Aller au contenu

  • Pas encore inscrit ?

    Pourquoi ne pas vous inscrire ? C'est simple, rapide et gratuit.
    Pour en savoir plus, lisez Les avantages de l'inscription... et la Charte de Zébulon.
    De plus, les messages que vous postez en tant qu'invité restent invisibles tant qu'un modérateur ne les a pas validés. Inscrivez-vous, ce sera un gain de temps pour tout le monde, vous, les helpeurs et les modérateurs ! :wink:

Trojan-downloader small et agent !!! Help !

Arnaud 44

Par Arnaud 44
dans Analyses et éradication malwares

 Partager

Messages recommandés

Arnaud 44 Junior Member

Arnaud 44

Posté(e)
Posté(e)

Bjr,

 

Mon antivirus (Securitoo/F-Secure) repère des trojan-downloaders dont je n'arrive pas à me débarrasser, même en suivant quelques conseils postés sur ces forums (avec ewido, kaspersky etc). Kaspersky repère par ailleurs un 10aine de virus.

Que-faire ?

 

Voici mon dernier log HijackThis (renommé en Scanner.exe) et F-Secure Black light :

 

Logfile of HijackThis v1.99.1

Scan saved at 16:39:31, on 07/09/2006

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\PROGRA~1\SECURI~1\av_fw\backweb\1044199\Program\SERVIC~1.EXE

C:\Program Files\Securitoo\av_fw\Anti-Virus\fsgk32st.exe

C:\Program Files\Securitoo\av_fw\Anti-Virus\FSGK32.EXE

C:\Program Files\Securitoo\av_fw\backweb\1044199\program\fsbwsys.exe

C:\Program Files\Securitoo\av_fw\Anti-Virus\fssm32.exe

C:\Program Files\Securitoo\av_fw\fswsclds.exe

C:\WINDOWS\System32\FTRTSVC.exe

C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe

C:\WINDOWS\system32\slserv.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe

C:\WINDOWS\system32\wwSecure.exe

C:\Program Files\Securitoo\av_fw\Common\FSMA32.EXE

C:\Program Files\Securitoo\av_fw\Common\FSMB32.EXE

C:\Program Files\Securitoo\av_fw\Common\FCH32.EXE

C:\Program Files\Securitoo\av_fw\Common\FAMEH32.EXE

C:\Program Files\Securitoo\av_fw\Anti-Virus\fsav32.exe

C:\Program Files\Securitoo\av_fw\DFW\Program\fsdfwd.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Securitoo\av_fw\Common\FSM32.EXE

C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe

C:\Program Files\QuickTime\qttask.exe

C:\Program Files\Virtual CD v4 SDK\system\vcsplay.exe

C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe

C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe

C:\WINDOWS\SOUNDMAN.EXE

C:\PROGRA~1\Wanadoo\TaskBarIcon.exe

C:\Program Files\Securitoo\av_fw\backweb\1044199\Program\BackWeb-1044199.exe

C:\WINDOWS\system32\ctfmon.exe

C:\PROGRA~1\MESSAG~1\StartMessager.exe

C:\Program Files\Logitech\Video\LogiTray.exe

C:\ATI Technologies\ATI Control Panel\atiptaxx.exe

C:\WINDOWS\system32\LVComS.exe

C:\PROGRA~1\Wanadoo\EspaceWanadoo.exe

C:\Program Files\Steganos Internet Anonym 2006\SIA2006.exe

C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe

C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe

C:\PROGRA~1\Wanadoo\ComComp.exe

C:\PROGRA~1\Wanadoo\Toaster.exe

C:\PROGRA~1\Wanadoo\Inactivity.exe

C:\PROGRA~1\Wanadoo\PollingModule.exe

C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE

C:\PROGRA~1\Wanadoo\Watch.exe

C:\Program Files\Internet Explorer\IEXPLORE.EXE

C:\WINDOWS\system32\wscntfy.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\microsoft office\office10\WINWORD.EXE

C:\WINDOWS\msagent\AgentSvr.exe

C:\Documents and Settings\Arnaud & Gaëlle\Bureau\Applications et raccourcis bureau\Setups\hijackthis\Scanner.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens

R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll

O3 - Toolbar: Steganos Internet Anonyme - {00000000-5736-4205-0008-f7ed0776fb27} - c:\program files\steganos internet anonym 2006\sia2006iep.dll

O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll

O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\Securitoo\av_fw\TNB\TNBUtil.exe" /CHECKALL

O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\Securitoo\av_fw\Common\FSM32.EXE" /splash

O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [VCSPlayer] "C:\Program Files\Virtual CD v4 SDK\system\vcsplay.exe"

O4 - HKLM\..\Run: [OpwareSE2] "C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe"

O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe

O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe

O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE

O4 - HKLM\..\Run: [Picasa Media Detector] C:\Documents and Settings\Arnaud & Gaëlle\Mes documents\Picasa2\PicasaMediaDetector.exe

O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC

O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName

O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe /SYNC

O4 - HKLM\..\Run: [MessagerStarter Wanadoo] C:\PROGRA~1\MESSAG~1\StartMessager.exe Messager Wanadoo

O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe

O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe

O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32

O4 - HKLM\..\Run: [ATIPTA] C:\ATI Technologies\ATI Control Panel\atiptaxx.exe

O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe

O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\GestMaj.exe EspaceWanadoo.exe

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [sIA2006] "C:\Program Files\Steganos Internet Anonym 2006\SIA2006.exe" -boot

O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe

O4 - HKCU\..\Run: [Cld2000.exe] C:\Program Files\Calendrier\Cld2000.exe

O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe

O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe

O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe

O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe

O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html

O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html

O8 - Extra context menu item: Easy-WebPrint Imprimer - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html

O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html

O15 - Trusted Zone: http://webmail.wanadoo.fr

O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/d...can_unicode.cab

O16 - DPF: {15B782AF-55D8-11D1-B477-006097098764} (Macromedia Authorware Web Player Control) - http://www.electricpaper.ie/webplayer5.2/awswaxf.cab

O16 - DPF: {16F3737C-E323-46C0-8441-70D3D88AE930} (Inet3.CInet3) - http://srv4.mediapluspro.net/mediaplus560/Download/Inet3.CAB

O16 - DPF: {2EF3FB47-7B1E-4536-BA4D-51427BD45DFA} (PIXACO Drag and Drop upload plugin) - http://www.pixaco.fr/static/download/pixacodndupload.cab

O16 - DPF: {319FAEE8-6946-4CED-AA4F-8F1B1D216762} (D43311.Module) - http://srv4.mediapluspro.net/mediaplus6/Do...433F/D43311.CAB

O16 - DPF: {4E042DE6-8B87-11D3-AE7F-004033D24DBD} (HtmlHelpViewer.CViewerHtml) - http://srv4.mediapluspro.net/mediaplus560/...lHelpViewer.CAB

O16 - DPF: {642F50E7-244A-11D5-956E-0040339BF4B0} (Inet1.CInet1) - http://srv4.mediapluspro.net/mediaplus560/Download/Inet1.CAB

O16 - DPF: {74F5614A-8A8C-43B4-8CC2-4B4EFAF4A6C5} (TSCCInstall Class) - http://srv4.mediapluspro.net/mediaplus6/Do...ad/tsccinst.cab

O16 - DPF: {9D23DDAA-D04A-4384-8C51-7B226626A14C} (IBarre0.CManag) - http://srv4.mediapluspro.net/mediaplus560/Download/ENIBP.CAB

O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmesse...pdownloader.cab

O16 - DPF: {C7C7152F-6E85-44F3-A14B-A7F85FDDEA3B} (InstallerCtrl Class) - http://v7.e-tmm.com/bin/tol7inst.cab

O16 - DPF: {D34D6048-E232-4889-B08C-AF4AFE87A6F6} (ENIInetTools.clsManager) - http://srv4.mediapluspro.net/mediaplus560/...NIInetTools.CAB

O16 - DPF: {EE8B6D5F-FEF2-11D0-B13F-00A024798EF3} (Microsoft Search Settings Control) - http://lg.home.microsoft.com/search/lobby/searchsettings.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{47A205C6-FFC7-4796-AFE7-F3839404F6E2}: NameServer = 80.10.246.130 80.10.246.3

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)

O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll

O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe

O23 - Service: AutoComplete Service (Autocomplete) - Acesoft - C:\Program Files\Acesoft\Tracks Eraser Pro\delautocomp.exe

O23 - Service: Securitoo AntiVirus Firewall (BackWeb Client - 1044199) - Unknown owner - C:\PROGRA~1\SECURI~1\av_fw\backweb\1044199\Program\SERVIC~1.EXE

O23 - Service: F-Secure Gatekeeper Handler Starter - F-Secure Corp. - C:\Program Files\Securitoo\av_fw\Anti-Virus\fsgk32st.exe

O23 - Service: F-Secure Authentication Agent (FSAA) - Unknown owner - C:\Program Files\Securitoo\av_fw\Common\FSAA.EXE (file missing)

O23 - Service: fsbwsys - F-Secure Corp. - C:\Program Files\Securitoo\av_fw\backweb\1044199\program\fsbwsys.exe

O23 - Service: F-Secure Distributed Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\Securitoo\av_fw\DFW\Program\fsdfwd.exe

O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\Securitoo\av_fw\Common\FSMA32.EXE

O23 - Service: F-Secure Windows Security Center Legacy Detection Service (Fswsclds) - F-Secure Corporation - C:\Program Files\Securitoo\av_fw\fswsclds.exe

O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: PurgeIE XP Service (PurgeIEservice) - Unknown owner - I:\Purgeie\PurgeIE\PurgeIE_Service.exe (file missing)

O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe

O23 - Service: Virtual CD v4 Security service (SDK - Version) (VCSSecS) - H+H Software GmbH - C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe

O23 - Service: Washer Security Access (wwSecSvc) - Webroot Software, Inc. - C:\WINDOWS\system32\wwSecure.exe

 

 

Le rapport Black Light :

 

09/07/06 11:32:27 [info]: BlackLight Engine 1.0.46 initialized

09/07/06 11:32:27 [info]: OS: 5.1 build 2600 (Service Pack 2)

09/07/06 11:32:33 [Note]: 7019 4

09/07/06 11:32:33 [Note]: 7005 0

09/07/06 11:32:48 [Note]: 7006 0

09/07/06 11:32:48 [Note]: 7011 1904

09/07/06 11:32:49 [Note]: 7026 0

09/07/06 11:32:49 [Note]: 7026 0

09/07/06 11:34:01 [Note]: FSRAW library version 1.7.1019

09/07/06 11:59:51 [Note]: 2000 1006

09/07/06 11:59:51 [Note]: 2000 1006

09/07/06 11:59:51 [Note]: 2000 1006

09/07/06 11:59:51 [Note]: 2000 1006

09/07/06 12:04:29 [Note]: 7007 0

 

Merci de votre aide !

Lien vers le commentaire
Partager sur d’autres sites

Arnaud 44 Junior Member

Arnaud 44

Posté(e)
  • Auteur
Posté(e)

Malekal_morte,

 

 

Voici le rapport Kaspersky qui indique les "critical areas" infectées, puis l'autre rapport de scan effectué sur les disques "My computer". Que me conseilles-tu ?

 

-------------------------------------------------------------------------------

KASPERSKY ONLINE SCANNER REPORT

Thursday, September 07, 2006 2:50:52 PM

Operating System: Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600)

Kaspersky Online Scanner version: 5.0.83.0

Kaspersky Anti-Virus database last update: 7/09/2006

Kaspersky Anti-Virus database records: 221533

-------------------------------------------------------------------------------

 

Scan Settings:

Scan using the following antivirus database: extended

Scan Archives: true

Scan Mail Bases: true

 

Scan Target - Critical Areas:

C:\WINDOWS

C:\DOCUME~1\ARNAUD~1\LOCALS~1\Temp\

 

Scan Statistics:

Total number of scanned objects: 22901

Number of viruses found: 3

Number of infected objects: 10 / 0

Number of suspicious objects: 0

Duration of the scan process: 00:23:45

 

Infected Object Name / Virus Name / Last Action

C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped

C:\WINDOWS\RESTORE.INS/C:/OEMCUST/TOOLS/WIN32/PSKILL.EXE Infected: not-a-virus:NetTool.Win32.PsKill skipped

C:\WINDOWS\RESTORE.INS ARJ: infected - 1 skipped

C:\WINDOWS\SchedLgU.Txt Object is locked skipped

C:\WINDOWS\SoftwareDistribution\EventCache\{6EBBA271-0837-4A91-B164-3F55412F2240}.bin Object is locked skipped

C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped

C:\WINDOWS\Sti_Trace.log Object is locked skipped

C:\WINDOWS\system\RESTORE.INS/C:/OEMCUST/TOOLS/WIN32/PSKILL.EXE Infected: not-a-virus:NetTool.Win32.PsKill skipped

C:\WINDOWS\system\RESTORE.INS ARJ: infected - 1 skipped

C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped

C:\WINDOWS\system32\config\DEFAULT Object is locked skipped

C:\WINDOWS\system32\config\default.LOG Object is locked skipped

C:\WINDOWS\system32\config\SAM Object is locked skipped

C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped

C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped

C:\WINDOWS\system32\config\SECURITY Object is locked skipped

C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped

C:\WINDOWS\system32\config\SOFTWARE Object is locked skipped

C:\WINDOWS\system32\config\software.LOG Object is locked skipped

C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped

C:\WINDOWS\system32\config\SYSTEM Object is locked skipped

C:\WINDOWS\system32\config\system.LOG Object is locked skipped

C:\WINDOWS\system32\h323log.txt Object is locked skipped

C:\WINDOWS\system32\ssqbn.exe/data0002 Infected: Trojan-Downloader.Win32.Small.ajc skipped

C:\WINDOWS\system32\ssqbn.exe/data0003 Infected: Trojan-Downloader.Win32.Small.ajc skipped

C:\WINDOWS\system32\ssqbn.exe NSIS: infected - 2 skipped

C:\WINDOWS\system32\VSL13.exe/data0004 Infected: Trojan-Downloader.Win32.Small.ctp skipped

C:\WINDOWS\system32\VSL13.exe/data0005 Infected: Trojan-Downloader.Win32.Small.ajc skipped

C:\WINDOWS\system32\VSL13.exe NSIS: infected - 2 skipped

C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped

C:\WINDOWS\wiadebug.log Object is locked skipped

C:\WINDOWS\wiaservc.log Object is locked skipped

C:\WINDOWS\WindowsUpdate.log Object is locked skipped

 

Scan process completed.

 

 

-------------------------------------------------------------------------------

KASPERSKY ONLINE SCANNER REPORT

Thursday, September 7, 2006 11:58:55 AM

Operating System: Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600)

Kaspersky Online Scanner version: 5.0.83.0

Kaspersky Anti-Virus database last update: 7/09/2006

Kaspersky Anti-Virus database records: 221409

-------------------------------------------------------------------------------

 

Scan Settings:

Scan using the following antivirus database: extended

Scan Archives: true

Scan Mail Bases: true

 

Scan Target - My Computer:

A:\

C:\

D:\

E:\

F:\

G:\

H:\

 

Scan Statistics:

Total number of scanned objects: 96048

Number of viruses found: 10

Number of infected objects: 43 / 0

Number of suspicious objects: 2

Duration of the scan process: 02:27:12

 

Infected Object Name / Virus Name / Last Action

C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped

C:\Documents and Settings\Arnaud & Gaëlle\Application Data\Microsoft\Modèles\Normal.dot Object is locked skipped

C:\Documents and Settings\Arnaud & Gaëlle\Application Data\Microsoft\Word\~WRA0000.asd Object is locked skipped

C:\Documents and Settings\Arnaud & Gaëlle\Application Data\Phoenix\Profiles\default\o0pdhv5q.slt\Cache\633285D9d01/SmitfraudFix/Reboot.exe Infected: not-a-virus:RiskTool.Win32.Reboot.f skipped

C:\Documents and Settings\Arnaud & Gaëlle\Application Data\Phoenix\Profiles\default\o0pdhv5q.slt\Cache\633285D9d01 ZIP: infected - 1 skipped

C:\Documents and Settings\Arnaud & Gaëlle\Application Data\Phoenix\Profiles\default\o0pdhv5q.slt\Cache\7E03A035d01/clean/pskill.exe Infected: not-a-virus:RiskTool.Win32.PsKill.k skipped

C:\Documents and Settings\Arnaud & Gaëlle\Application Data\Phoenix\Profiles\default\o0pdhv5q.slt\Cache\7E03A035d01 ZIP: infected - 1 skipped

C:\Documents and Settings\Arnaud & Gaëlle\Application Data\Phoenix\Profiles\default\o0pdhv5q.slt\Cache\_CACHE_001_ Object is locked skipped

C:\Documents and Settings\Arnaud & Gaëlle\Application Data\Phoenix\Profiles\default\o0pdhv5q.slt\Cache\_CACHE_002_ Object is locked skipped

C:\Documents and Settings\Arnaud & Gaëlle\Application Data\Phoenix\Profiles\default\o0pdhv5q.slt\Cache\_CACHE_003_ Object is locked skipped

C:\Documents and Settings\Arnaud & Gaëlle\Application Data\Phoenix\Profiles\default\o0pdhv5q.slt\Cache\_CACHE_MAP_ Object is locked skipped

C:\Documents and Settings\Arnaud & Gaëlle\Application Data\Phoenix\Profiles\default\o0pdhv5q.slt\cert8.db Object is locked skipped

C:\Documents and Settings\Arnaud & Gaëlle\Application Data\Phoenix\Profiles\default\o0pdhv5q.slt\formhistory.dat Object is locked skipped

C:\Documents and Settings\Arnaud & Gaëlle\Application Data\Phoenix\Profiles\default\o0pdhv5q.slt\history.dat Object is locked skipped

C:\Documents and Settings\Arnaud & Gaëlle\Application Data\Phoenix\Profiles\default\o0pdhv5q.slt\key3.db Object is locked skipped

C:\Documents and Settings\Arnaud & Gaëlle\Application Data\Phoenix\Profiles\default\o0pdhv5q.slt\parent.lock Object is locked skipped

