[Résolu] wintems.exe/ hidr.exe
Dernière réponse : dans Sécurité
Bonjours a tous,
J'ai un petit problème depuis hier sur mon portable (sous vista). Je pense avoir ouvert un .RAR contaminé.
Le problème est que windows defender ne fonctionne plus normalement "echec de l'initialisation de l'application : 0x800106ba" et McAfee ne fonctionne plus non-plus (pare feu couper, plus de protection).
J'ai lancé un scan qui s'est avéré interminable et sans résultat, la restauration ne fonctionne pas non-plus.
Bref je suis perdu, c'est pour cela que je demande votre aide; comment puis-je résoudre le problème tout en évitant le formatage?
merci
Alexis
J'ai un petit problème depuis hier sur mon portable (sous vista). Je pense avoir ouvert un .RAR contaminé.
Le problème est que windows defender ne fonctionne plus normalement "echec de l'initialisation de l'application : 0x800106ba" et McAfee ne fonctionne plus non-plus (pare feu couper, plus de protection).
J'ai lancé un scan qui s'est avéré interminable et sans résultat, la restauration ne fonctionne pas non-plus.
Bref je suis perdu, c'est pour cela que je demande votre aide; comment puis-je résoudre le problème tout en évitant le formatage?
merci
Alexis
Autres pages sur : resolu wintems exe hidr exe
Lassé par la pub ? Créez un compte
Bonjour,
C'est une infection Bagle.
Télécharge ELIBAGLA en bas de cette page.
Clique sur le bouton Descargar Elibagla, cela va télécharger le fichier, place-le sur ton Bureau.
Double-clique dessus pour l'ouvrir.
Assure-toi que dans le menu déroulant Unidad, vous ayez bien C:\
Vérifie aussi aussi que l'option en bas de la fenêtre Eliminar Ficheros Automaticamente soit bien cochée.
Clique sur le bouton Explorar pour lancer l'analyse.
Poste le rapport généré en fin fin d'analyse.
AIDE : Comment supprimer Bagle ?
C'est une infection Bagle.
Télécharge ELIBAGLA en bas de cette page.
Clique sur le bouton Descargar Elibagla, cela va télécharger le fichier, place-le sur ton Bureau.
Double-clique dessus pour l'ouvrir.
Assure-toi que dans le menu déroulant Unidad, vous ayez bien C:\
Vérifie aussi aussi que l'option en bas de la fenêtre Eliminar Ficheros Automaticamente soit bien cochée.
Clique sur le bouton Explorar pour lancer l'analyse.
Poste le rapport généré en fin fin d'analyse.
AIDE : Comment supprimer Bagle ?
Une infection de ce type sous Vista. On va devoir chercher ![:D]( ":D")
Télécharge Gmer.
Dézippe le dans un dossier ou sur ton bureau.
Déconnecte toi d'Internet puis et ferme tous les programmes.
Double-clique sur Gmer.exe.
IMPORTANT: Si une alerte de ton antivirus apparaît pour le fichier gmer.sys ou gmer.exe, laisse le s'executer.
Clique sur l'onglet rootkit.
A droite, coche Files et Services.
Clique maintenant sur Scan.
Lorsque le scan est terminé, clique sur Copy.
Ouvre le Bloc-notes puis clique sur le Menu Edition / Coller.
Le rapport doit alors apparaître.
Enregistre le fichier sur ton bureau et copie/colle le contenu ici.
Télécharge Gmer.
Dézippe le dans un dossier ou sur ton bureau.
Déconnecte toi d'Internet puis et ferme tous les programmes.
Double-clique sur Gmer.exe.
IMPORTANT: Si une alerte de ton antivirus apparaît pour le fichier gmer.sys ou gmer.exe, laisse le s'executer.
Clique sur l'onglet rootkit.
A droite, coche Files et Services.
Clique maintenant sur Scan.
Lorsque le scan est terminé, clique sur Copy.
