Recherche :

Aide Matos : AlainM Bla-bla : gremi357, 1 utilisateur anonyme et 12 utilisateurs inconnus

Mot : Pseudo : Filtrer
Bas de page
Auteur	Sujet : désinfection pop-up,

bestiole

j'ai suivi la procédure: voila les rapports:

Logfile of HijackThis v1.99.1
Scan saved at 13:01:56, on 09/06/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16441)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\david\Mes documents\Mes téléchargements\hijackthis\aideonline.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {BE89472C-B803-4D1D-9A9A-0A63660E0FE3} - C:\PROGRA~1\COPERN~1\COPERN~1.DLL
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - (no file)
O2 - BHO: (no name) - {6F282B65-56BF-4BD1-A8B2-A4449A05863D} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Copernic Agent - {F2E259E8-0FC8-438C-A6E0-342DD80FA53E} - C:\Program Files\Copernic Agent\CopernicAgentExt.dll
O3 - Toolbar: (no name) - {6F282B65-56BF-4BD1-A8B2-A4449A05863D} - (no file)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"
O4 - Global Startup: Microsoft Office.lnk = D:\Program Files\office\Office\OSA9.EXE
O8 - Extra context menu item: Chercher avec Copernic Agent - res://C:\Program Files\Copernic Agent\CopernicAgentExt.rdl/INTEGRATION_MENU_SEARCHEXT
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: (no name) - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE
O9 - Extra 'Tools' menuitem: Démarrer Copernic Agent - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE
O9 - Extra button: (no name) - {1A93C934-025B-4c3a-B38E-9654A7003239} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra 'Tools' menuitem: GamesBar - {1A93C934-025B-4c3a-B38E-9654A7003239} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: Créer un Favori de l'appareil mobile - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INETREPL.DLL
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INETREPL.DLL
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INETREPL.DLL
O9 - Extra button: Copernic Agent - {688DC797-DC11-46A7-9F1B-445F4F58CE6E} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.5) - http://eu-housecall.trendmicro-eur [...] hcImpl.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/bina [...] b31267.cab
O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class) -
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/micros [...] 0243401359
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537 [...] scan53.cab
O16 - DPF: {87AF076E-D86D-4E87-ADDD-F05804E1F150} (VirginMega DownloadManager) - http://www.virginmega.fr/DownloadM [...] ownMan.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/bina [...] b31267.cab
O16 - DPF: {AA59202C-5E41-48FC-AF7D-324F5FD6A9F1} - http://es6-scripts.dlv4.com/binari [...] _em_XP.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{B31ACDC6-9281-4AC1-87E6-F94A8FF564B0}: NameServer = 80.10.246.1,80.10.246.132
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe

VG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------

+ Créé à: 11:31:05 09/06/2007

+ Résultat de l'analyse:

C:\Documents and Settings\david\Cookies\david@estat[1].txt -> TrackingCookie.Estat : Nettoyé.
C:\Documents and Settings\david\Cookies\david@weborama[2].txt -> TrackingCookie.Weborama : Nettoyé.

09/06/2007 a 13:55:24,20

*** Recherche des fichiers dans C:

*** Recherche des fichiers dans C:\WINDOWS\

*** Recherche des fichiers dans C:\WINDOWS\system32
C:\WINDOWS\system32\f3PSSavr.scr FOUND
"C:\Documents and Settings\david\Application Data\MessengerSkinner\" FOUND

*** Recherche des fichiers dans C:\Program Files
"C:\Program Files\Download Plugin\DlPlugin-Moz\" FOUND
"C:\Program Files\Download Plugin\" FOUND
"C:\Program Files\Mozilla Firefox\plugins\NPMyWebS.dll" FOUND
"C:\Program Files\msn messenger\riched20.dll" FOUND
"C:\Program Files\MessengerSkinner\" FOUND
*** Fin du rapport !

merci de votre aise :jap:

synthexe

Anti-Malware Power

Bonsoir

Pour commencer, tu n'as pas de firewall, c'est indispensable d'en installer un pour un minimum de sécurité ...
Le parefeu windows ne bloque QUE LES ENTREES, il ne bloque aucune sortie, ce qui fait que lorsque l'on est infecté, toutes les infos récupérées par les éditeurs de malwares peuvent sortir en douce sans que tu ne les apercoives, ce qui n'est pas le cas des parefeux suivants, qui bloque les entrées ET les sorties.

Tu DOIS ABSOLUMENT installer un FIREWALL, en voila 4, gratuits et performants :
Tu as par exemple zone alarm, parefeu gratuit et performant :

Téléchargement de ZoneAlarm : http://www.zonelabs.com/store/cont [...] y=&lang=fr
Tutorial de configuration : http://speedweb1.free.fr/frames2.php?page=tuto1

Tu as aussi Kerio Personnal Firewall très bon et gratuit aussi :

Téléchargement de Kerio : http://telechargement.zebulon.fr/license-1-82.html
Tutorial de configuration : http://www.vulgarisation-informatique.com/kerio.php

Jetico, que je n'ai pas testé mais dont j'ai eu de très bons échos :

Téléchargement de Jetico : http://www.jetico.com/download.htm
Tutorial de configuration : http://www.malekal.com/tutorial_JeticoFirewall.php

Outpost

Téléchargement d'Outpost : http://www.agnitum.com/products/ou [...] wnload.php
Tutorial de configuration : http://c.rosu.free.fr/Conf_outpost.htm

Tu es effectivement infecté, voila ce qu'on va faire :

Télécharge Navilog1 de Il-Mafioso.
Ensuite double clique sur navilog1.exe pour lancer l'installation.
Une fois l'installation terminée, le fix s'exécutera automatiquement.

(Si ce n'est pas le cas, double-clique sur le raccourci Navilog1 présent sur le bureau).

Laisse-toi guider. Au menu principal, choisis 1 et valide.

(ne fais pas le choix 2,3 ou 4 sans notre avis/accord)

Patiente jusqu'au message :

*** Analyse Termine le ..... ***

Appuie sur une touche comme demandé, le blocnote va s'ouvrir.
Copie-colle l'intégralité dans une réponse. Referme le bloc-note.

Le rapport est en outre sauvegardé à la racine du disque (fixnavi.txt)

Ouvre le dossier clean qui se trouve sur ton bureau, et double-clic sur clean.cmd, une fenêtre noire va apparaître.
Choisis l'option 2 et appuie sur Entrée pour valider.
Copie/colle moi le rapport qui apparait dans ta prochaine réponse.

Poste moi le rapport de navilog option1, clean option2 et un nouveau rapport hijackthis.

Bonne journée

---------------
¤¤ Kaspersky WebScanner ¤¤¤¤¤¤¤ AVG AntiSpyware ¤¤
¤¤¤¤¤¤ CCleaner ¤¤¤¤¤¤

bestiole

Search Navipromo version 2.0.3 commencé le 10/06/2007 à 16:35:43,68

!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
!!! Poster ce rapport sur le forum pour le faire analyser !!!
!!! Ne pas lancer la partie désinfection sans l'avis d'un spécialiste !!!

Fix lancé depuis C:\Program Files\navilog1
Mise a jour le 08.06.2007 a 17h00 by IL-MAFIOSO

Executé en mode normal

*** Recherche Programmes installes ***

MessengerSkinner

*** Recherche dossiers dans C:\WINDOWS ***

*** Recherche dossiers dans C:\Program Files ***

C:\Program Files\MessengerSkinner trouvé !

*** Recherche dossiers dans C:\Documents and Settings\All Users\Application Data ***

*** Recherche dossiers dans C:\Documents and Settings\david\Application Data ***

...\Application Data\MessengerSkinner trouvé !

*** Recherche avec BlackLight Engine/F-secure ***
BlackLight Engine est un produit de F-secure, pour + d'infos :
http://www.f-secure.com/blacklight [...] _help.html

Fichier(s) caché(s) dans C:\WINDOWS\system32 :

Processus caché(s) dans C:\WINDOWS\system32 :

*** Recherche fichiers ***

C:\WINDOWS\pack.epk trouvé !
C:\WINDOWS\tmlpcert2007 trouvé !
C:\WINDOWS\system32\nvs2.inf trouvé !

*** Recherche cles registre ***

Recherche dans [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs]

Recherche dans [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage]

Recherche Clé Magic Control

HKEY_CURRENT_USER\Software\Lanconfig trouvé !
HKEY_USERS\S-1-5-21-1644491937-1220945662-682003330-1004\Software\Lanconfig trouvé !

*** Module de Recherche complémentaire ***
(Recherche fichiers spécifiques)

1)Recherche fichiers connus:

2)Recherche Heuristique :
*
C:\WINDOWS\system32\hnrfmmf.dat trouvé !
**
C:\WINDOWS\system32\hnrfmmf.dat trouvé !
***
****
*****
C:\WINDOWS\system32\hnrfmmf_nav.dat trouvé !
******
*******
C:\WINDOWS\system32\fujpvqgl.exe trouvé !
C:\WINDOWS\system32\mkawdtouz.exe trouvé !
********
C:\WINDOWS\system32\cserlxif.exe trouvé !
C:\WINDOWS\system32\czujvodsiw.exe trouvé !
C:\WINDOWS\system32\dafxilspk.exe trouvé !
C:\WINDOWS\system32\fayqupbi.exe trouvé !
C:\WINDOWS\system32\fujpvqgl.exe trouvé !
C:\WINDOWS\system32\gsjcpwma.exe trouvé !
C:\WINDOWS\system32\hnrfmmf.exe trouvé !
C:\WINDOWS\system32\mkawdtouz.exe trouvé !
C:\WINDOWS\system32\mtoxnsj.exe trouvé !
C:\WINDOWS\system32\prqmbxuhwt.exe trouvé !
C:\WINDOWS\system32\qkyvtxjagu.exe trouvé !
C:\WINDOWS\system32\qtausjdve.exe trouvé !
C:\WINDOWS\system32\scemwulh.exe trouvé !
C:\WINDOWS\system32\xqvtbm.exe trouvé !
C:\WINDOWS\system32\yxogrwpjns.exe trouvé !

*** Analyse Terminé le 10/06/2007 à 16:50:52,51 ***

Rapport clean par Malekal_morte - http://www.malekal.com
Script execute en mode sans echec 10/06/2007 a 16:52:43,46

Microsoft Windows XP [version 5.1.2600]

*** Suppression des fichiers dans C:

*** Suppression des fichiers dans C:\WINDOWS\

*** Suppression des fichiers dans C:\WINDOWS\system32
tentative de suppression de C:\WINDOWS\system32\f3PSSavr.scr
tentative de suppression de "C:\Documents and Settings\david\Application Data\MessengerSkinner\"
Impossible de supprimer "C:\Documents and Settings\david\Application Data\MessengerSkinner\"

*** Suppression des fichiers dans C:\Program Files
tentative de suppression de "C:\Program Files\Download Plugin\DlPlugin-Moz\"
tentative de suppression de "C:\Program Files\Download Plugin\"
tentative de suppression de "C:\Program Files\Mozilla Firefox\plugins\NPMyWebS.dll"
tentative de suppression de "C:\Program Files\msn messenger\riched20.dll"
tentative de suppression de "C:\Program Files\MessengerSkinner\"

*** Suppression des clefs du registre effectuee..
*** Fin du rapport !

Logfile of HijackThis v1.99.1
Scan saved at 16:56:13, on 10/06/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16441)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\david\Mes documents\Mes téléchargements\Easy_Parcelle\Easy Parcelle.exe
C:\Program Files\Player Metaboli\GPlayer.exe
X:\Program Files\Microsoft Games\Age of Mythology\aomx.exe
C:\DOCUME~1\david\LOCALS~1\Temp\~f1d055.tmp
D:\Program Files\office\Office\WINWORD.EXE
C:\Documents and Settings\david\Mes documents\Mes téléchargements\hijackthis\aideonline.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {BE89472C-B803-4D1D-9A9A-0A63660E0FE3} - C:\PROGRA~1\COPERN~1\COPERN~1.DLL
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - (no file)
O2 - BHO: (no name) - {6F282B65-56BF-4BD1-A8B2-A4449A05863D} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Copernic Agent - {F2E259E8-0FC8-438C-A6E0-342DD80FA53E} - C:\Program Files\Copernic Agent\CopernicAgentExt.dll
O3 - Toolbar: (no name) - {6F282B65-56BF-4BD1-A8B2-A4449A05863D} - (no file)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [hnrfmmf] c:\windows\system32\hnrfmmf.exe hnrfmmf
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"
O4 - HKCU\..\RunOnce: [DependencyCheck] Performed
O4 - Global Startup: Microsoft Office.lnk = D:\Program Files\office\Office\OSA9.EXE
O8 - Extra context menu item: Chercher avec Copernic Agent - res://C:\Program Files\Copernic Agent\CopernicAgentExt.rdl/INTEGRATION_MENU_SEARCHEXT
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: (no name) - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE
O9 - Extra 'Tools' menuitem: Démarrer Copernic Agent - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE
O9 - Extra button: (no name) - {1A93C934-025B-4c3a-B38E-9654A7003239} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra 'Tools' menuitem: GamesBar - {1A93C934-025B-4c3a-B38E-9654A7003239} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: Créer un Favori de l'appareil mobile - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INETREPL.DLL
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INETREPL.DLL
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INETREPL.DLL
O9 - Extra button: Copernic Agent - {688DC797-DC11-46A7-9F1B-445F4F58CE6E} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.5) - http://eu-housecall.trendmicro-eur [...] hcImpl.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/bina [...] b31267.cab
O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class) -
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/micros [...] 0243401359
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537 [...] scan53.cab
O16 - DPF: {87AF076E-D86D-4E87-ADDD-F05804E1F150} (VirginMega DownloadManager) - http://www.virginmega.fr/DownloadM [...] ownMan.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/bina [...] b31267.cab
O16 - DPF: {AA59202C-5E41-48FC-AF7D-324F5FD6A9F1} - http://es6-scripts.dlv4.com/binari [...] _em_XP.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{B31ACDC6-9281-4AC1-87E6-F94A8FF564B0}: NameServer = 80.10.246.1,80.10.246.132
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe

merci de ton aide! :bounce:

synthexe

Anti-Malware Power

Bonsoir :hello:

Double clique sur le raccourci Navilog1 présent sur le bureau et laisse-toi guider.
Au menu principal, choisis 2 et valide.

Le fix va t'informer qu'il va alors redémarrer ton PC .
Ferme toutes les fenêtres ouvertes et enregistre tes documents personnels ouverts.
Appuie sur une touche comme demandé.

(si ton Pc ne redémarre pas automatiquement, fais le toi même)

Au redémarrage de ton PC, choisis ta session habituelle.

Patiente jusqu'au message :

*** Nettoyage Termine le ..... ***

Le bloc-note va s'ouvrir.
Sauvegarde le rapport de manière à le retrouver.
Referme le bloc-note. Ton bureau va réapparaitre.

Note : Si ton bureau ne réapparait pas, fais CTRL+ALT+SUPP pour ouvrir le gestionnaire de tâches.
Puis rends-toi à l'onglet "processus". Clique en haut à gauche sur fichiers et choisis "exécuter".
Tape explorer et valide. Celà te fera apparaitre ton bureau.

Fais un scan en ligne Kaspersky avec Internet Explorer :
Dans la nouvelle fenêtre, clique sur J'accepte.
Valide l'installation d'un ou de plusieurs ActiveX si c'est nécessaire.
Patiente pendant l'installation des Mises à jour.
Choisis par la suite l'analyse du Poste de travail
Sauvegarde puis colle le rapport généré en fin d'analyse.

AIDE : Configurer le contrôle des ActiveX
NOTE : Si tu reçois le message "La licence de Kaspersky On-line Scanner est périmée", va dans Ajout/Suppression de programmes puis désinstalle On-Line Scanner, reconnecte toi sur le site de Kaspersky pour retenter le scan en ligne.

Poste le rapport de navilog, le rapport Kaspersky et un nouveau rapport hijackthis.

Bonne soirée/nuitée

---------------
¤¤ Kaspersky WebScanner ¤¤¤¤¤¤¤ AVG AntiSpyware ¤¤
¤¤¤¤¤¤ CCleaner ¤¤¤¤¤¤

bestiole

Rapport navilog1

Clean Navipromo version 2.0.3 commencé le 11/06/2007 à 18:06:31,12

Fix lancé depuis C:\Program Files\navilog1
Mise a jour le 08.06.2007 a 17h00 by IL-MAFIOSO

Mode suppression automatique avec prise en charge résultats Blacklight

*** fsbl1.txt non trouvé ***
(Assurez-vous que Blacklight n'avait rien trouvé lors de la recherche)

*** Suppression dossiers dans C:\WINDOWS ***

*** Suppression dossiers dans C:\Program Files ***

*** Suppression dossiers dans C:\Documents and Settings\All Users\Application Data ***

*** Suppression dossiers dans C:\Documents and Settings\david\Application Data ***

...\Application Data\MessengerSkinner ...suppression...
...\Application Data\MessengerSkinner supprimé !

*** Suppression fichiers ***

C:\WINDOWS\pack.epk supprimé !
C:\WINDOWS\tmlpcert2007 supprimé !
C:\WINDOWS\system32\nvs2.inf supprimé !

*** Suppression fichiers temporaires ***

Nettoyage contenu C:\WINDOWS\Temp effectué !
Nettoyage contenu C:\Documents and Settings\david\Local Settings\Temp effectué !

*** Sauvegarde du registre vers dossier Backupnavi***

sauvegarde du registre réalise avec succes !

*** Nettoyage registre ***

Nettoyage registre Ok

*** Traitement Recherche complémentaire ***
(Recherche fichiers spécifiques)

1)Recherche fichiers connus:

2)Recherche et Suppression Heuristique :

*
C:\WINDOWS\System32\hnrfmmf.dat trouvé !
Copie C:\WINDOWS\system32\hnrfmmf.dat réalise avec succes !
C:\WINDOWS\system32\hnrfmmf.dat supprimé !

**
***
****
*****
C:\WINDOWS\System32\hnrfmmf_nav.dat trouvé !
Copie C:\WINDOWS\system32\hnrfmmf_nav.dat réalise avec succes !
C:\WINDOWS\system32\hnrfmmf_nav.dat supprimé !

******
*******
C:\WINDOWS\System32\fujpvqgl.exe trouvé !
Copie C:\WINDOWS\system32\fujpvqgl.exe réalise avec succes !
C:\WINDOWS\system32\fujpvqgl.exe supprimé !

C:\WINDOWS\System32\mkawdtouz.exe trouvé !
Copie C:\WINDOWS\system32\mkawdtouz.exe réalise avec succes !
C:\WINDOWS\system32\mkawdtouz.exe supprimé !

********
C:\WINDOWS\System32\cserlxif.exe trouvé !
Copie C:\WINDOWS\system32\cserlxif.exe réalise avec succes !
C:\WINDOWS\system32\cserlxif.exe supprimé !

C:\WINDOWS\System32\czujvodsiw.exe trouvé !
Copie C:\WINDOWS\system32\czujvodsiw.exe réalise avec succes !
C:\WINDOWS\system32\czujvodsiw.exe supprimé !

C:\WINDOWS\System32\dafxilspk.exe trouvé !
Copie C:\WINDOWS\system32\dafxilspk.exe réalise avec succes !
C:\WINDOWS\system32\dafxilspk.exe supprimé !

C:\WINDOWS\System32\fayqupbi.exe trouvé !
Copie C:\WINDOWS\system32\fayqupbi.exe réalise avec succes !
C:\WINDOWS\system32\fayqupbi.exe supprimé !

C:\WINDOWS\System32\gsjcpwma.exe trouvé !
Copie C:\WINDOWS\system32\gsjcpwma.exe réalise avec succes !
C:\WINDOWS\system32\gsjcpwma.exe supprimé !

C:\WINDOWS\System32\hnrfmmf.exe trouvé !
Copie C:\WINDOWS\system32\hnrfmmf.exe réalise avec succes !
C:\WINDOWS\system32\hnrfmmf.exe supprimé !

C:\WINDOWS\System32\mtoxnsj.exe trouvé !
Copie C:\WINDOWS\system32\mtoxnsj.exe réalise avec succes !
C:\WINDOWS\system32\mtoxnsj.exe supprimé !

C:\WINDOWS\System32\prqmbxuhwt.exe trouvé !
Copie C:\WINDOWS\system32\prqmbxuhwt.exe réalise avec succes !
C:\WINDOWS\system32\prqmbxuhwt.exe supprimé !

C:\WINDOWS\System32\qkyvtxjagu.exe trouvé !
Copie C:\WINDOWS\system32\qkyvtxjagu.exe réalise avec succes !
C:\WINDOWS\system32\qkyvtxjagu.exe supprimé !

C:\WINDOWS\System32\qtausjdve.exe trouvé !
Copie C:\WINDOWS\system32\qtausjdve.exe réalise avec succes !
C:\WINDOWS\system32\qtausjdve.exe supprimé !

C:\WINDOWS\System32\scemwulh.exe trouvé !
Copie C:\WINDOWS\system32\scemwulh.exe réalise avec succes !
C:\WINDOWS\system32\scemwulh.exe supprimé !

C:\WINDOWS\System32\xqvtbm.exe trouvé !
Copie C:\WINDOWS\system32\xqvtbm.exe réalise avec succes !
C:\WINDOWS\system32\xqvtbm.exe supprimé !

C:\WINDOWS\System32\yxogrwpjns.exe trouvé !
Copie C:\WINDOWS\system32\yxogrwpjns.exe réalise avec succes !
C:\WINDOWS\system32\yxogrwpjns.exe supprimé !

3)Contrôle présence clés Rootkit dans le registre :

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"hnrfmmf"=C:\WINDOWS\system32\hnrfmmf.exe hnrfmmf trouvé !

Nettoyage complémentaire du registre....

*** Nettoyage termine le 11/06/2007 à 18:09:08,18 ***

KASPERSKY ON-LINE SCANNER REPORT
Monday, June 11, 2007 10:29:16 PM
Système d'exploitation : Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600)
Kaspersky On-line Scanner version : 5.0.83.0
Dernière mise à jour de la base antivirus Kaspersky : 11/06/2007
Enregistrements dans la base antivirus Kaspersky : 342421

Paramètres d'analyse
Analyser avec la base antivirus suivante étendue
Analyser les archives vrai
Analyser les bases de messagerie vrai

Cible de l'analyse Poste de travail
C:\
D:\
E:\
F:\
G:\
H:\

Statistiques de l'analyse
Total d'objets analysés 103868
Nombre de virus trouvés 19
Nombre d'objets infectés 211 / 0
Nombre d'objets suspects 1
Durée de l'analyse 02:30:53

Nom de l'objet infecté Nom du virus Dernière action
C:\Documents and Settings\All Users\Application Data\avg7\Log\emc.log L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Grisoft\Avg7Data\avg7log.log L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Grisoft\Avg7Data\avg7log.log.lck L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat L'objet est verrouillé ignoré

C:\Documents and Settings\david\Application Data\Mozilla\Firefox\Profiles\a193sjxk.default\cert8.db L'objet est verrouillé ignoré

C:\Documents and Settings\david\Application Data\Mozilla\Firefox\Profiles\a193sjxk.default\formhistory.dat L'objet est verrouillé ignoré

C:\Documents and Settings\david\Application Data\Mozilla\Firefox\Profiles\a193sjxk.default\history.dat L'objet est verrouillé ignoré

C:\Documents and Settings\david\Application Data\Mozilla\Firefox\Profiles\a193sjxk.default\key3.db L'objet est verrouillé ignoré

C:\Documents and Settings\david\Application Data\Mozilla\Firefox\Profiles\a193sjxk.default\parent.lock L'objet est verrouillé ignoré

C:\Documents and Settings\david\Application Data\Mozilla\Firefox\Profiles\a193sjxk.default\search.sqlite L'objet est verrouillé ignoré

C:\Documents and Settings\david\Application Data\Mozilla\Firefox\Profiles\a193sjxk.default\urlclassifier2.sqlite L'objet est verrouillé ignoré

C:\Documents and Settings\david\Application Data\Thunderbird\Profiles\pq5os29b.default\Mail\pop.wanadoo-3.fr\Inbox/[From Fabrice VEYSSIERE ][Date Sun, 18 Jun 2006 23:31:09 +0200 (CEST)]/UNNAMED/[From Alan Boisard ][Date Mon, 19 Jun 2006 11:19:23 +0200]/UNNAMED/[From Arnaud ][Date Mon, 19 Jun 2006 19:55:05 +0200]/UNNAMED/[From "G.Bridon" ][Date Tue, 20 Jun 2006 00:06:10 +0200]/text/[From Marie Marthe RIGAUDEAU ][Date Tue, 20 Jun 2006 17:00:24 +0100]/html Suspect : Email-Worm.Win32.Bagle.mail ignoré

C:\Documents and Settings\david\Application Data\Thunderbird\Profiles\pq5os29b.default\Mail\pop.wanadoo-3.fr\Inbox/[From Fabrice VEYSSIERE ][Date Sun, 18 Jun 2006 23:31:09 +0200 (CEST)]/UNNAMED/[From Alan Boisard ][Date Mon, 19 Jun 2006 11:19:23 +0200]/UNNAMED/[From Arnaud ][Date Mon, 19 Jun 2006 19:55:05 +0200]/UNNAMED/[From "G.Bridon" ][Date Tue, 20 Jun 2006 00:06:10 +0200]/text/[From Marie Marthe RIGAU ... /[From "Pascal.legouic" ][Date Tue, 20 Jun 2006 17:00:24 +0100]/Humphrie.zip Infecté : Email-Worm.Win32.Bagle.gen ignoré

C:\Documents and Settings\david\Application Data\Thunderbird\Profiles\pq5os29b.default\Mail\pop.wanadoo-3.fr\Inbox/[From Fabrice VEYSSIERE ][Date Sun, 18 Jun 2006 23:31:09 +0200 (CEST)]/UNNAMED/[From Alan Boisard ][Date Mon, 19 Jun 2006 11:19:23 +0200]/UNNAMED/[From Arnaud ][Date Mon, 19 Jun 2006 19:55:05 +0200]/UNNAMED/[From "G.Bridon" ][Date Tue, 20 Jun 2006 00:06:10 +0200]/text/[From Marie Marthe RIGAUDEAU ][Date Tue, 20 Jun 2006 14:44:45 +0200]/UNNAMED Infecté : Email-Worm.Win32.Bagle.gen ignoré

C:\Documents and Settings\david\Application Data\Thunderbird\Profiles\pq5os29b.default\Mail\pop.wanadoo-3.fr\Inbox/[From Fabrice VEYSSIERE ][Date Sun, 18 Jun 2006 23:31:09 +0200 (CEST)]/UNNAMED/[From Alan Boisard ][Date Mon, 19 Jun 2006 11:19:23 +0200]/UNNAMED/[From Arnaud ][Date Mon, 19 Jun 2006 19:55:05 +0200]/UNNAMED/[From "G.Bridon" ][Date Tue, 20 Jun 2006 00:06:10 +0200]/text/[From Marie Marthe RIGAUDEAU Infecté : Email-Worm.Win32.Bagle.gen ignoré

C:\Documents and Settings\david\Application Data\Thunderbird\Profiles\pq5os29b.default\Mail\pop.wanadoo-3.fr\Inbox/[From Fabrice VEYSSIERE ][Date Sun, 18 Jun 2006 23:31:09 +0200 (CEST)]/UNNAMED/[From Alan Boisard ][Date Mon, 19 Jun 2006 11:19:23 +0200]/UNNAMED/[From Arnaud ][Date Mon, 19 Jun 2006 19:55:05 +0200]/UNNAMED/[From "G.Bridon" ][Date Tue, 20 Jun 2006 00:06:10 +0200]/text/[From Marie Marthe RIGAUDEAU ][Date Tue, 20 Jun 2006 10:32:29 +0200 (CEST)]/UNNAMED Infecté : Email-Worm.Win32.Bagle.gen ignoré

C:\Documents and Settings\david\Application Data\Thunderbird\Profiles\pq5os29b.default\Mail\pop.wanadoo-3.fr\Inbox/[From Fabrice VEYSSIERE ][Date Sun, 18 Jun 2006 23:31:09 +0200 (CEST)]/UNNAMED/[From Alan Boisard ][Date Mon, 19 Jun 2006 11:19:23 +0200]/UNNAMED/[From Arnaud ][Date Mon, 19 Jun 2006 19:55:05 +0200]/UNNAMED/[From "G.Bridon" ][Date Tue, 20 Jun 2006 00:06:10 +0200]/text Infecté : Email-Worm.Win32.Bagle.gen ignoré

C:\Documents and Settings\david\Application Data\Thunderbird\Profiles\pq5os29b.default\Mail\pop.wanadoo-3.fr\Inbox/[From Fabrice VEYSSIERE ][Date Sun, 18 Jun 2006 23:31:09 +0200 (CEST)]/UNNAMED/[From Alan Boisard ][Date Mon, 19 Jun 2006 11:19:23 +0200]/UNNAMED/[From Arnaud ][Date Mon, 19 Jun 2006 19:55:05 +0200]/UNNAMED Infecté : Email-Worm.Win32.Bagle.gen ignoré

C:\Documents and Settings\david\Application Data\Thunderbird\Profiles\pq5os29b.default\Mail\pop.wanadoo-3.fr\Inbox/[From Fabrice VEYSSIERE ][Date Sun, 18 Jun 2006 23:31:09 +0200 (CEST)]/UNNAMED/[From Alan Boisard ][Date Mon, 19 Jun 2006 11:19:23 +0200]/UNNAMED Infecté : Email-Worm.Win32.Bagle.gen ignoré

C:\Documents and Settings\david\Application Data\Thunderbird\Profiles\pq5os29b.default\Mail\pop.wanadoo-3.fr\Inbox/[From Fabrice VEYSSIERE ][Date Sun, 18 Jun 2006 23:31:09 +0200 (CEST)]/UNNAMED Infecté : Email-Worm.Win32.Bagle.gen ignoré

C:\Documents and Settings\david\Application Data\Thunderbird\Profiles\pq5os29b.default\Mail\pop.wanadoo-3.fr\Inbox Mail Berkeley mbox: infecté - 8, suspect - 1 ignoré

C:\Documents and Settings\david\Application Data\Thunderbird\Profiles\pq5os29b.default\Mail\pop.wanadoo-6.fr\Inbox/[From Sean Rutherford ][Date Sun, 18 Jun 2006 09:32:01 -0600]/UNNAMED/[From "Wheeler Sheldon" ][Date Thu, 29 Jun 2006 04:46:46 -0600]/text/[From "eBay" ][Date Wed, 28 Jun 2006 17:31:52 -0700]/UNNAMED/[From "Tami Novak" ][Date Thu, 29 Jun 2006 12:19:24 +0300]/text/[From "Rebek ... /[From "SunTrust Bank, Inc." ][Date Tue, 5 Sep 2006 08:49:48 +0200 (CEST)]/UNNAMED Infecté : Trojan-Spy.HTML.Bankfraud.qb ignoré

C:\Documents and Settings\david\Application Data\Thunderbird\Profiles\pq5os29b.default\Mail\pop.wanadoo-6.fr\Inbox/[From Sean Rutherford ][Date Sun, 18 Jun 2006 09:32:01 -0600]/UNNAMED/[From "Wheeler Sheldon" ][Date Thu, 29 Jun 2006 04:46:46 -0600]/text/[From "eBay" ][Date Wed, 28 Jun 2006 17:31:52 -0700]/UNNAMED/[From "Tami Novak" ][Date Thu, 29 Jun 2006 12:19:24 +0300]/text/[From "Rebekah Barnard" ][Date Tue, 05 Sep 2006 00:37:30 -0800]/text Infecté : Trojan-Spy.HTML.Bankfraud.qb ignoré

C:\Documents and Settings\david\Application Data\Thunderbird\Profiles\pq5os29b.default\Mail\pop.wanadoo-6.fr\Inbox/[From Sean Rutherford ][Date Sun, 18 Jun 2006 09:32:01 -0600]/UNNAMED/[From "Wheeler Sheldon" ][Date Thu, 29 Jun 2006 04:46:46 -0600]/text/[From "eBay" ][Date Wed, 28 Jun 2006 17:31:52 -0700]/UNNAMED/[From "Tami Novak" ][Date Thu, 29 Jun 2006 12:19:24 +0300]/text/[From "Rebekah Barnard" ][Date Thu, 29 Jun 2006 04:46:46 -0600]/text/[From "eBay" ][Date Wed, 28 Jun 2006 17:31:52 -0700]/UNNAMED/[From "Tami Novak" ][Date Thu, 29 Jun 2006 12:19:24 +0300]/text/[From "Rebekah Barnard" ][Date Mon, 04 Sep 2006 22:05:26 -0800]/UNNAMED Infecté : Trojan-Spy.HTML.Bankfraud.qb ignoré

C:\Documents and Settings\david\Application Data\Thunderbird\Profiles\pq5os29b.default\Mail\pop.wanadoo-6.fr\Inbox/[From Sean Rutherford ][Date Sun, 18 Jun 2006 09:32:01 -0600]/UNNAMED/[From "Wheeler Sheldon" ][Date Thu, 29 Jun 2006 04:46:46 -0600]/text/[From "eBay" ][Date Wed, 28 Jun 2006 17:31:52 -0700]/UNNAMED/[From "Tami Novak" ][Date Thu, 29 Jun 2006 12:19:24 +0300]/text/[From "Rebekah Barnard" ][Date Mon, 04 Sep 2006 21:34:41 -0600]/UNNAMED Infecté : Trojan-Spy.HTML.Bankfraud.qb ignoré

C:\Documents and Settings\david\Application Data\Thunderbird\Profiles\pq5os29b.default\Mail\pop.wanadoo-6.fr\Inbox/[From Sean Rutherford ][Date Sun, 18 Jun 2006 09:32:01 -0600]/UNNAMED/[From "Wheeler Sheldon" ][Date Thu, 29 Jun 2006 04:46:46 -0600]/text/[From "eBay" ][Date Wed, 28 Jun 2006 17:31:52 -0700]/UNNAMED/[From "Tami Novak" ][Date Thu, 29 Jun 2006 12:19:24 +0300]/text/[From "Rebekah Barnard" ][Date Tue, 05 Sep 2006 03:14:35 +0800]/text Infecté : Trojan-Spy.HTML.Bankfraud.qb ignoré

C:\Documents and Settings\david\Application Data\Thunderbird\Profiles\pq5os29b.default\Mail\pop.wanadoo-6.fr\Inbox/[From Sean Rutherford ][Date Sun, 18 Jun 2006 09:32:01 -0600]/UNNAMED/[From "Wheeler Sheldon" ][Date Thu, 29 Jun 2006 04:46:46 -0600]/text/[From "eBay" ][Date Wed, 28 Jun 2006 17:31:52 -0700]/UNNAMED/[From "Tami Novak" ][Date Thu, 29 Jun 2006 12:19:24 +0300]/text/[From "Rebekah Barnard" ][Date Sat, 20 Jan 2007 09:12:30 + ... /UNNAMED Infecté : Email-Worm.Win32.Zhelatin.a ignoré

C:\Documents and Settings\david\Application Data\Thunderbird\Profiles\pq5os29b.default\Mail\pop.wanadoo-6.fr\Inbox/[From Sean Rutherford ][Date Sun, 18 Jun 2006 09:32:01 -0600]/UNNAMED/[From "Wheeler Sheldon" ][Date Thu, 29 Jun 2006 04:46:46 -0600]/text/[From "eBay" ][Date Wed, 28 Jun 2006 17:31:52 -0700]/UNNAMED/[From "Tami Novak" ][Date Thu, 29 Jun 2006 12:19:24 +0300]/text/[From "Rebekah Barnard" ][Date Sun, 21 Jan 2007 23:04:56 +0900]/UNNAMED Infecté : Email-Worm.Win32.Zhelatin.a ignoré

C:\Documents and Settings\david\Application Data\Thunderbird\Profiles\pq5os29b.default\Mail\pop.wanadoo-6.fr\Inbox/[From Sean Rutherford ][Date Sun, 18 Jun 2006 09:32:01 -0600]/UNNAMED/[From "Wheeler Sheldon" ][Date Thu, 29 Jun 2006 04:46:46 -0600]/text/[From "eBay" ][Date Wed, 28 Jun 2006 17:31:52 -0700]/UNNAMED/[From "Tami Novak" ][Date Thu, 29 Jun 2006 12:19:24 +0300]/text/[From "Rebekah Barnard" ][Date Sun, 21 Jan 2007 08:15:45 -0400]/UNNAMED Infecté : Email-Worm.Win32.Zhelatin.a ignoré

C:\Documents and Settings\david\Application Data\Thunderbird\Profiles\pq5os29b.default\Mail\pop.wanadoo-6.fr\Inbox/[From Sean Rutherford ][Date Sun, 18 Jun 2006 09:32:01 -0600]/UNNAMED/[From "Wheeler Sheldon" ][Date Thu, 29 Jun 2006 04:46:46 -0600]/text/[From "eBay" ][Date Wed, 28 Jun 2006 17:31:52 -0700]/UNNAMED/[From "Tami Novak" ][Date Thu, 29 Jun 2006 12:19:24 +0300]/text/[From "Rebekah Barnard" ][Date So, 21 Jan 2007 12:18:20 +0100]/text Infecté : Email-Worm.Win32.Zhelatin.a ignoré

C:\Documents and Settings\david\Application Data\Thunderbird\Profiles\pq5os29b.default\Mail\pop.wanadoo-6.fr\Inbox/[From Sean Rutherford ][Date Sun, 18 Jun 2006 09:32:01 -0600]/UNNAMED/[From "Wheeler Sheldon" ][Date Thu, 29 Jun 2006 04:46:46 -0600]/text/[From "eBay" ][Date Wed, 28 Jun 2006 17:31:52 -0700]/UNNAMED/[From "Tami Novak" ][Date Thu, 29 Jun 2006 12:19:24 +0300]/text/[From "Rebekah Barnard" ][Date Sun, 21 Jan 2007 12:01:58 +0100]/text Infecté : Email-Worm.Win32.Zhelatin.a ignoré

C:\Documents and Settings\david\Application Data\Thunderbird\Profiles\pq5os29b.default\Mail\pop.wanadoo-6.fr\Inbox/[From Sean Rutherford ][Date Sun, 18 Jun 2006 09:32:01 -0600]/UNNAMED/[From "Wheeler Sheldon" ][Date Thu, 29 Jun 2006 04:46:46 -0600]/text/[From "eBay" ][Date Wed, 28 Jun 2006 17:31:52 -0700]/UNNAMED/[From "Tami Novak" ][Date Thu, 29 Jun 2006 12:19:24 +0300]/text/[From "Rebekah Barnard" ][Date Sat, 20 Jan 2007 09:12:30 +090 ... /text Infecté : Email-Worm.Win32.Zhelatin.a ignoré

C:\Documents and Settings\david\Application Data\Thunderbird\Profiles\pq5os29b.default\Mail\pop.wanadoo-6.fr\Inbox/[From Sean Rutherford ][Date Sun, 18 Jun 2006 09:32:01 -0600]/UNNAMED/[From "Wheeler Sheldon" ][Date Thu, 29 Jun 2006 04:46:46 -0600]/text/[From "eBay" ][Date Wed, 28 Jun 2006 17:31:52 -0700]/UNNAMED/[From "Tami Novak" ][Date Thu, 29 Jun 2006 12:19:24 +0300]/text/[From "Rebekah Barnard" ][Date Sat, 20 Jan 2007 09:12:30 +0900]/UNNAMED Infecté : Email-Worm.Win32.Zhelatin.a ignoré

C:\Documents and Settings\david\Application Data\Thunderbird\Profiles\pq5os29b.default\Mail\pop.wanadoo-6.fr\Inbox/[From Sean Rutherford ][Date Sun, 18 Jun 2006 09:32:01 -0600]/UNNAMED/[From "Wheeler Sheldon" ][Date Thu, 29 Jun 2006 04:46:46 -0600]/text/[From "eBay" ][Date Wed, 28 Jun 2006 17:31:52 -0700]/UNNAMED/[From "Tami Novak" ][Date Thu, 29 Jun 2006 12:19:24 +0300]/text/[From "Rebekah Barnard" ][Date Mon, 22 Jan 2007 01:49:14 +0900]/UNNAMED Infecté : Email-Worm.Win32.Zhelatin.a ignoré

C:\Documents and Settings\david\Application Data\Thunderbird\Profiles\pq5os29b.default\Mail\pop.wanadoo-6.fr\Inbox/[From Sean Rutherford ][Date Sun, 18 Jun 2006 09:32:01 -0600]/UNNAMED/[From "Wheeler Sheldon" ][Date Thu, 29 Jun 2006 04:46:46 -0600]/text/[From "eBay" ][Date Wed, 28 Jun 2006 17:31:52 -0700]/UNNAMED/[From "Tami Novak" ][Date Thu, 29 Jun 2006 12:19:24 +0300]/text/[From "Rebekah Barnard" ][Date 21 Jan 2007 18:13:00 -0200]/UNNAMED Infecté : Email-Worm.Win32.Zhelatin.a ignoré

C:\Documents and Settings\david\Application Data\Thunderbird\Profiles\pq5os29b.default\Mail\pop.wanadoo-6.fr\Inbox/[From Sean Rutherford ][Date Sun, 18 Jun 2006 09:32:01 -0600]/UNNAMED/[From "Wheeler Sheldon" ][Date Thu, 29 Jun 2006 04:46:46 -0600]/text/[From "eBay" ][Date Wed, 28 Jun 2006 17:31:52 -0700]/UNNAMED/[From "Tami Novak" ][Date Thu, 29 Jun 2006 12:19:24 +0300]/text/[From "Rebekah Barnard" ][Date Sun, 21 Jan 2007 06:00:29 -0500]/html Infecté : Email-Worm.Win32.Zhelatin.a ignoré

C:\Documents and Settings\david\Application Data\Thunderbird\Profiles\pq5os29b.default\Mail\pop.wanadoo-6.fr\Inbox/[From Sean Rutherford ][Date Sun, 18 Jun 2006 09:32:01 -0600]/UNNAMED/[From "Wheeler Sheldon" ][Date Thu, 29 Jun 2006 04:46:46 -0600]/text/[From "eBay" ][Date Wed, 28 Jun 2006 17:31:52 -0700]/UNNAMED/[From "Tami Novak" ][Date Thu, 29 Jun 2006 12:19:24 +0300]/text/[From "Rebekah Barnard" ][Date Thu, 29 Jun 2006 04:46:46 -0600]/text/[From "eBay" ][Date Wed, 28 Jun 2006 17:31:52 -0700]/UNNAMED/[From "Tami Novak" ][Date Thu, 29 Jun 2006 12:19:24 +0300]/text/[From "Rebekah Barnard" ][Date Sun, 22 Jan 2006 14:47:11 +0210]/text Infecté : Trojan-Proxy.Win32.Lager.dp ignoré

