voici hijackthis:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 7:30:40 PM, on 18/07/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\arservice.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\ARPWRMSG.EXE
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\DISC\DISCover.exe
C:\Program Files\DISC\DiscGui.exe
C:\Program Files\DISC\DiscUpdateMgr.exe
C:\Program Files\DISC\DiscStreamHub.exe
C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\HP\KBD\KBD.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe
C:\WINDOWS\ALCXMNTR.EXE
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
c:\windows\system\hpsysdrv.exe
C:\Program Files\PowerArchiver\PASTARTER.EXE
C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe
C:\Program Files\Internet Explorer\iexplore.exe
c:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Outlook Express\msimn.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\HP_Administrator\My Documents\Downloads\HiJackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
myAOL | HP
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
Live Search
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
Sympatico / MSN
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
MSN.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
Live Search
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar =
Live Search
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
Live Search
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
MSN.com
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {14C2598D-32F2-4197-B44A-C3F7A2DD194E} - (no file)
O2 - BHO: {2de6d076-7fe6-da4a-ffa4-454f2b2e49e1} - {1e94e2b2-f454-4aff-a4ad-6ef7670d6ed2} - C:\WINDOWS\system32\jathua.dll
O2 - BHO: (no name) - {4F43126C-0B98-46A5-9845-B396D0600EFA} - C:\WINDOWS\system32\tuvVOHxX.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: (no name) - {DDA88738-052F-4AAA-95A3-CC5F48C522E7} - (no file)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [AlwaysReady Power Message APP] ARPWRMSG.EXE
O4 - HKLM\..\Run: [HPHUPD08] c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe
O4 - HKLM\..\Run: [DISCover] C:\Program Files\DISC\DISCover.exe
O4 - HKLM\..\Run: [DiscUpdateManager] C:\Program Files\DISC\DiscUpdateMgr.exe
O4 - HKLM\..\Run: [HPBootOp] "C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" /run
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [amd_dc_opt] C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [BMe7528402] Rundll32.exe "C:\WINDOWS\system32\albwadac.dll",s
O4 - HKLM\..\RunOnce: [Spybot - Search & Destroy] "C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe" /autocheck
O4 - HKLM\..\RunOnce: [SpybotDeletingA9839] command /c del "C:\WINDOWS\system32\albwadac.dll_old"
O4 - HKLM\..\RunOnce: [SpybotDeletingC9681] cmd /c del "C:\WINDOWS\system32\albwadac.dll_old"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [PowerArchiver Tray] C:\Program Files\PowerArchiver\PASTARTER.EXE
O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_1_0
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\Go ogleToolbarNotifier.exe
O4 - HKCU\..\RunOnce: [SpybotDeletingB310] command /c del "C:\WINDOWS\system32\albwadac.dll_old"
O4 - HKCU\..\RunOnce: [SpybotDeletingD827] cmd /c del "C:\WINDOWS\system32\albwadac.dll_old"
O4 - .DEFAULT User Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Updates from HP.lnk = C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone:
http://*.trymedia.com (HKLM)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) -
http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {474F00F5-3853-492C-AC3A-476512BBC336} (UploadListView Class) -
http://picasaweb.google.fr/s/v/27.44/uploader2.cab
O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} (Driver Agent ActiveX Control) -
http://driveragent.com/files/driveragent.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~4\Office12\GR99D3~1.DLL
O20 - Winlogon Notify: tuvVOHxX - C:\WINDOWS\SYSTEM32\tuvVOHxX.dll
O23 - Service: Avira AntiVir Personal – Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal – Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe
--
End of file - 12346 bytes
voici le log de antivir desfois que sa serais utile
Avira AntiVir Personal
Report file date: July 17, 2008 22:41
Scanning for 1473712 virus strains and unwanted programs.
