Se connecter / S'enregistrer
Votre question

comment effacer le win32 trojan gen

Tags :
  • Windows genuine advantage
  • Sécurité
Dernière réponse : dans Sécurité et virus
22 Mars 2007 16:04:32

je victime du virus win 32 trojan gen other ! j ai essayer
plusieurs anti virus et programme pour l effacer mais rien !!!
POUVEZ VOUS M AIDER A M EN DEBARASER SVP

merci d avance sam1984

voici mon rapport dLogfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 16:02:45, on 22/03/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\WINDOWS\system32\cisvc.exe
C:\PROGRA~1\NORTON~2\NORTON~1\GHOSTS~2.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\Media Manager\airsvcu.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\SYSTEM32\cidaemon.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Documents and Settings\samuel\Mes documents\HiJackThis_v2.exe

O2 - BHO: (no name) - {D38439EC-4A7F-42b4-90C2-D810D7778FDD} - C:\WINDOWS\system32\jjmqdfef.dll
O2 - BHO: (no name) - {F5559AB8-7E46-4385-A129-8D845A8369D2} - C:\WINDOWS\system32\pmkjh.dll
O4 - HKLM\..\Run: [SoundService] rundll32.exe "C:\WINDOWS\system32\bdhtugxi.dll",setvm
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-18\..\Run: [ALUAlert] C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [ALUAlert] C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe (User 'Default user')
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://GLOBAL.ACER.COM/
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267....
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab312...
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by105fd.bay105.hotmail.msn.com/resources/MsnPUpl...
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-BE/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdown...
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.ca...
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game05.zylom.com/activex/zylomgamesplayer.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown....
O20 - Winlogon Notify: jkkhhgh - jkkhhgh.dll (file missing)
O20 - Winlogon Notify: pmkjh - C:\WINDOWS\system32\pmkjh.dll
O22 - SharedTaskScheduler: Pré-chargeur Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Démon de cache des catégories de composant - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe
O23 - Service: Journal des événements (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: GhostStartService - Symantec Corporation - C:\PROGRA~1\NORTON~2\NORTON~1\GHOSTS~2.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service COM de gravage de CD IMAPI (ImapiService) - Unknown owner - C:\WINDOWS\System32\imapi.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Indexer de Media Manager (MMIndexer) - Unknown owner - C:\Program Files\Fichiers communs\Microsoft Shared\Media Manager\airsvcu.exe
O23 - Service: Partage de Bureau à distance NetMeeting (mnmsrvc) - Unknown owner - C:\WINDOWS\System32\mnmsrvc.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Plug-and-Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: Gestionnaire de session d'aide sur le Bureau à distance (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe
O23 - Service: Carte à puce (SCardSvr) - Unknown owner - C:\WINDOWS\System32\SCardSvr.exe
O23 - Service: Journaux et alertes de performance (SysmonLog) - Unknown owner - C:\WINDOWS\system32\smlogsvc.exe
O23 - Service: Cliché instantané de volume (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe
O23 - Service: Carte de performance WMI (WmiApSrv) - Unknown owner - C:\WINDOWS\System32\wbem\wmiapsrv.exe
O23 - Service: Service Partage réseau du Lecteur Windows Media (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\WMPNetwk.exe
O24 - Desktop Component 1: (no name) - http://vid3.stileproject.com/7c916f831eebb3f72e20e2fff6...

--
End of file - 7613 bytes
e

Autres pages sur : effacer win32 trojan gen

a b 8 Sécurité
22 Mars 2007 16:23:59

1/ pourrais-tu dire bonjour ?
2/ merci d'éviter les majuscules = crier sur les forums

Utilise l'ancienne version d'Hijackthis :
http://www.merijn.org/files/hijackthis.zip

Télécharge VundoFix.exe (par Atribune) sur ton Bureau.
  • Double-clique VundoFix.exe afin de le lancer
  • Clique sur le bouton Scan for Vundo
  • Lorsque le scan est complété, clique sur le bouton Remove Vundo
  • Une invite te demandera si tu veux supprimer les fichiers, clique YES
  • Après avoir cliqué "Yes", le Bureau disparaîtra un moment lors de la suppression des fichiers
  • Tu verras une invite qui t'annonce que ton PC va redémarrer; clique OK
  • Copie/colle le contenu du rapport situé dans C:\vundofix.txt ainsi qu'un nouveau rapport HijackThis dans ta prochaine réponse

