A voir également:
- !!!!!!infection par plusieurs trojan et worms
- Trojan remover - Télécharger - Antivirus & Antimalwares
- Trojan sms-par google - Accueil - Virus
- Google Messages va mieux vous protéger des liens dangereux - Accueil - Messagerie instantanée
- Anti trojan - Télécharger - Antivirus & Antimalwares
- Virus trojan al11 ✓ - Forum Virus
7 réponses
salut sebius,
peux tu allez dans demarrer, poste de travail,c:,programs files,av personal,et la:
*tu regardes dans infected (quarantaine d antivir), si ils y sont supprime les
*sinon tu vas dans logfiles, tu regardes dans NTGRDRT et regardes au moment ou il dit warning ou il le detecte et colle le ici !
---------------------
si tu galere:
lance un scan chez RAV :
http://www.ravantivirus.com/scan/
Clique sur "To continue without subscribing click here" et attends quelques minutes.
Lorsque "Ready" est affiché dans "status", coche la case "Autoclean" puis clique sur "Scan my PC"
A la fin de l'analyse, copie/colle le rapport ici
a+
peux tu allez dans demarrer, poste de travail,c:,programs files,av personal,et la:
*tu regardes dans infected (quarantaine d antivir), si ils y sont supprime les
*sinon tu vas dans logfiles, tu regardes dans NTGRDRT et regardes au moment ou il dit warning ou il le detecte et colle le ici !
---------------------
si tu galere:
lance un scan chez RAV :
http://www.ravantivirus.com/scan/
Clique sur "To continue without subscribing click here" et attends quelques minutes.
Lorsque "Ready" est affiché dans "status", coche la case "Autoclean" puis clique sur "Scan my PC"
A la fin de l'analyse, copie/colle le rapport ici
a+
merci pour vos réponses si rapides !
alors voilà le topo :
- dans infected j'ai trois fichiers.VIR :
- hfikbpdb.VIR
- msbb.VIR
- otscmdzf.VIR
Sinon dans NTGRDRT j'ai les WARNINGS suivants : excuse-moi d'avance de la longueur du truc ... les mêmes trojan reviennent plusieurs fois j'ai pas vérifiés si les fichiers indiqués se repetent
16/02/2005,15:09:09 WARNING: The Trojan horse TR/Dldr.Krepper.3!
C:\WINNT\SYSTEM32\HFIKBPDB.EXE
16/02/2005,15:09:37 [LOGON] Connection request by remote computer. Establishing secure communication channel.
16/02/2005,15:09:37 [LOGON] Connection to computer 127.0.0.1 established successfully. Session ID = 0xaaab3e86.
16/02/2005,15:09:36 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
16/02/2005,15:13:25 WARNING: Contains signature of the dropper DR/180Solutions!
C:\WINNT\MVANOX.EXE.TMP
16/02/2005,17:39:50 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\EG_AUTH.DLL
16/02/2005,19:31:56 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\JENCLNECNL\ENTFEFHJP.EXE
16/02/2005,19:30:42 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\HFRCNEJL\NTTDEENF.EXE
...
16/02/2005,23:53:08 WARNING: The Trojan horse TR/Dldr.Krepper.3!
C:\WINNT\SYSTEM32\HFIKBPDB.EXE
...
16/02/2005,23:53:30 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
16/02/2005,23:57:27 WARNING: Contains signature of the dropper DR/180Solutions!
C:\WINNT\NATATQL.EXE.TMP
...
17/02/2005,16:17:22 WARNING: The Trojan horse TR/Dldr.Krepper.3!
C:\WINNT\SYSTEM32\HFIKBPDB.EXE
...
17/02/2005,16:17:47 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
17/02/2005,16:21:29 WARNING: Contains signature of the dropper DR/180Solutions!
C:\WINNT\VYF.EXE.TMP
17/02/2005,19:39:54 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\JENCLNECNL\ENTFEFHJP.EXE
17/02/2005,19:39:13 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\HFRCNEJL\NTTDEENF.EXE
...
18/02/2005,15:00:10 WARNING: The Trojan horse TR/Dldr.Krepper.3!
C:\WINNT\SYSTEM32\HFIKBPDB.EXE
...
18/02/2005,15:00:28 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
18/02/2005,15:04:24 WARNING: Contains signature of the dropper DR/180Solutions!
C:\WINNT\KNEP.EXE.TMP
...
18/02/2005,19:23:57 WARNING: The Trojan horse TR/Dldr.Krepper.3!
C:\WINNT\SYSTEM32\HFIKBPDB.EXE
...
18/02/2005,19:24:26 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
18/02/2005,19:28:14 WARNING: Contains signature of the dropper DR/180Solutions!
C:\WINNT\RIFAV.EXE.TMP
18/02/2005,19:48:00 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\HFRCNEJL\NTTDEENF.EXE
18/02/2005,19:48:12 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\JENCLNECNL\ENTFEFHJP.EXE
...
19/02/2005,00:02:25 WARNING: The Trojan horse TR/Dldr.Krepper.3!
C:\WINNT\SYSTEM32\HFIKBPDB.EXE
...
19/02/2005,00:02:51 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
19/02/2005,00:06:39 WARNING: Contains signature of the dropper DR/180Solutions!
C:\WINNT\RUJOVAR.EXE.TMP
...
19/02/2005,12:16:56 WARNING: The Trojan horse TR/Dldr.Krepper.3!
C:\WINNT\SYSTEM32\HFIKBPDB.EXE
...
19/02/2005,12:17:16 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
19/02/2005,19:48:31 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\HFRCNEJL\NTTDEENF.EXE
19/02/2005,19:50:24 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\JENCLNECNL\ENTFEFHJP.EXE
...
19/02/2005,23:01:03 WARNING: The Trojan horse TR/Dldr.Krepper.3!
C:\WINNT\SYSTEM32\HFIKBPDB.EXE
19/02/2005,23:01:28 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
20/02/2005,12:00:26 WARNING: The Trojan horse TR/Dldr.Krepper.3!
C:\WINNT\SYSTEM32\HFIKBPDB.EXE
20/02/2005,12:02:04 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
20/02/2005,12:04:41 WARNING: Contains signature of the dropper DR/180Solutions!
C:\WINNT\QXUV.EXE.TMP
22/02/2005,22:07:22 WARNING: The Trojan horse TR/Dldr.Krepper.3!
C:\WINNT\SYSTEM32\HFIKBPDB.EXE
22/02/2005,22:09:27 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
22/02/2005,22:11:34 WARNING: Contains signature of the dropper DR/180Solutions!
C:\WINNT\CHAJWJ.EXE.TMP
22/02/2005,22:18:45 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\HFRCNEJL\NTTDEENF.EXE
22/02/2005,22:19:53 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\JENCLNECNL\ENTFEFHJP.EXE
23/02/2005,04:01:41 WARNING: The Trojan horse TR/Dldr.Krepper.3!
C:\WINNT\SYSTEM32\HFIKBPDB.EXE
23/02/2005,04:02:24 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
23/02/2005,04:05:57 WARNING: Contains signature of the dropper DR/180Solutions!
C:\WINNT\NUNIBGF.EXE.TMP
23/02/2005,05:09:07 WARNING: The Trojan horse TR/Dldr.Krepper.3!
C:\WINNT\SYSTEM32\HFIKBPDB.EXE
23/02/2005,05:09:46 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
23/02/2005,05:13:24 WARNING: Contains signature of the dropper DR/180Solutions!
C:\WINNT\IHURYRYJ.EXE.TMP
23/02/2005,20:13:13 WARNING: The Trojan horse TR/Dldr.Krepper.3!
C:\WINNT\SYSTEM32\HFIKBPDB.EXE
23/02/2005,20:13:40 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
23/02/2005,20:17:29 WARNING: Contains signature of the dropper DR/180Solutions!
C:\WINNT\GJQLUJSZ.EXE.TMP
23/02/2005,22:15:26 WARNING: The Trojan horse TR/Dldr.Krepper.3!
C:\WINNT\SYSTEM32\HFIKBPDB.EXE
23/02/2005,22:15:51 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
23/02/2005,22:20:01 WARNING: The Trojan horse TR/Dldr.Krepper.3!
C:\WINNT\SYSTEM32\HFIKBPDB.EXE
23/02/2005,22:21:05 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
23/02/2005,22:31:53 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\HFRCNEJL\NTTDEENF.EXE
23/02/2005,22:32:32 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\JENCLNECNL\ENTFEFHJP.EXE
24/02/2005,20:05:39 WARNING: The Trojan horse TR/Dldr.Krepper.3!
C:\WINNT\SYSTEM32\HFIKBPDB.EXE
24/02/2005,20:06:25 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
24/02/2005,20:13:54 WARNING: Contains signature of the dropper DR/180Solutions!
C:\WINNT\WTYDGXWZ.EXE.TMP
24/02/2005,20:43:25 WARNING: AVGuard detected a problem in the file
C:\DOCUMENTS AND SETTINGS\REVON\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\CP2B4XEN\TEST56[1].PPS
ATTENTION: This OLE document is possibly damaged!
24/02/2005,20:46:25 WARNING: AVGuard detected a problem in the file
C:\DOCUMENTS AND SETTINGS\REVON\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\09YFOHUN\TEST56[1].PPS
ATTENTION: This OLE document is possibly damaged!
24/02/2005,22:16:55 WARNING: The Trojan horse TR/Dldr.Small.abe!
C:\DOCUMENTS AND SETTINGS\REVON\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\ST6V8LMN\WEBINSTALL[1].DLL
24/02/2005,22:17:01 WARNING: The Trojan horse TR/Dldr.Small.abe!
C:\DOCUMENTS AND SETTINGS\REVON\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\ST6V8LMN\WEBINSTALL[1].DLL
24/02/2005,22:17:03 WARNING: The Trojan horse TR/Dldr.Small.abe!
C:\DOCUMENTS AND SETTINGS\REVON\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\ST6V8LMN\WEBINSTALL[1].DLL
24/02/2005,22:17:06 WARNING: The Trojan horse TR/Dldr.Small.abe!
C:\DOCUMENTS AND SETTINGS\REVON\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\09YFOHUN\WEBINSTALL[1].DLL
24/02/2005,22:17:12 WARNING: The Trojan horse TR/Dldr.Small.abe!
C:\DOCUMENTS AND SETTINGS\REVON\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\09YFOHUN\WEBINSTALL[1].DLL
24/02/2005,22:37:25 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\HFRCNEJL\NTTDEENF.EXE
24/02/2005,22:38:29 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\JENCLNECNL\ENTFEFHJP.EXE
25/02/2005,02:16:20 WARNING: The Trojan horse TR/Dldr.Krepper.3!
C:\WINNT\SYSTEM32\HFIKBPDB.EXE
25/02/2005,02:16:47 [LOGON] Connection request by remote computer. Establishing secure communication channel.
25/02/2005,02:16:48 [LOGON] Connection to computer 127.0.0.1 established successfully. Session ID = 0xaaab23de.
25/02/2005,02:16:50 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
25/02/2005,02:20:40 WARNING: Contains signature of the dropper DR/180Solutions!
C:\WINNT\TQLSN.EXE.TMP
26/02/2005,12:01:54 WARNING: The Trojan horse TR/Dldr.Krepper.3!
C:\WINNT\SYSTEM32\HFIKBPDB.EXE
26/02/2005,12:02:20 [LOGON] Connection request by remote computer. Establishing secure communication channel.
