Se connecter / S'enregistrer
Votre question

Infection avec le virus : trojan win32:Horst-IJ[trj]

Tags :
  • Virus
  • Sécurité
Dernière réponse : dans Sécurité et virus
26 Septembre 2007 14:39:16

Bonjour à tous,

CEla fait maintenant un bon moment que Avast me signale la présence du virus suivant, et plusieurs fois par jour!!! c'est trés fatiguant..

Horst-IJ[trj]

Voilà à propos ce que le journal Avast enregistre quotidiennement, après que j'eu mis le fichier en quarantaine:
26/09/2007 14:12:14 SYSTEM 1948 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\UTILIS~1\LOCALS~1\Temp\20exinjs.aa.exe\[UPX]" file.

Enfin voici le rapport de Hijackthis:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:23:43, on 26/09/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Synaptics\SynTP\Toshiba.exe
C:\Program Files\ltmoh\Ltmoh.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe
C:\WINDOWS\system32\TPSMain.exe
C:\Program Files\TOSHIBA\Tvs\TvsTray.exe
C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe
C:\Program Files\TOSHIBA\Commandes TOSHIBA\TFncKy.exe
C:\WINDOWS\system32\TDispVol.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\TPSBattM.exe
C:\Program Files\Utimaco\SafeGuard Easy\Ecview.exe
C:\Program Files\Utimaco\SafeGuard Easy\uerlkupn.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Club-Internet\Agent Wi-Fi V2.1\McciTrayApp.exe
C:\PROGRA~1\CLUB-I~1\LECOMP~1\SMARTB~1\MotiveSB.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\vVX1000.exe
C:\Program Files\e-Carte Bleue\SG\e-Carte Bleue\ECB-SG.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Microsoft LifeCam\MSCamS32.exe
c:\Program Files\Utimaco\SafeGuard Easy\SgeCtl.exe
c:\WINDOWS\system32\SgLogPlayer.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Toshiba\TOSHIBA Applet\TAPPSRV.exe
C:\Program Files\3M\PSNLite\PsnLite.exe
C:\PROGRA~1\3M\PSNLite\PSNGive.exe
C:\Program Files\Club-Internet\Le Compagnon Club\bin\mpbtn.exe
c:\Program Files\Utimaco\SafeGuard Easy\WksCfgSrv.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Alwil Software\Avast4\ashLogV.exe
C:\Program Files\WinAce\WinAce.exe
C:\DOCUME~1\UTILIS~1\LOCALS~1\Temp\~AceTemp\HiJackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer avec Club-Internet
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: e-Carte Bleue Browser Helper Object - {2E03C0FD-4C48-43A7-9A54-00240C70FF16} - C:\WINDOWS\system32\BhoECart.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: RXResultTracker Class - {59879FA4-4790-461c-A1CC-4EC4DE4CA483} - C:\Program Files\RXToolBar\sfcont.dll (file missing)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [LtMoh] C:\Program Files\ltmoh\Ltmoh.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [THotkey] C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe
O4 - HKLM\..\Run: [TPSMain] TPSMain.exe
O4 - HKLM\..\Run: [Tvs] C:\Program Files\TOSHIBA\Tvs\TvsTray.exe
O4 - HKLM\..\Run: [SmoothView] C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe
O4 - HKLM\..\Run: [TFncKy] TFncKy.exe
O4 - HKLM\..\Run: [TDispVol] TDispVol.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Startup] C:\windows\startup.vbs
O4 - HKLM\..\Run: [SgeEcView] c:\Program Files\Utimaco\SafeGuard Easy\Ecview.exe
O4 - HKLM\..\Run: [EdWizard] c:\Program Files\Utimaco\SafeGuard Easy\EdWizard.exe as
O4 - HKLM\..\Run: [UERLKUP] c:\Program Files\Utimaco\SafeGuard Easy\uerlkupn.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [RecoverFromReboot] C:\WINDOWS\Temp\RecoverFromReboot.exe
O4 - HKLM\..\Run: [Club-Internet_McciTrayApp] C:\Program Files\Club-Internet\Agent Wi-Fi V2.1\McciTrayApp.exe
O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\CLUB-I~1\LECOMP~1\SMARTB~1\MotiveSB.exe
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [VX1000] C:\WINDOWS\vVX1000.exe
O4 - HKLM\..\Run: [LifeCam] "C:\Program Files\Microsoft LifeCam\LifeExp.exe"
O4 - HKLM\..\Run: [eCarteBleue-SG-P3] "C:\Program Files\e-Carte Bleue\SG\e-Carte Bleue\ECB-SG.exe" /dontopenmycards
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [.nvsvc] C:\WINDOWS\system\smss.exe /w
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Hide IP Platinum] C:\Program Files\HideIP\Hide IP Platinum\hideippla.exe
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: OpenOffice.org 2.0.lnk = C:\Program Files\OpenOffice.org 2.0\program\quickstart.exe
O4 - Global Startup: Adobe Acrobat Speed Launcher.lnk = ?
O4 - Global Startup: Adobe Acrobat Synchronizer.lnk = C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AdobeCollabSync.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: LE COMPAGNON CLUB.lnk = C:\Program Files\Club-Internet\Le Compagnon Club\bin\matcli.exe
O4 - Global Startup: Post-it® Software Notes Lite.lnk = C:\Program Files\3M\PSNLite\PsnLite.exe
O8 - Extra context menu item: &ieSpell Options - res://C:\Program Files\ieSpell\iespell.dll/SPELLOPTION.HTM
O8 - Extra context menu item: Advanced Email Extractor - res://C:\Program%20Files\Advanced%20Email%20Extractor%20PRO\AeePMsie.dll/page.html
O8 - Extra context menu item: Append to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Check &Spelling - res://C:\Program Files\ieSpell\iespell.dll/SPELLCHECK.HTM
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Scan link with AEE - res://C:\Program%20Files\Advanced%20Email%20Extractor%20PRO\AeePMsie.dll/link.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:\Program Files\ieSpell\iespell.dll
O9 - Extra 'Tools' menuitem: ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:\Program Files\ieSpell\iespell.dll
O9 - Extra button: (no name) - {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - C:\Program Files\ieSpell\iespell.dll
O9 - Extra 'Tools' menuitem: ieSpell Options - {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - C:\Program Files\ieSpell\iespell.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Email Extractor - {AFA7DB99-3E4D-4396-94F8-B0B135BCB472} - res://C:\Program%20Files\Advanced%20Email%20Extractor%20PRO\AeePMsie.dll/page.html (file missing) (HKCU)
O9 - Extra 'Tools' menuitem: Advanced Email Extractor - {AFA7DB99-3E4D-4396-94F8-B0B135BCB472} - res://C:\Program%20Files\Advanced%20Email%20Extractor%20PRO\AeePMsie.dll/page.html (file missing) (HKCU)
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267....
O16 - DPF: {65683480-5699-11D4-9D2C-525400E80BD5} (GlobFXCtl Class) - http://www.globfx.com/webplayer/globfx.cab
O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://srv01.admin.over-blog.com/_cdata/js/javauploader...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
O16 - DPF: {91D4B4D5-E368-40AB-8F53-A37FA634B471} (Installer9Ctrl Class) - http://www.tellmemoreeducation.com/bin/tol9inst.cab
O16 - DPF: {9B17FE0E-51F2-4692-8B32-8EFB805FC0E7} (HPObjectInstaller Class) - http://h30155.www3.hp.com/ediags/dd/install/guidedsolut...
O16 - DPF: {C7C7152F-6E85-44F3-A14B-A7F85FDDEA3B} (InstallerCtrl Class) - http://v7.e-tmm.com/bin/tol7inst.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
O16 - DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} (AxisMediaControlEmb Class) - http://happywash.dnsalias.com:81/activex/AMC.cab
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/controls/msnchat45.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O18 - Filter hijack: text/html - {2AB289AE-4B90-4281-B2AE-1F4BB034B647} - C:\Program Files\RXToolBar\sfcont.dll
O20 - Winlogon Notify: NotLog - C:\WINDOWS\SYSTEM32\SGLogEx.dll
O20 - Winlogon Notify: SGLogNotification - C:\WINDOWS\SYSTEM32\SGLogNotification.dll
O20 - Winlogon Notify: uerclt - C:\WINDOWS\SYSTEM32\uercltn.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: SafeGuard Easy Control (SgeCtl) - Utimaco Safeware AG - c:\Program Files\Utimaco\SafeGuard Easy\SgeCtl.exe
O23 - Service: SafeGuard SGLOG Player (SgLogPlayer) - Utimaco Safeware AG - c:\WINDOWS\system32\SgLogPlayer.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: TOSHIBA Application Service (TAPPSRV) - TOSHIBA Corp. - C:\Program Files\Toshiba\TOSHIBA Applet\TAPPSRV.exe
O23 - Service: SafeGuard Easy Workstation Server (WksCfgSrv) - Utimaco Safeware AG - c:\Program Files\Utimaco\SafeGuard Easy\WksCfgSrv.exe

--
End of file - 17205 bytes

_______

Savez vous comment faire? je vous en serez trés reconnaissant.
mrerci

Autres pages sur : infection virus trojan win32 horst trj

a b 8 Sécurité
26 Septembre 2007 14:41:49

Bonjour,

Télécharge SDFix (créé par AndyManchesta) et sauvegarde le sur ton Bureau.
Double clique sur SDFix.exe et choisis Install pour l'extraire sur le Bureau.