C:\Documents and Settings\david\Application Data\Thunderbird\Profiles\pq5os29b.default\Mail\pop.wanadoo-6.fr\Inbox/[From Sean Rutherford ][Date Sun, 18 Jun 2006 09:32:01 -0600]/UNNAMED/[From "Wheeler Sheldon" ][Date Thu, 29 Jun 2006 04:46:46 -0600]/text/[From "eBay" ][Date Wed, 28 Jun 2006 17:31:52 -0700]/UNNAMED/[From "Tami Novak" ][Date Thu, 29 Jun 2006 12:19:24 +0300]/text/[From "Rebekah Barnard" ][Date Mon, 22 Jan 2007 15:22:55 0100]/text Infecté : Trojan-Proxy.Win32.Lager.dp ignoré

C:\Documents and Settings\david\Application Data\Thunderbird\Profiles\pq5os29b.default\Mail\pop.wanadoo-6.fr\Inbox/[From Sean Rutherford ][Date Sun, 18 Jun 2006 09:32:01 -0600]/UNNAMED/[From "Wheeler Sheldon" ][Date Thu, 29 Jun 2006 04:46:46 -0600]/text/[From "eBay" ][Date Wed, 28 Jun 2006 17:31:52 -0700]/UNNAMED/[From "Tami Novak" ][Date Thu, 29 Jun 2006 12:19:24 +0300]/text/[From "Rebekah Barnard" ][Date Mon, 22 Jan 2007 11:18:33 -0300]/UNNAMED Infecté : Trojan-Proxy.Win32.Lager.dp ignoré

C:\Documents and Settings\david\Application Data\Thunderbird\Profiles\pq5os29b.default\Mail\pop.wanadoo-6.fr\Inbox/[From Sean Rutherford ][Date Sun, 18 Jun 2006 09:32:01 -0600]/UNNAMED/[From "Wheeler Sheldon" ][Date Thu, 29 Jun 2006 04:46:46 -0600]/text/[From "eBay" ][Date Wed, 28 Jun 2006 17:31:52 -0700]/UNNAMED/[From "Tami Novak" ][Date Thu, 29 Jun 2006 12:19:24 +0300]/text/[From "Rebekah Barnard" ][Date Mon, 22 Jan 2007 15:15:15 +0100]/UNNAMED Infecté : Trojan-Proxy.Win32.Lager.dp ignoré

C:\Documents and Settings\david\Application Data\Thunderbird\Profiles\pq5os29b.default\Mail\pop.wanadoo-6.fr\Inbox/[From Sean Rutherford ][Date Sun, 18 Jun 2006 09:32:01 -0600]/UNNAMED/[From "Wheeler Sheldon" ][Date Thu, 29 Jun 2006 04:46:46 -0600]/text/[From "eBay" ][Date Wed, 28 Jun 2006 17:31:52 -0700]/UNNAMED/[From "Tami Novak" ][Date Thu, 29 Jun 2006 12:19:24 +0300]/text/[From "Rebekah Barnard" ][Date Mon, 22 Jan 2007 14:52:38 +0100]/UNNAMED Infecté : Trojan-Proxy.Win32.Lager.dp ignoré

C:\Documents and Settings\david\Application Data\Thunderbird\Profiles\pq5os29b.default\Mail\pop.wanadoo-6.fr\Inbox/[From Sean Rutherford ][Date Sun, 18 Jun 2006 09:32:01 -0600]/UNNAMED/[From "Wheeler Sheldon" ][Date Thu, 29 Jun 2006 04:46:46 -0600]/text/[From "eBay" ][Date Wed, 28 Jun 2006 17:31:52 -0700]/UNNAMED/[From "Tami Novak" ][Date Thu, 29 Jun 2006 12:19:24 +0300]/text/[From "Rebekah Barnard" ][Date Mon, 22 Jan 2007 13:11:19 0200]/text Infecté : Trojan-Proxy.Win32.Lager.dp ignoré

C:\Documents and Settings\david\Application Data\Thunderbird\Profiles\pq5os29b.default\Mail\pop.wanadoo-6.fr\Inbox/[From Sean Rutherford ][Date Sun, 18 Jun 2006 09:32:01 -0600]/UNNAMED/[From "Wheeler Sheldon" ][Date Thu, 29 Jun 2006 04:46:46 -0600]/text/[From "eBay" ][Date Wed, 28 Jun 2006 17:31:52 -0700]/UNNAMED/[From "Tami Novak" ][Date Thu, 29 Jun 2006 12:19:24 +0300]/text/[From "Rebekah Barnard" ][Date Thu, 29 Jun 2006 04:46:46 -0600]/text/[From "eBay" ][Date Wed, 28 Jun 2006 17:31:52 -0700]/UNNAMED/[From "Tami Novak" ][Date Thu, 29 Jun 2006 12:19:24 +0300]/text/[From "Rebekah Barnard" ][Date Mon, 29 Jan 2007 19:48:47 -0120]/text Infecté : Email-Worm.Win32.Zhelatin.h ignoré

C:\Documents and Settings\david\Application Data\Thunderbird\Profiles\pq5os29b.default\Mail\pop.wanadoo-6.fr\Inbox/[From Sean Rutherford ][Date Sun, 18 Jun 2006 09:32:01 -0600]/UNNAMED/[From "Wheeler Sheldon" ][Date Thu, 29 Jun 2006 04:46:46 -0600]/text/[From "eBay" ][Date Wed, 28 Jun 2006 17:31:52 -0700]/UNNAMED/[From "Tami Novak" ][Date Thu, 29 Jun 2006 12:19:24 +0300]/text/[From "Rebekah Bar ... / ... / ... /[From "La ... /[From Kent Maud ][Date Tue, 6 Feb 2007 16:42:31 +0000]/UNNAMED Infecté : Email-Worm.Win32.Zhelatin.r ignoré

C:\Documents and Settings\david\Application Data\Thunderbird\Profiles\pq5os29b.default\Mail\pop.wanadoo-6.fr\Inbox/[From Sean Rutherford ][Date Sun, 18 Jun 2006 09:32:01 -0600]/UNNAMED/[From "Wheeler Sheldon" ][Date Thu, 29 Jun 2006 04:46:46 -0600]/text/[From "eBay" ][Date Wed, 28 Jun 2006 17:31:52 -0700]/UNNAMED/[From "Tami Novak" ][Date Thu, 29 Jun 2006 12:19:24 +0300]/text/[From "Rebekah Bar ... / ... / ... /[From "La . ... /[From "Zelma Corbin" ][Date Tue, 6 Feb 2007 16:24:45 -0120]/UNNAMED Infecté : Email-Worm.Win32.Zhelatin.r ignoré

C:\Documents and Settings\david\Application Data\Thunderbird\Profiles\pq5os29b.default\Mail\pop.wanadoo-6.fr\Inbox/[From Sean Rutherford ][Date Sun, 18 Jun 2006 09:32:01 -0600]/UNNAMED/[From "Wheeler Sheldon" ][Date Thu, 29 Jun 2006 04:46:46 -0600]/text/[From "eBay" ][Date Wed, 28 Jun 2006 17:31:52 -0700]/UNNAMED/[From "Tami Novak" ][Date Thu, 29 Jun 2006 12:19:24 +0300]/text/[From "Rebekah Bar ... / ... / ... /[From "La ... /[From Replica Pens ][Date Tue, 06 Feb 2007 18:17:00 +0300]/UNNAMED Infecté : Email-Worm.Win32.Zhelatin.r ignoré

C:\Documents and Settings\david\Application Data\Thunderbird\Profiles\pq5os29b.default\Mail\pop.wanadoo-6.fr\Inbox/[From Sean Rutherford ][Date Sun, 18 Jun 2006 09:32:01 -0600]/UNNAMED/[From "Wheeler Sheldon" ][Date Thu, 29 Jun 2006 04:46:46 -0600]/text/[From "eBay" ][Date Wed, 28 Jun 2006 17:31:52 -0700]/UNNAMED/[From "Tami Novak" ][Date Thu, 29 Jun 2006 12:19:24 +0300]/text/[From "Rebekah Bar ... / ... / ... /[From "La bon ... /[From "Essays Tolkien" ][Date 6 Feb 2007 18:06:10 -0300]/UNNAMED Infecté : Email-Worm.Win32.Zhelatin.r ignoré

C:\Documents and Settings\david\Application Data\Thunderbird\Profiles\pq5os29b.default\Mail\pop.wanadoo-6.fr\Inbox/[From Sean Rutherford ][Date Sun, 18 Jun 2006 09:32:01 -0600]/UNNAMED/[From "Wheeler Sheldon" ][Date Thu, 29 Jun 2006 04:46:46 -0600]/text/[From "eBay" ][Date Wed, 28 Jun 2006 17:31:52 -0700]/UNNAMED/[From "Tami Novak" ][Date Thu, 29 Jun 2006 12:19:24 +0300]/text/[From "Rebekah Bar ... / ... / ... /[From "La bonne cuisine de A à Z" ][Date Tue, 06 Feb 2007 14:53:56 +0100]/html Infecté : Email-Worm.Win32.Zhelatin.r ignoré

C:\Documents and Settings\david\Application Data\Thunderbird\Profiles\pq5os29b.default\Mail\pop.wanadoo-6.fr\Inbox/[From Sean Rutherford ][Date Sun, 18 Jun 2006 09:32:01 -0600]/UNNAMED/[From "Wheeler Sheldon" ][Date Thu, 29 Jun 2006 04:46:46 -0600]/text/[From "eBay" ][Date Wed, 28 Jun 2006 17:31:52 -0700]/UNNAMED/[From "Tami Novak" ][Date Thu, 29 Jun 2006 12:19:24 +0300]/text/[From "Rebekah Bar ... / ... /[Fro ... /[F ... /[From "Idaline Frost" ][Date Tue, 06 Feb 2007 04:34:41 -0800]/text Infecté : Email-Worm.Win32.Zhelatin.r ignoré

C:\Documents and Settings\david\Application Data\Thunderbird\Profiles\pq5os29b.default\Mail\pop.wanadoo-6.fr\Inbox/[From Sean Rutherford ][Date Sun, 18 Jun 2006 09:32:01 -0600]/UNNAMED/[From "Wheeler Sheldon" ][Date Thu, 29 Jun 2006 04:46:46 -0600]/text/[From "eBay" ][Date Wed, 28 Jun 2006 17:31:52 -0700]/UNNAMED/[From "Tami Novak" ][Date Thu, 29 Jun 2006 12:19:24 +0300]/text/[From "Rebekah Bar ... / ... /[Fro ... /[From "Thanatos Houseman" ][Date Tue, 6 Feb 2007 12:05:47 +0100]/text Infecté : Email-Worm.Win32.Zhelatin.r ignoré

C:\Documents and Settings\david\Application Data\Thunderbird\Profiles\pq5os29b.default\Mail\pop.wanadoo-6.fr\Inbox/[From Sean Rutherford ][Date Sun, 18 Jun 2006 09:32:01 -0600]/UNNAMED/[From "Wheeler Sheldon" ][Date Thu, 29 Jun 2006 04:46:46 -0600]/text/[From "eBay" ][Date Wed, 28 Jun 2006 17:31:52 -0700]/UNNAMED/[From "Tami Novak" ][Date Thu, 29 Jun 2006 12:19:24 +0300]/text/[From "Rebekah Bar ... / ... /[Fro ... /[From "Rh ... /[From Jhereby ][Date Tue, 6 Feb 2007 03:22:59 -0700]/UNNAMED Infecté : Email-Worm.Win32.Zhelatin.r ignoré

C:\Documents and Settings\david\Application Data\Thunderbird\Profiles\pq5os29b.default\Mail\pop.wanadoo-6.fr\Inbox/[From Sean Rutherford ][Date Sun, 18 Jun 2006 09:32:01 -0600]/UNNAMED/[From "Wheeler Sheldon" ][Date Thu, 29 Jun 2006 04:46:46 -0600]/text/[From "eBay" ][Date Wed, 28 Jun 2006 17:31:52 -0700]/UNNAMED/[From "Tami Novak" ][Date Thu, 29 Jun 2006 12:19:24 +0300]/text/[From "Rebekah Bar ... / ... /[Fro ... /[From "Rhoades Angelina" ][Date Tue, 06 Feb 2007 01:07:51 -0800]/UNNAMED Infecté : Email-Worm.Win32.Zhelatin.r ignoré

C:\Documents and Settings\david\Application Data\Thunderbird\Profiles\pq5os29b.default\Mail\pop.wanadoo-6.fr\Inbox/[From Sean Rutherford ][Date Sun, 18 Jun 2006 09:32:01 -0600]/UNNAMED/[From "Wheeler Sheldon" ][Date Thu, 29 Jun 2006 04:46:46 -0600]/text/[From "eBay" ][Date Wed, 28 Jun 2006 17:31:52 -0700]/UNNAMED/[From "Tami Novak" ][Date Thu, 29 Jun 2006 12:19:24 +0300]/text/[From "Rebekah Bar ... / ... /[From "Alek ... /[From "sharia free" ][Date Tue, 6 Feb 2007 08:32:20 +0100]/UNNAMED Infecté : Email-Worm.Win32.Zhelatin.r ignoré

C:\Documents and Settings\david\Application Data\Thunderbird\Profiles\pq5os29b.default\Mail\pop.wanadoo-6.fr\Inbox/[From Sean Rutherford ][Date Sun, 18 Jun 2006 09:32:01 -0600]/UNNAMED/[From "Wheeler Sheldon" ][Date Thu, 29 Jun 2006 04:46:46 -0600]/text/[From "eBay" ][Date Wed, 28 Jun 2006 17:31:52 -0700]/UNNAMED/[From "Tami Novak" ][Date Thu, 29 Jun 2006 12:19:24 +0300]/text/[From "Rebekah Bar ... / ... /[From "Aleksander Colwell" ][Date Tue, 6 Feb 2007 16:00:47 +0900]/text Infecté : Email-Worm.Win32.Zhelatin.r ignoré

C:\Documents and Settings\david\Application Data\Thunderbird\Profiles\pq5os29b.default\Mail\pop.wanadoo-6.fr\Inbox/[From Sean Rutherford ][Date Sun, 18 Jun 2006 09:32:01 -0600]/UNNAMED/[From "Wheeler Sheldon" ][Date Thu, 29 Jun 2006 04:46:46 -0600]/text/[From "eBay" ][Date Wed, 28 Jun 2006 17:31:52 -0700]/UNNAMED/[From "Tami Novak" ][Date Thu, 29 Jun 2006 12:19:24 +0300]/text/[From "Rebekah Bar ... /[From "C .. ... /[ ... ... /[From Oreunion ][Date Tue, 6 Feb 2007 07:53:08 +0100]/UNNAMED Infecté : Email-Worm.Win32.Zhelatin.r ignoré

