Probleme vundo et spyware

lenykrav Messages postés 13 Statut Membre -  
Destrio5 Messages postés 99820 Date d'inscription   Statut Modérateur Dernière intervention   -
Bonjour,
salut j ne comprend plus rien je suis infcté par des virus harwaes et spywares. j'ai telechargé avast qui m'a fait le menage mais je garde encore TR/vundo.gen alors d frum en forum j'ai pu tester plusieur chose qui ne marche pas. j'ai telechargé vundofix rien a faire il est encore la, le programme ne le detecte meme pas. ensuite j'ai telechargé hijhackthis et fais tout cequ'il y as sur les forum mais il est encore la. je ne sait plus quoi faire. e bien que j'ai un antivirs les spyware persiste. aidez moi s'il vous plait. je suis sur vista
Configuration: Windows Vista
Internet Explorer 7.0

27 réponses

  • 1
  • 2
  1. Destrio5 Messages postés 99820 Date d'inscription   Statut Modérateur Dernière intervention   10 324
     
    Salut,

    ---> Désactive l'UAC le temps de la désinfection :
    https://www.zebulon.fr/astuces/pratique/220-desactiver-l-uac-dans-vista.html

    ---> Télécharge ComboFix.exe de sUBs sur ton Bureau :
    http://download.bleepingcomputer.com/sUBs/ComboFix.exe

    /!\ Déconnecte-toi du net et ferme toutes les applications, antivirus et antispyware y compris /!\

    ---> Double-clique sur Combofix.exe
    Un "pop-up" va apparaître qui dit que "ComboFix est utilisé à vos risques et avec aucune garantie...".
    Accepte en cliquant sur "Oui"

    ---> Mets-le en langue française F
    Tape sur la touche 1 (Yes) pour démarrer le scan.

    /!\ Ne touche à rien tant que le scan n'est pas terminé. /!\

    En fin de scan, il est possible que ComboFix ait besoin de redémarrer le PC pour finaliser la désinfection, laisse-le faire.

    Une fois le scan achevé, un rapport va s'afficher : Poste son contenu

    /!\ Réactive la protection en temps réel de ton antivirus et de ton antispyware avant de te reconnecter à Internet. /!\

    Note : Le rapport se trouve également là : C:\ComboFix.txt
    0
  2. raphy00 Messages postés 1112 Statut Membre 9
     
    Salut,

    Je parie que tu as tout fait sauf MBAM :

    Telecharges malwares bytes anti malwares :

    Malwarebytes Anti-Malware: http://www.malwarebytes.org/mbam/program/mbam-setup.exe

    Tutoriel Malwarebytes Anti-Malware: https://forum.pcastuces.com/malwarebytes_antimalwares___tutoriel-f31s3.htm

    Verifie la mise a jour.

    Si des elements on ete trouvés > click sur supprimer la selection.

    si il t´es demandé de redemarrer > click sur "yes".

    Fais un scan complet et postes le rapport.

    0
  3. sKe69 Messages postés 21955 Statut Contributeur sécurité 463
     
    Salut,

    1- protocole à suivre pour Windows Vista :

    *Désactiver le contrôle des comptes utilisateurs ou UAC (le réactiver seulement à la fin de la désinfection) :

    Aller dans "démarrer" puis "panneau de configuration" :
    --->Sur la droite de la fenêtre , cliques sur " affichage classique "
    --->Double-Cliquer sur l'icône "Comptes d'utilisateurs"
    --->Cliquer ensuite sur "Activer ou désactiver le contrôle ..." .
    --->Décocher la case "utlisiser le contrôle ..." et cliquer sur OK .
    Puis redémarrer le PC quand il le vous saura demandé ...

    Tuto : https://forum.malekal.com/viewtopic.php?f=59&t=6517

    * Important :
    Pour installer ou pour lancer les outils, que tu utiliseras au court de la désinfection, fait toujours ainsi :
    cliques DROIT ( sur le setup d'installe ou l'outil )-> choisis " Exécuter entant qu'administrateur " .
    Fais ce-ci systématiquement ! ...

    2- postes moi le rapport hijackthis que tu as pour analyse stp ...
    0
  4. sKe69 Messages postés 21955 Statut Contributeur sécurité 463
     
    Re,

    et bien .... il y a du monde sur les starting-block au jourd'hui .... =)

    Je vous laisse ...

    A+
    0
  5. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  6. lenykrav Messages postés 13 Statut Membre
     
    j'ai pas eu de rapport mon ordi a planté et il a redemarré aprsla retauration system
    0
  7. Destrio5 Messages postés 99820 Date d'inscription   Statut Modérateur Dernière intervention   10 324
     
    ?