26/02/2005,12:02:20 [LOGON] Connection to computer 127.0.0.1 established successfully. Session ID = 0xaaab05da.
26/02/2005,12:02:23 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
26/02/2005,12:06:06 WARNING: Contains signature of the dropper DR/180Solutions!
C:\WINNT\QXEB.EXE.TMP
26/02/2005,12:14:26 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\JENCLNECNL\ENTFEFHJP.EXE
26/02/2005,12:13:35 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\HFRCNEJL\NTTDEENF.EXE
27/02/2005,04:03:47 WARNING: The Trojan horse TR/Dldr.Krepper.3!
C:\WINNT\SYSTEM32\HFIKBPDB.EXE
27/02/2005,04:04:08 [LOGON] Connection request by remote computer. Establishing secure communication channel.
27/02/2005,04:04:08 [LOGON] Connection to computer 127.0.0.1 established successfully. Session ID = 0xaaab37b2.
27/02/2005,04:04:10 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
27/02/2005,04:08:01 WARNING: Contains signature of the dropper DR/180Solutions!
C:\WINNT\IBYJ.EXE.TMP
27/02/2005,12:16:29 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\JENCLNECNL\ENTFEFHJP.EXE
27/02/2005,12:15:33 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\HFRCNEJL\NTTDEENF.EXE
28/02/2005,20:07:44 WARNING: The Trojan horse TR/Dldr.Krepper.3!
C:\WINNT\SYSTEM32\HFIKBPDB.EXE
28/02/2005,20:08:29 [LOGON] Connection request by remote computer. Establishing secure communication channel.
28/02/2005,20:08:29 [LOGON] Connection to computer 127.0.0.1 established successfully. Session ID = 0xaaa8a9c9.
28/02/2005,20:08:30 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
28/02/2005,20:11:59 WARNING: Contains signature of the dropper DR/180Solutions!
C:\WINNT\QLOHGPSN.EXE.TMP
28/02/2005,20:19:24 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\HFRCNEJL\NTTDEENF.EXE
28/02/2005,20:20:17 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\JENCLNECNL\ENTFEFHJP.EXE
01/03/2005,20:09:57 WARNING: The Trojan horse TR/Dldr.Krepper.3!
C:\WINNT\SYSTEM32\HFIKBPDB.EXE
01/03/2005,20:11:28 [LOGON] Connection request by remote computer. Establishing secure communication channel.
01/03/2005,20:11:28 [LOGON] Connection to computer 127.0.0.1 established successfully. Session ID = 0xaaa80760.
01/03/2005,20:11:31 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
01/03/2005,20:15:57 WARNING: Contains signature of the dropper DR/180Solutions!
C:\WINNT\MFSNEVQZ.EXE.TMP
01/03/2005,20:21:19 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\HFRCNEJL\NTTDEENF.EXE
01/03/2005,20:22:28 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\JENCLNECNL\ENTFEFHJP.EXE
02/03/2005,00:55:15 WARNING: The Trojan horse TR/Dldr.Krepper.3!
C:\WINNT\SYSTEM32\HFIKBPDB.EXE
02/03/2005,00:55:54 [LOGON] Connection request by remote computer. Establishing secure communication channel.
02/03/2005,00:55:54 [LOGON] Connection to computer 127.0.0.1 established successfully. Session ID = 0xaaab780f.
02/03/2005,00:56:02 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
02/03/2005,00:59:43 WARNING: Contains signature of the dropper DR/180Solutions!
C:\WINNT\QBADGNCN.EXE.TMP
02/03/2005,20:01:19 WARNING: The Trojan horse TR/Dldr.Krepper.3!
C:\WINNT\SYSTEM32\HFIKBPDB.EXE
02/03/2005,20:01:42 [LOGON] Connection request by remote computer. Establishing secure communication channel.
02/03/2005,20:01:42 [LOGON] Connection to computer 127.0.0.1 established successfully. Session ID = 0xaaab0bbf.
02/03/2005,20:01:46 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
02/03/2005,20:23:42 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\HFRCNEJL\NTTDEENF.EXE
02/03/2005,20:24:07 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\JENCLNECNL\ENTFEFHJP.EXE
03/03/2005,17:13:44 WARNING: The Trojan horse TR/Dldr.Krepper.3!
C:\WINNT\SYSTEM32\HFIKBPDB.EXE
03/03/2005,17:14:03 [LOGON] Connection request by remote computer. Establishing secure communication channel.
03/03/2005,17:14:03 [LOGON] Connection to computer 127.0.0.1 established successfully. Session ID = 0xaaab2712.
03/03/2005,17:14:12 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
03/03/2005,17:18:02 WARNING: Contains signature of the dropper DR/180Solutions!
C:\WINNT\SPOL.EXE.TMP
03/03/2005,20:26:38 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\JENCLNECNL\ENTFEFHJP.EXE
03/03/2005,20:25:39 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\HFRCNEJL\NTTDEENF.EXE
04/03/2005,20:16:48 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
04/03/2005,20:16:52 WARNING: Contains signature of the dropper DR/180Solutions!
C:\WINNT\STQPOBCR.EXE.TMP
04/03/2005,20:28:28 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\HFRCNEJL\NTTDEENF.EXE
04/03/2005,20:29:24 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\JENCLNECNL\ENTFEFHJP.EXE
05/03/2005,13:12:43 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
05/03/2005,13:16:46 WARNING: Contains signature of the dropper DR/180Solutions!
C:\WINNT\QDUHWJ.EXE.TMP
05/03/2005,20:35:51 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\JENCLNECNL\ENTFEFHJP.EXE
05/03/2005,20:34:27 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\HFRCNEJL\NTTDEENF.EXE
05/03/2005,21:29:36 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
05/03/2005,21:33:55 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
05/03/2005,21:37:53 WARNING: Contains signature of the dropper DR/180Solutions!
C:\WINNT\YVED.EXE.TMP
07/03/2005,12:27:55 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
07/03/2005,12:31:45 WARNING: Contains signature of the dropper DR/180Solutions!
C:\WINNT\LMB.EXE.TMP
07/03/2005,12:32:06 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\GMT\RTH08120
07/03/2005,12:42:57 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\HFRCNEJL\NTTDEENF.EXE
07/03/2005,12:44:39 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\JENCLNECNL\ENTFEFHJP.EXE
07/03/2005,16:33:33 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\GMT\RTH61810
07/03/2005,21:03:08 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
07/03/2005,21:07:54 WARNING: Contains signature of the dropper DR/180Solutions!
C:\WINNT\RQJELKN.EXE.TMP
08/03/2005,00:12:03 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\GMT\RTH63910
08/03/2005,20:30:39 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
08/03/2005,20:32:58 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\GMT\RTH27410
08/03/2005,20:33:55 WARNING: AVGuard detected a problem in the file
C:\DOCUMENTS AND SETTINGS\REVON\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\0ZO7KDGT\EVJF[1].XLS
ATTENTION: This OLE document is possibly damaged!
08/03/2005,20:34:32 WARNING: Contains signature of the dropper DR/180Solutions!
C:\WINNT\SJIHKZYT.EXE.TMP
08/03/2005,20:35:34 WARNING: AVGuard detected a problem in the file
C:\DOCUMENTS AND SETTINGS\REVON\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\0ZO7KDGT\ECI EST LA FID-LE TRANSCRIPTION D[1].DOC
ATTENTION: This OLE document is possibly damaged!
08/03/2005,20:39:06 WARNING: AVGuard detected a problem in the file
C:\DOCUMENTS AND SETTINGS\REVON\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\0ZO7KDGT\EVJF[2].XLS
ATTENTION: This OLE document is possibly damaged!
08/03/2005,20:43:32 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\HFRCNEJL\NTTDEENF.EXE
08/03/2005,20:45:23 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\JENCLNECNL\ENTFEFHJP.EXE
08/03/2005,23:07:44 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
09/03/2005,02:48:26 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
09/03/2005,02:50:46 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\GMT\RTH25910
09/03/2005,17:35:49 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
09/03/2005,17:39:43 WARNING: Contains signature of the dropper DR/180Solutions!
C:\WINNT\IXMV.EXE.TMP
09/03/2005,20:48:18 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\HFRCNEJL\NTTDEENF.EXE
09/03/2005,20:49:19 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\JENCLNECNL\ENTFEFHJP.EXE
09/03/2005,21:14:25 WARNING: Is the Trojan horse TR/Exploit.MS05-002.Ani.A!
C:\DOCUMENTS AND SETTINGS\REVON\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\SL6NSH6R\PAYLOAD[2].ANI
09/03/2005,21:14:25 WARNING: Is the Trojan horse TR/Exploit.MS05-002.Ani.A!
C:\DOCUMENTS AND SETTINGS\REVON\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\SL6NSH6R\PAYLOAD[1].ANI
09/03/2005,21:14:26 WARNING: Is the Trojan horse TR/Exploit.MS05-002.Ani.A!
C:\DOCUMENTS AND SETTINGS\REVON\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\SL6NSH6R\PAYLOAD[3].ANI
09/03/2005,21:14:27 WARNING: Is the Trojan horse TR/Exploit.MS05-002.Ani.A!
C:\DOCUMENTS AND SETTINGS\REVON\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\SL6NSH6R\PAYLOAD[4].ANI
09/03/2005,21:14:28 WARNING: Is the Trojan horse TR/Exploit.MS05-002.Ani.A!
C:\DOCUMENTS AND SETTINGS\REVON\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\SL6NSH6R\PAYLOAD[2].ANI
09/03/2005,21:14:28 WARNING: Is the Trojan horse TR/Exploit.MS05-002.Ani.A!
C:\DOCUMENTS AND SETTINGS\REVON\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\0ZO7KDGT\PAYLOAD[1].ANI
09/03/2005,21:14:35 WARNING: Is the Trojan horse TR/Exploit.MS05-002.Ani.A!
C:\DOCUMENTS AND SETTINGS\REVON\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\SL6NSH6R\PAYLOAD[1].ANI
09/03/2005,21:14:39 WARNING: Is the Trojan horse TR/Exploit.MS05-002.Ani.A!
C:\DOCUMENTS AND SETTINGS\REVON\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\SL6NSH6R\PAYLOAD[3].ANI
09/03/2005,21:14:40 WARNING: Is the Trojan horse TR/Exploit.MS05-002.Ani.A!
C:\DOCUMENTS AND SETTINGS\REVON\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\SL6NSH6R\PAYLOAD[4].ANI
09/03/2005,21:14:41 WARNING: Is the Trojan horse TR/Exploit.MS05-002.Ani.A!
C:\DOCUMENTS AND SETTINGS\REVON\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\0ZO7KDGT\PAYLOAD[1].ANI
09/03/2005,21:14:44 WARNING: Is the Trojan horse TR/ClassLder.c.Java!
C:\DOCUMENTS AND SETTINGS\REVON\APPLICATION DATA\SUN\JAVA\DEPLOYMENT\CACHE\JAVAPI\V1.0\JAR\CLASSLOAD.JAR-793FE9C2-1A45A4B7.ZIP
10/03/2005,19:16:55 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
10/03/2005,19:20:55 WARNING: Contains signature of the dropper DR/180Solutions!
C:\WINNT\CBMJKVUH.EXE.TMP
10/03/2005,19:29:53 WARNING: Contains signature of the HTML script virus HTML/Exploit.OBJ-Mht!
C:\DOCUMENTS AND SETTINGS\REVON\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\3GYODZ5A\INDEX[6].HTM
10/03/2005,19:30:34 WARNING: Contains signature of the Java virus Java/Femad!
