Tomate1981

bonjour à tous, voila j'ai avast comme anti virus bien mis a jour et tout, et j'ai regulierement des alertes d'infection par win32 horst N, win 32 Horst L, win32 agent VM, kapucen B, je pense que le mieux est de vous montrer mon journal avast... à chaque alerte, j'ai choisi "supprimer", et lorsque je laisse le PC connecté un journée entiere j'ai des dizaines d'alertes en fin de journée... merci si quelqu'un a une solution... ah et en regardant un peu ce forum j'ai telecharge et fait un hijackthis dont le logfile suit, si ca peut vous aider et si j'ai bien compris... Thomas journal avast: 20/09/2006 10:39:44 Administrateur 1000 Sign of "Win32:Kapucen-B [Wrm]" has been found in "C:\Program Files\eMule\Temp\004.part" file. 21/09/2006 00:30:29 Administrateur 1120 Sign of "Win32:Trojan-gen. {UPX!}" has been found in "C:\Program Files\eMule\Incoming\YSB_toolBar.exe" file. 21/09/2006 18:09:10 Administrateur 1036 Sign of "Win32:Trojan-gen. {UPX!}" has been found in "C:\Program Files\eMule\Incoming\setup.exe" file. 21/09/2006 21:12:53 Administrateur 1036 Sign of "Win32:Trojan-gen. {UPX!}" has been found in "C:\DOCUME~1\Administrateur\Local Settings\Temp\YSB_toolBar.exe" file. 24/09/2006 11:43:38 Administrateur 1068 Sign of "Win32:Agent-VM [Trj]" has been found in "C:\DOCUME~1\Administrateur\Local Settings\Temp\60exmodul32d.4.exe\[uPX]" file. 24/09/2006 19:33:01 Administrateur 1068 Sign of "Win32:Agent-VM [Trj]" has been found in "C:\DOCUME~1\Administrateur\Local Settings\Temp\53exmodul32d.4.exe\[uPX]" file. 24/09/2006 19:33:04 Administrateur 1068 Sign of "Win32:Agent-VM [Trj]" has been found in "C:\DOCUME~1\Administrateur\Local Settings\Temp\72exmodul32d.4.exe\[uPX]" file. 24/09/2006 19:33:23 Administrateur 1068 Sign of "Win32:Agent-VM [Trj]" has been found in "C:\DOCUME~1\Administrateur\Local Settings\Temp\44exmodul32d.4.exe\[uPX]" file. 24/09/2006 19:33:26 Administrateur 1068 Sign of "Win32:Agent-VM [Trj]" has been found in "C:\DOCUME~1\Administrateur\Local Settings\Temp\29exmodul32d.4.exe\[uPX]" file. 24/09/2006 19:33:30 Administrateur 1068 Sign of "Win32:Agent-VM [Trj]" has been found in "C:\DOCUME~1\Administrateur\Local Settings\Temp\38exmodul32d.4.exe\[uPX]" file. 24/09/2006 19:33:32 Administrateur 1068 Sign of "Win32:Agent-VM [Trj]" has been found in "C:\DOCUME~1\Administrateur\Local Settings\Temp\4exmodul32d.4.exe\[uPX]" file. 24/09/2006 19:57:27 Administrateur 1068 Sign of "Win32:Agent-VM [Trj]" has been found in "C:\DOCUME~1\Administrateur\Local Settings\Temp\45exmodul32d.4.exe\[uPX]" file. 24/09/2006 21:20:51 Administrateur 1068 Sign of "Win32:Agent-VM [Trj]" has been found in "C:\DOCUME~1\Administrateur\Local Settings\Temp\13exmodul32d.4.exe\[uPX]" file. 24/09/2006 22:12:47 Administrateur 1068 Sign of "Win32:Agent-VM [Trj]" has been found in "C:\DOCUME~1\Administrateur\Local Settings\Temp\10exmodul32d.4.exe\[uPX]" file. 25/09/2006 09:13:08 Administrateur 1168 Sign of "Win32:Agent-VM [Trj]" has been found in "C:\DOCUME~1\Administrateur\Local Settings\Temp\33exmodul32d.4.exe\[uPX]" file. 25/09/2006 11:07:44 Administrateur 1168 Sign of "Win32:Agent-VM [Trj]" has been found in "C:\DOCUME~1\Administrateur\Local Settings\Temp\27exmodul32d.4.exe\[uPX]" file. 25/09/2006 12:51:39 Administrateur 1168 Sign of "Win32:Agent-VM [Trj]" has been found in "C:\DOCUME~1\Administrateur\Local Settings\Temp\91exmodul32d.5.exe\[uPX]" file. 25/09/2006 15:00:41 Administrateur 1168 Sign of "Win32:Agent-VM [Trj]" has been found in "C:\DOCUME~1\Administrateur\Local Settings\Temp\15exmodul32d.5.exe\[uPX]" file. 25/09/2006 15:38:33 Administrateur 1168 Sign of "Win32:Agent-VM [Trj]" has been found in "C:\DOCUME~1\Administrateur\Local Settings\Temp\30exmodul32d.5.exe\[uPX]" file. 25/09/2006 18:06:57 Administrateur 1168 Sign of "Win32:Horst-BE [Trj]" has been found in "C:\DOCUME~1\Administrateur\Local Settings\Temp\21exssd32.6.exe\[uPX]" file. 25/09/2006 19:40:37 Administrateur 1168 Sign of "Win32:Agent-VM [Trj]" has been found in "C:\DOCUME~1\Administrateur\Local Settings\Temp\33exmodul32d.5.exe\[uPX]" file. 25/09/2006 19:40:40 Administrateur 1168 Sign of "Win32:Horst-BF [Trj]" has been found in "C:\DOCUME~1\Administrateur\Local Settings\Temp\71exhdd.9.exe\[uPX]" file. 25/09/2006 19:40:44 Administrateur 1168 Sign of "Win32:Agent-VM [Trj]" has been found in "C:\DOCUME~1\Administrateur\Local Settings\Temp\47exmodul32d.5.exe\[uPX]" file. 25/09/2006 19:40:46 Administrateur 1168 Sign of "Win32:Horst-BF [Trj]" has been found in "C:\DOCUME~1\Administrateur\Local Settings\Temp\30exhdd.9.exe\[uPX]" file. 25/09/2006 20:35:03 Administrateur 1168 Sign of "Win32:Agent-VM [Trj]" has been found in "C:\DOCUME~1\Administrateur\Local Settings\Temp\52exmodul32d.5.exe\[uPX]" file. 25/09/2006 20:35:08 Administrateur 1168 Sign of "Win32:Horst-BE [Trj]" has been found in "C:\DOCUME~1\Administrateur\Local Settings\Temp\46exssd32.6.exe\[uPX]" file. 25/09/2006 20:37:16 Administrateur 1168 Sign of "Win32:Horst-BF [Trj]" has been found in "C:\DOCUME~1\Administrateur\Local Settings\Temp\13exhdd.9.exe\[uPX]" file. 25/09/2006 22:24:10 Administrateur 1168 Sign of "Win32:Agent-VM [Trj]" has been found in "C:\DOCUME~1\Administrateur\Local Settings\Temp\19exmodul32d.5.exe\[uPX]" file. 26/09/2006 21:01:16 SYSTEM 788 Sign of "Win32:Agent-VM [Trj]" has been found in "C:\DOCUME~1\Administrateur\Local Settings\Temp\22exmodul32d.5.exe\[uPX]" file. 26/09/2006 21:01:20 SYSTEM 788 Sign of "Win32:Horst-BE [Trj]" has been found in "C:\DOCUME~1\Administrateur\Local Settings\Temp\70exssd32.6.exe\[uPX]" file. 26/09/2006 21:03:42 SYSTEM 788 Sign of "Win32:Horst-BF [Trj]" has been found in "C:\DOCUME~1\Administrateur\Local Settings\Temp\64exhdd.9.exe\[uPX]" file. 27/09/2006 08:03:08 Administrateur 780 Sign of "Win32:Horst-BE [Trj]" has been found in "C:\DOCUME~1\Administrateur\Local Settings\Temp\31exssd32.6.exe\[uPX]" file. 27/09/2006 08:03:19 Administrateur 780 Sign of "Win32:Agent-VM [Trj]" has been found in "C:\DOCUME~1\Administrateur\Local Settings\Temp\18exmodul32d.5.exe\[uPX]" file. 27/09/2006 08:05:28 Administrateur 780 Sign of "Win32:Horst-BF [Trj]" has been found in "C:\DOCUME~1\Administrateur\Local Settings\Temp\7exhdd.9.exe\[uPX]" file. 27/09/2006 09:01:42 Administrateur 780 Sign of "Win32:Agent-VM [Trj]" has been found in "C:\DOCUME~1\Administrateur\Local Settings\Temp\67exmodul32d.5.exe\[uPX]" file. 27/09/2006 20:37:00 Administrateur 780 Sign of "Win32:Horst-BF [Trj]" has been found in "C:\DOCUME~1\Administrateur\Local Settings\Temp\56exhdd.9.exe\[uPX]" file. 27/09/2006 20:37:02 Administrateur 780 Sign of "Win32:Horst-BE [Trj]" has been found in "C:\DOCUME~1\Administrateur\Local Settings\Temp\19exssd32.6.exe\[uPX]" file. 27/09/2006 20:37:04 Administrateur 780 Sign of "Win32:Agent-VM [Trj]" has been found in "C:\DOCUME~1\Administrateur\Local Settings\Temp\94exmodul32d.5.exe\[uPX]" file. 27/09/2006 20:37:06 Administrateur 780 Sign of "Win32:Horst-BF [Trj]" has been found in "C:\DOCUME~1\Administrateur\Local Settings\Temp\30exhdd.9.exe\[uPX]" file. 27/09/2006 20:37:08 Administrateur 780 Sign of "Win32:Horst-BE [Trj]" has been found in "C:\DOCUME~1\Administrateur\Local Settings\Temp\49exssd32.6.exe\[uPX]" file. 27/09/2006 20:37:10 Administrateur 780 Sign of "Win32:Agent-VM [Trj]" has been found in "C:\DOCUME~1\Administrateur\Local Settings\Temp\87exmodul32d.5.exe\[uPX]" file. 27/09/2006 20:37:12 Administrateur 780 Sign of "Win32:Horst-BF [Trj]" has been found in "C:\DOCUME~1\Administrateur\Local Settings\Temp\25exhdd.9.exe\[uPX]" file. 27/09/2006 20:37:13 Administrateur 780 Sign of "Win32:Horst-BE [Trj]" has been found in "C:\DOCUME~1\Administrateur\Local Settings\Temp\21exssd32.6.exe\[uPX]" file. 27/09/2006 20:37:14 Administrateur 780 Sign of "Win32:Agent-VM [Trj]" has been found in "C:\DOCUME~1\Administrateur\Local Settings\Temp\43exmodul32d.6.exe\[uPX]" file. 27/09/2006 20:37:16 Administrateur 780 Sign of "Win32:Horst-BF [Trj]" has been found in "C:\DOCUME~1\Administrateur\Local Settings\Temp\23exhdd.9.exe\[uPX]" file. 27/09/2006 20:37:17 Administrateur 780 Sign of "Win32:Agent-VM [Trj]" has been found in "C:\DOCUME~1\Administrateur\Local Settings\Temp\34exmodul32d.6.exe\[uPX]" file. 27/09/2006 20:37:18 Administrateur 780 Sign of "Win32:Horst-BF [Trj]" has been found in "C:\DOCUME~1\Administrateur\Local Settings\Temp\59exhdd.9.exe\[uPX]" file. 27/09/2006 20:37:19 Administrateur 780 Sign of "Win32:Horst-BE [Trj]" has been found in "C:\DOCUME~1\Administrateur\Local Settings\Temp\89exssd32.6.exe\[uPX]" file. 27/09/2006 20:37:21 Administrateur 780 Sign of "Win32:Agent-VM [Trj]" has been found in "C:\DOCUME~1\Administrateur\Local Settings\Temp\60exmodul32d.6.exe\[uPX]" file. 27/09/2006 20:37:23 Administrateur 780 Sign of "Win32:Horst-BF [Trj]" has been found in "C:\DOCUME~1\Administrateur\Local Settings\Temp\22exhdd.9.exe\[uPX]" file. 27/09/2006 20:37:27 Administrateur 780 Sign of "Win32:Agent-VM [Trj]" has been found in "C:\DOCUME~1\Administrateur\Local Settings\Temp\63exmodul32d.6.exe\[uPX]" file. 27/09/2006 20:37:28 Administrateur 780 Sign of "Win32:Horst-BF [Trj]" has been found in "C:\DOCUME~1\Administrateur\Local Settings\Temp\78exhdd.9.exe\[uPX]" file. 27/09/2006 20:37:30 Administrateur 780 Sign of "Win32:Agent-VM [Trj]" has been found in "C:\DOCUME~1\Administrateur\Local Settings\Temp\31exmodul32d.6.exe\[uPX]" file. 27/09/2006 20:37:31 Administrateur 780 Sign of "Win32:Agent-VM [Trj]" has been found in "C:\DOCUME~1\Administrateur\Local Settings\Temp\34exmodul32d.6.exe\[uPX]" file. 27/09/2006 20:47:00 Administrateur 780 Sign of "Win32:Agent-VM [Trj]" has been found in "C:\DOCUME~1\Administrateur\Local Settings\Temp\20exmodul32d.6.exe\[uPX]" file. 27/09/2006 20:47:02 Administrateur 780 Sign of "Win32:Agent-VM [Trj]" has been found in "C:\DOCUME~1\Administrateur\Local Settings\Temp\5exmodul32d.6.exe\[uPX]" file. 27/09/2006 20:47:03 Administrateur 780 Sign of "Win32:Agent-VM [Trj]" has been found in "C:\DOCUME~1\Administrateur\Local Settings\Temp\99exmodul32d.6.exe\[uPX]" file. 27/09/2006 20:47:03 Administrateur 780 Sign of "Win32:Agent-VM [Trj]" has been found in "C:\DOCUME~1\Administrateur\Local Settings\Temp\20exmodul32d.6.exe\[uPX]" file. 27/09/2006 20:47:04 Administrateur 780 Sign of "Win32:Agent-VM [Trj]" has been found in "C:\DOCUME~1\Administrateur\Local Settings\Temp\5exmodul32d.6.exe\[uPX]" file. 27/09/2006 20:47:04 Administrateur 780 Sign of "Win32:Agent-VM [Trj]" has been found in "C:\DOCUME~1\Administrateur\Local Settings\Temp\99exmodul32d.6.exe\[uPX]" file. 28/09/2006 01:23:28 SYSTEM 1380 Sign of "Win32:Agent-VM [Trj]" has been found in "C:\DOCUME~1\Administrateur\Local Settings\Temp\15exmodul32d.6.exe\[uPX]" file. 29/09/2006 09:30:18 Administrateur 1112 Sign of "Win32:Agent-VM [Trj]" has been found in "C:\DOCUME~1\Administrateur\Local Settings\Temp\10exmodul32d.8.exe\[uPX]" file. 29/09/2006 20:53:52 Administrateur 1112 Sign of "Win32:Agent-VM [Trj]" has been found in "C:\DOCUME~1\Administrateur\Local Settings\Temp\95exmodul32d.8.exe\[uPX]" file. 29/09/2006 20:53:54 Administrateur 1112 Sign of "Win32:Agent-VM [Trj]" has been found in "C:\DOCUME~1\Administrateur\Local Settings\Temp\98exmodul32d.8.exe\[uPX]" file. 29/09/2006 20:53:55 Administrateur 1112 Sign of "Win32:Kapucen-B [Wrm]" has been found in "C:\Program Files\eMule\Temp\003.part" file. 29/09/2006 20:53:57 Administrateur 1112 Sign of "Win32:Agent-VM [Trj]" has been found in "C:\DOCUME~1\Administrateur\Local Settings\Temp\28exmodul32d.8.exe\[uPX]" file. 29/09/2006 20:53:58 Administrateur 1112 Sign of "Win32:Agent-VM [Trj]" has been found in "C:\DOCUME~1\Administrateur\Local Settings\Temp\setup.exe\[uPX]" file. 29/09/2006 20:53:59 Administrateur 1112 Sign of "Win32:Agent-VM [Trj]" has been found in "C:\DOCUME~1\Administrateur\Local Settings\Temp\7exmodul32d.8.exe\[uPX]" file. 29/09/2006 20:54:00 Administrateur 1112 Sign of "Win32:Agent-VM [Trj]" has been found in "C:\DOCUME~1\Administrateur\Local Settings\Temp\setup.exe\[uPX]" file. 29/09/2006 20:59:28 Administrateur 1112 Sign of "Win32:Horst-L [Trj]" has been found in "C:\DOCUME~1\Administrateur\Local Settings\Temp\71exhdd.b.exe\[uPX]" file. 29/09/2006 