Module dll introuvable

Hello! Voici les deux fichiers :

Logfile of random's system information tool 1.06 (written by random/random)
Run by Ruegsegger at 2009-11-12 18:11:46
Microsoft Windows XP Édition familiale Service Pack 3
System drive C: has 28 GB (38%) free of 75 GB
Total RAM: 1023 MB (18% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:12:08, on 12.11.2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16915)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\PROGRA~1\Bluewin\QUICKH~1\SMARTB~1\MotiveSB.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\Program Files\USB Product Driver v2\shwicon.exe
C:\WINDOWS\System32\Rundll32.exe
C:\Program Files\QuickHelp2\QuickHelp.exe
C:\Program Files\Windows Live\Family Safety\fsui.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Family Safety\fsssvc.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\PowerArchiver\PASTARTER.EXE
C:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\Program Files\Fichiers communs\Motive\McciCMService.exe
C:\Program Files\ZyDAS Technology Corporation\ZyDAS_802.11g_Utility\ZDWlan.exe
C:\Program Files\Bluewin\Quick Help\bin\mpbtn.exe
C:\Program Files\OpenOffice.org 2.0\program\soffice.exe
C:\WINDOWS\system32\VirtualExpander\VirtualExpander.exe
C:\Program Files\OpenOffice.org 2.0\program\soffice.BIN
C:\Program Files\Norton Internet Security\Engine\16.7.2.11\ccSvcHst.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Skype\Plugin Manager\SkypePM.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Norton Internet Security\Engine\16.7.2.11\ccSvcHst.exe
C:\Program Files\iTunes\iTunes.exe
C:\Documents and Settings\Ruegsegger\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Ruegsegger\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Ruegsegger\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Ruegsegger\Mes documents\Downloads\RSIT.exe
C:\Program Files\trend micro\Ruegsegger.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1;*.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\program files\real\realplayer\rpbrowserrecordplugin.dll
O2 - BHO: Windows Live Family Safety Browser Helper - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll
O2 - BHO: Click-to-Call BHO - {5C255C8A-E604-49b4-9D64-90988571CECB} - C:\Program Files\Windows Live\Messenger\wlchtc.dll
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\16.7.2.11\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\16.7.2.11\IPSBHO.DLL
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: {4e68b877-073e-4d09-6fb4-b65958131fa9} - {9af13185-956b-4bf6-90d4-e370778b86e4} - C:\WINDOWS\system32\sgiyboqf.dll (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\16.7.2.11\coIEPlg.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\Bluewin\QUICKH~1\SMARTB~1\MotiveSB.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe"
O4 - HKLM\..\Run: [DeviceDiscovery] C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
O4 - HKLM\..\Run: [ShowIcon_DIGITAL AUDIO PLAYER_USB Product Driver v2] "C:\Program Files\USB Product Driver v2\shwicon.exe" -t"DIGITAL AUDIO PLAYER\USB Product Driver v2"
O4 - HKLM\..\Run: [spa_start] C:\WINDOWS\System32\Rundll32.exe "C:\WINDOWS\system32\{97396bf2-8b89-6834-3550-d5aa12f9099d}.dll" DllInit
O4 - HKLM\..\Run: [QuickHelp2_McciTrayApp] C:\Program Files\QuickHelp2\QuickHelp.exe
O4 - HKLM\..\Run: [MsgCenterExe] "C:\Program Files\Fichiers communs\Real\Update_OB\RealOneMessageCenter.exe" -osboot
O4 - HKLM\..\Run: [fssui] "C:\Program Files\Windows Live\Family Safety\fsui.exe" -autorun
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [Fraps] C:\FRAPS\FRAPS.EXE
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_9 -reboot 1
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Ruegsegger\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [PowerArchiver Tray] C:\Program Files\PowerArchiver\PASTARTER.EXE
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire.exe
O4 - Startup: OpenOffice.org 2.0.lnk = C:\Program Files\OpenOffice.org 2.0\program\quickstart.exe
O4 - Startup: VirtualExpander.lnk = C:\WINDOWS\system32\VirtualExpander\VirtualExpander.exe
O4 - Global Startup: Quick Help.lnk = C:\Program Files\Bluewin\Quick Help\bin\matcli.exe
O4 - Global Startup: ZDWLan Utility.lnk = C:\Program Files\ZyDAS Technology Corporation\ZyDAS_802.11g_Utility\ZDWlan.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\Office10\EXCEL.EXE/3000
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Organise-notes - {9455301C-CF6B-11D3-A266-00C04F689C50} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Researcher\EROPROJ.DLL
O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-CH/a-UNO1/GAME_UNO1.cab
O16 - DPF: {A8F2B9BD-A6A0-486A-9744-18920D898429} (ScorchPlugin Class) - http://www.sibelius.com/download/software/win/ActiveXPlugin.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {CAC677B6-4963-4305-9066-0BD135CD9233} (IPSUploader4 Control) - http://as.photoprintit.de/ips-opdata/layout/default01/activex/IPSUploader4.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O18 - Protocol: symres - {AA1061FE-6C41-421F-9344-69640C9732AB} - C:\Program Files\Norton Internet Security\Engine\16.7.2.11\coIEPlg.dll
O20 - AppInit_DLLs: C:\WINDOWS\system32\__c007FFF5.dat
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: hpdj3600 - Unknown owner - C:\DOCUME~1\RUEGSE~1\LOCALS~1\Temp\hpdj3600.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: McciCMService - Motive Communications, Inc. - C:\Program Files\Fichiers communs\Motive\McciCMService.exe
O23 - Service: Norton Internet Security - Symantec Corporation - C:\Program Files\Norton Internet Security\Engine\16.7.2.11\ccSvcHst.exe
O23 - Service: Planificateur LiveUpdate automatique - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing)

Mmm il a pas pu tout prendre.. Voici la fin du fichier info :

Quick Help-->C:\WINDOWS\Motive\BLUEWIN\MCCUninst.exe
QuickTime-->MsiExec.exe /I{A429C2AE-EBF1-4F81-A221-1C115CAADDAD}
RealPlayer-->C:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|12.0
RealSpeak Solo pour la voix francaise Virginie-->MsiExec.exe /I{58B0F3ED-6FAE-486C-9AB9-1C06514097B4}
Realtek AC'97 Audio-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FB08F381-6533-4108-B7DD-039E11FBC27E}\setup.exe" -l0x40c -removeonly
Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}
Shockwave-->C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log
Sibelius Scorch (ActiveX Only)-->MsiExec.exe /I{15CCBC5D-66A7-4131-8D36-E05F27B0E68F}
Skype 3.0-->"C:\Program Files\Skype\Phone\unins000.exe"
Skype Plugin Manager-->MsiExec.exe /I{3D5E5C0A-5B36-4F98-99A7-287F7DBDCE03}
Sony Ericsson Media Manager 1.2-->MsiExec.exe /X{5F1ECBFB-048E-406E-A7AB-A81F9E359961}
Star Wars Battlefront-->C:\Program Files\InstallShield Installation Information\{C79CB9C7-10A4-4814-8402-F574672C2192}\Setup.exe -runfromtemp -l0x040c -removeonly
Transcoder-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{09BDA7C2-ACA4-4E79-93ED-3DCC3DDDA1F2}\setup.exe" -l0x9 -removeonly
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
USB Drum V1.03-->"C:\Program Files\USB Drum\unins000.exe"
USB Product Driver v2-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{118770A8-EA19-11D8-B6FB-00055D7C3943}\setup.exe" -l0x40c
VC80CRTRedist - 8.0.50727.762-->MsiExec.exe /I{767CC44C-9BBC-438D-BAD3-FD4595DD148B}
Virtual DJ - Atomix Productions-->C:\PROGRA~1\VIRTUA~1\UNWISE.EXE C:\PROGRA~1\VIRTUA~1\INSTALL.LOG
Windows Imaging Component-->"C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe"
Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}
Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52}
Windows Live Contrôle parental-->MsiExec.exe /X{D6A2DDE3-9D7C-412C-932A-756580D29919}
Windows Live Mail-->MsiExec.exe /I{63DC2DA0-2A6C-4C38-9249-B75395458657}
Windows Live Messenger-->MsiExec.exe /X{059C042E-796A-4ACC-A81A-ECC2010BB78C}
Windows Live Sign-in Assistant-->MsiExec.exe /I{F652D238-5F29-42D5-BAF3-0115EF977EC2}
Windows Live Sync-->MsiExec.exe /X{9C5EB781-0D37-44B8-9A58-77B3E4BF5F5E}
Windows Live Toolbar-->MsiExec.exe /X{F7D27C70-90F5-49B9-B188-0A133C0CE353}
Windows Live Writer-->MsiExec.exe /X{2231CE39-B963-4B9D-823A-F412ECA637B1}
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
Yahoo! Toolbar avec bloqueur de fenêtres pop-up-->C:\PROGRA~1\Yahoo!\Common\unyt.exe
Zattoo 3.3.4 Beta-->C:\Program Files\Zattoo\uninst.exe
ZyDAS IEEE 802.11 b+g Wireless LAN - USB-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{581CE7EA-A30D-0000-1211-088635773309}\Setup.exe" -l0x9

======System event log======

Computer Name: D-BEE-6313-1
Event Code: 7000
Message: Le service hpdj3600 n'a pas pu démarrer en raison de l'erreur :
Le fichier spécifié est introuvable.


Record Number: 124937
Source Name: Service Control Manager
Time Written: 20091011103810.000000+120
Event Type: error
User:

Computer Name: D-BEE-6313-1
Event Code: 7000
Message: Le service Planificateur LiveUpdate automatique n'a pas pu démarrer en raison de l'erreur :
Le chemin d'accès spécifié est introuvable.


Record Number: 124906
Source Name: Service Control Manager
Time Written: 20091010191741.000000+120
Event Type: error
User:

Computer Name: D-BEE-6313-1
Event Code: 7000
Message: Le service hpdj3600 n'a pas pu démarrer en raison de l'erreur :
Le fichier spécifié est introuvable.


Record Number: 124905
Source Name: Service Control Manager
Time Written: 20091010191741.000000+120
Event Type: error
User:

Computer Name: D-BEE-6313-1
Event Code: 4226
Message: TCP/IP a atteint la limite de sécurité imposée sur le nombre de tentatives de connexion TCP simultanées.

Record Number: 124903
Source Name: Tcpip
Time Written: 20091010191714.000000+120
Event Type: warning
User:

Computer Name: D-BEE-6313-1
Event Code: 4226
Message: TCP/IP a atteint la limite de sécurité imposée sur le nombre de tentatives de connexion TCP simultanées.

Record Number: 124867
Source Name: Tcpip
Time Written: 20091010103945.000000+120
Event Type: warning
User:

=====Application event log=====

Computer Name: D-BEE-6313-1
Event Code: 1000
Message: Application défaillante iexplore.exe, version 7.0.6000.16850, module défaillant mshtml.dll, version 7.0.6000.16850, adresse de défaillance 0x000a79d0.

