!!!!!!infection par plusieurs trojan et worms
sebius
-
HH -
HH -
Salut les gens.
Je suis dans la pannade. Je suis resté pendant des mois sans antivirus, le mien était out of date et j'ai téléchargé antivir XP et lors du scan il m'indique plein de virus tels que :
- Worm Rbot.IQ.03
- TR/Dldr.Krepper.3
-
Je suis dans la pannade. Je suis resté pendant des mois sans antivirus, le mien était out of date et j'ai téléchargé antivir XP et lors du scan il m'indique plein de virus tels que :
- Worm Rbot.IQ.03
- TR/Dldr.Krepper.3
-
7 réponses
-
-
salut sebius,
peux tu allez dans demarrer, poste de travail,c:,programs files,av personal,et la:
*tu regardes dans infected (quarantaine d antivir), si ils y sont supprime les
*sinon tu vas dans logfiles, tu regardes dans NTGRDRT et regardes au moment ou il dit warning ou il le detecte et colle le ici !
---------------------
si tu galere:
lance un scan chez RAV :
http://www.ravantivirus.com/scan/
Clique sur "To continue without subscribing click here" et attends quelques minutes.
Lorsque "Ready" est affiché dans "status", coche la case "Autoclean" puis clique sur "Scan my PC"
A la fin de l'analyse, copie/colle le rapport ici
a+-
merci pour vos réponses si rapides !
alors voilà le topo :
- dans infected j'ai trois fichiers.VIR :
- hfikbpdb.VIR
- msbb.VIR
- otscmdzf.VIR
Sinon dans NTGRDRT j'ai les WARNINGS suivants : excuse-moi d'avance de la longueur du truc ... les mêmes trojan reviennent plusieurs fois j'ai pas vérifiés si les fichiers indiqués se repetent
16/02/2005,15:09:09 WARNING: The Trojan horse TR/Dldr.Krepper.3!
C:\WINNT\SYSTEM32\HFIKBPDB.EXE
16/02/2005,15:09:37 [LOGON] Connection request by remote computer. Establishing secure communication channel.
16/02/2005,15:09:37 [LOGON] Connection to computer 127.0.0.1 established successfully. Session ID = 0xaaab3e86.
16/02/2005,15:09:36 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
16/02/2005,15:13:25 WARNING: Contains signature of the dropper DR/180Solutions!
C:\WINNT\MVANOX.EXE.TMP
16/02/2005,17:39:50 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\EG_AUTH.DLL
16/02/2005,19:31:56 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\JENCLNECNL\ENTFEFHJP.EXE
16/02/2005,19:30:42 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\HFRCNEJL\NTTDEENF.EXE
...
16/02/2005,23:53:08 WARNING: The Trojan horse TR/Dldr.Krepper.3!
C:\WINNT\SYSTEM32\HFIKBPDB.EXE
...
16/02/2005,23:53:30 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
16/02/2005,23:57:27 WARNING: Contains signature of the dropper DR/180Solutions!
C:\WINNT\NATATQL.EXE.TMP
...
17/02/2005,16:17:22 WARNING: The Trojan horse TR/Dldr.Krepper.3!
C:\WINNT\SYSTEM32\HFIKBPDB.EXE
...
17/02/2005,16:17:47 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
17/02/2005,16:21:29 WARNING: Contains signature of the dropper DR/180Solutions!
C:\WINNT\VYF.EXE.TMP
17/02/2005,19:39:54 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\JENCLNECNL\ENTFEFHJP.EXE
17/02/2005,19:39:13 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\HFRCNEJL\NTTDEENF.EXE
...
18/02/2005,15:00:10 WARNING: The Trojan horse TR/Dldr.Krepper.3!
C:\WINNT\SYSTEM32\HFIKBPDB.EXE
...
18/02/2005,15:00:28 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
18/02/2005,15:04:24 WARNING: Contains signature of the dropper DR/180Solutions!
C:\WINNT\KNEP.EXE.TMP
...
18/02/2005,19:23:57 WARNING: The Trojan horse TR/Dldr.Krepper.3!
C:\WINNT\SYSTEM32\HFIKBPDB.EXE
...
18/02/2005,19:24:26 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
18/02/2005,19:28:14 WARNING: Contains signature of the dropper DR/180Solutions!
C:\WINNT\RIFAV.EXE.TMP
18/02/2005,19:48:00 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\HFRCNEJL\NTTDEENF.EXE
18/02/2005,19:48:12 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\JENCLNECNL\ENTFEFHJP.EXE
...
19/02/2005,00:02:25 WARNING: The Trojan horse TR/Dldr.Krepper.3!
C:\WINNT\SYSTEM32\HFIKBPDB.EXE
...
19/02/2005,00:02:51 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
19/02/2005,00:06:39 WARNING: Contains signature of the dropper DR/180Solutions!
C:\WINNT\RUJOVAR.EXE.TMP
...
19/02/2005,12:16:56 WARNING: The Trojan horse TR/Dldr.Krepper.3!
C:\WINNT\SYSTEM32\HFIKBPDB.EXE
...
19/02/2005,12:17:16 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
19/02/2005,19:48:31 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\HFRCNEJL\NTTDEENF.EXE
19/02/2005,19:50:24 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\JENCLNECNL\ENTFEFHJP.EXE
...
19/02/2005,23:01:03 WARNING: The Trojan horse TR/Dldr.Krepper.3!
C:\WINNT\SYSTEM32\HFIKBPDB.EXE
19/02/2005,23:01:28 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
20/02/2005,12:00:26 WARNING: The Trojan horse TR/Dldr.Krepper.3!
C:\WINNT\SYSTEM32\HFIKBPDB.EXE
20/02/2005,12:02:04 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
20/02/2005,12:04:41 WARNING: Contains signature of the dropper DR/180Solutions!
C:\WINNT\QXUV.EXE.TMP
22/02/2005,22:07:22 WARNING: The Trojan horse TR/Dldr.Krepper.3!
