/streamray/won/jpg/adoreme.jpg (C:\WINDOWS\TEMP\_avast4_\unp219325691.tmp) returning error, 0000A474. 12/11/2006 16:39:22 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://photos.cams.com/images/streamray/wo...g/simonax69.jpg (C:\WINDOWS\TEMP\_avast4_\unp83811660.tmp) returning error, 0000A474. 12/11/2006 16:40:17 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.dirtyschoolgirls.net/img/teen.jpg (C:\WINDOWS\TEMP\_avast4_\unp78281253.tmp) returning error, 0000A474. 12/11/2006 16:40:19 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.dirtyschoolgirls.net/img/bportal.jpg (C:\WINDOWS\TEMP\_avast4_\unp48132912.tmp) returning error, 0000A474. 12/11/2006 16:40:20 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.dirtyschoolgirls.net/img/teenplanet.jpg (C:\WINDOWS\TEMP\_avast4_\unp79678891.tmp) returning error, 0000A474. 12/11/2006 16:40:20 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.dirtyschoolgirls.net/img/n3.jpg (C:\WINDOWS\TEMP\_avast4_\unp50124133.tmp) returning error, 0000A474. 12/11/2006 16:41:05 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.myexgf.com/images/index-reset_01.jpg (C:\WINDOWS\TEMP\_avast4_\unp39881918.tmp) returning error, 0000A474. 12/11/2006 16:41:36 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.blastyourbrain.com/favicon.ico (C:\WINDOWS\TEMP\_avast4_\unp151120443.tmp) returning error, 0000A474. 12/11/2006 16:42:11 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://promo.cams.com/promo/camgirlsliveif...um=7&Size=s (C:\WINDOWS\TEMP\_avast4_\unp182778188.tmp) returning error, 0000A474. 12/11/2006 16:42:13 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://graphics.alt.com/images/piclist/pro....30.gallery.jpg (C:\WINDOWS\TEMP\_avast4_\unp182808798.tmp) returning error, 0000A474. 12/11/2006 16:42:18 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://graphics.amateurmatch.com/iframe/if...618-160x160.jpg (C:\WINDOWS\TEMP\_avast4_\unp85487046.tmp) returning error, 0000A474. 12/11/2006 16:42:18 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://graphics.amateurmatch.com/iframe/if...190-160x160.jpg (C:\WINDOWS\TEMP\_avast4_\unp99214757.tmp) returning error, 0000A474. 12/11/2006 16:42:38 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://tgp.pornsurfers-paradise.com/thumbs/p11273.jpg (C:\WINDOWS\TEMP\_avast4_\unp79546375.tmp) returning error, 0000A474. 12/11/2006 16:42:38 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://tgp.pornsurfers-paradise.com/thumbs/p11284.jpg (C:\WINDOWS\TEMP\_avast4_\unp119000647.tmp) returning error, 0000A474. 12/11/2006 16:42:38 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://tgp.pornsurfers-paradise.com/thumbs/p14778.jpg (C:\WINDOWS\TEMP\_avast4_\unp119081155.tmp) returning error, 0000A474. 12/11/2006 16:43:09 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.original-amateurs.com/tgp/thumbs/2865.jpg (C:\WINDOWS\TEMP\_avast4_\unp161871599.tmp) returning error, 0000A474. 12/11/2006 16:43:10 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.original-amateurs.com/tgp/thumbs/2864.jpg (C:\WINDOWS\TEMP\_avast4_\unp156467782.tmp) returning error, 0000A474. 12/11/2006 16:43:46 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://graphics.amateurmatch.com/iframe/if...41671-88x88.jpg (C:\WINDOWS\TEMP\_avast4_\unp248354514.tmp) returning error, 0000A474. 12/11/2006 16:44:24 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://graphics.amateurmatch.com/iframe/if...808-120x160.jpg (C:\WINDOWS\TEMP\_avast4_\unp254911223.tmp) returning error, 0000A474. 12/11/2006 16:44:24 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://graphics.amateurmatch.com/iframe/if...909-120x160.jpg (C:\WINDOWS\TEMP\_avast4_\unp254367760.tmp) returning error, 0000A474. 12/11/2006 16:44:24 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://graphics.amateurmatch.com/iframe/if...756-120x160.jpg (C:\WINDOWS\TEMP\_avast4_\unp88642459.tmp) returning error, 0000A474. 12/11/2006 16:44:24 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://graphics.amateurmatch.com/iframe/if...378-120x160.jpg (C:\WINDOWS\TEMP\_avast4_\unp88739598.tmp) returning error, 0000A474. 12/11/2006 16:44:25 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.groovybus.com/gb140x80tu.jpg (C:\WINDOWS\TEMP\_avast4_\unp265638724.tmp) returning error, 0000A474. 12/11/2006 16:44:37 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.mydrunkteens.com/back/hcp/head.jpg (C:\WINDOWS\TEMP\_avast4_\unp151019767.tmp) returning error, 0000A474. 12/11/2006 16:44:38 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.mydrunkteens.com/ct/thumbs/tn4537.jpg (C:\WINDOWS\TEMP\_avast4_\unp152979914.tmp) returning error, 0000A474. 12/11/2006 16:44:39 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.mydrunkteens.com/ct/thumbs/tn4572.jpg (C:\WINDOWS\TEMP\_avast4_\unp152630966.tmp) returning error, 0000A474. 12/11/2006 16:44:39 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.mydrunkteens.com/ct/thumbs/tn5298.jpg (C:\WINDOWS\TEMP\_avast4_\unp165933713.tmp) returning error, 0000A474. 12/11/2006 16:44:40 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.mydrunkteens.com/ct/thumbs/tn4905.jpg (C:\WINDOWS\TEMP\_avast4_\unp165687831.tmp) returning error, 0000A474. 12/11/2006 16:44:42 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.mydrunkteens.com/ct/thumbs/tn4981.jpg (C:\WINDOWS\TEMP\_avast4_\unp171283890.tmp) returning error, 0000A474. 12/11/2006 16:44:43 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.mydrunkteens.com/ct/thumbs/tn3905.jpg (C:\WINDOWS\TEMP\_avast4_\unp169184133.tmp) returning error, 0000A474. 12/11/2006 16:44:43 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.mydrunkteens.com/ct/thumbs/tn4675.jpg (C:\WINDOWS\TEMP\_avast4_\unp169417914.tmp) returning error, 0000A474. 12/11/2006 16:44:43 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.mydrunkteens.com/ct/thumbs/tn4670.jpg (C:\WINDOWS\TEMP\_avast4_\unp170606841.tmp) returning error, 0000A474. 12/11/2006 16:44:43 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.mydrunkteens.com/ct/thumbs/tn4597.jpg (C:\WINDOWS\TEMP\_avast4_\unp170549187.tmp) returning error, 0000A474. 12/11/2006 16:44:56 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://graphics.amateurmatch.com/iframe/if...433-120x160.jpg (C:\WINDOWS\TEMP\_avast4_\unp192662895.tmp) returning error, 0000A474. 12/11/2006 16:44:56 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://graphics.amateurmatch.com/iframe/if...986-120x160.jpg (C:\WINDOWS\TEMP\_avast4_\unp192849348.tmp) returning error, 0000A474. 12/11/2006 16:45:10 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://graphics.amateurmatch.com/iframe/if...733-120x160.jpg (C:\WINDOWS\TEMP\_avast4_\unp245486973.tmp) returning error, 0000A474. 12/11/2006 16:45:16 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://graphics.amateurmatch.com/iframe/if...086-120x160.jpg (C:\WINDOWS\TEMP\_avast4_\unp200117795.tmp) returning error, 0000A474. 12/11/2006 16:45:16 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://graphics.amateurmatch.com/iframe/if...788-120x160.jpg (C:\WINDOWS\TEMP\_avast4_\unp199485552.tmp) returning error, 0000A474. 12/11/2006 16:45:17 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://graphics.amateurmatch.com/iframe/if...806-120x160.jpg (C:\WINDOWS\TEMP\_avast4_\unp200239583.tmp) returning error, 0000A474. 12/11/2006 16:45:29 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://graphics.amateurmatch.com/iframe/if...575-120x160.jpg (C:\WINDOWS\TEMP\_avast4_\unp225891124.tmp) returning error, 0000A474. 12/11/2006 16:45:34 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://graphics.amateurmatch.com/iframe/if...333-120x160.jpg (C:\WINDOWS\TEMP\_avast4_\unp86151687.tmp) returning error, 0000A474. 12/11/2006 16:45:40 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://graphics.amateurmatch.com/iframe/if...357-120x160.jpg (C:\WINDOWS\TEMP\_avast4_\unp101030665.tmp) returning error, 0000A474. 12/11/2006 16:45:40 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://graphics.amateurmatch.com/iframe/if...128-120x160.jpg (C:\WINDOWS\TEMP\_avast4_\unp114391826.tmp) returning error, 0000A474. 12/11/2006 16:45:41 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://graphics.amateurmatch.com/iframe/if...808-120x160.jpg (C:\WINDOWS\TEMP\_avast4_\unp113902817.tmp) returning error, 0000A474. 12/11/2006 16:46:07 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://iframes.awempire.com/?t_id=romper23 (C:\WINDOWS\TEMP\_avast4_\unp153169009.tmp) returning error, 0000A474. 12/11/2006 16:46:08 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.teensfirstmovie.com/ct/thumbs/tn1068.jpg (C:\WINDOWS\TEMP\_avast4_\unp154807055.tmp) returning error, 0000A474. 12/11/2006 16:46:09 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://graphics.amateurmatch.com/iframe/if...146-120x160.jpg (C:\WINDOWS\TEMP\_avast4_\unp151534772.tmp) returning error, 0000A474. 12/11/2006 16:46:09 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://graphics.amateurmatch.com/iframe/if...649-120x160.jpg (C:\WINDOWS\TEMP\_avast4_\unp158658729.tmp) returning error, 0000A474. 12/11/2006 16:46:09 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://graphics.amateurmatch.com/iframe/if...813-120x160.jpg (C:\WINDOWS\TEMP\_avast4_\unp158438599.tmp) returning error, 0000A474. 12/11/2006 16:46:10 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://graphics.amateurmatch.com/iframe/if...071-120x160.jpg (C:\WINDOWS\TEMP\_avast4_\unp157806068.tmp) returning error, 0000A474. 12/11/2006 16:46:10 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://graphics.amateurmatch.com/iframe/if...375-120x160.jpg (C:\WINDOWS\TEMP\_avast4_\unp156731851.tmp) returning error, 0000A474. 12/11/2006 16:46:11 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.teensfirstmovie.com/ct/thumbs/tn1370.jpg (C:\WINDOWS\TEMP\_avast4_\unp137150929.tmp) returning error, 0000A474. 