Does Rephresh Cause Discharge

camera picked up on MSN Virus?

Well, you
CHOP album.zip photo.
file containing photos album-2007-5-26.scr
and:
C: \\ Windows \\ system32 \\ syshosts.dll

It is possible that Avast does not detect it ...

UPDATE:

There is probably: Backdoor.Win32.IRCBot.aaq
Your post was like MSN (French / English)
------ -------------------------------------------------- ------------
hey look at my tof! : P ma soeur a voulu que
Regarde ca tu! Regarde les tof
hey, c'est moi et mes copains entrain the .... : D j'ai fais pour toi
ce photo album tu dois le voir:)
tu dois voir ces tof mes photos chaudes
: D c'est seulement
cool knife: p
its only my photos
Hey want to see my new album?
Hey "is completed any new album! :) Hey
approve my new album anyway .. : P
for yah, doing cartoon of my life lol ..
meine hei and Photos! : P
le mie Calde picture: p mis fotos calientes

mi fotografas: p
Mi amigo tom las fotos agradables the m
el lol mi Hermana Quisiera que este le enviara
the photo album

English:

---------------------- Here are my private pictures for you Here are my
pictures from my vacation
My friend Took nice photos Should see me.you of em lol!
icts only my photos!
Nice new photos of me and my friends and stuff and When I Was Young ... lol
Nice new photos of me! : P
Check out my sexy boobs: D
it is also possible to have this:
close with the cross.






source text of these messages

If you received this in Dutch / English + link: (I added t w. .. un et un dès fois que!)
Le message envoy aux contacts MSN ---->
Is that you in this picture?
htttp: / / www.hothotpics.com/photo8.php
Is that you on this photo O
htttp: / / www .******. net/photo26.com
Is that you on this photo?
wwww.hot hotpeople.net/photo894.php
----------------------------
Il sagit the --- -> Downloader.Win32.Agent.btu
Trojan Vundo Infection:
genre:
O2 - BHO: MSEvents Object - {8DBF02DA-4360-4A7E-BEA1-347B87816327} - C: \\ WINDOWS \\ System32 \\ ddaia . dll
O20 - Winlogon Notify: DDAI - C: \\ WINDOWS \\ System32 \\ ddaia.dll
It sagit a random name, so no similarity except the number of characters and the classical splitting 02/020.
This is treated like a Vundo infection classic (though scanning the FIX MSN, can not hurt!)

There is another attack that is manifested in this report Hijackthis
MSN message was:
" Lol, I'm a haul from my sister yesterday with secretly watch my webcam ca
"
followed a link to go download:
webcam_00002.com?. Jpg
It sagit from

webcam_00002.com/Backdoor.VanBot.dk

-----> in Hijackthis
O23 - Service: Microsoft Genuine Advantage - Unknown owner - C: \\ WINDOWS \\ System32 \\ dllcache \\ winmga.exe
définfecte is also with the FIX MSN.


short, you set foot in it!


not panic and in a first time made this
Revenez ici après....
Télécharger le FIXMSN.zip ici
vous obtenez ceci:



















Fermez-le, une fois téléchargé sur votre bureau.

Télécharger et installez donc IZArc si vous n'avez rien pour dézipper.

Double-clic dessus.

Vous aurez ceci:
Clic sur l'icône "extraire"


















Click on extract, it extracts by default on the desktop, it avoids look after !














He created and unpacked your fix in a folder:






Double-click it.
opens this ... it has to create / a subfolder MSNFix, reclic it!



















then click on MsnFix.bat































Type "R" and press "Enter . If
PC clean












Make "A " and press "Enter".
Notepad will open, after reflection of the computer ....


















Select the text (CTRL + A)
Copy the text in memory (ctrl + c)
Copy the text stored on the forum to place your cursor (ctrl + v)
If an infection has been found ....
make a report as previously et le copier dans le forum.
Attendez les instructions.
------------------------------------------------- Si vous avez -------
Ramasse photo8.com:
via un message du genre:

" it you in this picture? http://www.hothotpics. com/photo8.php
That You on this photo is: O http://www .******. net/photo26.com
That is you on this photo www.hot hotpeople.net / photo894.php "
Attendez les instructions, on va les detect dans un scan HijackThis.
Pour info:
------------------------
Vous aurez Certain ment des 02 et 020 du Gender:
O2 - BHO: (no name) - {2034BA2F-49EF-99EB-6FAC-5F58BB828997} - C: \\ WINDOWS \\ system32 \\ iiffbca.dll (file missing) O20
- Winlogon Notify: iiffbca - C : \\ WINDOWS \\ system32 \\ iiffbca.dll
iiffbca.dll is a random name, is what is so special ....
---------------------------------------
If unable to connect MSN
try to do this:
Start / Run / type the following commands (each validate with OK):
C'estpour re-register DLLs.
regsvr32 softpub.dll
regsvr32 initpki.dll
regsvr32 mssip32.dll
Restart the machine.
Sometimes it is also necessary to reset the password.
https: / / accountservices.msn.com / uiresetpw.srf? Lc = 1036 & id = 2

Also check your version number, if she is too old (version 6) is vulnerable.
http://www.microsoft.com/france/securite/bulletins/2005/200502_msnmessenger.mspx

Polaris Xtra 10 Rear Shock 14.5 Or 13.5?

Test your anti-virus scan

Well,
you have an anti-virus in your computer. If
one free, it's time to see its effectiveness!
I reassure you right away , is not to stick a virus in your computer!
... but to believe in your anti-virus has just intercepted a virus ... or at least it should be so, if this is not a big colander!
This is an archive. zip
right click on the link below and / Register the target as:
Click here to download the fake virus
































the address is in the clear of the virus, the famous test known sagit eicar ---->

http://securite -informatique.info/virus/eicar/download / eicar_niveau13.zip

soon as the file arrives on your desk there should be not destroy your anti-virus, and make a kind of warning ---> Here
alert F-Secure Internet Security 2007:
























Click here to try a format. Jpg (image)
the alert should be the same ...
click here to try a format. bin

http://securite-informatique.info/virus/eicar/download/eicar_niveau14.bin
Well, if your antivirus has detected a good sign . . . And if you want more, here

Dental Words For Acrostic Poem

Make a sfc / scannow

Warning:
Do this only if you have manip more access to System Restore. It may alter the contents of your existing system restore points (or your System Restore) and thus frustrate an attempt to restore an uninfected or points thereof, if any,
This is essential if replacing a dll file, for example

I asked you to do a scan sfc / scannow --->
You must have "Administrator" rights to do that.
what is it?
First, it has info with the word itself!
sfc = System File Checker abbreviation
We already know more!
In fact the operation will check all the file system of XP, and check if they conform to the original content on the installation CD. That is why it is imperative to the XP installation cd ... (and I do not mean the recovery disc of PC brands!)
In fact, the scan will look in C: WINDOWS \\ System32 \\ Dllcache
This is a hidden folder. (Normally)
If the scan finds that all is well ... it asks for nothing! But if
worry, it will replace the corrupted file that appears, and will pick him up at the source install your original ----> in most cases the xp cd.
The best way to avoid the application of the CD is to have the install of XP on the hard drive, preferably another partition, and even a special partition for that! A bit like the hidden partition of branded PCs (but not hidden, well, yes if full crash is better!)
----> Type f: \\ I386 (the content will go to + / - 475 Megabytes)
The path to your install is hidden in this key: HKEY_LOCAL_MACHINE
\\ SOFTWARE \\ Microsoft \\ Windows \\ CurrentVersion \\ Setup \\ SourcePath
in case you decide to copy the I386 f:






the ---> SourcePath ---> will be defined simply ---> f: \\
in case of trouble with your sourcepath, watching as the key :
HKEY_LOCAL_MACHINE \\ SOFTWARE \\ Microsoft \\ Windows NT \\ CurrentVersion \\ SourcePath
both should be similar ...
f: \\
Concerns may also happen in case of trouble too, just because you install an additional hard disk drive or other, a mismatch letter is possible!
so check in Explorer.
Note:
-------------------
SFC / scannow it unusable restore points. Indeed, it sometimes occurs on DLL there.
If you have installed patches, changed files are placed directly in C: \\ WINDOWS \\ system32 \\ dllcache
(in addition to their normal location) so that the system File Protection (WFP) can immediately correct inappropriate alteration. Another copy is placed in c: \\ windows \\ $ hf_mig $ folder \\.
Now if you installed a service pack, the files are copied to C: \\ WINDOWS \\ ServicePackFiles
it is this value that indicates the location -----> SFC

HKEY_LOCAL_MACHINE \\ SOFTWARE \\ Microsoft \\ Windows \\ CurrentVersion \\ Setup ServicePackSourcePath
------------------------------------ --------------
How do a scan sfc / scannow with XP Pro, SP1 or SP2.

