Pub intempestives sous vista pour novice

bonjour et merci de me donner un coup de main!
pour info, je fais la manip sur le pc en direct (si vous êtes là...), celui sur lequel je parle avec vous n'a pas de problème... croisons les doigts!
voilà le rapport log:

-----------------------[ Lop S&D 4.2.0-8 XP/Vista ]---------------------

[ Windows 'Longhorn' (NT 6.0) Workstation Build 6000 ]
[ USER : MichŠle ] [ "C:\Lop SD" ] [ Selection : 1 ]
[ 12/05/2008 | 15:17:59,30 ] [ PC : PC-DE-MICHÔLE ]
[ MAJ : 11-05-2008 | 18:25 ]
[ UAC => 0 ]

-------------[ Listing des dossiers dans Application Data ]------------

[06/02/2008|11:42] C:\Users\MICHLE~1\AppData\Roaming\Adobe\Flash Player
[08/07/2007|15:21] C:\Users\MICHLE~1\AppData\Roaming\Adobe\Linguistics
[08/07/2007|15:20] C:\Users\MICHLE~1\AppData\Roaming\Adobe\Acrobat

[19/10/2007|10:01] C:\Users\MICHLE~1\AppData\Roaming\Google\Local Search History

[12/05/2008|15:13] C:\Users\MICHLE~1\AppData\Roaming\HP\CRMLogs
[21/09/2007|14:56] C:\Users\MICHLE~1\AppData\Roaming\HP\ScLogs
[18/06/2007|11:59] C:\Users\MICHLE~1\AppData\Roaming\HP\Digital Imaging
[17/06/2007|16:01] C:\Users\MICHLE~1\AppData\Roaming\HP\Install

[17/06/2007|15:39] C:\Users\MICHLE~1\AppData\Roaming\Identities\{8A3F80B5-A2BC-4DFC-8754-4EC35A1FFC1A}

[10/04/2008|17:52] C:\Users\MICHLE~1\AppData\Roaming\Image Zone Express\thumbnailSel.db
[10/04/2008|17:52] C:\Users\MICHLE~1\AppData\Roaming\Image Zone Express\layouts.db
[19/06/2007|19:20] C:\Users\MICHLE~1\AppData\Roaming\Image Zone Express\assets.yos
[19/06/2007|19:20] C:\Users\MICHLE~1\AppData\Roaming\Image Zone Express\FolderList.yos
[19/06/2007|19:20] C:\Users\MICHLE~1\AppData\Roaming\Image Zone Express\thumbnail.db
[19/06/2007|19:20] C:\Users\MICHLE~1\AppData\Roaming\Image Zone Express\asset.yos

[29/06/2007|18:14] C:\Users\MICHLE~1\AppData\Roaming\Macromedia\Flash Player


[09/01/2008|19:52] C:\Users\MICHLE~1\AppData\Roaming\Microsoft\MSN Messenger
[28/09/2007|09:27] C:\Users\MICHLE~1\AppData\Roaming\Microsoft\HTML Help
[09/09/2007|12:50] C:\Users\MICHLE~1\AppData\Roaming\Microsoft\MMC
[05/08/2007|14:57] C:\Users\MICHLE~1\AppData\Roaming\Microsoft\Crypto
[09/07/2007|10:21] C:\Users\MICHLE~1\AppData\Roaming\Microsoft\Windows Live Call
[09/07/2007|10:21] C:\Users\MICHLE~1\AppData\Roaming\Microsoft\IdentityCRL
[08/07/2007|15:03] C:\Users\MICHLE~1\AppData\Roaming\Microsoft\Windows
[24/06/2007|14:08] C:\Users\MICHLE~1\AppData\Roaming\Microsoft\eHome
[19/06/2007|19:18] C:\Users\MICHLE~1\AppData\Roaming\Microsoft\Internet Explorer
[17/06/2007|15:44] C:\Users\MICHLE~1\AppData\Roaming\Microsoft\Network
[17/06/2007|15:40] C:\Users\MICHLE~1\AppData\Roaming\Microsoft\CLR Security Config
[17/06/2007|15:40] C:\Users\MICHLE~1\AppData\Roaming\Microsoft\SystemCertificates
[17/06/2007|15:39] C:\Users\MICHLE~1\AppData\Roaming\Microsoft\Protect
[17/06/2007|15:32] C:\Users\MICHLE~1\AppData\Roaming\Microsoft\Credentials

[17/06/2007|15:39] C:\Users\MICHLE~1\AppData\Roaming\OFFICE One v7\OFFICE One Startup v7

[17/06/2007|15:43] C:\Users\MICHLE~1\AppData\Roaming\OFFICEOne7\user

[12/05/2008|15:12] C:\Users\MICHLE~1\AppData\Roaming\Packard Bell\Setup my PC
[29/04/2008|18:09] C:\Users\MICHLE~1\AppData\Roaming\Packard Bell\Smart Restore
[29/12/2007|14:17] C:\Users\MICHLE~1\AppData\Roaming\Packard Bell\PBUpdator
[08/08/2007|10:19] C:\Users\MICHLE~1\AppData\Roaming\Packard Bell\InfoCentre
[17/06/2007|15:42] C:\Users\MICHLE~1\AppData\Roaming\Packard Bell\Identity Card

[19/06/2007|19:16] C:\Users\MICHLE~1\AppData\Roaming\Printer Info Cache\HP Photosmart 2570 series 1536.xml

[13/10/2007|19:39] C:\Users\MICHLE~1\AppData\Roaming\Roxio\MediaManager9
[08/07/2007|14:58] C:\Users\MICHLE~1\AppData\Roaming\Roxio\RoxioCentral
[24/06/2007|09:42] C:\Users\MICHLE~1\AppData\Roaming\Roxio\RoxioCentral33

[09/07/2007|10:07] C:\Users\MICHLE~1\AppData\Roaming\UserTile.png\UserTile.png

----------------[ Tâches planifiées dans C:\Windows\tasks ]---------------

[16/04/2008 11:29][--a------] C:\Windows\tasks\Norton Internet Security - Analyse systŠme complŠte - MichŠle.job
[12/05/2008 15:15][--ah-----] C:\Windows\tasks\User_Feed_Synchronization-{E9747EBF-F052-400A-8EA5-F9FF83E13414}.job
[11/05/2008 19:00][--a------] C:\Windows\tasks\Extension de garantie.job
[12/05/2008 15:09][--ah-----] C:\Windows\tasks\SA.DAT
[12/05/2008 15:08][--a------] C:\Windows\tasks\SCHEDLGU.TXT

------[ Listing des dossiers dans C:\ProgramData ]------

[26/01/2007|18:16] C:\ProgramData\Adobe
[26/01/2007|18:18] C:\ProgramData\AOL
[02/11/2006|15:02] C:\ProgramData\Application Data
[30/03/2008|19:39] C:\ProgramData\bold tray ping.4n251xk
[17/06/2007|15:28] C:\ProgramData\Bureau
[26/01/2007|18:27] C:\ProgramData\Ciel
[02/11/2006|15:02] C:\ProgramData\Desktop
[02/11/2006|15:02] C:\ProgramData\Documents
[17/06/2007|15:28] C:\ProgramData\Favoris
[02/11/2006|15:02] C:\ProgramData\Favorites
[26/01/2007|18:21] C:\ProgramData\Google
[19/06/2007|19:19] C:\ProgramData\HP
[18/06/2007|11:58] C:\ProgramData\HPSSUPPLY
[18/06/2007|11:59] C:\ProgramData\hpzinstall.log
[26/01/2007|18:21] C:\ProgramData\InstallShield
[30/04/2008|13:29] C:\ProgramData\Lavasoft
[17/06/2007|15:28] C:\ProgramData\Menu D‚marrer
[30/04/2008|13:57] C:\ProgramData\Messenger Plus!
[25/06/2007|18:12] C:\ProgramData\Microsoft
[17/06/2007|15:28] C:\ProgramData\ModŠles
[26/01/2007|18:35] C:\ProgramData\OFFICE One v7
[09/07/2007|09:53] C:\ProgramData\Roxio
[21/04/2008|10:39] C:\ProgramData\sitemetameta.03kl3
[30/03/2008|19:39] C:\ProgramData\sitemetameta.c0lvtnf
[30/03/2008|19:39] C:\ProgramData\sitemetameta.n0z7rl
[24/06/2007|09:42] C:\ProgramData\Sonic
[02/11/2006|15:02] C:\ProgramData\Start Menu
[29/04/2008|19:37] C:\ProgramData\Symantec
[02/11/2006|15:02] C:\ProgramData\Templates
[30/03/2008|19:39] C:\ProgramData\That Face Camp Shim
[26/01/2007|18:18] C:\ProgramData\Viewpoint
[18/06/2007|11:59] C:\ProgramData\WEBREG
[04/03/2008|16:30] C:\ProgramData\WLInstaller

---------------[ Listing des dossiers dans C:\Program Files ]--------------

[26/01/2007|18:16] C:\Program Files\Adobe
[26/01/2007|18:18] C:\Program Files\AOL
[26/01/2007|18:18] C:\Program Files\AOL 9.0 VR
[29/04/2008|19:05] C:\Program Files\CCleaner
[26/01/2007|18:27] C:\Program Files\Ciel
[30/04/2008|13:27] C:\Program Files\Common Files
[31/08/2007|15:47] C:\Program Files\desktop.ini
[17/06/2007|15:28] C:\Program Files\Fichiers communs [C:\Program Files\Common Files]
[29/06/2007|18:45] C:\Program Files\Google
[26/01/2007|18:16] C:\Program Files\HDReg
[18/06/2007|11:56] C:\Program Files\Hewlett-Packard
[18/06/2007|11:58] C:\Program Files\HP
[26/01/2007|18:35] C:\Program Files\InstallShield Installation Information
[12/04/2008|16:42] C:\Program Files\Internet Explorer
[26/01/2007|18:32] C:\Program Files\ISSENDIS
[30/04/2008|13:28] C:\Program Files\Lavasoft
[29/04/2008|18:56] C:\Program Files\Messenger Plus! Live
[02/11/2006|14:37] C:\Program Files\Microsoft Games
[27/01/2007|02:59] C:\Program Files\Movie Maker
[02/11/2006|14:37] C:\Program Files\MSBuild
[02/11/2006|14:37] C:\Program Files\MSN
[02/07/2007|13:16] C:\Program Files\MSXML 4.0
[16/09/2007|14:01] C:\Program Files\Neuf
[23/11/2007|12:19] C:\Program Files\Norton Internet Security
[26/01/2007|18:36] C:\Program Files\OFFICE ONE 7.0
[26/01/2007|18:35] C:\Program Files\OFFICE One v7
[26/01/2007|18:37] C:\Program Files\Packard Bell
[26/01/2007|18:14] C:\Program Files\Realtek
[02/11/2006|14:37] C:\Program Files\Reference Assemblies
[26/01/2007|18:21] C:\Program Files\Roxio
[26/01/2007|18:37] C:\Program Files\Skype
[06/12/2007|19:34] C:\Program Files\Symantec
[02/11/2006|15:01] C:\Program Files\Uninstall Information
[26/01/2007|18:18] C:\Program Files\Viewpoint
[29/08/2007|11:10] C:\Program Files\Windows Calendar
[27/01/2007|02:59] C:\Program Files\Windows Collaboration
[02/07/2007|19:28] C:\Program Files\Windows Defender
[27/01/2007|02:59] C:\Program Files\Windows Journal
[04/03/2008|16:30] C:\Program Files\Windows Live
[05/09/2007|15:37] C:\Program Files\Windows Live Safety Center
[12/04/2008|16:43] C:\Program Files\Windows Mail
[13/10/2007|19:46] C:\Program Files\Windows Media Player
[17/06/2007|15:28] C:\Program Files\Windows NT
[27/01/2007|02:59] C:\Program Files\Windows Photo Gallery
[12/01/2008|11:07] C:\Program Files\Windows Sidebar

------[ Listing des dossiers dans C:\Program Files\Common Files ]------

[26/01/2007|18:16] C:\Program Files\Common Files\Adobe
[26/01/2007|18:18] C:\Program Files\Common Files\aol
[26/01/2007|18:18] C:\Program Files\Common Files\aolshare
[26/01/2007|18:27] C:\Program Files\Common Files\Ciel
[18/06/2007|11:56] C:\Program Files\Common Files\Hewlett-Packard
[18/06/2007|11:58] C:\Program Files\Common Files\HP
[26/01/2007|18:21] C:\Program Files\Common Files\InstallShield
[04/03/2008|16:32] C:\Program Files\Common Files\microsoft shared
[26/01/2007|18:27] C:\Program Files\Common Files\MSSoap
[26/01/2007|18:18] C:\Program Files\Common Files\Nullsoft
[26/01/2007|18:21] C:\Program Files\Common Files\Roxio Shared
[02/11/2006|13:18] C:\Program Files\Common Files\Services
[26/01/2007|18:21] C:\Program Files\Common Files\Sonic Shared
[02/11/2006|13:18] C:\Program Files\Common Files\SpeechEngines
[26/01/2007|18:21] C:\Program Files\Common Files\SureThing Shared
[24/04/2008|14:01] C:\Program Files\Common Files\Symantec Shared
[02/07/2007|19:28] C:\Program Files\Common Files\System
[04/03/2008|16:31] C:\Program Files\Common Files\WindowsLiveInstaller
[30/04/2008|13:27] C:\Program Files\Common Files\Wise Installation Wizard

---------------------------[ Process ]--------------------------

... 67

iexplore.exe ~ [2588]

----------------------[ Recherche avec S_Lop ]---------------------

C:\ProgramData\bold tray ping.4n251xk
C:\ProgramData\bold tray ping.4n251xk

-----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------

C:\ProgramData\That Face Camp Shim
C:\ProgramData\That Face Camp Shim\internet mfcd.exe

----------------------[ Verification du Registre ]----------------------

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

..... OK !

--------------------[ Verification du fichier Hosts ]---------------------

Fichier Hosts PROPRE


----------------[ Recherche de fichiers avec Catchme ]-----------------

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-05-12 15:18:22
Windows 6.0.6000 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0

--------------------[ Recherche d'autres infections ]---------------------


Aucune autre infection trouvée !

/!\ [Fich:5673][Doss:106] C:\Users\MICHLE~1\AppData\Local\Temp
/!\ [Fich:86][Doss:1] C:\Users\MICHLE~1\AppData\Roaming\MICROS~1\Windows\Cookies
/!\ [Fich:193][Doss:4] C:\Users\MICHLE~1\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5

[ UAC => 1 ]

--------------------[ Fin du rapport a 15:18:52,51 ]----------------------

et le rapport Hijack
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:31:57, on 12/05/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16643)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Common Files\aol\1169828225\ee\aolsoftware.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Packard Bell\FIJI\ABoard.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopCrawl.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe
C:\Windows\system32\conime.exe
C:\Windows\explorer.exe
C:\Windows\System32\mobsync.exe
C:\HijackThis\HijackThis.exe
C:\Windows\system32\SearchFilterHost.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://actus.sfr.fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = https://actus.sfr.fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\NppBho.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Google\Google_BAE\BAE.dll
O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\UIBHO.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1169828225\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton Internet Security\osCheck.exe"
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [toolbar_eula_launcher] C:\Program Files\Packard Bell\GOOGLE_EULA\EULALauncher.exe
O4 - HKLM\..\Run: [ACTIVBOARD] C:\Program Files\Packard Bell\FIJI\aboard.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [SmpcSys] C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Flagdelete] "C:\ProgramData\sitemetameta.03kl3"
O4 - HKCU\..\Run: [CAMP SHIM EXIT HECK] "C:\ProgramData\bold tray ping.4n251xk"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: OFFICE One Startup v7.lnk = ?
O13 - Gopher Prefix:
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktopManager.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Validation de mot de passe Symantec IS (ISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\isPwdSvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe

voici le rapport!


-----------------------[ Lop S&D 4.2.0-8 XP/Vista ]---------------------

[ Windows 'Longhorn' (NT 6.0) Workstation Build 6000 ]
[ USER : MichŠle ] [ "C:\Lop SD" ] [ Selection : 2 ]
[ 12/05/2008 | 16:21:50,49 ] [ PC : PC-DE-MICHÔLE ]
[ MAJ : 11-05-2008 | 18:25 ]
[ UAC => 0 ]


\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION /////////////////////////////

Supprimé! - C:\ProgramData\That Face Camp Shim\internet mfcd.exe
Supprimé! - C:\ProgramData\bold tray ping.4n251xk
Supprimé! - C:\ProgramData\That Face Camp Shim
Restauré! - Fichier Hosts

//////////////////////////////////////-\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\


-------------[ Listing des dossiers dans Application Data ]------------

[06/02/2008|11:42] C:\Users\MICHLE~1\AppData\Roaming\Adobe\Flash Player
[08/07/2007|15:21] C:\Users\MICHLE~1\AppData\Roaming\Adobe\Linguistics
[08/07/2007|15:20] C:\Users\MICHLE~1\AppData\Roaming\Adobe\Acrobat

[19/10/2007|10:01] C:\Users\MICHLE~1\AppData\Roaming\Google\Local Search History

[12/05/2008|15:13] C:\Users\MICHLE~1\AppData\Roaming\HP\CRMLogs
[21/09/2007|14:56] C:\Users\MICHLE~1\AppData\Roaming\HP\ScLogs
[18/06/2007|11:59] C:\Users\MICHLE~1\AppData\Roaming\HP\Digital Imaging
[17/06/2007|16:01] C:\Users\MICHLE~1\AppData\Roaming\HP\Install

[17/06/2007|15:39] C:\Users\MICHLE~1\AppData\Roaming\Identities\{8A3F80B5-A2BC-4DFC-8754-4EC35A1FFC1A}

[10/04/2008|17:52] C:\Users\MICHLE~1\AppData\Roaming\Image Zone Express\thumbnailSel.db
[10/04/2008|17:52] C:\Users\MICHLE~1\AppData\Roaming\Image Zone Express\layouts.db
[19/06/2007|19:20] C:\Users\MICHLE~1\AppData\Roaming\Image Zone Express\assets.yos
[19/06/2007|19:20] C:\Users\MICHLE~1\AppData\Roaming\Image Zone Express\FolderList.yos
[19/06/2007|19:20] C:\Users\MICHLE~1\AppData\Roaming\Image Zone Express\thumbnail.db
[19/06/2007|19:20] C:\Users\MICHLE~1\AppData\Roaming\Image Zone Express\asset.yos

[29/06/2007|18:14] C:\Users\MICHLE~1\AppData\Roaming\Macromedia\Flash Player


[09/01/2008|19:52] C:\Users\MICHLE~1\AppData\Roaming\Microsoft\MSN Messenger
[28/09/2007|09:27] C:\Users\MICHLE~1\AppData\Roaming\Microsoft\HTML Help
[09/09/2007|12:50] C:\Users\MICHLE~1\AppData\Roaming\Microsoft\MMC
[05/08/2007|14:57] C:\Users\MICHLE~1\AppData\Roaming\Microsoft\Crypto
[09/07/2007|10:21] C:\Users\MICHLE~1\AppData\Roaming\Microsoft\Windows Live Call
[09/07/2007|10:21] C:\Users\MICHLE~1\AppData\Roaming\Microsoft\IdentityCRL
[08/07/2007|15:03] C:\Users\MICHLE~1\AppData\Roaming\Microsoft\Windows
[24/06/2007|14:08] C:\Users\MICHLE~1\AppData\Roaming\Microsoft\eHome
[19/06/2007|19:18] C:\Users\MICHLE~1\AppData\Roaming\Microsoft\Internet Explorer
[17/06/2007|15:44] C:\Users\MICHLE~1\AppData\Roaming\Microsoft\Network
[17/06/2007|15:40] C:\Users\MICHLE~1\AppData\Roaming\Microsoft\CLR Security Config
[17/06/2007|15:40] C:\Users\MICHLE~1\AppData\Roaming\Microsoft\SystemCertificates
[17/06/2007|15:39] C:\Users\MICHLE~1\AppData\Roaming\Microsoft\Protect
[17/06/2007|15:32] C:\Users\MICHLE~1\AppData\Roaming\Microsoft\Credentials

[17/06/2007|15:39] C:\Users\MICHLE~1\AppData\Roaming\OFFICE One v7\OFFICE One Startup v7

[17/06/2007|15:43] C:\Users\MICHLE~1\AppData\Roaming\OFFICEOne7\user

[12/05/2008|16:21] C:\Users\MICHLE~1\AppData\Roaming\Packard Bell\Setup my PC
[29/04/2008|18:09] C:\Users\MICHLE~1\AppData\Roaming\Packard Bell\Smart Restore
[29/12/2007|14:17] C:\Users\MICHLE~1\AppData\Roaming\Packard Bell\PBUpdator
[08/08/2007|10:19] C:\Users\MICHLE~1\AppData\Roaming\Packard Bell\InfoCentre
[17/06/2007|15:42] C:\Users\MICHLE~1\AppData\Roaming\Packard Bell\Identity Card

[19/06/2007|19:16] C:\Users\MICHLE~1\AppData\Roaming\Printer Info Cache\HP Photosmart 2570 series 1536.xml

[13/10/2007|19:39] C:\Users\MICHLE~1\AppData\Roaming\Roxio\MediaManager9
[08/07/2007|14:58] C:\Users\MICHLE~1\AppData\Roaming\Roxio\RoxioCentral
[24/06/2007|09:42] C:\Users\MICHLE~1\AppData\Roaming\Roxio\RoxioCentral33

[09/07/2007|10:07] C:\Users\MICHLE~1\AppData\Roaming\UserTile.png\UserTile.png

----------------[ Tâches planifiées dans C:\Windows\tasks ]---------------

[16/04/2008 11:29][--a------] C:\Windows\tasks\Norton Internet Security - Analyse systŠme complŠte - MichŠle.job
[12/05/2008 16:20][--ah-----] C:\Windows\tasks\User_Feed_Synchronization-{E9747EBF-F052-400A-8EA5-F9FF83E13414}.job
[12/05/2008 16:00][--a------] C:\Windows\tasks\Extension de garantie.job
[12/05/2008 16:21][--ah-----] C:\Windows\tasks\SA.DAT
[12/05/2008 16:20][--a------] C:\Windows\tasks\SCHEDLGU.TXT

------[ Listing des dossiers dans C:\ProgramData ]------

[26/01/2007|18:16] C:\ProgramData\Adobe
[26/01/2007|18:18] C:\ProgramData\AOL
[02/11/2006|15:02] C:\ProgramData\Application Data
[17/06/2007|15:28] C:\ProgramData\Bureau
[26/01/2007|18:27] C:\ProgramData\Ciel
[02/11/2006|15:02] C:\ProgramData\Desktop
[02/11/2006|15:02] C:\ProgramData\Documents
[17/06/2007|15:28] C:\ProgramData\Favoris
[02/11/2006|15:02] C:\ProgramData\Favorites
[26/01/2007|18:21] C:\ProgramData\Google
[19/06/2007|19:19] C:\ProgramData\HP
[18/06/2007|11:58] C:\ProgramData\HPSSUPPLY
[18/06/2007|11:59] C:\ProgramData\hpzinstall.log
[26/01/2007|18:21] C:\ProgramData\InstallShield
[30/04/2008|13:29] C:\ProgramData\Lavasoft
[17/06/2007|15:28] C:\ProgramData\Menu D‚marrer
[30/04/2008|13:57] C:\ProgramData\Messenger Plus!
[25/06/2007|18:12] C:\ProgramData\Microsoft
[17/06/2007|15:28] C:\ProgramData\ModŠles
[26/01/2007|18:35] C:\ProgramData\OFFICE One v7
[09/07/2007|09:53] C:\ProgramData\Roxio
[21/04/2008|10:39] C:\ProgramData\sitemetameta.03kl3
[30/03/2008|19:39] C:\ProgramData\sitemetameta.c0lvtnf
[30/03/2008|19:39] C:\ProgramData\sitemetameta.n0z7rl
[24/06/2007|09:42] C:\ProgramData\Sonic
[02/11/2006|15:02] C:\ProgramData\Start Menu
[29/04/2008|19:37] C:\ProgramData\Symantec
[02/11/2006|15:02] C:\ProgramData\Templates
[26/01/2007|18:18] C:\ProgramData\Viewpoint
[18/06/2007|11:59] C:\ProgramData\WEBREG
[04/03/2008|16:30] C:\ProgramData\WLInstaller

---------------[ Listing des dossiers dans C:\Program Files ]--------------

[26/01/2007|18:16] C:\Program Files\Adobe
[26/01/2007|18:18] C:\Program Files\AOL
[26/01/2007|18:18] C:\Program Files\AOL 9.0 VR
[29/04/2008|19:05] C:\Program Files\CCleaner
[26/01/2007|18:27] C:\Program Files\Ciel
[30/04/2008|13:27] C:\Program Files\Common Files
[31/08/2007|15:47] C:\Program Files\desktop.ini
[17/06/2007|15:28] C:\Program Files\Fichiers communs [C:\Program Files\Common Files]
[29/06/2007|18:45] C:\Program Files\Google
[26/01/2007|18:16] C:\Program Files\HDReg
[18/06/2007|11:56] C:\Program Files\Hewlett-Packard
[18/06/2007|11:58] C:\Program Files\HP
[26/01/2007|18:35] C:\Program Files\InstallShield Installation Information
[12/04/2008|16:42] C:\Program Files\Internet Explorer
[26/01/2007|18:32] C:\Program Files\ISSENDIS
[30/04/2008|13:28] C:\Program Files\Lavasoft
[29/04/2008|18:56] C:\Program Files\Messenger Plus! Live
[02/11/2006|14:37] C:\Program Files\Microsoft Games
[27/01/2007|02:59] C:\Program Files\Movie Maker
[02/11/2006|14:37] C:\Program Files\MSBuild
[02/11/2006|14:37] C:\Program Files\MSN
[02/07/2007|13:16] C:\Program Files\MSXML 4.0
[16/09/2007|14:01] C:\Program Files\Neuf
[23/11/2007|12:19] C:\Program Files\Norton Internet Security
[26/01/2007|18:36] C:\Program Files\OFFICE ONE 7.0
[26/01/2007|18:35] C:\Program Files\OFFICE One v7
[26/01/2007|18:37] C:\Program Files\Packard Bell
[26/01/2007|18:14] C:\Program Files\Realtek
[02/11/2006|14:37] C:\Program Files\Reference Assemblies
[26/01/2007|18:21] C:\Program Files\Roxio
[26/01/2007|18:37] C:\Program Files\Skype
[06/12/2007|19:34] C:\Program Files\Symantec
[02/11/2006|15:01] C:\Program Files\Uninstall Information
[26/01/2007|18:18] C:\Program Files\Viewpoint
[29/08/2007|11:10] C:\Program Files\Windows Calendar
[27/01/2007|02:59] C:\Program Files\Windows Collaboration
[02/07/2007|19:28] C:\Program Files\Windows Defender
[27/01/2007|02:59] C:\Program Files\Windows Journal
[04/03/2008|16:30] C:\Program Files\Windows Live
[05/09/2007|15:37] C:\Program Files\Windows Live Safety Center
[12/04/2008|16:43] C:\Program Files\Windows Mail
[13/10/2007|19:46] C:\Program Files\Windows Media Player
[17/06/2007|15:28] C:\Program Files\Windows NT
[27/01/2007|02:59] C:\Program Files\Windows Photo Gallery
[12/01/2008|11:07] C:\Program Files\Windows Sidebar

------[ Listing des dossiers dans C:\Program Files\Common Files ]------

[26/01/2007|18:16] C:\Program Files\Common Files\Adobe
[26/01/2007|18:18] C:\Program Files\Common Files\aol
[26/01/2007|18:18] C:\Program Files\Common Files\aolshare
[26/01/2007|18:27] C:\Program Files\Common Files\Ciel
[18/06/2007|11:56] C:\Program Files\Common Files\Hewlett-Packard
[18/06/2007|11:58] C:\Program Files\Common Files\HP
[26/01/2007|18:21] C:\Program Files\Common Files\InstallShield
[04/03/2008|16:32] C:\Program Files\Common Files\microsoft shared
[26/01/2007|18:27] C:\Program Files\Common Files\MSSoap
[26/01/2007|18:18] C:\Program Files\Common Files\Nullsoft
[26/01/2007|18:21] C:\Program Files\Common Files\Roxio Shared
[02/11/2006|13:18] C:\Program Files\Common Files\Services
[26/01/2007|18:21] C:\Program Files\Common Files\Sonic Shared
[02/11/2006|13:18] C:\Program Files\Common Files\SpeechEngines
[26/01/2007|18:21] C:\Program Files\Common Files\SureThing Shared
[24/04/2008|14:01] C:\Program Files\Common Files\Symantec Shared
[02/07/2007|19:28] C:\Program Files\Common Files\System
[04/03/2008|16:31] C:\Program Files\Common Files\WindowsLiveInstaller
[30/04/2008|13:27] C:\Program Files\Common Files\Wise Installation Wizard

---------------------------[ Process ]--------------------------

... 48

... OK !

----------------------[ Recherche avec S_Lop ]---------------------

Aucun fichier / dossier Lop trouvé !

-----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------

Aucun fichier / dossier Lop trouvé !

----------------------[ Verification du Registre ]----------------------

..... OK !

--------------------[ Verification du fichier Hosts ]---------------------

Fichier Hosts PROPRE


----------------[ Recherche de fichiers avec Catchme ]-----------------

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-05-12 16:22:24
Windows 6.0.6000 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0

--------------------[ Recherche d'autres infections ]---------------------


Aucune autre infection trouvée !

/!\ [Fich:5676][Doss:106] C:\Users\MICHLE~1\AppData\Local\Temp
/!\ [Fich:86][Doss:1] C:\Users\MICHLE~1\AppData\Roaming\MICROS~1\Windows\Cookies
/!\ [Fich:193][Doss:4] C:\Users\MICHLE~1\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5

[ UAC => 1 ]

--------------------[ Fin du rapport a 16:23:17,74 ]----------------------


Merci

ok, je mets les rapports et je fais le reste!

C:\ProgramData\sitemetameta.03kl3 moved successfully.
C:\ProgramData\sitemetameta.c0lvtnf moved successfully.
C:\ProgramData\sitemetameta.n0z7rl moved successfully.

OTMoveIt2 by OldTimer - Version 1.0.4.1 log created on 05122008_164258

________________


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:46:04, on 12/05/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16643)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Common Files\aol\1169828225\ee\aolsoftware.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Packard Bell\FIJI\ABoard.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopCrawl.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Windows\explorer.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\System32\mobsync.exe
C:\Windows\system32\SearchFilterHost.exe
C:\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://actus.sfr.fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = https://actus.sfr.fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\NppBho.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Google\Google_BAE\BAE.dll
O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\UIBHO.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1169828225\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton Internet Security\osCheck.exe"
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [toolbar_eula_launcher] C:\Program Files\Packard Bell\GOOGLE_EULA\EULALauncher.exe
O4 - HKLM\..\Run: [ACTIVBOARD] C:\Program Files\Packard Bell\FIJI\aboard.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [SmpcSys] C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Flagdelete] "C:\ProgramData\sitemetameta.03kl3"
O4 - HKCU\..\Run: [CAMP SHIM EXIT HECK] "C:\ProgramData\bold tray ping.4n251xk"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: OFFICE One Startup v7.lnk = ?
O13 - Gopher Prefix:
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktopManager.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Validation de mot de passe Symantec IS (ISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\isPwdSvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe

le lien pour AVG ne fonctionne pas :(

File/Folder C:\ProgramData\bold tray ping.4n251xk not found.

OTMoveIt2 by OldTimer - Version 1.0.4.1 log created on 05122008_171808

ok, je suis à présent en mode sans échec, mais le programme avg ne répond pas.

oui oui, j'ai fait tout le reste! avg se lance difficilement en mode normal, mais il a trouvé plein de cookies, qu'il va supprimer. je m'occupe d'ewido. je le lance en mode sans échec?

voilà pour ewido
________________________________________________
ewido anti-spyware online scanner
https://www.avg.com/en-us/free-antivirus-download
__________________________________________________


Name: TrackingCookie.Casinoking
Path: C:\Users\Michèle\AppData\Roaming\Microsoft\Windows\Cookies\Low\michèle@banner.casinoking[2].txt
Risk: Medium

Name: TrackingCookie.Hitbox
Path: C:\Users\Michèle\AppData\Roaming\Microsoft\Windows\Cookies\Low\michèle@ehg-neuftelecom.hitbox[1].txt
Risk: Medium

Name: TrackingCookie.2o7
Path: C:\Users\Michèle\AppData\Roaming\Microsoft\Windows\Cookies\Low\michèle@partygaming.122.2o7[1].txt
Risk: Medium

Name: TrackingCookie.Netflame
Path: C:\Users\Michèle\AppData\Roaming\Microsoft\Windows\Cookies\Low\michèle@ssl-hints.netflame[1].txt
Risk: Medium

Name: TrackingCookie.Weborama
Path: C:\Users\Michèle\AppData\Roaming\Microsoft\Windows\Cookies\michèle@cetelem.solution.weborama[2].txt
Risk: Medium

Name: TrackingCookie.Netflame
Path: C:\Users\Michèle\AppData\Roaming\Microsoft\Windows\Cookies\michèle@ssl-hints.netflame[2].txt
Risk: Medium

voilà quiest fait!!!

BitDefender Online Scanner



Rapport d'analyse généré à: Mon, May 12, 2008 - 22:14:10





Voie d'analyse: C:\;D:\;E:\;F:\;G:\;H:\;







Statistiques

Temps
00:16:56

Fichiers
79666

Directoires
10781

Secteurs de boot
3

Archives
890

Paquets programmes
8592




Résultats

Virus identifiés
0

Fichiers infectés
0

Fichiers suspects
0

Avertissements
0

Désinfectés
0

Fichiers effacés
0




Info sur les moteurs

Définition virus
1191352

Version des moteurs
AVCORE v1.0 (build 2422) (i386) (Sep 25 2007 08:26:36)

Analyse des plugins
16

Archive des plugins
42

Unpack des plugins
7

E-mail plugins
6

Système plugins
5




Paramètres d'analyse

Première action
Désinfecté

Seconde Action
Supprimé

Heuristique
Oui

Acceptez les avertissements
Oui

Extensions analysées
exe;com;dll;ocx;scr;bin;dat;386;vxd;sys;wdm;cla;class;ovl;ole;hlp;doc;dot;xls;ppt;wbk;wiz;pot;ppa;xla;xlt;vbs;vbe;mdb;rtf;htm;hta;html;xml;xtp;php;asp;js;shs;chm;lnk;pif;prc;url;smm;pfd;msi;ini;csc;cmd;bas;

Excludez les extensions


Analyse d'emails
Oui

Analyse des Archives
Oui

Analyser paquets programmes
Oui

Analyse des fichiers
Oui

Analyse de boot
Oui




Fichier analysé
Statut

Aucun virus trouvé.
qu'en penses-tu?

plus aucune pub en tout cas! merci beaucoup! je dois désinstaller quelque chose?un dernier rapport hitjack?

ok, bonne nuit! à demain

voilà pour le rapport:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:22:44, on 13/05/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16643)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Common Files\aol\1169828225\ee\aolsoftware.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Packard Bell\FIJI\ABoard.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\AVG\AVG8\avgtray.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopCrawl.exe
C:\Windows\system32\taskeng.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://recherche.neuf.fr/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = https://actus.sfr.fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\NppBho.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Google\Google_BAE\BAE.dll
O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\UIBHO.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1169828225\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton Internet Security\osCheck.exe"
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [toolbar_eula_launcher] C:\Program Files\Packard Bell\GOOGLE_EULA\EULALauncher.exe
O4 - HKLM\..\Run: [ACTIVBOARD] C:\Program Files\Packard Bell\FIJI\aboard.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [SmpcSys] C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: OFFICE One Startup v7.lnk = ?
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O13 - Gopher Prefix:
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL,avgrsstx.dll C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktopManager.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Validation de mot de passe Symantec IS (ISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\isPwdSvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe

voici pour le rapport, je m'occupe du reste

-->- Recherche:

C:\Lop SD: trouvé !
C:\HijackThis: trouvé !
C:\_OtMoveIt: trouvé !
C:\HijackThis\HijackThis.exe: trouvé !
C:\Lop SD\Lop S&D.lnk: trouvé !
C:\ProgramData\Microsoft\Windows\Start Menu\Programmes\HijackThis: trouvé !
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HijackThis: trouvé !
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HijackThis\HijackThis.lnk: trouvé !
C:\Users\All Users\Microsoft\Windows\Start Menu\Programmes\HijackThis: trouvé !
C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\HijackThis: trouvé !
C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\HijackThis\HijackThis.lnk: trouvé !
C:\Users\Michèle\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes\Lop S&D: trouvé !
C:\Users\Michèle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lop S&D: trouvé !
C:\Users\Michèle\Desktop\HijackThis.lnk: trouvé !
C:\Users\Michèle\Desktop\Lop S&D.lnk: trouvé !
C:\Users\Michèle\Desktop\LopSD.exe: trouvé !
C:\Users\Michèle\Desktop\OtMoveIt2.exe: trouvé !
C:\Users\Michèle\Desktop\HJTInstall.exe: trouvé !
C:\Users\Michèle\Documents\LopSD.exe: trouvé !

---------------------------------
-->- Suppression:

C:\HijackThis\HijackThis.exe: supprimé !
C:\Lop SD\Lop S&D.lnk: supprimé !
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HijackThis\HijackThis.lnk: supprimé !
C:\Users\Michèle\Desktop\HijackThis.lnk: supprimé !
C:\Users\Michèle\Desktop\Lop S&D.lnk: supprimé !
C:\Users\Michèle\Desktop\LopSD.exe: supprimé !
C:\Users\Michèle\Desktop\OtMoveIt2.exe: supprimé !
C:\Users\Michèle\Desktop\HJTInstall.exe: supprimé !
C:\Users\Michèle\Documents\LopSD.exe: supprimé !
C:\Lop SD: supprimé !
C:\HijackThis: supprimé !
C:\_OtMoveIt: supprimé !
C:\ProgramData\Microsoft\Windows\Start Menu\Programmes\HijackThis: ERREUR DE SUPPRESSION !!
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HijackThis: supprimé !
C:\Users\Michèle\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes\Lop S&D: ERREUR DE SUPPRESSION !!
C:\Users\Michèle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lop S&D: supprimé !

je ne trouve pas de poste de travail (le pc est sous vista...) et je ne connais pas la manip!

sinon, (voir en 26), le pc tourne impec! qu'est ce que je fais alors?

et je dois créer un nouveau point de restauration?

tu peux m'indiquer la manip? et après, je crois que tu pourras aller te coucher! ;)

au fait, tous les logiciels que j'zi installés sur le bureau et le "fix.reg" , j'en fait quoi?

alors, je te remercie vivement (merci, merci, merci!!!!!) et te souhaite bonne continuation!

merci encore!