Ouvre le Bloc-notes puis clique sur le Menu Edition / Coller.
Le rapport doit alors apparaître.
Enregistre le fichier sur ton bureau et copie/colle le contenu ici.
Tout d'abord merci de tes réponse rapide est claire!
voici le rapport: http://rapidshare.com/files/56602006/rapport.txt.html
Désolé, ce n'est pas trés pratique pour le lien rapidshare, mais il y avait trop de chose dans le rapport pour rentrer dans le post, je ne savait pas comment faire!
voici le rapport: http://rapidshare.com/files/56602006/rapport.txt.html
Désolé, ce n'est pas trés pratique pour le lien rapidshare, mais il y avait trop de chose dans le rapport pour rentrer dans le post, je ne savait pas comment faire!
Tu peux désactiver l'UAC puis relancer EliBAGLA ?
http://www.zebulon.fr/astuces/220-desactiver-l-uac-dans...
http://www.zebulon.fr/astuces/220-desactiver-l-uac-dans...
C'est fait, mais j'ai encore eu les messages "Acceso denegado a la carpeta", et pour le rapport (cette fois je l'ai trouvé):
Tue Sep 18 21:11:22 2007
EliBagle v10.55 (c)2007 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Acción Directa):
C:\WINDOWS\SYSTEM32\WINTEMS.EXE --> Eliminado Bagle
C:\WINDOWS\SYSTEM32\BAN_LIST.TXT --> Eliminado Bagle
Por favor, envienos una muestra del fichero
C:\Muestras\HIDR.EXE.Muestra EliBagle v10.55
a "virus@satinfo.es". Gracias.
C:\WINDOWS\SYSTEM32\DRIVERS\HIDR.EXE --> Eliminado Bagle
Eliminada Carpeta "%WinDir%\exefld"
Tue Sep 18 21:11:36 2007
EliBagle v10.55 (c)2007 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Exploración):
Explorando Unidad C:\
Tue Sep 18 21:11:22 2007
EliBagle v10.55 (c)2007 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Acción Directa):
C:\WINDOWS\SYSTEM32\WINTEMS.EXE --> Eliminado Bagle
C:\WINDOWS\SYSTEM32\BAN_LIST.TXT --> Eliminado Bagle
Por favor, envienos una muestra del fichero
C:\Muestras\HIDR.EXE.Muestra EliBagle v10.55
a "virus@satinfo.es". Gracias.
C:\WINDOWS\SYSTEM32\DRIVERS\HIDR.EXE --> Eliminado Bagle
Eliminada Carpeta "%WinDir%\exefld"
Tue Sep 18 21:11:36 2007
EliBagle v10.55 (c)2007 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Exploración):
Explorando Unidad C:\
alex3112 a dit :
Donc si je comprend bien wintems et hird .exe était bien la cause, et sont bien effacer (en tout cas je ne les ai pas retrouver), que doit-je faire pour l'antivirus (une désinstal et une réinstallation?) et pour windows defender? (dois-je poser ma question dans un autre endroit du forum?)Tu feras la désinstallation/réinstallation à la fin de la procédure.
voici le rapport:
edit: je fait comme tout a l'heure avec rapidshare?
http://rapidshare.com/files/56620447/rapport1.txt.html
GMER 1.0.13.12551 - http://www.gmer.net
Rootkit scan 2007-09-18 21:33:31
Windows 6.0.6000
---- Services - GMER 1.0.13 ----
Service C:\??\C:\Windows\system32\drivers\srosa.sys (*** hidden *** ) [SYSTEM] srosa <-- ROOTKIT !!!
