Rapport avg , c bon ?
sewine
-
Utilisateur anonyme -
Utilisateur anonyme -
Bonjour,
voici mon rapport avg , y a t'il autre chose a fair apres ou en plus ?
merci de m'aider car marre de ce virus msn !
--------------------
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------
+ Créé à: 23:11:07 16/02/2008
+ Résultat de l'analyse:
C:\Poker\Poker 770\_SetupPoker[1].exe -> Adware.Casino : Aucune action entreprise.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP676\A0079755.exe -> Adware.Companion : Aucune action entreprise.
[3080] C:\WINDOWS\system32\wivsvc.exe -> Backdoor.IRCBot.alo : Aucune action entreprise.
C:\Documents and Settings\HP_Administrateur\Bureau\MSNFix\16022008_20161200.zip/backup/removalfile.bat -> Not-A-Virus.Adware.Virtumonde : Aucune action entreprise.
C:\Documents and Settings\HP_Administrateur\Local Settings\Temp\removalfile.bat -> Not-A-Virus.Adware.Virtumonde : Aucune action entreprise.
:mozilla.109:C:\Documents and Settings\HP_Administrateur\Application Data\Mozilla\Firefox\Profiles\6jwmqyze.default\cookies.txt -> TrackingCookie.247realmedia : Aucune action entreprise.
C:\Documents and Settings\HP_Administrateur\Cookies\hp_administrateur@2o7[2].txt -> TrackingCookie.2o7 : Aucune action entreprise.
C:\Documents and Settings\HP_Administrateur\Cookies\hp_administrateur@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Aucune action entreprise.
:mozilla.56:C:\Documents and Settings\HP_Administrateur\Application Data\Mozilla\Firefox\Profiles\6jwmqyze.default\cookies.txt -> TrackingCookie.Adtech : Aucune action entreprise.
:mozilla.16:C:\Documents and Settings\HP_Administrateur\Application Data\Mozilla\Firefox\Profiles\6jwmqyze.default\cookies.txt -> TrackingCookie.Atdmt : Aucune action entreprise.
C:\Documents and Settings\HP_Administrateur\Cookies\hp_administrateur@atdmt[2].txt -> TrackingCookie.Atdmt : Aucune action entreprise.
:mozilla.64:C:\Documents and Settings\HP_Administrateur\Application Data\Mozilla\Firefox\Profiles\6jwmqyze.default\cookies.txt -> TrackingCookie.Comclick : Aucune action entreprise.
:mozilla.65:C:\Documents and Settings\HP_Administrateur\Application Data\Mozilla\Firefox\Profiles\6jwmqyze.default\cookies.txt -> TrackingCookie.Comclick : Aucune action entreprise.
:mozilla.66:C:\Documents and Settings\HP_Administrateur\Application Data\Mozilla\Firefox\Profiles\6jwmqyze.default\cookies.txt -> TrackingCookie.Comclick : Aucune action entreprise.
C:\Documents and Settings\HP_Administrateur\Cookies\hp_administrateur@doubleclick[1].txt -> TrackingCookie.Doubleclick : Aucune action entreprise.
:mozilla.374:C:\Documents and Settings\HP_Administrateur\Application Data\Mozilla\Firefox\Profiles\6jwmqyze.default\cookies.txt -> TrackingCookie.Imrworldwide : Aucune action entreprise.
:mozilla.375:C:\Documents and Settings\HP_Administrateur\Application Data\Mozilla\Firefox\Profiles\6jwmqyze.default\cookies.txt -> TrackingCookie.Imrworldwide : Aucune action entreprise.
:mozilla.707:C:\Documents and Settings\HP_Administrateur\Application Data\Mozilla\Firefox\Profiles\6jwmqyze.default\cookies.txt -> TrackingCookie.Masterstats : Aucune action entreprise.
:mozilla.118:C:\Documents and Settings\HP_Administrateur\Application Data\Mozilla\Firefox\Profiles\6jwmqyze.default\cookies.txt -> TrackingCookie.Netflame : Aucune action entreprise.
:mozilla.106:C:\Documents and Settings\HP_Administrateur\Application Data\Mozilla\Firefox\Profiles\6jwmqyze.default\cookies.txt -> TrackingCookie.Overture : Aucune action entreprise.
C:\Documents and Settings\HP_Administrateur\Cookies\hp_administrateur@overture[1].txt -> TrackingCookie.Overture : Aucune action entreprise.
:mozilla.81:C:\Documents and Settings\HP_Administrateur\Application Data\Mozilla\Firefox\Profiles\6jwmqyze.default\cookies.txt -> TrackingCookie.Serving-sys : Aucune action entreprise.
:mozilla.82:C:\Documents and Settings\HP_Administrateur\Application Data\Mozilla\Firefox\Profiles\6jwmqyze.default\cookies.txt -> TrackingCookie.Serving-sys : Aucune action entreprise.
:mozilla.83:C:\Documents and Settings\HP_Administrateur\Application Data\Mozilla\Firefox\Profiles\6jwmqyze.default\cookies.txt -> TrackingCookie.Serving-sys : Aucune action entreprise.
:mozilla.84:C:\Documents and Settings\HP_Administrateur\Application Data\Mozilla\Firefox\Profiles\6jwmqyze.default\cookies.txt -> TrackingCookie.Serving-sys : Aucune action entreprise.
:mozilla.85:C:\Documents and Settings\HP_Administrateur\Application Data\Mozilla\Firefox\Profiles\6jwmqyze.default\cookies.txt -> TrackingCookie.Serving-sys : Aucune action entreprise.
:mozilla.86:C:\Documents and Settings\HP_Administrateur\Application Data\Mozilla\Firefox\Profiles\6jwmqyze.default\cookies.txt -> TrackingCookie.Serving-sys : Aucune action entreprise.
:mozilla.87:C:\Documents and Settings\HP_Administrateur\Application Data\Mozilla\Firefox\Profiles\6jwmqyze.default\cookies.txt -> TrackingCookie.Serving-sys : Aucune action entreprise.
C:\Documents and Settings\HP_Administrateur\Cookies\hp_administrateur@bs.serving-sys[2].txt -> TrackingCookie.Serving-sys : Aucune action entreprise.
C:\Documents and Settings\HP_Administrateur\Cookies\hp_administrateur@serving-sys[1].txt -> TrackingCookie.Serving-sys : Aucune action entreprise.
:mozilla.89:C:\Documents and Settings\HP_Administrateur\Application Data\Mozilla\Firefox\Profiles\6jwmqyze.default\cookies.txt -> TrackingCookie.Smartadserver : Aucune action entreprise.
:mozilla.90:C:\Documents and Settings\HP_Administrateur\Application Data\Mozilla\Firefox\Profiles\6jwmqyze.default\cookies.txt -> TrackingCookie.Smartadserver : Aucune action entreprise.
:mozilla.91:C:\Documents and Settings\HP_Administrateur\Application Data\Mozilla\Firefox\Profiles\6jwmqyze.default\cookies.txt -> TrackingCookie.Smartadserver : Aucune action entreprise.
C:\Documents and Settings\HP_Administrateur\Cookies\hp_administrateur@smartadserver[2].txt -> TrackingCookie.Smartadserver : Aucune action entreprise.
:mozilla.50:C:\Documents and Settings\HP_Administrateur\Application Data\Mozilla\Firefox\Profiles\6jwmqyze.default\cookies.txt -> TrackingCookie.Weborama : Aucune action entreprise.
:mozilla.51:C:\Documents and Settings\HP_Administrateur\Application Data\Mozilla\Firefox\Profiles\6jwmqyze.default\cookies.txt -> TrackingCookie.Weborama : Aucune action entreprise.
:mozilla.52:C:\Documents and Settings\HP_Administrateur\Application Data\Mozilla\Firefox\Profiles\6jwmqyze.default\cookies.txt -> TrackingCookie.Weborama : Aucune action entreprise.
C:\Documents and Settings\HP_Administrateur\Cookies\hp_administrateur@weborama[1].txt -> TrackingCookie.Weborama : Aucune action entreprise.
:mozilla.710:C:\Documents and Settings\HP_Administrateur\Application Data\Mozilla\Firefox\Profiles\6jwmqyze.default\cookies.txt -> TrackingCookie.Webtrends : Aucune action entreprise.
Fin du rapport
voici mon rapport avg , y a t'il autre chose a fair apres ou en plus ?
merci de m'aider car marre de ce virus msn !
--------------------
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------
+ Créé à: 23:11:07 16/02/2008
+ Résultat de l'analyse:
C:\Poker\Poker 770\_SetupPoker[1].exe -> Adware.Casino : Aucune action entreprise.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP676\A0079755.exe -> Adware.Companion : Aucune action entreprise.
[3080] C:\WINDOWS\system32\wivsvc.exe -> Backdoor.IRCBot.alo : Aucune action entreprise.
C:\Documents and Settings\HP_Administrateur\Bureau\MSNFix\16022008_20161200.zip/backup/removalfile.bat -> Not-A-Virus.Adware.Virtumonde : Aucune action entreprise.
C:\Documents and Settings\HP_Administrateur\Local Settings\Temp\removalfile.bat -> Not-A-Virus.Adware.Virtumonde : Aucune action entreprise.
:mozilla.109:C:\Documents and Settings\HP_Administrateur\Application Data\Mozilla\Firefox\Profiles\6jwmqyze.default\cookies.txt -> TrackingCookie.247realmedia : Aucune action entreprise.
C:\Documents and Settings\HP_Administrateur\Cookies\hp_administrateur@2o7[2].txt -> TrackingCookie.2o7 : Aucune action entreprise.
C:\Documents and Settings\HP_Administrateur\Cookies\hp_administrateur@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Aucune action entreprise.
:mozilla.56:C:\Documents and Settings\HP_Administrateur\Application Data\Mozilla\Firefox\Profiles\6jwmqyze.default\cookies.txt -> TrackingCookie.Adtech : Aucune action entreprise.
:mozilla.16:C:\Documents and Settings\HP_Administrateur\Application Data\Mozilla\Firefox\Profiles\6jwmqyze.default\cookies.txt -> TrackingCookie.Atdmt : Aucune action entreprise.
C:\Documents and Settings\HP_Administrateur\Cookies\hp_administrateur@atdmt[2].txt -> TrackingCookie.Atdmt : Aucune action entreprise.
:mozilla.64:C:\Documents and Settings\HP_Administrateur\Application Data\Mozilla\Firefox\Profiles\6jwmqyze.default\cookies.txt -> TrackingCookie.Comclick : Aucune action entreprise.
:mozilla.65:C:\Documents and Settings\HP_Administrateur\Application Data\Mozilla\Firefox\Profiles\6jwmqyze.default\cookies.txt -> TrackingCookie.Comclick : Aucune action entreprise.
:mozilla.66:C:\Documents and Settings\HP_Administrateur\Application Data\Mozilla\Firefox\Profiles\6jwmqyze.default\cookies.txt -> TrackingCookie.Comclick : Aucune action entreprise.
C:\Documents and Settings\HP_Administrateur\Cookies\hp_administrateur@doubleclick[1].txt -> TrackingCookie.Doubleclick : Aucune action entreprise.
:mozilla.374:C:\Documents and Settings\HP_Administrateur\Application Data\Mozilla\Firefox\Profiles\6jwmqyze.default\cookies.txt -> TrackingCookie.Imrworldwide : Aucune action entreprise.
:mozilla.375:C:\Documents and Settings\HP_Administrateur\Application Data\Mozilla\Firefox\Profiles\6jwmqyze.default\cookies.txt -> TrackingCookie.Imrworldwide : Aucune action entreprise.
:mozilla.707:C:\Documents and Settings\HP_Administrateur\Application Data\Mozilla\Firefox\Profiles\6jwmqyze.default\cookies.txt -> TrackingCookie.Masterstats : Aucune action entreprise.
:mozilla.118:C:\Documents and Settings\HP_Administrateur\Application Data\Mozilla\Firefox\Profiles\6jwmqyze.default\cookies.txt -> TrackingCookie.Netflame : Aucune action entreprise.
:mozilla.106:C:\Documents and Settings\HP_Administrateur\Application Data\Mozilla\Firefox\Profiles\6jwmqyze.default\cookies.txt -> TrackingCookie.Overture : Aucune action entreprise.
C:\Documents and Settings\HP_Administrateur\Cookies\hp_administrateur@overture[1].txt -> TrackingCookie.Overture : Aucune action entreprise.
:mozilla.81:C:\Documents and Settings\HP_Administrateur\Application Data\Mozilla\Firefox\Profiles\6jwmqyze.default\cookies.txt -> TrackingCookie.Serving-sys : Aucune action entreprise.
:mozilla.82:C:\Documents and Settings\HP_Administrateur\Application Data\Mozilla\Firefox\Profiles\6jwmqyze.default\cookies.txt -> TrackingCookie.Serving-sys : Aucune action entreprise.
:mozilla.83:C:\Documents and Settings\HP_Administrateur\Application Data\Mozilla\Firefox\Profiles\6jwmqyze.default\cookies.txt -> TrackingCookie.Serving-sys : Aucune action entreprise.
:mozilla.84:C:\Documents and Settings\HP_Administrateur\Application Data\Mozilla\Firefox\Profiles\6jwmqyze.default\cookies.txt -> TrackingCookie.Serving-sys : Aucune action entreprise.
:mozilla.85:C:\Documents and Settings\HP_Administrateur\Application Data\Mozilla\Firefox\Profiles\6jwmqyze.default\cookies.txt -> TrackingCookie.Serving-sys : Aucune action entreprise.
:mozilla.86:C:\Documents and Settings\HP_Administrateur\Application Data\Mozilla\Firefox\Profiles\6jwmqyze.default\cookies.txt -> TrackingCookie.Serving-sys : Aucune action entreprise.
:mozilla.87:C:\Documents and Settings\HP_Administrateur\Application Data\Mozilla\Firefox\Profiles\6jwmqyze.default\cookies.txt -> TrackingCookie.Serving-sys : Aucune action entreprise.
C:\Documents and Settings\HP_Administrateur\Cookies\hp_administrateur@bs.serving-sys[2].txt -> TrackingCookie.Serving-sys : Aucune action entreprise.
C:\Documents and Settings\HP_Administrateur\Cookies\hp_administrateur@serving-sys[1].txt -> TrackingCookie.Serving-sys : Aucune action entreprise.
:mozilla.89:C:\Documents and Settings\HP_Administrateur\Application Data\Mozilla\Firefox\Profiles\6jwmqyze.default\cookies.txt -> TrackingCookie.Smartadserver : Aucune action entreprise.
:mozilla.90:C:\Documents and Settings\HP_Administrateur\Application Data\Mozilla\Firefox\Profiles\6jwmqyze.default\cookies.txt -> TrackingCookie.Smartadserver : Aucune action entreprise.
