michelba

Pas bête! Bon, je crois que tout est fait. Je te dis un grand merci!

Le message d'erreur est Vous devez disposer d 'une autorisation pour effectuer cette action.

C'est fait, mais il y a toujours un dossier C:\ComboFix que je n'ai pas réussi à enlever. Par contre C:\QooBox est parti.

C'est bon, plus de O20.

C'est fait. Bonne nuit et à demain, alors! Merci.

Le voilà : ====================================== Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 23:16:25, on 31/01/2009 Platform: Windows Vista (WinNT 6.00.1904) MSIE: Internet Explorer v7.00 (7.00.6000.16764) Boot mode: Normal Running processes: C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe C:\Windows\RtHDVCpl.exe C:\Program Files\Launch Manager\LManager.exe C:\Windows\system32\wuauclt.exe C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\Program Files\ICQ6\ICQ.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Windows\ehome\ehtray.exe C:\Acer\Empowering Technology\ENET\ENMTRAY.EXE C:\Windows\ehome\ehmsas.exe C:\Windows\System32\rundll32.exe C:\Acer\Empowering Technology\EPOWER\EPOWER_DMC.EXE C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE C:\Users\ALEXAN~1\AppData\Local\Temp\RtkBtMnt.exe C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe C:\Program Files\Internet Explorer\ieuser.exe C:\Users\alexandra\Desktop\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ::1 localhost O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: XTTBPos00 - {055FD26D-3A88-4e15-963D-DC8493744B1D} - C:\PROGRA~1\ICQTOO~1\4324\toolbaru.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\ievkbd.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Windows\system32\ActiveToolBand.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenкtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\PROGRA~1\ICQTOO~1\4324\toolbaru.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe O4 - HKLM\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe" O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [iCQ] "C:\Program Files\ICQ6\ICQ.exe" silent O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Empowering Technology Launcher.lnk = ? O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~1.0_0\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~1.0_0\bin\ssv.dll O9 - Extra button: Statistiques de la protection du trafic Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\SCIEPlgn.dll O9 - Extra button: Envoyer а OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Envoyer а OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe (file missing) O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe (file missing) O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe O13 - Gopher Prefix: O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://vkontakte.ru/uploader/ImageUploader4.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O20 - AppInit_DLLs: G G G O23 - Service: Kaspersky Anti-Virus (avp) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe O23 - Service: eDSService.exe (eDataSecurity Service) - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe O23 - Service: eLock Service (eLockService) - Acer Inc. - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe O23 - Service: eNet Service - Acer Inc. - C:\Acer\Empowering Technology\eNet\eNet Service.exe O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe O23 - Service: ePower Service (WMIService) - acer - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe -- End of file - 8772 bytes

Oui tout est nickel. Je marque résolu?

Non, c'est bon, Norton a disparu! D'autre part, Internet se connecte maintenant! C'était peut-être ça le problème... On arrête ou on peaufine les vérifications? J'attends tes instructions. Et merci infiniment!

Le voilà : ==================================== Logfile of random's system information tool 1.05 (written by random/random) Run by alexandra at 2009-01-30 23:27:16 Microsoft® Windows Vista™ Йdition Familiale Premium System drive C: has 11 GB (34%) free of 33 GB Total RAM: 766 MB (34% free) HijackThis download failed ======Scheduled tasks folder====== C:\Windows\tasks\User_Feed_Synchronization-{CFFA675E-CF03-45CC-8E49-BCF05E1BD668}.job C:\Windows\tasks\Vйrifier les mises а jour de Windows Live Toolbar.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}] Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2006-11-29 436288] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{055FD26D-3A88-4e15-963D-DC8493744B1D}] XTTBPos00 Class - C:\PROGRA~1\ICQTOO~1\4324\toolbaru.dll [2006-12-25 701952] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] AcroIEHlprObj Class - c:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2004-12-14 63136] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}] Skype add-on (mastermind) - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2008-06-03 1404928] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C}] IEVkbdBHO Class - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\ievkbd.dll [2008-11-11 62728] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] SSVHelper Class - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{83A2F9B1-01A2-4AA5-87D1-45B6B8505E96}] ShowBarObj Class - C:\Windows\system32\ActiveToolBand.dll [2007-02-06 299008] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2006-08-31 322368] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] Google Toolbar Helper - c:\program files\google\googletoolbar1.dll [2008-07-28 2436160] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0}] Windows Live Toolbar Helper - C:\Program Files\Windows Live Toolbar\msntb.dll [2007-10-19 546320] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - Acer eDataSecurity Management - C:\Windows\system32\eDStoolbar.dll [2007-02-06 151552] {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar avec bloqueur de fenкtres pop-up - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2006-11-29 436288] {855F3B16-6D32-4fe6-8A56-BBB695989046} - ICQ Toolbar - C:\PROGRA~1\ICQTOO~1\4324\toolbaru.dll [2006-12-25 701952] {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - Windows Live Toolbar - C:\Program Files\Windows Live Toolbar\msntb.dll [2007-10-19 546320] {2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\program files\google\googletoolbar1.dll [2008-07-28 2436160] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "WarReg_PopUp"=C:\Acer\WR_PopUp\WarReg_PopUp.exe [2006-11-05 57344] "SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2006-10-23 815104] "SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe [2008-06-10 144784] "RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2006-11-09 3784704] "NvSvc"=C:\Windows\system32\nvsvc.dll [2007-02-06 90191] "NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2007-02-06 81920] "NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2007-02-06 7770112] "LManager"=C:\PROGRA~1\LAUNCH~1\LManager.exe [2006-12-21 659456] "eDataSecurity Loader"=C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe [2007-02-06 464168] "Acer Tour Reminder"=C:\Acer\AcerTour\Reminder.exe [2007-01-17 151552] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "MsnMsgr"=C:\Program Files\MSN Messenger\MsnMsgr.Exe [2007-01-19 5674352] "ICQ"=C:\Program Files\ICQ6\ICQ.exe [2008-09-01 173304] "WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2006-11-02 201728] "swg"=C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe [2008-07-28 171448] "Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2008-01-09 1232896] "ehTray.exe"=C:\Windows\ehome\ehTray.exe [2006-11-02 125440] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe Empowering Technology Launcher.lnk - C:\Acer\Empowering Technology\eAPLauncher.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLS"="G G G" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon] C:\Windows\system32\klogon.dll [2008-11-11 218376] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDrives"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"= "NoDrives"= [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\G] shell\AutoRun\command - G:\LaunchU3.exe -a [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{96e78210-109b-11dd-ab98-0016d35b843a}] shell\AutoRun\command - F:\EmDesk.exe shell\EmDesk\command - F:\EmDesk.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d900ae78-9286-11dc-9697-0016d35b843a}] shell\AutoRun\command - G:\LaunchU3.exe -a ======List of files/folders created in the last 1 months====== 2009-01-30 09:25:18 ----D---- C:\ProgramData\NortonInstaller 2009-01-29 19:21:39 ----D---- C:\Windows\temp 2009-01-29 19:21:32 ----A---- C:\ComboFix.txt 2009-01-29 19:14:04 ----A---- C:\Windows\PSEXESVC.EXE 2009-01-28 23:32:02 ----A---- C:\Windows\zip.exe 2009-01-28 23:32:02 ----A---- C:\Windows\VFIND.exe 2009-01-28 23:32:02 ----A---- C:\Windows\SWXCACLS.exe 2009-01-28 23:32:02 ----A---- C:\Windows\SWSC.exe 2009-01-28 23:32:02 ----A---- C:\Windows\SWREG.exe 2009-01-28 23:32:02 ----A---- C:\Windows\sed.exe 2009-01-28 23:32:02 ----A---- C:\Windows\NIRCMD.exe 2009-01-28 23:32:02 ----A---- C:\Windows\grep.exe 2009-01-28 23:32:02 ----A---- C:\Windows\fdsv.exe 2009-01-28 23:31:54 ----D---- C:\Windows\ERDNT 2009-01-28 23:31:54 ----D---- C:\Qoobox 2009-01-28 23:31:53 ----D---- C:\ComboFix 2009-01-28 17:39:55 ----D---- C:\rsit 2009-01-28 17:39:55 ----D---- C:\Program Files\trend micro 2009-01-08 21:29:54 ----D---- C:\Windows\pss 2009-01-07 20:43:45 ----A---- C:\Windows\system32\mshtml.dll 2009-01-04 03:54:40 ----D---- C:\Windows\Minidump 2009-01-03 21:23:01 ----SHD---- C:\Config.Msi 2009-01-03 21:10:53 ----D---- C:\ProgramData\Kaspersky Lab Setup Files ======List of files/folders modified in the last 1 months====== 2009-01-30 23:27:17 ----D---- C:\Windows\Prefetch 2009-01-30 21:04:59 ----D---- C:\ProgramData\Kaspersky Lab 2009-01-30 20:43:36 ----D---- C:\Program Files\Mozilla Firefox 2009-01-30 10:31:15 ----SHD---- C:\System Volume Information 2009-01-30 09:27:04 ----RD---- C:\Program Files 2009-01-30 09:27:04 ----D---- C:\Program Files\Common Files 2009-01-30 09:27:01 ----AD---- C:\Windows\system32\drivers 2009-01-30 09:26:59 ----HD---- C:\ProgramData 2009-01-30 09:25:32 ----SHD---- C:\Windows\Installer 2009-01-29 21:05:04 ----D---- C:\Windows\winsxs 2009-01-29 19:21:44 ----D---- C:\Windows\system32\fr-FR 2009-01-29 19:21:44 ----AD---- C:\Windows\System32 2009-01-29 19:21:39 ----AD---- C:\Windows 2009-01-29 19:14:46 ----A---- C:\Windows\system.ini 2009-01-29 19:11:40 ----D---- C:\Windows\AppPatch 2009-01-28 17:42:27 ----A---- C:\Windows\system32\PerfStringBackup.INI 2009-01-28 17:41:24 ----D---- C:\Windows\inf 2009-01-28 17:28:46 ----D---- C:\Windows\system32\catroot 2009-01-28 17:28:38 ----D---- C:\Program Files\Windows Mail 2009-01-28 00:43:54 ----D---- C:\Windows\system32\catroot2 2009-01-10 02:35:28 ----A---- C:\Windows\system32\mrt.exe 2009-01-08 21:47:14 ----D---- C:\Windows\system32\LogFiles 2009-01-08 09:50:33 ----D---- C:\Users\alexandra\AppData\Roaming\Skype 2009-01-08 09:50:23 ----D---- C:\Users\alexandra\AppData\Roaming\skypePM 2009-01-03 22:19:19 ----SD---- C:\ProgramData\Microsoft 2009-01-03 21:47:46 ----D---- C:\Program Files\Kaspersky Lab 2009-01-03 21:29:33 ----D---- C:\Windows\Tasks ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 kl1;kl1; C:\Windows\system32\DRIVERS\kl1.sys [2008-07-21 121872] R1 KLIF;Kaspersky Lab Driver; C:\Windows\system32\DRIVERS\klif.sys [2008-10-27 239632] R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter; C:\Windows\system32\DRIVERS\klim6.sys [2008-07-09 20496] R2 int15;int15; \??