Record Number: 18835
Source Name: Application Error
Time Written: 20090616132340.000000+120
Event Type: error
User:

Computer Name: D-BEE-6313-1
Event Code: 1524
Message: Windows ne peut pas décharger vos classes fichier de Registre - il est en cours d'utilisation par d'autres applications ou services. Le fichier sera déchargé quand il ne sera plus utilisé.



Record Number: 18504
Source Name: Userenv
Time Written: 20090527123644.000000+120
Event Type: warning
User: D-BEE-6313-1\Ruegsegger

Computer Name: D-BEE-6313-1
Event Code: 1000
Message: Application défaillante drwtsn32.exe, version 5.1.2600.0, module défaillant dbghelp.dll, version 5.1.2600.5512, adresse de défaillance 0x0001295d.

Record Number: 18503
Source Name: Application Error
Time Written: 20090527120046.000000+120
Event Type: error
User:

Computer Name: D-BEE-6313-1
Event Code: 1000
Message: Application défaillante iexplore.exe, version 7.0.6000.16827, module défaillant kernel32.dll, version 5.1.2600.5781, adresse de défaillance 0x00012afb.

Record Number: 18502
Source Name: Application Error
Time Written: 20090527115843.000000+120
Event Type: error
User:

Computer Name: D-BEE-6313-1
Event Code: 1000
Message: Application défaillante iexplore.exe, version 7.0.6000.16827, module défaillant flash9d.ocx, version 9.0.47.0, adresse de défaillance 0x00187d7b.

Record Number: 18501
Source Name: Application Error
Time Written: 20090527112753.000000+120
Event Type: error
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\ATI Technologies\ATI Control Panel;C:\Program Files\QuickTime\QTSystem\
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 43 Stepping 1, AuthenticAMD
"PROCESSOR_REVISION"=2b01
"NUMBER_OF_PROCESSORS"=2
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"VERSION"=2.1.5
"SESSIONID"=1253548376071g1u0358c.austin.hp.com-4adb5210:124597ccec2:-282c
"COLLECTIONID"=COL7299
"ITEMID"=oj-21918-1
"UPDATEDIR"=C:\DOCUME~1\RUEGSE~1\LOCALS~1\Temp\radDA8BA.tmp
"TOOLPATH"=/C:/Program%20Files/Hewlett-Packard/HP%20Software%20Update/install.htm
"HMSERVER"=https://vausnzisprob.austin.hp.com/wuss/servlet/WUSSServlet
"SWUTVER"=1.0.18.30716
"OSVER"=winXPH
"LANG"=4108
"TIMEOUT"=0
"CLASSPATH"=.;C:\Program Files\Java\jre6\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre6\lib\ext\QTJava.zip

-----------------EOF-----------------

Hello!
Pour USBfix (je suis pas sûr que ce soit le rapport) :
Et sinon je dois supprimer les fichiers qui sont dans le fichier zip (UsbFix_Upload_Me_D-BEE-6313-1) ?
Merci

############################## | UsbFix V6.051 |

User : Ruegsegger (Administrateurs) # D-BEE-6313-1
Update on 12/11/2009 by Chiquitine29, C_XX & Chimay8
Start at: 18:36:08 | 12.11.2009
Website : http://pagesperso-orange.fr/NosTools/index.html
Contact : FindyKill.Contact@gmail.com

AMD Athlon(tm) 64 X2 Dual Core Processor 3800+
Microsoft Windows XP Édition familiale (5.1.2600 32-bit) # Service Pack 3
Internet Explorer 7.0.5730.13
Windows Firewall Status : Disabled

A:\ -> Lecteur de disquettes 3 ½ pouces
C:\ -> Disque fixe local # 73.24 Go (27.72 Go free) [System] # NTFS
D:\ -> Disque fixe local # 75.81 Go (75.73 Go free) [Data] # NTFS
E:\ -> Disque fixe local # 596.02 Go (564.2 Go free) [SAMSUNG] # FAT32
F:\ -> Disque amovible
G:\ -> Disque amovible # 949.69 Mo (42.78 Mo free) [-RUEGSEGGER] # FAT
H:\ -> Disque amovible # 1.94 Go (1.74 Go free) # FAT
I:\ -> Disque CD-ROM
Y:\ -> Disque CD-ROM
Z:\ -> Disque CD-ROM

############################## | Processus actifs |

C:\WINDOWS\System32\smss.exe 780
C:\WINDOWS\system32\csrss.exe 880
C:\WINDOWS\system32\winlogon.exe 904
C:\WINDOWS\system32\services.exe 948
C:\WINDOWS\system32\lsass.exe 960
C:\WINDOWS\system32\Ati2evxx.exe 1132
C:\WINDOWS\system32\svchost.exe 1148
C:\WINDOWS\system32\svchost.exe 1224
C:\WINDOWS\System32\svchost.exe 1348
C:\WINDOWS\system32\svchost.exe 1388
C:\WINDOWS\system32\svchost.exe 1440
C:\WINDOWS\system32\svchost.exe 1584
C:\WINDOWS\system32\logonui.exe 1628
C:\WINDOWS\system32\spoolsv.exe 1776
C:\WINDOWS\system32\Ati2evxx.exe 304
C:\WINDOWS\Explorer.EXE 396
C:\WINDOWS\system32\svchost.exe 620
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe 740
C:\Program Files\Bonjour\mDNSResponder.exe 800
C:\Program Files\Windows Live\Family Safety\fsssvc.exe 868
C:\Program Files\Java\jre6\bin\jqs.exe 1372
C:\Program Files\Fichiers communs\Motive\McciCMService.exe 1488
C:\Program Files\Norton Internet Security\Engine\16.7.2.11\ccSvcHst.exe 1660
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe 1792
C:\WINDOWS\system32\svchost.exe 136
C:\WINDOWS\system32\wuauclt.exe 272
C:\WINDOWS\system32\wbem\wmiapsrv.exe 1712
C:\WINDOWS\system32\wbem\wmiprvse.exe 2320
C:\WINDOWS\System32\alg.exe 2324
C:\WINDOWS\system32\wbem\wmiprvse.exe 2392

################## | Fichiers # Dossiers infectieux |

Supprimé ! C:\WINDOWS\cookies.ini
Supprimé ! C:\DOCUME~1\RUEGSE~1\LOCALS~1\Temp\5d66f027-f88e-c698-77fb-d3775f38ae74.tmp.exe
Supprimé ! C:\DOCUME~1\RUEGSE~1\LOCALS~1\Temp\temA5.tmp.exe
Supprimé ! C:\DOCUME~1\RUEGSE~1\LOCALS~1\Temp\updE9.tmp.exe
Supprimé ! C:\DOCUME~1\RUEGSE~1\LOCALS~1\Temp\updEA.tmp.exe
Supprimé ! C:\n.bat
Supprimé ! D:\autorun.inf
Supprimé ! E:\autorun.inf

################## | Registre # Clés Run infectieuses |


################## | Registre # Mountpoints2 |

Supprimé ! HKCU\...\Explorer\MountPoints2\{b869e988-8167-11db-9a1e-0000c5be09b5}\Shell\AutoRun\Command

################## | Listing des fichiers présent |

[26.03.2009 11:19|--a------|224] C:\.stat
[06.11.2009 22:42|--a------|0] C:\AILog.txt
[13.03.2006 11:38|--a------|0] C:\AUTOEXEC.BAT
[13.03.2006 11:29|---hs----|216] C:\boot.ini
[05.08.2004 13:00|-rahs----|4952] C:\Bootfont.bin
[13.03.2006 11:38|--a------|0] C:\CONFIG.SYS
[01.05.2009 20:05|--a------|7387] C:\dee_.log
[14.02.2009 16:04|--a------|11] C:\drv.tes
[15.05.2007 22:13|--a------|0] C:\dxva.log
[?|?|?] C:\hiberfil.sys
[02.08.2009 21:58|--a------|276254] C:\hpfr3600.log
[13.03.2006 11:38|-rahs----|0] C:\IO.SYS
[13.03.2006 11:38|-rahs----|0] C:\MSDOS.SYS
[05.08.2004 13:00|-rahs----|47564] C:\NTDETECT.COM
[23.09.2008 23:38|-rahs----|252240] C:\ntldr
[?|?|?] C:\pagefile.sys
[31.10.2005 16:56|--a------|700416] C:\StubInstaller.exe
[12.11.2009 18:46|--a------|3847] C:\UsbFix.txt
[15.05.2007 22:13|--a------|0] C:\VO.log
[09.05.2008 23:10|--a------|275] C:\VundoFix.txt
[06.11.2007 20:46|--a------|0] C:\z.dat
[03.08.2004 23:55|--a------|28672] D:\setupSNK.exe
[01.01.1601 01:00|-r-h-----|0] G:\MEMSTICK.IND
[01.01.1601 01:00|-r-h-----|0] G:\MSTK_PRO.IND
[16.06.2009 19:21|--a------|296] G:\WMPInfo.xml
[31.03.2005 14:32|--a------|290816] H:\Decompression.exe
[07.01.2009 13:22|--ah-----|82] H:\._exercices.odt.vem
[31.01.2007 13:33|--ah-----|4096] H:\._.Trashes
[25.02.2009 09:01|--ah-----|15364] H:\.DS_Store
[21.05.2007 11:45|--ah-----|82] H:\._philo cyril.odt.vem
[21.05.2007 12:07|--ah-----|4096] H:\._wiki.odt
[21.05.2007 12:07|--ah-----|4096] H:\._thomas d aquin.odt
[09.04.2008 11:00|--ah-----|82] H:\._OOo_2.4.0_Win32Intel_install_wJRE_fr.exe
[24.01.2008 16:07|--ah-----|82] H:\._Wortschatz Themenblock 3.pdf
[08.04.2008 14:16|--ah-----|82] H:\._emerentia.odp
[15.03.2007 11:12|--ah-----|82] H:\._Ex7 Student.ods
[08.04.2008 14:17|--ah-----|82] H:\._emerentiafhdnt.odp
[14.04.2008 12:14|--ah-----|82] H:\._Facture GYB.ods
[19.11.2008 11:21|--ah-----|4096] H:\._questions.odt
[19.11.2008 11:21|--ah-----|4096] H:\._lincolon.odt
[24.11.2008 11:43|--ah-----|4096] H:\._Script cours AT I.pdf
[31.03.2005 14:32|--a------|430080] H:\VirtualExpander.exe
[23.01.2009 13:43|--a------|1524] H:\BOOTEX.LOG
[12.10.2009 07:14|--a------|4624311] H:\IMSLP02419-Bach-BWV0248FSpt1.pdf
[12.10.2009 07:22|--a------|380] H:\oratorio.rtf
[04.11.2009 14:56|-ra------|722] H:\FirstCSS_EXTERNE.html
[04.11.2009 14:56|-ra------|1619] H:\test2.css

################## | Vaccination |

# C:\autorun.inf -> Dossier créé par UsbFix.
# D:\autorun.inf -> Dossier créé par UsbFix.
# E:\autorun.inf -> Dossier créé par UsbFix.
# G:\autorun.inf -> Dossier créé par UsbFix.
# H:\autorun.inf -> Dossier créé par UsbFix.

