Bonjours,
J'ai pu constater que certaine personne on été toucher par searchmiracle.
Je voulais savoir si quelqu'un pouvais m'aider.
J'ai deja effectuer un hijack
celui ci est le suivant...
merci de m'aider
Valerie
Logfile of HijackThis v1.98.2
Scan saved at 18:15:41, on 22/12/2004
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\sistray.EXE
C:\WINDOWS\system32\GSICON.EXE
C:\WINDOWS\system32\dslagent.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\PROGRA~1\INCRED~1\bin\IncMail.exe
C:\WINDOWS\system32\ppelcq.exe
C:\Program Files\Windows TaskAd\WinTaskAd.exe
C:\Program Files\Windows ControlAd\WinCtlAd.exe
C:\PROGRA~1\SPAMEX~1\oeSpamExtractLdr.exe
C:\Program Files\Windows ServeAd\WinServAd.exe
C:\Program Files\Ad-Aware 5.71 vf\Ad-aware.exe
C:\Program Files\Windows TaskAd\WinSched.exe
C:\Program Files\Antipub\antipub.exe
C:\Program Files\Windows ControlAd\WinCtlAdAlt.exe
C:\Program Files\Windows ServeAd\WinServSuit.exe
C:\WINDOWS\twain_32\A4S2_32\WATCH.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\PROGRA~1\NORTON~2\NORTON~1\NPROTECT.EXE
C:\PROGRA~1\NORTON~2\NORTON~1\SPEEDD~1\NOPDB.EXE
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
C:\Program Files\Norton AntiVirus\SAVScan.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\DOCUME~1\David\LOCALS~1\Temp\Répertoire temporaire 7 pour hjt.zip\HijackThis.exe
C:\Program Files\Avant Browser\avant.exe
C:\Program Files\Messenger\msmsgs.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = C:\Program Files\Copernic 2001 Pro\Search Bar.htm
O2 - BHO: &EliteBar - {28CAEFF3-0F18-4036-B504-51D73BD81ABC} - C:\WINDOWS\EliteToolBar\EliteToolBar version 58.dll
O2 - BHO: BHO Class - {ED103D9F-3070-4580-AB1E-E5C179C1AE41} - C:\WINDOWS\ELITES~1\ELITES~1.DLL
O3 - Toolbar: &EliteBar - {825CF5BD-8862-4430-B771-0C15C5CA8DEF} - C:\WINDOWS\EliteToolBar\EliteToolBar version 58.dll
O4 - HKLM\..\Run: [SiS Tray] C:\WINDOWS\System32\sistray.EXE
O4 - HKLM\..\Run: [SiSUSBRG] C:\WINDOWS\sisUSBrg.exe
O4 - HKLM\..\Run: [GSICONEXE] GSICON.EXE
O4 - HKLM\..\Run: [DSLAGENTEXE] dslagent.exe USB
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [IncrediMail] C:\PROGRA~1\INCRED~1\bin\IncMail.exe /c
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [gusdhlgj] C:\WINDOWS\system32\ppelcq.exe
O4 - HKLM\..\Run: [Windows TaskAd] C:\Program Files\Windows TaskAd\WinTaskAd.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [Windows ControlAd] C:\Program Files\Windows ControlAd\WinCtlAd.exe
O4 - HKLM\..\Run: [kalvsys] C:\windows\system32\kalvifc32.exe
O4 - HKLM\..\Run: [SpamExtract] C:\PROGRA~1\SPAMEX~1\oeSpamExtractLdr.exe
O4 - HKLM\..\Run: [Windows ServeAd] C:\Program Files\Windows ServeAd\WinServAd.exe
O4 - HKCU\..\Run: [Adaware Bootup] C:\Program Files\Ad-Aware 5.71 vf\Ad-aware.exe /Auto /Log "C:\Program Files\Ad-Aware 5.71 vf\"
O4 - Startup: Anti-Pub.lnk = C:\Program Files\Antipub\antipub.exe
O4 - Startup: Watch.lnk = C:\WINDOWS\twain_32\A4S2_32\WATCH.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &Add animation to IncrediMail Style Box - C:\PROGRA~1\INCRED~1\bin\resources\WebMenuImg.htm
O8 - Extra context menu item: Chercher avec Copernic 2001 - C:\Program Files\Copernic 2001 Pro\Search Extension.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: Bromas y chistes - {068C36CF-483E-4CA8-A7F2-10EFFDA49C45} -
http://www.accesoplugin.com/prom/a_bromas2/?l=tpc2&ver=14&t=new (file missing)
O9 - Extra button: SideFind - {10E42047-DEB9-4535-A118-B3F6EC39B807} - (no file)
O9 - Extra button: (no name) - {2A465934-E5F0-11D2-91B5-00104B9C4765} - C:\Program Files\Copernic 2001 Pro\Copernic.exe
O9 - Extra 'Tools' menuitem: Lancer Copernic 2001 - {2A465934-E5F0-11D2-91B5-00104B9C4765} - C:\Program Files\Copernic 2001 Pro\Copernic.exe
O9 - Extra button: Copernic 2001 - {2A465936-E5F0-11D2-91B5-00104B9C4765} - C:\Program Files\Copernic 2001 Pro\Copernic.exe
O9 - Extra button: Antivirus - {4358161B-A4B8-498E-8019-3DAB50DFD578} -
http://www.accesoplugin.com/prom/a_virus2/?l=tpc2&ver=14&t=new (file missing)
O9 - Extra button: Traduire - {99EFB53C-C965-43CF-9F45-52242D134187} - file://C:\Program Files\Copernic 2001 Pro\Translate.htm
O9 - Extra 'Tools' menuitem: &Traduire avec Gist-In-Time - {99EFB53C-C965-43CF-9F45-52242D134187} - file://C:\Program Files\Copernic 2001 Pro\Translate.htm
O9 - Extra button: Internet Explorer - {C8950078-94A4-4C32-BB9C-4666357965AF} - C:\tpc2\index.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {15AD4789-CDB4-47E1-A9DA-992EE8E6BAD6} -
http://public.windupdates.com/get_file.php?bt=ie&p=cf3d6d5353c60b9c57a954782f56eb0cd9479ee0ea04b6bc0ce90bac83d24136f9dd061a26c7bee673eca0d57a04fbe728c2ef828f08:089f8d69b8a0dd824129ec8711ffcf53
O16 - DPF: {2C0F2AEA-3A9B-46DB-A7BE-80FF329E415D} -
http://www.accesoplugin.com/dialercab/PPremiumInternacional.cab
O16 - DPF: {FC67BB52-AAB6-4282-9D51-2DAFFE73AFD0} -
http://download.spamextract.com/sx/SpEx2.01pur_opt/SpamExtractInstall.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{6D3327C9-A845-4F65-8710-5FE9BC62C1B0}: NameServer = 194.119.228.67 193.74.208.135
Afficher la suite