Redémarre en mode sans échec

  • Ouvre le dossier SDFix qui vient d'être créé à la racine de ton dique dur (C:) et double clique sur RunThis.bat pour lancer le script.
  • Appuie sur Y pour commencer le processus de nettoyage.
  • Il va supprimer les services et les entrées du Registre de certains trojans trouvés puis te demandera d'appuyer sur une touche pour redémarrer.
  • Appuie sur une touche pour redémarrer le PC.
  • Ton système sera plus long pour redémarrer qu'à l'accoutumée car l'outil va continuer à s'exécuter et supprimer des fichiers.
  • Après le chargement du Bureau, l'outil terminera son travail et affichera Finished.
  • Appuie sur une touche pour finir l'exécution du script et charger les icônes de ton Bureau.
  • Les icônes du Bureau affichées, le rapport SDFix s'ouvrira à l'écran et s'enregistrera aussi dans le dossier SDFix sous le nom Report.txt.
  • Enfin, copie/colle le contenu du fichier Report.txt dans ta prochaine réponse sur le forum, avec un nouveau log Hijackthis.
    27 Septembre 2007 19:15:24

    Ca à l'air de fonctionner merci beaucoup :-)

    Voici le rapport de Hijack:


    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 19:01:24, on 27/09/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16512)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Microsoft LifeCam\MSCamS32.exe
    c:\Program Files\Utimaco\SafeGuard Easy\SgeCtl.exe
    c:\WINDOWS\system32\SgLogPlayer.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Toshiba\TOSHIBA Applet\TAPPSRV.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\WINDOWS\system32\notepad.exe
    C:\WINDOWS\system32\igfxtray.exe
    C:\WINDOWS\system32\hkcmd.exe
    C:\WINDOWS\system32\igfxpers.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\Synaptics\SynTP\Toshiba.exe
    C:\WINDOWS\RTHDCPL.EXE
    C:\Program Files\ltmoh\Ltmoh.exe
    C:\WINDOWS\AGRSMMSG.exe
    C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe
    C:\WINDOWS\system32\TPSMain.exe
    C:\Program Files\TOSHIBA\Tvs\TvsTray.exe
    C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe
    C:\Program Files\TOSHIBA\Commandes TOSHIBA\TFncKy.exe
    C:\WINDOWS\system32\TDispVol.exe
    C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
    C:\Program Files\Utimaco\SafeGuard Easy\Ecview.exe
    C:\WINDOWS\system32\TPSBattM.exe
    C:\Program Files\Utimaco\SafeGuard Easy\uerlkupn.exe
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\Program Files\Club-Internet\Agent Wi-Fi V2.1\McciTrayApp.exe
    C:\PROGRA~1\CLUB-I~1\LECOMP~1\SMARTB~1\MotiveSB.exe
    C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
    C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe
    C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
    C:\WINDOWS\vVX1000.exe
    C:\Program Files\e-Carte Bleue\SG\e-Carte Bleue\ECB-SG.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    c:\Program Files\Utimaco\SafeGuard Easy\WksCfgSrv.exe
    C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
    C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
    C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files\DAEMON Tools\daemon.exe
    C:\Program Files\3M\PSNLite\PsnLite.exe
    C:\PROGRA~1\3M\PSNLite\PSNGive.exe
    C:\Program Files\Club-Internet\Le Compagnon Club\bin\mpbtn.exe
    C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE
    C:\Program Files\WinAce\WinAce.exe
    C:\DOCUME~1\UTILIS~1\LOCALS~1\Temp\~AceTemp\HiJackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer avec Club-Internet
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: e-Carte Bleue Browser Helper Object - {2E03C0FD-4C48-43A7-9A54-00240C70FF16} - C:\WINDOWS\system32\BhoECart.dll
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O2 - BHO: RXResultTracker Class - {59879FA4-4790-461c-A1CC-4EC4DE4CA483} - C:\Program Files\RXToolBar\sfcont.dll (file missing)
    O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
    O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
    O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
    O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
    O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
    O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
    O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
    O4 - HKLM\..\Run: [LtMoh] C:\Program Files\ltmoh\Ltmoh.exe
    O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
    O4 - HKLM\..\Run: [THotkey] C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe
    O4 - HKLM\..\Run: [TPSMain] TPSMain.exe
    O4 - HKLM\..\Run: [Tvs] C:\Program Files\TOSHIBA\Tvs\TvsTray.exe
    O4 - HKLM\..\Run: [SmoothView] C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe
    O4 - HKLM\..\Run: [TFncKy] TFncKy.exe
    O4 - HKLM\..\Run: [TDispVol] TDispVol.exe
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [Startup] C:\windows\startup.vbs
    O4 - HKLM\..\Run: [SgeEcView] c:\Program Files\Utimaco\SafeGuard Easy\Ecview.exe
    O4 - HKLM\..\Run: [EdWizard] c:\Program Files\Utimaco\SafeGuard Easy\EdWizard.exe as
    O4 - HKLM\..\Run: [UERLKUP] c:\Program Files\Utimaco\SafeGuard Easy\uerlkupn.exe
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [RecoverFromReboot] C:\WINDOWS\Temp\RecoverFromReboot.exe
    O4 - HKLM\..\Run: [Club-Internet_McciTrayApp] C:\Program Files\Club-Internet\Agent Wi-Fi V2.1\McciTrayApp.exe
    O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\CLUB-I~1\LECOMP~1\SMARTB~1\MotiveSB.exe
    O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
    O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [VX1000] C:\WINDOWS\vVX1000.exe
    O4 - HKLM\..\Run: [LifeCam] "C:\Program Files\Microsoft LifeCam\LifeExp.exe"
    O4 - HKLM\..\Run: [eCarteBleue-SG-P3] "C:\Program Files\e-Carte Bleue\SG\e-Carte Bleue\ECB-SG.exe" /dontopenmycards
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"
    O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
    O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [Hide IP Platinum] C:\Program Files\HideIP\Hide IP Platinum\hideippla.exe
    O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Startup: OpenOffice.org 2.0.lnk = C:\Program Files\OpenOffice.org 2.0\program\quickstart.exe
    O4 - Global Startup: Adobe Acrobat Speed Launcher.lnk = ?
    O4 - Global Startup: Adobe Acrobat Synchronizer.lnk = C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AdobeCollabSync.exe
    O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: LE COMPAGNON CLUB.lnk = C:\Program Files\Club-Internet\Le Compagnon Club\bin\matcli.exe
    O4 - Global Startup: Post-it® Software Notes Lite.lnk = C:\Program Files\3M\PSNLite\PsnLite.exe
    O8 - Extra context menu item: &ieSpell Options - res://C:\Program Files\ieSpell\iespell.dll/SPELLOPTION.HTM
    O8 - Extra context menu item: Advanced Email Extractor - res://C:\Program%20Files\Advanced%20Email%20Extractor%20PRO\AeePMsie.dll/page.html
    O8 - Extra context menu item: Append to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
    O8 - Extra context menu item: Check &Spelling - res://C:\Program Files\ieSpell\iespell.dll/SPELLCHECK.HTM
    O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
    O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
    O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
    O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
    O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
    O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
    O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
    O8 - Extra context menu item: Scan link with AEE - res://C:\Program%20Files\Advanced%20Email%20Extractor%20PRO\AeePMsie.dll/link.html
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
    O9 - Extra button: ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:\Program Files\ieSpell\iespell.dll
    O9 - Extra 'Tools' menuitem: ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:\Program Files\ieSpell\iespell.dll
    O9 - Extra button: (no name) - {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - C:\Program Files\ieSpell\iespell.dll
    O9 - Extra 'Tools' menuitem: ieSpell Options - {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - C:\Program Files\ieSpell\iespell.dll
    O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra button: Email Extractor - {AFA7DB99-3E4D-4396-94F8-B0B135BCB472} - res://C:\Program%20Files\Advanced%20Email%20Extractor%20PRO\AeePMsie.dll/page.html (file missing) (HKCU)
    O9 - Extra 'Tools' menuitem: Advanced Email Extractor - {AFA7DB99-3E4D-4396-94F8-B0B135BCB472} - res://C:\Program%20Files\Advanced%20Email%20Extractor%20PRO\AeePMsie.dll/page.html (file missing) (HKCU)
    O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267....
    O16 - DPF: {65683480-5699-11D4-9D2C-525400E80BD5} (GlobFXCtl Class) - http://www.globfx.com/webplayer/globfx.cab
    O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://srv01.admin.over-blog.com/_cdata/js/javauploader...
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
    O16 - DPF: {91D4B4D5-E368-40AB-8F53-A37FA634B471} (Installer9Ctrl Class) - http://www.tellmemoreeducation.com/bin/tol9inst.cab
    O16 - DPF: {9B17FE0E-51F2-4692-8B32-8EFB805FC0E7} (HPObjectInstaller Class) - http://h30155.www3.hp.com/ediags/dd/install/guidedsolut...
    O16 - DPF: {C7C7152F-6E85-44F3-A14B-A7F85FDDEA3B} (InstallerCtrl Class) - http://v7.e-tmm.com/bin/tol7inst.cab
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
    O16 - DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} (AxisMediaControlEmb Class) - http://happywash.dnsalias.com:81/activex/AMC.cab
    O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/controls/msnchat45.cab
    O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
    O18 - Filter hijack: text/html - {2AB289AE-4B90-4281-B2AE-1F4BB034B647} - C:\Program Files\RXToolBar\sfcont.dll
    O20 - Winlogon Notify: NotLog - C:\WINDOWS\SYSTEM32\SGLogEx.dll
    O20 - Winlogon Notify: SGLogNotification - C:\WINDOWS\SYSTEM32\SGLogNotification.dll
    O20 - Winlogon Notify: uerclt - C:\WINDOWS\SYSTEM32\uercltn.dll
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
    O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: SafeGuard Easy Control (SgeCtl) - Utimaco Safeware AG - c:\Program Files\Utimaco\SafeGuard Easy\SgeCtl.exe
    O23 - Service: SafeGuard SGLOG Player (SgLogPlayer) - Utimaco Safeware AG - c:\WINDOWS\system32\SgLogPlayer.exe
    O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
    O23 - Service: TOSHIBA Application Service (TAPPSRV) - TOSHIBA Corp. - C:\Program Files\Toshiba\TOSHIBA Applet\TAPPSRV.exe
    O23 - Service: SafeGuard Easy Workstation Server (WksCfgSrv) - Utimaco Safeware AG - c:\Program Files\Utimaco\SafeGuard Easy\WksCfgSrv.exe