C:\Documents and Settings\Arnaud & Gaëlle\Bureau\clean_old\clean\pskill.exe Infected: not-a-virus:RiskTool.Win32.PsKill.k skipped

C:\Documents and Settings\Arnaud & Gaëlle\Bureau\clean_old.zip/clean/pskill.exe Infected: not-a-virus:RiskTool.Win32.PsKill.k skipped

C:\Documents and Settings\Arnaud & Gaëlle\Bureau\clean_old.zip ZIP: infected - 1 skipped

C:\Documents and Settings\Arnaud & Gaëlle\Bureau\SmitfraudFix.zip/SmitfraudFix/Reboot.exe Infected: not-a-virus:RiskTool.Win32.Reboot.f skipped

C:\Documents and Settings\Arnaud & Gaëlle\Bureau\SmitfraudFix.zip ZIP: infected - 1 skipped

C:\Documents and Settings\Arnaud & Gaëlle\Cookies\index.dat Object is locked skipped

C:\Documents and Settings\Arnaud & Gaëlle\Local Settings\Application Data\Identities\{C7AEEBAE-5E7F-418F-B832-C7518D1AA7AC}\Microsoft\Outlook Express\Éléments supprimés.dbx/[From [email protected]][Date Fri, 28 May 2004 20:38:43 +0200]/UNNAMED/UNNAMED/html Suspicious: Exploit.HTML.Iframe.FileDownload skipped

C:\Documents and Settings\Arnaud & Gaëlle\Local Settings\Application Data\Identities\{C7AEEBAE-5E7F-418F-B832-C7518D1AA7AC}\Microsoft\Outlook Express\Éléments supprimés.dbx/[From [email protected]][Date Fri, 28 May 2004 20:38:43 +0200]/UNNAMED/UNNAMED Suspicious: Exploit.HTML.Iframe.FileDownload skipped

C:\Documents and Settings\Arnaud & Gaëlle\Local Settings\Application Data\Identities\{C7AEEBAE-5E7F-418F-B832-C7518D1AA7AC}\Microsoft\Outlook Express\Éléments supprimés.dbx/[From [email protected]][Date Fri, 28 May 2004 20:38:43 +0200]/UNNAMED/message.scr Infected: Email-Worm.Win32.NetSky.q skipped

C:\Documents and Settings\Arnaud & Gaëlle\Local Settings\Application Data\Identities\{C7AEEBAE-5E7F-418F-B832-C7518D1AA7AC}\Microsoft\Outlook Express\Éléments supprimés.dbx/[From [email protected]][Date Fri, 28 May 2004 20:38:43 +0200]/UNNAMED Infected: Email-Worm.Win32.NetSky.q skipped

C:\Documents and Settings\Arnaud & Gaëlle\Local Settings\Application Data\Identities\{C7AEEBAE-5E7F-418F-B832-C7518D1AA7AC}\Microsoft\Outlook Express\Éléments supprimés.dbx/[From [email protected]][Date Fri, 28 May 2004 20:34:26 +0200]/UNNAMED/document.txt Infected: Email-Worm.Win32.NetSky.q skipped

C:\Documents and Settings\Arnaud & Gaëlle\Local Settings\Application Data\Identities\{C7AEEBAE-5E7F-418F-B832-C7518D1AA7AC}\Microsoft\Outlook Express\Éléments supprimés.dbx/[From [email protected]][Date Fri, 28 May 2004 20:34:26 +0200]/UNNAMED Infected: Email-Worm.Win32.NetSky.q skipped

C:\Documents and Settings\Arnaud & Gaëlle\Local Settings\Application Data\Identities\{C7AEEBAE-5E7F-418F-B832-C7518D1AA7AC}\Microsoft\Outlook Express\Éléments supprimés.dbx/[From [email protected] (Mail Delivery System)][Date Sat, 12 Jun 2004 14:04:27 +0200 (CEST)]/UNNAMED/UNNAMED/[From [email protected]][Date Sat, 12 Jun 2004 14:03:57 +0200]/warez_portmoney.zip/warez_portmoney.doc.com Infected: Email-Worm.Win32.NetSky.c skipped

C:\Documents and Settings\Arnaud & Gaëlle\Local Settings\Application Data\Identities\{C7AEEBAE-5E7F-418F-B832-C7518D1AA7AC}\Microsoft\Outlook Express\Éléments supprimés.dbx/[From [email protected] (Mail Delivery System)][Date Sat, 12 Jun 2004 14:04:27 +0200 (CEST)]/UNNAMED/UNNAMED/[From [email protected]][Date Sat, 12 Jun 2004 14:03:57 +0200]/warez_portmoney.zip Infected: Email-Worm.Win32.NetSky.c skipped

C:\Documents and Settings\Arnaud & Gaëlle\Local Settings\Application Data\Identities\{C7AEEBAE-5E7F-418F-B832-C7518D1AA7AC}\Microsoft\Outlook Express\Éléments supprimés.dbx/[From [email protected] (Mail Delivery System)][Date Sat, 12 Jun 2004 14:04:27 +0200 (CEST)]/UNNAMED/UNNAMED Infected: Email-Worm.Win32.NetSky.c skipped

C:\Documents and Settings\Arnaud & Gaëlle\Local Settings\Application Data\Identities\{C7AEEBAE-5E7F-418F-B832-C7518D1AA7AC}\Microsoft\Outlook Express\Éléments supprimés.dbx/[From [email protected] (Mail Delivery System)][Date Sat, 12 Jun 2004 14:04:27 +0200 (CEST)]/UNNAMED Infected: Email-Worm.Win32.NetSky.c skipped

C:\Documents and Settings\Arnaud & Gaëlle\Local Settings\Application Data\Identities\{C7AEEBAE-5E7F-418F-B832-C7518D1AA7AC}\Microsoft\Outlook Express\Éléments supprimés.dbx Mail MS Outlook 5: infected - 8, suspicious - 2 skipped

C:\Documents and Settings\Arnaud & Gaëlle\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped

C:\Documents and Settings\Arnaud & Gaëlle\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped

C:\Documents and Settings\Arnaud & Gaëlle\Local Settings\Historique\History.IE5\index.dat Object is locked skipped

C:\Documents and Settings\Arnaud & Gaëlle\Local Settings\Historique\History.IE5\MSHist012006083120060901\index.dat Object is locked skipped

C:\Documents and Settings\Arnaud & Gaëlle\Local Settings\Temp\~DF51A1.tmp Object is locked skipped

C:\Documents and Settings\Arnaud & Gaëlle\Local Settings\Temp\~DF5493.tmp Object is locked skipped

C:\Documents and Settings\Arnaud & Gaëlle\Local Settings\Temp\~DF848A.tmp Object is locked skipped

C:\Documents and Settings\Arnaud & Gaëlle\Local Settings\Temp\~DF8576.tmp Object is locked skipped

C:\Documents and Settings\Arnaud & Gaëlle\Local Settings\Temp\~WRD0003.doc Object is locked skipped

C:\Documents and Settings\Arnaud & Gaëlle\Local Settings\Temp\~WRS0004.tmp Object is locked skipped

C:\Documents and Settings\Arnaud & Gaëlle\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped

C:\Documents and Settings\Arnaud & Gaëlle\Local Settings\Temporary Internet Files\Content.IE5\NB9BNHWW\SPLOIT[1].0NR Infected: Trojan-Downloader.Win32.Ani.c skipped

C:\Documents and Settings\Arnaud & Gaëlle\Local Settings\Temporary Internet Files\Content.IE5\NB9BNHWW\ssqbn[1].exe/data0002 Infected: Trojan-Downloader.Win32.Small.ajc skipped

C:\Documents and Settings\Arnaud & Gaëlle\Local Settings\Temporary Internet Files\Content.IE5\NB9BNHWW\ssqbn[1].exe/data0003 Infected: Trojan-Downloader.Win32.Small.ajc skipped

C:\Documents and Settings\Arnaud & Gaëlle\Local Settings\Temporary Internet Files\Content.IE5\NB9BNHWW\ssqbn[1].exe NSIS: infected - 2 skipped

C:\Documents and Settings\Arnaud & Gaëlle\Local Settings\Temporary Internet Files\Content.IE5\UDZ49CZ6\VSL13[1].exe/data0004 Infected: Trojan-Downloader.Win32.Small.ctp skipped

C:\Documents and Settings\Arnaud & Gaëlle\Local Settings\Temporary Internet Files\Content.IE5\UDZ49CZ6\VSL13[1].exe/data0005 Infected: Trojan-Downloader.Win32.Small.ajc skipped

C:\Documents and Settings\Arnaud & Gaëlle\Local Settings\Temporary Internet Files\Content.IE5\UDZ49CZ6\VSL13[1].exe NSIS: infected - 2 skipped

C:\Documents and Settings\Arnaud & Gaëlle\NTUSER.DAT Object is locked skipped

C:\Documents and Settings\Arnaud & Gaëlle\ntuser.dat.LOG Object is locked skipped

C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped

C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped

C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped

C:\Documents and Settings\LocalService\Local Settings\Historique\History.IE5\index.dat Object is locked skipped

C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped

C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped

C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped

C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped

C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped

C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped

C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped

C:\Program Files\microsoft office\office10\Startup\PALMAPP.DOT Object is locked skipped

C:\Program Files\Securitoo\av_fw\backweb\1044199\Users\Default\Data\chandir.dat Object is locked skipped

C:\Program Files\Securitoo\av_fw\backweb\1044199\Users\Default\Data\chandir.idx Object is locked skipped

C:\Program Files\Securitoo\av_fw\backweb\1044199\Users\Default\Data\chn.dat Object is locked skipped

C:\Program Files\Securitoo\av_fw\backweb\1044199\Users\Default\Data\chn.idx Object is locked skipped

C:\Program Files\Securitoo\av_fw\backweb\1044199\Users\Default\Data\D0000000.FCS Object is locked skipped

C:\Program Files\Securitoo\av_fw\backweb\1044199\Users\Default\Data\inuse.txt Object is locked skipped

C:\Program Files\Securitoo\av_fw\backweb\1044199\Users\Default\Data\L0000066.FCS Object is locked skipped

C:\Program Files\Securitoo\av_fw\backweb\1044199\Users\Default\Data\main.log Object is locked skipped

C:\Program Files\Securitoo\av_fw\backweb\1044199\Users\Default\Data\prs.dat Object is locked skipped

C:\Program Files\Securitoo\av_fw\backweb\1044199\Users\Default\Data\prs.idx Object is locked skipped

C:\Program Files\Securitoo\av_fw\backweb\1044199\Users\Default\Data\prs_die.dat Object is locked skipped

C:\Program Files\Securitoo\av_fw\backweb\1044199\Users\Default\Data\prs_die.idx Object is locked skipped

C:\Program Files\Securitoo\av_fw\backweb\1044199\Users\Default\Data\prs_dnd.dat Object is locked skipped

C:\Program Files\Securitoo\av_fw\backweb\1044199\Users\Default\Data\prs_dnd.idx Object is locked skipped

C:\Program Files\Securitoo\av_fw\backweb\1044199\Users\Default\Data\prs_ext.dat Object is locked skipped

C:\Program Files\Securitoo\av_fw\backweb\1044199\Users\Default\Data\prs_ext.idx Object is locked skipped

C:\Program Files\Securitoo\av_fw\backweb\1044199\Users\Default\Data\prs_rcv.dat Object is locked skipped

C:\Program Files\Securitoo\av_fw\backweb\1044199\Users\Default\Data\prs_rcv.idx Object is locked skipped

C:\Program Files\Securitoo\av_fw\backweb\1044199\Users\Default\Data\storydb.dat Object is locked skipped

C:\Program Files\Securitoo\av_fw\backweb\1044199\Users\Default\Data\storydb.idx Object is locked skipped

C:\Program Files\Securitoo\av_fw\Common\admin.pub Object is locked skipped

C:\Program Files\Securitoo\av_fw\Common\policy.bpf Object is locked skipped

C:\Program Files\Securitoo\av_fw\Common\policy.ipf Object is locked skipped

C:\RECYCLER\S-1-5-21-2959807814-4245377468-3862779245-1007\Dc780.exe/data0002 Infected: Trojan-Downloader.Win32.Small.ajc skipped

C:\RECYCLER\S-1-5-21-2959807814-4245377468-3862779245-1007\Dc780.exe/data0003 Infected: Trojan-Downloader.Win32.Small.ajc skipped

C:\RECYCLER\S-1-5-21-2959807814-4245377468-3862779245-1007\Dc780.exe NSIS: infected - 2 skipped

C:\RECYCLER\S-1-5-21-2959807814-4245377468-3862779245-1007\Dc802.exe/data0004 Infected: Trojan-Downloader.Win32.Small.ctp skipped

C:\RECYCLER\S-1-5-21-2959807814-4245377468-3862779245-1007\Dc802.exe/data0005 Infected: Trojan-Downloader.Win32.Small.ajc skipped

C:\RECYCLER\S-1-5-21-2959807814-4245377468-3862779245-1007\Dc802.exe NSIS: infected - 2 skipped

C:\USB1G\X-Ways WinHex v12.9 SR-6.zip/crack.exe Infected: Packed.Win32.Tibs skipped

C:\USB1G\X-Ways WinHex v12.9 SR-6.zip ZIP: infected - 1 skipped

C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped

C:\WINDOWS\RESTORE.INS/C:/OEMCUST/TOOLS/WIN32/PSKILL.EXE Infected: not-a-virus:NetTool.Win32.PsKill skipped

C:\WINDOWS\RESTORE.INS ARJ: infected - 1 skipped

C:\WINDOWS\SchedLgU.Txt Object is locked skipped

C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped

C:\WINDOWS\Sti_Trace.log Object is locked skipped

C:\WINDOWS\system\RESTORE.INS/C:/OEMCUST/TOOLS/WIN32/PSKILL.EXE Infected: not-a-virus:NetTool.Win32.PsKill skipped

C:\WINDOWS\system\RESTORE.INS ARJ: infected - 1 skipped

C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped

C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped

C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped

C:\WINDOWS\system32\config\DEFAULT Object is locked skipped

C:\WINDOWS\system32\config\default.LOG Object is locked skipped

C:\WINDOWS\system32\config\SAM Object is locked skipped

C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped

C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped

C:\WINDOWS\system32\config\SECURITY Object is locked skipped

C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped

C:\WINDOWS\system32\config\SOFTWARE Object is locked skipped

C:\WINDOWS\system32\config\software.LOG Object is locked skipped

C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped

C:\WINDOWS\system32\config\SYSTEM Object is locked skipped

C:\WINDOWS\system32\config\system.LOG Object is locked skipped

C:\WINDOWS\system32\h323log.txt Object is locked skipped

C:\WINDOWS\system32\ssqbn.exe/data0002 Infected: Trojan-Downloader.Win32.Small.ajc skipped

C:\WINDOWS\system32\ssqbn.exe/data0003 Infected: Trojan-Downloader.Win32.Small.ajc skipped

C:\WINDOWS\system32\ssqbn.exe NSIS: infected - 2 skipped

C:\WINDOWS\system32\VSL13.exe/data0004 Infected: Trojan-Downloader.Win32.Small.ctp skipped

C:\WINDOWS\system32\VSL13.exe/data0005 Infected: Trojan-Downloader.Win32.Small.ajc skipped

C:\WINDOWS\system32\VSL13.exe NSIS: infected - 2 skipped

C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped

C:\WINDOWS\wiadebug.log Object is locked skipped

C:\WINDOWS\wiaservc.log Object is locked skipped

C:\WINDOWS\WindowsUpdate.log Object is locked skipped

 

Scan process completed.

Lien vers le commentaire
Partager sur d’autres sites
Malekal_morte Godlike Member

Malekal_morte

Posté(e)
Posté(e)

Vide ta corbeille.

Supprime ce fichier : C:\USB1G

Ferme tous tes programmes.

Ensuite : Menu Démarrer / executer et tape : cleanmgr puis clic sur OK

Nettoye les fichiers temporaires et les fichiers temporaires internet.

 

Relanec un scan Kaspersky et copie/colle le nouveau rapport de scan.

Lien vers le commentaire
Partager sur d’autres sites
Arnaud 44 Junior Member

Arnaud 44

Posté(e)
  • Auteur
Posté(e)

Malekal_morte,

 

Voici les nouveaux rapports de scan : 1 virus en moins (YES ! :P ), mais restent tjs Trojan-Downloader.Win32.Small.ctp, Trojan-Downloader.Win32.Small.ajc notamment.

