Comment désinstaller ://searchmiracle.com/

Osr@m -  
 balltrap34 -
Bonsoir à tous,

Je suis parasité par SEARCH MIRACLE et je n'arrive pas à le désinstaller.

Je ne sais pas comment c'est rentré chez moi, spybot ne le vois pas!
Votre aide serait la bienvenue.

Comment désinstaller ? =>http://searchmiracle.com/

Voir ici comment je vous ai connus=>
http://www.oachard.org/forums/viewtopic.php?p=20746#20746

@+, @sr@m

149 réponses

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
Résumé de la discussion

Le problème porte sur la désinstallation de Search Miracle et la difficulté de s’en débarrasser lorsque les outils antivirus classiques ne le détectent pas, des entrées persistent dans le système.
Plusieurs éléments de réponse suggèrent d’employer HijackThis pour identifier les entrées liées à Search Miracle, puis de les supprimer ou désactiver dans Run, O4 et O15, afin de neutraliser les composants actifs.
En cas d’infection étendue, il peut être nécessaire de nettoyer les démarrages et les services indésirables et d’exécuter des analyses supplémentaires, éventuellement en mode sans échec.
Autre élément utile : des barres d’outils et modules complémentaires associés peuvent maintenir des redirections; vérifier les extensions du navigateur et les paramètres de la page d’accueil est parfois nécessaire.

Généré automatiquement par IA
sur la base des meilleures réponses
  1. Utilisateur anonyme
     
    salut tout d'abord
    suprime les fichiers inutile comme ceci :

    Demarrer/paneau de configuration/option internet/suprimer fichier temporaaire apres une petite fentre s'ouvre tu coche "suprimer tout le contenu hors connexion" tu suprime les cookies et efface l'historique ( faire cette manipe regulierement )

    ensuite telecharge :

    (spy bot)
    http://spybot.dalnet.com.fr/spybotsd13.exe

    (adware)
    http://www.ordi-netfr.org/tutorialadaware.html

    (CWshredder)
    http://www.soft32.com/download_19014.html

    pour ce dernier faut absolument fermer tout les programe y compris internet explorer et donc hors connexion ensuite faire fix next next

    spy sweeper
    http://www.zdnet.fr/telecharger/windows/fiche/0,39021313,11010914s,00.htm

    telecharge cette antitrojan
    http://www.emsisoft.net/fr/

    pense a les mettre a jour avant de les lancer

    scan ton pc avec tt ca si le probleme persiste telecharge hijack this
    http://telechargement.zebulon.fr/138-HijackThis-1.98.2.html

    ensuite fait :

    scan / save log et colle le resultat ici apres on te dira quoi supprimer

    @++++
    0
    1. maprilane
       
      bonjour jess
      voila j'ai vu que tu pouvais eut etre m'aider
      que dois je faire?sachant que je suis nulle en informatique!!!


      Logfile of HijackThis v1.99.1
      Scan saved at 11:22:16, on 03/04/2005
      Platform: Windows XP SP2 (WinNT 5.01.2600)
      MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

      Running processes:
      C:\WINDOWS\System32\smss.exe
      C:\WINDOWS\system32\winlogon.exe
      C:\WINDOWS\system32\services.exe
      C:\WINDOWS\system32\lsass.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\System32\svchost.exe
      C:\WINDOWS\Explorer.EXE
      C:\WINDOWS\system32\spoolsv.exe
      c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
      C:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe
      C:\WINDOWS\system32\nvsvc32.exe
      C:\WINDOWS\System32\svchost.exe
      C:\WINDOWS\wanmpsvc.exe
      C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe
      C:\WINDOWS\system32\dslagent.exe
      c:\PROGRA~1\mcafee.com\vso\mcshield.exe
      C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
      C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe
      C:\Program Files\MSN Apps\Updater\01.02.3000.1001\fr\msnappau.exe
      C:\PROGRA~1\Wanadoo\CnxMon.exe
      C:\PROGRA~1\MESSAG~1\Demon.exe
      C:\Program Files\Logitech\MouseWare\system\em_exec.exe
      C:\PROGRA~1\Wanadoo\TaskbarIcon.exe
      C:\Program Files\Media Access\MediaAccK.exe
      C:\Program Files\Media Access\MediaAccess.exe
      C:\WINDOWS\system32\gah95on6.exe
      C:\PROGRA~1\McAfee.com\PERSON~1\MpfAgent.exe
      C:\Program Files\Eyqa\Warse.exe
      C:\PROGRA~1\mcafee.com\agent\mcagent.exe
      C:\PROGRA~1\mcafee.com\vso\mcvsshld.exe
      C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
      C:\Program Files\Media Pass\MediaPassK.exe
      c:\progra~1\mcafee.com\vso\mcvsescn.exe
      C:\Program Files\Media Pass\MediaPass.exe
      C:\WINDOWS\system32\bidart.exe
      C:\WINDOWS\system32\ctfmon.exe
      C:\Program Files\SAGEM\SAGEM F@st800\dslmon.exe
      C:\Program Files\Nikon\NkView6\NkvMon.exe
      C:\Program Files\RealVNC\WinVNC\winvnc.exe
      C:\Program Files\No-IP\DUC20.exe
      C:\Program Files\Web_Rebates\WebRebates1.exe
      C:\WINDOWS\System32\svchost.exe
      C:\Program Files\Wanadoo\EspaceWanadoo.exe
      C:\Program Files\Wanadoo\ComComp.exe
      C:\Program Files\Wanadoo\Watch.exe
      C:\Program Files\Web_Rebates\WebRebates0.exe
      C:\Program Files\Internet Explorer\iexplore.exe
      C:\DOCUME~1\Mujo\LOCALS~1\Temp\Répertoire temporaire 1 pour hijackthis.zip\HijackThis.exe

