wardog92

bonsoir à tous j'ai un ptit problème avec mes 2 lecteurs graveurs internes (CD-RW NEC ND-1100A et DVD-RW NEC ND-3550A). Les 2 ne reconnaissent aucun des CD ou DVD. Sur le poste de travail, ils sont comme vides. merci d'avance!

c bon j'ai réglé le probleme en l'enlevant du PC et en la ramenant au magasin! merci longue vie à vous, bonne journée!

c'est bon j'ai résolu le probleme el l'enlevant et la ramenant au magasin merci bonne journée!

ouais...bof....j'ai réussi à trouver une mise à jour mais l'assistant na la détecte pas....

bonsoir à tous! j'ai installé depuis peu cette carte son et quand je veu écouter de la musique avec mon lecteur VLC, j'ai une seconde de musik et le PC plante, écran figé, il ne répond plus. quand je réactive l'ancienne carte son (REALTEK AC'97 Audio) intégrée à la CM, tout va bien..... quelqu'un pour m'aider? merci d'avance!

ok merci je vais regarder ça. sinon je dois un p'tit probleme de masse, j'arrête pas de me choper des p'tits coups de jus quand je prends ma souris... j'ai mal branché ou isoler kelkechoz?

ok c réglé j'ai refait en brabchant et testant tout au fur et à mesure. mais maintenant et je pense ke ça venait de ça, j'ai un lecteur de cartes 4 en 1 au format 5 1/4 et quand je veu le brancher sur la CM (F_USB1 ou F_USB2), le PC ne redémarre pas. idem pour les prises des 2 ports USB en façade

salut à tous! bin voila mon problème: je me suis une nouvelle tour (MAX IN POWER B9909 C9 SILVER) et une nouvelle alim ventilo de 12 cm et de 480W. je transvase tout de la tour d'origine dans la nouvelle, branche tout correctement (enfin je pense...), met sous tension... et rien...nada.... après moults vérif', je vois pas ce ki cloche. si vous pouvez m'éclairez un peu plus sur ça, ce serait super cool... merci d'avance

re merci c'est cool, tout s'est bien passé. longue vie à toi et au forum bye! et à zebulon ossi....lol

Salut à tous, J’ai un p’tit problème avec mon disque dur (WDC 160Go). J’y ai créé une 2ème partition avec Partition Magik 8, je la supprime et tout se passe bien sauf au moment de redémarrer, mon PC plante (….je n’avais pas fait de sauvegarde….oui je sais….). Je redémarre avec un CD boot Linux (Move) et je vois que toutes mes données sont bien présentes sur le DD (Windows, vidéos, DivX, photos, logiciels, jeux….tout quoi ! ! !). Etant en attente de la Freebox, j’achète un nouvo DD (Maxtor 160Go) avec un boitier externe. Je l’installe dans mon PC, réinstalle Windows sur celui-ci et branche en externe le DD bugué pensant que j’avais le moyen de récupérer toutes mes données. Et ce fut le DRAME (lol), il apparaît sur le Poste de travail mais impossible d’y accèder, ça m’affiche « J : n’est pas accessible, le fichier ou le répertoire est endommagé et illisible » (SNIF !) S’IL VOUS PLAIT….DITES MOI QU’IL EST POSSIBLE DE TOUT RECUPERER… Merci ! ! ! PS : n’ayant pas internet pour l’instant, je fais cette demande du boulot, dsl mais j’ai pas trop eu le temps de voir si cette kestion avait déjà été posé.

salut! oui tu me parlais au début k'il n'y avait pas de pare-feu. c'est vrai k'à chake fois ke je vais dans Panneau de configuration/parefeu Windows, il me dit k'il ne peut pas les afficher à cause d'un problem non identifié. Sinon keske tu as vu avec les derniers rapports ke j'ai envoyé? bye à + tard

salut régis56! je te poste les 3 rapports ke tu m'as demandé bye à + I) --------------------------------------------------------- ewido anti-spyware - Scan Report --------------------------------------------------------- + Created at: 17:58:56 23/07/2006 + Scan result: :mozilla.32:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\default.zl4\cookies.txt -> TrackingCookie.2o7 : Cleaned. C:\Documents and Settings\Propriétaire\Cookies\propriétaire@adrevolver[3].txt -> TrackingCookie.Adrevolver : Cleaned. C:\Documents and Settings\Propriétaire\Cookies\propriétaire@adtech[2].txt -> TrackingCookie.Adtech : Cleaned. :mozilla.66:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\default.zl4\cookies.txt -> TrackingCookie.Atdmt : Cleaned. C:\Documents and Settings\Propriétaire\Cookies\propriétaire@atdmt[2].txt -> TrackingCookie.Atdmt : Cleaned. C:\Documents and Settings\Propriétaire\Cookies\propriétaire@bluestreak[2].txt -> TrackingCookie.Bluestreak : Cleaned. C:\Documents and Settings\Propriétaire\Cookies\propriétaire@fl01.ct2.comclick[1].txt -> TrackingCookie.Comclick : Cleaned. :mozilla.47:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\default.zl4\cookies.txt -> TrackingCookie.Doubleclick : Cleaned. :mozilla.75:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\default.zl4\cookies.txt -> TrackingCookie.Estat : Cleaned. C:\Documents and Settings\Propriétaire\Cookies\propriétaire@estat[1].txt -> TrackingCookie.Estat : Cleaned. :mozilla.69:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\default.zl4\cookies.txt -> TrackingCookie.Falkag : Cleaned. :mozilla.70:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\default.zl4\cookies.txt -> TrackingCookie.Falkag : Cleaned. :mozilla.71:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\default.zl4\cookies.txt -> TrackingCookie.Falkag : Cleaned. :mozilla.72:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\default.zl4\cookies.txt -> TrackingCookie.Falkag : Cleaned. :mozilla.73:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\default.zl4\cookies.txt -> TrackingCookie.Falkag : Cleaned. :mozilla.74:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\default.zl4\cookies.txt -> TrackingCookie.Falkag : Cleaned. C:\Documents and Settings\Propriétaire\Cookies\propriétaire@fastclick[2].txt -> TrackingCookie.Fastclick : Cleaned. :mozilla.14:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\default.zl4\cookies.txt -> TrackingCookie.Mediaplex : Cleaned. C:\Documents and Settings\Propriétaire\Cookies\propriétaire@mediaplex[1].txt -> TrackingCookie.Mediaplex : Cleaned. :mozilla.10:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\default.zl4\cookies.txt -> TrackingCookie.Smartadserver : Cleaned. :mozilla.11:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\default.zl4\cookies.txt -> TrackingCookie.Smartadserver : Cleaned. :mozilla.12:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\default.zl4\cookies.txt -> TrackingCookie.Smartadserver : Cleaned. C:\Documents and Settings\Propriétaire\Cookies\propriétaire@www.smartadserver[1].txt -> TrackingCookie.Smartadserver : Cleaned. :mozilla.48:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\default.zl4\cookies.txt -> TrackingCookie.Weborama : Cleaned. :mozilla.49:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\default.zl4\cookies.txt -> TrackingCookie.Weborama : Cleaned. C:\Documents and Settings\Propriétaire\Cookies\propriétaire@weborama[2].txt -> TrackingCookie.Weborama : Cleaned. ::Report end II) 07/23/06 18:20:52 [info]: BlackLight Engine 1.0.42 initialized 07/23/06 18:20:52 [info]: OS: 5.1 build 2600 (Service Pack 1) 07/23/06 18:20:52 [Note]: 7019 4 07/23/06 18:20:52 [Note]: 7005 0 07/23/06 18:21:23 [Note]: 7006 0 07/23/06 18:21:23 [Note]: 7011 1536 07/23/06 18:21:23 [Note]: 7026 0 07/23/06 18:21:23 [Note]: 7026 0 07/23/06 18:21:35 [Note]: FSRAW library version 1.7.1019 07/23/06 18:34:35 [Note]: 7007 0 III) dimanche 23 juillet 2006 20:21:22 Operating System: Microsoft Windows XP Home Edition, Service Pack 1 (Build 2600) Kaspersky Online Scanner version: 5.0.83.0 Kaspersky Anti-Virus database last update: 23/07/2006 Kaspersky Anti-Virus database records: 209388 Scan Settings Scan using the following antivirus database extended Scan Archives true Scan Mail Bases true Scan Target My Computer A:\ C:\ D:\ E:\ F:\ Scan Statistics Total number of scanned objects 97149 Number of viruses found 11 Number of infected objects 34 / 0 Number of suspicious objects 0 Duration of the scan process 01:29:48 Infected Object Name Virus Name Last Action C:\a52cf47822f53bdd3f0e78b84c33\sp2\spmsg.dll Object is locked skipped C:\a52cf47822f53bdd3f0e78b84c33\sp2\spuninst.exe Object is locked skipped C:\a52cf47822f53bdd3f0e78b84c33\sp2\update\eula.txt Object is locked skipped C:\a52cf47822f53bdd3f0e78b84c33\sp2\update\spcustom.dll Object is locked skipped C:\a52cf47822f53bdd3f0e78b84c33\sp2\update\update.exe Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Dr Watson\user.dmp Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Windows NT\MSFax\ActivityLog\InboxLOG.txt Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Windows NT\MSFax\ActivityLog\OutboxLOG.txt Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Temp\Cookies\index.dat Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Temp\Historique\History.IE5\index.dat Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Temp\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\default.zl4\Cache\CF98ABFFd01 Object is locked skipped C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\default.zl4\Cache\_CACHE_001_ Object is locked skipped C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\default.zl4\Cache\_CACHE_002_ Object is locked skipped C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\default.zl4\Cache\_CACHE_003_ Object is locked skipped C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\default.zl4\Cache\_CACHE_MAP_ Object is locked skipped C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\default.zl4\cert8.db Object is locked skipped C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\default.zl4\formhistory.dat Object is locked skipped C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\default.zl4\history.dat Object is locked skipped C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\default.zl4\key3.db Object is locked skipped C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\default.zl4\parent.lock Object is locked skipped C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\default.zl4\XUL.mfl Object is locked skipped C:\Documents and Settings\Propriétaire\Cookies\index.dat Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Application Data\ApplicationHistory\hpqgalry.exe.cf8dd223.ini.inuse Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Application Data\HP\Digital Imaging\db\administrativeInfo.dbf Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Application Data\HP\Digital Imaging\db\albumImagesTable.cdx Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Application Data\HP\Digital Imaging\db\albumImagesTable.dbf Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Application Data\HP\Digital Imaging\db\albumTable.cdx Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Application Data\HP\Digital Imaging\db\albumTable.dbf Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Application Data\HP\Digital Imaging\db\CB_Server_Errors.txt Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Application Data\HP\Digital Imaging\db\EXIFTable.cdx Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Application Data\HP\Digital Imaging\db\EXIFTable.dbf Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Application Data\HP\Digital Imaging\db\imageTable.cdx Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Application Data\HP\Digital Imaging\db\imageTable.dbf Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Application Data\HP\Digital Imaging\db\imageTable.fpt Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Application Data\HP\Digital Imaging\db\keywordImagesTable.cdx Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Application Data\HP\Digital Imaging\db\keywordImagesTable.dbf Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Application Data\HP\Digital Imaging\db\keywordTable.cdx Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Application Data\HP\Digital Imaging\db\keywordTable.dbf Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Application Data\HP\Digital Imaging\db\managedFolderTable.dbf Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Application Data\HP\Digital Imaging\db\pathnameTable.cdx Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Application Data\HP\Digital Imaging\db\pathnameTable.dbf Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Application Data\HP\Digital Imaging\db\ROFImagesTable.cdx Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Application Data\HP\Digital Imaging\db\ROFImagesTable.dbf Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Application Data\HP\Digital Imaging\db\ROFTable.cdx Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Application Data\HP\Digital Imaging\db\ROFTable.dbf Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Historique\History.IE5\index.dat Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Historique\History.IE5\MSHist012006072320060724\index.dat Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Temp\~DFE61E.tmp Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped C:\Documents and Settings\Propriétaire\NTUSER.DAT Object is locked skipped C:\Documents and Settings\Propriétaire\ntuser.dat.LOG Object is locked skipped C:\Documents and Settings\Propriétaire\UserData\index.dat Object is locked skipped C:\hp\bin\KillWind.exe Infected: not-a-virus:RiskTool.Win32.PsKill.p skipped C:\hp\region\FR_FR-ie.reg Infected: Trojan.WinREG.StartPage skipped C:\Program Files\Alwil Software\Avast4\DATA\aswResp.dat Object is locked skipped C:\Program Files\Alwil Software\Avast4\DATA\Avast4.db Object is locked skipped C:\Program Files\Alwil Software\Avast4\DATA\log\nshield.log Object is locked skipped C:\Program Files\hp center\137903\Users\Default\Data\chandir.dat Object is locked skipped C:\Program Files\hp center\137903\Users\Default\Data\chandir.idx Object is locked skipped C:\Program Files\hp center\137903\Users\Default\Data\chn.dat Object is locked skipped C:\Program Files\hp center\137903\Users\Default\Data\chn.idx Object is locked skipped C:\Program Files\hp center\137903\Users\Default\Data\D0000000.FCS Object is locked skipped C:\Program Files\hp center\137903\Users\Default\Data\inuse.txt Object is locked skipped C:\Program Files\hp center\137903\Users\Default\Data\L0000001.FCS Object is locked skipped C:\Program Files\hp center\137903\Users\Default\Data\main.log Object is locked skipped C:\Program Files\hp center\137903\Users\Default\Data\prs.dat Object is locked skipped C:\Program Files\hp center\137903\Users\Default\Data\prs.idx Object is locked skipped C:\Program Files\hp center\137903\Users\Default\Data\prs_die.dat Object is locked skipped C:\Program Files\hp center\137903\Users\Default\Data\prs_die.idx Object is locked skipped C:\Program Files\hp center\137903\Users\Default\Data\prs_dnd.dat Object is locked skipped C:\Program Files\hp center\137903\Users\Default\Data\prs_dnd.idx Object is locked skipped C:\Program Files\hp center\137903\Users\Default\Data\prs_ext.dat Object is locked skipped C:\Program Files\hp center\137903\Users\Default\Data\prs_ext.idx Object is locked skipped C:\Program Files\hp center\137903\Users\Default\Data\prs_rcv.dat Object is locked skipped C:\Program Files\hp center\137903\Users\Default\Data\prs_rcv.idx Object is locked skipped C:\Program Files\hp center\137903\Users\Default\Data\storydb.dat Object is locked skipped C:\Program Files\hp center\137903\Users\Default\Data\storydb.idx Object is locked skipped C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped C:\System Volume Information\_restore{743EF1E5-575C-4DE0-83AC-1B587C8E90E9}\RP105\change.log Object is locked skipped C:\System Volume Information\_restore{743EF1E5-575C-4DE0-83AC-1B587C8E90E9}\RP90\A0085892.dll Infected: not-a-virus:Porn-Dialer.Win32.InstantAccess skipped C:\System Volume Information\_restore{743EF1E5-575C-4DE0-83AC-1B587C8E90E9}\RP90\A0085893.dll Infected: not-a-virus:Porn-Dialer.Win32.InstantAccess skipped C:\System Volume Information\_restore{743EF1E5-575C-4DE0-83AC-1B587C8E90E9}\RP90\A0085894.dll Infected: not-a-virus:Porn-Dialer.Win32.InstantAccess skipped C:\System Volume Information\_restore{743EF1E5-575C-4DE0-83AC-1B587C8E90E9}\RP90\A0085895.dll Infected: not-a-virus:Server-Proxy.Win32.MarketScode.c skipped C:\System Volume Information\_restore{743EF1E5-575C-4DE0-83AC-1B587C8E90E9}\RP99\A0094610.exe Infected: not-a-virus:AdWare.Win32.NewDotNet.g skipped C:\System Volume Information\_restore{743EF1E5-575C-4DE0-83AC-1B587C8E90E9}\RP99\A0094611.exe Infected: not-a-virus:AdWare.Win32.NewDotNet skipped C:\System Volume Information\_restore{743EF1E5-575C-4DE0-83AC-1B587C8E90E9}\RP99\A0094612.dll Infected: not-a-virus:AdWare.Win32.NewDotNet skipped C:\System Volume Information\_restore{743EF1E5-575C-4DE0-83AC-1B587C8E90E9}\RP99\A0094613.exe Infected: not-a-virus:AdWare.Win32.NewDotNet skipped C:\System Volume Information\_restore{743EF1E5-575C-4DE0-83AC-1B587C8E90E9}\RP99\A0094614.exe Infected: not-a-virus:AdWare.Win32.NewDotNet skipped C:\System Volume Information\_restore{743EF1E5-575C-4DE0-83AC-1B587C8E90E9}\RP99\A0094637.exe Infected: not-a-virus:AdWare.Win32.NewDotNet skipped C:\System Volume Information\_restore{743EF1E5-575C-4DE0-83AC-1B587C8E90E9}\RP99\A0094638.exe Infected: not-a-virus:AdWare.Win32.NewDotNet skipped C:\System Volume Information\_restore{743EF1E5-575C-4DE0-83AC-1B587C8E90E9}\RP99\A0094652.exe/CD_INSTALL_268.EXE/cd_clint.dll Infected: not-a-virus:AdWare.Win32.Cydoor skipped C:\System Volume Information\_restore{743EF1E5-575C-4DE0-83AC-1B587C8E90E9}\RP99\A0094652.exe/CD_INSTALL_268.EXE/cd_htm.dll Infected: not-a-virus:AdWare.Win32.Cydoor skipped C:\System Volume Information\_restore{743EF1E5-575C-4DE0-83AC-1B587C8E90E9}\RP99\A0094652.exe/CD_INSTALL_268.EXE Infected: not-a-virus:AdWare.Win32.Cydoor skipped C:\System Volume Information\_restore{743EF1E5-575C-4DE0-83AC-1B587C8E90E9}\RP99\A0094652.exe ZIP: infected - 3 skipped C:\System Volume Information\_restore{743EF1E5-575C-4DE0-83AC-1B587C8E90E9}\RP99\A0094653.dll Infected: not-a-virus:AdWare.Win32.Cydoor skipped C:\System Volume Information\_restore{743EF1E5-575C-4DE0-83AC-1B587C8E90E9}\RP99\A0094654.dll Infected: not-a-virus:AdWare.Win32.Cydoor skipped C:\System Volume Information\_restore{743EF1E5-575C-4DE0-83AC-1B587C8E90E9}\RP99\A0094655.exe/CD_INSTALL_268.EXE/cd_clint.dll Infected: not-a-virus:AdWare.Win32.Cydoor skipped C:\System Volume Information\_restore{743EF1E5-575C-4DE0-83AC-1B587C8E90E9}\RP99\A0094655.exe/CD_INSTALL_268.EXE/cd_htm.dll Infected: not-a-virus:AdWare.Win32.Cydoor skipped C:\System Volume Information\_restore{743EF1E5-575C-4DE0-83AC-1B587C8E90E9}\RP99\A0094655.exe/CD_INSTALL_268.EXE Infected: not-a-virus:AdWare.Win32.Cydoor skipped C:\System Volume Information\_restore{743EF1E5-575C-4DE0-83AC-1B587C8E90E9}\RP99\A0094655.exe ZIP: infected - 3 skipped C:\System Volume Information\_restore{743EF1E5-575C-4DE0-83AC-1B587C8E90E9}\RP99\A0094656.exe/CD_INSTALL_268.EXE/cd_clint.dll Infected: not-a-virus:AdWare.Win32.Cydoor skipped C:\System Volume Information\_restore{743EF1E5-575C-4DE0-83AC-1B587C8E90E9}\RP99\A0094656.exe/CD_INSTALL_268.EXE/cd_htm.dll Infected: not-a-virus:AdWare.Win32.Cydoor skipped C:\System Volume Information\_restore{743EF1E5-575C-4DE0-83AC-1B587C8E90E9}\RP99\A0094656.exe/CD_INSTALL_268.EXE Infected: not-a-virus:AdWare.Win32.Cydoor skipped C:\System Volume Information\_restore{743EF1E5-575C-4DE0-83AC-1B587C8E90E9}\RP99\A0094656.exe ZIP: infected - 3 skipped C:\System Volume Information\_restore{743EF1E5-575C-4DE0-83AC-1B587C8E90E9}\RP99\A0094657.exe Infected: not-a-virus:Dialer.Win32.E-Group.k skipped C:\System Volume Information\_restore{743EF1E5-575C-4DE0-83AC-1B587C8E90E9}\RP99\A0094658.exe/data0011 Infected: not-a-virus:AdWare.Win32.NewDotNet skipped C:\System Volume Information\_restore{743EF1E5-575C-4DE0-83AC-1B587C8E90E9}\RP99\A0094658.exe/data0012 Infected: not-a-virus:AdWare.Win32.GigatechSuperBar skipped C:\System Volume Information\_restore{743EF1E5-575C-4DE0-83AC-1B587C8E90E9}\RP99\A0094658.exe/data0013 Infected: not-a-virus:AdWare.Win32.SaveNow.bx skipped C:\System Volume Information\_restore{743EF1E5-575C-4DE0-83AC-1B587C8E90E9}\RP99\A0094658.exe NSIS: infected - 3 skipped C:\System Volume Information\_restore{743EF1E5-575C-4DE0-83AC-1B587C8E90E9}\RP99\A0094659.exe Infected: not-a-virus:Dialer.Win32.E-Group.k skipped C:\System Volume Information\_restore{743EF1E5-575C-4DE0-83AC-1B587C8E90E9}\RP99\A0094660.dll Infected: not-a-virus:AdWare.Win32.Neon.a skipped C:\WINDOWS\$NtUninstallKB833330$\Blastcln\blastcln.exe Object is locked skipped C:\WINDOWS\Debug\oakley.log Object is locked skipped C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped C:\WINDOWS\SchedLgU.Txt Object is locked skipped C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped C:\WINDOWS\Sti_Trace.log Object is locked skipped C:\WINDOWS\system32\config\Antivirus.Evt Object is locked skipped C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped C:\WINDOWS\system32\config\default Object is locked skipped C:\WINDOWS\system32\config\default.LOG Object is locked skipped C:\WINDOWS\system32\config\SAM Object is locked skipped C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped C:\WINDOWS\system32\config\SECURITY Object is locked skipped C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped C:\WINDOWS\system32\config\software Object is locked skipped C:\WINDOWS\system32\config\software.LOG Object is locked skipped C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped C:\WINDOWS\system32\config\system Object is locked skipped C:\WINDOWS\system32\config\system.LOG Object is locked skipped C:\WINDOWS\system32\h323log.txt Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped C:\WINDOWS\Temp\Perflib_Perfdata_668.dat Object is locked skipped C:\WINDOWS\wiadebug.log Object is locked skipped C:\WINDOWS\wiaservc.log Object is locked skipped C:\WINDOWS\WindowsUpdate.log Object is locked skipped Scan process completed.

je sais ke ça va être un peu lourd, mais ça beugue un peu encore avec Trend. c bizarre mais à chake fois ke je veu le lancer, ça met un mess d'erreur et toutes mes fenêtres internet se referment... je peux pas faire un scan complet avec avast! en mode sans échec?

