Sujet Précédent Sujet Suivant

Comment désinstaller ://searchmiracle.com/

Fermé
Osr@m - 11 sept. 2004 à 20:22
 balltrap34 - 15 juin 2005 à 20:16
Bonsoir à tous,

Je suis parasité par SEARCH MIRACLE et je n'arrive pas à le désinstaller.

Je ne sais pas comment c'est rentré chez moi, spybot ne le vois pas!
Votre aide serait la bienvenue.

Comment désinstaller ? =>http://searchmiracle.com/

Voir ici comment je vous ai connus=>
http://www.oachard.org/forums/viewtopic.php?p=20746#20746

@+, @sr@m
A voir également:

149 réponses

Réponse 1 / 149
Utilisateur anonyme
11 sept. 2004 à 21:28
salut tout d'abord
suprime les fichiers inutile comme ceci :


Demarrer/paneau de configuration/option internet/suprimer fichier temporaaire apres une petite fentre s'ouvre tu coche "suprimer tout le contenu hors connexion" tu suprime les cookies et efface l'historique ( faire cette manipe regulierement )

ensuite telecharge :

(spy bot)
http://spybot.dalnet.com.fr/spybotsd13.exe

(adware)
http://www.ordi-netfr.org/tutorialadaware.html

(CWshredder)
http://www.soft32.com/download_19014.html

pour ce dernier faut absolument fermer tout les programe y compris internet explorer et donc hors connexion ensuite faire fix next next

spy sweeper
http://www.zdnet.fr/telecharger/windows/fiche/0,39021313,11010914s,00.htm

telecharge cette antitrojan
http://www.emsisoft.net/fr/

pense a les mettre a jour avant de les lancer




scan ton pc avec tt ca si le probleme persiste telecharge hijack this
http://telechargement.zebulon.fr/138-HijackThis-1.98.2.html

ensuite fait :

scan / save log et colle le resultat ici apres on te dira quoi supprimer

@++++
0
maprilane
3 avril 2005 à 11:24
bonjour jess
voila j'ai vu que tu pouvais eut etre m'aider
que dois je faire?sachant que je suis nulle en informatique!!!


Logfile of HijackThis v1.99.1
Scan saved at 11:22:16, on 03/04/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\wanmpsvc.exe
C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe
C:\WINDOWS\system32\dslagent.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe
C:\Program Files\MSN Apps\Updater\01.02.3000.1001\fr\msnappau.exe
C:\PROGRA~1\Wanadoo\CnxMon.exe
C:\PROGRA~1\MESSAG~1\Demon.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\PROGRA~1\Wanadoo\TaskbarIcon.exe
C:\Program Files\Media Access\MediaAccK.exe
C:\Program Files\Media Access\MediaAccess.exe
C:\WINDOWS\system32\gah95on6.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfAgent.exe
C:\Program Files\Eyqa\Warse.exe
C:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\PROGRA~1\mcafee.com\vso\mcvsshld.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
C:\Program Files\Media Pass\MediaPassK.exe
c:\progra~1\mcafee.com\vso\mcvsescn.exe
C:\Program Files\Media Pass\MediaPass.exe
C:\WINDOWS\system32\bidart.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\SAGEM\SAGEM F@st800\dslmon.exe
C:\Program Files\Nikon\NkView6\NkvMon.exe
C:\Program Files\RealVNC\WinVNC\winvnc.exe
C:\Program Files\No-IP\DUC20.exe
C:\Program Files\Web_Rebates\WebRebates1.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Wanadoo\EspaceWanadoo.exe
C:\Program Files\Wanadoo\ComComp.exe
C:\Program Files\Wanadoo\Watch.exe
C:\Program Files\Web_Rebates\WebRebates0.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\DOCUME~1\Mujo\LOCALS~1\Temp\Répertoire temporaire 1 pour hijackthis.zip\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://searchmiracle.com/sp.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.euro.dell.com/countries/fr/fra/gen/default.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.wanadoo.fr/go/page_recherche/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://searchmiracle.com/sp.php
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wanadoo.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.wanadoo.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://rd.yahoo.com/customize/ymsgr/defaults/*http://my.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://searchmiracle.com/sp.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - _{08C06D61-F1F3-4799-86F8-BE1A89362C85} - (no file)
R3 - URLSearchHook: (no name) - _{00A6FAF6-072E-44cf-8957-5838F569A31D} - (no file)
O2 - BHO: &EliteBar - {28CAEFF3-0F18-4036-B504-51D73BD81ABC} - C:\WINDOWS\EliteToolBar\EliteToolBar version 60.dll
O2 - BHO: &EliteSideBar - {ED103D9F-3070-4580-AB1E-E5C179C1AE41} - C:\WINDOWS\EliteSideBar\EliteSideBar 08.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe"
O4 - HKLM\..\Run: [WorksFUD] C:\Program Files\Microsoft Works\wkfud.exe
O4 - HKLM\..\Run: [Microsoft Works Portfolio] C:\Program Files\Microsoft Works\WksSb.exe /AllUsers
O4 - HKLM\..\Run: [DSLAGENTEXE] dslagent.exe USB
O4 - HKLM\..\Run: [Launcher] "C:\Program Files\KFH\cl\launcher.exe" /P
O4 - HKLM\..\Run: [KAZAA] C:\Program Files\KaZaA\Kazaa.exe /SYSTRAY
O4 - HKLM\..\Run: [eDonkey2000] C:\Program Files\eDonkey2000\eDonkey2000.exe -t
O4 - HKLM\..\Run: [Realtime Audio Engine] mmrtkrnl.exe
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp3\winampa.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [oSoKeyLocker] C:\Documents and Settings\noly cherie\Bureau\Locker.exe
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Microsoft Works\WkDetect.exe
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe
O4 - HKLM\..\Run: [msnappau] "C:\Program Files\MSN Apps\Updater\01.02.3000.1001\fr\msnappau.exe"
O4 - HKLM\..\Run: [WooCnxMon] C:\PROGRA~1\Wanadoo\CnxMon.exe
O4 - HKLM\..\Run: [Demon] C:\PROGRA~1\MESSAG~1\Demon.exe
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\TaskbarIcon.exe
O4 - HKLM\..\Run: [Media Access] C:\Program Files\Media Access\MediaAccK.exe
O4 - HKLM\..\Run: [AutoUpdater] "C:\Program Files\AutoUpdate\AutoUpdate.exe"
O4 - HKLM\..\Run: [Power Scan] C:\Program Files\Power Scan\powerscan.exe
O4 - HKLM\..\Run: [WebRebates0] "C:\Program Files\Web_Rebates\WebRebates0.exe"
O4 - HKLM\..\Run: [gah95on6] C:\WINDOWS\system32\gah95on6.exe
O4 - HKLM\..\Run: [Hdsiq] C:\Program Files\Eyqa\Warse.exe
O4 - HKLM\..\Run: [Anti-Virus Update Scheduler V1.39.12R] C:\syst.exe
O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\mcupdate.exe
O4 - HKLM\..\Run: [VSOCheckTask] "c:\PROGRA~1\mcafee.com\vso\mcmnhdlr.exe" /checktask
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [VirusScan Online] "c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe"
O4 - HKLM\..\Run: [MPFTray] C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
O4 - HKLM\..\Run: [Media Pass] C:\Program Files\Media Pass\MediaPassK.exe
O4 - HKLM\..\Run: [usog3mT] bidart.exe
O4 - HKLM\..\Run: [MPFExe] C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
O4 - HKLM\..\Run: [ASDPLUGIN] C:\WINDOWS\system32\france.exe -N
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Steam] C:\Program Files\Steam\Steam.exe -silent
O4 - HKCU\..\Run: [Yahoo! Pager] C:\PROGRA~1\Yahoo!\MESSEN~1\ypager.exe -quiet
O4 - HKCU\..\Run: [fB7mRgfqh] wowdial2000.exe
O4 - Startup: No-IP DUC.lnk = C:\Program Files\No-IP\DUC20.exe
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: DSLMON.lnk = ?
O4 - Global Startup: EPSON Status Monitor 3 Environment Check.lnk = C:\WINDOWS\SYSTEM32\SPOOL\DRIVERS\W32X86\3\E_SRCV03.EXE
O4 - Global Startup: Icône AOL.lnk = C:\Program Files\AOL 7.0\aoltray.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: NkvMon.exe.lnk = C:\Program Files\Nikon\NkView6\NkvMon.exe
O4 - Global Startup: Run VNC Server.lnk = C:\Program Files\RealVNC\WinVNC\winvnc.exe
O8 - Extra context menu item: Web Rebates - file://C:\Program Files\Web_Rebates\Sy1150\Tp1150\scri1150a.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra button: SideFind - {10E42047-DEB9-4535-A118-B3F6EC39B807} - C:\Program Files\SideFind\sidefind.dll (file missing)
O9 - Extra button: Dialogue - {1EA45CE9-A5DA-4555-970F-F8909867BAE0} - C:\Documents and Settings\Mujo\Menu Démarrer\Programmes\Dialogue\Dialogue.lnk (file missing)
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\MESSAG~1\Messager Wanadoo.exe
O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\MESSAG~1\Messager Wanadoo.exe
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.wanadoo.fr (file missing) (HKCU)
O14 - IERESET.INF: START_PAGE_URL=http://www.wanadoo.fr
O16 - DPF: Interface Chat Voila - http://chat9.x-echo.com/version2/Applet/vchatsign.cab
O16 - DPF: Interface Chat Wanadoo - http://chat4.x-echo.com/version3/Applet/wchatsign.cab
O16 - DPF: Tornado 21 - http://download.games.yahoo.com/games/clients/y/t21t0_x.cab
O16 - DPF: v3cab - http://searchmiracle.com/cab/2.cab
O16 - DPF: Yahoo! Blackjack - http://download.games.yahoo.com/games/clients/y/jt0_x.cab
O16 - DPF: Yahoo! Chat - http://us.chat1.yimg.com/us.yimg.com/i/chat/applet/c381/chat.cab
O16 - DPF: Yahoo! Dominoes - http://download.games.yahoo.com/games/clients/y/dot2_x.cab
O16 - DPF: Yahoo! Fleet - http://download.games.yahoo.com/games/clients/y/fltt2_x.cab
O16 - DPF: Yahoo! Pool 2 - http://download.games.yahoo.com/games/clients/y/potb_x.cab
O16 - DPF: Yahoo! Pyramids - http://download.games.yahoo.com/games/clients/y/pyt1_x.cab
O16 - DPF: {01347765-1965-426B-91A4-AA6BB342B9A3} (InstallerObj Class) - http://videohd.m6.fr.ipercast.net/installer-hidden.cab
O16 - DPF: {084DAC27-6FA3-4F55-9005-033F2F102F5C} (ITPPDiagIE Class) - http://images.goa.com/v3/InstallGoaIT/Itpp/V2,0,1,6/npwwg.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {15AD6789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://static.windupdates.com/cab/CDT/ie/bridge-c6.cab
O16 - DPF: {17D8B270-9C15-11D3-8F03-00105A9965CA} - http://www.canalfree.com/ie/pc/sc.cab
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.imgfarm.com/images/nocache/funwebproducts/ei-2/SmileyCentralFWBInitialSetup1.0.0.8-2.cab
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/installs/yinst0401.cab
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/shared/mcinsctl/fr/4,0,0,83/mcinsctl.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by16fd.bay16.hotmail.msn.com/resources/MsnPUpld.cab
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://207.188.7.150/082be969912b9bdf7106/netzip/RdxIE601_fr.cab
O16 - DPF: {6CB5E471-C305-11D3-99A8-000086395495} - http://toolbar.google.com/data/fr/deleon/1.1.62-deleon/GoogleNav.cab
O16 - DPF: {7A32634B-029C-4836-A023-528983982A49} - http://fdl.msn.com/public/chat/msnchat42.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://download.mcafee.com/molbin/shared/mcgdmgr/fr/1,0,0,20/mcgdmgr.cab
O16 - DPF: {C771B05E-E725-4516-97A5-4CE5EB163CFB} - http://kits.bellesfilles.com/bellesfilles-4jm.exe
O16 - DPF: {D1B80EBF-1A26-4FEC-B0B9-DCB934C6507E} - http://dialup.carpediem.fr/CABS/fr/AccesMembre.cab
O16 - DPF: {EF99BD32-C1FB-11D2-892F-0090271D4F88} (Yahoo! Compagnon) - http://us.dl1.yimg.com/download.yahoo.com/dl/toolbar/my/yiebio5_0_2_7.cab
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/bin/msnchat45.cab
O16 - DPF: {FD40EC41-D860-4579-8BA4-52671A45C71C} (AxHtChat Class) - http://images.goa.com/v3/InstallGoaIT/ChatAx/V4,0,5,4/npaxchat.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{AF1177C3-DC01-4E6D-B1F0-9A18ED2A60CD}: NameServer = 80.10.246.1 80.10.246.132
O17 - HKLM\System\CCS\Services\Tcpip\..\{D32A3474-71BF-464A-8F49-86944E42085C}: Domain = tefs.com
O17 - HKLM\System\CCS\Services\Tcpip\..\{D8D7D36E-AF76-44AF-B854-B7657ADA4CF8}: Domain = tefs.com
O23 - Service: IMAPI CD-Burning COM Service (ImapiService) - Roxio Inc. - C:\WINDOWS\System32\ImapiRox.exe
O23 - Service: McAfee.com McShield (McShield) - Unknown owner - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: McAfee.com VirusScan Online Realtime Engine (MCVSRte) - Networks Associates Technology, Inc - c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee Corporation - C:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe
0
Réponse 2 / 149
Osr@m
11 sept. 2004 à 21:39
Merci pour cette série d'info, je me lance et je vous tiens au courant !

