Aller au contenu

  • Pas encore inscrit ?

    Pourquoi ne pas vous inscrire ? C'est simple, rapide et gratuit.
    Pour en savoir plus, lisez Les avantages de l'inscription... et la Charte de Zébulon.
    De plus, les messages que vous postez en tant qu'invité restent invisibles tant qu'un modérateur ne les a pas validés. Inscrivez-vous, ce sera un gain de temps pour tout le monde, vous, les helpeurs et les modérateurs ! :wink:

Problème double accent circonflexe

Nghia

Par Nghia
dans Analyses et éradication malwares

 Partager

Messages recommandés

Thanos Devil Member !

Thanos

Posté(e)
Posté(e) (modifié)

Il faut connaitre l'emplacement du fichier . Normalement c'est un fichier légitime. Pour t'en assurer tu peux le soumettre aux virusscans en ligne comme tu as fait pour jasched.exe et uinit.exe

 

AntiSpy l'a t'il détecté comme malware?

 

On le voit sur ton rapport hijackthis ici=>

 

O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\System32\igfxtray.exe

 

et ca n'est pas un malware, je te rassure!

 

Sur ce je vais allonger ma carcasse quelques heuresLOL , à plus tard!fais le scan chez Kaspersky quand tu peux.

Modifié par charles ingals

Nghia Member

Nghia

Posté(e)
  • Auteur
Posté(e)

voici le rapport kapersky

 

-------------------------------------------------------------------------------

KASPERSKY ON-LINE SCANNER REPORT

Thursday, January 26, 2006 10:30:20

Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600)

Kaspersky On-line Scanner version: 5.0.67.0

Kaspersky Anti-Virus database last update: 26/01/2006

Kaspersky Anti-Virus database records: 173187

-------------------------------------------------------------------------------

 

Scan Settings:

Scan using the following antivirus database: extended

Scan Archives: true

Scan Mail Bases: true

 

Scan Target - My Computer:

C:\

D:\

 

Scan Statistics:

Total number of scanned objects: 103034

Number of viruses found: 15

Number of infected objects: 225

Number of suspicious objects: 8

Duration of the scan process: 17158 sec

 

Infected Object Name - Virus Name

C:\Documents and Settings\Nghia Nguyen Dai\Local Settings\Application Data\Microsoft\Outlook\Outlook1.pst/Dossiers personnels/Deleted Items/07 Jan 2006 01:37 from eBay Inc:eBay Inc: urgent security notice.rtf Infected: Trojan-Spy.HTML.Bayfraud.hn

C:\Documents and Settings\Nghia Nguyen Dai\Local Settings\Application Data\Microsoft\Outlook\Outlook1.pst/Dossiers personnels/Deleted Items/06 Jan 2006 23:29 from eBay Inc:eBay Inc: Urgent Security Notice.rtf Infected: Trojan-Spy.HTML.Bayfraud.hn

C:\Documents and Settings\Nghia Nguyen Dai\Local Settings\Application Data\Microsoft\Outlook\Outlook1.pst/Dossiers personnels/Deleted Items/02 Jan 2006 07:07 from Mail Delivery System:Mail delivery failed.eml/[From "Contact" <contact@pdafrance.com>][Date Mon, 02 Jan 2006 08:06:52 +0100]/UNNAMED/foto3.com Infected: Email-Worm.Win32.Bagle.ah

C:\Documents and Settings\Nghia Nguyen Dai\Local Settings\Application Data\Microsoft\Outlook\Outlook1.pst/Dossiers personnels/Deleted Items/02 Jan 2006 07:07 from Mail Delivery System:Mail delivery failed.eml/[From "Contact" <contact@pdafrance.com>][Date Mon, 02 Jan 2006 08:06:52 +0100]/UNNAMED Infected: Email-Worm.Win32.Bagle.ah

C:\Documents and Settings\Nghia Nguyen Dai\Local Settings\Application Data\Microsoft\Outlook\Outlook1.pst/Dossiers personnels/Deleted Items/02 Jan 2006 07:07 from Mail Delivery System:Mail delivery failed.eml Infected: Email-Worm.Win32.Bagle.ah

C:\Documents and Settings\Nghia Nguyen Dai\Local Settings\Application Data\Microsoft\Outlook\Outlook1.pst/Dossiers personnels/Deleted Items/30 Dec 2005 07:39 from Mail Delivery System:Mail delivery failed.eml/[From "Contact" <contact@pdafrance.com>][Date Fri, 30 Dec 2005 08:38:51 +0100]/UNNAMED/Dog.cpl Infected: Email-Worm.Win32.Bagle.ah

C:\Documents and Settings\Nghia Nguyen Dai\Local Settings\Application Data\Microsoft\Outlook\Outlook1.pst/Dossiers personnels/Deleted Items/30 Dec 2005 07:39 from Mail Delivery System:Mail delivery failed.eml/[From "Contact" <contact@pdafrance.com>][Date Fri, 30 Dec 2005 08:38:51 +0100]/UNNAMED Infected: Email-Worm.Win32.Bagle.ah

C:\Documents and Settings\Nghia Nguyen Dai\Local Settings\Application Data\Microsoft\Outlook\Outlook1.pst/Dossiers personnels/Deleted Items/30 Dec 2005 07:39 from Mail Delivery System:Mail delivery failed.eml Infected: Email-Worm.Win32.Bagle.ah

C:\Documents and Settings\Nghia Nguyen Dai\Local Settings\Application Data\Microsoft\Outlook\Outlook1.pst/Dossiers personnels/Deleted Items/30 Dec 2005 07:11 from Mail Delivery System:Mail delivery failed.eml/[From "Contact" <contact@pdafrance.com>][Date Fri, 30 Dec 2005 08:10:53 +0100]/UNNAMED/foto3.cpl Infected: Email-Worm.Win32.Bagle.ah

C:\Documents and Settings\Nghia Nguyen Dai\Local Settings\Application Data\Microsoft\Outlook\Outlook1.pst/Dossiers personnels/Deleted Items/30 Dec 2005 07:11 from Mail Delivery System:Mail delivery failed.eml/[From "Contact" <contact@pdafrance.com>][Date Fri, 30 Dec 2005 08:10:53 +0100]/UNNAMED Infected: Email-Worm.Win32.Bagle.ah

C:\Documents and Settings\Nghia Nguyen Dai\Local Settings\Application Data\Microsoft\Outlook\Outlook1.pst/Dossiers personnels/Deleted Items/30 Dec 2005 07:11 from Mail Delivery System:Mail delivery failed.eml Infected: Email-Worm.Win32.Bagle.ah

C:\Documents and Settings\Nghia Nguyen Dai\Local Settings\Application Data\Microsoft\Outlook\Outlook1.pst/Dossiers personnels/Deleted Items/29 Dec 2005 11:06 from Mail Delivery System:Mail delivery failed.eml/[From "Contact" <contact@pdafrance.com>][Date Thu, 29 Dec 2005 12:06:21 +0100]/UNNAMED/Garry.cpl Infected: Email-Worm.Win32.Bagle.ah

C:\Documents and Settings\Nghia Nguyen Dai\Local Settings\Application Data\Microsoft\Outlook\Outlook1.pst/Dossiers personnels/Deleted Items/29 Dec 2005 11:06 from Mail Delivery System:Mail delivery failed.eml/[From "Contact" <contact@pdafrance.com>][Date Thu, 29 Dec 2005 12:06:21 +0100]/UNNAMED Infected: Email-Worm.Win32.Bagle.ah

C:\Documents and Settings\Nghia Nguyen Dai\Local Settings\Application Data\Microsoft\Outlook\Outlook1.pst/Dossiers personnels/Deleted Items/29 Dec 2005 11:06 from Mail Delivery System:Mail delivery failed.eml Infected: Email-Worm.Win32.Bagle.ah

C:\Documents and Settings\Nghia Nguyen Dai\Local Settings\Application Data\Microsoft\Outlook\Outlook1.pst/Dossiers personnels/Deleted Items/28 Dec 2005 16:37 from eBay Inc:BANKING MAIL FROM EBAY INC.rtf Infected: Trojan-Spy.HTML.Bayfraud.hn

C:\Documents and Settings\Nghia Nguyen Dai\Local Settings\Application Data\Microsoft\Outlook\Outlook1.pst/Dossiers personnels/Deleted Items/28 Dec 2005 14:51 from Mail Delivery System:Mail delivery failed.eml/[From "Contact" <contact@pdafrance.com>][Date Wed, 28 Dec 2005 15:51:24 +0100]/UNNAMED/Fish.cpl Infected: Email-Worm.Win32.Bagle.ah

C:\Documents and Settings\Nghia Nguyen Dai\Local Settings\Application Data\Microsoft\Outlook\Outlook1.pst/Dossiers personnels/Deleted Items/28 Dec 2005 14:51 from Mail Delivery System:Mail delivery failed.eml/[From "Contact" <contact@pdafrance.com>][Date Wed, 28 Dec 2005 15:51:24 +0100]/UNNAMED Infected: Email-Worm.Win32.Bagle.ah

C:\Documents and Settings\Nghia Nguyen Dai\Local Settings\Application Data\Microsoft\Outlook\Outlook1.pst/Dossiers personnels/Deleted Items/28 Dec 2005 14:51 from Mail Delivery System:Mail delivery failed.eml Infected: Email-Worm.Win32.Bagle.ah

C:\Documents and Settings\Nghia Nguyen Dai\Local Settings\Application Data\Microsoft\Outlook\Outlook1.pst/Dossiers personnels/Deleted Items/27 Dec 2005 07:16 from Mail Delivery System:Mail delivery failed.eml/[From "Contact" <contact@pdafrance.com>][Date Tue, 27 Dec 2005 08:15:46 +0100]/UNNAMED/Dog.cpl Infected: Email-Worm.Win32.Bagle.ah

C:\Documents and Settings\Nghia Nguyen Dai\Local Settings\Application Data\Microsoft\Outlook\Outlook1.pst/Dossiers personnels/Deleted Items/27 Dec 2005 07:16 from Mail Delivery System:Mail delivery failed.eml/[From "Contact" <contact@pdafrance.com>][Date Tue, 27 Dec 2005 08:15:46 +0100]/UNNAMED Infected: Email-Worm.Win32.Bagle.ah

C:\Documents and Settings\Nghia Nguyen Dai\Local Settings\Application Data\Microsoft\Outlook\Outlook1.pst/Dossiers personnels/Deleted Items/27 Dec 2005 07:16 from Mail Delivery System:Mail delivery failed.eml Infected: Email-Worm.Win32.Bagle.ah

C:\Documents and Settings\Nghia Nguyen Dai\Local Settings\Application Data\Microsoft\Outlook\Outlook1.pst/Dossiers personnels/Deleted Items/26 Dec 2005 15:05 from Mail Delivery System:Mail delivery failed.eml/[From "Contact" <contact@pdafrance.com>][Date Mon, 26 Dec 2005 16:04:46 +0100]/UNNAMED/Fish.cpl Infected: Email-Worm.Win32.Bagle.ah

C:\Documents and Settings\Nghia Nguyen Dai\Local Settings\Application Data\Microsoft\Outlook\Outlook1.pst/Dossiers personnels/Deleted Items/26 Dec 2005 15:05 from Mail Delivery System:Mail delivery failed.eml/[From "Contact" <contact@pdafrance.com>][Date Mon, 26 Dec 2005 16:04:46 +0100]/UNNAMED Infected: Email-Worm.Win32.Bagle.ah

C:\Documents and Settings\Nghia Nguyen Dai\Local Settings\Application Data\Microsoft\Outlook\Outlook1.pst/Dossiers personnels/Deleted Items/26 Dec 2005 15:05 from Mail Delivery System:Mail delivery failed.eml Infected: Email-Worm.Win32.Bagle.ah

C:\Documents and Settings\Nghia Nguyen Dai\Local Settings\Application Data\Microsoft\Outlook\Outlook1.pst/Dossiers personnels/Deleted Items/26 Dec 2005 07:17 from Mail Delivery System:Mail delivery failed.eml/[From "Contact" <contact@pdafrance.com>][Date Mon, 26 Dec 2005 08:17:08 +0100]/UNNAMED/Cat.scr Infected: Email-Worm.Win32.Bagle.ah

C:\Documents and Settings\Nghia Nguyen Dai\Local Settings\Application Data\Microsoft\Outlook\Outlook1.pst/Dossiers personnels/Deleted Items/26 Dec 2005 07:17 from Mail Delivery System:Mail delivery failed.eml/[From "Contact" <contact@pdafrance.com>][Date Mon, 26 Dec 2005 08:17:08 +0100]/UNNAMED Infected: Email-Worm.Win32.Bagle.ah

C:\Documents and Settings\Nghia Nguyen Dai\Local Settings\Application Data\Microsoft\Outlook\Outlook1.pst/Dossiers personnels/Deleted Items/26 Dec 2005 07:17 from Mail Delivery System:Mail delivery failed.eml Infected: Email-Worm.Win32.Bagle.ah

C:\Documents and Settings\Nghia Nguyen Dai\Local Settings\Application Data\Microsoft\Outlook\Outlook1.pst/Dossiers personnels/Deleted Items/25 Dec 2005 10:34 from Mail Delivery System:Mail delivery failed.eml/[From "Contact" <contact@pdafrance.com>][Date Sun, 25 Dec 2005 11:34:23 +0100]/UNNAMED/Fish.com Infected: Email-Worm.Win32.Bagle.ah

C:\Documents and Settings\Nghia Nguyen Dai\Local Settings\Application Data\Microsoft\Outlook\Outlook1.pst/Dossiers personnels/Deleted Items/25 Dec 2005 10:34 from Mail Delivery System:Mail delivery failed.eml/[From "Contact" <contact@pdafrance.com>][Date Sun, 25 Dec 2005 11:34:23 +0100]/UNNAMED Infected: Email-Worm.Win32.Bagle.ah

C:\Documents and Settings\Nghia Nguyen Dai\Local Settings\Application Data\Microsoft\Outlook\Outlook1.pst/Dossiers personnels/Deleted Items/25 Dec 2005 10:34 from Mail Delivery System:Mail delivery failed.eml Infected: Email-Worm.Win32.Bagle.ah

C:\Documents and Settings\Nghia Nguyen Dai\Local Settings\Application Data\Microsoft\Outlook\Outlook1.pst/Dossiers personnels/Deleted Items/24 Dec 2005 09:24 from Mail Delivery System:Mail delivery failed.eml/[From "Contact" <contact@pdafrance.com>][Date Sat, 24 Dec 2005 10:23:38 +0100]/UNNAMED/foto2.com Infected: Email-Worm.Win32.Bagle.ah

C:\Documents and Settings\Nghia Nguyen Dai\Local Settings\Application Data\Microsoft\Outlook\Outlook1.pst/Dossiers personnels/Deleted Items/24 Dec 2005 09:24 from Mail Delivery System:Mail delivery failed.eml/[From "Contact" <contact@pdafrance.com>][Date Sat, 24 Dec 2005 10:23:38 +0100]/UNNAMED Infected: Email-Worm.Win32.Bagle.ah

C:\Documents and Settings\Nghia Nguyen Dai\Local Settings\Application Data\Microsoft\Outlook\Outlook1.pst/Dossiers personnels/Deleted Items/24 Dec 2005 09:24 from Mail Delivery System:Mail delivery failed.eml Infected: Email-Worm.Win32.Bagle.ah

C:\Documents and Settings\Nghia Nguyen Dai\Local Settings\Application Data\Microsoft\Outlook\Outlook1.pst/Dossiers personnels/Deleted Items/23 Dec 2005 18:13 from Mail Delivery System:Mail delivery failed.eml/[From "Contact" <contact@pdafrance.com>][Date Fri, 23 Dec 2005 19:13:25 +0100]/UNNAMED/Secret.cpl Infected: Email-Worm.Win32.Bagle.ah

C:\Documents and Settings\Nghia Nguyen Dai\Local Settings\Application Data\Microsoft\Outlook\Outlook1.pst/Dossiers personnels/Deleted Items/23 Dec 2005 18:13 from Mail Delivery System:Mail delivery failed.eml/[From "Contact" <contact@pdafrance.com>][Date Fri, 23 Dec 2005 19:13:25 +0100]/UNNAMED Infected: Email-Worm.Win32.Bagle.ah

C:\Documents and Settings\Nghia Nguyen Dai\Local Settings\Application Data\Microsoft\Outlook\Outlook1.pst/Dossiers personnels/Deleted Items/23 Dec 2005 18:13 from Mail Delivery System:Mail delivery failed.eml Infected: Email-Worm.Win32.Bagle.ah

C:\Documents and Settings\Nghia Nguyen Dai\Local Settings\Application Data\Microsoft\Outlook\Outlook1.pst/Dossiers personnels/Deleted Items/23 Dec 2005 07:02 from Mail Delivery System:Mail delivery failed.eml/[From "Contact" <contact@pdafrance.com>][Date Fri, 23 Dec 2005 08:01:44 +0100]/UNNAMED/Secret.exe Infected: Email-Worm.Win32.Bagle.ah

C:\Documents and Settings\Nghia Nguyen Dai\Local Settings\Application Data\Microsoft\Outlook\Outlook1.pst/Dossiers personnels/Deleted Items/23 Dec 2005 07:02 from Mail Delivery System:Mail delivery failed.eml/[From "Contact" <contact@pdafrance.com>][Date Fri, 23 Dec 2005 08:01:44 +0100]/UNNAMED Infected: Email-Worm.Win32.Bagle.ah

C:\Documents and Settings\Nghia Nguyen Dai\Local Settings\Application Data\Microsoft\Outlook\Outlook1.pst/Dossiers personnels/Deleted Items/23 Dec 2005 07:02 from Mail Delivery System:Mail delivery failed.eml Infected: Email-Worm.Win32.Bagle.ah

C:\Documents and Settings\Nghia Nguyen Dai\Local Settings\Application Data\Microsoft\Outlook\Outlook1.pst/Dossiers personnels/Deleted Items/19 Dec 2005 07:05 from Mail Delivery System:Mail delivery failed.eml/[From "Contact" <contact@pdafrance.com>][Date Mon, 19 Dec 2005 08:05:05 +0100]/UNNAMED/Secret.cpl Infected: Email-Worm.Win32.Bagle.ah

C:\Documents and Settings\Nghia Nguyen Dai\Local Settings\Application Data\Microsoft\Outlook\Outlook1.pst/Dossiers personnels/Deleted Items/19 Dec 2005 07:05 from Mail Delivery System:Mail delivery failed.eml/[From "Contact" <contact@pdafrance.com>][Date Mon, 19 Dec 2005 08:05:05 +0100]/UNNAMED Infected: Email-Worm.Win32.Bagle.ah

C:\Documents and Settings\Nghia Nguyen Dai\Local Settings\Application Data\Microsoft\Outlook\Outlook1.pst/Dossiers personnels/Deleted Items/19 Dec 2005 07:05 from Mail Delivery System:Mail delivery failed.eml Infected: Email-Worm.Win32.Bagle.ah

C:\Documents and Settings\Nghia Nguyen Dai\Local Settings\Application Data\Microsoft\Outlook\Outlook1.pst/Dossiers personnels/Deleted Items/17 Dec 2005 07:17 from Mail Delivery System:Mail delivery failed.eml/[From "Contact" <contact@pdafrance.com>][Date Sat, 17 Dec 2005 08:17:40 +0100]/UNNAMED/Garry.scr Infected: Email-Worm.Win32.Bagle.ah

C:\Documents and Settings\Nghia Nguyen Dai\Local Settings\Application Data\Microsoft\Outlook\Outlook1.pst/Dossiers personnels/Deleted Items/17 Dec 2005 07:17 from Mail Delivery System:Mail delivery failed.eml/[From "Contact" <contact@pdafrance.com>][Date Sat, 17 Dec 2005 08:17:40 +0100]/UNNAMED Infected: Email-Worm.Win32.Bagle.ah

C:\Documents and Settings\Nghia Nguyen Dai\Local Settings\Application Data\Microsoft\Outlook\Outlook1.pst/Dossiers personnels/Deleted Items/17 Dec 2005 07:17 from Mail Delivery System:Mail delivery failed.eml Infected: Email-Worm.Win32.Bagle.ah

C:\Documents and Settings\Nghia Nguyen Dai\Local Settings\Application Data\Microsoft\Outlook\Outlook1.pst/Dossiers personnels/Deleted Items/16 Dec 2005 07:14 from Mail Delivery System:Mail delivery failed.eml/[From "Contact" <contact@pdafrance.com>][Date Fri, 16 Dec 2005 08:14:37 +0100]/UNNAMED/Garry.scr Infected: Email-Worm.Win32.Bagle.ah

C:\Documents and Settings\Nghia Nguyen Dai\Local Settings\Application Data\Microsoft\Outlook\Outlook1.pst/Dossiers personnels/Deleted Items/16 Dec 2005 07:14 from Mail Delivery System:Mail delivery failed.eml/[From "Contact" <contact@pdafrance.com>][Date Fri, 16 Dec 2005 08:14:37 +0100]/UNNAMED Infected: Email-Worm.Win32.Bagle.ah

C:\Documents and Settings\Nghia Nguyen Dai\Local Settings\Application Data\Microsoft\Outlook\Outlook1.pst/Dossiers personnels/Deleted Items/16 Dec 2005 07:14 from Mail Delivery System:Mail delivery failed.eml Infected: Email-Worm.Win32.Bagle.ah

C:\Documents and Settings\Nghia Nguyen Dai\Local Settings\Application Data\Microsoft\Outlook\Outlook1.pst/Dossiers personnels/Deleted Items/02 Jan 2006 20:17 from MAILER-DAEMON@mail3.ikoula.com:failure no.eml/[From nghia@capitalemedia.com][Date Tue, 26 Dec 2000 20:33:19 +0100]/UNNAMED/readme.zip/details.txt .pif Infected: Email-Worm.Win32.NetSky.q

C:\Documents and Settings\Nghia Nguyen Dai\Local Settings\Application Data\Microsoft\Outlook\Outlook1.pst/Dossiers personnels/Deleted Items/02 Jan 2006 20:17 from MAILER-DAEMON@mail3.ikoula.com:failure no.eml/[From nghia@capitalemedia.com][Date Tue, 26 Dec 2000 20:33:19 +0100]/UNNAMED/readme.zip Infected: Email-Worm.Win32.NetSky.q

C:\Documents and Settings\Nghia Nguyen Dai\Local Settings\Application Data\Microsoft\Outlook\Outlook1.pst/Dossiers personnels/Deleted Items/02 Jan 2006 20:17 from MAILER-DAEMON@mail3.ikoula.com:failure no.eml/[From nghia@capitalemedia.com][Date Tue, 26 Dec 2000 20:33:19 +0100]/UNNAMED Infected: Email-Worm.Win32.NetSky.q

C:\Documents and Settings\Nghia Nguyen Dai\Local Settings\Application Data\Microsoft\Outlook\Outlook1.pst/Dossiers personnels/Deleted Items/02 Jan 2006 20:17 from MAILER-DAEMON@mail3.ikoula.com:failure no.eml Infected: Email-Worm.Win32.NetSky.q

C:\Documents and Settings\Nghia Nguyen Dai\Local Settings\Application Data\Microsoft\Outlook\Outlook1.pst/Dossiers personnels/Deleted Items/02 Jan 2006 09:05 from Mail Delivery System:Mail delivery failed.eml/[From nghia@capitalemedia.com][Date Thu, 29 Dec 2005 07:36:13 UTC]/UNNAMED/UNNAMED/[From nghia@capitalemedia.com][Date Thu, 29 Dec 2005 07:36:13 UTC]/mailtext.zip/File-packed_dataInfo.exe Infected: Email-Worm.Win32.Sober.y

C:\Documents and Settings\Nghia Nguyen Dai\Local Settings\Application Data\Microsoft\Outlook\Outlook1.pst/Dossiers personnels/Deleted Items/02 Jan 2006 09:05 from Mail Delivery System:Mail delivery failed.eml/[From nghia@capitalemedia.com][Date Thu, 29 Dec 2005 07:36:13 UTC]/UNNAMED/UNNAMED/[From nghia@capitalemedia.com][Date Thu, 29 Dec 2005 07:36:13 UTC]/mailtext.zip Infected: Email-Worm.Win32.Sober.y

C:\Documents and Settings\Nghia Nguyen Dai\Local Settings\Application Data\Microsoft\Outlook\Outlook1.pst/Dossiers personnels/Deleted Items/02 Jan 2006 09:05 from Mail Delivery System:Mail delivery failed.eml/[From nghia@capitalemedia.com][Date Thu, 29 Dec 2005 07:36:13 UTC]/UNNAMED/UNNAMED Infected: Email-Worm.Win32.Sober.y

C:\Documents and Settings\Nghia Nguyen Dai\Local Settings\Application Data\Microsoft\Outlook\Outlook1.pst/Dossiers personnels/Deleted Items/02 Jan 2006 09:05 from Mail Delivery System:Mail delivery failed.eml/[From nghia@capitalemedia.com][Date Thu, 29 Dec 2005 07:36:13 UTC]/UNNAMED Infected: Email-Worm.Win32.Sober.y

C:\Documents and Settings\Nghia Nguyen Dai\Local Settings\Application Data\Microsoft\Outlook\Outlook1.pst/Dossiers personnels/Deleted Items/02 Jan 2006 09:05 from Mail Delivery System:Mail delivery failed.eml Infected: Email-Worm.Win32.Sober.y

C:\Documents and Settings\Nghia Nguyen Dai\Local Settings\Application Data\Microsoft\Outlook\Outlook1.pst/Dossiers personnels/Deleted Items/02 Jan 2006 07:07 from Mail Delivery System:Mail delivery failed.eml/[From "Nghia" <nghia@capitalemedia.com>][Date Mon, 02 Jan 2006 08:06:55 +0100]/UNNAMED/Dog.com Infected: Email-Worm.Win32.Bagle.ah

C:\Documents and Settings\Nghia Nguyen Dai\Local Settings\Application Data\Microsoft\Outlook\Outlook1.pst/Dossiers personnels/Deleted Items/02 Jan 2006 07:07 from Mail Delivery System:Mail delivery failed.eml/[From "Nghia" <nghia@capitalemedia.com>][Date Mon, 02 Jan 2006 08:06:55 +0100]/UNNAMED Infected: Email-Worm.Win32.Bagle.ah

C:\Documents and Settings\Nghia Nguyen Dai\Local Settings\Application Data\Microsoft\Outlook\Outlook1.pst/Dossiers personnels/Deleted Items/02 Jan 2006 07:07 from Mail Delivery System:Mail delivery failed.eml Infected: Email-Worm.Win32.Bagle.ah

C:\Documents and Settings\Nghia Nguyen Dai\Local Settings\Application Data\Microsoft\Outlook\Outlook1.pst/Dossiers personnels/Deleted Items/30 Dec 2005 07:39 from Mail Delivery System:Mail delivery failed.eml/[From "Nghia" <nghia@capitalemedia.com>][Date Fri, 30 Dec 2005 08:38:52 +0100]/UNNAMED/Secret.cpl Infected: Email-Worm.Win32.Bagle.ah

C:\Documents and Settings\Nghia Nguyen Dai\Local Settings\Application Data\Microsoft\Outlook\Outlook1.pst/Dossiers personnels/Deleted Items/30 Dec 2005 07:39 from Mail Delivery System:Mail delivery failed.eml/[From "Nghia" <nghia@capitalemedia.com>][Date Fri, 30 Dec 2005 08:38:52 +0100]/UNNAMED Infected: Email-Worm.Win32.Bagle.ah

C:\Documents and Settings\Nghia Nguyen Dai\Local Settings\Application Data\Microsoft\Outlook\Outlook1.pst/Dossiers personnels/Deleted Items/30 Dec 2005 07:39 from Mail Delivery System:Mail delivery failed.eml Infected: Email-Worm.Win32.Bagle.ah

C:\Documents and Settings\Nghia Nguyen Dai\Local Settings\Application Data\Microsoft\Outlook\Outlook1.pst/Dossiers personnels/Deleted Items/30 Dec 2005 07:11 from Mail Delivery System:Mail delivery failed.eml/[From "Nghia" <nghia@capitalemedia.com>][Date Fri, 30 Dec 2005 08:10:53 +0100]/UNNAMED/Fish.cpl Infected: Email-Worm.Win32.Bagle.ah

C:\Documents and Settings\Nghia Nguyen Dai\Local Settings\Application Data\Microsoft\Outlook\Outlook1.pst/Dossiers personnels/Deleted Items/30 Dec 2005 07:11 from Mail Delivery System:Mail delivery failed.eml/[From "Nghia" <nghia@capitalemedia.com>][Date Fri, 30 Dec 2005 08:10:53 +0100]/UNNAMED Infected: Email-Worm.Win32.Bagle.ah

C:\Documents and Settings\Nghia Nguyen Dai\Local Settings\Application Data\Microsoft\Outlook\Outlook1.pst/Dossiers personnels/Deleted Items/30 Dec 2005 07:11 from Mail Delivery System:Mail delivery failed.eml Infected: Email-Worm.Win32.Bagle.ah

C:\Documents and Settings\Nghia Nguyen Dai\Local Settings\Application Data\Microsoft\Outlook\Outlook1.pst/Dossiers personnels/Deleted Items/29 Dec 2005 11:06 from Mail Delivery System:Mail delivery failed.eml/[From "Nghia" <nghia@capitalemedia.com>][Date Thu, 29 Dec 2005 12:06:23 +0100]/UNNAMED/Garry.cpl Infected: Email-Worm.Win32.Bagle.ah

C:\Documents and Settings\Nghia Nguyen Dai\Local Settings\Application Data\Microsoft\Outlook\Outlook1.pst/Dossiers personnels/Deleted Items/29 Dec 2005 11:06 from Mail Delivery System:Mail delivery failed.eml/[From "Nghia" <nghia@capitalemedia.com>][Date Thu, 29 Dec 2005 12:06:23 +0100]/UNNAMED Infected: Email-Worm.Win32.Bagle.ah

C:\Documents and Settings\Nghia Nguyen Dai\Local Settings\Application Data\Microsoft\Outlook\Outlook1.pst/Dossiers personnels/Deleted Items/29 Dec 2005 11:06 from Mail Delivery System:Mail delivery failed.eml Infected: Email-Worm.Win32.Bagle.ah

C:\Documents and Settings\Nghia Nguyen Dai\Local Settings\Application Data\Microsoft\Outlook\Outlook1.pst/Dossiers personnels/Deleted Items/28 Dec 2005 14:51 to nghia@capitalemedia.com:Mail delivery faile.eml/[From "Nghia" <nghia@capitalemedia.com>][Date Wed, 28 Dec 2005 15:51:27 +0100]/UNNAMED/Garry.cpl Infected: Email-Worm.Win32.Bagle.ah

C:\Documents and Settings\Nghia Nguyen Dai\Local Settings\Application Data\Microsoft\Outlook\Outlook1.pst/Dossiers personnels/Deleted Items/28 Dec 2005 14:51 to nghia@capitalemedia.com:Mail delivery faile.eml/[From "Nghia" <nghia@capitalemedia.com>][Date Wed, 28 Dec 2005 15:51:27 +0100]/UNNAMED Infected: Email-Worm.Win32.Bagle.ah

C:\Documents and Settings\Nghia Nguyen Dai\Local Settings\Application Data\Microsoft\Outlook\Outlook1.pst/Dossiers personnels/Deleted Items/28 Dec 2005 14:51 to nghia@capitalemedia.com:Mail delivery faile.eml Infected: Email-Worm.Win32.Bagle.ah

C:\Documents and Settings\Nghia Nguyen Dai\Local Settings\Application Data\Microsoft\Outlook\Outlook1.pst/Dossiers personnels/Deleted Items/27 Dec 2005 07:15 from Mail Delivery System:Mail delivery failed.eml/[From "Nghia" <nghia@capitalemedia.com>][Date Tue, 27 Dec 2005 08:15:47 +0100]/UNNAMED/Garry.cpl Infected: Email-Worm.Win32.Bagle.ah

C:\Documents and Settings\Nghia Nguyen Dai\Local Settings\Application Data\Microsoft\Outlook\Outlook1.pst/Dossiers personnels/Deleted Items/27 Dec 2005 07:15 from Mail Delivery System:Mail delivery failed.eml/[From "Nghia" <nghia@capitalemedia.com>][Date Tue, 27 Dec 2005 08:15:47 +0100]/UNNAMED Infected: Email-Worm.Win32.Bagle.ah

C:\Documents and Settings\Nghia Nguyen Dai\Local Settings\Application Data\Microsoft\Outlook\Outlook1.pst/Dossiers personnels/Deleted Items/27 Dec 2005 07:15 from Mail Delivery System:Mail delivery failed.eml Infected: Email-Worm.Win32.Bagle.ah

C:\Documents and Settings\Nghia Nguyen Dai\Local Settings\Application Data\Microsoft\Outlook\Outlook1.pst/Dossiers personnels/Deleted Items/26 Dec 2005 15:04 from Mail Delivery System:Mail delivery failed.eml/[From "Nghia" <nghia@capitalemedia.com>][Date Mon, 26 Dec 2005 16:04:48 +0100]/UNNAMED/Cat.cpl Infected: Email-Worm.Win32.Bagle.ah

C:\Documents and Settings\Nghia Nguyen Dai\Local Settings\Application Data\Microsoft\Outlook\Outlook1.pst/Dossiers personnels/Deleted Items/26 Dec 2005 15:04 from Mail Delivery System:Mail delivery failed.eml/[From "Nghia" <nghia@capitalemedia.com>][Date Mon, 26 Dec 2005 16:04:48 +0100]/UNNAMED Infected: Email-Worm.Win32.Bagle.ah

C:\Documents and Settings\Nghia Nguyen Dai\Local Settings\Application Data\Microsoft\Outlook\Outlook1.pst/Dossiers personnels/Deleted Items/26 Dec 2005 15:04 from Mail Delivery System:Mail delivery failed.eml Infected: Email-Worm.Win32.Bagle.ah

C:\Documents and Settings\Nghia Nguyen Dai\Local Settings\Application Data\Microsoft\Outlook\Outlook1.pst/Dossiers personnels/Deleted Items/26 Dec 2005 07:17 from Mail Delivery System:Mail delivery failed.eml/[From "Nghia" <nghia@capitalemedia.com>][Date Mon, 26 Dec 2005 08:17:10 +0100]/UNNAMED/foto3.scr Infected: Email-Worm.Win32.Bagle.ah

C:\Documents and Settings\Nghia Nguyen Dai\Local Settings\Application Data\Microsoft\Outlook\Outlook1.pst/Dossiers personnels/Deleted Items/26 Dec 2005 07:17 from Mail Delivery System:Mail delivery failed.eml/[From "Nghia" <nghia@capitalemedia.com>][Date Mon, 26 Dec 2005 08:17:10 +0100]/UNNAMED Infected: Email-Worm.Win32.Bagle.ah

C:\Documents and Settings\Nghia Nguyen Dai\Local Settings\Application Data\Microsoft\Outlook\Outlook1.pst/Dossiers personnels/Deleted Items/26 Dec 2005 07:17 from Mail Delivery System:Mail delivery failed.eml Infected: Email-Worm.Win32.Bagle.ah

C:\Documents and Settings\Nghia Nguyen Dai\Local Settings\Application Data\Microsoft\Outlook\Outlook1.pst/Dossiers personnels/Deleted Items/25 Dec 2005 10:34 from Mail Delivery System:Mail delivery failed.eml/[From "Nghia" <nghia@capitalemedia.com>][Date Sun, 25 Dec 2005 11:34:26 +0100]/UNNAMED/Dog.com Infected: Email-Worm.Win32.Bagle.ah

C:\Documents and Settings\Nghia Nguyen Dai\Local Settings\Application Data\Microsoft\Outlook\Outlook1.pst/Dossiers personnels/Deleted Items/25 Dec 2005 10:34 from Mail Delivery System:Mail delivery failed.eml/[From "Nghia" <nghia@capitalemedia.com>][Date Sun, 25 Dec 2005 11:34:26 +0100]/UNNAMED Infected: Email-Worm.Win32.Bagle.ah

C:\Documents and Settings\Nghia Nguyen Dai\Local Settings\Application Data\Microsoft\Outlook\Outlook1.pst/Dossiers personnels/Deleted Items/25 Dec 2005 10:34 from Mail Delivery System:Mail delivery failed.eml Infected: Email-Worm.Win32.Bagle.ah

C:\Documents and Settings\Nghia Nguyen Dai\Local Settings\Application Data\Microsoft\Outlook\Outlook1.pst/Dossiers personnels/Deleted Items/24 Dec 2005 09:23 from Mail Delivery System:Mail delivery failed.eml/[From "Nghia" <nghia@capitalemedia.com>][Date Sat, 24 Dec 2005 10:23:38 +0100]/UNNAMED/Dog.com Infected: Email-Worm.Win32.Bagle.ah

C:\Documents and Settings\Nghia Nguyen Dai\Local Settings\Application Data\Microsoft\Outlook\Outlook1.pst/Dossiers personnels/Deleted Items/24 Dec 2005 09:23 from Mail Delivery System:Mail delivery failed.eml/[From "Nghia" <nghia@capitalemedia.com>][Date Sat, 24 Dec 2005 10:23:38 +0100]/UNNAMED Infected: Email-Worm.Win32.Bagle.ah

C:\Documents and Settings\Nghia Nguyen Dai\Local Settings\Application Data\Microsoft\Outlook\Outlook1.pst/Dossiers personnels/Deleted Items/24 Dec 2005 09:23 from Mail Delivery System:Mail delivery failed.eml Infected: Email-Worm.Win32.Bagle.ah

C:\Documents and Settings\Nghia Nguyen Dai\Local Settings\Application Data\Microsoft\Outlook\Outlook1.pst/Dossiers personnels/Deleted Items/23 Dec 2005 18:13 to nghia@capitalemedia.com:Mail delivery faile.eml/[From "Nghia" <nghia@capitalemedia.com>][Date Fri, 23 Dec 2005 19:13:30 +0100]/UNNAMED/Fish.cpl Infected: Email-Worm.Win32.Bagle.ah

C:\Documents and Settings\Nghia Nguyen Dai\Local Settings\Application Data\Microsoft\Outlook\Outlook1.pst/Dossiers personnels/Deleted Items/23 Dec 2005 18:13 to nghia@capitalemedia.com:Mail delivery faile.eml/[From "Nghia" <nghia@capitalemedia.com>][Date Fri, 23 Dec 2005 19:13:30 +0100]/UNNAMED Infected: Email-Worm.Win32.Bagle.ah

C:\Documents and Settings\Nghia Nguyen Dai\Local Settings\Application Data\Microsoft\Outlook\Outlook1.pst/Dossiers personnels/Deleted Items/23 Dec 2005 18:13 to nghia@capitalemedia.com:Mail delivery faile.eml Infected: Email-Worm.Win32.Bagle.ah

C:\Documents and Settings\Nghia Nguyen Dai\Local Settings\Application Data\Microsoft\Outlook\Outlook1.pst/Dossiers personnels/Deleted Items/23 Dec 2005 07:02 from Mail Delivery System:Mail delivery failed.eml/[From "Nghia" <nghia@capitalemedia.com>][Date Fri, 23 Dec 2005 08:01:48 +0100]/UNNAMED/Secret.exe Infected: Email-Worm.Win32.Bagle.ah

C:\Documents and Settings\Nghia Nguyen Dai\Local Settings\Application Data\Microsoft\Outlook\Outlook1.pst/Dossiers personnels/Deleted Items/23 Dec 2005 07:02 from Mail Delivery System:Mail delivery failed.eml/[From "Nghia" <nghia@capitalemedia.com>][Date Fri, 23 Dec 2005 08:01:48 +0100]/UNNAMED Infected: Email-Worm.Win32.Bagle.ah

C:\Documents and Settings\Nghia Nguyen Dai\Local Settings\Application Data\Microsoft\Outlook\Outlook1.pst/Dossiers personnels/Deleted Items/23 Dec 2005 07:02 from Mail Delivery System:Mail delivery failed.eml Infected: Email-Worm.Win32.Bagle.ah

C:\Documents and Settings\Nghia Nguyen Dai\Local Settings\Application Data\Microsoft\Outlook\Outlook1.pst/Dossiers personnels/Deleted Items/19 Dec 2005 07:05 from Mail Delivery System:Mail delivery failed.eml/[From "Nghia" <nghia@capitalemedia.com>][Date Mon, 19 Dec 2005 08:05:05 +0100]/UNNAMED/foto3.cpl Infected: Email-Worm.Win32.Bagle.ah

C:\Documents and Settings\Nghia Nguyen Dai\Local Settings\Application Data\Microsoft\Outlook\Outlook1.pst/Dossiers personnels/Deleted Items/19 Dec 2005 07:05 from Mail Delivery System:Mail delivery failed.eml/[From "Nghia" <nghia@capitalemedia.com>][Date Mon, 19 Dec 2005 08:05:05 +0100]/UNNAMED Infected: Email-Worm.Win32.Bagle.ah

C:\Documents and Settings\Nghia Nguyen Dai\Local Settings\Application Data\Microsoft\Outlook\Outlook1.pst/Dossiers personnels/Deleted Items/19 Dec 2005 07:05 from Mail Delivery System:Mail delivery failed.eml Infected: Email-Worm.Win32.Bagle.ah

C:\Documents and Settings\Nghia Nguyen Dai\Local Settings\Application Data\Microsoft\Outlook\Outlook1.pst/Dossiers personnels/Deleted Items/17 Dec 2005 07:17 from Mail Delivery System:Mail delivery failed.eml/[From "Nghia" <nghia@capitalemedia.com>][Date Sat, 17 Dec 2005 08:17:41 +0100]/UNNAMED/Cat.scr Infected: Email-Worm.Win32.Bagle.ah

C:\Documents and Settings\Nghia Nguyen Dai\Local Settings\Application Data\Microsoft\Outlook\Outlook1.pst/Dossiers personnels/Deleted Items/17 Dec 2005 07:17 from Mail Delivery System:Mail delivery failed.eml/[From "Nghia" <nghia@capitalemedia.com>][Date Sat, 17 Dec 2005 08:17:41 +0100]/UNNAMED Infected: Email-Worm.Win32.Bagle.ah

C:\Documents and Settings\Nghia Nguyen Dai\Local Settings\Application Data\Microsoft\Outlook\Outlook1.pst/Dossiers personnels/Deleted Items/17 Dec 2005 07:17 from Mail Delivery System:Mail delivery failed.eml Infected: Email-Worm.Win32.Bagle.ah

C:\Documents and Settings\Nghia Nguyen Dai\Local Settings\Application Data\Microsoft\Outlook\Outlook1.pst/Dossiers personnels/Deleted Items/16 Dec 2005 07:14 from Mail Delivery System:Mail delivery failed.eml/[From "Nghia" <nghia@capitalemedia.com>][Date Fri, 16 Dec 2005 08:14:39 +0100]/UNNAMED/Secret.scr Infected: Email-Worm.Win32.Bagle.ah

C:\Documents and Settings\Nghia Nguyen Dai\Local Settings\Application Data\Microsoft\Outlook\Outlook1.pst/Dossiers personnels/Deleted Items/16 Dec 2005 07:14 from Mail Delivery System:Mail delivery failed.eml/[From "Nghia" <nghia@capitalemedia.com>][Date Fri, 16 Dec 2005 08:14:39 +0100]/UNNAMED Infected: Email-Worm.Win32.Bagle.ah