\C:\Windows\system32\drivers\int15.sys [2007-01-02 76584] R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2006-06-19 12672] R2 RMCAST;Pilote du protocole RMCAT PGMP; C:\Windows\system32\DRIVERS\RMCAST.sys [2008-05-10 113664] R2 XAudio;XAudio; C:\Windows\system32\DRIVERS\xaudio.sys [2006-08-05 8192] R3 BCM43XX;Pilote pour carte rйseau Broadcom 802.11; C:\Windows\system32\DRIVERS\bcmwl6.sys [2006-12-19 534016] R3 Cam5607;Acer OrbiCam; C:\Windows\System32\Drivers\BisonC07.sys [2005-11-29 792368] R3 CmBatt;Pilote pour Batterie а mйthode de contrфle ACPI Microsoft; C:\Windows\system32\DRIVERS\CmBatt.sys [2007-11-15 14208] R3 DKbFltr;Dritek Keyboard Filter Driver; C:\Windows\system32\DRIVERS\DKbFltr.sys [2006-11-03 21264] R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\HSX_DPV.sys [2006-11-08 986624] R3 HSXHWAZL;HSXHWAZL; C:\Windows\system32\DRIVERS\HSXHWAZL.sys [2006-11-08 206848] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2006-11-09 1647976] R3 NTIDrvr;Upper Class Filter Driver; C:\Windows\system32\DRIVERS\NTIDrvr.sys [2007-03-27 6144] R3 NVENETFD;Pilote du contrфleur de rйseau NVIDIA nForce; C:\Windows\system32\DRIVERS\nvm60x32.sys [2006-11-02 429056] R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2007-02-06 4456320] R3 nvsmu;nvsmu; C:\Windows\system32\DRIVERS\nvsmu.sys [2006-09-15 11520] R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2006-10-23 179896] R3 tifm21;tifm21; C:\Windows\system32\drivers\tifm21.sys [2006-07-06 168448] R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HSX_CNXT.sys [2006-11-08 659968] R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2007-11-15 11264] S3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2006-11-02 467456] S3 BCM43XV;Pilote de la carte rйseau extensible Broadcom 802.11; C:\Windows\system32\DRIVERS\bcmwl6.sys [2006-12-19 534016] S3 catchme;catchme; \??\C:\ComboFix\catchme.sys [] S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\Windows\system32\drivers\drmkaud.sys [2006-11-02 5632] S3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520] S3 HSFHWAZL;HSFHWAZL; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2006-11-02 200704] S3 ialm;ialm; C:\Windows\system32\DRIVERS\igdkmd32.sys [2006-10-19 1380864] S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2006-11-02 8192] S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2006-11-02 5888] S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2006-11-02 5504] S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2006-11-02 6016] S3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2006-11-02 44544] S3 usbvideo;Pйriphйrique vidйo USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2006-11-02 132352] S4 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2006-11-02 82432] S4 UIUSys;Conexant Setup API; C:\Windows\system32\DRIVERS\UIUSYS.SYS [] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 eDataSecurity Service;eDSService.exe; C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe [2007-02-06 457512] R2 eLockService;eLock Service; C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe [2006-12-22 24576] R2 eNet Service;eNet Service; C:\Acer\Empowering Technology\eNet\eNet Service.exe [2007-03-22 131072] R2 eRecoveryService;eRecovery Service; C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe [2007-01-31 53248] R2 eSettingsService;eSettings Service; C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe [2007-01-02 24576] R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2006-12-14 61440] R2 MobilityService;MobilityService; C:\Acer\Mobility Center\MobilityService.exe [2006-11-24 107008] R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe [2006-07-20 262247] R2 WMIService;ePower Service; C:\Acer\Empowering Technology\ePower\ePowerSvc.exe [2007-01-02 135168] R2 XAudioService;XAudioService; C:\Windows\system32\DRIVERS\xaudio.exe [2006-08-05 386560] R3 avp;Kaspersky Anti-Virus; C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe [2008-11-11 206088] S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-07-28 138168] S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776] S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184] S3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\MSN Messenger\usnsvc.exe [2007-01-19 97136] -----------------EOF-----------------