Si je peux vous aider pour quelque chose n'hésitez pas à me le demander .

@+, Osr@m.
0
Réponse 3 / 149
Utilisateur anonyme
11 sept. 2004 à 22:12
de rien :-)
ok si j'ai besoin de koi ke ce sois je n'hesiterai pas ;merci ;-)

@++
0
Réponse 4 / 149
Osr@m
11 sept. 2004 à 22:41
Voilà j'ai cela=>

Logfile of HijackThis v1.98.2
Scan saved at 22:38:14, on 11/09/2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: <a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a></a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a></a></a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a></a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a></a></a></a> Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Sygate\SPF\smc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\alg.exe
C:\PROGRA~1\Grisoft\AVG6\avgserv.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\AGRSMMSG.exe
C:\PROGRA~1\Wanadoo\CnxMon.exe
C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe
C:\PROGRA~1\Wanadoo\TaskbarIcon.exe
C:\WINDOWS\System32\dvldr.exe
C:\PROGRA~1\Grisoft\AVG6\avgcc32.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\PROGRA~1\MESSAG~1\StartMessager.exe
C:\WINDOWS\System32\P2P Networking\P2P Networking.exe
C:\WINDOWS\SYSCFG16.EXE
C:\WINDOWS\System32\ulabqfq.exe
C:\WINDOWS\System32\ctfmon.exe
C:\WINDOWS\System32\RUNDLL32.EXE
C:\PROGRA~1\Wanadoo\EspaceWanadoo.exe
C:\PROGRA~1\Wanadoo\ComComp.exe
C:\PROGRA~1\Wanadoo\Watch.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\Program Files\<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a></a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a></a></a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a></a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a></a></a></a> Explorer\iexplore.exe
C:\PROGRA~1\Wanadoo\wanadoo\HijackThis.exe
C:\WINDOWS\system32\NOTEPAD.EXE

R1 - HKCU\Software\Microsoft\<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a></a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a></a></a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a></a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a></a></a></a> Explorer,SearchURL = http://searchmiracle.com/sp.php
R1 - HKCU\Software\Microsoft\<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a></a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a></a></a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a></a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a></a></a></a> Explorer\Main,Search Bar = https://www.orange.fr/portail
R0 - HKCU\Software\Microsoft\<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a></a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a></a></a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a></a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a></a></a></a> Explorer\Main,Start Page = https://www.orange.fr/portail
R1 - HKLM\Software\Microsoft\<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a></a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a></a></a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a></a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a></a></a></a> Explorer\Main,Default_Page_URL = http://www.connect-we.fr/
R1 - HKCU\Software\Microsoft\<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a></a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a></a></a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a></a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a></a></a></a> Explorer\Main,Window Title = Wanadoo
R0 - HKCU\Software\Microsoft\<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a></a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a></a></a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a></a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a></a></a></a> Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: &EliteBar - {28CAEFF3-0F18-4036-B504-51D73BD81C3A} - C:\WINDOWS\EliteBar\EliteBar version 50.dll
O3 - Toolbar: &EliteBar - {825CF5BD-8862-4430-B771-0C15C5CA880F} - C:\WINDOWS\EliteBar\EliteBar version 50.dll
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe irprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [WooCnxMon] C:\PROGRA~1\Wanadoo\CnxMon.exe
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\TaskbarIcon.exe
O4 - HKLM\..\Run: [System Uptime Server] sysentry32.exe
O4 - HKLM\..\Run: [Window Monitor] winmon32.exe
O4 - HKLM\..\Run: [Windows Automatic Updates] dvldr.exe
O4 - HKLM\..\Run: [AVG_CC] C:\PROGRA~1\Grisoft\AVG6\avgcc32.exe /STARTUP
O4 - HKLM\..\Run: [Winad Client] C:\Program Files\Winad Client\Winad.exe
O4 - HKLM\..\Run: [BIOS XP Loader] tucwjt.exe
O4 - HKLM\..\Run: [S<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=MCSE">MCSE</a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=MCSE">MCSE</a></a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=MCSE">MCSE</a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=MCSE">MCSE</a></a></a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=MCSE">MCSE</a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=MCSE">MCSE</a></a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=MCSE">MCSE</a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=MCSE">mcSe</a></a></a></a>rvice] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [MessagerStarter Wanadoo] C:\PROGRA~1\MESSAG~1\StartMessager.exe Messager Wanadoo
O4 - HKLM\..\Run: [Sys29] C:\windows\system32\winxxb32.exe
O4 - HKLM\..\Run: [P2P Networking] C:\WINDOWS\System32\P2P Networking\P2P Networking.exe /AUTOSTART
O4 - HKLM\..\Run: [Windows System Configuration] C:\WINDOWS\SYSCFG16.EXE
O4 - HKLM\..\Run: [Windows DLL Loader] C:\WINDOWS\SYSCFG16.EXE
O4 - HKLM\..\Run: [nvviddrv32] ulabqfq.exe
O4 - HKLM\..\RunServices: [System Uptime Server] sysentry32.exe
O4 - HKLM\..\RunServices: [Window Monitor] winmon32.exe
O4 - HKLM\..\RunServices: [Windows Automatic Updates] dvldr.exe
O4 - HKLM\..\RunServices: [BIOS XP Loader] tucwjt.exe
O4 - HKLM\..\RunServices: [nvviddrv32] ulabqfq.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NVMCTRAY.DLL,NvTaskbarInit
O4 - HKCU\..\Run: [Window Monitor] winmon32.exe
O4 - HKCU\..\Run: [BIOS XP Loader] tucwjt.exe
O4 - HKCU\..\Run: [nvviddrv32] ulabqfq.exe
O4 - HKCU\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe" /0
O4 - HKCU\..\RunServices: [Window Monitor] winmon32.exe
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Pages liées - res://C:\Program Files\Google\GoogleToolbar1.dll/c<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=MBA">MBA</a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=MBA">MBA</a></a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=MBA">MBA</a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=MBA">MBA</a></a></a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=MBA">MBA</a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=MBA">MBA</a></a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=MBA">MBA</a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=MBA">mba</a></a></a></a>cklinks.html
O8 - Extra context menu item: Pages similaires - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O14 - IERESET.INF: START_PAGE_URL=http://www.connect-we.fr/
O16 - DPF: v2cab - http://searchmiracle.com/cab/v2cab.cab
O16 - DPF: {1D6711C8-7154-40BB-8380-3DEA45B69CBF} (Web P2P Installer) -
O17 - HKLM\System\CCS\Services\Tcpip\..\{B70F4B5C-05A7-46EB-8B2C-F73851A6929E}: NameServer = 80.10.246.130 80.10.246.3
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 149
Utilisateur anonyme
12 sept. 2004 à 12:10
ferme internet explorer , coche c lignes ensuite clike sur "fixed checked "

