Rapport analyse malwarebytes
Résolu
panay16
Messages postés
53
Date d'inscription
Statut
Membre
Dernière intervention
-
Lyonnais92 Messages postés 25159 Date d'inscription Statut Contributeur sécurité Dernière intervention -
Lyonnais92 Messages postés 25159 Date d'inscription Statut Contributeur sécurité Dernière intervention -
Bonjour,
oila le rapport d'analyse
Malwarebytes' Anti-Malware 1.31
Version de la base de données: 1528
Windows 5.1.2600 Service Pack 3
22/12/2008 09:19:19
mbam-log-2008-12-22 (09-19-19).txt
Type de recherche: Examen complet (C:\|I:\|)
Eléments examinés: 197683
Temps écoulé: 4 hour(s), 23 minute(s), 32 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 10
Clé(s) du Registre infectée(s): 26
Valeur(s) du Registre infectée(s): 2
Elément(s) de données du Registre infecté(s): 3
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 68
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
C:\WINDOWS\system32\efcCsqNh.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\yardxncs.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\xbaabh.dll (Trojan.Vundo) -> Delete on reboot.
C:\WINDOWS\system32\gmxwuz.dll (Trojan.Vundo) -> Delete on reboot.
C:\WINDOWS\system32\vydrip.dll (Trojan.Vundo) -> Delete on reboot.
C:\WINDOWS\system32\pnnxlf.dll (Trojan.Vundo) -> Delete on reboot.
C:\WINDOWS\system32\qynory.dll (Trojan.Vundo) -> Delete on reboot.
C:\WINDOWS\system32\rqRhGwWP.dll (Trojan.Vundo) -> Delete on reboot.
C:\WINDOWS\system32\tabpgeig.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\qgpslkxw.dll (Trojan.Vundo.H) -> Delete on reboot.
Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{62f0c38d-82f2-452c-b1c5-ab0179c39c2f} (Trojan.Vundo.H) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\rqrhgwwp (Trojan.Vundo.H) -> Delete on reboot.
HKEY_CLASSES_ROOT\CLSID\{62f0c38d-82f2-452c-b1c5-ab0179c39c2f} (Trojan.Vundo.H) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{bc1c8c2f-3eb1-4b50-8c58-40dc0d1c6028} (Trojan.Vundo.H) -> Delete on reboot.
HKEY_CLASSES_ROOT\CLSID\{bc1c8c2f-3eb1-4b50-8c58-40dc0d1c6028} (Trojan.Vundo.H) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{77ab59b4-55a3-4737-9fd5-b93c64307f78} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{77ab59b4-55a3-4737-9fd5-b93c64307f78} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{77ab59b4-55a3-4737-9fd5-b93c6430bf78} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{77ab59b4-55a3-4737-9fd5-b93c6430bf78} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{0efa0170-f8db-48e7-9812-dafc22ce9b73} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{bd85646c-6ba2-4a79-ab16-76113bde06c5} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{bd85646c-6ba2-4a79-ab16-76113bde06c5} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{f70c4f75-e59a-41b3-9508-6f6e14447f49} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{38208c1b-04bc-4094-b09d-346a244a0c0a} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{eceb5305-7c42-4d5c-b953-0ed722877fbf} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{62f0c38d-82f2-452c-b1c5-ab0179c39c2f} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{bc1c8c2f-3eb1-4b50-8c58-40dc0d1c6028} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{77ab59b4-55a3-4737-9fd5-b93c6430bf78} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{77ab59b4-55a3-4737-9fd5-b93c64307f78} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{b64f4a7c-97c9-11da-8bde-f66bad1e3f3a} (Rogue.WinAntivirus) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Juan (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\contim (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Track System (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\rdfa (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\FCOVM (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RemoveRP (Trojan.Vundo) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\b0b8d261 (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{62f0c38d-82f2-452c-b1c5-ab0179c39c2f} (Trojan.Vundo) -> Delete on reboot.
Elément(s) de données du Registre infecté(s):
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Security Packages (Trojan.Vundo.H) -> Data: c:\windows\system32\efccsqnh -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\regfile\shell\open\command\ (Broken.OpenCommand) -> Bad: ("regedit.exe" "%1") Good: (regedit.exe "%1") -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Authentication Packages (Trojan.Vundo.H) -> Data: c:\windows\system32\efccsqnh -> Delete on reboot.
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
C:\WINDOWS\system32\rqRhGwWP.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\efcCsqNh.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\hNqsCcfe.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\hNqsCcfe.ini2 (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\djnmrvae.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\eavrmnjd.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\gtgbfcfh.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\hfcfbgtg.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\icljgohd.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\dhogjlci.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\mhxeaqrg.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\grqaexhm.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\qugumnkp.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\pknmuguq.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\rlegmbam.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\mabmgelr.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\rnnhothk.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\khtohnnr.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\sqhoxayw.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\wyaxohqs.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\whqncynu.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\unycnqhw.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\yardxncs.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\scnxdray.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\yewnnjtv.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\vtjnnwey.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\yhqnhbov.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\vobhnqhy.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\yjuygnuq.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\qungyujy.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\yyvbtrjh.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\hjrtbvyy.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\qgpslkxw.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\tabpgeig.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\xbaabh.dll (Trojan.Vundo) -> Delete on reboot.