Licensed to: Avira AntiVir PersonalEdition Classic
Serial number:
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Boot mode: Normally booted
Username: SYSTEM
Computer name: ORDI2
Version information:
BUILD.DAT : 8.1.00.295 16479 Bytes 4/9/2008 16:24:00
AVSCAN.EXE : 8.1.2.12 311553 Bytes 3/18/2008 15:02:56
AVSCAN.DLL : 8.1.1.0 53505 Bytes 2/7/2008 14:43:37
LUKE.DLL : 8.1.2.9 151809 Bytes 2/28/2008 14:41:23
LUKERES.DLL : 8.1.2.1 12033 Bytes 2/21/2008 14:28:40
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 7/18/2007 16:33:34
ANTIVIR1.VDF : 7.0.5.1 8182784 Bytes 6/24/2008 02:13:49
ANTIVIR2.VDF : 7.0.5.119 1264128 Bytes 7/15/2008 02:13:52
ANTIVIR3.VDF : 7.0.5.134 288256 Bytes 7/17/2008 02:13:53
Engineversion : 8.1.1.9
AEVDF.DLL : 8.1.0.5 102772 Bytes 2/25/2008 15:58:21
AESCRIPT.DLL : 8.1.0.54 303482 Bytes 7/18/2008 02:14:03
AESCN.DLL : 8.1.0.23 119156 Bytes 7/18/2008 02:14:02
AERDL.DLL : 8.1.0.20 418165 Bytes 7/18/2008 02:14:02
AEPACK.DLL : 8.1.2.1 364917 Bytes 7/18/2008 02:14:01
AEOFFICE.DLL : 8.1.0.20 192891 Bytes 7/18/2008 02:14:00
AEHEUR.DLL : 8.1.0.42 1339766 Bytes 7/18/2008 02:13:59
AEHELP.DLL : 8.1.0.15 115063 Bytes 7/18/2008 02:13:58
AEGEN.DLL : 8.1.0.29 307573 Bytes 7/18/2008 02:13:57
AEEMU.DLL : 8.1.0.6 430451 Bytes 7/18/2008 02:13:56
AECORE.DLL : 8.1.1.6 172405 Bytes 7/18/2008 02:13:55
AEBB.DLL : 8.1.0.1 53617 Bytes 7/18/2008 02:13:54
AVWINLL.DLL : 1.0.0.7 14593 Bytes 1/23/2008 23:07:53
AVPREF.DLL : 8.0.0.1 25857 Bytes 2/18/2008 16:37:50
AVREP.DLL : 7.0.0.1 155688 Bytes 4/16/2007 19:26:47
AVREG.DLL : 8.0.0.0 30977 Bytes 1/23/2008 23:07:49
AVARKT.DLL : 1.0.0.23 307457 Bytes 2/12/2008 14:29:23
AVEVTLOG.DLL : 8.0.0.11 114945 Bytes 2/28/2008 14:31:31
SQLITE3.DLL : 3.3.17.1 339968 Bytes 1/22/2008 23:28:02
SMTPLIB.DLL : 1.2.0.19 28929 Bytes 1/23/2008 23:08:39
NETNT.DLL : 8.0.0.1 7937 Bytes 1/25/2008 18:05:10
RCIMAGE.DLL : 8.0.0.35 2371841 Bytes 3/10/2008 20:37:25
RCTEXT.DLL : 8.0.32.0 86273 Bytes 3/6/2008 18:02:11
Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: on
Scan boot sector.................: on
Boot sectors.....................: C:, D:, M:, N:,
Scan memory......................: on
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium
Start of the scan: July 17, 2008 22:41
The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'TuneUpDefragService.exe' - '1' Module(s) have been scanned
Scan process 'RegistryCleaner.exe' - '1' Module(s) have been scanned
Scan process 'OneClick.exe' - '1' Module(s) have been scanned
Scan process 'Integrator.exe' - '1' Module(s) have been scanned
Scan process 'iexplore.exe' - '1' Module(s) have been scanned
Scan process 'AcroRd32.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'hpsysdrv.exe' - '1' Module(s) have been scanned
Scan process 'ALCXMNTR.EXE' - '1' Module(s) have been scanned
Scan process 'DiscStreamHub.exe' - '1' Module(s) have been scanned
Scan process 'HPZipm12.exe' - '1' Module(s) have been scanned
Scan process 'hpqste08.exe' - '1' Module(s) have been scanned
Scan process 'wscntfy.exe' - '1' Module(s) have been scanned
Scan process 'wmiprvse.exe' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'ehmsas.exe' - '1' Module(s) have been scanned
Scan process 'NMIndexingService.exe' - '1' Module(s) have been scanned
Scan process 'dllhost.exe' - '1' Module(s) have been scanned
Scan process 'Updates from HP.exe' - '1' Module(s) have been scanned
Scan process 'hpqtra08.exe' - '1' Module(s) have been scanned
Scan process 'mcrdsvc.exe' - '1' Module(s) have been scanned
Scan process 'StarWindServiceAE.exe' - '1' Module(s) have been scanned
Scan process 'TeaTimer.exe' - '1' Module(s) have been scanned
Scan process 'NMBgMonitor.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'NMIndexStoreSvr.exe' - '1' Module(s) have been scanned
Scan process 'PnkBstrA.exe' - '1' Module(s) have been scanned
Scan process 'PASTARTER.EXE' - '1' Module(s) have been scanned
Scan process 'msmsgs.exe' - '1' Module(s) have been scanned
Scan process 'nvsvc32.exe' - '1' Module(s) have been scanned
Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
Scan process 'rundll32.exe' - '1' Module(s) have been scanned
Scan process 'rundll32.exe' - '1' Module(s) have been scanned
Scan process 'PDVDServ.exe' - '1' Module(s) have been scanned
Scan process 'GrooveMonitor.exe' - '1' Module(s) have been scanned
Scan process 'rundll32.exe' - '1' Module(s) have been scanned
Scan process 'kbd.exe' - '1' Module(s) have been scanned
Scan process 'jusched.exe' - '1' Module(s) have been scanned
Scan process 'DiscGui.exe' - '1' Module(s) have been scanned
Scan process 'hpwuSchd2.exe' - '1' Module(s) have been scanned
Scan process 'NBService.exe' - '1' Module(s) have been scanned
Scan process 'MDM.EXE' - '1' Module(s) have been scanned
Scan process 'DISCUpdateMgr.exe' - '1' Module(s) have been scanned
Scan process 'DISCover.exe' - '1' Module(s) have been scanned
Scan process 'LSSrvc.exe' - '1' Module(s) have been scanned
Scan process 'ehSched.exe' - '1' Module(s) have been scanned
Scan process 'arpwrmsg.exe' - '1' Module(s) have been scanned
Scan process 'ehrecvr.exe' - '1' Module(s) have been scanned
Scan process 'ehtray.exe' - '1' Module(s) have been scanned
Scan process 'arservice.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
66 processes with 66 modules were scanned
Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!
Master boot sector HD1
[INFO] No virus was found!
Master boot sector HD2
[INFO] No virus was found!
[WARNING] The device is not ready.
Master boot sector HD3
[INFO] No virus was found!
[WARNING] The device is not ready.
Master boot sector HD4
[INFO] No virus was found!
[WARNING] The device is not ready.
Master boot sector HD5
[INFO] No virus was found!
[WARNING] The device is not ready.
Master boot sector HD6
[INFO] No virus was found!
[WARNING] The device is not ready.
Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!
Boot sector 'D:\'
[INFO] No virus was found!
Boot sector 'M:\'
[INFO] No virus was found!
Boot sector 'N:\'
[INFO] No virus was found!
Starting to scan the registry.
C:\WINDOWS\system32\tuvVOHxX.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[NOTE] A backup was created as '48f60362.qua' ( QUARANTINE )
[WARNING] The file could not be deleted!
The registry was scanned ( '46' files ).
Starting the file scan:
Begin scan in 'C:\' <HP_PAVILION>
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\Documents and Settings\HP_Administrator\Local Settings\Temp\HPSUB1L-.N3A\Ntwrk_Scry_update.exe
[0] Archive type: RSRC
--> Object
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] A backup was created as '48f705ae.qua' ( QUARANTINE )
[NOTE] The file was deleted!
C:\Program Files\WildTangent\Apps\GameChannel\Games\049D60AF-B425-4F8A-BD66-9D8C1B519D59\BarnyardInvasion-WT.exe
[DETECTION] Is the Trojan horse TR/Spy.Gen
[NOTE] A backup was created as '48f27993.qua' ( QUARANTINE )
[NOTE] The file was deleted!
C:\Program Files\WildTangent\Apps\GameChannel\Games\0814ADC6-5B36-4144-A8EA-439C36B1BB11\PuzzleExpress-WT.exe
[DETECTION] Is the Trojan horse TR/Spy.Gen
[NOTE] A backup was created as '48fa79cd.qua' ( QUARANTINE )
[NOTE] The file was deleted!
C:\Program Files\WildTangent\Apps\GameChannel\Games\0AA27562-3C4E-4860-8742-7ADEBE2EFC43\Ricochet-WT.exe
[DETECTION] Is the Trojan horse TR/Spy.Gen
[NOTE] The file was deleted!
C:\Program Files\WildTangent\Apps\GameChannel\Games\47D5A62B-1B41-4DB1-8267-ADA434FA782B\WinBej2-WT.exe
[DETECTION] Is the Trojan horse TR/Spy.Gen
[NOTE] A backup was created as '48ee7f38.qua' ( QUARANTINE )
[NOTE] The file was deleted!