j'essaie plusieurs fois mais il m'envoie le mess: "Setup.exe a rencontré un problème et doit fermer" ça arrive à chake fois en fin d'installation à la fin du dezip du programme

ok mais au moment de telecharger Panda, avast! me dit k'il contient un virus: Win32:CTX. alors je coupe avast! mais au moment de l'installation il me fait la même choz

salut! voici le rapport de Kaspersky ke tu m'as demandé: KASPERSKY ON-LINE SCANNER - RAPPORT mardi 18 juillet 2006 13:38:00 Système d'exploitation : Microsoft Windows XP Home Edition, Service Pack 1 (Build 2600) Version de Kaspersky On-line Scanner: 5.0.78.0 Dernière mise à jour de la base antivirus Kaspersky : 18/07/2006 Enregistrements dans la base antivirus Kaspersky : 208095 Paramètres d'analyse Analyser avec la base antivirus suivante étendue Analyser les archives vrai Analyser les bases de messagerie. vrai Cible de l'analyse Poste de travail A:\ C:\ D:\ E:\ F:\ Statistiques de l'analyse Total d'objets analysés : 96484 Nombre de virus trouvés 11 Nombre d'objets infectés 38 Nombre d'objets suspects 0 Durée de l'analyse 01:18:57 Nom de l'objet infecté Nom du virus Dernière action C:\hp\bin\KillWind.exe Infecté: not-a-virus:RiskTool.Win32.PsKill.p ignoré C:\hp\region\FR_FR-ie.reg Infecté: Trojan.WinREG.StartPage ignoré C:\System Volume Information\_restore{743EF1E5-575C-4DE0-83AC-1B587C8E90E9}\RP90\A0085892.dll Infecté: not-a-virus:Porn-Dialer.Win32.InstantAccess ignoré C:\System Volume Information\_restore{743EF1E5-575C-4DE0-83AC-1B587C8E90E9}\RP90\A0085893.dll Infecté: not-a-virus:Porn-Dialer.Win32.InstantAccess ignoré C:\System Volume Information\_restore{743EF1E5-575C-4DE0-83AC-1B587C8E90E9}\RP90\A0085894.dll Infecté: not-a-virus:Porn-Dialer.Win32.InstantAccess ignoré C:\System Volume Information\_restore{743EF1E5-575C-4DE0-83AC-1B587C8E90E9}\RP90\A0085895.dll Infecté: not-a-virus:Server-Proxy.Win32.MarketScode.c ignoré C:\System Volume Information\_restore{743EF1E5-575C-4DE0-83AC-1B587C8E90E9}\RP99\A0094610.exe Infecté: not-a-virus:AdWare.Win32.NewDotNet.g ignoré C:\System Volume Information\_restore{743EF1E5-575C-4DE0-83AC-1B587C8E90E9}\RP99\A0094611.exe Infecté: not-a-virus:AdWare.Win32.NewDotNet ignoré C:\System Volume Information\_restore{743EF1E5-575C-4DE0-83AC-1B587C8E90E9}\RP99\A0094612.dll Infecté: not-a-virus:AdWare.Win32.NewDotNet ignoré C:\System Volume Information\_restore{743EF1E5-575C-4DE0-83AC-1B587C8E90E9}\RP99\A0094613.exe Infecté: not-a-virus:AdWare.Win32.NewDotNet ignoré C:\System Volume Information\_restore{743EF1E5-575C-4DE0-83AC-1B587C8E90E9}\RP99\A0094614.exe Infecté: not-a-virus:AdWare.Win32.NewDotNet ignoré C:\System Volume Information\_restore{743EF1E5-575C-4DE0-83AC-1B587C8E90E9}\RP99\A0094637.exe Infecté: not-a-virus:AdWare.Win32.NewDotNet ignoré C:\System Volume Information\_restore{743EF1E5-575C-4DE0-83AC-1B587C8E90E9}\RP99\A0094638.exe Infecté: not-a-virus:AdWare.Win32.NewDotNet ignoré C:\System Volume Information\_restore{743EF1E5-575C-4DE0-83AC-1B587C8E90E9}\RP99\A0094652.exe/CD_INSTALL_268.EXE/cd_clint.dll Infecté: not-a-virus:AdWare.Win32.Cydoor ignoré C:\System Volume Information\_restore{743EF1E5-575C-4DE0-83AC-1B587C8E90E9}\RP99\A0094652.exe/CD_INSTALL_268.EXE/cd_htm.dll Infecté: not-a-virus:AdWare.Win32.Cydoor ignoré C:\System Volume Information\_restore{743EF1E5-575C-4DE0-83AC-1B587C8E90E9}\RP99\A0094652.exe/CD_INSTALL_268.EXE Infecté: not-a-virus:AdWare.Win32.Cydoor ignoré C:\System Volume Information\_restore{743EF1E5-575C-4DE0-83AC-1B587C8E90E9}\RP99\A0094652.exe ZIP: infecté - 3 ignoré C:\System Volume Information\_restore{743EF1E5-575C-4DE0-83AC-1B587C8E90E9}\RP99\A0094653.dll Infecté: not-a-virus:AdWare.Win32.Cydoor ignoré C:\System Volume Information\_restore{743EF1E5-575C-4DE0-83AC-1B587C8E90E9}\RP99\A0094654.dll Infecté: not-a-virus:AdWare.Win32.Cydoor ignoré C:\System Volume Information\_restore{743EF1E5-575C-4DE0-83AC-1B587C8E90E9}\RP99\A0094655.exe/CD_INSTALL_268.EXE/cd_clint.dll Infecté: not-a-virus:AdWare.Win32.Cydoor ignoré C:\System Volume Information\_restore{743EF1E5-575C-4DE0-83AC-1B587C8E90E9}\RP99\A0094655.exe/CD_INSTALL_268.EXE/cd_htm.dll Infecté: not-a-virus:AdWare.Win32.Cydoor ignoré C:\System Volume Information\_restore{743EF1E5-575C-4DE0-83AC-1B587C8E90E9}\RP99\A0094655.exe/CD_INSTALL_268.EXE Infecté: not-a-virus:AdWare.Win32.Cydoor ignoré C:\System Volume Information\_restore{743EF1E5-575C-4DE0-83AC-1B587C8E90E9}\RP99\A0094655.exe ZIP: infecté - 3 ignoré C:\System Volume Information\_restore{743EF1E5-575C-4DE0-83AC-1B587C8E90E9}\RP99\A0094656.exe/CD_INSTALL_268.EXE/cd_clint.dll Infecté: not-a-virus:AdWare.Win32.Cydoor ignoré C:\System Volume Information\_restore{743EF1E5-575C-4DE0-83AC-1B587C8E90E9}\RP99\A0094656.exe/CD_INSTALL_268.EXE/cd_htm.dll Infecté: not-a-virus:AdWare.Win32.Cydoor ignoré C:\System Volume Information\_restore{743EF1E5-575C-4DE0-83AC-1B587C8E90E9}\RP99\A0094656.exe/CD_INSTALL_268.EXE Infecté: not-a-virus:AdWare.Win32.Cydoor ignoré C:\System Volume Information\_restore{743EF1E5-575C-4DE0-83AC-1B587C8E90E9}\RP99\A0094656.exe ZIP: infecté - 3 ignoré C:\System Volume Information\_restore{743EF1E5-575C-4DE0-83AC-1B587C8E90E9}\RP99\A0094657.exe Infecté: not-a-virus:Dialer.Win32.E-Group.k ignoré C:\System Volume Information\_restore{743EF1E5-575C-4DE0-83AC-1B587C8E90E9}\RP99\A0094658.exe/data0011 Infecté: not-a-virus:AdWare.Win32.NewDotNet ignoré C:\System Volume Information\_restore{743EF1E5-575C-4DE0-83AC-1B587C8E90E9}\RP99\A0094658.exe/data0012 Infecté: not-a-virus:AdWare.Win32.GigatechSuperBar ignoré C:\System Volume Information\_restore{743EF1E5-575C-4DE0-83AC-1B587C8E90E9}\RP99\A0094658.exe/data0013 Infecté: not-a-virus:AdWare.Win32.SaveNow.bx ignoré C:\System Volume Information\_restore{743EF1E5-575C-4DE0-83AC-1B587C8E90E9}\RP99\A0094658.exe NSIS: infecté - 3 ignoré C:\System Volume Information\_restore{743EF1E5-575C-4DE0-83AC-1B587C8E90E9}\RP99\A0094659.exe Infecté: not-a-virus:Dialer.Win32.E-Group.k ignoré C:\System Volume Information\_restore{743EF1E5-575C-4DE0-83AC-1B587C8E90E9}\RP99\A0094660.dll Infecté: not-a-virus:AdWare.Win32.Neon.a ignoré C:\WINDOWS\system32\config\systemprofile\Mes documents\netant\setup.exe/CD_INSTALL_268.EXE/cd_clint.dll Infecté: not-a-virus:AdWare.Win32.Cydoor ignoré C:\WINDOWS\system32\config\systemprofile\Mes documents\netant\setup.exe/CD_INSTALL_268.EXE/cd_htm.dll Infecté: not-a-virus:AdWare.Win32.Cydoor ignoré C:\WINDOWS\system32\config\systemprofile\Mes documents\netant\setup.exe/CD_INSTALL_268.EXE Infecté: not-a-virus:AdWare.Win32.Cydoor ignoré C:\WINDOWS\system32\config\systemprofile\Mes documents\netant\setup.exe ZIP: infecté - 3 ignoré Analyse terminée. bye à + tard

ok, les seuls fichiers ke je n'ai pas pu supprimer sont les suivants: regsvr32 /u C:\WINDOWS\system32\cd_clint.dll regsvr32 /u C:\WINDOWS\system32\cd_htm.dll regsvr32 /u C:\WINDOWS\lbbho.dll et Ewido n'a pas pu traiter les 2 fichiers suivants: C:\Documents and Settings\Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\index.dat C:\Documents and Settings\Propriétaire\Local Settings\Temporary Internet Files\Content.IE5 et je te mets à la suite les 2 rapports ke tu m'as demandé: Logfile of HijackThis v1.99.1 Scan saved at 19:09:00, on 17/07/2006 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\Program Files\ewido anti-spyware 4.0\guard.exe C:\WINDOWS\System32\nvsvc32.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\fxssvc.exe C:\WINDOWS\Explorer.EXE C:\windows\system\hpsysdrv.exe C:\Program Files\USB Storage RW\shwicon.exe C:\HP\KBD\KBD.EXE C:\Program Files\VERITAS Software\Update Manager\sgtray.exe C:\WINDOWS\System32\RUNDLL32.EXE C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\WINDOWS\vsnpstd.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\VM_STI.EXE C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe C:\WINDOWS\System32\rundll32.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\ewido anti-spyware 4.0\ewido.exe C:\Program Files\Advanced Messenger Plus\AdvMsg.exe C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe C:\Program Files\hp center\137903\Program\BackWeb-137903.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\SAGEM Wi-Fi USB 802.11g\WLANUTL.exe C:\Program Files\OpenOffice.org1.1.5\program\soffice.exe C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\WINDOWS\system32\NOTEPAD.EXE C:\Documents and Settings\Propriétaire\Bureau\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr7.hpwis.com/ R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://srch-fr7.hpwis.com/ R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://srch-fr7.hpwis.com/ R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr7.hpwis.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://srch-fr7.hpwis.com/ R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://192.168.1.1/ServicesAcces.html R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe O4 - HKLM\..\Run: [KYE_Showicon] "C:\Program Files\USB Storage RW\shwicon.exe" -t"KYE\USB Storage RW" O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE O4 - HKLM\..\Run: [storageGuard] "C:\Program Files\VERITAS Software\Update Manager\sgtray.exe" /r O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe" O4 - HKLM\..\Run: [snpstd] C:\WINDOWS\vsnpstd.exe O4 - HKLM\..\Run: [bigDogPath] C:\WINDOWS\VM_STI.EXE VIMICRO USB PC Camera 301x O4 - HKLM\..\Run: [mmtask] "C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe" O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook O4 - Startup: OpenOffice.org 1.1.5.lnk = C:\Program Files\OpenOffice.org1.1.5\program\quickstart.exe O4 - Global Startup: Advanced Messenger Plus.lnk = C:\Program Files\Advanced Messenger Plus\AdvMsg.exe O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe O4 - Global Startup: Démarrage rapide du logiciel HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe O4 - Global Startup: hp center.lnk = C:\Program Files\hp center\137903\Program\BackWeb-137903.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O4 - Global Startup: Sagem - Utilitaire réseau pour Clé USB Wi-Fi 802.11g.lnk = ? O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html O8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Program Files\TuneUp Utilities 2004\WinStylerThemeSvc.exe --------------------------------------------------------- ewido anti-spyware - Scan Report --------------------------------------------------------- + Created at: 18:58:59 17/07/2006 + Scan result: C:\WINDOWS\system32\AdCache -> Adware.Cydoor : Cleaned with backup (quarantined). C:\WINDOWS\system32\AdCache\b_149300.GIF -> Adware.Cydoor : Cleaned with backup (quarantined). C:\WINDOWS\system32\AdCache\b_149301.GIF -> Adware.Cydoor : Cleaned with backup (quarantined). C:\WINDOWS\system32\P2P Networking -> Adware.P2PNetworking : Cleaned with backup (quarantined). C:\WINDOWS\system32\P2P Networking\Cache -> Adware.P2PNetworking : Cleaned with backup (quarantined). C:\WINDOWS\system32\P2P Networking\Cache\Database -> Adware.P2PNetworking : Cleaned with backup (quarantined). C:\WINDOWS\system32\P2P Networking\MARSHAL.DLL -> Adware.P2PNetworking : Cleaned with backup (quarantined). C:\WINDOWS\system32\P2P Networking\P2P Networking.eng -> Adware.P2PNetworking : Cleaned with backup (quarantined). C:\WINDOWS\Downloaded Program Files\WebP2PInstaller.dll -> Adware.PeerNet : Cleaned with backup (quarantined). :mozilla.212:C:\Documents and Settings\Default User\Application Data\Mozilla\Firefox\Profiles\default.zl4\cookies.txt -> TrackingCookie.247realmedia : Cleaned. :mozilla.212:C:\WINDOWS\system32\config\systemprofile\Application Data\Mozilla\Firefox\Profiles\default.zl4\cookies.txt -> TrackingCookie.247realmedia : Cleaned. :mozilla.199:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\default.zl4\cookies.txt -> TrackingCookie.2o7 : Cleaned. :mozilla.200:C:\Documents and Settings\Default User\Application Data\Mozilla\Firefox\Profiles\default.zl4\cookies.txt -> TrackingCookie.2o7 : Cleaned. :mozilla.200:C:\WINDOWS\system32\config\systemprofile\Application Data\Mozilla\Firefox\Profiles\default.zl4\cookies.txt -> TrackingCookie.2o7 : Cleaned. :mozilla.201:C:\Documents and Settings\Default User\Application Data\Mozilla\Firefox\Profiles\default.zl4\cookies.txt -> TrackingCookie.2o7 : Cleaned. :mozilla.201:C:\WINDOWS\system32\config\systemprofile\Application Data\Mozilla\Firefox\Profiles\default.zl4\cookies.txt -> TrackingCookie.2o7 : Cleaned. :mozilla.202:C:\Documents and Settings\Default User\Application Data\Mozilla\Firefox\Profiles\default.zl4\cookies.txt -> TrackingCookie.2o7 : Cleaned. :mozilla.202:C:\WINDOWS\system32\config\systemprofile\Application Data\Mozilla\Firefox\Profiles\default.zl4\cookies.txt -> TrackingCookie.2o7 : Cleaned. :mozilla.203:C:\Documents and Settings\Default User\Application Data\Mozilla\Firefox\Profiles\default.zl4\cookies.txt -> TrackingCookie.2o7 : Cleaned. :mozilla.203:C:\WINDOWS\system32\config\systemprofile\Application Data\Mozilla\Firefox\Profiles\default.zl4\cookies.txt -> TrackingCookie.2o7 : Cleaned. :mozilla.204:C:\Documents and Settings\Default User\Application Data\Mozilla\Firefox\Profiles\default.zl4\cookies.txt -> TrackingCookie.2o7 : Cleaned. :mozilla.204:C:\WINDOWS\system32\config\systemprofile\Application Data\Mozilla\Firefox\Profiles\default.zl4\cookies.txt -> TrackingCookie.2o7 : Cleaned. :mozilla.216:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\default.zl4\cookies.txt -> TrackingCookie.2o7 : Cleaned. :mozilla.31:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\default.zl4\cookies.txt -> TrackingCookie.2o7 : Cleaned. :mozilla.32:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\default.zl4\cookies.txt -> TrackingCookie.2o7 : Cleaned. :mozilla.33:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\default.zl4\cookies.txt -> TrackingCookie.2o7 : Cleaned. :mozilla.34:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\default.zl4\cookies.txt -> TrackingCookie.2o7 : Cleaned. C:\RECYCLER\S-1-5-21-3921628610-771700765-806802904-1003\Dc633.txt -> TrackingCookie.2o7 : Cleaned. C:\RECYCLER\S-1-5-21-3921628610-771700765-806802904-1003\Dc832.txt -> TrackingCookie.2o7 : Cleaned. C:\RECYCLER\S-1-5-21-3921628610-771700765-806802904-1003\Dc837.txt -> TrackingCookie.2o7 : Cleaned. :mozilla.235:C:\Documents and Settings\Default User\Application Data\Mozilla\Firefox\Profiles\default.zl4\cookies.txt -> TrackingCookie.Adjuggler : Cleaned. :mozilla.235:C:\WINDOWS\system32\config\systemprofile\Application Data\Mozilla\Firefox\Profiles\default.zl4\cookies.txt -> TrackingCookie.Adjuggler : Cleaned. :mozilla.185:C:\Documents and Settings\Default User\Application Data\Mozilla\Firefox\Profiles\default.zl4\cookies.txt -> TrackingCookie.Adtech : Cleaned. :mozilla.185:C:\WINDOWS\system32\config\systemprofile\Application Data\Mozilla\Firefox\Profiles\default.zl4\cookies.txt -> TrackingCookie.Adtech : Cleaned. :mozilla.186:C:\Documents and Settings\Default User\Application Data\Mozilla\Firefox\Profiles\default.zl4\cookies.txt -> TrackingCookie.Adtech : Cleaned. :mozilla.186:C:\WINDOWS\system32\config\systemprofile\Application Data\Mozilla\Firefox\Profiles\default.zl4\cookies.txt -> TrackingCookie.Adtech : Cleaned. :mozilla.73:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\default.zl4\cookies.txt -> TrackingCookie.Adtech : Cleaned. :mozilla.75:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\default.zl4\cookies.txt -> TrackingCookie.Adtech : Cleaned. C:\RECYCLER\S-1-5-21-3921628610-771700765-806802904-1003\Dc790.txt -> TrackingCookie.Adtech : Cleaned. :mozilla.139:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\default.zl4\cookies.txt -> TrackingCookie.Advertising : Cleaned. :mozilla.140:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\default.zl4\cookies.txt -> TrackingCookie.Advertising : Cleaned. :mozilla.141:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\default.zl4\cookies.txt -> TrackingCookie.Advertising : Cleaned. :mozilla.142:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\default.zl4\cookies.txt -> TrackingCookie.Advertising : Cleaned. :mozilla.55:C:\Documents and Settings\Default User\Application Data\Mozilla\Firefox\Profiles\default.zl4\cookies.txt -> TrackingCookie.Advertising : Cleaned. :mozilla.55:C:\WINDOWS\system32\config\systemprofile\Application Data\Mozilla\Firefox\Profiles\default.zl4\cookies.txt -> TrackingCookie.Advertising : Cleaned. :mozilla.56:C:\Documents and Settings\Default User\Application Data\Mozilla\Firefox\Profiles\default.zl4\cookies.txt -> TrackingCookie.Advertising : Cleaned. :mozilla.56:C:\WINDOWS\system32\config\systemprofile\Application Data\Mozilla\Firefox\Profiles\default.zl4\cookies.txt -> TrackingCookie.Advertising : Cleaned. :mozilla.57:C:\Documents and Settings\Default User\Application Data\Mozilla\Firefox\Profiles\default.zl4\cookies.txt -> TrackingCookie.Advertising : Cleaned. :mozilla.57:C:\WINDOWS\system32\config\systemprofile\Application Data\Mozilla\Firefox\Profiles\default.zl4\cookies.txt -> TrackingCookie.Advertising : Cleaned. :mozilla.58:C:\Documents and Settings\Default User\Application Data\Mozilla\Firefox\Profiles\default.zl4\cookies.txt -> TrackingCookie.Advertising : Cleaned. :mozilla.58:C:\WINDOWS\system32\config\systemprofile\Application Data\Mozilla\Firefox\Profiles\default.zl4\cookies.txt -> TrackingCookie.Advertising : Cleaned. :mozilla.59:C:\Documents and Settings\Default User\Application Data\Mozilla\Firefox\Profiles\default.zl4\cookies.txt -> TrackingCookie.Advertising : Cleaned. :mozilla.59:C:\WINDOWS\system32\config\systemprofile\Application Data\Mozilla\Firefox\Profiles\default.zl4\cookies.txt -> TrackingCookie.Advertising : Cleaned. :mozilla.60:C:\Documents and Settings\Default User\Application Data\Mozilla\Firefox\Profiles\default.zl4\cookies.txt -> TrackingCookie.Advertising : Cleaned. :mozilla.60:C:\WINDOWS\system32\config\systemprofile\Application Data\Mozilla\Firefox\Profiles\default.zl4\cookies.txt -> TrackingCookie.Advertising : Cleaned. :mozilla.61:C:\Documents and Settings\Default User\Application Data\Mozilla\Firefox\Profiles\default.zl4\cookies.txt -> TrackingCookie.Advertising : Cleaned. :mozilla.61:C:\WINDOWS\system32\config\systemprofile\Application Data\Mozilla\Firefox\Profiles\default.zl4\cookies.txt -> TrackingCookie.Advertising : Cleaned. :mozilla.62:C:\Documents and Settings\Default User\Application Data\Mozilla\Firefox\Profiles\default.zl4\cookies.txt -> TrackingCookie.Advertising : Cleaned. :mozilla.62:C:\WINDOWS\system32\config\systemprofile\Application Data\Mozilla\Firefox\Profiles\default.zl4\cookies.txt -> TrackingCookie.Advertising : Cleaned. :mozilla.63:C:\Documents and Settings\Default User\Application Data\Mozilla\Firefox\Profiles\default.zl4\cookies.txt -> TrackingCookie.Advertising : Cleaned. :mozilla.63:C:\WINDOWS\system32\config\systemprofile\Application Data\Mozilla\Firefox\Profiles\default.zl4\cookies.txt -> TrackingCookie.Advertising : Cleaned. :mozilla.64:C:\Documents and Settings\Default User\Application Data\Mozilla\Firefox\Profiles\default.zl4\cookies.txt -> TrackingCookie.Advertising : Cleaned. :mozilla.64:C:\WINDOWS\system32\config\systemprofile\Application Data\Mozilla\Firefox\Profiles\default.zl4\cookies.txt -> TrackingCookie.Advertising : Cleaned. :mozilla.65:C:\Documents and Settings\Default User\Application Data\Mozilla\Firefox\Profiles\default.zl4\cookies.txt -> TrackingCookie.Advertising : Cleaned. :mozilla.65:C:\WINDOWS\system32\config\systemprofile\Application Data\Mozilla\Firefox\Profiles\default.zl4\cookies.txt -> TrackingCookie.Advertising : Cleaned. :mozilla.66:C:\Documents and Settings\Default User\Application Data\Mozilla\Firefox\Profiles\default.zl4\cookies.txt -> TrackingCookie.Advertising : Cleaned. :mozilla.66:C:\WINDOWS\system32\config\systemprofile\Application Data\Mozilla\Firefox\Profiles\default.zl4\cookies.txt -> TrackingCookie.Advertising : Cleaned. C:\Documents and Settings\Default User\Cookies\propriétaire@advertising[1].txt -> TrackingCookie.Advertising : Cleaned. C:\Documents and Settings\Default User\Cookies\propriétaire@servedby.advertising[2].txt -> TrackingCookie.Advertising : Cleaned. C:\RECYCLER\S-1-5-21-3921628610-771700765-806802904-1003\Dc645.txt -> TrackingCookie.Advertising : Cleaned. C:\WINDOWS\system32\config\systemprofile\Cookies\propriétaire@advertising[1].txt -> TrackingCookie.Advertising : Cleaned. C:\WINDOWS\system32\config\systemprofile\Cookies\propriétaire@servedby.advertising[2].txt -> TrackingCookie.Advertising : Cleaned. :mozilla.11:C:\Documents and Settings\Default User\Application Data\Mozilla\Firefox\Profiles\default.zl4\cookies.txt -> TrackingCookie.Atdmt : Cleaned. :mozilla.11:C:\WINDOWS\system32\config\systemprofile\Application Data\Mozilla\Firefox\Profiles\default.zl4\cookies.txt -> TrackingCookie.Atdmt : Cleaned. :mozilla.64:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\default.zl4\cookies.txt -> TrackingCookie.Atdmt : Cleaned. C:\Documents and Settings\Default User\Cookies\propriétaire@atdmt[2].txt -> TrackingCookie.Atdmt : Cleaned. C:\RECYCLER\S-1-5-21-3921628610-771700765-806802904-1003\Dc867.txt -> TrackingCookie.Atdmt : Cleaned. C:\WINDOWS\system32\config\systemprofile\Cookies\propriétaire@atdmt[2].txt -> TrackingCookie.Atdmt : Cleaned. :mozilla.209:C:\Documents and Settings\Default User\Application Data\Mozilla\Firefox\Profiles\default.zl4\cookies.txt -> TrackingCookie.Bfast : Cleaned. :mozilla.209:C:\WINDOWS\system32\config\systemprofile\Application Data\Mozilla\Firefox\Profiles\default.zl4\cookies.txt -> TrackingCookie.Bfast : Cleaned. :mozilla.18:C:\Documents and Settings\Default User\Application Data\Mozilla\Firefox\Profiles\default.zl4\cookies.txt -> TrackingCookie.Bluestreak : Cleaned. :mozilla.18:C:\WINDOWS\system32\config\systemprofile\Application Data\Mozilla\Firefox\Profiles\default.zl4\cookies.txt -> TrackingCookie.Bluestreak : Cleaned. :mozilla.66:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\default.zl4\cookies.txt -> TrackingCookie.Bluestreak : Cleaned. C:\RECYCLER\S-1-5-21-3921628610-771700765-806802904-1003\Dc532.txt -> TrackingCookie.Bluestreak : Cleaned. :mozilla.129:C:\Documents and Settings\Default User\Application Data\Mozilla\Firefox\Profiles\default.zl4\cookies.txt -> TrackingCookie.Casalemedia : Cleaned. :mozilla.129:C:\WINDOWS\system32\config\systemprofile\Application Data\Mozilla\Firefox\Profiles\default.zl4\cookies.txt -> TrackingCookie.Casalemedia : Cleaned. :mozilla.130:C:\Documents and Settings\Default User\Application Data\Mozilla\Firefox\Profiles\default.zl4\cookies.txt -> TrackingCookie.Casalemedia : Cleaned. :mozilla.130:C:\WINDOWS\system32\config\systemprofile\Application Data\Mozilla\Firefox\Profiles\default.zl4\cookies.txt -> TrackingCookie.Casalemedia : Cleaned. :mozilla.251:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\default.zl4\cookies.txt -> TrackingCookie.Casalemedia : Cleaned. :mozilla.252:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\default.zl4\cookies.txt -> TrackingCookie.Casalemedia : Cleaned. C:\RECYCLER\S-1-5-21-3921628610-771700765-806802904-1003\Dc573.txt -> TrackingCookie.Casalemedia : Cleaned. :mozilla.39:C:\Documents and Settings\Default User\Application Data\Mozilla\Firefox\Profiles\default.zl4\cookies.txt -> TrackingCookie.Comclick : Cleaned. :mozilla.39:C:\WINDOWS\system32\config\systemprofile\Application Data\Mozilla\Firefox\Profiles\default.zl4\cookies.txt -> TrackingCookie.Comclick : Cleaned. :mozilla.40:C:\Documents and Settings\Default User\Application Data\Mozilla\Firefox\Profiles\default.zl4\cookies.txt -> TrackingCookie.Comclick : Cleaned. :mozilla.40:C:\WINDOWS\system32\config\systemprofile\Application Data\Mozilla\Firefox\Profiles\default.zl4\cookies.txt -> TrackingCookie.Comclick : Cleaned. :mozilla.41:C:\Documents and Settings\Default User\Application Data\Mozilla\Firefox\Profiles\default.zl4\cookies.txt -> TrackingCookie.Comclick : Cleaned. :mozilla.41:C:\WINDOWS\system32\config\systemprofile\Application Data\Mozilla\Firefox\Profiles\default.zl4\cookies.txt -> TrackingCookie.Comclick : Cleaned. :mozilla.84:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\default.zl4\cookies.txt -> TrackingCookie.Comclick : Cleaned. :mozilla.85:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\default.zl4\cookies.txt -> TrackingCookie.Comclick : Cleaned. :mozilla.86:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\default.zl4\cookies.txt -> TrackingCookie.Comclick : Cleaned. C:\RECYCLER\S-1-5-21-3921628610-771700765-806802904-1003\Dc684.txt -> TrackingCookie.Comclick : Cleaned. :mozilla.12:C:\Documents and Settings\Default User\Application Data\Mozilla\Firefox\Profiles\default.zl4\cookies.txt -> TrackingCookie.Doubleclick : Cleaned. :mozilla.12:C:\WINDOWS\system32\config\systemprofile\Application Data\Mozilla\Firefox\Profiles\default.zl4\cookies.txt -> TrackingCookie.Doubleclick : Cleaned. :mozilla.53:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\default.zl4\cookies.txt -> TrackingCookie.Doubleclick : Cleaned. C:\Documents and Settings\Default User\Cookies\propriétaire@doubleclick[1].txt -> TrackingCookie.Doubleclick : Cleaned. C:\RECYCLER\S-1-5-21-3921628610-771700765-806802904-1003\Dc887.txt -> TrackingCookie.Doubleclick : Cleaned. C:\WINDOWS\system32\config\systemprofile\Cookies\propriétaire@doubleclick[1].txt -> TrackingCookie.Doubleclick : Cleaned. :mozilla.116:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\default.zl4\cookies.txt -> TrackingCookie.Estat : Cleaned. :mozilla.6:C:\Documents and Settings\Default User\Application Data\Mozilla\Firefox\Profiles\default.zl4\cookies.txt -> TrackingCookie.Estat : Cleaned. :mozilla.6:C:\WINDOWS\system32\config\systemprofile\Application Data\Mozilla\Firefox\Profiles\default.zl4\cookies.txt -> TrackingCookie.Estat : Cleaned. C:\RECYCLER\S-1-5-21-3921628610-771700765-806802904-1003\Dc893.txt -> TrackingCookie.Estat : Cleaned. :mozilla.111:C:\Documents and Settings\Default User\Application Data\Mozilla\Firefox\Profiles\default.zl4\cookies.txt -> TrackingCookie.Falkag : Cleaned. :mozilla.111:C:\WINDOWS\system32\config\systemprofile\Application Data\Mozilla\Firefox\Profiles\default.zl4\cookies.txt -> TrackingCookie.Falkag : Cleaned. :mozilla.112:C:\Documents and Settings\Default User\Application Data\Mozilla\Firefox\Profiles\default.zl4\cookies.txt -> TrackingCookie.Falkag : Cleaned. :mozilla.112:C:\WINDOWS\system32\config\systemprofile\Application Data\Mozilla\Firefox\Profiles\default.zl4\cookies.txt -> TrackingCookie.Falkag : Cleaned. :mozilla.87:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\default.zl4\cookies.txt -> TrackingCookie.Falkag : Cleaned. :mozilla.88:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\default.zl4\cookies.txt -> TrackingCookie.Falkag : Cleaned. :mozilla.89:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\default.zl4\cookies.txt -> TrackingCookie.Falkag : Cleaned. :mozilla.90:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\default.zl4\cookies.txt -> TrackingCookie.Falkag : Cleaned. :mozilla.91:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\default.zl4\cookies.txt -> TrackingCookie.Falkag : Cleaned. :mozilla.92:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\default.zl4\cookies.txt -> TrackingCookie.Falkag : Cleaned. C:\RECYCLER\S-1-5-21-3921628610-771700765-806802904-1003\Dc521.txt -> TrackingCookie.Falkag : Cleaned. :mozilla.131:C:\Documents and Settings\Default User\Application Data\Mozilla\Firefox\Profiles\default.zl4\cookies.txt -> TrackingCookie.Fastclick : Cleaned. :mozilla.131:C:\WINDOWS\system32\config\systemprofile\Application Data\Mozilla\Firefox\Profiles\default.zl4\cookies.txt -> TrackingCookie.Fastclick : Cleaned. :mozilla.118:C:\Documents and Settings\Default User\Application Data\Mozilla\Firefox\Profiles\default.zl4\cookies.txt -> TrackingCookie.Googleadservices : Cleaned. :mozilla.118:C:\WINDOWS\system32\config\systemprofile\Application Data\Mozilla\Firefox\Profiles\default.zl4\cookies.txt -> TrackingCookie.Googleadservices : Cleaned. :mozilla.152:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\default.zl4\cookies.txt -> TrackingCookie.Hitbox : Cleaned. :mozilla.153:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\default.zl4\cookies.txt -> TrackingCookie.Hitbox : Cleaned. :mozilla.154:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\default.zl4\cookies.txt -> TrackingCookie.Hitbox : Cleaned. :mozilla.217:C:\Documents and Settings\Default User\Application Data\Mozilla\Firefox\Profiles\default.zl4\cookies.txt -> TrackingCookie.Hitbox : Cleaned. :mozilla.217:C:\WINDOWS\system32\config\systemprofile\Application Data\Mozilla\Firefox\Profiles\default.zl4\cookies.txt -> TrackingCookie.Hitbox : Cleaned. :mozilla.218:C:\Documents and Settings\Default User\Application Data\Mozilla\Firefox\Profiles\default.zl4\cookies.txt -> TrackingCookie.Hitbox : Cleaned. :mozilla.218:C:\WINDOWS\system32\config\systemprofile\Application Data\Mozilla\Firefox\Profiles\default.zl4\cookies.txt -> TrackingCookie.Hitbox : Cleaned. :mozilla.219:C:\Documents and Settings\Default User\Application Data\Mozilla\Firefox\Profiles\default.zl4\cookies.txt -> TrackingCookie.Hitbox : Cleaned. :mozilla.219:C:\WINDOWS\system32\config\systemprofile\Application Data\Mozilla\Firefox\Profiles\default.zl4\cookies.txt -> TrackingCookie.Hitbox : Cleaned. :mozilla.220:C:\Documents and Settings\Default User\Application Data\Mozilla\Firefox\Profiles\default.zl4\cookies.txt -> TrackingCookie.Hitbox : Cleaned. :mozilla.220:C:\WINDOWS\system32\config\systemprofile\Application Data\Mozilla\Firefox\Profiles\default.zl4\cookies.txt -> TrackingCookie.Hitbox : Cleaned. :mozilla.224:C:\Documents and Settings\Default User\Application Data\Mozilla\Firefox\Profiles\default.zl4\cookies.txt -> TrackingCookie.Hitbox : Cleaned. :mozilla.224:C:\WINDOWS\system32\config\systemprofile\Application Data\Mozilla\Firefox\Profiles\default.zl4\cookies.txt -> TrackingCookie.Hitbox : Cleaned. :mozilla.106:C:\Documents and Settings\Default User\Application Data\Mozilla\Firefox\Profiles\default.zl4\cookies.txt -> TrackingCookie.Mediaplex : Cleaned. :mozilla.106:C:\WINDOWS\system32\config\systemprofile\Application Data\Mozilla\Firefox\Profiles\default.zl4\cookies.txt -> TrackingCookie.Mediaplex : Cleaned. :mozilla.54:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\default.zl4\cookies.txt -> TrackingCookie.Mediaplex : Cleaned. C:\RECYCLER\S-1-5-21-3921628610-771700765-806802904-1003\Dc780.txt -> TrackingCookie.Mediaplex : Cleaned. :mozilla.16:C:\Documents and Settings\Default User\Application Data\Mozilla\Firefox\Profiles\default.zl4\cookies.txt -> TrackingCookie.Overture : Cleaned. :mozilla.16:C:\WINDOWS\system32\config\systemprofile\Application Data\Mozilla\Firefox\Profiles\default.zl4\cookies.txt -> TrackingCookie.Overture : Cleaned. :mozilla.17:C:\Documents and Settings\Default User\Application Data\Mozilla\Firefox\Profiles\default.zl4\cookies.txt -> TrackingCookie.Overture : Cleaned. :mozilla.17:C:\WINDOWS\system32\config\systemprofile\Application Data\Mozilla\Firefox\Profiles\default.zl4\cookies.txt -> TrackingCookie.Overture : Cleaned. :mozilla.231:C:\Documents and Settings\Default User\Application Data\Mozilla\Firefox\Profiles\default.zl4\cookies.txt -> TrackingCookie.Overture : Cleaned. :mozilla.231:C:\WINDOWS\system32\config\systemprofile\Application Data\Mozilla\Firefox\Profiles\default.zl4\cookies.txt -> TrackingCookie.Overture : Cleaned. :mozilla.71:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\default.zl4\cookies.txt -> TrackingCookie.Overture : Cleaned. :mozilla.72:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\default.zl4\cookies.txt -> TrackingCookie.Overture : Cleaned. C:\RECYCLER\S-1-5-21-3921628610-771700765-806802904-1003\Dc564.txt -> TrackingCookie.Pointroll : Cleaned. :mozilla.226:C:\Documents and Settings\Default User\Application Data\Mozilla\Firefox\Profiles\default.zl4\cookies.txt -> TrackingCookie.Revenue : Cleaned. :mozilla.226:C:\WINDOWS\system32\config\systemprofile\Application Data\Mozilla\Firefox\Profiles\default.zl4\cookies.txt -> TrackingCookie.Revenue : Cleaned. :mozilla.173:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\default.zl4\cookies.txt -> TrackingCookie.Serving-sys : Cleaned. :mozilla.174:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\default.zl4\cookies.txt -> TrackingCookie.Serving-sys : Cleaned. :mozilla.175:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\default.zl4\cookies.txt -> TrackingCookie.Serving-sys : Cleaned. :mozilla.176:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\default.zl4\cookies.txt -> TrackingCookie.Serving-sys : Cleaned. C:\RECYCLER\S-1-5-21-3921628610-771700765-806802904-1003\Dc486.txt -> TrackingCookie.Serving-sys : Cleaned. :mozilla.13:C:\Documents and Settings\Default User\Application Data\Mozilla\Firefox\Profiles\default.zl4\cookies.txt -> TrackingCookie.Smartadserver : Cleaned. :mozilla.13:C:\WINDOWS\system32\config\systemprofile\Application Data\Mozilla\Firefox\Profiles\default.zl4\cookies.txt -> TrackingCookie.Smartadserver : Cleaned. :mozilla.14:C:\Documents and Settings\Default User\Application Data\Mozilla\Firefox\Profiles\default.zl4\cookies.txt -> TrackingCookie.Smartadserver : Cleaned. :mozilla.14:C:\WINDOWS\system32\config\systemprofile\Application Data\Mozilla\Firefox\Profiles\default.zl4\cookies.txt -> TrackingCookie.Smartadserver : Cleaned. :mozilla.15:C:\Documents and Settings\Default User\Application Data\Mozilla\Firefox\Profiles\default.zl4\cookies.txt -> TrackingCookie.Smartadserver : Cleaned. :mozilla.15:C:\WINDOWS\system32\config\systemprofile\Application Data\Mozilla\Firefox\Profiles\default.zl4\cookies.txt -> TrackingCookie.Smartadserver : Cleaned. :mozilla.56:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\default.zl4\cookies.txt -> TrackingCookie.Smartadserver : Cleaned. :mozilla.60:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\default.zl4\cookies.txt -> TrackingCookie.Smartadserver : Cleaned. :mozilla.61:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\default.zl4\cookies.txt -> TrackingCookie.Smartadserver : Cleaned. :mozilla.62:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\default.zl4\cookies.txt -> TrackingCookie.Smartadserver : Cleaned. C:\RECYCLER\S-1-5-21-3921628610-771700765-806802904-1003\Dc605.txt -> TrackingCookie.Smartadserver : Cleaned. :mozilla.208:C:\Documents and Settings\Default User\Application Data\Mozilla\Firefox\Profiles\default.zl4\cookies.txt -> TrackingCookie.Statcounter : Cleaned. :mozilla.208:C:\WINDOWS\system32\config\systemprofile\Application Data\Mozilla\Firefox\Profiles\default.zl4\cookies.txt -> TrackingCookie.Statcounter : Cleaned. :mozilla.210:C:\Documents and Settings\Default User\Application Data\Mozilla\Firefox\Profiles\default.zl4\cookies.txt -> TrackingCookie.Statcounter : Cleaned. :mozilla.210:C:\WINDOWS\system32\config\systemprofile\Application Data\Mozilla\Firefox\Profiles\default.zl4\cookies.txt -> TrackingCookie.Statcounter : Cleaned. :mozilla.163:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\default.zl4\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned. :mozilla.164:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\default.zl4\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned. :mozilla.95:C:\Documents and Settings\Default User\Application Data\Mozilla\Firefox\Profiles\default.zl4\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned. :mozilla.95:C:\WINDOWS\system32\config\systemprofile\Application Data\Mozilla\Firefox\Profiles\default.zl4\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned. :mozilla.96:C:\Documents and Settings\Default User\Application Data\Mozilla\Firefox\Profiles\default.zl4\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned. :mozilla.96:C:\WINDOWS\system32\config\systemprofile\Application Data\Mozilla\Firefox\Profiles\default.zl4\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned. C:\Documents and Settings\Default User\Cookies\propriétaire@tradedoubler[1].txt -> TrackingCookie.Tradedoubler : Cleaned. C:\RECYCLER\S-1-5-21-3921628610-771700765-806802904-1003\Dc750.txt -> TrackingCookie.Tradedoubler : Cleaned. C:\WINDOWS\system32\config\systemprofile\Cookies\propriétaire@tradedoubler[1].txt -> TrackingCookie.Tradedoubler : Cleaned. :mozilla.114:C:\Documents and Settings\Default User\Application Data\Mozilla\Firefox\Profiles\default.zl4\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned. :mozilla.114:C:\WINDOWS\system32\config\systemprofile\Application Data\Mozilla\Firefox\Profiles\default.zl4\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned. :mozilla.203:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\default.zl4\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned. :mozilla.167:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\default.zl4\cookies.txt -> TrackingCookie.Valueclick : Cleaned. :mozilla.168:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\default.zl4\cookies.txt -> TrackingCookie.Valueclick : Cleaned. :mozilla.115:C:\Documents and Settings\Default User\Application Data\Mozilla\Firefox\Profiles\default.zl4\cookies.txt -> TrackingCookie.Weborama : Cleaned. :mozilla.115:C:\WINDOWS\system32\config\systemprofile\Application Data\Mozilla\Firefox\Profiles\default.zl4\cookies.txt -> TrackingCookie.Weborama : Cleaned. :mozilla.116:C:\Documents and Settings\Default User\Application Data\Mozilla\Firefox\Profiles\default.zl4\cookies.txt -> TrackingCookie.Weborama : Cleaned. :mozilla.116:C:\WINDOWS\system32\config\systemprofile\Application Data\Mozilla\Firefox\Profiles\default.zl4\cookies.txt -> TrackingCookie.Weborama : Cleaned. :mozilla.117:C:\Documents and Settings\Default User\Application Data\Mozilla\Firefox\Profiles\default.zl4\cookies.txt -> TrackingCookie.Weborama : Cleaned. :mozilla.117:C:\WINDOWS\system32\config\systemprofile\Application Data\Mozilla\Firefox\Profiles\default.zl4\cookies.txt -> TrackingCookie.Weborama : Cleaned. :mozilla.57:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\default.zl4\cookies.txt -> TrackingCookie.Weborama : Cleaned. :mozilla.58:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\default.zl4\cookies.txt -> TrackingCookie.Weborama : Cleaned. :mozilla.59:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\default.zl4\cookies.txt -> TrackingCookie.Weborama : Cleaned. C:\RECYCLER\S-1-5-21-3921628610-771700765-806802904-1003\Dc606.txt -> TrackingCookie.Weborama : Cleaned. :mozilla.120:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\default.zl4\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned. :mozilla.205:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\default.zl4\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned. :mozilla.206:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\default.zl4\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned. :mozilla.237:C:\Documents and Settings\Default User\Application Data\Mozilla\Firefox\Profiles\default.zl4\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned. :mozilla.237:C:\WINDOWS\system32\config\systemprofile\Application Data\Mozilla\Firefox\Profiles\default.zl4\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned. :mozilla.238:C:\Documents and Settings\Default User\Application Data\Mozilla\Firefox\Profiles\default.zl4\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned. :mozilla.238:C:\WINDOWS\system32\config\systemprofile\Application Data\Mozilla\Firefox\Profiles\default.zl4\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned. :mozilla.239:C:\Documents and Settings\Default User\Application Data\Mozilla\Firefox\Profiles\default.zl4\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned. :mozilla.239:C:\WINDOWS\system32\config\systemprofile\Application Data\Mozilla\Firefox\Profiles\default.zl4\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned. :mozilla.240:C:\Documents and Settings\Default User\Application Data\Mozilla\Firefox\Profiles\default.zl4\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned. :mozilla.240:C:\WINDOWS\system32\config\systemprofile\Application Data\Mozilla\Firefox\Profiles\default.zl4\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned. :mozilla.241:C:\Documents and Settings\Default User\Application Data\Mozilla\Firefox\Profiles\default.zl4\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned. :mozilla.241:C:\WINDOWS\system32\config\systemprofile\Application Data\Mozilla\Firefox\Profiles\default.zl4\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned. C:\RECYCLER\S-1-5-21-3921628610-771700765-806802904-1003\Dc651.txt -> TrackingCookie.Zedo : Cleaned. ::Report end ok et la seule choz ki déconne toujours c'est ke je n'ai pas accès au Pare-feu Windows ds le Panneau de configuration. je fais le scan avec Kaspersky et je te l'envoie à + tard

non il ne semble pas avoir perdu la connexion... je voulais te demander à kel nivo reprendre la procédure car je ne sais plus trop où j'en suis...lol il me semble ke c'est à partir de Easycleaner non?

salut!!! ok, just après le scan de FxNdotN, le dossier NewDotNet n'était déja plus ds C:\Program Files\. ds les 6 fichiers ke tu m'a demandé du supprimer,NDNuninstall6_30.exe et NDNuninstall6_38.exe n'y étaient pas. donc je crois ke c'est bon pour NewDotNet

non j'ai just le fichier suivant: newdotnet6_38.dll

NewNet NewDotNet, je ne peux pas les désinstaller car ils ne sont pas ds la liste. si j'ai bien compris c'est ke s'ils n'y sont pas, je suis la procédure 4 du lien ke tu m'a donné: PROCEDURE 4 (Download Uninstall from New.net): * Please make sure all anti-virus and anti-spy ware programs are shut off for the uninstall process. These programs can hinder the complete removal of the new.net software. 1. From a computer that has Internet access, click on the following link: http://www.new.net/support/NNuninstall.exe. 2. Download and save NNuninstall.exe to a 3-½ floppy disk. 3. Insert the floppy disk into the floppy drive of the computer that needs to have our software uninstalled from. 4. Click on Start. 5. Click on Run. 6. In the Open window type, A:\NNuninstall.exe. 7. Click on the OK button. 8. After removal of our software, you may be prompted to reboot. Please reboot after removing our software. non? c'est pas ça?

heu...ouai...mais là non.... la partie avec NewDotNet là.... bin là je n'y comprend rien dsl... je suis la procédure mais au moment de lancer le programme à partir de la diskette...bin rien...AU SECOURS!!!!

ok, sur ces mails k'il fo supprimer, ce sont ki se trouvent ds la boite de réception ou les fichiers ki sont ds "folders"?

