Forum |  HardWare.fr | News | Articles | PC | S'identifier | S'inscrire | Shop Recherche
967 connectés 

  FORUM HardWare.fr
  Windows & Software
  Sécurité

  virus france.exe

 
 


 Mot :   Pseudo :  
 
Bas de page
Auteur Sujet :

virus france.exe

n°2032667
funky_beat
Posté le 16-05-2005 à 16:28:04  profilanswer
 

Salut!!
je crois que j'ai chopé un virus dénommé france.exe, mais je ne sais pas comment le virer.Si vous pouviez m'aider , ce serait cool.
Voici mon log
 
Logfile of HijackThis v1.99.1
Scan saved at 14:52:43, on 15/05/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
 
Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\System32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\Program Files\FileZilla Server\FileZilla Server.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\WINNT\system32\svchost.exe
C:\Program Files\RealVNC\VNC4\WinVNC4.exe
C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
C:\WINNT\Explorer.EXE
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
C:\WINNT\system32\LVCOMSX.EXE
C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\program files\180solutions\sais.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Temp\hijackthis\HijackThis.exe
 
R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://searchmiracle.com/sp.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://searchmiracle.com/sp.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://searchmiracle.com/sp.php
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.rd.yahoo.com/customize/i [...] .yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.rd.yahoo.com/customize/i [...] .yahoo.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL
O2 - BHO: &EliteBar - {28CAEFF3-0F18-4036-B504-51D73BD81ABC} - C:\WINNT\EliteToolBar\EliteToolBar version 60.dll
O2 - BHO: &EliteSideBar - {ED103D9F-3070-4580-AB1E-E5C179C1AE41} - C:\WINNT\EliteSideBar\EliteSideBar 08.dll
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [ccRegVfy] "C:\Program Files\Fichiers communs\Symantec Shared\ccRegVfy.exe"
O4 - HKLM\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINNT\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [HELPER] C:\WINNT\system32\france.exe  -N
O4 - HKLM\..\Run: [checkrun] C:\winnt\system32\elitebht32.exe
O4 - HKLM\..\Run: [sais] c:\program files\180solutions\sais.exe
O4 - HKLM\..\Run: [MSConfig] C:\WINNT\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKLM\..\Run: [khol] C:\WINNT\khol.exe
O4 - HKLM\..\RunServices: [strmsnmsgr] msnmsgrs.exe
O4 - HKCU\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - Startup: MyWebSearch Email Plugin.lnk = C:\Program Files\MyWebSearch\bar\1.bin\MWSOEMON.EXE
O4 - Global Startup: MyWebSearch Email Plugin.lnk = C:\Program Files\MyWebSearch\bar\1.bin\MWSOEMON.EXE
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: &Search - http://bar.mywebsearch.com/menusea [...] xdm075YYFR
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: http://ny.contentmatch.net (HKLM)
O16 - DPF: {15AD4789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://static.windupdates.com/cab/ [...] e-c283.cab
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.imgfarm.com/images/nocac [...] .0.8-2.cab
O16 - DPF: {79849612-A98F-45B8-95E9-4D13C7B6B35C} (Loader2 Control) - http://static.topconverting.com/activex/website.ocx
O16 - DPF: {7C559105-9ECF-42B8-B3F7-832E75EDD959} (Installer Class) - http://www.xxxtoolbar.com/ist/soft [...] egular.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/ [...] loader.cab
O16 - DPF: {CC05BC12-2AA2-4AC7-AC81-0E40F83B1ADF} (Live365Player Class) - http://www.live365.com/players/play365.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{D03082C4-F72A-4276-8EDA-4C94DE92D3E2}: NameServer = 134.214.100.6,134.214.100.245
O18 - Protocol: bw+0 - {36774A53-8AC4-4FAE-B9FD-760312543236} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {36774A53-8AC4-4FAE-B9FD-760312543236} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {36774A53-8AC4-4FAE-B9FD-760312543236} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {36774A53-8AC4-4FAE-B9FD-760312543236} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {36774A53-8AC4-4FAE-B9FD-760312543236} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {36774A53-8AC4-4FAE-B9FD-760312543236} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {36774A53-8AC4-4FAE-B9FD-760312543236} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {36774A53-8AC4-4FAE-B9FD-760312543236} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {36774A53-8AC4-4FAE-B9FD-760312543236} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {36774A53-8AC4-4FAE-B9FD-760312543236} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {36774A53-8AC4-4FAE-B9FD-760312543236} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {36774A53-8AC4-4FAE-B9FD-760312543236} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {36774A53-8AC4-4FAE-B9FD-760312543236} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {36774A53-8AC4-4FAE-B9FD-760312543236} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {36774A53-8AC4-4FAE-B9FD-760312543236} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {36774A53-8AC4-4FAE-B9FD-760312543236} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {36774A53-8AC4-4FAE-B9FD-760312543236} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {36774A53-8AC4-4FAE-B9FD-760312543236} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {36774A53-8AC4-4FAE-B9FD-760312543236} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {36774A53-8AC4-4FAE-B9FD-760312543236} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {36774A53-8AC4-4FAE-B9FD-760312543236} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {36774A53-8AC4-4FAE-B9FD-760312543236} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {36774A53-8AC4-4FAE-B9FD-760312543236} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {36774A53-8AC4-4FAE-B9FD-760312543236} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {36774A53-8AC4-4FAE-B9FD-760312543236} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {36774A53-8AC4-4FAE-B9FD-760312543236} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {36774A53-8AC4-4FAE-B9FD-760312543236} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {36774A53-8AC4-4FAE-B9FD-760312543236} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {36774A53-8AC4-4FAE-B9FD-760312543236} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {36774A53-8AC4-4FAE-B9FD-760312543236} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {36774A53-8AC4-4FAE-B9FD-760312543236} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {36774A53-8AC4-4FAE-B9FD-760312543236} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {36774A53-8AC4-4FAE-B9FD-760312543236} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {36774A53-8AC4-4FAE-B9FD-760312543236} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {36774A53-8AC4-4FAE-B9FD-760312543236} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {36774A53-8AC4-4FAE-B9FD-760312543236} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {36774A53-8AC4-4FAE-B9FD-760312543236} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {36774A53-8AC4-4FAE-B9FD-760312543236} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {36774A53-8AC4-4FAE-B9FD-760312543236} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {36774A53-8AC4-4FAE-B9FD-760312543236} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {36774A53-8AC4-4FAE-B9FD-760312543236} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {36774A53-8AC4-4FAE-B9FD-760312543236} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {36774A53-8AC4-4FAE-B9FD-760312543236} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {36774A53-8AC4-4FAE-B9FD-760312543236} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {36774A53-8AC4-4FAE-B9FD-760312543236} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {36774A53-8AC4-4FAE-B9FD-760312543236} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {36774A53-8AC4-4FAE-B9FD-760312543236} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {36774A53-8AC4-4FAE-B9FD-760312543236} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {36774A53-8AC4-4FAE-B9FD-760312543236} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {36774A53-8AC4-4FAE-B9FD-760312543236} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {36774A53-8AC4-4FAE-B9FD-760312543236} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {36774A53-8AC4-4FAE-B9FD-760312543236} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {36774A53-8AC4-4FAE-B9FD-760312543236} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {36774A53-8AC4-4FAE-B9FD-760312543236} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {36774A53-8AC4-4FAE-B9FD-760312543236} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {36774A53-8AC4-4FAE-B9FD-760312543236} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {36774A53-8AC4-4FAE-B9FD-760312543236} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {36774A53-8AC4-4FAE-B9FD-760312543236} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {36774A53-8AC4-4FAE-B9FD-760312543236} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {36774A53-8AC4-4FAE-B9FD-760312543236} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {36774A53-8AC4-4FAE-B9FD-760312543236} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {36774A53-8AC4-4FAE-B9FD-760312543236} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {36774A53-8AC4-4FAE-B9FD-760312543236} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {36774A53-8AC4-4FAE-B9FD-760312543236} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {36774A53-8AC4-4FAE-B9FD-760312543236} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {36774A53-8AC4-4FAE-B9FD-760312543236} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {36774A53-8AC4-4FAE-B9FD-760312543236} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {36774A53-8AC4-4FAE-B9FD-760312543236} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {36774A53-8AC4-4FAE-B9FD-760312543236} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {36774A53-8AC4-4FAE-B9FD-760312543236} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {36774A53-8AC4-4FAE-B9FD-760312543236} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {36774A53-8AC4-4FAE-B9FD-760312543236} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {36774A53-8AC4-4FAE-B9FD-760312543236} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {36774A53-8AC4-4FAE-B9FD-760312543236} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {36774A53-8AC4-4FAE-B9FD-760312543236} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {36774A53-8AC4-4FAE-B9FD-760312543236} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {36774A53-8AC4-4FAE-B9FD-760312543236} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation Service (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: FileZilla Server FTP server (FileZilla Server) - Unknown owner - C:\Program Files\FileZilla Server\FileZilla Server.exe
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: VNC Server Version 4 (WinVNC4) - Unknown owner - C:\Program Files\RealVNC\VNC4\WinVNC4.exe" -service (file missing)
 

mood
Publicité
Posté le 16-05-2005 à 16:28:04  profilanswer
 

n°2032674
darren
bing blang blaow
Posté le 16-05-2005 à 16:31:40  profilanswer
 

Salut,  
 
il y a déjà une bonne dizaine de topics là dessus avec la solution pour le virer.
 
En gros : tu coches toutes les lignes avec "France.exe" dedans et tu les vires.
 
Ensuite en mode sans echec, tu supprimmes tous les fichiers appelés france.exe et tu nettoies avec CCLeaner, et tu rebootes.
 

n°2032681
philo2
Cogito ergo sum
Posté le 16-05-2005 à 16:36:08  profilanswer
 
n°2032774
stonangel
Posté le 16-05-2005 à 17:38:51  profilanswer
 

Bonjour, je regarde ton rapport. En attendant, télécharge ces utilitaires:
 
Elite Toolbar remover le dézipper dans un répertoire dédié et placer un raccourci sur le bureau
 
http://www.clubic.com/telecharger- [...] mover.html
 
CleanUp
 
http://downloads.stevengould.org/cleanup/CleanUp40.exe
 
Pocket Killbox  
 
http://www.bleepingcomputer.com/fi [...] illBox.zip
Une fois téléchargé, tu le dézippes sur ton bureau.
 
 
 
 
 
 
 

n°2032819
stonangel
Posté le 16-05-2005 à 18:17:00  profilanswer
 

Re,
 
1 Démarre en mode sans échec(F8). Clique sur Kill Elite Toolbar. Redémarre ton ordinateur.
 
2 Désinstalle via ajout:suppression de programmes ces applications, si elles sont présentes:
 
EliteToolBar, EliteSideBar, MyWebSearch, 180 solutions.
 
3 Démarre en mode sans échec. Lance Hijackthis Do a system scan onlyet coche les lignes suivantes:
 
R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://searchmiracle.com/sp.php  
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://searchmiracle.com/sp.php  
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://searchmiracle.com/sp.php  
R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)  
R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL  
O2 - BHO: &EliteBar - {28CAEFF3-0F18-4036-B504-51D73BD81ABC} - C:\WINNT\EliteToolBar\EliteToolBar version 60.dll  
O2 - BHO: &EliteSideBar - {ED103D9F-3070-4580-AB1E-E5C179C1AE41} - C:\WINNT\EliteSideBar\EliteSideBar 08.dll  
O4 - HKLM\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe  
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe  
O4 - HKLM\..\Run: [HELPER] C:\WINNT\system32\france.exe  -N  
O4 - HKLM\..\Run: [checkrun] C:\winnt\system32\elitebht32.exe  
O4 - HKLM\..\Run: [sais] c:\program files\180solutions\sais.exe  
O4 - HKLM\..\Run: [khol] C:\WINNT\khol.exe  
O4 - HKLM\..\RunServices: [strmsnmsgr] msnmsgrs.exe  
O4 - HKCU\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe  
O4 - Startup: MyWebSearch Email Plugin.lnk = C:\Program Files\MyWebSearch\bar\1.bin\MWSOEMON.EXE  
O4 - Global Startup: MyWebSearch Email Plugin.lnk = C:\Program Files\MyWebSearch\bar\1.bin\MWSOEMON.EXE  
O8 - Extra context menu item: &Search - http://bar.mywebsearch.com/menusea [...] xdm075YYFR  
O15 - Trusted Zone: http://ny.contentmatch.net (HKLM)  
O16 - DPF: {15AD4789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://static.windupdates.com/cab/ [...] e-c283.cab  
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.imgfarm.com/images/nocac [...] .0.8-2.cab  
O16 - DPF: {79849612-A98F-45B8-95E9-4D13C7B6B35C} (Loader2 Control) - http://static.topconverting.com/activex/website.ocx  
O16 - DPF: {7C559105-9ECF-42B8-B3F7-832E75EDD959} (Installer Class) - http://www.xxxtoolbar.com/ist/soft [...] egular.cab  
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/ [...] loader.cab  
O16 - DPF: {CC05BC12-2AA2-4AC7-AC81-0E40F83B1ADF} (Live365Player Class) - http://www.live365.com/players/play365.cab  
O18 - Protocol: bw+0 - {36774A53-8AC4-4FAE-B9FD-760312543236} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll  
O18 - Protocol: bw+0s - {36774A53-8AC4-4FAE-B9FD-760312543236} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll  
O18 - Protocol: bw-0 - {36774A53-8AC4-4FAE-B9FD-760312543236} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll  
O18 - Protocol: bw-0s - {36774A53-8AC4-4FAE-B9FD-760312543236} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll  
O18 - Protocol: bw00 - {36774A53-8AC4-4FAE-B9FD-760312543236} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll  
O18 - Protocol: bw00s - {36774A53-8AC4-4FAE-B9FD-760312543236} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll  
O18 - Protocol: bw10 - {36774A53-8AC4-4FAE-B9FD-760312543236} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll  
O18 - Protocol: bw10s - {36774A53-8AC4-4FAE-B9FD-760312543236} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll  
O18 - Protocol: bw20 - {36774A53-8AC4-4FAE-B9FD-760312543236} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll  
O18 - Protocol: bw20s - {36774A53-8AC4-4FAE-B9FD-760312543236} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll  
O18 - Protocol: bw30 - {36774A53-8AC4-4FAE-B9FD-760312543236} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll  
O18 - Protocol: bw30s - {36774A53-8AC4-4FAE-B9FD-760312543236} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll  
O18 - Protocol: bw40 - {36774A53-8AC4-4FAE-B9FD-760312543236} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll  
O18 - Protocol: bw40s - {36774A53-8AC4-4FAE-B9FD-760312543236} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll  
O18 - Protocol: bw50 - {36774A53-8AC4-4FAE-B9FD-760312543236} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll  
O18 - Protocol: bw50s - {36774A53-8AC4-4FAE-B9FD-760312543236} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll  
O18 - Protocol: bw60 - {36774A53-8AC4-4FAE-B9FD-760312543236} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll  
O18 - Protocol: bw60s - {36774A53-8AC4-4FAE-B9FD-760312543236} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll  
O18 - Protocol: bw70 - {36774A53-8AC4-4FAE-B9FD-760312543236} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll  
O18 - Protocol: bw70s - {36774A53-8AC4-4FAE-B9FD-760312543236} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll  
O18 - Protocol: bw80 - {36774A53-8AC4-4FAE-B9FD-760312543236} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll  
O18 - Protocol: bw80s - {36774A53-8AC4-4FAE-B9FD-760312543236} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll  
O18 - Protocol: bw90 - {36774A53-8AC4-4FAE-B9FD-760312543236} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll  
O18 - Protocol: bw90s - {36774A53-8AC4-4FAE-B9FD-760312543236} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll  
O18 - Protocol: bwa0 - {36774A53-8AC4-4FAE-B9FD-760312543236} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll  
O18 - Protocol: bwa0s - {36774A53-8AC4-4FAE-B9FD-760312543236} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll  
O18 - Protocol: bwb0 - {36774A53-8AC4-4FAE-B9FD-760312543236} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll  
O18 - Protocol: bwb0s - {36774A53-8AC4-4FAE-B9FD-760312543236} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll  
O18 - Protocol: bwc0 - {36774A53-8AC4-4FAE-B9FD-760312543236} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll  
O18 - Protocol: bwc0s - {36774A53-8AC4-4FAE-B9FD-760312543236} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll  
O18 - Protocol: bwd0 - {36774A53-8AC4-4FAE-B9FD-760312543236} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll  
O18 - Protocol: bwd0s - {36774A53-8AC4-4FAE-B9FD-760312543236} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll  
O18 - Protocol: bwe0 - {36774A53-8AC4-4FAE-B9FD-760312543236} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll  
O18 - Protocol: bwe0s - {36774A53-8AC4-4FAE-B9FD-760312543236} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll  
O18 - Protocol: bwf0 - {36774A53-8AC4-4FAE-B9FD-760312543236} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll  
O18 - Protocol: bwf0s - {36774A53-8AC4-4FAE-B9FD-760312543236} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll  
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll  
O18 - Protocol: bwg0 - {36774A53-8AC4-4FAE-B9FD-760312543236} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll  
O18 - Protocol: bwg0s - {36774A53-8AC4-4FAE-B9FD-760312543236} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll  
O18 - Protocol: bwh0 - {36774A53-8AC4-4FAE-B9FD-760312543236} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll  
O18 - Protocol: bwh0s - {36774A53-8AC4-4FAE-B9FD-760312543236} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll  
O18 - Protocol: bwi0 - {36774A53-8AC4-4FAE-B9FD-760312543236} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll  
O18 - Protocol: bwi0s - {36774A53-8AC4-4FAE-B9FD-760312543236} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll  
O18 - Protocol: bwj0 - {36774A53-8AC4-4FAE-B9FD-760312543236} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll  
O18 - Protocol: bwj0s - {36774A53-8AC4-4FAE-B9FD-760312543236} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll  
O18 - Protocol: bwk0 - {36774A53-8AC4-4FAE-B9FD-760312543236} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll  
O18 - Protocol: bwk0s - {36774A53-8AC4-4FAE-B9FD-760312543236} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll  
O18 - Protocol: bwl0 - {36774A53-8AC4-4FAE-B9FD-760312543236} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll  
O18 - Protocol: bwl0s - {36774A53-8AC4-4FAE-B9FD-760312543236} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll  
O18 - Protocol: bwm0 - {36774A53-8AC4-4FAE-B9FD-760312543236} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll  
O18 - Protocol: bwm0s - {36774A53-8AC4-4FAE-B9FD-760312543236} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll  
O18 - Protocol: bwn0 - {36774A53-8AC4-4FAE-B9FD-760312543236} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll  
O18 - Protocol: bwn0s - {36774A53-8AC4-4FAE-B9FD-760312543236} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll  
O18 - Protocol: bwo0 - {36774A53-8AC4-4FAE-B9FD-760312543236} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll  
O18 - Protocol: bwo0s - {36774A53-8AC4-4FAE-B9FD-760312543236} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll  
O18 - Protocol: bwp0 - {36774A53-8AC4-4FAE-B9FD-760312543236} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll  
O18 - Protocol: bwp0s - {36774A53-8AC4-4FAE-B9FD-760312543236} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll  
O18 - Protocol: bwq0 - {36774A53-8AC4-4FAE-B9FD-760312543236} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll  
O18 - Protocol: bwq0s - {36774A53-8AC4-4FAE-B9FD-760312543236} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll  
O18 - Protocol: bwr0 - {36774A53-8AC4-4FAE-B9FD-760312543236} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll  
O18 - Protocol: bwr0s - {36774A53-8AC4-4FAE-B9FD-760312543236} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll  
O18 - Protocol: bws0 - {36774A53-8AC4-4FAE-B9FD-760312543236} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll  
O18 - Protocol: bws0s - {36774A53-8AC4-4FAE-B9FD-760312543236} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll  
O18 - Protocol: bwt0 - {36774A53-8AC4-4FAE-B9FD-760312543236} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll  
O18 - Protocol: bwt0s - {36774A53-8AC4-4FAE-B9FD-760312543236} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll  
O18 - Protocol: bwu0 - {36774A53-8AC4-4FAE-B9FD-760312543236} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll  
O18 - Protocol: bwu0s - {36774A53-8AC4-4FAE-B9FD-760312543236} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll  
O18 - Protocol: bwv0 - {36774A53-8AC4-4FAE-B9FD-760312543236} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll  
O18 - Protocol: bwv0s - {36774A53-8AC4-4FAE-B9FD-760312543236} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll  
O18 - Protocol: bww0 - {36774A53-8AC4-4FAE-B9FD-760312543236} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll  
O18 - Protocol: bww0s - {36774A53-8AC4-4FAE-B9FD-760312543236} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll  
O18 - Protocol: bwx0 - {36774A53-8AC4-4FAE-B9FD-760312543236} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll  
O18 - Protocol: bwx0s - {36774A53-8AC4-4FAE-B9FD-760312543236} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll  
O18 - Protocol: bwy0 - {36774A53-8AC4-4FAE-B9FD-760312543236} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll  
O18 - Protocol: bwy0s - {36774A53-8AC4-4FAE-B9FD-760312543236} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll  
O18 - Protocol: bwz0 - {36774A53-8AC4-4FAE-B9FD-760312543236} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll  
O18 - Protocol: bwz0s - {36774A53-8AC4-4FAE-B9FD-760312543236} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll  
O18 - Protocol: offline-8876480 - {36774A53-8AC4-4FAE-B9FD-760312543236} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll  
 