---- Files - GMER 1.0.13 ----
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\8state_transbar.png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\ActivityPanelTile.PNG
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\ActivityPaneOptionButton.PNG
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\ActivityPaneTitle.png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\ActivityPaneWindow.png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\AlbumImages
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\AlbumImages\albumcover.png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\AlbumImages\AlbumUser.PNG
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\AlbumImages\bin.png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\AlbumImages\Category_All.png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\AlbumImages\Category_Audio.png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\AlbumImages\Category_Document.png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\AlbumImages\Category_Photo.png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\AlbumImages\Category_Video.png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\AlbumImages\Collection_AddTo.png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\AlbumImages\Collection_Delete.png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\AlbumImages\Collection_New.png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\AlbumImages\Collection_Rename.png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\AlbumImages\GlyphsPocketPhotoEditor.png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\AlbumImages\Glyphs_AssetWindow.png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\AlbumImages\Glyphs_CheckStates.png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\AlbumImages\Glyphs_Menu.png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\AlbumImages\Glyphs_Mode.png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\AlbumImages\Glyphs_PrevControl.png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\AlbumImages\NavBarSpacer.png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\AlbumImages\nostar.png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\AlbumImages\PlaceHolderBackground.png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\AlbumImages\shoebox.png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\AlbumImages\shoebox_T.PNG
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\AlbumImages\SmartViewCategoryAll.PNG
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\AlbumImages\SmartViewCategoryMusic.png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\AlbumImages\SmartViewCategoryMyViews.png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\AlbumImages\SmartViewCategoryPhotos.png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\AlbumImages\SmartViewCategoryProjects.png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\AlbumImages\SmartViewCategoryVideos.png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\AlbumImages\SmartViewCustom.PNG
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\AlbumImages\SmartViewDate.PNG
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\AlbumImages\SmartViewKeyword.PNG
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\AlbumImages\SmartViewProjectTypes.png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\AlbumImages\SmartViewSQL.png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\AlbumImages\SmartViewUnprotected.png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\AlbumImages\star.png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\AlbumImages\transparent.png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\AlbumImages\UpdatingCollections.png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\AllCollections.ico
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\AllMedia.ico
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\Archive.ico
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\ArrowGlyphs.PNG
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\audioBtn_mute.png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\audio_preview_lg.png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\audio_preview_sm.png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\Avi.png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\BenQP50.ico
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\Bin.ico
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\BulletButton1.png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\BulletButton10.png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\BulletButton11.png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\BulletButton12.png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\BulletButton2.png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\BulletButton3.png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\BulletButton4.png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\BulletButton5.png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\BulletButton6.png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\BulletButton7.png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\BulletButton8.png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\BulletButton9.png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\CalendarDateCurrent.png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\CalendarDateSelect.png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\CalendarFrame.png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\CalendarIcon.png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\CalendarScrollLeft.png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\CalendarScrollRight.png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\checkbox.PNG
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\checked.PNG
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\Collections.ico
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\ComboDropDown.png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\Cursors
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\Cursors\add_sel.cur
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\Cursors\Busy.cur
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\Cursors\cancel.cur
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\Cursors\close_sel.cur
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\Cursors\ColorControl_Gradient.cur
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\Cursors\Cross.cur
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\Cursors\Draw.cur
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\Cursors\draw_add.cur
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\Cursors\draw_sub.cur
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\Cursors\eyedrop.cur
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\Cursors\floodcur.cur
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\Cursors\hand.cur
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\Cursors\Ibeam.cur
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\Cursors\ImageDoMove.cur
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\Cursors\ImageMove.cur
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\Cursors\ImageResize.cur
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\Cursors\ImageRotate.cur