C:\WINDOWS\System32\dvldr.exe
C:\WINDOWS\System32\P2P Networking\P2P Networking.exe
C:\WINDOWS\SYSCFG16.EXE
C:\WINDOWS\System32\ulabqfq.exe

C:\Program Files\<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a></a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a></a></a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a></a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a></a></a></a> Explorer\iexplore.exe
C:\PROGRA~1\Wanadoo\wanadoo\HijackThis.exe
C:\WINDOWS\system32\NOTEPAD.EXE

R1 - HKCU\Software\Microsoft\<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a></a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a></a></a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a></a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a></a></a></a> Explorer,SearchURL = http://searchmiracle.com/sp.php
R1 - HKCU\Software\Microsoft\<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a></a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a></a></a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a></a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a></a></a></a> Explorer\Main,Search Bar = https://www.orange.fr/portail
R0 - HKCU\Software\Microsoft\<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a></a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a></a></a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a></a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a></a></a></a> Explorer\Main,Start Page = https://www.orange.fr/portail
R1 - HKLM\Software\Microsoft\<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a></a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a></a></a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a></a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a></a></a></a> Explorer\Main,Default_Page_URL = http://www.connect-we.fr/
R1 - HKCU\Software\Microsoft\<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a></a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a></a></a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a></a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a></a></a></a> Explorer\Main,Window Title = Wanadoo
R0 - HKCU\Software\Microsoft\<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a></a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a></a></a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a></a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=Internet">Internet</a></a></a></a> Explorer\Toolbar,LinksFolderName = Liens

O2 - BHO: &EliteBar - {28CAEFF3-0F18-4036-B504-51D73BD81C3A} - C:\WINDOWS\EliteBar\EliteBar version 50.dll
O3 - Toolbar: &EliteBar - {825CF5BD-8862-4430-B771-0C15C5CA880F} - C:\WINDOWS\EliteBar\EliteBar version 50.dll


pour les O4 faut terminer d'abord leur tachedans le gestionaire des tache (ctr/alt/suprime) ensuite tu les fix avec hijackthis

O4 - HKLM\..\Run: [Windows Automatic Updates] dvldr.exe
O4 - HKLM\..\Run: [Winad Client] C:\Program Files\Winad Client\Winad.exe
O4 - HKLM\..\Run: [Sys29] C:\windows\system32\winxxb32.exe
O4 - HKLM\..\Run: [BIOS XP Loader] tucwjt.exe
O4 - HKLM\..\Run: O4 - HKLM\..\Run: [S<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=MCSE">MCSE</a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=MCSE">MCSE</a></a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=MCSE">MCSE</a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=MCSE">MCSE</a></a></a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=MCSE">MCSE</a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=MCSE">MCSE</a></a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=<a target="_blank" href="http://searchmiracle.com/text/search.php?qq=MCSE">MCSE</a>"><a target="_blank" href="http://searchmiracle.com/text/search.php?qq=MCSE">mcSe</a></a></a></a>rvice] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui
[Windows System Configuration] C:\WINDOWS\SYSCFG16.EXE
O4 - HKLM\..\Run: [Windows DLL Loader] C:\WINDOWS\SYSCFG16.EXE
O4 - HKLM\..\Run: [nvviddrv32] ulabqfq.exe
O4 - HKLM\..\RunServices: [Windows Automatic Updates] dvldr.exe
O4 - HKLM\..\RunServices: [BIOS XP Loader] tucwjt.exe
O4 - HKLM\..\RunServices: [nvviddrv32] ulabqfq.exe
O4 - HKCU\..\Run: [BIOS XP Loader] tucwjt.exe
O4 - HKCU\..\Run: [nvviddrv32] ulabqfq.exe

O14 - IERESET.INF: START_PAGE_URL=http://www.connect-we.fr/
O16 - DPF: v2cab - http://searchmiracle.com/cab/v2cab.cab
O16 - DPF: {1D6711C8-7154-40BB-8380-3DEA45B69CBF} (Web P2P Installer) -

ensuite lance les antispywares (adware , spybot, spysweeper ....ect)

ensuite suprime les fichiers inutile comme ceci :


Demarrer/paneau de configuration/option internet/suprimer fichier temporaaire apres une petite fentre s'ouvre tu coche "suprimer tout le contenu hors connexion" tu suprime les cookies et efface l'historique

redemare refait un hijack et colle le resultat ici

@+++
0
Réponse 6 / 149
Albert
27 oct. 2004 à 20:31
Bonjour a tous.

