Insertion automatique signature à mon insu

Bonjour Dédétraqué. Merci pour l'aide. Voici les liens demandés :
https://www.cjoint.com/?ewiFNMSLez
https://www.cjoint.com/?ewiIVxUYYX

@+







-----
I'm using <a href=http://www.savetubevideo.com>youtube downloader</a>

Je pense t'avoir envoyé deux fois le même rapport. Voici le log.txt renommé en doudou194.txt
https://www.cjoint.com/?ewiMWkofn3







-----
I'm using <a href=http://www.savetubevideo.com>youtube downloader</a>

Voici le rapport généré par USBFIX :

############################## | UsbFix V6.107 |

User : Dominique (Administrateurs) # DOMINIQUE
Update on 21/04/2010 by El Desaparecido , C_XX & Chimay8
Start at: 14:06:39 | 22/04/2010
Website : http://pagesperso-orange.fr/NosTools/index.html
Contact : FindyKill.Contact@gmail.com

AMD Athlon(tm) 64 X2 Dual Core Processor 5000+
Microsoft Windows XP Professionnel (5.1.2600 32-bit) # Service Pack 3
Internet Explorer 8.0.6001.18702
Windows Firewall Status : Disabled
AV : Bitdefender Antivirus 8.0 [ (!) Disabled | Updated ]
AV : Kaspersky Internet Security 9.0.0.736 [ Enabled | Updated ]
FW : Norton Internet Worm Protection[ (!) Disabled ]2006
FW : Bitdefender Firewall[ (!) Disabled ]8.0
FW : Kaspersky Internet Security[ (!) Disabled ]9.0.0.736

C:\ -> Disque fixe local # 279,46 Go (81,22 Go free) # NTFS
D:\ -> Disque CD-ROM
E:\ -> Disque fixe local # 96,56 Go (52,32 Go free) [MP3] # NTFS
F:\ -> Disque fixe local # 96,58 Go (96,51 Go free) [BACKUP] # NTFS
H:\ -> Disque fixe local # 96,54 Go (43,18 Go free) [DVD ] # NTFS
I:\ -> Disque amovible
J:\ -> Disque fixe local # 97,65 Go (93,6 Go free) [WAV] # NTFS
K:\ -> Disque fixe local # 457,45 Go (419,92 Go free) [DOCUMENTS HDD 500 GB] # NTFS
L:\ -> Disque fixe local # 78,43 Go (122,21 Mo free) [STOCKAGE] # NTFS
M:\ -> Disque fixe local # 146,48 Go (135,21 Go free) [HITACHI 160 GB] # NTFS

################## | Elements infectieux |

K:\autorun.inf

################## | Registre |


################## | Mountpoints2 |

HKCU\..\..\Explorer\MountPoints2\{0da47bc6-e9fb-11dc-9b9d-001a9215cd97}
Shell\AutoRun\command =setupSNK.exe

HKCU\..\..\Explorer\MountPoints2\{7498f1a0-9a6f-11dc-9f73-806d6172696f}
Shell\AutoRun\command =C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Info.exe protect.ed 480 480

HKCU\..\..\Explorer\MountPoints2\{8b4b13ca-3895-11dd-beb2-001a9215cd97}
Shell\AutoRun\command =M:\Info.exe folder.htt 480 480

HKCU\..\..\Explorer\MountPoints2\{a5efc290-304b-11dc-bc98-001a9215cd97}
Shell\AutoRun\command =G:\InstallTomTomHOME.exe

HKCU\..\..\Explorer\MountPoints2\{b1cb11f8-1838-11dd-9406-806d6172696f}
Shell\AutoRun\command =setupSNK.exe

HKCU\..\..\Explorer\MountPoints2\{b6555c71-9b2b-11dc-8712-001a9215cd97}
Shell\AutoRun\command =R:\setupSNK.exe

HKCU\..\..\Explorer\MountPoints2\{bbc9a118-8aa5-11dc-86e2-001a9215cd97}
Shell\AutoRun\command =L:\setupSNK.exe

HKCU\..\..\Explorer\MountPoints2\{db0dab28-1988-11dc-98e4-806d6172696f}
Shell\AutoRun\command =D:\Autorun.exe root.ini

################## | Vaccin |


################## | ! Fin du rapport # UsbFix V6.107 ! |









-----
I'm using <a href=http://www.savetubevideo.com>youtube downloader</a>

Rebonjour. Voilà j'ai suivi tes instructions à la lettre et MalwareByte's m'a trouvé quelques bestioles qui n'avaient jamais été détectées auparavant. Malheureusement, comme tu pourras le voir en bas de ce post, la signature non désirée apparaît toujours ! Un véritable casse-tête...
Voici les rapports demandés :

https://www.cjoint.com/?exlGL8JevE

Malwarebytes' Anti-Malware 1.45
www.malwarebytes.org

Version de la base de données: 4024

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

23/04/2010 10:45:43
mbam-log-2010-04-23 (10-45-43).txt

Type d'examen: Examen rapide
Elément(s) analysé(s): 125906
Temps écoulé: 1 heure(s), 21 minute(s), 58 seconde(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 11
Valeur(s) du Registre infectée(s): 1
Elément(s) de données du Registre infecté(s): 2
Dossier(s) infecté(s): 1
Fichier(s) infecté(s): 8

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\CLSID\{f334c7b0-8774-4d5b-bd7a-4f448d03a1ae} (Adware.SkyLab) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{2863e737-dd3f-4280-9af8-e9e79c16f312} (Adware.SkyMediaPack) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{f334c7b0-8774-4d5b-bd7a-4f448d03a1ae} (Adware.SkyLab) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{2863e737-dd3f-4280-9af8-e9e79c16f312} (Adware.SkyMediaPack) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{f334c7b0-8774-4d5b-bd7a-4f448d03a1ae} (Adware.SkyLab) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{2863e737-dd3f-4280-9af8-e9e79c16f312} (Adware.SkyMediaPack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2863e737-dd3f-4280-9af8-e9e79c16f312} (Adware.SkyMediaPack) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\SkyMedia (Adware.SkyMedia) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SaveTubeVideo_is1 (Adware.SkyLab) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\kbbar.kbbarband (Adware.7FaSSt) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\kbbar.kbbarband.1 (Adware.7FaSSt) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{f334c7b0-8774-4d5b-bd7a-4f448d03a1ae} (Adware.SkyLab) -> Quarantined and deleted successfully.

Elément(s) de données du Registre infecté(s):
HKEY_CURRENT_USER\SOFTWARE\Policies\Microsoft\Internet Explorer\Control Panel\Homepage (Hijack.Homepage) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Search\Local Page (Hijack.SearchPage) -> Bad: (http://www.iesearch.com/) Good: (https://www.google.com/?gws_rd=ssl -> Quarantined and deleted successfully.

Dossier(s) infecté(s):
C:\Documents and Settings\Dominique\Menu Démarrer\Programmes\BitDownload (Trojan.Swizzor) -> Quarantined and deleted successfully.

Fichier(s) infecté(s):
C:\Program Files\SaveTubeVideo\SaveTubeVideo.dll (Adware.SkyLab) -> Quarantined and deleted successfully.
C:\Program Files\SaveTubeVideo\MinBHO.dll (Adware.SkyMediaPack) -> Quarantined and deleted successfully.
C:\Documents and Settings\Dominique\x.exe (Worm.AutoRun.Gen) -> Quarantined and deleted successfully.
C:\Program Files\lame_enc.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\Program Files\MP2enc.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\Program Files\ogg.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\Program Files\vorbis.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\Program Files\vorbisenc.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.






-----
I'm using <a href=http://www.savetubevideo.com>youtube downloader</a>

Salut Dédétraqué. Un mot, un geste et voici le reste :

https://www.cjoint.com/?eyiLTftvPz

Tu as une idée d'où ça pourrait provenir ?







-----
I'm using <a href=http://www.savetubevideo.com>youtube downloader</a>

Bonsoir Dédétraqué. Toutes les manips ont bien fonctionné (facile quand on a de bons conseils ;-)) ).

Comme je peux le voir sur ce post, cette maudite signature n'apparaît plus et il semble que tu ais pu résoudre ce problème. Si à ton avis le problème est résolu, chapeau et grand merci pour l'aide !

Bonne soirée (tiens-moi au courant pour que je puisse éventuellement clore la discussion sur le forum).

