Sujet Précédent Sujet Suivant

Probleme de virus choppé sur msn

Résolu/Fermé
gregouls Messages postés 67 Date d'inscription lundi 21 janvier 2008 Statut Membre Dernière intervention 12 juin 2011 - 21 janv. 2008 à 15:41
 Utilisateur anonyme - 26 janv. 2008 à 15:05
Bonjour,
J'ai choppé un virus sur msn qui m'ennui vraiment et je suis pas le seul! j'aurai aimé qq soluce pour pouvoir m'en debarrasser je le retrouve sous des noms differents a chaque fois ( ex: win32:Small-IKZ[trj] ) et plein d'autre merci d'avance G
A voir également:

46 réponses

Précédent
Réponse 21 / 46
Pi_Xi Messages postés 2244 Date d'inscription samedi 24 mars 2007 Statut Membre Dernière intervention 22 janvier 2016 149
21 janv. 2008 à 20:06
ok, fais un scan avec Avast et poste le rapport stp ^^

On verra plus tard le log HiJack.
0
Utilisateur anonyme
21 janv. 2008 à 20:12
Lut'

Mon ombre ^^

Un scan avec A-squared ? non ? :)

********************

Télécharge A-squared lance-le et choisi l'option ' scan lent ' et supprime tout ce qu'il trouve.

********************

Parce que Avast ... :/

A pluch ! =)
0
Pi_Xi Messages postés 2244 Date d'inscription samedi 24 mars 2007 Statut Membre Dernière intervention 22 janvier 2016 149 > Utilisateur anonyme
21 janv. 2008 à 20:22
Coucou toi !

non non mon ombre, c'est bien avec Avast pour récupérer les messages d'erreur en question, faut suivre un peu ^^

++
0
Utilisateur anonyme > Pi_Xi Messages postés 2244 Date d'inscription samedi 24 mars 2007 Statut Membre Dernière intervention 22 janvier 2016
21 janv. 2008 à 20:29
How...

En plus c'était le post juste au dessus :S

J'ai honte ^^'

A pluch
0
Pi_Xi Messages postés 2244 Date d'inscription samedi 24 mars 2007 Statut Membre Dernière intervention 22 janvier 2016 149 > Utilisateur anonyme
21 janv. 2008 à 20:31
oui tu peux ! :oP

Retourne jouer dans ta chambre avec ton carambar géant ! ^^

(pas trop méchante la punition)
0
Réponse 22 / 46
gregouls Messages postés 67 Date d'inscription lundi 21 janvier 2008 Statut Membre Dernière intervention 12 juin 2011
21 janv. 2008 à 20:14
voila un nouveau rapport G


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:13:52, on 21/01/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
D:\Program Files\avast2006\aswUpdSv.exe
D:\Program Files\avast2006\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
D:\Program Files\Winamp2\winampa.exe
C:\WINDOWS\System32\LVCOMSX.EXE
C:\WINDOWS\ALCXMNTR.EXE
C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Common Files\PCSuite\DataLayer\DataLayer.exe
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
D:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
D:\PROGRA~1\AVAST2~1\ashDisp.exe
D:\Program Files\ZoneAlarm essaijanvier2007 15 jrs gratos\zlclient.exe
C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\WINDOWS\System32\FTRTSVC.exe
C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
C:\PROGRA~1\COMMON~1\PCSuite\Services\SERVIC~1.EXE
C:\PROGRA~1\Wanadoo\GestionnaireInternet.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\PROGRA~1\Wanadoo\ComComp.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\PROGRA~1\Wanadoo\Toaster.exe
C:\PROGRA~1\Wanadoo\Inactivity.exe
C:\PROGRA~1\Wanadoo\PollingModule.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\WINDOWS\system32\svchost.exe
D:\Program Files\avast2006\ashMaiSv.exe
D:\Program Files\avast2006\ashWebSv.exe
D:\PROGRA~1\ZONEAL~2\MAILFR~1\mantispm.exe
C:\PROGRA~1\Wanadoo\Watch.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Java\jre1.5.0_10\bin\jucheck.exe
C:\WINDOWS\UbiSoft\SetupUbi.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - d:\program files\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O2 - BHO: e404 helper - {F10587E9-0E47-4CBE-84AE-7DD20B8684CC} - C:\Program Files\Helper\superfindout.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [WinampAgent] D:\Program Files\Winamp2\winampa.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\System32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [DataLayer] C:\Program Files\Common Files\PCSuite\DataLayer\DataLayer.exe
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -onlytray
O4 - HKLM\..\Run: [HP Software Update] D:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [avast!] D:\PROGRA~1\AVAST2~1\ashDisp.exe
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [SweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
O4 - HKLM\..\Run: [ZoneAlarm Client] "D:\Program Files\ZoneAlarm essaijanvier2007 15 jrs gratos\zlclient.exe"
O4 - HKLM\..\RunOnce: [srcDir] C:\Program Files\BT Voyager 100 ADSL Modem\uninstall.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [MSKAGENTEXE] C:\PROGRA~1\McAfee\SPAMKI~1\MSKAgent.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [WOOKIT] C:\Program Files\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx
O4 - HKCU\..\Run: [SweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
O4 - HKCU\..\Run: [msnmsgr] ~"C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX Player) - https://www.cult3d.com/
O16 - DPF: {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} (QDiagAOLCCUpdateObj Class) - http://aolcc.aolsvc.aol.co.uk/computercheckup/qdiagcc.cab
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - http://download.mcafee.com/molbin/shared/mcinsctl/4,0,0,99/mcinsctl.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {7F8C8173-AD80-4807-AA75-5672F22B4582} (ICSScanner Class) - http://download.zonelabs.com/bin/promotions/spywaredetector/ICSScanner371420.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {A9FD89D6-C839-11D3-B0FE-0050044B8FE9} (OBInstallRunner Control) - http://www.opinionbar.com/download/resources/OBInstallCabinet.CAB
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://jeuxenligne.orange.fr/Gameshell/GameHost/1.0/OberonGameHost.cab
O23 - Service: AOL Spyware Protection Service (AOLService) - Unknown owner - C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\\aolserv.exe (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - D:\Program Files\avast2006\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - D:\Program Files\avast2006\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - D:\Program Files\avast2006\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - D:\Program Files\avast2006\ashWebSv.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
0
Réponse 23 / 46
gregouls Messages postés 67 Date d'inscription lundi 21 janvier 2008 Statut Membre Dernière intervention 12 juin 2011
21 janv. 2008 à 20:15
merci des conseils mais kes ke je fais?
0
Réponse 24 / 46
gregouls Messages postés 67 Date d'inscription lundi 21 janvier 2008 Statut Membre Dernière intervention 12 juin 2011
21 janv. 2008 à 20:17
il fo que je coupe avast donc.?
0
Utilisateur anonyme
21 janv. 2008 à 20:19
Attends Pi_XI avant de prendre des initiatives ;)
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 25 / 46
gregouls Messages postés 67 Date d'inscription lundi 21 janvier 2008 Statut Membre Dernière intervention 12 juin 2011
21 janv. 2008 à 20:23
ok merci
0
Réponse 26 / 46
Pi_Xi Messages postés 2244 Date d'inscription samedi 24 mars 2007 Statut Membre Dernière intervention 22 janvier 2016 149
21 janv. 2008 à 20:24
Fais ce que je t'ai demandé stp, un scan avec Avast, je veux voir le rapport ^^
0
Réponse 27 / 46
gregouls Messages postés 67 Date d'inscription lundi 21 janvier 2008 Statut Membre Dernière intervention 12 juin 2011
21 janv. 2008 à 20:27
no prob ca marche je te suis! seulement le disque C ?
0
Pi_Xi Messages postés 2244 Date d'inscription samedi 24 mars 2007 Statut Membre Dernière intervention 22 janvier 2016 149
21 janv. 2008 à 20:28
Fais tout tant qu'à faire ;o)

Après on désinstallera Helper, j'ai oublié cette manip ...

++
0
Réponse 28 / 46
gregouls Messages postés 67 Date d'inscription lundi 21 janvier 2008 Statut Membre Dernière intervention 12 juin 2011
21 janv. 2008 à 21:46
ya encore qq'un? le scan est terminé . comment je fais pour te montrer le resultat
0
Pi_Xi Messages postés 2244 Date d'inscription samedi 24 mars 2007 Statut Membre Dernière intervention 22 janvier 2016 149
21 janv. 2008 à 23:04
non j'étais pas là, dsl...

Fallait copier-coller le résultat ;o)
0
Réponse 29 / 46
gregouls Messages postés 67 Date d'inscription lundi 21 janvier 2008 Statut Membre Dernière intervention 12 juin 2011
21 janv. 2008 à 22:01
g encore 3 virus apparement mais ke faire ....ca je ne sais point? si tu peux encore me donner 2 ou 3 bons conseils. ++ G
0
Pi_Xi Messages postés 2244 Date d'inscription samedi 24 mars 2007 Statut Membre Dernière intervention 22 janvier 2016 149
21 janv. 2008 à 23:04
mais pour pouvoir t'aider j'ai BESOIN de ce rapport d'Avast !!

@suivre demain ^^
0
Réponse 30 / 46
gregouls Messages postés 67 Date d'inscription lundi 21 janvier 2008 Statut Membre Dernière intervention 12 juin 2011
23 janv. 2008 à 11:11
salut PI_XI j'ai fé mon scan d'avast mais je ne sais pas comment te faire parvenir le rapport d'avast. peux tu me dire kommen faire? merci G
0
Réponse 31 / 46
gregouls Messages postés 67 Date d'inscription lundi 21 janvier 2008 Statut Membre Dernière intervention 12 juin 2011
23 janv. 2008 à 11:15
tiens g ca si tu veux si ca te dit qq chose

21/01/2008 20:53:36 greg 3524 Sign of "Win32:Agent-JDR [Trj]" has been found in "C:\System Volume Information\_restore{AE994CB1-FC45-4B63-A279-0587EF909ED3}\RP737\A0123466.exe" file.
21/01/2008 20:53:17 greg 3524 Sign of "Win32:Agent-JDR [Trj]" has been found in "C:\System Volume Information\_restore{AE994CB1-FC45-4B63-A279-0587EF909ED3}\RP737\A0123272.exe" file.
21/01/2008 20:33:19 greg 3524 Sign of "Win32:Agent-JDR [Trj]" has been found in "C:\Documents and Settings\greg.BOURRIQUET\Local Settings\Temporary Internet Files\Content.IE5\7ANL9TBF\ddos[2].txt" file.
21/01/2008 20:31:19 greg 3524 Sign of "Win32:Agent-JDR [Trj]" has been found in "C:\Documents and Settings\greg.BOURRIQUET\Desktop\MSNFix\21012008_15533812.zip\backup\d.exe" file.
21/01/2008 19:53:49 SYSTEM 1288 Sign of "Win32:Agent-JDR [Trj]" has been found in "C:\windows\system32\msvcrtd.exe" file.
21/01/2008 19:10:15 SYSTEM 1288 Sign of "Win32:Agent-JDR [Trj]" has been found in "C:\windows\system32\msvcrtd.exe" file.
21/01/2008 17:50:36 SYSTEM 1292 Sign of "Win32:Agent-NJB [Trj]" has been found in "C:\DOCUME~1\GREG~1.BOU\LOCALS~1\Temp\tmp82" file.
21/01/2008 17:50:15 SYSTEM 1292 Sign of "Win32:Agent-NJB [Trj]" has been found in "C:\DOCUME~1\GREG~1.BOU\LOCALS~1\Temp\tmp17" file.
21/01/2008 17:50:03 SYSTEM 1292 Sign of "Win32:Agent-LNK [Wrm]" has been found in "C:\DOCUME~1\GREG~1.BOU\LOCALS~1\Temp\tmp14" file.
21/01/2008 17:30:12 SYSTEM 1292 Sign of "Win32:Tiny-II [Trj]" has been found in "C:\DOCUME~1\GREG~1.BOU\LOCALS~1\Temp\tmp8" file.
21/01/2008 17:29:46 SYSTEM 1292 Sign of "Win32:Tiny-II [Trj]" has been found in "C:\DOCUME~1\GREG~1.BOU\LOCALS~1\Temp\tmp7" file.
21/01/2008 17:09:09 SYSTEM 1292 Sign of "Win32:Inject-EV [Trj]" has been found in "C:\DOCUME~1\GREG~1.BOU\LOCALS~1\Temp\qjdgoklmET.dll" file.
21/01/2008 16:57:50 SYSTEM 1292 Sign of "Win32:Inject-EV [Trj]" has been found in "C:\DOCUME~1\GREG~1.BOU\LOCALS~1\Temp\qjdgoklmET.dll" file.
21/01/2008 16:09:34 SYSTEM 1292 Sign of "Win32:Agent-NJB [Trj]" has been found in "C:\WINDOWS\system32\drivers\ip6fw.sys" file.
21/01/2008 15:52:46 SYSTEM 1292 Sign of "Win32:Agent-JDR [Trj]" has been found in "C:\windows\system32\msvcrtd.exe" file.
21/01/2008 15:48:13 greg 1532 Sign of "Win32:Agent-NGJ [Wrm]" has been found in "http://208.66.195.15/40e800144a333756464a565a2020202020202020202020206c0000007b66000000007600000002" file.
21/01/2008 15:21:33 greg 1532 Sign of "Win32:Agent-JDR [Trj]" has been found in "C:\d.exe" file.
21/01/2008 15:19:52 greg 1532 Sign of "Win32:Agent-NGJ [Wrm]" has been found in "http://208.66.195.71/40e800144a333756464a565a2020202020202020202020206c0000007b66000000007600000002" file.
21/01/2008 15:18:54 greg 1532 Sign of "Win32:Agent-MEB [Trj]" has been found in "C:\WINDOWS\System32\drivers\runtime.sys" file.
21/01/2008 15:18:18 greg 1532 Sign of "Win32:Tiny-II [Trj]" has been found in "C:\Documents and Settings\greg.BOURRIQUET\Local Settings\Temporary Internet Files\Content.IE5\WXEBSDAB\eixnlapsu[1].htm" file.
21/01/2008 15:18:09 greg 1532 Sign of "Win32:Agent-NJB [Trj]" has been found in "C:\WINDOWS\system32\drivers\ip6fw.sys" file.
21/01/2008 15:17:28 greg 1532 Sign of "Win32:Tiny-II [Trj]" has been found in "C:\Documents and Settings\greg.BOURRIQUET\Local Settings\Temporary Internet Files\Content.IE5\OPE3ST0P\niushkmpx[1].htm" file.
21/01/2008 14:28:36 greg 7184 Sign of "Win32:Wopla-AF [Trj]" has been found in "c:\bhij.exe" file.
21/01/2008 14:08:31 SYSTEM 1296 Sign of "Win32:Agent-NGJ [Wrm]" has been found in "http://208.66.195.71/40e800144a333756464a565a2020202020202020202020206c0000007b66000000007600000002" file.
21/01/2008 14:08:13 SYSTEM 1296 Sign of "Win32:Agent-MEB [Trj]" has been found in "C:\WINDOWS\System32\drivers\runtime.sys" file.
21/01/2008 14:08:07 SYSTEM 1296 Sign of "Win32:Agent-MEB [Trj]" has been found in "C:\WINDOWS\System32\drivers\runtime.sys" file.
21/01/2008 14:07:58 SYSTEM 1296 Sign of "Win32:Tiny-II [Trj]" has been found in "C:\Documents and Settings\greg.BOURRIQUET\Local Settings\Temporary Internet Files\Content.IE5\WH0PU381\eixnlapsu[1].htm" file.
21/01/2008 14:07:04 SYSTEM 1296 Sign of "Win32:Agent-NJB [Trj]" has been found in "C:\WINDOWS\system32\drivers\ip6fw.sys" file.
21/01/2008 13:44:55 SYSTEM 1296 Sign of "Win32:Daemonize-AC [Trj]" has been found in "C:\Documents and Settings\greg.BOURRIQUET\lavytr.exe\[UPX]" file.
21/01/2008 13:44:34 SYSTEM 1296 Sign of "Win32:Daemonize-AC [Trj]" has been found in "C:\Documents and Settings\greg.BOURRIQUET\Local Settings\Temporary Internet Files\Content.IE5\U465ZX88\dima[1].exe\[UPX]" file.
21/01/2008 13:37:46 SYSTEM 1296 Sign of "Win32:Agent-LNK [Wrm]" has been found in "C:\WINDOWS\system32\drivers\smtpdrv.sys" file.
21/01/2008 12:13:53 greg 1332 Sign of "Win32:Agent-NGJ [Wrm]" has been found in "http://208.66.194.180/40e800144a333756464a565a2020202020202020202020206c0000007b66000000007600000002" file.
21/01/2008 12:13:46 greg 1332 Sign of "Win32:Tiny-II [Trj]" has been found in "C:\Documents and Settings\greg.BOURRIQUET\Local Settings\Temporary Internet Files\Content.IE5\U465ZX88\eixnlapsu[1].htm" file.
21/01/2008 12:05:58 greg 1332 Sign of "Win32:Agent-LNK [Wrm]" has been found in "C:\WINDOWS\system32\drivers\smtpdrv.sys" file.
21/01/2008 12:05:07 greg 1332 Sign of "Win32:Daemonize-AC [Trj]" has been found in "C:\Documents and Settings\greg.BOURRIQUET\jtpath.exe\[UPX]" file.
21/01/2008 12:03:52 greg 1332 Sign of "Win32:Daemonize-AC [Trj]" has been found in "C:\Documents and Settings\greg.BOURRIQUET\Local Settings\Temporary Internet Files\Content.IE5\WXEBSDAB\dima[1].exe\[UPX]" file.
21/01/2008 12:00:18 greg 1272 Sign of "Win32:Agent-NGJ [Wrm]" has been found in "http://208.66.195.71/40e800144a333756464a565a2020202020202020202020206c0000007b66000000007600000002" file.
21/01/2008 12:00:06 greg 1272 Sign of "Win32:Agent-MEB [Trj]" has been found in "C:\WINDOWS\System32\drivers\runtime.sys" file.
21/01/2008 11:59:48 greg 1272 Sign of "Win32:Tiny-II [Trj]" has been found in "C:\Documents and Settings\greg.BOURRIQUET\Local Settings\Temporary Internet Files\Content.IE5\WXEBSDAB\eixnlapsu[1].htm" file.
21/01/2008 11:59:36 greg 1272 Sign of "Win32:Agent-NJB [Trj]" has been found in "C:\WINDOWS\system32\drivers\ip6fw.sys" file.
21/01/2008 11:09:13 greg 1272 Sign of "Win32:Daemonize-AC [Trj]" has been found in "C:\Documents and Settings\greg.BOURRIQUET\unzfwk.exe\[UPX]" file.
21/01/2008 11:07:18 greg 1272 Sign of "Win32:Daemonize-AC [Trj]" has been found in "C:\Documents and Settings\greg.BOURRIQUET\Local Settings\Temporary Internet Files\Content.IE5\WXEBSDAB\dima[1].exe\[UPX]" file.
17/01/2008 18:34:28 greg 1264 Sign of "Win32:Small-IKZ [Trj]" has been found in "C:\Documents and Settings\greg.BOURRIQUET\genbem.exe\[UPX]" file.
17/01/2008 18:34:16 greg 1264 Sign of "Win32:Small-IKZ [Trj]" has been found in "C:\Documents and Settings\greg.BOURRIQUET\wsabuh.exe\[UPX]" file.
17/01/2008 18:33:25 greg 1264 Sign of "Win32:Small-IKZ [Trj]" has been found in "C:\Documents and Settings\greg.BOURRIQUET\jxihku.exe\[UPX]" file.
17/01/2008 18:28:05 greg 1264 Sign of "Win32:Small-IKZ [Trj]" has been found in "C:\Documents and Settings\greg.BOURRIQUET\qwlfng.exe\[UPX]" file.
17/01/2008 18:27:53 greg 1264 Sign of "Win32:Small-IKZ [Trj]" has been found in "C:\Documents and Settings\greg.BOURRIQUET\qzmqhh.exe\[UPX]" file.
17/01/2008 18:18:00 greg 1264 Sign of "Win32:Small-IKZ [Trj]" has been found in "C:\Documents and Settings\greg.BOURRIQUET\qcmexk.exe\[UPX]" file.