    Sois plus précis.
    0
  8. lenykrav Messages postés 13 Statut Membre
     
    voici le raport hijackthis

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 09:49:12, on 29/08/2008
    Platform: Windows Vista SP1 (WinNT 6.00.1905)
    MSIE: Internet Explorer v7.00 (7.00.6001.18000)
    Boot mode: Normal

    Running processes:
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Windows\system32\taskeng.exe
    C:\Windows\RtHDVCpl.exe
    C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
    C:\Program Files\Alwil Software\Avast4\ashDisp.exe
    C:\Windows\ehome\ehtray.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files\DAEMON Tools Lite\daemon.exe
    C:\Windows\System32\rundll32.exe
    C:\Windows\ehome\ehmsas.exe
    C:\Windows\System32\rundll32.exe
    C:\Program Files\Internet Explorer\ieuser.exe
    C:\Windows\system32\conime.exe
    C:\Program Files\Spyware Doctor\pctsTray.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZP6HBLG4\HiJackThis[1].exe
    C:\Windows\system32\rundll32.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://format.packardbell.com/cgi-bin/redirect/?country=FR&range=AD&phase=8&key=IESTART
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O1 - Hosts: ::1 localhost
    O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
    O2 - BHO: (no name) - {27E1F636-2037-4878-8A0F-8B42B8E52C28} - C:\Users\admin\AppData\Local\Temp\awtqnkhe.dll (file missing)
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O2 - BHO: D - {CBA10D10-741A-33E9-B1A9-F49FB0409DEE} - C:\Windows\kx93624.dll (file missing)
    O2 - BHO: QXK Olive - {E350B1C6-A8DC-4EEF-90DB-61DCAE9D1B67} - C:\Windows\rodqgpvlkoa.dll (file missing)
    O3 - Toolbar: (no name) - {18C388BB-5014-4906-AE38-E62BA5AA7387} - (no file)
    O3 - Toolbar: (no name) - {FA9CBCB5-3330-4AF1-A2A3-30FE4C366215} - (no file)
    O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
    O4 - HKLM\..\Run: [Skytel] Skytel.exe
    O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
    O4 - HKLM\..\Run: [MSServer] rundll32.exe C:\Windows\system32\nnnnOeBT.dll,#1
    O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\Ad-Watch.exe
    O4 - HKLM\..\Run: [lphc7njj0ej6c] C:\Windows\system32\lphc7njj0ej6c.exe
    O4 - HKLM\..\Run: [SMrhc3njj0ej6c] C:\Program Files\rhc3njj0ej6c\rhc3njj0ej6c.exe
    O4 - HKLM\..\Run: [\VIEAE48.exe] C:\Windows\System32\VIEAE48.exe
    O4 - HKLM\..\Run: [\VIEB460.exe] C:\Windows\System32\VIEB460.exe
    O4 - HKLM\..\Run: [\VIEB9FB.exe] C:\Windows\System32\VIEB9FB.exe
    O4 - HKLM\..\Run: [Antivirus] C:\Program Files\MSA\MSA.exe
    O4 - HKLM\..\Run: [\VIE39B5.exe] C:\Windows\System32\VIE39B5.exe
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"
    O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
    O4 - HKCU\..\Run: [cmds] rundll32.exe C:\Users\admin\AppData\Local\Temp\urqNFvvV.dll,c
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~1.0_0\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~1.0_0\bin\ssv.dll
    O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
    O13 - Gopher Prefix:
    O16 - DPF: {01FEFFF9-5B35-F3E0-091B-FF808CF511AE} - http://download.pcprivacycleaner.com/PCPC_Setup_Free_fr.exe
    O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://download.divx.com/player/DivXBrowserPlugin.cab
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://dl8-cdn-01.sun.com/s/ESD44/JSCDL/jdk/6u7/jinstall-6u7-windows-i586-jc.cab?e=1219059033940&h=0f6033b74a95b94507c431c1a1f31603/&filename=jinstall-6u7-windows-i586-jc.cab
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
    O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
    O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
    O23 - Service: stllssvr - Unknown owner - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe (file missing)
    0
  9. Destrio5 Messages postés 99820 Date d'inscription   Statut Modérateur Dernière intervention   10 324
     
    Tu as fait quoi pour l'instant ?
    0
  10. lenykrav Messages postés 13 Statut Membre
     
    combofix a ouvert le panneau de commande a fait le netoyage e a redemmaré l'ordi. mais aumoment du demarrage windows m'a demandé comment je voulai redemarrer( j'ai choisi nrmalement) et quelque seconde apres le programme de restauration c'est ouvert et a trvaillé. et pas de nouvelle de combofix.
    0
  11. Destrio5 Messages postés 99820 Date d'inscription   Statut Modérateur Dernière intervention   10 324
     
    ---> Fais un scan rapide avec MBAM, supprime tout ce qu'il trouve et poste le rapport :
    http://www.download.com/Malwarebytes-Anti-Malware/3000-8022_4-10804572.htm
    0
    1. lenykrav Messages postés 13 Statut Membre
       