Pourriez vous m'aider comment me debarasser de searchmiracle.com, pas moyen de m'en debarasser, c'est un vrai casse tete.
Il s'ouvre sans cesse par l'explorateur des fenetres les unes après les autres.
J'ai instalé SPYBOT mais pas moyens de me de cette saletté.
Merci a tous pour votre collaboration, avec votre aide si j'arrive a eliminer cette peste.
0
Réponse 7 / 149
Utilisateur anonyme
27 oct. 2004 à 20:55
salut telecharge c anti spywares
(spy bot)
http://spybot.dalnet.com.fr/spybotsd13.exe

(adware SE)
http://telecharger.01net.com/windows/Internet/internet_utlitaire/fiches/25543.html
http://www.ordi-netfr.org/adawarese.html

(CWshredder)
http://www.soft32.com/download_19014.html

pour ce dernier faut absolument fermer tout les programe y compris internet explorer et donc hors connexion ensuite faire fix next next


telecharge cette antitrojan
http://www.emsisoft.net/fr/

pense a les mettre a jour avant de les lance


ensuite suprimez les fichier inutiles
demarrer/paneau de configuration/option internet/suprimer fichier temporaaire apres une petite fentre s'ouvre tu coche "suprimer tout le contenu hors connexion" suprime aussi les cookies et efface l'historique

redemare ...
si le probleme persiste faite un scan avec hijackthis
http://telechargement.zebulon.fr/138-HijackThis-1.98.2.html

ensuite faire scan/save log et coller le resultat ici

@+++++
0
Réponse 8 / 149
Albert
4 nov. 2004 à 17:44
Rebonjour a tous,
Je demandé dernierment de l'aide pour me debarasser de searchemiracle.com , je scanné avec Spybot et aussi a2 free.Mais rien a faire meme quand je ne suis pas connecté a internet des pages searchemiracle.com essayent de s'ouvrir mais les fenetres affichent Impossible d'afficher la page, mais quand je suis connecté au demarrage au 5 fois ces pestes m'embetent.


Merci a tous de votre colaboration.
0
Réponse 9 / 149
Utilisateur anonyme
4 nov. 2004 à 23:56
salut telecharge hijackthis
http://telechargement.zebulon.fr/138-HijackThis-1.98.2.html

ensuite fait: scan/save log et colle le resultat ici

@++++++++
0
Réponse 10 / 149
Guillaume
8 déc. 2004 à 23:47
Moi j'obtien ceci qqn pe me dire ke fau til retirer merci bcp


Logfile of HijackThis v1.98.2
Scan saved at 23:44:51, on 08/12/2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\Program Files\Norton Internet Security\ISSVC.exe
C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Messenger Plus! 3\MsgPlus.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\WINDOWS\autoclk.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\ADSL Autoconnect\ADSL Autoconnect.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\PC\Mes documents\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://freebox.free.fr/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: (no name) - {ED103D9F-3070-4580-AB1E-E5C179C1AE41} - (no file)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Program Files\Fichiers communs\Symantec Shared\Security Center\UsrPrmpt.exe
O4 - HKLM\..\Run: [autoclk] autoclk.exe
O4 - HKLM\..\Run: [kalvsys] C:\windows\system32\kalvhom32.exe
O4 - HKCU\..\Run: [Pop-Up-Blocker] "C:\Program Files\Tweak-XP Pro 4\popup.exe"
O8 - Extra context menu item: &Download with &DAP - C:\PROGRA~1\DAP\dapextie.htm
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Download &all with DAP - C:\PROGRA~1\DAP\dapextie2.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Pages liées - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Pages similaires - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O9 - Extra button: Run DAP - {669695BC-A811-4A9D-8CDF-BA8C795F261C} - C:\PROGRA~1\DAP\DAP.EXE
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O14 - IERESET.INF: START_PAGE_URL=http://freebox.free.fr/
O16 - DPF: {C36112BF-2FA3-4694-8603-3B510EA3B465} (Lycos File Upload Component) - http://f001.mail.caramail.lycos.fr/app/uploader/FileUploader.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{9B624BEC-8074-4E3A-AAFB-EF6D1369AB25}: NameServer = 213.228.0.23 212.27.32.176
0
Réponse 11 / 149
Utilisateur anonyme
9 déc. 2004 à 11:21
salut ferme internet explorer , coche c lignes ensuite clike sur " fixe checked "

O2 - BHO: (no name) - {ED103D9F-3070-4580-AB1E-E5C179C1AE41} - (no file)

Pour les O4 faut d'abord faire ctrl/alt/supprime ensuite termine la tache de kalvhom32.exe puis fix cette ligne:

O4 - HKLM\..\Run: [kalvsys] C:\windows\system32\kalvhom32.exe

O9 - Extra button: Run DAP - {669695BC-A811-4A9D-8CDF-BA8C795F261C} - C:\PROGRA~1\DAP\DAP.EXE


ensuite supprime le fichier en gras
O4 - HKLM\..\Run: [kalvsys] C:\windows\system32\kalvhom32.exe

puis passe un coup d'antispy ( adware, spybot, A2free...)

vide le cache d'internet explorer :

Demarrer/paneau de configuration/option internet/suprimer fichier temporaaire apres une petite fentre s'ouvre tu coche "suprimer tout le contenu hors connexion" tu suprime les cookies et efface l'historique

redemare...

@+++++++
0
Réponse 12 / 149
Alex
9 déc. 2004 à 11:22
Bonjour à tous.
J'ai installé et exécuté HijackThis pour retirer searchmiracle (saloperie de truc!) et j'obtiens ceci:

Logfile of HijackThis v1.98.2
Scan saved at 11:17:50, on 09/12/2004
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\WINDOWS\System32\CTsvcCDA.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\System32\tcpsvcs.exe
C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\wlancfg.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe
C:\Program Files\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe
C:\Program Files\Creative\SBAudigy2\DVDAudio\CTDVDDet.EXE
C:\WINDOWS\system32\CTHELPER.EXE
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Dell\Media Experience\PCMService.exe
C:\WINDOWS\System32\DSentry.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\Program Files\Winamp\winampa.exe
C:\PROGRA~1\MESSAG~1\StartMessager.exe
C:\Program Files\Dell AIO Printer A940\dlbabmgr.exe
C:\Program Files\Dell AIO Printer A940\dlbabmon.exe
C:\WINDOWS\LiveChatut.exe
C:\WINDOWS\system32\lexpps.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
C:\Program Files\eMule\emule.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Documents and Settings\Alex\Local Settings\Temporary Internet Files\Content.IE5\SXQVS5UR\HijackThis[1].exe