C:\WINNT\SYSTEM32\HFIKBPDB.EXE
22/02/2005,22:09:27 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
22/02/2005,22:11:34 WARNING: Contains signature of the dropper DR/180Solutions!
C:\WINNT\CHAJWJ.EXE.TMP
22/02/2005,22:18:45 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\HFRCNEJL\NTTDEENF.EXE
22/02/2005,22:19:53 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\JENCLNECNL\ENTFEFHJP.EXE
23/02/2005,04:01:41 WARNING: The Trojan horse TR/Dldr.Krepper.3!
C:\WINNT\SYSTEM32\HFIKBPDB.EXE
23/02/2005,04:02:24 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
23/02/2005,04:05:57 WARNING: Contains signature of the dropper DR/180Solutions!
C:\WINNT\NUNIBGF.EXE.TMP
23/02/2005,05:09:07 WARNING: The Trojan horse TR/Dldr.Krepper.3!
C:\WINNT\SYSTEM32\HFIKBPDB.EXE
23/02/2005,05:09:46 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
23/02/2005,05:13:24 WARNING: Contains signature of the dropper DR/180Solutions!
C:\WINNT\IHURYRYJ.EXE.TMP
23/02/2005,20:13:13 WARNING: The Trojan horse TR/Dldr.Krepper.3!
C:\WINNT\SYSTEM32\HFIKBPDB.EXE
23/02/2005,20:13:40 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
23/02/2005,20:17:29 WARNING: Contains signature of the dropper DR/180Solutions!
C:\WINNT\GJQLUJSZ.EXE.TMP
23/02/2005,22:15:26 WARNING: The Trojan horse TR/Dldr.Krepper.3!
C:\WINNT\SYSTEM32\HFIKBPDB.EXE
23/02/2005,22:15:51 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
23/02/2005,22:20:01 WARNING: The Trojan horse TR/Dldr.Krepper.3!
C:\WINNT\SYSTEM32\HFIKBPDB.EXE
23/02/2005,22:21:05 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
23/02/2005,22:31:53 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\HFRCNEJL\NTTDEENF.EXE
23/02/2005,22:32:32 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\JENCLNECNL\ENTFEFHJP.EXE
24/02/2005,20:05:39 WARNING: The Trojan horse TR/Dldr.Krepper.3!
C:\WINNT\SYSTEM32\HFIKBPDB.EXE
24/02/2005,20:06:25 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
24/02/2005,20:13:54 WARNING: Contains signature of the dropper DR/180Solutions!
C:\WINNT\WTYDGXWZ.EXE.TMP
24/02/2005,20:43:25 WARNING: AVGuard detected a problem in the file
C:\DOCUMENTS AND SETTINGS\REVON\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\CP2B4XEN\TEST56[1].PPS
ATTENTION: This OLE document is possibly damaged!
24/02/2005,20:46:25 WARNING: AVGuard detected a problem in the file
C:\DOCUMENTS AND SETTINGS\REVON\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\09YFOHUN\TEST56[1].PPS
ATTENTION: This OLE document is possibly damaged!
24/02/2005,22:16:55 WARNING: The Trojan horse TR/Dldr.Small.abe!
C:\DOCUMENTS AND SETTINGS\REVON\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\ST6V8LMN\WEBINSTALL[1].DLL
24/02/2005,22:17:01 WARNING: The Trojan horse TR/Dldr.Small.abe!
C:\DOCUMENTS AND SETTINGS\REVON\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\ST6V8LMN\WEBINSTALL[1].DLL
24/02/2005,22:17:03 WARNING: The Trojan horse TR/Dldr.Small.abe!
C:\DOCUMENTS AND SETTINGS\REVON\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\ST6V8LMN\WEBINSTALL[1].DLL
24/02/2005,22:17:06 WARNING: The Trojan horse TR/Dldr.Small.abe!
C:\DOCUMENTS AND SETTINGS\REVON\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\09YFOHUN\WEBINSTALL[1].DLL
24/02/2005,22:17:12 WARNING: The Trojan horse TR/Dldr.Small.abe!
C:\DOCUMENTS AND SETTINGS\REVON\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\09YFOHUN\WEBINSTALL[1].DLL
24/02/2005,22:37:25 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\HFRCNEJL\NTTDEENF.EXE
24/02/2005,22:38:29 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\JENCLNECNL\ENTFEFHJP.EXE
25/02/2005,02:16:20 WARNING: The Trojan horse TR/Dldr.Krepper.3!
C:\WINNT\SYSTEM32\HFIKBPDB.EXE
25/02/2005,02:16:47 [LOGON] Connection request by remote computer. Establishing secure communication channel.
25/02/2005,02:16:48 [LOGON] Connection to computer 127.0.0.1 established successfully. Session ID = 0xaaab23de.
25/02/2005,02:16:50 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
25/02/2005,02:20:40 WARNING: Contains signature of the dropper DR/180Solutions!
C:\WINNT\TQLSN.EXE.TMP
26/02/2005,12:01:54 WARNING: The Trojan horse TR/Dldr.Krepper.3!
C:\WINNT\SYSTEM32\HFIKBPDB.EXE
26/02/2005,12:02:20 [LOGON] Connection request by remote computer. Establishing secure communication channel.
26/02/2005,12:02:20 [LOGON] Connection to computer 127.0.0.1 established successfully. Session ID = 0xaaab05da.
26/02/2005,12:02:23 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
26/02/2005,12:06:06 WARNING: Contains signature of the dropper DR/180Solutions!
C:\WINNT\QXEB.EXE.TMP
26/02/2005,12:14:26 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\JENCLNECNL\ENTFEFHJP.EXE
26/02/2005,12:13:35 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\HFRCNEJL\NTTDEENF.EXE
27/02/2005,04:03:47 WARNING: The Trojan horse TR/Dldr.Krepper.3!
C:\WINNT\SYSTEM32\HFIKBPDB.EXE
27/02/2005,04:04:08 [LOGON] Connection request by remote computer. Establishing secure communication channel.