C:\WINDOWS\system32\gmxwuz.dll (Trojan.Vundo) -> Delete on reboot.
C:\WINDOWS\system32\vydrip.dll (Trojan.Vundo) -> Delete on reboot.
C:\WINDOWS\system32\pnnxlf.dll (Trojan.Vundo) -> Delete on reboot.
C:\WINDOWS\system32\qynory.dll (Trojan.Vundo) -> Delete on reboot.
C:\WINDOWS\system32\ahdcgtkd.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\aigrab.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\alwabo.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\axvssgrs.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\cojapsml.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\cvyoze.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\dfsnuhyu.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\djjppakh.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\dmyrrwas.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\dpzwpn.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ffvjdxet.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\fjearm.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\itflchok.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\kgsxwh.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\kvicjtxn.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\oobayiaq.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\pjtqcqdd.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\pkbpjelf.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\qhjykv.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\rjoutqvd.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\vypocb.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\urgbcj.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\vhqnocrt.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\wfystd.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\xkiikemk.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\xuwylwoq.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ztwjsi.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\vtcfmepl_navps.dat (Adware.NaviPromo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\vtcfmepl_nav.dat (Adware.NaviPromo) -> Quarantined and deleted successfully.
Que dois-je faire d'autre?
jutilise Bitcomet et je voudrais savoir comment mieux protéger mon PC
de plus, dois-je garder Nod 32 comme antivirus?
Merci
oila le rapport d'analyse
Malwarebytes' Anti-Malware 1.31
Version de la base de données: 1528
Windows 5.1.2600 Service Pack 3
22/12/2008 09:19:19
mbam-log-2008-12-22 (09-19-19).txt
Type de recherche: Examen complet (C:\|I:\|)
Eléments examinés: 197683
Temps écoulé: 4 hour(s), 23 minute(s), 32 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 10
Clé(s) du Registre infectée(s): 26
Valeur(s) du Registre infectée(s): 2
Elément(s) de données du Registre infecté(s): 3
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 68
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
C:\WINDOWS\system32\efcCsqNh.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\yardxncs.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\xbaabh.dll (Trojan.Vundo) -> Delete on reboot.
C:\WINDOWS\system32\gmxwuz.dll (Trojan.Vundo) -> Delete on reboot.
C:\WINDOWS\system32\vydrip.dll (Trojan.Vundo) -> Delete on reboot.
C:\WINDOWS\system32\pnnxlf.dll (Trojan.Vundo) -> Delete on reboot.
C:\WINDOWS\system32\qynory.dll (Trojan.Vundo) -> Delete on reboot.
C:\WINDOWS\system32\rqRhGwWP.dll (Trojan.Vundo) -> Delete on reboot.
C:\WINDOWS\system32\tabpgeig.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\qgpslkxw.dll (Trojan.Vundo.H) -> Delete on reboot.
Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{62f0c38d-82f2-452c-b1c5-ab0179c39c2f} (Trojan.Vundo.H) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\rqrhgwwp (Trojan.Vundo.H) -> Delete on reboot.
HKEY_CLASSES_ROOT\CLSID\{62f0c38d-82f2-452c-b1c5-ab0179c39c2f} (Trojan.Vundo.H) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{bc1c8c2f-3eb1-4b50-8c58-40dc0d1c6028} (Trojan.Vundo.H) -> Delete on reboot.
HKEY_CLASSES_ROOT\CLSID\{bc1c8c2f-3eb1-4b50-8c58-40dc0d1c6028} (Trojan.Vundo.H) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{77ab59b4-55a3-4737-9fd5-b93c64307f78} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{77ab59b4-55a3-4737-9fd5-b93c64307f78} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{77ab59b4-55a3-4737-9fd5-b93c6430bf78} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{77ab59b4-55a3-4737-9fd5-b93c6430bf78} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{0efa0170-f8db-48e7-9812-dafc22ce9b73} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{bd85646c-6ba2-4a79-ab16-76113bde06c5} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{bd85646c-6ba2-4a79-ab16-76113bde06c5} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{f70c4f75-e59a-41b3-9508-6f6e14447f49} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{38208c1b-04bc-4094-b09d-346a244a0c0a} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{eceb5305-7c42-4d5c-b953-0ed722877fbf} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{62f0c38d-82f2-452c-b1c5-ab0179c39c2f} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{bc1c8c2f-3eb1-4b50-8c58-40dc0d1c6028} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{77ab59b4-55a3-4737-9fd5-b93c6430bf78} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{77ab59b4-55a3-4737-9fd5-b93c64307f78} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{b64f4a7c-97c9-11da-8bde-f66bad1e3f3a} (Rogue.WinAntivirus) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Juan (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\contim (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Track System (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\rdfa (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\FCOVM (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RemoveRP (Trojan.Vundo) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\b0b8d261 (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{62f0c38d-82f2-452c-b1c5-ab0179c39c2f} (Trojan.Vundo) -> Delete on reboot.
Elément(s) de données du Registre infecté(s):
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Security Packages (Trojan.Vundo.H) -> Data: c:\windows\system32\efccsqnh -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\regfile\shell\open\command\ (Broken.OpenCommand) -> Bad: ("regedit.exe" "%1") Good: (regedit.exe "%1") -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Authentication Packages (Trojan.Vundo.H) -> Data: c:\windows\system32\efccsqnh -> Delete on reboot.
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
C:\WINDOWS\system32\rqRhGwWP.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\efcCsqNh.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\hNqsCcfe.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\hNqsCcfe.ini2 (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\djnmrvae.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\eavrmnjd.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\gtgbfcfh.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\hfcfbgtg.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\icljgohd.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\dhogjlci.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\mhxeaqrg.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\grqaexhm.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\qugumnkp.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\pknmuguq.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\rlegmbam.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\mabmgelr.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\rnnhothk.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\khtohnnr.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\sqhoxayw.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\wyaxohqs.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\whqncynu.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\unycnqhw.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\yardxncs.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\scnxdray.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\yewnnjtv.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\vtjnnwey.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\yhqnhbov.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\vobhnqhy.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\yjuygnuq.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\qungyujy.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\yyvbtrjh.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\hjrtbvyy.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\qgpslkxw.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\tabpgeig.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\xbaabh.dll (Trojan.Vundo) -> Delete on reboot.
C:\WINDOWS\system32\gmxwuz.dll (Trojan.Vundo) -> Delete on reboot.
C:\WINDOWS\system32\vydrip.dll (Trojan.Vundo) -> Delete on reboot.
C:\WINDOWS\system32\pnnxlf.dll (Trojan.Vundo) -> Delete on reboot.
C:\WINDOWS\system32\qynory.dll (Trojan.Vundo) -> Delete on reboot.
C:\WINDOWS\system32\ahdcgtkd.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\aigrab.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\alwabo.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\axvssgrs.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\cojapsml.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\cvyoze.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\dfsnuhyu.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\djjppakh.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\dmyrrwas.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\dpzwpn.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ffvjdxet.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\fjearm.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\itflchok.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\kgsxwh.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\kvicjtxn.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\oobayiaq.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\pjtqcqdd.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\pkbpjelf.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\qhjykv.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\rjoutqvd.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\vypocb.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\urgbcj.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\vhqnocrt.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\wfystd.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\xkiikemk.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\xuwylwoq.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ztwjsi.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\vtcfmepl_navps.dat (Adware.NaviPromo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\vtcfmepl_nav.dat (Adware.NaviPromo) -> Quarantined and deleted successfully.
Que dois-je faire d'autre?
jutilise Bitcomet et je voudrais savoir comment mieux protéger mon PC
de plus, dois-je garder Nod 32 comme antivirus?
Merci
A voir également:
- Rapport analyse malwarebytes
- Télécharger malwarebytes - Télécharger - Antivirus & Antimalwares
- Analyse composant pc - Guide
- Analyse performance pc - Guide
- Malwarebytes adwcleaner - Télécharger - Antivirus & Antimalwares
- Analyse disque dur - Télécharger - Informations & Diagnostic
2 réponses
heu vire le oui et met en un de mieux des freeware c pas se qui manque au pire met avira il est pas mal!!! as tu fais un scan en ligne?
Bonjour,
Nod32 est un très bon antivirus.
Tu as une licence ou c'est une version d'évaluation ?
================
Il serait étonnant (mais possible) que tu n'ais été infecté que opar Vundi.
Fais ceci :
Télécharge ici :
http://images.malwareremoval.com/random/RSIT.exe
random's system information tool (RSIT) par random/random et sauvegarde-le sur le Bureau.
Double-clique sur RSIT.exe afin de lancer RSIT.
Lis le contenu de l'écran Disclaimer puis clique sur Continue (si tu acceptes les conditions).
Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.
Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront.
Poste le contenu de log.txt (<<qui sera affiché)
.
NB : Les rapports sont sauvegardés dans le dossier C:\rsit
Nod32 est un très bon antivirus.
Tu as une licence ou c'est une version d'évaluation ?
================
Il serait étonnant (mais possible) que tu n'ais été infecté que opar Vundi.
Fais ceci :
Télécharge ici :
http://images.malwareremoval.com/random/RSIT.exe
random's system information tool (RSIT) par random/random et sauvegarde-le sur le Bureau.
Double-clique sur RSIT.exe afin de lancer RSIT.
Lis le contenu de l'écran Disclaimer puis clique sur Continue (si tu acceptes les conditions).
Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.
Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront.
Poste le contenu de log.txt (<<qui sera affiché)
.
NB : Les rapports sont sauvegardés dans le dossier C:\rsit
j'ai fait une analyse ac Hijack et malwarebytes comme me la dit "V-X".
tu dit que avira pourrait remplacer nod32?