R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://searchmiracle.com/sp.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.euro.dell.com/countries/fr/fra/gen/default.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://searchmiracle.com/sp.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://searchmiracle.com/sp.php
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wanadoo.fr/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.euro.dell.com/countries/fr/fra/gen/default.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://searchmiracle.com/sp.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://www.wanadoo.fr/
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://unreal.epicgames.com/Direct3d.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL (file missing)
O2 - BHO: &EliteBar - {28CAEFF3-0F18-4036-B504-51D73BD81ABC} - C:\WINDOWS\EliteToolBar\EliteToolBar version 58.dll
O2 - BHO: BHO Class - {ED103D9F-3070-4580-AB1E-E5C179C1AE41} - C:\WINDOWS\ELITES~1\ELITES~1.DLL
O3 - Toolbar: &EliteBar - {825CF5BD-8862-4430-B771-0C15C5CA8DEF} - C:\WINDOWS\EliteToolBar\EliteToolBar version 58.dll
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [IntelMeM] C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe
O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe
O4 - HKLM\..\Run: [CTDVDDet] C:\Program Files\Creative\SBAudigy2\DVDAudio\CTDVDDet.EXE
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [AsioReg] REGSVR32.EXE /S CTASIO.DLL
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [StorageGuard] "C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\Media Experience\PCMService.exe"
O4 - HKLM\..\Run: [DVDSentry] C:\WINDOWS\System32\DSentry.exe
O4 - HKLM\..\Run: [VirusScan] c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [URLLSTCK.exe] C:\Program Files\Norton Internet Security\UrlLstCk.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [MessagerStarter Wanadoo] C:\PROGRA~1\MESSAG~1\StartMessager.exe Messager Wanadoo
O4 - HKLM\..\Run: [Dell AIO Printer A940] "C:\Program Files\Dell AIO Printer A940\dlbabmgr.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [LiveChatut] C:\WINDOWS\LiveChatut.exe
O4 - HKLM\..\Run: [kalvsys] C:\windows\system32\kalvcwk32.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SB Audigy 2 Startup Menu] /L:FRN
O4 - HKCU\..\Run: [Spyware Assassin v.4.0] "C:\Program Files\Spyware Assassin 4.0\Spyware Assassin.exe"
O4 - HKCU\..\RunOnce: [__GSCAdditionalInstallation__] "C:\DOCUME~1\Alex\LOCALS~1\Temp\SetupDemo.exe" -AdditionalInstall
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: NkbMonitor.exe.lnk = C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll (file missing)
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll (file missing)
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: v3cab - http://searchmiracle.com/cab/v3cab.cab
O16 - DPF: {15AD4789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://public.windupdates.com/get_file.php?bt=ie&p=88fb4bd1cc748615aaf24d95e9cbeb3358724ab481f8e3efaa749926ff7d88d97236971755bdeddb0fd3efedf2024d26208d:a50669a8a42fe77354145ae90fecae62
O16 - DPF: {386A771C-E96A-421F-8BA7-32F1B706892F} (Installer Class) - http://www.xxxtoolbar.com/ist/softwares/v4.0/0006_regular.cab
O16 - DPF: {771A1334-6B08-4A6B-AEDC-CF994BA2CEBE} (Installer Class) - http://www.ysbweb.com/ist/softwares/v4.0/ysb_regular.cab


Merci de votre aide pour enlever ce truc!
0
Réponse 13 / 149
Utilisateur anonyme
10 déc. 2004 à 12:07
salut ferme internet explorer , coche c lignes ensuite clike sur " fix checked "

R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://searchmiracle.com/sp.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.euro.dell.com/countries/fr/fra/gen/default.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://searchmiracle.com/sp.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://searchmiracle.com/sp.php
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wanadoo.fr/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.euro.dell.com/countries/fr/fra/gen/default.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://searchmiracle.com/sp.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://www.wanadoo.fr/
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://unreal.epicgames.com/Direct3d.htm
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL (file missing)

O2 - BHO: &EliteBar - {28CAEFF3-0F18-4036-B504-51D73BD81ABC} - C:\WINDOWS\EliteToolBar\EliteToolBar version 58.dll
O2 - BHO: BHO Class - {ED103D9F-3070-4580-AB1E-E5C179C1AE41} - C:\WINDOWS\ELITES~1\ELITES~1.DLL
O3 - Toolbar: &EliteBar - {825CF5BD-8862-4430-B771-0C15C5CA8DEF} - C:\WINDOWS\EliteToolBar\EliteToolBar version 58.dll

Pour les O4 faut d'abord faire ctrl/alt/supprime ensuite termine la tache de ( kalvcwk32.exe, Spyware Assassin.exe, SetupDemo.exe ) puis fix ces ligne:


O4 - HKLM\..\Run: [kalvsys] C:\windows\system32\kalvcwk32.exe
O4 - HKCU\..\Run: [Spyware Assassin v.4.0] "C:\Program Files\Spyware Assassin 4.0\Spyware Assassin.exe"
O4 - HKCU\..\RunOnce: [__GSCAdditionalInstallation__] "C:\DOCUME~1\Alex\LOCALS~1\Temp\SetupDemo.exe" -AdditionalInstall

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll (file missing)
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll (file missing)

O16 - DPF: v3cab - http://searchmiracle.com/cab/v3cab.cab
O16 - DPF: {15AD4789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://public.windupdates.com/get_file.php?bt=ie&p=88fb4bd1cc748615aaf24d95e9cbeb3358724ab481f8e3efaa749926ff7d88d97236971755bdeddb0fd3efedf2024d26208d:a50669a8a42fe77354145ae90fecae62
O16 - DPF: {386A771C-E96A-421F-8BA7-32F1B706892F} (Installer Class) - http://www.xxxtoolbar.com/ist/softwares/v4.0/0006_regular.cab
O16 - DPF: {771A1334-6B08-4A6B-AEDC-CF994BA2CEBE} (Installer Class) - http://www.ysbweb.com/ist/softwares/v4.0/ysb_regular.cab



ensuite supprime les fichier en gras :

O4 - HKLM\..\Run: [kalvsys] C:\windows\system32\kalvcwk32.exe
O4 - HKCU\..\Run: [Spyware Assassin v.4.0] "C:\Program Files\Spyware Assassin 4.0\Spyware Assassin.exe"
O4 - HKCU\..\RunOnce: [__GSCAdditionalInstallation__] "C:\DOCUME~1\Alex\LOCALS~1\Temp\SetupDemo.exe" -AdditionalInstall

Puis passe un coup d'antispyware:

(spy bot)
http://spybot.dalnet.com.fr/spybotsd13.exe

(adware SE)
http://telecharger.01net.com/windows/Internet/internet_utlitaire/fiches/25543.html
http://www.ordi-netfr.org/adawarese.html

(CWshredder)
http://www.soft32.com/download_19014.html

pour ce dernier faut absolument fermer tout les programe y compris internet explorer et donc hors connexion ensuite faire fix next next

(spy sweeper )
http://www.zdnet.fr/telecharger/windows/fiche/0,39021313,11010914s,00.htm

telecharge cette antitrojan

(A2free)
http://www.emsisoft.net/fr/

pense a les mettre a jour avant de les lancer


ensuite suprime les fichier inutiles
demarrer/paneau de configuration/option internet/suprimer fichier temporaaire apres une petite fentre s'ouvre tu coche "suprimer tout le contenu hors connexion" suprime aussi les cookies et efface l'historique

redemare ...

