PC ralenti

Salut loloetseb , j'ai un problème je n'arrive pas à télécharger Random's System Information Tool (RSIT).
J'ai la la fenêtre de téléchargement qui s'ouvre mais la barre de progression se bloque après quelques secondes,(ça fait presque 1 heure que j'essaye !)
j'ai essayé d'aller sur le site mais pareil la page met un temps fou à s'ouvrir et pour le téléchargement c'est pareil.
Merci à toi

Ca a été super long à télécharger mais enfin le téléchargement a réussi . Voici le rapport :


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:49, on 27/04/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Documents and Settings\Administrateur\Local Settings\Application Data\Votre Opinion\PanelApp\PanelApp.exe
C:\Program Files\Orange HSS\Orange Desktop Search\OrangeDesktopSearch.exe
C:\Program Files\OrangeHSS\Launcher\Launcher.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\AlertModule\1\AlertModule.exe
C:\Program Files\OrangeHSS\systray\systrayapp.exe
C:\Program Files\OrangeHSS\connectivity\connectivitymanager.exe
C:\Program Files\OrangeHSS\connectivity\CoreCom\CoreCom.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\1\FTRTSVC.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
C:\WINDOWS\System32\TUProgSt.exe
C:\Program Files\OrangeHSS\connectivity\CoreCom\OraConfigRecover.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTCOMModule\1\FTCOMModule.exe
C:\Documents and Settings\Administrateur\Mes documents\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.trooner.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.trooner.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\OrangeHSS\SearchURLHook\SearchPageURL.dll
R3 - URLSearchHook: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O4 - HKLM\..\Run: [EPSON Stylus Photo RX420 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9CE.EXE /P31 "EPSON Stylus Photo RX420 Series" /O6 "USB001" /M "Stylus Photo RX420"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [ORAHSSSessionManager] C:\Program Files\OrangeHSS\SessionManager\SessionManager.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [PanelApp] C:\Documents and Settings\Administrateur\Local Settings\Application Data\Votre Opinion\PanelApp\PanelApp.exe
O4 - HKCU\..\Run: [Orange Desktop Search] "C:\Program Files\Orange HSS\Orange Desktop Search\OrangeDesktopSearch.exe" /tray
O4 - Global Startup: Utilitaire réseau pour SAGEM Wi-Fi 11g USB adapter.lnk = ?
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O14 - IERESET.INF: START_PAGE_URL=https://www.google.fr/?gws_rd=ssl
O15 - Trusted Zone: http://*.mappy.com
O15 - Trusted Zone: http://*.orange.fr
O15 - Trusted Zone: http://www.toilokdo.com
O15 - Trusted Zone: http://rw.search.ke.voila.fr
O15 - Trusted Zone: http://orange.weborama.fr
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {0B79F48A-E8D6-11DB-9283-E25056D89593} (F-Secure Online Scanner 3.1) - https://www.f-secure.com/en/home/support
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {79E0C1C0-316D-11D5-A72A-006097BFA1AC} (EPSON Web Printer-SelfTest Control Class) - https://www.epson.eu/support/
O16 - DPF: {BD8667B7-38D8-4C77-B580-18C3E146372C} (Creative Toolbox Plug-in) - http://kiw.imgag.com/imgag/cp/install/crusher-kiwen.cab
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Securitoo Antivirus Firewall (BackWeb Plug-in - 8520111) - Unknown owner - C:\PROGRA~1\SECURI~1\Av_Fw\backweb\8520111\Program\SERVIC~1.EXE (file missing)
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\1\FTRTSVC.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InCD File System Service (InCDsrv) - AHEAD Software - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: PanelSvc - Unknown owner - C:\Program Files\Votre Opinion\PanelApp\PanelSvc.exe (file missing)
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\WINDOWS\System32\TUProgSt.exe
O23 - Service: Windows User Mode Driver Framework (UMWdf) - Unknown owner - C:\WINDOWS\system32\wdfmgr.exe (file missing)
O23 - Service: Uninterruptible Power Supply (UPS) - Unknown owner - C:\WINDOWS\System32\ups.exe (file missing)
O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Program Files\Windows Live\installer\WLSetupSvc.exe

J'ai enfin réussi à télécharger "RSIT.exe" !
Je te poste les 2 rapports si ça peut te servir


info.txt logfile of random's system information tool 1.06 2009-04-27 20:56:50

======Uninstall list======

-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{23EFDB58-0874-4883-9810-EDA510B19FAE}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2BB79C8D-9DCC-4861-8A23-AE1B0B45E2B6}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3C1B8CBC-9118-11D7-86D3-00055DF3561E}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{775FFF70-4A8C-4500-908D-3C34DBEB11D5}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{83021AC3-086F-4B77-ACCD-1BD7C9AB211E}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B14F9B26-D695-4C4A-8B11-0FE6CDCC797B}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E213C271-AEFA-481D-A9B4-914D88925B8D}\setup.exe" -l0x9
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Ad-Aware-->MsiExec.exe /I{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Flash Player 9 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\FlashUtil9b.exe -uninstallDelete
Adobe Product/Adobe Studio Update 10/2001-->"C:\Program Files\InstallShield Installation Information\{73006B34-9743-4A39-AC37-38EDFCEB6DCE}\setup.exe"
Adobe Reader 8.1.3-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81300000003}
Adobe Shockwave Player-->C:\WINDOWS\system32\Adobe\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Adobe\SHOCKW~1\Install.log
Ahead InCD EasyWrite Reader-->C:\WINDOWS\unmrw.exe /UNINSTALL
Ahead InCD-->C:\WINDOWS\NuNInst.exe /UNINSTALL
Ahead NeroMediaPlayer-->C:\WINDOWS\UNNMP.exe /UNINSTALL
Ahead NeroVision Express-->C:\WINDOWS\UNNeroVision.exe /UNINSTALL
Alt-Tab Task Switcher Powertoy for Windows XP-->MsiExec.exe /I{A7050037-F0EA-4BAB-BCD5-FC05507D6147}
ATI - Utilitaire de désinstallation du logiciel-->C:\Program Files\ATI Technologies\UninstallAll\AtiCimUn.exe
ATI Control Panel-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0BEDBD4E-2D34-47B5-9973-57E62B29307C}\setup.exe"
ATI Display Driver-->rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean
Avira AntiVir Personal - Free Antivirus-->C:\Program Files\Avira\AntiVir PersonalEdition Classic\SETUP.EXE /REMOVE
Barre d'outils Outlook de Windows Live (Windows Live Toolbar)-->MsiExec.exe /X{4002F73D-EBB3-4EA1-A2FF-DBCB4529759E}
Bloqueur de fenêtres pop-up (Windows Live Toolbar)-->MsiExec.exe /X{51F366F4-C2E4-429A-866A-59C885ED42FD}
CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
Compel Adaptec WinASPI-->"C:\Program Files\WinASPI\unins000.exe"
ConvertXtoDVD 2.2.2.256-->"C:\Program Files\vso\ConvertXtoDVD\unins000.exe"
Détecteur de flux Windows Live Toolbar (Windows Live Toolbar)-->MsiExec.exe /X{175B7C4A-CAF8-437A-B597-73E0D2D970FE}
DVD Shrink 3.2-->"C:\Program Files\DVD Shrink\unins000.exe"
eMule-->"E:\Program Files\eMule\Uninstall.exe"
EPSON CardMonitor-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{109D28C7-FB38-483A-9C91-001CB59E2699}\SETUP.EXE" -l0x40c uninst
EPSON Copy Utility 3-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{67EDD823-135A-4D59-87BD-950616D6E857}\Setup.exe" -l0x40c -UnInstall
EPSON Logiciel imprimante-->C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\EPUPDATE.EXE /R
EPSON PhotoQuicker3.5-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{65F5B7AF-3363-11D7-BB6B-00018021113F}\SETUP.EXE" -l0x40c uninst
EPSON PhotoStarter3.1-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C48817E7-AA05-4151-A99D-1E1E550CE801}\SETUP.EXE" -l0x40c uninst
EPSON PRINT Image Framer Tool2.1-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{23B59ED4-C360-11D7-875B-0090CC005647}\SETUP.EXE" -l0x40c anything
EPSON Scan-->C:\Program Files\epson\escndv\setup\setup.exe /r
EPSON Smart Panel-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6C11D561-620B-47DA-A693-4C597F3CDF40}\SETUP.EXE" -l0x40c Uninstall
EPSON Web-To-Page-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7F14F68C-17FA-4F88-B3FD-7F449C1EBF32}\SETUP.EXE" -l0x40c -anything
ESPRX420 Guide de réf.-->C:\Program Files\EPSON\TPMANUAL\ESPRX420\REF_G\DOCUNINS.EXE
ESPRX420 Guide des logiciels-->C:\Program Files\EPSON\TPMANUAL\ESPRX420\PQU_G\DOCUNINS.EXE
Etiquettes CD-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\DATA BECKER\Etiquettes CD\cdd4.isu"
Extension de Windows Live Toolbar (Windows Live Toolbar)-->MsiExec.exe /X{D518AD32-C710-4616-BA0D-D4B1FA5F82E8}
FBrowsingAdvisor-->"C:\Program Files\FBrowsingAdvisor\unins000.exe"
Free Mp3 Wma Converter V 1.6.3-->"C:\Program Files\Free Audio Pack\unins000.exe"
Google Toolbar for Internet Explorer-->regsvr32 /u /s "c:\program files\google\googletoolbar2.dll"
HijackThis 2.0.2-->"C:\Documents and Settings\Administrateur\Mes documents\HijackThis.exe" /uninstall
HOTZIC CD Burner V1.1-->C:\WINDOWS\st6unst.exe -n "C:\Program Files\HotzicBurner\ST6UNST.LOG"
J2SE Runtime Environment 5.0-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150000}
Java(TM) 6 Update 13-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216011FF}
Java(TM) 6 Update 2-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160020}
Java(TM) 6 Update 3-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}
Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
Java(TM) SE Runtime Environment 6 Update 1-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160010}
K-Lite Codec Pack 2.84 Full-->"C:\Program Files\K-Lite Codec Pack\unins000.exe"
Lecteur Windows Media 10-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
LimeWire 4.18.8-->"C:\Program Files\LimeWire\uninstall.exe"
Livebox-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FC7DDAAE-7F2B-4270-9BFD-5A130B667E9E}\Setup.exe" -l0x40c
LiveUpdate-->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{BAFA84F8-5A33-4ACD-AD10-58356B27A0F1}
Logitech Audio Echo Cancellation Component-->MsiExec.exe /X{BEF726DD-4037-4214-8C6A-E625C02D2870}
Logitech QuickCam-->MsiExec.exe /X{364EC092-93CF-4DDC-9D7A-7278452028E0}
Logitech Video Enumerator-->MsiExec.exe /X{EA516024-D84D-41F1-814F-83175A6188F2}
Menus intelligents (Windows Live Toolbar)-->MsiExec.exe /X{3585ED1C-74C5-43B0-A232-831B96A12A2B}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.exe
Microsoft Office 2000 CD-ROM 2-->MsiExec.exe /I{0004040C-78E1-11D2-B60F-006097C998E7}
Microsoft Office 2000 Professional-->MsiExec.exe /I{0001040C-78E1-11D2-B60F-006097C998E7}
Mozilla Firefox (3.0.9)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MVision-->MsiExec.exe /I{35725FBC-A136-4A46-9F29-091759D9BB93}
Navigation par onglets (Windows Live Toolbar)-->MsiExec.exe /X{E74559C2-BB47-45AD-83DD-0D66B67E7811}
Nero 6 Enterprise Edition-->C:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL
OneCare Advisor (Windows Live Toolbar)-->MsiExec.exe /X{F242B06B-517F-4D62-B654-16B11564A912}
OpenOffice.org Installer 1.0-->MsiExec.exe /X{3A2AF807-9F9F-43C9-A24A-17B617238B74}
Orange - Logiciels Internet-->C:\Program Files\OrangeHSS\installation\core\Installgui.exe -u
Outil de mise à jour Google-->"C:\Program Files\Google\Google Updater\GoogleUpdater.exe" -uninstall
PhotoImpression 5-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{66C8BE35-8BBB-472B-96C7-C7C9A499F988}\SETUP.EXE" -l0x40c
Picasa 2-->"C:\Program Files\Picasa2\Uninstall.exe"
PIF DESIGNER2.1-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7BD0A2D8-4EA0-43C6-BDF8-DDA87B8031C6}\SETUP.EXE" -l0x40c anything
Pilotes ATI-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A20C66D4-69CE-4421-ADFC-2759CF0A24FD}\setup.exe"
Pilotes ATI-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CE65A3B9-08C3-4A2F-B2CB-8EAC3F17F440}\setup.exe"
Programme de gestion Camera de Logitech®-->"C:\Program Files\Fichiers communs\LogiShrd\QCDRV\BIN\SETUP.EXE" UNINSTALL REMOVEPROMPT
Programme Votre Opinion-->MsiExec.exe /I{D5EA1755-1899-4380-A4BA-83840648CBDA}
QuickTime Alternative 1.47-->"C:\Program Files\QuickTime Alternative\unins000.exe"
SAGEM Wi-Fi 11g USB adapter (Driver)-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7421E270-0140-4F62-AE39-ECB9F1C81B35}\setup.exe" -l0x40c
SAGEM Wi-Fi 11g USB adapter (Tool)-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A11CA13A-07D2-40DF-A274-9D516FE06A16}\Setup.exe" -l0x40c
ScanToWeb-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EBAE381B-60A6-4863-AA9F-FCAB755BC9E5}\SETUP.EXE" ADDREMOVEDLG
Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe"
SpywareBlaster 4.2-->"C:\Program Files\SpywareBlaster\unins000.exe"
StuffPlug 3-->C:\Program Files\StuffPlug3\Uninstall.exe
Super Blank 3.01-->"C:\Program Files\SuperBlank\unins000.exe"
Tom Clancy's Splinter Cell Chaos Theory-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BABAEBE4-9FFB-4B5D-9453-64FF11517CA2}\setup.exe" -l0x40c -removeonly
TuneUp Utilities 2009-->MsiExec.exe /I{55A29068-F2CE-456C-9148-C869879E2357}
VLC media player 0.9.8a-->C:\Program Files\VideoLAN\VLC\uninstall.exe
WinAVIVideoConverter-->"C:\Program Files\WinAVIVideoConverter\unins000.exe"
Windows Live Favorites pour Windows Live Toolbar-->MsiExec.exe /X{DCE65B11-710D-4C54-9DE5-1A6A0BD2186B}
Windows Live installer-->MsiExec.exe /I{A90D10BA-1E82-44E1-87DE-56A22BA151DA}
Windows Live Messenger-->MsiExec.exe /I{F6326B60-1B1D-4ABF-BFCD-7B7404F44411}
Windows Live OneCare safety scanner-->RunDll32.exe "C:\Program Files\Windows Live Safety Center\wlscCore.dll",UninstallFunction WLSC_SCANNER_PRODUCT
Windows Live Sign-in Assistant-->MsiExec.exe /I{49672EC2-171B-47B4-8CE7-50D7806360D7}
Windows Live Toolbar-->MsiExec.exe /X{05AE605F-3146-46ED-BC52-0A14EBF57962}
Windows Media Format Runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}

======Hosts File======

127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com

Securitycenter WMI appears to be broken

======System event log======

Computer Name: PCTITAN
Event Code: 4201
Message: Le système a détecté que la carte réseau Sagem XG703 USB 802.11g était connectée au réseau,
et a lancé une opération normale sur la carte réseau.

Record Number: 103838
Source Name: Tcpip
Time Written: 20090419121453.000000+120
Event Type: Informations
User:

Computer Name: PCTITAN
Event Code: 4201
Message: Le système a détecté que la carte réseau Sagem XG703 USB 802.11g était connectée au réseau,
et a lancé une opération normale sur la carte réseau.

Record Number: 103837
Source Name: Tcpip
Time Written: 20090419121448.000000+120
Event Type: Informations
User:

Computer Name: PCTITAN
Event Code: 7011
Message: Délai (30000 millisecondes) d'attente pour une réponse du service Dnscache à une transaction.

Record Number: 103836
Source Name: Service Control Manager
Time Written: 20090419121439.000000+120
Event Type: erreur
User:

Computer Name: PCTITAN
Event Code: 4201
Message: Le système a détecté que la carte réseau Sagem XG703 USB 802.11g était connectée au réseau,
et a lancé une opération normale sur la carte réseau.

Record Number: 103835
Source Name: Tcpip
Time Written: 20090419121408.000000+120
Event Type: Informations
User:

Computer Name: PCTITAN
Event Code: 4201
Message: Le système a détecté que la carte réseau Sagem XG703 USB 802.11g était connectée au réseau,
et a lancé une opération normale sur la carte réseau.

Record Number: 103834
Source Name: Tcpip
Time Written: 20090419121403.000000+120
Event Type: Informations
User:

=====Application event log=====

Computer Name: PCTITAN
Event Code: 1004
Message: Échec de détection du produit '{364EC092-93CF-4DDC-9D7A-7278452028E0}', fonctionnalité 'QuickCam', composant '{B52C7B4D-F46F-438C-ADF2-05A138C57757}. La ressource 'HKEY_CURRENT_USER\Software\Logitech\QuickCam10\DesktopShortcutKey' n'existe pas

Record Number: 25339
Source Name: MsiInstaller
Time Written: 20090123112447.000000+060
Event Type: Avertissement
User: AUTORITE NT\SERVICE RÉSEAU

Computer Name: PCTITAN
Event Code: 0
Message:
Record Number: 25338
Source Name: gusvc
Time Written: 20090123112442.000000+060
Event Type: Informations
User:

Computer Name: PCTITAN
Event Code: 105
Message: The service was started.

Record Number: 25337
Source Name: ATI Smart
Time Written: 20090123112441.000000+060
Event Type: Informations
User:

Computer Name: PCTITAN
Event Code: 1517
Message: Windows a sauvegardé le Registre utilisateur PCTITAN\Administrateur alors qu'une application ou un service utilisait toujours le Registre pendant la fermeture de la session. La mémoire utilisée par le Registre de l'utilisateur n'a pas été libérée. le Registre sera déchargé lorsqu'il ne sera plus utilisé.


Cela est souvent causé par des services s'exécutant en tant que compte d'utilisateur, essayez de configurer les services pour s'exécuter dans le compte service réseau ou service local.

Record Number: 25336
Source Name: Userenv
Time Written: 20090122223237.000000+060
Event Type: Avertissement
User: AUTORITE NT\SYSTEM

Computer Name: PCTITAN
Event Code: 0
Message:
Record Number: 25335
Source Name: LVCOMSer
Time Written: 20090122180240.000000+060
Event Type: Informations
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%systemroot%\system32;%systemroot%;%systemroot%\system32\wbem;C:\Program Files\ATI Technologies\ATI Control Panel;C:\Program Files\Fichiers communs\Roxio Shared\DLLShared
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 2 Stepping 9, GenuineIntel
"PROCESSOR_REVISION"=0209
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"DEVMGR_SHOW_DETAILS"=1

-----------------EOF-----------------

et voici la seconde partie :


Logfile of random's system information tool 1.06 (written by random/random)
Run by Administrateur at 2009-04-27 20:56:19
Microsoft Windows XP Professionnel Service Pack 2
System drive C: has 9 GB (46%) free of 20 GB
Total RAM: 511 MB (28% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:56, on 27/04/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Documents and Settings\Administrateur\Local Settings\Application Data\Votre Opinion\PanelApp\PanelApp.exe
C:\Program Files\Orange HSS\Orange Desktop Search\OrangeDesktopSearch.exe
C:\Program Files\OrangeHSS\Launcher\Launcher.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\AlertModule\1\AlertModule.exe
C:\Program Files\OrangeHSS\systray\systrayapp.exe
C:\Program Files\OrangeHSS\connectivity\connectivitymanager.exe
C:\Program Files\OrangeHSS\connectivity\CoreCom\CoreCom.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\1\FTRTSVC.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
C:\WINDOWS\System32\TUProgSt.exe
C:\Program Files\OrangeHSS\connectivity\CoreCom\OraConfigRecover.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTCOMModule\1\FTCOMModule.exe
C:\Documents and Settings\Administrateur\Mes documents\RSIT.exe
C:\Documents and Settings\Administrateur\Mes documents\Administrateur.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.trooner.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.trooner.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\OrangeHSS\SearchURLHook\SearchPageURL.dll
R3 - URLSearchHook: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O4 - HKLM\..\Run: [EPSON Stylus Photo RX420 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9CE.EXE /P31 "EPSON Stylus Photo RX420 Series" /O6 "USB001" /M "Stylus Photo RX420"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [ORAHSSSessionManager] C:\Program Files\OrangeHSS\SessionManager\SessionManager.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [PanelApp] C:\Documents and Settings\Administrateur\Local Settings\Application Data\Votre Opinion\PanelApp\PanelApp.exe
O4 - HKCU\..\Run: [Orange Desktop Search] "C:\Program Files\Orange HSS\Orange Desktop Search\OrangeDesktopSearch.exe" /tray
O4 - Global Startup: Utilitaire réseau pour SAGEM Wi-Fi 11g USB adapter.lnk = ?
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O14 - IERESET.INF: START_PAGE_URL=https://www.google.fr/?gws_rd=ssl
O15 - Trusted Zone: http://*.mappy.com
O15 - Trusted Zone: http://*.orange.fr
O15 - Trusted Zone: http://www.toilokdo.com
O15 - Trusted Zone: http://rw.search.ke.voila.fr
O15 - Trusted Zone: http://orange.weborama.fr
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {0B79F48A-E8D6-11DB-9283-E25056D89593} (F-Secure Online Scanner 3.1) - https://www.f-secure.com/en/home/support
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {79E0C1C0-316D-11D5-A72A-006097BFA1AC} (EPSON Web Printer-SelfTest Control Class) - https://www.epson.eu/support/
O16 - DPF: {BD8667B7-38D8-4C77-B580-18C3E146372C} (Creative Toolbox Plug-in) - http://kiw.imgag.com/imgag/cp/install/crusher-kiwen.cab
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Securitoo Antivirus Firewall (BackWeb Plug-in - 8520111) - Unknown owner - C:\PROGRA~1\SECURI~1\Av_Fw\backweb\8520111\Program\SERVIC~1.EXE (file missing)
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\1\FTRTSVC.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InCD File System Service (InCDsrv) - AHEAD Software - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: PanelSvc - Unknown owner - C:\Program Files\Votre Opinion\PanelApp\PanelSvc.exe (file missing)
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\WINDOWS\System32\TUProgSt.exe
O23 - Service: Windows User Mode Driver Framework (UMWdf) - Unknown owner - C:\WINDOWS\system32\wdfmgr.exe (file missing)
O23 - Service: Uninterruptible Power Supply (UPS) - Unknown owner - C:\WINDOWS\System32\ups.exe (file missing)
O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Program Files\Windows Live\installer\WLSetupSvc.exe

ok merci

je te poste le rapport de Otmove it3



========== PROCESSES ==========
Process explorer.exe killed successfully.
========== FILES ==========
c:\program files\FBrowsingAdvisor moved successfully.
========== COMMANDS ==========
File delete failed. C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\etilqs_0ngLVTUI3NagyqtN2xF0 scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\Perflib_Perfdata_4c8.dat scheduled to be deleted on reboot.
User's Temp folder emptied.
User's Internet Explorer cache folder emptied.
File delete failed. C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
User's Temporary Internet Files folder emptied.
Local Service Temp folder emptied.
Local Service Temporary Internet Files folder emptied.
Network Service Temp folder emptied.
Network Service Temporary Internet Files folder emptied.
File delete failed. C:\WINDOWS\temp\Perflib_Perfdata_788.dat scheduled to be deleted on reboot.
Windows Temp folder emptied.
Java cache emptied.
File delete failed. C:\Documents and Settings\Administrateur\Local Settings\Application Data\Mozilla\Firefox\Profiles\0plmbwln.default\Cache\_CACHE_001_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Administrateur\Local Settings\Application Data\Mozilla\Firefox\Profiles\0plmbwln.default\Cache\_CACHE_002_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Administrateur\Local Settings\Application Data\Mozilla\Firefox\Profiles\0plmbwln.default\Cache\_CACHE_003_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Administrateur\Local Settings\Application Data\Mozilla\Firefox\Profiles\0plmbwln.default\Cache\_CACHE_MAP_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Administrateur\Local Settings\Application Data\Mozilla\Firefox\Profiles\0plmbwln.default\urlclassifier3.sqlite scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Administrateur\Local Settings\Application Data\Mozilla\Firefox\Profiles\0plmbwln.default\XUL.mfl scheduled to be deleted on reboot.
FireFox cache emptied.
Temp folders emptied.
Explorer started successfully

OTMoveIt3 by OldTimer - Version 1.0.11.0 log created on 04272009_213856

Files moved on Reboot...
File C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\etilqs_0ngLVTUI3NagyqtN2xF0 not found!
File C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\Perflib_Perfdata_4c8.dat not found!
C:\WINDOWS\temp\Perflib_Perfdata_788.dat moved successfully.
C:\Documents and Settings\Administrateur\Local Settings\Application Data\Mozilla\Firefox\Profiles\0plmbwln.default\Cache\_CACHE_001_ moved successfully.
C:\Documents and Settings\Administrateur\Local Settings\Application Data\Mozilla\Firefox\Profiles\0plmbwln.default\Cache\_CACHE_002_ moved successfully.
C:\Documents and Settings\Administrateur\Local Settings\Application Data\Mozilla\Firefox\Profiles\0plmbwln.default\Cache\_CACHE_003_ moved successfully.
C:\Documents and Settings\Administrateur\Local Settings\Application Data\Mozilla\Firefox\Profiles\0plmbwln.default\Cache\_CACHE_MAP_ moved successfully.
C:\Documents and Settings\Administrateur\Local Settings\Application Data\Mozilla\Firefox\Profiles\0plmbwln.default\urlclassifier3.sqlite moved successfully.
C:\Documents and Settings\Administrateur\Local Settings\Application Data\Mozilla\Firefox\Profiles\0plmbwln.default\XUL.mfl moved successfully.



Je continue à faire le reste et je te le poste dès que j'ai fini.
Merci à toi

Salut, voici le rapport de Malwarebytes :


Malwarebytes' Anti-Malware 1.36
Version de la base de données: 2050
Windows 5.1.2600 Service Pack 2

27/04/2009 22:42:50
mbam-log-2009-04-27 (22-42-50).txt

Type de recherche: Examen complet (C:\|D:\|E:\|F:\|)
Eléments examinés: 118942
Temps écoulé: 39 minute(s), 0 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 16
Valeur(s) du Registre infectée(s): 1
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 2
Fichier(s) infecté(s): 3

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{014da6c1-189f-421a-88cd-07cfe51cff10} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{0e0a2ad5-1adc-4ec3-90fc-0fb793c9259e} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{3ba4271e-5c1e-48e2-b432-d8bf420dd31d} (Rogue.DeusCleaner) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1a26f07f-0d60-4835-91cf-1e1766a0ec56} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Mirar (Adware.Mirar) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\FBrowsingAdvisor (Trojan.FBrowsingAdvisor) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\fbrowsingadvisor_is1 (Trojan.FBrowsingAdvisor) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\xpre (Trojan.Downloader) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\affri (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\affltid (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\affltid (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\affri (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Juan (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\dslcnnct (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\fcn (Rogue.Residue) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\EoRezo (Rogue.Eorezo) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{0e0a2ad5-1adc-4ec3-90fc-0fb793c9259e} (Trojan.Vundo) -> Quarantined and deleted successfully.

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
C:\Program Files\FBrowserAdvisor (Trojan.FBrowsingAdvisor) -> Quarantined and deleted successfully.
C:\WINDOWS\VXNlcg (Adware.Command) -> Quarantined and deleted successfully.

Fichier(s) infecté(s):
C:\WINDOWS\system32\MSINET.oca (Rogue.Trace) -> Quarantined and deleted successfully.
C:\_OTMoveIt\MovedFiles\04272009_213856\program files\FBrowsingAdvisor\XPCOMEvents.dll (Adware.PlayMp3z) -> Quarantined and deleted successfully.
C:\WINDOWS\BMf391befc.xml (Trojan.Vundo) -> Quarantined and deleted successfully.



Qu'est ce que tu en penses ? Tout est réglé ? en tout cas les fenêtres s'ouvrent plus rapidement quand je navigue sur Firefox.

Merci à toi

Voici le rapport de ad-remover :




------- LOGFILE OF AD-REMOVER 1.1.3.4 | ONLY XP/VISTA -------

Updated by C_XX on 27/04/2009 at 15:00
Contact: AdRemover.contact@gmail.com
Website: http://pagesperso-orange.fr/FindyKill.Ad.Remover/

Start at: 23:17:22, 27/04/2009 | Boot mode: Normal Boot
Option: SCAN | Executed from: C:\Program Files\Ad-remover\Ad-remover.bat
Operating System: Microsoft® Windows XP™ Service Pack 2 (version 5.1.2600)
Computer Name: PCTITAN
Current User: Administrateur - Administrator
Drive(s):
- C:\ (File System: NTFS)
- D:\ (File System: NTFS)
- E:\ (File System: NTFS)
- F:\ (File System: NTFS)

============ Known Adwares Found ============

.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{0E5CBF21-D15F-11D0-8301-00AA005B4383}
.

+-----------------| Eorezo Elements Found:

HKCR\Interface\{B0D071A1-36B3-4757-A126-14C89C56013A}
HKCU\Software\EoRezo
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{64F56FC1-1272-44CD-BA6E-39723696E350}
HKLM\Software\Classes\Interface\{B0D071A1-36B3-4757-A126-14C89C56013A}
.
C:\Documents and Settings\Administrateur\Application Data\EoRezo

+-----------------| It's TV Elements Found:

HKCU\Software\ItsLabel
HKU\S-1-5-21-1177238915-1957994488-839522115-500\Software\ItsLabel
.
C:\Documents and Settings\Administrateur\Application Data\ItsLabel

+-----------------| Sweetim Elements Found:

HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\980289C22F80A7C4BB9323DC61255E4E
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\FA96423FE2B98E248A3B23548D1E22D9
.
C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\0plmbwln.default\searchplugins\sweetim.xml

+-----------------| Added Scan:

---- Mozilla FireFox Version 3.0.9 ----

ProfilePath: 0plmbwln.default (Administrateur)
.
Prefs.js: Browser.Search.DefaultEngineName: "SweetIM Search"
Prefs.js: Browser.Search.SelectedEngine: "Live Search"
Prefs.js: Browser.Search.DefaultUrl: "hxxp://search.sweetim.com/search.asp?src=2&q="
.
(Prefs.js) FOUND: user_pref("browser.search.defaultenginename", "SweetIM Search");
(Prefs.js) FOUND: user_pref("browser.search.defaulturl", "https://search.sweetim.com/search.asp?src=2&q=");
.
.
.
.

---- Internet Explorer Version 6.0.2900.2180 ----

[HKEY_CURRENT_USER\..\Internet Explorer\Main]

Search bar: hxxp://www.google.com/ie
Search Page: hxxp://www.google.com
Start page: hxxp://www.trooner.com/

[HKEY_USERS\S-1-5-21-1177238915-1957994488-839522115-500\..\Internet Explorer\Main]

Search bar: hxxp://www.google.com/ie
Search Page: hxxp://www.google.com
Start page: hxxp://www.trooner.com/

[HKEY_LOCAL_MACHINE\..\Internet Explorer\Main]

Default_Page_URL: hxxp://go.microsoft.com/fwlink/?LinkId=69157
Default_Search_URL: hxxp://www.google.com/ie
Search bar: hxxp://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
Search Page: hxxp://go.microsoft.com/fwlink/?LinkId=54896
Start page: hxxp://www.trooner.com/

[HKEY_LOCAL_MACHINE\..\Internet Explorer\ABOUTURLS]


+---------------------------------------------------------------------------+

3289 Byte(s) - C:\Ad-Report-Scan-27.04.2009.log

0 File(s) - C:\Program Files\Ad-remover\TOOLS\BACKUP
0 File(s) - C:\Program Files\Ad-remover\TOOLS\QUARANTINE

End at: 23:31:40 | 27/04/2009
.
+-----------------| E.O.F
.

tiens voila le rapport :



------- LOGFILE OF AD-REMOVER 1.1.3.4 | ONLY XP/VISTA -------

Updated by C_XX on 27/04/2009 at 15:00
Contact: AdRemover.contact@gmail.com
Website: http://pagesperso-orange.fr/FindyKill.Ad.Remover/

**** LIMITED TO ****

Known Adwares
Eorezo
It's TV
Sweetim

********************

Start at: 23:44:29, 27/04/2009 | Boot mode: Normal Boot
Option: CLEAN | Executed from: C:\Program Files\Ad-remover\Ad-remover.bat
Operating System: Microsoft® Windows XP™ Service Pack 2 (version 5.1.2600)
Computer Name: PCTITAN
Current User: Administrateur - Administrator
Drive(s):
- C:\ (File System: NTFS)
- D:\ (File System: NTFS)
- E:\ (File System: NTFS)
- F:\ (File System: NTFS)

(!) ---- IE start pages/Tabs reset

============ Known Adwares Deleted ============

.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{0E5CBF21-D15F-11D0-8301-00AA005B4383}
.

+-----------------| Eorezo Elements Deleted :

HKCR\Interface\{B0D071A1-36B3-4757-A126-14C89C56013A}
HKCU\Software\EoRezo
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{64F56FC1-1272-44CD-BA6E-39723696E350}
.
C:\Documents and Settings\Administrateur\Application Data\EoRezo

+-----------------| It's TV Elements Deleted :

HKCU\Software\ItsLabel
.
C:\Documents and Settings\Administrateur\Application Data\ItsLabel

+-----------------| Sweetim Elements Deleted :

HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\980289C22F80A7C4BB9323DC61255E4E
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\FA96423FE2B98E248A3B23548D1E22D9
.
C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\0plmbwln.default\searchplugins\sweetim.xml

(!) ---- Temp files deleted.
(!) ---- Recycle bin emptied in all drives.



+-----------------| Added Scan :

---- Mozilla FireFox Version 3.0.9 ----

ProfilePath: 0plmbwln.default (Administrateur)
.
Prefs.js: Browser.Search.DefaultEngineName: "SweetIM Search"
Prefs.js: Browser.Search.SelectedEngine: "Live Search"
Prefs.js: Browser.Search.DefaultUrl: "hxxp://search.sweetim.com/search.asp?src=2&q="
.
(Prefs.js) REMOVED: user_pref("browser.search.defaultenginename", "SweetIM Search");
(Prefs.js) REMOVED: user_pref("browser.search.defaulturl", "https://search.sweetim.com/search.asp?src=2&q=");
.
.
.
.

---- Internet Explorer Version 6.0.2900.2180 ----

[HKEY_CURRENT_USER\..\Internet Explorer\Main]

Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Search bar: hxxp://www.google.com/ie
Search Page: hxxp://www.google.com
Start page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome

[HKEY_USERS\S-1-5-21-1177238915-1957994488-839522115-500\..\Internet Explorer\Main]

Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Search bar: hxxp://www.google.com/ie
Search Page: hxxp://www.google.com
Start page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome

[HKEY_LOCAL_MACHINE\..\Internet Explorer\Main]

Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Search bar: hxxp://search.msn.com/spbasic.htm
Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Start page: hxxp://fr.msn.com/

[HKEY_LOCAL_MACHINE\..\Internet Explorer\ABOUTURLS]

Tabs: hxxp://ieframe.dll/tabswelcome.htm

+---------------------------------------------------------------------------+

3873 Byte(s) - C:\Ad-Report-Clean-27.04.2009.log
3518 Byte(s) - C:\Ad-Report-Scan-27.04.2009.log

19 File(s) - C:\Program Files\Ad-remover\TOOLS\BACKUP
1 File(s) - C:\Program Files\Ad-remover\TOOLS\QUARANTINE

End at: 23:59:51 | 27/04/2009
.
+-----------------| E.O.F
.


merci à toi pour tout le temps passé

voici le 1er rapport :


info.txt logfile of random's system information tool 1.06 2009-04-28 00:16:11

======Uninstall list======

-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{23EFDB58-0874-4883-9810-EDA510B19FAE}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2BB79C8D-9DCC-4861-8A23-AE1B0B45E2B6}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3C1B8CBC-9118-11D7-86D3-00055DF3561E}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{775FFF70-4A8C-4500-908D-3C34DBEB11D5}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{83021AC3-086F-4B77-ACCD-1BD7C9AB211E}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B14F9B26-D695-4C4A-8B11-0FE6CDCC797B}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E213C271-AEFA-481D-A9B4-914D88925B8D}\setup.exe" -l0x9
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Ad-Aware-->MsiExec.exe /I{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Flash Player 9 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\FlashUtil9b.exe -uninstallDelete
Adobe Product/Adobe Studio Update 10/2001-->"C:\Program Files\InstallShield Installation Information\{73006B34-9743-4A39-AC37-38EDFCEB6DCE}\setup.exe"
Adobe Reader 8.1.3-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81300000003}
Adobe Shockwave Player-->C:\WINDOWS\system32\Adobe\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Adobe\SHOCKW~1\Install.log
Ad-remover-->C:\Program Files\Ad-remover\Uninstall ADR.exe
Ahead InCD EasyWrite Reader-->C:\WINDOWS\unmrw.exe /UNINSTALL
Ahead InCD-->C:\WINDOWS\NuNInst.exe /UNINSTALL
Ahead NeroMediaPlayer-->C:\WINDOWS\UNNMP.exe /UNINSTALL
Ahead NeroVision Express-->C:\WINDOWS\UNNeroVision.exe /UNINSTALL
Alt-Tab Task Switcher Powertoy for Windows XP-->MsiExec.exe /I{A7050037-F0EA-4BAB-BCD5-FC05507D6147}
ATI - Utilitaire de désinstallation du logiciel-->C:\Program Files\ATI Technologies\UninstallAll\AtiCimUn.exe
ATI Control Panel-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0BEDBD4E-2D34-47B5-9973-57E62B29307C}\setup.exe"
ATI Display Driver-->rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean
Avira AntiVir Personal - Free Antivirus-->C:\Program Files\Avira\AntiVir PersonalEdition Classic\SETUP.EXE /REMOVE
Barre d'outils Outlook de Windows Live (Windows Live Toolbar)-->MsiExec.exe /X{4002F73D-EBB3-4EA1-A2FF-DBCB4529759E}
Bloqueur de fenêtres pop-up (Windows Live Toolbar)-->MsiExec.exe /X{51F366F4-C2E4-429A-866A-59C885ED42FD}
CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
Compel Adaptec WinASPI-->"C:\Program Files\WinASPI\unins000.exe"
ConvertXtoDVD 2.2.2.256-->"C:\Program Files\vso\ConvertXtoDVD\unins000.exe"
Détecteur de flux Windows Live Toolbar (Windows Live Toolbar)-->MsiExec.exe /X{175B7C4A-CAF8-437A-B597-73E0D2D970FE}
DVD Shrink 3.2-->"C:\Program Files\DVD Shrink\unins000.exe"
eMule-->"E:\Program Files\eMule\Uninstall.exe"
EPSON CardMonitor-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{109D28C7-FB38-483A-9C91-001CB59E2699}\SETUP.EXE" -l0x40c uninst
EPSON Copy Utility 3-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{67EDD823-135A-4D59-87BD-950616D6E857}\Setup.exe" -l0x40c -UnInstall
EPSON Logiciel imprimante-->C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\EPUPDATE.EXE /R
EPSON PhotoQuicker3.5-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{65F5B7AF-3363-11D7-BB6B-00018021113F}\SETUP.EXE" -l0x40c uninst
EPSON PhotoStarter3.1-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C48817E7-AA05-4151-A99D-1E1E550CE801}\SETUP.EXE" -l0x40c uninst
EPSON PRINT Image Framer Tool2.1-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{23B59ED4-C360-11D7-875B-0090CC005647}\SETUP.EXE" -l0x40c anything
EPSON Scan-->C:\Program Files\epson\escndv\setup\setup.exe /r
EPSON Smart Panel-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6C11D561-620B-47DA-A693-4C597F3CDF40}\SETUP.EXE" -l0x40c Uninstall
EPSON Web-To-Page-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7F14F68C-17FA-4F88-B3FD-7F449C1EBF32}\SETUP.EXE" -l0x40c -anything
ESPRX420 Guide de réf.-->C:\Program Files\EPSON\TPMANUAL\ESPRX420\REF_G\DOCUNINS.EXE
ESPRX420 Guide des logiciels-->C:\Program Files\EPSON\TPMANUAL\ESPRX420\PQU_G\DOCUNINS.EXE
Etiquettes CD-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\DATA BECKER\Etiquettes CD\cdd4.isu"
Extension de Windows Live Toolbar (Windows Live Toolbar)-->MsiExec.exe /X{D518AD32-C710-4616-BA0D-D4B1FA5F82E8}
Free Mp3 Wma Converter V 1.6.3-->"C:\Program Files\Free Audio Pack\unins000.exe"
Google Toolbar for Internet Explorer-->regsvr32 /u /s "c:\program files\google\googletoolbar2.dll"
HijackThis 2.0.2-->"C:\Documents and Settings\Administrateur\Mes documents\HijackThis.exe" /uninstall
HOTZIC CD Burner V1.1-->C:\WINDOWS\st6unst.exe -n "C:\Program Files\HotzicBurner\ST6UNST.LOG"
J2SE Runtime Environment 5.0-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150000}
Java(TM) 6 Update 13-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216011FF}
Java(TM) 6 Update 2-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160020}
Java(TM) 6 Update 3-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}
Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
Java(TM) SE Runtime Environment 6 Update 1-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160010}
K-Lite Codec Pack 2.84 Full-->"C:\Program Files\K-Lite Codec Pack\unins000.exe"
Lecteur Windows Media 10-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
LimeWire 4.18.8-->"C:\Program Files\LimeWire\uninstall.exe"
Livebox-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FC7DDAAE-7F2B-4270-9BFD-5A130B667E9E}\Setup.exe" -l0x40c
LiveUpdate-->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{BAFA84F8-5A33-4ACD-AD10-58356B27A0F1}
Logitech Audio Echo Cancellation Component-->MsiExec.exe /X{BEF726DD-4037-4214-8C6A-E625C02D2870}
Logitech QuickCam-->MsiExec.exe /X{364EC092-93CF-4DDC-9D7A-7278452028E0}
Logitech Video Enumerator-->MsiExec.exe /X{EA516024-D84D-41F1-814F-83175A6188F2}
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Menus intelligents (Windows Live Toolbar)-->MsiExec.exe /X{3585ED1C-74C5-43B0-A232-831B96A12A2B}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.exe
Microsoft Office 2000 CD-ROM 2-->MsiExec.exe /I{0004040C-78E1-11D2-B60F-006097C998E7}
Microsoft Office 2000 Professional-->MsiExec.exe /I{0001040C-78E1-11D2-B60F-006097C998E7}
Mozilla Firefox (3.0.9)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MVision-->MsiExec.exe /I{35725FBC-A136-4A46-9F29-091759D9BB93}
Navigation par onglets (Windows Live Toolbar)-->MsiExec.exe /X{E74559C2-BB47-45AD-83DD-0D66B67E7811}
Nero 6 Enterprise Edition-->C:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL
OneCare Advisor (Windows Live Toolbar)-->MsiExec.exe /X{F242B06B-517F-4D62-B654-16B11564A912}
OpenOffice.org Installer 1.0-->MsiExec.exe /X{3A2AF807-9F9F-43C9-A24A-17B617238B74}
Orange - Logiciels Internet-->C:\Program Files\OrangeHSS\installation\core\Installgui.exe -u
Outil de mise à jour Google-->"C:\Program Files\Google\Google Updater\GoogleUpdater.exe" -uninstall
PhotoImpression 5-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{66C8BE35-8BBB-472B-96C7-C7C9A499F988}\SETUP.EXE" -l0x40c
Picasa 2-->"C:\Program Files\Picasa2\Uninstall.exe"
PIF DESIGNER2.1-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7BD0A2D8-4EA0-43C6-BDF8-DDA87B8031C6}\SETUP.EXE" -l0x40c anything
Pilotes ATI-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A20C66D4-69CE-4421-ADFC-2759CF0A24FD}\setup.exe"
Pilotes ATI-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CE65A3B9-08C3-4A2F-B2CB-8EAC3F17F440}\setup.exe"
Programme de gestion Camera de Logitech®-->"C:\Program Files\Fichiers communs\LogiShrd\QCDRV\BIN\SETUP.EXE" UNINSTALL REMOVEPROMPT
Programme Votre Opinion-->MsiExec.exe /I{D5EA1755-1899-4380-A4BA-83840648CBDA}
QuickTime Alternative 1.47-->"C:\Program Files\QuickTime Alternative\unins000.exe"
SAGEM Wi-Fi 11g USB adapter (Driver)-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7421E270-0140-4F62-AE39-ECB9F1C81B35}\setup.exe" -l0x40c
SAGEM Wi-Fi 11g USB adapter (Tool)-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A11CA13A-07D2-40DF-A274-9D516FE06A16}\Setup.exe" -l0x40c
ScanToWeb-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EBAE381B-60A6-4863-AA9F-FCAB755BC9E5}\SETUP.EXE" ADDREMOVEDLG
Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe"
SpywareBlaster 4.2-->"C:\Program Files\SpywareBlaster\unins000.exe"
StuffPlug 3-->C:\Program Files\StuffPlug3\Uninstall.exe
Super Blank 3.01-->"C:\Program Files\SuperBlank\unins000.exe"
Tom Clancy's Splinter Cell Chaos Theory-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BABAEBE4-9FFB-4B5D-9453-64FF11517CA2}\setup.exe" -l0x40c -removeonly
TuneUp Utilities 2009-->MsiExec.exe /I{55A29068-F2CE-456C-9148-C869879E2357}
VLC media player 0.9.8a-->C:\Program Files\VideoLAN\VLC\uninstall.exe
WinAVIVideoConverter-->"C:\Program Files\WinAVIVideoConverter\unins000.exe"
Windows Live Favorites pour Windows Live Toolbar-->MsiExec.exe /X{DCE65B11-710D-4C54-9DE5-1A6A0BD2186B}
Windows Live installer-->MsiExec.exe /I{A90D10BA-1E82-44E1-87DE-56A22BA151DA}
Windows Live Messenger-->MsiExec.exe /I{F6326B60-1B1D-4ABF-BFCD-7B7404F44411}
Windows Live OneCare safety scanner-->RunDll32.exe "C:\Program Files\Windows Live Safety Center\wlscCore.dll",UninstallFunction WLSC_SCANNER_PRODUCT
Windows Live Sign-in Assistant-->MsiExec.exe /I{49672EC2-171B-47B4-8CE7-50D7806360D7}
Windows Live Toolbar-->MsiExec.exe /X{05AE605F-3146-46ED-BC52-0A14EBF57962}
Windows Media Format Runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}

