Trojan.Vundo.EKB
Résolu
filou44
-
ep44 Messages postés 7432 Statut Contributeur -
ep44 Messages postés 7432 Statut Contributeur -
Bonjour,
Depuis deux jours je me retrouve avec un trojan et je ne n'arrive pas à l'enlever, c'est a dire que Bitdefender trouve le virus, m'indique qu'il est effacé mais seulement après il me propose une réinitialisation du systeme mais il est toujours la, ensuite j'ai tenté une restauration systeme sans effet, alors en cherchant sur le forum j'ai compris que je gagnerai du temp en postant le rapport hijackthis suivant, je doit dire que j'ai eu quelques soucies avec les virus mais là je ne sais pu quoi faire, je compte sur vous maintenant pour m'aider m'en sortir, merci d'avance a tous
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:31:48, on 10/05/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
C:\Program Files\CDBurnerXP\NMSAccessU.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Softwin\BitDefender9\bdoesrv.exe
C:\Program Files\Softwin\BitDefender9\bdnagent.exe
C:\Program Files\Softwin\BitDefender9\bdswitch.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Lexmark X5100 Series\lxbabmgr.exe
C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Veoh Networks\Veoh\VeohClient.exe
C:\Program Files\Lexmark X5100 Series\lxbabmon.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
C:\Program Files\Softwin\BitDefender9\vsserv.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Felix\Bureau\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet
O4 - HKLM\..\Run: [BDMCon] "C:\Program Files\Softwin\BitDefender9\bdmcon.exe"
O4 - HKLM\..\Run: [BDOESRV] "C:\Program Files\Softwin\BitDefender9\bdoesrv.exe"
O4 - HKLM\..\Run: [BDNewsAgent] "C:\Program Files\Softwin\BitDefender9\bdnagent.exe"
O4 - HKLM\..\Run: [BDSwitchAgent] "C:\Program Files\Softwin\BitDefender9\bdswitch.exe"
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [Lexmark X5100 Series] "C:\Program Files\Lexmark X5100 Series\lxbabmgr.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe"
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook
O4 - HKCU\..\Run: [Veoh] "C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" /VeohHide
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.1.11.30.dll/206 (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - SOFTWIN S.R.L. - C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - SOFTWIN S.R.L. - C:\Program Files\Softwin\BitDefender9\vsserv.exe
O23 - Service: BitDefender Communicator (XCOMM) - Softwin - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
Depuis deux jours je me retrouve avec un trojan et je ne n'arrive pas à l'enlever, c'est a dire que Bitdefender trouve le virus, m'indique qu'il est effacé mais seulement après il me propose une réinitialisation du systeme mais il est toujours la, ensuite j'ai tenté une restauration systeme sans effet, alors en cherchant sur le forum j'ai compris que je gagnerai du temp en postant le rapport hijackthis suivant, je doit dire que j'ai eu quelques soucies avec les virus mais là je ne sais pu quoi faire, je compte sur vous maintenant pour m'aider m'en sortir, merci d'avance a tous
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:31:48, on 10/05/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
C:\Program Files\CDBurnerXP\NMSAccessU.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Softwin\BitDefender9\bdoesrv.exe
C:\Program Files\Softwin\BitDefender9\bdnagent.exe
C:\Program Files\Softwin\BitDefender9\bdswitch.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Lexmark X5100 Series\lxbabmgr.exe
C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Veoh Networks\Veoh\VeohClient.exe
C:\Program Files\Lexmark X5100 Series\lxbabmon.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
C:\Program Files\Softwin\BitDefender9\vsserv.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Felix\Bureau\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet
O4 - HKLM\..\Run: [BDMCon] "C:\Program Files\Softwin\BitDefender9\bdmcon.exe"
O4 - HKLM\..\Run: [BDOESRV] "C:\Program Files\Softwin\BitDefender9\bdoesrv.exe"
O4 - HKLM\..\Run: [BDNewsAgent] "C:\Program Files\Softwin\BitDefender9\bdnagent.exe"
O4 - HKLM\..\Run: [BDSwitchAgent] "C:\Program Files\Softwin\BitDefender9\bdswitch.exe"
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [Lexmark X5100 Series] "C:\Program Files\Lexmark X5100 Series\lxbabmgr.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe"
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook
O4 - HKCU\..\Run: [Veoh] "C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" /VeohHide