salut régis56! comment va? me voila de retour sur le PC de mon père. ci-dessous je t'envoie le rapport d'analyse avec kaspersky que tu m'a demandé. KASPERSKY ON-LINE SCANNER - RAPPORT dimanche 16 juillet 2006 15:30:10 Système d'exploitation : Microsoft Windows XP Home Edition, Service Pack 1 (Build 2600) Version de Kaspersky On-line Scanner: 5.0.78.0 Dernière mise à jour de la base antivirus Kaspersky : 16/07/2006 Enregistrements dans la base antivirus Kaspersky : 207694 Paramètres d'analyse Analyser avec la base antivirus suivante étendue Analyser les archives vrai Analyser les bases de messagerie. vrai Cible de l'analyse Poste de travail A:\ C:\ D:\ E:\ F:\ Statistiques de l'analyse Total d'objets analysés : 96413 Nombre de virus trouvés 14 Nombre d'objets infectés 143 Nombre d'objets suspects 24 Durée de l'analyse 01:26:33 Nom de l'objet infecté Nom du virus Dernière action C:\Documents and Settings\Administrateur\Mes documents\netant\setup.exe/CD_INSTALL_268.EXE/cd_clint.dll Infecté: not-a-virus:AdWare.Win32.Cydoor ignoré C:\Documents and Settings\Administrateur\Mes documents\netant\setup.exe/CD_INSTALL_268.EXE/cd_htm.dll Infecté: not-a-virus:AdWare.Win32.Cydoor ignoré C:\Documents and Settings\Administrateur\Mes documents\netant\setup.exe/CD_INSTALL_268.EXE Infecté: not-a-virus:AdWare.Win32.Cydoor ignoré C:\Documents and Settings\Administrateur\Mes documents\netant\setup.exe ZIP: infecté - 3 ignoré C:\Documents and Settings\Administrateur.NOM-FHA60KKNN64\Mes documents\netant\setup.exe/CD_INSTALL_268.EXE/cd_clint.dll Infecté: not-a-virus:AdWare.Win32.Cydoor ignoré C:\Documents and Settings\Administrateur.NOM-FHA60KKNN64\Mes documents\netant\setup.exe/CD_INSTALL_268.EXE/cd_htm.dll Infecté: not-a-virus:AdWare.Win32.Cydoor ignoré C:\Documents and Settings\Administrateur.NOM-FHA60KKNN64\Mes documents\netant\setup.exe/CD_INSTALL_268.EXE Infecté: not-a-virus:AdWare.Win32.Cydoor ignoré C:\Documents and Settings\Administrateur.NOM-FHA60KKNN64\Mes documents\netant\setup.exe ZIP: infecté - 3 ignoré C:\Documents and Settings\Default User\Mes documents\netant\setup.exe/CD_INSTALL_268.EXE/cd_clint.dll Infecté: not-a-virus:AdWare.Win32.Cydoor ignoré C:\Documents and Settings\Default User\Mes documents\netant\setup.exe/CD_INSTALL_268.EXE/cd_htm.dll Infecté: not-a-virus:AdWare.Win32.Cydoor ignoré C:\Documents and Settings\Default User\Mes documents\netant\setup.exe/CD_INSTALL_268.EXE Infecté: not-a-virus:AdWare.Win32.Cydoor ignoré C:\Documents and Settings\Default User\Mes documents\netant\setup.exe ZIP: infecté - 3 ignoré C:\Documents and Settings\Invité\Mes documents\netant\setup.exe/CD_INSTALL_268.EXE/cd_clint.dll Infecté: not-a-virus:AdWare.Win32.Cydoor ignoré C:\Documents and Settings\Invité\Mes documents\netant\setup.exe/CD_INSTALL_268.EXE/cd_htm.dll Infecté: not-a-virus:AdWare.Win32.Cydoor ignoré C:\Documents and Settings\Invité\Mes documents\netant\setup.exe/CD_INSTALL_268.EXE Infecté: not-a-virus:AdWare.Win32.Cydoor ignoré C:\Documents and Settings\Invité\Mes documents\netant\setup.exe ZIP: infecté - 3 ignoré C:\Documents and Settings\Propriétaire\Application Data\Thunderbird\Profiles\t0sn79qj.default\Mail\Local Folders\Inbox/[From "Begue Fabrice" ][Date Tue, 3 May 2005 16:49:42 +0200]/UNNAMED/[From MAILER-DAEMON@wanadoo.fr (Mail Delivery System)][Date Mon, 13 Jun 2005 16:02:48 +0200 (CEST)]/document.pif Infecté: Email-Worm.Win32.NetSky.y ignoré C:\Documents and Settings\Propriétaire\Application Data\Thunderbird\Profiles\t0sn79qj.default\Mail\Local Folders\Inbox/[From "Begue Fabrice" ][Date Tue, 3 May 2005 16:49:42 +0200]/UNNAMED/[From Lynn Cordero ][Date Mon, 13 Jun 2005 19:12:41 -0600]/UNNAMED/[From =?iso-8859-1?Q?Nad=E8ge_ANDREO?= ][Date Tue, 14 Jun 2005 19:05:37 +0200]/UNNAMED/[From "Dms" ][Date Wed, 15 Jun 2005 09:44:19]/html/[From ... /[From MAILER-DAEMON@wanadoo.fr (Mail Delivery System)][Date Mon, 20 Jun 2005 19:07:02 +0200 (CEST)]/document.pif Infecté: Email-Worm.Win32.NetSky.q ignoré C:\Documents and Settings\Propriétaire\Application Data\Thunderbird\Profiles\t0sn79qj.default\Mail\Local Folders\Inbox/[From "Begue Fabrice" ][Date Tue, 3 May 2005 16:49:42 +0200]/UNNAMED/[From Lynn Cordero ][Date Mon, 13 Jun 2005 19:12:41 -0600]/UNNAMED/[From =?iso-8859-1?Q?Nad=E8ge_ANDREO?= ][Date Tue, 14 Jun 2005 19:05:37 +0200]/UNNAMED/[From "Dms" ][Date Wed, 15 Jun 2005 09:44:19]/html/[From sjlca@wanadoo.fr][Da ... /[ .. ... /[From berrard.j.jacques@wanodoo.fr][Date Wed, 22 Jun 2005 14:38:05 +020 ... /html Suspect : Exploit.HTML.Iframe.FileDownload ignoré C:\Documents and Settings\Propriétaire\Application Data\Thunderbird\Profiles\t0sn79qj.default\Mail\Local Folders\Inbox/[From "Begue Fabrice" ][Date Tue, 3 May 2005 16:49:42 +0200]/UNNAMED/[From Lynn Cordero ][Date Mon, 13 Jun 2005 19:12:41 -0600]/UNNAMED/[From =?iso-8859-1?Q?Nad=E8ge_ANDREO?= ][Date Tue, 14 Jun 2005 19:05:37 +0200]/UNNAMED/[From "Dms" ][Date Wed, 15 Jun 2005 09:44:19]/html/[From sjlca@wanadoo.fr][Da ... /[ .. ... /[From berrard.j.jacques@wanodoo.fr][Date Wed, 22 Jun 2005 14:38:05 +0200]/UNNAMED Suspect : Exploit.HTML.Iframe.FileDownload ignoré C:\Documents and Settings\Propriétaire\Application Data\Thunderbird\Profiles\t0sn79qj.default\Mail\Local Folders\Inbox/[From "Begue Fabrice" ][Date Tue, 3 May 2005 16:49:42 +0200]/UNNAMED/[From Lynn Cordero ][Date Mon, 13 Jun 2005 19:12:41 -0600]/UNNAMED/[From =?iso-8859-1?Q?Nad=E8ge_ANDREO?= ][Date Tue, 14 Jun 2005 19:05:37 +0200]/UNNAMED/[From "Dms" ][Date Wed, 15 Jun 2005 09:44:19]/html/[From sjlc ... /[From MAILER-D ... /data.rtf .scr Infecté: Email-Worm.Win32.NetSky.q ignoré C:\Documents and Settings\Propriétaire\Application Data\Thunderbird\Profiles\t0sn79qj.default\Mail\Local Folders\Inbox/[From "Begue Fabrice" ][Date Tue, 3 May 2005 16:49:42 +0200]/UNNAMED/[From Lynn Cordero ][Date Mon, 13 Jun 2005 19:12:41 -0600]/UNNAMED/[From =?iso-8859-1?Q?Nad=E8ge_ANDREO?= ][Date Tue, 14 Jun 2005 19:05:37 +0200]/UNNAMED/[From "Dms" ][Date Wed, 15 Jun 2005 09:44:19]/html/[From sjlc ... /[From MAILER-DAEMON@wa ... /[From w.widendaele@tiscali.fr][Date Fri, 1 Jul 2005 19:00:11 +0200]/details.zip Infecté: Email-Worm.Win32.NetSky.q ignoré C:\Documents and Settings\Propriétaire\Application Data\Thunderbird\Profiles\t0sn79qj.default\Mail\Local Folders\Inbox/[From "Begue Fabrice" ][Date Tue, 3 May 2005 16:49:42 +0200]/UNNAMED/[From Lynn Cordero ][Date Mon, 13 Jun 2005 19:12:41 -0600]/UNNAMED/[From =?iso-8859-1?Q?Nad=E8ge_ANDREO?= ][Date Tue, 14 Jun 2005 19:05:37 +0200]/UNNAMED/[From "Dms" ][Date Wed, 15 Jun 2005 09:44:19]/html/[From sjlc ... /[From MAILER-DAEMON@wanadoo.fr (Mail Delivery System)][Date Fri, 1 Jul 2005 18:58:50 +0200 (C ... /UNNAMED Infecté: Email-Worm.Win32.NetSky.q ignoré C:\Documents and Settings\Propriétaire\Application Data\Thunderbird\Profiles\t0sn79qj.default\Mail\Local Folders\Inbox/[From "Begue Fabrice" ][Date Tue, 3 May 2005 16:49:42 +0200]/UNNAMED/[From Lynn Cordero ][Date Mon, 13 Jun 2005 19:12:41 -0600]/UNNAMED/[From =?iso-8859-1?Q?Nad=E8ge_ANDREO?= ][Date Tue, 14 Jun 2005 19:05:37 +0200]/UNNAMED/[From "Dms" ][Date Wed, 15 Jun 2005 09:44:19]/html/[From sjlc ... / ... /[Fro ... /[From ... /[ ... ... /[From ldeseynes@aol.com][Date Wed, 6 Jul 2005 22:50:08 +020 ... /html Suspect : Exploit.HTML.Iframe.FileDownload ignoré C:\Documents and Settings\Propriétaire\Application Data\Thunderbird\Profiles\t0sn79qj.default\Mail\Local Folders\Inbox/[From "Begue Fabrice" ][Date Tue, 3 May 2005 16:49:42 +0200]/UNNAMED/[From Lynn Cordero ][Date Mon, 13 Jun 2005 19:12:41 -0600]/UNNAMED/[From =?iso-8859-1?Q?Nad=E8ge_ANDREO?= ][Date Tue, 14 Jun 2005 19:05:37 +0200]/UNNAMED/[From "Dms" ][Date Wed, 15 Jun 2005 09:44:19]/html/[From sjlc ... / ... /[Fro ... /[From ... /[ ... ... /[From ldeseynes@aol.com][Date Wed, 6 Jul 2005 22:50:08 +0200]/UNNAMED Suspect : Exploit.HTML.Iframe.FileDownload ignoré C:\Documents and Settings\Propriétaire\Application Data\Thunderbird\Profiles\t0sn79qj.default\Mail\Local Folders\Inbox/[From "Begue Fabrice" ][Date Tue, 3 May 2005 16:49:42 +0200]/UNNAMED/[From Lynn Cordero ][Date Mon, 13 Jun 2005 19:12:41 -0600]/UNNAMED/[From =?iso-8859-1?Q?Nad=E8ge_ANDREO?= ][Date Tue, 14 Jun 2005 19:05:37 +0200]/UNNAMED/[From "Dms" ][Date Wed, 15 Jun 2005 09:44:19]/html/[From sjlc ... /[From MAILER-DAEMON@wanadoo.fr (Mail Delivery System)][Date Thu, 7 Jul 2005 16:18:04 +0200 (CEST ... /html Suspect : Exploit.HTML.Iframe.FileDownload ignoré C:\Documents and Settings\Propriétaire\Application Data\Thunderbird\Profiles\t0sn79qj.default\Mail\Local Folders\Inbox/[From "Begue Fabrice" ][Date Tue, 3 May 2005 16:49:42 +0200]/UNNAMED/[From Lynn Cordero ][Date Mon, 13 Jun 2005 19:12:41 -0600]/UNNAMED/[From =?iso-8859-1?Q?Nad=E8ge_ANDREO?= ][Date Tue, 14 Jun 2005 19:05:37 +0200]/UNNAMED/[From "Dms" ][Date Wed, 15 Jun 2005 09:44:19]/html/[From sjlc ... /[From MAILER-DAEMON@wanadoo.fr (Mail Delivery System)][Date Thu, 7 Jul 2005 16:18:04 +0200 (CEST)]/UNNAMED Suspect : Exploit.HTML.Iframe.FileDownload ignoré C:\Documents and Settings\Propriétaire\Application Data\Thunderbird\Profiles\t0sn79qj.default\Mail\Local Folders\Inbox/[From "Begue Fabrice" ][Date Tue, 3 May 2005 16:49:42 +0200]/UNNAMED/[From Lynn Cordero ][Date Mon, 13 Jun 2005 19:12:41 -0600]/UNNAMED/[From =?iso-8859-1?Q?Nad=E8ge_ANDREO?= ][Date Tue, 14 Jun 2005 19:05:37 +0200]/UNNAMED/[From "Dms" ][Date Wed, 15 Jun 2005 09:44:19]/html/[From ... /[From MAILER-DAEMON@wanadoo.fr (Mail Delivery System)][Date Thu, 7 Jul 2005 16:18:04 +0200 (CEST)]/message.scr Infecté: Email-Worm.Win32.NetSky.q ignoré C:\Documents and Settings\Propriétaire\Application Data\Thunderbird\Profiles\t0sn79qj.default\Mail\Local Folders\Inbox/[From "Begue Fabrice" ][Date Tue, 3 May 2005 16:49:42 +0200]/UNNAMED/[From Lynn Cordero ][Date Mon, 13 Jun 2005 19:12:41 -0600]/UNNAMED/[From =?iso-8859-1?Q?Nad=E8ge_ANDREO?= ][Date Tue, 14 Jun 2005 19:05:37 +0200]/UNNAMED/[From "Dms" ][Date Wed, 15 Jun 2005 09:44:19]/html/[From sjlc ... / ... /[Fro ... /[From ... ... /[From ptit_diable@caramail.com][Date Thu, 7 Jul 2005 18:37:43 +020 ... /html Suspect : Exploit.HTML.Iframe.FileDownload ignoré C:\Documents and Settings\Propriétaire\Application Data\Thunderbird\Profiles\t0sn79qj.default\Mail\Local Folders\Inbox/[From "Begue Fabrice" ][Date Tue, 3 May 2005 16:49:42 +0200]/UNNAMED/[From Lynn Cordero ][Date Mon, 13 Jun 2005 19:12:41 -0600]/UNNAMED/[From =?iso-8859-1?Q?Nad=E8ge_ANDREO?= ][Date Tue, 14 Jun 2005 19:05:37 +0200]/UNNAMED/[From "Dms" ][Date Wed, 15 Jun 2005 09:44:19]/html/[From sjlc ... / ... /[Fro ... /[From ... ... /[From ptit_diable@caramail.com][Date Thu, 7 Jul 2005 18:37:43 +0200]/UNNAMED Suspect : Exploit.HTML.Iframe.FileDownload ignoré C:\Documents and Settings\Propriétaire\Application Data\Thunderbird\Profiles\t0sn79qj.default\Mail\Local Folders\Inbox/[From "Begue Fabrice" ][Date Tue, 3 May 2005 16:49:42 +0200]/UNNAMED/[From Lynn Cordero ][Date Mon, 13 Jun 2005 19:12:41 -0600]/UNNAMED/[From =?iso-8859-1?Q?Nad=E8ge_ANDREO?= ][Date Tue, 14 Jun 2005 19:05:37 +0200]/UNNAMED/[From "Dms" ][Date Wed, 15 Jun 2005 09:44:19]/html/[From sjlc ... / ... /[Fro ... /[From ... /[ . ... /[From vivipiv@hotmail.com][Date Fri, 8 Jul 2005 11:16:52 +020 ... /html Suspect : Exploit.HTML.Iframe.FileDownload ignoré C:\Documents and Settings\Propriétaire\Application Data\Thunderbird\Profiles\t0sn79qj.default\Mail\Local Folders\Inbox/[From "Begue Fabrice" ][Date Tue, 3 May 2005 16:49:42 +0200]/UNNAMED/[From Lynn Cordero ][Date Mon, 13 Jun 2005 19:12:41 -0600]/UNNAMED/[From =?iso-8859-1?Q?Nad=E8ge_ANDREO?= ][Date Tue, 14 Jun 2005 19:05:37 +0200]/UNNAMED/[From "Dms" ][Date Wed, 15 Jun 2005 09:44:19]/html/[From sjlc ... / ... /[Fro ... /[From ... /[ . ... /[From vivipiv@hotmail.com][Date Fri, 8 Jul 2005 11:16:52 +0200]/UNNAMED Suspect : Exploit.HTML.Iframe.FileDownload ignoré C:\Documents and Settings\Propriétaire\Application Data\Thunderbird\Profiles\t0sn79qj.default\Mail\Local Folders\Inbox/[From "Begue Fabrice" ][Date Tue, 3 May 2005 16:49:42 +0200]/UNNAMED/[From Lynn Cordero ][Date Mon, 13 Jun 2005 19:12:41 -0600]/UNNAMED/[From =?iso-8859-1?Q?Nad=E8ge_ANDREO?= ][Date Tue, 14 Jun 2005 19:05:37 +0200]/UNNAMED/[From "Dms" ][Date Wed, 15 Jun 2005 09:44:19]/html/[From sjlc ... / ... /[Fro ... /[From ... /[ ... /[From chandenier@wanadoo.fr][Date Tue, 5 Jul 2005 10:29:32 +0200]/UNNAMED Infecté: Exploit.HTML.Iframe.FileDownload ignoré C:\Documents and Settings\Propriétaire\Application Data\Thunderbird\Profiles\t0sn79qj.default\Mail\Local Folders\Inbox/[From "Begue Fabrice" ][Date Tue, 3 May 2005 16:49:42 +0200]/UNNAMED/[From Lynn Cordero ][Date Mon, 13 Jun 2005 19:12:41 -0600]/UNNAMED/[From =?iso-8859-1?Q?Nad=E8ge_ANDREO?= ][Date Tue, 14 Jun 2005 19:05:37 +0200]/UNNAMED/[From "Dms" ][Date Wed, 15 Jun 2005 09:44:19]/html/[From sjlc ... / ... /[Fro ... /[From ... /[From berrard.j.jacques@wanadoo.fr][Date Mon, 4 Jul 2005 10:03:45 +0200]/UNNAMED Infecté: Exploit.HTML.Iframe.FileDownload ignoré C:\Documents and Settings\Propriétaire\Application Data\Thunderbird\Profiles\t0sn79qj.default\Mail\Local Folders\Inbox/[From "Begue Fabrice" ][Date Tue, 3 May 2005 16:49:42 +0200]/UNNAMED/[From Lynn Cordero ][Date Mon, 13 Jun 2005 19:12:41 -0600]/UNNAMED/[From =?iso-8859-1?Q?Nad=E8ge_ANDREO?= ][Date Tue, 14 Jun 2005 19:05:37 +0200]/UNNAMED/[From "Dms" ][Date Wed, 15 Jun 2005 09:44:19]/html/[From sjlc ... / ... /[Fro ... /[From Ava Longoria ][Date Mon, 04 Jul 2005 00:24:38 +0200]/UNNAMED Infecté: Exploit.HTML.Iframe.FileDownload ignoré C:\Documents and Settings\Propriétaire\Application Data\Thunderbird\Profiles\t0sn79qj.default\Mail\Local Folders\Inbox/[From "Begue Fabrice" ][Date Tue, 3 May 2005 16:49:42 +0200]/UNNAMED/[From Lynn Cordero ][Date Mon, 13 Jun 2005 19:12:41 -0600]/UNNAMED/[From =?iso-8859-1?Q?Nad=E8ge_ANDREO?= ][Date Tue, 14 Jun 2005 19:05:37 +0200]/UNNAMED/[From "Dms" ][Date Wed, 15 Jun 2005 09:44:19]/html/[From sjlc ... / ... /[From ][Date Sat, 2 Jul 2005 19:56:47 +0200 (CEST)]/UNNAMED Infecté: Exploit.HTML.Iframe.FileDownload ignoré C:\Documents and Settings\Propriétaire\Application Data\Thunderbird\Profiles\t0sn79qj.default\Mail\Local Folders\Inbox/[From "Begue Fabrice" ][Date Tue, 3 May 2005 16:49:42 +0200]/UNNAMED/[From Lynn Cordero ][Date Mon, 13 Jun 2005 19:12:41 -0600]/UNNAMED/[From =?iso-8859-1?Q?Nad=E8ge_ANDREO?= ][Date Tue, 14 Jun 2005 19:05:37 +0200]/UNNAMED/[From "Dms" ][Date Wed, 15 Jun 2005 09:44:19]/html/[From sjlc ... /[From MAILER-DAEMON@wanadoo.fr (Mail Delivery System)][Date Fri, 1 Jul 2005 18:58:50 +0200 (CEST)]/UNNAMED Infecté: Exploit.HTML.Iframe.FileDownload ignoré C:\Documents and Settings\Propriétaire\Application Data\Thunderbird\Profiles\t0sn79qj.default\Mail\Local Folders\Inbox/[From "Begue Fabrice" ][Date Tue, 3 May 2005 16:49:42 +0200]/UNNAMED/[From Lynn Cordero ][Date Mon, 13 Jun 2005 19:12:41 -0600]/UNNAMED/[From =?iso-8859-1?Q?Nad=E8ge_ANDREO?= ][Date Tue, 14 Jun 2005 19:05:37 +0200]/UNNAMED/[From "Dms" ][Date Wed, 15 Jun 2005 09:44:19]/html/[From sjlca@wanadoo . ... /[From "Ca ... /[ ... /[From veromenetrier@aol.com][Date Wed, 29 Jun 2005 01:04:00 +0200]/UNNAMED Infecté: Exploit.HTML.Iframe.FileDownload ignoré C:\Documents and Settings\Propriétaire\Application Data\Thunderbird\Profiles\t0sn79qj.default\Mail\Local Folders\Inbox/[From "Begue Fabrice" ][Date Tue, 3 May 2005 16:49:42 +0200]/UNNAMED/[From Lynn Cordero ][Date Mon, 13 Jun 2005 19:12:41 -0600]/UNNAMED/[From =?iso-8859-1?Q?Nad=E8ge_ANDREO?= ][Date Tue, 14 Jun 2005 19:05:37 +0200]/UNNAMED/[From "Dms" ][Date Wed, 15 Jun 2005 09:44:19]/html/[From sjlca@wanadoo . ... /[From "Ca ... /[From ][Date Thu, 17 Mar 2005 11:01:25 +0100]/UNNAMED Infecté: Exploit.HTML.Iframe.FileDownload ignoré C:\Documents and Settings\Propriétaire\Application Data\Thunderbird\Profiles\t0sn79qj.default\Mail\Local Folders\Inbox/[From "Begue Fabrice" ][Date Tue, 3 May 2005 16:49:42 +0200]/UNNAMED/[From Lynn Cordero ][Date Mon, 13 Jun 2005 19:12:41 -0600]/UNNAMED/[From =?iso-8859-1?Q?Nad=E8ge_ANDREO?= ][Date Tue, 14 Jun 2005 19:05:37 +0200]/UNNAMED/[From "Dms" ][Date Wed, 15 Jun 2005 09:44:19]/html/[From sjlca@wanadoo . ... /[From "Caroline" ... /[From it_prince@hotmail.com][Date Sat, 25 Jun 2005 23:43:39 +0200]/UNNAMED Infecté: Exploit.HTML.Iframe.FileDownload ignoré C:\Documents and Settings\Propriétaire\Application Data\Thunderbird\Profiles\t0sn79qj.default\Mail\Local Folders\Inbox/[From "Begue Fabrice" ][Date Tue, 3 May 2005 16:49:42 +0200]/UNNAMED/[From Lynn Cordero ][Date Mon, 13 Jun 2005 19:12:41 -0600]/UNNAMED/[From =?iso-8859-1?Q?Nad=E8ge_ANDREO?= ][Date Tue, 14 Jun 2005 19:05:37 +0200]/UNNAMED/[From "Dms" ][Date Wed, 15 Jun 2005 09:44:19]/html/[From sjlca@wanadoo . ... /[From "Caroline" ][Date Fri, 24 Jun 2005 09:01:44 +0200]/UNNAMED Infecté: Exploit.HTML.Iframe.FileDownload ignoré C:\Documents and Settings\Propriétaire\Application Data\Thunderbird\Profiles\t0sn79qj.default\Mail\Local Folders\Inbox/[From "Begue Fabrice" ][Date Tue, 3 May 2005 16:49:42 +0200]/UNNAMED/[From Lynn Cordero ][Date Mon, 13 Jun 2005 19:12:41 -0600]/UNNAMED/[From =?iso-8859-1?Q?Nad=E8ge_ANDREO?= ][Date Tue, 14 Jun 2005 19:05:37 +0200]/UNNAMED/[From "Dms" ][Date Wed, 15 Jun 2005 09:44:19]/html/[From sjlca@wanadoo ... /[From "Nathalie Volodalen" ][Date Thu, 23 Jun 2005 16:37:11 +0200]/UNNAMED Infecté: Exploit.HTML.Iframe.FileDownload ignoré C:\Documents and Settings\Propriétaire\Application Data\Thunderbird\Profiles\t0sn79qj.default\Mail\Local Folders\Inbox/[From "Begue Fabrice" ][Date Tue, 3 May 2005 16:49:42 +0200]/UNNAMED/[From Lynn Cordero ][Date Mon, 13 Jun 2005 19:12:41 -0600]/UNNAMED/[From =?iso-8859-1?Q?Nad=E8ge_ANDREO?= ][Date Tue, 14 Jun 2005 19:05:37 +0200]/UNNAMED/[From "Dms" ][Date Wed, 15 Jun 2005 09:44:19]/html/[From sjlca@wanadoo.fr][Da ... ... /[From Ken Erwin ][Date Thu, 23 Jun 2005 05:41:02 +0400]/UNNAMED Infecté: Exploit.HTML.Iframe.FileDownload ignoré C:\Documents and Settings\Propriétaire\Application Data\Thunderbird\Profiles\t0sn79qj.default\Mail\Local Folders\Inbox/[From "Begue Fabrice" ][Date Tue, 3 May 2005 16:49:42 +0200]/UNNAMED/[From Lynn Cordero ][Date Mon, 13 Jun 2005 19:12:41 -0600]/UNNAMED/[From =?iso-8859-1?Q?Nad=E8ge_ANDREO?= ][Date Tue, 14 Jun 2005 19:05:37 +0200]/UNNAMED/[From "Dms" ][Date Wed, 15 Jun 2005 09:44:19]/html/[From sjlca@wanadoo.fr][Da ... ... /[From ... /[From Dynamicathletic@aol.com][Date Wed, 22 Jun 2005 07:22:07 EDT]/UNNAMED Infecté: Exploit.HTML.Iframe.FileDownload ignoré C:\Documents and Settings\Propriétaire\Application Data\Thunderbird\Profiles\t0sn79qj.default\Mail\Local Folders\Inbox/[From "Begue Fabrice" ][Date Tue, 3 May 2005 16:49:42 +0200]/UNNAMED/[From Lynn Cordero ][Date Mon, 13 Jun 2005 19:12:41 -0600]/UNNAMED/[From =?iso-8859-1?Q?Nad=E8ge_ANDREO?= ][Date Tue, 14 Jun 2005 19:05:37 +0200]/UNNAMED/[From "Dms" ][Date Wed, 15 Jun 2005 09:44:19]/html/[From sjlca@wanadoo.fr][Da ... ... /[From Cedric Dowdy ][Date Wed, 22 Jun 2005 08:04:38 -0400]/UNNAMED Infecté: Exploit.HTML.Iframe.FileDownload ignoré C:\Documents and Settings\Propriétaire\Application Data\Thunderbird\Profiles\t0sn79qj.default\Mail\Local Folders\Inbox/[From "Begue Fabrice" ][Date Tue, 3 May 2005 16:49:42 +0200]/UNNAMED/[From Lynn Cordero ][Date Mon, 13 Jun 2005 19:12:41 -0600]/UNNAMED/[From =?iso-8859-1?Q?Nad=E8ge_ANDREO?= ][Date Tue, 14 Jun 2005 19:05:37 +0200]/UNNAMED/[From "Dms" ][Date Wed, 15 Jun 2005 09:44:19]/html/[From sjlca@wanadoo.fr][Da ... ... /[From ... /[From Dynamicathletic@aol.com][Date Wed, 22 Jun 2005 07:03:36 EDT]/UNNAMED Infecté: Exploit.HTML.Iframe.FileDownload ignoré C:\Documents and Settings\Propriétaire\Application Data\Thunderbird\Profiles\t0sn79qj.default\Mail\Local Folders\Inbox/[From "Begue Fabrice" ][Date Tue, 3 May 2005 16:49:42 +0200]/UNNAMED/[From Lynn Cordero ][Date Mon, 13 Jun 2005 19:12:41 -0600]/UNNAMED/[From =?iso-8859-1?Q?Nad=E8ge_ANDREO?= ][Date Tue, 14 Jun 2005 19:05:37 +0200]/UNNAMED/[From "Dms" ][Date Wed, 15 Jun 2005 09:44:19]/html/[From sjlca@wanadoo.fr][Da ... ... /[From Eve Mosley ][Date Wed, 22 Jun 2005 20:24:00 -0600]/UNNAMED Infecté: Exploit.HTML.Iframe.FileDownload ignoré C:\Documents and Settings\Propriétaire\Application Data\Thunderbird\Profiles\t0sn79qj.default\Mail\Local Folders\Inbox/[From "Begue Fabrice" ][Date Tue, 3 May 2005 16:49:42 +0200]/UNNAMED/[From Lynn Cordero ][Date Mon, 13 Jun 2005 19:12:41 -0600]/UNNAMED/[From =?iso-8859-1?Q?Nad=E8ge_ANDREO?= ][Date Tue, 14 Jun 2005 19:05:37 +0200]/UNNAMED/[From "Dms" ][Date Wed, 15 Jun 2005 09:44:19]/html/[From sjlca@wanadoo.fr][Da ... /[ ... /[From Richard K. Lee <57avi@aasp.net>][Date Tue, 21 Jun 2005 08:20:23 +0000]/UNNAMED Infecté: Exploit.HTML.Iframe.FileDownload ignoré C:\Documents and Settings\Propriétaire\Application Data\Thunderbird\Profiles\t0sn79qj.default\Mail\Local Folders\Inbox/[From "Begue Fabrice" ][Date Tue, 3 May 2005 16:49:42 +0200]/UNNAMED/[From Lynn Cordero ][Date Mon, 13 Jun 2005 19:12:41 -0600]/UNNAMED/[From =?iso-8859-1?Q?Nad=E8ge_ANDREO?= ][Date Tue, 14 Jun 2005 19:05:37 +0200]/UNNAMED/[From "Dms" ][Date Wed, 15 Jun 2005 09:44:19]/html/[From sjlca@wanadoo.fr][Da ... /[From Michelle Slater ][Date Wed, 22 Jun 2005 13:43:31 +0600]/UNNAMED Infecté: Exploit.HTML.Iframe.FileDownload ignoré C:\Documents and Settings\Propriétaire\Application Data\Thunderbird\Profiles\t0sn79qj.default\Mail\Local Folders\Inbox/[From "Begue Fabrice" ][Date Tue, 3 May 2005 16:49:42 +0200]/UNNAMED/[From Lynn Cordero ][Date Mon, 13 Jun 2005 19:12:41 -0600]/UNNAMED/[From =?iso-8859-1?Q?Nad=E8ge_ANDREO?= ][Date Tue, 14 Jun 2005 19:05:37 +0200]/UNNAMED/[From "Dms" ][Date Wed, 15 Jun 2005 09:44:19]/html/[From sjlca@wanadoo.fr][Da ... / ... /[From Richard K. Lee <96beppe@acci.gr>][Date Sun, 19 Jun 2005 21:42:21 +0000]/UNNAMED Infecté: Exploit.HTML.Iframe.FileDownload ignoré C:\Documents and Settings\Propriétaire\Application Data\Thunderbird\Profiles\t0sn79qj.default\Mail\Local Folders\Inbox/[From "Begue Fabrice" ][Date Tue, 3 May 2005 16:49:42 +0200]/UNNAMED/[From Lynn Cordero ][Date Mon, 13 Jun 2005 19:12:41 -0600]/UNNAMED/[From =?iso-8859-1?Q?Nad=E8ge_ANDREO?= ][Date Tue, 14 Jun 2005 19:05:37 +0200]/UNNAMED/[From "Dms" ][Date Wed, 15 Jun 2005 09:44:19]/html/[From sjlca@wanadoo.fr][Da ... /[From Brady Daniel ][Date Sun, 19 Jun 2005 03:27:21 -0100]/UNNAMED Infecté: Exploit.HTML.Iframe.FileDownload ignoré C:\Documents and Settings\Propriétaire\Application Data\Thunderbird\Profiles\t0sn79qj.default\Mail\Local Folders\Inbox/[From "Begue Fabrice" ][Date Tue, 3 May 2005 16:49:42 +0200]/UNNAMED/[From Lynn Cordero ][Date Mon, 13 Jun 2005 19:12:41 -0600]/UNNAMED/[From =?iso-8859-1?Q?Nad=E8ge_ANDREO?= ][Date Tue, 14 Jun 2005 19:05:37 +0200]/UNNAMED/[From "Dms" ][Date Wed, 15 Jun 2005 09:44:19]/html/[From sjlca@wanadoo.fr][Date Thu, 16 Jun 2005 09:16:37 +0200]/UNNAMED Infecté: Exploit.HTML.Iframe.FileDownload ignoré C:\Documents and Settings\Propriétaire\Application Data\Thunderbird\Profiles\t0sn79qj.default\Mail\Local Folders\Inbox/[From "Begue Fabrice" ][Date Tue, 3 May 2005 16:49:42 +0200]/UNNAMED/[From Lynn Cordero ][Date Mon, 13 Jun 2005 19:12:41 -0600]/UNNAMED/[From =?iso-8859-1?Q?Nad=E8ge_ANDREO?= ][Date Tue, 14 Jun 2005 19:05:37 +0200]/UNNAMED/[From "Dms" ][Date Wed, 15 Jun 2005 09:44:19]/html Infecté: Exploit.HTML.Iframe.FileDownload ignoré C:\Documents and Settings\Propriétaire\Application Data\Thunderbird\Profiles\t0sn79qj.default\Mail\Local Folders\Inbox/[From "Begue Fabrice" ][Date Tue, 3 May 2005 16:49:42 +0200]/UNNAMED/[From Lynn Cordero ][Date Mon, 13 Jun 2005 19:12:41 -0600]/UNNAMED/[From =?iso-8859-1?Q?Nad=E8ge_ANDREO?= ][Date Tue, 14 Jun 2005 19:05:37 +0200]/UNNAMED Infecté: Exploit.HTML.Iframe.FileDownload ignoré C:\Documents and Settings\Propriétaire\Application Data\Thunderbird\Profiles\t0sn79qj.default\Mail\Local Folders\Inbox/[From "Begue Fabrice" ][Date Tue, 3 May 2005 16:49:42 +0200]/UNNAMED/[From Lynn Cordero ][Date Mon, 13 Jun 2005 19:12:41 -0600]/UNNAMED Infecté: Exploit.HTML.Iframe.FileDownload ignoré C:\Documents and Settings\Propriétaire\Application Data\Thunderbird\Profiles\t0sn79qj.default\Mail\Local Folders\Inbox/[From "Begue Fabrice" ][Date Tue, 3 May 2005 16:49:42 +0200]/UNNAMED Infecté: Exploit.HTML.Iframe.FileDownload ignoré C:\Documents and Settings\Propriétaire\Application Data\Thunderbird\Profiles\t0sn79qj.default\Mail\Local Folders\Inbox Mail Berkeley mbox: infecté - 30, suspect - 10 ignoré C:\Documents and Settings\Propriétaire\Mes documents\netant\setup.exe/CD_INSTALL_268.EXE/cd_clint.dll Infecté: not-a-virus:AdWare.Win32.Cydoor ignoré C:\Documents and Settings\Propriétaire\Mes documents\netant\setup.exe/CD_INSTALL_268.EXE/cd_htm.dll Infecté: not-a-virus:AdWare.Win32.Cydoor ignoré C:\Documents and Settings\Propriétaire\Mes documents\netant\setup.exe/CD_INSTALL_268.EXE Infecté: not-a-virus:AdWare.Win32.Cydoor ignoré C:\Documents and Settings\Propriétaire\Mes documents\netant\setup.exe ZIP: infecté - 3 ignoré C:\hp\bin\KillWind.exe Infecté: not-a-virus:RiskTool.Win32.PsKill.p ignoré C:\hp\region\FR_FR-ie.reg Infecté: Trojan.WinREG.StartPage ignoré C:\Program Files\MSN Messenger\Instant-Access.exe Infecté: not-a-virus:Dialer.Win32.E-Group.k ignoré C:\Program Files\NewDotNet\newdotnet6_38.dll Infecté: not-a-virus:AdWare.Win32.NewDotNet ignoré C:\Program Files\Windows Media Player\GDiVX1.9.9.5.exe/data0011 Infecté: not-a-virus:AdWare.Win32.NewDotNet ignoré C:\Program Files\Windows Media Player\GDiVX1.9.9.5.exe/data0012 Infecté: not-a-virus:AdWare.Win32.GigatechSuperBar ignoré C:\Program Files\Windows Media Player\GDiVX1.9.9.5.exe/data0013 Infecté: not-a-virus:AdWare.Win32.SaveNow.bx ignoré C:\Program Files\Windows Media Player\GDiVX1.9.9.5.exe NSIS: infecté - 3 ignoré C:\System Volume Information\_restore{743EF1E5-575C-4DE0-83AC-1B587C8E90E9}\RP90\A0085892.dll Infecté: not-a-virus:Porn-Dialer.Win32.InstantAccess ignoré C:\System Volume Information\_restore{743EF1E5-575C-4DE0-83AC-1B587C8E90E9}\RP90\A0085893.dll Infecté: not-a-virus:Porn-Dialer.Win32.InstantAccess ignoré C:\System Volume Information\_restore{743EF1E5-575C-4DE0-83AC-1B587C8E90E9}\RP90\A0085894.dll Infecté: not-a-virus:Porn-Dialer.Win32.InstantAccess ignoré C:\System Volume Information\_restore{743EF1E5-575C-4DE0-83AC-1B587C8E90E9}\RP90\A0085895.dll Infecté: not-a-virus:Server-Proxy.Win32.MarketScode.c ignoré C:\WINDOWS\ExeDialer.exe Infecté: not-a-virus:Dialer.Win32.E-Group.k ignoré C:\WINDOWS\lbbho.dll Infecté: not-a-virus:AdWare.Win32.Neon.a ignoré C:\WINDOWS\NDNuninstall5_48.exe Infecté: not-a-virus:AdWare.Win32.NewDotNet ignoré C:\WINDOWS\NDNuninstall5_64.exe Infecté: not-a-virus:AdWare.Win32.NewDotNet ignoré C:\WINDOWS\NDNuninstall6_10.exe Infecté: not-a-virus:AdWare.Win32.NewDotNet ignoré C:\WINDOWS\NDNuninstall6_22.exe Infecté: not-a-virus:AdWare.Win32.NewDotNet ignoré C:\WINDOWS\NDNuninstall6_30.exe Infecté: not-a-virus:AdWare.Win32.NewDotNet.g ignoré C:\WINDOWS\NDNuninstall6_38.exe Infecté: not-a-virus:AdWare.Win32.NewDotNet ignoré C:\WINDOWS\system32\cd_clint.dll Infecté: not-a-virus:AdWare.Win32.Cydoor ignoré C:\WINDOWS\system32\cd_htm.dll Infecté: not-a-virus:AdWare.Win32.Cydoor ignoré C:\WINDOWS\system32\config\systemprofile\Application Data\Thunderbird\Profiles\t0sn79qj.default\Mail\Local Folders\Inbox/[From "Begue Fabrice" ][Date Tue, 3 May 2005 16:49:42 +0200]/UNNAMED/[From MAILER-DAEMON@wanadoo.fr (Mail Delivery System)][Date Mon, 13 Jun 2005 16:02:48 +0200 (CEST)]/document.pif Infecté: Email-Worm.Win32.NetSky.y ignoré C:\WINDOWS\system32\config\systemprofile\Application Data\Thunderbird\Profiles\t0sn79qj.default\Mail\Local Folders\Inbox/[From "Begue Fabrice" ][Date Tue, 3 May 2005 16:49:42 +0200]/UNNAMED/[From Lynn Cordero ][Date Mon, 13 Jun 2005 19:12:41 -0600]/UNNAMED/[From =?iso-8859-1?Q?Nad=E8ge_ANDREO?= ][Date Tue, 14 Jun 2005 19:05:37 +0200]/UNNAMED/[From "Dms" ][Date Wed, 15 Jun 2005 09:44:19]/html/[From ... /[From MAILER-DAEMON@wanadoo.fr (Mail Delivery System)][Date Mon, 20 Jun 2005 19:07:02 +0200 (CEST)]/document.pif Infecté: Email-Worm.Win32.NetSky.q ignoré C:\WINDOWS\system32\config\systemprofile\Application Data\Thunderbird\Profiles\t0sn79qj.default\Mail\Local Folders\Inbox/[From "Begue Fabrice" ][Date Tue, 3 May 2005 16:49:42 +0200]/UNNAMED/[From Lynn Cordero ][Date Mon, 13 Jun 2005 19:12:41 -0600]/UNNAMED/[From =?iso-8859-1?Q?Nad=E8ge_ANDREO?= ][Date Tue, 14 Jun 2005 19:05:37 +0200]/UNNAMED/[From "Dms" ][Date Wed, 15 Jun 2005 09:44:19]/html/[From sjlca@wanadoo.fr][Da ... /[ .. ... /[From berrard.j.jacques@wanodoo.fr][Date Wed, 22 Jun 2005 14:38:05 +020 ... /html Suspect : Exploit.HTML.Iframe.FileDownload ignoré C:\WINDOWS\system32\config\systemprofile\Application Data\Thunderbird\Profiles\t0sn79qj.default\Mail\Local Folders\Inbox/[From "Begue Fabrice" ][Date Tue, 3 May 2005 16:49:42 +0200]/UNNAMED/[From Lynn Cordero ][Date Mon, 13 Jun 2005 19:12:41 -0600]/UNNAMED/[From =?iso-8859-1?Q?Nad=E8ge_ANDREO?= ][Date Tue, 14 Jun 2005 19:05:37 +0200]/UNNAMED/[From "Dms" ][Date Wed, 15 Jun 2005 09:44:19]/html/[From sjlca@wanadoo.fr][Da ... /[ .. ... /[From berrard.j.jacques@wanodoo.fr][Date Wed, 22 Jun 2005 14:38:05 +0200]/UNNAMED Suspect : Exploit.HTML.Iframe.FileDownload ignoré C:\WINDOWS\system32\config\systemprofile\Application Data\Thunderbird\Profiles\t0sn79qj.default\Mail\Local Folders\Inbox/[From "Begue Fabrice" ][Date Tue, 3 May 2005 16:49:42 +0200]/UNNAMED/[From Lynn Cordero ][Date Mon, 13 Jun 2005 19:12:41 -0600]/UNNAMED/[From =?iso-8859-1?Q?Nad=E8ge_ANDREO?= ][Date Tue, 14 Jun 2005 19:05:37 +0200]/UNNAMED/[From "Dms" ][Date Wed, 15 Jun 2005 09:44:19]/html/[From sjlc ... /[From MAILER-D ... /data.rtf .scr Infecté: Email-Worm.Win32.NetSky.q ignoré C:\WINDOWS\system32\config\systemprofile\Application Data\Thunderbird\Profiles\t0sn79qj.default\Mail\Local Folders\Inbox/[From "Begue Fabrice" ][Date Tue, 3 May 2005 16:49:42 +0200]/UNNAMED/[From Lynn Cordero ][Date Mon, 13 Jun 2005 19:12:41 -0600]/UNNAMED/[From =?iso-8859-1?Q?Nad=E8ge_ANDREO?= ][Date Tue, 14 Jun 2005 19:05:37 +0200]/UNNAMED/[From "Dms" ][Date Wed, 15 Jun 2005 09:44:19]/html/[From sjlc ... /[From MAILER-DAEMON@wa ... /[From w.widendaele@tiscali.fr][Date Fri, 1 Jul 2005 19:00:11 +0200]/details.zip Infecté: Email-Worm.Win32.NetSky.q ignoré C:\WINDOWS\system32\config\systemprofile\Application Data\Thunderbird\Profiles\t0sn79qj.default\Mail\Local Folders\Inbox/[From "Begue Fabrice" ][Date Tue, 3 May 2005 16:49:42 +0200]/UNNAMED/[From Lynn Cordero ][Date Mon, 13 Jun 2005 19:12:41 -0600]/UNNAMED/[From =?iso-8859-1?Q?Nad=E8ge_ANDREO?= ][Date Tue, 14 Jun 2005 19:05:37 +0200]/UNNAMED/[From "Dms" ][Date Wed, 15 Jun 2005 09:44:19]/html/[From sjlc ... /[From MAILER-DAEMON@wanadoo.fr (Mail Delivery System)][Date Fri, 1 Jul 2005 18:58:50 +0200 (C ... /UNNAMED Infecté: Email-Worm.Win32.NetSky.q ignoré C:\WINDOWS\system32\config\systemprofile\Application Data\Thunderbird\Profiles\t0sn79qj.default\Mail\Local Folders\Inbox/[From "Begue Fabrice" ][Date Tue, 3 May 2005 16:49:42 +0200]/UNNAMED/[From Lynn Cordero ][Date Mon, 13 Jun 2005 19:12:41 -0600]/UNNAMED/[From =?iso-8859-1?Q?Nad=E8ge_ANDREO?= ][Date Tue, 14 Jun 2005 19:05:37 +0200]/UNNAMED/[From "Dms" ][Date Wed, 15 Jun 2005 09:44:19]/html/[From sjlc ... / ... /[Fro ... /[From ... /[ ... ... /[From ldeseynes@aol.com][Date Wed, 6 Jul 2005 22:50:08 +020 ... /html Suspect : Exploit.HTML.Iframe.FileDownload ignoré C:\WINDOWS\system32\config\systemprofile\Application Data\Thunderbird\Profiles\t0sn79qj.default\Mail\Local Folders\Inbox/[From "Begue Fabrice" ][Date Tue, 3 May 2005 16:49:42 +0200]/UNNAMED/[From Lynn Cordero ][Date Mon, 13 Jun 2005 19:12:41 -0600]/UNNAMED/[From =?iso-8859-1?Q?Nad=E8ge_ANDREO?= ][Date Tue, 14 Jun 2005 19:05:37 +0200]/UNNAMED/[From "Dms" ][Date Wed, 15 Jun 2005 09:44:19]/html/[From sjlc ... / ... /[Fro ... /[From ... /[ ... ... /[From ldeseynes@aol.com][Date Wed, 6 Jul 2005 22:50:08 +0200]/UNNAMED Suspect : Exploit.HTML.Iframe.FileDownload ignoré C:\WINDOWS\system32\config\systemprofile\Application Data\Thunderbird\Profiles\t0sn79qj.default\Mail\Local Folders\Inbox/[From "Begue Fabrice" ][Date Tue, 3 May 2005 16:49:42 +0200]/UNNAMED/[From Lynn Cordero ][Date Mon, 13 Jun 2005 19:12:41 -0600]/UNNAMED/[From =?iso-8859-1?Q?Nad=E8ge_ANDREO?= ][Date Tue, 14 Jun 2005 19:05:37 +0200]/UNNAMED/[From "Dms" ][Date Wed, 15 Jun 2005 09:44:19]/html/[From sjlc ... /[From MAILER-DAEMON@wanadoo.fr (Mail Delivery System)][Date Thu, 7 Jul 2005 16:18:04 +0200 (CEST ... /html Suspect : Exploit.HTML.Iframe.FileDownload ignoré C:\WINDOWS\system32\config\systemprofile\Application Data\Thunderbird\Profiles\t0sn79qj.default\Mail\Local Folders\Inbox/[From "Begue Fabrice" ][Date Tue, 3 May 2005 16:49:42 +0200]/UNNAMED/[From Lynn Cordero ][Date Mon, 13 Jun 2005 19:12:41 -0600]/UNNAMED/[From =?iso-8859-1?Q?Nad=E8ge_ANDREO?= ][Date Tue, 14 Jun 2005 19:05:37 +0200]/UNNAMED/[From "Dms" ][Date Wed, 15 Jun 2005 09:44:19]/html/[From sjlc ... /[From MAILER-DAEMON@wanadoo.fr (Mail Delivery System)][Date Thu, 7 Jul 2005 16:18:04 +0200 (CEST)]/UNNAMED Suspect : Exploit.HTML.Iframe.FileDownload ignoré C:\WINDOWS\system32\config\systemprofile\Application Data\Thunderbird\Profiles\t0sn79qj.default\Mail\Local Folders\Inbox/[From "Begue Fabrice" ][Date Tue, 3 May 2005 16:49:42 +0200]/UNNAMED/[From Lynn Cordero ][Date Mon, 13 Jun 2005 19:12:41 -0600]/UNNAMED/[From =?iso-8859-1?Q?Nad=E8ge_ANDREO?= ][Date Tue, 14 Jun 2005 19:05:37 +0200]/UNNAMED/[From "Dms" ][Date Wed, 15 Jun 2005 09:44:19]/html/[From ... /[From MAILER-DAEMON@wanadoo.fr (Mail Delivery System)][Date Thu, 7 Jul 2005 16:18:04 +0200 (CEST)]/message.scr Infecté: Email-Worm.Win32.NetSky.q ignoré C:\WINDOWS\system32\config\systemprofile\Application Data\Thunderbird\Profiles\t0sn79qj.default\Mail\Local Folders\Inbox/[From "Begue Fabrice" ][Date Tue, 3 May 2005 16:49:42 +0200]/UNNAMED/[From Lynn Cordero ][Date Mon, 13 Jun 2005 19:12:41 -0600]/UNNAMED/[From =?iso-8859-1?Q?Nad=E8ge_ANDREO?= ][Date Tue, 14 Jun 2005 19:05:37 +0200]/UNNAMED/[From "Dms" ][Date Wed, 15 Jun 2005 09:44:19]/html/[From sjlc ... / ... /[Fro ... /[From ... ... /[From ptit_diable@caramail.com][Date Thu, 7 Jul 2005 18:37:43 +020 ... /html Suspect : Exploit.HTML.Iframe.FileDownload ignoré C:\WINDOWS\system32\config\systemprofile\Application Data\Thunderbird\Profiles\t0sn79qj.default\Mail\Local Folders\Inbox/[From "Begue Fabrice" ][Date Tue, 3 May 2005 16:49:42 +0200]/UNNAMED/[From Lynn Cordero ][Date Mon, 13 Jun 2005 19:12:41 -0600]/UNNAMED/[From =?iso-8859-1?Q?Nad=E8ge_ANDREO?= ][Date Tue, 14 Jun 2005 19:05:37 +0200]/UNNAMED/[From "Dms" ][Date Wed, 15 Jun 2005 09:44:19]/html/[From sjlc ... / ... /[Fro ... /[From ... ... /[From ptit_diable@caramail.com][Date Thu, 7 Jul 2005 18:37:43 +0200]/UNNAMED Suspect : Exploit.HTML.Iframe.FileDownload ignoré C:\WINDOWS\system32\config\systemprofile\Application Data\Thunderbird\Profiles\t0sn79qj.default\Mail\Local Folders\Inbox/[From "Begue Fabrice" ][Date Tue, 3 May 2005 16:49:42 +0200]/UNNAMED/[From Lynn Cordero ][Date Mon, 13 Jun 2005 19:12:41 -0600]/UNNAMED/[From =?iso-8859-1?Q?Nad=E8ge_ANDREO?= ][Date Tue, 14 Jun 2005 19:05:37 +0200]/UNNAMED/[From "Dms" ][Date Wed, 15 Jun 2005 09:44:19]/html/[From sjlc ... / ... /[Fro ... /[From ... /[ . ... /[From vivipiv@hotmail.com][Date Fri, 8 Jul 2005 11:16:52 +020 ... /html Suspect : Exploit.HTML.Iframe.FileDownload ignoré C:\WINDOWS\system32\config\systemprofile\Application Data\Thunderbird\Profiles\t0sn79qj.default\Mail\Local Folders\Inbox/[From "Begue Fabrice" ][Date Tue, 3 May 2005 16:49:42 +0200]/UNNAMED/[From Lynn Cordero ][Date Mon, 13 Jun 2005 19:12:41 -0600]/UNNAMED/[From =?iso-8859-1?Q?Nad=E8ge_ANDREO?= ][Date Tue, 14 Jun 2005 19:05:37 +0200]/UNNAMED/[From "Dms" ][Date Wed, 15 Jun 2005 09:44:19]/html/[From sjlc ... / ... /[Fro ... /[From ... /[ . ... /[From vivipiv@hotmail.com][Date Fri, 8 Jul 2005 11:16:52 +0200]/UNNAMED Suspect : Exploit.HTML.Iframe.FileDownload ignoré C:\WINDOWS\system32\config\systemprofile\Application Data\Thunderbird\Profiles\t0sn79qj.default\Mail\Local Folders\Inbox/[From "Begue Fabrice" ][Date Tue, 3 May 2005 16:49:42 +0200]/UNNAMED/[From Lynn Cordero ][Date Mon, 13 Jun 2005 19:12:41 -0600]/UNNAMED/[From =?iso-8859-1?Q?Nad=E8ge_ANDREO?= ][Date Tue, 14 Jun 2005 19:05:37 +0200]/UNNAMED/[From "Dms" ][Date Wed, 15 Jun 2005 09:44:19]/html/[From sjlc ... / ... /[Fro ... /[From ... /[ ... /[From chandenier@wanadoo.fr][Date Tue, 5 Jul 2005 10:29:32 +0200]/UNNAMED Infecté: Exploit.HTML.Iframe.FileDownload ignoré C:\WINDOWS\system32\config\systemprofile\Application Data\Thunderbird\Profiles\t0sn79qj.default\Mail\Local Folders\Inbox/[From "Begue Fabrice" ][Date Tue, 3 May 2005 16:49:42 +0200]/UNNAMED/[From Lynn Cordero ][Date Mon, 13 Jun 2005 19:12:41 -0600]/UNNAMED/[From =?iso-8859-1?Q?Nad=E8ge_ANDREO?= ][Date Tue, 14 Jun 2005 19:05:37 +0200]/UNNAMED/[From "Dms" ][Date Wed, 15 Jun 2005 09:44:19]/html/[From sjlc ... / ... /[Fro ... /[From ... /[From berrard.j.jacques@wanadoo.fr][Date Mon, 4 Jul 2005 10:03:45 +0200]/UNNAMED Infecté: Exploit.HTML.Iframe.FileDownload ignoré C:\WINDOWS\system32\config\systemprofile\Application Data\Thunderbird\Profiles\t0sn79qj.default\Mail\Local Folders\Inbox/[From "Begue Fabrice" ][Date Tue, 3 May 2005 16:49:42 +0200]/UNNAMED/[From Lynn Cordero ][Date Mon, 13 Jun 2005 19:12:41 -0600]/UNNAMED/[From =?iso-8859-1?Q?Nad=E8ge_ANDREO?