[xp] problème barre des tâches
bern01
-
green day Messages postés 26722 Statut Modérateur, Contributeur sécurité -
green day Messages postés 26722 Statut Modérateur, Contributeur sécurité -
Bonjour j'ai le même prbolème que sur un post du même sujet mais la solution proposée ne résout pas mon problème :
voici le souci, ma barre des taches devient grise (à la windows 98 dès qu un troyen doit se manifester )
Logfile of HijackThis v1.99.1
Scan saved at 20:22:12, on 15/01/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\DAEMON Tools\daemon.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe
C:\WINDOWS\system32\CTHELPER.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Alwil Software\Avast4\ashServ.exe
D:\applis\quickcam\LogiTray.exe
C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE
D:\applis\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
D:\applis\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\EssentialPIM\EssentialPIM.exe
D:\applis\Football365 Toolbar\Football365 Toolbar\launcher.exe
C:\Program Files\CyberLink\Shared files\RichVideo.exe
C:\WINDOWS\system32\svchost.exe
D:\applis\Football365 Toolbar\Football365 Toolbar\Football365 Toolbar.exe
D:\applis\quickcam\FxSvr2.exe
C:\Program Files\Fichiers communs\Nosibay\RunningObjectRegistry.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
D:\applis\hjt\hijackthis_hijackthis_1.99.1_anglais_17891.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.fr/toolbar/ie8/sidebar.html
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.google.fr/keyword/%s
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://www.google.fr/?gws_rd=ssl
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: PDFCreator Toolbar Helper - {C451C08A-EC37-45DF-AAAD-18B51AB5E837} - C:\Program Files\PDFCreator Toolbar\v3.0.0.0\PDFCreator_Toolbar.dll
O3 - Toolbar: PDFCreator Toolbar - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - C:\Program Files\PDFCreator Toolbar\v3.0.0.0\PDFCreator_Toolbar.dll
O4 - HKLM\..\Run: [nForce Tray Options] sstray.exe /r
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Vade Retro Outlook Express] "C:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe"
O4 - HKLM\..\Run: [WINDVDPatch] CTHELPER.EXE
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [Jet Detection] D:\sblive\PROGRAM\ADGJDet.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] D:\applis\quickcam\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] D:\applis\quickcam\LogiTray.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
O4 - HKLM\..\Run: [AnyDVD] C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "D:\applis\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [EssentialPIM] "C:\Program Files\EssentialPIM\EssentialPIM.exe" /autorun
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] D:\applis\quickcam\ManifestEngine.exe boot
O4 - HKCU\..\Run: [Football365 Toolbar] "D:\applis\Football365 Toolbar\Football365 Toolbar\launcher.exe"
O4 - Global Startup: Corel Family & Friends Reminders.LNK = C:\Corel\Print House Magic\cffrem.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - D:\applis\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: DirectX Service (DirectXerf) - Unknown owner - C:\WINDOWS\system32\directx.exe (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
O23 - Service: Sandra Data Service (SandraDataSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2007.SP1\Win32\RpcDataSrv.exe
O23 - Service: Sandra Service (SandraTheSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2007.SP1\RpcSandraSrv.exe
Merci pour toute aide
voici le souci, ma barre des taches devient grise (à la windows 98 dès qu un troyen doit se manifester )
Logfile of HijackThis v1.99.1
Scan saved at 20:22:12, on 15/01/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\DAEMON Tools\daemon.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe
C:\WINDOWS\system32\CTHELPER.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Alwil Software\Avast4\ashServ.exe
D:\applis\quickcam\LogiTray.exe
C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE
D:\applis\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
D:\applis\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\EssentialPIM\EssentialPIM.exe
D:\applis\Football365 Toolbar\Football365 Toolbar\launcher.exe
C:\Program Files\CyberLink\Shared files\RichVideo.exe
C:\WINDOWS\system32\svchost.exe
D:\applis\Football365 Toolbar\Football365 Toolbar\Football365 Toolbar.exe
D:\applis\quickcam\FxSvr2.exe
C:\Program Files\Fichiers communs\Nosibay\RunningObjectRegistry.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
D:\applis\hjt\hijackthis_hijackthis_1.99.1_anglais_17891.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.fr/toolbar/ie8/sidebar.html
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.google.fr/keyword/%s
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://www.google.fr/?gws_rd=ssl
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: PDFCreator Toolbar Helper - {C451C08A-EC37-45DF-AAAD-18B51AB5E837} - C:\Program Files\PDFCreator Toolbar\v3.0.0.0\PDFCreator_Toolbar.dll
O3 - Toolbar: PDFCreator Toolbar - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - C:\Program Files\PDFCreator Toolbar\v3.0.0.0\PDFCreator_Toolbar.dll
O4 - HKLM\..\Run: [nForce Tray Options] sstray.exe /r
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Vade Retro Outlook Express] "C:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe"
O4 - HKLM\..\Run: [WINDVDPatch] CTHELPER.EXE
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [Jet Detection] D:\sblive\PROGRAM\ADGJDet.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] D:\applis\quickcam\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] D:\applis\quickcam\LogiTray.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
O4 - HKLM\..\Run: [AnyDVD] C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "D:\applis\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [EssentialPIM] "C:\Program Files\EssentialPIM\EssentialPIM.exe" /autorun
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] D:\applis\quickcam\ManifestEngine.exe boot
O4 - HKCU\..\Run: [Football365 Toolbar] "D:\applis\Football365 Toolbar\Football365 Toolbar\launcher.exe"
O4 - Global Startup: Corel Family & Friends Reminders.LNK = C:\Corel\Print House Magic\cffrem.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - D:\applis\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: DirectX Service (DirectXerf) - Unknown owner - C:\WINDOWS\system32\directx.exe (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
O23 - Service: Sandra Data Service (SandraDataSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2007.SP1\Win32\RpcDataSrv.exe
O23 - Service: Sandra Service (SandraTheSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2007.SP1\RpcSandraSrv.exe
Merci pour toute aide
A voir également:
- [xp] problème barre des tâches
- Windows 11 barre des taches a gauche - Guide
- Barre des taches - Guide
- Changer la couleur de la barre des taches - Guide
- Cle windows xp - Guide
- Épingler un site web à la barre des tâches windows 11 - Guide
7 réponses
Salut
# Télécharge ceci: (merci a S!RI pour ce petit programme).
http://siri.urz.free.fr/Fix/SmitfraudFix.zip
Exécute le, Double click sur Smitfraudfix.cmd choisit l’option 1,
voila a quoi cela ressemble : http://siri.urz.free.fr/Fix/SmitfraudFix.php