C:\Documents and Settings\david\Application Data\Thunderbird\Profiles\pq5os29b.default\Mail\pop.wanadoo-6.fr\Inbox/[From Sean Rutherford ][Date Sun, 18 Jun 2006 09:32:01 -0600]/UNNAMED/[From "Wheeler Sheldon" ][Date Thu, 29 Jun 2006 04:46:46 -0600]/text/[From "eBay" ][Date Wed, 28 Jun 2006 17:31:52 -0700]/UNNAMED/[From "Tami Novak" ][Date Thu, 29 Jun 2006 12:19:24 +0300]/text/[From "Rebekah Bar ... /[From "C .. ... /[ ... /[From visiting ][Date Tue, 6 Feb 2007 08:46:13 +0200]/UNNAMED Infecté : Email-Worm.Win32.Zhelatin.r ignoré

C:\Documents and Settings\david\Application Data\Thunderbird\Profiles\pq5os29b.default\Mail\pop.wanadoo-6.fr\Inbox/[From Sean Rutherford ][Date Sun, 18 Jun 2006 09:32:01 -0600]/UNNAMED/[From "Wheeler Sheldon" ][Date Thu, 29 Jun 2006 04:46:46 -0600]/text/[From "eBay" ][Date Wed, 28 Jun 2006 17:31:52 -0700]/UNNAMED/[From "Tami Novak" ][Date Thu, 29 Jun 2006 12:19:24 +0300]/text/[From "Rebekah Bar ... /[From "C .. ... /[From ... /[From execute do ][Date Tue, 6 Feb 2007 13:47:33 +0800]/UNNAMED Infecté : Email-Worm.Win32.Zhelatin.r ignoré

C:\Documents and Settings\david\Application Data\Thunderbird\Profiles\pq5os29b.default\Mail\pop.wanadoo-6.fr\Inbox/[From Sean Rutherford ][Date Sun, 18 Jun 2006 09:32:01 -0600]/UNNAMED/[From "Wheeler Sheldon" ][Date Thu, 29 Jun 2006 04:46:46 -0600]/text/[From "eBay" ][Date Wed, 28 Jun 2006 17:31:52 -0700]/UNNAMED/[From "Tami Novak" ][Date Thu, 29 Jun 2006 12:19:24 +0300]/text/[From "Rebekah Bar ... /[From "C .. ... /[From "Lenard Robbins" ][Date Tue, 06 Feb 2007 05:39:16 -0000]/UNNAMED Infecté : Email-Worm.Win32.Zhelatin.r ignoré

C:\Documents and Settings\david\Application Data\Thunderbird\Profiles\pq5os29b.default\Mail\pop.wanadoo-6.fr\Inbox/[From Sean Rutherford ][Date Sun, 18 Jun 2006 09:32:01 -0600]/UNNAMED/[From "Wheeler Sheldon" ][Date Thu, 29 Jun 2006 04:46:46 -0600]/text/[From "eBay" ][Date Wed, 28 Jun 2006 17:31:52 -0700]/UNNAMED/[From "Tami Novak" ][Date Thu, 29 Jun 2006 12:19:24 +0300]/text/[From "Rebekah Bar ... /[From "C .. ... /[From from [96/6]][Date Mon, 05 Feb 2007 23:50:29 -0500]/UNNAMED Infecté : Email-Worm.Win32.Zhelatin.r ignoré

C:\Documents and Settings\david\Application Data\Thunderbird\Profiles\pq5os29b.default\Mail\pop.wanadoo-6.fr\Inbox/[From Sean Rutherford ][Date Sun, 18 Jun 2006 09:32:01 -0600]/UNNAMED/[From "Wheeler Sheldon" ][Date Thu, 29 Jun 2006 04:46:46 -0600]/text/[From "eBay" ][Date Wed, 28 Jun 2006 17:31:52 -0700]/UNNAMED/[From "Tami Novak" ][Date Thu, 29 Jun 2006 12:19:24 +0300]/text/[From "Rebekah Bar ... /[From "C ... / ... /[From "Superfourmi" ][Date Tue, 06 Feb 2007 05:34:36 +0100]/UNNAMED Infecté : Email-Worm.Win32.Zhelatin.r ignoré

C:\Documents and Settings\david\Application Data\Thunderbird\Profiles\pq5os29b.default\Mail\pop.wanadoo-6.fr\Inbox/[From Sean Rutherford ][Date Sun, 18 Jun 2006 09:32:01 -0600]/UNNAMED/[From "Wheeler Sheldon" ][Date Thu, 29 Jun 2006 04:46:46 -0600]/text/[From "eBay" ][Date Wed, 28 Jun 2006 17:31:52 -0700]/UNNAMED/[From "Tami Novak" ][Date Thu, 29 Jun 2006 12:19:24 +0300]/text/[From "Rebekah Bar ... /[From "C ... /[From "Isidro Sa ... /[From "m ra" ][Date Mon, 5 Feb 2007 21:47:35 +0000]/html Infecté : Email-Worm.Win32.Zhelatin.r ignoré

C:\Documents and Settings\david\Application Data\Thunderbird\Profiles\pq5os29b.default\Mail\pop.wanadoo-6.fr\Inbox/[From Sean Rutherford ][Date Sun, 18 Jun 2006 09:32:01 -0600]/UNNAMED/[From "Wheeler Sheldon" ][Date Thu, 29 Jun 2006 04:46:46 -0600]/text/[From "eBay" ][Date Wed, 28 Jun 2006 17:31:52 -0700]/UNNAMED/[From "Tami Novak" ][Date Thu, 29 Jun 2006 12:19:24 +0300]/text/[From "Rebekah Bar ... /[From "C ... /[From "Isidro Sanders" ][Date Mon, 05 Feb 2007 19:19:54 -0400]/UNNAMED Infecté : Email-Worm.Win32.Zhelatin.r ignoré

C:\Documents and Settings\david\Application Data\Thunderbird\Profiles\pq5os29b.default\Mail\pop.wanadoo-6.fr\Inbox/[From Sean Rutherford ][Date Sun, 18 Jun 2006 09:32:01 -0600]/UNNAMED/[From "Wheeler Sheldon" ][Date Thu, 29 Jun 2006 04:46:46 -0600]/text/[From "eBay" ][Date Wed, 28 Jun 2006 17:31:52 -0700]/UNNAMED/[From "Tami Novak" ][Date Thu, 29 Jun 2006 12:19:24 +0300]/text/[From "Rebekah Bar ... /[From "Cr . ... /[Fro . ... /[From "Cramer" ][Date Mon, 5 Feb 2007 17:01:03 -0600]/UNNAMED Infecté : Email-Worm.Win32.Zhelatin.r ignoré

C:\Documents and Settings\david\Application Data\Thunderbird\Profiles\pq5os29b.default\Mail\pop.wanadoo-6.fr\Inbox/[From Sean Rutherford ][Date Sun, 18 Jun 2006 09:32:01 -0600]/UNNAMED/[From "Wheeler Sheldon" ][Date Thu, 29 Jun 2006 04:46:46 -0600]/text/[From "eBay" ][Date Wed, 28 Jun 2006 17:31:52 -0700]/UNNAMED/[From "Tami Novak" ][Date Thu, 29 Jun 2006 12:19:24 +0300]/text/[From "Rebekah Bar ... /[From "Cr . ... /[Fro ... /[From "Sneed Rosario" ][Date Mon, 05 Feb 2007 14:29:11 -0800]/UNNAMED Infecté : Email-Worm.Win32.Zhelatin.r ignoré

C:\Documents and Settings\david\Application Data\Thunderbird\Profiles\pq5os29b.default\Mail\pop.wanadoo-6.fr\Inbox/[From Sean Rutherford ][Date Sun, 18 Jun 2006 09:32:01 -0600]/UNNAMED/[From "Wheeler Sheldon" ][Date Thu, 29 Jun 2006 04:46:46 -0600]/text/[From "eBay" ][Date Wed, 28 Jun 2006 17:31:52 -0700]/UNNAMED/[From "Tami Novak" ][Date Thu, 29 Jun 2006 12:19:24 +0300]/text/[From "Rebekah Bar ... /[From "Cr . ... /[From "reduction us ... /[From a.d.u.m@laposte.net][Date Mon, 05 Feb 2007 21:15:04 +0100]/UNNAMED Infecté : Email-Worm.Win32.Zhelatin.r ignoré

C:\Documents and Settings\david\Application Data\Thunderbird\Profiles\pq5os29b.default\Mail\pop.wanadoo-6.fr\Inbox/[From Sean Rutherford ][Date Sun, 18 Jun 2006 09:32:01 -0600]/UNNAMED/[From "Wheeler Sheldon" ][Date Thu, 29 Jun 2006 04:46:46 -0600]/text/[From "eBay" ][Date Wed, 28 Jun 2006 17:31:52 -0700]/UNNAMED/[From "Tami Novak" ][Date Thu, 29 Jun 2006 12:19:24 +0300]/text/[From "Rebekah Bar ... /[From "Cr . ... /[From "reduction usable" ][Date 5 Feb 2007 21:32:14 -0200]/UNNAMED Infecté : Email-Worm.Win32.Zhelatin.r ignoré

C:\Documents and Settings\david\Application Data\Thunderbird\Profiles\pq5os29b.default\Mail\pop.wanadoo-6.fr\Inbox/[From Sean Rutherford ][Date Sun, 18 Jun 2006 09:32:01 -0600]/UNNAMED/[From "Wheeler Sheldon" ][Date Thu, 29 Jun 2006 04:46:46 -0600]/text/[From "eBay" ][Date Wed, 28 Jun 2006 17:31:52 -0700]/UNNAMED/[From "Tami Novak" ][Date Thu, 29 Jun 2006 12:19:24 +0300]/text/[From "Rebekah Bar ... /[From "Cr ... /[From "Ayden Johnson" ][Date Mon, 05 Feb 2007 20:00:55 +0100]/text Infecté : Email-Worm.Win32.Zhelatin.r ignoré

C:\Documents and Settings\david\Application Data\Thunderbird\Profiles\pq5os29b.default\Mail\pop.wanadoo-6.fr\Inbox/[From Sean Rutherford ][Date Sun, 18 Jun 2006 09:32:01 -0600]/UNNAMED/[From "Wheeler Sheldon" ][Date Thu, 29 Jun 2006 04:46:46 -0600]/text/[From "eBay" ][Date Wed, 28 Jun 2006 17:31:52 -0700]/UNNAMED/[From "Tami Novak" ][Date Thu, 29 Jun 2006 12:19:24 +0300]/text/[From "Rebekah Bar ... /[From "Crabtre ... /[From ... ... /[From ][Date Mon, 05 Feb 2007 11:58:20 -0600]/UNNAMED Infecté : Email-Worm.Win32.Zhelatin.r ignoré

C:\Documents and Settings\david\Application Data\Thunderbird\Profiles\pq5os29b.default\Mail\pop.wanadoo-6.fr\Inbox/[From Sean Rutherford ][Date Sun, 18 Jun 2006 09:32:01 -0600]/UNNAMED/[From "Wheeler Sheldon" ][Date Thu, 29 Jun 2006 04:46:46 -0600]/text/[From "eBay" ][Date Wed, 28 Jun 2006 17:31:52 -0700]/UNNAMED/[From "Tami Novak" ][Date Thu, 29 Jun 2006 12:19:24 +0300]/text/[From "Rebekah Bar ... /[From "Crabtre ... /[From ... /[From "Audra" ][Date Mon, 05 Feb 2007 16:17:10 +0000]/text Infecté : Email-Worm.Win32.Zhelatin.r ignoré

C:\Documents and Settings\david\Application Data\Thunderbird\Profiles\pq5os29b.default\Mail\pop.wanadoo-6.fr\Inbox/[From Sean Rutherford ][Date Sun, 18 Jun 2006 09:32:01 -0600]/UNNAMED/[From "Wheeler Sheldon" ][Date Thu, 29 Jun 2006 04:46:46 -0600]/text/[From "eBay" ][Date Wed, 28 Jun 2006 17:31:52 -0700]/UNNAMED/[From "Tami Novak" ][Date Thu, 29 Jun 2006 12:19:24 +0300]/text/[From "Rebekah Bar ... /[From "Crabtre ... /[From "IIvy RLongoria" ][Date Mon, 05 Feb 2007 16:57:34 +0100]/UNNAMED Infecté : Email-Worm.Win32.Zhelatin.r ignoré

C:\Documents and Settings\david\Application Data\Thunderbird\Profiles\pq5os29b.default\Mail\pop.wanadoo-6.fr\Inbox/[From Sean Rutherford ][Date Sun, 18 Jun 2006 09:32:01 -0600]/UNNAMED/[From "Wheeler Sheldon" ][Date Thu, 29 Jun 2006 04:46:46 -0600]/text/[From "eBay" ][Date Wed, 28 Jun 2006 17:31:52 -0700]/UNNAMED/[From "Tami Novak" ][Date Thu, 29 Jun 2006 12:19:24 +0300]/text/[From "Rebekah Bar ... /[From "Crabtree ... /[From Baily Conner ][Date Mon, 05 Feb 2007 18:38:51 +0300]/UNNAMED Infecté : Email-Worm.Win32.Zhelatin.r ignoré

C:\Documents and Settings\david\Application Data\Thunderbird\Profiles\pq5os29b.default\Mail\pop.wanadoo-6.fr\Inbox/[From Sean Rutherford ][Date Sun, 18 Jun 2006 09:32:01 -0600]/UNNAMED/[From "Wheeler Sheldon" ][Date Thu, 29 Jun 2006 04:46:46 -0600]/text/[From "eBay" ][Date Wed, 28 Jun 2006 17:31:52 -0700]/UNNAMED/[From "Tami Novak" ][Date Thu, 29 Jun 2006 12:19:24 +0300]/text/[From "Rebekah Bar ... /[From "Crabtree ... /[F ... /[From Michael ][Date Mon, 5 Feb 2007 11:54:49 -0480]/text Infecté : Email-Worm.Win32.Zhelatin.r ignoré

