Bonjour Zaede,
Tenace effectivement...
Rapport après suppression RogueKiller:
RogueKiller V8.1.1 [01/10/2012] par Tigzy
mail: tigzyRK<at>gmail<dot>com
Remontees:
http://www.sur-la-toile.com/discussion- ... ntees.htmlWebsite:
http://www.sur-la-toile.com/RogueKiller/Blog:
http://tigzyrk.blogspot.comSysteme d'exploitation: Windows Vista (6.0.6002 Service Pack 2) 32 bits version
Demarrage : Mode normal
Utilisateur : julien [Droits d'admin]
Mode : Suppression -- Date : 18/10/2012 08:58:20
¤¤¤ Processus malicieux : 0 ¤¤¤
¤¤¤ Entrees de registre : 2 ¤¤¤
[TASK][SUSP PATH] {31B71402-5038-4BC8-92A9-6268F61767A0} : C:\Windows\System32\pcalua.exe -a C:\Users\julien\Desktop\CertiNomis.exe -d C:\Users\julien\Desktop -> SUPPRIMÉ
[HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> SUPPRIMÉ
¤¤¤ Fichiers / Dossiers particuliers: ¤¤¤
¤¤¤ Driver : [CHARGE] ¤¤¤
¤¤¤ Fichier HOSTS: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts
127.0.0.1 localhost
¤¤¤ MBR Verif: ¤¤¤
+++++ PhysicalDrive0: WDC WD2500BEVS-22UST0 +++++
--- User ---
[MBR] 95bc4f3a1074808bb9a9d6ff57911cf2
[BSP] f5a400805fe2b7cafd10167d5449e36e : Acer tatooed MBR Code
Partition table:
0 - [XXXXXX] COMPAQ (0x12) [VISIBLE] Offset (sectors): 63 | Size: 9993 Mo
1 - [ACTIVE] FAT16 (0x06) [VISIBLE] Offset (sectors): 20467712 | Size: 114372 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 254701568 | Size: 110788 Mo
3 - [XXXXXX] COMPAQ (0x12) [VISIBLE] Offset (sectors): 481595392 | Size: 3320 Mo
User = LL1 ... OK!
User = LL2 ... OK!
Termine : << RKreport[2].txt >>
RKreport[1].txt ; RKreport[2].txt
Rapport après DNS RAZ RogueKiller
RogueKiller V8.1.1 [01/10/2012] par Tigzy
mail: tigzyRK<at>gmail<dot>com
Remontees:
http://www.sur-la-toile.com/discussion- ... ntees.htmlWebsite:
http://www.sur-la-toile.com/RogueKiller/Blog:
http://tigzyrk.blogspot.comSysteme d'exploitation: Windows Vista (6.0.6002 Service Pack 2) 32 bits version
Demarrage : Mode normal
Utilisateur : julien [Droits d'admin]
Mode : DNS RAZ -- Date : 18/10/2012 08:59:15
¤¤¤ Processus malicieux : 0 ¤¤¤
¤¤¤ Entrees de registre : 0 ¤¤¤
¤¤¤ Driver : [CHARGE] ¤¤¤
Termine : << RKreport[3].txt >>
RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt
Et rapport après le scan d'Avast:
aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-10-18 09:01:54
-----------------------------
09:01:54.123 OS Version: Windows 6.0.6002 Service Pack 2
09:01:54.123 Number of processors: 2 586 0xF0D
09:01:54.126 ComputerName: PC-DE-JULIEN UserName: julien
09:01:58.348 Initialize success
09:18:33.959 AVAST engine defs: 12101701
09:42:38.781 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0
09:42:38.784 Disk 0 Vendor: WDC_WD25 01.0 Size: 238475MB BusType: 3
09:42:38.816 Disk 0 MBR read successfully
09:42:38.819 Disk 0 MBR scan
09:42:38.863 Disk 0 unknown MBR code
09:42:38.866 Disk 0 Partition 1 00 12 Compaq diag NTFS 9993 MB offset 63
09:42:38.892 Disk 0 Partition 2 80 (A) 06 FAT16 NTFS 114372 MB offset 20467712
09:42:38.920 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 110788 MB offset 254701568
09:42:39.067 Disk 0 Partition 4 00 12 Compaq diag NTFS 3320 MB offset 481595392
09:42:39.074 Disk 0 scanning sectors +488394752
09:42:39.137 Disk 0 scanning C:\Windows\system32\drivers
09:42:53.795 Service scanning
09:43:28.446 Modules scanning
09:43:35.724 Disk 0 trace - called modules:
09:43:35.748 ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll iastor.sys
09:43:35.756 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x866e27c0]
09:43:35.764 3 CLASSPNP.SYS[88dbb8b3] -> nt!IofCallDriver -> [0x855f5f08]
09:43:35.772 5 acpi.sys[82e9e6bc] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-0[0x855f4030]
09:43:37.458 AVAST engine scan C:\Windows
09:43:43.190 AVAST engine scan C:\Windows\system32
09:47:37.199 AVAST engine scan C:\Windows\system32\drivers
09:47:55.271 AVAST engine scan C:\Users\julien
10:13:19.310 AVAST engine scan C:\ProgramData
10:15:39.638 Scan finished successfully
10:22:45.234 Disk 0 MBR has been saved successfully to "C:\Users\julien\Desktop\MBR.dat"
10:22:45.239 The log file has been saved successfully to "C:\Users\julien\Desktop\aswMBR.txt"
Je continue à surfer et je te tiens au courant sur l'ouverture (ou non) de fenêtres dont je me passerais bien...
Merci encore
J.