saxaphone

bonjour Lance_yien - Utilitaires supprimés. - Point de restauration ré initialisé. - MBAM' Startup Lite lancé & OK. - Pour ce qui est des mises à jours Windows: Je préfère les télécharger sans les installer,pour voir les mises à jours avant installation. - PSI de Secunia installé & logiciels à jours. - Téléchargement des mises à jours de drivers OK, mais pas encore installées (mother board, graphic card, web cam, laser desk) - Sauvegarder le Registre avec Erunt OK - Spyware Blaster & MKV OK j'ai spybot-search & destroy installé, mais pas en mode Tea Timer, j'espère qui n'y a pas d’incompatibilité avec Spyware Blaster En tout cas merci de ton aide précieuse, & de ton engagement sur ce forum. CHAPEAU BAS Amicalement Saxaphone

Bonsoir Lance_yien, Pour l'instant je n'ai plus de symptôme de désactivation du pare-feu Windows. Mais puisque je vais le désactivé ... voici le rapport OTL: All processes killed ========== OTL ========== Prefs.js: "AVG Secure Search" removed from browser.search.defaultenginename Prefs.js: "Protection ZoneAlarm Customized Web Search" removed from browser.search.defaultthis.engineName Prefs.js: "AVG Secure Search" removed from browser.search.selectedEngine Prefs.js: {1E73965B-8B48-48be-9C8D-68B920ABC1C4}:10.0.0.1387 removed from extensions.enabledItems Prefs.js: avg@igeared:7.005.030.004 removed from extensions.enabledItems Prefs.js: "http://search.avg.com/route/?d=4dd7dd66&v=7.005.030.004&i=23&tp=ab&iy=&ychte=fr&lng=fr&q=" removed from keyword.URL Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@checkpoint.com/FFApi\ deleted successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\chrome\locale\zh-TW\ffjcext folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\chrome\locale\zh-TW folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\chrome\locale\zh-CN\ffjcext folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\chrome\locale\zh-CN folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\chrome\locale\sv-SE\ffjcext folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\chrome\locale\sv-SE folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\chrome\locale\ko-KR\ffjcext folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\chrome\locale\ko-KR folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\chrome\locale\ja-JP\ffjcext folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\chrome\locale\ja-JP folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\chrome\locale\it-IT\ffjcext folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\chrome\locale\it-IT folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\chrome\locale\fr-FR\ffjcext folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\chrome\locale\fr-FR folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\chrome\locale\es-ES\ffjcext folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\chrome\locale\es-ES folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\chrome\locale\en-US\ffjcext folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\chrome\locale\en-US folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\chrome\locale\de-DE\ffjcext folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\chrome\locale\de-DE folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\chrome\locale folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\chrome\content\ffjcext folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\chrome\content folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\chrome folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} folder moved successfully. C:\PROGRAM FILES\AVG\AVG10\FIREFOX4\Components folder moved successfully. C:\PROGRAM FILES\AVG\AVG10\FIREFOX4\Chrome folder moved successfully. C:\PROGRAM FILES\AVG\AVG10\FIREFOX4 folder moved successfully. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}\ deleted successfully. C:\Program Files\AVG\AVG10\avgssie.dll moved successfully. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found. Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser\\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}\ not found. Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser\\{EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107}\ not found. Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107}\ not found. Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Infodelivery\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Restrictions\ deleted successfully. Registry key HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Control Panel\ deleted successfully. Folder C:\ComboFix\ not found. ========== SERVICES/DRIVERS ========== ========== REGISTRY ========== ========== FILES ========== < ipconfig /flushdns /c > Configuration IP de Windows Cache de résolution DNS vidé. C:\Documents and Settings\Saxo\Bureau\cmd.bat deleted successfully. C:\Documents and Settings\Saxo\Bureau\cmd.txt deleted successfully. File\Folder C:\WINDOWS\tasks\*.job not found. File\Folder C:\*.sqm not found. File\Folder C:\WINDOWS\System32\*.tmp not found. File\Folder C:\WINDOWS\*.tmp not found. ========== COMMANDS ========== [EMPTYTEMP] User: All Users User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 67 bytes User: LocalService ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 32902 bytes User: NetworkService ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes User: Saxo ->Temp folder emptied: 11754 bytes ->Temporary Internet Files folder emptied: 180626 bytes ->Java cache emptied: 0 bytes ->FireFox cache emptied: 40798705 bytes ->Flash cache emptied: 470 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32\dllcache .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 109160 bytes %systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes %systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes RecycleBin emptied: 0 bytes Total Files Cleaned = 39,00 mb [EMPTYFLASH] User: All Users User: Default User User: LocalService User: NetworkService User: Saxo ->Flash cache emptied: 0 bytes Total Flash Files Cleaned = 0,00 mb C:\WINDOWS\System32\drivers\etc\Hosts moved successfully. HOSTS file reset successfully OTL by OldTimer - Version 3.2.26.1 log created on 07142011_190811 Files\Folders moved on Reboot... File move failed. C:\WINDOWS\temp\logishrd\LVPrcInj01.dll scheduled to be moved on reboot. Registry entries deleted on Reboot... PS: -Je ne sais pas comment voir si le pare-feu NVidia Nforce Network Access Manager est actif, peux-tu me dire comment faire si tu le sais ? -Depuis l'installation de la console de récupération Windows, mon écran de démarrage à changé, est-ce normal? Merci & A+ Saxaphone

Rapport EXTRAS ci dessous: OTL Extras logfile created on: 12/07/2011 18:10:24 - Run 1 OTL by OldTimer - Version 3.2.26.1 Folder = C:\Documents and Settings\Saxo\Bureau Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy 2,00 Gb Total Physical Memory | 1,46 Gb Available Physical Memory | 72,97% Memory free 3,85 Gb Paging File | 3,47 Gb Available in Paging File | 90,26% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 97,65 Gb Total Space | 79,93 Gb Free Space | 81,85% Space Free | Partition Type: NTFS Drive D: | 195,31 Gb Total Space | 46,21 Gb Free Space | 23,66% Space Free | Partition Type: NTFS Drive E: | 172,79 Gb Total Space | 107,82 Gb Free Space | 62,40% Space Free | Partition Type: NTFS Computer Name: PC | User Name: Saxo | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* exefile [open] -- "%1" %* piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "AntiVirusDisableNotify" = 0 "FirewallDisableNotify" = 0 "UpdatesDisableNotify" = 0 "AntiVirusOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] "DisableMonitoring" = 1 ========== System Restore Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr] "Start" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService] "Start" = 2 ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List] "139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005 "137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DoNotAllowExceptions" = 0 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] "139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005 "137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002 ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\Program Files\Electronic Arts\Crytek\Crysis SP Demo\Bin32\Crysis.exe" = C:\Program Files\Electronic Arts\Crytek\Crysis SP Demo\Bin32\Crysis.exe:*:Enabled:Crysis_32_sp_demo -- (Crytek GmbH) "C:\Program Files\AVG\AVG10\avgnsx.exe" = C:\Program Files\AVG\AVG10\avgnsx.exe:*:Enabled:Bouclier Web -- (AVG Technologies CZ, s.r.o.) "C:\Program Files\AVG\AVG10\avgmfapx.exe" = C:\Program Files\AVG\AVG10\avgmfapx.exe:*:Enabled:Programme d'installation AVG -- (AVG Technologies CZ, s.r.o.) "C:\Program Files\AVG\AVG10\avgemcx.exe" = C:\Program Files\AVG\AVG10\avgemcx.exe:*:Enabled:Scanner e-mail personnel -- (AVG Technologies CZ, s.r.o.) ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{02E89EFC-7B07-4D5A-AA03-9EC0902914EE}" = VC 9.0 Runtime "{133742BA-6F46-4D3E-85AF-78631D9AD8B8}" = Installation Windows Live "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{1F6423DE-7959-4178-80E0-023C7EAA5347}" = NVIDIA ForceWare Network Access Manager "{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Outil de téléchargement Windows Live "{228814B2-6A64-4AD5-8D2D-4E2188DEB191}" = AVG 2011 "{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT "{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java 6 Update 26 "{2E8EAC71-BFE4-417A-88F0-5A1BDFBCF5D3}" = Logitech SetPoint "{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform "{350C940c-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{3AF8FCCD-F51A-4014-9002-F195E1CBC876}" = Logitech QuickCam "{445B183D-F4F1-45C8-B9DB-F11355CA657B}" = Windows Live Messenger "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{5335DADB-34BA-4AE8-A519-648D78498846}" = Skype™ 5.3 "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{80490945-CE48-45CF-9CCA-CA0EF44D9FE4}" = AVG 2011 "{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 "{90120000-0010-040C-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (French) 12 "{90120000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2007 "{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581) "{90120000-0015-040C-0000-0000000FF1CE}" = Microsoft Office Access MUI (French) 2007 "{90120000-0016-040C-0000-0000000FF1CE}" = Microsoft Office Excel MUI (French) 2007 "{90120000-0018-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (French) 2007 "{90120000-0019-040C-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (French) 2007 "{90120000-001A-040C-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (French) 2007 "{90120000-001B-040C-0000-0000000FF1CE}" = Microsoft Office Word MUI (French) 2007 "{90120000-001F-0401-0000-0000000FF1CE}" = Microsoft Office Proof (Arabic) 2007 "{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007 "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007 "{90120000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2007 "{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007 "{90120000-002C-040C-0000-0000000FF1CE}" = Microsoft Office Proofing (French) 2007 "{90120000-0044-040C-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (French) 2007 "{90120000-006E-040C-0000-0000000FF1CE}" = Microsoft Office Shared MUI (French) 2007 "{92AF2F5A-4407-4A03-A80A-5A2582264746}" = Crysis® SP Demo "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI "{AC76BA86-7AD7-1036-7B44-A90000000001}" = Adobe Reader 9 - Français "{B3B487E7-6171-4376-9074-B28082CEB504}" = Windows Live Call "{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Toolbars "{BD202930-5F70-4B35-B875-1E28604F328D}" = Logitech Communications Manager "{CA529363-D0F2-41EA-B44B-D7515A254645}" = Multimedia Card Reader "{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}" = Assistant de connexion Windows Live "{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1" = AusLogics Disk Defrag 1.4 "{EE7B9A8D-19F0-450D-8E94-3E391E6044CD}" = KhalSetup "{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX "{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Ad-Remover" = Ad-Remover par C_XX "AVG" = AVG 2011 "CCleaner" = CCleaner "CutePDF Writer Installation" = CutePDF Writer 2.8 "HijackThis" = HijackThis 2.0.2 "ie8" = Windows Internet Explorer 8 "InstallShield_{1F6423DE-7959-4178-80E0-023C7EAA5347}" = NVIDIA ForceWare Network Access Manager "InstallShield_{CA529363-D0F2-41EA-B44B-D7515A254645}" = Multimedia Card Reader "KLiteCodecPack_is1" = K-Lite Mega Codec Pack 3.7.0 "lvdrivers_11.80" = Coffret de pilotes Logitech QuickCam "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware version 1.51.0.1200 "Mozilla Firefox 5.0 (x86 fr)" = Mozilla Firefox 5.0 (x86 fr) "NVIDIA Drivers" = NVIDIA Drivers "PROPLUS" = Microsoft Office Professional Plus 2007 "Revo Uninstaller" = Revo Uninstaller 1.92 "TmNationsForever_is1" = TmNationsForever "VLC media player" = VLC media player 1.1.10 "Windows Media Format Runtime" = Windows Media Format Runtime "Windows Media Player" = Lecteur Windows Media 10 "WinLiveSuite_Wave3" = Installation Windows Live "WinRAR archiver" = WinRAR archiver "xp-AntiSpy" = xp-AntiSpy 3.97-9 ========== Last 10 Event Log Errors ========== [ Application Events ] Error - 03/06/2011 04:29:52 | Computer Name = PC | Source = Application Error | ID = 1000 Description = Application défaillante wlcomm.exe, version 14.0.8117.416, module défaillant ole32.dll, version 5.1.2600.6010, adresse de défaillance 0x0004c473. Error - 04/06/2011 00:04:00 | Computer Name = PC | Source = EventSystem | ID = 4609 Description = Le système d'événements de COM+ a détecté un code de renvoi erroné lors de son traitement interne. Le HRESULT est 80070005 à partir de la ligne 44 de d:\comxp_sp3\com\com1x\src\events\tier1\eventsystemobj.cpp. Contactez les services du Support Technique Microsoft pour signaler cette erreu Error - 04/06/2011 00:04:00 | Computer Name = PC | Source = VSS | ID = 8193 Description = Erreur du service de cliché instantané des volumes : erreur lors de l'appel de la routine CoCreateInstance. hr = 0x80040206. Error - 05/06/2011 04:48:33 | Computer Name = PC | Source = Application Error | ID = 1000 Description = Application défaillante wlcomm.exe, version 14.0.8117.416, module défaillant ole32.dll, version 5.1.2600.6010, adresse de défaillance 0x0004d8f6. Error - 09/06/2011 12:29:56 | Computer Name = PC | Source = Application Error | ID = 1000 Description = Application défaillante skype.exe, version 5.3.0.111, module défaillant kernel32.dll, version 5.1.2600.5781, adresse de défaillance 0x00012afb. Error - 12/06/2011 13:49:20 | Computer Name = PC | Source = Application Error | ID = 1000 Description = Application défaillante wlcomm.exe, version 14.0.8117.416, module défaillant ole32.dll, version 5.1.2600.6010, adresse de défaillance 0x0004c473. Error - 12/06/2011 13:52:38 | Computer Name = PC | Source = Application Error | ID = 1000 Description = Application défaillante wlcomm.exe, version 14.0.8117.416, module défaillant ole32.dll, version 5.1.2600.6010, adresse de défaillance 0x0004c473. Error - 14/06/2011 06:04:23 | Computer Name = PC | Source = Application Error | ID = 1000 Description = Application défaillante wlcomm.exe, version 14.0.8117.416, module défaillant ole32.dll, version 5.1.2600.6010, adresse de défaillance 0x0004c473. Error - 15/06/2011 02:29:48 | Computer Name = PC | Source = Application Error | ID = 1000 Description = Application défaillante wlcomm.exe, version 14.0.8117.416, module défaillant ole32.dll, version 5.1.2600.6010, adresse de défaillance 0x0004c473. Error - 19/06/2011 07:42:08 | Computer Name = PC | Source = Application Error | ID = 1000 Description = Application défaillante wlcomm.exe, version 14.0.8117.416, module défaillant ole32.dll, version 5.1.2600.6010, adresse de défaillance 0x0004c473. [ System Events ] Error - 15/06/2011 00:47:12 | Computer Name = PC | Source = DCOM | ID = 10005 Description = DCOM a reçu l'erreur "%1084" lors de la mise en route du service EventSystem avec les arguments "" pour démarrer le serveur : {1BE1F766-5536-11D1-B726-00C04FB926AF} Error - 15/06/2011 00:48:37 | Computer Name = PC | Source = Service Control Manager | ID = 7001 Description = Le service Client DHCP dépend du service NetBIOS sur TCP/IP qui n'a pas pu démarrer en raison de l'erreur : %%31 Error - 15/06/2011 00:48:37 | Computer Name = PC | Source = Service Control Manager | ID = 7001 Description = Le service Client DNS dépend du service Pilote du protocole TCP/IP qui n'a pas pu démarrer en raison de l'erreur : %%31 Error - 15/06/2011 00:48:37 | Computer Name = PC | Source = Service Control Manager | ID = 7001 Description = Le service Assistance TCP/IP NetBIOS dépend du service Environnement de prise en charge de réseau AFD qui n'a pas pu démarrer en raison de l'erreur : %%31 Error - 15/06/2011 00:48:37 | Computer Name = PC | Source = Service Control Manager | ID = 7001 Description = Le service TrueVector Internet Monitor dépend du service vsdatant qui n'a pas pu démarrer en raison de l'erreur : %%31 Error - 15/06/2011 00:48:37 | Computer Name = PC | Source = Service Control Manager | ID = 7001 Description = Le service Forceware Web Interface dépend du service Environnement de prise en charge de réseau AFD qui n'a pas pu démarrer en raison de l'erreur : %%31 Error - 15/06/2011 00:48:37 | Computer Name = PC | Source = Service Control Manager | ID = 7001 Description = Le service Services IPSEC dépend du service Pilote IPSEC qui n'a pas pu démarrer en raison de l'erreur : %%31 Error - 15/06/2011 00:48:37 | Computer Name = PC | Source = Service Control Manager | ID = 7026 Description = Le pilote de démarrage système ou d'amorçage suivant n'a pas pu se charger : AFD Avgldx86 Avgmfx86 Avgtdix Fips IPSec MRxSmb NetBIOS NetBT NVTCP Processor RasAcd Rdbss Tcpip vsdatant WS2IFSL Error - 15/06/2011 00:55:09 | Computer Name = PC | Source = DCOM | ID = 10005 Description = DCOM a reçu l'erreur "%1084" lors de la mise en route du service netman avec les arguments "" pour démarrer le serveur : {BA126AE5-2166-11D1-B1D0-00805FC1270E} Error - 15/06/2011 00:56:03 | Computer Name = PC | Source = DCOM | ID = 10005 Description = DCOM a reçu l'erreur "%1084" lors de la mise en route du service EventSystem avec les arguments "" pour démarrer le serveur : {1BE1F766-5536-11D1-B726-00C04FB926AF} < End of report > PS: Est-ce que j'ai besoin du pare-feu Windows si NVidia Nforce Network Access Manager est présent sur l'ordi ? Je n'ai pas de DD externe et j'ai formaté ma clé USB depuis un autre ordi et vide de données, je ne l'ai donc pas connecté. merci & A+ Saxaphone