################## | Suspect | https://www.virustotal.com/gui/ |


################## | Cracks / Keygens / Serials |

Ok. Pour Malwarebyte c'est en cours de recherche

Le rapport MBAM :

Malwarebytes' Anti-Malware 1.41
Version de la base de données: 3155
Windows 5.1.2600 Service Pack 3

12.11.2009 21:33:22
mbam-log-2009-11-12 (21-33-22).txt

Type de recherche: Examen complet (A:\|C:\|D:\|E:\|F:\|G:\|H:\|I:\|Y:\|Z:\|)
Eléments examinés: 198474
Temps écoulé: 1 hour(s), 28 minute(s), 54 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 22
Valeur(s) du Registre infectée(s): 2
Elément(s) de données du Registre infecté(s): 2
Dossier(s) infecté(s): 1
Fichier(s) infecté(s): 9

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9af13185-956b-4bf6-90d4-e370778b86e4} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{9af13185-956b-4bf6-90d4-e370778b86e4} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{1601d447-7424-4866-8dcc-acf98a2a41e1} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{ceb9c60d-f0ad-4b73-a3ab-4fc822e38d66} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\{8d71eeb8-a1a7-4733-8fa2-1cac015c967d} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{ceb9c60d-f0ad-4b73-a3ab-4fc822e38d66} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{b7672baf-e9a3-49b6-86b2-c81719a18a4c} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{c3c0ec2c-2c1c-495c-9ad0-1f0ef833d7b5} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1d4db7d2-6ec9-47a3-bd87-1e41684e07bb} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{6156a32a-c512-4e23-aa9a-2315f4265681} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{11a69ae4-fbed-4832-a2bf-45af82825583} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1c1dd717-53b2-485e-a17b-c9977c205e10} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{a95b2816-1d7e-4561-a202-68c0de02353a} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{b7672baf-e9a3-49b6-86b2-c81719a18a4c} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\Sidebar.dll (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\FBrowsingAdvisor (Trojan.FBrowsingAdvisor) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\MediaHoldings (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\MS Juan (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Mirar (Adware.Mirar) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\PlayMP3 (Adware.PLayMP3z) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\jkwslist (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Juan (Trojan.Vundo) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{11a69ae4-fbed-4832-a2bf-45af82825583} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\spa_start (Trojan.BHO) -> Quarantined and deleted successfully.

Elément(s) de données du Registre infecté(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Dossier(s) infecté(s):
C:\Program Files\FBrowserAdvisor (Trojan.FBrowsingAdvisor) -> Quarantined and deleted successfully.

Fichier(s) infecté(s):
C:\WINDOWS\system32\sgiyboqf.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\uxrmvohc.dllbox (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ruegsegger\Local Settings\Application Data\Mozilla\Firefox\Profiles\f0xp3qjy.default\Cache\37A65EFCd01 (Trojan.Tracur) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ruegsegger\Local Settings\Temp\HtmlControl.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ruegsegger\Bureau\Online Security Guide.lnk (Rogue.Link) -> Quarantined and deleted successfully.
C:\z.dat (Malware.Trace) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Menu Démarrer\Online Security Guide.lnk (Rogue.Link) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\{97396bf2-8b89-6834-3550-d5aa12f9099d}.dll-uninst.exe (Adware.AdRotator) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\mcrh.tmp (Malware.Trace) -> Quarantined and deleted successfully.

Visiblement ça a marché parce que je n'ai plus ce message au démarrage de mon pc !
Merci à toi Xplode, tes instructions étaient super compréhensibles !
A bientôt et merci encore

Hello,
le message n'apparait plus. Y a encore des choses à nettoyer?

Voilà le rapport!

ComboFix 09-11-13.03 - Ruegsegger 12.11.2009 22:08.1.2 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.3.1252.41.1036.18.1023.518 [GMT 1:00]
Lancé depuis: c:\documents and settings\Ruegsegger\Mes documents\Downloads\ComboFix.exe
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\Ruegsegger\Bureau\Live Safety Center.lnk
c:\documents and settings\Ruegsegger\Favoris\Online Security Guide.lnk
c:\documents and settings\Ruegsegger\real.txt
c:\windows\Fonts\a.zip
c:\windows\system32\afeahtjb.dll
c:\windows\system32\ajehxeuv.ini
c:\windows\system32\bboelpry.ini
c:\windows\system32\bjpbvgon.ini
c:\windows\system32\cxbdiprf.ini
c:\windows\system32\dmhwrpyh.ini
c:\windows\system32\fkonukjc.ini
c:\windows\system32\hijisejb.ini
c:\windows\system32\hqkqavmc.ini
c:\windows\system32\ihhkj.bak1
c:\windows\system32\ihhkj.bak2
c:\windows\system32\ihhkj.ini
c:\windows\system32\ihhkj.ini2
c:\windows\system32\ihhkj.tmp
c:\windows\system32\iolsbqud.ini
c:\windows\system32\kdngtiho.ini
c:\windows\system32\kylkgmkj.ini
c:\windows\system32\lqjchlxl.ini
c:\windows\system32\mvnnsejq.ini
c:\windows\system32\mxvyvcyj.ini
c:\windows\system32\nfiukfto.ini
c:\windows\system32\npymdcwi.ini
c:\windows\system32\ogjfmdal.ini
c:\windows\system32\pcuqhwbo.ini
c:\windows\system32\pcvvbxfi.ini
c:\windows\system32\peumbfct.ini
c:\windows\system32\qnkebshf.ini
c:\windows\system32\qnqqsqpu.ini
c:\windows\system32\real.txt
c:\windows\system32\shyplhph.ini
c:\windows\system32\sktyjems.ini
c:\windows\system32\tlrahkrp.ini
c:\windows\system32\vywwnqvp.ini
c:\windows\system32\wjnedkty.ini
c:\windows\system32\yeysuixy.ini
c:\windows\system32\yycdd.bak1
c:\windows\system32\yycdd.bak2
c:\windows\system32\yycdd.ini
c:\windows\system32\yycdd.ini2
c:\windows\system32\yycdd.tmp

.
((((((((((((((((((((((((((((( Fichiers créés du 2009-10-12 au 2009-11-12 ))))))))))))))))))))))))))))))))))))
.

2009-11-12 20:38 . 2009-08-22 07:21 165240 ----a-r- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\IPSFFPlgn\components\IPSFFPl.dll
2009-11-12 18:10 . 2009-11-12 18:10 -------- d-----w- c:\documents and settings\Ruegsegger\Application Data\Malwarebytes
2009-11-12 18:10 . 2009-09-10 13:54 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-11-12 18:10 . 2009-11-12 18:10 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2009-11-12 18:10 . 2009-09-10 13:53 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-11-12 18:10 . 2009-11-12 18:10 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-11-12 17:32 . 2009-11-12 17:47 -------- d-----w- C:\UsbFix
2009-11-12 17:11 . 2009-11-12 17:12 -------- d-----w- c:\program files\trend micro
2009-11-12 17:11 . 2009-11-12 17:12 -------- d-----w- C:\rsit
2009-11-06 19:29 . 2009-10-28 22:37 343088 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20091105.001\IDSvix86.sys
2009-11-06 19:29 . 2009-10-28 22:37 329592 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20091105.001\IDSXpx86.sys
2009-11-06 19:29 . 2009-10-28 22:37 811896 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20091105.001\Scxpx86.dll
2009-11-06 19:29 . 2009-10-28 22:37 488312 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20091105.001\IDSxpx86.dll
2009-11-06 19:29 . 2009-10-28 22:37 466992 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20091105.001\IDSviA64.sys
2009-11-06 15:12 . 2009-11-07 10:16 -------- d-----w- c:\program files\Astroburn Lite
2009-11-06 15:12 . 2009-11-06 15:12 -------- d-----w- c:\documents and settings\Ruegsegger\Application Data\Astroburn Lite
2009-11-06 15:12 . 2009-11-06 15:17 -------- d-----w- c:\documents and settings\All Users\Application Data\Astroburn Lite
2009-11-06 15:08 . 2009-11-06 15:10 -------- d-----w- c:\documents and settings\Ruegsegger\Application Data\Astroburn
2009-11-06 15:08 . 2009-11-06 15:08 -------- d-----w- c:\program files\Astroburn Toolbar
2009-11-06 15:07 . 2009-11-07 10:16 -------- d-----w- c:\program files\Astroburn
2009-11-05 21:39 . 2009-11-05 21:39 691696 ----a-w- c:\windows\system32\drivers\sptd.sys
2009-11-05 21:39 . 2009-11-05 21:39 -------- d-----w- c:\program files\DAEMON Tools Lite
2009-11-05 21:38 . 2009-11-05 21:56 -------- d-----w- c:\documents and settings\Ruegsegger\Application Data\DAEMON Tools Lite
2009-11-05 21:38 . 2009-11-05 21:38 -------- d-----w- c:\documents and settings\All Users\Application Data\DAEMON Tools Lite
2009-11-01 09:36 . 2009-11-01 09:36 -------- d-----w- c:\program files\iPod
2009-11-01 09:35 . 2009-11-01 09:36 -------- d-----w- c:\program files\iTunes
2009-11-01 09:24 . 2009-11-01 09:24 79144 ----a-w- c:\documents and settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 9.0.2.25\SetupAdmin.exe
2009-10-29 14:27 . 2009-10-29 14:27 -------- d-----w- c:\documents and settings\All Users\Application Data\ConeXware
2009-10-29 14:27 . 2009-11-12 18:15 -------- d-----w- c:\program files\PowerArchiver
2009-10-28 22:37 . 2009-10-28 22:37 343088 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\BinHub\IDSvix86.sys
2009-10-28 22:37 . 2009-10-28 22:37 329592 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\BinHub\IDSXpx86.sys
2009-10-28 22:37 . 2009-10-28 22:37 811896 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\BinHub\Scxpx86.dll
2009-10-28 22:37 . 2009-10-28 22:37 488312 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\BinHub\IDSxpx86.dll
2009-10-28 22:37 . 2009-10-28 22:37 466992 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\BinHub\IDSviA64.sys