il va générer un rapport : copie/colle le sur le poste stp.
++
# Télécharge ceci: (merci a S!RI pour ce petit programme).
http://siri.urz.free.fr/Fix/SmitfraudFix.zip
Exécute le, Double click sur Smitfraudfix.cmd choisit l’option 1,
voila a quoi cela ressemble : http://siri.urz.free.fr/Fix/SmitfraudFix.php
il va générer un rapport : copie/colle le sur le poste stp.
++
Voici, merci
SmitFraudFix v2.132
Rapport fait à 18:01:48,21, 16/01/2007
Executé à partir de D:\smitfraud\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Le type du système de fichiers est NTFS
Fix executé en mode normal
»»»»»»»»»»»»»»»»»»»»»»»» C:\
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32\LogFiles
»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\XP2600
»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\XP2600\Application Data
»»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer
»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\XP2600\Favoris
»»»»»»»»»»»»»»»»»»»»»»»» Bureau
»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files
»»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues
»»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="Ma page d'accueil"
»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll
»»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=""
»»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"System"=""
»»»»»»»»»»»»»»»»»»»»»»»» pe386-msguard-lzx32
»»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll
»»»»»»»»»»»»»»»»»»»»»»»» Fin
SmitFraudFix v2.132
Rapport fait à 18:01:48,21, 16/01/2007
Executé à partir de D:\smitfraud\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Le type du système de fichiers est NTFS
Fix executé en mode normal
»»»»»»»»»»»»»»»»»»»»»»»» C:\
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32\LogFiles
»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\XP2600
»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\XP2600\Application Data
»»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer
»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\XP2600\Favoris
»»»»»»»»»»»»»»»»»»»»»»»» Bureau
»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files
»»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues
»»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="Ma page d'accueil"
»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll
»»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=""
»»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"System"=""
»»»»»»»»»»»»»»»»»»»»»»»» pe386-msguard-lzx32
»»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll
»»»»»»»»»»»»»»»»»»»»»»»» Fin
Salut
ok,
Télécharge ceci sur ton bureau :
Lien : hijackthis
Démo : http://pageperso.aol.fr/balltrap34/demohijack.htm
Choisir l'option "do a scan and a logfile", et faire un copier/coller du rapport ainsi générer sur le forum
++
ok,
Télécharge ceci sur ton bureau :
Lien : hijackthis
Démo : http://pageperso.aol.fr/balltrap34/demohijack.htm
Choisir l'option "do a scan and a logfile", et faire un copier/coller du rapport ainsi générer sur le forum
++
Voici , merci :
Logfile of HijackThis v1.99.1
Scan saved at 21:01:19, on 17/01/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
D:\applis\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\CyberLink\Shared files\RichVideo.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe
C:\WINDOWS\system32\CTHELPER.EXE
C:\WINDOWS\system32\LVCOMSX.EXE
D:\applis\quickcam\LogiTray.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE
C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe
D:\applis\quickcam\FxSvr2.exe
D:\applis\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\EssentialPIM\EssentialPIM.exe
C:\WINDOWS\system32\wuauclt.exe
D:\applis\Football365 Toolbar\Football365 Toolbar\launcher.exe
D:\applis\Football365 Toolbar\Football365 Toolbar\Football365 Toolbar.exe
C:\Program Files\Fichiers communs\Nosibay\RunningObjectRegistry.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\WINDOWS\System32\svchost.exe
C:\Documents and Settings\XP2600\Bureau\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://www.google.fr/?gws_rd=ssl
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: PDFCreator Toolbar Helper - {C451C08A-EC37-45DF-AAAD-18B51AB5E837} - C:\Program Files\PDFCreator Toolbar\v3.0.0.0\PDFCreator_Toolbar.dll
O3 - Toolbar: PDFCreator Toolbar - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - C:\Program Files\PDFCreator Toolbar\v3.0.0.0\PDFCreator_Toolbar.dll
O4 - HKLM\..\Run: [nForce Tray Options] sstray.exe /r
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Vade Retro Outlook Express] "C:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe"
O4 - HKLM\..\Run: [WINDVDPatch] CTHELPER.EXE
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [Jet Detection] D:\sblive\PROGRAM\ADGJDet.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] D:\applis\quickcam\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] D:\applis\quickcam\LogiTray.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
O4 - HKLM\..\Run: [AnyDVD] C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "D:\applis\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [EssentialPIM] "C:\Program Files\EssentialPIM\EssentialPIM.exe" /autorun
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] D:\applis\quickcam\ManifestEngine.exe boot
O4 - HKCU\..\Run: [Football365 Toolbar] "D:\applis\Football365 Toolbar\Football365 Toolbar\launcher.exe"
O4 - Global Startup: Corel Family & Friends Reminders.LNK = C:\Corel\Print House Magic\cffrem.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - D:\applis\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: DirectX Service (DirectXerf) - Unknown owner - C:\WINDOWS\system32\directx.exe (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
O23 - Service: Sandra Data Service (SandraDataSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2007.SP1\Win32\RpcDataSrv.exe
O23 - Service: Sandra Service (SandraTheSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2007.SP1\RpcSandraSrv.exe
Logfile of HijackThis v1.99.1
Scan saved at 21:01:19, on 17/01/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
D:\applis\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\CyberLink\Shared files\RichVideo.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe
C:\WINDOWS\system32\CTHELPER.EXE
C:\WINDOWS\system32\LVCOMSX.EXE
D:\applis\quickcam\LogiTray.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE
C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe
D:\applis\quickcam\FxSvr2.exe
D:\applis\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\EssentialPIM\EssentialPIM.exe
C:\WINDOWS\system32\wuauclt.exe
D:\applis\Football365 Toolbar\Football365 Toolbar\launcher.exe
D:\applis\Football365 Toolbar\Football365 Toolbar\Football365 Toolbar.exe
C:\Program Files\Fichiers communs\Nosibay\RunningObjectRegistry.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\WINDOWS\System32\svchost.exe
C:\Documents and Settings\XP2600\Bureau\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://www.google.fr/?gws_rd=ssl
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: PDFCreator Toolbar Helper - {C451C08A-EC37-45DF-AAAD-18B51AB5E837} - C:\Program Files\PDFCreator Toolbar\v3.0.0.0\PDFCreator_Toolbar.dll
O3 - Toolbar: PDFCreator Toolbar - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - C:\Program Files\PDFCreator Toolbar\v3.0.0.0\PDFCreator_Toolbar.dll