 

=> Tes suggestions pour la suite ??? :P

 

 

1/ SCAN SUR LES "CRITICAL AREAS" :

 

-------------------------------------------------------------------------------

KASPERSKY ONLINE SCANNER REPORT

Thursday, September 07, 2006 8:52:44 PM

Operating System: Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600)

Kaspersky Online Scanner version: 5.0.83.0

Kaspersky Anti-Virus database last update: 7/09/2006

Kaspersky Anti-Virus database records: 221623

-------------------------------------------------------------------------------

 

Scan Settings:

Scan using the following antivirus database: extended

Scan Archives: true

Scan Mail Bases: true

 

Scan Target - Critical Areas:

C:\WINDOWS

C:\DOCUME~1\ARNAUD~1\LOCALS~1\Temp\

 

Scan Statistics:

Total number of scanned objects: 22909

Number of viruses found: 3

Number of infected objects: 10 / 0

Number of suspicious objects: 0

Duration of the scan process: 00:21:40

 

Infected Object Name / Virus Name / Last Action

C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped

C:\WINDOWS\RESTORE.INS/C:/OEMCUST/TOOLS/WIN32/PSKILL.EXE Infected: not-a-virus:NetTool.Win32.PsKill skipped

C:\WINDOWS\RESTORE.INS ARJ: infected - 1 skipped

C:\WINDOWS\SchedLgU.Txt Object is locked skipped

C:\WINDOWS\SoftwareDistribution\EventCache\{6EBBA271-0837-4A91-B164-3F55412F2240}.bin Object is locked skipped

C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped

C:\WINDOWS\Sti_Trace.log Object is locked skipped

C:\WINDOWS\system\RESTORE.INS/C:/OEMCUST/TOOLS/WIN32/PSKILL.EXE Infected: not-a-virus:NetTool.Win32.PsKill skipped

C:\WINDOWS\system\RESTORE.INS ARJ: infected - 1 skipped

C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped

C:\WINDOWS\system32\config\DEFAULT Object is locked skipped

C:\WINDOWS\system32\config\default.LOG Object is locked skipped

C:\WINDOWS\system32\config\SAM Object is locked skipped

C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped

C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped

C:\WINDOWS\system32\config\SECURITY Object is locked skipped

C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped

C:\WINDOWS\system32\config\SOFTWARE Object is locked skipped

C:\WINDOWS\system32\config\software.LOG Object is locked skipped

C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped

C:\WINDOWS\system32\config\SYSTEM Object is locked skipped

C:\WINDOWS\system32\config\system.LOG Object is locked skipped

C:\WINDOWS\system32\h323log.txt Object is locked skipped

C:\WINDOWS\system32\ssqbn.exe/data0002 Infected: Trojan-Downloader.Win32.Small.ajc skipped

C:\WINDOWS\system32\ssqbn.exe/data0003 Infected: Trojan-Downloader.Win32.Small.ajc skipped

C:\WINDOWS\system32\ssqbn.exe NSIS: infected - 2 skipped

C:\WINDOWS\system32\VSL13.exe/data0004 Infected: Trojan-Downloader.Win32.Small.ctp skipped

C:\WINDOWS\system32\VSL13.exe/data0005 Infected: Trojan-Downloader.Win32.Small.ajc skipped

C:\WINDOWS\system32\VSL13.exe NSIS: infected - 2 skipped

C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped

C:\WINDOWS\wiadebug.log Object is locked skipped

C:\WINDOWS\wiaservc.log Object is locked skipped

C:\WINDOWS\WindowsUpdate.log Object is locked skipped

 

Scan process completed.

 

 

2/ SCAN SUR "MY COMPUTER" :

 

-------------------------------------------------------------------------------

KASPERSKY ONLINE SCANNER REPORT

Thursday, September 07, 2006 11:57:35 PM

Operating System: Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600)

Kaspersky Online Scanner version: 5.0.83.0

Kaspersky Anti-Virus database last update: 7/09/2006

Kaspersky Anti-Virus database records: 221628

-------------------------------------------------------------------------------

 

Scan Settings:

Scan using the following antivirus database: extended

Scan Archives: true

Scan Mail Bases: true

 

Scan Target - My Computer:

A:\

C:\

D:\

E:\

F:\

G:\

H:\

 

Scan Statistics:

Total number of scanned objects: 86519

Number of viruses found: 9

Number of infected objects: 32 / 0

Number of suspicious objects: 2

Duration of the scan process: 02:55:46

 

Infected Object Name / Virus Name / Last Action

C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped

C:\Documents and Settings\Arnaud & Gaëlle\Application Data\Microsoft\Modèles\Normal.dot Object is locked skipped

C:\Documents and Settings\Arnaud & Gaëlle\Application Data\Phoenix\Profiles\default\o0pdhv5q.slt\Cache\_CACHE_001_ Object is locked skipped

C:\Documents and Settings\Arnaud & Gaëlle\Application Data\Phoenix\Profiles\default\o0pdhv5q.slt\Cache\_CACHE_002_ Object is locked skipped

C:\Documents and Settings\Arnaud & Gaëlle\Application Data\Phoenix\Profiles\default\o0pdhv5q.slt\Cache\_CACHE_003_ Object is locked skipped

C:\Documents and Settings\Arnaud & Gaëlle\Application Data\Phoenix\Profiles\default\o0pdhv5q.slt\Cache\_CACHE_MAP_ Object is locked skipped

C:\Documents and Settings\Arnaud & Gaëlle\Application Data\Phoenix\Profiles\default\o0pdhv5q.slt\cert8.db Object is locked skipped

C:\Documents and Settings\Arnaud & Gaëlle\Application Data\Phoenix\Profiles\default\o0pdhv5q.slt\formhistory.dat Object is locked skipped

C:\Documents and Settings\Arnaud & Gaëlle\Application Data\Phoenix\Profiles\default\o0pdhv5q.slt\history.dat Object is locked skipped

C:\Documents and Settings\Arnaud & Gaëlle\Application Data\Phoenix\Profiles\default\o0pdhv5q.slt\key3.db Object is locked skipped

C:\Documents and Settings\Arnaud & Gaëlle\Application Data\Phoenix\Profiles\default\o0pdhv5q.slt\parent.lock Object is locked skipped

C:\Documents and Settings\Arnaud & Gaëlle\Bureau\clean_old\clean\pskill.exe Infected: not-a-virus:RiskTool.Win32.PsKill.k skipped

C:\Documents and Settings\Arnaud & Gaëlle\Bureau\clean_old.zip/clean/pskill.exe Infected: not-a-virus:RiskTool.Win32.PsKill.k skipped

C:\Documents and Settings\Arnaud & Gaëlle\Bureau\clean_old.zip ZIP: infected - 1 skipped

C:\Documents and Settings\Arnaud & Gaëlle\Bureau\SmitfraudFix\SmitfraudFix\Reboot.exe Infected: not-a-virus:RiskTool.Win32.Reboot.f skipped

C:\Documents and Settings\Arnaud & Gaëlle\Bureau\SmitfraudFix.zip/SmitfraudFix/Reboot.exe Infected: not-a-virus:RiskTool.Win32.Reboot.f skipped

C:\Documents and Settings\Arnaud & Gaëlle\Bureau\SmitfraudFix.zip ZIP: infected - 1 skipped

C:\Documents and Settings\Arnaud & Gaëlle\Cookies\index.dat Object is locked skipped

C:\Documents and Settings\Arnaud & Gaëlle\Local Settings\Application Data\Identities\{C7AEEBAE-5E7F-418F-B832-C7518D1AA7AC}\Microsoft\Outlook Express\Éléments supprimés.dbx/[From [email protected]][Date Fri, 28 May 2004 20:38:43 +0200]/UNNAMED/UNNAMED/html Suspicious: Exploit.HTML.Iframe.FileDownload skipped

C:\Documents and Settings\Arnaud & Gaëlle\Local Settings\Application Data\Identities\{C7AEEBAE-5E7F-418F-B832-C7518D1AA7AC}\Microsoft\Outlook Express\Éléments supprimés.dbx/[From [email protected]][Date Fri, 28 May 2004 20:38:43 +0200]/UNNAMED/UNNAMED Suspicious: Exploit.HTML.Iframe.FileDownload skipped

C:\Documents and Settings\Arnaud & Gaëlle\Local Settings\Application Data\Identities\{C7AEEBAE-5E7F-418F-B832-C7518D1AA7AC}\Microsoft\Outlook Express\Éléments supprimés.dbx/[From [email protected]][Date Fri, 28 May 2004 20:38:43 +0200]/UNNAMED/message.scr Infected: Email-Worm.Win32.NetSky.q skipped

C:\Documents and Settings\Arnaud & Gaëlle\Local Settings\Application Data\Identities\{C7AEEBAE-5E7F-418F-B832-C7518D1AA7AC}\Microsoft\Outlook Express\Éléments supprimés.dbx/[From [email protected]][Date Fri, 28 May 2004 20:38:43 +0200]/UNNAMED Infected: Email-Worm.Win32.NetSky.q skipped

C:\Documents and Settings\Arnaud & Gaëlle\Local Settings\Application Data\Identities\{C7AEEBAE-5E7F-418F-B832-C7518D1AA7AC}\Microsoft\Outlook Express\Éléments supprimés.dbx/[From [email protected]][Date Fri, 28 May 2004 20:34:26 +0200]/UNNAMED/document.txt Infected: Email-Worm.Win32.NetSky.q skipped

C:\Documents and Settings\Arnaud & Gaëlle\Local Settings\Application Data\Identities\{C7AEEBAE-5E7F-418F-B832-C7518D1AA7AC}\Microsoft\Outlook Express\Éléments supprimés.dbx/[From [email protected]][Date Fri, 28 May 2004 20:34:26 +0200]/UNNAMED Infected: Email-Worm.Win32.NetSky.q skipped

C:\Documents and Settings\Arnaud & Gaëlle\Local Settings\Application Data\Identities\{C7AEEBAE-5E7F-418F-B832-C7518D1AA7AC}\Microsoft\Outlook Express\Éléments supprimés.dbx/[From [email protected] (Mail Delivery System)][Date Sat, 12 Jun 2004 14:04:27 +0200 (CEST)]/UNNAMED/UNNAMED/[From ][Date Sat, 12 Jun 2004 14:03:57 +0200]/warez_portmoney.zip/warez_portmoney.doc.com Infected: Email-Worm.Win32.NetSky.c skipped

C:\Documents and Settings\Arnaud & Gaëlle\Local Settings\Application Data\Identities\{C7AEEBAE-5E7F-418F-B832-C7518D1AA7AC}\Microsoft\Outlook Express\Éléments supprimés.dbx/[From [email protected] (Mail Delivery System)][Date Sat, 12 Jun 2004 14:04:27 +0200 (CEST)]/UNNAMED/UNNAMED/[From ][Date Sat, 12 Jun 2004 14:03:57 +0200]/warez_portmoney.zip Infected: Email-Worm.Win32.NetSky.c skipped

C:\Documents and Settings\Arnaud & Gaëlle\Local Settings\Application Data\Identities\{C7AEEBAE-5E7F-418F-B832-C7518D1AA7AC}\Microsoft\Outlook Express\Éléments supprimés.dbx/[From [email protected] (Mail Delivery System)][Date Sat, 12 Jun 2004 14:04:27 +0200 (CEST)]/UNNAMED/UNNAMED Infected: Email-Worm.Win32.NetSky.c skipped

C:\Documents and Settings\Arnaud & Gaëlle\Local Settings\Application Data\Identities\{C7AEEBAE-5E7F-418F-B832-C7518D1AA7AC}\Microsoft\Outlook Express\Éléments supprimés.dbx/[From [email protected] (Mail Delivery System)][Date Sat, 12 Jun 2004 14:04:27 +0200 (CEST)]/UNNAMED Infected: Email-Worm.Win32.NetSky.c skipped

C:\Documents and Settings\Arnaud & Gaëlle\Local Settings\Application Data\Identities\{C7AEEBAE-5E7F-418F-B832-C7518D1AA7AC}\Microsoft\Outlook Express\Éléments supprimés.dbx Mail MS Outlook 5: infected - 8, suspicious - 2 skipped

C:\Documents and Settings\Arnaud & Gaëlle\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped

C:\Documents and Settings\Arnaud & Gaëlle\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped

C:\Documents and Settings\Arnaud & Gaëlle\Local Settings\Historique\History.IE5\index.dat Object is locked skipped

C:\Documents and Settings\Arnaud & Gaëlle\Local Settings\Temp\~DFB6F9.tmp Object is locked skipped

C:\Documents and Settings\Arnaud & Gaëlle\Local Settings\Temp\~DFBAD3.tmp Object is locked skipped

C:\Documents and Settings\Arnaud & Gaëlle\Local Settings\Temp\~DFF091.tmp Object is locked skipped

C:\Documents and Settings\Arnaud & Gaëlle\Local Settings\Temp\~WRD0000.doc Object is locked skipped

C:\Documents and Settings\Arnaud & Gaëlle\Local Settings\Temp\~WRS0001.tmp Object is locked skipped

C:\Documents and Settings\Arnaud & Gaëlle\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped

C:\Documents and Settings\Arnaud & Gaëlle\Local Settings\Temporary Internet Files\Content.IE5\NB9BNHWW\SPLOIT[1].0NR Infected: Trojan-Downloader.Win32.Ani.c skipped

C:\Documents and Settings\Arnaud & Gaëlle\Local Settings\Temporary Internet Files\Content.IE5\NB9BNHWW\ssqbn[1].exe/data0002 Infected: Trojan-Downloader.Win32.Small.ajc skipped

C:\Documents and Settings\Arnaud & Gaëlle\Local Settings\Temporary Internet Files\Content.IE5\NB9BNHWW\ssqbn[1].exe/data0003 Infected: Trojan-Downloader.Win32.Small.ajc skipped

C:\Documents and Settings\Arnaud & Gaëlle\Local Settings\Temporary Internet Files\Content.IE5\NB9BNHWW\ssqbn[1].exe NSIS: infected - 2 skipped

C:\Documents and Settings\Arnaud & Gaëlle\Local Settings\Temporary Internet Files\Content.IE5\UDZ49CZ6\VSL13[1].exe/data0004 Infected: Trojan-Downloader.Win32.Small.ctp skipped

C:\Documents and Settings\Arnaud & Gaëlle\Local Settings\Temporary Internet Files\Content.IE5\UDZ49CZ6\VSL13[1].exe/data0005 Infected: Trojan-Downloader.Win32.Small.ajc skipped

C:\Documents and Settings\Arnaud & Gaëlle\Local Settings\Temporary Internet Files\Content.IE5\UDZ49CZ6\VSL13[1].exe NSIS: infected - 2 skipped

C:\Documents and Settings\Arnaud & Gaëlle\NTUSER.DAT Object is locked skipped

C:\Documents and Settings\Arnaud & Gaëlle\ntuser.dat.LOG Object is locked skipped

C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped

C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped

C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped

C:\Documents and Settings\LocalService\Local Settings\Historique\History.IE5\index.dat Object is locked skipped

C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped

C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped

C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped

C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped

C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped

C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped

C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped

C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Arnaud & Gaëlle\Data\chandir.dat Object is locked skipped

C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Arnaud & Gaëlle\Data\chandir.idx Object is locked skipped

C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Arnaud & Gaëlle\Data\chn.dat Object is locked skipped

C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Arnaud & Gaëlle\Data\chn.idx Object is locked skipped

C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Arnaud & Gaëlle\Data\D0000000.FCS Object is locked skipped

C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Arnaud & Gaëlle\Data\inuse.txt Object is locked skipped

C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Arnaud & Gaëlle\Data\L0000023.FCS Object is locked skipped

C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Arnaud & Gaëlle\Data\main.log Object is locked skipped

C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Arnaud & Gaëlle\Data\prs.dat Object is locked skipped

C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Arnaud & Gaëlle\Data\prs.idx Object is locked skipped

C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Arnaud & Gaëlle\Data\prs_die.dat Object is locked skipped

C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Arnaud & Gaëlle\Data\prs_die.idx Object is locked skipped

C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Arnaud & Gaëlle\Data\prs_dnd.dat Object is locked skipped

C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Arnaud & Gaëlle\Data\prs_dnd.idx Object is locked skipped

C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Arnaud & Gaëlle\Data\prs_ext.dat Object is locked skipped

C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Arnaud & Gaëlle\Data\prs_ext.idx Object is locked skipped

C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Arnaud & Gaëlle\Data\prs_rcv.dat Object is locked skipped

C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Arnaud & Gaëlle\Data\prs_rcv.idx Object is locked skipped

C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Arnaud & Gaëlle\Data\storydb.dat Object is locked skipped

C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Arnaud & Gaëlle\Data\storydb.idx Object is locked skipped

C:\Program Files\microsoft office\office10\Startup\PALMAPP.DOT Object is locked skipped

C:\Program Files\Securitoo\av_fw\backweb\1044199\Users\Default\Data\cache.dat Object is locked skipped

C:\Program Files\Securitoo\av_fw\backweb\1044199\Users\Default\Data\chandir.dat Object is locked skipped

C:\Program Files\Securitoo\av_fw\backweb\1044199\Users\Default\Data\chandir.idx Object is locked skipped

C:\Program Files\Securitoo\av_fw\backweb\1044199\Users\Default\Data\chn.dat Object is locked skipped

C:\Program Files\Securitoo\av_fw\backweb\1044199\Users\Default\Data\chn.idx Object is locked skipped

C:\Program Files\Securitoo\av_fw\backweb\1044199\Users\Default\Data\D0000000.FCS Object is locked skipped

C:\Program Files\Securitoo\av_fw\backweb\1044199\Users\Default\Data\inuse.txt Object is locked skipped

C:\Program Files\Securitoo\av_fw\backweb\1044199\Users\Default\Data\L0000066.FCS Object is locked skipped

C:\Program Files\Securitoo\av_fw\backweb\1044199\Users\Default\Data\main.log Object is locked skipped

C:\Program Files\Securitoo\av_fw\backweb\1044199\Users\Default\Data\prs.dat Object is locked skipped

C:\Program Files\Securitoo\av_fw\backweb\1044199\Users\Default\Data\prs.idx Object is locked skipped

C:\Program Files\Securitoo\av_fw\backweb\1044199\Users\Default\Data\prs_die.dat Object is locked skipped

C:\Program Files\Securitoo\av_fw\backweb\1044199\Users\Default\Data\prs_die.idx Object is locked skipped

C:\Program Files\Securitoo\av_fw\backweb\1044199\Users\Default\Data\prs_dnd.dat Object is locked skipped

C:\Program Files\Securitoo\av_fw\backweb\1044199\Users\Default\Data\prs_dnd.idx Object is locked skipped

C:\Program Files\Securitoo\av_fw\backweb\1044199\Users\Default\Data\prs_ext.dat Object is locked skipped

C:\Program Files\Securitoo\av_fw\backweb\1044199\Users\Default\Data\prs_ext.idx Object is locked skipped

C:\Program Files\Securitoo\av_fw\backweb\1044199\Users\Default\Data\prs_rcv.dat Object is locked skipped

C:\Program Files\Securitoo\av_fw\backweb\1044199\Users\Default\Data\prs_rcv.idx Object is locked skipped

C:\Program Files\Securitoo\av_fw\backweb\1044199\Users\Default\Data\storydb.dat Object is locked skipped

C:\Program Files\Securitoo\av_fw\backweb\1044199\Users\Default\Data\storydb.idx Object is locked skipped

C:\Program Files\Securitoo\av_fw\Common\admin.pub Object is locked skipped

C:\Program Files\Securitoo\av_fw\Common\policy.bpf Object is locked skipped

C:\Program Files\Securitoo\av_fw\Common\policy.ipf Object is locked skipped

C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped

C:\WINDOWS\RESTORE.INS/C:/OEMCUST/TOOLS/WIN32/PSKILL.EXE Infected: not-a-virus:NetTool.Win32.PsKill skipped

C:\WINDOWS\RESTORE.INS ARJ: infected - 1 skipped

C:\WINDOWS\SchedLgU.Txt Object is locked skipped

C:\WINDOWS\SoftwareDistribution\EventCache\{6EBBA271-0837-4A91-B164-3F55412F2240}.bin Object is locked skipped

C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped

C:\WINDOWS\Sti_Trace.log Object is locked skipped

C:\WINDOWS\system\RESTORE.INS/C:/OEMCUST/TOOLS/WIN32/PSKILL.EXE Infected: not-a-virus:NetTool.Win32.PsKill skipped

C:\WINDOWS\system\RESTORE.INS ARJ: infected - 1 skipped

C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped

C:\WINDOWS\system32\config\DEFAULT Object is locked skipped

C:\WINDOWS\system32\config\default.LOG Object is locked skipped

C:\WINDOWS\system32\config\SAM Object is locked skipped

C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped

C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped

C:\WINDOWS\system32\config\SECURITY Object is locked skipped

C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped

C:\WINDOWS\system32\config\SOFTWARE Object is locked skipped

C:\WINDOWS\system32\config\software.LOG Object is locked skipped

C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped

C:\WINDOWS\system32\config\SYSTEM Object is locked skipped

C:\WINDOWS\system32\config\system.LOG Object is locked skipped

C:\WINDOWS\system32\h323log.txt Object is locked skipped

C:\WINDOWS\system32\ssqbn.exe/data0002 Infected: Trojan-Downloader.Win32.Small.ajc skipped

C:\WINDOWS\system32\ssqbn.exe/data0003 Infected: Trojan-Downloader.Win32.Small.ajc skipped

C:\WINDOWS\system32\ssqbn.exe NSIS: infected - 2 skipped

C:\WINDOWS\system32\VSL13.exe/data0004 Infected: Trojan-Downloader.Win32.Small.ctp skipped

C:\WINDOWS\system32\VSL13.exe/data0005 Infected: Trojan-Downloader.Win32.Small.ajc skipped

C:\WINDOWS\system32\VSL13.exe NSIS: infected - 2 skipped

C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped

C:\WINDOWS\wiadebug.log Object is locked skipped

C:\WINDOWS\wiaservc.log Object is locked skipped

C:\WINDOWS\WindowsUpdate.log Object is locked skipped

 

Scan process completed.