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-11-12 21:24 . 2006-07-03 09:30 -------- d-----w- c:\documents and settings\Ruegsegger\Application Data\Skype
2009-11-12 20:37 . 2006-10-30 21:06 -------- d-----w- c:\documents and settings\Ruegsegger\Application Data\OpenOffice.org2
2009-11-12 20:22 . 2008-09-17 20:05 -------- d-----w- c:\program files\Windows Live
2009-11-06 14:55 . 2006-04-12 19:51 50064 ----a-w- c:\documents and settings\Ruegsegger\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-11-01 09:35 . 2009-09-12 19:25 -------- d-----w- c:\program files\Fichiers communs\Apple
2009-10-29 19:33 . 2004-08-05 12:00 500814 ----a-w- c:\windows\system32\perfh00C.dat
2009-10-29 19:33 . 2004-08-05 12:00 80856 ----a-w- c:\windows\system32\perfc00C.dat
2009-10-29 13:57 . 2007-11-10 15:28 -------- d-----w- c:\program files\LimeWire
2009-10-28 22:37 . 2009-11-12 16:32 329592 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20091107.001\IDSXpx86.sys
2009-10-28 22:37 . 2009-11-12 16:32 343088 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20091107.001\IDSvix86.sys
2009-10-28 22:37 . 2009-11-12 16:32 811896 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20091107.001\Scxpx86.dll
2009-10-28 22:37 . 2009-11-12 16:32 488312 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20091107.001\IDSxpx86.dll
2009-10-28 22:37 . 2009-11-12 16:32 466992 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20091107.001\IDSviA64.sys
2009-10-12 16:57 . 2006-04-10 14:32 -------- d-----w- c:\program files\LucasArts
2009-10-12 16:57 . 2006-03-13 14:30 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-10-04 07:50 . 2006-04-29 21:01 -------- d-----w- c:\program files\Fichiers communs\Real
2009-10-04 07:50 . 2009-10-04 07:50 -------- d-----w- c:\program files\Fichiers communs\xing shared
2009-10-04 07:49 . 2003-02-21 03:42 348160 ----a-w- c:\windows\system32\msvcr71.dll
2009-10-04 07:49 . 2003-03-18 19:14 499712 ----a-w- c:\windows\system32\msvcp71.dll
2009-10-03 07:36 . 2007-03-01 14:57 -------- d-----w- c:\documents and settings\Ruegsegger\Application Data\Petroglyph
2009-09-22 08:00 . 2009-11-12 16:32 259440 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20091112.005\ECMSVR32.DLL
2009-09-18 14:28 . 2006-06-07 20:35 -------- d-----w- c:\documents and settings\Ruegsegger\Application Data\Apple Computer
2009-09-15 08:00 . 2009-11-12 16:32 2747952 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20091112.005\CCERASER.DLL
2009-09-12 20:31 . 2009-09-12 20:31 32772 ---ha-w- c:\windows\system32\mlfcache.dat
2009-09-11 14:18 . 2004-08-05 12:00 136192 ----a-w- c:\windows\system32\msv1_0.dll
2009-09-11 10:44 . 2009-04-15 17:54 60808 ----a-w- c:\windows\system32\S32EVNT1.DLL
2009-09-11 10:44 . 2009-04-15 17:54 124976 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS
2009-09-09 14:31 . 2009-04-15 18:12 554352 ----a-r- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\coFFPlgn\components\coFFPlgn.dll
2009-09-04 21:04 . 2004-08-05 12:00 58880 ----a-w- c:\windows\system32\msasn1.dll
2009-08-29 07:28 . 2004-08-05 12:00 832512 ----a-w- c:\windows\system32\wininet.dll
2009-08-29 07:28 . 2004-08-05 12:00 78336 ----a-w- c:\windows\system32\ieencode.dll
2009-08-29 07:28 . 2004-08-05 12:00 17408 ----a-w- c:\windows\system32\corpol.dll
2009-08-26 08:01 . 2004-08-05 12:00 247326 ----a-w- c:\windows\system32\strmdll.dll
2009-08-26 08:00 . 2009-11-12 16:32 371248 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20091112.005\EECTRL.SYS
2009-08-26 08:00 . 2009-11-12 16:32 102448 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20091112.005\ERASER.SYS
2009-08-25 08:00 . 2009-11-12 16:32 84912 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20091112.005\NAVENG.SYS
2009-08-25 08:00 . 2009-11-12 16:32 177520 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20091112.005\NAVENG32.DLL
2009-08-25 08:00 . 2009-11-12 16:32 1647984 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20091112.005\NAVEX32A.DLL
2009-08-25 08:00 . 2009-11-12 16:32 1323568 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20091112.005\NAVEX15.SYS
2009-08-22 07:21 . 2009-04-15 17:54 36400 ----a-r- c:\windows\system32\drivers\SymIM.sys
2009-03-31 20:47 . 2008-09-09 15:34 324976 ----a-w- c:\program files\mozilla firefox\components\coFFPlgn.dll
2009-05-01 21:02 . 2009-05-01 21:02 1044480 ----a-w- c:\program files\mozilla firefox\plugins\libdivx.dll
2009-05-01 21:02 . 2009-05-01 21:02 200704 ----a-w- c:\program files\mozilla firefox\plugins\ssldivx.dll
.

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\VirtualExpanderFile.1]
@="{E4000AC4-5E5F-4956-807A-C5854405D64F}"
[HKEY_CLASSES_ROOT\CLSID\{E4000AC4-5E5F-4956-807A-C5854405D64F}]
2007-01-17 19:19 73728 ----a-w- c:\windows\system32\VirtualExpander\VEShellExt.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2006-12-11 25343016]
"Google Update"="c:\documents and settings\Ruegsegger\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2008-09-06 133104]
"PowerArchiver Tray"="c:\program files\PowerArchiver\PASTARTER.EXE" [2009-07-17 508736]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2009-10-30 369200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ATIPTA"="c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2004-08-03 339968]
"Motive SmartBridge"="c:\progra~1\Bluewin\QUICKH~1\SMARTB~1\MotiveSB.exe" [2005-07-29 397312]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2008-10-15 144792]
"HP Software Update"="c:\program files\Hewlett-Packard\HP Software Update\HPWuSchd.exe" [2003-06-25 49152]
"DeviceDiscovery"="c:\program files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe" [2003-05-21 229437]
"ShowIcon_DIGITAL AUDIO PLAYER_USB Product Driver v2"="c:\program files\USB Product Driver v2\shwicon.exe" [2003-12-11 73728]
"QuickHelp2_McciTrayApp"="c:\program files\QuickHelp2\QuickHelp.exe" [2007-11-02 1474048]
"MsgCenterExe"="c:\program files\Fichiers communs\Real\Update_OB\RealOneMessageCenter.exe" [2009-10-04 69632]
"fssui"="c:\program files\Windows Live\Family Safety\fsui.exe" [2009-08-05 647520]
"HPDJ Taskbar Utility"="c:\windows\system32\spool\drivers\w32x86\3\hpztsb09.exe" [2003-09-01 176128]
"HP Component Manager"="c:\program files\HP\hpcoretech\hpcmpmgr.exe" [2003-10-23 233472]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-09-04 417792]
"TkBellExe"="c:\program files\Fichiers communs\Real\Update_OB\realsched.exe" [2009-10-04 198160]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-10-28 141600]
"Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2009-09-10 1312080]
"SoundMan"="SOUNDMAN.EXE" - c:\windows\SOUNDMAN.EXE [2005-07-22 81920]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\Ruegsegger\Menu D‚marrer\Programmes\D‚marrage\
LimeWire On Startup.lnk - c:\program files\LimeWire\LimeWire.exe [2009-9-30 503808]
OpenOffice.org 2.0.lnk - c:\program files\OpenOffice.org 2.0\program\quickstart.exe [2006-7-14 393216]
VirtualExpander.lnk - c:\windows\system32\VirtualExpander\VirtualExpander.exe [2007-1-5 430080]

c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
Quick Help.lnk - c:\program files\Bluewin\Quick Help\bin\matcli.exe [2006-4-10 217088]
ZDWLan Utility.lnk - c:\program files\ZyDAS Technology Corporation\ZyDAS_802.11g_Utility\ZDWlan.exe [2007-9-7 475136]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SymEFA.sys]
@="FSFilter Activity Monitor"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Microsoft Games\\Age of Mythology\\aomx.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\LimeWire\\LimeWire.exe"=
"c:\\Program Files\\LucasArts\\Star Wars Battlefront\\GameData\\battlefront.exe"=
"c:\\WINDOWS\\pchealth\\helpctr\\binaries\\HelpCtr.exe"=
"c:\\Program Files\\Sony Ericsson\\Sony Ericsson Media Manager\\MediaManager.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=

R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NIS\1007020.00B\SymEFA.sys [09.09.2009 15:31 310320]
R1 BHDrvx86;Symantec Heuristics Driver;c:\windows\system32\drivers\NIS\1007020.00B\BHDrvx86.sys [09.09.2009 15:31 259632]
R1 ccHP;Symantec Hash Provider;c:\windows\system32\drivers\NIS\1007020.00B\cchpx86.sys [09.09.2009 15:31 482432]
R1 IDSxpx86;IDSxpx86;c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20091107.001\IDSXpx86.sys [12.11.2009 17:32 329592]
R2 acedrv11;acedrv11;c:\windows\system32\drivers\ACEDRV11.sys [23.01.2008 09:19 501560]
R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [20.12.2008 14:07 54752]
R2 Norton Internet Security;Norton Internet Security;c:\program files\Norton Internet Security\Engine\16.7.2.11\ccSvcHst.exe [09.09.2009 15:31 117640]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Fichiers communs\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [26.08.2009 09:00 102448]
S2 hpdj3600;hpdj3600;c:\docume~1\RUEGSE~1\LOCALS~1\Temp\hpdj3600.exe -servicerunning=true -uninstall=hp deskjet 3600 series -product=3600 --> c:\docume~1\RUEGSE~1\LOCALS~1\Temp\hpdj3600.exe -servicerunning=true -uninstall=hp deskjet 3600 series -product=3600 [?]
S3 audiobridge;Virtual Audio Bridge;c:\windows\system32\drivers\aubridge.sys [23.07.2007 14:04 22528]
S3 BRGSp50;BRGSp50 NDIS Protocol Driver;c:\windows\system32\drivers\BRGSp50.sys [07.09.2007 18:22 20608]
S3 fsssvc;Service Windows Live Contrôle parental;c:\program files\Windows Live\Family Safety\fsssvc.exe [05.08.2009 22:48 704864]
S3 gsplittm;gsplittm;\??\c:\docume~1\RUEGSE~1\LOCALS~1\Temp\gsplittm.sys --> c:\docume~1\RUEGSE~1\LOCALS~1\Temp\gsplittm.sys [?]
S3 HPx9G+;HPx9G+ Device USB Driver;c:\windows\system32\drivers\HPx9G+.sys [30.10.2006 12:40 21992]

--- Autres Services/Pilotes en mémoire ---

*NewlyCreated* - MBR
*NewlyCreated* - PROCEXP113
*Deregistered* - mbr
*Deregistered* - PROCEXP113
.
Contenu du dossier 'Tâches planifiées'

2009-10-24 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 10:34]

2009-11-08 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1844237615-842925246-839522115-1004Core.job
- c:\documents and settings\Ruegsegger\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2008-09-06 17:26]