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.1.11.30.dll/206 (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - SOFTWIN S.R.L. - C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - SOFTWIN S.R.L. - C:\Program Files\Softwin\BitDefender9\vsserv.exe
O23 - Service: BitDefender Communicator (XCOMM) - Softwin - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
4 réponses
Bonsoir
Télécharge malwarebytes
http://www.malwarebytes.org/mbam/program/mbam-setup.exe
=> Installe le
=> Ensuite va en mode sans echec
Relance le Pc et tapote la touche F8 ( ou F5 pour certains) , jusqu’à l’apparition des inscriptions avec choix de démarrage
Avec les touches « flèches », sélectionne Mode sans échec ==> entrée ==>nom utilisateur habituel
=> Lance malwarebytes
=> Coche "Executer un examen complet"
=> Si tu es en présence d'une infection à la fin de l'examen clique sur "ok"
=> Clique sur Supprimer la sélection
=> Pour poster le rapport Clique sur l'onglet Rapports/Logs, sélectionne celui t'intéresse et clique sur Ouvrir
=> Fait copier coller et poste le rapport
--------------------------
ensuite
* Télécharge CCleaner
https://filehippo.com/download_ccleaner/
=> Aide toi de ce tuto pour l'utiliser
https://www.malekal.com/tutoriel-ccleaner/
ensuite
renomme hijack pas ton nom et refais un nouveau rapport
hijack doit être installer ici
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe <=et tu renomme le .exe par filou44.exe
@+
Télécharge malwarebytes
http://www.malwarebytes.org/mbam/program/mbam-setup.exe
=> Installe le
=> Ensuite va en mode sans echec
Relance le Pc et tapote la touche F8 ( ou F5 pour certains) , jusqu’à l’apparition des inscriptions avec choix de démarrage
Avec les touches « flèches », sélectionne Mode sans échec ==> entrée ==>nom utilisateur habituel
=> Lance malwarebytes
=> Coche "Executer un examen complet"
=> Si tu es en présence d'une infection à la fin de l'examen clique sur "ok"
=> Clique sur Supprimer la sélection
=> Pour poster le rapport Clique sur l'onglet Rapports/Logs, sélectionne celui t'intéresse et clique sur Ouvrir
=> Fait copier coller et poste le rapport
--------------------------
ensuite
* Télécharge CCleaner
https://filehippo.com/download_ccleaner/
=> Aide toi de ce tuto pour l'utiliser
https://www.malekal.com/tutoriel-ccleaner/
ensuite
renomme hijack pas ton nom et refais un nouveau rapport
hijack doit être installer ici
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe <=et tu renomme le .exe par filou44.exe
@+
Bonjour oui en effet pas de suppression
Télécharge sur le Bureau.
http://www.atribune.org/ccount/click.php?id=4
=> Double-clic VundoFix.exe.
=> Clic OK
=> Attendre le redemarrage de Vundofix
=> Clic Scan for Vundo
=> Le scan est assez long , à la fin
=> Clic Remove Vundo
=> Puis yes
=> Le Bureau disparaît un moment lors de la suppression des fichiers.
=> Message shutdown
=> clic OK
=> Redémarrage auto
=> copier le rapport qui est dans C:vundofix.txt
ensuite
Télécharge Combofix http://download.bleepingcomputer.com/sUBs/ComboFix.exe
et sauvegarde le sur ton bureau et pas ailleurs!
=> déconnecte toi d'internet et ferme toutes tes applications.
=> désactive tes protections (antivirus, parefeu,antispyware)
=> Double-clic sur combofix,
=> Ne touche à rien tant que le scan n'est pas terminé.Attention, n'utilise pas ta souris ni ton clavier (ni un autre système de pointage) pendant que le programme tourne. Cela pourrait figer l'ordi.
=> Attends que combofix ait terminé, un rapport sera créé.
=> réactive ton parefeu, ton antivirus, la garde de ton antispyware
=> copie/colle le rapport C:\ComboFix.txt
@+
Télécharge sur le Bureau.
http://www.atribune.org/ccount/click.php?id=4
=> Double-clic VundoFix.exe.
=> Clic OK
=> Attendre le redemarrage de Vundofix
=> Clic Scan for Vundo
=> Le scan est assez long , à la fin
=> Clic Remove Vundo
=> Puis yes
=> Le Bureau disparaît un moment lors de la suppression des fichiers.
=> Message shutdown
=> clic OK
=> Redémarrage auto
=> copier le rapport qui est dans C:vundofix.txt
ensuite
Télécharge Combofix http://download.bleepingcomputer.com/sUBs/ComboFix.exe
et sauvegarde le sur ton bureau et pas ailleurs!
=> déconnecte toi d'internet et ferme toutes tes applications.
=> désactive tes protections (antivirus, parefeu,antispyware)
=> Double-clic sur combofix,
=> Ne touche à rien tant que le scan n'est pas terminé.Attention, n'utilise pas ta souris ni ton clavier (ni un autre système de pointage) pendant que le programme tourne. Cela pourrait figer l'ordi.