Voici le rapport de OTM :

All processes killed
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SearchSettings\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Wambo\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\Program Files\Swapper\Swapper.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\Program Files\BitDownload\BitDownload.exe deleted successfully.
========== FILES ==========
C:\Program Files\SaveTubeVideo\FF\components folder moved successfully.
C:\Program Files\SaveTubeVideo\FF\chrome\skin folder moved successfully.
C:\Program Files\SaveTubeVideo\FF\chrome\locale\en-US folder moved successfully.
C:\Program Files\SaveTubeVideo\FF\chrome\locale folder moved successfully.
C:\Program Files\SaveTubeVideo\FF\chrome\content folder moved successfully.
C:\Program Files\SaveTubeVideo\FF\chrome folder moved successfully.
C:\Program Files\SaveTubeVideo\FF folder moved successfully.
C:\Program Files\SaveTubeVideo folder moved successfully.
C:\Program Files\Swapper\backup folder moved successfully.
C:\Program Files\Swapper folder moved successfully.
File/Folder C:\Program Files\BitDownload not found.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33438 bytes
->Flash cache emptied: 41 bytes

User: Dominique
->Temp folder emptied: 1288511 bytes
->Temporary Internet Files folder emptied: 12538903 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 32604288 bytes
->Google Chrome cache emptied: 0 bytes
->Apple Safari cache emptied: 11403154 bytes
->Opera cache emptied: 5238478 bytes
->Flash cache emptied: 4857 bytes

User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 13995282 bytes

User: NetworkService
->Temp folder emptied: 909490 bytes
->Temporary Internet Files folder emptied: 1385355 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 11922877 bytes
%systemroot%\System32 .tmp files removed: 13529088 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 43431 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 28580190 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 4028905 bytes

Total Files Cleaned = 131,00 mb


OTM by OldTimer - Version 3.1.10.2 log created on 04242010_175014

Files moved on Reboot...
File C:\Documents and Settings\Dominique\Local Settings\Temp\~DF8B51.tmp not found!
File C:\Documents and Settings\Dominique\Local Settings\Temp\~DF8B77.tmp not found!

Registry entries deleted on Reboot...

Bonjour Dédétraqué. Voici le rapport USBFix après option 2 :

https://www.cjoint.com/?ezjhCPTlCN

Salut Dédétraqué. Ouf ! Presque 32 heures de scan avec Nod32 et la découverte de quelques bestioles restantes... Voici le rapport demandé :