======Hosts File======

127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com

Securitycenter WMI appears to be broken

======System event log======

Computer Name: PCTITAN
Event Code: 4201
Message: Le système a détecté que la carte réseau Sagem XG703 USB 802.11g était connectée au réseau,
et a lancé une opération normale sur la carte réseau.

Record Number: 103938
Source Name: Tcpip
Time Written: 20090419122013.000000+120
Event Type: Informations
User:

Computer Name: PCTITAN
Event Code: 4201
Message: Le système a détecté que la carte réseau Sagem XG703 USB 802.11g était connectée au réseau,
et a lancé une opération normale sur la carte réseau.

Record Number: 103937
Source Name: Tcpip
Time Written: 20090419122008.000000+120
Event Type: Informations
User:

Computer Name: PCTITAN
Event Code: 1003
Message: Votre ordinateur n'a pas pu renouveler son adresse à partir du réseau (à partir
du serveur DHCP) pour la carte réseau dont l'adresse réseau est 0060B3B5E3A2. Il s'est
produit l'erreur suivante :
L'opération a été annulée par l'utilisateur.
.
Votre ordinateur va continuer à essayer d'obtenir sa propre adresse auprès du
serveur d'adresse réseau (DHCP).

Record Number: 103936
Source Name: Dhcp
Time Written: 20090419122006.000000+120
Event Type: Avertissement
User:

Computer Name: PCTITAN
Event Code: 4201
Message: Le système a détecté que la carte réseau Sagem XG703 USB 802.11g était connectée au réseau,
et a lancé une opération normale sur la carte réseau.

Record Number: 103935
Source Name: Tcpip
Time Written: 20090419122003.000000+120
Event Type: Informations
User:

Computer Name: PCTITAN
Event Code: 1003
Message: Votre ordinateur n'a pas pu renouveler son adresse à partir du réseau (à partir
du serveur DHCP) pour la carte réseau dont l'adresse réseau est 0060B3B5E3A2. Il s'est
produit l'erreur suivante :
L'opération a été annulée par l'utilisateur.
.
Votre ordinateur va continuer à essayer d'obtenir sa propre adresse auprès du
serveur d'adresse réseau (DHCP).

Record Number: 103934
Source Name: Dhcp
Time Written: 20090419122001.000000+120
Event Type: Avertissement
User:

=====Application event log=====

Computer Name: PCTITAN
Event Code: 0
Message:
Record Number: 25353
Source Name: gusvc
Time Written: 20090124111637.000000+060
Event Type: Informations
User:

Computer Name: PCTITAN
Event Code: 105
Message: The service was started.

Record Number: 25352
Source Name: ATI Smart
Time Written: 20090124111636.000000+060
Event Type: Informations
User:

Computer Name: PCTITAN
Event Code: 1517
Message: Windows a sauvegardé le Registre utilisateur PCTITAN\Administrateur alors qu'une application ou un service utilisait toujours le Registre pendant la fermeture de la session. La mémoire utilisée par le Registre de l'utilisateur n'a pas été libérée. le Registre sera déchargé lorsqu'il ne sera plus utilisé.


Cela est souvent causé par des services s'exécutant en tant que compte d'utilisateur, essayez de configurer les services pour s'exécuter dans le compte service réseau ou service local.

Record Number: 25351
Source Name: Userenv
Time Written: 20090123204249.000000+060
Event Type: Avertissement
User: AUTORITE NT\SYSTEM

Computer Name: PCTITAN
Event Code: 0
Message:
Record Number: 25350
Source Name: LVCOMSer
Time Written: 20090123174308.000000+060
Event Type: Informations
User:

Computer Name: PCTITAN
Event Code: 1001
Message: Échec de détection du produit '{364EC092-93CF-4DDC-9D7A-7278452028E0}', fonctionnalité 'QuickCam' lors de la demande du composant '{62BA7C13-20BB-41F7-A6A4-482632CE53D4}'

Record Number: 25349
Source Name: MsiInstaller
Time Written: 20090123174307.000000+060
Event Type: Avertissement
User: AUTORITE NT\SERVICE RÉSEAU

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%systemroot%\system32;%systemroot%;%systemroot%\system32\wbem;C:\Program Files\ATI Technologies\ATI Control Panel;C:\Program Files\Fichiers communs\Roxio Shared\DLLShared
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 2 Stepping 9, GenuineIntel
"PROCESSOR_REVISION"=0209
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"DEVMGR_SHOW_DETAILS"=1

-----------------EOF-----------------

voici le 2eme rapport


Logfile of random's system information tool 1.06 (written by random/random)
Run by Administrateur at 2009-04-28 00:15:35
Microsoft Windows XP Professionnel Service Pack 2
System drive C: has 9 GB (45%) free of 20 GB
Total RAM: 511 MB (43% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 00:16, on 28/04/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\1\FTRTSVC.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9CE.EXE
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\OrangeHSS\Launcher\Launcher.exe
C:\Documents and Settings\Administrateur\Local Settings\Application Data\Votre Opinion\PanelApp\PanelApp.exe
C:\Program Files\Orange HSS\Orange Desktop Search\OrangeDesktopSearch.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\AlertModule\1\AlertModule.exe
C:\WINDOWS\System32\TUProgSt.exe
C:\Program Files\OrangeHSS\systray\systrayapp.exe
C:\Program Files\OrangeHSS\connectivity\connectivitymanager.exe
C:\Program Files\OrangeHSS\connectivity\CoreCom\CoreCom.exe
C:\Program Files\OrangeHSS\connectivity\CoreCom\OraConfigRecover.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTCOMModule\1\FTCOMModule.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\explorer.exe
C:\Documents and Settings\Administrateur\Mes documents\RSIT.exe
C:\Program Files\trend micro\Administrateur.exe