      R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://searchmiracle.com/sp.php
      R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.euro.dell.com/countries/fr/fra/gen/default.htm
      R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.wanadoo.fr/go/page_recherche/
      R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://searchmiracle.com/sp.php
      R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wanadoo.fr
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.wanadoo.fr
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank
      R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://rd.yahoo.com/customize/ymsgr/defaults/*http://my.yahoo.com
      R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://searchmiracle.com/sp.php
      R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo
      R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
      R3 - URLSearchHook: (no name) - _{08C06D61-F1F3-4799-86F8-BE1A89362C85} - (no file)
      R3 - URLSearchHook: (no name) - _{00A6FAF6-072E-44cf-8957-5838F569A31D} - (no file)
      O2 - BHO: &EliteBar - {28CAEFF3-0F18-4036-B504-51D73BD81ABC} - C:\WINDOWS\EliteToolBar\EliteToolBar version 60.dll
      O2 - BHO: &EliteSideBar - {ED103D9F-3070-4580-AB1E-E5C179C1AE41} - C:\WINDOWS\EliteSideBar\EliteSideBar 08.dll
      O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
      O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe"
      O4 - HKLM\..\Run: [WorksFUD] C:\Program Files\Microsoft Works\wkfud.exe
      O4 - HKLM\..\Run: [Microsoft Works Portfolio] C:\Program Files\Microsoft Works\WksSb.exe /AllUsers
      O4 - HKLM\..\Run: [DSLAGENTEXE] dslagent.exe USB
      O4 - HKLM\..\Run: [Launcher] "C:\Program Files\KFH\cl\launcher.exe" /P
      O4 - HKLM\..\Run: [KAZAA] C:\Program Files\KaZaA\Kazaa.exe /SYSTRAY
      O4 - HKLM\..\Run: [eDonkey2000] C:\Program Files\eDonkey2000\eDonkey2000.exe -t
      O4 - HKLM\..\Run: [Realtime Audio Engine] mmrtkrnl.exe
      O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp3\winampa.exe"
      O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
      O4 - HKLM\..\Run: [oSoKeyLocker] C:\Documents and Settings\noly cherie\Bureau\Locker.exe
      O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Microsoft Works\WkDetect.exe
      O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
      O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
      O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe
      O4 - HKLM\..\Run: [msnappau] "C:\Program Files\MSN Apps\Updater\01.02.3000.1001\fr\msnappau.exe"
      O4 - HKLM\..\Run: [WooCnxMon] C:\PROGRA~1\Wanadoo\CnxMon.exe
      O4 - HKLM\..\Run: [Demon] C:\PROGRA~1\MESSAG~1\Demon.exe
      O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
      O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\TaskbarIcon.exe
      O4 - HKLM\..\Run: [Media Access] C:\Program Files\Media Access\MediaAccK.exe
      O4 - HKLM\..\Run: [AutoUpdater] "C:\Program Files\AutoUpdate\AutoUpdate.exe"
      O4 - HKLM\..\Run: [Power Scan] C:\Program Files\Power Scan\powerscan.exe
      O4 - HKLM\..\Run: [WebRebates0] "C:\Program Files\Web_Rebates\WebRebates0.exe"
      O4 - HKLM\..\Run: [gah95on6] C:\WINDOWS\system32\gah95on6.exe
      O4 - HKLM\..\Run: [Hdsiq] C:\Program Files\Eyqa\Warse.exe
      O4 - HKLM\..\Run: [Anti-Virus Update Scheduler V1.39.12R] C:\syst.exe
      O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\mcupdate.exe
      O4 - HKLM\..\Run: [VSOCheckTask] "c:\PROGRA~1\mcafee.com\vso\mcmnhdlr.exe" /checktask
      O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
      O4 - HKLM\..\Run: [VirusScan Online] "c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe"
      O4 - HKLM\..\Run: [MPFTray] C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
      O4 - HKLM\..\Run: [Media Pass] C:\Program Files\Media Pass\MediaPassK.exe
      O4 - HKLM\..\Run: [usog3mT] bidart.exe
      O4 - HKLM\..\Run: [MPFExe] C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
      O4 - HKLM\..\Run: [ASDPLUGIN] C:\WINDOWS\system32\france.exe -N
      O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
      O4 - HKCU\..\Run: [Steam] C:\Program Files\Steam\Steam.exe -silent
      O4 - HKCU\..\Run: [Yahoo! Pager] C:\PROGRA~1\Yahoo!\MESSEN~1\ypager.exe -quiet
      O4 - HKCU\..\Run: [fB7mRgfqh] wowdial2000.exe
      O4 - Startup: No-IP DUC.lnk = C:\Program Files\No-IP\DUC20.exe
      O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
      O4 - Global Startup: DSLMON.lnk = ?
      O4 - Global Startup: EPSON Status Monitor 3 Environment Check.lnk = C:\WINDOWS\SYSTEM32\SPOOL\DRIVERS\W32X86\3\E_SRCV03.EXE
      O4 - Global Startup: Icône AOL.lnk = C:\Program Files\AOL 7.0\aoltray.exe
      O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
      O4 - Global Startup: NkvMon.exe.lnk = C:\Program Files\Nikon\NkView6\NkvMon.exe
      O4 - Global Startup: Run VNC Server.lnk = C:\Program Files\RealVNC\WinVNC\winvnc.exe
      O8 - Extra context menu item: Web Rebates - file://C:\Program Files\Web_Rebates\Sy1150\Tp1150\scri1150a.htm
      O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
      O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
      O9 - Extra button: SideFind - {10E42047-DEB9-4535-A118-B3F6EC39B807} - C:\Program Files\SideFind\sidefind.dll (file missing)
      O9 - Extra button: Dialogue - {1EA45CE9-A5DA-4555-970F-F8909867BAE0} - C:\Documents and Settings\Mujo\Menu Démarrer\Programmes\Dialogue\Dialogue.lnk (file missing)
      O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
      O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
      O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
      O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\MESSAG~1\Messager Wanadoo.exe
      O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\MESSAG~1\Messager Wanadoo.exe
      O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.wanadoo.fr (file missing) (HKCU)
      O14 - IERESET.INF: START_PAGE_URL=http://www.wanadoo.fr
      O16 - DPF: Interface Chat Voila - http://chat9.x-echo.com/version2/Applet/vchatsign.cab
      O16 - DPF: Interface Chat Wanadoo - http://chat4.x-echo.com/version3/Applet/wchatsign.cab
      O16 - DPF: Tornado 21 - http://download.games.yahoo.com/games/clients/y/t21t0_x.cab
      O16 - DPF: v3cab - http://searchmiracle.com/cab/2.cab
      O16 - DPF: Yahoo! Blackjack - http://download.games.yahoo.com/games/clients/y/jt0_x.cab
      O16 - DPF: Yahoo! Chat - http://us.chat1.yimg.com/us.yimg.com/i/chat/applet/c381/chat.cab
      O16 - DPF: Yahoo! Dominoes - http://download.games.yahoo.com/games/clients/y/dot2_x.cab
      O16 - DPF: Yahoo! Fleet - http://download.games.yahoo.com/games/clients/y/fltt2_x.cab
      O16 - DPF: Yahoo! Pool 2 - http://download.games.yahoo.com/games/clients/y/potb_x.cab
      O16 - DPF: Yahoo! Pyramids - http://download.games.yahoo.com/games/clients/y/pyt1_x.cab
      O16 - DPF: {01347765-1965-426B-91A4-AA6BB342B9A3} (InstallerObj Class) - http://videohd.m6.fr.ipercast.net/installer-hidden.cab
      O16 - DPF: {084DAC27-6FA3-4F55-9005-033F2F102F5C} (ITPPDiagIE Class) - http://images.goa.com/v3/InstallGoaIT/Itpp/V2,0,1,6/npwwg.cab
      O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
      O16 - DPF: {15AD6789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://static.windupdates.com/cab/CDT/ie/bridge-c6.cab
      O16 - DPF: {17D8B270-9C15-11D3-8F03-00105A9965CA} - http://www.canalfree.com/ie/pc/sc.cab
      O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.imgfarm.com/images/nocache/funwebproducts/ei-2/SmileyCentralFWBInitialSetup1.0.0.8-2.cab
      O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/installs/yinst0401.cab
      O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/shared/mcinsctl/fr/4,0,0,83/mcinsctl.cab
      O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by16fd.bay16.hotmail.msn.com/resources/MsnPUpld.cab
      O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://207.188.7.150/082be969912b9bdf7106/netzip/RdxIE601_fr.cab
      O16 - DPF: {6CB5E471-C305-11D3-99A8-000086395495} - http://toolbar.google.com/data/fr/deleon/1.1.62-deleon/GoogleNav.cab
      O16 - DPF: {7A32634B-029C-4836-A023-528983982A49} - http://fdl.msn.com/public/chat/msnchat42.cab
      O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
      O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab
      O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab
      O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://download.mcafee.com/molbin/shared/mcgdmgr/fr/1,0,0,20/mcgdmgr.cab
      O16 - DPF: {C771B05E-E725-4516-97A5-4CE5EB163CFB} - http://kits.bellesfilles.com/bellesfilles-4jm.exe
      O16 - DPF: {D1B80EBF-1A26-4FEC-B0B9-DCB934C6507E} - http://dialup.carpediem.fr/CABS/fr/AccesMembre.cab
      O16 - DPF: {EF99BD32-C1FB-11D2-892F-0090271D4F88} (Yahoo! Compagnon) - http://us.dl1.yimg.com/download.yahoo.com/dl/toolbar/my/yiebio5_0_2_7.cab
      O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/bin/msnchat45.cab
      O16 - DPF: {FD40EC41-D860-4579-8BA4-52671A45C71C} (AxHtChat Class) - http://images.goa.com/v3/InstallGoaIT/ChatAx/V4,0,5,4/npaxchat.cab
      O17 - HKLM\System\CCS\Services\Tcpip\..\{AF1177C3-DC01-4E6D-B1F0-9A18ED2A60CD}: NameServer = 80.10.246.1 80.10.246.132
      O17 - HKLM\System\CCS\Services\Tcpip\..\{D32A3474-71BF-464A-8F49-86944E42085C}: Domain = tefs.com
      O17 - HKLM\System\CCS\Services\Tcpip\..\{D8D7D36E-AF76-44AF-B854-B7657ADA4CF8}: Domain = tefs.com
      O23 - Service: IMAPI CD-Burning COM Service (ImapiService) - Roxio Inc. - C:\WINDOWS\System32\ImapiRox.exe
      O23 - Service: McAfee.com McShield (McShield) - Unknown owner - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
      O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
      O23 - Service: McAfee.com VirusScan Online Realtime Engine (MCVSRte) - Networks Associates Technology, Inc - c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
      O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee Corporation - C:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe
      O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
      O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe
      0
  2. Osr@m
     
    Merci pour cette série d'info, je me lance et je vous tiens au courant !

    Si je peux vous aider pour quelque chose n'hésitez pas à me le demander .

    @+, Osr@m.
    0
  3. Utilisateur anonyme
     
    de rien :-)
    ok si j'ai besoin de koi ke ce sois je n'hesiterai pas ;merci ;-)

    @++
    0
  4. Osr@m
     
    Voilà j'ai cela=>

    Logfile of HijackThis v1.98.2
    Scan saved at 22:38:14, on 11/09/2004
    Platform: Windows XP SP1 (WinNT 5.01.2600)
    MSIE: <a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a></a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a></a></a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a></a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a></a></a></a> Explorer v6.00 SP1 (6.00.2800.1106)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\csrss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Sygate\SPF\smc.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\System32\alg.exe
    C:\PROGRA~1\Grisoft\AVG6\avgserv.exe
    C:\WINDOWS\System32\nvsvc32.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\SOUNDMAN.EXE
    C:\WINDOWS\AGRSMMSG.exe
    C:\PROGRA~1\Wanadoo\CnxMon.exe
    C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe
    C:\PROGRA~1\Wanadoo\TaskbarIcon.exe
    C:\WINDOWS\System32\dvldr.exe
    C:\PROGRA~1\Grisoft\AVG6\avgcc32.exe
    C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
    C:\PROGRA~1\MESSAG~1\StartMessager.exe
    C:\WINDOWS\System32\P2P Networking\P2P Networking.exe
    C:\WINDOWS\SYSCFG16.EXE
    C:\WINDOWS\System32\ulabqfq.exe
    C:\WINDOWS\System32\ctfmon.exe
    C:\WINDOWS\System32\RUNDLL32.EXE
    C:\PROGRA~1\Wanadoo\EspaceWanadoo.exe
    C:\PROGRA~1\Wanadoo\ComComp.exe
    C:\PROGRA~1\Wanadoo\Watch.exe
    C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
    C:\Program Files\<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a></a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a></a></a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a></a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a></a></a></a> Explorer\iexplore.exe
    C:\PROGRA~1\Wanadoo\wanadoo\HijackThis.exe
    C:\WINDOWS\system32\NOTEPAD.EXE