    Note: Il est possible que VundoFix soit confronté à un fichier qu'il ne peut supprimer. Si tel est le cas, l'outil se lancera au prochain redémarrage; il faut simplement suivre les instructions ci-haut, à partir de "clique sur le bouton Scan for Vundo".
    29 Mars 2007 16:04:40

    bonjour, voila j ai effectuer ce que vous m avez dit voici les rapports demandees Logfile of HijackThis v1.99.1
    Scan saved at 15:59:43, on 29/03/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16414)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\SYSTEM32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\MSN Messenger\msnmsgr.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\system32\drivers\CDAC11BA.EXE
    C:\WINDOWS\system32\cisvc.exe
    C:\PROGRA~1\NORTON~2\NORTON~1\GHOSTS~2.EXE
    C:\Program Files\Fichiers communs\Microsoft Shared\Media Manager\airsvcu.exe
    C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\WINDOWS\SYSTEM32\cidaemon.exe
    C:\WINDOWS\system32\NOTEPAD.EXE
    C:\WINDOWS\system32\NOTEPAD.EXE
    C:\Program Files\WinRAR\WinRAR.exe
    C:\Program Files\WinRAR\WinRAR.exe
    C:\DOCUME~1\samuel\LOCALS~1\Temp\Rar$EX01.813\HijackThis.exe

    R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O2 - BHO: (no name) - {06B92C2B-D2BC-4C2C-931A-1211E131285D} - C:\WINDOWS\system32\pmkjh.dll (file missing)
    O2 - BHO: (no name) - {57E218E6-5A80-4f0c-AB25-83598F25D7E9} - C:\WINDOWS\system32\dhhvwyjq.dll (file missing)
    O2 - BHO: (no name) - {97DCB27E-15C6-439C-8BD2-3683F3E4D3C8} - C:\WINDOWS\system32\ybyioubt.dll
    O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O4 - HKLM\..\Run: [SoundService] rundll32.exe "C:\WINDOWS\system32\icryales.dll",setvm
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
    O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O11 - Options group: [INTERNATIONAL] International*
    O14 - IERESET.INF: START_PAGE_URL=http://GLOBAL.ACER.COM/
    O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267....
    O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
    O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab312...
    O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by105fd.bay105.hotmail.msn.com/resources/MsnPUpl...
    O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-BE/a-UNO1/GAME_UNO1.ca...
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
    O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdown...
    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.ca...
    O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game05.zylom.com/activex/zylomgamesplayer.cab
    O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown....
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O20 - Winlogon Notify: jkkhhgh - jkkhhgh.dll (file missing)
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
    O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
    O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
    O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
    O23 - Service: GhostStartService - Symantec Corporation - C:\PROGRA~1\NORTON~2\NORTON~1\GHOSTS~2.EXE
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
    O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe



    VundoFix V6.3.18

    Checking Java version...

    Java version is 1.4.2.1
    Old versions of java are exploitable and should be removed.

    Java version is 1.4.2.5
    Old versions of java are exploitable and should be removed.

    Java version is 1.4.2.6
    Old versions of java are exploitable and should be removed.

    Java version is 1.5.0.2
    Old versions of java are exploitable and should be removed.

    Java version is 1.5.0.4
    Old versions of java are exploitable and should be removed.

    Java version is 1.5.0.9
    Old versions of java are exploitable and should be removed.

    Java version is 1.5.0.10

    Scan started at 15:38:18 29/03/2007

    Listing files found while scanning....