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\OrangeHSS\SearchURLHook\SearchPageURL.dll
R3 - URLSearchHook: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O4 - HKLM\..\Run: [EPSON Stylus Photo RX420 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9CE.EXE /P31 "EPSON Stylus Photo RX420 Series" /O6 "USB001" /M "Stylus Photo RX420"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [ORAHSSSessionManager] C:\Program Files\OrangeHSS\SessionManager\SessionManager.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [PanelApp] C:\Documents and Settings\Administrateur\Local Settings\Application Data\Votre Opinion\PanelApp\PanelApp.exe
O4 - HKCU\..\Run: [Orange Desktop Search] "C:\Program Files\Orange HSS\Orange Desktop Search\OrangeDesktopSearch.exe" /tray
O4 - Global Startup: Utilitaire réseau pour SAGEM Wi-Fi 11g USB adapter.lnk = ?
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.google.fr
O15 - Trusted Zone: http://*.mappy.com
O15 - Trusted Zone: http://*.orange.fr
O15 - Trusted Zone: http://www.toilokdo.com
O15 - Trusted Zone: http://rw.search.ke.voila.fr
O15 - Trusted Zone: http://orange.weborama.fr
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {0B79F48A-E8D6-11DB-9283-E25056D89593} (F-Secure Online Scanner 3.1) - http://support.f-secure.com/ols/fscax.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {79E0C1C0-316D-11D5-A72A-006097BFA1AC} (EPSON Web Printer-SelfTest Control Class) - http://esupport.epson-europe.com/selftest/fr/Prg/ESTPTest.cab
O16 - DPF: {BD8667B7-38D8-4C77-B580-18C3E146372C} (Creative Toolbox Plug-in) - http://kiw.imgag.com/imgag/cp/install/crusher-kiwen.cab
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Securitoo Antivirus Firewall (BackWeb Plug-in - 8520111) - Unknown owner - C:\PROGRA~1\SECURI~1\Av_Fw\backweb\8520111\Program\SERVIC~1.EXE (file missing)
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\1\FTRTSVC.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InCD File System Service (InCDsrv) - AHEAD Software - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: PanelSvc - Unknown owner - C:\Program Files\Votre Opinion\PanelApp\PanelSvc.exe (file missing)
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\WINDOWS\System32\TUProgSt.exe
O23 - Service: Windows User Mode Driver Framework (UMWdf) - Unknown owner - C:\WINDOWS\system32\wdfmgr.exe (file missing)
O23 - Service: Uninterruptible Power Supply (UPS) - Unknown owner - C:\WINDOWS\System32\ups.exe (file missing)
O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Program Files\Windows Live\installer\WLSetupSvc.exe

voici le rapport :




--------------------\\ Lop S&D 4.2.5-0 XP/Vista

Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 2
X86-based PC ( Uniprocessor Free : Intel(R) Celeron(R) CPU 2.40GHz )
BIOS : BIOS Date: 06/08/04 12:28:56 Ver: 08.00.09
USER : Administrateur ( Administrator )
BOOT : Normal boot
A:\ (USB)
C:\ (Local Disk) - NTFS - Total:19 Go (Free:8 Go)
D:\ (Local Disk) - NTFS - Total:19 Go (Free:19 Go)
E:\ (Local Disk) - NTFS - Total:19 Go (Free:4 Go)
F:\ (Local Disk) - NTFS - Total:18 Go (Free:13 Go)
G:\ (CD or DVD)

"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [1] ( 28/04/2009| 0:29 )

--------------------\\ Listing des dossiers dans APPLIC~1

[19/02/2008|23:35] C:\DOCUME~1\ADMINI~1\APPLIC~1\5
[21/08/2007|20:31] C:\DOCUME~1\ADMINI~1\APPLIC~1\AccurateRip
[27/02/2009|01:05] C:\DOCUME~1\ADMINI~1\APPLIC~1\Adobe
[29/10/2006|19:17] C:\DOCUME~1\ADMINI~1\APPLIC~1\ArcSoft
[04/02/2007|21:19] C:\DOCUME~1\ADMINI~1\APPLIC~1\Azureus
[20/10/2008|22:48] C:\DOCUME~1\ADMINI~1\APPLIC~1\Desktopicon
[27/11/2008|21:53] C:\DOCUME~1\ADMINI~1\APPLIC~1\dvdcss
[27/02/2008|16:21] C:\DOCUME~1\ADMINI~1\APPLIC~1\F-Secure
[02/06/2007|18:17] C:\DOCUME~1\ADMINI~1\APPLIC~1\Google
[14/08/2008|18:11] C:\DOCUME~1\ADMINI~1\APPLIC~1\gtk-2.0
[29/10/2006|20:32] C:\DOCUME~1\ADMINI~1\APPLIC~1\Help
[28/10/2006|19:44] C:\DOCUME~1\ADMINI~1\APPLIC~1\ispnews
[22/04/2009|18:50] C:\DOCUME~1\ADMINI~1\APPLIC~1\LimeWire
[28/10/2006|18:57] C:\DOCUME~1\ADMINI~1\APPLIC~1\Macromedia
[27/04/2009|21:57] C:\DOCUME~1\ADMINI~1\APPLIC~1\Malwarebytes
[25/02/2007|20:57] C:\DOCUME~1\ADMINI~1\APPLIC~1\Media Player Classic
[19/09/2008|19:57] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft
[29/10/2006|21:33] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft Web Folders
[27/08/2008|08:06] C:\DOCUME~1\ADMINI~1\APPLIC~1\Mozilla
[30/10/2006|22:19] C:\DOCUME~1\ADMINI~1\APPLIC~1\MSN6
[18/08/2007|23:03] C:\DOCUME~1\ADMINI~1\APPLIC~1\NCH Swift Sound
[05/03/2009|23:19] C:\DOCUME~1\ADMINI~1\APPLIC~1\NeoDivX2008
[25/11/2006|00:19] C:\DOCUME~1\ADMINI~1\APPLIC~1\NeroVision
[18/04/2007|11:36] C:\DOCUME~1\ADMINI~1\APPLIC~1\NetAppel
[11/09/2007|19:00] C:\DOCUME~1\ADMINI~1\APPLIC~1\OTVREG
[28/10/2006|19:48] C:\DOCUME~1\ADMINI~1\APPLIC~1\PEX
[11/09/2007|20:27] C:\DOCUME~1\ADMINI~1\APPLIC~1\Real
[04/10/2007|22:24] C:\DOCUME~1\ADMINI~1\APPLIC~1\SPAMfighter
[25/11/2006|14:21] C:\DOCUME~1\ADMINI~1\APPLIC~1\Sun
[18/05/2008|13:45] C:\DOCUME~1\ADMINI~1\APPLIC~1\TaoUSign
[27/04/2009|10:58] C:\DOCUME~1\ADMINI~1\APPLIC~1\TuneUp Software
[16/12/2007|13:08] C:\DOCUME~1\ADMINI~1\APPLIC~1\Uniblue
[16/08/2008|00:02] C:\DOCUME~1\ADMINI~1\APPLIC~1\uTorrent
[21/12/2008|20:02] C:\DOCUME~1\ADMINI~1\APPLIC~1\vlc
[26/04/2009|10:34] C:\DOCUME~1\ADMINI~1\APPLIC~1\Vso
[09/06/2007|18:01] C:\DOCUME~1\ADMINI~1\APPLIC~1\VSO_HWE
[03/06/2007|12:11] C:\DOCUME~1\ADMINI~1\APPLIC~1\Webroot
[25/02/2008|10:20] C:\DOCUME~1\ADMINI~1\APPLIC~1\WinRAR

[27/04/2009|10:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{55A29068-F2CE-456C-9148-C869879E2357}
[19/02/2008|23:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\5
[28/02/2009|10:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[29/10/2006|20:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ahead
[29/12/2008|21:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ashampoo
[07/09/2008|12:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Avira
[16/08/2007|19:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Babylon
[22/03/2009|21:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DVD Shrink
[05/08/2008|20:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\FreeRIP
[08/05/2007|22:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[27/04/2009|23:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google Updater
[26/07/2007|08:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Grisoft
[20/07/2008|09:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
[27/10/2007|20:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Logishrd
[22/03/2007|12:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Logitech
[27/04/2009|21:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[16/12/2007|13:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[30/10/2006|22:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MSN6
[18/08/2007|23:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NCH Swift Sound
[29/10/2006|21:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBT
[27/04/2009|10:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[25/04/2009|08:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
[27/04/2009|10:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TuneUp Software
[31/08/2008|18:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ubisoft
[29/10/2006|19:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\UDL
[07/03/2009|19:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Vso
[15/06/2007|22:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\vsosdk
[23/02/2008|16:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[03/02/2007|18:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar
[12/06/2007|20:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WindowsLiveInstaller
[16/11/2007|01:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WinZip
[06/07/2007|20:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller

[08/09/2007|19:58] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Macromedia
[28/10/2006|18:49] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

[28/10/2006|18:49] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

[28/10/2006|18:49] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

[28/04/2009 00:00][--a------] C:\WINDOWS\tasks\Maintenance en 1 clic.job
[27/04/2009 23:59][--a------] C:\WINDOWS\tasks\Google Software Updater.job
[27/04/2009 22:47][--ah-----] C:\WINDOWS\tasks\SA.DAT
[09/07/2005 21:40][-r-h-----] C:\WINDOWS\tasks\desktop.ini

--------------------\\ Listing des dossiers dans C:\Program Files

[28/02/2009|10:47] C:\Program Files\Adobe
[27/04/2009|23:16] C:\Program Files\Ad-remover
[20/02/2008|21:43] C:\Program Files\Ahead
[03/03/2008|19:26] C:\Program Files\AntivirusFirewall
[06/03/2008|19:48] C:\Program Files\ArcSoft
[28/10/2006|19:09] C:\Program Files\ATI Technologies
[07/09/2008|12:21] C:\Program Files\Avira
[04/03/2009|22:20] C:\Program Files\bitRipper
[19/01/2009|21:32] C:\Program Files\CCleaner
[29/10/2006|17:29] C:\Program Files\DATA BECKER
[13/06/2007|19:51] C:\Program Files\directx
[06/08/2007|16:51] C:\Program Files\DVD Shrink
[06/03/2008|19:51] C:\Program Files\epson
[20/07/2008|09:32] C:\Program Files\Fichiers communs
[16/11/2007|19:21] C:\Program Files\FLocker
[11/10/2007|20:08] C:\Program Files\Free Audio Pack
[31/08/2007|22:54] C:\Program Files\Google
[02/12/2006|21:36] C:\Program Files\Grisoft
[27/08/2007|18:56] C:\Program Files\HotzicBurner
[20/08/2007|11:49] C:\Program Files\Illustrate
[30/08/2008|22:32] C:\Program Files\InstallShield Installation Information
[30/01/2007|21:30] C:\Program Files\Internet Explorer
[07/09/2007|16:48] C:\Program Files\IZArc
[27/03/2009|15:52] C:\Program Files\Java
[25/02/2007|19:47] C:\Program Files\K-Lite Codec Pack
[20/07/2008|09:33] C:\Program Files\Lavasoft
[21/09/2008|11:51] C:\Program Files\LimeWire
[27/10/2007|20:46] C:\Program Files\Logitech
[27/04/2009|21:57] C:\Program Files\Malwarebytes' Anti-Malware
[10/03/2007|16:18] C:\Program Files\Media Player Classic
[29/10/2006|21:41] C:\Program Files\Microsoft Office
[28/04/2009|00:17] C:\Program Files\Mozilla Firefox
[27/11/2008|13:01] C:\Program Files\MSN Messenger
[19/08/2007|22:45] C:\Program Files\NCH Swift Sound
[09/03/2007|12:39] C:\Program Files\Orange HSS
[01/06/2007|23:05] C:\Program Files\OrangeBs
[11/04/2009|18:24] C:\Program Files\OrangeHSS
[28/10/2006|18:49] C:\Program Files\OutilsTITAN
[04/10/2008|11:57] C:\Program Files\Picasa2
[10/03/2007|16:18] C:\Program Files\QuickTime Alternative
[28/10/2006|19:23] C:\Program Files\SAGEM
[28/10/2006|19:23] C:\Program Files\SAGEM Wi-Fi USB 802.11g
[11/04/2009|18:23] C:\Program Files\Securitoo
[28/10/2006|18:47] C:\Program Files\Services en ligne
[06/03/2008|19:47] C:\Program Files\Smart Panel
[22/02/2007|23:51] C:\Program Files\Snapshot Viewer
[15/03/2009|16:05] C:\Program Files\Spybot - Search & Destroy
[25/04/2009|08:42] C:\Program Files\SpywareBlaster
[27/11/2008|20:12] C:\Program Files\StuffPlug3
[15/10/2008|20:55] C:\Program Files\Sun
[25/08/2007|23:37] C:\Program Files\SuperBlank
[28/04/2009|00:16] C:\Program Files\trend micro
[27/04/2009|10:58] C:\Program Files\TuneUp Utilities 2009
[30/08/2008|22:33] C:\Program Files\Ubisoft
[26/02/2008|10:24] C:\Program Files\Uninstall Information
[21/10/2008|11:17] C:\Program Files\Unlocker
[13/11/2006|12:58] C:\Program Files\VideoLAN
[07/03/2009|19:20] C:\Program Files\vso
[24/05/2007|11:32] C:\Program Files\Wanadoo
[11/04/2009|23:51] C:\Program Files\Wanadoo Messager
[04/03/2009|23:17] C:\Program Files\WinASPI
[19/04/2007|10:50] C:\Program Files\WinAVI Video Converter
[09/11/2006|18:44] C:\Program Files\WinAVIVideoConverter
[12/06/2007|20:47] C:\Program Files\Windows Live
[03/02/2007|18:55] C:\Program Files\Windows Live Favorites
[14/04/2009|22:50] C:\Program Files\Windows Live Safety Center
[15/03/2007|21:02] C:\Program Files\Windows Media Player
[13/11/2006|12:59] C:\Program Files\Windows NT

--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

[20/02/2008|15:49] C:\Program Files\Fichiers communs\5
[28/02/2009|10:48] C:\Program Files\Fichiers communs\Adobe
[28/10/2006|18:57] C:\Program Files\Fichiers communs\Ahead
[29/10/2006|21:35] C:\Program Files\Fichiers communs\Designer
[09/03/2007|12:35] C:\Program Files\Fichiers communs\France Telecom
[02/01/2008|15:21] C:\Program Files\Fichiers communs\InstallShield
[28/10/2006|18:56] C:\Program Files\Fichiers communs\Java
[27/10/2007|20:47] C:\Program Files\Fichiers communs\LogiShrd
[28/10/2006|19:15] C:\Program Files\Fichiers communs\Logitech
[03/02/2007|18:39] C:\Program Files\Fichiers communs\Microsoft Shared
[28/10/2006|18:46] C:\Program Files\Fichiers communs\MSSoap
[28/10/2006|20:41] C:\Program Files\Fichiers communs\ODBC
[11/09/2007|20:27] C:\Program Files\Fichiers communs\Real
[13/06/2007|19:51] C:\Program Files\Fichiers communs\Roxio Shared
[28/10/2006|20:41] C:\Program Files\Fichiers communs\SpeechEngines
[20/05/2007|10:25] C:\Program Files\Fichiers communs\Symantec Shared
[29/10/2006|21:40] C:\Program Files\Fichiers communs\System
[20/07/2008|09:32] C:\Program Files\Fichiers communs\Wise Installation Wizard

--------------------\\ Process

( 36 Processes )

... OK !

--------------------\\ Recherche avec S_Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Recherche de Fichiers / Dossiers Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Verification du Registre

..... OK !

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE


--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-04-28 00:32:08
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
? [16168]
? [13680]
? [14932]
? [21560]
scanning hidden files ...
scan completed successfully
hidden processes: 4
hidden files: 4

--------------------\\ Recherche d'autres infections

--------------------\\ Cracks & Keygens ..

C:\DOCUME~1\ADMINI~1\Mes documents\Laurent - Programmes\AnyDVD 5.3.2.1 + CloneDVD 2.8.5.1 + CloneCD 5.2.6.1 + DVD Decrypter 3 + DVD Shrink 3 + CRACKS!! ( Tout FR )
C:\DOCUME~1\ADMINI~1\Mes documents\Laurent - Programmes\AnyDVD 5.3.2.1 + CloneDVD 2.8.5.1 + CloneCD 5.2.6.1 + DVD Decrypter 3 + DVD Shrink 3 + CRACKS!! ( Tout FR )\AnyDVD 5.3.2.1
C:\DOCUME~1\ADMINI~1\Mes documents\Laurent - Programmes\AnyDVD 5.3.2.1 + CloneDVD 2.8.5.1 + CloneCD 5.2.6.1 + DVD Decrypter 3 + DVD Shrink 3 + CRACKS!! ( Tout FR )\CloneCD 5.2.6.1
C:\DOCUME~1\ADMINI~1\Mes documents\Laurent - Programmes\AnyDVD 5.3.2.1 + CloneDVD 2.8.5.1 + CloneCD 5.2.6.1 + DVD Decrypter 3 + DVD Shrink 3 + CRACKS!! ( Tout FR )\CloneDVD 2.8.5.1
C:\DOCUME~1\ADMINI~1\Mes documents\Laurent - Programmes\AnyDVD 5.3.2.1 + CloneDVD 2.8.5.1 + CloneCD 5.2.6.1 + DVD Decrypter 3 + DVD Shrink 3 + CRACKS!! ( Tout FR )\DVD Decrypter 3
C:\DOCUME~1\ADMINI~1\Mes documents\Laurent - Programmes\AnyDVD 5.3.2.1 + CloneDVD 2.8.5.1 + CloneCD 5.2.6.1 + DVD Decrypter 3 + DVD Shrink 3 + CRACKS!! ( Tout FR )\DVD Shrink 3
C:\DOCUME~1\ADMINI~1\Mes documents\Laurent - Programmes\AnyDVD 5.3.2.1 + CloneDVD 2.8.5.1 + CloneCD 5.2.6.1 + DVD Decrypter 3 + DVD Shrink 3 + CRACKS!! ( Tout FR )\AnyDVD 5.3.2.1\AnyDVD 5.3.2.1.exe
C:\DOCUME~1\ADMINI~1\Mes documents\Laurent - Programmes\AnyDVD 5.3.2.1 + CloneDVD 2.8.5.1 + CloneCD 5.2.6.1 + DVD Decrypter 3 + DVD Shrink 3 + CRACKS!! ( Tout FR )\AnyDVD 5.3.2.1\crack
C:\DOCUME~1\ADMINI~1\Mes documents\Laurent - Programmes\AnyDVD 5.3.2.1 + CloneDVD 2.8.5.1 + CloneCD 5.2.6.1 + DVD Decrypter 3 + DVD Shrink 3 + CRACKS!! ( Tout FR )\AnyDVD 5.3.2.1\crack\Slysoft.exe
C:\DOCUME~1\ADMINI~1\Mes documents\Laurent - Programmes\AnyDVD 5.3.2.1 + CloneDVD 2.8.5.1 + CloneCD 5.2.6.1 + DVD Decrypter 3 + DVD Shrink 3 + CRACKS!! ( Tout FR )\CloneCD 5.2.6.1\CloneCD 5.2.6.1.exe
C:\DOCUME~1\ADMINI~1\Mes documents\Laurent - Programmes\AnyDVD 5.3.2.1 + CloneDVD 2.8.5.1 + CloneCD 5.2.6.1 + DVD Decrypter 3 + DVD Shrink 3 + CRACKS!! ( Tout FR )\CloneCD 5.2.6.1\Crack
C:\DOCUME~1\ADMINI~1\Mes documents\Laurent - Programmes\AnyDVD 5.3.2.1 + CloneDVD 2.8.5.1 + CloneCD 5.2.6.1 + DVD Decrypter 3 + DVD Shrink 3 + CRACKS!! ( Tout FR )\CloneCD 5.2.6.1\Crack\Slysoft.exe
C:\DOCUME~1\ADMINI~1\Mes documents\Laurent - Programmes\AnyDVD 5.3.2.1 + CloneDVD 2.8.5.1 + CloneCD 5.2.6.1 + DVD Decrypter 3 + DVD Shrink 3 + CRACKS!! ( Tout FR )\CloneDVD 2.8.5.1\CloneDVD 2.8.5.1.exe
C:\DOCUME~1\ADMINI~1\Mes documents\Laurent - Programmes\AnyDVD 5.3.2.1 + CloneDVD 2.8.5.1 + CloneCD 5.2.6.1 + DVD Decrypter 3 + DVD Shrink 3 + CRACKS!! ( Tout FR )\CloneDVD 2.8.5.1\Crack
C:\DOCUME~1\ADMINI~1\Mes documents\Laurent - Programmes\AnyDVD 5.3.2.1 + CloneDVD 2.8.5.1 + CloneCD 5.2.6.1 + DVD Decrypter 3 + DVD Shrink 3 + CRACKS!! ( Tout FR )\CloneDVD 2.8.5.1\Crack\Slysoft.exe
C:\DOCUME~1\ADMINI~1\Mes documents\Laurent - Programmes\AnyDVD 5.3.2.1 + CloneDVD 2.8.5.1 + CloneCD 5.2.6.1 + DVD Decrypter 3 + DVD Shrink 3 + CRACKS!! ( Tout FR )\DVD Decrypter 3\DVD Decrypter 3.exe
C:\DOCUME~1\ADMINI~1\Mes documents\Laurent - Programmes\AnyDVD 5.3.2.1 + CloneDVD 2.8.5.1 + CloneCD 5.2.6.1 + DVD Decrypter 3 + DVD Shrink 3 + CRACKS!! ( Tout FR )\DVD Shrink 3\DVD Shrink 3.exe


[F:2][D:0]-> C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp
[F:1][D:0]-> C:\DOCUME~1\ADMINI~1\Cookies
[F:7][D:4]-> C:\DOCUME~1\ADMINI~1\LOCALS~1\TEMPOR~1\content.IE5

1 - "C:\Lop SD\LopR_1.txt" - 28/04/2009| 0:34 - Option : [1]

--------------------\\ Fin du rapport a 0:34:49

c'est fait comme tu m'as dit avec hijackthis

Tu crois que c'est bon maintenant ?