12/11/2006 16:46:12 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.teensfirstmovie.com/ct/thumbs/tn1368.jpg (C:\WINDOWS\TEMP\_avast4_\unp138125733.tmp) returning error, 0000A474. 12/11/2006 16:46:14 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.teensfirstmovie.com/ct/thumbs/tn27.jpg (C:\WINDOWS\TEMP\_avast4_\unp142259063.tmp) returning error, 0000A474. 12/11/2006 16:46:17 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.teensfirstmovie.com/ads/teen.jpg (C:\WINDOWS\TEMP\_avast4_\unp174705312.tmp) returning error, 0000A474. 12/11/2006 16:46:17 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.teensfirstmovie.com/ads/amateur.jpg (C:\WINDOWS\TEMP\_avast4_\unp174508231.tmp) returning error, 0000A474. 12/11/2006 16:46:23 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://graphics.amateurmatch.com/iframe/if...269-120x160.jpg (C:\WINDOWS\TEMP\_avast4_\unp166640964.tmp) returning error, 0000A474. 12/11/2006 16:46:28 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://graphics.amateurmatch.com/iframe/if...297-120x160.jpg (C:\WINDOWS\TEMP\_avast4_\unp245749800.tmp) returning error, 0000A474. 12/11/2006 16:46:28 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://graphics.amateurmatch.com/iframe/if...025-120x160.jpg (C:\WINDOWS\TEMP\_avast4_\unp249531773.tmp) returning error, 0000A474. 12/11/2006 16:46:28 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://graphics.amateurmatch.com/iframe/if...086-120x160.jpg (C:\WINDOWS\TEMP\_avast4_\unp248716389.tmp) returning error, 0000A474. 12/11/2006 16:46:33 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://graphics.amateurmatch.com/iframe/if...066-120x160.jpg (C:\WINDOWS\TEMP\_avast4_\unp247200776.tmp) returning error, 0000A474. 12/11/2006 16:46:42 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://graphics.amateurmatch.com/iframe/if...106-120x160.jpg (C:\WINDOWS\TEMP\_avast4_\unp155807595.tmp) returning error, 0000A474. 12/11/2006 16:46:42 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://graphics.amateurmatch.com/iframe/if...330-120x160.jpg (C:\WINDOWS\TEMP\_avast4_\unp244101916.tmp) returning error, 0000A474. 12/11/2006 16:46:42 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://graphics.amateurmatch.com/iframe/if...558-120x160.jpg (C:\WINDOWS\TEMP\_avast4_\unp246434243.tmp) returning error, 0000A474. 12/11/2006 16:46:48 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://graphics.amateurmatch.com/iframe/if...119-120x160.jpg (C:\WINDOWS\TEMP\_avast4_\unp4331818.tmp) returning error, 0000A474. 12/11/2006 16:46:58 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://graphics.amateurmatch.com/iframe/if...324-120x160.jpg (C:\WINDOWS\TEMP\_avast4_\unp26832342.tmp) returning error, 0000A474. 12/11/2006 16:46:58 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://graphics.amateurmatch.com/iframe/if...612-120x160.jpg (C:\WINDOWS\TEMP\_avast4_\unp32752796.tmp) returning error, 0000A474. 12/11/2006 16:46:58 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://graphics.amateurmatch.com/iframe/if...622-120x160.jpg (C:\WINDOWS\TEMP\_avast4_\unp179467337.tmp) returning error, 0000A474. 12/11/2006 16:47:36 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://us.js2.yimg.com/us.js.yimg.com/lib/...mation_1.1.0.js (C:\WINDOWS\TEMP\_avast4_\unp76430152.tmp) returning error, 0000A474. 12/11/2006 16:47:43 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://arc.0daymeme.com/3N/img07jpg.3NErLN...vsLjE.thumb.jpg (C:\WINDOWS\TEMP\_avast4_\unp5160871.tmp) returning error, 0000A474. 12/11/2006 16:47:43 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.jerkmate.com/images/thumb/876_1163258077.jpg (C:\WINDOWS\TEMP\_avast4_\unp76816712.tmp) returning error, 0000A474. 12/11/2006 16:47:44 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://arc.0daymeme.com/sK/img16jpg.sK9rqW...n9mO7.thumb.jpg (C:\WINDOWS\TEMP\_avast4_\unp77096056.tmp) returning error, 0000A474. 12/11/2006 16:47:44 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://images.imagefap.com/images/thumb/600067648.jpg (C:\WINDOWS\TEMP\_avast4_\unp26503617.tmp) returning error, 0000A474. 12/11/2006 16:47:45 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.jerkmate.com/images/thumb/hoo_005_1163175459.jpg (C:\WINDOWS\TEMP\_avast4_\unp79512079.tmp) returning error, 0000A474. 12/11/2006 16:47:45 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.jerkmate.com/images/thumb/thurs..._1163096573.jpg (C:\WINDOWS\TEMP\_avast4_\unp78686275.tmp) returning error, 0000A474. 12/11/2006 16:47:46 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.jerkmate.com/images/thumb/thurs..._1163027413.jpg (C:\WINDOWS\TEMP\_avast4_\unp33502672.tmp) returning error, 0000A474. 12/11/2006 16:47:47 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://whoson.anywebcam.com/3036490/10000 (C:\WINDOWS\TEMP\_avast4_\unp74604485.tmp) returning error, 0000A474. 12/11/2006 16:47:48 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.allamateurblog.com/banners/loveblog.jpg (C:\WINDOWS\TEMP\_avast4_\unp30661644.tmp) returning error, 0000A474. 12/11/2006 16:47:48 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://images.imagefap.com/images/thumb/1183480376.jpg (C:\WINDOWS\TEMP\_avast4_\unp30469909.tmp) returning error, 0000A474. 12/11/2006 16:47:49 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://images.imagefap.com/images/thumb/1689839280.jpg (C:\WINDOWS\TEMP\_avast4_\unp131437384.tmp) returning error, 0000A474. 12/11/2006 16:47:49 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://whoson.anywebcam.com/397707/10000 (C:\WINDOWS\TEMP\_avast4_\unp131530697.tmp) returning error, 0000A474. 12/11/2006 16:47:50 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://whoson.anywebcam.com/1912945/10000 (C:\WINDOWS\TEMP\_avast4_\unp29275422.tmp) returning error, 0000A474. 12/11/2006 16:47:54 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://arc.0daymeme.com/6p/passionblogsjpg...lmah068_Zec.jpg (C:\WINDOWS\TEMP\_avast4_\unp112019704.tmp) returning error, 0000A474. 12/11/2006 16:48:07 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://ads.adbrite.com/mb/text_group.php?sid=176847 (C:\WINDOWS\TEMP\_avast4_\unp157048409.tmp) returning error, 0000A474. 12/11/2006 16:48:36 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://eur.i1.yimg.com/java.europe.yahoo.c...wserdetector.js (C:\WINDOWS\TEMP\_avast4_\unp267183816.tmp) returning error, 0000A474. 12/11/2006 16:48:39 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://perf.weborama.fr/fcgi-bin/adserv.fc...;rnd=1163346518 (C:\WINDOWS\TEMP\_avast4_\unp263469652.tmp) returning error, 0000A474. 12/11/2006 16:48:44 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.flmnh.ufl.edu/fish/sharks/stati...k/legendred.JPG (C:\WINDOWS\TEMP\_avast4_\unp253080199.tmp) returning error, 0000A474. 12/11/2006 16:48:45 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.flmnh.ufl.edu/fish/sharks/stati.../legendnone.JPG (C:\WINDOWS\TEMP\_avast4_\unp253414052.tmp) returning error, 0000A474. 12/11/2006 16:49:36 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://perf.weborama.fr/fcgi-bin/adserv.fc...;rnd=1163346576 (C:\WINDOWS\TEMP\_avast4_\unp188749692.tmp) returning error, 0000A474. 12/11/2006 16:49:38 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://perf.weborama.fr/fcgi-bin/adserv.fc...;rnd=1163346578 (C:\WINDOWS\TEMP\_avast4_\unp191580745.tmp) returning error, 0000A474. 12/11/2006 16:50:17 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.trocmaison.com/affinity/_fr/ima...index_r3_c3.jpg (C:\WINDOWS\TEMP\_avast4_\unp205702074.tmp) returning error, 0000A474. 12/11/2006 16:50:18 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.trocmaison.com/affinity/_fr/rss...e=1163346617640 (C:\WINDOWS\TEMP\_avast4_\unp206817591.tmp) returning error, 0000A474. 12/11/2006 16:55:24 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://pagead2.googlesyndication.com/pagea...60&u_his=12 (C:\WINDOWS\TEMP\_avast4_\unp11261286.tmp) returning error, 0000A474. 12/11/2006 16:55:42 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.01net.com/shopping/js/servicesV4.js? (C:\WINDOWS\TEMP\_avast4_\unp206872142.tmp) returning error, 0000A474. 12/11/2006 16:55:43 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://media.mediaplazza.com/t_15/64x64/CRDP143.jpg (C:\WINDOWS\TEMP\_avast4_\unp202776866.tmp) returning error, 0000A474. 12/11/2006 16:55:45 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://pagead2.googlesyndication.com/pagea...w=1280&u_ah (C:\WINDOWS\TEMP\_avast4_\unp217836149.tmp) returning error, 0000A474. 12/11/2006 16:55:47 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.01net.com/images/95953.jpg (C:\WINDOWS\TEMP\_avast4_\unp191167274.tmp) returning error, 0000A474. 12/11/2006 16:55:50 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://pagead2.googlesyndication.com/pagea...u_h=1024&u_ (C:\WINDOWS\TEMP\_avast4_\unp188759761.tmp) returning error, 0000A474. 12/11/2006 16:56:07 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://pagead2.googlesyndication.com/pagea...%2Ffiches%2F303 (C:\WINDOWS\TEMP\_avast4_\unp118716924.tmp) returning error, 0000A474. 12/11/2006 16:57:05 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://pagead2.googlesyndication.com/pagea...00040&color (C:\WINDOWS\TEMP\_avast4_\unp30808319.tmp) returning error, 0000A474. 12/11/2006 16:57:09 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://pagead2.googlesyndication.com/pagea...mp;color_link=0 (C:\WINDOWS\TEMP\_avast4_\unp206446078.tmp) returning error, 0000A474. 12/11/2006 16:57:11 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.zebulon.fr/includes/espotting/c...s_dl.php?hits=2 (C:\WINDOWS\TEMP\_avast4_\unp267831953.tmp) returning error, 0000A474. 12/11/2006 16:57:28 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://pagead2.googlesyndication.com/pagea...bg=D3E5FA&c (C:\WINDOWS\TEMP\_avast4_\unp14711273.tmp) returning error, 0000A474. 12/11/2006 16:58:02 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://pagead2.googlesyndication.com/pagea...p;color_text=00 (C:\WINDOWS\TEMP\_avast4_\unp141930632.tmp) returning error, 0000A474. 12/11/2006 17:00:17 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://swicki.eurekster.com/scripts/hoverStates.js (C:\WINDOWS\TEMP\_avast4_\unp161831981.tmp) returning error, 0000A474. 12/11/2006 17:01:24 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://track2.mybloglog.com/js/jsserv.php?...006053021444888 (C:\WINDOWS\TEMP\_avast4_\unp148216767.tmp) returning error, 0000A474. 12/11/2006 17:01:24 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://ad.doubleclick.net/adi/gm.fleshbot/...00;ord=28003541? (C:\WINDOWS\TEMP\_avast4_\unp148057985.tmp) returning error, 0000A474. 12/11/2006 17:02:04 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.voissa.com/voissa.js (C:\WINDOWS\TEMP\_avast4_\unp156447934.tmp) returning error, 0000A474. 12/11/2006 17:02:08 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.voissa.com/favicon.ico (C:\WINDOWS\TEMP\_avast4_\unp154121319.tmp) returning error, 0000A474. 12/11/2006 17:02:12 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.postyourgirls.com/nov06/11/01/tn_07_jpg.jpg (C:\WINDOWS\TEMP\_avast4_\unp183373522.tmp) returning error, 0000A474. 12/11/2006 17:02:15 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://groovybus.com/porn_trailers/the_best_pov.jpg (C:\WINDOWS\TEMP\_avast4_\unp180189580.tmp) returning error, 0000A474. 12/11/2006 17:02:16 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.postyourgirls.com/nov06/11/03/tn_04_jpg.jpg (C:\WINDOWS\TEMP\_avast4_\unp72365711.tmp) returning error, 0000A474. 12/11/2006 17:02:17 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.postyourgirls.com/images/aff_thumbs/img40.jpg (C:\WINDOWS\TEMP\_avast4_\unp69451677.tmp) returning error, 0000A474. 12/11/2006 17:02:18 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.postyourgirls.com/images/aff_thumbs/img66.jpg (C:\WINDOWS\TEMP\_avast4_\unp83726613.tmp) returning error, 0000A474. 12/11/2006 17:02:20 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.postyourgirls.com/nov06/11/05/tn_02_jpg.jpg (C:\WINDOWS\TEMP\_avast4_\unp77419477.tmp) returning error, 0000A474. 12/11/2006 17:02:21 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.postyourgirls.com/images/aff_thumbs/img116.jpg (C:\WINDOWS\TEMP\_avast4_\unp75686149.tmp) returning error, 0000A474. 12/11/2006 17:02:22 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.postyourgirls.com/nov06/10/08/tn_08_jpg.jpg (C:\WINDOWS\TEMP\_avast4_\unp77409586.tmp) returning error, 0000A474. 12/11/2006 17:02:23 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.postyourgirls.com/nov06/10/02/tn_05_jpg.jpg (C:\WINDOWS\TEMP\_avast4_\unp73001494.tmp) returning error, 0000A474. 12/11/2006 17:02:23 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.postyourgirls.com/nov06/10/05/tn_04_jpg.jpg (C:\WINDOWS\TEMP\_avast4_\unp74491828.tmp) returning error, 0000A474. 12/11/2006 17:02:28 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.postyourgirls.com/nov06/09/06ca...l/tn_08_jpg.jpg (C:\WINDOWS\TEMP\_avast4_\unp90308249.tmp) returning error, 0000A474. 12/11/2006 17:02:32 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.postyourgirls.com/nov06/07/04/tn_01_jpg.jpg (C:\WINDOWS\TEMP\_avast4_\unp90487037.tmp) returning error, 0000A474. 12/11/2006 17:02:35 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.rabbitsreviews.com/images/newde...ogo_bottom2.jpg (C:\WINDOWS\TEMP\_avast4_\unp103449399.tmp) returning error, 0000A474. 12/11/2006 17:02:36 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.postyourgirls.com/c041nosiytoy.jpg (C:\WINDOWS\TEMP\_avast4_\unp85931540.tmp) returning error, 0000A474. 12/11/2006 17:02:43 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.onlyams.com/include/oodomimagerollover.js (C:\WINDOWS\TEMP\_avast4_\unp90221620.tmp) returning error, 0000A474. 12/11/2006 17:02:44 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://track.mybloglog.com/js/?mblID=2005062001222542 (C:\WINDOWS\TEMP\_avast4_\unp75848003.tmp) returning error, 0000A474. 12/11/2006 17:02:58 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.onlyams.com/images/v2/oa_35.jpg (C:\WINDOWS\TEMP\_avast4_\unp47017548.tmp) returning error, 0000A474. 12/11/2006 17:03:21 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://js7.clickzs.com/exgir-1.js (C:\WINDOWS\TEMP\_avast4_\unp149689351.tmp) returning error, 0000A474. 12/11/2006 17:03:32 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.onlyams.com/images/v2/maino.jpg (C:\WINDOWS\TEMP\_avast4_\unp176914693.tmp) returning error, 0000A474. 12/11/2006 17:03:33 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.verynude.net/dirty/images/dirty-main_10.jpg (C:\WINDOWS\TEMP\_avast4_\unp179386404.tmp) returning error, 0000A474. 12/11/2006 17:03:33 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.onlyams.com/images/v2/webmasterso.jpg (C:\WINDOWS\TEMP\_avast4_\unp179342398.tmp) returning error, 0000A474. 12/11/2006 17:03:33 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.onlyams.com/images/v2/rss20o.jpg (C:\WINDOWS\TEMP\_avast4_\unp172012774.tmp) returning error, 0000A474. 12/11/2006 17:03:33 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.onlyams.com/images/v2/commentrsso.jpg (C:\WINDOWS\TEMP\_avast4_\unp172081248.tmp) returning error, 0000A474. 12/11/2006 17:03:54 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.gallery-dump.com/minmax.js (C:\WINDOWS\TEMP\_avast4_\unp141003600.tmp) returning error, 0000A474. 12/11/2006 17:03:54 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.gallery-dump.com/favicon.ico (C:\WINDOWS\TEMP\_avast4_\unp260949356.tmp) returning error, 0000A474. 12/11/2006 17:03:57 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://pluginx.perfectgonzo.com/mov_dir/71...3432/index.html (C:\WINDOWS\TEMP\_avast4_\unp195680035.tmp) returning error, 0000A474. 12/11/2006 17:04:12 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://images.imagefap.com/images/thumb/939224158.jpg (C:\WINDOWS\TEMP\_avast4_\unp220721755.tmp) returning error, 0000A474. 12/11/2006 17:04:12 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://images.imagefap.com/images/thumb/1417717406.jpg (C:\WINDOWS\TEMP\_avast4_\unp220418242.tmp) returning error, 0000A474. 12/11/2006 17:04:12 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://images.imagefap.com/images/thumb/1419745330.jpg (C:\WINDOWS\TEMP\_avast4_\unp220846694.tmp) returning error, 0000A474. 12/11/2006 17:04:13 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://images.imagefap.com/images/thumb/1317570606.jpg (C:\WINDOWS\TEMP\_avast4_\unp220297773.tmp) returning error, 0000A474. 12/11/2006 17:04:13 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://images.imagefap.com/images/thumb/975844878.jpg (C:\WINDOWS\TEMP\_avast4_\unp220436702.tmp) returning error, 0000A474. 12/11/2006 17:04:13 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://images.imagefap.com/images/thumb/961766277.jpg (C:\WINDOWS\TEMP\_avast4_\unp221811216.tmp) returning error, 0000A474. 12/11/2006 17:04:13 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://images.imagefap.com/images/thumb/1190638475.jpg (C:\WINDOWS\TEMP\_avast4_\unp221588580.tmp) returning error, 0000A474. 12/11/2006 17:04:14 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://images.imagefap.com/images/thumb/644630191.jpg (C:\WINDOWS\TEMP\_avast4_\unp221036839.tmp) returning error, 0000A474. 12/11/2006 17:05:34 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://fr.yahoo.com/module/spirit/pa_modul...190881432762965 (C:\WINDOWS\TEMP\_avast4_\unp96115979.tmp) returning error, 0000A474. 04/12/2006 16:02:43 SYSTEM 1596 Sign of "Win32:Trojan-gen. {UPX!}" has been found in "C:\Program Files\eMule\Incoming\splinter cell chaos theory + CRACK + KEYGEN.exe" file. 19/12/2006 17:36:42 SYSTEM 1600 Function setifaceUpdatePackages() has failed. Return code is 0xC0000142, dwRes is C0000142. 19/12/2006 17:36:43 SYSTEM 1600 An error has occured while attempting to update. Please check the logs. 16/01/2007 23:17:36 SYSTEM 1644 Sign of "JS:Feebs [Wrm]" has been found in "http://www.xxxseek.org/popup/zpopup.cgi\unp66757356" file. 16/01/2007 23:28:58 SYSTEM 1644 Sign of "JS:Feebs [Wrm]" has been found in "http://www.advancedhunt.com/popup/zpopup.cgi\unp150979268" file. 27/01/2007 14:09:13 Propriétaire 1640 Sign of "Win32:Agent-DEI [Trj]" has been found in "C:\Program Files\eMule\Incoming\[Pc-Game] GT Legends crack and keygen.rar\[Pc-Game] GT Legends crack and keygen.exe" file. 27/01/2007 15:05:58 Propriétaire 1640 Sign of "Win32:Hidewindows-B [Tool]" has been found in "C:\Program Files\eMule\Incoming\GT Legends - PC Game Crack Patch Serial Keygen no-cd.rar\GT Legends - PC Game Crack Patch Serial Keygen no-cd.exe\Young.Girl.Teen.Sex.Orgy.Gang.Bang.Pic.2006.exe\LSASS.exe" file. 27/01/2007 15:08:54 Propriétaire 1640 Sign of "Win32:Iroffer-003 [Trj]" has been found in "C:\Program Files\eMule\Incoming\GT Legends - PC Game Crack Patch Serial Keygen no-cd.rar\GT Legends - PC Game Crack Patch Serial Keygen no-cd.exe\Young.Girl.Teen.Sex.Orgy.Gang.Bang.Pic.2006.exe\service.exe" file. 27/01/2007 15:10:35 Propriétaire 1640 Sign of "Win32:Hidewindows-B [Tool]" has been found in "C:\Program Files\eMule\Incoming\GT Legends - PC Game Crack Patch Serial Keygen no-cd.rar\GT Legends - PC Game Crack Patch Serial Keygen no-cd.exe\LSASS.exe" file. 27/01/2007 15:10:42 Propriétaire 1640 Sign of "Win32:Iroffer-003 [Trj]" has been found in "C:\Program Files\eMule\Incoming\GT Legends - PC Game Crack Patch Serial Keygen no-cd.rar\GT Legends - PC Game Crack Patch Serial Keygen no-cd.exe\service.exe" file. 28/01/2007 12:41:54 Propriétaire 1640 Sign of "Win32:Trojan-gen. {VC}" has been found in "C:\Program Files\eMule\Incoming\Crack Gt Legends (Multilanguage Version)(Run).rar\CRACK GT LEGENDS (MULTILANGUAGE VERSION)(RUN)\Deutsch\trembler.exe\trembler.exe" file. 28/01/2007 17:06:48 Propriétaire 1640 Sign of "Win32:Trojan-gen. {VC}" has been found in "C:\Program Files\eMule\Incoming\Crack Gt Legends (Multilanguage Version)(Run).rar\CRACK GT LEGENDS (MULTILANGUAGE VERSION)(RUN)\English\trembler.exe\trembler.exe" file. 28/01/2007 17:08:45 Propriétaire 1640 Sign of "Win32:Trojan-gen. {VC}" has been found in "C:\Program Files\eMule\Incoming\Crack Gt Legends (Multilanguage Version)(Run).rar\CRACK GT LEGENDS (MULTILANGUAGE VERSION)(RUN)\Español\trembler.exe\trembler.exe" file. 28/01/2007 17:08:49 Propriétaire 1640 Sign of "Win32:Trojan-gen. {VC}" has been found in "C:\Program Files\eMule\Incoming\Crack Gt Legends (Multilanguage Version)(Run).rar\CRACK GT LEGENDS (MULTILANGUAGE VERSION)(RUN)\Français\trembler.exe\trembler.exe" file. 28/01/2007 17:08:51 Propriétaire 1640 Sign of "Win32:Trojan-gen. {VC}" has been found in "C:\Program Files\eMule\Incoming\Crack Gt Legends (Multilanguage Version)(Run).rar\CRACK GT LEGENDS (MULTILANGUAGE VERSION)(RUN)\Italiano\trembler.exe\trembler.exe" file. 28/01/2007 17:08:54 Propriétaire 1640 Sign of "Win32:Trojan-gen. {VC}" has been found in "C:\Program Files\eMule\Incoming\Crack Gt Legends (Multilanguage Version)(Run).rar\CRACK GT LEGENDS (MULTILANGUAGE VERSION)(RUN)\Nederlands\trembler.exe\trembler.exe" file. 28/01/2007 17:09:08 Propriétaire 1640 Sign of "Win32:Trojan-gen. {VC}" has been found in "C:\Program Files\eMule\Incoming\Crack Gt Legends (Multilanguage Version)(Run).rar\CRACK GT LEGENDS (MULTILANGUAGE VERSION)(RUN)\Portugeses\Photos clara morgane, irina voronina, titia\trembler.exe\trembler.exe" file. 28/01/2007 17:09:19 Propriétaire 1640 Sign of "Win32:Trojan-gen. {VC}" has been found in "C:\Program Files\eMule\Incoming\Crack Gt Legends (Multilanguage Version)(Run).rar\CRACK GT LEGENDS (MULTILANGUAGE VERSION)(RUN)\Portugeses\trembler.exe\trembler.exe" file. 28/01/2007 23:19:02 Propriétaire 1640 Sign of "MS06-001 WMF Exploit" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\gl8xcccy.wmf" file. 30/01/2007 19:15:06 Propriétaire 1640 Sign of "Win32:Parite" has been found in "C:\Program Files\eMule\Temp25.part" file. 30/01/2007 20:41:55 Propriétaire 1640 Sign of "Win32:Agent-AWB [Adw]" has been found in "C:\Program Files\BSplayer_WhenUSave_Installer\SET35E.tmp" file. 30/01/2007 20:47:07 Propriétaire 1640 Sign of "Win32:Adware-gen. [Adw]" has been found in "http://www.bsplayer.com/wus/SetupInstRe.exe" file. 30/01/2007 20:47:34 Propriétaire 1640 Sign of "Win32:Adware-gen. [Adw]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\76azgrkj.exe" file. 30/01/2007 20:47:40 Propriétaire 1640 Sign of "Win32:Adware-gen. [Adw]" has been found in "C:\Documents and Settings\Propriétaire\Bureau\SetupInstRe.exe.part" file. 30/01/2007 20:47:51 Propriétaire 1640 Sign of "Win32:Adware-gen. [Adw]" has been found in "C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Mozilla\Firefox\Profiles\u00h52o7.default\Cache\DC5A8672d01" file. 30/01/2007 20:47:53 Propriétaire 1640 Sign of "Win32:Adware-gen. [Adw]" has been found in "C:\Documents and Settings\Propriétaire\Bureau\SetupInstRe.exe" file. 30/01/2007 20:48:07 Propriétaire 1640 Sign of "Win32:Adware-gen. [Adw]" has been found in "C:\Documents and Settings\Propriétaire\Bureau\SetupInstRe.exe" file. 30/01/2007 20:49:21 Propriétaire 1640 Sign of "Win32:Adware-gen. [Adw]" has been found in "C:\RECYCLER\S-1-5-21-2731321507-833163270-3340094774-1003\Dc31.exe" file. 22/02/2007 17:30:10 Propriétaire 4060 Sign of "Win32:Adware-gen. [Adw]" has been found in "C:\System Volume Information\_restore{D2B56700-B650-4C30-8071-D5EC1FCE58BB}\RP198\A0025998.exe" file. 25/03/2007 11:44:25 SYSTEM 1632 Sign of "Win32:CTX" has been found in "http://acs.pandasoftware.com/activescan/as5free/motor.cab\pskavs.DLL" file. 26/03/2007 17:48:47 Propriétaire 1624 Sign of "Win32:Medpas-2 [Adw]" has been found in "C:\WINDOWS\system32\shell32.exe" file. 26/03/2007 17:48:48 Propriétaire 1624 Sign of "Win32:Trojan-gen. {Other}" has been found in "C:\WINDOWS\system32\username.exe" file. 26/03/2007 17:48:48 Propriétaire 1624 Sign of "Win32:Trojan-gen. {Other}" has been found in "C:\WINDOWS\system32\wudupdate.exe" file. 26/03/2007 17:48:49 Propriétaire 1624 Sign of "Win32:Spyware-gen. [Trj]" has been found in "C:\WINDOWS\system32\sp2protect.exe" file. 26/03/2007 17:48:58 Propriétaire 1624 Sign of "Win32:Spyware-gen. [Trj]" has been found in "C:\WINDOWS\system32\sp2protect.exe" file. 26/03/2007 17:48:58 Propriétaire 1624 Sign of "Win32:Medpas-2 [Adw]" has been found in "C:\WINDOWS\system32\shell32.exe" file. 26/03/2007 17:48:58 Propriétaire 1624 Sign of "Win32:Trojan-gen. {Other}" has been found in "C:\WINDOWS\system32\wudupdate.exe" file. 26/03/2007 17:48:58 Propriétaire 1624 Sign of "Win32:Trojan-gen. {Other}" has been found in "C:\WINDOWS\system32\username.exe" file. 26/03/2007 17:53:26 Propriétaire 1624 Sign of "Win32:Medpas-2 [Adw]" has been found in "C:\WINDOWS\system32\shell32.exe" file. 26/03/2007 17:53:28 Propriétaire 1624 Sign of "Win32:Trojan-gen. {Other}" has been found in "C:\WINDOWS\system32\username.exe" file. 26/03/2007 17:53:29 Propriétaire 1624 Sign of "Win32:Trojan-gen. {Other}" has been found in "C:\WINDOWS\system32\wudupdate.exe" file. 26/03/2007 17:53:35 Propriétaire 1624 Sign of "Win32:Medpas-2 [Adw]" has been found in "C:\WINDOWS\system32\shell32.exe" file. 26/03/2007 17:53:35 Propriétaire 1624 Sign of "Win32:Trojan-gen. {Other}" has been found in "C:\WINDOWS\system32\wudupdate.exe" file. 26/03/2007 17:53:35 Propriétaire 1624 Sign of "Win32:Trojan-gen. {Other}" has been found in "C:\WINDOWS\system32\username.exe" file. 26/03/2007 17:55:11 Propriétaire 1624 Sign of "Win32:Medpas-2 [Adw]" has been found in "C:\WINDOWS\system32\shell32.exe" file. 26/03/2007 17:55:12 Propriétaire 1624 Sign of "Win32:Trojan-gen. {Other}" has been found in "C:\WINDOWS\system32\username.exe" file. 26/03/2007 17:55:14 Propriétaire 1624 Sign of "Win32:Trojan-gen. {Other}" has been found in "C:\WINDOWS\system32\wudupdate.exe" file. 26/03/2007 17:55:20 Propriétaire 1624 Sign of "Win32:Medpas-2 [Adw]" has been found in "C:\WINDOWS\system32\shell32.exe" file. 26/03/2007 17:55:20 Propriétaire 1624 Sign of "Win32:Trojan-gen. {Other}" has been found in "C:\WINDOWS\system32\wudupdate.exe" file. 26/03/2007 17:55:20 Propriétaire 1624 Sign of "Win32:Trojan-gen. {Other}" has been found in "C:\WINDOWS\system32\username.exe" file. 26/03/2007 23:13:06 Propriétaire 1624 Sign of "Win32:Medpas-2 [Adw]" has been found in "C:\WINDOWS\system32\shell32.exe" file. 26/03/2007 23:13:08 Propriétaire 1624 Sign of "Win32:Spyware-gen. [Trj]" has been found in "C:\WINDOWS\system32\sp2protect.exe" file. 26/03/2007 23:13:11 Propriétaire 1624 Sign of "Win32:Trojan-gen. {Other}" has been found in "C:\WINDOWS\system32\username.exe" file. 26/03/2007 23:13:16 Propriétaire 1624 Sign of "Win32:Trojan-gen. {Other}" has been found in "C:\WINDOWS\system32\wudupdate.exe" file. 29/03/2007 23:00:36 Propriétaire 1624 Sign of "Win32:Medpas-2 [Adw]" has been found in "C:\WINDOWS\system32\shell32.exe" file. 29/03/2007 23:00:38 Propriétaire 1624 Sign of "Win32:Spyware-gen. [Trj]" has been found in "C:\WINDOWS\system32\sp2protect.exe" file. 29/03/2007 23:00:41 Propriétaire 1624 Sign of "Win32:Trojan-gen. {Other}" has been found in "C:\WINDOWS\system32\username.exe" file. 29/03/2007 23:00:45 Propriétaire 1624 Sign of "Win32:Trojan-gen. {Other}" has been found in "C:\WINDOWS\system32\wudupdate.exe" file. 02/04/2007 17:15:29 SYSTEM 1640 Sign of "Win32:Spyware-gen. [Trj]" has been found in "C:\WINDOWS\system32\sp2protect.exe" file. 02/04/2007 17:15:31 SYSTEM 1640 Sign of "Win32:Medpas-2 [Adw]" has been found in "C:\WINDOWS\system32\shell32.exe" file. 02/04/2007 17:15:32 SYSTEM 1640 Sign of "Win32:Trojan-gen. {Other}" has been found in "C:\WINDOWS\system32\wudupdate.exe" file. 02/04/2007 17:15:32 SYSTEM 1640 Sign of "Win32:Trojan-gen. {Other}" has been found in "C:\WINDOWS\system32\username.exe" file. 02/04/2007 20:40:54 SYSTEM 1640 Sign of "JS:Feebs family" has been found in "http://xxx-files.biz/?id=xukru"'>http://xxx-files.biz/?id=xukru" file. 04/04/2007 13:12:09 SYSTEM 1680 Sign of "Win32:Spyware-gen. [Trj]" has been found in "C:\WINDOWS\system32\sp2protect.exe" file. 04/04/2007 13:12:11 SYSTEM 1680 Sign of "Win32:Medpas-2 [Adw]" has been found in "C:\WINDOWS\system32\shell32.exe" file. 04/04/2007 13:12:12 SYSTEM 1680 Sign of "Win32:Trojan-gen. {Other}" has been found in "C:\WINDOWS\system32\wudupdate.exe" file. 04/04/2007 13:12:12 SYSTEM 1680 Sign of "Win32:Trojan-gen. {Other}" has been found in "C:\WINDOWS\system32\username.exe" file. 07/04/2007 17:56:01 SYSTEM 1680 Sign of "Win32:Trojan-gen. {Other}" has been found in "C:\WINDOWS\system32\wudupdate.exe" file. 08/04/2007 17:56:01 SYSTEM 1680 Sign of "Win32:Medpas-2 [Adw]" has been found in "C:\WINDOWS\system32\shell32.exe" file. 09/04/2007 11:52:40 SYSTEM 1628 Sign of "Win32:Spyware-gen. [Trj]" has been found in "C:\WINDOWS\system32\sp2protect.exe" file. 09/04/2007 11:52:42 SYSTEM 1628 Sign of "Win32:Trojan-gen. {Other}" has been found in "C:\WINDOWS\system32\wudupdate.exe" file. 09/04/2007 11:52:42 SYSTEM 1628 Sign of "Win32:Trojan-gen. {Other}" has been found in "C:\WINDOWS\system32\username.exe" file. 09/04/2007 17:01:51 SYSTEM 1640 Sign of "Win32:Spyware-gen. [Trj]" has been found in "C:\WINDOWS\system32\sp2protect.exe" file. 09/04/2007 17:01:52 SYSTEM 1640 Sign of "Win32:Trojan-gen. {Other}" has been found in "C:\WINDOWS\system32\wudupdate.exe" file. 09/04/2007 17:01:53 SYSTEM 1640 Sign of "Win32:Trojan-gen. {Other}" has been found in "C:\WINDOWS\system32\username.exe" file. 10/04/2007 12:25:13 SYSTEM 1640 Sign of "JS:Feebs family" has been found in "http://xxx-files.biz/?id=xukru" file. 10/04/2007 22:51:16 SYSTEM 1640 Sign of "Win32:Spyware-gen. [Trj]" has been found in "C:\WINDOWS\system32\sp2protect.exe" file. 10/04/2007 22:52:17 SYSTEM 1640 Sign of "Win32:Trojan-gen. {Other}" has been found in "C:\WINDOWS\system32\username.exe" file. 10/04/2007 22:52:42 SYSTEM 1640 Sign of "Win32:Trojan-gen. {Other}" has been found in "C:\WINDOWS\system32\wudupdate.exe" file. 10/04/2007 23:24:53 SYSTEM 1640 Sign of "Win32:Spyware-gen. [Trj]" has been found in "C:\System Volume Information\_restore{D2B56700-B650-4C30-8071-D5EC1FCE58BB}\RP272\A0033224.exe" file. 10/04/2007 23:37:58 Propriétaire 2204 Sign of "Win32:Medpas-2 [Adw]" has been found in "C:\System Volume Information\_restore{D2B56700-B650-4C30-8071-D5EC1FCE58BB}\RP269\A0033072.exe" file. 11/04/2007 09:19:20 Propriétaire 2204 Sign of "Win32:Trojan-gen. {Other}" has been found in "C:\System Volume Information\_restore{D2B56700-B650-4C30-8071-D5EC1FCE58BB}\RP272\A0033225.exe" file. 11/04/2007 09:19:28 Propriétaire 2204 Sign of "Win32:Trojan-gen. {Other}" has been found in "C:\System Volume Information\_restore{D2B56700-B650-4C30-8071-D5EC1FCE58BB}\RP272\A0033226.exe" file. 14/05/2007 00:21:14 SYSTEM 1480 Sign of "Win32:Kapucen-B [Wrm]" has been found in "C:\Program Files\eMule\Incoming\CRACK+PATCHC- Richard Burns Rally fr ger eng.rar" file. 16/05/2007 06:22:57 SYSTEM 1512 AAVM - scanning warning: x_AavmCheckFileDirectEx [uNI]: C:\Program Files\eMule\Incoming\Splinter.Cell.Chaos.Theory.DVD.Multi5.verifier.divxorama.net.mdf (C:\Program Files\eMule\Incoming\Splinter.Cell.Chaos.Theory.DVD.Multi5.verifier.divxorama.net.mdf) returning error, 00000084. 04/06/2007 18:04:28 Propriétaire 1484 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\22exinjs.a9.exe\[uPX]" file. 04/06/2007 18:07:45 Propriétaire 1484 Sign of "Win32:Horst-GZ [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\32exhdda.9.exe\[uPX]" file. 04/06/2007 18:11:19 Propriétaire 1484 Sign of "Win32:Spambot-B [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\97exhm.txt.4.exe\[uPX]" file. 04/06/2007 20:07:36 Propriétaire 1484 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\88exinjs.a9.exe\[uPX]" file. 04/06/2007 20:29:54 Propriétaire 1484 Sign of "Win32:Horst-GZ [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\59exhdda.9.exe\[uPX]" file. 04/06/2007 20:29:57 Propriétaire 1484 Sign of "Win32:Spambot-B [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\17exhm.txt.4.exe\[uPX]" file. 04/06/2007 20:48:16 Propriétaire 1500 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\23exinjs.a9.exe\[uPX]" file. 04/06/2007 20:48:22 Propriétaire 1500 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\23exinjs.a9.exe\[uPX]" file. 04/06/2007 20:49:42 Propriétaire 1500 Sign of "Win32:Horst-GZ [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\8exhdda.9.exe\[uPX]" file. 04/06/2007 20:58:30 Propriétaire 1500 Sign of "Win32:Spambot-B [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\72exhm.txt.4.exe\[uPX]" file. 04/06/2007 22:27:29 Propriétaire 1500 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\60exinjs.a9.exe\[uPX]" file. 04/06/2007 22:27:38 Propriétaire 1500 Sign of "Win32:Horst-GZ [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\29exhdda.9.exe\[uPX]" file. 04/06/2007 22:27:41 Propriétaire 1500 Sign of "Win32:Spambot-B [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\4exhm.txt.4.exe\[uPX]" file. 04/06/2007 23:35:25 Propriétaire 1500 Sign of "Win32:Spambot-B [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\90exhm.txt.4.exe\[uPX]" file. 05/06/2007 00:32:56 Propriétaire 1500 Sign of "Win32:Spambot-B [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\60exhm.txt.4.exe\[uPX]" file. 05/06/2007 07:21:46 Propriétaire 1500 Sign of "Win32:Horst-GZ [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\11exhdda.9.exe\[uPX]" file. 05/06/2007 07:21:53 Propriétaire 1500 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\89exinjs.a9.exe\[uPX]" file. 05/06/2007 07:21:56 Propriétaire 1500 Sign of "Win32:Spambot-B [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\47exhm.txt.4.exe\[uPX]" file. 05/06/2007 07:22:01 Propriétaire 1500 Sign of "Win32:Spambot-B [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\56exhm.txt.4.exe\[uPX]" file. 05/06/2007 07:22:04 Propriétaire 1500 Sign of "Win32:Spambot-B [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\76exhm.txt.4.exe\[uPX]" file. 05/06/2007 07:22:06 Propriétaire 1500 Sign of "Win32:Spambot-B [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\31exhm.txt.4.exe\[uPX]" file. 05/06/2007 07:22:11 Propriétaire 1500 Sign of "Win32:Spambot-B [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\71exhm.txt.4.exe\[uPX]" file. 05/06/2007 07:22:14 Propriétaire 1500 Sign of "Win32:Spambot-B [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\88exhm.txt.4.exe\[uPX]" file. 05/06/2007 07:22:17 Propriétaire 1500 Sign of "Win32:Spambot-B [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\9exhm.txt.4.exe\[uPX]" file. 05/06/2007 07:22:20 Propriétaire 1500 Sign of "Win32:Spambot-B [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\57exhm.txt.4.exe\[uPX]" file. 05/06/2007 07:22:22 Propriétaire 1500 Sign of "Win32:Spambot-B [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\53exhm.txt.4.exe\[uPX]" file. 05/06/2007 07:22:25 Propriétaire 1500 Sign of "Win32:Spambot-B [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\35exhm.txt.4.exe\[uPX]" file. 05/06/2007 07:24:23 Propriétaire 1500 Sign of "Win32:Spambot-B [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\38exhm.txt.4.exe\[uPX]" file. 05/06/2007 08:04:13 Propriétaire 1500 Sign of "Win32:Spambot-B [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\85exhm.txt.4.exe\[uPX]" file. 05/06/2007 16:47:25 Propriétaire 1500 Sign of "Win32:Spambot-B [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\56exhm.txt.4.exe\[uPX]" file. 05/06/2007 16:47:31 Propriétaire 1500 Sign of "Win32:Spambot-B [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\43exhm.txt.4.exe\[uPX]" file. 05/06/2007 16:47:37 Propriétaire 1500 Sign of "Win32:Horst-GZ [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\9exhdda.9.exe\[uPX]" file. 05/06/2007 16:47:39 Propriétaire 1500 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\99exinjs.a9.exe\[uPX]" file. 05/06/2007 16:47:41 Propriétaire 1500 Sign of "Win32:Spambot-B [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\83exhm.txt.4.exe\[uPX]" file. 05/06/2007 16:47:44 Propriétaire 1500 Sign of "Win32:Spambot-B [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\45exhm.txt.4.exe\[uPX]" file. 05/06/2007 16:47:55 Propriétaire 1500 Sign of "Win32:Horst-GZ [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\99exhdda.9.exe\[uPX]" file. 05/06/2007 16:47:58 Propriétaire 1500 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\57exinjs.a9.exe\[uPX]" file. 05/06/2007 16:48:00 Propriétaire 1500 Sign of "Win32:Spambot-B [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\73exhm.txt.4.exe\[uPX]" file. 05/06/2007 16:48:04 Propriétaire 1500 Sign of "Win32:Spambot-B [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\66exhm.txt.4.exe\[uPX]" file. 05/06/2007 16:48:06 Propriétaire 1500 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\93exinjs.a9.exe\[uPX]" file. 05/06/2007 16:48:09 Propriétaire 1500 Sign of "Win32:Horst-GZ [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\97exhdda.9.exe\[uPX]" file. 05/06/2007 16:48:11 Propriétaire 1500 Sign of "Win32:Spambot-B [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\31exhm.txt.4.exe\[uPX]" file. 05/06/2007 16:48:13 Propriétaire 1500 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\60exinjs.a9.exe\[uPX]" file. 05/06/2007 16:48:15 Propriétaire 1500 Sign of "Win32:Horst-GZ [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\79exhdda.9.exe\[uPX]" file. 05/06/2007 16:48:17 Propriétaire 1500 Sign of "Win32:Spambot-B [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\90exhm.txt.4.exe\[uPX]" file. 05/06/2007 18:59:23 Propriétaire 1540 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\87exinjs.a9.exe\[uPX]" file. 05/06/2007 19:59:49 Propriétaire 1540 Sign of "Win32:Horst-GZ [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\62exhdda.9.exe\[uPX]" file. 05/06/2007 20:00:01 Propriétaire 1540 Sign of "Win32:Spambot-B [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\7exhm.txt.4.exe\[uPX]" file. 05/06/2007 20:23:17 Propriétaire 1540 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\30exinjs.a9.exe\[uPX]" file. 05/06/2007 20:51:42 Propriétaire 1540 Sign of "Win32:Horst-GZ [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\90exhdda.9.exe\[uPX]" file. 05/06/2007 20:51:45 Propriétaire 1540 Sign of "Win32:Spambot-B [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\33exhm.txt.4.exe\[uPX]" file. 05/06/2007 20:51:50 Propriétaire 1540 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\30exinjs.a9.exe\[uPX]" file. 05/06/2007 20:51:52 Propriétaire 1540 Sign of "Win32:Horst-GZ [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\90exhdda.9.exe\[uPX]" file. 05/06/2007 23:00:45 Propriétaire 1540 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\73exinjs.a9.exe\[uPX]" file. 06/06/2007 07:19:42 Propriétaire 1540 Sign of "Win32:Horst-GZ [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\3exhdda.9.exe\[uPX]" file. 06/06/2007 07:19:49 Propriétaire 1540 Sign of "Win32:Spambot-B [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\88exhm.txt.4.exe\[uPX]" file. 06/06/2007 07:19:53 Propriétaire 1540 Sign of "Win32:Spambot-B [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\92exhm.txt.4.exe\[uPX]" file. 06/06/2007 07:19:55 Propriétaire 1540 Sign of "Win32:Horst-GZ [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\19exhdda.9.exe\[uPX]" file. 06/06/2007 07:19:57 Propriétaire 1540 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\87exinjs.a9.exe\[uPX]" file. 06/06/2007 07:20:00 Propriétaire 1540 Sign of "Win32:Spambot-B [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\76exhm.txt.4.exe\[uPX]" file. 06/06/2007 07:20:02 Propriétaire 1540 Sign of "Win32:Horst-GZ [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\27exhdda.9.exe\[uPX]" file. 06/06/2007 07:20:04 Propriétaire 1540 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\1exinjs.a9.exe\[uPX]" file. 06/06/2007 07:20:05 Propriétaire 1540 Sign of "Win32:Spambot-B [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\27exhm.txt.4.exe\[uPX]" file. 06/06/2007 07:20:07 Propriétaire 1540 Sign of "Win32:Spambot-B [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\70exhm.txt.4.exe\[uPX]" file. 06/06/2007 07:20:09 Propriétaire 1540 Sign of "Win32:Spambot-B [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\94exhm.txt.4.exe\[uPX]" file. 06/06/2007 07:20:11 Propriétaire 1540 Sign of "Win32:Spambot-B [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\37exhm.txt.4.exe\[uPX]" file. 06/06/2007 07:20:13 Propriétaire 1540 Sign of "Win32:Spambot-B [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\78exhm.txt.4.exe\[uPX]" file. 06/06/2007 07:20:15 Propriétaire 1540 Sign of "Win32:Spambot-B [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\16exhm.txt.4.exe\[uPX]" file. 06/06/2007 07:20:17 Propriétaire 1540 Sign of "Win32:Spambot-B [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\78exhm.txt.4.exe\[uPX]" file. 06/06/2007 07:21:04 Propriétaire 1540 Sign of "Win32:Spambot-B [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\73exhm.txt.4.exe\[uPX]" file. 06/06/2007 07:21:05 Propriétaire 1540 Sign of "Win32:Spambot-B [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\36exhm.txt.4.exe\[uPX]" file. 06/06/2007 07:21:09 Propriétaire 1540 Sign of "Win32:Spambot-B [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\42exhm.txt.4.exe\[uPX]" file. 06/06/2007 07:21:11 Propriétaire 1540 Sign of "Win32:Spambot-B [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\73exhm.txt.4.exe\[uPX]" file. 06/06/2007 07:25:08 Propriétaire 3360 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\Documents and Settings\Propriétaire\Local Settings\Temp\30exinjs.a9.exe\[uPX]" file. 06/06/2007 07:25:17 Propriétaire 3360 Sign of "Win32:Horst-GZ [Trj]" has been found in "C:\Documents and Settings\Propriétaire\Local Settings\Temp\90exhdda.9.exe\[uPX]" file. 06/06/2007 07:45:18 Propriétaire 1540 Sign of "Win32:Spambot-B [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\97exhm.txt.4.exe\[uPX]" file. 06/06/2007 15:18:01 Propriétaire 1540 Sign of "Win32:Spambot-B [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\23exhm.txt.4.exe\[uPX]" file. 06/06/2007 15:18:07 Propriétaire 1540 Sign of "Win32:Spambot-B [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\12exhm.txt.4.exe\[uPX]" file. 06/06/2007 15:18:11 Propriétaire 1540 Sign of "Win32:Spambot-B [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\53exhm.txt.4.exe\[uPX]" file. 06/06/2007 15:18:15 Propriétaire 1540 Sign of "Win32:Spambot-B [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\18exhm.txt.4.exe\[uPX]" file. 06/06/2007 15:18:20 Propriétaire 1540 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\79exinjs.a9.exe\[uPX]" file. 06/06/2007 15:18:25 Propriétaire 1540 Sign of "Win32:Horst-GZ [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\22exhdda.9.exe\[uPX]" file. 06/06/2007 15:18:28 Propriétaire 1540 Sign of "Win32:Spambot-B [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\96exhm.txt.4.exe\[uPX]" file. 06/06/2007 15:18:33 Propriétaire 1540 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\76exinjs.a9.exe\[uPX]" file. 06/06/2007 15:18:36 Propriétaire 1540 Sign of "Win32:Horst-GZ [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\10exhdda.9.exe\[uPX]" file. 06/06/2007 15:18:39 Propriétaire 1540 Sign of "Win32:Spambot-B [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\48exhm.txt.4.exe\[uPX]" file. 06/06/2007 16:20:12 Propriétaire 1540 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\41exinjs.a9.exe\[uPX]" file. 06/06/2007 16:39:49 Propriétaire 1540 Sign of "Win32:Horst-GZ [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\31exhdda.9.exe\[uPX]" file. 06/06/2007 16:39:51 Propriétaire 1540 Sign of "Win32:Spambot-B [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\98exhm.txt.4.exe\[uPX]" file. 06/06/2007 18:16:37 Propriétaire 1540 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\53exinjs.a9.exe\[uPX]" file. 06/06/2007 18:36:33 Propriétaire 1540 Sign of "Win32:Horst-GZ [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\11exhdda.9.exe\[uPX]" file. 06/06/2007 18:36:36 Propriétaire 1540 Sign of "Win32:Spambot-B [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\47exhm.txt.4.exe\[uPX]" file. 06/06/2007 19:25:21 Propriétaire 1540 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\70exinjs.a9.exe\[uPX]" file. 06/06/2007 20:24:47 Propriétaire 1540 Sign of "Win32:Horst-GZ [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\94exhdda.9.exe\[uPX]" file. 06/06/2007 20:24:59 Propriétaire 1540 Sign of "Win32:Spambot-B [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\65exhm.txt.4.exe\[uPX]" file. 06/06/2007 22:06:58 Propriétaire 1540 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\5exinjs.a9.exe\[uPX]" file. 07/06/2007 07:35:53 Propriétaire 1540 Sign of "Win32:Horst-GZ [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\54exhdda.9.exe\[uPX]" file. 07/06/2007 07:35:57 Propriétaire 1540 Sign of "Win32:Spambot-B [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\69exhm.txt.4.exe\[uPX]" file. 07/06/2007 07:36:00 Propriétaire 1540 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\79exinjs.a9.exe\[uPX]" file. 07/06/2007 07:36:02 Propriétaire 1540 Sign of "Win32:Horst-GZ [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\75exhdda.9.exe\[uPX]" file. 07/06/2007 07:36:04 Propriétaire 1540 Sign of "Win32:Spambot-B [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\91exhm.txt.4.exe\[uPX]" file. 07/06/2007 07:36:06 Propriétaire 1540 Sign of "Win32:Horst-GZ [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\97exhdda.9.exe\[uPX]" file. 07/06/2007 07:36:07 Propriétaire 1540 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\21exinjs.a9.exe\[uPX]" file. 07/06/2007 07:36:09 Propriétaire 1540 Sign of "Win32:Spambot-B [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\75exhm.txt.4.exe\[uPX]" file. 07/06/2007 07:36:11 Propriétaire 1540 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\57exinjs.a9.exe\[uPX]" file. 07/06/2007 07:36:13 Propriétaire 1540 Sign of "Win32:Horst-GZ [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\59exhdda.9.exe\[uPX]" file. 07/06/2007 07:36:14 Propriétaire 1540 Sign of "Win32:Spambot-B [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\88exhm.txt.4.exe\[uPX]" file. 07/06/2007 07:36:16 Propriétaire 1540 Sign of "Win32:Spambot-B [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\97exhm.txt.4.exe\[uPX]" file. 07/06/2007 07:36:19 Propriétaire 1540 Sign of "Win32:Spambot-B [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\26exhm.txt.4.exe\[uPX]" file. 07/06/2007 07:36:21 Propriétaire 1540 Sign of "Win32:Spambot-B [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\26exhm.txt.4.exe\[uPX]" file. 07/06/2007 07:37:02 Propriétaire 1540 Sign of "Win32:Horst-GZ [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\90exhdda.9.exe\[uPX]" file. 07/06/2007 07:37:12 Propriétaire 1540 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\22exinjs.a9.exe\[uPX]" file. 07/06/2007 07:37:15 Propriétaire 1540 Sign of "Win32:Spambot-B [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\25exhm.txt.4.exe\[uPX]" file. 07/06/2007 07:37:19 Propriétaire 1540 Sign of "Win32:Horst-GZ [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\86exhdda.9.exe\[uPX]" file. 07/06/2007 07:37:21 Propriétaire 1540 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\11exinjs.a9.exe\[uPX]" file. 07/06/2007 07:37:23 Propriétaire 1540 Sign of "Win32:Spambot-B [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\17exhm.txt.4.exe\[uPX]" file. 07/06/2007 07:37:25 Propriétaire 1540 Sign of "Win32:Horst-GZ [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\55exhdda.9.exe\[uPX]" file. 07/06/2007 07:37:27 Propriétaire 1540 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\9exinjs.a9.exe\[uPX]" file. 07/06/2007 07:37:28 Propriétaire 1540 Sign of "Win32:Spambot-B [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\57exhm.txt.4.exe\[uPX]" file. 07/06/2007 07:37:30 Propriétaire 1540 Sign of "Win32:Spambot-B [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\76exhm.txt.4.exe\[uPX]" file. 07/06/2007 07:37:34 Propriétaire 1540 Sign of "Win32:Spambot-B [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\26exhm.txt.4.exe\[uPX]" file. 07/06/2007 07:38:20 Propriétaire 1540 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\65exinjs.a9.exe\[uPX]" file. 07/06/2007 07:38:22 Propriétaire 1540 Sign of "Win32:Horst-GZ [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\41exhdda.9.exe\[uPX]" file. 07/06/2007 07:38:23 Propriétaire 1540 Sign of "Win32:Spambot-B [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\60exhm.txt.4.exe\[uPX]" file. 07/06/2007 07:38:24 Propriétaire 1540 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\65exinjs.a9.exe\[uPX]" file. 07/06/2007 07:38:26 Propriétaire 1540 Sign of "Win32:Horst-GZ [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\41exhdda.9.exe\[uPX]" file. 07/06/2007 07:38:28 Propriétaire 1540 Sign of "Win32:Spambot-B [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\60exhm.txt.4.exe\[uPX]" file. 07/06/2007 08:09:52 Propriétaire 1540 Sign of "Win32:Spambot-B [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\51exhm.txt.4.exe\[uPX]" file. 07/06/2007 17:27:28 Propriétaire 1540 Sign of "Win32:Spambot-B [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\29exhm.txt.4.exe\[uPX]" file. 07/06/2007 17:27:34 Propriétaire 1540 Sign of "Win32:Spambot-B [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\5exhm.txt.4.exe\[uPX]" file. 07/06/2007 17:27:37 Propriétaire 1540 Sign of "Win32:Spambot-B [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\88exhm.txt.4.exe\[uPX]" file. 07/06/2007 17:27:39 Propriétaire 1540 Sign of "Win32:Horst-GZ [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\16exhdda.9.exe\[uPX]" file. 07/06/2007 17:27:42 Propriétaire 1540 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\57exinjs.a9.exe\[uPX]" file. 07/06/2007 17:27:44 Propriétaire 1540 Sign of "Win32:Spambot-B [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\94exhm.txt.4.exe\[uPX]" file. 07/06/2007 17:27:46 Propriétaire 1540 Sign of "Win32:Spambot-B [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\74exhm.txt.4.exe\[uPX]" file. 07/06/2007 17:27:49 Propriétaire 1540 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\75exinjs.a9.exe\[uPX]" file. 07/06/2007 17:27:54 Propriétaire 1540 Sign of "Win32:Horst-GZ [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\91exhdda.9.exe\[uPX]" file. 07/06/2007 17:27:59 Propriétaire 1540 Sign of "Win32:Spambot-B [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\64exhm.txt.4.exe\[uPX]" file. 07/06/2007 17:28:07 Propriétaire 1540 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\8exinjs.a9.exe\[uPX]" file. 07/06/2007 17:28:10 Propriétaire 1540 Sign of "Win32:Horst-GZ [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\49exhdda.9.exe\[uPX]" file. 07/06/2007 17:28:14 Propriétaire 1540 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\15exinjs.a9.exe\[uPX]" file. 07/06/2007 17:28:17 Propriétaire 1540 Sign of "Win32:Horst-GZ [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\87exhdda.9.exe\[uPX]" file. 07/06/2007 17:28:21 Propriétaire 1540 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\15exinjs.a9.exe\[uPX]" file. 07/06/2007 17:30:01 Propriétaire 1540 Sign of "Win32:Horst-GZ [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\95exhdda.9.exe\[uPX]" file. 07/06/2007 17:30:07 Propriétaire 1540 Sign of "Win32:Horst-GZ [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\49exhdda.9.exe\[uPX]" file. 07/06/2007 17:42:34 Propriétaire 1540 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\90exinjs.a9.exe\[uPX]" file. 07/06/2007 18:01:20 Propriétaire 1540 Sign of "Win32:Horst-GZ [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\95exhdda.9.exe\[uPX]" file. 07/06/2007 18:20:28 Propriétaire 1540 Sign of "Win32:Spambot-B [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\50exhm.txt.4.exe\[uPX]" file. 07/06/2007 19:44:00 Propriétaire 1488 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\6exinjs.a9.exe\[uPX]" file. 07/06/2007 20:54:10 Propriétaire 1488 Sign of "Win32:Horst-GZ [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\96exhdda.9.exe\[uPX]" file. 07/06/2007 20:54:13 Propriétaire 1488 Sign of "Win32:Spambot-B [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\84exhm.txt.4.exe\[uPX]" file. 07/06/2007 21:00:46 Propriétaire 1488 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\33exinjs.a9.exe\[uPX]" file. 07/06/2007 21:01:08 Propriétaire 1488 Sign of "Win32:Horst-GZ [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\49exhdda.9.exe\[uPX]" file. 07/06/2007 21:06:51 Propriétaire 1488 Sign of "Win32:Spambot-B [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\71exhm.txt.4.exe\[uPX]" file. 07/06/2007 21:50:45 Propriétaire 1488 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\84exinjs.a9.exe\[uPX]" file. 07/06/2007 21:51:43 Propriétaire 1488 Sign of "Win32:Horst-GZ [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\7exhdda.9.exe\[uPX]" file. 07/06/2007 21:54:27 Propriétaire 1488 Sign of "Win32:Spambot-B [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\49exhm.txt.4.exe\[uPX]" file. 07/06/2007 21:54:34 Propriétaire 1488 Sign of "Win32:Spambot-B [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\49exhm.txt.4.exe\[uPX]" file. 07/06/2007 23:19:11 Propriétaire 1488 Sign of "Win32:Spambot-B [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\82exhm.txt.4.exe\[uPX]" file. 08/06/2007 07:37:50 Propriétaire 1488 Sign of "Win32:Horst-GZ [Trj]" has been found in "C:\Documents and Settings\Propriétaire\Local Settings\Temp\41exhdda.9.exe\[uPX]" file. 08/06/2007 07:37:57 Propriétaire 1488 Sign of "Win32:Spambot-B [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\55exhm.txt.4.exe\[uPX]" file. 08/06/2007 07:38:01 Propriétaire 1488 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\28exinjs.a9.exe\[uPX]" file. 08/06/2007 07:38:02 Propriétaire 1488 Sign of "Win32:Horst-GZ [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\63exhdda.9.exe\[uPX]" file. 08/06/2007 07:38:06 Propriétaire 1488 Sign of "Win32:Spambot-B [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\63exhm.txt.4.exe\[uPX]" file. 08/06/2007 07:38:08 Propriétaire 1488 Sign of "Win32:Spambot-B [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\60exhm.txt.4.exe\[uPX]" file. 08/06/2007 07:38:10 Propriétaire 1488 Sign of "Win32:Spambot-B [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\21exhm.txt.4.exe\[uPX]" file. 08/06/2007 07:38:11 Propriétaire 1488 Sign of "Win32:Spambot-B [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\79exhm.txt.4.exe\[uPX]" file. 08/06/2007 07:38:13 Propriétaire 1488 Sign of "Win32:Spambot-B [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\62exhm.txt.4.exe\[uPX]" file. 08/06/2007 07:38:14 Propriétaire 1488 Sign of "Win32:Spambot-B [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\84exhm.txt.4.exe\[uPX]" file. 08/06/2007 07:38:16 Propriétaire 1488 Sign of "Win32:Spambot-B [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\98exhm.txt.4.exe\[uPX]" file. 08/06/2007 07:38:17 Propriétaire 1488 Sign of "Win32:Spambot-B [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\81exhm.txt.4.exe\[uPX]" file. 08/06/2007 07:38:19 Propriétaire 1488 Sign of "Win32:Spambot-B [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\46exhm.txt.4.exe\[uPX]" file. 08/06/2007 07:38:20 Propriétaire 1488 Sign of "Win32:Spambot-B [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\73exhm.txt.4.exe\[uPX]" file. 08/06/2007 07:38:22 Propriétaire 1488 Sign of "Win32:Spambot-B [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\90exhm.txt.4.exe\[uPX]" file. 08/06/2007 07:38:24 Propriétaire 1488 Sign of "Win32:Spambot-B [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\65exhm.txt.4.exe\[uPX]" file. 08/06/2007 07:38:26 Propriétaire 1488 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\Documents and Settings\Propriétaire\Local Settings\Temp\65exinjs.a9.exe\[uPX]" file. 08/06/2007 07:59:24 Propriétaire 1488 Sign of "Win32:Horst-GZ [Trj]" has been found in "C:\Program Files\Alwil Software\Avast4\DATA\moved\7exhdda.9.exe.vir\[uPX]" file. 08/06/2007 17:30:19 Propriétaire 1488 Sign of "Win32:Spambot-B [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\9exhm.txt.4.exe\[uPX]" file. 08/06/2007 17:30:44 Propriétaire 1488 Sign of "Win32:Spambot-B [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\44exhm.txt.4.exe\[uPX]" file. 08/06/2007 17:30:45 Propriétaire 1488 Sign of "Win32:Spambot-B [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\98exhm.txt.4.exe\[uPX]" file. 08/06/2007 17:30:48 Propriétaire 1488 Sign of "Win32:Spambot-B [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\86exhm.txt.4.exe\[uPX]" file. 08/06/2007 17:30:53 Propriétaire 1488 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\89exinjs.a9.exe\[uPX]" file. 08/06/2007 17:30:56 Propriétaire 1488 Sign of "Win32:Horst-GZ [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\37exhdda.9.exe\[uPX]" file. 08/06/2007 17:31:01 Propriétaire 1488 Sign of "Win32:Spambot-B [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\89exhm.txt.4.exe\[uPX]" file. 08/06/2007 17:31:03 Propriétaire 1488 Sign of "Win32:Spambot-B [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\42exhm.txt.4.exe\[uPX]" file. 08/06/2007 17:31:04 Propriétaire 1488 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\94exinjs.a9.exe\[uPX]" file. 08/06/2007 17:31:06 Propriétaire 1488 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\74exinjs.a9.exe\[uPX]" file. 08/06/2007 17:31:55 Propriétaire 1488 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\22exinjs.a9.exe\[uPX]" file. 08/06/2007 18:40:44 Propriétaire 1488 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\69exinjs.a9.exe\[uPX]" file. 08/06/2007 19:38:56 Propriétaire 1488 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\80exinjs.a9.exe\[uPX]" file. 08/06/2007 20:05:06 Propriétaire 1488 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\15exinjs.a9.exe\[uPX]" file. 09/06/2007 10:47:24 Propriétaire 1488 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\2exinjs.a9.exe\[uPX]" file. 09/06/2007 10:47:36 Propriétaire 1488 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\75exinjs.a9.exe\[uPX]" file. 09/06/2007 10:47:39 Propriétaire 1488 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\73exinjs.a9.exe\[uPX]" file. 09/06/2007 10:47:41 Propriétaire 1488 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\86exinjs.a9.exe\[uPX]" file. 09/06/2007 10:47:43 Propriétaire 1488 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\47exinjs.a9.exe\[uPX]" file. 09/06/2007 10:47:44 Propriétaire 1488 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\65exinjs.a9.exe\[uPX]" file. 09/06/2007 10:47:46 Propriétaire 1488 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Tempexinjs.a9.exe\[uPX]" file. 09/06/2007 10:47:47 Propriétaire 1488 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\28exinjs.a9.exe\[uPX]" file. 09/06/2007 10:47:49 Propriétaire 1488 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\9exinjs.a9.exe\[uPX]" file. 09/06/2007 10:54:44 Propriétaire 1488 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\24exinjs.a9.exe\[uPX]" file.
  8. je viens de trouver le probleme,il faut tt simplement les transferer!!! pas facile de savoir lire... désole de t'avoir fait perdre ton temps!!
  9. simplement mon dvd contient des videos (format divix) et des fichiers word et je ne peux pas les enr sur DD. En fait je ne peux pas faire ni de déplacement,ni de copier coller... il doit exixter une soluc tres simple ...merci
  10. petit pb de récup de dossier word et vidéo sauvegardés sur un dvd. je voudrais les enregister sur DD........merci
  11. bonjour, voila mon ordi depuis 2/3 jours est incroyablement lent des que j'ouvre un fichier video (DIVX,DVD....) il apparait en bas une icone en forme de bande super8:ogg directshow filter. voici le rapport hiijack.j'ai fais plusieurs scans avec AD aware et Spybot...mais il est tjrs présent!!! Logfile of HijackThis v1.99.1 Scan saved at 14:02:36, on 11/11/2006 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\System32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Inventel\Gateway\wlancfg.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\windows\system\hpsysdrv.exe C:\Program Files\HP\Digital Imaging\Unload\hpqcmon.exe C:\WINDOWS\System32\hphmon05.exe C:\HP\KBD\KBD.EXE C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Program Files\Multimedia Card Reader\shwicon2k.exe C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe C:\WINDOWS\System32\LVCOMSX.EXE C:\WINDOWS\System32\ctfmon.exe C:\PROGRA~1\HPPAVI~1\Pavilion\XPHWWBP4\plugin\bin\pchbutton.exe C:\Program Files\eMule\emule.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\WinRAR\WinRAR.exe C:\DOCUME~1\PROPRI~1.DAV\LOCALS~1\Temp\Rar$EX00.907\HijackThis.exe O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O3 - Toolbar: Vue HP - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\hpdtlk02.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe O4 - HKLM\..\Run: [CamMonitor] c:\Program Files\HP\Digital Imaging\Unload\hpqcmon.exe O4 - HKLM\..\Run: [HPHUPD05] c:\Program Files\HP\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\System32\hphmon05.exe O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE O4 - HKLM\..\Run: [updateManager] "C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe" /r O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect O4 - HKLM\..\Run: [VTTimer] VTTimer.exe O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [sunkist2k] C:\Program Files\Multimedia Card Reader\shwicon2k.exe O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\System32\LVCOMSX.EXE O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook O4 - HKCU\..\Run: [Acme.PCHButton] C:\PROGRA~1\HPPAVI~1\Pavilion\XPHWWBP4\plugin\bin\pchbutton.exe O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\shdocvw.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\shdocvw.dll O9 - Extra button: Outpost Firewall Pro Quick Tune - {44627E97-789B-40d4-B5C2-58BD171129A1} - C:\WINDOWS\System32\shdocvw.dll O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing) O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: Service de lancement de WlanCfg (Wlancfg) - Inventel - C:\Program Files\Inventel\Gateway\wlancfg.exe MERCI!!!!!!!
  12. dave36

    fichier .rar

    merci pour conseils avisés...winrar semble fonctionner!! s'utilise comme un zip..en archivage donc pas de gros soucis finalement.. bonne soirée..
  13. dave36

    fichier .rar

    bonjour je n'arrive pas a exploiter les fich.rar faut il utiliser Winrar? c'est un fichier pour installer un lecteur DVD complet! (traduction,ss titres accessibles...) merci
  14. merci pour ces conseils precieux et le nettoyage effectué!! une partie des configs prises (anti vir) ton avis sur outpost firewall??? difficile a configurer mais semble efficace.
  15. VOICI LES RAPPORTS: 18/04/2006 16:31:21,59 Can't open Registry key HKLM\SYSTEM\ControlSet002\Enum\Root\LEGACY_NTLOAD: 2 - Le fichier spécifié est introuvable. Can't open Registry key HKLM\SYSTEM\ControlSet002\Services\NTLOAD: 2 - Le fichier spécifié est introuvable. Can't open Registry key HKLM\SYSTEM\ControlSet003\Enum\Root\LEGACY_NTLOAD: 2 - Le fichier spécifié est introuvable. Can't open Registry key HKLM\SYSTEM\ControlSet003\Services\NTLOAD: 2 - Le fichier spécifié est introuvable. Can't open Registry key HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_NTLOAD: 2 - Le fichier spécifié est introuvable. Can't open Registry key HKLM\SYSTEM\CurrentControlSet\Services\NTLOAD: 2 - Le fichier spécifié est introuvable. Can't open Registry key HKLM\SYSTEM\ControlSet002\Enum\Root\LEGACY_NTSVCMGR: 2 - Le fichier spécifié est introuvable. Can't open Registry key HKLM\SYSTEM\ControlSet002\Services\NTSVCMGR: 2 - Le fichier spécifié est introuvable. Can't open Registry key HKLM\SYSTEM\ControlSet003\Enum\Root\LEGACY_NTSVCMGR: 2 - Le fichier spécifié est introuvable. Can't open Registry key HKLM\SYSTEM\ControlSet003\Services\NTSVCMGR: 2 - Le fichier spécifié est introuvable. Can't open Registry key HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_NTSVCMGR: 2 - Le fichier spécifié est introuvable. Can't open Registry key HKLM\SYSTEM\CurrentControlSet\Services\NTSVCMGR: 2 - Le fichier spécifié est introuvable. Can't open Registry key HKLM\SYSTEM\ControlSet002\Enum\Root\LEGACY_NTBOOT: 2 - Le fichier spécifié est introuvable. Can't open Registry key HKLM\SYSTEM\ControlSet002\Services\NTBOOT: 2 - Le fichier spécifié est introuvable. Can't open Registry key HKLM\SYSTEM\ControlSet003\Enum\Root\LEGACY_NTBOOT: 2 - Le fichier spécifié est introuvable. Can't open Registry key HKLM\SYSTEM\ControlSet003\Services\NTBOOT: 2 - Le fichier spécifié est introuvable. Can't open Registry key HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_NTBOOT: 2 - Le fichier spécifié est introuvable. Can't open Registry key HKLM\SYSTEM\CurrentControlSet\Services\NTBOOT: 2 - Le fichier spécifié est introuvable. ========== Effacement de ControlSet002\Enum\Root\LEGACY_NTLOAD Erreur : le système n'a pas pu trouver la clé ou la valeur de Registre spécifiée .... Effacement de ControlSet002\Services\NTLOAD Erreur : le système n'a pas pu trouver la clé ou la valeur de Registre spécifiée .... Effacement de ControlSet003\Enum\Root\LEGACY_NTLOAD Erreur : le système n'a pas pu trouver la clé ou la valeur de Registre spécifiée .... Effacement de ControlSet003\Services\NTLOAD Erreur : le système n'a pas pu trouver la clé ou la valeur de Registre spécifiée .... Effacement de CurrentControlSet\Enum\Root\LEGACY_NTLOAD Erreur : le système n'a pas pu trouver la clé ou la valeur de Registre spécifiée .... Effacement de CurrentControlSet\Services\NTLOAD Erreur : le système n'a pas pu trouver la clé ou la valeur de Registre spécifiée .... Effacement de ControlSet002\Enum\Root\LEGACY_NTSVCMGR Erreur : le système n'a pas pu trouver la clé ou la valeur de Registre spécifiée .... Effacement de ControlSet002\Services\NTSVCMGR Erreur : le système n'a pas pu trouver la clé ou la valeur de Registre spécifiée .... Effacement de ControlSet003\Enum\Root\LEGACY_NTSVCMGR Erreur : le système n'a pas pu trouver la clé ou la valeur de Registre spécifiée .... Effacement de ControlSet003\Services\NTSVCMGR Erreur : le système n'a pas pu trouver la clé ou la valeur de Registre spécifiée .... Effacement de CurrentControlSet\Enum\Root\LEGACY_NTSVCMGR Erreur : le système n'a pas pu trouver la clé ou la valeur de Registre spécifiée .... Effacement de CurrentControlSet\Services\NTSVCMGR Erreur : le système n'a pas pu trouver la clé ou la valeur de Registre spécifiée .... Effacement de ControlSet002\Enum\Root\LEGACY_NTBOOT Erreur : le système n'a pas pu trouver la clé ou la valeur de Registre spécifiée .... Effacement de ControlSet002\Services\NTBOOT Erreur : le système n'a pas pu trouver la clé ou la valeur de Registre spécifiée .... Effacement de ControlSet003\Enum\Root\LEGACY_NTBOOT Erreur : le système n'a pas pu trouver la clé ou la valeur de Registre spécifiée .... Effacement de ControlSet003\Services\NTBOOT Erreur : le système n'a pas pu trouver la clé ou la valeur de Registre spécifiée .... Effacement de CurrentControlSet\Enum\Root\LEGACY_NTBOOT Erreur : le système n'a pas pu trouver la clé ou la valeur de Registre spécifiée .... Effacement de CurrentControlSet\Services\NTBOOT Erreur : le système n'a pas pu trouver la clé ou la valeur de Registre spécifiée .... ------------------------------------------------------------------------------------------- REGEDIT4 ; Registry Search 2.0 by Bobbi Flekman © 2005 ; Version: 2.0.0.1 ; Results at 18/04/2006 18:04:15 for strings: ; 'ntboot' ; 'ntload' ; 'ntsvcmgr' ; Strings excluded from search: ; (None) ; Search in: ; Registry Keys Registry Values Registry Data ; HKEY_LOCAL_MACHINE HKEY_USERS [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DC5DA001-7CD4-11D2-8ED9-D8C857F98FE3}\ProgID] @="CorTransientLoader.CorLoad.1" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DC5DA001-7CD4-11D2-8ED9-D8C857F98FE3}\VersionIndependentProgID] @="CorTransientLoader.CorLoad" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CorTransientLoader.CorLoad] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CorTransientLoader.CorLoad\CLSID] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CorTransientLoader.CorLoad.1] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CorTransientLoader.CorLoad.1\CLSID] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\GRE_Initialize] "DisableRemoteFontBootCache"=dword:00000000 ; End Of The Log... -------------------------------------------------------------------------------------------------------- bon courage pour le taf..........a +
×
×
  • Créer...