@+++++++++++++
0
Réponse 14 / 149
jey
11 déc. 2004 à 18:37
Bonjour, je suis aussi victime de searchmiracle et elite bar et aussi underrun.net, j'ai donc suivi la marche a suivre que vous avez décrite et avec hitjack j'obtiens ceci:

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://www.tiscali.fr/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer - Tiscali -
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: &EliteBar - {28CAEFF3-0F18-4036-B504-51D73BD81ABC} - C:\WINDOWS\EliteToolBar\EliteToolBar version 58.dll
O3 - Toolbar: &EliteBar - {825CF5BD-8862-4430-B771-0C15C5CA8DEF} - C:\WINDOWS\EliteToolBar\EliteToolBar version 58.dll
O4 - HKLM\..\Run: [WIN32] C:\mActiveX.exe
O4 - HKLM\..\Run: [windows monitor] C:\arsetup.exe
O4 - HKLM\..\Run: [Microsoft Time Manager] dveldr.exe
O4 - HKLM\..\Run: [System Host] scvhost.exe
O4 - HKLM\..\Run: [Windows Timer Update] phqghume.exe
O4 - HKLM\..\Run: [Zone Labs Client] "D:\INSTALLATIONS\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [NAV Agent] C:\PROGRA~1\NORTON~1\navapw32.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Windows TaskAd] C:\Program Files\Windows TaskAd\WinTaskAd.exe
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Program Files\Fichiers communs\Symantec Shared\Security Center\UsrPrmpt.exe
O4 - HKLM\..\Run: [kalvsys] C:\windows\system32\kalvaxn32.exe
O4 - HKLM\..\RunServices: [Window Monitor] winmon32.exe
O4 - HKLM\..\RunServices: [Win32 USB2.0 Driver] w32usb2.exe
O4 - HKLM\..\RunServices: [Workstation Services] wrkstn.exe
O4 - HKLM\..\RunServices: [zervpack2] update2.exe
O4 - HKLM\..\RunServices: [msupdates] msupdt.exe
O4 - HKLM\..\RunServices: [win] xwinxrpc32.exe
O4 - HKLM\..\RunServices: [Microsoft Time Manager] dveldr.exe
O4 - HKLM\..\RunServices: [System Host] scvhost.exe
O4 - HKLM\..\RunServices: [Windows Timer Update] phqghume.exe
O4 - HKLM\..\RunServices: [Realplayer One] realplay.exe
O4 - HKLM\..\RunServices: [Zonealarm] iexplore.exe
O4 - HKCU\..\Run: [System Host] scvhost.exe
O4 - HKCU\..\Run: [Windows Timer Update] phqghume.exe
O4 - HKCU\..\RunServices: [Window Monitor] winmon32.exe
O4 - Startup: IMsecure.lnk = D:\INSTALLATIONS\IMsecure\IMsecure.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://D:\INSTAL~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\INSTAL~1\MICROS~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1093869007529
O17 - HKLM\System\CCS\Services\Tcpip\..\{5310C534-97E4-4F06-BB1D-083F796D7AC6}: NameServer = 213.36.80.1

Merci de votre aide
0
Réponse 15 / 149
Utilisateur anonyme
11 déc. 2004 à 21:26
salut ferme internet explorer , coche c lignes ensuite clike sur " fix checked "

O2 - BHO: &EliteBar - {28CAEFF3-0F18-4036-B504-51D73BD81ABC} - C:\WINDOWS\EliteToolBar\EliteToolBar version 58.dll
O3 - Toolbar: &EliteBar - {825CF5BD-8862-4430-B771-0C15C5CA8DEF} - C:\WINDOWS\EliteToolBar\EliteToolBar version 58.dll

Pour les O4 faut d'abord faire ctrl/alt/supprime ensuite dans processus termine la tache de ( mActiveX.exe , arsetup.exe ,dveldr.exe ,scvhost.exe ,phqghume.exe , kalvaxn32.exe ,winmon32.exe ,w32usb2.exe ..ect) ensuite fix ces lignes :

O4 - HKLM\..\Run: [WIN32] C:\mActiveX.exe
O4 - HKLM\..\Run: [windows monitor] C:\arsetup.exe
O4 - HKLM\..\Run: [Microsoft Time Manager] dveldr.exe
O4 - HKLM\..\Run: [System Host] scvhost.exe
O4 - HKLM\..\Run: [Windows Timer Update] phqghume.exe
O4 - HKLM\..\Run: [kalvsys] C:\windows\system32\kalvaxn32.exe
O4 - HKLM\..\RunServices: [Window Monitor] winmon32.exe
O4 - HKLM\..\RunServices: [Win32 USB2.0 Driver] w32usb2.exe
O4 - HKLM\..\RunServices: [Workstation Services] wrkstn.exe
O4 - HKLM\..\RunServices: [zervpack2] update2.exe
O4 - HKLM\..\RunServices: [msupdates] msupdt.exe
O4 - HKLM\..\RunServices: [win] xwinxrpc32.exe
O4 - HKLM\..\RunServices: [Microsoft Time Manager] dveldr.exe
O4 - HKLM\..\RunServices: [System Host] scvhost.exe
O4 - HKLM\..\RunServices: [Windows Timer Update] phqghume.exe
O4 - HKLM\..\RunServices: [Realplayer One] realplay.exe
O4 - HKLM\..\RunServices: [Zonealarm] iexplore.exe
O4 - HKCU\..\Run: [System Host] scvhost.exe
O4 - HKCU\..\Run: [Windows Timer Update] phqghume.exe
O4 - HKCU\..\RunServices: [Window Monitor] winmon32.exe

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)


