Fenetres firefox et ie qui s'ouvrent toutes seules HELP PLEASE ! (Résolu!) (1/1)

Connexion au forum informatique de Sur-la-Toile

La discussion « Fenetres firefox et ie qui s'ouvrent toutes seules HELP PLEASE ! » se trouve dans le forum « Virus, troyens, etc... »

	Fenetres firefox et ie qui s'ouvrent toutes seules HELP PLEASE !
	» Liste des Forums » Virus, troyens, etc... » Discussion

5 messages dans la rubrique Virus, troyens, etc...

29 ans.

Le 14-08-2007 à 10:09 #

Salut,

Des fenêtres (je dis bien fenêtres et non pop up) s'ouvrent régulièrement sur des pub genre antivirus... après avoir lu les autres fil de discussion je poste directement les rapports de Navilog1 et Hijackthis - merci d'avance pour votre aide.

Avec Navilog

Search Navipromo version 2.0.7 commencé le 14/08/2007 à 9:35:41,73

!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
!!! Poster ce rapport sur le forum pour le faire analyser !!!
!!! Ne pas lancer la partie désinfection sans l'avis d'un spécialiste !!!

Fix lancé depuis C:\Program Files\navilog1
Mise a jour le 11.08.2007 a 18h00 by IL-MAFIOSO

Executé en mode normal

*** Recherche Programmes installes ***

*** Recherche dossiers dans C:\WINDOWS ***

*** Recherche dossiers dans C:\Program Files ***

*** Recherche dossiers dans C:\Documents and Settings\All Users\Application Data ***

*** Recherche dossiers dans C:\Documents and Settings\Eric\Application Data ***

*** Recherche avec BlackLight Engine/F-secure ***
BlackLight Engine est un produit de F-secure, pour + d'infos :
http://www.f-secure.com/blacklight/blacklight_help.html

Fichier(s) caché(s) dans C:\WINDOWS\system32 :

c:\WINDOWS\system32\ztnjhdxr.dat
C:\windows\system32\ztnjhdxr.exe
c:\WINDOWS\system32\ztnjhdxr_nav.dat
c:\WINDOWS\system32\ztnjhdxr_navps.dat

Processus caché(s) dans C:\WINDOWS\system32 :

C:\windows\system32\ztnjhdxr.exe

*** Recherche fichiers ***

C:\WINDOWS\system32\nvs2.inf trouvé !

*** Recherche cles registre ***

Recherche dans [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs]

Recherche dans [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage]

Recherche Clé Magic Control

HKEY_CURRENT_USER\Software\Lanconfig trouvé !

*** Module de Recherche complémentaire ***
(Recherche fichiers spécifiques)

1)Recherche fichiers connus:

C:\WINDOWS\system32\qqstv.ini2 trouvé ! infection Vundo possible non traité par cet outil !
C:\WINDOWS\system32\dgjlm.bak1 trouvé ! infection Vundo possible non traité par cet outil !
C:\WINDOWS\system32\dgjlm.bak2 trouvé ! infection Vundo possible non traité par cet outil !
C:\WINDOWS\system32\qqstv.bak2 trouvé ! infection Vundo possible non traité par cet outil !

2)Recherche Heuristique :
*
C:\WINDOWS\system32\ztnjhdxr.dat trouvé !
**
C:\WINDOWS\system32\ztnjhdxr.dat trouvé !
***
****
*****
******
*******
********
C:\WINDOWS\system32\btcenoxw.exe trouvé !
C:\WINDOWS\system32\btxcjbid.exe trouvé !
C:\WINDOWS\system32\drbvjqpq.exe trouvé !
C:\WINDOWS\system32\efqrybpl.exe trouvé !
C:\WINDOWS\system32\ficxlxwr.exe trouvé !
C:\WINDOWS\system32\gfchmuib.exe trouvé !
C:\WINDOWS\system32\hbwbqtlr.exe trouvé !
C:\WINDOWS\system32\hlhrjvdr.exe trouvé !
C:\WINDOWS\system32\ifotqpeq.exe trouvé !
C:\WINDOWS\system32\ioupxwqn.exe trouvé !
C:\WINDOWS\system32\iuibdkcn.exe trouvé !
C:\WINDOWS\system32\iwcjohkr.exe trouvé !
C:\WINDOWS\system32\kfuxftqx.exe trouvé !
C:\WINDOWS\system32\lggtbope.exe trouvé !
C:\WINDOWS\system32\mukogayn.exe trouvé !
C:\WINDOWS\system32\ndlyjrgb.exe trouvé !
C:\WINDOWS\system32\odrxxesn.exe trouvé !
C:\WINDOWS\system32\oglnjfww.exe trouvé !
C:\WINDOWS\system32\palxfdda.exe trouvé !
C:\WINDOWS\system32\pynvivlb.exe trouvé !
C:\WINDOWS\system32\spikusic.exe trouvé !
C:\WINDOWS\system32\uqjmjxqx.exe trouvé !
C:\WINDOWS\system32\vguyciuo.exe trouvé !
C:\WINDOWS\system32\wyknsgvl.exe trouvé !
C:\WINDOWS\system32\xiakmbps.exe trouvé !
C:\WINDOWS\system32\xrydxeuc.exe trouvé !
C:\WINDOWS\system32\yarbykqn.exe trouvé !
C:\WINDOWS\system32\yfuclvsm.exe trouvé !

3)Recherche Certificats :

Certificat Egroup trouvé !

*** Recherche avec GenericNaviSearch Beta ***
!!! Tous Ces résultats peuvent révéler des fichiers légitimes !!!
!!! A verifier impérativement avant toute suppression manuelle !!!

Fichiers trouvés :

Aucun Fichier trouvé !

Fichiers suspects :

Aucun Fichier suspect trouvé !

*** Analyse Terminé le 14/08/2007 à 9:48:25,79 ***

Avec Hijackthis :

Logfile of HijackThis v1.99.1
Scan saved at 09:50:51, on 14/08/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\acs.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Unlocker\UnlockerAssistant.exe
C:\WINDOWS\system32\RunDLL32.exe
C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\WINDOWS\BricoPacks\Crystal Clear\RocketDock\RocketDock.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\WIDCOMM\Logiciel Bluetooth\BTTray.exe
C:\PROGRA~1\WIDCOMM\LOGICI~1\BTSTAC~1.EXE
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Fritivi\fritivi_recorder.exe
C:\WINDOWS\BricoPacks\Crystal Clear\UberIcon\UberIcon Manager.exe
C:\Program Files\OpenOffice.org 2.0\program\soffice.exe
C:\WINDOWS\BricoPacks\Crystal Clear\YzShadow\YzShadow.exe
C:\Program Files\OpenOffice.org 2.0\program\soffice.BIN
C:\WINDOWS\BricoPacks\Crystal Clear\YzToolbar\YzToolBar.exe
C:\Program Files\Fichiers communs\Logitech\KHAL\KHALMNPR.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Documents and Settings\Eric\Mes documents\test.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://home.microsoft.com/access/autosearch.asp?p=%s
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: (no name) - {0021996E-8D3C-41FD-92EE-1B8860D061C6} - (no file)
O2 - BHO: (no name) - {03CC10C9-F090-4822-AE92-C66337C71732} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {08518F15-31BE-47E2-908E-3143E08D2C5A} - (no file)
O2 - BHO: (no name) - {0E322036-AB20-4301-9AF4-EA6BCB3912C7} - (no file)
O2 - BHO: (no name) - {11A2F8BB-A3D2-4E9E-833F-8CE926B53427} - (no file)
O2 - BHO: (no name) - {1375CE95-712B-4150-A947-49B6090CC07B} - (no file)
O2 - BHO: (no name) - {186E4195-F0F6-4E10-B781-B196EF029CED} - (no file)
O2 - BHO: (no name) - {1CC0F117-BF84-43E6-98DD-CF548B3DABF0} - (no file)
O2 - BHO: (no name) - {235F1E92-EEE8-4D32-8E83-FB41E1C7E4C3} - (no file)
O2 - BHO: (no name) - {288135CC-C8F8-4EEA-8065-BC342AD0A749} - (no file)
O2 - BHO: (no name) - {321563A7-B735-4553-89DD-1DA53FFE3548} - C:\WINDOWS\system32\qogcdkrw.dll
O2 - BHO: (no name) - {3AE69987-979E-4962-8073-4F32C85CB67E} - (no file)
O2 - BHO: (no name) - {40343BDA-8099-4334-85AE-C2B34A7F1488} - (no file)
O2 - BHO: (no name) - {49621E1E-E1D1-450F-B855-FC85FEAA33A7} - (no file)
O2 - BHO: (no name) - {5C7C8F90-DDCF-4841-A455-E26A2FE76BED} - (no file)
O2 - BHO: (no name) - {672F52C1-7690-453B-ADEC-FFC215FA1028} - (no file)
O2 - BHO: (no name) - {6C0E5A15-9B24-428A-9056-115624F9667B} - (no file)
O2 - BHO: (no name) - {6D23D2DE-4D23-4C5E-A2AF-884B34D54A78} - (no file)
O2 - BHO: (no name) - {6D794CB4-C7CD-4c6f-BFDC-9B77AFBDC02C} - C:\WINDOWS\system32\awtqnkh.dll (file missing)
O2 - BHO: (no name) - {732CFD74-45C6-424D-8BC1-9241B5537BFF} - (no file)
O2 - BHO: (no name) - {746D60A9-EE31-470B-ACDD-7464277C108e} - C:\WINDOWS\system32\srbfnido.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: (no name) - {7A258C31-A6F5-451E-AA02-47CD4E6DDB10} - (no file)
O2 - BHO: (no name) - {7AD910C0-FD04-4ED4-B31C-2142F39E70B7} - (no file)
O2 - BHO: (no name) - {7B260288-81FC-432E-8016-B5A8EF43B028} - C:\WINDOWS\system32\vtsqq.dll
O2 - BHO: (no name) - {7C7404BC-5320-4223-8451-86E03698702A} - (no file)
O2 - BHO: (no name) - {8FC7693F-0131-4D4D-AFF9-10BDECDE6C5A} - (no file)
O2 - BHO: (no name) - {902A33A8-936F-4CB4-8DCB-475B2897C7A1} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {9913E592-E543-4458-892F-6ABD3E1A8A2A} - (no file)
O2 - BHO: (no name) - {9974EE55-870E-4B73-BFAD-FD73418DF836} - (no file)
O2 - BHO: (no name) - {A527F7DE-8BFC-4C96-A249-AAE6304BB0A5} - (no file)
O2 - BHO: (no name) - {AC3338F2-CD57-43BF-8331-248F0BBAFC07} - (no file)
O2 - BHO: (no name) - {BF1D72D9-86CA-409A-8748-0131419496BA} - (no file)
O2 - BHO: (no name) - {C4BBCD00-C3C4-4A7A-A719-1C2E6A7FC66F} - (no file)
O2 - BHO: (no name) - {C825AA87-7A7B-4532-8F77-187D42960D72} - (no file)
O2 - BHO: (no name) - {CCDAD369-A4AE-48D9-A582-50EBABAA3E54} - C:\WINDOWS\system32\mljgd.dll (file missing)
O2 - BHO: (no name) - {CE008378-84E2-4295-BE55-40DC41419817} - C:\WINDOWS\system32\mljgd.dll (file missing)
O2 - BHO: (no name) - {CF46BFB3-2ACC-441b-B82B-36B9562C7FF1} - C:\WINDOWS\system32\ssitrlfe.dll
O2 - BHO: (no name) - {E6024CC5-0E6E-4667-B0AC-EDCEA71FA689} - (no file)
O2 - BHO: (no name) - {ED5E1A40-89F4-4C30-AED7-3E9F4DCC07BE} - (no file)
O2 - BHO: (no name) - {ED86C1DC-5B7C-4228-AC05-54DA0BB8A999} - (no file)
O2 - BHO: (no name) - {F2354E76-8724-4E0C-AFE8-04030E0981F4} - (no file)
O2 - BHO: (no name) - {F2BF9C04-0BA9-4C8A-ACDE-DFF2033FBF8F} - (no file)
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [SW20] C:\WINDOWS\system32\sw20.exe
O4 - HKLM\..\Run: [SW24] C:\WINDOWS\system32\sw24.exe
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [Windows Services] "C:\Program Files\svchosts.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [Smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKLM\..\Run: [j0281631] rundll32 C:\WINDOWS\system32\j0281631.dll sook
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKCU\..\Run: [RocketDock] "C:\WINDOWS\BricoPacks\Crystal Clear\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [Wallpaper] "C:\Program Files\Wallpaper\Wallpaper.exe" Starter
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - Startup: Fritivi Recorder.lnk = C:\Program Files\Fritivi\fritivi_recorder.exe
O4 - Startup: OpenOffice.org 2.0.lnk = C:\Program Files\OpenOffice.org 2.0\program\quickstart.exe
O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Crystal Clear\RocketDock\RocketDock.exe
O4 - Startup: UberIcon.lnk = C:\WINDOWS\BricoPacks\Crystal Clear\UberIcon\UberIcon Manager.exe
O4 - Startup: Y'z Shadow.lnk = C:\WINDOWS\BricoPacks\Crystal Clear\YzShadow\YzShadow.exe
O4 - Startup: Y'z Toolbar.lnk = C:\WINDOWS\BricoPacks\Crystal Clear\YzToolbar\YzToolBar.exe
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {03F998B2-0E00-11D3-A498-00104B6EB52E} (MetaStreamCtl Class) - https://components.viewpoint.com/MTSInstallers/MetaStream3.cab?url=http://www.astonmartin.com/configurator/db9coupe_load.html
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - http://download.mcafee.com/molbin/shared/mcinsctl/4,0,0,101/mcinsctl.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan8/oscan8.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} - http://download.mcafee.com/molbin/shared/mcgdmgr/1,0,0,26/mcgdmgr.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{0ECE54B4-A4C6-4778-B2B7-D54EA04B8BC8}: NameServer = 212.27.53.252,212.27.54.252
O17 - HKLM\System\CCS\Services\Tcpip\..\{3BB13427-3031-466B-A866-CCADC0521D7D}: NameServer = 212.27.32.176,212.27.32.177
O17 - HKLM\System\CS1\Services\Tcpip\..\{0ECE54B4-A4C6-4778-B2B7-D54EA04B8BC8}: NameServer = 212.27.53.252,212.27.54.252
O17 - HKLM\System\CS2\Services\Tcpip\..\{0ECE54B4-A4C6-4778-B2B7-D54EA04B8BC8}: NameServer = 212.27.53.252,212.27.54.252
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: widimg - {EE7C2AFF-5742-44FF-BD0E-E521B0D3C3BA} - C:\WINDOWS\system32\btxppanel.dll
O20 - Winlogon Notify: awtqnkh - C:\WINDOWS\
O20 - Winlogon Notify: awtstrs - awtstrs.dll (file missing)
O20 - Winlogon Notify: ddcawvv - C:\WINDOWS\SYSTEM32\ddcawvv.dll
O20 - Winlogon Notify: ddccdcc - C:\WINDOWS\SYSTEM32\ddccdcc.dll
O20 - Winlogon Notify: fccccyy - C:\WINDOWS\SYSTEM32\fccccyy.dll
O20 - Winlogon Notify: fcccyvv - C:\WINDOWS\SYSTEM32\fcccyvv.dll
O20 - Winlogon Notify: gebcayw - C:\WINDOWS\SYSTEM32\gebcayw.dll
O20 - Winlogon Notify: hggebxy - C:\WINDOWS\SYSTEM32\hggebxy.dll
O20 - Winlogon Notify: hggefdc - C:\WINDOWS\SYSTEM32\hggefdc.dll
O20 - Winlogon Notify: hgggggf - C:\WINDOWS\SYSTEM32\hgggggf.dll
O20 - Winlogon Notify: hgghfcd - C:\WINDOWS\SYSTEM32\hgghfcd.dll
O20 - Winlogon Notify: iifcbyw - C:\WINDOWS\SYSTEM32\iifcbyw.dll
O20 - Winlogon Notify: iifeffd - C:\WINDOWS\SYSTEM32\iifeffd.dll
O20 - Winlogon Notify: khfddee - C:\WINDOWS\SYSTEM32\khfddee.dll
O20 - Winlogon Notify: khffded - C:\WINDOWS\SYSTEM32\khffded.dll
O20 - Winlogon Notify: LBTServ - C:\Program Files\Fichiers communs\Logitech\Bluetooth\lbtserv.dll
O20 - Winlogon Notify: ljjiihh - C:\WINDOWS\SYSTEM32\ljjiihh.dll
O20 - Winlogon Notify: mljgd - C:\WINDOWS\system32\mljgd.dll (file missing)
O20 - Winlogon Notify: mljgefg - C:\WINDOWS\SYSTEM32\mljgefg.dll
O20 - Winlogon Notify: mljkhgf - C:\WINDOWS\SYSTEM32\mljkhgf.dll
O20 - Winlogon Notify: mljkjgf - C:\WINDOWS\SYSTEM32\mljkjgf.dll
O20 - Winlogon Notify: nnnmjjk - C:\WINDOWS\SYSTEM32\nnnmjjk.dll
O20 - Winlogon Notify: nnnnnol - C:\WINDOWS\SYSTEM32\nnnnnol.dll
O20 - Winlogon Notify: nnnooll - C:\WINDOWS\SYSTEM32\nnnooll.dll
O20 - Winlogon Notify: opnlmno - C:\WINDOWS\SYSTEM32\opnlmno.dll
O20 - Winlogon Notify: opnmnnm - C:\WINDOWS\SYSTEM32\opnmnnm.dll
O20 - Winlogon Notify: opnolml - C:\WINDOWS\SYSTEM32\opnolml.dll
O20 - Winlogon Notify: qomjgfg - C:\WINDOWS\SYSTEM32\qomjgfg.dll
O20 - Winlogon Notify: qomljig - C:\WINDOWS\SYSTEM32\qomljig.dll
O20 - Winlogon Notify: qopmlmj - C:\WINDOWS\SYSTEM32\qopmlmj.dll
O20 - Winlogon Notify: rqrpnkj - C:\WINDOWS\SYSTEM32\rqrpnkj.dll
O20 - Winlogon Notify: rqrpqno - C:\WINDOWS\SYSTEM32\rqrpqno.dll
O20 - Winlogon Notify: rqrsqqq - C:\WINDOWS\SYSTEM32\rqrsqqq.dll
O20 - Winlogon Notify: ssqpmjh - C:\WINDOWS\SYSTEM32\ssqpmjh.dll
O20 - Winlogon Notify: tuvspmk - C:\WINDOWS\SYSTEM32\tuvspmk.dll
O20 - Winlogon Notify: tuvturo - C:\WINDOWS\SYSTEM32\tuvturo.dll
O20 - Winlogon Notify: urqnonn - C:\WINDOWS\SYSTEM32\urqnonn.dll
O20 - Winlogon Notify: vtsqq - C:\WINDOWS\system32\vtsqq.dll
O20 - Winlogon Notify: vtusqrq - C:\WINDOWS\SYSTEM32\vtusqrq.dll
O20 - Winlogon Notify: vtutqno - C:\WINDOWS\SYSTEM32\vtutqno.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing)
O20 - Winlogon Notify: wvuvvsp - C:\WINDOWS\SYSTEM32\wvuvvsp.dll
O20 - Winlogon Notify: yayvsqp - C:\WINDOWS\SYSTEM32\yayvsqp.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Atheros Configuration Service (ACS) - Unknown owner - C:\WINDOWS\system32\acs.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation - C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe
O23 - Service: DomainService - Unknown owner - C:\WINDOWS\system32\eaqfxfvl.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe

[ Ce message a été modifié par : : sdf13 le 14-08-2007 10:41 ]

2115 messages dans la rubrique Aide aux devoirs

579 messages dans la rubrique Dépannage Informatique

303 messages dans la rubrique Virus, troyens, etc...

39 ans.

Le 14-08-2007 à 12:01 #

Salut sdf,

1°)************************* VUNDOFIX ***************************

Télécharger sur le Bureau : VundoFix

= Double-clic VundoFix.exe.
= Clic OK
=Attendre le redemarrage de Vundofix
=Clic Scan for Vundo
= le scan est assez long , à la fin
=Clic Remove Vundo
= Puis yes
= Le Bureau disparaît un moment lors de la suppression des fichiers.
=Message shutdown
=clic OK
=Redémarrage auto
Note : il peut y avoir plusieurs redémarrages
= le rapport se trouve dans C:\vundofix.txt

tu postes le rapport vundofix

2°)******************* VIRTUMONDOBEGONE *****************

Télécharger sur le bureau
VirtumondoBegone

=Double clic sur VirtumundoBeGone.exe
=clic Continue
=clic Start
=clic Oui
=A la fin si Vundo est présent , le PC s’éteint et redémarre

Si Ecran bleu et message : Erreur fatale .. pas de problème

=Poster le rapport VBG.TXT qui est sur le bureau

3°) ************************** CLEAN ***************************

Télecharger clean sur le bureau
Dézipper sur le bureau.
= ouvrir le dossier clean
= cliquer sur le symbole roue dentée avec le nom clean
= choisir l'option 1 et laisser clean travailler jusqu'à l'apparition du texte "appuyer sur une touche pour continuer"
= copier et coller le rapport dans la réponse.

A plus

29 ans.

Le 14-08-2007 à 19:59 #

Salut scoob1,

merci pour cette prompte réponse

; voici les 3 rapports demandés :

1°)************************* VUNDOFIX ***************************

VundoFix V6.5.7

Checking Java version...

Java version is 1.5.0.6
Old versions of java are exploitable and should be removed.

Java version is 1.5.0.8
Old versions of java are exploitable and should be removed.

Java version is 1.5.0.9
Old versions of java are exploitable and should be removed.

Java version is 1.5.0.10

Java version is 1.5.0.11

Scan started at 19:11:11 14/08/2007

Listing files found while scanning....

C:\windows\system32\ahpaxcww.dll
C:\WINDOWS\system32\atlouaxh.dll
C:\WINDOWS\system32\awtqnkh.dll
C:\windows\system32\awtqqrp.dll
C:\windows\system32\awtqrpm.dll
C:\windows\system32\awtrpom.dll
C:\windows\system32\awtsron.dll
C:\windows\system32\awtsrop.dll
C:\windows\system32\awtstqq.dll
C:\windows\system32\awttqno.dll
C:\windows\system32\awttssp.dll
C:\windows\system32\bhppynko.dll
C:\windows\system32\bmuugudd.dll
C:\windows\system32\bqayjtoq.dll
C:\windows\system32\bqypthob.dll
C:\windows\system32\byxutsr.dll
C:\windows\system32\byxvuuu.dll
C:\windows\system32\byxxwvv.dll
C:\windows\system32\byxyxvw.dll
C:\windows\system32\cbxyayw.dll
C:\windows\system32\clwnebpi.exe
C:\windows\system32\coglthvg.dll
C:\windows\system32\cpogpwry.ini
C:\windows\system32\crcctdam.dll
C:\windows\system32\ddcawvv.dll
C:\windows\system32\ddcbbcy.dll
C:\windows\system32\ddcbcdc.dll
C:\windows\system32\ddccayy.dll
C:\windows\system32\ddccdcc.dll
C:\windows\system32\dfhgmrdo.dll
C:\WINDOWS\system32\dgjlm.bak1
C:\WINDOWS\system32\dgjlm.bak2
C:\WINDOWS\system32\dgjlm.ini
C:\windows\system32\dobtskqm.dll
C:\windows\system32\dwfxarft.dll
C:\windows\system32\dyqmkeum.dll
C:\windows\system32\eaqfxfvl.exe
C:\windows\system32\ebrgbfxr.ini
C:\windows\system32\efcyvut.dll
C:\windows\system32\efcyyaw.dll
C:\windows\system32\efcyyvw.dll
C:\windows\system32\efguejhi.dll
C:\windows\system32\elottquq.ini
C:\windows\system32\eoabpppm.ini
C:\windows\system32\fccccyy.dll
C:\windows\system32\fcccyvv.dll
C:\windows\system32\fccdcbx.dll
C:\windows\system32\fcftprqk.dll
C:\windows\system32\ffrlfifj.dll
C:\windows\system32\fmbkkplv.dll
C:\windows\system32\fsvieqxy.dll
C:\WINDOWS\system32\ftrneove.dll
C:\windows\system32\gbailces.dll
C:\windows\system32\gbovaiaq.dll
C:\windows\system32\gebaxut.dll
C:\windows\system32\gebbbyv.dll
C:\windows\system32\gebcayw.dll
C:\windows\system32\gebxyay.dll
C:\windows\system32\gebxywu.dll
C:\windows\system32\gfuqoyfb.dll
C:\windows\system32\gjfjqkcc.dll
C:\windows\system32\gyuvvhnb.dll
C:\windows\system32\hffyyndu.dll
C:\windows\system32\hggebxy.dll
C:\windows\system32\hggefdc.dll
C:\windows\system32\hggefec.dll
C:\windows\system32\hgggggf.dll
C:\windows\system32\hgghfcd.dll
C:\windows\system32\hgghhhf.dll
C:\windows\system32\hsuiebbx.exe
C:\windows\system32\iifcbyw.dll
C:\windows\system32\iifdday.dll
C:\windows\system32\iifeffd.dll
C:\windows\system32\ikteybjp.dll
C:\windows\system32\inanuaqt.dll
C:\windows\system32\iokdnxrw.exe
C:\windows\system32\ioocdgcv.exe
C:\windows\system32\isdwdgic.dll
C:\windows\system32\jkkjhec.dll
C:\windows\system32\jkkkhfe.dll
C:\windows\system32\jviatrou.dll
C:\windows\system32\kdgrcfti.dll
C:\windows\system32\khfcaba.dll
C:\windows\system32\khfddee.dll
C:\windows\system32\khffded.dll
C:\windows\system32\khfghfg.dll
C:\windows\system32\koatarwm.exe
C:\windows\system32\ksbiwoqk.exe
C:\windows\system32\kuqtfmbi.dll
C:\windows\system32\lbnrhdhs.exe
C:\WINDOWS\system32\lcvmduaa.dll
C:\windows\system32\ldjsnfcx.ini
C:\windows\system32\ljhedef.dll
C:\windows\system32\ljjhfda.dll
C:\windows\system32\ljjiihh.dll
C:\WINDOWS\system32\ljjkkih.dll
C:\windows\system32\lylxwsot.dll
C:\WINDOWS\system32\lyuwyrvn.dll
C:\windows\system32\madtccrc.ini
C:\WINDOWS\system32\mljgd.dll
C:\windows\system32\mljgefg.dll
C:\windows\system32\mljhhff.dll
C:\windows\system32\mljihee.dll
C:\windows\system32\mljkhgf.dll
C:\windows\system32\mljkjgf.dll
C:\windows\system32\mljkkki.dll
C:\windows\system32\mnxqcmdd.dll
C:\windows\system32\mpppbaoe.dll
C:\windows\system32\mslphsdt.dll
C:\windows\system32\mutdggqe.dll
C:\windows\system32\mxafsxcp.dll
C:\windows\system32\naksnyrt.dll
C:\windows\system32\ndamvcoh.dll
C:\windows\system32\nnnmjjk.dll
C:\windows\system32\nnnnlmm.dll
C:\windows\system32\nnnnnol.dll
C:\windows\system32\nnnooll.dll
C:\windows\system32\npceeeaw.dll
C:\windows\system32\ntnfwntl.dll
C:\windows\system32\nynobhsp.dll
C:\WINDOWS\system32\odwvsqqa.dll
C:\windows\system32\opnlmno.dll
C:\windows\system32\opnmnnm.dll
C:\windows\system32\opnnolk.dll
C:\windows\system32\opnolml.dll
C:\windows\system32\opymykbv.exe
C:\windows\system32\pcwsncte.dll
C:\windows\system32\pipwhvry.exe
C:\windows\system32\pixqegxo.exe
C:\windows\system32\pmnklih.dll
C:\windows\system32\pogfmvsp.exe
C:\windows\system32\pwfluyfq.dll
C:\windows\system32\qajyotmk.exe
C:\WINDOWS\system32\qdkklhwx.dll
C:\windows\system32\qfyulfwp.ini
C:\windows\system32\qikdxxae.exe
C:\windows\system32\qmancoks.dll
C:\windows\system32\qnluphcf.exe
C:\windows\system32\qomjgfg.dll
C:\windows\system32\qomkjjj.dll
C:\windows\system32\qomljig.dll
C:\windows\system32\qomlmml.dll
C:\windows\system32\qommlkk.dll
C:\windows\system32\qopmlmj.dll
C:\windows\system32\qotjyaqb.ini
C:\windows\system32\qprtaybi.exe
C:\windows\system32\qqstv.bak2
C:\windows\system32\qqstv.ini
C:\windows\system32\qqstv.ini2
C:\windows\system32\qqstv.tmp
C:\windows\system32\qstowmwy.dll
C:\windows\system32\quqttole.dll
C:\windows\system32\rdunhqih.exe
C:\windows\system32\rojjoqbi.dll
C:\windows\system32\rqromll.dll
C:\windows\system32\rqrpnkj.dll
C:\windows\system32\rqrpool.dll
C:\windows\system32\rqrpqno.dll
C:\windows\system32\rqrqnop.dll
C:\windows\system32\rqrqrpm.dll
C:\windows\system32\rqrsqnk.dll
C:\windows\system32\rqrsqqq.dll
C:\windows\system32\rqrsrqo.dll
C:\windows\system32\rrmidmkc.dll
C:\windows\system32\rxfbgrbe.dll
C:\windows\system32\sarnwuec.dll
C:\windows\system32\secliabg.ini
C:\windows\system32\sfmbfbkv.dll
C:\windows\system32\sjxybkrv.dll
C:\windows\system32\somtagyu.ini
C:\windows\system32\spwlsmvx.dll
C:\WINDOWS\system32\srmxhifr.dll
C:\WINDOWS\system32\ssitrlfe.dll
C:\windows\system32\ssqnopo.dll
C:\windows\system32\ssqoppq.dll
C:\windows\system32\ssqpmjh.dll
C:\windows\system32\ssqrpom.dll
C:\windows\system32\tanpdtom.dll
C:\windows\system32\tntatrmp.dll
C:\windows\system32\tqaunani.ini
C:\windows\system32\tuvspmk.dll
C:\windows\system32\tuvtrpn.dll
C:\windows\system32\tuvturo.dll
C:\windows\system32\tuvustr.dll
C:\windows\system32\tuvwvut.dll
C:\windows\system32\uanupvxf.exe
C:\windows\system32\uortaivj.ini
C:\windows\system32\urqnonn.dll
C:\windows\system32\urqpqop.dll
C:\windows\system32\uygatmos.dll
C:\windows\system32\vgyhddvp.dll
C:\WINDOWS\system32\vtsqq.dll
C:\windows\system32\vturqrr.dll
C:\windows\system32\vtursqo.dll
C:\windows\system32\vtusqrq.dll
C:\windows\system32\vtutqnn.dll
C:\windows\system32\vtutqno.dll
C:\windows\system32\vuqjyrhs.exe
C:\windows\system32\vyjtndox.ini
C:\windows\system32\wbxhkrav.exe
C:\windows\system32\wpgnbhwv.exe
C:\windows\system32\wvuvvsp.dll
C:\windows\system32\xcfnsjdl.dll
C:\WINDOWS\system32\xcmilvar.dll
C:\windows\system32\xmsirgjw.dll
C:\windows\system32\xodntjyv.dll
C:\windows\system32\xrtbdonr.dll
C:\windows\system32\xvwscegn.dll
C:\windows\system32\yayvsqp.dll
C:\windows\system32\yayvwuu.dll
C:\windows\system32\yfnidufp.exe
C:\windows\system32\ynuhdpgw.dll
C:\windows\system32\yrwpgopc.dll
C:\windows\system32\ysnnvdag.exe
C:\windows\system32\ywmwotsq.ini

Beginning removal...

Attempting to delete C:\windows\system32\ahpaxcww.dll
C:\windows\system32\ahpaxcww.dll Has been deleted!

Attempting to delete C:\windows\system32\awtqqrp.dll
C:\windows\system32\awtqqrp.dll Has been deleted!

Attempting to delete C:\windows\system32\awtqrpm.dll
C:\windows\system32\awtqrpm.dll Has been deleted!

Attempting to delete C:\windows\system32\awtrpom.dll
C:\windows\system32\awtrpom.dll Has been deleted!

Attempting to delete C:\windows\system32\awtsron.dll
C:\windows\system32\awtsron.dll Has been deleted!

Attempting to delete C:\windows\system32\awtsrop.dll
C:\windows\system32\awtsrop.dll Has been deleted!

Attempting to delete C:\windows\system32\awtstqq.dll
C:\windows\system32\awtstqq.dll Has been deleted!

Attempting to delete C:\windows\system32\awttqno.dll
C:\windows\system32\awttqno.dll Has been deleted!

Attempting to delete C:\windows\system32\awttssp.dll
C:\windows\system32\awttssp.dll Has been deleted!

Attempting to delete C:\windows\system32\bhppynko.dll
C:\windows\system32\bhppynko.dll Has been deleted!

Attempting to delete C:\windows\system32\bmuugudd.dll
C:\windows\system32\bmuugudd.dll Has been deleted!

Attempting to delete C:\windows\system32\bqayjtoq.dll
C:\windows\system32\bqayjtoq.dll Has been deleted!

Attempting to delete C:\windows\system32\bqypthob.dll
C:\windows\system32\bqypthob.dll Has been deleted!

Attempting to delete C:\windows\system32\byxutsr.dll
C:\windows\system32\byxutsr.dll Has been deleted!

Attempting to delete C:\windows\system32\byxvuuu.dll
C:\windows\system32\byxvuuu.dll Has been deleted!

Attempting to delete C:\windows\system32\byxxwvv.dll
C:\windows\system32\byxxwvv.dll Has been deleted!

Attempting to delete C:\windows\system32\byxyxvw.dll
C:\windows\system32\byxyxvw.dll Has been deleted!

Attempting to delete C:\windows\system32\cbxyayw.dll
C:\windows\system32\cbxyayw.dll Has been deleted!

Attempting to delete C:\windows\system32\clwnebpi.exe
C:\windows\system32\clwnebpi.exe Has been deleted!

Attempting to delete C:\windows\system32\coglthvg.dll
C:\windows\system32\coglthvg.dll Has been deleted!

Attempting to delete C:\windows\system32\cpogpwry.ini
C:\windows\system32\cpogpwry.ini Has been deleted!

Attempting to delete C:\windows\system32\crcctdam.dll
C:\windows\system32\crcctdam.dll Has been deleted!

Attempting to delete C:\windows\system32\ddcawvv.dll
C:\windows\system32\ddcawvv.dll Has been deleted!

Attempting to delete C:\windows\system32\ddcbbcy.dll
C:\windows\system32\ddcbbcy.dll Has been deleted!

Attempting to delete C:\windows\system32\ddcbcdc.dll
C:\windows\system32\ddcbcdc.dll Has been deleted!

Attempting to delete C:\windows\system32\ddccayy.dll
C:\windows\system32\ddccayy.dll Has been deleted!

Attempting to delete C:\windows\system32\ddccdcc.dll
C:\windows\system32\ddccdcc.dll Has been deleted!

Attempting to delete C:\windows\system32\dfhgmrdo.dll
C:\windows\system32\dfhgmrdo.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\dgjlm.bak1
C:\WINDOWS\system32\dgjlm.bak1 Has been deleted!

Attempting to delete C:\WINDOWS\system32\dgjlm.bak2
C:\WINDOWS\system32\dgjlm.bak2 Has been deleted!

Attempting to delete C:\WINDOWS\system32\dgjlm.ini
C:\WINDOWS\system32\dgjlm.ini Has been deleted!

Attempting to delete C:\windows\system32\dobtskqm.dll
C:\windows\system32\dobtskqm.dll Has been deleted!

Attempting to delete C:\windows\system32\dwfxarft.dll
C:\windows\system32\dwfxarft.dll Has been deleted!

Attempting to delete C:\windows\system32\dyqmkeum.dll
C:\windows\system32\dyqmkeum.dll Has been deleted!

Attempting to delete C:\windows\system32\eaqfxfvl.exe
C:\windows\system32\eaqfxfvl.exe Has been deleted!

Attempting to delete C:\windows\system32\ebrgbfxr.ini
C:\windows\system32\ebrgbfxr.ini Has been deleted!

Attempting to delete C:\windows\system32\efcyvut.dll
C:\windows\system32\efcyvut.dll Has been deleted!

Attempting to delete C:\windows\system32\efcyyaw.dll
C:\windows\system32\efcyyaw.dll Has been deleted!

Attempting to delete C:\windows\system32\efcyyvw.dll
C:\windows\system32\efcyyvw.dll Has been deleted!

Attempting to delete C:\windows\system32\efguejhi.dll
C:\windows\system32\efguejhi.dll Has been deleted!

Attempting to delete C:\windows\system32\elottquq.ini
C:\windows\system32\elottquq.ini Has been deleted!

Attempting to delete C:\windows\system32\eoabpppm.ini
C:\windows\system32\eoabpppm.ini Has been deleted!

Attempting to delete C:\windows\system32\fccccyy.dll
C:\windows\system32\fccccyy.dll Has been deleted!

Attempting to delete C:\windows\system32\fcccyvv.dll
C:\windows\system32\fcccyvv.dll Has been deleted!

Attempting to delete C:\windows\system32\fccdcbx.dll
C:\windows\system32\fccdcbx.dll Has been deleted!

Attempting to delete C:\windows\system32\fcftprqk.dll
C:\windows\system32\fcftprqk.dll Has been deleted!

Attempting to delete C:\windows\system32\ffrlfifj.dll
C:\windows\system32\ffrlfifj.dll Has been deleted!

Attempting to delete C:\windows\system32\fmbkkplv.dll
C:\windows\system32\fmbkkplv.dll Has been deleted!

Attempting to delete C:\windows\system32\fsvieqxy.dll
C:\windows\system32\fsvieqxy.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\ftrneove.dll
C:\WINDOWS\system32\ftrneove.dll Has been deleted!

Attempting to delete C:\windows\system32\gbailces.dll
C:\windows\system32\gbailces.dll Has been deleted!

Attempting to delete C:\windows\system32\gbovaiaq.dll
C:\windows\system32\gbovaiaq.dll Has been deleted!

Attempting to delete C:\windows\system32\gebaxut.dll
C:\windows\system32\gebaxut.dll Has been deleted!

Attempting to delete C:\windows\system32\gebbbyv.dll
C:\windows\system32\gebbbyv.dll Has been deleted!

Attempting to delete C:\windows\system32\gebcayw.dll
C:\windows\system32\gebcayw.dll Has been deleted!

Attempting to delete C:\windows\system32\gebxyay.dll
C:\windows\system32\gebxyay.dll Has been deleted!

Attempting to delete C:\windows\system32\gebxywu.dll
C:\windows\system32\gebxywu.dll Has been deleted!

Attempting to delete C:\windows\system32\gfuqoyfb.dll
C:\windows\system32\gfuqoyfb.dll Has been deleted!

Attempting to delete C:\windows\system32\gjfjqkcc.dll
C:\windows\system32\gjfjqkcc.dll Has been deleted!

Attempting to delete C:\windows\system32\gyuvvhnb.dll
C:\windows\system32\gyuvvhnb.dll Has been deleted!

Attempting to delete C:\windows\system32\hffyyndu.dll
C:\windows\system32\hffyyndu.dll Has been deleted!

Attempting to delete C:\windows\system32\hggebxy.dll
C:\windows\system32\hggebxy.dll Has been deleted!

Attempting to delete C:\windows\system32\hggefdc.dll
C:\windows\system32\hggefdc.dll Has been deleted!

Attempting to delete C:\windows\system32\hggefec.dll
C:\windows\system32\hggefec.dll Has been deleted!

Attempting to delete C:\windows\system32\hgggggf.dll
C:\windows\system32\hgggggf.dll Has been deleted!

Attempting to delete C:\windows\system32\hgghfcd.dll
C:\windows\system32\hgghfcd.dll Has been deleted!

Attempting to delete C:\windows\system32\hgghhhf.dll
C:\windows\system32\hgghhhf.dll Has been deleted!

Attempting to delete C:\windows\system32\hsuiebbx.exe
C:\windows\system32\hsuiebbx.exe Has been deleted!

Attempting to delete C:\windows\system32\iifcbyw.dll
C:\windows\system32\iifcbyw.dll Has been deleted!

Attempting to delete C:\windows\system32\iifdday.dll
C:\windows\system32\iifdday.dll Has been deleted!

Attempting to delete C:\windows\system32\iifeffd.dll
C:\windows\system32\iifeffd.dll Has been deleted!

Attempting to delete C:\windows\system32\ikteybjp.dll
C:\windows\system32\ikteybjp.dll Has been deleted!

Attempting to delete C:\windows\system32\inanuaqt.dll
C:\windows\system32\inanuaqt.dll Has been deleted!

Attempting to delete C:\windows\system32\iokdnxrw.exe
C:\windows\system32\iokdnxrw.exe Has been deleted!

Attempting to delete C:\windows\system32\ioocdgcv.exe
C:\windows\system32\ioocdgcv.exe Has been deleted!

Attempting to delete C:\windows\system32\isdwdgic.dll
C:\windows\system32\isdwdgic.dll Has been deleted!

Attempting to delete C:\windows\system32\jkkjhec.dll
C:\windows\system32\jkkjhec.dll Has been deleted!

Attempting to delete C:\windows\system32\jkkkhfe.dll
C:\windows\system32\jkkkhfe.dll Has been deleted!

Attempting to delete C:\windows\system32\jviatrou.dll
C:\windows\system32\jviatrou.dll Has been deleted!

Attempting to delete C:\windows\system32\kdgrcfti.dll
C:\windows\system32\kdgrcfti.dll Has been deleted!

Attempting to delete C:\windows\system32\khfcaba.dll
C:\windows\system32\khfcaba.dll Has been deleted!

Attempting to delete C:\windows\system32\khfddee.dll
C:\windows\system32\khfddee.dll Has been deleted!

Attempting to delete C:\windows\system32\khffded.dll
C:\windows\system32\khffded.dll Has been deleted!

Attempting to delete C:\windows\system32\khfghfg.dll
C:\windows\system32\khfghfg.dll Has been deleted!

Attempting to delete C:\windows\system32\koatarwm.exe
C:\windows\system32\koatarwm.exe Has been deleted!

Attempting to delete C:\windows\system32\ksbiwoqk.exe
C:\windows\system32\ksbiwoqk.exe Has been deleted!

Attempting to delete C:\windows\system32\kuqtfmbi.dll
C:\windows\system32\kuqtfmbi.dll Has been deleted!

Attempting to delete C:\windows\system32\lbnrhdhs.exe
C:\windows\system32\lbnrhdhs.exe Has been deleted!

Attempting to delete C:\WINDOWS\system32\lcvmduaa.dll
C:\WINDOWS\system32\lcvmduaa.dll Has been deleted!

Attempting to delete C:\windows\system32\ldjsnfcx.ini
C:\windows\system32\ldjsnfcx.ini Has been deleted!

Attempting to delete C:\windows\system32\ljhedef.dll
C:\windows\system32\ljhedef.dll Has been deleted!

Attempting to delete C:\windows\system32\ljjhfda.dll
C:\windows\system32\ljjhfda.dll Has been deleted!

Attempting to delete C:\windows\system32\ljjiihh.dll
C:\windows\system32\ljjiihh.dll Has been deleted!

Attempting to delete C:\windows\system32\lylxwsot.dll
C:\windows\system32\lylxwsot.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\lyuwyrvn.dll
C:\WINDOWS\system32\lyuwyrvn.dll Has been deleted!

Attempting to delete C:\windows\system32\madtccrc.ini
C:\windows\system32\madtccrc.ini Has been deleted!

Attempting to delete C:\windows\system32\mljgefg.dll
C:\windows\system32\mljgefg.dll Has been deleted!

Attempting to delete C:\windows\system32\mljhhff.dll
C:\windows\system32\mljhhff.dll Has been deleted!

Attempting to delete C:\windows\system32\mljihee.dll
C:\windows\system32\mljihee.dll Has been deleted!

Attempting to delete C:\windows\system32\mljkhgf.dll
C:\windows\system32\mljkhgf.dll Has been deleted!

Attempting to delete C:\windows\system32\mljkjgf.dll
C:\windows\system32\mljkjgf.dll Has been deleted!

Attempting to delete C:\windows\system32\mljkkki.dll
C:\windows\system32\mljkkki.dll Has been deleted!

Attempting to delete C:\windows\system32\mnxqcmdd.dll
C:\windows\system32\mnxqcmdd.dll Has been deleted!

Attempting to delete C:\windows\system32\mpppbaoe.dll
C:\windows\system32\mpppbaoe.dll Has been deleted!

Attempting to delete C:\windows\system32\mslphsdt.dll
C:\windows\system32\mslphsdt.dll Has been deleted!

Attempting to delete C:\windows\system32\mutdggqe.dll
C:\windows\system32\mutdggqe.dll Has been deleted!

Attempting to delete C:\windows\system32\mxafsxcp.dll
C:\windows\system32\mxafsxcp.dll Has been deleted!

Attempting to delete C:\windows\system32\naksnyrt.dll
C:\windows\system32\naksnyrt.dll Has been deleted!

Attempting to delete C:\windows\system32\ndamvcoh.dll
C:\windows\system32\ndamvcoh.dll Has been deleted!

Attempting to delete C:\windows\system32\nnnmjjk.dll
C:\windows\system32\nnnmjjk.dll Has been deleted!

Attempting to delete C:\windows\system32\nnnnlmm.dll
C:\windows\system32\nnnnlmm.dll Has been deleted!

Attempting to delete C:\windows\system32\nnnnnol.dll
C:\windows\system32\nnnnnol.dll Has been deleted!

Attempting to delete C:\windows\system32\nnnooll.dll
C:\windows\system32\nnnooll.dll Has been deleted!

Attempting to delete C:\windows\system32\npceeeaw.dll
C:\windows\system32\npceeeaw.dll Has been deleted!

Attempting to delete C:\windows\system32\ntnfwntl.dll
C:\windows\system32\ntnfwntl.dll Has been deleted!

Attempting to delete C:\windows\system32\nynobhsp.dll
C:\windows\system32\nynobhsp.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\odwvsqqa.dll
C:\WINDOWS\system32\odwvsqqa.dll Has been deleted!

Attempting to delete C:\windows\system32\opnlmno.dll
C:\windows\system32\opnlmno.dll Has been deleted!

Attempting to delete C:\windows\system32\opnmnnm.dll
C:\windows\system32\opnmnnm.dll Has been deleted!

Attempting to delete C:\windows\system32\opnnolk.dll
C:\windows\system32\opnnolk.dll Has been deleted!

Attempting to delete C:\windows\system32\opnolml.dll
C:\windows\system32\opnolml.dll Has been deleted!

Attempting to delete C:\windows\system32\opymykbv.exe
C:\windows\system32\opymykbv.exe Has been deleted!

Attempting to delete C:\windows\system32\pcwsncte.dll
C:\windows\system32\pcwsncte.dll Has been deleted!

Attempting to delete C:\windows\system32\pipwhvry.exe
C:\windows\system32\pipwhvry.exe Has been deleted!

Attempting to delete C:\windows\system32\pixqegxo.exe
C:\windows\system32\pixqegxo.exe Has been deleted!

Attempting to delete C:\windows\system32\pmnklih.dll
C:\windows\system32\pmnklih.dll Has been deleted!

Attempting to delete C:\windows\system32\pogfmvsp.exe
C:\windows\system32\pogfmvsp.exe Has been deleted!

Attempting to delete C:\windows\system32\pwfluyfq.dll
C:\windows\system32\pwfluyfq.dll Has been deleted!

Attempting to delete C:\windows\system32\qajyotmk.exe
C:\windows\system32\qajyotmk.exe Has been deleted!

Attempting to delete C:\WINDOWS\system32\qdkklhwx.dll
C:\WINDOWS\system32\qdkklhwx.dll Has been deleted!

Attempting to delete C:\windows\system32\qfyulfwp.ini
C:\windows\system32\qfyulfwp.ini Has been deleted!

Attempting to delete C:\windows\system32\qikdxxae.exe
C:\windows\system32\qikdxxae.exe Has been deleted!

Attempting to delete C:\windows\system32\qmancoks.dll
C:\windows\system32\qmancoks.dll Has been deleted!

Attempting to delete C:\windows\system32\qnluphcf.exe
C:\windows\system32\qnluphcf.exe Has been deleted!

Attempting to delete C:\windows\system32\qomjgfg.dll
C:\windows\system32\qomjgfg.dll Has been deleted!

Attempting to delete C:\windows\system32\qomkjjj.dll
C:\windows\system32\qomkjjj.dll Has been deleted!

Attempting to delete C:\windows\system32\qomljig.dll
C:\windows\system32\qomljig.dll Has been deleted!

Attempting to delete C:\windows\system32\qomlmml.dll
C:\windows\system32\qomlmml.dll Has been deleted!

Attempting to delete C:\windows\system32\qommlkk.dll
C:\windows\system32\qommlkk.dll Has been deleted!

Attempting to delete C:\windows\system32\qopmlmj.dll
C:\windows\system32\qopmlmj.dll Has been deleted!

Attempting to delete C:\windows\system32\qotjyaqb.ini
C:\windows\system32\qotjyaqb.ini Has been deleted!

Attempting to delete C:\windows\system32\qprtaybi.exe
C:\windows\system32\qprtaybi.exe Has been deleted!

Attempting to delete C:\windows\system32\qqstv.bak2
C:\windows\system32\qqstv.bak2 Has been deleted!

Attempting to delete C:\windows\system32\qqstv.ini
C:\windows\system32\qqstv.ini Has been deleted!

Attempting to delete C:\windows\system32\qqstv.ini2
C:\windows\system32\qqstv.ini2 Has been deleted!

Attempting to delete C:\windows\system32\qqstv.tmp
C:\windows\system32\qqstv.tmp Has been deleted!

Attempting to delete C:\windows\system32\qstowmwy.dll
C:\windows\system32\qstowmwy.dll Has been deleted!

Attempting to delete C:\windows\system32\quqttole.dll
C:\windows\system32\quqttole.dll Has been deleted!

Attempting to delete C:\windows\system32\rdunhqih.exe
C:\windows\system32\rdunhqih.exe Has been deleted!

Attempting to delete C:\windows\system32\rojjoqbi.dll
C:\windows\system32\rojjoqbi.dll Has been deleted!

Attempting to delete C:\windows\system32\rqromll.dll
C:\windows\system32\rqromll.dll Has been deleted!

Attempting to delete C:\windows\system32\rqrpnkj.dll
C:\windows\system32\rqrpnkj.dll Has been deleted!

Attempting to delete C:\windows\system32\rqrpool.dll
C:\windows\system32\rqrpool.dll Has been deleted!

Attempting to delete C:\windows\system32\rqrpqno.dll
C:\windows\system32\rqrpqno.dll Has been deleted!

Attempting to delete C:\windows\system32\rqrqnop.dll
C:\windows\system32\rqrqnop.dll Has been deleted!

Attempting to delete C:\windows\system32\rqrqrpm.dll
C:\windows\system32\rqrqrpm.dll Has been deleted!

Attempting to delete C:\windows\system32\rqrsqnk.dll
C:\windows\system32\rqrsqnk.dll Has been deleted!

Attempting to delete C:\windows\system32\rqrsqqq.dll
C:\windows\system32\rqrsqqq.dll Has been deleted!

Attempting to delete C:\windows\system32\rqrsrqo.dll
C:\windows\system32\rqrsrqo.dll Has been deleted!

Attempting to delete C:\windows\system32\rrmidmkc.dll
C:\windows\system32\rrmidmkc.dll Has been deleted!

Attempting to delete C:\windows\system32\rxfbgrbe.dll
C:\windows\system32\rxfbgrbe.dll Has been deleted!

Attempting to delete C:\windows\system32\sarnwuec.dll
C:\windows\system32\sarnwuec.dll Has been deleted!

Attempting to delete C:\windows\system32\secliabg.ini
C:\windows\system32\secliabg.ini Has been deleted!

Attempting to delete C:\windows\system32\sfmbfbkv.dll
C:\windows\system32\sfmbfbkv.dll Has been deleted!

Attempting to delete C:\windows\system32\sjxybkrv.dll
C:\windows\system32\sjxybkrv.dll Has been deleted!

Attempting to delete C:\windows\system32\somtagyu.ini
C:\windows\system32\somtagyu.ini Has been deleted!

Attempting to delete C:\windows\system32\spwlsmvx.dll
C:\windows\system32\spwlsmvx.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\ssitrlfe.dll
C:\WINDOWS\system32\ssitrlfe.dll Has been deleted!

Attempting to delete C:\windows\system32\ssqnopo.dll
C:\windows\system32\ssqnopo.dll Has been deleted!

Attempting to delete C:\windows\system32\ssqoppq.dll
C:\windows\system32\ssqoppq.dll Has been deleted!

Attempting to delete C:\windows\system32\ssqpmjh.dll
C:\windows\system32\ssqpmjh.dll Has been deleted!

Attempting to delete C:\windows\system32\ssqrpom.dll
C:\windows\system32\ssqrpom.dll Has been deleted!

Attempting to delete C:\windows\system32\tanpdtom.dll
C:\windows\system32\tanpdtom.dll Has been deleted!

Attempting to delete C:\windows\system32\tntatrmp.dll
C:\windows\system32\tntatrmp.dll Has been deleted!

Attempting to delete C:\windows\system32\tqaunani.ini
C:\windows\system32\tqaunani.ini Has been deleted!

Attempting to delete C:\windows\system32\tuvspmk.dll
C:\windows\system32\tuvspmk.dll Has been deleted!

Attempting to delete C:\windows\system32\tuvtrpn.dll
C:\windows\system32\tuvtrpn.dll Has been deleted!

Attempting to delete C:\windows\system32\tuvturo.dll
C:\windows\system32\tuvturo.dll Has been deleted!

Attempting to delete C:\windows\system32\tuvustr.dll
C:\windows\system32\tuvustr.dll Has been deleted!

Attempting to delete C:\windows\system32\tuvwvut.dll
C:\windows\system32\tuvwvut.dll Has been deleted!

Attempting to delete C:\windows\system32\uanupvxf.exe
C:\windows\system32\uanupvxf.exe Has been deleted!

Attempting to delete C:\windows\system32\uortaivj.ini
C:\windows\system32\uortaivj.ini Has been deleted!

Attempting to delete C:\windows\system32\urqnonn.dll
C:\windows\system32\urqnonn.dll Has been deleted!

Attempting to delete C:\windows\system32\urqpqop.dll
C:\windows\system32\urqpqop.dll Has been deleted!

Attempting to delete C:\windows\system32\uygatmos.dll
C:\windows\system32\uygatmos.dll Has been deleted!

Attempting to delete C:\windows\system32\vgyhddvp.dll
C:\windows\system32\vgyhddvp.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\vtsqq.dll
C:\WINDOWS\system32\vtsqq.dll Has been deleted!

Attempting to delete C:\windows\system32\vturqrr.dll
C:\windows\system32\vturqrr.dll Has been deleted!

Attempting to delete C:\windows\system32\vtursqo.dll
C:\windows\system32\vtursqo.dll Has been deleted!

Attempting to delete C:\windows\system32\vtusqrq.dll
C:\windows\system32\vtusqrq.dll Has been deleted!

Attempting to delete C:\windows\system32\vtutqnn.dll
C:\windows\system32\vtutqnn.dll Has been deleted!

Attempting to delete C:\windows\system32\vtutqno.dll
C:\windows\system32\vtutqno.dll Has been deleted!

Attempting to delete C:\windows\system32\vuqjyrhs.exe
C:\windows\system32\vuqjyrhs.exe Has been deleted!

Attempting to delete C:\windows\system32\vyjtndox.ini
C:\windows\system32\vyjtndox.ini Has been deleted!

Attempting to delete C:\windows\system32\wbxhkrav.exe
C:\windows\system32\wbxhkrav.exe Has been deleted!

Attempting to delete C:\windows\system32\wpgnbhwv.exe
C:\windows\system32\wpgnbhwv.exe Has been deleted!

Attempting to delete C:\windows\system32\wvuvvsp.dll
C:\windows\system32\wvuvvsp.dll Has been deleted!

Attempting to delete C:\windows\system32\xcfnsjdl.dll
C:\windows\system32\xcfnsjdl.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\xcmilvar.dll
C:\WINDOWS\system32\xcmilvar.dll Has been deleted!

Attempting to delete C:\windows\system32\xmsirgjw.dll
C:\windows\system32\xmsirgjw.dll Has been deleted!

Attempting to delete C:\windows\system32\xodntjyv.dll
C:\windows\system32\xodntjyv.dll Has been deleted!

Attempting to delete C:\windows\system32\xrtbdonr.dll
C:\windows\system32\xrtbdonr.dll Has been deleted!

Attempting to delete C:\windows\system32\xvwscegn.dll
C:\windows\system32\xvwscegn.dll Has been deleted!

Attempting to delete C:\windows\system32\yayvsqp.dll
C:\windows\system32\yayvsqp.dll Has been deleted!

Attempting to delete C:\windows\system32\yayvwuu.dll
C:\windows\system32\yayvwuu.dll Has been deleted!

Attempting to delete C:\windows\system32\yfnidufp.exe
C:\windows\system32\yfnidufp.exe Has been deleted!

Attempting to delete C:\windows\system32\ynuhdpgw.dll
C:\windows\system32\ynuhdpgw.dll Has been deleted!

Attempting to delete C:\windows\system32\yrwpgopc.dll
C:\windows\system32\yrwpgopc.dll Has been deleted!

Attempting to delete C:\windows\system32\ysnnvdag.exe
C:\windows\system32\ysnnvdag.exe Has been deleted!

Attempting to delete C:\windows\system32\ywmwotsq.ini
C:\windows\system32\ywmwotsq.ini Has been deleted!

Performing Repairs to the registry.
Done!

2°)******************* VIRTUMONDOBEGONE *****************

[08/14/2007, 19:44:51] - VirtumundoBeGone v1.5 ( "C:\Documents and Settings\Eric\Bureau\VirtumundoBeGone.exe" )
[08/14/2007, 19:45:17] - Detected System Information:
[08/14/2007, 19:45:17] - Windows Version: 5.1.2600, Service Pack 2
[08/14/2007, 19:45:17] - Current Username: Eric (Admin)
[08/14/2007, 19:45:17] - Windows is in NORMAL mode.
[08/14/2007, 19:45:18] - Searching for Browser Helper Objects:
[08/14/2007, 19:45:18] - BHO 1: {0021996E-8D3C-41FD-92EE-1B8860D061C6} ()
[08/14/2007, 19:45:18] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/14/2007, 19:45:18] - No filename found. Continuing.
[08/14/2007, 19:45:18] - BHO 2: {03CC10C9-F090-4822-AE92-C66337C71732} ()
[08/14/2007, 19:45:18] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/14/2007, 19:45:18] - No filename found. Continuing.
[08/14/2007, 19:45:18] - BHO 3: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (Adobe PDF Reader Link Helper)
[08/14/2007, 19:45:18] - BHO 4: {08518F15-31BE-47E2-908E-3143E08D2C5A} ()
[08/14/2007, 19:45:18] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/14/2007, 19:45:18] - No filename found. Continuing.
[08/14/2007, 19:45:18] - BHO 5: {0E322036-AB20-4301-9AF4-EA6BCB3912C7} ()
[08/14/2007, 19:45:18] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/14/2007, 19:45:18] - No filename found. Continuing.
[08/14/2007, 19:45:18] - BHO 6: {11A2F8BB-A3D2-4E9E-833F-8CE926B53427} ()
[08/14/2007, 19:45:18] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/14/2007, 19:45:18] - No filename found. Continuing.
[08/14/2007, 19:45:18] - BHO 7: {1375CE95-712B-4150-A947-49B6090CC07B} ()
[08/14/2007, 19:45:18] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/14/2007, 19:45:18] - No filename found. Continuing.
[08/14/2007, 19:45:18] - BHO 8: {186E4195-F0F6-4E10-B781-B196EF029CED} ()
[08/14/2007, 19:45:18] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/14/2007, 19:45:18] - No filename found. Continuing.
[08/14/2007, 19:45:18] - BHO 9: {1CC0F117-BF84-43E6-98DD-CF548B3DABF0} ()
[08/14/2007, 19:45:18] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/14/2007, 19:45:18] - No filename found. Continuing.
[08/14/2007, 19:45:18] - BHO 10: {235F1E92-EEE8-4D32-8E83-FB41E1C7E4C3} ()
[08/14/2007, 19:45:18] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/14/2007, 19:45:18] - No filename found. Continuing.
[08/14/2007, 19:45:18] - BHO 11: {288135CC-C8F8-4EEA-8065-BC342AD0A749} ()
[08/14/2007, 19:45:18] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/14/2007, 19:45:18] - No filename found. Continuing.
[08/14/2007, 19:45:18] - BHO 12: {321563A7-B735-4553-89DD-1DA53FFE3548} ()
[08/14/2007, 19:45:18] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/14/2007, 19:45:18] - Checking for HKLM\...\Winlogon\Notify\qogcdkrw
[08/14/2007, 19:45:18] - Key not found: HKLM\...\Winlogon\Notify\qogcdkrw, continuing.
[08/14/2007, 19:45:18] - BHO 13: {3AE69987-979E-4962-8073-4F32C85CB67E} ()
[08/14/2007, 19:45:18] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/14/2007, 19:45:18] - No filename found. Continuing.
[08/14/2007, 19:45:18] - BHO 14: {40343BDA-8099-4334-85AE-C2B34A7F1488} ()
[08/14/2007, 19:45:18] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/14/2007, 19:45:18] - No filename found. Continuing.
[08/14/2007, 19:45:18] - BHO 15: {49621E1E-E1D1-450F-B855-FC85FEAA33A7} ()
[08/14/2007, 19:45:18] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/14/2007, 19:45:18] - No filename found. Continuing.
[08/14/2007, 19:45:18] - BHO 16: {5C7C8F90-DDCF-4841-A455-E26A2FE76BED} ()
[08/14/2007, 19:45:18] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/14/2007, 19:45:18] - No filename found. Continuing.
[08/14/2007, 19:45:18] - BHO 17: {672F52C1-7690-453B-ADEC-FFC215FA1028} ()
[08/14/2007, 19:45:18] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/14/2007, 19:45:18] - No filename found. Continuing.
[08/14/2007, 19:45:18] - BHO 18: {6C0E5A15-9B24-428A-9056-115624F9667B} ()
[08/14/2007, 19:45:18] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/14/2007, 19:45:18] - No filename found. Continuing.
[08/14/2007, 19:45:18] - BHO 19: {6D23D2DE-4D23-4C5E-A2AF-884B34D54A78} ()
[08/14/2007, 19:45:18] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/14/2007, 19:45:18] - No filename found. Continuing.
[08/14/2007, 19:45:18] - BHO 20: {732CFD74-45C6-424D-8BC1-9241B5537BFF} ()
[08/14/2007, 19:45:18] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/14/2007, 19:45:18] - No filename found. Continuing.
[08/14/2007, 19:45:18] - BHO 21: {746D60A9-EE31-470B-ACDD-7464277C108e} ()
[08/14/2007, 19:45:18] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/14/2007, 19:45:18] - Checking for HKLM\...\Winlogon\Notify\srbfnido
[08/14/2007, 19:45:18] - Key not found: HKLM\...\Winlogon\Notify\srbfnido, continuing.
[08/14/2007, 19:45:18] - BHO 22: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (SSVHelper Class)
[08/14/2007, 19:45:18] - BHO 23: {7A258C31-A6F5-451E-AA02-47CD4E6DDB10} ()
[08/14/2007, 19:45:18] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/14/2007, 19:45:18] - No filename found. Continuing.
[08/14/2007, 19:45:18] - BHO 24: {7AD910C0-FD04-4ED4-B31C-2142F39E70B7} ()
[08/14/2007, 19:45:18] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/14/2007, 19:45:18] - No filename found. Continuing.
[08/14/2007, 19:45:19] - BHO 25: {7B260288-81FC-432E-8016-B5A8EF43B028} ()
[08/14/2007, 19:45:19] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/14/2007, 19:45:19] - Checking for HKLM\...\Winlogon\Notify\vtsqq
[08/14/2007, 19:45:19] - Key not found: HKLM\...\Winlogon\Notify\vtsqq, continuing.
[08/14/2007, 19:45:19] - BHO 26: {7C7404BC-5320-4223-8451-86E03698702A} ()
[08/14/2007, 19:45:19] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/14/2007, 19:45:19] - No filename found. Continuing.
[08/14/2007, 19:45:19] - BHO 27: {8FC7693F-0131-4D4D-AFF9-10BDECDE6C5A} ()
[08/14/2007, 19:45:19] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/14/2007, 19:45:19] - No filename found. Continuing.
[08/14/2007, 19:45:19] - BHO 28: {902A33A8-936F-4CB4-8DCB-475B2897C7A1} ()
[08/14/2007, 19:45:19] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/14/2007, 19:45:19] - No filename found. Continuing.
[08/14/2007, 19:45:19] - BHO 29: {9030D464-4C02-4ABF-8ECC-5164760863C6} (Windows Live Sign-in Helper)
[08/14/2007, 19:45:19] - BHO 30: {9913E592-E543-4458-892F-6ABD3E1A8A2A} ()
[08/14/2007, 19:45:19] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/14/2007, 19:45:19] - No filename found. Continuing.
[08/14/2007, 19:45:19] - BHO 31: {9974EE55-870E-4B73-BFAD-FD73418DF836} ()
[08/14/2007, 19:45:19] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/14/2007, 19:45:19] - No filename found. Continuing.
[08/14/2007, 19:45:19] - BHO 32: {9DE542B7-13B8-47D4-AF34-D8814ABE49CC} ()
[08/14/2007, 19:45:19] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/14/2007, 19:45:19] - Checking for HKLM\...\Winlogon\Notify\vtsqq
[08/14/2007, 19:45:19] - Key not found: HKLM\...\Winlogon\Notify\vtsqq, continuing.
[08/14/2007, 19:45:19] - BHO 33: {A527F7DE-8BFC-4C96-A249-AAE6304BB0A5} ()
[08/14/2007, 19:45:19] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/14/2007, 19:45:19] - No filename found. Continuing.
[08/14/2007, 19:45:19] - BHO 34: {AC3338F2-CD57-43BF-8331-248F0BBAFC07} ()
[08/14/2007, 19:45:19] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/14/2007, 19:45:19] - No filename found. Continuing.
[08/14/2007, 19:45:19] - BHO 35: {BF1D72D9-86CA-409A-8748-0131419496BA} ()
[08/14/2007, 19:45:19] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/14/2007, 19:45:19] - No filename found. Continuing.
[08/14/2007, 19:45:19] - BHO 36: {C4BBCD00-C3C4-4A7A-A719-1C2E6A7FC66F} ()
[08/14/2007, 19:45:19] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/14/2007, 19:45:19] - No filename found. Continuing.
[08/14/2007, 19:45:19] - BHO 37: {C825AA87-7A7B-4532-8F77-187D42960D72} ()
[08/14/2007, 19:45:19] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/14/2007, 19:45:19] - No filename found. Continuing.
[08/14/2007, 19:45:19] - BHO 38: {CCDAD369-A4AE-48D9-A582-50EBABAA3E54} ()
[08/14/2007, 19:45:19] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/14/2007, 19:45:19] - Checking for HKLM\...\Winlogon\Notify\mljgd
[08/14/2007, 19:45:19] - Found: HKLM\...\Winlogon\Notify\mljgd - This is probably Virtumundo.
[08/14/2007, 19:45:19] - Assigning {CCDAD369-A4AE-48D9-A582-50EBABAA3E54} MSEvents Object
[08/14/2007, 19:45:19] - BHO list has been changed! Starting over...
[08/14/2007, 19:45:19] - BHO 1: {0021996E-8D3C-41FD-92EE-1B8860D061C6} ()
[08/14/2007, 19:45:19] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/14/2007, 19:45:19] - No filename found. Continuing.
[08/14/2007, 19:45:19] - BHO 2: {03CC10C9-F090-4822-AE92-C66337C71732} ()
[08/14/2007, 19:45:19] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/14/2007, 19:45:19] - No filename found. Continuing.
[08/14/2007, 19:45:19] - BHO 3: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (Adobe PDF Reader Link Helper)
[08/14/2007, 19:45:19] - BHO 4: {08518F15-31BE-47E2-908E-3143E08D2C5A} ()
[08/14/2007, 19:45:19] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/14/2007, 19:45:19] - No filename found. Continuing.
[08/14/2007, 19:45:19] - BHO 5: {0E322036-AB20-4301-9AF4-EA6BCB3912C7} ()
[08/14/2007, 19:45:19] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/14/2007, 19:45:19] - No filename found. Continuing.
[08/14/2007, 19:45:19] - BHO 6: {11A2F8BB-A3D2-4E9E-833F-8CE926B53427} ()
[08/14/2007, 19:45:19] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/14/2007, 19:45:19] - No filename found. Continuing.
[08/14/2007, 19:45:19] - BHO 7: {1375CE95-712B-4150-A947-49B6090CC07B} ()
[08/14/2007, 19:45:19] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/14/2007, 19:45:19] - No filename found. Continuing.
[08/14/2007, 19:45:19] - BHO 8: {186E4195-F0F6-4E10-B781-B196EF029CED} ()
[08/14/2007, 19:45:19] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/14/2007, 19:45:19] - No filename found. Continuing.
[08/14/2007, 19:45:19] - BHO 9: {1CC0F117-BF84-43E6-98DD-CF548B3DABF0} ()
[08/14/2007, 19:45:19] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/14/2007, 19:45:19] - No filename found. Continuing.
[08/14/2007, 19:45:19] - BHO 10: {235F1E92-EEE8-4D32-8E83-FB41E1C7E4C3} ()
[08/14/2007, 19:45:20] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/14/2007, 19:45:20] - No filename found. Continuing.
[08/14/2007, 19:45:20] - BHO 11: {288135CC-C8F8-4EEA-8065-BC342AD0A749} ()
[08/14/2007, 19:45:20] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/14/2007, 19:45:20] - No filename found. Continuing.
[08/14/2007, 19:45:20] - BHO 12: {321563A7-B735-4553-89DD-1DA53FFE3548} ()
[08/14/2007, 19:45:20] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/14/2007, 19:45:20] - Checking for HKLM\...\Winlogon\Notify\qogcdkrw
[08/14/2007, 19:45:20] - Key not found: HKLM\...\Winlogon\Notify\qogcdkrw, continuing.
[08/14/2007, 19:45:20] - BHO 13: {3AE69987-979E-4962-8073-4F32C85CB67E} ()
[08/14/2007, 19:45:20] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/14/2007, 19:45:20] - No filename found. Continuing.
[08/14/2007, 19:45:20] - BHO 14: {40343BDA-8099-4334-85AE-C2B34A7F1488} ()
[08/14/2007, 19:45:20] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/14/2007, 19:45:20] - No filename found. Continuing.
[08/14/2007, 19:45:20] - BHO 15: {49621E1E-E1D1-450F-B855-FC85FEAA33A7} ()
[08/14/2007, 19:45:20] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/14/2007, 19:45:20] - No filename found. Continuing.
[08/14/2007, 19:45:20] - BHO 16: {5C7C8F90-DDCF-4841-A455-E26A2FE76BED} ()
[08/14/2007, 19:45:20] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/14/2007, 19:45:20] - No filename found. Continuing.
[08/14/2007, 19:45:20] - BHO 17: {672F52C1-7690-453B-ADEC-FFC215FA1028} ()
[08/14/2007, 19:45:20] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/14/2007, 19:45:20] - No filename found. Continuing.
[08/14/2007, 19:45:20] - BHO 18: {6C0E5A15-9B24-428A-9056-115624F9667B} ()
[08/14/2007, 19:45:20] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/14/2007, 19:45:20] - No filename found. Continuing.
[08/14/2007, 19:45:20] - BHO 19: {6D23D2DE-4D23-4C5E-A2AF-884B34D54A78} ()
[08/14/2007, 19:45:20] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/14/2007, 19:45:20] - No filename found. Continuing.
[08/14/2007, 19:45:20] - BHO 20: {732CFD74-45C6-424D-8BC1-9241B5537BFF} ()
[08/14/2007, 19:45:20] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/14/2007, 19:45:20] - No filename found. Continuing.
[08/14/2007, 19:45:20] - BHO 21: {746D60A9-EE31-470B-ACDD-7464277C108e} ()
[08/14/2007, 19:45:20] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/14/2007, 19:45:20] - Checking for HKLM\...\Winlogon\Notify\srbfnido
[08/14/2007, 19:45:20] - Key not found: HKLM\...\Winlogon\Notify\srbfnido, continuing.
[08/14/2007, 19:45:20] - BHO 22: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (SSVHelper Class)
[08/14/2007, 19:45:20] - BHO 23: {7A258C31-A6F5-451E-AA02-47CD4E6DDB10} ()
[08/14/2007, 19:45:20] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/14/2007, 19:45:20] - No filename found. Continuing.
[08/14/2007, 19:45:20] - BHO 24: {7AD910C0-FD04-4ED4-B31C-2142F39E70B7} ()
[08/14/2007, 19:45:20] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/14/2007, 19:45:20] - No filename found. Continuing.
[08/14/2007, 19:45:20] - BHO 25: {7B260288-81FC-432E-8016-B5A8EF43B028} ()
[08/14/2007, 19:45:20] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/14/2007, 19:45:20] - Checking for HKLM\...\Winlogon\Notify\vtsqq
[08/14/2007, 19:45:20] - Key not found: HKLM\...\Winlogon\Notify\vtsqq, continuing.
[08/14/2007, 19:45:20] - BHO 26: {7C7404BC-5320-4223-8451-86E03698702A} ()
[08/14/2007, 19:45:20] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/14/2007, 19:45:20] - No filename found. Continuing.
[08/14/2007, 19:45:20] - BHO 27: {8FC7693F-0131-4D4D-AFF9-10BDECDE6C5A} ()
[08/14/2007, 19:45:20] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/14/2007, 19:45:20] - No filename found. Continuing.
[08/14/2007, 19:45:20] - BHO 28: {902A33A8-936F-4CB4-8DCB-475B2897C7A1} ()
[08/14/2007, 19:45:20] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/14/2007, 19:45:20] - No filename found. Continuing.
[08/14/2007, 19:45:20] - BHO 29: {9030D464-4C02-4ABF-8ECC-5164760863C6} (Windows Live Sign-in Helper)
[08/14/2007, 19:45:20] - BHO 30: {9913E592-E543-4458-892F-6ABD3E1A8A2A} ()
[08/14/2007, 19:45:20] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/14/2007, 19:45:20] - No filename found. Continuing.
[08/14/2007, 19:45:20] - BHO 31: {9974EE55-870E-4B73-BFAD-FD73418DF836} ()
[08/14/2007, 19:45:20] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/14/2007, 19:45:20] - No filename found. Continuing.
[08/14/2007, 19:45:20] - BHO 32: {9DE542B7-13B8-47D4-AF34-D8814ABE49CC} ()
[08/14/2007, 19:45:20] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/14/2007, 19:45:20] - Checking for HKLM\...\Winlogon\Notify\vtsqq
[08/14/2007, 19:45:20] - Key not found: HKLM\...\Winlogon\Notify\vtsqq, continuing.
[08/14/2007, 19:45:20] - BHO 33: {A527F7DE-8BFC-4C96-A249-AAE6304BB0A5} ()
[08/14/2007, 19:45:20] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/14/2007, 19:45:20] - No filename found. Continuing.
[08/14/2007, 19:45:20] - BHO 34: {AC3338F2-CD57-43BF-8331-248F0BBAFC07} ()
[08/14/2007, 19:45:21] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/14/2007, 19:45:21] - No filename found. Continuing.
[08/14/2007, 19:45:21] - BHO 35: {BF1D72D9-86CA-409A-8748-0131419496BA} ()
[08/14/2007, 19:45:21] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/14/2007, 19:45:21] - No filename found. Continuing.
[08/14/2007, 19:45:21] - BHO 36: {C4BBCD00-C3C4-4A7A-A719-1C2E6A7FC66F} ()
[08/14/2007, 19:45:21] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/14/2007, 19:45:21] - No filename found. Continuing.
[08/14/2007, 19:45:21] - BHO 37: {C825AA87-7A7B-4532-8F77-187D42960D72} ()
[08/14/2007, 19:45:21] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/14/2007, 19:45:21] - No filename found. Continuing.
[08/14/2007, 19:45:21] - BHO 38: {CCDAD369-A4AE-48D9-A582-50EBABAA3E54} (MSEvents Object)
[08/14/2007, 19:45:21] - ALERT: Found MSEvents Object!
[08/14/2007, 19:45:21] - BHO 39: {CE008378-84E2-4295-BE55-40DC41419817} ()
[08/14/2007, 19:45:21] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/14/2007, 19:45:21] - Checking for HKLM\...\Winlogon\Notify\mljgd
[08/14/2007, 19:45:21] - Found: HKLM\...\Winlogon\Notify\mljgd - This is probably Virtumundo.
[08/14/2007, 19:45:21] - Assigning {CE008378-84E2-4295-BE55-40DC41419817} MSEvents Object
[08/14/2007, 19:45:21] - BHO list has been changed! Starting over...
[08/14/2007, 19:45:21] - BHO 1: {0021996E-8D3C-41FD-92EE-1B8860D061C6} ()
[08/14/2007, 19:45:21] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/14/2007, 19:45:21] - No filename found. Continuing.
[08/14/2007, 19:45:21] - BHO 2: {03CC10C9-F090-4822-AE92-C66337C71732} ()
[08/14/2007, 19:45:21] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/14/2007, 19:45:21] - No filename found. Continuing.
[08/14/2007, 19:45:21] - BHO 3: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (Adobe PDF Reader Link Helper)
[08/14/2007, 19:45:21] - BHO 4: {08518F15-31BE-47E2-908E-3143E08D2C5A} ()
[08/14/2007, 19:45:21] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/14/2007, 19:45:21] - No filename found. Continuing.
[08/14/2007, 19:45:21] - BHO 5: {0E322036-AB20-4301-9AF4-EA6BCB3912C7} ()
[08/14/2007, 19:45:21] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/14/2007, 19:45:21] - No filename found. Continuing.
[08/14/2007, 19:45:21] - BHO 6: {11A2F8BB-A3D2-4E9E-833F-8CE926B53427} ()
[08/14/2007, 19:45:21] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/14/2007, 19:45:21] - No filename found. Continuing.
[08/14/2007, 19:45:21] - BHO 7: {1375CE95-712B-4150-A947-49B6090CC07B} ()
[08/14/2007, 19:45:21] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/14/2007, 19:45:21] - No filename found. Continuing.
[08/14/2007, 19:45:21] - BHO 8: {186E4195-F0F6-4E10-B781-B196EF029CED} ()
[08/14/2007, 19:45:21] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/14/2007, 19:45:21] - No filename found. Continuing.
[08/14/2007, 19:45:21] - BHO 9: {1CC0F117-BF84-43E6-98DD-CF548B3DABF0} ()
[08/14/2007, 19:45:21] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/14/2007, 19:45:21] - No filename found. Continuing.
[08/14/2007, 19:45:21] - BHO 10: {235F1E92-EEE8-4D32-8E83-FB41E1C7E4C3} ()
[08/14/2007, 19:45:21] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/14/2007, 19:45:21] - No filename found. Continuing.
[08/14/2007, 19:45:21] - BHO 11: {288135CC-C8F8-4EEA-8065-BC342AD0A749} ()
[08/14/2007, 19:45:21] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/14/2007, 19:45:21] - No filename found. Continuing.
[08/14/2007, 19:45:21] - BHO 12: {321563A7-B735-4553-89DD-1DA53FFE3548} ()
[08/14/2007, 19:45:21] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/14/2007, 19:45:21] - Checking for HKLM\...\Winlogon\Notify\qogcdkrw
[08/14/2007, 19:45:21] - Key not found: HKLM\...\Winlogon\Notify\qogcdkrw, continuing.
[08/14/2007, 19:45:21] - BHO 13: {3AE69987-979E-4962-8073-4F32C85CB67E} ()
[08/14/2007, 19:45:21] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/14/2007, 19:45:21] - No filename found. Continuing.
[08/14/2007, 19:45:21] - BHO 14: {40343BDA-8099-4334-85AE-C2B34A7F1488} ()
[08/14/2007, 19:45:21] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/14/2007, 19:45:21] - No filename found. Continuing.
[08/14/2007, 19:45:21] - BHO 15: {49621E1E-E1D1-450F-B855-FC85FEAA33A7} ()
[08/14/2007, 19:45:21] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/14/2007, 19:45:21] - No filename found. Continuing.
[08/14/2007, 19:45:21] - BHO 16: {5C7C8F90-DDCF-4841-A455-E26A2FE76BED} ()
[08/14/2007, 19:45:21] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/14/2007, 19:45:21] - No filename found. Continuing.
[08/14/2007, 19:45:21] - BHO 17: {672F52C1-7690-453B-ADEC-FFC215FA1028} ()
[08/14/2007, 19:45:21] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/14/2007, 19:45:21] - No filename found. Continuing.
[08/14/2007, 19:45:21] - BHO 18: {6C0E5A15-9B24-428A-9056-115624F9667B} ()
[08/14/2007, 19:45:21] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/14/2007, 19:45:22] - No filename found. Continuing.
[08/14/2007, 19:45:22] - BHO 19: {6D23D2DE-4D23-4C5E-A2AF-884B34D54A78} ()
[08/14/2007, 19:45:22] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/14/2007, 19:45:22] - No filename found. Continuing.
[08/14/2007, 19:45:22] - BHO 20: {732CFD74-45C6-424D-8BC1-9241B5537BFF} ()
[08/14/2007, 19:45:22] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/14/2007, 19:45:22] - No filename found. Continuing.
[08/14/2007, 19:45:22] - BHO 21: {746D60A9-EE31-470B-ACDD-7464277C108e} ()
[08/14/2007, 19:45:22] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/14/2007, 19:45:22] - Checking for HKLM\...\Winlogon\Notify\srbfnido
[08/14/2007, 19:45:22] - Key not found: HKLM\...\Winlogon\Notify\srbfnido, continuing.
[08/14/2007, 19:45:22] - BHO 22: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (SSVHelper Class)
[08/14/2007, 19:45:22] - BHO 23: {7A258C31-A6F5-451E-AA02-47CD4E6DDB10} ()
[08/14/2007, 19:45:22] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/14/2007, 19:45:22] - No filename found. Continuing.
[08/14/2007, 19:45:22] - BHO 24: {7AD910C0-FD04-4ED4-B31C-2142F39E70B7} ()
[08/14/2007, 19:45:22] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/14/2007, 19:45:22] - No filename found. Continuing.
[08/14/2007, 19:45:22] - BHO 25: {7B260288-81FC-432E-8016-B5A8EF43B028} ()
[08/14/2007, 19:45:22] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/14/2007, 19:45:22] - Checking for HKLM\...\Winlogon\Notify\vtsqq
[08/14/2007, 19:45:22] - Key not found: HKLM\...\Winlogon\Notify\vtsqq, continuing.
[08/14/2007, 19:45:22] - BHO 26: {7C7404BC-5320-4223-8451-86E03698702A} ()
[08/14/2007, 19:45:22] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/14/2007, 19:45:22] - No filename found. Continuing.
[08/14/2007, 19:45:22] - BHO 27: {8FC7693F-0131-4D4D-AFF9-10BDECDE6C5A} ()
[08/14/2007, 19:45:22] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/14/2007, 19:45:22] - No filename found. Continuing.
[08/14/2007, 19:45:22] - BHO 28: {902A33A8-936F-4CB4-8DCB-475B2897C7A1} ()
[08/14/2007, 19:45:22] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/14/2007, 19:45:22] - No filename found. Continuing.
[08/14/2007, 19:45:22] - BHO 29: {9030D464-4C02-4ABF-8ECC-5164760863C6} (Windows Live Sign-in Helper)
[08/14/2007, 19:45:22] - BHO 30: {9913E592-E543-4458-892F-6ABD3E1A8A2A} ()
[08/14/2007, 19:45:22] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/14/2007, 19:45:22] - No filename found. Continuing.
[08/14/2007, 19:45:22] - BHO 31: {9974EE55-870E-4B73-BFAD-FD73418DF836} ()
[08/14/2007, 19:45:22] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/14/2007, 19:45:22] - No filename found. Continuing.
[08/14/2007, 19:45:22] - BHO 32: {9DE542B7-13B8-47D4-AF34-D8814ABE49CC} ()
[08/14/2007, 19:45:22] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/14/2007, 19:45:22] - Checking for HKLM\...\Winlogon\Notify\vtsqq
[08/14/2007, 19:45:22] - Key not found: HKLM\...\Winlogon\Notify\vtsqq, continuing.
[08/14/2007, 19:45:22] - BHO 33: {A527F7DE-8BFC-4C96-A249-AAE6304BB0A5} ()
[08/14/2007, 19:45:22] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/14/2007, 19:45:22] - No filename found. Continuing.
[08/14/2007, 19:45:22] - BHO 34: {AC3338F2-CD57-43BF-8331-248F0BBAFC07} ()
[08/14/2007, 19:45:22] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/14/2007, 19:45:22] - No filename found. Continuing.
[08/14/2007, 19:45:22] - BHO 35: {BF1D72D9-86CA-409A-8748-0131419496BA} ()
[08/14/2007, 19:45:22] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/14/2007, 19:45:22] - No filename found. Continuing.
[08/14/2007, 19:45:22] - BHO 36: {C4BBCD00-C3C4-4A7A-A719-1C2E6A7FC66F} ()
[08/14/2007, 19:45:22] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/14/2007, 19:45:22] - No filename found. Continuing.
[08/14/2007, 19:45:22] - BHO 37: {C825AA87-7A7B-4532-8F77-187D42960D72} ()
[08/14/2007, 19:45:22] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/14/2007, 19:45:22] - No filename found. Continuing.
[08/14/2007, 19:45:22] - BHO 38: {CCDAD369-A4AE-48D9-A582-50EBABAA3E54} (MSEvents Object)
[08/14/2007, 19:45:22] - ALERT: Found MSEvents Object!
[08/14/2007, 19:45:22] - BHO 39: {CE008378-84E2-4295-BE55-40DC41419817} (MSEvents Object)
[08/14/2007, 19:45:22] - ALERT: Found MSEvents Object!
[08/14/2007, 19:45:22] - BHO 40: {E6024CC5-0E6E-4667-B0AC-EDCEA71FA689} ()
[08/14/2007, 19:45:22] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/14/2007, 19:45:22] - No filename found. Continuing.
[08/14/2007, 19:45:22] - BHO 41: {ED5E1A40-89F4-4C30-AED7-3E9F4DCC07BE} ()
[08/14/2007, 19:45:22] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/14/2007, 19:45:22] - No filename found. Continuing.
[08/14/2007, 19:45:22] - BHO 42: {ED86C1DC-5B7C-4228-AC05-54DA0BB8A999} ()
[08/14/2007, 19:45:22] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/14/2007, 19:45:22] - No filename found. Continuing.
[08/14/2007, 19:45:22] - BHO 43: {F2354E76-8724-4E0C-AFE8-04030E0981F4} ()
[08/14/2007, 19:45:23] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/14/2007, 19:45:23] - No filename found. Continuing.
[08/14/2007, 19:45:23] - BHO 44: {F2BF9C04-0BA9-4C8A-ACDE-DFF2033FBF8F} ()
[08/14/2007, 19:45:23] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/14/2007, 19:45:23] - No filename found. Continuing.
[08/14/2007, 19:45:23] - Finished Searching Browser Helper Objects
[08/14/2007, 19:45:23] - *** Detected MSEvents Object
[08/14/2007, 19:45:23] - Trying to remove MSEvents Object...
[08/14/2007, 19:45:24] - Terminating Process: IEXPLORE.EXE
[08/14/2007, 19:45:24] - Terminating Process: RUNDLL32.EXE
[08/14/2007, 19:45:24] - Disabling Automatic Shell Restart
[08/14/2007, 19:45:24] - Terminating Process: EXPLORER.EXE
[08/14/2007, 19:45:24] - Suspending the NT Session Manager System Service
[08/14/2007, 19:45:24] - Terminating Windows NT Logon/Logoff Manager
[08/14/2007, 19:45:25] - Re-enabling Automatic Shell Restart
[08/14/2007, 19:45:25] - File to disable: C:\WINDOWS\system32\mljgd.dll
[08/14/2007, 19:45:25] - Removing HKLM\...\Browser Helper Objects\{CCDAD369-A4AE-48D9-A582-50EBABAA3E54}
[08/14/2007, 19:45:25] - Removing HKCR\CLSID\{CCDAD369-A4AE-48D9-A582-50EBABAA3E54}
[08/14/2007, 19:45:25] - Adding Kill Bit for ActiveX for GUID: {CCDAD369-A4AE-48D9-A582-50EBABAA3E54}
[08/14/2007, 19:45:25] - Deleting ATLEvents/MSEvents Registry entries
[08/14/2007, 19:45:25] - Removing HKLM\...\Winlogon\Notify\mljgd
[08/14/2007, 19:45:25] - Searching for Browser Helper Objects:
[08/14/2007, 19:45:25] - BHO 1: {0021996E-8D3C-41FD-92EE-1B8860D061C6} ()
[08/14/2007, 19:45:25] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/14/2007, 19:45:25] - No filename found. Continuing.
[08/14/2007, 19:45:25] - BHO 2: {03CC10C9-F090-4822-AE92-C66337C71732} ()
[08/14/2007, 19:45:25] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/14/2007, 19:45:25] - No filename found. Continuing.
[08/14/2007, 19:45:25] - BHO 3: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (Adobe PDF Reader Link Helper)
[08/14/2007, 19:45:25] - BHO 4: {08518F15-31BE-47E2-908E-3143E08D2C5A} ()
[08/14/2007, 19:45:25] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/14/2007, 19:45:25] - No filename found. Continuing.
[08/14/2007, 19:45:25] - BHO 5: {0E322036-AB20-4301-9AF4-EA6BCB3912C7} ()
[08/14/2007, 19:45:25] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/14/2007, 19:45:25] - No filename found. Continuing.
[08/14/2007, 19:45:25] - BHO 6: {11A2F8BB-A3D2-4E9E-833F-8CE926B53427} ()
[08/14/2007, 19:45:25] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/14/2007, 19:45:25] - No filename found. Continuing.
[08/14/2007, 19:45:25] - BHO 7: {1375CE95-712B-4150-A947-49B6090CC07B} ()
[08/14/2007, 19:45:25] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/14/2007, 19:45:25] - No filename found. Continuing.
[08/14/2007, 19:45:25] - BHO 8: {186E4195-F0F6-4E10-B781-B196EF029CED} ()
[08/14/2007, 19:45:25] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/14/2007, 19:45:25] - No filename found. Continuing.
[08/14/2007, 19:45:25] - BHO 9: {1CC0F117-BF84-43E6-98DD-CF548B3DABF0} ()
[08/14/2007, 19:45:25] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/14/2007, 19:45:25] - No filename found. Continuing.
[08/14/2007, 19:45:25] - BHO 10: {235F1E92-EEE8-4D32-8E83-FB41E1C7E4C3} ()
[08/14/2007, 19:45:25] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/14/2007, 19:45:25] - No filename found. Continuing.
[08/14/2007, 19:45:25] - BHO 11: {288135CC-C8F8-4EEA-8065-BC342AD0A749} ()
[08/14/2007, 19:45:25] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/14/2007, 19:45:25] - No filename found. Continuing.
[08/14/2007, 19:45:25] - BHO 12: {321563A7-B735-4553-89DD-1DA53FFE3548} ()
[08/14/2007, 19:45:25] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/14/2007, 19:45:25] - Checking for HKLM\...\Winlogon\Notify\qogcdkrw
[08/14/2007, 19:45:25] - Key not found: HKLM\...\Winlogon\Notify\qogcdkrw, continuing.
[08/14/2007, 19:45:25] - BHO 13: {3AE69987-979E-4962-8073-4F32C85CB67E} ()
[08/14/2007, 19:45:25] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/14/2007, 19:45:25] - No filename found. Continuing.
[08/14/2007, 19:45:25] - BHO 14: {40343BDA-8099-4334-85AE-C2B34A7F1488} ()
[08/14/2007, 19:45:25] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/14/2007, 19:45:25] - No filename found. Continuing.
[08/14/2007, 19:45:25] - BHO 15: {49621E1E-E1D1-450F-B855-FC85FEAA33A7} ()
[08/14/2007, 19:45:25] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/14/2007, 19:45:25] - No filename found. Continuing.
[08/14/2007, 19:45:25] - BHO 16: {5C7C8F90-DDCF-4841-A455-E26A2FE76BED} ()
[08/14/2007, 19:45:25] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/14/2007, 19:45:25] - No filename found. Continuing.
[08/14/2007, 19:45:25] - BHO 17: {672F52C1-7690-453B-ADEC-FFC215FA1028} ()
[08/14/2007, 19:45:25] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/14/2007, 19:45:25] - No filename found. Continuing.
[08/14/2007, 19:45:25] - BHO 18: {6C0E5A15-9B24-428A-9056-115624F9667B} ()
[08/14/2007, 19:45:25] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/14/2007, 19:45:25] - No filename found. Continuing.
[08/14/2007, 19:45:25] - BHO 19: {6D23D2DE-4D23-4C5E-A2AF-884B34D54A78} ()
[08/14/2007, 19:45:25] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/14/2007, 19:45:25] - No filename found. Continuing.
[08/14/2007, 19:45:25] - BHO 20: {732CFD74-45C6-424D-8BC1-9241B5537BFF} ()
[08/14/2007, 19:45:25] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/14/2007, 19:45:25] - No filename found. Continuing.
[08/14/2007, 19:45:25] - BHO 21: {746D60A9-EE31-470B-ACDD-7464277C108e} ()
[08/14/2007, 19:45:25] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/14/2007, 19:45:25] - Checking for HKLM\...\Winlogon\Notify\srbfnido
[08/14/2007, 19:45:25] - Key not found: HKLM\...\Winlogon\Notify\srbfnido, continuing.
[08/14/2007, 19:45:26] - BHO 22: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (SSVHelper Class)
[08/14/2007, 19:45:26] - BHO 23: {7A258C31-A6F5-451E-AA02-47CD4E6DDB10} ()
[08/14/2007, 19:45:26] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/14/2007, 19:45:26] - No filename found. Continuing.
[08/14/2007, 19:45:26] - BHO 24: {7AD910C0-FD04-4ED4-B31C-2142F39E70B7} ()
[08/14/2007, 19:45:26] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/14/2007, 19:45:26] - No filename found. Continuing.
[08/14/2007, 19:45:26] - BHO 25: {7B260288-81FC-432E-8016-B5A8EF43B028} ()
[08/14/2007, 19:45:26] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/14/2007, 19:45:26] - Checking for HKLM\...\Winlogon\Notify\vtsqq
[08/14/2007, 19:45:26] - Key not found: HKLM\...\Winlogon\Notify\vtsqq, continuing.
[08/14/2007, 19:45:26] - BHO 26: {7C7404BC-5320-4223-8451-86E03698702A} ()
[08/14/2007, 19:45:26] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/14/2007, 19:45:26] - No filename found. Continuing.
[08/14/2007, 19:45:26] - BHO 27: {8FC7693F-0131-4D4D-AFF9-10BDECDE6C5A} ()
[08/14/2007, 19:45:26] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/14/2007, 19:45:26] - No filename found. Continuing.
[08/14/2007, 19:45:26] - BHO 28: {902A33A8-936F-4CB4-8DCB-475B2897C7A1} ()
[08/14/2007, 19:45:26] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/14/2007, 19:45:26] - No filename found. Continuing.
[08/14/2007, 19:45:26] - BHO 29: {9030D464-4C02-4ABF-8ECC-5164760863C6} (Windows Live Sign-in Helper)
[08/14/2007, 19:45:26] - BHO 30: {9913E592-E543-4458-892F-6ABD3E1A8A2A} ()
[08/14/2007, 19:45:26] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/14/2007, 19:45:26] - No filename found. Continuing.
[08/14/2007, 19:45:26] - BHO 31: {9974EE55-870E-4B73-BFAD-FD73418DF836} ()
[08/14/2007, 19:45:26] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/14/2007, 19:45:26] - No filename found. Continuing.
[08/14/2007, 19:45:26] - BHO 32: {9DE542B7-13B8-47D4-AF34-D8814ABE49CC} ()
[08/14/2007, 19:45:26] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/14/2007, 19:45:26] - Checking for HKLM\...\Winlogon\Notify\vtsqq
[08/14/2007, 19:45:26] - Key not found: HKLM\...\Winlogon\Notify\vtsqq, continuing.
[08/14/2007, 19:45:26] - BHO 33: {A527F7DE-8BFC-4C96-A249-AAE6304BB0A5} ()
[08/14/2007, 19:45:26] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/14/2007, 19:45:26] - No filename found. Continuing.
[08/14/2007, 19:45:26] - BHO 34: {AC3338F2-CD57-43BF-8331-248F0BBAFC07} ()
[08/14/2007, 19:45:26] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/14/2007, 19:45:26] - No filename found. Continuing.
[08/14/2007, 19:45:26] - BHO 35: {BF1D72D9-86CA-409A-8748-0131419496BA} ()
[08/14/2007, 19:45:26] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/14/2007, 19:45:26] - No filename found. Continuing.
[08/14/2007, 19:45:26] - BHO 36: {C4BBCD00-C3C4-4A7A-A719-1C2E6A7FC66F} ()
[08/14/2007, 19:45:26] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/14/2007, 19:45:26] - No filename found. Continuing.
[08/14/2007, 19:45:26] - BHO 37: {C825AA87-7A7B-4532-8F77-187D42960D72} ()
[08/14/2007, 19:45:26] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/14/2007, 19:45:26] - No filename found. Continuing.
[08/14/2007, 19:45:26] - BHO 38: {CE008378-84E2-4295-BE55-40DC41419817} (MSEvents Object)
[08/14/2007, 19:45:26] - ALERT: Found MSEvents Object!
[08/14/2007, 19:45:26] - BHO 39: {E6024CC5-0E6E-4667-B0AC-EDCEA71FA689} ()
[08/14/2007, 19:45:26] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/14/2007, 19:45:26] - No filename found. Continuing.
[08/14/2007, 19:45:26] - BHO 40: {ED5E1A40-89F4-4C30-AED7-3E9F4DCC07BE} ()
[08/14/2007, 19:45:26] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/14/2007, 19:45:26] - No filename found. Continuing.
[08/14/2007, 19:45:26] - BHO 41: {ED86C1DC-5B7C-4228-AC05-54DA0BB8A999} ()
[08/14/2007, 19:45:26] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/14/2007, 19:45:26] - No filename found. Continuing.
[08/14/2007, 19:45:26] - BHO 42: {F2354E76-8724-4E0C-AFE8-04030E0981F4} ()
[08/14/2007, 19:45:26] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/14/2007, 19:45:26] - No filename found. Continuing.
[08/14/2007, 19:45:26] - BHO 43: {F2BF9C04-0BA9-4C8A-ACDE-DFF2033FBF8F} ()
[08/14/2007, 19:45:26] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/14/2007, 19:45:26] - No filename found. Continuing.
[08/14/2007, 19:45:26] - Finished Searching Browser Helper Objects
[08/14/2007, 19:45:26] - *** Detected MSEvents Object
[08/14/2007, 19:45:26] - Trying to remove MSEvents Object...
[08/14/2007, 19:45:27] - Terminating Process: IEXPLORE.EXE
[08/14/2007, 19:45:27] - Terminating Process: RUNDLL32.EXE
[08/14/2007, 19:45:28] - Disabling Automatic Shell Restart
[08/14/2007, 19:45:28] - Terminating Process: EXPLORER.EXE
[08/14/2007, 19:45:28] - Suspending the NT Session Manager System Service
[08/14/2007, 19:45:28] - Terminating Windows NT Logon/Logoff Manager
[08/14/2007, 19:45:28] - Re-enabling Automatic Shell Restart
[08/14/2007, 19:45:28] - File to disable: C:\WINDOWS\system32\mljgd.dll
[08/14/2007, 19:45:28] - Removing HKLM\...\Browser Helper Objects\{CE008378-84E2-4295-BE55-40DC41419817}
[08/14/2007, 19:45:28] - Removing HKCR\CLSID\{CE008378-84E2-4295-BE55-40DC41419817}
[08/14/2007, 19:45:28] - Adding Kill Bit for ActiveX for GUID: {CE008378-84E2-4295-BE55-40DC41419817}
[08/14/2007, 19:45:28] - Deleting ATLEvents/MSEvents Registry entries
[08/14/2007, 19:45:28] - Removing HKLM\...\Winlogon\Notify\mljgd
[08/14/2007, 19:45:28] - Searching for Browser Helper Objects:
[08/14/2007, 19:45:28] - BHO 1: {0021996E-8D3C-41FD-92EE-1B8860D061C6} ()
[08/14/2007, 19:45:28] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/14/2007, 19:45:28] - No filename found. Continuing.
[08/14/2007, 19:45:28] - BHO 2: {03CC10C9-F090-4822-AE92-C66337C71732} ()
[08/14/2007, 19:45:28] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/14/2007, 19:45:28] - No filename found. Continuing.
[08/14/2007, 19:45:28] - BHO 3: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (Adobe PDF Reader Link Helper)
[08/14/2007, 19:45:28] - BHO 4: {08518F15-31BE-47E2-908E-3143E08D2C5A} ()
[08/14/2007, 19:45:28] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/14/2007, 19:45:28] - No filename found. Continuing.
[08/14/2007, 19:45:28] - BHO 5: {0E322036-AB20-4301-9AF4-EA6BCB3912C7} ()
[08/14/2007, 19:45:28] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/14/2007, 19:45:28] - No filename found. Continuing.
[08/14/2007, 19:45:28] - BHO 6: {11A2F8BB-A3D2-4E9E-833F-8CE926B53427} ()
[08/14/2007, 19:45:28] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/14/2007, 19:45:28] - No filename found. Continuing.
[08/14/2007, 19:45:28] - BHO 7: {1375CE95-712B-4150-A947-49B6090CC07B} ()
[08/14/2007, 19:45:28] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/14/2007, 19:45:28] - No filename found. Continuing.
[08/14/2007, 19:45:28] - BHO 8: {186E4195-F0F6-4E10-B781-B196EF029CED} ()
[08/14/2007, 19:45:28] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/14/2007, 19:45:28] - No filename found. Continuing.
[08/14/2007, 19:45:28] - BHO 9: {1CC0F117-BF84-43E6-98DD-CF548B3DABF0} ()
[08/14/2007, 19:45:28] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/14/2007, 19:45:28] - No filename found. Continuing.
[08/14/2007, 19:45:28] - BHO 10: {235F1E92-EEE8-4D32-8E83-FB41E1C7E4C3} ()
[08/14/2007, 19:45:28] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/14/2007, 19:45:28] - No filename found. Continuing.
[08/14/2007, 19:45:28] - BHO 11: {288135CC-C8F8-4EEA-8065-BC342AD0A749} ()
[08/14/2007, 19:45:28] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/14/2007, 19:45:28] - No filename found. Continuing.
[08/14/2007, 19:45:28] - BHO 12: {321563A7-B735-4553-89DD-1DA53FFE3548} ()
[08/14/2007, 19:45:28] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/14/2007, 19:45:28] - Checking for HKLM\...\Winlogon\Notify\qogcdkrw
[08/14/2007, 19:45:28] - Key not found: HKLM\...\Winlogon\Notify\qogcdkrw, continuing.
[08/14/2007, 19:45:28] - BHO 13: {3AE69987-979E-4962-8073-4F32C85CB67E} ()
[08/14/2007, 19:45:28] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/14/2007, 19:45:28] - No filename found. Continuing.
[08/14/2007, 19:45:28] - BHO 14: {40343BDA-8099-4334-85AE-C2B34A7F1488} ()
[08/14/2007, 19:45:28] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/14/2007, 19:45:28] - No filename found. Continuing.
[08/14/2007, 19:45:28] - BHO 15: {49621E1E-E1D1-450F-B855-FC85FEAA33A7} ()
[08/14/2007, 19:45:28] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/14/2007, 19:45:28] - No filename found. Continuing.
[08/14/2007, 19:45:28] - BHO 16: {5C7C8F90-DDCF-4841-A455-E26A2FE76BED} ()
[08/14/2007, 19:45:28] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/14/2007, 19:45:29] - No filename found. Continuing.
[08/14/2007, 19:45:29] - BHO 17: {672F52C1-7690-453B-ADEC-FFC215FA1028} ()
[08/14/2007, 19:45:29] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/14/2007, 19:45:29] - No filename found. Continuing.
[08/14/2007, 19:45:29] - BHO 18: {6C0E5A15-9B24-428A-9056-115624F9667B} ()
[08/14/2007, 19:45:29] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/14/2007, 19:45:29] - No filename found. Continuing.
[08/14/2007, 19:45:29] - BHO 19: {6D23D2DE-4D23-4C5E-A2AF-884B34D54A78} ()
[08/14/2007, 19:45:29] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/14/2007, 19:45:29] - No filename found. Continuing.
[08/14/2007, 19:45:29] - BHO 20: {732CFD74-45C6-424D-8BC1-9241B5537BFF} ()
[08/14/2007, 19:45:29] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/14/2007, 19:45:29] - No filename found. Continuing.
[08/14/2007, 19:45:29] - BHO 21: {746D60A9-EE31-470B-ACDD-7464277C108e} ()
[08/14/2007, 19:45:29] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/14/2007, 19:45:29] - Checking for HKLM\...\Winlogon\Notify\srbfnido
[08/14/2007, 19:45:29] - Key not found: HKLM\...\Winlogon\Notify\srbfnido, continuing.
[08/14/2007, 19:45:29] - BHO 22: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (SSVHelper Class)
[08/14/2007, 19:45:29] - BHO 23: {7A258C31-A6F5-451E-AA02-47CD4E6DDB10} ()
[08/14/2007, 19:45:29] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/14/2007, 19:45:29] - No filename found. Continuing.
[08/14/2007, 19:45:29] - BHO 24: {7AD910C0-FD04-4ED4-B31C-2142F39E70B7} ()
[08/14/2007, 19:45:29] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/14/2007, 19:45:29] - No filename found. Continuing.
[08/14/2007, 19:45:29] - BHO 25: {7B260288-81FC-432E-8016-B5A8EF43B028} ()
[08/14/2007, 19:45:29] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/14/2007, 19:45:29] - Checking for HKLM\...\Winlogon\Notify\vtsqq
[08/14/2007, 19:45:29] - Key not found: HKLM\...\Winlogon\Notify\vtsqq, continuing.
[08/14/2007, 19:45:29] - BHO 26: {7C7404BC-5320-4223-8451-86E03698702A} ()
[08/14/2007, 19:45:29] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/14/2007, 19:45:29] - No filename found. Continuing.
[08/14/2007, 19:45:29] - BHO 27: {8FC7693F-0131-4D4D-AFF9-10BDECDE6C5A} ()
[08/14/2007, 19:45:29] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/14/2007, 19:45:29] - No filename found. Continuing.
[08/14/2007, 19:45:29] - BHO 28: {902A33A8-936F-4CB4-8DCB-475B2897C7A1} ()
[08/14/2007, 19:45:29] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/14/2007, 19:45:29] - No filename found. Continuing.
[08/14/2007, 19:45:29] - BHO 29: {9030D464-4C02-4ABF-8ECC-5164760863C6} (Windows Live Sign-in Helper)
[08/14/2007, 19:45:29] - BHO 30: {9913E592-E543-4458-892F-6ABD3E1A8A2A} ()
[08/14/2007, 19:45:29] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/14/2007, 19:45:29] - No filename found. Continuing.
[08/14/2007, 19:45:29] - BHO 31: {9974EE55-870E-4B73-BFAD-FD73418DF836} ()
[08/14/2007, 19:45:29] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/14/2007, 19:45:29] - No filename found. Continuing.
[08/14/2007, 19:45:29] - BHO 32: {9DE542B7-13B8-47D4-AF34-D8814ABE49CC} ()
[08/14/2007, 19:45:29] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/14/2007, 19:45:29] - Checking for HKLM\...\Winlogon\Notify\vtsqq
[08/14/2007, 19:45:29] - Key not found: HKLM\...\Winlogon\Notify\vtsqq, continuing.
[08/14/2007, 19:45:29] - BHO 33: {A527F7DE-8BFC-4C96-A249-AAE6304BB0A5} ()
[08/14/2007, 19:45:29] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/14/2007, 19:45:29] - No filename found. Continuing.
[08/14/2007, 19:45:29] - BHO 34: {AC3338F2-CD57-43BF-8331-248F0BBAFC07} ()
[08/14/2007, 19:45:29] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/14/2007, 19:45:29] - No filename found. Continuing.
[08/14/2007, 19:45:29] - BHO 35: {BF1D72D9-86CA-409A-8748-0131419496BA} ()
[08/14/2007, 19:45:29] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/14/2007, 19:45:29] - No filename found. Continuing.
[08/14/2007, 19:45:29] - BHO 36: {C4BBCD00-C3C4-4A7A-A719-1C2E6A7FC66F} ()
[08/14/2007, 19:45:29] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/14/2007, 19:45:29] - No filename found. Continuing.
[08/14/2007, 19:45:29] - BHO 37: {C825AA87-7A7B-4532-8F77-187D42960D72} ()
[08/14/2007, 19:45:29] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/14/2007, 19:45:29] - No filename found. Continuing.
[08/14/2007, 19:45:29] - BHO 38: {E6024CC5-0E6E-4667-B0AC-EDCEA71FA689} ()
[08/14/2007, 19:45:29] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/14/2007, 19:45:29] - No filename found. Continuing.
[08/14/2007, 19:45:29] - BHO 39: {ED5E1A40-89F4-4C30-AED7-3E9F4DCC07BE} ()
[08/14/2007, 19:45:29] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/14/2007, 19:45:29] - No filename found. Continuing.
[08/14/2007, 19:45:29] - BHO 40: {ED86C1DC-5B7C-4228-AC05-54DA0BB8A999} ()
[08/14/2007, 19:45:29] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/14/2007, 19:45:29] - No filename found. Continuing.
[08/14/2007, 19:45:29] - BHO 41: {F2354E76-8724-4E0C-AFE8-04030E0981F4} ()
[08/14/2007, 19:45:29] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/14/2007, 19:45:29] - No filename found. Continuing.
[08/14/2007, 19:45:30] - BHO 42: {F2BF9C04-0BA9-4C8A-ACDE-DFF2033FBF8F} ()
[08/14/2007, 19:45:30] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/14/2007, 19:45:30] - No filename found. Continuing.
[08/14/2007, 19:45:30] - Finished Searching Browser Helper Objects
[08/14/2007, 19:45:30] - Finishing up...
[08/14/2007, 19:45:30] - A restart is needed.
[08/14/2007, 19:45:38] - Attempting to Restart via STOP error (Blue Screen!)

3°) ************************** CLEAN ***************************

14/08/2007 a 19:52:53,84

*** Recherche des fichiers dans C:

*** Recherche des fichiers dans C:\WINDOWS\

*** Recherche des fichiers dans C:\WINDOWS\system32
C:\WINDOWS\system32\mcrh.tmp FOUND

*** Recherche des fichiers dans C:\Program Files
"C:\Program Files\pics-factory Toolbar\" FOUND
*** Fin du rapport !

11939 messages dans la rubrique Dépannage Informatique

4248 messages dans la rubrique Virus, troyens, etc...

31 ans.

Le 14-08-2007 à 20:01 #

salut

= Redémarrer en mode Sans Échec (le démarrage peut prendre plusieurs minutes)
Attention, pas d’accès à internet dans ce mode. Enregistrer ou imprimer les consignes. Relancer le Pc et tapoter la touche F8, jusqu’à l’apparition des inscriptions avec choix de démarrage
Avec les touches « flèches », sélectionner Mode sans échec ==> entrée ==>nom utilisateur habituel

=lance clean.zip et choisit l'option 2
= Lance navilog1
= Cette fois-ci c

Fenetres firefox et ie qui s'ouvrent toutes seules HELP PLEASE !

Participer! →

sdf13 →

Le 14-08-2007 à 10:09 #

scoob1 →

Le 14-08-2007 à 12:01 #

sdf13 →

Le 14-08-2007 à 19:59 #

lolo73 →

Le 14-08-2007 à 20:01 #