O4 - HKLM\..\Run: [nForce Tray Options] sstray.exe /r
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Vade Retro Outlook Express] "C:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe"
O4 - HKLM\..\Run: [WINDVDPatch] CTHELPER.EXE
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [Jet Detection] D:\sblive\PROGRAM\ADGJDet.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] D:\applis\quickcam\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] D:\applis\quickcam\LogiTray.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
O4 - HKLM\..\Run: [AnyDVD] C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "D:\applis\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [EssentialPIM] "C:\Program Files\EssentialPIM\EssentialPIM.exe" /autorun
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] D:\applis\quickcam\ManifestEngine.exe boot
O4 - HKCU\..\Run: [Football365 Toolbar] "D:\applis\Football365 Toolbar\Football365 Toolbar\launcher.exe"
O4 - Global Startup: Corel Family & Friends Reminders.LNK = C:\Corel\Print House Magic\cffrem.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - D:\applis\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: DirectX Service (DirectXerf) - Unknown owner - C:\WINDOWS\system32\directx.exe (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
O23 - Service: Sandra Data Service (SandraDataSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2007.SP1\Win32\RpcDataSrv.exe
O23 - Service: Sandra Service (SandraTheSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2007.SP1\RpcSandraSrv.exe
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
Bonjour, voici le rapport du scan en ligne :
BitDefender Online Scanner
Scan report generated at: Sat, Jan 20, 2007 - 03:30:54
Scan path: A:\;C:\;D:\;E:\;F:\;G:\;
Statistics
Time
03:36:31
Files
1207041
Folders
12747
Boot Sectors
5
Archives
61031
Packed Files
59566
Results
Identified Viruses
7
Infected Files
10
Suspect Files
9
Warnings
0
Disinfected
0
Deleted Files
19
Engines Info
Virus Definitions
389846
Engine build
AVCORE v1.0 (build 2371) (i386) (Dec 13 2006 11:16:42)
Scan plugins
14
Archive plugins
38
Unpack plugins
6
E-mail plugins
6
System plugins
1
Scan Settings
First Action
Disinfect
Second Action
Delete
Heuristics
Yes
Enable Warnings
Yes
Scanned Extensions
*;
Exclude Extensions
Scan Emails
Yes
Scan Archives
Yes
Scan Packed
Yes
Scan Files
Yes
Scan Boot
Yes
Scanned File
Status
D:\sauvi\sauvegardes\180104.exe=>(ZIP Sfx 2o)=>OE/{DEFBCDA7-3DEA-40D5-9E83-0C7662D382AB}/dbx/BoŒte de r‚ception.dbx=>(message 104)=>[Subject: bug notice][Date: Mon, 03 Nov 2003 23:22:48 +0000]=>(MIME part)=>(message body)
Suspected of: Exploit.Iframe.Vulnerability
D:\sauvi\sauvegardes\180104.exe=>(ZIP Sfx 2o)=>OE/{DEFBCDA7-3DEA-40D5-9E83-0C7662D382AB}/dbx/BoŒte de r‚ception.dbx=>(message 104)=>[Subject: bug notice][Date: Mon, 03 Nov 2003 23:22:48 +0000]=>(MIME part)=>(message body)
Disinfection failed
D:\sauvi\sauvegardes\180104.exe=>(ZIP Sfx 2o)=>OE/{DEFBCDA7-3DEA-40D5-9E83-0C7662D382AB}/dbx/BoŒte de r‚ception.dbx=>(message 104)=>[Subject: bug notice][Date: Mon, 03 Nov 2003 23:22:48 +0000]=>(MIME part)=>(message body)
Deleted
D:\sauvi\sauvegardes\180104.exe=>(ZIP Sfx 2o)=>OE/{DEFBCDA7-3DEA-40D5-9E83-0C7662D382AB}/dbx/BoŒte de r‚ception.dbx=>(message 104)=>[Subject: bug notice][Date: Mon, 03 Nov 2003 23:22:48 +0000]=>(MIME part)
Updated
D:\sauvi\sauvegardes\180104.exe=>(ZIP Sfx 2o)=>OE/{DEFBCDA7-3DEA-40D5-9E83-0C7662D382AB}/dbx/BoŒte de r‚ception.dbx=>(message 104)
Updated
D:\sauvi\sauvegardes\180104.exe=>(ZIP Sfx 2o)=>OE/{DEFBCDA7-3DEA-40D5-9E83-0C7662D382AB}/dbx/BoŒte de r‚ception.dbx=>(message 104)=>[Subject: bug notice][Date: Mon, 03 Nov 2003 23:22:48 +0000]=>(MIME part)=>emzwf.exe
Infected with: Win32.Swen.A@mm
D:\sauvi\sauvegardes\180104.exe=>(ZIP Sfx 2o)=>OE/{DEFBCDA7-3DEA-40D5-9E83-0C7662D382AB}/dbx/BoŒte de r‚ception.dbx=>(message 104)=>[Subject: bug notice][Date: Mon, 03 Nov 2003 23:22:48 +0000]=>(MIME part)=>emzwf.exe
Deleted
D:\sauvi\sauvegardes\180104.exe=>(ZIP Sfx 2o)=>OE/{DEFBCDA7-3DEA-40D5-9E83-0C7662D382AB}/dbx/BoŒte de r‚ception.dbx=>(message 104)=>[Subject: bug notice][Date: Mon, 03 Nov 2003 23:22:48 +0000]=>(MIME part)
Updated
D:\sauvi\sauvegardes\180104.exe=>(ZIP Sfx 2o)=>OE/{DEFBCDA7-3DEA-40D5-9E83-0C7662D382AB}/dbx/BoŒte de r‚ception.dbx=>(message 104)
Updated
D:\sauvi\sauvegardes\180104.exe=>(ZIP Sfx 2o)=>OE/{DEFBCDA7-3DEA-40D5-9E83-0C7662D382AB}/dbx/BoŒte de r‚ception.dbx
Update failed
D:\sauvi\sauvegardes\180104.exe=>(ZIP Sfx 2o)=>OE/{DEFBCDA7-3DEA-40D5-9E83-0C7662D382AB}/dbx/BoŒte de r‚ception.dbx=>(message 542)=>[Subject: Have you been naughty?][Date: Mon, 25 Nov 2002 19:19:28 +0100 (CET)]=>(MIME part)=>(message body)
Suspected of: Exploit.Iframe.Vulnerability
D:\sauvi\sauvegardes\180104.exe=>(ZIP Sfx 2o)=>OE/{DEFBCDA7-3DEA-40D5-9E83-0C7662D382AB}/dbx/BoŒte de r‚ception.dbx=>(message 542)=>[Subject: Have you been naughty?][Date: Mon, 25 Nov 2002 19:19:28 +0100 (CET)]=>(MIME part)=>(message body)
Disinfection failed
D:\sauvi\sauvegardes\180104.exe=>(ZIP Sfx 2o)=>OE/{DEFBCDA7-3DEA-40D5-9E83-0C7662D382AB}/dbx/BoŒte de r‚ception.dbx=>(message 542)=>[Subject: Have you been naughty?][Date: Mon, 25 Nov 2002 19:19:28 +0100 (CET)]=>(MIME part)=>(message body)
Deleted
D:\sauvi\sauvegardes\180104.exe=>(ZIP Sfx 2o)=>OE/{DEFBCDA7-3DEA-40D5-9E83-0C7662D382AB}/dbx/BoŒte de r‚ception.dbx=>(message 542)=>[Subject: Have you been naughty?][Date: Mon, 25 Nov 2002 19:19:28 +0100 (CET)]=>(MIME part)
Updated
D:\sauvi\sauvegardes\180104.exe=>(ZIP Sfx 2o)=>OE/{DEFBCDA7-3DEA-40D5-9E83-0C7662D382AB}/dbx/BoŒte de r‚ception.dbx=>(message 542)
Updated
D:\sauvi\sauvegardes\180104.exe=>(ZIP Sfx 2o)=>OE/{DEFBCDA7-3DEA-40D5-9E83-0C7662D382AB}/dbx/BoŒte de r‚ception.dbx=>(message 542)=>[Subject: Have you been naughty?][Date: Mon, 25 Nov 2002 19:19:28 +0100 (CET)]=>(MIME part)=>Aspi
Infected with: Win32.Bugbear.A@mm.Dam.2
D:\sauvi\sauvegardes\180104.exe=>(ZIP Sfx 2o)=>OE/{DEFBCDA7-3DEA-40D5-9E83-0C7662D382AB}/dbx/BoŒte de r‚ception.dbx=>(message 542)=>[Subject: Have you been naughty?][Date: Mon, 25 Nov 2002 19:19:28 +0100 (CET)]=>(MIME part)=>Aspi
Disinfection failed
D:\sauvi\sauvegardes\180104.exe=>(ZIP Sfx 2o)=>OE/{DEFBCDA7-3DEA-40D5-9E83-0C7662D382AB}/dbx/BoŒte de r‚ception.dbx=>(message 542)=>[Subject: Have you been naughty?][Date: Mon, 25 Nov 2002 19:19:28 +0100 (CET)]=>(MIME part)=>Aspi
Deleted
D:\sauvi\sauvegardes\180104.exe=>(ZIP Sfx 2o)=>OE/{DEFBCDA7-3DEA-40D5-9E83-0C7662D382AB}/dbx/BoŒte de r‚ception.dbx=>(message 542)=>[Subject: Have you been naughty?][Date: Mon, 25 Nov 2002 19:19:28 +0100 (CET)]=>(MIME part)
Updated
D:\sauvi\sauvegardes\180104.exe=>(ZIP Sfx 2o)=>OE/{DEFBCDA7-3DEA-40D5-9E83-0C7662D382AB}/dbx/BoŒte de r‚ception.dbx=>(message 542)
Updated
D:\sauvi\sauvegardes\180104.exe=>(ZIP Sfx 2o)=>OE/{DEFBCDA7-3DEA-40D5-9E83-0C7662D382AB}/dbx/BoŒte de r‚ception.dbx
Update failed
D:\sauvi\sauvegardes\180104.exe=>(ZIP Sfx 2o)=>OE/{DEFBCDA7-3DEA-40D5-9E83-0C7662D382AB}/dbx/BoŒte de r‚ception.dbx=>(message 893)=>[Subject: Microsoft Outlook Express 5][Date: Sun, 13 Oct 2002 03:40:30 +0200 (added]=>(MIME part)=>(message body)
Suspected of: Exploit.Iframe.Vulnerability
D:\sauvi\sauvegardes\180104.exe=>(ZIP Sfx 2o)=>OE/{DEFBCDA7-3DEA-40D5-9E83-0C7662D382AB}/dbx/BoŒte de r‚ception.dbx=>(message 893)=>[Subject: Microsoft Outlook Express 5][Date: Sun, 13 Oct 2002 03:40:30 +0200 (added]=>(MIME part)=>(message body)
Disinfection failed
D:\sauvi\sauvegardes\180104.exe=>(ZIP Sfx 2o)=>OE/{DEFBCDA7-3DEA-40D5-9E83-0C7662D382AB}/dbx/BoŒte de r‚ception.dbx=>(message 893)=>[Subject: Microsoft Outlook Express 5][Date: Sun, 13 Oct 2002 03:40:30 +0200 (added]=>(MIME part)=>(message body)
Deleted
D:\sauvi\sauvegardes\180104.exe=>(ZIP Sfx 2o)=>OE/{DEFBCDA7-3DEA-40D5-9E83-0C7662D382AB}/dbx/BoŒte de r‚ception.dbx=>(message 893)=>[Subject: Microsoft Outlook Express 5][Date: Sun, 13 Oct 2002 03:40:30 +0200 (added]=>(MIME part)
Updated
D:\sauvi\sauvegardes\180104.exe=>(ZIP Sfx 2o)=>OE/{DEFBCDA7-3DEA-40D5-9E83-0C7662D382AB}/dbx/BoŒte de r‚ception.dbx=>(message 893)
Updated
D:\sauvi\sauvegardes\180104.exe=>(ZIP Sfx 2o)=>OE/{DEFBCDA7-3DEA-40D5-9E83-0C7662D382AB}/dbx/BoŒte de r‚ception.dbx=>(message 893)=>[Subject: Microsoft Outlook Express 5][Date: Sun, 13 Oct 2002 03:40:30 +0200 (added]=>(MIME part)=>Money.mny.exe
Infected with: Win32.Bugbear.A@mm.Dam.2
D:\sauvi\sauvegardes\180104.exe=>(ZIP Sfx 2o)=>OE/{DEFBCDA7-3DEA-40D5-9E83-0C7662D382AB}/dbx/BoŒte de r‚ception.dbx=>(message 893)=>[Subject: Microsoft Outlook Express 5][Date: Sun, 13 Oct 2002 03:40:30 +0200 (added]=>(MIME part)=>Money.mny.exe
Disinfection failed
D:\sauvi\sauvegardes\180104.exe=>(ZIP Sfx 2o)=>OE/{DEFBCDA7-3DEA-40D5-9E83-0C7662D382AB}/dbx/BoŒte de r‚ception.dbx=>(message 893)=>[Subject: Microsoft Outlook Express 5][Date: Sun, 13 Oct 2002 03:40:30 +0200 (added]=>(MIME part)=>Money.mny.exe
Deleted
D:\sauvi\sauvegardes\180104.exe=>(ZIP Sfx 2o)=>OE/{DEFBCDA7-3DEA-40D5-9E83-0C7662D382AB}/dbx/BoŒte de r‚ception.dbx=>(message 893)=>[Subject: Microsoft Outlook Express 5][Date: Sun, 13 Oct 2002 03:40:30 +0200 (added]=>(MIME part)
Updated
D:\sauvi\sauvegardes\180104.exe=>(ZIP Sfx 2o)=>OE/{DEFBCDA7-3DEA-40D5-9E83-0C7662D382AB}/dbx/BoŒte de r‚ception.dbx=>(message 893)
Updated
D:\sauvi\sauvegardes\180104.exe=>(ZIP Sfx 2o)=>OE/{DEFBCDA7-3DEA-40D5-9E83-0C7662D382AB}/dbx/BoŒte de r‚ception.dbx
Update failed
D:\sauvi\sauvegardes\180104.exe=>(ZIP Sfx 2o)=>OE/{DEFBCDA7-3DEA-40D5-9E83-0C7662D382AB}/dbx/BoŒte de r‚ception.dbx=>(message 972)=>[Subject: LES POISSONS ][Date: Tue,10 Sep 2002 12:18:35 PM]=>(MIME part)=>(message body)
Suspected of: Exploit.Iframe.Vulnerability
D:\sauvi\sauvegardes\180104.exe=>(ZIP Sfx 2o)=>OE/{DEFBCDA7-3DEA-40D5-9E83-0C7662D382AB}/dbx/BoŒte de r‚ception.dbx=>(message 972)=>[Subject: LES POISSONS ][Date: Tue,10 Sep 2002 12:18:35 PM]=>(MIME part)=>(message body)
Disinfection failed
D:\sauvi\sauvegardes\180104.exe=>(ZIP Sfx 2o)=>OE/{DEFBCDA7-3DEA-40D5-9E83-0C7662D382AB}/dbx/BoŒte de r‚ception.dbx=>(message 972)=>[Subject: LES POISSONS ][Date: Tue,10 Sep 2002 12:18:35 PM]=>(MIME part)=>(message body)
Deleted
D:\sauvi\sauvegardes\180104.exe=>(ZIP Sfx 2o)=>OE/{DEFBCDA7-3DEA-40D5-9E83-0C7662D382AB}/dbx/BoŒte de r‚ception.dbx=>(message 972)=>[Subject: LES POISSONS ][Date: Tue,10 Sep 2002 12:18:35 PM]=>(MIME part)
Updated
D:\sauvi\sauvegardes\180104.exe=>(ZIP Sfx 2o)=>OE/{DEFBCDA7-3DEA-40D5-9E83-0C7662D382AB}/dbx/BoŒte de r‚ception.dbx=>(message 972)
Updated
D:\sauvi\sauvegardes\180104.exe=>(ZIP Sfx 2o)=>OE/{DEFBCDA7-3DEA-40D5-9E83-0C7662D382AB}/dbx/BoŒte de r‚ception.dbx=>(message 972)=>[Subject: LES POISSONS ][Date: Tue,10 Sep 2002 12:18:35 PM]=>(MIME part)=>LES POISSONS .zip.bat
Infected with: Win32.Yahaa.E@mm
D:\sauvi\sauvegardes\180104.exe=>(ZIP Sfx 2o)=>OE/{DEFBCDA7-3DEA-40D5-9E83-0C7662D382AB}/dbx/BoŒte de r‚ception.dbx=>(message 972)=>[Subject: LES POISSONS ][Date: Tue,10 Sep 2002 12:18:35 PM]=>(MIME part)=>LES POISSONS .zip.bat
Deleted
D:\sauvi\sauvegardes\180104.exe=>(ZIP Sfx 2o)=>OE/{DEFBCDA7-3DEA-40D5-9E83-0C7662D382AB}/dbx/BoŒte de r‚ception.dbx=>(message 972)=>[Subject: LES POISSONS ][Date: Tue,10 Sep 2002 12:18:35 PM]=>(MIME part)
Updated
D:\sauvi\sauvegardes\180104.exe=>(ZIP Sfx 2o)=>OE/{DEFBCDA7-3DEA-40D5-9E83-0C7662D382AB}/dbx/BoŒte de r‚ception.dbx=>(message 972)
Updated
D:\sauvi\sauvegardes\180104.exe=>(ZIP Sfx 2o)=>OE/{DEFBCDA7-3DEA-40D5-9E83-0C7662D382AB}/dbx/BoŒte de r‚ception.dbx
Update failed
D:\sauvj\download\Doc réseau\Talking Greeting\tgmaker.exe=>wise0027
Suspected of: BehavesLike:Trojan.Downloader
D:\sauvj\download\Doc réseau\Talking Greeting\tgmaker.exe=>wise0027
Disinfection failed
D:\sauvj\download\Doc réseau\Talking Greeting\tgmaker.exe=>wise0027
Deleted
D:\sauvj\download\Doc réseau\Talking Greeting\tgmaker.exe
Update failed
D:\sauvk\stockoutlook\listes_diff.dbx=>(message 34)=>[Subject: Registration Confirmation][Date: Tue, 03 May 2005 23:51:28 GMT]=>(MIME part)=>account_info.zip=>Winzipped-Text_Data.txt .pif
Infected with: Win32.Sober.P@mm
D:\sauvk\stockoutlook\listes_diff.dbx=>(message 34)=>[Subject: Registration Confirmation][Date: Tue, 03 May 2005 23:51:28 GMT]=>(MIME part)=>account_info.zip=>Winzipped-Text_Data.txt .pif
Disinfection failed
D:\sauvk\stockoutlook\listes_diff.dbx=>(message 34)=>[Subject: Registration Confirmation][Date: Tue, 03 May 2005 23:51:28 GMT]=>(MIME part)=>account_info.zip=>Winzipped-Text_Data.txt .pif
Deleted
D:\sauvk\stockoutlook\listes_diff.dbx=>(message 34)=>[Subject: Registration Confirmation][Date: Tue, 03 May 2005 23:51:28 GMT]=>(MIME part)=>account_info.zip
Updated
D:\sauvk\stockoutlook\listes_diff.dbx=>(message 34)=>[Subject: Registration Confirmation][Date: Tue, 03 May 2005 23:51:28 GMT]=>(MIME part)
Updated
D:\sauvk\stockoutlook\listes_diff.dbx=>(message 34)
Updated
D:\sauvk\stockoutlook\listes_diff.dbx
Update failed
D:\stockoutlookbis\listes_diff.dbx=>(message 34)=>[Subject: Registration Confirmation][Date: Tue, 03 May 2005 23:51:28 GMT]=>(MIME part)=>account_info.zip=>Winzipped-Text_Data.txt .pif
Infected with: Win32.Sober.P@mm
D:\stockoutlookbis\listes_diff.dbx=>(message 34)=>[Subject: Registration Confirmation][Date: Tue, 03 May 2005 23:51:28 GMT]=>(MIME part)=>account_info.zip=>Winzipped-Text_Data.txt .pif
Disinfection failed
D:\stockoutlookbis\listes_diff.dbx=>(message 34)=>[Subject: Registration Confirmation][Date: Tue, 03 May 2005 23:51:28 GMT]=>(MIME part)=>account_info.zip=>Winzipped-Text_Data.txt .pif
Deleted
D:\stockoutlookbis\listes_diff.dbx=>(message 34)=>[Subject: Registration Confirmation][Date: Tue, 03 May 2005 23:51:28 GMT]=>(MIME part)=>account_info.zip
Updated
D:\stockoutlookbis\listes_diff.dbx=>(message 34)=>[Subject: Registration Confirmation][Date: Tue, 03 May 2005 23:51:28 GMT]=>(MIME part)
Updated
D:\stockoutlookbis\listes_diff.dbx=>(message 34)
Updated
D:\stockoutlookbis\listes_diff.dbx
Update failed
E:\sauvj\sauvegardes\180104.exe=>(ZIP Sfx 2o)=>OE/{DEFBCDA7-3DEA-40D5-9E83-0C7662D382AB}/dbx/BoŒte de r‚ception.dbx=>(message 104)=>[Subject: bug notice][Date: Mon, 03 Nov 2003 23:22:48 +0000]=>(MIME part)=>(message body)
Suspected of: Exploit.Iframe.Vulnerability
E:\sauvj\sauvegardes\180104.exe=>(ZIP Sfx 2o)=>OE/{DEFBCDA7-3DEA-40D5-9E83-0C7662D382AB}/dbx/BoŒte de r‚ception.dbx=>(message 104)=>[Subject: bug notice][Date: Mon, 03 Nov 2003 23:22:48 +0000]=>(MIME part)=>(message body)
Disinfection failed
E:\sauvj\sauvegardes\180104.exe=>(ZIP Sfx 2o)=>OE/{DEFBCDA7-3DEA-40D5-9E83-0C7662D382AB}/dbx/BoŒte de r‚ception.dbx=>(message 104)=>[Subject: bug notice][Date: Mon, 03 Nov 2003 23:22:48 +0000]=>(MIME part)=>(message body)
Deleted
E:\sauvj\sauvegardes\180104.exe=>(ZIP Sfx 2o)=>OE/{DEFBCDA7-3DEA-40D5-9E83-0C7662D382AB}/dbx/BoŒte de r‚ception.dbx=>(message 104)=>[Subject: bug notice][Date: Mon, 03 Nov 2003 23:22:48 +0000]=>(MIME part)
Updated
E:\sauvj\sauvegardes\180104.exe=>(ZIP Sfx 2o)=>OE/{DEFBCDA7-3DEA-40D5-9E83-0C7662D382AB}/dbx/BoŒte de r‚ception.dbx=>(message 104)
Updated
E:\sauvj\sauvegardes\180104.exe=>(ZIP Sfx 2o)=>OE/{DEFBCDA7-3DEA-40D5-9E83-0C7662D382AB}/dbx/BoŒte de r‚ception.dbx=>(message 104)=>[Subject: bug notice][Date: Mon, 03 Nov 2003 23:22:48 +0000]=>(MIME part)=>emzwf.exe
Infected with: Win32.Swen.A@mm
E:\sauvj\sauvegardes\180104.exe=>(ZIP Sfx 2o)=>OE/{DEFBCDA7-3DEA-40D5-9E83-0C7662D382AB}/dbx/BoŒte de r‚ception.dbx=>(message 104)=>[Subject: bug notice][Date: Mon, 03 Nov 2003 23:22:48 +0000]=>(MIME part)=>emzwf.exe
Deleted
E:\sauvj\sauvegardes\180104.exe=>(ZIP Sfx 2o)=>OE/{DEFBCDA7-3DEA-40D5-9E83-0C7662D382AB}/dbx/BoŒte de r‚ception.dbx=>(message 104)=>[Subject: bug notice][Date: Mon, 03 Nov 2003 23:22:48 +0000]=>(MIME part)
Updated
E:\sauvj\sauvegardes\180104.exe=>(ZIP Sfx 2o)=>OE/{DEFBCDA7-3DEA-40D5-9E83-0C7662D382AB}/dbx/BoŒte de r‚ception.dbx=>(message 104)
Updated
E:\sauvj\sauvegardes\180104.exe=>(ZIP Sfx 2o)=>OE/{DEFBCDA7-3DEA-40D5-9E83-0C7662D382AB}/dbx/BoŒte de r‚ception.dbx
Update failed
E:\sauvj\sauvegardes\180104.exe=>(ZIP Sfx 2o)=>OE/{DEFBCDA7-3DEA-40D5-9E83-0C7662D382AB}/dbx/BoŒte de r‚ception.dbx=>(message 542)=>[Subject: Have you been naughty?][Date: Mon, 25 Nov 2002 19:19:28 +0100 (CET)]=>(MIME part)=>(message body)
Suspected of: Exploit.Iframe.Vulnerability
E:\sauvj\sauvegardes\180104.exe=>(ZIP Sfx 2o)=>OE/{DEFBCDA7-3DEA-40D5-9E83-0C7662D382AB}/dbx/BoŒte de r‚ception.dbx=>(message 542)=>[Subject: Have you been naughty?][Date: Mon, 25 Nov 2002 19:19:28 +0100 (CET)]=>(MIME part)=>(message body)
Disinfection failed
E:\sauvj\sauvegardes\180104.exe=>(ZIP Sfx 2o)=>OE/{DEFBCDA7-3DEA-40D5-9E83-0C7662D382AB}/dbx/BoŒte de r‚ception.dbx=>(message 542)=>[Subject: Have you been naughty?][Date: Mon, 25 Nov 2002 19:19:28 +0100 (CET)]=>(MIME part)=>(message body)
Deleted
E:\sauvj\sauvegardes\180104.exe=>(ZIP Sfx 2o)=>OE/{DEFBCDA7-3DEA-40D5-9E83-0C7662D382AB}/dbx/BoŒte de r‚ception.dbx=>(message 542)=>[Subject: Have you been naughty?][Date: Mon, 25 Nov 2002 19:19:28 +0100 (CET)]=>(MIME part)
Updated
E:\sauvj\sauvegardes\180104.exe=>(ZIP Sfx 2o)=>OE/{DEFBCDA7-3DEA-40D5-9E83-0C7662D382AB}/dbx/BoŒte de r‚ception.dbx=>(message 542)
Updated
E:\sauvj\sauvegardes\180104.exe=>(ZIP Sfx 2o)=>OE/{DEFBCDA7-3DEA-40D5-9E83-0C7662D382AB}/dbx/BoŒte de r‚ception.dbx=>(message 542)=>[Subject: Have you been naughty?][Date: Mon, 25 Nov 2002 19:19:28 +0100 (CET)]=>(MIME part)=>Aspi
Infected with: Win32.Bugbear.A@mm.Dam.2
E:\sauvj\sauvegardes\180104.exe=>(ZIP Sfx 2o)=>OE/{DEFBCDA7-3DEA-40D5-9E83-0C7662D382AB}/dbx/BoŒte de r‚ception.dbx=>(message 542)=>[Subject: Have you been naughty?][Date: Mon, 25 Nov 2002 19:19:28 +0100 (CET)]=>(MIME part)=>Aspi
Disinfection failed
E:\sauvj\sauvegardes\180104.exe=>(ZIP Sfx 2o)=>OE/{DEFBCDA7-3DEA-40D5-9E83-0C7662D382AB}/dbx/BoŒte de r‚ception.dbx=>(message 542)=>[Subject: Have you been naughty?][Date: Mon, 25 Nov 2002 19:19:28 +0100 (CET)]=>(MIME part)=>Aspi
Deleted
E:\sauvj\sauvegardes\180104.exe=>(ZIP Sfx 2o)=>OE/{DEFBCDA7-3DEA-40D5-9E83-0C7662D382AB}/dbx/BoŒte de r‚ception.dbx=>(message 542)=>[Subject: Have you been naughty?][Date: Mon, 25 Nov 2002 19:19:28 +0100 (CET)]=>(MIME part)
Updated
E:\sauvj\sauvegardes\180104.exe=>(ZIP Sfx 2o)=>OE/{DEFBCDA7-3DEA-40D5-9E83-0C7662D382AB}/dbx/BoŒte de r‚ception.dbx=>(message 542)
Updated
E:\sauvj\sauvegardes\180104.exe=>(ZIP Sfx 2o)=>OE/{DEFBCDA7-3DEA-40D5-9E83-0C7662D382AB}/dbx/BoŒte de r‚ception.dbx
Update failed
E:\sauvj\sauvegardes\180104.exe=>(ZIP Sfx 2o)=>OE/{DEFBCDA7-3DEA-40D5-9E83-0C7662D382AB}/dbx/BoŒte de r‚ception.dbx=>(message 893)=>[Subject: Microsoft Outlook Express 5][Date: Sun, 13 Oct 2002 03:40:30 +0200 (added]=>(MIME part)=>(message body)
Suspected of: Exploit.Iframe.Vulnerability
E:\sauvj\sauvegardes\180104.exe=>(ZIP Sfx 2o)=>OE/{DEFBCDA7-3DEA-40D5-9E83-0C7662D382AB}/dbx/BoŒte de r‚ception.dbx=>(message 893)=>[Subject: Microsoft Outlook Express 5][Date: Sun, 13 Oct 2002 03:40:30 +0200 (added]=>(MIME part)=>(message body)
Disinfection failed
E:\sauvj\sauvegardes\180104.exe=>(ZIP Sfx 2o)=>OE/{DEFBCDA7-3DEA-40D5-9E83-0C7662D382AB}/dbx/BoŒte de r‚ception.dbx=>(message 893)=>[Subject: Microsoft Outlook Express 5][Date: Sun, 13 Oct 2002 03:40:30 +0200 (added]=>(MIME part)=>(message body)
Deleted
E:\sauvj\sauvegardes\180104.exe=>(ZIP Sfx 2o)=>OE/{DEFBCDA7-3DEA-40D5-9E83-0C7662D382AB}/dbx/BoŒte de r‚ception.dbx=>(message 893)=>[Subject: Microsoft Outlook Express 5][Date: Sun, 13 Oct 2002 03:40:30 +0200 (added]=>(MIME part)
Updated
E:\sauvj\sauvegardes\180104.exe=>(ZIP Sfx 2o)=>OE/{DEFBCDA7-3DEA-40D5-9E83-0C7662D382AB}/dbx/BoŒte de r‚ception.dbx=>(message 893)
Updated
E:\sauvj\sauvegardes\180104.exe=>(ZIP Sfx 2o)=>OE/{DEFBCDA7-3DEA-40D5-9E83-0C7662D382AB}/dbx/BoŒte de r‚ception.dbx=>(message 893)=>[Subject: Microsoft Outlook Express 5][Date: Sun, 13 Oct 2002 03:40:30 +0200 (added]=>(MIME part)=>Money.mny.exe
Infected with: Win32.Bugbear.A@mm.Dam.2
E:\sauvj\sauvegardes\180104.exe=>(ZIP Sfx 2o)=>OE/{DEFBCDA7-3DEA-40D5-9E83-0C7662D382AB}/dbx/BoŒte de r‚ception.dbx=>(message 893)=>[Subject: Microsoft Outlook Express 5][Date: Sun, 13 Oct 2002 03:40:30 +0200 (added]=>(MIME part)=>Money.mny.exe
Disinfection failed
E:\sauvj\sauvegardes\180104.exe=>(ZIP Sfx 2o)=>OE/{DEFBCDA7-3DEA-40D5-9E83-0C7662D382AB}/dbx/BoŒte de r‚ception.dbx=>(message 893)=>[Subject: Microsoft Outlook Express 5][Date: Sun, 13 Oct 2002 03:40:30 +0200 (added]=>(MIME part)=>Money.mny.exe
Deleted
E:\sauvj\sauvegardes\180104.exe=>(ZIP Sfx 2o)=>OE/{DEFBCDA7-3DEA-40D5-9E83-0C7662D382AB}/dbx/BoŒte de r‚ception.dbx=>(message 893)=>[Subject: Microsoft Outlook Express 5][Date: Sun, 13 Oct 2002 03:40:30 +0200 (added]=>(MIME part)
Updated
E:\sauvj\sauvegardes\180104.exe=>(ZIP Sfx 2o)=>OE/{DEFBCDA7-3DEA-40D5-9E83-0C7662D382AB}/dbx/BoŒte de r‚ception.dbx=>(message 893)
Updated
E:\sauvj\sauvegardes\180104.exe=>(ZIP Sfx 2o)=>OE/{DEFBCDA7-3DEA-40D5-9E83-0C7662D382AB}/dbx/BoŒte de r‚ception.dbx
Update failed
E:\sauvj\sauvegardes\180104.exe=>(ZIP Sfx 2o)=>OE/{DEFBCDA7-3DEA-40D5-9E83-0C7662D382AB}/dbx/BoŒte de r‚ception.dbx=>(message 972)=>[Subject: LES POISSONS ][Date: Tue,10 Sep 2002 12:18:35 PM]=>(MIME part)=>(message body)
Suspected of: Exploit.Iframe.Vulnerability
E:\sauvj\sauvegardes\180104.exe=>(ZIP Sfx 2o)=>OE/{DEFBCDA7-3DEA-40D5-9E83-0C7662D382AB}/dbx/BoŒte de r‚ception.dbx=>(message 972)=>[Subject: LES POISSONS ][Date: Tue,10 Sep 2002 12:18:35 PM]=>(MIME part)=>(message body)
Disinfection failed
E:\sauvj\sauvegardes\180104.exe=>(ZIP Sfx 2o)=>OE/{DEFBCDA7-3DEA-40D5-9E83-0C7662D382AB}/dbx/BoŒte de r‚ception.dbx=>(message 972)=>[Subject: LES POISSONS ][Date: Tue,10 Sep 2002 12:18:35 PM]=>(MIME part)=>(message body)
Deleted
E:\sauvj\sauvegardes\180104.exe=>(ZIP Sfx 2o)=>OE/{DEFBCDA7-3DEA-40D5-9E83-0C7662D382AB}/dbx/BoŒte de r‚ception.dbx=>(message 972)=>[Subject: LES POISSONS ][Date: Tue,10 Sep 2002 12:18:35 PM]=>(MIME part)
Updated
E:\sauvj\sauvegardes\180104.exe=>(ZIP Sfx 2o)=>OE/{DEFBCDA7-3DEA-40D5-9E83-0C7662D382AB}/dbx/BoŒte de r‚ception.dbx=>(message 972)
Updated
E:\sauvj\sauvegardes\180104.exe=>(ZIP Sfx 2o)=>OE/{DEFBCDA7-3DEA-40D5-9E83-0C7662D382AB}/dbx/BoŒte de r‚ception.dbx=>(message 972)=>[Subject: LES POISSONS ][Date: Tue,10 Sep 2002 12:18:35 PM]=>(MIME part)=>LES POISSONS .zip.bat