Lien vers le commentaire
Partager sur d’autres sites
Malekal_morte Godlike Member

Malekal_morte

Posté(e)
Posté(e)

- Télécharge eScan Antivirus Toolkit

- Installe le dans le dossier C:\Kaspersky

- Rends toi dans le dossier C:\Kaspersky et double-clic sur kavupd.exe pour le mettre à jour

- Redémarre en mode sans échec, si tu sais pas comment on fait lis ceci

 

Supprime :

C:\WINDOWS\system32\ssqbn.exe

C:\WINDOWS\system32\VSL13.exe

 

- Ouvre le dossier C:\Kaspersky

- double-clique sur le fichier mwavscan.com

- Coche les options comme indiquées sur cette page

- puis en bas à droite, clic sur Scan Clean pour démarrer le scan

- A la fin du scan clic sur le bouton view log, enregistre le fichier à l'endroit que tu le souhaites

 

- Redémarre l'ordinateur

- Copie/colle le contenu le rapport de scan que tu as sauvegardé

Lien vers le commentaire
Partager sur d’autres sites
Malekal_morte Godlike Member

Malekal_morte

Posté(e)
Posté(e)

Ne colle pas la liste des fichiers scannés mais seulement la liste des fichiers infectés.

 

As-tu réussi à supprimer les fichiers demandés?

Lien vers le commentaire
Partager sur d’autres sites
Arnaud 44 Junior Member

Arnaud 44

Posté(e)
  • Auteur
Posté(e)

Merci malekal_morte : :P

 

Je suis bien parvenu à supprimer

C:\WINDOWS\system32\ssqbn.exe

C:\WINDOWS\system32\VSL13.exe

 

Voici le rapport eScan.

- Comment supprimer définitivement les fichiers infectés ?

- Que faire des fichiers "ScanFile fails", une analyse approfondie ?

- Que faire des fichiers mis précedemment en quarantaine avec ewido (cf ds le rapport) ?

 

 

Fri Sep 08 09:44:37 2006 => **********************************************************

Fri Sep 08 09:44:37 2006 => eScan AntiVirus Toolkit Utility.

Fri Sep 08 09:44:38 2006 => Copyright © 2003-2004, MicroWorld Technologies Inc.

Fri Sep 08 09:44:38 2006 => **********************************************************

Fri Sep 08 09:44:38 2006 => Version 4.4.7

Fri Sep 08 09:44:38 2006 => Log File: C:\KASPER~1\mwav.log

Fri Sep 08 09:44:38 2006 => Latest Date of files inside MWAV: 23 Aug 2006 17:12:24.

Fri Sep 08 09:44:44 2006 => AV Library Loaded...

Fri Sep 08 09:44:44 2006 => Scanning File C:\KASPER~1\kavss.exe

Fri Sep 08 09:44:44 2006 => Scanning File C:\KASPER~1\Getvlist.exe

Fri Sep 08 09:44:44 2006 => Scanning File C:\KASPER~1\kavss.dll

Fri Sep 08 09:44:44 2006 => Scanning File C:\KASPER~1\kavssdi.dll

Fri Sep 08 09:44:44 2006 => Scanning File C:\KASPER~1\kavssi.dll

Fri Sep 08 09:44:44 2006 => Scanning File C:\KASPER~1\kavvlg.dll

Fri Sep 08 09:44:44 2006 => Scanning File C:\KASPER~1\msvlclnt.dll

Fri Sep 08 09:44:44 2006 => Scanning File C:\KASPER~1\ipc.dll

Fri Sep 08 09:44:44 2006 => Scanning File C:\KASPER~1\main.avi

Fri Sep 08 09:44:44 2006 => Scanning File C:\KASPER~1\virus.avi

Fri Sep 08 09:44:45 2006 => Virus Database Date: 2006/08/23

Fri Sep 08 09:44:45 2006 => Virus Database Count: 217614

Fri Sep 08 09:45:39 2006 => AV Library Unloaded (3)...

Fri Sep 08 10:14:05 2006 => **********************************************************

Fri Sep 08 10:14:05 2006 => eScan AntiVirus Toolkit Utility.

Fri Sep 08 10:14:05 2006 => Copyright © 2003-2004, MicroWorld Technologies Inc.

Fri Sep 08 10:14:05 2006 => **********************************************************

Fri Sep 08 10:14:05 2006 => Version 4.4.7

Fri Sep 08 10:14:05 2006 => Log File: C:\KASPER~1\mwav.log

Fri Sep 08 10:14:07 2006 => Latest Date of files inside MWAV: 23 Aug 2006 17:12:24.

Fri Sep 08 10:14:16 2006 => AV Library Loaded...

Fri Sep 08 10:14:16 2006 => Scanning File C:\KASPER~1\kavss.exe

Fri Sep 08 10:14:16 2006 => Scanning File C:\KASPER~1\Getvlist.exe

Fri Sep 08 10:14:16 2006 => Scanning File C:\KASPER~1\kavss.dll

Fri Sep 08 10:14:16 2006 => Scanning File C:\KASPER~1\kavssdi.dll

Fri Sep 08 10:14:17 2006 => Scanning File C:\KASPER~1\kavssi.dll

Fri Sep 08 10:14:17 2006 => Scanning File C:\KASPER~1\kavvlg.dll

Fri Sep 08 10:14:17 2006 => Scanning File C:\KASPER~1\msvlclnt.dll

Fri Sep 08 10:14:17 2006 => Scanning File C:\KASPER~1\ipc.dll

Fri Sep 08 10:14:17 2006 => Scanning File C:\KASPER~1\main.avi

Fri Sep 08 10:14:17 2006 => Scanning File C:\KASPER~1\virus.avi

Fri Sep 08 10:14:17 2006 => Virus Database Date: 2006/08/23

Fri Sep 08 10:14:17 2006 => Virus Database Count: 217614

 

Fri Sep 08 10:14:57 2006 => **********************************************************

Fri Sep 08 10:14:57 2006 => eScan AntiVirus Toolkit Utility.

Fri Sep 08 10:14:57 2006 => Copyright © 2003-2004, MicroWorld Technologies Inc.

Fri Sep 08 10:14:57 2006 =>

Fri Sep 08 10:14:57 2006 => Support: [email protected]

Fri Sep 08 10:14:57 2006 => Web: http://www.mwti.net

Fri Sep 08 10:14:57 2006 => **********************************************************

Fri Sep 08 10:14:57 2006 => Version 4.4.7

Fri Sep 08 10:14:57 2006 => Log File: C:\KASPER~1\mwav.log

Fri Sep 08 10:14:57 2006 => Latest Date of files inside MWAV: 23 Aug 2006 17:12:24.

 

Fri Sep 08 10:14:57 2006 => Options Selected by User:

Fri Sep 08 10:14:57 2006 => Memory Check: Enabled

Fri Sep 08 10:14:57 2006 => Registry Check: Enabled

Fri Sep 08 10:14:57 2006 => StartUp Folder Check: Enabled

Fri Sep 08 10:14:57 2006 => System Folder Check: Enabled

Fri Sep 08 10:14:57 2006 => System Area Check: Disabled

Fri Sep 08 10:14:57 2006 => Services Check: Enabled

Fri Sep 08 10:14:57 2006 => Drive Check: Disabled

Fri Sep 08 10:14:57 2006 => All Drive Check :Enabled

Fri Sep 08 10:14:57 2006 => Scanning Type: Scan And Clean

Fri Sep 08 10:14:57 2006 => Folder Check: Disabled

 

 

 

 

 

Fri Sep 08 10:14:58 2006 => ***** Scanning Memory Files *****

 

 

Fri Sep 08 10:14:58 2006 => ***** Scanning Registry Files *****

 

Fri Sep 08 10:15:02 2006 => ERROR!!! Invalid Entry Cld2000.exe = C:\Program Files\Calendrier\Cld2000.exe. Removing it.

 

 

Fri Sep 08 10:15:03 2006 => ***** Scanning StartUp Folders *****

 

Fri Sep 08 10:15:04 2006 => ***** Scanning Service Files *****

Fri Sep 08 10:15:08 2006 => ERROR!!! Invalid Entry "C:\Program Files\Securitoo\av_fw\Common\FSAA.EXE" in SYSTEM\CurrentControlSet\Services\FSAA...

Fri Sep 08 10:15:13 2006 => ERROR!!! Invalid Entry I:\Purgeie\PurgeIE\PurgeIE_Service.exe in SYSTEM\CurrentControlSet\Services\PurgeIEservice...

 

 

Fri Sep 08 10:15:18 2006 => ***** Scanning System32 Folders *****

 

Fri Sep 08 10:15:24 2006 => Scanning File C:\WINDOWS\RESTORE.INS

Fri Sep 08 10:15:26 2006 => File C:\WINDOWS\RESTORE.INS tagged as not-a-virus:NetTool.Win32.PsKill. No Action Taken.

 

 

Fri Sep 08 10:17:50 2006 => ***** Scanning All Drives *****

Fri Sep 08 10:21:05 2006 => C:\APPS\Packard Bell Companion\settings.pak not Scanned. Possibly password protected...

Fri Sep 08 10:21:06 2006 => C:\APPS\Packard Bell Companion\users\usersettings.pak not Scanned. Possibly password protected...

Fri Sep 08 10:25:56 2006 => *** File C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Backups\regLocal.reg having Size Restriction ***

Fri Sep 08 10:25:56 2006 => Scanning File C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Backups\regLocal.reg [**]

Fri Sep 08 10:25:56 2006 => *** File C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Backups\regUsers.reg having Size Restriction ***

Fri Sep 08 10:25:56 2006 => Scanning File C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Backups\regUsers.reg [**]

Fri Sep 08 10:25:57 2006 => C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Altnet.zip not Scanned. Possibly password protected...

Fri Sep 08 10:25:57 2006 => Scanning File C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinFixer.zip

Fri Sep 08 10:25:57 2006 => C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinFixer.zip not Scanned. Possibly password protected...

 

Fri Sep 08 10:27:06 2006 => ERROR!!! ScanFile fails for C:\Documents and Settings\Arnaud & Gaëlle\Application Data\Microsoft\Office\Fichiers récents\????????.doc.lnk

 

Fri Sep 08 10:27:06 2006 => ERROR!!! ScanFile fails for C:\Documents and Settings\Arnaud & Gaëlle\Application Data\Microsoft\Office\Fichiers récents\??????.doc.lnk

 

Fri Sep 08 10:27:06 2006 => ERROR!!! ScanFile fails for C:\Documents and Settings\Arnaud & Gaëlle\Application Data\Microsoft\Office\Fichiers récents\??????.lnk

 

Fri Sep 08 10:27:12 2006 => *** File C:\Documents and Settings\Arnaud & Gaëlle\Application Data\Phoenix\Profiles\default\o0pdhv5q.slt\Cache\0E1C974Fd01 having Size Restriction ***

Fri Sep 08 10:27:12 2006 => Scanning File C:\Documents and Settings\Arnaud & Gaëlle\Application Data\Phoenix\Profiles\default\o0pdhv5q.slt\Cache\0E1C974Fd01 [**]

 

Fri Sep 08 10:27:44 2006 => *** File C:\Documents and Settings\Arnaud & Gaëlle\Application Data\Phoenix\Profiles\default\o0pdhv5q.slt\Cache\_CACHE_003_ having Size Restriction ***

Fri Sep 08 10:27:44 2006 => Scanning File C:\Documents and Settings\Arnaud & Gaëlle\Application Data\Phoenix\Profiles\default\o0pdhv5q.slt\Cache\_CACHE_003_ [**]

 

Fri Sep 08 10:28:01 2006 => ERROR!!! ScanFile fails for C:\Documents and Settings\Arnaud & Gaëlle\Bureau\756139_29283\McKinsey——??????????.ppt

 

Fri Sep 08 10:30:56 2006 => C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\Archives 1\Archives\ebook_Mckinsey -« Valuation:Measuring And Managing The Value Of Companies»2.RAR possibly infected and removed by background antivirus package!

Fri Sep 08 10:30:56 2006 => Result: ERROR!!! File C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\Archives 1\Archives\ebook_Mckinsey -« Valuation:Measuring And Managing The Value Of Companies»2.RAR: Scanning Failure!!!

Fri Sep 08 10:30:56 2006 => C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\Archives 1\Archives\ebook_Mckinsey -« Valuation:Measuring And Managing The Value Of Companies»2.RAR possibly infected and removed by background antivirus package!

Fri Sep 08 10:30:56 2006 => File C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\Archives 1\Archives\ebook_Mckinsey -« Valuation:Measuring And Managing The Value Of Companies»2.RAR infected by "BkCln.Unknown" Virus. Action Taken: File Deleted.

Fri Sep 08 10:30:56 2006 => Scanning File C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\Archives 1\Archives\ebook_Mckinsey -« Valuation:Measuring And Managing The Value Of Companies»3.RAR

Fri Sep 08 10:30:56 2006 => C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\Archives 1\Archives\ebook_Mckinsey -« Valuation:Measuring And Managing The Value Of Companies»3.RAR possibly infected and removed by background antivirus package!

Fri Sep 08 10:30:56 2006 => Result: ERROR!!! File C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\Archives 1\Archives\ebook_Mckinsey -« Valuation:Measuring And Managing The Value Of Companies»3.RAR: Scanning Failure!!!

Fri Sep 08 10:30:56 2006 => C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\Archives 1\Archives\ebook_Mckinsey -« Valuation:Measuring And Managing The Value Of Companies»3.RAR possibly infected and removed by background antivirus package!

Fri Sep 08 10:30:56 2006 => File C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\Archives 1\Archives\ebook_Mckinsey -« Valuation:Measuring And Managing The Value Of Companies»3.RAR infected by "BkCln.Unknown" Virus. Action Taken: File Deleted.

Fri Sep 08 10:30:56 2006 => Scanning File C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\Archives 1\Archives\ebook_Mckinsey -« Valuation:Measuring And Managing The Value Of Companies»4.RAR

Fri Sep 08 10:30:56 2006 => C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\Archives 1\Archives\ebook_Mckinsey -« Valuation:Measuring And Managing The Value Of Companies»4.RAR possibly infected and removed by background antivirus package!

Fri Sep 08 10:30:56 2006 => Result: ERROR!!! File C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\Archives 1\Archives\ebook_Mckinsey -« Valuation:Measuring And Managing The Value Of Companies»4.RAR: Scanning Failure!!!

Fri Sep 08 10:30:56 2006 => C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\Archives 1\Archives\ebook_Mckinsey -« Valuation:Measuring And Managing The Value Of Companies»4.RAR possibly infected and removed by background antivirus package!

Fri Sep 08 10:30:56 2006 => File C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\Archives 1\Archives\ebook_Mckinsey -« Valuation:Measuring And Managing The Value Of Companies»4.RAR infected by "BkCln.Unknown" Virus. Action Taken: File Deleted.

Fri Sep 08 10:30:56 2006 => Scanning File C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\Archives 1\Archives\ebook_Mckinsey -« Valuation:Measuring And Managing The Value Of Companies»5.RAR

Fri Sep 08 10:30:56 2006 => C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\Archives 1\Archives\ebook_Mckinsey -« Valuation:Measuring And Managing The Value Of Companies»5.RAR possibly infected and removed by background antivirus package!

Fri Sep 08 10:30:56 2006 => Result: ERROR!!! File C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\Archives 1\Archives\ebook_Mckinsey -« Valuation:Measuring And Managing The Value Of Companies»5.RAR: Scanning Failure!!!

Fri Sep 08 10:30:56 2006 => C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\Archives 1\Archives\ebook_Mckinsey -« Valuation:Measuring And Managing The Value Of Companies»5.RAR possibly infected and removed by background antivirus package!