C:\Documents and Settings\Nghia Nguyen Dai\Local Settings\Application Data\Microsoft\Outlook\Outlook1.pst/Dossiers personnels/Deleted Items/16 Dec 2005 07:14 from Mail Delivery System:Mail delivery failed.eml Infected: Email-Worm.Win32.Bagle.ah

C:\Documents and Settings\Nghia Nguyen Dai\Local Settings\Application Data\Microsoft\Outlook\Outlook1.pst/Dossiers personnels/Deleted Items/16 Jan 2006 02:17 from eBay Inc:Service Message From eBay.rtf Infected: Trojan-Spy.HTML.Bayfraud.hn

C:\Documents and Settings\Nghia Nguyen Dai\Local Settings\Application Data\Microsoft\Outlook\Outlook1.pst/Dossiers personnels/Deleted Items/15 Jan 2006 19:28 from Mail Delivery System:Mail delivery failed.eml/[From "Contact" <contact@pdafrance.com>][Date Sun, 15 Jan 2006 20:28:09 +0100]/UNNAMED/Secret.scr Infected: Email-Worm.Win32.Bagle.ah

C:\Documents and Settings\Nghia Nguyen Dai\Local Settings\Application Data\Microsoft\Outlook\Outlook1.pst/Dossiers personnels/Deleted Items/15 Jan 2006 19:28 from Mail Delivery System:Mail delivery failed.eml/[From "Contact" <contact@pdafrance.com>][Date Sun, 15 Jan 2006 20:28:09 +0100]/UNNAMED Infected: Email-Worm.Win32.Bagle.ah

C:\Documents and Settings\Nghia Nguyen Dai\Local Settings\Application Data\Microsoft\Outlook\Outlook1.pst/Dossiers personnels/Deleted Items/15 Jan 2006 19:28 from Mail Delivery System:Mail delivery failed.eml Infected: Email-Worm.Win32.Bagle.ah

C:\Documents and Settings\Nghia Nguyen Dai\Local Settings\Application Data\Microsoft\Outlook\Outlook1.pst/Dossiers personnels/Deleted Items/15 Jan 2006 14:31 from Mail Delivery System:Mail delivery failed.eml/[From "Contact" <contact@pdafrance.com>][Date Sun, 15 Jan 2006 15:35:44 +0100]/UNNAMED/Garry.cpl Infected: Email-Worm.Win32.Bagle.ah

C:\Documents and Settings\Nghia Nguyen Dai\Local Settings\Application Data\Microsoft\Outlook\Outlook1.pst/Dossiers personnels/Deleted Items/15 Jan 2006 14:31 from Mail Delivery System:Mail delivery failed.eml/[From "Contact" <contact@pdafrance.com>][Date Sun, 15 Jan 2006 15:35:44 +0100]/UNNAMED Infected: Email-Worm.Win32.Bagle.ah

C:\Documents and Settings\Nghia Nguyen Dai\Local Settings\Application Data\Microsoft\Outlook\Outlook1.pst/Dossiers personnels/Deleted Items/15 Jan 2006 14:31 from Mail Delivery System:Mail delivery failed.eml Infected: Email-Worm.Win32.Bagle.ah

C:\Documents and Settings\Nghia Nguyen Dai\Local Settings\Application Data\Microsoft\Outlook\Outlook1.pst/Dossiers personnels/Deleted Items/15 Jan 2006 13:54 from Mail Delivery System:Mail delivery failed.eml/[From "Contact" <contact@pdafrance.com>][Date Sun, 15 Jan 2006 14:59:59 +0100]/UNNAMED/foto2.cpl Infected: Email-Worm.Win32.Bagle.ah

C:\Documents and Settings\Nghia Nguyen Dai\Local Settings\Application Data\Microsoft\Outlook\Outlook1.pst/Dossiers personnels/Deleted Items/15 Jan 2006 13:54 from Mail Delivery System:Mail delivery failed.eml/[From "Contact" <contact@pdafrance.com>][Date Sun, 15 Jan 2006 14:59:59 +0100]/UNNAMED Infected: Email-Worm.Win32.Bagle.ah

C:\Documents and Settings\Nghia Nguyen Dai\Local Settings\Application Data\Microsoft\Outlook\Outlook1.pst/Dossiers personnels/Deleted Items/15 Jan 2006 13:54 from Mail Delivery System:Mail delivery failed.eml Infected: Email-Worm.Win32.Bagle.ah

C:\Documents and Settings\Nghia Nguyen Dai\Local Settings\Application Data\Microsoft\Outlook\Outlook1.pst/Dossiers personnels/Deleted Items/15 Jan 2006 07:14 from Mail Delivery System:Mail delivery failed.eml/[From "Contact" <contact@pdafrance.com>][Date Sun, 15 Jan 2006 08:14:05 +0100]/UNNAMED/Dog.exe Infected: Email-Worm.Win32.Bagle.ah

C:\Documents and Settings\Nghia Nguyen Dai\Local Settings\Application Data\Microsoft\Outlook\Outlook1.pst/Dossiers personnels/Deleted Items/15 Jan 2006 07:14 from Mail Delivery System:Mail delivery failed.eml/[From "Contact" <contact@pdafrance.com>][Date Sun, 15 Jan 2006 08:14:05 +0100]/UNNAMED Infected: Email-Worm.Win32.Bagle.ah

C:\Documents and Settings\Nghia Nguyen Dai\Local Settings\Application Data\Microsoft\Outlook\Outlook1.pst/Dossiers personnels/Deleted Items/15 Jan 2006 07:14 from Mail Delivery System:Mail delivery failed.eml Infected: Email-Worm.Win32.Bagle.ah

C:\Documents and Settings\Nghia Nguyen Dai\Local Settings\Application Data\Microsoft\Outlook\Outlook1.pst/Dossiers personnels/Deleted Items/14 Jan 2006 08:38 from Mail Delivery System:Mail delivery failed.eml/[From "Contact" <contact@pdafrance.com>][Date Sat, 14 Jan 2006 09:37:47 +0100]/UNNAMED/Garry.com Infected: Email-Worm.Win32.Bagle.ah

C:\Documents and Settings\Nghia Nguyen Dai\Local Settings\Application Data\Microsoft\Outlook\Outlook1.pst/Dossiers personnels/Deleted Items/14 Jan 2006 08:38 from Mail Delivery System:Mail delivery failed.eml/[From "Contact" <contact@pdafrance.com>][Date Sat, 14 Jan 2006 09:37:47 +0100]/UNNAMED Infected: Email-Worm.Win32.Bagle.ah

C:\Documents and Settings\Nghia Nguyen Dai\Local Settings\Application Data\Microsoft\Outlook\Outlook1.pst/Dossiers personnels/Deleted Items/14 Jan 2006 08:38 from Mail Delivery System:Mail delivery failed.eml Infected: Email-Worm.Win32.Bagle.ah

C:\Documents and Settings\Nghia Nguyen Dai\Local Settings\Application Data\Microsoft\Outlook\Outlook1.pst/Dossiers personnels/Deleted Items/09 Jan 2006 00:34 from eBay:Urgent Notification From eBay BiIIin.rtf Infected: Trojan-Spy.HTML.Bayfraud.hn

C:\Documents and Settings\Nghia Nguyen Dai\Local Settings\Application Data\Microsoft\Outlook\Outlook1.pst/Dossiers personnels/Deleted Items/14 Jan 2006 08:38 from Mail Delivery System:Mail delivery failed.eml/[From "Nghia" <nghia@capitalemedia.com>][Date Sat, 14 Jan 2006 09:37:53 +0100]/UNNAMED/foto2.com Infected: Email-Worm.Win32.Bagle.ah

C:\Documents and Settings\Nghia Nguyen Dai\Local Settings\Application Data\Microsoft\Outlook\Outlook1.pst/Dossiers personnels/Deleted Items/14 Jan 2006 08:38 from Mail Delivery System:Mail delivery failed.eml/[From "Nghia" <nghia@capitalemedia.com>][Date Sat, 14 Jan 2006 09:37:53 +0100]/UNNAMED Infected: Email-Worm.Win32.Bagle.ah

C:\Documents and Settings\Nghia Nguyen Dai\Local Settings\Application Data\Microsoft\Outlook\Outlook1.pst/Dossiers personnels/Deleted Items/14 Jan 2006 08:38 from Mail Delivery System:Mail delivery failed.eml Infected: Email-Worm.Win32.Bagle.ah

C:\Documents and Settings\Nghia Nguyen Dai\Local Settings\Application Data\Microsoft\Outlook\Outlook1.pst/Dossiers personnels/Deleted Items/11 Jan 2006 05:58 from Mail Delivery System:Mail delivery failed.eml/[From nghia@capitalemedia.com][Date Tue, 10 Jan 2006 07:00:35 +0100]/UNNAMED/UNNAMED/html Suspicious: Exploit.HTML.Iframe.FileDownload

C:\Documents and Settings\Nghia Nguyen Dai\Local Settings\Application Data\Microsoft\Outlook\Outlook1.pst/Dossiers personnels/Deleted Items/11 Jan 2006 05:58 from Mail Delivery System:Mail delivery failed.eml/[From nghia@capitalemedia.com][Date Tue, 10 Jan 2006 07:00:35 +0100]/UNNAMED/UNNAMED Suspicious: Exploit.HTML.Iframe.FileDownload

C:\Documents and Settings\Nghia Nguyen Dai\Local Settings\Application Data\Microsoft\Outlook\Outlook1.pst/Dossiers personnels/Deleted Items/11 Jan 2006 05:58 from Mail Delivery System:Mail delivery failed.eml/[From nghia@capitalemedia.com][Date Tue, 10 Jan 2006 07:00:35 +0100]/UNNAMED/message.scr Infected: Email-Worm.Win32.NetSky.q

C:\Documents and Settings\Nghia Nguyen Dai\Local Settings\Application Data\Microsoft\Outlook\Outlook1.pst/Dossiers personnels/Deleted Items/11 Jan 2006 05:58 from Mail Delivery System:Mail delivery failed.eml/[From nghia@capitalemedia.com][Date Tue, 10 Jan 2006 07:00:35 +0100]/UNNAMED Infected: Email-Worm.Win32.NetSky.q

C:\Documents and Settings\Nghia Nguyen Dai\Local Settings\Application Data\Microsoft\Outlook\Outlook1.pst/Dossiers personnels/Deleted Items/11 Jan 2006 05:58 from Mail Delivery System:Mail delivery failed.eml Infected: Email-Worm.Win32.NetSky.q

C:\Documents and Settings\Nghia Nguyen Dai\Local Settings\Application Data\Microsoft\Outlook\Outlook1.pst/Dossiers personnels/Courrier indésirable/16 Jan 2006 18:50 from MAILER-DAEMON@proxad.net:failure notice.eml/[From pub@pdafrance.com][Date Sun, 15 Jan 2006 19:52:39 +0100]/UNNAMED/data.doc.exe Infected: Email-Worm.Win32.NetSky.q