= ][Date Tue, 14 Jun 2005 19:05:37 +0200]/UNNAMED/[From "Dms" ][Date Wed, 15 Jun 2005 09:44:19]/html/[From sjlc ... / ... /[Fro ... /[From Ava Longoria ][Date Mon, 04 Jul 2005 00:24:38 +0200]/UNNAMED Infecté: Exploit.HTML.Iframe.FileDownload ignoré C:\WINDOWS\system32\config\systemprofile\Application Data\Thunderbird\Profiles\t0sn79qj.default\Mail\Local Folders\Inbox/[From "Begue Fabrice" ][Date Tue, 3 May 2005 16:49:42 +0200]/UNNAMED/[From Lynn Cordero ][Date Mon, 13 Jun 2005 19:12:41 -0600]/UNNAMED/[From =?iso-8859-1?Q?Nad=E8ge_ANDREO?= ][Date Tue, 14 Jun 2005 19:05:37 +0200]/UNNAMED/[From "Dms" ][Date Wed, 15 Jun 2005 09:44:19]/html/[From sjlc ... / ... /[From ][Date Sat, 2 Jul 2005 19:56:47 +0200 (CEST)]/UNNAMED Infecté: Exploit.HTML.Iframe.FileDownload ignoré C:\WINDOWS\system32\config\systemprofile\Application Data\Thunderbird\Profiles\t0sn79qj.default\Mail\Local Folders\Inbox/[From "Begue Fabrice" ][Date Tue, 3 May 2005 16:49:42 +0200]/UNNAMED/[From Lynn Cordero ][Date Mon, 13 Jun 2005 19:12:41 -0600]/UNNAMED/[From =?iso-8859-1?Q?Nad=E8ge_ANDREO?= ][Date Tue, 14 Jun 2005 19:05:37 +0200]/UNNAMED/[From "Dms" ][Date Wed, 15 Jun 2005 09:44:19]/html/[From sjlc ... /[From MAILER-DAEMON@wanadoo.fr (Mail Delivery System)][Date Fri, 1 Jul 2005 18:58:50 +0200 (CEST)]/UNNAMED Infecté: Exploit.HTML.Iframe.FileDownload ignoré C:\WINDOWS\system32\config\systemprofile\Application Data\Thunderbird\Profiles\t0sn79qj.default\Mail\Local Folders\Inbox/[From "Begue Fabrice" ][Date Tue, 3 May 2005 16:49:42 +0200]/UNNAMED/[From Lynn Cordero ][Date Mon, 13 Jun 2005 19:12:41 -0600]/UNNAMED/[From =?iso-8859-1?Q?Nad=E8ge_ANDREO?= ][Date Tue, 14 Jun 2005 19:05:37 +0200]/UNNAMED/[From "Dms" ][Date Wed, 15 Jun 2005 09:44:19]/html/[From sjlca@wanadoo . ... /[From "Ca ... /[ ... /[From veromenetrier@aol.com][Date Wed, 29 Jun 2005 01:04:00 +0200]/UNNAMED Infecté: Exploit.HTML.Iframe.FileDownload ignoré C:\WINDOWS\system32\config\systemprofile\Application Data\Thunderbird\Profiles\t0sn79qj.default\Mail\Local Folders\Inbox/[From "Begue Fabrice" ][Date Tue, 3 May 2005 16:49:42 +0200]/UNNAMED/[From Lynn Cordero ][Date Mon, 13 Jun 2005 19:12:41 -0600]/UNNAMED/[From =?iso-8859-1?Q?Nad=E8ge_ANDREO?= ][Date Tue, 14 Jun 2005 19:05:37 +0200]/UNNAMED/[From "Dms" ][Date Wed, 15 Jun 2005 09:44:19]/html/[From sjlca@wanadoo . ... /[From "Ca ... /[From ][Date Thu, 17 Mar 2005 11:01:25 +0100]/UNNAMED Infecté: Exploit.HTML.Iframe.FileDownload ignoré C:\WINDOWS\system32\config\systemprofile\Application Data\Thunderbird\Profiles\t0sn79qj.default\Mail\Local Folders\Inbox/[From "Begue Fabrice" ][Date Tue, 3 May 2005 16:49:42 +0200]/UNNAMED/[From Lynn Cordero ][Date Mon, 13 Jun 2005 19:12:41 -0600]/UNNAMED/[From =?iso-8859-1?Q?Nad=E8ge_ANDREO?= ][Date Tue, 14 Jun 2005 19:05:37 +0200]/UNNAMED/[From "Dms" ][Date Wed, 15 Jun 2005 09:44:19]/html/[From sjlca@wanadoo . ... /[From "Caroline" ... /[From it_prince@hotmail.com][Date Sat, 25 Jun 2005 23:43:39 +0200]/UNNAMED Infecté: Exploit.HTML.Iframe.FileDownload ignoré C:\WINDOWS\system32\config\systemprofile\Application Data\Thunderbird\Profiles\t0sn79qj.default\Mail\Local Folders\Inbox/[From "Begue Fabrice" ][Date Tue, 3 May 2005 16:49:42 +0200]/UNNAMED/[From Lynn Cordero ][Date Mon, 13 Jun 2005 19:12:41 -0600]/UNNAMED/[From =?iso-8859-1?Q?Nad=E8ge_ANDREO?= ][Date Tue, 14 Jun 2005 19:05:37 +0200]/UNNAMED/[From "Dms" ][Date Wed, 15 Jun 2005 09:44:19]/html/[From sjlca@wanadoo . ... /[From "Caroline" ][Date Fri, 24 Jun 2005 09:01:44 +0200]/UNNAMED Infecté: Exploit.HTML.Iframe.FileDownload ignoré C:\WINDOWS\system32\config\systemprofile\Application Data\Thunderbird\Profiles\t0sn79qj.default\Mail\Local Folders\Inbox/[From "Begue Fabrice" ][Date Tue, 3 May 2005 16:49:42 +0200]/UNNAMED/[From Lynn Cordero ][Date Mon, 13 Jun 2005 19:12:41 -0600]/UNNAMED/[From =?iso-8859-1?Q?Nad=E8ge_ANDREO?= ][Date Tue, 14 Jun 2005 19:05:37 +0200]/UNNAMED/[From "Dms" ][Date Wed, 15 Jun 2005 09:44:19]/html/[From sjlca@wanadoo ... /[From "Nathalie Volodalen" ][Date Thu, 23 Jun 2005 16:37:11 +0200]/UNNAMED Infecté: Exploit.HTML.Iframe.FileDownload ignoré C:\WINDOWS\system32\config\systemprofile\Application Data\Thunderbird\Profiles\t0sn79qj.default\Mail\Local Folders\Inbox/[From "Begue Fabrice" ][Date Tue, 3 May 2005 16:49:42 +0200]/UNNAMED/[From Lynn Cordero ][Date Mon, 13 Jun 2005 19:12:41 -0600]/UNNAMED/[From =?iso-8859-1?Q?Nad=E8ge_ANDREO?= ][Date Tue, 14 Jun 2005 19:05:37 +0200]/UNNAMED/[From "Dms" ][Date Wed, 15 Jun 2005 09:44:19]/html/[From sjlca@wanadoo.fr][Da ... ... /[From Ken Erwin ][Date Thu, 23 Jun 2005 05:41:02 +0400]/UNNAMED Infecté: Exploit.HTML.Iframe.FileDownload ignoré C:\WINDOWS\system32\config\systemprofile\Application Data\Thunderbird\Profiles\t0sn79qj.default\Mail\Local Folders\Inbox/[From "Begue Fabrice" ][Date Tue, 3 May 2005 16:49:42 +0200]/UNNAMED/[From Lynn Cordero ][Date Mon, 13 Jun 2005 19:12:41 -0600]/UNNAMED/[From =?iso-8859-1?Q?Nad=E8ge_ANDREO?= ][Date Tue, 14 Jun 2005 19:05:37 +0200]/UNNAMED/[From "Dms" ][Date Wed, 15 Jun 2005 09:44:19]/html/[From sjlca@wanadoo.fr][Da ... ... /[From ... /[From Dynamicathletic@aol.com][Date Wed, 22 Jun 2005 07:22:07 EDT]/UNNAMED Infecté: Exploit.HTML.Iframe.FileDownload ignoré C:\WINDOWS\system32\config\systemprofile\Application Data\Thunderbird\Profiles\t0sn79qj.default\Mail\Local Folders\Inbox/[From "Begue Fabrice" ][Date Tue, 3 May 2005 16:49:42 +0200]/UNNAMED/[From Lynn Cordero ][Date Mon, 13 Jun 2005 19:12:41 -0600]/UNNAMED/[From =?iso-8859-1?Q?Nad=E8ge_ANDREO?= ][Date Tue, 14 Jun 2005 19:05:37 +0200]/UNNAMED/[From "Dms" ][Date Wed, 15 Jun 2005 09:44:19]/html/[From sjlca@wanadoo.fr][Da ... ... /[From Cedric Dowdy ][Date Wed, 22 Jun 2005 08:04:38 -0400]/UNNAMED Infecté: Exploit.HTML.Iframe.FileDownload ignoré C:\WINDOWS\system32\config\systemprofile\Application Data\Thunderbird\Profiles\t0sn79qj.default\Mail\Local Folders\Inbox/[From "Begue Fabrice" ][Date Tue, 3 May 2005 16:49:42 +0200]/UNNAMED/[From Lynn Cordero ][Date Mon, 13 Jun 2005 19:12:41 -0600]/UNNAMED/[From =?iso-8859-1?Q?Nad=E8ge_ANDREO?= ][Date Tue, 14 Jun 2005 19:05:37 +0200]/UNNAMED/[From "Dms" ][Date Wed, 15 Jun 2005 09:44:19]/html/[From sjlca@wanadoo.fr][Da ... ... /[From ... /[From Dynamicathletic@aol.com][Date Wed, 22 Jun 2005 07:03:36 EDT]/UNNAMED Infecté: Exploit.HTML.Iframe.FileDownload ignoré C:\WINDOWS\system32\config\systemprofile\Application Data\Thunderbird\Profiles\t0sn79qj.default\Mail\Local Folders\Inbox/[From "Begue Fabrice" ][Date Tue, 3 May 2005 16:49:42 +0200]/UNNAMED/[From Lynn Cordero ][Date Mon, 13 Jun 2005 19:12:41 -0600]/UNNAMED/[From =?iso-8859-1?Q?Nad=E8ge_ANDREO?= ][Date Tue, 14 Jun 2005 19:05:37 +0200]/UNNAMED/[From "Dms" ][Date Wed, 15 Jun 2005 09:44:19]/html/[From sjlca@wanadoo.fr][Da ... ... /[From Eve Mosley ][Date Wed, 22 Jun 2005 20:24:00 -0600]/UNNAMED Infecté: Exploit.HTML.Iframe.FileDownload ignoré C:\WINDOWS\system32\config\systemprofile\Application Data\Thunderbird\Profiles\t0sn79qj.default\Mail\Local Folders\Inbox/[From "Begue Fabrice" ][Date Tue, 3 May 2005 16:49:42 +0200]/UNNAMED/[From Lynn Cordero ][Date Mon, 13 Jun 2005 19:12:41 -0600]/UNNAMED/[From =?iso-8859-1?Q?Nad=E8ge_ANDREO?= ][Date Tue, 14 Jun 2005 19:05:37 +0200]/UNNAMED/[From "Dms" ][Date Wed, 15 Jun 2005 09:44:19]/html/[From sjlca@wanadoo.fr][Da ... /[ ... /[From Richard K. Lee <57avi@aasp.net>][Date Tue, 21 Jun 2005 08:20:23 +0000]/UNNAMED Infecté: Exploit.HTML.Iframe.FileDownload ignoré C:\WINDOWS\system32\config\systemprofile\Application Data\Thunderbird\Profiles\t0sn79qj.default\Mail\Local Folders\Inbox/[From "Begue Fabrice" ][Date Tue, 3 May 2005 16:49:42 +0200]/UNNAMED/[From Lynn Cordero ][Date Mon, 13 Jun 2005 19:12:41 -0600]/UNNAMED/[From =?iso-8859-1?Q?Nad=E8ge_ANDREO?= ][Date Tue, 14 Jun 2005 19:05:37 +0200]/UNNAMED/[From "Dms" ][Date Wed, 15 Jun 2005 09:44:19]/html/[From sjlca@wanadoo.fr][Da ... /[From Michelle Slater ][Date Wed, 22 Jun 2005 13:43:31 +0600]/UNNAMED Infecté: Exploit.HTML.Iframe.FileDownload ignoré C:\WINDOWS\system32\config\systemprofile\Application Data\Thunderbird\Profiles\t0sn79qj.default\Mail\Local Folders\Inbox/[From "Begue Fabrice" ][Date Tue, 3 May 2005 16:49:42 +0200]/UNNAMED/[From Lynn Cordero ][Date Mon, 13 Jun 2005 19:12:41 -0600]/UNNAMED/[From =?iso-8859-1?Q?Nad=E8ge_ANDREO?= ][Date Tue, 14 Jun 2005 19:05:37 +0200]/UNNAMED/[From "Dms" ][Date Wed, 15 Jun 2005 09:44:19]/html/[From sjlca@wanadoo.fr][Da ... / ... /[From Richard K. Lee <96beppe@acci.gr>][Date Sun, 19 Jun 2005 21:42:21 +0000]/UNNAMED Infecté: Exploit.HTML.Iframe.FileDownload ignoré C:\WINDOWS\system32\config\systemprofile\Application Data\Thunderbird\Profiles\t0sn79qj.default\Mail\Local Folders\Inbox/[From "Begue Fabrice" ][Date Tue, 3 May 2005 16:49:42 +0200]/UNNAMED/[From Lynn Cordero ][Date Mon, 13 Jun 2005 19:12:41 -0600]/UNNAMED/[From =?iso-8859-1?Q?Nad=E8ge_ANDREO?= ][Date Tue, 14 Jun 2005 19:05:37 +0200]/UNNAMED/[From "Dms" ][Date Wed, 15 Jun 2005 09:44:19]/html/[From sjlca@wanadoo.fr][Da ... /[From Brady Daniel ][Date Sun, 19 Jun 2005 03:27:21 -0100]/UNNAMED Infecté: Exploit.HTML.Iframe.FileDownload ignoré C:\WINDOWS\system32\config\systemprofile\Application Data\Thunderbird\Profiles\t0sn79qj.default\Mail\Local Folders\Inbox/[From "Begue Fabrice" ][Date Tue, 3 May 2005 16:49:42 +0200]/UNNAMED/[From Lynn Cordero ][Date Mon, 13 Jun 2005 19:12:41 -0600]/UNNAMED/[From =?iso-8859-1?Q?Nad=E8ge_ANDREO?= ][Date Tue, 14 Jun 2005 19:05:37 +0200]/UNNAMED/[From "Dms" ][Date Wed, 15 Jun 2005 09:44:19]/html/[From sjlca@wanadoo.fr][Date Thu, 16 Jun 2005 09:16:37 +0200]/UNNAMED Infecté: Exploit.HTML.Iframe.FileDownload ignoré C:\WINDOWS\system32\config\systemprofile\Application Data\Thunderbird\Profiles\t0sn79qj.default\Mail\Local Folders\Inbox/[From "Begue Fabrice" ][Date Tue, 3 May 2005 16:49:42 +0200]/UNNAMED/[From Lynn Cordero ][Date Mon, 13 Jun 2005 19:12:41 -0600]/UNNAMED/[From =?iso-8859-1?Q?Nad=E8ge_ANDREO?= ][Date Tue, 14 Jun 2005 19:05:37 +0200]/UNNAMED/[From "Dms" ][Date Wed, 15 Jun 2005 09:44:19]/html Infecté: Exploit.HTML.Iframe.FileDownload ignoré C:\WINDOWS\system32\config\systemprofile\Application Data\Thunderbird\Profiles\t0sn79qj.default\Mail\Local Folders\Inbox/[From "Begue Fabrice" ][Date Tue, 3 May 2005 16:49:42 +0200]/UNNAMED/[From Lynn Cordero ][Date Mon, 13 Jun 2005 19:12:41 -0600]/UNNAMED/[From =?iso-8859-1?Q?Nad=E8ge_ANDREO?= ][Date Tue, 14 Jun 2005 19:05:37 +0200]/UNNAMED Infecté: Exploit.HTML.Iframe.FileDownload ignoré C:\WINDOWS\system32\config\systemprofile\Application Data\Thunderbird\Profiles\t0sn79qj.default\Mail\Local Folders\Inbox/[From "Begue Fabrice" ][Date Tue, 3 May 2005 16:49:42 +0200]/UNNAMED/[From Lynn Cordero ][Date Mon, 13 Jun 2005 19:12:41 -0600]/UNNAMED Infecté: Exploit.HTML.Iframe.FileDownload ignoré C:\WINDOWS\system32\config\systemprofile\Application Data\Thunderbird\Profiles\t0sn79qj.default\Mail\Local Folders\Inbox/[From "Begue Fabrice" ][Date Tue, 3 May 2005 16:49:42 +0200]/UNNAMED Infecté: Exploit.HTML.Iframe.FileDownload ignoré C:\WINDOWS\system32\config\systemprofile\Application Data\Thunderbird\Profiles\t0sn79qj.default\Mail\Local Folders\Inbox Mail Berkeley mbox: infecté - 30, suspect - 10 ignoré C:\WINDOWS\system32\config\systemprofile\Application Data\Thunderbird\Profiles\t0sn79qj.default\Mail\Local Folders\Trash/[From patrick.herscovici@wanadoo.fr][Date Wed, 1 Jun 2005 08:29:15 +0200]/UNNAMED/[From "Caroline" ][Date Thu, 2 Jun 2005 09:30:39 +0200]/UNNAMED/[From Bochu Jacques ][Date Thu, 2 Jun 2005 15:47:55 +0200]/UNNAMED/[From Richard K. Lee <2jan-olof@a1isp.net>][Date Sun, 29 May 2005 09:12:19 +0000]/UNNAMED/[From andre.duval10@wanadoo.fr][Date Sat, 4 Jun 2005 17:15:54 +0200]/UNNAMED/document.pif Infecté: Email-Worm.Win32.NetSky.y ignoré C:\WINDOWS\system32\config\systemprofile\Application Data\Thunderbird\Profiles\t0sn79qj.default\Mail\Local Folders\Trash/[From patrick.herscovici@wanadoo.fr][Date Wed, 1 Jun 2005 08:29:15 +0200]/UNNAMED/[From "Caroline" ][Date Thu, 2 Jun 2005 09:30:39 +0200]/UNNAMED/[From Bochu Jacques ][Date Thu, 2 Jun 2005 15:47:55 +0200]/UNNAMED/[From Richard K. Lee <2jan-olof@a1isp.net>][Date Sun, 29 May 2005 09:12:19 +0000]/UNNAM ... /[From =?iso-8 ... /[From MAILER-DAEMON@wanadoo.fr (Mail Delivery System)][Date Mon, 13 Jun 2005 16:02:48 +0200 (CEST)]/document.pif Infecté: Email-Worm.Win32.NetSky.y ignoré C:\WINDOWS\system32\config\systemprofile\Application Data\Thunderbird\Profiles\t0sn79qj.default\Mail\Local Folders\Trash/[From patrick.herscovici@wanadoo.fr][Date Wed, 1 Jun 2005 08:29:15 +0200]/UNNAMED/[From "Caroline" ][Date Thu, 2 Jun 2005 09:30:39 +0200]/UNNAMED/[From Bochu Jacques ][Date Thu, 2 Jun 2005 15:47:55 +0200]/UNNAMED/[From Richard K. Lee <2jan-olof@a1isp.net>][Date Sun, 29 May 2005 09:12:19 +0000]/UNNAM ... /[From =?iso-8 ... /[From MAILER-DAEMON@wanadoo.fr (Mail Delivery System)][Date Mon, 20 Jun 2005 19:07:02 +0200 (CEST)]/document.pif Infecté: Email-Worm.Win32.NetSky.q ignoré C:\WINDOWS\system32\config\systemprofile\Application Data\Thunderbird\Profiles\t0sn79qj.default\Mail\Local Folders\Trash/[From patrick.herscovici@wanadoo.fr][Date Wed, 1 Jun 2005 08:29:15 +0200]/UNNAMED/[From "Caroline" ][Date Thu, 2 Jun 2005 09:30:39 +0200]/UNNAMED/[From Bochu Jacques ][Date Thu, 2 Jun 2005 15:47:55 +0200]/UNNAMED/[From Richard K. Lee <2jan-olof@a1isp.net>][Date Sun, 29 May 2005 09:12:19 +0000]/UNNAM ... /[From =?iso-8859 ... / ... /[From "Raid ... ... /[From berrard.j.jacques@wanodoo.fr][Date Wed, 22 Jun 2005 14:38:05 +020 ... /html Suspect : Exploit.HTML.Iframe.FileDownload ignoré C:\WINDOWS\system32\config\systemprofile\Application Data\Thunderbird\Profiles\t0sn79qj.default\Mail\Local Folders\Trash/[From patrick.herscovici@wanadoo.fr][Date Wed, 1 Jun 2005 08:29:15 +0200]/UNNAMED/[From "Caroline" ][Date Thu, 2 Jun 2005 09:30:39 +0200]/UNNAMED/[From Bochu Jacques ][Date Thu, 2 Jun 2005 15:47:55 +0200]/UNNAMED/[From Richard K. Lee <2jan-olof@a1isp.net>][Date Sun, 29 May 2005 09:12:19 +0000]/UNNAM ... /[From =?iso-8859 ... / ... /[From "Raid ... ... /[From berrard.j.jacques@wanodoo.fr][Date Wed, 22 Jun 2005 14:38:05 +0200]/UNNAMED Suspect : Exploit.HTML.Iframe.FileDownload ignoré C:\WINDOWS\system32\config\systemprofile\Application Data\Thunderbird\Profiles\t0sn79qj.default\Mail\Local Folders\Trash/[From patrick.herscovici@wanadoo.fr][Date Wed, 1 Jun 2005 08:29:15 +0200]/UNNAMED/[From "Caroline" ][Date Thu, 2 Jun 2005 09:30:39 +0200]/UNNAMED/[From Bochu Jacques ][Date Thu, 2 Jun 2005 15:47:55 +0200]/UNNAMED/[From Richard K. Lee <2jan-olof@a1isp.net>] ... /[From =?iso-8859-1?B?Y29sbGVjdGlmIGRlcyByZXNzb3J0aXNzYW50cyBkZSBwZXRpdCBkdelrb3XpZXQgZ3VpdHJvem9u? ... /[From shaista@wanadoo.fr][Date Mon, 27 Jun 2005 14:19:09 +020 ... /html Suspect : Exploit.HTML.Iframe.FileDownload ignoré C:\WINDOWS\system32\config\systemprofile\Application Data\Thunderbird\Profiles\t0sn79qj.default\Mail\Local Folders\Trash/[From patrick.herscovici@wanadoo.fr][Date Wed, 1 Jun 2005 08:29:15 +0200]/UNNAMED/[From "Caroline" ][Date Thu, 2 Jun 2005 09:30:39 +0200]/UNNAMED/[From Bochu Jacques ][Date Thu, 2 Jun 2005 15:47:55 +0200]/UNNAMED/[From Richard K. Lee <2jan-olof@a1isp.net>] ... /[From =?iso-8859-1?B?Y29sbGVjdGlmIGRlcyByZXNzb3J0aXNzYW50cyBkZSBwZXRpdCBkdelrb3XpZXQgZ3VpdHJvem9u? ... /[From shaista@wanadoo.fr][Date Mon, 27 Jun 2005 14:19:09 +0200]/UNNAMED Suspect : Exploit.HTML.Iframe.FileDownload ignoré C:\WINDOWS\system32\config\systemprofile\Application Data\Thunderbird\Profiles\t0sn79qj.default\Mail\Local Folders\Trash/[From patrick.herscovici@wanadoo.fr][Date Wed, 1 Jun 2005 08:29:15 +0200]/UNNAMED/[From "Caroline" ][Date Thu, 2 Jun 2005 09:30:39 +0200]/UNNAMED/[From Bochu Jacques ][Date Thu, 2 Jun 2005 15:47:55 +0200]/UNNAMED/[From Richard K. Lee <2jan-olof@a1isp.net>] ... /[From =?iso-8859-1?B?Y29sbGVjdGlmIGRlcyByZXNzb3J0aXNzYW50cyBkZ ... /[From MAILER-D ... /data.rtf .scr Infecté: Email-Worm.Win32.NetSky.q ignoré C:\WINDOWS\system32\config\systemprofile\Application Data\Thunderbird\Profiles\t0sn79qj.default\Mail\Local Folders\Trash/[From patrick.herscovici@wanadoo.fr][Date Wed, 1 Jun 2005 08:29:15 +0200]/UNNAMED/[From "Caroline" ][Date Thu, 2 Jun 2005 09:30:39 +0200]/UNNAMED/[From Bochu Jacques ][Date Thu, 2 Jun 2005 15:47:55 +0200]/UNNAMED/[From Richard K. Lee <2jan-olof@a1isp.net>] ... /[From =?iso-8859-1?B?Y29sbGVjdGlmIGRlcyByZXNzb3J0aXNzYW50cyBkZ ... /[From MAILER-DAEMON@wa ... /[From w.widendaele@tiscali.fr][Date Fri, 1 Jul 2005 19:00:11 +0200]/details.zip Infecté: Email-Worm.Win32.NetSky.q ignoré C:\WINDOWS\system32\config\systemprofile\Application Data\Thunderbird\Profiles\t0sn79qj.default\Mail\Local Folders\Trash/[From patrick.herscovici@wanadoo.fr][Date Wed, 1 Jun 2005 08:29:15 +0200]/UNNAMED/[From "Caroline" ][Date Thu, 2 Jun 2005 09:30:39 +0200]/UNNAMED/[From Bochu Jacques ][Date Thu, 2 Jun 2005 15:47:55 +0200]/UNNAMED/[From Richard K. Lee <2jan-olof@a1isp.net>] ... /[From =?iso-8859-1?B?Y29sbGVjdGlmIGRlcyByZXNzb3J0aXNzYW50cyBkZ ... /[From MAILER-DAEMON@wanadoo.fr (Mail Delivery System)][Date Fri, 1 Jul 2005 18:58:50 +0200 (C ... /UNNAMED Infecté: Email-Worm.Win32.NetSky.q ignoré C:\WINDOWS\system32\config\systemprofile\Application Data\Thunderbird\Profiles\t0sn79qj.default\Mail\Local Folders\Trash/[From patrick.herscovici@wanadoo.fr][Date Wed, 1 Jun 2005 08:29:15 +0200]/UNNAMED/[From "Caroline" ][Date Thu, 2 Jun 2005 09:30:39 +0200]/UNNAMED/[From Bochu Jacques ][Date Thu, 2 Jun 2005 15:47:55 +0200]/UNNAMED/[From Richard K. Lee <2jan-olof@a1isp.net>] ... /[From =?iso-8859-1?B?Y29sbGVjdGlmIGRlcyByZXNzb3J0aXNzYW50cyBkZ ... /[From MAILER-DAEMON@wanadoo.fr (Mail Delivery System)][Date Fri, 1 Jul 2005 18:58:50 +0200 (CEST)]/UNNAMED Infecté: Email-Worm.Win32.NetSky.q ignoré C:\WINDOWS\system32\config\systemprofile\Application Data\Thunderbird\Profiles\t0sn79qj.default\Mail\Local Folders\Trash/[From patrick.herscovici@wanadoo.fr][Date Wed, 1 Jun 2005 08:29:15 +0200]/UNNAMED/[From "Caroline" ][Date Thu, 2 Jun 2005 09:30:39 +0200]/UNNAMED/[From Bochu Jacques ][Date Thu, 2 Jun 2005 15:47:55 +0200]/UNNAMED/[From Richard K. Lee <2jan-olof@a1isp.net>] ... /[From =?iso-8859-1?B?Y29sbGVjdGlmIGRlcyByZXNzb3J0aXNzYW50cyBkZSBwZXRpdCBkdel ... /[From Van ... /[From jeffherveau@worldonline.fr][Date Fri, 1 Jul 2005 12:01:47 +0200]/UNNAMED Infecté: Email-Worm.Win32.NetSky.q ignoré C:\WINDOWS\system32\config\systemprofile\Application Data\Thunderbird\Profiles\t0sn79qj.default\Mail\Local Folders\Trash