      Malwarebytes' Anti-Malware 1.25
      Version de la base de données: 1094
      Windows 6.0.6001 Service Pack 1

      12:33:32 2008-08-29
      mbam-log-08-29-2008 (12-33-32).txt

      Type de recherche: Examen rapide
      Eléments examinés: 41749
      Temps écoulé: 2 minute(s), 39 second(s)

      Processus mémoire infecté(s): 0
      Module(s) mémoire infecté(s): 1
      Clé(s) du Registre infectée(s): 19
      Valeur(s) du Registre infectée(s): 12
      Elément(s) de données du Registre infecté(s): 4
      Dossier(s) infecté(s): 1
      Fichier(s) infecté(s): 28

      Processus mémoire infecté(s):
      (Aucun élément nuisible détecté)

      Module(s) mémoire infecté(s):
      C:\Users\admin\AppData\Local\Temp\urqNFvvV.dll (Trojan.Vundo.H) -> Delete on reboot.

      Clé(s) du Registre infectée(s):
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d1bcf236-5f7a-4cda-afbf-efd707442580} (Trojan.Vundo.H) -> Delete on reboot.
      HKEY_CLASSES_ROOT\CLSID\{d1bcf236-5f7a-4cda-afbf-efd707442580} (Trojan.Vundo.H) -> Delete on reboot.
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{27e1f636-2037-4878-8a0f-8b42b8e52c28} (Trojan.BHO.H) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\CLSID\{27e1f636-2037-4878-8a0f-8b42b8e52c28} (Trojan.BHO.H) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\Typelib\{6d0111e3-3060-4d23-b2bc-42ed86cbe9a3} (Trojan.BHO) -> Quarantined and deleted successfully.
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\rhc3njj0ej6c (Rogue.Multiple) -> Quarantined and deleted successfully.
      HKEY_LOCAL_MACHINE\SOFTWARE\rhc3njj0ej6c (Rogue.Multiple) -> Quarantined and deleted successfully.
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Spyware-Secure (Rogue.Spyware-Secure) -> Quarantined and deleted successfully.
      HKEY_CURRENT_USER\SOFTWARE\Casino Tropez (Adware.Casino) -> Quarantined and deleted successfully.
      HKEY_LOCAL_MACHINE\SOFTWARE\Casino Tropez (Adware.Casino) -> Quarantined and deleted successfully.
      HKEY_CURRENT_USER\SOFTWARE\Microsoft\rdfa (Trojan.Vundo) -> Quarantined and deleted successfully.
      HKEY_CURRENT_USER\SOFTWARE\Microsoft\MS Juan (Trojan.Vundo) -> Quarantined and deleted successfully.
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Software Notifier (Rogue.Multiple) -> Quarantined and deleted successfully.
      HKEY_CURRENT_USER\SOFTWARE\Microsoft\contim (Trojan.Vundo) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\qalkfxor.bgrm (Trojan.FakeAlert) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\qalkfxor.bpqk (Trojan.FakeAlert) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\qalkfxor.toolbar.1 (Trojan.FakeAlert) -> Quarantined and deleted successfully.
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{cba10d10-741a-33e9-b1a9-f49fb0409dee} (Trojan.BHO) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\CLSID\{cba10d10-741a-33e9-b1a9-f49fb0409dee} (Trojan.BHO) -> Quarantined and deleted successfully.

      Valeur(s) du Registre infectée(s):
      HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\cmds (Trojan.Vundo.H) -> Quarantined and deleted successfully.
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\antivirus (Rogue.MSAntivirus) -> Quarantined and deleted successfully.
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\vieae48.exe (Trojan.Agent) -> Quarantined and deleted successfully.
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\vieb460.exe (Trojan.Agent) -> Quarantined and deleted successfully.
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\vieb9fb.exe (Trojan.Agent) -> Quarantined and deleted successfully.
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\vie39b5.exe (Trojan.Agent) -> Quarantined and deleted successfully.
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\MSServer (Malware.Trace) -> Quarantined and deleted successfully.
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\lphc7njj0ej6c (Trojan.FakeAlert) -> Quarantined and deleted successfully.
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\smrhc3njj0ej6c (Trojan.FakeAlert) -> Quarantined and deleted successfully.
      HKEY_CURRENT_USER\Control Panel\Desktop\wallpaper (Hijack.Wallpaper) -> Quarantined and deleted successfully.
      HKEY_CURRENT_USER\Control Panel\Desktop\originalwallpaper (Hijack.Wallpaper) -> Quarantined and deleted successfully.
      HKEY_CURRENT_USER\Control Panel\Desktop\convertedwallpaper (Hijack.Wallpaper) -> Quarantined and deleted successfully.

      Elément(s) de données du Registre infecté(s):
      HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Notification Packages (Trojan.Vundo.H) -> Data: c:\users\admin\appdata\local\temp\urqnfvvv -> Quarantined and deleted successfully.
      HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Authentication Packages (Trojan.Vundo) -> Data: c:\users\admin\appdata\local\temp\urqnfvvv -> Delete on reboot.
      HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\NoDispBackgroundPage (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
      HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\NoDispScrSavPage (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

      Dossier(s) infecté(s):
      C:\Program Files\PCHealthCenter (Trojan.Fakealert) -> Quarantined and deleted successfully.

      Fichier(s) infecté(s):
      C:\Users\admin\AppData\Local\Temp\urqNFvvV.dll (Trojan.Vundo.H) -> Delete on reboot.
      C:\Users\admin\AppData\Local\Temp\VvvFNqru.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
      C:\Users\admin\AppData\Local\Temp\VvvFNqru.ini2 (Trojan.Vundo.H) -> Quarantined and deleted successfully.
      C:\Users\admin\AppData\Local\Temp\awtqnkhe.dll (Trojan.BHO.H) -> Quarantined and deleted successfully.
      C:\Windows\eekv.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
      C:\Windows\etbr.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
      C:\Users\admin\AppData\Local\Temp\ltjkxdok.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
      C:\Users\admin\AppData\Local\Temp\acdnrxtg.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
      C:\Users\admin\AppData\Local\Temp\bqgqmaqv.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
      C:\Users\admin\AppData\Local\Temp\giwdyoqf.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
      C:\Users\admin\AppData\Local\Temp\oadtaqom.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
      C:\Users\admin\AppData\Local\Temp\pjmktwlt.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
      C:\Users\admin\AppData\Local\Temp\pmnoNFus.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
      C:\Users\admin\AppData\Local\Temp\qoMcbCSI.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
      C:\Users\admin\AppData\Local\Temp\qoMdBTmj.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
      C:\Users\admin\AppData\Local\Temp\sklbsfwl.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
      C:\Users\admin\AppData\Local\Temp\ssqoljJC.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
      C:\Users\admin\AppData\Local\Temp\vbhdttrd.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
      C:\Users\admin\AppData\Local\Temp\xxyawuSI.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
      C:\Users\admin\AppData\Local\Temp\yayyAtQG.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
      C:\Program Files\PCHealthCenter\1.exe (Trojan.Fakealert) -> Quarantined and deleted successfully.
      C:\Program Files\PCHealthCenter\7.exe (Trojan.Fakealert) -> Quarantined and deleted successfully.
      C:\Program Files\MSA\msa0.dat (Rogue.MSAntivirus) -> Quarantined and deleted successfully.
      C:\Program Files\MSA\msa1.dat (Rogue.MSAntivirus) -> Quarantined and deleted successfully.
      C:\Program Files\MSA\MSA.cpl (Rogue.MSAntivirus) -> Quarantined and deleted successfully.
      C:\Windows\System32\MSA.cpl (Rogue.MSAntivirus) -> Quarantined and deleted successfully.
      C:\Windows\System32\msxml71.dll (Trojan.FakeAlert) -> Quarantined and deleted successfully.
      C:\Users\admin\AppData\Local\Temp\sflpt.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
      0
  12. Destrio5 Messages postés 99820 Date d'inscription   Statut Modérateur Dernière intervention   10 324
     
    ---> Redémarre et refais ComboFix
    0
  13. lenykrav Messages postés 13 Statut Membre
     
    voici

    ComboFix 08-08-28.06 - admin 2008-08-29 12:42:03.1 - NTFSx86
    Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6001.1.1252.1.1036.18.1470 [GMT 2:00]
    Endroit: C:\Users\admin\Desktop\download\Programme\ComboFix.exe
    .

    (((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
    .

    C:\Windows\system32\wurhspoi.ini
    .
    ---- Previous Run -------
    .
    C:\Program Files\PCHealthCenter
    C:\Program Files\PCHealthCenter\1.exe
    C:\Program Files\PCHealthCenter\7.exe
    C:\Program Files\PCPrivacyCleaner
    C:\Users\admin\AppData\Roaming\rhc3njj0ej6c
    C:\Windows\eekv.exe
    C:\Windows\etbr.exe
    C:\Windows\system32\wurhspoi.ini

    .
    ((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-07-28 to 2008-08-29 ))))))))))))))))))))))))))))))))))))
    .

    2008-08-29 12:24 . 2008-08-29 12:24 <REP> d-------- C:\Users\All Users\Malwarebytes
    2008-08-29 12:24 . 2008-08-29 12:24 <REP> d-------- C:\Users\admin\AppData\Roaming\Malwarebytes
    2008-08-29 12:24 . 2008-08-29 12:24 <REP> d-------- C:\ProgramData\Malwarebytes
    2008-08-29 12:24 . 2008-08-29 12:24 <REP> d-------- C:\Program Files\Malwarebytes' Anti-Malware
    2008-08-29 12:24 . 2008-08-17 15:01 38,472 --a------ C:\Windows\System32\drivers\mbamswissarmy.sys
    2008-08-29 12:24 . 2008-08-17 15:01 17,144 --a------ C:\Windows\System32\drivers\mbam.sys
    2008-08-29 11:56 . 2008-08-29 12:45 175,052,389 --a------ C:\Windows\MEMORY.DMP
    2008-08-29 09:27 . 2008-08-29 09:51 <REP> d-a------ C:\Users\All Users\TEMP
    2008-08-29 09:27 . 2008-08-29 09:51 <REP> d-a------ C:\ProgramData\TEMP
    2008-08-27 21:50 . 2008-08-27 21:50 <REP> d-------- C:\VundoFix Backups
    2008-08-27 20:47 . 2008-08-27 20:47 <REP> d-------- C:\Program Files\Microsoft Silverlight
    2008-08-27 16:39 . 2008-08-27 16:39 <REP> d-------- C:\Program Files\Alwil Software
    2008-08-27 16:39 . 2008-07-19 16:36 51,280 --a------ C:\Windows\System32\drivers\aswMonFlt.sys
    2008-08-27 14:56 . 2008-08-27 14:56 <REP> d-------- C:\Program Files\Common Files\Adobe
    2008-08-27 14:35 . 2008-08-29 12:33 <REP> d-------- C:\Program Files\MSA
    2008-08-25 14:00 . 2008-08-25 14:00 0 --a------ C:\Windows\System32\C4B5.tmp
    2008-08-24 19:56 . 2008-08-24 19:59 <REP> d-------- C:\Users\All Users\Lavasoft
    2008-08-24 19:56 . 2008-08-24 19:59 <REP> d-------- C:\ProgramData\Lavasoft
    2008-08-24 19:56 . 2008-08-24 19:56 <REP> d-------- C:\Program Files\Lavasoft
    2008-08-24 14:32 . 2008-08-24 16:26 <REP> d-------- C:\Users\All Users\Spybot - Search & Destroy
    2008-08-24 14:32 . 2008-08-24 16:26 <REP> d-------- C:\ProgramData\Spybot - Search & Destroy
    2008-08-23 21:11 . 2008-08-23 21:11 <REP> d-------- C:\Users\All Users\eMule
    2008-08-23 21:11 . 2008-08-23 21:11 <REP> d-------- C:\ProgramData\eMule
    2008-08-22 10:26 . 2008-07-19 07:09 1,811,656 --a------ C:\Windows\System32\wuaueng.dll
    2008-08-22 10:26 . 2008-07-19 05:44 1,524,736 --a------ C:\Windows\System32\wucltux.dll
    2008-08-22 10:26 . 2008-07-19 07:09 563,912 --a------ C:\Windows\System32\wuapi.dll
    2008-08-22 10:26 . 2008-07-18 22:08 163,904 --a------ C:\Windows\System32\wuwebv.dll
    2008-08-22 10:26 . 2008-07-19 05:44 83,456 --a------ C:\Windows\System32\wudriver.dll
    2008-08-22 10:26 . 2008-07-19 07:10 53,448 --a------ C:\Windows\System32\wuauclt.exe
    2008-08-22 10:26 . 2008-07-19 07:10 45,768 --a------ C:\Windows\System32\wups2.dll
    2008-08-22 10:26 . 2008-07-19 07:10 36,552 --a------ C:\Windows\System32\wups.dll
    2008-08-22 10:26 . 2008-07-18 20:44 31,232 --a------ C:\Windows\System32\wuapp.exe
    2008-08-18 13:30 . 2008-08-18 13:31 <REP> d-------- C:\Program Files\Java
    2008-08-18 13:29 . 2008-08-18 13:29 <REP> d-------- C:\Program Files\Common Files\Java
    2008-08-14 13:58 . 2008-07-16 03:32 2,048 --a------ C:\Windows\System32\tzres.dll
    2008-08-14 11:55 . 2008-06-27 03:55 1,383,424 --a------ C:\Windows\System32\mshtml.tlb
    2008-08-14 11:55 . 2008-06-27 06:15 827,392 --a------ C:\Windows\System32\wininet.dll
    2008-08-14 11:55 . 2008-04-10 07:12 738,304 --a------ C:\Windows\System32\inetcomm.dll
    2008-08-14 11:55 . 2008-06-19 05:31 361,984 --a------ C:\Windows\System32\IPSECSVC.DLL
    2008-08-14 11:55 . 2008-04-18 07:48 269,312 --a------ C:\Windows\System32\es.dll
    2008-08-08 21:40 . 2008-08-08 21:40 <REP> dr------- C:\Windows\System32\config\systemprofile\Videos
    2008-08-08 21:40 . 2008-08-08 21:40 <REP> dr------- C:\Windows\System32\config\systemprofile\Searches
    2008-08-08 21:40 . 2008-08-08 21:40 <REP> dr------- C:\Windows\System32\config\systemprofile\Saved Games
    2008-08-08 21:40 . 2008-08-08 21:40 <REP> dr------- C:\Windows\System32\config\systemprofile\Pictures
    2008-08-08 21:40 . 2008-08-08 21:40 <REP> dr------- C:\Windows\System32\config\systemprofile\Links
    2008-08-08 21:40 . 2008-08-08 21:40 <REP> dr------- C:\Windows\System32\config\systemprofile\Downloads
    2008-08-08 21:40 . 2008-08-25 13:55 <REP> dr------- C:\Windows\System32\config\systemprofile\Documents
    2008-08-08 21:15 . 2008-08-08 21:15 <REP> d-------- C:\Program Files\Microsoft Visual Studio 8
    2008-08-08 21:12 . 2008-08-08 21:12 <REP> d-------- C:\Program Files\Microsoft.NET
    2008-08-08 21:08 . 2008-08-08 21:08 <REP> dr-h----- C:\MSOCache
    2008-08-04 02:14 . 2008-08-04 02:14 <REP> d-------- C:\Windows\Watson
    2008-08-03 23:17 . 2008-08-03 23:17 <REP> d-------- C:\Users\All Users\Ubisoft
    2008-08-03 23:17 . 2008-08-03 23:17 <REP> d-------- C:\ProgramData\Ubisoft
    2008-08-03 01:43 . 2007-11-08 11:04 11,967,524 --a------ C:\Windows\System32\korwbrkr.lex
    2008-08-02 23:40 . 2008-08-02 23:40 <REP> d-------- C:\Program Files\DAEMON Tools Lite
    2008-08-02 23:37 . 2008-08-17 19:05 <REP> d-------- C:\Users\admin\AppData\Roaming\DAEMON Tools
    2008-08-02 23:37 . 2008-08-02 23:37 717,296 --a------ C:\Windows\System32\drivers\sptd.sys
    2008-07-31 20:29 . 2008-07-31 20:29 <REP> d-------- C:\PerfLogs

    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2008-08-29 07:43 --------- d-----w C:\Users\admin\AppData\Roaming\DNA
    2008-08-27 19:48 --------- d-----w C:\ProgramData\NVIDIA
    2008-08-27 13:45 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard
    2008-08-25 12:53 --------- d-----w C:\Program Files\DivX
    2008-08-25 11:24 --------- d-----w C:\Program Files\BitLord
    2008-08-24 13:42 --------- d-----w C:\Program Files\Packard Bell
    2008-08-18 14:04 --------- d--h--w C:\Program Files\InstallShield Installation Information
    2008-08-14 11:59 --------- d-----w C:\ProgramData\Microsoft Help
    2008-08-14 11:56 --------- d-----w C:\Program Files\Windows Mail
    2008-08-08 19:43 --------- d-----w C:\ProgramData\Roxio
    2008-08-08 19:35 --------- d-----w C:\Program Files\Microsoft Works
    2008-08-08 19:30 2,756 ----a-w C:\Users\admin\AppData\Roaming\wklnhst.dat
    2008-08-08 19:15 --------- d-----w C:\Program Files\MSBuild
    2008-08-04 00:14 --------- d-----w C:\Program Files\Microsoft Games
    2008-07-31 18:36 174 --sha-w C:\Program Files\desktop.ini
    2008-07-31 18:30 --------- d-----w C:\Program Files\Windows Sidebar
    2008-07-31 18:30 --------- d-----w C:\Program Files\Windows Photo Gallery
    2008-07-31 18:30 --------- d-----w C:\Program Files\Windows Journal
    2008-07-31 18:30 --------- d-----w C:\Program Files\Windows Defender
    2008-07-31 18:30 --------- d-----w C:\Program Files\Windows Collaboration
    2008-07-31 18:30 --------- d-----w C:\Program Files\Windows Calendar
    2008-07-27 23:42 --------- d-----w C:\Users\admin\AppData\Roaming\Yahoo!
    2008-07-18 18:39 587,264 ----a-w C:\Windows\WLXPGSS.SCR
    2008-07-03 11:30 --------- d-----w C:\Program Files\HDReg
    2008-07-03 01:14 --------- d-----w C:\Users\admin\AppData\Roaming\ItsLabel
    2008-07-03 01:12 2,560 ----a-w C:\Windows\_MSRSTRT.EXE
    2008-07-03 01:10 --------- d-----w C:\Users\admin\AppData\Roaming\EoRezo
    2008-06-28 01:02 --------- d-----w C:\Program Files\Windows Live
    2008-06-27 01:08 458,752 ----a-w C:\Windows\AppPatch\AcSpecfc.dll
    2008-06-27 01:08 2,560 ----a-w C:\Windows\AppPatch\AcRes.dll
    2008-06-27 01:08 2,153,984 ----a-w C:\Windows\AppPatch\AcGenral.dll
    2008-06-27 01:08 173,056 ----a-w C:\Windows\AppPatch\AcXtrnal.dll
    2008-06-12 05:28 541,696 ----a-w C:\Windows\AppPatch\AcLayers.dll
    .

    ((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s
    REGEDIT4

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "ehTray.exe"="C:\Windows\ehome\ehTray.exe" [2008-01-19 09:33 125952]
    "MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" [2007-10-18 11:34 5724184]
    "DAEMON Tools Lite"="C:\Program Files\DAEMON Tools Lite\daemon.exe" [2008-07-24 17:02 490952]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "GrooveMonitor"="C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" [2007-08-24 07:00 33648]
    "NvSvc"="C:\Windows\system32\nvsvc.dll" [2007-09-12 05:28 86016]
    "NvCplDaemon"="C:\Windows\system32\NvCpl.dll" [2007-09-12 05:28 8497696]
    "NvMediaCenter"="C:\Windows\system32\NvMcTray.dll" [2007-09-12 05:28 81920]
    "RtHDVCpl"="RtHDVCpl.exe" [2007-05-10 17:10 4468736 C:\Windows\RtHDVCpl.exe]
    "Skytel"="Skytel.exe" [2007-05-07 18:51 1826816 C:\Windows\SkyTel.exe]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "EnableUIADesktopToggle"= 0 (0x0)

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
    "DisableMonitoring"=dword:00000001

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
    "DisableMonitoring"=dword:00000001

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
    "{A0EA457A-C9EF-45C1-B776-8C688A1AE10B}"= UDP:C:\Program Files\Skype\Phone\Skype.exe:Skype
    "{90DC3733-8D8F-427F-AC18-AD54A07FA845}"= TCP:C:\Program Files\Skype\Phone\Skype.exe:Skype
    "{A095BF4C-2E74-461E-8B9D-B451778DFEC0}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
    "{0D60B5F1-1981-4411-AD37-9EA96A6E23C5}"= UDP:C:\Program Files\BitTorrent\bittorrent.exe:BitTorrent
    "{FF6AE0D4-CF04-49F9-A7EB-85D7A8A0A511}"= TCP:C:\Program Files\BitTorrent\bittorrent.exe:BitTorrent
    "TCP Query User{DB599D5E-0F13-4B4F-A439-392313A8B2E4}C:\\program files\\bitlord\\bitlord.exe"= UDP:C:\program files\bitlord\bitlord.exe:BitLord
    "UDP Query User{2002D52D-2866-46C3-A554-820357EF3497}C:\\program files\\bitlord\\bitlord.exe"= TCP:C:\program files\bitlord\bitlord.exe:BitLord
    "TCP Query User{2FE21B75-FB29-4317-926A-6A912BECFD8E}C:\\program files\\emule\\emule.exe"= UDP:C:\program files\emule\emule.exe:eMule
    "UDP Query User{9CFD23A6-EC51-4C16-9AF4-B4F90EFE5AF0}C:\\program files\\emule\\emule.exe"= TCP:C:\program files\emule\emule.exe:eMule
    "{8BBF2B42-952E-4112-B006-D23DF88C4667}"= TCP:6004|C:\Program Files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook
    "{35E6548E-9A9E-4F95-AAEC-DC0DFD55C2B9}"= UDP:C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove
    "{5DCE8119-8185-4075-A85B-583D317E07F8}"= TCP:C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove
    "{E53938A8-F77E-4647-A303-9E6440B40D17}"= UDP:C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
    "{C4F9813A-4826-465E-938D-2741ABD535EC}"= TCP:C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
    "TCP Query User{7D373036-AD87-4F1A-9483-1A8A938F591D}C:\\users\\admin\\program files\\dna\\btdna.exe"= Disabled:UDP:C:\users\admin\program files\dna\btdna.exe:btdna.exe
    "UDP Query User{47C6FE6B-D6BA-45C8-8555-9D0C38394F71}C:\\users\\admin\\program files\\dna\\btdna.exe"= Disabled:TCP:C:\users\admin\program files\dna\btdna.exe:btdna.exe
    "{FE42DE9C-F433-482C-B2A7-19FF48A423D4}"= UDP:C:\Program Files\DNA\btdna.exe:DNA
    "{142F32E1-B2C9-4D40-A5FF-012368E8775D}"= TCP:C:\Program Files\DNA\btdna.exe:DNA

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile]
    "mW[íµˆÖ¾`=µú¾˜v%S8’ÿÙêé>grl>­Ý\†Ð=ŸàÛ±Þ"=

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile\AuthorizedApplications\List]
    "C:\\Program Files\\BitTorrent\\bittorrent.exe"= C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent
    "c:\\program files\\bcd_installed.exe"= c:\program files\bcd_installed.exe:*:Enabled:Windows Application Service

    R1 aswSP;avast! Self Protection;C:\Windows\system32\drivers\aswSP.sys [2008-07-19 16:35]
    R2 aswFsBlk;aswFsBlk;C:\Windows\system32\DRIVERS\aswFsBlk.sys [2008-07-19 16:37]
    R2 aswMonFlt;aswMonFlt;C:\Windows\system32\DRIVERS\aswMonFlt.sys [2008-07-19 16:36]

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{10266b24-f7e0-11dc-856e-001d7d23adce}]
    \shell\AutoRun\command - J:\LaunchU3.exe -a

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{604bef8d-60db-11dd-a29c-001d7d23adce}]
    \shell\AutoRun\command - I:\Autorun.exe

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ad1aaa57-f97a-11dc-a240-001d7d23adce}]
    \shell\AutoRun\command - J:\LaunchU3.exe -a
    .
    - - - - ORPHANS REMOVED - - - -

    Toolbar-{18C388BB-5014-4906-AE38-E62BA5AA7387} - (no file)
    Toolbar-{FA9CBCB5-3330-4AF1-A2A3-30FE4C366215} - (no file)
    WebBrowser-{32099AAC-C132-4136-9E9A-4E364A424E17} - (no file)
    HKLM-Run-Ad-Watch - C:\Program Files\Lavasoft\Ad-Aware\Ad-Watch.exe
    ShellExecuteHooks-{74CE56FF-3469-47C0-93E1-D0CB8B203EA9} - (no file)
    ShellExecuteHooks-{FEEAD861-8455-42F3-8A7E-B7756084BB36} - C:\Windows\system32\nnnnOeBT.dll

    .
    ------- Supplementary Scan -------
    .
    R0 -: HKCU-Main,Start Page = hxxp://www.google.fr/
    R0 -: HKLM-Main,Start Page = hxxp://fr.yahoo.com
    O8 -: E&xport to Microsoft Excel - C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000

    O16 -: {01FEFFF9-5B35-F3E0-091B-FF808CF511AE} - hxxp://download.pcprivacycleaner.com/PCPC_Setup_Free_fr.exe
    .
    .
    ------- File Associations (Beta) -------
    .
    regfile=regedit.exe "%1" %*
    scrfile="%1" %*
    .

    **************************************************************************

    catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-08-29 12:46:16
    Windows 6.0.6001 Service Pack 1 NTFS

    Balayage processus cach‚s ...

    Balayage cach‚ autostart entries ...

    Balayage des fichiers cach‚s ...

    Scan termin‚ avec succŠs
    Les fichiers cach‚s: 0

    **************************************************************************
    .
    ------------------------ Other Running Processes ------------------------
    .
    C:\Windows\System32\audiodg.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\Windows\System32\WUDFHost.exe
    C:\Windows\System32\conime.exe
    C:\Windows\System32\rundll32.exe
    C:\Windows\System32\rundll32.exe
    C:\Windows\ehome\ehmsas.exe
    C:\Windows\servicing\TrustedInstaller.exe
    .
    **************************************************************************
    .
    Temps d'accomplissement: 2008-08-29 12:49:44 - machine was rebooted [admin]
    ComboFix-quarantined-files.txt 2008-08-29 10:49:32

    Pre-Run: 338,091,085,824 octets libres
    Post-Run: 338,027,012,096 octets libres

    224 --- E O F --- 2008-08-27 18:51:27
    0
  14. Destrio5 Messages postés 99820 Date d'inscription   Statut Modérateur Dernière intervention   10 324
     
    Je me renseigne par rapport à un logiciel.
    0
  15. Destrio5 Messages postés 99820 Date d'inscription   Statut Modérateur Dernière intervention   10 324
     
    BitLord, ça te dit quelque chose ?
    0
  16. lenykrav Messages postés 13 Statut Membre
     
    oui c'est mon emulateur
    0
  17. Destrio5 Messages postés 99820 Date d'inscription   Statut Modérateur Dernière intervention   10 324
     
    Emulateur de quoi ?
    0
  18. lenykrav Messages postés 13 Statut Membre
     
    tout va bien plus de souci merci beaucoup pour ton aide.
    0
  19. lenykrav Messages postés 13 Statut Membre
     
    je m'en sert pour remplacer emul. ca va 10 fois plus vite. bitlord, bitcomet. en tout cas moi je prefere
    0
  20. Destrio5 Messages postés 99820 Date d'inscription   Statut Modérateur Dernière intervention   10 324
     
    ---> Relance MBAM, va dans Quarantaine et supprime tout

    ---> Poste un nouveau rapport HijackThis
    0
  21. lenykrav Messages postés 13 Statut Membre
     
    toi tu doit avoir emul je suppose
    0
  • 1
  • 2