:mozilla.91:C:\Documents and Settings\HP_Administrateur\Application Data\Mozilla\Firefox\Profiles\6jwmqyze.default\cookies.txt -> TrackingCookie.Smartadserver : Aucune action entreprise.
C:\Documents and Settings\HP_Administrateur\Cookies\hp_administrateur@smartadserver[2].txt -> TrackingCookie.Smartadserver : Aucune action entreprise.
:mozilla.50:C:\Documents and Settings\HP_Administrateur\Application Data\Mozilla\Firefox\Profiles\6jwmqyze.default\cookies.txt -> TrackingCookie.Weborama : Aucune action entreprise.
:mozilla.51:C:\Documents and Settings\HP_Administrateur\Application Data\Mozilla\Firefox\Profiles\6jwmqyze.default\cookies.txt -> TrackingCookie.Weborama : Aucune action entreprise.
:mozilla.52:C:\Documents and Settings\HP_Administrateur\Application Data\Mozilla\Firefox\Profiles\6jwmqyze.default\cookies.txt -> TrackingCookie.Weborama : Aucune action entreprise.
C:\Documents and Settings\HP_Administrateur\Cookies\hp_administrateur@weborama[1].txt -> TrackingCookie.Weborama : Aucune action entreprise.
:mozilla.710:C:\Documents and Settings\HP_Administrateur\Application Data\Mozilla\Firefox\Profiles\6jwmqyze.default\cookies.txt -> TrackingCookie.Webtrends : Aucune action entreprise.
Fin du rapport
A voir également:
- Rapport avg , c bon ?
- Avg free - Télécharger - Antivirus & Antimalwares
- Plan rapport de stage - Guide
- Rapport de crash windows - Guide
- Avg rescue cd - Télécharger - Divers Utilitaires
- Impression rapport de stage ✓ - Forum Word
5 réponses
Bonsoir ,
non pas vraiment bon ....=/
*********************************************************************
Télécharge VundoFix ici -> http://www.atribune.org/ccount/click.php?id=4
lance Vundofix.exe
Coche la case Run VundoFix as a task,
Un pop-up va s'ouvrir , repond ok
Il va se refermer et réouvrir au bout d'une 1 minute environ.
Quand il est réouvert, clique sur Scan for Vundo
Quand le scan est terminé, clique sur Remove Vundo
Réponds Yes à la demande de suppression des fichiers.
Il te sera demandé de redémarrer ton ordinateur, accepte bien sûr.
Colle le rapport situé dans "c:\vundofix.txt" dans ta réponse
Télécharge VirtumondoBegone :
http://secured2k.home.comcast.net/tools/VirtumundoBeGone.exe
Redémarre en MSE et lance le,
Et poste moi le rapport.
*****************************************************************
Télécharge MSNFix.zip sur le bureau :
Ps: Il est possible que l'antivirus détecte un virus au téléchargement, mais ne t'inquiete pas , c'est normal.
Décompresse-le (clic droit : Extraire tout).
A la racine du disque dur, déplace le dossier décompressé --> (C:\MSNFix.)
Ouvre-le et double clique sur le fichier MSNFix.bat
Fait l'option 'R'.
Si l'infection est détectée, un message l'indiquera et il suffira de presser une touche pour lancer le nettoyage.
Sauvegarde ce rapport puis poste-le moi.
Note :
Si une erreur de suppression est détectée un message s'affichera demandant de redémarrer l'ordinateur afin de terminer les opérations.
Dans ce cas redemarre le pc.
Sauvegarder et fermer le rapport pour que Windows termine de se lancer normalement.
Recommande à tes contacts d'appliquer la même procédure afin de stopper le virus.
****************************************
Télécharge HJT
Place le dans ' C:\programmes\ ' Une fois cela fait , merci de renommer le fichier ' Hijackthis.exe '(situé dans le dossier dans C:\ ) en HJT.exe
Le chemin d'accés du programme doit être ressemblant à celui-ci : C:\Programme\Hijackthis\HJT.exe
Puis lance-le et choisi l'option '' do a system scan and save a logfile '' et poste moi le rapport ( qui apparait sur le bloc-note )
Tuto si tu n'y arrive pas : http://pageperso.aol.fr/balltrap34/demohijack.htm
A+
non pas vraiment bon ....=/
*********************************************************************
Télécharge VundoFix ici -> http://www.atribune.org/ccount/click.php?id=4
lance Vundofix.exe
Coche la case Run VundoFix as a task,
Un pop-up va s'ouvrir , repond ok
Il va se refermer et réouvrir au bout d'une 1 minute environ.
Quand il est réouvert, clique sur Scan for Vundo
Quand le scan est terminé, clique sur Remove Vundo
Réponds Yes à la demande de suppression des fichiers.
Il te sera demandé de redémarrer ton ordinateur, accepte bien sûr.
Colle le rapport situé dans "c:\vundofix.txt" dans ta réponse
Télécharge VirtumondoBegone :
http://secured2k.home.comcast.net/tools/VirtumundoBeGone.exe
Redémarre en MSE et lance le,
Et poste moi le rapport.
*****************************************************************
Télécharge MSNFix.zip sur le bureau :
Ps: Il est possible que l'antivirus détecte un virus au téléchargement, mais ne t'inquiete pas , c'est normal.
Décompresse-le (clic droit : Extraire tout).
A la racine du disque dur, déplace le dossier décompressé --> (C:\MSNFix.)
Ouvre-le et double clique sur le fichier MSNFix.bat
Fait l'option 'R'.
Si l'infection est détectée, un message l'indiquera et il suffira de presser une touche pour lancer le nettoyage.
Sauvegarde ce rapport puis poste-le moi.
Note :
Si une erreur de suppression est détectée un message s'affichera demandant de redémarrer l'ordinateur afin de terminer les opérations.
Dans ce cas redemarre le pc.
Sauvegarder et fermer le rapport pour que Windows termine de se lancer normalement.
Recommande à tes contacts d'appliquer la même procédure afin de stopper le virus.
****************************************
Télécharge HJT
Place le dans ' C:\programmes\ ' Une fois cela fait , merci de renommer le fichier ' Hijackthis.exe '(situé dans le dossier dans C:\ ) en HJT.exe
Le chemin d'accés du programme doit être ressemblant à celui-ci : C:\Programme\Hijackthis\HJT.exe
Puis lance-le et choisi l'option '' do a system scan and save a logfile '' et poste moi le rapport ( qui apparait sur le bloc-note )
Tuto si tu n'y arrive pas : http://pageperso.aol.fr/balltrap34/demohijack.htm
A+
attend faut que je fasse les 3 ou je choisi ? g deja fait msn fix dont voici le rapport:MSNFix 1.661
C:\Documents and Settings\HP_Administrateur\Bureau\MSNFix
Fix exécuté le 16/02/2008 - 20:12:45,51 By HP_Administrateur
mode normal
************************ Recherche les fichiers présents
... C:\DOCUME~1\HP_ADM~1\LOCALS~1\Temp\image???.zip
... C:\DOCUME~1\HP_ADM~1\LOCALS~1\Temp\removalfile.bat
... C:\WINDOWS\system32\mcrh.tmp
************************ Recherche les dossiers présents
... C:\Temp\
************************ Suppression des fichiers
.. OK ... C:\DOCUME~1\HP_ADM~1\LOCALS~1\Temp\image???.zip
.. OK ... C:\DOCUME~1\HP_ADM~1\LOCALS~1\Temp\removalfile.bat
.. OK ... C:\WINDOWS\system32\mcrh.tmp
************************ Suppression des dossiers
/!\ ... C:\Temp\
************************ Nettoyage du registre
************************ Fichiers suspects
Aucun Fichier trouvé
Les fichiers et clés de registre supprimés ont été sauvegardés dans le fichier 16022008_20161200.zip
------------------------------------------------------------------------
Auteur : !aur3n7 Contact: https://www.ionos.fr/
------------------------------------------------------------------------
--------------------------------------------- END ---------------------------------------------
C:\Documents and Settings\HP_Administrateur\Bureau\MSNFix
Fix exécuté le 16/02/2008 - 20:12:45,51 By HP_Administrateur
mode normal
************************ Recherche les fichiers présents
... C:\DOCUME~1\HP_ADM~1\LOCALS~1\Temp\image???.zip
... C:\DOCUME~1\HP_ADM~1\LOCALS~1\Temp\removalfile.bat
... C:\WINDOWS\system32\mcrh.tmp
************************ Recherche les dossiers présents
... C:\Temp\
************************ Suppression des fichiers
.. OK ... C:\DOCUME~1\HP_ADM~1\LOCALS~1\Temp\image???.zip
.. OK ... C:\DOCUME~1\HP_ADM~1\LOCALS~1\Temp\removalfile.bat
.. OK ... C:\WINDOWS\system32\mcrh.tmp
************************ Suppression des dossiers
/!\ ... C:\Temp\
************************ Nettoyage du registre
************************ Fichiers suspects
Aucun Fichier trouvé
Les fichiers et clés de registre supprimés ont été sauvegardés dans le fichier 16022008_20161200.zip
------------------------------------------------------------------------
Auteur : !aur3n7 Contact: https://www.ionos.fr/
------------------------------------------------------------------------
--------------------------------------------- END ---------------------------------------------
Re , oui tu devais les faire à la suite. / ok pour Msnfix.
Fait Vundofix et Virtumondobegone Stp
-----> Poste les rapports.
**************************
Puis suis la procédure avec Hijackthis.
A+
Fait Vundofix et Virtumondobegone Stp
-----> Poste les rapports.
**************************
Puis suis la procédure avec Hijackthis.
A+
voila virtumond
[02/16/2008, 23:47:02] - VirtumundoBeGone v1.5 ( "C:\Documents and Settings\HP_Administrateur\Bureau\VirtumundoBeGone.exe" )
[02/16/2008, 23:47:03] - Detected System Information:
[02/16/2008, 23:47:03] - Windows Version: 5.1.2600, Service Pack 2
[02/16/2008, 23:47:03] - Current Username: HP_Administrateur (Admin)
[02/16/2008, 23:47:04] - Windows is in NORMAL mode.
[02/16/2008, 23:47:04] - Searching for Browser Helper Objects:
[02/16/2008, 23:47:04] - BHO 1: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (AcroIEHlprObj Class)
[02/16/2008, 23:47:04] - BHO 2: {0EEDB912-C5FA-486F-8334-57288578C627} (Shareaza Web Download Hook)
[02/16/2008, 23:47:04] - BHO 3: {1F744DCD-79A5-47B1-802A-2FA8FA1D3856} ()
[02/16/2008, 23:47:04] - WARNING: BHO has no default name. Checking for Winlogon reference.
[02/16/2008, 23:47:04] - Checking for HKLM\...\Winlogon\Notify\vtsts
[02/16/2008, 23:47:04] - Key not found: HKLM\...\Winlogon\Notify\vtsts, continuing.
[02/16/2008, 23:47:04] - BHO 4: {23D44BCF-AA7A-41D6-8905-E808F16322EF} ()
[02/16/2008, 23:47:04] - WARNING: BHO has no default name. Checking for Winlogon reference.
[02/16/2008, 23:47:04] - Checking for HKLM\...\Winlogon\Notify\pmnnmkj
[02/16/2008, 23:47:04] - Found: HKLM\...\Winlogon\Notify\pmnnmkj - This is probably Virtumundo.
[02/16/2008, 23:47:04] - Assigning {23D44BCF-AA7A-41D6-8905-E808F16322EF} MSEvents Object
[02/16/2008, 23:47:04] - BHO list has been changed! Starting over...
[02/16/2008, 23:47:04] - BHO 1: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (AcroIEHlprObj Class)
[02/16/2008, 23:47:04] - BHO 2: {0EEDB912-C5FA-486F-8334-57288578C627} (Shareaza Web Download Hook)
[02/16/2008, 23:47:04] - BHO 3: {1F744DCD-79A5-47B1-802A-2FA8FA1D3856} ()
[02/16/2008, 23:47:04] - WARNING: BHO has no default name. Checking for Winlogon reference.
[02/16/2008, 23:47:04] - Checking for HKLM\...\Winlogon\Notify\vtsts
[02/16/2008, 23:47:04] - Key not found: HKLM\...\Winlogon\Notify\vtsts, continuing.
[02/16/2008, 23:47:04] - BHO 4: {23D44BCF-AA7A-41D6-8905-E808F16322EF} (MSEvents Object)
[02/16/2008, 23:47:04] - ALERT: Found MSEvents Object!
[02/16/2008, 23:47:04] - BHO 5: {6F733421-ADEE-410B-9816-53CA77801C81} ()
[02/16/2008, 23:47:04] - WARNING: BHO has no default name. Checking for Winlogon reference.
[02/16/2008, 23:47:04] - Checking for HKLM\...\Winlogon\Notify\ddcyx
[02/16/2008, 23:47:04] - Key not found: HKLM\...\Winlogon\Notify\ddcyx, continuing.
[02/16/2008, 23:47:04] - BHO 6: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (SSVHelper Class)
[02/16/2008, 23:47:04] - BHO 7: {8DF51381-911B-4511-B4A2-C9CEEBBB6687} ()
[02/16/2008, 23:47:04] - WARNING: BHO has no default name. Checking for Winlogon reference.
[02/16/2008, 23:47:04] - Checking for HKLM\...\Winlogon\Notify\geeba
[02/16/2008, 23:47:04] - Key not found: HKLM\...\Winlogon\Notify\geeba, continuing.
[02/16/2008, 23:47:05] - BHO 8: {8E2D08C7-BFCD-4A96-AF63-ED1F6CC7CEAA} ()
[02/16/2008, 23:47:05] - WARNING: BHO has no default name. Checking for Winlogon reference.
[02/16/2008, 23:47:05] - Checking for HKLM\...\Winlogon\Notify\mlljg
[02/16/2008, 23:47:05] - Key not found: HKLM\...\Winlogon\Notify\mlljg, continuing.
[02/16/2008, 23:47:05] - BHO 9: {9030D464-4C02-4ABF-8ECC-5164760863C6} (Programme d'aide de l'Assistant de connexion Windows Live)
[02/16/2008, 23:47:05] - BHO 10: {9370AF9A-7381-4DF1-8DCE-E14D7373DD04} ()
[02/16/2008, 23:47:05] - WARNING: BHO has no default name. Checking for Winlogon reference.
[02/16/2008, 23:47:05] - Checking for HKLM\...\Winlogon\Notify\mljgg
[02/16/2008, 23:47:05] - Key not found: HKLM\...\Winlogon\Notify\mljgg, continuing.
[02/16/2008, 23:47:05] - BHO 11: {AA58ED58-01DD-4d91-8333-CF10577473F7} (Google Toolbar Helper)
[02/16/2008, 23:47:05] - BHO 12: {af4f9a83-128b-4cdd-99e9-af929adc7e43} ()
[02/16/2008, 23:47:05] - WARNING: BHO has no default name. Checking for Winlogon reference.
[02/16/2008, 23:47:05] - Checking for HKLM\...\Winlogon\Notify\ndfvqbys
[02/16/2008, 23:47:05] - Key not found: HKLM\...\Winlogon\Notify\ndfvqbys, continuing.
[02/16/2008, 23:47:05] - BHO 13: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} (Google Toolbar Notifier BHO)
[02/16/2008, 23:47:05] - BHO 14: {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} (Windows Live Toolbar Helper)
[02/16/2008, 23:47:05] - BHO 15: {FA7B315A-26D9-46C9-AA2B-DED6B66E0BFB} ()
[02/16/2008, 23:47:05] - WARNING: BHO has no default name. Checking for Winlogon reference.
[02/16/2008, 23:47:05] - Checking for HKLM\...\Winlogon\Notify\mllmj
[02/16/2008, 23:47:05] - Key not found: HKLM\...\Winlogon\Notify\mllmj, continuing.
[02/16/2008, 23:47:05] - Finished Searching Browser Helper Objects
[02/16/2008, 23:47:05] - *** Detected MSEvents Object
[02/16/2008, 23:47:05] - Trying to remove MSEvents Object...
[02/16/2008, 23:47:06] - Terminating Process: IEXPLORE.EXE
[02/16/2008, 23:47:07] - Terminating Process: RUNDLL32.EXE
[02/16/2008, 23:47:07] - Disabling Automatic Shell Restart
[02/16/2008, 23:47:07] - Terminating Process: EXPLORER.EXE
[02/16/2008, 23:47:09] - Suspending the NT Session Manager System Service
[02/16/2008, 23:47:09] - Terminating Windows NT Logon/Logoff Manager
[02/16/2008, 23:47:09] - Re-enabling Automatic Shell Restart
[02/16/2008, 23:47:09] - File to disable: C:\WINDOWS\system32\pmnnmkj.dll
[02/16/2008, 23:47:10] - Renaming C:\WINDOWS\system32\pmnnmkj.dll -> C:\WINDOWS\system32\pmnnmkj.dll.vir
[02/16/2008, 23:47:12] - File successfully renamed!
[02/16/2008, 23:47:12] - Removing HKLM\...\Browser Helper Objects\{23D44BCF-AA7A-41D6-8905-E808F16322EF}
[02/16/2008, 23:47:12] - Removing HKCR\CLSID\{23D44BCF-AA7A-41D6-8905-E808F16322EF}
[02/16/2008, 23:47:12] - Adding Kill Bit for ActiveX for GUID: {23D44BCF-AA7A-41D6-8905-E808F16322EF}
[02/16/2008, 23:47:12] - Deleting ATLEvents/MSEvents Registry entries
[02/16/2008, 23:47:12] - Removing HKLM\...\Winlogon\Notify\pmnnmkj
[02/16/2008, 23:47:12] - Searching for Browser Helper Objects:
[02/16/2008, 23:47:12] - BHO 1: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (AcroIEHlprObj Class)
[02/16/2008, 23:47:12] - BHO 2: {0EEDB912-C5FA-486F-8334-57288578C627} (Shareaza Web Download Hook)
[02/16/2008, 23:47:12] - BHO 3: {1F744DCD-79A5-47B1-802A-2FA8FA1D3856} ()
[02/16/2008, 23:47:13] - WARNING: BHO has no default name. Checking for Winlogon reference.
[02/16/2008, 23:47:13] - Checking for HKLM\...\Winlogon\Notify\vtsts
[02/16/2008, 23:47:13] - Key not found: HKLM\...\Winlogon\Notify\vtsts, continuing.
[02/16/2008, 23:47:13] - BHO 4: {6F733421-ADEE-410B-9816-53CA77801C81} ()
[02/16/2008, 23:47:13] - WARNING: BHO has no default name. Checking for Winlogon reference.
[02/16/2008, 23:47:13] - Checking for HKLM\...\Winlogon\Notify\ddcyx
[02/16/2008, 23:47:13] - Key not found: HKLM\...\Winlogon\Notify\ddcyx, continuing.
[02/16/2008, 23:47:13] - BHO 5: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (SSVHelper Class)
[02/16/2008, 23:47:13] - BHO 6: {8DF51381-911B-4511-B4A2-C9CEEBBB6687} ()
[02/16/2008, 23:47:13] - WARNING: BHO has no default name. Checking for Winlogon reference.
[02/16/2008, 23:47:13] - Checking for HKLM\...\Winlogon\Notify\geeba
[02/16/2008, 23:47:13] - Key not found: HKLM\...\Winlogon\Notify\geeba, continuing.
[02/16/2008, 23:47:13] - BHO 7: {8E2D08C7-BFCD-4A96-AF63-ED1F6CC7CEAA} ()
[02/16/2008, 23:47:13] - WARNING: BHO has no default name. Checking for Winlogon reference.
[02/16/2008, 23:47:13] - Checking for HKLM\...\Winlogon\Notify\mlljg
[02/16/2008, 23:47:13] - Key not found: HKLM\...\Winlogon\Notify\mlljg, continuing.
[02/16/2008, 23:47:13] - BHO 8: {9030D464-4C02-4ABF-8ECC-5164760863C6} (Programme d'aide de l'Assistant de connexion Windows Live)
[02/16/2008, 23:47:13] - BHO 9: {9370AF9A-7381-4DF1-8DCE-E14D7373DD04} ()
[02/16/2008, 23:47:13] - WARNING: BHO has no default name. Checking for Winlogon reference.
[02/16/2008, 23:47:13] - Checking for HKLM\...\Winlogon\Notify\mljgg
[02/16/2008, 23:47:13] - Key not found: HKLM\...\Winlogon\Notify\mljgg, continuing.
[02/16/2008, 23:47:13] - BHO 10: {AA58ED58-01DD-4d91-8333-CF10577473F7} (Google Toolbar Helper)
[02/16/2008, 23:47:14] - BHO 11: {af4f9a83-128b-4cdd-99e9-af929adc7e43} ()
[02/16/2008, 23:47:14] - WARNING: BHO has no default name. Checking for Winlogon reference.
[02/16/2008, 23:47:14] - Checking for HKLM\...\Winlogon\Notify\ndfvqbys
[02/16/2008, 23:47:14] - Key not found: HKLM\...\Winlogon\Notify\ndfvqbys, continuing.
[02/16/2008, 23:47:14] - BHO 12: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} (Google Toolbar Notifier BHO)
[02/16/2008, 23:47:14] - BHO 13: {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} (Windows Live Toolbar Helper)
[02/16/2008, 23:47:14] - BHO 14: {FA7B315A-26D9-46C9-AA2B-DED6B66E0BFB} ()
[02/16/2008, 23:47:14] - WARNING: BHO has no default name. Checking for Winlogon reference.
[02/16/2008, 23:47:14] - Checking for HKLM\...\Winlogon\Notify\mllmj
[02/16/2008, 23:47:14] - Key not found: HKLM\...\Winlogon\Notify\mllmj, continuing.
[02/16/2008, 23:47:14] - Finished Searching Browser Helper Objects
[02/16/2008, 23:47:14] - Finishing up...
[02/16/2008, 23:47:14] - A restart is needed.
[02/16/2008, 23:47:14] - Automatic Reboot on STOP Error is not set. User will have to manually restart.
[02/16/2008, 23:47:18] - Attempting to Restart via STOP error (Blue Screen!)
[02/17/2008, 8:36:32] - VirtumundoBeGone v1.5 ( "C:\Documents and Settings\HP_Administrateur\Bureau\VirtumundoBeGone.exe" )
[02/17/2008, 8:36:36] - Detected System Information:
[02/17/2008, 8:36:36] - Windows Version: 5.1.2600, Service Pack 2
[02/17/2008, 8:36:36] - Current Username: HP_Administrateur (Admin)
[02/17/2008, 8:36:36] - Windows is in NORMAL mode.
[02/17/2008, 8:36:36] - Searching for Browser Helper Objects:
[02/17/2008, 8:36:36] - BHO 1: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (AcroIEHlprObj Class)
[02/17/2008, 8:36:36] - BHO 2: {0EEDB912-C5FA-486F-8334-57288578C627} (Shareaza Web Download Hook)
[02/17/2008, 8:36:36] - BHO 3: {1F744DCD-79A5-47B1-802A-2FA8FA1D3856} ()
[02/17/2008, 8:36:36] - WARNING: BHO has no default name. Checking for Winlogon reference.
[02/17/2008, 8:36:36] - Checking for HKLM\...\Winlogon\Notify\vtsts
[02/17/2008, 8:36:36] - Key not found: HKLM\...\Winlogon\Notify\vtsts, continuing.
[02/17/2008, 8:36:36] - BHO 4: {6F733421-ADEE-410B-9816-53CA77801C81} ()
[02/17/2008, 8:36:36] - WARNING: BHO has no default name. Checking for Winlogon reference.
[02/17/2008, 8:36:36] - Checking for HKLM\...\Winlogon\Notify\ddcyx
[02/17/2008, 8:36:36] - Key not found: HKLM\...\Winlogon\Notify\ddcyx, continuing.
[02/17/2008, 8:36:36] - BHO 5: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (SSVHelper Class)
[02/17/2008, 8:36:36] - BHO 6: {8DF51381-911B-4511-B4A2-C9CEEBBB6687} ()
[02/17/2008, 8:36:36] - WARNING: BHO has no default name. Checking for Winlogon reference.
[02/17/2008, 8:36:36] - Checking for HKLM\...\Winlogon\Notify\geeba
[02/17/2008, 8:36:36] - Key not found: HKLM\...\Winlogon\Notify\geeba, continuing.
[02/17/2008, 8:36:36] - BHO 7: {8E2D08C7-BFCD-4A96-AF63-ED1F6CC7CEAA} ()
[02/17/2008, 8:36:36] - WARNING: BHO has no default name. Checking for Winlogon reference.
[02/17/2008, 8:36:36] - Checking for HKLM\...\Winlogon\Notify\mlljg
[02/17/2008, 8:36:36] - Key not found: HKLM\...\Winlogon\Notify\mlljg, continuing.
[02/17/2008, 8:36:36] - BHO 8: {9030D464-4C02-4ABF-8ECC-5164760863C6} (Programme d'aide de l'Assistant de connexion Windows Live)
[02/17/2008, 8:36:36] - BHO 9: {9370AF9A-7381-4DF1-8DCE-E14D7373DD04} ()
[02/17/2008, 8:36:36] - WARNING: BHO has no default name. Checking for Winlogon reference.
[02/17/2008, 8:36:36] - Checking for HKLM\...\Winlogon\Notify\mljgg
[02/17/2008, 8:36:36] - Key not found: HKLM\...\Winlogon\Notify\mljgg, continuing.
[02/17/2008, 8:36:36] - BHO 10: {AA58ED58-01DD-4d91-8333-CF10577473F7} (Google Toolbar Helper)
[02/17/2008, 8:36:36] - BHO 11: {af4f9a83-128b-4cdd-99e9-af929adc7e43} ()
[02/17/2008, 8:36:36] - WARNING: BHO has no default name. Checking for Winlogon reference.
[02/17/2008, 8:36:36] - Checking for HKLM\...\Winlogon\Notify\ndfvqbys
[02/17/2008, 8:36:36] - Key not found: HKLM\...\Winlogon\Notify\ndfvqbys, continuing.
[02/17/2008, 8:36:36] - BHO 12: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} (Google Toolbar Notifier BHO)
[02/17/2008, 8:36:36] - BHO 13: {B6388AD8-4CD8-4065-9CBD-20F91A2F804B} ()
[02/17/2008, 8:36:36] - WARNING: BHO has no default name. Checking for Winlogon reference.
[02/17/2008, 8:36:36] - Checking for HKLM\...\Winlogon\Notify\mllmj
[02/17/2008, 8:36:36] - Key not found: HKLM\...\Winlogon\Notify\mllmj, continuing.
[02/17/2008, 8:36:36] - BHO 14: {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} (Windows Live Toolbar Helper)
[02/17/2008, 8:36:36] - Finished Searching Browser Helper Objects
[02/17/2008, 8:36:36] - Finishing up...
[02/17/2008, 8:36:36] - Nothing found! Exiting...
[02/16/2008, 23:47:02] - VirtumundoBeGone v1.5 ( "C:\Documents and Settings\HP_Administrateur\Bureau\VirtumundoBeGone.exe" )
[02/16/2008, 23:47:03] - Detected System Information:
[02/16/2008, 23:47:03] - Windows Version: 5.1.2600, Service Pack 2
[02/16/2008, 23:47:03] - Current Username: HP_Administrateur (Admin)
[02/16/2008, 23:47:04] - Windows is in NORMAL mode.
[02/16/2008, 23:47:04] - Searching for Browser Helper Objects:
[02/16/2008, 23:47:04] - BHO 1: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (AcroIEHlprObj Class)
[02/16/2008, 23:47:04] - BHO 2: {0EEDB912-C5FA-486F-8334-57288578C627} (Shareaza Web Download Hook)
[02/16/2008, 23:47:04] - BHO 3: {1F744DCD-79A5-47B1-802A-2FA8FA1D3856} ()
[02/16/2008, 23:47:04] - WARNING: BHO has no default name. Checking for Winlogon reference.
[02/16/2008, 23:47:04] - Checking for HKLM\...\Winlogon\Notify\vtsts
[02/16/2008, 23:47:04] - Key not found: HKLM\...\Winlogon\Notify\vtsts, continuing.
[02/16/2008, 23:47:04] - BHO 4: {23D44BCF-AA7A-41D6-8905-E808F16322EF} ()
[02/16/2008, 23:47:04] - WARNING: BHO has no default name. Checking for Winlogon reference.
[02/16/2008, 23:47:04] - Checking for HKLM\...\Winlogon\Notify\pmnnmkj
[02/16/2008, 23:47:04] - Found: HKLM\...\Winlogon\Notify\pmnnmkj - This is probably Virtumundo.
[02/16/2008, 23:47:04] - Assigning {23D44BCF-AA7A-41D6-8905-E808F16322EF} MSEvents Object
[02/16/2008, 23:47:04] - BHO list has been changed! Starting over...
[02/16/2008, 23:47:04] - BHO 1: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (AcroIEHlprObj Class)
[02/16/2008, 23:47:04] - BHO 2: {0EEDB912-C5FA-486F-8334-57288578C627} (Shareaza Web Download Hook)
[02/16/2008, 23:47:04] - BHO 3: {1F744DCD-79A5-47B1-802A-2FA8FA1D3856} ()
[02/16/2008, 23:47:04] - WARNING: BHO has no default name. Checking for Winlogon reference.
[02/16/2008, 23:47:04] - Checking for HKLM\...\Winlogon\Notify\vtsts
[02/16/2008, 23:47:04] - Key not found: HKLM\...\Winlogon\Notify\vtsts, continuing.
[02/16/2008, 23:47:04] - BHO 4: {23D44BCF-AA7A-41D6-8905-E808F16322EF} (MSEvents Object)
[02/16/2008, 23:47:04] - ALERT: Found MSEvents Object!
[02/16/2008, 23:47:04] - BHO 5: {6F733421-ADEE-410B-9816-53CA77801C81} ()
[02/16/2008, 23:47:04] - WARNING: BHO has no default name. Checking for Winlogon reference.
[02/16/2008, 23:47:04] - Checking for HKLM\...\Winlogon\Notify\ddcyx
[02/16/2008, 23:47:04] - Key not found: HKLM\...\Winlogon\Notify\ddcyx, continuing.
[02/16/2008, 23:47:04] - BHO 6: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (SSVHelper Class)
[02/16/2008, 23:47:04] - BHO 7: {8DF51381-911B-4511-B4A2-C9CEEBBB6687} ()
[02/16/2008, 23:47:04] - WARNING: BHO has no default name. Checking for Winlogon reference.
[02/16/2008, 23:47:04] - Checking for HKLM\...\Winlogon\Notify\geeba
[02/16/2008, 23:47:04] - Key not found: HKLM\...\Winlogon\Notify\geeba, continuing.
[02/16/2008, 23:47:05] - BHO 8: {8E2D08C7-BFCD-4A96-AF63-ED1F6CC7CEAA} ()
[02/16/2008, 23:47:05] - WARNING: BHO has no default name. Checking for Winlogon reference.
[02/16/2008, 23:47:05] - Checking for HKLM\...\Winlogon\Notify\mlljg
[02/16/2008, 23:47:05] - Key not found: HKLM\...\Winlogon\Notify\mlljg, continuing.
[02/16/2008, 23:47:05] - BHO 9: {9030D464-4C02-4ABF-8ECC-5164760863C6} (Programme d'aide de l'Assistant de connexion Windows Live)
[02/16/2008, 23:47:05] - BHO 10: {9370AF9A-7381-4DF1-8DCE-E14D7373DD04} ()
[02/16/2008, 23:47:05] - WARNING: BHO has no default name. Checking for Winlogon reference.
[02/16/2008, 23:47:05] - Checking for HKLM\...\Winlogon\Notify\mljgg
[02/16/2008, 23:47:05] - Key not found: HKLM\...\Winlogon\Notify\mljgg, continuing.
[02/16/2008, 23:47:05] - BHO 11: {AA58ED58-01DD-4d91-8333-CF10577473F7} (Google Toolbar Helper)
[02/16/2008, 23:47:05] - BHO 12: {af4f9a83-128b-4cdd-99e9-af929adc7e43} ()
[02/16/2008, 23:47:05] - WARNING: BHO has no default name. Checking for Winlogon reference.
[02/16/2008, 23:47:05] - Checking for HKLM\...\Winlogon\Notify\ndfvqbys
[02/16/2008, 23:47:05] - Key not found: HKLM\...\Winlogon\Notify\ndfvqbys, continuing.
[02/16/2008, 23:47:05] - BHO 13: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} (Google Toolbar Notifier BHO)
[02/16/2008, 23:47:05] - BHO 14: {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} (Windows Live Toolbar Helper)
[02/16/2008, 23:47:05] - BHO 15: {FA7B315A-26D9-46C9-AA2B-DED6B66E0BFB} ()
[02/16/2008, 23:47:05] - WARNING: BHO has no default name. Checking for Winlogon reference.
[02/16/2008, 23:47:05] - Checking for HKLM\...\Winlogon\Notify\mllmj
[02/16/2008, 23:47:05] - Key not found: HKLM\...\Winlogon\Notify\mllmj, continuing.
[02/16/2008, 23:47:05] - Finished Searching Browser Helper Objects
[02/16/2008, 23:47:05] - *** Detected MSEvents Object
[02/16/2008, 23:47:05] - Trying to remove MSEvents Object...
[02/16/2008, 23:47:06] - Terminating Process: IEXPLORE.EXE
[02/16/2008, 23:47:07] - Terminating Process: RUNDLL32.EXE
[02/16/2008, 23:47:07] - Disabling Automatic Shell Restart
[02/16/2008, 23:47:07] - Terminating Process: EXPLORER.EXE
[02/16/2008, 23:47:09] - Suspending the NT Session Manager System Service
[02/16/2008, 23:47:09] - Terminating Windows NT Logon/Logoff Manager
[02/16/2008, 23:47:09] - Re-enabling Automatic Shell Restart
[02/16/2008, 23:47:09] - File to disable: C:\WINDOWS\system32\pmnnmkj.dll
[02/16/2008, 23:47:10] - Renaming C:\WINDOWS\system32\pmnnmkj.dll -> C:\WINDOWS\system32\pmnnmkj.dll.vir
[02/16/2008, 23:47:12] - File successfully renamed!
[02/16/2008, 23:47:12] - Removing HKLM\...\Browser Helper Objects\{23D44BCF-AA7A-41D6-8905-E808F16322EF}
[02/16/2008, 23:47:12] - Removing HKCR\CLSID\{23D44BCF-AA7A-41D6-8905-E808F16322EF}
[02/16/2008, 23:47:12] - Adding Kill Bit for ActiveX for GUID: {23D44BCF-AA7A-41D6-8905-E808F16322EF}
[02/16/2008, 23:47:12] - Deleting ATLEvents/MSEvents Registry entries
[02/16/2008, 23:47:12] - Removing HKLM\...\Winlogon\Notify\pmnnmkj
[02/16/2008, 23:47:12] - Searching for Browser Helper Objects:
[02/16/2008, 23:47:12] - BHO 1: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (AcroIEHlprObj Class)
[02/16/2008, 23:47:12] - BHO 2: {0EEDB912-C5FA-486F-8334-57288578C627} (Shareaza Web Download Hook)
[02/16/2008, 23:47:12] - BHO 3: {1F744DCD-79A5-47B1-802A-2FA8FA1D3856} ()
[02/16/2008, 23:47:13] - WARNING: BHO has no default name. Checking for Winlogon reference.
[02/16/2008, 23:47:13] - Checking for HKLM\...\Winlogon\Notify\vtsts
[02/16/2008, 23:47:13] - Key not found: HKLM\...\Winlogon\Notify\vtsts, continuing.
[02/16/2008, 23:47:13] - BHO 4: {6F733421-ADEE-410B-9816-53CA77801C81} ()
[02/16/2008, 23:47:13] - WARNING: BHO has no default name. Checking for Winlogon reference.
[02/16/2008, 23:47:13] - Checking for HKLM\...\Winlogon\Notify\ddcyx
[02/16/2008, 23:47:13] - Key not found: HKLM\...\Winlogon\Notify\ddcyx, continuing.
[02/16/2008, 23:47:13] - BHO 5: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (SSVHelper Class)
[02/16/2008, 23:47:13] - BHO 6: {8DF51381-911B-4511-B4A2-C9CEEBBB6687} ()
[02/16/2008, 23:47:13] - WARNING: BHO has no default name. Checking for Winlogon reference.
[02/16/2008, 23:47:13] - Checking for HKLM\...\Winlogon\Notify\geeba
[02/16/2008, 23:47:13] - Key not found: HKLM\...\Winlogon\Notify\geeba, continuing.
[02/16/2008, 23:47:13] - BHO 7: {8E2D08C7-BFCD-4A96-AF63-ED1F6CC7CEAA} ()
[02/16/2008, 23:47:13] - WARNING: BHO has no default name. Checking for Winlogon reference.
[02/16/2008, 23:47:13] - Checking for HKLM\...\Winlogon\Notify\mlljg
[02/16/2008, 23:47:13] - Key not found: HKLM\...\Winlogon\Notify\mlljg, continuing.
[02/16/2008, 23:47:13] - BHO 8: {9030D464-4C02-4ABF-8ECC-5164760863C6} (Programme d'aide de l'Assistant de connexion Windows Live)
[02/16/2008, 23:47:13] - BHO 9: {9370AF9A-7381-4DF1-8DCE-E14D7373DD04} ()
[02/16/2008, 23:47:13] - WARNING: BHO has no default name. Checking for Winlogon reference.
[02/16/2008, 23:47:13] - Checking for HKLM\...\Winlogon\Notify\mljgg
[02/16/2008, 23:47:13] - Key not found: HKLM\...\Winlogon\Notify\mljgg, continuing.
[02/16/2008, 23:47:13] - BHO 10: {AA58ED58-01DD-4d91-8333-CF10577473F7} (Google Toolbar Helper)
[02/16/2008, 23:47:14] - BHO 11: {af4f9a83-128b-4cdd-99e9-af929adc7e43} ()
[02/16/2008, 23:47:14] - WARNING: BHO has no default name. Checking for Winlogon reference.
[02/16/2008, 23:47:14] - Checking for HKLM\...\Winlogon\Notify\ndfvqbys
[02/16/2008, 23:47:14] - Key not found: HKLM\...\Winlogon\Notify\ndfvqbys, continuing.
[02/16/2008, 23:47:14] - BHO 12: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} (Google Toolbar Notifier BHO)
[02/16/2008, 23:47:14] - BHO 13: {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} (Windows Live Toolbar Helper)
[02/16/2008, 23:47:14] - BHO 14: {FA7B315A-26D9-46C9-AA2B-DED6B66E0BFB} ()
[02/16/2008, 23:47:14] - WARNING: BHO has no default name. Checking for Winlogon reference.
[02/16/2008, 23:47:14] - Checking for HKLM\...\Winlogon\Notify\mllmj
[02/16/2008, 23:47:14] - Key not found: HKLM\...\Winlogon\Notify\mllmj, continuing.
[02/16/2008, 23:47:14] - Finished Searching Browser Helper Objects
[02/16/2008, 23:47:14] - Finishing up...
[02/16/2008, 23:47:14] - A restart is needed.
[02/16/2008, 23:47:14] - Automatic Reboot on STOP Error is not set. User will have to manually restart.
[02/16/2008, 23:47:18] - Attempting to Restart via STOP error (Blue Screen!)
[02/17/2008, 8:36:32] - VirtumundoBeGone v1.5 ( "C:\Documents and Settings\HP_Administrateur\Bureau\VirtumundoBeGone.exe" )
[02/17/2008, 8:36:36] - Detected System Information:
[02/17/2008, 8:36:36] - Windows Version: 5.1.2600, Service Pack 2
[02/17/2008, 8:36:36] - Current Username: HP_Administrateur (Admin)
[02/17/2008, 8:36:36] - Windows is in NORMAL mode.
[02/17/2008, 8:36:36] - Searching for Browser Helper Objects:
[02/17/2008, 8:36:36] - BHO 1: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (AcroIEHlprObj Class)
[02/17/2008, 8:36:36] - BHO 2: {0EEDB912-C5FA-486F-8334-57288578C627} (Shareaza Web Download Hook)
[02/17/2008, 8:36:36] - BHO 3: {1F744DCD-79A5-47B1-802A-2FA8FA1D3856} ()
[02/17/2008, 8:36:36] - WARNING: BHO has no default name. Checking for Winlogon reference.
[02/17/2008, 8:36:36] - Checking for HKLM\...\Winlogon\Notify\vtsts
[02/17/2008, 8:36:36] - Key not found: HKLM\...\Winlogon\Notify\vtsts, continuing.
[02/17/2008, 8:36:36] - BHO 4: {6F733421-ADEE-410B-9816-53CA77801C81} ()
[02/17/2008, 8:36:36] - WARNING: BHO has no default name. Checking for Winlogon reference.
[02/17/2008, 8:36:36] - Checking for HKLM\...\Winlogon\Notify\ddcyx
[02/17/2008, 8:36:36] - Key not found: HKLM\...\Winlogon\Notify\ddcyx, continuing.
[02/17/2008, 8:36:36] - BHO 5: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (SSVHelper Class)
[02/17/2008, 8:36:36] - BHO 6: {8DF51381-911B-4511-B4A2-C9CEEBBB6687} ()
[02/17/2008, 8:36:36] - WARNING: BHO has no default name. Checking for Winlogon reference.
[02/17/2008, 8:36:36] - Checking for HKLM\...\Winlogon\Notify\geeba
[02/17/2008, 8:36:36] - Key not found: HKLM\...\Winlogon\Notify\geeba, continuing.
[02/17/2008, 8:36:36] - BHO 7: {8E2D08C7-BFCD-4A96-AF63-ED1F6CC7CEAA} ()
[02/17/2008, 8:36:36] - WARNING: BHO has no default name. Checking for Winlogon reference.
[02/17/2008, 8:36:36] - Checking for HKLM\...\Winlogon\Notify\mlljg
[02/17/2008, 8:36:36] - Key not found: HKLM\...\Winlogon\Notify\mlljg, continuing.
[02/17/2008, 8:36:36] - BHO 8: {9030D464-4C02-4ABF-8ECC-5164760863C6} (Programme d'aide de l'Assistant de connexion Windows Live)
[02/17/2008, 8:36:36] - BHO 9: {9370AF9A-7381-4DF1-8DCE-E14D7373DD04} ()
[02/17/2008, 8:36:36] - WARNING: BHO has no default name. Checking for Winlogon reference.
[02/17/2008, 8:36:36] - Checking for HKLM\...\Winlogon\Notify\mljgg
[02/17/2008, 8:36:36] - Key not found: HKLM\...\Winlogon\Notify\mljgg, continuing.
[02/17/2008, 8:36:36] - BHO 10: {AA58ED58-01DD-4d91-8333-CF10577473F7} (Google Toolbar Helper)
[02/17/2008, 8:36:36] - BHO 11: {af4f9a83-128b-4cdd-99e9-af929adc7e43} ()
[02/17/2008, 8:36:36] - WARNING: BHO has no default name. Checking for Winlogon reference.
[02/17/2008, 8:36:36] - Checking for HKLM\...\Winlogon\Notify\ndfvqbys
[02/17/2008, 8:36:36] - Key not found: HKLM\...\Winlogon\Notify\ndfvqbys, continuing.
[02/17/2008, 8:36:36] - BHO 12: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} (Google Toolbar Notifier BHO)
[02/17/2008, 8:36:36] - BHO 13: {B6388AD8-4CD8-4065-9CBD-20F91A2F804B} ()
[02/17/2008, 8:36:36] - WARNING: BHO has no default name. Checking for Winlogon reference.
[02/17/2008, 8:36:36] - Checking for HKLM\...\Winlogon\Notify\mllmj
[02/17/2008, 8:36:36] - Key not found: HKLM\...\Winlogon\Notify\mllmj, continuing.
[02/17/2008, 8:36:36] - BHO 14: {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} (Windows Live Toolbar Helper)
[02/17/2008, 8:36:36] - Finished Searching Browser Helper Objects
[02/17/2008, 8:36:36] - Finishing up...
[02/17/2008, 8:36:36] - Nothing found! Exiting...
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question