2009-11-12 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1844237615-842925246-839522115-1004UA.job
- c:\documents and settings\Ruegsegger\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2008-09-06 17:26]
.
.
------- Examen supplémentaire -------
.
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = 127.0.0.1;*.local
uSearchURL,(Default) = hxxp://www.google.com/keyword/%s
IE: E&xport to Microsoft Excel - c:\progra~1\MI1933~1\Office10\EXCEL.EXE/3000
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
FF - ProfilePath - c:\documents and settings\Ruegsegger\Application Data\Mozilla\Firefox\Profiles\f0xp3qjy.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.live.com/results.aspx?FORM=IEFM1&q=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://go.microsoft.com/fwlink/?LinkId=69157
FF - prefs.js: keyword.URL - hxxp://search.live.com/results.aspx?FORM=IEFM1&q=
FF - component: c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\coFFPlgn\components\coFFPlgn.dll
FF - component: c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\IPSFFPlgn\components\IPSFFPl.dll
FF - component: c:\program files\real\realplayer\browserrecord\firefox\ext\components\nprpffbrowserrecordext.dll
FF - plugin: c:\documents and settings\Ruegsegger\Local Settings\Application Data\Google\Update\1.2.183.13\npGoogleOneClick8.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npmozax.dll
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- PARAMETRES FIREFOX ----
c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("security.classID.allowByDefault", true);
c:\program files\Mozilla Firefox\defaults\pref\oneclick-rg.js - pref("capability.policy.default.ClassID.CID2C5A2C95-52A5-46e3-BA11-096E225A98F4", "AllAccess");
.
- - - - ORPHELINS SUPPRIMES - - - -

HKCU-Run-Fraps - c:\fraps\FRAPS.EXE
HKCU-Run-updateMgr - c:\program files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe
HKU-Default-Run-msnmsgr - c:\program files\MSN Messenger\msnmsgr.exe
AddRemove-Astroburn Toolbar - c:\program files\Astroburn Toolbar\uninst.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-11-12 22:24
Windows 5.1.2600 Service Pack 3 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************

Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net

device: opened successfully
user: MBR read successfully
called modules: ntkrnlpa.exe catchme.sys CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys spxn.sys >>UNKNOWN [0x86787938]<<
kernel: MBR read successfully
user & kernel MBR OK
Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net

atapi.sys @ 0x0 0x0 bytes

\Driver\atapi [ IRP_MJ_CREATE ] 0xA6F2 != 0xF7362B40 atapi.sys
\Driver\atapi [ IRP_MJ_CLOSE ] 0xA6F2 != 0xF7362B40 atapi.sys
\Driver\atapi [ IRP_MJ_DEVICE_CONTROL ] 0xA712 != 0xF7362B40 atapi.sys
\Driver\atapi [ IRP_MJ_INTERNAL_DEVICE_CONTROL ] 0x6852 != 0xF7362B40 atapi.sys
\Driver\atapi [ IRP_MJ_POWER ] 0xA73C != 0xF7362B40 atapi.sys
\Driver\atapi [ IRP_MJ_SYSTEM_CONTROL ] 0x11336 != 0xF7362B40 atapi.sys
\Driver\atapi IRP hooks detected !

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Norton Internet Security]
"ImagePath"="\"c:\program files\Norton Internet Security\Engine\16.7.2.11\ccSvcHst.exe\" /s \"Norton Internet Security\" /m \"c:\program files\Norton Internet Security\Engine\16.7.2.11\diMaster.dll\" /prefetch:1"
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------

[HKEY_USERS\S-1-5-21-1844237615-842925246-839522115-1004\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
--------------------- DLLs chargées dans les processus actifs ---------------------

- - - - - - - > 'winlogon.exe'(900)
c:\windows\system32\Ati2evxx.dll
.
Heure de fin: 2009-11-12 22:29
ComboFix-quarantined-files.txt 2009-11-12 21:29

Avant-CF: 30'356'987'904 octets libres
Après-CF: 34'569'691'136 octets libres

WindowsXP-KB310994-SP2-Home-BootDisk-FRA.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP dition familiale" /noexecute=optin /fastdetect

- - End Of File - - 4F82163FA130267A3A0EDFD92343C274

Excuse-moi qu'est-ce que tu entends par rapport RSIT?

mbam 0 fichiers infectés

Logfile of random's system information tool 1.06 (written by random/random)
Run by Ruegsegger at 2009-11-12 22:45:02
Microsoft Windows XP Édition familiale Service Pack 3
System drive C: has 33 GB (44%) free of 75 GB
Total RAM: 1023 MB (25% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:45:09, on 12.11.2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16915)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\PROGRA~1\Bluewin\QUICKH~1\SMARTB~1\MotiveSB.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\Program Files\USB Product Driver v2\shwicon.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\PowerArchiver\PASTARTER.EXE
C:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\Program Files\OpenOffice.org 2.0\program\soffice.exe
C:\Program Files\OpenOffice.org 2.0\program\soffice.BIN
C:\WINDOWS\system32\VirtualExpander\VirtualExpander.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Fichiers communs\Motive\McciCMService.exe
C:\Program Files\Norton Internet Security\Engine\16.7.2.11\ccSvcHst.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Skype\Plugin Manager\SkypePM.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Norton Internet Security\Engine\16.7.2.11\ccSvcHst.exe
C:\WINDOWS\system32\notepad.exe
C:\WINDOWS\explorer.exe
C:\Documents and Settings\Ruegsegger\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Ruegsegger\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Ruegsegger\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\Documents and Settings\Ruegsegger\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Documents and Settings\Ruegsegger\Mes documents\Downloads\RSIT.exe
C:\Program Files\trend micro\Ruegsegger.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1;*.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\program files\real\realplayer\rpbrowserrecordplugin.dll
O2 - BHO: Windows Live Family Safety Browser Helper - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll
O2 - BHO: Click-to-Call BHO - {5C255C8A-E604-49b4-9D64-90988571CECB} - C:\Program Files\Windows Live\Messenger\wlchtc.dll
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\16.7.2.11\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\16.7.2.11\IPSBHO.DLL
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\16.7.2.11\coIEPlg.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\Bluewin\QUICKH~1\SMARTB~1\MotiveSB.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe"
O4 - HKLM\..\Run: [DeviceDiscovery] C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
O4 - HKLM\..\Run: [ShowIcon_DIGITAL AUDIO PLAYER_USB Product Driver v2] "C:\Program Files\USB Product Driver v2\shwicon.exe" -t"DIGITAL AUDIO PLAYER\USB Product Driver v2"
O4 - HKLM\..\Run: [QuickHelp2_McciTrayApp] C:\Program Files\QuickHelp2\QuickHelp.exe
O4 - HKLM\..\Run: [MsgCenterExe] "C:\Program Files\Fichiers communs\Real\Update_OB\RealOneMessageCenter.exe" -osboot
O4 - HKLM\..\Run: [fssui] "C:\Program Files\Windows Live\Family Safety\fsui.exe" -autorun
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Ruegsegger\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [PowerArchiver Tray] C:\Program Files\PowerArchiver\PASTARTER.EXE
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire.exe
O4 - Startup: OpenOffice.org 2.0.lnk = C:\Program Files\OpenOffice.org 2.0\program\quickstart.exe
O4 - Startup: VirtualExpander.lnk = C:\WINDOWS\system32\VirtualExpander\VirtualExpander.exe
O4 - Global Startup: Quick Help.lnk = C:\Program Files\Bluewin\Quick Help\bin\matcli.exe
O4 - Global Startup: ZDWLan Utility.lnk = C:\Program Files\ZyDAS Technology Corporation\ZyDAS_802.11g_Utility\ZDWlan.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\Office10\EXCEL.EXE/3000
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Organise-notes - {9455301C-CF6B-11D3-A266-00C04F689C50} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Researcher\EROPROJ.DLL
O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-CH/a-UNO1/GAME_UNO1.cab
O16 - DPF: {A8F2B9BD-A6A0-486A-9744-18920D898429} (ScorchPlugin Class) - http://www.sibelius.com/download/software/win/ActiveXPlugin.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {CAC677B6-4963-4305-9066-0BD135CD9233} (IPSUploader4 Control) - http://as.photoprintit.de/ips-opdata/layout/default01/activex/IPSUploader4.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O18 - Protocol: symres - {AA1061FE-6C41-421F-9344-69640C9732AB} - C:\Program Files\Norton Internet Security\Engine\16.7.2.11\coIEPlg.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: hpdj3600 - Unknown owner - C:\DOCUME~1\RUEGSE~1\LOCALS~1\Temp\hpdj3600.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: McciCMService - Motive Communications, Inc. - C:\Program Files\Fichiers communs\Motive\McciCMService.exe
O23 - Service: Norton Internet Security - Symantec Corporation - C:\Program Files\Norton Internet Security\Engine\16.7.2.11\ccSvcHst.exe
O23 - Service: Planificateur LiveUpdate automatique - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing)

Hello!
Est-ce que mon ordi est clean ? Si c'est le cas pourrais-tu me dire la procédure pour enlever tous les programmes que j'ai téléchargé? Merci encore pour ton aide!

Voilà le rapport !

SUPERAntiSpyware Scan Log
https://www.superantispyware.com/

Generated 11/15/2009 at 04:34 PM

Application Version : 4.30.1004

Core Rules Database Version : 4274
Trace Rules Database Version: 2154

Scan type : Complete Scan
Total Scan Time : 00:45:32

Memory items scanned : 683
Memory threats detected : 0
Registry items scanned : 5761
Registry threats detected : 0
File items scanned : 25083
File threats detected : 197

Adware.Tracking Cookie
C:\Documents and Settings\Ruegsegger\Cookies\ruegsegger@879.stats.misstrends[1].txt
C:\Documents and Settings\Ruegsegger\Cookies\ruegsegger@clickintext[2].txt
C:\Documents and Settings\Ruegsegger\Cookies\ruegsegger@toplistes[2].txt
C:\Documents and Settings\Ruegsegger\Cookies\ruegsegger@clickinvideo[1].txt
C:\Documents and Settings\Ruegsegger\Cookies\ruegsegger@pornattitude[2].txt
C:\Documents and Settings\Ruegsegger\Cookies\ruegsegger@www.googleadservices[5].txt
C:\Documents and Settings\Ruegsegger\Cookies\ruegsegger@630.stats.misstrends[1].txt
C:\Documents and Settings\Ruegsegger\Cookies\ruegsegger@5235.stats.misstrends[2].txt
C:\Documents and Settings\Ruegsegger\Cookies\ruegsegger@1-porno[2].txt
C:\Documents and Settings\Ruegsegger\Cookies\ruegsegger@top-sexe-gratuit.3x[2].txt
C:\Documents and Settings\Ruegsegger\Cookies\ruegsegger@adulterencontre[1].txt
C:\Documents and Settings\Ruegsegger\Cookies\ruegsegger@stats.canalblog[1].txt
C:\Documents and Settings\Ruegsegger\Cookies\ruegsegger@atdmt[1].txt
C:\Documents and Settings\Ruegsegger\Cookies\ruegsegger@amateur2sexe[1].txt
C:\Documents and Settings\Ruegsegger\Cookies\ruegsegger@videos-transexuel[1].txt
C:\Documents and Settings\Ruegsegger\Cookies\ruegsegger@zbox.zanox[1].txt
C:\Documents and Settings\Ruegsegger\Cookies\ruegsegger@ads.sites-de-sexe[2].txt
C:\Documents and Settings\Ruegsegger\Cookies\ruegsegger@imagevenue.advertserve[2].txt
C:\Documents and Settings\Ruegsegger\Cookies\ruegsegger@jeune-salope-xxx[2].txt
C:\Documents and Settings\Ruegsegger\Cookies\ruegsegger@www.sexeautop[1].txt
C:\Documents and Settings\Ruegsegger\Cookies\ruegsegger@bs.serving-sys[1].txt
C:\Documents and Settings\Ruegsegger\Cookies\ruegsegger@adserver.myvideo[1].txt
C:\Documents and Settings\Ruegsegger\Cookies\ruegsegger@roitracking[1].txt
C:\Documents and Settings\Ruegsegger\Cookies\ruegsegger@carasexe[1].txt
C:\Documents and Settings\Ruegsegger\Cookies\ruegsegger@www.sexmultiplex[5].txt
C:\Documents and Settings\Ruegsegger\Cookies\ruegsegger@www.pornattitude[2].txt
C:\Documents and Settings\Ruegsegger\Cookies\ruegsegger@a2.adserver01[2].txt
C:\Documents and Settings\Ruegsegger\Cookies\ruegsegger@www.oxistats[1].txt
C:\Documents and Settings\Ruegsegger\Cookies\ruegsegger@www.adulterencontre[2].txt
C:\Documents and Settings\Ruegsegger\Cookies\ruegsegger@ads.clicksor[1].txt
C:\Documents and Settings\Ruegsegger\Cookies\ruegsegger@www.sexandtrash[2].txt
C:\Documents and Settings\Ruegsegger\Cookies\ruegsegger@doubleclick[1].txt
C:\Documents and Settings\Ruegsegger\Cookies\ruegsegger@sexeoptimal[2].txt
C:\Documents and Settings\Ruegsegger\Cookies\ruegsegger@extrait-sexe[1].txt
C:\Documents and Settings\Ruegsegger\Cookies\ruegsegger@porno-x-mature[1].txt
C:\Documents and Settings\Ruegsegger\Cookies\ruegsegger@transexlive[2].txt
C:\Documents and Settings\Ruegsegger\Cookies\ruegsegger@mon-blog-sexe[2].txt
C:\Documents and Settings\Ruegsegger\Cookies\ruegsegger@s3.shinystat[1].txt
C:\Documents and Settings\Ruegsegger\Cookies\ruegsegger@1240.stats.misstrends[1].txt
C:\Documents and Settings\Ruegsegger\Cookies\ruegsegger@sexmultiplex[2].txt
C:\Documents and Settings\Ruegsegger\Cookies\ruegsegger@wysistat[1].txt
C:\Documents and Settings\Ruegsegger\Cookies\ruegsegger@lyceeporno[2].txt
C:\Documents and Settings\Ruegsegger\Cookies\ruegsegger@824.stats.stats[2].txt
C:\Documents and Settings\Ruegsegger\Cookies\ruegsegger@nuitsexy[1].txt
C:\Documents and Settings\Ruegsegger\Cookies\ruegsegger@annuaire-de-sex-gratuit[2].txt
C:\Documents and Settings\Ruegsegger\Cookies\ruegsegger@porno5[2].txt
C:\Documents and Settings\Ruegsegger\Cookies\ruegsegger@sexedenfer[2].txt
C:\Documents and Settings\Ruegsegger\Cookies\ruegsegger@ads.allotraffic[2].txt
C:\Documents and Settings\Ruegsegger\Cookies\ruegsegger@double-sexe[1].txt
C:\Documents and Settings\Ruegsegger\Cookies\ruegsegger@xiti[1].txt
C:\Documents and Settings\Ruegsegger\Cookies\ruegsegger@www.topsexetube[1].txt
C:\Documents and Settings\Ruegsegger\Cookies\ruegsegger@quelpenis[2].txt
C:\Documents and Settings\Ruegsegger\Cookies\ruegsegger@webmasterplan[1].txt
C:\Documents and Settings\Ruegsegger\Cookies\ruegsegger@www.porno5[2].txt
C:\Documents and Settings\Ruegsegger\Cookies\ruegsegger@4306.stats.misstrends[2].txt
C:\Documents and Settings\Ruegsegger\Cookies\ruegsegger@sexy-stars[2].txt
C:\Documents and Settings\Ruegsegger\Cookies\ruegsegger@mediatraffic[1].txt
C:\Documents and Settings\Ruegsegger\Cookies\ruegsegger@sextv2424[1].txt
C:\Documents and Settings\Ruegsegger\Cookies\ruegsegger@www.incentaclick[2].txt
C:\Documents and Settings\Ruegsegger\Cookies\ruegsegger@extraits-xxx[2].txt
C:\Documents and Settings\Ruegsegger\Cookies\ruegsegger@pornme[1].txt
C:\Documents and Settings\Ruegsegger\Cookies\ruegsegger@ad.search[1].txt
C:\Documents and Settings\Ruegsegger\Cookies\ruegsegger@pubs.sites-de-sexe[2].txt
C:\Documents and Settings\Ruegsegger\Cookies\ruegsegger@www.sexmultiplex[1].txt
C:\Documents and Settings\Ruegsegger\Cookies\ruegsegger@gsexe[2].txt
C:\Documents and Settings\Ruegsegger\Cookies\ruegsegger@minuitsexy[1].txt
C:\Documents and Settings\Ruegsegger\Cookies\ruegsegger@632.stats.misstrends[2].txt
C:\Documents and Settings\Ruegsegger\Cookies\ruegsegger@sexclusivite[2].txt
C:\Documents and Settings\Ruegsegger\Cookies\ruegsegger@adserver.easyadult[1].txt
C:\Documents and Settings\Ruegsegger\Cookies\ruegsegger@604.stats.misstrends[1].txt
C:\Documents and Settings\Ruegsegger\Cookies\ruegsegger@www.gsexe[2].txt
C:\Documents and Settings\Ruegsegger\Cookies\ruegsegger@beacons.hottraffic[1].txt
C:\Documents and Settings\Ruegsegger\Cookies\ruegsegger@web-stats[1].txt
C:\Documents and Settings\Ruegsegger\Cookies\ruegsegger@sexandtrash[2].txt
C:\Documents and Settings\Ruegsegger\Cookies\ruegsegger@jeu.nuitsexy[2].txt
C:\Documents and Settings\Ruegsegger\Cookies\ruegsegger@accesporno[1].txt
C:\Documents and Settings\Ruegsegger\Cookies\ruegsegger@lebaiseur.sexy.carasexe[2].txt
C:\Documents and Settings\Ruegsegger\Cookies\ruegsegger@fr.carasexe[1].txt
C:\Documents and Settings\Ruegsegger\Cookies\ruegsegger@624.stats.stats[1].txt
C:\Documents and Settings\Ruegsegger\Cookies\ruegsegger@rabbitfinder[2].txt
C:\Documents and Settings\Ruegsegger\Cookies\ruegsegger@tradedoubler[2].txt
C:\Documents and Settings\Ruegsegger\Cookies\ruegsegger@www.sexeautop[2].txt
C:\Documents and Settings\Ruegsegger\Cookies\ruegsegger@adserver.aol[1].txt
C:\Documents and Settings\Ruegsegger\Cookies\ruegsegger@media.amoureux[2].txt
C:\Documents and Settings\Ruegsegger\Cookies\ruegsegger@apmebf[1].txt
C:\Documents and Settings\Ruegsegger\Cookies\ruegsegger@www.films-x-porno[1].txt
C:\Documents and Settings\Ruegsegger\Cookies\ruegsegger@1800.stats.misstrends[1].txt
C:\Documents and Settings\Ruegsegger\Cookies\ruegsegger@portaildusexe[1].txt
C:\Documents and Settings\Ruegsegger\Cookies\ruegsegger@xxx-gratuit[1].txt
C:\Documents and Settings\Ruegsegger\Cookies\ruegsegger@www.sexmultiplex[3].txt
C:\Documents and Settings\Ruegsegger\Cookies\ruegsegger@galeriexxx[1].txt
C:\Documents and Settings\Ruegsegger\Cookies\ruegsegger@www.100pour100sexe[1].txt
C:\Documents and Settings\Ruegsegger\Cookies\ruegsegger@sexe40ans[2].txt
C:\Documents and Settings\Ruegsegger\Cookies\ruegsegger@3073.stats.misstrends[1].txt
C:\Documents and Settings\Ruegsegger\Cookies\ruegsegger@pornravage[2].txt
C:\Documents and Settings\Ruegsegger\Cookies\ruegsegger@sexe-gratuit-f[1].txt
C:\Documents and Settings\Ruegsegger\Cookies\ruegsegger@1111.stats.misstrends[2].txt
C:\Documents and Settings\Ruegsegger\Cookies\ruegsegger@tools.pornypass[1].txt
C:\Documents and Settings\Ruegsegger\Cookies\ruegsegger@www.videosdesexe[2].txt
C:\Documents and Settings\Ruegsegger\Cookies\ruegsegger@adultadworld[2].txt
C:\Documents and Settings\Ruegsegger\Cookies\ruegsegger@hornymatches[1].txt
C:\Documents and Settings\Ruegsegger\Cookies\ruegsegger@www.topdusexe[1].txt
C:\Documents and Settings\Ruegsegger\Cookies\ruegsegger@1995.stats.stats[1].txt
C:\Documents and Settings\Ruegsegger\Cookies\ruegsegger@airsexe[2].txt
C:\Documents and Settings\Ruegsegger\Cookies\ruegsegger@602.stats.misstrends[2].txt
C:\Documents and Settings\Ruegsegger\Cookies\ruegsegger@mysexywebtv[1].txt
C:\Documents and Settings\Ruegsegger\Cookies\ruegsegger@www.mysexywebtv[2].txt
C:\Documents and Settings\Ruegsegger\Cookies\ruegsegger@secure.archiveporno[1].txt
C:\Documents and Settings\Ruegsegger\Cookies\ruegsegger@www.archiveporno[2].txt
C:\Documents and Settings\Ruegsegger\Cookies\ruegsegger@www.googleadservices[1].txt
C:\Documents and Settings\Ruegsegger\Cookies\ruegsegger@amateur.plus-2-sexe[1].txt
C:\Documents and Settings\Ruegsegger\Cookies\ruegsegger@2328.stats.misstrends[1].txt
C:\Documents and Settings\Ruegsegger\Cookies\ruegsegger@xxxblackbook[1].txt
C:\Documents and Settings\Ruegsegger\Cookies\ruegsegger@plein-de-porno[1].txt
C:\Documents and Settings\Ruegsegger\Cookies\ruegsegger@shinystat[1].txt
C:\Documents and Settings\Ruegsegger\Cookies\ruegsegger@m1.webstats.motigo[1].txt
C:\Documents and Settings\Ruegsegger\Cookies\ruegsegger@banners.sites-de-sexe[2].txt
C:\Documents and Settings\Ruegsegger\Cookies\ruegsegger@www.lalypornogratuit[2].txt
C:\Documents and Settings\Ruegsegger\Cookies\ruegsegger@680.stats.misstrends[2].txt
C:\Documents and Settings\Ruegsegger\Cookies\ruegsegger@naiadsystems[2].txt
C:\Documents and Settings\Ruegsegger\Cookies\ruegsegger@3635.stats.misstrends[1].txt
C:\Documents and Settings\Ruegsegger\Cookies\ruegsegger@adserver.alyzamedia[2].txt
C:\Documents and Settings\Ruegsegger\Cookies\ruegsegger@gratuit-videos-porno[2].txt
C:\Documents and Settings\Ruegsegger\Cookies\ruegsegger@s4.shinystat[2].txt
C:\Documents and Settings\Ruegsegger\Cookies\ruegsegger@live1.ipmediasuite[2].txt
C:\Documents and Settings\Ruegsegger\Cookies\ruegsegger@www.videos-sexe-france[2].txt
C:\Documents and Settings\Ruegsegger\Cookies\ruegsegger@www.darkcounter[1].txt
C:\Documents and Settings\Ruegsegger\Cookies\ruegsegger@t.bbtrack[2].txt
C:\Documents and Settings\Ruegsegger\Cookies\ruegsegger@eas.apm.emediate[1].txt
C:\Documents and Settings\Ruegsegger\Cookies\ruegsegger@adserving.aedgency[1].txt
C:\Documents and Settings\Ruegsegger\Cookies\ruegsegger@projetsexe[1].txt
C:\Documents and Settings\Ruegsegger\Cookies\ruegsegger@www.mediasoftwareapps[1].txt
C:\Documents and Settings\Ruegsegger\Cookies\ruegsegger@1899.stats.misstrends[2].txt
C:\Documents and Settings\Ruegsegger\Cookies\ruegsegger@vporno[1].txt
C:\Documents and Settings\Ruegsegger\Cookies\ruegsegger@media.acces-charme[1].txt
C:\Documents and Settings\Ruegsegger\Cookies\ruegsegger@CAJ9WFRM.txt
C:\Documents and Settings\Ruegsegger\Cookies\ruegsegger@sexeautop[1].txt
C:\Documents and Settings\Ruegsegger\Cookies\ruegsegger@ad2.doublepimp[1].txt
C:\Documents and Settings\Ruegsegger\Cookies\ruegsegger@www.projetsexe[1].txt
C:\Documents and Settings\Ruegsegger\Cookies\ruegsegger@porn[2].txt
C:\Documents and Settings\Ruegsegger\Cookies\ruegsegger@extrait-gratixxx[2].txt
C:\Documents and Settings\Ruegsegger\Cookies\ruegsegger@5759.stats.misstrends[1].txt
C:\Documents and Settings\Ruegsegger\Cookies\ruegsegger@finder-x[1].txt
C:\Documents and Settings\Ruegsegger\Cookies\ruegsegger@www.sexedenfer[1].txt
C:\Documents and Settings\Ruegsegger\Cookies\ruegsegger@ads.canalblog[1].txt
C:\Documents and Settings\Ruegsegger\Cookies\ruegsegger@academy-stars-sexy[1].txt
C:\Documents and Settings\Ruegsegger\Cookies\ruegsegger@incentaclick[2].txt
C:\Documents and Settings\Ruegsegger\Cookies\ruegsegger@707.stats.misstrends[2].txt
C:\Documents and Settings\Ruegsegger\Cookies\ruegsegger@tracking.mindshare[1].txt
C:\Documents and Settings\Ruegsegger\Cookies\ruegsegger@663.stats.misstrends[2].txt
C:\Documents and Settings\Ruegsegger\Cookies\ruegsegger@www.annuaire-de-sex-gratuit[1].txt
C:\Documents and Settings\Ruegsegger\Cookies\ruegsegger@porntour[1].txt
C:\Documents and Settings\Ruegsegger\Cookies\ruegsegger@ads.planet49[1].txt
C:\Documents and Settings\Ruegsegger\Cookies\ruegsegger@5575.stats.misstrends[1].txt
C:\Documents and Settings\Ruegsegger\Cookies\ruegsegger@ads.128b[2].txt
C:\Documents and Settings\Ruegsegger\Cookies\ruegsegger@frenchfriendfinder[2].txt
C:\Documents and Settings\Ruegsegger\Cookies\ruegsegger@teenslikeitbig[2].txt
C:\Documents and Settings\Ruegsegger\Cookies\ruegsegger@fr.classic.clickintext[2].txt
C:\Documents and Settings\Ruegsegger\Cookies\ruegsegger@803.stats.misstrends[1].txt
C:\Documents and Settings\Ruegsegger\Cookies\ruegsegger@www.gsexe[3].txt
C:\Documents and Settings\Ruegsegger\Cookies\ruegsegger@635.stats.misstrends[2].txt
C:\Documents and Settings\Ruegsegger\Cookies\ruegsegger@sexyavenue[1].txt
C:\Documents and Settings\Ruegsegger\Cookies\ruegsegger@adfarm1.adition[2].txt
C:\Documents and Settings\Ruegsegger\Cookies\ruegsegger@videos-sexe-france[2].txt
C:\Documents and Settings\Ruegsegger\Cookies\ruegsegger@gratuit-porn[1].txt
C:\Documents and Settings\Ruegsegger\Cookies\ruegsegger@www.mon-blog-sexe[2].txt
C:\Documents and Settings\Ruegsegger\Cookies\ruegsegger@www.sexe-journal[1].txt
C:\Documents and Settings\Ruegsegger\Cookies\ruegsegger@banners3.spacash[1].txt
C:\Documents and Settings\Ruegsegger\Cookies\ruegsegger@www.sexyavenue[1].txt
C:\Documents and Settings\Ruegsegger\Cookies\ruegsegger@chokertraffic[2].txt
C:\Documents and Settings\Ruegsegger\Cookies\ruegsegger@stats.conapt[2].txt
C:\Documents and Settings\Ruegsegger\Cookies\ruegsegger@www.planete-adulte[2].txt
C:\Documents and Settings\Ruegsegger\Cookies\ruegsegger@ads.myswitzerland[1].txt
C:\Documents and Settings\Ruegsegger\Cookies\ruegsegger@ad.zanox[1].txt
C:\Documents and Settings\Ruegsegger\Cookies\ruegsegger@818.stats.misstrends[2].txt
C:\Documents and Settings\Ruegsegger\Cookies\ruegsegger@www.xxx-gratuit[1].txt
C:\Documents and Settings\Ruegsegger\Cookies\ruegsegger@tracking.publicidees[1].txt
C:\Documents and Settings\Ruegsegger\Cookies\ruegsegger@stats2.sexytools[2].txt
C:\Documents and Settings\Ruegsegger\Cookies\ruegsegger@mediaplex[2].txt
C:\Documents and Settings\Ruegsegger\Cookies\ruegsegger@tools.mysexy[2].txt
C:\Documents and Settings\Ruegsegger\Cookies\ruegsegger@stats.zmags[1].txt
C:\Documents and Settings\Ruegsegger\Cookies\ruegsegger@2026.stats.misstrends[2].txt
C:\Documents and Settings\Ruegsegger\Cookies\ruegsegger@msnportal.112.2o7[1].txt
C:\Documents and Settings\Ruegsegger\Cookies\ruegsegger@www.sexezoom[2].txt
C:\Documents and Settings\Ruegsegger\Cookies\ruegsegger@www.googleadservices[3].txt
C:\Documents and Settings\Ruegsegger\Cookies\ruegsegger@sexy-girlz[1].txt
C:\Documents and Settings\Ruegsegger\Cookies\ruegsegger@tools.acces-adulte[1].txt
C:\Documents and Settings\Ruegsegger\Cookies\ruegsegger@uphighmedia[1].txt
C:\Documents and Settings\Ruegsegger\Cookies\ruegsegger@wysistat[3].txt
C:\Documents and Settings\Ruegsegger\Cookies\ruegsegger@exoclick[2].txt
C:\Documents and Settings\Ruegsegger\Cookies\ruegsegger@teen-sodomisee[1].txt
C:\Documents and Settings\Ruegsegger\Cookies\ruegsegger@s2.shinystat[2].txt
C:\Documents and Settings\Ruegsegger\Cookies\ruegsegger@galleries.adult-empire[1].txt
C:\Documents and Settings\Ruegsegger\Cookies\ruegsegger@2o7[2].txt
C:\Documents and Settings\Ruegsegger\Cookies\ruegsegger@www.finder-x[1].txt
C:\Documents and Settings\Ruegsegger\Cookies\ruegsegger@serving-sys[2].txt

Trojan.Agent/Gen-Nullo[Short]
C:\SYSTEM VOLUME INFORMATION\_RESTORE{8EDD08BE-9957-45CD-B8B0-418966B2194F}\RP696\A0234362.EXE

Hello, le scan est pas encore terminé mais pendant celui-ci la barre d'outil de Windows (où il y a le menu Démarrer) et toutes les icônes de mon bureau se sont soudainement effacés. Je n'ai que l'image d'arrière plan et les fenêtres Internet (que je peux accéder par Alt Ctrl Delete). Ça m'est déjà arrivé quand j'ai fais l'analyse avec ComboFix (sauf erreur) et j'ai du éteindre le pc avec le bouton sur la tour... Est-ce que tu saurais ce que c'est ?

Excuse-moi mais quand je clique Démarrer il y a directement l'analyse. Je ne vois nulle part le bandeau jaune " Ce site nécessite.... OnlineScanner.cab... "

Hello! Voilà le rapport ESET

ESETSmartInstaller@High as downloader log:
all ok
ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6211
# api_version=3.0.2
# EOSSerial=6f97fef157eaf64287a366e7bb2e0262
# end=stopped
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2009-11-15 05:39:03
# local_time=2009-11-15 06:39:03 (+0100, Paris, Madrid)
# country="Switzerland"
# lang=1036
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=512 16777215 100 0 247937 247937 0 0
# compatibility_mode=3588 16777173 100 96 5799933 7380979 0 0
# compatibility_mode=8192 67108863 100 0 3849 3849 0 0
# scanned=2721
# found=0
# cleaned=0
# scan_time=102
ESETSmartInstaller@High as downloader log:
all ok
esets_scanner_update returned -1 esets_gle=53251
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6211
# api_version=3.0.2
# EOSSerial=6f97fef157eaf64287a366e7bb2e0262
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2009-11-15 07:31:55
# local_time=2009-11-15 08:31:55 (+0100, Paris, Madrid)
# country="Switzerland"
# lang=1036
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=512 16777215 100 0 248124 248124 0 0
# compatibility_mode=3588 16777173 100 96 5800120 7381166 0 0
# compatibility_mode=8192 67108863 100 0 4036 4036 0 0
# scanned=80532
# found=43
# cleaned=43
# scan_time=6683
C:\Documents and Settings\All Users\Menu Démarrer\Live Safety Center.lnk Win32/Adware.SecToolbar application (nettoyé par suppression - mis en quarantaine) 00000000000000000000000000000000 C
C:\Documents and Settings\Ruegsegger\Mes documents\Downloads\UsbFix.exe Win32/PrcView application (supprimé - mis en quarantaine) 00000000000000000000000000000000 C
C:\Qoobox\Quarantine\C\Documents and Settings\Ruegsegger\Bureau\Live Safety Center.lnk.vir Win32/Adware.SecToolbar application (nettoyé par suppression - mis en quarantaine) 00000000000000000000000000000000 C
C:\Qoobox\Quarantine\C\Documents and Settings\Ruegsegger\Favoris\Online Security Guide.lnk.vir Win32/Adware.SecToolbar application (nettoyé par suppression - mis en quarantaine) 00000000000000000000000000000000 C
C:\Qoobox\Quarantine\C\WINDOWS\system32\ajehxeuv.ini.vir Win32/Adware.Virtumonde.NEO application (nettoyé par suppression - mis en quarantaine) 00000000000000000000000000000000 C
C:\Qoobox\Quarantine\C\WINDOWS\system32\bboelpry.ini.vir Win32/Adware.Virtumonde.NEO application (nettoyé par suppression - mis en quarantaine) 00000000000000000000000000000000 C
C:\Qoobox\Quarantine\C\WINDOWS\system32\bjpbvgon.ini.vir Win32/Adware.Virtumonde.NEO application (nettoyé par suppression - mis en quarantaine) 00000000000000000000000000000000 C
C:\Qoobox\Quarantine\C\WINDOWS\system32\cxbdiprf.ini.vir Win32/Adware.Virtumonde.NEO application (nettoyé par suppression - mis en quarantaine) 00000000000000000000000000000000 C
C:\Qoobox\Quarantine\C\WINDOWS\system32\dmhwrpyh.ini.vir Win32/Adware.Virtumonde.NEO application (nettoyé par suppression - mis en quarantaine) 00000000000000000000000000000000 C
C:\Qoobox\Quarantine\C\WINDOWS\system32\fkonukjc.ini.vir Win32/Adware.Virtumonde.NEO application (nettoyé par suppression - mis en quarantaine) 00000000000000000000000000000000 C
C:\Qoobox\Quarantine\C\WINDOWS\system32\hijisejb.ini.vir Win32/Adware.Virtumonde.NEO application (nettoyé par suppression - mis en quarantaine) 00000000000000000000000000000000 C
C:\Qoobox\Quarantine\C\WINDOWS\system32\hqkqavmc.ini.vir Win32/Adware.Virtumonde.NEO application (nettoyé par suppression - mis en quarantaine) 00000000000000000000000000000000 C
C:\Qoobox\Quarantine\C\WINDOWS\system32\ihhkj.bak1.vir Win32/Adware.Virtumonde.NEO application (nettoyé par suppression - mis en quarantaine) 00000000000000000000000000000000 C
C:\Qoobox\Quarantine\C\WINDOWS\system32\ihhkj.bak2.vir Win32/Adware.Virtumonde.NEO application (nettoyé par suppression - mis en quarantaine) 00000000000000000000000000000000 C
C:\Qoobox\Quarantine\C\WINDOWS\system32\ihhkj.ini.vir Win32/Adware.Virtumonde.NEO application (nettoyé par suppression - mis en quarantaine) 00000000000000000000000000000000 C
C:\Qoobox\Quarantine\C\WINDOWS\system32\ihhkj.ini2.vir Win32/Adware.Virtumonde.NEO application (nettoyé par suppression - mis en quarantaine) 00000000000000000000000000000000 C
C:\Qoobox\Quarantine\C\WINDOWS\system32\ihhkj.tmp.vir Win32/Adware.Virtumonde.NEO application (nettoyé par suppression - mis en quarantaine) 00000000000000000000000000000000 C
C:\Qoobox\Quarantine\C\WINDOWS\system32\iolsbqud.ini.vir Win32/Adware.Virtumonde.NEO application (nettoyé par suppression - mis en quarantaine) 00000000000000000000000000000000 C
C:\Qoobox\Quarantine\C\WINDOWS\system32\kdngtiho.ini.vir Win32/Adware.Virtumonde.NEO application (nettoyé par suppression - mis en quarantaine) 00000000000000000000000000000000 C
C:\Qoobox\Quarantine\C\WINDOWS\system32\kylkgmkj.ini.vir Win32/Adware.Virtumonde.NEO application (nettoyé par suppression - mis en quarantaine) 00000000000000000000000000000000 C
C:\Qoobox\Quarantine\C\WINDOWS\system32\lqjchlxl.ini.vir Win32/Adware.Virtumonde.NEO application (nettoyé par suppression - mis en quarantaine) 00000000000000000000000000000000 C
C:\Qoobox\Quarantine\C\WINDOWS\system32\mvnnsejq.ini.vir Win32/Adware.Virtumonde.NEO application (nettoyé par suppression - mis en quarantaine) 00000000000000000000000000000000 C
C:\Qoobox\Quarantine\C\WINDOWS\system32\mxvyvcyj.ini.vir Win32/Adware.Virtumonde.NEO application (nettoyé par suppression - mis en quarantaine) 00000000000000000000000000000000 C
C:\Qoobox\Quarantine\C\WINDOWS\system32\nfiukfto.ini.vir Win32/Adware.Virtumonde.NEO application (nettoyé par suppression - mis en quarantaine) 00000000000000000000000000000000 C
C:\Qoobox\Quarantine\C\WINDOWS\system32\npymdcwi.ini.vir Win32/Adware.Virtumonde.NEO application (nettoyé par suppression - mis en quarantaine) 00000000000000000000000000000000 C
C:\Qoobox\Quarantine\C\WINDOWS\system32\ogjfmdal.ini.vir Win32/Adware.Virtumonde.NEO application (nettoyé par suppression - mis en quarantaine) 00000000000000000000000000000000 C
C:\Qoobox\Quarantine\C\WINDOWS\system32\pcuqhwbo.ini.vir Win32/Adware.Virtumonde.NEO application (nettoyé par suppression - mis en quarantaine) 00000000000000000000000000000000 C
C:\Qoobox\Quarantine\C\WINDOWS\system32\pcvvbxfi.ini.vir Win32/Adware.Virtumonde.NEO application (nettoyé par suppression - mis en quarantaine) 00000000000000000000000000000000 C
C:\Qoobox\Quarantine\C\WINDOWS\system32\peumbfct.ini.vir Win32/Adware.Virtumonde.NEO application (nettoyé par suppression - mis en quarantaine) 00000000000000000000000000000000 C
C:\Qoobox\Quarantine\C\WINDOWS\system32\qnkebshf.ini.vir Win32/Adware.Virtumonde.NEO application (nettoyé par suppression - mis en quarantaine) 00000000000000000000000000000000 C
C:\Qoobox\Quarantine\C\WINDOWS\system32\qnqqsqpu.ini.vir Win32/Adware.Virtumonde.NEO application (nettoyé par suppression - mis en quarantaine) 00000000000000000000000000000000 C
C:\Qoobox\Quarantine\C\WINDOWS\system32\shyplhph.ini.vir Win32/Adware.Virtumonde.NEO application (nettoyé par suppression - mis en quarantaine) 00000000000000000000000000000000 C
C:\Qoobox\Quarantine\C\WINDOWS\system32\sktyjems.ini.vir Win32/Adware.Virtumonde.NEO application (nettoyé par suppression - mis en quarantaine) 00000000000000000000000000000000 C
C:\Qoobox\Quarantine\C\WINDOWS\system32\tlrahkrp.ini.vir Win32/Adware.Virtumonde.NEO application (nettoyé par suppression - mis en quarantaine) 00000000000000000000000000000000 C
C:\Qoobox\Quarantine\C\WINDOWS\system32\vywwnqvp.ini.vir Win32/Adware.Virtumonde.NEO application (nettoyé par suppression - mis en quarantaine) 00000000000000000000000000000000 C
C:\Qoobox\Quarantine\C\WINDOWS\system32\wjnedkty.ini.vir Win32/Adware.Virtumonde.NEO application (nettoyé par suppression - mis en quarantaine) 00000000000000000000000000000000 C
C:\Qoobox\Quarantine\C\WINDOWS\system32\yeysuixy.ini.vir Win32/Adware.Virtumonde.NEO application (nettoyé par suppression - mis en quarantaine) 00000000000000000000000000000000 C
C:\Qoobox\Quarantine\C\WINDOWS\system32\yycdd.bak1.vir Win32/Adware.Virtumonde.NEO application (nettoyé par suppression - mis en quarantaine) 00000000000000000000000000000000 C
C:\Qoobox\Quarantine\C\WINDOWS\system32\yycdd.bak2.vir Win32/Adware.Virtumonde.NEO application (nettoyé par suppression - mis en quarantaine) 00000000000000000000000000000000 C
C:\Qoobox\Quarantine\C\WINDOWS\system32\yycdd.ini.vir Win32/Adware.Virtumonde.NEO application (nettoyé par suppression - mis en quarantaine) 00000000000000000000000000000000 C
C:\Qoobox\Quarantine\C\WINDOWS\system32\yycdd.ini2.vir Win32/Adware.Virtumonde.NEO application (nettoyé par suppression - mis en quarantaine) 00000000000000000000000000000000 C
C:\Qoobox\Quarantine\C\WINDOWS\system32\yycdd.tmp.vir Win32/Adware.Virtumonde.NEO application (nettoyé par suppression - mis en quarantaine) 00000000000000000000000000000000 C
C:\UsbFix\Tools\Kill_P.exe Win32/PrcView application (nettoyé par suppression - mis en quarantaine) 00000000000000000000000000000000 C

Ca va bien ! Déjà y a plus cette fenêtre qui apparait à chaque démarrage et j'ai l'impression qu'il est un peu plus rapide qu'avant! Bon y a eut ces 2 blocage mais je pense aussi que j'avais trop d'applications ouvertes et avec un plus une analyse c'est peut-être la cause.. Mais sinon c'est niquel !!

Ok, j'ai tout fais. Merci encore à toi, pour ton aide et pour le temps que tu m'a consacré! Sinon c'est quoi la purge de la restauration système, j'ai pas bien compris

Oui mais ça sert à quoi?