Bonsoir Lance_yien, Combofix désinstallé OK internet explorer 8 XP 32 bits installé OK AVG security 2011 réinstallé OK Ci-dessous rapport OTL: OTL logfile created on: 12/07/2011 18:10:24 - Run 1 OTL by OldTimer - Version 3.2.26.1 Folder = C:\Documents and Settings\Saxo\Bureau Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy 2,00 Gb Total Physical Memory | 1,46 Gb Available Physical Memory | 72,97% Memory free 3,85 Gb Paging File | 3,47 Gb Available in Paging File | 90,26% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 97,65 Gb Total Space | 79,93 Gb Free Space | 81,85% Space Free | Partition Type: NTFS Drive D: | 195,31 Gb Total Space | 46,21 Gb Free Space | 23,66% Space Free | Partition Type: NTFS Drive E: | 172,79 Gb Total Space | 107,82 Gb Free Space | 62,40% Space Free | Partition Type: NTFS Computer Name: PC | User Name: Saxo | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2011/07/12 18:07:05 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Saxo\Bureau\OTL.exe PRC - [2011/04/18 17:40:08 | 002,334,560 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgtray.exe PRC - [2011/02/10 07:55:18 | 001,148,256 | ---- | M] () -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSMonitor.exe PRC - [2011/02/08 05:33:42 | 000,269,520 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgwdsvc.exe PRC - [2008/07/26 08:25:36 | 000,150,040 | ---- | M] (Logitech Inc.) -- C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe PRC - [2008/07/26 08:23:42 | 000,186,904 | ---- | M] (Logitech Inc.) -- C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe PRC - [2008/04/14 04:34:03 | 001,037,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2006/09/11 19:59:28 | 000,172,032 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe PRC - [2006/09/11 19:56:02 | 000,135,227 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe PRC - [2006/09/11 19:55:42 | 000,065,599 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe PRC - [2006/09/01 11:01:42 | 000,671,744 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\SetPoint\SetPoint.exe PRC - [2006/08/03 13:29:02 | 000,244,520 | ---- | M] (Logitech Inc.) -- C:\Program Files\Fichiers communs\Logitech\LComMgr\LVComSX.exe PRC - [2006/08/03 09:44:52 | 000,529,968 | ---- | M] (Logitech Inc.) -- C:\Program Files\Fichiers communs\Logitech\LComMgr\Communications_Helper.exe PRC - [2006/07/19 12:03:56 | 000,094,208 | ---- | M] (Logitech Inc.) -- C:\Program Files\Fichiers communs\Logitech\khalshared\KHALMNPR.exe PRC - [2004/08/06 17:01:42 | 000,135,168 | ---- | M] (Alcor Micro, Corp.) -- C:\Program Files\Multimedia Card Reader\shwicon2k.exe ========== Modules (SafeList) ========== MOD - [2011/07/12 18:07:05 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Saxo\Bureau\OTL.exe MOD - [2011/05/14 01:17:40 | 000,632,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcr80.dll MOD - [2011/05/14 01:12:34 | 000,554,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcp80.dll MOD - [2010/08/23 18:12:39 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll MOD - [2008/07/26 08:25:24 | 000,109,080 | ---- | M] (Logitech Inc.) -- C:\WINDOWS\temp\logishrd\LVPrcInj01.dll MOD - [2006/09/01 10:30:30 | 000,044,544 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\SetPoint\lgscroll.dll ========== Win32 Services (SafeList) ========== SRV - [2011/04/18 17:39:42 | 007,398,752 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Stopped] -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe -- (AVGIDSAgent) SRV - [2011/02/08 05:33:42 | 000,269,520 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG10\avgwdsvc.exe -- (avgwd) SRV - [2008/11/04 01:06:28 | 000,441,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv) SRV - [2008/07/26 08:25:36 | 000,150,040 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv) SRV - [2008/07/26 08:23:42 | 000,186,904 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe -- (LVCOMSer) SRV - [2006/10/26 14:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE -- (ose) SRV - [2006/09/11 19:59:28 | 000,172,032 | ---- | M] () [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe -- (ForceWare Intelligent Application Manager (IAM)) ForceWare Intelligent Application Manager (IAM) SRV - [2006/09/11 19:56:02 | 000,135,227 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe -- (nSvcIp) SRV - [2006/09/11 19:55:42 | 000,065,599 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe -- (nSvcLog) ========== Driver Services (SafeList) ========== DRV - [2011/04/14 21:28:42 | 000,134,480 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVGIDSDriver.sys -- (AVGIDSDriver) DRV - [2011/04/05 00:59:56 | 000,297,168 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtdix.sys -- (Avgtdix) DRV - [2011/03/16 16:03:20 | 000,032,592 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\avgrkx86.sys -- (Avgrkx86) DRV - [2011/03/01 14:25:18 | 000,034,896 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\avgmfx86.sys -- (Avgmfx86) DRV - [2011/02/22 08:13:02 | 000,022,992 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\AVGIDSEH.Sys -- (AVGIDSEH) DRV - [2011/02/10 07:53:54 | 000,027,216 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVGIDSShim.sys -- (AVGIDSShim) DRV - [2011/02/10 07:53:52 | 000,024,144 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVGIDSFilter.sys -- (AVGIDSFilter) DRV - [2011/01/07 06:41:46 | 000,248,656 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgldx86.sys -- (Avgldx86) DRV - [2008/07/26 17:26:56 | 000,023,832 | R--- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lvuvcflt.sys -- (FilterService) DRV - [2008/07/26 17:26:44 | 004,658,584 | R--- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\lvuvc.sys -- (LVUVC) Logitech QuickCam S5500(UVC) DRV - [2008/07/26 17:26:22 | 000,041,752 | R--- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LVUSBSta.sys -- (LVUSBSta) DRV - [2008/07/26 17:25:48 | 000,627,864 | R--- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\lvrs.sys -- (LVRS) DRV - [2008/07/26 08:25:02 | 000,025,624 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LVPr2Mon.sys -- (LVPr2Mon) DRV - [2006/09/11 13:45:38 | 000,019,968 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus) DRV - [2006/09/11 13:45:36 | 000,057,856 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD) DRV - [2006/09/11 13:45:26 | 000,110,592 | R--- | M] (NVIDIA Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\nvtcp.sys -- (NVTCP) DRV - [2006/09/01 12:32:50 | 000,003,712 | ---- | M] (Logitech Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\LBeepKE.sys -- (LBeepKE) DRV - [2006/08/21 12:24:28 | 000,105,344 | R--- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\nvata.sys -- (nvata) DRV - [2006/07/19 12:29:08 | 000,027,136 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LHidKE.Sys -- (LHidKe) DRV - [2006/07/19 12:28:56 | 000,071,936 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LMouKE.Sys -- (LMouKE) DRV - [2006/07/19 12:27:46 | 000,055,936 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\L8042mou.Sys -- (L8042mou) DRV - [2006/07/19 12:27:26 | 000,013,568 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\L8042Kbd.sys -- (L8042Kbd) DRV - [2006/03/17 11:18:58 | 000,392,960 | R--- | M] (Sensaura) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\senfilt.sys -- (SenFiltService) DRV - [2004/08/13 04:56:20 | 000,005,810 | R--- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor) DRV - [2004/07/23 14:55:50 | 000,046,536 | ---- | M] (Alcor Micro, Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sunkfilt62.sys -- (SunkFilt62) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search bar = Le Complément de recherche d'Internet Explorer 6 n'est plus pris en charge. IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Freebox, la meilleure offre ADSL : Internet, Téléphone, Télévision IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "AVG Secure Search" FF - prefs.js..browser.search.defaultthis.engineName: "Protection ZoneAlarm Customized Web Search" FF - prefs.js..browser.search.defaulturl: "http://www.bing.com/search?FORM=IEFM1&q=" FF - prefs.js..browser.search.selectedEngine: "AVG Secure Search" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "http://www.free.fr" FF - prefs.js..extensions.enabledItems: {1E73965B-8B48-48be-9C8D-68B920ABC1C4}:10.0.0.1387 FF - prefs.js..extensions.enabledItems: avg@igeared:7.005.030.004 FF - prefs.js..extensions.enabledItems: {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}:5.3.0.7280 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26 FF - prefs.js..keyword.URL: "http://search.avg.com/route/?d=4dd7dd66&v=7.005.030.004&i=23&tp=ab&iy=&ychte=fr&lng=fr&q=" FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@checkpoint.com/FFApi: File not found FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.11.3088: C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.11.3006: C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.1.10: C:\Program Files\VideoLAN\VLC\npvlc.dll (the VideoLAN Team) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG10\Firefox4\ [2011/07/12 17:40:46 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/07/01 19:53:01 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/07/01 19:53:00 | 000,000,000 | ---D | M] [2011/05/21 18:04:12 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Saxo\Application Data\Mozilla\Extensions [2011/07/01 19:24:21 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Saxo\Application Data\Mozilla\Firefox\Profiles\uc4c2cpk.default\extensions [2011/05/22 23:40:46 | 000,001,819 | ---- | M] () -- C:\Documents and Settings\Saxo\Application Data\Mozilla\Firefox\Profiles\uc4c2cpk.default\searchplugins\bing.xml [2011/07/01 19:51:39 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2011/05/21 20:42:04 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2011/06/13 09:27:42 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} [2011/06/14 11:24:31 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} File not found (No name found) -- [2011/07/12 17:40:46 | 000,000,000 | ---D | M] (AVG Safe Search) -- C:\PROGRAM FILES\AVG\AVG10\FIREFOX4 [2011/07/01 19:52:59 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2011/05/04 04:52:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll [2011/07/01 19:52:57 | 000,001,516 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-france.xml [2011/07/01 19:52:57 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml [2011/07/01 19:52:57 | 000,001,822 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\cnrtl-tlfi-fr.xml [2011/07/01 19:52:57 | 000,001,154 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-france.xml [2011/07/01 19:52:57 | 000,001,426 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-fr.xml [2011/07/01 19:52:57 | 000,000,956 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-france.xml O1 HOSTS File: ([2011/07/11 22:08:37 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG10\avgssie.dll (AVG Technologies CZ, s.r.o.) O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O2 - BHO: (Programme d'aide de l'Assistant de connexion Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found. O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - No CLSID value found. O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG10\avgtray.exe (AVG Technologies CZ, s.r.o.) O4 - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\WINDOWS\KHALMNPR.Exe (Logitech Inc.) O4 - HKLM..