1) Insert the CD-ROM Windows XP SP1 or SP2 in the drive while holding down the Shift key to prevent its automatic execution
2) Start / Run / type this:
sfc / scannow It
a space after the "c" in "sfc"
No space after the "/"
Please copy / paste it will be easier!













click ok ....
And wait, it may take some time ... like 10/20 minutes







Upon detection of a corrupted file ... if you don 'have not upgraded your cd, you have this:









The fact is that in practice .... he is able to request the cd to install sp1 or sp2 ... the walkthrough works, is to make a patched cd sp1 or sp2 .. .
Here is another link
Yet another link
The experiment is beyond the reach of a beginner .... unfortunately
Best is to have taken a ghost ... well, everyone did not buy the idea of Norton Ghost! I speak here

Note:
------------------
"for all XP users who have completed all SHIFT including SP2, but have their cd XP SP1, the System File Checker is refused! A shame that
crosoft have nothing scheduled in this case. should I buy the latest version of XP to do a sfc / scannow? "
source:
and" DO NOT use sfc / scannow if, like me, you have the installation CD XP SP1, and if you have the SP2 Update ... Windows will replace the SP1 files it can find (not all, but some will do a damn mess ...) from your CD SP1, and implement them in its library files instead of files "SP2" , "So it
what I said!
Same with those who were normal and install xp pro installed later on sp1!
I made it work!

Funny Lacrosse Slogan

How to stop a service

Well,
I asked you to stop a service.
Here's how.
Start / Run / type this: (copy / paste)
% SystemRoot% \\ system32 \\ services.msc / s











Click "ok"

















Suppose for example that I asked you to stop
Norton Ghost
Search service in the right column.
Select it (turn blue)
Once found, right click on it.







Note that only the words are blacked accessible, not dimmed.
So we will move to Stop ... It is
the service in question is stopped.
Not complicated indeed!

What Do We Need For A Nerf Party

Update your Java version

Well,
I asked you to update your Java version, because I spotted what was obsolete in a Hijackthis report, for example.
Example:
C: \\ Program Files \\ Java \\ jre1.5.0_07 \\ bin \\ jucheck.exe
Another way to check your Java version is to do this first:
Locate button check installation "

Click here to go to this page


















This appears:
click on "Verify Installation"

















This window opens with your version number.








Here is version 1.6.0.01
the current version is 1.6.0.2
If you have this: jre1.5.0_07 is even more urgent!
So an update is required. If
updated version you get this message.










Do this
go to this page ---> click here
this appear


















click on the button "download"




This box opens --->









Click

"save file"








Once the install file on your desktop, run it by double click.
Follow the instructions. Reboot the PC
necessary to activate the update.
Then check if everything is ok, by repeating the test to verify your version (see top of page)
If everything is ok, you will get this message.


Well, it's not over, the old version is still on your hard drive ...
We will delete it.
Start / Settings / Control Panel, locate the icon to uninstall programs.



In green is the version we just installed in red are older that you can uninstall





Here we will win 119 134 = 253 megs of recovered.
During uninstall this small window open.



Check that nothing remains of the old install with Explorer in C: \\ Program Files \\ Java \\ jre1.5.0_06
If so delete the contents. Example here

How Long Until Lice Shows Up

How to search on the NET?

The question may seem childish to some, but when I see the number of people who are lost against the immensity of the Net, I tell myself that this little summary will help in more than one!
In fact when I see this kind of question on a forum (CCM here )--->








I tell myself I'll do something! LOL ... because it ' is instructive and indicative of a lack of knowledge about!
-First place, use a " engine" search.
What is this?
Well, just look at the thing like a robot will browse the web at the speed of lightning, and you
find what you are looking for ...
Well, then go to this page, click here with your mouse
You see, I've guided to a page that is engines most used worldwide.

