[Virus] Infecté par TrojanS

Question

Salut tout le monde,

Alors voila, je poste parce que je suis désespéré, Mon pc est infecté de plusieurs Trojan ( que me signale Avast!) Dont un qui me m'affiche le message d'erreur puis le compte a rebours pour le reboot (J'utilise la commande "shutdown -a" qui annule le Reboot certes, mais qui ne désinfecte pas Windows (Windows media ne marche plus,"Copier/coller" ou "Couper/coller" impossible etc..) donc je vous joint le rapport Hijack que j'ai réussi a copier avant ce fichu Virus :p

Logfile of HijackThis v1.99.1
Scan saved at 21:32:10, on 10/09/2006
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2600.0000)

Running processes:
D:\WINDOWS\system32\Ati2evxx.exe
D:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
D:\PROGRA~1\Avast4\ashDisp.exe
D:\Program Files\Fichiers communs\Real\Update_OB\rnathchk.exe
D:\Program Files\Logitech\Video\LogiTray.exe
D:\Program Files\MessengerPlus! 3\MsgPlus.exe
D:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
D:\WINDOWS\System32\ctfmon.exe
D:\Program Files\Logitech\Video\FxSvr2.exe
D:\Program Files\MSN Messenger\msnmsgr.exe
D:\WINDOWS\explorer.exe
D:\Documents and Settings\Ordi\Bureau\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - d:\program files\google\googletoolbar1.dll
O2 - BHO: FlashFXP Helper for Internet Explorer - {E5A1691B-D188-4419-AD02-90002030B8EE} - D:\PROGRA~1\FlashFXP\IEFlash.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - D:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - d:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [TkBellExe] "D:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [avast!] D:\PROGRA~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [AtiPTA] atiptaxx.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] D:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [LVCOMSX] D:\WINDOWS\System32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] D:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] D:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [NeroFilterCheck] D:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [Local Security Authority Service] D:\WINDOWS\System32\lssas.exe
O4 - HKLM\..\Run: [Windows Explorer] D:\WINDOWS\System32\explorer.exe
O4 - HKCU\..\Run: [MSMSGS] "D:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "D:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [SpybotSD TeaTimer] D:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [CTFMON.EXE] D:\WINDOWS\System32\ctfmon.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - D:\PROGRA~1\SPYWAR~2\tools\iesdpb.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://download.ewido.net/ewidoOnlineScan.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{08F55E98-3902-45CE-A6BC-07880BFFD54D}: NameServer = 84.103.237.141 86.64.145.141
O17 - HKLM\System\CCS\Services\Tcpip\..\{F0EA4D12-8C69-46ED-9585-BA2EA967C3E4}: NameServer = 86.64.145.140,84.103.237.140
O17 - HKLM\System\CS1\Services\Tcpip\..\{08F55E98-3902-45CE-A6BC-07880BFFD54D}: NameServer = 84.103.237.141 86.64.145.141
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "D:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - AppInit_DLLs: d:\windows\system32\wmfhotfix.dll MsgPlusLoader.dll
O20 - Winlogon Notify: WRNotifier - D:\WINDOWS\SYSTEM32\WRLogonNTF.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - D:\Program Files\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - D:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - D:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - Unknown owner - D:\Program Files\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - D:\Program Files\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - D:\Program Files\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: NBService - Nero AG - D:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: PC Tools Spyware Doctor (SDhelper) - PC Tools Research Pty Ltd - D:\Program Files\Spyware Doctor\sdhelp.exe
O23 - Service: Webroot Spy Sweeper Engine (svcWRSSSDK) - Webroot Software, Inc. - D:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe

Afficher la suite

green day · Answer

SalutDont un qui me m'affiche le message d'erreur puis le compte a rebours pour le rebootblaster a encore frappé !commence par ceci :blaster sasser eviter le redemarrage intempestifensuite suis cette procedure stp :virus methode preliminaire de desinfection version fr++

Franckyll · Answer

Fixblast & FixSasser n'ont rien trouvé, Peut etre est il important de dire que le message d'erreur de reboot apparait quand J'ordonne a AVAST! de supprimer un Certain fichier infecté par un Trojan (sd-bot ou quelque chose comme ça), Donc je suis toujours infecté et je vous joint Le rapport d'ewido et de Hijack ,(Bit defender n'a rien trouvé et je n'ai pas réussi a prendre le log)

---------------------------------------------------------
ewido anti-spyware - Scan Report
---------------------------------------------------------

+ Created at: 19:55:51 04/09/2006

+ Scan result:

D:\!KillBox\firewall.exe( 1) -> Backdoor.PoeBot.c : Error during cleaning.
D:\!KillBox\lssas.exe -> Backdoor.PoeBot.c : Error during cleaning.
D:\Documents and Settings\Ordi\Cookies\ordi@247realmedia[1].txt -> TrackingCookie.247realmedia : Cleaned.
D:\Documents and Settings\Ordi\Cookies\ordi@msnaccountservices.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
D:\Documents and Settings\Ordi\Cookies\ordi@adbrite[2].txt -> TrackingCookie.Adbrite : Cleaned.
D:\Documents and Settings\Ordi\Cookies\ordi@bluestreak[1].txt -> TrackingCookie.Bluestreak : Cleaned.
D:\Documents and Settings\Ordi\Cookies\ordi@burstnet[2].txt -> TrackingCookie.Burstnet : Cleaned.
D:\Documents and Settings\Ordi\Cookies\ordi@www.burstnet[2].txt -> TrackingCookie.Burstnet : Cleaned.
D:\Documents and Settings\Ordi\Cookies\ordi@www.smartadserver[2].txt -> TrackingCookie.Smartadserver : Cleaned.
D:\Documents and Settings\Ordi\Cookies\ordi@tradedoubler[2].txt -> TrackingCookie.Tradedoubler : Cleaned.
D:\Documents and Settings\Ordi\Cookies\ordi@ad.yieldmanager[2].txt -> TrackingCookie.Yieldmanager : Cleaned.

::Report end

---------------------------------------------------------------------------

Logfile of HijackThis v1.99.1
Scan saved at 20:40:54, on 06/09/2006
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2600.0000)

Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\System32\Ati2evxx.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\spoolsv.exe
D:\WINDOWS\system32\Ati2evxx.exe
D:\Program Files\Avast4\aswUpdSv.exe
D:\Program Files\Avast4\ashServ.exe
D:\Program Files\ewido anti-spyware 4.0\guard.exe
D:\WINDOWS\System32\svchost.exe
D:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
D:\Program Files\Avast4\ashWebSv.exe
D:\Program Files\Avast4\ashMaiSv.exe
D:\Documents and Settings\Ordi\Bureau\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.google.com/intl/fr/toolbar/ie/index.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - d:\program files\google\googletoolbar2.dll
O2 - BHO: FlashFXP Helper for Internet Explorer - {E5A1691B-D188-4419-AD02-90002030B8EE} - D:\PROGRA~1\FlashFXP\IEFlash.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - D:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - d:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [TkBellExe] "D:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [avast!] D:\PROGRA~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [AtiPTA] atiptaxx.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] D:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [LVCOMSX] D:\WINDOWS\System32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] D:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] D:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [NeroFilterCheck] D:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [Local Security Authority Service] D:\WINDOWS\System32\lssas.exe
O4 - HKLM\..\Run: [!ewido] "D:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
O4 - HKCU\..\Run: [SpybotSD TeaTimer] D:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "D:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - D:\PROGRA~1\SPYWAR~2\tools\iesdpb.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://download.ewido.net/ewidoOnlineScan.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{08F55E98-3902-45CE-A6BC-07880BFFD54D}: NameServer = 86.64.145.145 84.103.237.145
O17 - HKLM\System\CCS\Services\Tcpip\..\{F0EA4D12-8C69-46ED-9585-BA2EA967C3E4}: NameServer = 86.64.145.140,84.103.237.140
O17 - HKLM\System\CS1\Services\Tcpip\..\{08F55E98-3902-45CE-A6BC-07880BFFD54D}: NameServer = 86.64.145.145 84.103.237.145
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "D:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - AppInit_DLLs: d:\windows\system32\wmfhotfix.dll MsgPlusLoader.dll
O20 - Winlogon Notify: WRNotifier - D:\WINDOWS\SYSTEM32\WRLogonNTF.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - D:\Program Files\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - D:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - D:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - Unknown owner - D:\Program Files\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - D:\Program Files\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - D:\Program Files\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - D:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: NBService - Nero AG - D:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: PC Tools Spyware Doctor (SDhelper) - PC Tools Research Pty Ltd - D:\Program Files\Spyware Doctor\sdhelp.exe
O23 - Service: Webroot Spy Sweeper Engine (svcWRSSSDK) - Webroot Software, Inc. - D:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe

green day · Answer

Salut ah ! ok, quel est le nom du fichier infecté ??? installe un parfeu++

Franckyll · Answer

Ben en fait, il y'en a tellement , que je te joins, un log de mon journal d'alerte d'avast! ,comme ça tu verra tout les fichiers qui sont signalés ( il y'en a beaucoup :s)