    --
    End of file - 17064 bytes

    Contenus similaires
    a b 8 Sécurité
    27 Septembre 2007 19:18:40

    Le rapport SDFix ?
    27 Septembre 2007 20:05:16

    :S Excuse moi voila le rapport de Sdfix

    pardon^^


    17/09/2006 16:32:43 SYSTEM 276 Function setifaceUpdatePackages() has failed. Return code is 0x20000011, dwRes is 20000011.
    17/09/2006 16:32:44 SYSTEM 276 An error has occured while attempting to update. Please check the logs.
    26/09/2006 22:28:39 utilisateur 1712 Sign of "VBS:Malware [Script]" has been found in "C:\TG\msg\getmsg.htm" file.
    26/09/2006 22:29:23 utilisateur 1712 Sign of "VBS:Malware [Script]" has been found in "C:\TG\msg\getmsg2.htm" file.
    30/09/2006 13:11:27 SYSTEM 1984 Function setifaceUpdatePackages() has failed. Return code is 0x20000011, dwRes is 20000011.
    30/09/2006 13:11:28 SYSTEM 1984 An error has occured while attempting to update. Please check the logs.
    30/09/2006 14:18:51 SYSTEM 1524 Function setifaceUpdatePackages() has failed. Return code is 0x20000011, dwRes is 20000011.
    30/09/2006 14:18:51 SYSTEM 1524 An error has occured while attempting to update. Please check the logs.
    30/09/2006 14:20:09 utilisateur 1492 Function setifaceUpdatePackages() has failed. Return code is 0x20000011, dwRes is 20000011.
    02/10/2006 23:22:42 utilisateur 2916 Function setifaceUpdatePackages() has failed. Return code is 0x000004C7, dwRes is 000004C7.
    02/10/2006 23:24:19 utilisateur 708 Sign of "VBS:Malware [Script]" has been found in "C:\RECYCLER\S-1-5-21-4003283229-3873438383-1261831753-1005\Dc2.htm" file.
    09/10/2006 22:08:02 utilisateur 228 Sign of "Win32:Adware-gen. [Adw]" has been found in "C:\WINDOWS\Downloaded Program Files\WebP2PInstaller.dll" file.
    09/10/2006 22:08:23 utilisateur 228 Sign of "Win32:Adware-gen. [Adw]" has been found in "C:\WINDOWS\Downloaded Program Files\WebP2PInstaller.dll" file.
    09/10/2006 22:08:40 utilisateur 228 Sign of "Win32:Adware-gen. [Adw]" has been found in "C:\WINDOWS\system32\P2P Networking\MARSHAL.DLL" file.
    09/10/2006 22:09:07 utilisateur 228 Sign of "Win32:Lineage-197 [Trj]" has been found in "C:\WINDOWS\system32\P2P Networking v126.cpl" file.
    09/10/2006 22:09:15 utilisateur 228 Sign of "Win32:Adware-gen. [Adw]" has been found in "C:\WINDOWS\system32\P2P Networking\MARSHAL.DLL" file.
    09/10/2006 22:09:27 utilisateur 228 Sign of "Win32:Adware-gen. [Adw]" has been found in "C:\Program Files\Altnet\Download Manager\asm.exe" file.
    09/10/2006 22:09:30 utilisateur 228 Sign of "Win32:Adware-gen. [Adw]" has been found in "C:\Program Files\Altnet\Download Manager\asmps.dll" file.
    09/10/2006 22:09:32 utilisateur 228 Sign of "Win32:Adware-gen. [Adw]" has been found in "C:\Program Files\Altnet\Download Manager\ASM.exe" file.
    09/10/2006 22:09:34 utilisateur 228 Sign of "Win32:Adware-gen. [Adw]" has been found in "C:\Program Files\Altnet\Download Manager\ASMps.dll" file.
    09/10/2006 22:14:35 utilisateur 1780 Sign of "Win32:Adware-gen. [Adw]" has been found in "c:\program files\altnet\download manager\asm.exe" file.
    09/10/2006 22:21:21 utilisateur 228 Sign of "Win32:Adware-gen. [Adw]" has been found in "C:\PROGRA~1\RXTOOL~1\SEMANT~1\SEMANT~1.EXE" file.
    09/10/2006 22:21:27 utilisateur 228 Sign of "Win32:Findbar [Adw]" has been found in "C:\Program Files\Need2Find\bar\1.bin\ND2FNBAR.DLL" file.
    09/10/2006 22:21:31 utilisateur 228 Sign of "Win32:Adan-057 [Adw]" has been found in "C:\PROGRA~1\INSTAF~1\INSTAF~1.DLL" file.
    10/10/2006 10:04:18 utilisateur 1148 Sign of "Win32:Adan-057 [Adw]" has been found in "C:\PROGRA~1\INSTAF~1\INSTAF~1.DLL" file.
    10/10/2006 10:06:02 utilisateur 1148 Sign of "Win32:Findbar [Adw]" has been found in "C:\Program Files\Need2Find\bar\1.bin\ND2FNBAR.DLL" file.
    10/10/2006 10:21:43 utilisateur 1148 Sign of "Win32:Adware-gen. [Adw]" has been found in "C:\Program Files\RXToolBar\Semantic Insight\SemanticInsight.exe" file.
    10/10/2006 13:26:33 utilisateur 1588 Sign of "Win32:Findbar [Adw]" has been found in "C:\Program Files\Need2Find\bar\1.bin\ND2FNBAR.DLL" file.
    10/10/2006 13:26:37 utilisateur 1588 Sign of "Win32:Adan-057 [Adw]" has been found in "C:\PROGRA~1\INSTAF~1\INSTAF~1.DLL" file.
    10/10/2006 16:27:28 utilisateur 1688 Sign of "Win32:Findbar [Adw]" has been found in "C:\Program Files\Need2Find\bar\1.bin\ND2FNBAR.DLL" file.
    10/10/2006 16:27:47 utilisateur 1688 Sign of "Win32:Adan-057 [Adw]" has been found in "C:\PROGRA~1\INSTAF~1\INSTAF~1.DLL" file.
    10/10/2006 16:27:59 utilisateur 1688 Sign of "Win32:Adware-gen. [Adw]" has been found in "C:\Program Files\RXToolBar\Semantic Insight\SemanticInsight.exe" file.
    10/10/2006 17:08:56 utilisateur 1688 Sign of "Win32:Lineage-197 [Trj]" has been found in "C:\WINDOWS\system32\P2P Networking v126.cpl" file.
    10/10/2006 18:30:47 SYSTEM 948 Sign of "Win32:Adware-gen. [Adw]" has been found in "C:\PROGRA~1\Altnet\DOWNLO~1\asm.exe" file.
    10/10/2006 21:16:24 utilisateur 1708 Sign of "Win32:Adware-gen. [Adw]" has been found in "C:\Program Files\Altnet\Download Manager\AltnetUninstall.exe" file.
    10/10/2006 21:17:04 utilisateur 1708 Sign of "Win32:Adware-gen. [Adw]" has been found in "C:\PROGRAM FILES\ALTNET\DOWNLOAD MANAGER\ASMPS.DLL" file.
    10/10/2006 21:19:20 utilisateur 1708 Sign of "Win32:Adware-gen. [Adw]" has been found in "C:\Program Files\Altnet\Points Manager\sysdetect.dll" file.
    10/10/2006 21:19:36 utilisateur 1708 Sign of "Win32:Adware-gen. [Adw]" has been found in "C:\Program Files\Altnet\Download Manager\asmend.exe" file.
    11/10/2006 18:03:48 utilisateur 236 Sign of "Win32:Adware-gen. [Adw]" has been found in "C:\PROGRA~1\MOZILL~2\plugins\NPNd2fn.dll" file.
    11/10/2006 20:56:53 utilisateur 236 Sign of "Win32:Adware-gen. [Adw]" has been found in "C:\WINDOWS\system32\P2P Networking\MARSHAL.DLL" file.
    11/10/2006 21:08:22 utilisateur 236 Sign of "Win32:Agent-AWB [Adw]" has been found in "C:\Program Files\Setup\Setup.exe" file.
    11/10/2006 21:10:32 utilisateur 236 Sign of "Win32:Agent-AWB [Adw]" has been found in "C:\Program Files\Setup\Setup.exe" file.
    11/10/2006 21:10:34 utilisateur 236 Sign of "Win32:Agent-AWB [Adw]" has been found in "C:\Program Files\Setup\SET158.tmp" file.
    11/10/2006 21:10:36 utilisateur 236 Sign of "Win32:Agent-AWB [Adw]" has been found in "C:\Program Files\Setup\Setup.exe" file.
    11/10/2006 21:10:38 utilisateur 236 Sign of "Win32:Agent-AWB [Adw]" has been found in "C:\Program Files\Setup\Setup.exe" file.
    24/10/2006 21:25:09 SYSTEM 176 Sign of "VBS:Malware [Script]" has been found in "G:\msg\getmsg.htm" file.
    24/10/2006 21:25:18 SYSTEM 176 Sign of "VBS:Malware [Script]" has been found in "G:\msg\getmsg2.htm" file.
    07/11/2006 01:02:27 SYSTEM 1992 Sign of "Win32:Agent-AWB [Adw]" has been found in "C:\Program Files\Setup\Setup.exe" file.
    07/11/2006 01:02:45 SYSTEM 1992 Sign of "Win32:Agent-AWB [Adw]" has been found in "C:\Program Files\Setup\SET10A.tmp" file.
    15/11/2006 17:17:23 SYSTEM 1984 Sign of "Win32:Adware-gen. [Adw]" has been found in "C:\DOCUME~1\UTILIS~1\LOCALS~1\Temp\uninstall.exe" file.
    15/11/2006 17:17:31 SYSTEM 1984 Sign of "Win32:Adware-gen. [Adw]" has been found in "C:\Program Files\Club-Internet\Agent Wi-Fi V2.1\uninstall.exe" file.
    21/11/2006 01:07:03 SYSTEM 1992 Function setifaceUpdatePackages() has failed. Return code is 0xC0000142, dwRes is C0000142.
    21/11/2006 01:07:04 SYSTEM 1992 An error has occured while attempting to update. Please check the logs.
    30/11/2006 21:07:35 utilisateur 1732 Sign of "Win32:Adware-gen. [Adw]" has been found in "C:\Program Files\Altnet\Download Manager\asmend.exe" file.
    30/11/2006 21:11:50 utilisateur 1732 Sign of "Win32:Adware-gen. [Adw]" has been found in "C:\Program Files\Need2Find\bar\1.bin\NPND2FN.DLL" file.
