Arnaud 44

Suite à eScan, voici les rapports Kaspersky obtenus ensuite. "Critical Areas" (1 virus détecté), puis "My Computer" (6 tjs détectés, on avance ...). - Kékeujfait ? 1/ CRITICAL AREAS ------------------------------------------------------------------------------- KASPERSKY ONLINE SCANNER REPORT Friday, September 08, 2006 2:03:09 PM Operating System: Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600) Kaspersky Online Scanner version: 5.0.83.0 Kaspersky Anti-Virus database last update: 8/09/2006 Kaspersky Anti-Virus database records: 221749 ------------------------------------------------------------------------------- Scan Settings: Scan using the following antivirus database: extended Scan Archives: true Scan Mail Bases: true Scan Target - Critical Areas: C:\WINDOWS C:\DOCUME~1\ARNAUD~1\LOCALS~1\Temp\ Scan Statistics: Total number of scanned objects: 22907 Number of viruses found: 1 Number of infected objects: 4 / 0 Number of suspicious objects: 0 Duration of the scan process: 00:22:39 Infected Object Name / Virus Name / Last Action C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped C:\WINDOWS\RESTORE.INS/C:/OEMCUST/TOOLS/WIN32/PSKILL.EXE Infected: not-a-virus:NetTool.Win32.PsKill skipped C:\WINDOWS\RESTORE.INS ARJ: infected - 1 skipped C:\WINDOWS\SchedLgU.Txt Object is locked skipped C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped C:\WINDOWS\Sti_Trace.log Object is locked skipped C:\WINDOWS\system\RESTORE.INS/C:/OEMCUST/TOOLS/WIN32/PSKILL.EXE Infected: not-a-virus:NetTool.Win32.PsKill skipped C:\WINDOWS\system\RESTORE.INS ARJ: infected - 1 skipped C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped C:\WINDOWS\system32\config\DEFAULT Object is locked skipped C:\WINDOWS\system32\config\default.LOG Object is locked skipped C:\WINDOWS\system32\config\SAM Object is locked skipped C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped C:\WINDOWS\system32\config\SECURITY Object is locked skipped C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped C:\WINDOWS\system32\config\SOFTWARE Object is locked skipped C:\WINDOWS\system32\config\software.LOG Object is locked skipped C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped C:\WINDOWS\system32\config\SYSTEM Object is locked skipped C:\WINDOWS\system32\config\system.LOG Object is locked skipped C:\WINDOWS\system32\h323log.txt Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped C:\WINDOWS\wiadebug.log Object is locked skipped C:\WINDOWS\wiaservc.log Object is locked skipped C:\WINDOWS\WindowsUpdate.log Object is locked skipped Scan process completed. 2/ MY COMPUTER ------------------------------------------------------------------------------- KASPERSKY ONLINE SCANNER REPORT Friday, September 08, 2006 5:13:08 PM Operating System: Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600) Kaspersky Online Scanner version: 5.0.83.0 Kaspersky Anti-Virus database last update: 8/09/2006 Kaspersky Anti-Virus database records: 221749 ------------------------------------------------------------------------------- Scan Settings: Scan using the following antivirus database: extended Scan Archives: true Scan Mail Bases: true Scan Target - My Computer: A:\ C:\ D:\ E:\ F:\ G:\ H:\ Scan Statistics: Total number of scanned objects: 88080 Number of viruses found: 6 Number of infected objects: 19 / 0 Number of suspicious objects: 2 Duration of the scan process: 03:04:11 Infected Object Name / Virus Name / Last Action C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped C:\Documents and Settings\Arnaud & Gaëlle\Application Data\Phoenix\Profiles\default\o0pdhv5q.slt\Cache\_CACHE_001_ Object is locked skipped C:\Documents and Settings\Arnaud & Gaëlle\Application Data\Phoenix\Profiles\default\o0pdhv5q.slt\Cache\_CACHE_002_ Object is locked skipped C:\Documents and Settings\Arnaud & Gaëlle\Application Data\Phoenix\Profiles\default\o0pdhv5q.slt\Cache\_CACHE_003_ Object is locked skipped C:\Documents and Settings\Arnaud & Gaëlle\Application Data\Phoenix\Profiles\default\o0pdhv5q.slt\Cache\_CACHE_MAP_ Object is locked skipped C:\Documents and Settings\Arnaud & Gaëlle\Application Data\Phoenix\Profiles\default\o0pdhv5q.slt\cert8.db Object is locked skipped C:\Documents and Settings\Arnaud & Gaëlle\Application Data\Phoenix\Profiles\default\o0pdhv5q.slt\formhistory.dat Object is locked skipped C:\Documents and Settings\Arnaud & Gaëlle\Application Data\Phoenix\Profiles\default\o0pdhv5q.slt\history.dat Object is locked skipped C:\Documents and Settings\Arnaud & Gaëlle\Application Data\Phoenix\Profiles\default\o0pdhv5q.slt\key3.db Object is locked skipped C:\Documents and Settings\Arnaud & Gaëlle\Application Data\Phoenix\Profiles\default\o0pdhv5q.slt\parent.lock Object is locked skipped C:\Documents and Settings\Arnaud & Gaëlle\Bureau\clean_old\clean\pskill.exe Infected: not-a-virus:RiskTool.Win32.PsKill.k skipped C:\Documents and Settings\Arnaud & Gaëlle\Bureau\clean_old.zip/clean/pskill.exe Infected: not-a-virus:RiskTool.Win32.PsKill.k skipped C:\Documents and Settings\Arnaud & Gaëlle\Bureau\clean_old.zip ZIP: infected - 1 skipped C:\Documents and Settings\Arnaud & Gaëlle\Bureau\SmitfraudFix\SmitfraudFix\Reboot.exe Infected: not-a-virus:RiskTool.Win32.Reboot.f skipped C:\Documents and Settings\Arnaud & Gaëlle\Bureau\SmitfraudFix.zip/SmitfraudFix/Reboot.exe Infected: not-a-virus:RiskTool.Win32.Reboot.f skipped C:\Documents and Settings\Arnaud & Gaëlle\Bureau\SmitfraudFix.zip ZIP: infected - 1 skipped C:\Documents and Settings\Arnaud & Gaëlle\Cookies\index.dat Object is locked skipped C:\Documents and Settings\Arnaud & Gaëlle\Local Settings\Application Data\Identities\{C7AEEBAE-5E7F-418F-B832-C7518D1AA7AC}\Microsoft\Outlook Express\Éléments supprimés.dbx/[From filiz_mertol@mynet.com][Date Fri, 28 May 2004 20:38:43 +0200]/UNNAMED/UNNAMED/html Suspicious: Exploit.HTML.Iframe.FileDownload skipped C:\Documents and Settings\Arnaud & Gaëlle\Local Settings\Application Data\Identities\{C7AEEBAE-5E7F-418F-B832-C7518D1AA7AC}\Microsoft\Outlook Express\Éléments supprimés.dbx/[From filiz_mertol@mynet.com][Date Fri, 28 May 2004 20:38:43 +0200]/UNNAMED/UNNAMED Suspicious: Exploit.HTML.Iframe.FileDownload skipped C:\Documents and Settings\Arnaud & Gaëlle\Local Settings\Application Data\Identities\{C7AEEBAE-5E7F-418F-B832-C7518D1AA7AC}\Microsoft\Outlook Express\Éléments supprimés.dbx/[From filiz_mertol@mynet.com][Date Fri, 28 May 2004 20:38:43 +0200]/UNNAMED/message.scr Infected: Email-Worm.Win32.NetSky.q skipped C:\Documents and Settings\Arnaud & Gaëlle\Local Settings\Application Data\Identities\{C7AEEBAE-5E7F-418F-B832-C7518D1AA7AC}\Microsoft\Outlook Express\Éléments supprimés.dbx/[From filiz_mertol@mynet.com][Date Fri, 28 May 2004 20:38:43 +0200]/UNNAMED Infected: Email-Worm.Win32.NetSky.q skipped C:\Documents and Settings\Arnaud & Gaëlle\Local Settings\Application Data\Identities\{C7AEEBAE-5E7F-418F-B832-C7518D1AA7AC}\Microsoft\Outlook Express\Éléments supprimés.dbx/[From edwigepart@wanadoo.fr][Date Fri, 28 May 2004 20:34:26 +0200]/UNNAMED/document.txt Infected: Email-Worm.Win32.NetSky.q skipped C:\Documents and Settings\Arnaud & Gaëlle\Local Settings\Application Data\Identities\{C7AEEBAE-5E7F-418F-B832-C7518D1AA7AC}\Microsoft\Outlook Express\Éléments supprimés.dbx/[From edwigepart@wanadoo.fr][Date Fri, 28 May 2004 20:34:26 +0200]/UNNAMED Infected: Email-Worm.Win32.NetSky.q skipped C:\Documents and Settings\Arnaud & Gaëlle\Local Settings\Application Data\Identities\{C7AEEBAE-5E7F-418F-B832-C7518D1AA7AC}\Microsoft\Outlook Express\Éléments supprimés.dbx/[From MAILER-DAEMON@wanadoo.fr (Mail Delivery System)][Date Sat, 12 Jun 2004 14:04:27 +0200 (CEST)]/UNNAMED/UNNAMED/[From][Date Sat, 12 Jun 2004 14:03:57 +0200]/warez_portmoney.zip/warez_portmoney.doc.com Infected: Email-Worm.Win32.NetSky.c skipped C:\Documents and Settings\Arnaud & Gaëlle\Local Settings\Application Data\Identities\{C7AEEBAE-5E7F-418F-B832-C7518D1AA7AC}\Microsoft\Outlook Express\Éléments supprimés.dbx/[From MAILER-DAEMON@wanadoo.fr (Mail Delivery System)][Date Sat, 12 Jun 2004 14:04:27 +0200 (CEST)]/UNNAMED/UNNAMED/[From][Date Sat, 12 Jun 2004 14:03:57 +0200]/warez_portmoney.zip Infected: Email-Worm.Win32.NetSky.c skipped C:\Documents and Settings\Arnaud & Gaëlle\Local Settings\Application Data\Identities\{C7AEEBAE-5E7F-418F-B832-C7518D1AA7AC}\Microsoft\Outlook Express\Éléments supprimés.dbx/[From MAILER-DAEMON@wanadoo.fr (Mail Delivery System)][Date Sat, 12 Jun 2004 14:04:27 +0200 (CEST)]/UNNAMED/UNNAMED Infected: Email-Worm.Win32.NetSky.c skipped C:\Documents and Settings\Arnaud & Gaëlle\Local Settings\Application Data\Identities\{C7AEEBAE-5E7F-418F-B832-C7518D1AA7AC}\Microsoft\Outlook Express\Éléments supprimés.dbx/[From MAILER-DAEMON@wanadoo.fr (Mail Delivery System)][Date Sat, 12 Jun 2004 14:04:27 +0200 (CEST)]/UNNAMED Infected: Email-Worm.Win32.NetSky.c skipped C:\Documents and Settings\Arnaud & Gaëlle\Local Settings\Application Data\Identities\{C7AEEBAE-5E7F-418F-B832-C7518D1AA7AC}\Microsoft\Outlook Express\Éléments supprimés.dbx Mail MS Outlook 5: infected - 8, suspicious - 2 skipped C:\Documents and Settings\Arnaud & Gaëlle\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped C:\Documents and Settings\Arnaud & Gaëlle\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped C:\Documents and Settings\Arnaud & Gaëlle\Local Settings\Historique\History.IE5\index.dat Object is locked skipped C:\Documents and Settings\Arnaud & Gaëlle\Local Settings\Historique\History.IE5\MSHist012006090820060909\index.dat Object is locked skipped C:\Documents and Settings\Arnaud & Gaëlle\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped C:\Documents and Settings\Arnaud & Gaëlle\NTUSER.DAT Object is locked skipped C:\Documents and Settings\Arnaud & Gaëlle\ntuser.dat.LOG Object is locked skipped C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Historique\History.IE5\index.dat Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Arnaud & Gaëlle\Data\chandir.dat Object is locked skipped C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Arnaud & Gaëlle\Data\chandir.idx Object is locked skipped C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Arnaud & Gaëlle\Data\chn.dat Object is locked skipped C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Arnaud & Gaëlle\Data\chn.idx Object is locked skipped C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Arnaud & Gaëlle\Data\D0000000.FCS Object is locked skipped C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Arnaud & Gaëlle\Data\inuse.txt Object is locked skipped C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Arnaud & Gaëlle\Data\L0000023.FCS Object is locked skipped C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Arnaud & Gaëlle\Data\main.log Object is locked skipped C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Arnaud & Gaëlle\Data\prs.dat Object is locked skipped C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Arnaud & Gaëlle\Data\prs.idx Object is locked skipped C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Arnaud & Gaëlle\Data\prs_die.dat Object is locked skipped C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Arnaud & Gaëlle\Data\prs_die.idx Object is locked skipped C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Arnaud & Gaëlle\Data\prs_dnd.dat Object is locked skipped C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Arnaud & Gaëlle\Data\prs_dnd.idx Object is locked skipped C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Arnaud & Gaëlle\Data\prs_ext.dat Object is locked skipped C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Arnaud & Gaëlle\Data\prs_ext.idx Object is locked skipped C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Arnaud & Gaëlle\Data\prs_rcv.dat Object is locked skipped C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Arnaud & Gaëlle\Data\prs_rcv.idx Object is locked skipped C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Arnaud & Gaëlle\Data\storydb.dat Object is locked skipped C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Arnaud & Gaëlle\Data\storydb.idx Object is locked skipped C:\Program Files\Securitoo\av_fw\backweb\1044199\Users\Default\Data\cache.dat Object is locked skipped C:\Program Files\Securitoo\av_fw\backweb\1044199\Users\Default\Data\chandir.dat Object is locked skipped C:\Program Files\Securitoo\av_fw\backweb\1044199\Users\Default\Data\chandir.idx Object is locked skipped C:\Program Files\Securitoo\av_fw\backweb\1044199\Users\Default\Data\chn.dat Object is locked skipped C:\Program Files\Securitoo\av_fw\backweb\1044199\Users\Default\Data\chn.idx Object is locked skipped C:\Program Files\Securitoo\av_fw\backweb\1044199\Users\Default\Data\D0000000.FCS Object is locked skipped C:\Program Files\Securitoo\av_fw\backweb\1044199\Users\Default\Data\inuse.txt Object is locked skipped C:\Program Files\Securitoo\av_fw\backweb\1044199\Users\Default\Data\L0000066.FCS Object is locked skipped C:\Program Files\Securitoo\av_fw\backweb\1044199\Users\Default\Data\main.log Object is locked skipped C:\Program Files\Securitoo\av_fw\backweb\1044199\Users\Default\Data\prs.dat Object is locked skipped C:\Program Files\Securitoo\av_fw\backweb\1044199\Users\Default\Data\prs.idx Object is locked skipped C:\Program Files\Securitoo\av_fw\backweb\1044199\Users\Default\Data\prs_die.dat Object is locked skipped C:\Program Files\Securitoo\av_fw\backweb\1044199\Users\Default\Data\prs_die.idx Object is locked skipped C:\Program Files\Securitoo\av_fw\backweb\1044199\Users\Default\Data\prs_dnd.dat Object is locked skipped C:\Program Files\Securitoo\av_fw\backweb\1044199\Users\Default\Data\prs_dnd.idx Object is locked skipped C:\Program Files\Securitoo\av_fw\backweb\1044199\Users\Default\Data\prs_ext.dat Object is locked skipped C:\Program Files\Securitoo\av_fw\backweb\1044199\Users\Default\Data\prs_ext.idx Object is locked skipped C:\Program Files\Securitoo\av_fw\backweb\1044199\Users\Default\Data\prs_rcv.dat Object is locked skipped C:\Program Files\Securitoo\av_fw\backweb\1044199\Users\Default\Data\prs_rcv.idx Object is locked skipped C:\Program Files\Securitoo\av_fw\backweb\1044199\Users\Default\Data\storydb.dat Object is locked skipped C:\Program Files\Securitoo\av_fw\backweb\1044199\Users\Default\Data\storydb.idx Object is locked skipped C:\Program Files\Securitoo\av_fw\Common\admin.pub Object is locked skipped C:\Program Files\Securitoo\av_fw\Common\policy.bpf Object is locked skipped C:\Program Files\Securitoo\av_fw\Common\policy.ipf Object is locked skipped C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped C:\WINDOWS\RESTORE.INS/C:/OEMCUST/TOOLS/WIN32/PSKILL.EXE Infected: not-a-virus:NetTool.Win32.PsKill skipped C:\WINDOWS\RESTORE.INS ARJ: infected - 1 skipped C:\WINDOWS\SchedLgU.Txt Object is locked skipped C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped C:\WINDOWS\Sti_Trace.log Object is locked skipped C:\WINDOWS\system\RESTORE.INS/C:/OEMCUST/TOOLS/WIN32/PSKILL.EXE Infected: not-a-virus:NetTool.Win32.PsKill skipped C:\WINDOWS\system\RESTORE.INS ARJ: infected - 1 skipped C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped C:\WINDOWS\system32\config\DEFAULT Object is locked skipped C:\WINDOWS\system32\config\default.LOG Object is locked skipped C:\WINDOWS\system32\config\SAM Object is locked skipped C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped C:\WINDOWS\system32\config\SECURITY Object is locked skipped C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped C:\WINDOWS\system32\config\SOFTWARE Object is locked skipped C:\WINDOWS\system32\config\software.LOG Object is locked skipped C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped C:\WINDOWS\system32\config\SYSTEM Object is locked skipped C:\WINDOWS\system32\config\system.LOG Object is locked skipped C:\WINDOWS\system32\h323log.txt Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped C:\WINDOWS\wiadebug.log Object is locked skipped C:\WINDOWS\wiaservc.log Object is locked skipped C:\WINDOWS\WindowsUpdate.log Object is locked skipped Scan process completed.

Oups, il manquait la fin du rapport eScan A suivre : ri Sep 08 11:00:31 2006 => *** File C:\Program Files\Fichiers communs\Microsoft Shared\Translat\ENFR\MSB1ENFR.ITS having Size Restriction *** Fri Sep 08 11:00:31 2006 => Scanning File C:\Program Files\Fichiers communs\Microsoft Shared\Translat\ENFR\MSB1ENFR.ITS [**] Fri Sep 08 11:00:31 2006 => *** File C:\Program Files\Fichiers communs\Microsoft Shared\Translat\ENGE\MSB1ENGE.ITS having Size Restriction *** Fri Sep 08 11:00:31 2006 => Scanning File C:\Program Files\Fichiers communs\Microsoft Shared\Translat\ENGE\MSB1ENGE.ITS [**] Fri Sep 08 11:00:31 2006 => *** File C:\Program Files\Fichiers communs\Microsoft Shared\Translat\FRAR\MSB1FRAR.ITS having Size Restriction *** Fri Sep 08 11:00:31 2006 => Scanning File C:\Program Files\Fichiers communs\Microsoft Shared\Translat\FRAR\MSB1FRAR.ITS [**] Fri Sep 08 11:00:31 2006 => *** File C:\Program Files\Fichiers communs\Microsoft Shared\Translat\FREN\MSB1FREN.ITS having Size Restriction *** Fri Sep 08 11:00:31 2006 => Scanning File C:\Program Files\Fichiers communs\Microsoft Shared\Translat\FREN\MSB1FREN.ITS [**] Fri Sep 08 11:00:31 2006 => *** File C:\Program Files\Fichiers communs\Microsoft Shared\Translat\GEEN\MSB1GEEN.ITS having Size Restriction *** Fri Sep 08 11:00:31 2006 => Scanning File C:\Program Files\Fichiers communs\Microsoft Shared\Translat\GEEN\MSB1GEEN.ITS [**] Fri Sep 08 11:04:07 2006 => *** File C:\Program Files\Java\j2re1.4.2_05\lib\rt.jar having Size Restriction *** Fri Sep 08 11:04:07 2006 => Scanning File C:\Program Files\Java\j2re1.4.2_05\lib\rt.jar [**] Fri Sep 08 11:04:47 2006 => C:\Program Files\Lavasoft\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask not Scanned. Possibly password protected... Fri Sep 08 11:08:18 2006 => *** File C:\Program Files\microsoft office\office10\W2K2\OFFICE1.CAB having Size Restriction *** Fri Sep 08 11:08:18 2006 => Scanning File C:\Program Files\microsoft office\office10\W2K2\OFFICE1.CAB [**] Fri Sep 08 11:08:19 2006 => *** File C:\Program Files\microsoft office\office10\WINWORD.EXE having Size Restriction *** Fri Sep 08 11:08:19 2006 => Scanning File C:\Program Files\microsoft office\office10\WINWORD.EXE [**] Fri Sep 08 11:08:59 2006 => *** File C:\Program Files\Mozilla Firefox\firefox.exe having Size Restriction *** Fri Sep 08 11:08:59 2006 => Scanning File C:\Program Files\Mozilla Firefox\firefox.exe [**] Fri Sep 08 11:09:06 2006 => *** File C:\Program Files\MSN Messenger\msnmsgr.exe having Size Restriction *** Fri Sep 08 11:09:06 2006 => Scanning File C:\Program Files\MSN Messenger\msnmsgr.exe [**] Fri Sep 08 11:12:44 2006 => *** File C:\Program Files\QuickTime\QTSystem\QuickTime.qts having Size Restriction *** Fri Sep 08 11:12:44 2006 => Scanning File C:\Program Files\QuickTime\QTSystem\QuickTime.qts [**] Fri Sep 08 11:13:37 2006 => *** File C:\Program Files\QuickTime\QuickTimePlayer.exe having Size Restriction *** Fri Sep 08 11:13:37 2006 => Scanning File C:\Program Files\QuickTime\QuickTimePlayer.exe [**] Fri Sep Fri Sep 08 11:16:52 2006 => *** File C:\Program Files\Securitoo\av_fw\backweb\1044199\6.1.4.58-1044199L\Install\LiteInst.exe having Size Restriction *** Fri Sep 08 11:16:52 2006 => Scanning File C:\Program Files\Securitoo\av_fw\backweb\1044199\6.1.4.58-1044199L\Install\LiteInst.exe [**] Fri Sep Fri Sep 08 11:16:59 2006 => *** File C:\Program Files\Securitoo\av_fw\backweb\1044199\Users\Default\Data\6281\e63463c\pex_4.63-64.jar having Size Restriction *** Fri Sep 08 11:16:59 2006 => Scanning File C:\Program Files\Securitoo\av_fw\backweb\1044199\Users\Default\Data\6281\e63463c\pex_4.63-64.jar [**] Fri Sep Fri Sep 08 11:20:40 2006 => *** File C:\Program Files\Uninstall Information\ieupdate\ieupdate.DAT having Size Restriction *** Fri Sep 08 11:20:40 2006 => Scanning File C:\Program Files\Uninstall Information\ieupdate\ieupdate.DAT [**] Fri Sep 08 11:20:40 2006 => *** File C:\Program Files\Uninstall Information\oeupdate\oeupdate.DAT having Size Restriction *** Fri Sep 08 11:20:40 2006 => Scanning File C:\Program Files\Uninstall Information\oeupdate\oeupdate.DAT [**] Fri Sep 08 11:20:48 2006 => *** File C:\Program Files\Wanadoo\Download\KitWanadoo.exe having Size Restriction *** Fri Sep 08 11:20:48 2006 => Scanning File C:\Program Files\Wanadoo\Download\KitWanadoo.exe [**] Fri Sep 08 11:29:48 2006 => *** File C:\WINDOWS\$hf_mig$\KB890047\SP2GDR\shell32.dll having Size Restriction *** Fri Sep 08 11:29:48 2006 => Scanning File C:\WINDOWS\$hf_mig$\KB890047\SP2GDR\shell32.dll [**] Fri Sep 08 11:29:48 2006 => *** File C:\WINDOWS\$hf_mig$\KB890047\SP2QFE\shell32.dll having Size Restriction *** Fri Sep 08 11:29:48 2006 => Scanning File C:\WINDOWS\$hf_mig$\KB890047\SP2QFE\shell32.dll [**] Fri Sep 08 11:29:54 2006 => *** File C:\WINDOWS\$hf_mig$\KB893086\SP2GDR\shell32.dll having Size Restriction *** Fri Sep 08 11:29:54 2006 => Scanning File C:\WINDOWS\$hf_mig$\KB893086\SP2GDR\shell32.dll [**] Fri Sep 08 11:29:54 2006 => Scanning Folder: C:\WINDOWS\$hf_mig$\KB893086\SP2QFE\*.* Fri Sep 08 11:29:54 2006 => *** File C:\WINDOWS\$hf_mig$\KB893086\SP2QFE\shell32.dll having Size Restriction *** Fri Sep 08 11:29:54 2006 => Scanning File C:\WINDOWS\$hf_mig$\KB893086\SP2QFE\shell32.dll [**] Fri Sep 08 11:30:08 2006 => *** File C:\WINDOWS\$hf_mig$\KB900725\SP2GDR\shell32.dll having Size Restriction *** Fri Sep 08 11:30:08 2006 => Scanning File C:\WINDOWS\$hf_mig$\KB900725\SP2GDR\shell32.dll [**] Fri Sep 08 11:30:09 2006 => *** File C:\WINDOWS\$hf_mig$\KB900725\SP2QFE\shell32.dll having Size Restriction *** Fri Sep 08 11:30:09 2006 => Scanning File C:\WINDOWS\$hf_mig$\KB900725\SP2QFE\shell32.dll [**] Fri Sep 08 11:30:50 2006 => *** File C:\WINDOWS\$hf_mig$\KB921398\SP2QFE\shell32.dll having Size Restriction *** Fri Sep 08 11:30:50 2006 => Scanning File C:\WINDOWS\$hf_mig$\KB921398\SP2QFE\shell32.dll [**] Fri Sep 08 11:32:40 2006 => *** File C:\WINDOWS\$NtServicePackUninstall$\jn13xjhz.zip having Size Restriction *** Fri Sep 08 11:32:40 2006 => Scanning File C:\WINDOWS\$NtServicePackUninstall$\jn13xjhz.zip [**] Fri Sep 08 11:35:19 2006 => *** File C:\WINDOWS\$NtServicePackUninstall$\shell32.dll having Size Restriction *** Fri Sep 08 11:35:19 2006 => Scanning File C:\WINDOWS\$NtServicePackUninstall$\shell32.dll [**] Fri Sep 08 11:36:34 2006 => *** File C:\WINDOWS\$NtUninstallKB917734_WMP10$\wmp.dll having Size Restriction *** Fri Sep 08 11:36:34 2006 => Scanning File C:\WINDOWS\$NtUninstallKB917734_WMP10$\wmp.dll [**] Fri Sep 08 11:36:47 2006 => *** File C:\WINDOWS\$NtUninstallKB921398$\shell32.dll having Size Restriction *** Fri Sep 08 11:36:47 2006 => Scanning File C:\WINDOWS\$NtUninstallKB921398$\shell32.dll [**] Fri Sep 08 11:37:08 2006 => *** File C:\WINDOWS\Cache\Adobe Reader 6.0.1\FRAMIN\Data1.cab having Size Restriction *** Fri Sep 08 11:37:08 2006 => Scanning File C:\WINDOWS\Cache\Adobe Reader 6.0.1\FRAMIN\Data1.cab [**] Fri Sep 08 11:37:12 2006 => *** File C:\WINDOWS\Downloaded Installations\{574598EF-8D3C-45D3-85AE-E15F91F27985}\Adobe Photoshop Album 2 ED.msi having Size Restriction *** Fri Sep 08 11:37:12 2006 => Scanning File C:\WINDOWS\Downloaded Installations\{574598EF-8D3C-45D3-85AE-E15F91F27985}\Adobe Photoshop Album 2 ED.msi [**] Fri Sep 08 11:37:17 2006 => *** File C:\WINDOWS\Downloaded Installations\{59C4F14F-7590-45FC-BE9F-A67AB3590709}\iTunes.cab having Size Restriction *** Fri Sep 08 11:37:17 2006 => Scanning File C:\WINDOWS\Downloaded Installations\{59C4F14F-7590-45FC-BE9F-A67AB3590709}\iTunes.cab [**] Fri Sep 08 11:37:17 2006 => *** File C:\WINDOWS\Downloaded Installations\{59C4F14F-7590-45FC-BE9F-A67AB3590709}\iTunes.msi having Size Restriction *** Fri Sep 08 11:37:17 2006 => Scanning File C:\WINDOWS\Downloaded Installations\{59C4F14F-7590-45FC-BE9F-A67AB3590709}\iTunes.msi [**] Fri Sep 08 11:37:18 2006 => *** File C:\WINDOWS\Downloaded Installations\{59C4F14F-7590-45FC-BE9F-A67AB3590709}\QuickTimeInstaller.exe having Size Restriction *** Fri Sep 08 11:37:18 2006 => Scanning File C:\WINDOWS\Downloaded Installations\{59C4F14F-7590-45FC-BE9F-A67AB3590709}\QuickTimeInstaller.exe [**] Fri Sep 08 11:37:23 2006 => *** File C:\WINDOWS\Driver Cache\i386\DRIVER.CAB having Size Restriction *** Fri Sep 08 11:37:23 2006 => Scanning File C:\WINDOWS\Driver Cache\i386\DRIVER.CAB [**] Fri Sep 08 11:37:24 2006 => *** File C:\WINDOWS\Driver Cache\i386\sp1.cab having Size Restriction *** Fri Sep 08 11:37:24 2006 => Scanning File C:\WINDOWS\Driver Cache\i386\sp1.cab [**] Fri Sep 08 11:37:24 2006 => *** File C:\WINDOWS\Driver Cache\i386\sp2.cab having Size Restriction *** Fri Sep 08 11:37:24 2006 => Scanning File C:\WINDOWS\Driver Cache\i386\sp2.cab [**] Fri Sep 08 11:37:27 2006 => *** File C:\WINDOWS\Fonts\ARIALUNI.TTF having Size Restriction *** Fri Sep 08 11:37:27 2006 => Scanning File C:\WINDOWS\Fonts\ARIALUNI.TTF [**] Fri Sep 08 11:37:27 2006 => *** File C:\WINDOWS\Fonts\batang.ttc having Size Restriction *** Fri Sep 08 11:37:27 2006 => Scanning File C:\WINDOWS\Fonts\batang.ttc [**] Fri Sep 08 11:37:31 2006 => *** File C:\WINDOWS\Fonts\gulim.ttc having Size Restriction *** Fri Sep 08 11:37:31 2006 => Scanning File C:\WINDOWS\Fonts\gulim.ttc [**] Fri Sep 08 11:37:33 2006 => *** File C:\WINDOWS\Fonts\mingliu.ttc having Size Restriction *** Fri Sep 08 11:37:33 2006 => Scanning File C:\WINDOWS\Fonts\mingliu.ttc [**] Fri Sep 08 11:37:33 2006 => *** File C:\WINDOWS\Fonts\msgothic.ttc having Size Restriction *** Fri Sep 08 11:37:33 2006 => Scanning File C:\WINDOWS\Fonts\msgothic.ttc [**] Fri Sep 08 11:37:33 2006 => *** File C:\WINDOWS\Fonts\msmincho.ttc having Size Restriction *** Fri Sep 08 11:37:33 2006 => Scanning File C:\WINDOWS\Fonts\msmincho.ttc [**] Fri Sep 08 11:37:35 2006 => *** File C:\WINDOWS\Fonts\simhei.ttf having Size Restriction *** Fri Sep 08 11:37:35 2006 => Scanning File C:\WINDOWS\Fonts\simhei.ttf [**] Fri Sep 08 11:37:35 2006 => *** File C:\WINDOWS\Fonts\simsun.ttc having Size Restriction *** Fri Sep 08 11:37:35 2006 => Scanning File C:\WINDOWS\Fonts\simsun.ttc [**] Fri Sep 08 11:39:37 2006 => *** File C:\WINDOWS\Help\Tours\mmTour\segment5.swf having Size Restriction *** Fri Sep 08 11:39:37 2006 => Scanning File C:\WINDOWS\Help\Tours\mmTour\segment5.swf [**] Fri Sep 08 11:42:01 2006 => *** File C:\WINDOWS\I386\DRIVER.CAB having Size Restriction *** Fri Sep 08 11:42:01 2006 => Scanning File C:\WINDOWS\I386\DRIVER.CAB [**] Fri Sep 08 11:43:04 2006 => *** File C:\WINDOWS\I386\LANG\BATANG.TT_ having Size Restriction *** Fri Sep 08 11:43:04 2006 => Scanning File C:\WINDOWS\I386\LANG\BATANG.TT_ [**] Fri Sep 08 11:43:12 2006 => *** File C:\WINDOWS\I386\LANG\HWXCHT.DL_ having Size Restriction *** Fri Sep 08 11:43:12 2006 => Scanning File C:\WINDOWS\I386\LANG\HWXCHT.DL_ [**] Fri Sep 08 11:43:12 2006 => *** File C:\WINDOWS\I386\LANG\HWXJPN.DL_ having Size Restriction *** Fri Sep 08 11:43:12 2006 => Scanning File C:\WINDOWS\I386\LANG\HWXJPN.DL_ [**] Fri Sep 08 11:43:12 2006 => *** File C:\WINDOWS\I386\LANG\HWXKOR.DL_ having Size Restriction *** Fri Sep 08 11:43:12 2006 => Scanning File C:\WINDOWS\I386\LANG\HWXKOR.DL_ [**] Fri Sep 08 11:43:39 2006 => *** File C:\WINDOWS\I386\LANG\IMJPNM.DI_ having Size Restriction *** Fri Sep 08 11:43:39 2006 => Scanning File C:\WINDOWS\I386\LANG\IMJPNM.DI_ [**] Fri Sep 08 11:43:58 2006 => *** File C:\WINDOWS\I386\LANG\IMJPST.DI_ having Size Restriction *** Fri Sep 08 11:43:58 2006 => Scanning File C:\WINDOWS\I386\LANG\IMJPST.DI_ [**] Fri Sep 08 11:44:22 2006 => *** File C:\WINDOWS\I386\LANG\PINTLGS.IM_ having Size Restriction *** Fri Sep 08 11:44:22 2006 => Scanning File C:\WINDOWS\I386\LANG\PINTLGS.IM_ [**] Fri Sep 08 11:46:11 2006 => *** File C:\WINDOWS\I386\OEMBIOS.BI_ having Size Restriction *** Fri Sep 08 11:46:11 2006 => Scanning File C:\WINDOWS\I386\OEMBIOS.BI_ [**] Fri Sep 08 11:46:27 2006 => *** File C:\WINDOWS\I386\PER_SEG5.SW_ having Size Restriction *** Fri Sep 08 11:46:27 2006 => Scanning File C:\WINDOWS\I386\PER_SEG5.SW_ [**] Fri Sep 08 11:47:09 2006 => *** File C:\WINDOWS\I386\SP1.CAB having Size Restriction *** Fri Sep 08 11:47:09 2006 => Scanning File C:\WINDOWS\I386\SP1.CAB [**] Fri Sep 08 11:48:40 2006 => *** File C:\WINDOWS\ime\CHTIME\Applets\HWXCHT.DLL having Size Restriction *** Fri Sep 08 11:48:40 2006 => Scanning File C:\WINDOWS\ime\CHTIME\Applets\HWXCHT.DLL [**] Fri Sep 08 11:48:40 2006 => *** File C:\WINDOWS\ime\imjp8_1\applets\hwxjpn.dll having Size Restriction *** Fri Sep 08 11:48:40 2006 => Scanning File C:\WINDOWS\ime\imjp8_1\applets\hwxjpn.dll [**] Fri Sep 08 11:48:41 2006 => *** File C:\WINDOWS\ime\imjp8_1\DICTS\imjpnm.dic having Size Restriction *** Fri Sep 08 11:48:41 2006 => Scanning File C:\WINDOWS\ime\imjp8_1\DICTS\imjpnm.dic [**] Fri Sep 08 11:48:41 2006 => *** File C:\WINDOWS\ime\imjp8_1\DICTS\imjpst.dic having Size Restriction *** Fri Sep 08 11:48:41 2006 => Scanning File C:\WINDOWS\ime\imjp8_1\DICTS\imjpst.dic [**] Fri Sep 08 11:48:41 2006 => *** File C:\WINDOWS\ime\imjp8_1\DICTS\imjpzp.dic having Size Restriction *** Fri Sep 08 11:48:41 2006 => Scanning File C:\WINDOWS\ime\imjp8_1\DICTS\imjpzp.dic [**] Fri Sep 08 11:49:35 2006 => *** File C:\WINDOWS\ime\imkr6_1\applets\hwxkor.dll having Size Restriction *** Fri Sep 08 11:49:35 2006 => Scanning File C:\WINDOWS\ime\imkr6_1\applets\hwxkor.dll [**] Fri Sep 08 11:50:37 2006 => *** File C:\WINDOWS\Installer\1074ee3.msi having Size Restriction *** Fri Sep 08 11:50:37 2006 => Scanning File C:\WINDOWS\Installer\1074ee3.msi [**] Fri Sep 08 11:50:40 2006 => *** File C:\WINDOWS\Installer\18a3cf3.msp having Size Restriction *** Fri Sep 08 11:50:40 2006 => Scanning File C:\WINDOWS\Installer\18a3cf3.msp [**] Fri Sep 08 11:50:42 2006 => *** File C:\WINDOWS\Installer\21a57b.msp having Size Restriction *** Fri Sep 08 11:50:42 2006 => Scanning File C:\WINDOWS\Installer\21a57b.msp [**] Fri Sep 08 11:50:45 2006 => *** File C:\WINDOWS\Installer\2f10e1.msp having Size Restriction *** Fri Sep 08 11:50:45 2006 => Scanning File C:\WINDOWS\Installer\2f10e1.msp [**] Fri Sep 08 11:50:46 2006 => *** File C:\WINDOWS\Installer\3dffd3.msp having Size Restriction *** Fri Sep 08 11:50:46 2006 => Scanning File C:\WINDOWS\Installer\3dffd3.msp [**] Fri Sep 08 11:50:48 2006 => *** File C:\WINDOWS\Installer\569587.msp having Size Restriction *** Fri Sep 08 11:50:48 2006 => Scanning File C:\WINDOWS\Installer\569587.msp [**] Fri Sep 08 11:50:48 2006 => *** File C:\WINDOWS\Installer\56971d.msp having Size Restriction *** Fri Sep 08 11:50:48 2006 => Scanning File C:\WINDOWS\Installer\56971d.msp [**] Fri Sep 08 11:50:59 2006 => *** File C:\WINDOWS\Installer\MSN Messenger 7.5.0311\MsnMsgs.Msi having Size Restriction *** Fri Sep 08 11:50:59 2006 => Scanning File C:\WINDOWS\Installer\MSN Messenger 7.5.0311\MsnMsgs.Msi [**] Fri Sep 08 11:51:06 2006 => *** File C:\WINDOWS\java\Packages\JN13XJHZ.ZIP having Size Restriction *** Fri Sep 08 11:51:06 2006 => Scanning File C:\WINDOWS\java\Packages\JN13XJHZ.ZIP [**] Fri Sep 08 11:51:57 2006 => *** File C:\WINDOWS\PCHealth\HelpCtr\Database\HCdata.edb having Size Restriction *** Fri Sep 08 11:51:57 2006 => Scanning File C:\WINDOWS\PCHealth\HelpCtr\Database\HCdata.edb [**] Fri Sep 08 11:52:05 2006 => *** File C:\WINDOWS\PCHealth\HelpCtr\DataColl\CollectedData_6583.xml having Size Restriction *** Fri Sep 08 11:52:05 2006 => Scanning File C:\WINDOWS\PCHealth\HelpCtr\DataColl\CollectedData_6583.xml [**] Fri Sep 08 11:52:06 2006 => *** File C:\WINDOWS\PCHealth\HelpCtr\DataColl\CollectedData_6584.xml having Size Restriction *** Fri Sep 08 11:52:06 2006 => Scanning File C:\WINDOWS\PCHealth\HelpCtr\DataColl\CollectedData_6584.xml [**] Fri Sep 08 11:53:01 2006 => *** File C:\WINDOWS\RegisteredPackages\{DD90D410-1823-43EB-9A16-A2331BF08799}\wmp.dll having Size Restriction *** Fri Sep 08 11:53:01 2006 => Scanning File C:\WINDOWS\RegisteredPackages\{DD90D410-1823-43EB-9A16-A2331BF08799}\wmp.dll [**] Fri Sep 08 11:53:13 2006 => File C:\WINDOWS\RESTORE.INS tagged as not-a-virus:NetTool.Win32.PsKill. No Action Taken. Fri Sep 08 11:54:50 2006 => *** File C:\WINDOWS\ServicePackFiles\i386\lang\pintlgs.imd having Size Restriction *** Fri Sep 08 11:54:50 2006 => Scanning File C:\WINDOWS\ServicePackFiles\i386\lang\pintlgs.imd [**] Fri Sep 08 11:56:06 2006 => *** File C:\WINDOWS\ServicePackFiles\i386\shell32.dll having Size Restriction *** Fri Sep 08 11:56:06 2006 => Scanning File C:\WINDOWS\ServicePackFiles\i386\shell32.dll [**] Fri Sep 08 11:56:10 2006 => *** File C:\WINDOWS\ServicePackFiles\i386\sp2.cab having Size Restriction *** Fri Sep 08 11:56:10 2006 => Scanning File C:\WINDOWS\ServicePackFiles\i386\sp2.cab [**] Fri Sep 08 11:57:12 2006 => File C:\WINDOWS\system\RESTORE.INS tagged as not-a-virus:NetTool.Win32.PsKill. No Action Taken. Fri Sep 08 11:57:53 2006 => ERROR!!! ScanFile fails for C:\WINDOWS\system32\config\AppEvent.Evt Fri Sep 08 11:57:53 2006 => ERROR!!! ScanFile fails for C:\WINDOWS\system32\config\DEFAULT Fri Sep 08 11:57:53 2006 => ERROR!!! ScanFile fails for C:\WINDOWS\system32\config\default.LOG Fri Sep 08 11:57:53 2006 => ERROR!!! ScanFile fails for C:\WINDOWS\system32\config\SAM Fri Sep 08 11:57:53 2006 => ERROR!!! ScanFile fails for C:\WINDOWS\system32\config\SAM.LOG Fri Sep 08 11:57:53 2006 => ERROR!!! ScanFile fails for C:\WINDOWS\system32\config\SecEvent.Evt Fri Sep 08 11:57:53 2006 => ERROR!!! ScanFile fails for C:\WINDOWS\system32\config\SECURITY Fri Sep 08 11:57:53 2006 => ERROR!!! ScanFile fails for C:\WINDOWS\system32\config\SECURITY.LOG Fri Sep 08 11:57:53 2006 => *** File C:\WINDOWS\system32\config\SOFTWARE having Size Restriction *** Fri Sep 08 11:57:53 2006 => Scanning File C:\WINDOWS\system32\config\SOFTWARE [**] Fri Sep 08 11:57:53 2006 => Scanning File C:\WINDOWS\system32\config\software.LOG Fri Sep 08 11:57:53 2006 => ERROR!!! ScanFile fails for C:\WINDOWS\system32\config\software.LOG Fri Sep 08 11:57:53 2006 => Scanning File C:\WINDOWS\system32\config\software.sav Fri Sep 08 11:57:53 2006 => Scanning File C:\WINDOWS\system32\config\SysEvent.Evt Fri Sep 08 11:57:53 2006 => ERROR!!! ScanFile fails for C:\WINDOWS\system32\config\SysEvent.Evt Fri Sep 08 11:57:53 2006 => ERROR!!! ScanFile fails for C:\WINDOWS\system32\config\system.LOG Fri Sep 08 12:02:59 2006 => ERROR!!! ScanFile fails for C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Fri Sep 08 12:03:42 2006 => ***** Checking for specific ITW Viruses ***** Fri Sep 08 12:03:42 2006 => Checking for Welchia Virus... Fri Sep 08 12:03:42 2006 => Checking for LovGate Virus... Fri Sep 08 12:03:42 2006 => Checking for CodeRed Virus... Fri Sep 08 12:03:42 2006 => Checking for OpaServ Virus... Fri Sep 08 12:03:42 2006 => Checking for Sobig.e Virus... Fri Sep 08 12:03:42 2006 => Checking for Winupie Virus... Fri Sep 08 12:03:42 2006 => Checking for Swen Virus... Fri Sep 08 12:03:42 2006 => Checking for JS.Fortnight Virus... Fri Sep 08 12:03:42 2006 => Checking for Novarg Virus... Fri Sep 08 12:03:42 2006 => Checking for Pagabot Virus... Fri Sep 08 12:03:42 2006 => Checking for Parite.b Virus... Fri Sep 08 12:03:42 2006 => Checking for Parite.a Virus... Fri Sep 08 12:03:42 2006 => ***** Scanning complete. ***** Fri Sep 08 12:03:42 2006 => Total Number of Files Scanned: 90623 Fri Sep 08 12:03:42 2006 => Total Number of Virus(es) Found: 41 Fri Sep 08 12:03:42 2006 => Total Number of Disinfected Files: 0 Fri Sep 08 12:03:42 2006 => Total Number of Files Renamed: 6 Fri Sep 08 12:03:42 2006 => Total Number of Deleted Files: 28 Fri Sep 08 12:03:42 2006 => Total Number of Errors: 96 Fri Sep 08 12:03:42 2006 => Time Elapsed: 01:48:28 Fri Sep 08 12:03:42 2006 => Virus Database Date: 2006/08/23 Fri Sep 08 12:03:42 2006 => Virus Database Count: 217614 Fri Sep 08 12:03:42 2006 => Scan Completed.

Merci malekal_morte : Je suis bien parvenu à supprimer C:\WINDOWS\system32\ssqbn.exe C:\WINDOWS\system32\VSL13.exe Voici le rapport eScan. - Comment supprimer définitivement les fichiers infectés ? - Que faire des fichiers "ScanFile fails", une analyse approfondie ? - Que faire des fichiers mis précedemment en quarantaine avec ewido (cf ds le rapport) ? Fri Sep 08 09:44:37 2006 => ********************************************************** Fri Sep 08 09:44:37 2006 => eScan AntiVirus Toolkit Utility. Fri Sep 08 09:44:38 2006 => Copyright © 2003-2004, MicroWorld Technologies Inc. Fri Sep 08 09:44:38 2006 => ********************************************************** Fri Sep 08 09:44:38 2006 => Version 4.4.7 Fri Sep 08 09:44:38 2006 => Log File: C:\KASPER~1\mwav.log Fri Sep 08 09:44:38 2006 => Latest Date of files inside MWAV: 23 Aug 2006 17:12:24. Fri Sep 08 09:44:44 2006 => AV Library Loaded... Fri Sep 08 09:44:44 2006 => Scanning File C:\KASPER~1\kavss.exe Fri Sep 08 09:44:44 2006 => Scanning File C:\KASPER~1\Getvlist.exe Fri Sep 08 09:44:44 2006 => Scanning File C:\KASPER~1\kavss.dll Fri Sep 08 09:44:44 2006 => Scanning File C:\KASPER~1\kavssdi.dll Fri Sep 08 09:44:44 2006 => Scanning File C:\KASPER~1\kavssi.dll Fri Sep 08 09:44:44 2006 => Scanning File C:\KASPER~1\kavvlg.dll Fri Sep 08 09:44:44 2006 => Scanning File C:\KASPER~1\msvlclnt.dll Fri Sep 08 09:44:44 2006 => Scanning File C:\KASPER~1\ipc.dll Fri Sep 08 09:44:44 2006 => Scanning File C:\KASPER~1\main.avi Fri Sep 08 09:44:44 2006 => Scanning File C:\KASPER~1\virus.avi Fri Sep 08 09:44:45 2006 => Virus Database Date: 2006/08/23 Fri Sep 08 09:44:45 2006 => Virus Database Count: 217614 Fri Sep 08 09:45:39 2006 => AV Library Unloaded (3)... Fri Sep 08 10:14:05 2006 => ********************************************************** Fri Sep 08 10:14:05 2006 => eScan AntiVirus Toolkit Utility. Fri Sep 08 10:14:05 2006 => Copyright © 2003-2004, MicroWorld Technologies Inc. Fri Sep 08 10:14:05 2006 => ********************************************************** Fri Sep 08 10:14:05 2006 => Version 4.4.7 Fri Sep 08 10:14:05 2006 => Log File: C:\KASPER~1\mwav.log Fri Sep 08 10:14:07 2006 => Latest Date of files inside MWAV: 23 Aug 2006 17:12:24. Fri Sep 08 10:14:16 2006 => AV Library Loaded... Fri Sep 08 10:14:16 2006 => Scanning File C:\KASPER~1\kavss.exe Fri Sep 08 10:14:16 2006 => Scanning File C:\KASPER~1\Getvlist.exe Fri Sep 08 10:14:16 2006 => Scanning File C:\KASPER~1\kavss.dll Fri Sep 08 10:14:16 2006 => Scanning File C:\KASPER~1\kavssdi.dll Fri Sep 08 10:14:17 2006 => Scanning File C:\KASPER~1\kavssi.dll Fri Sep 08 10:14:17 2006 => Scanning File C:\KASPER~1\kavvlg.dll Fri Sep 08 10:14:17 2006 => Scanning File C:\KASPER~1\msvlclnt.dll Fri Sep 08 10:14:17 2006 => Scanning File C:\KASPER~1\ipc.dll Fri Sep 08 10:14:17 2006 => Scanning File C:\KASPER~1\main.avi Fri Sep 08 10:14:17 2006 => Scanning File C:\KASPER~1\virus.avi Fri Sep 08 10:14:17 2006 => Virus Database Date: 2006/08/23 Fri Sep 08 10:14:17 2006 => Virus Database Count: 217614 Fri Sep 08 10:14:57 2006 => ********************************************************** Fri Sep 08 10:14:57 2006 => eScan AntiVirus Toolkit Utility. Fri Sep 08 10:14:57 2006 => Copyright © 2003-2004, MicroWorld Technologies Inc. Fri Sep 08 10:14:57 2006 => Fri Sep 08 10:14:57 2006 => Support: support@mwti.net Fri Sep 08 10:14:57 2006 => Web: http://www.mwti.net Fri Sep 08 10:14:57 2006 => ********************************************************** Fri Sep 08 10:14:57 2006 => Version 4.4.7 Fri Sep 08 10:14:57 2006 => Log File: C:\KASPER~1\mwav.log Fri Sep 08 10:14:57 2006 => Latest Date of files inside MWAV: 23 Aug 2006 17:12:24. Fri Sep 08 10:14:57 2006 => Options Selected by User: Fri Sep 08 10:14:57 2006 => Memory Check: Enabled Fri Sep 08 10:14:57 2006 => Registry Check: Enabled Fri Sep 08 10:14:57 2006 => StartUp Folder Check: Enabled Fri Sep 08 10:14:57 2006 => System Folder Check: Enabled Fri Sep 08 10:14:57 2006 => System Area Check: Disabled Fri Sep 08 10:14:57 2006 => Services Check: Enabled Fri Sep 08 10:14:57 2006 => Drive Check: Disabled Fri Sep 08 10:14:57 2006 => All Drive Check :Enabled Fri Sep 08 10:14:57 2006 => Scanning Type: Scan And Clean Fri Sep 08 10:14:57 2006 => Folder Check: Disabled Fri Sep 08 10:14:58 2006 => ***** Scanning Memory Files ***** Fri Sep 08 10:14:58 2006 => ***** Scanning Registry Files ***** Fri Sep 08 10:15:02 2006 => ERROR!!! Invalid Entry Cld2000.exe = C:\Program Files\Calendrier\Cld2000.exe. Removing it. Fri Sep 08 10:15:03 2006 => ***** Scanning StartUp Folders ***** Fri Sep 08 10:15:04 2006 => ***** Scanning Service Files ***** Fri Sep 08 10:15:08 2006 => ERROR!!! Invalid Entry "C:\Program Files\Securitoo\av_fw\Common\FSAA.EXE" in SYSTEM\CurrentControlSet\Services\FSAA... Fri Sep 08 10:15:13 2006 => ERROR!!! Invalid Entry I:\Purgeie\PurgeIE\PurgeIE_Service.exe in SYSTEM\CurrentControlSet\Services\PurgeIEservice... Fri Sep 08 10:15:18 2006 => ***** Scanning System32 Folders ***** Fri Sep 08 10:15:24 2006 => Scanning File C:\WINDOWS\RESTORE.INS Fri Sep 08 10:15:26 2006 => File C:\WINDOWS\RESTORE.INS tagged as not-a-virus:NetTool.Win32.PsKill. No Action Taken. Fri Sep 08 10:17:50 2006 => ***** Scanning All Drives ***** Fri Sep 08 10:21:05 2006 => C:\APPS\Packard Bell Companion\settings.pak not Scanned. Possibly password protected... Fri Sep 08 10:21:06 2006 => C:\APPS\Packard Bell Companion\users\usersettings.pak not Scanned. Possibly password protected... Fri Sep 08 10:25:56 2006 => *** File C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Backups\regLocal.reg having Size Restriction *** Fri Sep 08 10:25:56 2006 => Scanning File C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Backups\regLocal.reg [**] Fri Sep 08 10:25:56 2006 => *** File C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Backups\regUsers.reg having Size Restriction *** Fri Sep 08 10:25:56 2006 => Scanning File C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Backups\regUsers.reg [**] Fri Sep 08 10:25:57 2006 => C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Altnet.zip not Scanned. Possibly password protected... Fri Sep 08 10:25:57 2006 => Scanning File C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinFixer.zip Fri Sep 08 10:25:57 2006 => C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinFixer.zip not Scanned. Possibly password protected... Fri Sep 08 10:27:06 2006 => ERROR!!! ScanFile fails for C:\Documents and Settings\Arnaud & Gaëlle\Application Data\Microsoft\Office\Fichiers récents\????????.doc.lnk Fri Sep 08 10:27:06 2006 => ERROR!!! ScanFile fails for C:\Documents and Settings\Arnaud & Gaëlle\Application Data\Microsoft\Office\Fichiers récents\??????.doc.lnk Fri Sep 08 10:27:06 2006 => ERROR!!! ScanFile fails for C:\Documents and Settings\Arnaud & Gaëlle\Application Data\Microsoft\Office\Fichiers récents\??????.lnk Fri Sep 08 10:27:12 2006 => *** File C:\Documents and Settings\Arnaud & Gaëlle\Application Data\Phoenix\Profiles\default\o0pdhv5q.slt\Cache\0E1C974Fd01 having Size Restriction *** Fri Sep 08 10:27:12 2006 => Scanning File C:\Documents and Settings\Arnaud & Gaëlle\Application Data\Phoenix\Profiles\default\o0pdhv5q.slt\Cache\0E1C974Fd01 [**] Fri Sep 08 10:27:44 2006 => *** File C:\Documents and Settings\Arnaud & Gaëlle\Application Data\Phoenix\Profiles\default\o0pdhv5q.slt\Cache\_CACHE_003_ having Size Restriction *** Fri Sep 08 10:27:44 2006 => Scanning File C:\Documents and Settings\Arnaud & Gaëlle\Application Data\Phoenix\Profiles\default\o0pdhv5q.slt\Cache\_CACHE_003_ [**] Fri Sep 08 10:28:01 2006 => ERROR!!! ScanFile fails for C:\Documents and Settings\Arnaud & Gaëlle\Bureau\756139_29283\McKinsey——??????????.ppt Fri Sep 08 10:30:56 2006 => C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\Archives 1\Archives\ebook_Mckinsey -« Valuation:Measuring And Managing The Value Of Companies»2.RAR possibly infected and removed by background antivirus package! Fri Sep 08 10:30:56 2006 => Result: ERROR!!! File C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\Archives 1\Archives\ebook_Mckinsey -« Valuation:Measuring And Managing The Value Of Companies»2.RAR: Scanning Failure!!! Fri Sep 08 10:30:56 2006 => C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\Archives 1\Archives\ebook_Mckinsey -« Valuation:Measuring And Managing The Value Of Companies»2.RAR possibly infected and removed by background antivirus package! Fri Sep 08 10:30:56 2006 => File C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\Archives 1\Archives\ebook_Mckinsey -« Valuation:Measuring And Managing The Value Of Companies»2.RAR infected by "BkCln.Unknown" Virus. Action Taken: File Deleted. Fri Sep 08 10:30:56 2006 => Scanning File C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\Archives 1\Archives\ebook_Mckinsey -« Valuation:Measuring And Managing The Value Of Companies»3.RAR Fri Sep 08 10:30:56 2006 => C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\Archives 1\Archives\ebook_Mckinsey -« Valuation:Measuring And Managing The Value Of Companies»3.RAR possibly infected and removed by background antivirus package! Fri Sep 08 10:30:56 2006 => Result: ERROR!!! File C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\Archives 1\Archives\ebook_Mckinsey -« Valuation:Measuring And Managing The Value Of Companies»3.RAR: Scanning Failure!!! Fri Sep 08 10:30:56 2006 => C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\Archives 1\Archives\ebook_Mckinsey -« Valuation:Measuring And Managing The Value Of Companies»3.RAR possibly infected and removed by background antivirus package! Fri Sep 08 10:30:56 2006 => File C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\Archives 1\Archives\ebook_Mckinsey -« Valuation:Measuring And Managing The Value Of Companies»3.RAR infected by "BkCln.Unknown" Virus. Action Taken: File Deleted. Fri Sep 08 10:30:56 2006 => Scanning File C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\Archives 1\Archives\ebook_Mckinsey -« Valuation:Measuring And Managing The Value Of Companies»4.RAR Fri Sep 08 10:30:56 2006 => C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\Archives 1\Archives\ebook_Mckinsey -« Valuation:Measuring And Managing The Value Of Companies»4.RAR possibly infected and removed by background antivirus package! Fri Sep 08 10:30:56 2006 => Result: ERROR!!! File C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\Archives 1\Archives\ebook_Mckinsey -« Valuation:Measuring And Managing The Value Of Companies»4.RAR: Scanning Failure!!! Fri Sep 08 10:30:56 2006 => C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\Archives 1\Archives\ebook_Mckinsey -« Valuation:Measuring And Managing The Value Of Companies»4.RAR possibly infected and removed by background antivirus package! Fri Sep 08 10:30:56 2006 => File C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\Archives 1\Archives\ebook_Mckinsey -« Valuation:Measuring And Managing The Value Of Companies»4.RAR infected by "BkCln.Unknown" Virus. Action Taken: File Deleted. Fri Sep 08 10:30:56 2006 => Scanning File C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\Archives 1\Archives\ebook_Mckinsey -« Valuation:Measuring And Managing The Value Of Companies»5.RAR Fri Sep 08 10:30:56 2006 => C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\Archives 1\Archives\ebook_Mckinsey -« Valuation:Measuring And Managing The Value Of Companies»5.RAR possibly infected and removed by background antivirus package! Fri Sep 08 10:30:56 2006 => Result: ERROR!!! File C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\Archives 1\Archives\ebook_Mckinsey -« Valuation:Measuring And Managing The Value Of Companies»5.RAR: Scanning Failure!!! Fri Sep 08 10:30:56 2006 => C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\Archives 1\Archives\ebook_Mckinsey -« Valuation:Measuring And Managing The Value Of Companies»5.RAR possibly infected and removed by background antivirus package! Fri Sep 08 10:30:56 2006 => File C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\Archives 1\Archives\ebook_Mckinsey -« Valuation:Measuring And Managing The Value Of Companies»5.RAR infected by "BkCln.Unknown" Virus. Action Taken: File Deleted. Fri Sep 08 10:30:56 2006 => Scanning File C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\Archives 1\Archives\ebook_Mckinsey -« Valuation:Measuring And Managing The Value Of Companies»7.RAR Fri Sep 08 10:30:56 2006 => C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\Archives 1\Archives\ebook_Mckinsey -« Valuation:Measuring And Managing The Value Of Companies»7.RAR possibly infected and removed by background antivirus package! Fri Sep 08 10:30:56 2006 => Result: ERROR!!! File C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\Archives 1\Archives\ebook_Mckinsey -« Valuation:Measuring And Managing The Value Of Companies»7.RAR: Scanning Failure!!! Fri Sep 08 10:30:56 2006 => C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\Archives 1\Archives\ebook_Mckinsey -« Valuation:Measuring And Managing The Value Of Companies»7.RAR possibly infected and removed by background antivirus package! Fri Sep 08 10:30:56 2006 => File C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\Archives 1\Archives\ebook_Mckinsey -« Valuation:Measuring And Managing The Value Of Companies»7.RAR infected by "BkCln.Unknown" Virus. Action Taken: File Deleted. Fri Sep 08 10:30:56 2006 => Scanning File C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\Archives 1\Archives\ebook_Mckinsey -« Valuation:Measuring And Managing The Value Of Companies»8.RAR Fri Sep 08 10:30:57 2006 => C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\Archives 1\Archives\ebook_Mckinsey -« Valuation:Measuring And Managing The Value Of Companies»8.RAR possibly infected and removed by background antivirus package! Fri Sep 08 10:30:57 2006 => Result: ERROR!!! File C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\Archives 1\Archives\ebook_Mckinsey -« Valuation:Measuring And Managing The Value Of Companies»8.RAR: Scanning Failure!!! Fri Sep 08 10:30:57 2006 => C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\Archives 1\Archives\ebook_Mckinsey -« Valuation:Measuring And Managing The Value Of Companies»8.RAR possibly infected and removed by background antivirus package! Fri Sep 08 10:30:57 2006 => File C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\Archives 1\Archives\ebook_Mckinsey -« Valuation:Measuring And Managing The Value Of Companies»8.RAR infected by "BkCln.Unknown" Virus. Action Taken: File Deleted. Fri Sep 08 10:31:03 2006 => C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\Archives 1\Archives\Mckinsey -« Valuation:Measuring And Managing The Value Of Companies»1.RAR possibly infected and removed by background antivirus package! Fri Sep 08 10:31:03 2006 => Result: ERROR!!! File C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\Archives 1\Archives\Mckinsey -« Valuation:Measuring And Managing The Value Of Companies»1.RAR: Scanning Failure!!! Fri Sep 08 10:31:03 2006 => C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\Archives 1\Archives\Mckinsey -« Valuation:Measuring And Managing The Value Of Companies»1.RAR possibly infected and removed by background antivirus package! Fri Sep 08 10:31:03 2006 => File C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\Archives 1\Archives\Mckinsey -« Valuation:Measuring And Managing The Value Of Companies»1.RAR infected by "BkCln.Unknown" Virus. Action Taken: File Deleted. Fri Sep 08 10:31:14 2006 => C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\Archives 1\ebook_Mckinsey -« Valuation:Measuring And Managing The Value Of Companies»9.RAR possibly infected and removed by background antivirus package! Fri Sep 08 10:31:14 2006 => Result: ERROR!!! File C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\Archives 1\ebook_Mckinsey -« Valuation:Measuring And Managing The Value Of Companies»9.RAR: Scanning Failure!!! Fri Sep 08 10:31:14 2006 => C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\Archives 1\ebook_Mckinsey -« Valuation:Measuring And Managing The Value Of Companies»9.RAR possibly infected and removed by background antivirus package! Fri Sep 08 10:31:14 2006 => File C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\Archives 1\ebook_Mckinsey -« Valuation:Measuring And Managing The Value Of Companies»9.RAR infected by "BkCln.Unknown" Virus. Action Taken: File Deleted. Fri Sep 08 10:32:00 2006 => C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\Driving Enterprise Performance :Customer Success and Best Practices.PPT possibly infected and removed by background antivirus package! Fri Sep 08 10:32:00 2006 => Result: ERROR!!! File C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\Driving Enterprise Performance :Customer Success and Best Practices.PPT: Scanning Failure!!! Fri Sep 08 10:32:00 2006 => C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\Driving Enterprise Performance :Customer Success and Best Practices.PPT possibly infected and removed by background antivirus package! Fri Sep 08 10:32:00 2006 => File C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\Driving Enterprise Performance :Customer Success and Best Practices.PPT infected by "BkCln.Unknown" Virus. Action Taken: File Renamed. Fri Sep 08 10:32:00 2006 => Scanning File C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\Développer le.doc Fri Sep 08 10:32:00 2006 => Scanning File C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\E MARKETING.doc Fri Sep 08 10:32:01 2006 => Scanning File C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\ebbok:«Consultant's_guide Comnet_III».RAR Fri Sep 08 10:32:01 2006 => C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\ebbok:«Consultant's_guide Comnet_III».RAR possibly infected and removed by background antivirus package! Fri Sep 08 10:32:01 2006 => Result: ERROR!!! File C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\ebbok:«Consultant's_guide Comnet_III».RAR: Scanning Failure!!! Fri Sep 08 10:32:01 2006 => C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\ebbok:«Consultant's_guide Comnet_III».RAR possibly infected and removed by background antivirus package! Fri Sep 08 10:32:01 2006 => File C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\ebbok:«Consultant's_guide Comnet_III».RAR infected by "BkCln.Unknown" Virus. Action Taken: File Deleted. Fri Sep 08 10:32:01 2006 => Scanning File C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\ebook_Mckinsey -« Valuation:Measuring And Managing The Value Of Companies»2.RAR Fri Sep 08 10:32:01 2006 => C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\ebook_Mckinsey -« Valuation:Measuring And Managing The Value Of Companies»2.RAR possibly infected and removed by background antivirus package! Fri Sep 08 10:32:01 2006 => Result: ERROR!!! File C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\ebook_Mckinsey -« Valuation:Measuring And Managing The Value Of Companies»2.RAR: Scanning Failure!!! Fri Sep 08 10:32:01 2006 => C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\ebook_Mckinsey -« Valuation:Measuring And Managing The Value Of Companies»2.RAR possibly infected and removed by background antivirus package! Fri Sep 08 10:32:01 2006 => File C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\ebook_Mckinsey -« Valuation:Measuring And Managing The Value Of Companies»2.RAR infected by "BkCln.Unknown" Virus. Action Taken: File Deleted. Fri Sep 08 10:32:01 2006 => Scanning File C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\ebook_Mckinsey -« Valuation:Measuring And Managing The Value Of Companies»3.RAR Fri Sep 08 10:32:01 2006 => C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\ebook_Mckinsey -« Valuation:Measuring And Managing The Value Of Companies»3.RAR possibly infected and removed by background antivirus package! Fri Sep 08 10:32:01 2006 => Result: ERROR!!! File C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\ebook_Mckinsey -« Valuation:Measuring And Managing The Value Of Companies»3.RAR: Scanning Failure!!! Fri Sep 08 10:32:01 2006 => C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\ebook_Mckinsey -« Valuation:Measuring And Managing The Value Of Companies»3.RAR possibly infected and removed by background antivirus package! Fri Sep 08 10:32:01 2006 => File C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\ebook_Mckinsey -« Valuation:Measuring And Managing The Value Of Companies»3.RAR infected by "BkCln.Unknown" Virus. Action Taken: File Deleted. Fri Sep 08 10:32:01 2006 => Scanning File C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\ebook_Mckinsey -« Valuation:Measuring And Managing The Value Of Companies»4.RAR Fri Sep 08 10:32:01 2006 => C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\ebook_Mckinsey -« Valuation:Measuring And Managing The Value Of Companies»4.RAR possibly infected and removed by background antivirus package! Fri Sep 08 10:32:01 2006 => Result: ERROR!!! File C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\ebook_Mckinsey -« Valuation:Measuring And Managing The Value Of Companies»4.RAR: Scanning Failure!!! Fri Sep 08 10:32:01 2006 => C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\ebook_Mckinsey -« Valuation:Measuring And Managing The Value Of Companies»4.RAR possibly infected and removed by background antivirus package! Fri Sep 08 10:32:01 2006 => File C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\ebook_Mckinsey -« Valuation:Measuring And Managing The Value Of Companies»4.RAR infected by "BkCln.Unknown" Virus. Action Taken: File Deleted. Fri Sep 08 10:32:01 2006 => Scanning File C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\ebook_Mckinsey -« Valuation:Measuring And Managing The Value Of Companies»5.RAR Fri Sep 08 10:32:01 2006 => C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\ebook_Mckinsey -« Valuation:Measuring And Managing The Value Of Companies»5.RAR possibly infected and removed by background antivirus package! Fri Sep 08 10:32:01 2006 => Result: ERROR!!! File C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\ebook_Mckinsey -« Valuation:Measuring And Managing The Value Of Companies»5.RAR: Scanning Failure!!! Fri Sep 08 10:32:01 2006 => C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\ebook_Mckinsey -« Valuation:Measuring And Managing The Value Of Companies»5.RAR possibly infected and removed by background antivirus package! Fri Sep 08 10:32:01 2006 => File C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\ebook_Mckinsey -« Valuation:Measuring And Managing The Value Of Companies»5.RAR infected by "BkCln.Unknown" Virus. Action Taken: File Deleted. Fri Sep 08 10:32:01 2006 => Scanning File C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\ebook_Mckinsey -« Valuation:Measuring And Managing The Value Of Companies»6.RAR Fri Sep 08 10:32:01 2006 => C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\ebook_Mckinsey -« Valuation:Measuring And Managing The Value Of Companies»6.RAR possibly infected and removed by background antivirus package! Fri Sep 08 10:32:01 2006 => Result: ERROR!!! File C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\ebook_Mckinsey -« Valuation:Measuring And Managing The Value Of Companies»6.RAR: Scanning Failure!!! Fri Sep 08 10:32:01 2006 => C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\ebook_Mckinsey -« Valuation:Measuring And Managing The Value Of Companies»6.RAR possibly infected and removed by background antivirus package! Fri Sep 08 10:32:01 2006 => File C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\ebook_Mckinsey -« Valuation:Measuring And Managing The Value Of Companies»6.RAR infected by "BkCln.Unknown" Virus. Action Taken: File Deleted. Fri Sep 08 10:32:01 2006 => Scanning File C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\ebook_Mckinsey -« Valuation:Measuring And Managing The Value Of Companies»7.RAR Fri Sep 08 10:32:01 2006 => C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\ebook_Mckinsey -« Valuation:Measuring And Managing The Value Of Companies»7.RAR possibly infected and removed by background antivirus package! Fri Sep 08 10:32:01 2006 => Result: ERROR!!! File C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\ebook_Mckinsey -« Valuation:Measuring And Managing The Value Of Companies»7.RAR: Scanning Failure!!! Fri Sep 08 10:32:01 2006 => C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\ebook_Mckinsey -« Valuation:Measuring And Managing The Value Of Companies»7.RAR possibly infected and removed by background antivirus package! Fri Sep 08 10:32:01 2006 => File C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\ebook_Mckinsey -« Valuation:Measuring And Managing The Value Of Companies»7.RAR infected by "BkCln.Unknown" Virus. Action Taken: File Deleted. Fri Sep 08 10:32:01 2006 => Scanning File C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\ebook_Mckinsey -« Valuation:Measuring And Managing The Value Of Companies»8.RAR Fri Sep 08 10:32:01 2006 => C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\ebook_Mckinsey -« Valuation:Measuring And Managing The Value Of Companies»8.RAR possibly infected and removed by background antivirus package! Fri Sep 08 10:32:01 2006 => Result: ERROR!!! File C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\ebook_Mckinsey -« Valuation:Measuring And Managing The Value Of Companies»8.RAR: Scanning Failure!!! Fri Sep 08 10:32:01 2006 => C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\ebook_Mckinsey -« Valuation:Measuring And Managing The Value Of Companies»8.RAR possibly infected and removed by background antivirus package! Fri Sep 08 10:32:01 2006 => File C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\ebook_Mckinsey -« Valuation:Measuring And Managing The Value Of Companies»8.RAR infected by "BkCln.Unknown" Virus. Action Taken: File Deleted. Fri Sep 08 10:32:01 2006 => Scanning File C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\ebook_Mckinsey -« Valuation:Measuring And Managing The Value Of Companies»9.RAR Fri Sep 08 10:32:01 2006 => C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\ebook_Mckinsey -« Valuation:Measuring And Managing The Value Of Companies»9.RAR possibly infected and removed by background antivirus package! Fri Sep 08 10:32:01 2006 => Result: ERROR!!! File C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\ebook_Mckinsey -« Valuation:Measuring And Managing The Value Of Companies»9.RAR: Scanning Failure!!! Fri Sep 08 10:32:01 2006 => C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\ebook_Mckinsey -« Valuation:Measuring And Managing The Value Of Companies»9.RAR possibly infected and removed by background antivirus package! Fri Sep 08 10:32:01 2006 => File C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\ebook_Mckinsey -« Valuation:Measuring And Managing The Value Of Companies»9.RAR infected by "BkCln.Unknown" Virus. Action Taken: File Deleted. Fri Sep 08 10:32:01 2006 => Scanning File C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\ebook_«101.Marketing.Strategies.for.Accounting.Law.Consulting».RAR Fri Sep 08 10:32:01 2006 => C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\ebook_«101.Marketing.Strategies.for.Accounting.Law.Consulting».RAR possibly infected and removed by background antivirus package! Fri Sep 08 10:32:01 2006 => Result: ERROR!!! File C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\ebook_«101.Marketing.Strategies.for.Accounting.Law.Consulting».RAR: Scanning Failure!!! Fri Sep 08 10:32:01 2006 => C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\ebook_«101.Marketing.Strategies.for.Accounting.Law.Consulting».RAR possibly infected and removed by background antivirus package! Fri Sep 08 10:32:01 2006 => File C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\ebook_«101.Marketing.Strategies.for.Accounting.Law.Consulting».RAR infected by "BkCln.Unknown" Virus. Action Taken: File Deleted. Fri Sep 08 10:32:01 2006 => Scanning File C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\ebook_«Hidden Financial Risk».RAR Fri Sep 08 10:32:01 2006 => C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\ebook_«Hidden Financial Risk».RAR possibly infected and removed by background antivirus package! Fri Sep 08 10:32:01 2006 => Result: ERROR!!! File C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\ebook_«Hidden Financial Risk».RAR: Scanning Failure!!! Fri Sep 08 10:32:02 2006 => C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\ebook_«Hidden Financial Risk».RAR possibly infected and removed by background antivirus package! Fri Sep 08 10:32:02 2006 => File C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\ebook_«Hidden Financial Risk».RAR infected by "BkCln.Unknown" Virus. Action Taken: File Deleted. Fri Sep 08 10:32:02 2006 => Scanning File C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\ebook_«Organizational Consulting».RAR Fri Sep 08 10:32:02 2006 => C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\ebook_«Organizational Consulting».RAR possibly infected and removed by background antivirus package! Fri Sep 08 10:32:02 2006 => Result: ERROR!!! File C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\ebook_«Organizational Consulting».RAR: Scanning Failure!!! Fri Sep 08 10:32:02 2006 => C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\ebook_«Organizational Consulting».RAR possibly infected and removed by background antivirus package! Fri Sep 08 10:32:02 2006 => File C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\ebook_«Organizational Consulting».RAR infected by "BkCln.Unknown" Virus. Action Taken: File Deleted. Fri Sep 08 10:32:02 2006 => Scanning File C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\ebook_«The Top Consultant Developing Your.Skills.for.Greater.Effectiveness»par.RAR Fri Sep 08 10:32:02 2006 => C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\ebook_«The Top Consultant Developing Your.Skills.for.Greater.Effectiveness»par.RAR possibly infected and removed by background antivirus package! Fri Sep 08 10:32:02 2006 => Result: ERROR!!! File C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\ebook_«The Top Consultant Developing Your.Skills.for.Greater.Effectiveness»par.RAR: Scanning Failure!!! Fri Sep 08 10:32:02 2006 => C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\ebook_«The Top Consultant Developing Your.Skills.for.Greater.Effectiveness»par.RAR possibly infected and removed by background antivirus package! Fri Sep 08 10:32:02 2006 => File C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\ebook_«The Top Consultant Developing Your.Skills.for.Greater.Effectiveness»par.RAR infected by "BkCln.Unknown" Virus. Action Taken: File Deleted. Fri Sep 08 10:32:02 2006 => Scanning File C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\ebook:Aris Methode (page 1-1572).RAR Fri Sep 08 10:32:02 2006 => C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\ebook:Aris Methode (page 1-1572).RAR possibly infected and removed by background antivirus package! Fri Sep 08 10:32:02 2006 => Result: ERROR!!! File C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\ebook:Aris Methode (page 1-1572).RAR: Scanning Failure!!! Fri Sep 08 10:32:02 2006 => C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\ebook:Aris Methode (page 1-1572).RAR possibly infected and removed by background antivirus package! Fri Sep 08 10:32:02 2006 => File C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\ebook:Aris Methode (page 1-1572).RAR infected by "BkCln.Unknown" Virus. Action Taken: File Deleted. Fri Sep 08 10:32:02 2006 => Scanning File C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\ebook:Aris Methode (page 1-1572)2.RAR Fri Sep 08 10:32:02 2006 => C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\ebook:Aris Methode (page 1-1572)2.RAR possibly infected and removed by background antivirus package! Fri Sep 08 10:32:02 2006 => Result: ERROR!!! File C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\ebook:Aris Methode (page 1-1572)2.RAR: Scanning Failure!!! Fri Sep 08 10:32:02 2006 => C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\ebook:Aris Methode (page 1-1572)2.RAR possibly infected and removed by background antivirus package! Fri Sep 08 10:32:02 2006 => File C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\ebook:Aris Methode (page 1-1572)2.RAR infected by "BkCln.Unknown" Virus. Action Taken: File Deleted. Fri Sep 08 10:32:21 2006 => C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\harvard business review:Five Minds Of Managers.PDF possibly infected and removed by background antivirus package! Fri Sep 08 10:32:21 2006 => Result: ERROR!!! File C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\harvard business review:Five Minds Of Managers.PDF: Scanning Failure!!! Fri Sep 08 10:32:22 2006 => C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\harvard business review:Five Minds Of Managers.PDF possibly infected and removed by background antivirus package! Fri Sep 08 10:32:22 2006 => File C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\harvard business review:Five Minds Of Managers.PDF infected by "BkCln.Unknown" Virus. Action Taken: File Renamed. Fri Sep 08 10:33:33 2006 => C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\Mckinsey -« Valuation:Measuring And Managing The Value Of Companies»1.RAR possibly infected and removed by background antivirus package! Fri Sep 08 10:33:33 2006 => Result: ERROR!!! File C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\Mckinsey -« Valuation:Measuring And Managing The Value Of Companies»1.RAR: Scanning Failure!!! Fri Sep 08 10:33:33 2006 => C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\Mckinsey -« Valuation:Measuring And Managing The Value Of Companies»1.RAR possibly infected and removed by background antivirus package! Fri Sep 08 10:33:33 2006 => File C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\Mckinsey -« Valuation:Measuring And Managing The Value Of Companies»1.RAR infected by "BkCln.Unknown" Virus. Action Taken: File Deleted. Fri Sep 08 10:33:33 2006 => Scanning File C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\Mckinsey -«The McKinsey Way».RAR Fri Sep 08 10:33:33 2006 => C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\Mckinsey -«The McKinsey Way».RAR possibly infected and removed by background antivirus package! Fri Sep 08 10:33:33 2006 => Result: ERROR!!! File C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\Mckinsey -«The McKinsey Way».RAR: Scanning Failure!!! Fri Sep 08 10:33:33 2006 => C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\Mckinsey -«The McKinsey Way».RAR possibly infected and removed by background antivirus package! Fri Sep 08 10:33:33 2006 => File C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\Mckinsey -«The McKinsey Way».RAR infected by "BkCln.Unknown" Virus. Action Taken: File Deleted. Fri Sep 08 10:33:34 2006 => Scanning File C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\Mckinsey????? marvin bower??1.RAR Fri Sep 08 10:33:34 2006 => ERROR!!! ScanFile fails for C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\Mckinsey????? marvin bower??1.RAR Fri Sep 08 10:33:34 2006 => Scanning File C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\Mckinsey????? marvin bower??2.RAR Fri Sep 08 10:33:34 2006 => C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\McKinsey-Benchmark Research-Nokia.PPT possibly infected and removed by background antivirus package! Fri Sep 08 10:33:34 2006 => Result: ERROR!!! File C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\McKinsey-Benchmark Research-Nokia.PPT: Scanning Failure!!! Fri Sep 08 10:33:34 2006 => C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\McKinsey-Benchmark Research-Nokia.PPT possibly infected and removed by background antivirus package! Fri Sep 08 10:33:34 2006 => File C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\McKinsey-Benchmark Research-Nokia.PPT infected by "BkCln.Unknown" Virus. Action Taken: File Renamed. Fri Sep 08 10:34:21 2006 => C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\??-Strategic Planning in the Private Sector.PPT possibly infected and removed by background antivirus package! Fri Sep 08 10:34:21 2006 => Result: ERROR!!! File C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\??-Strategic Planning in the Private Sector.PPT: Scanning Failure!!! Fri Sep 08 10:34:21 2006 => C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\??-Strategic Planning in the Private Sector.PPT possibly infected and removed by background antivirus package! Fri Sep 08 10:34:21 2006 => File C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\??-Strategic Planning in the Private Sector.PPT infected by "BkCln.Unknown" Virus. Action Taken: File Renamed. Fri Sep 08 10:34:37 2006 => File C:\Documents and Settings\Arnaud & Gaëlle\Bureau\clean\clean\pskill.exe tagged as not-a-virus:RiskTool.Win32.PsKill.k. No Action Taken. ot-a-virus:RiskTool.Win32.PsKill.k. No Action Taken. Fri Sep 08 10:35:32 2006 => File C:\Documents and Settings\Arnaud & Gaëlle\Bureau\SmitfraudFix\SmitfraudFix\Reboot.exe tagged as not-a-virus:RiskTool.Win32.Reboot.f. No Action Taken. Fri Sep 08 10:35:33 2006 => File C:\Documents and Settings\Arnaud & Gaëlle\Bureau\SmitfraudFix.zip tagged as not-a-virus:RiskTool.Win32.Reboot.f. No Action Taken. Fri Sep 08 10:35:46 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\ARNAUD~1\Cookies\index.dat Fri Sep 08 10:35:49 2006 => ERROR!!! ScanFile fails for C:\Documents and Settings\Arnaud & Gaëlle\Favoris\Stratégie\??.?????????????.url Fri Sep 08 10:35:49 2006 => ERROR!!! ScanFile fails for C:\Documents and Settings\Arnaud & Gaëlle\Favoris\Stratégie\???? ????? ????? ????.url Fri Sep 08 10:36:27 2006 => *** File C:\Documents and Settings\Arnaud & Gaëlle\Local Settings\Application Data\Microsoft\Wallpaper1.bmp having Size Restriction *** Fri Sep 08 10:36:27 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\ARNAUD~1\LOCALS~1\APPLIC~1\MICROS~1\Windows\UsrClass.dat Fri Sep 08 10:36:27 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\ARNAUD~1\LOCALS~1\APPLIC~1\MICROS~1\Windows\USRCLA~1.LOG Fri Sep 08 10:38:46 2006 => File C:\Documents and Settings\Arnaud & Gaëlle\Local Settings\Temporary Internet Files\Content.IE5\NB9BNHWW\SPLOIT[1].0NR infected by "Trojan-Downloader.Win32.Ani.c" Virus. Action Taken: File Deleted. Fri Sep 08 10:38:47 2006 => File C:\Documents and Settings\Arnaud & Gaëlle\Local Settings\Temporary Internet Files\Content.IE5\NB9BNHWW\ssqbn[1].exe infected by "Trojan-Downloader.Win32.Small.ajc" Virus. Action Taken: File Deleted. Fri Sep 08 10:39:21 2006 => File C:\Documents and Settings\Arnaud & Gaëlle\Local Settings\Temporary Internet Files\Content.IE5\UDZ49CZ6\VSL13[1].exe infected by "Trojan-Downloader.Win32.Small.ctp" Virus. Action Taken: File Deleted. Fri Sep 08 10:48:33 2006 => *** File C:\Documents and Settings\Arnaud & Gaëlle\Mes documents\photo.doc having Size Restriction *** Fri Sep 08 10:48:33 2006 => Scanning File C:\Documents and Settings\Arnaud & Gaëlle\Mes documents\photo.doc [**] Fri Sep 08 10:48:45 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\ARNAUD~1\NTUSER~1.LOG Fri Sep 08 10:48:51 2006 => ERROR!!! ScanFile fails for C:\Documents and Settings\Arnaud & Gaëlle\Recent\??????.doc.lnk Fri Sep 08 10:48:51 2006 => Scanning File C:\Documents and Settings\Arnaud & Gaëlle\Recent\??-Strategic Planning in the Private Sector.PPT.lnk Fri Sep 08 10:48:51 2006 => C:\Documents and Settings\Arnaud & Gaëlle\Recent\??-Strategic Planning in the Private Sector.PPT.lnk possibly infected and removed by background antivirus package! Fri Sep 08 10:48:51 2006 => Result: ERROR!!! File C:\Documents and Settings\Arnaud & Gaëlle\Recent\??-Strategic Planning in the Private Sector.PPT.lnk: Scanning Failure!!! Fri Sep 08 10:48:51 2006 => C:\Documents and Settings\Arnaud & Gaëlle\Recent\??-Strategic Planning in the Private Sector.PPT.lnk possibly infected and removed by background antivirus package! Fri Sep 08 10:48:51 2006 => File C:\Documents and Settings\Arnaud & Gaëlle\Recent\??-Strategic Planning in the Private Sector.PPT.lnk infected by "BkCln.Unknown" Virus. Action Taken: File Renamed. Fri Sep 08 10:49:43 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\NETWOR~1\LOCALS~1\APPLIC~1\MICROS~1\Windows\UsrClass.dat Fri Sep 08 10:49:43 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\NETWOR~1\LOCALS~1\APPLIC~1\MICROS~1\Windows\USRCLA~1.LOG Fri Sep 08 10:49:44 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\NETWOR~1\NTUSER.DAT Fri Sep 08 10:49:44 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\NETWOR~1\NTUSER~1.LOG Fri Sep 08 10:50:02 2006 => C:\DRIVERS\MCDBF\SOURCE1\OTHER.EXE not Scanned. Possibly password protected... Fri Sep 08 10:50:03 2006 => C:\DRIVERS\MCDBF\SOURCE1\TSADDON.EXE not Scanned. Possibly password protected... Fri Sep 08 10:54:28 2006 => *** File C:\Program Files\AOL 8.0\Jiti\Real.EXE having Size Restriction *** Fri Sep 08 10:54:28 2006 => Scanning File C:\Program Files\AOL 8.0\Jiti\Real.EXE [**] Fri Sep 08 10:57:14 2006 => *** File C:\Program Files\EHMINSTALL\DataEhm\AnthChk.tou having Size Restriction *** Fri Sep 08 10:57:14 2006 => Scanning File C:\Program Files\EHMINSTALL\DataEhm\AnthChk.tou [**] Fri Sep 08 10:57:14 2006 => *** File C:\Program Files\EHMINSTALL\DataEhm\ArtChk.tou having Size Restriction *** Fri Sep 08 10:57:14 2006 => Scanning File C:\Program Files\EHMINSTALL\DataEhm\ArtChk.tou [**] Fri Sep 08 10:57:14 2006 => *** File C:\Program Files\EHMINSTALL\DataEhm\DiapoChk.tou having Size Restriction *** Fri Sep 08 10:57:14 2006 => Scanning File C:\Program Files\EHMINSTALL\DataEhm\DiapoChk.tou [**] Fri Sep 08 10:57:14 2006 => *** File C:\Program Files\EHMINSTALL\DataEhm\dico.tou having Size Restriction *** Fri Sep 08 10:57:14 2006 => Scanning File C:\Program Files\EHMINSTALL\DataEhm\dico.tou [**] Fri Sep 08 10:57:14 2006 => *** File C:\Program Files\EHMINSTALL\DataEhm\DocChk.tou having Size Restriction *** Fri Sep 08 10:57:14 2006 => Scanning File C:\Program Files\EHMINSTALL\DataEhm\DocChk.tou [**] Fri Sep 08 10:57:14 2006 => Scanning File C:\Program Files\EHMINSTALL\DataEhm\FlagChk.tou Fri Sep 08 10:57:14 2006 => *** File C:\Program Files\EHMINSTALL\DataEhm\GCompChk.tou having Size Restriction *** Fri Sep 08 10:57:14 2006 => Scanning File C:\Program Files\EHMINSTALL\DataEhm\GCompChk.tou [**] Fri Sep 08 10:57:14 2006 => *** File C:\Program Files\EHMINSTALL\DataEhm\ImgChk.tou having Size Restriction *** Fri Sep 08 10:57:14 2006 => Scanning File C:\Program Files\EHMINSTALL\DataEhm\ImgChk.tou [**] Fri Sep 08 10:57:14 2006 => *** File C:\Program Files\EHMINSTALL\DataEhm\installchk.tou having Size Restriction *** Fri Sep 08 10:57:14 2006 => Scanning File C:\Program Files\EHMINSTALL\DataEhm\installchk.tou [**] Fri Sep 08 10:57:14 2006 => *** File C:\Program Files\EHMINSTALL\DataEhm\IntChk.tou having Size Restriction *** Fri Sep 08 10:57:14 2006 => Scanning File C:\Program Files\EHMINSTALL\DataEhm\IntChk.tou [**] Fri Sep 08 10:57:14 2006 => Scanning File C:\Program Files\EHMINSTALL\DataEhm\LsABoost.tou Fri Sep 08 10:57:14 2006 => *** File C:\Program Files\EHMINSTALL\DataEhm\MapChk.tou having Size Restriction *** Fri Sep 08 10:57:14 2006 => Scanning File C:\Program Files\EHMINSTALL\DataEhm\MapChk.tou [**] Fri Sep 08 10:57:14 2006 => Scanning File C:\Program Files\EHMINSTALL\DataEhm\MemChk.tou Fri Sep 08 10:57:15 2006 => *** File C:\Program Files\EHMINSTALL\DataEhm\SndChk.tou having Size Restriction *** Fri Sep 08 10:57:15 2006 => Scanning File C:\Program Files\EHMINSTALL\DataEhm\SndChk.tou [**] Fri Sep 08 10:57:15 2006 => *** File C:\Program Files\EHMINSTALL\DataEhm\SpellChk.tou having Size Restriction *** Fri Sep 08 10:57:15 2006 => Scanning File C:\Program Files\EHMINSTALL\DataEhm\SpellChk.tou [**] Fri Sep 08 10:57:15 2006 => Scanning File C:\Program Files\EHMINSTALL\DataEhm\stroxtb.tou Fri Sep 08 10:57:15 2006 => *** File C:\Program Files\EHMINSTALL\DataEhm\VideoChk.tou having Size Restriction *** Fri Sep 08 10:57:15 2006 => Scanning File C:\Program Files\EHMINSTALL\DataEhm\VideoChk.tou [**] Fri Sep 08 10:57:15 2006 => *** File C:\Program Files\EHMINSTALL\DataEhm\VRChk.tou having Size Restriction *** Fri Sep 08 10:57:15 2006 => Scanning File C:\Program Files\EHMINSTALL\DataEhm\VRChk.tou [**] Fri Sep 08 10:58:32 2006 => Scanning Folder: C:\Program Files\ewido anti-spyware 4.0\Quarantine\*.* Fri Sep 08 10:58:32 2006 => Scanning File C:\Program Files\ewido anti-spyware 4.0\Quarantine\fil03D486C9.dat Fri Sep 08 10:58:32 2006 => Scanning File C:\Program Files\ewido anti-spyware 4.0\Quarantine\fil08E62790.dat Fri Sep 08 10:58:32 2006 => Scanning File C:\Program Files\ewido anti-spyware 4.0\Quarantine\fil0D078764.dat Fri Sep 08 10:58:32 2006 => Scanning File C:\Program Files\ewido anti-spyware 4.0\Quarantine\fil121D7381.dat Fri Sep 08 10:58:32 2006 => Scanning File C:\Program Files\ewido anti-spyware 4.0\Quarantine\fil16C5B8F9.dat Fri Sep 08 10:58:32 2006 => Scanning File C:\Program Files\ewido anti-spyware 4.0\Quarantine\fil2221C209.dat Fri Sep 08 10:58:32 2006 => Scanning File C:\Program Files\ewido anti-spyware 4.0\Quarantine\fil2640B8A9.dat Fri Sep 08 10:58:32 2006 => Scanning File C:\Program Files\ewido anti-spyware 4.0\Quarantine\fil2640B8AA.dat Fri Sep 08 10:58:32 2006 => Scanning File C:\Program Files\ewido anti-spyware 4.0\Quarantine\fil2A61D811.dat Fri Sep 08 10:58:32 2006 => Scanning File C:\Program Files\ewido anti-spyware 4.0\Quarantine\fil35673809.dat Fri Sep 08 10:58:32 2006 => Scanning File C:\Program Files\ewido anti-spyware 4.0\Quarantine\fil3F7C9B10.dat Fri Sep 08 10:58:32 2006 => Scanning File C:\Program Files\ewido anti-spyware 4.0\Quarantine\fil41753010.dat Fri Sep 08 10:58:32 2006 => Scanning File C:\Program Files\ewido anti-spyware 4.0\Quarantine\fil439B5144.dat Fri Sep 08 10:58:32 2006 => Scanning File C:\Program Files\ewido anti-spyware 4.0\Quarantine\fil48AE9651.dat Fri Sep 08 10:58:32 2006 => Scanning File C:\Program Files\ewido anti-spyware 4.0\Quarantine\fil4C0681E9.dat Fri Sep 08 10:58:32 2006 => Scanning File C:\Program Files\ewido anti-spyware 4.0\Quarantine\fil4EA33F90.dat Fri Sep 08 10:58:32 2006 => Scanning File C:\Program Files\ewido anti-spyware 4.0\Quarantine\fil5CD77B99.dat Fri Sep 08 10:58:32 2006 => Scanning File C:\Program Files\ewido anti-spyware 4.0\Quarantine\fil5CD77B9A.dat Fri Sep 08 10:58:32 2006 => Scanning File C:\Program Files\ewido anti-spyware 4.0\Quarantine\fil701C7881.dat Fri Sep 08 10:58:32 2006 => Scanning File C:\Program Files\ewido anti-spyware 4.0\Quarantine\fil752F5C40.dat Fri Sep 08 10:58:32 2006 => Scanning File C:\Program Files\ewido anti-spyware 4.0\Quarantine\fil89590FE4.dat Fri Sep 08 10:58:32 2006 => Scanning File C:\Program Files\ewido anti-spyware 4.0\Quarantine\fil8D772400.dat Fri Sep 08 10:58:32 2006 => Scanning File C:\Program Files\ewido anti-spyware 4.0\Quarantine\fil9289C791.dat Fri Sep 08 10:58:32 2006 => Scanning File C:\Program Files\ewido anti-spyware 4.0\Quarantine\fil987FBE24.dat Fri Sep 08 10:58:32 2006 => Scanning File C:\Program Files\ewido anti-spyware 4.0\Quarantine\filA0BDCCA4.dat Fri Sep 08 10:58:33 2006 => Scanning File C:\Program Files\ewido anti-spyware 4.0\Quarantine\filA6B40351.dat Fri Sep 08 10:58:33 2006 => Scanning File C:\Program Files\ewido anti-spyware 4.0\Quarantine\filA6B40352.dat Fri Sep 08 10:58:33 2006 => Scanning File C:\Program Files\ewido anti-spyware 4.0\Quarantine\filA6B40353.dat Fri Sep 08 10:58:33 2006 => Scanning File C:\Program Files\ewido anti-spyware 4.0\Quarantine\filABC44000.dat Fri Sep 08 10:58:33 2006 => Scanning File C:\Program Files\ewido anti-spyware 4.0\Quarantine\filAFE43A64.dat Fri Sep 08 10:58:33 2006 => Scanning File C:\Program Files\ewido anti-spyware 4.0\Quarantine\filAFE43A65.dat Fri Sep 08 10:58:33 2006 => Scanning File C:\Program Files\ewido anti-spyware 4.0\Quarantine\filB5DAB571.dat Fri Sep 08 10:58:33 2006 => Scanning File C:\Program Files\ewido anti-spyware 4.0\Quarantine\filB9F867E1.dat Fri Sep 08 10:58:33 2006 => Scanning File C:\Program Files\ewido anti-spyware 4.0\Quarantine\filBF0AAA24.dat Fri Sep 08 10:58:33 2006 => Scanning File C:\Program Files\ewido anti-spyware 4.0\Quarantine\filC91EFAC1.dat Fri Sep 08 10:58:33 2006 => Scanning File C:\Program Files\ewido anti-spyware 4.0\Quarantine\filC91EFAC2.dat Fri Sep 08 10:58:33 2006 => Scanning File C:\Program Files\ewido anti-spyware 4.0\Quarantine\filD6770604.dat Fri Sep 08 10:58:33 2006 => Scanning File C:\Program Files\ewido anti-spyware 4.0\Quarantine\filD8458FA1.dat Fri Sep 08 10:58:33 2006 => Scanning File C:\Program Files\ewido anti-spyware 4.0\Quarantine\filDC652859.dat Fri Sep 08 10:58:33 2006 => Scanning File C:\Program Files\ewido anti-spyware 4.0\Quarantine\filE25C6C40.dat Fri Sep 08 10:58:33 2006 => Scanning File C:\Program Files\ewido anti-spyware 4.0\Quarantine\filEB8B9DF9.dat Fri Sep 08 10:58:33 2006 => Scanning File C:\Program Files\ewido anti-spyware 4.0\Quarantine\filEFAD3E39.dat Fri Sep 08 10:58:33 2006 => Scanning File C:\Program Files\ewido anti-spyware 4.0\Quarantine\filF5A055C4.dat Fri Sep 08 10:58:33 2006 => Scanning File C:\Program Files\ewido anti-spyware 4.0\Quarantine\filF9BFAE10.dat Fri Sep 08 10:58:33 2006 => Scanning File C:\Program Files\ewido anti-spyware 4.0\Quarantine\filF9BFAE11.dat Fri Sep 08 10:58:33 2006 => Scanning File C:\Program Files\ewido anti-spyware 4.0\Quarantine\filF9BFAE12.dat Fri Sep 08 10:58:33 2006 => Scanning File C:\Program Files\ewido anti-spyware 4.0\Quarantine\filF9BFAE13.dat Fri Sep 08 10:58:33 2006 => Scanning File C:\Program Files\ewido anti-spyware 4.0\Quarantine\filF9BFAE14.dat Fri Sep 08 10:58:33 2006 => Scanning File C:\Program Files\ewido anti-spyware 4.0\Quarantine\filF9BFAE15.dat Fri Sep 08 10:58:33 2006 => Scanning File C:\Program Files\ewido anti-spyware 4.0\Quarantine\reg3DAB5D21.dat Fri Sep 08 10:58:33 2006 => Scanning File C:\Program Files\ewido anti-spyware 4.0\Quarantine\reg5BF7DCE1.dat Fri Sep 08 10:58:33 2006 => Scanning File C:\Program Files\ewido anti-spyware 4.0\Quarantine\reg5BF7DCE2.dat Fri Sep 08 10:59:14 2006 => *** File C:\Program Files\Fichiers communs\Java\Update\Base Images\j2re1.4.2-b28\core1.zip having Size Restriction *** Fri Sep 08 10:59:14 2006 => Scanning File C:\Program Files\Fichiers communs\Java\Update\Base Images\j2re1.4.2-b28\core1.zip [**] Fri Sep 08 10:59:14 2006 => *** File C:\Program Files\Fichiers communs\Java\Update\Base Images\j2re1.4.2-b28\core2.zip having Size Restriction *** Fri Sep 08 10:59:14 2006 => Scanning File C:\Program Files\Fichiers communs\Java\Update\Base Images\j2re1.4.2-b28\core2.zip [**] Fri Sep 08 11:00:18 2006 => *** File C:\Program Files\Fichiers communs\Microsoft Shared\Office10\MSO.DLL having Size Restriction *** Fri Sep 08 11:00:18 2006 => Scanning File C:\Program Files\Fichiers communs\Microsoft Shared\Office10\MSO.DLL [**] Fri Sep 08 11:00:22 2006 => *** File C:\Program Files\Fichiers communs\Microsoft Shared\Proof\MSGR3GE.LEX having Size Restriction *** Fri Sep 08 11:00:22 2006 => Scanning File C:\Program Files\Fichiers communs\Microsoft Shared\Proof\MSGR3GE.LEX [**] Fri Sep 08 11:00:31 2006 => *** File C:\Program Files\Fichiers communs\Microsoft Shared\Translat\ENAR\MSB1ENAR.ITS having Size Restriction ***

Malekal_morte Le rapport eScan Antivirus Toolkit est 7 fois plus long que la longueur max. autorisée. A part le copier/coller en 7 morceaux sur ce forum, j'ai un moyen plus simple de te le faire parvenir ?

Malekal_morte, Voici les nouveaux rapports de scan : 1 virus en moins (YES ! ), mais restent tjs Trojan-Downloader.Win32.Small.ctp, Trojan-Downloader.Win32.Small.ajc notamment. => Tes suggestions pour la suite ??? 1/ SCAN SUR LES "CRITICAL AREAS" : ------------------------------------------------------------------------------- KASPERSKY ONLINE SCANNER REPORT Thursday, September 07, 2006 8:52:44 PM Operating System: Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600) Kaspersky Online Scanner version: 5.0.83.0 Kaspersky Anti-Virus database last update: 7/09/2006 Kaspersky Anti-Virus database records: 221623 ------------------------------------------------------------------------------- Scan Settings: Scan using the following antivirus database: extended Scan Archives: true Scan Mail Bases: true Scan Target - Critical Areas: C:\WINDOWS C:\DOCUME~1\ARNAUD~1\LOCALS~1\Temp\ Scan Statistics: Total number of scanned objects: 22909 Number of viruses found: 3 Number of infected objects: 10 / 0 Number of suspicious objects: 0 Duration of the scan process: 00:21:40 Infected Object Name / Virus Name / Last Action C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped C:\WINDOWS\RESTORE.INS/C:/OEMCUST/TOOLS/WIN32/PSKILL.EXE Infected: not-a-virus:NetTool.Win32.PsKill skipped C:\WINDOWS\RESTORE.INS ARJ: infected - 1 skipped C:\WINDOWS\SchedLgU.Txt Object is locked skipped C:\WINDOWS\SoftwareDistribution\EventCache\{6EBBA271-0837-4A91-B164-3F55412F2240}.bin Object is locked skipped C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped C:\WINDOWS\Sti_Trace.log Object is locked skipped C:\WINDOWS\system\RESTORE.INS/C:/OEMCUST/TOOLS/WIN32/PSKILL.EXE Infected: not-a-virus:NetTool.Win32.PsKill skipped C:\WINDOWS\system\RESTORE.INS ARJ: infected - 1 skipped C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped C:\WINDOWS\system32\config\DEFAULT Object is locked skipped C:\WINDOWS\system32\config\default.LOG Object is locked skipped C:\WINDOWS\system32\config\SAM Object is locked skipped C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped C:\WINDOWS\system32\config\SECURITY Object is locked skipped C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped C:\WINDOWS\system32\config\SOFTWARE Object is locked skipped C:\WINDOWS\system32\config\software.LOG Object is locked skipped C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped C:\WINDOWS\system32\config\SYSTEM Object is locked skipped C:\WINDOWS\system32\config\system.LOG Object is locked skipped C:\WINDOWS\system32\h323log.txt Object is locked skipped C:\WINDOWS\system32\ssqbn.exe/data0002 Infected: Trojan-Downloader.Win32.Small.ajc skipped C:\WINDOWS\system32\ssqbn.exe/data0003 Infected: Trojan-Downloader.Win32.Small.ajc skipped C:\WINDOWS\system32\ssqbn.exe NSIS: infected - 2 skipped C:\WINDOWS\system32\VSL13.exe/data0004 Infected: Trojan-Downloader.Win32.Small.ctp skipped C:\WINDOWS\system32\VSL13.exe/data0005 Infected: Trojan-Downloader.Win32.Small.ajc skipped C:\WINDOWS\system32\VSL13.exe NSIS: infected - 2 skipped C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped C:\WINDOWS\wiadebug.log Object is locked skipped C:\WINDOWS\wiaservc.log Object is locked skipped C:\WINDOWS\WindowsUpdate.log Object is locked skipped Scan process completed. 2/ SCAN SUR "MY COMPUTER" : ------------------------------------------------------------------------------- KASPERSKY ONLINE SCANNER REPORT Thursday, September 07, 2006 11:57:35 PM Operating System: Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600) Kaspersky Online Scanner version: 5.0.83.0 Kaspersky Anti-Virus database last update: 7/09/2006 Kaspersky Anti-Virus database records: 221628 ------------------------------------------------------------------------------- Scan Settings: Scan using the following antivirus database: extended Scan Archives: true Scan Mail Bases: true Scan Target - My Computer: A:\ C:\ D:\ E:\ F:\ G:\ H:\ Scan Statistics: Total number of scanned objects: 86519 Number of viruses found: 9 Number of infected objects: 32 / 0 Number of suspicious objects: 2 Duration of the scan process: 02:55:46 Infected Object Name / Virus Name / Last Action C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped C:\Documents and Settings\Arnaud & Gaëlle\Application Data\Microsoft\Modèles\Normal.dot Object is locked skipped C:\Documents and Settings\Arnaud & Gaëlle\Application Data\Phoenix\Profiles\default\o0pdhv5q.slt\Cache\_CACHE_001_ Object is locked skipped C:\Documents and Settings\Arnaud & Gaëlle\Application Data\Phoenix\Profiles\default\o0pdhv5q.slt\Cache\_CACHE_002_ Object is locked skipped C:\Documents and Settings\Arnaud & Gaëlle\Application Data\Phoenix\Profiles\default\o0pdhv5q.slt\Cache\_CACHE_003_ Object is locked skipped C:\Documents and Settings\Arnaud & Gaëlle\Application Data\Phoenix\Profiles\default\o0pdhv5q.slt\Cache\_CACHE_MAP_ Object is locked skipped C:\Documents and Settings\Arnaud & Gaëlle\Application Data\Phoenix\Profiles\default\o0pdhv5q.slt\cert8.db Object is locked skipped C:\Documents and Settings\Arnaud & Gaëlle\Application Data\Phoenix\Profiles\default\o0pdhv5q.slt\formhistory.dat Object is locked skipped C:\Documents and Settings\Arnaud & Gaëlle\Application Data\Phoenix\Profiles\default\o0pdhv5q.slt\history.dat Object is locked skipped C:\Documents and Settings\Arnaud & Gaëlle\Application Data\Phoenix\Profiles\default\o0pdhv5q.slt\key3.db Object is locked skipped C:\Documents and Settings\Arnaud & Gaëlle\Application Data\Phoenix\Profiles\default\o0pdhv5q.slt\parent.lock Object is locked skipped C:\Documents and Settings\Arnaud & Gaëlle\Bureau\clean_old\clean\pskill.exe Infected: not-a-virus:RiskTool.Win32.PsKill.k skipped C:\Documents and Settings\Arnaud & Gaëlle\Bureau\clean_old.zip/clean/pskill.exe Infected: not-a-virus:RiskTool.Win32.PsKill.k skipped C:\Documents and Settings\Arnaud & Gaëlle\Bureau\clean_old.zip ZIP: infected - 1 skipped C:\Documents and Settings\Arnaud & Gaëlle\Bureau\SmitfraudFix\SmitfraudFix\Reboot.exe Infected: not-a-virus:RiskTool.Win32.Reboot.f skipped C:\Documents and Settings\Arnaud & Gaëlle\Bureau\SmitfraudFix.zip/SmitfraudFix/Reboot.exe Infected: not-a-virus:RiskTool.Win32.Reboot.f skipped C:\Documents and Settings\Arnaud & Gaëlle\Bureau\SmitfraudFix.zip ZIP: infected - 1 skipped C:\Documents and Settings\Arnaud & Gaëlle\Cookies\index.dat Object is locked skipped C:\Documents and Settings\Arnaud & Gaëlle\Local Settings\Application Data\Identities\{C7AEEBAE-5E7F-418F-B832-C7518D1AA7AC}\Microsoft\Outlook Express\Éléments supprimés.dbx/[From filiz_mertol@mynet.com][Date Fri, 28 May 2004 20:38:43 +0200]/UNNAMED/UNNAMED/html Suspicious: Exploit.HTML.Iframe.FileDownload skipped C:\Documents and Settings\Arnaud & Gaëlle\Local Settings\Application Data\Identities\{C7AEEBAE-5E7F-418F-B832-C7518D1AA7AC}\Microsoft\Outlook Express\Éléments supprimés.dbx/[From filiz_mertol@mynet.com][Date Fri, 28 May 2004 20:38:43 +0200]/UNNAMED/UNNAMED Suspicious: Exploit.HTML.Iframe.FileDownload skipped C:\Documents and Settings\Arnaud & Gaëlle\Local Settings\Application Data\Identities\{C7AEEBAE-5E7F-418F-B832-C7518D1AA7AC}\Microsoft\Outlook Express\Éléments supprimés.dbx/[From filiz_mertol@mynet.com][Date Fri, 28 May 2004 20:38:43 +0200]/UNNAMED/message.scr Infected: Email-Worm.Win32.NetSky.q skipped C:\Documents and Settings\Arnaud & Gaëlle\Local Settings\Application Data\Identities\{C7AEEBAE-5E7F-418F-B832-C7518D1AA7AC}\Microsoft\Outlook Express\Éléments supprimés.dbx/[From filiz_mertol@mynet.com][Date Fri, 28 May 2004 20:38:43 +0200]/UNNAMED Infected: Email-Worm.Win32.NetSky.q skipped C:\Documents and Settings\Arnaud & Gaëlle\Local Settings\Application Data\Identities\{C7AEEBAE-5E7F-418F-B832-C7518D1AA7AC}\Microsoft\Outlook Express\Éléments supprimés.dbx/[From edwigepart@wanadoo.fr][Date Fri, 28 May 2004 20:34:26 +0200]/UNNAMED/document.txt Infected: Email-Worm.Win32.NetSky.q skipped C:\Documents and Settings\Arnaud & Gaëlle\Local Settings\Application Data\Identities\{C7AEEBAE-5E7F-418F-B832-C7518D1AA7AC}\Microsoft\Outlook Express\Éléments supprimés.dbx/[From edwigepart@wanadoo.fr][Date Fri, 28 May 2004 20:34:26 +0200]/UNNAMED Infected: Email-Worm.Win32.NetSky.q skipped C:\Documents and Settings\Arnaud & Gaëlle\Local Settings\Application Data\Identities\{C7AEEBAE-5E7F-418F-B832-C7518D1AA7AC}\Microsoft\Outlook Express\Éléments supprimés.dbx/[From MAILER-DAEMON@wanadoo.fr (Mail Delivery System)][Date Sat, 12 Jun 2004 14:04:27 +0200 (CEST)]/UNNAMED/UNNAMED/[From ][Date Sat, 12 Jun 2004 14:03:57 +0200]/warez_portmoney.zip/warez_portmoney.doc.com Infected: Email-Worm.Win32.NetSky.c skipped C:\Documents and Settings\Arnaud & Gaëlle\Local Settings\Application Data\Identities\{C7AEEBAE-5E7F-418F-B832-C7518D1AA7AC}\Microsoft\Outlook Express\Éléments supprimés.dbx/[From MAILER-DAEMON@wanadoo.fr (Mail Delivery System)][Date Sat, 12 Jun 2004 14:04:27 +0200 (CEST)]/UNNAMED/UNNAMED/[From ][Date Sat, 12 Jun 2004 14:03:57 +0200]/warez_portmoney.zip Infected: Email-Worm.Win32.NetSky.c skipped C:\Documents and Settings\Arnaud & Gaëlle\Local Settings\Application Data\Identities\{C7AEEBAE-5E7F-418F-B832-C7518D1AA7AC}\Microsoft\Outlook Express\Éléments supprimés.dbx/[From MAILER-DAEMON@wanadoo.fr (Mail Delivery System)][Date Sat, 12 Jun 2004 14:04:27 +0200 (CEST)]/UNNAMED/UNNAMED Infected: Email-Worm.Win32.NetSky.c skipped C:\Documents and Settings\Arnaud & Gaëlle\Local Settings\Application Data\Identities\{C7AEEBAE-5E7F-418F-B832-C7518D1AA7AC}\Microsoft\Outlook Express\Éléments supprimés.dbx/[From MAILER-DAEMON@wanadoo.fr (Mail Delivery System)][Date Sat, 12 Jun 2004 14:04:27 +0200 (CEST)]/UNNAMED Infected: Email-Worm.Win32.NetSky.c skipped C:\Documents and Settings\Arnaud & Gaëlle\Local Settings\Application Data\Identities\{C7AEEBAE-5E7F-418F-B832-C7518D1AA7AC}\Microsoft\Outlook Express\Éléments supprimés.dbx Mail MS Outlook 5: infected - 8, suspicious - 2 skipped C:\Documents and Settings\Arnaud & Gaëlle\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped C:\Documents and Settings\Arnaud & Gaëlle\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped C:\Documents and Settings\Arnaud & Gaëlle\Local Settings\Historique\History.IE5\index.dat Object is locked skipped C:\Documents and Settings\Arnaud & Gaëlle\Local Settings\Temp\~DFB6F9.tmp Object is locked skipped C:\Documents and Settings\Arnaud & Gaëlle\Local Settings\Temp\~DFBAD3.tmp Object is locked skipped C:\Documents and Settings\Arnaud & Gaëlle\Local Settings\Temp\~DFF091.tmp Object is locked skipped C:\Documents and Settings\Arnaud & Gaëlle\Local Settings\Temp\~WRD0000.doc Object is locked skipped C:\Documents and Settings\Arnaud & Gaëlle\Local Settings\Temp\~WRS0001.tmp Object is locked skipped C:\Documents and Settings\Arnaud & Gaëlle\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped C:\Documents and Settings\Arnaud & Gaëlle\Local Settings\Temporary Internet Files\Content.IE5\NB9BNHWW\SPLOIT[1].0NR Infected: Trojan-Downloader.Win32.Ani.c skipped C:\Documents and Settings\Arnaud & Gaëlle\Local Settings\Temporary Internet Files\Content.IE5\NB9BNHWW\ssqbn[1].exe/data0002 Infected: Trojan-Downloader.Win32.Small.ajc skipped C:\Documents and Settings\Arnaud & Gaëlle\Local Settings\Temporary Internet Files\Content.IE5\NB9BNHWW\ssqbn[1].exe/data0003 Infected: Trojan-Downloader.Win32.Small.ajc skipped C:\Documents and Settings\Arnaud & Gaëlle\Local Settings\Temporary Internet Files\Content.IE5\NB9BNHWW\ssqbn[1].exe NSIS: infected - 2 skipped C:\Documents and Settings\Arnaud & Gaëlle\Local Settings\Temporary Internet Files\Content.IE5\UDZ49CZ6\VSL13[1].exe/data0004 Infected: Trojan-Downloader.Win32.Small.ctp skipped C:\Documents and Settings\Arnaud & Gaëlle\Local Settings\Temporary Internet Files\Content.IE5\UDZ49CZ6\VSL13[1].exe/data0005 Infected: Trojan-Downloader.Win32.Small.ajc skipped C:\Documents and Settings\Arnaud & Gaëlle\Local Settings\Temporary Internet Files\Content.IE5\UDZ49CZ6\VSL13[1].exe NSIS: infected - 2 skipped C:\Documents and Settings\Arnaud & Gaëlle\NTUSER.DAT Object is locked skipped C:\Documents and Settings\Arnaud & Gaëlle\ntuser.dat.LOG Object is locked skipped C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Historique\History.IE5\index.dat Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Arnaud & Gaëlle\Data\chandir.dat Object is locked skipped C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Arnaud & Gaëlle\Data\chandir.idx Object is locked skipped C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Arnaud & Gaëlle\Data\chn.dat Object is locked skipped C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Arnaud & Gaëlle\Data\chn.idx Object is locked skipped C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Arnaud & Gaëlle\Data\D0000000.FCS Object is locked skipped C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Arnaud & Gaëlle\Data\inuse.txt Object is locked skipped C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Arnaud & Gaëlle\Data\L0000023.FCS Object is locked skipped C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Arnaud & Gaëlle\Data\main.log Object is locked skipped C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Arnaud & Gaëlle\Data\prs.dat Object is locked skipped C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Arnaud & Gaëlle\Data\prs.idx Object is locked skipped C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Arnaud & Gaëlle\Data\prs_die.dat Object is locked skipped C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Arnaud & Gaëlle\Data\prs_die.idx Object is locked skipped C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Arnaud & Gaëlle\Data\prs_dnd.dat Object is locked skipped C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Arnaud & Gaëlle\Data\prs_dnd.idx Object is locked skipped C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Arnaud & Gaëlle\Data\prs_ext.dat Object is locked skipped C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Arnaud & Gaëlle\Data\prs_ext.idx Object is locked skipped C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Arnaud & Gaëlle\Data\prs_rcv.dat Object is locked skipped C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Arnaud & Gaëlle\Data\prs_rcv.idx Object is locked skipped C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Arnaud & Gaëlle\Data\storydb.dat Object is locked skipped C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Arnaud & Gaëlle\Data\storydb.idx Object is locked skipped C:\Program Files\microsoft office\office10\Startup\PALMAPP.DOT Object is locked skipped C:\Program Files\Securitoo\av_fw\backweb\1044199\Users\Default\Data\cache.dat Object is locked skipped C:\Program Files\Securitoo\av_fw\backweb\1044199\Users\Default\Data\chandir.dat Object is locked skipped C:\Program Files\Securitoo\av_fw\backweb\1044199\Users\Default\Data\chandir.idx Object is locked skipped C:\Program Files\Securitoo\av_fw\backweb\1044199\Users\Default\Data\chn.dat Object is locked skipped C:\Program Files\Securitoo\av_fw\backweb\1044199\Users\Default\Data\chn.idx Object is locked skipped C:\Program Files\Securitoo\av_fw\backweb\1044199\Users\Default\Data\D0000000.FCS Object is locked skipped C:\Program Files\Securitoo\av_fw\backweb\1044199\Users\Default\Data\inuse.txt Object is locked skipped C:\Program Files\Securitoo\av_fw\backweb\1044199\Users\Default\Data\L0000066.FCS Object is locked skipped C:\Program Files\Securitoo\av_fw\backweb\1044199\Users\Default\Data\main.log Object is locked skipped C:\Program Files\Securitoo\av_fw\backweb\1044199\Users\Default\Data\prs.dat Object is locked skipped C:\Program Files\Securitoo\av_fw\backweb\1044199\Users\Default\Data\prs.idx Object is locked skipped C:\Program Files\Securitoo\av_fw\backweb\1044199\Users\Default\Data\prs_die.dat Object is locked skipped C:\Program Files\Securitoo\av_fw\backweb\1044199\Users\Default\Data\prs_die.idx Object is locked skipped C:\Program Files\Securitoo\av_fw\backweb\1044199\Users\Default\Data\prs_dnd.dat Object is locked skipped C:\Program Files\Securitoo\av_fw\backweb\1044199\Users\Default\Data\prs_dnd.idx Object is locked skipped C:\Program Files\Securitoo\av_fw\backweb\1044199\Users\Default\Data\prs_ext.dat Object is locked skipped C:\Program Files\Securitoo\av_fw\backweb\1044199\Users\Default\Data\prs_ext.idx Object is locked skipped C:\Program Files\Securitoo\av_fw\backweb\1044199\Users\Default\Data\prs_rcv.dat Object is locked skipped C:\Program Files\Securitoo\av_fw\backweb\1044199\Users\Default\Data\prs_rcv.idx Object is locked skipped C:\Program Files\Securitoo\av_fw\backweb\1044199\Users\Default\Data\storydb.dat Object is locked skipped C:\Program Files\Securitoo\av_fw\backweb\1044199\Users\Default\Data\storydb.idx Object is locked skipped C:\Program Files\Securitoo\av_fw\Common\admin.pub Object is locked skipped C:\Program Files\Securitoo\av_fw\Common\policy.bpf Object is locked skipped C:\Program Files\Securitoo\av_fw\Common\policy.ipf Object is locked skipped C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped C:\WINDOWS\RESTORE.INS/C:/OEMCUST/TOOLS/WIN32/PSKILL.EXE Infected: not-a-virus:NetTool.Win32.PsKill skipped C:\WINDOWS\RESTORE.INS ARJ: infected - 1 skipped C:\WINDOWS\SchedLgU.Txt Object is locked skipped C:\WINDOWS\SoftwareDistribution\EventCache\{6EBBA271-0837-4A91-B164-3F55412F2240}.bin Object is locked skipped C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped C:\WINDOWS\Sti_Trace.log Object is locked skipped C:\WINDOWS\system\RESTORE.INS/C:/OEMCUST/TOOLS/WIN32/PSKILL.EXE Infected: not-a-virus:NetTool.Win32.PsKill skipped C:\WINDOWS\system\RESTORE.INS ARJ: infected - 1 skipped C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped C:\WINDOWS\system32\config\DEFAULT Object is locked skipped C:\WINDOWS\system32\config\default.LOG Object is locked skipped C:\WINDOWS\system32\config\SAM Object is locked skipped C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped C:\WINDOWS\system32\config\SECURITY Object is locked skipped C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped C:\WINDOWS\system32\config\SOFTWARE Object is locked skipped C:\WINDOWS\system32\config\software.LOG Object is locked skipped C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped C:\WINDOWS\system32\config\SYSTEM Object is locked skipped C:\WINDOWS\system32\config\system.LOG Object is locked skipped C:\WINDOWS\system32\h323log.txt Object is locked skipped C:\WINDOWS\system32\ssqbn.exe/data0002 Infected: Trojan-Downloader.Win32.Small.ajc skipped C:\WINDOWS\system32\ssqbn.exe/data0003 Infected: Trojan-Downloader.Win32.Small.ajc skipped C:\WINDOWS\system32\ssqbn.exe NSIS: infected - 2 skipped C:\WINDOWS\system32\VSL13.exe/data0004 Infected: Trojan-Downloader.Win32.Small.ctp skipped C:\WINDOWS\system32\VSL13.exe/data0005 Infected: Trojan-Downloader.Win32.Small.ajc skipped C:\WINDOWS\system32\VSL13.exe NSIS: infected - 2 skipped C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped C:\WINDOWS\wiadebug.log Object is locked skipped C:\WINDOWS\wiaservc.log Object is locked skipped C:\WINDOWS\WindowsUpdate.log Object is locked skipped Scan process completed.

Malekal_morte, Voici le rapport Kaspersky qui indique les "critical areas" infectées, puis l'autre rapport de scan effectué sur les disques "My computer". Que me conseilles-tu ? ------------------------------------------------------------------------------- KASPERSKY ONLINE SCANNER REPORT Thursday, September 07, 2006 2:50:52 PM Operating System: Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600) Kaspersky Online Scanner version: 5.0.83.0 Kaspersky Anti-Virus database last update: 7/09/2006 Kaspersky Anti-Virus database records: 221533 ------------------------------------------------------------------------------- Scan Settings: Scan using the following antivirus database: extended Scan Archives: true Scan Mail Bases: true Scan Target - Critical Areas: C:\WINDOWS C:\DOCUME~1\ARNAUD~1\LOCALS~1\Temp\ Scan Statistics: Total number of scanned objects: 22901 Number of viruses found: 3 Number of infected objects: 10 / 0 Number of suspicious objects: 0 Duration of the scan process: 00:23:45 Infected Object Name / Virus Name / Last Action C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped C:\WINDOWS\RESTORE.INS/C:/OEMCUST/TOOLS/WIN32/PSKILL.EXE Infected: not-a-virus:NetTool.Win32.PsKill skipped C:\WINDOWS\RESTORE.INS ARJ: infected - 1 skipped C:\WINDOWS\SchedLgU.Txt Object is locked skipped C:\WINDOWS\SoftwareDistribution\EventCache\{6EBBA271-0837-4A91-B164-3F55412F2240}.bin Object is locked skipped C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped C:\WINDOWS\Sti_Trace.log Object is locked skipped C:\WINDOWS\system\RESTORE.INS/C:/OEMCUST/TOOLS/WIN32/PSKILL.EXE Infected: not-a-virus:NetTool.Win32.PsKill skipped C:\WINDOWS\system\RESTORE.INS ARJ: infected - 1 skipped C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped C:\WINDOWS\system32\config\DEFAULT Object is locked skipped C:\WINDOWS\system32\config\default.LOG Object is locked skipped C:\WINDOWS\system32\config\SAM Object is locked skipped C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped C:\WINDOWS\system32\config\SECURITY Object is locked skipped C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped C:\WINDOWS\system32\config\SOFTWARE Object is locked skipped C:\WINDOWS\system32\config\software.LOG Object is locked skipped C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped C:\WINDOWS\system32\config\SYSTEM Object is locked skipped C:\WINDOWS\system32\config\system.LOG Object is locked skipped C:\WINDOWS\system32\h323log.txt Object is locked skipped C:\WINDOWS\system32\ssqbn.exe/data0002 Infected: Trojan-Downloader.Win32.Small.ajc skipped C:\WINDOWS\system32\ssqbn.exe/data0003 Infected: Trojan-Downloader.Win32.Small.ajc skipped C:\WINDOWS\system32\ssqbn.exe NSIS: infected - 2 skipped C:\WINDOWS\system32\VSL13.exe/data0004 Infected: Trojan-Downloader.Win32.Small.ctp skipped C:\WINDOWS\system32\VSL13.exe/data0005 Infected: Trojan-Downloader.Win32.Small.ajc skipped C:\WINDOWS\system32\VSL13.exe NSIS: infected - 2 skipped C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped C:\WINDOWS\wiadebug.log Object is locked skipped C:\WINDOWS\wiaservc.log Object is locked skipped C:\WINDOWS\WindowsUpdate.log Object is locked skipped Scan process completed. ------------------------------------------------------------------------------- KASPERSKY ONLINE SCANNER REPORT Thursday, September 7, 2006 11:58:55 AM Operating System: Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600) Kaspersky Online Scanner version: 5.0.83.0 Kaspersky Anti-Virus database last update: 7/09/2006 Kaspersky Anti-Virus database records: 221409 ------------------------------------------------------------------------------- Scan Settings: Scan using the following antivirus database: extended Scan Archives: true Scan Mail Bases: true Scan Target - My Computer: A:\ C:\ D:\ E:\ F:\ G:\ H:\ Scan Statistics: Total number of scanned objects: 96048 Number of viruses found: 10 Number of infected objects: 43 / 0 Number of suspicious objects: 2 Duration of the scan process: 02:27:12 Infected Object Name / Virus Name / Last Action C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped C:\Documents and Settings\Arnaud & Gaëlle\Application Data\Microsoft\Modèles\Normal.dot Object is locked skipped C:\Documents and Settings\Arnaud & Gaëlle\Application Data\Microsoft\Word\~WRA0000.asd Object is locked skipped C:\Documents and Settings\Arnaud & Gaëlle\Application Data\Phoenix\Profiles\default\o0pdhv5q.slt\Cache\633285D9d01/SmitfraudFix/Reboot.exe Infected: not-a-virus:RiskTool.Win32.Reboot.f skipped C:\Documents and Settings\Arnaud & Gaëlle\Application Data\Phoenix\Profiles\default\o0pdhv5q.slt\Cache\633285D9d01 ZIP: infected - 1 skipped C:\Documents and Settings\Arnaud & Gaëlle\Application Data\Phoenix\Profiles\default\o0pdhv5q.slt\Cache\7E03A035d01/clean/pskill.exe Infected: not-a-virus:RiskTool.Win32.PsKill.k skipped C:\Documents and Settings\Arnaud & Gaëlle\Application Data\Phoenix\Profiles\default\o0pdhv5q.slt\Cache\7E03A035d01 ZIP: infected - 1 skipped C:\Documents and Settings\Arnaud & Gaëlle\Application Data\Phoenix\Profiles\default\o0pdhv5q.slt\Cache\_CACHE_001_ Object is locked skipped C:\Documents and Settings\Arnaud & Gaëlle\Application Data\Phoenix\Profiles\default\o0pdhv5q.slt\Cache\_CACHE_002_ Object is locked skipped C:\Documents and Settings\Arnaud & Gaëlle\Application Data\Phoenix\Profiles\default\o0pdhv5q.slt\Cache\_CACHE_003_ Object is locked skipped C:\Documents and Settings\Arnaud & Gaëlle\Application Data\Phoenix\Profiles\default\o0pdhv5q.slt\Cache\_CACHE_MAP_ Object is locked skipped C:\Documents and Settings\Arnaud & Gaëlle\Application Data\Phoenix\Profiles\default\o0pdhv5q.slt\cert8.db Object is locked skipped C:\Documents and Settings\Arnaud & Gaëlle\Application Data\Phoenix\Profiles\default\o0pdhv5q.slt\formhistory.dat Object is locked skipped C:\Documents and Settings\Arnaud & Gaëlle\Application Data\Phoenix\Profiles\default\o0pdhv5q.slt\history.dat Object is locked skipped C:\Documents and Settings\Arnaud & Gaëlle\Application Data\Phoenix\Profiles\default\o0pdhv5q.slt\key3.db Object is locked skipped C:\Documents and Settings\Arnaud & Gaëlle\Application Data\Phoenix\Profiles\default\o0pdhv5q.slt\parent.lock Object is locked skipped C:\Documents and Settings\Arnaud & Gaëlle\Bureau\clean_old\clean\pskill.exe Infected: not-a-virus:RiskTool.Win32.PsKill.k skipped C:\Documents and Settings\Arnaud & Gaëlle\Bureau\clean_old.zip/clean/pskill.exe Infected: not-a-virus:RiskTool.Win32.PsKill.k skipped C:\Documents and Settings\Arnaud & Gaëlle\Bureau\clean_old.zip ZIP: infected - 1 skipped C:\Documents and Settings\Arnaud & Gaëlle\Bureau\SmitfraudFix.zip/SmitfraudFix/Reboot.exe Infected: not-a-virus:RiskTool.Win32.Reboot.f skipped C:\Documents and Settings\Arnaud & Gaëlle\Bureau\SmitfraudFix.zip ZIP: infected - 1 skipped C:\Documents and Settings\Arnaud & Gaëlle\Cookies\index.dat Object is locked skipped C:\Documents and Settings\Arnaud & Gaëlle\Local Settings\Application Data\Identities\{C7AEEBAE-5E7F-418F-B832-C7518D1AA7AC}\Microsoft\Outlook Express\Éléments supprimés.dbx/[From filiz_mertol@mynet.com][Date Fri, 28 May 2004 20:38:43 +0200]/UNNAMED/UNNAMED/html Suspicious: Exploit.HTML.Iframe.FileDownload skipped C:\Documents and Settings\Arnaud & Gaëlle\Local Settings\Application Data\Identities\{C7AEEBAE-5E7F-418F-B832-C7518D1AA7AC}\Microsoft\Outlook Express\Éléments supprimés.dbx/[From filiz_mertol@mynet.com][Date Fri, 28 May 2004 20:38:43 +0200]/UNNAMED/UNNAMED Suspicious: Exploit.HTML.Iframe.FileDownload skipped C:\Documents and Settings\Arnaud & Gaëlle\Local Settings\Application Data\Identities\{C7AEEBAE-5E7F-418F-B832-C7518D1AA7AC}\Microsoft\Outlook Express\Éléments supprimés.dbx/[From filiz_mertol@mynet.com][Date Fri, 28 May 2004 20:38:43 +0200]/UNNAMED/message.scr Infected: Email-Worm.Win32.NetSky.q skipped C:\Documents and Settings\Arnaud & Gaëlle\Local Settings\Application Data\Identities\{C7AEEBAE-5E7F-418F-B832-C7518D1AA7AC}\Microsoft\Outlook Express\Éléments supprimés.dbx/[From filiz_mertol@mynet.com][Date Fri, 28 May 2004 20:38:43 +0200]/UNNAMED Infected: Email-Worm.Win32.NetSky.q skipped C:\Documents and Settings\Arnaud & Gaëlle\Local Settings\Application Data\Identities\{C7AEEBAE-5E7F-418F-B832-C7518D1AA7AC}\Microsoft\Outlook Express\Éléments supprimés.dbx/[From edwigepart@wanadoo.fr][Date Fri, 28 May 2004 20:34:26 +0200]/UNNAMED/document.txt Infected: Email-Worm.Win32.NetSky.q skipped C:\Documents and Settings\Arnaud & Gaëlle\Local Settings\Application Data\Identities\{C7AEEBAE-5E7F-418F-B832-C7518D1AA7AC}\Microsoft\Outlook Express\Éléments supprimés.dbx/[From edwigepart@wanadoo.fr][Date Fri, 28 May 2004 20:34:26 +0200]/UNNAMED Infected: Email-Worm.Win32.NetSky.q skipped C:\Documents and Settings\Arnaud & Gaëlle\Local Settings\Application Data\Identities\{C7AEEBAE-5E7F-418F-B832-C7518D1AA7AC}\Microsoft\Outlook Express\Éléments supprimés.dbx/[From MAILER-DAEMON@wanadoo.fr (Mail Delivery System)][Date Sat, 12 Jun 2004 14:04:27 +0200 (CEST)]/UNNAMED/UNNAMED/[From hallier.gaelle@wanadoo.fr][Date Sat, 12 Jun 2004 14:03:57 +0200]/warez_portmoney.zip/warez_portmoney.doc.com Infected: Email-Worm.Win32.NetSky.c skipped C:\Documents and Settings\Arnaud & Gaëlle\Local Settings\Application Data\Identities\{C7AEEBAE-5E7F-418F-B832-C7518D1AA7AC}\Microsoft\Outlook Express\Éléments supprimés.dbx/[From MAILER-DAEMON@wanadoo.fr (Mail Delivery System)][Date Sat, 12 Jun 2004 14:04:27 +0200 (CEST)]/UNNAMED/UNNAMED/[From hallier.gaelle@wanadoo.fr][Date Sat, 12 Jun 2004 14:03:57 +0200]/warez_portmoney.zip Infected: Email-Worm.Win32.NetSky.c skipped C:\Documents and Settings\Arnaud & Gaëlle\Local Settings\Application Data\Identities\{C7AEEBAE-5E7F-418F-B832-C7518D1AA7AC}\Microsoft\Outlook Express\Éléments supprimés.dbx/[From MAILER-DAEMON@wanadoo.fr (Mail Delivery System)][Date Sat, 12 Jun 2004 14:04:27 +0200 (CEST)]/UNNAMED/UNNAMED Infected: Email-Worm.Win32.NetSky.c skipped C:\Documents and Settings\Arnaud & Gaëlle\Local Settings\Application Data\Identities\{C7AEEBAE-5E7F-418F-B832-C7518D1AA7AC}\Microsoft\Outlook Express\Éléments supprimés.dbx/[From MAILER-DAEMON@wanadoo.fr (Mail Delivery System)][Date Sat, 12 Jun 2004 14:04:27 +0200 (CEST)]/UNNAMED Infected: Email-Worm.Win32.NetSky.c skipped C:\Documents and Settings\Arnaud & Gaëlle\Local Settings\Application Data\Identities\{C7AEEBAE-5E7F-418F-B832-C7518D1AA7AC}\Microsoft\Outlook Express\Éléments supprimés.dbx Mail MS Outlook 5: infected - 8, suspicious - 2 skipped C:\Documents and Settings\Arnaud & Gaëlle\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped C:\Documents and Settings\Arnaud & Gaëlle\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped C:\Documents and Settings\Arnaud & Gaëlle\Local Settings\Historique\History.IE5\index.dat Object is locked skipped C:\Documents and Settings\Arnaud & Gaëlle\Local Settings\Historique\History.IE5\MSHist012006083120060901\index.dat Object is locked skipped C:\Documents and Settings\Arnaud & Gaëlle\Local Settings\Temp\~DF51A1.tmp Object is locked skipped C:\Documents and Settings\Arnaud & Gaëlle\Local Settings\Temp\~DF5493.tmp Object is locked skipped C:\Documents and Settings\Arnaud & Gaëlle\Local Settings\Temp\~DF848A.tmp Object is locked skipped C:\Documents and Settings\Arnaud & Gaëlle\Local Settings\Temp\~DF8576.tmp Object is locked skipped C:\Documents and Settings\Arnaud & Gaëlle\Local Settings\Temp\~WRD0003.doc Object is locked skipped C:\Documents and Settings\Arnaud & Gaëlle\Local Settings\Temp\~WRS0004.tmp Object is locked skipped C:\Documents and Settings\Arnaud & Gaëlle\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped C:\Documents and Settings\Arnaud & Gaëlle\Local Settings\Temporary Internet Files\Content.IE5\NB9BNHWW\SPLOIT[1].0NR Infected: Trojan-Downloader.Win32.Ani.c skipped C:\Documents and Settings\Arnaud & Gaëlle\Local Settings\Temporary Internet Files\Content.IE5\NB9BNHWW\ssqbn[1].exe/data0002 Infected: Trojan-Downloader.Win32.Small.ajc skipped C:\Documents and Settings\Arnaud & Gaëlle\Local Settings\Temporary Internet Files\Content.IE5\NB9BNHWW\ssqbn[1].exe/data0003 Infected: Trojan-Downloader.Win32.Small.ajc skipped C:\Documents and Settings\Arnaud & Gaëlle\Local Settings\Temporary Internet Files\Content.IE5\NB9BNHWW\ssqbn[1].exe NSIS: infected - 2 skipped C:\Documents and Settings\Arnaud & Gaëlle\Local Settings\Temporary Internet Files\Content.IE5\UDZ49CZ6\VSL13[1].exe/data0004 Infected: Trojan-Downloader.Win32.Small.ctp skipped C:\Documents and Settings\Arnaud & Gaëlle\Local Settings\Temporary Internet Files\Content.IE5\UDZ49CZ6\VSL13[1].exe/data0005 Infected: Trojan-Downloader.Win32.Small.ajc skipped C:\Documents and Settings\Arnaud & Gaëlle\Local Settings\Temporary Internet Files\Content.IE5\UDZ49CZ6\VSL13[1].exe NSIS: infected - 2 skipped C:\Documents and Settings\Arnaud & Gaëlle\NTUSER.DAT Object is locked skipped C:\Documents and Settings\Arnaud & Gaëlle\ntuser.dat.LOG Object is locked skipped C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Historique\History.IE5\index.dat Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped C:\Program Files\microsoft office\office10\Startup\PALMAPP.DOT Object is locked skipped C:\Program Files\Securitoo\av_fw\backweb\1044199\Users\Default\Data\chandir.dat Object is locked skipped C:\Program Files\Securitoo\av_fw\backweb\1044199\Users\Default\Data\chandir.idx Object is locked skipped C:\Program Files\Securitoo\av_fw\backweb\1044199\Users\Default\Data\chn.dat Object is locked skipped C:\Program Files\Securitoo\av_fw\backweb\1044199\Users\Default\Data\chn.idx Object is locked skipped C:\Program Files\Securitoo\av_fw\backweb\1044199\Users\Default\Data\D0000000.FCS Object is locked skipped C:\Program Files\Securitoo\av_fw\backweb\1044199\Users\Default\Data\inuse.txt Object is locked skipped C:\Program Files\Securitoo\av_fw\backweb\1044199\Users\Default\Data\L0000066.FCS Object is locked skipped C:\Program Files\Securitoo\av_fw\backweb\1044199\Users\Default\Data\main.log Object is locked skipped C:\Program Files\Securitoo\av_fw\backweb\1044199\Users\Default\Data\prs.dat Object is locked skipped C:\Program Files\Securitoo\av_fw\backweb\1044199\Users\Default\Data\prs.idx Object is locked skipped C:\Program Files\Securitoo\av_fw\backweb\1044199\Users\Default\Data\prs_die.dat Object is locked skipped C:\Program Files\Securitoo\av_fw\backweb\1044199\Users\Default\Data\prs_die.idx Object is locked skipped C:\Program Files\Securitoo\av_fw\backweb\1044199\Users\Default\Data\prs_dnd.dat Object is locked skipped C:\Program Files\Securitoo\av_fw\backweb\1044199\Users\Default\Data\prs_dnd.idx Object is locked skipped C:\Program Files\Securitoo\av_fw\backweb\1044199\Users\Default\Data\prs_ext.dat Object is locked skipped C:\Program Files\Securitoo\av_fw\backweb\1044199\Users\Default\Data\prs_ext.idx Object is locked skipped C:\Program Files\Securitoo\av_fw\backweb\1044199\Users\Default\Data\prs_rcv.dat Object is locked skipped C:\Program Files\Securitoo\av_fw\backweb\1044199\Users\Default\Data\prs_rcv.idx Object is locked skipped C:\Program Files\Securitoo\av_fw\backweb\1044199\Users\Default\Data\storydb.dat Object is locked skipped C:\Program Files\Securitoo\av_fw\backweb\1044199\Users\Default\Data\storydb.idx Object is locked skipped C:\Program Files\Securitoo\av_fw\Common\admin.pub Object is locked skipped C:\Program Files\Securitoo\av_fw\Common\policy.bpf Object is locked skipped C:\Program Files\Securitoo\av_fw\Common\policy.ipf Object is locked skipped C:\RECYCLER\S-1-5-21-2959807814-4245377468-3862779245-1007\Dc780.exe/data0002 Infected: Trojan-Downloader.Win32.Small.ajc skipped C:\RECYCLER\S-1-5-21-2959807814-4245377468-3862779245-1007\Dc780.exe/data0003 Infected: Trojan-Downloader.Win32.Small.ajc skipped C:\RECYCLER\S-1-5-21-2959807814-4245377468-3862779245-1007\Dc780.exe NSIS: infected - 2 skipped C:\RECYCLER\S-1-5-21-2959807814-4245377468-3862779245-1007\Dc802.exe/data0004 Infected: Trojan-Downloader.Win32.Small.ctp skipped C:\RECYCLER\S-1-5-21-2959807814-4245377468-3862779245-1007\Dc802.exe/data0005 Infected: Trojan-Downloader.Win32.Small.ajc skipped C:\RECYCLER\S-1-5-21-2959807814-4245377468-3862779245-1007\Dc802.exe NSIS: infected - 2 skipped C:\USB1G\X-Ways WinHex v12.9 SR-6.zip/crack.exe Infected: Packed.Win32.Tibs skipped C:\USB1G\X-Ways WinHex v12.9 SR-6.zip ZIP: infected - 1 skipped C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped C:\WINDOWS\RESTORE.INS/C:/OEMCUST/TOOLS/WIN32/PSKILL.EXE Infected: not-a-virus:NetTool.Win32.PsKill skipped C:\WINDOWS\RESTORE.INS ARJ: infected - 1 skipped C:\WINDOWS\SchedLgU.Txt Object is locked skipped C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped C:\WINDOWS\Sti_Trace.log Object is locked skipped C:\WINDOWS\system\RESTORE.INS/C:/OEMCUST/TOOLS/WIN32/PSKILL.EXE Infected: not-a-virus:NetTool.Win32.PsKill skipped C:\WINDOWS\system\RESTORE.INS ARJ: infected - 1 skipped C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped C:\WINDOWS\system32\config\DEFAULT Object is locked skipped C:\WINDOWS\system32\config\default.LOG Object is locked skipped C:\WINDOWS\system32\config\SAM Object is locked skipped C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped C:\WINDOWS\system32\config\SECURITY Object is locked skipped C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped C:\WINDOWS\system32\config\SOFTWARE Object is locked skipped C:\WINDOWS\system32\config\software.LOG Object is locked skipped C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped C:\WINDOWS\system32\config\SYSTEM Object is locked skipped C:\WINDOWS\system32\config\system.LOG Object is locked skipped C:\WINDOWS\system32\h323log.txt Object is locked skipped C:\WINDOWS\system32\ssqbn.exe/data0002 Infected: Trojan-Downloader.Win32.Small.ajc skipped C:\WINDOWS\system32\ssqbn.exe/data0003 Infected: Trojan-Downloader.Win32.Small.ajc skipped C:\WINDOWS\system32\ssqbn.exe NSIS: infected - 2 skipped C:\WINDOWS\system32\VSL13.exe/data0004 Infected: Trojan-Downloader.Win32.Small.ctp skipped C:\WINDOWS\system32\VSL13.exe/data0005 Infected: Trojan-Downloader.Win32.Small.ajc skipped C:\WINDOWS\system32\VSL13.exe NSIS: infected - 2 skipped C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped C:\WINDOWS\wiadebug.log Object is locked skipped C:\WINDOWS\wiaservc.log Object is locked skipped C:\WINDOWS\WindowsUpdate.log Object is locked skipped Scan process completed.

Bjr, Mon antivirus (Securitoo/F-Secure) repère des trojan-downloaders dont je n'arrive pas à me débarrasser, même en suivant quelques conseils postés sur ces forums (avec ewido, kaspersky etc). Kaspersky repère par ailleurs un 10aine de virus. Que-faire ? Voici mon dernier log HijackThis (renommé en Scanner.exe) et F-Secure Black light : Logfile of HijackThis v1.99.1 Scan saved at 16:39:31, on 07/09/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\PROGRA~1\SECURI~1\av_fw\backweb\1044199\Program\SERVIC~1.EXE C:\Program Files\Securitoo\av_fw\Anti-Virus\fsgk32st.exe C:\Program Files\Securitoo\av_fw\Anti-Virus\FSGK32.EXE C:\Program Files\Securitoo\av_fw\backweb\1044199\program\fsbwsys.exe C:\Program Files\Securitoo\av_fw\Anti-Virus\fssm32.exe C:\Program Files\Securitoo\av_fw\fswsclds.exe C:\WINDOWS\System32\FTRTSVC.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe C:\WINDOWS\system32\slserv.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe C:\WINDOWS\system32\wwSecure.exe C:\Program Files\Securitoo\av_fw\Common\FSMA32.EXE C:\Program Files\Securitoo\av_fw\Common\FSMB32.EXE C:\Program Files\Securitoo\av_fw\Common\FCH32.EXE C:\Program Files\Securitoo\av_fw\Common\FAMEH32.EXE C:\Program Files\Securitoo\av_fw\Anti-Virus\fsav32.exe C:\Program Files\Securitoo\av_fw\DFW\Program\fsdfwd.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Securitoo\av_fw\Common\FSM32.EXE C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\Virtual CD v4 SDK\system\vcsplay.exe C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe C:\WINDOWS\SOUNDMAN.EXE C:\PROGRA~1\Wanadoo\TaskBarIcon.exe C:\Program Files\Securitoo\av_fw\backweb\1044199\Program\BackWeb-1044199.exe C:\WINDOWS\system32\ctfmon.exe C:\PROGRA~1\MESSAG~1\StartMessager.exe C:\Program Files\Logitech\Video\LogiTray.exe C:\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\WINDOWS\system32\LVComS.exe C:\PROGRA~1\Wanadoo\EspaceWanadoo.exe C:\Program Files\Steganos Internet Anonym 2006\SIA2006.exe C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe C:\PROGRA~1\Wanadoo\ComComp.exe C:\PROGRA~1\Wanadoo\Toaster.exe C:\PROGRA~1\Wanadoo\Inactivity.exe C:\PROGRA~1\Wanadoo\PollingModule.exe C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE C:\PROGRA~1\Wanadoo\Watch.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\WINDOWS\system32\wscntfy.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\microsoft office\office10\WINWORD.EXE C:\WINDOWS\msagent\AgentSvr.exe C:\Documents and Settings\Arnaud & Gaëlle\Bureau\Applications et raccourcis bureau\Setups\hijackthis\Scanner.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O3 - Toolbar: Steganos Internet Anonyme - {00000000-5736-4205-0008-f7ed0776fb27} - c:\program files\steganos internet anonym 2006\sia2006iep.dll O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\Securitoo\av_fw\TNB\TNBUtil.exe" /CHECKALL O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\Securitoo\av_fw\Common\FSM32.EXE" /splash O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [VCSPlayer] "C:\Program Files\Virtual CD v4 SDK\system\vcsplay.exe" O4 - HKLM\..\Run: [OpwareSE2] "C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe" O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [Picasa Media Detector] C:\Documents and Settings\Arnaud & Gaëlle\Mes documents\Picasa2\PicasaMediaDetector.exe O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe /SYNC O4 - HKLM\..\Run: [MessagerStarter Wanadoo] C:\PROGRA~1\MESSAG~1\StartMessager.exe Messager Wanadoo O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [ATIPTA] C:\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\GestMaj.exe EspaceWanadoo.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [sIA2006] "C:\Program Files\Steganos Internet Anonym 2006\SIA2006.exe" -boot O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe O4 - HKCU\..\Run: [Cld2000.exe] C:\Program Files\Calendrier\Cld2000.exe O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html O8 - Extra context menu item: Easy-WebPrint Imprimer - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html O15 - Trusted Zone: http://webmail.wanadoo.fr O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/d...can_unicode.cab O16 - DPF: {15B782AF-55D8-11D1-B477-006097098764} (Macromedia Authorware Web Player Control) - http://www.electricpaper.ie/webplayer5.2/awswaxf.cab O16 - DPF: {16F3737C-E323-46C0-8441-70D3D88AE930} (Inet3.CInet3) - http://srv4.mediapluspro.net/mediaplus560/Download/Inet3.CAB O16 - DPF: {2EF3FB47-7B1E-4536-BA4D-51427BD45DFA} (PIXACO Drag and Drop upload plugin) - http://www.pixaco.fr/static/download/pixacodndupload.cab O16 - DPF: {319FAEE8-6946-4CED-AA4F-8F1B1D216762} (D43311.Module) - http://srv4.mediapluspro.net/mediaplus6/Do...433F/D43311.CAB O16 - DPF: {4E042DE6-8B87-11D3-AE7F-004033D24DBD} (HtmlHelpViewer.CViewerHtml) - http://srv4.mediapluspro.net/mediaplus560/...lHelpViewer.CAB O16 - DPF: {642F50E7-244A-11D5-956E-0040339BF4B0} (Inet1.CInet1) - http://srv4.mediapluspro.net/mediaplus560/Download/Inet1.CAB O16 - DPF: {74F5614A-8A8C-43B4-8CC2-4B4EFAF4A6C5} (TSCCInstall Class) - http://srv4.mediapluspro.net/mediaplus6/Do...ad/tsccinst.cab O16 - DPF: {9D23DDAA-D04A-4384-8C51-7B226626A14C} (IBarre0.CManag) - http://srv4.mediapluspro.net/mediaplus560/Download/ENIBP.CAB O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmesse...pdownloader.cab O16 - DPF: {C7C7152F-6E85-44F3-A14B-A7F85FDDEA3B} (InstallerCtrl Class) - http://v7.e-tmm.com/bin/tol7inst.cab O16 - DPF: {D34D6048-E232-4889-B08C-AF4AFE87A6F6} (ENIInetTools.clsManager) - http://srv4.mediapluspro.net/mediaplus560/...NIInetTools.CAB O16 - DPF: {EE8B6D5F-FEF2-11D0-B13F-00A024798EF3} (Microsoft Search Settings Control) - http://lg.home.microsoft.com/search/lobby/searchsettings.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{47A205C6-FFC7-4796-AFE7-F3839404F6E2}: NameServer = 80.10.246.130 80.10.246.3 O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: AutoComplete Service (Autocomplete) - Acesoft - C:\Program Files\Acesoft\Tracks Eraser Pro\delautocomp.exe O23 - Service: Securitoo AntiVirus Firewall (BackWeb Client - 1044199) - Unknown owner - C:\PROGRA~1\SECURI~1\av_fw\backweb\1044199\Program\SERVIC~1.EXE O23 - Service: F-Secure Gatekeeper Handler Starter - F-Secure Corp. - C:\Program Files\Securitoo\av_fw\Anti-Virus\fsgk32st.exe O23 - Service: F-Secure Authentication Agent (FSAA) - Unknown owner - C:\Program Files\Securitoo\av_fw\Common\FSAA.EXE (file missing) O23 - Service: fsbwsys - F-Secure Corp. - C:\Program Files\Securitoo\av_fw\backweb\1044199\program\fsbwsys.exe O23 - Service: F-Secure Distributed Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\Securitoo\av_fw\DFW\Program\fsdfwd.exe O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\Securitoo\av_fw\Common\FSMA32.EXE O23 - Service: F-Secure Windows Security Center Legacy Detection Service (Fswsclds) - F-Secure Corporation - C:\Program Files\Securitoo\av_fw\fswsclds.exe O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: PurgeIE XP Service (PurgeIEservice) - Unknown owner - I:\Purgeie\PurgeIE\PurgeIE_Service.exe (file missing) O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe O23 - Service: Virtual CD v4 Security service (SDK - Version) (VCSSecS) - H+H Software GmbH - C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe O23 - Service: Washer Security Access (wwSecSvc) - Webroot Software, Inc. - C:\WINDOWS\system32\wwSecure.exe Le rapport Black Light : 09/07/06 11:32:27 [info]: BlackLight Engine 1.0.46 initialized 09/07/06 11:32:27 [info]: OS: 5.1 build 2600 (Service Pack 2) 09/07/06 11:32:33 [Note]: 7019 4 09/07/06 11:32:33 [Note]: 7005 0 09/07/06 11:32:48 [Note]: 7006 0 09/07/06 11:32:48 [Note]: 7011 1904 09/07/06 11:32:49 [Note]: 7026 0 09/07/06 11:32:49 [Note]: 7026 0 09/07/06 11:34:01 [Note]: FSRAW library version 1.7.1019 09/07/06 11:59:51 [Note]: 2000 1006 09/07/06 11:59:51 [Note]: 2000 1006 09/07/06 11:59:51 [Note]: 2000 1006 09/07/06 11:59:51 [Note]: 2000 1006 09/07/06 12:04:29 [Note]: 7007 0 Merci de votre aide !