24/08/2006 08:59:22 SYSTEM 1348 Sign of "Win32:Poebot-I [Trj]" has been found in "D:\WINDOWS\system32\auix.exe" file.
24/08/2006 09:00:32 SYSTEM 1348 Sign of "Win32:Poebot-I [Trj]" has been found in "D:\WINDOWS\system32\auix.exe" file.
24/08/2006 09:09:32 SYSTEM 1348 Sign of "Win32:Poebot-I [Trj]" has been found in "D:\WINDOWS\system32\byitnfsp.exe" file.
24/08/2006 09:09:39 SYSTEM 1348 Sign of "Win32:Poebot-I [Trj]" has been found in "D:\WINDOWS\system32\byitnfsp.exe" file.
24/08/2006 09:16:49 SYSTEM 1348 Sign of "Win32:Poebot-D [Trj]" has been found in "D:\WINDOWS\system32\bfuccy.exe" file.
24/08/2006 09:16:55 SYSTEM 1348 Sign of "Win32:Poebot-D [Trj]" has been found in "D:\WINDOWS\system32\bfuccy.exe" file.
24/08/2006 09:19:37 SYSTEM 1348 Sign of "Win32:Poebot-I [Trj]" has been found in "D:\WINDOWS\system32\chfo.exe" file.
24/08/2006 09:19:39 SYSTEM 1348 Sign of "Win32:Poebot-I [Trj]" has been found in "D:\WINDOWS\system32\chfo.exe" file.
24/08/2006 09:20:08 SYSTEM 1348 Sign of "Win32:Poebot-I [Trj]" has been found in "D:\WINDOWS\system32\opwko.exe" file.
24/08/2006 09:20:10 SYSTEM 1348 Sign of "Win32:Poebot-I [Trj]" has been found in "D:\WINDOWS\system32\opwko.exe" file.
24/08/2006 09:34:20 SYSTEM 1348 Sign of "Win32:Poebot-I [Trj]" has been found in "D:\WINDOWS\system32\ssnlj.exe" file.
24/08/2006 09:34:28 SYSTEM 1348 Sign of "Win32:Poebot-I [Trj]" has been found in "D:\WINDOWS\system32\ssnlj.exe" file.
24/08/2006 09:41:42 SYSTEM 1348 Sign of "Win32:Poebot-I [Trj]" has been found in "D:\WINDOWS\system32\voairc.exe" file.
24/08/2006 09:41:44 SYSTEM 1348 Sign of "Win32:Poebot-I [Trj]" has been found in "D:\WINDOWS\system32\voairc.exe" file.
24/08/2006 09:51:42 SYSTEM 1348 Sign of "Win32:Poebot-I [Trj]" has been found in "D:\WINDOWS\system32\mttirm.exe" file.
24/08/2006 09:51:47 SYSTEM 1348 Sign of "Win32:Poebot-I [Trj]" has been found in "D:\WINDOWS\system32\mttirm.exe" file.
24/08/2006 10:08:01 SYSTEM 1348 Sign of "Win32:Rbot-BOT [Trj]" has been found in "D:\WINDOWS\system32\uiebfl.exe" file.
24/08/2006 10:10:03 SYSTEM 1348 Sign of "Win32:Rbot-BOT [Trj]" has been found in "D:\WINDOWS\system32\uiebfl.exe" file.
24/08/2006 10:50:07 SYSTEM 1348 Sign of "Win32:SdBot-3586 [Trj]" has been found in "D:\WINDOWS\system32\qdbqaurg.exe" file.
24/08/2006 10:50:10 SYSTEM 1348 Sign of "Win32:SdBot-3586 [Trj]" has been found in "D:\WINDOWS\system32\qdbqaurg.exe" file.
24/08/2006 10:51:36 SYSTEM 1348 Sign of "Win32:SdBot-3586 [Trj]" has been found in "D:\WINDOWS\system32\zslotse.exe" file.
24/08/2006 10:51:38 SYSTEM 1348 Sign of "Win32:SdBot-3586 [Trj]" has been found in "D:\WINDOWS\system32\zslotse.exe" file.
24/08/2006 10:52:00 SYSTEM 1348 Sign of "Win32:Rbot-BOT [Trj]" has been found in "D:\WINDOWS\system32\jnmlxj.exe" file.
24/08/2006 10:52:01 SYSTEM 1348 Sign of "Win32:Rbot-BOT [Trj]" has been found in "D:\WINDOWS\system32\jnmlxj.exe" file.
24/08/2006 10:52:16 SYSTEM 1348 Sign of "Win32:Virut-B" has been found in "D:\WINDOWS\system32\fhgxkiyc.exe" file.
24/08/2006 10:58:14 SYSTEM 1348 Sign of "Win32:Rbot-BOT [Trj]" has been found in "D:\WINDOWS\system32\kcwkmoim.exe" file.
24/08/2006 10:58:42 SYSTEM 1348 Sign of "Win32:Rbot-BOT [Trj]" has been found in "D:\WINDOWS\system32\kcwkmoim.exe" file.
24/08/2006 11:04:48 SYSTEM 1348 Sign of "Win32:Rbot-BOT [Trj]" has been found in "D:\WINDOWS\system32\ruihoq.exe" file.
24/08/2006 13:28:35 SYSTEM 1896 Sign of "Win32:SdBot-3586 [Trj]" has been found in "D:\WINDOWS\system32\ivsflh.exe" file.
24/08/2006 13:28:58 SYSTEM 1896 Sign of "Win32:SdBot-3586 [Trj]" has been found in "D:\WINDOWS\system32\ivsflh.exe" file.
24/08/2006 13:43:57 SYSTEM 1896 Sign of "Win32:Rbot-BOT [Trj]" has been found in "D:\WINDOWS\system32\wcje.exe" file.
24/08/2006 13:50:58 SYSTEM 1344 Sign of "Win32:SdBot-3643 [Trj]" has been found in "D:\WINDOWS\system32\oxpbj.exe" file.
24/08/2006 13:51:03 SYSTEM 1344 Sign of "Win32:SdBot-3643 [Trj]" has been found in "D:\WINDOWS\system32\oxpbj.exe" file.
24/08/2006 13:59:40 SYSTEM 1344 Sign of "Win32:SdBot-3643 [Trj]" has been found in "D:\WINDOWS\system32\ojaabcp.exe" file.
24/08/2006 13:59:48 SYSTEM 1344 Sign of "Win32:SdBot-3643 [Trj]" has been found in "D:\WINDOWS\system32\ojaabcp.exe" file.
24/08/2006 14:00:33 SYSTEM 1344 Sign of "Win32:SdBot-3643 [Trj]" has been found in "D:\WINDOWS\system32\xswbh.exe" file.
24/08/2006 14:00:40 SYSTEM 1344 Sign of "Win32:SdBot-3643 [Trj]" has been found in "D:\WINDOWS\system32\xswbh.exe" file.
24/08/2006 14:05:20 SYSTEM 1344 Sign of "Win32:SdBot-3586 [Trj]" has been found in "D:\WINDOWS\system32\xvvyf.exe" file.
24/08/2006 14:05:24 SYSTEM 1344 Sign of "Win32:SdBot-3586 [Trj]" has been found in "D:\WINDOWS\system32\xvvyf.exe" file.
24/08/2006 14:10:24 SYSTEM 1344 Sign of "Win32:Rbot-BOT [Trj]" has been found in "D:\WINDOWS\system32\pmrnbxk.exe" file.
24/08/2006 14:10:33 SYSTEM 1344 Sign of "Win32:Rbot-BOT [Trj]" has been found in "D:\WINDOWS\system32\pmrnbxk.exe" file.
24/08/2006 14:20:21 SYSTEM 1344 Sign of "Win32:Rbot-BOT [Trj]" has been found in "D:\WINDOWS\system32\goezphc.exe" file.
24/08/2006 14:20:23 SYSTEM 1344 Sign of "Win32:Rbot-BOT [Trj]" has been found in "D:\WINDOWS\system32\goezphc.exe" file.
24/08/2006 14:24:54 SYSTEM 1344 Sign of "Win32:Poebot-I [Trj]" has been found in "D:\WINDOWS\system32\sowdhb.exe" file.
24/08/2006 14:24:57 SYSTEM 1344 Sign of "Win32:Poebot-I [Trj]" has been found in "D:\WINDOWS\system32\sowdhb.exe" file.
24/08/2006 14:26:45 SYSTEM 1344 Sign of "Win32:SdBot-3586 [Trj]" has been found in "D:\WINDOWS\system32\blbw.exe" file.
24/08/2006 14:26:48 SYSTEM 1344 Sign of "Win32:SdBot-3586 [Trj]" has been found in "D:\WINDOWS\system32\blbw.exe" file.
24/08/2006 14:27:44 SYSTEM 1344 Sign of "Win32:SdBot-3643 [Trj]" has been found in "D:\WINDOWS\system32\rfzjo.exe" file.
24/08/2006 14:27:46 SYSTEM 1344 Sign of "Win32:SdBot-3643 [Trj]" has been found in "D:\WINDOWS\system32\rfzjo.exe" file.
24/08/2006 14:38:29 SYSTEM 1344 Sign of "Win32:Virut-B" has been found in "D:\WINDOWS\system32\fkiqo.exe" file.
24/08/2006 14:38:36 SYSTEM 1344 Sign of "Win32:Virut-B" has been found in "D:\WINDOWS\system32\fkiqo.exe" file.
24/08/2006 14:39:30 SYSTEM 1344 Sign of "Win32:Rbot-BOT [Trj]" has been found in "D:\WINDOWS\system32\yysfc.exe" file.
24/08/2006 18:21:39 SYSTEM 1568 Sign of "Win32:SdBot-3586 [Trj]" has been found in "D:\WINDOWS\system32\yuqy.exe" file.
24/08/2006 19:04:48 SYSTEM 1568 Sign of "Win32:Poebot-I [Trj]" has been found in "D:\WINDOWS\system32\wucm.exe" file.
24/08/2006 19:09:07 SYSTEM 1568 Sign of "Win32:Poebot-I [Trj]" has been found in "D:\WINDOWS\system32\xxwdord.exe" file.
17/08/2006 19:21:21 SYSTEM 1340 Sign of "Win32:SdBot-gen22 [Trj]" has been found in "D:\WINDOWS\system32\lvolhacn.exe\[ASProtect]" file.
17/08/2006 19:22:22 SYSTEM 1340 Sign of "Win32:Rbot-BOT [Trj]" has been found in "D:\WINDOWS\system32\sqgcmsz.exe" file.
17/08/2006 19:22:41 SYSTEM 1340 Sign of "Win32:Rbot-BOT [Trj]" has been found in "D:\WINDOWS\system32\czvsn.exe" file.
17/08/2006 19:32:10 SYSTEM 1340 Sign of "Win32:Parite" has been found in "D:\WINDOWS\system32\mpwhmx.exe" file.
17/08/2006 19:47:53 SYSTEM 1896 Sign of "Win32:Poebot-I [Trj]" has been found in "D:\WINDOWS\system32\nozx.exe" file.
17/08/2006 19:48:31 SYSTEM 1896 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://download.bitdefender.com/resources/scan8/oscan8.cab (D:\WINDOWS\TEMP\_avast4_\unp261553228.tmp) returning error, 000000A0.
17/08/2006 19:48:34 SYSTEM 1896 AAVM - scanning warning: x_AavmCheckFileDirectEx [UNI]: D:\DOCUME~1\Ordi\LOCALS~1\Temp\ICD1.tmp\bdcore.dll (D:\DOCUME~1\Ordi\LOCALS~1\Temp\ICD1.tmp\bdcore.dll) returning error, 000000A0.
17/08/2006 19:48:34 SYSTEM 1896 AAVM - scanning warning: x_AavmCheckFileDirectEx [UNI]: D:\DOCUME~1\Ordi\LOCALS~1\Temp\ICD1.tmp\libfn.dll (D:\DOCUME~1\Ordi\LOCALS~1\Temp\ICD1.tmp\libfn.dll) returning error, 000000A0.
17/08/2006 19:48:44 SYSTEM 1896 AAVM - scanning warning: x_AavmCheckFileDirectEx [UNI]: D:\WINDOWS\BDOSCAN8\bdcore.dll (D:\WINDOWS\BDOSCAN8\bdcore.dll) returning error, 000000A0.
17/08/2006 19:48:44 SYSTEM 1896 AAVM - scanning warning: x_AavmCheckFileDirectEx [UNI]: D:\WINDOWS\BDOSCAN8\libfn.dll (D:\WINDOWS\BDOSCAN8\libfn.dll) returning error, 000000A0.
17/08/2006 19:48:47 SYSTEM 1896 AAVM - scanning warning: x_AavmCheckFileDirectEx [UNI]: D:\WINDOWS\Downloaded Program Files\libfn.dll (D:\WINDOWS\Downloaded Program Files\libfn.dll) returning error, 000000A0.
17/08/2006 19:48:48 SYSTEM 1896 AAVM - scanning warning: x_AavmCheckFileDirectEx [UNI]: D:\WINDOWS\Downloaded Program Files\bdcore.dll (D:\WINDOWS\Downloaded Program Files\bdcore.dll) returning error, 000000A0.
17/08/2006 19:58:40 SYSTEM 1896 Sign of "Win32:Poebot-I [Trj]" has been found in "D:\WINDOWS\system32\qrarutin.exe" file.
17/08/2006 20:00:34 SYSTEM 1896 Sign of "Win32:SdBot-gen22 [Trj]" has been found in "D:\WINDOWS\system32\hgpxm.exe\[ASProtect]" file.
17/08/2006 20:01:45 SYSTEM 1896 Sign of "Win32:Rbot-BOT [Trj]" has been found in "D:\WINDOWS\system32\ydbsusw.exe" file.
17/08/2006 20:12:59 SYSTEM 1896 Sign of "Win32:Rbot-BOT [Trj]" has been found in "D:\WINDOWS\system32\talqfb.exe" file.
17/08/2006 20:15:47 SYSTEM 1896 Sign of "Win32:Rbot-BOT [Trj]" has been found in "D:\WINDOWS\system32\xtqf.exe" file.
17/08/2006 20:27:53 SYSTEM 1348 Sign of "Win32:Rbot-BOT [Trj]" has been found in "D:\WINDOWS\system32\fvuanzgw.exe" file.
17/08/2006 22:09:10 SYSTEM 1348 Sign of "Win32:SdBot-3586 [Trj]" has been found in "D:\WINDOWS\system32\guqygk.exe" file.
17/08/2006 22:20:42 SYSTEM 1348 Sign of "Win32:SdBot-3586 [Trj]" has been found in "D:\WINDOWS\system32\vkrs.exe" file.
17/08/2006 22:32:00 SYSTEM 1348 Sign of "Win32:Virut-B" has been found in "D:\WINDOWS\system32\utgudmqs.exe" file.
17/08/2006 22:53:19 SYSTEM 1884 Sign of "Win32:SdBot-gen22 [Trj]" has been found in "D:\WINDOWS\system32\sdml.exe\[ASProtect]" file.
17/08/2006 23:00:38 SYSTEM 1884 Sign of "Win32:Poebot-I [Trj]" has been found in "D:\WINDOWS\system32\ncqxx.exe" file.
17/08/2006 23:01:40 SYSTEM 1884 Sign of "Win32:Rbot-BOT [Trj]" has been found in "D:\WINDOWS\system32\xqwjbeax.exe" file.
17/08/2006 23:02:25 SYSTEM 1884 Sign of "Win32:SdBot-gen22 [Trj]" has been found in "D:\WINDOWS\system32\cgrrymh.exe\[ASProtect]" file.
17/08/2006 23:09:40 SYSTEM 1884 Sign of "Win32:Rbot-BOT [Trj]" has been found in "D:\WINDOWS\system32\ddiscq.exe" file.
17/08/2006 23:11:31 SYSTEM 1884 Sign of "Win32:Poebot-I [Trj]" has been found in "D:\WINDOWS\system32\gjzkik.exe" file.
17/08/2006 23:11:37 SYSTEM 1884 Sign of "Win32:SdBot-gen22 [Trj]" has been found in "D:\WINDOWS\system32\jxotut.exe\[ASProtect]" file.
17/08/2006 23:20:42 SYSTEM 1884 Sign of "Win32:SdBot-gen22 [Trj]" has been found in "D:\WINDOWS\system32\bbyo.exe\[ASProtect]" file.
17/08/2006 23:29:45 SYSTEM 1884 Sign of "Win32:SdBot-gen22 [Trj]" has been found in "D:\WINDOWS\system32\cdgqzsp.exe\[ASProtect]" file.
17/08/2006 23:48:19 SYSTEM 1884 Sign of "Win32:Poebot-I [Trj]" has been found in "D:\WINDOWS\system32\nvqpihs.exe" file.
18/08/2006 09:17:42 SYSTEM 1344 Sign of "Win32:Poebot-I [Trj]" has been found in "D:\WINDOWS\system32\rnmujt.exe" file.
18/08/2006 09:18:01 SYSTEM 1344 Sign of "Win32:Poebot-I [Trj]" has been found in "D:\WINDOWS\system32\rnmujt.exe" file.
18/08/2006 09:20:35 SYSTEM 1344 Sign of "Win32:SdBot-gen22 [Trj]" has been found in "D:\WINDOWS\system32\ubxj.exe\[ASProtect]" file.
18/08/2006 09:20:41 SYSTEM 1344 Sign of "Win32:SdBot-gen22 [Trj]" has been found in "D:\WINDOWS\system32\ubxj.exe\[ASProtect]" file.
18/08/2006 09:37:21 SYSTEM 1344 Sign of "Win32:Rbot-BOT [Trj]" has been found in "D:\WINDOWS\system32\dxatngbx.exe" file.
18/08/2006 09:37:38 SYSTEM 1344 Sign of "Win32:Rbot-BOT [Trj]" has been found in "D:\WINDOWS\system32\dxatngbx.exe" file.
18/08/2006 11:58:24 SYSTEM 1908 Sign of "Win32:SdBot-3586 [Trj]" has been found in "D:\WINDOWS\system32\oymki.exe" file.
18/08/2006 12:31:39 SYSTEM 1340 Sign of "Win32:SdBot-3586 [Trj]" has been found in "D:\WINDOWS\system32\hreokx.exe" file.
18/08/2006 12:32:31 SYSTEM 1340 Sign of "Win32:Rbot-BOT [Trj]" has been found in "D:\WINDOWS\system32\oegnl.exe" file.
18/08/2006 12:43:21 SYSTEM 1340 Sign of "Win32:Rbot-BOT [Trj]" has been found in "D:\WINDOWS\system32\vfvfo.exe" file.
18/08/2006 12:45:39 SYSTEM 1340 Sign of "Win32:Rbot-BOT [Trj]" has been found in "D:\WINDOWS\system32\vfvfo.exe" file.
18/08/2006 12:52:33 SYSTEM 1340 Sign of "Win32:Rbot-BOT [Trj]" has been found in "D:\WINDOWS\system32\qmgedstv.exe" file.
18/08/2006 12:52:39 SYSTEM 1340 Sign of "Win32:Rbot-BOT [Trj]" has been found in "D:\WINDOWS\system32\qmgedstv.exe" file.
18/08/2006 13:02:49 SYSTEM 1340 Sign of "Win32:Rbot-BOT [Trj]" has been found in "D:\WINDOWS\system32\gpacl.exe" file.
18/08/2006 13:03:01 SYSTEM 1340 Sign of "Win32:Rbot-BOT [Trj]" has been found in "D:\WINDOWS\system32\gpacl.exe" file.
18/08/2006 13:12:24 SYSTEM 1340 Sign of "Win32:Rbot-BOT [Trj]" has been found in "D:\WINDOWS\system32\ltvnvt.exe" file.
18/08/2006 13:12:29 SYSTEM 1340 Sign of "Win32:Rbot-BOT [Trj]" has been found in "D:\WINDOWS\system32\ltvnvt.exe" file.
18/08/2006 13:21:45 SYSTEM 1340 Sign of "Win32:Rbot-BOT [Trj]" has been found in "D:\WINDOWS\system32\wmytw.exe" file.
18/08/2006 13:22:13 SYSTEM 1340 Sign of "Win32:Rbot-BOT [Trj]" has been found in "D:\WINDOWS\system32\wmytw.exe" file.
18/08/2006 13:30:00 SYSTEM 1340 Sign of "Win32:Rbot-BOT [Trj]" has been found in "D:\WINDOWS\system32\jbnlg.exe" file.
18/08/2006 13:37:34 SYSTEM 1340 Sign of "Win32:Rbot-BOT [Trj]" has been found in "D:\WINDOWS\system32\bpaywriv.exe" file.
18/08/2006 13:45:50 SYSTEM 1340 Sign of "Win32:Rbot-BOT [Trj]" has been found in "D:\WINDOWS\system32\iudhkbd.exe" file.
18/08/2006 13:58:24 SYSTEM 1340 Sign of "Win32:Rbot-BOT [Trj]" has been found in "D:\WINDOWS\system32\bnqi.exe" file.
18/08/2006 14:03:09 SYSTEM 1340 Sign of "Win32:Rbot-BOT [Trj]" has been found in "D:\WINDOWS\system32\oozcmim.exe" file.
18/08/2006 14:14:06 SYSTEM 1340 Sign of "Win32:Rbot-BOT [Trj]" has been found in "D:\WINDOWS\system32\wtkq.exe" file.
18/08/2006 14:14:29 SYSTEM 1340 Sign of "Win32:Rbot-BOT [Trj]" has been found in "D:\WINDOWS\system32\wtkq.exe" file.
18/08/2006 14:24:56 SYSTEM 1340 Sign of "Win32:Rbot-BOT [Trj]" has been found in "D:\WINDOWS\system32\ylfkaepo.exe" file.
18/08/2006 14:34:07 SYSTEM 1340 Sign of "Win32:Rbot-BOT [Trj]" has been found in "D:\WINDOWS\system32\vagwaef.exe" file.
18/08/2006 14:56:15 SYSTEM 1904 Sign of "Win32:SdBot-gen22 [Trj]" has been found in "D:\WINDOWS\system32\juhcnfqm.exe\[ASProtect]" file.
18/08/2006 14:56:28 SYSTEM 1904 Sign of "Win32:SdBot-gen22 [Trj]" has been found in "D:\WINDOWS\system32\juhcnfqm.exe\[ASProtect]" file.
18/08/2006 15:00:54 SYSTEM 1904 Sign of "Win32:SdBot-gen22 [Trj]" has been found in "D:\WINDOWS\system32\lrar.exe\[ASProtect]" file.
18/08/2006 15:01:41 SYSTEM 1904 Sign of "Win32:SdBot-gen22 [Trj]" has been found in "D:\WINDOWS\system32\dnjez.exe\[ASProtect]" file.
18/08/2006 15:05:36 SYSTEM 1904 Sign of "Win32:Rbot-BOT [Trj]" has been found in "D:\WINDOWS\system32\gxon.exe" file.
18/08/2006 15:06:09 SYSTEM 1904 Sign of "Win32:SdBot-gen22 [Trj]" has been found in "D:\WINDOWS\system32\sjng.exe\[ASProtect]" file.
18/08/2006 15:09:47 SYSTEM 1904 Sign of "Win32:SdBot-gen22 [Trj]" has been found in "D:\WINDOWS\system32\qbpcie.exe\[ASProtect]" file.
18/08/2006 15:09:53 SYSTEM 1904 Sign of "Win32:SdBot-gen22 [Trj]" has been found in "D:\WINDOWS\system32\qbpcie.exe\[ASProtect]" file.
18/08/2006 15:10:09 SYSTEM 1904 Sign of "Win32:SdBot-gen22 [Trj]" has been found in "D:\WINDOWS\system32\qmhs.exe\[ASProtect]" file.
18/08/2006 15:12:14 SYSTEM 1904 Sign of "Win32:Virut-B" has been found in "D:\WINDOWS\system32\mhygy.exe" file.
18/08/2006 15:16:51 SYSTEM 1904 Sign of "Win32:SdBot-gen22 [Trj]" has been found in "D:\WINDOWS\system32\unielkw.exe\[ASProtect]" file.
18/08/2006 15:29:17 Ordi 188 Sign of "Win32:SdBot-gen22 [Trj]" has been found in "D:\WINDOWS\system32\unielkw.exe\[ASProtect]" file.
19/08/2006 19:20:11 SYSTEM 1392 Sign of "Win32:Rbot-BOT [Trj]" has been found in "D:\WINDOWS\system32\lvqukm.exe" file.
26/08/2006 20:20:43 SYSTEM 856 Sign of "Win32:Bobic-V [Wrm]" has been found in "D:\WINDOWS\system32\rgie.exe" file.
26/08/2006 20:20:53 SYSTEM 856 Sign of "Win32:Bobic-V [Wrm]" has been found in "D:\WINDOWS\system32\rgie.exe" file.
26/08/2006 20:29:36 SYSTEM 856 Sign of "Win32:SdBot-gen22 [Trj]" has been found in "D:\WINDOWS\system32\okrvpl.exe\[ASProtect]" file.
26/08/2006 20:57:42 SYSTEM 856 Sign of "Win32:SdBot-gen22 [Trj]" has been found in "D:\WINDOWS\system32\djltr.exe\[ASProtect]" file.
26/08/2006 21:11:16 SYSTEM 856 Sign of "Win32:SdBot-gen22 [Trj]" has been found in "D:\WINDOWS\system32\suanyqg.exe\[ASProtect]" file.
26/08/2006 21:17:24 SYSTEM 856 Sign of "Win32:SdBot-gen22 [Trj]" has been found in "D:\WINDOWS\system32\kaahvr.exe\[ASProtect]" file.
26/08/2006 21:25:07 SYSTEM 856 Sign of "Win32:SdBot-gen22 [Trj]" has been found in "D:\WINDOWS\system32\lcopbhyn.exe\[ASProtect]" file.