    30/11/2006 21:13:19 utilisateur 1732 Sign of "Win32:Adware-gen. [Adw]" has been found in "C:\System Volume Information\_restore{996C70E0-A140-4C7E-8366-3FEF2D2989EA}\RP39\A0014930.exe" file.
    30/11/2006 21:13:27 utilisateur 1732 Sign of "Win32:Adware-gen. [Adw]" has been found in "C:\System Volume Information\_restore{996C70E0-A140-4C7E-8366-3FEF2D2989EA}\RP39\A0014931.DLL" file.
    15/01/2007 13:49:14 SYSTEM 2008 Function setifaceUpdatePackages() has failed. Return code is 0xC0000142, dwRes is C0000142.
    15/01/2007 13:49:15 SYSTEM 2008 An error has occured while attempting to update. Please check the logs.
    05/03/2007 15:24:30 utilisateur 2028 Sign of "Win32:NSAnti-BH [Trj]" has been found in "G:\sxs.exe" file.
    06/03/2007 23:03:00 SYSTEM 132 Sign of "Win32:Agent-DYR [Wrm]" has been found in "C:\Documents and Settings\utilisateur\svc012.exe" file.
    07/03/2007 18:24:34 SYSTEM 132 Sign of "Win32:Agent-DYR [Wrm]" has been found in "G:\ie.exe" file.
    10/03/2007 04:50:44 SYSTEM 148 Function setifaceUpdatePackages() has failed. Return code is 0xC0000142, dwRes is C0000142.
    10/03/2007 04:50:45 SYSTEM 148 An error has occured while attempting to update. Please check the logs.
    17/03/2007 13:39:19 È’|(‚àáË 2036 Function setifaceUpdatePackages() has failed. Return code is 0xC000003A, dwRes is C000003A.
    17/03/2007 13:39:19 È’|(‚àáË 2036 An error has occured while attempting to update. Please check the logs.
    20/03/2007 13:09:55 utilisateur 2136 Sign of "Win32:Rjump [Wrm]" has been found in "c:\windows\adober.exe" file.
    20/03/2007 13:15:26 utilisateur 688 Sign of "Win32:Spyware-gen. [Trj]" has been found in "C:\Documents and Settings\utilisateur\Local Settings\Temp\p2psetup.exe" file.
    20/03/2007 13:16:28 utilisateur 688 Function setifaceUpdatePackages() has failed. Return code is 0x000004C7, dwRes is 000004C7.
    20/03/2007 13:22:36 utilisateur 688 Sign of "Win32:Trojan-gen. {UPX!}" has been found in "C:\Documents and Settings\utilisateur\Local Settings\Temporary Internet Files\Content.IE5\N0I9RSNG\ref92302[1]\ref92302.exe" file.
    20/03/2007 13:31:03 utilisateur 688 Sign of "Win32:Spyware-gen. [Trj]" has been found in "C:\Program Files\Need2Find\bar\1.bin\N2PLUGIN.DLL" file.
    20/03/2007 13:32:27 utilisateur 688 Sign of "Win32:Rjump [Wrm]" has been found in "C:\System Volume Information\_restore{996C70E0-A140-4C7E-8366-3FEF2D2989EA}\RP86\A0028421.exe" file.
    20/03/2007 13:32:34 utilisateur 688 Sign of "Win32:Spyware-gen. [Trj]" has been found in "C:\System Volume Information\_restore{996C70E0-A140-4C7E-8366-3FEF2D2989EA}\RP86\A0028424.DLL" file.
    20/03/2007 14:15:29 utilisateur 688 Sign of "Win32:Rjump [Wrm]" has been found in "C:\WINDOWS\trz13.tmp" file.
    24/03/2007 18:56:50 SYSTEM 2248 Function setifaceUpdatePackages() has failed. Return code is 0x20000011, dwRes is 20000011.
    24/03/2007 18:56:51 SYSTEM 2248 An error has occured while attempting to update. Please check the logs.
    05/04/2007 09:03:22 SYSTEM 2024 Function setifaceUpdatePackages() has failed. Return code is 0x20000004, dwRes is 20000004.
    05/04/2007 09:03:23 SYSTEM 2024 An error has occured while attempting to update. Please check the logs.
    05/04/2007 11:28:10 SYSTEM 1972 Function setifaceUpdatePackages() has failed. Return code is 0x20000006, dwRes is 20000006.
    05/04/2007 11:28:12 SYSTEM 1972 An error has occured while attempting to update. Please check the logs.
    06/04/2007 11:31:20 SYSTEM 1992 Function setifaceUpdatePackages() has failed. Return code is 0x20000006, dwRes is 20000006.
    06/04/2007 11:31:21 SYSTEM 1992 An error has occured while attempting to update. Please check the logs.
    10/04/2007 12:04:21 SYSTEM 2012 Function setifaceUpdatePackages() has failed. Return code is 0x20000006, dwRes is 20000006.
    10/04/2007 12:04:24 SYSTEM 2012 An error has occured while attempting to update. Please check the logs.
    10/04/2007 12:49:12 SYSTEM 2008 Function setifaceUpdatePackages() has failed. Return code is 0x20000006, dwRes is 20000006.
    10/04/2007 12:49:13 SYSTEM 2008 An error has occured while attempting to update. Please check the logs.
    11/04/2007 11:33:24 SYSTEM 1992 Function setifaceUpdatePackages() has failed. Return code is 0x20000006, dwRes is 20000006.
    11/04/2007 11:33:25 SYSTEM 1992 An error has occured while attempting to update. Please check the logs.
    12/04/2007 20:34:37 utilisateur 5524 Sign of "Win32:Rjump [Wrm]" has been found in "c:\windows\adober.exe" file.
    15/04/2007 13:28:46 SYSTEM 1996 Function setifaceUpdatePackages() has failed. Return code is 0x20000006, dwRes is 20000006.
    15/04/2007 13:28:47 SYSTEM 1996 An error has occured while attempting to update. Please check the logs.
    16/04/2007 10:02:00 SYSTEM 1996 Function setifaceUpdatePackages() has failed. Return code is 0x20000006, dwRes is 20000006.
    16/04/2007 10:02:01 SYSTEM 1996 An error has occured while attempting to update. Please check the logs.
    16/04/2007 13:22:24 SYSTEM 1964 Function setifaceUpdatePackages() has failed. Return code is 0x20000006, dwRes is 20000006.
    16/04/2007 13:22:25 SYSTEM 1964 An error has occured while attempting to update. Please check the logs.
    16/04/2007 15:44:33 SYSTEM 1928 Function setifaceUpdatePackages() has failed. Return code is 0x20000006, dwRes is 20000006.
    16/04/2007 15:44:34 SYSTEM 1928 An error has occured while attempting to update. Please check the logs.
    17/04/2007 11:33:23 SYSTEM 1824 Function setifaceUpdatePackages() has failed. Return code is 0x20000006, dwRes is 20000006.
    17/04/2007 11:33:25 SYSTEM 1824 An error has occured while attempting to update. Please check the logs.
    17/04/2007 13:22:06 SYSTEM 1848 Function setifaceUpdatePackages() has failed. Return code is 0x20000006, dwRes is 20000006.
    17/04/2007 13:22:07 SYSTEM 1848 An error has occured while attempting to update. Please check the logs.
    22/04/2007 14:12:46 SYSTEM 1816 Function setifaceUpdatePackages() has failed. Return code is 0x20000011, dwRes is 20000011.
    22/04/2007 14:12:49 SYSTEM 1816 Function setifaceUpdatePackages() has failed. Return code is 0x20000011, dwRes is 20000011.
    22/04/2007 14:12:50 SYSTEM 1816 An error has occured while attempting to update. Please check the logs.
    23/04/2007 17:40:42 SYSTEM 1840 Function setifaceUpdatePackages() has failed. Return code is 0x20000011, dwRes is 20000011.
    23/04/2007 17:40:43 SYSTEM 1840 An error has occured while attempting to update. Please check the logs.
    26/04/2007 16:35:53 SYSTEM 1856 Function setifaceUpdatePackages() has failed. Return code is 0x20000011, dwRes is 20000011.
    26/04/2007 16:35:54 SYSTEM 1856 An error has occured while attempting to update. Please check the logs.
    26/04/2007 17:15:01 utilisateur 4000 Sign of "VBS:Malware [Script]" has been found in "G:\folder.htt" file.
    26/04/2007 17:15:24 utilisateur 4000 Sign of "Win32:Trojan-gen. {Other}" has been found in "G:\sxs.exe" file.
    26/04/2007 17:15:30 utilisateur 4000 Sign of "Win32:p erlovga" has been found in "G:\copy.exe\[MEW]" file.
    26/04/2007 17:15:33 utilisateur 4000 Sign of "Win32:Trojan-gen. {Other}" has been found in "G:\host.exe\[Embedded#08004]" file.
    26/04/2007 17:15:39 utilisateur 4000 Sign of "Win32:Small-ABY [Trj]" has been found in "G:\host.exe\[Embedded#10a1a]" file.
    27/04/2007 12:18:44 utilisateur 2400 Sign of "Win32:Rjump [Wrm]" has been found in "G:\AdobeR.exe" file.
    27/04/2007 12:19:00 utilisateur 2400 Sign of "Win32:Rjump [Wrm]" has been found in "G:\trz3.tmp" file.
    03/05/2007 12:39:01 utilisateur 1848 Sign of "Win32:Trojan-gen. {Other}" has been found in "C:\WINDOWS\system32\rdihost.dll" file.
    03/05/2007 12:40:01 utilisateur 1848 Function setifaceUpdatePackages() has failed. Return code is 0x20000006, dwRes is 20000006.