27/02/2005,04:04:08 [LOGON] Connection to computer 127.0.0.1 established successfully. Session ID = 0xaaab37b2.
27/02/2005,04:04:10 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
27/02/2005,04:08:01 WARNING: Contains signature of the dropper DR/180Solutions!
C:\WINNT\IBYJ.EXE.TMP
27/02/2005,12:16:29 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\JENCLNECNL\ENTFEFHJP.EXE
27/02/2005,12:15:33 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\HFRCNEJL\NTTDEENF.EXE
28/02/2005,20:07:44 WARNING: The Trojan horse TR/Dldr.Krepper.3!
C:\WINNT\SYSTEM32\HFIKBPDB.EXE
28/02/2005,20:08:29 [LOGON] Connection request by remote computer. Establishing secure communication channel.
28/02/2005,20:08:29 [LOGON] Connection to computer 127.0.0.1 established successfully. Session ID = 0xaaa8a9c9.
28/02/2005,20:08:30 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
28/02/2005,20:11:59 WARNING: Contains signature of the dropper DR/180Solutions!
C:\WINNT\QLOHGPSN.EXE.TMP
28/02/2005,20:19:24 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\HFRCNEJL\NTTDEENF.EXE
28/02/2005,20:20:17 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\JENCLNECNL\ENTFEFHJP.EXE
01/03/2005,20:09:57 WARNING: The Trojan horse TR/Dldr.Krepper.3!
C:\WINNT\SYSTEM32\HFIKBPDB.EXE
01/03/2005,20:11:28 [LOGON] Connection request by remote computer. Establishing secure communication channel.
01/03/2005,20:11:28 [LOGON] Connection to computer 127.0.0.1 established successfully. Session ID = 0xaaa80760.
01/03/2005,20:11:31 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
01/03/2005,20:15:57 WARNING: Contains signature of the dropper DR/180Solutions!
C:\WINNT\MFSNEVQZ.EXE.TMP
01/03/2005,20:21:19 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\HFRCNEJL\NTTDEENF.EXE
01/03/2005,20:22:28 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\JENCLNECNL\ENTFEFHJP.EXE
02/03/2005,00:55:15 WARNING: The Trojan horse TR/Dldr.Krepper.3!
C:\WINNT\SYSTEM32\HFIKBPDB.EXE
02/03/2005,00:55:54 [LOGON] Connection request by remote computer. Establishing secure communication channel.
02/03/2005,00:55:54 [LOGON] Connection to computer 127.0.0.1 established successfully. Session ID = 0xaaab780f.
02/03/2005,00:56:02 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
02/03/2005,00:59:43 WARNING: Contains signature of the dropper DR/180Solutions!
C:\WINNT\QBADGNCN.EXE.TMP
02/03/2005,20:01:19 WARNING: The Trojan horse TR/Dldr.Krepper.3!
C:\WINNT\SYSTEM32\HFIKBPDB.EXE
02/03/2005,20:01:42 [LOGON] Connection request by remote computer. Establishing secure communication channel.
02/03/2005,20:01:42 [LOGON] Connection to computer 127.0.0.1 established successfully. Session ID = 0xaaab0bbf.
02/03/2005,20:01:46 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
02/03/2005,20:23:42 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\HFRCNEJL\NTTDEENF.EXE
02/03/2005,20:24:07 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\JENCLNECNL\ENTFEFHJP.EXE
03/03/2005,17:13:44 WARNING: The Trojan horse TR/Dldr.Krepper.3!
C:\WINNT\SYSTEM32\HFIKBPDB.EXE
03/03/2005,17:14:03 [LOGON] Connection request by remote computer. Establishing secure communication channel.
03/03/2005,17:14:03 [LOGON] Connection to computer 127.0.0.1 established successfully. Session ID = 0xaaab2712.
03/03/2005,17:14:12 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
03/03/2005,17:18:02 WARNING: Contains signature of the dropper DR/180Solutions!
C:\WINNT\SPOL.EXE.TMP
03/03/2005,20:26:38 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\JENCLNECNL\ENTFEFHJP.EXE
03/03/2005,20:25:39 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\HFRCNEJL\NTTDEENF.EXE
04/03/2005,20:16:48 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
04/03/2005,20:16:52 WARNING: Contains signature of the dropper DR/180Solutions!
C:\WINNT\STQPOBCR.EXE.TMP
04/03/2005,20:28:28 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\HFRCNEJL\NTTDEENF.EXE
04/03/2005,20:29:24 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\JENCLNECNL\ENTFEFHJP.EXE
05/03/2005,13:12:43 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
05/03/2005,13:16:46 WARNING: Contains signature of the dropper DR/180Solutions!
C:\WINNT\QDUHWJ.EXE.TMP
05/03/2005,20:35:51 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\JENCLNECNL\ENTFEFHJP.EXE
05/03/2005,20:34:27 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\HFRCNEJL\NTTDEENF.EXE
05/03/2005,21:29:36 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
05/03/2005,21:33:55 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
05/03/2005,21:37:53 WARNING: Contains signature of the dropper DR/180Solutions!
C:\WINNT\YVED.EXE.TMP
07/03/2005,12:27:55 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
07/03/2005,12:31:45 WARNING: Contains signature of the dropper DR/180Solutions!
C:\WINNT\LMB.EXE.TMP
07/03/2005,12:32:06 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\GMT\RTH08120
07/03/2005,12:42:57 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\HFRCNEJL\NTTDEENF.EXE
07/03/2005,12:44:39 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\JENCLNECNL\ENTFEFHJP.EXE
07/03/2005,16:33:33 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\GMT\RTH61810
07/03/2005,21:03:08 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
07/03/2005,21:07:54 WARNING: Contains signature of the dropper DR/180Solutions!
C:\WINNT\RQJELKN.EXE.TMP
08/03/2005,00:12:03 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\GMT\RTH63910
08/03/2005,20:30:39 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
08/03/2005,20:32:58 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\GMT\RTH27410
08/03/2005,20:33:55 WARNING: AVGuard detected a problem in the file
C:\DOCUMENTS AND SETTINGS\REVON\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\0ZO7KDGT\EVJF[1].XLS
ATTENTION: This OLE document is possibly damaged!
08/03/2005,20:34:32 WARNING: Contains signature of the dropper DR/180Solutions!
C:\WINNT\SJIHKZYT.EXE.TMP
08/03/2005,20:35:34 WARNING: AVGuard detected a problem in the file
C:\DOCUMENTS AND SETTINGS\REVON\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\0ZO7KDGT\ECI EST LA FID-LE TRANSCRIPTION D[1].DOC
ATTENTION: This OLE document is possibly damaged!
08/03/2005,20:39:06 WARNING: AVGuard detected a problem in the file
C:\DOCUMENTS AND SETTINGS\REVON\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\0ZO7KDGT\EVJF[2].XLS
ATTENTION: This OLE document is possibly damaged!
08/03/2005,20:43:32 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\HFRCNEJL\NTTDEENF.EXE
08/03/2005,20:45:23 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\JENCLNECNL\ENTFEFHJP.EXE
08/03/2005,23:07:44 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
09/03/2005,02:48:26 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
09/03/2005,02:50:46 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\GMT\RTH25910
09/03/2005,17:35:49 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
09/03/2005,17:39:43 WARNING: Contains signature of the dropper DR/180Solutions!
C:\WINNT\IXMV.EXE.TMP
09/03/2005,20:48:18 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\HFRCNEJL\NTTDEENF.EXE
09/03/2005,20:49:19 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\JENCLNECNL\ENTFEFHJP.EXE
09/03/2005,21:14:25 WARNING: Is the Trojan horse TR/Exploit.MS05-002.Ani.A!
C:\DOCUMENTS AND SETTINGS\REVON\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\SL6NSH6R\PAYLOAD[2].ANI
09/03/2005,21:14:25 WARNING: Is the Trojan horse TR/Exploit.MS05-002.Ani.A!
C:\DOCUMENTS AND SETTINGS\REVON\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\SL6NSH6R\PAYLOAD[1].ANI
09/03/2005,21:14:26 WARNING: Is the Trojan horse TR/Exploit.MS05-002.Ani.A!
C:\DOCUMENTS AND SETTINGS\REVON\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\SL6NSH6R\PAYLOAD[3].ANI
09/03/2005,21:14:27 WARNING: Is the Trojan horse TR/Exploit.MS05-002.Ani.A!
C:\DOCUMENTS AND SETTINGS\REVON\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\SL6NSH6R\PAYLOAD[4].ANI
09/03/2005,21:14:28 WARNING: Is the Trojan horse TR/Exploit.MS05-002.Ani.A!
C:\DOCUMENTS AND SETTINGS\REVON\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\SL6NSH6R\PAYLOAD[2].ANI
09/03/2005,21:14:28 WARNING: Is the Trojan horse TR/Exploit.MS05-002.Ani.A!
C:\DOCUMENTS AND SETTINGS\REVON\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\0ZO7KDGT\PAYLOAD[1].ANI
09/03/2005,21:14:35 WARNING: Is the Trojan horse TR/Exploit.MS05-002.Ani.A!
C:\DOCUMENTS AND SETTINGS\REVON\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\SL6NSH6R\PAYLOAD[1].ANI
09/03/2005,21:14:39 WARNING: Is the Trojan horse TR/Exploit.MS05-002.Ani.A!
C:\DOCUMENTS AND SETTINGS\REVON\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\SL6NSH6R\PAYLOAD[3].ANI
09/03/2005,21:14:40 WARNING: Is the Trojan horse TR/Exploit.MS05-002.Ani.A!
C:\DOCUMENTS AND SETTINGS\REVON\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\SL6NSH6R\PAYLOAD[4].ANI
09/03/2005,21:14:41 WARNING: Is the Trojan horse TR/Exploit.MS05-002.Ani.A!
C:\DOCUMENTS AND SETTINGS\REVON\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\0ZO7KDGT\PAYLOAD[1].ANI
09/03/2005,21:14:44 WARNING: Is the Trojan horse TR/ClassLder.c.Java!
C:\DOCUMENTS AND SETTINGS\REVON\APPLICATION DATA\SUN\JAVA\DEPLOYMENT\CACHE\JAVAPI\V1.0\JAR\CLASSLOAD.JAR-793FE9C2-1A45A4B7.ZIP
10/03/2005,19:16:55 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
10/03/2005,19:20:55 WARNING: Contains signature of the dropper DR/180Solutions!
C:\WINNT\CBMJKVUH.EXE.TMP
10/03/2005,19:29:53 WARNING: Contains signature of the HTML script virus HTML/Exploit.OBJ-Mht!
C:\DOCUMENTS AND SETTINGS\REVON\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\3GYODZ5A\INDEX[6].HTM
10/03/2005,19:30:34 WARNING: Contains signature of the Java virus Java/Femad!
C:\DOCUMENTS AND SETTINGS\REVON\APPLICATION DATA\SUN\JAVA\DEPLOYMENT\CACHE\JAVAPI\V1.0\JAR\COUNTER.JPG-301C72D2-79FCC231.ZIP
10/03/2005,19:30:39 WARNING: Contains signature of the Java virus Java/Femad!
C:\DOCUMENTS AND SETTINGS\REVON\APPLICATION DATA\SUN\JAVA\DEPLOYMENT\CACHE\JAVAPI\V1.0\JAR\COUNTER.JPG-5C96ED05-4746911F.ZIP
10/03/2005,20:48:59 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\HFRCNEJL\NTTDEENF.EXE
10/03/2005,20:49:46 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\JENCLNECNL\ENTFEFHJP.EXE
11/03/2005,20:58:49 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\HFRCNEJL\NTTDEENF.EXE
11/03/2005,20:50:13 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\JENCLNECNL\ENTFEFHJP.EXE
12/03/2005,20:45:03 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
12/03/2005,20:48:58 WARNING: Contains signature of the dropper DR/180Solutions!
C:\WINNT\FAX.EXE.TMP
12/03/2005,20:57:40 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\JENCLNECNL\ENTFEFHJP.EXE
13/03/2005,00:07:55 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
13/03/2005,00:20:00 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\HFRCNEJL\NTTDEENF.EXE
14/03/2005,20:16:44 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
14/03/2005,20:20:34 WARNING: Contains signature of the dropper DR/180Solutions!
C:\WINNT\TYJMNMB.EXE.TMP
14/03/2005,20:28:43 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\HFRCNEJL\NTTDEENF.EXE
14/03/2005,20:29:06 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\JENCLNECNL\ENTFEFHJP.EXE
15/03/2005,20:10:23 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
15/03/2005,20:10:27 WARNING: Contains signature of the dropper DR/180Solutions!
C:\WINNT\SPOJSN.EXE.TMP
File has been renamed to *.VIR
15/03/2005,20:32:52 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\JENCLNECNL\ENTFEFHJP.EXE
15/03/2005,20:32:41 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\HFRCNEJL\NTTDEENF.EXE
16/03/2005,01:55:03 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
16/03/2005,01:58:56 WARNING: Contains signature of the dropper DR/180Solutions!
C:\WINNT\VOPKD.EXE.TMP
16/03/2005,17:50:44 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
16/03/2005,17:54:42 WARNING: Contains signature of the dropper DR/180Solutions!
C:\WINNT\HQD.EXE.TMP
16/03/2005,20:33:30 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\JENCLNECNL\ENTFEFHJP.EXE
16/03/2005,20:42:30 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\HFRCNEJL\NTTDEENF.EXE
18/03/2005,00:04:39 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\JENCLNECNL\ENTFEFHJP.EXE
18/03/2005,00:03:28 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\HFRCNEJL\NTTDEENF.EXE
17/03/2005,23:52:08 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
18/03/2005,00:21:15 WARNING: Is the Trojan horse TR/Dldr.IstBar.A!
C:\DOCUMENTS AND SETTINGS\REVON\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\URE7UXIF\DOWNLOADS_MANAGER[1]
19/03/2005,01:45:59 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
19/03/2005,01:50:01 WARNING: Contains signature of the dropper DR/180Solutions!
C:\WINNT\ENQVAVKV.EXE.TMP
19/03/2005,01:58:29 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\JENCLNECNL\ENTFEFHJP.EXE
19/03/2005,01:57:26 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\HFRCNEJL\NTTDEENF.EXE
19/03/2005,19:47:11 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
19/03/2005,19:47:24 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
19/03/2005,19:47:26 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
20/03/2005,18:04:38 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
20/03/2005,18:08:30 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
20/03/2005,18:12:43 WARNING: Contains signature of the dropper DR/180Solutions!
C:\WINNT\ANMP.EXE.TMP
20/03/2005,18:16:06 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\HFRCNEJL\NTTDEENF.EXE
20/03/2005,18:17:02 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\JENCLNECNL\ENTFEFHJP.EXE
21/03/2005,20:48:08 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
21/03/2005,20:50:43 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
21/03/2005,20:52:06 WARNING: Contains signature of the dropper DR/180Solutions!
C:\WINNT\UXOT.EXE.TMP
21/03/2005,21:00:31 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\JENCLNECNL\ENTFEFHJP.EXE
21/03/2005,20:59:30 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\HFRCNEJL\NTTDEENF.EXE
21/03/2005,23:36:49 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
21/03/2005,23:37:07 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
23/03/2005,00:25:33 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
23/03/2005,00:25:40 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
23/03/2005,00:29:33 WARNING: Contains signature of the dropper DR/180Solutions!
C:\WINNT\XOFKF.EXE.TMP
23/03/2005,00:37:06 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\HFRCNEJL\NTTDEENF.EXE
23/03/2005,00:38:11 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\JENCLNECNL\ENTFEFHJP.EXE
23/03/2005,15:43:31 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
23/03/2005,15:43:39 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
23/03/2005,15:43:44 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
23/03/2005,15:47:30 WARNING: Contains signature of the dropper DR/180Solutions!
C:\WINNT\CHIJGHEL.EXE.TMP
24/03/2005,00:45:58 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\JENCLNECNL\ENTFEFHJP.EXE
24/03/2005,00:45:11 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\HFRCNEJL\NTTDEENF.EXE
24/03/2005,15:53:25 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
24/03/2005,15:53:36 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
24/03/2005,15:53:43 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
24/03/2005,15:57:28 WARNING: Contains signature of the dropper DR/180Solutions!
C:\WINNT\DSZEBYN.EXE.TMP
25/03/2005,12:39:36 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
25/03/2005,12:42:13 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
25/03/2005,12:43:34 WARNING: Contains signature of the dropper DR/180Solutions!
C:\WINNT\YXSX.EXE.TMP
25/03/2005,12:51:59 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\JENCLNECNL\ENTFEFHJP.EXE
25/03/2005,12:50:52 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\HFRCNEJL\NTTDEENF.EXE
26/03/2005,00:34:21 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
26/03/2005,00:34:27 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
26/03/2005,00:34:40 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
28/03/2005,23:39:41 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
28/03/2005,23:39:46 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
28/03/2005,23:39:54 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
28/03/2005,23:43:39 WARNING: Contains signature of the dropper DR/180Solutions!
C:\WINNT\SBYXOL.EXE.TMP
28/03/2005,23:52:08 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\HFRCNEJL\NTTDEENF.EXE
28/03/2005,23:52:18 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\JENCLNECNL\ENTFEFHJP.EXE
29/03/2005,21:13:14 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
29/03/2005,21:20:02 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
29/03/2005,21:25:14 WARNING: Contains signature of the dropper DR/180Solutions!
C:\WINNT\SPUNOR.EXE.TMP
File has been renamed to *.VIR
30/03/2005,20:02:34 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
30/03/2005,20:02:42 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
30/03/2005,20:02:45 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
30/03/2005,20:06:32 WARNING: Contains signature of the dropper DR/180Solutions!
C:\WINNT\ALGDOV.EXE.TMP
30/03/2005,20:14:31 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\HFRCNEJL\NTTDEENF.EXE
30/03/2005,20:14:59 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\JENCLNECNL\ENTFEFHJP.EXE
31/03/2005,17:45:02 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
31/03/2005,17:45:09 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
31/03/2005,17:45:12 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
31/03/2005,17:48:56 WARNING: Contains signature of the dropper DR/180Solutions!
C:\WINNT\IDYV.EXE.TMP
31/03/2005,20:17:22 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\JENCLNECNL\ENTFEFHJP.EXE
31/03/2005,20:16:36 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\HFRCNEJL\NTTDEENF.EXE
01/04/2005,20:35:00 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
01/04/2005,20:36:09 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
01/04/2005,20:38:59 WARNING: Contains signature of the dropper DR/180Solutions!
C:\WINNT\GNKZIFIX.EXE.TMP
01/04/2005,20:46:35 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\HFRCNEJL\NTTDEENF.EXE
01/04/2005,20:47:25 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\JENCLNECNL\ENTFEFHJP.EXE
02/04/2005,15:53:28 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
02/04/2005,15:53:36 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
02/04/2005,15:53:39 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
02/04/2005,15:56:38 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
02/04/2005,15:56:47 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
02/04/2005,15:56:49 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
02/04/2005,15:59:58 WARNING: Contains signature of the dropper DR/180Solutions.B!
C:\TEMP\MSBB.EXE
02/04/2005,16:00:36 WARNING: Contains signature of the dropper DR/180Solutions!
C:\WINNT\BMV.EXE.TMP
02/04/2005,17:55:00 WARNING: Contains signature of the dropper DR/180Solutions.B!
C:\TEMP\MSBB.EXE
02/04/2005,17:55:21 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
02/04/2005,17:55:29 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
02/04/2005,23:36:08 WARNING: Contains signature of the dropper DR/180Solutions.B!
C:\TEMP\MSBB.EXE
02/04/2005,23:36:29 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
02/04/2005,23:36:36 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
02/04/2005,23:36:40 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
02/04/2005,23:48:01 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\HFRCNEJL\NTTDEENF.EXE
02/04/2005,23:48:54 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\JENCLNECNL\ENTFEFHJP.EXE
03/04/2005,18:51:15 WARNING: Contains signature of the dropper DR/180Solutions.B!
C:\TEMP\MSBB.EXE
03/04/2005,18:51:34 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
03/04/2005,18:51:40 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
03/04/2005,18:51:43 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
04/04/2005,20:08:25 WARNING: Contains signature of the dropper DR/180Solutions.B!
C:\TEMP\MSBB.EXE
04/04/2005,20:08:31 WARNING: Contains signature of the dropper DR/180Solutions.B!
C:\TEMP\MSBB.EXE
04/04/2005,20:08:48 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
04/04/2005,20:08:52 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
04/04/2005,20:08:56 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
04/04/2005,20:12:03 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\GMT\RTH65610
04/04/2005,20:22:19 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\HFRCNEJL\NTTDEENF.EXE
04/04/2005,20:24:24 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\JENCLNECNL\ENTFEFHJP.EXE
06/04/2005,01:08:28 WARNING: Contains signature of the dropper DR/180Solutions.B!
C:\TEMP\MSBB.EXE
06/04/2005,01:08:52 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
06/04/2005,01:09:03 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
06/04/2005,01:09:05 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
06/04/2005,01:11:06 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\GMT\RTH40410
06/04/2005,01:21:50 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\HFRCNEJL\NTTDEENF.EXE
06/04/2005,01:23:42 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\JENCLNECNL\ENTFEFHJP.EXE
06/04/2005,23:50:59 WARNING: Contains signature of the dropper DR/180Solutions.B!
C:\TEMP\MSBB.EXE
06/04/2005,23:51:22 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
06/04/2005,23:51:25 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
06/04/2005,23:51:27 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
06/04/2005,23:52:55 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\GMT\RTH06710
07/04/2005,01:23:06 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\HFRCNEJL\NTTDEENF.EXE
07/04/2005,01:25:17 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\JENCLNECNL\ENTFEFHJP.EXE
07/04/2005,05:03:22 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\GMT\RTH48810
07/04/2005,05:01:07 WARNING: Contains signature of the dropper DR/180Solutions.B!
C:\TEMP\MSBB.EXE
07/04/2005,11:08:25 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
07/04/2005,11:08:27 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
07/04/2005,11:08:28 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
07/04/2005,15:09:25 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\GMT\RTH48810
08/04/2005,19:59:29 WARNING: Contains signature of the dropper DR/180Solutions.B!
C:\TEMP\MSBB.EXE
08/04/2005,19:59:46 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
08/04/2005,19:59:49 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
08/04/2005,19:59:53 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
08/04/2005,20:11:09 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\HFRCNEJL\NTTDEENF.EXE
08/04/2005,20:12:10 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\JENCLNECNL\ENTFEFHJP.EXE
09/04/2005,14:20:48 WARNING: Contains signature of the dropper DR/180Solutions.B!
C:\TEMP\MSBB.EXE
09/04/2005,14:21:06 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
09/04/2005,14:21:12 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
09/04/2005,19:24:26 WARNING: Contains signature of the dropper DR/180Solutions.B!
C:\TEMP\MSBB.EXE
09/04/2005,19:24:52 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
09/04/2005,19:24:54 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
09/04/2005,19:24:56 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
09/04/2005,20:16:31 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\HFRCNEJL\NTTDEENF.EXE
09/04/2005,20:17:15 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\JENCLNECNL\ENTFEFHJP.EXE
11/04/2005,20:31:09 WARNING: Contains signature of the dropper DR/180Solutions.B!
C:\TEMP\MSBB.EXE
11/04/2005,20:31:27 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
11/04/2005,20:31:35 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
11/04/2005,20:43:02 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\HFRCNEJL\NTTDEENF.EXE
11/04/2005,20:43:55 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\JENCLNECNL\ENTFEFHJP.EXE
11/04/2005,21:01:17 WARNING: AVGuard detected a problem in the file
C:\DOCUMENTS AND SETTINGS\REVON\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\SL6NSH6R\QUIZZBLONDE[1].PPS
ATTENTION: This OLE document is possibly damaged!
12/04/2005,20:08:40 WARNING: Contains signature of the dropper DR/180Solutions.B!
C:\TEMP\MSBB.EXE
12/04/2005,20:09:06 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
12/04/2005,20:09:25 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
12/04/2005,20:09:34 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
12/04/2005,20:51:16 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\JENCLNECNL\ENTFEFHJP.EXE
12/04/2005,20:50:22 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\HFRCNEJL\NTTDEENF.EXE
13/04/2005,19:56:10 WARNING: Contains signature of the dropper DR/180Solutions.B!
C:\TEMP\MSBB.EXE
13/04/2005,19:56:17 WARNING: Contains signature of the dropper DR/180Solutions.B!
C:\TEMP\MSBB.EXE
13/04/2005,19:56:30 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
13/04/2005,19:56:33 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
13/04/2005,19:56:37 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
13/04/2005,20:58:02 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\HFRCNEJL\NTTDEENF.EXE
13/04/2005,20:59:04 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\JENCLNECNL\ENTFEFHJP.EXE
14/04/2005,09:41:30 WARNING: Contains signature of the dropper DR/180Solutions.B!
C:\TEMP\MSBB.EXE
14/04/2005,09:41:50 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
14/04/2005,09:41:52 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
14/04/2005,09:42:01 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
14/04/2005,18:50:28 WARNING: Contains signature of the HTML script virus HTML/Exploit.Mhtml2!
C:\DOCUMENTS AND SETTINGS\REVON\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\WHYF8DUZ\EXPLOIT[1].HTM
14/04/2005,18:50:36 WARNING: Contains signature of the Java virus Java/ClassLdr.I.2!
C:\DOCUME~1\REVON\LOCALS~1\TEMP\JAR_CACHE60959.TMP
14/04/2005,18:50:35 WARNING: Is the Trojan horse TR/ClassLder.c.Java!
C:\DOCUMENTS AND SETTINGS\REVON\APPLICATION DATA\SUN\JAVA\DEPLOYMENT\CACHE\JAVAPI\V1.0\JAR\CLASSLOAD.JAR-7E961E5B-2D26E327.ZIP
14/04/2005,18:50:39 WARNING: Contains signature of the Java virus Java/Femad.1!
C:\DOCUMENTS AND SETTINGS\REVON\APPLICATION DATA\SUN\JAVA\DEPLOYMENT\CACHE\JAVAPI\V1.0\FILE\COUNTER.CLASS-72D7E234-29B01A87.CLASS
14/04/2005,18:50:42 WARNING: Is the Trojan horse TR/ClassLder.c.Java!
C:\DOCUMENTS AND SETTINGS\REVON\APPLICATION DATA\SUN\JAVA\DEPLOYMENT\CACHE\JAVAPI\V1.0\FILE\GETACCESS.CLASS-3DA599D4-7199CA51.CLASS
14/04/2005,18:50:44 WARNING: Contains signature of the Java virus Java/ClassLdr.I.2!
C:\DOCUMENTS AND SETTINGS\REVON\APPLICATION DATA\SUN\JAVA\DEPLOYMENT\CACHE\JAVAPI\V1.0\FILE\GUMMY.CLASS-657ED063-1A3D06FF.CLASS
14/04/2005,18:50:46 WARNING: Is the Trojan horse TR/Forten.Java.2!
C:\DOCUMENTS AND SETTINGS\REVON\APPLICATION DATA\SUN\JAVA\DEPLOYMENT\CACHE\JAVAPI\V1.0\FILE\DUMMY.CLASS-3D6C522-319175A9.CLASS
14/04/2005,18:50:47 WARNING: Contains signature of the Java virus Java/Femad!
C:\DOCUMENTS AND SETTINGS\REVON\APPLICATION DATA\SUN\JAVA\DEPLOYMENT\CACHE\JAVAPI\V1.0\FILE\VERIFIERBUG.CLASS-209DA1F6-3941ACEC.CLASS
14/04/2005,18:50:49 WARNING: Is the Trojan horse TR/Forten.Java.2.B!
C:\DOCUMENTS AND SETTINGS\REVON\APPLICATION DATA\SUN\JAVA\DEPLOYMENT\CACHE\JAVAPI\V1.0\FILE\INSECURECLASSLOADER.CLASS-7BF4D329-7333B5A1.CLASS
14/04/2005,21:04:54 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\JENCLNECNL\ENTFEFHJP.EXE
14/04/2005,21:04:00 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\HFRCNEJL\NTTDEENF.EXE
15/04/2005,21:14:00 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\HFRCNEJL\NTTDEENF.EXE
15/04/2005,21:05:37 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\JENCLNECNL\ENTFEFHJP.EXE
16/04/2005,00:36:10 WARNING: Contains signature of the dropper DR/180Solutions.B!
C:\TEMP\MSBB.EXE
16/04/2005,00:36:29 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
16/04/2005,00:36:31 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
16/04/2005,00:36:34 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
16/04/2005,00:39:03 WARNING: Contains signature of the dropper DR/180Solutions.B!
C:\TEMP\MSBB.EXE
16/04/2005,00:39:52 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
16/04/2005,00:39:56 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
16/04/2005,00:43:45 WARNING: Contains signature of the dropper DR/180Solutions.B!
C:\TEMP\MSBB.EXE
16/04/2005,00:49:15 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
16/04/2005,00:49:17 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
16/04/2005,21:07:12 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\JENCLNECNL\ENTFEFHJP.EXE
16/04/2005,21:17:02 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\HFRCNEJL\NTTDEENF.EXE
17/04/2005,13:00:08 WARNING: Contains signature of the dropper DR/180Solutions.B!
C:\TEMP\MSBB.EXE
17/04/2005,13:01:01 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
17/04/2005,13:01:03 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
17/04/2005,13:01:06 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
18/04/2005,10:54:31 WARNING: Contains signature of the dropper DR/180Solutions.B!
C:\TEMP\MSBB.EXE
18/04/2005,10:55:01 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
18/04/2005,10:55:03 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
18/04/2005,10:55:06 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
18/04/2005,11:06:29 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\HFRCNEJL\NTTDEENF.EXE
18/04/2005,11:06:56 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\JENCLNECNL\ENTFEFHJP.EXE
18/04/2005,20:02:58 WARNING: Contains signature of the dropper DR/180Solutions.B!
C:\TEMP\MSBB.EXE
18/04/2005,20:03:19 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
18/04/2005,20:03:32 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
18/04/2005,20:03:38 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
dropper DR/180Solutions.B!
C:\TEMP\MSBB.EXE
18/04/2005,20:17:23 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
18/04/2005,20:17:26 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
18/04/2005,20:17:46 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
19/04/2005,20:53:10 WARNING: Contains signature of the dropper DR/180Solutions.B!
C:\TEMP\MSBB.EXE
19/04/2005,20:53:33 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
19/04/2005,20:53:36 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
19/04/2005,20:53:42 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
19/04/2005,21:05:39 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\HFRCNEJL\NTTDEENF.EXE
19/04/2005,21:05:49 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\JENCLNECNL\ENTFEFHJP.EXE
20/04/2005,14:15:05 WARNING: Contains signature of the dropper DR/180Solutions.B!
C:\TEMP\MSBB.EXE
20/04/2005,14:15:51 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
20/04/2005,14:16:01 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
20/04/2005,21:07:52 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\HFRCNEJL\NTTDEENF.EXE
20/04/2005,21:08:08 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\JENCLNECNL\ENTFEFHJP.EXE
20/04/2005,22:25:53 WARNING: Contains signature of the dropper DR/180Solutions.B!
C:\TEMP\MSBB.EXE
20/04/2005,22:28:26 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
20/04/2005,22:28:29 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
21/04/2005,15:58:06 WARNING: Contains signature of the dropper DR/180Solutions.B!
C:\TEMP\MSBB.EXE
21/04/2005,15:58:25 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
21/04/2005,15:58:27 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
21/04/2005,15:58:32 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
21/04/2005,21:11:04 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\JENCLNECNL\ENTFEFHJP.EXE
21/04/2005,21:10:17 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\HFRCNEJL\NTTDEENF.EXE
23/04/2005,00:08:08 WARNING: Contains signature of the dropper DR/180Solutions.B!
C:\TEMP\MSBB.EXE
23/04/2005,00:08:27 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
23/04/2005,00:08:34 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
23/04/2005,00:08:39 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
23/04/2005,00:08:48 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
23/04/2005,00:20:14 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\HFRCNEJL\NTTDEENF.EXE
23/04/2005,00:20:48 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs !
C:\PROGRAM FILES\FICHIERS COMMUNS\JPDLTPAA\JENCLNECNL\ENTFEFHJP.EXE
23/04/2005,19:52:19 WARNING: Is the Trojan horse TR/Dialer.EG.3!
C:\PROGRAM FILES\MONTORGUEIL\ALIZE2\ALIZE2.EXE
23/04/2005,19:57:10 WARNING: Contains signature of the dropper DR/180Solutions.B!
C:\TEMP\MSBB.EXE
23/04/2005,19:57:51 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
23/04/2005,19:57:53 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
23/04/2005,19:57:54 WARNING: Is the Trojan horse TR/Click.Small.DN.3!
C:\WINNT\SYSTEM32\OTSCMDZF.EXE
23/04/2005,19:57:57 WARNING: Contains the signature of a cost-incurring dialer DIAL/301171 (Dialer)!
C:\WINNT\SYSTEM32\P2ESOCKS_1030.DLL
-
-
whaou, tes blindé lol
*supprime ce qu il y a en quarantaine+corbeille
*lance un scan chez RAV :
http://www.ravantivirus.com/scan/
Clique sur "To continue without subscribing click here" et attends quelques minutes.
Lorsque "Ready" est affiché dans "status", coche la case "Autoclean" puis clique sur "Scan my PC"
A la fin de l'analyse, copie/colle le rapport ici -
corbeille et quarantaine ???
faut que je vire les trois fichiers de infected ?
bon là je suis entrain de faire le scan que tu m'as dit...
je te le renvoies après ... -
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question -
-
voilà g fait le scan deux fois mais il s'arrete à chaque fois au meme fichier et je n'ai que ça :
Scan started at 25/04/2005 20:00:13
Scanning memory...
Scanning boot sectors...
Scanning files...
C:\Documents and Settings\REVON\Local Settings\Temp\alchem.cab->alchem.exe - TrojanDownloader:Win32/Alchemic.A -> Infected
C:\Documents and Settings\REVON\Local Settings\Temp\twaintec.cab->polall1m.exe->(CExe) - TrojanDownloader:Win32/Agent.AE -> Infected
C:\Documents and Settings\REVON\Local Settings\Temp\THI879.tmp\twaintec.cab->twaintec.dll - TrojanSpy:Win32/BiSpy.C -> Infected
C:\Documents and Settings\REVON\Local Settings\Temp\THI879.tmp\twaintec.cab->polall1t.exe - TrojanDownloader:Win32/Agent.AE -> Infected
help me please ... -
salut,
Fais un nettoyage des fichiers temps...etc avec ce programme:
http://pageperso.aol.fr/Balltrap34/CleanUp312.exe
a+