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\Cursors\nullcursor.cur
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\Cursors\pan.cur
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\Cursors\pandrag.cur
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\Cursors\RedEye.cur
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\Cursors\ResizeBottom.cur
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\Cursors\ResizeBottomLeft.cur
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\Cursors\ResizeBottomRight.cur
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\Cursors\ResizeLeft.cur
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\Cursors\ResizeRight.cur
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\Cursors\ResizeTop.cur
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\Cursors\ResizeTopLeft.cur
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\Cursors\ResizeTopRight.cur
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\Cursors\RotateBottomLeft.cur
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\Cursors\RotateBottomRight.cur
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\Cursors\RotateTopLeft.cur
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\Cursors\RotateTopRight.cur
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\Cursors\scroll.cur
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\Cursors\SizeAll.cur
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\Cursors\splitterhorz.cur
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\Cursors\splittervert.cur
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\Cursors\sub_sel.cur
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\Cursors\wand.cur
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\Cursors\wandadd.cur
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\Cursors\wandsub.cur
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\Cursors\Working.cur
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\Cursors\zoom.cur
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\Cursors\zoomdrag.cur
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\Cursors\zoomin.cur
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\Cursors\zoomout.cur
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\Cutouts1.PNG
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\Cutouts2.PNG
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\Cutouts3.PNG
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\Cutouts4.PNG
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\Cutouts5.PNG
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\DeviceGlyph.png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\DialogFrame.PNG
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\DialogFrameResizeMediaPicker.png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\Divider.PNG
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\DMSAProject.png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\DMSDThumbnail.png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\DMSEProject.png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\DMSSProject.png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\DocTools.PNG
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\DocToolsHorz.PNG
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\DocumentFrame.png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\DocumentFrame2.png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\DocumentFrame3.png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\DocumentFrame4.png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\DocumentFrame5.png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\DocumentFrameHome.png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\DocumentFrame_noTitle.png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\DropDownTriangle.PNG
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\DVDNavigation
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\DVDNavigation\DVDbackframe.png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\DVDNavigation\DVDff.png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\DVDNavigation\DVDnextframe.png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\DVDNavigation\DVDok.png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\DVDNavigation\DVDpause.png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\DVDNavigation\DVDplay.png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\DVDNavigation\DVDremote.png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\DVDNavigation\DVDrew.png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\DVDNavigation\DVDstop.png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\DVDNavigation\DVD_downnav.png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\DVDNavigation\DVD_leftnav.png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\DVDNavigation\DVD_rightnav.png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\DVDNavigation\DVD_upnav.png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\ECDCProject.png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\EditBox.PNG
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\EditBoxDis.png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\EditPhotoTile.PNG
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\EditShape_Fill.png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\EditShape_Line.png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\EditShape_LineFill.png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\FlatColorButton.png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\FlyoutGlyphsPrepare.PNG
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\FlyOutLeft.PNG
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\Folder.ico
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\FolderBrowserMinus.png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\FolderBrowserPlus.png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\Folder_Delete.png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\Folder_New.png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\Folder_Rename.png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\Gadget.png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\GalleryButton.png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\GalleryScrollDown.png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\GalleryScrollUp.png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\GeneratingThumbnail.PNG
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\GlyphTools.PNG
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\Glyph_ColorPicker 1 .png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\Glyph_ColorPicker.png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\GoButton.png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\GroupBox.PNG
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\groupbox_borders.png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common R
edit: je fait comme tout a l'heure avec rapidshare?
http://rapidshare.com/files/56620447/rapport1.txt.html
GMER 1.0.13.12551 - http://www.gmer.net
Rootkit scan 2007-09-18 21:33:31
Windows 6.0.6000
---- Services - GMER 1.0.13 ----
Service C:\??\C:\Windows\system32\drivers\srosa.sys (*** hidden *** ) [SYSTEM] srosa <-- ROOTKIT !!!