C:\DOCUMENTS AND SETTINGS\REVON\APPLICATION DATA\SUN\JAVA\DEPLOYMENT\CACHE\JAVAPI\V1.0\JAR\COUNTER.JPG-301C72D2-79FCC231.ZIP
10/03/2005,19:30:39 WARNING: Contains signature of the Java virus Java/Femad!
C:\DOCUMENTS AND SETTINGS\REVON\APPLICATION DATA\SUN\JAVA\DEPLOYMENT\CACHE\JAVAPI\V1.0\JAR\COUNTER.JPG-5C96ED05-4746911F.ZIP
10/03/2005,20:48:59 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\HFRCNEJL\NTTDEENF.EXE
10/03/2005,20:49:46 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\JENCLNECNL\ENTFEFHJP.EXE
11/03/2005,20:58:49 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\HFRCNEJL\NTTDEENF.EXE
11/03/2005,20:50:13 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\JENCLNECNL\ENTFEFHJP.EXE
12/03/2005,20:45:03 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
12/03/2005,20:48:58 WARNING: Contains signature of the dropper DR/180Solutions!
C:\WINNT\FAX.EXE.TMP
12/03/2005,20:57:40 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\JENCLNECNL\ENTFEFHJP.EXE
13/03/2005,00:07:55 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
13/03/2005,00:20:00 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\HFRCNEJL\NTTDEENF.EXE
14/03/2005,20:16:44 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
14/03/2005,20:20:34 WARNING: Contains signature of the dropper DR/180Solutions!
C:\WINNT\TYJMNMB.EXE.TMP
14/03/2005,20:28:43 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\HFRCNEJL\NTTDEENF.EXE
14/03/2005,20:29:06 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\JENCLNECNL\ENTFEFHJP.EXE
15/03/2005,20:10:23 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
15/03/2005,20:10:27 WARNING: Contains signature of the dropper DR/180Solutions!
C:\WINNT\SPOJSN.EXE.TMP
File has been renamed to *.VIR
15/03/2005,20:32:52 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\JENCLNECNL\ENTFEFHJP.EXE
15/03/2005,20:32:41 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\HFRCNEJL\NTTDEENF.EXE
16/03/2005,01:55:03 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
16/03/2005,01:58:56 WARNING: Contains signature of the dropper DR/180Solutions!
C:\WINNT\VOPKD.EXE.TMP
16/03/2005,17:50:44 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
16/03/2005,17:54:42 WARNING: Contains signature of the dropper DR/180Solutions!
C:\WINNT\HQD.EXE.TMP
16/03/2005,20:33:30 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\JENCLNECNL\ENTFEFHJP.EXE
16/03/2005,20:42:30 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\HFRCNEJL\NTTDEENF.EXE
18/03/2005,00:04:39 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\JENCLNECNL\ENTFEFHJP.EXE
18/03/2005,00:03:28 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\HFRCNEJL\NTTDEENF.EXE
17/03/2005,23:52:08 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
18/03/2005,00:21:15 WARNING: Is the Trojan horse TR/Dldr.IstBar.A!
C:\DOCUMENTS AND SETTINGS\REVON\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\URE7UXIF\DOWNLOADS_MANAGER[1]
19/03/2005,01:45:59 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
19/03/2005,01:50:01 WARNING: Contains signature of the dropper DR/180Solutions!
C:\WINNT\ENQVAVKV.EXE.TMP
19/03/2005,01:58:29 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\JENCLNECNL\ENTFEFHJP.EXE
19/03/2005,01:57:26 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\HFRCNEJL\NTTDEENF.EXE
19/03/2005,19:47:11 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
19/03/2005,19:47:24 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
19/03/2005,19:47:26 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
20/03/2005,18:04:38 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
20/03/2005,18:08:30 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
20/03/2005,18:12:43 WARNING: Contains signature of the dropper DR/180Solutions!
C:\WINNT\ANMP.EXE.TMP
20/03/2005,18:16:06 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\HFRCNEJL\NTTDEENF.EXE
20/03/2005,18:17:02 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\JENCLNECNL\ENTFEFHJP.EXE
21/03/2005,20:48:08 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
21/03/2005,20:50:43 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
21/03/2005,20:52:06 WARNING: Contains signature of the dropper DR/180Solutions!
C:\WINNT\UXOT.EXE.TMP
21/03/2005,21:00:31 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\JENCLNECNL\ENTFEFHJP.EXE
21/03/2005,20:59:30 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\HFRCNEJL\NTTDEENF.EXE
21/03/2005,23:36:49 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
21/03/2005,23:37:07 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
23/03/2005,00:25:33 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
23/03/2005,00:25:40 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
23/03/2005,00:29:33 WARNING: Contains signature of the dropper DR/180Solutions!
C:\WINNT\XOFKF.EXE.TMP
23/03/2005,00:37:06 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\HFRCNEJL\NTTDEENF.EXE
23/03/2005,00:38:11 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\JENCLNECNL\ENTFEFHJP.EXE
23/03/2005,15:43:31 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
23/03/2005,15:43:39 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
23/03/2005,15:43:44 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
23/03/2005,15:47:30 WARNING: Contains signature of the dropper DR/180Solutions!
C:\WINNT\CHIJGHEL.EXE.TMP
24/03/2005,00:45:58 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\JENCLNECNL\ENTFEFHJP.EXE
24/03/2005,00:45:11 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\HFRCNEJL\NTTDEENF.EXE
24/03/2005,15:53:25 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
24/03/2005,15:53:36 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
24/03/2005,15:53:43 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
24/03/2005,15:57:28 WARNING: Contains signature of the dropper DR/180Solutions!
C:\WINNT\DSZEBYN.EXE.TMP
25/03/2005,12:39:36 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
25/03/2005,12:42:13 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
25/03/2005,12:43:34 WARNING: Contains signature of the dropper DR/180Solutions!
C:\WINNT\YXSX.EXE.TMP
25/03/2005,12:51:59 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\JENCLNECNL\ENTFEFHJP.EXE
25/03/2005,12:50:52 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\HFRCNEJL\NTTDEENF.EXE
26/03/2005,00:34:21 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
26/03/2005,00:34:27 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
26/03/2005,00:34:40 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
28/03/2005,23:39:41 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
28/03/2005,23:39:46 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
28/03/2005,23:39:54 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
28/03/2005,23:43:39 WARNING: Contains signature of the dropper DR/180Solutions!
C:\WINNT\SBYXOL.EXE.TMP
28/03/2005,23:52:08 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\HFRCNEJL\NTTDEENF.EXE
28/03/2005,23:52:18 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\JENCLNECNL\ENTFEFHJP.EXE
29/03/2005,21:13:14 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
29/03/2005,21:20:02 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
29/03/2005,21:25:14 WARNING: Contains signature of the dropper DR/180Solutions!
C:\WINNT\SPUNOR.EXE.TMP
File has been renamed to *.VIR
30/03/2005,20:02:34 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
30/03/2005,20:02:42 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
30/03/2005,20:02:45 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
30/03/2005,20:06:32 WARNING: Contains signature of the dropper DR/180Solutions!
C:\WINNT\ALGDOV.EXE.TMP
30/03/2005,20:14:31 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\HFRCNEJL\NTTDEENF.EXE
30/03/2005,20:14:59 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\JENCLNECNL\ENTFEFHJP.EXE
31/03/2005,17:45:02 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
31/03/2005,17:45:09 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
31/03/2005,17:45:12 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
31/03/2005,17:48:56 WARNING: Contains signature of the dropper DR/180Solutions!
C:\WINNT\IDYV.EXE.TMP
31/03/2005,20:17:22 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\JENCLNECNL\ENTFEFHJP.EXE
31/03/2005,20:16:36 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\HFRCNEJL\NTTDEENF.EXE
01/04/2005,20:35:00 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
01/04/2005,20:36:09 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
01/04/2005,20:38:59 WARNING: Contains signature of the dropper DR/180Solutions!
C:\WINNT\GNKZIFIX.EXE.TMP
01/04/2005,20:46:35 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\HFRCNEJL\NTTDEENF.EXE
01/04/2005,20:47:25 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\JENCLNECNL\ENTFEFHJP.EXE
02/04/2005,15:53:28 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
02/04/2005,15:53:36 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
02/04/2005,15:53:39 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
02/04/2005,15:56:38 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
02/04/2005,15:56:47 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
02/04/2005,15:56:49 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
02/04/2005,15:59:58 WARNING: Contains signature of the dropper DR/180Solutions.B!
C:\TEMP\MSBB.EXE
02/04/2005,16:00:36 WARNING: Contains signature of the dropper DR/180Solutions!
C:\WINNT\BMV.EXE.TMP
02/04/2005,17:55:00 WARNING: Contains signature of the dropper DR/180Solutions.B!
C:\TEMP\MSBB.EXE
02/04/2005,17:55:21 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
02/04/2005,17:55:29 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
02/04/2005,23:36:08 WARNING: Contains signature of the dropper DR/180Solutions.B!
C:\TEMP\MSBB.EXE
02/04/2005,23:36:29 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
02/04/2005,23:36:36 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
02/04/2005,23:36:40 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
02/04/2005,23:48:01 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\HFRCNEJL\NTTDEENF.EXE
02/04/2005,23:48:54 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\JENCLNECNL\ENTFEFHJP.EXE
03/04/2005,18:51:15 WARNING: Contains signature of the dropper DR/180Solutions.B!
C:\TEMP\MSBB.EXE
03/04/2005,18:51:34 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
03/04/2005,18:51:40 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
03/04/2005,18:51:43 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
04/04/2005,20:08:25 WARNING: Contains signature of the dropper DR/180Solutions.B!
C:\TEMP\MSBB.EXE
04/04/2005,20:08:31 WARNING: Contains signature of the dropper DR/180Solutions.B!
C:\TEMP\MSBB.EXE
04/04/2005,20:08:48 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
04/04/2005,20:08:52 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
04/04/2005,20:08:56 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
04/04/2005,20:12:03 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\GMT\RTH65610
04/04/2005,20:22:19 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\HFRCNEJL\NTTDEENF.EXE
04/04/2005,20:24:24 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\JENCLNECNL\ENTFEFHJP.EXE
06/04/2005,01:08:28 WARNING: Contains signature of the dropper DR/180Solutions.B!
C:\TEMP\MSBB.EXE
06/04/2005,01:08:52 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
06/04/2005,01:09:03 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
06/04/2005,01:09:05 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
06/04/2005,01:11:06 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\GMT\RTH40410
06/04/2005,01:21:50 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\HFRCNEJL\NTTDEENF.EXE
06/04/2005,01:23:42 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\JENCLNECNL\ENTFEFHJP.EXE
06/04/2005,23:50:59 WARNING: Contains signature of the dropper DR/180Solutions.B!
C:\TEMP\MSBB.EXE
06/04/2005,23:51:22 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
06/04/2005,23:51:25 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
06/04/2005,23:51:27 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
06/04/2005,23:52:55 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\GMT\RTH06710
07/04/2005,01:23:06 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\HFRCNEJL\NTTDEENF.EXE
07/04/2005,01:25:17 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\JENCLNECNL\ENTFEFHJP.EXE
07/04/2005,05:03:22 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\GMT\RTH48810
07/04/2005,05:01:07 WARNING: Contains signature of the dropper DR/180Solutions.B!
C:\TEMP\MSBB.EXE
07/04/2005,11:08:25 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
07/04/2005,11:08:27 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
07/04/2005,11:08:28 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
07/04/2005,15:09:25 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\GMT\RTH48810
08/04/2005,19:59:29 WARNING: Contains signature of the dropper DR/180Solutions.B!
C:\TEMP\MSBB.EXE
08/04/2005,19:59:46 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
08/04/2005,19:59:49 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
08/04/2005,19:59:53 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
08/04/2005,20:11:09 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\HFRCNEJL\NTTDEENF.EXE
08/04/2005,20:12:10 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\JENCLNECNL\ENTFEFHJP.EXE
09/04/2005,14:20:48 WARNING: Contains signature of the dropper DR/180Solutions.B!
C:\TEMP\MSBB.EXE
09/04/2005,14:21:06 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
09/04/2005,14:21:12 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
09/04/2005,19:24:26 WARNING: Contains signature of the dropper DR/180Solutions.B!
C:\TEMP\MSBB.EXE
09/04/2005,19:24:52 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
09/04/2005,19:24:54 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
09/04/2005,19:24:56 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
09/04/2005,20:16:31 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\HFRCNEJL\NTTDEENF.EXE
09/04/2005,20:17:15 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\JENCLNECNL\ENTFEFHJP.EXE
11/04/2005,20:31:09 WARNING: Contains signature of the dropper DR/180Solutions.B!
C:\TEMP\MSBB.EXE
11/04/2005,20:31:27 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
11/04/2005,20:31:35 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
11/04/2005,20:43:02 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\HFRCNEJL\NTTDEENF.EXE
11/04/2005,20:43:55 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\JENCLNECNL\ENTFEFHJP.EXE
11/04/2005,21:01:17 WARNING: AVGuard detected a problem in the file
C:\DOCUMENTS AND SETTINGS\REVON\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\SL6NSH6R\QUIZZBLONDE[1].PPS
ATTENTION: This OLE document is possibly damaged!
12/04/2005,20:08:40 WARNING: Contains signature of the dropper DR/180Solutions.B!
C:\TEMP\MSBB.EXE
12/04/2005,20:09:06 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
12/04/2005,20:09:25 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
12/04/2005,20:09:34 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
12/04/2005,20:51:16 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\JENCLNECNL\ENTFEFHJP.EXE
12/04/2005,20:50:22 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\HFRCNEJL\NTTDEENF.EXE
13/04/2005,19:56:10 WARNING: Contains signature of the dropper DR/180Solutions.B!
C:\TEMP\MSBB.EXE
13/04/2005,19:56:17 WARNING: Contains signature of the dropper DR/180Solutions.B!
C:\TEMP\MSBB.EXE
13/04/2005,19:56:30 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
13/04/2005,19:56:33 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
13/04/2005,19:56:37 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
13/04/2005,20:58:02 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\HFRCNEJL\NTTDEENF.EXE
13/04/2005,20:59:04 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\JENCLNECNL\ENTFEFHJP.EXE
14/04/2005,09:41:30 WARNING: Contains signature of the dropper DR/180Solutions.B!
C:\TEMP\MSBB.EXE
14/04/2005,09:41:50 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
14/04/2005,09:41:52 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
14/04/2005,09:42:01 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
14/04/2005,18:50:28 WARNING: Contains signature of the HTML script virus HTML/Exploit.Mhtml2!
C:\DOCUMENTS AND SETTINGS\REVON\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\WHYF8DUZ\EXPLOIT[1].HTM
14/04/2005,18:50:36 WARNING: Contains signature of the Java virus Java/ClassLdr.I.2!
C:\DOCUME~1\REVON\LOCALS~1\TEMP\JAR_CACHE60959.TMP
14/04/2005,18:50:35 WARNING: Is the Trojan horse TR/ClassLder.c.Java!
C:\DOCUMENTS AND SETTINGS\REVON\APPLICATION DATA\SUN\JAVA\DEPLOYMENT\CACHE\JAVAPI\V1.0\JAR\CLASSLOAD.JAR-7E961E5B-2D26E327.ZIP
14/04/2005,18:50:39 WARNING: Contains signature of the Java virus Java/Femad.1!
C:\DOCUMENTS AND SETTINGS\REVON\APPLICATION DATA\SUN\JAVA\DEPLOYMENT\CACHE\JAVAPI\V1.0\FILE\COUNTER.CLASS-72D7E234-29B01A87.CLASS
14/04/2005,18:50:42 WARNING: Is the Trojan horse TR/ClassLder.c.Java!
C:\DOCUMENTS AND SETTINGS\REVON\APPLICATION DATA\SUN\JAVA\DEPLOYMENT\CACHE\JAVAPI\V1.0\FILE\GETACCESS.CLASS-3DA599D4-7199CA51.CLASS
14/04/2005,18:50:44 WARNING: Contains signature of the Java virus Java/ClassLdr.I.2!
C:\DOCUMENTS AND SETTINGS\REVON\APPLICATION DATA\SUN\JAVA\DEPLOYMENT\CACHE\JAVAPI\V1.0\FILE\GUMMY.CLASS-657ED063-1A3D06FF.CLASS
14/04/2005,18:50:46 WARNING: Is the Trojan horse TR/Forten.Java.2!
C:\DOCUMENTS AND SETTINGS\REVON\APPLICATION DATA\SUN\JAVA\DEPLOYMENT\CACHE\JAVAPI\V1.0\FILE\DUMMY.CLASS-3D6C522-319175A9.CLASS
14/04/2005,18:50:47 WARNING: Contains signature of the Java virus Java/Femad!
C:\DOCUMENTS AND SETTINGS\REVON\APPLICATION DATA\SUN\JAVA\DEPLOYMENT\CACHE\JAVAPI\V1.0\FILE\VERIFIERBUG.CLASS-209DA1F6-3941ACEC.CLASS
14/04/2005,18:50:49 WARNING: Is the Trojan horse TR/Forten.Java.2.B!
C:\DOCUMENTS AND SETTINGS\REVON\APPLICATION DATA\SUN\JAVA\DEPLOYMENT\CACHE\JAVAPI\V1.0\FILE\INSECURECLASSLOADER.CLASS-7BF4D329-7333B5A1.CLASS
14/04/2005,21:04:54 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\JENCLNECNL\ENTFEFHJP.EXE
14/04/2005,21:04:00 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\HFRCNEJL\NTTDEENF.EXE
15/04/2005,21:14:00 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\HFRCNEJL\NTTDEENF.EXE
15/04/2005,21:05:37 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\JENCLNECNL\ENTFEFHJP.EXE
16/04/2005,00:36:10 WARNING: Contains signature of the dropper DR/180Solutions.B!
C:\TEMP\MSBB.EXE
16/04/2005,00:36:29 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
16/04/2005,00:36:31 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
16/04/2005,00:36:34 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
16/04/2005,00:39:03 WARNING: Contains signature of the dropper DR/180Solutions.B!
C:\TEMP\MSBB.EXE
16/04/2005,00:39:52 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
16/04/2005,00:39:56 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
16/04/2005,00:43:45 WARNING: Contains signature of the dropper DR/180Solutions.B!
C:\TEMP\MSBB.EXE
16/04/2005,00:49:15 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
16/04/2005,00:49:17 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
16/04/2005,21:07:12 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\JENCLNECNL\ENTFEFHJP.EXE
16/04/2005,21:17:02 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\HFRCNEJL\NTTDEENF.EXE
17/04/2005,13:00:08 WARNING: Contains signature of the dropper DR/180Solutions.B!
C:\TEMP\MSBB.EXE
17/04/2005,13:01:01 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
17/04/2005,13:01:03 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
17/04/2005,13:01:06 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
18/04/2005,10:54:31 WARNING: Contains signature of the dropper DR/180Solutions.B!
C:\TEMP\MSBB.EXE
18/04/2005,10:55:01 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
18/04/2005,10:55:03 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
18/04/2005,10:55:06 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
18/04/2005,11:06:29 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\HFRCNEJL\NTTDEENF.EXE
18/04/2005,11:06:56 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\JENCLNECNL\ENTFEFHJP.EXE
18/04/2005,20:02:58 WARNING: Contains signature of the dropper DR/180Solutions.B!
C:\TEMP\MSBB.EXE
18/04/2005,20:03:19 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
18/04/2005,20:03:32 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
18/04/2005,20:03:38 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
dropper DR/180Solutions.B!
C:\TEMP\MSBB.EXE
18/04/2005,20:17:23 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
18/04/2005,20:17:26 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
18/04/2005,20:17:46 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
19/04/2005,20:53:10 WARNING: Contains signature of the dropper DR/180Solutions.B!
C:\TEMP\MSBB.EXE
19/04/2005,20:53:33 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
19/04/2005,20:53:36 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
19/04/2005,20:53:42 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
19/04/2005,21:05:39 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\HFRCNEJL\NTTDEENF.EXE
19/04/2005,21:05:49 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\JENCLNECNL\ENTFEFHJP.EXE
20/04/2005,14:15:05 WARNING: Contains signature of the dropper DR/180Solutions.B!
C:\TEMP\MSBB.EXE
20/04/2005,14:15:51 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
20/04/2005,14:16:01 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
20/04/2005,21:07:52 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\HFRCNEJL\NTTDEENF.EXE
20/04/2005,21:08:08 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\JENCLNECNL\ENTFEFHJP.EXE
20/04/2005,22:25:53 WARNING: Contains signature of the dropper DR/180Solutions.B!
C:\TEMP\MSBB.EXE
20/04/2005,22:28:26 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
20/04/2005,22:28:29 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
21/04/2005,15:58:06 WARNING: Contains signature of the dropper DR/180Solutions.B!
C:\TEMP\MSBB.EXE
21/04/2005,15:58:25 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
21/04/2005,15:58:27 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
21/04/2005,15:58:32 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
21/04/2005,21:11:04 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\JENCLNECNL\ENTFEFHJP.EXE
21/04/2005,21:10:17 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\HFRCNEJL\NTTDEENF.EXE
23/04/2005,00:08:08 WARNING: Contains signature of the dropper DR/180Solutions.B!
C:\TEMP\MSBB.EXE
23/04/2005,00:08:27 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
23/04/2005,00:08:34 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
23/04/2005,00:08:39 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
23/04/2005,00:08:48 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
23/04/2005,00:20:14 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\HFRCNEJL\NTTDEENF.EXE
23/04/2005,00:20:48 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\JENCLNECNL\ENTFEFHJP.EXE
23/04/2005,19:52:19 WARNING: Is the Trojan horse TR/Dialer.EG.3!
C:\PROGRAM FILES\MONTORGUEIL\ALIZE2\ALIZE2.EXE
23/04/2005,19:57:10 WARNING: Contains signature of the dropper DR/180Solutions.B!
C:\TEMP\MSBB.EXE
23/04/2005,19:57:51 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
23/04/2005,19:57:53 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
23/04/2005,19:57:54 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
23/04/2005,19:57:57 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
alors voilà le topo :
- dans infected j'ai trois fichiers.VIR :
- hfikbpdb.VIR
- msbb.VIR
- otscmdzf.VIR
Sinon dans NTGRDRT j'ai les WARNINGS suivants : excuse-moi d'avance de la longueur du truc ... les mêmes trojan reviennent plusieurs fois j'ai pas vérifiés si les fichiers indiqués se repetent
16/02/2005,15:09:09 WARNING: The Trojan horse TR/Dldr.Krepper.3!
C:\WINNT\SYSTEM32\HFIKBPDB.EXE
16/02/2005,15:09:37 [LOGON] Connection request by remote computer. Establishing secure communication channel.