17/01/2008 17:51:58 greg 1264 Sign of "Win32:Small-IKZ [Trj]" has been found in "C:\Documents and Settings\greg.BOURRIQUET\saohkr.exe\[UPX]" file.
17/01/2008 17:51:28 greg 1264 Sign of "Win32:Small-IKZ [Trj]" has been found in "C:\Documents and Settings\greg.BOURRIQUET\awpfvg.exe\[UPX]" file.
17/01/2008 17:51:15 greg 1264 Sign of "Win32:Small-IKZ [Trj]" has been found in "C:\Documents and Settings\greg.BOURRIQUET\kbfbck.exe\[UPX]" file.
17/01/2008 17:51:12 greg 1264 Sign of "Win32:Small-IKZ [Trj]" has been found in "C:\Documents and Settings\greg.BOURRIQUET\flpmkj.exe\[UPX]" file.
17/01/2008 17:50:59 greg 1264 Sign of "Win32:Small-IKZ [Trj]" has been found in "C:\Documents and Settings\greg.BOURRIQUET\jwakfm.exe\[UPX]" file.
17/01/2008 17:50:53 greg 1264 Sign of "Win32:Small-IKZ [Trj]" has been found in "C:\Documents and Settings\greg.BOURRIQUET\mzmsfx.exe\[UPX]" file.
17/01/2008 17:50:47 greg 1264 Sign of "Win32:Small-IKZ [Trj]" has been found in "C:\Documents and Settings\greg.BOURRIQUET\rdvxhe.exe\[UPX]" file.
17/01/2008 17:49:18 greg 1264 Sign of "Win32:Small-IKZ [Trj]" has been found in "C:\Documents and Settings\greg.BOURRIQUET\gohqho.exe\[UPX]" file.
17/01/2008 15:44:54 greg 1264 Sign of "Win32:Small-IKZ [Trj]" has been found in "C:\Documents and Settings\greg.BOURRIQUET\jbygrz.exe\[UPX]" file.
17/01/2008 15:44:30 greg 1264 Sign of "Win32:Small-IKZ [Trj]" has been found in "C:\Documents and Settings\greg.BOURRIQUET\jwakfm.exe\[UPX]" file.
17/01/2008 15:44:10 greg 1264 Sign of "Win32:Small-IKZ [Trj]" has been found in "C:\Documents and Settings\greg.BOURRIQUET\dfjkly.exe\[UPX]" file.
17/01/2008 15:43:32 greg 1264 Sign of "Win32:Small-IKZ [Trj]" has been found in "C:\Documents and Settings\greg.BOURRIQUET\qocdep.exe\[UPX]" file.
17/01/2008 15:43:21 greg 1264 Sign of "Win32:Small-IKZ [Trj]" has been found in "C:\Documents and Settings\greg.BOURRIQUET\aiguip.exe\[UPX]" file.
17/01/2008 15:43:08 greg 1264 Sign of "Win32:Small-IKZ [Trj]" has been found in "C:\Documents and Settings\greg.BOURRIQUET\vrxuob.exe\[UPX]" file.
17/01/2008 15:42:57 greg 1264 Sign of "Win32:Small-IKZ [Trj]" has been found in "C:\Documents and Settings\greg.BOURRIQUET\lgyeij.exe\[UPX]" file.
17/01/2008 15:42:43 greg 1264 Sign of "Win32:Small-IKZ [Trj]" has been found in "C:\Documents and Settings\greg.BOURRIQUET\fsqyus.exe\[UPX]" file.
17/01/2008 15:42:22 greg 1264 Sign of "Win32:Small-IKZ [Trj]" has been found in "C:\Documents and Settings\greg.BOURRIQUET\fzdcux.exe\[UPX]" file.
17/01/2008 14:53:28 greg 1264 Sign of "Win32:Small-IKZ [Trj]" has been found in "C:\Documents and Settings\greg.BOURRIQUET\ckovaw.exe\[UPX]" file.
17/01/2008 14:49:18 greg 1264 Sign of "Win32:Small-IKZ [Trj]" has been found in "C:\Documents and Settings\greg.BOURRIQUET\rzkbka.exe\[UPX]" file.
17/01/2008 14:45:09 greg 1264 Sign of "Win32:Small-IKZ [Trj]" has been found in "C:\Documents and Settings\greg.BOURRIQUET\lttgyq.exe\[UPX]" file.
17/01/2008 14:40:58 greg 1264 Sign of "Win32:Small-IKZ [Trj]" has been found in "C:\Documents and Settings\greg.BOURRIQUET\bmofki.exe\[UPX]" file.
17/01/2008 14:36:48 greg 1264 Sign of "Win32:Small-IKZ [Trj]" has been found in "C:\Documents and Settings\greg.BOURRIQUET\gxlksp.exe\[UPX]" file.
17/01/2008 14:32:38 greg 1264 Sign of "Win32:Small-IKZ [Trj]" has been found in "C:\Documents and Settings\greg.BOURRIQUET\wizjei.exe\[UPX]" file.
17/01/2008 14:28:28 greg 1264 Sign of "Win32:Small-IKZ [Trj]" has been found in "C:\Documents and Settings\greg.BOURRIQUET\ibuwgr.exe\[UPX]" file.
17/01/2008 14:24:18 greg 1264 Sign of "Win32:Small-IKZ [Trj]" has been found in "C:\Documents and Settings\greg.BOURRIQUET\ddlkuh.exe\[UPX]" file.
17/01/2008 14:20:07 greg 1264 Sign of "Win32:Small-IKZ [Trj]" has been found in "C:\Documents and Settings\greg.BOURRIQUET\soxdna.exe\[UPX]" file.
17/01/2008 14:15:57 greg 1264 Sign of "Win32:Small-IKZ [Trj]" has been found in "C:\Documents and Settings\greg.BOURRIQUET\flddsf.exe\[UPX]" file.
17/01/2008 14:11:47 greg 1264 Sign of "Win32:Small-IKZ [Trj]" has been found in "C:\Documents and Settings\greg.BOURRIQUET\kmckch.exe\[UPX]" file.
17/01/2008 14:07:36 greg 1264 Sign of "Win32:Small-IKZ [Trj]" has been found in "C:\Documents and Settings\greg.BOURRIQUET\swopcl.exe\[UPX]" file.
17/01/2008 14:03:26 greg 1264 Sign of "Win32:Small-IKZ [Trj]" has been found in "C:\Documents and Settings\greg.BOURRIQUET\fmyyci.exe\[UPX]" file.
17/01/2008 13:59:16 greg 1264 Sign of "Win32:Small-IKZ [Trj]" has been found in "C:\Documents and Settings\greg.BOURRIQUET\rvrivz.exe\[UPX]" file.
17/01/2008 13:55:06 greg 1264 Sign of "Win32:Small-IKZ [Trj]" has been found in "C:\Documents and Settings\greg.BOURRIQUET\cmsmdb.exe\[UPX]" file.
17/01/2008 13:50:56 greg 1264 Sign of "Win32:Small-IKZ [Trj]" has been found in "C:\Documents and Settings\greg.BOURRIQUET\guefhm.exe\[UPX]" file.
17/01/2008 13:46:49 greg 1264 Sign of "Win32:Small-IKZ [Trj]" has been found in "C:\Documents and Settings\greg.BOURRIQUET\yppnat.exe\[UPX]" file.
17/01/2008 13:42:36 greg 1264 Sign of "Win32:Small-IKZ [Trj]" has been found in "C:\Documents and Settings\greg.BOURRIQUET\wpookg.exe\[UPX]" file.
17/01/2008 13:38:27 greg 1264 Sign of "Win32:Small-IKZ [Trj]" has been found in "C:\Documents and Settings\greg.BOURRIQUET\qcszhq.exe\[UPX]" file.
17/01/2008 13:34:16 greg 1264 Sign of "Win32:Small-IKZ [Trj]" has been found in "C:\Documents and Settings\greg.BOURRIQUET\soacft.exe\[UPX]" file.
17/01/2008 13:30:06 greg 1264 Sign of "Win32:Small-IKZ [Trj]" has been found in "C:\Documents and Settings\greg.BOURRIQUET\durlxw.exe\[UPX]" file.
17/01/2008 13:25:56 greg 1264 Sign of "Win32:Small-IKZ [Trj]" has been found in "C:\Documents and Settings\greg.BOURRIQUET\inoylz.exe\[UPX]" file.
17/01/2008 13:21:46 greg 1264 Sign of "Win32:Small-IKZ [Trj]" has been found in "C:\Documents and Settings\greg.BOURRIQUET\pinjlg.exe\[UPX]" file.
17/01/2008 13:19:12 greg 1264 Sign of "Win32:Small-IKZ [Trj]" has been found in "C:\Documents and Settings\greg.BOURRIQUET\ahpnmc.exe\[UPX]" file.
17/01/2008 13:19:03 greg 1264 Sign of "Win32:Small-IKZ [Trj]" has been found in "C:\Documents and Settings\greg.BOURRIQUET\eezlqn.exe\[UPX]" file.
17/01/2008 13:18:56 greg 1264 Sign of "Win32:Small-IKZ [Trj]" has been found in "C:\Documents and Settings\greg.BOURRIQUET\podoli.exe\[UPX]" file.
17/01/2008 13:18:50 greg 1264 Sign of "Win32:Small-IKZ [Trj]" has been found in "C:\Documents and Settings\greg.BOURRIQUET\ecbmhx.exe\[UPX]" file.
17/01/2008 13:18:41 greg 1264 Sign of "Win32:Small-IKZ [Trj]" has been found in "C:\Documents and Settings\greg.BOURRIQUET\wqcpuk.exe\[UPX]" file.
17/01/2008 12:56:45 greg 1264 Sign of "Win32:Small-IKZ [Trj]" has been found in "C:\Documents and Settings\greg.BOURRIQUET\tbnibb.exe\[UPX]" file.
17/01/2008 12:52:36 greg 1264 Sign of "Win32:Small-IKZ [Trj]" has been found in "C:\Documents and Settings\greg.BOURRIQUET\yvutuq.exe\[UPX]" file.
17/01/2008 12:48:25 greg 1264 Sign of "Win32:Small-IKZ [Trj]" has been found in "C:\Documents and Settings\greg.BOURRIQUET\qxoslk.exe\[UPX]" file.
17/01/2008 12:44:15 greg 1264 Sign of "Win32:Small-IKZ [Trj]" has been found in "C:\Documents and Settings\greg.BOURRIQUET\fbipth.exe\[UPX]" file.
17/01/2008 12:40:04 greg 1264 Sign of "Win32:Small-IKZ [Trj]" has been found in "C:\Documents and Settings\greg.BOURRIQUET\xdlfkb.exe\[UPX]" file.
17/01/2008 12:35:57 greg 1264 Sign of "Win32:Small-IKZ [Trj]" has been found in "C:\Documents and Settings\greg.BOURRIQUET\ksueuj.exe\[UPX]" file.
17/01/2008 12:33:20 greg 3208 Sign of "Win32:Small-IKZ [Trj]" has been found in "C:\Documents and Settings\greg.BOURRIQUET\Local Settings\Temporary Internet Files\Content.IE5\IRCVVKTK\a[1].exe\[UPX]" file.
17/01/2008 12:31:46 greg 1264 Sign of "Win32:Small-IKZ [Trj]" has been found in "C:\Documents and Settings\greg.BOURRIQUET\swkeae.exe\[UPX]" file.
17/01/2008 12:27:34 greg 1264 Sign of "Win32:Small-IKZ [Trj]" has been found in "C:\Documents and Settings\greg.BOURRIQUET\advddq.exe\[UPX]" file.
17/01/2008 12:23:24 greg 1264 Sign of "Win32:Small-IKZ [Trj]" has been found in "C:\Documents and Settings\greg.BOURRIQUET\xwcoqq.exe\[UPX]" file.
17/01/2008 12:22:42 greg 3208 Function setifaceUpdateFiles() has failed. Return code is 0x20000011, dwRes is 20000011.
17/01/2008 12:19:40 greg 1264 Sign of "Win32:Small-IKZ [Trj]" has been found in "C:\Documents and Settings\greg.BOURRIQUET\cpagps.exe\[UPX]" file.
17/01/2008 12:19:35 greg 1264 Sign of "Win32:Small-IKZ [Trj]" has been found in "C:\Documents and Settings\greg.BOURRIQUET\Local Settings\Temporary Internet Files\Content.IE5\IRCVVKTK\a[1].exe\[UPX]" file.
17/01/2008 12:15:43 greg 1264 Sign of "Win32:Small-IKZ [Trj]" has been found in "C:\Documents and Settings\greg.BOURRIQUET\geuczx.exe\[UPX]" file.
17/01/2008 12:15:28 greg 1264 Sign of "Win32:Small-IKZ [Trj]" has been found in "C:\Documents and Settings\greg.BOURRIQUET\Local Settings\Temporary Internet Files\Content.IE5\WH0PU381\a[1].exe\[UPX]" file.
17/01/2008 12:11:20 greg 1264 Sign of "Win32:Small-IKZ [Trj]" has been found in "C:\Documents and Settings\greg.BOURRIQUET\yzyqmj.exe\[UPX]" file.
17/01/2008 12:11:02 greg 1264 Sign of "Win32:Small-IKZ [Trj]" has been found in "C:\Documents and Settings\greg.BOURRIQUET\Local Settings\Temporary Internet Files\Content.IE5\IRCVVKTK\a[1].exe\[UPX]" file.
16/01/2008 18:15:44 greg 1260 Sign of "Win32:Small-IKZ [Trj]" has been found in "C:\Documents and Settings\greg.BOURRIQUET\hkgqjo.exe\[UPX]" file.
16/01/2008 18:15:44 greg 1260 Sign of "Win32:Small-IKZ [Trj]" has been found in "C:\Documents and Settings\greg.BOURRIQUET\hkgqjo.exe\[UPX]" file.
16/01/2008 18:15:44 greg 1260 Sign of "Win32:Small-IKZ [Trj]" has been found in "C:\Documents and Settings\greg.BOURRIQUET\hkgqjo.exe\[UPX]" file.
16/01/2008 18:15:44 greg 1260 Sign of "Win32:Small-IKZ [Trj]" has been found in "C:\Documents and Settings\greg.BOURRIQUET\ddfwko.exe\[UPX]" file.
16/01/2008 18:15:20 greg 1260 Sign of "Win32:Small-IKZ [Trj]" has been found in "C:\Documents and Settings\greg.BOURRIQUET\yvynwr.exe\[UPX]" file.
16/01/2008 18:15:17 greg 1260 Sign of "Win32:Small-IKZ [Trj]" has been found in "C:\Documents and Settings\greg.BOURRIQUET\tuoeum.exe\[UPX]" file.
16/01/2008 18:15:14 greg 1260 Sign of "Win32:Small-IKZ [Trj]" has been found in "C:\Documents and Settings\greg.BOURRIQUET\vjtkdd.exe\[UPX]" file.
16/01/2008 18:14:15 greg 1260 Sign of "Win32:Small-IKZ [Trj]" has been found in "C:\Documents and Settings\greg.BOURRIQUET\Local Settings\Temporary Internet Files\Content.IE5\WXEBSDAB\a[3].exe\[UPX]" file.
16/01/2008 18:14:05 greg 1260 Sign of "Win32:Small-IKZ [Trj]" has been found in "C:\Documents and Settings\greg.BOURRIQUET\Local Settings\Temporary Internet Files\Content.IE5\WXEBSDAB\a[2].exe\[UPX]" file.
16/01/2008 18:13:52 greg 1260 Sign of "Win32:Small-IKZ [Trj]" has been found in "C:\Documents and Settings\greg.BOURRIQUET\Local Settings\Temporary Internet Files\Content.IE5\7ANL9TBF\a[2].exe\[UPX]" file.
16/01/2008 18:13:48 greg 1260 Sign of "Win32:Small-IKZ [Trj]" has been found in "C:\Documents and Settings\greg.BOURRIQUET\Local Settings\Temporary Internet Files\Content.IE5\7ANL9TBF\a[1].exe\[UPX]" file.
16/01/2008 13:55:44 greg 1260 Sign of "Win32:Small-IKZ [Trj]" has been found in "C:\Documents and Settings\greg.BOURRIQUET\Local Settings\Temporary Internet Files\Content.IE5\WXEBSDAB\a[1].exe\[UPX]" file.
10/01/2008 22:05:21 SYSTEM 1240 An error has occured while attempting to update. Please check the logs.
10/01/2008 22:05:20 SYSTEM 1240 Function setifaceUpdateFiles() has failed. Return code is 0x20000011, dwRes is 20000011.
27/12/2007 18:38:29 SYSTEM 1260 An error has occured while attempting to update. Please check the logs.
27/12/2007 18:38:28 SYSTEM 1260 Function setifaceUpdatePackages() has failed. Return code is 0x20000004, dwRes is 20000004.
04/02/2007 14:52:33 SYSTEM 1512 An error has occured while attempting to update. Please check the logs.
04/02/2007 14:52:31 SYSTEM 1512 Function setifaceUpdatePackages() has failed. Return code is 0x20000004, dwRes is 20000004.
01/02/2007 21:21:57 SYSTEM 1512 An error has occured while attempting to update. Please check the logs.
01/02/2007 21:21:47 SYSTEM 1512 Function setifaceUpdatePackages() has failed. Return code is 0x20000004, dwRes is 20000004.
01/02/2007 12:38:16 SYSTEM 1512 An error has occured while attempting to update. Please check the logs.
01/02/2007 12:38:16 SYSTEM 1512 Function setifaceUpdatePackages() has failed. Return code is 0x20000004, dwRes is 20000004.
01/02/2007 11:05:18 SYSTEM 1512 An error has occured while attempting to update. Please check the logs.
01/02/2007 11:05:17 SYSTEM 1512 Function setifaceUpdatePackages() has failed. Return code is 0x20000004, dwRes is 20000004.
31/01/2007 09:50:46 SYSTEM 1512 An error has occured while attempting to update. Please check the logs.
31/01/2007 09:50:45 SYSTEM 1512 Function setifaceUpdatePackages() has failed. Return code is 0x00000002, dwRes is 00000002.
30/01/2007 20:50:14 SYSTEM 1512 An error has occured while attempting to update. Please check the logs.
30/01/2007 20:50:11 SYSTEM 1512 Function setifaceUpdatePackages() has failed. Return code is 0x20000004, dwRes is 20000004.
29/01/2007 18:32:54 SYSTEM 1512 An error has occured while attempting to update. Please check the logs.
29/01/2007 18:32:53 SYSTEM 1512 Function setifaceUpdatePackages() has failed. Return code is 0x20000004, dwRes is 20000004.
29/01/2007 14:14:29 SYSTEM 1512 An error has occured while attempting to update. Please check the logs.
29/01/2007 14:14:29 SYSTEM 1512 Function setifaceUpdatePackages() has failed. Return code is 0x20000004, dwRes is 20000004.
28/01/2007 11:34:02 SYSTEM 1512 An error has occured while attempting to update. Please check the logs.
28/01/2007 11:34:01 SYSTEM 1512 Function setifaceUpdatePackages() has failed. Return code is 0x20000004, dwRes is 20000004.
28/01/2007 11:20:16 SYSTEM 1512 An error has occured while attempting to update. Please check the logs.
28/01/2007 11:20:14 SYSTEM 1512 Function setifaceUpdatePackages() has failed. Return code is 0x20000004, dwRes is 20000004.
27/01/2007 16:43:05 SYSTEM 1512 An error has occured while attempting to update. Please check the logs.
27/01/2007 16:43:04 SYSTEM 1512 Function setifaceUpdatePackages() has failed. Return code is 0x20000004, dwRes is 20000004.
26/01/2007 18:49:31 SYSTEM 1512 An error has occured while attempting to update. Please check the logs.
26/01/2007 18:49:30 SYSTEM 1512 Function setifaceUpdatePackages() has failed. Return code is 0x20000004, dwRes is 20000004.
22/01/2007 00:36:30 greg 1512 Sign of "MS06-001 WMF Exploit" has been found in "C:\Documents and Settings\greg.BOURRIQUET\Local Settings\Temporary Internet Files\Content.IE5\4L2VKDMN\cyber[1].wmf" file.
19/01/2007 22:54:45 SYSTEM 1524 An error has occured while attempting to update. Please check the logs.
19/01/2007 22:54:41 SYSTEM 1524 Function setifaceUpdatePackages() has failed. Return code is 0x20000004, dwRes is 20000004.
19/01/2007 16:23:47 SYSTEM 1524 An error has occured while attempting to update. Please check the logs.