Oui, le centre de sécurité m'indique : "Le pare-feu Windows et Norton Internet Security indiquent qu'ils sont tous deux activés" (car entre temps, pensant être débarassé de Norton, j'avais réactivé le pare-feu Windows!) ...??

Et d'autre part, l'UAC a l'air de fonctionner ; chaque opération engendre une demande d'autorisation ou presque...

Bizarre... Après redémarrage, je suis allé ouvrir le centre de sécurité. Dans la section "Pare-Feu", on lit encore : Norton Internet Security indique qu'il est activé! Quand je clique sur "Afficher les programmes pare-feu", c'est confirmé et on lit aussi que le pare-feu Windows est désactivé. Maintenant, quand je ferme le centre de sécurité et que je clique sur "Pare-feu Windows" dans le panneau de configuration, on y lit que Le pare-feu Windows est activé! Il est vrai qu'on me dit aussi qu'il n'utilise pas les paramètres recommandés... Help!

Bonjour, Falkra (et merci pour cette inspection pas à pas!) J'ai supprimé les restes de Norton. Pour l'UAC, je ne savais même pas ce que c'était (je te rappelle que ce n'est pas mon ordinateur, moi j'ai XP et pas Vista). Penses-tu qu'il soit bon de le réactiver? Pour le centre de sécurité, c'est moi qui avait tout désactivé pour ne pas gêner ComboFix, mais c'était peut-être inutile? Pour les mises à jour, je vais voir! Bon, qu'est-ce que je fais après tout ça?