16/02/2005,15:09:37 [LOGON] Connection to computer 127.0.0.1 established successfully. Session ID = 0xaaab3e86.
16/02/2005,15:09:36 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
16/02/2005,15:13:25 WARNING: Contains signature of the dropper DR/180Solutions!
C:\WINNT\MVANOX.EXE.TMP
16/02/2005,17:39:50 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\EG_AUTH.DLL
16/02/2005,19:31:56 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\JENCLNECNL\ENTFEFHJP.EXE
16/02/2005,19:30:42 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\HFRCNEJL\NTTDEENF.EXE
...
16/02/2005,23:53:08 WARNING: The Trojan horse TR/Dldr.Krepper.3!
C:\WINNT\SYSTEM32\HFIKBPDB.EXE
...
16/02/2005,23:53:30 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
16/02/2005,23:57:27 WARNING: Contains signature of the dropper DR/180Solutions!
C:\WINNT\NATATQL.EXE.TMP
...
17/02/2005,16:17:22 WARNING: The Trojan horse TR/Dldr.Krepper.3!
C:\WINNT\SYSTEM32\HFIKBPDB.EXE
...
17/02/2005,16:17:47 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
17/02/2005,16:21:29 WARNING: Contains signature of the dropper DR/180Solutions!
C:\WINNT\VYF.EXE.TMP
17/02/2005,19:39:54 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\JENCLNECNL\ENTFEFHJP.EXE
17/02/2005,19:39:13 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\HFRCNEJL\NTTDEENF.EXE
...
18/02/2005,15:00:10 WARNING: The Trojan horse TR/Dldr.Krepper.3!
C:\WINNT\SYSTEM32\HFIKBPDB.EXE
...
18/02/2005,15:00:28 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
18/02/2005,15:04:24 WARNING: Contains signature of the dropper DR/180Solutions!
C:\WINNT\KNEP.EXE.TMP
...
18/02/2005,19:23:57 WARNING: The Trojan horse TR/Dldr.Krepper.3!
C:\WINNT\SYSTEM32\HFIKBPDB.EXE
...
18/02/2005,19:24:26 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
18/02/2005,19:28:14 WARNING: Contains signature of the dropper DR/180Solutions!
C:\WINNT\RIFAV.EXE.TMP
18/02/2005,19:48:00 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\HFRCNEJL\NTTDEENF.EXE
18/02/2005,19:48:12 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\JENCLNECNL\ENTFEFHJP.EXE
...
19/02/2005,00:02:25 WARNING: The Trojan horse TR/Dldr.Krepper.3!
C:\WINNT\SYSTEM32\HFIKBPDB.EXE
...
19/02/2005,00:02:51 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
19/02/2005,00:06:39 WARNING: Contains signature of the dropper DR/180Solutions!
C:\WINNT\RUJOVAR.EXE.TMP
...
19/02/2005,12:16:56 WARNING: The Trojan horse TR/Dldr.Krepper.3!
C:\WINNT\SYSTEM32\HFIKBPDB.EXE
...
19/02/2005,12:17:16 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
19/02/2005,19:48:31 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\HFRCNEJL\NTTDEENF.EXE
19/02/2005,19:50:24 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\JENCLNECNL\ENTFEFHJP.EXE
...
19/02/2005,23:01:03 WARNING: The Trojan horse TR/Dldr.Krepper.3!
C:\WINNT\SYSTEM32\HFIKBPDB.EXE
19/02/2005,23:01:28 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
20/02/2005,12:00:26 WARNING: The Trojan horse TR/Dldr.Krepper.3!
C:\WINNT\SYSTEM32\HFIKBPDB.EXE
20/02/2005,12:02:04 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
20/02/2005,12:04:41 WARNING: Contains signature of the dropper DR/180Solutions!
C:\WINNT\QXUV.EXE.TMP
22/02/2005,22:07:22 WARNING: The Trojan horse TR/Dldr.Krepper.3!
C:\WINNT\SYSTEM32\HFIKBPDB.EXE
22/02/2005,22:09:27 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
22/02/2005,22:11:34 WARNING: Contains signature of the dropper DR/180Solutions!
C:\WINNT\CHAJWJ.EXE.TMP
22/02/2005,22:18:45 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\HFRCNEJL\NTTDEENF.EXE
22/02/2005,22:19:53 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\JENCLNECNL\ENTFEFHJP.EXE
23/02/2005,04:01:41 WARNING: The Trojan horse TR/Dldr.Krepper.3!
C:\WINNT\SYSTEM32\HFIKBPDB.EXE
23/02/2005,04:02:24 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
23/02/2005,04:05:57 WARNING: Contains signature of the dropper DR/180Solutions!
C:\WINNT\NUNIBGF.EXE.TMP
23/02/2005,05:09:07 WARNING: The Trojan horse TR/Dldr.Krepper.3!
C:\WINNT\SYSTEM32\HFIKBPDB.EXE
23/02/2005,05:09:46 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
23/02/2005,05:13:24 WARNING: Contains signature of the dropper DR/180Solutions!
C:\WINNT\IHURYRYJ.EXE.TMP
23/02/2005,20:13:13 WARNING: The Trojan horse TR/Dldr.Krepper.3!
C:\WINNT\SYSTEM32\HFIKBPDB.EXE
23/02/2005,20:13:40 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
23/02/2005,20:17:29 WARNING: Contains signature of the dropper DR/180Solutions!
C:\WINNT\GJQLUJSZ.EXE.TMP
23/02/2005,22:15:26 WARNING: The Trojan horse TR/Dldr.Krepper.3!
C:\WINNT\SYSTEM32\HFIKBPDB.EXE
23/02/2005,22:15:51 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
23/02/2005,22:20:01 WARNING: The Trojan horse TR/Dldr.Krepper.3!
C:\WINNT\SYSTEM32\HFIKBPDB.EXE
23/02/2005,22:21:05 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
23/02/2005,22:31:53 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\HFRCNEJL\NTTDEENF.EXE
23/02/2005,22:32:32 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\JENCLNECNL\ENTFEFHJP.EXE
24/02/2005,20:05:39 WARNING: The Trojan horse TR/Dldr.Krepper.3!
C:\WINNT\SYSTEM32\HFIKBPDB.EXE
24/02/2005,20:06:25 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
24/02/2005,20:13:54 WARNING: Contains signature of the dropper DR/180Solutions!
C:\WINNT\WTYDGXWZ.EXE.TMP
24/02/2005,20:43:25 WARNING: AVGuard detected a problem in the file
C:\DOCUMENTS AND SETTINGS\REVON\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\CP2B4XEN\TEST56[1].PPS
ATTENTION: This OLE document is possibly damaged!
24/02/2005,20:46:25 WARNING: AVGuard detected a problem in the file
C:\DOCUMENTS AND SETTINGS\REVON\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\09YFOHUN\TEST56[1].PPS
ATTENTION: This OLE document is possibly damaged!
24/02/2005,22:16:55 WARNING: The Trojan horse TR/Dldr.Small.abe!
C:\DOCUMENTS AND SETTINGS\REVON\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\ST6V8LMN\WEBINSTALL[1].DLL
24/02/2005,22:17:01 WARNING: The Trojan horse TR/Dldr.Small.abe!
C:\DOCUMENTS AND SETTINGS\REVON\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\ST6V8LMN\WEBINSTALL[1].DLL
24/02/2005,22:17:03 WARNING: The Trojan horse TR/Dldr.Small.abe!
C:\DOCUMENTS AND SETTINGS\REVON\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\ST6V8LMN\WEBINSTALL[1].DLL
24/02/2005,22:17:06 WARNING: The Trojan horse TR/Dldr.Small.abe!
C:\DOCUMENTS AND SETTINGS\REVON\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\09YFOHUN\WEBINSTALL[1].DLL
24/02/2005,22:17:12 WARNING: The Trojan horse TR/Dldr.Small.abe!
C:\DOCUMENTS AND SETTINGS\REVON\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\09YFOHUN\WEBINSTALL[1].DLL
24/02/2005,22:37:25 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\HFRCNEJL\NTTDEENF.EXE
24/02/2005,22:38:29 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\JENCLNECNL\ENTFEFHJP.EXE
25/02/2005,02:16:20 WARNING: The Trojan horse TR/Dldr.Krepper.3!
C:\WINNT\SYSTEM32\HFIKBPDB.EXE
25/02/2005,02:16:47 [LOGON] Connection request by remote computer. Establishing secure communication channel.
25/02/2005,02:16:48 [LOGON] Connection to computer 127.0.0.1 established successfully. Session ID = 0xaaab23de.
25/02/2005,02:16:50 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
25/02/2005,02:20:40 WARNING: Contains signature of the dropper DR/180Solutions!
C:\WINNT\TQLSN.EXE.TMP
26/02/2005,12:01:54 WARNING: The Trojan horse TR/Dldr.Krepper.3!
C:\WINNT\SYSTEM32\HFIKBPDB.EXE
26/02/2005,12:02:20 [LOGON] Connection request by remote computer. Establishing secure communication channel.
26/02/2005,12:02:20 [LOGON] Connection to computer 127.0.0.1 established successfully. Session ID = 0xaaab05da.
26/02/2005,12:02:23 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
26/02/2005,12:06:06 WARNING: Contains signature of the dropper DR/180Solutions!
C:\WINNT\QXEB.EXE.TMP
26/02/2005,12:14:26 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\JENCLNECNL\ENTFEFHJP.EXE
26/02/2005,12:13:35 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\HFRCNEJL\NTTDEENF.EXE
27/02/2005,04:03:47 WARNING: The Trojan horse TR/Dldr.Krepper.3!
C:\WINNT\SYSTEM32\HFIKBPDB.EXE
27/02/2005,04:04:08 [LOGON] Connection request by remote computer. Establishing secure communication channel.
27/02/2005,04:04:08 [LOGON] Connection to computer 127.0.0.1 established successfully. Session ID = 0xaaab37b2.
27/02/2005,04:04:10 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
27/02/2005,04:08:01 WARNING: Contains signature of the dropper DR/180Solutions!
C:\WINNT\IBYJ.EXE.TMP
27/02/2005,12:16:29 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\JENCLNECNL\ENTFEFHJP.EXE
27/02/2005,12:15:33 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\HFRCNEJL\NTTDEENF.EXE
28/02/2005,20:07:44 WARNING: The Trojan horse TR/Dldr.Krepper.3!
C:\WINNT\SYSTEM32\HFIKBPDB.EXE
28/02/2005,20:08:29 [LOGON] Connection request by remote computer. Establishing secure communication channel.
28/02/2005,20:08:29 [LOGON] Connection to computer 127.0.0.1 established successfully. Session ID = 0xaaa8a9c9.
28/02/2005,20:08:30 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
28/02/2005,20:11:59 WARNING: Contains signature of the dropper DR/180Solutions!
C:\WINNT\QLOHGPSN.EXE.TMP
28/02/2005,20:19:24 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\HFRCNEJL\NTTDEENF.EXE
28/02/2005,20:20:17 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\JENCLNECNL\ENTFEFHJP.EXE
01/03/2005,20:09:57 WARNING: The Trojan horse TR/Dldr.Krepper.3!
C:\WINNT\SYSTEM32\HFIKBPDB.EXE
01/03/2005,20:11:28 [LOGON] Connection request by remote computer. Establishing secure communication channel.
01/03/2005,20:11:28 [LOGON] Connection to computer 127.0.0.1 established successfully. Session ID = 0xaaa80760.
01/03/2005,20:11:31 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
01/03/2005,20:15:57 WARNING: Contains signature of the dropper DR/180Solutions!
C:\WINNT\MFSNEVQZ.EXE.TMP
01/03/2005,20:21:19 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\HFRCNEJL\NTTDEENF.EXE
01/03/2005,20:22:28 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\JENCLNECNL\ENTFEFHJP.EXE
02/03/2005,00:55:15 WARNING: The Trojan horse TR/Dldr.Krepper.3!
C:\WINNT\SYSTEM32\HFIKBPDB.EXE
02/03/2005,00:55:54 [LOGON] Connection request by remote computer. Establishing secure communication channel.
02/03/2005,00:55:54 [LOGON] Connection to computer 127.0.0.1 established successfully. Session ID = 0xaaab780f.
02/03/2005,00:56:02 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
02/03/2005,00:59:43 WARNING: Contains signature of the dropper DR/180Solutions!
C:\WINNT\QBADGNCN.EXE.TMP
02/03/2005,20:01:19 WARNING: The Trojan horse TR/Dldr.Krepper.3!
C:\WINNT\SYSTEM32\HFIKBPDB.EXE
02/03/2005,20:01:42 [LOGON] Connection request by remote computer. Establishing secure communication channel.
02/03/2005,20:01:42 [LOGON] Connection to computer 127.0.0.1 established successfully. Session ID = 0xaaab0bbf.
02/03/2005,20:01:46 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
02/03/2005,20:23:42 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\HFRCNEJL\NTTDEENF.EXE
02/03/2005,20:24:07 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\JENCLNECNL\ENTFEFHJP.EXE
03/03/2005,17:13:44 WARNING: The Trojan horse TR/Dldr.Krepper.3!
C:\WINNT\SYSTEM32\HFIKBPDB.EXE
03/03/2005,17:14:03 [LOGON] Connection request by remote computer. Establishing secure communication channel.
03/03/2005,17:14:03 [LOGON] Connection to computer 127.0.0.1 established successfully. Session ID = 0xaaab2712.
03/03/2005,17:14:12 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
03/03/2005,17:18:02 WARNING: Contains signature of the dropper DR/180Solutions!
C:\WINNT\SPOL.EXE.TMP
03/03/2005,20:26:38 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\JENCLNECNL\ENTFEFHJP.EXE
03/03/2005,20:25:39 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\HFRCNEJL\NTTDEENF.EXE
04/03/2005,20:16:48 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
04/03/2005,20:16:52 WARNING: Contains signature of the dropper DR/180Solutions!
C:\WINNT\STQPOBCR.EXE.TMP
04/03/2005,20:28:28 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\HFRCNEJL\NTTDEENF.EXE
04/03/2005,20:29:24 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\JENCLNECNL\ENTFEFHJP.EXE
05/03/2005,13:12:43 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
05/03/2005,13:16:46 WARNING: Contains signature of the dropper DR/180Solutions!
C:\WINNT\QDUHWJ.EXE.TMP
05/03/2005,20:35:51 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\JENCLNECNL\ENTFEFHJP.EXE
05/03/2005,20:34:27 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\HFRCNEJL\NTTDEENF.EXE
05/03/2005,21:29:36 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
05/03/2005,21:33:55 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
05/03/2005,21:37:53 WARNING: Contains signature of the dropper DR/180Solutions!
C:\WINNT\YVED.EXE.TMP
07/03/2005,12:27:55 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
07/03/2005,12:31:45 WARNING: Contains signature of the dropper DR/180Solutions!
C:\WINNT\LMB.EXE.TMP
07/03/2005,12:32:06 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\GMT\RTH08120
07/03/2005,12:42:57 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\HFRCNEJL\NTTDEENF.EXE
07/03/2005,12:44:39 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\JENCLNECNL\ENTFEFHJP.EXE
07/03/2005,16:33:33 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\GMT\RTH61810
07/03/2005,21:03:08 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
07/03/2005,21:07:54 WARNING: Contains signature of the dropper DR/180Solutions!
C:\WINNT\RQJELKN.EXE.TMP
08/03/2005,00:12:03 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\GMT\RTH63910
08/03/2005,20:30:39 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
08/03/2005,20:32:58 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\GMT\RTH27410
08/03/2005,20:33:55 WARNING: AVGuard detected a problem in the file
C:\DOCUMENTS AND SETTINGS\REVON\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\0ZO7KDGT\EVJF[1].XLS
ATTENTION: This OLE document is possibly damaged!
08/03/2005,20:34:32 WARNING: Contains signature of the dropper DR/180Solutions!
C:\WINNT\SJIHKZYT.EXE.TMP
08/03/2005,20:35:34 WARNING: AVGuard detected a problem in the file
C:\DOCUMENTS AND SETTINGS\REVON\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\0ZO7KDGT\ECI EST LA FID-LE TRANSCRIPTION D[1].DOC
ATTENTION: This OLE document is possibly damaged!
08/03/2005,20:39:06 WARNING: AVGuard detected a problem in the file
C:\DOCUMENTS AND SETTINGS\REVON\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\0ZO7KDGT\EVJF[2].XLS
ATTENTION: This OLE document is possibly damaged!
08/03/2005,20:43:32 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\HFRCNEJL\NTTDEENF.EXE
08/03/2005,20:45:23 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\JENCLNECNL\ENTFEFHJP.EXE
08/03/2005,23:07:44 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
09/03/2005,02:48:26 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
09/03/2005,02:50:46 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\GMT\RTH25910
09/03/2005,17:35:49 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
09/03/2005,17:39:43 WARNING: Contains signature of the dropper DR/180Solutions!
C:\WINNT\IXMV.EXE.TMP
09/03/2005,20:48:18 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\HFRCNEJL\NTTDEENF.EXE
09/03/2005,20:49:19 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\JENCLNECNL\ENTFEFHJP.EXE
09/03/2005,21:14:25 WARNING: Is the Trojan horse TR/Exploit.MS05-002.Ani.A!
C:\DOCUMENTS AND SETTINGS\REVON\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\SL6NSH6R\PAYLOAD[2].ANI
09/03/2005,21:14:25 WARNING: Is the Trojan horse TR/Exploit.MS05-002.Ani.A!
C:\DOCUMENTS AND SETTINGS\REVON\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\SL6NSH6R\PAYLOAD[1].ANI
09/03/2005,21:14:26 WARNING: Is the Trojan horse TR/Exploit.MS05-002.Ani.A!
C:\DOCUMENTS AND SETTINGS\REVON\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\SL6NSH6R\PAYLOAD[3].ANI
09/03/2005,21:14:27 WARNING: Is the Trojan horse TR/Exploit.MS05-002.Ani.A!
C:\DOCUMENTS AND SETTINGS\REVON\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\SL6NSH6R\PAYLOAD[4].ANI
09/03/2005,21:14:28 WARNING: Is the Trojan horse TR/Exploit.MS05-002.Ani.A!
C:\DOCUMENTS AND SETTINGS\REVON\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\SL6NSH6R\PAYLOAD[2].ANI
09/03/2005,21:14:28 WARNING: Is the Trojan horse TR/Exploit.MS05-002.Ani.A!
C:\DOCUMENTS AND SETTINGS\REVON\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\0ZO7KDGT\PAYLOAD[1].ANI
09/03/2005,21:14:35 WARNING: Is the Trojan horse TR/Exploit.MS05-002.Ani.A!
C:\DOCUMENTS AND SETTINGS\REVON\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\SL6NSH6R\PAYLOAD[1].ANI
09/03/2005,21:14:39 WARNING: Is the Trojan horse TR/Exploit.MS05-002.Ani.A!
C:\DOCUMENTS AND SETTINGS\REVON\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\SL6NSH6R\PAYLOAD[3].ANI
09/03/2005,21:14:40 WARNING: Is the Trojan horse TR/Exploit.MS05-002.Ani.A!
C:\DOCUMENTS AND SETTINGS\REVON\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\SL6NSH6R\PAYLOAD[4].ANI
09/03/2005,21:14:41 WARNING: Is the Trojan horse TR/Exploit.MS05-002.Ani.A!
C:\DOCUMENTS AND SETTINGS\REVON\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\0ZO7KDGT\PAYLOAD[1].ANI
09/03/2005,21:14:44 WARNING: Is the Trojan horse TR/ClassLder.c.Java!
C:\DOCUMENTS AND SETTINGS\REVON\APPLICATION DATA\SUN\JAVA\DEPLOYMENT\CACHE\JAVAPI\V1.0\JAR\CLASSLOAD.JAR-793FE9C2-1A45A4B7.ZIP
10/03/2005,19:16:55 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
10/03/2005,19:20:55 WARNING: Contains signature of the dropper DR/180Solutions!
C:\WINNT\CBMJKVUH.EXE.TMP
10/03/2005,19:29:53 WARNING: Contains signature of the HTML script virus HTML/Exploit.OBJ-Mht!
C:\DOCUMENTS AND SETTINGS\REVON\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\3GYODZ5A\INDEX[6].HTM
10/03/2005,19:30:34 WARNING: Contains signature of the Java virus Java/Femad!
C:\DOCUMENTS AND SETTINGS\REVON\APPLICATION DATA\SUN\JAVA\DEPLOYMENT\CACHE\JAVAPI\V1.0\JAR\COUNTER.JPG-301C72D2-79FCC231.ZIP
10/03/2005,19:30:39 WARNING: Contains signature of the Java virus Java/Femad!
C:\DOCUMENTS AND SETTINGS\REVON\APPLICATION DATA\SUN\JAVA\DEPLOYMENT\CACHE\JAVAPI\V1.0\JAR\COUNTER.JPG-5C96ED05-4746911F.ZIP
10/03/2005,20:48:59 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\HFRCNEJL\NTTDEENF.EXE
10/03/2005,20:49:46 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\JENCLNECNL\ENTFEFHJP.EXE
11/03/2005,20:58:49 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\HFRCNEJL\NTTDEENF.EXE
11/03/2005,20:50:13 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\JENCLNECNL\ENTFEFHJP.EXE
12/03/2005,20:45:03 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
12/03/2005,20:48:58 WARNING: Contains signature of the dropper DR/180Solutions!
C:\WINNT\FAX.EXE.TMP
12/03/2005,20:57:40 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\JENCLNECNL\ENTFEFHJP.EXE
13/03/2005,00:07:55 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
13/03/2005,00:20:00 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\HFRCNEJL\NTTDEENF.EXE
14/03/2005,20:16:44 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
14/03/2005,20:20:34 WARNING: Contains signature of the dropper DR/180Solutions!
C:\WINNT\TYJMNMB.EXE.TMP
14/03/2005,20:28:43 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\HFRCNEJL\NTTDEENF.EXE
14/03/2005,20:29:06 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\JENCLNECNL\ENTFEFHJP.EXE
15/03/2005,20:10:23 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
15/03/2005,20:10:27 WARNING: Contains signature of the dropper DR/180Solutions!
C:\WINNT\SPOJSN.EXE.TMP
File has been renamed to *.VIR
15/03/2005,20:32:52 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\JENCLNECNL\ENTFEFHJP.EXE
15/03/2005,20:32:41 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\HFRCNEJL\NTTDEENF.EXE
16/03/2005,01:55:03 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
16/03/2005,01:58:56 WARNING: Contains signature of the dropper DR/180Solutions!
C:\WINNT\VOPKD.EXE.TMP
16/03/2005,17:50:44 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
16/03/2005,17:54:42 WARNING: Contains signature of the dropper DR/180Solutions!
C:\WINNT\HQD.EXE.TMP
16/03/2005,20:33:30 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\JENCLNECNL\ENTFEFHJP.EXE
16/03/2005,20:42:30 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\HFRCNEJL\NTTDEENF.EXE
18/03/2005,00:04:39 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\JENCLNECNL\ENTFEFHJP.EXE
18/03/2005,00:03:28 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\HFRCNEJL\NTTDEENF.EXE
17/03/2005,23:52:08 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
18/03/2005,00:21:15 WARNING: Is the Trojan horse TR/Dldr.IstBar.A!
C:\DOCUMENTS AND SETTINGS\REVON\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\URE7UXIF\DOWNLOADS_MANAGER[1]
19/03/2005,01:45:59 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
19/03/2005,01:50:01 WARNING: Contains signature of the dropper DR/180Solutions!
C:\WINNT\ENQVAVKV.EXE.TMP
19/03/2005,01:58:29 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\JENCLNECNL\ENTFEFHJP.EXE
19/03/2005,01:57:26 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\HFRCNEJL\NTTDEENF.EXE
19/03/2005,19:47:11 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
19/03/2005,19:47:24 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
19/03/2005,19:47:26 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
20/03/2005,18:04:38 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
20/03/2005,18:08:30 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
20/03/2005,18:12:43 WARNING: Contains signature of the dropper DR/180Solutions!
C:\WINNT\ANMP.EXE.TMP
20/03/2005,18:16:06 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\HFRCNEJL\NTTDEENF.EXE
20/03/2005,18:17:02 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\JENCLNECNL\ENTFEFHJP.EXE
21/03/2005,20:48:08 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
21/03/2005,20:50:43 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
21/03/2005,20:52:06 WARNING: Contains signature of the dropper DR/180Solutions!
C:\WINNT\UXOT.EXE.TMP
21/03/2005,21:00:31 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\JENCLNECNL\ENTFEFHJP.EXE
21/03/2005,20:59:30 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\HFRCNEJL\NTTDEENF.EXE
21/03/2005,23:36:49 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
21/03/2005,23:37:07 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
23/03/2005,00:25:33 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
23/03/2005,00:25:40 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
23/03/2005,00:29:33 WARNING: Contains signature of the dropper DR/180Solutions!
C:\WINNT\XOFKF.EXE.TMP
23/03/2005,00:37:06 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\HFRCNEJL\NTTDEENF.EXE
23/03/2005,00:38:11 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\JENCLNECNL\ENTFEFHJP.EXE
23/03/2005,15:43:31 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
23/03/2005,15:43:39 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
23/03/2005,15:43:44 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
23/03/2005,15:47:30 WARNING: Contains signature of the dropper DR/180Solutions!
C:\WINNT\CHIJGHEL.EXE.TMP
24/03/2005,00:45:58 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\JENCLNECNL\ENTFEFHJP.EXE
24/03/2005,00:45:11 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\HFRCNEJL\NTTDEENF.EXE
24/03/2005,15:53:25 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
24/03/2005,15:53:36 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
24/03/2005,15:53:43 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
24/03/2005,15:57:28 WARNING: Contains signature of the dropper DR/180Solutions!
C:\WINNT\DSZEBYN.EXE.TMP
25/03/2005,12:39:36 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
25/03/2005,12:42:13 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
25/03/2005,12:43:34 WARNING: Contains signature of the dropper DR/180Solutions!
C:\WINNT\YXSX.EXE.TMP
25/03/2005,12:51:59 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\JENCLNECNL\ENTFEFHJP.EXE
25/03/2005,12:50:52 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\HFRCNEJL\NTTDEENF.EXE
26/03/2005,00:34:21 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
26/03/2005,00:34:27 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
26/03/2005,00:34:40 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
28/03/2005,23:39:41 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
28/03/2005,23:39:46 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
28/03/2005,23:39:54 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
28/03/2005,23:43:39 WARNING: Contains signature of the dropper DR/180Solutions!
C:\WINNT\SBYXOL.EXE.TMP
28/03/2005,23:52:08 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\HFRCNEJL\NTTDEENF.EXE
28/03/2005,23:52:18 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\JENCLNECNL\ENTFEFHJP.EXE
29/03/2005,21:13:14 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
29/03/2005,21:20:02 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
29/03/2005,21:25:14 WARNING: Contains signature of the dropper DR/180Solutions!
C:\WINNT\SPUNOR.EXE.TMP
File has been renamed to *.VIR
30/03/2005,20:02:34 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
30/03/2005,20:02:42 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
30/03/2005,20:02:45 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
30/03/2005,20:06:32 WARNING: Contains signature of the dropper DR/180Solutions!
C:\WINNT\ALGDOV.EXE.TMP
30/03/2005,20:14:31 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\HFRCNEJL\NTTDEENF.EXE
30/03/2005,20:14:59 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\JENCLNECNL\ENTFEFHJP.EXE
31/03/2005,17:45:02 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
31/03/2005,17:45:09 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
31/03/2005,17:45:12 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
31/03/2005,17:48:56 WARNING: Contains signature of the dropper DR/180Solutions!
C:\WINNT\IDYV.EXE.TMP
31/03/2005,20:17:22 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\JENCLNECNL\ENTFEFHJP.EXE
31/03/2005,20:16:36 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\HFRCNEJL\NTTDEENF.EXE
01/04/2005,20:35:00 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
01/04/2005,20:36:09 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
01/04/2005,20:38:59 WARNING: Contains signature of the dropper DR/180Solutions!
C:\WINNT\GNKZIFIX.EXE.TMP
01/04/2005,20:46:35 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\HFRCNEJL\NTTDEENF.EXE
01/04/2005,20:47:25 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\JENCLNECNL\ENTFEFHJP.EXE
02/04/2005,15:53:28 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
02/04/2005,15:53:36 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
02/04/2005,15:53:39 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
02/04/2005,15:56:38 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
02/04/2005,15:56:47 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
02/04/2005,15:56:49 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
02/04/2005,15:59:58 WARNING: Contains signature of the dropper DR/180Solutions.B!
C:\TEMP\MSBB.EXE
02/04/2005,16:00:36 WARNING: Contains signature of the dropper DR/180Solutions!
C:\WINNT\BMV.EXE.TMP
02/04/2005,17:55:00 WARNING: Contains signature of the dropper DR/180Solutions.B!
C:\TEMP\MSBB.EXE
02/04/2005,17:55:21 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
02/04/2005,17:55:29 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
02/04/2005,23:36:08 WARNING: Contains signature of the dropper DR/180Solutions.B!
C:\TEMP\MSBB.EXE
02/04/2005,23:36:29 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
02/04/2005,23:36:36 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
02/04/2005,23:36:40 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
02/04/2005,23:48:01 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\HFRCNEJL\NTTDEENF.EXE
02/04/2005,23:48:54 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\JENCLNECNL\ENTFEFHJP.EXE
03/04/2005,18:51:15 WARNING: Contains signature of the dropper DR/180Solutions.B!
C:\TEMP\MSBB.EXE
03/04/2005,18:51:34 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
03/04/2005,18:51:40 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
03/04/2005,18:51:43 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
04/04/2005,20:08:25 WARNING: Contains signature of the dropper DR/180Solutions.B!
C:\TEMP\MSBB.EXE
04/04/2005,20:08:31 WARNING: Contains signature of the dropper DR/180Solutions.B!
C:\TEMP\MSBB.EXE
04/04/2005,20:08:48 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
04/04/2005,20:08:52 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
04/04/2005,20:08:56 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
04/04/2005,20:12:03 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\GMT\RTH65610
04/04/2005,20:22:19 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\HFRCNEJL\NTTDEENF.EXE
04/04/2005,20:24:24 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\JENCLNECNL\ENTFEFHJP.EXE
06/04/2005,01:08:28 WARNING: Contains signature of the dropper DR/180Solutions.B!
C:\TEMP\MSBB.EXE
06/04/2005,01:08:52 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
06/04/2005,01:09:03 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
06/04/2005,01:09:05 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
06/04/2005,01:11:06 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\GMT\RTH40410
06/04/2005,01:21:50 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\HFRCNEJL\NTTDEENF.EXE
06/04/2005,01:23:42 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\JENCLNECNL\ENTFEFHJP.EXE
06/04/2005,23:50:59 WARNING: Contains signature of the dropper DR/180Solutions.B!
C:\TEMP\MSBB.EXE
06/04/2005,23:51:22 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
06/04/2005,23:51:25 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
06/04/2005,23:51:27 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
06/04/2005,23:52:55 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\GMT\RTH06710
07/04/2005,01:23:06 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\HFRCNEJL\NTTDEENF.EXE
07/04/2005,01:25:17 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\JENCLNECNL\ENTFEFHJP.EXE
07/04/2005,05:03:22 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\GMT\RTH48810
07/04/2005,05:01:07 WARNING: Contains signature of the dropper DR/180Solutions.B!
C:\TEMP\MSBB.EXE
07/04/2005,11:08:25 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
07/04/2005,11:08:27 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
07/04/2005,11:08:28 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
07/04/2005,15:09:25 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\GMT\RTH48810
08/04/2005,19:59:29 WARNING: Contains signature of the dropper DR/180Solutions.B!
C:\TEMP\MSBB.EXE
08/04/2005,19:59:46 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
08/04/2005,19:59:49 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
08/04/2005,19:59:53 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
08/04/2005,20:11:09 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\HFRCNEJL\NTTDEENF.EXE
08/04/2005,20:12:10 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\JENCLNECNL\ENTFEFHJP.EXE
09/04/2005,14:20:48 WARNING: Contains signature of the dropper DR/180Solutions.B!
C:\TEMP\MSBB.EXE
09/04/2005,14:21:06 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
09/04/2005,14:21:12 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
09/04/2005,19:24:26 WARNING: Contains signature of the dropper DR/180Solutions.B!
C:\TEMP\MSBB.EXE
09/04/2005,19:24:52 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
09/04/2005,19:24:54 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
09/04/2005,19:24:56 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
09/04/2005,20:16:31 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\HFRCNEJL\NTTDEENF.EXE
09/04/2005,20:17:15 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\JENCLNECNL\ENTFEFHJP.EXE
11/04/2005,20:31:09 WARNING: Contains signature of the dropper DR/180Solutions.B!
C:\TEMP\MSBB.EXE
11/04/2005,20:31:27 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
11/04/2005,20:31:35 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
11/04/2005,20:43:02 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\HFRCNEJL\NTTDEENF.EXE
11/04/2005,20:43:55 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\JENCLNECNL\ENTFEFHJP.EXE
11/04/2005,21:01:17 WARNING: AVGuard detected a problem in the file
C:\DOCUMENTS AND SETTINGS\REVON\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\SL6NSH6R\QUIZZBLONDE[1].PPS
ATTENTION: This OLE document is possibly damaged!
12/04/2005,20:08:40 WARNING: Contains signature of the dropper DR/180Solutions.B!
C:\TEMP\MSBB.EXE
12/04/2005,20:09:06 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
12/04/2005,20:09:25 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
12/04/2005,20:09:34 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
12/04/2005,20:51:16 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\JENCLNECNL\ENTFEFHJP.EXE
12/04/2005,20:50:22 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\HFRCNEJL\NTTDEENF.EXE
13/04/2005,19:56:10 WARNING: Contains signature of the dropper DR/180Solutions.B!
C:\TEMP\MSBB.EXE
13/04/2005,19:56:17 WARNING: Contains signature of the dropper DR/180Solutions.B!
C:\TEMP\MSBB.EXE
13/04/2005,19:56:30 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
13/04/2005,19:56:33 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
13/04/2005,19:56:37 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
13/04/2005,20:58:02 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\HFRCNEJL\NTTDEENF.EXE
13/04/2005,20:59:04 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\JENCLNECNL\ENTFEFHJP.EXE
14/04/2005,09:41:30 WARNING: Contains signature of the dropper DR/180Solutions.B!
C:\TEMP\MSBB.EXE
14/04/2005,09:41:50 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
14/04/2005,09:41:52 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
14/04/2005,09:42:01 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
14/04/2005,18:50:28 WARNING: Contains signature of the HTML script virus HTML/Exploit.Mhtml2!
C:\DOCUMENTS AND SETTINGS\REVON\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\WHYF8DUZ\EXPLOIT[1].HTM
14/04/2005,18:50:36 WARNING: Contains signature of the Java virus Java/ClassLdr.I.2!
C:\DOCUME~1\REVON\LOCALS~1\TEMP\JAR_CACHE60959.TMP
14/04/2005,18:50:35 WARNING: Is the Trojan horse TR/ClassLder.c.Java!
C:\DOCUMENTS AND SETTINGS\REVON\APPLICATION DATA\SUN\JAVA\DEPLOYMENT\CACHE\JAVAPI\V1.0\JAR\CLASSLOAD.JAR-7E961E5B-2D26E327.ZIP
14/04/2005,18:50:39 WARNING: Contains signature of the Java virus Java/Femad.1!
C:\DOCUMENTS AND SETTINGS\REVON\APPLICATION DATA\SUN\JAVA\DEPLOYMENT\CACHE\JAVAPI\V1.0\FILE\COUNTER.CLASS-72D7E234-29B01A87.CLASS
14/04/2005,18:50:42 WARNING: Is the Trojan horse TR/ClassLder.c.Java!
C:\DOCUMENTS AND SETTINGS\REVON\APPLICATION DATA\SUN\JAVA\DEPLOYMENT\CACHE\JAVAPI\V1.0\FILE\GETACCESS.CLASS-3DA599D4-7199CA51.CLASS
14/04/2005,18:50:44 WARNING: Contains signature of the Java virus Java/ClassLdr.I.2!
C:\DOCUMENTS AND SETTINGS\REVON\APPLICATION DATA\SUN\JAVA\DEPLOYMENT\CACHE\JAVAPI\V1.0\FILE\GUMMY.CLASS-657ED063-1A3D06FF.CLASS
14/04/2005,18:50:46 WARNING: Is the Trojan horse TR/Forten.Java.2!
C:\DOCUMENTS AND SETTINGS\REVON\APPLICATION DATA\SUN\JAVA\DEPLOYMENT\CACHE\JAVAPI\V1.0\FILE\DUMMY.CLASS-3D6C522-319175A9.CLASS
14/04/2005,18:50:47 WARNING: Contains signature of the Java virus Java/Femad!
C:\DOCUMENTS AND SETTINGS\REVON\APPLICATION DATA\SUN\JAVA\DEPLOYMENT\CACHE\JAVAPI\V1.0\FILE\VERIFIERBUG.CLASS-209DA1F6-3941ACEC.CLASS
14/04/2005,18:50:49 WARNING: Is the Trojan horse TR/Forten.Java.2.B!
C:\DOCUMENTS AND SETTINGS\REVON\APPLICATION DATA\SUN\JAVA\DEPLOYMENT\CACHE\JAVAPI\V1.0\FILE\INSECURECLASSLOADER.CLASS-7BF4D329-7333B5A1.CLASS
14/04/2005,21:04:54 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\JENCLNECNL\ENTFEFHJP.EXE
14/04/2005,21:04:00 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\HFRCNEJL\NTTDEENF.EXE
15/04/2005,21:14:00 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\HFRCNEJL\NTTDEENF.EXE
15/04/2005,21:05:37 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\JENCLNECNL\ENTFEFHJP.EXE
16/04/2005,00:36:10 WARNING: Contains signature of the dropper DR/180Solutions.B!
C:\TEMP\MSBB.EXE
16/04/2005,00:36:29 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
16/04/2005,00:36:31 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
16/04/2005,00:36:34 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
16/04/2005,00:39:03 WARNING: Contains signature of the dropper DR/180Solutions.B!
C:\TEMP\MSBB.EXE
16/04/2005,00:39:52 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
16/04/2005,00:39:56 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
16/04/2005,00:43:45 WARNING: Contains signature of the dropper DR/180Solutions.B!
C:\TEMP\MSBB.EXE
16/04/2005,00:49:15 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
16/04/2005,00:49:17 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
16/04/2005,21:07:12 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\JENCLNECNL\ENTFEFHJP.EXE
16/04/2005,21:17:02 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\HFRCNEJL\NTTDEENF.EXE
17/04/2005,13:00:08 WARNING: Contains signature of the dropper DR/180Solutions.B!
C:\TEMP\MSBB.EXE
17/04/2005,13:01:01 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
17/04/2005,13:01:03 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
17/04/2005,13:01:06 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
18/04/2005,10:54:31 WARNING: Contains signature of the dropper DR/180Solutions.B!
C:\TEMP\MSBB.EXE
18/04/2005,10:55:01 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
18/04/2005,10:55:03 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
18/04/2005,10:55:06 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
18/04/2005,11:06:29 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\HFRCNEJL\NTTDEENF.EXE
18/04/2005,11:06:56 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\JENCLNECNL\ENTFEFHJP.EXE
18/04/2005,20:02:58 WARNING: Contains signature of the dropper DR/180Solutions.B!
C:\TEMP\MSBB.EXE
18/04/2005,20:03:19 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
18/04/2005,20:03:32 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
18/04/2005,20:03:38 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
dropper DR/180Solutions.B!
C:\TEMP\MSBB.EXE
18/04/2005,20:17:23 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
18/04/2005,20:17:26 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
18/04/2005,20:17:46 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
19/04/2005,20:53:10 WARNING: Contains signature of the dropper DR/180Solutions.B!
C:\TEMP\MSBB.EXE
19/04/2005,20:53:33 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
19/04/2005,20:53:36 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
19/04/2005,20:53:42 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
19/04/2005,21:05:39 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\HFRCNEJL\NTTDEENF.EXE
19/04/2005,21:05:49 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\JENCLNECNL\ENTFEFHJP.EXE
20/04/2005,14:15:05 WARNING: Contains signature of the dropper DR/180Solutions.B!
C:\TEMP\MSBB.EXE
20/04/2005,14:15:51 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
20/04/2005,14:16:01 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
20/04/2005,21:07:52 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\HFRCNEJL\NTTDEENF.EXE
20/04/2005,21:08:08 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\JENCLNECNL\ENTFEFHJP.EXE
20/04/2005,22:25:53 WARNING: Contains signature of the dropper DR/180Solutions.B!
C:\TEMP\MSBB.EXE
20/04/2005,22:28:26 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
20/04/2005,22:28:29 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
21/04/2005,15:58:06 WARNING: Contains signature of the dropper DR/180Solutions.B!
C:\TEMP\MSBB.EXE
21/04/2005,15:58:25 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
21/04/2005,15:58:27 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
21/04/2005,15:58:32 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
21/04/2005,21:11:04 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\JENCLNECNL\ENTFEFHJP.EXE
21/04/2005,21:10:17 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\HFRCNEJL\NTTDEENF.EXE
23/04/2005,00:08:08 WARNING: Contains signature of the dropper DR/180Solutions.B!
C:\TEMP\MSBB.EXE
23/04/2005,00:08:27 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
23/04/2005,00:08:34 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
23/04/2005,00:08:39 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
23/04/2005,00:08:48 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
23/04/2005,00:20:14 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\HFRCNEJL\NTTDEENF.EXE
23/04/2005,00:20:48 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\JENCLNECNL\ENTFEFHJP.EXE
23/04/2005,19:52:19 WARNING: Is the Trojan horse TR/Dialer.EG.3!
C:\PROGRAM FILES\MONTORGUEIL\ALIZE2\ALIZE2.EXE
23/04/2005,19:57:10 WARNING: Contains signature of the dropper DR/180Solutions.B!
C:\TEMP\MSBB.EXE
23/04/2005,19:57:51 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
23/04/2005,19:57:53 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
23/04/2005,19:57:54 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
23/04/2005,19:57:57 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
whaou, tes blindé lol
*supprime ce qu il y a en quarantaine+corbeille
*lance un scan chez RAV :
http://www.ravantivirus.com/scan/
Clique sur "To continue without subscribing click here" et attends quelques minutes.
Lorsque "Ready" est affiché dans "status", coche la case "Autoclean" puis clique sur "Scan my PC"
A la fin de l'analyse, copie/colle le rapport ici
*supprime ce qu il y a en quarantaine+corbeille
*lance un scan chez RAV :
http://www.ravantivirus.com/scan/
Clique sur "To continue without subscribing click here" et attends quelques minutes.
Lorsque "Ready" est affiché dans "status", coche la case "Autoclean" puis clique sur "Scan my PC"
A la fin de l'analyse, copie/colle le rapport ici
corbeille et quarantaine ???
faut que je vire les trois fichiers de infected ?
bon là je suis entrain de faire le scan que tu m'as dit...
je te le renvoies après ...
faut que je vire les trois fichiers de infected ?
bon là je suis entrain de faire le scan que tu m'as dit...
je te le renvoies après ...
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
voilà g fait le scan deux fois mais il s'arrete à chaque fois au meme fichier et je n'ai que ça :
Scan started at 25/04/2005 20:00:13
Scanning memory...
Scanning boot sectors...
Scanning files...
C:\Documents and Settings\REVON\Local Settings\Temp\alchem.cab->alchem.exe - TrojanDownloader:Win32/Alchemic.A -> Infected
C:\Documents and Settings\REVON\Local Settings\Temp\twaintec.cab->polall1m.exe->(CExe) - TrojanDownloader:Win32/Agent.AE -> Infected
C:\Documents and Settings\REVON\Local Settings\Temp\THI879.tmp\twaintec.cab->twaintec.dll - TrojanSpy:Win32/BiSpy.C -> Infected
C:\Documents and Settings\REVON\Local Settings\Temp\THI879.tmp\twaintec.cab->polall1t.exe - TrojanDownloader:Win32/Agent.AE -> Infected
help me please ...
Scan started at 25/04/2005 20:00:13
Scanning memory...
Scanning boot sectors...
Scanning files...
C:\Documents and Settings\REVON\Local Settings\Temp\alchem.cab->alchem.exe - TrojanDownloader:Win32/Alchemic.A -> Infected
C:\Documents and Settings\REVON\Local Settings\Temp\twaintec.cab->polall1m.exe->(CExe) - TrojanDownloader:Win32/Agent.AE -> Infected
C:\Documents and Settings\REVON\Local Settings\Temp\THI879.tmp\twaintec.cab->twaintec.dll - TrojanSpy:Win32/BiSpy.C -> Infected
C:\Documents and Settings\REVON\Local Settings\Temp\THI879.tmp\twaintec.cab->polall1t.exe - TrojanDownloader:Win32/Agent.AE -> Infected
help me please ...
salut,
Fais un nettoyage des fichiers temps...etc avec ce programme:
http://pageperso.aol.fr/Balltrap34/CleanUp312.exe
a+
Fais un nettoyage des fichiers temps...etc avec ce programme:
http://pageperso.aol.fr/Balltrap34/CleanUp312.exe
a+