\Run: [Logitech Hardware Abstraction Layer] C:\WINDOWS\KHALMNPR.Exe (Logitech Inc.) O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation) O4 - HKLM..\Run: [sunkist2k] C:\Program Files\Multimedia Card Reader\shwicon2k.exe (Alcor Micro, Corp.) O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe (Logitech Inc.) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFavoritesMenu = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMMyDocs = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMMyPictures = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuMyMusic = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRecentDocsNetHood = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSimpleStartMenu = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFavoritesMenu = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMMyDocs = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMMyPictures = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuMyMusic = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRecentDocsNetHood = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoUserNameInStartMenu = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuPinnedList = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceStartMenuLogoff = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSharedDocuments = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\system32\nvappfilter.dll (NVIDIA) O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\system32\nvappfilter.dll (NVIDIA) O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\system32\nvappfilter.dll (NVIDIA) O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\system32\nvappfilter.dll (NVIDIA) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: DirectAnimation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab (Reg Error: Key error.) O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.27.40.240 212.27.40.241 O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG10\avgpp.dll (AVG Technologies CZ, s.r.o.) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Fichiers communs\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O24 - Desktop Components:0 (Ma page d'accueil) - About:Home O24 - Desktop WallPaper: C:\Documents and Settings\Saxo\Local Settings\Application Data\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\Saxo\Local Settings\Application Data\Microsoft\Wallpaper1.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2011/05/21 14:45:35 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgchsvx.exe /sync) - C:\Program Files\AVG\AVG10\avgchsvx.exe (AVG Technologies CZ, s.r.o.) O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgrsx.exe /sync /restart) - C:\Program Files\AVG\AVG10\avgrsx.exe (AVG Technologies CZ, s.r.o.) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: 6to4 - File not found NetSvcs: Ias - File not found NetSvcs: Iprip - File not found NetSvcs: Irmon - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: WmdmPmSp - File not found Drivers32: msacm.ac3acm - C:\WINDOWS\System32\ac3acm.acm (fccHandler) Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: msacm.lameacm - C:\WINDOWS\System32\lameACM.acm (http://www.mp3dev.org/) Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.) Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.) Drivers32: MSVideo - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation) Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation) Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.) Drivers32: VIDC.DIVX - C:\WINDOWS\System32\divx.dll (DivX, Inc.) Drivers32: VIDC.FFDS - C:\WINDOWS\System32\ff_vfw.dll () Drivers32: VIDC.I420 - C:\WINDOWS\System32\lvcodec2.dll (Logitech Inc.) Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll () Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll () Drivers32: VIDC.XVID - C:\WINDOWS\System32\xvidvfw.dll () Drivers32: VIDC.YV12 - C:\WINDOWS\System32\yv12vfw.dll (www.helixcommunity.org) CREATERESTOREPOINT Restore point Set: OTL Restore Point PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin ========== Files/Folders - Created Within 30 Days ========== [2011/07/12 18:07:04 | 000,579,584 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Saxo\Bureau\OTL.exe [2011/07/12 18:04:32 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Saxo\IETldCache [2011/07/12 18:02:54 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Saxo\Recent [2011/07/12 18:01:59 | 000,000,000 | ---D | C] -- C:\WINDOWS\ie8updates [2011/07/12 18:01:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\WBEM [2011/07/12 18:01:16 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8 [2011/07/12 17:42:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Saxo\Application Data\AVG10 [2011/07/12 17:40:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\AVG 2011 [2011/07/12 17:40:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVG10 [2011/07/12 17:39:53 | 000,000,000 | ---D | C] -- C:\Program Files\AVG [2011/07/12 17:33:05 | 000,000,000 | --SD | C] -- C:\ComboFix [2011/07/11 22:16:51 | 000,000,000 | -HSD | C] -- C:\RECYCLER [2011/07/11 22:09:35 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp [2011/07/11 22:06:24 | 000,000,000 | RHSD | C] -- C:\cmdcons [2011/07/11 22:04:37 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT [2011/07/11 21:14:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\MFAData [2011/07/11 20:53:52 | 006,443,128 | ---- | C] (OPSWAT, Inc.) -- C:\Documents and Settings\Saxo\Bureau\AppRemover.exe [2011/07/10 12:56:14 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Saxo\Menu Démarrer\Programmes\Outils d'administration [2011/07/09 12:59:24 | 000,000,000 | ---D | C] -- C:\WINDOWS\Internet Logs [2011/07/02 16:43:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Saxo\Local Settings\Application Data\WMTools Downloaded Files [2011/07/02 14:12:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Saxo\Application Data\Malwarebytes [2011/07/02 14:12:35 | 000,039,984 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys [2011/07/02 14:12:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Malwarebytes' Anti-Malware [2011/07/02 14:12:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes [2011/07/02 14:12:32 | 000,022,712 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [2011/07/02 14:12:32 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2011/07/02 12:53:06 | 000,000,000 | ---D | C] -- C:\Program Files\xp-AntiSpy [2011/07/02 12:53:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Saxo\Menu Démarrer\Programmes\xp-AntiSpy [2011/06/29 18:23:16 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_35.dll [2011/06/29 18:23:16 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_35.dll [2011/06/29 18:23:15 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_35.dll [2011/06/29 18:23:15 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_34.dll [2011/06/29 18:23:15 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_34.dll [2011/06/29 18:23:13 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_34.dll [2011/06/29 18:23:11 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput1_3.dll [2011/06/29 18:22:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Electronic Arts [2011/06/29 18:20:35 | 000,000,000 | ---D | C] -- C:\Program Files\Electronic Arts [2011/06/29 18:19:27 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Saxo\Application Data\SecuROM [2011/06/29 18:19:26 | 000,107,888 | ---- | C] (Sony DADC Austria AG.) -- C:\WINDOWS\System32\CmdLineExt.dll [2011/06/29 18:15:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\Monolith Productions [2011/06/29 18:15:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Saxo\Mes documents\Eidos [2011/06/29 13:34:32 | 000,000,000 | ---D | C] -- C:\Program Files\Ad-Remover [2011/06/19 11:18:08 | 000,000,000 | ---D | C] -- C:\Program Files\VS Revo Group [2011/06/19 11:18:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Saxo\Menu Démarrer\Programmes\Revo Uninstaller [2011/06/16 06:40:29 | 000,000,000 | -HSD | C] -- C:\WINDOWS\CSC [2011/06/15 09:11:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\SxsCaPendDel [2011/06/15 09:08:51 | 000,105,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mup.sys [2011/06/15 09:08:29 | 000,759,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\VGX.dll [2011/06/15 07:41:04 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss [2011/06/14 11:24:48 | 000,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\Java [2011/06/14 11:24:30 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe [2011/06/14 11:24:30 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe [2011/06/14 11:24:30 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe [2011/06/13 09:28:32 | 000,000,000 | ---D | C] -- C:\WINDOWS\Sun [2011/06/13 09:27:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Sun [2011/06/13 09:27:42 | 000,472,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll [2011/06/13 09:27:42 | 000,073,728 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl [2011/06/13 09:27:31 | 000,000,000 | ---D | C] -- C:\Program Files\Java [2011/06/13 09:26:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Saxo\Application Data\Sun [2011/06/12 20:09:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Saxo\Application Data\Media Player Classic ========== Files - Modified Within 30 Days ========== [2011/07/12 18:10:57 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin [2011/07/12 18:07:05 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Saxo\Bureau\OTL.exe [2011/07/12 18:04:35 | 000,000,815 | ---- | M] () -- C:\Documents and Settings\Saxo\Application Data\Microsoft\Internet Explorer\Quick Launch\Démarrer Internet Explorer.lnk [2011/07/12 18:04:27 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2011/07/12 18:04:17 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\drivers\lvuvc.hs [2011/07/12 18:04:15 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\drivers\logiflt.iad [2011/07/12 18:02:21 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK [2011/07/12 17:42:47 | 122,141,391 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\incavi.avm [2011/07/12 17:40:48 | 000,000,704 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\AVG 2011.lnk [2011/07/11 22:17:11 | 000,879,223 | ---- | M] () -- C:\Documents and Settings\Saxo\Bureau\SecurityCheck.exe [2011/07/11 22:08:37 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts [2011/07/11 22:06:27 | 000,000,328 | RHS- | M] () -- C:\boot.ini [2011/07/11 20:53:57 | 006,443,128 | ---- | M] (OPSWAT, Inc.) -- C:\Documents and Settings\Saxo\Bureau\AppRemover.exe [2011/07/11 20:26:55 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2011/07/09 14:45:17 | 000,041,472 | ---- | M] () -- C:\Documents and Settings\Saxo\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011/07/09 13:58:12 | 000,000,038 | ---- | M] () -- C:\WINDOWS\avisplitter.INI [2011/07/09 13:27:14 | 000,002,265 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Skype.lnk [2011/07/08 10:23:34 | 000,004,212 | -H-- | M] () -- C:\WINDOWS\System32\zllictbl.dat [2011/07/02 14:12:35 | 000,000,802 | ---- | M] () -- C:\Documents and Settings\Saxo\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes' Anti-Malware.lnk [2011/07/02 14:12:35 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Malwarebytes' Anti-Malware.lnk [2011/07/02 12:53:06 | 000,001,598 | ---- | M] () -- C:\Documents and Settings\Saxo\Application Data\Microsoft\Internet Explorer\Quick Launch\xp-AntiSpy.lnk [2011/07/02 12:53:06 | 000,001,580 | ---- | M] () -- C:\Documents and Settings\Saxo\Bureau\xp-AntiSpy.lnk [2011/07/01 20:32:12 | 000,000,614 | ---- | M] () -- C:\Documents and Settings\Saxo\Bureau\PhotoFiltre.lnk [2011/06/29 18:26:54 | 000,000,643 | ---- | M] () -- C:\Documents and Settings\Saxo\Bureau\SplinterCell.lnk [2011/06/29 18:26:20 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\Saxo\Bureau\Crysis.lnk [2011/06/29 18:19:26 | 000,107,888 | ---- | M] (Sony DADC Austria AG.) -- C:\WINDOWS\System32\CmdLineExt.dll [2011/06/29 13:34:34 | 000,001,554 | ---- | M] () -- C:\Documents and Settings\Saxo\Bureau\AD-R.lnk [2011/06/25 13:07:48 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl [2011/06/23 19:22:59 | 000,000,651 | ---- | M] () -- C:\Documents and Settings\Saxo\Application Data\Microsoft\Internet Explorer\Quick Launch\SafeXP.lnk [2011/06/23 17:20:06 | 000,000,682 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\CCleaner.lnk [2011/06/21 12:34:57 | 000,000,478 | ---- | M] () -- C:\Documents and Settings\Saxo\Bureau\HiJackThis.lnk [2011/06/19 11:18:09 | 000,000,917 | ---- | M] () -- C:\Documents and Settings\Saxo\Bureau\Revo Uninstaller.lnk [2011/06/12 20:10:23 | 000,000,000 | ---- | M] () -- C:\WINDOWS\graphedit.INI ========== Files Created - No Company Name ========== [2011/07/12 18:10:57 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin [2011/07/12 18:01:39 | 000,001,374 | ---- | C] () -- C:\WINDOWS\imsins.BAK [2011/07/11 22:06:27 | 000,000,212 | ---- | C] () -- C:\Boot.bak [2011/07/11 22:06:26 | 000,263,488 | RHS- | C] () -- C:\cmldr [2011/07/09 13:58:10 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.INI [2011/07/02 14:12:35 | 000,000,802 | ---- | C] () -- C:\Documents and Settings\Saxo\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes' Anti-Malware.lnk [2011/07/02 14:12:35 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Malwarebytes' Anti-Malware.lnk [2011/07/02 12:53:06 | 000,001,598 | ---- | C] () -- C:\Documents and Settings\Saxo\Application Data\Microsoft\Internet Explorer\Quick Launch\xp-AntiSpy.lnk [2011/07/02 12:53:06 | 000,001,580 | ---- | C] () -- C:\Documents and Settings\Saxo\Bureau\xp-AntiSpy.lnk [2011/07/01 20:32:12 | 000,000,614 | ---- | C] () -- C:\Documents and Settings\Saxo\Bureau\PhotoFiltre.lnk [2011/07/01 19:53:02 | 000,000,730 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Mozilla Firefox.lnk [2011/07/01 19:23:16 | 000,879,223 | ---- | C] () -- C:\Documents and Settings\Saxo\Bureau\SecurityCheck.exe [2011/06/29 18:26:54 | 000,000,643 | ---- | C] () -- C:\Documents and Settings\Saxo\Bureau\SplinterCell.lnk [2011/06/29 18:26:20 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\Saxo\Bureau\Crysis.lnk [2011/06/29 13:34:34 | 000,001,554 | ---- | C] () -- C:\Documents and Settings\Saxo\Bureau\AD-R.lnk [2011/06/23 19:22:59 | 000,000,651 | ---- | C] () -- C:\Documents and Settings\Saxo\Application Data\Microsoft\Internet Explorer\Quick Launch\SafeXP.lnk [2011/06/21 12:34:57 | 000,000,478 | ---- | C] () -- C:\Documents and Settings\Saxo\Bureau\HiJackThis.lnk [2011/06/19 11:18:09 | 000,000,917 | ---- | C] () -- C:\Documents and Settings\Saxo\Bureau\Revo Uninstaller.lnk [2011/06/12 20:10:23 | 000,000,000 | ---- | C] () -- C:\WINDOWS\graphedit.INI [2011/06/09 12:11:30 | 000,164,352 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll [2011/06/09 12:11:28 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll [2011/06/09 12:11:28 | 001,559,040 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll [2011/06/09 12:11:28 | 000,282,624 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll [2011/06/09 12:11:27 | 000,007,680 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll [2011/06/07 14:30:09 | 000,087,552 | ---- | C] () -- C:\WINDOWS\System32\cpwmon2k.dll [2011/05/22 14:01:10 | 000,041,472 | ---- | C] () -- C:\Documents and Settings\Saxo\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011/05/21 21:47:54 | 000,066,482 | R--- | C] () -- C:\WINDOWS\System32\lvcoinst.ini [2011/05/21 20:53:38 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat [2011/05/21 20:07:00 | 000,004,212 | -H-- | C] () -- C:\WINDOWS\System32\zllictbl.dat [2011/05/21 18:04:07 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat [2011/05/21 16:39:27 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat [2011/05/21 15:36:53 | 000,004,207 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2011/05/21 15:36:38 | 000,000,000 | ---- | C] () -- C:\WINDOWS\msicpl.ini [2011/05/21 15:35:57 | 000,263,824 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2011/05/21 15:34:25 | 000,131,072 | R--- | C] () -- C:\WINDOWS\System32\smdll.dll [2011/05/21 15:34:23 | 000,266,240 | R--- | C] () -- C:\WINDOWS\System32\HookShield.dll [2011/05/21 15:34:23 | 000,262,144 | R--- | C] () -- C:\WINDOWS\System32\HookMAp.dll [2011/05/21 15:34:23 | 000,032,768 | R--- | C] () -- C:\WINDOWS\System32\Auxiliary.dll [2011/05/21 15:34:22 | 000,208,896 | R--- | C] () -- C:\WINDOWS\System32\WinSys2.exe [2011/05/21 15:34:22 | 000,208,896 | R--- | C] () -- C:\WINDOWS\System32\sw20.exe [2011/05/21 15:34:22 | 000,200,704 | R--- | C] () -- C:\WINDOWS\System32\WinSys.exe [2011/05/21 15:34:22 | 000,069,632 | R--- | C] () -- C:\WINDOWS\System32\sw24.exe [2011/05/21 15:34:22 | 000,009,728 | R--- | C] () -- C:\WINDOWS\System32\sysinfoX64.sys [2011/05/21 15:34:22 | 000,008,192 | R--- | C] () -- C:\WINDOWS\System32\sysinfo.sys [2011/05/21 14:51:58 | 000,001,428 | R--- | C] () -- C:\WINDOWS\System32\drivers\nvphy.bin [2011/05/21 14:50:56 | 000,000,804 | R--- | C] () -- C:\WINDOWS\System32\AsusSetup.ini [2011/05/21 14:50:56 | 000,000,396 | R--- | C] () -- C:\WINDOWS\System32\raidmgmt.ini [2011/05/21 14:50:32 | 000,032,861 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini [2011/05/21 14:50:31 | 000,005,810 | R--- | C] () -- C:\WINDOWS\System32\drivers\ASACPI.sys [2011/05/21 14:50:24 | 000,010,288 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS [2011/05/21 14:47:32 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat [2011/05/21 14:43:09 | 000,021,892 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat [2008/07/26 08:25:02 | 000,025,624 | ---- | C] () -- C:\WINDOWS\System32\drivers\LVPr2Mon.sys [2007/06/28 18:43:00 | 001,703,936 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll [2007/06/28 18:43:00 | 001,626,112 | ---- | C] () -- C:\WINDOWS\System32\nwiz.exe [2007/06/28 18:43:00 | 001,474,560 | ---- | C] () -- C:\WINDOWS\System32\nview.dll [2007/06/28 18:43:00 | 001,339,392 | ---- | C] () -- C:\WINDOWS\System32\nvdspsch.exe [2007/06/28 18:43:00 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll [2007/06/28 18:43:00 | 001,018,772 | ---- | C] () -- C:\WINDOWS\System32\nvucode.bin [2007/06/28 18:43:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll [2007/06/28 18:43:00 | 000,442,368 | ---- | C] () -- C:\WINDOWS\System32\nvappbar.exe [2007/06/28 18:43:00 | 000,425,984 | ---- | C] () -- C:\WINDOWS\System32\keystone.exe [2007/06/28 18:43:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll [2002/08/29 12:18:54 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin [2001/08/28 16:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat [2001/08/28 16:00:00 | 000,367,658 | ---- | C] () -- C:\WINDOWS\System32\perfh00C.dat [2001/08/28 16:00:00 | 000,322,810 | ---- | C] () -- C:\WINDOWS\System32\perfi00C.dat [2001/08/28 16:00:00 | 000,311,604 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat [2001/08/28 16:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat [2001/08/28 16:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat [2001/08/28 16:00:00 | 000,048,616 | ---- | C] () -- C:\WINDOWS\System32\perfc00C.dat [2001/08/28 16:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin [2001/08/28 16:00:00 | 000,039,992 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat [2001/08/28 16:00:00 | 000,034,108 | ---- | C] () -- C:\WINDOWS\System32\perfd00C.dat [2001/08/28 16:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat [2001/08/28 16:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat [2001/08/23 15:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin [2001/08/23 15:00:00 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat ========== Custom Scans ========== < %SYSTEMDRIVE%\*.* > [2011/05/21 14:45:35 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT [2011/05/21 16:58:11 | 000,000,212 | ---- | M] () -- C:\Boot.bak [2011/07/11 22:06:27 | 000,000,328 | RHS- | M] () -- C:\boot.ini [2001/08/28 16:00:00 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin [2004/08/03 23:00:08 | 000,263,488 | RHS- | M] () -- C:\cmldr [2011/07/11 22:09:34 | 000,010,951 | ---- | M] () -- C:\ComboFix.txt [2011/05/21 14:45:35 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS [2011/05/21 14:45:35 | 000,000,000 | RHS- | M] () -- C:\IO.SYS [2011/05/21 14:45:35 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS [2011/05/21 16:55:54 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM [2011/05/23 13:01:59 | 000,252,240 | RHS- | M] () -- C:\ntldr [2011/07/12 18:04:24 | 2145,386,496 | -HS- | M] () -- C:\pagefile.sys [2011/07/12 18:10:57 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin [2011/07/10 12:54:23 | 000,000,359 | ---- | M] () -- C:\rkill.log < %systemroot%\*. /mp /s > < %systemroot%\system32\*.dll /lockedfiles > < %systemroot%\Tasks\*.job /lockedfiles > < %systemroot%\System32\config\*.sav > [2011/05/21 16:34:59 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav [2011/05/21 16:34:59 | 000,630,784 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav [2011/05/21 16:34:59 | 000,417,792 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav < %systemroot%\system32\drivers\*.sys /90 > [2011/04/14 21:28:42 | 000,134,480 | ---- | M] (AVG Technologies CZ, s.r.o. ) -- C:\WINDOWS\system32\drivers\AVGIDSDriver.sys [2011/05/29 09:11:20 | 000,022,712 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\system32\drivers\mbam.sys [2011/05/29 09:11:30 | 000,039,984 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys [2011/04/29 18:19:43 | 000,456,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\mrxsmb.sys [2011/04/21 15:37:43 | 000,105,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\mup.sys < HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU > "AUOptions" = 4 "AutoInstallMinorUpdates" = 1 "NoAutoUpdate" = 0 < HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs > HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2011-06-29 10:59:08 < End of report > Rapport EXTRAS dans la réponse suivante Saxaphone

