Bonjour à tous,
 
CEla fait maintenant un bon moment que Avast me signale la présence du virus suivant, et plusieurs fois par jour!!! c'est trés fatiguant..
 
Horst-IJ[trj]
 
Voilà à propos ce que le journal Avast enregistre quotidiennement, après que j'eu mis le fichier en quarantaine:
26/09/2007 14:12:14 SYSTEM 1948 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\UTILIS~1\LOCALS~1\Temp\20exinjs.aa.exe\[UPX]" file.
 
Enfin voici le rapport de Hijackthis:
 
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:23:43, on 26/09/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16512)
Boot mode: Normal
 
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Synaptics\SynTP\Toshiba.exe
C:\Program Files\ltmoh\Ltmoh.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe
C:\WINDOWS\system32\TPSMain.exe
C:\Program Files\TOSHIBA\Tvs\TvsTray.exe
C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe
C:\Program Files\TOSHIBA\Commandes TOSHIBA\TFncKy.exe
C:\WINDOWS\system32\TDispVol.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\TPSBattM.exe
C:\Program Files\Utimaco\SafeGuard Easy\Ecview.exe
C:\Program Files\Utimaco\SafeGuard Easy\uerlkupn.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Club-Internet\Agent Wi-Fi V2.1\McciTrayApp.exe
C:\PROGRA~1\CLUB-I~1\LECOMP~1\SMARTB~1\MotiveSB.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\vVX1000.exe
C:\Program Files\e-Carte Bleue\SG\e-Carte Bleue\ECB-SG.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Microsoft LifeCam\MSCamS32.exe
c:\Program Files\Utimaco\SafeGuard Easy\SgeCtl.exe
c:\WINDOWS\system32\SgLogPlayer.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Toshiba\TOSHIBA Applet\TAPPSRV.exe
C:\Program Files\3M\PSNLite\PsnLite.exe
C:\PROGRA~1\3M\PSNLite\PSNGive.exe
C:\Program Files\Club-Internet\Le Compagnon Club\bin\mpbtn.exe
c:\Program Files\Utimaco\SafeGuard Easy\WksCfgSrv.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Alwil Software\Avast4\ashLogV.exe
C:\Program Files\WinAce\WinAce.exe
C:\DOCUME~1\UTILIS~1\LOCALS~1\Temp\~AceTemp\HiJackThis\HijackThis.exe
 
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer avec Club-Internet
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: e-Carte Bleue Browser Helper Object - {2E03C0FD-4C48-43A7-9A54-00240C70FF16} - C:\WINDOWS\system32\BhoECart.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: RXResultTracker Class - {59879FA4-4790-461c-A1CC-4EC4DE4CA483} - C:\Program Files\RXToolBar\sfcont.dll (file missing)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [LtMoh] C:\Program Files\ltmoh\Ltmoh.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [THotkey] C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe
O4 - HKLM\..\Run: [TPSMain] TPSMain.exe
O4 - HKLM\..\Run: [Tvs] C:\Program Files\TOSHIBA\Tvs\TvsTray.exe
O4 - HKLM\..\Run: [SmoothView] C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe
O4 - HKLM\..\Run: [TFncKy] TFncKy.exe
O4 - HKLM\..\Run: [TDispVol] TDispVol.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe"  -osboot
O4 - HKLM\..\Run: [Startup] C:\windows\startup.vbs
O4 - HKLM\..\Run: [SgeEcView] c:\Program Files\Utimaco\SafeGuard Easy\Ecview.exe
O4 - HKLM\..\Run: [EdWizard] c:\Program Files\Utimaco\SafeGuard Easy\EdWizard.exe as
O4 - HKLM\..\Run: [UERLKUP] c:\Program Files\Utimaco\SafeGuard Easy\uerlkupn.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [RecoverFromReboot] C:\WINDOWS\Temp\RecoverFromReboot.exe
O4 - HKLM\..\Run: [Club-Internet_McciTrayApp] C:\Program Files\Club-Internet\Agent Wi-Fi V2.1\McciTrayApp.exe
O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\CLUB-I~1\LECOMP~1\SMARTB~1\MotiveSB.exe
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [VX1000] C:\WINDOWS\vVX1000.exe
O4 - HKLM\..\Run: [LifeCam] "C:\Program Files\Microsoft LifeCam\LifeExp.exe"
O4 - HKLM\..\Run: [eCarteBleue-SG-P3] "C:\Program Files\e-Carte Bleue\SG\e-Carte Bleue\ECB-SG.exe"  /dontopenmycards
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [.nvsvc] C:\WINDOWS\system\smss.exe /w
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Hide IP Platinum] C:\Program Files\HideIP\Hide IP Platinum\hideippla.exe
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: OpenOffice.org 2.0.lnk = C:\Program Files\OpenOffice.org 2.0\program\quickstart.exe
O4 - Global Startup: Adobe Acrobat Speed Launcher.lnk = ?
O4 - Global Startup: Adobe Acrobat Synchronizer.lnk = C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AdobeCollabSync.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: LE COMPAGNON CLUB.lnk = C:\Program Files\Club-Internet\Le Compagnon Club\bin\matcli.exe
O4 - Global Startup: Post-it® Software Notes Lite.lnk = C:\Program Files\3M\PSNLite\PsnLite.exe
O8 - Extra context menu item: &ieSpell Options - res://C:\Program Files\ieSpell\iespell.dll/SPELLOPTION.HTM
O8 - Extra context menu item: Advanced Email Extractor - res://C:\Program%20Files\Advanced%20Email%20Extractor%20PRO\AeePMsie.dll/page.html
O8 - Extra context menu item: Append to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Check &Spelling - res://C:\Program Files\ieSpell\iespell.dll/SPELLCHECK.HTM
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Scan link with AEE - res://C:\Program%20Files\Advanced%20Email%20Extractor%20PRO\AeePMsie.dll/link.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:\Program Files\ieSpell\iespell.dll
O9 - Extra 'Tools' menuitem: ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:\Program Files\ieSpell\iespell.dll
O9 - Extra button: (no name) - {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - C:\Program Files\ieSpell\iespell.dll
O9 - Extra 'Tools' menuitem: ieSpell Options - {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - C:\Program Files\ieSpell\iespell.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Email Extractor - {AFA7DB99-3E4D-4396-94F8-B0B135BCB472} - res://C:\Program%20Files\Advanced%20Email%20Extractor%20PRO\AeePMsie.dll/page.html (file missing) (HKCU)
O9 - Extra 'Tools' menuitem: Advanced Email Extractor - {AFA7DB99-3E4D-4396-94F8-B0B135BCB472} - res://C:\Program%20Files\Advanced%20Email%20Extractor%20PRO\AeePMsie.dll/page.html (file missing) (HKCU)
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/bina [...] b31267.cab
O16 - DPF: {65683480-5699-11D4-9D2C-525400E80BD5} (GlobFXCtl Class) - http://www.globfx.com/webplayer/globfx.cab
O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://srv01.admin.over-blog.com/_ [...] oader4.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/bina [...] b31267.cab
O16 - DPF: {91D4B4D5-E368-40AB-8F53-A37FA634B471} (Installer9Ctrl Class) - http://www.tellmemoreeducation.com/bin/tol9inst.cab
O16 - DPF: {9B17FE0E-51F2-4692-8B32-8EFB805FC0E7} (HPObjectInstaller Class) - http://h30155.www3.hp.com/ediags/d [...] utions.cab
O16 - DPF: {C7C7152F-6E85-44F3-A14B-A7F85FDDEA3B} (InstallerCtrl Class) - http://v7.e-tmm.com/bin/tol7inst.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/ [...] wflash.cab
O16 - DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} (AxisMediaControlEmb Class) - http://happywash.dnsalias.com:81/activex/AMC.cab
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/controls/msnchat45.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O18 - Filter hijack: text/html - {2AB289AE-4B90-4281-B2AE-1F4BB034B647} - C:\Program Files\RXToolBar\sfcont.dll
O20 - Winlogon Notify: NotLog - C:\WINDOWS\SYSTEM32\SGLogEx.dll
O20 - Winlogon Notify: SGLogNotification - C:\WINDOWS\SYSTEM32\SGLogNotification.dll
O20 - Winlogon Notify: uerclt - C:\WINDOWS\SYSTEM32\uercltn.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: SafeGuard Easy Control (SgeCtl) - Utimaco Safeware AG - c:\Program Files\Utimaco\SafeGuard Easy\SgeCtl.exe
O23 - Service: SafeGuard SGLOG  Player (SgLogPlayer) - Utimaco Safeware AG - c:\WINDOWS\system32\SgLogPlayer.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: TOSHIBA Application Service (TAPPSRV) - TOSHIBA Corp. - C:\Program Files\Toshiba\TOSHIBA Applet\TAPPSRV.exe
O23 - Service: SafeGuard Easy Workstation Server (WksCfgSrv) - Utimaco Safeware AG - c:\Program Files\Utimaco\SafeGuard Easy\WksCfgSrv.exe
 
--
End of file - 17205 bytes
 
_______
 
Savez vous comment faire? je vous en serez trés reconnaissant.
mrerci

Bonjour,
 
Télécharge SDFix (créé par AndyManchesta) et sauvegarde le sur ton Bureau.
Double clique sur SDFix.exe et choisis Install pour l'extraire sur le Bureau.  
 
Redémarre en mode sans échec
 

• Ouvre le dossier SDFix qui vient d'être créé à la racine de ton dique dur (C:) et double clique sur RunThis.bat pour lancer le script.
• Appuie sur Y pour commencer le processus de nettoyage.
• Il va supprimer les services et les entrées du Registre de certains trojans trouvés puis te demandera d'appuyer sur une touche pour redémarrer.
• Appuie sur une touche pour redémarrer le PC.
• Ton système sera plus long pour redémarrer qu'à l'accoutumée car l'outil va continuer à s'exécuter et supprimer des fichiers.
• Après le chargement du Bureau, l'outil terminera son travail et affichera Finished.
• Appuie sur une touche pour finir l'exécution du script et charger les icônes de ton Bureau.
• Les icônes du Bureau affichées, le rapport SDFix s'ouvrira à l'écran et s'enregistrera aussi dans le dossier  SDFix sous le nom Report.txt.
• Enfin, copie/colle le contenu du fichier Report.txt dans ta prochaine réponse sur le forum, avec un nouveau log Hijackthis.

Ca  à l'air de fonctionner merci beaucoup :-)
 
Voici le rapport de Hijack:
 
 
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:01:24, on 27/09/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16512)
Boot mode: Normal
 
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Microsoft LifeCam\MSCamS32.exe
c:\Program Files\Utimaco\SafeGuard Easy\SgeCtl.exe
c:\WINDOWS\system32\SgLogPlayer.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Toshiba\TOSHIBA Applet\TAPPSRV.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\notepad.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Synaptics\SynTP\Toshiba.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\ltmoh\Ltmoh.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe
C:\WINDOWS\system32\TPSMain.exe
C:\Program Files\TOSHIBA\Tvs\TvsTray.exe
C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe
C:\Program Files\TOSHIBA\Commandes TOSHIBA\TFncKy.exe
C:\WINDOWS\system32\TDispVol.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Utimaco\SafeGuard Easy\Ecview.exe
C:\WINDOWS\system32\TPSBattM.exe
C:\Program Files\Utimaco\SafeGuard Easy\uerlkupn.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Club-Internet\Agent Wi-Fi V2.1\McciTrayApp.exe
C:\PROGRA~1\CLUB-I~1\LECOMP~1\SMARTB~1\MotiveSB.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\vVX1000.exe
C:\Program Files\e-Carte Bleue\SG\e-Carte Bleue\ECB-SG.exe
C:\Program Files\iTunes\iTunesHelper.exe
c:\Program Files\Utimaco\SafeGuard Easy\WksCfgSrv.exe
C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\3M\PSNLite\PsnLite.exe
C:\PROGRA~1\3M\PSNLite\PSNGive.exe
C:\Program Files\Club-Internet\Le Compagnon Club\bin\mpbtn.exe
C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE
C:\Program Files\WinAce\WinAce.exe
C:\DOCUME~1\UTILIS~1\LOCALS~1\Temp\~AceTemp\HiJackThis\HijackThis.exe
 