27/08/2006 05:19:37 SYSTEM 856 Sign of "Win32:Rbot-BOT [Trj]" has been found in "D:\WINDOWS\system32\mxgjkdo.exe" file.
27/08/2006 08:56:00 SYSTEM 856 Sign of "Win32:Rbot-BOT [Trj]" has been found in "D:\WINDOWS\system32\zwfd.exe" file.
27/08/2006 09:02:35 SYSTEM 856 Sign of "Win32:Rbot-BOT [Trj]" has been found in "D:\WINDOWS\system32\mxgjkdo.exe" file.
27/08/2006 09:32:10 SYSTEM 856 Sign of "Win32:Rbot-BOT [Trj]" has been found in "D:\WINDOWS\system32\qepiywtb.exe" file.
27/08/2006 20:19:27 SYSTEM 856 Sign of "Win32:Rbot-BOT [Trj]" has been found in "D:\WINDOWS\system32\ozokkhhi.exe" file.
27/08/2006 20:21:10 SYSTEM 856 Sign of "Win32:Rbot-BOT [Trj]" has been found in "D:\WINDOWS\system32\kbrsf.exe" file.
27/08/2006 20:22:11 SYSTEM 856 Sign of "Win32:SdBot-3586 [Trj]" has been found in "D:\WINDOWS\system32\gptwyh.exe" file.
27/08/2006 20:27:55 SYSTEM 856 Sign of "Win32:Poebot-I [Trj]" has been found in "D:\WINDOWS\system32\ooqdwu.exe" file.
27/08/2006 20:28:34 SYSTEM 856 Sign of "Win32:Rbot-BOT [Trj]" has been found in "D:\WINDOWS\system32\xpai.exe" file.
27/08/2006 20:30:03 SYSTEM 856 Sign of "Win32:Rbot-BOT [Trj]" has been found in "D:\WINDOWS\system32\penjxwy.exe" file.
27/08/2006 20:30:21 SYSTEM 856 Sign of "Win32:Rbot-BOT [Trj]" has been found in "D:\WINDOWS\system32\wdsx.exe" file.
27/08/2006 20:38:17 SYSTEM 856 Sign of "Win32:Rbot-BOT [Trj]" has been found in "D:\WINDOWS\system32\vpat.exe" file.
27/08/2006 20:39:52 SYSTEM 856 Sign of "Win32:Rbot-BOT [Trj]" has been found in "D:\WINDOWS\system32\ugsufke.exe" file.
27/08/2006 20:39:56 SYSTEM 856 Sign of "Win32:Poebot-J [Trj]" has been found in "D:\WINDOWS\system32\dfhzqis.exe" file.
27/08/2006 20:40:05 SYSTEM 856 Sign of "Win32:SdBot-gen22 [Trj]" has been found in "D:\WINDOWS\system32\gakcc.exe\[ASProtect]" file.
27/08/2006 20:46:35 SYSTEM 856 Sign of "Win32:Rbot-BOT [Trj]" has been found in "D:\WINDOWS\system32\igep.exe" file.
27/08/2006 20:46:50 SYSTEM 856 Sign of "Win32:Rbot-BOT [Trj]" has been found in "D:\WINDOWS\system32\xrmw.exe" file.
27/08/2006 20:49:18 SYSTEM 856 Sign of "Win32:Rbot-BOT [Trj]" has been found in "D:\WINDOWS\system32\wumka.exe" file.
27/08/2006 20:49:55 SYSTEM 856 Sign of "Win32:Rbot-BOT [Trj]" has been found in "D:\WINDOWS\system32\xwclq.exe" file.
27/08/2006 20:51:51 SYSTEM 856 Sign of "Win32:SdBot-gen22 [Trj]" has been found in "D:\WINDOWS\system32\phkcr.exe\[ASProtect]" file.
27/08/2006 20:54:44 SYSTEM 856 Sign of "Win32:Rbot-BOT [Trj]" has been found in "D:\WINDOWS\system32\bhqrnxd.exe" file.
27/08/2006 20:57:27 SYSTEM 856 Sign of "Win32:SdBot-3586 [Trj]" has been found in "D:\WINDOWS\system32\wlbol.exe" file.
27/08/2006 21:01:27 SYSTEM 856 Sign of "Win32:Rbot-BOT [Trj]" has been found in "D:\WINDOWS\system32\lwgwjqu.exe" file.
27/08/2006 21:04:53 SYSTEM 856 Sign of "Win32:Rbot-BOT [Trj]" has been found in "D:\WINDOWS\system32\nioagjra.exe" file.
27/08/2006 21:11:57 SYSTEM 856 Sign of "Win32:Rbot-BOT [Trj]" has been found in "D:\WINDOWS\system32\vygits.exe" file.
27/08/2006 21:13:47 SYSTEM 856 Sign of "Win32:SdBot-gen22 [Trj]" has been found in "D:\WINDOWS\system32\nlwp.exe\[ASProtect]" file.
27/08/2006 21:14:52 SYSTEM 856 Sign of "Win32:Rbot-BOT [Trj]" has been found in "D:\WINDOWS\system32\avox.exe" file.
27/08/2006 21:19:50 SYSTEM 856 Sign of "Win32:SdBot-gen22 [Trj]" has been found in "D:\WINDOWS\system32\bsgqkxoy.exe\[ASProtect]" file.
27/08/2006 21:19:59 SYSTEM 856 Sign of "Win32:Rbot-BOT [Trj]" has been found in "D:\WINDOWS\system32\eysw.exe" file.
27/08/2006 21:23:28 SYSTEM 856 Sign of "Win32:SdBot-gen22 [Trj]" has been found in "D:\WINDOWS\system32\nmjnwj.exe\[ASProtect]" file.
27/08/2006 21:34:09 SYSTEM 856 Sign of "Win32:Rbot-BOT [Trj]" has been found in "D:\WINDOWS\system32\nihw.exe" file.
27/08/2006 21:49:38 SYSTEM 856 Sign of "Win32:Rbot-BOT [Trj]" has been found in "D:\WINDOWS\system32\hguixfa.exe" file.
27/08/2006 21:58:12 SYSTEM 856 Sign of "Win32:SdBot-gen22 [Trj]" has been found in "D:\WINDOWS\system32\dbyal.exe\[ASProtect]" file.
27/08/2006 22:04:22 SYSTEM 856 Sign of "Win32:Rbot-BOT [Trj]" has been found in "D:\WINDOWS\system32\olxpaeg.exe" file.
27/08/2006 22:25:48 SYSTEM 856 Sign of "Win32:SdBot-3586 [Trj]" has been found in "D:\WINDOWS\system32\utayh.exe" file.
27/08/2006 22:30:50 SYSTEM 856 Sign of "Win32:Rbot-BOT [Trj]" has been found in "D:\WINDOWS\system32\gxpqs.exe" file.
27/08/2006 22:38:38 SYSTEM 856 Sign of "Win32:Virut-B" has been found in "D:\WINDOWS\system32\wdqahb.exe" file.
21/08/2006 08:12:05 SYSTEM 1140 Sign of "Win32:Virut-B" has been found in "D:\WINDOWS\system32\zcbr.exe" file.
21/08/2006 08:35:48 SYSTEM 1140 Sign of "Win32:SdBot-gen22 [Trj]" has been found in "D:\WINDOWS\system32\puwv.exe\[ASProtect]" file.
21/08/2006 08:41:16 SYSTEM 1140 Sign of "Win32:SdBot-3586 [Trj]" has been found in "D:\WINDOWS\system32\qmnv.exe" file.
21/08/2006 08:59:53 SYSTEM 1140 Sign of "Win32:SdBot-3586 [Trj]" has been found in "D:\WINDOWS\system32\awfwpjs.exe" file.
21/08/2006 09:02:42 SYSTEM 1140 Sign of "Win32:Virut-B" has been found in "D:\WINDOWS\system32\hixudnx.exe" file.
21/08/2006 09:08:13 SYSTEM 1140 Sign of "Win32:SdBot-gen22 [Trj]" has been found in "D:\WINDOWS\system32\lmpw.exe\[ASProtect]" file.
21/08/2006 09:12:19 SYSTEM 1140 Sign of "Win32:SdBot-3586 [Trj]" has been found in "D:\WINDOWS\system32\hnlyei.exe" file.
21/08/2006 09:31:15 SYSTEM 1140 Sign of "Win32:Virut-B" has been found in "D:\WINDOWS\system32\spbfcqt.exe" file.
21/08/2006 09:37:21 SYSTEM 1140 Sign of "Win32:SdBot-3586 [Trj]" has been found in "D:\WINDOWS\system32\tejru.exe" file.
21/08/2006 09:40:47 SYSTEM 1140 Sign of "Win32:Virut-B" has been found in "D:\WINDOWS\system32\fmlqpy.exe" file.
21/08/2006 10:09:22 SYSTEM 1140 Sign of "Win32:Poebot-I [Trj]" has been found in "D:\WINDOWS\system32\fhewthn.exe" file.
21/08/2006 11:36:43 SYSTEM 1140 Sign of "Win32:Poebot-K [Trj]" has been found in "D:\WINDOWS\system32\kcmkyrs.exe" file.
21/08/2006 11:37:14 SYSTEM 1140 Sign of "Win32:Rbot-BOT [Trj]" has been found in "D:\WINDOWS\system32\vpcbmf.exe" file.
21/08/2006 11:46:58 SYSTEM 116 Sign of "Win32:Poebot-K [Trj]" has been found in "D:\WINDOWS\system32\sawluf.exe" file.
21/08/2006 11:48:24 SYSTEM 116 Sign of "Win32:SdBot-gen22 [Trj]" has been found in "D:\WINDOWS\system32\ikmgyu.exe\[ASProtect]" file.
21/08/2006 11:54:23 SYSTEM 116 Sign of "Win32:Virut-B" has been found in "D:\WINDOWS\system32\ompbxwp.exe" file.
21/08/2006 11:55:22 SYSTEM 116 Sign of "Win32:Rbot-BOT [Trj]" has been found in "D:\WINDOWS\system32\hathb.exe" file.
21/08/2006 11:55:58 SYSTEM 116 Sign of "Win32:Poebot-I [Trj]" has been found in "D:\WINDOWS\system32\eoose.exe" file.
21/08/2006 12:00:55 SYSTEM 116 Sign of "Win32:SdBot-3643 [Trj]" has been found in "D:\WINDOWS\system32\nlkrtq.exe" file.
21/08/2006 12:07:02 SYSTEM 116 Sign of "Win32:Rbot-BOT [Trj]" has been found in "D:\WINDOWS\system32\jcrqnfe.exe" file.
21/08/2006 12:14:12 SYSTEM 116 Sign of "Win32:Poebot-I [Trj]" has been found in "D:\WINDOWS\system32\khjia.exe" file.
21/08/2006 12:17:02 SYSTEM 116 Sign of "Win32:Rbot-BOT [Trj]" has been found in "D:\WINDOWS\system32\abhiwm.exe" file.
21/08/2006 12:18:42 SYSTEM 116 Sign of "Win32:Rbot-BOT [Trj]" has been found in "D:\WINDOWS\system32\dutuwlw.exe" file.
21/08/2006 12:51:24 SYSTEM 116 Sign of "Win32:SdBot-gen22 [Trj]" has been found in "D:\WINDOWS\system32\dmqecgi.exe\[ASProtect]" file.
21/08/2006 13:03:43 SYSTEM 280 Sign of "Win32:SdBot-3586 [Trj]" has been found in "D:\WINDOWS\system32\kjeuyp.exe" file.
21/08/2006 13:03:53 SYSTEM 280 Sign of "Win32:SdBot-3586 [Trj]" has been found in "D:\WINDOWS\system32\kjeuyp.exe" file.
14/09/2006 13:32:27 SYSTEM 1096 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://download.bitdefender.com/resources/scan8/oscan8.cab (D:\WINDOWS\TEMP\_avast4_\unp144015637.tmp) returning error, 000000A0.
14/09/2006 13:32:31 SYSTEM 1096 AAVM - scanning warning: x_AavmCheckFileDirectEx [UNI]: D:\DOCUME~1\Admin\LOCALS~1\Temp\ICD1.tmp\bdcore.dll (D:\DOCUME~1\Admin\LOCALS~1\Temp\ICD1.tmp\bdcore.dll) returning error, 000000A0.
14/09/2006 13:32:31 SYSTEM 1096 AAVM - scanning warning: x_AavmCheckFileDirectEx [UNI]: D:\DOCUME~1\Admin\LOCALS~1\Temp\ICD1.tmp\libfn.dll (D:\DOCUME~1\Admin\LOCALS~1\Temp\ICD1.tmp\libfn.dll) returning error, 000000A0.
14/09/2006 13:32:41 SYSTEM 1096 Sign of "Win32:Rbot-BOT [Trj]" has been found in "D:\WINDOWS\system32\yhlva.exe" file.
14/09/2006 13:32:43 SYSTEM 1096 AAVM - scanning warning: x_AavmCheckFileDirectEx [UNI]: D:\WINDOWS\BDOSCAN8\SETA.tmp (D:\WINDOWS\BDOSCAN8\SETA.tmp) returning error, 000000A0.