Infected with: Win32.Yahaa.E@mm
E:\sauvj\sauvegardes\180104.exe=>(ZIP Sfx 2o)=>OE/{DEFBCDA7-3DEA-40D5-9E83-0C7662D382AB}/dbx/BoŒte de r‚ception.dbx=>(message 972)=>[Subject: LES POISSONS ][Date: Tue,10 Sep 2002 12:18:35 PM]=>(MIME part)=>LES POISSONS .zip.bat
Deleted
E:\sauvj\sauvegardes\180104.exe=>(ZIP Sfx 2o)=>OE/{DEFBCDA7-3DEA-40D5-9E83-0C7662D382AB}/dbx/BoŒte de r‚ception.dbx=>(message 972)=>[Subject: LES POISSONS ][Date: Tue,10 Sep 2002 12:18:35 PM]=>(MIME part)
Updated
E:\sauvj\sauvegardes\180104.exe=>(ZIP Sfx 2o)=>OE/{DEFBCDA7-3DEA-40D5-9E83-0C7662D382AB}/dbx/BoŒte de r‚ception.dbx=>(message 972)
Updated
E:\sauvj\sauvegardes\180104.exe=>(ZIP Sfx 2o)=>OE/{DEFBCDA7-3DEA-40D5-9E83-0C7662D382AB}/dbx/BoŒte de r‚ception.dbx
Update failed
BitDefender Online Scanner
Scan report generated at: Sat, Jan 20, 2007 - 03:30:54
Scan path: A:\;C:\;D:\;E:\;F:\;G:\;
Statistics
Time
03:36:31
Files
1207041
Folders
12747
Boot Sectors
5
Archives
61031
Packed Files
59566
Results
Identified Viruses
7
Infected Files
10
Suspect Files
9
Warnings
0
Disinfected
0
Deleted Files
19
Engines Info
Virus Definitions
389846
Engine build
AVCORE v1.0 (build 2371) (i386) (Dec 13 2006 11:16:42)
Scan plugins
14
Archive plugins
38
Unpack plugins
6
E-mail plugins
6
System plugins
1
Scan Settings
First Action
Disinfect
Second Action
Delete
Heuristics
Yes
Enable Warnings
Yes
Scanned Extensions
*;
Exclude Extensions
Scan Emails
Yes
Scan Archives
Yes
Scan Packed
Yes
Scan Files
Yes
Scan Boot
Yes
Scanned File
Status
D:\sauvi\sauvegardes\180104.exe=>(ZIP Sfx 2o)=>OE/{DEFBCDA7-3DEA-40D5-9E83-0C7662D382AB}/dbx/BoŒte de r‚ception.dbx=>(message 104)=>[Subject: bug notice][Date: Mon, 03 Nov 2003 23:22:48 +0000]=>(MIME part)=>(message body)
Suspected of: Exploit.Iframe.Vulnerability
D:\sauvi\sauvegardes\180104.exe=>(ZIP Sfx 2o)=>OE/{DEFBCDA7-3DEA-40D5-9E83-0C7662D382AB}/dbx/BoŒte de r‚ception.dbx=>(message 104)=>[Subject: bug notice][Date: Mon, 03 Nov 2003 23:22:48 +0000]=>(MIME part)=>(message body)
Disinfection failed
D:\sauvi\sauvegardes\180104.exe=>(ZIP Sfx 2o)=>OE/{DEFBCDA7-3DEA-40D5-9E83-0C7662D382AB}/dbx/BoŒte de r‚ception.dbx=>(message 104)=>[Subject: bug notice][Date: Mon, 03 Nov 2003 23:22:48 +0000]=>(MIME part)=>(message body)
Deleted
D:\sauvi\sauvegardes\180104.exe=>(ZIP Sfx 2o)=>OE/{DEFBCDA7-3DEA-40D5-9E83-0C7662D382AB}/dbx/BoŒte de r‚ception.dbx=>(message 104)=>[Subject: bug notice][Date: Mon, 03 Nov 2003 23:22:48 +0000]=>(MIME part)
Updated
D:\sauvi\sauvegardes\180104.exe=>(ZIP Sfx 2o)=>OE/{DEFBCDA7-3DEA-40D5-9E83-0C7662D382AB}/dbx/BoŒte de r‚ception.dbx=>(message 104)
Updated
D:\sauvi\sauvegardes\180104.exe=>(ZIP Sfx 2o)=>OE/{DEFBCDA7-3DEA-40D5-9E83-0C7662D382AB}/dbx/BoŒte de r‚ception.dbx=>(message 104)=>[Subject: bug notice][Date: Mon, 03 Nov 2003 23:22:48 +0000]=>(MIME part)=>emzwf.exe
Infected with: Win32.Swen.A@mm
D:\sauvi\sauvegardes\180104.exe=>(ZIP Sfx 2o)=>OE/{DEFBCDA7-3DEA-40D5-9E83-0C7662D382AB}/dbx/BoŒte de r‚ception.dbx=>(message 104)=>[Subject: bug notice][Date: Mon, 03 Nov 2003 23:22:48 +0000]=>(MIME part)=>emzwf.exe
Deleted
D:\sauvi\sauvegardes\180104.exe=>(ZIP Sfx 2o)=>OE/{DEFBCDA7-3DEA-40D5-9E83-0C7662D382AB}/dbx/BoŒte de r‚ception.dbx=>(message 104)=>[Subject: bug notice][Date: Mon, 03 Nov 2003 23:22:48 +0000]=>(MIME part)
Updated
D:\sauvi\sauvegardes\180104.exe=>(ZIP Sfx 2o)=>OE/{DEFBCDA7-3DEA-40D5-9E83-0C7662D382AB}/dbx/BoŒte de r‚ception.dbx=>(message 104)
Updated
D:\sauvi\sauvegardes\180104.exe=>(ZIP Sfx 2o)=>OE/{DEFBCDA7-3DEA-40D5-9E83-0C7662D382AB}/dbx/BoŒte de r‚ception.dbx
Update failed
D:\sauvi\sauvegardes\180104.exe=>(ZIP Sfx 2o)=>OE/{DEFBCDA7-3DEA-40D5-9E83-0C7662D382AB}/dbx/BoŒte de r‚ception.dbx=>(message 542)=>[Subject: Have you been naughty?][Date: Mon, 25 Nov 2002 19:19:28 +0100 (CET)]=>(MIME part)=>(message body)
Suspected of: Exploit.Iframe.Vulnerability
D:\sauvi\sauvegardes\180104.exe=>(ZIP Sfx 2o)=>OE/{DEFBCDA7-3DEA-40D5-9E83-0C7662D382AB}/dbx/BoŒte de r‚ception.dbx=>(message 542)=>[Subject: Have you been naughty?][Date: Mon, 25 Nov 2002 19:19:28 +0100 (CET)]=>(MIME part)=>(message body)
Disinfection failed
D:\sauvi\sauvegardes\180104.exe=>(ZIP Sfx 2o)=>OE/{DEFBCDA7-3DEA-40D5-9E83-0C7662D382AB}/dbx/BoŒte de r‚ception.dbx=>(message 542)=>[Subject: Have you been naughty?][Date: Mon, 25 Nov 2002 19:19:28 +0100 (CET)]=>(MIME part)=>(message body)
Deleted
D:\sauvi\sauvegardes\180104.exe=>(ZIP Sfx 2o)=>OE/{DEFBCDA7-3DEA-40D5-9E83-0C7662D382AB}/dbx/BoŒte de r‚ception.dbx=>(message 542)=>[Subject: Have you been naughty?][Date: Mon, 25 Nov 2002 19:19:28 +0100 (CET)]=>(MIME part)
Updated
D:\sauvi\sauvegardes\180104.exe=>(ZIP Sfx 2o)=>OE/{DEFBCDA7-3DEA-40D5-9E83-0C7662D382AB}/dbx/BoŒte de r‚ception.dbx=>(message 542)
Updated
D:\sauvi\sauvegardes\180104.exe=>(ZIP Sfx 2o)=>OE/{DEFBCDA7-3DEA-40D5-9E83-0C7662D382AB}/dbx/BoŒte de r‚ception.dbx=>(message 542)=>[Subject: Have you been naughty?][Date: Mon, 25 Nov 2002 19:19:28 +0100 (CET)]=>(MIME part)=>Aspi
Infected with: Win32.Bugbear.A@mm.Dam.2
D:\sauvi\sauvegardes\180104.exe=>(ZIP Sfx 2o)=>OE/{DEFBCDA7-3DEA-40D5-9E83-0C7662D382AB}/dbx/BoŒte de r‚ception.dbx=>(message 542)=>[Subject: Have you been naughty?][Date: Mon, 25 Nov 2002 19:19:28 +0100 (CET)]=>(MIME part)=>Aspi
Disinfection failed
D:\sauvi\sauvegardes\180104.exe=>(ZIP Sfx 2o)=>OE/{DEFBCDA7-3DEA-40D5-9E83-0C7662D382AB}/dbx/BoŒte de r‚ception.dbx=>(message 542)=>[Subject: Have you been naughty?][Date: Mon, 25 Nov 2002 19:19:28 +0100 (CET)]=>(MIME part)=>Aspi
Deleted
D:\sauvi\sauvegardes\180104.exe=>(ZIP Sfx 2o)=>OE/{DEFBCDA7-3DEA-40D5-9E83-0C7662D382AB}/dbx/BoŒte de r‚ception.dbx=>(message 542)=>[Subject: Have you been naughty?][Date: Mon, 25 Nov 2002 19:19:28 +0100 (CET)]=>(MIME part)
Updated
D:\sauvi\sauvegardes\180104.exe=>(ZIP Sfx 2o)=>OE/{DEFBCDA7-3DEA-40D5-9E83-0C7662D382AB}/dbx/BoŒte de r‚ception.dbx=>(message 542)
Updated
D:\sauvi\sauvegardes\180104.exe=>(ZIP Sfx 2o)=>OE/{DEFBCDA7-3DEA-40D5-9E83-0C7662D382AB}/dbx/BoŒte de r‚ception.dbx
Update failed
D:\sauvi\sauvegardes\180104.exe=>(ZIP Sfx 2o)=>OE/{DEFBCDA7-3DEA-40D5-9E83-0C7662D382AB}/dbx/BoŒte de r‚ception.dbx=>(message 893)=>[Subject: Microsoft Outlook Express 5][Date: Sun, 13 Oct 2002 03:40:30 +0200 (added]=>(MIME part)=>(message body)
Suspected of: Exploit.Iframe.Vulnerability
D:\sauvi\sauvegardes\180104.exe=>(ZIP Sfx 2o)=>OE/{DEFBCDA7-3DEA-40D5-9E83-0C7662D382AB}/dbx/BoŒte de r‚ception.dbx=>(message 893)=>[Subject: Microsoft Outlook Express 5][Date: Sun, 13 Oct 2002 03:40:30 +0200 (added]=>(MIME part)=>(message body)
Disinfection failed
D:\sauvi\sauvegardes\180104.exe=>(ZIP Sfx 2o)=>OE/{DEFBCDA7-3DEA-40D5-9E83-0C7662D382AB}/dbx/BoŒte de r‚ception.dbx=>(message 893)=>[Subject: Microsoft Outlook Express 5][Date: Sun, 13 Oct 2002 03:40:30 +0200 (added]=>(MIME part)=>(message body)
Deleted
D:\sauvi\sauvegardes\180104.exe=>(ZIP Sfx 2o)=>OE/{DEFBCDA7-3DEA-40D5-9E83-0C7662D382AB}/dbx/BoŒte de r‚ception.dbx=>(message 893)=>[Subject: Microsoft Outlook Express 5][Date: Sun, 13 Oct 2002 03:40:30 +0200 (added]=>(MIME part)
Updated
D:\sauvi\sauvegardes\180104.exe=>(ZIP Sfx 2o)=>OE/{DEFBCDA7-3DEA-40D5-9E83-0C7662D382AB}/dbx/BoŒte de r‚ception.dbx=>(message 893)
Updated