Et voila Combofix.txt (désolé pour les lettres cyrilliques, c'est dû à ma configuration) ============================= ComboFix 09-01-21.04 - alexandra 2009-01-29 19:08:28.1 - NTFSx86 Microsoft® Windows Vista™ Йdition Familiale Premium 6.0.6000.0.1252.1.1036.18.766.256 [GMT 1:00] Lancй depuis: c:\users\alexandra\Desktop\ComboFix.exe AV: Kaspersky Anti-Virus *On-access scanning disabled* (Outdated) AV: Norton Internet Security *On-access scanning enabled* (Outdated) FW: Norton Internet Security *enabled* * Un nouveau point de restauration a йtй crйй . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . c:\windows\Temp\log.txt . ((((((((((((((((((((((((((((( Fichiers crййs du 2008-12-28 au 2009-01-28 )))))))))))))))))))))))))))))))))))) . 2009-01-28 17:39 . 2009-01-28 17:40 <REP> d-------- C:\rsit 2009-01-28 17:39 . 2009-01-28 17:39 <REP> d-------- c:\program files\trend micro 2009-01-28 00:44 . 2008-12-16 04:14 290,304 --a------ c:\windows\System32\drivers\srv.sys 2009-01-07 20:43 . 2008-12-12 02:53 1,383,424 --a------ c:\windows\System32\mshtml.tlb 2009-01-04 03:53 . 2009-01-04 03:54 139,650,807 --a------ c:\windows\MEMORY.DMP 2009-01-04 03:53 . 2009-01-29 09:26 360,480 --ahs---- c:\windows\System32\drivers\fidbox2.dat 2009-01-04 03:53 . 2009-01-29 09:25 2,312 --ahs---- c:\windows\System32\drivers\fidbox2.idx 2009-01-03 21:10 . 2009-01-03 21:10 <REP> d-------- c:\users\All Users\Kaspersky Lab Setup Files 2009-01-03 21:10 . 2009-01-03 21:10 <REP> d-------- c:\programdata\Kaspersky Lab Setup Files . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2009-01-29 18:05 13,213 ----a-w c:\users\alexandra\AppData\Roaming\nvModes.dat 2009-01-28 22:37 --------- d-----w c:\programdata\Kaspersky Lab 2009-01-28 16:28 --------- d-----w c:\program files\Windows Mail 2009-01-27 23:49 597,080 --sha-w c:\windows\system32\drivers\fidbox.idx 2009-01-27 23:49 44,443,424 --sha-w c:\windows\system32\drivers\fidbox.dat 2009-01-08 08:50 --------- d-----w c:\users\alexandra\AppData\Roaming\skypePM 2009-01-08 08:50 --------- d-----w c:\users\alexandra\AppData\Roaming\Skype 2009-01-03 20:47 --------- d-----w c:\program files\Kaspersky Lab 2009-01-03 20:42 --------- d-----w c:\program files\Symantec 2009-01-03 20:36 --------- d-----w c:\program files\Common Files\Symantec Shared 2009-01-03 20:35 --------- d-----w c:\programdata\Symantec 2008-12-11 05:17 174 --sha-w c:\program files\desktop.ini 2008-12-10 22:43 --------- d-----w c:\programdata\Microsoft Help 2008-11-01 03:33 537,600 ----a-w c:\windows\AppPatch\AcLayers.dll 2008-11-01 03:33 52,736 ----a-w c:\windows\AppPatch\iebrshim.dll 2008-11-01 03:33 449,536 ----a-w c:\windows\AppPatch\AcSpecfc.dll 2008-11-01 03:33 2,144,256 ----a-w c:\windows\AppPatch\AcGenral.dll 2008-11-01 03:33 173,056 ----a-w c:\windows\AppPatch\AcXtrnal.dll 2008-10-31 23:23 2,560 ----a-w c:\windows\AppPatch\AcRes.dll 2008-10-29 06:20 2,923,520 ----a-w c:\windows\explorer.exe 2008-07-29 20:09 56 ---ha-w c:\users\All Users\ezsidmv.dat 2008-07-29 20:09 56 ---ha-w c:\programdata\ezsidmv.dat 2007-10-19 20:31 16,384 --sha-w c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat 2007-10-19 20:31 32,768 --sha-w c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat 2007-10-19 20:31 16,384 --sha-w c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les йlйments vides & les йlйments initiaux lйgitimes ne sont pas listйs REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "MsnMsgr"="c:\program files\MSN Messenger\MsnMsgr.Exe" [2007-01-19 5674352] "ICQ"="c:\program files\ICQ6\ICQ.exe" [2008-09-01 173304] "WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2006-11-02 201728] "swg"="c:\program files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe" [2008-07-28 171448] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-01-09 1232896] "ehTray.exe"="c:\windows\ehome\ehTray.exe" [2006-11-02 125440] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "WarReg_PopUp"="c:\acer\WR_PopUp\WarReg_PopUp.exe" [2006-11-05 57344] "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-10-23 815104] "SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784] "NvSvc"="c:\windows\system32\nvsvc.dll" [2007-02-06 90191] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-02-06 81920] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-02-06 7770112] "LManager"="c:\progra~1\LAUNCH~1\LManager.exe" [2006-12-21 659456] "eDataSecurity Loader"="c:\acer\Empowering Technology\eDataSecurity\eDSloader.exe" [2007-02-06 464168] "Acer Tour Reminder"="c:\acer\AcerTour\Reminder.exe" [2007-01-17 151552] "RtHDVCpl"="RtHDVCpl.exe" [2006-11-09 c:\windows\RtHDVCpl.exe] c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2004-12-14 29696] Empowering Technology Launcher.lnk - c:\acer\Empowering Technology\eAPLauncher.exe [2007-03-27 528384] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=G G G [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "VIDC.ACDV"= ACDV.dll [HKEY_LOCAL_MACHINE\software\microsoft\security center] "UacDisableNotify"=dword:00000001 "InternetSettingsDisableNotify"=dword:00000001 "AutoUpdateDisableNotify"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\DomainProfile] "DefaultOutboundAction"= 0 (0x0) "DefaultInboundAction"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules] "TCP Query User{A4DB2792-CB56-45C5-AA0F-F255F3CB8787}c:\\program files\\msn messenger\\msnmsgr.exe"= UDP:c:\program files\msn messenger\msnmsgr.exe:Messenger "UDP Query User{BEF06702-6016-4AB7-819E-83930381B1E8}c:\\program files\\msn messenger\\msnmsgr.exe"= TCP:c:\program files\msn messenger\msnmsgr.exe:Messenger [HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile] "DisabledInterfaces"= {259C8A65-8F12-4FB5-B2F6-7DCE7573A664} "DefaultOutboundAction"= 0 (0x0) "DefaultInboundAction"= 1 (0x1) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\RestrictedServices\Static\System] "DFSR-1"= RPort=5722|UDP:%SystemRoot%\system32\svchost.exe|Svc=DFSR:Allow inbound TCP traffic| [HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile] "DefaultOutboundAction"= 0 (0x0) "DefaultInboundAction"= 1 (0x1) R0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\System32\drivers\klbg.sys [2008-01-29 32784] R1 IDSvix86;Symantec Intrusion Prevention Driver;c:\progra~2\Symantec\DEFINI~1\SymcData\idsdefs\20071220.001\IDSvix86.sys [2007-12-22 180272] R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\System32\drivers\klim6.sys [2008-07-09 20496] R3 SYMNDISV;SYMNDISV;c:\windows\System32\drivers\symndisv.sys [2007-10-30 37936] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\G] \shell\AutoRun\command - G:\LaunchU3.exe -a [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{96e78210-109b-11dd-ab98-0016d35b843a}] \shell\AutoRun\command - F:\EmDesk.exe \shell\EmDesk\command - F:\EmDesk.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d900ae78-9286-11dc-9697-0016d35b843a}] \shell\AutoRun\command - G:\LaunchU3.exe -a . Contenu du dossier 'Tвches planifiйes' 2009-01-28 c:\windows\Tasks\User_Feed_Synchronization-{CFFA675E-CF03-45CC-8E49-BCF05E1BD668}.job - c:\windows\system32\msfeedssync.exe [2006-11-02 10:45] 2009-01-29 c:\windows\Tasks\Vйrifier les mises а jour de Windows Live Toolbar.job - c:\program files\Windows Live Toolbar\MSNTBUP.EXE [2007-10-19 11:20] . - - - - ORPHELINS SUPPRIMES - - - - HKCU-Run-Device Detector - DevDetect.exe HKLM-Run-Symantec PIF AlertEng - c:\program files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe HKLM-Run-Acer Tour - (no file) HKLM-Run-eRecoveryService - (no file) . ------- Examen supplйmentaire ------- . uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7 mStart Page = about:blank uInternet Settings,ProxyOverride = <local> FF - ProfilePath - c:\users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\h6g9njg1.default\ FF - prefs.js: browser.search.selectedEngine - ICQ Search FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_results.php?ch_id=afex&q= FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll . ************************************************************************** catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-01-29 19:14:36 Windows 6.0.6000 NTFS Recherche de processus cachйs ... Recherche d'йlйments en dйmarrage automatique cachйs ... Recherche de fichiers cachйs ... Scan terminй avec succиs Fichiers cachйs: 0 ************************************************************************** . --------------------- DLLs chargйes dans les processus actifs --------------------- - - - - - - - > 'winlogon.exe'(624) c:\windows\system32\eNetHook.dll - - - - - - - > 'lsass.exe'(592) c:\windows\system32\eNetHook.dll . Heure de fin: 2009-01-29 19:21:30 ComboFix-quarantined-files.txt 2009-01-29 18:18:15 Avant-CF: 13 464 461 312 octets libres Aprиs-CF: 13,270,679,552 octets libres Current=1 Default=1 Failed=0 LastKnownGood=1 Sets=1,2,3,4,5,6,7 165 --- E O F --- 2009-01-28 16:28:47 ====================================== Voila, chef, j'attends les ordres!

J'ai relancé avec Kaspersky désactivé, j'obtiens la fenêtre : "Le scanneur Norton Internet Security est toujours actif mais ComboFix va continuer à s'éxécuter. Veuillez noter que c'est à vos risques et périls" Est-ce que j'appuie sur OK?