=> Attends que combofix ait terminé, un rapport sera créé.
=> réactive ton parefeu, ton antivirus, la garde de ton antispyware
=> copie/colle le rapport C:\ComboFix.txt
@+
Salut, alors VundoFix ne detecte pas d'erreur, je lance ensuite ComboFix et la après 30min plus de virus enfin...
Donc voila merci pour toute ton aide qui ma sorti de ce pétrin
A+
Donc voila merci pour toute ton aide qui ma sorti de ce pétrin
A+
Rapport Malwarebytes;
Malwarebytes' Anti-Malware 1.12
Version de la base de données: 722
Type de recherche: Examen complet (C:\|)
Eléments examinés: 117932
Temps écoulé: 1 hour(s), 44 minute(s), 0 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 2
Clé(s) du Registre infectée(s): 7
Valeur(s) du Registre infectée(s): 1
Elément(s) de données du Registre infecté(s): 2
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 489
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
C:\WINDOWS\system32\qoMdDtQk.dll (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\hgGASLdb.dll (Trojan.Vundo) -> No action taken.
Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6fbd057e-939b-4500-a8b2-1e1f01bcc0c1} (Trojan.Vundo) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{6fbd057e-939b-4500-a8b2-1e1f01bcc0c1} (Trojan.Vundo) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{b4c0c60c-1eff-4ac4-8f17-8d616c94cdfd} (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{b4c0c60c-1eff-4ac4-8f17-8d616c94cdfd} (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\hggasldb (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\FCOVM (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RemoveRP (Trojan.Vundo) -> No action taken.
Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{b4c0c60c-1eff-4ac4-8f17-8d616c94cdfd} (Trojan.Vundo) -> No action taken.
Elément(s) de données du Registre infecté(s):
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Authentication Packages (Trojan.Vundo) -> Data: c:\windows\system32\qomddtqk -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Authentication Packages (Trojan.Vundo) -> Data: c:\windows\system32\qomddtqk -> No action taken.
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
C:\WINDOWS\system32\qoMdDtQk.dll (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\kQtDdMoq.ini (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\kQtDdMoq.ini2 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp1000 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp1003 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp1005 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp1008 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp100a (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp100c (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp100f (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp1011 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp1014 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp1016 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp1018 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp101b (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp101d (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp101f (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp1022 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp1024 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp1027 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp1029 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp102b (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp102e (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp1030 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp1032 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp1035 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp1037 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp103a (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp103c (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp103e (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp1041 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp1043 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp1045 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp1048 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp104a (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp104d (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp104f (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp1051 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp1054 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp1056 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp1058 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp105b (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp105d (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp1060 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp1062 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp1064 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp1067 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp1069 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp106c (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp106e (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp1070 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp1073 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp1075 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp1078 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp107a (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp107c (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp107f (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp1081 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp1083 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp1086 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp1088 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp108b (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp108d (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp108f (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp1092 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp1094 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp1096 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp1099 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp109b (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp109e (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp10a0 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp10a2 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp10a5 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp10a7 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp10a9 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp10ac (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp10ae (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp10b1 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp10b3 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp10b5 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp10b8 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp10ba (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp10bc (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp10bf (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp10c1 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp10c4 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp10c6 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp10c8 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp10cb (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp10cd (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp10d0 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp10d2 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp10d4 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp10d7 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp10d9 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp10db (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp10de (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp10e0 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp10e2 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp10e5 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp10e7 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp10ea (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp10ec (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp10ee (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp10f1 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp10f3 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp10f5 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp10f8 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp10fa (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp10fd (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp10ff (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp1101 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp1104 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp1106 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp1108 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp110b (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp110d (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp1110 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp1112 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp1114 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp1117 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp1119 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp111b (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp111e (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp1120 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp1122 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp1125 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp1127 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp112a (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp112c (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp112e (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp1131 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp1133 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp1135 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp1138 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp113a (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp113d (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp113f (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp1141 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp1144 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp1146 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp1148 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp114b (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp114d (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp1150 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp1152 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp1154 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp1157 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp1159 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp115b (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp115e (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp1160 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp1163 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp1165 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp1167 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp116a (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp116c (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp116f (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp1171 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp1173 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp1176 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp1178 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp117a (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp117d (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp117f (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp1182 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp1184 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp1186 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp1189 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp118b (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp118e (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp1190 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp1193 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp1196 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp1198 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp119b (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp119d (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp119f (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp11a2 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp11a4 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp11a7 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp11a9 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp11ab (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp11ae (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp11b0 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp11b3 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp11b6 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp11b9 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp11bb (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp11bd (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp11c0 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp11c3 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp11c6 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp11c9 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp11cb (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp11ce (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp11d0 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp11d3 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp11d6 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp11d9 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp11db (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp11dd (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp11e0 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp11e2 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp11e6 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp11e8 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp11eb (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp11ee (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp11f0 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp11f3 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp11f6 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp11f9 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp11fb (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp11fd (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp1200 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp1203 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp1206 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp1208 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp120c (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp120e (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp1211 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp1214 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp1218 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp121a (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp121c (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp121f (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp1221 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp1223 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp1227 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp1229 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp122d (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp122f (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp1232 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp1234 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp1238 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp123a (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp123d (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp1240 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp1241 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp1245 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp1248 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp124b (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp124d (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp124f (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp1253 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp1255 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp1258 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp125a (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp125d (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp125f (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp1261 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp1264 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp1266 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp1269 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp126b (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp126d (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp1270 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp1272 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp1275 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp1277 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp1279 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp127d (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp127f (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp1282 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp1284 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp1288 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp128b (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp128e (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp1290 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp1293 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp1295 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp1297 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp129b (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp129d (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp12a0 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp12a2 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp12a4 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp12a7 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp12a9 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp12ad (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp12af (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp12b2 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp12b4 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp12b6 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp12ba (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp12bc (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp12bf (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp12c1 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp12c3 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp12c5 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp12ca (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp12cd (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp12d0 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp12d3 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp12d7 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp12d9 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp12db (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp12dd (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp12df (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp12e1 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp12e3 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp12e6 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp12e8 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp12ea (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp12ec (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp12ee (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp12f0 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp12f2 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp12f4 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp12f6 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp12f8 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp12fa (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp12fc (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp12fe (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp1300 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp1302 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp1304 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp1306 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp1308 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp130a (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp130c (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp130f (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp1311 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp1313 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp1315 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp1317 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp1319 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp131b (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp131d (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp131f (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp1321 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp1323 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp1325 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp1327 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp1329 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp132b (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp132d (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp132f (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp1331 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp1333 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp1335 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp1337 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp1339 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp133b (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp133d (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp133f (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp1341 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp1343 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp1345 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp1347 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp1349 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp134b (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp134d (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp134f (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp1351 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp1353 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp1355 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp1357 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp1359 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp135b (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp135d (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp135f (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp1361 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp1363 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp1365 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp1367 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp1369 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp136b (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp136d (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp136f (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp1371 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp1373 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp1375 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp1377 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp137a (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp137c (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp137e (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp1380 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp1382 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp1384 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp1386 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp1388 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp138a (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp138c (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp138e (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp1390 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp1392 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp1394 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp1396 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp1398 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp139a (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp139c (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp139e (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp13a0 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp13a2 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp13a4 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp13a6 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp13a8 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp13aa (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp13ac (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp13ae (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp13b0 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp13b2 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp13b4 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp13b6 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp13b8 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp13ba (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp13bc (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp13be (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp13c0 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp13c2 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp13c4 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp13c6 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp13c8 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp13ca (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp13cc (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp13ce (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp13d0 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp13d2 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp13d4 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp13d6 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp13d8 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp13da (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp13dc (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp13de (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp13e0 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp13e2 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp13e4 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp13e6 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp13e8 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp13ea (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp13ec (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp13ee (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp13f0 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp13f2 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp13f4 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp13f6 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp13f8 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp13fa (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp13fc (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp13fe (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp1400 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp1402 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp1404 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp1409 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp140c (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp140e (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp1410 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp1412 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp1414 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp1416 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp1418 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp141a (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp141c (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp141e (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp1420 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp1422 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp1424 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp1426 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp1428 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp142a (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp142c (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp142f (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp1431 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp1433 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp1435 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp1437 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp1439 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp143b (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp143d (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp143f (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp1441 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp1443 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp1445 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp1447 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp1449 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp144c (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp144e (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp1451 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp1453 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp1456 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp1458 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp145a (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp145c (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp1461 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp1463 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp1466 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\tmp146a (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\hgGASLdb.dll (Trojan.Vundo) -> No action taken.
Je doit dire aussi que malwarebytes ma fait un rapport des fichiers qu'il n"a pas pus supprimés dans le dossier Log, mais je ne connais ce dossier, et aussi s'il était possible de me réexpliquer la suite:
""ensuite
renomme hijack pas ton nom et refais un nouveau rapport
hijack doit être installer ici
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe <=et tu renomme le .exe par filou44.exe ""
Merci je suis sur la bonne voie...