no save
Identification
Assistance
Achat
News

Forum | virus/sécurité
Win32:Slaper-AB
Pepito, le mar. 23 déc. 2008 à 14:29:31
Re,

Tout s'est très bien déroulé, explications claires et tout, merci...

Voilà le rapport :

Malwarebytes' Anti-Malware 1.31
Version de la base de données: 1535
Windows 5.1.2600 Service Pack 1

23/12/2008 14:18:53
mbam-log-2008-12-23 (14-18-53).txt

Type de recherche: Examen rapide
Eléments examinés: 61369
Temps écoulé: 15 minute(s), 57 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 7
Clé(s) du Registre infectée(s): 24
Valeur(s) du Registre infectée(s): 8
Elément(s) de données du Registre infecté(s): 5
Dossier(s) infecté(s): 3
Fichier(s) infecté(s): 111

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
C:\WINDOWS\system32\jaduguyu.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\wvUOhhGA.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\nozahiti.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\silohuru.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\daluwimo.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\mwsbbk.dll (Trojan.Vundo) -> Delete on reboot.
C:\WINDOWS\system32\geBQHaaW.dll (Trojan.Vundo) -> Delete on reboot.

Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6d794cb4-c7cd-4c6f-bfdc-9b77afbdc02c} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\gebqhaaw (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{6d794cb4-c7cd-4c6f-bfdc-9b77afbdc02c} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{a9c0a5c2-59ce-481f-a335-4c1d39763e44} (Trojan.Vundo.H) -> Delete on reboot.
HKEY_CLASSES_ROOT\CLSID\{a9c0a5c2-59ce-481f-a335-4c1d39763e44} (Trojan.Vundo.H) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{bad53f12-8a24-48d0-a666-eab957f63ce5} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{bad53f12-8a24-48d0-a666-eab957f63ce5} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4568cf71-0ade-44b9-994c-1f4ff7ad8707} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{4568cf71-0ade-44b9-994c-1f4ff7ad8707} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4ce09c37-1068-4572-a71e-de76733390f4} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{4ce09c37-1068-4572-a71e-de76733390f4} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\sbinstie.sbinstobj (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\sbinstie.sbinstobj.1 (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{38370864-346f-4afa-8c4b-4fbff518c0bb} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{8c875948-9c60-4381-9248-0df180542d53} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{4cf5a3c1-07a2-4336-9b54-6870452ebde1} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8c875948-9c60-4381-9248-0df180542d53} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Juan (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\contim (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\instkey (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Track System (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\rdfa (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\FCOVM (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RemoveRP (Trojan.Vundo) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\4c4c584b (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\selofayora (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{6d794cb4-c7cd-4c6f-bfdc-9b77afbdc02c} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Advanced DHTML Enable (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Windows UDP Control Center (Backdoor.Bot) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\mmsass (Backdoor.Bot) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices\mmsass (Backdoor.Bot) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Windows Network Firewall (Backdoor.Bot) -> Quarantined and deleted successfully.

Elément(s) de données du Registre infecté(s):
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Security Packages (Trojan.Vundo.H) -> Data: c:\windows\system32\wvuohhga -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs (Trojan.Vundo.H) -> Data: c:\windows\system32\daluwimo.dll -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Notification Packages (Trojan.Vundo.H) -> Data: c:\windows\system32\daluwimo.dll -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs (Trojan.Vundo.H) -> Data: system32\daluwimo.dll -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Authentication Packages (Trojan.Vundo) -> Data: c:\windows\system32\wvuohhga -> Delete on reboot.

Dossier(s) infecté(s):
C:\Program Files\SpamBlockerUtility (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Program Files\SpamBlockerUtility\bin (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Program Files\SpamBlockerUtility\bin\4.8.4.0 (Adware.Hotbar) -> Quarantined and deleted successfully.

