sdbot-194-B A l'aide hijackthis.log please que dois-je faire

Voila le résultat des courses. Que dois-je faire à présent? merçi pour votre aide.



Logfile of HijackThis v1.99.1
Scan saved at 18:11:23, on 21/07/2005
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Internet\Blubster\Blubster.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\System32\wkfix.exe
C:\Program Files\CleanMyPC\Registry Cleaner\RCScheduler.exe
C:\Program Files\AVPersonal\AVGUARD.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\AVPersonal\AVWUPSRV.EXE
C:\WINDOWS\System32\GEARSEC.EXE
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\cmd.exe
C:\WINDOWS\System32\svchost.exe
C:\Documents and Settings\Jaqline\Bureau\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://searchmiracle.com/sp.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://searchmiracle.com/sp.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://searchmiracle.com/sp.php
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.altavista.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: &EliteSideBar - {ED103D9F-3070-4580-AB1E-E5C179C1AE41} - (no file)
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [KAVPersonal50] C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\kav.exe /minimize
O4 - HKLM\..\Run: [Blubster] C:\Program Files\Internet\Blubster\Blubster.exe SILENT
O4 - HKLM\..\Run: [Outpost Firewall] C:\Program Files\Agnitum\Outpost Firewall\outpost.exe /waitservice
O4 - HKLM\..\Run: [AVGCtrl] "C:\Program Files\AVPersonal\AVGNT.EXE" /min
O4 - HKLM\..\Run: [Microsoft File Demand Manager] wmgrdf.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Internet2 Optimizer] wkfix.exe
O4 - HKLM\..\RunServices: [svhost windows services] svhost8.exe
O4 - HKLM\..\RunServices: [Windows Host32 Starter] hostserv.exe
O4 - HKLM\..\RunServices: [Window_Protect] winsi32.exe
O4 - HKLM\..\RunServices: [Norton Personal Firewall] mwin.exe
O4 - HKLM\..\RunServices: [Windows update 32] wkuwtqv.exe
O4 - HKLM\..\RunServices: [Perform Services] pserv.exe
O4 - HKLM\..\RunServices: [Compaq Service Drivers 32] compq32.exe
O4 - HKLM\..\RunServices: [MS Auto-IPSec Protection] MSASP32.exe
O4 - HKLM\..\RunServices: [Microsoft File Demand Manager] wmgrdf.exe
O4 - HKLM\..\RunServices: [Internet2 Optimizer] wkfix.exe
O4 - HKCU\..\Run: [Registry Cleaner Scheduler] "C:\Program Files\CleanMyPC\Registry Cleaner\RCScheduler.exe" /startup
O4 - HKCU\..\Run: [Internet2 Optimizer] wkfix.exe
O4 - HKCU\..\RunServices: [Windows Host32 Starter] hostserv.exe
O4 - HKCU\..\RunServices: [Compaq Service Drivers 32] compq32.exe
O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: Trashcan - {072F3B8A-2DA2-40e2-B841-88899F240200} - C:\PROGRA~1\Agnitum\OUTPOS~1\TRASH.EXE (HKCU)
O9 - Extra 'Tools' menuitem: Show Trashcan - {072F3B8A-2DA2-40e2-B841-88899F240200} - C:\PROGRA~1\Agnitum\OUTPOS~1\TRASH.EXE (HKCU)
O15 - Trusted Zone: *.media-motor.net
O15 - Trusted Zone: *.popuppers.com
O16 - DPF: v3cab - http://searchmiracle.com/cab/v3cab.cab
O16 - DPF: {15AD6789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://static.windupdates.com/cab/6247971CanadaInc/ie/bridge-c9.cab
O16 - DPF: {42F2C9BA-614F-47C0-B3E3-ECFD34EED658} (Installer Class) - http://www.ysbweb.com/ist/softwares/v4.0/ysb_regular.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/housecall/xscan53.cab
O16 - DPF: {7C559105-9ECF-42B8-B3F7-832E75EDD959} (Installer Class) - http://www.xxxtoolbar.com/ist/softwares/v4.0/0006_regular.cab
O16 - DPF: {9DBAFCCF-592F-FFFF-FFFF-00608CEC297B} - http://start1.aaa1screensavers.com/30009.exe
O16 - DPF: {E0CE16CB-741C-4B24-8D04-A817856E07F4} (IObjSafety.DemoCtl) - http://cabs.media-motor.net/cabs/diamond.cab
O23 - Service: AntiVir Service (AntiVirService) - H+BEDV Datentechnik GmbH - C:\Program Files\AVPersonal\AVGUARD.EXE
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AntiVir Update (AVWUpSrv) - H+BEDV Datentechnik GmbH, Germany - C:\Program Files\AVPersonal\AVWUPSRV.EXE
O23 - Service: GEARSecurity - GEAR Software - C:\WINDOWS\System32\GEARSEC.EXE
O23 - Service: Hardware Clock Driver (hwclock) - Unknown owner - C:\WINDOWS\System32\hwclock.exe (file missing)
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: kavsvc - Kaspersky Labs - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\kavsvc.exe
O23 - Service: Keyboard Service System Files (Keyboard Service) - Unknown owner - C:\WINDOWS\System32\keyboard.exe (file missing)
O23 - Service: Outpost Firewall Service (OutpostFirewall) - Agnitum - C:\PROGRA~1\Agnitum\OUTPOS~1\outpost.exe
O23 - Service: RadClock - Unknown owner - C:\WINDOWS\system32\RadClock.exe
O23 - Service: Remote Procedure Call (RPC) Client (RpcClient) - Unknown owner - C:\WINDOWS\System32\rpcclient.exe (file missing)



[ Ce message a ete modifié par : : Xpier le 22-07-2005 12:31 ]

je pense avoir fait correctement la réparation des registres mais bien sur il reste quelques soucis et si je n'arrive pas à l'éradiquer je pense que je vais revivre le cauchemar...http://www.sur-la-toile.com/modules/Splatt_Forums/images/subject/splatt_blue/icon15.gif

[ Ce message a ete modifié par : : Xpier le 22-07-2005 12:39 ]

salut

c'est quoi ton problème exactement ?
pourquoi tu postes ça ?
qu'as tu déjà fait ?

spywares

hijackthis

Salut Xpier et bienvenue sur la toile.

As-tu passé un coup d'antispy avant de faire ton log ?
Ce serait préférable...

R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://searchmiracle.com/sp.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://searchmiracle.com/sp.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://searchmiracle.com/sp.php
Essaie Microsoft Antispy, il te remettra les liens par de faut d'Internet explorer.

Pas trop sûr (à virer) :
O4 - HKLM\..\Run: [Blubster] C:\Program Files\Internet\Blubster\Blubster.exe SILENT
O4 - HKLM\..\Run: [Internet2 Optimizer] wkfix.exe
O4 - HKLM\..\RunServices: [svhost windows services] svhost8.exe
O4 - HKLM\..\RunServices: [Windows Host32 Starter] hostserv.exe
O4 - HKLM\..\RunServices: [Window_Protect] winsi32.exe
O4 - HKLM\..\RunServices: [Norton Personal Firewall] mwin.exe
O4 - HKLM\..\RunServices: [Windows update 32] wkuwtqv.exe

Il y en a d'autres certainement...

Essaie Microsoft Antispy et refais ton log mais joins le plutôt que de le coller dans ton POST.

@+
Þќ@ыє