    03/05/2007 12:40:02 utilisateur 1848 An error has occured while attempting to update. Please check the logs.
    03/05/2007 14:02:58 utilisateur 1820 Sign of "Win32:Trojan-gen. {Other}" has been found in "C:\WINDOWS\system32\rdihost.dll" file.
    03/05/2007 14:04:18 utilisateur 1820 Function setifaceUpdatePackages() has failed. Return code is 0x20000006, dwRes is 20000006.
    03/05/2007 14:04:20 utilisateur 1820 An error has occured while attempting to update. Please check the logs.
    10/05/2007 09:50:56 SYSTEM 1828 Function setifaceUpdatePackages() has failed. Return code is 0x20000006, dwRes is 20000006.
    10/05/2007 09:50:58 SYSTEM 1828 An error has occured while attempting to update. Please check the logs.
    15/05/2007 12:11:16 SYSTEM 1792 Function setifaceUpdatePackages() has failed. Return code is 0x20000006, dwRes is 20000006.
    15/05/2007 12:11:24 SYSTEM 1792 An error has occured while attempting to update. Please check the logs.
    16/05/2007 09:53:38 SYSTEM 1776 Function setifaceUpdatePackages() has failed. Return code is 0x20000006, dwRes is 20000006.
    16/05/2007 09:53:41 SYSTEM 1776 An error has occured while attempting to update. Please check the logs.
    19/05/2007 12:01:43 SYSTEM 1824 Function setifaceUpdatePackages() has failed. Return code is 0xC0000142, dwRes is C0000142.
    19/05/2007 12:01:44 SYSTEM 1824 An error has occured while attempting to update. Please check the logs.
    21/05/2007 05:27:44 utilisateur 1820 Sign of "Win32:Trojan-gen. {Other}" has been found in "C:\WINDOWS\AdobeR.exe" file.
    26/05/2007 15:01:48 SYSTEM 1856 Function setifaceUpdatePackages() has failed. Return code is 0x20000011, dwRes is 20000011.
    26/05/2007 15:01:50 SYSTEM 1856 An error has occured while attempting to update. Please check the logs.
    01/06/2007 23:12:44 utilisateur 1640 Sign of "Win32:Trojan-gen. {Other}" has been found in "G:\AdobeR.exe" file.
    27/07/2007 10:48:09 SYSTEM 1648 Sign of "VBS:Malware [Script]" has been found in "http://by106fd.bay106.hotmail.msn.com/cgi-bin/HoTMaiL?c..." file.
    27/07/2007 10:48:26 SYSTEM 1648 Sign of "VBS:Malware [Script]" has been found in "C:\Documents and Settings\utilisateur\Local Settings\Temporary Internet Files\Content.IE5\N0I9RSNG\HoTMaiL[1].htm" file.
    27/07/2007 10:51:19 SYSTEM 1648 Sign of "VBS:Malware [Script]" has been found in "http://by106fd.bay106.hotmail.msn.com/cgi-bin/HoTMaiL?&..." file.
    27/07/2007 10:51:31 SYSTEM 1648 Sign of "VBS:Malware [Script]" has been found in "C:\Documents and Settings\utilisateur\Local Settings\Temporary Internet Files\Content.IE5\F00440J0\HoTMaiL[1].htm" file.
    27/07/2007 10:52:31 SYSTEM 1648 Sign of "VBS:Malware [Script]" has been found in "http://by106fd.bay106.hotmail.msn.com/cgi-bin/HoTMaiL?&..." file.
    27/07/2007 10:52:59 SYSTEM 1648 Sign of "VBS:Malware [Script]" has been found in "C:\Documents and Settings\utilisateur\Local Settings\Temporary Internet Files\Content.IE5\T7QSLS71\HoTMaiL[2].htm" file.
    27/07/2007 10:59:22 utilisateur 1456 Sign of "VBS:Malware [Script]" has been found in "C:\Documents and Settings\utilisateur\Local Settings\Temporary Internet Files\Content.IE5\1BBY6R3F\HoTMaiL[1].htm" file.
    27/07/2007 11:29:08 utilisateur 1456 Sign of "VBS:Malware [Script]" has been found in "C:\Documents and Settings\utilisateur\Local Settings\Temporary Internet Files\Content.IE5\1BBY6R3F\HoTMaiL[2].htm" file.
    27/07/2007 11:29:28 utilisateur 1456 Sign of "VBS:Malware [Script]" has been found in "C:\Documents and Settings\utilisateur\Local Settings\Temporary Internet Files\Content.IE5\4XWYGB20\HoTMaiL[1].htm" file.
    27/07/2007 11:30:20 utilisateur 1456 Sign of "VBS:Malware [Script]" has been found in "C:\Documents and Settings\utilisateur\Local Settings\Temporary Internet Files\Content.IE5\9LUHA36V\HoTMaiL[3].htm" file.
    27/07/2007 11:32:25 utilisateur 1456 Sign of "VBS:Malware [Script]" has been found in "C:\Documents and Settings\utilisateur\Local Settings\Temporary Internet Files\Content.IE5\9LUHA36V\HoTMaiL[4].htm" file.
    27/07/2007 11:35:17 utilisateur 1456 Sign of "VBS:Malware [Script]" has been found in "C:\Documents and Settings\utilisateur\Local Settings\Temporary Internet Files\Content.IE5\AKSSXQ6V\HoTMaiL[1].htm" file.
    27/07/2007 11:35:27 utilisateur 1456 Sign of "VBS:Malware [Script]" has been found in "C:\Documents and Settings\utilisateur\Local Settings\Temporary Internet Files\Content.IE5\AKSSXQ6V\HoTMaiL[2].htm" file.
    27/07/2007 11:35:43 utilisateur 1456 Sign of "VBS:Malware [Script]" has been found in "C:\Documents and Settings\utilisateur\Local Settings\Temporary Internet Files\Content.IE5\AQE1L7KE\HoTMaiL[2].htm" file.
    27/07/2007 11:35:57 utilisateur 1456 Sign of "VBS:Malware [Script]" has been found in "C:\Documents and Settings\utilisateur\Local Settings\Temporary Internet Files\Content.IE5\BOBQZQ1S\HoTMaiL[1].htm" file.
    27/07/2007 11:36:12 utilisateur 1456 Sign of "VBS:Malware [Script]" has been found in "C:\Documents and Settings\utilisateur\Local Settings\Temporary Internet Files\Content.IE5\CNTHMH46\HoTMaiL[1].htm" file.
    27/07/2007 11:36:56 utilisateur 1456 Sign of "VBS:Malware [Script]" has been found in "C:\Documents and Settings\utilisateur\Local Settings\Temporary Internet Files\Content.IE5\G1CDAJ4H\HoTMaiL[2].htm" file.
    27/07/2007 11:37:13 utilisateur 1456 Sign of "VBS:Malware [Script]" has been found in "C:\Documents and Settings\utilisateur\Local Settings\Temporary Internet Files\Content.IE5\HVZXN8LD\HoTMaiL[1].htm" file.
    27/07/2007 11:39:17 SYSTEM 1648 Sign of "VBS:Malware [Script]" has been found in "http://by106fd.bay106.hotmail.msn.com/cgi-bin/HoTMaiL?&..." file.
    27/07/2007 11:39:26 SYSTEM 1648 Sign of "VBS:Malware [Script]" has been found in "C:\Documents and Settings\utilisateur\Local Settings\Temporary Internet Files\Content.IE5\DB84P4DQ\HoTMaiL[1].htm" file.
    27/07/2007 11:53:55 utilisateur 1456 Sign of "VBS:Malware [Script]" has been found in "C:\Documents and Settings\utilisateur\Local Settings\Temporary Internet Files\Content.IE5\LNF7VBEC\HoTMaiL[1].htm" file.
    27/07/2007 11:54:28 utilisateur 1456 Sign of "VBS:Malware [Script]" has been found in "C:\Documents and Settings\utilisateur\Local Settings\Temporary Internet Files\Content.IE5\PR9X9AWI\HoTMaiL[1].htm" file.
    27/07/2007 11:54:28 utilisateur 1456 Sign of "VBS:Malware [Script]" has been found in "C:\Documents and Settings\utilisateur\Local Settings\Temporary Internet Files\Content.IE5\PR9X9AWI\HoTMaiL[2].htm" file.
    27/07/2007 11:54:40 utilisateur 1456 Sign of "VBS:Malware [Script]" has been found in "C:\Documents and Settings\utilisateur\Local Settings\Temporary Internet Files\Content.IE5\RNK9ESHC\HoTMaiL[1].htm" file.
    27/07/2007 11:58:38 SYSTEM 1648 Sign of "VBS:Malware [Script]" has been found in "http://by106fd.bay106.hotmail.msn.com/cgi-bin/HoTMaiL?c..." file.
    27/07/2007 11:58:42 SYSTEM 1648 Sign of "VBS:Malware [Script]" has been found in "C:\Documents and Settings\utilisateur\Local Settings\Temporary Internet Files\Content.IE5\8U89H2M1\HoTMaiL[1].htm" file.
    27/07/2007 12:13:08 utilisateur 1456 Sign of "Win32:Winfixer-F [Trj]" has been found in "C:\WINDOWS\Downloaded Program Files\UERSV_9999_N91S1912NetInstaller.exe" file.
    27/07/2007 12:16:49 utilisateur 1456 Sign of "Win32:Rjump [Wrm]" has been found in "C:\WINDOWS\trz1D.tmp" file.
    27/07/2007 12:16:50 utilisateur 1456 Sign of "Win32:Rjump [Wrm]" has been found in "C:\WINDOWS\trzFC.tmp" file.
    29/07/2007 02:49:19 SYSTEM 1652 Sign of "Win32:Agent-JJX [Trj]" has been found in "C:\Program Files\eMule\Incoming\Client Tracks v3.8.zip" file.
    29/07/2007 09:04:38 SYSTEM 1652 Sign of "Win32:Agent-JJX [Trj]" has been found in "C:\Program Files\eMule\Incoming\Client Mail Checker Plus v1.0.0.002.zip" file.