Fichier(s) infecté(s):
C:\WINDOWS\system32\geBQHaaW.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\wvUOhhGA.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\AGhhOUvw.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\AGhhOUvw.ini2 (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\mwsbbk.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\jaduguyu.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\uyugudaj.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\mabemime.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\emimebam.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\System32\nidozopi.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ipozodin.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\silohuru.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\nozahiti.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\daluwimo.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\taarjxvw.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\cbXnKbcD.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\cbXOIYRl.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\cbXPjIyX.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\cbXrPGvV.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\cenxla.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\duwibudo.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\efcYSiGV.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\efcYSmMG.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\fccdedEW.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\geBqOfdD.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\geBqQgde.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\geBstrpO.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\geBtSKAr.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\gimujuri.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\khfCtsTJ.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\khfFYsRk.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\khfGaaYR.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\iifdEtTl.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\iiffGyyw.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\iifFXOIy.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\mlJBQKAs.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\mlJCVmlk.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\mlJCVNec.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\mlJYonLC.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\mlJYpNee.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\rqRLCtss.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\pmnMfdee.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\qoMcdBqQ.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\qoMGArOF.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\qoMgeEtR.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\qoMgggDt.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\tuvtQKEU.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\tuvWPgFw.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\tuvwwxVn.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\helpersvscs.exe (Trojan.SpamBot) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\hgGXNGAR.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ljJBsqND.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ljJcBUmJ.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ljJyVOhE.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ljxfhrsi.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\urqPhfGX.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ssqQiFvS.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ssqQjijJ.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ssqqPIyX.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ssqRIAPH.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ssqRLEWo.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\jkgysz.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\jkkICrQh.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\jkkKbATM.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\jkkLDTlj.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\jkkLExWM.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\wvUlkLbB.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\wvUlmnlk.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\wvUolLcB.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\wvUoMgde.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\awtrQHwX.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\awtrstSI.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\awtsRlki.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\awttqpPH.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\awturppq.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\byXQifeB.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\xxyvsPhF.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\xxyvvVnN.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\xxywULcA.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\xxyyyATJ.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\yayaBQJA.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\yaywTJba.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ddcAssqp.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ddcBSKEV.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ddccabBq.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\vouclrwt.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\vtUkhhGA.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\vtUlIyYr.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\vtUlKATn.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\vtUlLCsr.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\vtUmMcAS.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\vtUNGXpO.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\nnnKCTlK.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\nnnkKaAR.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\nnnmjiih.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\nnnmlJaY.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\nnnnnNHb.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas\Local Settings\Temp\IXP001.TMP\burimi.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas\Local Settings\Temporary Internet Files\Content.IE5\1FZPVXBG\wax[2].jpg (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas\Local Settings\Temporary Internet Files\Content.IE5\GL2NWX2J\apstpldr.dll[1].htm (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas\Local Settings\Temporary Internet Files\Content.IE5\GL2NWX2J\index[1] (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas\Local Settings\Temporary Internet Files\Content.IE5\GL2NWX2J\iri[2].jpg (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas\Local Settings\Temporary Internet Files\Content.IE5\N2N5X9JV\wny[1].jpg (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas\Local Settings\Temporary Internet Files\Content.IE5\N2N5X9JV\bluz[1].jpg (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas\Local Settings\Temporary Internet Files\Content.IE5\N2N5X9JV\socks[1].exe (Trojan.Proxy) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas\Local Settings\Temporary Internet Files\Content.IE5\N2N5X9JV\CA7EM9VB (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas\Local Settings\Temporary Internet Files\Content.IE5\N2N5X9JV\upd105320[1] (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas\Local Settings\Temporary Internet Files\Content.IE5\Q8Y571O4\style[1] (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas\Local Settings\Temporary Internet Files\Content.IE5\Q8Y571O4\wax[1].jpg (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\mcrh.tmp (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\Downloaded Program Files\SpamBlockerUtility.inf (Adware.Hotbar) -> Quarantined and deleted successfully.
PrécédentLyonnais92
déc. 08
Lyonnais92
déc. 08
Suivant
REPONSES
Pepito
déc. 08
Lyonnais92
déc. 08
Pepito
déc. 08
Lyonnais92
déc. 08
Pepito
déc. 08
Lyonnais92
déc. 08
Pepito
déc. 08
Lyonnais92
déc. 08
Pepito
déc. 08
Lyonnais92
déc. 08
Version Web
Mentions légales (c)2009
Réalisé par RedShift
no save