C:\Documents and Settings\david\Application Data\Thunderbird\Profiles\pq5os29b.default\Mail\pop.wanadoo-6.fr\Inbox/[From Sean Rutherford ][Date Sun, 18 Jun 2006 09:32:01 -0600]/UNNAMED/[From "Wheeler Sheldon" ][Date Thu, 29 Jun 2006 04:46:46 -0600]/text/[From "eBay" ][Date Wed, 28 Jun 2006 17:31:52 -0700]/UNNAMED/[From "Tami Novak" ][Date Thu, 29 Jun 2006 12:19:24 +0300]/text/[From "Rebekah Bar ... /[From "Crabtree ... /[From "Noelle Ogden" ][Date Mon, 05 Feb 2007 12:33:26 +0100]/UNNAMED Infecté : Email-Worm.Win32.Zhelatin.r ignoré

C:\Documents and Settings\david\Application Data\Thunderbird\Profiles\pq5os29b.default\Mail\pop.wanadoo-6.fr\Inbox/[From Sean Rutherford ][Date Sun, 18 Jun 2006 09:32:01 -0600]/UNNAMED/[From "Wheeler Sheldon" ][Date Thu, 29 Jun 2006 04:46:46 -0600]/text/[From "eBay" ][Date Wed, 28 Jun 2006 17:31:52 -0700]/UNNAMED/[From "Tami Novak" ][Date Thu, 29 Jun 2006 12:19:24 +0300]/text/[From "Rebekah Bar ... /[From "Crabtree & Eubanks Merrill" ][Date Mon, 05 Feb 2007 02:56:13 -0800]/UNNAMED Infecté : Email-Worm.Win32.Zhelatin.r ignoré

C:\Documents and Settings\david\Application Data\Thunderbird\Profiles\pq5os29b.default\Mail\pop.wanadoo-6.fr\Inbox/[From Sean Rutherford ][Date Sun, 18 Jun 2006 09:32:01 -0600]/UNNAMED/[From "Wheeler Sheldon" ][Date Thu, 29 Jun 2006 04:46:46 -0600]/text/[From "eBay" ][Date Wed, 28 Jun 2006 17:31:52 -0700]/UNNAMED/[From "Tami Novak" ][Date Thu, 29 Jun 2006 12:19:24 +0300]/text/[From "Rebekah Barnard" ][Date Mon, 5 Feb 2007 04:03:53 -0500]/text Infecté : Email-Worm.Win32.Zhelatin.r ignoré

C:\Documents and Settings\david\Application Data\Thunderbird\Profiles\pq5os29b.default\Mail\pop.wanadoo-6.fr\Inbox/[From Sean Rutherford ][Date Sun, 18 Jun 2006 09:32:01 -0600]/UNNAMED/[From "Wheeler Sheldon" ][Date Thu, 29 Jun 2006 04:46:46 -0600]/text/[From "eBay" ][Date Wed, 28 Jun 2006 17:31:52 -0700]/UNNAMED/[From "Tami Novak" ][Date Thu, 29 Jun 2006 12:19:24 +0300]/text/[From "Rebekah Barnard" ][Date Mon, 05 Feb 2007 14:16:58 +0500]/text Infecté : Email-Worm.Win32.Zhelatin.r ignoré

C:\Documents and Settings\david\Application Data\Thunderbird\Profiles\pq5os29b.default\Mail\pop.wanadoo-6.fr\Inbox/[From Sean Rutherford ][Date Sun, 18 Jun 2006 09:32:01 -0600]/UNNAMED/[From "Wheeler Sheldon" ][Date Thu, 29 Jun 2006 04:46:46 -0600]/text/[From "eBay" ][Date Wed, 28 Jun 2006 17:31:52 -0700]/UNNAMED/[From "Tami Novak" ][Date Thu, 29 Jun 2006 12:19:24 +0300]/text/[From "Rebekah Barnard" ][Date Mon, 5 Feb 2007 04:39:52 -0400]/UNNAMED Infecté : Email-Worm.Win32.Zhelatin.r ignoré

C:\Documents and Settings\david\Application Data\Thunderbird\Profiles\pq5os29b.default\Mail\pop.wanadoo-6.fr\Inbox/[From Sean Rutherford ][Date Sun, 18 Jun 2006 09:32:01 -0600]/UNNAMED/[From "Wheeler Sheldon" ][Date Thu, 29 Jun 2006 04:46:46 -0600]/text/[From "eBay" ][Date Wed, 28 Jun 2006 17:31:52 -0700]/UNNAMED/[From "Tami Novak" ][Date Thu, 29 Jun 2006 12:19:24 +0300]/text/[From "Rebekah Barnard" ][Date Sun, 04 Feb 2007 23:42:18 -0800]/text Infecté : Email-Worm.Win32.Zhelatin.r ignoré

C:\Documents and Settings\david\Application Data\Thunderbird\Profiles\pq5os29b.default\Mail\pop.wanadoo-6.fr\Inbox/[From Sean Rutherford ][Date Sun, 18 Jun 2006 09:32:01 -0600]/UNNAMED/[From "Wheeler Sheldon" ][Date Thu, 29 Jun 2006 04:46:46 -0600]/text/[From "eBay" ][Date Wed, 28 Jun 2006 17:31:52 -0700]/UNNAMED/[From "Tami Novak" ][Date Thu, 29 Jun 2006 12:19:24 +0300]/text/[From "Rebekah Barnard" ][Date 5 Feb 2007 07:38:48 +0000]/UNNAMED Infecté : Email-Worm.Win32.Zhelatin.r ignoré

C:\Documents and Settings\david\Application Data\Thunderbird\Profiles\pq5os29b.default\Mail\pop.wanadoo-6.fr\Inbox/[From Sean Rutherford ][Date Sun, 18 Jun 2006 09:32:01 -0600]/UNNAMED/[From "Wheeler Sheldon" ][Date Thu, 29 Jun 2006 04:46:46 -0600]/text/[From "eBay" ][Date Wed, 28 Jun 2006 17:31:52 -0700]/UNNAMED/[From "Tami Novak" ][Date Thu, 29 Jun 2006 12:19:24 +0300]/text/[From "Rebekah Barnard" ][Date Mon, 5 Feb 2007 13:26:28 +0600]/UNNAMED Infecté : Email-Worm.Win32.Zhelatin.r ignoré

C:\Documents and Settings\david\Application Data\Thunderbird\Profiles\pq5os29b.default\Mail\pop.wanadoo-6.fr\Inbox/[From Sean Rutherford ][Date Sun, 18 Jun 2006 09:32:01 -0600]/UNNAMED/[From "Wheeler Sheldon" ][Date Thu, 29 Jun 2006 04:46:46 -0600]/text/[From "eBay" ][Date Wed, 28 Jun 2006 17:31:52 -0700]/UNNAMED/[From "Tami Novak" ][Date Thu, 29 Jun 2006 12:19:24 +0300]/text/[From "Rebekah Barnard" ][Date Mon, 5 Feb 2007 08:35:41 +0100]/UNNAMED Infecté : Email-Worm.Win32.Zhelatin.r ignoré

C:\Documents and Settings\david\Application Data\Thunderbird\Profiles\pq5os29b.default\Mail\pop.wanadoo-6.fr\Inbox/[From Sean Rutherford ][Date Sun, 18 Jun 2006 09:32:01 -0600]/UNNAMED/[From "Wheeler Sheldon" ][Date Thu, 29 Jun 2006 04:46:46 -0600]/text/[From "eBay" ][Date Wed, 28 Jun 2006 17:31:52 -0700]/UNNAMED/[From "Tami Novak" ][Date Thu, 29 Jun 2006 12:19:24 +0300]/text/[From "Rebekah Barnard" ][Date Mon, 5 Feb 2007 10:04:37 +0300]/UNNAMED Infecté : Email-Worm.Win32.Zhelatin.r ignoré

C:\Documents and Settings\david\Application Data\Thunderbird\Profiles\pq5os29b.default\Mail\pop.wanadoo-6.fr\Inbox/[From Sean Rutherford ][Date Sun, 18 Jun 2006 09:32:01 -0600]/UNNAMED/[From "Wheeler Sheldon" ][Date Thu, 29 Jun 2006 04:46:46 -0600]/text/[From "eBay" ][Date Wed, 28 Jun 2006 17:31:52 -0700]/UNNAMED/[From "Tami Novak" ][Date Thu, 29 Jun 2006 12:19:24 +0300]/text/[From "Rebekah Barnard" ][Date Mon, 05 Feb 2007 00:42:14 -0500]/UNNAMED Infecté : Email-Worm.Win32.Zhelatin.r ignoré

C:\Documents and Settings\david\Application Data\Thunderbird\Profiles\pq5os29b.default\Mail\pop.wanadoo-6.fr\Inbox/[From Sean Rutherford ][Date Sun, 18 Jun 2006 09:32:01 -0600]/UNNAMED/[From "Wheeler Sheldon" ][Date Thu, 29 Jun 2006 04:46:46 -0600]/text/[From "eBay" ][Date Wed, 28 Jun 2006 17:31:52 -0700]/UNNAMED/[From "Tami Novak" ][Date Thu, 29 Jun 2006 12:19:24 +0300]/text/[From "Rebekah Barnard" ][Date Mon, 5 Feb 2007 12:51:38 +0500]/UNNAMED Infecté : Email-Worm.Win32.Zhelatin.r ignoré

C:\Documents and Settings\david\Application Data\Thunderbird\Profiles\pq5os29b.default\Mail\pop.wanadoo-6.fr\Inbox/[From Sean Rutherford ][Date Sun, 18 Jun 2006 09:32:01 -0600]/UNNAMED/[From "Wheeler Sheldon" ][Date Thu, 29 Jun 2006 04:46:46 -0600]/text/[From "eBay" ][Date Wed, 28 Jun 2006 17:31:52 -0700]/UNNAMED/[From "Tami Novak" ][Date Thu, 29 Jun 2006 12:19:24 +0300]/text/[From "Rebekah Barnard" ][Date Mon, 5 Feb 2007 23:23:22 +0800]/text Infecté : Email-Worm.Win32.Zhelatin.r ignoré

C:\Documents and Settings\david\Application Data\Thunderbird\Profiles\pq5os29b.default\Mail\pop.wanadoo-6.fr\Inbox/[From Sean Rutherford ][Date Sun, 18 Jun 2006 09:32:01 -0600]/UNNAMED/[From "Wheeler Sheldon" ][Date Thu, 29 Jun 2006 04:46:46 -0600]/text/[From "eBay" ][Date Wed, 28 Jun 2006 17:31:52 -0700]/UNNAMED/[From "Tami Novak" ][Date Thu, 29 Jun 2006 12:19:24 +0300]/text/[From "Rebekah Barnard" ][Date Fri, 30 Jun 2006 04:26:55 -0420]/text Infecté : Email-Worm.Win32.Zhelatin.r ignoré

C:\Documents and Settings\david\Application Data\Thunderbird\Profiles\pq5os29b.default\Mail\pop.wanadoo-6.fr\Inbox/[From Sean Rutherford ][Date Sun, 18 Jun 2006 09:32:01 -0600]/UNNAMED/[From "Wheeler Sheldon" ][Date Thu, 29 Jun 2006 04:46:46 -0600]/text/[From "eBay" ][Date Wed, 28 Jun 2006 17:31:52 -0700]/UNNAMED/[From "Tami Novak" ][Date Thu, 29 Jun 2006 12:19:24 +0300]/text/[From "Rebekah Barnard" ][Date Thu, 29 Jun 2006 21:16:22 -0800]/UNNAMED Infecté : Email-Worm.Win32.Zhelatin.r ignoré

C:\Documents and Settings\david\Application Data\Thunderbird\Profiles\pq5os29b.default\Mail\pop.wanadoo-6.fr\Inbox/[From Sean Rutherford ][Date Sun, 18 Jun 2006 09:32:01 -0600]/UNNAMED/[From "Wheeler Sheldon" ][Date Thu, 29 Jun 2006 04:46:46 -0600]/text/[From "eBay" ][Date Wed, 28 Jun 2006 17:31:52 -0700]/UNNAMED/[From "Tami Novak" ][Date Thu, 29 Jun 2006 12:19:24 +0300]/text/[From "Rebekah Barnard" ][Date Fri, 30 Jun 2006 18:28:05 +0480]/text Infecté : Email-Worm.Win32.Zhelatin.r ignoré

C:\Documents and Settings\david\Application Data\Thunderbird\Profiles\pq5os29b.default\Mail\pop.wanadoo-6.fr\Inbox/[From Sean Rutherford ][Date Sun, 18 Jun 2006 09:32:01 -0600]/UNNAMED/[From "Wheeler Sheldon" ][Date Thu, 29 Jun 2006 04:46:46 -0600]/text/[From "eBay" ][Date Wed, 28 Jun 2006 17:31:52 -0700]/UNNAMED/[From "Tami Novak" ][Date Thu, 29 Jun 2006 12:19:24 +0300]/text Infecté : Email-Worm.Win32.Zhelatin.r ignoré

C:\Documents and Settings\david\Application Data\Thunderbird\Profiles\pq5os29b.default\Mail\pop.wanadoo-6.fr\Inbox/[From Sean Rutherford ][Date Sun, 18 Jun 2006 09:32:01 -0600]/UNNAMED/[From "Wheeler Sheldon" ][Date Thu, 29 Jun 2006 04:46:46 -0600]/text/[From "eBay" ][Date Wed, 28 Jun 2006 17:31:52 -0700]/UNNAMED Infecté : Email-Worm.Win32.Zhelatin.r ignoré

C:\Documents and Settings\david\Application Data\Thunderbird\Profiles\pq5os29b.default\Mail\pop.wanadoo-6.fr\Inbox/[From Sean Rutherford ][Date Sun, 18 Jun 2006 09:32:01 -0600]/UNNAMED/[From "Wheeler Sheldon" ][Date Thu, 29 Jun 2006 04:46:46 -0600]/text Infecté : Email-Worm.Win32.Zhelatin.r ignoré

C:\Documents and Settings\david\Application Data\Thunderbird\Profiles\pq5os29b.default\Mail\pop.wanadoo-6.fr\Inbox/[From Sean Rutherford ][Date Sun, 18 Jun 2006 09:32:01 -0600]/UNNAMED Infecté : Email-Worm.Win32.Zhelatin.r ignoré

C:\Documents and Settings\david\Application Data\Thunderbird\Profiles\pq5os29b.default\Mail\pop.wanadoo-6.fr\Inbox Mail Berkeley mbox: infecté - 74 ignoré

C:\Documents and Settings\david\Bureau\clean\pskill.exe Infecté : not-a-virus:RiskTool.Win32.PsKill.k ignoré