Bonsoir Lace_yien, j'ai désinstallé AVG 2011, mais j'avais des reste de AVG 2010, que j'ai du virer manuellement + CCleaner et Regseeker pour nettoyer la base de registre de AVG. Combofix ok, rapport ci-dessous: ComboFix 11-07-07.06 - Saxo 11/07/2011 22:07:06.1.2 - x86 Lancé depuis: c:\documents and settings\Saxo\Bureau\ComboFix.exe . . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . . c:\windows\system32\SysInfo.dll . . ((((((((((((((((((((((((((((( Fichiers créés du 2011-06-11 au 2011-07-11 )))))))))))))))))))))))))))))))))))) . . 2011-07-09 10:59 . 2011-07-09 10:59 -------- d-----w- c:\windows\Internet Logs 2011-07-02 14:43 . 2011-07-02 14:43 -------- d-----w- c:\documents and settings\Saxo\Local Settings\Application Data\WMTools Downloaded Files 2011-07-02 12:12 . 2011-07-02 12:12 -------- d-----w- c:\documents and settings\Saxo\Application Data\Malwarebytes 2011-07-02 12:12 . 2011-07-02 12:12 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes 2011-07-02 12:12 . 2011-05-29 07:11 39984 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2011-07-02 12:12 . 2011-07-02 12:12 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2011-07-02 12:12 . 2011-05-29 07:11 22712 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-07-02 10:59 . 2008-04-14 02:33 15360 ----a-w- c:\windows\system32\ctfmon.exe.backup 2011-07-02 10:53 . 2011-07-02 10:53 -------- d-----w- c:\program files\xp-AntiSpy 2011-07-01 17:52 . 2011-07-01 17:52 89048 ----a-w- c:\program files\Mozilla Firefox\libEGL.dll 2011-07-01 17:52 . 2011-07-01 17:52 465880 ----a-w- c:\program files\Mozilla Firefox\libGLESv2.dll 2011-07-01 17:52 . 2011-07-01 17:52 2106216 ----a-w- c:\program files\Mozilla Firefox\D3DCompiler_43.dll 2011-07-01 17:52 . 2011-07-01 17:52 1998168 ----a-w- c:\program files\Mozilla Firefox\d3dx9_43.dll 2011-07-01 17:52 . 2011-07-01 17:52 15832 ----a-w- c:\program files\Mozilla Firefox\mozalloc.dll 2011-07-01 17:52 . 2011-07-01 17:52 142296 ----a-w- c:\program files\Mozilla Firefox\components\browsercomps.dll 2011-07-01 17:52 . 2011-07-01 17:52 781272 ----a-w- c:\program files\Mozilla Firefox\mozsqlite3.dll 2011-07-01 17:52 . 2011-07-01 17:52 1850328 ----a-w- c:\program files\Mozilla Firefox\mozjs.dll 2011-06-29 16:23 . 2007-07-19 16:14 444776 ----a-w- c:\windows\system32\d3dx10_35.dll 2011-06-29 16:23 . 2007-07-19 16:14 1358192 ----a-w- c:\windows\system32\D3DCompiler_35.dll 2011-06-29 16:23 . 2007-07-19 16:14 3727720 ----a-w- c:\windows\system32\d3dx9_35.dll 2011-06-29 16:23 . 2007-05-16 14:45 443752 ----a-w- c:\windows\system32\d3dx10_34.dll 2011-06-29 16:23 . 2007-05-16 14:45 1124720 ----a-w- c:\windows\system32\D3DCompiler_34.dll 2011-06-29 16:23 . 2007-05-16 14:45 3497832 ----a-w- c:\windows\system32\d3dx9_34.dll 2011-06-29 16:23 . 2007-04-04 16:53 81768 ----a-w- c:\windows\system32\xinput1_3.dll 2011-06-29 16:20 . 2011-06-29 16:20 -------- d-----w- c:\program files\Electronic Arts 2011-06-29 16:19 . 2011-06-29 16:19 -------- d--h--r- c:\documents and settings\Saxo\Application Data\SecuROM 2011-06-29 16:19 . 2011-06-29 16:19 107888 ----a-w- c:\windows\system32\CmdLineExt.dll 2011-06-29 11:34 . 2011-06-29 11:34 -------- d-----w- c:\program files\Ad-Remover 2011-06-19 09:18 . 2011-06-19 09:18 -------- d-----w- c:\program files\VS Revo Group 2011-06-15 07:11 . 2011-06-15 07:15 -------- d-----w- c:\windows\SxsCaPendDel 2011-06-15 07:08 . 2011-04-21 13:37 105472 -c----w- c:\windows\system32\dllcache\mup.sys 2011-06-15 07:08 . 2011-04-29 19:07 852480 -c----w- c:\windows\system32\dllcache\vgx.dll 2011-06-14 09:24 . 2011-06-14 09:24 -------- d-----w- c:\program files\Fichiers communs\Java 2011-06-13 07:28 . 2011-06-13 07:28 -------- d-----w- c:\windows\Sun 2011-06-13 07:27 . 2011-05-04 02:52 476904 ----a-w- c:\program files\Mozilla Firefox\plugins\npdeployJava1.dll 2011-06-13 07:27 . 2011-05-04 02:52 472808 ----a-w- c:\windows\system32\deployJava1.dll 2011-06-13 07:27 . 2011-05-04 00:25 73728 ----a-w- c:\windows\system32\javacpl.cpl 2011-06-13 07:27 . 2011-06-14 09:24 -------- d-----w- c:\program files\Java 2011-06-12 18:09 . 2011-06-12 18:09 -------- d-----w- c:\documents and settings\Saxo\Application Data\Media Player Classic 2011-06-12 15:11 . 2011-06-25 11:07 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2011-06-12 10:21 . 2011-07-11 19:35 -------- d-----w- c:\documents and settings\Saxo\Local Settings\Application Data\Temp . . . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2011-05-02 15:31 . 2011-05-21 12:43 692736 ----a-w- c:\windows\system32\inetcomm.dll 2011-04-29 17:25 . 2002-08-29 09:44 151552 ----a-w- c:\windows\system32\schannel.dll 2011-04-29 16:19 . 2002-08-28 23:59 456320 ----a-w- c:\windows\system32\drivers\mrxsmb.sys 2011-04-25 14:47 . 2006-06-23 11:28 671232 ----a-w- c:\windows\system32\wininet.dll 2011-04-25 14:47 . 2004-08-19 23:09 81920 ------w- c:\windows\system32\ieencode.dll 2011-04-25 14:47 . 2001-08-28 14:00 61952 ----a-w- c:\windows\system32\tdc.ocx 2011-04-25 14:42 . 2004-08-19 22:56 371200 ------w- c:\windows\system32\html.iec 2011-04-21 13:37 . 2002-08-29 00:12 105472 ----a-w- c:\windows\system32\drivers\mup.sys 2011-07-01 17:52 . 2011-07-01 17:52 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll . . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2006-12-18 868352] "Sunkist2k"="c:\program files\Multimedia Card Reader\shwicon2k.exe" [2004-08-06 135168] "NvCplDaemon"="c:\windows\System32\NvCpl.dll" [2007-06-28 8466432] "Logitech Hardware Abstraction Layer"="KHALMNPR.EXE" [2006-07-19 94208] "Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2006-07-19 94208] . c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\ Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2011-5-21 671744] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer] "NoSMMyPictures"= 0 (0x0) "NoStartMenuMyMusic"= 0 (0x0) "NoRecentDocsNetHood"= 0 (0x0) "NoSimpleStartMenu"= 0 (0x0) . [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] "NoSMMyPictures"= 0 (0x0) "NoStartMenuMyMusic"= 0 (0x0) "NoRecentDocsNetHood"= 1 (0x1) . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~1\AVG\AVG10\avgchsvx.exe /sync\0c:\progra~1\AVG\AVG10\avgrsx.exe /sync /restart . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-] "NvMediaCenter"=RUNDLL32.EXE c:\windows\System32\NvMcTray.dll,NvTaskbarInit "SoundMAX"="c:\program files\Analog Devices\SoundMAX\Smax4.exe" /tray "LVCOMSX"="c:\program files\Fichiers communs\Logitech\LComMgr\LVComSX.exe" "nwiz"=nwiz.exe /install "LogitechQuickCamRibbon"="c:\program files\Logitech\QuickCam\Quickcam.exe" /hide "SunJavaUpdateSched"="c:\program files\Fichiers communs\Java\Java Update\jusched.exe" "LogitechCommunicationsManager"="c:\program files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe" . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall] "DisableMonitoring"=dword:00000001 . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= "c:\\Program Files\\Electronic Arts\\Crytek\\Crysis SP Demo\\Bin32\\Crysis.exe"= . R2 LBeepKE;LBeepKE;c:\windows\system32\drivers\LBeepKE.sys [21/05/2011 18:57 3712] R3 SunkFilt62;Alcor Micro Corp - 6362;c:\windows\system32\drivers\sunkfilt62.sys [23/07/2004 14:55 46536] S3 BANG;BANG;\??\c:\docume~1\Saxo\LOCALS~1\Temp\BANG.SYS --> c:\docume~1\Saxo\LOCALS~1\Temp\BANG.SYS [?] S3 SunkFilt6;Alcor Micro Corp - 6360;\??\c:\windows\System32\Drivers\sunkfilt6.sys --> c:\windows\System32\Drivers\sunkfilt6.sys [?] . . ------- Examen supplémentaire ------- . uStart Page = hxxp://www.free.fr/ IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 LSP: %SYSTEMROOT%\system32\nvappfilter.dll TCP: DhcpNameServer = 212.27.40.240 212.27.40.241 DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab FF - ProfilePath - c:\documents and settings\Saxo\Application Data\Mozilla\Firefox\Profiles\uc4c2cpk.default\ FF - prefs.js: browser.search.defaulturl - hxxp://www.bing.com/search?FORM=IEFM1&q= FF - prefs.js: browser.search.selectedEngine - AVG Secure Search FF - prefs.js: browser.startup.homepage - hxxp://www.free.fr FF - prefs.js: keyword.URL - hxxp://search.avg.com/route/?d=4dd7dd66&v=7.005.030.004&i=23&tp=ab&iy=&ychte=fr&lng=fr&q= . - - - - ORPHELINS SUPPRIMES - - - - . WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file) . . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2011-07-11 22:08 Windows 5.1.2600 Service Pack 3 NTFS . Recherche de processus cachés ... . Recherche d'éléments en démarrage automatique cachés ... . Recherche de fichiers cachés ... . Scan terminé avec succès Fichiers cachés: 0 . ************************************************************************** . --------------------- CLES DE REGISTRE BLOQUEES --------------------- . [HKEY_USERS\S-1-5-21-57989841-115176313-725345543-1003\Software\Microsoft\SystemCertificates\AddressBook*] @Allowed: (Read) (RestrictedCode) @Allowed: (Read) (RestrictedCode) . [HKEY_USERS\S-1-5-21-57989841-115176313-725345543-1003\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*] @Allowed: (Read) (RestrictedCode) @Allowed: (Read) (RestrictedCode) . --------------------- DLLs chargées dans les processus actifs --------------------- . - - - - - - - > 'lsass.exe'(952) c:\windows\system32\nvappfilter.dll . Heure de fin: 2011-07-11 22:09:33 ComboFix-quarantined-files.txt 2011-07-11 20:09 . Avant-CF: 85 100 142 592 octets libres Après-CF: 85 064 495 104 octets libres . WindowsXP-KB310994-SP2-Home-BootDisk-FRA.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons UnsupportedDebug="do not select this" /debug multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professionnel" /fastdetect /NoExecute=OptIn . - - End Of File - - 1D556BE432DE7B8ECC14CD32A520561A "SecurityCheck" OK, rapport ci-dessous: Results of screen317's Security Check version 0.99.17 Windows XP Service Pack 3 Internet Explorer 6 Out of date! `````````````````````````````` Antivirus/Firewall Check: WMI entry may not exist for antivirus; attempting automatic update. ``````````````````````````````` Anti-malware/Other Utilities Check: Malwarebytes' Anti-Malware HijackThis 2.0.2 CCleaner Java 6 Update 26 Adobe Flash Player 10.3.181.26 Mozilla Firefox (x86 fr..) ```````````````````````````````` Process Check: objlist.exe by Laurent ``````````End of Log```````````` merci & A+ Saxaphone

Bonjour Lance_yien Désolé pour ma réponse tardive, mais comme je te l'ai dit, beaucoup de boulot & pas vraiment de temps à consacrer à mon problème d'ordinateur, j'ai enfin pu faire ce que tu m'a demandé. j'ai télécharger les trois version de Rkill, ainsi que Combofix depuis tes liens sur mon bureau. j'ai redémarré en mode sans échec avec prise en charge du réseau. J'ai lancé Rkill.com et à la fin je n'avais plus d’icônes sur le bureau mais j'ai lancé Combofix depuis le gestionnaire de tache. une console s'ouvre mais à la fin, il m'est dit qu'il faut que je désinstalle mon anti virus AVG car Combofix ne fonctionne pas avec AVG installé sur l'ordi. Dois-je réellement désinstaller AVG ? et est-ce normale de ne plus avoir aucun icônes, ni la barre de démarrage après avoir lancé Rkill ? merci d'avance & A+ Saxaphone

Bonjour, je reviens sur ce forum, suite à la demande de Tonton57, qui n'a pas pu, malgré son aide précieuse, résoudre mon problème. ci-dessous le lien vers le sujet: http://forum.zebulon.fr/findpost-t186344-p1561355.html merci d'avance de votre aide. A+ Saxaphone

Tonton, Grand merci de ton aide, je vais suivre tes indications. Bon dimanche à toi et bravo pour ton implication dans la résolution de mon problème. Amicalement Saxaphone