    29/07/2007 10:00:40 utilisateur 4584 Sign of "Win32:Agent-JJX [Trj]" has been found in "E:\Mes Documents\Mailing\mailing_virus\Client Mail Checker Plus v1.0.0.002.zip\Client Mail Checker Plus v1.0.0.002.exe" file.
    29/07/2007 10:00:59 utilisateur 4584 Sign of "Win32:Agent-JJX [Trj]" has been found in "E:\Mes Documents\Mailing\mailing_virus\Client Tracks v3.8.zip\Client Tracks v3.8.exe" file.
    03/08/2007 23:31:18 utilisateur 1868 Sign of "Win32:Beagle-WA [Wrm]" has been found in "C:\Program Files\eMule\Incoming\Adaptive Mailing List 1.2.2.zip" file.
    18/08/2007 02:37:58 utilisateur 2276 Sign of "Win32:IRCbot-BKQ [Trj]" has been found in "E:\Mes Documents\Mes fichiers reçus\photo album.zip\photo album2007.pif" file.
    21/08/2007 16:09:08 SYSTEM 1904 Function setifaceUpdatePackages() has failed. Return code is 0x20000006, dwRes is 20000006.
    21/08/2007 16:09:14 SYSTEM 1904 An error has occured while attempting to update. Please check the logs.
    21/08/2007 16:17:30 SYSTEM 1904 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\UTILIS~1\LOCALS~1\Temp\88exinjs.aa.exe\[UPX]" file.
    22/08/2007 16:06:16 SYSTEM 1884 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\UTILIS~1\LOCALS~1\Temp\64exinjs.aa.exe\[UPX]" file.
    22/08/2007 16:34:08 SYSTEM 1884 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\UTILIS~1\LOCALS~1\Temp\90exinjs.aa.exe\[UPX]" file.
    22/08/2007 17:03:05 SYSTEM 1884 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\UTILIS~1\LOCALS~1\Temp\22exinjs.aa.exe\[UPX]" file.
    22/08/2007 17:30:59 SYSTEM 1884 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\UTILIS~1\LOCALS~1\Temp\94exinjs.aa.exe\[UPX]" file.
    22/08/2007 20:09:00 utilisateur 3524 Sign of "Win32:Adware-gen. [Adw]" has been found in "C:\Documents and Settings\utilisateur\Local Settings\Temp\ADMCache\adm60.tmp\asm.exe" file.
    22/08/2007 20:09:25 utilisateur 3524 Sign of "Win32:Adware-gen. [Adw]" has been found in "C:\Documents and Settings\utilisateur\Local Settings\Temp\ADMCache\adm60.tmp\asmps.dll" file.
    23/08/2007 17:25:42 SYSTEM 1904 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\UTILIS~1\LOCALS~1\Temp\64exinjs.aa.exe\[UPX]" file.
    23/08/2007 17:53:23 SYSTEM 1904 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\UTILIS~1\LOCALS~1\Temp\70exinjs.aa.exe\[UPX]" file.
    23/08/2007 18:21:14 SYSTEM 1904 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\UTILIS~1\LOCALS~1\Temp\91exinjs.aa.exe\[UPX]" file.
    25/08/2007 14:30:06 SYSTEM 1944 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\UTILIS~1\LOCALS~1\Temp\20exinjs.aa.exe\[UPX]" file.
    26/08/2007 15:58:19 SYSTEM 1888 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\UTILIS~1\LOCALS~1\Temp\67exinjs.aa.exe\[UPX]" file.
    26/08/2007 16:29:11 SYSTEM 1888 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\UTILIS~1\LOCALS~1\Temp\37exinjs.aa.exe\[UPX]" file.
    28/08/2007 13:42:01 SYSTEM 1904 Function setifaceUpdatePackages() has failed. Return code is 0x20000006, dwRes is 20000006.
    28/08/2007 13:42:03 SYSTEM 1904 An error has occured while attempting to update. Please check the logs.
    28/08/2007 13:51:35 SYSTEM 1904 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\UTILIS~1\LOCALS~1\Temp\72exinjs.aa.exe\[UPX]" file.
    28/08/2007 14:21:39 SYSTEM 1904 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\UTILIS~1\LOCALS~1\Temp\34exinjs.aa.exe\[UPX]" file.
    28/08/2007 14:49:32 SYSTEM 1904 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\UTILIS~1\LOCALS~1\Temp\23exinjs.aa.exe\[UPX]" file.
    29/08/2007 10:27:31 SYSTEM 1904 Function setifaceUpdatePackages() has failed. Return code is 0x20000006, dwRes is 20000006.
    29/08/2007 10:27:34 SYSTEM 1904 An error has occured while attempting to update. Please check the logs.
    29/08/2007 13:41:05 SYSTEM 1904 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\UTILIS~1\LOCALS~1\Temp\36exinjs.aa.exe\[UPX]" file.
    29/08/2007 14:09:01 SYSTEM 1904 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\UTILIS~1\LOCALS~1\Temp\46exinjs.aa.exe\[UPX]" file.
    29/08/2007 14:38:40 SYSTEM 1920 Function setifaceUpdatePackages() has failed. Return code is 0x20000006, dwRes is 20000006.
    29/08/2007 14:40:09 SYSTEM 1920 Function setifaceUpdatePackages() has failed. Return code is 0x20000006, dwRes is 20000006.
    29/08/2007 14:40:09 SYSTEM 1920 An error has occured while attempting to update. Please check the logs.
    29/08/2007 14:47:26 SYSTEM 1920 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\UTILIS~1\LOCALS~1\Temp\47exinjs.aa.exe\[UPX]" file.
    30/08/2007 12:50:24 SYSTEM 1884 Function setifaceUpdatePackages() has failed. Return code is 0x20000006, dwRes is 20000006.
    30/08/2007 12:50:35 SYSTEM 1884 Function setifaceUpdatePackages() has failed. Return code is 0x20000006, dwRes is 20000006.
    30/08/2007 12:50:35 SYSTEM 1884 An error has occured while attempting to update. Please check the logs.
    30/08/2007 13:14:26 SYSTEM 1884 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\UTILIS~1\LOCALS~1\Temp\96exinjs.aa.exe\[UPX]" file.
    31/08/2007 12:07:35 SYSTEM 1908 Function setifaceUpdatePackages() has failed. Return code is 0x20000006, dwRes is 20000006.
    31/08/2007 12:07:42 SYSTEM 1908 Function setifaceUpdatePackages() has failed. Return code is 0x20000006, dwRes is 20000006.
    31/08/2007 12:07:43 SYSTEM 1908 An error has occured while attempting to update. Please check the logs.
    31/08/2007 12:16:27 SYSTEM 1908 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\UTILIS~1\LOCALS~1\Temp\42exinjs.aa.exe\[UPX]" file.
    31/08/2007 12:44:24 SYSTEM 1908 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\UTILIS~1\LOCALS~1\Temp\46exinjs.aa.exe\[UPX]" file.
    31/08/2007 13:12:18 SYSTEM 1908 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\UTILIS~1\LOCALS~1\Temp\81exinjs.aa.exe\[UPX]" file.
    03/09/2007 13:26:10 SYSTEM 1700 Function setifaceUpdatePackages() has failed. Return code is 0x20000006, dwRes is 20000006.
    03/09/2007 13:26:22 SYSTEM 1700 Function setifaceUpdatePackages() has failed. Return code is 0x20000006, dwRes is 20000006.
    03/09/2007 13:26:22 SYSTEM 1700 An error has occured while attempting to update. Please check the logs.
    04/09/2007 15:13:40 SYSTEM 1956 Function setifaceUpdatePackages() has failed. Return code is 0x20000006, dwRes is 20000006.
    04/09/2007 15:13:50 SYSTEM 1956 Function setifaceUpdatePackages() has failed. Return code is 0x20000006, dwRes is 20000006.
    04/09/2007 15:13:50 SYSTEM 1956 An error has occured while attempting to update. Please check the logs.
    04/09/2007 15:22:08 SYSTEM 1956 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\UTILIS~1\LOCALS~1\Temp\57exinjs.aa.exe\[UPX]" file.
    04/09/2007 15:52:38 SYSTEM 1956 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\UTILIS~1\LOCALS~1\Temp\36exinjs.aa.exe\[UPX]" file.
    04/09/2007 16:20:34 SYSTEM 1956 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\UTILIS~1\LOCALS~1\Temp\7exinjs.aa.exe\[UPX]" file.
    04/09/2007 16:49:57 SYSTEM 1956 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\UTILIS~1\LOCALS~1\Temp\24exinjs.aa.exe\[UPX]" file.
    04/09/2007 17:17:15 SYSTEM 1956 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\UTILIS~1\LOCALS~1\Temp\6exinjs.aa.exe\[UPX]" file.
    05/09/2007 15:16:55 SYSTEM 1932 Function setifaceUpdatePackages() has failed. Return code is 0x20000006, dwRes is 20000006.
    05/09/2007 15:17:11 SYSTEM 1932 Function setifaceUpdatePackages() has failed. Return code is 0x20000006, dwRes is 20000006.
    05/09/2007 15:17:11 SYSTEM 1932 An error has occured while attempting to update. Please check the logs.
    05/09/2007 15:17:42 utilisateur 1744 Function setifaceUpdatePackages() has failed. Return code is 0x2000000A, dwRes is 2000000A.
    05/09/2007 15:26:27 SYSTEM 1932 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\UTILIS~1\LOCALS~1\Temp\57exinjs.aa.exe\[UPX]" file.