---- Files - GMER 1.0.13 ----
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\8state_transbar.png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\ActivityPanelTile.PNG
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\ActivityPaneOptionButton.PNG
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\ActivityPaneTitle.png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\ActivityPaneWindow.png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\AlbumImages
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\AlbumImages\albumcover.png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\AlbumImages\AlbumUser.PNG
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\AlbumImages\bin.png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\AlbumImages\Category_All.png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\AlbumImages\Category_Audio.png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\AlbumImages\Category_Document.png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\AlbumImages\Category_Photo.png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\AlbumImages\Category_Video.png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\AlbumImages\Collection_AddTo.png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\AlbumImages\Collection_Delete.png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\AlbumImages\Collection_New.png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\AlbumImages\Collection_Rename.png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\AlbumImages\GlyphsPocketPhotoEditor.png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\AlbumImages\Glyphs_AssetWindow.png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\AlbumImages\Glyphs_CheckStates.png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\AlbumImages\Glyphs_Menu.png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\AlbumImages\Glyphs_Mode.png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\AlbumImages\Glyphs_PrevControl.png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\AlbumImages\NavBarSpacer.png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\AlbumImages\nostar.png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\AlbumImages\PlaceHolderBackground.png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\AlbumImages\shoebox.png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\AlbumImages\shoebox_T.PNG
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\AlbumImages\SmartViewCategoryAll.PNG
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\AlbumImages\SmartViewCategoryMusic.png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\AlbumImages\SmartViewCategoryMyViews.png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\AlbumImages\SmartViewCategoryPhotos.png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\AlbumImages\SmartViewCategoryProjects.png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\AlbumImages\SmartViewCategoryVideos.png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\AlbumImages\SmartViewCustom.PNG
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\AlbumImages\SmartViewDate.PNG
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\AlbumImages\SmartViewKeyword.PNG
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\AlbumImages\SmartViewProjectTypes.png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\AlbumImages\SmartViewSQL.png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\AlbumImages\SmartViewUnprotected.png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\AlbumImages\star.png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\AlbumImages\transparent.png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\AlbumImages\UpdatingCollections.png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\AllCollections.ico
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\AllMedia.ico
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\Archive.ico
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\ArrowGlyphs.PNG
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\audioBtn_mute.png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\audio_preview_lg.png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\audio_preview_sm.png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\Avi.png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\BenQP50.ico
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\Bin.ico
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\BulletButton1.png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\BulletButton10.png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\BulletButton11.png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\BulletButton12.png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\BulletButton2.png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\BulletButton3.png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\BulletButton4.png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\BulletButton5.png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\BulletButton6.png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\BulletButton7.png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\BulletButton8.png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\BulletButton9.png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\CalendarDateCurrent.png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\CalendarDateSelect.png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\CalendarFrame.png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\CalendarIcon.png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\CalendarScrollLeft.png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\CalendarScrollRight.png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\checkbox.PNG
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\checked.PNG
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\Collections.ico
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\ComboDropDown.png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\Cursors
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\Cursors\add_sel.cur
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\Cursors\Busy.cur
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\Cursors\cancel.cur
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\Cursors\close_sel.cur
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\Cursors\ColorControl_Gradient.cur
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\Cursors\Cross.cur
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\Cursors\Draw.cur
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\Cursors\draw_add.cur
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\Cursors\draw_sub.cur
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\Cursors\eyedrop.cur
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\Cursors\floodcur.cur
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\Cursors\hand.cur
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\Cursors\Ibeam.cur
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\Cursors\ImageDoMove.cur
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\Cursors\ImageMove.cur
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\Cursors\ImageResize.cur
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\Cursors\ImageRotate.cur
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\Cursors\nullcursor.cur
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\Cursors\pan.cur
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\Cursors\pandrag.cur
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\Cursors\RedEye.cur
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\Cursors\ResizeBottom.cur
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\Cursors\ResizeBottomLeft.cur
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\Cursors\ResizeBottomRight.cur
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\Cursors\ResizeLeft.cur
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\Cursors\ResizeRight.cur
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\Cursors\ResizeTop.cur
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\Cursors\ResizeTopLeft.cur
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\Cursors\ResizeTopRight.cur
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\Cursors\RotateBottomLeft.cur
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\Cursors\RotateBottomRight.cur
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\Cursors\RotateTopLeft.cur
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\Cursors\RotateTopRight.cur
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\Cursors\scroll.cur
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\Cursors\SizeAll.cur
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\Cursors\splitterhorz.cur
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\Cursors\splittervert.cur
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\Cursors\sub_sel.cur
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\Cursors\wand.cur
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\Cursors\wandadd.cur
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\Cursors\wandsub.cur
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\Cursors\Working.cur
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\Cursors\zoom.cur
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\Cursors\zoomdrag.cur
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\Cursors\zoomin.cur
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\Cursors\zoomout.cur
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\Cutouts1.PNG
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\Cutouts2.PNG
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\Cutouts3.PNG
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\Cutouts4.PNG
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\Cutouts5.PNG
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\DeviceGlyph.png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\DialogFrame.PNG
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\DialogFrameResizeMediaPicker.png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\Divider.PNG
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\DMSAProject.png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\DMSDThumbnail.png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\DMSEProject.png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\DMSSProject.png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\DocTools.PNG
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\DocToolsHorz.PNG
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\DocumentFrame.png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\DocumentFrame2.png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\DocumentFrame3.png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\DocumentFrame4.png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\DocumentFrame5.png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\DocumentFrameHome.png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\DocumentFrame_noTitle.png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\DropDownTriangle.PNG
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\DVDNavigation
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\DVDNavigation\DVDbackframe.png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\DVDNavigation\DVDff.png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\DVDNavigation\DVDnextframe.png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\DVDNavigation\DVDok.png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\DVDNavigation\DVDpause.png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\DVDNavigation\DVDplay.png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\DVDNavigation\DVDremote.png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\DVDNavigation\DVDrew.png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\DVDNavigation\DVDstop.png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\DVDNavigation\DVD_downnav.png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\DVDNavigation\DVD_leftnav.png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\DVDNavigation\DVD_rightnav.png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\DVDNavigation\DVD_upnav.png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\ECDCProject.png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\EditBox.PNG
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\EditBoxDis.png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\EditPhotoTile.PNG
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\EditShape_Fill.png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\EditShape_Line.png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\EditShape_LineFill.png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\FlatColorButton.png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\FlyoutGlyphsPrepare.PNG
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\FlyOutLeft.PNG
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\Folder.ico
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\FolderBrowserMinus.png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\FolderBrowserPlus.png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\Folder_Delete.png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\Folder_New.png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\Folder_Rename.png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\Gadget.png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\GalleryButton.png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\GalleryScrollDown.png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\GalleryScrollUp.png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\GeneratingThumbnail.PNG
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\GlyphTools.PNG
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\Glyph_ColorPicker 1 .png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\Glyph_ColorPicker.png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\GoButton.png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\GroupBox.PNG
File C:\Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\groupbox_borders.png
File C:\Program Files\Common Files\Roxio Shared\9.0\Common R
Re,
On va essayer qq chose.
Gmer doit toujours être présent sur ton ordinateur !
Menu Démarrer / Executer... et tape : cmd puis clic sur OK.
Tape chacune de ces commandes en appuyant sur la touche entrée à chaque fois pour valider la commande :
Si le PC ne redémarre pas, fais un reset.
On va essayer qq chose.
Gmer doit toujours être présent sur ton ordinateur !
Menu Démarrer / Executer... et tape : cmd puis clic sur OK.
Tape chacune de ces commandes en appuyant sur la touche entrée à chaque fois pour valider la commande :
gmer -killall
gmer -del service srosa
gmer -del reg "HKLM\SYSTEM\CurrentControlSet\Services\srosa"
gmer -del reg "HKLM\SYSTEM\ControlSet001\Services\srosa"
gmer -del reg "HKLM\SYSTEM\ControlSet002\Services\srosa"
gmer -del file "c:\WINDOWS\system32\drivers\srosa.sys"
gmer -reboot
gmer -del service srosa
gmer -del reg "HKLM\SYSTEM\CurrentControlSet\Services\srosa"
gmer -del reg "HKLM\SYSTEM\ControlSet001\Services\srosa"
gmer -del reg "HKLM\SYSTEM\ControlSet002\Services\srosa"
gmer -del file "c:\WINDOWS\system32\drivers\srosa.sys"
gmer -reboot
Si le PC ne redémarre pas, fais un reset.
Lorsque j'ai fait gmer -dell reg une fenêtre s'est afficher en me disant que gmer a cesser de fonctionner!
Lorsque j'ai taper les HKLM et le c: le chemin d'accés est introuvable!
Et la au redémarrage j'ai une fenêtre du pare feu qui bloque l'accés à flec006.exe => j'en fait quoi je le maintient bloquer ou pas?
Tout cela est normale?
Lorsque j'ai taper les HKLM et le c: le chemin d'accés est introuvable!
Et la au redémarrage j'ai une fenêtre du pare feu qui bloque l'accés à flec006.exe => j'en fait quoi je le maintient bloquer ou pas?
Tout cela est normale?
voici le scan, il est ridicule![:)]( ":)")
:
GMER 1.0.13.12551 - http://www.gmer.net
Rootkit scan 2007-09-20 14:53:54
Windows 6.0.6000
---- Files - GMER 1.0.13 ----
ADS C:\Users\Alexis\AppData\Local\Microsoft\Messenger\alexis.grosselin@netcourrier.com\SharingMetadata\freeriders77@hotmail.fr\DFSR\Staging\CS{BFBE76E5-E5FC-38C8-C447-5F67D17A63FD}\01\10-{BFBE76E5-E5FC-38C8-C447-5F67D17A63FD}-v1-{8EAD0AE6-304E-4A96-BCC6-A814D72382FB}-v10-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
---- EOF - GMER 1.0.13 ----
:GMER 1.0.13.12551 - http://www.gmer.net
Rootkit scan 2007-09-20 14:53:54
Windows 6.0.6000
---- Files - GMER 1.0.13 ----
ADS C:\Users\Alexis\AppData\Local\Microsoft\Messenger\alexis.grosselin@netcourrier.com\SharingMetadata\freeriders77@hotmail.fr\DFSR\Staging\CS{BFBE76E5-E5FC-38C8-C447-5F67D17A63FD}\01\10-{BFBE76E5-E5FC-38C8-C447-5F67D17A63FD}-v1-{8EAD0AE6-304E-4A96-BCC6-A814D72382FB}-v10-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
---- EOF - GMER 1.0.13 ----
On termine ![:)]( ":)")
Fais un scan en ligne Kaspersky avec Internet Explorer :
Clique sur ![]()
Clique maintenant sur J'accepte.
Valide l'installation d'un ou de plusieurs ActiveX si c'est nécessaire.
Patiente pendant l'installation des Mises à jour.
Choisis par la suite l'analyse du Poste de travail
Sauvegarde puis colle le rapport généré en fin d'analyse.
AIDE : Tuto sur le scan en ligne
NOTE : Si tu reçois le message "La licence de Kaspersky On-line Scanner est périmée", va dans Ajout/Suppression de programmes puis désinstalle On-Line Scanner, reconnecte toi sur le site de Kaspersky pour retenter le scan en ligne.
AIDE : Tuto sur le scan en ligne
NOTE : Si tu reçois le message "La licence de Kaspersky On-line Scanner est périmée", va dans Ajout/Suppression de programmes puis désinstalle On-Line Scanner, reconnecte toi sur le site de Kaspersky pour retenter le scan en ligne.
Le voici:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:58:49, on 20/09/2007
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16386)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\McAfee\MPS\mpsevh.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\System32\WLTRAY.EXE
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe
C:\Program Files\Java\jre1.6.0\bin\jusched.exe
C:\Program Files\McAfee\MSK\mskagent.exe
C:\Program Files\DellSupport\DSAgnt.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Windows Mail\WinMail.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Users\Alexis\Desktop\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ig/dell?hl=fr&client=dell-row&chan...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.fr/ig/dell?hl=fr&client=dell-row&chan...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer fourni par Dell
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O1 - Hosts: ::1 localhost
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\Program Files\Java\jre1.6.0\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\program files\mcafee\virusscan\scriptcl.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O2 - BHO: CBrowserHelperObject Object - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\Windows\system32\WLTRAY.exe
O4 - HKLM\..\Run: [ECenter] c:\dell\E-Center\EULALauncher.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "c:\Program Files\Java\jre1.6.0\bin\jusched.exe"
O4 - HKLM\..\Run: [MskAgentexe] C:\Program Files\McAfee\MSK\MskAgent.exe
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\RunOnce: [DAEMON Tools 4.10 Setup] "C:\Users\Alexis\Downloads\daemon-tools_daemon_tools_4.1_anglais_10729.exe"
O4 - Global Startup: Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: QuickSet.lnk = ?