ESETSmartInstaller@High as CAB hook log:
OnlineScanner.ocx - registred OK
# version=7
# iexplore.exe=8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)
# OnlineScanner.ocx=1.0.0.6211
# api_version=3.0.2
# EOSSerial=53384c6c8f8c7447be29693e625484e2
# end=stopped
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2010-04-26 05:45:25
# local_time=2010-04-26 07:45:25 (+0100, Paris, Madrid (heure d'été))
# country="Belgium"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=512 16777215 100 0 136750 136750 0 0
# compatibility_mode=768 16777215 100 0 33591355 33591355 0 0
# compatibility_mode=1280 16777175 100 0 7494020 7494020 0 0
# compatibility_mode=8192 67108863 100 0 552 552 0 0
# scanned=48
# found=0
# cleaned=0
# scan_time=409
esets_scanner_update returned -1 esets_gle=53251
# version=7
# iexplore.exe=8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)
# OnlineScanner.ocx=1.0.0.6211
# api_version=3.0.2
# EOSSerial=53384c6c8f8c7447be29693e625484e2
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2010-04-27 01:12:51
# local_time=2010-04-27 03:12:51 (+0100, Paris, Madrid (heure d'été))
# country="Belgium"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=512 16777215 100 0 136812 136812 0 0
# compatibility_mode=768 16777215 100 0 33591417 33591417 0 0
# compatibility_mode=1280 16777175 100 0 7494082 7494082 0 0
# compatibility_mode=8192 67108863 100 0 614 614 0 0
# scanned=600567
# found=30
# cleaned=30
# scan_time=26806
C:\Documents and Settings\Dominique\Bureau\CLE USB KINGSTON 2 GB\Nero-8.2.8.0_fra_update.exe Win32/Toolbar.AskSBar application (deleted - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\Dominique\Mes documents\Programmes et utilitaires\Nero_BackItUpAndBurn-1.0.5_update.exe Win32/Toolbar.AskSBar application (deleted - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\Dominique\Mes documents\Programmes et utilitaires\PROGRAMMES DIVERS\Nero-7.10.1.0_fra_update.exe Win32/Toolbar.AskSBar application (deleted - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\Dominique\Mes documents\Programmes et utilitaires\RT MUSIC 07 MAI 09\Ma musique\04 Track 4.wma Win32/Adware.180Solutions application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\Dominique\Mes documents\VIDAGE CLE 8 GB DATATRAVELER - 17 FEV 2010\Nero-8.3.6.0_fra_update.exe Win32/Toolbar.AskSBar application (deleted - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\Dominique\Mes documents\VIDAGE CLE 8 GB DATATRAVELER - 17 FEV 2010\Toolbar.exe Win32/Toolbar.AskSBar application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\System Volume Information\_restore{1EBC13B2-0CF9-4ED4-8F08-C071077E1065}\RP1\A0001445.exe Win32/Toolbar.AskSBar application (deleted - quarantined) 00000000000000000000000000000000 C
E:\Tracy Lawernce - Time Marches Onn.wma WMA/TrojanDownloader.Wimad.NAG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
K:\Programmes téléchargés\kf14.zip Win32/PSWTool.RAS.A application (deleted - quarantined) 00000000000000000000000000000000 C
K:\Programmes téléchargés\Nero-7.10.1.0_fra_update.exe Win32/Toolbar.AskSBar application (deleted - quarantined) 00000000000000000000000000000000 C
K:\Programmes téléchargés\Nero-7.10.1.2_all_update.exe Win32/Toolbar.AskSBar application (deleted - quarantined) 00000000000000000000000000000000 C
K:\Programmes téléchargés\Nero-8.2.8.0_fra_update.exe Win32/Toolbar.AskSBar application (deleted - quarantined) 00000000000000000000000000000000 C
K:\Programmes téléchargés\Nero-8.2.8.0_fra_update_bis.exe Win32/Toolbar.AskSBar application (deleted - quarantined) 00000000000000000000000000000000 C
K:\Programmes téléchargés\Nero-8.3.13.0_all_update.exe Win32/Toolbar.AskSBar application (deleted - quarantined) 00000000000000000000000000000000 C
K:\System Volume Information\_restore{1EBC13B2-0CF9-4ED4-8F08-C071077E1065}\RP2\A0001614.exe Win32/Toolbar.AskSBar application (deleted - quarantined) 00000000000000000000000000000000 C
K:\System Volume Information\_restore{1EBC13B2-0CF9-4ED4-8F08-C071077E1065}\RP2\A0001615.exe Win32/Toolbar.AskSBar application (deleted - quarantined) 00000000000000000000000000000000 C
K:\System Volume Information\_restore{1EBC13B2-0CF9-4ED4-8F08-C071077E1065}\RP2\A0001616.exe Win32/Toolbar.AskSBar application (deleted - quarantined) 00000000000000000000000000000000 C
K:\System Volume Information\_restore{1EBC13B2-0CF9-4ED4-8F08-C071077E1065}\RP2\A0001617.exe Win32/Toolbar.AskSBar application (deleted - quarantined) 00000000000000000000000000000000 C
K:\System Volume Information\_restore{1EBC13B2-0CF9-4ED4-8F08-C071077E1065}\RP2\A0001618.exe Win32/Toolbar.AskSBar application (deleted - quarantined) 00000000000000000000000000000000 C
M:\Programmes téléchargés bis\kf14.zip Win32/PSWTool.RAS.A application (deleted - quarantined) 00000000000000000000000000000000 C
M:\Programmes téléchargés bis\Nero-7.10.1.0_fra_update.exe Win32/Toolbar.AskSBar application (deleted - quarantined) 00000000000000000000000000000000 C
M:\Programmes téléchargés bis\Nero-7.10.1.2_all_update.exe Win32/Toolbar.AskSBar application (deleted - quarantined) 00000000000000000000000000000000 C
M:\Programmes téléchargés bis\Nero-8.2.8.0_fra_update.exe Win32/Toolbar.AskSBar application (deleted - quarantined) 00000000000000000000000000000000 C
M:\Programmes téléchargés bis\Nero-8.2.8.0_fra_update_bis.exe Win32/Toolbar.AskSBar application (deleted - quarantined) 00000000000000000000000000000000 C
M:\Programmes téléchargés bis\Nero-8.3.13.0_all_update.exe Win32/Toolbar.AskSBar application (deleted - quarantined) 00000000000000000000000000000000 C
M:\System Volume Information\_restore{1EBC13B2-0CF9-4ED4-8F08-C071077E1065}\RP2\A0001619.exe Win32/Toolbar.AskSBar application (deleted - quarantined) 00000000000000000000000000000000 C
M:\System Volume Information\_restore{1EBC13B2-0CF9-4ED4-8F08-C071077E1065}\RP2\A0001621.exe Win32/Toolbar.AskSBar application (deleted - quarantined) 00000000000000000000000000000000 C
M:\System Volume Information\_restore{1EBC13B2-0CF9-4ED4-8F08-C071077E1065}\RP2\A0001622.exe Win32/Toolbar.AskSBar application (deleted - quarantined) 00000000000000000000000000000000 C
M:\System Volume Information\_restore{1EBC13B2-0CF9-4ED4-8F08-C071077E1065}\RP2\A0001626.exe Win32/Toolbar.AskSBar application (deleted - quarantined) 00000000000000000000000000000000 C
M:\System Volume Information\_restore{1EBC13B2-0CF9-4ED4-8F08-C071077E1065}\RP2\A0001627.exe Win32/Toolbar.AskSBar application (deleted - quarantined) 00000000000000000000000000000000 C

Salut Dédétraqué. J'ai suivi tes instructions à la lettre et tout s'est bien déroulé, les outils de nettoyage ont été supprimé sans aucun problème. Pas de problème non plus au niveau de la mise à jour de mes logiciels. Ci-dessous le rapport de Tools Cleaner. J'attends ta réponse mais quoi qu'il en soit, merci pour ton aide et tes compétences :

[ Rapport ToolsCleaner version 2.3.11 (par A.Rothstein & dj QUIOU) ]

--> Recherche:

C:\UsbFix.txt: trouvé !
C:\_OTM: trouvé !
C:\UsbFix: trouvé !
C:\Rsit: trouvé !
C:\Documents and Settings\Dominique\Bureau\UsbFix.exe: trouvé !
C:\Documents and Settings\Dominique\Mes documents\Documents and Settings\Dominique\Bureau\HijackThis: trouvé !
C:\Documents and Settings\Dominique\Mes documents\Documents and Settings\Dominique\Bureau\hijackthis\HijackThis.exe: trouvé !
C:\Documents and Settings\Dominique\Mes documents\Téléchargements\OTM.exe: trouvé !
C:\Documents and Settings\Dominique\Mes documents\Téléchargements\Rsit.exe: trouvé !
C:\Program Files\trend micro\HijackThis.exe: trouvé !
C:\Program Files\trend micro\hijackthis.log: trouvé !
C:\Program Files\VCOM\Fix-It\LSPFix.exe: trouvé !
C:\WINDOWS\WINDOWS\Gmer.exe: trouvé !

---------------------------------
--> Suppression:

C:\Documents and Settings\Dominique\Mes documents\Documents and Settings\Dominique\Bureau\hijackthis\HijackThis.exe: supprimé !
C:\Documents and Settings\Dominique\Mes documents\Téléchargements\OTM.exe: supprimé !
C:\Program Files\trend micro\HijackThis.exe: supprimé !
C:\Program Files\VCOM\Fix-It\LSPFix.exe: supprimé !
C:\WINDOWS\WINDOWS\Gmer.exe: supprimé !
C:\UsbFix.txt: supprimé !
C:\Documents and Settings\Dominique\Bureau\UsbFix.exe: supprimé !
C:\Documents and Settings\Dominique\Mes documents\Téléchargements\Rsit.exe: supprimé !
C:\Program Files\trend micro\hijackthis.log: supprimé !
C:\_OTM: supprimé !
C:\UsbFix: supprimé !
C:\Rsit: supprimé !
C:\Documents and Settings\Dominique\Mes documents\Documents and Settings\Dominique\Bureau\HijackThis: supprimé !

Point de restauration crée !
Corbeille vidée!
Fichiers temporaires nettoyés !

Bonjour. Merci pour tous tes précieux conseils. Cela a été un vrai plaisir d'être guidé comme je l'ai été. Bon week-end.