Virus : TR/Crypt.Morphine.Gen mon rapport Hjk
domsoner
Messages postés
3
Statut
Membre
-
domsoner Messages postés 3 Statut Membre -
domsoner Messages postés 3 Statut Membre -
Salut, j'ai aussi un gros problème pour me débarrasser de ce virus... Antivir, Spybot S&D et ccleaner ne font rien contre ce virus même en mode sans échec... J'ai remarqué alors que certains arrivent à une solution en utilisant les rapport de Hjk, je me permet de vous ajouter le mien, en vous remerciant d'avance pour votre disponibilité ;)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:49:08, on 19/07/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Hotspot Shield\bin\openvpnas.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Fichiers communs\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe
C:\Program Files\Fichiers communs\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Wacom_Tablet.exe
C:\Program Files\RealVNC\VNC4\WinVNC4.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\Wacom_Tablet.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Hjt\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - Default URLSearchHook is missing
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,System
O2 - BHO: (no name) - {047FEA4F-86AE-4EDD-BC6D-46D7E46ADA06} - (no file)
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files\Adobe\/Adobe Contribute CS3/contributeieplugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: (no name) - {8DEBB00C-E7E3-319F-8A69-7F6C47A0F8D9} - (no file)
O2 - BHO: (no name) - {9C9D61B4-2851-450A-A176-03A14DCC43EF} - c:\windows\system32\pewleqy.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: Hotspot Shield Class - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files\Hotspot Shield\hssie\HssIE.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files\Adobe\/Adobe Contribute CS3/contributeieplugin.dll
O4 - HKLM\..\Run: [Ai Nap] "C:\Program Files\ASUS\Ai Suite\AiNap\AiNap.exe"
O4 - HKLM\..\Run: [CPU Power Monitor] "C:\Program Files\ASUS\Ai Suite\AiGear3\CpuPowerMonitor.exe"
O4 - HKLM\..\Run: [Cpu Level Up help] C:\Program Files\ASUS\Ai Suite\CpuLevelUpHelp.exe
O4 - HKLM\..\Run: [ASUS Energy Saving] "C:\Program Files\ASUS\Ai Suite\EnergySaving\PwSave.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [CamserviceHD] C:\Program Files\Hercules\Hercules Dualpix Chat and Show\Camservice.exe /startup
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [Adobe_ID0EYTHM] C:\PROGRA~1\FICHIE~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-21-1085031214-1770027372-839522115-1003\..\Run: [Google Update] "C:\Documents and Settings\Domson.DOMSON-VIPER\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c (User 'Domson')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Suitcase Startup.lnk = ?
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{35D18E37-2A3A-401E-86FE-FCB2854753B9}: NameServer = 212.27.53.252,80.118.192.100
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: szmexdtp - C:\WINDOWS\SYSTEM32\pewleqy.dll
O23 - Service: Adobe Version Cue CS3 {fr_FR} (Adobe Version Cue CS3) - Adobe Systems Incorporated - C:\Program Files\Fichiers communs\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe
O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Hotspot Shield Service (HotspotShieldService) - Unknown owner - C:\Program Files\Hotspot Shield\bin\openvpnas.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: Sentinel Keys Server (SentinelKeysServer) - SafeNet, Inc. - C:\Program Files\Fichiers communs\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe
O23 - Service: Sentinel Protection Server (SentinelProtectionServer) - SafeNet, Inc - C:\Program Files\Fichiers communs\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe
O23 - Service: TabletServiceWacom - Wacom Technology, Corp. - C:\WINDOWS\system32\Wacom_Tablet.exe
O23 - Service: VNC Server Version 4 (WinVNC4) - RealVNC Ltd. - C:\Program Files\RealVNC\VNC4\WinVNC4.exe
O23 - Service: Marvell Yukon Service (yksvc) - Unknown owner - RUNDLL32.EXE (file missing)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:49:08, on 19/07/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Hotspot Shield\bin\openvpnas.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Fichiers communs\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe
C:\Program Files\Fichiers communs\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Wacom_Tablet.exe
C:\Program Files\RealVNC\VNC4\WinVNC4.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\Wacom_Tablet.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Hjt\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - Default URLSearchHook is missing
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,System
O2 - BHO: (no name) - {047FEA4F-86AE-4EDD-BC6D-46D7E46ADA06} - (no file)
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files\Adobe\/Adobe Contribute CS3/contributeieplugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: (no name) - {8DEBB00C-E7E3-319F-8A69-7F6C47A0F8D9} - (no file)
O2 - BHO: (no name) - {9C9D61B4-2851-450A-A176-03A14DCC43EF} - c:\windows\system32\pewleqy.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: Hotspot Shield Class - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files\Hotspot Shield\hssie\HssIE.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files\Adobe\/Adobe Contribute CS3/contributeieplugin.dll
O4 - HKLM\..\Run: [Ai Nap] "C:\Program Files\ASUS\Ai Suite\AiNap\AiNap.exe"
O4 - HKLM\..\Run: [CPU Power Monitor] "C:\Program Files\ASUS\Ai Suite\AiGear3\CpuPowerMonitor.exe"
O4 - HKLM\..\Run: [Cpu Level Up help] C:\Program Files\ASUS\Ai Suite\CpuLevelUpHelp.exe