Fri Sep 08 10:30:56 2006 => File C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\Archives 1\Archives\ebook_Mckinsey -« Valuation:Measuring And Managing The Value Of Companies»5.RAR infected by "BkCln.Unknown" Virus. Action Taken: File Deleted.

 

Fri Sep 08 10:30:56 2006 => Scanning File C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\Archives 1\Archives\ebook_Mckinsey -« Valuation:Measuring And Managing The Value Of Companies»7.RAR

Fri Sep 08 10:30:56 2006 => C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\Archives 1\Archives\ebook_Mckinsey -« Valuation:Measuring And Managing The Value Of Companies»7.RAR possibly infected and removed by background antivirus package!

Fri Sep 08 10:30:56 2006 => Result: ERROR!!! File C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\Archives 1\Archives\ebook_Mckinsey -« Valuation:Measuring And Managing The Value Of Companies»7.RAR: Scanning Failure!!!

Fri Sep 08 10:30:56 2006 => C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\Archives 1\Archives\ebook_Mckinsey -« Valuation:Measuring And Managing The Value Of Companies»7.RAR possibly infected and removed by background antivirus package!

Fri Sep 08 10:30:56 2006 => File C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\Archives 1\Archives\ebook_Mckinsey -« Valuation:Measuring And Managing The Value Of Companies»7.RAR infected by "BkCln.Unknown" Virus. Action Taken: File Deleted.

 

Fri Sep 08 10:30:56 2006 => Scanning File C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\Archives 1\Archives\ebook_Mckinsey -« Valuation:Measuring And Managing The Value Of Companies»8.RAR

Fri Sep 08 10:30:57 2006 => C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\Archives 1\Archives\ebook_Mckinsey -« Valuation:Measuring And Managing The Value Of Companies»8.RAR possibly infected and removed by background antivirus package!

Fri Sep 08 10:30:57 2006 => Result: ERROR!!! File C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\Archives 1\Archives\ebook_Mckinsey -« Valuation:Measuring And Managing The Value Of Companies»8.RAR: Scanning Failure!!!

Fri Sep 08 10:30:57 2006 => C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\Archives 1\Archives\ebook_Mckinsey -« Valuation:Measuring And Managing The Value Of Companies»8.RAR possibly infected and removed by background antivirus package!

Fri Sep 08 10:30:57 2006 => File C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\Archives 1\Archives\ebook_Mckinsey -« Valuation:Measuring And Managing The Value Of Companies»8.RAR infected by "BkCln.Unknown" Virus. Action Taken: File Deleted.

 

Fri Sep 08 10:31:03 2006 => C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\Archives 1\Archives\Mckinsey -« Valuation:Measuring And Managing The Value Of Companies»1.RAR possibly infected and removed by background antivirus package!

Fri Sep 08 10:31:03 2006 => Result: ERROR!!! File C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\Archives 1\Archives\Mckinsey -« Valuation:Measuring And Managing The Value Of Companies»1.RAR: Scanning Failure!!!

Fri Sep 08 10:31:03 2006 => C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\Archives 1\Archives\Mckinsey -« Valuation:Measuring And Managing The Value Of Companies»1.RAR possibly infected and removed by background antivirus package!

Fri Sep 08 10:31:03 2006 => File C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\Archives 1\Archives\Mckinsey -« Valuation:Measuring And Managing The Value Of Companies»1.RAR infected by "BkCln.Unknown" Virus. Action Taken: File Deleted.

 

Fri Sep 08 10:31:14 2006 => C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\Archives 1\ebook_Mckinsey -« Valuation:Measuring And Managing The Value Of Companies»9.RAR possibly infected and removed by background antivirus package!

Fri Sep 08 10:31:14 2006 => Result: ERROR!!! File C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\Archives 1\ebook_Mckinsey -« Valuation:Measuring And Managing The Value Of Companies»9.RAR: Scanning Failure!!!

Fri Sep 08 10:31:14 2006 => C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\Archives 1\ebook_Mckinsey -« Valuation:Measuring And Managing The Value Of Companies»9.RAR possibly infected and removed by background antivirus package!

Fri Sep 08 10:31:14 2006 => File C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\Archives 1\ebook_Mckinsey -« Valuation:Measuring And Managing The Value Of Companies»9.RAR infected by "BkCln.Unknown" Virus. Action Taken: File Deleted.

 

Fri Sep 08 10:32:00 2006 => C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\Driving Enterprise Performance :Customer Success and Best Practices.PPT possibly infected and removed by background antivirus package!

Fri Sep 08 10:32:00 2006 => Result: ERROR!!! File C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\Driving Enterprise Performance :Customer Success and Best Practices.PPT: Scanning Failure!!!

Fri Sep 08 10:32:00 2006 => C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\Driving Enterprise Performance :Customer Success and Best Practices.PPT possibly infected and removed by background antivirus package!

Fri Sep 08 10:32:00 2006 => File C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\Driving Enterprise Performance :Customer Success and Best Practices.PPT infected by "BkCln.Unknown" Virus. Action Taken: File Renamed.

 

Fri Sep 08 10:32:00 2006 => Scanning File C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\Développer le.doc

Fri Sep 08 10:32:00 2006 => Scanning File C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\E MARKETING.doc

Fri Sep 08 10:32:01 2006 => Scanning File C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\ebbok:«Consultant's_guide Comnet_III».RAR

Fri Sep 08 10:32:01 2006 => C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\ebbok:«Consultant's_guide Comnet_III».RAR possibly infected and removed by background antivirus package!

Fri Sep 08 10:32:01 2006 => Result: ERROR!!! File C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\ebbok:«Consultant's_guide Comnet_III».RAR: Scanning Failure!!!

Fri Sep 08 10:32:01 2006 => C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\ebbok:«Consultant's_guide Comnet_III».RAR possibly infected and removed by background antivirus package!

Fri Sep 08 10:32:01 2006 => File C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\ebbok:«Consultant's_guide Comnet_III».RAR infected by "BkCln.Unknown" Virus. Action Taken: File Deleted.

 

Fri Sep 08 10:32:01 2006 => Scanning File C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\ebook_Mckinsey -« Valuation:Measuring And Managing The Value Of Companies»2.RAR

Fri Sep 08 10:32:01 2006 => C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\ebook_Mckinsey -« Valuation:Measuring And Managing The Value Of Companies»2.RAR possibly infected and removed by background antivirus package!

Fri Sep 08 10:32:01 2006 => Result: ERROR!!! File C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\ebook_Mckinsey -« Valuation:Measuring And Managing The Value Of Companies»2.RAR: Scanning Failure!!!

Fri Sep 08 10:32:01 2006 => C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\ebook_Mckinsey -« Valuation:Measuring And Managing The Value Of Companies»2.RAR possibly infected and removed by background antivirus package!

Fri Sep 08 10:32:01 2006 => File C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\ebook_Mckinsey -« Valuation:Measuring And Managing The Value Of Companies»2.RAR infected by "BkCln.Unknown" Virus. Action Taken: File Deleted.

 

Fri Sep 08 10:32:01 2006 => Scanning File C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\ebook_Mckinsey -« Valuation:Measuring And Managing The Value Of Companies»3.RAR

Fri Sep 08 10:32:01 2006 => C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\ebook_Mckinsey -« Valuation:Measuring And Managing The Value Of Companies»3.RAR possibly infected and removed by background antivirus package!

Fri Sep 08 10:32:01 2006 => Result: ERROR!!! File C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\ebook_Mckinsey -« Valuation:Measuring And Managing The Value Of Companies»3.RAR: Scanning Failure!!!

Fri Sep 08 10:32:01 2006 => C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\ebook_Mckinsey -« Valuation:Measuring And Managing The Value Of Companies»3.RAR possibly infected and removed by background antivirus package!

Fri Sep 08 10:32:01 2006 => File C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\ebook_Mckinsey -« Valuation:Measuring And Managing The Value Of Companies»3.RAR infected by "BkCln.Unknown" Virus. Action Taken: File Deleted.

 

Fri Sep 08 10:32:01 2006 => Scanning File C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\ebook_Mckinsey -« Valuation:Measuring And Managing The Value Of Companies»4.RAR

Fri Sep 08 10:32:01 2006 => C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\ebook_Mckinsey -« Valuation:Measuring And Managing The Value Of Companies»4.RAR possibly infected and removed by background antivirus package!

Fri Sep 08 10:32:01 2006 => Result: ERROR!!! File C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\ebook_Mckinsey -« Valuation:Measuring And Managing The Value Of Companies»4.RAR: Scanning Failure!!!

Fri Sep 08 10:32:01 2006 => C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\ebook_Mckinsey -« Valuation:Measuring And Managing The Value Of Companies»4.RAR possibly infected and removed by background antivirus package!

Fri Sep 08 10:32:01 2006 => File C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\ebook_Mckinsey -« Valuation:Measuring And Managing The Value Of Companies»4.RAR infected by "BkCln.Unknown" Virus. Action Taken: File Deleted.

 

Fri Sep 08 10:32:01 2006 => Scanning File C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\ebook_Mckinsey -« Valuation:Measuring And Managing The Value Of Companies»5.RAR

Fri Sep 08 10:32:01 2006 => C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\ebook_Mckinsey -« Valuation:Measuring And Managing The Value Of Companies»5.RAR possibly infected and removed by background antivirus package!

Fri Sep 08 10:32:01 2006 => Result: ERROR!!! File C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\ebook_Mckinsey -« Valuation:Measuring And Managing The Value Of Companies»5.RAR: Scanning Failure!!!

Fri Sep 08 10:32:01 2006 => C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\ebook_Mckinsey -« Valuation:Measuring And Managing The Value Of Companies»5.RAR possibly infected and removed by background antivirus package!

Fri Sep 08 10:32:01 2006 => File C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\ebook_Mckinsey -« Valuation:Measuring And Managing The Value Of Companies»5.RAR infected by "BkCln.Unknown" Virus. Action Taken: File Deleted.

 

Fri Sep 08 10:32:01 2006 => Scanning File C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\ebook_Mckinsey -« Valuation:Measuring And Managing The Value Of Companies»6.RAR

Fri Sep 08 10:32:01 2006 => C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\ebook_Mckinsey -« Valuation:Measuring And Managing The Value Of Companies»6.RAR possibly infected and removed by background antivirus package!

Fri Sep 08 10:32:01 2006 => Result: ERROR!!! File C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\ebook_Mckinsey -« Valuation:Measuring And Managing The Value Of Companies»6.RAR: Scanning Failure!!!

Fri Sep 08 10:32:01 2006 => C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\ebook_Mckinsey -« Valuation:Measuring And Managing The Value Of Companies»6.RAR possibly infected and removed by background antivirus package!

Fri Sep 08 10:32:01 2006 => File C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\ebook_Mckinsey -« Valuation:Measuring And Managing The Value Of Companies»6.RAR infected by "BkCln.Unknown" Virus. Action Taken: File Deleted.

 

Fri Sep 08 10:32:01 2006 => Scanning File C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\ebook_Mckinsey -« Valuation:Measuring And Managing The Value Of Companies»7.RAR

Fri Sep 08 10:32:01 2006 => C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\ebook_Mckinsey -« Valuation:Measuring And Managing The Value Of Companies»7.RAR possibly infected and removed by background antivirus package!

Fri Sep 08 10:32:01 2006 => Result: ERROR!!! File C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\ebook_Mckinsey -« Valuation:Measuring And Managing The Value Of Companies»7.RAR: Scanning Failure!!!

Fri Sep 08 10:32:01 2006 => C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\ebook_Mckinsey -« Valuation:Measuring And Managing The Value Of Companies»7.RAR possibly infected and removed by background antivirus package!

Fri Sep 08 10:32:01 2006 => File C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\ebook_Mckinsey -« Valuation:Measuring And Managing The Value Of Companies»7.RAR infected by "BkCln.Unknown" Virus. Action Taken: File Deleted.

 

Fri Sep 08 10:32:01 2006 => Scanning File C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\ebook_Mckinsey -« Valuation:Measuring And Managing The Value Of Companies»8.RAR

Fri Sep 08 10:32:01 2006 => C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\ebook_Mckinsey -« Valuation:Measuring And Managing The Value Of Companies»8.RAR possibly infected and removed by background antivirus package!

Fri Sep 08 10:32:01 2006 => Result: ERROR!!! File C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\ebook_Mckinsey -« Valuation:Measuring And Managing The Value Of Companies»8.RAR: Scanning Failure!!!

Fri Sep 08 10:32:01 2006 => C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\ebook_Mckinsey -« Valuation:Measuring And Managing The Value Of Companies»8.RAR possibly infected and removed by background antivirus package!

Fri Sep 08 10:32:01 2006 => File C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\ebook_Mckinsey -« Valuation:Measuring And Managing The Value Of Companies»8.RAR infected by "BkCln.Unknown" Virus. Action Taken: File Deleted.

 

Fri Sep 08 10:32:01 2006 => Scanning File C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\ebook_Mckinsey -« Valuation:Measuring And Managing The Value Of Companies»9.RAR

Fri Sep 08 10:32:01 2006 => C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\ebook_Mckinsey -« Valuation:Measuring And Managing The Value Of Companies»9.RAR possibly infected and removed by background antivirus package!

Fri Sep 08 10:32:01 2006 => Result: ERROR!!! File C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\ebook_Mckinsey -« Valuation:Measuring And Managing The Value Of Companies»9.RAR: Scanning Failure!!!

Fri Sep 08 10:32:01 2006 => C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\ebook_Mckinsey -« Valuation:Measuring And Managing The Value Of Companies»9.RAR possibly infected and removed by background antivirus package!

Fri Sep 08 10:32:01 2006 => File C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\ebook_Mckinsey -« Valuation:Measuring And Managing The Value Of Companies»9.RAR infected by "BkCln.Unknown" Virus. Action Taken: File Deleted.

 

Fri Sep 08 10:32:01 2006 => Scanning File C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\ebook_«101.Marketing.Strategies.for.Accounting.Law.Consulting».RAR

Fri Sep 08 10:32:01 2006 => C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\ebook_«101.Marketing.Strategies.for.Accounting.Law.Consulting».RAR possibly infected and removed by background antivirus package!

Fri Sep 08 10:32:01 2006 => Result: ERROR!!! File C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\ebook_«101.Marketing.Strategies.for.Accounting.Law.Consulting».RAR: Scanning Failure!!!

Fri Sep 08 10:32:01 2006 => C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\ebook_«101.Marketing.Strategies.for.Accounting.Law.Consulting».RAR possibly infected and removed by background antivirus package!

Fri Sep 08 10:32:01 2006 => File C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\ebook_«101.Marketing.Strategies.for.Accounting.Law.Consulting».RAR infected by "BkCln.Unknown" Virus. Action Taken: File Deleted.

 

Fri Sep 08 10:32:01 2006 => Scanning File C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\ebook_«Hidden Financial Risk».RAR

Fri Sep 08 10:32:01 2006 => C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\ebook_«Hidden Financial Risk».RAR possibly infected and removed by background antivirus package!

Fri Sep 08 10:32:01 2006 => Result: ERROR!!! File C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\ebook_«Hidden Financial Risk».RAR: Scanning Failure!!!

Fri Sep 08 10:32:02 2006 => C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\ebook_«Hidden Financial Risk».RAR possibly infected and removed by background antivirus package!

Fri Sep 08 10:32:02 2006 => File C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\ebook_«Hidden Financial Risk».RAR infected by "BkCln.Unknown" Virus. Action Taken: File Deleted.

 

Fri Sep 08 10:32:02 2006 => Scanning File C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\ebook_«Organizational Consulting».RAR

Fri Sep 08 10:32:02 2006 => C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\ebook_«Organizational Consulting».RAR possibly infected and removed by background antivirus package!

Fri Sep 08 10:32:02 2006 => Result: ERROR!!! File C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\ebook_«Organizational Consulting».RAR: Scanning Failure!!!

Fri Sep 08 10:32:02 2006 => C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\ebook_«Organizational Consulting».RAR possibly infected and removed by background antivirus package!

Fri Sep 08 10:32:02 2006 => File C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\ebook_«Organizational Consulting».RAR infected by "BkCln.Unknown" Virus. Action Taken: File Deleted.

 

Fri Sep 08 10:32:02 2006 => Scanning File C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\ebook_«The Top Consultant Developing Your.Skills.for.Greater.Effectiveness»par.RAR

Fri Sep 08 10:32:02 2006 => C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\ebook_«The Top Consultant Developing Your.Skills.for.Greater.Effectiveness»par.RAR possibly infected and removed by background antivirus package!

Fri Sep 08 10:32:02 2006 => Result: ERROR!!! File C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\ebook_«The Top Consultant Developing Your.Skills.for.Greater.Effectiveness»par.RAR: Scanning Failure!!!

Fri Sep 08 10:32:02 2006 => C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\ebook_«The Top Consultant Developing Your.Skills.for.Greater.Effectiveness»par.RAR possibly infected and removed by background antivirus package!

Fri Sep 08 10:32:02 2006 => File C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\ebook_«The Top Consultant Developing Your.Skills.for.Greater.Effectiveness»par.RAR infected by "BkCln.Unknown" Virus. Action Taken: File Deleted.

 

Fri Sep 08 10:32:02 2006 => Scanning File C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\ebook:Aris Methode (page 1-1572).RAR

Fri Sep 08 10:32:02 2006 => C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\ebook:Aris Methode (page 1-1572).RAR possibly infected and removed by background antivirus package!

Fri Sep 08 10:32:02 2006 => Result: ERROR!!! File C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\ebook:Aris Methode (page 1-1572).RAR: Scanning Failure!!!

Fri Sep 08 10:32:02 2006 => C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\ebook:Aris Methode (page 1-1572).RAR possibly infected and removed by background antivirus package!

Fri Sep 08 10:32:02 2006 => File C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\ebook:Aris Methode (page 1-1572).RAR infected by "BkCln.Unknown" Virus. Action Taken: File Deleted.

 

Fri Sep 08 10:32:02 2006 => Scanning File C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\ebook:Aris Methode (page 1-1572)2.RAR

Fri Sep 08 10:32:02 2006 => C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\ebook:Aris Methode (page 1-1572)2.RAR possibly infected and removed by background antivirus package!