    C:\WINDOWS\system32\aaeteddx.exe
    C:\WINDOWS\system32\baxhifgp.exe
    C:\WINDOWS\system32\buvpakix.exe
    C:\WINDOWS\system32\dhhvwyjq.dll
    C:\WINDOWS\system32\gfbjgetp.dll
    C:\WINDOWS\system32\gnhapjhi.exe
    C:\WINDOWS\system32\gnucrrdw.exe
    C:\WINDOWS\system32\hbohokyo.dll
    C:\WINDOWS\system32\hdbpnlvj.exe
    C:\WINDOWS\system32\hdmjsvnk.dll
    C:\WINDOWS\system32\hjkmp.bak1
    C:\WINDOWS\system32\hjkmp.bak2
    C:\WINDOWS\system32\hjkmp.ini
    C:\WINDOWS\system32\hjkmp.ini2
    C:\WINDOWS\system32\hjkmp.tmp
    C:\WINDOWS\system32\hscslgoc.dll
    C:\WINDOWS\system32\hwbdcxei.exe
    C:\WINDOWS\system32\icryales.dll
    C:\WINDOWS\system32\ixtwuahr.dll
    C:\WINDOWS\system32\jbhukiyt.exe
    C:\WINDOWS\system32\jjhmgqio.exe
    C:\WINDOWS\system32\jqtlfnkw.dll
    C:\WINDOWS\system32\julbfkie.dll
    C:\WINDOWS\system32\knvsjmdh.ini
    C:\WINDOWS\system32\lcxtjhfy.dll
    C:\WINDOWS\system32\ledmqoyi.dll
    C:\WINDOWS\system32\maijiffd.dll
    C:\WINDOWS\system32\nikfitgi.exe
    C:\WINDOWS\system32\ogelqufn.exe
    C:\WINDOWS\system32\owehhqgp.exe
    C:\WINDOWS\system32\phqgpoet.exe
    C:\WINDOWS\system32\pmkjh.dll
    C:\WINDOWS\system32\pwlpompx.exe
    C:\WINDOWS\system32\rjyhsxdi.exe
    C:\WINDOWS\system32\selayrci.ini
    C:\WINDOWS\system32\tvxoonaf.dll
    C:\WINDOWS\system32\wupijqyn.exe
    C:\WINDOWS\system32\ymuqfcge.exe

    Beginning removal...

    Beginning removal...

    Attempting to delete C:\WINDOWS\system32\aaeteddx.exe
    C:\WINDOWS\system32\aaeteddx.exe Has been deleted!

    Attempting to delete C:\WINDOWS\system32\baxhifgp.exe
    C:\WINDOWS\system32\baxhifgp.exe Has been deleted!

    Attempting to delete C:\WINDOWS\system32\buvpakix.exe
    C:\WINDOWS\system32\buvpakix.exe Has been deleted!

    Attempting to delete C:\WINDOWS\system32\dhhvwyjq.dll
    C:\WINDOWS\system32\dhhvwyjq.dll Has been deleted!

    Attempting to delete C:\WINDOWS\system32\gfbjgetp.dll
    C:\WINDOWS\system32\gfbjgetp.dll Has been deleted!

    Attempting to delete C:\WINDOWS\system32\gnhapjhi.exe
    C:\WINDOWS\system32\gnhapjhi.exe Has been deleted!

    Attempting to delete C:\WINDOWS\system32\gnucrrdw.exe
    C:\WINDOWS\system32\gnucrrdw.exe Has been deleted!

    Attempting to delete C:\WINDOWS\system32\hbohokyo.dll
    C:\WINDOWS\system32\hbohokyo.dll Has been deleted!

    Attempting to delete C:\WINDOWS\system32\hdbpnlvj.exe
    C:\WINDOWS\system32\hdbpnlvj.exe Has been deleted!

    Attempting to delete C:\WINDOWS\system32\hdmjsvnk.dll
    C:\WINDOWS\system32\hdmjsvnk.dll Has been deleted!

    Attempting to delete C:\WINDOWS\system32\hjkmp.bak1
    C:\WINDOWS\system32\hjkmp.bak1 Has been deleted!

    Attempting to delete C:\WINDOWS\system32\hjkmp.bak2
    C:\WINDOWS\system32\hjkmp.bak2 Has been deleted!

    Attempting to delete C:\WINDOWS\system32\hjkmp.ini
    C:\WINDOWS\system32\hjkmp.ini Has been deleted!