O4 - HKLM\..\Run: [ASUS Energy Saving] "C:\Program Files\ASUS\Ai Suite\EnergySaving\PwSave.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [CamserviceHD] C:\Program Files\Hercules\Hercules Dualpix Chat and Show\Camservice.exe /startup
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [Adobe_ID0EYTHM] C:\PROGRA~1\FICHIE~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-21-1085031214-1770027372-839522115-1003\..\Run: [Google Update] "C:\Documents and Settings\Domson.DOMSON-VIPER\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c (User 'Domson')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Suitcase Startup.lnk = ?
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{35D18E37-2A3A-401E-86FE-FCB2854753B9}: NameServer = 212.27.53.252,80.118.192.100
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: szmexdtp - C:\WINDOWS\SYSTEM32\pewleqy.dll
O23 - Service: Adobe Version Cue CS3 {fr_FR} (Adobe Version Cue CS3) - Adobe Systems Incorporated - C:\Program Files\Fichiers communs\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe
O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Hotspot Shield Service (HotspotShieldService) - Unknown owner - C:\Program Files\Hotspot Shield\bin\openvpnas.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: Sentinel Keys Server (SentinelKeysServer) - SafeNet, Inc. - C:\Program Files\Fichiers communs\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe
O23 - Service: Sentinel Protection Server (SentinelProtectionServer) - SafeNet, Inc - C:\Program Files\Fichiers communs\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe
O23 - Service: TabletServiceWacom - Wacom Technology, Corp. - C:\WINDOWS\system32\Wacom_Tablet.exe
O23 - Service: VNC Server Version 4 (WinVNC4) - RealVNC Ltd. - C:\Program Files\RealVNC\VNC4\WinVNC4.exe
O23 - Service: Marvell Yukon Service (yksvc) - Unknown owner - RUNDLL32.EXE (file missing)
A voir également:
- Virus : TR/Crypt.Morphine.Gen mon rapport Hjk
- Virus mcafee - Accueil - Piratage
- Virus facebook demande d'amis - Accueil - Facebook
- Virus informatique - Guide
- Panda anti virus gratuit - Télécharger - Antivirus & Antimalwares
- Undisclosed-recipients virus - Guide
4 réponses
Bonjour,
télécharge GenProc http://www.genproc.com/GenProc.exe
double-clique sur GenProc.exe et poste le contenu du rapport qui s'ouvre
télécharge GenProc http://www.genproc.com/GenProc.exe
double-clique sur GenProc.exe et poste le contenu du rapport qui s'ouvre
aie aie aie, aucun fichier > GenProc[1].txt , mais 3 autres fichiers : j'ai Argument.txt et Debut.txt et un fichier css. Je joint au cas ou le Debug.txt (le seul fichier créé quand je tente de lancer GenProc.) :
Initialisation GenProc 2.606 [20/07/2009] à [ 2:03:12]
*** Variables initiales SET et temporaires ***
ALLUSERSPROFILE=C:\Documents and Settings\All Users.WINDOWS
APPDATA=C:\Documents and Settings\Domson.DOMSON-VIPER\Application Data
Arguments=C:\GenProc\Arguments
Canned=C:\GenProc\Canned
ChangeLog=C:\GenProc\ChangeLog
CheminBatch=C:\GenProc
CLASSPATH=.;C:\Program Files\QuickTime\QTSystem\QTJava.zip
CLIENTNAME=Console
CommonProgramFiles=C:\Program Files\Fichiers communs
ComptBagle=0
ComptFixWebHancer=0
ComptFxNdotN=0
ComptHaxfix=0
ComptLook2Me=0
ComptLop=0
ComptMBR=0
ComptMSNfix=0
ComptNavipromo=0
ComptPurity=0
ComptRemGAIN=0
ComptRustock=0
ComptSDfix=0
ComptSmitfraud=0
ComptTDSS=0
ComptToolbarSD=0
ComptUSBFix=0
ComptVundo=0
ComptWareOut=0
ComptWinSoftware=0
ComptYoog=0
COMPUTERNAME=DOMSON-VIPER
ComSpec=C:\WINDOWS\system32\cmd.exe
FP_NO_HOST_CHECK=NO
GenProcVersion=2.606
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\Domson.DOMSON-VIPER
LOGONSERVER=\\DOMSON-VIPER
NUMBER_OF_PROCESSORS=4
OS=Windows_NT
outil=C:\GenProc\outil
Page=C:\GenProc\Page
Path=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files\QuickTime\QTSystem\;C:\Program Files\Qloud\;C:\Program Files\Next Limit\RealFlow4\
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 6 Model 23 Stepping 7, GenuineIntel
PROCESSOR_LEVEL=6
PROCESSOR_REVISION=1707
ProgramFiles=C:\Program Files
PROMPT=$P$G
QTJAVA=C:\Program Files\QuickTime\QTSystem\QTJava.zip
RF4PATH=C:\Program Files\Next Limit\RealFlow4\
SESSIONNAME=Console
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\DOMSON~1.DOM\LOCALS~1\Temp
TMP=C:\DOCUME~1\DOMSON~1.DOM\LOCALS~1\Temp
USERDOMAIN=DOMSON-VIPER
USERNAME=Domson
USERPROFILE=C:\Documents and Settings\Domson.DOMSON-VIPER
windir=C:\WINDOWS
*** Liste des composants GenProc ***
C:\GenProc\Arguments
C:\GenProc\Canned
C:\GenProc\ChangeLog
C:\GenProc\GenProc.bat
C:\GenProc\outil
C:\GenProc\Page
C:\GenProc\Arguments\Argument.txt
C:\GenProc\Arguments\Debug.txt
C:\GenProc\Arguments\design.css
C:\GenProc\Canned\ASquared.txt
C:\GenProc\Canned\Bagle2_Dl.txt
C:\GenProc\Canned\bfu_Dl.txt
C:\GenProc\Canned\CCleaner_48H.txt
C:\GenProc\Canned\CCleaner_Dl.txt
C:\GenProc\Canned\CCleaner_Exec.txt
C:\GenProc\Canned\FixWebHancer_Dl.txt
C:\GenProc\Canned\FixWebHancer_Exec.txt
C:\GenProc\Canned\FxNdotN_Dl.txt
C:\GenProc\Canned\FxNdotN_Exec.txt
C:\GenProc\Canned\HaxFix_Dl.txt
C:\GenProc\Canned\HaxFix_Exec.txt
C:\GenProc\Canned\Look2me_Dl.txt
C:\GenProc\Canned\Look2me_Exec.txt
C:\GenProc\Canned\Lop_Dl.txt
C:\GenProc\Canned\Lop_Exec.txt
C:\GenProc\Canned\MBR_Dl.txt
C:\GenProc\Canned\MBR_Exec.txt
C:\GenProc\Canned\MSE.txt
C:\GenProc\Canned\MSNfix_Dl.txt
C:\GenProc\Canned\MSNfix_Exec.txt
C:\GenProc\Canned\Navilog1_Dl.txt
C:\GenProc\Canned\Navilog1_Exec.txt
C:\GenProc\Canned\Purity_Dl.txt
C:\GenProc\Canned\Purity_Exec.txt
C:\GenProc\Canned\RemGAIN_Dl.txt
C:\GenProc\Canned\RemGAIN_Exec.txt
C:\GenProc\Canned\Rustock_Dl.txt
C:\GenProc\Canned\ScanAntivirusNod32.txt
C:\GenProc\Canned\ScanAntivirusPanda.txt
C:\GenProc\Canned\SDfix_Dl.txt
C:\GenProc\Canned\SDfix_Exec.txt
C:\GenProc\Canned\SmitfraudFix_Dl.txt
C:\GenProc\Canned\SmitfraudFix_Exec.txt
C:\GenProc\Canned\SpywareTerminator.txt
C:\GenProc\Canned\TeaTimer.txt
C:\GenProc\Canned\ToolbarSD_Dl.txt
C:\GenProc\Canned\ToolbarSD_Exec.txt
C:\GenProc\Canned\ToolCleaner.txt
C:\GenProc\Canned\USBFix_Dl.txt
C:\GenProc\Canned\USBFix_Exec.txt
C:\GenProc\Canned\Vundo_Dl.txt
C:\GenProc\Canned\Vundo_Exec.txt
C:\GenProc\Canned\Vundo_Recovery_Dl.txt
C:\GenProc\Canned\Winsoftware_bfu_Dl.txt
C:\GenProc\Canned\Winsoftware_bfu_Exec.txt
C:\GenProc\Canned\WORT_Dl.txt
C:\GenProc\Canned\WORT_Exec.txt
C:\GenProc\Canned\Yoog_Dl.txt
C:\GenProc\Canned\Yoog_Exec.txt
C:\GenProc\ChangeLog\BagleLog.txt
C:\GenProc\ChangeLog\FixWebHancerLog.txt
C:\GenProc\ChangeLog\FxNdotNLog.txt
C:\GenProc\ChangeLog\HaxFixLog.txt
C:\GenProc\ChangeLog\Look2MeLog.txt
C:\GenProc\ChangeLog\LopLog.txt
C:\GenProc\ChangeLog\MSNFixLog.txt
C:\GenProc\ChangeLog\NaviLog.txt
C:\GenProc\ChangeLog\PurityLog.txt
C:\GenProc\ChangeLog\RemGainLog.txt
C:\GenProc\ChangeLog\RustockLog.txt
C:\GenProc\ChangeLog\SDfixLog.txt
C:\GenProc\ChangeLog\SmitLog.txt
C:\GenProc\ChangeLog\TDSSLog.txt
C:\GenProc\ChangeLog\ToolbarSDLog.txt
C:\GenProc\ChangeLog\USBFixLog.txt
C:\GenProc\ChangeLog\VundoLog.txt
C:\GenProc\ChangeLog\WareOutLog.txt
C:\GenProc\ChangeLog\WinSoftware.txt
C:\GenProc\ChangeLog\YoogLog.txt
C:\GenProc\ChangeLog\YoogLogFF.txt
C:\GenProc\outil\Affichages.bat
C:\GenProc\outil\Arborescence.txt
C:\GenProc\outil\Cherche_Navig.bat
C:\GenProc\outil\commandes.sed
C:\GenProc\outil\CompareDate.bat
C:\GenProc\outil\curl.exe
C:\GenProc\outil\Debug.bat
C:\GenProc\outil\EnableWSH.bat
C:\GenProc\outil\EnableWSH.txt
C:\GenProc\outil\EnableWSH1.txt
C:\GenProc\outil\EpurOS.bat
C:\GenProc\outil\Exclusions.sed
C:\GenProc\outil\exe.txt
C:\GenProc\outil\GenVbs.bat
C:\GenProc\outil\GetVersion.exe
C:\GenProc\outil\grep.exe
C:\GenProc\outil\HTTP_Request.bat
C:\GenProc\outil\icon_genproc.ico
C:\GenProc\outil\Infection.bat
C:\GenProc\outil\Init_Debug.bat
C:\GenProc\outil\lab.bat
C:\GenProc\outil\Lancements.bat
C:\GenProc\outil\libiconv2.dll
C:\GenProc\outil\libintl3.dll
C:\GenProc\outil\Licence
C:\GenProc\outil\OSVers.bat
C:\GenProc\outil\pcre3.dll
C:\GenProc\outil\regex2.dll
C:\GenProc\outil\Resident.bat
C:\GenProc\outil\sed.exe
C:\GenProc\outil\Supprime.bat
C:\GenProc\outil\swreg.exe
C:\GenProc\outil\Termine.wav
C:\GenProc\outil\Uninstall.bat
C:\GenProc\outil\uniq.exe
C:\GenProc\outil\Var.bat
C:\GenProc\outil\[0].txt
C:\GenProc\outil\Licence\copying.txt
C:\GenProc\outil\Licence\license.txt
C:\GenProc\Page\GenProcPage
C:\GenProc\Page\GenProcPage\1.gif
C:\GenProc\Page\GenProcPage\2.gif
C:\GenProc\Page\GenProcPage\4.gif
C:\GenProc\Page\GenProcPage\aide.gif
C:\GenProc\Page\GenProcPage\design.css
C:\GenProc\Page\GenProcPage\important.gif
*** Liste des étapes franchies avec succès ***
EnableWSH
OSVers
Initialisation GenProc 2.606 [20/07/2009] à [ 2:03:12]
*** Variables initiales SET et temporaires ***
ALLUSERSPROFILE=C:\Documents and Settings\All Users.WINDOWS