19/01/2007 16:23:45 SYSTEM 1524 Function setifaceUpdatePackages() has failed. Return code is 0x20000004, dwRes is 20000004.
18/01/2007 16:48:18 SYSTEM 1528 An error has occured while attempting to update. Please check the logs.
18/01/2007 16:48:16 SYSTEM 1528 Function setifaceUpdatePackages() has failed. Return code is 0x20000004, dwRes is 20000004.
17/01/2007 16:24:55 SYSTEM 1528 An error has occured while attempting to update. Please check the logs.
17/01/2007 16:24:53 SYSTEM 1528 Function setifaceUpdatePackages() has failed. Return code is 0x20000004, dwRes is 20000004.
16/01/2007 21:42:17 SYSTEM 1528 An error has occured while attempting to update. Please check the logs.
16/01/2007 21:42:16 SYSTEM 1528 Function setifaceUpdatePackages() has failed. Return code is 0x20000004, dwRes is 20000004.
16/01/2007 17:08:37 SYSTEM 1528 An error has occured while attempting to update. Please check the logs.
16/01/2007 17:08:36 SYSTEM 1528 Function setifaceUpdatePackages() has failed. Return code is 0x20000004, dwRes is 20000004.
16/01/2007 11:36:05 SYSTEM 1528 An error has occured while attempting to update. Please check the logs.
16/01/2007 11:36:05 SYSTEM 1528 Function setifaceUpdatePackages() has failed. Return code is 0x20000004, dwRes is 20000004.
15/01/2007 18:29:16 SYSTEM 1528 An error has occured while attempting to update. Please check the logs.
15/01/2007 18:29:14 SYSTEM 1528 Function setifaceUpdatePackages() has failed. Return code is 0x20000004, dwRes is 20000004.
15/01/2007 13:54:28 SYSTEM 1528 An error has occured while attempting to update. Please check the logs.
15/01/2007 13:54:27 SYSTEM 1528 Function setifaceUpdatePackages() has failed. Return code is 0x20000004, dwRes is 20000004.
14/01/2007 23:55:26 SYSTEM 1528 An error has occured while attempting to update. Please check the logs.
14/01/2007 23:55:26 SYSTEM 1528 Function setifaceUpdatePackages() has failed. Return code is 0x20000004, dwRes is 20000004.
14/01/2007 13:27:54 SYSTEM 1528 An error has occured while attempting to update. Please check the logs.
14/01/2007 13:27:54 SYSTEM 1528 Function setifaceUpdatePackages() has failed. Return code is 0x20000004, dwRes is 20000004.
14/01/2007 12:54:57 SYSTEM 1528 An error has occured while attempting to update. Please check the logs.
14/01/2007 12:54:56 SYSTEM 1528 Function setifaceUpdatePackages() has failed. Return code is 0x20000004, dwRes is 20000004.
13/01/2007 22:55:02 SYSTEM 1528 An error has occured while attempting to update. Please check the logs.
13/01/2007 22:55:01 SYSTEM 1528 Function setifaceUpdatePackages() has failed. Return code is 0x20000004, dwRes is 20000004.
09/01/2007 16:24:27 SYSTEM 1512 An error has occured while attempting to update. Please check the logs.
09/01/2007 16:24:25 SYSTEM 1512 Function setifaceUpdatePackages() has failed. Return code is 0x20000004, dwRes is 20000004.
08/01/2007 22:48:13 SYSTEM 1512 An error has occured while attempting to update. Please check the logs.
08/01/2007 22:48:12 SYSTEM 1512 Function setifaceUpdatePackages() has failed. Return code is 0x20000004, dwRes is 20000004.
08/01/2007 18:39:16 SYSTEM 1512 An error has occured while attempting to update. Please check the logs.
08/01/2007 18:39:15 SYSTEM 1512 Function setifaceUpdatePackages() has failed. Return code is 0x20000004, dwRes is 20000004.
08/01/2007 14:19:00 SYSTEM 1512 An error has occured while attempting to update. Please check the logs.
08/01/2007 14:18:59 SYSTEM 1512 Function setifaceUpdatePackages() has failed. Return code is 0x20000004, dwRes is 20000004.
06/01/2007 16:29:56 SYSTEM 1520 An error has occured while attempting to update. Please check the logs.
06/01/2007 16:29:56 SYSTEM 1520 Function setifaceUpdatePackages() has failed. Return code is 0x20000004, dwRes is 20000004.
06/01/2007 16:29:52 SYSTEM 1520 Function setifaceUpdatePackages() has failed. Return code is 0x20000004, dwRes is 20000004.
06/01/2007 10:41:10 SYSTEM 1520 An error has occured while attempting to update. Please check the logs.
06/01/2007 10:41:06 SYSTEM 1520 Function setifaceUpdatePackages() has failed. Return code is 0x00000002, dwRes is 00000002.
05/01/2007 18:08:21 SYSTEM 1520 An error has occured while attempting to update. Please check the logs.
05/01/2007 18:08:18 SYSTEM 1520 Function setifaceUpdatePackages() has failed. Return code is 0x20000004, dwRes is 20000004.
05/01/2007 11:38:37 SYSTEM 1520 An error has occured while attempting to update. Please check the logs.
05/01/2007 11:38:34 SYSTEM 1520 Function setifaceUpdatePackages() has failed. Return code is 0x20000004, dwRes is 20000004.
04/01/2007 20:52:29 SYSTEM 1520 An error has occured while attempting to update. Please check the logs.
04/01/2007 20:52:28 SYSTEM 1520 Function setifaceUpdatePackages() has failed. Return code is 0x20000004, dwRes is 20000004.
04/01/2007 12:00:58 SYSTEM 1520 An error has occured while attempting to update. Please check the logs.
04/01/2007 12:00:58 SYSTEM 1520 Function setifaceUpdatePackages() has failed. Return code is 0x20000004, dwRes is 20000004.
04/01/2007 11:21:14 SYSTEM 1520 An error has occured while attempting to update. Please check the logs.
04/01/2007 11:21:13 SYSTEM 1520 Function setifaceUpdatePackages() has failed. Return code is 0x20000004, dwRes is 20000004.
04/01/2007 00:15:46 SYSTEM 1520 An error has occured while attempting to update. Please check the logs.
04/01/2007 00:15:45 SYSTEM 1520 Function setifaceUpdatePackages() has failed. Return code is 0x20000004, dwRes is 20000004.
02/01/2007 20:28:06 SYSTEM 1520 An error has occured while attempting to update. Please check the logs.
02/01/2007 20:28:04 SYSTEM 1520 Function setifaceUpdatePackages() has failed. Return code is 0x20000004, dwRes is 20000004.
02/01/2007 12:02:42 SYSTEM 1520 An error has occured while attempting to update. Please check the logs.
02/01/2007 12:02:42 SYSTEM 1520 Function setifaceUpdatePackages() has failed. Return code is 0x20000004, dwRes is 20000004.
01/01/2007 22:29:14 SYSTEM 1520 An error has occured while attempting to update. Please check the logs.
01/01/2007 22:29:12 SYSTEM 1520 Function setifaceUpdatePackages() has failed. Return code is 0x20000004, dwRes is 20000004.
01/01/2007 01:12:08 SYSTEM 1520 An error has occured while attempting to update. Please check the logs.
01/01/2007 01:12:07 SYSTEM 1520 Function setifaceUpdatePackages() has failed. Return code is 0x20000004, dwRes is 20000004.
31/12/2006 13:52:28 SYSTEM 1520 An error has occured while attempting to update. Please check the logs.
31/12/2006 13:52:26 SYSTEM 1520 Function setifaceUpdatePackages() has failed. Return code is 0x20000004, dwRes is 20000004.
30/12/2006 16:52:35 SYSTEM 1520 An error has occured while attempting to update. Please check the logs.
30/12/2006 16:52:30 SYSTEM 1520 Function setifaceUpdatePackages() has failed. Return code is 0x20000004, dwRes is 20000004.
29/12/2006 23:05:56 SYSTEM 1512 An error has occured while attempting to update. Please check the logs.
29/12/2006 23:05:49 SYSTEM 1512 Function setifaceUpdatePackages() has failed. Return code is 0x20000004, dwRes is 20000004.
29/12/2006 16:29:14 SYSTEM 1512 An error has occured while attempting to update. Please check the logs.
29/12/2006 16:29:12 SYSTEM 1512 Function setifaceUpdatePackages() has failed. Return code is 0x20000004, dwRes is 20000004.
0
Réponse 32 / 46
Pi_Xi Messages postés 2244 Date d'inscription samedi 24 mars 2007 Statut Membre Dernière intervention 22 janvier 2016 149
23 janv. 2008 à 11:40
Hello!

A la fin du scan Avast, tu dois avoir un rapport, il suffit de le copier/coller ici ;o)

En outre, si tu vois "Helper" dans Ajout / Suppression de programmes, désinstalle-le ;o)

++
0
Réponse 33 / 46
gregouls Messages postés 67 Date d'inscription lundi 21 janvier 2008 Statut Membre Dernière intervention 12 juin 2011
23 janv. 2008 à 11:48
ok merci mais ce ke je T envoyer n'est pas bon donc...je te renvois un.

P.S: pas de Helper dans le dossier ajout/suppr
0
Pi_Xi Messages postés 2244 Date d'inscription samedi 24 mars 2007 Statut Membre Dernière intervention 22 janvier 2016 149
23 janv. 2008 à 11:55
non ce n'est pas ce rapport Avast que j'attendais.

Pour Helper, supprime le répertoire manuellement, à l'emplacement: C:\Program Files\Helper
0
Réponse 34 / 46
gregouls Messages postés 67 Date d'inscription lundi 21 janvier 2008 Statut Membre Dernière intervention 12 juin 2011
23 janv. 2008 à 11:56
voila un rapport si c bon tiens moi au courant merci G


21/01/2008 14:32
Analyse de tous les lecteurs locaux
Fichier C:\Documents and Settings\greg.BOURRIQUET\awpfvg.exe\[UPX] est infecté par Win32:Small-IKZ [Trj], Supprimé
Fichier C:\Documents and Settings\greg.BOURRIQUET\cjutfe.exe\[UPX] est infecté par Win32:Small-IKZ [Trj], Supprimé
Fichier C:\Documents and Settings\greg.BOURRIQUET\didpjs.exe\[UPX] est infecté par Win32:Small-IKZ [Trj], Supprimé
Fichier C:\Documents and Settings\greg.BOURRIQUET\fkkuia.exe\[UPX] est infecté par Win32:Small-IKZ [Trj], Supprimé
Fichier C:\Documents and Settings\greg.BOURRIQUET\flpmkj.exe\[UPX] est infecté par Win32:Small-IKZ [Trj], Supprimé
Fichier C:\Documents and Settings\greg.BOURRIQUET\hnoxcl.exe\[UPX] est infecté par Win32:Small-IKZ [Trj], Supprimé
Fichier C:\Documents and Settings\greg.BOURRIQUET\ikwbsu.exe\[UPX] est infecté par Win32:Small-IKZ [Trj], Supprimé
Fichier C:\Documents and Settings\greg.BOURRIQUET\ivvwyx.exe\[UPX] est infecté par Win32:Small-IKZ [Trj], Supprimé
Fichier C:\Documents and Settings\greg.BOURRIQUET\jliaos.exe\[UPX] est infecté par Win32:Small-IKZ [Trj], Supprimé
Fichier C:\Documents and Settings\greg.BOURRIQUET\jxihku.exe\[UPX] est infecté par Win32:Small-IKZ [Trj], Supprimé
Fichier C:\Documents and Settings\greg.BOURRIQUET\ljched.exe\[UPX] est infecté par Win32:Small-IKZ [Trj], Supprimé
Fichier C:\Documents and Settings\greg.BOURRIQUET\lloiyg.exe\[UPX] est infecté par Win32:Small-IKZ [Trj], Supprimé
Fichier C:\Documents and Settings\greg.BOURRIQUET\Local Settings\Temporary Internet Files\Content.IE5\7ANL9TBF\eixnlapsu[1].htm est infecté par Win32:Tiny-II [Trj], Supprimé
Fichier C:\Documents and Settings\greg.BOURRIQUET\Local Settings\Temporary Internet Files\Content.IE5\B687VHKH\niushkmpx[1].htm est infecté par Win32:Wopla-AF [Trj], Supprimé
Fichier C:\Documents and Settings\greg.BOURRIQUET\luxdoe.exe\[UPX] est infecté par Win32:Small-IKZ [Trj], Supprimé
Fichier C:\Documents and Settings\greg.BOURRIQUET\oxesgx.exe\[UPX] est infecté par Win32:Small-IKZ [Trj], Supprimé
Fichier C:\Documents and Settings\greg.BOURRIQUET\qcmexk.exe\[UPX] est infecté par Win32:Small-IKZ [Trj], Supprimé
Fichier C:\Documents and Settings\greg.BOURRIQUET\qwlfng.exe\[UPX] est infecté par Win32:Small-IKZ [Trj], Supprimé
Fichier C:\Documents and Settings\greg.BOURRIQUET\rhhmlx.exe\[UPX] est infecté par Win32:Small-IKZ [Trj], Supprimé
Fichier C:\Documents and Settings\greg.BOURRIQUET\tzyqdi.exe\[UPX] est infecté par Win32:Small-IKZ [Trj], Supprimé
Fichier C:\Documents and Settings\greg.BOURRIQUET\waxgdu.exe\[UPX] est infecté par Win32:Small-IKZ [Trj], Supprimé
Fichier C:\Documents and Settings\greg.BOURRIQUET\xqktsf.exe\[UPX] est infecté par Win32:Small-IKZ [Trj], Supprimé
Fichier C:\Documents and Settings\greg.BOURRIQUET\yqfkwl.exe\[UPX] est infecté par Win32:Small-IKZ [Trj], Supprimé
Fichier C:\Documents and Settings\greg.BOURRIQUET\ztxocw.exe\[UPX] est infecté par Win32:Small-IKZ [Trj], Supprimé
Fichier C:\System Volume Information\_restore{AE994CB1-FC45-4B63-A279-0587EF909ED3}\RP736\A0120243.sys est infecté par Win32:Agent-NJB [Trj], Supprimé
Fichier C:\System Volume Information\_restore{AE994CB1-FC45-4B63-A279-0587EF909ED3}\RP737\A0122244.sys est infecté par Win32:Agent-NJB [Trj], Supprimé
Fichier C:\System Volume Information\_restore{AE994CB1-FC45-4B63-A279-0587EF909ED3}\RP737\A0122248.exe\[UPX] est infecté par Win32:Small-IKZ [Trj], Supprimé
Fichier C:\System Volume Information\_restore{AE994CB1-FC45-4B63-A279-0587EF909ED3}\RP737\A0122249.exe\[UPX] est infecté par Win32:Small-IKZ [Trj], Supprimé
Fichier C:\System Volume Information\_restore{AE994CB1-FC45-4B63-A279-0587EF909ED3}\RP737\A0122250.exe\[UPX] est infecté par Win32:Small-IKZ [Trj], Supprimé
Fichier C:\System Volume Information\_restore{AE994CB1-FC45-4B63-A279-0587EF909ED3}\RP737\A0122251.exe\[UPX] est infecté par Win32:Small-IKZ [Trj], Supprimé
Fichier C:\System Volume Information\_restore{AE994CB1-FC45-4B63-A279-0587EF909ED3}\RP737\A0122252.exe\[UPX] est infecté par Win32:Small-IKZ [Trj], Supprimé
Fichier C:\System Volume Information\_restore{AE994CB1-FC45-4B63-A279-0587EF909ED3}\RP737\A0122253.exe\[UPX] est infecté par Win32:Small-IKZ [Trj], Supprimé
Fichier C:\System Volume Information\_restore{AE994CB1-FC45-4B63-A279-0587EF909ED3}\RP737\A0122254.exe\[UPX] est infecté par Win32:Small-IKZ [Trj], Supprimé
Fichier C:\System Volume Information\_restore{AE994CB1-FC45-4B63-A279-0587EF909ED3}\RP737\A0122255.exe\[UPX] est infecté par Win32:Small-IKZ [Trj], Supprimé
Fichier C:\System Volume Information\_restore{AE994CB1-FC45-4B63-A279-0587EF909ED3}\RP737\A0122256.exe\[UPX] est infecté par Win32:Small-IKZ [Trj], Réparer: Erreur 42060 {Le fichier n'a pas été réparé.}, Supprimé
Fichier C:\System Volume Information\_restore{AE994CB1-FC45-4B63-A279-0587EF909ED3}\RP737\A0122257.exe\[UPX] est infecté par Win32:Small-IKZ [Trj], Supprimé
Fichier C:\System Volume Information\_restore{AE994CB1-FC45-4B63-A279-0587EF909ED3}\RP737\A0122258.exe\[UPX] est infecté par Win32:Small-IKZ [Trj], Supprimé
Fichier C:\System Volume Information\_restore{AE994CB1-FC45-4B63-A279-0587EF909ED3}\RP737\A0122259.exe\[UPX] est infecté par Win32:Small-IKZ [Trj], Supprimé
Fichier C:\System Volume Information\_restore{AE994CB1-FC45-4B63-A279-0587EF909ED3}\RP737\A0122260.exe\[UPX] est infecté par Win32:Small-IKZ [Trj], Supprimé
Fichier C:\System Volume Information\_restore{AE994CB1-FC45-4B63-A279-0587EF909ED3}\RP737\A0122261.exe\[UPX] est infecté par Win32:Small-IKZ [Trj], Mis en quarantaine
Fichier C:\System Volume Information\_restore{AE994CB1-FC45-4B63-A279-0587EF909ED3}\RP737\A0122262.exe\[UPX] est infecté par Win32:Small-IKZ [Trj], Mis en quarantaine
Fichier C:\System Volume Information\_restore{AE994CB1-FC45-4B63-A279-0587EF909ED3}\RP737\A0122263.exe\[UPX] est infecté par Win32:Small-IKZ [Trj], Mis en quarantaine
Fichier C:\System Volume Information\_restore{AE994CB1-FC45-4B63-A279-0587EF909ED3}\RP737\A0122264.exe\[UPX] est infecté par Win32:Small-IKZ [Trj], Mis en quarantaine
Fichier C:\System Volume Information\_restore{AE994CB1-FC45-4B63-A279-0587EF909ED3}\RP737\A0122265.exe\[UPX] est infecté par Win32:Small-IKZ [Trj], Mis en quarantaine
Fichier C:\System Volume Information\_restore{AE994CB1-FC45-4B63-A279-0587EF909ED3}\RP737\A0122266.exe\[UPX] est infecté par Win32:Small-IKZ [Trj], Supprimé
Fichier C:\System Volume Information\_restore{AE994CB1-FC45-4B63-A279-0587EF909ED3}\RP737\A0122267.exe\[UPX] est infecté par Win32:Small-IKZ [Trj], Supprimé
Fichier C:\System Volume Information\_restore{AE994CB1-FC45-4B63-A279-0587EF909ED3}\RP737\A0122268.exe\[UPX] est infecté par Win32:Small-IKZ [Trj], Réparer: Erreur 42060 {Le fichier n'a pas été réparé.}, Supprimé
Fichier C:\System Volume Information\_restore{AE994CB1-FC45-4B63-A279-0587EF909ED3}\RP737\A0122269.exe\[UPX] est infecté par Win32:Small-IKZ [Trj], Mis en quarantaine
Fichier C:\WINDOWS\system32\drivers\smtpdrv.sys est infecté par Win32:Agent-LNK [Wrm], Réparer: Erreur 42060 {Le fichier n'a pas été réparé.}, Réparer: Erreur 42060 {Le fichier n'a pas été réparé.}, Réparer: Erreur 42060 {Le fichier n'a pas été réparé.}, Mis en quarantaine

Nombre de dossiers parcourus : 5374
Nombre de fichiers analysés : 61838
Nombre de fichiers infectés : 49
0
Pi_Xi Messages postés 2244 Date d'inscription samedi 24 mars 2007 Statut Membre Dernière intervention 22 janvier 2016 149
23 janv. 2008 à 11:59
non, on est le 23 et ton rapport date du 21 !??

J'en veux un d'aujourd'hui stp !

++
0
Réponse 35 / 46
gregouls Messages postés 67 Date d'inscription lundi 21 janvier 2008 Statut Membre Dernière intervention 12 juin 2011
23 janv. 2008 à 12:03
merci g trouvé "helper" mais il ne veux pas partir sous pretexte kil est bien ici! LOL Non il me met un mot komme koi le "make sure the

disc is not full or write protect and that the file is not currently in use" donc il ne veut pas gerber le con! Je vais relancer le pc et

reessayer de le supprimer. G~
0
Pi_Xi Messages postés 2244 Date d'inscription samedi 24 mars 2007 Statut Membre Dernière intervention 22 janvier 2016 149
23 janv. 2008 à 12:05
lol oui c'est normal il est en activité... inutile de re-démarrer le pc !

Après le scan Avast, tu me postera un nouveau rapport HiJack et on règlera le sort de Helper ;o)
0
Réponse 36 / 46
gregouls Messages postés 67 Date d'inscription lundi 21 janvier 2008 Statut Membre Dernière intervention 12 juin 2011
23 janv. 2008 à 12:05
ok chef je le lance! je te donne le resultat des ke possible
0
Réponse 37 / 46
gregouls Messages postés 67 Date d'inscription lundi 21 janvier 2008 Statut Membre Dernière intervention 12 juin 2011
23 janv. 2008 à 12:09
ca marche
0
Réponse 38 / 46
gregouls Messages postés 67 Date d'inscription lundi 21 janvier 2008 Statut Membre Dernière intervention 12 juin 2011
23 janv. 2008 à 13:57
g le rapport avast mais il ne veux pas ce copier
en plus il est bloqué sur l'ecran donc.... G C de te l'envoyer ~G
0
Réponse 39 / 46
gregouls Messages postés 67 Date d'inscription lundi 21 janvier 2008 Statut Membre Dernière intervention 12 juin 2011
23 janv. 2008 à 18:23
v'la le rapport hijack



Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:22:44, on 23/01/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
D:\Program Files\avast2006\aswUpdSv.exe
D:\Program Files\avast2006\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
D:\Program Files\Winamp2\winampa.exe
C:\WINDOWS\System32\LVCOMSX.EXE
C:\WINDOWS\ALCXMNTR.EXE
C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Common Files\PCSuite\DataLayer\DataLayer.exe
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
D:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
D:\PROGRA~1\AVAST2~1\ashDisp.exe
D:\Program Files\ZoneAlarm essaijanvier2007 15 jrs gratos\zlclient.exe
C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\WINDOWS\System32\FTRTSVC.exe
C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
C:\PROGRA~1\COMMON~1\PCSuite\Services\SERVIC~1.EXE
C:\PROGRA~1\Wanadoo\GestionnaireInternet.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\PROGRA~1\Wanadoo\ComComp.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\PROGRA~1\Wanadoo\Toaster.exe
C:\PROGRA~1\Wanadoo\Inactivity.exe
C:\PROGRA~1\Wanadoo\PollingModule.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\WINDOWS\system32\svchost.exe
D:\Program Files\avast2006\ashMaiSv.exe
D:\Program Files\avast2006\ashWebSv.exe
D:\PROGRA~1\ZONEAL~2\MAILFR~1\mantispm.exe
C:\PROGRA~1\Wanadoo\Watch.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - d:\program files\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O2 - BHO: e404 helper - {F10587E9-0E47-4CBE-84AE-7DD20B8684CC} - C:\Program Files\Helper\superfindout.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [WinampAgent] D:\Program Files\Winamp2\winampa.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\System32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [DataLayer] C:\Program Files\Common Files\PCSuite\DataLayer\DataLayer.exe
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -onlytray
O4 - HKLM\..\Run: [HP Software Update] D:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [avast!] D:\PROGRA~1\AVAST2~1\ashDisp.exe
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [SweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
O4 - HKLM\..\Run: [ZoneAlarm Client] "D:\Program Files\ZoneAlarm essaijanvier2007 15 jrs gratos\zlclient.exe"
O4 - HKLM\..\RunOnce: [srcDir] C:\Program Files\BT Voyager 100 ADSL Modem\uninstall.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [MSKAGENTEXE] C:\PROGRA~1\McAfee\SPAMKI~1\MSKAgent.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [WOOKIT] C:\Program Files\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx
O4 - HKCU\..\Run: [SweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
O4 - HKCU\..\Run: [msnmsgr] ~"C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX Player) - https://www.cult3d.com/
O16 - DPF: {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} (QDiagAOLCCUpdateObj Class) - http://aolcc.aolsvc.aol.co.uk/computercheckup/qdiagcc.cab
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - http://download.mcafee.com/molbin/shared/mcinsctl/4,0,0,99/mcinsctl.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {7F8C8173-AD80-4807-AA75-5672F22B4582} (ICSScanner Class) - http://download.zonelabs.com/bin/promotions/spywaredetector/ICSScanner371420.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {A9FD89D6-C839-11D3-B0FE-0050044B8FE9} (OBInstallRunner Control) - http://www.opinionbar.com/download/resources/OBInstallCabinet.CAB
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://jeuxenligne.orange.fr/Gameshell/GameHost/1.0/OberonGameHost.cab
O23 - Service: AOL Spyware Protection Service (AOLService) - Unknown owner - C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\\aolserv.exe (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - D:\Program Files\avast2006\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - D:\Program Files\avast2006\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - D:\Program Files\avast2006\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - D:\Program Files\avast2006\ashWebSv.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
0
Réponse 40 / 46
Pi_Xi Messages postés 2244 Date d'inscription samedi 24 mars 2007 Statut Membre Dernière intervention 22 janvier 2016 149
24 janv. 2008 à 11:00
Hello !

ok, ouvre Hijackthis, choisis "do a scan only"

Coche la case devant la ligne:
O2 - BHO: e404 helper - {F10587E9-0E47-4CBE-84AE-7DD20B8684CC} - C:\Program Files\Helper\superfindout.dll
Ferme toutes les autres fenêtres actives et clique sur "Fix checked"

Ensuite supprime le répertoire HELPER à l'emplacement: C:\Program Files\Helper

++
0

Discussions similaires

Est ce que le site tlauncher est dangereux ?
caribou -
bazfile -

1 réponse
Softonic,est-ce un virus ?
techmel1 -
techmel1 -

6 réponses
4 virus en raison d’un porno ????
valou -
Bello040420 -

9 réponses
symboles et écritures pour nick msn
Pando -
roro -

20 réponses
problême Opéra est ce un virus??
sand2504 -
sand2504 -

85 réponses