mon ordi rame

Salut, je ne sais pas comment ca se fait mais mon ordi rame je n'ai pas de virus j'ai défragmenter le disque et rien n'a changer quelu'un pourrait'il m'aider svp

salut

Télécharger Hijackthis sur le bureau
= clic droit dessus ==> renommer ==> écrire : "test"( à la place de "hijackthis")
=Double-clic dessus
= Clic Do a system scan and save the log
-- Le Bloc-Notes s'ouvre :
copier coller le contenu du rapport
=======================================================
merci de mettre tous les rapports sous Spoiler

pour cela sélectionner la totalité de chaque rapport mis dans la case réponse
et clic sur le point d'interrogation en bas à droite de cette case
(à coté de TeX)

voici le coper coller cu rapoort
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:26:43, on 7/12/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe
c:\APPS\HIDSERVICE\HIDSERVICE.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
C:\WINDOWS\Explorer.EXE
c:\APPS\Powercinema\Kernel\TV\CLSched.exe
C:\WINDOWS\RTHDCPL.EXE
C:\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
C:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe
C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe
C:\Apps\Powercinema\PCMService.exe
C:\apps\ABoard\ABoard.exe
C:\apps\ABoard\AOSD.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBEE.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\MSN Pictures Displayer\MSN Pictures Displayer.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\AntiVir PersonalEdition Classic\avscan.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
D:\Documents and Settings\engelaere.111371120317.000\Local Settings\Temporary Internet Files\Content.IE5\ZP85PTJ8\HiJackThis[1].exe
D:\Documents and Settings\engelaere.111371120317.000\Local Settings\Temporary Internet Files\Content.IE5\ZP85PTJ8\HiJackThis[1].exe

O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe

--
End of file - 2883 bytes

le rapport n'est pas complet

et il faudrait corectement lire les instructions

Télécharger Hijackthis sur le bureau
clic droit dessus ==> renommer ==> écrire : "test"( à la place de "hijackthis")
=Double-clic dessus
= Clic Do a system scan and save the log
-- Le Bloc-Notes s'ouvre :
copier coller le contenu du rapport
=======================================================
merci de mettre tous les rapports sous Spoiler

pour cela sélectionner la totalité de chaque rapport mis dans la case réponse
et clic sur le point d'interrogation en bas à droite de cette case
(à coté de TeX)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:26:43, on 7/12/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe
c:\APPS\HIDSERVICE\HIDSERVICE.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
C:\WINDOWS\Explorer.EXE
c:\APPS\Powercinema\Kernel\TV\CLSched.exe
C:\WINDOWS\RTHDCPL.EXE
C:\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
C:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe
C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe
C:\Apps\Powercinema\PCMService.exe
C:\apps\ABoard\ABoard.exe
C:\apps\ABoard\AOSD.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBEE.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\MSN Pictures Displayer\MSN Pictures Displayer.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\AntiVir PersonalEdition Classic\avscan.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
D:\Documents and Settings\engelaere.111371120317.000\Local Settings\Temporary Internet Files\Content.IE5\ZP85PTJ8\HiJackThis[1].exe
D:\Documents and Settings\engelaere.111371120317.000\Local Settings\Temporary Internet Files\Content.IE5\ZP85PTJ8\HiJackThis[1].exe

O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe

--
End of file - 2883 bytes



Ajout du 07-12-2007 à 18:45:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:44:48, on 7/12/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe
c:\APPS\HIDSERVICE\HIDSERVICE.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
C:\WINDOWS\Explorer.EXE
c:\APPS\Powercinema\Kernel\TV\CLSched.exe
C:\WINDOWS\RTHDCPL.EXE
C:\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
C:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe
C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe
C:\Apps\Powercinema\PCMService.exe
C:\apps\ABoard\ABoard.exe
C:\apps\ABoard\AOSD.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBEE.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\MSN Pictures Displayer\MSN Pictures Displayer.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
D:\Documents and Settings\engelaere.111371120317.000\Local Settings\Temporary Internet Files\Content.IE5\ZP85PTJ8\HiJackThis[1].exe
D:\Documents and Settings\engelaere.111371120317.000\Bureau\test.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.fr.msn.be/0SEFRBE/SAOS01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.fr.msn.be/0SEFRBE/SAOS01?FORM=TOOLBR
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://thera.info/recherche.html
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.fr.msn.be/0SEFRBE/SAOS01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://google/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Packard Bell
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [ATIPTA] "C:\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
O4 - HKLM\..\Run: [Vade Retro Outlook Express] "C:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe"
O4 - HKLM\..\Run: [Ulead AutoDetector v2] C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe
O4 - HKLM\..\Run: [PCMService] "c:\Apps\Powercinema\PCMService.exe"
O4 - HKLM\..\Run: [ACTIVBOARD] c:\apps\ABoard\ABoard.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [EPSON Stylus DX4000 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBEE.EXE /FU "C:\WINDOWS\TEMP\E_SA8.tmp" /EF "HKLM"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: ENJOY Plus!.lnk = C:\Program Files\ENJOY Plus!\ENJOY Plus!.exe
O4 - Startup: MSN Pictures Displayer.lnk = C:\Program Files\MSN Pictures Displayer\MSN Pictures Displayer.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/menusearch.jhtml?p=ZNxmk879YYBE
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\befr.htm
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://lithium6996.spaces.live.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
O23 - Service: Generic Service for HID Keyboard Input Collections (GenericHidService) - Unknown owner - c:\APPS\HIDSERVICE\HIDSERVICE.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe

--
End of file - 11270 bytes



Ajout du 07-12-2007 à 18:55:

j'ai rajouter le reste du rapport en dessous de l'autre

il n'y a rien

Télécharger et enregistrer sur le bureau
Combofix

=Double-clic sur Combofix
= Presser 1 quand demandé
= Attendre la fermeture de l’outil ( 5 à 10 mn)
=Copier/coller le rapport dans la réponse
Un rapport dans C:\Combofix.txt à mettre dans la réponse
ComboFix-quarantined-files + Qoobox sont eux à supprimer

rapoort de cambofix


ComboFix 07-12-07.3 - engelaere 2007-12-07 19:17:41.1 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.134 [GMT 1:00]
Running from: D:\Documents and Settings\engelaere.111371120317.000\Bureau\ComboFix.exe
* Created a new restore point
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\WINDOWS\system32\nvs2.inf
D:\Documents and Settings\engelaere.111371120317.000\Local Settings\Application Data\drhwdzhwmj.dat
D:\Documents and Settings\engelaere.111371120317.000\Local Settings\Application Data\drhwdzhwmj.exe
d:\Documents and Settings\engelaere.111371120317.000\Local Settings\Application Data\drhwdzhwmj_nav.dat
D:\Documents and Settings\engelaere.111371120317.000\Local Settings\Application Data\drhwdzhwmj_navps.dat

.
((((((((((((((((((((((((((((( Fichiers créés 2007-11-07 to 2007-12-07 ))))))))))))))))))))))))))))))))))))
.

2007-12-07 15:03 . 2007-12-07 15:03 <REP> d-------- D:\Documents and Settings\All Users\Application Data\AntiVir PersonalEdition Classic
2007-12-01 09:40 . 2007-12-01 09:40 <REP> d-------- C:\Program Files\Fichiers communs\Adobe
2007-11-30 13:08 . 2007-11-30 13:08 <REP> d-------- C:\Program Files\Windows Live Favorites
2007-11-28 15:40 . 2007-11-28 15:40 244 --ah----- C:\sqmnoopt00.sqm
2007-11-28 15:40 . 2007-11-28 15:40 232 --ah----- C:\sqmdata00.sqm
2007-11-28 14:31 . 2007-11-28 15:36 81,984 --a------ C:\WINDOWS\system32\bdod.bin
2007-11-27 22:15 . 2007-11-27 22:15 <REP> d-------- D:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files
2007-11-27 12:03 . 2007-11-27 12:03 <REP> d-------- D:\Documents and Settings\niquita\Application Data\Grisoft
2007-11-27 12:02 . 2006-06-15 19:04 <REP> d--h----- D:\Documents and Settings\niquita\Voisinage réseau
2007-11-27 12:02 . 2006-06-15 19:04 <REP> d--h----- D:\Documents and Settings\niquita\Voisinage d'impression
2007-11-27 12:02 . 2006-06-15 19:11 <REP> d--h----- D:\Documents and Settings\niquita\Modèles
2007-11-27 12:02 . 2007-11-27 12:03 <REP> dr------- D:\Documents and Settings\niquita\Mes documents
2007-11-27 12:02 . 2006-06-15 19:11 <REP> dr------- D:\Documents and Settings\niquita\Menu Démarrer
2007-11-27 12:02 . 2007-11-27 12:03 <REP> dr------- D:\Documents and Settings\niquita\Favoris
2007-11-27 12:02 . 2007-11-27 12:02 <REP> dr------- D:\Documents and Settings\niquita\Bureau
2007-11-27 12:02 . 2006-06-15 19:04 <REP> d-------- D:\Documents and Settings\niquita\Application Data\Symantec
2007-11-25 19:50 . 2007-11-25 19:50 29 --a------ C:\WINDOWS\DEBUGSM.INI
2007-11-25 19:48 . 2007-11-25 19:50 <REP> d-------- D:\Documents and Settings\engelaere.111371120317.000\Application Data\EPSON
2007-11-25 19:01 . 2006-11-29 13:06 3,426,072 --a------ C:\WINDOWS\system32\d3dx9_32.dll
2007-11-25 18:59 . 2007-11-25 18:59 <REP> d-------- C:\Program Files\Microsoft SQL Server Compact Edition
2007-11-25 18:46 . 2007-11-25 19:18 <REP> d-------- C:\Program Files\Windows Live
2007-11-25 18:46 . 2007-11-25 18:51 <REP> d--hsc--- C:\Program Files\Fichiers communs\WindowsLiveInstaller
2007-11-25 18:45 . 2007-11-25 18:45 <REP> d-------- D:\Documents and Settings\All Users\Application Data\WLInstaller
2007-11-25 17:16 . 2007-11-25 17:19 <REP> d-------- D:\Documents and Settings\All Users\Application Data\UDL
2007-11-25 17:15 . 2007-11-25 17:16 <REP> d-------- C:\Program Files\ABBYY FineReader 6.0 Sprint
2007-11-25 17:11 . 2007-11-25 17:18 <REP> d-------- C:\Program Files\EPSON
2007-11-25 17:11 . 2005-12-09 02:03 71,168 --a------ C:\WINDOWS\system32\E_FLBBEE.DLL
2007-11-25 17:11 . 2005-04-11 02:01 62,976 --a------ C:\WINDOWS\system32\E_FD4BBEE.DLL
2007-11-25 17:11 . 2004-09-10 21:12 49,152 --a------ C:\WINDOWS\system32\E_DCINST.DLL
2007-11-25 17:11 . 2007-11-25 17:11 27 --a------ C:\WINDOWS\CDE DX4000EFDG.ini
2007-11-25 17:09 . 2005-02-25 00:00 46,080 --a------ C:\WINDOWS\system32\escimgd.dll
2007-11-25 17:09 . 2005-02-25 00:00 29,696 --a------ C:\WINDOWS\system32\escwiad.dll
2007-11-25 17:09 . 2004-08-03 23:01 25,856 --a------ C:\WINDOWS\system32\drivers\usbprint.sys
2007-11-25 17:09 . 2004-08-03 23:01 25,856 --a------ C:\WINDOWS\system32\dllcache\usbprint.sys
2007-11-25 17:09 . 2005-02-25 00:00 22,016 --a------ C:\WINDOWS\system32\esccmd.dll
2007-11-20 16:56 . 2007-11-20 17:04 <REP> d-------- C:\Program Files\Babylon
2007-11-11 11:29 . 2007-11-11 11:29 <REP> d-------- D:\Documents and Settings\engelaere.111371120317.000\Application Data\Grisoft
2007-11-11 11:29 . 2007-11-11 11:29 <REP> d-------- D:\Documents and Settings\All Users\Application Data\Grisoft
2007-11-11 11:29 . 2007-05-30 13:10 10,872 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys
2007-11-10 19:37 . 2007-11-10 19:37 <REP> d-------- C:\Program Files\Karasoft
2007-11-10 19:36 . 2007-11-10 19:36 <REP> d-------- D:\Documents and Settings\ENGELA~1~000\LOCALS~1
2007-11-10 19:06 . 2007-11-10 19:13 <REP> d-------- C:\Program Files\KaraFun
2007-11-10 16:35 . 2007-11-10 16:35 <REP> d-------- C:\Program Files\LyricsSeeker
2007-11-10 16:29 . 2007-11-11 12:15 <REP> d-------- C:\Program Files\Winamp
2007-11-09 19:54 . 2007-11-28 09:50 <REP> d-------- D:\Documents and Settings\engelaere.111371120317.000\Application Data\MSN Pictures Displayer
2007-11-09 19:54 . 2007-11-09 19:54 446,976 --a------ C:\WINDOWS\system32\ShellMPD.dll
2007-11-09 19:53 . 2007-11-09 19:53 <REP> d-------- D:\Documents and Settings\engelaere.111371120317.000\Application Data\ENJOY Plus!
2007-11-09 19:53 . 2007-11-09 19:53 <REP> d-------- D:\Documents and Settings\All Users\Application Data\ENJOY Plus!
2007-11-09 19:53 . 2007-11-09 19:54 <REP> d-------- C:\Program Files\MSN Pictures Displayer
2007-11-09 19:53 . 2007-11-09 19:53 <REP> d-------- C:\Program Files\ENJOY Plus!
2007-11-09 19:52 . 2007-11-09 19:52 <REP> d-------- D:\Documents and Settings\All Users\Application Data\Yahoo! Companion
2007-11-09 19:32 . 2007-11-09 19:32 <REP> d-------- C:\Program Files\Yahoo!
2007-11-09 19:32 . 2007-11-09 19:37 <REP> d-------- C:\Program Files\CCleaner
2007-11-09 19:19 . 2007-11-09 19:19 <REP> d-------- D:\Documents and Settings\engelaere.111371120317.000\Application Data\gtk-2.0
2007-11-09 19:18 . 2007-11-09 19:18 <REP> d-------- D:\Documents and Settings\engelaere.111371120317.000\.thumbnails
2007-11-09 19:15 . 2007-11-09 19:19 <REP> d-------- D:\Documents and Settings\engelaere.111371120317.000\.gimp-2.4

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-12-04 13:18 --------- d-----w C:\Program Files\Sony
2007-12-01 10:28 --------- d-----w D:\Documents and Settings\engelaere.111371120317.000\Application Data\AdobeUM
2007-11-30 12:08 --------- d-----w C:\Program Files\Windows Live Toolbar
2007-11-28 14:41 --------- d-----w C:\Program Files\Google
2007-11-28 08:40 --------- d-----w C:\Program Files\Kaspersky Lab
2007-11-25 17:54 --------- d-----w C:\Program Files\MSN Messenger
2007-11-25 16:23 --------- d--h--w C:\Program Files\InstallShield Installation Information
2007-11-21 08:21 --------- d-----w C:\Program Files\LimeWire
2007-11-21 08:10 --------- d-----w D:\Documents and Settings\engelaere.111371120317.000\Application Data\LimeWire
2007-11-09 19:43 --------- d-----w C:\Program Files\IncrediMail
2007-10-25 16:43 8,516,608 ----a-w C:\WINDOWS\system32\dllcache\shell32.dll
2007-10-23 16:49 586,752 ----a-w C:\WINDOWS\WLXPGSS.SCR
2007-10-18 10:31 51,224 ----a-w C:\WINDOWS\system32\sirenacm.dll
2007-10-13 19:08 --------- d-----w C:\Program Files\Picasa2
2007-10-12 19:55 --------- d-----w C:\Program Files\AtomixMP3
2006-12-31 14:13 58,264 ----a-w D:\Documents and Settings\engelaere.111371120317.000\Application Data\GDIPFONTCACHEV1.DAT
.

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 14:00]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-07-26 10:17]
"msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 11:34]
"updateMgr"="C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" [2006-03-30 16:45]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IMJPMIG8.1"="C:\WINDOWS\IME\imjp8_1\IMJPMIG.exe" [2004-08-05 14:00]
"PHIME2002ASync"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [2004-08-05 14:00]
"PHIME2002A"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [2004-08-05 14:00]
"High Definition Audio Property Page Shortcut"="HDAShCut.exe" [2005-01-07 17:07 C:\WINDOWS\system32\HdAShCut.exe]
"AzMixerSel"="C:\Program Files\Realtek\InstallShield\AzMixerSel.exe" [2005-06-08 16:55]
"RTHDCPL"="RTHDCPL.EXE" [2005-06-29 13:25 C:\WINDOWS\RTHDCPL.EXE]
"ATIPTA"="C:\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2005-08-05 21:05]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe" [2005-03-04 03:36]
"Vade Retro Outlook Express"="C:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe" [2004-10-04 13:03]
"Ulead AutoDetector v2"="C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe" [2004-11-26 11:43]
"PCMService"="c:\Apps\Powercinema\PCMService.exe" [2005-05-11 13:48]
"ACTIVBOARD"="c:\apps\ABoard\ABoard.exe" [2003-05-02 10:31]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2005-11-30 00:15]
"TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" [2005-11-30 00:15]
"!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 10:25]
"avgnt"="C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" [2007-04-02 10:35]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-05 14:00]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-07-26 10:17]
"msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 11:34]

D:\Documents and Settings\engelaere.111371120317.000\Menu D‚marrer\Programmes\D‚marrage\
ENJOY Plus!.lnk - C:\Program Files\ENJOY Plus!\ENJOY Plus!.exe [2007-11-09 19:53:44]
MSN Pictures Displayer.lnk - C:\Program Files\MSN Pictures Displayer\MSN Pictures Displayer.exe [2007-11-09 19:53:29]

D:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
Lancement rapide d'Adobe Reader.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-23 22:05:26]

S3 memsysdrv;Memory System;\??\C:\WINDOWS\system32\drivers\memsysdrv.sys

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{62a82194-4f24-11dc-826b-00148560750f}]
\Shell\AutoRun\command - RavMon.exe
\Shell\explore\Command - RavMon.exe -e
\Shell\open\Command - RavMon.exe

*Newly Created Service* - ANTIVIRSCHEDULER
*Newly Created Service* - ANTIVIRSERVICE
*Newly Created Service* - AVGIO
*Newly Created Service* - AVGNTFLT
*Newly Created Service* - AVIPBB
*Newly Created Service* - CATCHME
*Newly Created Service* - PROCEXP90
*Newly Created Service* - SSMDRV
.
Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
"2007-12-07 18:00:00 C:\WINDOWS\Tasks\AA67B6AE91842B72.job"
- d:\docume~1\engela~1.000\applic~1\mpegpop\Jump Cake Stop.exe
"2006-06-15 13:05:04 C:\WINDOWS\Tasks\Rappel d'enregistrement 1.job"
- C:\WINDOWS\system32\OOBE\oobebaln.exe
"2006-06-15 13:05:04 C:\WINDOWS\Tasks\Rappel d'enregistrement 2.job"
- C:\WINDOWS\system32\OOBE\oobebaln.exe
"2006-06-15 13:05:04 C:\WINDOWS\Tasks\Rappel d'enregistrement 3.job"
- C:\WINDOWS\system32\OOBE\oobebaln.exe
"2007-12-07 17:58:07 C:\WINDOWS\Tasks\Vérifier les mises à jour de Windows Live Toolbar.job"
- C:\Program Files\Windows Live Toolbar\MSNTBUP.EXE
.
**************************************************************************

catchme 0.3.1318 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-12-07 19:21:34
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2007-12-07 19:22:50
.
--- E O F ---

ayant accés aux fichiers cachés, pour cela
Démarrer =>Poste de travail =>Outils =>Options des dossiers =>Affichage
Cocher = Afficher les fichiers et dossiers cachés
Plus bas
Décocher =Masquer les extensions des fichiers dont le type est connu
Décocher =Masquer les fichiers protégés du système d'exploitation
Ne pas tenir compte du message qui s’affiche
--------------
= Clic-droit sur : Poste de travail
= Clic-droit ( pas de double-clic) sur le Disque
= Clic : ouvrir
= si Adober.exe ou RavMonE.exe ou RavMonLog ou MS32DLL.DLL.VBS ou MSVCR71.dll ou autorun.vbs ou autorun.inf
sont présents les supprimer
--------
faire de même avec tous les disques présents et disques amovibles ( clé USB) si utilisés
------
recacher les fichiers ensuite

redémarrer le pc

voila j'ai suivi toute vos explication je ne vois pas de changement


Ajout du 07-12-2007 à 19:58:

je n'avais rien a suprrimer aucun des composant que vous m'avez mentionné était inscrit

desactive ton antivirus

Ouvre internet explorer
fais un scan en ligne chez EWIDO
= Clic Scan Now ( c’est à gauche )
= Il faut accepter l’ActivX
= En fin de scan vérifier que tout est coché et clic : Remove Infections
= Clic Save Report et l’enregistrer sur le bureau