NOD332: Removal Tool for my Worms?.

  • Thread starter Thread starter Fogar
  • Start date Start date
F

Fogar

Hello, I use NOD32 antivirus and it blocks about 10-5 email every day
with these worms. When NOD32 runs doesn't see any worm, I think NOD32
succeeds to delete every worm.
I use Eudora and winxp.
Am I infected?
What can I do please?
thanks
Fogar


Time Module Object Name Virus Action User Info
15/01/2005 15.40.01 IMON email message from: "Administrator"
<[email protected]> to: "Internet User"
<[email protected]> with subject Bug Letter dated Sat, 15 Jan
2005 15:38:02 +0100 (added by (e-mail address removed))
Win32/Swen.A worm contained infected files
EXPLORIN-IM7NI4\Fogar
15/01/2005 10.26.03 IMON email message from: "Microsoft
Internet Mail Storage System" <[email protected]> to: "Net User"
<[email protected]> with subject returned mail returned to
mailer dated Sat, 15 Jan 2005 09:15:51 +0100 (CET) Win32/Swen.A
worm contained infected files EXPLORIN-IM7NI4\Fogar
14/01/2005 21.16.30 IMON email message from: "Microsoft
Corporation Security Section" <zydevkozhddd_diyzjce@updates_msdn.com>
to: "Commercial Client" <client@updates_msdn.com> with subject Latest
Net Patch dated Fri, 14 Jan 2005 19:59:07 +0100 (CET) Win32/Swen.A
worm contained infected files EXPLORIN-IM7NI4\Fogar
14/01/2005 19.29.22 IMON email message from: "MS Net Message
Storage Service" <[email protected]> to: " "
<[email protected]> with subject Abort Letter dated Fri, 14 Jan
2005 19:16:24 +0100 (CET) Win32/Swen.A worm contained
infected files EXPLORIN-IM7NI4\Fogar
14/01/2005 19.16.03 IMON email message from: "Microsoft
Program Security Section" <kkpqkpaycyg@bulletin_ms.net> to: "MS
Corporation Customer" <shsdl@bulletin_ms.net> dated Fri, 14 Jan 2005
19:07:44 +0100 (CET) Win32/Swen.A worm contained infected
files EXPLORIN-IM7NI4\Fogar
14/01/2005 19.15.56 IMON email message from: ""
<[email protected]> to: "Ulixi" <[email protected]> with subject
Re: dated Fri, 14 Jan 2005 12:30:05 -0500 Win32/Bagle.gen.zip
worm contained infected files EXPLORIN-IM7NI4\Fogar
14/01/2005 12.05.32 IMON email message from: "MS Corporation
Security Assistance" <ennhxfmw-izprtap@support_ms.com> to: "Client"
<xtlkgv@support_ms.com> with subject New Microsoft Pack dated Fri, 14
Jan 2005 00:20:47 +0100 (added by (e-mail address removed))
Win32/Swen.A worm contained infected files
EXPLORIN-IM7NI4\Fogar
14/01/2005 12.05.28 IMON email message from: "ms inet email
storage service" <[email protected]> to: "Email User"
<[email protected]> dated Thu, 13 Jan 2005 23:41:26 +0100 (added by
(e-mail address removed)) Win32/Swen.A worm contained
infected files EXPLORIN-IM7NI4\Fogar
14/01/2005 12.05.24 IMON email message from: ""
<[email protected]> to: "Customer" <[email protected]>
with subject Last Internet Pack dated Thu, 13 Jan 2005 23:40:06 +0100
(added by (e-mail address removed)) Win32/Swen.A worm
contained infected files EXPLORIN-IM7NI4\Fogar
13/01/2005 22.40.35 IMON email message from: "Microsoft
Network Mail Storage System" <[email protected]> to: "inet
user" <[email protected]> with subject Bug Notice dated Thu, 13
Jan 2005 15:57:44 -0600 Win32/Swen.A worm contained
infected files EXPLORIN-IM7NI4\Fogar
13/01/2005 22.40.32 IMON email message from: "Microsoft" <>
to: "Commercial Consumer" <[email protected]> with subject
Latest Internet Upgrade dated Thu, 13 Jan 2005 15:55:51 -0600
Win32/Swen.A worm contained infected files
EXPLORIN-IM7NI4\Fogar
13/01/2005 21.11.06 IMON email message from: "Microsoft
Network Mail Storage System" <[email protected]> to: "Network
User" <[email protected]> with subject Announcement dated Thu, 13
Jan 2005 20:18:41 +0100 (added by (e-mail address removed))
Win32/Swen.A worm contained infected files
EXPLORIN-IM7NI4\Fogar
13/01/2005 21.10.59 IMON email message from: "Microsoft
Program Security Department" <[email protected]> to: " "
<[email protected]> with subject Latest Microsoft
Security Pack dated Thu, 13 Jan 2005 20:10:28 +0100 (added by
(e-mail address removed)) Win32/Swen.A worm contained infected
files EXPLORIN-IM7NI4\Fogar
13/01/2005 19.04.49 IMON email message from: "message
delivery system" <[email protected]> to: " " <[email protected]>
with subject Abort Letter dated Thu, 13 Jan 2005 18:08:22 +0100 (CET)
Win32/Swen.A worm contained infected files
EXPLORIN-IM7NI4\Fogar
13/01/2005 19.04.45 IMON email message from: "Security
Department" <[email protected]> to: "User"
<[email protected]> with subject Latest Net Security Update
dated Thu, 13 Jan 2005 18:03:43 +0100 (CET) Win32/Swen.A worm
contained infected files EXPLORIN-IM7NI4\Fogar
12/01/2005 15.56.36 IMON email message from: "administrator"
<[email protected]> to: "Mail Recipient" <[email protected]>
with subject Returned Mail: User unknown dated Wed, 12 Jan 2005
15:29:33 +0100 Win32/Swen.A worm contained infected files
EXPLORIN-IM7NI4\Fogar
12/01/2005 15.56.31 IMON email message from: "Public
Services" <[email protected]> to: "Commercial Client"
<[email protected]> with subject newest
microsoft update dated Wed, 12 Jan 2005 15:21:33 +0100 Win32/Swen.A
worm contained infected files EXPLORIN-IM7NI4\Fogar
11/01/2005 17.48.21 IMON email message from: ""
<[email protected]> to: "Ulixi" <[email protected]> with subject
Re: dated Mon, 10 Jan 2005 20:26:28 -0500 Win32/Bagle.AH worm
contained infected files EXPLORIN-IM7NI4\Fogar
11/01/2005 17.48.19 IMON email message from:
(e-mail address removed) to: Mail Recipient <[email protected]>
with subject Abort Advice dated Tue, 11 Jan 2005 01:40:45 +0100 (CET)
Win32/Swen.A worm contained infected files
EXPLORIN-IM7NI4\Fogar
10/01/2005 19.14.44 IMON email message from: Inet Message
Delivery Service <[email protected]> to: net user
<[email protected]> with subject Undelivered Mail: User unknown
dated Mon, 10 Jan 2005 17:54:09 +0100 (CET) Win32/Swen.A worm
contained infected files EXPLORIN-IM7NI4\Fogar
09/01/2005 22.56.47 IMON email message from: ""
<[email protected]> to: "Ulixi" <[email protected]> with subject
Re: dated Sun, 09 Jan 2005 16:27:03 -0500 Win32/Bagle.AH worm
contained infected files EXPLORIN-IM7NI4\Fogar
09/01/2005 16.28.44 IMON email message from: "ms internet
message system" <[email protected]> to: "Network Receiver"
<[email protected]> with subject Message: Returned To Mailer
dated Sun, 9 Jan 2005 16:20:19 +0100 (added by
(e-mail address removed)) Win32/Swen.A worm contained
infected files EXPLORIN-IM7NI4\Fogar
09/01/2005 10.46.39 IMON email message from: ""
<[email protected]> to: "Ulixi" <[email protected]> with subject
Re: dated Sat, 08 Jan 2005 19:49:50 -0500 Win32/Bagle.drp.gen2
worm contained infected files EXPLORIN-IM7NI4\Fogar
08/01/2005 19.51.24 IMON email message from: ""