C:\Documents and Settings\david\Cookies\index.dat L'objet est verrouillé ignoré

C:\Documents and Settings\david\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré

C:\Documents and Settings\david\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré

C:\Documents and Settings\david\Local Settings\Application Data\Mozilla\Firefox\Profiles\a193sjxk.default\Cache\_CACHE_001_ L'objet est verrouillé ignoré

C:\Documents and Settings\david\Local Settings\Application Data\Mozilla\Firefox\Profiles\a193sjxk.default\Cache\_CACHE_002_ L'objet est verrouillé ignoré

C:\Documents and Settings\david\Local Settings\Application Data\Mozilla\Firefox\Profiles\a193sjxk.default\Cache\_CACHE_003_ L'objet est verrouillé ignoré

C:\Documents and Settings\david\Local Settings\Application Data\Mozilla\Firefox\Profiles\a193sjxk.default\Cache\_CACHE_MAP_ L'objet est verrouillé ignoré

C:\Documents and Settings\david\Local Settings\Historique\History.IE5\index.dat L'objet est verrouillé ignoré

C:\Documents and Settings\david\Local Settings\Historique\History.IE5\MSHist012007061120070612\index.dat L'objet est verrouillé ignoré

C:\Documents and Settings\david\Local Settings\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat L'objet est verrouillé ignoré

C:\Documents and Settings\david\Local Settings\Temporary Internet Files\Content.IE5\index.dat L'objet est verrouillé ignoré

C:\Documents and Settings\david\Mes documents\Mes téléchargements\clean.zip/clean/pskill.exe Infecté : not-a-virus:RiskTool.Win32.PsKill.k ignoré

C:\Documents and Settings\david\Mes documents\Mes téléchargements\clean.zip ZIP: infecté - 1 ignoré

C:\Documents and Settings\david\Mes documents\Mes téléchargements\SmileyCentralPFSetup2.2.60.4.ZNfox000.exe/mwsSetup.CommonCodebase.exe Infecté : not-a-virus:AdTool.Win32.MyWebSearch.av ignoré

C:\Documents and Settings\david\Mes documents\Mes téléchargements\SmileyCentralPFSetup2.2.60.4.ZNfox000.exe CAB: infecté - 1 ignoré

C:\Documents and Settings\david\NTUSER.DAT L'objet est verrouillé ignoré

C:\Documents and Settings\david\NTUSER.DAT.LOG L'objet est verrouillé ignoré

C:\Documents and Settings\LocalService\Cookies\index.dat L'objet est verrouillé ignoré

C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré

C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré

C:\Documents and Settings\LocalService\Local Settings\Historique\History.IE5\index.dat L'objet est verrouillé ignoré

C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat L'objet est verrouillé ignoré

C:\Documents and Settings\LocalService\NTUSER.DAT L'objet est verrouillé ignoré

C:\Documents and Settings\LocalService\ntuser.dat.LOG L'objet est verrouillé ignoré

C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré

C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré

C:\Documents and Settings\NetworkService\NTUSER.DAT L'objet est verrouillé ignoré

C:\Documents and Settings\NetworkService\ntuser.dat.LOG L'objet est verrouillé ignoré

C:\Program Files\Internet Explorer\msimg32.dll Infecté : not-a-virus:AdTool.Win32.MyWebSearch.au ignoré

C:\Program Files\Mozilla Thunderbird\Mail\pop.ac-orleans-tours.fr\Inbox/[From david.aupiais@ac-orleans-tours.fr][Date Fri, 22 Oct 2004 19:03:45 +0200]/UNNAMED/your_file.pif Infecté : Email-Worm.Win32.NetSky.d ignoré

C:\Program Files\Mozilla Thunderbird\Mail\pop.ac-orleans-tours.fr\Inbox/[From david.aupiais@ac-orleans-tours.fr][Date Fri, 22 Oct 2004 19:03:45 +0200]/UNNAMED Infecté : Email-Worm.Win32.NetSky.d ignoré

C:\Program Files\Mozilla Thunderbird\Mail\pop.ac-orleans-tours.fr\Inbox Mail Berkeley mbox: infecté - 2 ignoré

C:\Program Files\Mozilla Thunderbird\Mail\pop.wanadoo-1.fr\Inbox/[From Cancer ][Date Tue, 02 Nov 2004 10:18:56 -0500]/UNNAMED/[From "Georgette Craig" ][Date Fri, 05 Nov 2004 03:59:05 +0300]/html Infecté : Trojan-Spy.HTML.Bankfraud.u ignoré

C:\Program Files\Mozilla Thunderbird\Mail\pop.wanadoo-1.fr\Inbox/[From Cancer ][Date Tue, 02 Nov 2004 10:18:56 -0500]/UNNAMED Infecté : Trojan-Spy.HTML.Bankfraud.u ignoré

C:\Program Files\Mozilla Thunderbird\Mail\pop.wanadoo-1.fr\Inbox Mail Berkeley mbox: infecté - 2 ignoré

C:\Program Files\Mozilla Thunderbird\Mail\pop.wanadoo-1.fr\Trash/[From Cancer ][Date Tue, 02 Nov 2004 10:18:56 -0500]/UNNAMED/[From "Georgette Craig" ][Date Fri, 05 Nov 2004 03:59:05 +0300]/html Infecté : Trojan-Spy.HTML.Bankfraud.u ignoré

C:\Program Files\Mozilla Thunderbird\Mail\pop.wanadoo-1.fr\Trash/[From Cancer ][Date Tue, 02 Nov 2004 10:18:56 -0500]/UNNAMED Infecté : Trojan-Spy.HTML.Bankfraud.u ignoré

C:\Program Files\Mozilla Thunderbird\Mail\pop.wanadoo-1.fr\Trash/[From "Rosanne Oleary" ][Date Sat, 06 Nov 2004 04:56:18 -0200]/UNNAMED/[From "Edengo" ][Date Tue, 2 Nov 2004 18:23:04 UT]/UNNAMED/[From "Georgette Craig" ][Date Fri, 05 Nov 2004 03:59:05 +0300]/html Infecté : Trojan-Spy.HTML.Bankfraud.u ignoré

C:\Program Files\Mozilla Thunderbird\Mail\pop.wanadoo-1.fr\Trash/[From "Rosanne Oleary" ][Date Sat, 06 Nov 2004 04:56:18 -0200]/UNNAMED/[From "Edengo" ][Date Tue, 2 Nov 2004 18:23:04 UT]/UNNAMED Infecté : Trojan-Spy.HTML.Bankfraud.u ignoré

C:\Program Files\Mozilla Thunderbird\Mail\pop.wanadoo-1.fr\Trash/[From "Rosanne Oleary" ][Date Sat, 06 Nov 2004 04:56:18 -0200]/UNNAMED Infecté : Trojan-Spy.HTML.Bankfraud.u ignoré

C:\Program Files\Mozilla Thunderbird\Mail\pop.wanadoo-1.fr\Trash Mail Berkeley mbox: infecté - 5 ignoré

C:\Program Files\Mozilla Thunderbird\Mail\pop.wanadoo-2.fr\Inbox/[From =?iso-8859-1?Q?L=E9na=EFg_MAUDET?= ][Date Tue, 2 Nov 2004 10:14:10 +0100]/UNNAMED/[From "=?iso-8859-1?Q?clacour?=" ][Date Tue, 2 Nov 2004 17:32:25 +0200]/UNNAMED/[From "COMPERE DANIEL" ][Date Tue, 2 Nov 2004 17:35:41 +0100]/UNNAMED/[From "Sergio.baudry" ][Date Tue, 02 Nov 2004 18:00:38 +0100]/Joke.exe Infecté : Email-Worm.Win32.Bagle.at ignoré

C:\Program Files\Mozilla Thunderbird\Mail\pop.wanadoo-2.fr\Inbox/[From =?iso-8859-1?Q?L=E9na=EFg_MAUDET?= ][Date Tue, 2 Nov 2004 10:14:10 +0100]/UNNAMED/[From "=?iso-8859-1?Q?clacour?=" ][Date Tue, 2 Nov 2004 17:32:25 +0200]/UNNAMED/[From "COMPERE DANIEL" ][Date Tue, 2 Nov 2004 17:35:41 +0100]/UNNAMED Infecté : Email-Worm.Win32.Bagle.at ignoré

C:\Program Files\Mozilla Thunderbird\Mail\pop.wanadoo-2.fr\Inbox/[From =?iso-8859-1?Q?L=E9na=EFg_MAUDET?= ][Date Tue, 2 Nov 2004 10:14:10 +0100]/UNNAMED/[From "=?iso-8859-1?Q?clacour?=" ][Date Tue, 2 Nov 2004 17:32:25 +0200]/UNNAMED Infecté : Email-Worm.Win32.Bagle.at ignoré

C:\Program Files\Mozilla Thunderbird\Mail\pop.wanadoo-2.fr\Inbox/[From =?iso-8859-1?Q?L=E9na=EFg_MAUDET?= ][Date Tue, 2 Nov 2004 10:14:10 +0100]/UNNAMED Infecté : Email-Worm.Win32.Bagle.at ignoré

C:\Program Files\Mozilla Thunderbird\Mail\pop.wanadoo-2.fr\Inbox Mail Berkeley mbox: infecté - 4 ignoré

C:\Program Files\Mozilla Thunderbird\Mail\pop.wanadoo-3.fr\Inbox/[From Smith Barney ][Date Sat, 05 Feb 2005 18:10:12 +0300]/html Infecté : Trojan-Spy.HTML.Smitfraud.a ignoré

C:\Program Files\Mozilla Thunderbird\Mail\pop.wanadoo-3.fr\Inbox/[From Regions bank ][Date Sun, 20 Feb 2005 00:04:52 -0600]/html Infecté : Trojan-Spy.HTML.Bankfraud.ci ignoré

C:\Program Files\Mozilla Thunderbird\Mail\pop.wanadoo-3.fr\Inbox/[From REGIONS AND UNION PLANTERS ][Date Sat, 05 Mar 2005 11:15:42 +0400]/html Infecté : Trojan-Spy.HTML.Bankfraud.dq ignoré

C:\Program Files\Mozilla Thunderbird\Mail\pop.wanadoo-3.fr\Inbox/[From "Dominic Caron" ][Date Mon, 07 Mar 2005 20:05:28 -0600]/text Infecté : Exploit.HTML.ObjData ignoré

C:\Program Files\Mozilla Thunderbird\Mail\pop.wanadoo-3.fr\Inbox/[From "Dominic Caron" ][Date Mon, 07 Mar 2005 20:05:28 -0600]/html Infecté : Exploit.HTML.ObjData ignoré

C:\Program Files\Mozilla Thunderbird\Mail\pop.wanadoo-3.fr\Inbox/[From "eBay Support" ][Date Mon, 21 Mar 2005 12:33:10 +0900]/html Infecté : Trojan-Spy.HTML.Bayfraud.ev ignoré

C:\Program Files\Mozilla Thunderbird\Mail\pop.wanadoo-3.fr\Inbox/[From "eBay Support" ][Date Tue, 22 Mar 2005 16:59:39 +0900]/html Infecté : Trojan-Spy.HTML.Bayfraud.ev ignoré

C:\Program Files\Mozilla Thunderbird\Mail\pop.wanadoo-3.fr\Inbox/[From "eBay Support" ][Date Sun, 3 Apr 2005 15:57:37 -0400]/html Infecté : Trojan-Spy.HTML.Bayfraud.ev ignoré

C:\Program Files\Mozilla Thunderbird\Mail\pop.wanadoo-3.fr\Inbox/[From aw-confirm@ebay.com][Date Wed, 20 Apr 2005 12:21:02 +0200 (CEST)]/html Infecté : Trojan-Spy.HTML.Bayfraud.ev ignoré

C:\Program Files\Mozilla Thunderbird\Mail\pop.wanadoo-3.fr\Inbox Mail Berkeley mbox: infecté - 9 ignoré

C:\Program Files\Mozilla Thunderbird\Mail\pop.wanadoo-3.fr\Junk/[From REGIONS AND UNION PLANTERS ][Date Sat, 05 Mar 2005 11:15:42 +0400]/html Infecté : Trojan-Spy.HTML.Bankfraud.dq ignoré

C:\Program Files\Mozilla Thunderbird\Mail\pop.wanadoo-3.fr\Junk/[From "Dominic Caron" ][Date Mon, 07 Mar 2005 20:05:28 -0600]/text Infecté : Exploit.HTML.ObjData ignoré

C:\Program Files\Mozilla Thunderbird\Mail\pop.wanadoo-3.fr\Junk/[From "Dominic Caron" ][Date Mon, 07 Mar 2005 20:05:28 -0600]/html Infecté : Exploit.HTML.ObjData ignoré

C:\Program Files\Mozilla Thunderbird\Mail\pop.wanadoo-3.fr\Junk/[From "eBay Support" ][Date Mon, 21 Mar 2005 12:33:10 +0900]/html Infecté : Trojan-Spy.HTML.Bayfraud.ev ignoré

C:\Program Files\Mozilla Thunderbird\Mail\pop.wanadoo-3.fr\Junk/[From "eBay Support" ][Date Tue, 22 Mar 2005 16:59:39 +0900]/html Infecté : Trojan-Spy.HTML.Bayfraud.ev ignoré

C:\Program Files\Mozilla Thunderbird\Mail\pop.wanadoo-3.fr\Junk/[From "eBay Support" ][Date Sun, 3 Apr 2005 15:57:37 -0400]/html Infecté : Trojan-Spy.HTML.Bayfraud.ev ignoré

C:\Program Files\Mozilla Thunderbird\Mail\pop.wanadoo-3.fr\Junk/[From aw-confirm@ebay.com][Date Wed, 20 Apr 2005 12:21:02 +0200 (CEST)]/html Infecté : Trojan-Spy.HTML.Bayfraud.ev ignoré

C:\Program Files\Mozilla Thunderbird\Mail\pop.wanadoo-3.fr\Junk Mail Berkeley mbox: infecté - 7 ignoré

C:\Program Files\MSN Messenger\msimg32.dll Infecté : not-a-virus:AdTool.Win32.MyWebSearch.au ignoré

C:\Program Files\Navilog1\Backupnavi\cserlxif.exe Infecté : not-a-virus:AdWare.Win32.NaviPromo.gen ignoré

C:\Program Files\Navilog1\Backupnavi\czujvodsiw.exe Infecté : not-a-virus:AdWare.Win32.NaviPromo.gen ignoré

C:\Program Files\Navilog1\Backupnavi\dafxilspk.exe Infecté : not-a-virus:AdWare.Win32.NaviPromo.gen ignoré

C:\Program Files\Navilog1\Backupnavi\fayqupbi.exe Infecté : not-a-virus:AdWare.Win32.NaviPromo.gen ignoré

C:\Program Files\Navilog1\Backupnavi\fujpvqgl.exe Infecté : not-a-virus:AdWare.Win32.NaviPromo.gen ignoré

C:\Program Files\Navilog1\Backupnavi\gsjcpwma.exe Infecté : not-a-virus:AdWare.Win32.NaviPromo.gen ignoré

C:\Program Files\Navilog1\Backupnavi\hnrfmmf.exe Infecté : not-a-virus:AdWare.Win32.NaviPromo.gen ignoré

C:\Program Files\Navilog1\Backupnavi\mkawdtouz.exe Infecté : not-a-virus:AdWare.Win32.NaviPromo.gen ignoré

C:\Program Files\Navilog1\Backupnavi\mtoxnsj.exe Infecté : not-a-virus:AdWare.Win32.NaviPromo.gen ignoré

C:\Program Files\Navilog1\Backupnavi\prqmbxuhwt.exe Infecté : not-a-virus:AdWare.Win32.NaviPromo.gen ignoré

C:\Program Files\Navilog1\Backupnavi\qkyvtxjagu.exe Infecté : not-a-virus:AdWare.Win32.NaviPromo.gen ignoré

C:\Program Files\Navilog1\Backupnavi\qtausjdve.exe Infecté : not-a-virus:AdWare.Win32.NaviPromo.gen ignoré

C:\Program Files\Navilog1\Backupnavi\scemwulh.exe Infecté : not-a-virus:AdWare.Win32.NaviPromo.gen ignoré

C:\Program Files\Navilog1\Backupnavi\xqvtbm.exe Infecté : not-a-virus:AdWare.Win32.NaviPromo.gen ignoré

C:\Program Files\Navilog1\Backupnavi\yxogrwpjns.exe Infecté : not-a-virus:AdWare.Win32.NaviPromo.gen ignoré

C:\Program Files\profiltb\mozvillat\Mail\pop.ac-orleans-tours.fr\Inbox/[From david.aupiais@ac-orleans-tours.fr][Date Fri, 22 Oct 2004 19:03:45 +0200]/UNNAMED/your_file.pif Infecté : Email-Worm.Win32.NetSky.d ignoré

C:\Program Files\profiltb\mozvillat\Mail\pop.ac-orleans-tours.fr\Inbox/[From david.aupiais@ac-orleans-tours.fr][Date Fri, 22 Oct 2004 19:03:45 +0200]/UNNAMED Infecté : Email-Worm.Win32.NetSky.d ignoré

C:\Program Files\profiltb\mozvillat\Mail\pop.ac-orleans-tours.fr\Inbox Mail Berkeley mbox: infecté - 2 ignoré

C:\Program Files\profiltb\mozvillat\Mail\pop.wanadoo-1.fr\Inbox/[From Cancer ][Date Tue, 02 Nov 2004 10:18:56 -0500]/UNNAMED/[From "Georgette Craig" ][Date Fri, 05 Nov 2004 03:59:05 +0300]/html Infecté : Trojan-Spy.HTML.Bankfraud.u ignoré

C:\Program Files\profiltb\mozvillat\Mail\pop.wanadoo-1.fr\Inbox/[From Cancer ][Date Tue, 02 Nov 2004 10:18:56 -0500]/UNNAMED Infecté : Trojan-Spy.HTML.Bankfraud.u ignoré

C:\Program Files\profiltb\mozvillat\Mail\pop.wanadoo-1.fr\Inbox Mail Berkeley mbox: infecté - 2 ignoré

C:\Program Files\profiltb\mozvillat\Mail\pop.wanadoo-1.fr\Trash/[From Cancer ][Date Tue, 02 Nov 2004 10:18:56 -0500]/UNNAMED/[From "Georgette Craig" ][Date Fri, 05 Nov 2004 03:59:05 +0300]/html Infecté : Trojan-Spy.HTML.Bankfraud.u ignoré

C:\Program Files\profiltb\mozvillat\Mail\pop.wanadoo-1.fr\Trash/[From Cancer ][Date Tue, 02 Nov 2004 10:18:56 -0500]/UNNAMED Infecté : Trojan-Spy.HTML.Bankfraud.u ignoré

C:\Program Files\profiltb\mozvillat\Mail\pop.wanadoo-1.fr\Trash/[From "Rosanne Oleary" ][Date Sat, 06 Nov 2004 04:56:18 -0200]/UNNAMED/[From "Edengo" ][Date Tue, 2 Nov 2004 18:23:04 UT]/UNNAMED/[From "Georgette Craig" ][Date Fri, 05 Nov 2004 03:59:05 +0300]/html Infecté : Trojan-Spy.HTML.Bankfraud.u ignoré

C:\Program Files\profiltb\mozvillat\Mail\pop.wanadoo-1.fr\Trash/[From "Rosanne Oleary" ][Date Sat, 06 Nov 2004 04:56:18 -0200]/UNNAMED/[From "Edengo" ][Date Tue, 2 Nov 2004 18:23:04 UT]/UNNAMED Infecté : Trojan-Spy.HTML.Bankfraud.u ignoré

C:\Program Files\profiltb\mozvillat\Mail\pop.wanadoo-1.fr\Trash/[From "Rosanne Oleary" ][Date Sat, 06 Nov 2004 04:56:18 -0200]/UNNAMED Infecté : Trojan-Spy.HTML.Bankfraud.u ignoré

C:\Program Files\profiltb\mozvillat\Mail\pop.wanadoo-1.fr\Trash Mail Berkeley mbox: infecté - 5 ignoré

C:\Program Files\profiltb\mozvillat\Mail\pop.wanadoo-2.fr\Inbox/[From =?iso-8859-1?Q?L=E9na=EFg_MAUDET?= ][Date Tue, 2 Nov 2004 10:14:10 +0100]/UNNAMED/[From "=?iso-8859-1?Q?clacour?=" ][Date Tue, 2 Nov 2004 17:32:25 +0200]/UNNAMED/[From "COMPERE DANIEL" ][Date Tue, 2 Nov 2004 17:35:41 +0100]/UNNAMED/[From "Sergio.baudry" ][Date Tue, 02 Nov 2004 18:00:38 +0100]/Joke.exe Infecté : Email-Worm.Win32.Bagle.at ignoré

C:\Program Files\profiltb\mozvillat\Mail\pop.wanadoo-2.fr\Inbox/[From =?iso-8859-1?Q?L=E9na=EFg_MAUDET?= ][Date Tue, 2 Nov 2004 10:14:10 +0100]/UNNAMED/[From "=?iso-8859-1?Q?clacour?=" ][Date Tue, 2 Nov 2004 17:32:25 +0200]/UNNAMED/[From "COMPERE DANIEL" ][Date Tue, 2 Nov 2004 17:35:41 +0100]/UNNAMED Infecté : Email-Worm.Win32.Bagle.at ignoré

C:\Program Files\profiltb\mozvillat\Mail\pop.wanadoo-2.fr\Inbox/[From =?iso-8859-1?Q?L=E9na=EFg_MAUDET?= ][Date Tue, 2 Nov 2004 10:14:10 +0100]/UNNAMED/[From "=?iso-8859-1?Q?clacour?=" ][Date Tue, 2 Nov 2004 17:32:25 +0200]/UNNAMED Infecté : Email-Worm.Win32.Bagle.at ignoré

C:\Program Files\profiltb\mozvillat\Mail\pop.wanadoo-2.fr\Inbox/[From =?iso-8859-1?Q?L=E9na=EFg_MAUDET?= ][Date Tue, 2 Nov 2004 10:14:10 +0100]/UNNAMED Infecté : Email-Worm.Win32.Bagle.at ignoré

C:\Program Files\profiltb\mozvillat\Mail\pop.wanadoo-2.fr\Inbox Mail Berkeley mbox: infecté - 4 ignoré

C:\Program Files\profiltb\mozvillat\Mail\pop.wanadoo-3.fr\Inbox/[From Smith Barney ][Date Sat, 05 Feb 2005 18:10:12 +0300]/html Infecté : Trojan-Spy.HTML.Smitfraud.a ignoré

C:\Program Files\profiltb\mozvillat\Mail\pop.wanadoo-3.fr\Inbox/[From Regions bank ][Date Sun, 20 Feb 2005 00:04:52 -0600]/html Infecté : Trojan-Spy.HTML.Bankfraud.ci ignoré

C:\Program Files\profiltb\mozvillat\Mail\pop.wanadoo-3.fr\Inbox/[From REGIONS AND UNION PLANTERS ][Date Sat, 05 Mar 2005 11:15:42 +0400]/html Infecté : Trojan-Spy.HTML.Bankfraud.dq ignoré

C:\Program Files\profiltb\mozvillat\Mail\pop.wanadoo-3.fr\Inbox/[From "Dominic Caron" ][Date Mon, 07 Mar 2005 20:05:28 -0600]/

synthexe

Anti-Malware Power

Bonjour

Vide tes mails, la plupart sont infecté, et par une belle merde : bagle .... supprime les tous !! Ne télécharge jamais de pieces jointes sans certitude quelle soit propre !

Une fois tes mails supprimé, refais moi un arpport Kaspersky et un hijackthis stp.

---------------
¤¤ Kaspersky WebScanner ¤¤¤¤¤¤¤ AVG AntiSpyware ¤¤
¤¤¤¤¤¤ CCleaner ¤¤¤¤¤¤

bestiole

bonjour et merci!

voila , j'ai vidé tous mes mails!et voici les rapports:

Tuesday, June 12, 2007 9:31:37 PM
Système d'exploitation : Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600)
Kaspersky On-line Scanner version : 5.0.83.0
Dernière mise à jour de la base antivirus Kaspersky : 12/06/2007
Enregistrements dans la base antivirus Kaspersky : 342759

Paramètres d'analyse
Analyser avec la base antivirus suivante étendue
Analyser les archives vrai
Analyser les bases de messagerie vrai

Cible de l'analyse Poste de travail
C:\
D:\
E:\
F:\

Statistiques de l'analyse
Total d'objets analysés 105011
Nombre de virus trouvés 19
Nombre d'objets infectés 211 / 0
Nombre d'objets suspects 1
Durée de l'analyse 02:25:32

Nom de l'objet infecté Nom du virus Dernière action
C:\Documents and Settings\All Users\Application Data\avg7\Log\emc.log L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Grisoft\Avg7Data\avg7log.log L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Grisoft\Avg7Data\avg7log.log.lck L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat L'objet est verrouillé ignoré

C:\Documents and Settings\david\Application Data\Mozilla\Firefox\Profiles\a193sjxk.default\cert8.db L'objet est verrouillé ignoré

C:\Documents and Settings\david\Application Data\Mozilla\Firefox\Profiles\a193sjxk.default\formhistory.dat L'objet est verrouillé ignoré

C:\Documents and Settings\david\Application Data\Mozilla\Firefox\Profiles\a193sjxk.default\history.dat L'objet est verrouillé ignoré

C:\Documents and Settings\david\Application Data\Mozilla\Firefox\Profiles\a193sjxk.default\key3.db L'objet est verrouillé ignoré

C:\Documents and Settings\david\Application Data\Mozilla\Firefox\Profiles\a193sjxk.default\parent.lock L'objet est verrouillé ignoré

C:\Documents and Settings\david\Application Data\Mozilla\Firefox\Profiles\a193sjxk.default\search.sqlite L'objet est verrouillé ignoré

C:\Documents and Settings\david\Application Data\Mozilla\Firefox\Profiles\a193sjxk.default\urlclassifier2.sqlite L'objet est verrouillé ignoré

C:\Documents and Settings\david\Application Data\Thunderbird\Profiles\pq5os29b.default\Mail\pop.wanadoo-3.fr\Inbox/[From Fabrice VEYSSIERE ][Date Sun, 18 Jun 2006 23:31:09 +0200 (CEST)]/UNNAMED/[From Alan Boisard ][Date Mon, 19 Jun 2006 11:19:23 +0200]/UNNAMED/[From Arnaud ][Date Mon, 19 Jun 2006 19:55:05 +0200]/UNNAMED/[From "G.Bridon" ][Date Tue, 20 Jun 2006 00:06:10 +0200]/text/[From Marie Marthe RIGAUDEAU ][Date Tue, 20 Jun 2006 17:00:24 +0100]/html Suspect : Email-Worm.Win32.Bagle.mail ignoré

C:\Documents and Settings\david\Application Data\Thunderbird\Profiles\pq5os29b.default\Mail\pop.wanadoo-3.fr\Inbox/[From Fabrice VEYSSIERE ][Date Sun, 18 Jun 2006 23:31:09 +0200 (CEST)]/UNNAMED/[From Alan Boisard ][Date Mon, 19 Jun 2006 11:19:23 +0200]/UNNAMED/[From Arnaud ][Date Mon, 19 Jun 2006 19:55:05 +0200]/UNNAMED/[From "G.Bridon" ][Date Tue, 20 Jun 2006 00:06:10 +0200]/text/[From Marie Marthe RIGAU ... /[From "Pascal.legouic" ][Date Tue, 20 Jun 2006 17:00:24 +0100]/Humphrie.zip Infecté : Email-Worm.Win32.Bagle.gen ignoré

C:\Documents and Settings\david\Application Data\Thunderbird\Profiles\pq5os29b.default\Mail\pop.wanadoo-3.fr\Inbox/[From Fabrice VEYSSIERE ][Date Sun, 18 Jun 2006 23:31:09 +0200 (CEST)]/UNNAMED/[From Alan Boisard ][Date Mon, 19 Jun 2006 11:19:23 +0200]/UNNAMED/[From Arnaud ][Date Mon, 19 Jun 2006 19:55:05 +0200]/UNNAMED/[From "G.Bridon" ][Date Tue, 20 Jun 2006 00:06:10 +0200]/text/[From Marie Marthe RIGAUDEAU ][Date Tue, 20 Jun 2006 14:44:45 +0200]/UNNAMED Infecté : Email-Worm.Win32.Bagle.gen ignoré

C:\Documents and Settings\david\Application Data\Thunderbird\Profiles\pq5os29b.d

FORUM AideOnline

Aide Sécurité

désinfection pop-up,

désinfection pop-up,