C:\Documents and Settings\Nghia Nguyen Dai\Local Settings\Application Data\Microsoft\Outlook\Outlook1.pst/Dossiers personnels/Courrier indésirable/16 Jan 2006 18:50 from MAILER-DAEMON@proxad.net:failure notice.eml/[From pub@pdafrance.com][Date Sun, 15 Jan 2006 19:52:39 +0100]/UNNAMED Infected: Email-Worm.Win32.NetSky.q

C:\Documents and Settings\Nghia Nguyen Dai\Local Settings\Application Data\Microsoft\Outlook\Outlook1.pst/Dossiers personnels/Courrier indésirable/16 Jan 2006 18:50 from MAILER-DAEMON@proxad.net:failure notice.eml Infected: Email-Worm.Win32.NetSky.q

C:\Documents and Settings\Nghia Nguyen Dai\Local Settings\Application Data\Microsoft\Outlook\Outlook1.pst/Dossiers personnels/Courrier indésirable/17 Jan 2006 23:00 from Mail Delivery System:Mail delivery failed.eml/[From "Contact" <contact@pdafrance.com>][Date Wed, 18 Jan 2006 00:05:15 +0100]/UNNAMED/Dog.exe Infected: Email-Worm.Win32.Bagle.ah

C:\Documents and Settings\Nghia Nguyen Dai\Local Settings\Application Data\Microsoft\Outlook\Outlook1.pst/Dossiers personnels/Courrier indésirable/17 Jan 2006 23:00 from Mail Delivery System:Mail delivery failed.eml/[From "Contact" <contact@pdafrance.com>][Date Wed, 18 Jan 2006 00:05:15 +0100]/UNNAMED Infected: Email-Worm.Win32.Bagle.ah

C:\Documents and Settings\Nghia Nguyen Dai\Local Settings\Application Data\Microsoft\Outlook\Outlook1.pst/Dossiers personnels/Courrier indésirable/17 Jan 2006 23:00 from Mail Delivery System:Mail delivery failed.eml Infected: Email-Worm.Win32.Bagle.ah

C:\Documents and Settings\Nghia Nguyen Dai\Local Settings\Application Data\Microsoft\Outlook\Outlook1.pst/Dossiers personnels/Courrier indésirable/18 Jan 2006 06:26 from MAILER-DAEMON@proxad.net:failure notice.eml/[From pub@pdafrance.com][Date Tue, 17 Jan 2006 07:29:32 +0100]/UNNAMED/UNNAMED/html Suspicious: Exploit.HTML.Iframe.FileDownload

C:\Documents and Settings\Nghia Nguyen Dai\Local Settings\Application Data\Microsoft\Outlook\Outlook1.pst/Dossiers personnels/Courrier indésirable/18 Jan 2006 06:26 from MAILER-DAEMON@proxad.net:failure notice.eml/[From pub@pdafrance.com][Date Tue, 17 Jan 2006 07:29:32 +0100]/UNNAMED/UNNAMED Suspicious: Exploit.HTML.Iframe.FileDownload

C:\Documents and Settings\Nghia Nguyen Dai\Local Settings\Application Data\Microsoft\Outlook\Outlook1.pst/Dossiers personnels/Courrier indésirable/18 Jan 2006 06:26 from MAILER-DAEMON@proxad.net:failure notice.eml/[From pub@pdafrance.com][Date Tue, 17 Jan 2006 07:29:32 +0100]/UNNAMED/message.scr Infected: Email-Worm.Win32.NetSky.q

C:\Documents and Settings\Nghia Nguyen Dai\Local Settings\Application Data\Microsoft\Outlook\Outlook1.pst/Dossiers personnels/Courrier indésirable/18 Jan 2006 06:26 from MAILER-DAEMON@proxad.net:failure notice.eml/[From pub@pdafrance.com][Date Tue, 17 Jan 2006 07:29:32 +0100]/UNNAMED Infected: Email-Worm.Win32.NetSky.q

C:\Documents and Settings\Nghia Nguyen Dai\Local Settings\Application Data\Microsoft\Outlook\Outlook1.pst/Dossiers personnels/Courrier indésirable/18 Jan 2006 06:26 from MAILER-DAEMON@proxad.net:failure notice.eml Infected: Email-Worm.Win32.NetSky.q

C:\Documents and Settings\Nghia Nguyen Dai\Local Settings\Application Data\Microsoft\Outlook\Outlook1.pst/Dossiers personnels/Courrier indésirable/18 Jan 2006 10:06 from Mail Delivery System:Mail delivery failed.eml/[From "Contact" <contact@pdafrance.com>][Date Wed, 18 Jan 2006 11:11:36 +0100]/UNNAMED/foto3.com Infected: Email-Worm.Win32.Bagle.ah

C:\Documents and Settings\Nghia Nguyen Dai\Local Settings\Application Data\Microsoft\Outlook\Outlook1.pst/Dossiers personnels/Courrier indésirable/18 Jan 2006 10:06 from Mail Delivery System:Mail delivery failed.eml/[From "Contact" <contact@pdafrance.com>][Date Wed, 18 Jan 2006 11:11:36 +0100]/UNNAMED Infected: Email-Worm.Win32.Bagle.ah

C:\Documents and Settings\Nghia Nguyen Dai\Local Settings\Application Data\Microsoft\Outlook\Outlook1.pst/Dossiers personnels/Courrier indésirable/18 Jan 2006 10:06 from Mail Delivery System:Mail delivery failed.eml Infected: Email-Worm.Win32.Bagle.ah

C:\Documents and Settings\Nghia Nguyen Dai\Local Settings\Application Data\Microsoft\Outlook\Outlook1.pst/Dossiers personnels/Courrier indésirable/21 Jan 2006 15:32 from id30153@gmail.com:Encrypted E-mail/data.zip Infected: Worm.Win32.Feebs.y

C:\Documents and Settings\Nghia Nguyen Dai\Local Settings\Application Data\Microsoft\Outlook\Outlook1.pst/Dossiers personnels/Courrier indésirable/23 Jan 2006 18:39 to contact@pdafrance.com:Mail delivery failed:.eml/[From contact@pdafrance.com][Date Mon, 23 Jan 2006 19:38:57 +0100]/UNNAMED/news01.doc Infected: Email-Worm.Win32.NetSky.q

C:\Documents and Settings\Nghia Nguyen Dai\Local Settings\Application Data\Microsoft\Outlook\Outlook1.pst/Dossiers personnels/Courrier indésirable/23 Jan 2006 18:39 to contact@pdafrance.com:Mail delivery failed:.eml/[From contact@pdafrance.com][Date Mon, 23 Jan 2006 19:38:57 +0100]/UNNAMED Infected: Email-Worm.Win32.NetSky.q

C:\Documents and Settings\Nghia Nguyen Dai\Local Settings\Application Data\Microsoft\Outlook\Outlook1.pst/Dossiers personnels/Courrier indésirable/23 Jan 2006 18:39 to contact@pdafrance.com:Mail delivery failed:.eml Infected: Email-Worm.Win32.NetSky.q

C:\Documents and Settings\Nghia Nguyen Dai\Local Settings\Application Data\Microsoft\Outlook\Outlook1.pst/Dossiers personnels/Courrier indésirable/25 Jan 2006 19:22 from Mail Delivery System:Mail delivery failed.eml/[From nghia@capitalemedia.com][Date Wed, 25 Jan 2006 20:22:38 +0100]/UNNAMED/your_document.pif Infected: Email-Worm.Win32.NetSky.d

C:\Documents and Settings\Nghia Nguyen Dai\Local Settings\Application Data\Microsoft\Outlook\Outlook1.pst/Dossiers personnels/Courrier indésirable/25 Jan 2006 19:22 from Mail Delivery System:Mail delivery failed.eml/[From nghia@capitalemedia.com][Date Wed, 25 Jan 2006 20:22:38 +0100]/UNNAMED Infected: Email-Worm.Win32.NetSky.d

C:\Documents and Settings\Nghia Nguyen Dai\Local Settings\Application Data\Microsoft\Outlook\Outlook1.pst/Dossiers personnels/Courrier indésirable/25 Jan 2006 19:22 from Mail Delivery System:Mail delivery failed.eml Infected: Email-Worm.Win32.NetSky.d

C:\Documents and Settings\Nghia Nguyen Dai\Local Settings\Application Data\Microsoft\Outlook\Outlook1.pst/Dossiers personnels/Business/iambic Marketing/MIS/pass/27 Feb 2003 10:06 from Nghia Nguyen Dai:FW: Your FTP Serv-U Regi/ServU25d.zip/Setup.exe/SERV-U32.EXE Infected: not-a-virus:Server-FTP.Win32.Serv-U.25.d

C:\Documents and Settings\Nghia Nguyen Dai\Local Settings\Application Data\Microsoft\Outlook\Outlook1.pst/Dossiers personnels/Business/iambic Marketing/MIS/pass/27 Feb 2003 10:06 from Nghia Nguyen Dai:FW: Your FTP Serv-U Regi/ServU25d.zip/Setup.exe Infected: not-a-virus:Server-FTP.Win32.Serv-U.25.d

C:\Documents and Settings\Nghia Nguyen Dai\Local Settings\Application Data\Microsoft\Outlook\Outlook1.pst/Dossiers personnels/Business/iambic Marketing/MIS/pass/27 Feb 2003 10:06 from Nghia Nguyen Dai:FW: Your FTP Serv-U Regi/ServU25d.zip Infected: not-a-virus:Server-FTP.Win32.Serv-U.25.d

C:\Documents and Settings\Nghia Nguyen Dai\Local Settings\Application Data\Microsoft\Outlook\Outlook1.pst Infected: not-a-virus:Server-FTP.Win32.Serv-U.25.d

C:\Documents and Settings\Nghia Nguyen Dai\Mes documents\Business\pdafrance\backup_emails\Outlook1.pst/Dossiers personnels/iambic/MIS/pass/27 Feb 2003 10:06 from Nghia Nguyen Dai:FW: Your FTP Serv-U Regi/ServU25d.zip/Setup.exe/SERV-U32.EXE Infected: not-a-virus:Server-FTP.Win32.Serv-U.25.d

C:\Documents and Settings\Nghia Nguyen Dai\Mes documents\Business\pdafrance\backup_emails\Outlook1.pst/Dossiers personnels/iambic/MIS/pass/27 Feb 2003 10:06 from Nghia Nguyen Dai:FW: Your FTP Serv-U Regi/ServU25d.zip/Setup.exe Infected: not-a-virus:Server-FTP.Win32.Serv-U.25.d

C:\Documents and Settings\Nghia Nguyen Dai\Mes documents\Business\pdafrance\backup_emails\Outlook1.pst/Dossiers personnels/iambic/MIS/pass/27 Feb 2003 10:06 from Nghia Nguyen Dai:FW: Your FTP Serv-U Regi/ServU25d.zip Infected: not-a-virus:Server-FTP.Win32.Serv-U.25.d

C:\Documents and Settings\Nghia Nguyen Dai\Mes documents\Business\pdafrance\backup_emails\Outlook1.pst Infected: not-a-virus:Server-FTP.Win32.Serv-U.25.d

C:\Program Files\mIRC\mirc.exe Infected: not-a-virus:Client-IRC.Win32.mIRC.616

D:\download\mirc616.exe/data0001.bin Infected: not-a-virus:Client-IRC.Win32.mIRC.616

D:\download\mirc616.exe Infected: not-a-virus:Client-IRC.Win32.mIRC.616

D:\backup\Outlook1.pst/Dossiers personnels/Deleted Items/26 Aug 2005 15:39 from Pamela/ATT00452.txt/pamela.exe/UNNAMED Infected: Trojan-PSW.Win32.LdPinch.tp

D:\backup\Outlook1.pst/Dossiers personnels/Deleted Items/26 Aug 2005 15:39 from Pamela/ATT00452.txt/pamela.exe Infected: Trojan-PSW.Win32.LdPinch.tp

D:\backup\Outlook1.pst/Dossiers personnels/Deleted Items/26 Aug 2005 15:39 from Pamela/ATT00452.txt Infected: Trojan-PSW.Win32.LdPinch.tp

D:\backup\Outlook1.pst/Dossiers personnels/Courrier indésirable/20 Aug 2005 12:49 to nghia@pdafrance.com:Mail delivery failed: r.eml/[From nghia@pdafrance.com][Date Sat, 20 Aug 2005 15:05:12 +0200]/UNNAMED/your_website.pif Infected: Email-Worm.Win32.NetSky.d

D:\backup\Outlook1.pst/Dossiers personnels/Courrier indésirable/20 Aug 2005 12:49 to nghia@pdafrance.com:Mail delivery failed: r.eml/[From nghia@pdafrance.com][Date Sat, 20 Aug 2005 15:05:12 +0200]/UNNAMED Infected: Email-Worm.Win32.NetSky.d

D:\backup\Outlook1.pst/Dossiers personnels/Courrier indésirable/20 Aug 2005 12:49 to nghia@pdafrance.com:Mail delivery failed: r.eml Infected: Email-Worm.Win32.NetSky.d

D:\backup\Outlook1.pst/Dossiers personnels/Courrier indésirable/20 Aug 2005 12:49 to contact@pdafrance.com:Mail delivery failed:.eml/[From contact@pdafrance.com][Date Sat, 20 Aug 2005 15:05:13 +0200]/UNNAMED/your_details.pif Infected: Email-Worm.Win32.NetSky.d

D:\backup\Outlook1.pst/Dossiers personnels/Courrier indésirable/20 Aug 2005 12:49 to contact@pdafrance.com:Mail delivery failed:.eml/[From contact@pdafrance.com][Date Sat, 20 Aug 2005 15:05:13 +0200]/UNNAMED Infected: Email-Worm.Win32.NetSky.d

D:\backup\Outlook1.pst/Dossiers personnels/Courrier indésirable/20 Aug 2005 12:49 to contact@pdafrance.com:Mail delivery failed:.eml Infected: Email-Worm.Win32.NetSky.d

D:\backup\Outlook1.pst/Dossiers personnels/Courrier indésirable/20 Aug 2005 17:16 to pub@pdafrance.com:Mail delivery failed: ret.eml/[From "Pub" <pub@pdafrance.com>][Date Sat, 20 Aug 2005 19:16:14 +0100]/UNNAMED/Cat.exe Infected: Email-Worm.Win32.Bagle.ai

D:\backup\Outlook1.pst/Dossiers personnels/Courrier indésirable/20 Aug 2005 17:16 to pub@pdafrance.com:Mail delivery failed: ret.eml/[From "Pub" <pub@pdafrance.com>][Date Sat, 20 Aug 2005 19:16:14 +0100]/UNNAMED Infected: Email-Worm.Win32.Bagle.ai

D:\backup\Outlook1.pst/Dossiers personnels/Courrier indésirable/20 Aug 2005 17:16 to pub@pdafrance.com:Mail delivery failed: ret.eml Infected: Email-Worm.Win32.Bagle.ai

D:\backup\Outlook1.pst/Dossiers personnels/Courrier indésirable/20 Aug 2005 17:17 to contact@pdafrance.com:Mail delivery failed:.eml/[From "Contact" <contact@pdafrance.com>][Date Sat, 20 Aug 2005 19:16:13 +0100]/UNNAMED/Doll.exe Infected: Email-Worm.Win32.Bagle.ai

D:\backup\Outlook1.pst/Dossiers personnels/Courrier indésirable/20 Aug 2005 17:17 to contact@pdafrance.com:Mail delivery failed:.eml/[From "Contact" <contact@pdafrance.com>][Date Sat, 20 Aug 2005 19:16:13 +0100]/UNNAMED Infected: Email-Worm.Win32.Bagle.ai

D:\backup\Outlook1.pst/Dossiers personnels/Courrier indésirable/20 Aug 2005 17:17 to contact@pdafrance.com:Mail delivery failed:.eml Infected: Email-Worm.Win32.Bagle.ai

D:\backup\Outlook1.pst/Dossiers personnels/Courrier indésirable/21 Aug 2005 14:17 to contact@pdafrance.com:Protect your eBay acc.rtf Infected: Trojan-Spy.HTML.Bayfraud.hn

D:\backup\Outlook1.pst/Dossiers personnels/Courrier indésirable/22 Aug 2005 08:01 to pub@pdafrance.com:Mail delivery failed: ret.eml/[From pub@pdafrance.com][Date Mon, 22 Aug 2005 10:01:47 +0200]/UNNAMED/creditcard_death.scr Infected: Email-Worm.Win32.NetSky.c

D:\backup\Outlook1.pst/Dossiers personnels/Courrier indésirable/22 Aug 2005 08:01 to pub@pdafrance.com:Mail delivery failed: ret.eml/[From pub@pdafrance.com][Date Mon, 22 Aug 2005 10:01:47 +0200]/UNNAMED Infected: Email-Worm.Win32.NetSky.c

D:\backup\Outlook1.pst/Dossiers personnels/Courrier indésirable/22 Aug 2005 08:01 to pub@pdafrance.com:Mail delivery failed: ret.eml Infected: Email-Worm.Win32.NetSky.c

D:\backup\Outlook1.pst/Dossiers personnels/Courrier indésirable/23 Aug 2005 10:51 from Mail Delivery System:Mail delivery failed.eml/[From leo@capitalemedia.com][Date Tue, 23 Aug 2005 12:51:28 +0200]/UNNAMED/document.pif Infected: Net-Worm.Win32.Mytob.x

D:\backup\Outlook1.pst/Dossiers personnels/Courrier indésirable/23 Aug 2005 10:51 from Mail Delivery System:Mail delivery failed.eml/[From leo@capitalemedia.com][Date Tue, 23 Aug 2005 12:51:28 +0200]/UNNAMED Infected: Net-Worm.Win32.Mytob.x

D:\backup\Outlook1.pst/Dossiers personnels/Courrier indésirable/23 Aug 2005 10:51 from Mail Delivery System:Mail delivery failed.eml Infected: Net-Worm.Win32.Mytob.x

D:\backup\Outlook1.pst/Dossiers personnels/Courrier indésirable/23 Aug 2005 12:56 to nghia@capitalemedia.com:Important Notice Fr.rtf Infected: Trojan-Spy.HTML.Bayfraud.hn

D:\backup\Outlook1.pst/Dossiers personnels/Courrier indésirable/23 Aug 2005 17:27 from Mail Delivery System:Mail delivery failed.eml/[From noreply@capitalemedia.com][Date Tue, 23 Aug 2005 19:27:12 +0100]/UNNAMED/Info.pif Infected: Email-Worm.Win32.Bagle.n

D:\backup\Outlook1.pst/Dossiers personnels/Courrier indésirable/23 Aug 2005 17:27 from Mail Delivery System:Mail delivery failed.eml/[From noreply@capitalemedia.com][Date Tue, 23 Aug 2005 19:27:12 +0100]/UNNAMED Infected: Email-Worm.Win32.Bagle.n

D:\backup\Outlook1.pst/Dossiers personnels/Courrier indésirable/23 Aug 2005 17:27 from Mail Delivery System:Mail delivery failed.eml Infected: Email-Worm.Win32.Bagle.n

D:\backup\Outlook1.pst/Dossiers personnels/Courrier indésirable/23 Aug 2005 17:27 from Mail Delivery System:Mail delivery failed.eml/[From contact@pdafrance.com][Date Tue, 23 Aug 2005 19:27:12 +0100]/UNNAMED/TextDocument.pif Infected: Email-Worm.Win32.Bagle.n

D:\backup\Outlook1.pst/Dossiers personnels/Courrier indésirable/23 Aug 2005 17:27 from Mail Delivery System:Mail delivery failed.eml/[From contact@pdafrance.com][Date Tue, 23 Aug 2005 19:27:12 +0100]/UNNAMED Infected: Email-Worm.Win32.Bagle.n

D:\backup\Outlook1.pst/Dossiers personnels/Courrier indésirable/23 Aug 2005 17:27 from Mail Delivery System:Mail delivery failed.eml Infected: Email-Worm.Win32.Bagle.n

D:\backup\Outlook1.pst/Dossiers personnels/Courrier indésirable/24 Aug 2005 07:30 to pub@pdafrance.com:Mail delivery failed: ret.eml/[From pub@pdafrance.com][Date Wed, 24 Aug 2005 09:30:28 +0200]/UNNAMED/unfolds.scr Infected: Email-Worm.Win32.NetSky.c

D:\backup\Outlook1.pst/Dossiers personnels/Courrier indésirable/24 Aug 2005 07:30 to pub@pdafrance.com:Mail delivery failed: ret.eml/[From pub@pdafrance.com][Date Wed, 24 Aug 2005 09:30:28 +0200]/UNNAMED Infected: Email-Worm.Win32.NetSky.c

D:\backup\Outlook1.pst/Dossiers personnels/Courrier indésirable/24 Aug 2005 07:30 to pub@pdafrance.com:Mail delivery failed: ret.eml Infected: Email-Worm.Win32.NetSky.c

D:\backup\Outlook1.pst/Dossiers personnels/Courrier indésirable/24 Aug 2005 18:17 from Mail Delivery System:Mail delivery failed.eml/[From contact@pdafrance.com][Date Wed, 24 Aug 2005 20:32:52 +0200]/UNNAMED/your_picture.pif Infected: Email-Worm.Win32.NetSky.d

D:\backup\Outlook1.pst/Dossiers personnels/Courrier indésirable/24 Aug 2005 18:17 from Mail Delivery System:Mail delivery failed.eml/[From contact@pdafrance.com][Date Wed, 24 Aug 2005 20:32:52 +0200]/UNNAMED Infected: Email-Worm.Win32.NetSky.d

D:\backup\Outlook1.pst/Dossiers personnels/Courrier indésirable/24 Aug 2005 18:17 from Mail Delivery System:Mail delivery failed.eml Infected: Email-Worm.Win32.NetSky.d

D:\backup\Outlook1.pst/Dossiers personnels/Courrier indésirable/25 Aug 2005 08:49 to contact@pdafrance.com:Mail delivery failed:.eml/[From contact@pdafrance.com][Date Thu, 25 Aug 2005 10:58:09 +0200]/UNNAMED/your_document.pif Infected: Email-Worm.Win32.NetSky.d

D:\backup\Outlook1.pst/Dossiers personnels/Courrier indésirable/25 Aug 2005 08:49 to contact@pdafrance.com:Mail delivery failed:.eml/[From contact@pdafrance.com][Date Thu, 25 Aug 2005 10:58:09 +0200]/UNNAMED Infected: Email-Worm.Win32.NetSky.d

D:\backup\Outlook1.pst/Dossiers personnels/Courrier indésirable/25 Aug 2005 08:49 to contact@pdafrance.com:Mail delivery failed:.eml Infected: Email-Worm.Win32.NetSky.d

D:\backup\Outlook1.pst/Dossiers personnels/Courrier indésirable/26 Aug 2005 06:27 from MAILER-DAEMON@ns20106.ovh.net:failure not.eml/[From contact@pdafrance.com][Date Fri, 26 Aug 2005 08:27:13 +0200]/UNNAMED/yours.zip/yours.exe Infected: Email-Worm.Win32.NetSky.c

D:\backup\Outlook1.pst/Dossiers personnels/Courrier indésirable/26 Aug 2005 06:27 from MAILER-DAEMON@ns20106.ovh.net:failure not.eml/[From contact@pdafrance.com][Date Fri, 26 Aug 2005 08:27:13 +0200]/UNNAMED/yours.zip Infected: Email-Worm.Win32.N

tidamiano Mega Power Member

tidamiano

Posté(e)
Posté(e)

Bonjour Charles, je viens ici car j'ai exactement le m^^eme problème et je sais pas ce que je dois faire, pourrais tu m'aider aussi s'il te plait ? :$

 

Je vais commencer par faire un rapport hijackthis :

 

Logfile of HijackThis v1.99.1

Scan saved at 19:33:27, on 26/01/2006

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Unable to get Internet Explorer version!

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\csrss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\wdfmgr.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe

C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe

C:\Program Files\Softwin\BitDefender9\vsserv.exe

C:\progra~1\softwin\bitdef~1\bdmcon.exe

C:\Program Files\Softwin\BitDefender9\bdoesrv.exe

C:\progra~1\softwin\bitdef~1\bdnagent.exe

C:\progra~1\softwin\bitdef~1\bdswitch.exe

C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe

C:\WINDOWS\system32\LVCOMSX.EXE

C:\WINDOWS\System32\alg.exe

C:\Program Files\Logitech\Video\LogiTray.exe

C:\Program Files\MessengerPlus! 3\MsgPlus.exe

C:\WINDOWS\system32\ctfmon.exe

C:\WINDOWS\lclock.exe

C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe

C:\Program Files\MSN Messenger\msnmsgr.exe

C:\WINDOWS\BricoPacks\Vista Inspirat\ObjectDock\ObjectDock.exe

C:\WINDOWS\BricoPacks\Vista Inspirat\YzToolbar\YzToolBar.exe

C:\Program Files\Yahoo!\WidgetEngine\YahooWidgetEngine.exe

C:\Program Files\Logitech\Video\FxSvr2.exe

C:\Program Files\Yahoo!\WidgetEngine\YahooWidgetEngine.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\ToniArts\EasyCleaner\EasyClea.exe

C:\WINDOWS\system32\msiexec.exe

C:\Documents and Settings\Damien\Mes documents\Setup\HijackThis.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.fr/ie

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.fr

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.fr/ie

R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.google.fr/keyword/%s

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.winlsd.org/

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll

O4 - HKLM\..\Run: [bDMCon] C:\progra~1\softwin\bitdef~1\bdmcon.exe

O4 - HKLM\..\Run: [bDOESRV] "C:\Program Files\Softwin\BitDefender9\bdoesrv.exe"

O4 - HKLM\..\Run: [bDNewsAgent] "C:\progra~1\softwin\bitdef~1\bdnagent.exe"

O4 - HKLM\..\Run: [bDSwitchAgent] "C:\progra~1\softwin\bitdef~1\bdswitch.exe"

O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd

O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay

O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe

O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE

O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe

O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe

O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k

O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"

O4 - HKLM\..\Run: [DiskeeperSystray] "C:\Program Files\Diskeeper Corporation\Diskeeper\DkIcon.exe"

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [LClock] lclock.exe

O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe"

O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot

O4 - HKCU\..\Run: [EmbeddingClient-clock] C:\Documents and Settings\Damien\Mes documents\Setup\ClockClient\RunEmbeddingClient.exe i=clock

O4 - HKCU\..\Run: [MSN Webcam Recorder] "C:\Program Files\MSN Webcam Recorder\ml20gui.exe" -silent

O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart

O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background

O4 - Startup: Stardock ObjectDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat\ObjectDock\ObjectDock.exe

O4 - Startup: Y'z ToolBar.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat\YzToolbar\YzToolBar.exe

O4 - Startup: Yahoo! Widget Engine.lnk = C:\Program Files\Yahoo!\WidgetEngine\YahooWidgetEngine.exe

O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe

O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\npjpi150_06.dll

O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\npjpi150_06.dll

O17 - HKLM\System\CCS\Services\Tcpip\..\{CA49776B-192A-410B-AB1E-142ED7EC060E}: NameServer = 192.168.1.1

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe

O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe

O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing)

O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe

O23 - Service: BitDefender Desktop Update Service (LIVESRV) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe" /service (file missing)

O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - C:\Program Files\Softwin\BitDefender9\vsserv.exe" /service (file missing)

O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing)

 

 

 

Quelque chose d'anormal ?

Thanos Devil Member !

Thanos

Posté(e)
Posté(e)

salut tidamiano,Nghia

 

tidamiano , ne poste pas de rapport hijackthis à la suite d'une discussion, sinon on ne comprend plus rien.

J'ai jeté un oeil à ton rapport,il ne présente pas d'infection. Comme pour Nghia , je ne pense pas que ce problème soit dû à un malware!

 

Je viens de jeter un oeil sur les possibles raisons de ce bug: en vrac,je cite:

-le logidiel de la poste e-como qui me cause ce problème ! c'est un logiciel de suivi en ligne des colis !

-les malwares Bugbear ou Badtrans.b

 

etc.... Bon il y à un outil qui permet de détecter Bugbear et de l' éradiquer

 

-Pour Bugbear => http://securityresponse.symantec.com/avcenter/FxBgbear.exe

 

Vous pouvez tenter de télécharge le fix , le lancer et voir s il détecte quelque chose, mais je vous promet rien :P

 

Ceci dit,quand je vois le rapport de scan kapersky de Nghia,je commence à me demander si il n'y a pas du vrai la dessous! Car il y a beaucoup de fichiers infecté dans tes messages!!

 

Nghia,vide les dossier suivants en gras=>

 

-C:\Documents and Settings\Nghia Nguyen Dai\Local Settings\Application Data\Microsoft\Outlook\Outlook1.pst/Dossiers personnels/Deleted Items

 

-C:\Documents and Settings\Nghia Nguyen Dai\Local Settings\Application Data\Microsoft\Outlook\Outlook1.pst/Dossiers personnels/Courrier indésirable

 

-D:\backup\Outlook1.pst/Dossiers personnels/Courrier indésirable

 

Vide la corbeille. Je ne connais pas Outlook, mais il faut que tu te débarrase de tous ces fichiers en éliminants les messages sauvegardés et les indésirables.

Il faut vraiment faire gaffe lorsque vous recevez un message , même si vous connaissez l'expéditeur!!.Ne jamais ouvrir une pièce jointe sans l'avoir au préalable soumise à un antivirus: On enregistre la pièce jointe, on ne l'ouvre pas puis on la scanne.Ensuite si tout vas bien on l'ouvre.

 

Timidiano tente le fix proposé par Symantec et dis ce qui en est,et ouvre ton propre sujet :P

Apollo Devil Member !

Apollo

Posté(e)
Posté(e)

Salut Charles, Nghya,

 

Ya intérêt à virer le "contact" de sa liste.

 

Pour Outlook, voici mes paramétrages de courrier indésirable:

 

indsirablesoutlook4pc.th.jpg

Thanos Devil Member !

Thanos

Posté(e)
Posté(e)

salut Timidiano, Liegeois :-P

Ya intérêt à virer le "contact" de sa liste.

:P:P Effectivement c'est le mieux à faire!Merci pour ta capture d'écran Liegeois,ca permettra à Nghia de savoir ou aller virer ces contacts .

 

Timidiano, ouvre un nouveau message pour toi stp, on peut essayer de lancer quelques recherches pour voir si on trouve quelque chose :-(

Nghia Member

Nghia

Posté(e)
  • Auteur
Posté(e)

en fait, j'ai déjà ouvert un message, il se trouve ici

 

:-P

 

 

Merci les gars! Désolé pour le retard dans la réponse, j'étais malade :P

 

Je vais virer ces trucs outlook et je vous tiens au courant.

C'est bizarre aujourd'hui, je sais pas pourquoi (j'ai rien changé), le pb a disparu. Puis j'ai rebooté et boom il est la à nouveau :P

Nghia Member

Nghia

Posté(e)
  • Auteur
Posté(e)

Merci les gars! Désolé pour le retard dans la réponse, j'étais malade :-P

 

Je vais virer ces trucs outlook et je vous tiens au courant.

C'est bizarre aujourd'hui, je sais pas pourquoi (j'ai rien changé), le pb a disparu. Puis j'ai rebooté et boom il est la à nouveau :P

 

Bon j'ai tout vidé, nettoyé et le pb persiste.

Je crois que la solution va etre de désinstallé les les applis après applis en fonction de l'ancienneté. et formatage si ca marche pas.

 

En tout cas j'aimerais remercier Charles et ce forum qui possède un esprit assez extraordinnaire. Cela fait longtemps que je navigue sur internet, je gère moi meme un forum actif de plusieurs dizaines de milliers de membres (pdafrance.com) et celui de zebulon est surement un des plus conviviales que je connaisse.

 

Bravo! :P

Rejoindre la conversation

Vous pouvez publier maintenant et vous inscrire plus tard. Si vous avez un compte, connectez-vous maintenant pour publier avec votre compte.
Remarque : votre message nécessitera l’approbation d’un modérateur avant de pouvoir être visible.

Invité
Répondre à ce sujet…

×   Collé en tant que texte enrichi.   Coller en tant que texte brut à la place

  Seulement 75 émoticônes maximum sont autorisées.

×   Votre lien a été automatiquement intégré.   Afficher plutôt comme un lien

×   Votre contenu précédent a été rétabli.   Vider l’éditeur

×   Vous ne pouvez pas directement coller des images. Envoyez-les depuis votre ordinateur ou insérez-les depuis une URL.

×
 Partager
Aller sur la liste des sujets

  • En ligne récemment   0 membre est en ligne

    • Aucun utilisateur enregistré regarde cette page.
×
×
  • Créer...