C:\Program Files\WildTangent\Apps\GameChannel\Games\538B9061-0C77-4FB2-903F-EC42A1FF5DD8\mahjong-WT.exe
[DETECTION] Is the Trojan horse TR/Spy.Gen
[NOTE] A backup was created as '48e87f3b.qua' ( QUARANTINE )
[NOTE] The file was deleted!
C:\Program Files\WildTangent\Apps\GameChannel\Games\901E0096-B2AC-469E-A99E-2725A39C0B47\Zuma-WT.exe
[DETECTION] Is the Trojan horse TR/Spy.Gen
[NOTE] A backup was created as '48ed7f5d.qua' ( QUARANTINE )
[NOTE] The file was deleted!
C:\Program Files\WildTangent\Apps\GameChannel\Games\90EA5584-4290-407B-B8F2-D6E6D65A4796\BoggleSupreme-WT.exe
[DETECTION] Is the Trojan horse TR/Spy.Gen
[NOTE] A backup was created as '48e77f63.qua' ( QUARANTINE )
[NOTE] The file was deleted!
C:\Program Files\WildTangent\Apps\GameChannel\Games\A09026AE-8F16-4929-B4E6-1825535844DB\InsaniquariumDeluxe-WT.exe
[DETECTION] Is the Trojan horse TR/Spy.Gen
[NOTE] A backup was created as '48f37f64.qua' ( QUARANTINE )
[NOTE] The file was deleted!
C:\Program Files\WildTangent\Apps\GameChannel\Games\B7217206-A362-446B-A0F7-A2622B82F821\Scrabble-WT.exe
[DETECTION] Is the Trojan horse TR/Spy.Gen
[NOTE] A backup was created as '48f27f5f.qua' ( QUARANTINE )
[NOTE] The file was deleted!
C:\Program Files\WildTangent\Apps\GameChannel\Games\BA42B721-D70B-4412-ABA6-057B5823FDE9\Chuzzle-WT.exe
[DETECTION] Is the Trojan horse TR/Spy.Gen
[NOTE] A backup was created as '48f57f66.qua' ( QUARANTINE )
[NOTE] The file was deleted!
C:\Program Files\WildTangent\Apps\GameChannel\Games\E0998E52-9D08-4AEE-A4F5-0BB1D8537F6E\Slingo-WT.exe
[DETECTION] Is the Trojan horse TR/Spy.Gen
[NOTE] A backup was created as '48e97f6e.qua' ( QUARANTINE )
[NOTE] The file was deleted!
C:\Program Files\WildTangent\Apps\GameChannel\Games\E44A47AF-C94B-4E3F-81A0-979FBA9DAC57\WinAP-WT.exe
[DETECTION] Is the Trojan horse TR/Spy.Gen
[NOTE] A backup was created as '48ee7f6c.qua' ( QUARANTINE )
[NOTE] The file was deleted!
C:\Program Files\WildTangent\Apps\GameChannel\Games\E59F75D0-A38B-40F4-ABA2-CA35A7735473\BookWorm-WT.exe
[DETECTION] Is the Trojan horse TR/Spy.Gen
[NOTE] A backup was created as '48ef7f76.qua' ( QUARANTINE )
[NOTE] The file was deleted!
C:\Program Files\WildTangent\Apps\GameChannel\Games\F38688AF-57C2-4A9C-BFEF-25F3AEC11F1E\Lemonade2-WT.exe
[DETECTION] Is the Trojan horse TR/Spy.Gen
[NOTE] A backup was created as '48ed7f6d.qua' ( QUARANTINE )
[NOTE] The file was deleted!
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP592\A0074677.exe
[DETECTION] Is the Trojan horse TR/Spy.Gen
[NOTE] A backup was created as '48b07fea.qua' ( QUARANTINE )
[NOTE] The file was deleted!
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP592\A0074678.exe
[DETECTION] Is the Trojan horse TR/Spy.Gen
[NOTE] A backup was created as '48b07feb.qua' ( QUARANTINE )
[NOTE] The file was deleted!
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP592\A0074679.exe
[DETECTION] Is the Trojan horse TR/Spy.Gen
[NOTE] A backup was created as '48b07fec.qua' ( QUARANTINE )
[NOTE] The file was deleted!
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP592\A0074680.exe
[DETECTION] Is the Trojan horse TR/Spy.Gen
[NOTE] A backup was created as '48b07fed.qua' ( QUARANTINE )
[NOTE] The file was deleted!
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP592\A0074681.exe
[DETECTION] Is the Trojan horse TR/Spy.Gen
[NOTE] A backup was created as '493312ae.qua' ( QUARANTINE )
[NOTE] The file was deleted!