APPDATA=C:\Documents and Settings\Domson.DOMSON-VIPER\Application Data
Arguments=C:\GenProc\Arguments
Canned=C:\GenProc\Canned
ChangeLog=C:\GenProc\ChangeLog
CheminBatch=C:\GenProc
CLASSPATH=.;C:\Program Files\QuickTime\QTSystem\QTJava.zip
CLIENTNAME=Console
CommonProgramFiles=C:\Program Files\Fichiers communs
ComptBagle=0
ComptFixWebHancer=0
ComptFxNdotN=0
ComptHaxfix=0
ComptLook2Me=0
ComptLop=0
ComptMBR=0
ComptMSNfix=0
ComptNavipromo=0
ComptPurity=0
ComptRemGAIN=0
ComptRustock=0
ComptSDfix=0
ComptSmitfraud=0
ComptTDSS=0
ComptToolbarSD=0
ComptUSBFix=0
ComptVundo=0
ComptWareOut=0
ComptWinSoftware=0
ComptYoog=0
COMPUTERNAME=DOMSON-VIPER
ComSpec=C:\WINDOWS\system32\cmd.exe
FP_NO_HOST_CHECK=NO
GenProcVersion=2.606
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\Domson.DOMSON-VIPER
LOGONSERVER=\\DOMSON-VIPER
NUMBER_OF_PROCESSORS=4
OS=Windows_NT
outil=C:\GenProc\outil
Page=C:\GenProc\Page
Path=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files\QuickTime\QTSystem\;C:\Program Files\Qloud\;C:\Program Files\Next Limit\RealFlow4\
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 6 Model 23 Stepping 7, GenuineIntel
PROCESSOR_LEVEL=6
PROCESSOR_REVISION=1707
ProgramFiles=C:\Program Files
PROMPT=$P$G
QTJAVA=C:\Program Files\QuickTime\QTSystem\QTJava.zip
RF4PATH=C:\Program Files\Next Limit\RealFlow4\
SESSIONNAME=Console
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\DOMSON~1.DOM\LOCALS~1\Temp
TMP=C:\DOCUME~1\DOMSON~1.DOM\LOCALS~1\Temp
USERDOMAIN=DOMSON-VIPER
USERNAME=Domson
USERPROFILE=C:\Documents and Settings\Domson.DOMSON-VIPER
windir=C:\WINDOWS
*** Liste des composants GenProc ***
C:\GenProc\Arguments
C:\GenProc\Canned
C:\GenProc\ChangeLog
C:\GenProc\GenProc.bat
C:\GenProc\outil
C:\GenProc\Page
C:\GenProc\Arguments\Argument.txt
C:\GenProc\Arguments\Debug.txt
C:\GenProc\Arguments\design.css
C:\GenProc\Canned\ASquared.txt
C:\GenProc\Canned\Bagle2_Dl.txt
C:\GenProc\Canned\bfu_Dl.txt
C:\GenProc\Canned\CCleaner_48H.txt
C:\GenProc\Canned\CCleaner_Dl.txt
C:\GenProc\Canned\CCleaner_Exec.txt
C:\GenProc\Canned\FixWebHancer_Dl.txt
C:\GenProc\Canned\FixWebHancer_Exec.txt
C:\GenProc\Canned\FxNdotN_Dl.txt
C:\GenProc\Canned\FxNdotN_Exec.txt
C:\GenProc\Canned\HaxFix_Dl.txt
C:\GenProc\Canned\HaxFix_Exec.txt
C:\GenProc\Canned\Look2me_Dl.txt
C:\GenProc\Canned\Look2me_Exec.txt
C:\GenProc\Canned\Lop_Dl.txt
C:\GenProc\Canned\Lop_Exec.txt
C:\GenProc\Canned\MBR_Dl.txt
C:\GenProc\Canned\MBR_Exec.txt
C:\GenProc\Canned\MSE.txt
C:\GenProc\Canned\MSNfix_Dl.txt
C:\GenProc\Canned\MSNfix_Exec.txt
C:\GenProc\Canned\Navilog1_Dl.txt
C:\GenProc\Canned\Navilog1_Exec.txt
C:\GenProc\Canned\Purity_Dl.txt
C:\GenProc\Canned\Purity_Exec.txt
C:\GenProc\Canned\RemGAIN_Dl.txt
C:\GenProc\Canned\RemGAIN_Exec.txt
C:\GenProc\Canned\Rustock_Dl.txt
C:\GenProc\Canned\ScanAntivirusNod32.txt
C:\GenProc\Canned\ScanAntivirusPanda.txt
C:\GenProc\Canned\SDfix_Dl.txt
C:\GenProc\Canned\SDfix_Exec.txt
C:\GenProc\Canned\SmitfraudFix_Dl.txt
C:\GenProc\Canned\SmitfraudFix_Exec.txt
C:\GenProc\Canned\SpywareTerminator.txt
C:\GenProc\Canned\TeaTimer.txt
C:\GenProc\Canned\ToolbarSD_Dl.txt
C:\GenProc\Canned\ToolbarSD_Exec.txt
C:\GenProc\Canned\ToolCleaner.txt
C:\GenProc\Canned\USBFix_Dl.txt
C:\GenProc\Canned\USBFix_Exec.txt
C:\GenProc\Canned\Vundo_Dl.txt
C:\GenProc\Canned\Vundo_Exec.txt
C:\GenProc\Canned\Vundo_Recovery_Dl.txt
C:\GenProc\Canned\Winsoftware_bfu_Dl.txt
C:\GenProc\Canned\Winsoftware_bfu_Exec.txt
C:\GenProc\Canned\WORT_Dl.txt
C:\GenProc\Canned\WORT_Exec.txt
C:\GenProc\Canned\Yoog_Dl.txt
C:\GenProc\Canned\Yoog_Exec.txt
C:\GenProc\ChangeLog\BagleLog.txt
C:\GenProc\ChangeLog\FixWebHancerLog.txt
C:\GenProc\ChangeLog\FxNdotNLog.txt
C:\GenProc\ChangeLog\HaxFixLog.txt
C:\GenProc\ChangeLog\Look2MeLog.txt
C:\GenProc\ChangeLog\LopLog.txt
C:\GenProc\ChangeLog\MSNFixLog.txt
C:\GenProc\ChangeLog\NaviLog.txt
C:\GenProc\ChangeLog\PurityLog.txt
C:\GenProc\ChangeLog\RemGainLog.txt
C:\GenProc\ChangeLog\RustockLog.txt
C:\GenProc\ChangeLog\SDfixLog.txt
C:\GenProc\ChangeLog\SmitLog.txt
C:\GenProc\ChangeLog\TDSSLog.txt
C:\GenProc\ChangeLog\ToolbarSDLog.txt
C:\GenProc\ChangeLog\USBFixLog.txt
C:\GenProc\ChangeLog\VundoLog.txt
C:\GenProc\ChangeLog\WareOutLog.txt
C:\GenProc\ChangeLog\WinSoftware.txt
C:\GenProc\ChangeLog\YoogLog.txt
C:\GenProc\ChangeLog\YoogLogFF.txt
C:\GenProc\outil\Affichages.bat
C:\GenProc\outil\Arborescence.txt
C:\GenProc\outil\Cherche_Navig.bat
C:\GenProc\outil\commandes.sed
C:\GenProc\outil\CompareDate.bat
C:\GenProc\outil\curl.exe
C:\GenProc\outil\Debug.bat
C:\GenProc\outil\EnableWSH.bat
C:\GenProc\outil\EnableWSH.txt
C:\GenProc\outil\EnableWSH1.txt
C:\GenProc\outil\EpurOS.bat
C:\GenProc\outil\Exclusions.sed
C:\GenProc\outil\exe.txt
C:\GenProc\outil\GenVbs.bat
C:\GenProc\outil\GetVersion.exe
C:\GenProc\outil\grep.exe
C:\GenProc\outil\HTTP_Request.bat
C:\GenProc\outil\icon_genproc.ico
C:\GenProc\outil\Infection.bat
C:\GenProc\outil\Init_Debug.bat
C:\GenProc\outil\lab.bat
C:\GenProc\outil\Lancements.bat
C:\GenProc\outil\libiconv2.dll
C:\GenProc\outil\libintl3.dll
C:\GenProc\outil\Licence
C:\GenProc\outil\OSVers.bat
C:\GenProc\outil\pcre3.dll
C:\GenProc\outil\regex2.dll
C:\GenProc\outil\Resident.bat
C:\GenProc\outil\sed.exe
C:\GenProc\outil\Supprime.bat
C:\GenProc\outil\swreg.exe
C:\GenProc\outil\Termine.wav
C:\GenProc\outil\Uninstall.bat
C:\GenProc\outil\uniq.exe
C:\GenProc\outil\Var.bat
C:\GenProc\outil\[0].txt
C:\GenProc\outil\Licence\copying.txt
C:\GenProc\outil\Licence\license.txt
C:\GenProc\Page\GenProcPage
C:\GenProc\Page\GenProcPage\1.gif
C:\GenProc\Page\GenProcPage\2.gif
C:\GenProc\Page\GenProcPage\4.gif
C:\GenProc\Page\GenProcPage\aide.gif
C:\GenProc\Page\GenProcPage\design.css
C:\GenProc\Page\GenProcPage\important.gif
*** Liste des étapes franchies avec succès ***
EnableWSH
OSVers