D:\sauvi\sauvegardes\180104.exe=>(ZIP Sfx 2o)=>OE/{DEFBCDA7-3DEA-40D5-9E83-0C7662D382AB}/dbx/BoŒte de r‚ception.dbx=>(message 893)=>[Subject: Microsoft Outlook Express 5][Date: Sun, 13 Oct 2002 03:40:30 +0200 (added]=>(MIME part)=>Money.mny.exe
Infected with: Win32.Bugbear.A@mm.Dam.2
D:\sauvi\sauvegardes\180104.exe=>(ZIP Sfx 2o)=>OE/{DEFBCDA7-3DEA-40D5-9E83-0C7662D382AB}/dbx/BoŒte de r‚ception.dbx=>(message 893)=>[Subject: Microsoft Outlook Express 5][Date: Sun, 13 Oct 2002 03:40:30 +0200 (added]=>(MIME part)=>Money.mny.exe
Disinfection failed
D:\sauvi\sauvegardes\180104.exe=>(ZIP Sfx 2o)=>OE/{DEFBCDA7-3DEA-40D5-9E83-0C7662D382AB}/dbx/BoŒte de r‚ception.dbx=>(message 893)=>[Subject: Microsoft Outlook Express 5][Date: Sun, 13 Oct 2002 03:40:30 +0200 (added]=>(MIME part)=>Money.mny.exe
Deleted
D:\sauvi\sauvegardes\180104.exe=>(ZIP Sfx 2o)=>OE/{DEFBCDA7-3DEA-40D5-9E83-0C7662D382AB}/dbx/BoŒte de r‚ception.dbx=>(message 893)=>[Subject: Microsoft Outlook Express 5][Date: Sun, 13 Oct 2002 03:40:30 +0200 (added]=>(MIME part)
Updated
D:\sauvi\sauvegardes\180104.exe=>(ZIP Sfx 2o)=>OE/{DEFBCDA7-3DEA-40D5-9E83-0C7662D382AB}/dbx/BoŒte de r‚ception.dbx=>(message 893)
Updated
D:\sauvi\sauvegardes\180104.exe=>(ZIP Sfx 2o)=>OE/{DEFBCDA7-3DEA-40D5-9E83-0C7662D382AB}/dbx/BoŒte de r‚ception.dbx
Update failed
D:\sauvi\sauvegardes\180104.exe=>(ZIP Sfx 2o)=>OE/{DEFBCDA7-3DEA-40D5-9E83-0C7662D382AB}/dbx/BoŒte de r‚ception.dbx=>(message 972)=>[Subject: LES POISSONS ][Date: Tue,10 Sep 2002 12:18:35 PM]=>(MIME part)=>(message body)
Suspected of: Exploit.Iframe.Vulnerability
D:\sauvi\sauvegardes\180104.exe=>(ZIP Sfx 2o)=>OE/{DEFBCDA7-3DEA-40D5-9E83-0C7662D382AB}/dbx/BoŒte de r‚ception.dbx=>(message 972)=>[Subject: LES POISSONS ][Date: Tue,10 Sep 2002 12:18:35 PM]=>(MIME part)=>(message body)
Disinfection failed
D:\sauvi\sauvegardes\180104.exe=>(ZIP Sfx 2o)=>OE/{DEFBCDA7-3DEA-40D5-9E83-0C7662D382AB}/dbx/BoŒte de r‚ception.dbx=>(message 972)=>[Subject: LES POISSONS ][Date: Tue,10 Sep 2002 12:18:35 PM]=>(MIME part)=>(message body)
Deleted
D:\sauvi\sauvegardes\180104.exe=>(ZIP Sfx 2o)=>OE/{DEFBCDA7-3DEA-40D5-9E83-0C7662D382AB}/dbx/BoŒte de r‚ception.dbx=>(message 972)=>[Subject: LES POISSONS ][Date: Tue,10 Sep 2002 12:18:35 PM]=>(MIME part)
Updated
D:\sauvi\sauvegardes\180104.exe=>(ZIP Sfx 2o)=>OE/{DEFBCDA7-3DEA-40D5-9E83-0C7662D382AB}/dbx/BoŒte de r‚ception.dbx=>(message 972)
Updated
D:\sauvi\sauvegardes\180104.exe=>(ZIP Sfx 2o)=>OE/{DEFBCDA7-3DEA-40D5-9E83-0C7662D382AB}/dbx/BoŒte de r‚ception.dbx=>(message 972)=>[Subject: LES POISSONS ][Date: Tue,10 Sep 2002 12:18:35 PM]=>(MIME part)=>LES POISSONS .zip.bat
Infected with: Win32.Yahaa.E@mm
D:\sauvi\sauvegardes\180104.exe=>(ZIP Sfx 2o)=>OE/{DEFBCDA7-3DEA-40D5-9E83-0C7662D382AB}/dbx/BoŒte de r‚ception.dbx=>(message 972)=>[Subject: LES POISSONS ][Date: Tue,10 Sep 2002 12:18:35 PM]=>(MIME part)=>LES POISSONS .zip.bat
Deleted
D:\sauvi\sauvegardes\180104.exe=>(ZIP Sfx 2o)=>OE/{DEFBCDA7-3DEA-40D5-9E83-0C7662D382AB}/dbx/BoŒte de r‚ception.dbx=>(message 972)=>[Subject: LES POISSONS ][Date: Tue,10 Sep 2002 12:18:35 PM]=>(MIME part)
Updated
D:\sauvi\sauvegardes\180104.exe=>(ZIP Sfx 2o)=>OE/{DEFBCDA7-3DEA-40D5-9E83-0C7662D382AB}/dbx/BoŒte de r‚ception.dbx=>(message 972)
Updated
D:\sauvi\sauvegardes\180104.exe=>(ZIP Sfx 2o)=>OE/{DEFBCDA7-3DEA-40D5-9E83-0C7662D382AB}/dbx/BoŒte de r‚ception.dbx
Update failed
D:\sauvj\download\Doc réseau\Talking Greeting\tgmaker.exe=>wise0027
Suspected of: BehavesLike:Trojan.Downloader
D:\sauvj\download\Doc réseau\Talking Greeting\tgmaker.exe=>wise0027
Disinfection failed
D:\sauvj\download\Doc réseau\Talking Greeting\tgmaker.exe=>wise0027
Deleted
D:\sauvj\download\Doc réseau\Talking Greeting\tgmaker.exe
Update failed
D:\sauvk\stockoutlook\listes_diff.dbx=>(message 34)=>[Subject: Registration Confirmation][Date: Tue, 03 May 2005 23:51:28 GMT]=>(MIME part)=>account_info.zip=>Winzipped-Text_Data.txt .pif
Infected with: Win32.Sober.P@mm
D:\sauvk\stockoutlook\listes_diff.dbx=>(message 34)=>[Subject: Registration Confirmation][Date: Tue, 03 May 2005 23:51:28 GMT]=>(MIME part)=>account_info.zip=>Winzipped-Text_Data.txt .pif
Disinfection failed
D:\sauvk\stockoutlook\listes_diff.dbx=>(message 34)=>[Subject: Registration Confirmation][Date: Tue, 03 May 2005 23:51:28 GMT]=>(MIME part)=>account_info.zip=>Winzipped-Text_Data.txt .pif
Deleted
D:\sauvk\stockoutlook\listes_diff.dbx=>(message 34)=>[Subject: Registration Confirmation][Date: Tue, 03 May 2005 23:51:28 GMT]=>(MIME part)=>account_info.zip
Updated
D:\sauvk\stockoutlook\listes_diff.dbx=>(message 34)=>[Subject: Registration Confirmation][Date: Tue, 03 May 2005 23:51:28 GMT]=>(MIME part)
Updated
D:\sauvk\stockoutlook\listes_diff.dbx=>(message 34)
Updated
D:\sauvk\stockoutlook\listes_diff.dbx
Update failed
D:\stockoutlookbis\listes_diff.dbx=>(message 34)=>[Subject: Registration Confirmation][Date: Tue, 03 May 2005 23:51:28 GMT]=>(MIME part)=>account_info.zip=>Winzipped-Text_Data.txt .pif
Infected with: Win32.Sober.P@mm
D:\stockoutlookbis\listes_diff.dbx=>(message 34)=>[Subject: Registration Confirmation][Date: Tue, 03 May 2005 23:51:28 GMT]=>(MIME part)=>account_info.zip=>Winzipped-Text_Data.txt .pif
Disinfection failed
D:\stockoutlookbis\listes_diff.dbx=>(message 34)=>[Subject: Registration Confirmation][Date: Tue, 03 May 2005 23:51:28 GMT]=>(MIME part)=>account_info.zip=>Winzipped-Text_Data.txt .pif
Deleted
D:\stockoutlookbis\listes_diff.dbx=>(message 34)=>[Subject: Registration Confirmation][Date: Tue, 03 May 2005 23:51:28 GMT]=>(MIME part)=>account_info.zip
Updated
D:\stockoutlookbis\listes_diff.dbx=>(message 34)=>[Subject: Registration Confirmation][Date: Tue, 03 May 2005 23:51:28 GMT]=>(MIME part)
Updated
D:\stockoutlookbis\listes_diff.dbx=>(message 34)
Updated
D:\stockoutlookbis\listes_diff.dbx
Update failed
E:\sauvj\sauvegardes\180104.exe=>(ZIP Sfx 2o)=>OE/{DEFBCDA7-3DEA-40D5-9E83-0C7662D382AB}/dbx/BoŒte de r‚ception.dbx=>(message 104)=>[Subject: bug notice][Date: Mon, 03 Nov 2003 23:22:48 +0000]=>(MIME part)=>(message body)
Suspected of: Exploit.Iframe.Vulnerability
E:\sauvj\sauvegardes\180104.exe=>(ZIP Sfx 2o)=>OE/{DEFBCDA7-3DEA-40D5-9E83-0C7662D382AB}/dbx/BoŒte de r‚ception.dbx=>(message 104)=>[Subject: bug notice][Date: Mon, 03 Nov 2003 23:22:48 +0000]=>(MIME part)=>(message body)
Disinfection failed
E:\sauvj\sauvegardes\180104.exe=>(ZIP Sfx 2o)=>OE/{DEFBCDA7-3DEA-40D5-9E83-0C7662D382AB}/dbx/BoŒte de r‚ception.dbx=>(message 104)=>[Subject: bug notice][Date: Mon, 03 Nov 2003 23:22:48 +0000]=>(MIME part)=>(message body)
Deleted
E:\sauvj\sauvegardes\180104.exe=>(ZIP Sfx 2o)=>OE/{DEFBCDA7-3DEA-40D5-9E83-0C7662D382AB}/dbx/BoŒte de r‚ception.dbx=>(message 104)=>[Subject: bug notice][Date: Mon, 03 Nov 2003 23:22:48 +0000]=>(MIME part)
Updated
E:\sauvj\sauvegardes\180104.exe=>(ZIP Sfx 2o)=>OE/{DEFBCDA7-3DEA-40D5-9E83-0C7662D382AB}/dbx/BoŒte de r‚ception.dbx=>(message 104)
Updated
E:\sauvj\sauvegardes\180104.exe=>(ZIP Sfx 2o)=>OE/{DEFBCDA7-3DEA-40D5-9E83-0C7662D382AB}/dbx/BoŒte de r‚ception.dbx=>(message 104)=>[Subject: bug notice][Date: Mon, 03 Nov 2003 23:22:48 +0000]=>(MIME part)=>emzwf.exe
Infected with: Win32.Swen.A@mm
E:\sauvj\sauvegardes\180104.exe=>(ZIP Sfx 2o)=>OE/{DEFBCDA7-3DEA-40D5-9E83-0C7662D382AB}/dbx/BoŒte de r‚ception.dbx=>(message 104)=>[Subject: bug notice][Date: Mon, 03 Nov 2003 23:22:48 +0000]=>(MIME part)=>emzwf.exe
Deleted