Fri Sep 08 10:32:02 2006 => Result: ERROR!!! File C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\ebook:Aris Methode (page 1-1572)2.RAR: Scanning Failure!!!

Fri Sep 08 10:32:02 2006 => C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\ebook:Aris Methode (page 1-1572)2.RAR possibly infected and removed by background antivirus package!

Fri Sep 08 10:32:02 2006 => File C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\ebook:Aris Methode (page 1-1572)2.RAR infected by "BkCln.Unknown" Virus. Action Taken: File Deleted.

 

Fri Sep 08 10:32:21 2006 => C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\harvard business review:Five Minds Of Managers.PDF possibly infected and removed by background antivirus package!

Fri Sep 08 10:32:21 2006 => Result: ERROR!!! File C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\harvard business review:Five Minds Of Managers.PDF: Scanning Failure!!!

Fri Sep 08 10:32:22 2006 => C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\harvard business review:Five Minds Of Managers.PDF possibly infected and removed by background antivirus package!

Fri Sep 08 10:32:22 2006 => File C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\harvard business review:Five Minds Of Managers.PDF infected by "BkCln.Unknown" Virus. Action Taken: File Renamed.

 

Fri Sep 08 10:33:33 2006 => C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\Mckinsey -« Valuation:Measuring And Managing The Value Of Companies»1.RAR possibly infected and removed by background antivirus package!

Fri Sep 08 10:33:33 2006 => Result: ERROR!!! File C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\Mckinsey -« Valuation:Measuring And Managing The Value Of Companies»1.RAR: Scanning Failure!!!

Fri Sep 08 10:33:33 2006 => C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\Mckinsey -« Valuation:Measuring And Managing The Value Of Companies»1.RAR possibly infected and removed by background antivirus package!

Fri Sep 08 10:33:33 2006 => File C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\Mckinsey -« Valuation:Measuring And Managing The Value Of Companies»1.RAR infected by "BkCln.Unknown" Virus. Action Taken: File Deleted.

 

Fri Sep 08 10:33:33 2006 => Scanning File C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\Mckinsey -«The McKinsey Way».RAR

Fri Sep 08 10:33:33 2006 => C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\Mckinsey -«The McKinsey Way».RAR possibly infected and removed by background antivirus package!

Fri Sep 08 10:33:33 2006 => Result: ERROR!!! File C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\Mckinsey -«The McKinsey Way».RAR: Scanning Failure!!!

Fri Sep 08 10:33:33 2006 => C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\Mckinsey -«The McKinsey Way».RAR possibly infected and removed by background antivirus package!

Fri Sep 08 10:33:33 2006 => File C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\Mckinsey -«The McKinsey Way».RAR infected by "BkCln.Unknown" Virus. Action Taken: File Deleted.

 

Fri Sep 08 10:33:34 2006 => Scanning File C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\Mckinsey????? marvin bower??1.RAR

Fri Sep 08 10:33:34 2006 => ERROR!!! ScanFile fails for C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\Mckinsey????? marvin bower??1.RAR

Fri Sep 08 10:33:34 2006 => Scanning File C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\Mckinsey????? marvin bower??2.RAR

Fri Sep 08 10:33:34 2006 => C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\McKinsey-Benchmark Research-Nokia.PPT possibly infected and removed by background antivirus package!

Fri Sep 08 10:33:34 2006 => Result: ERROR!!! File C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\McKinsey-Benchmark Research-Nokia.PPT: Scanning Failure!!!

Fri Sep 08 10:33:34 2006 => C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\McKinsey-Benchmark Research-Nokia.PPT possibly infected and removed by background antivirus package!

Fri Sep 08 10:33:34 2006 => File C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\McKinsey-Benchmark Research-Nokia.PPT infected by "BkCln.Unknown" Virus. Action Taken: File Renamed.

 

Fri Sep 08 10:34:21 2006 => C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\??-Strategic Planning in the Private Sector.PPT possibly infected and removed by background antivirus package!

Fri Sep 08 10:34:21 2006 => Result: ERROR!!! File C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\??-Strategic Planning in the Private Sector.PPT: Scanning Failure!!!

Fri Sep 08 10:34:21 2006 => C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\??-Strategic Planning in the Private Sector.PPT possibly infected and removed by background antivirus package!

Fri Sep 08 10:34:21 2006 => File C:\Documents and Settings\Arnaud & Gaëlle\Bureau\arnaud 1606\??-Strategic Planning in the Private Sector.PPT infected by "BkCln.Unknown" Virus. Action Taken: File Renamed.

 

 

Fri Sep 08 10:34:37 2006 => File C:\Documents and Settings\Arnaud & Gaëlle\Bureau\clean\clean\pskill.exe tagged as not-a-virus:RiskTool.Win32.PsKill.k. No Action Taken.

 

ot-a-virus:RiskTool.Win32.PsKill.k. No Action Taken.

 

Fri Sep 08 10:35:32 2006 => File C:\Documents and Settings\Arnaud & Gaëlle\Bureau\SmitfraudFix\SmitfraudFix\Reboot.exe tagged as not-a-virus:RiskTool.Win32.Reboot.f. No Action Taken.

 

Fri Sep 08 10:35:33 2006 => File C:\Documents and Settings\Arnaud & Gaëlle\Bureau\SmitfraudFix.zip tagged as not-a-virus:RiskTool.Win32.Reboot.f. No Action Taken.

 

 

Fri Sep 08 10:35:46 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\ARNAUD~1\Cookies\index.dat

Fri Sep 08 10:35:49 2006 => ERROR!!! ScanFile fails for C:\Documents and Settings\Arnaud & Gaëlle\Favoris\Stratégie\??.?????????????.url

Fri Sep 08 10:35:49 2006 => ERROR!!! ScanFile fails for C:\Documents and Settings\Arnaud & Gaëlle\Favoris\Stratégie\???? ????? ????? ????.url

 

Fri Sep 08 10:36:27 2006 => *** File C:\Documents and Settings\Arnaud & Gaëlle\Local Settings\Application Data\Microsoft\Wallpaper1.bmp having Size Restriction ***

 

Fri Sep 08 10:36:27 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\ARNAUD~1\LOCALS~1\APPLIC~1\MICROS~1\Windows\UsrClass.dat

 

Fri Sep 08 10:36:27 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\ARNAUD~1\LOCALS~1\APPLIC~1\MICROS~1\Windows\USRCLA~1.LOG

 

Fri Sep 08 10:38:46 2006 => File C:\Documents and Settings\Arnaud & Gaëlle\Local Settings\Temporary Internet Files\Content.IE5\NB9BNHWW\SPLOIT[1].0NR infected by "Trojan-Downloader.Win32.Ani.c" Virus. Action Taken: File Deleted.

 

Fri Sep 08 10:38:47 2006 => File C:\Documents and Settings\Arnaud & Gaëlle\Local Settings\Temporary Internet Files\Content.IE5\NB9BNHWW\ssqbn[1].exe infected by "Trojan-Downloader.Win32.Small.ajc" Virus. Action Taken: File Deleted.

 

Fri Sep 08 10:39:21 2006 => File C:\Documents and Settings\Arnaud & Gaëlle\Local Settings\Temporary Internet Files\Content.IE5\UDZ49CZ6\VSL13[1].exe infected by "Trojan-Downloader.Win32.Small.ctp" Virus. Action Taken: File Deleted.

 

 

Fri Sep 08 10:48:33 2006 => *** File C:\Documents and Settings\Arnaud & Gaëlle\Mes documents\photo.doc having Size Restriction ***

Fri Sep 08 10:48:33 2006 => Scanning File C:\Documents and Settings\Arnaud & Gaëlle\Mes documents\photo.doc [**]

 

Fri Sep 08 10:48:45 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\ARNAUD~1\NTUSER~1.LOG

Fri Sep 08 10:48:51 2006 => ERROR!!! ScanFile fails for C:\Documents and Settings\Arnaud & Gaëlle\Recent\??????.doc.lnk

Fri Sep 08 10:48:51 2006 => Scanning File C:\Documents and Settings\Arnaud & Gaëlle\Recent\??-Strategic Planning in the Private Sector.PPT.lnk

Fri Sep 08 10:48:51 2006 => C:\Documents and Settings\Arnaud & Gaëlle\Recent\??-Strategic Planning in the Private Sector.PPT.lnk possibly infected and removed by background antivirus package!

Fri Sep 08 10:48:51 2006 => Result: ERROR!!! File C:\Documents and Settings\Arnaud & Gaëlle\Recent\??-Strategic Planning in the Private Sector.PPT.lnk: Scanning Failure!!!

Fri Sep 08 10:48:51 2006 => C:\Documents and Settings\Arnaud & Gaëlle\Recent\??-Strategic Planning in the Private Sector.PPT.lnk possibly infected and removed by background antivirus package!

Fri Sep 08 10:48:51 2006 => File C:\Documents and Settings\Arnaud & Gaëlle\Recent\??-Strategic Planning in the Private Sector.PPT.lnk infected by "BkCln.Unknown" Virus. Action Taken: File Renamed.

 

Fri Sep 08 10:49:43 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\NETWOR~1\LOCALS~1\APPLIC~1\MICROS~1\Windows\UsrClass.dat

 

Fri Sep 08 10:49:43 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\NETWOR~1\LOCALS~1\APPLIC~1\MICROS~1\Windows\USRCLA~1.LOG

 

Fri Sep 08 10:49:44 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\NETWOR~1\NTUSER.DAT

Fri Sep 08 10:49:44 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\NETWOR~1\NTUSER~1.LOG

 

Fri Sep 08 10:50:02 2006 => C:\DRIVERS\MCDBF\SOURCE1\OTHER.EXE not Scanned. Possibly password protected...

 

Fri Sep 08 10:50:03 2006 => C:\DRIVERS\MCDBF\SOURCE1\TSADDON.EXE not Scanned. Possibly password protected...

 

Fri Sep 08 10:54:28 2006 => *** File C:\Program Files\AOL 8.0\Jiti\Real.EXE having Size Restriction ***

Fri Sep 08 10:54:28 2006 => Scanning File C:\Program Files\AOL 8.0\Jiti\Real.EXE [**]

Fri Sep 08 10:57:14 2006 => *** File C:\Program Files\EHMINSTALL\DataEhm\AnthChk.tou having Size Restriction ***

Fri Sep 08 10:57:14 2006 => Scanning File C:\Program Files\EHMINSTALL\DataEhm\AnthChk.tou [**]

Fri Sep 08 10:57:14 2006 => *** File C:\Program Files\EHMINSTALL\DataEhm\ArtChk.tou having Size Restriction ***

Fri Sep 08 10:57:14 2006 => Scanning File C:\Program Files\EHMINSTALL\DataEhm\ArtChk.tou [**]

Fri Sep 08 10:57:14 2006 => *** File C:\Program Files\EHMINSTALL\DataEhm\DiapoChk.tou having Size Restriction ***

Fri Sep 08 10:57:14 2006 => Scanning File C:\Program Files\EHMINSTALL\DataEhm\DiapoChk.tou [**]

Fri Sep 08 10:57:14 2006 => *** File C:\Program Files\EHMINSTALL\DataEhm\dico.tou having Size Restriction ***

Fri Sep 08 10:57:14 2006 => Scanning File C:\Program Files\EHMINSTALL\DataEhm\dico.tou [**]

Fri Sep 08 10:57:14 2006 => *** File C:\Program Files\EHMINSTALL\DataEhm\DocChk.tou having Size Restriction ***

Fri Sep 08 10:57:14 2006 => Scanning File C:\Program Files\EHMINSTALL\DataEhm\DocChk.tou [**]

Fri Sep 08 10:57:14 2006 => Scanning File C:\Program Files\EHMINSTALL\DataEhm\FlagChk.tou

Fri Sep 08 10:57:14 2006 => *** File C:\Program Files\EHMINSTALL\DataEhm\GCompChk.tou having Size Restriction ***

Fri Sep 08 10:57:14 2006 => Scanning File C:\Program Files\EHMINSTALL\DataEhm\GCompChk.tou [**]

Fri Sep 08 10:57:14 2006 => *** File C:\Program Files\EHMINSTALL\DataEhm\ImgChk.tou having Size Restriction ***

Fri Sep 08 10:57:14 2006 => Scanning File C:\Program Files\EHMINSTALL\DataEhm\ImgChk.tou [**]

Fri Sep 08 10:57:14 2006 => *** File C:\Program Files\EHMINSTALL\DataEhm\installchk.tou having Size Restriction ***

Fri Sep 08 10:57:14 2006 => Scanning File C:\Program Files\EHMINSTALL\DataEhm\installchk.tou [**]

Fri Sep 08 10:57:14 2006 => *** File C:\Program Files\EHMINSTALL\DataEhm\IntChk.tou having Size Restriction ***

Fri Sep 08 10:57:14 2006 => Scanning File C:\Program Files\EHMINSTALL\DataEhm\IntChk.tou [**]

Fri Sep 08 10:57:14 2006 => Scanning File C:\Program Files\EHMINSTALL\DataEhm\LsABoost.tou

Fri Sep 08 10:57:14 2006 => *** File C:\Program Files\EHMINSTALL\DataEhm\MapChk.tou having Size Restriction ***

Fri Sep 08 10:57:14 2006 => Scanning File C:\Program Files\EHMINSTALL\DataEhm\MapChk.tou [**]

Fri Sep 08 10:57:14 2006 => Scanning File C:\Program Files\EHMINSTALL\DataEhm\MemChk.tou

Fri Sep 08 10:57:15 2006 => *** File C:\Program Files\EHMINSTALL\DataEhm\SndChk.tou having Size Restriction ***

Fri Sep 08 10:57:15 2006 => Scanning File C:\Program Files\EHMINSTALL\DataEhm\SndChk.tou [**]

Fri Sep 08 10:57:15 2006 => *** File C:\Program Files\EHMINSTALL\DataEhm\SpellChk.tou having Size Restriction ***

Fri Sep 08 10:57:15 2006 => Scanning File C:\Program Files\EHMINSTALL\DataEhm\SpellChk.tou [**]

Fri Sep 08 10:57:15 2006 => Scanning File C:\Program Files\EHMINSTALL\DataEhm\stroxtb.tou

Fri Sep 08 10:57:15 2006 => *** File C:\Program Files\EHMINSTALL\DataEhm\VideoChk.tou having Size Restriction ***

Fri Sep 08 10:57:15 2006 => Scanning File C:\Program Files\EHMINSTALL\DataEhm\VideoChk.tou [**]

Fri Sep 08 10:57:15 2006 => *** File C:\Program Files\EHMINSTALL\DataEhm\VRChk.tou having Size Restriction ***

Fri Sep 08 10:57:15 2006 => Scanning File C:\Program Files\EHMINSTALL\DataEhm\VRChk.tou [**]

 

Fri Sep 08 10:58:32 2006 => Scanning Folder: C:\Program Files\ewido anti-spyware 4.0\Quarantine\*.*

Fri Sep 08 10:58:32 2006 => Scanning File C:\Program Files\ewido anti-spyware 4.0\Quarantine\fil03D486C9.dat

Fri Sep 08 10:58:32 2006 => Scanning File C:\Program Files\ewido anti-spyware 4.0\Quarantine\fil08E62790.dat

Fri Sep 08 10:58:32 2006 => Scanning File C:\Program Files\ewido anti-spyware 4.0\Quarantine\fil0D078764.dat

Fri Sep 08 10:58:32 2006 => Scanning File C:\Program Files\ewido anti-spyware 4.0\Quarantine\fil121D7381.dat

Fri Sep 08 10:58:32 2006 => Scanning File C:\Program Files\ewido anti-spyware 4.0\Quarantine\fil16C5B8F9.dat

Fri Sep 08 10:58:32 2006 => Scanning File C:\Program Files\ewido anti-spyware 4.0\Quarantine\fil2221C209.dat

Fri Sep 08 10:58:32 2006 => Scanning File C:\Program Files\ewido anti-spyware 4.0\Quarantine\fil2640B8A9.dat

Fri Sep 08 10:58:32 2006 => Scanning File C:\Program Files\ewido anti-spyware 4.0\Quarantine\fil2640B8AA.dat

Fri Sep 08 10:58:32 2006 => Scanning File C:\Program Files\ewido anti-spyware 4.0\Quarantine\fil2A61D811.dat

Fri Sep 08 10:58:32 2006 => Scanning File C:\Program Files\ewido anti-spyware 4.0\Quarantine\fil35673809.dat

Fri Sep 08 10:58:32 2006 => Scanning File C:\Program Files\ewido anti-spyware 4.0\Quarantine\fil3F7C9B10.dat

Fri Sep 08 10:58:32 2006 => Scanning File C:\Program Files\ewido anti-spyware 4.0\Quarantine\fil41753010.dat

Fri Sep 08 10:58:32 2006 => Scanning File C:\Program Files\ewido anti-spyware 4.0\Quarantine\fil439B5144.dat

Fri Sep 08 10:58:32 2006 => Scanning File C:\Program Files\ewido anti-spyware 4.0\Quarantine\fil48AE9651.dat

Fri Sep 08 10:58:32 2006 => Scanning File C:\Program Files\ewido anti-spyware 4.0\Quarantine\fil4C0681E9.dat

Fri Sep 08 10:58:32 2006 => Scanning File C:\Program Files\ewido anti-spyware 4.0\Quarantine\fil4EA33F90.dat

Fri Sep 08 10:58:32 2006 => Scanning File C:\Program Files\ewido anti-spyware 4.0\Quarantine\fil5CD77B99.dat

Fri Sep 08 10:58:32 2006 => Scanning File C:\Program Files\ewido anti-spyware 4.0\Quarantine\fil5CD77B9A.dat

Fri Sep 08 10:58:32 2006 => Scanning File C:\Program Files\ewido anti-spyware 4.0\Quarantine\fil701C7881.dat

Fri Sep 08 10:58:32 2006 => Scanning File C:\Program Files\ewido anti-spyware 4.0\Quarantine\fil752F5C40.dat

Fri Sep 08 10:58:32 2006 => Scanning File C:\Program Files\ewido anti-spyware 4.0\Quarantine\fil89590FE4.dat

Fri Sep 08 10:58:32 2006 => Scanning File C:\Program Files\ewido anti-spyware 4.0\Quarantine\fil8D772400.dat

Fri Sep 08 10:58:32 2006 => Scanning File C:\Program Files\ewido anti-spyware 4.0\Quarantine\fil9289C791.dat

Fri Sep 08 10:58:32 2006 => Scanning File C:\Program Files\ewido anti-spyware 4.0\Quarantine\fil987FBE24.dat

Fri Sep 08 10:58:32 2006 => Scanning File C:\Program Files\ewido anti-spyware 4.0\Quarantine\filA0BDCCA4.dat

Fri Sep 08 10:58:33 2006 => Scanning File C:\Program Files\ewido anti-spyware 4.0\Quarantine\filA6B40351.dat

Fri Sep 08 10:58:33 2006 => Scanning File C:\Program Files\ewido anti-spyware 4.0\Quarantine\filA6B40352.dat

Fri Sep 08 10:58:33 2006 => Scanning File C:\Program Files\ewido anti-spyware 4.0\Quarantine\filA6B40353.dat

Fri Sep 08 10:58:33 2006 => Scanning File C:\Program Files\ewido anti-spyware 4.0\Quarantine\filABC44000.dat

Fri Sep 08 10:58:33 2006 => Scanning File C:\Program Files\ewido anti-spyware 4.0\Quarantine\filAFE43A64.dat

Fri Sep 08 10:58:33 2006 => Scanning File C:\Program Files\ewido anti-spyware 4.0\Quarantine\filAFE43A65.dat

Fri Sep 08 10:58:33 2006 => Scanning File C:\Program Files\ewido anti-spyware 4.0\Quarantine\filB5DAB571.dat

Fri Sep 08 10:58:33 2006 => Scanning File C:\Program Files\ewido anti-spyware 4.0\Quarantine\filB9F867E1.dat

Fri Sep 08 10:58:33 2006 => Scanning File C:\Program Files\ewido anti-spyware 4.0\Quarantine\filBF0AAA24.dat

Fri Sep 08 10:58:33 2006 => Scanning File C:\Program Files\ewido anti-spyware 4.0\Quarantine\filC91EFAC1.dat

Fri Sep 08 10:58:33 2006 => Scanning File C:\Program Files\ewido anti-spyware 4.0\Quarantine\filC91EFAC2.dat

Fri Sep 08 10:58:33 2006 => Scanning File C:\Program Files\ewido anti-spyware 4.0\Quarantine\filD6770604.dat

Fri Sep 08 10:58:33 2006 => Scanning File C:\Program Files\ewido anti-spyware 4.0\Quarantine\filD8458FA1.dat

Fri Sep 08 10:58:33 2006 => Scanning File C:\Program Files\ewido anti-spyware 4.0\Quarantine\filDC652859.dat

Fri Sep 08 10:58:33 2006 => Scanning File C:\Program Files\ewido anti-spyware 4.0\Quarantine\filE25C6C40.dat

Fri Sep 08 10:58:33 2006 => Scanning File C:\Program Files\ewido anti-spyware 4.0\Quarantine\filEB8B9DF9.dat

Fri Sep 08 10:58:33 2006 => Scanning File C:\Program Files\ewido anti-spyware 4.0\Quarantine\filEFAD3E39.dat

Fri Sep 08 10:58:33 2006 => Scanning File C:\Program Files\ewido anti-spyware 4.0\Quarantine\filF5A055C4.dat

Fri Sep 08 10:58:33 2006 => Scanning File C:\Program Files\ewido anti-spyware 4.0\Quarantine\filF9BFAE10.dat

Fri Sep 08 10:58:33 2006 => Scanning File C:\Program Files\ewido anti-spyware 4.0\Quarantine\filF9BFAE11.dat

Fri Sep 08 10:58:33 2006 => Scanning File C:\Program Files\ewido anti-spyware 4.0\Quarantine\filF9BFAE12.dat

Fri Sep 08 10:58:33 2006 => Scanning File C:\Program Files\ewido anti-spyware 4.0\Quarantine\filF9BFAE13.dat

Fri Sep 08 10:58:33 2006 => Scanning File C:\Program Files\ewido anti-spyware 4.0\Quarantine\filF9BFAE14.dat

Fri Sep 08 10:58:33 2006 => Scanning File C:\Program Files\ewido anti-spyware 4.0\Quarantine\filF9BFAE15.dat

Fri Sep 08 10:58:33 2006 => Scanning File C:\Program Files\ewido anti-spyware 4.0\Quarantine\reg3DAB5D21.dat

Fri Sep 08 10:58:33 2006 => Scanning File C:\Program Files\ewido anti-spyware 4.0\Quarantine\reg5BF7DCE1.dat

Fri Sep 08 10:58:33 2006 => Scanning File C:\Program Files\ewido anti-spyware 4.0\Quarantine\reg5BF7DCE2.dat

 

Fri Sep 08 10:59:14 2006 => *** File C:\Program Files\Fichiers communs\Java\Update\Base Images\j2re1.4.2-b28\core1.zip having Size Restriction ***

Fri Sep 08 10:59:14 2006 => Scanning File C:\Program Files\Fichiers communs\Java\Update\Base Images\j2re1.4.2-b28\core1.zip [**]

Fri Sep 08 10:59:14 2006 => *** File C:\Program Files\Fichiers communs\Java\Update\Base Images\j2re1.4.2-b28\core2.zip having Size Restriction ***

Fri Sep 08 10:59:14 2006 => Scanning File C:\Program Files\Fichiers communs\Java\Update\Base Images\j2re1.4.2-b28\core2.zip [**]

 

Fri Sep 08 11:00:18 2006 => *** File C:\Program Files\Fichiers communs\Microsoft Shared\Office10\MSO.DLL having Size Restriction ***

Fri Sep 08 11:00:18 2006 => Scanning File C:\Program Files\Fichiers communs\Microsoft Shared\Office10\MSO.DLL [**]

 

Fri Sep 08 11:00:22 2006 => *** File C:\Program Files\Fichiers communs\Microsoft Shared\Proof\MSGR3GE.LEX having Size Restriction ***

Fri Sep 08 11:00:22 2006 => Scanning File C:\Program Files\Fichiers communs\Microsoft Shared\Proof\MSGR3GE.LEX [**]

 

Fri Sep 08 11:00:31 2006 => *** File C:\Program Files\Fichiers communs\Microsoft Shared\Translat\ENAR\MSB1ENAR.ITS having Size Restriction ***

Lien vers le commentaire
Partager sur d’autres sites
Arnaud 44 Junior Member

Arnaud 44

Posté(e)
  • Auteur
Posté(e)

Oups, il manquait la fin du rapport eScan :P

 

A suivre :

 

ri Sep 08 11:00:31 2006 => *** File C:\Program Files\Fichiers communs\Microsoft Shared\Translat\ENFR\MSB1ENFR.ITS having Size Restriction ***

Fri Sep 08 11:00:31 2006 => Scanning File C:\Program Files\Fichiers communs\Microsoft Shared\Translat\ENFR\MSB1ENFR.ITS [**]

 

Fri Sep 08 11:00:31 2006 => *** File C:\Program Files\Fichiers communs\Microsoft Shared\Translat\ENGE\MSB1ENGE.ITS having Size Restriction ***

Fri Sep 08 11:00:31 2006 => Scanning File C:\Program Files\Fichiers communs\Microsoft Shared\Translat\ENGE\MSB1ENGE.ITS [**]

 

Fri Sep 08 11:00:31 2006 => *** File C:\Program Files\Fichiers communs\Microsoft Shared\Translat\FRAR\MSB1FRAR.ITS having Size Restriction ***

Fri Sep 08 11:00:31 2006 => Scanning File C:\Program Files\Fichiers communs\Microsoft Shared\Translat\FRAR\MSB1FRAR.ITS [**]

 

Fri Sep 08 11:00:31 2006 => *** File C:\Program Files\Fichiers communs\Microsoft Shared\Translat\FREN\MSB1FREN.ITS having Size Restriction ***

Fri Sep 08 11:00:31 2006 => Scanning File C:\Program Files\Fichiers communs\Microsoft Shared\Translat\FREN\MSB1FREN.ITS [**]

 

Fri Sep 08 11:00:31 2006 => *** File C:\Program Files\Fichiers communs\Microsoft Shared\Translat\GEEN\MSB1GEEN.ITS having Size Restriction ***

Fri Sep 08 11:00:31 2006 => Scanning File C:\Program Files\Fichiers communs\Microsoft Shared\Translat\GEEN\MSB1GEEN.ITS [**]

 

Fri Sep 08 11:04:07 2006 => *** File C:\Program Files\Java\j2re1.4.2_05\lib\rt.jar having Size Restriction ***

Fri Sep 08 11:04:07 2006 => Scanning File C:\Program Files\Java\j2re1.4.2_05\lib\rt.jar [**]

 

Fri Sep 08 11:04:47 2006 => C:\Program Files\Lavasoft\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask not Scanned. Possibly password protected...

 

Fri Sep 08 11:08:18 2006 => *** File C:\Program Files\microsoft office\office10\W2K2\OFFICE1.CAB having Size Restriction ***

Fri Sep 08 11:08:18 2006 => Scanning File C:\Program Files\microsoft office\office10\W2K2\OFFICE1.CAB [**]

 

Fri Sep 08 11:08:19 2006 => *** File C:\Program Files\microsoft office\office10\WINWORD.EXE having Size Restriction ***

Fri Sep 08 11:08:19 2006 => Scanning File C:\Program Files\microsoft office\office10\WINWORD.EXE [**]

 

Fri Sep 08 11:08:59 2006 => *** File C:\Program Files\Mozilla Firefox\firefox.exe having Size Restriction ***

Fri Sep 08 11:08:59 2006 => Scanning File C:\Program Files\Mozilla Firefox\firefox.exe [**]

 

Fri Sep 08 11:09:06 2006 => *** File C:\Program Files\MSN Messenger\msnmsgr.exe having Size Restriction ***

Fri Sep 08 11:09:06 2006 => Scanning File C:\Program Files\MSN Messenger\msnmsgr.exe [**]

 

Fri Sep 08 11:12:44 2006 => *** File C:\Program Files\QuickTime\QTSystem\QuickTime.qts having Size Restriction ***

Fri Sep 08 11:12:44 2006 => Scanning File C:\Program Files\QuickTime\QTSystem\QuickTime.qts [**]

 

Fri Sep 08 11:13:37 2006 => *** File C:\Program Files\QuickTime\QuickTimePlayer.exe having Size Restriction ***

Fri Sep 08 11:13:37 2006 => Scanning File C:\Program Files\QuickTime\QuickTimePlayer.exe [**]

Fri Sep

Fri Sep 08 11:16:52 2006 => *** File C:\Program Files\Securitoo\av_fw\backweb\1044199\6.1.4.58-1044199L\Install\LiteInst.exe having Size Restriction ***

Fri Sep 08 11:16:52 2006 => Scanning File C:\Program Files\Securitoo\av_fw\backweb\1044199\6.1.4.58-1044199L\Install\LiteInst.exe [**]

Fri Sep

Fri Sep 08 11:16:59 2006 => *** File C:\Program Files\Securitoo\av_fw\backweb\1044199\Users\Default\Data\6281\e63463c\pex_4.63-64.jar having Size Restriction ***

Fri Sep 08 11:16:59 2006 => Scanning File C:\Program Files\Securitoo\av_fw\backweb\1044199\Users\Default\Data\6281\e63463c\pex_4.63-64.jar [**]

Fri Sep

Fri Sep 08 11:20:40 2006 => *** File C:\Program Files\Uninstall Information\ieupdate\ieupdate.DAT having Size Restriction ***

Fri Sep 08 11:20:40 2006 => Scanning File C:\Program Files\Uninstall Information\ieupdate\ieupdate.DAT [**]

 

 

Fri Sep 08 11:20:40 2006 => *** File C:\Program Files\Uninstall Information\oeupdate\oeupdate.DAT having Size Restriction ***

Fri Sep 08 11:20:40 2006 => Scanning File C:\Program Files\Uninstall Information\oeupdate\oeupdate.DAT [**]

 

Fri Sep 08 11:20:48 2006 => *** File C:\Program Files\Wanadoo\Download\KitWanadoo.exe having Size Restriction ***

Fri Sep 08 11:20:48 2006 => Scanning File C:\Program Files\Wanadoo\Download\KitWanadoo.exe [**]

 

Fri Sep 08 11:29:48 2006 => *** File C:\WINDOWS\$hf_mig$\KB890047\SP2GDR\shell32.dll having Size Restriction ***

Fri Sep 08 11:29:48 2006 => Scanning File C:\WINDOWS\$hf_mig$\KB890047\SP2GDR\shell32.dll [**]

 

Fri Sep 08 11:29:48 2006 => *** File C:\WINDOWS\$hf_mig$\KB890047\SP2QFE\shell32.dll having Size Restriction ***

Fri Sep 08 11:29:48 2006 => Scanning File C:\WINDOWS\$hf_mig$\KB890047\SP2QFE\shell32.dll [**]

 

Fri Sep 08 11:29:54 2006 => *** File C:\WINDOWS\$hf_mig$\KB893086\SP2GDR\shell32.dll having Size Restriction ***

Fri Sep 08 11:29:54 2006 => Scanning File C:\WINDOWS\$hf_mig$\KB893086\SP2GDR\shell32.dll [**]

Fri Sep 08 11:29:54 2006 => Scanning Folder: C:\WINDOWS\$hf_mig$\KB893086\SP2QFE\*.*

Fri Sep 08 11:29:54 2006 => *** File C:\WINDOWS\$hf_mig$\KB893086\SP2QFE\shell32.dll having Size Restriction ***

Fri Sep 08 11:29:54 2006 => Scanning File C:\WINDOWS\$hf_mig$\KB893086\SP2QFE\shell32.dll [**]

 

Fri Sep 08 11:30:08 2006 => *** File C:\WINDOWS\$hf_mig$\KB900725\SP2GDR\shell32.dll having Size Restriction ***

Fri Sep 08 11:30:08 2006 => Scanning File C:\WINDOWS\$hf_mig$\KB900725\SP2GDR\shell32.dll [**]

 

Fri Sep 08 11:30:09 2006 => *** File C:\WINDOWS\$hf_mig$\KB900725\SP2QFE\shell32.dll having Size Restriction ***

Fri Sep 08 11:30:09 2006 => Scanning File C:\WINDOWS\$hf_mig$\KB900725\SP2QFE\shell32.dll [**]

Fri Sep 08 11:30:50 2006 => *** File C:\WINDOWS\$hf_mig$\KB921398\SP2QFE\shell32.dll having Size Restriction ***

Fri Sep 08 11:30:50 2006 => Scanning File C:\WINDOWS\$hf_mig$\KB921398\SP2QFE\shell32.dll [**]

 

Fri Sep 08 11:32:40 2006 => *** File C:\WINDOWS\$NtServicePackUninstall$\jn13xjhz.zip having Size Restriction ***

Fri Sep 08 11:32:40 2006 => Scanning File C:\WINDOWS\$NtServicePackUninstall$\jn13xjhz.zip [**]

 

Fri Sep 08 11:35:19 2006 => *** File C:\WINDOWS\$NtServicePackUninstall$\shell32.dll having Size Restriction ***

Fri Sep 08 11:35:19 2006 => Scanning File C:\WINDOWS\$NtServicePackUninstall$\shell32.dll [**]

 

Fri Sep 08 11:36:34 2006 => *** File C:\WINDOWS\$NtUninstallKB917734_WMP10$\wmp.dll having Size Restriction ***

Fri Sep 08 11:36:34 2006 => Scanning File C:\WINDOWS\$NtUninstallKB917734_WMP10$\wmp.dll [**]

 

Fri Sep 08 11:36:47 2006 => *** File C:\WINDOWS\$NtUninstallKB921398$\shell32.dll having Size Restriction ***

Fri Sep 08 11:36:47 2006 => Scanning File C:\WINDOWS\$NtUninstallKB921398$\shell32.dll [**]

 

Fri Sep 08 11:37:08 2006 => *** File C:\WINDOWS\Cache\Adobe Reader 6.0.1\FRAMIN\Data1.cab having Size Restriction ***

Fri Sep 08 11:37:08 2006 => Scanning File C:\WINDOWS\Cache\Adobe Reader 6.0.1\FRAMIN\Data1.cab [**]

 

Fri Sep 08 11:37:12 2006 => *** File C:\WINDOWS\Downloaded Installations\{574598EF-8D3C-45D3-85AE-E15F91F27985}\Adobe Photoshop Album 2 ED.msi having Size Restriction ***

Fri Sep 08 11:37:12 2006 => Scanning File C:\WINDOWS\Downloaded Installations\{574598EF-8D3C-45D3-85AE-E15F91F27985}\Adobe Photoshop Album 2 ED.msi [**]

 

Fri Sep 08 11:37:17 2006 => *** File C:\WINDOWS\Downloaded Installations\{59C4F14F-7590-45FC-BE9F-A67AB3590709}\iTunes.cab having Size Restriction ***

Fri Sep 08 11:37:17 2006 => Scanning File C:\WINDOWS\Downloaded Installations\{59C4F14F-7590-45FC-BE9F-A67AB3590709}\iTunes.cab [**]

Fri Sep 08 11:37:17 2006 => *** File C:\WINDOWS\Downloaded Installations\{59C4F14F-7590-45FC-BE9F-A67AB3590709}\iTunes.msi having Size Restriction ***

Fri Sep 08 11:37:17 2006 => Scanning File C:\WINDOWS\Downloaded Installations\{59C4F14F-7590-45FC-BE9F-A67AB3590709}\iTunes.msi [**]

 

Fri Sep 08 11:37:18 2006 => *** File C:\WINDOWS\Downloaded Installations\{59C4F14F-7590-45FC-BE9F-A67AB3590709}\QuickTimeInstaller.exe having Size Restriction ***

Fri Sep 08 11:37:18 2006 => Scanning File C:\WINDOWS\Downloaded Installations\{59C4F14F-7590-45FC-BE9F-A67AB3590709}\QuickTimeInstaller.exe [**]

 

Fri Sep 08 11:37:23 2006 => *** File C:\WINDOWS\Driver Cache\i386\DRIVER.CAB having Size Restriction ***

Fri Sep 08 11:37:23 2006 => Scanning File C:\WINDOWS\Driver Cache\i386\DRIVER.CAB [**]

 

Fri Sep 08 11:37:24 2006 => *** File C:\WINDOWS\Driver Cache\i386\sp1.cab having Size Restriction ***

Fri Sep 08 11:37:24 2006 => Scanning File C:\WINDOWS\Driver Cache\i386\sp1.cab [**]

Fri Sep 08 11:37:24 2006 => *** File C:\WINDOWS\Driver Cache\i386\sp2.cab having Size Restriction ***

Fri Sep 08 11:37:24 2006 => Scanning File C:\WINDOWS\Driver Cache\i386\sp2.cab [**]

 

Fri Sep 08 11:37:27 2006 => *** File C:\WINDOWS\Fonts\ARIALUNI.TTF having Size Restriction ***

Fri Sep 08 11:37:27 2006 => Scanning File C:\WINDOWS\Fonts\ARIALUNI.TTF [**]

 

Fri Sep 08 11:37:27 2006 => *** File C:\WINDOWS\Fonts\batang.ttc having Size Restriction ***

Fri Sep 08 11:37:27 2006 => Scanning File C:\WINDOWS\Fonts\batang.ttc [**]

 

Fri Sep 08 11:37:31 2006 => *** File C:\WINDOWS\Fonts\gulim.ttc having Size Restriction ***

Fri Sep 08 11:37:31 2006 => Scanning File C:\WINDOWS\Fonts\gulim.ttc [**]

 

Fri Sep 08 11:37:33 2006 => *** File C:\WINDOWS\Fonts\mingliu.ttc having Size Restriction ***

Fri Sep 08 11:37:33 2006 => Scanning File C:\WINDOWS\Fonts\mingliu.ttc [**]

 

Fri Sep 08 11:37:33 2006 => *** File C:\WINDOWS\Fonts\msgothic.ttc having Size Restriction ***

Fri Sep 08 11:37:33 2006 => Scanning File C:\WINDOWS\Fonts\msgothic.ttc [**]

Fri Sep 08 11:37:33 2006 => *** File C:\WINDOWS\Fonts\msmincho.ttc having Size Restriction ***

Fri Sep 08 11:37:33 2006 => Scanning File C:\WINDOWS\Fonts\msmincho.ttc [**]

 

Fri Sep 08 11:37:35 2006 => *** File C:\WINDOWS\Fonts\simhei.ttf having Size Restriction ***

Fri Sep 08 11:37:35 2006 => Scanning File C:\WINDOWS\Fonts\simhei.ttf [**]

 

Fri Sep 08 11:37:35 2006 => *** File C:\WINDOWS\Fonts\simsun.ttc having Size Restriction ***

Fri Sep 08 11:37:35 2006 => Scanning File C:\WINDOWS\Fonts\simsun.ttc [**]

 

Fri Sep 08 11:39:37 2006 => *** File C:\WINDOWS\Help\Tours\mmTour\segment5.swf having Size Restriction ***

Fri Sep 08 11:39:37 2006 => Scanning File C:\WINDOWS\Help\Tours\mmTour\segment5.swf [**]

 

Fri Sep 08 11:42:01 2006 => *** File C:\WINDOWS\I386\DRIVER.CAB having Size Restriction ***

Fri Sep 08 11:42:01 2006 => Scanning File C:\WINDOWS\I386\DRIVER.CAB [**]

 

Fri Sep 08 11:43:04 2006 => *** File C:\WINDOWS\I386\LANG\BATANG.TT_ having Size Restriction ***

Fri Sep 08 11:43:04 2006 => Scanning File C:\WINDOWS\I386\LANG\BATANG.TT_ [**]

 

Fri Sep 08 11:43:12 2006 => *** File C:\WINDOWS\I386\LANG\HWXCHT.DL_ having Size Restriction ***

Fri Sep 08 11:43:12 2006 => Scanning File C:\WINDOWS\I386\LANG\HWXCHT.DL_ [**]

Fri Sep 08 11:43:12 2006 => *** File C:\WINDOWS\I386\LANG\HWXJPN.DL_ having Size Restriction ***

Fri Sep 08 11:43:12 2006 => Scanning File C:\WINDOWS\I386\LANG\HWXJPN.DL_ [**]

Fri Sep 08 11:43:12 2006 => *** File C:\WINDOWS\I386\LANG\HWXKOR.DL_ having Size Restriction ***

Fri Sep 08 11:43:12 2006 => Scanning File C:\WINDOWS\I386\LANG\HWXKOR.DL_ [**]

 

Fri Sep 08 11:43:39 2006 => *** File C:\WINDOWS\I386\LANG\IMJPNM.DI_ having Size Restriction ***

Fri Sep 08 11:43:39 2006 => Scanning File C:\WINDOWS\I386\LANG\IMJPNM.DI_ [**]

 

Fri Sep 08 11:43:58 2006 => *** File C:\WINDOWS\I386\LANG\IMJPST.DI_ having Size Restriction ***

Fri Sep 08 11:43:58 2006 => Scanning File C:\WINDOWS\I386\LANG\IMJPST.DI_ [**]

Fri Sep 08 11:44:22 2006 => *** File C:\WINDOWS\I386\LANG\PINTLGS.IM_ having Size Restriction ***

Fri Sep 08 11:44:22 2006 => Scanning File C:\WINDOWS\I386\LANG\PINTLGS.IM_ [**]

 

Fri Sep 08 11:46:11 2006 => *** File C:\WINDOWS\I386\OEMBIOS.BI_ having Size Restriction ***

Fri Sep 08 11:46:11 2006 => Scanning File C:\WINDOWS\I386\OEMBIOS.BI_ [**]

 

Fri Sep 08 11:46:27 2006 => *** File C:\WINDOWS\I386\PER_SEG5.SW_ having Size Restriction ***

Fri Sep 08 11:46:27 2006 => Scanning File C:\WINDOWS\I386\PER_SEG5.SW_ [**]

 

Fri Sep 08 11:47:09 2006 => *** File C:\WINDOWS\I386\SP1.CAB having Size Restriction ***

Fri Sep 08 11:47:09 2006 => Scanning File C:\WINDOWS\I386\SP1.CAB [**]

Fri Sep 08 11:48:40 2006 => *** File C:\WINDOWS\ime\CHTIME\Applets\HWXCHT.DLL having Size Restriction ***

Fri Sep 08 11:48:40 2006 => Scanning File C:\WINDOWS\ime\CHTIME\Applets\HWXCHT.DLL [**]

 

Fri Sep 08 11:48:40 2006 => *** File C:\WINDOWS\ime\imjp8_1\applets\hwxjpn.dll having Size Restriction ***

Fri Sep 08 11:48:40 2006 => Scanning File C:\WINDOWS\ime\imjp8_1\applets\hwxjpn.dll [**]

 

Fri Sep 08 11:48:41 2006 => *** File C:\WINDOWS\ime\imjp8_1\DICTS\imjpnm.dic having Size Restriction ***

Fri Sep 08 11:48:41 2006 => Scanning File C:\WINDOWS\ime\imjp8_1\DICTS\imjpnm.dic [**]

Fri Sep 08 11:48:41 2006 => *** File C:\WINDOWS\ime\imjp8_1\DICTS\imjpst.dic having Size Restriction ***

Fri Sep 08 11:48:41 2006 => Scanning File C:\WINDOWS\ime\imjp8_1\DICTS\imjpst.dic [**]

Fri Sep 08 11:48:41 2006 => *** File C:\WINDOWS\ime\imjp8_1\DICTS\imjpzp.dic having Size Restriction ***

Fri Sep 08 11:48:41 2006 => Scanning File C:\WINDOWS\ime\imjp8_1\DICTS\imjpzp.dic [**]

 

Fri Sep 08 11:49:35 2006 => *** File C:\WINDOWS\ime\imkr6_1\applets\hwxkor.dll having Size Restriction ***

Fri Sep 08 11:49:35 2006 => Scanning File C:\WINDOWS\ime\imkr6_1\applets\hwxkor.dll [**]

 

Fri Sep 08 11:50:37 2006 => *** File C:\WINDOWS\Installer\1074ee3.msi having Size Restriction ***

Fri Sep 08 11:50:37 2006 => Scanning File C:\WINDOWS\Installer\1074ee3.msi [**]

 

Fri Sep 08 11:50:40 2006 => *** File C:\WINDOWS\Installer\18a3cf3.msp having Size Restriction ***

Fri Sep 08 11:50:40 2006 => Scanning File C:\WINDOWS\Installer\18a3cf3.msp [**]

 

Fri Sep 08 11:50:42 2006 => *** File C:\WINDOWS\Installer\21a57b.msp having Size Restriction ***

Fri Sep 08 11:50:42 2006 => Scanning File C:\WINDOWS\Installer\21a57b.msp [**]

 

Fri Sep 08 11:50:45 2006 => *** File C:\WINDOWS\Installer\2f10e1.msp having Size Restriction ***

Fri Sep 08 11:50:45 2006 => Scanning File C:\WINDOWS\Installer\2f10e1.msp [**]

 

Fri Sep 08 11:50:46 2006 => *** File C:\WINDOWS\Installer\3dffd3.msp having Size Restriction ***

Fri Sep 08 11:50:46 2006 => Scanning File C:\WINDOWS\Installer\3dffd3.msp [**]

 

Fri Sep 08 11:50:48 2006 => *** File C:\WINDOWS\Installer\569587.msp having Size Restriction ***

Fri Sep 08 11:50:48 2006 => Scanning File C:\WINDOWS\Installer\569587.msp [**]

Fri Sep 08 11:50:48 2006 => *** File C:\WINDOWS\Installer\56971d.msp having Size Restriction ***

Fri Sep 08 11:50:48 2006 => Scanning File C:\WINDOWS\Installer\56971d.msp [**]

 

Fri Sep 08 11:50:59 2006 => *** File C:\WINDOWS\Installer\MSN Messenger 7.5.0311\MsnMsgs.Msi having Size Restriction ***

Fri Sep 08 11:50:59 2006 => Scanning File C:\WINDOWS\Installer\MSN Messenger 7.5.0311\MsnMsgs.Msi [**]

 

Fri Sep 08 11:51:06 2006 => *** File C:\WINDOWS\java\Packages\JN13XJHZ.ZIP having Size Restriction ***

Fri Sep 08 11:51:06 2006 => Scanning File C:\WINDOWS\java\Packages\JN13XJHZ.ZIP [**]

Fri Sep 08 11:51:57 2006 => *** File C:\WINDOWS\PCHealth\HelpCtr\Database\HCdata.edb having Size Restriction ***

Fri Sep 08 11:51:57 2006 => Scanning File C:\WINDOWS\PCHealth\HelpCtr\Database\HCdata.edb [**]

Fri Sep 08 11:52:05 2006 => *** File C:\WINDOWS\PCHealth\HelpCtr\DataColl\CollectedData_6583.xml having Size Restriction ***

Fri Sep 08 11:52:05 2006 => Scanning File C:\WINDOWS\PCHealth\HelpCtr\DataColl\CollectedData_6583.xml [**]

Fri Sep 08 11:52:06 2006 => *** File C:\WINDOWS\PCHealth\HelpCtr\DataColl\CollectedData_6584.xml having Size Restriction ***

Fri Sep 08 11:52:06 2006 => Scanning File C:\WINDOWS\PCHealth\HelpCtr\DataColl\CollectedData_6584.xml [**]

 

Fri Sep 08 11:53:01 2006 => *** File C:\WINDOWS\RegisteredPackages\{DD90D410-1823-43EB-9A16-A2331BF08799}\wmp.dll having Size Restriction ***

Fri Sep 08 11:53:01 2006 => Scanning File C:\WINDOWS\RegisteredPackages\{DD90D410-1823-43EB-9A16-A2331BF08799}\wmp.dll [**]

 

Fri Sep 08 11:53:13 2006 => File C:\WINDOWS\RESTORE.INS tagged as not-a-virus:NetTool.Win32.PsKill. No Action Taken.

 

Fri Sep 08 11:54:50 2006 => *** File C:\WINDOWS\ServicePackFiles\i386\lang\pintlgs.imd having Size Restriction ***

Fri Sep 08 11:54:50 2006 => Scanning File C:\WINDOWS\ServicePackFiles\i386\lang\pintlgs.imd [**]

Fri Sep 08 11:56:06 2006 => *** File C:\WINDOWS\ServicePackFiles\i386\shell32.dll having Size Restriction ***

Fri Sep 08 11:56:06 2006 => Scanning File C:\WINDOWS\ServicePackFiles\i386\shell32.dll [**]

Fri Sep 08 11:56:10 2006 => *** File C:\WINDOWS\ServicePackFiles\i386\sp2.cab having Size Restriction ***

Fri Sep 08 11:56:10 2006 => Scanning File C:\WINDOWS\ServicePackFiles\i386\sp2.cab [**]

 

Fri Sep 08 11:57:12 2006 => File C:\WINDOWS\system\RESTORE.INS tagged as not-a-virus:NetTool.Win32.PsKill. No Action Taken.

 

Fri Sep 08 11:57:53 2006 => ERROR!!! ScanFile fails for C:\WINDOWS\system32\config\AppEvent.Evt

Fri Sep 08 11:57:53 2006 => ERROR!!! ScanFile fails for C:\WINDOWS\system32\config\DEFAULT

Fri Sep 08 11:57:53 2006 => ERROR!!! ScanFile fails for C:\WINDOWS\system32\config\default.LOG

Fri Sep 08 11:57:53 2006 => ERROR!!! ScanFile fails for C:\WINDOWS\system32\config\SAM

Fri Sep 08 11:57:53 2006 => ERROR!!! ScanFile fails for C:\WINDOWS\system32\config\SAM.LOG

Fri Sep 08 11:57:53 2006 => ERROR!!! ScanFile fails for C:\WINDOWS\system32\config\SecEvent.Evt

Fri Sep 08 11:57:53 2006 => ERROR!!! ScanFile fails for C:\WINDOWS\system32\config\SECURITY

Fri Sep 08 11:57:53 2006 => ERROR!!! ScanFile fails for C:\WINDOWS\system32\config\SECURITY.LOG

Fri Sep 08 11:57:53 2006 => *** File C:\WINDOWS\system32\config\SOFTWARE having Size Restriction ***

Fri Sep 08 11:57:53 2006 => Scanning File C:\WINDOWS\system32\config\SOFTWARE [**]

Fri Sep 08 11:57:53 2006 => Scanning File C:\WINDOWS\system32\config\software.LOG

Fri Sep 08 11:57:53 2006 => ERROR!!! ScanFile fails for C:\WINDOWS\system32\config\software.LOG

Fri Sep 08 11:57:53 2006 => Scanning File C:\WINDOWS\system32\config\software.sav

Fri Sep 08 11:57:53 2006 => Scanning File C:\WINDOWS\system32\config\SysEvent.Evt

Fri Sep 08 11:57:53 2006 => ERROR!!! ScanFile fails for C:\WINDOWS\system32\config\SysEvent.Evt

Fri Sep 08 11:57:53 2006 => ERROR!!! ScanFile fails for C:\WINDOWS\system32\config\system.LOG

 

 

Fri Sep 08 12:02:59 2006 => ERROR!!! ScanFile fails for C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP

 

 

Fri Sep 08 12:03:42 2006 => ***** Checking for specific ITW Viruses *****

Fri Sep 08 12:03:42 2006 => Checking for Welchia Virus...

Fri Sep 08 12:03:42 2006 => Checking for LovGate Virus...

Fri Sep 08 12:03:42 2006 => Checking for CodeRed Virus...

Fri Sep 08 12:03:42 2006 => Checking for OpaServ Virus...

Fri Sep 08 12:03:42 2006 => Checking for Sobig.e Virus...

Fri Sep 08 12:03:42 2006 => Checking for Winupie Virus...

Fri Sep 08 12:03:42 2006 => Checking for Swen Virus...

Fri Sep 08 12:03:42 2006 => Checking for JS.Fortnight Virus...

Fri Sep 08 12:03:42 2006 => Checking for Novarg Virus...

Fri Sep 08 12:03:42 2006 => Checking for Pagabot Virus...

Fri Sep 08 12:03:42 2006 => Checking for Parite.b Virus...

Fri Sep 08 12:03:42 2006 => Checking for Parite.a Virus...

 

Fri Sep 08 12:03:42 2006 => ***** Scanning complete. *****

 

Fri Sep 08 12:03:42 2006 => Total Number of Files Scanned: 90623

Fri Sep 08 12:03:42 2006 => Total Number of Virus(es) Found: 41

Fri Sep 08 12:03:42 2006 => Total Number of Disinfected Files: 0

Fri Sep 08 12:03:42 2006 => Total Number of Files Renamed: 6

Fri Sep 08 12:03:42 2006 => Total Number of Deleted Files: 28

Fri Sep 08 12:03:42 2006 => Total Number of Errors: 96

Fri Sep 08 12:03:42 2006 => Time Elapsed: 01:48:28

Fri Sep 08 12:03:42 2006 => Virus Database Date: 2006/08/23

Fri Sep 08 12:03:42 2006 => Virus Database Count: 217614

 

Fri Sep 08 12:03:42 2006 => Scan Completed.

Lien vers le commentaire
Partager sur d’autres sites

Rejoindre la conversation

Vous pouvez publier maintenant et vous inscrire plus tard. Si vous avez un compte, connectez-vous maintenant pour publier avec votre compte.
Remarque : votre message nécessitera l’approbation d’un modérateur avant de pouvoir être visible.

Invité
Répondre à ce sujet…

×   Collé en tant que texte enrichi.   Coller en tant que texte brut à la place

  Seulement 75 émoticônes maximum sont autorisées.

×   Votre lien a été automatiquement intégré.   Afficher plutôt comme un lien

×   Votre contenu précédent a été rétabli.   Vider l’éditeur

×   Vous ne pouvez pas directement coller des images. Envoyez-les depuis votre ordinateur ou insérez-les depuis une URL.

×
 Partager
Aller sur la liste des sujets

  • En ligne récemment   0 membre est en ligne

    • Aucun utilisateur enregistré regarde cette page.
×
×
  • Créer...