    05/09/2007 15:54:15 SYSTEM 1932 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\UTILIS~1\LOCALS~1\Temp\83exinjs.aa.exe\[UPX]" file.
    05/09/2007 18:54:40 SYSTEM 1932 Function setifaceUpdatePackages() has failed. Return code is 0x20000006, dwRes is 20000006.
    05/09/2007 18:54:50 SYSTEM 1932 Function setifaceUpdatePackages() has failed. Return code is 0x20000006, dwRes is 20000006.
    05/09/2007 18:54:50 SYSTEM 1932 An error has occured while attempting to update. Please check the logs.
    05/09/2007 19:04:08 SYSTEM 1932 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\UTILIS~1\LOCALS~1\Temp\92exinjs.aa.exe\[UPX]" file.
    06/09/2007 16:10:21 SYSTEM 1972 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\UTILIS~1\LOCALS~1\Temp\76exinjs.aa.exe\[UPX]" file.
    07/09/2007 09:42:55 utilisateur 1912 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\UTILIS~1\LOCALS~1\Temp\80exinjs.aa.exe\[UPX]" file.
    07/09/2007 21:35:07 SYSTEM 1912 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\UTILIS~1\LOCALS~1\Temp\51exinjs.aa.exe\[UPX]" file.
    07/09/2007 22:04:11 SYSTEM 1912 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\UTILIS~1\LOCALS~1\Temp\0exinjs.aa.exe\[UPX]" file.
    07/09/2007 22:22:36 SYSTEM 1912 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\UTILIS~1\LOCALS~1\Temp\69exinjs.aa.exe\[UPX]" file.
    07/09/2007 22:30:50 SYSTEM 1912 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\UTILIS~1\LOCALS~1\Temp\67exinjs.aa.exe\[UPX]" file.
    08/09/2007 12:03:21 utilisateur 1896 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\UTILIS~1\LOCALS~1\Temp\72exinjs.aa.exe\[UPX]" file.
    08/09/2007 13:05:02 utilisateur 1896 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\UTILIS~1\LOCALS~1\Temp\56exinjs.aa.exe\[UPX]" file.
    08/09/2007 13:55:46 utilisateur 1896 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\UTILIS~1\LOCALS~1\Temp\52exinjs.aa.exe\[UPX]" file.
    08/09/2007 14:39:41 utilisateur 1896 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\UTILIS~1\LOCALS~1\Temp\68exinjs.aa.exe\[UPX]" file.
    08/09/2007 15:25:18 utilisateur 1896 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\UTILIS~1\LOCALS~1\Temp\62exinjs.aa.exe\[UPX]" file.
    08/09/2007 16:00:07 utilisateur 1896 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\UTILIS~1\LOCALS~1\Temp\27exinjs.aa.exe\[UPX]" file.
    08/09/2007 16:09:12 utilisateur 1896 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\UTILIS~1\LOCALS~1\Temp\61exinjs.aa.exe\[UPX]" file.
    08/09/2007 16:50:20 utilisateur 1896 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\UTILIS~1\LOCALS~1\Temp\38exinjs.aa.exe\[UPX]" file.
    08/09/2007 17:14:04 utilisateur 1896 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\UTILIS~1\LOCALS~1\Temp\90exinjs.aa.exe\[UPX]" file.
    08/09/2007 17:14:09 utilisateur 1896 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\UTILIS~1\LOCALS~1\Temp\90exinjs.aa.exe\[UPX]" file.
    08/09/2007 17:26:34 utilisateur 1896 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\UTILIS~1\LOCALS~1\Temp\25exinjs.aa.exe\[UPX]" file.
    08/09/2007 18:02:40 utilisateur 1896 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\UTILIS~1\LOCALS~1\Temp\93exinjs.aa.exe\[UPX]" file.
    08/09/2007 18:44:12 utilisateur 1896 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\UTILIS~1\LOCALS~1\Temp\48exinjs.aa.exe\[UPX]" file.
    08/09/2007 19:52:34 utilisateur 1896 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\UTILIS~1\LOCALS~1\Temp\61exinjs.aa.exe\[UPX]" file.
    08/09/2007 20:27:47 utilisateur 1896 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\UTILIS~1\LOCALS~1\Temp\70exinjs.aa.exe\[UPX]" file.
    08/09/2007 20:44:38 utilisateur 1896 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\UTILIS~1\LOCALS~1\Temp\17exinjs.aa.exe\[UPX]" file.
    08/09/2007 20:49:47 utilisateur 1896 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\UTILIS~1\LOCALS~1\Temp\24exinjs.aa.exe\[UPX]" file.
    08/09/2007 21:18:03 utilisateur 1896 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\UTILIS~1\LOCALS~1\Temp\65exinjs.aa.exe\[UPX]" file.
    08/09/2007 21:50:34 utilisateur 1896 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\UTILIS~1\LOCALS~1\Temp\16exinjs.aa.exe\[UPX]" file.
    08/09/2007 22:25:46 utilisateur 1896 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\UTILIS~1\LOCALS~1\Temp\50exinjs.aa.exe\[UPX]" file.
    08/09/2007 23:01:01 utilisateur 1896 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\UTILIS~1\LOCALS~1\Temp\38exinjs.aa.exe\[UPX]" file.
    09/09/2007 16:30:03 utilisateur 2004 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\UTILIS~1\LOCALS~1\Temp\11exinjs.aa.exe\[UPX]" file.
    13/09/2007 10:20:35 SYSTEM 1936 Function setifaceUpdatePackages() has failed. Return code is 0x20000006, dwRes is 20000006.
    13/09/2007 10:20:36 SYSTEM 1936 An error has occured while attempting to update. Please check the logs.
    13/09/2007 12:06:24 SYSTEM 1936 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\UTILIS~1\LOCALS~1\Temp\96exinjs.aa.exe\[UPX]" file.
    13/09/2007 13:28:44 SYSTEM 1936 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\UTILIS~1\LOCALS~1\Temp\60exinjs.aa.exe\[UPX]" file.
    13/09/2007 16:57:32 SYSTEM 1936 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\UTILIS~1\LOCALS~1\Temp\18exinjs.aa.exe\[UPX]" file.
    14/09/2007 14:06:22 utilisateur 1940 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\UTILIS~1\LOCALS~1\Temp\56exinjs.aa.exe\[UPX]" file.
    14/09/2007 14:18:34 utilisateur 4420 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\Documents and Settings\utilisateur\Local Settings\Temp\90exinjs.aa.exe\[UPX]" file.
    14/09/2007 14:42:12 utilisateur 1940 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\UTILIS~1\LOCALS~1\Temp\5exinjs.aa.exe\[UPX]" file.
    14/09/2007 15:03:13 utilisateur 4420 Sign of "Win32:Agent-AWB [Adw]" has been found in "C:\Program Files\Daemon\daemon408-139-x86.exe\$INSTDIR\SetupDTSB.exe\DaemonTools_WhenUSave_Installer.exe" file.
    14/09/2007 15:09:59 utilisateur 1940 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\UTILIS~1\LOCALS~1\Temp\47exinjs.aa.exe\[UPX]" file.
    14/09/2007 15:38:26 utilisateur 4420 Sign of "Win32:Agent-AWB [Adw]" has been found in "C:\Program Files\WinAce\VVSNInst.exe\Setup.exe" file.
    14/09/2007 15:40:09 utilisateur 4420 Sign of "Win32:Agent-JXG [Trj]" has been found in "C:\System Volume Information\_restore{996C70E0-A140-4C7E-8366-3FEF2D2989EA}\RP155\A0043115.exe\[UPX]" file.
    14/09/2007 15:53:29 utilisateur 1940 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\UTILIS~1\LOCALS~1\Temp\17exinjs.aa.exe\[UPX]" file.
    14/09/2007 15:55:24 utilisateur 4420 Sign of "Win32:Agent-AWB [Adw]" has been found in "C:\System Volume Information\_restore{996C70E0-A140-4C7E-8366-3FEF2D2989EA}\RP167\A0051724.exe\$INSTDIR\SetupDTSB.exe\DaemonTools_WhenUSave_Installer.exe" file.
    14/09/2007 15:55:35 utilisateur 4420 Sign of "Win32:Agent-AWB [Adw]" has been found in "C:\System Volume Information\_restore{996C70E0-A140-4C7E-8366-3FEF2D2989EA}\RP167\A0051727.exe\Setup.exe" file.
    14/09/2007 16:07:10 utilisateur 4420 Sign of "Win32:IRCbot-BKQ [Trj]" has been found in "C:\WINDOWS\photo album.zip\photo album2007.pif" file.
    17/09/2007 17:33:29 SYSTEM 1928 Function setifaceUpdatePackages() has failed. Return code is 0x20000006, dwRes is 20000006.
    17/09/2007 17:33:31 SYSTEM 1928 An error has occured while attempting to update. Please check the logs.
    18/09/2007 14:20:23 SYSTEM 1956 Function setifaceUpdatePackages() has failed. Return code is 0x20000006, dwRes is 20000006.
    18/09/2007 14:20:25 SYSTEM 1956 An error has occured while attempting to update. Please check the logs.