Info supplémentaire: ZHPDiag à aussi créé un raccourci sur le bureau nommé "MBRCheck", qui me fait également un crash Windows si je le lance. A+ Saxaphone

Salut Tonton, désolé pour ma réponse tardive, je suis allé m'aérer la tête hier soir. j'ai téléchargé ZHPDiag depuis ton lien, il m'a installer un exécutable nommé "ZHPDiag2.exe". J'ai installé & lancé le diag, à la fin du diag, après 1 minute => Crash Windows, écran bleu de la mort. ci-dessous les info's que j'ai récupéré sur l'écran: STOP 0X00000074 (0XE1D768D0, 0XC0000185, 0XBF911410,0X683F1860) win32k.sys - adress BF911410 base at BF800000, Date stemp 4D6F95BD Redémarrage de l'ordi & nouveau ZHPDiag, même problème et au redémarrage de l'ordi, Windows m'informe qu'un fichier nommé "program" à la racine de C:\ pourrait générer des problèmes avec certains logiciels et Windows me propose de le renommer en program1 ce que j'ai fait puis supprimé ce fichier. il m'ait impossible de mettre le rapport sous l’hébergeur. Désolé, que dois-je faire.... A+ Saxaphone

Salut Tonton, voici le rapport Malwarebytes: Malwarebytes' Anti-Malware 1.51.0.1200 www.malwarebytes.org Version de la base de données: 7004 Windows 5.1.2600 Service Pack 3 Internet Explorer 6.0.2900.5512 02/07/2011 16:50:14 mbam-log-2011-07-02 (16-50-14).txt Type d'examen: Examen complet (C:\|D:\|E:\|) Elément(s) analysé(s): 200172 Temps écoulé: 16 minute(s), 2 seconde(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 0 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 6 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): (Aucun élément nuisible détecté) Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): d:\system volume information\_restore{ebd78102-8011-43c1-b9f4-89b4291b99ad}\RP10\A0003870.exe (Trojan.Downloader) -> Quarantined and deleted successfully. d:\system volume information\_restore{ebd78102-8011-43c1-b9f4-89b4291b99ad}\RP10\A0003872.exe (Trojan.Downloader) -> Quarantined and deleted successfully. d:\system volume information\_restore{ebd78102-8011-43c1-b9f4-89b4291b99ad}\RP10\A0003873.exe (Trojan.Downloader) -> Quarantined and deleted successfully. d:\system volume information\_restore{ebd78102-8011-43c1-b9f4-89b4291b99ad}\RP10\A0003874.exe (Trojan.Downloader) -> Quarantined and deleted successfully. d:\system volume information\_restore{ebd78102-8011-43c1-b9f4-89b4291b99ad}\RP10\A0003877.exe (Trojan.Agent.CK) -> Quarantined and deleted successfully. d:\system volume information\_restore{ebd78102-8011-43c1-b9f4-89b4291b99ad}\RP10\A0003878.EXE (Dont.Steal.Our.Software) -> Quarantined and deleted successfully. Mais bizarrement, Crash XP lors de la suppression. j'ai redémarré l'ordi, mais toujours le même problème de pare feu Windows. autre question, faut-il impérativement installer IE8 même si je ne l'utilise pas ? j'utilise Firefox 5.0 A+ Saxaphone

Salut Tonton j'ai désinstallé & réinstallé Windows antispy à partir de ton lien OK J'ai désinstallé spybot bien que je n'utilisait pas l'option Teatimer, mais S&D Helper et que spybot en mode avancé permet de désactiver certaines entrées de démarrage inutiles, je trouvais cela très pratique. enfin bon... je te fais confiance sans problème. J'ai du désinstaller de nouveau Zone alarm, car même en ayant ma connexion au réseau local désactivé au démarrage, l'interface utilisateur restait en initialisation, et durant l'installation de Malwarebytes anti malware, impossible de faire une mise à jour, car aucune alerte de zone alarm pour autoriser la mise à jour. Enfin, tout est OK, ci-dessous les rapports Malwarebytes anti malware & checkup.txt Malwarebytes' Anti-Malware 1.51.0.1200 www.malwarebytes.org Version de la base de données: 7003 Windows 5.1.2600 Service Pack 3 Internet Explorer 6.0.2900.5512 02/07/2011 14:32:35 mbam-log-2011-07-02 (14-32-23).txt Type d'examen: Examen complet (C:\|D:\|E:\|) Elément(s) analysé(s): 199852 Temps écoulé: 18 minute(s), 7 seconde(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 0 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 6 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): (Aucun élément nuisible détecté) Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): d:\logiciels\win rar 3.2 + crack\CORE10k.EXE (Dont.Steal.Our.Software) -> No action taken. d:\logiciels\Video\sonic_foundry_mainconcept_mpeg_1[1].2_plugin_v1.0\damn_concmpeg_plugin10_kg.exe (Trojan.Agent.CK) -> No action taken. d:\logiciels\Video\sonysoftwarekey\Keygen\Keygen.exe (Trojan.Downloader) -> No action taken. d:\logiciels\Video\sonysoftwarekey\Keygen\sf8_retail.exe (Trojan.Downloader) -> No action taken. d:\logiciels\Video\sonysoftwarekey\Keygen\sf8_trial.exe (Trojan.Downloader) -> No action taken. d:\logiciels\Video\ssg_key\keygen.exe (Trojan.Downloader) -> No action taken. Checkup.txt Results of screen317's Security Check version 0.99.17 Windows XP Service Pack 3 Internet Explorer 6 Out of date! `````````````````````````````` Antivirus/Firewall Check: AVG 2011 Antivirus up to date! ``````````````````````````````` Anti-malware/Other Utilities Check: MVPS Hosts File Malwarebytes' Anti-Malware HijackThis 2.0.2 CCleaner Java 6 Update 26 Adobe Flash Player 10.3.181.26 Mozilla Firefox (x86 fr..) ```````````````````````````````` Process Check: objlist.exe by Laurent AVG avgwdsvc.exe AVG avgtray.exe AVG avgrsx.exe AVG avgnsx.exe AVG avgemc.exe ``````````End of Log```````````` A+ Saxaphone

Salut Tonton, J'ai vérifié java c'est bien la dernière version. J'ai téléchargé & installé la dernière version de flash player. J'ai installé la version 5.0 de Mozilla Firefox. Windows update, pour ma part, je préfère le laisser en manuel (Télécharger & m'avertir) pour choisir les mises à jours à installer personnellement. Pour AVG, c'est AVG anti-virus free edition 2011, et il n'y a pas de pare-feu intégré, seulement un bouclier résident. j'utilise également XP Antispy, et j'ai modifier le paramètre de mise à jour d'internet explorer pour le repasser en automatique. voilà, je crois que je t'ai tout dis. merci encore de ton aide A+ Saxaphone

Bonjour Tonton57 et merci pour ton aide rapide. tout d'abord, il faut savoir que Zone alarm fonctionne mais uniquement si ma connexion réseau local est désactivé au démarrage, je l'active après démarrage pour accéder au net. ce qui était le cas lors de l'analyse de Security Check. ci-dessous le rapport: Results of screen317's Security Check version 0.99.17 Windows XP Service Pack 3 Internet Explorer 6 Out of date! `````````````````````````````` Antivirus/Firewall Check: AVG 2011 ZoneAlarm Antivirus up to date! ``````````````````````````````` Anti-malware/Other Utilities Check: MVPS Hosts File xp-AntiSpy 3.96-8 Spybot - Search & Destroy HijackThis 2.0.2 CCleaner Java 6 Update 26 Out of date Java installed! Adobe Flash Player 10.3.181.26 Mozilla Firefox (3.6.18) Firefox Out of Date! ```````````````````````````````` Process Check: objlist.exe by Laurent AVG avgwdsvc.exe AVG avgtray.exe AVG avgrsx.exe AVG avgnsx.exe AVG avgemc.exe Zone Labs ZoneAlarm zlclient.exe ``````````End of Log````````````

Bonjour, j'ai posté ce sujet le 21 juin 2011, mais aucune réponse à ce jour, je n'ai peut-être posté sur le bon forum? merci d'avance de votre aide "http://forum.zebulon.fr/probleme-parefeu-desactive-au-demarrage-t186119.html" amicalement Saxaphone