PS02

@ +

Ok super, effectivement ça a supprimé pas mal de trucs (excusez mon manque de voc spécial ). Pour Sophos je demanderai à la fac alors car il faut un mot de passe. Merci pour tout, c'est super ce que vous faites!

Je vous embête encore un petit peu :$ Je supprime les rapports et les mises en quarantaine de RogueK ? Je garde tous les logiciels? Et mon antivirus actuel est Sophos (obtenu gratuitement par l'université), mais je n'arrive pas à faire les mises à jours, alors je le garde ou je prends un autre antivirus que vous me conseillerez?

# DelFix v10.2 - Rapport créé le 09/05/2013 à 20:52:25 # Mis à jour le 02/04/2013 par Xplode # Nom d'utilisateur : Pauline-Sophie - HP ~ Suppression des outils de désinfection ... Supprimé : C:\Qoobox Supprimé : C:\JRT Supprimé : C:\ZHP Supprimé : C:\Users\Pauline-Sophie\Desktop\RK_Quarantine Supprimé : C:\Program Files (x86)\ZHPDiag Supprimé : C:\AdwCleaner[s1].txt Supprimé : C:\ComboFix.txt Supprimé : C:\Users\Pauline-Sophie\Desktop\AdwCleaner.exe Supprimé : C:\Users\Pauline-Sophie\Desktop\ComboFix.exe Supprimé : C:\Users\Pauline-Sophie\Desktop\esetsmartinstaller_enu.exe Supprimé : C:\Users\Pauline-Sophie\Desktop\JRT.exe Supprimé : C:\Users\Pauline-Sophie\Desktop\JRT.txt Supprimé : C:\Users\Pauline-Sophie\Desktop\RKreport[1]_S_09052013_132509.txt Supprimé : C:\Users\Pauline-Sophie\Desktop\RKreport[2]_D_09052013_133014.txt Supprimé : C:\Users\Pauline-Sophie\Desktop\RogueKillerX64.exe Supprimé : C:\Users\Public\Desktop\MBRCheck.lnk Supprimé : C:\Users\Public\Desktop\ZHPDiag.lnk Supprimé : C:\Users\Public\Desktop\ZHPFix.lnk Supprimé : C:\Windows\grep.exe Supprimé : C:\Windows\PEV.exe Supprimé : C:\Windows\NIRCMD.exe Supprimé : C:\Windows\MBR.exe Supprimé : C:\Windows\SED.exe Supprimé : C:\Windows\SWREG.exe Supprimé : C:\Windows\SWSC.exe Supprimé : C:\Windows\SWXCACLS.exe Supprimé : C:\Windows\Zip.exe Supprimée : HKLM\SOFTWARE\AdwCleaner Supprimée : HKLM\SOFTWARE\Swearware Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ZHPDiag_is1 Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\combofix.exe ~ Purge de la restauration système ... Supprimé : RP #421 [Removed Java 6 Update 39 | 04/15/2013 07:18:01] Supprimé : RP #422 [Windows Update | 04/16/2013 10:01:50] Supprimé : RP #423 [Windows Update | 04/23/2013 07:47:14] Supprimé : RP #424 [Windows Update | 04/24/2013 21:39:11] Supprimé : RP #425 [Windows Update | 04/30/2013 07:47:06] Supprimé : RP #426 [Windows Update | 05/07/2013 15:48:55] Supprimé : RP #428 [Windows Defender Checkpoint | 05/08/2013 20:39:49] Nouveau point de restauration créé ! ########## - EOF - ##########

Ok merci beaucoup! Je fais ça de suite.

C:\Qoobox\Quarantine\C\ProgramData\22537C5BEA27E0C2000022535A0EE719\22537C5BEA27E0C2000022535A0EE719.exe.vir a variant of Win32/Injector.AGHO trojan cleaned by deleting - quarantined C:\Users\Pauline-Sophie\Desktop\ZHPDiag2.exe probably unknown NewHeur_PE virus cleaned by deleting - quarantined

Rien du tout... La fenêtre se ferme environ 5 secondes après avoir cliqué sur Ok.

Oui oui

Ok -> la fenêtre se ferme

Pas de tournevis à l'ouverture de ZHPDiag mais une fenêtre avec "copyright Nicolas Coolman" :/

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Thisisu Version: 4.9.4 (05.06.2013:1) OS: Windows 7 Home Premium x64 Ran by Pauline-Sophie on 09/05/2013 at 14:33:10,26 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services ~~~ Registry Values ~~~ Registry Keys Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\yt.ytnavassistplugin Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\yt.ytnavassistplugin.1 ~~~ Files Successfully deleted: [File] C:\eula.1028.txt Successfully deleted: [File] C:\eula.1031.txt Successfully deleted: [File] C:\eula.1033.txt Successfully deleted: [File] C:\eula.1036.txt Successfully deleted: [File] C:\eula.1040.txt Successfully deleted: [File] C:\eula.1041.txt Successfully deleted: [File] C:\eula.1042.txt Successfully deleted: [File] C:\eula.2052.txt Successfully deleted: [File] C:\install.res.1028.dll Successfully deleted: [File] C:\install.res.1031.dll Successfully deleted: [File] C:\install.res.1033.dll Successfully deleted: [File] C:\install.res.1036.dll Successfully deleted: [File] C:\install.res.1040.dll Successfully deleted: [File] C:\install.res.1041.dll Successfully deleted: [File] C:\install.res.1042.dll Successfully deleted: [File] C:\install.res.2052.dll Successfully deleted: [File] C:\install.res.3082.dll ~~~ Folders Successfully deleted: [Empty Folder] C:\Users\Pauline-Sophie\appdata\local\{01DCEF2A-416C-43C7-91B3-8AB34546E777} Successfully deleted: [Empty Folder] C:\Users\Pauline-Sophie\appdata\local\{07F8A221-FAC5-4E24-BE5F-4B25F7D9D7D1} Successfully deleted: [Empty Folder] C:\Users\Pauline-Sophie\appdata\local\{0C62F79D-CDF6-4C1F-9403-4233F20B25AC} Successfully deleted: [Empty Folder] C:\Users\Pauline-Sophie\appdata\local\{0CCE0726-9516-4C51-B927-849C84115276} Successfully deleted: [Empty Folder] C:\Users\Pauline-Sophie\appdata\local\{0E527802-431B-4E10-A58F-324F9C7320AA} Successfully deleted: [Empty Folder] C:\Users\Pauline-Sophie\appdata\local\{1449E219-C21E-4892-8676-E2E47264FBAE} Successfully deleted: [Empty Folder] C:\Users\Pauline-Sophie\appdata\local\{160BA3CB-98F5-4DE9-8C42-448584FABC91} Successfully deleted: [Empty Folder] C:\Users\Pauline-Sophie\appdata\local\{19C49EC3-60D1-45A9-83BA-7BDA1E817660} Successfully deleted: [Empty Folder] C:\Users\Pauline-Sophie\appdata\local\{2D5586CA-F429-4F4D-AF64-38A028F3D0AC} Successfully deleted: [Empty Folder] C:\Users\Pauline-Sophie\appdata\local\{3437AFD0-BC1D-4838-B1D3-0681CE32B807} Successfully deleted: [Empty Folder] C:\Users\Pauline-Sophie\appdata\local\{3513D3F3-C4F9-43DF-A903-F88E98017AFD} Successfully deleted: [Empty Folder] C:\Users\Pauline-Sophie\appdata\local\{39E9CABA-120B-4E6E-8F8C-75DF0FE8C212} Successfully deleted: [Empty