It is therefore to seek O & O Defrag 2000

















Locate therefore the window of Google.

Then do so copy paste ---> O & O Defrag 2000
(select blue with your mouse, then press ctrl + c) is more convenient to copy the text ... ok?

Well, put your cursor in the white rectangular window of Google. (Link above) Make this time ctrl + v
The text is part of the window.
Then click on:


It's done the robot has found:
The result page will appear.
Results 1 - 10 of about 377 000 for O & O Defrag 2000 (0.09 seconds)
nine hundredths of a second to 377,000 results! is not it?
You just have to click on the blue link that seems most match your search.
course there are ways to refine the research ... but here it does not matter, you discover the hidden resources of Google! Here
not to complicate your life ... LOL















tried to do so as an exercise to see if you come out.

I advise you to put this page in your favorites ...
How? Easy
do so ctrl + d

What Type Of Oil For My Hair Trimmer

Guestbook

It seems that the guestbook is deactivated.
I do not know if it Instantaneous or not ...
I'll enable comments, that way it will be possible to add a message ...
at least if the blog does well ... LOL I


allows me to copy messages sent to me. (Newest to oldest)

-----------

Name	paulo
Date	2007-07-10
Rental
Message	rebonjour hello or thank you for what you did for me as a novice in the computer but I'd be satisfied if my pc is more infecté.vous can connect me through my mail or ccm.le Belgium is a beautiful country and because I lived dunkerque.cordialement paulo.

Name	vanessa
Date	2007-07-05
Rental
Message	hello, my friend recommended your blog because I have a problem, I caught a virus through msn instant messaging and since jarrête not nabbed the trojan and when I connect to MSN, the message was the jerk who keeps my contaminated with customized template and makes a mess in my pc and the pc of my other msn contact ... connate as I do not much, I did a scan with my anti virus and I uninstalled msn and reinstalled with a new account, but it starts from a spin! I do not know what to do, it's really hell .. could you help me please?? I thank you in advance for giving me a little of your time. vanessa

Name	noctambule28
Date	2007-07-05
Rental
Message	blog, oh no! a quid more than this computer that works more easily. clear opinions that leave no doubt know A place without a doubt zero-EAT WITHOUT MODERATION CONGRATULATIONS AND THANK

Name	Stephanie
Date	2007-07-02
Rental
Message	hello, I found your blog recement and wanted to know if a firewall or other anti virus, could not play certain games on the site prizee.com? and if so, how? thank you for your blog and soon

Name	Thierry LONCLE
Date	2007-06-28
Rental
Message	Dear Claude, You can be happy to give back to many people regularly, and proud of your skills. Count on me to run the mouth. Thank you a thousand times.

Name	Thierry
Date	2007-06-28
Rental
Message	I am fighting since Monday night, being Thursday is 6:06 p.m., I lost count of the connections and disconnections of my neufbox I downloaded 5 anti-spyware and I bought one, but dear Claude, that is really you the best. Thank you.

Name	charles
Date	2007-06-27
Rental
Message Thank	procedure simple and very efficient, thanks again

Name	Joel
Date	2007-06-26
Rental
Message	Goodnight, Thanks for your site and your tips are worth gold and are more understandable for dummies like me! I sent a message to Me: chezclaude@gmail.com hope that you will have 5 minutes for me answer soon I hope Joel

Name	charly
Date	2007-06-20
Rental
Message	spywear I have problem with my anti-virus and secur "antivirus firewall" has detected suspicious items: C: WINDOWSsystem32vinafougc.dat C: WINDOWSsystem32vinafougc.exe C: WINDOWSsystem32vinafougc_nav.dat C: WINDOWSsystem32vinafougc_navps.dat is what I should simply remove the file or not? I really need help

Name	Franck
Date	2007-06-19
Rental
Message	Goodnight n'aynat not find the forum I hope I use the correct path: Search NaviPromo version 2.0.3 began on 19/06/2007 at 0:53:48, 24 Which forum should I post my report fixnavi.txt? thank you

Name	michel
Date	2007-06-16
Rental
Message	Thanks friend for 1 week botched by p "" "virus you managed to explain how to get rid of a few lines very" assimilated "by the pc .. iste way I am, and, following me realize that I was actually very vulnerable, I highly recommend a cleanup as well explained on the blog again thank you Michel