<[email protected]> to: "Ulixi" <[email protected]> with subject
Re: dated Sat, 08 Jan 2005 11:16:52 -0500 Win32/Bagle.drp.gen2
worm contained infected files EXPLORIN-IM7NI4\Fogar
08/01/2005 10.05.00 IMON email message from: "Network Message
Service" <[email protected]> to: "Internet Client"
<[email protected]> with subject Undelivered Message: Returned To
Sender dated Sat, 8 Jan 2005 12:24:48 +0900 Win32/Swen.A worm
contained infected files EXPLORIN-IM7NI4\Fogar
08/01/2005 10.04.57 IMON email message from: "MS Security
Department" <[email protected]> to: "User"
<[email protected]> with subject Newest Internet Upgrade
dated Sat, 8 Jan 2005 12:22:48 +0900 Win32/Swen.A worm
contained infected files EXPLORIN-IM7NI4\Fogar
08/01/2005 10.04.53 IMON email message from: ""
<[email protected]> to: "Ulixi" <[email protected]> with subject
Re: dated Fri, 07 Jan 2005 20:22:36 -0500 Win32/Bagle.AH worm
contained infected files EXPLORIN-IM7NI4\Fogar
07/01/2005 23.20.37 IMON email message from: "Message
Service" <[email protected]> to: "Internet Receiver"
<[email protected]> with subject Message: Returned To Mailer dated
Fri, 7 Jan 2005 22:50:34 +0100 (CET) Win32/Swen.A worm
contained infected files EXPLORIN-IM7NI4\Fogar
07/01/2005 22.49.12 IMON email message from: "Internet
Security Division" <> to: "MS User" <[email protected]> with
subject Latest Update dated Fri, 7 Jan 2005 22:41:15 +0100 (CET)
Win32/Swen.A worm contained infected files
EXPLORIN-IM7NI4\Fogar
07/01/2005 22.20.43 IMON email message from: "Microsoft
Network Message Storage System" <[email protected]> to: "Email
Receiver" <[email protected]> with subject Bug Notice dated
Fri, 7 Jan 2005 21:11:06 +0100 (CET) Win32/Swen.A worm
contained infected files EXPLORIN-IM7NI4\Fogar
07/01/2005 22.20.19 IMON email message from: "MS Technical
Bulletin" <wfveaymwutdtdcf_ddhm@support_microsoft.com> to: "Client"
<client.lxdgfgzl@support_microsoft.com> with subject Newest Critical
Upgrade dated Fri, 7 Jan 2005 21:06:27 +0100 (CET) Win32/Swen.A
worm contained infected files EXPLORIN-IM7NI4\Fogar
07/01/2005 18.49.16 IMON email message from: "Microsoft Mail
Delivery Service" <[email protected]> to: "network recipient"
<[email protected]> with subject Abort Letter dated Fri, 7 Jan
2005 12:14:24 -0300 Win32/Swen.A worm contained infected
files EXPLORIN-IM7NI4\Fogar
07/01/2005 18.49.12 IMON email message from: "system"
<[email protected]> to: "Mail Client" <[email protected]> with
subject Bug Notice dated Fri, 07 Jan 2005 06:28:44 -0800
Win32/Swen.A worm contained infected files
EXPLORIN-IM7NI4\Fogar
07/01/2005 18.49.07 IMON email message from: "Microsoft
Corporation Technical Support" <[email protected]> to:
"Commercial Consumer" <[email protected]> with
subject New Network Critical Pack dated Fri, 07 Jan 2005 06:22:23
-0800 Win32/Swen.A worm contained infected files
EXPLORIN-IM7NI4\Fogar
07/01/2005 12.30.12 IMON email message from: "microsoft inet
mail storage system" <[email protected]> to: "Email User"
<[email protected]> with subject Error Advice dated Fri, 7 Jan
2005 12:10:06 +0100 (CET) Win32/Swen.A worm contained
infected files EXPLORIN-IM7NI4\Fogar
07/01/2005 12.30.04 IMON email message from: "Microsoft
Corporation Security Section" <[email protected]> to:
"Commercial Consumer" <[email protected]> with subject
Current Network Upgrade dated Fri, 7 Jan 2005 12:02:34 +0100 (CET)
Win32/Swen.A worm contained infected files
EXPLORIN-IM7NI4\Fogar
07/01/2005 12.29.57 IMON email message from: "Microsoft
Corporation Network Security Section" <[email protected]> to:
"Customer" <[email protected]> with subject Current Microsoft
Critical Patch dated Fri, 7 Jan 2005 11:31:45 +0100 (added by
(e-mail address removed)) Win32/Swen.A worm contained
infected files EXPLORIN-IM7NI4\Fogar
07/01/2005 12.29.53 IMON email message from: "MS Message
System" <[email protected]> to: "mail recipient"
<[email protected]> with subject Abort Notice dated Fri, 7 Jan
2005 16:06:37 +0900 Win32/Swen.A worm contained infected
files EXPLORIN-IM7NI4\Fogar
07/01/2005 12.29.49 IMON email message from: "Microsoft
Corporation Security Assistance" <[email protected]> to:
"Commercial Client" <[email protected]> with subject Network
Critical Upgrade dated Fri, 7 Jan 2005 16:04:17 +0900 Win32/Swen.A
worm contained infected files EXPLORIN-IM7NI4\Fogar
06/01/2005 22.58.58 AMON file C:\Documents and
Settings\Fogar\Impostazioni locali\Temporary Internet
Files\Content.IE5\YHEBEBKH\prompt[1].htm
JS/TrojanDownloader.IstBar.A trojan deleted
06/01/2005 22.57.47 IMON archive
http://buldog-stats.com/adv/16/new/classload.jar multiple
infiltrations connection terminated EXPLORIN-IM7NI4\Fogar
06/01/2005 22.57.46 AMON file C:\Documents and
Settings\Fogar\Impostazioni locali\Temporary Internet
Files\Content.IE5\WT2F0DMJ\open[1].exe Win32/Spy.Agent.W trojan
deleted EXPLORIN-IM7NI4\Fogar
06/01/2005 22.57.44 IMON file
http://www.buldog-stats.com/adv/16/open.exe Win32/Spy.Agent.W
trojan quarantined - connection terminated EXPLORIN-IM7NI4\Fogar
06/01/2005 22.57.41 IMON file http://213.159.117.133/
Win32/Adware.CWS.gen Application connection terminated
EXPLORIN-IM7NI4\Fogar
06/01/2005 22.57.39 IMON file http://213.159.117.133/
Win32/Adware.CWS.gen Application connection terminated
EXPLORIN-IM7NI4\Fogar
06/01/2005 22.57.37 IMON archive
http://213.159.117.133/dl/loaderadv160.jar multiple infiltrations
connection terminated EXPLORIN-IM7NI4\Fogar
Time Module Object Name Virus Action User Info
15/01/2005 15.40.01 IMON email message from: "Administrator"
<[email protected]> to: "Internet User"
<[email protected]> with subject Bug Letter dated Sat, 15 Jan
2005 15:38:02 +0100 (added by (e-mail address removed))
Win32/Swen.A worm contained infected files
EXPLORIN-IM7NI4\Fogar
15/01/2005 10.26.03 IMON email message from: "Microsoft
Internet Mail Storage System" <[email protected]> to: "Net User"
<[email protected]> with subject returned mail returned to
mailer dated Sat, 15 Jan 2005 09:15:51 +0100 (CET) Win32/Swen.A
worm contained infected files EXPLORIN-IM7NI4\Fogar
14/01/2005 21.16.30 IMON email message from: "Microsoft
Corporation Security Section" <zydevkozhddd_diyzjce@updates_msdn.com>
to: "Commercial Client" <client@updates_msdn.com> with subject Latest
Net Patch dated Fri, 14 Jan 2005 19:59:07 +0100 (CET) Win32/Swen.A
worm contained infected files EXPLORIN-IM7NI4\Fogar
14/01/2005 19.29.22 IMON email message from: "MS Net Message
Storage Service" <[email protected]> to: " "
<[email protected]> with subject Abort Letter dated Fri, 14 Jan
2005 19:16:24 +0100 (CET) Win32/Swen.A worm contained
infected files EXPLORIN-IM7NI4\Fogar
14/01/2005 19.16.03 IMON email message from: "Microsoft
Program Security Section" <kkpqkpaycyg@bulletin_ms.net> to: "MS
Corporation Customer" <shsdl@bulletin_ms.net> dated Fri, 14 Jan 2005
19:07:44 +0100 (CET) Win32/Swen.A worm contained infected
files EXPLORIN-IM7NI4\Fogar
14/01/2005 19.15.56 IMON email message from: ""
<[email protected]> to: "Ulixi" <[email protected]> with subject
Re: dated Fri, 14 Jan 2005 12:30:05 -0500 Win32/Bagle.gen.zip
worm contained infected files EXPLORIN-IM7NI4\Fogar
14/01/2005 12.05.32 IMON email message from: "MS Corporation
Security Assistance" <ennhxfmw-izprtap@support_ms.com> to: "Client"
<xtlkgv@support_ms.com> with subject New Microsoft Pack dated Fri, 14
Jan 2005 00:20:47 +0100 (added by (e-mail address removed))
Win32/Swen.A worm contained infected files
EXPLORIN-IM7NI4\Fogar
14/01/2005 12.05.28 IMON email message from: "ms inet email
storage service" <[email protected]> to: "Email User"
<[email protected]> dated Thu, 13 Jan 2005 23:41:26 +0100 (added by
(e-mail address removed)) Win32/Swen.A worm contained
infected files EXPLORIN-IM7NI4\Fogar
14/01/2005 12.05.24 IMON email message from: ""
<[email protected]> to: "Customer" <[email protected]>
with subject Last Internet Pack dated Thu, 13 Jan 2005 23:40:06 +0100
(added by (e-mail address removed)) Win32/Swen.A worm
contained infected files EXPLORIN-IM7NI4\Fogar
13/01/2005 22.40.35 IMON email message from: "Microsoft
Network Mail Storage System" <[email protected]> to: "inet
user" <[email protected]> with subject Bug Notice dated Thu, 13
Jan 2005 15:57:44 -0600 Win32/Swen.A worm contained
infected files EXPLORIN-IM7NI4\Fogar
13/01/2005 22.40.32 IMON email message from: "Microsoft" <>
to: "Commercial Consumer" <[email protected]> with subject
Latest Internet Upgrade dated Thu, 13 Jan 2005 15:55:51 -0600
Win32/Swen.A worm contained infected files
EXPLORIN-IM7NI4\Fogar
13/01/2005 21.11.06 IMON email message from: "Microsoft
Network Mail Storage System" <[email protected]> to: "Network
User" <[email protected]> with subject Announcement dated Thu, 13
Jan 2005 20:18:41 +0100 (added by (e-mail address removed))
Win32/Swen.A worm contained infected files
EXPLORIN-IM7NI4\Fogar
13/01/2005 21.10.59 IMON email message from: "Microsoft
Program Security Department" <[email protected]> to: " "
<[email protected]> with subject Latest Microsoft
Security Pack dated Thu, 13 Jan 2005 20:10:28 +0100 (added by
(e-mail address removed)) Win32/Swen.A worm contained infected
files EXPLORIN-IM7NI4\Fogar
13/01/2005 19.04.49 IMON email message from: "message
delivery system" <[email protected]> to: " " <[email protected]>
with subject Abort Letter dated Thu, 13 Jan 2005 18:08:22 +0100 (CET)
Win32/Swen.A worm contained infected files
EXPLORIN-IM7NI4\Fogar
13/01/2005 19.04.45 IMON email message from: "Security
Department" <[email protected]> to: "User"
<[email protected]> with subject Latest Net Security Update
dated Thu, 13 Jan 2005 18:03:43 +0100 (CET) Win32/Swen.A worm
contained infected files EXPLORIN-IM7NI4\Fogar
12/01/2005 15.56.36 IMON email message from: "administrator"
<[email protected]> to: "Mail Recipient" <[email protected]>
with subject Returned Mail: User unknown dated Wed, 12 Jan 2005
15:29:33 +0100 Win32/Swen.A worm contained infected files
EXPLORIN-IM7NI4\Fogar
12/01/2005 15.56.31 IMON email message from: "Public
Services" <[email protected]> to: "Commercial Client"
<[email protected]> with subject newest
microsoft update dated Wed, 12 Jan 2005 15:21:33 +0100 Win32/Swen.A
worm contained infected files EXPLORIN-IM7NI4\Fogar
11/01/2005 17.48.21 IMON email message from: ""
<[email protected]> to: "Ulixi" <[email protected]> with subject
Re: dated Mon, 10 Jan 2005 20:26:28 -0500 Win32/Bagle.AH worm
contained infected files EXPLORIN-IM7NI4\Fogar
11/01/2005 17.48.19 IMON email message from:
(e-mail address removed) to: Mail Recipient <[email protected]>
with subject Abort Advice dated Tue, 11 Jan 2005 01:40:45 +0100 (CET)
Win32/Swen.A worm contained infected files
EXPLORIN-IM7NI4\Fogar
10/01/2005 19.14.44 IMON email message from: Inet Message
Delivery Service <[email protected]> to: net user
<[email protected]> with subject Undelivered Mail: User unknown
dated Mon, 10 Jan 2005 17:54:09 +0100 (CET) Win32/Swen.A worm
contained infected files EXPLORIN-IM7NI4\Fogar
09/01/2005 22.56.47 IMON email message from: ""
<[email protected]> to: "Ulixi" <[email protected]> with subject
Re: dated Sun, 09 Jan 2005 16:27:03 -0500 Win32/Bagle.AH worm
contained infected files EXPLORIN-IM7NI4\Fogar
09/01/2005 16.28.44 IMON email message from: "ms internet
message system" <[email protected]> to: "Network Receiver"
<[email protected]> with subject Message: Returned To Mailer
dated Sun, 9 Jan 2005 16:20:19 +0100 (added by
(e-mail address removed)) Win32/Swen.A worm contained
infected files EXPLORIN-IM7NI4\Fogar
09/01/2005 10.46.39 IMON email message from: ""
<[email protected]> to: "Ulixi" <[email protected]> with subject
Re: dated Sat, 08 Jan 2005 19:49:50 -0500 Win32/Bagle.drp.gen2
worm contained infected files EXPLORIN-IM7NI4\Fogar
08/01/2005 19.51.24 IMON email message from: ""
<[email protected]> to: "Ulixi" <[email protected]> with subject
Re: dated Sat, 08 Jan 2005 11:16:52 -0500 Win32/Bagle.drp.gen2
worm contained infected files EXPLORIN-IM7NI4\Fogar
08/01/2005 10.05.00 IMON email message from: "Network Message
Service" <[email protected]> to: "Internet Client"
<[email protected]> with subject Undelivered Message: Returned To
Sender dated Sat, 8 Jan 2005 12:24:48 +0900 Win32/Swen.A worm
contained infected files EXPLORIN-IM7NI4\Fogar
08/01/2005 10.04.57 IMON email message from: "MS Security
Department" <[email protected]> to: "User"
<[email protected]> with subject Newest Internet Upgrade
dated Sat, 8 Jan 2005 12:22:48 +0900 Win32/Swen.A worm
contained infected files EXPLORIN-IM7NI4\Fogar
08/01/2005 10.04.53 IMON email message from: ""
<[email protected]> to: "Ulixi" <[email protected]> with subject
Re: dated Fri, 07 Jan 2005 20:22:36 -0500 Win32/Bagle.AH worm
contained infected files EXPLORIN-IM7NI4\Fogar
07/01/2005 23.20.37 IMON email message from: "Message
Service" <[email protected]> to: "Internet Receiver"
<[email protected]> with subject Message: Returned To Mailer dated
Fri, 7 Jan 2005 22:50:34 +0100 (CET) Win32/Swen.A worm
contained infected files EXPLORIN-IM7NI4\Fogar
07/01/2005 22.49.12 IMON email message from: "Internet
Security Division" <> to: "MS User" <[email protected]> with
subject Latest Update dated Fri, 7 Jan 2005 22:41:15 +0100 (CET)
Win32/Swen.A worm contained infected files
EXPLORIN-IM7NI4\Fogar
07/01/2005 22.20.43 IMON email message from: "Microsoft
Network Message Storage System" <[email protected]> to: "Email
Receiver" <[email protected]> with subject Bug Notice dated
Fri, 7 Jan 2005 21:11:06 +0100 (CET) Win32/Swen.A worm
contained infected files EXPLORIN-IM7NI4\Fogar
07/01/2005 22.20.19 IMON email message from: "MS Technical
Bulletin" <wfveaymwutdtdcf_ddhm@support_microsoft.com> to: "Client"
<client.lxdgfgzl@support_microsoft.com> with subject Newest Critical
Upgrade dated Fri, 7 Jan 2005 21:06:27 +0100 (CET) Win32/Swen.A
worm contained infected files EXPLORIN-IM7NI4\Fogar
07/01/2005 18.49.16 IMON email message from: "Microsoft Mail
Delivery Service" <[email protected]> to: "network recipient"
<[email protected]> with subject Abort Letter dated Fri, 7 Jan
2005 12:14:24 -0300 Win32/Swen.A worm contained infected
files EXPLORIN-IM7NI4\Fogar
07/01/2005 18.49.12 IMON email message from: "system"
<[email protected]> to: "Mail Client" <[email protected]> with
subject Bug Notice dated Fri, 07 Jan 2005 06:28:44 -0800
Win32/Swen.A worm contained infected files
EXPLORIN-IM7NI4\Fogar
07/01/2005 18.49.07 IMON email message from: "Microsoft
Corporation Technical Support" <[email protected]> to:
"Commercial Consumer" <[email protected]> with
subject New Network Critical Pack dated Fri, 07 Jan 2005 06:22:23
-0800 Win32/Swen.A worm contained infected files
EXPLORIN-IM7NI4\Fogar
07/01/2005 12.30.12 IMON email message from: "microsoft inet
mail storage system" <[email protected]> to: "Email User"
<[email protected]> with subject Error Advice dated Fri, 7 Jan
2005 12:10:06 +0100 (CET) Win32/Swen.A worm contained
infected files EXPLORIN-IM7NI4\Fogar
07/01/2005 12.30.04 IMON email message from: "Microsoft
Corporation Security Section" <[email protected]> to:
"Commercial Consumer" <[email protected]> with subject
Current Network Upgrade dated Fri, 7 Jan 2005 12:02:34 +0100 (CET)
Win32/Swen.A worm contained infected files
EXPLORIN-IM7NI4\Fogar
07/01/2005 12.29.57 IMON email message from: "Microsoft
Corporation Network Security Section" <[email protected]> to:
"Customer" <[email protected]> with subject Current Microsoft
Critical Patch dated Fri, 7 Jan 2005 11:31:45 +0100 (added by
(e-mail address removed)) Win32/Swen.A worm contained
infected files EXPLORIN-IM7NI4\Fogar
07/01/2005 12.29.53 IMON email message from: "MS Message
System" <[email protected]> to: "mail recipient"
<[email protected]> with subject Abort Notice dated Fri, 7 Jan
2005 16:06:37 +0900 Win32/Swen.A worm contained infected
files EXPLORIN-IM7NI4\Fogar
07/01/2005 12.29.49 IMON email message from: "Microsoft
Corporation Security Assistance" <[email protected]> to:
"Commercial Client" <[email protected]> with subject Network
Critical Upgrade dated Fri, 7 Jan 2005 16:04:17 +0900 Win32/Swen.A
worm contained infected files EXPLORIN-IM7NI4\Fogar
06/01/2005 22.58.58 AMON file C:\Documents and
Settings\Fogar\Impostazioni locali\Temporary Internet
Files\Content.IE5\YHEBEBKH\prompt[1].htm
JS/TrojanDownloader.IstBar.A trojan deleted
06/01/2005 22.57.47 IMON archive
http://buldog-stats.com/adv/16/new/classload.jar multiple
infiltrations connection terminated EXPLORIN-IM7NI4\Fogar
06/01/2005 22.57.46 AMON file C:\Documents and
Settings\Fogar\Impostazioni locali\Temporary Internet
Files\Content.IE5\WT2F0DMJ\open[1].exe Win32/Spy.Agent.W trojan
deleted EXPLORIN-IM7NI4\Fogar
06/01/2005 22.57.44 IMON file
http://www.buldog-stats.com/adv/16/open.exe Win32/Spy.Agent.W
trojan quarantined - connection terminated EXPLORIN-IM7NI4\Fogar
06/01/2005 22.57.41 IMON file http://213.159.117.133/
Win32/Adware.CWS.gen Application connection terminated
EXPLORIN-IM7NI4\Fogar
06/01/2005 22.57.39 IMON file http://213.159.117.133/
Win32/Adware.CWS.gen Application connection terminated
EXPLORIN-IM7NI4\Fogar
06/01/2005 22.57.37 IMON archive
http://213.159.117.133/dl/loaderadv160.jar multiple infiltrations
connection terminated EXPLORIN-IM7NI4\Fogar
06/01/2005 22.57.36 IMON file
http://www.awmcash.biz/adverts/06/BlackBox.class
Java/ClassLoader.B trojan connection terminated
EXPLORIN-IM7NI4\Fogar
06/01/2005 22.57.16 IMON file
http://www.megapornix.com/adverts/514/BlackBox.class
Java/ClassLoader.B trojan connection terminated
EXPLORIN-IM7NI4\Fogar
06/01/2005 22.44.43 IMON archive
http://install.xxxtoolbar.com/ist/s...oadfirst=1&account_id=132047&signature=cracks
JS/TrojanDownloader.IstBar.A trojan connection terminated
EXPLORIN-IM7NI4\Fogar
06/01/2005 19.33.38 IMON email message from: "Network Storage
System" <[email protected]> to: "Net Recipient"
<[email protected]> with subject Letter dated Thu, 6 Jan 2005
17:28:28 +0100 (CET) Win32/Swen.A worm contained infected
files EXPLORIN-IM7NI4\Fogar
06/01/2005 19.33.00 IMON email message from: "Microsoft
Corporation Customer Assistance" <[email protected]>
to: "Commercial Consumer" <[email protected]> with subject
Current Pack dated Thu, 6 Jan 2005 17:27:28 +0100 (CET)
Win32/Swen.A worm contained infected files
EXPLORIN-IM7NI4\Fogar
06/01/2005 14.22.04 IMON email message from: ""
<[email protected]> to: "Ulixi" <[email protected]> with subject
Re: dated Thu, 06 Jan 2005 08:11:46 -0500 Win32/Bagle.AH worm
contained infected files EXPLORIN-IM7NI4\Fogar
05/02/2005 21.28.47 IMON email message from: "Technical
Assistance" <ktkfiojkf@confidence_msdn.com> to: "Microsoft User"
<user@confidence_msdn.com> with subject Last Network Critical Upgrade
dated Wed, 5 Jan 2005 17:14:17 -0300 Win32/Swen.A worm
contained infected files EXPLORIN-IM7NI4\Fogar
05/02/2005 21.18.51 IMON email message from: "Microsoft Net
Message Storage System" <[email protected]> to: "Email User"
<[email protected]> with subject Notice dated Wed, 5 Jan 2005
20:59:42 +0100 (CET) Win32/Swen.A worm contained infected
files EXPLORIN-IM7NI4\Fogar
05/02/2005 21.18.47 IMON email message from: "Microsoft
Corporation Network Security Center" <[email protected]> to:
"Commercial User" <[email protected]> dated Wed, 5 Jan 2005
20:55:43 +0100 (CET) Win32/Swen.A worm contained infected
files EXPLORIN-IM7NI4\Fogar
 
Hello, I use NOD32 antivirus and it blocks about 10-5 email every day
with these worms. When NOD32 runs doesn't see any worm, I think NOD32
succeeds to delete every worm.
I use Eudora and winxp.
Am I infected?
What can I do please?
thanks
Fogar
Click to expand...

It seems to me that some prevention is in order here. You should look into
some email filtering software that's going to allow you to view the email
at the POP3 server and delete the email before pulling emails to the
machine that may have an infection. I cannot even remember the last time an
email with a virus has reached any of my machines and NOD32 had to respond
to it.

I use Mailwasher Pro myself, but maybe something like POP3 Cleaner Pro
could be a good prevention tool for you.

http://www.gold-software.com/download249.html

Duane :)
 
Back
Top