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer avec Club-Internet
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: e-Carte Bleue Browser Helper Object - {2E03C0FD-4C48-43A7-9A54-00240C70FF16} - C:\WINDOWS\system32\BhoECart.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: RXResultTracker Class - {59879FA4-4790-461c-A1CC-4EC4DE4CA483} - C:\Program Files\RXToolBar\sfcont.dll (file missing)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [LtMoh] C:\Program Files\ltmoh\Ltmoh.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [THotkey] C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe
O4 - HKLM\..\Run: [TPSMain] TPSMain.exe
O4 - HKLM\..\Run: [Tvs] C:\Program Files\TOSHIBA\Tvs\TvsTray.exe
O4 - HKLM\..\Run: [SmoothView] C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe
O4 - HKLM\..\Run: [TFncKy] TFncKy.exe
O4 - HKLM\..\Run: [TDispVol] TDispVol.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe"  -osboot
O4 - HKLM\..\Run: [Startup] C:\windows\startup.vbs
O4 - HKLM\..\Run: [SgeEcView] c:\Program Files\Utimaco\SafeGuard Easy\Ecview.exe
O4 - HKLM\..\Run: [EdWizard] c:\Program Files\Utimaco\SafeGuard Easy\EdWizard.exe as
O4 - HKLM\..\Run: [UERLKUP] c:\Program Files\Utimaco\SafeGuard Easy\uerlkupn.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [RecoverFromReboot] C:\WINDOWS\Temp\RecoverFromReboot.exe
O4 - HKLM\..\Run: [Club-Internet_McciTrayApp] C:\Program Files\Club-Internet\Agent Wi-Fi V2.1\McciTrayApp.exe
O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\CLUB-I~1\LECOMP~1\SMARTB~1\MotiveSB.exe
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [VX1000] C:\WINDOWS\vVX1000.exe
O4 - HKLM\..\Run: [LifeCam] "C:\Program Files\Microsoft LifeCam\LifeExp.exe"
O4 - HKLM\..\Run: [eCarteBleue-SG-P3] "C:\Program Files\e-Carte Bleue\SG\e-Carte Bleue\ECB-SG.exe"  /dontopenmycards
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Hide IP Platinum] C:\Program Files\HideIP\Hide IP Platinum\hideippla.exe
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: OpenOffice.org 2.0.lnk = C:\Program Files\OpenOffice.org 2.0\program\quickstart.exe
O4 - Global Startup: Adobe Acrobat Speed Launcher.lnk = ?
O4 - Global Startup: Adobe Acrobat Synchronizer.lnk = C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AdobeCollabSync.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: LE COMPAGNON CLUB.lnk = C:\Program Files\Club-Internet\Le Compagnon Club\bin\matcli.exe
O4 - Global Startup: Post-it® Software Notes Lite.lnk = C:\Program Files\3M\PSNLite\PsnLite.exe
O8 - Extra context menu item: &ieSpell Options - res://C:\Program Files\ieSpell\iespell.dll/SPELLOPTION.HTM
O8 - Extra context menu item: Advanced Email Extractor - res://C:\Program%20Files\Advanced%20Email%20Extractor%20PRO\AeePMsie.dll/page.html
O8 - Extra context menu item: Append to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Check &Spelling - res://C:\Program Files\ieSpell\iespell.dll/SPELLCHECK.HTM
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Scan link with AEE - res://C:\Program%20Files\Advanced%20Email%20Extractor%20PRO\AeePMsie.dll/link.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:\Program Files\ieSpell\iespell.dll
O9 - Extra 'Tools' menuitem: ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:\Program Files\ieSpell\iespell.dll
O9 - Extra button: (no name) - {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - C:\Program Files\ieSpell\iespell.dll
O9 - Extra 'Tools' menuitem: ieSpell Options - {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - C:\Program Files\ieSpell\iespell.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Email Extractor - {AFA7DB99-3E4D-4396-94F8-B0B135BCB472} - res://C:\Program%20Files\Advanced%20Email%20Extractor%20PRO\AeePMsie.dll/page.html (file missing) (HKCU)
O9 - Extra 'Tools' menuitem: Advanced Email Extractor - {AFA7DB99-3E4D-4396-94F8-B0B135BCB472} - res://C:\Program%20Files\Advanced%20Email%20Extractor%20PRO\AeePMsie.dll/page.html (file missing) (HKCU)
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/bina [...] b31267.cab
O16 - DPF: {65683480-5699-11D4-9D2C-525400E80BD5} (GlobFXCtl Class) - http://www.globfx.com/webplayer/globfx.cab
O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://srv01.admin.over-blog.com/_ [...] oader4.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/bina [...] b31267.cab
O16 - DPF: {91D4B4D5-E368-40AB-8F53-A37FA634B471} (Installer9Ctrl Class) - http://www.tellmemoreeducation.com/bin/tol9inst.cab
O16 - DPF: {9B17FE0E-51F2-4692-8B32-8EFB805FC0E7} (HPObjectInstaller Class) - http://h30155.www3.hp.com/ediags/d [...] utions.cab
O16 - DPF: {C7C7152F-6E85-44F3-A14B-A7F85FDDEA3B} (InstallerCtrl Class) - http://v7.e-tmm.com/bin/tol7inst.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/ [...] wflash.cab
O16 - DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} (AxisMediaControlEmb Class) - http://happywash.dnsalias.com:81/activex/AMC.cab
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/controls/msnchat45.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O18 - Filter hijack: text/html - {2AB289AE-4B90-4281-B2AE-1F4BB034B647} - C:\Program Files\RXToolBar\sfcont.dll
O20 - Winlogon Notify: NotLog - C:\WINDOWS\SYSTEM32\SGLogEx.dll
O20 - Winlogon Notify: SGLogNotification - C:\WINDOWS\SYSTEM32\SGLogNotification.dll
O20 - Winlogon Notify: uerclt - C:\WINDOWS\SYSTEM32\uercltn.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: SafeGuard Easy Control (SgeCtl) - Utimaco Safeware AG - c:\Program Files\Utimaco\SafeGuard Easy\SgeCtl.exe
O23 - Service: SafeGuard SGLOG  Player (SgLogPlayer) - Utimaco Safeware AG - c:\WINDOWS\system32\SgLogPlayer.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: TOSHIBA Application Service (TAPPSRV) - TOSHIBA Corp. - C:\Program Files\Toshiba\TOSHIBA Applet\TAPPSRV.exe
O23 - Service: SafeGuard Easy Workstation Server (WksCfgSrv) - Utimaco Safeware AG - c:\Program Files\Utimaco\SafeGuard Easy\WksCfgSrv.exe
 
--
End of file - 17064 bytes
 

Le rapport SDFix ?