20:59:30 Administrateur 1112 Sign of "Win32:Agent-VM [Trj]" has been found in "C:\DOCUME~1\Administrateur\Local Settings\Temp\24exmodul32d.8.exe\[uPX]" file. 29/09/2006 20:59:31 Administrateur 1112 Sign of "Win32:Agent-VM [Trj]" has been found in "C:\DOCUME~1\Administrateur\Local Settings\Temp\setup.exe\[uPX]" file. 29/09/2006 20:59:31 Administrateur 1112 Sign of "Win32:Horst-L [Trj]" has been found in "C:\DOCUME~1\Administrateur\Local Settings\Temp\95exhdd.b.exe\[uPX]" file. 29/09/2006 20:59:32 Administrateur 1112 Sign of "Win32:Agent-VM [Trj]" has been found in "C:\DOCUME~1\Administrateur\Local Settings\Temp\setup.exe\[uPX]" file. 29/09/2006 20:59:32 Administrateur 1112 Sign of "Win32:Horst-L [Trj]" has been found in "C:\DOCUME~1\Administrateur\Local Settings\Temp\5exhdd.b.exe\[uPX]" file. 29/09/2006 20:59:33 Administrateur 1112 Sign of "Win32:Agent-VM [Trj]" has been found in "C:\DOCUME~1\Administrateur\Local Settings\Temp\11exmodul32d.a.exe\[uPX]" file. 29/09/2006 20:59:34 Administrateur 1112 Sign of "Win32:Agent-VM [Trj]" has been found in "C:\DOCUME~1\Administrateur\Local Settings\Temp\11exmodul32d.a.exe\[uPX]" file. 29/09/2006 20:59:34 Administrateur 1112 Sign of "Win32:Agent-VM [Trj]" has been found in "C:\RECYCLER\S-1-5-21-436374069-926492609-725345543-500\Dc15.exe\[uPX]" file. 29/09/2006 20:59:35 Administrateur 1112 Sign of "Win32:Agent-VM [Trj]" has been found in "C:\RECYCLER\S-1-5-21-436374069-926492609-725345543-500\Dc17.exe\[uPX]" file. 29/09/2006 20:59:39 Administrateur 1112 Sign of "Win32:Agent-VM [Trj]" has been found in "C:\RECYCLER\S-1-5-21-436374069-926492609-725345543-500\Dc19.exe\[uPX]" file. 29/09/2006 20:59:40 Administrateur 1112 Sign of "Win32:Agent-VM [Trj]" has been found in "C:\RECYCLER\S-1-5-21-436374069-926492609-725345543-500\Dc22.exe\[uPX]" file. 29/09/2006 20:59:41 Administrateur 1112 Sign of "Win32:Horst-L [Trj]" has been found in "C:\RECYCLER\S-1-5-21-436374069-926492609-725345543-500\Dc27.exe\[uPX]" file. 29/09/2006 20:59:41 Administrateur 1112 Sign of "Win32:Horst-L [Trj]" has been found in "C:\RECYCLER\S-1-5-21-436374069-926492609-725345543-500\Dc31.exe\[uPX]" file. 29/09/2006 20:59:42 Administrateur 1112 Sign of "Win32:Agent-VM [Trj]" has been found in "C:\RECYCLER\S-1-5-21-436374069-926492609-725345543-500\Dc33.exe\[uPX]" file. 29/09/2006 20:59:43 Administrateur 1112 Sign of "Win32:Horst-L [Trj]" has been found in "C:\RECYCLER\S-1-5-21-436374069-926492609-725345543-500\Dc43.exe\[uPX]" file. 29/09/2006 20:59:43 Administrateur 1112 Sign of "Win32:Agent-VM [Trj]" has been found in "C:\DOCUME~1\Administrateur\Local Settings\Temp\setup.exe\[uPX]" file. 29/09/2006 20:59:44 Administrateur 1112 Sign of "Win32:Agent-VM [Trj]" has been found in "C:\DOCUME~1\Administrateur\Local Settings\Temp\setup.exe\[uPX]" file. 29/09/2006 22:06:38 Administrateur 1112 Sign of "Win32:Agent-VM [Trj]" has been found in "\\84.100.165.170\Shared Files\setup.exe\[uPX]" file. 29/09/2006 22:06:55 Administrateur 1112 Sign of "Win32:Agent-VM [Trj]" has been found in "\\84.100.165.170\thaihome\setup.exe\[uPX]" file. 30/09/2006 21:06:07 Administrateur 1376 Sign of "Win32:Agent-VM [Trj]" has been found in "C:\DOCUME~1\Administrateur\Local Settings\Temp\56exmodul32d.a.exe\[uPX]" file. 05/10/2006 21:14:41 SYSTEM 864 Sign of "Win32:Agent-VM [Trj]" has been found in "C:\DOCUME~1\Administrateur\Local Settings\Temp\51exmodul32d.c.exe\[uPX]" file. 05/10/2006 21:22:36 SYSTEM 864 Sign of "Win32:Horst-N [Trj]" has been found in "C:\DOCUME~1\Administrateur\Local Settings\Temp\14exssd32.9.exe\[uPX]" file. 06/10/2006 19:49:38 SYSTEM 1060 Sign of "Win32:Agent-VM [Trj]" has been found in "C:\DOCUME~1\Administrateur\Local Settings\Temp\2exmodul32e.b.exe\[uPX]" file. 06/10/2006 19:52:41 SYSTEM 1060 Sign of "Win32:Horst-N [Trj]" has been found in "C:\DOCUME~1\Administrateur\Local Settings\Temp\83exssd32.9.exe\[uPX]" file. 06/10/2006 19:52:43 SYSTEM 1060 Sign of "Win32:Agent-VM [Trj]" has been found in "C:\DOCUME~1\Administrateur\Local Settings\Temp\2exmodul32e.b.exe\[uPX]" file. 06/10/2006 19:52:45 SYSTEM 1060 Sign of "Win32:Horst-N [Trj]" has been found in "C:\DOCUME~1\Administrateur\Local Settings\Temp\83exssd32.9.exe\[uPX]" file. 06/10/2006 19:55:27 SYSTEM 1060 Sign of "Win32:Horst-L [Trj]" has been found in "C:\DOCUME~1\Administrateur\Local Settings\Temp\44exhdd.d.exe\[uPX]" file. 06/10/2006 19:55:29 SYSTEM 1060 Sign of "Win32:Horst-L [Trj]" has been found in "C:\DOCUME~1\Administrateur\Local Settings\Temp\44exhdd.d.exe\[uPX]" file. 06/10/2006 20:26:59 SYSTEM 1060 Sign of "Win32:Agent-VM [Trj]" has been found in "C:\DOCUME~1\Administrateur\Local Settings\Temp\37exmodul32e.b.exe\[uPX]" file. 06/10/2006 21:25:08 SYSTEM 1060 Sign of "Win32:Horst-N [Trj]" has been found in "C:\DOCUME~1\Administrateur\Local Settings\Temp\69exssd32.9.exe\[uPX]" file. 06/10/2006 21:25:10 SYSTEM 1060 Sign of "Win32:Horst-L [Trj]" has been found in "C:\DOCUME~1\Administrateur\Local Settings\Temp\52exhdd.d.exe\[uPX]" file. 06/10/2006 21:25:11 SYSTEM 1060 Sign of "Win32:Agent-VM [Trj]" has been found in "C:\DOCUME~1\Administrateur\Local Settings\Temp\37exmodul32e.b.exe\[uPX]" file. 06/10/2006 21:25:12 SYSTEM 1060 Sign of "Win32:Horst-N [Trj]" has been found in "C:\DOCUME~1\Administrateur\Local Settings\Temp\69exssd32.9.exe\[uPX]" file. 06/10/2006 21:25:13 SYSTEM 1060 Sign of "Win32:Horst-L [Trj]" has been found in "C:\DOCUME~1\Administrateur\Local Settings\Temp\52exhdd.d.exe\[uPX]" file. 06/10/2006 21:35:23 SYSTEM 1060 Sign of "Win32:Agent-VM [Trj]" has been found in "C:\DOCUME~1\Administrateur\Local Settings\Temp\92exmodul32e.b.exe\[uPX]" file. 06/10/2006 21:38:24 SYSTEM 1060 Sign of "Win32:Horst-N [Trj]" has been found in "C:\DOCUME~1\Administrateur\Local Settings\Temp\67exssd32.9.exe\[uPX]" file. 06/10/2006 21:40:32 SYSTEM 1060 Sign of "Win32:Horst-L [Trj]" has been found in "C:\DOCUME~1\Administrateur\Local Settings\Temp\27exhdd.d.exe\[uPX]" file. hijackthis: Logfile of HijackThis v1.99.1 Scan saved at 22:21:34, on 06/10/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\explorer.exe C:\WINDOWS\system32\svhost.