    18/09/2007 14:21:52 SYSTEM 1956 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\UTILIS~1\LOCALS~1\Temp\67exinjs.aa.exe\[UPX]" file.
    18/09/2007 15:59:29 SYSTEM 1956 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\UTILIS~1\LOCALS~1\Temp\11exinjs.aa.exe\[UPX]" file.
    18/09/2007 16:44:25 SYSTEM 1956 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\UTILIS~1\LOCALS~1\Temp\34exinjs.aa.exe\[UPX]" file.
    19/09/2007 11:01:42 SYSTEM 1956 Function setifaceUpdatePackages() has failed. Return code is 0xC0000142, dwRes is C0000142.
    19/09/2007 11:01:43 SYSTEM 1956 An error has occured while attempting to update. Please check the logs.
    19/09/2007 11:14:04 SYSTEM 1996 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\UTILIS~1\LOCALS~1\Temp\6exinjs.aa.exe\[UPX]" file.
    19/09/2007 12:54:12 SYSTEM 1996 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\UTILIS~1\LOCALS~1\Temp\82exinjs.aa.exe\[UPX]" file.
    20/09/2007 10:10:22 SYSTEM 1960 Function setifaceUpdatePackages() has failed. Return code is 0x20000006, dwRes is 20000006.
    20/09/2007 10:10:24 SYSTEM 1960 An error has occured while attempting to update. Please check the logs.
    20/09/2007 10:19:26 SYSTEM 1960 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\UTILIS~1\LOCALS~1\Temp\3exinjs.aa.exe\[UPX]" file.
    20/09/2007 12:14:11 SYSTEM 1960 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\UTILIS~1\LOCALS~1\Temp\79exinjs.aa.exe\[UPX]" file.
    20/09/2007 12:44:44 SYSTEM 1960 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\UTILIS~1\LOCALS~1\Temp\46exinjs.aa.exe\[UPX]" file.
    20/09/2007 13:17:36 SYSTEM 1960 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\UTILIS~1\LOCALS~1\Temp\75exinjs.aa.exe\[UPX]" file.
    20/09/2007 14:49:38 SYSTEM 1988 Function setifaceUpdatePackages() has failed. Return code is 0x20000006, dwRes is 20000006.
    20/09/2007 14:49:39 SYSTEM 1988 An error has occured while attempting to update. Please check the logs.
    20/09/2007 18:33:20 SYSTEM 1952 Function setifaceUpdatePackages() has failed. Return code is 0x20000006, dwRes is 20000006.
    20/09/2007 18:33:21 SYSTEM 1952 An error has occured while attempting to update. Please check the logs.
    20/09/2007 18:41:42 SYSTEM 1952 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\UTILIS~1\LOCALS~1\Temp\72exinjs.aa.exe\[UPX]" file.
    20/09/2007 18:41:43 SYSTEM 1952 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\UTILIS~1\LOCALS~1\Temp\72exinjs.aa.exe\[UPX]" file.
    20/09/2007 19:09:36 SYSTEM 1952 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\UTILIS~1\LOCALS~1\Temp\55exinjs.aa.exe\[UPX]" file.
    21/09/2007 09:54:17 SYSTEM 1972 Function setifaceUpdatePackages() has failed. Return code is 0x20000006, dwRes is 20000006.
    21/09/2007 09:54:18 SYSTEM 1972 An error has occured while attempting to update. Please check the logs.
    21/09/2007 10:09:05 SYSTEM 1972 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\UTILIS~1\LOCALS~1\Temp\32exinjs.aa.exe\[UPX]" file.
    21/09/2007 11:20:48 SYSTEM 1972 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\UTILIS~1\LOCALS~1\Temp\11exinjs.aa.exe\[UPX]" file.
    21/09/2007 13:49:33 SYSTEM 1976 Function setifaceUpdatePackages() has failed. Return code is 0x20000006, dwRes is 20000006.
    21/09/2007 13:49:35 SYSTEM 1976 An error has occured while attempting to update. Please check the logs.
    21/09/2007 17:48:23 SYSTEM 1976 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\UTILIS~1\LOCALS~1\Temp\6exinjs.aa.exe\[UPX]" file.
    24/09/2007 09:23:19 SYSTEM 1992 Function setifaceUpdatePackages() has failed. Return code is 0x20000006, dwRes is 20000006.
    24/09/2007 09:23:20 SYSTEM 1992 An error has occured while attempting to update. Please check the logs.
    24/09/2007 09:31:25 SYSTEM 1992 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\UTILIS~1\LOCALS~1\Temp\42exinjs.aa.exe\[UPX]" file.
    24/09/2007 10:27:16 SYSTEM 1992 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\UTILIS~1\LOCALS~1\Temp\22exinjs.aa.exe\[UPX]" file.
    24/09/2007 11:08:01 SYSTEM 1992 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\UTILIS~1\LOCALS~1\Temp\33exinjs.aa.exe\[UPX]" file.
    24/09/2007 11:37:14 SYSTEM 1992 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\UTILIS~1\LOCALS~1\Temp\90exinjs.aa.exe\[UPX]" file.
    24/09/2007 13:11:49 SYSTEM 1992 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\UTILIS~1\LOCALS~1\Temp\13exinjs.aa.exe\[UPX]" file.
    24/09/2007 14:24:04 SYSTEM 1992 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\UTILIS~1\LOCALS~1\Temp\46exinjs.aa.exe\[UPX]" file.
    24/09/2007 15:26:57 SYSTEM 1992 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\UTILIS~1\LOCALS~1\Temp\40exinjs.aa.exe\[UPX]" file.
    24/09/2007 17:35:13 SYSTEM 1992 Function setifaceUpdatePackages() has failed. Return code is 0x20000006, dwRes is 20000006.
    24/09/2007 17:35:14 SYSTEM 1992 An error has occured while attempting to update. Please check the logs.
    24/09/2007 17:45:11 SYSTEM 1992 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\UTILIS~1\LOCALS~1\Temp\55exinjs.aa.exe\[UPX]" file.
    24/09/2007 18:13:48 SYSTEM 1992 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\UTILIS~1\LOCALS~1\Temp\79exinjs.aa.exe\[UPX]" file.
    24/09/2007 21:54:06 utilisateur 2816 Function setifaceUpdatePackages() has failed. Return code is 0x000004C7, dwRes is 000004C7.
    24/09/2007 22:59:32 utilisateur 2816 Sign of "Win32:Spyware-gen. [Trj]" has been found in "C:\Program Files\WinAce\VVSNInst.exe" file.
    25/09/2007 08:49:26 utilisateur 2816 Sign of "Win32:Spyware-gen. [Trj]" has been found in "C:\System Volume Information\_restore{996C70E0-A140-4C7E-8366-3FEF2D2989EA}\RP167\A0051727.exe" file.
    25/09/2007 08:50:40 utilisateur 2816 Sign of "Win32:Spyware-gen. [Trj]" has been found in "C:\System Volume Information\_restore{996C70E0-A140-4C7E-8366-3FEF2D2989EA}\RP171\A0053321.exe" file.
    25/09/2007 09:59:14 SYSTEM 1960 Function setifaceUpdatePackages() has failed. Return code is 0x20000006, dwRes is 20000006.
    25/09/2007 09:59:15 SYSTEM 1960 An error has occured while attempting to update. Please check the logs.
    25/09/2007 10:07:49 SYSTEM 1960 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\UTILIS~1\LOCALS~1\Temp\36exinjs.aa.exe\[UPX]" file.
    25/09/2007 16:03:45 SYSTEM 1960 Function setifaceUpdatePackages() has failed. Return code is 0x20000006, dwRes is 20000006.
    25/09/2007 16:03:45 SYSTEM 1960 An error has occured while attempting to update. Please check the logs.
    25/09/2007 16:13:08 SYSTEM 1960 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\UTILIS~1\LOCALS~1\Temp\49exinjs.aa.exe\[UPX]" file.
    25/09/2007 16:40:58 SYSTEM 1960 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\UTILIS~1\LOCALS~1\Temp\52exinjs.aa.exe\[UPX]" file.
    25/09/2007 19:36:24 SYSTEM 1960 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\UTILIS~1\LOCALS~1\Temp\14exinjs.aa.exe\[UPX]" file.
    25/09/2007 20:04:23 SYSTEM 1960 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\UTILIS~1\LOCALS~1\Temp\8exinjs.aa.exe\[UPX]" file.
    26/09/2007 10:15:12 SYSTEM 1948 Function setifaceUpdatePackages() has failed. Return code is 0x20000006, dwRes is 20000006.
    26/09/2007 10:15:14 SYSTEM 1948 An error has occured while attempting to update. Please check the logs.
    26/09/2007 10:23:45 SYSTEM 1948 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\UTILIS~1\LOCALS~1\Temp\28exinjs.aa.exe\[UPX]" file.
    26/09/2007 12:31:45 SYSTEM 1948 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\UTILIS~1\LOCALS~1\Temp\65exinjs.aa.exe\[UPX]" file.
    26/09/2007 14:12:14 SYSTEM 1948 Sign of "Win32:Horst-IJ [Trj]" has been found in "C:\DOCUME~1\UTILIS~1\LOCALS~1\Temp\20exinjs.aa.exe\[UPX]" file.
    a b 8 Sécurité
    27 Septembre 2007 20:20:16

    C'est pas SDFix ça.
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS