Malweybite =) une merveille
KidPaddle93420
-
Utilisateur anonyme -
Utilisateur anonyme -
Malwarebytes' Anti-Malware 1.30
Version de la base de données: 1412
Windows 5.1.2600 Service Pack 2
20/11/2008 02:43:56
mbam-log-2008-11-20 (02-43-52).txt
Type de recherche: Examen rapide
Eléments examinés: 49495
Temps écoulé: 10 minute(s), 51 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 1
Clé(s) du Registre infectée(s): 16
Valeur(s) du Registre infectée(s): 2
Elément(s) de données du Registre infecté(s): 6
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 38
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
C:\WINDOWS\system32\wvUnKBtt.dll (Trojan.Vundo.H) -> No action taken.
Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0219ed56-902d-420e-b10d-c6c2c3633dba} (Trojan.Vundo.H) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{0219ed56-902d-420e-b10d-c6c2c3633dba} (Trojan.Vundo.H) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{88988ad1-4195-4f60-8779-af15dbb7a71d} (Trojan.Vundo.H) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{88988ad1-4195-4f60-8779-af15dbb7a71d} (Trojan.Vundo.H) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{b0b3393c-62d1-44d8-abf5-08e0f067f29e} (Trojan.Vundo.H) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ssqphgde (Trojan.Vundo.H) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{b0b3393c-62d1-44d8-abf5-08e0f067f29e} (Trojan.Vundo.H) -> No action taken.
HKEY_CLASSES_ROOT\Typelib\{9233c3c0-1472-4091-a505-5580a23bb4ac} (Trojan.FakeAlert) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{500bca15-57a7-4eaf-8143-8c619470b13d} (Trojan.FakeAlert) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{b0b3393c-62d1-44d8-abf5-08e0f067f29e} (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Juan (Malware.Trace) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\contim (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Track System (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\rdfa (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\FCOVM (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RemoveRP (Trojan.Vundo) -> No action taken.
Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\asqai (Adware.Navipromo.H) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{b0b3393c-62d1-44d8-abf5-08e0f067f29e} (Trojan.Vundo) -> No action taken.
Elément(s) de données du Registre infecté(s):
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Notification Packages (Trojan.Vundo.H) -> Data: c:\windows\system32\wvunkbtt -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Authentication Packages (Trojan.Vundo) -> Data: c:\windows\system32\wvunkbtt -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowControlPanel (Hijack.StartMenu) -> Bad: (0) Good: (1) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowHelp (Hijack.StartMenu) -> Bad: (0) Good: (1) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowMyDocs (Hijack.StartMenu) -> Bad: (0) Good: (1) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowMyComputer (Hijack.StartMenu) -> Bad: (0) Good: (1) -> No action taken.
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
C:\WINDOWS\system32\tbtxop.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\wvUnKBtt.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\ttBKnUvw.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\ttBKnUvw.ini2 (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\ssqPhgde.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\aqhpmumg.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\gmumphqa.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\dvnoyapk.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\kpayonvd.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\pkxfemkt.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\tkmefxkp.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\uduyvinv.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\vnivyudu.ini (Trojan.Vundo.H) -> No action taken.
C:\Documents and Settings\Kidpaddle\Local Settings\Application Data\asqai_navps.dat (Adware.Navipromo.H) -> No action taken.
C:\Documents and Settings\Kidpaddle\Local Settings\Application Data\asqai_nav.dat (Adware.Navipromo.H) -> No action taken.
C:\Documents and Settings\Kidpaddle\Local Settings\Application Data\asqai.dat (Adware.Navipromo.H) -> No action taken.
C:\Documents and Settings\Kidpaddle\Local Settings\Application Data\asqai.exe (Adware.Navipromo.H) -> No action taken.
C:\WINDOWS\system32\byXQJyWM.dll (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\cbXRheDT.dll (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\ddcCTllM.dll (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\dpphsjec.dll (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\empgvifr.dll (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\eusyagta.dll (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\iifdabYq.dll (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\iiffgFVL.dll (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\khfDWmlj.dll (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\pmnkKbab.dll (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\poglyq.dll (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\rkhrfetc.dll (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\simlvwjy.dll (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\ssqPhgde.VIR (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\tbtxop.VIR (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\ubcqinuf.dll (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\urqQjkJa.dll (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\vherfe.dll (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\wnsgfy.dll (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\wvUnOHxx.dll (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\mcrh.tmp (Malware.Trace) -> No action taken.
2 réponses
Hi,
Ensuite fait ceci:
télécharge hijackthis
-> enregistre la cible sous .... "le bureau"
-> Fais un double-clic sur "HJTInstall.exe" afin de lancer l'installation
-> Clique sur Install ensuite sur "I Accept"
-> Clique sur" Do a scan system and save log file"
-> Le bloc-notes s'ouvrira, fais un copier-coller de tout son contenu ici dans ta prochaine réponse
->Tuto hijackthis(Merci à Balltrap34)
Alut.
Ensuite fait ceci:
télécharge hijackthis
-> enregistre la cible sous .... "le bureau"
-> Fais un double-clic sur "HJTInstall.exe" afin de lancer l'installation
-> Clique sur Install ensuite sur "I Accept"
-> Clique sur" Do a scan system and save log file"
-> Le bloc-notes s'ouvrira, fais un copier-coller de tout son contenu ici dans ta prochaine réponse
->Tuto hijackthis(Merci à Balltrap34)
Alut.