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - c:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - c:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
O13 - Gopher Prefix:
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: McAfee E-mail Proxy (Emproxy) - McAfee, Inc. - C:\PROGRA~1\COMMON~1\McAfee\EmProxy\emproxy.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: McAfee HackerWatch Service - McAfee, Inc. - C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe
O23 - Service: McAfee Update Manager (mcmispupdmgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcupdmgr.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\common files\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Protection Manager (mcpromgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Redirector Service (McRedirector) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan\Mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: McAfee Privacy Service (MPS9) - McAfee, Inc. - C:\PROGRA~1\McAfee\MPS\mps.exe
O23 - Service: McAfee SpamKiller Service (MSK80Service) - McAfee Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\Windows\System32\WLTRYSVC.EXE
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
--
End of file - 9043 bytes
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:58:49, on 20/09/2007
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16386)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\McAfee\MPS\mpsevh.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\System32\WLTRAY.EXE
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe
C:\Program Files\Java\jre1.6.0\bin\jusched.exe
C:\Program Files\McAfee\MSK\mskagent.exe
C:\Program Files\DellSupport\DSAgnt.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Windows Mail\WinMail.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Users\Alexis\Desktop\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ig/dell?hl=fr&client=dell-row&chan...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.fr/ig/dell?hl=fr&client=dell-row&chan...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer fourni par Dell
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O1 - Hosts: ::1 localhost
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\Program Files\Java\jre1.6.0\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\program files\mcafee\virusscan\scriptcl.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O2 - BHO: CBrowserHelperObject Object - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\Windows\system32\WLTRAY.exe
O4 - HKLM\..\Run: [ECenter] c:\dell\E-Center\EULALauncher.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "c:\Program Files\Java\jre1.6.0\bin\jusched.exe"
O4 - HKLM\..\Run: [MskAgentexe] C:\Program Files\McAfee\MSK\MskAgent.exe
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\RunOnce: [DAEMON Tools 4.10 Setup] "C:\Users\Alexis\Downloads\daemon-tools_daemon_tools_4.1_anglais_10729.exe"
O4 - Global Startup: Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: QuickSet.lnk = ?
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - c:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - c:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
O13 - Gopher Prefix:
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: McAfee E-mail Proxy (Emproxy) - McAfee, Inc. - C:\PROGRA~1\COMMON~1\McAfee\EmProxy\emproxy.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: McAfee HackerWatch Service - McAfee, Inc. - C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe
O23 - Service: McAfee Update Manager (mcmispupdmgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcupdmgr.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\common files\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Protection Manager (mcpromgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Redirector Service (McRedirector) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan\Mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: McAfee Privacy Service (MPS9) - McAfee, Inc. - C:\PROGRA~1\McAfee\MPS\mps.exe
O23 - Service: McAfee SpamKiller Service (MSK80Service) - McAfee Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\Windows\System32\WLTRYSVC.EXE
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
--
End of file - 9043 bytes
heu ca ne concerne plus les virus, en faisant la mise a niveau de vista pour windows defender, les driver audio se sont désinstaller, j'ai essayé de les réinstaller mais cela ne marche toujours pas, peut-tu me dire dans quel rubrique je peut posé mon probléme?
et je n'arrive pas à désinstaler deamon tools:s
et je n'arrive pas à désinstaler deamon tools:s
Lassé par la pub ? Créez un compte
- Contenus similaires :
