Aller au contenu

  • Pas encore inscrit ?

    Pourquoi ne pas vous inscrire ? C'est simple, rapide et gratuit.
    Pour en savoir plus, lisez Les avantages de l'inscription... et la Charte de Zébulon.
    De plus, les messages que vous postez en tant qu'invité restent invisibles tant qu'un modérateur ne les a pas validés. Inscrivez-vous, ce sera un gain de temps pour tout le monde, vous, les helpeurs et les modérateurs ! :wink:

PC infecté et lent

dave36

Par dave36
dans Analyses et éradication malwares

 Partager

Messages recommandés

dave36 Member

dave36

Posté(e)
Posté(e)

Voici le rapport hijack en espérant que la chose avance;

a noter que j'ai déjà lancé spybot, ad aware , spyware terminator et a-square ss reel succès....les messages du PC infesté réapparaissent ss arrêt avec la protection avast!!! je les met en quarantaine mais ils se réactivent avec un logiciel mais lequel?

Merci de votre aide

 

 

RAPPORT

-----------

Logfile of HijackThis v1.99.1

Scan saved at 11:18:39, on 09/06/2007

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16441)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

C:\Program Files\Alwil Software\Avast4\ashServ.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\Explorer.EXE

C:\windows\system\hpsysdrv.exe

C:\Program Files\HP\Digital Imaging\Unload\hpqcmon.exe

C:\WINDOWS\System32\hphmon05.exe

C:\HP\KBD\KBD.EXE

C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe

C:\Program Files\Multimedia Card Reader\shwicon2k.exe

C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Inventel\Gateway\wlancfg.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\ATI Multimedia\main\ATIDtct.EXE

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

C:\Program Files\Alwil Software\Avast4\ashWebSv.exe

c:\program files\a-squared free\a2service.exe

C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe

C:\Program Files\Spyware Terminator\sp_rsser.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\WinRAR\WinRAR.exe

C:\Program Files\WinRAR\WinRAR.exe

C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\Rar$EX00.063\HijackThis.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr10.hpwis.com/

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://srch-fr10.hpwis.com/

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://srch-fr10.hpwis.com/

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://srch-fr10.hpwis.com/

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr10.hpwis.com/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://srch-fr10.hpwis.com/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://fr10.hpwis.com/

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O3 - Toolbar: Vue HP - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\hpdtlk02.dll

O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe

O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe

O4 - HKLM\..\Run: [CamMonitor] c:\Program Files\HP\Digital Imaging\Unload\hpqcmon.exe

O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\System32\hphmon05.exe

O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE

O4 - HKLM\..\Run: [updateManager] "C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe" /r

O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect

O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE

O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe

O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe

O4 - HKLM\..\Run: [sunkist2k] C:\Program Files\Multimedia Card Reader\shwicon2k.exe

O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

O4 - HKLM\..\Run: [.nvsvc] C:\WINDOWS\system\smss.exe /w

O4 - HKLM\..\Run: [spywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"

O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook

O4 - HKCU\..\Run: [ATI Launchpad] "C:\Program Files\ATI Multimedia\main\launchpd.exe"

O4 - HKCU\..\Run: [ATI DeviceDetect] C:\Program Files\ATI Multimedia\main\ATIDtct.EXE

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - Startup: TribalWeb.lnk = C:\Program Files\TribalWeb.net\tribalweb.exe

O4 - Startup: TribalWeb.net.lnk = C:\Program Files\TribalWeb.net\tribalweb.exe

O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\shdocvw.dll

O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\shdocvw.dll

O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\WINDOWS\System32\shdocvw.dll

O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\WINDOWS\System32\shdocvw.dll

O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)

O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O11 - Options group: [iNTERNATIONAL] International*

O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.zebulon.fr/scan8/oscan8.cab

O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{8B695DA3-02B2-4DBC-8485-2F92D380EB62}: NameServer = 80.10.246.2,80.10.246.129

O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL

O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll

O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll

O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll

O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - c:\program files\a-squared free\a2service.exe

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe

O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe

O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe

O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)

O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)

O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe

O23 - Service: Spyware Terminator Clam Service (sp_clamsrv) - Crawler.com - C:\Program Files\WinClamAVShield\sp_clamsrv.exe

O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe

O23 - Service: Service de lancement de WlanCfg (Wlancfg) - Inventel - C:\Program Files\Inventel\Gateway\wlancfg.exe

-----------------------------------------

et le rapport AVAST

------------------------------------------

 

11/11/2006 23:30:11 SYSTEM 1476 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.emule-paradise.com/fiche/dl.php?id=91606 (C:\WINDOWS\TEMP\_avast4_\unp40820066.tmp) returning error, 0000A474.

11/11/2006 23:30:22 SYSTEM 1476 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.emule-paradise.com/fiche/dl.php?id=91607 (C:\WINDOWS\TEMP\_avast4_\unp59612138.tmp) returning error, 0000A474.

11/11/2006 23:30:41 SYSTEM 1476 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.emule-paradise.com/fiche/dl.php?id=91608 (C:\WINDOWS\TEMP\_avast4_\unp34382099.tmp) returning error, 0000A474.

11/11/2006 23:31:00 SYSTEM 1476 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.emule-paradise.com/fiche/dl.php?id=91609 (C:\WINDOWS\TEMP\_avast4_\unp52262353.tmp) returning error, 0000A474.

11/11/2006 23:31:16 SYSTEM 1476 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.emule-paradise.com/fiche/dl.php?id=91611 (C:\WINDOWS\TEMP\_avast4_\unp75903221.tmp) returning error, 0000A474.

11/11/2006 23:31:36 SYSTEM 1476 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.emule-paradise.com/fiche/dl.php?id=91613 (C:\WINDOWS\TEMP\_avast4_\unp190105714.tmp) returning error, 0000A474.

11/11/2006 23:32:35 SYSTEM 1476 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.emule-paradise.com/fiche/dl.php?id=91602 (C:\WINDOWS\TEMP\_avast4_\unp176444513.tmp) returning error, 0000A474.

11/11/2006 23:32:43 SYSTEM 1476 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.emule-paradise.com/fiche/dl.php?id=91603 (C:\WINDOWS\TEMP\_avast4_\unp146539080.tmp) returning error, 0000A474.

11/11/2006 23:33:50 SYSTEM 1476 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.emule-paradise.com/fiche/dl.php?id=91699 (C:\WINDOWS\TEMP\_avast4_\unp162661017.tmp) returning error, 0000A474.

11/11/2006 23:33:59 SYSTEM 1476 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.emule-paradise.com/fiche/dl.php?id=91700 (C:\WINDOWS\TEMP\_avast4_\unp140991741.tmp) returning error, 0000A474.

11/11/2006 23:34:17 SYSTEM 1476 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.emule-paradise.com/fiche/dl.php?id=91702 (C:\WINDOWS\TEMP\_avast4_\unp176792088.tmp) returning error, 0000A474.

11/11/2006 23:36:38 SYSTEM 1476 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.emule-paradise.com/fiche/dl.php?id=87225 (C:\WINDOWS\TEMP\_avast4_\unp32559713.tmp) returning error, 0000A474.

11/11/2006 23:39:54 SYSTEM 1476 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.axabanque.fr/Design/pave_client.jpg (C:\WINDOWS\TEMP\_avast4_\unp168010316.tmp) returning error, 0000A474.

11/11/2006 23:40:27 SYSTEM 1476 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.bnpparibas.net/banque/PA_1_0_CH...ts/weboscope.js (C:\WINDOWS\TEMP\_avast4_\unp218692237.tmp) returning error, 0000A474.

11/11/2006 23:40:53 SYSTEM 1476 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.pajemploi.urssaf.fr/js/menus.js (C:\WINDOWS\TEMP\_avast4_\unp120405866.tmp) returning error, 0000A474.

11/11/2006 23:41:56 SYSTEM 1476 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.isobourse.com/forum/topics_anyw...yCnbHB0pw%3D%3D (C:\WINDOWS\TEMP\_avast4_\unp113677812.tmp) returning error, 0000A474.

11/11/2006 23:42:27 SYSTEM 1476 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://media.mediaplazza.com/t_15/64x64/031024espagne.jpg (C:\WINDOWS\TEMP\_avast4_\unp219568388.tmp) returning error, 0000A474.

11/11/2006 23:42:27 SYSTEM 1476 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://media.mediaplazza.com/t_15/64x64/031024france.jpg (C:\WINDOWS\TEMP\_avast4_\unp17721867.tmp) returning error, 0000A474.

11/11/2006 23:42:27 SYSTEM 1476 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.divxovore.com/ (C:\WINDOWS\TEMP\_avast4_\unp18732984.tmp) returning error, 0000A474.

11/11/2006 23:51:30 SYSTEM 1476 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.smartadserver.com/a/108544/show...200555708/R=0/* (C:\WINDOWS\TEMP\_avast4_\unp213457457.tmp) returning error, 0000A474.

11/11/2006 23:51:50 SYSTEM 1476 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://pagead2.googlesyndication.com/pagea...00040&color (C:\WINDOWS\TEMP\_avast4_\unp224594847.tmp) returning error, 0000A474.

11/11/2006 23:51:54 SYSTEM 1476 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.zebulon.fr/scripts/top_product_b.js (C:\WINDOWS\TEMP\_avast4_\unp206035743.tmp) returning error, 0000A474.

11/11/2006 23:52:19 SYSTEM 1476 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.pagesjaunes.fr/files/look2002/F...n/script_VED.js (C:\WINDOWS\TEMP\_avast4_\unp64283649.tmp) returning error, 0000A474.

12/11/2006 10:55:15 SYSTEM 1476 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://pagead2.googlesyndication.com/pagea...1280&u_cd=3 (C:\WINDOWS\TEMP\_avast4_\unp177305234.tmp) returning error, 0000A474.

12/11/2006 10:55:20 SYSTEM 1476 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://cartes.01net.com/image.php?id_img=662 (C:\WINDOWS\TEMP\_avast4_\unp174170291.tmp) returning error, 0000A474.

12/11/2006 10:55:29 SYSTEM 1476 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://cartes.01net.com/image.php?id_img=662 (C:\WINDOWS\TEMP\_avast4_\unp137799595.tmp) returning error, 0000A474.

12/11/2006 10:56:25 SYSTEM 1476 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://pagead2.googlesyndication.com/pagea...urs_et_decodeur (C:\WINDOWS\TEMP\_avast4_\unp118201043.tmp) returning error, 0000A474.

12/11/2006 10:56:26 SYSTEM 1476 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.smartadserver.com/82218/show23....57;5528464131;S (C:\WINDOWS\TEMP\_avast4_\unp119905687.tmp) returning error, 0000A474.

12/11/2006 10:57:11 SYSTEM 1476 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.smartadserver.com/82218/show23....57;3199787193;S (C:\WINDOWS\TEMP\_avast4_\unp55713972.tmp) returning error, 0000A474.

12/11/2006 12:20:41 Propriétaire 1500 AAVM - scanning warning: x_AavmCheckFileDirectEx [uNI]: C:\WINDOWS\System32\ICMP.DLL (C:\WINDOWS\System32\ICMP.DLL) returning error, 0000A474.

12/11/2006 12:20:49 Propriétaire 1500 AAVM - scanning warning: x_AavmCheckFileDirectEx [uNI]: C:\WINDOWS\System32\sfc.dll (C:\WINDOWS\System32\sfc.dll) returning error, 0000A474.

12/11/2006 12:21:36 Propriétaire 1500 AAVM - scanning warning: x_AavmCheckFileDirectEx [uNI]: C:\WINDOWS\System32\KsUser.dll (C:\WINDOWS\System32\KsUser.dll) returning error, 0000A474.

12/11/2006 12:23:02 Propriétaire 1500 AAVM - scanning warning: x_AavmCheckFileDirectEx [uNI]: C:\Documents and Settings\Propriétaire\Application Data\Microsoft\Internet Explorer\Desktop.htt (C:\Documents and Settings\Propriétaire\Application Data\Microsoft\Internet Explorer\Desktop.htt) returning error, 0000A474.

12/11/2006 12:35:12 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://pagead2.googlesyndication.com/pagead/show_ads.js (C:\WINDOWS\TEMP\_avast4_\unp117749737.tmp) returning error, 0000A474.

12/11/2006 12:35:20 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.smartadserver.com/82218/show23....57;5803526892;S (C:\WINDOWS\TEMP\_avast4_\unp74772100.tmp) returning error, 0000A474.

12/11/2006 12:35:22 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.01net.com/img/v5/MEA/MEA_Securite.jpg (C:\WINDOWS\TEMP\_avast4_\unp34743391.tmp) returning error, 0000A474.

12/11/2006 12:36:13 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.smartadserver.com/call/pubj/177...748640759/intru? (C:\WINDOWS\TEMP\_avast4_\unp78081692.tmp) returning error, 0000A474.

12/11/2006 12:36:14 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.boursorama.com/menu/menu_gen_media.js (C:\WINDOWS\TEMP\_avast4_\unp78330647.tmp) returning error, 0000A474.

12/11/2006 12:36:14 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.smartadserver.com/109298/show0....757;748640759;S (C:\WINDOWS\TEMP\_avast4_\unp79469059.tmp) returning error, 0000A474.

12/11/2006 12:38:48 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.smartadserver.com/113593/show0....57;5221438615;M (C:\WINDOWS\TEMP\_avast4_\unp202816619.tmp) returning error, 0000A474.

12/11/2006 12:38:54 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.boursorama.com/pub/lienssponsorises.html (C:\WINDOWS\TEMP\_avast4_\unp210413257.tmp) returning error, 0000A474.

12/11/2006 12:38:57 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.smartadserver.com/113604/show0....57;2570888612;M (C:\WINDOWS\TEMP\_avast4_\unp210939664.tmp) returning error, 0000A474.

12/11/2006 12:38:58 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.smartadserver.com/109298/show0....57;2570888612;S (C:\WINDOWS\TEMP\_avast4_\unp205752609.tmp) returning error, 0000A474.

12/11/2006 12:39:33 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.smartadserver.com/109598/show1....57;7349999370;M (C:\WINDOWS\TEMP\_avast4_\unp17726103.tmp) returning error, 0000A474.

12/11/2006 12:42:07 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://eur.i1.yimg.com/java.europe.yahoo.c...a/brandpanel.js (C:\WINDOWS\TEMP\_avast4_\unp229421158.tmp) returning error, 0000A474.

12/11/2006 12:42:10 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://eur.a1.yimg.com/eur.yimg.com/a/fr/h...olvignette1.jpg (C:\WINDOWS\TEMP\_avast4_\unp201833748.tmp) returning error, 0000A474.

12/11/2006 12:43:00 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://uk.adserver.yahoo.com/a?f=150501014...mp;t=1163331775 (C:\WINDOWS\TEMP\_avast4_\unp95307999.tmp) returning error, 0000A474.

12/11/2006 12:43:08 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://uk.adserver.yahoo.com/a?f=150501014...mp;t=1163331775 (C:\WINDOWS\TEMP\_avast4_\unp76787771.tmp) returning error, 0000A474.

12/11/2006 12:43:17 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://uk.adserver.yahoo.com/a?f=150501152...mp;t=1163331794 (C:\WINDOWS\TEMP\_avast4_\unp87325903.tmp) returning error, 0000A474.

12/11/2006 12:43:23 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://eur.a1.yimg.com/java.europe.yahoo.c...js/sp2flash7.js (C:\WINDOWS\TEMP\_avast4_\unp94446820.tmp) returning error, 0000A474.

12/11/2006 12:44:45 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://eur.a1.yimg.com/java.europe.yahoo.c...edatis010705.js (C:\WINDOWS\TEMP\_avast4_\unp186110990.tmp) returning error, 0000A474.

12/11/2006 12:44:55 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://eur.a1.yimg.com/eur.yimg.com/a/fr/h...olvignette1.jpg (C:\WINDOWS\TEMP\_avast4_\unp82470292.tmp) returning error, 0000A474.

12/11/2006 12:46:05 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://hm.msn.com/c/hotmail/N/1036/header....mp;x=4.0.5610.0 (C:\WINDOWS\TEMP\_avast4_\unp192924264.tmp) returning error, 0000A474.

12/11/2006 12:46:49 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://by108fd.bay108.hotmail.msn.com/cgi-...___10210002F.js (C:\WINDOWS\TEMP\_avast4_\unp194326473.tmp) returning error, 0000A474.

12/11/2006 12:47:13 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://view.atdmt.com/AMF/iview/msnnkmfr00...i.600/01?click= (C:\WINDOWS\TEMP\_avast4_\unp149020595.tmp) returning error, 0000A474.

12/11/2006 12:47:56 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://by108fd.bay108.hotmail.msn.com/cgi-...___10210002F.js (C:\WINDOWS\TEMP\_avast4_\unp171140696.tmp) returning error, 0000A474.

12/11/2006 13:59:37 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://eur.i1.yimg.com/eur.yimg.com/i/fr/sp/foot18.jpg (C:\WINDOWS\TEMP\_avast4_\unp163596082.tmp) returning error, 0000A474.

12/11/2006 14:00:08 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://media1.fnacmusic.com/EiLp2ZKiVGQyAj...-3ugvJf3Ps7nF9w (C:\WINDOWS\TEMP\_avast4_\unp144762779.tmp) returning error, 0000A474.

12/11/2006 14:00:09 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://media1.fnacmusic.com/IRGcrOfX-c0IOF...p_crg6o2-qKITIQ (C:\WINDOWS\TEMP\_avast4_\unp187214074.tmp) returning error, 0000A474.

12/11/2006 14:00:11 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://media1.fnacmusic.com/i7svH2ZW0eGCsn..._-s7e1GZUoatHdQ (C:\WINDOWS\TEMP\_avast4_\unp217351828.tmp) returning error, 0000A474.

12/11/2006 14:00:13 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://media1.fnacmusic.com/2emCsjoKWmr3x9...-4ND995OhWVMXJQ (C:\WINDOWS\TEMP\_avast4_\unp148242987.tmp) returning error, 0000A474.

12/11/2006 14:00:14 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://media1.fnacmusic.com/xfUJOWxc88NNfR...Ax-TT2TQGjIZmVA (C:\WINDOWS\TEMP\_avast4_\unp211834414.tmp) returning error, 0000A474.

12/11/2006 14:00:15 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.fnacmusic.com/images/left/nouv_0.jpg (C:\WINDOWS\TEMP\_avast4_\unp160002588.tmp) returning error, 0000A474.

12/11/2006 14:00:16 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://media1.fnacmusic.com/OAgSIubW0_PO-h...Fyf11f6iah41uXA (C:\WINDOWS\TEMP\_avast4_\unp210163785.tmp) returning error, 0000A474.

12/11/2006 14:00:17 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://media1.fnacmusic.com/bFzr24S0uIgTIw...f_8i3vQQ2fHaygA (C:\WINDOWS\TEMP\_avast4_\unp167714392.tmp) returning error, 0000A474.

12/11/2006 14:00:18 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://media1.fnacmusic.com/ECDh0WZWopJWZn...gT3fj6RIgq6ERIw (C:\WINDOWS\TEMP\_avast4_\unp212916893.tmp) returning error, 0000A474.

12/11/2006 14:00:19 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://media1.fnacmusic.com/0eGXp_XVCTmOvj...BoZGIgh0vgYtsXg (C:\WINDOWS\TEMP\_avast4_\unp209964273.tmp) returning error, 0000A474.

12/11/2006 14:00:20 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://media1.fnacmusic.com/U2MHN2FRckLo2L...30OWakKqYd336yA (C:\WINDOWS\TEMP\_avast4_\unp155977359.tmp) returning error, 0000A474.

12/11/2006 14:00:20 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://media1.fnacmusic.com/0eGsnBgoyvo-Dw...GKBAdFy0foqjm1A (C:\WINDOWS\TEMP\_avast4_\unp157208692.tmp) returning error, 0000A474.

12/11/2006 14:00:22 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://media1.fnacmusic.com/Dj5yQiUV4tJpWf...8Q3t9dxAiT0Xr2Q (C:\WINDOWS\TEMP\_avast4_\unp151834778.tmp) returning error, 0000A474.

12/11/2006 14:00:23 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://media1.fnacmusic.com/rZ26iv3NgrLE9A...D2us3PTYEv7X8zg (C:\WINDOWS\TEMP\_avast4_\unp154197861.tmp) returning error, 0000A474.

12/11/2006 14:00:23 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://media1.fnacmusic.com/ekr7y6WV2emerg...u_cm-tayefnRwQg (C:\WINDOWS\TEMP\_avast4_\unp153514106.tmp) returning error, 0000A474.

12/11/2006 14:00:27 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://media1.fnacmusic.com/iLgRIeDQfk5YaN...ockIEDiASFB7j0Q (C:\WINDOWS\TEMP\_avast4_\unp259089131.tmp) returning error, 0000A474.

12/11/2006 14:00:29 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://media1.fnacmusic.com/ekr0xENzSnr1xR...mUGP48jMByMIHNQ (C:\WINDOWS\TEMP\_avast4_\unp252888594.tmp) returning error, 0000A474.

12/11/2006 14:00:30 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://media1.fnacmusic.com/q5uRobmJTHwdLU...3rp_qoHxOd32gkg (C:\WINDOWS\TEMP\_avast4_\unp12849510.tmp) returning error, 0000A474.

12/11/2006 14:00:35 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.fnacmusic.com/Images/playlist/d...lackinusa_p.jpg (C:\WINDOWS\TEMP\_avast4_\unp16519598.tmp) returning error, 0000A474.

12/11/2006 14:00:55 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.fnacmusic.com/images/left/top_1.jpg (C:\WINDOWS\TEMP\_avast4_\unp238403002.tmp) returning error, 0000A474.

12/11/2006 14:01:09 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.fnacmusic.com/images/navigation/recherche.jpg (C:\WINDOWS\TEMP\_avast4_\unp235920900.tmp) returning error, 0000A474.

12/11/2006 14:01:29 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://media1.fnacmusic.com/KRmZqaKSeUnywo...WJhbMxmZUWVO1hw (C:\WINDOWS\TEMP\_avast4_\unp153453440.tmp) returning error, 0000A474.

12/11/2006 14:01:33 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.fnacmusic.com/Images/playlist/I...es/neons2_p.jpg (C:\WINDOWS\TEMP\_avast4_\unp216098775.tmp) returning error, 0000A474.

12/11/2006 14:03:49 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.fnacmusic.com/images/left/top_1.jpg (C:\WINDOWS\TEMP\_avast4_\unp218732245.tmp) returning error, 0000A474.

12/11/2006 14:05:40 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.fnacmusic.com/Images/playlist/d...nces_jazz_p.jpg (C:\WINDOWS\TEMP\_avast4_\unp95478843.tmp) returning error, 0000A474.

12/11/2006 14:05:41 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://media1.fnacmusic.com/ADApGa2d2en4yI...MEyNPRWRW9P4oGg (C:\WINDOWS\TEMP\_avast4_\unp95743187.tmp) returning error, 0000A474.

12/11/2006 14:05:42 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://media1.fnacmusic.com/IREwACQUGCiUpA...JCjI0PoW3hoyWpA (C:\WINDOWS\TEMP\_avast4_\unp259434015.tmp) returning error, 0000A474.

12/11/2006 14:06:11 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://media1.fnacmusic.com/3_9yQsn5RnawgI...10OP58yIQ6OJWZA (C:\WINDOWS\TEMP\_avast4_\unp256901193.tmp) returning error, 0000A474.

12/11/2006 14:06:14 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://media1.fnacmusic.com/AzNQYHNDsoJYaD...6y-O4stLgJixrWQ (C:\WINDOWS\TEMP\_avast4_\unp236639477.tmp) returning error, 0000A474.

12/11/2006 14:06:14 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://media1.fnacmusic.com/Wmq6inlJEyN9TQ...mADlRWwU3XVeikA (C:\WINDOWS\TEMP\_avast4_\unp261453217.tmp) returning error, 0000A474.

12/11/2006 14:06:14 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://media1.fnacmusic.com/PAxUZFhosYFGdq...Fe0jf1X9NyMLi0A (C:\WINDOWS\TEMP\_avast4_\unp262397083.tmp) returning error, 0000A474.

12/11/2006 14:06:15 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://media1.fnacmusic.com/w-ONvfnJy-v-z9...crZ_zuf-Ni4FwQg (C:\WINDOWS\TEMP\_avast4_\unp236383818.tmp) returning error, 0000A474.

12/11/2006 14:06:15 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://media1.fnacmusic.com/0eGAsDcHb1-T45...OMAaSmBYkHBY2BA (C:\WINDOWS\TEMP\_avast4_\unp239212083.tmp) returning error, 0000A474.

12/11/2006 14:09:00 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.fnacmusic.com/images/left/top_1.jpg (C:\WINDOWS\TEMP\_avast4_\unp190189764.tmp) returning error, 0000A474.

12/11/2006 14:09:26 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.fnacmusic.com/images/left/them_1.jpg (C:\WINDOWS\TEMP\_avast4_\unp250959075.tmp) returning error, 0000A474.

12/11/2006 14:09:29 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.fnacmusic.com/Images/navigation/Compils_01.jpg (C:\WINDOWS\TEMP\_avast4_\unp73513130.tmp) returning error, 0000A474.

12/11/2006 14:09:31 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://media1.fnacmusic.com/DT2-j7eH4NB5Sa...cg7FxezIAMTtuXA (C:\WINDOWS\TEMP\_avast4_\unp73742250.tmp) returning error, 0000A474.

12/11/2006 14:09:34 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://media1.fnacmusic.com/Nwe6ikR0qposHP...K8sWWnObUHxUcLg (C:\WINDOWS\TEMP\_avast4_\unp265906578.tmp) returning error, 0000A474.

12/11/2006 14:09:36 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://media1.fnacmusic.com/EiIFNb_P3OzJ_d...oiL3DyWpYxM4wAg (C:\WINDOWS\TEMP\_avast4_\unp264847659.tmp) returning error, 0000A474.

12/11/2006 14:09:40 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://media1.fnacmusic.com/7Nz1xbCAHi6QoP...5RXNdV3FDWlCygA (C:\WINDOWS\TEMP\_avast4_\unp46723880.tmp) returning error, 0000A474.

12/11/2006 14:09:41 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://media1.fnacmusic.com/98c0BMr6AjJwQO...lb16Nh9-t--WKuA (C:\WINDOWS\TEMP\_avast4_\unp35360873.tmp) returning error, 0000A474.

12/11/2006 14:10:33 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://media1.fnacmusic.com/6totHe7eVGQwAM...qLRRdVwo4vLZSYA (C:\WINDOWS\TEMP\_avast4_\unp121131730.tmp) returning error, 0000A474.

12/11/2006 14:10:43 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://media1.fnacmusic.com/oJBfb7mJ98eAsG...gGiizuToIo6ni0A (C:\WINDOWS\TEMP\_avast4_\unp224147170.tmp) returning error, 0000A474.

12/11/2006 14:12:42 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.fnacmusic.com/images/left/play_1.jpg (C:\WINDOWS\TEMP\_avast4_\unp223541831.tmp) returning error, 0000A474.

12/11/2006 14:17:31 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.fnacmusic.com//Images/playlist/...nces_jazz_p.jpg (C:\WINDOWS\TEMP\_avast4_\unp66184699.tmp) returning error, 0000A474.

12/11/2006 14:18:06 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://media1.fnacmusic.com/wfFEdK6eJhbh0d...MESiMhhspj4VxQw (C:\WINDOWS\TEMP\_avast4_\unp138171298.tmp) returning error, 0000A474.

12/11/2006 14:19:51 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.fnacmusic.com/images/left/top_1.jpg (C:\WINDOWS\TEMP\_avast4_\unp224003647.tmp) returning error, 0000A474.

12/11/2006 14:20:30 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://media1.fnacmusic.com/dER5SfLCGyuYqN...ucUcpI6aUf3VnVQ (C:\WINDOWS\TEMP\_avast4_\unp55147396.tmp) returning error, 0000A474.

12/11/2006 14:20:33 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://media1.fnacmusic.com/3u4PPyISSHgQIB...6PggwOiIQVlywgg (C:\WINDOWS\TEMP\_avast4_\unp65862374.tmp) returning error, 0000A474.

12/11/2006 14:21:07 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://media1.fnacmusic.com/xPSWppGhQ3N8TE...79M0ZE3tJZmxrWQ (C:\WINDOWS\TEMP\_avast4_\unp174678917.tmp) returning error, 0000A474.

12/11/2006 14:21:39 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://media1.fnacmusic.com/uIg-D21dzf0hER...fXW1RW5upiYN0Rg (C:\WINDOWS\TEMP\_avast4_\unp157493276.tmp) returning error, 0000A474.

12/11/2006 14:22:00 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.fnacmusic.com/Images/navigation...teFrancaise.jpg (C:\WINDOWS\TEMP\_avast4_\unp64997194.tmp) returning error, 0000A474.

12/11/2006 14:22:01 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://media1.fnacmusic.com/iblZaS0d_8vzw1...MFyCzuYS2qqBxQw (C:\WINDOWS\TEMP\_avast4_\unp144703665.tmp) returning error, 0000A474.

12/11/2006 14:22:49 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://media1.fnacmusic.com/l6eEtFxscUGXpx...Wg7GnrdTmDgQIOg (C:\WINDOWS\TEMP\_avast4_\unp6241911.tmp) returning error, 0000A474.

12/11/2006 14:29:01 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://pagead2.googlesyndication.com/pagea...1280&u_cd=3 (C:\WINDOWS\TEMP\_avast4_\unp187119689.tmp) returning error, 0000A474.

12/11/2006 14:29:14 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://s0b.bluestreak.com/ix.e?jss&wmo...492944;S;0;URL= (C:\WINDOWS\TEMP\_avast4_\unp99822588.tmp) returning error, 0000A474.

12/11/2006 14:29:32 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://pagead2.googlesyndication.com/pagea...u_w=1280&u_ (C:\WINDOWS\TEMP\_avast4_\unp120500659.tmp) returning error, 0000A474.

12/11/2006 14:29:34 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.smartadserver.com/82218/show23....57;4172613670;S (C:\WINDOWS\TEMP\_avast4_\unp117551149.tmp) returning error, 0000A474.

12/11/2006 14:29:36 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://cartes.01net.com/image.php?id_img=662 (C:\WINDOWS\TEMP\_avast4_\unp193948653.tmp) returning error, 0000A474.

12/11/2006 14:29:38 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://s0b.bluestreak.com/ix.e?jss&wmo...613670;S;0;URL= (C:\WINDOWS\TEMP\_avast4_\unp109991079.tmp) returning error, 0000A474.

12/11/2006 14:29:51 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://pagead2.googlesyndication.com/pagea..._dur_cdrom_dvd% (C:\WINDOWS\TEMP\_avast4_\unp105240652.tmp) returning error, 0000A474.

12/11/2006 14:29:54 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.smartadserver.com/82218/show23....57;9550662416;S (C:\WINDOWS\TEMP\_avast4_\unp101349126.tmp) returning error, 0000A474.

12/11/2006 14:30:45 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://pagead2.googlesyndication.com/pagea...u_w=1280&u_ (C:\WINDOWS\TEMP\_avast4_\unp80623410.tmp) returning error, 0000A474.

12/11/2006 14:30:47 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.smartadserver.com/82218/show23....57;7834339901;S (C:\WINDOWS\TEMP\_avast4_\unp75643414.tmp) returning error, 0000A474.

12/11/2006 14:30:51 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://cartes.01net.com/image.php?id_img=662 (C:\WINDOWS\TEMP\_avast4_\unp149189909.tmp) returning error, 0000A474.

12/11/2006 14:34:03 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://pagead2.googlesyndication.com/pagead/show_ads.js (C:\WINDOWS\TEMP\_avast4_\unp262614650.tmp) returning error, 0000A474.

12/11/2006 14:34:07 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://s0b.bluestreak.com/ix.e?jss&wmo...503516;S;0;URL= (C:\WINDOWS\TEMP\_avast4_\unp258957635.tmp) returning error, 0000A474.

12/11/2006 14:34:26 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://pagead2.googlesyndication.com/pagea...urs_et_decodeur (C:\WINDOWS\TEMP\_avast4_\unp139281624.tmp) returning error, 0000A474.

12/11/2006 14:34:27 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.smartadserver.com/82218/show23....57;9710258070;S (C:\WINDOWS\TEMP\_avast4_\unp140471017.tmp) returning error, 0000A474.

12/11/2006 14:34:40 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://s0b.bluestreak.com/ix.e?jss&wmo...498583;S;0;URL= (C:\WINDOWS\TEMP\_avast4_\unp243790260.tmp) returning error, 0000A474.

12/11/2006 14:39:02 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://pagead2.googlesyndication.com/pagea...urs_et_decodeur (C:\WINDOWS\TEMP\_avast4_\unp57855570.tmp) returning error, 0000A474.

12/11/2006 14:39:03 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.smartadserver.com/82218/show23....57;9941120275;S (C:\WINDOWS\TEMP\_avast4_\unp56612994.tmp) returning error, 0000A474.

12/11/2006 14:39:04 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://s0b.bluestreak.com/ix.e?jss&wmo...120275;S;0;URL= (C:\WINDOWS\TEMP\_avast4_\unp58166264.tmp) returning error, 0000A474.

12/11/2006 14:39:15 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://pagead2.googlesyndication.com/pagea...urs_et_decodeur (C:\WINDOWS\TEMP\_avast4_\unp52281684.tmp) returning error, 0000A474.

12/11/2006 14:39:16 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.smartadserver.com/82218/show23....57;3417808964;S (C:\WINDOWS\TEMP\_avast4_\unp51157223.tmp) returning error, 0000A474.

12/11/2006 14:39:42 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://s0b.bluestreak.com/ix.e?jss&wmo...087914;S;0;URL= (C:\WINDOWS\TEMP\_avast4_\unp211338890.tmp) returning error, 0000A474.

12/11/2006 14:40:06 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://pagead2.googlesyndication.com/pagea...00040&color (C:\WINDOWS\TEMP\_avast4_\unp262161846.tmp) returning error, 0000A474.

12/11/2006 14:40:11 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://forum.zebulon.fr/style_images/1/fol...ps_menu_html.js (C:\WINDOWS\TEMP\_avast4_\unp142564948.tmp) returning error, 0000A474.

12/11/2006 14:42:03 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://pagead2.googlesyndication.com/pagea...hid%3D1bd8a305a (C:\WINDOWS\TEMP\_avast4_\unp139341051.tmp) returning error, 0000A474.

12/11/2006 14:42:27 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://forum.zebulon.fr/uploads/av-147258.jpg (C:\WINDOWS\TEMP\_avast4_\unp72353507.tmp) returning error, 0000A474.

12/11/2006 14:42:54 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://pagead2.googlesyndication.com/pagea...w%26searchid%3D (C:\WINDOWS\TEMP\_avast4_\unp93949251.tmp) returning error, 0000A474.

12/11/2006 14:44:42 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://pagead2.googlesyndication.com/pagea...hid%3D1bd8a305a (C:\WINDOWS\TEMP\_avast4_\unp58510447.tmp) returning error, 0000A474.

12/11/2006 14:45:28 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://pagead2.googlesyndication.com/pagea...6sort_by%3DZ-A% (C:\WINDOWS\TEMP\_avast4_\unp161305051.tmp) returning error, 0000A474.

12/11/2006 14:45:46 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://pagead2.googlesyndication.com/pagea...ext=434951& (C:\WINDOWS\TEMP\_avast4_\unp240901248.tmp) returning error, 0000A474.

12/11/2006 14:48:12 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.boursorama.com/menu/menu_gen_media.js (C:\WINDOWS\TEMP\_avast4_\unp102984958.tmp) returning error, 0000A474.

12/11/2006 14:48:42 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://pagead2.googlesyndication.com/pagea...1280&u_cd=3 (C:\WINDOWS\TEMP\_avast4_\unp221463488.tmp) returning error, 0000A474.

12/11/2006 14:48:45 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://cartes.01net.com/image.php?id_img=662 (C:\WINDOWS\TEMP\_avast4_\unp208465532.tmp) returning error, 0000A474.

12/11/2006 14:48:49 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://cartes.01net.com/image.php?id_img=662 (C:\WINDOWS\TEMP\_avast4_\unp230178826.tmp) returning error, 0000A474.

12/11/2006 14:49:08 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://pagead2.googlesyndication.com/pagea...%2Ffiches%2F269 (C:\WINDOWS\TEMP\_avast4_\unp215738594.tmp) returning error, 0000A474.

12/11/2006 14:49:09 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.smartadserver.com/82218/show23....57;3989879238;S (C:\WINDOWS\TEMP\_avast4_\unp214829643.tmp) returning error, 0000A474.

12/11/2006 14:49:55 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://pagead2.googlesyndication.com/pagea...%2Ffiches%2F269 (C:\WINDOWS\TEMP\_avast4_\unp200314390.tmp) returning error, 0000A474.

12/11/2006 14:49:55 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.smartadserver.com/82218/show23....57;8289767914;S (C:\WINDOWS\TEMP\_avast4_\unp198392626.tmp) returning error, 0000A474.

12/11/2006 14:50:01 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://s0b.bluestreak.com/ix.e?jss&wmo...149736;S;0;URL= (C:\WINDOWS\TEMP\_avast4_\unp159218040.tmp) returning error, 0000A474.

12/11/2006 14:50:52 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://pagead2.googlesyndication.com/pagea...l.htm&color (C:\WINDOWS\TEMP\_avast4_\unp48838482.tmp) returning error, 0000A474.

12/11/2006 15:04:00 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://eur.i1.yimg.com/java.europe.yahoo.c...a/brandpanel.js (C:\WINDOWS\TEMP\_avast4_\unp118758218.tmp) returning error, 0000A474.

12/11/2006 15:11:54 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://s0b.bluestreak.com/ix.e?jss&wmo...757301;S;0;URL= (C:\WINDOWS\TEMP\_avast4_\unp214781061.tmp) returning error, 0000A474.

12/11/2006 15:13:15 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://213.91.8.214/bandeaux/lib/lib_fash_..._integrateur.js (C:\WINDOWS\TEMP\_avast4_\unp98893241.tmp) returning error, 0000A474.

12/11/2006 15:13:25 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.3suisses.fr/portail3s_img/js/util.js (C:\WINDOWS\TEMP\_avast4_\unp248990377.tmp) returning error, 0000A474.

12/11/2006 15:13:25 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.3suisses.fr/portail3s_img/js/popunder2.js (C:\WINDOWS\TEMP\_avast4_\unp250561551.tmp) returning error, 0000A474.

12/11/2006 15:13:29 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.3suisses.fr/favicon.ico (C:\WINDOWS\TEMP\_avast4_\unp221422901.tmp) returning error, 0000A474.

12/11/2006 15:17:14 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://pagead2.googlesyndication.com/pagea...olor_link=0000F (C:\WINDOWS\TEMP\_avast4_\unp83927562.tmp) returning error, 0000A474.

12/11/2006 15:21:41 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://pagead2.googlesyndication.com/pagea...00040&color (C:\WINDOWS\TEMP\_avast4_\unp40549313.tmp) returning error, 0000A474.

12/11/2006 15:21:42 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://s0b.bluestreak.com/ix.e?jss&wmo...26bsredirect%3D (C:\WINDOWS\TEMP\_avast4_\unp43661147.tmp) returning error, 0000A474.

12/11/2006 15:21:49 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://pagead2.googlesyndication.com/pagea...ext=434951& (C:\WINDOWS\TEMP\_avast4_\unp233814147.tmp) returning error, 0000A474.

12/11/2006 15:21:50 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://s0b.bluestreak.com/ix.e?jss&wmo...26bsredirect%3D (C:\WINDOWS\TEMP\_avast4_\unp230023268.tmp) returning error, 0000A474.

12/11/2006 15:22:08 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://s0b.bluestreak.com/ix.e?jss&wmo...26bsredirect%3D (C:\WINDOWS\TEMP\_avast4_\unp146631103.tmp) returning error, 0000A474.

12/11/2006 15:24:04 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://pagead2.googlesyndication.com/pagea...d%3D860257%26%2 (C:\WINDOWS\TEMP\_avast4_\unp191460598.tmp) returning error, 0000A474.

12/11/2006 15:24:49 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://pagead2.googlesyndication.com/pagea...d%3D860257%26%2 (C:\WINDOWS\TEMP\_avast4_\unp213005664.tmp) returning error, 0000A474.

12/11/2006 15:28:15 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://pagead2.googlesyndication.com/pagea...d%3D860258%26%2 (C:\WINDOWS\TEMP\_avast4_\unp225987557.tmp) returning error, 0000A474.

12/11/2006 15:47:53 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://pagead2.googlesyndication.com/pagea...mp;u_his=2& (C:\WINDOWS\TEMP\_avast4_\unp181853870.tmp) returning error, 0000A474.

12/11/2006 15:47:55 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://ad.fr.doubleclick.net/adj/N1120.01n...;ord=2644768342? (C:\WINDOWS\TEMP\_avast4_\unp182047212.tmp) returning error, 0000A474.

12/11/2006 15:48:02 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://media.mediaplazza.com/t_15/64x64/2004_02_04_cow.jpg (C:\WINDOWS\TEMP\_avast4_\unp223585364.tmp) returning error, 0000A474.

12/11/2006 15:48:03 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://ds.serving-sys.com/BurstingCachedSc...er/StdBanner.js (C:\WINDOWS\TEMP\_avast4_\unp211242884.tmp) returning error, 0000A474.

12/11/2006 15:48:05 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://pagead2.googlesyndication.com/pagea...u_w=1280&u_ (C:\WINDOWS\TEMP\_avast4_\unp210177303.tmp) returning error, 0000A474.

12/11/2006 15:48:07 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://cartes.01net.com/image.php?id_img=662 (C:\WINDOWS\TEMP\_avast4_\unp203630438.tmp) returning error, 0000A474.

12/11/2006 15:48:38 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://fr.bluestreak.com/ix.e?jss&wmod...964128;S;0;URL= (C:\WINDOWS\TEMP\_avast4_\unp188129515.tmp) returning error, 0000A474.

12/11/2006 15:49:20 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://cartes.01net.com/image.php?id_img=662 (C:\WINDOWS\TEMP\_avast4_\unp242744451.tmp) returning error, 0000A474.

12/11/2006 15:49:49 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.smartadserver.com/call/pubj/133...estiondefichier? (C:\WINDOWS\TEMP\_avast4_\unp208773028.tmp) returning error, 0000A474.

12/11/2006 15:49:51 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://img.clubic.com/photo/0064004B00123346.jpg (C:\WINDOWS\TEMP\_avast4_\unp63775273.tmp) returning error, 0000A474.

12/11/2006 15:49:54 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://img.clubic.com/photo/0082008200210537.jpg (C:\WINDOWS\TEMP\_avast4_\unp54349669.tmp) returning error, 0000A474.

12/11/2006 15:51:14 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.presence-pc.com/forum/include/onglet.js (C:\WINDOWS\TEMP\_avast4_\unp215286610.tmp) returning error, 0000A474.

12/11/2006 15:51:16 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://pagead2.googlesyndication.com/pagea...2Fppc%2FLeBistr (C:\WINDOWS\TEMP\_avast4_\unp257025431.tmp) returning error, 0000A474.

12/11/2006 15:53:01 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://pagead2.googlesyndication.com/pagea...color_text=4349 (C:\WINDOWS\TEMP\_avast4_\unp12463332.tmp) returning error, 0000A474.

12/11/2006 15:54:45 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.generation-nt.com/favicon.ico (C:\WINDOWS\TEMP\_avast4_\unp134802475.tmp) returning error, 0000A474.

12/11/2006 15:54:53 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://pagead2.googlesyndication.com/pagea...w.generation-nt. (C:\WINDOWS\TEMP\_avast4_\unp142232676.tmp) returning error, 0000A474.

12/11/2006 16:26:29 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.18plus.ro/images/erotic-pictures-jessica-alba.jpg (C:\WINDOWS\TEMP\_avast4_\unp189932919.tmp) returning error, 0000A474.

12/11/2006 16:26:30 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.18plus.ro/images/erotic-pictures-paris-hilton.jpg (C:\WINDOWS\TEMP\_avast4_\unp190812327.tmp) returning error, 0000A474.

12/11/2006 16:26:30 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.18plus.ro/images/erotic-picture...lize-theron.jpg (C:\WINDOWS\TEMP\_avast4_\unp187509776.tmp) returning error, 0000A474.

12/11/2006 16:26:31 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.18plus.ro/images/erotic-pictures-liv-tyler.jpg (C:\WINDOWS\TEMP\_avast4_\unp187142425.tmp) returning error, 0000A474.

12/11/2006 16:26:31 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.18plus.ro/images/erotic-picture...-zeta-jones.jpg (C:\WINDOWS\TEMP\_avast4_\unp187680534.tmp) returning error, 0000A474.

12/11/2006 16:26:33 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.18plus.ro/images/erotic-picture...na-aguilera.jpg (C:\WINDOWS\TEMP\_avast4_\unp248271659.tmp) returning error, 0000A474.

12/11/2006 16:26:33 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.18plus.ro/images/erotic-picture...ica-simpson.jpg (C:\WINDOWS\TEMP\_avast4_\unp187253270.tmp) returning error, 0000A474.

12/11/2006 16:26:33 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.18plus.ro/images/erotic-pictures-mandy-moore.jpg (C:\WINDOWS\TEMP\_avast4_\unp187665566.tmp) returning error, 0000A474.

12/11/2006 16:26:35 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.18plus.ro/images/erotic-pictures-ashton-moore.jpg (C:\WINDOWS\TEMP\_avast4_\unp185056599.tmp) returning error, 0000A474.

12/11/2006 16:26:37 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.18plus.ro/images/erotic-picture...any-andrews.jpg (C:\WINDOWS\TEMP\_avast4_\unp227219547.tmp) returning error, 0000A474.

12/11/2006 16:27:15 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.google.fr/search?q=isharedpics....lient=firefox-a (C:\WINDOWS\TEMP\_avast4_\unp172196717.tmp) returning error, 0000A474.

12/11/2006 16:31:16 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://eur.i1.yimg.com/java.europe.yahoo.c...a/brandpanel.js (C:\WINDOWS\TEMP\_avast4_\unp262949027.tmp) returning error, 0000A474.

12/11/2006 16:32:05 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.amateurs-gone-wild.com/images/tr_001.jpg (C:\WINDOWS\TEMP\_avast4_\unp205786342.tmp) returning error, 0000A474.

12/11/2006 16:32:05 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.amateurs-gone-wild.com/images/tr_002.jpg (C:\WINDOWS\TEMP\_avast4_\unp207261986.tmp) returning error, 0000A474.

12/11/2006 16:32:05 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.amateurs-gone-wild.com/images/tr_003.jpg (C:\WINDOWS\TEMP\_avast4_\unp207139582.tmp) returning error, 0000A474.

12/11/2006 16:32:05 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.amateurs-gone-wild.com/images/tr_004.jpg (C:\WINDOWS\TEMP\_avast4_\unp207537679.tmp) returning error, 0000A474.

12/11/2006 16:32:06 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.amateurs-gone-wild.com/images/tr_005.jpg (C:\WINDOWS\TEMP\_avast4_\unp207272256.tmp) returning error, 0000A474.

12/11/2006 16:32:06 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.amateurs-gone-wild.com/images/tr_006.jpg (C:\WINDOWS\TEMP\_avast4_\unp207177014.tmp) returning error, 0000A474.

12/11/2006 16:32:06 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.amateurs-gone-wild.com/images/tr_007.jpg (C:\WINDOWS\TEMP\_avast4_\unp206864572.tmp) returning error, 0000A474.

12/11/2006 16:32:06 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.amateurs-gone-wild.com/images/tr_008.jpg (C:\WINDOWS\TEMP\_avast4_\unp207033813.tmp) returning error, 0000A474.

12/11/2006 16:32:06 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.amateurs-gone-wild.com/images/tr_013.jpg (C:\WINDOWS\TEMP\_avast4_\unp206999033.tmp) returning error, 0000A474.

12/11/2006 16:32:07 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.amateurs-gone-wild.com/images/sex1.jpg (C:\WINDOWS\TEMP\_avast4_\unp207136051.tmp) returning error, 0000A474.

12/11/2006 16:32:07 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.amateurs-gone-wild.com/images/sex6.jpg (C:\WINDOWS\TEMP\_avast4_\unp205646006.tmp) returning error, 0000A474.

12/11/2006 16:32:07 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.amateurs-gone-wild.com/images/sex3.jpg (C:\WINDOWS\TEMP\_avast4_\unp205621903.tmp) returning error, 0000A474.

12/11/2006 16:32:12 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://amateurs-gone-wild.com/content/files3/tn_06110102.jpg (C:\WINDOWS\TEMP\_avast4_\unp21231559.tmp) returning error, 0000A474.

12/11/2006 16:33:53 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.swegold.com/images/3_08.jpg (C:\WINDOWS\TEMP\_avast4_\unp208067927.tmp) returning error, 0000A474.

12/11/2006 16:33:54 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.swegold.com/images/1_09.jpg (C:\WINDOWS\TEMP\_avast4_\unp205004352.tmp) returning error, 0000A474.

12/11/2006 16:34:52 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.exgfs.net/images/separator.jpg (C:\WINDOWS\TEMP\_avast4_\unp247834000.tmp) returning error, 0000A474.

12/11/2006 16:35:11 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.teenagegirlnude.com/header1.jpg (C:\WINDOWS\TEMP\_avast4_\unp248363475.tmp) returning error, 0000A474.

12/11/2006 16:35:11 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.teenagegirlnude.com/header4.jpg (C:\WINDOWS\TEMP\_avast4_\unp249287813.tmp) returning error, 0000A474.

12/11/2006 16:35:24 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.teenagegirlnude.com/gallery/alb...2/thumb_687.jpg (C:\WINDOWS\TEMP\_avast4_\unp254746502.tmp) returning error, 0000A474.

12/11/2006 16:35:24 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.teenagegirlnude.com/gallery/alb...thumb_6_608.jpg (C:\WINDOWS\TEMP\_avast4_\unp254748337.tmp) returning error, 0000A474.

12/11/2006 16:35:24 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.teenagegirlnude.com/gallery/alb..._1003377988.jpg (C:\WINDOWS\TEMP\_avast4_\unp255555057.tmp) returning error, 0000A474.

12/11/2006 16:35:25 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.teenagegirlnude.com/gallery/alb...mb_100_0521.jpg (C:\WINDOWS\TEMP\_avast4_\unp255761493.tmp) returning error, 0000A474.

12/11/2006 16:35:25 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.teenagegirlnude.com/gallery/alb..._1639882800.jpg (C:\WINDOWS\TEMP\_avast4_\unp255520618.tmp) returning error, 0000A474.

12/11/2006 16:35:25 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.teenagegirlnude.com/gallery/alb...b_837914559.jpg (C:\WINDOWS\TEMP\_avast4_\unp255260606.tmp) returning error, 0000A474.

12/11/2006 16:35:26 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.teenagegirlnude.com/gallery/alb...mb_IMG_0139.JPG (C:\WINDOWS\TEMP\_avast4_\unp265707901.tmp) returning error, 0000A474.

12/11/2006 16:35:26 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.teenagegirlnude.com/gallery/alb...umb_33409vs.jpg (C:\WINDOWS\TEMP\_avast4_\unp267109120.tmp) returning error, 0000A474.

12/11/2006 16:35:44 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.teenagegirlnude.com/gallery/alb..._1183968690.jpg (C:\WINDOWS\TEMP\_avast4_\unp212710519.tmp) returning error, 0000A474.

12/11/2006 16:35:44 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.teenagegirlnude.com/gallery/alb..._1086376113.jpg (C:\WINDOWS\TEMP\_avast4_\unp212467174.tmp) returning error, 0000A474.

12/11/2006 16:35:44 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.teenagegirlnude.com/gallery/alb..._1034828895.jpg (C:\WINDOWS\TEMP\_avast4_\unp213213844.tmp) returning error, 0000A474.

12/11/2006 16:35:45 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.teenagegirlnude.com/gallery/alb...b_869490414.jpg (C:\WINDOWS\TEMP\_avast4_\unp210989784.tmp) returning error, 0000A474.

12/11/2006 16:35:57 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.bejba.com/peeker.js (C:\WINDOWS\TEMP\_avast4_\unp161935728.tmp) returning error, 0000A474.

12/11/2006 16:36:00 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://freecounter.unms.com/counter.php?i=.../www.bejba.com/ (C:\WINDOWS\TEMP\_avast4_\unp157388269.tmp) returning error, 0000A474.

12/11/2006 16:36:26 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://tgp.pornsurfers-paradise.com/thumbs/p1127.jpg (C:\WINDOWS\TEMP\_avast4_\unp199747684.tmp) returning error, 0000A474.

12/11/2006 16:36:27 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://graphics.adultfriendfinder.com/imag...20.bigthumb.jpg (C:\WINDOWS\TEMP\_avast4_\unp261218810.tmp) returning error, 0000A474.

12/11/2006 16:36:28 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://tgp.pornsurfers-paradise.com/thumbs/p19042.jpg (C:\WINDOWS\TEMP\_avast4_\unp261046963.tmp) returning error, 0000A474.

12/11/2006 16:36:29 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://tgp.pornsurfers-paradise.com/thumbs/p19052.jpg (C:\WINDOWS\TEMP\_avast4_\unp235128501.tmp) returning error, 0000A474.

12/11/2006 16:36:30 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://tgp.pornsurfers-paradise.com/thumbs/p19001.jpg (C:\WINDOWS\TEMP\_avast4_\unp236586701.tmp) returning error, 0000A474.

12/11/2006 16:36:32 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://tgp.pornsurfers-paradise.com/thumbs/p9799.jpg (C:\WINDOWS\TEMP\_avast4_\unp245432141.tmp) returning error, 0000A474.

12/11/2006 16:36:32 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://tgp.pornsurfers-paradise.com/thumbs/p10999.jpg (C:\WINDOWS\TEMP\_avast4_\unp246340164.tmp) returning error, 0000A474.

12/11/2006 16:36:32 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://tgp.pornsurfers-paradise.com/thumbs/p5575.jpg (C:\WINDOWS\TEMP\_avast4_\unp245448451.tmp) returning error, 0000A474.

12/11/2006 16:36:33 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://tgp.pornsurfers-paradise.com/thumbs/p17173.jpg (C:\WINDOWS\TEMP\_avast4_\unp248149784.tmp) returning error, 0000A474.

12/11/2006 16:36:34 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://tgp.pornsurfers-paradise.com/thumbs/p8875.jpg (C:\WINDOWS\TEMP\_avast4_\unp248462265.tmp) returning error, 0000A474.

12/11/2006 16:36:34 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://tgp.pornsurfers-paradise.com/thumbs/p14552.jpg (C:\WINDOWS\TEMP\_avast4_\unp248522599.tmp) returning error, 0000A474.

12/11/2006 16:36:34 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://tgp.pornsurfers-paradise.com/thumbs/p1316.jpg (C:\WINDOWS\TEMP\_avast4_\unp250318521.tmp) returning error, 0000A474.

12/11/2006 16:36:35 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://tgp.pornsurfers-paradise.com/thumbs/p19005.jpg (C:\WINDOWS\TEMP\_avast4_\unp244208091.tmp) returning error, 0000A474.

12/11/2006 16:36:36 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://tgp.pornsurfers-paradise.com/thumbs/p18992.jpg (C:\WINDOWS\TEMP\_avast4_\unp149394613.tmp) returning error, 0000A474.

12/11/2006 16:36:52 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://graphics.adultfriendfinder.com/imag...30.bigthumb.jpg (C:\WINDOWS\TEMP\_avast4_\unp125970727.tmp) returning error, 0000A474.

12/11/2006 16:36:52 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://tgp.pornsurfers-paradise.com/thumbs/p11316.jpg (C:\WINDOWS\TEMP\_avast4_\unp125848529.tmp) returning error, 0000A474.

12/11/2006 16:36:52 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://graphics.adultfriendfinder.com/imag...30.bigthumb.jpg (C:\WINDOWS\TEMP\_avast4_\unp226508634.tmp) returning error, 0000A474.

12/11/2006 16:36:52 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://tgp.pornsurfers-paradise.com/thumbs/p9436.jpg (C:\WINDOWS\TEMP\_avast4_\unp226707721.tmp) returning error, 0000A474.

12/11/2006 16:36:53 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://graphics.adultfriendfinder.com/imag...20.bigthumb.jpg (C:\WINDOWS\TEMP\_avast4_\unp226656961.tmp) returning error, 0000A474.

12/11/2006 16:36:54 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://tgp.pornsurfers-paradise.com/thumbs/p19054.jpg (C:\WINDOWS\TEMP\_avast4_\unp129723598.tmp) returning error, 0000A474.

12/11/2006 16:36:55 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://tgp.pornsurfers-paradise.com/thumbs/p5576.jpg (C:\WINDOWS\TEMP\_avast4_\unp124381163.tmp) returning error, 0000A474.

12/11/2006 16:36:57 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://tgp.pornsurfers-paradise.com/thumbs/p11260.jpg (C:\WINDOWS\TEMP\_avast4_\unp123314999.tmp) returning error, 0000A474.

12/11/2006 16:36:57 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://tgp.pornsurfers-paradise.com/thumbs/p14758.jpg (C:\WINDOWS\TEMP\_avast4_\unp123409169.tmp) returning error, 0000A474.

12/11/2006 16:36:58 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://tgp.pornsurfers-paradise.com/thumbs/p6090.jpg (C:\WINDOWS\TEMP\_avast4_\unp122833288.tmp) returning error, 0000A474.

12/11/2006 16:36:58 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://tgp.pornsurfers-paradise.com/thumbs/p14773.jpg (C:\WINDOWS\TEMP\_avast4_\unp124795341.tmp) returning error, 0000A474.

12/11/2006 16:37:00 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://tgp.pornsurfers-paradise.com/thumbs/p3322.jpg (C:\WINDOWS\TEMP\_avast4_\unp127855434.tmp) returning error, 0000A474.

12/11/2006 16:37:01 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://tgp.pornsurfers-paradise.com/thumbs/p885.jpg (C:\WINDOWS\TEMP\_avast4_\unp128868907.tmp) returning error, 0000A474.

12/11/2006 16:37:15 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.rateblowjobbabes.com/images/tb794082.jpg (C:\WINDOWS\TEMP\_avast4_\unp67924679.tmp) returning error, 0000A474.

12/11/2006 16:37:16 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.rateblowjobbabes.com/images/tb839265.jpg (C:\WINDOWS\TEMP\_avast4_\unp67657881.tmp) returning error, 0000A474.

12/11/2006 16:37:16 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.rateblowjobbabes.com/images/tb673941.jpg (C:\WINDOWS\TEMP\_avast4_\unp67999822.tmp) returning error, 0000A474.

12/11/2006 16:37:28 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.statcounter.com/counter/counter.js (C:\WINDOWS\TEMP\_avast4_\unp72055683.tmp) returning error, 0000A474.

12/11/2006 16:37:52 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.blowjob-blog.com/thumbs/88731.jpg (C:\WINDOWS\TEMP\_avast4_\unp69432514.tmp) returning error, 0000A474.

12/11/2006 16:37:59 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.blowjob-blog.com/thumbs/11295.jpg (C:\WINDOWS\TEMP\_avast4_\unp185267242.tmp) returning error, 0000A474.

12/11/2006 16:38:00 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.blowjob-blog.com/thumbs/88666.jpg (C:\WINDOWS\TEMP\_avast4_\unp189905658.tmp) returning error, 0000A474.

12/11/2006 16:38:03 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.blowjob-blog.com/thumbs/11313.jpg (C:\WINDOWS\TEMP\_avast4_\unp170851260.tmp) returning error, 0000A474.

12/11/2006 16:38:06 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.blowjob-blog.com/thumbs/11214.jpg (C:\WINDOWS\TEMP\_avast4_\unp178672966.tmp) returning error, 0000A474.

12/11/2006 16:38:07 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.blowjob-blog.com/thumbs/11275.jpg (C:\WINDOWS\TEMP\_avast4_\unp179088565.tmp) returning error, 0000A474.

12/11/2006 16:38:08 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.blowjob-blog.com/thumbs/1053.jpg (C:\WINDOWS\TEMP\_avast4_\unp180042161.tmp) returning error, 0000A474.

12/11/2006 16:38:13 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.blowjob-blog.com/thumbs/11353.jpg (C:\WINDOWS\TEMP\_avast4_\unp177427596.tmp) returning error, 0000A474.

12/11/2006 16:39:01 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.herselfpics.com/images/red_banner_04.jpg (C:\WINDOWS\TEMP\_avast4_\unp150328806.tmp) returning error, 0000A474.

12/11/2006 16:39:07 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.herselfpics.com/previews/sunny/thumbs/003.jpg (C:\WINDOWS\TEMP\_avast4_\unp218277161.tmp) returning error, 0000A474.

12/11/2006 16:39:09 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.herselfpics.com/previews/tamara/thumbs/003.jpg (C:\WINDOWS\TEMP\_avast4_\unp212516169.tmp) returning error, 0000A474.

12/11/2006 16:39:19 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://photos.cams.com/images/streamray/won/jpg/hotmama.jpg (C:\WINDOWS\TEMP\_avast4_\unp221862427.tmp) returning error, 0000A474.

12/11/2006 16:39:20 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://photos.cams.com/images/streamray/wo.../freshcatch.jpg (C:\WINDOWS\TEMP\_avast4_\unp219985570.tmp) returning error, 0000A474.

12/11/2006 16:39:21 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://photos.cams.com/images/streamray/won/jpg/adoreme.jpg (C:\WINDOWS\TEMP\_avast4_\unp219325691.tmp) returning error, 0000A474.

12/11/2006 16:39:22 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://photos.cams.com/images/streamray/wo...g/simonax69.jpg (C:\WINDOWS\TEMP\_avast4_\unp83811660.tmp) returning error, 0000A474.

12/11/2006 16:40:17 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.dirtyschoolgirls.net/img/teen.jpg (C:\WINDOWS\TEMP\_avast4_\unp78281253.tmp) returning error, 0000A474.

12/11/2006 16:40:19 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.dirtyschoolgirls.net/img/bportal.jpg (C:\WINDOWS\TEMP\_avast4_\unp48132912.tmp) returning error, 0000A474.

12/11/2006 16:40:20 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.dirtyschoolgirls.net/img/teenplanet.jpg (C:\WINDOWS\TEMP\_avast4_\unp79678891.tmp) returning error, 0000A474.

12/11/2006 16:40:20 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.dirtyschoolgirls.net/img/n3.jpg (C:\WINDOWS\TEMP\_avast4_\unp50124133.tmp) returning error, 0000A474.

12/11/2006 16:41:05 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.myexgf.com/images/index-reset_01.jpg (C:\WINDOWS\TEMP\_avast4_\unp39881918.tmp) returning error, 0000A474.

12/11/2006 16:41:36 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.blastyourbrain.com/favicon.ico (C:\WINDOWS\TEMP\_avast4_\unp151120443.tmp) returning error, 0000A474.

12/11/2006 16:42:11 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://promo.cams.com/promo/camgirlsliveif...um=7&Size=s (C:\WINDOWS\TEMP\_avast4_\unp182778188.tmp) returning error, 0000A474.

12/11/2006 16:42:13 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://graphics.alt.com/images/piclist/pro....30.gallery.jpg (C:\WINDOWS\TEMP\_avast4_\unp182808798.tmp) returning error, 0000A474.

12/11/2006 16:42:18 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://graphics.amateurmatch.com/iframe/if...618-160x160.jpg (C:\WINDOWS\TEMP\_avast4_\unp85487046.tmp) returning error, 0000A474.

12/11/2006 16:42:18 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://graphics.amateurmatch.com/iframe/if...190-160x160.jpg (C:\WINDOWS\TEMP\_avast4_\unp99214757.tmp) returning error, 0000A474.

12/11/2006 16:42:38 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://tgp.pornsurfers-paradise.com/thumbs/p11273.jpg (C:\WINDOWS\TEMP\_avast4_\unp79546375.tmp) returning error, 0000A474.

12/11/2006 16:42:38 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://tgp.pornsurfers-paradise.com/thumbs/p11284.jpg (C:\WINDOWS\TEMP\_avast4_\unp119000647.tmp) returning error, 0000A474.

12/11/2006 16:42:38 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://tgp.pornsurfers-paradise.com/thumbs/p14778.jpg (C:\WINDOWS\TEMP\_avast4_\unp119081155.tmp) returning error, 0000A474.

12/11/2006 16:43:09 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.original-amateurs.com/tgp/thumbs/2865.jpg (C:\WINDOWS\TEMP\_avast4_\unp161871599.tmp) returning error, 0000A474.

12/11/2006 16:43:10 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.original-amateurs.com/tgp/thumbs/2864.jpg (C:\WINDOWS\TEMP\_avast4_\unp156467782.tmp) returning error, 0000A474.

12/11/2006 16:43:46 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://graphics.amateurmatch.com/iframe/if...41671-88x88.jpg (C:\WINDOWS\TEMP\_avast4_\unp248354514.tmp) returning error, 0000A474.

12/11/2006 16:44:24 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://graphics.amateurmatch.com/iframe/if...808-120x160.jpg (C:\WINDOWS\TEMP\_avast4_\unp254911223.tmp) returning error, 0000A474.

12/11/2006 16:44:24 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://graphics.amateurmatch.com/iframe/if...909-120x160.jpg (C:\WINDOWS\TEMP\_avast4_\unp254367760.tmp) returning error, 0000A474.

12/11/2006 16:44:24 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://graphics.amateurmatch.com/iframe/if...756-120x160.jpg (C:\WINDOWS\TEMP\_avast4_\unp88642459.tmp) returning error, 0000A474.

12/11/2006 16:44:24 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://graphics.amateurmatch.com/iframe/if...378-120x160.jpg (C:\WINDOWS\TEMP\_avast4_\unp88739598.tmp) returning error, 0000A474.

12/11/2006 16:44:25 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.groovybus.com/gb140x80tu.jpg (C:\WINDOWS\TEMP\_avast4_\unp265638724.tmp) returning error, 0000A474.

12/11/2006 16:44:37 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.mydrunkteens.com/back/hcp/head.jpg (C:\WINDOWS\TEMP\_avast4_\unp151019767.tmp) returning error, 0000A474.

12/11/2006 16:44:38 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.mydrunkteens.com/ct/thumbs/tn4537.jpg (C:\WINDOWS\TEMP\_avast4_\unp152979914.tmp) returning error, 0000A474.

12/11/2006 16:44:39 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.mydrunkteens.com/ct/thumbs/tn4572.jpg (C:\WINDOWS\TEMP\_avast4_\unp152630966.tmp) returning error, 0000A474.

12/11/2006 16:44:39 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.mydrunkteens.com/ct/thumbs/tn5298.jpg (C:\WINDOWS\TEMP\_avast4_\unp165933713.tmp) returning error, 0000A474.

12/11/2006 16:44:40 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.mydrunkteens.com/ct/thumbs/tn4905.jpg (C:\WINDOWS\TEMP\_avast4_\unp165687831.tmp) returning error, 0000A474.

12/11/2006 16:44:42 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.mydrunkteens.com/ct/thumbs/tn4981.jpg (C:\WINDOWS\TEMP\_avast4_\unp171283890.tmp) returning error, 0000A474.

12/11/2006 16:44:43 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.mydrunkteens.com/ct/thumbs/tn3905.jpg (C:\WINDOWS\TEMP\_avast4_\unp169184133.tmp) returning error, 0000A474.

12/11/2006 16:44:43 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.mydrunkteens.com/ct/thumbs/tn4675.jpg (C:\WINDOWS\TEMP\_avast4_\unp169417914.tmp) returning error, 0000A474.

12/11/2006 16:44:43 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.mydrunkteens.com/ct/thumbs/tn4670.jpg (C:\WINDOWS\TEMP\_avast4_\unp170606841.tmp) returning error, 0000A474.

12/11/2006 16:44:43 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.mydrunkteens.com/ct/thumbs/tn4597.jpg (C:\WINDOWS\TEMP\_avast4_\unp170549187.tmp) returning error, 0000A474.

12/11/2006 16:44:56 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://graphics.amateurmatch.com/iframe/if...433-120x160.jpg (C:\WINDOWS\TEMP\_avast4_\unp192662895.tmp) returning error, 0000A474.

12/11/2006 16:44:56 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://graphics.amateurmatch.com/iframe/if...986-120x160.jpg (C:\WINDOWS\TEMP\_avast4_\unp192849348.tmp) returning error, 0000A474.

12/11/2006 16:45:10 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://graphics.amateurmatch.com/iframe/if...733-120x160.jpg (C:\WINDOWS\TEMP\_avast4_\unp245486973.tmp) returning error, 0000A474.

12/11/2006 16:45:16 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://graphics.amateurmatch.com/iframe/if...086-120x160.jpg (C:\WINDOWS\TEMP\_avast4_\unp200117795.tmp) returning error, 0000A474.

12/11/2006 16:45:16 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://graphics.amateurmatch.com/iframe/if...788-120x160.jpg (C:\WINDOWS\TEMP\_avast4_\unp199485552.tmp) returning error, 0000A474.

12/11/2006 16:45:17 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://graphics.amateurmatch.com/iframe/if...806-120x160.jpg (C:\WINDOWS\TEMP\_avast4_\unp200239583.tmp) returning error, 0000A474.

12/11/2006 16:45:29 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://graphics.amateurmatch.com/iframe/if...575-120x160.jpg (C:\WINDOWS\TEMP\_avast4_\unp225891124.tmp) returning error, 0000A474.

12/11/2006 16:45:34 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://graphics.amateurmatch.com/iframe/if...333-120x160.jpg (C:\WINDOWS\TEMP\_avast4_\unp86151687.tmp) returning error, 0000A474.

12/11/2006 16:45:40 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://graphics.amateurmatch.com/iframe/if...357-120x160.jpg (C:\WINDOWS\TEMP\_avast4_\unp101030665.tmp) returning error, 0000A474.

12/11/2006 16:45:40 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://graphics.amateurmatch.com/iframe/if...128-120x160.jpg (C:\WINDOWS\TEMP\_avast4_\unp114391826.tmp) returning error, 0000A474.

12/11/2006 16:45:41 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://graphics.amateurmatch.com/iframe/if...808-120x160.jpg (C:\WINDOWS\TEMP\_avast4_\unp113902817.tmp) returning error, 0000A474.

12/11/2006 16:46:07 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://iframes.awempire.com/?t_id=romper23 (C:\WINDOWS\TEMP\_avast4_\unp153169009.tmp) returning error, 0000A474.

12/11/2006 16:46:08 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.teensfirstmovie.com/ct/thumbs/tn1068.jpg (C:\WINDOWS\TEMP\_avast4_\unp154807055.tmp) returning error, 0000A474.

12/11/2006 16:46:09 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://graphics.amateurmatch.com/iframe/if...146-120x160.jpg (C:\WINDOWS\TEMP\_avast4_\unp151534772.tmp) returning error, 0000A474.

12/11/2006 16:46:09 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://graphics.amateurmatch.com/iframe/if...649-120x160.jpg (C:\WINDOWS\TEMP\_avast4_\unp158658729.tmp) returning error, 0000A474.

12/11/2006 16:46:09 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://graphics.amateurmatch.com/iframe/if...813-120x160.jpg (C:\WINDOWS\TEMP\_avast4_\unp158438599.tmp) returning error, 0000A474.

12/11/2006 16:46:10 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://graphics.amateurmatch.com/iframe/if...071-120x160.jpg (C:\WINDOWS\TEMP\_avast4_\unp157806068.tmp) returning error, 0000A474.

12/11/2006 16:46:10 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://graphics.amateurmatch.com/iframe/if...375-120x160.jpg (C:\WINDOWS\TEMP\_avast4_\unp156731851.tmp) returning error, 0000A474.

12/11/2006 16:46:11 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.teensfirstmovie.com/ct/thumbs/tn1370.jpg (C:\WINDOWS\TEMP\_avast4_\unp137150929.tmp) returning error, 0000A474.

12/11/2006 16:46:12 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.teensfirstmovie.com/ct/thumbs/tn1368.jpg (C:\WINDOWS\TEMP\_avast4_\unp138125733.tmp) returning error, 0000A474.

12/11/2006 16:46:14 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.teensfirstmovie.com/ct/thumbs/tn27.jpg (C:\WINDOWS\TEMP\_avast4_\unp142259063.tmp) returning error, 0000A474.

12/11/2006 16:46:17 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.teensfirstmovie.com/ads/teen.jpg (C:\WINDOWS\TEMP\_avast4_\unp174705312.tmp) returning error, 0000A474.

12/11/2006 16:46:17 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.teensfirstmovie.com/ads/amateur.jpg (C:\WINDOWS\TEMP\_avast4_\unp174508231.tmp) returning error, 0000A474.

12/11/2006 16:46:23 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://graphics.amateurmatch.com/iframe/if...269-120x160.jpg (C:\WINDOWS\TEMP\_avast4_\unp166640964.tmp) returning error, 0000A474.

12/11/2006 16:46:28 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://graphics.amateurmatch.com/iframe/if...297-120x160.jpg (C:\WINDOWS\TEMP\_avast4_\unp245749800.tmp) returning error, 0000A474.

12/11/2006 16:46:28 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://graphics.amateurmatch.com/iframe/if...025-120x160.jpg (C:\WINDOWS\TEMP\_avast4_\unp249531773.tmp) returning error, 0000A474.

12/11/2006 16:46:28 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://graphics.amateurmatch.com/iframe/if...086-120x160.jpg (C:\WINDOWS\TEMP\_avast4_\unp248716389.tmp) returning error, 0000A474.

12/11/2006 16:46:33 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://graphics.amateurmatch.com/iframe/if...066-120x160.jpg (C:\WINDOWS\TEMP\_avast4_\unp247200776.tmp) returning error, 0000A474.

12/11/2006 16:46:42 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://graphics.amateurmatch.com/iframe/if...106-120x160.jpg (C:\WINDOWS\TEMP\_avast4_\unp155807595.tmp) returning error, 0000A474.

12/11/2006 16:46:42 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://graphics.amateurmatch.com/iframe/if...330-120x160.jpg (C:\WINDOWS\TEMP\_avast4_\unp244101916.tmp) returning error, 0000A474.

12/11/2006 16:46:42 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://graphics.amateurmatch.com/iframe/if...558-120x160.jpg (C:\WINDOWS\TEMP\_avast4_\unp246434243.tmp) returning error, 0000A474.

12/11/2006 16:46:48 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://graphics.amateurmatch.com/iframe/if...119-120x160.jpg (C:\WINDOWS\TEMP\_avast4_\unp4331818.tmp) returning error, 0000A474.

12/11/2006 16:46:58 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://graphics.amateurmatch.com/iframe/if...324-120x160.jpg (C:\WINDOWS\TEMP\_avast4_\unp26832342.tmp) returning error, 0000A474.

12/11/2006 16:46:58 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://graphics.amateurmatch.com/iframe/if...612-120x160.jpg (C:\WINDOWS\TEMP\_avast4_\unp32752796.tmp) returning error, 0000A474.

12/11/2006 16:46:58 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://graphics.amateurmatch.com/iframe/if...622-120x160.jpg (C:\WINDOWS\TEMP\_avast4_\unp179467337.tmp) returning error, 0000A474.

12/11/2006 16:47:36 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://us.js2.yimg.com/us.js.yimg.com/lib/...mation_1.1.0.js (C:\WINDOWS\TEMP\_avast4_\unp76430152.tmp) returning error, 0000A474.

12/11/2006 16:47:43 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://arc.0daymeme.com/3N/img07jpg.3NErLN...vsLjE.thumb.jpg (C:\WINDOWS\TEMP\_avast4_\unp5160871.tmp) returning error, 0000A474.

12/11/2006 16:47:43 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.jerkmate.com/images/thumb/876_1163258077.jpg (C:\WINDOWS\TEMP\_avast4_\unp76816712.tmp) returning error, 0000A474.

12/11/2006 16:47:44 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://arc.0daymeme.com/sK/img16jpg.sK9rqW...n9mO7.thumb.jpg (C:\WINDOWS\TEMP\_avast4_\unp77096056.tmp) returning error, 0000A474.

12/11/2006 16:47:44 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://images.imagefap.com/images/thumb/600067648.jpg (C:\WINDOWS\TEMP\_avast4_\unp26503617.tmp) returning error, 0000A474.

12/11/2006 16:47:45 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.jerkmate.com/images/thumb/hoo_005_1163175459.jpg (C:\WINDOWS\TEMP\_avast4_\unp79512079.tmp) returning error, 0000A474.

12/11/2006 16:47:45 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.jerkmate.com/images/thumb/thurs..._1163096573.jpg (C:\WINDOWS\TEMP\_avast4_\unp78686275.tmp) returning error, 0000A474.

12/11/2006 16:47:46 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.jerkmate.com/images/thumb/thurs..._1163027413.jpg (C:\WINDOWS\TEMP\_avast4_\unp33502672.tmp) returning error, 0000A474.

12/11/2006 16:47:47 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://whoson.anywebcam.com/3036490/10000 (C:\WINDOWS\TEMP\_avast4_\unp74604485.tmp) returning error, 0000A474.

12/11/2006 16:47:48 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.allamateurblog.com/banners/loveblog.jpg (C:\WINDOWS\TEMP\_avast4_\unp30661644.tmp) returning error, 0000A474.

12/11/2006 16:47:48 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://images.imagefap.com/images/thumb/1183480376.jpg (C:\WINDOWS\TEMP\_avast4_\unp30469909.tmp) returning error, 0000A474.

12/11/2006 16:47:49 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://images.imagefap.com/images/thumb/1689839280.jpg (C:\WINDOWS\TEMP\_avast4_\unp131437384.tmp) returning error, 0000A474.

12/11/2006 16:47:49 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://whoson.anywebcam.com/397707/10000 (C:\WINDOWS\TEMP\_avast4_\unp131530697.tmp) returning error, 0000A474.

12/11/2006 16:47:50 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://whoson.anywebcam.com/1912945/10000 (C:\WINDOWS\TEMP\_avast4_\unp29275422.tmp) returning error, 0000A474.

12/11/2006 16:47:54 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://arc.0daymeme.com/6p/passionblogsjpg...lmah068_Zec.jpg (C:\WINDOWS\TEMP\_avast4_\unp112019704.tmp) returning error, 0000A474.

12/11/2006 16:48:07 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://ads.adbrite.com/mb/text_group.php?sid=176847 (C:\WINDOWS\TEMP\_avast4_\unp157048409.tmp) returning error, 0000A474.

12/11/2006 16:48:36 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://eur.i1.yimg.com/java.europe.yahoo.c...wserdetector.js (C:\WINDOWS\TEMP\_avast4_\unp267183816.tmp) returning error, 0000A474.

12/11/2006 16:48:39 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://perf.weborama.fr/fcgi-bin/adserv.fc...;rnd=1163346518 (C:\WINDOWS\TEMP\_avast4_\unp263469652.tmp) returning error, 0000A474.

12/11/2006 16:48:44 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.flmnh.ufl.edu/fish/sharks/stati...k/legendred.JPG (C:\WINDOWS\TEMP\_avast4_\unp253080199.tmp) returning error, 0000A474.

12/11/2006 16:48:45 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.flmnh.ufl.edu/fish/sharks/stati.../legendnone.JPG (C:\WINDOWS\TEMP\_avast4_\unp253414052.tmp) returning error, 0000A474.

12/11/2006 16:49:36 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://perf.weborama.fr/fcgi-bin/adserv.fc...;rnd=1163346576 (C:\WINDOWS\TEMP\_avast4_\unp188749692.tmp) returning error, 0000A474.

12/11/2006 16:49:38 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://perf.weborama.fr/fcgi-bin/adserv.fc...;rnd=1163346578 (C:\WINDOWS\TEMP\_avast4_\unp191580745.tmp) returning error, 0000A474.

12/11/2006 16:50:17 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.trocmaison.com/affinity/_fr/ima...index_r3_c3.jpg (C:\WINDOWS\TEMP\_avast4_\unp205702074.tmp) returning error, 0000A474.

12/11/2006 16:50:18 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.trocmaison.com/affinity/_fr/rss...e=1163346617640 (C:\WINDOWS\TEMP\_avast4_\unp206817591.tmp) returning error, 0000A474.

12/11/2006 16:55:24 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://pagead2.googlesyndication.com/pagea...60&u_his=12 (C:\WINDOWS\TEMP\_avast4_\unp11261286.tmp) returning error, 0000A474.

12/11/2006 16:55:42 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.01net.com/shopping/js/servicesV4.js? (C:\WINDOWS\TEMP\_avast4_\unp206872142.tmp) returning error, 0000A474.

12/11/2006 16:55:43 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://media.mediaplazza.com/t_15/64x64/CRDP143.jpg (C:\WINDOWS\TEMP\_avast4_\unp202776866.tmp) returning error, 0000A474.

12/11/2006 16:55:45 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://pagead2.googlesyndication.com/pagea...w=1280&u_ah (C:\WINDOWS\TEMP\_avast4_\unp217836149.tmp) returning error, 0000A474.

12/11/2006 16:55:47 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.01net.com/images/95953.jpg (C:\WINDOWS\TEMP\_avast4_\unp191167274.tmp) returning error, 0000A474.

12/11/2006 16:55:50 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://pagead2.googlesyndication.com/pagea...u_h=1024&u_ (C:\WINDOWS\TEMP\_avast4_\unp188759761.tmp) returning error, 0000A474.

12/11/2006 16:56:07 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://pagead2.googlesyndication.com/pagea...%2Ffiches%2F303 (C:\WINDOWS\TEMP\_avast4_\unp118716924.tmp) returning error, 0000A474.

12/11/2006 16:57:05 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://pagead2.googlesyndication.com/pagea...00040&color (C:\WINDOWS\TEMP\_avast4_\unp30808319.tmp) returning error, 0000A474.

12/11/2006 16:57:09 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://pagead2.googlesyndication.com/pagea...mp;color_link=0 (C:\WINDOWS\TEMP\_avast4_\unp206446078.tmp) returning error, 0000A474.

12/11/2006 16:57:11 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.zebulon.fr/includes/espotting/c...s_dl.php?hits=2 (C:\WINDOWS\TEMP\_avast4_\unp267831953.tmp) returning error, 0000A474.

12/11/2006 16:57:28 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://pagead2.googlesyndication.com/pagea...bg=D3E5FA&c (C:\WINDOWS\TEMP\_avast4_\unp14711273.tmp) returning error, 0000A474.

12/11/2006 16:58:02 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://pagead2.googlesyndication.com/pagea...p;color_text=00 (C:\WINDOWS\TEMP\_avast4_\unp141930632.tmp) returning error, 0000A474.

12/11/2006 17:00:17 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://swicki.eurekster.com/scripts/hoverStates.js (C:\WINDOWS\TEMP\_avast4_\unp161831981.tmp) returning error, 0000A474.

12/11/2006 17:01:24 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://track2.mybloglog.com/js/jsserv.php?...006053021444888 (C:\WINDOWS\TEMP\_avast4_\unp148216767.tmp) returning error, 0000A474.

12/11/2006 17:01:24 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://ad.doubleclick.net/adi/gm.fleshbot/...00;ord=28003541? (C:\WINDOWS\TEMP\_avast4_\unp148057985.tmp) returning error, 0000A474.

12/11/2006 17:02:04 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.voissa.com/voissa.js (C:\WINDOWS\TEMP\_avast4_\unp156447934.tmp) returning error, 0000A474.

12/11/2006 17:02:08 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.voissa.com/favicon.ico (C:\WINDOWS\TEMP\_avast4_\unp154121319.tmp) returning error, 0000A474.

12/11/2006 17:02:12 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.postyourgirls.com/nov06/11/01/tn_07_jpg.jpg (C:\WINDOWS\TEMP\_avast4_\unp183373522.tmp) returning error, 0000A474.

12/11/2006 17:02:15 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://groovybus.com/porn_trailers/the_best_pov.jpg (C:\WINDOWS\TEMP\_avast4_\unp180189580.tmp) returning error, 0000A474.

12/11/2006 17:02:16 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.postyourgirls.com/nov06/11/03/tn_04_jpg.jpg (C:\WINDOWS\TEMP\_avast4_\unp72365711.tmp) returning error, 0000A474.

12/11/2006 17:02:17 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.postyourgirls.com/images/aff_thumbs/img40.jpg (C:\WINDOWS\TEMP\_avast4_\unp69451677.tmp) returning error, 0000A474.

12/11/2006 17:02:18 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.postyourgirls.com/images/aff_thumbs/img66.jpg (C:\WINDOWS\TEMP\_avast4_\unp83726613.tmp) returning error, 0000A474.

12/11/2006 17:02:20 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.postyourgirls.com/nov06/11/05/tn_02_jpg.jpg (C:\WINDOWS\TEMP\_avast4_\unp77419477.tmp) returning error, 0000A474.

12/11/2006 17:02:21 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.postyourgirls.com/images/aff_thumbs/img116.jpg (C:\WINDOWS\TEMP\_avast4_\unp75686149.tmp) returning error, 0000A474.

12/11/2006 17:02:22 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.postyourgirls.com/nov06/10/08/tn_08_jpg.jpg (C:\WINDOWS\TEMP\_avast4_\unp77409586.tmp) returning error, 0000A474.

12/11/2006 17:02:23 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.postyourgirls.com/nov06/10/02/tn_05_jpg.jpg (C:\WINDOWS\TEMP\_avast4_\unp73001494.tmp) returning error, 0000A474.

12/11/2006 17:02:23 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.postyourgirls.com/nov06/10/05/tn_04_jpg.jpg (C:\WINDOWS\TEMP\_avast4_\unp74491828.tmp) returning error, 0000A474.

12/11/2006 17:02:28 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.postyourgirls.com/nov06/09/06ca...l/tn_08_jpg.jpg (C:\WINDOWS\TEMP\_avast4_\unp90308249.tmp) returning error, 0000A474.

12/11/2006 17:02:32 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.postyourgirls.com/nov06/07/04/tn_01_jpg.jpg (C:\WINDOWS\TEMP\_avast4_\unp90487037.tmp) returning error, 0000A474.

12/11/2006 17:02:35 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.rabbitsreviews.com/images/newde...ogo_bottom2.jpg (C:\WINDOWS\TEMP\_avast4_\unp103449399.tmp) returning error, 0000A474.

12/11/2006 17:02:36 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.postyourgirls.com/c041nosiytoy.jpg (C:\WINDOWS\TEMP\_avast4_\unp85931540.tmp) returning error, 0000A474.

12/11/2006 17:02:43 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.onlyams.com/include/oodomimagerollover.js (C:\WINDOWS\TEMP\_avast4_\unp90221620.tmp) returning error, 0000A474.

12/11/2006 17:02:44 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://track.mybloglog.com/js/?mblID=2005062001222542 (C:\WINDOWS\TEMP\_avast4_\unp75848003.tmp) returning error, 0000A474.

12/11/2006 17:02:58 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.onlyams.com/images/v2/oa_35.jpg (C:\WINDOWS\TEMP\_avast4_\unp47017548.tmp) returning error, 0000A474.

12/11/2006 17:03:21 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://js7.clickzs.com/exgir-1.js (C:\WINDOWS\TEMP\_avast4_\unp149689351.tmp) returning error, 0000A474.

12/11/2006 17:03:32 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.onlyams.com/images/v2/maino.jpg (C:\WINDOWS\TEMP\_avast4_\unp176914693.tmp) returning error, 0000A474.

12/11/2006 17:03:33 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.verynude.net/dirty/images/dirty-main_10.jpg (C:\WINDOWS\TEMP\_avast4_\unp179386404.tmp) returning error, 0000A474.

12/11/2006 17:03:33 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.onlyams.com/images/v2/webmasterso.jpg (C:\WINDOWS\TEMP\_avast4_\unp179342398.tmp) returning error, 0000A474.

12/11/2006 17:03:33 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.onlyams.com/images/v2/rss20o.jpg (C:\WINDOWS\TEMP\_avast4_\unp172012774.tmp) returning error, 0000A474.

12/11/2006 17:03:33 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.onlyams.com/images/v2/commentrsso.jpg (C:\WINDOWS\TEMP\_avast4_\unp172081248.tmp) returning error, 0000A474.

12/11/2006 17:03:54 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.gallery-dump.com/minmax.js (C:\WINDOWS\TEMP\_avast4_\unp141003600.tmp) returning error, 0000A474.

12/11/2006 17:03:54 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.gallery-dump.com/favicon.ico (C:\WINDOWS\TEMP\_avast4_\unp260949356.tmp) returning error, 0000A474.

12/11/2006 17:03:57 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://pluginx.perfectgonzo.com/mov_dir/71...3432/index.html (C:\WINDOWS\TEMP\_avast4_\unp195680035.tmp) returning error, 0000A474.

12/11/2006 17:04:12 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://images.imagefap.com/images/thumb/939224158.jpg (C:\WINDOWS\TEMP\_avast4_\unp220721755.tmp) returning error, 0000A474.

12/11/2006 17:04:12 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://images.imagefap.com/images/thumb/1417717406.jpg (C:\WINDOWS\TEMP\_avast4_\unp220418242.tmp) returning error, 0000A474.

12/11/2006 17:04:12 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://images.imagefap.com/images/thumb/1419745330.jpg (C:\WINDOWS\TEMP\_avast4_\unp220846694.tmp) returning error, 0000A474.

12/11/2006 17:04:13 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://images.imagefap.com/images/thumb/1317570606.jpg (C:\WINDOWS\TEMP\_avast4_\unp220297773.tmp) returning error, 0000A474.

12/11/2006 17:04:13 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://images.imagefap.com/images/thumb/975844878.jpg (C:\WINDOWS\TEMP\_avast4_\unp220436702.tmp) returning error, 0000A474.

12/11/2006 17:04:13 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://images.imagefap.com/images/thumb/961766277.jpg (C:\WINDOWS\TEMP\_avast4_\unp221811216.tmp) returning error, 0000A474.

12/11/2006 17:04:13 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://images.imagefap.com/images/thumb/1190638475.jpg (C:\WINDOWS\TEMP\_avast4_\unp221588580.tmp) returning error, 0000A474.

12/11/2006 17:04:14 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://images.imagefap.com/images/thumb/644630191.jpg (C:\WINDOWS\TEMP\_avast4_\unp221036839.tmp) returning error, 0000A474.

12/11/2006 17:05:34 SYSTEM 1488 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://fr.yahoo.com/module/spirit/pa_modul...190881432762965 (C:\WINDOWS\TEMP\_avast4_\unp96115979.tmp) returning error, 0000A474.

04/12/2006 16:02:43 SYSTEM 1596 Sign of "Win32:Trojan-gen. {UPX!}" has been found in "C:\Program Files\eMule\Incoming\splinter cell chaos theory + CRACK + KEYGEN.exe" file.

19/12/2006 17:36:42 SYSTEM 1600 Function setifaceUpdatePackages() has failed. Return code is 0xC0000142, dwRes is C0000142.

19/12/2006 17:36:43 SYSTEM 1600 An error has occured while attempting to update. Please check the logs.

16/01/2007 23:17:36 SYSTEM 1644 Sign of "JS:Feebs [Wrm]" has been found in "http://www.xxxseek.org/popup/zpopup.cgi\unp66757356" file.

16/01/2007 23:28:58 SYSTEM 1644 Sign of "JS:Feebs [Wrm]" has been found in "http://www.advancedhunt.com/popup/zpopup.cgi\unp150979268" file.

27/01/2007 14:09:13 Propriétaire 1640 Sign of "Win32:Agent-DEI [Trj]" has been found in "C:\Program Files\eMule\Incoming\[Pc-Game] GT Legends crack and keygen.rar\[Pc-Game] GT Legends crack and keygen.exe" file.

27/01/2007 15:05:58 Propriétaire 1640 Sign of "Win32:Hidewindows-B [Tool]" has been found in "C:\Program Files\eMule\Incoming\GT Legends - PC Game Crack Patch Serial Keygen no-cd.rar\GT Legends - PC Game Crack Patch Serial Keygen no-cd.exe\Young.Girl.Teen.Sex.Orgy.Gang.Bang.Pic.2006.exe\LSASS.exe" file.

27/01/2007 15:08:54 Propriétaire 1640 Sign of "Win32:Iroffer-003 [Trj]" has been found in "C:\Program Files\eMule\Incoming\GT Legends - PC Game Crack Patch Serial Keygen no-cd.rar\GT Legends - PC Game Crack Patch Serial Keygen no-cd.exe\Young.Girl.Teen.Sex.Orgy.Gang.Bang.Pic.2006.exe\service.exe" file.

27/01/2007 15:10:35 Propriétaire 1640 Sign of "Win32:Hidewindows-B [Tool]" has been found in "C:\Program Files\eMule\Incoming\GT Legends - PC Game Crack Patch Serial Keygen no-cd.rar\GT Legends - PC Game Crack Patch Serial Keygen no-cd.exe\LSASS.exe" file.

27/01/2007 15:10:42 Propriétaire 1640 Sign of "Win32:Iroffer-003 [Trj]" has been found in "C:\Program Files\eMule\Incoming\GT Legends - PC Game Crack Patch Serial Keygen no-cd.rar\GT Legends - PC Game Crack Patch Serial Keygen no-cd.exe\service.exe" file.

28/01/2007 12:41:54 Propriétaire 1640 Sign of "Win32:Trojan-gen. {VC}" has been found in "C:\Program Files\eMule\Incoming\Crack Gt Legends (Multilanguage Version)(Run).rar\CRACK GT LEGENDS (MULTILANGUAGE VERSION)(RUN)\Deutsch\trembler.exe\trembler.exe" file.

28/01/2007 17:06:48 Propriétaire 1640 Sign of "Win32:Trojan-gen. {VC}" has been found in "C:\Program Files\eMule\Incoming\Crack Gt Legends (Multilanguage Version)(Run).rar\CRACK GT LEGENDS (MULTILANGUAGE VERSION)(RUN)\English\trembler.exe\trembler.exe" file.

28/01/2007 17:08:45 Propriétaire 1640 Sign of "Win32:Trojan-gen. {VC}" has been found in "C:\Program Files\eMule\Incoming\Crack Gt Legends (Multilanguage Version)(Run).rar\CRACK GT LEGENDS (MULTILANGUAGE VERSION)(RUN)\Español\trembler.exe\trembler.exe" file.

28/01/2007 17:08:49 Propriétaire 1640 Sign of "Win32:Trojan-gen. {VC}" has been found in "C:\Program Files\eMule\Incoming\Crack Gt Legends (Multilanguage Version)(Run).rar\CRACK GT LEGENDS (MULTILANGUAGE VERSION)(RUN)\Français\trembler.exe\trembler.exe" file.

28/01/2007 17:08:51 Propriétaire 1640 Sign of "Win32:Trojan-gen. {VC}" has been found in "C:\Program Files\eMule\Incoming\Crack Gt Legends (Multilanguage Version)(Run).rar\CRACK GT LEGENDS (MULTILANGUAGE VERSION)(RUN)\Italiano\trembler.exe\trembler.exe" file.

28/01/2007 17:08:54 Propriétaire 1640 Sign of "Win32:Trojan-gen. {VC}" has been found in "C:\Program Files\eMule\Incoming\Crack Gt Legends (Multilanguage Version)(Run).rar\CRACK GT LEGENDS (MULTILANGUAGE VERSION)(RUN)\Nederlands\trembler.exe\trembler.exe" file.

28/01/2007 17:09:08 Propriétaire 1640 Sign of "Win32:Trojan-gen. {VC}" has been found in "C:\Program Files\eMule\Incoming\Crack Gt Legends (Multilanguage Version)(Run).rar\CRACK GT LEGENDS (MULTILANGUAGE VERSION)(RUN)\Portugeses\Photos clara morgane, irina voronina, titia\trembler.exe\trembler.exe" file.

28/01/2007 17:09:19 Propriétaire 1640 Sign of "Win32:Trojan-gen. {VC}" has been found in "C:\Program Files\eMule\Incoming\Crack Gt Legends (Multilanguage Version)(Run).rar\CRACK GT LEGENDS (MULTILANGUAGE VERSION)(RUN)\Portugeses\trembler.exe\trembler.exe" file.

28/01/2007 23:19:02 Propriétaire 1640 Sign of "MS06-001 WMF Exploit" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\gl8xcccy.wmf" file.

30/01/2007 19:15:06 Propriétaire 1640 Sign of "Win32:Parite" has been found in "C:\Program Files\eMule\Temp25.part" file.

30/01/2007 20:41:55 Propriétaire 1640 Sign of "Win32:Agent-AWB [Adw]" has been found in "C:\Program Files\BSplayer_WhenUSave_Installer\SET35E.tmp" file.

30/01/2007 20:47:07 Propriétaire 1640 Sign of "Win32:Adware-gen. [Adw]" has been found in "http://www.bsplayer.com/wus/SetupInstRe.exe" file.

30/01/2007 20:47:34 Propriétaire 1640 Sign of "Win32:Adware-gen. [Adw]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\76azgrkj.exe" file.

30/01/2007 20:47:40 Propriétaire 1640 Sign of "Win32:Adware-gen. [Adw]" has been found in "C:\Documents and Settings\Propriétaire\Bureau\SetupInstRe.exe.part" file.

30/01/2007 20:47:51 Propriétaire 1640 Sign of "Win32:Adware-gen. [Adw]" has been found in "C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Mozilla\Firefox\Profiles\u00h52o7.default\Cache\DC5A8672d01" file.

30/01/2007 20:47:53 Propriétaire 1640 Sign of "Win32:Adware-gen. [Adw]" has been found in "C:\Documents and Settings\Propriétaire\Bureau\SetupInstRe.exe" file.

30/01/2007 20:48:07 Propriétaire 1640 Sign of "Win32:Adware-gen. [Adw]" has been found in "C:\Documents and Settings\Propriétaire\Bureau\SetupInstRe.exe" file.

30/01/2007 20:49:21 Propriétaire 1640 Sign of "Win32:Adware-gen. [Adw]" has been found in "C:\RECYCLER\S-1-5-21-2731321507-833163270-3340094774-1003\Dc31.exe" file.

22/02/2007 17:30:10 Propriétaire 4060 Sign of "Win32:Adware-gen. [Adw]" has been found in "C:\System Volume Information\_restore{D2B56700-B650-4C30-8071-D5EC1FCE58BB}\RP198\A0025998.exe" file.

25/03/2007 11:44:25 SYSTEM 1632 Sign of "Win32:CTX" has been found in "http://acs.pandasoftware.com/activescan/as5free/motor.cab\pskavs.DLL" file.

26/03/2007 17:48:47 Propriétaire 1624 Sign of "Win32:Medpas-2 [Adw]" has been found in "C:\WINDOWS\system32\shell32.exe" file.

26/03/2007 17:48:48 Propriétaire 1624 Sign of "Win32:Trojan-gen. {Other}" has been found in "C:\WINDOWS\system32\username.exe" file.

26/03/2007 17:48:48 Propriétaire 1624 Sign of "Win32:Trojan-gen. {Other}" has been found in "C:\WINDOWS\system32\wudupdate.exe" file.

26/03/2007 17:48:49 Propriétaire 1624 Sign of "Win32:Spyware-gen. [Trj]" has been found in "C:\WINDOWS\system32\sp2protect.exe" file.

26/03/2007 17:48:58 Propriétaire 1624 Sign of "Win32:Spyware-gen. [Trj]" has been found in "C:\WINDOWS\system32\sp2protect.exe" file.

26/03/2007 17:48:58 Propriétaire 1624 Sign of "Win32:Medpas-2 [Adw]" has been found in "C:\WINDOWS\system32\shell32.exe" file.

26/03/2007 17:48:58 Propriétaire 1624 Sign of "Win32:Trojan-gen. {Other}" has been found in "C:\WINDOWS\system32\wudupdate.exe" file.

26/03/2007 17:48:58 Propriétaire 1624 Sign of "Win32:Trojan-gen. {Other}" has been found in "C:\WINDOWS\system32\username.exe" file.

26/03/2007 17:53:26 Propriétaire 1624 Sign of "Win32:Medpas-2 [Adw]" has been found in "C:\WINDOWS\system32\shell32.exe" file.

26/03/2007 17:53:28 Propriétaire 1624 Sign of "Win32:Trojan-gen. {Other}" has been found in "C:\WINDOWS\system32\username.exe" file.

26/03/2007 17:53:29 Propriétaire 1624 Sign of "Win32:Trojan-gen. {Other}" has been found in "C:\WINDOWS\system32\wudupdate.exe" file.

26/03/2007 17:53:35 Propriétaire 1624 Sign of "Win32:Medpas-2 [Adw]" has been found in "C:\WINDOWS\system32\shell32.exe" file.

26/03/2007 17:53:35 Propriétaire 1624 Sign of "Win32:Trojan-gen. {Other}" has been found in "C:\WINDOWS\system32\wudupdate.exe" file.

26/03/2007 17:53:35 Propriétaire 1624 Sign of "Win32:Trojan-gen. {Other}" has been found in "C:\WINDOWS\system32\username.exe" file.

26/03/2007 17:55:11 Propriétaire 1624 Sign of "Win32:Medpas-2 [Adw]" has been found in "C:\WINDOWS\system32\shell32.exe" file.

26/03/2007 17:55:12 Propriétaire 1624 Sign of "Win32:Trojan-gen. {Other}" has been found in "C:\WINDOWS\system32\username.exe" file.

26/03/2007 17:55:14 Propriétaire 1624 Sign of "Win32:Trojan-gen. {Other}" has been found in "C:\WINDOWS\system32\wudupdate.exe" file.

26/03/2007 17:55:20 Propriétaire 1624 Sign of "Win32:Medpas-2 [Adw]" has been found in "C:\WINDOWS\system32\shell32.exe" file.

26/03/2007 17:55:20 Propriétaire 1624 Sign of "Win32:Trojan-gen. {Other}" has been found in "C:\WINDOWS\system32\wudupdate.exe" file.

26/03/2007 17:55:20 Propriétaire 1624 Sign of "Win32:Trojan-gen. {Other}" has been found in "C:\WINDOWS\system32\username.exe" file.

26/03/2007 23:13:06 Propriétaire 1624 Sign of "Win32:Medpas-2 [Adw]" has been found in "C:\WINDOWS\system32\shell32.exe" file.

26/03/2007 23:13:08 Propriétaire 1624 Sign of "Win32:Spyware-gen. [Trj]" has been found in "C:\WINDOWS\system32\sp2protect.exe" file.

26/03/2007 23:13:11 Propriétaire 1624 Sign of "Win32:Trojan-gen. {Other}" has been found in "C:\WINDOWS\system32\username.exe" file.

26/03/2007 23:13:16 Propriétaire 1624 Sign of "Win32:Trojan-gen. {Other}" has been found in "C:\WINDOWS\system32\wudupdate.exe" file.

29/03/2007 23:00:36 Propriétaire 1624 Sign of "Win32:Medpas-2 [Adw]" has been found in "C:\WINDOWS\system32\shell32.exe" file.

29/03/2007 23:00:38 Propriétaire 1624 Sign of "Win32:Spyware-gen. [Trj]" has been found in "C:\WINDOWS\system32\sp2protect.exe" file.

29/03/2007 23:00:41 Propriétaire 1624 Sign of "Win32:Trojan-gen. {Other}" has been found in "C:\WINDOWS\system32\username.exe" file.

29/03/2007 23:00:45 Propriétaire 1624 Sign of "Win32:Trojan-gen. {Other}" has been found in "C:\WINDOWS\system32\wudupdate.exe" file.

02/04/2007 17:15:29 SYSTEM 1640 Sign of "Win32:Spyware-gen. [Trj]" has been found in "C:\WINDOWS\system32\sp2protect.exe" file.

02/04/2007 17:15:31 SYSTEM 1640 Sign of "Win32:Medpas-2 [Adw]" has been found in "C:\WINDOWS\system32\shell32.exe" file.

02/04/2007 17:15:32 SYSTEM 1640 Sign of "Win32:Trojan-gen. {Other}" has been found in "C:\WINDOWS\system32\wudupdate.exe" file.

02/04/2007 17:15:32 SYSTEM 1640 Sign of "Win32:Trojan-gen. {Other}" has been found in "C:\WINDOWS\system32\username.exe" file.

02/04/2007 20:40:54 SYSTEM 1640 Sign of "JS:Feebs family" has been found in "http://xxx-files.biz/?id=xukru"'>http://xxx-files.biz/?id=xukru" file.

04/04/2007 13:12:09 SYSTEM 1680 Sign of "Win32:Spyware-gen. [Trj]" has been found in "C:\WINDOWS\system32\sp2protect.exe" file.

04/04/2007 13:12:11 SYSTEM 1680 Sign of "Win32:Medpas-2 [Adw]" has been found in "C:\WINDOWS\system32\shell32.exe" file.

04/04/2007 13:12:12 SYSTEM 1680 Sign of "Win32:Trojan-gen. {Other}" has been found in "C:\WINDOWS\system32\wudupdate.exe" file.

04/04/2007 13:12:12 SYSTEM 1680 Sign of "Win32:Trojan-gen. {Other}" has been found in "C:\WINDOWS\system32\username.exe" file.

07/04/2007 17:56:01 SYSTEM 1680 Sign of "Win32:Trojan-gen. {Other}" has been found in "C:\WINDOWS\system32\wudupdate.exe" file.

08/04/2007 17:56:01 SYSTEM 1680 Sign of "Win32:Medpas-2 [Adw]" has been found in "C:\WINDOWS\system32\shell32.exe" file.

09/04/2007 11:52:40 SYSTEM 1628 Sign of "Win32:Spyware-gen. [Trj]" has been found in "C:\WINDOWS\system32\sp2protect.exe" file.

09/04/2007 11:52:42 SYSTEM 1628 Sign of "Win32:Trojan-gen. {Other}" has been found in "C:\WINDOWS\system32\wudupdate.exe" file.

09/04/2007 11:52:42 SYSTEM 1628 Sign of "Win32:Trojan-gen. {Other}" has been found in "C:\WINDOWS\system32\username.exe" file.

09/04/2007 17:01:51 SYSTEM 1640 Sign of "Win32:Spyware-gen. [Trj]" has been found in "C:\WINDOWS\system32\sp2protect.exe" file.

09/04/2007 17:01:52 SYSTEM 1640 Sign of "Win32:Trojan-gen. {Other}" has been found in "C:\WINDOWS\system32\wudupdate.exe" file.

09/04/2007 17:01:53 SYSTEM 1640 Sign of "Win32:Trojan-gen. {Other}" has been found in "C:\WINDOWS\system32\username.exe" file.

10/04/2007 12:25:13 SYSTEM 1640 Sign of "JS:Feebs family" has been found in "http://xxx-files.biz/?id=xukru" file.

10/04/2007 22:51:16 SYSTEM 1640 Sign of "Win32:Spyware-gen. [Trj]" has been found in "C:\WINDOWS\system32\sp2protect.exe" file.

10/04/2007 22:52:17 SYSTEM 1640 Sign of "Win32:Trojan-gen. {Other}" has been found in "C:\WINDOWS\system32\username.exe" file.

10/04/2007 22:52:42 SYSTEM 1640 Sign of "Win32:Trojan-gen. {Other}" has been found in "C:\WINDOWS\system32\wudupdate.exe" file.

10/04/2007 23:24:53 SYSTEM 1640 Sign of "Win32:Spyware-gen. [Trj]" has been found in "C:\System Volume Information\_restore{D2B56700-B650-4C30-8071-D5EC1FCE58BB}\RP272\A0033224.exe" file.

10/04/2007 23:37:58 Propriétaire 2204 Sign of "Win32:Medpas-2 [Adw]" has been found in "C:\System Volume Information\_restore{D2B56700-B650-4C30-8071-D5EC1FCE58BB}\RP269\A0033072.exe" file.

11/04/2007 09:19:20 Propriétaire 2204 Sign of "Win32:Trojan-gen. {Other}" has been found in "C:\System Volume Information\_restore{D2B56700-B650-4C30-8071-D5EC1FCE58BB}\RP272\A0033225.exe" file.

11/04/2007 09:19:28 Propriétaire 2204 Sign of "Win32:Trojan-gen. {Other}" has been found in "C:\System Volume Information\_restore{D2B56700-B650-4C30-8071-D5EC1FCE58BB}\RP272\A0033226.exe" file.

14/05/2007 00:21:14 SYSTEM 1480 Sign of "Win32:Kapucen-B [Wrm]" has been found in "C:\Program Files\eMule\Incoming\CRACK+PATCHC- Richard Burns Rally fr ger eng.rar" file.

16/05/2007 06:22:57 SYSTEM 1512 AAVM - scanning warning: x_AavmCheckFileDirectEx [uNI]: C:\Program Files\eMule\Incoming\Splinter.Cell.Chaos.Theory.DVD.Multi5.verifier.divxorama.net.mdf (C:\Program Files\eMule\Incoming\Splinter.Cell.Chaos.Theory.DVD.Multi5.verifier.divxorama.net.mdf) returning error, 00000084.

04/06/2007 18:04:28 Propriétaire 1484 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\22exinjs.a9.exe\[uPX]" file.

04/06/2007 18:07:45 Propriétaire 1484 Sign of "Win32:Horst-GZ [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\32exhdda.9.exe\[uPX]" file.

04/06/2007 18:11:19 Propriétaire 1484 Sign of "Win32:Spambot-B [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\97exhm.txt.4.exe\[uPX]" file.

04/06/2007 20:07:36 Propriétaire 1484 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\88exinjs.a9.exe\[uPX]" file.

04/06/2007 20:29:54 Propriétaire 1484 Sign of "Win32:Horst-GZ [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\59exhdda.9.exe\[uPX]" file.

04/06/2007 20:29:57 Propriétaire 1484 Sign of "Win32:Spambot-B [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\17exhm.txt.4.exe\[uPX]" file.

04/06/2007 20:48:16 Propriétaire 1500 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\23exinjs.a9.exe\[uPX]" file.

04/06/2007 20:48:22 Propriétaire 1500 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\23exinjs.a9.exe\[uPX]" file.

04/06/2007 20:49:42 Propriétaire 1500 Sign of "Win32:Horst-GZ [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\8exhdda.9.exe\[uPX]" file.

04/06/2007 20:58:30 Propriétaire 1500 Sign of "Win32:Spambot-B [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\72exhm.txt.4.exe\[uPX]" file.

04/06/2007 22:27:29 Propriétaire 1500 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\60exinjs.a9.exe\[uPX]" file.

04/06/2007 22:27:38 Propriétaire 1500 Sign of "Win32:Horst-GZ [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\29exhdda.9.exe\[uPX]" file.

04/06/2007 22:27:41 Propriétaire 1500 Sign of "Win32:Spambot-B [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\4exhm.txt.4.exe\[uPX]" file.

04/06/2007 23:35:25 Propriétaire 1500 Sign of "Win32:Spambot-B [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\90exhm.txt.4.exe\[uPX]" file.

05/06/2007 00:32:56 Propriétaire 1500 Sign of "Win32:Spambot-B [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\60exhm.txt.4.exe\[uPX]" file.

05/06/2007 07:21:46 Propriétaire 1500 Sign of "Win32:Horst-GZ [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\11exhdda.9.exe\[uPX]" file.

05/06/2007 07:21:53 Propriétaire 1500 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\89exinjs.a9.exe\[uPX]" file.

05/06/2007 07:21:56 Propriétaire 1500 Sign of "Win32:Spambot-B [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\47exhm.txt.4.exe\[uPX]" file.

05/06/2007 07:22:01 Propriétaire 1500 Sign of "Win32:Spambot-B [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\56exhm.txt.4.exe\[uPX]" file.

05/06/2007 07:22:04 Propriétaire 1500 Sign of "Win32:Spambot-B [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\76exhm.txt.4.exe\[uPX]" file.

05/06/2007 07:22:06 Propriétaire 1500 Sign of "Win32:Spambot-B [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\31exhm.txt.4.exe\[uPX]" file.

05/06/2007 07:22:11 Propriétaire 1500 Sign of "Win32:Spambot-B [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\71exhm.txt.4.exe\[uPX]" file.

05/06/2007 07:22:14 Propriétaire 1500 Sign of "Win32:Spambot-B [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\88exhm.txt.4.exe\[uPX]" file.

05/06/2007 07:22:17 Propriétaire 1500 Sign of "Win32:Spambot-B [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\9exhm.txt.4.exe\[uPX]" file.

05/06/2007 07:22:20 Propriétaire 1500 Sign of "Win32:Spambot-B [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\57exhm.txt.4.exe\[uPX]" file.

05/06/2007 07:22:22 Propriétaire 1500 Sign of "Win32:Spambot-B [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\53exhm.txt.4.exe\[uPX]" file.

05/06/2007 07:22:25 Propriétaire 1500 Sign of "Win32:Spambot-B [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\35exhm.txt.4.exe\[uPX]" file.

05/06/2007 07:24:23 Propriétaire 1500 Sign of "Win32:Spambot-B [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\38exhm.txt.4.exe\[uPX]" file.

05/06/2007 08:04:13 Propriétaire 1500 Sign of "Win32:Spambot-B [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\85exhm.txt.4.exe\[uPX]" file.

05/06/2007 16:47:25 Propriétaire 1500 Sign of "Win32:Spambot-B [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\56exhm.txt.4.exe\[uPX]" file.

05/06/2007 16:47:31 Propriétaire 1500 Sign of "Win32:Spambot-B [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\43exhm.txt.4.exe\[uPX]" file.

05/06/2007 16:47:37 Propriétaire 1500 Sign of "Win32:Horst-GZ [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\9exhdda.9.exe\[uPX]" file.

05/06/2007 16:47:39 Propriétaire 1500 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\99exinjs.a9.exe\[uPX]" file.

05/06/2007 16:47:41 Propriétaire 1500 Sign of "Win32:Spambot-B [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\83exhm.txt.4.exe\[uPX]" file.

05/06/2007 16:47:44 Propriétaire 1500 Sign of "Win32:Spambot-B [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\45exhm.txt.4.exe\[uPX]" file.

05/06/2007 16:47:55 Propriétaire 1500 Sign of "Win32:Horst-GZ [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\99exhdda.9.exe\[uPX]" file.

05/06/2007 16:47:58 Propriétaire 1500 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\57exinjs.a9.exe\[uPX]" file.

05/06/2007 16:48:00 Propriétaire 1500 Sign of "Win32:Spambot-B [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\73exhm.txt.4.exe\[uPX]" file.

05/06/2007 16:48:04 Propriétaire 1500 Sign of "Win32:Spambot-B [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\66exhm.txt.4.exe\[uPX]" file.

05/06/2007 16:48:06 Propriétaire 1500 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\93exinjs.a9.exe\[uPX]" file.

05/06/2007 16:48:09 Propriétaire 1500 Sign of "Win32:Horst-GZ [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\97exhdda.9.exe\[uPX]" file.

05/06/2007 16:48:11 Propriétaire 1500 Sign of "Win32:Spambot-B [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\31exhm.txt.4.exe\[uPX]" file.

05/06/2007 16:48:13 Propriétaire 1500 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\60exinjs.a9.exe\[uPX]" file.

05/06/2007 16:48:15 Propriétaire 1500 Sign of "Win32:Horst-GZ [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\79exhdda.9.exe\[uPX]" file.

05/06/2007 16:48:17 Propriétaire 1500 Sign of "Win32:Spambot-B [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\90exhm.txt.4.exe\[uPX]" file.

05/06/2007 18:59:23 Propriétaire 1540 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\87exinjs.a9.exe\[uPX]" file.

05/06/2007 19:59:49 Propriétaire 1540 Sign of "Win32:Horst-GZ [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\62exhdda.9.exe\[uPX]" file.

05/06/2007 20:00:01 Propriétaire 1540 Sign of "Win32:Spambot-B [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\7exhm.txt.4.exe\[uPX]" file.

05/06/2007 20:23:17 Propriétaire 1540 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\30exinjs.a9.exe\[uPX]" file.

05/06/2007 20:51:42 Propriétaire 1540 Sign of "Win32:Horst-GZ [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\90exhdda.9.exe\[uPX]" file.

05/06/2007 20:51:45 Propriétaire 1540 Sign of "Win32:Spambot-B [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\33exhm.txt.4.exe\[uPX]" file.

05/06/2007 20:51:50 Propriétaire 1540 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\30exinjs.a9.exe\[uPX]" file.

05/06/2007 20:51:52 Propriétaire 1540 Sign of "Win32:Horst-GZ [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\90exhdda.9.exe\[uPX]" file.

05/06/2007 23:00:45 Propriétaire 1540 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\73exinjs.a9.exe\[uPX]" file.

06/06/2007 07:19:42 Propriétaire 1540 Sign of "Win32:Horst-GZ [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\3exhdda.9.exe\[uPX]" file.

06/06/2007 07:19:49 Propriétaire 1540 Sign of "Win32:Spambot-B [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\88exhm.txt.4.exe\[uPX]" file.

06/06/2007 07:19:53 Propriétaire 1540 Sign of "Win32:Spambot-B [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\92exhm.txt.4.exe\[uPX]" file.

06/06/2007 07:19:55 Propriétaire 1540 Sign of "Win32:Horst-GZ [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\19exhdda.9.exe\[uPX]" file.

06/06/2007 07:19:57 Propriétaire 1540 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\87exinjs.a9.exe\[uPX]" file.

06/06/2007 07:20:00 Propriétaire 1540 Sign of "Win32:Spambot-B [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\76exhm.txt.4.exe\[uPX]" file.

06/06/2007 07:20:02 Propriétaire 1540 Sign of "Win32:Horst-GZ [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\27exhdda.9.exe\[uPX]" file.

06/06/2007 07:20:04 Propriétaire 1540 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\1exinjs.a9.exe\[uPX]" file.

06/06/2007 07:20:05 Propriétaire 1540 Sign of "Win32:Spambot-B [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\27exhm.txt.4.exe\[uPX]" file.

06/06/2007 07:20:07 Propriétaire 1540 Sign of "Win32:Spambot-B [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\70exhm.txt.4.exe\[uPX]" file.

06/06/2007 07:20:09 Propriétaire 1540 Sign of "Win32:Spambot-B [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\94exhm.txt.4.exe\[uPX]" file.

06/06/2007 07:20:11 Propriétaire 1540 Sign of "Win32:Spambot-B [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\37exhm.txt.4.exe\[uPX]" file.

06/06/2007 07:20:13 Propriétaire 1540 Sign of "Win32:Spambot-B [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\78exhm.txt.4.exe\[uPX]" file.

06/06/2007 07:20:15 Propriétaire 1540 Sign of "Win32:Spambot-B [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\16exhm.txt.4.exe\[uPX]" file.

06/06/2007 07:20:17 Propriétaire 1540 Sign of "Win32:Spambot-B [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\78exhm.txt.4.exe\[uPX]" file.

06/06/2007 07:21:04 Propriétaire 1540 Sign of "Win32:Spambot-B [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\73exhm.txt.4.exe\[uPX]" file.

06/06/2007 07:21:05 Propriétaire 1540 Sign of "Win32:Spambot-B [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\36exhm.txt.4.exe\[uPX]" file.

06/06/2007 07:21:09 Propriétaire 1540 Sign of "Win32:Spambot-B [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\42exhm.txt.4.exe\[uPX]" file.

06/06/2007 07:21:11 Propriétaire 1540 Sign of "Win32:Spambot-B [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\73exhm.txt.4.exe\[uPX]" file.

06/06/2007 07:25:08 Propriétaire 3360 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\Documents and Settings\Propriétaire\Local Settings\Temp\30exinjs.a9.exe\[uPX]" file.

06/06/2007 07:25:17 Propriétaire 3360 Sign of "Win32:Horst-GZ [Trj]" has been found in "C:\Documents and Settings\Propriétaire\Local Settings\Temp\90exhdda.9.exe\[uPX]" file.

06/06/2007 07:45:18 Propriétaire 1540 Sign of "Win32:Spambot-B [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\97exhm.txt.4.exe\[uPX]" file.

06/06/2007 15:18:01 Propriétaire 1540 Sign of "Win32:Spambot-B [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\23exhm.txt.4.exe\[uPX]" file.

06/06/2007 15:18:07 Propriétaire 1540 Sign of "Win32:Spambot-B [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\12exhm.txt.4.exe\[uPX]" file.

06/06/2007 15:18:11 Propriétaire 1540 Sign of "Win32:Spambot-B [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\53exhm.txt.4.exe\[uPX]" file.

06/06/2007 15:18:15 Propriétaire 1540 Sign of "Win32:Spambot-B [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\18exhm.txt.4.exe\[uPX]" file.

06/06/2007 15:18:20 Propriétaire 1540 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\79exinjs.a9.exe\[uPX]" file.

06/06/2007 15:18:25 Propriétaire 1540 Sign of "Win32:Horst-GZ [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\22exhdda.9.exe\[uPX]" file.

06/06/2007 15:18:28 Propriétaire 1540 Sign of "Win32:Spambot-B [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\96exhm.txt.4.exe\[uPX]" file.

06/06/2007 15:18:33 Propriétaire 1540 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\76exinjs.a9.exe\[uPX]" file.

06/06/2007 15:18:36 Propriétaire 1540 Sign of "Win32:Horst-GZ [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\10exhdda.9.exe\[uPX]" file.

06/06/2007 15:18:39 Propriétaire 1540 Sign of "Win32:Spambot-B [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\48exhm.txt.4.exe\[uPX]" file.

06/06/2007 16:20:12 Propriétaire 1540 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\41exinjs.a9.exe\[uPX]" file.

06/06/2007 16:39:49 Propriétaire 1540 Sign of "Win32:Horst-GZ [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\31exhdda.9.exe\[uPX]" file.

06/06/2007 16:39:51 Propriétaire 1540 Sign of "Win32:Spambot-B [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\98exhm.txt.4.exe\[uPX]" file.

06/06/2007 18:16:37 Propriétaire 1540 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\53exinjs.a9.exe\[uPX]" file.

06/06/2007 18:36:33 Propriétaire 1540 Sign of "Win32:Horst-GZ [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\11exhdda.9.exe\[uPX]" file.

06/06/2007 18:36:36 Propriétaire 1540 Sign of "Win32:Spambot-B [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\47exhm.txt.4.exe\[uPX]" file.

06/06/2007 19:25:21 Propriétaire 1540 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\70exinjs.a9.exe\[uPX]" file.

06/06/2007 20:24:47 Propriétaire 1540 Sign of "Win32:Horst-GZ [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\94exhdda.9.exe\[uPX]" file.

06/06/2007 20:24:59 Propriétaire 1540 Sign of "Win32:Spambot-B [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\65exhm.txt.4.exe\[uPX]" file.

06/06/2007 22:06:58 Propriétaire 1540 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\5exinjs.a9.exe\[uPX]" file.

07/06/2007 07:35:53 Propriétaire 1540 Sign of "Win32:Horst-GZ [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\54exhdda.9.exe\[uPX]" file.

07/06/2007 07:35:57 Propriétaire 1540 Sign of "Win32:Spambot-B [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\69exhm.txt.4.exe\[uPX]" file.

07/06/2007 07:36:00 Propriétaire 1540 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\79exinjs.a9.exe\[uPX]" file.

07/06/2007 07:36:02 Propriétaire 1540 Sign of "Win32:Horst-GZ [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\75exhdda.9.exe\[uPX]" file.

07/06/2007 07:36:04 Propriétaire 1540 Sign of "Win32:Spambot-B [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\91exhm.txt.4.exe\[uPX]" file.

07/06/2007 07:36:06 Propriétaire 1540 Sign of "Win32:Horst-GZ [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\97exhdda.9.exe\[uPX]" file.

07/06/2007 07:36:07 Propriétaire 1540 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\21exinjs.a9.exe\[uPX]" file.

07/06/2007 07:36:09 Propriétaire 1540 Sign of "Win32:Spambot-B [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\75exhm.txt.4.exe\[uPX]" file.

07/06/2007 07:36:11 Propriétaire 1540 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\57exinjs.a9.exe\[uPX]" file.

07/06/2007 07:36:13 Propriétaire 1540 Sign of "Win32:Horst-GZ [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\59exhdda.9.exe\[uPX]" file.

07/06/2007 07:36:14 Propriétaire 1540 Sign of "Win32:Spambot-B [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\88exhm.txt.4.exe\[uPX]" file.

07/06/2007 07:36:16 Propriétaire 1540 Sign of "Win32:Spambot-B [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\97exhm.txt.4.exe\[uPX]" file.

07/06/2007 07:36:19 Propriétaire 1540 Sign of "Win32:Spambot-B [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\26exhm.txt.4.exe\[uPX]" file.

07/06/2007 07:36:21 Propriétaire 1540 Sign of "Win32:Spambot-B [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\26exhm.txt.4.exe\[uPX]" file.

07/06/2007 07:37:02 Propriétaire 1540 Sign of "Win32:Horst-GZ [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\90exhdda.9.exe\[uPX]" file.

07/06/2007 07:37:12 Propriétaire 1540 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\22exinjs.a9.exe\[uPX]" file.

07/06/2007 07:37:15 Propriétaire 1540 Sign of "Win32:Spambot-B [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\25exhm.txt.4.exe\[uPX]" file.

07/06/2007 07:37:19 Propriétaire 1540 Sign of "Win32:Horst-GZ [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\86exhdda.9.exe\[uPX]" file.

07/06/2007 07:37:21 Propriétaire 1540 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\11exinjs.a9.exe\[uPX]" file.

07/06/2007 07:37:23 Propriétaire 1540 Sign of "Win32:Spambot-B [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\17exhm.txt.4.exe\[uPX]" file.

07/06/2007 07:37:25 Propriétaire 1540 Sign of "Win32:Horst-GZ [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\55exhdda.9.exe\[uPX]" file.

07/06/2007 07:37:27 Propriétaire 1540 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\9exinjs.a9.exe\[uPX]" file.

07/06/2007 07:37:28 Propriétaire 1540 Sign of "Win32:Spambot-B [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\57exhm.txt.4.exe\[uPX]" file.

07/06/2007 07:37:30 Propriétaire 1540 Sign of "Win32:Spambot-B [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\76exhm.txt.4.exe\[uPX]" file.

07/06/2007 07:37:34 Propriétaire 1540 Sign of "Win32:Spambot-B [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\26exhm.txt.4.exe\[uPX]" file.

07/06/2007 07:38:20 Propriétaire 1540 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\65exinjs.a9.exe\[uPX]" file.

07/06/2007 07:38:22 Propriétaire 1540 Sign of "Win32:Horst-GZ [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\41exhdda.9.exe\[uPX]" file.

07/06/2007 07:38:23 Propriétaire 1540 Sign of "Win32:Spambot-B [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\60exhm.txt.4.exe\[uPX]" file.

07/06/2007 07:38:24 Propriétaire 1540 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\65exinjs.a9.exe\[uPX]" file.

07/06/2007 07:38:26 Propriétaire 1540 Sign of "Win32:Horst-GZ [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\41exhdda.9.exe\[uPX]" file.

07/06/2007 07:38:28 Propriétaire 1540 Sign of "Win32:Spambot-B [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\60exhm.txt.4.exe\[uPX]" file.

07/06/2007 08:09:52 Propriétaire 1540 Sign of "Win32:Spambot-B [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\51exhm.txt.4.exe\[uPX]" file.

07/06/2007 17:27:28 Propriétaire 1540 Sign of "Win32:Spambot-B [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\29exhm.txt.4.exe\[uPX]" file.

07/06/2007 17:27:34 Propriétaire 1540 Sign of "Win32:Spambot-B [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\5exhm.txt.4.exe\[uPX]" file.

07/06/2007 17:27:37 Propriétaire 1540 Sign of "Win32:Spambot-B [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\88exhm.txt.4.exe\[uPX]" file.

07/06/2007 17:27:39 Propriétaire 1540 Sign of "Win32:Horst-GZ [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\16exhdda.9.exe\[uPX]" file.

07/06/2007 17:27:42 Propriétaire 1540 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\57exinjs.a9.exe\[uPX]" file.

07/06/2007 17:27:44 Propriétaire 1540 Sign of "Win32:Spambot-B [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\94exhm.txt.4.exe\[uPX]" file.

07/06/2007 17:27:46 Propriétaire 1540 Sign of "Win32:Spambot-B [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\74exhm.txt.4.exe\[uPX]" file.

07/06/2007 17:27:49 Propriétaire 1540 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\75exinjs.a9.exe\[uPX]" file.

07/06/2007 17:27:54 Propriétaire 1540 Sign of "Win32:Horst-GZ [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\91exhdda.9.exe\[uPX]" file.

07/06/2007 17:27:59 Propriétaire 1540 Sign of "Win32:Spambot-B [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\64exhm.txt.4.exe\[uPX]" file.

07/06/2007 17:28:07 Propriétaire 1540 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\8exinjs.a9.exe\[uPX]" file.

07/06/2007 17:28:10 Propriétaire 1540 Sign of "Win32:Horst-GZ [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\49exhdda.9.exe\[uPX]" file.

07/06/2007 17:28:14 Propriétaire 1540 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\15exinjs.a9.exe\[uPX]" file.

07/06/2007 17:28:17 Propriétaire 1540 Sign of "Win32:Horst-GZ [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\87exhdda.9.exe\[uPX]" file.

07/06/2007 17:28:21 Propriétaire 1540 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\15exinjs.a9.exe\[uPX]" file.

07/06/2007 17:30:01 Propriétaire 1540 Sign of "Win32:Horst-GZ [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\95exhdda.9.exe\[uPX]" file.

07/06/2007 17:30:07 Propriétaire 1540 Sign of "Win32:Horst-GZ [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\49exhdda.9.exe\[uPX]" file.

07/06/2007 17:42:34 Propriétaire 1540 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\90exinjs.a9.exe\[uPX]" file.

07/06/2007 18:01:20 Propriétaire 1540 Sign of "Win32:Horst-GZ [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\95exhdda.9.exe\[uPX]" file.

07/06/2007 18:20:28 Propriétaire 1540 Sign of "Win32:Spambot-B [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\50exhm.txt.4.exe\[uPX]" file.

07/06/2007 19:44:00 Propriétaire 1488 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\6exinjs.a9.exe\[uPX]" file.

07/06/2007 20:54:10 Propriétaire 1488 Sign of "Win32:Horst-GZ [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\96exhdda.9.exe\[uPX]" file.

07/06/2007 20:54:13 Propriétaire 1488 Sign of "Win32:Spambot-B [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\84exhm.txt.4.exe\[uPX]" file.

07/06/2007 21:00:46 Propriétaire 1488 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\33exinjs.a9.exe\[uPX]" file.

07/06/2007 21:01:08 Propriétaire 1488 Sign of "Win32:Horst-GZ [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\49exhdda.9.exe\[uPX]" file.

07/06/2007 21:06:51 Propriétaire 1488 Sign of "Win32:Spambot-B [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\71exhm.txt.4.exe\[uPX]" file.

07/06/2007 21:50:45 Propriétaire 1488 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\84exinjs.a9.exe\[uPX]" file.

07/06/2007 21:51:43 Propriétaire 1488 Sign of "Win32:Horst-GZ [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\7exhdda.9.exe\[uPX]" file.

07/06/2007 21:54:27 Propriétaire 1488 Sign of "Win32:Spambot-B [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\49exhm.txt.4.exe\[uPX]" file.

07/06/2007 21:54:34 Propriétaire 1488 Sign of "Win32:Spambot-B [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\49exhm.txt.4.exe\[uPX]" file.

07/06/2007 23:19:11 Propriétaire 1488 Sign of "Win32:Spambot-B [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\82exhm.txt.4.exe\[uPX]" file.

08/06/2007 07:37:50 Propriétaire 1488 Sign of "Win32:Horst-GZ [Trj]" has been found in "C:\Documents and Settings\Propriétaire\Local Settings\Temp\41exhdda.9.exe\[uPX]" file.

08/06/2007 07:37:57 Propriétaire 1488 Sign of "Win32:Spambot-B [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\55exhm.txt.4.exe\[uPX]" file.

08/06/2007 07:38:01 Propriétaire 1488 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\28exinjs.a9.exe\[uPX]" file.

08/06/2007 07:38:02 Propriétaire 1488 Sign of "Win32:Horst-GZ [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\63exhdda.9.exe\[uPX]" file.

08/06/2007 07:38:06 Propriétaire 1488 Sign of "Win32:Spambot-B [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\63exhm.txt.4.exe\[uPX]" file.

08/06/2007 07:38:08 Propriétaire 1488 Sign of "Win32:Spambot-B [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\60exhm.txt.4.exe\[uPX]" file.

08/06/2007 07:38:10 Propriétaire 1488 Sign of "Win32:Spambot-B [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\21exhm.txt.4.exe\[uPX]" file.

08/06/2007 07:38:11 Propriétaire 1488 Sign of "Win32:Spambot-B [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\79exhm.txt.4.exe\[uPX]" file.

08/06/2007 07:38:13 Propriétaire 1488 Sign of "Win32:Spambot-B [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\62exhm.txt.4.exe\[uPX]" file.

08/06/2007 07:38:14 Propriétaire 1488 Sign of "Win32:Spambot-B [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\84exhm.txt.4.exe\[uPX]" file.

08/06/2007 07:38:16 Propriétaire 1488 Sign of "Win32:Spambot-B [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\98exhm.txt.4.exe\[uPX]" file.

08/06/2007 07:38:17 Propriétaire 1488 Sign of "Win32:Spambot-B [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\81exhm.txt.4.exe\[uPX]" file.

08/06/2007 07:38:19 Propriétaire 1488 Sign of "Win32:Spambot-B [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\46exhm.txt.4.exe\[uPX]" file.

08/06/2007 07:38:20 Propriétaire 1488 Sign of "Win32:Spambot-B [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\73exhm.txt.4.exe\[uPX]" file.

08/06/2007 07:38:22 Propriétaire 1488 Sign of "Win32:Spambot-B [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\90exhm.txt.4.exe\[uPX]" file.

08/06/2007 07:38:24 Propriétaire 1488 Sign of "Win32:Spambot-B [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\65exhm.txt.4.exe\[uPX]" file.

08/06/2007 07:38:26 Propriétaire 1488 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\Documents and Settings\Propriétaire\Local Settings\Temp\65exinjs.a9.exe\[uPX]" file.

08/06/2007 07:59:24 Propriétaire 1488 Sign of "Win32:Horst-GZ [Trj]" has been found in "C:\Program Files\Alwil Software\Avast4\DATA\moved\7exhdda.9.exe.vir\[uPX]" file.

08/06/2007 17:30:19 Propriétaire 1488 Sign of "Win32:Spambot-B [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\9exhm.txt.4.exe\[uPX]" file.

08/06/2007 17:30:44 Propriétaire 1488 Sign of "Win32:Spambot-B [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\44exhm.txt.4.exe\[uPX]" file.

08/06/2007 17:30:45 Propriétaire 1488 Sign of "Win32:Spambot-B [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\98exhm.txt.4.exe\[uPX]" file.

08/06/2007 17:30:48 Propriétaire 1488 Sign of "Win32:Spambot-B [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\86exhm.txt.4.exe\[uPX]" file.

08/06/2007 17:30:53 Propriétaire 1488 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\89exinjs.a9.exe\[uPX]" file.

08/06/2007 17:30:56 Propriétaire 1488 Sign of "Win32:Horst-GZ [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\37exhdda.9.exe\[uPX]" file.

08/06/2007 17:31:01 Propriétaire 1488 Sign of "Win32:Spambot-B [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\89exhm.txt.4.exe\[uPX]" file.

08/06/2007 17:31:03 Propriétaire 1488 Sign of "Win32:Spambot-B [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\42exhm.txt.4.exe\[uPX]" file.

08/06/2007 17:31:04 Propriétaire 1488 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\94exinjs.a9.exe\[uPX]" file.

08/06/2007 17:31:06 Propriétaire 1488 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\74exinjs.a9.exe\[uPX]" file.

08/06/2007 17:31:55 Propriétaire 1488 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\22exinjs.a9.exe\[uPX]" file.

08/06/2007 18:40:44 Propriétaire 1488 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\69exinjs.a9.exe\[uPX]" file.

08/06/2007 19:38:56 Propriétaire 1488 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\80exinjs.a9.exe\[uPX]" file.

08/06/2007 20:05:06 Propriétaire 1488 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\15exinjs.a9.exe\[uPX]" file.

09/06/2007 10:47:24 Propriétaire 1488 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\2exinjs.a9.exe\[uPX]" file.

09/06/2007 10:47:36 Propriétaire 1488 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\75exinjs.a9.exe\[uPX]" file.

09/06/2007 10:47:39 Propriétaire 1488 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\73exinjs.a9.exe\[uPX]" file.

09/06/2007 10:47:41 Propriétaire 1488 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\86exinjs.a9.exe\[uPX]" file.

09/06/2007 10:47:43 Propriétaire 1488 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\47exinjs.a9.exe\[uPX]" file.

09/06/2007 10:47:44 Propriétaire 1488 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\65exinjs.a9.exe\[uPX]" file.

09/06/2007 10:47:46 Propriétaire 1488 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Tempexinjs.a9.exe\[uPX]" file.

09/06/2007 10:47:47 Propriétaire 1488 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\28exinjs.a9.exe\[uPX]" file.

09/06/2007 10:47:49 Propriétaire 1488 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\9exinjs.a9.exe\[uPX]" file.

09/06/2007 10:54:44 Propriétaire 1488 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\24exinjs.a9.exe\[uPX]" file.

 

Lien vers le commentaire
Partager sur d’autres sites

Thanos Devil Member !

Thanos

Posté(e)
Posté(e)

salut :P

 

Poste ces rapports stp>

 

1) Télécharge SDFix (créé par AndyManchesta) et sauvegarde le sur ton Bureau.

Double clique sur SDFix.exe et choisis Install pour l'extraire dans un dossier dédié sur le Bureau. Redémarre ton ordinateur en mode sans échec en suivant la procédure que voici :

  • Redémarre ton ordinateur
  • Après avoir entendu l'ordinateur biper lors du démarrage, mais avant que l'icône Windows apparaisse, tapote la touche F8 (une pression par seconde).
  • A la place du chargement normal de Windows, un menu avec différentes options devrait apparaître.
  • Choisis la première option, pour exécuter Windows en mode sans échec, puis appuie sur "Entrée".
  • Choisis ton compte.

Déroule la liste des instructions ci-dessous :

  • Ouvre le dossier SDFix qui vient d'être créé dans le répertoire C:\ et double clique sur RunThis.bat pour lancer le script.
  • Appuie sur Y pour commencer le processus de nettoyage.
  • Il va supprimer les services et les entrées du Registre de certains trojans trouvés puis te demandera d'appuyer sur une touche pour redémarrer.
  • Appuie sur une touche pour redémarrer le PC.
  • Ton système sera plus long pour redémarrer qu'à l'accoutumée car l'outil va continuer à s'exécuter et supprimer des fichiers.
  • Après le chargement du Bureau, l'outil terminera son travail et affichera Finished.
  • Appuie sur une touche pour finir l'exécution du script et charger les icônes de ton Bureau.
  • Les icônes du Bureau affichées, le rapport SDFix s'ouvrira à l'écran et s'enregistrera aussi dans le dossier SDFix sous le nom Report.txt.
  • Enfin, copie/colle le contenu du fichier Report.txt dans ta prochaine réponse sur le forum, avec un nouveau log Hijackthis !

2) Télécharge et lance DiagHelp comme montré dans ce tutoriel> http://www.malekal.com/DiagHelp/DiagHelp.php

Ne lance que l'option 1 et poste le rapport stp.Attention: n'oublie pas d'appuyer sur une touche lorsque cela te sera demandé à la fin du rapport Catchme.

Lien vers le commentaire
Partager sur d’autres sites
dave36 Member

dave36

Posté(e)
  • Auteur
Posté(e)

voici les differents rapports

--------------------------------

catchme

--------------------------------

catchme 0.3.692 W2K/XP/Vista - userland rootkit detector by Gmer, http://www.gmer.net

Rootkit scan 2007-06-09 16:55:26

Windows 5.1.2600 Service Pack 2 NTFS

 

scanning hidden files ...

 

scan completed successfully

hidden files: 0

 

---------------------------------

diaghelp

----------------------------------

 

DiagHelp version v1.1.1 - http://www.malekal.com

excute le 09/06/2007 à 16:55:11,37

 

 

Liste des derniers fichies modifies/crees dans windir\system32

C:\WINDOWS\System32/drivers\sp_rsdrv2.sys -->09/06/2007 10:48:33

C:\WINDOWS\System32/drivers\secdrv.sys -->03/05/2007 20:49:26

C:\WINDOWS\System32/drivers\aswmon.sys -->30/04/2007 17:41:55

C:\WINDOWS\System32/drivers\aswmon2.sys -->30/04/2007 17:41:42

C:\WINDOWS\System32/drivers\aswRdr.sys -->30/04/2007 17:39:41

C:\WINDOWS\System32/drivers\aswTdi.sys -->30/04/2007 17:38:51

C:\WINDOWS\System32/drivers\aavmker4.sys -->30/04/2007 17:37:23

 

C:\WINDOWS\System32\wpa.dbl -->09/06/2007 14:56:15

C:\WINDOWS\System32\FNTCACHE.DAT -->05/06/2007 18:47:36

C:\WINDOWS\System32\d3d9caps.dat -->01/06/2007 21:40:39

C:\WINDOWS\System32\CmdLineExt.dll -->28/05/2007 10:18:29

C:\WINDOWS\System32\CONFIG.NT -->09/05/2007 18:07:46

C:\WINDOWS\System32\aswBoot.exe -->30/04/2007 17:46:10

C:\WINDOWS\System32\AVASTSS.scr -->30/04/2007 17:35:28

C:\WINDOWS\System32\MRT.exe -->27/04/2007 22:45:12

C:\WINDOWS\System32\msi.dll -->18/04/2007 18:14:18

C:\WINDOWS\System32\CmdLineExt03.dll -->03/04/2007 20:38:47

C:\WINDOWS\System32\ieapfltr.dll -->03/04/2007 16:29:23

C:\WINDOWS\System32\ieapfltr.dat -->03/04/2007 06:36:20

C:\WINDOWS\System32\perfh00C.dat -->02/04/2007 17:17:01

C:\WINDOWS\System32\perfh009.dat -->02/04/2007 17:17:01

C:\WINDOWS\System32\perfc00C.dat -->02/04/2007 17:17:01

C:\WINDOWS\System32\perfc009.dat -->02/04/2007 17:17:01

C:\WINDOWS\System32\PerfStringBackup.INI -->02/04/2007 17:16:58

C:\WINDOWS\System32\Uninstall.ico -->25/03/2007 11:43:49

C:\WINDOWS\System32\pavas.ico -->25/03/2007 11:43:49

C:\WINDOWS\System32\Help.ico -->25/03/2007 11:43:49

C:\WINDOWS\System32\winsrv.dll -->17/03/2007 15:44:47

C:\WINDOWS\System32\xpsp3res.dll -->09/03/2007 13:51:20

C:\WINDOWS\System32\user32.dll -->08/03/2007 17:37:50

C:\WINDOWS\System32\mf3216.dll -->08/03/2007 17:37:50

C:\WINDOWS\System32\gdi32.dll -->08/03/2007 17:37:50

 

C:\WINDOWS\6-wlancfg.log -->09/06/2007 14:55:21

C:\WINDOWS.log -->09/06/2007 14:54:19

C:\WINDOWS\WindowsUpdate.log -->09/06/2007 14:54:12

C:\WINDOWS\wiadebug.log -->09/06/2007 14:54:12

C:\WINDOWS\wiaservc.log -->09/06/2007 14:54:09

C:\WINDOWS\bootstat.dat -->09/06/2007 14:53:18

C:\WINDOWS\ntbtlog.txt -->09/06/2007 14:32:09

C:\WINDOWS\SchedLgU.Txt -->09/06/2007 14:30:32

C:\WINDOWS\4-wlancfg.log -->09/06/2007 14:29:30

C:\WINDOWS\wmsetup.log -->09/06/2007 11:59:08

C:\WINDOWS\setupapi.log -->06/06/2007 18:47:40

C:\WINDOWS\SOF2.INI -->06/06/2007 15:42:01

C:\WINDOWS\Videodeluxe.INI -->05/06/2007 21:22:04

C:\WINDOWS\2-wlancfg.log -->05/06/2007 20:01:53

C:\WINDOWS\mgxoschk.ini -->05/06/2007 18:34:33

 

 

Le volume dans le lecteur C s'appelle HP_PAVILION

Le numéro de série du volume est AC2B-766D

 

Répertoire de C:\WINDOWS\system

 

07/05/1998 17:04 52 736 hpsysdrv.exe

1 fichier(s) 52 736 octets

0 Rép(s) 21 071 765 504 octets libres

Le volume dans le lecteur C s'appelle HP_PAVILION

Le numéro de série du volume est AC2B-766D

 

Répertoire de C:\WINDOWS\system32

 

20/08/2004 01:09 6 144 csrss.exe

1 fichier(s) 6 144 octets

0 Rép(s) 21 071 765 504 octets libres

Le volume dans le lecteur C s'appelle HP_PAVILION

Le numéro de série du volume est AC2B-766D

 

Répertoire de C:\WINDOWS\system32

 

19/08/2003 03:56 1 323 008 dmcpl.exe

1 fichier(s) 1 323 008 octets

0 Rép(s) 21 071 765 504 octets libres

 

Contenu de Downloaded Program Files

Le volume dans le lecteur C s'appelle HP_PAVILION

Le numéro de série du volume est AC2B-766D

 

Répertoire de C:\WINDOWS\Downloaded Program Files

 

25/03/2007 11:45 <REP> .

25/03/2007 11:45 <REP> ..

24/08/2006 08:28 141 424 asinst.dll

22/08/2006 09:06 537 asinst.inf

07/12/2004 17:07 32 bdcore.dll

25/05/2006 01:21 118 784 bdupd.dll

01/01/2003 17:38 65 desktop.ini

15/10/1997 02:52 697 DirectAnimation Java Classes.osd

25/05/2006 01:21 53 248 ipsupd.dll

16/03/2005 12:34 7 407 lang.ini

07/12/2004 17:07 32 libfn.dll

14/03/2005 14:38 126 live.ini

20/01/2000 23:25 1 162 Microsoft XML Parser for Java.osd

01/06/2006 02:57 1 331 oscan8.inf

01/06/2006 02:54 471 040 oscan8.ocx

31/05/2006 04:15 10 oscan81.ocx_x

14/03/2005 14:58 7 073 scanoptions.tsi

15 fichier(s) 802 968 octets

 

Total des fichiers listés :

15 fichier(s) 802 968 octets

2 Rép(s) 21 071 761 408 octets libres

 

Recherche de rootkit! (Merci S!Ri)

 

Recherche d'infections connues

 

Export des clefs sensibles..

 

Liste des fichiers en exception sur le pare-feu XP SP2

 

"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

"C:\\Program Files\\eMule\\emule.exe"="C:\\Program Files\\eMule\\emule.exe:*:Enabled:eMule"

"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"

"C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"

"K:\\hl2.exe"="K:\\hl2.exe:*:Enabled:hl2"

"C:\\Program Files\\TribalWeb.net\\tribalweb.exe"="C:\\Program Files\\TribalWeb.net\\tribalweb.exe:*:Enabled:TribalWeb.net : Réseau privé sur Internet"

 

"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"

"C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"

 

Export de la clef SharedTaskScheduler

 

[sharedTaskScheduler]

"{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Pré-chargeur Browseui"

"{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Démon de cache des catégories de composant"

 

Rechercher adresses sensibles dans le fichier HOSTS...

 

 

 

catchme 0.3.692 W2K/XP/Vista - userland rootkit detector by Gmer, http://www.gmer.net

Rootkit scan 2007-06-09 16:55:26

Windows 5.1.2600 Service Pack 2 NTFS

 

scanning hidden files ...

 

scan completed successfully

hidden files: 0

 

----------------------------------------

hijack

-----------------------------------------

 

 

Logfile of HijackThis v1.99.1

Scan saved at 17:06:16, on 09/06/2007

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16441)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

C:\Program Files\Alwil Software\Avast4\ashServ.exe

C:\WINDOWS\system32\spoolsv.exe

c:\program files\a-squared free\a2service.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\Explorer.EXE

C:\windows\system\hpsysdrv.exe

C:\Program Files\HP\Digital Imaging\Unload\hpqcmon.exe

C:\WINDOWS\System32\hphmon05.exe

C:\HP\KBD\KBD.EXE

C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe

C:\Program Files\Multimedia Card Reader\shwicon2k.exe

C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe

C:\Program Files\ATI Multimedia\main\ATIDtct.EXE

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Spyware Terminator\sp_rsser.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Inventel\Gateway\wlancfg.exe

C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

C:\Program Files\Alwil Software\Avast4\ashWebSv.exe

C:\WINDOWS\system32\wuauclt.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\WINDOWS\system32\cmd.exe

C:\WINDOWS\system32\cmd.exe

C:\Documents and Settings\Propriétaire\Bureau\DiagHelp\DiagHelp\grep.exe

C:\Program Files\WinRAR\WinRAR.exe

C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\Rar$EX00.672\HijackThis.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr10.hpwis.com/

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://srch-fr10.hpwis.com/

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://srch-fr10.hpwis.com/

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://srch-fr10.hpwis.com/

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr10.hpwis.com/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://srch-fr10.hpwis.com/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://fr10.hpwis.com/

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O3 - Toolbar: Vue HP - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\hpdtlk02.dll

O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe

O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe

O4 - HKLM\..\Run: [CamMonitor] c:\Program Files\HP\Digital Imaging\Unload\hpqcmon.exe

O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\System32\hphmon05.exe

O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE

O4 - HKLM\..\Run: [updateManager] "C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe" /r

O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect

O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE

O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe

O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe

O4 - HKLM\..\Run: [sunkist2k] C:\Program Files\Multimedia Card Reader\shwicon2k.exe

O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

O4 - HKLM\..\Run: [spywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"

O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook

O4 - HKCU\..\Run: [ATI Launchpad] "C:\Program Files\ATI Multimedia\main\launchpd.exe"

O4 - HKCU\..\Run: [ATI DeviceDetect] C:\Program Files\ATI Multimedia\main\ATIDtct.EXE

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - Startup: TribalWeb.lnk = C:\Program Files\TribalWeb.net\tribalweb.exe

O4 - Startup: TribalWeb.net.lnk = C:\Program Files\TribalWeb.net\tribalweb.exe

O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\shdocvw.dll

O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\shdocvw.dll

O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\WINDOWS\System32\shdocvw.dll

O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\WINDOWS\System32\shdocvw.dll

O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)

O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O11 - Options group: [iNTERNATIONAL] International*

O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.zebulon.fr/scan8/oscan8.cab

O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{8B695DA3-02B2-4DBC-8485-2F92D380EB62}: NameServer = 80.10.246.2,80.10.246.129

O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL

O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll

O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll

O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll

O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - c:\program files\a-squared free\a2service.exe

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe

O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe

O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe

O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)

O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)

O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe

O23 - Service: Spyware Terminator Clam Service (sp_clamsrv) - Crawler.com - C:\Program Files\WinClamAVShield\sp_clamsrv.exe

O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe

O23 - Service: Service de lancement de WlanCfg (Wlancfg) - Inventel - C:\Program Files\Inventel\Gateway\wlancfg.exe

-------------------------------------------

diaghelp option 2

---------------------------------------------

 

FPort v2.0 - TCP/IP Process to Port Mapper

Copyright 2000 by Foundstone, Inc.

http://www.foundstone.com

 

Pid Process Port Proto Path

1028 -> 135 TCP

4 System -> 139 TCP

4 System -> 445 TCP

2448 ashMaiSv -> 12025 TCP C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

2448 ashMaiSv -> 12110 TCP C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

2448 ashMaiSv -> 12119 TCP C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

2448 ashMaiSv -> 12143 TCP C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

2540 ashWebSv -> 1048 TCP C:\Program Files\Alwil Software\Avast4\ashWebSv.exe

2540 ashWebSv -> 1060 TCP C:\Program Files\Alwil Software\Avast4\ashWebSv.exe

2540 ashWebSv -> 1070 TCP C:\Program Files\Alwil Software\Avast4\ashWebSv.exe

2540 ashWebSv -> 1076 TCP C:\Program Files\Alwil Software\Avast4\ashWebSv.exe

2540 ashWebSv -> 12080 TCP C:\Program Files\Alwil Software\Avast4\ashWebSv.exe

2044 firefox -> 1033 TCP C:\Program Files\Mozilla Firefox\firefox.exe

2044 firefox -> 1034 TCP C:\Program Files\Mozilla Firefox\firefox.exe

2044 firefox -> 1037 TCP C:\Program Files\Mozilla Firefox\firefox.exe

2044 firefox -> 1038 TCP C:\Program Files\Mozilla Firefox\firefox.exe

2044 firefox -> 1047 TCP C:\Program Files\Mozilla Firefox\firefox.exe

2044 firefox -> 1059 TCP C:\Program Files\Mozilla Firefox\firefox.exe

2044 firefox -> 1069 TCP C:\Program Files\Mozilla Firefox\firefox.exe

2044 firefox -> 1075 TCP C:\Program Files\Mozilla Firefox\firefox.exe

588 sgtray -> 1083 TCP C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe

 

1028 -> 445 UDP

4 System -> 500 UDP

2448 ashMaiSv -> 138 UDP C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

2540 ashWebSv -> 1900 UDP C:\Program Files\Alwil Software\Avast4\ashWebSv.exe

2044 firefox -> 1029 UDP C:\Program Files\Mozilla Firefox\firefox.exe

2044 firefox -> 1062 UDP C:\Program Files\Mozilla Firefox\firefox.exe

2044 firefox -> 1066 UDP C:\Program Files\Mozilla Firefox\firefox.exe

2044 firefox -> 123 UDP C:\Program Files\Mozilla Firefox\firefox.exe

2044 firefox -> 137 UDP C:\Program Files\Mozilla Firefox\firefox.exe

2044 firefox -> 1900 UDP C:\Program Files\Mozilla Firefox\firefox.exe

2044 firefox -> 4500 UDP C:\Program Files\Mozilla Firefox\firefox.exe

 

 

 

PsList 1.26 - Process Information Lister

Copyright © 1999-2004 Mark Russinovich

Sysinternals - www.sysinternals.com

 

Process information for DAVID:

 

Name Pid Pri Thd Hnd VM WS Priv

Idle 0 0 1 0 0 16 0

System 4 8 67 1328 1904 48 0

smss 404 11 3 21 3828 76 164

csrss 700 13 13 549 26308 2336 1640

winlogon 728 13 22 441 51500 1600 6140

ati2evxx 188 8 5 72 25644 844 764

services 772 9 15 304 37788 1720 2036

ati2evxx 952 8 4 60 19688 372 584

svchost 968 8 19 221 62128 1920 3092

wmiprvse 2692 8 6 140 38064 1968 2780

svchost 1028 8 10 252 35196 1300 1728

svchost 1064 8 85 1368 133936 9040 13708

wuauclt 3304 8 7 166 62272 3748 6252

svchost 1108 8 7 84 30300 1376 1224

svchost 1204 8 15 207 38332 1032 1752

aswUpdSv 1440 8 3 27 16848 52 460

ashServ 1496 13 25 263 100284 11660 13960

sp_rsser 1620 8 10 97 49188 6012 15432

spoolsv 1760 8 14 136 43976 880 3276

a2service 1856 8 6 51 49788 288 5192

svchost 2036 8 8 130 36960 1748 2412

WLANCFG 2140 8 5 90 40308 1608 2356

ashMaiSv 2448 8 8 86 56516 588 3120

ashWebSv 2540 8 18 145 79576 7048 9776

alg 2780 8 3 75 31904 1340 1020

lsass 792 9 19 337 41268 1208 3572

explorer 372 8 22 641 99292 17500 17416

hpsysdrv 528 8 1 25 20184 288 480

HpqCmon 556 8 1 68 33568 616 1076

hphmon05 572 8 3 49 30976 1036 904

kbd 580 13 14 258 66280 1812 3544

sgtray 588 8 1 60 33788 2712 1300

atiptaxx 660 8 2 99 36596 492 2788

ashDisp 668 8 8 80 45148 888 2380

shwicon2k 676 4 1 44 30612 340 648

Spywareterminatorshield 1132 8 3 70 39760 1620 6744

atidtct 1292 8 1 58 30796 472 888

ctfmon 1344 8 1 68 30140 588 844

firefox 2044 8 13 221 100428 42156 32636

cmd 2972 8 1 20 14008 1624 1492

pslist 3280 13 2 81 17904 1760 756

 

ListDLLs v2.25 - DLL lister for Win9x/NT

Copyright © 1997-2004 Mark Russinovich

Sysinternals - www.sysinternals.com

 

------------------------------------------------------------------------------

explorer.exe pid: 372

Command line: C:\WINDOWS\Explorer.EXE

 

Base Size Version Path

0x7c800000 0x104000 5.01.2600.2945 C:\WINDOWS\system32\kernel32.dll

0x77ef0000 0x47000 5.01.2600.3099 C:\WINDOWS\system32\GDI32.dll

0x7e390000 0x90000 5.01.2600.3099 C:\WINDOWS\system32\USER32.dll

0x77f40000 0x76000 6.00.2900.3059 C:\WINDOWS\system32\SHLWAPI.dll

0x7c9d0000 0x823000 6.00.2900.3051 C:\WINDOWS\system32\SHELL32.dll

0x774a0000 0x13d000 5.01.2600.2726 C:\WINDOWS\system32\ole32.dll

0x75f10000 0xfd000 6.00.2900.3059 C:\WINDOWS\system32\BROWSEUI.dll

0x7e210000 0x171000 6.00.2900.3059 C:\WINDOWS\system32\SHDOCVW.dll

0x6fee0000 0x54000 5.01.2600.2976 C:\WINDOWS\system32\NETAPI32.dll

0x44080000 0xcf000 7.00.6000.16441 C:\WINDOWS\system32\WININET.dll

0x00400000 0x9000 6.00.5441.0000 C:\WINDOWS\system32\Normaliz.dll

0x43e00000 0x45000 7.00.6000.16441 C:\WINDOWS\system32\iertutil.dll

0x58b50000 0x9a000 5.82.2900.2982 C:\WINDOWS\system32\comctl32.dll

0x76f80000 0x7f000 2001.12.4414.0308 C:\WINDOWS\system32\CLBCATQ.DLL

0x77000000 0xd4000 2001.12.4414.0258 C:\WINDOWS\system32\COMRes.dll

0x76920000 0x8000 5.01.2600.2751 C:\WINDOWS\system32\LINKINFO.dll

0x76ac0000 0x11000 3.05.2284.0000 C:\WINDOWS\system32\ATL.DLL

0x44360000 0x5ca000 7.00.6000.16441 C:\WINDOWS\system32\ieframe.dll

0x44160000 0x124000 7.00.6000.16441 C:\WINDOWS\system32\urlmon.dll

0x442b0000 0x3c000 7.00.6000.16441 C:\WINDOWS\system32\webcheck.dll

0x76d10000 0x19000 5.01.2600.2912 C:\WINDOWS\system32\iphlpapi.dll

0x7d200000 0x2be000 3.01.4000.4039 C:\WINDOWS\system32\msi.dll

0x164a0000 0x23000 5.02.5721.5145 C:\WINDOWS\system32\WPDShServiceObj.dll

0x109c0000 0x2c000 5.02.5721.5145 C:\WINDOWS\system32\PortableDeviceTypes.dll

0x10930000 0x49000 5.02.5721.5145 C:\WINDOWS\system32\PortableDeviceApi.dll

0x72c60000 0x8000 5.01.2600.0000 C:\WINDOWS\system32\msacm32.drv

0x0ffd0000 0x28000 5.01.2600.2161 C:\WINDOWS\system32\rsaenh.dll

0x10000000 0x1a000 1.00.0000.0006 c:\Program Files\HP\Digital Imaging\bin\hpdtlk02.dll

0x73d20000 0xfe000 6.02.4131.0000 C:\WINDOWS\system32\MFC42.DLL

0x76010000 0x65000 6.02.3104.0000 C:\WINDOWS\system32\MSVCP60.dll

0x61d70000 0xe000 6.00.8665.0000 C:\WINDOWS\system32\MFC42LOC.DLL

0x01180000 0xe000 7.00.0000.1333 C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

0x7c340000 0x56000 7.10.3052.0004 C:\WINDOWS\system32\MSVCR71.dll

0x77210000 0xb1000 5.01.2600.3019 C:\WINDOWS\system32\SXS.DLL

0x74730000 0x3d000 3.525.1117.0000 C:\WINDOWS\system32\ODBC32.dll

0x02880000 0x18000 3.525.1117.0000 C:\WINDOWS\system32\odbcint.dll

0x02680000 0x1c000 7.00.0000.0000 C:\Program Files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll

0x60980000 0x7000 3.01.4000.1823 C:\WINDOWS\system32\MSISIP.DLL

0x74e10000 0x10000 5.06.0000.8820 C:\WINDOWS\System32\wshext.dll

0x59000000 0xe000 5.06.0000.6626 C:\WINDOWS\System32\wshFR.DLL

0x365a0000 0x15000 10.00.2625.0000 C:\PROGRA~1\MICROS~4\Office10\MCPS.DLL

 

ListDLLs v2.25 - DLL lister for Win9x/NT

Copyright © 1997-2004 Mark Russinovich

Sysinternals - www.sysinternals.com

 

No matching processes were found.

 

ListDLLs v2.25 - DLL lister for Win9x/NT

Copyright © 1997-2004 Mark Russinovich

Sysinternals - www.sysinternals.com

 

------------------------------------------------------------------------------

winlogon.exe pid: 728

Command line: winlogon.exe

 

Base Size Version Path

0x01000000 0x81000 \??\C:\WINDOWS\system32\winlogon.exe

0x7c800000 0x104000 5.01.2600.2945 C:\WINDOWS\system32\kernel32.dll

0x77680000 0x11000 5.01.2600.2622 C:\WINDOWS\system32\AUTHZ.dll

0x7e390000 0x90000 5.01.2600.3099 C:\WINDOWS\system32\USER32.dll

0x77ef0000 0x47000 5.01.2600.3099 C:\WINDOWS\system32\GDI32.dll

0x6fee0000 0x54000 5.01.2600.2976 C:\WINDOWS\system32\NETAPI32.dll

0x7c9d0000 0x823000 6.00.2900.3051 C:\WINDOWS\system32\SHELL32.dll

0x77f40000 0x76000 6.00.2900.3059 C:\WINDOWS\system32\SHLWAPI.dll

0x58b50000 0x9a000 5.82.2900.2982 C:\WINDOWS\system32\COMCTL32.dll

0x74730000 0x3d000 3.525.1117.0000 C:\WINDOWS\system32\ODBC32.dll

0x20000000 0x18000 3.525.1117.0000 C:\WINDOWS\system32\odbcint.dll

0x776a0000 0x24000 6.00.2900.3051 C:\WINDOWS\system32\SHSVCS.dll

0x774a0000 0x13d000 5.01.2600.2726 C:\WINDOWS\system32\ole32.dll

0x77210000 0xb1000 5.01.2600.3019 C:\WINDOWS\system32\sxs.dll

0x10000000 0x11000 6.14.0010.4124 C:\WINDOWS\system32\Ati2evxx.dll

0x0ffd0000 0x28000 5.01.2600.2161 C:\WINDOWS\system32\rsaenh.dll

0x01260000 0x3b000 1.07.0017.0000 C:\WINDOWS\system32\WgaLogon.dll

0x76f80000 0x7f000 2001.12.4414.0308 C:\WINDOWS\system32\CLBCATQ.DLL

0x77000000 0xd4000 2001.12.4414.0258 C:\WINDOWS\system32\COMRes.dll

0x76d10000 0x19000 5.01.2600.2912 C:\WINDOWS\system32\iphlpapi.dll

0x72c60000 0x8000 5.01.2600.0000 C:\WINDOWS\system32\msacm32.drv

 

ListDLLs v2.25 - DLL lister for Win9x/NT

Copyright © 1997-2004 Mark Russinovich

Sysinternals - www.sysinternals.com

 

------------------------------------------------------------------------------

services.exe pid: 772

Command line: C:\WINDOWS\system32\services.exe

 

Base Size Version Path

0x7c800000 0x104000 5.01.2600.2945 C:\WINDOWS\system32\kernel32.dll

0x7e390000 0x90000 5.01.2600.3099 C:\WINDOWS\system32\USER32.dll

0x77ef0000 0x47000 5.01.2600.3099 C:\WINDOWS\system32\GDI32.dll

0x77680000 0x11000 5.01.2600.2622 C:\WINDOWS\system32\AUTHZ.dll

0x7dbc0000 0x21000 5.01.2600.2744 C:\WINDOWS\system32\umpnpmgr.dll

0x6fee0000 0x54000 5.01.2600.2976 C:\WINDOWS\system32\NETAPI32.dll

0x76010000 0x65000 6.02.3104.0000 C:\WINDOWS\system32\MSVCP60.dll

0x774a0000 0x13d000 5.01.2600.2726 C:\WINDOWS\system32\ole32.dll

0x7c9d0000 0x823000 6.00.2900.3051 C:\WINDOWS\system32\SHELL32.dll

0x77f40000 0x76000 6.00.2900.3059 C:\WINDOWS\system32\SHLWAPI.dll

0x58b50000 0x9a000 5.82.2900.2982 C:\WINDOWS\system32\comctl32.dll

Le volume dans le lecteur C s'appelle HP_PAVILION

Le numéro de série du volume est AC2B-766D

 

Répertoire de C:\Program Files

 

07/06/2007 07:43 <REP> .

07/06/2007 07:43 <REP> ..

08/06/2007 18:42 <REP> a-squared Free

06/06/2007 18:36 <REP> Adobe

01/12/2006 14:38 <REP> Alcohol Soft

11/11/2006 23:56 <REP> Alwil Software

11/11/2006 23:14 <REP> ArcSoft

21/12/2006 11:48 <REP> ATI Multimedia

11/11/2006 23:13 <REP> ATI Technologies

11/11/2006 23:54 <REP> CCleaner

24/04/2007 18:49 <REP> CDBurnerXP Pro 3

01/01/2003 19:31 <REP> Common Files

01/01/2003 17:37 <REP> ComPlus Applications

31/05/2007 21:03 <REP> EA GAMES

11/11/2006 23:45 <REP> Easy Internet signup

09/06/2007 12:01 <REP> eMule

05/06/2007 18:34 <REP> Fichiers communs

30/01/2007 23:31 <REP> Gabest

22/02/2007 18:49 <REP> GameHouse

01/01/2003 19:21 <REP> Hewlett-Packard

01/01/2003 19:22 <REP> HP

01/01/2003 20:14 <REP> HP Pavilion PC Help

10/05/2007 07:23 <REP> Internet Explorer

11/11/2006 23:28 <REP> Inventel

01/01/2003 18:38 <REP> Java

01/06/2007 21:43 <REP> K-Lite Codec Pack

23/01/2007 08:43 <REP> Lavasoft

20/12/2006 18:39 <REP> Messenger

01/01/2003 17:39 <REP> microsoft frontpage

04/12/2006 18:55 <REP> Microsoft Office

04/12/2006 18:57 <REP> Microsoft Works

04/12/2006 18:50 <REP> Microsoft Works Suite 2004

19/12/2006 21:10 <REP> Movie Maker

09/06/2007 17:02 <REP> Mozilla Firefox

01/01/2003 17:36 <REP> MSN

01/01/2003 17:36 <REP> MSN Gaming Zone

05/04/2007 18:31 <REP> MSN Messenger

11/11/2006 23:13 <REP> Multimedia Card Reader

19/12/2006 21:07 <REP> NetMeeting

20/12/2006 18:32 <REP> Outlook Express

22/02/2007 18:11 <REP> PopCap Games

01/01/2003 19:50 <REP> RecordNow!

01/01/2003 20:20 <REP> Services en ligne

06/06/2007 15:35 <REP> Soldier of Fortune II - Double Helix

01/01/2003 19:50 <REP> Sonic

02/06/2007 12:17 <REP> Spybot - Search & Destroy

09/06/2007 11:07 <REP> Spyware Terminator

08/05/2007 19:59 <REP> TribalWeb.net

11/11/2006 23:37 <REP> Wanadoo

07/06/2007 17:29 <REP> WinClamAVShield

01/06/2007 21:43 <REP> Windows Media Connect 2

31/01/2007 00:12 <REP> Windows Media Player

19/12/2006 21:07 <REP> Windows NT

14/11/2006 08:45 <REP> WinRAR

28/01/2007 20:46 <REP> xerox

0 fichier(s) 0 octets

55 Rép(s) 21 106 622 464 octets libres

C:\Documents and Settings\All Users\Application Data\Spyware Terminator\sp_rsdel.exe

C:\Documents and Settings\Propriétaire\.housecall6.6\getMac.exe

C:\Documents and Settings\Propriétaire\.housecall6.6\patch.exe

C:\Documents and Settings\Propriétaire\Bureau\SDFix.exe

C:\Documents and Settings\Propriétaire\Bureau\DiagHelp\DiagHelp\catchme.exe

C:\Documents and Settings\Propriétaire\Bureau\DiagHelp\DiagHelp\diff.exe

C:\Documents and Settings\Propriétaire\Bureau\DiagHelp\DiagHelp\dumphive.exe

C:\Documents and Settings\Propriétaire\Bureau\DiagHelp\DiagHelp\FilesInfoCmd.exe

C:\Documents and Settings\Propriétaire\Bureau\DiagHelp\DiagHelp\find2.exe

C:\Documents and Settings\Propriétaire\Bureau\DiagHelp\DiagHelp\Fport.exe

C:\Documents and Settings\Propriétaire\Bureau\DiagHelp\DiagHelp\grep.exe

C:\Documents and Settings\Propriétaire\Bureau\DiagHelp\DiagHelp\KProcCheck.exe

C:\Documents and Settings\Propriétaire\Bureau\DiagHelp\DiagHelp\LFiles.exe

C:\Documents and Settings\Propriétaire\Bureau\DiagHelp\DiagHelp\LISTDLLS.exe

C:\Documents and Settings\Propriétaire\Bureau\DiagHelp\DiagHelp\pslist.exe

C:\Documents and Settings\Propriétaire\Bureau\DiagHelp\DiagHelp\streams.exe

C:\Documents and Settings\Propriétaire\Bureau\DiagHelp\DiagHelp\swreg.exe

C:\Documents and Settings\Propriétaire\Bureau\SDFix\catchme.exe

C:\Documents and Settings\Propriétaire\Bureau\SDFix\apps\cliptext.exe

C:\Documents and Settings\Propriétaire\Bureau\SDFix\apps\download.exe

C:\Documents and Settings\Propriétaire\Bureau\SDFix\apps\FIXPATH.EXE

C:\Documents and Settings\Propriétaire\Bureau\SDFix\apps\LS.exe

C:\Documents and Settings\Propriétaire\Bureau\SDFix\apps\MD5File.exe

C:\Documents and Settings\Propriétaire\Bureau\SDFix\apps\moveex.exe

C:\Documents and Settings\Propriétaire\Bureau\SDFix\apps\Process.exe

C:\Documents and Settings\Propriétaire\Bureau\SDFix\apps\RegDACL.exe

C:\Documents and Settings\Propriétaire\Bureau\SDFix\apps\RestartIt!.exe

C:\Documents and Settings\Propriétaire\Bureau\SDFix\apps\sc.exe

C:\Documents and Settings\Propriétaire\Bureau\SDFix\apps\SF.exe

C:\Documents and Settings\Propriétaire\Bureau\SDFix\apps\shutdown.exe

C:\Documents and Settings\Propriétaire\Bureau\SDFix\apps\swreg.exe

C:\Documents and Settings\Propriétaire\Bureau\SDFix\apps\swsc.exe

C:\Documents and Settings\Propriétaire\Bureau\SDFix\apps\unzip.exe

C:\Documents and Settings\Propriétaire\Bureau\SDFix\apps\zip.exe

C:\Documents and Settings\Propriétaire\Bureau\SDFix\apps\Replace\W2K.exe

C:\Documents and Settings\Propriétaire\Bureau\SDFix\apps\Replace\XP.exe

C:\Documents and Settings\Propriétaire\Bureau\SDFix\backups\attrib.exe

C:\Documents and Settings\Propriétaire\Bureau\SDFix\backups\find.exe

C:\Documents and Settings\Propriétaire\Bureau\SDFix\backups\findstr.exe

C:\Documents and Settings\Propriétaire\Bureau\SDFix\backups\regedit.exe

C:\Documents and Settings\Propriétaire\Mes documents\Jeux net\GTR.Fia.GT.Racing.Game.GERMAN-NCRYSO.Crack\GTR.exe

C:\Documents and Settings\Propriétaire\Mes documents\Jeux net\GTR.Fia.GT.Racing.Game.GERMAN-NCRYSO.Crack\alc192\setup.exe

 

 

--------------------

merci du tps passé,en espérant que tt ça fonctionne

Lien vers le commentaire
Partager sur d’autres sites
Thanos Devil Member !

Thanos

Posté(e)
Posté(e) (modifié)

salut :P

 

SDFix a fait le boulot, par contre tu as oublié de poster son rapport!! c'est important, aussi poste le au prochain message stp > C:\SDFix\Report.txt

 

Fais ce scan en ligne et poste le rapport >

 

Fais un scan en ligne avec Panda :

http://www.pandasoftware.fr/Activescan/Activescan.html .

Et poste le rapport qu'il t'affichera à la fin, pour cela, assure toi que IE est correctement configuré pour le scan en ligne comme indiqué ici : http://www.malekal.com/scan_Av_en_ligne.html#mozTocId898809 .

Si tu n'y arrives pas, le tuto est : http://www.malekal.com/scan_Av_en_ligne.html#mozTocId237368

 

Tu n'es pas obligé de donner ton email, tu peux utiliser une adresse jetable si tu le souhaites : http://www.jetable.org/fr/index

Attention!! Panda et Avast entrent en conflit, pour pouvoir télécharger le contrôle active x de Panda, il faut que tu désactives le bouclier web d'Avast le temps du scan.

 

En cas de souci >

  • Fais un scan en ligne Kaspersky avec Internet Explorer :
  • Clique sur bouton-scann1.jpg
  • Clique maintenant sur J'accepte.
  • Valide l'installation d'un ou de plusieurs ActiveX si c'est nécessaire.
  • Patiente pendant l'installation des Mises à jour.
  • Choisis par la suite l'analyse du Poste de travail
  • Sauvegarde puis colle le rapport généré en fin d'analyse.

AIDE : Configurer le contrôle des ActiveX

Note : Si tu reçois le message "La licence de Kaspersky On-line Scanner est périmée", vas dans Ajout/Suppression de programmes et désinstalle On-Line Scanner, reconnecte toi sur le site de Kaspersky pour retenter le scan en ligne.

 

EDIT :dave36, j'attire ton attention sur ceci (il y en a d'autres!)>

"Win32:Iroffer-003 [Trj]" has been found in "C:\Program Files\eMule\Incoming\GT Legends - PC Game Crack Patch Serial Keygen no-cd.rar

Il y a un nombre impressionnant de craks et keygens sur ce pc...! Dis toi bien que 90 % du temps, ce sont des infections déguisées!! Si tu regardes bien le dossier où ces cracks se trouvent (incoming), tu comprendras qu'ils infectent ton pc, mais aussi ceux des gens qui téléchargent depuis ton pc!

Fais gaffe avec l'utilisation des logiciels P2P!! ce sont les principaux vecteurs d'infection! Pour t'en convaincre, lis ces deux topics très clairs:

le premier est de Malekal et concerne les cracks => http://forum.malekal.com/sutra4492.php&amp...ght=cracks#4492

le second de Tesgaz concerne le P2P en général => http://forum.zebulon.fr/index.php?showtopic=85544

Les infections véhiculées pas le p2p sont une menace réelle!! par exemple le vers Worm.Win32_Sumom-A qui est un ver de messagerie instantanée et de réseaux peer-to-peer,se met dans le dossier incoming/Shared afin d'être expédié à toutes les personnes qui partagent tes téléchargements...=> http://www.virustraq.com/info_virus/10134/details/

Maintenant que tu sais, c'est à toi de voir... est ce que ca vaut le coup de risquer une grosse infection(et mettre tes données en peril)? .Ne prend pas ca comme de la morale, c'est pour ton info :P

@+

Modifié par charles ingals
Lien vers le commentaire
Partager sur d’autres sites
dave36 Member

dave36

Posté(e)
  • Auteur
Posté(e)

voici les rapports:

---------------------

report sdfix

---------------------

 

SDFix: Version 1.86

 

Run by Propri‚taire - 09/06/2007 - 14:42:05,90

 

Microsoft Windows XP [version 5.1.2600]

 

Running From: C:\DOCUME~1\PROPRI~1\Bureau\SDFix

 

Safe Mode:

Checking Services:

 

 

 

 

 

 

Restoring Windows Registry Values

Restoring Windows Default Hosts File

Restoring Missing Security Center Service

Restoring Missing SharedAccess Service

 

Rebooting...

 

 

Normal Mode:

Checking Files:

 

Below files will be copied to Backups folder then removed:

 

C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\injs.a9.exe.conf - Deleted

C:\WINDOWS\system\smss.exe - Deleted

 

 

 

Removing Temp Files...

 

ADS Check:

 

Checking if ADS is attached to system32 Folder

C:\WINDOWS\system32

No streams found.

 

Checking if ADS is attached to svchost.exe

C:\WINDOWS\system32\svchost.exe

No streams found.

 

Checking if ADS is attached to ntoskrnl.exe

C:\WINDOWS\system32\ntoskrnl.exe

No streams found.

 

 

 

Final Check:

 

Remaining Services:

------------------

 

 

 

Authorized Application Key Export:

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

"C:\\Program Files\\eMule\\emule.exe"="C:\\Program Files\\eMule\\emule.exe:*:Enabled:eMule"

"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"

"C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"

"K:\\hl2.exe"="K:\\hl2.exe:*:Enabled:hl2"

"C:\\Program Files\\TribalWeb.net\\tribalweb.exe"="C:\\Program Files\\TribalWeb.net\\tribalweb.exe:*:Enabled:TribalWeb.net : R‚seau priv‚ sur Internet"

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"

"C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"

 

Remaining Files:

---------------

 

Backups Folder: - C:\DOCUME~1\PROPRI~1\Bureau\SDFix\backups\backups.zip

 

Listing Files with Hidden Attributes:

 

C:\Documents and Settings\All Users\DRM\Cache\Indiv01.tmp

C:\Documents and Settings\Propri‚taire\Mes documents\T‚m‚raire\Elec-BC-Alarme\Alimentations elec -BC-perte\~WRL0001.tmp

 

Listing User Accounts:

 

comptes d'utilisateurs de \\DAVID

 

Administrateur HelpAssistant Invit‚

Propri‚taire SUPPORT_388945a0 SUPPORT_fddfa904

La commande s'est termin‚e correctement.

 

 

Finished

------------------------------

panda:rien de detecté donc pas de rapport accessible

------------------------------

 

kaspersky:3 virus trouvés mais pas de rapport présent!!??

 

-------------------------------

je pense qu'il y a encore des vilaines bêtes ds le coin....j'ai bien suivi les indications pour les scans donc je ne vois pas trop!!

merci de ton aide en attendant

bonne soirée

Lien vers le commentaire
Partager sur d’autres sites
Thanos Devil Member !

Thanos

Posté(e)
Posté(e)

salut :P

 

Ok merci pour le rapport SDFix qui confirme bien que ll'infection est éliminée.

Tu dis que Kaspersky a trouvé 3 infections? Habituellement il produit un rapport.

Est ce que tu as pu repérer l'emplacement de ces malwares?Est ce que ca ressemblait à ca ? >

 

C:\System Volume Information\_restore....etc ?

 

Poste moi stp un nouveau rapport DiagHelp et un rapport Hijackthis comme ceci >

 

Lance HijackThis.

Clique sur Open Misc Tools Section

Assure toi que les deux cases de droite sont bien cochées:

* List all minor sections(Full)

* List Empty Sections(Complete)

Clique sur Generate StartupList Log

Click sur "oui" lorsque l'on te le demande.

Cela va générer un rapport,copie le et poste le ici.

 

@+

Lien vers le commentaire
Partager sur d’autres sites
dave36 Member

dave36

Posté(e)
  • Auteur
Posté(e)

voila le rapport,effectivement je confirme :3 bêtes trouvés avec kasp mais pas de rapport!!

sinon l'ordi semble + stable

merci.

--------------------------------

 

StartupList report, 11/06/2007, 23:00:01

StartupList version: 1.52.2

Started from : C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\Rar$EX00.921\HijackThis.EXE

Detected: Windows XP SP2 (WinNT 5.01.2600)

Detected: Internet Explorer v7.00 (7.00.6000.16441)

* Using default options

* Including empty and uninteresting sections

* Showing rarely important sections

==================================================

 

Running processes:

 

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

C:\Program Files\Alwil Software\Avast4\ashServ.exe

C:\WINDOWS\system32\spoolsv.exe

c:\program files\a-squared free\a2service.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\Explorer.EXE

C:\windows\system\hpsysdrv.exe

C:\Program Files\HP\Digital Imaging\Unload\hpqcmon.exe

C:\WINDOWS\System32\hphmon05.exe

C:\HP\KBD\KBD.EXE

C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe

C:\Program Files\Multimedia Card Reader\shwicon2k.exe

C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe

C:\Program Files\ATI Multimedia\main\ATIDtct.EXE

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Spyware Terminator\sp_rsser.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Inventel\Gateway\wlancfg.exe

C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

C:\Program Files\Alwil Software\Avast4\ashWebSv.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\Rar$EX00.921\HijackThis.exe

 

--------------------------------------------------

 

Listing of startup folders:

 

Shell folders Startup:

[C:\Documents and Settings\Propriétaire\Menu Démarrer\Programmes\Démarrage]

TribalWeb.lnk = C:\Program Files\TribalWeb.net\tribalweb.exe

TribalWeb.net.lnk = C:\Program Files\TribalWeb.net\tribalweb.exe

 

Shell folders AltStartup:

*Folder not found*

 

User shell folders Startup:

*Folder not found*

 

User shell folders AltStartup:

*Folder not found*

 

Shell folders Common Startup:

[C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage]

Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE

 

Shell folders Common AltStartup:

*Folder not found*

 

User shell folders Common Startup:

*Folder not found*

 

User shell folders Alternate Common Startup:

*Folder not found*

 

--------------------------------------------------

 

Checking Windows NT UserInit:

 

[HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]

UserInit = C:\WINDOWS\system32\userinit.exe,

 

[HKLM\Software\Microsoft\Windows\CurrentVersion\Winlogon]

*Registry key not found*

 

[HKCU\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]

*Registry value not found*

 

[HKCU\Software\Microsoft\Windows\CurrentVersion\Winlogon]

*Registry key not found*

 

--------------------------------------------------

 

Autorun entries from Registry:

HKLM\Software\Microsoft\Windows\CurrentVersion\Run

 

hpsysdrv = c:\windows\system\hpsysdrv.exe

HotKeysCmds = C:\WINDOWS\System32\hkcmd.exe

CamMonitor = c:\Program Files\HP\Digital Imaging\Unload\hpqcmon.exe

HPHmon05 = C:\WINDOWS\System32\hphmon05.exe

KBD = C:\HP\KBD\KBD.EXE

UpdateManager = "C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe" /r

Recguard = C:\WINDOWS\SMINST\RECGUARD.EXE

NvCplDaemon = RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup

nwiz = nwiz.exe /installquiet /keeploaded /nodetect

AlcxMonitor = ALCXMNTR.EXE

PS2 = C:\WINDOWS\system32\ps2.exe

ATIPTA = C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe

Sunkist2k = C:\Program Files\Multimedia Card Reader\shwicon2k.exe

avast! = C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

SpywareTerminator = "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"

 

--------------------------------------------------

 

Autorun entries from Registry:

HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce

 

*No values found*

 

--------------------------------------------------

 

Autorun entries from Registry:

HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnceEx

 

*No values found*

 

--------------------------------------------------

 

Autorun entries from Registry:

HKLM\Software\Microsoft\Windows\CurrentVersion\RunServices

 

*No values found*

 

--------------------------------------------------

 

Autorun entries from Registry:

HKLM\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce

 

*Registry key not found*

 

--------------------------------------------------

 

Autorun entries from Registry:

HKCU\Software\Microsoft\Windows\CurrentVersion\Run

 

NVIEW = rundll32.exe nview.dll,nViewLoadHook

ATI Launchpad = "C:\Program Files\ATI Multimedia\main\launchpd.exe"

ATI DeviceDetect = C:\Program Files\ATI Multimedia\main\ATIDtct.EXE

ctfmon.exe = C:\WINDOWS\system32\ctfmon.exe

 

--------------------------------------------------

 

Autorun entries from Registry:

HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce

 

*No values found*

 

--------------------------------------------------

 

Autorun entries from Registry:

HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnceEx

 

*Registry key not found*

 

--------------------------------------------------

 

Autorun entries from Registry:

HKCU\Software\Microsoft\Windows\CurrentVersion\RunServices

 

*No values found*

 

--------------------------------------------------

 

Autorun entries from Registry:

HKCU\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce

 

*Registry key not found*

 

--------------------------------------------------

 

Autorun entries from Registry:

HKLM\Software\Microsoft\Windows NT\CurrentVersion\Run

 

*Registry key not found*

 

--------------------------------------------------

 

Autorun entries from Registry:

HKCU\Software\Microsoft\Windows NT\CurrentVersion\Run

 

*Registry key not found*

 

--------------------------------------------------

 

Autorun entries in Registry subkeys of:

HKLM\Software\Microsoft\Windows\CurrentVersion\Run

 

[OptionalComponents]

*No values found*

 

--------------------------------------------------

 

Autorun entries in Registry subkeys of:

HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce

*No subkeys found*

 

--------------------------------------------------

 

Autorun entries in Registry subkeys of:

HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnceEx

*No subkeys found*

 

--------------------------------------------------

 

Autorun entries in Registry subkeys of:

HKLM\Software\Microsoft\Windows\CurrentVersion\RunServices

*No subkeys found*

 

--------------------------------------------------

 

Autorun entries in Registry subkeys of:

HKLM\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce

*Registry key not found*

 

--------------------------------------------------

 

Autorun entries in Registry subkeys of:

HKCU\Software\Microsoft\Windows\CurrentVersion\Run

*No subkeys found*

 

--------------------------------------------------

 

Autorun entries in Registry subkeys of:

HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce

*No subkeys found*

 

--------------------------------------------------

 

Autorun entries in Registry subkeys of:

HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnceEx

*Registry key not found*

 

--------------------------------------------------

 

Autorun entries in Registry subkeys of:

HKCU\Software\Microsoft\Windows\CurrentVersion\RunServices

*No subkeys found*

 

--------------------------------------------------

 

Autorun entries in Registry subkeys of:

HKCU\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce

*Registry key not found*

 

--------------------------------------------------

 

Autorun entries in Registry subkeys of:

HKLM\Software\Microsoft\Windows NT\CurrentVersion\Run

*Registry key not found*

 

--------------------------------------------------

 

Autorun entries in Registry subkeys of:

HKCU\Software\Microsoft\Windows NT\CurrentVersion\Run

*Registry key not found*

 

--------------------------------------------------

 

File association entry for .EXE:

HKEY_CLASSES_ROOT\exefile\shell\open\command

 

(Default) = "%1" %*

 

--------------------------------------------------

 

File association entry for .COM:

HKEY_CLASSES_ROOT\comfile\shell\open\command

 

(Default) = "%1" %*

 

--------------------------------------------------

 

File association entry for .BAT:

HKEY_CLASSES_ROOT\batfile\shell\open\command

 

(Default) = "%1" %*

 

--------------------------------------------------

 

File association entry for .PIF:

HKEY_CLASSES_ROOT\piffile\shell\open\command

 

(Default) = "%1" %*

 

--------------------------------------------------

 

File association entry for .SCR:

HKEY_CLASSES_ROOT\scrfile\shell\open\command

 

(Default) = "%1" /S

 

--------------------------------------------------

 

File association entry for .HTA:

HKEY_CLASSES_ROOT\htafile\shell\open\command

 

(Default) = C:\WINDOWS\system32\mshta.exe "%1" %*

 

--------------------------------------------------

 

File association entry for .TXT:

HKEY_CLASSES_ROOT\txtfile\shell\open\command

 

(Default) = %SystemRoot%\system32\NOTEPAD.EXE %1

 

--------------------------------------------------

 

Enumerating Active Setup stub paths:

HKLM\Software\Microsoft\Active Setup\Installed Components

(* = disabled by HKCU twin)

 

[<{12d0ed0d-0ee0-4f90-8827-78cefb8f4988}] *

StubPath = C:\WINDOWS\system32\ieudinit.exe

 

[>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]

StubPath = C:\WINDOWS\inf\unregmp2.exe /ShowWMP

 

[>{26923b43-4d38-484f-9b9e-de460746276c}] *

StubPath = C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig

 

[>{60B49E34-C7CC-11D0-8953-00A0C90347FF}] *

StubPath = RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP

 

[>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}] *

StubPath = %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE

 

[{2C7339CF-2B09-4501-B3F3-F3508C9228ED}] *

StubPath = %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll

 

[{44BBA840-CC51-11CF-AAFA-00AA00B6015C}] *

StubPath = "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install

 

[{44BBA842-CC51-11CF-AAFA-00AA00B6015B}] *

StubPath = rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT

 

[{5945c046-1e7d-11d1-bc44-00c04fd912be}] *

StubPath = rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser

 

[{6BF52A52-394A-11d3-B153-00C04F79FAA6}] *

StubPath = rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp11.inf,PerUserStub

 

[{7790769C-0471-11d2-AF11-00C04FA35D02}] *

StubPath = "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install

 

[{89820200-ECBD-11cf-8B85-00AA005B4340}] *

StubPath = regsvr32.exe /s /n /i:U shell32.dll

 

[{89820200-ECBD-11cf-8B85-00AA005B4383}] *

StubPath = C:\WINDOWS\system32\ie4uinit.exe -BaseSettings

 

[{89B4C1CD-B018-4511-B0A1-5476DBF70820}] *

StubPath = C:\WINDOWS\System32\Rundll32.exe C:\WINDOWS\System32\mscories.dll,Install

 

[{8b15971b-5355-4c82-8c07-7e181ea07608}] *

StubPath = rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\fxsocm.inf,Fax.Install.PerUser

 

--------------------------------------------------

 

Enumerating ICQ Agent Autostart apps:

HKCU\Software\Mirabilis\ICQ\Agent\Apps

 

*Registry key not found*

 

--------------------------------------------------

 

Load/Run keys from C:\WINDOWS\WIN.INI:

 

load=*INI section not found*

run=*INI section not found*

 

Load/Run keys from Registry:

 

HKLM\..\Windows NT\CurrentVersion\WinLogon: load=*Registry value not found*

HKLM\..\Windows NT\CurrentVersion\WinLogon: run=*Registry value not found*

HKLM\..\Windows\CurrentVersion\WinLogon: load=*Registry key not found*

HKLM\..\Windows\CurrentVersion\WinLogon: run=*Registry key not found*

HKCU\..\Windows NT\CurrentVersion\WinLogon: load=*Registry value not found*

HKCU\..\Windows NT\CurrentVersion\WinLogon: run=*Registry value not found*

HKCU\..\Windows\CurrentVersion\WinLogon: load=*Registry key not found*

HKCU\..\Windows\CurrentVersion\WinLogon: run=*Registry key not found*

HKCU\..\Windows NT\CurrentVersion\Windows: load=

HKCU\..\Windows NT\CurrentVersion\Windows: run=*Registry value not found*

HKLM\..\Windows NT\CurrentVersion\Windows: load=*Registry value not found*

HKLM\..\Windows NT\CurrentVersion\Windows: run=*Registry value not found*

HKLM\..\Windows NT\CurrentVersion\Windows: AppInit_DLLs=

 

--------------------------------------------------

 

Shell & screensaver key from C:\WINDOWS\SYSTEM.INI:

 

Shell=*INI section not found*

SCRNSAVE.EXE=*INI section not found*

drivers=*INI section not found*

 

Shell & screensaver key from Registry:

 

Shell=Explorer.exe

SCRNSAVE.EXE=C:\WINDOWS\System32\ssmypics.scr

drivers=*Registry value not found*

 

Policies Shell key:

 

HKCU\..\Policies: Shell=*Registry value not found*

HKLM\..\Policies: Shell=*Registry value not found*

 

--------------------------------------------------

 

Checking for EXPLORER.EXE instances:

 

C:\WINDOWS\Explorer.exe: PRESENT!

 

C:\Explorer.exe: not present

C:\WINDOWS\Explorer\Explorer.exe: not present

C:\WINDOWS\System\Explorer.exe: not present

C:\WINDOWS\System32\Explorer.exe: not present

C:\WINDOWS\Command\Explorer.exe: not present

C:\WINDOWS\Fonts\Explorer.exe: not present

 

--------------------------------------------------

 

Checking for superhidden extensions:

 

.lnk: HIDDEN! (arrow overlay: yes)

.pif: HIDDEN! (arrow overlay: yes)

.exe: not hidden

.com: not hidden

.bat: not hidden

.hta: not hidden

.scr: not hidden

.shs: HIDDEN!

.shb: HIDDEN!

.vbs: not hidden

.vbe: not hidden

.wsh: not hidden

.scf: HIDDEN! (arrow overlay: NO!)

.url: HIDDEN! (arrow overlay: yes)

.js: not hidden

.jse: not hidden

 

--------------------------------------------------

 

Verifying REGEDIT.EXE integrity:

 

- Regedit.exe found in C:\WINDOWS

- .reg open command is normal (regedit.exe %1)

- Regedit.exe has no CompanyName property! It is either missing or named something else.

- Regedit.exe has no OriginalFilename property! It is either missing or named something else.

- Regedit.exe has no FileDescription property! It is either missing or named something else.

 

Registry check failed!

 

--------------------------------------------------

 

Enumerating Browser Helper Objects:

 

(no name) - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}

(no name) - (no file) - {7E853D72-626A-48EC-A868-BA8D5E23E045}

 

--------------------------------------------------

 

Enumerating Task Scheduler jobs:

 

*No jobs found*

 

--------------------------------------------------

 

Enumerating Download Program Files:

 

[CKAVWebScan Object]

InProcServer32 = C:\WINDOWS\system32\Kaspersky Lab\Kaspersky Online Scanner\kavwebscan.dll

CODEBASE = http://webscanner.kaspersky.fr/kavwebscan_unicode.cab

 

[bDSCANONLINE Control]

InProcServer32 = C:\WINDOWS\DOWNLO~1\oscan8.ocx

CODEBASE = http://www.zebulon.fr/scan8/oscan8.cab

 

[Java Plug-in 1.4.2]

InProcServer32 = C:\Program Files\Java\j2re1.4.2\bin\npjpi142.dll

CODEBASE = http://java.sun.com/products/plugin/autodl...indows-i586.cab

 

[ActiveScan Installer Class]

InProcServer32 = C:\WINDOWS\Downloaded Program Files\asinst.dll

CODEBASE = http://acs.pandasoftware.com/activescan/as5free/asinst.cab

 

[Java Plug-in 1.4.2]

InProcServer32 = C:\Program Files\Java\j2re1.4.2\bin\npjpi142.dll

CODEBASE = http://java.sun.com/products/plugin/autodl...indows-i586.cab

 

--------------------------------------------------

 

Enumerating Winsock LSP files:

 

NameSpace #1: C:\WINDOWS\System32\mswsock.dll

NameSpace #2: C:\WINDOWS\System32\winrnr.dll

NameSpace #3: C:\WINDOWS\System32\mswsock.dll

Protocol #1: C:\WINDOWS\system32\mswsock.dll

Protocol #2: C:\WINDOWS\system32\mswsock.dll

Protocol #3: C:\WINDOWS\system32\mswsock.dll

Protocol #4: C:\WINDOWS\system32\rsvpsp.dll

Protocol #5: C:\WINDOWS\system32\rsvpsp.dll

Protocol #6: C:\WINDOWS\system32\mswsock.dll

Protocol #7: C:\WINDOWS\system32\mswsock.dll

Protocol #8: C:\WINDOWS\system32\mswsock.dll

Protocol #9: C:\WINDOWS\system32\mswsock.dll

Protocol #10: C:\WINDOWS\system32\mswsock.dll

Protocol #11: C:\WINDOWS\system32\mswsock.dll

Protocol #12: C:\WINDOWS\system32\mswsock.dll

Protocol #13: C:\WINDOWS\system32\mswsock.dll

Protocol #14: C:\WINDOWS\system32\mswsock.dll

Protocol #15: C:\WINDOWS\system32\mswsock.dll

 

--------------------------------------------------

 

Enumerating Windows NT/2000/XP services

 

a-squared Free Service: c:\program files\a-squared free\a2service.exe (autostart)

a347bus: System32\DRIVERS\a347bus.sys (system)

a347scsi: System32\Drivers\a347scsi.sys (system)

Pilote ACPI Microsoft: System32\DRIVERS\ACPI.sys (system)

Suppresseur d'écho acoustique (Noyau Microsoft): system32\drivers\aec.sys (manual start)

Environnement de prise en charge de réseau AFD: \SystemRoot\System32\drivers\afd.sys (system)

Filtre de bus AGP Intel: System32\DRIVERS\agp440.sys (system)

Service for Realtek AC97 Audio (WDM): system32\drivers\ALCXWDM.SYS (manual start)

Avertissement: %SystemRoot%\System32\svchost.exe -k LocalService (disabled)

Service de la passerelle de la couche Application: %SystemRoot%\System32\alg.exe (manual start)

Pilote de processeur AMD K7: System32\DRIVERS\amdk7.sys (system)

Gestion d'applications: %SystemRoot%\system32\svchost.exe -k netsvcs (manual start)

Protocole client ARP 1394: System32\DRIVERS\arp1394.sys (manual start)

ASP.NET State Service: %SystemRoot%\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe (manual start)

avast! iAVS4 Control Service: "C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe" (autostart)

Pilote de média asynchrone RAS: System32\DRIVERS\asyncmac.sys (manual start)

Contrôleur de disque dur IDE/ESDI standard: System32\DRIVERS\atapi.sys (system)

Ati HotKey Poller: %SystemRoot%\system32\Ati2evxx.exe (autostart)

ATI Smart: C:\WINDOWS\system32\ati2sgag.exe (autostart)

ati2mtag: System32\DRIVERS\ati2mtag.sys (manual start)

Protocole client ATM ARP: System32\DRIVERS\atmarpc.sys (manual start)

Audio Windows: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)

Pilote audio Stub: System32\DRIVERS\audstub.sys (manual start)

avast! Antivirus: "C:\Program Files\Alwil Software\Avast4\ashServ.exe" (autostart)

avast! Mail Scanner: "C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (manual start)

avast! Web Scanner: "C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (manual start)

Service de transfert intelligent en arrière-plan: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)

Explorateur d'ordinateur: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)

Pilote de CD-ROM: System32\DRIVERS\cdrom.sys (system)

Service d'indexation: %SystemRoot%\system32\cisvc.exe (manual start)

Gestionnaire de l'Album: %SystemRoot%\system32\clipsrv.exe (disabled)

Application système COM+: C:\WINDOWS\System32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235} (manual start)

Services de cryptographie: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)

Lanceur de processus serveur DCOM: %SystemRoot%\system32\svchost -k DcomLaunch (autostart)

Client DHCP: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)

DHCP-Verwaltung: C:\Program Files\xerox\err\services.exe (autostart)

Pilote de disque: System32\DRIVERS\disk.sys (system)

Service d'administration du Gestionnaire de disque logique: %SystemRoot%\System32\dmadmin.exe /com (manual start)

dmboot: System32\drivers\dmboot.sys (disabled)

dmio: System32\drivers\dmio.sys (disabled)

dmload: System32\drivers\dmload.sys (disabled)

Gestionnaire de disque logique: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)

Synthétiseur DLS du noyau Microsoft: system32\drivers\DMusic.sys (manual start)

Client DNS: %SystemRoot%\System32\svchost.exe -k NetworkService (autostart)

Filtre de décodeur DRM (Noyau Microsoft): system32\drivers\drmkaud.sys (manual start)

Pilote de la carte EtherLink XL 90XB/C 3Com: System32\DRIVERS\el90xbc5.sys (manual start)

Service de rapport d'erreurs: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)

Journal des événements: %SystemRoot%\system32\services.exe (autostart)

Système d'événements de COM+: C:\WINDOWS\System32\svchost.exe -k netsvcs (manual start)

Compatibilité avec le Changement rapide d'utilisateur: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)

Fax: %systemroot%\system32\fxssvc.exe (manual start)

Pilote de contrôleur de lecteur de disquettes: System32\DRIVERS\fdc.sys (manual start)

Pilote de lecteur de disquettes: System32\DRIVERS\flpydisk.sys (manual start)

FltMgr: system32\drivers\fltmgr.sys (system)

Pilote du Gestionnaire de volume: System32\DRIVERS\ftdisk.sys (system)

Classificateur de paquets générique: System32\DRIVERS\msgpc.sys (manual start)

Aide et support: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)

Accès du périphérique d'interface utilisateur: %SystemRoot%\System32\svchost.exe -k netsvcs (disabled)

Pilote de classe HID Microsoft: system32\DRIVERS\hidusb.sys (manual start)

HSFHWBS2: System32\DRIVERS\HSFHWBS2.sys (manual start)

HSF_DP: System32\DRIVERS\HSF_DP.sys (manual start)

HTTP: System32\Drivers\HTTP.sys (manual start)

HTTP SSL: %SystemRoot%\System32\svchost.exe -k HTTPFilter (manual start)

Pilote pour clavier i8042 et souris sur port PS/2: System32\DRIVERS\i8042prt.sys (system)

ialm: System32\DRIVERS\ialmnt5.sys (manual start)

Pilote de filtre de gravure CD: System32\DRIVERS\imapi.sys (system)

Service COM de gravage de CD IMAPI: C:\WINDOWS\System32\imapi.exe (manual start)

IntelIde: System32\DRIVERS\intelide.sys (system)

Pilote de processeur Intel: System32\DRIVERS\intelppm.sys (system)

Pilote du pare-feu Windows IPv6: system32\drivers\ip6fw.sys (manual start)

Pilote de filtre de trafic IP: System32\DRIVERS\ipfltdrv.sys (manual start)

Pilote de tunnelage IP dans IP: System32\DRIVERS\ipinip.sys (manual start)

Traducteur d'adresses réseau IP: System32\DRIVERS\ipnat.sys (manual start)

Pilote IPSEC: System32\DRIVERS\ipsec.sys (system)

Service énumérateur IR: System32\DRIVERS\irenum.sys (manual start)

Pilote de bus Plug-and-Play ISA/EISA: System32\DRIVERS\isapnp.sys (system)

Pilote de la classe Clavier: System32\DRIVERS\kbdclass.sys (system)

Mélangeur audio Wave de noyau Microsoft: system32\drivers\kmixer.sys (manual start)

KProcCheck: System32\DRIVERS\KProcCheck.sys (manual start)

Serveur: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)

Station de travail: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)

Assistance TCP/IP NetBIOS: %SystemRoot%\System32\svchost.exe -k LocalService (autostart)

mdmxsdk: System32\DRIVERS\mdmxsdk.sys (autostart)

Affichage des messages: %SystemRoot%\System32\svchost.exe -k netsvcs (disabled)

Partage de Bureau à distance NetMeeting: C:\WINDOWS\System32\mnmsrvc.exe (manual start)

Pilote de la classe Souris: System32\DRIVERS\mouclass.sys (system)

Pilote HID de souris: System32\DRIVERS\mouhid.sys (manual start)

Redirecteur client WebDav: System32\DRIVERS\mrxdav.sys (manual start)

MRXSMB: System32\DRIVERS\mrxsmb.sys (system)

Distributed Transaction Coordinator: C:\WINDOWS\System32\msdtc.exe (manual start)

Windows Installer: C:\WINDOWS\System32\msiexec.exe /V (manual start)

Proxy de service de répartition Microsoft: system32\drivers\MSKSSRV.sys (manual start)

Proxy d'horloge de répartition Microsoft: system32\drivers\MSPCLOCK.sys (manual start)

Proxy de gestion de qualité de répartition Microsoft: system32\drivers\MSPQM.sys (manual start)

Pilote BIOS de gestion de systèmes Microsoft: System32\DRIVERS\mssmbios.sys (manual start)

Pilote TAPI NDIS d'accès distant: System32\DRIVERS\ndistapi.sys (manual start)

NDIS mode utilisateur E/S Protocole: System32\DRIVERS\ndisuio.sys (manual start)

Pilote réseau étendu NDIS d'accès distant: System32\DRIVERS\ndiswan.sys (manual start)

Interface NetBIOS: System32\DRIVERS\netbios.sys (system)

NetBT: System32\DRIVERS\netbt.sys (system)

DDE réseau: %SystemRoot%\system32\netdde.exe (disabled)

DSDM DDE réseau: %SystemRoot%\system32\netdde.exe (disabled)

Ouverture de session réseau: %SystemRoot%\System32\lsass.exe (manual start)

Connexions réseau: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)

Pilote réseau 1394: System32\DRIVERS\nic1394.sys (manual start)

NLA (Network Location Awareness): %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)

Fournisseur de la prise en charge de sécurité LM NT: %SystemRoot%\System32\lsass.exe (manual start)

Stockage amovible: %SystemRoot%\system32\svchost.exe -k netsvcs (manual start)

nv: System32\DRIVERS\nv4_mini.sys (manual start)

NVIDIA Driver Helper Service: %SystemRoot%\System32\nvsvc32.exe (autostart)

NVIDIA nForce AGP Bus Filter: System32\DRIVERS\nv_agp.sys (system)

Pilote de filtre de trafic IPX: System32\DRIVERS\nwlnkflt.sys (manual start)

Pilote de transfert de trafic IPX: System32\DRIVERS\nwlnkfwd.sys (manual start)

Contrôleur hôte NEC FireWarden IEEE 1394 compatible OHCI (Open Host Controller Interface): System32\DRIVERS\ohci1394.sys (system)

Pilote de port parallèle: System32\DRIVERS\parport.sys (manual start)

PCAMPR5 NDIS Protocol Driver: \??\C:\WINDOWS\System32\PCAMPR5.SYS (manual start)

PCANDIS5 NDIS Protocol Driver: \??\C:\WINDOWS\System32\PCANDIS5.SYS (manual start)

Pilote de bus PCI: System32\DRIVERS\pci.sys (system)

PCIIde: \SystemRoot\System32\DRIVERS\pciide.sys (disabled)

Padus ASPI Shell: system32\drivers\pfc.sys (manual start)

Plug-and-Play: %SystemRoot%\system32\services.exe (autostart)

Services IPSEC: %SystemRoot%\System32\lsass.exe (autostart)

Miniport réseau étendu (PPTP): System32\DRIVERS\raspptp.sys (manual start)

Pilote processeur: System32\DRIVERS\processr.sys (system)

StarForce Protection Environment Driver v6: \SystemRoot\System32\drivers\prodrv06.sys (system)

StarForce Protection Helper Driver v2: System32\drivers\prohlp02.sys (system)

StarForce Protection Synchronization Driver v1: System32\drivers\prosync1.sys (system)

Emplacement protégé: %SystemRoot%\system32\lsass.exe (autostart)

PS2: System32\DRIVERS\PS2.sys (manual start)

Planificateur de paquets QoS: System32\DRIVERS\psched.sys (manual start)

Pilote de liaison parallèle directe: System32\DRIVERS\ptilink.sys (manual start)

PxHelp20: System32\DRIVERS\PxHelp20.sys (system)

Pilote de connexion automatique d'accès distant: System32\DRIVERS\rasacd.sys (system)

Gestionnaire de connexion automatique d'accès distant: %SystemRoot%\System32\svchost.exe -k netsvcs (disabled)

Miniport réseau étendu (L2TP): System32\DRIVERS\rasl2tp.sys (manual start)

Gestionnaire de connexions d'accès distant: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)

Pilote PPPOE d'accès à distance: System32\DRIVERS\raspppoe.sys (manual start)

Parallèle direct: System32\DRIVERS\raspti.sys (manual start)

Rdbss: System32\DRIVERS\rdbss.sys (system)

RDPCDD: System32\DRIVERS\RDPCDD.sys (system)

Gestionnaire de session d'aide sur le Bureau à distance: C:\WINDOWS\system32\sessmgr.exe (manual start)

Pilote de filtre de lecture digitale de CD audio: System32\DRIVERS\redbook.sys (system)

Routage et accès distant: %SystemRoot%\System32\svchost.exe -k netsvcs (disabled)

Localisateur d'appels de procédure distante (RPC): %SystemRoot%\System32\locator.exe (manual start)

Appel de procédure distante (RPC): %SystemRoot%\system32\svchost -k rpcss (autostart)

QoS RSVP: %SystemRoot%\System32\rsvp.exe (manual start)

Realtek RTL8139/810x Family Fast Ethernet NIC NT Driver: System32\DRIVERS\R8139n51.SYS (manual start)

Gestionnaire de comptes de sécurité: %SystemRoot%\system32\lsass.exe (autostart)

Carte à puce: %SystemRoot%\System32\SCardSvr.exe (manual start)

Planificateur de tâches: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)

Secdrv: System32\DRIVERS\secdrv.sys (autostart)

Connexion secondaire: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)

Notification d'événement système: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)

Pilote de filtre Serenum: System32\DRIVERS\serenum.sys (manual start)

Pilote de port série: System32\DRIVERS\serial.sys (system)

StarForce Cure Driver (version 1.x): System32\drivers\sfcure01.sys (manual start)

StarForce Protection Environment Driver (version 1.x): System32\drivers\sfdrv01.sys (system)

StarForce Protection Helper Driver: System32\drivers\sfhlp01.sys (system)

StarForce Protection Helper Driver (version 2.x): System32\drivers\sfhlp02.sys (system)

StarForce Protection Synchronization Driver (version 2.x): System32\drivers\sfsync02.sys (system)

StarForce Protection VFS Driver (version 2.x): System32\drivers\sfvfs02.sys (system)

Windows Firewall/Internet Connection Sharing (ICS): %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)

Détection matériel noyau: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)

SiS163 usb Wireless LAN Adapter Driver: System32\DRIVERS\sis163u.sys (manual start)

SiS315: System32\DRIVERS\sisgrp.sys (manual start)

SiS AGP Filter: System32\DRIVERS\SISAGPX.sys (system)

SiSkp: System32\DRIVERS\srvkp.sys (system)

Splitter audio du noyau Microsoft: system32\drivers\splitter.sys (manual start)

Spouleur d'impression: %SystemRoot%\system32\spoolsv.exe (autostart)

Spyware Terminator Clam Service: C:\Program Files\WinClamAVShield\sp_clamsrv.exe (manual start)

Spyware Terminator Driver 2: \??\C:\WINDOWS\system32\drivers\sp_rsdrv2.sys (system)

Spyware Terminator Realtime Shield Service: C:\Program Files\Spyware Terminator\sp_rsser.exe (autostart)

Pilote de filtre de restauration système: System32\DRIVERS\sr.sys (system)

Service de restauration système: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)

Srv: System32\DRIVERS\srv.sys (manual start)

Service de découvertes SSDP: %SystemRoot%\System32\svchost.exe -k LocalService (manual start)

Acquisition d'image Windows (WIA): %SystemRoot%\System32\svchost.exe -k imgsvc (autostart)

Alcor Micro Corp - 9360: \??\C:\WINDOWS\System32\Drivers\sunkfilt.sys (manual start)

HP && Alcor Micro Corp for Phison: \??\C:\WINDOWS\System32\Drivers\sunkfiltp.sys (manual start)

Pilote de bus logiciel: System32\DRIVERS\swenum.sys (manual start)

Synthétiseur de table de sons GC noyau Microsoft: system32\drivers\swmidi.sys (manual start)

MS Software Shadow Copy Provider: C:\WINDOWS\System32\dllhost.exe /Processid:{CDDDA435-D8D7-420E-9821-39B0A17F117C} (manual start)

Périphérique audio système du noyau Microsoft: system32\drivers\sysaudio.sys (manual start)

Journaux et alertes de performance: %SystemRoot%\system32\smlogsvc.exe (manual start)

Téléphonie: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)

Pilote du protocole TCP/IP: System32\DRIVERS\tcpip.sys (system)

Pilote de périphérique terminal: System32\DRIVERS\termdd.sys (system)

Services Terminal Server: %SystemRoot%\System32\svchost -k DComLaunch (manual start)

Thèmes: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)

Client de suivi de lien distribué: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)

Pilote de mise à jour microcode: System32\DRIVERS\update.sys (manual start)

Hôte de périphérique universel Plug-and-Play: %SystemRoot%\System32\svchost.exe -k LocalService (manual start)

Onduleur: %SystemRoot%\System32\ups.exe (manual start)

Pilote USB audio (WDM): system32\drivers\usbaudio.sys (manual start)

Pilote parent générique USB Microsoft: System32\DRIVERS\usbccgp.sys (manual start)

Pilote miniport de contrôleur hôte amélioré USB 2.0 Microsoft: System32\DRIVERS\usbehci.sys (manual start)

Concentrateur USB2: System32\DRIVERS\usbhub.sys (manual start)

Pilote miniport de contrôleur hôte ouvert USB Microsoft: System32\DRIVERS\usbohci.sys (manual start)

Classe d'imprimantes USB Microsoft: System32\DRIVERS\usbprint.sys (manual start)

Pilote de scanneur USB: System32\DRIVERS\usbscan.sys (manual start)

Pilote de stockage de masse USB: System32\DRIVERS\USBSTOR.SYS (manual start)

Pilote miniport de contrôleur hôte universel USB Microsoft: System32\DRIVERS\usbuhci.sys (manual start)

Service Messenger Sharing Folders USN Journal Reader: "C:\Program Files\MSN Messenger\usnsvc.exe" (manual start)

Carte vidéo VGA.: \SystemRoot\System32\drivers\vga.sys (system)

VIA AGP Filter: System32\DRIVERS\viaagp1.sys (system)

viagfx: System32\DRIVERS\vtmini.sys (manual start)

ViaIde: \SystemRoot\System32\DRIVERS\viaide.sys (disabled)

Cliché instantané de volume: %SystemRoot%\System32\vssvc.exe (manual start)

Horloge Windows: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)

Pilote ARP IP d'accès distant: System32\DRIVERS\wanarp.sys (manual start)

Pilote WINMM de compatibilité audio WDM Microsoft: system32\drivers\wdmaud.sys (manual start)

WebClient: %SystemRoot%\System32\svchost.exe -k LocalService (autostart)

winachsf: System32\DRIVERS\HSF_CNXT.sys (manual start)

Infrastructure de gestion Windows: %systemroot%\system32\svchost.exe -k netsvcs (autostart)

Service de lancement de WlanCfg: C:\Program Files\Inventel\Gateway\wlancfg.exe SVC (autostart)

Service de numéro de série du lecteur multimédia portable: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)

Carte de performance WMI: C:\WINDOWS\System32\wbem\wmiapsrv.exe (manual start)

Service Partage réseau du Lecteur Windows Media: "C:\Program Files\Windows Media Player\wmpnetwk.exe" (manual start)

Security Center: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)

Mises à jour automatiques: %systemroot%\system32\svchost.exe -k netsvcs (autostart)

Windows Driver Foundation - User-mode Driver Framework Platform Driver: system32\DRIVERS\WudfPf.sys (manual start)

Windows Driver Foundation - User-mode Driver Framework Reflector: system32\DRIVERS\wudfrd.sys (manual start)

Windows Driver Foundation - User-mode Driver Framework: %SystemRoot%\system32\svchost.exe -k WudfServiceGroup (manual start)

Configuration automatique sans fil: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)

Service d'approvisionnement réseau: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)

Intel® Graphics Platform (SoftBIOS) Driver: system32\drivers\ialmsbw.sys (manual start)

Intel® Graphics Chipset (KCH) Driver: system32\drivers\ialmkchw.sys (manual start)

 

 

--------------------------------------------------

 

Enumerating Windows NT logon/logoff scripts:

*No scripts set to run*

 

Windows NT checkdisk command:

BootExecute = autocheck autochk *

 

Windows NT 'Wininit.ini':

PendingFileRenameOperations: *Registry value not found*

 

--------------------------------------------------

 

Enumerating ShellServiceObjectDelayLoad items:

 

PostBootReminder: C:\WINDOWS\system32\SHELL32.dll

CDBurn: C:\WINDOWS\system32\SHELL32.dll

WebCheck: C:\WINDOWS\system32\webcheck.dll

SysTray: C:\WINDOWS\System32\stobject.dll

WPDShServiceObj: C:\WINDOWS\system32\WPDShServiceObj.dll

 

--------------------------------------------------

Autorun entries from Registry:

HKCU\Software\Microsoft\Windows\CurrentVersion\policies\Explorer\Run

 

*Registry key not found*

 

--------------------------------------------------

 

Autorun entries from Registry:

HKLM\Software\Microsoft\Windows\CurrentVersion\policies\Explorer\Run

 

*Registry key not found*

 

--------------------------------------------------

 

End of report, 36 944 bytes

Report generated in 1,266 seconds

 

Command line options:

/verbose - to add additional info on each section

/complete - to include empty sections and unsuspicious data

/full - to include several rarely-important sections

/force9x - to include Win9x-only startups even if running on WinNT

/forcent - to include WinNT-only startups even if running on Win9x

/forceall - to include all Win9x and WinNT startups, regardless of platform

/history - to list version history only

------------------------------------------------------

 

bonne soirée

Lien vers le commentaire
Partager sur d’autres sites
Thanos Devil Member !

Thanos

Posté(e)
Posté(e)

salut :P

 

On va faire analyser en ligne ce fichier stp >

 

C:\Program Files\xerox\err\services.exe

 

Rend toi à cette adresse => http://www.virustotal.com/flash/index_en.html

 

Tu as une case nommée "Parcourir": tu cliques dessus et une fenêtre s'ouvre=> parcours ton disque dur , et recherche le fichier services.exe que tu trouveras en allant dans le dossier C:\Program Files\xerox\err

 

Tu cliques une fois sur le fichier services.exe (il prend une couleur bleue!) puis tu cliques sur "ouvrir" en bas de la fenêtre puis sur "send" .Le scan de ce fichier va débuter.Tu n'as plus qu'à sélectionner puis copier /coller l'analyse .

Note: les fichiers uploadés sont mis en attente, car le virusscan est sollicité! patiente (un message t'indique le temps que ce prendra pour faire analyser)

 

Si tu ne vois pas ce fichier, fais ceci d'abord >

 

Démarrer, Poste de travail ou autre dossier, Menu Outils, Option des dossiers, onglet Affichage :

Cocher la case : Afficher les fichiers et dossiers cachés

Décocher la case : Masquer les extensions des fichiers dont le type est connu

Décocher la case : Masquer les fichiers protégés du système d'exploitation

cliquer sur "Appliquer"

cliquer sur le bouton "Appliquer à tous les dossiers" / OK

 

Pour ce qui est du résultat de scan de Kaspersky, il s'agit certainement d'une détection sur la restauration système comme je te disait plus haut : on va s'en assurer à la fin .

 

Je te conseille fortement de mettre un parefeu sur ton pc! >

 

Voila quelques liens pour des pare-feux gratuits

 

Zone Alarm (2 versions )

Lien de téléchargement de la version FREE : http://dl2.zonelabs.com/bin/free/3301_fr/z..._737_000_fr.exe

Lien de téléchargement de la version PRO : http://www.zonelabs.com/store/content/cata...lid=dbtopnav_za

La version pro est payante après une période d'essai.

Tuto de Tesgaz pour la version pro : http://speedweb1.free.fr/frames2.php?page=tuto1

Tuto de Odsen pour la version free : http://benoit.aun.free.fr/securite-facile-php/zonealarm.php

 

Kerio (2 versions également)

Lien de téléchargement : http://www.sunbelt-software.com/evaluation/440/kerio.exe

Tuto de Malekal_morte : http://www.malekal.com/kerio_firewall.html

 

Jetico

Lien de téléchargement éditeur : http://www.jetico.com/

Lien de téléchargement sur Zebulon (en fr) : http://telechargement.zebulon.fr/license-1-225.html

Tuto de Odsen (lien site) : http://benoit.aun.free.fr/securite-facile-php/jetico.php

Tuto de Odsen (lien zeb) : http://forum.zebulon.fr/index.php?showtopic=93489

 

Outpost firewall free

Lien de téléchargement éditeur : http://www.agnitum.com/products/outpostfree/download.php

Tuto de Odsen (lien site) : http://securite-facile.ovh.org/outpost.php

 

La liste n'est pas exhaustive, il en existe d'autres gratuits, et d'autres avec plus de fonctions payants. Télécharge l'exécutable d'installation du pare-feu que tu auras choisi. Déconnecte toi, débranche physiquement ta connexion, et lance l'installation de ton pare-feu. Puis reconnecte toi et suis les instructions supplémentaires s'il y en a. Aide toi des tutos.

 

Je te conseille Kério ou Zone Alarme en version gratuite pour commencer, tu pourras en changer par la suite pour un pare-feu plus élaboré quand tu auras le temps de t'y plonger. Un pare-feu bien configuré, est garant de la sécurité du pc et de ta tranquilité .

 

@+

Lien vers le commentaire
Partager sur d’autres sites
dave36 Member

dave36

Posté(e)
  • Auteur
Posté(e)

apres le scan on a ceci:

----------------------------

Complete scanning result of "services.exe", received in VirusTotal at 06.12.2007, 20:51:37 (CET).

 

Antivirus Version Update Result

AhnLab-V3 2007.6.12.2 06.12.2007 no virus found

AntiVir 7.4.0.32 06.12.2007 no virus found

Authentium 4.93.8 06.12.2007 no virus found

Avast 4.7.997.0 06.12.2007 no virus found

AVG 7.5.0.467 06.12.2007 no virus found

BitDefender 7.2 06.12.2007 no virus found

CAT-QuickHeal 9.00 06.12.2007 no virus found

ClamAV devel-20070416 06.12.2007 no virus found

DrWeb 4.33 06.12.2007 no virus found

eSafe 7.0.15.0 06.12.2007 no virus found

eTrust-Vet 30.7.3713 06.12.2007 no virus found

Ewido 4.0 06.12.2007 Backdoor.Autohax.b

FileAdvisor 1 06.12.2007 no virus found

Fortinet 2.85.0.0 06.12.2007 no virus found

F-Prot 4.3.2.48 06.12.2007 no virus found

F-Secure 6.70.13030.0 06.12.2007 Backdoor.Win32.Autohax.b

Ikarus T3.1.1.8 06.12.2007 no virus found

Kaspersky 4.0.2.24 06.12.2007 Backdoor.Win32.Autohax.b

McAfee 5051 06.12.2007 no virus found

Microsoft 1.2503 06.12.2007 no virus found

NOD32v2 2325 06.12.2007 probably unknown NewHeur_PE virus

Norman 5.80.02 06.12.2007 no virus found

Panda 9.0.0.4 06.12.2007 Suspicious file

Prevx1 V2 06.12.2007 no virus found

Sophos 4.18.0 06.12.2007 no virus found

Sunbelt 2.2.907.0 06.09.2007 no virus found

Symantec 10 06.12.2007 no virus found

TheHacker 6.1.6.132 06.11.2007 no virus found

VBA32 3.12.0.1 06.11.2007 Backdoor.Win32.Autohax.b

VirusBuster 4.3.23:9 06.12.2007 no virus found

Webwasher-Gateway 6.0.1 06.12.2007 no virus found

 

Aditional Information

File size: 462848 bytes

MD5: aed98c246abf2f1f14c4468c4705f972

SHA1: 1cb3388aa5c4e56b20f14fc65a6a0dd723f73f96

 

 

--------------------------------------------------------------

voila le travil...je vais remettre zone alarm en fct (il ralentit quand meme pas mal le systeme!!! mais bon ....)

 

tiens moi au courant pour kaspersky.

merci de ton aide..

Lien vers le commentaire
Partager sur d’autres sites
Thanos Devil Member !

Thanos

Posté(e)
Posté(e)

salut :P

 

Pour commencer, j'aimerai que tu cliques sur cette url > http://upload.malekal.com/

Clique sur la case Parcourir : cela te permettra de naviguer dans les répertoires de ton disque dur.

Sélectionne ce fichier(que tu viens de faire analyser) > services.exe (dans C:\Program Files\xerox\err)

Clique sur le bouton Envoyer le fichier

 

Une fois ceci fait, continue comme ainsi >

 

1) Redémarre le pc en mode sans échec

 

2) Recherche le fichier suivant et élimine le >

 

C:\Program Files\xerox\err\services.exe

 

Profite en stp pour repérer s'il y a d'autres fichiers dans le dossier err (n'élimine rien d'autre)

 

3) Clique sur le menu Démarrer/Exécuter et tu tapes : services.msc

 

Cherche le service suivant:DHCP-Verwaltung et double clique dessus :

dans le champs"Status du service" met le sur "arrêté"

dans le champs"Type de démarrage" met le sur "désactivé"

puis clique sur "Appliquer" puis"ok"

 

Quitte les services.

 

4) Ouvre Hijackthis et clique sur "Open the misc tools section"=> puis "Delete an NT service".

  • la fenêtre "Delete a Windows NT service" va s'ouvrir
  • Dans la fenêtre qui s'ouvre, copie/colle ceci => DHCP-Verwaltung
    Note : assure-toi de ne pas mettre d'espace avant le nom du service que tu as copié/collé dans le champs.

  • clique sur OK
  • Une autre fenêtre devrait s'ouvrir, donnant des informations sur le service et demandant si tu veux re-démarrer.
  • Cliquer sur YES

Le pc devrait redémarrer : une fois ceci fait reposte stp un nouveau rapport hijackthis, comme le précédent.

 

@+

Lien vers le commentaire
Partager sur d’autres sites
  • Tonton a modifié le titre en PC infecté et lent

Rejoindre la conversation

Vous pouvez publier maintenant et vous inscrire plus tard. Si vous avez un compte, connectez-vous maintenant pour publier avec votre compte.
Remarque : votre message nécessitera l’approbation d’un modérateur avant de pouvoir être visible.

Invité
Répondre à ce sujet…

×   Collé en tant que texte enrichi.   Coller en tant que texte brut à la place

  Seulement 75 émoticônes maximum sont autorisées.

×   Votre lien a été automatiquement intégré.   Afficher plutôt comme un lien

×   Votre contenu précédent a été rétabli.   Vider l’éditeur

×   Vous ne pouvez pas directement coller des images. Envoyez-les depuis votre ordinateur ou insérez-les depuis une URL.

×
 Partager
Aller sur la liste des sujets

  • En ligne récemment   0 membre est en ligne

    • Aucun utilisateur enregistré regarde cette page.
×
×
  • Créer...