E:\sauvj\sauvegardes\180104.exe=>(ZIP Sfx 2o)=>OE/{DEFBCDA7-3DEA-40D5-9E83-0C7662D382AB}/dbx/BoŒte de r‚ception.dbx=>(message 104)=>[Subject: bug notice][Date: Mon, 03 Nov 2003 23:22:48 +0000]=>(MIME part)
Updated
E:\sauvj\sauvegardes\180104.exe=>(ZIP Sfx 2o)=>OE/{DEFBCDA7-3DEA-40D5-9E83-0C7662D382AB}/dbx/BoŒte de r‚ception.dbx=>(message 104)
Updated
E:\sauvj\sauvegardes\180104.exe=>(ZIP Sfx 2o)=>OE/{DEFBCDA7-3DEA-40D5-9E83-0C7662D382AB}/dbx/BoŒte de r‚ception.dbx
Update failed
E:\sauvj\sauvegardes\180104.exe=>(ZIP Sfx 2o)=>OE/{DEFBCDA7-3DEA-40D5-9E83-0C7662D382AB}/dbx/BoŒte de r‚ception.dbx=>(message 542)=>[Subject: Have you been naughty?][Date: Mon, 25 Nov 2002 19:19:28 +0100 (CET)]=>(MIME part)=>(message body)
Suspected of: Exploit.Iframe.Vulnerability
E:\sauvj\sauvegardes\180104.exe=>(ZIP Sfx 2o)=>OE/{DEFBCDA7-3DEA-40D5-9E83-0C7662D382AB}/dbx/BoŒte de r‚ception.dbx=>(message 542)=>[Subject: Have you been naughty?][Date: Mon, 25 Nov 2002 19:19:28 +0100 (CET)]=>(MIME part)=>(message body)
Disinfection failed
E:\sauvj\sauvegardes\180104.exe=>(ZIP Sfx 2o)=>OE/{DEFBCDA7-3DEA-40D5-9E83-0C7662D382AB}/dbx/BoŒte de r‚ception.dbx=>(message 542)=>[Subject: Have you been naughty?][Date: Mon, 25 Nov 2002 19:19:28 +0100 (CET)]=>(MIME part)=>(message body)
Deleted
E:\sauvj\sauvegardes\180104.exe=>(ZIP Sfx 2o)=>OE/{DEFBCDA7-3DEA-40D5-9E83-0C7662D382AB}/dbx/BoŒte de r‚ception.dbx=>(message 542)=>[Subject: Have you been naughty?][Date: Mon, 25 Nov 2002 19:19:28 +0100 (CET)]=>(MIME part)
Updated
E:\sauvj\sauvegardes\180104.exe=>(ZIP Sfx 2o)=>OE/{DEFBCDA7-3DEA-40D5-9E83-0C7662D382AB}/dbx/BoŒte de r‚ception.dbx=>(message 542)
Updated
E:\sauvj\sauvegardes\180104.exe=>(ZIP Sfx 2o)=>OE/{DEFBCDA7-3DEA-40D5-9E83-0C7662D382AB}/dbx/BoŒte de r‚ception.dbx=>(message 542)=>[Subject: Have you been naughty?][Date: Mon, 25 Nov 2002 19:19:28 +0100 (CET)]=>(MIME part)=>Aspi
Infected with: Win32.Bugbear.A@mm.Dam.2
E:\sauvj\sauvegardes\180104.exe=>(ZIP Sfx 2o)=>OE/{DEFBCDA7-3DEA-40D5-9E83-0C7662D382AB}/dbx/BoŒte de r‚ception.dbx=>(message 542)=>[Subject: Have you been naughty?][Date: Mon, 25 Nov 2002 19:19:28 +0100 (CET)]=>(MIME part)=>Aspi
Disinfection failed
E:\sauvj\sauvegardes\180104.exe=>(ZIP Sfx 2o)=>OE/{DEFBCDA7-3DEA-40D5-9E83-0C7662D382AB}/dbx/BoŒte de r‚ception.dbx=>(message 542)=>[Subject: Have you been naughty?][Date: Mon, 25 Nov 2002 19:19:28 +0100 (CET)]=>(MIME part)=>Aspi
Deleted
E:\sauvj\sauvegardes\180104.exe=>(ZIP Sfx 2o)=>OE/{DEFBCDA7-3DEA-40D5-9E83-0C7662D382AB}/dbx/BoŒte de r‚ception.dbx=>(message 542)=>[Subject: Have you been naughty?][Date: Mon, 25 Nov 2002 19:19:28 +0100 (CET)]=>(MIME part)
Updated
E:\sauvj\sauvegardes\180104.exe=>(ZIP Sfx 2o)=>OE/{DEFBCDA7-3DEA-40D5-9E83-0C7662D382AB}/dbx/BoŒte de r‚ception.dbx=>(message 542)
Updated
E:\sauvj\sauvegardes\180104.exe=>(ZIP Sfx 2o)=>OE/{DEFBCDA7-3DEA-40D5-9E83-0C7662D382AB}/dbx/BoŒte de r‚ception.dbx
Update failed
E:\sauvj\sauvegardes\180104.exe=>(ZIP Sfx 2o)=>OE/{DEFBCDA7-3DEA-40D5-9E83-0C7662D382AB}/dbx/BoŒte de r‚ception.dbx=>(message 893)=>[Subject: Microsoft Outlook Express 5][Date: Sun, 13 Oct 2002 03:40:30 +0200 (added]=>(MIME part)=>(message body)
Suspected of: Exploit.Iframe.Vulnerability
E:\sauvj\sauvegardes\180104.exe=>(ZIP Sfx 2o)=>OE/{DEFBCDA7-3DEA-40D5-9E83-0C7662D382AB}/dbx/BoŒte de r‚ception.dbx=>(message 893)=>[Subject: Microsoft Outlook Express 5][Date: Sun, 13 Oct 2002 03:40:30 +0200 (added]=>(MIME part)=>(message body)
Disinfection failed
E:\sauvj\sauvegardes\180104.exe=>(ZIP Sfx 2o)=>OE/{DEFBCDA7-3DEA-40D5-9E83-0C7662D382AB}/dbx/BoŒte de r‚ception.dbx=>(message 893)=>[Subject: Microsoft Outlook Express 5][Date: Sun, 13 Oct 2002 03:40:30 +0200 (added]=>(MIME part)=>(message body)
Deleted
E:\sauvj\sauvegardes\180104.exe=>(ZIP Sfx 2o)=>OE/{DEFBCDA7-3DEA-40D5-9E83-0C7662D382AB}/dbx/BoŒte de r‚ception.dbx=>(message 893)=>[Subject: Microsoft Outlook Express 5][Date: Sun, 13 Oct 2002 03:40:30 +0200 (added]=>(MIME part)
Updated
E:\sauvj\sauvegardes\180104.exe=>(ZIP Sfx 2o)=>OE/{DEFBCDA7-3DEA-40D5-9E83-0C7662D382AB}/dbx/BoŒte de r‚ception.dbx=>(message 893)
Updated
E:\sauvj\sauvegardes\180104.exe=>(ZIP Sfx 2o)=>OE/{DEFBCDA7-3DEA-40D5-9E83-0C7662D382AB}/dbx/BoŒte de r‚ception.dbx=>(message 893)=>[Subject: Microsoft Outlook Express 5][Date: Sun, 13 Oct 2002 03:40:30 +0200 (added]=>(MIME part)=>Money.mny.exe
Infected with: Win32.Bugbear.A@mm.Dam.2
E:\sauvj\sauvegardes\180104.exe=>(ZIP Sfx 2o)=>OE/{DEFBCDA7-3DEA-40D5-9E83-0C7662D382AB}/dbx/BoŒte de r‚ception.dbx=>(message 893)=>[Subject: Microsoft Outlook Express 5][Date: Sun, 13 Oct 2002 03:40:30 +0200 (added]=>(MIME part)=>Money.mny.exe
Disinfection failed
E:\sauvj\sauvegardes\180104.exe=>(ZIP Sfx 2o)=>OE/{DEFBCDA7-3DEA-40D5-9E83-0C7662D382AB}/dbx/BoŒte de r‚ception.dbx=>(message 893)=>[Subject: Microsoft Outlook Express 5][Date: Sun, 13 Oct 2002 03:40:30 +0200 (added]=>(MIME part)=>Money.mny.exe
Deleted
E:\sauvj\sauvegardes\180104.exe=>(ZIP Sfx 2o)=>OE/{DEFBCDA7-3DEA-40D5-9E83-0C7662D382AB}/dbx/BoŒte de r‚ception.dbx=>(message 893)=>[Subject: Microsoft Outlook Express 5][Date: Sun, 13 Oct 2002 03:40:30 +0200 (added]=>(MIME part)
Updated
E:\sauvj\sauvegardes\180104.exe=>(ZIP Sfx 2o)=>OE/{DEFBCDA7-3DEA-40D5-9E83-0C7662D382AB}/dbx/BoŒte de r‚ception.dbx=>(message 893)
Updated
E:\sauvj\sauvegardes\180104.exe=>(ZIP Sfx 2o)=>OE/{DEFBCDA7-3DEA-40D5-9E83-0C7662D382AB}/dbx/BoŒte de r‚ception.dbx
Update failed
E:\sauvj\sauvegardes\180104.exe=>(ZIP Sfx 2o)=>OE/{DEFBCDA7-3DEA-40D5-9E83-0C7662D382AB}/dbx/BoŒte de r‚ception.dbx=>(message 972)=>[Subject: LES POISSONS ][Date: Tue,10 Sep 2002 12:18:35 PM]=>(MIME part)=>(message body)
Suspected of: Exploit.Iframe.Vulnerability
E:\sauvj\sauvegardes\180104.exe=>(ZIP Sfx 2o)=>OE/{DEFBCDA7-3DEA-40D5-9E83-0C7662D382AB}/dbx/BoŒte de r‚ception.dbx=>(message 972)=>[Subject: LES POISSONS ][Date: Tue,10 Sep 2002 12:18:35 PM]=>(MIME part)=>(message body)
Disinfection failed
E:\sauvj\sauvegardes\180104.exe=>(ZIP Sfx 2o)=>OE/{DEFBCDA7-3DEA-40D5-9E83-0C7662D382AB}/dbx/BoŒte de r‚ception.dbx=>(message 972)=>[Subject: LES POISSONS ][Date: Tue,10 Sep 2002 12:18:35 PM]=>(MIME part)=>(message body)
Deleted
E:\sauvj\sauvegardes\180104.exe=>(ZIP Sfx 2o)=>OE/{DEFBCDA7-3DEA-40D5-9E83-0C7662D382AB}/dbx/BoŒte de r‚ception.dbx=>(message 972)=>[Subject: LES POISSONS ][Date: Tue,10 Sep 2002 12:18:35 PM]=>(MIME part)
Updated
E:\sauvj\sauvegardes\180104.exe=>(ZIP Sfx 2o)=>OE/{DEFBCDA7-3DEA-40D5-9E83-0C7662D382AB}/dbx/BoŒte de r‚ception.dbx=>(message 972)
Updated
E:\sauvj\sauvegardes\180104.exe=>(ZIP Sfx 2o)=>OE/{DEFBCDA7-3DEA-40D5-9E83-0C7662D382AB}/dbx/BoŒte de r‚ception.dbx=>(message 972)=>[Subject: LES POISSONS ][Date: Tue,10 Sep 2002 12:18:35 PM]=>(MIME part)=>LES POISSONS .zip.bat
Infected with: Win32.Yahaa.E@mm
E:\sauvj\sauvegardes\180104.exe=>(ZIP Sfx 2o)=>OE/{DEFBCDA7-3DEA-40D5-9E83-0C7662D382AB}/dbx/BoŒte de r‚ception.dbx=>(message 972)=>[Subject: LES POISSONS ][Date: Tue,10 Sep 2002 12:18:35 PM]=>(MIME part)=>LES POISSONS .zip.bat
Deleted
E:\sauvj\sauvegardes\180104.exe=>(ZIP Sfx 2o)=>OE/{DEFBCDA7-3DEA-40D5-9E83-0C7662D382AB}/dbx/BoŒte de r‚ception.dbx=>(message 972)=>[Subject: LES POISSONS ][Date: Tue,10 Sep 2002 12:18:35 PM]=>(MIME part)
Updated
E:\sauvj\sauvegardes\180104.exe=>(ZIP Sfx 2o)=>OE/{DEFBCDA7-3DEA-40D5-9E83-0C7662D382AB}/dbx/BoŒte de r‚ception.dbx=>(message 972)
Updated
E:\sauvj\sauvegardes\180104.exe=>(ZIP Sfx 2o)=>OE/{DEFBCDA7-3DEA-40D5-9E83-0C7662D382AB}/dbx/BoŒte de r‚ception.dbx
Update failed