Salut à tous! Me voila de retour mais sur le PC de mon père (bonne fête!). Pas de problème en gros mais juste pour savoir s'il y'a pas trop de merdes dessus suite aux passages sauvages des p'tits neveus ki téléchargent tout et n'importe koi! Je lui ai fait un p'tit scan avec AntiVir en mode sans échec et un p'tit log avec HijackThis! Juste pour savoir s'il y a des trucs ki clochent dessus.Il y a aussi un problem avec la cam mais on y viendra un peu plus tard. A la suite je vous mets les 2 rapports: AntiVir PersonalEdition Classic Report file date: samedi 17 juin 2006 17:44 Scanning for 409240 virus strains and unwanted programs. Licensed to: AntiVir PersonalEdition Classic Serial number: 0000149996-WURGE-0001 Platform: Windows XP Windows version: (Service Pack 1) [5.1.2600] Username: Propriétaire Computer name: NOM-FHA60KKNN64 Version informations: AVSCAN.EXE : 7.0.0.42 376872 17/06/2006 14:49:59 AVSCAN.DLL : 7.0.0.42 53288 17/06/2006 14:49:59 LUKE.DLL : 7.0.0.42 110632 17/06/2006 14:50:01 LUKERES.DLL : 7.0.0.42 25640 17/06/2006 14:50:01 ANTIVIR0.VDF : 6.35.0.1 7371264 17/06/2006 14:49:56 ANTIVIR1.VDF : 6.35.0.5 2048 17/06/2006 14:49:57 ANTIVIR2.VDF : 6.35.0.33 173568 17/06/2006 14:49:57 ANTIVIR3.VDF : 6.35.0.42 16384 17/06/2006 14:49:57 AVEWIN32.DLL : 7.1.0.13 1536512 17/06/2006 14:49:57 AVPREF.DLL : 7.0.0.1 33832 17/06/2006 14:49:58 AVREP.DLL : 6.35.0.2 454696 17/06/2006 14:49:59 AVRPBASE.DLL : 7.0.0.0 1544232 17/06/2006 14:49:59 AVPACK32.DLL : 7.1.0.1 331816 17/06/2006 14:49:58 AVREG.DLL : 6.31.0.90 25128 17/06/2006 14:49:58 NETNT.DLL : 6.32.0.0 6696 17/06/2006 14:50:02 NETNW.DLL : 6.32.0.0 9768 17/06/2006 14:50:02 RCIMAGE.DLL : 7.0.0.71 1642536 17/06/2006 14:50:05 RCTEXT.DLL : 7.0.0.75 77864 17/06/2006 14:50:05 Configuration settings for the scan: Jobname: '%s'.................: Manual Selection Configuration file............: C:\Documents and Settings\All Users\Application Data\AntiVir PersonalEdition Classic\PROFILES\folder.avp Boot sectors..................: A,C,D,E,F Scan memory...................: 1 Process scan..................: 1 Scan all files................: 1 Scan archives.................: 1 Recursion depth...............: 20 Smart extensions..............: 1 Skipped archive types.........: 1000,1001,1002,1003,1004, Macro heuristic...............: 1 File heuristic................: 3 Primary action................: 1 Secondary action..............: 0 Start of the scan: samedi 17 juin 2006 17:44 The scan over running processes will be started 12 Processes was scanned Start scanning boot sectors: Boot sector 'A:\' [NOTE] In the drive 'A:\' no data medium is inserted! Boot sector 'C:\' [NOTE] No virus was found! Boot sector 'D:\' [NOTE] No virus was found! Starting to scan the registry. The registry was scanned ( 36 files ). Starting the file scan: The path A:\ could not be found! Le périphérique n'est pas prêt. C:\pagefile.sys [WARNING] The file could not be opened! C:\Documents and Settings\All Users\Application Data\Microsoft\Dr Watson\user.dmp [WARNING] The file could not be opened! C:\Documents and Settings\Default User\Application Data\Thunderbird\Profiles\t0sn79qj.default\Mail\Local Folders\Inbox [0] Archive type: Netscape/Mozilla Mailbox --> Mailbox_[From: SouthTrust <custservice_id_9166766141648@southt][subject: Important information from SouthTrust Bank bill]30.mim [DETECTION] Enthält Signatur der Phish-Datei/Email PHISH/SunBkfraud.G --> Mailbox_[From: MAILER-DAEMON@wanadoo.fr (Mail Delivery System)][subject: Undelivered Mail Returned to Sender]40.mim [1] Archive type: MIME --> file2.mim [2] Archive type: MIME --> document.pif [DETECTION] Contains signature of the worm WORM/NetSky.Q.13 --> Mailbox_[From: SouthTrust Bank <custservice_id_48100590534202@][subject: SOUTHTRUST BANK: PLEASE CONFIRM YOUR INTERNET B]44.mim [DETECTION] Enthält Signatur der Phish-Datei/Email PHISH/SunBkfraud.G --> Mailbox_[From: berrard.j.jacques@wanodoo.fr][subject: [avast! - INFECTED] Mail Delivery (failure wi]48.mim [1] Archive type: MIME --> file0.mim [2] Archive type: MIME --> file1.html [DETECTION] Contains signature of the worm WORM/NetSky.P.Expl --> Mailbox_[From: guy.chuiton@wanadoo.fr][subject: [avast! - INFECTED] Mail Delivery (failure w.]96.mim [1] Archive type: MIME --> file0.mim [2] Archive type: MIME --> file1.html [DETECTION] Contains signature of the worm WORM/NetSky.P.Expl --> Mailbox_[From: athletisme.stade-villeneuvois@wanadoo.fr][subject: [avast! - INFECTED] Mail Delivery (failure w.]102.mim [1] Archive type: MIME --> file0.mim [2] Archive type: MIME --> file1.html [DETECTION] Contains signature of the worm WORM/NetSky.P.Expl --> Mailbox_[From: shaista@wanadoo.fr][subject: [avast! - INFECTED] Mail Delivery (failure w.]110.mim [1] Archive type: MIME --> file0.mim [2] Archive type: MIME --> file1.html [DETECTION] Contains signature of the worm WORM/NetSky.P.Expl --> Mailbox_[From: saintagnant.athle@9online.fr][subject: [avast! - INFECTED] Mail Delivery (failure wi]134.mim [1] Archive type: MIME --> file0.mim [2] Archive type: MIME --> file1.html [DETECTION] Contains signature of the worm WORM/NetSky.P.Expl --> Mailbox_[From: SOUTHTRUST <supprefnum607312390020@southtrust.c][subject: URGENT SECURITY NOTIFICATION]142.mim [DETECTION] Enthält Signatur der Phish-Datei/Email PHISH/SunBkfraud.G --> Mailbox_[From: ldeseynes@aol.com][subject: [avast! - INFECTED] Mail Delivery (failure w.]162.mim [1] Archive type: MIME --> file0.mim [2] Archive type: MIME --> file1.html [DETECTION] Contains signature of the worm WORM/NetSky.P.Expl --> Mailbox_[From: MAILER-DAEMON@wanadoo.fr (Mail Delivery System)][subject: Undelivered Mail Returned to Sender]164.mim [1] Archive type: MIME --> file2.mim [2] Archive type: MIME --> file0.mim [3] Archive type: MIME --> file1.html [DETECTION] Contains signature of the worm WORM/NetSky.P.Expl --> Mailbox_[From: je.suis.un.canard@caramail.com][subject: [avast! - INFECTED] Mail Delivery (failure w.]168.mim [1] Archive type: MIME --> file0.mim [2] Archive type: MIME --> file1.html [DETECTION] Contains signature of the worm WORM/NetSky.P.Expl --> Mailbox_[From: vivipiv@hotmail.com][subject: [avast! - INFECTED] Mail Delivery (failure w.]176.mim [1] Archive type: MIME --> file0.mim [2] Archive type: MIME --> file1.html [DETECTION] Contains signature of the worm WORM/NetSky.P.Expl --> Mailbox_[From: SouthTrust <custservice_id_0559853510@southtrus][subject: SOUTHTRUST BANK - SECURITY UPDATE]184.mim [DETECTION] Enthält Signatur der Phish-Datei/Email PHISH/SunBkfraud.G --> Mailbox_[From: waly108@hotmail.com][subject: [avast! - INFECTED] Mail Delivery (failure w.]372.mim [1] Archive type: MIME --> file0.mim [2] Archive type: MIME --> file1.html [DETECTION] Contains signature of the worm WORM/NetSky.P.Expl --> Mailbox_[From: ligue.athle.guyane@wanadoo.fr][subject: [avast! - INFECTED] Mail Delivery (failure w.]402.mim [1] Archive type: MIME --> file0.mim [2] Archive type: MIME --> file1.html [DETECTION] Contains signature of the worm WORM/NetSky.P.Expl --> Mailbox_[From: michelmag2@wanadoo.fr][subject: [avast! - INFECTED] Mail Delivery (failure w.]406.mim [1] Archive type: MIME --> file0.mim [2] Archive type: MIME --> file1.html [DETECTION] Contains signature of the worm WORM/NetSky.P.Expl [WARNING] The file was ignored! C:\Documents and Settings\Default User\Application Data\Thunderbird\Profiles\t0sn79qj.default\Mail\Local Folders\Trash [0] Archive type: Netscape/Mozilla Mailbox --> Mailbox_[From: SouthTrust Bank <custservice_id_980620@southtru][subject: SouthTrust Bank security maintenance]26.mim [DETECTION] Enthält Signatur der Phish-Datei/Email PHISH/SunBkfraud.G --> Mailbox_[From: andre.duval10@wanadoo.fr][subject: Re: document]28.mim [DETECTION] Contains signature of the worm WORM/Netsky.X [1] Archive type: MIME --> document.pif [DETECTION] Contains signature of the worm WORM/NetSky.X --> Mailbox_[From: SouthTrust Bank <custservice_578127576@southtru][subject: SouthTrust Bank - Urgent Security Notice [sat, ]30.mim [DETECTION] Enthält Signatur der Phish-Datei/Email PHISH/SunBkfraud.G --> Mailbox_[From: MAILER-DAEMON@wanadoo.fr (Mail Delivery System)][subject: Undelivered Mail Returned to Sender]86.mim [1] Archive type: MIME --> file2.mim [2] Archive type: MIME --> document.pif [DETECTION] Contains signature of the worm WORM/NetSky.Q.13 --> Mailbox_[From: SouthTrust <custservice_id_9166766141648@southt][subject: Important information from SouthTrust Bank bill]90.mim [DETECTION] Enthält Signatur der Phish-Datei/Email PHISH/SunBkfraud.G --> Mailbox_[From: SouthTrust Bank <custservice_id_48100590534202@][subject: SOUTHTRUST BANK: PLEASE CONFIRM YOUR INTERNET B]98.mim [DETECTION] Enthält Signatur der Phish-Datei/Email PHISH/SunBkfraud.G --> Mailbox_[From: berrard.j.jacques@wanodoo.fr][subject: [avast! - INFECTED] Mail Delivery (failure wi]114.mim [1] Archive type: MIME --> file0.mim [2] Archive type: MIME --> file1.html [DETECTION] Contains signature of the worm WORM/NetSky.P.Expl --> Mailbox_[From: athletisme.stade-villeneuvois@wanadoo.fr][subject: [avast! - INFECTED] Mail Delivery (failure w.]156.mim [1] Archive type: MIME --> file0.mim [2] Archive type: MIME --> file1.html [DETECTION] Contains signature of the worm WORM/NetSky.P.Expl --> Mailbox_[From: guy.chuiton@wanadoo.fr][subject: [avast! - INFECTED] Mail Delivery (failure w.]158.mim [1] Archive type: MIME --> file0.mim [2] Archive type: MIME --> file1.html [DETECTION] Contains signature of the worm WORM/NetSky.P.Expl --> Mailbox_[From: shaista@wanadoo.fr][subject: [avast! - INFECTED] Mail Delivery (failure w.]170.mim [1] Archive type: MIME --> file0.mim [2] Archive type: MIME --> file1.html [DETECTION] Contains signature of the worm WORM/NetSky.P.Expl --> Mailbox_[From: SOUTHTRUST <supprefnum607312390020@southtrust.c][subject: URGENT SECURITY NOTIFICATION]190.mim [DETECTION] Enthält Signatur der Phish-Datei/Email PHISH/SunBkfraud.G --> Mailbox_[From: saintagnant.athle@9online.fr][subject: [avast! - INFECTED] Mail Delivery (failure wi]200.mim [1] Archive type: MIME --> file0.mim [2] Archive type: MIME --> file1.html [DETECTION] Contains signature of the worm WORM/NetSky.P.Expl --> Mailbox_[From: ldeseynes@aol.com][subject: [avast! - INFECTED] Mail Delivery (failure w.]216.mim [1] Archive type: MIME --> file0.mim [2] Archive type: MIME --> file1.html [DETECTION] Contains signature of the worm WORM/NetSky.P.Expl --> Mailbox_[From: MAILER-DAEMON@wanadoo.fr (Mail Delivery System)][subject: Undelivered Mail Returned to Sender]220.mim [1] Archive type: MIME --> file2.mim [2] Archive type: MIME --> file0.mim [3] Archive type: MIME --> file1.html [DETECTION] Contains signature of the worm WORM/NetSky.P.Expl --> Mailbox_[From: je.suis.un.canard@caramail.com][subject: [avast! - INFECTED] Mail Delivery (failure w.]222.mim [1] Archive type: MIME --> file0.mim [2] Archive type: MIME --> file1.html [DETECTION] Contains signature of the worm WORM/NetSky.P.Expl --> Mailbox_[From: vivipiv@hotmail.com][subject: [avast! - INFECTED] Mail Delivery (failure w.]234.mim [1] Archive type: MIME --> file0.mim [2] Archive type: MIME --> file1.html [DETECTION] Contains signature of the worm WORM/NetSky.P.Expl --> Mailbox_[From: SouthTrust <custservice_id_0559853510@southtrus][subject: SOUTHTRUST BANK - SECURITY UPDATE]260.mim [DETECTION] Enthält Signatur der Phish-Datei/Email PHISH/SunBkfraud.G --> Mailbox_[From: waly108@hotmail.com][subject: [avast! - INFECTED] Mail Delivery (failure w.]450.mim [1] Archive type: MIME --> file0.mim [2] Archive type: MIME --> file1.html [DETECTION] Contains signature of the worm WORM/NetSky.P.Expl --> Mailbox_[From: ligue.athle.guyane@wanadoo.fr][subject: [avast! - INFECTED] Mail Delivery (failure w.]480.mim [1] Archive type: MIME --> file0.mim [2] Archive type: MIME --> file1.html [DETECTION] Contains signature of the worm WORM/NetSky.P.Expl --> Mailbox_[From: michelmag2@wanadoo.fr][subject: [avast! - INFECTED] Mail Delivery (failure w.]490.mim [1] Archive type: MIME --> file0.mim [2] Archive type: MIME --> file1.html [DETECTION] Contains signature of the worm WORM/NetSky.P.Expl [WARNING] The file was ignored! C:\Documents and Settings\Propriétaire\NTUSER.DAT [WARNING] The file could not be opened! C:\Documents and Settings\Propriétaire\ntuser.dat.LOG [WARNING] The file could not be opened! C:\Documents and Settings\Propriétaire\Application Data\Thunderbird\Profiles\t0sn79qj.default\Mail\Local Folders\Inbox [0] Archive type: Netscape/Mozilla Mailbox --> Mailbox_[From: SouthTrust <custservice_id_9166766141648@southt][subject: Important information from SouthTrust Bank bill]30.mim [DETECTION] Enthält Signatur der Phish-Datei/Email PHISH/SunBkfraud.G --> Mailbox_[From: MAILER-DAEMON@wanadoo.fr (Mail Delivery System)][subject: Undelivered Mail Returned to Sender]40.mim [1] Archive type: MIME --> file2.mim [2] Archive type: MIME --> document.pif [DETECTION] Contains signature of the worm WORM/NetSky.Q.13 --> Mailbox_[From: SouthTrust Bank <custservice_id_48100590534202@][subject: SOUTHTRUST BANK: PLEASE CONFIRM YOUR INTERNET B]44.mim [DETECTION] Enthält Signatur der Phish-Datei/Email PHISH/SunBkfraud.G --> Mailbox_[From: berrard.j.jacques@wanodoo.fr][subject: [avast! - INFECTED] Mail Delivery (failure wi]48.mim [1] Archive type: MIME --> file0.mim [2] Archive type: MIME --> file1.html [DETECTION] Contains signature of the worm WORM/NetSky.P.Expl --> Mailbox_[From: guy.chuiton@wanadoo.fr][subject: [avast! - INFECTED] Mail Delivery (failure w.]96.mim [1] Archive type: MIME --> file0.mim [2] Archive type: MIME --> file1.html [DETECTION] Contains signature of the worm WORM/NetSky.P.Expl --> Mailbox_[From: athletisme.stade-villeneuvois@wanadoo.fr][subject: [avast! - INFECTED] Mail Delivery (failure w.]102.mim [1] Archive type: MIME --> file0.mim [2] Archive type: MIME --> file1.html [DETECTION] Contains signature of the worm WORM/NetSky.P.Expl --> Mailbox_[From: shaista@wanadoo.fr][subject: [avast! - INFECTED] Mail Delivery (failure w.]110.mim [1] Archive type: MIME --> file0.mim [2] Archive type: MIME --> file1.html [DETECTION] Contains signature of the worm WORM/NetSky.P.Expl --> Mailbox_[From: saintagnant.athle@9online.fr][subject: [avast! - INFECTED] Mail Delivery (failure wi]134.mim [1] Archive type: MIME --> file0.mim [2] Archive type: MIME --> file1.html [DETECTION] Contains signature of the worm WORM/NetSky.P.Expl --> Mailbox_[From: SOUTHTRUST <supprefnum607312390020@southtrust.c][subject: URGENT SECURITY NOTIFICATION]142.mim [DETECTION] Enthält Signatur der Phish-Datei/Email PHISH/SunBkfraud.G --> Mailbox_[From: ldeseynes@aol.com][subject: [avast! - INFECTED] Mail Delivery (failure w.]162.mim [1] Archive type: MIME --> file0.mim [2] Archive type: MIME --> file1.html [DETECTION] Contains signature of the worm WORM/NetSky.P.Expl --> Mailbox_[From: MAILER-DAEMON@wanadoo.fr (Mail Delivery System)][subject: Undelivered Mail Returned to Sender]164.mim [1] Archive type: MIME --> file2.mim [2] Archive type: MIME --> file0.mim [3] Archive type: MIME --> file1.html [DETECTION] Contains signature of the worm WORM/NetSky.P.Expl --> Mailbox_[From: je.suis.un.canard@caramail.com][subject: [avast! - INFECTED] Mail Delivery (failure w.]168.mim [1] Archive type: MIME --> file0.mim [2] Archive type: MIME --> file1.html [DETECTION] Contains signature of the worm WORM/NetSky.P.Expl --> Mailbox_[From: vivipiv@hotmail.com][subject: [avast! - INFECTED] Mail Delivery (failure w.]176.mim [1] Archive type: MIME --> file0.mim [2] Archive type: MIME --> file1.html [DETECTION] Contains signature of the worm WORM/NetSky.P.Expl --> Mailbox_[From: SouthTrust <custservice_id_0559853510@southtrus][subject: SOUTHTRUST BANK - SECURITY UPDATE]184.mim [DETECTION] Enthält Signatur der Phish-Datei/Email PHISH/SunBkfraud.G --> Mailbox_[From: waly108@hotmail.com][subject: [avast! - INFECTED] Mail Delivery (failure w.]372.mim [1] Archive type: MIME --> file0.mim [2] Archive type: MIME --> file1.html [DETECTION] Contains signature of the worm WORM/NetSky.P.Expl --> Mailbox_[From: ligue.athle.guyane@wanadoo.fr][subject: [avast! - INFECTED] Mail Delivery (failure w.]402.mim [1] Archive type: MIME --> file0.mim [2] Archive type: MIME --> file1.html [DETECTION] Contains signature of the worm WORM/NetSky.P.Expl --> Mailbox_[From: michelmag2@wanadoo.fr][subject: [avast! - INFECTED] Mail Delivery (failure w.]406.mim [1] Archive type: MIME --> file0.mim [2] Archive type: MIME --> file1.html [DETECTION] Contains signature of the worm WORM/NetSky.P.Expl --> Mailbox_[From: extincteur@hotmail.com][subject: Mail Delivery (failure w.widendaele@tiscali.fr)]416.mim [1] Archive type: MIME --> file0.mim [2] Archive type: MIME --> file1.html [DETECTION] Contains signature of the worm WORM/NetSky.P.Expl --> message.scr [DETECTION] Contains signature of the worm WORM/NetSky.P --> Mailbox_[From: tmadisclaire@wanadoo.fr][subject: Mail Delivery (failure w.widendaele@tiscali.fr)]418.mim [1] Archive type: MIME --> file0.mim [2] Archive type: MIME --> file1.html [DETECTION] Contains signature of the worm WORM/NetSky.P.Expl --> message.scr [DETECTION] Contains signature of the worm WORM/NetSky.P --> Mailbox_[From: support@symantec.com][subject: Re: Virus Sample]420.mim [1] Archive type: MIME --> signature.zip [DETECTION] Contains signature of the worm WORM/NetSky.P [2] Archive type: ZIP --> details.txt .pif [DETECTION] Contains signature of the worm WORM/NetSky.P --> Mailbox_[From: "Andrew Smith" <andrew1996@yahoo.com> ][subject: 123 ]596.mim [1] Archive type: MIME --> PlayGirls2.exe [DETECTION] Contains signature of the worm WORM/Maslan.A.2 --> Mailbox_[From: robert.dedieu@free.fr][subject: Re: Your bill]686.mim [1] Archive type: MIME --> your_bill.pif [DETECTION] Contains signature of the worm WORM/Netsky.K --> Mailbox_[From: info@adc-soft.com][subject: smtp mail failed]764.mim [1] Archive type: MIME --> mail_body.zip [DETECTION] Contains signature of the worm WORM/Sober.Y [2] Archive type: ZIP --> File-packed_dataInfo.exe [DETECTION] Contains signature of the worm WORM/Sober.Y --> Mailbox_[From: hostmaster@cegetel.net][subject: Mail delivery failed]772.mim [1] Archive type: MIME --> mail_body.zip [DETECTION] Contains signature of the worm WORM/Sober.Y [2] Archive type: ZIP --> File-packed_dataInfo.exe [DETECTION] Contains signature of the worm WORM/Sober.Y --> Mailbox_[From: "Andrew Smith" <andrew1996@yahoo.com> ][subject: 123 ]782.mim [1] Archive type: MIME --> PlayGirls2.exe [DETECTION] Contains signature of the worm WORM/Maslan.A.2 --> Mailbox_[From: info@presence-pc.com][subject: Mail delivery failed]786.mim [1] Archive type: MIME --> mail_body.zip [DETECTION] Contains signature of the worm WORM/Sober.Y [2] Archive type: ZIP --> File-packed_dataInfo.exe [DETECTION] Contains signature of the worm WORM/Sober.Y --> Mailbox_[From: postman@semimarathon-lille.com][subject: Your_Password]800.mim [1] Archive type: MIME --> reg_pass.zip [DETECTION] Contains signature of the worm WORM/Sober.Y [2] Archive type: ZIP --> File-packed_dataInfo.exe [DETECTION] Contains signature of the worm WORM/Sober.Y --> Mailbox_[From: modeste04a@infonie.fr][subject: hi,_ive_a_new_mail_address]820.mim [1] Archive type: MIME --> mailtext.zip [DETECTION] Contains signature of the worm WORM/Sober.Y [2] Archive type: ZIP --> File-packed_dataInfo.exe [DETECTION] Contains signature of the worm WORM/Sober.Y --> Mailbox_[From: info@fr.ibm.com][subject: Paris Hilton & Nicole Richie]830.mim [1] Archive type: MIME --> downloadm.zip [DETECTION] Contains signature of the worm WORM/Sober.Y [2] Archive type: ZIP --> File-packed_dataInfo.exe [DETECTION] Contains signature of the worm WORM/Sober.Y --> Mailbox_[From: office@wanadoo.fr][subject: Paris Hilton & Nicole Richie]858.mim [1] Archive type: MIME --> downloadm.zip [DETECTION] Contains signature of the worm WORM/Sober.Y [2] Archive type: ZIP --> File-packed_dataInfo.exe [DETECTION] Contains signature of the worm WORM/Sober.Y --> Mailbox_[From: Mail@fbi.gov][subject: You visit illegal websites]862.mim [1] Archive type: MIME --> question_list.zip [DETECTION] Contains signature of the worm WORM/Sober.Y [2] Archive type: ZIP --> File-packed_dataInfo.exe [DETECTION] Contains signature of the worm WORM/Sober.Y --> Mailbox_[From: "Andrew Smith" <andrew1996@yahoo.com> ][subject: 123 ]864.mim [1] Archive type: MIME --> PlayGirls2.exe [DETECTION] Contains signature of the worm WORM/Maslan.A.2 --> Mailbox_[From: "Andrew Smith" <andrew1996@yahoo.com> ][subject: 123 ]880.mim [1] Archive type: MIME --> PlayGirls2.exe [DETECTION] Contains signature of the worm WORM/Maslan.A.2 --> Mailbox_[From: info@freesbee.fr][subject: Mail delivery failed]890.mim [1] Archive type: MIME --> mail_body.zip [DETECTION] Contains signature of the worm WORM/Sober.Y [2] Archive type: ZIP --> File-packed_dataInfo.exe [DETECTION] Contains signature of the worm WORM/Sober.Y --> Mailbox_[From: "Andrew Smith" <andrew1996@yahoo.com> ][subject: 123 ]892.mim [1] Archive type: MIME --> PlayGirls2.exe [DETECTION] Contains signature of the worm WORM/Maslan.A.2 --> Mailbox_[From: "Andrew Smith" <andrew1996@yahoo.com> ][subject: 123 ]910.mim [1] Archive type: MIME --> PlayGirls2.exe [DETECTION] Contains signature of the worm WORM/Maslan.A.2 --> Mailbox_[From: "Alsg.jpcabret" <alsg.jpcabret@wanadoo.fr>][subject: Registration is accepted]1254.mim [1] Archive type: MIME --> zupd02.zip [2] Archive type: ZIP --> tjzxtsl.exe [DETECTION] Contains signature of the worm WORM/Bagle.FH --> Mailbox_[From: "VISA Service" <VisaService@visa.com>][subject: Attention! Several VISA Credit Card bases have ]1360.mim [DETECTION] Enthält Signatur der Phish-Datei/Email PHISH/VisaFraud.B [1] Archive type: MIME --> file0.html [DETECTION] Enthält Signatur der Phish-Datei/Email PHISH/VisaFraud.B --> Mailbox_[From: "Andrew Smith" <andrew1996@yahoo.com> ][subject: 123 ]1628.mim [1] Archive type: MIME --> PlayGirls2.exe [DETECTION] Contains signature of the worm WORM/Maslan.A.2 --> Mailbox_[From: CitiBusiness Security Staff <securitystaff@citi][subject: CitiBusiness department banking software change]1666.mim [DETECTION] Enthält Signatur der Phish-Datei/Email PHISH/CitiBkfrau.Z1 [1] Archive type: MIME --> file0.html [DETECTION] Enthält Signatur der Phish-Datei/Email PHISH/CitiBkfrau.Z1 --> cblogo.gif [DETECTION] Enthält Signatur der Phish-Datei/Email PHISH/CitiBkfr.Z1.A --> citilogo.gif [DETECTION] Enthält Signatur der Phish-Datei/Email PHISH/CitiBkfr.Z1.B --> Mailbox_[From: MidAmerica Bank <pw-conf@midamerica.com>][subject: Update account information]2670.mim [DETECTION] Enthält Signatur der Phish-Datei/Email PHISH/Midamerica.A [1] Archive type: MIME --> file1.html [DETECTION] Enthält Signatur der Phish-Datei/Email PHISH/Midamerica.A --> Mailbox_[From: MidAmerica Bank <aw-conf@midamerica.com>][subject: Security Measures]2674.mim [DETECTION] Enthält Signatur der Phish-Datei/Email PHISH/Midamerica.A [1] Archive type: MIME --> file1.html [DETECTION] Enthält Signatur der Phish-Datei/Email PHISH/Midamerica.A [WARNING] The file was ignored! C:\Documents and Settings\Propriétaire\Application Data\Thunderbird\Profiles\t0sn79qj.default\Mail\Local Folders\Trash [0] Archive type: Netscape/Mozilla Mailbox --> Mailbox_[From: "Andrew Smith" <andrew1996@yahoo.com> ][subject: 123 ]194.mim [1] Archive type: MIME --> PlayGirls2.exe [DETECTION] Contains signature of the worm WORM/Maslan.A.2 --> Mailbox_[From: robert.dedieu@free.fr][subject: Re: Your bill]276.mim [1] Archive type: MIME --> your_bill.pif [DETECTION] Contains signature of the worm WORM/Netsky.K --> Mailbox_[From: info@adc-soft.com][subject: smtp mail failed]352.mim [1] Archive type: MIME --> mail_body.zip [DETECTION] Contains signature of the worm WORM/Sober.Y [2] Archive type: ZIP --> File-packed_dataInfo.exe [DETECTION] Contains signature of the worm WORM/Sober.Y --> Mailbox_[From: hostmaster@cegetel.net][subject: Mail delivery failed]356.mim [1] Archive type: MIME --> mail_body.zip [DETECTION] Contains signature of the worm WORM/Sober.Y [2] Archive type: ZIP --> File-packed_dataInfo.exe [DETECTION] Contains signature of the worm WORM/Sober.Y --> Mailbox_[From: "Andrew Smith" <andrew1996@yahoo.com> ][subject: 123 ]382.mim [1] Archive type: MIME --> PlayGirls2.exe [DETECTION] Contains signature of the worm WORM/Maslan.A.2 --> Mailbox_[From: info@presence-pc.com][subject: Mail delivery failed]390.mim [1] Archive type: MIME --> mail_body.zip [DETECTION] Contains signature of the worm WORM/Sober.Y [2] Archive type: ZIP --> File-packed_dataInfo.exe [DETECTION] Contains signature of the worm WORM/Sober.Y --> Mailbox_[From: postman@semimarathon-lille.com][subject: Your_Password]402.mim [1] Archive type: MIME --> reg_pass.zip [DETECTION] Contains signature of the worm WORM/Sober.Y [2] Archive type: ZIP --> File-packed_dataInfo.exe [DETECTION] Contains signature of the worm WORM/Sober.Y --> Mailbox_[From: modeste04a@infonie.fr][subject: hi,_ive_a_new_mail_address]416.mim [1] Archive type: MIME --> mailtext.zip [DETECTION] Contains signature of the worm WORM/Sober.Y [2] Archive type: ZIP --> File-packed_dataInfo.exe [DETECTION] Contains signature of the worm WORM/Sober.Y --> Mailbox_[From: info@fr.ibm.com][subject: Paris Hilton & Nicole Richie]422.mim [1] Archive type: MIME --> downloadm.zip [DETECTION] Contains signature of the worm WORM/Sober.Y [2] Archive type: ZIP --> File-packed_dataInfo.exe [DETECTION] Contains signature of the worm WORM/Sober.Y --> Mailbox_[From: office@wanadoo.fr][subject: Paris Hilton & Nicole Richie]452.mim [1] Archive type: MIME --> downloadm.zip [DETECTION] Contains signature of the worm WORM/Sober.Y [2] Archive type: ZIP --> File-packed_dataInfo.exe [DETECTION] Contains signature of the worm WORM/Sober.Y --> Mailbox_[From: Mail@fbi.gov][subject: You visit illegal websites]456.mim [1] Archive type: MIME --> question_list.zip [DETECTION] Contains signature of the worm WORM/Sober.Y [2] Archive type: ZIP --> File-packed_dataInfo.exe [DETECTION] Contains signature of the worm WORM/Sober.Y --> Mailbox_[From: "Andrew Smith" <andrew1996@yahoo.com> ][subject: 123 ]458.mim [1] Archive type: MIME --> PlayGirls2.exe [DETECTION] Contains signature of the worm WORM/Maslan.A.2 --> Mailbox_[From: "Andrew Smith" <andrew1996@yahoo.com> ][subject: 123 ]478.mim [1] Archive type: MIME --> PlayGirls2.exe [DETECTION] Contains signature of the worm WORM/Maslan.A.2 --> Mailbox_[From: info@freesbee.fr][subject: Mail delivery failed]484.mim [1] Archive type: MIME --> mail_body.zip [DETECTION] Contains signature of the worm WORM/Sober.Y [2] Archive type: ZIP --> File-packed_dataInfo.exe [DETECTION] Contains signature of the worm WORM/Sober.Y --> Mailbox_[From: "Andrew Smith" <andrew1996@yahoo.com> ][subject: 123 ]486.mim [1] Archive type: MIME --> PlayGirls2.exe [DETECTION] Contains signature of the worm WORM/Maslan.A.2 --> Mailbox_[From: "Andrew Smith" <andrew1996@yahoo.com> ][subject: 123 ]504.mim [1] Archive type: MIME --> PlayGirls2.exe [DETECTION] Contains signature of the worm WORM/Maslan.A.2 --> Mailbox_[From: "Alsg.jpcabret" <alsg.jpcabret@wanadoo.fr>][subject: Registration is accepted]874.mim [1] Archive type: MIME --> zupd02.zip [2] Archive type: ZIP --> tjzxtsl.exe [DETECTION] Contains signature of the worm WORM/Bagle.FH --> Mailbox_[From: "VISA Service" <VisaService@visa.com>][subject: Attention! Several VISA Credit Card bases have ]978.mim [DETECTION] Enthält Signatur der Phish-Datei/Email PHISH/VisaFraud.B [1] Archive type: MIME --> file0.html [DETECTION] Enthält Signatur der Phish-Datei/Email PHISH/VisaFraud.B --> Mailbox_[From: "Andrew Smith" <andrew1996@yahoo.com> ][subject: 123 ]1248.mim [1] Archive type: MIME --> PlayGirls2.exe [DETECTION] Contains signature of the worm WORM/Maslan.A.2 --> Mailbox_[From: CitiBusiness Security Staff <securitystaff@citi][subject: CitiBusiness department banking software change]1296.mim [DETECTION] Enthält Signatur der Phish-Datei/Email PHISH/CitiBkfrau.Z1 [1] Archive type: MIME --> file0.html [DETECTION] Enthält Signatur der Phish-Datei/Email PHISH/CitiBkfrau.Z1 --> cblogo.gif [DETECTION] Enthält Signatur der Phish-Datei/Email PHISH/CitiBkfr.Z1.A --> citilogo.gif [DETECTION] Enthält Signatur der Phish-Datei/Email PHISH/CitiBkfr.Z1.B --> Mailbox_[From: MidAmerica Bank <pw-conf@midamerica.com>][subject: Update account information]2274.mim [DETECTION] Enthält Signatur der Phish-Datei/Email PHISH/Midamerica.A [1] Archive type: MIME --> file1.html [DETECTION] Enthält Signatur der Phish-Datei/Email PHISH/Midamerica.A --> Mailbox_[From: MidAmerica Bank <aw-conf@midamerica.com>][subject: Security Measures]2306.mim [DETECTION] Enthält Signatur der Phish-Datei/Email PHISH/Midamerica.A [1] Archive type: MIME --> file1.html [DETECTION] Enthält Signatur der Phish-Datei/Email PHISH/Midamerica.A [WARNING] The file was ignored! C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat [WARNING] The file could not be opened! C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG [WARNING] The file could not be opened! C:\WINDOWS\zipo0.txt [DETECTION] Contains signature of the worm WORM/NetSky.Q.3 [iNFO] The file was deleted! C:\WINDOWS\zipo1.txt [DETECTION] Contains signature of the worm WORM/NetSky.Q.4 [iNFO] The file was deleted! C:\WINDOWS\zipo2.txt [DETECTION] Contains signature of the worm WORM/NetSky.Q.5 [iNFO] The file was deleted! C:\WINDOWS\zipo3.txt [DETECTION] Contains signature of the worm WORM/NetSky.Q.5 [iNFO] The file was deleted! C:\WINDOWS\system32\EGDACCESS.dll [DETECTION] Contains signature of the dial-up program DIAL/301999 [iNFO] The file was deleted! C:\WINDOWS\system32\EGDACCESS_1055.dll [DETECTION] Contains signature of the dial-up program DIAL/61440.A [iNFO] The file was deleted! C:\WINDOWS\system32\EGDACCESS_1057.dll [DETECTION] Contains signature of the dial-up program DIAL/301999 [iNFO] The file was deleted! C:\WINDOWS\system32\osconfig.dll [DETECTION] Contains signature of the SPR/MarketScode.C program [iNFO] The file was deleted! C:\WINDOWS\system32\config\default [WARNING] The file could not be opened! C:\WINDOWS\system32\config\default.LOG [WARNING] The file could not be opened! C:\WINDOWS\system32\config\SAM [WARNING] The file could not be opened! C:\WINDOWS\system32\config\SAM.LOG [WARNING] The file could not be opened! C:\WINDOWS\system32\config\SECURITY [WARNING] The file could not be opened! C:\WINDOWS\system32\config\SECURITY.LOG [WARNING] The file could not be opened! C:\WINDOWS\system32\config\software [WARNING] The file could not be opened! C:\WINDOWS\system32\config\software.LOG [WARNING] The file could not be opened! C:\WINDOWS\system32\config\system [WARNING] The file could not be opened! C:\WINDOWS\system32\config\system.LOG [WARNING] The file could not be opened! C:\WINDOWS\system32\config\systemprofile\Application Data\Thunderbird\Profiles\t0sn79qj.default\Mail\Local Folders\Inbox [0] Archive type: Netscape/Mozilla Mailbox --> Mailbox_[From: SouthTrust <custservice_id_9166766141648@southt][subject: Important information from SouthTrust Bank bill]30.mim [DETECTION] Enthält Signatur der Phish-Datei/Email PHISH/SunBkfraud.G --> Mailbox_[From: MAILER-DAEMON@wanadoo.fr (Mail Delivery System)][subject: Undelivered Mail Returned to Sender]40.mim [1] Archive type: MIME --> file2.mim [2] Archive type: MIME --> document.pif [DETECTION] Contains signature of the worm WORM/NetSky.Q.13 --> Mailbox_[From: SouthTrust Bank <custservice_id_48100590534202@][subject: SOUTHTRUST BANK: PLEASE CONFIRM YOUR INTERNET B]44.mim [DETECTION] Enthält Signatur der Phish-Datei/Email PHISH/SunBkfraud.G --> Mailbox_[From: berrard.j.jacques@wanodoo.fr][subject: [avast! - INFECTED] Mail Delivery (failure wi]48.mim [1] Archive type: MIME --> file0.mim [2] Archive type: MIME --> file1.html [DETECTION] Contains signature of the worm WORM/NetSky.P.Expl --> Mailbox_[From: guy.chuiton@wanadoo.fr][subject: [avast! - INFECTED] Mail Delivery (failure w.]96.mim [1] Archive type: MIME --> file0.mim [2] Archive type: MIME --> file1.html [DETECTION] Contains signature of the worm WORM/NetSky.P.Expl --> Mailbox_[From: athletisme.stade-villeneuvois@wanadoo.fr][subject: [avast! - INFECTED] Mail Delivery (failure w.]102.mim [1] Archive type: MIME --> file0.mim [2] Archive type: MIME --> file1.html [DETECTION] Contains signature of the worm WORM/NetSky.P.Expl --> Mailbox_[From: shaista@wanadoo.fr][subject: [avast! - INFECTED] Mail Delivery (failure w.]110.mim [1] Archive type: MIME --> file0.mim [2] Archive type: MIME --> file1.html [DETECTION] Contains signature of the worm WORM/NetSky.P.Expl --> Mailbox_[From: saintagnant.athle@9online.fr][subject: [avast! - INFECTED] Mail Delivery (failure wi]134.mim [1] Archive type: MIME --> file0.mim [2] Archive type: MIME --> file1.html [DETECTION] Contains signature of the worm WORM/NetSky.P.Expl --> Mailbox_[From: SOUTHTRUST <supprefnum607312390020@southtrust.c][subject: URGENT SECURITY NOTIFICATION]142.mim [DETECTION] Enthält Signatur der Phish-Datei/Email PHISH/SunBkfraud.G --> Mailbox_[From: ldeseynes@aol.com][subject: [avast! - INFECTED] Mail Delivery (failure w.]162.mim [1] Archive type: MIME --> file0.mim [2] Archive type: MIME --> file1.html [DETECTION] Contains signature of the worm WORM/NetSky.P.Expl --> Mailbox_[From: MAILER-DAEMON@wanadoo.fr (Mail Delivery System)][subject: Undelivered Mail Returned to Sender]164.mim [1] Archive type: MIME --> file2.mim [2] Archive type: MIME --> file0.mim [3] Archive type: MIME --> file1.html [DETECTION] Contains signature of the worm WORM/NetSky.P.Expl --> Mailbox_[From: je.suis.un.canard@caramail.com][subject: [avast! - INFECTED] Mail Delivery (failure w.]168.mim [1] Archive type: MIME --> file0.mim [2] Archive type: MIME --> file1.html [DETECTION] Contains signature of the worm WORM/NetSky.P.Expl --> Mailbox_[From: vivipiv@hotmail.com][subject: [avast! - INFECTED] Mail Delivery (failure w.]176.mim [1] Archive type: MIME --> file0.mim [2] Archive type: MIME --> file1.html [DETECTION] Contains signature of the worm WORM/NetSky.P.Expl --> Mailbox_[From: SouthTrust <custservice_id_0559853510@southtrus][subject: SOUTHTRUST BANK - SECURITY UPDATE]184.mim [DETECTION] Enthält Signatur der Phish-Datei/Email PHISH/SunBkfraud.G --> Mailbox_[From: waly108@hotmail.com][subject: [avast! - INFECTED] Mail Delivery (failure w.]372.mim [1] Archive type: MIME --> file0.mim [2] Archive type: MIME --> file1.html [DETECTION] Contains signature of the worm WORM/NetSky.P.Expl --> Mailbox_[From: ligue.athle.guyane@wanadoo.fr][subject: [avast! - INFECTED] Mail Delivery (failure w.]402.mim [1] Archive type: MIME --> file0.mim [2] Archive type: MIME --> file1.html [DETECTION] Contains signature of the worm WORM/NetSky.P.Expl --> Mailbox_[From: michelmag2@wanadoo.fr][subject: [avast! - INFECTED] Mail Delivery (failure w.]406.mim [1] Archive type: MIME --> file0.mim [2] Archive type: MIME --> file1.html [DETECTION] Contains signature of the worm WORM/NetSky.P.Expl [WARNING] The file was ignored! C:\WINDOWS\system32\config\systemprofile\Application Data\Thunderbird\Profiles\t0sn79qj.default\Mail\Local Folders\Trash [0] Archive type: Netscape/Mozilla Mailbox --> Mailbox_[From: SouthTrust Bank <custservice_id_980620@southtru][subject: SouthTrust Bank security maintenance]26.mim [DETECTION] Enthält Signatur der Phish-Datei/Email PHISH/SunBkfraud.G --> Mailbox_[From: andre.duval10@wanadoo.fr][subject: Re: document]28.mim [DETECTION] Contains signature of the worm WORM/Netsky.X [1] Archive type: MIME --> document.pif [DETECTION] Contains signature of the worm WORM/NetSky.X --> Mailbox_[From: SouthTrust Bank <custservice_578127576@southtru][subject: SouthTrust Bank - Urgent Security Notice [sat, ]30.mim [DETECTION] Enthält Signatur der Phish-Datei/Email PHISH/SunBkfraud.G --> Mailbox_[From: MAILER-DAEMON@wanadoo.fr (Mail Delivery System)][subject: Undelivered Mail Returned to Sender]86.mim [1] Archive type: MIME --> file2.mim [2] Archive type: MIME --> document.pif [DETECTION] Contains signature of the worm WORM/NetSky.Q.13 --> Mailbox_[From: SouthTrust <custservice_id_9166766141648@southt][subject: Important information from SouthTrust Bank bill]90.mim [DETECTION] Enthält Signatur der Phish-Datei/Email PHISH/SunBkfraud.G --> Mailbox_[From: SouthTrust Bank <custservice_id_48100590534202@][subject: SOUTHTRUST BANK: PLEASE CONFIRM YOUR INTERNET B]98.mim [DETECTION] Enthält Signatur der Phish-Datei/Email PHISH/SunBkfraud.G --> Mailbox_[From: berrard.j.jacques@wanodoo.fr][subject: [avast! - INFECTED] Mail Delivery (failure wi]114.mim [1] Archive type: MIME --> file0.mim [2] Archive type: MIME --> file1.html [DETECTION] Contains signature of the worm WORM/NetSky.P.Expl --> Mailbox_[From: athletisme.stade-villeneuvois@wanadoo.fr][subject: [avast! - INFECTED] Mail Delivery (failure w.]156.mim [1] Archive type: MIME --> file0.mim [2] Archive type: MIME --> file1.html [DETECTION] Contains signature of the worm WORM/NetSky.P.Expl --> Mailbox_[From: guy.chuiton@wanadoo.fr][subject: [avast! - INFECTED] Mail Delivery (failure w.]158.mim [1] Archive type: MIME --> file0.mim [2] Archive type: MIME --> file1.html [DETECTION] Contains signature of the worm WORM/NetSky.P.Expl --> Mailbox_[From: shaista@wanadoo.fr][subject: [avast! - INFECTED] Mail Delivery (failure w.]170.mim [1] Archive type: MIME --> file0.mim [2] Archive type: MIME --> file1.html [DETECTION] Contains signature of the worm WORM/NetSky.P.Expl --> Mailbox_[From: SOUTHTRUST <supprefnum607312390020@southtrust.c][subject: URGENT SECURITY NOTIFICATION]190.mim [DETECTION] Enthält Signatur der Phish-Datei/Email PHISH/SunBkfraud.G --> Mailbox_[From: saintagnant.athle@9online.fr][subject: [avast! - INFECTED] Mail Delivery (failure wi]200.mim [1] Archive type: MIME --> file0.mim [2] Archive type: MIME --> file1.html [DETECTION] Contains signature of the worm WORM/NetSky.P.Expl --> Mailbox_[From: ldeseynes@aol.com][subject: [avast! - INFECTED] Mail Delivery (failure w.]216.mim [1] Archive type: MIME --> file0.mim [2] Archive type: MIME --> file1.html [DETECTION] Contains signature of the worm WORM/NetSky.P.Expl --> Mailbox_[From: MAILER-DAEMON@wanadoo.fr (Mail Delivery System)][subject: Undelivered Mail Returned to Sender]220.mim [1] Archive type: MIME --> file2.mim [2] Archive type: MIME --> file0.mim [3] Archive type: MIME --> file1.html [DETECTION] Contains signature of the worm WORM/NetSky.P.Expl --> Mailbox_[From: je.suis.un.canard@caramail.com][subject: [avast! - INFECTED] Mail Delivery (failure w.]222.mim [1] Archive type: MIME --> file0.mim [2] Archive type: MIME --> file1.html [DETECTION] Contains signature of the worm WORM/NetSky.P.Expl --> Mailbox_[From: vivipiv@hotmail.com][subject: [avast! - INFECTED] Mail Delivery (failure w.]234.mim [1] Archive type: MIME --> file0.mim [2] Archive type: MIME --> file1.html [DETECTION] Contains signature of the worm WORM/NetSky.P.Expl --> Mailbox_[From: SouthTrust <custservice_id_0559853510@southtrus][subject: SOUTHTRUST BANK - SECURITY UPDATE]260.mim [DETECTION] Enthält Signatur der Phish-Datei/Email PHISH/SunBkfraud.G --> Mailbox_[From: waly108@hotmail.com][subject: [avast! - INFECTED] Mail Delivery (failure w.]450.mim [1] Archive type: MIME --> file0.mim [2] Archive type: MIME --> file1.html [DETECTION] Contains signature of the worm WORM/NetSky.P.Expl --> Mailbox_[From: ligue.athle.guyane@wanadoo.fr][subject: [avast! - INFECTED] Mail Delivery (failure w.]480.mim [1] Archive type: MIME --> file0.mim [2] Archive type: MIME --> file1.html [DETECTION] Contains signature of the worm WORM/NetSky.P.Expl --> Mailbox_[From: michelmag2@wanadoo.fr][subject: [avast! - INFECTED] Mail Delivery (failure w.]490.mim [1] Archive type: MIME --> file0.mim [2] Archive type: MIME --> file1.html [DETECTION] Contains signature of the worm WORM/NetSky.P.Expl [WARNING] The file was ignored! C:\WINDOWS\system32\P2P Networking\P2P Networking.exe [DETECTION] Contains suspicious code HEUR/Trojan.Keylogger [iNFO] The file was deleted! The path E:\ could not be found! Le périphérique n'est pas prêt. The path F:\ could not be found! Le périphérique n'est pas prêt. End of the scan: samedi 17 juin 2006 21:08 Used time: 3:23:33 min The scan has been done completely. 8168 Scanning directories 372779 Files were scanned 182 viruses and/or unwanted programs was found 9 files were deleted 0 files were repaired 0 files were moved to quarantine 0 files were renamed 24015 Archives were scanned 22 Warnings 0 Notes Pendant le scan, il est tombé sur bocou de mails (Y'A KE CA EN FAIT! LOL!!) ki lui était impossible à réparer ou supprimer, comment faire pour les traiter? Logfile of HijackThis v1.99.1 Scan saved at 23:14:59, on 17/06/2006 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\System32\nvsvc32.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\fxssvc.exe C:\WINDOWS\Explorer.EXE C:\windows\system\hpsysdrv.exe C:\Program Files\USB Storage RW\shwicon.exe C:\HP\KBD\KBD.EXE C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\VERITAS Software\Update Manager\sgtray.exe C:\WINDOWS\System32\RUNDLL32.EXE C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\WINDOWS\vsnpstd.exe C:\WINDOWS\VM_STI.EXE C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\WINDOWS\System32\rundll32.exe C:\Program Files\Advanced Messenger Plus\AdvMsg.exe C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe C:\Program Files\hp center\137903\Program\BackWeb-137903.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\SAGEM Wi-Fi USB 802.11g\WLANUTL.exe C:\Program Files\OpenOffice.org1.1.5\program\soffice.exe C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe C:\Documents and Settings\Propriétaire\Bureau\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr7.hpwis.com/ R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://srch-fr7.hpwis.com/ R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://srch-fr7.hpwis.com/ R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr7.hpwis.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://srch-fr7.hpwis.com/ R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://192.168.1.1/ServicesAcces.html R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe O4 - HKLM\..\Run: [KYE_Showicon] "C:\Program Files\USB Storage RW\shwicon.exe" -t"KYE\USB Storage RW" O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE O4 - HKLM\..\Run: [storageGuard] "C:\Program Files\VERITAS Software\Update Manager\sgtray.exe" /r O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe" O4 - HKLM\..\Run: [snpstd] C:\WINDOWS\vsnpstd.exe O4 - HKLM\..\Run: [bigDogPath] C:\WINDOWS\VM_STI.EXE VIMICRO USB PC Camera 301x O4 - HKLM\..\Run: [mmtask] "C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe" O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook O4 - Startup: OpenOffice.org 1.1.5.lnk = C:\Program Files\OpenOffice.org1.1.5\program\quickstart.exe O4 - Global Startup: Advanced Messenger Plus.lnk = C:\Program Files\Advanced Messenger Plus\AdvMsg.exe O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe O4 - Global Startup: Démarrage rapide du logiciel HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe O4 - Global Startup: hp center.lnk = C:\Program Files\hp center\137903\Program\BackWeb-137903.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O4 - Global Startup: Sagem - Utilitaire réseau pour Clé USB Wi-Fi 802.11g.lnk = ? O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html O8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Program Files\TuneUp Utilities 2004\WinStylerThemeSvc.exe merci d'avance!