J'ai executé VirtumundoBeGone en mode sans échec, et apparement il n'a rien trouvé. Puis j'ai fait le scan Hijackthis. Voici les scans pour les 2 programmes:
[05/15/2008, 21:26:38] - VirtumundoBeGone v1.5 ( "C:\Documents and Settings\Aurélie\Bureau\VirtumundoBeGone.exe" )
[05/15/2008, 21:26:49] - Detected System Information:
[05/15/2008, 21:26:49] - Windows Version: 5.1.2600, Service Pack 2
[05/15/2008, 21:26:49] - Current Username: Aurélie (Admin)
[05/15/2008, 21:26:49] - Windows is in SAFE mode with Networking.
[05/15/2008, 21:26:49] - Searching for Browser Helper Objects:
[05/15/2008, 21:26:49] - BHO 1: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (Adobe PDF Reader Link Helper)
[05/15/2008, 21:26:49] - BHO 2: {30A0C9EB-527D-4035-B808-AF41F1AB3E7C} ()
[05/15/2008, 21:26:49] - WARNING: BHO has no default name. Checking for Winlogon reference.
[05/15/2008, 21:26:49] - No filename found. Continuing.
[05/15/2008, 21:26:49] - BHO 3: {38D3FE60-3D53-4F37-BB0E-C7A97A26A156} (CInterceptor Object)
[05/15/2008, 21:26:49] - BHO 4: {39E310E0-DEBE-4446-9A0B-6AB4060ED533} ()
[05/15/2008, 21:26:49] - WARNING: BHO has no default name. Checking for Winlogon reference.
[05/15/2008, 21:26:49] - No filename found. Continuing.
[05/15/2008, 21:26:49] - BHO 5: {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} (Megaupload Toolbar)
[05/15/2008, 21:26:49] - BHO 6: {53707962-6F74-2D53-2644-206D7942484F} (Spybot-S&D IE Protection)
[05/15/2008, 21:26:49] - BHO 7: {7E853D72-626A-48EC-A868-BA8D5E23E045} ()
[05/15/2008, 21:26:49] - WARNING: BHO has no default name. Checking for Winlogon reference.
[05/15/2008, 21:26:49] - No filename found. Continuing.
[05/15/2008, 21:26:49] - BHO 8: {8C1E8D48-25BF-4139-A181-0FE63286C35F} ()
[05/15/2008, 21:26:49] - WARNING: BHO has no default name. Checking for Winlogon reference.
[05/15/2008, 21:26:49] - No filename found. Continuing.
[05/15/2008, 21:26:49] - BHO 9: {9742C1D0-64B6-4B09-B5C0-A036B1B91155} ()
[05/15/2008, 21:26:49] - WARNING: BHO has no default name. Checking for Winlogon reference.
[05/15/2008, 21:26:49] - No filename found. Continuing.
[05/15/2008, 21:26:49] - BHO 10: {AD63C3A8-885B-4F28-AE62-21DA16FEA9FC} ()
[05/15/2008, 21:26:49] - WARNING: BHO has no default name. Checking for Winlogon reference.
[05/15/2008, 21:26:49] - No filename found. Continuing.
[05/15/2008, 21:26:49] - BHO 11: {EAB53424-B767-4549-BD2D-1299F9663707} ()
[05/15/2008, 21:26:49] - WARNING: BHO has no default name. Checking for Winlogon reference.
[05/15/2008, 21:26:49] - No filename found. Continuing.
[05/15/2008, 21:26:49] - BHO 12: {F9DF827A-8FA7-48A3-B268-CA4DB563EA40} ()
[05/15/2008, 21:26:49] - WARNING: BHO has no default name. Checking for Winlogon reference.
[05/15/2008, 21:26:49] - No filename found. Continuing.
[05/15/2008, 21:26:49] - Finished Searching Browser Helper Objects
[05/15/2008, 21:26:49] - Finishing up...
[05/15/2008, 21:26:49] - Nothing found! Exiting...
---------------------------------------------------------------
Logfile of HijackThis v1.99.1
Scan saved at 21:33:06, on 15/05/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Acer\eManager\anbmServ.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Launch Manager\CtrlVol.exe
C:\Program Files\Launch Manager\Wbutton.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Executive Software\Diskeeper\DkService.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Monscan\Monscan.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://fr.yahoo.com/R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {30A0C9EB-527D-4035-B808-AF41F1AB3E7C} - (no file)
O2 - BHO: CInterceptor Object - {38D3FE60-3D53-4F37-BB0E-C7A97A26A156} - C:\Program Files\Pando Networks\Pando\PandoIEPlugin.dll
O2 - BHO: (no name) - {39E310E0-DEBE-4446-9A0B-6AB4060ED533} - (no file)
O2 - BHO: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: (no name) - {8C1E8D48-25BF-4139-A181-0FE63286C35F} - (no file)
O2 - BHO: (no name) - {9742C1D0-64B6-4B09-B5C0-A036B1B91155} - (no file)
O2 - BHO: (no name) - {AD63C3A8-885B-4F28-AE62-21DA16FEA9FC} - (no file)
O2 - BHO: (no name) - {EAB53424-B767-4549-BD2D-1299F9663707} - (no file)
O2 - BHO: (no name) - {F9DF827A-8FA7-48A3-B268-CA4DB563EA40} - (no file)
O3 - Toolbar: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [CtrlVol] C:\Program Files\Launch Manager\CtrlVol.exe
O4 - HKLM\..\Run: [Wbutton] "C:\Program Files\Launch Manager\Wbutton.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9
O4 - HKCU\..\Run: [Pando] "C:\Program Files\Pando Networks\Pando\Pando.exe" /Minimized
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\CCleaner.exe" /AUTO
O4 - Global Startup: Démarrage rapide du logiciel HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\program files\bonjour\mdnsnsp.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: tuvspoMD - C:\WINDOWS\
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Notebook Manager Service (anbmService) - OSA Technologies Inc. - C:\Acer\eManager\anbmServ.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Diskeeper - Executive Software International, Inc. - C:\Program Files\Executive Software\Diskeeper\DkService.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe