lol?dollarev!!!et autres

Bon jour,
Mon ordinateur est au ralenti, la barre de taches disparaît et il y a des popups entre autres…au demarrage il y a des fichiers dans C:\ comme lol, is450, spupdate27, proxi, sysmgr
______________________
Logfile of HijackThis v1.99.1
Scan saved at 10:45:09, on 15/11/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\U1lTVEVN\command.exe
C:\WINDOWS\dlhost.exe
C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
C:\WINDOWS\system32\inetsrv\inetinfo.exe
C:\WINDOWS\System32\RunDll32.exe
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
C:\WINDOWS\System\msveup.exe
C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\sistray.EXE
C:\WINDOWS\system32\keyhook.exe
C:\WINDOWS\System\SMSS.EXE
C:\WINDOWS\System32\wincmd.exe
C:\WINDOWS\System32\msmsngr.exe
C:\windows\sp2update00.exe
C:\WINDOWS\System32\msnq3insller.exe
C:\WINDOWS\System32\scchost.exe
C:\Program Files\BearShare\BearShare.exe
C:\WINDOWS\System32\system12.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\WINDOWS\lsass.exe
C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe
C:\WINDOWS\System32\netddesrv.exe
C:\WINDOWS\shost.exe
C:\WINDOWS\System32\tcpsvcs.exe
C:\WINDOWS\smsc.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\windat.exe
C:\WINDOWS\cytob.exe
C:\WINDOWS\system32\wincntrl.exe
c:\program files\sdb\programs\pgm\serv.exe
C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe
C:\Program Files\Avant Browser\avant.exe
C:\Documents and Settings\Renato Barrios\Mes documents\Install\HijackThis.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\WINDOWS\System32\BHSV.EXE
C:\WINDOWS\System32\BHSV.EXE

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://searchbar.findthewebsiteyouneed.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://searchbar.findthewebsiteyouneed.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://searchbar.findthewebsiteyouneed.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.findthewebsiteyouneed.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://home.free.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://searchbar.findthewebsiteyouneed.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://searchbar.findthewebsiteyouneed.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: (no name) - {00DBDAC8-4691-4797-8E6A-7C6AB89BC441} - C:\WINDOWS\System32\vturp.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: MSEvents Object - {FC148228-87E1-4D00-AC06-58DCAA52A4D1} - C:\WINDOWS\System32\geeba.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [SiSUSBRG] C:\WINDOWS\SiSUSBrg.exe
O4 - HKLM\..\Run: [PCTVOICE] pctspk.exe
O4 - HKLM\..\Run: [PV92TRAY] PV92Tray.exe
O4 - HKLM\..\Run: [EPSON Stylus C44 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE /P23 "EPSON Stylus C44 Series" /O6 "USB001" /M "Stylus C44"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [msnappau] "C:\Program Files\MSN Apps\Updater\01.02.3000.1001\fr\msnappau.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
O4 - HKLM\..\Run: [.msfupdate] C:\WINDOWS\System\msveup.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Aim Bend Start Safe] C:\Documents and Settings\All Users\Application Data\Rectencaimbend\Heckball.exe
O4 - HKLM\..\Run: [SiS Tray] C:\WINDOWS\system32\sistray.EXE
O4 - HKLM\..\Run: [SiS Windows KeyHook] C:\WINDOWS\system32\keyhook.exe
O4 - HKLM\..\Run: [smss] C:\WINDOWS\System\SMSS.EXE
O4 - HKLM\..\Run: [Microsoft Command Line] wincmd.exe
O4 - HKLM\..\Run: [msmsngr] C:\WINDOWS\System32\msmsngr.exe
O4 - HKLM\..\Run: [msresearch] C:\windows\msresearch.exe
O4 - HKLM\..\Run: [sp2update] C:\windows\sp2update00.exe
O4 - HKLM\..\Run: [MS Unix Binary] msnq3insller.exe
O4 - HKLM\..\Run: [Alive SYstem] C:\WINDOWS\System32\scchost.exe
O4 - HKLM\..\Run: [BearShare] "C:\Program Files\BearShare\BearShare.exe" /pause
O4 - HKLM\..\Run: [Browser Help Svc] BHSV.EXE
O4 - HKLM\..\Run: [Microsoft Windows 128bit Subsystem] C:\WINDOWS\System32\system12.exe
O4 - HKLM\..\RunServices: [Microsoft Command Line] wincmd.exe
O4 - HKLM\..\RunServices: [MS Unix Binary] msnq3insller.exe
O4 - HKLM\..\RunServices: [Browser Help Svc] BHSV.EXE
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Internet Help Svc] IHSVC.EXE
O4 - HKCU\..\Run: [MS Unix Binary] msnq3insller.exe
O4 - HKCU\..\Run: [Browser Help Svc] BHSV.EXE
O4 - HKCU\..\RunServices: [Internet Help Svc] IHSVC.EXE
O4 - HKCU\..\RunServices: [Browser Help Svc] BHSV.EXE
O8 - Extra context menu item: Bloquer ce serveur... - C:\Program Files\Avant Browser\AddAllToADBlackList.htm
O8 - Extra context menu item: Bloquer cette publicité... - C:\Program Files\Avant Browser\AddToADBlackList.htm
O8 - Extra context menu item: Ouvrir dans une nouvelle fenêtre d'Avant Browser - C:\Program Files\Avant Browser\OpenInNewBrowser.htm
O8 - Extra context menu item: Ouvrir tous les liens de la page... - C:\Program Files\Avant Browser\OpenAllLinks.htm
O8 - Extra context menu item: Rechercher sur le Web... - C:\Program Files\Avant Browser\Search.htm
O8 - Extra context menu item: Surligner - C:\Program Files\Avant Browser\Highlight.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O14 - IERESET.INF: START_PAGE_URL=http://home.free.fr/
O16 - DPF: teleir_cert - https://static.ir.dgi.minefi.gouv.fr/secure/connexion/a...
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=36467&clcid=0x40...
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Cont...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Contro...
O17 - HKLM\System\CCS\Services\Tcpip\..\{1344BCCC-08DA-4445-979A-7C2B26CF7559}: Domain = free.fr
O17 - HKLM\System\CS1\Services\Tcpip\..\{1344BCCC-08DA-4445-979A-7C2B26CF7559}: Domain = free.fr
O17 - HKLM\System\CS2\Services\Tcpip\..\{1344BCCC-08DA-4445-979A-7C2B26CF7559}: Domain = free.fr
O20 - Winlogon Notify: geeba - C:\WINDOWS\System32\geeba.dll
O20 - Winlogon Notify: vturp - C:\WINDOWS\SYSTEM32\vturp.dll
O23 - Service: Command Service (cmdService) - Unknown owner - C:\WINDOWS\U1lTVEVN\command.exe
O23 - Service: DynamicHost (DLHOST) - Unknown owner - C:\WINDOWS\dlhost.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
O23 - Service: Defragmentation Management Handler (FAT Defragmentation) - Unknown owner - C:\WINDOWS\System32\dfrgfat32.exe
O23 - Service: Enables Java Support (Java) - Unknown owner - C:\WINDOWS\System32\winjava.exe
O23 - Service: Kerio Personal Firewall 4 (KPF4) - Kerio Technologies - C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe
O23 - Service: Local Security Authority Subsystem Service (lsass) - Unknown owner - C:\WINDOWS\lsass.exe
O23 - Service: NetDDE Server (NetDDEsrv) - Unknown owner - C:\WINDOWS\System32\netddesrv.exe
O23 - Service: Sandra Data Service (SandraDataSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2005.SR1\RpcDataSrv.exe
O23 - Service: Sandra Service (SandraTheSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2005.SR1\RpcSandraSrv.exe
O23 - Service: SAPDB: .M760010 (SAP DBTech-.M760010) - MySQL MaxDB - c:\program files\sdb\maxdb1\pgm\kernel.exe
O23 - Service: SAPDB: .M760010 (quick) (SAP DBTech-.M760010 (quick)) - MySQL MaxDB - c:\program files\sdb\maxdb1\pgm\quickknl.exe
O23 - Service: SAPDB: .M760010 (slow) (SAP DBTech-.M760010 (slow)) - MySQL MaxDB - c:\program files\sdb\maxdb1\pgm\slowknl.exe
O23 - Service: SAPDB: .M760010 (omststknl.exe) (SAP DBTech-.M760010 (test)) - Unknown owner - c:\program files\sdb\maxdb1\pgm\omststknl.exe (file missing)
O23 - Service: SAPDB: DEMODB (SAP DBTech-DEMODB) - MySQL MaxDB - c:\program files\sdb\maxdb1\pgm\kernel.exe
O23 - Service: SAPDB: DEMODB (quick) (SAP DBTech-DEMODB (quick)) - MySQL MaxDB - c:\program files\sdb\maxdb1\pgm\quickknl.exe
O23 - Service: SAPDB: DEMODB (slow) (SAP DBTech-DEMODB (slow)) - MySQL MaxDB - c:\program files\sdb\maxdb1\pgm\slowknl.exe
O23 - Service: SAPDB: DEMODB (omststknl.exe) (SAP DBTech-DEMODB (test)) - Unknown owner - c:\program files\sdb\maxdb1\pgm\omststknl.exe (file missing)
O23 - Service: SAPDB: MAXDB1 (SAP DBTech-MAXDB1) - MySQL MaxDB - C:\Program Files\sdb\MAXDB1\pgm\kernel.exe
O23 - Service: SAPDB: MAXDB1 (quick) (SAP DBTech-MAXDB1 (quick)) - MySQL MaxDB - C:\Program Files\sdb\MAXDB1\pgm\quickknl.exe
O23 - Service: SAPDB: MAXDB1 (slow) (SAP DBTech-MAXDB1 (slow)) - MySQL MaxDB - C:\Program Files\sdb\MAXDB1\pgm\slowknl.exe
O23 - Service: SAPDB: MAXDB1 (omststknl.exe) (SAP DBTech-MAXDB1 (test)) - Unknown owner - C:\Program Files\sdb\MAXDB1\pgm\omststknl.exe (file missing)
O23 - Service: SAPDB: Z (SAP DBTech-Z) - MySQL MaxDB - c:\program files\sdb\maxdb1\pgm\kernel.exe
O23 - Service: SAPDB: Z (quick) (SAP DBTech-Z (quick)) - MySQL MaxDB - c:\program files\sdb\maxdb1\pgm\quickknl.exe
O23 - Service: SAPDB: Z (slow) (SAP DBTech-Z (slow)) - MySQL MaxDB - c:\program files\sdb\maxdb1\pgm\slowknl.exe
O23 - Service: SAPDB: Z (omststknl.exe) (SAP DBTech-Z (test)) - Unknown owner - c:\program files\sdb\maxdb1\pgm\omststknl.exe (file missing)
O23 - Service: SAP DB WWW (SAPDBWWW) - Unknown owner - c:\program files\sdb\programs\web\pgm\wahttp.exe
O23 - Service: Service Hosts (ServiceHost) - Unknown owner - C:\WINDOWS\shost.exe
O23 - Service: SlimFTPd - Unknown owner - C:\DOCUME~1\RENATO~1\LOCALS~1\Temp\Rar$EX08.672\SlimFTPd.exe" -service (file missing)
O23 - Service: System Manager Service (SMSC) - Unknown owner - C:\WINDOWS\smsc.exe
O23 - Service: Windows Archiver (winarc) - Unknown owner - C:\WINDOWS\windat.exe
O23 - Service: WindowsSysBoot - Unknown owner - C:\WINDOWS\cytob.exe
O23 - Service: MS Dns Service (WinNet) - Unknown owner - C:\WINDOWS\system32\wincntrl.exe
O23 - Service: XServer - MySQL MaxDB - c:\program files\sdb\programs\pgm\serv.exe
__________________
la ligne 020 reaparaît toujours après essaisd e fixer.
Merci!!!!