    Attempting to delete C:\WINDOWS\system32\hjkmp.ini2
    C:\WINDOWS\system32\hjkmp.ini2 Has been deleted!

    Attempting to delete C:\WINDOWS\system32\hjkmp.tmp
    C:\WINDOWS\system32\hjkmp.tmp Has been deleted!

    Attempting to delete C:\WINDOWS\system32\hscslgoc.dll
    C:\WINDOWS\system32\hscslgoc.dll Has been deleted!

    Attempting to delete C:\WINDOWS\system32\hwbdcxei.exe
    C:\WINDOWS\system32\hwbdcxei.exe Has been deleted!

    Attempting to delete C:\WINDOWS\system32\icryales.dll
    C:\WINDOWS\system32\icryales.dll Has been deleted!

    Attempting to delete C:\WINDOWS\system32\ixtwuahr.dll
    C:\WINDOWS\system32\ixtwuahr.dll Has been deleted!

    Attempting to delete C:\WINDOWS\system32\jbhukiyt.exe
    C:\WINDOWS\system32\jbhukiyt.exe Has been deleted!

    Attempting to delete C:\WINDOWS\system32\jjhmgqio.exe
    C:\WINDOWS\system32\jjhmgqio.exe Has been deleted!

    Attempting to delete C:\WINDOWS\system32\jqtlfnkw.dll
    C:\WINDOWS\system32\jqtlfnkw.dll Has been deleted!

    Attempting to delete C:\WINDOWS\system32\julbfkie.dll
    C:\WINDOWS\system32\julbfkie.dll Has been deleted!

    Attempting to delete C:\WINDOWS\system32\knvsjmdh.ini
    C:\WINDOWS\system32\knvsjmdh.ini Has been deleted!

    Attempting to delete C:\WINDOWS\system32\lcxtjhfy.dll
    C:\WINDOWS\system32\lcxtjhfy.dll Has been deleted!

    Attempting to delete C:\WINDOWS\system32\ledmqoyi.dll
    C:\WINDOWS\system32\ledmqoyi.dll Has been deleted!

    Attempting to delete C:\WINDOWS\system32\maijiffd.dll
    C:\WINDOWS\system32\maijiffd.dll Has been deleted!

    Attempting to delete C:\WINDOWS\system32\nikfitgi.exe
    C:\WINDOWS\system32\nikfitgi.exe Has been deleted!

    Attempting to delete C:\WINDOWS\system32\ogelqufn.exe
    C:\WINDOWS\system32\ogelqufn.exe Has been deleted!

    Attempting to delete C:\WINDOWS\system32\owehhqgp.exe
    C:\WINDOWS\system32\owehhqgp.exe Has been deleted!

    Attempting to delete C:\WINDOWS\system32\phqgpoet.exe
    C:\WINDOWS\system32\phqgpoet.exe Has been deleted!

    Attempting to delete C:\WINDOWS\system32\pmkjh.dll
    C:\WINDOWS\system32\pmkjh.dll Has been deleted!

    Attempting to delete C:\WINDOWS\system32\pwlpompx.exe
    C:\WINDOWS\system32\pwlpompx.exe Has been deleted!

    Attempting to delete C:\WINDOWS\system32\rjyhsxdi.exe
    C:\WINDOWS\system32\rjyhsxdi.exe Has been deleted!

    Attempting to delete C:\WINDOWS\system32\selayrci.ini
    C:\WINDOWS\system32\selayrci.ini Has been deleted!

    Attempting to delete C:\WINDOWS\system32\tvxoonaf.dll
    C:\WINDOWS\system32\tvxoonaf.dll Has been deleted!

    Attempting to delete C:\WINDOWS\system32\wupijqyn.exe
    C:\WINDOWS\system32\wupijqyn.exe Has been deleted!

    Attempting to delete C:\WINDOWS\system32\ymuqfcge.exe
    C:\WINDOWS\system32\ymuqfcge.exe Has been deleted!

    Performing Repairs to the registry.
    Done!
    merci
    29 Mars 2007 17:16:45

    re !
    c est encore moi ! juste une petite questions
    Est ce que apres cette demarche le virus sera detruit ?
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS