Un nouveau à pédales chez les Ferrari

Thanos · le 17 janvier 2006

Bonjour mi-lion

tu dois en avoir autant ras-le-bol que moi, je suis vraiment désolé

Non, c'est moi qui suis désolé de ne pas pouvoir mieux t'aider: c'est pas toujours évident lorsque l'on est pas devant le pc pour les manipulations! C'est vrai que ca doit pas être facile pour toi(toutes ces choses à faire en même temps) mais bon, tu a déjà appris quelques trucs;c'est l'aspect positif de la chose!

ad blocked by KFP

L'alerte suivante montre que c'est dans les options de Kério qu'il faut aller voir.

Ouvre kério et vas voir sous l'onglet "internet",puis dans"Publicité'=> dans le menu "Contenu web" décoche les cases "bloquer javascript , activex . N'oublie pas de cliquer en bas sur " Aplliquer" et "Ok" pour valider la modification apportée.

Réessaie le scan en ligne et dis si ca marche.Maintenant que tu as correctement paramétré IE ,ca devrait aller!

Aller courage :-P

Modifié le 17 janvier 2006 par charles ingals

mi-lion · le 17 janvier 2006

hellosalut, hello salut !

Charles ingals, on va peut-être arriver à quelque chose... je te montre? non, lis

- oui, il est où ton écran ?

- là

- où ça ?

- ben là !

- c'est ton écran ça, je croyais que c'était un pad posé debout ?!!

- un tas de boue oui, je sais.

alors après avoir :

"bloquer les JavaScripts" décoché

"bloquer les VBScripts" coché

"bloquer les activeX" décoché

on est bien d'accord : 2 décochés, 1 coché (ou alors j'aurai dù comprendre sans qu'on me tienne la main qu'il fallait décocher les 3 )

voila donc kaspersky, ça a pris du temps

-------------------------------------------------------------------------------

KASPERSKY ON-LINE SCANNER REPORT

Tuesday, January 17, 2006 19:58:22

Operating System: Microsoft Windows XP Professional, Service Pack 1 (Build 2600)

Kaspersky On-line Scanner version: 5.0.67.0

Kaspersky Anti-Virus database last update: 17/01/2006

Kaspersky Anti-Virus database records: 171561

-------------------------------------------------------------------------------

Scan Settings:

Scan using the following antivirus database: extended

Scan Archives: true

Scan Mail Bases: true

Scan Target - My Computer:

A:\

C:\

D:\

E:\

Scan Statistics:

Total number of scanned objects: 35117

Number of viruses found: 13

Number of infected objects: 16

Number of suspicious objects: 0

Duration of the scan process: 8604 sec

Infected Object Name - Virus Name

C:\System Volume Information\_restore{54C79B87-50ED-408D-9C29-FE9CD2FE5AC9}\RP132\A0040509.exe Infected: Trojan.Win32.StartPage.afj

C:\System Volume Information\_restore{54C79B87-50ED-408D-9C29-FE9CD2FE5AC9}\RP132\A0040510.exe Infected: Trojan-Downloader.Win32.Zlob.ap

C:\System Volume Information\_restore{54C79B87-50ED-408D-9C29-FE9CD2FE5AC9}\RP137\A0040787.exe Infected: Trojan-Downloader.Win32.Zlob.ap

C:\System Volume Information\_restore{54C79B87-50ED-408D-9C29-FE9CD2FE5AC9}\RP138\A0040989.tlb Infected: Trojan.Win32.StartPage.afu

C:\System Volume Information\_restore{54C79B87-50ED-408D-9C29-FE9CD2FE5AC9}\RP139\A0041030.exe Infected: Trojan.Win32.StartPage.adh

C:\System Volume Information\_restore{54C79B87-50ED-408D-9C29-FE9CD2FE5AC9}\RP139\A0041084.exe Infected: Trojan-Dropper.Win32.Small.ahh

C:\System Volume Information\_restore{54C79B87-50ED-408D-9C29-FE9CD2FE5AC9}\RP139\A0041085.exe Infected: Trojan.Win32.StartPage.adh

C:\System Volume Information\_restore{54C79B87-50ED-408D-9C29-FE9CD2FE5AC9}\RP143\A0043237.exe Infected: Trojan-Downloader.Win32.Zlob.bu

C:\System Volume Information\_restore{8955EFC7-4543-48D3-8AFA-B7287F448D8D}\RP56\A0015520.exe Infected: Trojan-Downloader.Win32.Zlob.dk

C:\System Volume Information\_restore{8955EFC7-4543-48D3-8AFA-B7287F448D8D}\RP57\A0017521.exe Infected: Trojan.Win32.Agent.il

C:\System Volume Information\_restore{8955EFC7-4543-48D3-8AFA-B7287F448D8D}\RP57\A0017535.exe Infected: Trojan-Downloader.Win32.Zlob.do

C:\System Volume Information\_restore{8955EFC7-4543-48D3-8AFA-B7287F448D8D}\RP57\A0019583.exe Infected: Trojan.Win32.Agent.il

C:\System Volume Information\_restore{8955EFC7-4543-48D3-8AFA-B7287F448D8D}\RP60\A0022753.dll Infected: not-virus:Hoax.Win32.Renos.ag

C:\System Volume Information\_restore{8955EFC7-4543-48D3-8AFA-B7287F448D8D}\RP60\A0022754.exe Infected: Trojan-Downloader.Win32.Zlob.bv

C:\System Volume Information\_restore{8955EFC7-4543-48D3-8AFA-B7287F448D8D}\RP60\A0022760.dll Infected: not-virus:Hoax.Win32.Renos.ak

C:\System Volume Information\_restore{8955EFC7-4543-48D3-8AFA-B7287F448D8D}\RP61\A0027927.exe Infected: Trojan-Downloader.Win32.Donn.aa

Scan process completed.

pendant qu'il scannait, une fenêtre d'antivir s'est ouverte 66 fois pour prévenir à toutes ces reprises :

"the trojan house TR/Drop.Avar.b.1.B" ou autre et demander "deny access", ce que j'ai fait

(q./14 d'ailleurs le mieux est-il dans ces cas là de choisir "deny access" ou "delete file" ? ) comme dans la vie, y'a peut-être pas de généralité...

par contre,

(q./15) puisque dénier n'est pas détruire, je me suis demandé si antivir mémorisait le nom des intrus dont l'entrée leur avait été refuséee,

en d'autres termes, quand on fait "deny access", antivir mémorise t -il la sale gueule de c'ui qu'a pas de cravatte et même des basket pourries et qui pue en plus de vouloir renter dans la discothèque avec ses béquilles et à qui il a dit merde pour s'en souvenir la prochine fois (pas le martien qui veut danser avec une jambe de bois mais moi) ?

j'ai tenté trendmicro, même réponse : "ad blocked by KFP"

ce 3 ième sur kerio (bloquer les VBScripts coché) , je le décoche pour tenter panda ou kaspersky suffit ?

Thanos · le 17 janvier 2006

salut mi-lion :-P

Du mieux!!Tu as bien bien bossé.

Kaspersky a trouvé un certains nombre de troyans dans la restauration système du pc : pour éliminer ces fichiers vérolés, il va falloir désactiver la restauration puis la réactiver.Fais comme cei:

Supprime la restauration système : ( aide visuelle http://service1.symantec.com/SUPPORT/INTER...46?OpenDocument

Cliquez sur Démarrer.

Cliquez avec le bouton droit sur l'icône Poste de travail, puis cliquez sur Propriétés.

Cliquez sur l'onglet «Restauration du système».

Sélectionnez «Désactiver la Restauration du système» ou «Désactiver la Restauration du système sur tous les lecteurs»

Cliquez sur Appliquer.

Comme le dit le message, ceci supprimera tous les points de restauration existants. Pour faire cela, cliquez sur Oui.

Cliquez sur OK, redémarrer votre PC.Fais l'opération inverse, et réactive la restauration:un nouveau point sera automatiquement créé.

En ce qui concerne l'alerte que tu reçois de la part d'antivir:(j'aime beaucoup le passage de la boite de nuit )

Il serait préférable de pouvoir localiser le(s) fichiers infectés et de les effacer. Une petite question: as tu éliminé les tools qu'on t'a fait télécharger pour éliminer Smitfraud? Je parle du fichier Smitfraudfix!Si tu ne l'a pas fait, fais le maintenant.

Pour savoir exactement quel fichier il a détecté fais ceci: Tu as l'icône d' Antivir dans la barre des tâches(parapluie rouge) ,tu double clique dessus et tu vas dans le menu "Options" .Dans ce menu tu vas trouver une option nommée Show logfile => clique une fois dessus, un fichier texte va s'ouvrir, copie/colle le contenu de ce fichier ici stp.

j'ai tenté trendmicro, même réponse : "ad blocked by KFP"

ce 3 ième sur kerio (bloquer les VBScripts coché) , je le décoche pour tenter panda ou kaspersky suffit ?

Si tu peux faire le scan avec kaspersky,tu devrais pouvoir faire celui de Panda et celui de trendmicro

Jette un oeil dans les options d'internet explorer à l'onglet "Sécurité" => Internet(l'icône de la planête) =>en bas tu as un bouton" Personnaliser le niveau" : assure toi que le niveau est à "moyen".

Tu peux faire un scan chez Panda si tu as le courage :-(

mi-lion · le 17 janvier 2006

charles ingals a dit : (j'ai pas encore pigé l'astuce pour les citations) non, il a pas dit ça, mais ça :

"Une petite question: as tu éliminé les tools qu'on t'a fait télécharger pour éliminer Smitfraud? Je parle du fichier Smitfraudfix!Si tu ne l'a pas fait, fais le maintenant."

les tools ;

je viens de me farcir le dico, alors dans le genre outils, c'est simple mon bureau du timbre poste (mon écran) c'est un garage ! tu vois la boutique Facom qu'on rêve tous quand on se coltine des travaux de l'enfer de la maison ? pareil ! dans tous les coins !

et une scie,

et des clés à molette,

des cleanup40,

des spybotsd 14,

des spybot search et destroy,

des wrar351fr,

des smithfraudfix,

des smithfrauddossier,

des ewidosetup,

des ewido anti-malware,

des kerio-kpf-4.2,

des jv16pt-setup,

des jv16 powertools,

des ccleaner-crap,

des ccleaner,

des easyclean2,

des free online kaspersky,

des ... j'ai une pince à épiler si ça peut servir à quelque chose,

et un raton-laveur,...

et quand on aura terminé (en 2021 normalement, tu me diras ce que je peux virer

- ah ouais et avec tous ça t'arrive pas à enlever 2 petites merdes ?!!

- ça va toi, je fais la collec !! dans peu de temps je fais succursale de Darty S.A.V. !!

enfin je vous préviendrai dès que j'ai plus que qq mo parce que sur mes 9 go de départ et avec xp + tous ça, il n'y a plus que 2go de libre.

alors tu dis les tools, ça des tools y'en a, et si tu veux que je supprime des trucs il faut me le dire,

parle mon garçon, parle, dis tout

vas-y qu'est ce que j'enlève

j'ai fais l'opération restauration système et je voulais te poser cette question avant de rebooter, oui monsieur charles on dit rebooter, eh oh faut pas m'la faire, y'a des mots bien français, c'est angelique qui m'a dit alors t'a qu'à voir ! ..

parce que quand je coupe je sais pas quand je reviens

- ben vas-y ça nous fera des vacances !!

alors qu'est ce que je vire dans cette liste?

et est ce que je réactive dans kerio ?

angelique · le 18 janvier 2006

'soir mi-lion

fais ça imperativement,je te l'avais deja suggeré^^

1/Supprime la restauration système : ( aide visuelle http://service1.symantec.com/SUPPORT/INTER...46?OpenDocument

Cliquez sur Démarrer.

Cliquez avec le bouton droit sur l'icône Poste de travail, puis cliquez sur Propriétés.

Cliquez sur l'onglet «Restauration du système».

Sélectionnez «Désactiver la Restauration du système» ou «Désactiver la Restauration du système sur tous les lecteurs»

Cliquez sur Appliquer.

Comme le dit le message, ceci supprimera tous les points de restauration existants. Pour faire cela, cliquez sur Oui.

Cliquez sur OK, redémarrer votre PC.Fais l'opération inverse, et réactive la restauration:un nouveau point sera automatiquement créé,apres le 3/ jv16

2/Télécharge SmitfraudFix de S!Ri, moe31 et balltrap34 ici:

http://siri.urz.free.fr/Fix/SmitfraudFix.zip

Dézippe la totalité de l'archive dans un répertoire, exécute Smitfraudfix.cmd

Dans le menu, sélectionne 1

Poste le rapport ici.

Redémarre en mode sans échec, relance SmitfraudFix.cmd

Dans le menu, sélectionne 2

Poste le nouveau rapport

3/ et tu refais jv16 #message43

mi-lion · le 18 janvier 2006

alors,

j'ai coché "désactivez la restauration sustème"

j'ai redémarré (2h40 d'attente pour que livebox se connecte)

un 2 ième mieux : les pages livebox et wanadoo sont de nouveau là, il n'y a plus de x rouges

puis clic droit sur poste de travail pour réactiver

de mieux en mieux ; l'onglet "restauration du système" à disparu !

il n'y a que :

mises à jour automatique

utilisation à distance

general

nom de l'ordinateur

materiel

avancé

bordel j'ai pas rêvé !!! il était là tout à l'heure puisque j'ai coché !!

SmitFraudFix v2.15

Rapport fait à 5:21:04,78 le 18/01/2006

Executé à partir de C:\Documents and Settings\nico\Bureau\SmitfraudFix\SmitfraudFix

OS: Microsoft Windows XP [version 5.1.2600]

»»»»»»»»»»»»»»»»»»»»»»»» Recherche C:\

»»»»»»»»»»»»»»»»»»»»»»»» Recherche C:\WINDOWS

»»»»»»»»»»»»»»»»»»»»»»»» Recherche C:\WINDOWS\system

»»»»»»»»»»»»»»»»»»»»»»»» Recherche C:\WINDOWS\Web

»»»»»»»»»»»»»»»»»»»»»»»» Recherche C:\WINDOWS\system32

»»»»»»»»»»»»»»»»»»»»»»»» Recherche C:\Documents and Settings\nico\Application Data

»»»»»»»»»»»»»»»»»»»»»»»» Recherche Menu Démarrer

»»»»»»»»»»»»»»»»»»»»»»»» Recherche Bureau

»»»»»»»»»»»»»»»»»»»»»»»» Recherche C:\Program Files

»»»»»»»»»»»»»»»»»»»»»»»» Recherche présence de clés corrompues

»»»»»»»»»»»»»»»»»»»»»»»» Recherche éléments du bureau

»»»»»»»»»»»»»»»»»»»»»»»» Recherche Sharedtaskscheduler

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]

"{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Pr‚-chargeur Browseui"

"{8C7461EF-2B13-11d2-BE35-3078302C2030}"="D‚mon de cache des cat‚gories de composant"

»»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll

»»»»»»»»»»»»»»»»»»»»»»»» Fin du rapport

charles pour les alertes antivir, tu ne m'as pas dit : antivir mémorise ce qu'il à refusé ou non ? (question 15)

question 16 :"deny access" ou "delete file"

question 17 :! depuis kaspersky il y a beaucoup de choses dans la corbeille, j'en fais quoi ?

bon je retourne à la cave pour le 2

- tu vas où là ?

- je retourne creuser c'est angelique qui m'a dit

- ah oui, et elle te dit un truc et t'y vas ?

- ben oui, pour l'instant j'apprends, donc c'est charles et angelique les patrons et j'la ferme

le temps que ça reconnecte ce sera sûrement pour demain,

euh, pour tout à l'heure

Thanos · le 18 janvier 2006

salut mi-lion,angelique

charles pour les alertes antivir, tu ne m'as pas dit : antivir mémorise ce qu'il à refusé ou non ? (question 15)

question 16 :"deny access" ou "delete file"

Oui Antivir mémorise les alertes,ce que j'aurais aimé que tu fasses avant de faire "delete file", c'est ceci comme je te demandais si tu peux:

Pour savoir exactement quel fichier il a détecté fais ceci: Tu as l'icône d' Antivir dans la barre des tâches(parapluie rouge) ,tu double clique dessus et tu vas dans le menu "Options" .Dans ce menu tu vas trouver une option nommée Show logfile => clique une fois dessus, un fichier texte va s'ouvrir, copie/colle le contenu de ce fichier ici stp.

En fait je voulais m'assurer si Antivir n'avait pas détecté le fichier Smitfraudfix comme étant "TR/Drop.Avar.b.1.B".Il arrive que certains fichiers qu'on fait télécharger pour nettoyer une infection(smitfraudfix dans ton cas),soient eux même considérés comme étant des malwares!!

Est ce que l'onglet "restauration du système" est réapparu?

mi-lion · le 18 janvier 2006

voici des bonjours, des câlins, voici des roses blanches, et mes beaux yeux verts-bleus...

tan tan tan, c'est moi salut

voici smithfraudfix :2 ième épisode,

voici jv16 : mon rapport,

voici antivir : et sa ribambelle de morpions,

voici les essais de panda et trendmicro

SmitFraudFix v2.15

Rapport fait à 6:14:36,81 le 18/01/2006

Executé à partir de C:\Documents and Settings\nico\Bureau\SmitfraudFix\SmitfraudFix

OS: Microsoft Windows XP [version 5.1.2600]

»»»»»»»»»»»»»»»»»»»»»»»» Arret des processus

»»»»»»»»»»»»»»»»»»»»»»»» Suppression des fichiers infectés

»»»»»»»»»»»»»»»»»»»»»»»» Nettoyage Fichiers Temporaires

»»»»»»»»»»»»»»»»»»»»»»»» Nettoyage du registre

Nettoyage terminé.

»»»»»»»»»»»»»»»»»»»»»»»» Fin du rapport

donc jv16 : terminé

(il y avait plus de ronds verts que l'autre jour)

quand je suis revenu : "outils sauvegarde"

je crois que j'ai fais une connerie, j'ai supprimé la ligne où était écrit "extension shell"

et tout de usite après : aucune connection possible sur le net,

"impossible de trouver le serveur" partout et ce matin c'est revenu.

voici également, excuse-moi charles, la manip oubliée :

par show logfile // antivir

09/11/2005,17:15:18 ---------------------------------------------------------

09/11/2005,17:15:18 [iNIT] The AVGuard Service is starting.

09/11/2005,17:15:22 [iNIT] Keyfile contains a valid license. The AVGuard service will run as a fully functional version!

09/11/2005,17:15:24 [iNFO] Start Filter Device.

09/11/2005,17:15:24 AntiVirService Version: 6.32.00.12 AVE Version 6.33.0.61 VDF Version: 6.33.0.15

09/11/2005,17:15:24 AVGuard has been started successfully!

09/11/2005,17:15:29 [LOGON] Connection request by remote computer. Establishing secure communication channel.

09/11/2005,17:15:29 [LOGON] Connection to computer 127.0.0.1 established successfully. Session ID = 0xaaafa42e.

09/11/2005,17:16:08 [iNFO] Stop Filter Device.

09/11/2005,17:16:09 AVGuard service has been stopped!

09/11/2005,17:18:03 ---------------------------------------------------------

09/11/2005,17:18:03 [iNIT] The AVGuard Service is starting.

09/11/2005,17:18:07 [iNIT] Keyfile contains a valid license. The AVGuard service will run as a fully functional version!

09/11/2005,17:18:08 [LOGON] Connection request by remote computer. Establishing secure communication channel.

09/11/2005,17:18:08 [LOGON] Connection to computer 127.0.0.1 established successfully. Session ID = 0xaaaa0b81.

09/11/2005,17:19:34 [iNFO] Start Filter Device.

09/11/2005,17:19:34 AntiVirService Version: 6.32.00.12 AVE Version 6.33.0.61 VDF Version: 6.33.0.15

09/11/2005,17:19:34 AVGuard has been started successfully!

09/11/2005,17:41:33 [iNFO] Stop Filter Device.

09/11/2005,17:41:36 AVGuard service has been stopped!

10/11/2005,21:46:23 ---------------------------------------------------------

10/11/2005,21:46:23 [iNIT] The AVGuard Service is starting.

10/11/2005,21:46:33 [iNIT] Keyfile contains a valid license. The AVGuard service will run as a fully functional version!

10/11/2005,21:46:36 [iNFO] Start Filter Device.

10/11/2005,21:46:36 AntiVirService Version: 6.32.00.12 AVE Version 6.33.0.61 VDF Version: 6.33.0.15

10/11/2005,21:46:37 AVGuard has been started successfully!

10/11/2005,21:46:38 [LOGON] Connection request by remote computer. Establishing secure communication channel.

10/11/2005,21:46:38 [LOGON] Connection to computer 127.0.0.1 established successfully. Session ID = 0xaaaa5cd8.

10/11/2005,21:55:49 [iNFO] Stop Filter Device.

10/11/2005,22:06:52 [iNFO] Start Filter Device.

11/11/2005,01:50:16 WARNING: Contains signature of the exploits EXP/MS05-002.Ani.A!

C:\DOCUMENTS AND SETTINGS\NICO\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\MBI36HIN\ANI[1].ANI

11/11/2005,01:50:33 WARNING: Contains signature of the exploits EXP/MS05-002.Ani.A!

C:\DOCUMENTS AND SETTINGS\NICO\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\UXHU3ALG\ANI[1].ANI

11/11/2005,01:50:44 WARNING: Contains signature of the exploits EXP/MS05-002.Ani.A!

C:\DOCUMENTS AND SETTINGS\NICO\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\UXHU3ALG\ANI[1].ANI

11/11/2005,01:50:53 WARNING: Contains signature of the exploits EXP/MS05-002.Ani.A!

C:\DOCUMENTS AND SETTINGS\NICO\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\UXHU3ALG\ANI[1].ANI

11/11/2005,01:50:58 WARNING: Contains signature of the exploits EXP/MS05-002.Ani.A!

C:\DOCUMENTS AND SETTINGS\NICO\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\C333QO1T\ANI[3].ANI

11/11/2005,01:50:57 WARNING: Contains signature of the exploits EXP/MS05-002.Ani.A!

C:\DOCUMENTS AND SETTINGS\NICO\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\C333QO1T\ANI[2].ANI

11/11/2005,01:51:05 WARNING: Contains signature of the exploits EXP/MS05-002.Ani.A!

C:\DOCUMENTS AND SETTINGS\NICO\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\C333QO1T\ANI[3].ANI

11/11/2005,01:51:06 WARNING: Contains signature of the exploits EXP/MS05-002.Ani.A!

C:\DOCUMENTS AND SETTINGS\NICO\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\C333QO1T\ANI[2].ANI

11/11/2005,01:51:07 WARNING: Contains signature of the exploits EXP/MS05-002.Ani.A!

C:\DOCUMENTS AND SETTINGS\NICO\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\MBI36HIN\ANI[2].ANI

11/11/2005,01:50:57 WARNING: Contains signature of the exploits EXP/MS05-002.Ani.A!

C:\DOCUMENTS AND SETTINGS\NICO\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\C333QO1T\ANI[1].ANI

11/11/2005,01:51:06 WARNING: Is the Trojan horse TR/Proxy.Mitglieder.X.2!

C:\DOCUMENTS AND SETTINGS\NICO\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\C333QO1T\SD[1].EXE

11/11/2005,01:51:09 WARNING: Is the Trojan horse TR/Proxy.Mitglieder.X.2!

C:\WINDOWS\SYSTEM32\WDLNDR.EXE

11/11/2005,01:51:09 WARNING: Contains signature of the exploits EXP/MS05-002.Ani.A!

C:\DOCUMENTS AND SETTINGS\NICO\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\NZL3Z5KS\ANI[1].ANI

11/11/2005,01:51:09 WARNING: Contains signature of the exploits EXP/MS05-002.Ani.A!