Puis passe un coup d'antispyware:

(spy bot)
http://spybot.dalnet.com.fr/spybotsd13.exe

(adware SE)
http://telecharger.01net.com/windows/Internet/internet_utlitaire/fiches/25543.html
http://www.ordi-netfr.org/adawarese.html

(CWshredder)
http://www.soft32.com/download_19014.html

pour ce dernier faut absolument fermer tout les programe y compris internet explorer et donc hors connexion ensuite faire fix next next

(spy sweeper )
http://www.zdnet.fr/telecharger/windows/fiche/0,39021313,11010914s,00.htm

telecharge ces antitrojan

(A2free)
http://www.emsisoft.net/fr/

( About buster)
http://www.spychecker.com/program/aboutbuster.html

pense a les mettre a jour avant de les lancer


ensuite suprime les fichier inutiles
demarrer/paneau de configuration/option internet/suprimer fichier temporaaire apres une petite fentre s'ouvre tu coche "suprimer tout le contenu hors connexion" suprime aussi les cookies et efface l'historique

redemare ... si le probleme persiste refait un scan et colle le resultat ici

@+++++++++++++
0
Réponse 16 / 149
Alex
15 déc. 2004 à 12:46
Merci de ton aide jess15. Maintenant je suis débarrassé!
C'est très sympa de ta part
0
Réponse 17 / 149
Utilisateur anonyme
15 déc. 2004 à 15:12
De rien :-)
@++++
0
Réponse 18 / 149
mickael
16 déc. 2004 à 14:40
Moi aussi j'aurai besoin de vos précieux conseils. Aidez moi a savoir koi cocher sur Hitjack, merci:

Voici le résultat:
Logfile of HijackThis v1.98.2
Scan saved at 14:33:07, on 16/12/2004
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\system32\spupdsvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
C:\WINDOWS\system32\spnpinst.exe
C:\WINDOWS\system32\Sysocmgr.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\DOCUME~1\Mickael\LOCALS~1\Temp\Rar$EX00.328\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: &EliteBar - {28CAEFF3-0F18-4036-B504-51D73BD81ABC} - C:\WINDOWS\EliteToolBar\EliteToolBar version 58.dll
O2 - BHO: BHO Class - {ED103D9F-3070-4580-AB1E-E5C179C1AE41} - C:\WINDOWS\ELITES~1\ELITES~1.DLL
O3 - Toolbar: &EliteBar - {825CF5BD-8862-4430-B771-0C15C5CA8DEF} - C:\WINDOWS\EliteToolBar\EliteToolBar version 58.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Start Uppings] mssupdate.exe
O4 - HKLM\..\Run: [kalvsys] C:\windows\system32\kalvhlx32.exe
O4 - HKLM\..\RunServices: [Start Uppings] mssupdate.exe
O4 - HKCU\..\Run: [Start Uppings] mssupdate.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\RunServices: [Start Uppings] mssupdate.exe
O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
O16 - DPF: v3cab - http://searchmiracle.com/cab/1.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1102955368312
O17 - HKLM\System\CCS\Services\Tcpip\..\{70A3C31B-9A64-4410-B830-0F0A78FC9E6D}: NameServer = 212.27.39.1 213.228.0.23
0
Réponse 19 / 149
Utilisateur anonyme
16 déc. 2004 à 18:14
salut ferme internet explorer , coche c lignes ensuite clike sur " fix checked "


O2 - BHO: &EliteBar - {28CAEFF3-0F18-4036-B504-51D73BD81ABC} - C:\WINDOWS\EliteToolBar\EliteToolBar version 58.dll
O2 - BHO: BHO Class - {ED103D9F-3070-4580-AB1E-E5C179C1AE41} - C:\WINDOWS\ELITES~1\ELITES~1.DLL
O3 - Toolbar: &EliteBar - {825CF5BD-8862-4430-B771-0C15C5CA8DEF} - C:\WINDOWS\EliteToolBar\EliteToolBar version 58.dll

Pour les O4 faut d'abord faire ctrl/alt/supprime ensuite dans processus termine la tache de( mssupdate.exe ,kalvhlx32.exe)
ensuite fix ces lignes :

O4 - HKLM\..\Run: [Start Uppings] mssupdate.exe
O4 - HKLM\..\Run: [kalvsys] C:\windows\system32\kalvhlx32.exe
O4 - HKLM\..\RunServices: [Start Uppings] mssupdate.exe
O4 - HKCU\..\Run: [Start Uppings] mssupdate.exe
O4 - HKCU\..\RunServices: [Start Uppings] mssupdate.exe

O16 - DPF: v3cab - http://searchmiracle.com/cab/1.cab


ensuite supprime les fichier en gras :

O4 - HKLM\..\Run: [Start Uppings] mssupdate.exe
O4 - HKLM\..\Run: [kalvsys] C:\windows\system32\kalvhlx32.exe

Puis passe un coup d'antispyware:

(spy bot)
http://spybot.dalnet.com.fr/spybotsd13.exe

(adware SE)
http://telecharger.01net.com/windows/Internet/internet_utlitaire/fiches/25543.html
http://www.ordi-netfr.org/adawarese.html

(CWshredder)
http://www.soft32.com/download_19014.html

pour ce dernier faut absolument fermer tout les programe y compris internet explorer et donc hors connexion ensuite faire fix next next

(spy sweeper )
http://www.zdnet.fr/telecharger/windows/fiche/0,39021313,11010914s,00.htm

telecharge ces antitrojan

(A2free)
http://www.emsisoft.net/fr/

( About buster)
http://www.spychecker.com/program/aboutbuster.html

pense a les mettre a jour avant de les lancer


ensuite suprime les fichier inutiles
demarrer/paneau de configuration/option internet/suprimer fichier temporaaire apres une petite fentre s'ouvre tu coche "suprimer tout le contenu hors connexion" suprime aussi les cookies et efface l'historique

redemare ... si le probleme persiste refait un scan et colle le resultat ici

@+++++++++++++
0
Réponse 20 / 149
jey
17 déc. 2004 à 15:38
Merci pour ton aide jess15, il semblerai que la plupar des "merdes" soient mais l'elite bar apparait de temps en temps, je ne comprend pas, aurait tu une autre solution a me proposer?

Merci a toi, a+
0

Discussions similaires

Désinstaller Opera
Web. -
Web. -

3 réponses
Comment désinstaller Opera
jpc54 -
kaneagle -

10 réponses