Private Message Added 2007-06-06

Name	Vee Bee
Date	2007-05-14
Rental
Message	Hello, Firstly thank you for your help on the flap computer via "How it works". From a great ... comfort! side drawing, being a fan of cats and some comic drawings I really enjoyed it. I myself am an amateur painter. My site is under construction, but I just signed up at "ARTactif. Without doubt the virtual exhibition she released a few days. I had wondered since your first reply message of why the "philo2100. I found the answer in your blog of course. What passions pursued simultaneously: it's great! Figures you with a buddy retired philosophy teacher we play once a month to "philo-aperitif" open meeting in a purlin, where guided by prof explores various themes ... Exciting! short I wish you good luck. (note that I did not get to ask you next computer, oops!) + @ VeeBee

Private Message Added 2007-05-11

Name	pram
Date	2007-04-29
Rental
Message	alias hello claude philo super thank you, I kiff people like you are rare indeed and you have more centers of interests that overlap with mine I'd like you to do part of my circle of friends voila y_landeau@hotmail.com my msn skype: yves75003 AND ESPECIALLY I can be something that will please you, you who love computers I am developing a web portal on work and social cohesion I worry yves speak

Private Message Added 2007-04-24

Name	jerem 72
Date	2007-04-09
Message	hello, jai saw your blog on the forum ccm it is very well done, the explanations are clear and commented images ideal for beginners in search of knowledge, cest nice of you to spend time helping others, continues like this

Name	siryuss
Date	2007-04-03
Rental
Message	So then voila ... I am neither an expert nor a débutand and and very rare that I leave a message or whatever, but it ca ecxeption what he fo fo .. its going to be brief .... big thank you for the info of your blog I know many things but its my review all his help so finally ... peace man and continues as its

Name	Knai
Date	2007-03-31
Rental
	Your Message (if I can help you tu) vraimen CONCERN blog is there are a lot of help my father advised me that there are heuresemen and blog like yours to get out I'll wish good luck and thank you for your help presieuse

Name	Denis Bancillon
Date	2007-03-21
Rental
Message	Hi Claude, I think what you do is great: all the designs that your explanation for debugging ... I'll spend more complete from an email I was 5 minutes. @ + Denis

Name	Marjorie
Date	2007-03-21
Rental
Message	Hello Claude, I saw Commentcamarche.net site that you helped to settle his Magalie pble openings popups. I have the same concern since Sunday and it's getting worse and worse. I'm not a pro in info and I do not know what procedure to eradicate this pble launch. thank you in advance for your help.

Name	turenne henri
Date	2007-03-17
Rental
Message	Although already "old" (71years), I am a neophyte who clings. I would tell you a big congratulations for your blog, but also for clarity and sobriety of your teaching and especially to all the tools available to put you to put theory into action! so thank you wholeheartedly! turenne henri

Name	Contessa
Date	2007-02-18
Rental
Message	Hi I have a problem with word art, my text is written in black and white on my monitor, I esszayé all to no avail. Do you have a solution? Thank you kindly Marie

Name	christian-ckiki44
Date	2007-02-11
Rental
Message	Just to say I'm "amazed"! . I've never seen a site as well built, especially instructive, and very accessible with a world that we become less barbaric! Bravo and especially a big THANK

Private Message Added 2006-12-31

Name	Syria (TLC)
Date	2006-12-02
Rental
Message	syria nice tone ti site or blog lol because I do not really know how they called that! pfff I had you put a message on TLC over there but he would not have been taken (for the humor and no nonsense) too bad the pleasure Syria

Name	lamin or dklemzo
Date	2006-11-26
Rental
Message	hello phil's me dklemzo ccm. I saw your blog and thank you for accepting friendship. I'm a freshman in computer networking. I was good before handyman and now I begin to understand things. I hope to count on you to give me support during my training. Thank you

	L
Date	2005-08-16
Message	As always daunting when you do something! !!!!!!!! A word! One: GS or al!!

Name	claude
Date	2005-08-12
Message	Welcome to my guestbook, I had to create one, there was not on the blog site! You can leave a message and tell me what you think of my blog .... Thanks in advance to all claude