:S Excuse moi voila le rapport de Sdfix
 
pardon^^
 
 
17/09/2006 16:32:43 SYSTEM 276 Function setifaceUpdatePackages() has failed. Return code is 0x20000011, dwRes is 20000011.  
17/09/2006 16:32:44 SYSTEM 276 An error has occured while attempting to update. Please check the logs.  
26/09/2006 22:28:39 utilisateur 1712 Sign of "VBS:Malware [Script]" has been found in "C:\TG\msg\getmsg.htm" file.  
26/09/2006 22:29:23 utilisateur 1712 Sign of "VBS:Malware [Script]" has been found in "C:\TG\msg\getmsg2.htm" file.  
30/09/2006 13:11:27 SYSTEM 1984 Function setifaceUpdatePackages() has failed. Return code is 0x20000011, dwRes is 20000011.  
30/09/2006 13:11:28 SYSTEM 1984 An error has occured while attempting to update. Please check the logs.  
30/09/2006 14:18:51 SYSTEM 1524 Function setifaceUpdatePackages() has failed. Return code is 0x20000011, dwRes is 20000011.  
30/09/2006 14:18:51 SYSTEM 1524 An error has occured while attempting to update. Please check the logs.  
30/09/2006 14:20:09 utilisateur 1492 Function setifaceUpdatePackages() has failed. Return code is 0x20000011, dwRes is 20000011.  
02/10/2006 23:22:42 utilisateur 2916 Function setifaceUpdatePackages() has failed. Return code is 0x000004C7, dwRes is 000004C7.  
02/10/2006 23:24:19 utilisateur 708 Sign of "VBS:Malware [Script]" has been found in "C:\RECYCLER\S-1-5-21-4003283229-3873438383-1261831753-1005\Dc2.htm" file.  
09/10/2006 22:08:02 utilisateur 228 Sign of "Win32:Adware-gen. [Adw]" has been found in "C:\WINDOWS\Downloaded Program Files\WebP2PInstaller.dll" file.  
09/10/2006 22:08:23 utilisateur 228 Sign of "Win32:Adware-gen. [Adw]" has been found in "C:\WINDOWS\Downloaded Program Files\WebP2PInstaller.dll" file.  
09/10/2006 22:08:40 utilisateur 228 Sign of "Win32:Adware-gen. [Adw]" has been found in "C:\WINDOWS\system32\P2P Networking\MARSHAL.DLL" file.  
09/10/2006 22:09:07 utilisateur 228 Sign of "Win32:Lineage-197 [Trj]" has been found in "C:\WINDOWS\system32\P2P Networking v126.cpl" file.  
09/10/2006 22:09:15 utilisateur 228 Sign of "Win32:Adware-gen. [Adw]" has been found in "C:\WINDOWS\system32\P2P Networking\MARSHAL.DLL" file.  
09/10/2006 22:09:27 utilisateur 228 Sign of "Win32:Adware-gen. [Adw]" has been found in "C:\Program Files\Altnet\Download Manager\asm.exe" file.  
09/10/2006 22:09:30 utilisateur 228 Sign of "Win32:Adware-gen. [Adw]" has been found in "C:\Program Files\Altnet\Download Manager\asmps.dll" file.  
09/10/2006 22:09:32 utilisateur 228 Sign of "Win32:Adware-gen. [Adw]" has been found in "C:\Program Files\Altnet\Download Manager\ASM.exe" file.  
09/10/2006 22:09:34 utilisateur 228 Sign of "Win32:Adware-gen. [Adw]" has been found in "C:\Program Files\Altnet\Download Manager\ASMps.dll" file.  
09/10/2006 22:14:35 utilisateur 1780 Sign of "Win32:Adware-gen. [Adw]" has been found in "c:\program files\altnet\download manager\asm.exe" file.  
09/10/2006 22:21:21 utilisateur 228 Sign of "Win32:Adware-gen. [Adw]" has been found in "C:\PROGRA~1\RXTOOL~1\SEMANT~1\SEMANT~1.EXE" file.  
09/10/2006 22:21:27 utilisateur 228 Sign of "Win32:Findbar [Adw]" has been found in "C:\Program Files\Need2Find\bar\1.bin\ND2FNBAR.DLL" file.  
09/10/2006 22:21:31 utilisateur 228 Sign of "Win32:Adan-057 [Adw]" has been found in "C:\PROGRA~1\INSTAF~1\INSTAF~1.DLL" file.  
10/10/2006 10:04:18 utilisateur 1148 Sign of "Win32:Adan-057 [Adw]" has been found in "C:\PROGRA~1\INSTAF~1\INSTAF~1.DLL" file.  
10/10/2006 10:06:02 utilisateur 1148 Sign of "Win32:Findbar [Adw]" has been found in "C:\Program Files\Need2Find\bar\1.bin\ND2FNBAR.DLL" file.  
10/10/2006 10:21:43 utilisateur 1148 Sign of "Win32:Adware-gen. [Adw]" has been found in "C:\Program Files\RXToolBar\Semantic Insight\SemanticInsight.exe" file.  
10/10/2006 13:26:33 utilisateur 1588 Sign of "Win32:Findbar [Adw]" has been found in "C:\Program Files\Need2Find\bar\1.bin\ND2FNBAR.DLL" file.  
10/10/2006 13:26:37 utilisateur 1588 Sign of "Win32:Adan-057 [Adw]" has been found in "C:\PROGRA~1\INSTAF~1\INSTAF~1.DLL" file.  
10/10/2006 16:27:28 utilisateur 1688 Sign of "Win32:Findbar [Adw]" has been found in "C:\Program Files\Need2Find\bar\1.bin\ND2FNBAR.DLL" file.  
10/10/2006 16:27:47 utilisateur 1688 Sign of "Win32:Adan-057 [Adw]" has been found in "C:\PROGRA~1\INSTAF~1\INSTAF~1.DLL" file.  
10/10/2006 16:27:59 utilisateur 1688 Sign of "Win32:Adware-gen. [Adw]" has been found in "C:\Program Files\RXToolBar\Semantic Insight\SemanticInsight.exe" file.  
10/10/2006 17:08:56 utilisateur 1688 Sign of "Win32:Lineage-197 [Trj]" has been found in "C:\WINDOWS\system32\P2P Networking v126.cpl" file.  
10/10/2006 18:30:47 SYSTEM 948 Sign of "Win32:Adware-gen. [Adw]" has been found in "C:\PROGRA~1\Altnet\DOWNLO~1\asm.exe" file.  
10/10/2006 21:16:24 utilisateur 1708 Sign of "Win32:Adware-gen. [Adw]" has been found in "C:\Program Files\Altnet\Download Manager\AltnetUninstall.exe" file.  
10/10/2006 21:17:04 utilisateur 1708 Sign of "Win32:Adware-gen. [Adw]" has been found in "C:\PROGRAM FILES\ALTNET\DOWNLOAD MANAGER\ASMPS.DLL" file.  
10/10/2006 21:19:20 utilisateur 1708 Sign of "Win32:Adware-gen. [Adw]" has been found in "C:\Program Files\Altnet\Points Manager\sysdetect.dll" file.  
10/10/2006 21:19:36 utilisateur 1708 Sign of "Win32:Adware-gen. [Adw]" has been found in "C:\Program Files\Altnet\Download Manager\asmend.exe" file.  
11/10/2006 18:03:48 utilisateur 236 Sign of "Win32:Adware-gen. [Adw]" has been found in "C:\PROGRA~1\MOZILL~2\plugins\NPNd2fn.dll" file.  
11/10/2006 20:56:53 utilisateur 236 Sign of "Win32:Adware-gen. [Adw]" has been found in "C:\WINDOWS\system32\P2P Networking\MARSHAL.DLL" file.  
11/10/2006 21:08:22 utilisateur 236 Sign of "Win32:Agent-AWB [Adw]" has been found in "C:\Program Files\Setup\Setup.exe" file.  
11/10/2006 21:10:32 utilisateur 236 Sign of "Win32:Agent-AWB [Adw]" has been found in "C:\Program Files\Setup\Setup.exe" file.  
11/10/2006 21:10:34 utilisateur 236 Sign of "Win32:Agent-AWB [Adw]" has been found in "C:\Program Files\Setup\SET158.tmp" file.  
11/10/2006 21:10:36 utilisateur 236 Sign of "Win32:Agent-AWB [Adw]" has been found in "C:\Program Files\Setup\Setup.exe" file.  
11/10/2006 21:10:38 utilisateur 236 Sign of "Win32:Agent-AWB [Adw]" has been found in "C:\Program Files\Setup\Setup.exe" file.  
24/10/2006 21:25:09 SYSTEM 176 Sign of "VBS:Malware [Script]" has been found in "G:\msg\getmsg.htm" file.  
24/10/2006 21:25:18 SYSTEM 176 Sign of "VBS:Malware [Script]" has been found in "G:\msg\getmsg2.htm" file.  
07/11/2006 01:02:27 SYSTEM 1992 Sign of "Win32:Agent-AWB [Adw]" has been found in "C:\Program Files\Setup\Setup.exe" file.  
07/11/2006 01:02:45 SYSTEM 1992 Sign of "Win32:Agent-AWB [Adw]" has been found in "C:\Program Files\Setup\SET10A.tmp" file.  
15/11/2006 17:17:23 SYSTEM 1984 Sign of "Win32:Adware-gen. [Adw]" has been found in "C:\DOCUME~1\UTILIS~1\LOCALS~1\Temp\uninstall.exe" file.  
15/11/2006 17:17:31 SYSTEM 1984 Sign of "Win32:Adware-gen. [Adw]" has been found in "C:\Program Files\Club-Internet\Agent Wi-Fi V2.1\uninstall.exe" file.  
21/11/2006 01:07:03 SYSTEM 1992 Function setifaceUpdatePackages() has failed. Return code is 0xC0000142, dwRes is C0000142.  
21/11/2006 01:07:04 SYSTEM 1992 An error has occured while attempting to update. Please check the logs.  
30/11/2006 21:07:35 utilisateur 1732 Sign of "Win32:Adware-gen. [Adw]" has been found in "C:\Program Files\Altnet\Download Manager\asmend.exe" file.  
30/11/2006 21:11:50 utilisateur 1732 Sign of "Win32:Adware-gen. [Adw]" has been found in "C:\Program Files\Need2Find\bar\1.bin\NPND2FN.DLL" file.  
30/11/2006 21:13:19 utilisateur 1732 Sign of "Win32:Adware-gen. [Adw]" has been found in "C:\System Volume Information\_restore{996C70E0-A140-4C7E-8366-3FEF2D2989EA}\RP39\A0014930.exe" file.  
30/11/2006 21:13:27 utilisateur 1732 Sign of "Win32:Adware-gen. [Adw]" has been found in "C:\System Volume Information\_restore{996C70E0-A140-4C7E-8366-3FEF2D2989EA}\RP39\A0014931.DLL" file.  
15/01/2007 13:49:14 SYSTEM 2008 Function setifaceUpdatePackages() has failed. Return code is 0xC0000142, dwRes is C0000142.  
15/01/2007 13:49:15 SYSTEM 2008 An error has occured while attempting to update. Please check the logs.  
05/03/2007 15:24:30 utilisateur 2028 Sign of "Win32:NSAnti-BH [Trj]" has been found in "G:\sxs.exe" file.  
06/03/2007 23:03:00 SYSTEM 132 Sign of "Win32:Agent-DYR [Wrm]" has been found in "C:\Documents and Settings\utilisateur\svc012.exe" file.  
07/03/2007 18:24:34 SYSTEM 132 Sign of "Win32:Agent-DYR [Wrm]" has been found in "G:\ie.exe" file.  
10/03/2007 04:50:44 SYSTEM 148 Function setifaceUpdatePackages() has failed. Return code is 0xC0000142, dwRes is C0000142.  
10/03/2007 04:50:45 SYSTEM 148 An error has occured while attempting to update. Please check the logs.  
17/03/2007 13:39:19 È’|(
‚
àáË 2036 Function setifaceUpdatePackages() has failed. Return code is 0xC000003A, dwRes is C000003A.  
17/03/2007 13:39:19 È’|(
‚
àáË 2036 An error has occured while attempting to update. Please check the logs.  
20/03/2007 13:09:55 utilisateur 2136 Sign of "Win32:Rjump [Wrm]" has been found in "c:\windows\adober.exe" file.  
20/03/2007 13:15:26 utilisateur 688 Sign of "Win32:Spyware-gen. [Trj]" has been found in "C:\Documents and Settings\utilisateur\Local Settings\Temp\p2psetup.exe" file.  
20/03/2007 13:16:28 utilisateur 688 Function setifaceUpdatePackages() has failed. Return code is 0x000004C7, dwRes is 000004C7.  
20/03/2007 13:22:36 utilisateur 688 Sign of "Win32:Trojan-gen. {UPX!}" has been found in "C:\Documents and Settings\utilisateur\Local Settings\Temporary Internet Files\Content.IE5\N0I9RSNG\ref92302[1]\ref92302.exe" file.  
20/03/2007 13:31:03 utilisateur 688 Sign of "Win32:Spyware-gen. [Trj]" has been found in "C:\Program Files\Need2Find\bar\1.bin\N2PLUGIN.DLL" file.  
20/03/2007 13:32:27 utilisateur 688 Sign of "Win32:Rjump [Wrm]" has been found in "C:\System Volume Information\_restore{996C70E0-A140-4C7E-8366-3FEF2D2989EA}\RP86\A0028421.exe" file.  
20/03/2007 13:32:34 utilisateur 688 Sign of "Win32:Spyware-gen. [Trj]" has been found in "C:\System Volume Information\_restore{996C70E0-A140-4C7E-8366-3FEF2D2989EA}\RP86\A0028424.DLL" file.  
20/03/2007 14:15:29 utilisateur 688 Sign of "Win32:Rjump [Wrm]" has been found in "C:\WINDOWS\trz13.tmp" file.  
24/03/2007 18:56:50 SYSTEM 2248 Function setifaceUpdatePackages() has failed. Return code is 0x20000011, dwRes is 20000011.  
24/03/2007 18:56:51 SYSTEM 2248 An error has occured while attempting to update. Please check the logs.  
05/04/2007 09:03:22 SYSTEM 2024 Function setifaceUpdatePackages() has failed. Return code is 0x20000004, dwRes is 20000004.  
05/04/2007 09:03:23 SYSTEM 2024 An error has occured while attempting to update. Please check the logs.  
05/04/2007 11:28:10 SYSTEM 1972 Function setifaceUpdatePackages() has failed. Return code is 0x20000006, dwRes is 20000006.  
05/04/2007 11:28:12 SYSTEM 1972 An error has occured while attempting to update. Please check the logs.  