Quelle procédure suivante ? Tu m'avais rien marqué d'autre.

oui le post 22 j'ai fixé les lignes avec hijackthis comme tu m'as dit

Bonjour,
j'ai un problème avec ToolsCleaner2. Le message suivant apparait quand je clique dessus :
" Cette application n'a pu démarrer car SrClient.dll est introuvable. La réinstallation de cette application peut corriger ce problème".
Je ne sais pas quoi faire. Est ce que je peut continuer à faire le reste de la procédure ?
Merci

ok je te remercie pour tout.
Bonne nuit et à demain

Salut , j'ai suivi tes recommandations :

- j'ai désinstallé AD Remover
- j'ai mis à jour la console Java (je te poste le rapport ci-dessous)

-Je te poste le rapport de Dr web dès que celui ci a terminé

- par contre j'ai eu un problème avec ToolsCleaner 2 . Quand je clique sur l'application le message suivant apparait : "cette application n'a pu démarrer car SrClient.dll est introuvable. La réinsatallation de cette application peut corriger le problème". Seulement que je ne sais pas comment faire .

Voici le rapport de Java :


JavaRa 1.13 Removal Log.

Report follows after line.

------------------------------------

The JavaRa removal process was started on Tue Apr 28 09:34:40 2009

Found and removed: C:\Program Files\Java\jre1.6.0_01

Found and removed: C:\Program Files\Java\jre1.6.0_02

Found and removed: C:\Program Files\Java\jre1.6.0_03

Found and removed: C:\Program Files\Java\jre1.6.0_07

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_01\

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_02\

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_03\

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_01\bin\

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_02\bin\

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_03\bin\

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_07\bin\

------------------------------------

Finished reporting.



Je t'envoie celui de Dr Web dès qu'il a fini

Voila le rapport de Dr Web :


AD-R.exe\data028;C:\Documents and Settings\Administrateur\Mes documents\AD-R.exe;Tool.Prockill;;
AD-R.exe;C:\Documents and Settings\Administrateur\Mes documents;Conteneur comporte des objets infectés;;
RegUBP2b-Administrateur.reg;C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Snapshots2;Trojan.StartPage.1505;Supprimé.;



J'ai télécharger à nouveau Tools Cleaner2 mais j'ai toujours le même message :
"cette application n'a pu démarrer car SrClient.dll est introuvable.

Merci à toi

salut loloetseb,
est ce que tu penses que mon problème est réglé ? Faut -il que je supprime tous les programmes que tu m'a fais télécharger ?
Je reconnais que le PC va beaucoup mieux même si de temps en temps quelques pages mettent encore du temps à s'ouvrir.
Tiens moi au courant. Merci

Voila le scan est fini. Aucune ligne rouge n'est apparue.

Je te poste le rapport



GMER 1.0.15.14966 - http://www.gmer.net
Rootkit scan 2009-04-28 22:15:12
Windows 5.1.2600 Service Pack 2


---- System - GMER 1.0.15 ----

SSDT F8DE6FF4 ZwCreateThread
SSDT F8DE6FE0 ZwOpenProcess
SSDT F8DE6FE5 ZwOpenThread
SSDT F8DE6FEF ZwTerminateProcess
SSDT F8DE6FEA ZwWriteVirtualMemory

---- Kernel code sections - GMER 1.0.15 ----

.text OEMKRNL.EXE!_abnormal_termination + 4A3 804E3174 4 Bytes JMP 79F8DE6F

---- User IAT/EAT - GMER 1.0.15 ----

IAT C:\WINDOWS\Explorer.EXE[1096] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [00F12F30] C:\Program Files\Fichiers communs\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\Explorer.EXE[1096] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [00F12CA0] C:\Program Files\Fichiers communs\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\Explorer.EXE[1096] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [00F12D00] C:\Program Files\Fichiers communs\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\Explorer.EXE[1096] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [00F12CD0] C:\Program Files\Fichiers communs\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Mozilla Firefox\firefox.exe[2928] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [004E2F30] C:\Program Files\Fichiers communs\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Mozilla Firefox\firefox.exe[2928] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [004E2CA0] C:\Program Files\Fichiers communs\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Mozilla Firefox\firefox.exe[2928] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [004E2D00] C:\Program Files\Fichiers communs\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Mozilla Firefox\firefox.exe[2928] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [004E2CD0] C:\Program Files\Fichiers communs\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\OrangeHSS\connectivity\CoreCom\OraConfigRecover.exe[2956] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [009F2F30] C:\Program Files\Fichiers communs\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\OrangeHSS\connectivity\CoreCom\OraConfigRecover.exe[2956] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [009F2CA0] C:\Program Files\Fichiers communs\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\OrangeHSS\connectivity\CoreCom\OraConfigRecover.exe[2956] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [009F2D00] C:\Program Files\Fichiers communs\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\OrangeHSS\connectivity\CoreCom\OraConfigRecover.exe[2956] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [009F2CD0] C:\Program Files\Fichiers communs\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTCOMModule\1\FTCOMModule.exe[3008] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [009F2F30] C:\Program Files\Fichiers communs\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTCOMModule\1\FTCOMModule.exe[3008] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [009F2CA0] C:\Program Files\Fichiers communs\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTCOMModule\1\FTCOMModule.exe[3008] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [009F2D00] C:\Program Files\Fichiers communs\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTCOMModule\1\FTCOMModule.exe[3008] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [009F2CD0] C:\Program Files\Fichiers communs\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Documents and Settings\Administrateur\Mes documents\8d97urd2.exe[4888] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [00802F30] C:\Program Files\Fichiers communs\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Documents and Settings\Administrateur\Mes documents\8d97urd2.exe[4888] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [00802CA0] C:\Program Files\Fichiers communs\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Documents and Settings\Administrateur\Mes documents\8d97urd2.exe[4888] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [00802D00] C:\Program Files\Fichiers communs\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Documents and Settings\Administrateur\Mes documents\8d97urd2.exe[4888] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [00802CD0] C:\Program Files\Fichiers communs\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)

---- Devices - GMER 1.0.15 ----

Device \Driver\atapi \Device\Ide\IdePort0 sfsync02.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 sfsync02.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device \Driver\atapi \Device\Ide\IdePort1 sfsync02.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device \Driver\atapi \Device\Ide\IdeDeviceP1T1L0-e sfsync02.sys (StarForce Protection Synchronization Driver/Protection Technology)

---- EOF - GMER 1.0.15 ----



C'est bon signe ?

J'ai désinstallé Ad remover .

Par contre pour Tools Cleaner 2 j'ai toujours le même message et je n'arrive pas à le lancer.

"cette application n'a pu démarrer car SrClient.dll est introuvable."

J'ai essayé de le télécharger sur plusieurs sites mais j'ai le même message à chaque fois.

Sinon, le Pc va beaucoup mieux. De temps en temps il ralentit mais ça ne dure pas longtemps.

Que dois je faire pour supprimer tous les programmes télécharger ?

Merci à toi pour le temps passé !

Je n'ai aucune pages de pub qui apparaissent.

C'est vrai que je télécharge souvent avec e-mule (la majorité ce sont des films) à part lundi ou j'ai téléchargé TuneUp Utilities avec qui contenait un crack pour utiliser le programme.

Tu penses que je suis encore infesté ?

Voici le rapport de findykill :



############################## [ FindyKill V4.727 ]

# User : Administrateur (Administrateurs) # PCTITAN
# Update on 27/04/09 by Chiquitine29
# Start at: 23:28:18 | 28/04/2009
# Website : http://pagesperso-orange.fr/FindyKill.Ad.Remover/

# Intel(R) Celeron(R) CPU 2.40GHz
# Microsoft Windows XP Professionnel (5.1.2600 32-bit) # Service Pack 2
# Internet Explorer 6.0.2900.2180
# Windows Firewall Status : Enabled

# A:\ # Lecteur de disquettes 3 ½ pouces
# C:\ # Disque fixe local # 19,53 Go (9,06 Go free) # NTFS
# D:\ # Disque fixe local # 19,53 Go (19,28 Go free) # NTFS
# E:\ # Disque fixe local # 19,53 Go (4,81 Go free) # NTFS
# F:\ # Disque fixe local # 18,08 Go (13,73 Go free) # NTFS
# G:\ # Disque CD-ROM
# J:\ # Disque amovible

############################## [ Processus actifs ]

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Documents and Settings\Administrateur\Local Settings\Application Data\Votre Opinion\PanelApp\PanelApp.exe
C:\Program Files\OrangeHSS\Launcher\Launcher.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\AlertModule\1\AlertModule.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\1\FTRTSVC.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\Program Files\OrangeHSS\systray\systrayapp.exe
C:\Program Files\OrangeHSS\connectivity\connectivitymanager.exe
C:\Program Files\OrangeHSS\connectivity\CoreCom\CoreCom.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
C:\WINDOWS\System32\TUProgSt.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\OrangeHSS\connectivity\CoreCom\OraConfigRecover.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTCOMModule\1\FTCOMModule.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\MSN Messenger\usnsvc.exe

################## [ Fichiers / Dossiers infectieux ]


################## [ Infected Temp Files ]


################## [ Registre / Clés infectieuses ]

Found ! HKEY_USERS\S-1-5-21-1177238915-1957994488-839522115-500\Software\MuleAppData


################## [ Recherche dans supports amovibles]


################## [ Registre / Mountpoints2 ]

# -> Not found !

################## [ ! Fin du rapport # FindyKill V4.727 ! ]