Folder] C:\Users\Pauline-Sophie\appdata\local\{452C25CF-B295-4D1D-AE72-A6962C37CED9} Successfully deleted: [Empty Folder] C:\Users\Pauline-Sophie\appdata\local\{48F1CEB1-CA50-41CD-A263-A104536FB631} Successfully deleted: [Empty Folder] C:\Users\Pauline-Sophie\appdata\local\{5033849B-6CCF-4539-BEF6-1C73EDA06C07} Successfully deleted: [Empty Folder] C:\Users\Pauline-Sophie\appdata\local\{51D73E6E-5423-4A96-A513-588E0C63787B} Successfully deleted: [Empty Folder] C:\Users\Pauline-Sophie\appdata\local\{5A4EDFE3-67DC-4F6A-8AE6-DACFA13374F4} Successfully deleted: [Empty Folder] C:\Users\Pauline-Sophie\appdata\local\{5B62D5FE-8F7C-4E7F-9399-AFAB2EF59A4B} Successfully deleted: [Empty Folder] C:\Users\Pauline-Sophie\appdata\local\{61729E75-29BC-44C7-9358-3A8E4309752B} Successfully deleted: [Empty Folder] C:\Users\Pauline-Sophie\appdata\local\{66EBCD0A-0FCE-417C-8874-FA66DA45DF1E} Successfully deleted: [Empty Folder] C:\Users\Pauline-Sophie\appdata\local\{724D9F36-08A1-4352-B91A-D8026395692E} Successfully deleted: [Empty Folder] C:\Users\Pauline-Sophie\appdata\local\{75FB0F54-B49F-4C6D-AB4E-CEE8A505528A} Successfully deleted: [Empty Folder] C:\Users\Pauline-Sophie\appdata\local\{76AF21DC-704F-4D01-BCF6-78E0DCEDE025} Successfully deleted: [Empty Folder] C:\Users\Pauline-Sophie\appdata\local\{83864A90-F71E-4E3E-9FBA-BEE8B770EE3C} Successfully deleted: [Empty Folder] C:\Users\Pauline-Sophie\appdata\local\{83ABF4D8-BF73-4DF1-9506-444537564606} Successfully deleted: [Empty Folder] C:\Users\Pauline-Sophie\appdata\local\{899092AE-D9EC-4638-B3C0-83200E9E51D1} Successfully deleted: [Empty Folder] C:\Users\Pauline-Sophie\appdata\local\{8F0F8C2B-81D5-4EC6-822E-0B81770D8034} Successfully deleted: [Empty Folder] C:\Users\Pauline-Sophie\appdata\local\{94842AA4-D1FA-4ED3-B9E9-5DE878744E27} Successfully deleted: [Empty Folder] C:\Users\Pauline-Sophie\appdata\local\{99D6C02B-5CF0-482D-B147-80A58C7A6AE0} Successfully deleted: [Empty Folder] C:\Users\Pauline-Sophie\appdata\local\{9AF8171E-0140-4444-B552-96CF1B312CA9} Successfully deleted: [Empty Folder] C:\Users\Pauline-Sophie\appdata\local\{9B1B2036-ADD2-4C10-89AC-8C6886B083FF} Successfully deleted: [Empty Folder] C:\Users\Pauline-Sophie\appdata\local\{9C36B7F1-3011-4CFF-A3C0-A0A99BF5F543} Successfully deleted: [Empty Folder] C:\Users\Pauline-Sophie\appdata\local\{9DE6F8B3-2286-4E7F-9230-B7192DC94A7C} Successfully deleted: [Empty Folder] C:\Users\Pauline-Sophie\appdata\local\{9E58F955-75BC-4B9A-8270-17ECC4375F61} Successfully deleted: [Empty Folder] C:\Users\Pauline-Sophie\appdata\local\{A64857D9-ABDF-4D17-9AC5-50F90979A7EB} Successfully deleted: [Empty Folder] C:\Users\Pauline-Sophie\appdata\local\{A75CB4D0-F13C-4BAB-98DA-41A3216331DD} Successfully deleted: [Empty Folder] C:\Users\Pauline-Sophie\appdata\local\{B07E3F50-29AD-4474-A127-BC1B12A039FF} Successfully