06/04/2007 11:31:20 SYSTEM 1992 Function setifaceUpdatePackages() has failed. Return code is 0x20000006, dwRes is 20000006.  
06/04/2007 11:31:21 SYSTEM 1992 An error has occured while attempting to update. Please check the logs.  
10/04/2007 12:04:21 SYSTEM 2012 Function setifaceUpdatePackages() has failed. Return code is 0x20000006, dwRes is 20000006.  
10/04/2007 12:04:24 SYSTEM 2012 An error has occured while attempting to update. Please check the logs.  
10/04/2007 12:49:12 SYSTEM 2008 Function setifaceUpdatePackages() has failed. Return code is 0x20000006, dwRes is 20000006.  
10/04/2007 12:49:13 SYSTEM 2008 An error has occured while attempting to update. Please check the logs.  
11/04/2007 11:33:24 SYSTEM 1992 Function setifaceUpdatePackages() has failed. Return code is 0x20000006, dwRes is 20000006.  
11/04/2007 11:33:25 SYSTEM 1992 An error has occured while attempting to update. Please check the logs.  
12/04/2007 20:34:37 utilisateur 5524 Sign of "Win32:Rjump [Wrm]" has been found in "c:\windows\adober.exe" file.  
15/04/2007 13:28:46 SYSTEM 1996 Function setifaceUpdatePackages() has failed. Return code is 0x20000006, dwRes is 20000006.  
15/04/2007 13:28:47 SYSTEM 1996 An error has occured while attempting to update. Please check the logs.  
16/04/2007 10:02:00 SYSTEM 1996 Function setifaceUpdatePackages() has failed. Return code is 0x20000006, dwRes is 20000006.  
16/04/2007 10:02:01 SYSTEM 1996 An error has occured while attempting to update. Please check the logs.  
16/04/2007 13:22:24 SYSTEM 1964 Function setifaceUpdatePackages() has failed. Return code is 0x20000006, dwRes is 20000006.  
16/04/2007 13:22:25 SYSTEM 1964 An error has occured while attempting to update. Please check the logs.  
16/04/2007 15:44:33 SYSTEM 1928 Function setifaceUpdatePackages() has failed. Return code is 0x20000006, dwRes is 20000006.  
16/04/2007 15:44:34 SYSTEM 1928 An error has occured while attempting to update. Please check the logs.  
17/04/2007 11:33:23 SYSTEM 1824 Function setifaceUpdatePackages() has failed. Return code is 0x20000006, dwRes is 20000006.  
17/04/2007 11:33:25 SYSTEM 1824 An error has occured while attempting to update. Please check the logs.  
17/04/2007 13:22:06 SYSTEM 1848 Function setifaceUpdatePackages() has failed. Return code is 0x20000006, dwRes is 20000006.  
17/04/2007 13:22:07 SYSTEM 1848 An error has occured while attempting to update. Please check the logs.  
22/04/2007 14:12:46 SYSTEM 1816 Function setifaceUpdatePackages() has failed. Return code is 0x20000011, dwRes is 20000011.  
22/04/2007 14:12:49 SYSTEM 1816 Function setifaceUpdatePackages() has failed. Return code is 0x20000011, dwRes is 20000011.  
22/04/2007 14:12:50 SYSTEM 1816 An error has occured while attempting to update. Please check the logs.  
23/04/2007 17:40:42 SYSTEM 1840 Function setifaceUpdatePackages() has failed. Return code is 0x20000011, dwRes is 20000011.  
23/04/2007 17:40:43 SYSTEM 1840 An error has occured while attempting to update. Please check the logs.  
26/04/2007 16:35:53 SYSTEM 1856 Function setifaceUpdatePackages() has failed. Return code is 0x20000011, dwRes is 20000011.  
26/04/2007 16:35:54 SYSTEM 1856 An error has occured while attempting to update. Please check the logs.  
26/04/2007 17:15:01 utilisateur 4000 Sign of "VBS:Malware [Script]" has been found in "G:\folder.htt" file.  
26/04/2007 17:15:24 utilisateur 4000 Sign of "Win32:Trojan-gen. {Other}" has been found in "G:\sxs.exe" file.  
26/04/2007 17:15:30 utilisateur 4000 Sign of "Win32erlovga" has been found in "G:\copy.exe\[MEW]" file.  
26/04/2007 17:15:33 utilisateur 4000 Sign of "Win32:Trojan-gen. {Other}" has been found in "G:\host.exe\[Embedded#08004]" file.  
26/04/2007 17:15:39 utilisateur 4000 Sign of "Win32:Small-ABY [Trj]" has been found in "G:\host.exe\[Embedded#10a1a]" file.  
27/04/2007 12:18:44 utilisateur 2400 Sign of "Win32:Rjump [Wrm]" has been found in "G:\AdobeR.exe" file.  
27/04/2007 12:19:00 utilisateur 2400 Sign of "Win32:Rjump [Wrm]" has been found in "G:\trz3.tmp" file.  
03/05/2007 12:39:01 utilisateur 1848 Sign of "Win32:Trojan-gen. {Other}" has been found in "C:\WINDOWS\system32\rdihost.dll" file.  
03/05/2007 12:40:01 utilisateur 1848 Function setifaceUpdatePackages() has failed. Return code is 0x20000006, dwRes is 20000006.  
03/05/2007 12:40:02 utilisateur 1848 An error has occured while attempting to update. Please check the logs.  
03/05/2007 14:02:58 utilisateur 1820 Sign of "Win32:Trojan-gen. {Other}" has been found in "C:\WINDOWS\system32\rdihost.dll" file.  
03/05/2007 14:04:18 utilisateur 1820 Function setifaceUpdatePackages() has failed. Return code is 0x20000006, dwRes is 20000006.  
03/05/2007 14:04:20 utilisateur 1820 An error has occured while attempting to update. Please check the logs.  
10/05/2007 09:50:56 SYSTEM 1828 Function setifaceUpdatePackages() has failed. Return code is 0x20000006, dwRes is 20000006.  
10/05/2007 09:50:58 SYSTEM 1828 An error has occured while attempting to update. Please check the logs.  
15/05/2007 12:11:16 SYSTEM 1792 Function setifaceUpdatePackages() has failed. Return code is 0x20000006, dwRes is 20000006.  
15/05/2007 12:11:24 SYSTEM 1792 An error has occured while attempting to update. Please check the logs.  
16/05/2007 09:53:38 SYSTEM 1776 Function setifaceUpdatePackages() has failed. Return code is 0x20000006, dwRes is 20000006.  
16/05/2007 09:53:41 SYSTEM 1776 An error has occured while attempting to update. Please check the logs.  
19/05/2007 12:01:43 SYSTEM 1824 Function setifaceUpdatePackages() has failed. Return code is 0xC0000142, dwRes is C0000142.  
19/05/2007 12:01:44 SYSTEM 1824 An error has occured while attempting to update. Please check the logs.  
21/05/2007 05:27:44 utilisateur 1820 Sign of "Win32:Trojan-gen. {Other}" has been found in "C:\WINDOWS\AdobeR.exe" file.  
26/05/2007 15:01:48 SYSTEM 1856 Function setifaceUpdatePackages() has failed. Return code is 0x20000011, dwRes is 20000011.  
26/05/2007 15:01:50 SYSTEM 1856 An error has occured while attempting to update. Please check the logs.  
01/06/2007 23:12:44 utilisateur 1640 Sign of "Win32:Trojan-gen. {Other}" has been found in "G:\AdobeR.exe" file.  
27/07/2007 10:48:09 SYSTEM 1648 Sign of "VBS:Malware [Script]" has been found in "http://by106fd.bay106.hotmail.msn.com/cgi-bin/HoTMaiL?curmbox=00000000-0000-0000-0000-000000000001&curmbox=00000000%2d0000%2d0000%2d0000%2d000000000001&a=4fdbfa2f6dce7167d032bbb0251496e0a23b47e26412b153921012f92941e92b" file.  
27/07/2007 10:48:26 SYSTEM 1648 Sign of "VBS:Malware [Script]" has been found in "C:\Documents and Settings\utilisateur\Local Settings\Temporary Internet Files\Content.IE5\N0I9RSNG\HoTMaiL[1].htm" file.  
27/07/2007 10:51:19 SYSTEM 1648 Sign of "VBS:Malware [Script]" has been found in "http://by106fd.bay106.hotmail.msn.com/cgi-bin/HoTMaiL?&curmbox=00000000%2d0000%2d0000%2d0000%2d000000000001&a=4fdbfa2f6dce7167d032bbb0251496e063115ff608f931f78f9e58f71117e82a" file.  
27/07/2007 10:51:31 SYSTEM 1648 Sign of "VBS:Malware [Script]" has been found in "C:\Documents and Settings\utilisateur\Local Settings\Temporary Internet Files\Content.IE5\F00440J0\HoTMaiL[1].htm" file.  
27/07/2007 10:52:31 SYSTEM 1648 Sign of "VBS:Malware [Script]" has been found in "http://by106fd.bay106.hotmail.msn.com/cgi-bin/HoTMaiL?&curmbox=00000000%2d0000%2d0000%2d0000%2d000000000001&a=4fdbfa2f6dce7167d032bbb0251496e0df798de2501cd6736396aa92831f676b" file.  
27/07/2007 10:52:59 SYSTEM 1648 Sign of "VBS:Malware [Script]" has been found in "C:\Documents and Settings\utilisateur\Local Settings\Temporary Internet Files\Content.IE5\T7QSLS71\HoTMaiL[2].htm" file.  
27/07/2007 10:59:22 utilisateur 1456 Sign of "VBS:Malware [Script]" has been found in "C:\Documents and Settings\utilisateur\Local Settings\Temporary Internet Files\Content.IE5\1BBY6R3F\HoTMaiL[1].htm" file.  
27/07/2007 11:29:08 utilisateur 1456 Sign of "VBS:Malware [Script]" has been found in "C:\Documents and Settings\utilisateur\Local Settings\Temporary Internet Files\Content.IE5\1BBY6R3F\HoTMaiL[2].htm" file.  
27/07/2007 11:29:28 utilisateur 1456 Sign of "VBS:Malware [Script]" has been found in "C:\Documents and Settings\utilisateur\Local Settings\Temporary Internet Files\Content.IE5\4XWYGB20\HoTMaiL[1].htm" file.  
27/07/2007 11:30:20 utilisateur 1456 Sign of "VBS:Malware [Script]" has been found in "C:\Documents and Settings\utilisateur\Local Settings\Temporary Internet Files\Content.IE5\9LUHA36V\HoTMaiL[3].htm" file.  
27/07/2007 11:32:25 utilisateur 1456 Sign of "VBS:Malware [Script]" has been found in "C:\Documents and Settings\utilisateur\Local Settings\Temporary Internet Files\Content.IE5\9LUHA36V\HoTMaiL[4].htm" file.  
27/07/2007 11:35:17 utilisateur 1456 Sign of "VBS:Malware [Script]" has been found in "C:\Documents and Settings\utilisateur\Local Settings\Temporary Internet Files\Content.IE5\AKSSXQ6V\HoTMaiL[1].htm" file.  
27/07/2007 11:35:27 utilisateur 1456 Sign of "VBS:Malware [Script]" has been found in "C:\Documents and Settings\utilisateur\Local Settings\Temporary Internet Files\Content.IE5\AKSSXQ6V\HoTMaiL[2].htm" file.  
27/07/2007 11:35:43 utilisateur 1456 Sign of "VBS:Malware [Script]" has been found in "C:\Documents and Settings\utilisateur\Local Settings\Temporary Internet Files\Content.IE5\AQE1L7KE\HoTMaiL[2].htm" file.  
27/07/2007 11:35:57 utilisateur 1456 Sign of "VBS:Malware [Script]" has been found in "C:\Documents and Settings\utilisateur\Local Settings\Temporary Internet Files\Content.IE5\BOBQZQ1S\HoTMaiL[1].htm" file.  
27/07/2007 11:36:12 utilisateur 1456 Sign of "VBS:Malware [Script]" has been found in "C:\Documents and Settings\utilisateur\Local Settings\Temporary Internet Files\Content.IE5\CNTHMH46\HoTMaiL[1].htm" file.  
27/07/2007 11:36:56 utilisateur 1456 Sign of "VBS:Malware [Script]" has been found in "C:\Documents and Settings\utilisateur\Local Settings\Temporary Internet Files\Content.IE5\G1CDAJ4H\HoTMaiL[2].htm" file.  
27/07/2007 11:37:13 utilisateur 1456 Sign of "VBS:Malware [Script]" has been found in "C:\Documents and Settings\utilisateur\Local Settings\Temporary Internet Files\Content.IE5\HVZXN8LD\HoTMaiL[1].htm" file.  
27/07/2007 11:39:17 SYSTEM 1648 Sign of "VBS:Malware [Script]" has been found in "http://by106fd.bay106.hotmail.msn.com/cgi-bin/HoTMaiL?&curmbox=00000000%2d0000%2d0000%2d0000%2d000000000001&a=4fdbfa2f6dce7167d032bbb0251496e0e6f49dd8e347a1c398e2dfc3f9611714" file.  
27/07/2007 11:39:26 SYSTEM 1648 Sign of "VBS:Malware [Script]" has been found in "C:\Documents and Settings\utilisateur\Local Settings\Temporary Internet Files\Content.IE5\DB84P4DQ\HoTMaiL[1].htm" file.  
27/07/2007 11:53:55 utilisateur 1456 Sign of "VBS:Malware [Script]" has been found in "C:\Documents and Settings\utilisateur\Local Settings\Temporary Internet Files\Content.IE5\LNF7VBEC\HoTMaiL[1].htm" file.  
27/07/2007 11:54:28 utilisateur 1456 Sign of "VBS:Malware [Script]" has been found in "C:\Documents and Settings\utilisateur\Local Settings\Temporary Internet Files\Content.IE5\PR9X9AWI\HoTMaiL[1].htm" file.  
27/07/2007 11:54:28 utilisateur 1456 Sign of "VBS:Malware [Script]" has been found in "C:\Documents and Settings\utilisateur\Local Settings\Temporary Internet Files\Content.IE5\PR9X9AWI\HoTMaiL[2].htm" file.  
27/07/2007 11:54:40 utilisateur 1456 Sign of "VBS:Malware [Script]" has been found in "C:\Documents and Settings\utilisateur\Local Settings\Temporary Internet Files\Content.IE5\RNK9ESHC\HoTMaiL[1].htm" file.  
27/07/2007 11:58:38 SYSTEM 1648 Sign of "VBS:Malware [Script]" has been found in "http://by106fd.bay106.hotmail.msn.com/cgi-bin/HoTMaiL?curmbox=00000000%2d0000%2d0000%2d0000%2d000000000001&a=4fdbfa2f6dce7167d032bbb0251496e0cf0244a3ab5a0b4b09cb5878ebad6f69&fti=yes" file.  
27/07/2007 11:58:42 SYSTEM 1648 Sign of "VBS:Malware [Script]" has been found in "C:\Documents and Settings\utilisateur\Local Settings\Temporary Internet Files\Content.IE5\8U89H2M1\HoTMaiL[1].htm" file.  
27/07/2007 12:13:08 utilisateur 1456 Sign of "Win32:Winfixer-F [Trj]" has been found in "C:\WINDOWS\Downloaded Program Files\UERSV_9999_N91S1912NetInstaller.exe" file.  
27/07/2007 12:16:49 utilisateur 1456 Sign of "Win32:Rjump [Wrm]" has been found in "C:\WINDOWS\trz1D.tmp" file.  
27/07/2007 12:16:50 utilisateur 1456 Sign of "Win32:Rjump [Wrm]" has been found in "C:\WINDOWS\trzFC.tmp" file.  
29/07/2007 02:49:19 SYSTEM 1652 Sign of "Win32:Agent-JJX [Trj]" has been found in "C:\Program Files\eMule\Incoming\Client Tracks v3.8.zip" file.  
29/07/2007 09:04:38 SYSTEM 1652 Sign of "Win32:Agent-JJX [Trj]" has been found in "C:\Program Files\eMule\Incoming\Client Mail Checker Plus v1.0.0.002.zip" file.  
29/07/2007 10:00:40 utilisateur 4584 Sign of "Win32:Agent-JJX [Trj]" has been found in "E:\Mes Documents\Mailing\mailing_virus\Client Mail Checker Plus v1.0.0.002.zip\Client Mail Checker Plus v1.0.0.002.exe" file.  
29/07/2007 10:00:59 utilisateur 4584 Sign of "Win32:Agent-JJX [Trj]" has been found in "E:\Mes Documents\Mailing\mailing_virus\Client Tracks v3.8.zip\Client Tracks v3.8.exe" file.  
03/08/2007 23:31:18 utilisateur 1868 Sign of "Win32:Beagle-WA [Wrm]" has been found in "C:\Program Files\eMule\Incoming\Adaptive Mailing List 1.2.2.zip" file.  
18/08/2007 02:37:58 utilisateur 2276 Sign of "Win32:IRCbot-BKQ [Trj]" has been found in "E:\Mes Documents\Mes fichiers reçus\photo album.zip\photo album2007.pif" file.  
21/08/2007 16:09:08 SYSTEM 1904 Function setifaceUpdatePackages() has failed. Return code is 0x20000006, dwRes is 20000006.  
21/08/2007 16:09:14 SYSTEM 1904 An error has occured while attempting to update. Please check the logs.  
21/08/2007 16:17:30 SYSTEM 1904 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\UTILIS~1\LOCALS~1\Temp\88exinjs.aa.exe\[UPX]" file.  
22/08/2007 16:06:16 SYSTEM 1884 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\UTILIS~1\LOCALS~1\Temp\64exinjs.aa.exe\[UPX]" file.  
22/08/2007 16:34:08 SYSTEM 1884 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\UTILIS~1\LOCALS~1\Temp\90exinjs.aa.exe\[UPX]" file.  
22/08/2007 17:03:05 SYSTEM 1884 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\UTILIS~1\LOCALS~1\Temp\22exinjs.aa.exe\[UPX]" file.  
22/08/2007 17:30:59 SYSTEM 1884 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\UTILIS~1\LOCALS~1\Temp\94exinjs.aa.exe\[UPX]" file.  
22/08/2007 20:09:00 utilisateur 3524 Sign of "Win32:Adware-gen. [Adw]" has been found in "C:\Documents and Settings\utilisateur\Local Settings\Temp\ADMCache\adm60.tmp\asm.exe" file.  
22/08/2007 20:09:25 utilisateur 3524 Sign of "Win32:Adware-gen. [Adw]" has been found in "C:\Documents and Settings\utilisateur\Local Settings\Temp\ADMCache\adm60.tmp\asmps.dll" file.  
23/08/2007 17:25:42 SYSTEM 1904 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\UTILIS~1\LOCALS~1\Temp\64exinjs.aa.exe\[UPX]" file.  
23/08/2007 17:53:23 SYSTEM 1904 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\UTILIS~1\LOCALS~1\Temp\70exinjs.aa.exe\[UPX]" file.  
23/08/2007 18:21:14 SYSTEM 1904 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\UTILIS~1\LOCALS~1\Temp\91exinjs.aa.exe\[UPX]" file.  
25/08/2007 14:30:06 SYSTEM 1944 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\UTILIS~1\LOCALS~1\Temp\20exinjs.aa.exe\[UPX]" file.  
26/08/2007 15:58:19 SYSTEM 1888 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\UTILIS~1\LOCALS~1\Temp\67exinjs.aa.exe\[UPX]" file.  
26/08/2007 16:29:11 SYSTEM 1888 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\UTILIS~1\LOCALS~1\Temp\37exinjs.aa.exe\[UPX]" file.  
28/08/2007 13:42:01 SYSTEM 1904 Function setifaceUpdatePackages() has failed. Return code is 0x20000006, dwRes is 20000006.  
28/08/2007 13:42:03 SYSTEM 1904 An error has occured while attempting to update. Please check the logs.  
28/08/2007 13:51:35 SYSTEM 1904 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\UTILIS~1\LOCALS~1\Temp\72exinjs.aa.exe\[UPX]" file.  
28/08/2007 14:21:39 SYSTEM 1904 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\UTILIS~1\LOCALS~1\Temp\34exinjs.aa.exe\[UPX]" file.  
28/08/2007 14:49:32 SYSTEM 1904 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\UTILIS~1\LOCALS~1\Temp\23exinjs.aa.exe\[UPX]" file.  
29/08/2007 10:27:31 SYSTEM 1904 Function setifaceUpdatePackages() has failed. Return code is 0x20000006, dwRes is 20000006.  
29/08/2007 10:27:34 SYSTEM 1904 An error has occured while attempting to update. Please check the logs.  
29/08/2007 13:41:05 SYSTEM 1904 Sign of "Win32:Horst-IJ [Trj]