Ferme toutes les fenêtres tous les programmes puis Fix checked.
 
4 Lance Killbox. Ouvre le bloc note et copie colle le chemin des fichiers ci dessous:
 
C:\WINNT\system32\france.exe  -N  
C:\winnt\system32\elitebht32.exe  
c:\program files\180solutions\sais.exe  
C:\WINNT\khol.exe
 
Entre les dans la fenêtre de Killbox. Coche Delete on reboot et clique sur la croix sur fon rouge. Au message File will be deleted... Do you want to reboot now réponds oui.
 
Assure toi d'avoir accès à tous les fichiers
 

Citation :

Démarrer, Poste de travail ou autre dossier, Menu Outils, Option des dossiers, onglet Affichage :  
Activer la case : Afficher les fichiers et dossiers cachés
Désactiver la case : Masquer les extensions des fichiers dont le type est connu
Désactiver la case : Masquer les fichiers protégés du système d'exploitation
Puis Appliquer


 
5 Supprime les fichiers/dossiers incriminés (s'ils existent encore) :
 
C:\Program Files\MyWebSearch  
C:\WINNT\EliteToolBar  
C:\WINNT\EliteSideBar
C:\PROGRA~1\MYWEBS~1
C:\WINNT\system32\france.exe  -N  
C:\winnt\system32\elitebht32.exe  
c:\program files\180solutions\sais.exe  
C:\WINNT\khol.exe  
msnmsgrs.exe< utiliser la fonction rechercher, attention à la syntaxe  
C:\Program Files\MyWebSearch
 
6 Lance Cleanup
Recache les fichiers système afin de ne pas faire d'erreur à l'avenir en sélectionnant ne pas afficher les fichiers cachés ou les fichiers système.
 
7 Redémarre normalement et poste un nouveau rapport Hijackthis pour vérification
 
 
 
 
 
 
 
 
 
 
 
 
 

n°2032936
darren
bing blang blaow
Posté le 16-05-2005 à 19:57:46  profilanswer
 

Joli bordel son log :D

n°2032961
stonangel
Posté le 16-05-2005 à 20:20:01  profilanswer
 

darren a écrit :

Joli bordel son log :D


 
Et en plus du coriace. On verra s'il répond ce que ça donne...  

n°2033021
philo2
Cogito ergo sum
Posté le 16-05-2005 à 21:13:24  profilanswer
 

Stonangel... :jap:  
 
félicitation pour tes réponses, c'est pas la première que je vois tes "post" .
Clair et précis.
Tu as dû en "dépatouiller" plus d'un sur ce forum !
 :jap:  :hello:


Message édité par philo2 le 16-05-2005 à 21:15:10
n°2033100
stonangel
Posté le 16-05-2005 à 22:44:28  profilanswer
 

:hello: Merci beaucoup

n°2033102
darren
bing blang blaow
Posté le 16-05-2005 à 22:49:02  profilanswer
 

Stonangel est très fort, je ne suis qu'un jeune padawan comparé à lui :jap:
 
Plus sérieusement, c'est super sympa de sa part d'aider les autres comme il le fait.

mood
Publicité
Posté le 16-05-2005 à 22:49:02  profilanswer
 

n°2033603
funky_beat
Posté le 17-05-2005 à 13:52:52  profilanswer
 

Salut la compagnie!!
je crois que le problème est réglé
t'es Trop fort STONANGEL
merci les gars!!
 
voici mon log, je pense qu'il est clean comme l'eau de roche
 :)  :)  :)  
 
 
Logfile of HijackThis v1.99.1
Scan saved at 13:49:49, on 17/05/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
 
Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\System32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\Program Files\FileZilla Server\FileZilla Server.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\WINNT\system32\svchost.exe
C:\Program Files\RealVNC\VNC4\WinVNC4.exe
C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
C:\WINNT\Explorer.EXE
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\WINNT\system32\LVCOMSX.EXE
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINNT\system32\wuauclt.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\hijackthis\HijackThis.exe
 
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.rd.yahoo.com/customize/i [...] .yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.rd.yahoo.com/customize/i [...] .yahoo.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [ccRegVfy] "C:\Program Files\Fichiers communs\Symantec Shared\ccRegVfy.exe"
O4 - HKLM\..\Run: [LVCOMSX] C:\WINNT\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{D03082C4-F72A-4276-8EDA-4C94DE92D3E2}: NameServer = 134.214.100.6,134.214.100.245
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation Service (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: FileZilla Server FTP server (FileZilla Server) - Unknown owner - C:\Program Files\FileZilla Server\FileZilla Server.exe
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: VNC Server Version 4 (WinVNC4) - Unknown owner - C:\Program Files\RealVNC\VNC4\WinVNC4.exe" -service (file missing)
 

n°2033979
stonangel
Posté le 17-05-2005 à 18:11:49  profilanswer
 

Bonsoir, effectivement c'est réglé. Bon surf  :hello:


Aller à :
Ajouter une réponse
  FORUM HardWare.fr
  Windows & Software
  Sécurité

  virus france.exe

 

Sujets relatifs
massive pb: virus qui desactive les antivirusproblème virus/trojan/...
Petit soucis , virus ?Pb téléchargement définition virus de BitDefender 8 Pro
Virus msn 7besoin d'aide avec france.exe et hijackthis
virus dans mails à répétitionsUn autre problème de virus grateur sniffeur....
france télécom veut pas installer l'adsl !!!virus france.exe ou "click me"
Plus de sujets relatifs à : virus france.exe

Forum MesDiscussions.Net, Version 2010.2
(c) 2000-2011 Doctissimo
Page générée en 0.060 secondes

Copyright © 1997-2022 Hardware.fr SARL (Signaler un contenu illicite / Données personnelles) / Groupe LDLC / Shop HFR