deleted: [Empty Folder] C:\Users\Pauline-Sophie\appdata\local\{B33B5855-9853-428E-8D58-6FB50F6C2D3D} Successfully deleted: [Empty Folder] C:\Users\Pauline-Sophie\appdata\local\{B7000236-7ECC-43C2-86F5-2111D480B518} Successfully deleted: [Empty Folder] C:\Users\Pauline-Sophie\appdata\local\{C83604AD-FE4C-41D9-89ED-559D4360F152} Successfully deleted: [Empty Folder] C:\Users\Pauline-Sophie\appdata\local\{CA12E232-270B-4151-9550-F6C03F94499D} Successfully deleted: [Empty Folder] C:\Users\Pauline-Sophie\appdata\local\{D114DFC0-1578-4357-ABAF-2E30AFDB4840} Successfully deleted: [Empty Folder] C:\Users\Pauline-Sophie\appdata\local\{D42A7330-B006-4B5A-B1F9-C44EC14D6ED4} Successfully deleted: [Empty Folder] C:\Users\Pauline-Sophie\appdata\local\{D5809EB5-3677-422C-A389-961BCB440779} Successfully deleted: [Empty Folder] C:\Users\Pauline-Sophie\appdata\local\{D778713E-72C7-4BD7-9FB0-B352121941D1} Successfully deleted: [Empty Folder] C:\Users\Pauline-Sophie\appdata\local\{DB7D789F-AFE2-4BF9-B30F-F27A249619C0} Successfully deleted: [Empty Folder] C:\Users\Pauline-Sophie\appdata\local\{DFF045C2-836A-4B19-B15C-9069013EA351} Successfully deleted: [Empty Folder] C:\Users\Pauline-Sophie\appdata\local\{E18D598F-9E12-4714-A544-AF0A6D8BD033} Successfully deleted: [Empty Folder] C:\Users\Pauline-Sophie\appdata\local\{E8900E0B-E600-4388-9D10-1C7EDFF1A86B} Successfully deleted: [Empty Folder] C:\Users\Pauline-Sophie\appdata\local\{E89903AA-6EE0-440B-BAC0-D30D80CE9FD5} Successfully deleted: [Empty Folder] C:\Users\Pauline-Sophie\appdata\local\{E96F418D-CDD8-45C3-8AF8-079FEE1390F8} Successfully deleted: [Empty Folder] C:\Users\Pauline-Sophie\appdata\local\{EB4F59A5-5022-4601-B932-0E6B897F2BB0} Successfully deleted: [Empty Folder] C:\Users\Pauline-Sophie\appdata\local\{ED955E16-8A2C-4EF1-BC01-FB39FDAEAC75} Successfully deleted: [Empty Folder] C:\Users\Pauline-Sophie\appdata\local\{EE42972D-5320-47B9-BAC3-730B83FB4C1C} Successfully deleted: [Empty Folder] C:\Users\Pauline-Sophie\appdata\local\{F005D451-F42C-4ABA-AF05-23AD51BCB0E2} Successfully deleted: [Empty Folder] C:\Users\Pauline-Sophie\appdata\local\{F0BFC114-592D-4784-AA8B-3670C648F0E0} Successfully deleted: [Empty Folder] C:\Users\Pauline-Sophie\appdata\local\{F23B1676-4F29-40DC-B08A-F5CCC5024FA3} Successfully deleted: [Empty Folder] C:\Users\Pauline-Sophie\appdata\local\{F2986359-304F-42B7-ABCF-50809CCD6717} Successfully deleted: [Empty Folder] C:\Users\Pauline-Sophie\appdata\local\{FAB51E9C-2A07-4197-BE95-B2F9377CFE07} ~~~ FireFox Emptied folder: C:\Users\Pauline-Sophie\AppData\Roaming\mozilla\firefox\profiles\8ilzesm6.default\minidumps [676 files] ~~~ Event Viewer Logs were cleared ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on 09/05/2013 at 14:39:45,15 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

# AdwCleaner v2.300 - Rapport créé le 09/05/2013 à 14:23:56 # Mis à jour le 28/04/2013 par Xplode # Système d'exploitation : Windows 7 Home Premium Service Pack 1 (64 bits) # Nom d'utilisateur : Pauline-Sophie - HP # Mode de démarrage : Normal # Exécuté depuis : C:\Users\Pauline-Sophie\Desktop\AdwCleaner.exe # Option [suppression] ***** [services] ***** ***** [Fichiers / Dossiers] ***** Dossier Supprimé : C:\ProgramData\Babylon Dossier Supprimé : C:\Users\Pauline-Sophie\AppData\LocalLow\boost_interprocess Dossier Supprimé : C:\Users\Pauline-Sophie\AppData\Roaming\Babylon Fichier Supprimé : C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml Fichier Supprimé : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay.lnk Fichier Supprimé : C:\user.js ***** [Registre] ***** Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670} Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88} Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670} Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88} Clé Supprimée : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9} Clé Supprimée : HKLM\Software\Babylon Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{AFBB7970-789A-4264-BA70-E8127DECE400} Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB} Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\EoEngineBHO.DLL Clé Supprimée : HKLM\SOFTWARE\Classes\Prod.cap Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32 Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\offerbox_RASAPI32 Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\offerbox_RASMANCS Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670} Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88} Clé Supprimée : HKLM\Software\Offerbox Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670} Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{761F6A83-F007-49E4-8EAC-CDB6808EF06F} Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{76C45B18-A29E-43EA-AAF8-AF55C2E1AE17} Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{7CD74AFF-3433-4E34-92E2-D98DFDB30754} Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{96EF404C-24C7-43D0-9096-4CCC8BB7CCAC} Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{97720195-206A-42AE-8E65-260B9BA5589F} Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{986F7A5A-9676-47E1-8642-F41F8C3FCF82} Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{B18788A4-92BD-440E-A4D1-380C36531119} Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88} Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670} Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SoftwareUpdate_is1 Valeur Supprimée : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{EF99BD32-C1FB-11D2-892F-0090271D4F88}] ***** [Navigateurs] ***** -\\ Internet Explorer v10.0.9200.16537 [OK] Le registre ne contient aucune entrée illégitime. -\\ Mozilla Firefox v12.0 (fr) Fichier : C:\Users\Pauline-Sophie\AppData\Roaming\Mozilla\Firefox\Profiles\8ilzesm6.default\prefs.js C:\Users\Pauline-Sophie\AppData\Roaming\Mozilla\Firefox\Profiles\8ilzesm6.default\user.js ... Supprimé ! Supprimée : user_pref("browser.search.defaultenginename", "Search the web (Babylon)"); Supprimée : user_pref("browser.search.order.1", "Search the web (Babylon)"); Supprimée : user_pref("extensions.BabylonToolbar.admin", false); Supprimée : user_pref("extensions.BabylonToolbar.aflt", "babsst"); Supprimée : user_pref("extensions.BabylonToolbar.dfltLng", "en"); Supprimée : user_pref("extensions.BabylonToolbar.excTlbr", false); Supprimée : user_pref("extensions.BabylonToolbar.id", "224ce0c2000000000000f67bcb5c60a4"); Supprimée : user_pref("extensions.BabylonToolbar.instlDay", "15558"); Supprimée : user_pref("extensions.BabylonToolbar.instlRef", "sst"); Supprimée : user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar"); Supprimée : user_pref("extensions.BabylonToolbar.prtnrId", "babylon"); Supprimée : user_pref("extensions.BabylonToolbar.tlbrId", "base"); Supprimée : user_pref("extensions.BabylonToolbar.tlbrSrchUrl", "hxxp://www.google.com/search?babsrc=TB_ggl&q="); Supprimée : user_pref("extensions.BabylonToolbar.vrsn", "1.6.4.6"); Supprimée : user_pref("extensions.BabylonToolbar.vrsni", "1.6.4.6"); Supprimée : user_pref("extensions.BabylonToolbar_i.babExt", ""); Supprimée : user_pref("extensions.BabylonToolbar_i.babTrack", "affID=111808&tt=3212_6"); Supprimée : user_pref("extensions.BabylonToolbar_i.newTab", true); Supprimée : user_pref("extensions.BabylonToolbar_i.newTabUrl", "about:blank"); Supprimée : user_pref("extensions.BabylonToolbar_i.smplGrp", "none"); Supprimée : user_pref("extensions.BabylonToolbar_i.srcExt", "ss"); Supprimée : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.6.4.623:30:05"); Supprimée : user_pref("keyword.URL", "hxxp://search.babylon.com/?affID=111808&tt=3212_6&babsrc=KW_ss&mntrId=224c[...] ************************* AdwCleaner[s1].txt - [5692 octets] - [09/05/2013 14:23:56] ########## EOF - C:\AdwCleaner[s1].txt - [5752 octets] ##########

Bon visiblement ça fonctionne!!! Alors je vous remercie beaucoup!!!! Z'êtes géniaux Euh par contre que dois-je faire des rapports et des logiciels installés? Je garde MBAM, mais Roguekiller et SFTGC ?

Merci beaucoup! A la fin de l'analyse par Malware bytes il est acrit qu'il n'y a aucun élément détecté. C'est ok alors?

RogueKiller V8.5.4 _x64_ [Mar 18 2013] par Tigzy mail : tigzyRK<at>gmail<dot>com Remontees : [RogueKiller] Remontées Site Web : Télécharger RogueKiller (Site Officiel) Blog : tigzy-RK Systeme d'exploitation : Windows 7 (6.1.7601 Service Pack 1) 64 bits version Demarrage : Mode sans echec avec prise en charge reseau Utilisateur : Pauline-Sophie [Droits d'admin] Mode : Suppression -- Date : 09/05/2013 13:30:14 | ARK || FAK || MBR | ¤¤¤ Processus malicieux : 0 ¤¤¤ ¤¤¤ Entrees de registre : 3 ¤¤¤ [HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> SUPPRIMÉ [HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REMPLACÉ (0) [HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REMPLACÉ (0) ¤¤¤ Fichiers / Dossiers particuliers: ¤¤¤ ¤¤¤ Driver : [NON CHARGE] ¤¤¤ ¤¤¤ Fichier HOSTS: ¤¤¤ --> C:\Windows\system32\drivers\etc\hosts 127.0.0.1 localhost ¤¤¤ MBR Verif: ¤¤¤ +++++ PhysicalDrive0: WDC WD6400BEVT-60A0RT0 ATA Device +++++ --- User --- [MBR] abacb5afb30a85dc6c4f45c93d76d2d6 [bSP] fc45442aec06745f596dd8dcbc665ec5 : Windows Vista/7/8 MBR Code Partition table: 0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 199 Mo 1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 409600 | Size: 596151 Mo 2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 1221326848 | Size: 14025 Mo 3 - [XXXXXX] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 1250050048 | Size: 103 Mo User = LL1 ... OK! User = LL2 ... OK! Termine : << RKreport[2]_D_09052013_133014.txt >> RKreport[1]_S_09052013_132509.txt ; RKreport[2]_D_09052013_133014.txt J'espère avoir tout bien fait Oui effectivement pour combofix, une fois lancé j'ai regardé un peu sur internet et j'ai eu la trouille :$ . C'était un prof d'informatique qui me l'avait installé, il ne m'avait pas informée des risques et je ne l'avais jamais utilisé. En tout cas maintenant, pour sûr que je ne l'utiliserai plus