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\Program Files\Analog Devices\SoundMAX\Smax4.exe C:\Program Files\ASUS\ASUS DH Remote\AsRc.exe C:\Program Files\GigaByte\VGA Utility Manager\G-VGA.exe C:\Program Files\Alwil Software\Avast4\ashDisp.exe C:\WINDOWS\CTHELPER.EXE C:\Program Files\SyncroSoft\Pos\H2O\cledx.exe C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\WINDOWS\System32\M-AudioTaskBarIcon.exe C:\Program Files\ASUS WiFi-AP Solo\RtWLan.exe C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe C:\Program Files\ASUS\ASUS DH Remote\AsDhRemote.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\Program Files\M-Audio\Fast Track USB\MAUSBFTInst.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\system32\svhost.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Outlook Express\msimn.exe C:\Program Files\Alwil Software\Avast4\ashLogV.exe C:\WINDOWS\system32\NOTEPAD.EXE C:\Documents and Settings\Administrateur\Bureau\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.fr/ie R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://home.neuf.fr R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens F2 - REG:system.ini: Shell=explorer.exe svhost.exe O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\Spybot - Search & Destroy\SDHelper.dll O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe O4 - HKLM\..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe O4 - HKLM\..\Run: [soundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray O4 - HKLM\..\Run: [Ai Quicker Help] "C:\Program Files\ASUS\ASUS DH Remote\AsRc.exe" O4 - HKLM\..\Run: [VGAUtil] C:\Program Files\GigaByte\VGA Utility Manager\G-VGA.exe O4 - HKLM\..\Run: [avast!] "C:\Program Files\Alwil Software\Avast4\ashDisp.exe" O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE O4 - HKLM\..\Run: [H2O] C:\Program Files\SyncroSoft\Pos\H2O\cledx.exe O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [.nvsvc] C:\WINDOWS\system\smss.exe /w O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [M-Audio Taskbar Icon] C:\WINDOWS\System32\M-AudioTaskBarIcon.exe O4 - Global Startup: ASUS WiFi-AP Solo.lnk = ? O4 - Global Startup: ATI CATALYST System Tray.lnk = C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe O15 - Trusted Zone: *.line6.net O17 - HKLM\System\CCS\Services\Tcpip\..\{01E2E552-4F54-4E99-9EB0-1ABF0DE1BE39}: NameServer = 86.64.145.140,84.103.237.140 O17 - HKLM\System\CCS\Services\Tcpip\..\{79BF3C2E-A5EF-4C7C-9DDF-2F31DE185B85}: NameServer = 84.103.237.143 86.64.145.143 O17 - HKLM\System\CS1\Services\Tcpip\..\{01E2E552-4F54-4E99-9EB0-1ABF0DE1BE39}: NameServer = 86.64.145.140,84.103.237.140 O17 - HKLM\System\CS2\Services\Tcpip\..\{01E2E552-4F54-4E99-9EB0-1ABF0DE1BE39}: NameServer = 86.64.145.140,84.103.237.140 O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: M-Audio Fast Track Installer (FastTrackInstallerService) - Avid Technology, Inc. - C:\Program Files\M-Audio\Fast Track USB\MAUSBFTInst.exe O23 - Service: Windows Log - Unknown owner - C:\WINDOWS\system32\nvsvcd.exe