    R1 - HKCU\Software\Microsoft\<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a></a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a></a></a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a></a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a></a></a></a> Explorer,SearchURL = http://searchmiracle.com/sp.php
    R1 - HKCU\Software\Microsoft\<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a></a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a></a></a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a></a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a></a></a></a> Explorer\Main,Search Bar = https://www.orange.fr/portail
    R0 - HKCU\Software\Microsoft\<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a></a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a></a></a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a></a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a></a></a></a> Explorer\Main,Start Page = https://www.orange.fr/portail
    R1 - HKLM\Software\Microsoft\<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a></a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a></a></a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a></a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a></a></a></a> Explorer\Main,Default_Page_URL = http://www.connect-we.fr/
    R1 - HKCU\Software\Microsoft\<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a></a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a></a></a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a></a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a></a></a></a> Explorer\Main,Window Title = Wanadoo
    R0 - HKCU\Software\Microsoft\<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a></a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a></a></a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a></a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a></a></a></a> Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
    O2 - BHO: &EliteBar - {28CAEFF3-0F18-4036-B504-51D73BD81C3A} - C:\WINDOWS\EliteBar\EliteBar version 50.dll
    O3 - Toolbar: &EliteBar - {825CF5BD-8862-4430-B771-0C15C5CA880F} - C:\WINDOWS\EliteBar\EliteBar version 50.dll
    O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe irprops.cpl,,BluetoothAuthenticationAgent
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\\NeroCheck.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
    O4 - HKLM\..\Run: [WooCnxMon] C:\PROGRA~1\Wanadoo\CnxMon.exe
    O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe" /icon
    O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
    O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\TaskbarIcon.exe
    O4 - HKLM\..\Run: [System Uptime Server] sysentry32.exe
    O4 - HKLM\..\Run: [Window Monitor] winmon32.exe
    O4 - HKLM\..\Run: [Windows Automatic Updates] dvldr.exe
    O4 - HKLM\..\Run: [AVG_CC] C:\PROGRA~1\Grisoft\AVG6\avgcc32.exe /STARTUP
    O4 - HKLM\..\Run: [Winad Client] C:\Program Files\Winad Client\Winad.exe
    O4 - HKLM\..\Run: [BIOS XP Loader] tucwjt.exe
    O4 - HKLM\..\Run: [S<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=MCSE">MCSE</a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=MCSE">MCSE</a></a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=MCSE">MCSE</a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=MCSE">MCSE</a></a></a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=MCSE">MCSE</a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=MCSE">MCSE</a></a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=MCSE">MCSE</a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=MCSE">mcSe</a></a></a></a>rvice] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [MessagerStarter Wanadoo] C:\PROGRA~1\MESSAG~1\StartMessager.exe Messager Wanadoo
    O4 - HKLM\..\Run: [Sys29] C:\windows\system32\winxxb32.exe
    O4 - HKLM\..\Run: [P2P Networking] C:\WINDOWS\System32\P2P Networking\P2P Networking.exe /AUTOSTART
    O4 - HKLM\..\Run: [Windows System Configuration] C:\WINDOWS\SYSCFG16.EXE
    O4 - HKLM\..\Run: [Windows DLL Loader] C:\WINDOWS\SYSCFG16.EXE
    O4 - HKLM\..\Run: [nvviddrv32] ulabqfq.exe
    O4 - HKLM\..\RunServices: [System Uptime Server] sysentry32.exe
    O4 - HKLM\..\RunServices: [Window Monitor] winmon32.exe
    O4 - HKLM\..\RunServices: [Windows Automatic Updates] dvldr.exe
    O4 - HKLM\..\RunServices: [BIOS XP Loader] tucwjt.exe
    O4 - HKLM\..\RunServices: [nvviddrv32] ulabqfq.exe
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
    O4 - HKCU\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NVMCTRAY.DLL,NvTaskbarInit
    O4 - HKCU\..\Run: [Window Monitor] winmon32.exe
    O4 - HKCU\..\Run: [BIOS XP Loader] tucwjt.exe
    O4 - HKCU\..\Run: [nvviddrv32] ulabqfq.exe
    O4 - HKCU\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe" /0
    O4 - HKCU\..\RunServices: [Window Monitor] winmon32.exe
    O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
    O8 - Extra context menu item: Pages liées - res://C:\Program Files\Google\GoogleToolbar1.dll/c<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=MBA">MBA</a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=MBA">MBA</a></a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=MBA">MBA</a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=MBA">MBA</a></a></a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=MBA">MBA</a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=MBA">MBA</a></a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=MBA">MBA</a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=MBA">mba</a></a></a></a>cklinks.html
    O8 - Extra context menu item: Pages similaires - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
    O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
    O14 - IERESET.INF: START_PAGE_URL=http://www.connect-we.fr/
    O16 - DPF: v2cab - http://searchmiracle.com/cab/v2cab.cab
    O16 - DPF: {1D6711C8-7154-40BB-8380-3DEA45B69CBF} (Web P2P Installer) -
    O17 - HKLM\System\CCS\Services\Tcpip\..\{B70F4B5C-05A7-46EB-8B2C-F73851A6929E}: NameServer = 80.10.246.130 80.10.246.3
    0
  5. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  6. Utilisateur anonyme
     
    ferme internet explorer , coche c lignes ensuite clike sur "fixed checked "

    C:\WINDOWS\System32\dvldr.exe
    C:\WINDOWS\System32\P2P Networking\P2P Networking.exe
    C:\WINDOWS\SYSCFG16.EXE
    C:\WINDOWS\System32\ulabqfq.exe

    C:\Program Files\<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a></a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a></a></a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a></a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a></a></a></a> Explorer\iexplore.exe
    C:\PROGRA~1\Wanadoo\wanadoo\HijackThis.exe
    C:\WINDOWS\system32\NOTEPAD.EXE

    R1 - HKCU\Software\Microsoft\<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a></a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a></a></a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a></a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a></a></a></a> Explorer,SearchURL = http://searchmiracle.com/sp.php
    R1 - HKCU\Software\Microsoft\<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a></a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a></a></a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a></a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a></a></a></a> Explorer\Main,Search Bar = https://www.orange.fr/portail
    R0 - HKCU\Software\Microsoft\<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a></a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a></a></a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a></a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a></a></a></a> Explorer\Main,Start Page = https://www.orange.fr/portail
    R1 - HKLM\Software\Microsoft\<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a></a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a></a></a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a></a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a></a></a></a> Explorer\Main,Default_Page_URL = http://www.connect-we.fr/
    R1 - HKCU\Software\Microsoft\<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a></a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a></a></a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a></a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a></a></a></a> Explorer\Main,Window Title = Wanadoo
    R0 - HKCU\Software\Microsoft\<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a></a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a></a></a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a></a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a></a></a></a> Explorer\Toolbar,LinksFolderName = Liens

    O2 - BHO: &EliteBar - {28CAEFF3-0F18-4036-B504-51D73BD81C3A} - C:\WINDOWS\EliteBar\EliteBar version 50.dll
    O3 - Toolbar: &EliteBar - {825CF5BD-8862-4430-B771-0C15C5CA880F} - C:\WINDOWS\EliteBar\EliteBar version 50.dll

    pour les O4 faut terminer d'abord leur tachedans le gestionaire des tache (ctr/alt/suprime) ensuite tu les fix avec hijackthis

    O4 - HKLM\..\Run: [Windows Automatic Updates] dvldr.exe
    O4 - HKLM\..\Run: [Winad Client] C:\Program Files\Winad Client\Winad.exe
    O4 - HKLM\..\Run: [Sys29] C:\windows\system32\winxxb32.exe
    O4 - HKLM\..\Run: [BIOS XP Loader] tucwjt.exe
    O4 - HKLM\..\Run: O4 - HKLM\..\Run: [S<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=MCSE">MCSE</a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=MCSE">MCSE</a></a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=MCSE">MCSE</a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=MCSE">MCSE</a></a></a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=MCSE">MCSE</a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=MCSE">MCSE</a></a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=MCSE">MCSE</a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=MCSE">mcSe</a></a></a></a>rvice] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui
    [Windows System Configuration] C:\WINDOWS\SYSCFG16.EXE
    O4 - HKLM\..\Run: [Windows DLL Loader] C:\WINDOWS\SYSCFG16.EXE
    O4 - HKLM\..\Run: [nvviddrv32] ulabqfq.exe
    O4 - HKLM\..\RunServices: [Windows Automatic Updates] dvldr.exe
    O4 - HKLM\..\RunServices: [BIOS XP Loader] tucwjt.exe
    O4 - HKLM\..\RunServices: [nvviddrv32] ulabqfq.exe
    O4 - HKCU\..\Run: [BIOS XP Loader] tucwjt.exe
    O4 - HKCU\..\Run: [nvviddrv32] ulabqfq.exe

    O14 - IERESET.INF: START_PAGE_URL=http://www.connect-we.fr/
    O16 - DPF: v2cab - http://searchmiracle.com/cab/v2cab.cab
    O16 - DPF: {1D6711C8-7154-40BB-8380-3DEA45B69CBF} (Web P2P Installer) -

    ensuite lance les antispywares (adware , spybot, spysweeper ....ect)

    ensuite suprime les fichiers inutile comme ceci :

    Demarrer/paneau de configuration/option internet/suprimer fichier temporaaire apres une petite fentre s'ouvre tu coche "suprimer tout le contenu hors connexion" tu suprime les cookies et efface l'historique

    redemare refait un hijack et colle le resultat ici

    @+++
    0
  7. Albert
     
    Bonjour a tous.

    Pourriez vous m'aider comment me debarasser de searchmiracle.com, pas moyen de m'en debarasser, c'est un vrai casse tete.
    Il s'ouvre sans cesse par l'explorateur des fenetres les unes après les autres.
    J'ai instalé SPYBOT mais pas moyens de me de cette saletté.
    Merci a tous pour votre collaboration, avec votre aide si j'arrive a eliminer cette peste.
    0
  8. Utilisateur anonyme
     
    salut telecharge c anti spywares
    (spy bot)
    http://spybot.dalnet.com.fr/spybotsd13.exe

    (adware SE)
    http://telecharger.01net.com/windows/Internet/internet_utlitaire/fiches/25543.html
    http://www.ordi-netfr.org/adawarese.html

    (CWshredder)
    http://www.soft32.com/download_19014.html

    pour ce dernier faut absolument fermer tout les programe y compris internet explorer et donc hors connexion ensuite faire fix next next

    telecharge cette antitrojan
    http://www.emsisoft.net/fr/

    pense a les mettre a jour avant de les lance

    ensuite suprimez les fichier inutiles
    demarrer/paneau de configuration/option internet/suprimer fichier temporaaire apres une petite fentre s'ouvre tu coche "suprimer tout le contenu hors connexion" suprime aussi les cookies et efface l'historique

    redemare ...
    si le probleme persiste faite un scan avec hijackthis
    http://telechargement.zebulon.fr/138-HijackThis-1.98.2.html

    ensuite faire scan/save log et coller le resultat ici

    @+++++
    0
  9. Albert
     
    Rebonjour a tous,
    Je demandé dernierment de l'aide pour me debarasser de searchemiracle.com , je scanné avec Spybot et aussi a2 free.Mais rien a faire meme quand je ne suis pas connecté a internet des pages searchemiracle.com essayent de s'ouvrir mais les fenetres affichent Impossible d'afficher la page, mais quand je suis connecté au demarrage au 5 fois ces pestes m'embetent.

    Merci a tous de votre colaboration.
    0
  10. Guillaume
     
    Moi j'obtien ceci qqn pe me dire ke fau til retirer merci bcp

    Logfile of HijackThis v1.98.2
    Scan saved at 23:44:51, on 08/12/2004
    Platform: Windows XP SP1 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
    C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
    C:\Program Files\Norton Internet Security\ISSVC.exe
    C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
    C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
    C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Messenger Plus! 3\MsgPlus.exe
    C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
    C:\WINDOWS\autoclk.exe
    C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
    C:\WINDOWS\system32\slserv.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
    C:\Program Files\ADSL Autoconnect\ADSL Autoconnect.exe
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\Documents and Settings\PC\Mes documents\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://freebox.free.fr/
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
    O2 - BHO: (no name) - {ED103D9F-3070-4580-AB1E-E5C179C1AE41} - (no file)
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe"
    O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Program Files\Fichiers communs\Symantec Shared\Security Center\UsrPrmpt.exe
    O4 - HKLM\..\Run: [autoclk] autoclk.exe
    O4 - HKLM\..\Run: [kalvsys] C:\windows\system32\kalvhom32.exe
    O4 - HKCU\..\Run: [Pop-Up-Blocker] "C:\Program Files\Tweak-XP Pro 4\popup.exe"
    O8 - Extra context menu item: &Download with &DAP - C:\PROGRA~1\DAP\dapextie.htm
    O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
    O8 - Extra context menu item: Download &all with DAP - C:\PROGRA~1\DAP\dapextie2.htm
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O8 - Extra context menu item: Pages liées - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
    O8 - Extra context menu item: Pages similaires - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
    O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
    O9 - Extra button: Run DAP - {669695BC-A811-4A9D-8CDF-BA8C795F261C} - C:\PROGRA~1\DAP\DAP.EXE
    O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
    O14 - IERESET.INF: START_PAGE_URL=http://freebox.free.fr/
    O16 - DPF: {C36112BF-2FA3-4694-8603-3B510EA3B465} (Lycos File Upload Component) - http://f001.mail.caramail.lycos.fr/app/uploader/FileUploader.cab
    O17 - HKLM\System\CCS\Services\Tcpip\..\{9B624BEC-8074-4E3A-AAFB-EF6D1369AB25}: NameServer = 213.228.0.23 212.27.32.176
    0
  11. Utilisateur anonyme
     
    salut ferme internet explorer , coche c lignes ensuite clike sur " fixe checked "

    O2 - BHO: (no name) - {ED103D9F-3070-4580-AB1E-E5C179C1AE41} - (no file)

    Pour les O4 faut d'abord faire ctrl/alt/supprime ensuite termine la tache de kalvhom32.exe puis fix cette ligne:

    O4 - HKLM\..\Run: [kalvsys] C:\windows\system32\kalvhom32.exe

    O9 - Extra button: Run DAP - {669695BC-A811-4A9D-8CDF-BA8C795F261C} - C:\PROGRA~1\DAP\DAP.EXE

    ensuite supprime le fichier en gras
    O4 - HKLM\..\Run: [kalvsys] C:\windows\system32\kalvhom32.exe

    puis passe un coup d'antispy ( adware, spybot, A2free...)

    vide le cache d'internet explorer :

    Demarrer/paneau de configuration/option internet/suprimer fichier temporaaire apres une petite fentre s'ouvre tu coche "suprimer tout le contenu hors connexion" tu suprime les cookies et efface l'historique

    redemare...

    @+++++++
    0
  12. Alex
     
    Bonjour à tous.
    J'ai installé et exécuté HijackThis pour retirer searchmiracle (saloperie de truc!) et j'obtiens ceci:

    Logfile of HijackThis v1.98.2
    Scan saved at 11:17:50, on 09/12/2004
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\System32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\LEXBCES.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
    C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
    C:\WINDOWS\System32\CTsvcCDA.exe
    C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
    C:\WINDOWS\System32\tcpsvcs.exe
    C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
    C:\WINDOWS\System32\snmp.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\wlancfg.exe
    C:\WINDOWS\System32\MsPMSPSv.exe
    C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
    C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
    C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
    C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe
    C:\Program Files\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe
    C:\Program Files\Creative\SBAudigy2\DVDAudio\CTDVDDet.EXE
    C:\WINDOWS\system32\CTHELPER.EXE
    C:\WINDOWS\system32\dla\tfswctrl.exe
    C:\Program Files\Dell\Media Experience\PCMService.exe
    C:\WINDOWS\System32\DSentry.exe
    C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
    C:\Program Files\Winamp\winampa.exe
    C:\PROGRA~1\MESSAG~1\StartMessager.exe
    C:\Program Files\Dell AIO Printer A940\dlbabmgr.exe
    C:\Program Files\Dell AIO Printer A940\dlbabmon.exe
    C:\WINDOWS\LiveChatut.exe
    C:\WINDOWS\system32\lexpps.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
    C:\Program Files\eMule\emule.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\Documents and Settings\Alex\Local Settings\Temporary Internet Files\Content.IE5\SXQVS5UR\HijackThis[1].exe

    R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://searchmiracle.com/sp.php
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.euro.dell.com/countries/fr/fra/gen/default.htm
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://searchmiracle.com/sp.php
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://searchmiracle.com/sp.php
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wanadoo.fr/
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.euro.dell.com/countries/fr/fra/gen/default.htm
    R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://searchmiracle.com/sp.php
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://www.wanadoo.fr/
    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://unreal.epicgames.com/Direct3d.htm
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL (file missing)
    O2 - BHO: &EliteBar - {28CAEFF3-0F18-4036-B504-51D73BD81ABC} - C:\WINDOWS\EliteToolBar\EliteToolBar version 58.dll
    O2 - BHO: BHO Class - {ED103D9F-3070-4580-AB1E-E5C179C1AE41} - C:\WINDOWS\ELITES~1\ELITES~1.DLL
    O3 - Toolbar: &EliteBar - {825CF5BD-8862-4430-B771-0C15C5CA8DEF} - C:\WINDOWS\EliteToolBar\EliteToolBar version 58.dll
    O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
    O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    O4 - HKLM\..\Run: [IntelMeM] C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe
    O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe
    O4 - HKLM\..\Run: [CTDVDDet] C:\Program Files\Creative\SBAudigy2\DVDAudio\CTDVDDet.EXE
    O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
    O4 - HKLM\..\Run: [AsioReg] REGSVR32.EXE /S CTASIO.DLL
    O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
    O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
    O4 - HKLM\..\Run: [StorageGuard] "C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe" /r
    O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\Media Experience\PCMService.exe"
    O4 - HKLM\..\Run: [DVDSentry] C:\WINDOWS\System32\DSentry.exe
    O4 - HKLM\..\Run: [VirusScan] c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe
    O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [URLLSTCK.exe] C:\Program Files\Norton Internet Security\UrlLstCk.exe
    O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
    O4 - HKLM\..\Run: [MessagerStarter Wanadoo] C:\PROGRA~1\MESSAG~1\StartMessager.exe Messager Wanadoo
    O4 - HKLM\..\Run: [Dell AIO Printer A940] "C:\Program Files\Dell AIO Printer A940\dlbabmgr.exe"
    O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [LiveChatut] C:\WINDOWS\LiveChatut.exe
    O4 - HKLM\..\Run: [kalvsys] C:\windows\system32\kalvcwk32.exe
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [SB Audigy 2 Startup Menu] /L:FRN
    O4 - HKCU\..\Run: [Spyware Assassin v.4.0] "C:\Program Files\Spyware Assassin 4.0\Spyware Assassin.exe"
    O4 - HKCU\..\RunOnce: [__GSCAdditionalInstallation__] "C:\DOCUME~1\Alex\LOCALS~1\Temp\SetupDemo.exe" -AdditionalInstall
    O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
    O4 - Global Startup: NkbMonitor.exe.lnk = C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll (file missing)
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll (file missing)
    O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: v3cab - http://searchmiracle.com/cab/v3cab.cab
    O16 - DPF: {15AD4789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://public.windupdates.com/get_file.php?bt=ie&p=88fb4bd1cc748615aaf24d95e9cbeb3358724ab481f8e3efaa749926ff7d88d97236971755bdeddb0fd3efedf2024d26208d:a50669a8a42fe77354145ae90fecae62
    O16 - DPF: {386A771C-E96A-421F-8BA7-32F1B706892F} (Installer Class) - http://www.xxxtoolbar.com/ist/softwares/v4.0/0006_regular.cab
    O16 - DPF: {771A1334-6B08-4A6B-AEDC-CF994BA2CEBE} (Installer Class) - http://www.ysbweb.com/ist/softwares/v4.0/ysb_regular.cab

    Merci de votre aide pour enlever ce truc!
    0
  13. Utilisateur anonyme
     
    salut ferme internet explorer , coche c lignes ensuite clike sur " fix checked "

    R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://searchmiracle.com/sp.php
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.euro.dell.com/countries/fr/fra/gen/default.htm
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://searchmiracle.com/sp.php
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://searchmiracle.com/sp.php
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wanadoo.fr/
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.euro.dell.com/countries/fr/fra/gen/default.htm
    R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://searchmiracle.com/sp.php
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://www.wanadoo.fr/
    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://unreal.epicgames.com/Direct3d.htm
    R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL (file missing)

    O2 - BHO: &EliteBar - {28CAEFF3-0F18-4036-B504-51D73BD81ABC} - C:\WINDOWS\EliteToolBar\EliteToolBar version 58.dll
    O2 - BHO: BHO Class - {ED103D9F-3070-4580-AB1E-E5C179C1AE41} - C:\WINDOWS\ELITES~1\ELITES~1.DLL
    O3 - Toolbar: &EliteBar - {825CF5BD-8862-4430-B771-0C15C5CA8DEF} - C:\WINDOWS\EliteToolBar\EliteToolBar version 58.dll

    Pour les O4 faut d'abord faire ctrl/alt/supprime ensuite termine la tache de ( kalvcwk32.exe, Spyware Assassin.exe, SetupDemo.exe ) puis fix ces ligne:

    O4 - HKLM\..\Run: [kalvsys] C:\windows\system32\kalvcwk32.exe
    O4 - HKCU\..\Run: [Spyware Assassin v.4.0] "C:\Program Files\Spyware Assassin 4.0\Spyware Assassin.exe"
    O4 - HKCU\..\RunOnce: [__GSCAdditionalInstallation__] "C:\DOCUME~1\Alex\LOCALS~1\Temp\SetupDemo.exe" -AdditionalInstall

    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll (file missing)
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll (file missing)

    O16 - DPF: v3cab - http://searchmiracle.com/cab/v3cab.cab
    O16 - DPF: {15AD4789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://public.windupdates.com/get_file.php?bt=ie&p=88fb4bd1cc748615aaf24d95e9cbeb3358724ab481f8e3efaa749926ff7d88d97236971755bdeddb0fd3efedf2024d26208d:a50669a8a42fe77354145ae90fecae62
    O16 - DPF: {386A771C-E96A-421F-8BA7-32F1B706892F} (Installer Class) - http://www.xxxtoolbar.com/ist/softwares/v4.0/0006_regular.cab
    O16 - DPF: {771A1334-6B08-4A6B-AEDC-CF994BA2CEBE} (Installer Class) - http://www.ysbweb.com/ist/softwares/v4.0/ysb_regular.cab

    ensuite supprime les fichier en gras :