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP592\A0074682.exe
[DETECTION] Is the Trojan horse TR/Spy.Gen
[NOTE] A backup was created as '48b07fef.qua' ( QUARANTINE )
[NOTE] The file was deleted!
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP592\A0074683.exe
[DETECTION] Is the Trojan horse TR/Spy.Gen
[NOTE] A backup was created as '48b07fee.qua' ( QUARANTINE )
[NOTE] The file was deleted!
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP592\A0074684.exe
[DETECTION] Is the Trojan horse TR/Spy.Gen
[NOTE] A backup was created as '493312af.qua' ( QUARANTINE )
[NOTE] The file was deleted!
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP592\A0074685.exe
[DETECTION] Is the Trojan horse TR/Spy.Gen
[NOTE] A backup was created as '48b07ff0.qua' ( QUARANTINE )
[NOTE] The file was deleted!
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP592\A0074686.exe
[DETECTION] Is the Trojan horse TR/Spy.Gen
[NOTE] A backup was created as '493312b0.qua' ( QUARANTINE )
[NOTE] The file was deleted!
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP592\A0074687.exe
[DETECTION] Is the Trojan horse TR/Spy.Gen
[NOTE] A backup was created as '48b07ff1.qua' ( QUARANTINE )
[NOTE] The file was deleted!
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP592\A0074688.exe
[DETECTION] Is the Trojan horse TR/Spy.Gen
[NOTE] A backup was created as '493312b2.qua' ( QUARANTINE )
[NOTE] The file was deleted!
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP592\A0074689.exe
[DETECTION] Is the Trojan horse TR/Spy.Gen
[NOTE] A backup was created as '48b07ff3.qua' ( QUARANTINE )
[NOTE] The file was deleted!
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP592\A0074690.exe
[DETECTION] Is the Trojan horse TR/Spy.Gen
[NOTE] A backup was created as '493312b1.qua' ( QUARANTINE )
[NOTE] The file was deleted!
C:\WINDOWS\system32\qoMfdcaa.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[NOTE] A backup was created as '48cd8224.qua' ( QUARANTINE )
[NOTE] The file was deleted!
C:\WINDOWS\system32\tuvVOHxX.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[NOTE] A backup was created as '48f68231.qua' ( QUARANTINE )
[WARNING] The file could not be deleted!
C:\WINDOWS\system32\drivers\sptd.sys
[WARNING] The file could not be opened!
Begin scan in 'D:\' <HP_RECOVERY>
Begin scan in 'M:\'
M:\telechargement\Adobe Photoshop CS2\Photoshop CS2\PANTHEON\keygen.exe
[DETECTION] Contains detection pattern of the worm WORM/Autorun.cxl
[NOTE] A backup was created as '48f9ff8c.qua' ( QUARANTINE )
[NOTE] The file was deleted!
M:\telechargement\DVDClonerIV.4.50.B92\DVDClonerIV .4.50.B92\pastila\pastila\snd.nfo.viewer.exe
[DETECTION] Is the Trojan horse TR/Crypt.CFI.Gen
[NOTE] A backup was created as '48e4ff9b.qua' ( QUARANTINE )
[NOTE] The file was deleted!
Begin scan in 'N:\'
N:\Documents and Settings\frank\Local Settings\Temporary Internet Files\Content.IE5\C1Q7YZA5\gestion-partenaires[1].htm
[DETECTION] Contains detection pattern of the HTML script virus HTML/Infected.WebPage.Gen
[NOTE] A backup was created as '48f40193.qua' ( QUARANTINE )
[NOTE] The file was deleted!
End of the scan: July 18, 2008 17:01
Used time: 18:20:28 min
The scan has been done completely.
17630 Scanning directories
818940 Files were scanned
35 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
33 files were deleted
0 files were repaired
34 files were moved to quarantine
0 files were renamed
2 Files cannot be scanned
818905 Files not concerned
21234 Archives were scanned
9 Warnings
35 Notes
Citation:
|
Supprime également les fichiers manuellement(albwadac.dll,iuyhebhh.dll,iiisrxjt.dl l_old).
|
il ma ete imposible de le faire meme avec tune up utilite
voivi un print screen du demarage avec tune up
la seconde ou j'ai tenter de decocher albwadac la petite fenetre de spybot apparait et elle revien toujours quand on fais deny change
le antivir: c'est le message que je recois quand j'ouvre n'importe quoi(page web,programe....)
Mode linéaire