C:\DOCUMENTS AND SETTINGS\NICO\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\MBI36HIN\ANI[2].ANI

11/11/2005,01:51:12 WARNING: Contains signature of the exploits EXP/MS05-002.Ani.A!

C:\DOCUMENTS AND SETTINGS\NICO\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\C333QO1T\ANI[1].ANI

11/11/2005,01:51:13 WARNING: Contains signature of the exploits EXP/MS05-002.Ani.A!

C:\DOCUMENTS AND SETTINGS\NICO\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\NZL3Z5KS\ANI[1].ANI

11/11/2005,01:51:05 WARNING: Contains signature of the exploits EXP/MS05-002.Ani.A!

C:\DOCUMENTS AND SETTINGS\NICO\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\MBI36HIN\ANI[1].ANI

11/11/2005,01:51:18 WARNING: Contains signature of the exploits EXP/MS05-002.Ani.A!

C:\DOCUMENTS AND SETTINGS\NICO\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\MBI36HIN\ANI[1].ANI

11/11/2005,01:51:24 WARNING: Contains signature of the exploits EXP/MS05-002.Ani.A!

C:\DOCUMENTS AND SETTINGS\NICO\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\MBI36HIN\ANI[1].ANI

11/11/2005,01:51:28 WARNING: Contains signature of the exploits EXP/MS05-002.Ani.A!

C:\DOCUMENTS AND SETTINGS\NICO\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\MBI36HIN\ANI[1].ANI

11/11/2005,01:51:33 WARNING: Contains signature of the exploits EXP/MS05-002.Ani.A!

C:\DOCUMENTS AND SETTINGS\NICO\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\MBI36HIN\ANI[1].ANI

11/11/2005,01:51:37 WARNING: Contains signature of the exploits EXP/MS05-002.Ani.A!

C:\DOCUMENTS AND SETTINGS\NICO\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\NZL3Z5KS\ANI[2].ANI

11/11/2005,01:51:31 WARNING: Contains signature of the exploits EXP/MS05-002.Ani.A!

C:\DOCUMENTS AND SETTINGS\NICO\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\MBI36HIN\ANI[3].ANI

11/11/2005,01:51:43 WARNING: Contains signature of the exploits EXP/MS05-002.Ani.A!

C:\DOCUMENTS AND SETTINGS\NICO\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\NZL3Z5KS\ANI[2].ANI

11/11/2005,01:51:44 WARNING: Contains signature of the exploits EXP/MS05-002.Ani.A!

C:\DOCUMENTS AND SETTINGS\NICO\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\MBI36HIN\ANI[3].ANI

11/11/2005,01:51:46 WARNING: Contains signature of the exploits EXP/MS05-002.Ani.A!

C:\DOCUMENTS AND SETTINGS\NICO\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\NZL3Z5KS\ANI[2].ANI

11/11/2005,01:51:48 WARNING: Is the Trojan horse TR/Proxy.Mitglieder.X.2!

C:\DOCUMENTS AND SETTINGS\NICO\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\UXHU3ALG\SD[1].EXE

11/11/2005,01:51:48 WARNING: Is the Trojan horse TR/Proxy.Mitglieder.X.2!

C:\WINDOWS\SYSTEM32\WDLNDR.EXE

11/11/2005,01:51:47 WARNING: Contains signature of the exploits EXP/MS05-002.Ani.A!

C:\DOCUMENTS AND SETTINGS\NICO\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\MBI36HIN\ANI[3].ANI

11/11/2005,01:52:01 WARNING: Contains signature of the exploits EXP/MS05-002.Ani.A!

C:\DOCUMENTS AND SETTINGS\NICO\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\MBI36HIN\ANI[4].ANI

11/11/2005,01:52:08 WARNING: Contains signature of the exploits EXP/MS05-002.Ani.A!

C:\DOCUMENTS AND SETTINGS\NICO\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\MBI36HIN\ANI[4].ANI

11/11/2005,01:52:10 WARNING: Contains signature of the exploits EXP/MS05-002.Ani.A!

C:\DOCUMENTS AND SETTINGS\NICO\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\MBI36HIN\ANI[4].ANI

11/11/2005,01:52:14 WARNING: Contains signature of the exploits EXP/MS05-002.Ani.A!

C:\DOCUMENTS AND SETTINGS\NICO\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\MBI36HIN\ANI[5].ANI

11/11/2005,01:52:13 WARNING: Is the Trojan horse TR/Proxy.Mitglieder.X.2!

C:\DOCUMENTS AND SETTINGS\NICO\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\NZL3Z5KS\SD[1].EXE

11/11/2005,01:52:19 WARNING: Is the Trojan horse TR/Proxy.Mitglieder.X.2!

C:\WINDOWS\SYSTEM32\WDLNDR.EXE

11/11/2005,01:52:13 WARNING: Contains signature of the exploits EXP/MS05-002.Ani.A!

C:\DOCUMENTS AND SETTINGS\NICO\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\NZL3Z5KS\ANI[2].ANI

11/11/2005,01:52:20 WARNING: Contains signature of the exploits EXP/MS05-002.Ani.A!

C:\DOCUMENTS AND SETTINGS\NICO\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\UXHU3ALG\ANI[3].ANI

11/11/2005,01:52:20 WARNING: Contains signature of the exploits EXP/MS05-002.Ani.A!

C:\DOCUMENTS AND SETTINGS\NICO\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\MBI36HIN\ANI[5].ANI

11/11/2005,01:52:12 WARNING: Contains signature of the exploits EXP/MS05-002.Ani.A!

C:\DOCUMENTS AND SETTINGS\NICO\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\UXHU3ALG\ANI[2].ANI

11/11/2005,01:52:23 WARNING: Contains signature of the exploits EXP/MS05-002.Ani.A!

C:\DOCUMENTS AND SETTINGS\NICO\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\UXHU3ALG\ANI[4].ANI

11/11/2005,01:52:23 WARNING: Contains signature of the exploits EXP/MS05-002.Ani.A!

C:\DOCUMENTS AND SETTINGS\NICO\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\MBI36HIN\ANI[6].ANI

11/11/2005,01:52:24 WARNING: Contains signature of the exploits EXP/MS05-002.Ani.A!

C:\DOCUMENTS AND SETTINGS\NICO\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\MBI36HIN\ANI[7].ANI

11/11/2005,01:52:22 WARNING: Contains signature of the exploits EXP/MS05-002.Ani.A!

C:\DOCUMENTS AND SETTINGS\NICO\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\NZL3Z5KS\ANI[2].ANI

11/11/2005,01:52:27 WARNING: Contains signature of the exploits EXP/MS05-002.Ani.A!

C:\DOCUMENTS AND SETTINGS\NICO\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\UXHU3ALG\ANI[3].ANI

11/11/2005,01:52:28 WARNING: Contains signature of the exploits EXP/MS05-002.Ani.A!

C:\DOCUMENTS AND SETTINGS\NICO\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\UXHU3ALG\ANI[2].ANI

11/11/2005,01:52:30 WARNING: Contains signature of the exploits EXP/MS05-002.Ani.A!

C:\DOCUMENTS AND SETTINGS\NICO\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\UXHU3ALG\ANI[4].ANI

11/11/2005,01:52:31 WARNING: Contains signature of the exploits EXP/MS05-002.Ani.A!

C:\DOCUMENTS AND SETTINGS\NICO\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\MBI36HIN\ANI[6].ANI

11/11/2005,01:52:32 WARNING: Contains signature of the exploits EXP/MS05-002.Ani.A!

C:\DOCUMENTS AND SETTINGS\NICO\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\MBI36HIN\ANI[7].ANI

11/11/2005,01:52:40 WARNING: Contains signature of the exploits EXP/MS05-002.Ani.A!

C:\DOCUMENTS AND SETTINGS\NICO\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\MBI36HIN\ANI[7].ANI

11/11/2005,01:52:42 WARNING: Contains signature of the exploits EXP/MS05-002.Ani.A!

C:\DOCUMENTS AND SETTINGS\NICO\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\C333QO1T\ANI[4].ANI

11/11/2005,01:52:49 WARNING: Is the Trojan horse TR/Proxy.Mitglieder.X.2!

C:\DOCUMENTS AND SETTINGS\NICO\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\C333QO1T\SD[1].EXE

11/11/2005,01:52:45 WARNING: Contains signature of the exploits EXP/MS05-002.Ani.A!

C:\DOCUMENTS AND SETTINGS\NICO\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\MBI36HIN\ANI[7].ANI

11/11/2005,01:52:51 WARNING: Is the Trojan horse TR/Proxy.Mitglieder.X.2!

C:\WINDOWS\SYSTEM32\WDLNDR.EXE

11/11/2005,01:52:52 WARNING: Contains signature of the exploits EXP/MS05-002.Ani.A!

C:\DOCUMENTS AND SETTINGS\NICO\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\NZL3Z5KS\ANI[3].ANI

11/11/2005,01:52:52 WARNING: Contains signature of the exploits EXP/MS05-002.Ani.A!

C:\DOCUMENTS AND SETTINGS\NICO\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\C333QO1T\ANI[4].ANI

11/11/2005,01:52:55 WARNING: Contains signature of the exploits EXP/MS05-002.Ani.A!

C:\DOCUMENTS AND SETTINGS\NICO\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\C333QO1T\ANI[5].ANI

11/11/2005,01:52:55 WARNING: Contains signature of the exploits EXP/MS05-002.Ani.A!

C:\DOCUMENTS AND SETTINGS\NICO\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\NZL3Z5KS\ANI[3].ANI

11/11/2005,01:52:58 WARNING: Contains signature of the exploits EXP/MS05-002.Ani.A!

C:\DOCUMENTS AND SETTINGS\NICO\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\NZL3Z5KS\ANI[3].ANI

11/11/2005,01:52:58 WARNING: Contains signature of the exploits EXP/MS05-002.Ani.A!

C:\DOCUMENTS AND SETTINGS\NICO\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\C333QO1T\ANI[5].ANI

11/11/2005,01:53:05 WARNING: Contains signature of the exploits EXP/MS05-002.Ani.A!

C:\DOCUMENTS AND SETTINGS\NICO\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\C333QO1T\ANI[5].ANI

11/11/2005,11:46:08 WARNING: Contains signature of the exploits EXP/MS05-002.Ani.A!

C:\DOCUMENTS AND SETTINGS\NICO\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\WTYJOLYB\PAYLOAD[1].ANI

11/11/2005,11:46:17 WARNING: Contains signature of the exploits EXP/MS05-002.Ani.A!

C:\DOCUMENTS AND SETTINGS\NICO\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\WTYJOLYB\PAYLOAD[1].ANI

11/11/2005,20:29:30 [iNFO] Stop Filter Device.

11/11/2005,20:29:36 AVGuard service has been stopped!

11/11/2005,20:31:36 ---------------------------------------------------------

11/11/2005,20:31:36 [iNIT] The AVGuard Service is starting.

11/11/2005,20:31:39 [iNIT] Keyfile contains a valid license. The AVGuard service will run as a fully functional version!

11/11/2005,20:31:41 [LOGON] Connection request by remote computer. Establishing secure communication channel.

11/11/2005,20:31:41 [LOGON] Connection to computer 127.0.0.1 established successfully. Session ID = 0xaaabb70f.

11/11/2005,20:37:36 [iNFO] Start Filter Device.

11/11/2005,20:37:44 [iNFO] Stop Filter Device.

11/11/2005,20:38:49 [iNFO] Start Filter Device.

11/11/2005,20:42:29 [ERROR] [1055] The device driver could not be loaded!

11/11/2005,20:42:30 [iNFO] Stop Filter Device.

11/11/2005,20:42:34 AVGuard service has been stopped!

11/11/2005,21:21:08 ---------------------------------------------------------

11/11/2005,21:21:08 [iNIT] The AVGuard Service is starting.

11/11/2005,21:21:10 [iNIT] Keyfile contains a valid license. The AVGuard service will run as a fully functional version!

11/11/2005,21:21:11 [LOGON] Connection request by remote computer. Establishing secure communication channel.

11/11/2005,21:21:12 [LOGON] Connection to computer 127.0.0.1 established successfully. Session ID = 0xaaabcc30.

11/11/2005,21:25:54 [iNFO] Start Filter Device.

11/11/2005,21:32:12 ---------------------------------------------------------

11/11/2005,21:32:12 [iNIT] The AVGuard Service is starting.

11/11/2005,21:32:15 [iNIT] Keyfile contains a valid license. The AVGuard service will run as a fully functional version!

11/11/2005,21:32:16 [LOGON] Connection request by remote computer. Establishing secure communication channel.

11/11/2005,21:32:16 [LOGON] Connection to computer 127.0.0.1 established successfully. Session ID = 0xaaabcc54.

11/11/2005,21:44:42 [iNFO] Start Filter Device.

11/11/2005,21:52:43 [ERROR] [1055] The device driver could not be loaded!

11/11/2005,21:52:44 [iNFO] Stop Filter Device.

11/11/2005,21:52:45 AVGuard service has been stopped!

11/11/2005,22:05:43 ---------------------------------------------------------

11/11/2005,22:05:43 [iNIT] The AVGuard Service is starting.

11/11/2005,22:05:46 [iNIT] Keyfile contains a valid license. The AVGuard service will run as a fully functional version!

11/11/2005,22:05:48 [LOGON] Connection request by remote computer. Establishing secure communication channel.

11/11/2005,22:05:48 [LOGON] Connection to computer 127.0.0.1 established successfully. Session ID = 0xaaaa58bb.

11/11/2005,22:06:42 [iNFO] Start Filter Device.

11/11/2005,22:16:16 [ERROR] [1055] The device driver could not be loaded!

11/11/2005,22:16:16 [iNFO] Stop Filter Device.

11/11/2005,22:16:17 AVGuard service has been stopped!

11/11/2005,22:22:36 ---------------------------------------------------------

11/11/2005,22:22:36 [iNIT] The AVGuard Service is starting.

11/11/2005,22:22:38 [iNIT] Keyfile contains a valid license. The AVGuard service will run as a fully functional version!

11/11/2005,22:22:39 [LOGON] Connection request by remote computer. Establishing secure communication channel.

11/11/2005,22:22:39 [LOGON] Connection to computer 127.0.0.1 established successfully. Session ID = 0xaaaa41ca.

11/11/2005,22:33:09 [ERROR] [1055] The device driver could not be loaded!

11/11/2005,22:33:09 [iNFO] Stop Filter Device.

11/11/2005,22:33:10 AVGuard service has been stopped!

11/11/2005,22:54:01 ---------------------------------------------------------

11/11/2005,22:54:01 [iNIT] The AVGuard Service is starting.

11/11/2005,22:54:03 [iNIT] Keyfile contains a valid license. The AVGuard service will run as a fully functional version!

11/11/2005,22:54:05 [LOGON] Connection request by remote computer. Establishing secure communication channel.

11/11/2005,22:54:05 [LOGON] Connection to computer 127.0.0.1 established successfully. Session ID = 0xaaaa4705.

11/11/2005,23:06:34 [iNFO] Start Filter Device.

11/11/2005,23:06:34 AntiVirService Version: 6.32.00.12 AVE Version 6.33.0.61 VDF Version: 6.33.0.15

11/11/2005,23:06:34 AVGuard has been started successfully!

11/11/2005,23:10:47 [iNFO] Stop Filter Device.

11/11/2005,23:34:01 [iNFO] Start Filter Device.

12/11/2005,05:03:11 [iNFO] Stop Filter Device.

12/11/2005,05:03:12 AVGuard service has been stopped!

12/11/2005,12:41:24 ---------------------------------------------------------

12/11/2005,12:41:24 [iNIT] The AVGuard Service is starting.

12/11/2005,12:41:26 [iNIT] Keyfile contains a valid license. The AVGuard service will run as a fully functional version!

12/11/2005,12:41:27 [LOGON] Connection request by remote computer. Establishing secure communication channel.

12/11/2005,12:41:28 [LOGON] Connection to computer 127.0.0.1 established successfully. Session ID = 0xaaabf48c.

12/11/2005,12:59:25 [ERROR] [1055] The device driver could not be loaded!

12/11/2005,12:59:26 [iNFO] Stop Filter Device.

12/11/2005,12:59:27 AVGuard service has been stopped!

12/11/2005,13:17:22 ---------------------------------------------------------

12/11/2005,13:17:22 [iNIT] The AVGuard Service is starting.

12/11/2005,13:17:24 [iNIT] Keyfile contains a valid license. The AVGuard service will run as a fully functional version!

12/11/2005,13:17:25 [LOGON] Connection request by remote computer. Establishing secure communication channel.

12/11/2005,13:17:25 [LOGON] Connection to computer 127.0.0.1 established successfully. Session ID = 0xaaabfd70.

12/11/2005,13:17:54 [iNFO] Start Filter Device.

12/11/2005,13:35:22 [ERROR] [1055] The device driver could not be loaded!

12/11/2005,13:35:23 [iNFO] Stop Filter Device.

12/11/2005,13:35:24 AVGuard service has been stopped!

12/11/2005,13:55:00 ---------------------------------------------------------

12/11/2005,13:55:00 [iNIT] The AVGuard Service is starting.

12/11/2005,13:55:02 [iNIT] Keyfile contains a valid license. The AVGuard service will run as a fully functional version!

12/11/2005,13:55:03 [LOGON] Connection request by remote computer. Establishing secure communication channel.

12/11/2005,13:55:03 [LOGON] Connection to computer 127.0.0.1 established successfully. Session ID = 0xaaabff2b.

12/11/2005,13:55:41 [iNFO] Start Filter Device.

12/11/2005,14:12:27 [iNFO] Stop Filter Device.

12/11/2005,14:18:31 [iNFO] Start Filter Device.

12/11/2005,14:18:31 AntiVirService Version: 6.32.00.12 AVE Version 6.33.0.61 VDF Version: 6.33.0.15

12/11/2005,14:18:31 AVGuard has been started successfully!

12/11/2005,14:29:31 [iNFO] Stop Filter Device.

12/11/2005,14:36:55 ---------------------------------------------------------

12/11/2005,14:36:55 [iNIT] The AVGuard Service is starting.

12/11/2005,14:37:00 [iNIT] Keyfile contains a valid license. The AVGuard service will run as a fully functional version!

12/11/2005,14:37:01 [LOGON] Connection request by remote computer. Establishing secure communication channel.

12/11/2005,14:37:02 [LOGON] Connection to computer 127.0.0.1 established successfully. Session ID = 0xaaaac7ac.

12/11/2005,14:37:12 [iNFO] Start Filter Device.

12/11/2005,14:37:12 AntiVirService Version: 6.32.00.12 AVE Version 6.33.0.61 VDF Version: 6.33.0.15

12/11/2005,14:37:12 AVGuard has been started successfully!

13/11/2005,11:47:25 WARNING: AVGuard detected a problem in the file

C:\DOCUMENTS AND SETTINGS\NICO\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\SNQRW3KL\WORKINGBETTERTOGETHER_SF[1].DOC

ATTENTION: This OLE document is possibly damaged!

14/11/2005,04:47:03 [iNFO] Stop Filter Device.

14/11/2005,04:47:08 AVGuard service has been stopped!

14/11/2005,11:15:13 ---------------------------------------------------------

14/11/2005,11:15:13 [iNIT] The AVGuard Service is starting.

14/11/2005,11:15:15 [iNIT] Keyfile contains a valid license. The AVGuard service will run as a fully functional version!

14/11/2005,11:15:16 [LOGON] Connection request by remote computer. Establishing secure communication channel.

14/11/2005,11:15:16 [LOGON] Connection to computer 127.0.0.1 established successfully. Session ID = 0xaaaa42f9.

14/11/2005,11:25:45 [ERROR] [1055] The device driver could not be loaded!

14/11/2005,11:25:45 [iNFO] Stop Filter Device.

14/11/2005,11:25:46 AVGuard service has been stopped!

14/11/2005,12:45:38 ---------------------------------------------------------

14/11/2005,12:45:38 [iNIT] The AVGuard Service is starting.

14/11/2005,12:45:40 [iNIT] Keyfile contains a valid license. The AVGuard service will run as a fully functional version!

14/11/2005,12:45:42 [LOGON] Connection request by remote computer. Establishing secure communication channel.

14/11/2005,12:45:42 [LOGON] Connection to computer 127.0.0.1 established successfully. Session ID = 0xaaabf28a.

14/11/2005,12:49:21 [iNFO] Start Filter Device.

14/11/2005,12:58:00 [iNFO] Stop Filter Device.

14/11/2005,13:07:00 ---------------------------------------------------------

14/11/2005,13:07:00 [iNIT] The AVGuard Service is starting.

14/11/2005,13:07:03 [iNIT] Keyfile contains a valid license. The AVGuard service will run as a fully functional version!

14/11/2005,13:07:04 [LOGON] Connection request by remote computer. Establishing secure communication channel.

14/11/2005,13:07:04 [LOGON] Connection to computer 127.0.0.1 established successfully. Session ID = 0xaaabf208.

14/11/2005,13:11:35 [iNFO] Start Filter Device.

14/11/2005,13:29:32 [iNFO] Start Filter Device.

14/11/2005,13:29:32 AntiVirService Version: 6.32.00.12 AVE Version 6.33.0.61 VDF Version: 6.33.0.15

14/11/2005,13:29:32 AVGuard has been started successfully!

14/11/2005,13:45:34 [iNFO] Stop Filter Device.

14/11/2005,13:46:31 [iNFO] Start Filter Device.

14/11/2005,20:00:55 WARNING: AVGuard detected a problem in the file

C:\DOCUMENTS AND SETTINGS\NICO\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\KXW9U1WJ\MIKELINKS[2].COM

INFO: The size of this COM-file is too large!

14/11/2005,23:23:50 WARNING: AVGuard detected a problem in the file

C:\DOCUMENTS AND SETTINGS\NICO\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\SNQRW3KL\69GALLS[2].COM

INFO: The size of this COM-file is too large!

15/11/2005,00:35:33 [iNFO] Stop Filter Device.

15/11/2005,00:35:34 AVGuard service has been stopped!

15/11/2005,00:36:45 ---------------------------------------------------------

15/11/2005,00:36:45 [iNIT] The AVGuard Service is starting.

15/11/2005,00:36:48 [iNIT] Keyfile contains a valid license. The AVGuard service will run as a fully functional version!

15/11/2005,00:36:59 [iNFO] Start Filter Device.

15/11/2005,00:36:59 AntiVirService Version: 6.32.00.12 AVE Version 6.33.0.61 VDF Version: 6.33.0.15

15/11/2005,00:36:59 AVGuard has been started successfully!

15/11/2005,00:37:05 [LOGON] Connection request by remote computer. Establishing secure communication channel.

15/11/2005,00:37:05 [LOGON] Connection to computer 127.0.0.1 established successfully. Session ID = 0xaaaa0fb4.

15/11/2005,03:32:40 [iNFO] Stop Filter Device.

15/11/2005,03:32:43 AVGuard service has been stopped!

15/11/2005,03:33:40 ---------------------------------------------------------

15/11/2005,03:33:40 [iNIT] The AVGuard Service is starting.

15/11/2005,03:33:46 [iNIT] Keyfile contains a valid license. The AVGuard service will run as a fully functional version!

15/11/2005,03:33:52 [iNFO] Start Filter Device.

15/11/2005,03:33:52 AntiVirService Version: 6.32.00.12 AVE Version 6.33.0.61 VDF Version: 6.33.0.15

15/11/2005,03:33:52 AVGuard has been started successfully!

15/11/2005,03:34:00 [LOGON] Connection request by remote computer. Establishing secure communication channel.

15/11/2005,03:34:00 [LOGON] Connection to computer 127.0.0.1 established successfully. Session ID = 0xaaaa07d7.

16/11/2005,00:03:23 [iNFO] Stop Filter Device.

16/11/2005,00:03:26 AVGuard service has been stopped!

16/11/2005,00:04:25 ---------------------------------------------------------

16/11/2005,00:04:25 [iNIT] The AVGuard Service is starting.

16/11/2005,00:04:31 [iNIT] Keyfile contains a valid license. The AVGuard service will run as a fully functional version!

16/11/2005,00:04:36 [iNFO] Start Filter Device.

16/11/2005,00:04:36 AntiVirService Version: 6.32.00.12 AVE Version 6.33.0.61 VDF Version: 6.33.0.15

16/11/2005,00:04:36 AVGuard has been started successfully!

16/11/2005,00:04:48 [LOGON] Connection request by remote computer. Establishing secure communication channel.

16/11/2005,00:04:48 [LOGON] Connection to computer 127.0.0.1 established successfully. Session ID = 0xaaaa16f1.

16/11/2005,06:09:40 [iNFO] Stop Filter Device.

16/11/2005,06:09:44 AVGuard service has been stopped!

16/11/2005,15:44:36 ---------------------------------------------------------

16/11/2005,15:44:36 [iNIT] The AVGuard Service is starting.

16/11/2005,15:44:40 [iNIT] Keyfile contains a valid license. The AVGuard service will run as a fully functional version!

16/11/2005,15:44:46 [iNFO] Start Filter Device.

16/11/2005,15:44:46 AntiVirService Version: 6.32.00.12 AVE Version 6.33.0.61 VDF Version: 6.33.0.15

16/11/2005,15:44:46 AVGuard has been started successfully!

16/11/2005,15:44:54 [LOGON] Connection request by remote computer. Establishing secure communication channel.

16/11/2005,15:44:55 [LOGON] Connection to computer 127.0.0.1 established successfully. Session ID = 0xaaaa05d8.

17/12/2005,00:58:44 WARNING: Contains signature of the exploits EXP/MS05-002.Ani.A!

C:\DOCUMENTS AND SETTINGS\NICO\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\KFBRUGHX\PAYLOAD[1].ANI

17/12/2005,00:58:56 WARNING: Contains signature of the exploits EXP/MS05-002.Ani.A!

C:\DOCUMENTS AND SETTINGS\NICO\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\KFBRUGHX\PAYLOAD[1].ANI

17/12/2005,06:16:38 [iNFO] Stop Filter Device.

17/12/2005,06:16:44 AVGuard service has been stopped!

17/12/2005,17:11:26 ---------------------------------------------------------

17/12/2005,17:11:26 [iNIT] The AVGuard Service is starting.

17/12/2005,17:11:32 [iNIT] Keyfile contains a valid license. The AVGuard service will run as a fully functional version!

17/12/2005,17:11:36 [iNFO] Start Filter Device.

17/12/2005,17:11:36 AntiVirService Version: 6.32.00.12 AVE Version 6.33.0.61 VDF Version: 6.33.0.15

17/12/2005,17:11:36 AVGuard has been started successfully!

17/12/2005,17:11:51 [LOGON] Connection request by remote computer. Establishing secure communication channel.

17/12/2005,17:11:52 [LOGON] Connection to computer 127.0.0.1 established successfully. Session ID = 0xaaaa1c3b.

17/12/2005,21:50:56 [iNFO] Stop Filter Device.

17/12/2005,21:50:59 AVGuard service has been stopped!

17/12/2005,21:52:02 ---------------------------------------------------------

17/12/2005,21:52:02 [iNIT] The AVGuard Service is starting.

17/12/2005,21:52:09 [iNIT] Keyfile contains a valid license. The AVGuard service will run as a fully functional version!

17/12/2005,21:52:16 [iNFO] Start Filter Device.

17/12/2005,21:52:16 AntiVirService Version: 6.32.00.12 AVE Version 6.33.0.61 VDF Version: 6.33.0.15

17/12/2005,21:52:16 AVGuard has been started successfully!

17/12/2005,21:52:21 [LOGON] Connection request by remote computer. Establishing secure communication channel.

17/12/2005,21:52:22 [LOGON] Connection to computer 127.0.0.1 established successfully. Session ID = 0xaaaa10a8.

19/12/2005,06:46:29 [iNFO] Stop Filter Device.

19/12/2005,06:46:33 AVGuard service has been stopped!

19/12/2005,20:37:08 ---------------------------------------------------------

19/12/2005,20:37:08 [iNIT] The AVGuard Service is starting.

19/12/2005,20:37:13 [iNIT] Keyfile contains a valid license. The AVGuard service will run as a fully functional version!

19/12/2005,20:37:15 [LOGON] Connection request by remote computer. Establishing secure communication channel.

19/12/2005,20:37:15 [LOGON] Connection to computer 127.0.0.1 established successfully. Session ID = 0xaaaa3ede.

19/12/2005,20:39:16 [iNFO] Start Filter Device.

19/12/2005,20:40:39 [ERROR] [1055] The device driver could not be loaded!

19/12/2005,20:40:40 [iNFO] Stop Filter Device.

19/12/2005,20:40:41 AVGuard service has been stopped!

19/12/2005,20:48:33 ---------------------------------------------------------

19/12/2005,20:48:33 [iNIT] The AVGuard Service is starting.

19/12/2005,20:48:35 [iNIT] Keyfile contains a valid license. The AVGuard service will run as a fully functional version!

19/12/2005,20:48:36 [LOGON] Connection request by remote computer. Establishing secure communication channel.

19/12/2005,20:48:37 [LOGON] Connection to computer 127.0.0.1 established successfully. Session ID = 0xaaaa5e48.

19/12/2005,20:49:53 [iNFO] Start Filter Device.

19/12/2005,21:00:42 [iNFO] Stop Filter Device.

19/12/2005,21:03:36 [ERROR] [1055] The device driver could not be loaded!

19/12/2005,21:03:37 [iNFO] Stop Filter Device.

19/12/2005,21:03:38 AVGuard service has been stopped!

19/12/2005,21:51:45 ---------------------------------------------------------

19/12/2005,21:51:45 [iNIT] The AVGuard Service is starting.

19/12/2005,21:51:56 [iNIT] Keyfile contains a valid license. The AVGuard service will run as a fully functional version!

19/12/2005,21:52:01 [iNFO] Start Filter Device.

19/12/2005,21:52:01 AntiVirService Version: 6.32.00.12 AVE Version 6.33.0.61 VDF Version: 6.33.0.15

19/12/2005,21:52:01 AVGuard has been started successfully!

19/12/2005,21:52:09 [LOGON] Connection request by remote computer. Establishing secure communication channel.

19/12/2005,21:52:10 [LOGON] Connection to computer 127.0.0.1 established successfully. Session ID = 0xaaaa6024.

20/12/2005,05:29:18 WARNING: AVGuard detected a problem in the file

C:\DOCUMENTS AND SETTINGS\NICO\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\DGGZ1L4D\MIKELINKS[2].COM

INFO: The size of this COM-file is too large!

20/12/2005,07:49:18 [iNFO] Stop Filter Device.

20/12/2005,07:49:23 AVGuard service has been stopped!

20/12/2005,14:48:12 ---------------------------------------------------------

20/12/2005,14:48:12 [iNIT] The AVGuard Service is starting.

20/12/2005,14:48:15 [iNIT] Keyfile contains a valid license. The AVGuard service will run as a fully functional version!

20/12/2005,14:48:16 [LOGON] Connection request by remote computer. Establishing secure communication channel.

20/12/2005,14:48:17 [LOGON] Connection to computer 127.0.0.1 established successfully. Session ID = 0xaaabaaee.

20/12/2005,14:58:44 [ERROR] [1055] The device driver could not be loaded!

20/12/2005,14:58:44 [iNFO] Stop Filter Device.

20/12/2005,14:58:45 AVGuard service has been stopped!

20/12/2005,15:25:23 ---------------------------------------------------------

20/12/2005,15:25:23 [iNIT] The AVGuard Service is starting.

20/12/2005,15:25:33 [iNIT] Keyfile contains a valid license. The AVGuard service will run as a fully functional version!

20/12/2005,15:25:35 [LOGON] Connection request by remote computer. Establishing secure communication channel.

20/12/2005,15:25:35 [LOGON] Connection to computer 127.0.0.1 established successfully. Session ID = 0xaaaa76fb.

20/12/2005,15:25:42 [iNFO] Start Filter Device.

20/12/2005,15:25:42 AntiVirService Version: 6.32.00.12 AVE Version 6.33.0.61 VDF Version: 6.33.0.15

20/12/2005,15:25:42 AVGuard has been started successfully!

20/12/2005,15:27:37 [iNFO] Stop Filter Device.

20/12/2005,15:27:38 AVGuard service has been stopped!

20/12/2005,15:29:36 ---------------------------------------------------------

20/12/2005,15:29:36 [iNIT] The AVGuard Service is starting.

20/12/2005,15:29:39 [iNIT] Keyfile contains a valid license. The AVGuard service will run as a fully functional version!

20/12/2005,15:36:00 ---------------------------------------------------------

20/12/2005,15:36:00 [iNIT] The AVGuard Service is starting.

20/12/2005,15:36:02 [iNIT] Keyfile contains a valid license. The AVGuard service will run as a fully functional version!

20/12/2005,15:36:03 [LOGON] Connection request by remote computer. Establishing secure communication channel.

20/12/2005,15:36:04 [LOGON] Connection to computer 127.0.0.1 established successfully. Session ID = 0xaaab7962.

20/12/2005,15:37:57 [iNFO] Start Filter Device.

20/12/2005,15:42:29 ---------------------------------------------------------

20/12/2005,15:42:29 [iNIT] The AVGuard Service is starting.

20/12/2005,15:42:32 [iNIT] Keyfile contains a valid license. The AVGuard service will run as a fully functional version!

20/12/2005,15:42:33 [LOGON] Connection request by remote computer. Establishing secure communication channel.

20/12/2005,15:42:33 [LOGON] Connection to computer 127.0.0.1 established successfully. Session ID = 0xaaa8e0a3.

20/12/2005,15:55:43 [iNFO] Start Filter Device.

20/12/2005,16:01:30 [ERROR] [1055] The device driver could not be loaded!

20/12/2005,16:01:31 [iNFO] Stop Filter Device.

20/12/2005,16:01:32 AVGuard service has been stopped!

20/12/2005,18:43:58 ---------------------------------------------------------

20/12/2005,18:43:58 [iNIT] The AVGuard Service is starting.

20/12/2005,18:44:05 [iNIT] Keyfile contains a valid license. The AVGuard service will run as a fully functional version!

20/12/2005,18:44:07 [iNFO] Start Filter Device.

20/12/2005,18:44:07 AntiVirService Version: 6.32.00.12 AVE Version 6.33.0.61 VDF Version: 6.33.0.15

20/12/2005,18:44:07 AVGuard has been started successfully!

20/12/2005,18:44:23 [LOGON] Connection request by remote computer. Establishing secure communication channel.

20/12/2005,18:44:24 [LOGON] Connection to computer 127.0.0.1 established successfully. Session ID = 0xaaaa1428.

21/12/2005,05:05:04 ---------------------------------------------------------

21/12/2005,05:05:04 [iNIT] The AVGuard Service is starting.

21/12/2005,05:05:06 [iNIT] Keyfile contains a valid license. The AVGuard service will run as a fully functional version!

21/12/2005,05:10:14 ---------------------------------------------------------

21/12/2005,05:10:14 [iNIT] The AVGuard Service is starting.

21/12/2005,05:10:16 [iNIT] Keyfile contains a valid license. The AVGuard service will run as a fully functional version!

21/12/2005,05:10:17 [LOGON] Connection request by remote computer. Establishing secure communication channel.

21/12/2005,05:10:17 [LOGON] Connection to computer 127.0.0.1 established successfully. Session ID = 0xaaabca11.

21/12/2005,05:21:45 [ERROR] [1055] The device driver could not be loaded!

21/12/2005,05:21:46 [iNFO] Stop Filter Device.

21/12/2005,05:21:47 AVGuard service has been stopped!

21/12/2005,05:55:12 ---------------------------------------------------------

21/12/2005,05:55:12 [iNIT] The AVGuard Service is starting.

21/12/2005,05:55:14 [iNIT] Keyfile contains a valid license. The AVGuard service will run as a fully functional version!

21/12/2005,05:55:15 [LOGON] Connection request by remote computer. Establishing secure communication channel.

21/12/2005,05:55:16 [LOGON] Connection to computer 127.0.0.1 established successfully. Session ID = 0xaaab7978.

21/12/2005,06:16:43 [iNFO] Start Filter Device.

21/12/2005,06:16:43 AntiVirService Version: 6.32.00.12 AVE Version 6.33.0.61 VDF Version: 6.33.0.15

21/12/2005,06:16:43 AVGuard has been started successfully!

21/12/2005,06:22:06 ---------------------------------------------------------

21/12/2005,06:22:06 [iNIT] The AVGuard Service is starting.

21/12/2005,06:22:08 [iNIT] Keyfile contains a valid license. The AVGuard service will run as a fully functional version!

21/12/2005,06:22:09 [LOGON] Connection request by remote computer. Establishing secure communication channel.

21/12/2005,06:22:09 [LOGON] Connection to computer 127.0.0.1 established successfully. Session ID = 0xaaa8ed72.

21/12/2005,06:23:16 [iNFO] Start Filter Device.

21/12/2005,06:41:42 [ERROR] [1055] The device driver could not be loaded!

21/12/2005,06:41:43 [iNFO] Stop Filter Device.

21/12/2005,06:41:46 AVGuard service has been stopped!

21/12/2005,12:50:14 ---------------------------------------------------------

21/12/2005,12:50:14 [iNIT] The AVGuard Service is starting.

21/12/2005,12:50:16 [iNIT] Keyfile contains a valid license. The AVGuard service will run as a fully functional version!

21/12/2005,12:50:17 [LOGON] Connection request by remote computer. Establishing secure communication channel.

21/12/2005,12:50:18 [LOGON] Connection to computer 127.0.0.1 established successfully. Session ID = 0xaaabf015.

21/12/2005,13:00:58 ---------------------------------------------------------

21/12/2005,13:00:58 [iNIT] The AVGuard Service is starting.

21/12/2005,13:01:00 [iNIT] Keyfile contains a valid license. The AVGuard service will run as a fully functional version!

21/12/2005,13:01:01 [LOGON] Connection request by remote computer. Establishing secure communication channel.

21/12/2005,13:01:02 [LOGON] Connection to computer 127.0.0.1 established successfully. Session ID = 0xaaa8ebce.

21/12/2005,13:01:14 [iNFO] Start Filter Device.

21/12/2005,13:01:20 [iNFO] Stop Filter Device.

21/12/2005,13:02:37 [iNFO] Start Filter Device.

21/12/2005,13:20:29 [ERROR] [1055] The device driver could not be loaded!

21/12/2005,13:20:29 [iNFO] Stop Filter Device.

21/12/2005,13:20:31 AVGuard service has been stopped!

21/12/2005,13:49:04 ---------------------------------------------------------

21/12/2005,13:49:04 [iNIT] The AVGuard Service is starting.

21/12/2005,13:49:07 [iNIT] Keyfile contains a valid license. The AVGuard service will run as a fully functional version!

21/12/2005,13:49:08 [LOGON] Connection request by remote computer. Establishing secure communication channel.

21/12/2005,13:49:08 [LOGON] Connection to computer 127.0.0.1 established successfully. Session ID = 0xaaaa4f5a.

21/12/2005,13:59:36 [ERROR] [1055] The device driver could not be loaded!

21/12/2005,13:59:36 [iNFO] Stop Filter Device.

21/12/2005,13:59:37 AVGuard service has been stopped!

21/12/2005,22:44:39 ---------------------------------------------------------

21/12/2005,22:44:39 [iNIT] The AVGuard Service is starting.

21/12/2005,22:44:42 [iNIT] Keyfile contains a valid license. The AVGuard service will run as a fully functional version!

21/12/2005,22:44:43 [LOGON] Connection request by remote computer. Establishing secure communication channel.

21/12/2005,22:44:43 [LOGON] Connection to computer 127.0.0.1 established successfully. Session ID = 0xaaabf187.

21/12/2005,22:46:08 [iNFO] Start Filter Device.

21/12/2005,23:03:15 [ERROR] [1055] The device driver could not be loaded!

21/12/2005,23:03:17 [iNFO] Stop Filter Device.

21/12/2005,23:03:21 AVGuard service has been stopped!

21/12/2005,23:28:34 ---------------------------------------------------------

21/12/2005,23:28:34 [iNIT] The AVGuard Service is starting.

21/12/2005,23:28:36 [iNIT] Keyfile contains a valid license. The AVGuard service will run as a fully functional version!

21/12/2005,23:28:38 [LOGON] Connection request by remote computer. Establishing secure communication channel.

21/12/2005,23:28:38 [LOGON] Connection to computer 127.0.0.1 established successfully. Session ID = 0xaaa8e87d.

21/12/2005,23:40:42 [iNFO] Start Filter Device.

21/12/2005,23:45:16 ---------------------------------------------------------

21/12/2005,23:45:16 [iNIT] The AVGuard Service is starting.

21/12/2005,23:45:19 [iNIT] Keyfile contains a valid license. The AVGuard service will run as a fully functional version!

21/12/2005,23:45:20 [LOGON] Connection request by remote computer. Establishing secure communication channel.

21/12/2005,23:45:21 [LOGON] Connection to computer 127.0.0.1 established successfully. Session ID = 0xaaaa43ad.

21/12/2005,23:55:48 [ERROR] [1055] The device driver could not be loaded!

21/12/2005,23:55:49 [iNFO] Stop Filter Device.

21/12/2005,23:55:50 AVGuard service has been stopped!

22/12/2005,00:16:25 ---------------------------------------------------------

22/12/2005,00:16:25 [iNIT] The AVGuard Service is starting.

22/12/2005,00:16:27 [iNIT] Keyfile contains a valid license. The AVGuard service will run as a fully functional version!

22/12/2005,00:40:56 [iNFO] Start Filter Device.

22/12/2005,00:40:56 AntiVirService Version: 6.32.00.12 AVE Version 6.33.0.61 VDF Version: 6.33.0.15

22/12/2005,00:40:56 AVGuard has been started successfully!

22/12/2005,00:43:48 ---------------------------------------------------------

22/12/2005,00:43:48 [iNIT] The AVGuard Service is starting.

22/12/2005,00:43:50 [iNIT] Keyfile contains a valid license. The AVGuard service will run as a fully functional version!

22/12/2005,01:02:49 [ERROR] [1055] The device driver could not be loaded!

22/12/2005,01:02:49 [iNFO] Stop Filter Device.

22/12/2005,01:02:50 AVGuard service has been stopped!

22/12/2005,22:03:54 ---------------------------------------------------------

22/12/2005,22:03:54 [iNIT] The AVGuard Service is starting.

22/12/2005,22:04:01 [iNIT] Keyfile contains a valid license. The AVGuard service will run as a fully functional version!

22/12/2005,22:05:35 [iNFO] Start Filter Device.

22/12/2005,22:05:35 AntiVirService Version: 6.32.00.12 AVE Version 6.33.0.61 VDF Version: 6.33.0.15

22/12/2005,22:05:35 AVGuard has been started successfully!

23/12/2005,06:13:13 [iNFO] Stop Filter Device.

23/12/2005,06:13:17 AVGuard service has been stopped!

23/12/2005,17:20:03 ---------------------------------------------------------

23/12/2005,17:20:03 [iNIT] The AVGuard Service is starting.

23/12/2005,17:20:07 [iNIT] Keyfile contains a valid license. The AVGuard service will run as a fully functional version!

23/12/2005,17:20:16 [iNFO] Start Filter Device.

23/12/2005,17:20:16 AntiVirService Version: 6.32.00.12 AVE Version 6.33.0.61 VDF Version: 6.33.0.15

23/12/2005,17:20:16 AVGuard has been started successfully!

23/12/2005,18:57:24 [iNFO] Stop Filter Device.

23/12/2005,18:57:25 AVGuard service has been stopped!

23/12/2005,18:57:27 ---------------------------------------------------------

23/12/2005,18:57:27 [iNIT] The AVGuard Service is starting.

23/12/2005,18:57:30 [iNIT] Keyfile contains a valid license. The AVGuard service will run as a fully functional version!

23/12/2005,18:57:31 [iNFO] Start Filter Device.

23/12/2005,18:57:31 AntiVirService Version: 6.32.00.12 AVE Version 6.33.0.70 VDF Version: 6.33.0.59

23/12/2005,18:57:31 AVGuard has been started successfully!

23/12/2005,19:40:02 WARNING: AVGuard detected a problem in the file

C:\DOCUMENTS AND SETTINGS\NICO\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\21PEVEHK\COMMUNIQUE_PCSECURITYTEST2006[1].DOC

ATTENTION: This OLE document is possibly damaged!

23/12/2005,19:40:06 WARNING: AVGuard detected a problem in the file

C:\DOCUMENTS AND SETTINGS\NICO\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\21PEVEHK\COMMUNIQUE_PCSECURITYTEST2006[1].DOC

ATTENTION: This OLE document is possibly damaged!

23/12/2005,20:02:55 WARNING: Contains code of the Eicar-Test-Signature virus!

C:\DOCUMENTS AND SETTINGS\NICO\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\KFBRUGHX\EICAR[1].COM

23/12/2005,20:03:55 WARNING: Contains code of the Eicar-Test-Signature virus!

C:\DOCUMENTS AND SETTINGS\NICO\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\MBI36HIN\EICAR[1].COM

23/12/2005,20:04:26 WARNING: Contains code of the Eicar-Test-Signature virus!

C:\DOCUMENTS AND SETTINGS\NICO\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\KFBRUGHX\EICAR[1].COM

23/12/2005,20:12:36 [LOGON] Connection request by remote computer. Establishing secure communication channel.

23/12/2005,20:12:36 [LOGON] Connection to computer 127.0.0.1 established successfully. Session ID = 0xaa3426a6.

24/12/2005,03:59:46 [iNFO] Stop Filter Device.

24/12/2005,03:59:50 AVGuard service has been stopped!

24/12/2005,15:22:35 ---------------------------------------------------------

24/12/2005,15:22:35 [iNIT] The AVGuard Service is starting.

24/12/2005,15:22:42 [iNIT] Keyfile contains a valid license. The AVGuard service will run as a fully functional version!

24/12/2005,15:22:46 [iNFO] Start Filter Device.

24/12/2005,15:22:46 AntiVirService Version: 6.32.00.12 AVE Version 6.33.0.70 VDF Version: 6.33.0.59

24/12/2005,15:22:46 AVGuard has been started successfully!

24/12/2005,15:25:22 [LOGON] Connection request by remote computer. Establishing secure communication channel.

24/12/2005,15:25:23 [LOGON] Connection to computer 127.0.0.1 established successfully. Session ID = 0xaaa84262.

25/12/2005,02:11:54 WARNING: AVGuard detected a problem in the file

C:\DOCUMENTS AND SETTINGS\NICO\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\R3DZN9GW\MIKELINKS[2].COM

INFO: The size of this COM-file is too large!

25/12/2005,04:16:00 ---------------------------------------------------------

25/12/2005,04:16:00 [iNIT] The AVGuard Service is starting.

25/12/2005,04:16:05 [iNIT] Keyfile contains a valid license. The AVGuard service will run as a fully functional version!

25/12/2005,04:16:11 [iNFO] Start Filter Device.

25/12/2005,04:16:11 AntiVirService Version: 6.32.00.12 AVE Version 6.33.0.70 VDF Version: 6.33.0.59

25/12/2005,04:16:11 AVGuard has been started successfully!

25/12/2005,04:18:15 [LOGON] Connection request by remote computer. Establishing secure communication channel.

25/12/2005,04:18:15 [LOGON] Connection to computer 127.0.0.1 established successfully. Session ID = 0xaaa8c4c1.

26/12/2005,04:07:05 [iNFO] Stop Filter Device.

26/12/2005,04:07:09 AVGuard service has been stopped!

26/12/2005,04:08:08 ---------------------------------------------------------

26/12/2005,04:08:08 [iNIT] The AVGuard Service is starting.

26/12/2005,04:08:14 [iNIT] Keyfile contains a valid license. The AVGuard service will run as a fully functional version!

26/12/2005,04:08:20 [iNFO] Start Filter Device.

26/12/2005,04:08:20 AntiVirService Version: 6.32.00.12 AVE Version 6.33.0.70 VDF Version: 6.33.0.59

26/12/2005,04:08:20 AVGuard has been started successfully!

26/12/2005,04:08:25 WARNING: Is the Trojan horse TR/Dldr.Zlob.CV!

C:\WINDOWS\SYSTEM32\LDA0A9.TMP

26/12/2005,04:08:25 WARNING: Contains signature of the worm WORM/Ider.A.Rkit!

C:\WINDOWS\SYSTEM32\HPA1D5.TMP

26/12/2005,04:11:38 [LOGON] Connection request by remote computer. Establishing secure communication channel.

26/12/2005,04:11:39 [LOGON] Connection to computer 127.0.0.1 established successfully. Session ID = 0xaaa93e15.

26/12/2005,04:37:29 [iNFO] Stop Filter Device.

26/12/2005,04:37:33 AVGuard service has been stopped!

26/12/2005,12:29:32 ---------------------------------------------------------

26/12/2005,12:29:32 [iNIT] The AVGuard Service is starting.

26/12/2005,12:29:35 [iNIT] Keyfile contains a valid license. The AVGuard service will run as a fully functional version!

26/12/2005,12:33:39 [LOGON] Connection request by remote computer. Establishing secure communication channel.

26/12/2005,12:33:39 [LOGON] Connection to computer 127.0.0.1 established successfully. Session ID = 0xaaae06ea.

26/12/2005,12:34:14 [iNFO] Start Filter Device.

26/12/2005,12:41:02 [ERROR] [1055] The device driver could not be loaded!

26/12/2005,12:41:03 [iNFO] Stop Filter Device.

26/12/2005,12:41:04 AVGuard service has been stopped!

26/12/2005,12:48:05 ---------------------------------------------------------

26/12/2005,12:48:05 [iNIT] The AVGuard Service is starting.

26/12/2005,12:48:08 [iNIT] Keyfile contains a valid license. The AVGuard service will run as a fully functional version!

26/12/2005,12:59:36 [ERROR] [1055] The device driver could not be loaded!

26/12/2005,12:59:37 [iNFO] Stop Filter Device.

26/12/2005,12:59:38 AVGuard service has been stopped!

26/12/2005,13:46:41 ---------------------------------------------------------

26/12/2005,13:46:41 [iNIT] The AVGuard Service is starting.

26/12/2005,13:46:48 [iNIT] Keyfile contains a valid license. The AVGuard service will run as a fully functional version!

26/12/2005,13:46:52 [iNFO] Start Filter Device.

26/12/2005,13:46:52 AntiVirService Version: 6.32.00.12 AVE Version 6.33.0.70 VDF Version: 6.33.0.59

26/12/2005,13:46:52 AVGuard has been started successfully!

26/12/2005,13:47:01 WARNING: Contains signature of the worm WORM/Ider.A.Rkit!

C:\WINDOWS\SYSTEM32\HPA289.TMP

26/12/2005,13:47:01 WARNING: Is the Trojan horse TR/Dldr.Zlob.CV!

C:\WINDOWS\SYSTEM32\LDA370.TMP

26/12/2005,14:20:44 [LOGON] Connection request by remote computer. Establishing secure communication channel.

26/12/2005,14:20:45 [LOGON] Connection to computer 127.0.0.1 established successfully. Session ID = 0xaab52e74.

26/12/2005,18:35:39 [iNFO] Stop Filter Device.

26/12/2005,18:35:43 AVGuard service has been stopped!

26/12/2005,21:20:46 ---------------------------------------------------------

26/12/2005,21:20:46 [iNIT] The AVGuard Service is starting.

26/12/2005,21:20:49 [iNIT] Keyfile contains a valid license. The AVGuard service will run as a fully functional version!

26/12/2005,21:22:00 [LOGON] Connection request by remote computer. Establishing secure communication channel.

26/12/2005,21:22:00 [LOGON] Connection to computer 127.0.0.1 established successfully. Session ID = 0xaaa8a154.

26/12/2005,21:22:15 [iNFO] Start Filter Device.

26/12/2005,21:32:17 [ERROR] [1055] The device driver could not be loaded!

26/12/2005,21:32:18 [iNFO] Stop Filter Device.

26/12/2005,21:32:20 AVGuard service has been stopped!

26/12/2005,21:41:22 ---------------------------------------------------------

26/12/2005,21:41:22 [iNIT] The AVGuard Service is starting.

26/12/2005,21:41:25 [iNIT] Keyfile contains a valid license. The AVGuard service will run as a fully functional version!

26/12/2005,21:41:26 [LOGON] Connection request by remote computer. Establishing secure communication channel.

26/12/2005,21:41:26 [LOGON] Connection to computer 127.0.0.1 established successfully. Session ID = 0xaaaba5a7.

26/12/2005,21:41:38 [iNFO] Start Filter Device.

26/12/2005,21:51:54 [ERROR] [1055] The device driver could not be loaded!

26/12/2005,21:51:55 [iNFO] Stop Filter Device.

26/12/2005,21:51:56 AVGuard service has been stopped!

26/12/2005,22:05:21 ---------------------------------------------------------

26/12/2005,22:05:21 [iNIT] The AVGuard Service is starting.

26/12/2005,22:05:24 [iNIT] Keyfile contains a valid license. The AVGuard service will run as a fully functional version!

26/12/2005,22:05:26 [LOGON] Connection request by remote computer. Establishing secure communication channel.

26/12/2005,22:05:26 [LOGON] Connection to computer 127.0.0.1 established successfully. Session ID = 0xaaaba893.

26/12/2005,22:06:11 [iNFO] Start Filter Device.

26/12/2005,22:15:54 [ERROR] [1055] The device driver could not be loaded!

26/12/2005,22:15:54 [iNFO] Stop Filter Device.

26/12/2005,22:15:55 AVGuard service has been stopped!

26/12/2005,22:21:18 ---------------------------------------------------------

26/12/2005,22:21:18 [iNIT] The AVGuard Service is starting.

26/12/2005,22:21:24 [iNIT] Keyfile contains a valid license. The AVGuard service will run as a fully functional version!

26/12/2005,22:22:58 [LOGON] Connection request by remote computer. Establishing secure communication channel.

26/12/2005,22:22:58 [LOGON] Connection to computer 127.0.0.1 established successfully. Session ID = 0xaaa8a542.

26/12/2005,22:23:05 [iNFO] Start Filter Device.

26/12/2005,22:25:15 [iNFO] Stop Filter Device.

26/12/2005,22:28:20 [ERROR] [1055] The device driver could not be loaded!

26/12/2005,22:28:21 [iNFO] Stop Filter Device.

26/12/2005,22:28:22 AVGuard service has been stopped!

27/12/2005,00:45:44 ---------------------------------------------------------

27/12/2005,00:45:44 [iNIT] The AVGuard Service is starting.

27/12/2005,00:45:56 [iNIT] Keyfile contains a valid license. The AVGuard service will run as a fully functional version!

27/12/2005,00:46:01 [iNFO] Start Filter Device.

27/12/2005,00:46:01 AntiVirService Version: 6.32.00.12 AVE Version 6.33.0.70 VDF Version: 6.33.0.59

27/12/2005,00:46:01 AVGuard has been started successfully!

27/12/2005,00:54:55 WARNING: Contains signature of the worm WORM/Ider.A.Rkit!

C:\WINDOWS\SYSTEM32\HP7063.TMP

27/12/2005,01:07:12 WARNING: Is the Trojan horse TR/Dldr.Zlob.CV!

C:\WINDOWS\SYSTEM32\LD6EBE.TMP

27/12/2005,01:24:48 WARNING: Contains signature of the worm WORM/Ider.A.Rkit!

C:\WINDOWS\SYSTEM32\HP7063.TMP

27/12/2005,01:30:00 WARNING: Is the Trojan horse TR/Dldr.Zlob.CV!

C:\WINDOWS\SYSTEM32\LD595.TMP

27/12/2005,01:31:14 WARNING: Contains signature of the worm WORM/Ider.A.Rkit!

C:\WINDOWS\SYSTEM32\HP7063.TMP

27/12/2005,01:37:04 [LOGON] Connection request by remote computer. Establishing secure communication channel.

27/12/2005,01:37:04 [LOGON] Connection to computer 127.0.0.1 established successfully. Session ID = 0xaa85d725.

27/12/2005,01:41:20 WARNING: Contains signature of the worm WORM/Ider.A.Rkit!

C:\WINDOWS\SYSTEM32\HP7063.TMP

27/12/2005,01:45:13 WARNING: Contains signature of the worm WORM/Ider.A.Rkit!

C:\WINDOWS\SYSTEM32\HP7063.TMP

27/12/2005,01:45:48 WARNING: Contains signature of the worm WORM/Ider.A.Rkit!

C:\WINDOWS\SYSTEM32\HP7063.TMP

27/12/2005,01:46:23 WARNING: Contains signature of the worm WORM/Ider.A.Rkit!

C:\WINDOWS\SYSTEM32\HP7063.TMP

27/12/2005,01:46:55 WARNING: Contains signature of the worm WORM/Ider.A.Rkit!

C:\WINDOWS\SYSTEM32\HP7063.TMP

27/12/2005,01:49:37 WARNING: Contains signature of the worm WORM/Ider.A.Rkit!

C:\WINDOWS\SYSTEM32\HP7063.TMP

27/12/2005,01:49:57 WARNING: Contains signature of the worm WORM/Ider.A.Rkit!

C:\WINDOWS\SYSTEM32\HP7063.TMP

27/12/2005,01:56:31 WARNING: Contains signature of the worm WORM/Ider.A.Rkit!

C:\WINDOWS\SYSTEM32\HP7063.TMP

27/12/2005,01:59:57 WARNING: Contains signature of the worm WORM/Ider.A.Rkit!

C:\WINDOWS\SYSTEM32\HP7063.TMP

27/12/2005,02:03:39 WARNING: Contains signature of the worm WORM/Ider.A.Rkit!

C:\WINDOWS\SYSTEM32\HP7063.TMP

27/12/2005,02:04:28 WARNING: Contains signature of the worm WORM/Ider.A.Rkit!

C:\WINDOWS\SYSTEM32\HP7063.TMP

27/12/2005,02:14:41 WARNING: Contains signature of the worm WORM/Ider.A.Rkit!

C:\WINDOWS\SYSTEM32\HP7063.TMP

27/12/2005,02:15:38 WARNING: Contains signature of the worm WORM/Ider.A.Rkit!

C:\WINDOWS\SYSTEM32\HP7063.TMP

27/12/2005,02:28:47 WARNING: Contains signature of the worm WORM/Ider.A.Rkit!

C:\WINDOWS\SYSTEM32\HP7063.TMP

27/12/2005,02:31:10 WARNING: Contains signature of the worm WORM/Ider.A.Rkit!

C:\WINDOWS\SYSTEM32\HP7063.TMP

27/12/2005,02:37:33 WARNING: Contains signature of the worm WORM/Ider.A.Rkit!

C:\WINDOWS\SYSTEM32\HP7063.TMP

27/12/2005,03:36:02 WARNING: Contains signature of the worm WORM/Ider.A.Rkit!

C:\WINDOWS\SYSTEM32\HP7063.TMP

27/12/2005,03:55:51 WARNING: Contains signature of the worm WORM/Ider.A.Rkit!

C:\WINDOWS\SYSTEM32\HP7063.TMP

27/12/2005,03:56:55 [iNFO] Stop Filter Device.

27/12/2005,03:56:58 AVGuard service has been stopped!

27/12/2005,13:17:48 -----

mi-lion · le 18 janvier 2006

je m'énerve un peu sur les boutons là,

mais il manque un bout de ce que j'ai collé

27/12/2005,03:56:55 [iNFO] Stop Filter Device.

27/12/2005,03:56:58 AVGuard service has been stopped!

27/12/2005,13:17:48 ---------------------------------------------------------

27/12/2005,13:17:48 [iNIT] The AVGuard Service is starting.

27/12/2005,13:17:51 [iNIT] Keyfile contains a valid license. The AVGuard service will run as a fully functional version!

27/12/2005,13:28:20 [ERROR] [1055] The device driver could not be loaded!

27/12/2005,13:28:20 [iNFO] Stop Filter Device.

27/12/2005,13:28:22 AVGuard service has been stopped!

28/12/2005,00:03:51 ---------------------------------------------------------

28/12/2005,00:03:51 [iNIT] The AVGuard Service is starting.

28/12/2005,00:03:57 [iNIT] Keyfile contains a valid license. The AVGuard service will run as a fully functional version!

28/12/2005,00:04:03 [iNFO] Start Filter Device.

28/12/2005,00:04:03 AntiVirService Version: 6.32.00.12 AVE Version 6.33.0.70 VDF Version: 6.33.0.59

28/12/2005,00:04:03 AVGuard has been started successfully!

28/12/2005,00:12:50 WARNING: Contains signature of the worm WORM/Ider.A.Rkit!

C:\WINDOWS\SYSTEM32\HP9F38.TMP

28/12/2005,00:25:43 WARNING: Is the Trojan horse TR/Dldr.Zlob.CV!

C:\WINDOWS\SYSTEM32\LD6E3C.TMP

28/12/2005,03:02:10 WARNING: Contains signature of the worm WORM/Ider.A.Rkit!

C:\WINDOWS\SYSTEM32\HP9F38.TMP

28/12/2005,03:43:21 WARNING: Is the Trojan horse TR/Dldr.Zlob.CV!

C:\WINDOWS\SYSTEM32\LD4DF2.TMP

28/12/2005,03:49:35 WARNING: Contains signature of the worm WORM/Ider.A.Rkit!

C:\WINDOWS\SYSTEM32\HP9F38.TMP

28/12/2005,04:25:17 [iNFO] Stop Filter Device.

28/12/2005,04:25:20 AVGuard service has been stopped!

28/12/2005,12:54:13 ---------------------------------------------------------

28/12/2005,12:54:13 [iNIT] The AVGuard Service is starting.

28/12/2005,12:54:19 [iNIT] Keyfile contains a valid license. The AVGuard service will run as a fully functional version!

28/12/2005,12:54:27 [iNFO] Start Filter Device.

28/12/2005,12:54:27 AntiVirService Version: 6.32.00.12 AVE Version 6.33.0.70 VDF Version: 6.33.0.59

28/12/2005,12:54:27 AVGuard has been started successfully!

28/12/2005,12:54:31 WARNING: Is the Trojan horse TR/Dldr.Zlob.CV!

C:\WINDOWS\SYSTEM32\LDA6D7.TMP

28/12/2005,13:02:19 WARNING: Contains signature of the worm WORM/Ider.A.Rkit!

C:\WINDOWS\SYSTEM32\HP9F38.TMP

28/12/2005,14:59:07 WARNING: Contains signature of the worm WORM/Ider.A.Rkit!

C:\WINDOWS\SYSTEM32\HP9F38.TMP

28/12/2005,15:00:13 WARNING: Contains signature of the worm WORM/Ider.A.Rkit!

C:\WINDOWS\SYSTEM32\HP9F38.TMP

28/12/2005,15:01:08 WARNING: Contains signature of the worm WORM/Ider.A.Rkit!

C:\WINDOWS\SYSTEM32\HP9F38.TMP

28/12/2005,15:02:49 [LOGON] Connection request by remote computer. Establishing secure communication channel.

28/12/2005,15:02:49 [LOGON] Connection to computer 127.0.0.1 established successfully. Session ID = 0xaadcb511.

28/12/2005,15:08:13 WARNING: Contains signature of the worm WORM/Ider.A.Rkit!

C:\WINDOWS\SYSTEM32\HP9F38.TMP

28/12/2005,15:10:51 WARNING: Contains signature of the worm WORM/Ider.A.Rkit!

C:\WINDOWS\SYSTEM32\HP9F38.TMP

28/12/2005,15:11:01 WARNING: Contains signature of the worm WORM/Ider.A.Rkit!

C:\WINDOWS\SYSTEM32\HP9F38.TMP

28/12/2005,15:37:02 WARNING: Contains signature of the worm WORM/Ider.A.Rkit!

C:\WINDOWS\SYSTEM32\HP9F38.TMP

28/12/2005,15:54:16 WARNING: Contains signature of the worm WORM/Ider.A.Rkit!

C:\WINDOWS\SYSTEM32\HP9F38.TMP

28/12/2005,16:27:17 WARNING: Contains signature of the worm WORM/Ider.A.Rkit!

C:\WINDOWS\SYSTEM32\HP9F38.TMP

28/12/2005,19:12:40 WARNING: Contains signature of the worm WORM/Ider.A.Rkit!

C:\WINDOWS\SYSTEM32\HP9F38.TMP

28/12/2005,19:13:11 WARNING: Contains signature of the worm WORM/Ider.A.Rkit!

C:\WINDOWS\SYSTEM32\HP9F38.TMP

28/12/2005,19:13:45 WARNING: Contains signature of the worm WORM/Ider.A.Rkit!

C:\WINDOWS\SYSTEM32\HP9F38.TMP

28/12/2005,19:15:34 WARNING: Contains signature of the worm WORM/Ider.A.Rkit!

C:\WINDOWS\SYSTEM32\HP9F38.TMP

28/12/2005,19:19:52 WARNING: Contains signature of the worm WORM/Ider.A.Rkit!

C:\WINDOWS\SYSTEM32\HP9F38.TMP

28/12/2005,19:21:49 WARNING: Contains signature of the worm WORM/Ider.A.Rkit!

C:\WINDOWS\SYSTEM32\HP9F38.TMP

28/12/2005,19:34:43 WARNING: Contains signature of the worm WORM/Ider.A.Rkit!

C:\WINDOWS\SYSTEM32\HP9F38.TMP

28/12/2005,21:07:59 WARNING: Contains signature of the worm WORM/Ider.A.Rkit!

C:\WINDOWS\SYSTEM32\HP9F38.TMP

28/12/2005,21:08:14 WARNING: Contains signature of the worm WORM/Ider.A.Rkit!

C:\WINDOWS\SYSTEM32\HP9F38.TMP

28/12/2005,21:29:37 WARNING: Contains signature of the worm WORM/Ider.A.Rkit!

C:\WINDOWS\SYSTEM32\HP9F38.TMP

28/12/2005,21:30:51 WARNING: Contains signature of the worm WORM/Ider.A.Rkit!

C:\WINDOWS\SYSTEM32\HP9F38.TMP

28/12/2005,21:32:09 WARNING: Contains signature of the worm WORM/Ider.A.Rkit!

C:\WINDOWS\SYSTEM32\HP9F38.TMP

28/12/2005,21:35:00 WARNING: Contains signature of the worm WORM/Ider.A.Rkit!

C:\WINDOWS\SYSTEM32\HP9F38.TMP

28/12/2005,21:42:14 WARNING: Contains signature of the worm WORM/Ider.A.Rkit!

C:\WINDOWS\SYSTEM32\HP9F38.TMP

28/12/2005,21:42:41 WARNING: Contains signature of the worm WORM/Ider.A.Rkit!

C:\WINDOWS\SYSTEM32\HP9F38.TMP

28/12/2005,21:42:59 WARNING: Contains signature of the worm WORM/Ider.A.Rkit!

C:\WINDOWS\SYSTEM32\HP9F38.TMP

28/12/2005,22:03:33 WARNING: Contains signature of the worm WORM/Ider.A.Rkit!

C:\WINDOWS\SYSTEM32\HP9F38.TMP

28/12/2005,22:34:51 WARNING: Contains signature of the worm WORM/Ider.A.Rkit!

C:\WINDOWS\SYSTEM32\HP9F38.TMP

28/12/2005,22:59:35 WARNING: Contains signature of the worm WORM/Ider.A.Rkit!

C:\WINDOWS\SYSTEM32\HP9F38.TMP

28/12/2005,23:09:11 WARNING: Contains signature of the worm WORM/Ider.A.Rkit!

C:\WINDOWS\SYSTEM32\HP9F38.TMP

28/12/2005,23:37:41 WARNING: Contains signature of the worm WORM/Ider.A.Rkit!

C:\WINDOWS\SYSTEM32\HP9F38.TMP

28/12/2005,23:38:01 WARNING: Contains signature of the worm WORM/Ider.A.Rkit!

C:\WINDOWS\SYSTEM32\HP9F38.TMP

28/12/2005,23:38:13 WARNING: Contains signature of the worm WORM/Ider.A.Rkit!

C:\WINDOWS\SYSTEM32\HP9F38.TMP

29/12/2005,00:27:49 WARNING: Contains signature of the worm WORM/Ider.A.Rkit!

C:\WINDOWS\SYSTEM32\HP9F38.TMP

29/12/2005,00:27:58 WARNING: Contains signature of the worm WORM/Ider.A.Rkit!

C:\WINDOWS\SYSTEM32\HP9F38.TMP

29/12/2005,00:28:34 WARNING: Contains signature of the worm WORM/Ider.A.Rkit!

C:\WINDOWS\SYSTEM32\HP9F38.TMP

29/12/2005,00:29:02 WARNING: Contains signature of the worm WORM/Ider.A.Rkit!

C:\WINDOWS\SYSTEM32\HP9F38.TMP

29/12/2005,00:29:37 WARNING: Contains signature of the worm WORM/Ider.A.Rkit!

C:\WINDOWS\SYSTEM32\HP9F38.TMP

29/12/2005,00:30:04 WARNING: Contains signature of the worm WORM/Ider.A.Rkit!

C:\WINDOWS\SYSTEM32\HP9F38.TMP

29/12/2005,00:30:52 WARNING: Contains signature of the worm WORM/Ider.A.Rkit!

C:\WINDOWS\SYSTEM32\HP9F38.TMP

29/12/2005,00:32:45 WARNING: Contains signature of the worm WORM/Ider.A.Rkit!

C:\WINDOWS\SYSTEM32\HP9F38.TMP

29/12/2005,00:34:06 WARNING: Contains signature of the worm WORM/Ider.A.Rkit!

C:\WINDOWS\SYSTEM32\HP9F38.TMP

29/12/2005,00:34:25 WARNING: Contains signature of the worm WORM/Ider.A.Rkit!

C:\WINDOWS\SYSTEM32\HP9F38.TMP

29/12/2005,00:34:56 WARNING: Contains signature of the worm WORM/Ider.A.Rkit!

C:\WINDOWS\SYSTEM32\HP9F38.TMP

29/12/2005,00:36:03 WARNING: Contains signature of the worm WORM/Ider.A.Rkit!

C:\WINDOWS\SYSTEM32\HP9F38.TMP

29/12/2005,00:37:38 WARNING: Contains signature of the worm WORM/Ider.A.Rkit!

C:\WINDOWS\SYSTEM32\HP9F38.TMP

29/12/2005,00:39:30 WARNING: Contains signature of the worm WORM/Ider.A.Rkit!

C:\WINDOWS\SYSTEM32\HP9F38.TMP

29/12/2005,00:40:08 WARNING: Contains signature of the worm WORM/Ider.A.Rkit!

C:\WINDOWS\SYSTEM32\HP9F38.TMP

29/12/2005,00:40:47 WARNING: Contains signature of the worm WORM/Ider.A.Rkit!

C:\WINDOWS\SYSTEM32\HP9F38.TMP

29/12/2005,00:41:36 WARNING: Contains signature of the worm WORM/Ider.A.Rkit!

C:\WINDOWS\SYSTEM32\HP9F38.TMP

29/12/2005,00:41:50 WARNING: Contains signature of the worm WORM/Ider.A.Rkit!

C:\WINDOWS\SYSTEM32\HP9F38.TMP

29/12/2005,00:42:10 WARNING: Contains signature of the worm WORM/Ider.A.Rkit!

C:\WINDOWS\SYSTEM32\HP9F38.TMP

29/12/2005,01:35:59 WARNING: Contains signature of the worm WORM/Ider.A.Rkit!

C:\WINDOWS\SYSTEM32\HP9F38.TMP

29/12/2005,01:36:57 WARNING: Contains signature of the worm WORM/Ider.A.Rkit!

C:\WINDOWS\SYSTEM32\HP9F38.TMP

29/12/2005,01:38:28 WARNING: Contains signature of the worm WORM/Ider.A.Rkit!

C:\WINDOWS\SYSTEM32\HP9F38.TMP

29/12/2005,01:38:56 WARNING: Contains signature of the worm WORM/Ider.A.Rkit!

C:\WINDOWS\SYSTEM32\HP9F38.TMP

29/12/2005,01:39:32 WARNING: Contains signature of the worm WORM/Ider.A.Rkit!

C:\WINDOWS\SYSTEM32\HP9F38.TMP

29/12/2005,01:42:14 WARNING: Contains signature of the worm WORM/Ider.A.Rkit!

C:\WINDOWS\SYSTEM32\HP9F38.TMP

29/12/2005,01:55:32 WARNING: Contains signature of the worm WORM/Ider.A.Rkit!

C:\WINDOWS\SYSTEM32\HP9F38.TMP

29/12/2005,01:55:56 WARNING: Contains signature of the worm WORM/Ider.A.Rkit!

C:\WINDOWS\SYSTEM32\HP9F38.TMP

29/12/2005,01:56:03 WARNING: Contains signature of the worm WORM/Ider.A.Rkit!

C:\WINDOWS\SYSTEM32\HP9F38.TMP

29/12/2005,01:56:11 WARNING: Contains signature of the worm WORM/Ider.A.Rkit!

C:\WINDOWS\SYSTEM32\HP9F38.TMP

29/12/2005,01:56:33 WARNING: Contains signature of the worm WORM/Ider.A.Rkit!

C:\WINDOWS\SYSTEM32\HP9F38.TMP

29/12/2005,01:57:38 WARNING: Contains signature of the worm WORM/Ider.A.Rkit!

C:\WINDOWS\SYSTEM32\HP9F38.TMP

29/12/2005,13:46:06 ---------------------------------------------------------

29/12/2005,13:46:06 [iNIT] The AVGuard Service is starting.

29/12/2005,13:46:12 [iNIT] Keyfile contains a valid license. The AVGuard service will run as a fully functional version!

29/12/2005,13:46:23 [iNFO] Start Filter Device.

29/12/2005,13:46:23 AntiVirService Version: 6.32.00.12 AVE Version 6.33.0.70 VDF Version: 6.33.0.59

29/12/2005,13:46:23 AVGuard has been started successfully!

29/12/2005,13:46:26 WARNING: Is the Trojan horse TR/Dldr.Zlob.CV!

C:\WINDOWS\SYSTEM32\LDB22F.TMP

29/12/2005,23:23:15 [LOGON] Connection request by remote computer. Establishing secure communication channel.

29/12/2005,23:23:15 [LOGON] Connection to computer 127.0.0.1 established successfully. Session ID = 0xa8ba6635.

30/12/2005,04:51:57 [iNFO] Stop Filter Device.

30/12/2005,04:52:00 AVGuard service has been stopped!

30/12/2005,13:59:50 ---------------------------------------------------------

30/12/2005,13:59:50 [iNIT] The AVGuard Service is starting.

30/12/2005,13:59:57 [iNIT] Keyfile contains a valid license. The AVGuard service will run as a fully functional version!

30/12/2005,14:02:35 [iNFO] Start Filter Device.

30/12/2005,14:02:35 AntiVirService Version: 6.32.00.12 AVE Version 6.33.0.70 VDF Version: 6.33.0.59

30/12/2005,14:02:35 AVGuard has been started successfully!

30/12/2005,14:02:42 WARNING: Contains signature of the worm WORM/Ider.A.Rkit!

C:\WINDOWS\SYSTEM32\HP166E.TMP

30/12/2005,14:07:20 [LOGON] Connection request by remote computer. Establishing secure communication channel.

30/12/2005,14:07:21 [LOGON] Connection to computer 127.0.0.1 established successfully. Session ID = 0xaaadfca9.

30/12/2005,16:08:45 ---------------------------------------------------------

30/12/2005,16:08:45 [iNIT] The AVGuard Service is starting.

30/12/2005,16:08:51 [iNIT] Keyfile contains a valid license. The AVGuard service will run as a fully functional version!

30/12/2005,16:09:04 [iNFO] Start Filter Device.

30/12/2005,16:09:04 AntiVirService Version: 6.32.00.12 AVE Version 6.33.0.70 VDF Version: 6.33.0.59

30/12/2005,16:09:04 AVGuard has been started successfully!

30/12/2005,16:22:33 WARNING: Contains signature of the worm WORM/Ider.A.Rkit!

C:\WINDOWS\SYSTEM32\HPA474.TMP

30/12/2005,16:30:37 WARNING: Is the Trojan horse TR/Dldr.Zlob.CV!

C:\WINDOWS\SYSTEM32\LDA261.TMP

Unable to delete the file:

0x00000005 - Accès refusé.

30/12/2005,19:50:15 ---------------------------------------------------------

30/12/2005,19:50:15 [iNIT] The AVGuard Service is starting.

30/12/2005,19:50:26 [iNIT] Keyfile contains a valid license. The AVGuard service will run as a fully functional version!

30/12/2005,19:52:52 [iNFO] Start Filter Device.

30/12/2005,19:52:52 AntiVirService Version: 6.32.00.12 AVE Version 6.33.0.70 VDF Version: 6.33.0.59

30/12/2005,19:52:52 AVGuard has been started successfully!

30/12/2005,19:53:17 WARNING: Contains signature of the worm WORM/Ider.A.Rkit!

C:\WINDOWS\SYSTEM32\HP9CB5.TMP

30/12/2005,19:53:20 WARNING: Contains signature of the worm WORM/Ider.A.Rkit!

C:\WINDOWS\SYSTEM32\HP759C.TMP

30/12/2005,19:54:52 [LOGON] Connection request by remote computer. Establishing secure communication channel.

30/12/2005,19:54:52 [LOGON] Connection to computer 127.0.0.1 established successfully. Session ID = 0xaaae4aab.

30/12/2005,22:58:00 ---------------------------------------------------------

30/12/2005,22:58:00 [iNIT] The AVGuard Service is starting.

30/12/2005,22:58:05 [iNIT] Keyfile contains a valid license. The AVGuard service will run as a fully functional version!

30/12/2005,22:58:16 [iNFO] Start Filter Device.

30/12/2005,22:58:16 AntiVirService Version: 6.32.00.12 AVE Version 6.33.0.70 VDF Version: 6.33.0.59

30/12/2005,22:58:16 AVGuard has been started successfully!

30/12/2005,23:28:47 WARNING: Contains signature of the worm WORM/Ider.A.Rkit!

C:\WINDOWS\SYSTEM32\HPAD37.TMP

30/12/2005,23:29:26 WARNING: Contains signature of the worm WORM/Ider.A.Rkit!

C:\WINDOWS\SYSTEM32\HPAD37.TMP

30/12/2005,23:30:36 WARNING: Contains signature of the worm WORM/Ider.A.Rkit!

C:\WINDOWS\SYSTEM32\HPAD37.TMP

30/12/2005,23:42:31 WARNING: Contains signature of the worm WORM/Ider.A.Rkit!

C:\WINDOWS\SYSTEM32\HPAD37.TMP

30/12/2005,23:50:27 WARNING: Is the Trojan horse TR/Dldr.Zlob.CV!

C:\WINDOWS\SYSTEM32\LDA9C6.TMP

31/12/2005,00:00:26 [iNFO] Stop Filter Device.

31/12/2005,00:00:29 AVGuard service has been stopped!

31/12/2005,00:01:26 ---------------------------------------------------------

31/12/2005,00:01:26 [iNIT] The AVGuard Service is starting.

31/12/2005,00:01:33 [iNIT] Keyfile contains a valid license. The AVGuard service will run as a fully functional version!

31/12/2005,00:01:38 [iNFO] Start Filter Device.

31/12/2005,00:01:38 AntiVirService Version: 6.32.00.12 AVE Version 6.33.0.70 VDF Version: 6.33.0.59

31/12/2005,00:01:38 AVGuard has been started successfully!

31/12/2005,00:14:47 ---------------------------------------------------------

31/12/2005,00:14:47 [iNIT] The AVGuard Service is starting.

31/12/2005,00:14:56 [iNIT] Keyfile contains a valid license. The AVGuard service will run as a fully functional version!

31/12/2005,00:15:03 [iNFO] Start Filter Device.

31/12/2005,00:15:03 AntiVirService Version: 6.32.00.12 AVE Version 6.33.0.70 VDF Version: 6.33.0.59

31/12/2005,00:15:03 AVGuard has been started successfully!

31/12/2005,00:24:14 WARNING: Contains signature of the worm WORM/Ider.A.Rkit!

C:\WINDOWS\SYSTEM32\HP9D0F.TMP

31/12/2005,00:32:07 WARNING: Is the Trojan horse TR/Dldr.Zlob.CV!

C:\WINDOWS\SYSTEM32\LD96F5.TMP

31/12/2005,00:42:15 [iNFO] Stop Filter Device.

31/12/2005,00:42:19 AVGuard service has been stopped!

31/12/2005,00:43:13 ---------------------------------------------------------

31/12/2005,00:43:13 [iNIT] The AVGuard Service is starting.

31/12/2005,00:43:19 [iNIT] Keyfile contains a valid license. The AVGuard service will run as a fully functional version!

31/12/2005,00:43:24 [iNFO] Start Filter Device.

31/12/2005,00:43:24 AntiVirService Version: 6.32.00.12 AVE Version 6.33.0.70 VDF Version: 6.33.0.59

31/12/2005,00:43:24 AVGuard has been started successfully!

31/12/2005,00:52:10 WARNING: Contains signature of the worm WORM/Ider.A.Rkit!

C:\WINDOWS\SYSTEM32\HP9D0F.TMP

31/12/2005,01:04:34 WARNING: Is the Trojan horse TR/Dldr.Zlob.CV!

C:\WINDOWS\SYSTEM32\LD96F5.TMP

31/12/2005,01:23:48 WARNING: Is the Trojan horse TR/Dldr.Zlob.CV!

C:\WINDOWS\SYSTEM32\LD83D9.TMP

31/12/2005,01:24:15 [LOGON] Connection request by remote computer. Establishing secure communication channel.

31/12/2005,01:24:15 [LOGON] Connection to computer 127.0.0.1 established successfully. Session ID = 0xaa8f5a07.

31/12/2005,01:24:36 WARNING: Contains signature of the worm WORM/Ider.A.Rkit!

C:\WINDOWS\SYSTEM32\HP9D0F.TMP

31/12/2005,01:28:24 WARNING: Contains signature of the worm WORM/Ider.A.Rkit!

C:\WINDOWS\SYSTEM32\HP9D0F.TMP

31/12/2005,01:29:54 WARNING: Contains signature of the worm WORM/Ider.A.Rkit!

C:\WINDOWS\SYSTEM32\HP9D0F.TMP

31/12/2005,01:50:53 WARNING: Contains signature of the worm WORM/Ider.A.Rkit!

C:\WINDOWS\SYSTEM32\HP9D0F.TMP

31/12/2005,01:51:05 WARNING: Contains signature of the worm WORM/Ider.A.Rkit!

C:\WINDOWS\SYSTEM32\HP9D0F.TMP

31/12/2005,01:51:17 WARNING: Contains signature of the worm WORM/Ider.A.Rkit!

C:\WINDOWS\SYSTEM32\HP9D0F.TMP

31/12/2005,02:00:14 WARNING: Contains signature of the worm WORM/Ider.A.Rkit!

C:\WINDOWS\SYSTEM32\HP9D0F.TMP

31/12/2005,03:02:30 WARNING: Contains signature of the worm WORM/Ider.A.Rkit!

C:\WINDOWS\SYSTEM32\HP9D0F.TMP

31/12/2005,03:03:31 WARNING: Contains signature of the worm WORM/Ider.A.Rkit!

C:\WINDOWS\SYSTEM32\HP9D0F.TMP

31/12/2005,03:03:46 WARNING: Contains signature of the worm WORM/Ider.A.Rkit!

C:\WINDOWS\SYSTEM32\HP9D0F.TMP

31/12/2005,03:04:20 WARNING: Contains signature of the worm WORM/Ider.A.Rkit!

C:\WINDOWS\SYSTEM32\HP9D0F.TMP

31/12/2005,03:04:43 WARNING: Contains signature of the worm WORM/Ider.A.Rkit!

C:\WINDOWS\SYSTEM32\HP9D0F.TMP

31/12/2005,03:05:31 WARNING: Contains signature of the worm WORM/Ider.A.Rkit!

C:\WINDOWS\SYSTEM32\HP9D0F.TMP

31/12/2005,03:06:08 WARNING: Contains signature of the worm WORM/Ider.A.Rkit!

C:\WINDOWS\SYSTEM32\HP9D0F.TMP

31/12/2005,03:28:50 WARNING: Contains signature of the worm WORM/Ider.A.Rkit!

C:\WINDOWS\SYSTEM32\HP9D0F.TMP

31/12/2005,03:30:10 WARNING: Contains signature of the worm WORM/Ider.A.Rkit!

C:\WINDOWS\SYSTEM32\HP9D0F.TMP

31/12/2005,03:31:50 WARNING: Contains signature of the worm WORM/Ider.A.Rkit!

C:\WINDOWS\SYSTEM32\HP9D0F.TMP

31/12/2005,03:32:34 WARNING: Contains signature of the worm WORM/Ider.A.Rkit!

C:\WINDOWS\SYSTEM32\HP9D0F.TMP

31/12/2005,03:37:23 WARNING: Contains signature of the worm WORM/Ider.A.Rkit!

C:\WINDOWS\SYSTEM32\HP9D0F.TMP

31/12/2005,03:37:42 WARNING: Contains signature of the worm WORM/Ider.A.Rkit!

C:\WINDOWS\SYSTEM32\HP9D0F.TMP

31/12/2005,03:38:03 WARNING: Contains signature of the worm WORM/Ider.A.Rkit!

C:\WINDOWS\SYSTEM32\HP9D0F.TMP

31/12/2005,03:38:26 WARNING: Contains signature of the worm WORM/Ider.A.Rkit!

C:\WINDOWS\SYSTEM32\HP9D0F.TMP

31/12/2005,03:38:44 WARNING: Contains signature of the worm WORM/Ider.A.Rkit!

C:\WINDOWS\SYSTEM32\HP9D0F.TMP

31/12/2005,03:50:50 WARNING: Contains signature of the worm WORM/Ider.A.Rkit!

C:\WINDOWS\SYSTEM32\HP9D0F.TMP

31/12/2005,03:56:10 WARNING: Contains signature of the worm WORM/Ider.A.Rkit!

C:\WINDOWS\SYSTEM32\HP9D0F.TMP

31/12/2005,04:09:15 WARNING: Contains signature of the worm WORM/Ider.A.Rkit!

C:\WINDOWS\SYSTEM32\HP9D0F.TMP

31/12/2005,04:14:55 WARNING: Contains signature of the worm WORM/Ider.A.Rkit!

C:\WINDOWS\SYSTEM32\HP9D0F.TMP

31/12/2005,04:29:23 WARNING: Contains signature of the worm WORM/Ider.A.Rkit!

C:\WINDOWS\SYSTEM32\HP9D0F.TMP

31/12/2005,04:29:52 WARNING: Contains signature of the worm WORM/Ider.A.Rkit!

C:\WINDOWS\SYSTEM32\HP9D0F.TMP

31/12/2005,04:31:33 WARNING: Contains signature of the worm WORM/Ider.A.Rkit!

C:\WINDOWS\SYSTEM32\HP9D0F.TMP

31/12/2005,04:32:30 WARNING: Contains signature of the worm WORM/Ider.A.Rkit!

C:\WINDOWS\SYSTEM32\HP9D0F.TMP

31/12/2005,04:32:45 WARNING: Contains signature of the worm WORM/Ider.A.Rkit!

C:\WINDOWS\SYSTEM32\HP9D0F.TMP

31/12/2005,04:32:57 WARNING: Contains signature of the worm WORM/Ider.A.Rkit!

C:\WINDOWS\SYSTEM32\HP9D0F.TMP

31/12/2005,04:33:14 WARNING: Contains signature of the worm WORM/Ider.A.Rkit!

C:\WINDOWS\SYSTEM32\HP9D0F.TMP

File has been deleted!

31/12/2005,04:34:28 [iNFO] Stop Filter Device.

31/12/2005,04:34:30 AVGuard service has been stopped!

31/12/2005,11:20:43 ---------------------------------------------------------

31/12/2005,11:20:43 [iNIT] The AVGuard Service is starting.

31/12/2005,11:20:53 [iNIT] Keyfile contains a valid license. The AVGuard service will run as a fully functional version!

31/12/2005,11:20:59 [iNFO] Start Filter Device.

31/12/2005,11:20:59 AntiVirService Version: 6.32.00.12 AVE Version 6.33.0.70 VDF Version: 6.33.0.59

31/12/2005,11:20:59 AVGuard has been started successfully!

31/12/2005,12:23:27 [iNFO] Stop Filter Device.

31/12/2005,12:23:29 AVGuard service has been stopped!

31/12/2005,20:12:00 ---------------------------------------------------------

31/12/2005,20:12:00 [iNIT] The AVGuard Service is starting.

31/12/2005,20:12:10 [iNIT] Keyfile contains a valid license. The AVGuard service will run as a fully functional version!

31/12/2005,20:12:16 [iNFO] Start Filter Device.

31/12/2005,20:12:16 AntiVirService Version: 6.32.00.12 AVE Version 6.33.0.70 VDF Version: 6.33.0.59

31/12/2005,20:12:16 AVGuard has been started successfully!

31/12/2005,20:14:19 [LOGON] Connection request by remote computer. Establishing secure communication channel.

31/12/2005,20:14:19 [LOGON] Connection to computer 127.0.0.1 established successfully. Session ID = 0xaaa83bd2.

31/12/2005,20:14:12 WARNING: Contains signature of the worm WORM/Ider.A.Rkit!

C:\WINDOWS\SYSTEM32\HP76FC.TMP

31/12/2005,20:31:19 WARNING: Is the Trojan horse TR/Dldr.Zlob.CV!

C:\WINDOWS\SYSTEM32\LDA78B.TMP

31/12/2005,21:02:07 [iNFO] Stop Filter Device.

31/12/2005,21:02:10 AVGuard service has been stopped!

31/12/2005,21:03:13 ---------------------------------------------------------

31/12/2005,21:03:13 [iNIT] The AVGuard Service is starting.

31/12/2005,21:03:24 [iNIT] Keyfile contains a valid license. The AVGuard service will run as a fully functional version!

31/12/2005,21:03:29 [iNFO] Start Filter Device.

31/12/2005,21:03:29 AntiVirService Version: 6.32.00.12 AVE Version 6.33.0.70 VDF Version: 6.33.0.59

31/12/2005,21:03:29 AVGuard has been started successfully!

31/12/2005,21:24:29 WARNING: Is the Trojan horse TR/Dldr.Zlob.CV!

C:\WINDOWS\SYSTEM32\LDA78B.TMP

File has been deleted!

31/12/2005,21:36:55 WARNING: Is the Trojan horse TR/Dldr.Zlob.CV!

C:\WINDOWS\SYSTEM32\LD5C39.TMP

File has been deleted!

01/01/2006,01:02:02 [LOGON] Connection request by remote computer. Establishing secure communication channel.

01/01/2006,01:02:02 [LOGON] Connection to computer 127.0.0.1 established successfully. Session ID = 0xaa718c9b.

01/01/2006,05:29:58 [iNFO] Stop Filter Device.

01/01/2006,05:30:02 AVGuard service has been stopped!

01/01/2006,12:25:12 ---------------------------------------------------------

01/01/2006,12:25:12 [iNIT] The AVGuard Service is starting.

01/01/2006,12:25:25 [iNIT] Keyfile contains a valid license. The AVGuard service will run as a fully functional version!

01/01/2006,12:27:27 [iNFO] Start Filter Device.

01/01/2006,12:27:27 AntiVirService Version: 6.32.00.12 AVE Version 6.33.0.70 VDF Version: 6.33.0.59

01/01/2006,12:27:27 AVGuard has been started successfully!

01/01/2006,18:46:36 [LOGON] Connection request by remote computer. Establishing secure communication channel.

01/01/2006,18:46:37 [LOGON] Connection to computer 127.0.0.1 established successfully. Session ID = 0xabf70404.

02/01/2006,04:58:16 [iNFO] Stop Filter Device.

02/01/2006,04:58:20 AVGuard service has been stopped!

02/01/2006,21:02:08 ---------------------------------------------------------

02/01/2006,21:02:08 [iNIT] The AVGuard Service is starting.

02/01/2006,21:02:11 [iNIT] Keyfile contains a valid license. The AVGuard service will run as a fully functional version!

02/01/2006,21:13:38 [ERROR] [1055] The device driver could not be loaded!

02/01/2006,21:13:39 [iNFO] Stop Filter Device.

02/01/2006,21:13:40 AVGuard service has been stopped!

02/01/2006,21:19:50 ---------------------------------------------------------

02/01/2006,21:19:50 [iNIT] The AVGuard Service is starting.

02/01/2006,21:19:53 [iNIT] Keyfile contains a valid license. The AVGuard service will run as a fully functional version!

02/01/2006,21:33:21 [ERROR] [1055] The device driver could not be loaded!

02/01/2006,21:33:22 [iNFO] Stop Filter Device.

02/01/2006,21:33:23 AVGuard service has been stopped!

03/01/2006,15:32:21 ---------------------------------------------------------

03/01/2006,15:32:21 [iNIT] The AVGuard Service is starting.

03/01/2006,15:32:31 [iNIT] Keyfile contains a valid license. The AVGuard service will run as a fully functional version!

03/01/2006,15:32:37 [iNFO] Start Filter Device.

03/01/2006,15:32:37 AntiVirService Version: 6.32.00.12 AVE Version 6.33.0.70 VDF Version: 6.33.0.59

03/01/2006,15:32:37 AVGuard has been started successfully!

03/01/2006,15:32:37 WARNING: Is the Trojan horse TR/Dldr.Zlob.CV!

C:\WINDOWS\SYSTEM32\LDAC65.TMP

04/01/2006,00:28:53 [iNFO] Stop Filter Device.

04/01/2006,00:28:56 AVGuard service has been stopped!

04/01/2006,00:53:52 ---------------------------------------------------------

04/01/2006,00:53:52 [iNIT] The AVGuard Service is starting.

04/01/2006,00:53:59 [iNIT] Keyfile contains a valid license. The AVGuard service will run as a fully functional version!

04/01/2006,00:54:05 [iNFO] Start Filter Device.

04/01/2006,00:54:05 AntiVirService Version: 6.32.00.12 AVE Version 6.33.0.70 VDF Version: 6.33.0.59

04/01/2006,00:54:05 AVGuard has been started successfully!

04/01/2006,00:54:12 WARNING: Is the Trojan horse TR/Dldr.Zlob.CV!

C:\WINDOWS\SYSTEM32\LDA225.TMP

04/01/2006,04:34:47 [iNFO] Stop Filter Device.

04/01/2006,04:34:50 AVGuard service has been stopped!

04/01/2006,04:37:54 ---------------------------------------------------------

04/01/2006,04:37:54 [iNIT] The AVGuard Service is starting.

04/01/2006,04:37:57 [iNIT] Keyfile contains a valid license. The AVGuard service will run as a fully functional version!

04/01/2006,04:42:57 [LOGON] Connection request by remote computer. Establishing secure communication channel.

04/01/2006,04:42:57 [LOGON] Connection to computer 127.0.0.1 established successfully. Session ID = 0xaaaf383f.

04/01/2006,04:43:06 [iNFO] Start Filter Device.

04/01/2006,04:55:34 ---------------------------------------------------------

04/01/2006,04:55:34 [iNIT] The AVGuard Service is starting.

04/01/2006,04:55:36 [iNIT] Keyfile contains a valid license. The AVGuard service will run as a fully functional version!

04/01/2006,04:56:03 [LOGON] Connection request by remote computer. Establishing secure communication channel.

04/01/2006,04:56:03 [LOGON] Connection to computer 127.0.0.1 established successfully. Session ID = 0xaaab6f34.

04/01/2006,04:56:09 [iNFO] Start Filter Device.

04/01/2006,05:01:49 ---------------------------------------------------------

04/01/2006,05:01:49 [iNIT] The AVGuard Service is starting.

04/01/2006,05:01:52 [iNIT] Keyfile contains a valid license. The AVGuard service will run as a fully functional version!

04/01/2006,05:10:02 [LOGON] Connection request by remote computer. Establishing secure communication channel.

04/01/2006,05:10:02 [LOGON] Connection to computer 127.0.0.1 established successfully. Session ID = 0xaaa3e049.

04/01/2006,05:10:24 [iNFO] Start Filter Device.

04/01/2006,14:22:20 ---------------------------------------------------------

04/01/2006,14:22:20 [iNIT] The AVGuard Service is starting.

04/01/2006,14:22:22 [iNIT] Keyfile contains a valid license. The AVGuard service will run as a fully functional version!

04/01/2006,14:35:18 [LOGON] Connection request by remote computer. Establishing secure communication channel.

04/01/2006,14:35:18 [LOGON] Connection to computer 127.0.0.1 established successfully. Session ID = 0xaaa798eb.

04/01/2006,14:35:27 [iNFO] Start Filter Device.

04/01/2006,14:40:21 [ERROR] [1055] The device driver could not be loaded!

04/01/2006,14:40:21 [iNFO] Stop Filter Device.

04/01/2006,14:40:22 AVGuard service has been stopped!

05/01/2006,12:20:32 ---------------------------------------------------------

05/01/2006,12:20:32 [iNIT] The AVGuard Service is starting.

05/01/2006,12:20:40 [iNIT] Keyfile contains a valid license. The AVGuard service will run as a fully functional version!

05/01/2006,12:21:45 [ERROR] [1055] The device driver could not be loaded!

05/01/2006,12:21:46 [iNFO] Stop Filter Device.

05/01/2006,12:21:47 AVGuard service has been stopped!

05/01/2006,22:07:23 ---------------------------------------------------------

05/01/2006,22:07:23 [iNIT] The AVGuard Service is starting.

05/01/2006,22:07:26 [iNIT] Keyfile contains a valid license. The AVGuard service will run as a fully functional version!

05/01/2006,22:42:26 ---------------------------------------------------------

05/01/2006,22:42:26 [iNIT] The AVGuard Service is starting.

05/01/2006,22:42:28 [iNIT] Keyfile contains a valid license. The AVGuard service will run as a fully functional version!

05/01/2006,23:07:57 [ERROR] [1055] The device driver could not be loaded!

05/01/2006,23:07:58 [iNFO] Stop Filter Device.

05/01/2006,23:08:00 AVGuard service has been stopped!

06/01/2006,03:44:31 ---------------------------------------------------------

06/01/2006,03:44:31 [iNIT] The AVGuard Service is starting.

06/01/2006,03:44:37 [iNIT] Keyfile contains a valid license. The AVGuard service will run as a fully functional version!

06/01/2006,03:45:25 [LOGON] Connection request by remote computer. Establishing secure communication channel.

06/01/2006,03:45:26 [LOGON] Connection to computer 127.0.0.1 established successfully. Session ID = 0xaaab8557.

06/01/2006,03:45:32 [iNFO] Start Filter Device.

06/01/2006,03:46:42 [ERROR] [1055] The device driver could not be loaded!

06/01/2006,03:46:43 [iNFO] Stop Filter Device.

06/01/2006,03:46:44 AVGuard service has been stopped!

06/01/2006,04:04:30 ---------------------------------------------------------

06/01/2006,04:04:30 [iNIT] The AVGuard Service is starting.

06/01/2006,04:04:32 [iNIT] Keyfile contains a valid license. The AVGuard service will run as a fully functional version!

06/01/2006,04:22:03 [ERROR] [1055] The device driver could not be loaded!

06/01/2006,04:22:03 [iNFO] Stop Filter Device.

06/01/2006,04:22:05 AVGuard service has been stopped!

06/01/2006,04:39:52 ---------------------------------------------------------

06/01/2006,04:39:52 [iNIT] The AVGuard Service is starting.

06/01/2006,04:39:55 [iNIT] Keyfile contains a valid license. The AVGuard service will run as a fully functional version!

06/01/2006,04:39:55 [iNFO] Start Filter Device.

06/01/2006,04:39:55 AntiVirService Version: 6.32.00.12 AVE Version 6.33.0.70 VDF Version: 6.33.0.59

06/01/2006,04:39:55 AVGuard has been started successfully!

06/01/2006,04:39:56 [LOGON] Connection request by remote computer. Establishing secure communication channel.

06/01/2006,04:39:56 [LOGON] Connection to computer 127.0.0.1 established successfully. Session ID = 0xaa8b622d.

06/01/2006,05:35:51 [iNFO] Stop Filter Device.

06/01/2006,05:35:52 AVGuard service has been stopped!

06/01/2006,05:38:22 ---------------------------------------------------------

06/01/2006,05:38:22 [iNIT] The AVGuard Service is starting.

06/01/2006,05:38:27 [iNIT] Keyfile contains a valid license. The AVGuard service will run as a fully functional version!

06/01/2006,05:38:29 [LOGON] Connection request by remote computer. Establishing secure communication channel.

06/01/2006,05:38:29 [LOGON] Connection to computer 127.0.0.1 established successfully. Session ID = 0xaaaba385.

06/01/2006,05:51:54 [iNFO] Start Filter Device.

06/01/2006,05:51:54 AntiVirService Version: 6.32.00.12 AVE Version 6.33.0.70 VDF Version: 6.33.0.59

06/01/2006,05:51:54 AVGuard has been started successfully!

06/01/2006,15:46:30 ---------------------------------------------------------

06/01/2006,15:46:30 [iNIT] The AVGuard Service is starting.

06/01/2006,15:46:32 [iNIT] Keyfile contains a valid license. The AVGuard service will run as a fully functional version!

06/01/2006,15:46:33 [LOGON] Connection request by remote computer. Establishing secure communication channel.

06/01/2006,15:46:33 [LOGON] Connection to computer 127.0.0.1 established successfully. Session ID = 0xaaaa44f3.

06/01/2006,15:58:03 ---------------------------------------------------------

06/01/2006,15:58:03 [iNIT] The AVGuard Service is starting.

06/01/2006,15:58:06 [iNIT] Keyfile contains a valid license. The AVGuard service will run as a fully functional version!

06/01/2006,15:58:07 [LOGON] Connection request by remote computer. Establishing secure communication channel.

06/01/2006,15:58:07 [LOGON] Connection to computer 127.0.0.1 established successfully. Session ID = 0xaaabca5d.

06/01/2006,16:16:04 [ERROR] [1055] The device driver could not be loaded!

06/01/2006,16:16:05 [iNFO] Stop Filter Device.

06/01/2006,16:16:06 AVGuard service has been stopped!

06/01/2006,20:17:28 ---------------------------------------------------------

06/01/2006,20:17:28 [iNIT] The AVGuard Service is starting.

06/01/2006,20:17:31 [iNIT] Keyfile contains a valid license. The AVGuard service will run as a fully functional version!

06/01/2006,20:17:31 [iNFO] Start Filter Device.

06/01/2006,20:17:31 AntiVirService Version: 6.32.00.12 AVE Version 6.33.0.70 VDF Version: 6.33.0.59

06/01/2006,20:17:31 AVGuard has been started successfully!

06/01/2006,20:17:32 [LOGON] Connection request by remote computer. Establishing secure communication channel.

06/01/2006,20:17:32 [LOGON] Connection to computer 127.0.0.1 established successfully. Session ID = 0xaa444a9a.

07/01/2006,01:07:14 [iNFO] Stop Filter Device.

07/01/2006,01:07:15 AVGuard service has been stopped!

07/01/2006,01:51:47 ---------------------------------------------------------

07/01/2006,01:51:47 [iNIT] The AVGuard Service is starting.

07/01/2006,01:51:51 [iNIT] Keyfile contains a valid license. The AVGuard service will run as a fully functional version!

07/01/2006,01:51:52 [LOGON] Connection request by remote computer. Establishing secure communication channel.

07/01/2006,01:51:52 [LOGON] Connection to computer 127.0.0.1 established successfully. Session ID = 0xaaaa50f8.

07/01/2006,02:01:19 [ERROR] [1055] The device driver could not be loaded!

07/01/2006,02:01:20 [iNFO] Stop Filter Device.

07/01/2006,02:01:21 AVGuard service has been stopped!

07/01/2006,02:28:54 ---------------------------------------------------------

07/01/2006,02:28:54 [iNIT] The AVGuard Service is starting.

07/01/2006,02:28:56 [iNIT] Keyfile contains a valid license. The AVGuard service will run as a fully functional version!

07/01/2006,02:28:57 [iNFO] Start Filter Device.

07/01/2006,02:28:57 AntiVirService Version: 6.32.00.12 AVE Version 6.33.0.75 VDF Version: 6.33.0.104

07/01/2006,02:28:57 AVGuard has been started successfully!

07/01/2006,02:28:58 [LOGON] Connection request by remote computer. Establishing secure communication channel.

07/01/2006,02:28:59 [LOGON] Connection to computer 127.0.0.1 established successfully. Session ID = 0xaa885901.

07/01/2006,06:20:27 WARNING: Is the Trojan horse TR/Dldr.Zlob.DR!

C:\SYSTEM VOLUME INFORMATION\_RESTORE{8955EFC7-4543-48D3-8AFA-B7287F448D8D}\RP57\A0019542.TLB

07/01/2006,06:25:31 [iNFO] Stop Filter Device.

07/01/2006,06:25:31 AVGuard service has been stopped!

07/01/2006,21:56:40 ---------------------------------------------------------

07/01/2006,21:56:40 [iNIT] The AVGuard Service is starting.

07/01/2006,21:56:48 [iNIT] Keyfile contains a valid license. The AVGuard service will run as a fully functional version!

07/01/2006,21:56:49 [LOGON] Connection request by remote computer. Establishing secure communication channel.

07/01/2006,21:56:49 [LOGON] Connection to computer 127.0.0.1 established successfully. Session ID = 0xaaaa009e.

07/01/2006,22:00:13 [ERROR] [1055] The device driver could not be loaded!

07/01/2006,22:00:14 [iNFO] Stop Filter Device.

07/01/2006,22:00:15 AVGuard service has been stopped!

08/01/2006,01:00:19 ---------------------------------------------------------

08/01/2006,01:00:19 [iNIT] The AVGuard Service is starting.

08/01/2006,01:00:21 [iNIT] Keyfile contains a valid license. The AVGuard service will run as a fully functional version!

08/01/2006,01:00:22 [iNFO] Start Filter Device.

08/01/2006,01:00:22 AntiVirService Version: 6.32.00.12 AVE Version 6.33.0.75 VDF Version: 6.33.0.104

08/01/2006,01:00:22 AVGuard has been started successfully!

08/01/2006,01:00:22 [LOGON] Connection request by remote computer. Establishing secure communication channel.

08/01/2006,01:00:23 [LOGON] Connection to computer 127.0.0.1 established successfully. Session ID = 0xaa021f54.

08/01/2006,01:45:12 [iNFO] Stop Filter Device.

08/01/2006,01:45:13 AVGuard service has been stopped!

08/01/2006,03:16:58 ---------------------------------------------------------

08/01/2006,03:16:58 [iNIT] The AVGuard Service is starting.

08/01/2006,03:17:03 [iNIT] Keyfile contains a valid license. The AVGuard service will run as a fully functional version!

08/01/2006,03:17:11 [iNFO] Start Filter Device.

08/01/2006,03:17:11 AntiVirService Version: 6.32.00.12 AVE Version 6.33.0.75 VDF Version: 6.33.0.104

08/01/2006,03:17:11 AVGuard has been started successfully!

08/01/2006,03:17:18 [LOGON] Connection request by remote computer. Establishing secure communication channel.

08/01/2006,03:17:19 [LOGON] Connection to computer 127.0.0.1 established successfully. Session ID = 0xaaaa043c.

08/01/2006,03:32:34 [iNFO] Stop Filter Device.

08/01/2006,03:32:35 AVGuard service has been stopped!

08/01/2006,03:33:40 ---------------------------------------------------------

08/01/2006,03:33:40 [iNIT] The AVGuard Service is starting.

08/01/2006,03:33:45 [iNIT] Keyfile contains a valid license. The AVGuard service will run as a fully functional version!

08/01/2006,03:33:49 [LOGON] Connection request by remote computer. Establishing secure communication channel.

08/01/2006,03:33:49 [LOGON] Connection to computer 127.0.0.1 established successfully. Session ID = 0xaaaa26d3.

08/01/2006,03:35:47 [ERROR] [1055] The device driver could not be loaded!

08/01/2006,03:35:48 [iNFO] Stop Filter Device.

08/01/2006,03:35:49 AVGuard service has been stopped!

08/01/2006,03:46:41 ---------------------------------------------------------

08/01/2006,03:46:41 [iNIT] The AVGuard Service is starting.

08/01/2006,03:46:47 [iNIT] Keyfile contains a valid license. The AVGuard service will run as a fully functional version!

08/01/2006,03:46:49 [LOGON] Connection request by remote computer. Establishing secure communication channel.

08/01/2006,03:46:49 [LOGON] Connection to computer 127.0.0.1 established successfully. Session ID = 0xaaaa201d.

08/01/2006,03:47:52 [ERROR] [1055] The device driver could not be loaded!

08/01/2006,03:47:53 [iNFO] Stop Filter Device.

08/01/2006,03:47:54 AVGuard service has been stopped!

08/01/2006,03:53:56 ---------------------------------------------------------

08/01/2006,03:53:56 [iNIT] The AVGuard Service is starting.

08/01/2006,03:53:58 [iNIT] Keyfile contains a valid license. The AVGuard service will run as a fully functional version!

08/01/2006,03:53:59 [iNFO] Start Filter Device.

08/01/2006,03:53:59 AntiVirService Version: 6.32.00.12 AVE Version 6.33.0.75 VDF Version: 6.33.0.104

08/01/2006,03:53:59 AVGuard has been started successfully!

08/01/2006,03:54:03 [LOGON] Connection request by remote computer. Establishing secure communication channel.

08/01/2006,03:54:04 [LOGON] Connection to computer 127.0.0.1 established successfully. Session ID = 0xaaad819d.

08/01/2006,04:30:52 [iNFO] Stop Filter Device.

08/01/2006,04:30:52 AVGuard service has been stopped!

08/01/2006,04:32:37 ---------------------------------------------------------

08/01/2006,04:32:37 [iNIT] The AVGuard Service is starting.

08/01/2006,04:32:40 [iNIT] Keyfile contains a valid license. The AVGuard service will run as a fully functional version!

08/01/2006,04:32:41 [LOGON] Connection request by remote computer. Establishing secure communication channel.

08/01/2006,04:32:42 [LOGON] Connection to computer 127.0.0.1 established successfully. Session ID = 0xaaabb682.

08/01/2006,04:42:11 [ERROR] [1055] The device driver could not be loaded!

08/01/2006,04:42:11 [iNFO] Stop Filter Device.

08/01/2006,04:42:12 AVGuard service has been stopped!

08/01/2006,09:38:56 ---------------------------------------------------------

08/01/2006,09:38:56 [iNIT] The AVGuard Service is starting.

08/01/2006,09:38:58 [iNIT] Keyfile contains a valid license. The AVGuard service will run as a fully functional version!

08/01/2006,09:38:59 [iNFO] Start Filter Device.

08/01/2006,09:38:59 AntiVirService Version: 6.32.00.12 AVE Version 6.33.0.75 VDF Version: 6.33.0.104

08/01/2006,09:38:59 AVGuard has been started successfully!

08/01/2006,09:39:00 [LOGON] Connection request by remote computer. Establishing secure communication channel.

08/01/2006,09:39:00 [LOGON] Connection to computer 127.0.0.1 established successfully. Session ID = 0xabb321a1.

08/01/2006,10:16:27 [iNFO] Stop Filter Device.

08/01/2006,10:16:28 AVGuard service has been stopped!

08/01/2006,17:25:37 ---------------------------------------------------------

08/01/2006,17:25:37 [iNIT] The AVGuard Service is starting.

08/01/2006,17:25:39 [iNIT] Keyfile contains a valid license. The AVGuard service will run as a fully functional version!

08/01/2006,17:25:40 [LOGON] Connection request by remote computer. Establishing secure communication channel.

08/01/2006,17:25:40 [LOGON] Connection to computer 127.0.0.1 established successfully. Session ID = 0xaaaba86f.

08/01/2006,17:36:10 [ERROR] [1055] The device driver could not be loaded!

08/01/2006,17:36:10 [iNFO] Stop Filter Device.

08/01/2006,17:36:11 AVGuard service has been stopped!

08/01/2006,19:11:01 ---------------------------------------------------------

08/01/2006,19:11:01 [iNIT] The AVGuard Service is starting.

08/01/2006,19:11:03 [iNIT] Keyfile contains a valid license. The AVGuard service will run as a fully functional version!

08/01/2006,19:11:04 [LOGON] Connection request by remote computer. Establishing secure communication channel.

08/01/2006,19:11:04 [LOGON] Connection to computer 127.0.0.1 established successfully. Session ID = 0xaacb29ab.

08/01/2006,19:12:26 [iNFO] Start Filter Device.

08/01/2006,19:12:26 AntiVirService Version: 6.32.00.12 AVE Version 6.33.0.75 VDF Version: 6.33.0.104

08/01/2006,19:12:26 AVGuard has been started successfully!

09/01/2006,01:28:35 [iNFO] Stop Filter Device.

09/01/2006,01:28:36 AVGuard service has been stopped!

09/01/2006,01:33:02 ---------------------------------------------------------

09/01/2006,01:33:02 [iNIT] The AVGuard Service is starting.

09/01/2006,01:33:09 [iNIT] Keyfile contains a valid license. The AVGuard service will run as a fully functional version!

09/01/2006,01:33:11 [LOGON] Connection request by remote computer. Establishing secure communication channel.

09/01/2006,01:33:11 [LOGON] Connection to computer 127.0.0.1 established successfully. Session ID = 0xaaaa08e9.

09/01/2006,01:47:41 [iNFO] Start Filter Device.

09/01/2006,01:47:41 AntiVirService Version: 6.32.00.12 AVE Version 6.33.0.75 VDF Version: 6.33.0.104

09/01/2006,01:47:41 AVGuard has been started successfully!

09/01/2006,01:56:50 ---------------------------------------------------------

09/01/2006,01:56:50 [iNIT] The AVGuard Service is starting.

09/01/2006,01:56:55 [iNIT] Keyfile contains a valid license. The AVGuard service will run as a fully functional version!

09/01/2006,01:56:58 [LOGON] Connection request by remote computer. Establishing secure communication channel.

09/01/2006,01:56:58 [LOGON] Connection to computer 127.0.0.1 established successfully. Session ID = 0xaaaa24aa.

09/01/2006,02:05:23 [ERROR] [1055] The device driver could not be loaded!

09/01/2006,02:05:23 [iNFO] Stop Filter Device.

09/01/2006,02:05:25 AVGuard service has been stopped!

09/01/2006,02:36:55 ---------------------------------------------------------

09/01/2006,02:36:55 [iNIT] The AVGuard Service is starting.

09/01/2006,02:36:57 [iNIT] Keyfile contains a valid license. The AVGuard service will run as a fully functional version!

09/01/2006,02:36:59 [LOGON] Connection request by remote computer. Establishing secure communication channel.

09/01/2006,02:36:59 [LOGON] Connection to computer 127.0.0.1 established successfully. Session ID = 0xaaaa5f1e.

09/01/2006,02:46:28 [ERROR] [1055] The device driver could not be loaded!

09/01/2006,02:46:28 [iNFO] Stop Filter Device.

09/01/2006,02:46:29 AVGuard service has been stopped!

09/01/2006,14:48:36 ---------------------------------------------------------

09/01/2006,14:48:36 [iNIT] The AVGuard Service is starting.

09/01/2006,14:48:39 [iNIT] Keyfile contains a valid license. The AVGuard service will run as a fully functional version!

09/01/2006,14:48:40 [LOGON] Connection request by remote computer. Establishing secure communication channel.

09/01/2006,14:48:40 [LOGON] Connection to computer 127.0.0.1 established successfully. Session ID = 0xaaaa5eff.

09/01/2006,14:50:05 [iNFO] Start Filter Device.

09/01/2006,14:58:09 [ERROR] [1055] The device driver could not be loaded!

09/01/2006,14:58:09 [iNFO] Stop Filter Device.

09/01/2006,14:58:10 AVGuard service has been stopped!

09/01/2006,19:45:02 ---------------------------------------------------------

09/01/2006,19:45:02 [iNIT] The AVGuard Service is starting.

09/01/2006,19:45:04 [iNIT] Keyfile contains a valid license. The AVGuard service will run as a fully functional version!

09/01/2006,19:45:06 [LOGON] Connection request by remote computer. Establishing secure communication channel.

09/01/2006,19:45:06 [LOGON] Connection to computer 127.0.0.1 established successfully. Session ID = 0xaaaa5b24.

09/01/2006,19:54:34 [ERROR] [1055] The device driver could not be loaded!

09/01/2006,19:54:34 [iNFO] Stop Filter Device.

09/01/2006,19:54:36 AVGuard service has been stopped!

09/01/2006,22:00:33 ---------------------------------------------------------

09/01/2006,22:00:33 [iNIT] The AVGuard Service is starting.

09/01/2006,22:00:35 [iNIT] Keyfile contains a valid license. The AVGuard service will run as a fully functional version!

09/01/2006,22:00:36 [LOGON] Connection request by remote computer. Establishing secure communication channel.

09/01/2006,22:00:36 [LOGON] Connection to computer 127.0.0.1 established successfully. Session ID = 0xaaaa52bd.

09/01/2006,22:03:41 ---------------------------------------------------------

09/01/2006,22:03:41 [iNIT] The AVGuard Service is starting.

09/01/2006,22:03:43 [iNIT] Keyfile contains a valid license. The AVGuard service will run as a fully functional version!

09/01/2006,22:03:44 [LOGON] Connection request by remote computer. Establishing secure communication channel.

09/01/2006,22:03:44 [LOGON] Connection to computer 127.0.0.1 established successfully. Session ID = 0xaaaa5def.

09/01/2006,22:15:40 ---------------------------------------------------------

09/01/2006,22:15:40 [iNIT] The AVGuard Service is starting.

09/01/2006,22:15:42 [iNIT] Keyfile contains a valid license. The AVGuard service will run as a fully functional version!

09/01/2006,22:15:44 [LOGON] Connection request by remote computer. Establishing secure communication channel.

09/01/2006,22:15:44 [LOGON] Connection to computer 127.0.0.1 established successfully. Session ID = 0xaaaa5c66.

09/01/2006,22:21:38 ---------------------------------------------------------

09/01/2006,22:21:38 [iNIT] The AVGuard Service is starting.

09/01/2006,22:21:41 [iNIT] Keyfile contains a valid license. The AVGuard service will run as a fully functional version!

09/01/2006,22:21:42 [LOGON] Connection request by remote computer. Establishing secure communication channel.

09/01/2006,22:21:42 [LOGON] Connection to computer 127.0.0.1 established successfully. Session ID = 0xaaabce87.

09/01/2006,22:40:10 [ERROR] [1055] The device driver could not be loaded!

09/01/2006,22:40:10 [iNFO] Stop Filter Device.

09/01/2006,22:40:12 AVGuard service has been stopped!

09/01/2006,23:19:03 ---------------------------------------------------------

09/01/2006,23:19:03 [iNIT] The AVGuard Service is starting.

09/01/2006,23:19:05 [iNIT] Keyfile contains a valid license. The AVGuard service will run as a fully functional version!

09/01/2006,23:19:06 [LOGON] Connection request by remote computer. Establishing secure communication channel.

09/01/2006,23:19:07 [LOGON] Connection to computer 127.0.0.1 established successfully. Session ID = 0xaa9f59f2.

09/01/2006,23:21:34 [iNFO] Start Filter Device.

09/01/2006,23:21:50 [iNFO] Start Filter Device.

09/01/2006,23:21:50 AntiVirService Version: 6.32.00.12 AVE Version 6.33.0.75 VDF Version: 6.33.0.104

09/01/2006,23:21:50 AVGuard has been started successfully!

10/01/2006,06:01:42 [iNFO] Stop Filter Device.

10/01/2006,06:01:43 AVGuard service has been stopped!

10/01/2006,15:45:14 ---------------------------------------------------------

10/01/2006,15:45:14 [iNIT] The AVGuard Service is starting.

10/01/2006,15:45:20 [iNIT] Keyfile contains a valid license. The AVGuard service will run as a fully functional version!

10/01/2006,15:45:22 [LOGON] Connection request by remote computer. Establishing secure communication channel.

10/01/2006,15:45:22 [LOGON] Connection to computer 127.0.0.1 established successfully. Session ID = 0xaaaa0aee.

10/01/2006,15:53:57 [iNFO] Start Filter Device.

10/01/2006,15:53:57 AntiVirService Version: 6.32.00.12 AVE Version 6.33.0.75 VDF Version: 6.33.0.104

10/01/2006,15:53:57 AVGuard has been started successfully!

10/01/2006,23:33:57 ---------------------------------------------------------

10/01/2006,23:33:57 [iNIT] The AVGuard Service is starting.

10/01/2006,23:34:04 [iNIT] Keyfile contains a valid license. The AVGuard service will run as a fully functional version!

10/01/2006,23:34:06 [LOGON] Connection request by remote computer. Establishing secure communication channel.

10/01/2006,23:34:07 [LOGON] Connection to computer 127.0.0.1 established successfully. Session ID = 0xaaaa254a.

10/01/2006,23:43:36 [iNFO] Start Filter Device.

10/01/2006,23:43:36 AntiVirService Version: 6.32.00.12 AVE Version 6.33.0.75 VDF Version: 6.33.0.104

10/01/2006,23:43:36 AVGuard has been started successfully!

11/01/2006,01:46:16 [LOGON] Connection request by remote computer. Establishing secure communication channel.

11/01/2006,01:46:16 [LOGON] Connection to computer 127.0.0.1 established successfully. Session ID = 0xaad325d3.

11/01/2006,06:03:49 [iNFO] Stop Filter Device.

11/01/2006,06:03:50 AVGuard service has been stopped!

11/01/2006,14:02:58 ---------------------------------------------------------

11/01/2006,14:02:58 [iNIT] The AVGuard Service is starting.

11/01/2006,14:03:03 [iNIT] Keyfile contains a valid license. The AVGuard service will run as a fully functional version!

11/01/2006,14:03:16 [LOGON] Connection request by remote computer. Establishing secure communication channel.

11/01/2006,14:03:16 [LOGON] Connection to computer 127.0.0.1 established successfully. Session ID = 0xaaaa1a53.

11/01/2006,14:03:17 [iNFO] Start Filter Device.

11/01/2006,14:03:17 AntiVirService Version: 6.32.00.12 AVE Version 6.33.0.75 VDF Version: 6.33.0.104

11/01/2006,14:03:17 AVGuard has been started successfully!

11/01/2006,14:09:07 [iNFO] Stop Filter Device.

11/01/2006,14:09:08 AVGuard service has been stopped!

11/01/2006,14:10:42 ---------------------------------------------------------

11/01/2006,14:10:42 [iNIT] The AVGuard Service is starting.

11/01/2006,14:10:44 [iNIT] Keyfile contains a valid license. The AVGuard service will run as a fully functional version!

11/01/2006,14:10:45 [LOGON] Connection request by remote computer. Establishing secure communication channel.

11/01/2006,14:10:46 [LOGON] Connection to computer 127.0.0.1 established successfully. Session ID = 0xaaaa47ff.

11/01/2006,14:23:45 [iNFO] Start Filter Device.

11/01/2006,14:23:45 AntiVirService Version: 6.32.00.12 AVE Version 6.33.0.75 VDF Version: 6.33.0.104

11/01/2006,14:23:45 AVGuard has been started successfully!

11/01/2006,14:28:21 ---------------------------------------------------------

11/01/2006,14:28:21 [iNIT] The AVGuard Service is starting.

11/01/2006,14:28:24 [iNIT] Keyfile contains a valid license. The AVGuard service will run as a fully functional version!

11/01/2006,14:28:25 [LOGON] Connection request by remote computer. Establishing secure communication channel.

11/01/2006,14:28:25 [LOGON] Connection to computer 127.0.0.1 established successfully. Session ID = 0xaaaa50a8.

11/01/2006,14:38:53 [ERROR] [1055] The device driver could not be loaded!

11/01/2006,14:38:53 [iNFO] Stop Filter Device.

11/01/2006,14:38:55 AVGuard service has been stopped!

11/01/2006,15:39:29 ---------------------------------------------------------

11/01/2006,15:39:29 [iNIT] The AVGuard Service is starting.

11/01/2006,15:39:31 [iNIT] Keyfile contains a valid license. The AVGuard service will run as a fully functional version!

11/01/2006,15:39:33 [LOGON] Connection request by remote computer. Establishing secure communication channel.

11/01/2006,15:39:33 [LOGON] Connection to computer 127.0.0.1 established successfully. Session ID = 0xaaaa5cea.

11/01/2006,15:50:02 [ERROR] [1055] The device driver could not be loaded!

11/01/2006,15:50:02 [iNFO] Stop Filter Device.

11/01/2006,15:50:03 AVGuard service has been stopped!

11/01/2006,22:10:38 ---------------------------------------------------------

11/01/2006,22:10:38 [iNIT] The AVGuard Service is starting.

11/01/2006,22:10:47 [iNIT] Keyfile contains a valid license. The AVGuard service will run as a fully functional version!

11/01/2006,22:10:49 [LOGON] Connection request by remote computer. Establishing secure communication channel.

11/01/2006,22:10:50 [LOGON] Connection to computer 127.0.0.1 established successfully. Session ID = 0xaaaa25a4.

11/01/2006,22:13:19 [ERROR] [1055] The device driver could not be loaded!

11/01/2006,22:13:19 [iNFO] Stop Filter Device.

11/01/2006,22:13:20 AVGuard service has been stopped!

11/01/2006,22:29:50 ---------------------------------------------------------

11/01/2006,22:29:50 [iNIT] The AVGuard Service is starting.

11/01/2006,22:29:53 [iNIT] Keyfile contains a valid license. The AVGuard service will run as a fully functional version!

11/01/2006,22:29:54 [LOGON] Connection request by remote computer. Establishing secure communication channel.

11/01/2006,22:29:54 [LOGON] Connection to computer 127.0.0.1 established successfully. Session ID = 0xaaaa4755.

11/01/2006,22:39:56 ---------------------------------------------------------

11/01/2006,22:39:56 [iNIT] The AVGuard Service is starting.

11/01/2006,22:39:59 [iNIT] Keyfile contains a valid license. The AVGuard service will run as a fully functional version!

11/01/2006,22:40:00 [LOGON] Connection request by remote computer. Establishing secure communication channel.

11/01/2006,22:40:00 [LOGON] Connection to computer 127.0.0.1 established successfully. Session ID = 0xaaaa5e22.

11/01/2006,22:43:56 ---------------------------------------------------------

11/01/2006,22:43:56 [iNIT] The AVGuard Service is starting.

11/01/2006,22:43:58 [iNIT] Keyfile contains a valid license. The AVGuard service will run as a fully functional version!

11/01/2006,22:43:59 [LOGON] Connection request by remote computer. Establishing secure communication channel.

11/01/2006,22:44:00 [LOGON] Connection to computer 127.0.0.1 established successfully. Session ID = 0xaaaa5bcc.

11/01/2006,22:54:27 [ERROR] [1055] The device driver could not be loaded!

11/01/2006,22:54:28 [iNFO] Stop Filter Device.

11/01/2006,22:54:29 AVGuard service has been stopped!

12/01/2006,00:00:24 ---------------------------------------------------------

12/01/2006,00:00:24 [iNIT] The AVGuard Service is starting.

12/01/2006,00:00:27 [iNIT] Keyfile contains a valid license. The AVGuard service will run as a fully functional version!

12/01/2006,00:00:28 [LOGON] Connection request by remote computer. Establishing secure communication channel.

12/01/2006,00:00:28 [LOGON] Connection to computer 127.0.0.1 established successfully. Session ID = 0xaaaa50f6.

12/01/2006,00:09:56 [ERROR] [1055] The device driver could not be loaded!

12/01/2006,00:09:56 [iNFO] Stop Filter Device.

12/01/2006,00:09:58 AVGuard service has been stopped!

12/01/2006,00:13:55 ---------------------------------------------------------

12/01/2006,00:13:55 [iNIT] The AVGuard Service is starting.

12/01/2006,00:14:00 [iNIT] Keyfile contains a valid license. The AVGuard service will run as a fully functional version!

12/01/2006,00:14:03 [LOGON] Connection request by remote computer. Establishing secure communication channel.

12/01/2006,00:14:03 [LOGON] Connection to computer 127.0.0.1 established successfully. Session ID = 0xaaaa3faa.

12/01/2006,00:14:21 [ERROR] [1055] The device driver could not be loaded!

12/01/2006,00:14:21 [iNFO] Stop Filter Device.

12/01/2006,00:14:24 AVGuard service has been stopped!

12/01/2006,00:19:21 ---------------------------------------------------------

12/01/2006,00:19:21 [iNIT] The AVGuard Service is starting.

12/01/2006,00:19:24 [iNIT] Keyfile contains a valid license. The AVGuard service will run as a fully functional version!

12/01/2006,00:19:24 [iNFO] Start Filter Device.

12/01/2006,00:19:24 AntiVirService Version: 6.32.00.12 AVE Version 6.33.0.75 VDF Version: 6.33.0.104

12/01/2006,00:19:24 AVGuard has been started successfully!

12/01/2006,00:19:25 [LOGON] Connection request by remote computer. Establishing secure communication channel.

12/01/2006,00:19:25 [LOGON] Connection to computer 127.0.0.1 established successfully. Session ID = 0xaaafd43d.

12/01/2006,00:37:14 [iNFO] Stop Filter Device.

12/01/2006,00:42:46 ---------------------------------------------------------

12/01/2006,00:42:46 [iNIT] The AVGuard Service is starting.

12/01/2006,00:42:48 [iNIT] Keyfile contains a valid license. The AVGuard service will run as a fully functional version!

mi-lion · le 19 janvier 2006

12/01/2006,00:42:48 [iNIT] Keyfile contains a valid license. The AVGuard service will run as a fully functional version!

12/01/2006,00:42:49 [LOGON] Connection request by remote computer. Establishing secure communication channel.

12/01/2006,00:42:49 [LOGON] Connection to computer 127.0.0.1 established successfully. Session ID = 0xaaaa51ba.

12/01/2006,00:53:48 [iNFO] Start Filter Device.

12/01/2006,00:53:48 AntiVirService Version: 6.32.00.12 AVE Version 6.33.0.75 VDF Version: 6.33.0.104

12/01/2006,00:53:48 AVGuard has been started successfully!

12/01/2006,01:04:35 [iNFO] Stop Filter Device.

12/01/2006,01:27:19 [iNFO] Start Filter Device.

12/01/2006,02:21:29 WARNING: Is the Trojan horse TR/Dldr.Zlob.DR!

C:\SYSTEM VOLUME INFORMATION\_RESTORE{8955EFC7-4543-48D3-8AFA-B7287F448D8D}\RP57\A0019542.TLB

12/01/2006,06:29:26 [iNFO] Stop Filter Device.

12/01/2006,06:29:26 AVGuard service has been stopped!

12/01/2006,14:07:26 ---------------------------------------------------------

12/01/2006,14:07:26 [iNIT] The AVGuard Service is starting.

12/01/2006,14:07:33 [iNIT] Keyfile contains a valid license. The AVGuard service will run as a fully functional version!

12/01/2006,14:07:34 [LOGON] Connection request by remote computer. Establishing secure communication channel.

12/01/2006,14:07:34 [LOGON] Connection to computer 127.0.0.1 established successfully. Session ID = 0xaaaa16cf.

12/01/2006,14:18:00 [ERROR] [1055] The device driver could not be loaded!

12/01/2006,14:18:01 [iNFO] Stop Filter Device.

12/01/2006,14:18:02 AVGuard service has been stopped!

12/01/2006,14:35:34 ---------------------------------------------------------

12/01/2006,14:35:34 [iNIT] The AVGuard Service is starting.

12/01/2006,14:35:36 [iNIT] Keyfile contains a valid license. The AVGuard service will run as a fully functional version!

12/01/2006,14:35:37 [LOGON] Connection request by remote computer. Establishing secure communication channel.

12/01/2006,14:35:38 [LOGON] Connection to computer 127.0.0.1 established successfully. Session ID = 0xaaaa5fb4.

12/01/2006,14:49:05 [iNFO] Start Filter Device.

12/01/2006,14:49:05 AntiVirService Version: 6.32.00.12 AVE Version 6.33.0.75 VDF Version: 6.33.0.104

12/01/2006,14:49:05 AVGuard has been started successfully!

13/01/2006,05:22:46 [iNFO] Stop Filter Device.

13/01/2006,05:22:47 AVGuard service has been stopped!

13/01/2006,21:25:59 ---------------------------------------------------------

13/01/2006,21:25:59 [iNIT] The AVGuard Service is starting.

13/01/2006,21:26:01 [iNIT] Keyfile contains a valid license. The AVGuard service will run as a fully functional version!

13/01/2006,21:26:03 [LOGON] Connection request by remote computer. Establishing secure communication channel.

13/01/2006,21:26:03 [LOGON] Connection to computer 127.0.0.1 established successfully. Session ID = 0xaaaa5c2c.

13/01/2006,21:38:02 [ERROR] [1055] The device driver could not be loaded!

13/01/2006,21:38:03 [iNFO] Stop Filter Device.

13/01/2006,21:38:04 AVGuard service has been stopped!

13/01/2006,23:46:10 ---------------------------------------------------------

13/01/2006,23:46:10 [iNIT] The AVGuard Service is starting.

13/01/2006,23:46:13 [iNIT] Keyfile contains a valid license. The AVGuard service will run as a fully functional version!

13/01/2006,23:46:13 [iNFO] Start Filter Device.

13/01/2006,23:46:13 AntiVirService Version: 6.32.00.12 AVE Version 6.33.0.75 VDF Version: 6.33.0.104

13/01/2006,23:46:13 AVGuard has been started successfully!

13/01/2006,23:46:14 [LOGON] Connection request by remote computer. Establishing secure communication channel.

13/01/2006,23:46:15 [LOGON] Connection to computer 127.0.0.1 established successfully. Session ID = 0xaa2bfa24.

14/01/2006,05:30:05 [iNFO] Stop Filter Device.

14/01/2006,05:30:05 AVGuard service has been stopped!

14/01/2006,20:36:29 ---------------------------------------------------------

14/01/2006,20:36:29 [iNIT] The AVGuard Service is starting.

14/01/2006,20:36:32 [iNIT] Keyfile contains a valid license. The AVGuard service will run as a fully functional version!

14/01/2006,20:36:34 [LOGON] Connection request by remote computer. Establishing secure communication channel.

14/01/2006,20:36:34 [LOGON] Connection to computer 127.0.0.1 established successfully. Session ID = 0xaaaa5c88.

14/01/2006,20:49:33 [iNFO] Start Filter Device.

14/01/2006,20:49:33 AntiVirService Version: 6.32.00.12 AVE Version 6.33.0.75 VDF Version: 6.33.0.104

14/01/2006,20:49:33 AVGuard has been started successfully!

15/01/2006,05:15:58 [iNFO] Stop Filter Device.

15/01/2006,05:15:58 AVGuard service has been stopped!

15/01/2006,14:54:14 ---------------------------------------------------------

15/01/2006,14:54:14 [iNIT] The AVGuard Service is starting.

15/01/2006,14:54:16 [iNIT] Keyfile contains a valid license. The AVGuard service will run as a fully functional version!

15/01/2006,14:54:18 [LOGON] Connection request by remote computer. Establishing secure communication channel.

15/01/2006,14:54:18 [LOGON] Connection to computer 127.0.0.1 established successfully. Session ID = 0xaaaa4042.

15/01/2006,15:05:46 [ERROR] [1055] The device driver could not be loaded!

15/01/2006,15:05:47 [iNFO] Stop Filter Device.

15/01/2006,15:05:48 AVGuard service has been stopped!

15/01/2006,16:18:52 ---------------------------------------------------------

15/01/2006,16:18:52 [iNIT] The AVGuard Service is starting.

15/01/2006,16:18:54 [iNIT] Keyfile contains a valid license. The AVGuard service will run as a fully functional version!

15/01/2006,16:18:55 [iNFO] Start Filter Device.

15/01/2006,16:18:55 AntiVirService Version: 6.32.00.12 AVE Version 6.33.0.75 VDF Version: 6.33.0.104

15/01/2006,16:18:55 AVGuard has been started successfully!

15/01/2006,16:18:56 [LOGON] Connection request by remote computer. Establishing secure communication channel.

15/01/2006,16:18:56 [LOGON] Connection to computer 127.0.0.1 established successfully. Session ID = 0xaae4c2d4.

16/01/2006,06:09:00 [iNFO] Stop Filter Device.

16/01/2006,06:09:02 AVGuard service has been stopped!

16/01/2006,22:36:56 ---------------------------------------------------------

16/01/2006,22:36:56 [iNIT] The AVGuard Service is starting.

16/01/2006,22:36:59 [iNIT] Keyfile contains a valid license. The AVGuard service will run as a fully functional version!

16/01/2006,22:37:00 [LOGON] Connection request by remote computer. Establishing secure communication channel.

16/01/2006,22:37:00 [LOGON] Connection to computer 127.0.0.1 established successfully. Session ID = 0xaaaa46f1.

16/01/2006,22:52:08 ---------------------------------------------------------

16/01/2006,22:52:08 [iNIT] The AVGuard Service is starting.

16/01/2006,22:52:10 [iNIT] Keyfile contains a valid license. The AVGuard service will run as a fully functional version!

16/01/2006,22:52:11 [LOGON] Connection request by remote computer. Establishing secure communication channel.

16/01/2006,22:52:11 [LOGON] Connection to computer 127.0.0.1 established successfully. Session ID = 0xaaaa4c04.

16/01/2006,23:03:39 [ERROR] [1055] The device driver could not be loaded!

16/01/2006,23:03:40 [iNFO] Stop Filter Device.

16/01/2006,23:03:41 AVGuard service has been stopped!

16/01/2006,23:13:41 ---------------------------------------------------------

16/01/2006,23:13:41 [iNIT] The AVGuard Service is starting.

16/01/2006,23:13:43 [iNIT] Keyfile contains a valid license. The AVGuard service will run as a fully functional version!

16/01/2006,23:13:44 [LOGON] Connection request by remote computer. Establishing secure communication channel.

16/01/2006,23:13:44 [LOGON] Connection to computer 127.0.0.1 established successfully. Session ID = 0xaaaa42d1.

16/01/2006,23:25:12 [ERROR] [1055] The device driver could not be loaded!

16/01/2006,23:25:13 [iNFO] Stop Filter Device.

16/01/2006,23:25:14 AVGuard service has been stopped!

16/01/2006,23:28:16 ---------------------------------------------------------

16/01/2006,23:28:16 [iNIT] The AVGuard Service is starting.

16/01/2006,23:28:18 [iNIT] Keyfile contains a valid license. The AVGuard service will run as a fully functional version!

16/01/2006,23:28:19 [iNFO] Start Filter Device.

16/01/2006,23:28:19 AntiVirService Version: 6.32.00.12 AVE Version 6.33.0.75 VDF Version: 6.33.0.104

16/01/2006,23:28:19 AVGuard has been started successfully!

16/01/2006,23:28:20 [LOGON] Connection request by remote computer. Establishing secure communication channel.

16/01/2006,23:28:20 [LOGON] Connection to computer 127.0.0.1 established successfully. Session ID = 0xaaa4ee74.

16/01/2006,23:29:26 [iNFO] Stop Filter Device.

16/01/2006,23:48:48 [iNFO] Start Filter Device.

17/01/2006,00:07:50 [iNFO] Stop Filter Device.

17/01/2006,00:08:01 [iNFO] Start Filter Device.

17/01/2006,16:08:50 WARNING: Is the Trojan horse TR/Drop.Avar.b.1.B!

C:\SYSTEM VOLUME INFORMATION\_RESTORE{54C79B87-50ED-408D-9C29-FE9CD2FE5AC9}\RP128\A0037296.TLB

17/01/2006,16:18:44 WARNING: Is the Trojan horse TR/Drop.Avar.b.1.B!

C:\SYSTEM VOLUME INFORMATION\_RESTORE{54C79B87-50ED-408D-9C29-FE9CD2FE5AC9}\RP129\A0037412.TLB

File has been deleted!

17/01/2006,16:19:20 WARNING: Is the Trojan horse TR/Drop.Avar.b.1.A!

C:\SYSTEM VOLUME INFORMATION\_RESTORE{54C79B87-50ED-408D-9C29-FE9CD2FE5AC9}\RP129\A0037415.EXE

17/01/2006,16:19:31 WARNING: Is the Trojan horse TR/StartPage.afj!

C:\SYSTEM VOLUME INFORMATION\_RESTORE{54C79B87-50ED-408D-9C29-FE9CD2FE5AC9}\RP129\A0037447.TLB

File has been deleted!

17/01/2006,16:19:38 WARNING: Is the Trojan horse TR/StartPage.afj.3!

C:\SYSTEM VOLUME INFORMATION\_RESTORE{54C79B87-50ED-408D-9C29-FE9CD2FE5AC9}\RP129\A0037448.EXE

17/01/2006,16:20:06 WARNING: Is the Trojan horse TR/StartPage.afj.4!

C:\SYSTEM VOLUME INFORMATION\_RESTORE{54C79B87-50ED-408D-9C29-FE9CD2FE5AC9}\RP129\A0038437.TLB

17/01/2006,16:20:13 WARNING: Is the Trojan horse TR/StartPage.afj.4!

C:\SYSTEM VOLUME INFORMATION\_RESTORE{54C79B87-50ED-408D-9C29-FE9CD2FE5AC9}\RP129\A0039437.TLB

17/01/2006,16:20:16 WARNING: Is the Trojan horse TR/StartPage.afj.4!

C:\SYSTEM VOLUME INFORMATION\_RESTORE{54C79B87-50ED-408D-9C29-FE9CD2FE5AC9}\RP130\A0040437.TLB

File has been deleted!

17/01/2006,16:20:25 WARNING: Is the Trojan horse TR/Promoter.C!

C:\SYSTEM VOLUME INFORMATION\_RESTORE{54C79B87-50ED-408D-9C29-FE9CD2FE5AC9}\RP130\A0040457.DLL

17/01/2006,16:20:47 WARNING: Is the Trojan horse TR/Small.EV.247!

C:\SYSTEM VOLUME INFORMATION\_RESTORE{54C79B87-50ED-408D-9C29-FE9CD2FE5AC9}\RP130\A0040458.EXE

17/01/2006,16:20:50 WARNING: Is the Trojan horse TR/Dldr.Delf.PA.4!

C:\SYSTEM VOLUME INFORMATION\_RESTORE{54C79B87-50ED-408D-9C29-FE9CD2FE5AC9}\RP130\A0040460.DLL

17/01/2006,16:20:51 WARNING: Is the Trojan horse TR/StartPage.afj.4!

C:\SYSTEM VOLUME INFORMATION\_RESTORE{54C79B87-50ED-408D-9C29-FE9CD2FE5AC9}\RP130\A0040465.TLB

17/01/2006,16:20:54 WARNING: Is the Trojan horse TR/StartPage.afj.4!

C:\SYSTEM VOLUME INFORMATION\_RESTORE{54C79B87-50ED-408D-9C29-FE9CD2FE5AC9}\RP131\A0040474.TLB

17/01/2006,16:20:58 WARNING: Is the Trojan horse TR/StartPage.afj.4!

C:\SYSTEM VOLUME INFORMATION\_RESTORE{54C79B87-50ED-408D-9C29-FE9CD2FE5AC9}\RP132\A0040508.TLB

17/01/2006,16:21:05 WARNING: Is the Trojan horse TR/StartPage.afm.2!

C:\SYSTEM VOLUME INFORMATION\_RESTORE{54C79B87-50ED-408D-9C29-FE9CD2FE5AC9}\RP133\A0040559.TLB

17/01/2006,16:21:10 WARNING: Is the Trojan horse TR/Spy.NTobalt!

C:\SYSTEM VOLUME INFORMATION\_RESTORE{54C79B87-50ED-408D-9C29-FE9CD2FE5AC9}\RP133\A0040566.EXE

17/01/2006,16:21:11 WARNING: Is the Trojan horse TR/StartPage.afm.2!

C:\SYSTEM VOLUME INFORMATION\_RESTORE{54C79B87-50ED-408D-9C29-FE9CD2FE5AC9}\RP133\A0040569.TLB

17/01/2006,16:21:16 WARNING: Is the Trojan horse TR/StartPage.afm.2!

C:\SYSTEM VOLUME INFORMATION\_RESTORE{54C79B87-50ED-408D-9C29-FE9CD2FE5AC9}\RP134\A0040615.TLB

17/01/2006,16:21:24 WARNING: Is the Trojan horse TR/StartPage.afm.2!

C:\SYSTEM VOLUME INFORMATION\_RESTORE{54C79B87-50ED-408D-9C29-FE9CD2FE5AC9}\RP136\A0040713.TLB

17/01/2006,16:21:28 WARNING: Is the Trojan horse TR/StartPage.afm.2!

C:\SYSTEM VOLUME INFORMATION\_RESTORE{54C79B87-50ED-408D-9C29-FE9CD2FE5AC9}\RP136\A0040739.TLB

17/01/2006,16:21:29 WARNING: Is the Trojan horse TR/StartPage.afm.1!

C:\SYSTEM VOLUME INFORMATION\_RESTORE{54C79B87-50ED-408D-9C29-FE9CD2FE5AC9}\RP136\A0040740.EXE

17/01/2006,16:21:30 WARNING: Is the Trojan horse TR/Dldr.Zlob.BB!

C:\SYSTEM VOLUME INFORMATION\_RESTORE{54C79B87-50ED-408D-9C29-FE9CD2FE5AC9}\RP136\A0040741.EXE

17/01/2006,16:21:35 WARNING: Is the Trojan horse TR/StartPage.3.1.B!

C:\SYSTEM VOLUME INFORMATION\_RESTORE{54C79B87-50ED-408D-9C29-FE9CD2FE5AC9}\RP137\A0040786.TLB

17/01/2006,16:21:41 WARNING: Is the Trojan horse TR/StartPage.3.1.B!

C:\SYSTEM VOLUME INFORMATION\_RESTORE{54C79B87-50ED-408D-9C29-FE9CD2FE5AC9}\RP138\A0040848.TLB

17/01/2006,16:21:44 WARNING: Is the Trojan horse TR/StartPage.3.1.B!

C:\SYSTEM VOLUME INFORMATION\_RESTORE{54C79B87-50ED-408D-9C29-FE9CD2FE5AC9}\RP138\A0040909.TLB

17/01/2006,16:21:47 WARNING: Is the Trojan horse TR/StartPage.3.1.B!

C:\SYSTEM VOLUME INFORMATION\_RESTORE{54C79B87-50ED-408D-9C29-FE9CD2FE5AC9}\RP138\A0040952.TLB

17/01/2006,16:21:49 WARNING: Is the Trojan horse TR/StartPage.3.1.A!

C:\SYSTEM VOLUME INFORMATION\_RESTORE{54C79B87-50ED-408D-9C29-FE9CD2FE5AC9}\RP138\A0040964.EXE

17/01/2006,16:21:52 WARNING: Is the Trojan horse TR/Drop.Avar.2!

C:\SYSTEM VOLUME INFORMATION\_RESTORE{54C79B87-50ED-408D-9C29-FE9CD2FE5AC9}\RP138\A0040990.EXE

17/01/2006,16:21:56 WARNING: Is the Trojan horse TR/StartPage.afu!

C:\SYSTEM VOLUME INFORMATION\_RESTORE{54C79B87-50ED-408D-9C29-FE9CD2FE5AC9}\RP139\A0041021.TLB

17/01/2006,16:21:57 WARNING: Is the Trojan horse TR/Drop.Avar.2!

C:\SYSTEM VOLUME INFORMATION\_RESTORE{54C79B87-50ED-408D-9C29-FE9CD2FE5AC9}\RP139\A0041022.EXE

17/01/2006,16:21:59 WARNING: Is the Trojan horse TR/StartPage.adh.9!

C:\SYSTEM VOLUME INFORMATION\_RESTORE{54C79B87-50ED-408D-9C29-FE9CD2FE5AC9}\RP139\A0041029.TLB

17/01/2006,16:22:12 WARNING: Is the Trojan horse TR/StartPage.adh.12!

C:\SYSTEM VOLUME INFORMATION\_RESTORE{54C79B87-50ED-408D-9C29-FE9CD2FE5AC9}\RP139\A0041055.TLB

17/01/2006,16:22:16 WARNING: Is the Trojan horse TR/StartPage.2.1!

C:\SYSTEM VOLUME INFORMATION\_RESTORE{54C79B87-50ED-408D-9C29-FE9CD2FE5AC9}\RP139\A0041076.EXE

17/01/2006,16:22:17 WARNING: Is the Trojan horse TR/Dldr.Delf.ZU!

C:\SYSTEM VOLUME INFORMATION\_RESTORE{54C79B87-50ED-408D-9C29-FE9CD2FE5AC9}\RP139\A0041078.DLL

17/01/2006,16:22:19 WARNING: Is the Trojan horse TR/StartPage.adh.12!

C:\SYSTEM VOLUME INFORMATION\_RESTORE{54C79B87-50ED-408D-9C29-FE9CD2FE5AC9}\RP139\A0041083.TLB

17/01/2006,16:22:26 WARNING: Is the Trojan horse TR/StartPage.adh.4!

C:\SYSTEM VOLUME INFORMATION\_RESTORE{54C79B87-50ED-408D-9C29-FE9CD2FE5AC9}\RP140\A0041133.TLB

17/01/2006,16:22:31 WARNING: Is the Trojan horse TR/StartPage.adh.4!

C:\SYSTEM VOLUME INFORMATION\_RESTORE{54C79B87-50ED-408D-9C29-FE9CD2FE5AC9}\RP140\A0042133.TLB

17/01/2006,16:22:34 WARNING: Is the Trojan horse TR/StartPage.adh.4!

C:\SYSTEM VOLUME INFORMATION\_RESTORE{54C79B87-50ED-408D-9C29-FE9CD2FE5AC9}\RP140\A0042143.TLB

17/01/2006,16:22:36 WARNING: Is the Trojan horse TR/StartPage.adh.4!

C:\SYSTEM VOLUME INFORMATION\_RESTORE{54C79B87-50ED-408D-9C29-FE9CD2FE5AC9}\RP141\A0042151.TLB

17/01/2006,16:22:40 WARNING: Is the Trojan horse TR/StartPage.adh.4!

C:\SYSTEM VOLUME INFORMATION\_RESTORE{54C79B87-50ED-408D-9C29-FE9CD2FE5AC9}\RP141\A0043151.TLB

17/01/2006,16:22:43 WARNING: Is the Trojan horse TR/StartPage.adh.4!

C:\SYSTEM VOLUME INFORMATION\_RESTORE{54C79B87-50ED-408D-9C29-FE9CD2FE5AC9}\RP141\A0043159.TLB

17/01/2006,16:22:48 WARNING: Is the Trojan horse TR/StartPage.adh.4!

C:\SYSTEM VOLUME INFORMATION\_RESTORE{54C79B87-50ED-408D-9C29-FE9CD2FE5AC9}\RP142\A0043180.TLB

17/01/2006,16:22:53 WARNING: Is the Trojan horse TR/StartPage.adh.4!

C:\SYSTEM VOLUME INFORMATION\_RESTORE{54C79B87-50ED-408D-9C29-FE9CD2FE5AC9}\RP143\A0043216.TLB

17/01/2006,16:22:55 WARNING: Is the Trojan horse TR/StartPage.afw!

C:\SYSTEM VOLUME INFORMATION\_RESTORE{54C79B87-50ED-408D-9C29-FE9CD2FE5AC9}\RP143\A0043217.EXE

17/01/2006,16:22:58 WARNING: Is the Trojan horse TR/Small.FS.3!

C:\SYSTEM VOLUME INFORMATION\_RESTORE{54C79B87-50ED-408D-9C29-FE9CD2FE5AC9}\RP143\A0043218.EXE

17/01/2006,16:22:59 WARNING: Is the Trojan horse TR/StartPage.adh.5!

C:\SYSTEM VOLUME INFORMATION\_RESTORE{54C79B87-50ED-408D-9C29-FE9CD2FE5AC9}\RP143\A0043228.TLB

17/01/2006,16:23:01 WARNING: Is the Trojan horse TR/StartPage.adh.5!

C:\SYSTEM VOLUME INFORMATION\_RESTORE{54C79B87-50ED-408D-9C29-FE9CD2FE5AC9}\RP143\A0043235.TLB

17/01/2006,16:23:03 WARNING: Is the Trojan horse TR/StartPa.adh.10.B!

C:\SYSTEM VOLUME INFORMATION\_RESTORE{54C79B87-50ED-408D-9C29-FE9CD2FE5AC9}\RP143\A0043236.EXE

17/01/2006,16:28:41 WARNING: Is the Trojan horse TR/Dldr.Zlob.DR!

C:\SYSTEM VOLUME INFORMATION\_RESTORE{8955EFC7-4543-48D3-8AFA-B7287F448D8D}\RP53\A0014349.TLB

17/01/2006,17:29:13 WARNING: Is the Trojan horse TR/Dldr.Zlob.DR!

C:\SYSTEM VOLUME INFORMATION\_RESTORE{8955EFC7-4543-48D3-8AFA-B7287F448D8D}\RP53\A0014359.TLB

17/01/2006,17:29:14 WARNING: Is the Trojan horse TR/Dldr.Zlob.DR!

C:\SYSTEM VOLUME INFORMATION\_RESTORE{8955EFC7-4543-48D3-8AFA-B7287F448D8D}\RP53\A0014366.TLB

17/01/2006,17:29:16 WARNING: Is the Trojan horse TR/Dldr.Zlob.DR!

C:\SYSTEM VOLUME INFORMATION\_RESTORE{8955EFC7-4543-48D3-8AFA-B7287F448D8D}\RP53\A0014373.TLB

17/01/2006,17:29:17 WARNING: Is the Trojan horse TR/Dldr.Zlob.DR!

C:\SYSTEM VOLUME INFORMATION\_RESTORE{8955EFC7-4543-48D3-8AFA-B7287F448D8D}\RP53\A0014392.TLB

17/01/2006,17:29:19 WARNING: Is the Trojan horse TR/Dldr.Zlob.DR!

C:\SYSTEM VOLUME INFORMATION\_RESTORE{8955EFC7-4543-48D3-8AFA-B7287F448D8D}\RP53\A0014404.TLB

17/01/2006,17:29:21 WARNING: Is the Trojan horse TR/Dldr.Zlob.DR!

C:\SYSTEM VOLUME INFORMATION\_RESTORE{8955EFC7-4543-48D3-8AFA-B7287F448D8D}\RP53\A0014416.TLB

17/01/2006,17:29:23 WARNING: Is the Trojan horse TR/Dldr.Zlob.DR!

C:\SYSTEM VOLUME INFORMATION\_RESTORE{8955EFC7-4543-48D3-8AFA-B7287F448D8D}\RP53\A0014425.TLB

17/01/2006,17:29:30 WARNING: Is the Trojan horse TR/Zlob.FG.2.B!

C:\SYSTEM VOLUME INFORMATION\_RESTORE{8955EFC7-4543-48D3-8AFA-B7287F448D8D}\RP54\A0014467.EXE

17/01/2006,17:29:31 WARNING: Is the Trojan horse TR/Dldr.Zlob.DR!

C:\SYSTEM VOLUME INFORMATION\_RESTORE{8955EFC7-4543-48D3-8AFA-B7287F448D8D}\RP54\A0014468.TLB

17/01/2006,17:29:42 WARNING: Is the Trojan horse TR/Dldr.Zlob.FG.1!

C:\SYSTEM VOLUME INFORMATION\_RESTORE{8955EFC7-4543-48D3-8AFA-B7287F448D8D}\RP56\A0015521.EXE

17/01/2006,17:29:45 WARNING: Is the Trojan horse TR/Dldr.Zlob.DR!

C:\SYSTEM VOLUME INFORMATION\_RESTORE{8955EFC7-4543-48D3-8AFA-B7287F448D8D}\RP56\A0015523.TLB

17/01/2006,17:29:47 WARNING: Is the Trojan horse TR/Dldr.Zlob.DR!

C:\SYSTEM VOLUME INFORMATION\_RESTORE{8955EFC7-4543-48D3-8AFA-B7287F448D8D}\RP57\A0016520.TLB

17/01/2006,17:29:49 WARNING: Is the Trojan horse TR/Dldr.Zlob.DR!

C:\SYSTEM VOLUME INFORMATION\_RESTORE{8955EFC7-4543-48D3-8AFA-B7287F448D8D}\RP57\A0017520.TLB

17/01/2006,17:29:52 WARNING: Is the Trojan horse TR/Dldr.Zlob.DR!

C:\SYSTEM VOLUME INFORMATION\_RESTORE{8955EFC7-4543-48D3-8AFA-B7287F448D8D}\RP57\A0018520.TLB

17/01/2006,17:29:55 WARNING: Is the Trojan horse TR/Dldr.Zlob.DR!

C:\SYSTEM VOLUME INFORMATION\_RESTORE{8955EFC7-4543-48D3-8AFA-B7287F448D8D}\RP57\A0019542.TLB

17/01/2006,17:29:58 WARNING: Is the Trojan horse TR/Dldr.Zlob.DR!

C:\SYSTEM VOLUME INFORMATION\_RESTORE{8955EFC7-4543-48D3-8AFA-B7287F448D8D}\RP57\A0019584.TLB

17/01/2006,17:30:18 WARNING: Is the Trojan horse TR/ZLob.BQ!

C:\SYSTEM VOLUME INFORMATION\_RESTORE{8955EFC7-4543-48D3-8AFA-B7287F448D8D}\RP60\A0022755.EXE

17/01/2006,17:30:20 WARNING: Is the Trojan horse TR/Dldr.Zlob.DR!

C:\SYSTEM VOLUME INFORMATION\_RESTORE{8955EFC7-4543-48D3-8AFA-B7287F448D8D}\RP60\A0022756.TLB

17/01/2006,17:30:22 WARNING: Is the Trojan horse TR/Dldr.Zlob.dr.2!

C:\SYSTEM VOLUME INFORMATION\_RESTORE{8955EFC7-4543-48D3-8AFA-B7287F448D8D}\RP60\A0022758.EXE

18/01/2006,00:58:04 [iNFO] Stop Filter Device.

18/01/2006,00:58:05 AVGuard service has been stopped!

18/01/2006,01:00:10 ---------------------------------------------------------

18/01/2006,01:00:10 [iNIT] The AVGuard Service is starting.

18/01/2006,01:00:12 [iNIT] Keyfile contains a valid license. The AVGuard service will run as a fully functional version!

18/01/2006,01:00:14 [LOGON] Connection request by remote computer. Establishing secure communication channel.

18/01/2006,01:00:14 [LOGON] Connection to computer 127.0.0.1 established successfully. Session ID = 0xaaabf110.

18/01/2006,01:11:42 [ERROR] [1055] The device driver could not be loaded!

18/01/2006,01:11:42 [iNFO] Stop Filter Device.

18/01/2006,01:11:43 AVGuard service has been stopped!

18/01/2006,03:40:00 ---------------------------------------------------------

18/01/2006,03:40:00 [iNIT] The AVGuard Service is starting.

18/01/2006,03:40:02 [iNIT] Keyfile contains a valid license. The AVGuard service will run as a fully functional version!

18/01/2006,03:40:04 [LOGON] Connection request by remote computer. Establishing secure communication channel.

18/01/2006,03:40:04 [LOGON] Connection to computer 127.0.0.1 established successfully. Session ID = 0xaaaa5b57.

18/01/2006,03:51:32 [ERROR] [1055] The device driver could not be loaded!

18/01/2006,03:51:32 [iNFO] Stop Filter Device.

18/01/2006,03:51:33 AVGuard service has been stopped!

18/01/2006,06:18:54 ---------------------------------------------------------

18/01/2006,06:18:54 [iNIT] The AVGuard Service is starting.

18/01/2006,06:18:59 [iNIT] Keyfile contains a valid license. The AVGuard service will run as a fully functional version!

18/01/2006,06:19:01 [LOGON] Connection request by remote computer. Establishing secure communication channel.

18/01/2006,06:19:01 [LOGON] Connection to computer 127.0.0.1 established successfully. Session ID = 0xaaaad3dc.

18/01/2006,06:19:26 [iNFO] Start Filter Device.

18/01/2006,06:30:29 [ERROR] [1055] The device driver could not be loaded!

18/01/2006,06:30:30 [iNFO] Stop Filter Device.

18/01/2006,06:30:31 AVGuard service has been stopped!

18/01/2006,06:48:11 ---------------------------------------------------------

18/01/2006,06:48:11 [iNIT] The AVGuard Service is starting.

18/01/2006,06:48:16 [iNIT] Keyfile contains a valid license. The AVGuard service will run as a fully functional version!

18/01/2006,06:48:18 [LOGON] Connection request by remote computer. Establishing secure communication channel.

18/01/2006,06:48:18 [LOGON] Connection to computer 127.0.0.1 established successfully. Session ID = 0xaaaad5ea.

18/01/2006,06:58:46 [ERROR] [1055] The device driver could not be loaded!

18/01/2006,06:58:46 [iNFO] Stop Filter Device.

18/01/2006,06:58:48 AVGuard service has been stopped!

18/01/2006,07:38:54 ---------------------------------------------------------

18/01/2006,07:38:54 [iNIT] The AVGuard Service is starting.

18/01/2006,07:38:56 [iNIT] Keyfile contains a valid license. The AVGuard service will run as a fully functional version!

18/01/2006,07:38:57 [LOGON] Connection request by remote computer. Establishing secure communication channel.

18/01/2006,07:38:57 [LOGON] Connection to computer 127.0.0.1 established successfully. Session ID = 0xaaaa5164.

18/01/2006,07:39:30 [iNFO] Start Filter Device.

18/01/2006,07:50:26 [ERROR] [1055] The device driver could not be loaded!

18/01/2006,07:50:26 [iNFO] Stop Filter Device.

18/01/2006,07:50:27 AVGuard service has been stopped!

18/01/2006,07:59:40 ---------------------------------------------------------

18/01/2006,07:59:40 [iNIT] The AVGuard Service is starting.

18/01/2006,07:59:45 [iNIT] Keyfile contains a valid license. The AVGuard service will run as a fully functional version!

18/01/2006,07:59:49 [LOGON] Connection request by remote computer. Establishing secure communication channel.

18/01/2006,07:59:50 [LOGON] Connection to computer 127.0.0.1 established successfully. Session ID = 0xaaaad204.

18/01/2006,08:03:29 [ERROR] [1055] The device driver could not be loaded!

18/01/2006,08:03:29 [iNFO] Stop Filter Device.

18/01/2006,08:03:30 AVGuard service has been stopped!

18/01/2006,21:01:06 ---------------------------------------------------------

18/01/2006,21:01:06 [iNIT] The AVGuard Service is starting.

18/01/2006,21:01:11 [iNIT] Keyfile contains a valid license. The AVGuard service will run as a fully functional version!

18/01/2006,21:01:17 [LOGON] Connection request by remote computer. Establishing secure communication channel.

18/01/2006,21:01:18 [LOGON] Connection to computer 127.0.0.1 established successfully. Session ID = 0xaaaa2942.

18/01/2006,21:03:50 [ERROR] [1055] The device driver could not be loaded!

18/01/2006,21:03:51 [iNFO] Stop Filter Device.

18/01/2006,21:03:52 AVGuard service has been stopped!

je re-tente panda, un mieux encore ; il y a bien une fenêtre avec un faux medecin (que toutes les filles voudraient avoir dans son bureau) scrutant une fausse radio avec "vérifiez-la maintenant !" j'ai posé mon email et le bon pays, pas la bonne région comme indiqué et : "une fenêtre va s'ouvrir, cliquez sur oui pour continuer" et ensuite pas de fenêtre ça reste bloqué là.

un 4 ième mieux : OUI, l'onglet restauration système est réapparu dans outils système dans propriétés du poste de travail.

je suis retourné sur trendmicro juste pour voir...

encore "blocked by PKF"

mais là aussi un léger mieux :

il veut bien aller plus loin avec "scan now it's free !"

avec une colonne progression et plus bas une barre de progression notifiée "inactif"

résultat : panda et trendmicro : des mieux mais bloquent en chemin

peut-être que je devrai désactiver le dernier des 3 sur kerio : "bloquer les VBScripts" ?

et qu'est ce que je fais des habitants de la poubelle ?

vous allez pas me dire que je bosse pas là !

Connexion

Pas encore inscrit ?

Un nouveau à pédales chez les Ferrari

Messages recommandés

Thanos

mi-lion

Thanos

mi-lion

angelique

mi-lion

Thanos

mi-lion

mi-lion

mi-lion

Rejoindre la conversation

En ligne récemment 0 membre est en ligne

Zebulon

Outils en ligne

Naviguer