    O4 - HKLM\..\Run: [kalvsys] C:\windows\system32\kalvcwk32.exe
    O4 - HKCU\..\Run: [Spyware Assassin v.4.0] "C:\Program Files\Spyware Assassin 4.0\Spyware Assassin.exe"
    O4 - HKCU\..\RunOnce: [__GSCAdditionalInstallation__] "C:\DOCUME~1\Alex\LOCALS~1\Temp\SetupDemo.exe" -AdditionalInstall

    Puis passe un coup d'antispyware:

    (spy bot)
    http://spybot.dalnet.com.fr/spybotsd13.exe

    (adware SE)
    http://telecharger.01net.com/windows/Internet/internet_utlitaire/fiches/25543.html
    http://www.ordi-netfr.org/adawarese.html

    (CWshredder)
    http://www.soft32.com/download_19014.html

    pour ce dernier faut absolument fermer tout les programe y compris internet explorer et donc hors connexion ensuite faire fix next next

    (spy sweeper )
    http://www.zdnet.fr/telecharger/windows/fiche/0,39021313,11010914s,00.htm

    telecharge cette antitrojan

    (A2free)
    http://www.emsisoft.net/fr/

    pense a les mettre a jour avant de les lancer

    ensuite suprime les fichier inutiles
    demarrer/paneau de configuration/option internet/suprimer fichier temporaaire apres une petite fentre s'ouvre tu coche "suprimer tout le contenu hors connexion" suprime aussi les cookies et efface l'historique

    redemare ...

    @+++++++++++++
    0
  14. jey
     
    Bonjour, je suis aussi victime de searchmiracle et elite bar et aussi underrun.net, j'ai donc suivi la marche a suivre que vous avez décrite et avec hitjack j'obtiens ceci:

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://www.tiscali.fr/
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer - Tiscali -
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: &EliteBar - {28CAEFF3-0F18-4036-B504-51D73BD81ABC} - C:\WINDOWS\EliteToolBar\EliteToolBar version 58.dll
    O3 - Toolbar: &EliteBar - {825CF5BD-8862-4430-B771-0C15C5CA8DEF} - C:\WINDOWS\EliteToolBar\EliteToolBar version 58.dll
    O4 - HKLM\..\Run: [WIN32] C:\mActiveX.exe
    O4 - HKLM\..\Run: [windows monitor] C:\arsetup.exe
    O4 - HKLM\..\Run: [Microsoft Time Manager] dveldr.exe
    O4 - HKLM\..\Run: [System Host] scvhost.exe
    O4 - HKLM\..\Run: [Windows Timer Update] phqghume.exe
    O4 - HKLM\..\Run: [Zone Labs Client] "D:\INSTALLATIONS\ZoneAlarm\zlclient.exe"
    O4 - HKLM\..\Run: [NAV Agent] C:\PROGRA~1\NORTON~1\navapw32.exe
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [Windows TaskAd] C:\Program Files\Windows TaskAd\WinTaskAd.exe
    O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
    O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Program Files\Fichiers communs\Symantec Shared\Security Center\UsrPrmpt.exe
    O4 - HKLM\..\Run: [kalvsys] C:\windows\system32\kalvaxn32.exe
    O4 - HKLM\..\RunServices: [Window Monitor] winmon32.exe
    O4 - HKLM\..\RunServices: [Win32 USB2.0 Driver] w32usb2.exe
    O4 - HKLM\..\RunServices: [Workstation Services] wrkstn.exe
    O4 - HKLM\..\RunServices: [zervpack2] update2.exe
    O4 - HKLM\..\RunServices: [msupdates] msupdt.exe
    O4 - HKLM\..\RunServices: [win] xwinxrpc32.exe
    O4 - HKLM\..\RunServices: [Microsoft Time Manager] dveldr.exe
    O4 - HKLM\..\RunServices: [System Host] scvhost.exe
    O4 - HKLM\..\RunServices: [Windows Timer Update] phqghume.exe
    O4 - HKLM\..\RunServices: [Realplayer One] realplay.exe
    O4 - HKLM\..\RunServices: [Zonealarm] iexplore.exe
    O4 - HKCU\..\Run: [System Host] scvhost.exe
    O4 - HKCU\..\Run: [Windows Timer Update] phqghume.exe
    O4 - HKCU\..\RunServices: [Window Monitor] winmon32.exe
    O4 - Startup: IMsecure.lnk = D:\INSTALLATIONS\IMsecure\IMsecure.exe
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://D:\INSTAL~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
    O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\INSTAL~1\MICROS~1\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1093869007529
    O17 - HKLM\System\CCS\Services\Tcpip\..\{5310C534-97E4-4F06-BB1D-083F796D7AC6}: NameServer = 213.36.80.1

    Merci de votre aide
    0
  15. Utilisateur anonyme
     
    salut ferme internet explorer , coche c lignes ensuite clike sur " fix checked "

    O2 - BHO: &EliteBar - {28CAEFF3-0F18-4036-B504-51D73BD81ABC} - C:\WINDOWS\EliteToolBar\EliteToolBar version 58.dll
    O3 - Toolbar: &EliteBar - {825CF5BD-8862-4430-B771-0C15C5CA8DEF} - C:\WINDOWS\EliteToolBar\EliteToolBar version 58.dll

    Pour les O4 faut d'abord faire ctrl/alt/supprime ensuite dans processus termine la tache de ( mActiveX.exe , arsetup.exe ,dveldr.exe ,scvhost.exe ,phqghume.exe , kalvaxn32.exe ,winmon32.exe ,w32usb2.exe ..ect) ensuite fix ces lignes :

    O4 - HKLM\..\Run: [WIN32] C:\mActiveX.exe
    O4 - HKLM\..\Run: [windows monitor] C:\arsetup.exe
    O4 - HKLM\..\Run: [Microsoft Time Manager] dveldr.exe
    O4 - HKLM\..\Run: [System Host] scvhost.exe
    O4 - HKLM\..\Run: [Windows Timer Update] phqghume.exe
    O4 - HKLM\..\Run: [kalvsys] C:\windows\system32\kalvaxn32.exe
    O4 - HKLM\..\RunServices: [Window Monitor] winmon32.exe
    O4 - HKLM\..\RunServices: [Win32 USB2.0 Driver] w32usb2.exe
    O4 - HKLM\..\RunServices: [Workstation Services] wrkstn.exe
    O4 - HKLM\..\RunServices: [zervpack2] update2.exe
    O4 - HKLM\..\RunServices: [msupdates] msupdt.exe
    O4 - HKLM\..\RunServices: [win] xwinxrpc32.exe
    O4 - HKLM\..\RunServices: [Microsoft Time Manager] dveldr.exe
    O4 - HKLM\..\RunServices: [System Host] scvhost.exe
    O4 - HKLM\..\RunServices: [Windows Timer Update] phqghume.exe
    O4 - HKLM\..\RunServices: [Realplayer One] realplay.exe
    O4 - HKLM\..\RunServices: [Zonealarm] iexplore.exe
    O4 - HKCU\..\Run: [System Host] scvhost.exe
    O4 - HKCU\..\Run: [Windows Timer Update] phqghume.exe
    O4 - HKCU\..\RunServices: [Window Monitor] winmon32.exe

    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)

    Puis passe un coup d'antispyware:

    (spy bot)
    http://spybot.dalnet.com.fr/spybotsd13.exe

    (adware SE)
    http://telecharger.01net.com/windows/Internet/internet_utlitaire/fiches/25543.html
    http://www.ordi-netfr.org/adawarese.html

    (CWshredder)
    http://www.soft32.com/download_19014.html

    pour ce dernier faut absolument fermer tout les programe y compris internet explorer et donc hors connexion ensuite faire fix next next

    (spy sweeper )
    http://www.zdnet.fr/telecharger/windows/fiche/0,39021313,11010914s,00.htm

    telecharge ces antitrojan

    (A2free)
    http://www.emsisoft.net/fr/

    ( About buster)
    http://www.spychecker.com/program/aboutbuster.html

    pense a les mettre a jour avant de les lancer

    ensuite suprime les fichier inutiles
    demarrer/paneau de configuration/option internet/suprimer fichier temporaaire apres une petite fentre s'ouvre tu coche "suprimer tout le contenu hors connexion" suprime aussi les cookies et efface l'historique

    redemare ... si le probleme persiste refait un scan et colle le resultat ici

    @+++++++++++++
    0
  16. Alex
     
    Merci de ton aide jess15. Maintenant je suis débarrassé!
    C'est très sympa de ta part
    0
  17. mickael
     
    Moi aussi j'aurai besoin de vos précieux conseils. Aidez moi a savoir koi cocher sur Hitjack, merci:

    Voici le résultat:
    Logfile of HijackThis v1.98.2
    Scan saved at 14:33:07, on 16/12/2004
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
    C:\Program Files\Norton AntiVirus\navapsvc.exe
    C:\WINDOWS\System32\nvsvc32.exe
    C:\WINDOWS\system32\spupdsvc.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
    C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
    C:\WINDOWS\SOUNDMAN.EXE
    C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
    C:\WINDOWS\system32\RUNDLL32.EXE
    C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
    C:\WINDOWS\system32\spnpinst.exe
    C:\WINDOWS\system32\Sysocmgr.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\WINDOWS\system32\rundll32.exe
    C:\Program Files\WinRAR\WinRAR.exe
    C:\DOCUME~1\Mickael\LOCALS~1\Temp\Rar$EX00.328\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: &EliteBar - {28CAEFF3-0F18-4036-B504-51D73BD81ABC} - C:\WINDOWS\EliteToolBar\EliteToolBar version 58.dll
    O2 - BHO: BHO Class - {ED103D9F-3070-4580-AB1E-E5C179C1AE41} - C:\WINDOWS\ELITES~1\ELITES~1.DLL
    O3 - Toolbar: &EliteBar - {825CF5BD-8862-4430-B771-0C15C5CA8DEF} - C:\WINDOWS\EliteToolBar\EliteToolBar version 58.dll
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [Start Uppings] mssupdate.exe
    O4 - HKLM\..\Run: [kalvsys] C:\windows\system32\kalvhlx32.exe
    O4 - HKLM\..\RunServices: [Start Uppings] mssupdate.exe
    O4 - HKCU\..\Run: [Start Uppings] mssupdate.exe
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    O4 - HKCU\..\RunServices: [Start Uppings] mssupdate.exe
    O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
    O16 - DPF: v3cab - http://searchmiracle.com/cab/1.cab
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1102955368312
    O17 - HKLM\System\CCS\Services\Tcpip\..\{70A3C31B-9A64-4410-B830-0F0A78FC9E6D}: NameServer = 212.27.39.1 213.228.0.23
    0
  18. Utilisateur anonyme
     
    salut ferme internet explorer , coche c lignes ensuite clike sur " fix checked "

    O2 - BHO: &EliteBar - {28CAEFF3-0F18-4036-B504-51D73BD81ABC} - C:\WINDOWS\EliteToolBar\EliteToolBar version 58.dll
    O2 - BHO: BHO Class - {ED103D9F-3070-4580-AB1E-E5C179C1AE41} - C:\WINDOWS\ELITES~1\ELITES~1.DLL
    O3 - Toolbar: &EliteBar - {825CF5BD-8862-4430-B771-0C15C5CA8DEF} - C:\WINDOWS\EliteToolBar\EliteToolBar version 58.dll

    Pour les O4 faut d'abord faire ctrl/alt/supprime ensuite dans processus termine la tache de( mssupdate.exe ,kalvhlx32.exe)
    ensuite fix ces lignes :

    O4 - HKLM\..\Run: [Start Uppings] mssupdate.exe
    O4 - HKLM\..\Run: [kalvsys] C:\windows\system32\kalvhlx32.exe
    O4 - HKLM\..\RunServices: [Start Uppings] mssupdate.exe
    O4 - HKCU\..\Run: [Start Uppings] mssupdate.exe
    O4 - HKCU\..\RunServices: [Start Uppings] mssupdate.exe

    O16 - DPF: v3cab - http://searchmiracle.com/cab/1.cab

    ensuite supprime les fichier en gras :

    O4 - HKLM\..\Run: [Start Uppings] mssupdate.exe
    O4 - HKLM\..\Run: [kalvsys] C:\windows\system32\kalvhlx32.exe

    Puis passe un coup d'antispyware:

    (spy bot)
    http://spybot.dalnet.com.fr/spybotsd13.exe

    (adware SE)
    http://telecharger.01net.com/windows/Internet/internet_utlitaire/fiches/25543.html
    http://www.ordi-netfr.org/adawarese.html

    (CWshredder)
    http://www.soft32.com/download_19014.html

    pour ce dernier faut absolument fermer tout les programe y compris internet explorer et donc hors connexion ensuite faire fix next next

    (spy sweeper )
    http://www.zdnet.fr/telecharger/windows/fiche/0,39021313,11010914s,00.htm

    telecharge ces antitrojan

    (A2free)
    http://www.emsisoft.net/fr/

    ( About buster)
    http://www.spychecker.com/program/aboutbuster.html

    pense a les mettre a jour avant de les lancer

    ensuite suprime les fichier inutiles
    demarrer/paneau de configuration/option internet/suprimer fichier temporaaire apres une petite fentre s'ouvre tu coche "suprimer tout le contenu hors connexion" suprime aussi les cookies et efface l'historique

    redemare ... si le probleme persiste refait un scan et colle le resultat ici

    @+++++++++++++
    0
  19. jey
     
    Merci pour ton aide jess15, il semblerai que la plupar des "merdes" soient mais l'elite bar apparait de temps en temps, je ne comprend pas, aurait tu une autre solution a me proposer?

    Merci a toi, a+
    0
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8