14/09/2006 13:32:53 SYSTEM 1096 AAVM - scanning warning: x_AavmCheckFileDirectEx [UNI]: D:\WINDOWS\BDOSCAN8\SETD.tmp (D:\WINDOWS\BDOSCAN8\SETD.tmp) returning error, 000000A0.
14/09/2006 13:32:54 SYSTEM 1096 AAVM - scanning warning: x_AavmCheckFileDirectEx [UNI]: D:\WINDOWS\BDOSCAN8\libfn.dll (D:\WINDOWS\BDOSCAN8\libfn.dll) returning error, 000000A0.
14/09/2006 13:32:57 SYSTEM 1096 AAVM - scanning warning: x_AavmCheckFileDirectEx [UNI]: D:\WINDOWS\Downloaded Program Files\CONFLICT.1\libfn.dll (D:\WINDOWS\Downloaded Program Files\CONFLICT.1\libfn.dll) returning error, 000000A0.
14/09/2006 13:32:57 SYSTEM 1096 AAVM - scanning warning: x_AavmCheckFileDirectEx [UNI]: D:\WINDOWS\Downloaded Program Files\CONFLICT.1\bdcore.dll (D:\WINDOWS\Downloaded Program Files\CONFLICT.1\bdcore.dll) returning error, 000000A0.
14/09/2006 14:00:44 SYSTEM 1096 Sign of "Win32:Rbot-BOT [Trj]" has been found in "D:\WINDOWS\system32\myguo.exe" file.
14/09/2006 14:02:45 SYSTEM 1096 Sign of "Win32:Virut-B" has been found in "D:\WINDOWS\system32\nmylvy.exe" file.
14/09/2006 14:11:08 SYSTEM 1096 Sign of "Win32:Rbot-BOT [Trj]" has been found in "D:\WINDOWS\system32\qamiovb.exe" file.
14/09/2006 16:44:27 SYSTEM 1096 Sign of "Win32:Virut-B" has been found in "D:\WINDOWS\system32\zwztgnz.exe" file.
14/09/2006 16:50:41 SYSTEM 880 Sign of "Win32:Rbot-BOT [Trj]" has been found in "D:\WINDOWS\system32\zdebbgyu.exe" file.
14/09/2006 16:51:22 SYSTEM 880 Sign of "Win32:Rbot-BOT [Trj]" has been found in "D:\WINDOWS\system32\gznlr.exe" file.
08/09/2006 00:07:22 SYSTEM 884 Sign of "Win32:Poebot-L [Trj]" has been found in "D:\WINDOWS\system32\pagz.exe" file.
08/09/2006 00:07:28 SYSTEM 884 Sign of "Win32:Poebot-L [Trj]" has been found in "D:\WINDOWS\system32\pagz.exe" file.
08/09/2006 00:13:29 SYSTEM 884 Sign of "Win32:Rbot-BOT [Trj]" has been found in "D:\WINDOWS\system32\famcac.exe" file.
08/09/2006 00:13:32 SYSTEM 884 Sign of "Win32:Rbot-BOT [Trj]" has been found in "D:\WINDOWS\system32\famcac.exe" file.
08/09/2006 00:16:34 SYSTEM 884 Sign of "Win32:Poebot-L [Trj]" has been found in "D:\WINDOWS\system32\wavf.exe" file.
08/09/2006 00:25:47 SYSTEM 884 Sign of "Win32:Poebot-L [Trj]" has been found in "D:\WINDOWS\system32\bojxci.exe" file.
08/09/2006 00:26:27 SYSTEM 884 Sign of "Win32:Rbot-BOT [Trj]" has been found in "D:\WINDOWS\system32\kewyu.exe" file.
08/09/2006 00:35:02 SYSTEM 884 Sign of "Win32:Poebot-L [Trj]" has been found in "D:\WINDOWS\system32\otvmox.exe" file.
08/09/2006 00:35:09 SYSTEM 884 Sign of "Win32:Poebot-L [Trj]" has been found in "D:\WINDOWS\system32\otvmox.exe" file.
08/09/2006 00:35:18 SYSTEM 884 Sign of "Win32:Rbot-BOT [Trj]" has been found in "D:\WINDOWS\system32\ctlbnado.exe" file.
08/09/2006 00:44:20 SYSTEM 884 Sign of "Win32:Poebot-L [Trj]" has been found in "D:\WINDOWS\system32\jypnwpd.exe" file.
08/09/2006 00:44:53 SYSTEM 884 Sign of "Win32:Rbot-BOT [Trj]" has been found in "D:\WINDOWS\system32\juvq.exe" file.
08/09/2006 00:53:43 SYSTEM 884 Sign of "Win32:Rbot-BOT [Trj]" has been found in "D:\WINDOWS\system32\fvydlyk.exe" file.
08/09/2006 00:53:52 SYSTEM 884 Sign of "Win32:Poebot-L [Trj]" has been found in "D:\WINDOWS\system32\crashyzx.exe" file.
08/09/2006 01:03:24 SYSTEM 884 Sign of "Win32:Poebot-L [Trj]" has been found in "D:\WINDOWS\system32\owjhjqi.exe" file.
08/09/2006 01:04:19 SYSTEM 884 Sign of "Win32:Rbot-BOT [Trj]" has been found in "D:\WINDOWS\system32\jkmkv.exe" file.
08/09/2006 01:12:52 SYSTEM 884 Sign of "Win32:Poebot-L [Trj]" has been found in "D:\WINDOWS\system32\prjahkgz.exe" file.
08/09/2006 01:21:54 SYSTEM 884 Sign of "Win32:Rbot-BOT [Trj]" has been found in "D:\WINDOWS\system32\jumleeed.exe" file.
08/09/2006 01:34:18 SYSTEM 884 Sign of "Win32:Rbot-BOT [Trj]" has been found in "D:\WINDOWS\system32\agejxr.exe" file.
08/09/2006 01:45:57 SYSTEM 884 Sign of "Win32:Rbot-BOT [Trj]" has been found in "D:\WINDOWS\system32\dhlyo.exe" file.
08/09/2006 01:51:25 SYSTEM 884 Sign of "Win32:Rbot-BOT [Trj]" has been found in "D:\WINDOWS\system32\ntbz.exe" file.
08/09/2006 08:56:01 SYSTEM 884 Sign of "Win32:Rbot-BOT [Trj]" has been found in "D:\WINDOWS\system32\yjejfnc.exe" file.
08/09/2006 09:17:59 SYSTEM 884 Sign of "Win32:Rbot-BOT [Trj]" has been found in "D:\WINDOWS\system32\udiuobv.exe" file.
08/09/2006 09:29:34 SYSTEM 884 Sign of "Win32:Rbot-BOT [Trj]" has been found in "D:\WINDOWS\system32\tdbwpms.exe" file.
08/09/2006 09:41:00 SYSTEM 884 Sign of "Win32:Rbot-BOT [Trj]" has been found in "D:\WINDOWS\system32\gtqvzi.exe" file.
08/09/2006 09:48:01 SYSTEM 884 Sign of "Win32:Rbot-BOT [Trj]" has been found in "D:\WINDOWS\system32\wqjzpe.exe" file.
08/09/2006 09:58:40 SYSTEM 884 Sign of "Win32:Rbot-BOT [Trj]" has been found in "D:\WINDOWS\system32\ptkkgzu.exe" file.
08/09/2006 10:06:53 SYSTEM 884 Sign of "Win32:Rbot-BOT [Trj]" has been found in "D:\WINDOWS\system32\lylqq.exe" file.
08/09/2006 10:29:25 SYSTEM 884 Sign of "Win32:Rbot-BOT [Trj]" has been found in "D:\WINDOWS\system32\zcgoa.exe" file.
08/09/2006 11:18:24 SYSTEM 884 Sign of "Win32:Rbot-BOT [Trj]" has been found in "D:\WINDOWS\system32\tjwizcd.exe" file.
08/09/2006 11:32:45 SYSTEM 884 Sign of "Win32:Rbot-BOT [Trj]" has been found in "D:\WINDOWS\system32\zknxkz.exe" file.
08/09/2006 11:38:32 SYSTEM 884 Sign of "Win32:Rbot-BOT [Trj]" has been found in "D:\WINDOWS\system32\xwsry.exe" file.
11/09/2006 14:20:54 SYSTEM 116 Sign of "Win32:SdBot-gen22 [Trj]" has been found in "D:\WINDOWS\system32\cini.exe\[ASProtect]" file.
04/09/2006 15:13:42 SYSTEM 628 Sign of "Win32:SdBot-gen22 [Trj]" has been found in "D:\WINDOWS\system32\jpie.exe\[ASProtect]" file.
04/09/2006 15:13:48 SYSTEM 628 Sign of "Win32:SdBot-gen22 [Trj]" has been found in "D:\WINDOWS\system32\jpie.exe\[ASProtect]" file.
04/09/2006 16:04:06 SYSTEM 628 Sign of "Win32:Poebot-I [Trj]" has been found in "D:\WINDOWS\system32\opedn.exe" file.
04/09/2006 16:04:09 SYSTEM 628 Sign of "Win32:Poebot-I [Trj]" has been found in "D:\WINDOWS\system32\opedn.exe" file.
01/09/2006 16:13:23 SYSTEM 628 Sign of "Win32:Rbot-BOT [Trj]" has been found in "D:\WINDOWS\system32\dkzgsy.exe" file.
01/09/2006 16:13:23 SYSTEM 628 Sign of "Win32:Rbot-BOT [Trj]" has been found in "D:\WINDOWS\system32\dkzgsy.exe" file.
01/09/2006 16:19:31 SYSTEM 628 Sign of "Win32:SdBot-gen22 [Trj]" has been found in "D:\WINDOWS\system32\zfromzwg.exe\[ASProtect]" file.
01/09/2006 16:19:31 SYSTEM 628 Sign of "Win32:SdBot-gen22 [Trj]" has been found in "D:\WINDOWS\system32\zfromzwg.exe\[ASProtect]" file.
01/09/2006 16:24:27 SYSTEM 628 Sign of "Win32:Rbot-BOT [Trj]" has been found in "D:\WINDOWS\system32\jzhzkje.exe" file.
01/09/2006 16:24:27 SYSTEM 628 Sign of "Win32:Rbot-BOT [Trj]" has been found in "D:\WINDOWS\system32\jzhzkje.exe" file.
01/09/2006 16:24:46 SYSTEM 628 Sign of "Win32:Rbot-BOT [Trj]" has been found in "D:\WINDOWS\system32\fguc.exe" file.
01/09/2006 16:45:39 SYSTEM 628 Sign of "Win32:Poebot-D [Trj]" has been found in "D:\WINDOWS\system32\yyvl.exe" file.
01/08/2006 17:11:26 SYSTEM 256 Sign of "Win32:Poebot-Q [Trj]" has been found in "D:\WINDOWS\system32\pqeraupg.exe" file.
01/08/2006 17:11:36 SYSTEM 256 Sign of "Win32:Poebot-Q [Trj]" has been found in "D:\WINDOWS\system32\pqeraupg.exe" file.
01/08/2006 17:21:33 SYSTEM 256 Sign of "Win32:Rbot-BOT [Trj]" has been found in "D:\WINDOWS\system32\qhrma.exe" file.
01/08/2006 17:21:38 SYSTEM 256 Sign of "Win32:Rbot-BOT [Trj]" has been found in "D:\WINDOWS\system32\qhrma.exe" file.
01/08/2006 17:33:10 SYSTEM 452 Sign of "Win32:Poebot-R [Trj]" has been found in "D:\WINDOWS\system32\yhypi.exe" file.
01/08/2006 17:45:25 SYSTEM 452 Sign of "Win32:Poebot-R [Trj]" has been found in "D:\WINDOWS\system32\aebla.exe" file.
01/08/2006 17:56:13 SYSTEM 452 Sign of "Win32:Poebot-R [Trj]" has been found in "D:\WINDOWS\system32\ybpj.exe" file.
01/08/2006 17:58:34 SYSTEM 452 Sign of "Win32:SdBot-gen22 [Trj]" has been found in "D:\WINDOWS\system32\uadgyvmh.exe\[ASProtect]" file.
01/08/2006 19:44:15 SYSTEM 1016 Sign of "Win32:Poebot-D [Trj]" has been found in "D:\WINDOWS\system32\imob.exe" file.
01/09/2006 19:50:17 SYSTEM 1016 Sign of "Win32:SdBot-gen22 [Trj]" has been found in "D:\WINDOWS\system32\qqiqs.exe\[ASProtect]" file.
31/08/2006 22:27:23 SYSTEM 1016 Sign of "Win32:Poebot-D [Trj]" has been found in "D:\WINDOWS\system32\bqdutwcr.exe" file.
31/08/2006 22:29:24 SYSTEM 1016 Sign of "Win32:SdBot-gen22 [Trj]" has been found in "D:\WINDOWS\system32\ipdwytg.exe\[ASProtect]" file.
31/08/2006 22:32:01 SYSTEM 1016 Sign of "Win32:Rbot-BOT [Trj]" has been found in "D:\WINDOWS\system32\ksgi.exe" file.
31/08/2006 22:33:58 SYSTEM 1016 Sign of "Win32:Poebot-D [Trj]" has been found in "D:\WINDOWS\system32\imrcfnq.exe" file.
31/08/2006 22:35:55 SYSTEM 1016 Sign of "Win32:Poebot-D [Trj]" has been found in "D:\WINDOWS\system32\xvtdmhns.exe" file.
31/08/2006 22:36:27 SYSTEM 1016 Sign of "Win32:Sality-AB" has been found in "D:\WINDOWS\system32\dmgpy.exe" file.
31/08/2006 22:38:43 SYSTEM 1016 Sign of "Win32:Poebot-D [Trj]" has been found in "D:\WINDOWS\system32\uzbcuqj.exe" file.
31/08/2006 22:42:31 SYSTEM 1016 Sign of "Win32:Rbot-BOT [Trj]" has been found in "D:\WINDOWS\system32\rdmtwlpv.exe" file.
31/08/2006 22:42:48 SYSTEM 1016 Sign of "Win32:Poebot-C [Trj]" has been found in "D:\WINDOWS\system32\bdalwz.exe" file.
31/08/2006 22:43:04 SYSTEM 1016 Sign of "Win32:SdBot-3586 [Trj]" has been found in "D:\WINDOWS\system32\fvbevf.exe" file.
31/08/2006 22:43:37 SYSTEM 1016 Sign of "Win32:Poebot-D [Trj]" has been found in "D:\WINDOWS\system32\hksgdvnv.exe" file.
31/08/2006 22:45:47 SYSTEM 1016 Sign of "Win32:Rbot-BOT [Trj]" has been found in "D:\WINDOWS\system32\adnos.exe" file.
31/08/2006 22:46:18 SYSTEM 1016 Sign of "Win32:Poebot-D [Trj]" has been found in "D:\WINDOWS\system32\ccngkkb.exe" file.
31/08/2006 22:47:09 SYSTEM 1016 Sign of "Win32:Virut-B" has been found in "D:\WINDOWS\system32\enekckb.exe" file.
31/08/2006 22:51:13 SYSTEM 1016 Sign of "Win32:Rbot-BOT [Trj]" has been found in "D:\WINDOWS\system32\xtjxgc.exe" file.
31/08/2006 22:53:16 SYSTEM 1016 Sign of "Win32:Poebot-D [Trj]" has been found in "D:\WINDOWS\system32\iemjx.exe" file.
31/08/2006 22:54:23 SYSTEM 1016 Sign of "Win32:Poebot-I [Trj]" has been found in "D:\WINDOWS\system32\tulxmg.exe" file.
31/08/2006 22:55:48 SYSTEM 1016 Sign of "Win32:Poebot-D [Trj]" has been found in "D:\WINDOWS\system32\kmvgis.exe" file.
31/08/2006 23:00:21 SYSTEM 1016 Sign of "Win32:Rbot-BOT [Trj]" has been found in "D:\WINDOWS\system32\byoqx.exe" file.
31/08/2006 23:03:12 SYSTEM 1016 Sign of "Win32:SdBot-3586 [Trj]" has been found in "D:\WINDOWS\system32\mzvwsbtg.exe" file.
31/08/2006 23:03:17 SYSTEM 1016 Sign of "Win32:Poebot-D [Trj]" has been found in "D:\WINDOWS\system32\uuqm.exe" file.
31/08/2006 23:05:06 SYSTEM 1016 Sign of "Win32:Rbot-BOT [Trj]" has been found in "D:\WINDOWS\system32\bqpl.exe" file.
02/09/2006 00:28:58 SYSTEM 1460 Sign of "Win32:Rbot-BOT [Trj]" has been found in "D:\WINDOWS\system32\noxbwqe.exe" file.
02/09/2006 00:38:39 SYSTEM 1460 Sign of "Win32:Rbot-BOT [Trj]" has been found in "D:\WINDOWS\system32\kdgpdhs.exe" file.
02/09/2006 00:38:48 SYSTEM 1460 Sign of "Win32:Poebot-D [Trj]" has been found in "D:\WINDOWS\system32\jsgj.exe" file.
02/09/2006 09:36:56 SYSTEM 860 Function setifaceUpdatePackages() has failed. Return code is 0x20000004, dwRes is 20000004.
02/09/2006 09:36:56 SYSTEM 860 An error has occured while attempting to update. Please check the logs.
08/09/2006 16:42:47 SYSTEM 628 Sign of "Win32:SdBot-gen22 [Trj]" has been found in "D:\WINDOWS\system32\stvdoig.exe\[ASProtect]" file.
08/09/2006 16:43:13 SYSTEM 628 Sign of "Win32:SdBot-3586 [Trj]" has been found in "D:\WINDOWS\system32\myfpz.exe" file.
08/09/2006 16:45:27 SYSTEM 628 Sign of "Win32:SdBot-3586 [Trj]" has been found in "D:\WINDOWS\system32\cyxfzge.exe" file.
08/09/2006 16:52:16 SYSTEM 628 Sign of "Win32:Rbot-BOT [Trj]" has been found in "D:\WINDOWS\system32\injtzuf.exe" file.
08/09/2006 16:55:47 SYSTEM 628 Sign of "Win32:SdBot-3586 [Trj]" has been found in "D:\WINDOWS\system32\vqpejy.exe" file.
08/09/2006 16:57:09 SYSTEM 628 Sign of "Win32:SdBot-3586 [Trj]" has been found in "D:\WINDOWS\system32\cgixtkw.exe" file.
08/09/2006 16:59:04 SYSTEM 628 Sign of "Win32:SdBot-3586 [Trj]" has been found in "D:\WINDOWS\system32\rrjtxr.exe" file.
08/09/2006 17:02:55 SYSTEM 628 Sign of "Win32:Poebot-D [Trj]" has been found in "D:\WINDOWS\system32\zeynzf.exe" file.
08/09/2006 17:03:48 SYSTEM 628 Sign of "Win32:Rbot-BOT [Trj]" has been found in "D:\WINDOWS\system32\tkykocds.exe" file.
08/09/2006 17:12:42 SYSTEM 628 Sign of "Win32:Rbot-BOT [Trj]" has been found in "D:\WINDOWS\system32\nutdqq.exe" file.
08/09/2006 17:13:05 SYSTEM 628 Sign of "Win32:Gaobot-286 [Wrm]" has been found in "D:\WINDOWS\system32\zhnyi.exe" file.
08/09/2006 17:14:35 SYSTEM 628 Sign of "Win32:Rbot-BOT [Trj]" has been found in "D:\WINDOWS\system32\wvntxj.exe" file.
08/09/2006 18:09:15 SYSTEM 1468 Sign of "Win32:Poebot-S [Trj]" has been found in "D:\WINDOWS\System32\algs.exe" file.
08/09/2006 18:28:50 SYSTEM 1452 Sign of "Win32:Poebot-S [Trj]" has been found in "D:\WINDOWS\System32\algs.exe" file.
08/09/2006 19:38:10 SYSTEM 692 Sign of "Win32:Rbot-BOT [Trj]" has been found in "D:\WINDOWS\system32\efahbnpf.exe" file.
08/09/2006 19:44:03 SYSTEM 692 Sign of "Win32:Rbot-BOT [Trj]" has been found in "D:\WINDOWS\system32\dcbwjd.exe" file.
08/09/2006 19:48:36 SYSTEM 692 Sign of "Win32:SdBot-gen22 [Trj]" has been found in "D:\WINDOWS\system32\lhxbdvo.exe\[ASProtect]" file.
08/09/2006 19:48:49 SYSTEM 692 Sign of "Win32:Rbot-BOT [Trj]" has been found in "D:\WINDOWS\system32\dkauj.exe" file.
08/09/2006 19:53:12 SYSTEM 692 Sign of "Win32:Rbot-BOT [Trj]" has been found in "D:\WINDOWS\system32\hxldgo.exe" file.
08/09/2006 20:01:32 SYSTEM 692 Sign of "Win32:Rbot-BOT [Trj]" has been found in "D:\WINDOWS\system32\dswo.exe" file.
08/09/2006 20:02:16 SYSTEM 692 Sign of "Win32:Rbot-BOT [Trj]" has been found in "D:\WINDOWS\system32\vqctj.exe" file.
09/09/2006 05:10:59 Ordi 2236 Sign of "Win32:Poebot-R [Trj]" has been found in "D:\!KillBox\firewall.exe" file.
09/09/2006 07:13:22 Ordi 2236 Sign of "Win32:Poebot-R [Trj]" has been found in "D:\!KillBox\firewall.exe( 1)" file.
09/09/2006 07:19:16 Ordi 2236 Sign of "Win32:Haxdoor-FB [Trj]" has been found in "D:\Documents and Settings\Ordi\Local Settings\Application Data\Identities\{018F6347-7CFE-4682-A7B0-3D37DDDCBD9E}\Microsoft\Outlook Express\Hotmail - Éléments supprimés.dbx\Order WC2905036 Is Being Z3566043.eml#399152\Z3566043.zip#966405197\Z3566043.exe\[FSG]" file.
09/09/2006 07:48:48 Ordi 2236 Sign of "Win32:Rbot-BOT [Trj]" has been found in "D:\WINDOWS\system32\bqpl.exe" file.
09/09/2006 07:48:59 Ordi 2236 Sign of "Win32:Rbot-BOT [Trj]" has been found in "D:\WINDOWS\system32\chziysg.exe" file.
09/09/2006 11:27:32 SYSTEM 692 Sign of "Win32:Poebot-R [Trj]" has been found in "D:\!KillBox\firewall.exe" file.
09/09/2006 11:36:02 SYSTEM 628 Sign of "Win32:Rbot-BOT [Trj]" has been found in "D:\WINDOWS\system32\sdhjldff.exe" file.
09/09/2006 11:38:33 SYSTEM 628 Sign of "Win32:Virut-B" has been found in "D:\WINDOWS\system32\ixxqexi.exe" file.
09/09/2006 12:26:23 SYSTEM 628 Sign of "Win32:SdBot-3586 [Trj]" has been found in "D:\WINDOWS\system32\tron.exe" file.
09/09/2006 12:26:36 SYSTEM 628 Sign of "Win32:SdBot-3586 [Trj]" has been found in "D:\WINDOWS\system32\tron.exe" file.
09/09/2006 12:28:29 SYSTEM 628 Sign of "Win32:SdBot-3643 [Trj]" has been found in "D:\WINDOWS\system32\yiotg.exe" file.
09/09/2006 12:28:33 SYSTEM 628 Sign of "Win32:Rbot-BOT [Trj]" has been found in "D:\WINDOWS\system32\qbxu.exe" file.
09/09/2006 12:31:13 SYSTEM 628 Sign of "Win32:SdBot-gen22 [Trj]" has been found in "D:\WINDOWS\system32\agbrseh.exe\[ASProtect]" file.
10/09/2006 11:16:12 SYSTEM 856 Sign of "Win32:Virut-B" has been found in "D:\WINDOWS\system32\gvwurlr.exe" file.
10/09/2006 11:17:01 SYSTEM 856 Sign of "Win32:SdBot-gen22 [Trj]" has been found in "D:\WINDOWS\system32\tpjawa.exe\[ASProtect]" file.
10/09/2006 11:17:02 SYSTEM 856 Sign of "Win32:SdBot-gen22 [Trj]" has been found in "D:\WINDOWS\system32\tpjawa.exe\[ASProtect]" file.
10/09/2006 11:31:34 SYSTEM 520 Sign of "Win32:SdBot-gen22 [Trj]" has been found in "D:\WINDOWS\system32\exts.exe\[ASProtect]" file.
10/09/2006 13:54:39 SYSTEM 520 Sign of "Win32:SdBot-gen22 [Trj]" has been found in "D:\WINDOWS\system32\exts.exe\[ASProtect]" file.
10/09/2006 13:55:14 SYSTEM 520 Sign of "Win32:SdBot-gen22 [Trj]" has been found in "D:\WINDOWS\system32\quxqd.exe\[ASProtect]" file.
10/09/2006 13:55:16 SYSTEM 520 Sign of "Win32:SdBot-gen22 [Trj]" has been found in "D:\WINDOWS\system32\quxqd.exe\[ASProtect]" file.
10/09/2006 13:59:48 SYSTEM 520 Sign of "Win32:Rbot-BOT [Trj]" has been found in "D:\WINDOWS\system32\zdvpbok.exe" file.
10/09/2006 14:12:06 SYSTEM 520 Sign of "Win32:Rbot-BOT [Trj]" has been found in "D:\WINDOWS\system32\clgmpotr.exe" file.
10/09/2006 14:18:50 SYSTEM 520 Sign of "Win32:Rbot-BOT [Trj]" has been found in "D:\WINDOWS\system32\qmzocq.exe" file.
10/09/2006 15:11:05 SYSTEM 520 Sign of "Win32:SdBot-gen22 [Trj]" has been found in "D:\WINDOWS\system32\vloahp.exe\[ASProtect]" file.
10/09/2006 15:11:07 SYSTEM 520 Sign of "Win32:Rbot-BOT [Trj]" has been found in "D:\WINDOWS\system32\xngjde.exe" file.
10/09/2006 15:11:12 SYSTEM 520 Sign of "Win32:SdBot-gen22 [Trj]" has been found in "D:\WINDOWS\system32\vloahp.exe\[ASProtect]" file.
10/09/2006 15:16:32 SYSTEM 520 Sign of "Win32:Rbot-BOT [Trj]" has been found in "D:\WINDOWS\system32\iecilif.exe" file.
10/09/2006 15:26:29 SYSTEM 520 Sign of "Win32:Rbot-BOT [Trj]" has been found in "D:\WINDOWS\system32\qzoaa.exe" file.
10/09/2006 15:31:16 SYSTEM 520 Sign of "Win32:Rbot-BOT [Trj]" has been found in "D:\WINDOWS\system32\iazdlzb.exe" file.
10/09/2006 15:36:22 SYSTEM 520 Sign of "Win32:Rbot-BOT [Trj]" has been found in "D:\WINDOWS\system32\ozsxszk.exe" file.
10/09/2006 15:39:46 SYSTEM 520 Sign of "Win32:Rbot-BOT [Trj]" has been found in "D:\WINDOWS\system32\onemdb.exe" file.
10/09/2006 15:40:04 SYSTEM 520 Sign of "Win32:SdBot-gen22 [Trj]" has been found in "D:\WINDOWS\system32\yuoalqo.exe\[ASProtect]" file.
10/09/2006 15:40:05 SYSTEM 520 Sign of "Win32:SdBot-gen22 [Trj]" has been found in "D:\WINDOWS\system32\yuoalqo.exe\[ASProtect]" file.
10/09/2006 15:42:45 SYSTEM 520 Sign of "Win32:SdBot-gen22 [Trj]" has been found in "D:\WINDOWS\system32\jhrny.exe\[ASProtect]" file.
10/09/2006 15:42:47 SYSTEM 520 Sign of "Win32:SdBot-gen22 [Trj]" has been found in "D:\WINDOWS\system32\jhrny.exe\[ASProtect]" file.
10/09/2006 15:54:49 Administrateur 1088 Sign of "Win32:Rbot-BOT [Trj]" has been found in "D:\WINDOWS\system32\bqpl.exe" file.
10/09/2006 15:55:24 Administrateur 1088 Sign of "Win32:Rbot-BOT [Trj]" has been found in "D:\WINDOWS\system32\chziysg.exe" file.
10/09/2006 17:58:59 SYSTEM 1008 Sign of "Win32:SdBot-gen22 [Trj]" has been found in "D:\WINDOWS\system32\wgpgjang.exe\[ASProtect]" file.
10/09/2006 18:08:17 SYSTEM 1008 Sign of "Win32:SdBot-gen22 [Trj]" has been found in "D:\WINDOWS\system32\fhezkz.exe\[ASProtect]" file.
10/09/2006 18:26:04 SYSTEM 1008 Sign of "Win32:SdBot-gen22 [Trj]" has been found in "D:\WINDOWS\system32\adsypm.exe\[ASProtect]" file.
10/09/2006 20:21:03 SYSTEM 1448 Sign of "Win32:SdBot-gen22 [Trj]" has been found in "D:\WINDOWS\system32\xqtp.exe\[ASProtect]" file.
10/09/2006 20:21:37 SYSTEM 1448 Sign of "Win32:Poebot-D [Trj]" has been found in "D:\WINDOWS\system32\hesenpja.exe" file.
10/09/2006 21:10:28 SYSTEM 1448 Sign of "Win32:SdBot-3586 [Trj]" has been found in "D:\WINDOWS\system32\hmnvvb.exe" file.
10/09/2006 21:10:36 SYSTEM 1448 Sign of "Win32:Rbot-BOT [Trj]" has been found in "D:\WINDOWS\system32\yijgnlg.exe" file.
10/09/2006 21:15:25 SYSTEM 1448 Sign of "Win32:Poebot-I [Trj]" has been found in "D:\WINDOWS\system32\knfzxaml.exe" file.
10/09/2006 21:16:24 SYSTEM 1448 Sign of "Win32:Virut-B" has been found in "D:\WINDOWS\system32\ozfk.exe" file.
10/09/2006 21:21:30 SYSTEM 1448 Sign of "Win32:SdBot-3586 [Trj]" has been found in "D:\WINDOWS\system32\typtgpt.exe" file.
10/09/2006 21:22:58 SYSTEM 1448 Sign of "Win32:Sality-AB" has been found in "D:\WINDOWS\system32\pfyfp.exe" file.
10/09/2006 21:26:32 SYSTEM 1448 Sign of "Win32:Rbot-BOT [Trj]" has been found in "D:\WINDOWS\system32\bumgk.exe" file.
10/09/2006 21:26:45 SYSTEM 1448 Sign of "Win32:Virut-B" has been found in "D:\WINDOWS\system32\iohnf.exe" file.
11/09/2006 08:41:33 SYSTEM 1468 Sign of "Win32:SdBot-3586 [Trj]" has been found in "D:\WINDOWS\system32\yrxhqq.exe" file.
11/09/2006 08:41:39 SYSTEM 1468 Sign of "Win32:SdBot-3586 [Trj]" has been found in "D:\WINDOWS\system32\yrxhqq.exe" file.
11/09/2006 08:52:20 SYSTEM 1468 Sign of "Win32:SdBot-3586 [Trj]" has been found in "D:\WINDOWS\system32\cdbxne.exe" file.
11/09/2006 08:52:23 SYSTEM 1468 Sign of "Win32:SdBot-3586 [Trj]" has been found in "D:\WINDOWS\system32\cdbxne.exe" file.
11/09/2006 16:57:17 SYSTEM 1444 Sign of "Win32:Poebot-Q [Trj]" has been found in "D:\WINDOWS\system32\dcxtol.exe" file.
11/09/2006 17:20:53 SYSTEM 1444 Sign of "Win32:Poebot-Q [Trj]" has been found in "D:\WINDOWS\system32\dcxtol.exe" file.
11/09/2006 18:30:16 SYSTEM 1448 Sign of "Win32:Poebot-V [Trj]" has been found in "D:\WINDOWS\System32\explorer.exe" file.
11/09/2006 18:34:09 SYSTEM 1448 Sign of "Win32:Sality-AB" has been found in "D:\WINDOWS\system32\lgxyfnk.exe" file.
11/09/2006 18:34:30 SYSTEM 1448 Sign of "Win32:Sality-AB" has been found in "D:\WINDOWS\system32\oqpsiu.exe" file.
11/09/2006 18:36:21 SYSTEM 1448 Sign of "Win32:Rbot-BOT [Trj]" has been found in "D:\WINDOWS\system32\jgwnzpsk.exe" file.
11/09/2006 18:37:34 SYSTEM 1448 Sign of "Win32:SdBot-gen22 [Trj]" has been found in "D:\WINDOWS\system32\ahlctu.exe\[ASProtect]" file.
11/09/2006 18:37:38 SYSTEM 1448 Sign of "Win32:SdBot-gen22 [Trj]" has been found in "D:\WINDOWS\system32\ygwnmbtb.exe\[ASProtect]" file.
11/09/2006 18:41:23 SYSTEM 1448 Sign of "Win32:Poebot-C [Trj]" has been found in "D:\WINDOWS\system32\fhskaw.exe" file.
11/09/2006 18:42:17 SYSTEM 1448 Sign of "Win32:Poebot-C [Trj]" has been found in "D:\WINDOWS\system32\ypgvfgbo.exe" file.
11/09/2006 18:43:27 SYSTEM 1448 Sign of "Win32:Sality-AB" has been found in "D:\WINDOWS\system32\ogxlcoao.exe" file.
11/09/2006 18:44:20 SYSTEM 1448 Sign of "Win32:Rbot-BOT [Trj]" has been found in "D:\WINDOWS\system32\fevf.exe" file.
11/09/2006 18:44:25 SYSTEM 1448 Sign of "Win32:Sality-AB" has been found in "D:\WINDOWS\system32\gvjog.exe" file.
04/09/2006 20:10:55 SYSTEM 1444 Sign of "Win32:Poebot-V [Trj]" has been found in "D:\WINDOWS\system32\qxlvyra.exe" file.
04/09/2006 20:11:46 SYSTEM 1444 Sign of "Win32:Rbot-BOT [Trj]" has been found in "D:\WINDOWS\system32\ifuv.exe" file.
04/09/2006 21:14:23 SYSTEM 1036 Sign of "Win32:SdBot-gen22 [Trj]" has been found in "D:\WINDOWS\system32\ronx.exe\[ASProtect]" file.
04/09/2006 21:14:27 SYSTEM 1036 Sign of "Win32:SdBot-gen22 [Trj]" has been found in "D:\WINDOWS\system32\ronx.exe\[ASProtect]" file.
04/09/2006 21:17:37 SYSTEM 1036 Sign of "Win32:Poebot-I [Trj]" has been found in "D:\WINDOWS\system32\grqe.exe" file.
04/09/2006 21:17:40 SYSTEM 1036 Sign of "Win32:Poebot-I [Trj]" has been found in "D:\WINDOWS\system32\grqe.exe" file.
04/09/2006 21:39:25 SYSTEM 1036 Sign of "Win32:SdBot-gen22 [Trj]" has been found in "D:\WINDOWS\system32\mgdr.exe\[ASProtect]" file.
04/09/2006 21:39:39 SYSTEM 1036 Sign of "Win32:SdBot-gen22 [Trj]" has been found in "D:\WINDOWS\system32\mgdr.exe\[ASProtect]" file.
04/09/2006 23:52:11 SYSTEM 1036 Sign of "Win32:Rbot-BOT [Trj]" has been found in "D:\WINDOWS\system32\gaptfe.exe" file.
04/09/2006 23:52:21 SYSTEM 1036 Sign of "Win32:Rbot-BOT [Trj]" has been found in "D:\WINDOWS\system32\gaptfe.exe" file.
04/09/2006 23:55:52 SYSTEM 1036 Sign of "Win32:Rbot-BOT [Trj]" has been found in "D:\WINDOWS\system32\nykpv.exe" file.
04/09/2006 23:56:01 SYSTEM 1036 Sign of "Win32:Poebot-V [Trj]" has been found in "D:\WINDOWS\system32\qntk.exe" file.
04/09/2006 23:57:38 SYSTEM 1036 Sign of "Win32:Rbot-BOT [Trj]" has been found in "D:\WINDOWS\system32\cmdp.exe" file.
05/09/2006 00:07:45 SYSTEM 1036 Sign of "Win32:Rbot-BOT [Trj]" has been found in "D:\WINDOWS\system32\nimrqdk.exe" file.
05/09/2006 00:08:04 SYSTEM 1036 Sign of "Win32:SdBot-gen22 [Trj]" has been found in "D:\WINDOWS\system32\zvbmcw.exe\[ASProtect]" file.
05/09/2006 00:09:38 SYSTEM 1036 Sign of "Win32:Poebot-V [Trj]" has been found in "D:\WINDOWS\system32\asiao.exe" file.
05/09/2006 00:11:14 SYSTEM 1036 Sign of "Win32:Rbot-BOT [Trj]" has been found in "D:\WINDOWS\system32\wsje.exe" file.
06/09/2006 16:07:40 SYSTEM 1268 Sign of "Win32:Rbot-BOT [Trj]" has been found in "D:\WINDOWS\system32\inpx.exe" file.
06/09/2006 16:07:44 SYSTEM 1268 Sign of "Win32:Rbot-BOT [Trj]" has been found in "D:\WINDOWS\system32\inpx.exe" file.
06/09/2006 19:07:14 SYSTEM 312 Sign of "Win32:SdBot-3586 [Trj]" has been found in "D:\WINDOWS\system32\eciy.exe" file.
06/09/2006 19:11:21 SYSTEM 312 Sign of "Win32:Rbot-BOT [Trj]" has been found in "D:\WINDOWS\system32\uyzawl.exe" file.
06/09/2006 19:14:10 SYSTEM 312 Sign of "Win32:Rbot-BOT [Trj]" has been found in "D:\WINDOWS\system32\coewpfgt.exe" file.
06/09/2006 19:15:58 SYSTEM 312 Sign of "Win32:Poebot-I [Trj]" has been found in "D:\WINDOWS\system32\kiypso.exe" file.
06/09/2006 19:18:16 SYSTEM 312 Sign of "Win32:Poebot-D [Trj]" has been found in "D:\WINDOWS\system32\ktezxtp.exe" file.
06/09/2006 19:18:53 SYSTEM 312 Sign of "Win32:Poebot-I [Trj]" has been found in "D:\WINDOWS\system32\deptzuvd.exe" file.
06/09/2006 19:21:04 SYSTEM 312 Sign of "Win32:Rbot-BOT [Trj]" has been found in "D:\WINDOWS\system32\kdcyz.exe" file.

green day · Answer

re

oui, en effet, c'est pas triste ...

un grand nettoyage à l'ancienne s'impose !

# installe un parfeu ! c'est vraiment vital !

ensuite :

télécharge ceci : ( si ce n'est pas déjà fait ! )

1) Ad-Aware (gratuit) :
http://telecharger.01net.com/windows/Internet/internet_utlitaire/fiches/11643.html

2) Le patch en Français pour Ad-Aware (gratuit) :
http://telecharger.01net.com/windows/Internet/internet_utlitaire/fiches/25543.html

tuto : (merci à Moe) http://perso.wanadoo.fr/entraide-hijackthis/AdAware/AdAware.htm

3) Spybot (gratuit) :
http://telecharger.01net.com/windows/Internet/internet_utlitaire/fiches/26157.html

tuto : (merci à Ballatrap )
http://pageperso.aol.fr/Balltrap34/demo%20spybot.htm

4) A-squared (nécessite un enregistrement gratuit en ligne pour obtenir la clé d'activation) :
https://www.emsisoft.com/fr/

5) Ewido (gratuit) :
https://www.01net.com/telecharger/

tuto : (merci à Moe) http://perso.wanadoo.fr/entraide-hijackthis/Ewido/

6) CleanUp40 (qui élimine les fichiers temporaires + cookies : gratuit )
http://pageperso.aol.fr/Balltrap34/CleanUp40.exe

tuto : (merci à Balltrap) http://pageperso.aol.fr/balltrap34/democleanup.htm

mets tout à jour,lance les scans en mode sans echec : pour cela redemarre en appuillant sur le touche F8 ou F5

ensuite reposte un nouveau hijackthis et precise tes soucis s'il en reste

@+

Franckyll · Answer

Voila , j'ai fait tout les scan demandés etc, et il semble que le message d'erreur ainsi que le reboot n'apparait plus, je joint le Hijack!

Logfile of HijackThis v1.99.1
Scan saved at 01:33:34, on 09/09/2006
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2600.0000)

Running processes:
D:\WINDOWS\system32\Ati2evxx.exe
D:\WINDOWS\Explorer.EXE
D:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
D:\PROGRA~1\Avast4\ashDisp.exe
D:\WINDOWS\System32\LVCOMSX.EXE
D:\Program Files\Logitech\Video\LogiTray.exe
D:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
D:\WINDOWS\System32\ctfmon.exe
D:\Program Files\Logitech\Video\FxSvr2.exe
D:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
D:\Program Files\MSN Messenger\msnmsgr.exe
D:\Program Files\Internet Explorer\iexplore.exe
D:\Documents and Settings\Ordi\Bureau\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - d:\program files\google\googletoolbar2.dll
O2 - BHO: FlashFXP Helper for Internet Explorer - {E5A1691B-D188-4419-AD02-90002030B8EE} - D:\PROGRA~1\FlashFXP\IEFlash.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - D:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - d:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [TkBellExe] "D:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [avast!] D:\PROGRA~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [AtiPTA] atiptaxx.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] D:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [LVCOMSX] D:\WINDOWS\System32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] D:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] D:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [NeroFilterCheck] D:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [Local Security Authority Service] D:\WINDOWS\System32\lssas.exe
O4 - HKLM\..\Run: [!ewido] "D:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
O4 - HKCU\..\Run: [MSMSGS] "D:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "D:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [SpybotSD TeaTimer] D:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [CTFMON.EXE] D:\WINDOWS\System32\ctfmon.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - D:\PROGRA~1\SPYWAR~2\tools\iesdpb.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://download.ewido.net/ewidoOnlineScan.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{08F55E98-3902-45CE-A6BC-07880BFFD54D}: NameServer = 84.103.237.144 86.64.145.144
O17 - HKLM\System\CCS\Services\Tcpip\..\{F0EA4D12-8C69-46ED-9585-BA2EA967C3E4}: NameServer = 86.64.145.140,84.103.237.140
O17 - HKLM\System\CS1\Services\Tcpip\..\{08F55E98-3902-45CE-A6BC-07880BFFD54D}: NameServer = 84.103.237.144 86.64.145.144
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "D:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - AppInit_DLLs: d:\windows\system32\wmfhotfix.dll MsgPlusLoader.dll
O20 - Winlogon Notify: WRNotifier - D:\WINDOWS\SYSTEM32\WRLogonNTF.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - D:\Program Files\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - D:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - D:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - Unknown owner - D:\Program Files\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - D:\Program Files\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - D:\Program Files\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - D:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: Sunbelt Kerio Personal Firewall 4 (KPF4) - Sunbelt Software - D:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
O23 - Service: NBService - Nero AG - D:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: PC Tools Spyware Doctor (SDhelper) - PC Tools Research Pty Ltd - D:\Program Files\Spyware Doctor\sdhelp.exe
O23 - Service: Webroot Spy Sweeper Engine (svcWRSSSDK) - Webroot Software, Inc. - D:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe

green day · Answer

Salut ok, j'ai l'impression que ce rapport à était fait en mode sans echec, si c'est bien le cas, refais en un en mode normal et poste le stp++

[Virus] Infecté par TrojanS

7 réponses

Votre réponse

Discussions similaires

Newsletters